Featured

Update: My participation rights have now been eliminated at ICANN working groups

Just to followup on the earlier blog post of today, I received the following email from Keith Drazek (GNSO Council Chair),

Dear Mr. Kirikos,

Receipt of your letter is acknowledged.

We note and regret that you have elected to not accept and agree to abide by ICANN’s Expected Standards of Behavior (ESOB).

As such, per the notice provided in the Council Leadership Team’s letter of 29 March, you will be placed in observer status in the RPM PDP WG and any other GNSO-related forum until such time we receive the necessary communication confirming acceptance of the ESOB, or until such time the ICANN Ombuds rules that you may return to member status following any appeal.

Sincerely,

Keith Drazek
GNSO Chair (on behalf of the GNSO Council Leadership Team)

So, unless I “bend the knee” and “swear an oath of fealty” (or unless the ICANN Ombudsman says I can return), I’m forever banished. Is that reasonable and proportionate?

And, this affects participation for all working groups (not just the RPM PDP), even though there’s no issue in the IGO PDP!

 

Featured

ICANN Threatens to Restrict Participation Rights of critic George Kirikos

ICANN, in an affront to free speech and due process, has threatened to restrict my participation on important domain name policy issues, and I think it’s crucial that these topics be brought before the public for debate. Continue reading “ICANN Threatens to Restrict Participation Rights of critic George Kirikos”

Vivid Seats will acquire LasVegas.com deal as part of their Vegas.com transaction

I continue to not disclose new and significant domain name transactions that I’ve discovered via SEC filings research, due to parasites who do not properly cite that research and/or make copycat articles to generate pageviews and eyeballs for themselves. Instead of simply retweeting and linking to the original research itself, so that the original researchers receive the full credit and attention for their work, these parasites want a piece of the action without putting in the hard work themselves.

I continue to invest the time to research for myself, though. While researching other transactions, I stumbled across a tidbit related to an older public transaction, though (which is thus not a “new” transaction).

As some folks might remember, I broke the news about the USD $90 million LasVegas.com deal, tweeting on November 6, 2015:

This was uncovered before I launched this blog, and was written about on TheDomains, DNJournal, and elsewhere.

Fast forward to November 2023, when Vivid Seats announced the acquisition of Vegas.com for USD $240 million. This was widely reported, and of course isn’t a “pure” domain name deal (given that Vegas.com is a developed website) however most people simply focused on Vegas.com, and ignored the fact that LasVegas.com (worth far more than Vegas.com as a domain name name) was part of the deal!

How do I know this? The key tidbit was buried in a SEC filing made by Vivid Seats this week, where they disclosed:

“In 2005, the Company entered into an agreement for use of an internet domain name with an unrelated party. Under the terms of the agreement, the Company is obligated to pay approximately $2,500,000 per year until the agreement expires in 2040. The Company has the option to terminate the agreement at any time, provided they operate the domain for a period of thirty days after termination.” (page 15)

What they’re describing is the ongoing LasVegas.com deal! Here were the terms of that deal as discovered in 2015:

Note 7.
LasVegas.com Purchase Obligation

In June 2005, VEGAS.com, LLC entered into an agreement for the purchase of LasVegas.com. The agreement specified that a $12,000,000, one-time payment be made upon execution of the agreement along with monthly payments of approximately $83,000 for 36 months, $125,000 for the next 60 months, and then $208,000 for the next 36 months. Per the terms of the agreement, after June 30, 2016, following the 132 initial monthly payments, VEGAS.com, LLC in its sole discretion may terminate the agreement and forfeit the domain name. If VEGAS.com, LLC chooses not to terminate the agreement, they will continue making the monthly payments of approximately $208,000 until June 30, 2040, at which time the seller will transfer the domain name to VEGAS.com, LLC without further payment or cost to VEGAS.com, LLC. (from Note 7 on page 13 of SEC filing)

$208,000 per month (the amount of the payments after June 30, 2016) equals $2,496,000 per year, which is “approximately $2,500,000” as per the Vivid Seats filing this week.

Is there any other evidence that shows Vegas.com is still operating LasVegas.com? There sure is! Let’s do some sleuthing, since they don’t make it too obvious from the actual websites themselves:

(a) The “A” record (the IP address where the domain name’s website is hosted) for Vegas.com is (using the Google Admin Toolbox) is 64.12.0.13 for vegas.com and  64.12.0.14 for LasVegas.com, which are nearly identical (same hosting provider, and IP address block).

(b) The “CNAME” records for each domain with a “www” subdomain are:

(i) for www.vegas.com: fp2f9f.wpc.18c9ff.zetacdn.net.
(ii) for www.lasvegas.com: fp2fa0.wpc.18c9ff.zetacdn.net.

indicating that they’re using the same content delivery networks (subdomains of zetacdn.net).

(c) while the visual styles of the two websites are a bit different, their terms of service pages are nearly identical! Using a text comparison tool, one can copy the terms of service from:

https://www.vegas.com/about/terms/

and

https://www.lasvegas.com/about/termsofuse.html

and compare the two. Every “VEGAS.com” was changed to “LasVegas.com”, and the address/contact info was changed too.

(d) Or perhaps most simply, they disclose in Section 19 of the above terms that the “Nevada Seller of Travel Registration No” is 2003-0113, the same registration number on both sites!

(e) Going back to this week’s SEC filing, pages 5 and 7 also mention “LasVegas.com, LLC“. I suppose that makes things definitive!

June 30, 2040 is 16 years and 7 months away. Thus, at $2.5 million/year, Vivid Seats will need to pay approximately $41.5 million over that period in order to finally own the LasVegas.com domain name.  Approximately $48.5 million has already been paid towards the LasVegas.com domain name, far surpassing the $30 million Voice.com dealHopefully Ron Jackson of DNJournal will still be with us in 2040 so that he can officially “chart” the $90 million transaction, although I suspect that it might not be the highest public reported domain name deal on that date….we shall see.

If $2.5 million per year is a feasible investment for a company to lease a domain name, for a company worth a mere $240 million, how much can much larger enterprises justify investing to capture the enormous economic benefits that flow from owning elite domain names? Instead of leasing the domain name over 35 years, what’s the value of a lump sum one-time all cash payment? Research the “relief from royalty method” of valuation, and you will find the answer.

In conclusion, elite domain names continue to be extremely valuable, as demonstrated by the ongoing lease of the LasVegas.com domain name, an important piece of the Vegas.com transaction that few have picked up on.

New owner of elite EM.com domain name appears to be Enterprise Holdings (not Exxon Mobil)!

Several weeks ago, I noticed that the elite 2-letter dot-com domain name EM.com had changed hands, with the “WHOIS” information of MarkMonitor’s stealth acquisition unit:

https://twitter.com/GeorgeKirikos/status/1697188222302859628

I’ve been monitoring that domain since that time, and it appears that Exxon Mobil is NOT the new owner of the domain name!

Instead, using the “dig” tool to view the TXT records for the EM.com domain name, I saw that they finally came alive very recently, with values for the SPF records (which relate to email) of:

“v=spf1 ip4:38.133.153.128/26 ip4:216.251.248.18 ip4:208.185.229.40/29 ip4:208.18” “5.235.45 ip4:139.131.76.33 ip4:207.166.92.11 ip4:207.166.95.11 ip4:74.209.251.0/” “24 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18 ip4:213.139.100.4” “8 ip4:207.166.92.11 ip4:207.166.95.11 ip4:216.20.248.25 ip4:216.20.244.25 ip4:19” “9.102.164.25 ip4:35.163.201.1 ip4:35.166.146.0 ip4:35.167.47.63 ip4:18.219.199.1” “49 ip4:35.190.247.0/24 include:_spf.google.com include:sendgrid.net include:mail” “.zendesk.com include:spf.tmes.trendmicro.com ?all”

and the MX records (for delivery of email) have delivery of email to the server:

ehi1.in.tmes.trendmicro.com.

Using the “Reverse MX” tool at WhoisXMLAPI, I noticed that there were only 70 records, and they’re all related to Enterprise Holdings, which owns brands like Alamo, National, and of course Enterprise. According to their website, they’re the 9th largest private company in the USA, with $30 billion in revenue for 2022, and 80,000 global employees.

They own the 3-letter domain name “ehi.com” (which presumably is the “ehi” in “ehi1.in.tmes.trendmicro.com”!!), and it turns out that the SPF records for ehi.com (using the “dig” tool) are:

“v=spf1 ip4:38.133.153.128/26 ip4:216.251.248.18 ip4:208.185.229.40/29 ip4:208.185.235.45 ip4:139.131.76.33 ip4:207.166.92.11″ ” ip4:207.166.95.11 ip4:74.209.251.0/24 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18″ ” ip4:213.139.100.48 ip4:207.166.92.11 ip4:207.166.95.11 ip4:216.20.248.25 ip4:216.20.244.25 ip4:199.102.164.25 ip4:35.163.201.1 ip4:35.166.146.0″ ” ip4:35.167.47.63 ip4:18.219.199.149 ip4:35.190.247.0/24 include:_spf.google.com include:sendgrid.net include:mail.zendesk.com include:spf.tmes.trendmicro.com -all”

which nearly matches those for “em.com”. [It appears someone botched the “copy and paste” of ehi.com’s records, as some values appear to have been split by mistake, e.g. it should be “include:mail.zendesk.com”, as in the one for ehi.com, but instead it was “include:mail” and “.zendesk.com”). Same mistake for some of the IP addresses, e.g “ip4:208.18” “5.235.45” should be “ip4:208.185.235.45”]

Thus, while we wait for a live website to provide absolute confirmation, we can conclude with a high degree of confidence that Enterprise Holdings is the new owner of the em.com domain name. Perhaps this will be used for a rebranding of the company (instead of “Holdings”, the “M” might stand for “Mobility” as they describe themselves as a leader in transportation and mobility).

Millions Of Sensitive US Military Emails Misdirected To Mali, Despite 2014 Warning From Me

In August 2014, I noticed a potential security vulnerability in relation to the .mil top-level domain, which is operated by the US military. As such, I reported the issue to CERT, describing the issue in sufficient detail that they could understand the problem.

Today, I learned via a tweet from Elliot Silver:

about the report in the Financial Times concerning millions of US military emails being misdirected, and quote-tweeted that I had reported the issue many years ago:

https://twitter.com/GeorgeKirikos/status/1680925062621216768

Elliot Silver later blogged about it, and it’s been reported on by many other news outlets.

You can read my August 6, 2014 CERT “Vulnerability Report” here (I had prudently saved a copy), and the confirmation was VRF#HYIXW4Z4. [The PDF is redacted, as it had contained my cell phone number, which I rarely disclose.]

Continue reading “Millions Of Sensitive US Military Emails Misdirected To Mali, Despite 2014 Warning From Me”

Another ICANN Sham Review of Public Comments

ICANN has posted their Public Comment Summary Report of the Proposed Renewal of the Registry Agreement for .NET. Once again, it is another sham review of the submissions of the public.

Not only do they dismiss comments and concerns relating to the changes in the RRA, which we wrote about extensively. ICANN staff went even further, and LIED about past comment submissions! At the bottom of page 13, they wrote:

Continue reading “Another ICANN Sham Review of Public Comments”

Our Comments to ICANN Opposing the Dot-NET Registry Agreement Renewal With Verisign

On April 19, 2023, I highlighted negative aspects of the proposed .NET Registry Agreement between ICANN and Verisign.

The public comment period ends on Thursday May 25, 2023 at 23:59 UTC (i.e. tomorrow), and I just submitted my company’s final comments.

I encourage others who care about the rights of registrants to do the same.

Others, including the Internet Commerce Association and TurnCommerce have submitted substantial comments. All of the public comments can be read here.

Red Alert: ICANN and Verisign Proposal Would Allow Any Government In The World To Seize Domain Names

ICANN, the organization that regulates global domain name policy, and Verisign, the abusive monopolist that operates the .COM and .NET top-level domains, have quietly proposed enormous changes to global domain name policy in their recently published “Proposed Renewal of the Registry Agreement for .NET”, which is now open for public comment.

Either by design, or unintentionally, they’ve proposed allowing any government in the world to cancel, redirect, or transfer to their control applicable domain names! This is an outrageous and dangerous proposal that must be stopped. While this proposal is currently only for .NET domain names, presumably they would want to also apply it to other extensions like .COM as those contracts come up for renewal.

Continue reading “Red Alert: ICANN and Verisign Proposal Would Allow Any Government In The World To Seize Domain Names”

Our January 30, 2023 Comments to ICANN Regarding IGO Issues and Preserving The Rights of Registrants

ICANN has a public comment period for the Final Report from the EPDP on Specific Curative Rights Protections for IGOs, which proposes to harm registrants’ rights, by making IGOs (intergovernmental organizations like the UN) exempt from the mutual jurisdiction clause of the UDRP/URS. This would mean that a domain owner’s rights to judicial review of an adverse UDRP/URS decision would be prejudiced.

Our comments can be read on the ICANN site, along with all the other public comment submissions. [including those of the Internet Commerce Association]

Continue reading “Our January 30, 2023 Comments to ICANN Regarding IGO Issues and Preserving The Rights of Registrants”

VPN.com v. George Dikian court case update of January 27, 2023

Konstantinos Zournas of OnlineDomain.com was the first to break the news concerning the lawsuit filed by VPN.com against “George Dikian”.

Today, both sides filed a “Joint Rule 26(f) Report” [PDF] which summarizes the case from the point of view of each side, and sets out scheduling going forward. Since it’s such a short document, it’s an excellent introduction to the dispute, for those who’ve not been following it from the beginning.

The entire docket can be followed via CourtListener.

Visualizing the Security Benefits of the Losing FOA for Domain Name Transfers

I’ve written extensively about the security implications of the “Losing FOA” step of domain name transfers. It’s the opportunity for registrants to “ACK” or “NACK” a pending transfer, before it completes. I wrote about this again yesterday,  and that post linked to all prior writings.

I wanted to give readers direct visual evidence of why the Losing FOA is so important as a security mechanism, so I intiated a transfer of a domain name from my company’s portfolio at Tucows/OpenSRS to GoDaddy. After I input the transfer code (currently called the “AuthInfo Code”, but it will be renamed the “Transfer Authorization Code” or “TAC”) at GoDaddy, Tucows/OpenSRS sent me (as registrant) an email, with a link to a page that would allow me to immediately approve the transfer (i.e. “ACK” it), or to reject the transfer (“NAK” it). Here’s a screenshot:

Example of OpenSRS Losing FOA page, allowing registrants to accept or reject an outgoing transfer request
Example of OpenSRS Losing FOA page, allowing registrants to accept or reject an outgoing transfer request

As you can clearly see, the page contains text saying:

The domain name listed above will be transferred to:

New Registrar
GoDaddy.com, Inc.

and gives me the opportunity to accept the transfer, or decline it (I’ve just left things in a pending state for now; I’ll perhaps “ACK” the transfer in a few days).

Continue reading “Visualizing the Security Benefits of the Losing FOA for Domain Name Transfers”