Latest news of the domain name industry

Recent Posts

New gTLDs and ccTLDs drive domain universe growth

Kevin Murphy, July 12, 2024, Domain Services

The seasonally strong first quarter saw growth return to the domain industry, despite .com’s continuing woes, according to the latest edition of Verisign’s Domain Name Industry Brief.

There were 362.4 million domain registrations across all TLDs at the end of March, up by 2.5 million names or 0.7% from the start of the year, according to the report. Growth over 12 months was 7.5 million or 2.1%.

The growth came in spite of continued shrinkage at Verisign’s own .com and .net. The flagship .com was down from 159.6 million to 159.4 million while .net remained flat at 13.1 million, the DNIB states.

The two TLDs combined lost a total of 0.3 million names over the quarter and 2.3 million names over the year, Verisign said.

ccTLD regs were up to 139.5 million, an increase of 1.2 million or 0.9% from the start of the year and 3.7 million from a year earlier.

Russia’s .ru overtook the Netherlands’ .nl to become fourth largest ccTLD. That’s 6.4 million versus 6.3 million, but Verisign’s methodology sees it count some 770,000 Cyrillic .РФ domains as if they were also .ru.

All of the top 10 ccTLD grew apart from .uk and .it.

New gTLDs also performed strongly, with 33.3 million regs at the end of the quarter, up 1.5 million (4.7%) sequentially and six million (22.1%) year over year.

Perhaps because the raw volume numbers have started make Verisign’s TLDs look terrible in comparison over the last few editions, the DNIB has started reporting an estimated renewal rate for many of the TLDs the DNIB tracks.

As you might expect, the renewal numbers for new gTLDs suck. While established TLDs like .com have the usual mid-70s percent renewal rate, that number plummets to the 20s when you look at big 2012-round TLDs such as .xyz, .online and .top.

.de worst TLD for CSAM — report

Kevin Murphy, April 29, 2024, Domain Registries

Germany’s ccTLD, .de, was the worst in the world for hosting child sexual abuse material last year, according to the latest data from the Internet Watch Foundation, which many registries rely on for helping take down such material.

IWF said it found 802 unique .de domains hosting CSAM in 2023, a 1,995% increase compared to 2022. The second and third worst were .com and .ru, with 744 and 691 domains respectively. IWF noted that CSAM domains in .com were down 10% in the year.

Other TLDs in the top 10 were .cc, the non-DNS .onion, .top, .xyz, .pw, .ws and .net. The fastest-grower was Samoa’s .ws, managed by Global Domains International, which saw an increase to 2,966% to 184 unique domains.

.de was also the worst for commercial CSAM operations, IWF said. It found 783 such sites in 2023, all of which “openly displayed images and videos of child sexual abuse on the homepage”. That number in 2022 was zero, the report says.

Another registrar seemingly vanishes

An accredited registrar appears to have gone bust after its parent company failed.

ICANN has sent a breach notice to Nimzo 98, which while registered as an LLC in the US appears to be Indian-operated, saying the company has not paid its fees and the Compliance folk haven’t been able to reach management since December.

The notice also complains that the company isn’t providing a Whois service as required, which may be a polite way of saying that the entire web site is down — it’s not resolving properly for me.

Digging into the data a little, it seems Nimzo was the in-house registrar of a company called Houm that, according to its press releases, was operating some kind of privacy-oriented social network slash cloud storage service.

Part of Houm’s offering was a personal domain name, which came bundled as part of the monthly service fee.

When Houm seriously started promoting its service last year, it appears to have led to a spike in registrations via Nimzo. Most of its domains were concentrated in new gTLDs such as .live, .xyz, .earth, .world and .space.

Having consistently registered no more than a couple hundred gTLD names per month for years, there was a sudden spike to over 5,000 in July and 12,000 in August, peaking Nimzo’s total domains at 21,000 that month.

But then, in October, the registrar deleted almost all of its names. It went from 21,000 domains under management in August to 190 at the end of October. These were not grace-period deletes, so fees would have been applicable.

Houm’s web site at houm.me also appears inoperable today, showing a server error when I access it, and its Twitter account has been silent since last August.

ICANN has given Nimzo until May 22 to pay up or lose its accrediation.

Epik customer exodus started when Monster quit

Kevin Murphy, April 18, 2023, Domain Registrars

Domain registrants started leaving Epik in droves when CEO Rob Monster quit last year and serious allegations of financial mismanagement emerged, an analysis of the numbers shows.

Epik’s total gTLD domains under management began to free-fall in September 2022, dropping by more than 70,000 by the end of the year, almost all as a result of customers transferring their domains to other registrars.

Data from registry transaction reports I compiled shows Epik peaking at around 808,000 domains across all gTLDs at the end of August, having gone up every month that year.

But DUM started tumbling when Monster quit and customers started reporting problems extracting funds from their accounts in mid-September. Epik dropped to 792,000 domains that month, with 780,000 in October, 767,000 in November and 733,000 at the end of the year.

Transfers from Epik to other registrars also went up in September, almost doubling from the 9,500 domains reported in August to 16,000, a level of customer bleed it maintained until December, when it rocketed up to almost 23,000.

Most of the losses were of course in .com, but .net, .org and .xyz also saw big downsides.

The drop in revenue won’t help the company extract itself from its current dire straits. It’s publicly admitted it’s having difficulty paying its customers, some of whom complain they’re owed tens or hundreds of thousands of dollars.

Epik is facing a customer lawsuit, the prospect of a probe by its local state attorney general over its unlicensed escrow service, and recently had to shut down its unlicensed “insurance” service after a settlement with the Washington state insurance regulator.

Whoever runs its Twitter account has been pointing the finger of blame at Monster, saying the company, which it refers to as “Epik 2.0” is trying to move “out of a monster’s shadow”.

In recent days it’s tweeted reassurances that customers will eventually be made whole, legal threats against Monster (believed to still be non-executive chair) and, yesterday, expressions of a desire to “connect” with Monster and explore “alternative paths”.

.com was a drag on the industry in Q4

Kevin Murphy, March 15, 2023, Domain Registries

The .com gTLD was a growth drag on domain name registrations in the fourth quarter, if the latest figures in Verisign’s Domain Name Industry Brief are to be believed.

The industry closed out 2022 with 350.4 million domains all TLDs that the DNIB tracks (which excludes Freenom’s free ccTLDs), up half a million in the quarter and 8.7 million over the year.

But that was despite Verisign’s own .com, rather than due to it. The DNIB has .com down from 160.9 million to 160.5 million. Sister TLD .net was flat at 13.2 million.

It was left to new gTLDs and ccTLDs to pick up the slack.

ccTLDs accounted for 133.1 million names, up 700,000 sequentially and 5.7 million over the year. New gTLD registrations were up 100,000 sequentially and 2.7 million over the year.

A big driver in ccTLDs was Australia’s .au, where the launch of direct second-level registrations added hundreds of thousands of domains and let the ccTLD kick .xyz out of the top 10 TLDs by volume.

But the report has a pretty big discrepancy that could throw out the ccTLDs number, I believe. For some reason the DNIB has .eu increasing by 300,000 names to 4 million in Q4, which flies in the face of the registry’s own numbers, which have it basically flat at 3.7 million.

sex.xyz sells at $11,000 loss as premium renewal kicks in

Kevin Murphy, January 10, 2023, Domain Sales

The domain sex.com was for many years the most-expensive ever sold, but the outlook might not be so bright for sex.xyz, which may be a bit of a poisoned chalice.

sex.xyz sold at Sedo for $2,150, according to a record that popped up in my feed today. Namebio lists the same price, with a sale date of December 15.

The domain appears to have been sold just one week before it came up for renewal, which would have cost the original registrant an eye-watering $13,000.

According to XYZ, the registry, it had sold in December 2021 for $13,000, and is one of the names listed as having an annual premium renewal the same as the original sale price.

sex.com sold for $13 million in 2006 and held the record for the highest publicized domain sale every, until the crypto guys started throwing their money around a few years back.

The current record is $30 million for voice.com, sold in 2019. The name nfts.com sold for $15 million last year.

Update: this post was updated to correct that it was sex.com that sold for $13 million, not xyz.com.

Stop me if you’ve heard this…

Kevin Murphy, November 30, 2022, Domain Services

The collective noun for wildebeest is “an implausibility”.

In the incredibly unlikely event that you’re ever confronted by a large group of these majestic bovine quadrupeds, that’s how you should describe what you see.

An implausibility of wildebeest.

I tell you this not because it’s relevant to anything else that appears in this article, but because a series of unfortunate and unavoidable circumstances have kept me offline for the last few weeks, and you may find this round-up piece tells you lots of things you already know.

If that’s the case for you, I can only apologize, with the caveat that you probably didn’t know about the wildebeest thing, so at least this post has provided some value.

Let’s start with ICANN, shall we?

My ICANN announcements feed contains 20 unread articles this morning, and as far as I can tell from a cursory glance over the headlines, the Org has done almost nothing of consequence recently.

It’s mostly outreach-this, engagement-that, review-the-other. If official announcements were any guide, ICANN would look like an entity far more concerned with promoting and promulgating its own increasingly debatable legitimacy, rather than doing the stuff it was originally set up to do.

Like new gTLDs, for example…

While ICANN continues to fart around with its working groups and consultations and Dantean layers of bureaucracy, the blockchain/crypto/web3 crowd are continuing to bolster their efforts to eat the Org’s breakfast, lunch and dinner.

Most notably, blockchain-based alt-root naming services including Unstoppable have launched the Web3 Domain Alliance, which, even if it misses its goals, promises to make the next new gTLD round an even bigger litigation clusterfunge than the last.

The alliance intends to among other things “advocate for the policy position that NFT domain registry owner-operators create trademark rights in their web3 TLDs through first commercial use with market penetration.”

In other words, if some well-financed crypto bro creates .example on some obscure blockchain root and gets a little bit of traction, ICANN shouldn’t be allowed to create .example on the authoritative consensus root.

This has the potential to make Jarndyce and Jarndyce look like a parking ticket hearing and I take some comfort from the fact that I’ll most likely be long dead before the lawsuits from the next new gTLD round have all played out.

The Web3 Domain Alliance is promising imminent pledges of support from “web2” companies, and it will be interesting to see if any company in the conventional domain name industry is ready to break ranks with ICANN and sign up.

In actual gTLDs…

Another thing that will likely post-date my death is the launch of the last gTLD from the 2012 application round. Many still lie dormant, but they do still continue to trickle out of the gates.

While I’ve been offline, we’ve witnessed the general availability launch of Google’s .boo and .rsvp — the former criminally missing the increasingly lengthy and bewildering Halloween season and the latter probably a little late for the Christmas party season — while non-profit .kids went GA a couple of days ago.

In the world of ccTLDs…

GoDaddy is formally relaunching .tv, the rights to operate it won in a bidding process earlier this year after incumbent registry Verisign declined to compete.

It’s talking about a “a complete rebrand and marketing makeover”, with a new, very colorful, destination site at TurnOn.tv.

Many years ago, a senior Verisign exec described .tv to me as “better than .com”, and in a world where any shouty teenage pillock can essentially launch their own TV show for the price of an iPhone and broadband connection, that’s probably never been truer.

Meanwhile, Ukrainian ccTLD registry Hostmaster isn’t going to let the little matter of an ongoing Russian invasion interfere with its 30th birthday celebrations and the 12th annual UADOM conference.

It’s being held remotely for obvious reasons. It starts tomorrow, runs for two days, and more details can be found here and here.

In other conference news, NamesCon has also announced dates for its 2023 NamesCon Global conference. According to Domain Name Journal, it will return to Austin, Texas, from May 31 to June 3 next year.

DomainPulse, the conference serving the Germanophone region of Europe (albeit in English), has set its 2023 event for February 6 and 7 in Winterthur, Switzerland.

Scoop of the month…

By far the most interesting article I’ve read from the last month came from NameBio’s Michael Sumner, a reverse-exposé of the successful .xyz domain investor who goes by the name “Swetha”.

This area of the industry is not something I spend a lot of time tracking, but I’ll admit whenever I’ve read about this mononymed India-based domainer’s extensive, expensive .xyz sales, I’ve had a degree of skepticism.

It turns out that skepticism was shared by some fellow industry dinosaurs, so Sumner did the legwork, amazingly and ballsily obtaining Swetha’s Afternic login credentials (with her consent) and hand-verifying years of sales data.

He concluded that the sales she’s been reporting on Twitter are legit, and that she’s a pretty damn good domainer, but understandably could not fully disprove the hypothesis that some of her buyers are .xyz registry shills.

Elliot Silver later got a comment from the registry in which it denied any kind of collusion and implied skepticism was the result of sexism and/or racism, rather than the sketchiness sometimes displayed by anonymous Twitter accounts and the registry itself.

Earnings, M&A, IPOs…

  • The otherwise-consolidating industry is getting its first IPO in some time, with United-Internet pitching a public markets spin-off of its IONOS group, which includes brands such as Sedo and InternetX, to potential investors. DNW pulled out some of the more interesting facts from its presentation.
  • Industry consolidator CentralNic reported a strong Q3, though its growth is no longer dependent on its domain name business.
  • Tucows reported modest growth (pdf) for Q3, hindered by flat-to-down results in its domain name business.
  • GoDaddy, which no longer breaks out numbers for its domains business, reported a billion-dollar quarter.
  • Smaller, faster-growing registrar NameSilo reported turning a loss into a profit in the quarter.
  • In M&A, Namespace, owner of EuroDNS, announced it has acquired fellow German registrar Moving Internet.

And finally…

The DNS turned 35. So that’s nice.

Now, if you’ll excuse me, I have 600 unread emails to deal with…

Alt-root .eth is getting very big, very fast

Kevin Murphy, September 2, 2022, Domain Registries

If .eth was a real domain, it would be the second-largest new gTLD and have more registrations than ccTLDs from nations as large as Spain and Japan, according to the blockchain-based registry.

Ethereum-based alt-root registry ENS Domains today tweeted that it added 301,000 new .eth domains in August, to end the month with a total of 2.17 million names. It said it now has 540,000 registrants.

For context, that’s about 10% of what .com does in a month, and about 75% of monthly registration volume for .xyz, the largest new gTLD.

The total of 2.17 million domains would make .eth bigger than .online, the current second-largest new gTLD, and would put it in the top 10 ccTLDs (of those tracked by DI).

Not bad for a niche product that won’t resolve in most browsers and is chiefly useful for addressing cryptocurrency wallets.

.xyz kicks France out of the top 10 TLDs — Verisign

Verisign is reporting that the total number of registered domains worldwide topped 350 million in the first quarter, under its new reporting methodology.

The company’s latest Domain Name Industry Brief states that there were 350.5 million names across (almost) all TLDs, up by 8.8 million or 2.6% compared to the end of 2021 or 13.2 million (3.9%).

It’s sequential growth well beyond the 3.3 million increase reported in Q4, but the first quarter of any year is usually seasonally strong.

It’s the second DNIB that excludes Freenom’s collection of free TLDs, notably .tk, making comparisons beyond what Verisign itself calculates challenging.

Verisign’s own .com was up from 160 million to 161.3 million domains over the period, while .net was flat at 13.4 million.

Total ccTLD names were up 6 million or 4.7% sequentially to 133.4 million and up 3.1 million or 2.4% year over year.

The top 10 TLDs saw a new entry, with XYZ.com’s .xyz taking the tenth position with 4 million names, kicking out French ccTLD .fr, which has 3.9 million.

.xxx shows up in botnet top-five TLDs for the first time

Kevin Murphy, January 21, 2022, Domain Registries

It is a truth universally acknowledged that the cheaper a TLD, the more likely it is to be abused by bad actors, and that may be what happened to .xxx in the fourth quarter.

SpamHaus listed .xxx as its fourth most-abused TLD for botnet command and control domains in its newly published Q4 statistics, a new entry on the top 20 table that raised researchers’ eyebrows.

From zero, .xxx went up to 223 C&C domains in the period, sandwiched between .ga’s 143 and .xyz’s 396, SpamHaus said. It worked out to 2.4% of .xxx’s active domains, the compamny said.

.com was of course still the runaway leader, with 3,719 C&C domains. .top came in second, with 715 domains.

SpamHaus said:

We don’t often see new TLD entries within the top five of this Botnet C&C Top 20; however, .xxx, an adult TLD, run by registry ICM, has entered at #4. With less than 10,000 active domains but a total of 223 domains associated with botnet C&C activity in Q4 we can only assume that there are problems.

It’s noteworthy because .xxx is not a cheap TLD. With wholesale prices around $60, they usually sell for around $100 a year. Botnet operators, like other types of malefactor, usually choose cheap domains for their activities.

But in 2021 .xxx was celebrating its 10th anniversary, and at least one company was offering names at a .com-equivalent $10 a year, starting in the middle of the year and extending into Q4.

While .xxx registry ICM is now owned by GoDaddy, it was still part of MMX at the time the pricing promotion began.