News and Updates

SAV.com Gives Domains for Sale More Exposure by Pairing New Afternic DLS Access With Its SedoMLS Connection

DN Journal - Tue, 2021-04-20 21:34
SAV.com beefs up exposure for their domain sellers with access to both major domain listing networks.
Categories: News and Updates

Car warranty company upgrades to Olive.com

Domain Name Wire - Tue, 2021-04-20 21:15

Company moves from GoGetOlive.com to Olive.com.

A company that sells extended service plans for cars has acquired the domain name Olive.com.

Olive previously used the domain GoGetOlive.com for its olive brand of car service plans. It now forwards the long domain to olive.com.

In a press release, olive CMO Paul Sherman explained why the company upgraded its domain name:

We are thrilled to announce the acquisition of olive.com. This is a direct response to the olive brand growth. Our demographics have shown that 50+% of consumers that purchased an olive plan have never purchased mechanical breakdown coverage before, therefore we want to make olive easy to access and simple to find.

The car service plan industry is one where credibility is extremely important, and a domain name like GoGetOlive.com does not scream “we’re a credible company.”

I reached out to the company for more details and will update this story if it responds.

Post link: Car warranty company upgrades to Olive.com

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

No related posts.

Categories: News and Updates

New Research Indicates Nearly 80% of Top US Energy Companies Are at Serious Risk for Cyberattacks

Domain industry news - Tue, 2021-04-20 19:15

Co-authored by CSC's Global Director Vincent D'Angelo, Senior Global Brand Security Advisor Quinn Taggart and Global Marketing Leader Sue Watts.

In light of the Biden administration's recent efforts in protecting critical infrastructure from cyber threats, new research from CSC indicates that a majority of the top energy companies in the U.S. are vulnerable to attack due to shortcomings in their online operations. Specifically, these organizations are vulnerable to domain name and domain name system (DNS) hijacking and phishing attacks based on their lack of effective domain security.

Highlights of CSC's research on these top energy companies indicates:

Nearly 80%are not usingregistry locks67%are registered withconsumer-grade domain registrars(vs enterprise-grade registrars)Only17%useDNS hosting redundancyOnly3%useDNS security extensions (DNSSEC)73%of companies useDomain-based message authentication, reporting, and conformance (DMARC)

This analysis was conducted on the 30 largest U.S. companies by market capitalization that produce and deliver energy in the U.S. With that being said, the findings are consistent with the domain security posture of 90+ global "energy" companies that are part of CSC's Forbes Global 2000 report.

Each of the security measures listed above are industry best practices that help mitigate against cyber attacks, and they're part of CSC's defense in-depth approach. Threats of not deploying these security measures include:

At CSC, we talk about locking your vital domains as being your first — and best — line of defense. Only 17% of these utility companies are leveraging tools like a registry lock, which leaves the rest vulnerable to social engineering, unauthorized DNS changes, and domain name hijacking.

In addition, 67% of these companies are relying on consumer-quality practices for securing their web domains, which puts them at exponential risk for some of today's most common cyber threats. Companies need to understand how their choice of provider fits into decisions made about their organization's overall cybersecurity posture, along with concerns about IP infringement and trademark law. When it comes to the domain ecosystem, choice of domain registrar can affect colleagues responsible for cybersecurity and IT, as well as legal (general counsel), risk, and compliance (chief risk officer) — because it has a major impact on cyber security, phishing attacks and online fraud, and brand abuse.

To manage a domain name portfolio, company's need to work with a provider that has invested in protecting its own systems. With all of the cybersecurity threats today, not only does a good domain name registrar need to have the right technology — to protect itself and client companies from a data breach — but it also needs best-in-class operations practices that put security at the forefront of its mission, and in how it engages with its clients.

An enterprise-level registrar should have ISO 27001 accredited data centers, SOC 2® compliance, third-party penetration and vulnerability testing. They should conduct regular security tests, including SQL injection and cross-site scripting (XSS). They should also be Internet Corporation for Assigned Names and Number (ICANN) and country-code top-level domain (ccTLD) registry accredited. A registrar that's qualified to serve an enterprise will offer a full accounting of all domains, DNS, and digital certificate providers. It should provide 24/7/365 support along with cybersecurity training for its staff, including phishing and social engineering awareness. It's also important for an enterprise-class registrar to:

  • Mandate written requests (never via phone)
  • Be data and General Data Protection Regulation compliant (e.g., WHOIS practices)
  • Have a registry transfer-lock policy

Looking at CSC's research, only 17% of the energy companies have DNS hosting redundancy, and the lack of this security measure makes them more susceptible to DNS vulnerabilities or a costly distributed denial of service (DDoS) attack. DNSSEC is another proven mitigation tool for DNS threats, as it protects organizations from cache poisoning, but it also has very low use at just 3%. DMARC use is optimistically high, and with the growth and damage done by phishing attacks today, this is a good sign. As the Biden administration takes a closer look at the security around major utilities, it's imperative that these organizations reassess their approaches to securing their domain security ecosystem to follow enterprise-class strategies for more effective security. All of these security measures will have an immediate effect on cyber risk at these energy companies and will help mitigate the prospect of attacks that can lead to network breaches, system outages, and nefarious actions by bad actors.

  1. This article originally published on Digital Brand Insider.

Written by Vincent D'Angelo, Global Director at CSC

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, DDoS Attack, DNS, DNS Security

Categories: News and Updates

How I finally got the domains I won on SnapNames

Domain Name Wire - Tue, 2021-04-20 13:10

I jumped through a lot of hoops to get the domains I acquired.

Last month I started buying domain names on SnapNames after a long hiatus. I purchased 20 domains over 30 days, taking advantage of SnapNames’ access to expiring Network Solutions and Register.com inventory. I’ve had to jump through a lot of hoops to get control of the domains I acquired.

I blame buggy systems for the majority of the issues. SnapNames makes GoDaddy Auctions look like the latter is built on pristine, modern code.

Let’s start with the weirdest issue that causes the most pain. SnapNames creates a lot of new registrar accounts to put your domains in. In my case, it has split the 20 domains into five accounts.

Each time SnapNames creates an account, you have to do a “forgot password” process to get control of the account. Then, unless you want to manage lots of logins, you have to merge the accounts. It’s a fairly simple process once you figure out how to do it (Network Solutions’ own instructions are incorrect).

Merging works most of the time. But in one case, I got this cryptic error message:

After 30 minutes with Network Solutions support and an escalation to the “back office,” I learned that you could not merge accounts that have .IO domains in them. I have no idea why, but an error message that states, “You can’t merge accounts with .IO domains in them,” would have saved me and Network Solutions a lot of time. Network Solutions told me I could transfer the domains individually into my other account, except that Network Solutions puts a 60-day lock on new registrations even for internal transfers.

I ran into another issue with some accounts. I tried to do a password reset when I got the usernames from SnapNames, but I didn’t get the reset email. I tried it multiple times over multiple days. Then, looking closely at the obscured email address Network Solutions said it was sending the reset emails to, I noticed it had a different number of characters than my email address.

Somehow, Network Solutions managed to change my email address. It dropped the plus sign from the email address I use (more on that later) and created Network Solutions accounts using the incorrect email address.

When I asked SnapNames how to fix this, they told me to talk to Network Solutions. Network Solutions told me I needed to send in a copy of a photo ID, a utility bill, and a notarized letter to get control of the accounts.

I can appreciate Network Solutions improving its security measures given the number of thefts it faces. But at this point, I’m talking about spending even more time going to a notary (during the pandemic!). I was also worried because the Gmail address Network Solutions used to create these accounts didn’t exist. If someone sent an email to the email address in Whois and got a bounceback message, they could register the Gmail address and get control of the domains.

So I registered a brand new Gmail address that matched the bad address SnapNames used. Now I have access to all of my domains. Yay!

(I went back in forth with SnapNames support about not receiving a domain at Moniker I was owed, too. It turns out it was due to the incorrect email address.)

Web.com’s trouble ticket systems are also broken, leading to headaches resolving these issues.

The first ticket I submitted to Network Solutions went through just fine. Subsequent tickets disappeared when I submitted them.

After working for a while, SnapNames’ support kept giving me a security error. Monday, when I checked if it was fixed, clicking the support ticket link on the Contact Us page just forwarded to the Contact Us page, sending me in an endless loop. I tried it in Chrome and Firefox.

Add in other weird things, like the Order History page telling me I was the winner of auctions I didn’t win…

And you’re left with a decrepit system.

It’s important to keep track of your wins to make sure you get your domains. And plan on spending time to get your domains. All told, I probably spent over 10 hours just getting control of the domains I already paid for.

Web.com leaves thousands of dollars a day on the table with old bidding apps that don’t properly send alerts and customers who aren’t willing to put up with the headaches necessary to get control of domains they win.

I hope that Web.com, under its new Newfold Digital umbrella, will create a new expired domain system that replaces SnapNames and NameJet. It’s time for something new, built from the bottom up.

Post link: How I finally got the domains I won on SnapNames

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Web.com acquires SnapNames
  2. Some SnapNames-caught domains to be managed at NetworkSolutions
  3. Web.com paid $7.4 million for SnapNames
Categories: News and Updates

The Multistakeholder Moment of Truth: Will Stakeholders Hold ICANN Accountable?

Domain industry news - Mon, 2021-04-19 22:07

During the two-year period preceding the IANA transition in 2016, there was a near-superhuman effort put forth by the community of stakeholders to design, debate, and deploy an accountability framework for ICANN that would serve to check and balance the coordinator of the global DNS. One of the overriding concerns that stakeholders sought to address was the possibility of ICANN being captured, and it was argued that the global community of stakeholders would serve as a "backstop" that would hold ICANN accountable.

This framework is threatened now as never before by ICANN's absurd contravention of its own Bylaws and contractual obligations. I have written extensively about the extant InterNIC licensing agreement — which merges by direct reference the terms of the Memorandum of Understanding — between the U.S. government and ICANN and which is being violated by ICANN on multiple fronts. But ICANN is also violating its own corporate Bylaws and this is unacceptable. Specifically, Section 2.2. RESTRICTIONS states that, "ICANN shall not act as a Domain Name System Registry or Registrar or Internet Protocol Address Registry in competition with entities affected by the policies of ICANN." Yet, ICANN's iana.org website admits, in their own words, "(w)e act as both the registrant and registrar for a select number of domains which have been reserved under policy grounds."

It is important to note that ICANN's Bylaw Section 2.2 does not create a carveout for domains reserved under "policy grounds" nor does it create any sort of loophole for joining with contracted parties to speculate in the domain name secondary market with warehoused and cybersquatted domain names. It simply and clearly prohibits ICANN from acting as a registrar, period.

This sort of bad-faith misbehavior is precisely what was anticipated by the accountability work undertaken prior to the IANA transition. But the checks-and-balances are dependent entirely on active and vigorous community involvement and, in the absence of which, ICANN along with its contracted parties and other collaborationists will do whatever they like. Such is the case with single-character labels in the legacy registries. Let's recap:

  1. ICANN is subject to multiple prohibitions — contained in the organization's Bylaws and in extant contractual agreements with the U.S. government — against operating as a domain name registrar, yet it does so brazenly;
  2. ICANN, in conjunction with one or more legacy registry operators, is seeking to encroach on and compete in the domain name secondary market by improperly auctioning to the highest bidder or otherwise selling domain name registrations which are improperly warehoused and cybersquatted and have been since 2000; and,
  3. ICANN has disregarded formal advice from its IP Constituency (IPC) while setting aside standard processes, procedures, and protections in order to speculate with domain names that it has no rights to. In other words, it is infringing on the rights of others by warehousing, cybersquatting, and seeking to sell domain name registrations rather than ensuring their legitimate release subject to standard procedures and protections.

This is absurd, illegitimate, and just plain wrong on so many levels that it is difficult to know where to begin. But if this improper behavior is allowed to continue then what exactly are we doing here? There is no incentive for stakeholders to volunteer their time, talent, and energy for developing processes and procedures that are set aside or otherwise eviscerated whenever ICANN and its contracted parties become overtaken by self-interested profit motives. Nor can anyone rely on ICANN's assurances and promises when it is given to such arbitrary and capricious whims.

Anyone believing that what is occurring doesn't impact them is allowing hope to triumph over experience. History is replete with examples of what happens when organizations become unaccountable and are left unchecked but there are few, if any, examples of an unchecked organization becoming sated. Rather, the lack of any discernible opposition only emboldens further overreach while whetting an increasingly ravenous appetite at the same time.

Every single stakeholder has an interest in ICANN adhering to its Bylaws, procedures, protections, and extant contractual obligations. If we define our interests only narrowly then we are doing ourselves, our fellow stakeholders, and the Internet an immense disservice. We would do better to heed the warning contained in the closing words of Martin Niemöller's 1946 poem, First They Came..., "(t)hen they came for me — and there was no one left to speak for me."

For those of us concerned with intellectual property — whether copyright or trademark — where is the outrage and resistance to ICANN's disregard for hard-won standard processes, procedures, and protections for domain names? Does anyone sincerely believe that allowing trademark protections to be set aside now will result in anything other than further and expanded encroachment on intellectual property protections in the future? The International Trademark Association (INTA), copyright interests, and others should be leading the charge to defend these critically important safeguards and advocating forcefully for their expanded use, not sitting idly by while they are narrowed or disregarded altogether.

ICANN and its contracted parties are illegitimately warehousing and cybersquatting domain names for speculative purposes. This behavior is an unacceptable anti-competitive incursion into the secondary market. The Internet Commerce Association (ICA) and its members should be holding ICANN accountable to its Bylaws which were put in place specifically to prohibit this sort of transgression rather than remaining silent and hoping that such behavior left unchecked will end of its own accord.

These groups and others — indeed, all stakeholders — are vested with the responsibility of defending against this sort of illegitimate encroachment and the community is supposed to work together to provide a backstop of accountability to ICANN in the stead of the previously governmental oversight. Thusly, silence and apathy have no place in multistakeholder governance which, to have any efficacy at all, requires stakeholders to clearly understand the interdependent nature of community-led oversight. We all have parochial interests, but when ICANN is violating its own Bylaws so blatantly and absurdly, those interests must be viewed through a much wider lens akin to that of NATO's Article 5: an attack on one is considered an attack on all.

This is our Internet and if it is to stay that way then the deafening silence and passive resignation of the stakeholder community must end now.

Written by Greg Thomas, Founder of DNSDecrypt

Follow CircleID on Twitter

More under: DNS, Domain Names, ICANN, Internet Governance, Policy & Regulation, Registry Services

Categories: News and Updates

The 6G Hype is Already Starting

Domain industry news - Mon, 2021-04-19 19:22

Even though 5G hasn't yet made it onto any cellphone, the wireless vendor industry is already off and running looking at the next generation of wireless technology that has been dubbed as 6G.

Hexa-X project aims to be the next generation of wireless networks (Hexa) by explorative research (X). Its vision is to connect human, physical, and digital worlds with a fabric of 6G key enablers. (Image: Nokia Bell Labs)

This recent article describes the European Union Hexa-X project that started in January to look at developing specifications for next-generation wireless technology using terahertz spectrum. The initiative will be led by Nokia Bell Labs and Ericsson. Similar research is being done elsewhere around the world by companies such as Huawei, NTT, and Samsung.

6G wireless will explore using the high frequencies between 100 GHz and 1 THz (terahertz), collectively referred to as terahertz frequencies. These are radio waves that are just below the frequencies of infrared light. These frequencies have such short waves that the frequencies could carry as much as 1,000 times more bandwidth than the frequencies used in cellphones today at the upper end.

But there is a huge trade-off for the huge bandwidth capacity in that these frequencies travel only short distances, measured in a few feet, before starting to dissipate. These frequencies will not pass through any obstacle and need a clear line of sight.

It's likely that any 6G technology will be used for indoor data transmission, and 6G could become the fastest delivery mechanism of bandwidth to use within a room between devices. The bandwidth capabilities of these superhigh frequencies could finally fully enable technologies like telepresence (I finally get a holodeck!) or cobots (interactive robots).

Of course, like with any new technology, there is also already hype. Samsung recently released a whitepaper that said that using terahertz waves for cellphones is 'inevitable.' Long before we try to somehow tame terahertz frequencies in the wild, we need first to figure out millimeter-wave cellular technologies. The current use of millimeter-wave hotspots in downtown metropolitan areas has provided cover for cellular carriers to hype gigabit speeds 5G — but this is a miserable technology in terms of usefulness or reliability. The millimeter-wave spectrum is blocked by everything in the environment, including the body of the user.

More importantly, I've never heard anybody make a coherent description of why we need to deliver gigabit or faster speeds to cellphones. If we modify cellphones to process data that quickly, we'll need to find a way to recharge the phones every hour. While I understand why engineers go gaga over the idea of delivering a hundred or a thousand times more data to a cellphone, we need a reality check to ask why anybody would want to do that. Smartphones might be the most important technology developed in this century, but there seems to be little need to turn cellphones into a walking data center unless we also want to start carrying around small air-conditioning units to keep the chips cool.

It makes sense that device makers like Nokia and Ericsson would get excited over the next generation of wireless devices. It's not hard to envision entirely new technologies twenty years from now that take advantage of terahertz frequencies. Seriously, who is not going to want a holodeck in their living room?

Interestingly, the introduction of 6G is likely going to be of less value to the big cellular carriers. These companies have already started to lose the indoor battle for 5G. Verizon and AT&T had once envisioned a world where homeowners would buy monthly 5G data plans for all of the wired devices in our home. But the FCC already gutted that idea by releasing 6 GHz spectrum for free use, which manufacturers are marrying to the new WiFi 6 standard. As is inevitable, a free solution that doesn't require a monthly subscription is going to capture most of the indoor market. We're not going to be buying a 5G subscription for our 8K TV when we have WiFi 6 operating from a $100 router.

One has to imagine the same future for terahertz frequencies. The FCC will eventually create at least one band of terahertz frequency that anybody can use, and that's the frequency that will power the superfast devices in our homes and offices.

One thing that the early 6G hype fails to mention is the fiber networks that will be needed to fuel superfast applications. We aren't going to be operating a holodeck using a measly 1 Gbps broadband connection. Twenty years from now, techie households will be screaming for the delivery of 100 Gbps bandwidth to support their terahertz gaming applications.

Written by Doug Dawson, President at CCG Consulting

Follow CircleID on Twitter

More under: Access Providers, Broadband, Mobile Internet, Telecom, Wireless

Categories: News and Updates

Sav joins Afternic Fast Transfer network

Domain Name Wire - Mon, 2021-04-19 19:00

Domain registrar known for low prices and domain investor tools adds Afternic Fast Transfer capability.

Sav.com has made a name for itself over the past year or two thanks to its low prices and tools for domain investors. Domain investor Anthos Chrysanthou founded the company.

The company now has the one missing piece that holds many domain investors back from using a particular registrar: Afternic Fast Transfer. Sav officially integrated with the network today.

With Afternic Fast Transfer, domain investors with domains at Sav who opt into the network can list their domains across Afternic’s syndication network, which includes GoDaddy. Customers at other registrars can buy domains and they are automatically transferred to their accounts.

Sav.com is also a member of Sedo MLS, so domainers can list their domains held at Sav.com on both platforms.

Post link: Sav joins Afternic Fast Transfer network

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Google Domains joins Afternic
  2. Epik continues to bash GoDaddy. GoDaddy says this is why it dropped Epik
  3. GoDaddy’s Afternic had security hole
Categories: News and Updates

Could Bulk-Registered Typosquatting Domains Be Connected to .ORG DNS Abuse?

Domain industry news - Mon, 2021-04-19 18:49

Public Interest Registry (PIR) announced the creation of the DNS Abuse Institute about two months ago as it believes that "every .ORG makes the world a better place" and "anything that gets in the way of that is a threat," notably in the form of Domain Name System (DNS) abuse.

To show support for the initiative, WhoisXML API analyzed monthly typosquatting data feeds for December 2020, January 2021, and February 2021 to identify .ORG domain trends that could help the DNS community and PIR check if recently bulk-registered .ORG domains can be considered trustworthy.

The Data

We downloaded enriched typosquatting data feeds, which include WHOIS details, for each month and selected bulk domain registrations where one or more .ORG domains have been identified as part of a group also containing other top-level domains (TLDs). Here are some examples of bulk-registered domain groups found:

  • talkradio101[.]live
  • talkradio101[.]biz
  • talkradio101[.]world
  • talkradio101[.]org

Or:

  • amazusn-mail[.]info
  • amazcun-mail[.]com
  • amazusn-mail[.]com
  • amazcun-mail[.]info
  • amazuun-mail[.]com
  • amazuun-mail[.]shop
  • amazusn-mail[.]org
  • amazcun-mail[.]org
  • amazuun-mail[.]info
  • amazuun-mail[.]org

With this selection criterion in mind, a total of 184,248 bulk-registered domains — same or similar-looking domains with different TLD extensions registered at the same time — made their way into the DNS from 1 December 2020 to 28 February 2021. As such, roughly 60,000 potential typosquatting domains were detected per month on average.

Chart 1: Number of potential typosquatting domains detected from 1 December 2020 to 28 February 2021 in our samples

Our Findings

Of the 184,248 potential typosquatting domains, 29% (53,193 domains) use the .ORG TLD. So, an average of 17,731 .ORG domains in our sample made it into the DNS each month. The volume of .ORG domains compared with those that use other TLD extensions is not surprising, given that .ORG remains the third most popularly used extension in 2020.

Chart 2: Comparison of number of potential typosquatting domains that use .ORG and other TLDs

Considering the specified country of registration, a vast majority of the .ORG domains appeared to be registered in the U.S. (26,472), followed by Canada (5,798) and Panama (3,140). The top 4-15 registrant countries, meanwhile, are France (2,471), Germany (2,428), the U.K. (2,215), Turkey (1,119), India (947), China (863), Spain (759), Italy (747), the Netherlands (425), Switzerland (420), Japan (379), and Sweden (357). Together, the top 15 registrant countries accounted for 48,540 or 91% of the total number of potentially typosquatting .ORG domains. The remaining 4,529 .ORG domains were registered across 127 countries.

Chart 3: Top 15 .ORG domain registrant countries

What's more, a total of 21,145 of the 53,193 .ORG domains (40%) had WHOIS records that were redacted, privacy-protected, or didn't have identifiable owners. Some interesting but vague registrant identifiers include "marketing," "self," and "owner."

Chart 4: Comparison of attributable versus non-attributable .ORG domains

While redacting one's personally identifiable information (PII) from a domain's WHOIS record is not indicative of malicious intent, hiding behind anonymity is also a typical cybercriminal modus operandi. Also, in our experience, large organizations are known to keep their WHOIS records public.

An example of a malicious .ORG domain whose WHOIS record is privacy-protected is rakvtnuum[.]org. This domain was bulk-registered along with 12 look-alikes on 1 December 2020.

Chart 5: Malware database check for rakvtnuum[.]org

Another variant (rakvtguum[.]org) is also tagged "malicious" on VirusTotal. Like the former, its WHOIS record is privacy-protected.

Given the data points above, monitoring bulk-registered .ORG domain registrations with redacted, privacy-protected, or incomplete WHOIS record data using typosquatting data feeds could be a way to detect and respond to DNS abuse.

Written by Jonathan Zhang, Founder and CEO of WhoisXMLAPI & ThreatIntelligencePlatform.com

Follow CircleID on Twitter

More under: DNS, DNS Security, Brand Protection, Registry Services, Whois

Categories: News and Updates

Threats don’t play well in cybersquatting disputes

Domain Name Wire - Mon, 2021-04-19 17:58

These two domain owners tried to play hardball and got nothing.

How you approach a potential buyer for your domain impacts what happens in a UDRP hearing. Here are two examples.

A World Intellectual Property Organization ordered Magna.co transferred to Magna International Inc., a company that uses Magna.com.

Magna is a dictionary word and the name of a town. A registrant could fairly register it in good faith. But when you use the following approach to try to sell it, a UDRP panel is likely to view you unfavorably.

The owner of Magna.co sent a LinkedIn message to someone at Magna International in August 2020:

I own Magna.co domain name and I am reaching out to few companies to explore a possible sale of the domain name.

When I setup [sic] the email address for magna.co to contact potential end users, I started receiving business emails concerning your company (check attachment).

Would you be interested in owning this domain name to protect your business information and brand

Magna International rejected the offer. The Respondent then apparently raised his price before sending this message:

Thank you for your reply. I thought its [sic] better that your company owns this domain name. In the last three weeks I got 350+ emails concerning your company.

Imagine your competitors American Axle & Manufacturing, Lear Corporation, Visteon, Faurecia, Linamar, Aptiv or Gentex owning the domain name and what information they can extract from the emails to gain advantage on your company. It can be a minor leak with serious consequences.

Once the domain is sold to an end user its [sic] very difficult and expensive to own. If you are reconsidering this matter, Visit magna.co and submit your offer.

In another recent case, T. Rowe Price CEO Bill Stromberg won a UDRP against the owner of BillStromgberg.com. It would be harder for the owner of this domain to justify registering the domain in good faith. But its sales pitch to Stromberg sealed its fate in the ensuing UDRP:

Subject: Urgent – CEO Domain

Hello Mr. Stromberg,

Without prejudice, we are getting in touch with you, with regards to the following domain:

billstromberg.com [billstromberg.com]

We are a brand protection agency and our team has secured this domain. Our team values it at $9,725.

The CEO is an integral part of a company. If a competitor were to get control of a CEO’s domain name and point it to one of their assets or worse still, to malicious websites, it would be incredibly embarrassing for a public company. It could hurt sales as well as brand reputation. Shareholders wouldn’t be too pleased once it reaches the media. Especially as the above domain will rank number one on Google.

For that reason, we always advise clients to secure their personal domain names as soon as possible. The domain can be used by anyone, for anything. It’s a great asset to have in your control whether used or not. This prevents potential abuse from competitors as well as disgruntled employees.

We are here to help prevent that and to protect your assets. Please do get in touch, if you’re interested.

Thanks,

Lewis Davids
Victor Platinum

Both domain name owners attempted to defend the domains in the UDRPs but they had steep curves to overcome.

 

Post link: Threats don’t play well in cybersquatting disputes

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. New York Times Correctly Defines Cybersquatting
  2. CBNT.com UDRP decision is bad, but domain owner should take some of the blame
  3. UDRP works. Here’s how to fix it.
Categories: News and Updates

Tackling DNS Abuse – DNW Podcast #334

Domain Name Wire - Mon, 2021-04-19 15:30

New group wants to get a handle on DNS abuse such as phishing and malware distribution.

My guest this week is Graeme Bunton, Director of the new DNS Abuse Institute. We discuss types of DNS abuse and how the institute plans to help the domain name ecosystem combat abuse.

Tip of the week: Bulk auth codes at NameBright

Also: Blockbuster Angel.com sale, Facebook lawsuit, Queen of .XYZ

Sponsor: Sav.com

Subscribe via Apple Podcasts to listen to the Domain Name Wire podcast on your iPhone or iPad, or click play above or download to begin listening. (Listen to previous podcasts here.)

Post link: Tackling DNS Abuse – DNW Podcast #334

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. New Domain Transfer Policy – DNW Podcast #111
  2. Domain pricing with Jeffrey Gabriel – DNW Podcast #242
  3. A new TLD update with Sandeep Ramchandani – DNW Podcast #248
Categories: News and Updates

Namecheap reports 36% revenue growth in Q1

Domain Name Wire - Mon, 2021-04-19 15:17

Domain registrar and hosting firm reports continued strong growth in the first quarter of 2021.

Privately held domain name registrar Namecheap revealed its Q1 results to Domain Name Wire today.

The company generated over $62 million in revenue in the first quarter of 2021, up 36% from its results in the same quarter last year.

The company added 665,000 domains under management last quarter, taking its total domains under management to over 13.26 million. That’s up 2.53 million (24%) since Q1 2020.

Customer growth continues at a fast clip. Namecheap added 390,000 new customers in Q1 2021, a 79% increase over the same period last year. This follows 1.1 million new customers last year, so the fast growth continues. The company reports that it has seen significant growth across its product portfolio, including in its hosting, email, security certificates, and Managed WordPress products, amongst others. 

Post link: Namecheap reports 36% revenue growth in Q1

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Namecheap search “favorites” is cool. I’m still waiting for better new TLD search.
  2. .Com Winners & Losers: NameSilo enters top 10 overall
  3. Namecheap posts $149 million revenue in 2019
Categories: News and Updates

Cybersecurity, an Essential Weapon in the Cyberwarfare to Protect Our Democracy

Domain industry news - Fri, 2021-04-16 18:25

We see the problems that we are facing within an increasingly digital society and economy. We cannot go backward; the only way forward is to ensure that this new digital environment is made as safe as possible from a personal, social, political and economic perspective. We are currently struggling on these fronts.

Unfortunately, we have now clearly entered a situation of cyber warfare. States now use digital technologies to impose and undermine ideologies. We see totalitarian regimes using it to interfere with elections as well as using it to control and suppress their own population.

This is buttressed within countries by digital control and manipulation of news and information. Internationally, they also use other tactics to force countries to succumb to their totalitarian ideology through trade wars and other economic means.

With cyberattacks on the increase, utility providers and consumers are turning to private wireless networks to mitigate risks.

Cyberwarfare is more of a threat to democratic nations than to the countries under totalitarian regimes. While totalitarian regimes ultimately often fail, they need to be transformed from within, and that could take a long time.

Such regimes, especially when they are powerful, can create a lot of international damage and indeed seriously undermine democratic nations.

Global and political problems linked to cyberwarfare are more important than the personal cyber problems we face, including the commercial surveillance systems from digital companies such as Facebook and Google. That is not to say that we should not do anything about this.

But if we need to set priorities on cybersecurity, international cyberwarfare is the most serious issue.

We can manage personal cybersecurity issues, to a large extent, through regulations. Clearly, there is now a global focus on reigning in the excessive powers of the digital giants.

Obviously, it is far more difficult to regulate international cyberwarfare. It is not totally impossible, as nations on both sides of the ideological divide in the past have been able to do this in relation to nuclear warfare.

We will need to be prepared to strengthen our democratic principles to withstand the onslaught of cyber warfare. However, this will mean that some personal freedoms might be affected. This is not unlike situations in real warfare.

Peter Coroneos, the International Vice President of CyAN, the Cybersecurity Advisors Network and Australia's top cyber legal and regulatory expert, Professor Patrick Fair, recently conducted lectures on these pressing issues.

Is the Government's cybersecurity advice following Russian trolling activity sufficient or are deeper protections required?

Professor Fair listed a range of initiatives taken by the Australian Government over recent years. They include:

  • Changes to foreign investment rules;
  • New online safety legislation;
  • Surveillance Legislation Amendment (Identify and Disrupt) Bill;
  • New framework for Security of Critical Infrastructure;
  • Review of the Privacy Act.
  • Digital identity framework;

Inquiry into extremist movements and radicalism in Australia; and

Telecommunications security sector reform review.

On top of this, there are other regulations in the financial sector but especially also in the telecommunications sector. The key elements of the initiatives are broadly supported by the experts in the industry, but they do encounter problems.

A key issue is and has been, time and time again, the rushing through of legislation without proper industry consultation.

This is more important than ever when the Government is wanting to gain access to the latest communications and data storage platforms for law enforcement and security purposes, including where it will disrupt, take over, modify functionality or install its own software. These aggressive new powers need to be used carefully, with appropriate transparency and supervision provisions that are often absent from the first drafts of the law.

The second area of concern is that we have a hopscotch of rules, legislation, and regulations rather than taking a holistic approach. This creates confusion, leads to mistakes, and waters down the overall robustness of cybersecurity.

An extension of this issue is that it is unclear where it overlaps, replaces, or supersedes similar sorts of regulation in this industry.

While there is no doubt that cybersecurity is one of the most important issues that democratic nations need to address, it is equally important that this is done in a comprehensive and sensible way to ensure that we do get the best possible outcomes of this legislation.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, Internet Governance, Policy & Regulation

Categories: News and Updates

What Are the Connections to Identified Hafnium Malicious IP Addresses?

Domain industry news - Fri, 2021-04-16 18:11

Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks.

With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to?

Second, the zero-day attack calls for immediate patches for affected organizations. Finally, it brought to light another essential question: What other zero-day vulnerabilities are there?

A Deep Look into the Hafnium IP Addresses

Several cybersecurity experts and organizations, including Malwarebytes and Info Tech, released the attack's technical details. VirusTotal also mapped out several nodes related to the Hafnium threat actor group.

From all these sources, we extracted 92 malicious IP addresses, then used domain and IP intelligence sources to glean insights into the following:

  • IP netblock ownership
  • IP geolocation
  • Domain associations
IP Netblock Ownership

Tracing which IP netblock a malicious IP address belongs to can help identify the entities administering it. Such knowledge could make the takedown process easier.

The Autonomous System (AS) names and NETNAMEs of the Hafnium IP addresses indicate most of them are owned by cloud service providers and telecommunications companies.

In fact, eight of the top 10 entities associated with the 92 IP addresses are part of the telecommunications industry. One is a cloud computing company, Digital Ocean, which also manages 26% of the blacklisted IP addresses in this study. Another owner is a tech solutions company.

IP Geolocation

The Hafnium group is believed to be from China, although they lease servers in the U.S. as well. IP geolocation details support this, as 21 of the IP addresses are geolocated in China, and several of the top 10 geolocations are neighboring countries. Still, attributing the attack to threat actors from a particular country is not straightforward.

Domain Associations

Passive Domain Name System (DNS) data suggests that at least 25% of the IP addresses are dedicated, having only 1-11 associated domains each.

One noteworthy IP address is 211[.]56[.]98[.]146, which has been identified as an indicator of compromise (IoC) related to the Microsoft Exchange Server zero-day attack. Only one subdomain resolves to the IP address — c3kr[.]simonxu[.]cc.

While this subdomain and its root domain have been tagged "malicious" on VirusTotal, some simonxu[.]cc subdomains are still deemed clean. The following are a few of the subdomains, along with the IP addresses returned by DNS lookups:

SubdomainIP Address from DNS LookupIP Netblockdzhsh[.]simonxu[.]cc114[.]80[.]157[.]59114[.]80[.]0[.]0 – 114[.]80[.]255[.]255hongkong[.]simonxu[.]cc119[.]8[.]100[.]78119[.]8[.]96[.]0 – 119[.]8[.]127[.]255japan[.]simonxu[.]cc180[.]149[.]230[.]45180[.]149[.]230[.]0 – 180[.]149[.]230[.]255ocservjp[.]simonxu[.]cc180[.]149[.]230[.]45180[.]149[.]230[.]0 – 180[.]149[.]230[.]255proxy[.]simonxu[.]cc180[.]149[.]230[.]45180[.]149[.]230[.]0 – 180[.]149[.]230[.]255proxy[.]east2south[.]simonxu[.]cc122[.]112[.]205[.]150122[.]112[.]200[.]0 – 122[.]112[.]207[.]255

These IP addresses and their netblocks are not among the initial Hafnium-related addresses under study, but they seem to share similar characteristics, such as being dedicated and assigned to telecommunications companies.

Aside from applying vulnerability patches as they are made available, security teams could, if applicable, limit or altogether prevent network communications with unknown and suspicious IP addresses. Such an action may be prudent, especially since the Hafnium cyber attack group could have more IP addresses and domains in their arsenal, besides those already published.

Written by Jonathan Zhang, Founder and CEO of WhoisXMLAPI & ThreatIntelligencePlatform.com

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Cybersecurity, DNS, Domain Names, Threat Intelligence

Categories: News and Updates

Squarespace files to go public

Domain Name Wire - Fri, 2021-04-16 18:03

Site builder files S-1.

Squarespace is a site builder that makes it easy to create and launch websites.

One month after raising $300 million from investors, website building software company Squarespace has filed its S-1 with the SEC to allow investors to sell their shares on the market.

Here’s a look at Squarespace’s business by the numbers.

  • 3.7 million unique subscriptions at the end of 2020, up from 3.0 million at end of 2019. This includes standalone sites, standalone scheduling subscriptions, and social service subscriptions.
  • $621 million annual revenue in 2020, up from $485 million in 2019. 28% revenue growth.
  • $150 million cashflow from operations in 2020, up from $102 million. Net income $58 million, up from $31 million. Net income was $31M in 2020, down from $58M in 2019
  • $142 million commerce revenue, up 78% YoY.
  • 12 month ARPU of $187.

Squarespace is an easier-to-use alternative to WordPress. It competes with Wix, Weebly, and GoDaddy’s site builder.

Post link: Squarespace files to go public

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Squarespace starts offering domain name registration
  2. Testing out the website builders: Wix, Weebly and Squarespace
  3. The problem with WordPress
Categories: News and Updates

Facebook sues Web.com’s NVSC for cybersquatting

Domain Name Wire - Fri, 2021-04-16 14:23

Social media company alleges that Web.com subsidiary owns 74 infringing domain names.

Facebook has filed a lawsuit (pdf) against New Ventures Services Corp (NVSC) for alleged cybersquatting of its brands, including Facebook, Instagram and WhatsApp.

NVSC is a Web.com subsidiary that holds domain names for traffic revenue and resale. It gets many of its domain names by cherry-picking expiring domain names from Web.com registrars, including Register.com and Network Solutions. (Web.com was acquired by a new entity called Newfold Digital earlier this year.)

Facebook alleges that NVCS holds at least 74 domain names that infringe its marks, including FacebookBusinessLeads .com, Instagram-Online .com and InstallWhatsApp .com.

Many of these domains are parked with links to a Network Solutions page where the domains can be purchased for as little as $300.

Last year, Facebook sued domain name registrar Namecheap and its proxy service in a cybersquatting suit. In that case, Facebook alleges that Namecheap customers registered infringing domain names.

Post link: Facebook sues Web.com’s NVSC for cybersquatting

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Facebook sues domain name registrar OnlineNic
  2. Facebook wins GameRoom.com dispute
  3. Addicting.com domain lawsuit settled
Categories: News and Updates

Telling the Truth About 5G

Domain industry news - Thu, 2021-04-15 19:22

I still run across articles that extol the supposed wonders of 5G. The most recent, published in Gizmodo asks "How 5G Could Replace Your Home Broadband Connection”. I was surprised to see an article like this in a tech-oriented site because the article gets most of the facts wrong about 5G — facts that are not hard to verify.

This article talks about 5G having "faster download speeds, faster upload speeds, more bandwidth, and lower latency" than landline broadband. The author talks about having gigabit speeds on 5G. The article is clearly talking about 5G cellular technology. The author talks about sticking a SIM card in a router and using this fast 5G instead of wired broadband. The article hints that 5G may be the savior for poor rural broadband. This all sounds like it came directly from the sales pitch that the big cellular carriers have been making to politicians for the last five years — 5G will transform the world.

The article talks about an AT&T cellular hotspot product that can handle data speeds up to 1 gigabit. The article mentions the T-Mobile Home Internet product and also mentions speeds up to 1 gigabit. Those two carriers mention the word gigabit in their advertising, but the author fails to understand that in urban areas, these products might deliver speeds at something under 100 Mbps, and in rural America, where the products are aimed to serve, speeds are likely going to be south of 20 Mbps.

Finally, the article swallows the industry rhetoric and gives the label of 5G to the Verizon Home product — which is fiber-to-the-curb. The keyword in that technology description is fiber — Verizon builds a fiber just outside of the home for this to work. This product is not even a distant cousin of cellular data.

And that's where this author and a large number of other articles miss the boat about 5G. 5G is a cellular technology. Its sole purpose of 5G is to make cell sites perform better. Today there is no 5G anywhere on the planet because the 5G features that will make cell sites perform better have not yet been incorporated into cell sites or into phones. We can expect to start seeing these features over the next 3-4 years at cell sites, and a few years longer as future generations of cellphones can use the new features.

The author has fallen for the carrier hype that 5G will be blazingly fast. It will not be fast in the vast majority of circumstances. The 5G specifications call for cell towers to reliably deliver 100 Mbps cellular data to big numbers of cellphones or devices. The industry vendors might find a way to outperform that goal — but there is no wireless engineer anywhere thinking we'll be delivering gigabit speeds to cellphones using 5G.

The biggest trap the author fell into is buying into the carrier rhetoric about gigabit speeds. The carriers have wireless products with fast broadband using millimeter-wave spectrum. The first was mentioned above, which is Verizon's Home product. The second comes from the deployment of millimeter-wave hot spots in downtown areas. These hotspots are the equivalent of putting a faster hotspot like the ones used at a Starbucks on a pole and beaming broadband to anybody within 500 feet.

Both of these applications are fast. Both use millimeter-wave spectrum. But both require a customer to be within close proximity to a fiber. Most importantly, these technologies are not 5G. They don't currently use and will never use any of the 5G technology improvements that will make cellular phones perform better. I'm sometimes tempted to post an entire blog that, reminiscent of Jack Torrence in The Shining, types over and over, "Millimeter-wave spectrum is not 5G. Millimeter-wave spectrum is not 5G".

I occasionally reply to one of these articles, and this one is particularly egregious because such articles magnify the false stories that the carriers have been trying to sell to the public, which is that 5G is an amazing technology that will transform the world — any day now, but not quite today. Such articles keep telling people to hold out for a technology that isn't coming. Yes, there will be rural 5G hotspot products for households. But let's please tell the truth — I'll be surprised if the average rural home ever reaches 50 Mbps on the technology.

Written by Doug Dawson, President at CCG Consulting

Follow CircleID on Twitter

More under: Access Providers, Broadband, Telecom, Wireless

Categories: News and Updates

Angel.com domain name sells for $2 million

Domain Name Wire - Thu, 2021-04-15 18:36

Sedo broker Dave Evanson brokers megadeal.

Sedo domain name broker Dave Evanson announced today that he brokered the sale of Angel.com for $2 million:

Just sold Angel .com for $2,000,000.00!! Congrats to buyer and seller!! Look for the domain to be put to use very soon!

— dave evanson (@SedoDaveEvanson) April 15, 2021

Based on historical Whois records from DomainTools, the seller is Genesys Telecommunications Laboratories, Inc. Genesys acquired teleco company Angel.com in 2013 and rebranded the product as Genesys Premier Edition.

The domain is currently pending transfer at the domain name registrar CSC.

The buyer is not yet known, but one prospective buyer is AngelList. It uses the domain Angel.co. [Update: the domain name forwards to Angel Studios, a group with crowdfunding platform for movies and other entertainment.]

This is the second public seven-figure sale of the year. Last year there was one public seven figure sale (Bullish.com for $1.08 million).

Post link: Angel.com domain name sells for $2 million

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. Shop.app domain name sells for $200,000
  2. Revolution.org Sells for $120,000
  3. Moviles.net Domain Name Sells for $35,000
Categories: News and Updates

Security company Proofpoint files for reverse Whois patent

Domain Name Wire - Thu, 2021-04-15 17:23

Proofpoint wants a patent for its domain discovery system.

A figure from Proofpoint’s patent application showing reverse Whois data.

Cybersecurity company Proofpoint (NASDAQ: PFPT) has filed a patent application (pdf) for a reverse Whois system.

Reverse Whois refers to finding all of the domain names associated with a given owner. A typical reverse Whois lookup involves using an email address or Registrant Name in Whois and discovering the domain names associated with it.

Proofpoint’s system is designed to start with a seed domain name owned by a company. It then runs reverse Whois checks on the Whois data and infrastructure around the domain name. It uses what data is available to try to determine all of the domains owned by the same entity.

If the domain uses Whois privacy, it will look at the domain’s infrastructure (name servers, IP addresses, MX records, etc.). The system can use a combination of data to try to ascertain which domains belong to the entity.

One goal of a system like this is to determine when a bad actor registers a brand domain.

The system sounds a lot like some of the tools that DomainTools offers.

Proofpoint filed the original patent application (Ser. No. 16/244,955) in January 2019 and filed a continuation patent application (Ser. No. 17/129804) in December 2020. The U.S. Patent and Trademark Office published the continuation application today.

 

Post link: Security company Proofpoint files for reverse Whois patent

© DomainNameWire.com 2021. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact editor (at) domainnamewire.com. Latest domain news at DNW.com: Domain Name Wire.

Related posts:
  1. DomainTools is about to get more expensive for some users
  2. The Poor Man’s Registrant Lookup
  3. Every Domain Owner Should Subscribe to DomainTools’ Registrant Alert
Categories: News and Updates

The Domain Industry Keeps on Growing and Changing

Domain industry news - Thu, 2021-04-15 14:28

It has become very clear once again: the domain industry won't stop. The scenario we know today is constantly changing, and our industry adapts to the changes taking place in society and the economy.

Thanks to its versatility, the domain industry continues to amaze with some big changes year after year. This sector has its own peculiarities, rules, and opportunities for all stakeholders involved. While there are strong foundations, the ecosystem is constantly evolving, with the large numbers of new gTLDs introduced being just one example of this.

InterNetX and Sedo, two leading companies in their respective fields, took a closer look at the state of the domain industry in 2021 and published their results in the latest edition of the Global Domain Report 2021. In about 70+ pages, you get a clear depiction with analyzes, data, developments, and statements from the leading voices /experts in the industry. In this article, we took a closer look at the main data with particular reference to the European market.

2020 was a year of change for everyone. The pandemic has led to restrictions, lockdowns, and major inconveniences with serious implications from private life to business. COVID-19 changed everyday life by presenting new challenges for the domain industry, which has reacted accordingly. ICANN for example has launched various initiatives, e.g. to keep DNS secure and to support registrants in the COVID-19 crisis.

As stated by InterNetX CEO Thomas Mörz: "The domain sector survived 2020 largely unscathed. All trends show growing numbers, despite contrasting feelings around the pandemic. We are seeing a worldwide acceleration of digitization. It has become clear once again that domains are the starting point for every successful online business."

Ron Jackson, the editor of DNJournal, describes 2020 as a roller coaster ride: "When the pandemic hit us in the first quarter, sales slowed down. People were worried that the situation could worsen. The turning point was understanding that a strong web presence is a must to do business in a pandemic situation."

The Global Domain Report 2021 by InterNetX and Sedo

The number of domain name registrations continues to grow. Several reasons have led to positive numbers in the domain sector this year as well:

  1. The push towards digitalization.
  2. The specialization of certain niche industries and services.
  3. The emergence of new markets around the world.

Still, creating statistics on the most registered TLDs is not a simple task. This is mainly due to the sources, which often present very different data. Furthermore, while there are registrars that make their data publicly available, others do not. All in all, we can say without any doubt, the demand is and remains high. At the same time, the introduction of new extensions continues to offer society new TLDs that better represent it. Let's take a closer look at some domain industry highlights from the Global Domain Report by InterNetX and Sedo.

The 10 most popular TLDs

It is certainly not a surprise: .com remains the most registered domain. The TLD .tk and .cn follow on an equal footing. Among the ccTLD, the German domain extension .de has a lead that has become too big for those behind to be easily overcome, namely .uk, .nl, .ru, and .br. The two "historical" TLDs .net and .org are among the most registered domains, as well.

The 10 most popular TLDs

In general, .cn and .nl show a strong growth compared to .net, .tk, and .uk with negative figures.

The most registered ccTLDs in 2020

Top 5 + 1 ccTLDs in M

Looking at the data in the report, these are significant differences visible at first glance. For example, the ccTLDs .tk, .ga, .cf, .ml, and .gq managed by freenom are generally free to register with fees only to ensure the full ownership of the domain.

This can only benefit registrations. Thus it is explained now, for example, why .tk the ccTLD for the Tokelau territory, with a population of approximately 1,500 people, has come out on top of the rankings.

Europeans love ccTLDs

In terms of global market share, 34% of the total is represented by ccTLDs, while the remaining 56% is in the hands of gTLDs.

Top 10 Domains in Europe

If we consider only the European continent, however, the situation is slightly different. According to the Global Domain Report taking CENTR as a source, the market share of ccTLDs among European countries amounts to 61%. A long-standing trend based on historical-cultural reasons, which leads the European market to prefer national TLDs to locate their presence on the internet.

Domain-population ratio

The Global Domain Report by InterNetX and Sedo presents an interesting comparison by relating the domains registered in a given country with the respective number of inhabitants. This data allows us to draw further conclusions on the global domain market.

While it is not surprising that the most populated countries like China or the United States also have a large number of registered domains, very small countries like Panama or the Cayman Islands benefit from their status as a popular offshore destination. The case of .tk reaching the Top10 is one clear example.

Domain-inhabitant ratio

There are gTLDs with strong potential besides .com

The TLD .com leads all rankings with a very wide gap from other domains. A success story that has been going on since 1985. Of course, there are many other gTLDs with strong potential. There are currently 1,590 TLDs in the IANA root zone database and 1,244 are the so-called gTLDs.

Even though new domain extensions represent only a small fraction of registered gTLDs so far, the number of registrations is constantly growing, as are the opportunities associated with them. Some TLDs experienced higher growth with peaks over 300%, such as .site, .icu, or .xyz.

Growth >100%

More than 1,000 new gTLDs offer a more diversified internet

Top 5 new gTLDs

New top-level domains have been introduced in recent years mainly because it has become increasingly difficult to find short, concise domains that are still available. The new gTLDs are, therefore, a "remedy" to make the internet grow. It could also be said that they have "democratized" the industry with over 1,000 additional extensions, thus widening the choice by bringing diversity within the internet community. Also, registrations of new gTLDs continue to grow in 2020.

Some of the main ones include: .xyz, .icu but also .online, .top, .site and .club — the latter now in the limelight and steadily growing. When it comes to the new top-level domains, Donuts Inc. today manages the largest and most relevant portfolio in the world, offering new extensions to enhance and manage your online identity.

The most successful geoTLDs

Let's not forget these gTLDs, which represent a region, a community, or even a continent such as .asia, the most registered geoTLD, followed by .cat, for the autonomous region of Catalonia and .pyc for the ethnic community of Russian-speaking people in Kiev Rús.

Registered geoTLDs

Considering the vast market potential of .asia and .africa, thanks to the large population in the respective regions, they have not yet reached their full potential.

2021 forecast for the domain industry

The year 2020 was an unpredictable one with constant changes. The hope is that we can slowly return to a certain degree of normality. The domain industry certainly reflects the changes taking place in society and the economy, but it can benefit from some stability. The fast-growing digitization with an increased focus on e-commerce and digital security can only have a positive effect on the domain industry.

Get your copy of the Global Domain Report 2021 by InterNetX and Sedo.

Written by Simone Catania, Global Content & Communications Manager at InterNetX

Follow CircleID on Twitter

More under: Domain Names, New TLDs

Categories: News and Updates

A Quartet of 6-Figure Sales Led by a ccTLD Took Center Stage on This Week's Sales Chart

DN Journal - Thu, 2021-04-15 01:48
The domain aftermarket continues to run at full throttle with impressive sales being posted in all categories.
Categories: News and Updates

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer