Latest news of the domain name industry

Recent Posts

No, CentralNic isn’t the biggest new gTLD back-end

Kevin Murphy, August 17, 2015, Domain Registries

CentralNic’s registry back-end business may have got a big boost by last week’s news that Google has adopted a .xyz domain for its new parent, but it is not yet the biggest back-end provider.

That honor still belongs to Rightside, which currently leads CentralNic by a few hundred thousand names, according to zone files.

When Google started using abc.xyz as the primary domain for its new company last Monday, it caused a sharp spike in .xyz’s daily zone file growth.

The volume-leading new gTLD’s zone had been netting about 3,000 domains per day over the previous week, but that number has risen to almost 8,000 on average since the Google announcement.

While undoubtedly good news for XYZ.com and CentralNic, the growth has not been enough to propel CentralNic into the top-spot just yet.

CentralNic said in a press release today that it currently has 1,444,210 domains, making it the “number one registry backend”.

But according to DI’s numbers, Rightside has at least 1,701,316 domains in new gTLDs running on its back-end.

The CentralNic press release, as well as an earlier piece on The Domains, both cite ntldstats.com as their source.

That site had been listing Donuts as the top new gTLD back-end provider for over a year, with CentralNic in second place.

The problem is that Donuts is not a back-end provider. Never has been.

The portfolio registry disclosed right from the start that it was using Rightside (then Demand Media).

A Donuts spokesperson confirmed to DI today that it still uses Rightside.

The company runs its 190 delegated new gTLDs on Rightside’s back-end. Rightside manages another 39 of its own on the same infrastructure.

Combined, these gTLDs make up 1,701,316 second-level domains, making it the largest back-end registry provider.

After abc.xyz, will Google now switch to .google?

Kevin Murphy, August 12, 2015, Domain Registries

Google provided the new gTLD industry with one of its most prominent endorsements to date when it revealed this week that its new parent company, Alphabet, will use a .xyz domain name.

But it could just be the first move away from traditional TLDs such as .com — its new gTLD .google entered its “general availability” phase today.

Alphabet will be the holding company for Google the search engine provider, as well as many other subsidiaries focused on non-core areas of its business, and will replace Google as the publicly traded entity.

The new company will use abc.xyz as its primary domain.

XYZ.com CEO Daniel Negari told Wired that the move is “the ultimate validation”, and it’s hard to disagree.

Despite this, almost all the coverage in the tech and mainstream media over the last 24 hours has been about the fact that it does not own alphabet.com.

A Google News search for “alphabet.com” today returns over 67,000 results. Refine the search to include “abc.xyz” and you’re left with fewer than 2,700.

This is perhaps to be expected; BMW owns alphabet.com and has told the New York Times it does not intend to sell it. Journalists naturally gravitate towards conflict, or potential conflict.

Some reporters even suggested, with mind-boggling naivety, that Google hadn’t even done the most cursory research into its new brand before embarking on the biggest restructuring in its history as a public company.

But perhaps the reality is a little simpler: owning a .com that exactly matches your brand just isn’t that important any more.

If any company has insight into the truth of that hypothesis, it’s Google.

It should hardly be surprising that Google digs the possibilities offered by new gTLDs — remember, it applied for 101 strings and has 42 of them already delegated.

Its senior engineers have also blogged repeatedly that all gTLDs, including .com, are treated equally by its search algorithms.

Now that it has made the decision to brand its holding company on a new gTLD domain, could we expect it be similarly nonchalant about a switch to .google?

The dot-brand today came out of its pre-launch phase and entered “general availability”, meaning that the gTLD is now free for it to use.

The .google zone file only has a few domains in it at present, so we’re probably not going to see anything deployed there overnight, but I’d be surprised if we have to wait a long time before .google is put to use in one way or another.

The company set up a fleeting April Fool’s Day website at com.google earlier this year.

Google’s application for .google states:

The mission of the proposed gTLD, .google is to make the worldʹs information universally accessible and useful through the streamlined provision of Google services. The purpose of the proposed gTLD is to provide a dedicated Internet space in which Google can continue to innovate on its Internet offerings. The proposed gTLD will augment Googleʹs online presence in other registries, provide Google with greater ability to categorize its present online locations around the world, and in turn, deliver a more recognizable, branded, trusted web space to both the general Internet population and Google employees. It will also generate efficiencies and increase security by reducing Google’s current dependence on third-party infrastructure.

The company has also stated on its Google Registry web site that it intends to use .google, .youtube and .plus “for Google products”.

XYZ buys .security and .protection from Symantec

XYZ.com has added .security and .protection to its portfolio of new gTLDs under a private deal with security software maker Symantec.

Symantec originally applied for both as closed generics, but changed its plans when ICANN changed its tune about exclusive access gTLDs.

The company won .security in an auction against Donuts and Defender Security late last year; .protection was uncontested. It lost auctions for .cloud and .antivirus.

Symantec’s .symantec and .norton, both dot-brands, are currently in pre-delegation testing.

XYZ already owns .college, .rent and of course .xyz.

In other news, Afilias has acquired .promo, which was in PDT with applicant Play.Promo Oy, in a private auction.

UPDATE: A couple of hours after this post was published, XYZ announced it has also acquired .theatre, which will compete with Donuts’ .theater, from KBE gTLD Holding Inc.

.xyz starts to plummet — NetSol freebies to blame?

XYZ.com has been seeing its .xyz zone file shrink rapidly over the last five days, likely as a result of free domains pushed out to Network Solutions customers starting to expire.

DI PRO stats show that .xyz has shrunk by 49,658 domains this week — today at 888,413 names compared to a June 4 peak of 942,927.

It was June 4 last year when the industry become aware that NetSol was automatically pushing .xyz names into the accounts of its existing customers without their explicit consent.

Renewal rates usually do not become clear for 45 days after expiration, due to grace periods, but domains can delete earlier.

On June 9, 2014, one year ago today, .xyz had 87,073 domains in its zone file. It’s difficult to see where a loss of almost 50,000 names this week could come from if not the NetSol freebies deleting.

It is believed that the NetSol giveaway contributed about 350,000 names to .xyz’s zone over the period of its offer.

NetSol has been bundling .xyz renewals — which along with the free year of email and privacy comes to a whopping $57 — when it asks its customers to renewal their matching .com/.net/.org domains.

.xyz likely hasn’t seen the worst of its total shrinkage yet.

When eNom pushed free .info domains into its customers’ accounts about 10 years ago the renewal rate on those names was virtually zero.

ICANN’s new gTLD survey gives new gTLD awareness numbers

ICANN has released the results of a huge survey focusing on awareness and trust in gTLDs new and old.

The headline number is 46% — that’s the how many of the 6,144 international survey respondents said they were aware of new gTLDs.

The respondents were asked this question:

As you may or may not know, new domain name extensions are becoming available all the time. These new extensions are called new gTLDs.

Which of the following new gTLDs, if any, have you heard of? Please select all that apply.

They were presented with a list comprising .email, .photography, .link, .guru, .realtor, .club and .xyz. These were the biggest seven Latin-script new gTLDs when the survey was developed in January.

Tellingly, .email and .link stole the show, with 28% and 24% awareness respectively. The other five options ranged from 13% for .club to 5% for .xyz.

I think the numbers were influenced by some respondents not quite understanding the question. People are familiar with email and with links as internet concepts, which may have swayed the results.

Akram Atallah, president of ICANN’s Global Domains Division, acknowledged this potential problem in ICANN’s announcement last night, saying:

The survey found that domains with an implied purpose and functional associations, such as .EMAIL, were most often recalled by Internet users. While some of the drivers may be linked to familiarity and general association versus awareness of the extension, we believe it’s a signal that people are receptive to the names.

It’s also notable that, almost 15 years after launch, .biz and .info only have 50% awareness, according to the survey. For .mobi. .pro, .tel and .asia, all released between 2004 and 2008, the awareness was at 37%.

It’s not impossible that new 2012 round — which has generated thousands of headlines — has raised more awareness of new gTLDs.

The survey found that 38% of internet users who were aware of new gTLDs have visited a .email web site in the last year. The number was 28% for .link.

The survey also found that 52% of respondents would consider using a new gTLD if they were setting up a web site in the next six months. The number ranged from 40% for .email to 22% for .xyz.

Among the plethora of other findings, the survey discovered that only 92% of internet users have heard of .com.

Go figure.

The entire survey, carried out by Nielsen, can be found here.

UPDATE: This article was substantially revised a few hours after publication to remove references to the numbers being “nonsense”. This was due to my misreading of the survey questionnaire. My apologies for the confusion.

New gTLD phishing still tiny, but .xyz sees most of it

New gTLDs are not yet being widely used to carry out phishing runs, but most such attacks are concentrated in .xyz.

That’s one of the conclusions of the Anti-Phishing Working Group, which today published its report for the second half of 2014.

Phishing was basically flat in the second half of the year, with 123,972 recorded attacks.

The number of domains used to phish was 95,321, up 8.4% from the first half of the year.

However, the number of domains that were registered maliciously in order to phish (as opposed to compromised domains) was up sharply — by 20% to 27,253 names.

In the period, 272 TLDs were used, but almost 54% of the attacks used .com domains. In terms of maliciously registered domains, .com fared worse, with over 62% share.

According to APWG, 75% of maliciously registered domains were in .com, .tk, .pw, .cf and .net.

Both .tk and .cf are Freenom-administered free ccTLDs (for Tokelau and the Central African Republic) while low-cost .pw — “plagued” by Chinese phishers — is run by Radix for Palau.

New gTLDs accounted for just 335 of the maliciously registered domains — 1.2% of the total.

That’s about half of what you’d expect given new gTLDs’ share of the overall domain name industry.

Twenty-four new gTLDs had malicious registrations, but .xyz saw most of them. APWG said:

Almost two-thirds of the phishing in the new gTLDs — 288 domains — was concentrated in the .XYZ registry. (Of the 335 maliciously registered domains, 274 were in .XYZ.) This is the first example of malicious registrations clustering in one new gTLD, and we are seeing more examples in early 2015.

XYZ.com aggressively promoted cheap or free .xyz names during the period, but APWG said that only four .xyz phishing names were registered via freebie partner Network Solutions.

In fact, APWG found that most of its phishing names were registered via Xin Net and used to attack Chinese brands.

But, normalizing the numbers to take account of different market shares, .xyz shapes up poorly when compared to .com and other TLDs, in terms of maliciously registered domains. APWG said:

XYZ had a phishing-per-10,000-domains score of 3.6, which was just slightly above the average of 3.4 for all TLDs, and lower than .COM’s score of 4.7. Since most phishing domains in .XYZ were fraudulently registered and most in .COM compromised, .XYZ had a significantly higher incidence of malicious domain registrations per 10,000 coming in at 3.4 versus 1.4 for .COM.

APWG said that it expects the amount of phishing to increase in new gTLDs as registries, finding themselves in a crowded marketplace, compete aggressively on price.

It also noted that the amount of non-phishing abuse in new gTLDs is “much higher” than the phishing numbers would suggest:

Tens of thousands of domains in the new gTLDs are being consumed by spammers, and are being blocklisted by providers such as Spamhaus and SURBL. So while relatively few new gTLD domains have been used for phishing, the total number of them being used maliciously is much higher.

The number of maliciously registered domains containing a variation on the targeted brand was more or less flat, up from 6.6% to 6.8%.

APWG found that 84% of all phishing attacks target Chinese brands and Chinese internet users.

The APWG report can be downloaded here.

UPDATE: XYZ.com CEO Daniel Negari responded to the report by pointing out that phishing attacks using .xyz have a much shorter duration compared to other TLDs, including .com.

According to the APWG report, the average uptime of an attack using .xyz is just shy of 12 hours, compared to almost 28 hours in .com. The median uptime was a little over six hours in .xyz, compared to 10 hours in .com.

Negari said that this was due to the registry’s “aggressive detection and takedowns”. He said XYZ has three full-time employees devoted to handling abuse.

.xyz dismisses own ads as “puffery”

Kevin Murphy, April 30, 2015, Domain Registries

XYZ.com has dismissed its own claim that .xyz is the “next .com” as “mere opinion or puffery”, in an attempt to resolve a false advertising lawsuit filed by Verisign.

Attempting to get the lawsuit resolved without going to the expense of a full trial, the registry has filed with the court a lengthy, rather self-deprecating deconstruction of its own marketing.

It says among other things that the blog posts and videos at issue are “not statements of fact but rather mere puffery, hyperbole, predictive, or assertions of opinion”.

Verisign sued XYZ and its CEO, Daniel Negari, in December, claiming that the video embedded below reflects “a strategy to create a deceptive message to the public that companies and individuals cannot get the .COM domain names they want from Verisign, and that XYZ is quickly becoming the preferred alternative.”

Last week XYZ filed a motion asking the court to rule on the pleadings only, meaning it would not go to trial. It appears to be an effort by the smaller company to avoid any more unnecessary legal fees.

“Verisign is attempting to litigate XYZ out of business complaining about a vanity video, website blog posts, and opinions stated to a reporter,” the motion says.

The document goes to great lengths to argue that the video, blog posts and interviews given by Negari are not “statements of fact”, but rather mere “hyperbole”.

It even goes to the extent of arguing that its ads make Verisign look good:

XYZ’s claim to be “the next .com” could not plausibly harm Verisign’s commercial interest because the claim reinforces that Verisign’s .COM is the most-popular, most-successful domain. Perhaps consumers think that since .XYZ is the next .COM, they should not buy other new domains. Perhaps consumers buy more .COM domains because XYZ has promoted Verisign as the market leader. But Verisign suffering any injury as a result of XYZ’s statements is implausible.

Some might view the old Honda in the video with the “COM” license plate as trusty and reliable, and the Audi sports car with “XYZ” as high maintenance, impracticable, and too trendy.

Verisign may or may not win the lawsuit, but it does seem to have succeeded in getting XYZ to cut the balls off of its own marketing.

Verisign has not yet filed a response to XYZ’s motion, which will be heard in court May 8.

You can download the PDF of the motion here.

.xyz helps CentralNic double its revenue

Kevin Murphy, April 28, 2015, Domain Registries

CentralNic’s revenue almost doubled in 2014, helped by the launch of new gTLDs.

The UK-based registry today reported annual operating profit of £497,000 ($759,000), down from £694,000 ($1.05 million) in 2013, on the back of revenue up 99% at £6.06 million ($9.25 million).

Billings– money taken but not yet recorded as revenue — was up a whopping 154% at £9.89 million ($15.1 million).

Part of the reason for the growth was the launch of new gTLDs last year.

CentralNic acts as the registry back-end for eight TLDs that launched last year, including runaway volume leader .xyz, which has about 880,000 domains in its zone file today.

Another big contributor was Internet.bs, the Bahamas-based registrar that CentralNic acquired for $7.5 million last year.

The registrar had about 400,000 legacy gTLD domains under management at the end of the year, according to DI’s records.

Both new gTLDs and Internet.bs started contributing to revenue in the second half of the year.

CentralNic also said that its new “enterprise” division, which sells premium domains and offers consulting and software, was a growth factor.

CEO Ben Crawford told the markets that the new gTLD opportunity has so far been “softer” than expected.

Only a small number of retailers received their accreditations from ICANN to sell domains under the new TLDs in 2014, and a lack of public awareness pending the launches of the “superbrand TLDs” such as .google, .apple and .sony, meant that the market for new TLDs in 2014 was softer than had been projected by ICANN and other industry experts. It was essentially limited to domain investors and other early adopters.

Opinion in split in the industry on how much reliance can be put on what Crawford calls “super-brands” to do the heavy lifting when it comes to public awareness of new gTLDs.

New gTLD zones top five million names

Kevin Murphy, April 22, 2015, Domain Registries

There are now more than five million new gTLD domain names live in the DNS.

That’s according to zone files collated by ICANN, which I’m told show 5,002,252 names across the 597 new gTLD registries providing data.

That works out to a mean of 8,378 domains per TLD, a median of 1,254.

The largest zone file is .xyz, with 877,450 names. There’s at least 100 new gTLDs with only one domain in their zones.

Due to the way ICANN’s Centralized Zone Data Service works (or doesn’t work) with access rights expiring on a pretty much daily basis, it’s virtually impossible for a third party such as DI to count up zone file numbers across every new gTLD with 100% daily accuracy.

Today, DI PRO reports a count of 4,999,024 names.

The total number of zone file domains in this post was provided by ICANN, which does not have the same CZDS restrictions as the rest of us.

NetSol’s free .xyz bundle renews at $57

Kevin Murphy, April 13, 2015, Domain Registrars

Network Solutions is charging a total of $57.17 for renewing the .xyz domain names and associated services it gave away for free as part of .xyz’s controversial launch last year.

A little over a year ago, NetSol found controversy when it pushed hundreds of thousands of .xyz domain names into its customers’ accounts without their explicit consent.

The offer, which required customers to opt out if they didn’t want it, included a year of private registration and a year of email.

The move allowed XYZ.com, the .xyz registry, to report itself as the largest new gTLD registry.

It’s been the subject of some speculation how renewals would be treated by NetSol, but now we know.

Customers, at least in cases reported by DI readers, are being sent renewal notices for their .xyz bundles in the same mailshots as for their .com domains.

Clicking the “Renew” button in these emails takes registrants to a NetSol page on which they can select which of their products they would like to renew.

All, including the .xyz products, are pre-selected for renewal but may be deselected.

Pricing is set at $15.99 for the .xyz domain, $15.99 for the private registration and $25.19 for the email service. That’s a total of $57.17.

Here’s a screenshot of the shopping cart with the pricing (I’ve redacted the domain). Click to enlarge.

The original email sent by NetSol to customers last June, said:

We want to show you how much we appreciate your loyalty by rewarding you with complimentary access to a 1-year registration of a .XYZ domain, one of the hottest new domain extensions. .XYZ domains are proving to have broad appeal and also be extremely memorable. In addition to your complimentary domain, you’ll also receive Professional Email and Private Registration for your .XYZ domain – free of charge.

If you choose not to keep this domain no action is needed and you will not be charged any fees in the future. Should you decide to keep the domain after your complementary first year, simply renew it like any other domain in your account.

The fine print read:

Offer applies to first year of new registrations only. The offer is not transferable and is only available to the recipient. After the complimentary first year the .XYZ domain name and its related services shall expire unless you actively renew the .XYZ domain name and its related services at the then-current rates.

Please note that your use of this .XYZ domain name and/or your refusal to decline the domain shall indicate acceptance of the domain into your account, your continued acceptance of our Service Agreement located online at http://www.networksolutions.com/legal/static-service-agreement.jsp, and its application to the domain.

There’s concern from some registrants that customers may renew their .xyz services without really understanding how they ended up in their account in the first place.

.xyz currently has over 857,000 domains in its zone file.

XYZ.com CEO Daniel Negari was recently quoted as saying that roughly 500,000 of those were not freebies.

The company is being sued by .com registry Verisign for using its reg numbers in “false advertising” that seeks to compare .xyz to .com.