.xyz’s first full day of general availability saw it total 31,119 registrations, suggesting that it’s not doing as badly as I suggested in a post earlier today.
Today’s .xyz zone file shows 14,924 names, up 14,829 on the day, but Gavin Brown, CTO of .xyz back-end CentralNic, just commented that the 24-hour number is actually 31,119.
The zone files for each new gTLD are made available by ICANN — assuming the Centralized Zone Data Service is working — at 0100 UTC every day. Brown said that .xyz’s file today was generated an hour later.
That means the 14,924 total represented the first 10 hours of GA, as indicated in my original piece today.
For a new gTLD to sell more domains in the second half of its first GA day than during the first is unusual, because gTLD launches to date have tended to rely quite heavily on pre-orders.
Pre-orders, a decent measure of demand, generally hit the registry within the first few minutes of general availability, as registrars try to secure the names their customers want.
That has the effect of stacking first-day registrations heavily towards the first few hours of GA.
Similarly, TLD Registry’s .在线 moved just shy of 20,000 names in its first 12 hours of general availability, but had sold only 1,000 more names a full 24 hours later.
I didn’t think it unreasonable to assume that .xyz would follow the same pattern, but this front-loading doesn’t seem to have happened in .xyz’s case.
Did I make a faulty assumption?
If registrations are indeed coming in at a more measured pace than preceding launches, then .xyz may not be falling behind CEO Daniel Negari’s aggressive growth targets at all.
Was I wrong to say that .xyz hasn’t lived up to the hype? Maybe. We’ll need some more days of data to be sure.
.xyz sold just shy of 15,000 domain names during its first hours of general availability.
That’s according to zone files released today.
The registry added 14,829 names yesterday, ending the period with 14,924 in its zone, making it the 15th-largest new gTLD by volume, behind the likes of .center, .directory and .solutions.
(UPDATE: see the bottom of this post for important updates on these numbers.)
While it’s a respectable first-day performance — logging more sales that I expected it to — it’s doesn’t look like the registry is going to hit CEO Daniel Negari’s target of a million names in year one.
Earlier this week, Negari enthusiastically blogged, in a post tagged simply “believe”:
There is no doubt in my mind that the growth rate of .xyz will surpass the growth rate of .com. It won’t take us 20 years to reach one million registrations. It will only take 1 year. The growing number of internet users online today, the increasing demand for domain name registrations, and the way we have positioned .xyz all validate this projection. Soon we will see that there is only one competitor to .com, and that is .xyz.
Averaged out over a year, a million registrations is over 2,700 per day, a rate that no other new gTLD registry has managed to sustain to date.
If .xyz follows the path taken by its predecessors, it will probably rack up a thousand or so more names per day for the next few days, likely making it a top-ten new gTLD within a week, before settling down to a comfortable rate of 200 to 300 per day.
So far, .guru (four months old) and .club (one month old) are the only gTLDs with significant volumes that have managed to double their launch-day figures.
.xyz is going to be in desperate need of some more marketing if its wants to get to one million by June 2, 2015.
As I’ve always said, I think .xyz is a tough sell.
As Negari says, the string has “little-to-no meaning”, and the game has always been to brand .xyz as being even more generic than .com.
The registry has attempted to shoehorn it into meanings such as “It is the ending of the alphabet, and it is the ending of domain names” and “Generations X, Y and Z”.
But it seems to be one of those sales pitches you either get or you don’t. I’ve heard it many times, and I still don’t.
So 15,000 names in half a day, by my expectations, is not bad.
However, despite the 15,000 names, we’re talking about a TLD with a sub-.com registry fee, being retailed by some registrars for under $10.
With a million names, that’s a nice little business. Sub-100,000, not so much.
There are plenty of people out there who will immediately say the “success” of new gTLDs in general is a combination of many factors, of which volume is only one, and I agree.
It’s only day one for .xyz, but for a cheap-as-chips gTLD that has explicitly made itself a volume play, I think registration count is a fair way to measure its success going forward.
UPDATE: According to Gavin Brown, CTO of .xyz back-end CentralNic, the number of names in the zone file almost 24 hours after GA began is actually 31,119, over double what the registry sold in the first 10 hours.
ICANN expects its RADAR registrar database to be offline for “at least two weeks” following the discovery of a security vulnerability that exposed users’ login names and encrypted passwords.
ICANN seems to have been quick to act and to disclose the hack.
The attack happened last weekend and ICANN was informed about it by an “internet user” on Tuesday May 27, according to an ICANN spokesperson. RADAR was taken offline and the problem disclosed late May 28.
The spokesperson added that “we do not believe the user is affiliated with a current or previously accredited registrar.”
ICANN isn’t disclosing the nature of the vulnerability, but said RADAR will be offline for some time for a security audit. The spokesperson told DI in an email:
It will be at least two weeks. It is more important to complete a thorough security assessment of the site than to rush this process. First of all, we’re keeping the system offline until we complete a thorough audit of the system. We are also currently engaged in a security review of all systems and procedures at ICANN to assess and implement ongoing improvements as appropriate.
RADAR is a database used by registrars to coordinate stuff like emergency contacts and IP address whitelisting for bulk Whois access.
The downtime is not expected to impact registrants, according to ICANN. The spokesperson said: “Nothing that occurred has raised any concerns that registrants could or would be adversely affected.”
If there’s one thing we’ve learned from the last six months of new gTLDs, it’s that predictions about massive levels of defensive registrations were way off the mark.
New gTLDs are not seeing anywhere near the same numbers of sales during sunrise periods as their predecessors.
I have managed to collate some data that I think gives a pretty accurate picture of how many sunrise registrations are being made and therefore how much new gTLDs are costing trademark owners.
About 128 gTLDs have finished their sunrise periods to date, and I have the sunrise sales figures for 101 of them. All of these numbers were provided by the respective registry operator.
The biggest sunrise, per these numbers, was for .clothing, which had 675 registrations. That’s 5.97% of the 11,301 overall names in the .clothing zone file today, over three months after launch.
At the other end of the scale is شبكة. (“.shabaka” or “.web” in Arabic), which sold just five names during its sunrise, the first of the program, which was restricted to Arabic trademarks.
The total number of sunrise sales across across all 101 gTLDs is 14,567, making for an average of 144.2 domains per new gTLD sunrise.
Sunrise currently accounts for 1.87% of all names in these 101 gTLDs, but that’s an artificially high number because some of the gTLDs I have sunrise numbers for are not yet in general availability.
But compare the real numbers to .co, which sold over 11,000 names at sunrise when it launched in summer 2010, or .xxx, which took 80,000 sunrise applications in late 2011.
Trademark owners are not defensively registering with anywhere near the same fervor as they once did.
If that 144.2 average names holds true for all 128 gTLDs that have completed sunrise, we can approximate that 18,461 names have been sold during sunrise periods to date.
I should point out that I’m assuming in these calculations that all sunrise registrations are “defensive” and that brand owners are not defensively registering during general availability.
Neither of those assumptions will be fully true.
Not all sunrise sales are made to genuine brand owners, of course. Some number of generic dictionary domains have been registered by people who obtained trademarks just in order to get the matching domain.
And only a psychic could know whether a GA registration is “defensive” or not at this stage.
But let’s assume that every sunrise reg went to a genuine brand owner. How much have they had to pay for these names?
It’s difficult to calculate a precise dollar value because each registry has a different pricing scheme and sometimes the price of a name can vary even within a specific given TLD.
I looked to the prices listed at 101domain, which has pretty exhaustive coverage of new gTLDs, for a guide.
The average first-year cost for a sunrise registration in the 75 or so new gTLDs currently being sold to trademark owners at 101domain is a little shy of $165.
Assuming that’s a good guide for pricing in sunrise periods that have already closed, we can calculate that 18,461 names at $165 a pop equals $3,046,089 out of the pockets of trademark owners in the first year.
But the sunrise fees are not the only costs, of course. In order to participate in a sunrise you must first register your mark in the Trademark Clearinghouse.
There are 30,251 marks registered in the TMCH, according to the TMCH itself. At $150 a pop — the minimum you can pay for a TMCH registration — that’s $4,537,650 spent on defensive measures.
Add in the cost of the sunrise registrations and a generous $100,000 to cover the cost of the 50 Uniform Rapid Suspension cases that have been filed to date and the total cost to brand owners so far over the first 128 new gTLDs comes to $7,683,739.
Whether this is “a lot” or not probably depends on your perspective.
It’s certainly not the billions of dollars that were being predicted by some as recently as last year.
In September the Better Business Bureau and the Coalition Against Domain Name Abuse speculated that 600 “open” new gTLDs could lead to $10 billion being spent on defensive registrations.
That statement was made in a press release calling for stronger cybersquatting legislation in the US.
But if 101 open gTLDs leads to $3,046,089 being spent, 600 such gTLDs should lead to a total cost of about $18 million, not including the fixed TMCH costs (which probably won’t grow very fast in future).
That’s not the same ballpark, not the same league, not even the same sport.
ICANN’s database of registrar contact information has been hacked and user data has been stolen.
The organization announced this morning that the database, known as RADAR, has been taken offline while ICANN conducts a “thorough review” of its security.
This action was taken as a precautionary measure after it was learned that an unauthorized party viewed data in the system. ICANN has found no evidence of any unauthorized changes to the data in the system. Although the vulnerability has been corrected, RADAR will remain offline until a thorough review of the system is completed.
Users of the system — all registrars — have had their usernames, email addresses and encrypted passwords compromised, ICANN added.
ICANN noted that it’s possible to brute-force a hashed password into plaintext, so it’s enforcing a password reset on all users, but it has no evidence of any user accounts being accessed.
RADAR users may want to think about whether they have the same username/password combinations at other sites.
RADAR is a database used by registrars in critical functions such as domain name transfers.
Registrars can use it, for example, to white-list the IP addresses of rival registrars, enabling them to execute large amounts of Whois queries that would usually be throttled.
The news follows hot on the heels of a screwup in the Centralized Zone Data Service, which enabled any new gTLD registry to view data belonging to rival registries and other CZDS users.