Latest news of the domain name industry

Recent Posts

Domain universe grows almost 1% in 2017 despite new gTLD slump

Kevin Murphy, February 16, 2018, Domain Registries

The total number of registered domain names in all TLDs was up 0.9% in 2017, despite a third-quarter dip, according to the latest data compiled by Verisign.

The latest Domain Name Industry Brief, published yesterday, shows that there were 332.4 million domains registered at the end of the year.

That’s up by 1.7 million names (0.5%) on the third quarter and up 3.1 million names (0.9%) on 2016.

Growth is growth, but when you consider that 2015-2016 growth was 6.8%, under 1% appears feeble.

The drag factors in 2017 were of course the 2012-round new gTLDs and Verisign’s own .net, offset by increases in .com and ccTLDs.

New gTLD domains were 20.6 million at the end of the year, down by about 500,000 compared to the third quarter and five million names compared to 2016.

As a percentage of overall registrations, new gTLDs dropped from 7.8% at the end of 2016 to 6.2%.

The top 10 new gTLDs now account for under 50% of new gTLD regs for the first time.

The numbers were primarily affected by big declines in high-volume spaces such as .xyz, which caused the domain universe to actually shrink in Q3.

Verisign’s own .com fared better, as usual, with .net suffering a decline.

The year ended with 131.9 million .com names, up by five million names on the year, exactly offsetting the shrinkage in new gTLDs.

But .net ended up with 14.5 million names, a 800,000 drop on 2016.

In the ccTLD world, total regs were up 1.4 million (1%) quarterly and 3.4 million (2.4%) annually.

Excluding wild-card ccTLD .tk, which never deletes domains and for which data for 2017 was not available to Verisign, the growth was a more modest 0.7 million (0.5%) quarterly and 2.3 million (1.8%) annually.

The DNIB report for Q4 2017 can be downloaded here (pdf).

Active new gTLD domains drop below 20 million

Kevin Murphy, January 10, 2018, Domain Registries

The number of domain names recorded in new gTLD zone files has dipped below 20 million for the first time in 18 months.

The total crossed the milestone in the wrong direction January 1, according to DI’s records.

As of today, there are 19.8 million domains in zone files, down from a peak of 26 million in March 2017.

The count has gone down by about half a million names in the last 90 days, largely as a result of declines in .top, .xyz and .kiwi, which have each recorded six-figure losses.

It’s the first time that the zone files have showed the number of domains going below 20 million since the beginning of June 2016, when XYZ.com sold millions of .xyz domains for a penny each. Most of those names did not renew a year later.

Zone files do not record every domain that has been registered, just those with active name servers. Others may be registered but unused or on hold for various reasons.

SpamHaus ranks most-botted TLDs and registrars

Kevin Murphy, January 9, 2018, Domain Registrars

Namecheap and Uniregistry have emerged as two of the most-abused domain name companies, using statistics on botnet command and control centers released by SpamHaus this week.

SpamHaus data shows that over a quarter of all botnet C&Cs found during the year were using NameCheap as their registrar.

It also shows that almost 1% of domains registered in Uniregistry’s .click are used as C&Cs.

The spam-fighting outfit said it discovered “almost 50,000” domains in 2017 that were registered for the purpose of controlling botnets.

Comparable data for 2016 was not published a year ago, but if you go back a few years, SpamHaus reported that there were just 3,793 such domains in 2014.

Neither number includes compromised domains or free subdomains.

The TLD with the most botnet abuse was of course .com, with 14,218 domains used as C&C servers. It was followed by Directi’s .pw (8,587) and Afilias’ .info (3,707).

When taking into account the relative size of the TLDs, SpamHaus fingered Russian ccTLD .ru as the “most heavily abused” TLD, but its numbers don’t ring true to me.

With 1,370 botnet controllers and about five and a half million domains, .ru’s abused domains would be around 0.03%.

But if you look at .click, with 1,256 botnet C&Cs and 131,000 domains (as of September), that number is very close to 1%. When it comes to botnets, that’s a high number.

In fact, using SpamHaus numbers and September registry reports of total domains under management, it seems that .work, .space, .website, .top, .pro, .biz, .info, .xyz, .bid and .online all have higher levels of botnet abuse than .ru, though in absolute numbers some have fewer abused domains.

In terms of registrars, Namecheap was the runaway loser, with a whopping 11,878 domains used to control botnets.

While SpamHaus acknowledges that the size of the registrar has a bearing on abuse levels, it’s worth noting that GoDaddy — by far the biggest registrar, but well-staffed with over-zealous abuse guys — does not even feature on the top 20 list here.

SpamHaus wrote:

While the total numbers of botnet domains at the registrar might appear large, the registrar does not necessarily support cybercriminals. Registrars simply can’t detect all fraudulent registrations or registrations of domains for criminal use before those domains go live. The “life span” of criminal domains on legitimate, well-run, registrars tends to be quite short.

However, other much smaller registrars that you might never have heard of (like Shinjiru or WebNic) appear on this same list. Several of these registrars have an extremely high proportion of cybercrime domains registered through them. Like ISPs with high numbers of botnet controllers, these registrars usually have no or limited abuse staff, poor abuse detection processes, and some either do not or cannot accept takedown requests except by a legal order from the local government or a local court.

The SpamHaus report, which you can read here, concludes with a call for registries and registrars to take more action to shut down repeat offenders, saying it is “embarrassing” that some registrars allow perpetrators to register domains for abuse over and over and over again.

.club is the bestest new gTLD, .club survey finds

Kevin Murphy, December 21, 2017, Domain Registries

.CLUB Domains has published the results of some research it commissioned into media mentions of new gTLDs that show .club coming out on top.

It’s an interesting new way to compare the relative success of new gTLDs based on usage or eyeballs rather than registration volumes, even if the report has its flaws.

In a blog post, .CLUB chief marketing officer Jeff Sass wrote:

A business will invest their time and money to incorporate a domain name that they trust and value. Their domain becomes an active component of their branding, marketing, and PR activities.

When the press or media picks up announcements and/or writes articles about these businesses, the domain name typically gets mentioned in the articles and press releases. This leads to further awareness, familiarity, and trust built around the domain name extensions that are mentioned most frequently in the press.

The registry paid Meltwater, a media monitoring company, to dig up all the media references to domains using any of the top 10 largest new gTLDs over the first half of the year.

It found that .club had the most mentions both empirically and adjusted for TLD size, and that .club’s media mentions had the most positive slant.

From the report (pdf):

When tracking the number of press impressions (articles) in terms of raw numbers, the top 3 were: .CLUB, with 14,519 impressions; .XYZ, with 10,770 impressions; and .ONLINE, with 9,595 impressions. When looking at the impression data against topline registration numbers, the top 3 TLDs were: .CLUB, with 13.29 impressions for every 1,000 registrations; .ONLINE, with 12.87 impressions for every 1,000 registrations; and .SITE, with 6.55 impressions for every 1,000 registrations. As for positive sentiment, the top 3 TLDs were: .CLUB, with 4,300 articles; .ONLINE, with 2,200 articles; and .XYZ with 2,189 articles.

The definition of “article” used by Meltwater is pretty broad. It’s certainly not looking at only the mainstream media.

The survey included press releases as well as editorial, and seems to include a fair bit of user-generated content, such as posts on Medium.com and Sohu.com, too.

There’s even one “article” cited that is actually just a Kickstarter crowd-funding project page.

The survey also double-counts articles, so if a press release appears on multiple sites, or an article is syndicated to multiple publications, each appearance was counted separately.

One could argue that all of this is a fair enough way to conduct such a survey — .CLUB is looking for evidence of grassroots usage and awareness, not just of coverage by publications with rigorous editorial controls.

And the methodology also called for all articles produced by or written about the registries themselves to be disregarded, presumably reducing the number of hits per registry and the chance of the results being gamed.

But a lot of the 30 articles cited directly in the Meltwater report, particularly those coming out of China, appear to be rather spammy. Others are just odd. Others offer negative views of specific new gTLD domains.

One of them is an inexplicable Chinese translation of a warning about a UK company using a .loan domain to scam people, for example.

Another is a BuzzFeed article from Japan about a fake news site using a .xyz domain to target Koreans.

Other references are so minor that even though Meltwater’s spiders spotted them I doubt many human beings would.

One of .club’s big hits is just a tiny photo credit on an stock image used in a forgettable BuzzFeed listicle, another is the Daily Mail quoting an Instagram post by an American athlete who uses a .club domain in a hashtag, the third is a self-promotional blog post on Medium.com by the owner of minicomic.club.

If these are the most prominent citations Meltwater could dig up over six months, these new gTLDs still have a way to go in terms of awareness.

But my main issue with the research is that it was limited to the top 10 new gTLDs by registration volume: .xyz, .top, .loan, .club, .win, .online, .vip, .wang, .site and .bid.

As we all know by now, there’s a correlation (at least anecdotally) between volume, low price and low quality usage/abuse.

I’d love to see subsequent reports of this nature delve into smaller TLDs, including dot-brands, that may not have as many sales but may have greater engagement and more press coverage.

The full .CLUB/Meltwater report can be found here (pdf).

XYZ junk drop sinks the industry in Q3

Kevin Murphy, December 20, 2017, Domain Registries

The total number of domains registered in the world suffered a rare period of decline in the third quarter, according to Verisign’s latest numbers.

The Q3 Domain Name Industry Brief shows September ended with 330.7 million registered names across all TLDs, a 1.2 million dip on the second quarter.

Year-on-year, there was still growth: 3.7 million domains, or 1.1%.

The shrinkage follows a flat Q2 and a slowing Q1.

The finger of blame can be primarily pointed at .xyz and .top, which lost millions of domains in the quarter due, in .xyz’s case at least, to the expiration of millions of names that had been sold for a penny or two a year earlier.

Not that you’d know this from the DNIB (pdf). For some reason Verisign doesn’t like talking about new gTLD growth rates in its reports, even when they’re going the wrong way.

Verisign’s own .com and .net grew by 1.5 million names to 145.8 million, putting ground between themselves and ccTLDs, which collectively were up by 500,000 names or 0.3% sequentially to 144.7 million.