NinerNet Communications™
Blog

Corporate Blog

Data privacy developments

22 May 2018 22:44:39 +0000

The purpose of this long blog post is to keep you informed of a significant development in the domain registration business, how it will affect you, what action you need to take and how to protect yourself from the criminals who will take advantage of the confusion that will no doubt be generated. We have also sent this via email to our clients.

The GDPR

In the last few months you may have heard rumblings about a new European law called the GDPR, the General Data Protection Regulation. This is a sweeping new law that will affect people in every corner of the globe, not just in the European Union (EU). It places a premium on the value of individual privacy, and restricts how the personal data provided by an individual may be used by companies and organisations. Fines for breach of the law can reach tens of millions of euros.

The GDPR is a good thing, and will address some glaring problems in our industry that we have referred to on a number of occasions, particularly the public WHOIS system where a domain registrant’s information is available for all the world to see, and is therefore used by scammers worldwide. However, even a good law is still a law and comes with an administrative burden for all parties.

On the hosting side of our business, not much (if anything) will change. We have always closely guarded the personal information of our clients — and that won’t change — and only collected what is technically and legally necessary to provide the services you contract from us.

Domain registrations

On the domain registration side of things, because of the fact that the domain registration system requires a number of entities to co-operate — registrant (you), registrar (currently OpenSRS/Tucows), reseller (NinerNet), registry (various, including Verisign, CIRA, ZICTA, etc.) and ICANN (the Internet Corporation for Assigned Names and Numbers) — you will start to see various transactional emails from us refer to the GDPR (which comes into force on 25 May 2018) and mechanisms for you to provide and, if necessary and possible, withdraw consent for use of your personal data. The need for you to fulfil your obligations as a domain registrant and respond to calls to action in emails will be in addition to actions you have needed to take until now. In short, it should mean a couple more emails per domain per year that you will need to pay attention to, but exactly how this manifests itself will develop over time, especially in the first year after this Regulation comes into force.

While it’s a reasonable question to ask why an EU law will apply to people and companies outside of the EU, the fact is that, worldwide, domain registries and registrars intend to comply with this Regulation and adopt a uniform system for managing it. Many jurisdictions have privacy laws, but the GDPR looks like it will be the most robust affecting the greatest number of people and the general feeling among proponents is two-fold: 1) Privacy is a good thing and we should follow the most stringent standards in favour of it, and 2) If we have to adjust policies and practices, then it makes no sense to have one set of policies and practices for some people and another for everyone else.

While this law affects all industries (and governmental organisations) in the EU and those (within and without the EU) that deal with European residents, the most visible effect in our industry will be on the public WHOIS (“who is”) system, where your personal information — name, address, phone number, email address, etc. — is currently published in public databases of domain registrants for everyone to see. These databases will continue to exist, of course, but access to them will be restricted, through layered access to a new “gated” WHOIS system, to legitimate accredited users that will include law enforcement organisations and intellectual property lawyers, as well as the registries, registrars and resellers directly involved in a particular domain registration.

Spammers, scammers and fraud artists

The one class of people that we certainly hope will no longer have access to this information is the fraud artists that fill your email every day — despite our best efforts — with offers to enlarge body parts, sell you web design and “search engine optimisation” services, scam you into sending them money for services they’ll never provide, and trick you into providing information to them that will lead to identity theft (phishing). With any luck, this new law will finally almost wipe out the spammers who harvest your email address from the WHOIS. It won’t stop those who get your unprotected email address off your website, or already have it or buy it from these unscrupulous individuals, but it should stop anyone else getting your email address if you change it in your existing domain registration.

But speaking of scams, as sure as night follows day (we’ve seen it before) these changes will no doubt lead to many scammers sending out emails urgently requiring you to take some action or another after clicking a link in their email. The text of the emails will use urgent language designed to scare you, but that they assume you will have heard in the news. They will refer to the GDPR and tell you that if you don’t go to a website and fill in a user name and password for your domain — and perhaps send them money too — your domain will be suspended and deleted.

DO NOT FALL FOR THIS! IT IS NOT TRUE!

As we have said over and over again for more than twenty years, if you receive an email about your domain or hosting from an email address that is not on the niner.net domain, then it is almost certainly a scam. If the email attempts to scare you into taking action immediately, then that only adds to the weight of evidence pointing to it being a scam. If you are concerned and not sure, we’re happy to advise you if you forward the email in question to us before taking any action.

Our new privacy policy

As with many Internet companies, the new GDPR has prompted us to revise our privacy policy. Our privacy policy — part editorial, part serious statement — is unlike any you have ever read. It provides some truth about the real problem with what the true purpose is of many (mostly larger) companies these days, and how we’re very different.

No action required at this time

Finally, no action is needed from you at this time. However, after 25 May you will start to receive email notices directing you to take GDPR-related actions, especially if you change anything to do with your domain, and possibly when you renew it.

If you have any questions, please let us know. Thank-you for your time.

Zambian domains update

27 December 2016 03:17:55 +0000

To update our earlier post, ZICTA finally contacted us on the afternoon of the 12th. Again — unbelievably — we had to explain basic networking concepts to them to help them understand why our client’s domain was not working.

However, they also explained or blamed part of the problem on Zamnet for not deleting the domain from their nameservers after they had hosted it previously. Zamnet are entrusted by ZICTA with the stability and security of two of the four nameservers that run the dot-zm ccTLD, and yet they apparently can’t perform basic nameserver maintenance. This is shocking to say the least.

Our client’s domain was finally back online again and stable and functioning properly by the 13th (after we contacted ZICTA on the 10th) … but for how long? It is only a matter of time before either our client’s dot-zm domain or another dot-zm domain goes down, again caused by mismanagement by ZICTA or one of the organisations they contract to provide name service.

Don’t register dot-zm domains. Seriously.

Zambian domains (.zm) are broken, don’t register them

12 December 2016 08:53:45 +0000

A little over a year ago we detailed the laborious process by which we managed to bypass an incompetent dot-zm domain registrar — Realtime Technologies Ltd. / Hai Alive Telecommunications — to speak directly to ZICTA (the Zambia Information & Communications Technology Authority) about a problem caused by ZICTA and misdiagnosed by Realtime/HAI.

You may or may not believe this, but the exact same thing is happening again, but with a different dot-zm domain registered through Realtime/HAI.

We contacted ZICTA and Zambia CIRT, through the same channels we used last time, early on the morning of Saturday 10 December. Over forty-eight hours later we still have not received an acknowledgement of our email, and the problem persists.

With the domain redacted to protect our client’s privacy, the evidence that is much the same as for the problem last year is presented below. What is particularly interesting about the information reported by one of the dot-zm nameservers (hippo.ru.ac.za) is that it is still reporting the pch.nic.zm and ns1.coppernet.zm nameservers as being authoritative for the dot-zm ccTLD. (See the IANA website for the nameservers for the dot-zm ccTLD.) The former was the problem nameserver last year, and was apparently promptly decommissioned after our report. However, I see that it is now back online at a new location. Ironically, this time it is actually reporting the correct DNS information for this domain. The latter belongs to the now-defunct Coppernet; although there is still an A record pointing ns1.coppernet.zm to 41.222.240.15, that nameserver simply does not respond at all.

We’ll post further updates when (or if) this problem is resolved. However, we really cannot emphasise strongly enough that you should not register dot-zm domains, and if you have one, you should transition away from it as soon as possible.


Update, 2016-12-27: Posted an update.


[00:00:05 leftseat@wrathall ~]$ whois zxxx.org.zm
Domain Name: zxxx.org.zm
Domain ID: 11559-zicta
WHOIS Server: whois.nic.zm
Referral URL:
Updated Date: 2016-11-29T11:40:45.292Z
Creation Date: 2015-05-12T09:27:15.528Z
Registry Expiry Date: 2017-05-12T09:27:15.611Z
Sponsoring Registrar: Realtime (Z)
Sponsoring Registrar IANA ID:
Domain Status: ok
Registrant Name: REDACTED
Registrant Organization: REDACTED
Registrant Street: lusaka
Registrant City: lusaka
Registrant State/Province: lusaka
Registrant Postal Code: 10101
Registrant Country: ZM
Registrant Phone: +260.REDACTED
Registrant Phone Ext:
Registrant Email: REDACTED
Name Server: ns1.niner.net
Name Server: ns2.niner.net
DNSSEC: unsigned
Additional Section
Sponsoring Registrar URL:
Sponsoring Registrar Country: ZM
Sponsoring Registrar Phone:
Sponsoring Registrar Fax:
Sponsoring Registrar Customer Service Contact:
Sponsoring Registrar Customer Service Email:
Sponsoring Registrar Admin Contact:
Sponsoring Registrar Admin Email:
>>> Last update of WHOIS database: 2016-12-12T07:31:46.321Z <<<

TERMS OF USE: You are not authorized to access or query our WHOIS database through the use of electronic processes that are high-volume and automated.  THis WHOIS database is provided by as a service to the internet community.

The data is for information purposes only. We do not guarantee its accuracy. By submitting a WHOIS query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes. The compilation, repackaging, dissemination or other use of this Data is expressly prohibited.
[00:00:14 leftseat@wrathall ~]$ dig zxxx.org.zm ns

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51871
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; ANSWER SECTION:
zxxx.org.zm.		300	IN	NS	ns1.niner.net.
zxxx.org.zm.		300	IN	NS	ns2.niner.net.

;; Query time: 4627 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 12 00:00:28 PST 2016
;; MSG SIZE  rcvd: 85

[00:00:28 leftseat@wrathall ~]$ dig zxxx.org.zm ns @ns1.niner.net

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @ns1.niner.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34521
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; ANSWER SECTION:
zxxx.org.zm.		300	IN	NS	ns1.niner.net.
zxxx.org.zm.		300	IN	NS	ns2.niner.net.

;; ADDITIONAL SECTION:
ns1.niner.net.		300	IN	A	65.61.166.128
ns2.niner.net.		300	IN	A	65.61.166.129

;; Query time: 97 msec
;; SERVER: 65.61.166.128#53(65.61.166.128)
;; WHEN: Mon Dec 12 00:00:36 PST 2016
;; MSG SIZE  rcvd: 117

[00:00:36 leftseat@wrathall ~]$ dig zxxx.org.zm ns @hippo.ru.ac.za

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @hippo.ru.ac.za
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51448
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 4
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; AUTHORITY SECTION:
org.zm.			86400	IN	NS	ns2.zamnet.zm.
org.zm.			86400	IN	NS	pch.nic.zm.
org.zm.			86400	IN	NS	ns1.coppernet.zm.
org.zm.			86400	IN	NS	ns-zm.afrinic.net.
org.zm.			86400	IN	NS	ns1.zamnet.zm.

;; ADDITIONAL SECTION:
ns1.zamnet.zm.		86400	IN	A	196.46.192.26
ns1.coppernet.zm.	86400	IN	A	41.222.240.15
ns2.zamnet.zm.		86400	IN	A	196.46.192.21

;; Query time: 347 msec
;; SERVER: 146.231.128.1#53(146.231.128.1)
;; WHEN: Mon Dec 12 00:03:14 PST 2016
;; MSG SIZE  rcvd: 212

[00:03:14 leftseat@wrathall ~]$ dig zxxx.org.zm ns @ns1.zamnet.zm

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @ns1.zamnet.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5881
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; AUTHORITY SECTION:
zxxx.org.zm.		86400	IN	NS	ns1.niner.net.
zxxx.org.zm.		86400	IN	NS	ns2.niner.net.

;; Query time: 330 msec
;; SERVER: 196.46.192.26#53(196.46.192.26)
;; WHEN: Mon Dec 12 00:03:35 PST 2016
;; MSG SIZE  rcvd: 85

[00:03:35 leftseat@wrathall ~]$ dig zxxx.org.zm ns @ns2.zamnet.zm

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @ns2.zamnet.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27780
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; ANSWER SECTION:
zxxx.org.zm.		604800	IN	NS	ns2.zamnet.zm.
zxxx.org.zm.		604800	IN	NS	ns5.zamnet.zm.

;; Query time: 337 msec
;; SERVER: 196.46.192.21#53(196.46.192.21)
;; WHEN: Mon Dec 12 00:03:42 PST 2016
;; MSG SIZE  rcvd: 83

[00:03:42 leftseat@wrathall ~]$ dig zxxx.org.zm ns @ns-zm.afrinic.net

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @ns-zm.afrinic.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43162
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; AUTHORITY SECTION:
zxxx.org.zm.		86400	IN	NS	ns1.niner.net.
zxxx.org.zm.		86400	IN	NS	ns2.niner.net.

;; Query time: 324 msec
;; SERVER: 196.216.168.44#53(196.216.168.44)
;; WHEN: Mon Dec 12 00:03:53 PST 2016
;; MSG SIZE  rcvd: 85

[00:03:53 leftseat@wrathall ~]$ dig pch.nic.zm any

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> pch.nic.zm any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 261
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;pch.nic.zm.			IN	ANY

;; ANSWER SECTION:
pch.nic.zm.		81758	IN	A	204.61.216.73

;; Query time: 10 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 12 00:16:20 PST 2016
;; MSG SIZE  rcvd: 55

[00:16:20 leftseat@wrathall ~]$ whois 204.61.216.73

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=204.61.216.73?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange:       204.61.208.0 - 204.61.217.255
CIDR:           204.61.216.0/23, 204.61.208.0/21
NetName:        WOODYNET-204-61-208-0-21
NetHandle:      NET-204-61-208-0-1
Parent:         NET204 (NET-204-0-0-0-0)
NetType:        Direct Assignment
OriginAS:
Organization:   WoodyNet (WOODYN)
RegDate:        1995-01-26
Updated:        2012-03-02
Ref:            https://whois.arin.net/rest/net/NET-204-61-208-0-1

OrgName:        WoodyNet
OrgId:          WOODYN
Address:        2351 Virginia St
City:           Berkeley
StateProv:      CA
PostalCode:     94709-1315
Country:        US
RegDate:        2001-05-16
Updated:        2013-04-02
Ref:            https://whois.arin.net/rest/org/WOODYN

OrgAbuseHandle: BW1324-ARIN
OrgAbuseName:   Woodcock, Bill
OrgAbusePhone:  +1-415-831-3103
OrgAbuseEmail:  woody_AT_pch.net
OrgAbuseRef:    https://whois.arin.net/rest/poc/BW1324-ARIN

OrgTechHandle: BW1324-ARIN
OrgTechName:   Woodcock, Bill
OrgTechPhone:  +1-415-831-3103
OrgTechEmail:  woody_AT_pch.net
OrgTechRef:    https://whois.arin.net/rest/poc/BW1324-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

[00:16:32 leftseat@wrathall ~]$ dig -x 204.61.216.73

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> -x 204.61.216.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46703
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;73.216.61.204.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
73.216.61.204.in-addr.arpa. 900	IN	PTR	pch.nic.zm.

;; Query time: 1670 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 12 00:16:44 PST 2016
;; MSG SIZE  rcvd: 79

[00:16:44 leftseat@wrathall ~]$ dig zxxx.org.zm ns @pch.nic.zm

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @pch.nic.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10234
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;zxxx.org.zm.			IN	NS

;; AUTHORITY SECTION:
zxxx.org.zm.		86400	IN	NS	ns2.niner.net.
zxxx.org.zm.		86400	IN	NS	ns1.niner.net.

;; Query time: 11 msec
;; SERVER: 204.61.216.73#53(204.61.216.73)
;; WHEN: Mon Dec 12 00:17:20 PST 2016
;; MSG SIZE  rcvd: 85

[00:17:20 leftseat@wrathall ~]$ dig ns1.coppernet.zm any

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> ns1.coppernet.zm any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4953
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;ns1.coppernet.zm.		IN	ANY

;; ANSWER SECTION:
ns1.coppernet.zm.	86375	IN	A	41.222.240.15

;; Query time: 11 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 12 00:36:07 PST 2016
;; MSG SIZE  rcvd: 61

[00:36:07 leftseat@wrathall ~]$ whois 41.222.240.15
% This is the AfriNIC Whois server.

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '41.222.240.0 - 41.222.241.255'

% No abuse contact registered for 41.222.240.0 - 41.222.241.255

inetnum:        41.222.240.0 - 41.222.241.255
netname:        CUNET-LSK-01
descr:          Allocation to CopperNET Solutions, an ISP in Zambia.
country:        ZM
admin-c:        KWC1-AFRINIC
tech-c:         KWC1-AFRINIC
status:         ASSIGNED PA
remarks:        Please send abuse notification to abuse@coppernet.zm
mnt-by:         COPSOL-MNT
source:         AFRINIC # Filtered
parent:         41.222.240.0 - 41.222.243.255

person:         Kasopa W Chisanga
address:        Silicon House, Kantanta Street
address:        P.O Box 22149, Kitwe
address:        ZM
phone:          +260-212-245011
phone:          +260-212-245200
phone:          +260-212-245222
nic-hdl:        KWC1-AFRINIC
remarks:        CopperNET Solutions.
source:         AFRINIC # Filtered

[00:36:20 leftseat@wrathall ~]$ dig -x 41.222.240.15

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> -x 41.222.240.15
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 11716
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;15.240.222.41.in-addr.arpa.	IN	PTR

;; Query time: 1916 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Mon Dec 12 00:36:30 PST 2016
;; MSG SIZE  rcvd: 55

[00:36:30 leftseat@wrathall ~]$ traceroute 41.222.240.15
traceroute to 41.222.240.15 (41.222.240.15), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  0.372 ms  0.780 ms  0.781 ms
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
[00:37:15 leftseat@wrathall ~]$ dig zxxx.org.zm ns @ns1.coppernet.zm

; <<>> DiG 9.9.5-3ubuntu0.10-Ubuntu <<>> zxxx.org.zm ns @ns1.coppernet.zm
;; global options: +cmd
;; connection timed out; no servers could be reached
[00:38:21 leftseat@wrathall ~]$

Digital Matrixx customer notice

7 July 2016 00:46:15 +0000

It has come to our attention that customers of Digital Matrixx, formerly of Abbotsford, BC, appear to have been abandoned. If this describes your situation, NinerNet Communications may in some cases be able to help you.

Unfortunately it appears that the domains of many of Digital Matrixx’s customers were actually registered in the name of Digital Matrixx, rather than the names of their rightful owners. This was not necessarily the result of malice, but probably expediency and a lack of foresight or knowledge on the part of Digital Matrixx. (To compare, that would be like your real estate agent registering your new house in his or her name “because it’s easier.”) However, the result is that now the rightful owners of those domains have no control over them and cannot take the necessary action to get their domains back online again, or even renew them.

We do not have a list of customers or contact information for any of them, so if you are a former Digital Matrixx customer you need to take the initiative to contact us to see if we are in a position to be able to help you. (We do have a list of 179 domains that we may be able to assist with.) You can contact us at the same email address that Digital Matrixx used to use — info@thepostaloffice.com — or via one of the methods listed on our contact page. While we have not bought or acquired Digital Matrixx, we have acquired their former domain — thepostaloffice.com — through the normal domain expiry process. (The same applies to the domain they used to use for nameservers, securelinksserver.com.) Because many of the domains registered by Digital Matrixx use the info@thepostaloffice.com email address as an email contact, we can now in some cases help some rightful domain owners.

Please read the following information carefully.

What we can do for some former customers:

  • We can help some people regain control of their domain registrations.

What we cannot do for you:

  • We do not have any access to websites or email on any domains. In some cases we may be able to retrieve copies of websites from public caches, but this takes time and effort. We can determine the probability of success and give you a quote to make a copy based on our hourly rate. We can also refer you to web designers or make recommendations for economical options.

What we require:

  • To assist anyone to regain control of their domain we require scanned or high-resolution photographed copies of documentation to connect you to the domain. This could include at least two items from the following non-exhaustive list:
    • business licence (municipal),
    • business registration (federal or provincial),
    • an invoice from Digital Matrixx or the owner of the company, or
    • a cancelled cheque or some form of proof of payment to Digital Matrixx or the owner of the company.
  • If we are able to assist you to regain control of your domain, we will require you to transfer the registration to a new NinerNet domain registration account. (We have no way to give you access to the account where it is currently located.) This will require you to agree to a standard registration agreement, which you will be presented during the process to effect a registrar transfer of your domain. Following this transfer your domain registration period will be extended one further year (or more as described below) beyond its current expiry date, and the contact information will be changed from that of Digital Matrixx to the contact information of your choice.
  • In order to enter the contact information of your choice, you’ll need to send it to us: registrant company, registrant contact name, registrant mailing address, registrant email address, and registrant phone number. Per the registration agreement, this information all needs to be valid. Once we have that information from you we will send you an invoice based on our current domain renewal rates for the renewal period of your choice (up to ten years). On payment of the invoice we will initiate the registrar transfer, which will usually complete within a week of all of the steps being completed by you. Once that completes we will send you the log-in information for your domain registration account. Also per the registration agreement and as dictated by ICANN, you will not be able to transfer your domain registration to another registrar for 60 days; however, after that 60 days you are free to manage your domain as you see fit.
  • You can, however, set new nameservers immediately so that you can set up new hosting for your domain or redirect it to another domain. You are not obligated to host your website and/or email with NinerNet, but we’ve been in the hosting business for twenty years and seen companies like Digital Matrixx come and go. Our hosting rates are available on our website and we are very willing and able to answer your questions and give you advice on how to proceed.

We look forward to being able to assist you, as we have done already for some former Digital Matrixx customers.

Domain news: Price increase on dot-uk domains, elimination of multi-year rates

19 January 2016 01:22:12 +0000

The dot-uk registry is raising the price of their domains and eliminating lower pricing when registering for two years at a time effective 1 March, and so we must too.

This means that the new annual price for dot-uk domains will increase from US$14.00 to US$17.00 per year on 1 March. Most of this increase is due to the elimination of the lower pricing on biennial renewals.

Due to low demand for multi-year registrations and renewals, we’re also taking this opportunity to eliminate our multi-year pricing that we have offered on most domains we sell. In order to make a meagre profit on a ten-year registration/renewal we have had to charge a high enough single-year price that when you whittle down the price to what we’d offer for ten years (the maximum allowed by most registries), we were possibly making mere pennies. Given that we have absorbed domain price increases in the past, we would have actually lost money on a ten-year registration at our posted prices on some top-level domains.

We’ll still sell multi-year registrations and renewals, but any discounts will be negotiated on a case-by-case basis.

If you have any questions, please let us know. Thanks for your business.

Domain management case study: Barriere Chamber of Commerce

18 January 2016 02:34:27 +0000

In the news recently (CBC and The Vancouver Sun) it was revealed that the Barriere (and District) Chamber of Commerce lost one of their domains (barrierechamber.com, apparently their primary one judging by its position in the results in web searches) because they did not renew it, and “logged in as usual” one day to find that said domain redirected to a pornographic website. As of this writing it’s redirecting to a non-pornographic website, but in the CBC article you can see a somewhat sanitised screenshot of the original website that caused such a furore.

Executive summary (or tl;dr)

As it says in the “Domain drop catching” article at Wikipedia, “It is incumbent on registrants to be proactive in managing their name registrations and to be good stewards of their domain names. By law there are no perpetual rights to domain names after payment of registration fees lapses, aside from trademark rights granted by common law or statute.” In the words of the Chamber’s administrator, “It was messed up on our end.” The above article does also state that “Unless the original registrant holds a trademark or other legal entitlement to the name, they are often left without any form of recourse in getting their domain name back”, but simply paying attention can save you a whole lot of time and heartache, not to mention money in legal fees.

There may be a glimmer of hope for the Barriere Chamber though. See the “Godaddy complicity” section for details on what action they may be able to take.

Asset management and laziness

This situation brings up so many issues (hence the length of this post), not just technological issues but simple issues of asset management. I’m not an expert at managing a chamber of commerce, but there are lessons here that we can all learn, starting with (as just described) the fact that your domain is an asset, and should be treated as such. If you don’t manage your assets properly — if you leave them out in the rain, leave them unprotected, or let them expire — you’re going to lose them, plain and simple. So don’t let your domain expire — and don’t leave it out in the rain either, for that matter.

One of my pet peeves these days is the sheer laziness that has started to overtake the human race. People apparently don’t want to think, as that is all that the marketing departments of just about every business on the planet seem to be focused on these days. Even car advertisements on television nowadays seem to feature the laziest, dumbest drivers on the planet, drivers who apparently can’t even manage to stay in their own lane and need a car that can think about it and do it for them, driver’s who (quite frankly) should not be licensed to drive.

And it’s even worse in the technology industry where — by it’s very nature — the technology can do much of the thinking and remembering for you. And so it’s incredibly frustrating to read some “expert” (in this case Hasan Cavusoglu of the University of British Columbia’s Sauder School of Business) advise that people like the Barrier Chamber of Commerce “could have protected itself by paying for an extended amount of time to own the domain name because registrars provide such options.” While most registrars and hosting companies (including NinerNet) offer modest discounts on multi-year domain registrations, this only exacerbates the potential problem of forgetting to renew your domain by putting off having to think about renewing it on an annual basis. Whether you’re registering a domain for a business or for your own personal blog, what actual process have you put in place to ensure that you will remember when your domain expires? Registering it for ten years is not going to help you if, by the time the ten years is up, you’ve completely forget about it or who you even registered it with in the first place! It’s your asset; do not rely on someone else (your domain registrar, hosting company, web designer or anyone else) to be more concerned about your asset that you are!

According to The Vancouver Sun article, “Virginia Smith [the mayor] said the chamber in Barriere believed the domain name was automatically renewed”. This contradicts what the Chamber’s administrator (Marie Downing) stated in the CBC article: “It was messed up on our end. We missed the renewal during the holiday season.” Either way, someone was asleep at the switch when it came to managing this particular asset of the Barriere Chamber of Commerce. Also of note is that, according to the WHOIS record for barrierechamber.com as of 14 January 2016 (more on that in a moment when I’ll take aim at the domain registrar, Godaddy, and their complicity in this situation), the domain’s anniversary date is actually 30 November which, by my definition, is well before the so-called holiday season. By the time the holiday season rolled around the domain had been expired for almost a month and was rapidly approaching the “Redemption Grace Period“, by which time it is assumed that the average domain registrant has noticed that their domain has expired and stopped working! Which makes the mayor’s statement about her staff logging in “as usual” one day “only to find the ‘horrible’ content” all the more perplexing; did they not try to “log in” (she’s almost certainly using that term incorrectly) the day before and for the many days before that only to see that the website was not available?

I hate to be the one to break this news to the world, but computers are fallible. Sometimes, when they’re supposed to do things automatically, they don’t. I work with computers every day, and I know that they make mistakes or break. Even if you have your domain set to renew automatically — or anything else done automatically by a computer — check to make sure that it was actually done.

“A domain is for life”

On the topic of registering and renewing domains, I always tell clients that “a domain is for life”, echoing the cliché that “a puppy is for life” (or whatever pet you want to substitute for “puppy”) that you sometimes hear around Christmas when animal protection agencies discourage thoughtless acquisition of animals as presents for kids. If you let a domain expire some opportunist is almost certainly going to snap it up the minute it does. A whole sub-industry revolves around this very activity. In many cases those people want the domain for what most people would consider reasonably legitimate use; for example, I recently snapped up fotocuba.com when it expired because I have a business idea for which this domain would be a good fit. However, everyone has different definitions of “legitimate use”, and many people just want to “monetise” a domain (that they think may be receiving a decent amount of traffic) for advertising. Some of that advertising may unfortunately revolve around pornography, get-rich-quick schemes and questionable medical claims.

Is the new registrant of barrierechamber.com trying to “extort” almost $10 000 from the previous registrant, for “a $20 domain”, as is claimed in The Vancouver Sun article? Not likely. Some people may not like the business model used by the new registrant, but unless the Chamber is somehow obligated to pay the money (they’re not) then it’s not extortion; it’s the free market at work, where one party has an asset and another would like to have that asset. If the latter party cannot afford that asset, then that’s a shame. A friend of mine has a very nice aeroplane that I’d like to own, but if the price at which she is willing to sell it to me is more than I can afford (it most certainly would be!), is she trying to extort money from me? No. So back to my “a domain is for life” maxim: if you don’t want to pay a ridiculous price to get back what was once your own asset, don’t lose it! If you don’t want some idiot to use what was once your domain in ways you would find objectionable — perhaps even “[creating] a replica of [your] original website” (as is correctly stated by Cavusoglu) to mislead your customers or members, or to collect all of the email sent to what was your domain — then don’t let your domain expire! If you don’t want to lose customers because they think you’ve gone out of business because your website and email are down, then renew in time!

Managing multiple domains

Barriere & District Chamber of Commerce Facebook page, 2016-01-16.

Barriere & District Chamber of Commerce Facebook page, 2016-01-16

This is where things get a bit more complicated, requiring some skill in investigating connections between domains and companies — connecting the dots and following the breadcrumbs — and gazing into a crystal ball that shows you the muddied the past. You can pay to have some of that past un-muddied, but I’m too cheap to do that in this case.

As alluded to above, the Barrier Chamber of Commerce apparently owns/owned (or, to be legally precise, is/was the registrant of) multiple domains. In addition to previously being the registrant of barrierechamber.com, their website currently loads at barrierechamberofcommerce.com. Bizarrely — and in yet another example of incredibly poor domain and web presence management — their apparent Facebook page (such as it is) has a link in their “about” box to barrieredistrict.com! (At least the advertising on that isn’t pornographic, as of this writing.) According to the current WHOIS information for this domain (the WHOIS information as of this writing for all of these domains is reproduced below) it was registered on 17 December 2015 by a registrant in Japan. The current registrar is DropCatch.com 828 LLC, and as suggested by the common contact information for dropcatch828.com and namebright.com and on the DropCatch.com 828 LLC web page itself, they’re a “partner” of NameBright — essentially a subsidiary of NameBright, as the former is almost certainly set up as a distinct registrar (as are dozens of other numbered LLCs [e.g., DropCatch.com 1029 LLC, DropCatch.com 1030 LLC, etc.]) as part of a pool to give NameBright greater access to the domain registry for acquiring “dropping” domains the second they are deleted by the registry.

Assuming barrieredistrict.com was indeed previously registered by the Barriere Chamber (it certainly looks like it was, according to the Internet Archive Wayback Machine), this means that the domain actually expired around the 28th or 29th of September 2015. Did the Chamber intentionally let it expire, or did they screw up the renewal of that domain too, only a couple of months before barrierechamber.com expired? What is their overall domain management strategy? Do they even have a domain management or web presence strategy? Would they know what such a strategy might look like if it walked up to them on Barriere Town Road and slapped them in the face? According to the CBC article, “Downing notes that the chamber still has ownership of several other similar domain names …”. Really? Who advised you to register multiple domains? I’m not saying that doing so is a bad idea, but that advice was clearly incomplete and badly implemented.

Looking further at the WHOIS information, I note that both barrierechamber.com and barrierechamberofcommerce.com were registered on 30 November 2013. (See the “Godaddy complicity” section below for more comments on dates.) If that was the case, how come barrierechamberofcommerce.com was renewed and barrierechamber.com was not? Or had they both been expired for several weeks without that fact being noticed, and only barrierechamber.com was snapped up by the new registrant? That’s a question only the Chamber can answer.

Without going further down the investigative rabbit hole, I don’t know if the Barriere Chamber of Commerce owns any other domains (other than the two they have lost and the one they have managed to hold onto), but this is where some professional help would come in handy. It’s all very well to pay some cheap hosting company $4.95 a month for your cheap and nasty website, but if your website and general web presence (in which I’d include your Facebook page) are important to you, why would you not contract with a professional to manage it? Would you manage the plumbing in your house without any professional assistance? Just because you can successfully operate a tap, send an email or type a document in a word processor does not mean you know everything there is to know about managing your plumbing, website or domain properly. I’ve been in the business for twenty years and I’m still learning! Judging by some changes to their website in the last 24 hours it does look like the Chamber might have got some decent advice — especially to do with getting their new domain into the search results to replace the now-compromised domain — but it’s only a start.

Godaddy complicity

It’s usually unbecoming of a company to bad-mouth their competitors, but Godaddy and its founder are big and legitimate targets, quite used to (not shy of and often court) criticism, and not in the least bit threatened by the existence of NinerNet or our calling them out. Godaddy can afford to saturate the market with television advertising featuring sexually suggestive Playboy models; NinerNet, to our chagrin, cannot.

Anyway, Godaddy is well known for engaging in the practice of “Domain name warehousing“. (They’re not the only ones but, as I say, they’re a big target.) Normally when a domain expires and is re-registered by someone else, the WHOIS record changes to reflect this. If you look at the WHOIS information for the domain (fotocuba.com) that I said earlier that I recently acquired, you’ll see the following information:

Creation Date: 10-jan-2016

Since the old registration was allowed to expire completely — i.e., the domain expired, it entered the “redemption grace period” about 45 days later and was deleted by the registrar, it then entered the “pending delete” period about 30 days later, and was finally “dropped” 5 days later by the registry to be re-registered by the first comer — the “creation date” is the start of the new registration of fotocuba.com when I acquired it about a week ago. (There are tools you can use to see a website and domain’s history, including DomainTools.com and the aforementioned Internet Archive Wayback Machine.)

In the case of barrierechamber.com you’ll notice that the “creation date” is still that of when the domain was presumably originally registered by the Barriere Chamber:

Creation Date: 30-nov-2013

How is that if barrierechamber.com has supposedly been allowed to expire and is newly acquired by the current registrant (Al Perkins of Jersey) that the creation date at the registry is still 30 November 2013? This is almost certainly because, as the “Domain name warehousing” article points out, “Instead of letting [some] domains … expire, GoDaddy takes control of … those domains, after the registrant — GoDaddy’s customer — allows them to lapse, even before the end of the redemption period.” (In fact, as barrierechamber.com expired on 30 November 2015, it would have been scheduled to enter the Registration Grace Period on 14 January 2016, the day this story hit the news.) The new registrant then acquired that domain, probably at a premium (i.e., not just the $20 referred to by Downing, but probably less than the $9700 the new registrant wants for it), directly from Godaddy without the domain actually being “dropped” (deleted) by the registry. In other words, as far as the registry is concerned, the current registration is still the same one that began on 30 November 2013, even if the registrant has changed.

Plus I suspect that when someone in Barriere “logged in” one day to see some unexpected skin, they realised what had happened and very quickly paid the redemption fee for barrierechamberofcommerce.com (which was also originally registered on 30 November 2013, but was probably not attractive enough for anyone to acquire as barrierechamber.com was) and got that back online. Crisis averted … almost.

I (and many other people) don’t condone what Godaddy does, but it’s a loophole allowed by the rules dictated by the Internet Corporation for Assigned Names and Numbers, more commonly known as ICANN, which is the organisation ultimately responsible for managing the world’s domains. Godaddy is not the only registrar that takes advantage of this, but combined with all of their other questionable activities, domain registrants and potential domain registrants should think twice before registering domains with them, especially if they (the said registrants, or owners) are not going to pay attention to the expiry dates of their domain — their asset. While I decried laziness and not taking responsibility for your assets near the start of this epistle, smaller companies like NinerNet are more likely to pick up the phone and call you if you’ve let your domain expire, before it’s too late. Godaddy, on the other hand, can’t wait to make a buck from your laziness and inattention.

Without reading Godaddy’s 28-page legal agreement and the 32 other linked documents which are included, there may be happy ending to this for the Chamber. As mentioned above, because barrierechamber.com expired on 30 November 2015 it was scheduled to enter the Redemption Grace Period on 14 January 2016. As such, unless the registrant’s agreement with the registrar legally supersedes the registrar’s agreements with the registry and ICANN (I am not a lawyer and don’t know if it does), the Barriere Chamber may be able to simply pay Godaddy their redemption fee and get their domain back, whereupon Godaddy would refund the new registrant to whom they sold the domain what they paid Godaddy. However, this is based on my broad understanding of the way Godaddy and other registrars handle these types of sales, and information in the “Domain name warehousing” Wikipedia article. Of course, no sane person would ever base a legal action on the contents of a Wikipedia article or a blog post by some stranger on the Internet, but you and the Barriere and District Chamber of Commerce can do what you will with that information.

Lessons to be learned

What can the Barriere and District Chamber of Commerce and the rest of us learn from their unfortunate experience?

  • THINK!: First of all, especially if you’re going to register multiple domains for a single website, come up with a coherent plan for their use and management. Even if you only register one domain, keep a record somewhere — even if it’s a handwritten record in a diary with your family’s birthdays and anniversaries — of the expiry date of your domain.
  • EMAIL ADDRESS: For very good reason and because of poor management of the WHOIS system by ICANN and most registries, it’s not unusual for people to use a throw-away email address — often at some free webmail provider — as the contact address for their domain record. Don’t do that. OK, fine, do that if it’s a personal domain, but don’t do it if your domain is for a company. Create an email address on your own domain (Gmail and Hotmail are *not* going to help you to try to break into that account if an ex-employee set it up, but your hosting company will help the person paying the bills), even if it’s not a primary email address that you use on a daily basis, and create company procedures for you (or a trusted employee) to check on a regular basis. Also, don’t use an email address you get from your ISP (Internet service provider), as the Barriere Chamber is doing. Will you remember to change the email address with your domain registrar when you do something completely unrelated, such as change who supplies your Internet connection?

To be honest, in two decades of registering domains I’ve never received anything of vital importance at the email addresses I and we use in my and our domain registrations that I needed to act on within minutes of receiving the message. If you’re “thinking” as described in the previous point then you don’t need the email reminders that you’ll receive from your registrar but, of course, you should at least be aware of them. But just in case (maybe you lost your list of domain expiry dates in the fire that burnt your office to the ground), you’re checking the email account at least monthly, weeding out all the spam, and saving the important messages related to your domain(s). Some people will argue — correctly to some extent — that you probably shouldn’t use an email address on the domain for which it is the contact address — e.g., you probably shouldn’t use domains@example.com as the contact address for your registration of example.com. This is a good point, but if necessary you can figure out what you should do in this case; for now it’s beyond the scope of this document.

  • COMPANY EMAIL MANAGEMENT: There’s that word “management” again; stuff doesn’t manage itself, no matter what the marketers try to make you believe. How you set up and manage your company email is a whole other post I will write someday, but don’t let your employee Bob Smith at email address bob-smith@example.com register your domain(s) using that email address. When Bob leaves or gets fired, and you delete his email address (you’re not really going to make his replacement, Susan Jones, masquerade as Bob Smith, are you?), guess what? Yes, those domain renewal notices are going to bounce. (And with changes introduced by ICANN a couple of years ago, this will mean your domain will be suspended within a couple of weeks of the first bounce.) Generally speaking, you want to create “role accounts” that will always exist, no matter who is employed at your company. Role accounts look like sales@example.com, info@example.com, and so on. This is essentially what the email address I suggest in the last point is.
  • HIRE PROFESSIONALS: Again, despite what the marketers try to make you believe, sometimes you should get professional advice. Do that. Get paid advice (from someone you trust or from someone to whom you have been referred by someone you trust) on domain, website and email management. If you DIY (do it yourself) because “domains, websites and email aren’t rocket science” and the FAQs on El Cheapo Daddy Hosting Co.’s website will be good enough, you might end up as another case study on some other hosting company’s blog. Oh, and while you’re DIYing, remember to read thoroughly the 28-page legal agreement that links to a further 32 agreements, policies, tips, notices, forms and permissions to make sure you’re aware of just what El Cheapo Daddy Hosting Co. will do with your domain and how much it’s going to cost you if you don’t renew before it expires.
  • REPUTATION: Perhaps this tip won’t apply to you if you’re a serial entrepreneur with dozens of businesses on the go and a workforce big enough to populate a small country, but if you care about your name and reputation and you decide (for one reason or another) that you’re closing down your business (and not selling it) and no longer have a need for your domain, perhaps consider keeping it for a while. (You could also consider selling it to the highest bidder, because it is an asset and might be worth some cash.) You could perhaps keep renewing it a year at a time, or renew it for ten years into the future with a plan to just let it expire at the end of those ten years. The same advice applies if you change the name of your company and your primary domain. If you don’t choose one of those courses of action, you will have no control over who will re-register it after you and what they will do with it. Who might acquire it? Competitors? Enemies? A disgruntled ex-employee or former customer? Pornographers? Shysters?

In short, your domain is a valuable asset. Give it the respect it deserves and manage it properly.

Conclusion

As Hasan Cavusoglu of the UBC’s Sauder School of Business said, “They should have been more careful.” Perhaps some of the information above will help you be more careful about managing your domain asset.

Glossary

None of the terms used above are too esoteric, but when you start talking about registries, registrars and registrants is can be a bit confusing. And what the hell does “WHOIS” really mean anyway? Here’s a quick rundown:

  • Domain: Also known as a “domain name”, a domain is essentially a more memorable string of letters and or numbers which point to a particular computer on the Internet so that you can connect to it, either to view a website stored on that computer or to send email to that computer. Examples include niner.net and barrierechamber.com. You cannot leave one out in the rain.
  • Drop: With a few exceptions, domains don’t suddenly cease to exist on their expiry date any more than the milk in your fridge ceases to exist on its expiry date. No, there is a long, drawn-out and painful process lasting anywhere from days to weeks to months depending on the policies associated with that domain, at the end of which the domain is finally and fully deleted from the registry’s records. This final deletion is referred to as the drop.
  • ICANN: The Internet Corporation for Assigned Names and Numbers is the American organisation ultimately responsible for management and organisation of the Internet, including its system of domains. It delegates much of these responsibilities under contract to registries.
  • Pending delete: This is one of the possible statuses of certain domains — specifically domains such as .com, .net, and .org — after they expire and before they are dropped. It is the last status, lasting about five days, before it is dropped, and the domain cannot be recovered once it is in this status.
  • Pornography: Erotica you don’t like.
  • Redemption Grace Period (RGP): Another status of certain domains — again, specifically domains such as .com, .net, and .org — after they expire and before they are dropped. It starts about 45 days after a domain expires and ends 30 days later when the “pending delete” status starts. During this period you can recover an expired domain, but there is a hefty fee to do so. Before a domain enters the RGP you can usually renew a domain without any fees additional to the usual annual renewal fee. However, some registrars — including, last time I checked, Godaddy — will charge an additional fee even before the RGP starts. This is probably how they make money to subsidise other of their offerings.
  • Registrant: A person or organisation that registers a domain. Many people refer to a registrant as an “owner”, although in some legal jurisdictions it is believed you cannot “own” a domain, only be the registrant of one. In the registry-registrar-registrant hierarchy, a registrant is the lowest, most specific entity.
  • Registrar: A company with which a registrant can register a domain. In many, maybe even most, jurisdictions and top-level domains (a top-level domain is a hierarchy defined by what is to the right of the last dot in a domain — e.g., .com is a top-level domain) there are multiple registrars who compete with one another based on price and additional services offered.
  • Registry: All of the registrars are delegated via contract by the registry, of which there is only one per top-level domain. Put one way, the registry makes sure that there is only one existence of each domain and only one registrant for each domain.
  • WHOIS: Pronounced just like the English phrase “who is”, the WHOIS is a system whereby a database — often of domains and their registrants — can be queried to return information on a domain. What information is returned depends on the policies of the registry and/or registrar queried, but often includes the name and contact information for the registrant, the status of the domain, information on the computers (nameservers) responsible for the domain, the name of the registrar, and dates associated with the domain, not the least of which is the expiry date. You can see examples below.

Current WHOIS records

barrierechamber.com

[16:19:27 leftseat@wrathall ~]$ whois barrierechamber.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: BARRIERECHAMBER.COM
   Registrar: GODADDY.COM, LLC
   Sponsoring Registrar IANA ID: 146
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS09.DOMAINCONTROL.COM
   Name Server: NS10.DOMAINCONTROL.COM
   Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
   Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
   Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
   Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
   Updated Date: 12-jan-2016
   Creation Date: 30-nov-2013
   Expiration Date: 30-nov-2016

>>> Last update of whois database: Fri, 15 Jan 2016 02:47:02 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: barrierechamber.com
Registry Domain ID: 1837475188_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2016-01-12T01:06:42Z
Creation Date: 2013-11-30T22:50:47Z
Registrar Registration Expiration Date: 2016-11-30T22:50:47Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Al Perkins
Registrant Organization:
Registrant Street: Rue de L'Etau
Registrant City: St.Helier
Registrant State/Province: Jersey
Registrant Postal Code: JE2 3WF
Registrant Country: JE
Registrant Phone: +44.1534000000
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: trevmedia@gmail.com
Registry Admin ID: Not Available From Registry
Admin Name: Al Perkins
Admin Organization:
Admin Street: Rue de L'Etau
Admin City: St.Helier
Admin State/Province: Jersey
Admin Postal Code: JE2 3WF
Admin Country: JE
Admin Phone: +44.1534000000
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: trevmedia@gmail.com
Registry Tech ID: Not Available From Registry
Tech Name: Al Perkins
Tech Organization:
Tech Street: Rue de L'Etau
Tech City: St.Helier
Tech State/Province: Jersey
Tech Postal Code: JE2 3WF
Tech Country: JE
Tech Phone: +44.1534000000
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: trevmedia@gmail.com
Name Server: NS09.DOMAINCONTROL.COM
Name Server: NS10.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-15T02:00:00Z < <<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

The data contained in GoDaddy.com, LLC's WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC.  By submitting an inquiry,
you agree to these terms of usage and limitations of warranty.  In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam.  You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes.

Please note: the registrant of the domain name is specified
in the "registrant" section.  In most cases, GoDaddy.com, LLC
is not the registrant of domain names listed in this database.
[18:47:11 leftseat@wrathall ~]$

barrierechamberofcommerce.com

[15:20:55 leftseat@wrathall ~]$ whois barrierechamberofcommerce.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: BARRIERECHAMBEROFCOMMERCE.COM
   Registrar: GODADDY.COM, LLC
   Sponsoring Registrar IANA ID: 146
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS35.DOMAINCONTROL.COM
   Name Server: NS36.DOMAINCONTROL.COM
   Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
   Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
   Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
   Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
   Updated Date: 13-jan-2016
   Creation Date: 30-nov-2013
   Expiration Date: 30-nov-2020

>>> Last update of whois database: Sat, 16 Jan 2016 23:23:11 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: BARRIERECHAMBEROFCOMMERCE.COM
Registry Domain ID: 1837475172_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2015-12-01T11:42:05Z
Creation Date: 2013-11-30T22:50:47Z
Registrar Registration Expiration Date: 2020-11-30T22:50:47Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Lana Laskovic
Registrant Organization: Barriere Chamber of Commerce
Registrant Street: Box 1190
Registrant City: Barriere
Registrant State/Province: British Columbia
Registrant Postal Code: V0E 1E0
Registrant Country: CA
Registrant Phone: 2506729221
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: bcoc@telus.net
Registry Admin ID: Not Available From Registry
Admin Name: Lana Laskovic
Admin Organization: Barriere Chamber of Commerce
Admin Street: Box 1190
Admin City: Barriere
Admin State/Province: British Columbia
Admin Postal Code: V0E 1E0
Admin Country: CA
Admin Phone: 2506729221
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: bcoc@telus.net
Registry Tech ID: Not Available From Registry
Tech Name: Lana Laskovic
Tech Organization: Barriere Chamber of Commerce
Tech Street: Box 1190
Tech City: Barriere
Tech State/Province: British Columbia
Tech Postal Code: V0E 1E0
Tech Country: CA
Tech Phone: 2506729221
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: bcoc@telus.net
Name Server: NS35.DOMAINCONTROL.COM
Name Server: NS36.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-16T23:00:00Z < <<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

The data contained in GoDaddy.com, LLC's WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC.  By submitting an inquiry,
you agree to these terms of usage and limitations of warranty.  In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam.  You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes.

Please note: the registrant of the domain name is specified
in the "registrant" section.  In most cases, GoDaddy.com, LLC
is not the registrant of domain names listed in this database.
[15:23:20 leftseat@wrathall ~]$

barrieredistrict.com

[15:16:34 leftseat@wrathall ~]$ whois barrieredistrict.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: BARRIEREDISTRICT.COM
   Registrar: DROPCATCH.COM 828 LLC
   Sponsoring Registrar IANA ID: 2587
   Whois Server: whois.namebright.com
   Referral URL: http://www.DropCatch828.com
   Name Server: NS1.SEDOPARKING.COM
   Name Server: NS2.SEDOPARKING.COM
   Status: ok http://www.icann.org/epp#OK
   Updated Date: 21-dec-2015
   Creation Date: 17-dec-2015
   Expiration Date: 17-dec-2016

>>> Last update of whois database: Sat, 16 Jan 2016 23:20:38 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: BarrierEDistrict.com
Registry Domain ID: 1988051797_DOMAIN_COM-VRSN
Registrar WHOIS server: whois.NameBright.com
Registrar URL: http://www.NameBright.com
Updated Date: 2015-12-17T00:00:00.000Z
Creation Date: 2015-12-17T19:35:50.000Z
Registrar Registration Expiration Date: 2016-12-17T00:00:00.000Z
Registrar: DropCatch.com 828 LLC
Registrar IANA ID: 2587
Registrar Abuse Contact Email: abuse@NameBright.com
Registrar Abuse Contact Phone: +1.720.496.0020
Domain Status: ok
Registry Registrant ID:
Registrant Name: Yasutaka Sakatani
Registrant Organization:
Registrant Street: uji biwa 3-1-201
Registrant City: uji-shi
Registrant State/Province: Kyoto
Registrant Postal Code: 6110021
Registrant Country: JP
Registrant Phone: +810774340100
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: domain@axelight.co.jp
Registry Admin ID:
Admin Name: Yasutaka Sakatani
Admin Organization:
Admin Street: uji biwa 3-1-201
Admin City: uji-shi
Admin State/Province: Kyoto
Admin Postal Code: 6110021
Admin Country: JP
Admin Phone: +810774340100
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: domain@axelight.co.jp
Registry Tech ID:
Tech Name: Yasutaka Sakatani
Tech Organization:
Tech Street: uji biwa 3-1-201
Tech City: uji-shi
Tech State/Province: Kyoto
Tech Postal Code: 6110021
Tech Country: JP
Tech Phone: +810774340100
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: domain@axelight.co.jp
Name Server: ns1.sedoparking.com
Name Server: ns2.sedoparking.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
http://wdprs.internic.net
--- Last update of WHOIS database: 2016-01-16T11:20:55.368Z ---
[15:20:55 leftseat@wrathall ~]$

fotocuba.com

[17:56:37 leftseat@wrathall ~]$ whois fotocuba.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: FOTOCUBA.COM
   Registrar: DOMAINARMADA.COM LLC
   Sponsoring Registrar IANA ID: 1173
   Whois Server: whois.domainarmada.com
   Referral URL: http://www.networksolutions.com
   Name Server: NS1.NINER.NET
   Name Server: NS2.NINER.NET
   Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
   Updated Date: 11-jan-2016
   Creation Date: 10-jan-2016
   Expiration Date: 10-jan-2017

>>> Last update of whois database: Sun, 17 Jan 2016 02:29:13 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: fotocuba.com
Registry Domain ID: 1993165857_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.domainarmada.com
Registrar URL: http://domainarmada.com
Updated Date: 2016-01-11T01:02:39Z
Creation Date: 2016-01-10T19:19:59Z
Registrar Registration Expiration Date: 2017-01-10T19:19:59Z
Registrar: Domainarmada.com LLC
Registrar IANA ID: 1173
Registrar Abuse Contact Email: abuse@web.com
Registrar Abuse Contact Phone: +1.8773812449
Reseller:
Domain Status: clientTransferProhibited http://icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Administrator
Registrant Organization: NinerNet Communications Company
Registrant Street: 499-1685 H Street
Registrant City: Blaine
Registrant State/Province: WA
Registrant Postal Code: 98230
Registrant Country: US
Registrant Phone: +1.3605194260
Registrant Phone Ext.:
Registrant Fax:
Registrant Fax Ext.:
Registrant Email: domains@ninernet.com
Registry Admin ID:
Admin Name: Domain Administrator
Admin Organization: NinerNet Communications Company
Admin Street: 499-1685 H Street
Admin City: Blaine
Admin State/Province: WA
Admin Postal Code: 98230
Admin Country: US
Admin Phone: +1.3605194260
Admin Phone Ext.:
Admin Fax:
Admin Fax Ext.:
Admin Email: domains@ninernet.com
Registry Tech ID:
Tech Name: Domain Administrator
Tech Organization: NinerNet Communications Company
Tech Street: 499-1685 H Street
Tech City: Blaine
Tech State/Province: WA
Tech Postal Code: 98230
Tech Country: US
Tech Phone: +1.3605194260
Tech Phone Ext.:
Tech Fax:
Tech Fax Ext.:
Tech Email: domains@ninernet.com
Name Server: ns2.niner.net
Name Server: ns1.niner.net
DNSSEC: Unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-01-11T01:02:39Z < <<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

The data in Domainarmada.com's WHOIS database is provided to you by
Domainarmada.com for information purposes only, that is, to assist you in
obtaining information about or related to a domain name registration
record.  Domainarmada.com makes this information available "as is," and
does not guarantee its accuracy.  By submitting a WHOIS query, you
agree that you will use this data only for lawful purposes and that,
under no circumstances will you use this data to: (1) allow, enable,
or otherwise support the transmission of mass unsolicited, commercial
advertising or solicitations via direct mail, electronic mail, or by
telephone; or (2) enable high volume, automated, electronic processes
that apply to Domainarmada.com (or its systems).  The compilation,
repackaging, dissemination or other use of this data is expressly
prohibited without the prior written consent of Domainarmada.com.
Domainarmada.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.
[18:29:27 leftseat@wrathall ~]$

dropcatch828.com

[16:32:18 leftseat@wrathall ~]$ whois dropcatch828.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: DROPCATCH828.COM
   Registrar: TURNCOMMERCE, INC. DBA NAMEBRIGHT.COM
   Sponsoring Registrar IANA ID: 1441
   Whois Server: whois.namebright.com
   Referral URL: http://www.namebright.com
   Name Server: NS1.NAMEBRIGHTDNS.COM
   Name Server: NS2.NAMEBRIGHTDNS.COM
   Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
   Updated Date: 09-oct-2015
   Creation Date: 09-oct-2015
   Expiration Date: 09-oct-2016

>>> Last update of whois database: Sun, 17 Jan 2016 00:57:03 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: DropCatch828.com
Registry Domain ID: 1967207614_DOMAIN_COM-VRSN
Registrar WHOIS server: whois.NameBright.com
Registrar URL: http://www.NameBright.com
Updated Date: 2015-10-09T00:00:00.000Z
Creation Date: 2015-10-09T06:00:00.000Z
Registrar Registration Expiration Date: 2016-10-09T00:00:00.000Z
Registrar: TurnCommerce, Inc. DBA NameBright.com
Registrar IANA ID: 1441
Registrar Abuse Contact Email: abuse@NameBright.com
Registrar Abuse Contact Phone: +1.720.496.0020
Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: dropcatch828.com
Registrant Street: 2635 Walnut Street
Registrant City: Denver
Registrant State/Province: CO
Registrant Postal Code: 80205
Registrant Country: US
Registrant Phone: +1.720.496.0020
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: support@namebright.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: dropcatch828.com
Admin Street: 2635 Walnut Street
Admin City: Denver
Admin State/Province: CO
Admin Postal Code: 80205
Admin Country: US
Admin Phone: +1.720.496.0020
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: support@namebright.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: dropcatch828.com
Tech Street: 2635 Walnut Street
Tech City: Denver
Tech State/Province: CO
Tech Postal Code: 80205
Tech Country: US
Tech Phone: +1.720.496.0020
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: support@namebright.com
Name Server: ns1.namebrightdns.com
Name Server: ns2.namebrightdns.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
http://wdprs.internic.net
--- Last update of WHOIS database: 2016-01-17T12:57:15.634Z ---

namebright.com

[16:57:15 leftseat@wrathall ~]$ whois namebright.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: NAMEBRIGHT.COM
   Registrar: TURNCOMMERCE, INC. DBA NAMEBRIGHT.COM
   Sponsoring Registrar IANA ID: 1441
   Whois Server: whois.namebright.com
   Referral URL: http://www.namebright.com
   Name Server: NS1.NAMEBRIGHTDNS.COM
   Name Server: NS2.NAMEBRIGHTDNS.COM
   Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited
   Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
   Updated Date: 09-apr-2015
   Creation Date: 07-apr-2005
   Expiration Date: 07-apr-2025

>>> Last update of whois database: Sun, 17 Jan 2016 00:57:32 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: NameBright.com
Registry Domain ID: 149835961_DOMAIN_COM-VRSN
Registrar WHOIS server: whois.NameBright.com
Registrar URL: http://www.NameBright.com
Updated Date: 2015-04-09T00:00:00.000Z
Creation Date: 2005-04-07T23:54:15.000Z
Registrar Registration Expiration Date: 2025-04-07T00:00:00.000Z
Registrar: TurnCommerce, Inc. DBA NameBright.com
Registrar IANA ID: 1441
Registrar Abuse Contact Email: abuse@NameBright.com
Registrar Abuse Contact Phone: +1.720.496.0020
Domain Status: clientTransferProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: namebright.com
Registrant Street: 2635 Walnut Street
Registrant City: Denver
Registrant State/Province: CO
Registrant Postal Code: 80205
Registrant Country: US
Registrant Phone: +1.720.496.0020
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: support@namebright.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: namebright.com
Admin Street: 2635 Walnut Street
Admin City: Denver
Admin State/Province: CO
Admin Postal Code: 80205
Admin Country: US
Admin Phone: +1.720.496.0020
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: support@namebright.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: namebright.com
Tech Street: 2635 Walnut Street
Tech City: Denver
Tech State/Province: CO
Tech Postal Code: 80205
Tech Country: US
Tech Phone: +1.720.496.0020
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: support@namebright.com
Name Server: ns1.namebrightdns.com
Name Server: ns2.namebrightdns.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
http://wdprs.internic.net
--- Last update of WHOIS database: 2016-01-17T12:57:46.540Z ---

dropcatch.com

[16:57:46 leftseat@wrathall ~]$ whois dropcatch.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Aborting search 50 records found .....
   Registrar Name: DROPCATCH.COM 1000 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1000.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1001 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1001.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1002 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1002.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1003 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1003.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1004 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1004.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1005 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1005.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1006 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1006.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1007 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1007.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1008 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1008.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1009 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1009.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1010 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1010.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1011 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1011.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1012 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1012.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1013 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1013.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1014 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1014.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1015 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1015.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1016 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1016.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1017 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1017.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1018 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1018.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1019 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1019.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1020 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1020.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1021 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1021.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1022 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1022.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1023 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1023.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1024 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1024.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1025 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1025.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1026 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1026.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1027 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1027.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1028 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1028.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1029 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1029.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

   Registrar Name: DROPCATCH.COM 1030 LLC
   Address: 2635 Walnut Street, Denver, CO 80205, US
   Phone Number: 303-893-0547
   Email: support@namebright.com
   Whois Server: whois.namebright.com
   Referral URL: www.DropCatch1030.com
   Admin Contact: Jeffrey Reberry
   Phone Number: 303-478-5206
   Email: jeff@turncommerce.com
   Admin Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com
   Billing Contact: Andrew Reberry
   Phone Number: 303-893-0547
   Email: andrew@turncommerce.com

>>> Last update of whois database: Sun, 17 Jan 2016 01:09:53 GMT < <<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[17:10:15 leftseat@wrathall ~]$

iDNS Canada: Another year, another domain scam

9 January 2016 23:24:31 +0000
iDNS Canada domain name expiration notice.

iDNS Canada domain name expiration notice

Looking very much like the “invoices” sent out years ago by the heavily-fined (and, at various times, suspended by both ICANN and CIRA) so-called Domain Registry of Canada (also known as Internet Registry of Canada, Domain Registry of America, Domain Registry of Europe, NameJuice.com, Brandon Gray Internet Services Inc. and many more), the “not a bill” “domain name expiration notice” received by NinerNet Communications recently reminds us that some people only know how to do business dishonestly — or at the very least on the fringes of legality.

Although it could have been copied, the notice received by us from “iDNS Canada” is almost identical to those of the Domain Registry of America sent out in previous years, and the maple leaf used in the iDNS Canada logo is indeed identical to that used by the Domain Registry of Canada in previous notices.

Let’s analyse a few aspects of this friendly and helpful “domain name expiration notice”:

  • Their website domain on their notice is idns.as, the dot-as country-code top-level domain (ccTLD) being registered to American Samoa, a south Pacific island nation. Trying to load the website at that address results in a redirection to idns.to, the dot-to ccTLD being registered to Tonga, another south Pacific island nation. I suspect they didn’t register a dot-ca domain because they’re not flavour of the month down at CIRA headquarters (assuming a connection, which is not much of a stretch), and might have had their domain suspended in short order had they registered a dot-ca.
  • The footer of their website claims that they are “Internet Domain Name Services Inc.” — a name also used on the return envelope in which you’re supposed to send your cheque (or credit card number) and payment stub. Their contact page (when loaded from a computer in Canada) offers the same box number address in Toronto, Ontario, Canada that is on their notice (delivered to our Canadian address; more on that in a moment), which is located in Bridlewood Mall, where there is a Canada Post outlet hosted by Shoppers Drug Mart offering post office boxes.
  • If you load their contact page from a computer located in the United States (or the United Kingdom, actually), the contact page offers a suite number address at 924 Bergen Avenue in Jersey City, New Jersey, United States of America. A quick check shows this to be a UPS Store, so the “suite number” is also actually a mail box number.
  • On their contact page is an email address on the idnsinc.net domain, which is registered to the same company at the same box number in Jersey City in the US.

There are three notable things about this notice:

  • First of all, the notice refers to ninernet.com, a secondary domain that we use but which is registered to our US address. However, it was sent to our primary Canadian address, which is also on the same contact page on our website as our US and Zambian addresses.
  • As with the almost identical Domain Registry of Canada and Domain Registry of America phoney invoices, the “notice” from iDNS Canada makes reference to another “available” domain (in this case ninernet.BIZ) and invites us to send in payment to register it. However, ninernet.biz is not available; it has been registered by us since 2010. There is no indication on the notice what would happen to this extra money if we decided to send it in to register this additional unavailable domain.
  • Finally, while similar such “notices” in the past have included fine print that authorises the sender to transfer the registration of the domain from under the management of the existing registrar to management by the sender of the so-called solicitation (a process referred to as “domain slamming“), this one doesn’t include any such fine print. In fact, there isn’t even any indication on the “notice” that sending money to iDNS Canada (aka Internet Domain Name Services Inc.) will obligate them to do anything, as they have no way to renew a domain that is not under their control!

So don’t send them money, as you’re almost certainly sending money into a black hole from which you will likely see no service and from which you will probably be unable to retrieve it!

As always, if you receive any kind of communication from a third-party (with whom you don’t already have an established and trusted relationship) about your domain — via postal mail, email, telephone, fax or even smoke signal — be suspicious, be wary. If you’re not sure whether or not it is legitimate, please contact us about it and we will be more than happy to take a look and advise you whether or not it is legitimate.


Yet more problems with dot-zm (Zambian) domains

9 December 2015 14:33:02 +0000

Back on 16 September a client with a dot-zm domain hosted with us came to us with a problem that had started the day before. The majority of this post documents the details of the monumental effort we had to expend to get the domain registrar (Realtime/Hai) and registry (ZICTA, the Zambia Information & Communications Technology Authority) to do their jobs and provide a working domain.

However, the reason for the timing of this post (which we should have made two months ago) is that we are seeing these same problems again with dot-zm domains. Emails sent to existing dot-zm domains, hosted with different hosting companies, are bouncing because these dot-zm domains seem not to exist on the Internet because the dot-zm nameservers are reporting differing, incomplete or even incorrect information for them.

Unfortunately there is nothing that we can do on our servers when ZICTA’s dot-zm nameservers report — incorrectly! — that a dot-zm domain does not exist or directs traffic to the wrong servers.

Our recommendation for years now, due to the shocking unreliability of dot-zm domains, is that you simply should not register dot-zm domains. This seems awfully unpatriotic — after all, you.co.zm is supposed to be a proud acknowledgement of your association with Zambia — but the sad fact of the matter is that your dot-zm domain is actually an embarrassment and a disservice to you, your business and your country.

We have written about this over and over again over the years. Here’s a recap of some of what we’ve written on our blogs (there’s more lost in the mists of time and in emails sent before we set up our corporate and status blogs):

We also have over 50 MB of raw data (some of it compressed) dating back to 2008 documenting problems with dot-zm domains, including all dot-zm domains going down worldwide. It’s the kind of material with which we could write a thesis about TLD mismanagement, if we had the time … but we don’t.

So what happened in September?

Back on 16 September a client with a dot-zm domain hosted with us came to us with a problem that had started the day before. They were suddenly receiving very little email, and they were being told by some of their correspondents that emails sent to their domain were bouncing. Of course, this galvanised us immediately, and we checked all aspects of their domain’s configuration on our nameservers and mail servers. We could find nothing wrong. However, the problem was undeniable; some mail sent to this client’s domain was indeed bouncing.

So we started digging deeper. We found that, without being asked to do so by the domain registrant (our client), the dot-zm domain registry (ZICTA, whose website is again down as I write this) had changed the nameservers of our client’s domain to those of their domain registrar, Realtime Technologies Ltd., now doing business as Hai Alive Telecommunications — whose websites on both of their domains are also down right now. (Seeing a pattern here?) Both the registrar and the registry denied being responsible for changing the nameservers and refused to explain how it happened. The nameservers were changed back to ours, but the problem persisted.

What we found was that the problem was intermittent, hence the fact that some email was getting through and some was being bounced. An intermittent problem is the worst kind of problem because when things are working there is no problem to find, and when things aren’t working you don’t know when the problem will go away and whether or not you’ll find the problem before it disappears. On top of that mail from multiple different and unrelated sources was being bounced, so we couldn’t blame a particular sender’s improperly configured mail server for the problem.

Seeing as the registrar (Realtime/Hai) blamed NinerNet for the problem, and the registry (ZICTA) refused to deal with us, telling us we had to seek help from the registrar (Realtime/Hai) who was too busy blaming us to investigate, some more investigation by NinerNet revealed that one of the six nameservers that run the dot-zm country-code top-level domain (as of today they’re now down to four) was still broadcasting to the world that the authoritative nameservers for the domain were hosted at Realtime/Hai, which was the result of the unauthorised change to the nameservers a couple of days earlier. (One of the six was failing, and one wasn’t providing the information it was supposed to provide, meaning that three of the six nameservers for dot-zm domains were not working properly!)

There was an easy temporary solution to this problem, seeing as ZICTA was being uncooperative: A few keystrokes by someone at Realtime/Hai could have set up the client’s domain on their nameservers, so that when a mail server was incorrectly directed there it would have received the correct information that we would provide to Realtime/Hai. However, Realtime/Hai refused to help unless the client signed a hosting contract with them and paid money up front, despite the fact that the client/registrant had already paid them for a working domain that they expected to work for the entire length of the contract for that domain. This, of course, was an outrageous attempt at extortion and was rejected.

After hammering away at ZICTA for over a week by email (while trying to get Realtime/Hai to take responsibility for addressing the problem, as the domain registrar is supposed to do) and being ignored (including receiving notifications that emails to them had been deleted unread) — except by one person, the head of “Consumer Protection”, who said that he would help me but then also continued to ignore me, never sending me another email again — I finally picked up the phone and eventually (after six tries and being disconnected twice; this is the “Communications Technology Authority”?!) reached a receptionist. (A month earlier when trying unsuccessfully to deal with ZICTA over another issue, the receptionist couldn’t put me through to the person who could help me with my issue because the whole organisation, except apparently the receptionist, was at a staff meeting!) After explaining the situation to the receptionist she stated that I had to deal with Realtime/Hai. After explaining that Realtime/Hai refused to help, she said that she would only continue to talk to me if I would lodge a complaint against Realtime/Hai, so I reluctantly agreed. After being on hold for over ten minutes while she did who knows what, she came back on the line. This time I literally pleaded with her to give me one minute to fully explain the problem and why the problem was caused by ZICTA and how it was within the power of only ZICTA to fix in less than two minutes.

My pleading must have had an effect, as she agreed to put me through to someone else. That person was apparently a “Cyber Security Analyst” with Zambia CIRT (Computer Incident Response Team, whose website is actually up!). I had to actually give him the computer commands to demonstrate the cause and location of the problem. Miraculously he agreed with my assessment — after eight days of banging my head against brick walls, someone finally understood and agreed! — but could do nothing to fix it right away because (although it was nine o’ clock in the morning) the person who was in charge of running the registry back end was not in yet. However, he did assure me that it would be dealt with that day, although it wasn’t until the next day that I finally received written acknowledgement from ZICTA of the problem they had caused, and it was another two days before they fixed it, twelve days after the problem was created!

So, let’s review …

… how a problem with a dot-zm domain is handled by the registry and its registrar, and how long it takes:

  • Day one: Client’s dot-zm domain stops working.
  • It is found that the nameservers for the domain have been changed to use the registrar’s (Realtime/Hai) nameservers instead of NinerNet’s, without the authority of the domain registrant.
  • Nameservers are changed back; registrar (Realtime/Hai) and registry (ZICTA) deny responsibility and refuse to explain.
  • Problem persists.
  • Registrar (Realtime/Hai) refuses to help, attempts to extort money from registrant for services (domain registration) already paid for.
  • Registry (ZICTA) finally responds, refers problem to registrar (Realtime/Hai). Will only address problem with a formal complaint about registrar (Realtime/Hai).
  • After pleading with registry (ZICTA) they relent and refer the matter to a staff member who can help.
  • We have to hold the hand of the person at the registry (ZICTA) to show him how to confirm the nature and location of the problem.
  • Day thirteen: Problem at ZICTA is finally fixed by ZICTA 3 days later, 12 days after they created the problem in the first place.

It is interesting to note that there is almost no information on the ZICTA website about the management of the dot-zm ccTLD (country-code top-level domain; compare that to, for example, the website of Nominet, the organisation that runs the dot-uk ccTLD), and their Facebook page contains nothing but pages and pages of repetitive so-called FAQs about mobile service, and not a single mention (going back to at least the end of 2014) of dot-zm domains and domain registration. Underneath almost all of the posts by ZICTA with FAQs are reams and reams of complaints about how useless ZICTA is and how they do nothing about consumer complaints. See for yourself.

Is there a solution?

Yes, there is. If someone in Zambia cannot be found to provide competent management and direction to ZICTA — and the wherewithal to whip registrars into shape and to educate them on the need to provide customer service without resorting to blaming hosting providers for issues that are demonstrably not theirs — then the job can and should be outsourced to a foreign company with a good track record.

  • Just on the other side of the boerewors curtain is ZADNA, the domain authority of South Africa. I don’t know if they offer their services to other national domain authorities to run their ccTLDs, but they’re doing a decent job of running their own (dot-za), have recently (in the last few years) launched a new competitive domain registration system, and launched the new TLDs dot-capetown, dot-durban and dot-joburg. They’re also the leading contender to run dot-africa, if ICANN ever fixes that mess and launches it.
  • In New Zealand is CoCCA Registry Services (NZ) Limited, with whom ZICTA already has a relationship as they’re using CoCCA’s registry software and have apparently provided some financial consideration for same. As you can see, CoCCA is already running the registries of at least ten TLDs, most of which are those of other small and developing countries.
  • In Canada there is OpenSRS who offer their services to registrars, but who may also be interested in providing service to a ccTLD registry.

In the more immediate term NinerNet has provided, since 2010, the option of registering a dot-zam.co domain — e.g., ninernet.zam.co. We provide it expressly because of the ongoing, years old problems with the management and administration of the dot-zm ccTLD, not to mention the exorbitant cost of dot-zm domains. Instead of registering companyzambia.com (which is probably available, I should point out) you can instead register company.zam.co. It’s the same number of characters as company.com.zm, and only one more than company.co.zm. But more importantly, it’s reliable!

I should point out that we don’t expose the flaws in the dot-zm ccTLD in order to sell dot-zam.co domains; our setting up dot-zam.co is the result of these flaws. If the dot-zm domain system worked properly, we would never have thought to create the dot-zam.co alternative ccTLD, and we’d certainly have no reason to complain. Besides, having been created in 1994, dot-zm had a sixteen-year head start on dot-zam.co! Dot-zam.co is a long way from being a threat to ZICTA and dot-zm.

Finally, you can switch to a new, non-dot-zm domain. Ideally you would never have registered that dot-zm domain in the first place, but it’s an understandable and forgivable mistake. It’s not ideal to switch to a new domain, but where would you be if your domain went down for two weeks and nobody wanted to help you? Here’s how you do it:

  1. Register your new non-dot-zm domain.
  2. Have your hosting provider set up the hosting for it, and create all of the existing email address on your old domain (e.g., phiri@example.co.zm) on the new domain (e.g., phiri@example.zam.co).
  3. Similarly you would upload your existing website to your new domain, reconfigured to use your new domain instead of your old dot-zm domain. (Doing this properly is a little more involved than what I have laid out here and there are options, but it’s very doable and quite straightforward from a technical point of view for a good host that knows what they’re doing.)
  4. Disable your old dot-zm domain and “alias” it to your new domain. This means that all email to your old dot-zm domain is automatically redirected to your new domain, and all traffic to your old dot-zm website is redirected to your website on your new domain, preserving your ranking in the search engines and all existing links to your old dot-zm domain.
  5. Start using your new domain for email by reconfiguring your email program to use the new domain. While your customers and other contacts may still email you at the old dot-zm domain, your replies will come from your new domain and so their future replies will go straight to your new domain. Of course, you would also advise your customers and contacts of your new domain by email and on your website, and in any other ways that you advertise your business.
  6. Keep your old dot-zm domain for at least a year or two, aliased to your new domain. How long you keep your old dot-zm domain is up to you and would depend on a number of factors (we can advise on that), but the good thing is that when (not if) it goes down again, you will use that opportunity to reinforce with your customers and other contacts the importance of using your new domain.

While some less sympathetic hosting companies may charge you for the time involved in making this change (which is actually quite understandable), we will not charge you even one extra ngwee to make this change away from your old dot-zm domain. We also do not charge any extra hosting fees to alias your old dot-zm domain to your new domain. In other words, changing to a new domain will only cost you the price of the new domain.

Appendix

The email below, sent to the person we spoke to at ZICTA (who also seems to be associated with Zambia CIRT) after we finally managed to talk to him, documents the problem experienced by our client with their dot-zm domain. The client’s domain has been redacted for privacy reasons (changed to example.co.zm), as have the names and email addresses of individuals.

From: Craig Hartnett <hxxxxxxx _AT_ niner.net>
To: cxxxxx _AT_ cirt.zm
CC: exxxx.cxxxxxx _AT_ hai-alive.co.zm, exxxx.mxxxx _AT_ hai-alive.co.zm,
     exxxxxx _AT_ rtaa.com.zm, mxxxxxx _AT_ rtaa.com.zm,
     rxxxxx.zxxxx _AT_ hai-alive.co.zm, servicedesk _AT_ hai-alive.co.zm,
     servicedesk _AT_ rtaa.com.zm, cxxxx _AT_ zicta.zm, info _AT_ zicta.zm,
     kxxxxxx _AT_ zicta.zm, nxxxxx _AT_ example.co.zm, ixxxxxx _AT_ jxxxxxxxxx.com
Subject: Problem with example.co.zm domain
Date: Fri, 25 Sep 2015 09:21:22 +0200
Mailer:	Evolution 3.10.4-0ubuntu2
Organization: NinerNet Communications, www.niner.net
Dear Cxxxxx,
Thank-you for taking my call this morning.
As I explained, the nameservers for the dot-zm TLD are not properly
synchronised, and are therefore reporting different nameservers for the
example.co.zm domain. In particular, pch.nic.zm is reporting incorrect
nameservers.
Of course, this results in disruption of the example.co.zm domain, and
this has been the case since at least Tuesday 15 September. At one point
last week the WHOIS showed only Realtime nameservers for the
example.co.zm domain. Realtime claims that this was the result of some
sort of registry activity -- a reset of some sort if I remember
correctly. These were changed back to NinerNet's nameservers but, as I
explained on the phone, one of the dot-zm nameservers is still responding
with Realtime's nameserver instead of NinerNet's.
Realtime have refused to assist thus far -- even though they are the
registrar of this domain -- instead blaming us (NinerNet Communications,
the company hosting the domain) for the problems. However, this is
clearly refuted by the evidence below, which are fresh queries from a
few minutes ago (with date and time stamps) on all of the dot-zm TLD
nameservers.
I have copied this email to all of the people at Realtime who have been
involved thus far, as well as representatives of the registrant of the
domain.
This should take two minutes for someone with access to the pch.nic.zm
nameserver to fix. Please ensure that this is fixed today so that the
registrant of example.co.zm can get back to running their business.
Thank-you.
Craig Hartnett
[00:13:14 leftseat@wrathall ~]$ date -u
Fri Sep 25 07:13:19 UTC 2015
[00:13:19 leftseat@wrathall ~]$ dig example.co.zm ns @hippo.ru.ac.za
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @hippo.ru.ac.za
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63660
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; AUTHORITY SECTION:
co.zm.                  86400   IN      NS      pch.nic.zm.
co.zm.                  86400   IN      NS      ns-zm.afrinic.net.
co.zm.                  86400   IN      NS      ns1.zamnet.zm.
;; ADDITIONAL SECTION:
ns1.zamnet.zm.          86400   IN      A       196.46.192.26
;; Query time: 348 msec
;; SERVER: 146.231.128.1#53(146.231.128.1)
;; WHEN: Fri Sep 25 00:13:28 PDT 2015
;; MSG SIZE  rcvd: 137
[00:13:28 leftseat@wrathall ~]$ dig example.co.zm ns @ns1.coppernet.zm
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @ns1.coppernet.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 17502
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; Query time: 586 msec
;; SERVER: 41.222.240.15#53(41.222.240.15)
;; WHEN: Fri Sep 25 00:13:32 PDT 2015
;; MSG SIZE  rcvd: 43
[00:13:32 leftseat@wrathall ~]$ dig example.co.zm ns @ns1.zamnet.zm
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @ns1.zamnet.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52796
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; AUTHORITY SECTION:
example.co.zm.         86400   IN      NS      ns2.niner.net.
example.co.zm.         86400   IN      NS      ns1.niner.net.
;; Query time: 320 msec
;; SERVER: 196.46.192.26#53(196.46.192.26)
;; WHEN: Fri Sep 25 00:13:38 PDT 2015
;; MSG SIZE  rcvd: 88
[00:13:38 leftseat@wrathall ~]$ dig example.co.zm ns @ns2.zamnet.zm
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @ns2.zamnet.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16638
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; AUTHORITY SECTION:
example.co.zm.         86400   IN      NS      ns1.niner.net.
example.co.zm.         86400   IN      NS      ns2.niner.net.
;; Query time: 338 msec
;; SERVER: 196.46.192.21#53(196.46.192.21)
;; WHEN: Fri Sep 25 00:13:42 PDT 2015
;; MSG SIZE  rcvd: 88
[00:13:42 leftseat@wrathall ~]$ dig example.co.zm ns @ns-zm.afrinic.net
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @ns-zm.afrinic.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36928
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; AUTHORITY SECTION:
example.co.zm.         86400   IN      NS      ns1.niner.net.
example.co.zm.         86400   IN      NS      ns2.niner.net.
;; Query time: 310 msec
;; SERVER: 196.216.168.44#53(196.216.168.44)
;; WHEN: Fri Sep 25 00:13:45 PDT 2015
;; MSG SIZE  rcvd: 88
[00:13:45 leftseat@wrathall ~]$ dig example.co.zm ns @pch.nic.zm
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> example.co.zm ns @pch.nic.zm
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37546
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.co.zm.                        IN      NS
;; AUTHORITY SECTION:
example.co.zm.         86400   IN      NS      dns2.hai-alive.zm.
example.co.zm.         86400   IN      NS      dns2.realtime.zm.
example.co.zm.         86400   IN      NS      dns1.hai-alive.zm.
example.co.zm.         86400   IN      NS      dns3.realtime.zm.
example.co.zm.         86400   IN      NS      dns4.realtime.zm.
example.co.zm.         86400   IN      NS      dns1.realtime.zm.
example.co.zm.         86400   IN      NS      dns4.hai-alive.zm.
example.co.zm.         86400   IN      NS      dns3.hai-alive.zm.
;; Query time: 17 msec
;; SERVER: 204.61.216.73#53(204.61.216.73)
;; WHEN: Fri Sep 25 00:13:49 PDT 2015
;; MSG SIZE  rcvd: 214
[00:13:49 leftseat@wrathall ~]$ date -u
Fri Sep 25 07:13:56 UTC 2015
[00:13:56 leftseat@wrathall ~]$
--
NinerNet Communications | Craig Hartnett
* http://www.niner.net | info _AT_ niner.net
Phone: +1 604 630 1772 | +260 21 1 255568 | 1 855 NINERNET

Update, 2016-12-12: Updated link to CoCCA “patrons” page.

Yet another domain registration scam

8 December 2015 21:57:54 +0000

We bring your attention to yet another scam aimed at domain registrants. Of course, there are disclaimers in the faded fine print telling you that this is not an invoice, only a solicitation or proposal, but the email is clearly designed to look like an invoice for the renewal of a supposedly expiring domain registration.

As always, please ignore emails sent to the email address that you use in your domain registration(s) that are not from your domain registrar or registry. (If you’re not clear on the difference between a registrar and a registry — and who yours are for your domain[s] — please ask us.) In fact, we suggest using an email address for your domain registration(s) that you do not use for anything else, so that you can identify emails that are sent as a result of “scraping” your email address from the public WHOIS.

Below is one of the examples of the latest scam that we are seeing. Please note, however, that the apparent sending email (in the “from” field) can and does vary.

From: Domain Service <info@better-fit.com>
To: domains@ninernet.com
Subject: spam-slip.com expiration
Date: Mon, 30 Nov 2015 15:53:16 +0800

ATTENTION: IMPORTANT NOTICE
SEO Domain Registration Company
Notice#: 949540
Date: 11/29/2015

EXPIRATION NOTICE

DOMAIN: spam-slip.com
Notification Purchase Proposal

EXPIRATION PROPOSAL DATE: 12/07/2015

To: Domain Administrator, NinerNet
499-1685 H Street
Blaine
WA, 98230, UNITED STATES

Domain Name:

Registration SEO Period:

Price:

Term:

spam-slip.com 12/21/2015 to 12/20/2016 $64.00 1 Year

SECURE ONLINE PAYMENT

Domain Name: spam-slip.com
Attn: Domain Administrator
This important expiration notification proposal notifies you about the expiration notice of your domain registration for spam-slip.com search engine optimization submission. The information in this expiration notification proposal may contain confidential and/or legally privileged information from the notification processing department to purchase our search engine traffic generator. We do not register or renew domain names. We are selling traffic generator software tools. This information is intended only for the use of the individual(s) named above.
If you fail to complete your domain name registration spam-slip.com search engine optimization service by the expiration date, may result in the cancellation of this search engine optimization domain name notification proposal notice.

PLEASE CLICK ON

SECURE ONLINE PAYMENT

TO COMPLETE YOUR PAYMENT.

Failure to complete your seo domain name registration spam-slip.com search engine optimization service process may make it difficult for customers to find you on the web.
CLICK UNDERNEATH FOR IMMEDIATE PAYMENT
PROCESS PAYMENT FOR
spam-slip.com
SECURE ONLINE PAYMENT

ACT IMMEDIATELY

This domain seo registration for spam-slip.com search engine service optimization notification proposal will expire 12/07/2015.

Instructions and Unsubscribe Instructions:
You have received this message because you elected to receive special notification proposal. If you no longer wish to receive our notifications, pleaseunsubscribe here or mail us a written request to US Main Office: SEO Domain Registration Company, Los Angeles, CA 90036, Email: seodomainregservice@mail.com or Asia Main Office: SEO Domain Registration Company, Shenzhen Futian, Email: seodomainregservice@mail.com. If you have multiple accounts with us, you must opt out for each one individually in order to stop receiving notifications notices. We are a search engine optimization company. We do not directly register or renew domain names. We are selling traffic generator software tools. This message is CAN-SPAM compliant. THIS IS NOT A BILL. THIS IS A NOTIFICATION PROPOSAL. YOU ARE UNDER NO OBLIGATION TO PAY THE AMOUNT STATED UNLESS YOU ACCEPT THIS NOTIFICATION PROPOSAL. This message, which contains promotional material strictly along the guidelines of the CAN-SPAM act of 2003. We have clearly mentioned the source mail-id of this email, also clearly mentioned our subject lines and they are in no way misleading. Please do not reply to this email, as we are not able to respond to messages sent to this address.

If you have any questions about this or any other suspicious email you have received, please let us know.

Phishing warning for domain registrants

31 October 2015 12:38:00 +0000

We’re seeing what appears to be a concerted “phishing” effort aimed at the registrants of domains. To be honest, the first time we saw one of these emails, the allegations it contained made us angry, and we almost fell for it. This is the classic reaction that “phishers” are looking for — anger, or fear — because those emotions will cause the smartest among us to lose control, perhaps for just long enough to do something stupid.

As always, our best advice is to take a moment to calm yourself down and take a critical look at the email that you have received. It is almost certainly fake.

We have received two different versions of these emails for several domains registered to us, and the emails are likely tailored to the registrar with which you have your domain registered. Below are the emails we’ve received, with legitimate email addresses altered to prevent their being automatically harvested by yet more spammers.

Example 1

From: domainabuse _AT_ tucows.com
To: NinerNet Communications
Subject: Domain ADDRESSGAURD.COM Suspension Notice
Date: Mon, 26 Oct 2015 18:46:54 -0700

Dear Sir/Madam,

The following domain names have been suspended for violation of the TUCOWS, INC. Abuse Policy:

Domain Name: ADDRESSGAURD.COM
Registrar: TUCOWS, INC.
Registrant Name: Domain Administrator

Multiple warnings were sent by TUCOWS, INC. Spam and Abuse Department to give you an opportunity to address the complaints we have received.

We did not receive a reply from you to these email warnings so we then attempted to contact you via telephone.

We had no choice but to suspend your domain name when you did not respond to our attempts to contact you.

Click here and download a copy of complaints we have received.

Please contact us by email at mailto:domainabuse _AT_ tucows.com for additional information regarding this notification.

Sincerely,
TUCOWS, INC.
Spam and Abuse Department
Abuse Department Hotline: 480-124-0101

Example 2

From: “TUCOWS, INC.” <domainabuse@tucows.com.org>
To: NinerNet Communications
Subject: Domain GIVE-SPAM-THE-SLIP.COM Suspension Notice
Date: Tue, 27 Oct 2015 21:59:41 -0700

Dear Sir/Madam,

The following domain names have been suspended for violation of the TUCOWS, INC. Abuse Policy:

Domain Name: GIVE-SPAM-THE-SLIP.COM
Registrar: TUCOWS, INC.
Registrant Name: Domain Administrator

Multiple warnings were sent by TUCOWS, INC. Spam and Abuse Department to give you an opportunity to address the complaints we have received.

We did not receive a reply from you to these email warnings so we then attempted to contact you via telephone.

We had no choice but to suspend your domain name when you did not respond to our attempts to contact you.

Click here and download a copy of complaints we have received.

Please contact us for additional information regarding this notification.

Sincerely,
TUCOWS, INC.
Spam and Abuse Department
Abuse Department Hotline: 480-570-6902

The text “Click here and download” was, in all cases, hyperlinked to websites NOT on domains associated with NinerNet or Tucows, the registrar with whom our clients’ domains are registered. You must always take a moment to view (in the status bar of your email program) the URL (address) of the website to which a link will take you, before you click the link.

While the first email was crafted so that it appeared to be sent from domainabuse _AT_ tucows.com — which is a real email address — subsequent messages have arrived from domainabuse@tucows.com.org. Tucows.com.org is not a real domain; however, it does exist as a sub-domain of the com.org domain which, despite how odd it looks, is an actual domain. (It is being “monetised” by its owners, who probably have nothing to do with the spammers/phishers but who have unfortunately set it up in such a way that “tucows.com.org” appears [to both humans and automated anti-spam systems] to be a working domain.) We have configured our mail servers to block messages from the tucows.com.org sub-domain, but if the contact email address for your domain is on a domain we don’t host (e.g., gmail.com, yahoo.com, etc.) then you may still receive these messages. Since tucows.com is a legitimate domain, we cannot block email from it.

As always, if you have any questions about a questionable email that you have received — or one that has made you afraid or angry — please forward it to us and we’ll take a look at it to determine whether or not it is legitimate.


Update, 2015-11-01: Minor corrections, add missing sender email address, add actual domains and remove protection for bogus email address.

Update, 2015-11-03: We’re now seeing these scam emails coming from domainabuse@tucows.com.info, and in this case the “com.info” domain (and any sub-domains) is completely bogus and should be blocked by default to most of our email clients. We checked out what happens when you click the link (don’t try this at home!) and our browser was directed to download a file named “GIVESPAMTHESLIP.COM_copy_of_complaints.pdf.scr”. This is an old trick, naming a file with a “double extension” to try to trick people into opening what they think (in this case) is a PDF file, but which (in this case) is actually (on Windows machines) an executable screensaver file (“.scr”) that can carry a malicious payload. Remember, think before you click!

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all it entails. This includes concomitant industries and activities such as domain registration, SSL/TLS certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc email encryption facebook google happy hosting customers hosting transfer icann invoices iphone kwacha maintenance paying your bill paying your invoice quarterly kwacha rate review rates registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours spam ssl ssl/tls support transparency wordpress zamnet

Resources:

On NinerNet: