Global DNS and Domain Activity Trends in Q2 2024

Keypoints

• NRDs in Q2 2024 rose 2.6% quarter-over-quarter, based on analysis of over 21.5 million domains.
• ccTLD registrations grew 6.6% and NRDs with gTLD extensions rose 1.4, signaling shifting domain usage patterns.
• For gTLDs, .com remained dominant, with .xyz, .shop, .org, and .top trailing; for ccTLDs, .cn led the pack, overtaking .uk from the prior quarter.
• Registrar distribution shows GoDaddy with 17.6% of NRDs; Namecheap ranked second, with Squarespace and Alibaba remaining in the top 10.
• In DNS activity, Google accounted for about 40.6% of MX resolutions over a 365-day window, with Google hosting 15 of the top MX FQDNs.
• An MX domain appeared in over 213.5 million resolutions within the top 100 MX FQDNs, but its mail servers did not; this suggests possible DNS tunneling activity.
• IoCs from 3.3 million malicious domains reveal continued use of popular gTLDs (.com/.org/.net) and ccTLDs (.ru/.cn/.in/.eu); notably, more than 24,000 IoCs used the .to extension, yet only 11 new .to domains were registered in Q2.