Latest news of the domain name industry

Recent Posts

Cloudflare “bug” reveals hundreds of secret domain prices

The secret wholesale prices for hundreds of TLDs have been leaked, due to an alleged “bug” at a registrar.

The registry fees for some 259 TLDs, including those managed by Donuts, Verisign and Afilias, are currently publicly available online, after a programmer used what they called a “bug” in Cloudflare’s API to scrape together price lists without actually buying anything.

Cloudflare famously busted into the domain registrar market last September by announcing that it would sell domains at cost, thumbing its nose at other registrars by suggesting that all they’re doing is “pinging an API”.

But because most TLD registries have confidentiality clauses in their Registry-Registrar Agreements, accredited registrars are not actually allowed to reveal the wholesale prices.

That’s kind of a problem if you’re a registrar that has announced that you will never charge a markup, ever.

Cloudflare has tried to get around this by not listing its prices publicly.

Currently, it does not sell new registrations, instead only accepting inbound transfers from other registrars. Registry transaction reports reveal that it has had tens of thousands of names transferred in, but has not created a significant number of new domains.

(As an aside, it’s difficult to see how it could ever sell a new reg without first revealing its price and therefore breaking its NDAs.).

It appears that the only way to manually ascertain the wholesale prices of all of the TLDs it supports would be to buy one of each at a different registrar, then transfer them to Cloudflare, thereby revealing the “at cost” price.

This would cost over $9,500, at Cloudflare’s prices, and it’s difficult to see what the ROI would be.

However, one enterprising individual discovered via the Cloudflare API that the registrar was not actually checking whether they owned a domain before revealing its price.

They were therefore able to compile a list of Cloudflare’s prices and therefore the wholesale prices registries charge.

The list, and the script used to compile it, are both currently available on code repository Github.

The bulk of the list comprises Donuts’ vast portfolio, but most TLDs belonging to Afilias (including the ccTLD .io), XYZ.com and Radix are also on there.

It’s not possible for me to verify that all of the prices are correct, but the ones that are comparable to already public information (such as .com and .net) match, and the rest are all in the ballpark of what I’ve always assumed or have been privately told they were.

The data was last refreshed in April, so without updates its shelf life is likely limited. Donuts, for example, is introducing price increases across most of its portfolio this year.

XYZ weighs into Epik controversy with .monster fundraising domain

Kevin Murphy, March 21, 2019, Domain Registries

New gTLD registry XYZ.com has set up a domain to help raise money for victims of the terrorist attack in Christchurch, New Zealand last week.

The domain is give.monster. It redirects to a page on Givealittle.co.nz, a Kiwi crowdfunding site, that has so far raised almost NZD 7.8 million ($5.3 million) for the victims of the attack, which killed 50 and injured many more last Friday.

Given the amount of coverage in the New Zealand press, it appears that the fundraising page is legit.

The domain is obviously a reference to Epik.com CEO Rob Monster, who has come in for criticism this week for hosting and sharing the terrorist’s video of the attack, and then suggesting it might be a hoax, as I blogged earlier today.

XYZ is able to create this domain because it is the registry for .monster, a gTLD it acquired last year that is currently slap-bang in the middle of its early access launch period.

Whois records show that the domain was created a little over an hour ago and belongs to XYZ.com LLC.

I learned about it through this comment on DI:

We are sorry to see this in our industry… Please visit http://www.Give.Monster and donate to support victims of the horrific Christchurch shootings. Thank you for your support.

XYZ.com is the registry for .xyz, .college, .rent and other gTLDs. .monster previously belonged to recruitment web site Monster.com.

XYZ reveals .monster gTLD launch dates

Kevin Murphy, February 4, 2019, Domain Registries

XYZ.com has quietly unveiled its launch plan for its recently acquired gTLD, .monster.

General availability, with no eligibility requirements, is due to begin April 1.

The 30-day sunrise period is due to begin in just a couple of weeks — February 18.

.monster was acquired late last year from recruitment web site Monster.com, which had intended to operate it as a dot-brand, for an undisclosed sum.

Before the acquisition closed, Monster and ICANN amended the registry contract to cut the special dot-brand terms that would have removed the need for a sunrise period and would have prevented the domain being sold to regular registrants.

XYZ also intends to run a week-long Early Access Period — where premium prices apply — starting March 21.

I quite like the idea of .monster as an open gTLD.

While it’s certainly not going to perform as well volume-wise as .xyz, say, I can see it fitting nicely into the “quirky” niche occupied currently but the likes of Donuts’ .guru and .ninja — not really viable as standalone TLDs, but decent enough as part of a portfolio.

The company is pitching the TLD as “a domain for creative thinkers, masters of their craft, and modern-day renegades.”

Another bundle of joy for XYZ as Johnson & Johnson throws out the .baby

Kevin Murphy, December 18, 2018, Domain Services

XYZ.com seems to have acquired the .baby gTLD from Johnson & Johnson.

ICANN records show that the .baby registry contract was assigned to the growing portfolio registry November 19.

The news, which has yet to be announced by buyer or seller, arrives four years after J&J paid $3,088,888 for .baby at an ICANN last-resort auction, beating off five other applicants.

.baby is not what you’d call a roaring success. It has about 600 domains under management after almost two years of general availability.

It typically retails for about $80.

While the plan for .baby was to keep it quite tightly controlled, with J&J giving itself broad rights to refuse registration of any domain that did not appear to fit within its family-friendly mission, it does not seem that regime was strictly enforced.

Explain realdonaldtrump.baby

I would expect XYZ, with its come-all attitude to domains, to be even more relaxed about the namespace.

IANA records show that the gTLD under J&J was (and still is) managed by FairWinds, with a Neustar back-end. Neither are typical partners for XYZ, which tends to use CentralNic.

I think this makes it 12 gTLDs for the XYZ stable, including those it runs in partnership. It has 10 listed on its web site and it picked up former dot-brand .monster from Monster.com a couple months back.

J&J also owns the dot-brand .jnj, which has about 100 domains in its zone but no publicly facing web sites to speak of.

Numeric .xyz names plummet despite dollar deal

Kevin Murphy, December 7, 2017, Domain Registries

XYZ.com’s effort to sell over a billion numeric .xyz domains at just $0.65 each does not appear to be gaining traction.

The number of qualifying domains in the .xyz zone file has plummeted by almost 200,000 since the deal was introduced and dipped by over 4,000 since the blanket discount went live.

The $0.65 registry fee applies to what XYZ calls the “1.111B Class” of domains — all 1.111 billion possible six, seven, eight and nine-digit numeric .xyz domains.

These domains carry a recommended retail price of $0.99.

It’s not a promotional price. It’s permanent and also applies to renewals.

Some registrars opted to start offering the lower price from June 1, but it did not come into effect automatically for all .xyz registrars until November 11

The number of domains in this class seems to be on a downward trend, regardless.

There were 272,589 such domains May 31, according to my analysis of .xyz zone files, but that was down to 74,864 on December 5.

On November 10, the day before the pricing became uniform, there were 78,256 such domains. That shows a decline of over 4,000 domains over the last four weeks.

It’s possible that the 1.111B offer is attracting registrants, but that their positive impact on the numbers is being drowned out by unrelated negative factors.

The period of the 200,000-name decline coincides with the massive mid-July junk drop, in which .xyz lost over half of its total active domains due to the expiration of domains registered for just a penny or two in mid-2015.

Many of those penny domains were numeric, due to interest from speculators from China, where such names have currency.

The period also coincides with a time in which XYZ was prohibited from selling via Chinese registrars, due to a problem changing its Real Names Verification provider.

In recent marketing, XYZ has highlighted some interesting uses of 1.111B domains, including a partnership with blockchain cryptocurrency Ethereum.

Other registrants are using the domains to match important dates and autonomous system numbers.

XYZ relaunches .storage with $2,200 price tag

Kevin Murphy, November 8, 2017, Domain Registries

XYZ.com has reopened .storage to registrations with a new, much higher price tag.

A confusingly named “Trademark Holder Landrush” started yesterday and will run for three weeks.

It’s not a sunrise period — .storage already had its ICANN-mandated sunrise under its previous management — and it appears that it’s not actually restricted to trademark holders.

The .storage web site states that “neither registrars nor XYZ will validate trademarks during this period”. The registry says that all strings, including generic words, are available.

It basically appears to be just a way to squeeze a little extra cash out of larger companies and anyone else desperate for a good name.

There are not many registrars carrying the TLD right now, just five brand protection registrars and 101domain.

101domain prices the names at $699.99 with a $1,500 application fee during the trademark landrush.

XYZ says that the regular suggested retail price for .storage will be $79.99 per month which seems to be a roundabout way of saying $948 per year. There’s no option to register for less than a year.

.storage is designed for companies in the data storage and physical storage industries, so adopting a high-price, low-volume business model is probably a smart move by the registry.

It’s a similar model to that XYZ employs in its car-related gTLDs operated in partnership with Uniregistry.

XYZ does not appear to be relying entirely on defensive registrations to make its coin, however.

It’s offering a “complimentary” web site migration service, usually priced at $10,000, that it says can help early registrants switch to .storage in as little as 72 hours with no loss of search engine juice.

.storage was originally owned by Extra Storage Space, a physical storage company, but XYZ acquired the contract for an undisclosed sum in May.

The trademark landrush will be immediately followed by an Early Access Period, during which there will also be a sliding-scale fee (day one will be a whopping $55,000 at 101domain!), before general available starts a month from now.

.xyz back on sale in China

Kevin Murphy, September 25, 2017, Domain Registries

Chinese registrars have started to carry .xyz domains again, about five months after a Chinese government ban.

West.cn and Net.cn are two of the China-based companies that appear to be selling .xyz names at the yuan equivalent of a US dollar, based on a spot check this morning.

West.cn flagged the “restoration” of service on its blog today, saying it was “overjoyed” to resume sales.

XYZ.com revealed back in May that its new gTLD domains were “temporarily” no longer available via Chinese registrars, after the government there suspended its license.

The reason for the suspension has always been a little vague, but the registry told DNW back in May that it related to Real Names Verification.

RNV is the government-mandated identity check that must take place before anyone in China can register and use a domain name.

XYZ had been outsourcing the function to ZDNS, but that relationship fell apart for some reason (rumor has it there was a money dispute) and XYZ decided to switch to Tele-info.

In the interim, Chinese registrars, apparently under order of their government, dutifully stopped carrying .xyz domains.

XYZ also went through ICANN’s Registry Services Evaluation Process to get its move to Tele-info approved at the Registry Agreement level.

The downtime prevented XYZ from masking the precipitous decline in its number of domains under management, which has fallen by over three million since May.

XYZ and the Chinese government have yet to issue statements about the newly reinstated license.

UPDATE 10/10/2017 — XYZ.com got in touch last week to say that .xyz was never “banned” in China.

A spokesperson said in an email: “We had RNV in place with ZDNS and opted to switch. To be compliant with ICANN, we suspended registrations in China.”

He declined to clarify whether the suspension was voluntary or ICANN-mandated.

He also declined to confirm or deny that Chinese registrars been told to suspend .xyz registrations by the government, as local sources have previously told DI and Domain Name Wire.

Other gTLDs owned by other registries have previously obtained Chinese licenses without ICANN first approving their RNV providers.

XYZ slashes $10 million a year from premium stash

Kevin Murphy, September 11, 2017, Domain Registries

XYZ.com has slashed the asking price of a few thousand “premium” .xyz domain names, in some cases by many thousands of dollars.

Overall, it looks like the company has dropped prices by a total of $10.8 million.

At the top end of its reserved list, several single and double-character domains previously priced a $55,000 per year have been reduced to $13,000 per year.

At the lower end, domains previously priced at around $1,300 are now around $300.

Those are the recommended retail prices. Some registrars are offering them with a substantial mark-up.

The reductions affect 2,700 of the domains on XYZ’s premium list, which runs to about 3,075 names in total.

Whereas the previous hypothetical value of the full list was $15.3 million a year, it’s now at $4.4 million a year.

Of course, they’re not worth anything unless somebody is willing to pay the price, and the domains still seem to have end-user price tags on them.

Premium renewal fees have so far proved unpopular in the domain investing community due to the large carrying cost.

XYZ’s full list can be obtained here.

CentralNic extends XYZ deal until 2032

Kevin Murphy, September 7, 2017, Domain Registries

CentralNic and XYZ.com have extended their registry services pact for the next fifteen years, according to CentralNic.

Announcing its first-half 2017 financial results today, CentralNic said the back-end contract has been extended until 2032.

It’s an unusually long duration for a registry services contract, which are usually much more likely to run about five years.

It even lasts 10 years beyond the expiration of XYZ.com’s own ICANN contracts (though renewal of these is a near-certainty).

The deal covers all .xyz domains, as well as all of the other TLDs in XYZ.com’s portfolio. That currently includes the likes of .rent, .storage and .college.

CentralNic said it “will receive a fixed fee based on the volume of .xyz registrations and subscriptions managed” under the new deal.

In a statement to the markets, CEO Ben Crawford said the relationship “has been updated to normalise the Company’s revenues and profits going forward.”

I believe the previous contract contained a per-domain component, which exposed CentralNic’s revenue to .xyz’s erratic pricing-influenced growth trajectory.

.xyz’s zone file has shrunk by a whopping four million domains since this time last year, causing it to lose the crown of highest-volume new gTLD, due to it offering free or almost free domains that expired without renewing after a year.

However, CentralNic disclosed that the proportion of its own wholesale transaction volumes that were renewals (rather than adds and transfers, I assume) was 18% in the first half, up from 2% in the same 2016 period.

For the six months ended June 30, the company had overall revenue of £10.6 million ($13.9 million), up 18.5% year over year.

Its net loss after tax was £619,000 ($810,000), down from £1.3 million. At the EBITDA level, profit was £1.4 million ($1.8 million) compared to $900,000 in H1 2016.

While I still stubbornly think of CentralNic as primarily a registry play, in fact the company now gets about three quarters of its revenue today from its retail registrar division, which contributed just shy of £8 million to the total in H1.

Instra, the Australian registrar it acquired at the end of 2015, contributed £5.83 million.

The wholesale division, registry back-end services — contributed £1.82 million to revenue and £450,000 to EBITDA in the half.

That’s despite CentralNic being the back-end for six of the top 20 new gTLDs by volume — .website, .space, .tech, .site, .online, and .xyz

If we tally up the number of domains in only those six TLDs, we get to about 4.2 million, per their zone files.

The company’s third reporting unit, Enterprise, contributed £800,000 ($1 million) in the half, of which £360,000 ($471,000) came from premium domain sales.

.storage to have pricey second sunrise

The .storage gTLD is to get a second sunrise period after being acquired and repurposed by XYZ.com.

The registry will operate a “Trademark Landrush Period” for three weeks from November 7 as the first stage of .storage’s reboot as an open-to-all gTLD.

It’s not technically a “sunrise” period under ICANN rules — that phase was already completed under previous owner Extra Space Storage — nor is it restricted to trademark owners.

Basically anyone with the money will be able to buy a .storage domain during the period, but at a price.

One registrar is reporting that registrants will have to pay a $1,500 application fee on top of the soon-to-be-standard higher $699-per-year registration fee.

That’s considerably more than most new gTLDs charge during their regular sunrise phases.

There’s no need to own a matching trademark, so neither the registry, registrars or Trademark Clearinghouse have any trademark verification costs to bear.

But that also means anyone can pick up any generic, dictionary .storage domain they want without the need for paperwork. XYZ has previously said that all domains will be available at the same price, regardless of their previous “premium” status.

I can see some intellectual property interests being uneasy with how this relaunch is handling trademarks.

Under its former management, .storage was set to be tightly restricted to the physical and data storage industries, reducing the chance of cybersquatting, so some brands may have avoided the sunrise period.

After the relaunch — general availability starts December 5 — there will be no such restrictions. However, the high price of standard registrations is likely to deter all but the richest or dumbest cybersquatters.

XYZ.com acquired .storage for an undisclosed sum in May. There are currently about 800 domains in the .storage zone file.