Domain Report 2025
CZ.NIC, z.s.p.o, is an interest association of legal entities, founded in 1998 by leading providers of Internet services in the Czech Republic. The principal duties and activities of the association include operation of the .CZ domain registry and DNS servers for the .CZ top-level domain (TLD).
The annual domain report is an on-line publication that offers key statistical facts about the status and dynamics of the Czech country-code TLD (ccTLD), which is primarily used by subjects in the Czech Republic – individuals and organisations.
The graphs and tables are organised into several sections illustrating various aspects of the registry and domain operation. Most charts are interactive: additional information can be obtained by placing the mouse cursor over graphical components of such a chart. In multivariate graphs, each variable can be switched off or on by clicking on the corresponding entry in the legend.
Number of domains
By the end of 2025, the number of second-level domains under .CZ reached 1 515 860. While this value indicates a mature and largely saturated market, there was a year-over-year increase of 2.04%.
This growth represents a clear acceleration compared to previous years, when year-over-year increases remained below this level. The overall increase in the number of domains is primarily driven by new registrations and is further supported by sustained renewal activity, which has continued to have a positive effect on the total domain count.
The following chart shows monthly domain registrations during the last four years. While these counts typically follow a double-peaked pattern (usually with a maximum in March, another smaller peak around October or November, and a minimum in June), it was observed that most domain registrations in 2025 occurred in January.
Registrars
The subsequent table on the left and graph on the right illustrate the market shares of the leading registrars and how these are changing. The right-hand column of the table provides an approximate percentage breakdown of parked domains within each registrar’s portfolio. The parked domains were classified using a machine-learning algorithm, which demonstrates 92% accuracy on the training data.
| Registrar | Domains | Parked (%) |
|---|---|---|
| WEDOS | 340 553 | 5,22 |
| INTERNET-CZ | 326 623 | 8,97 |
| ACTIVE24 | 192 032 | 32,95 |
| WEBGLOBE | 144 135 | 16,89 |
| GRANSY | 138 264 | 12,18 |
| other | 129 827 | 10,72 |
| ZONER | 64 486 | 5,53 |
| MEDIA4WEB | 56 233 | 5,54 |
| WEB4U | 42 962 | 28,47 |
| THINLINE | 39 833 | 33,38 |
| WEBSUPPORT | 22 708 | 47,63 |
| TELE3 | 18 015 | 12,79 |
The data show a highly concentrated registrar market, with WEDOS and INTERNET-CZ jointly managing a substantial share of all registered domains. While most leading registrars maintain portfolios dominated by actively used domains, there are notable differences in the proportion of parked domains across providers. Several registrars exhibit relatively low levels of parked domains, whereas others show significantly higher shares, indicating varying customer profiles and registration strategies.
Domain Auctions
In 2025, CZ.NIC successfully operated the Domain Auctions service for a second year, enabling non-renewed .CZ domains to re-enter the domain space. In the past, most attractive non-renewed domains were subject to fights, that were, because of technical and administrative limitations of the registry, accessible only to a handful of interested parties. For this reason, CZ.NIC decided to open the market for non-renewed domains to everyone and offer them via the Domain Auctions service. The following graph indicates that 5 387 .CZ domains were auctioned in 2025 out of a total of 162 830 domains that were put up for auction, representing an average of 3.31% of domains auctioned.
The bar chart shows that in 2025 an average of 167 active bidders participated in the auctions each month. Over the entire year, a total of 1 241 unique bidders took part in the auctions. This suggests that while a core group remained consistently active throughout the year, the service also continued to attract new bidders.
Finally, it should also be noted that the auctions significantly reduced traffic on EPP (Extensible Provisioning Protocol). EPP requests are messages sent by domain registrars to the registry for the purpose of managing registry objects. Before the auctions, a significant share of this traffic was caused by requests for availability of expiring domains, that were used in fights for these domains. After the auctions were introduced, these types of requests dropped sharply. As a result, CZ.NIC was able to increase the minimum number of free queries for registrars, regardless of the number of domains they manage.
Web Contents
The following bar charts show the results of an automatic classification of all second-level domains according to the contents of their “home” web pages. A machine learning algorithm was applied to the source data provided by DNS crawler as of December 24, 2025. See ADAM Report 2/2020 for details.
The first graph gives a baseline classification into seven classes. Ordinary domains denote all domains that do not fall into one of the other six categories. A detailed breakdown of this category into subcategories with specific contents is shown in the second graph.
As demonstrated in the following graph, the classification results indicate that, in comparison with the previous year, there was a 2.26 percentage point decrease in domains with no content and a 3.30 percentage point increase in domains without any text content. The number of parked domains has decreased by almost 3 percentage points. The numbers of domains with HTTP errors, those available for purchase, and those categorised as ‘Others’ showed only minimal changes.
The number of ordinary domains with content has increased, but this increase is exclusively limited to e-shops and private sites. The number of domains containing other kinds of content has either decreased or changed minimally.
Domain Geography
Each domain is registered for a specific domain holder, either an individual or a legal entity. Obviously, most of the .CZ domains (1 384 944, i.e. 91.36%) have holders with Czech addresses. The following table and map show their distribution among the 14 regions of the Czech Republic, as well as the number of domains per 100 citizens.
In comparison to the previous year, all regions recorded increases in domain registrations. The total number of .CZ domains in Praha rose to 433 142, an increase of 9 220 domains (+2.17%). Among smaller regions, the highest relative growth was observed in Královéhradecký (+4.30%), followed by Jihočeský and Olomoucký (both +3.35%), and Jihomoravský and Zlínský (approximately +3.20%). Other regions also recorded increases: Plzeňský (+2.98%), Karlovarský (+2.94%), Liberecký (+2.61%), Moravskoslezský (+2.62%), Středočeský (+2.43%), Pardubický (+2.42%), while Ústecký (+2.03%) and Vysočina (+2.05%) saw comparatively smaller increases. Domains without a clearly identified holder (“Unknown”) declined by 3.76%. Overall, these trends reflect a continued expansion of .CZ registrations across the country.
| Region | Domains | per 100 citizens |
|---|---|---|
| Praha | 433 142 | 32.85 |
| Jihomoravský | 174 862 | 14.69 |
| Středočeský | 149 896 | 10.85 |
| Moravskoslezský | 104 816 | 8.73 |
| Zlínský | 67 819 | 11.64 |
| Jihočeský | 58 768 | 9.13 |
| Ústecký | 53 879 | 6.56 |
| Královéhradecký | 53 465 | 9.69 |
| Pardubický | 52 736 | 10.11 |
| Olomoucký | 49 128 | 7.77 |
| Plzeňský | 49 004 | 8.32 |
| Vysočina | 40 248 | 7.89 |
| Liberecký | 40 196 | 9.07 |
| Karlovarský | 16 985 | 5.77 |
| Unknown | 40 000 | – |
The share of domains held by foreign holders is currently 8.64%. The distribution of domains among the top ten countries of their domicile is shown in the table below.
| Country | Domains | ||
|---|---|---|---|
|
Slovakia | 29 922 | 29922 |
|
United States | 25 094 | 25094 |
|
Germany | 15 244 | 15244 |
|
Poland | 8 032 | 8032 |
|
United Kingdom | 6 450 | 6450 |
|
France | 4 725 | 4725 |
|
Netherlands | 4 078 | 4078 |
|
China | 3 732 | 3732 |
|
Ukraine | 3 332 | 3332 |
|
Bulgaria | 3 241 | 3241 |
| Other | 26 927 | 26927 |
It is noteworthy that the number of domains held by US registrants is in decline, although they still represent a significant share of total holders. German-held domains experienced a period of growth that was comparable to that of the US domains. Their numbers have now decreased, though at a much slower pace than those of US holders, reflecting a relatively stable trend. Domains held by Chinese registrants have been in decline for the third consecutive year. In contrast, the number of domains held by Slovak and Polish registrants has been steadily increasing. We’ve also seen a notable increase in domains held by Ukrainian registrants.
The worldwide distribution of .CZ domain holder addresses is shown in the following zoomable map. While the majority of holders are concentrated in Western Europe and the USA, .CZ domains are registered by holders across all continents.
Domain Names
Each second-level domain in the .CZ registry is identified by a
unique label (the part before .cz). According to
the CZ.NIC Registration Rules (section
4.6), labels must comply with all requirements listed there, which
restrict the character set to upper- and lower-case English letters,
digits, and the hyphen (“-”), and limit the label length to 63
characters. The distribution of label lengths is shown in this
histogram:
It should be noted that currently, 100% of two-character domains and 38% of three-character domains have already been registered. It is evident that excessively long domain names can be inconvenient, and therefore, only six of the .CZ domains have labels that extend to the maximum length.
DNS Traffic
CZ.NIC currently operates 63 physical DNS servers for the .CZ zone, distributed in 26 locations in 15 countries of all continents except Antarctica. The count of servers has been reduced since 2020, mainly due to the deployment of XDP that considerably increases the DNS server performance, allowing for increased capacity while simultaneously reducing the number of servers.
On the average, the servers are queried by 1.83 million distinct resolvers every day that send around 26.5 thousand DNS queries per second (QPS). The resolvers’ requests are delivered to the “closest” server based on IP anycast routing configuration. The resulting global communication pattern is depicted in the following diagram showing average QPS distribution from top-15 countries in 2025. The chart on the left-hand side displays the countries, while the right-hand side shows the server locations to which their traffic is directed. The connections are visualised using a Sankey diagram, which represents flows between categories with links whose thickness reflects the amount of traffic. It is clear how traffic is distributed and which routes carry the largest volumes (e.g. traffic from the Czech Republic is directed to the server in Prague; traffic from the USA is directed to servers located mainly in Reston and Seattle; or traffic from Germany is directed to the server in Frankfurt).
The following graph illustrates the evolution of the clients’ average round-trip time (RTT). In the DNS context, RTT refers to the time (typically measured in milliseconds) it takes for a DNS query to travel from the client (or resolver) to the authoritative name server and back with the response. As in previous years, the lowest RTT values are recorded in the Europe zone.
DNS over IPv6
IPv6 adoption in the DNS has several aspects. From a statistical point of view, a significant majority of second-level domains have authoritative DNS servers answering queries on both IPv4 and IPv6, while only 10.90% answer on IPv4-only (and 3.29% of domains have no or unrecognized NS record). As illustrated in the pie chart below, which is based on the latest crawler scanning data as of 24 December 2025:
Between 2024 and 2025, the share of IPv4-only domains decreased slightly by 0.44 percentage points. It appears that the value has been transferred to the share of IPv4+IPv6 domains, which has increased by 0.44 percentage points. The “Unknown” category remained virtually unchanged. Overall, the distribution of protocols has remained very stable.
The following two graphs, however, show that IPv6 is still a minority protocol in the traffic observed on both authoritative servers for .CZ and the public ODVR resolver (retaining shares nearly identical to the previous year).
DNSSEC
DNS Security Extensions (DNSSEC) use public key cryptography for
securing DNS data. In the past fifteen years, CZ.NIC has been investing
a lot of effort into dissemination and actual deployment of DNSSEC in
second-level domains. The .CZ domain was among the first top-level
domains to implement DNSSEC. CZ.NIC also actively encourages
second-level domain administrators to use automatic DNSSEC provisioning
via CDS and CDNSKEY resource records (see RFC 7344 and 8078).
DNSSEC Deployment
The following graph shows the count of DNSSEC-secured second-level domains (blue bars) in comparison to the total count of .CZ domains (black line). The data used reflect the DNSSEC status and the number of registered domains as of the last day of the year.
Following a period of four years during which the number of domains supporting DNSSEC remained relatively stable, with only a slight decrease or increase, both the count of DNSSEC-secured domains (1 012 492) and their relative share (66.79%) saw significant growth of 7.3 percentual point in 2025. This development was influenced by the increased emphasis on DNSSEC support in the registrar certification program.
DNSSEC Algorithms
An important operational aspect of a robust DNSSEC deployment is the selection of a cryptographic algorithm. The following chart shows how the mix of cryptographic algorithms in the .CZ domain evolved since 2008.
The migration away from the once-dominant RSASHA1 and RSASHA1-NSEC3-SHA1 algorithms — both relying on the now-weak SHA-1 hash function — continues steadily, and these algorithms are now nearly extinct in practice. In contrast, more than 76.60% of DNSSEC-signed domains have already transitioned to elliptic curve-based algorithms (primarily ECDSAP256SHA256 and similar)
DANE
DANE (DNS-based Authentication of Named Entities) is a technology that uses the DNS hierarchy together with DNSSEC to validate authenticity of X.509 digital certificates.
Out of 785 453 unique mail servers specified in MX
records for all .CZ second-level domains, 1 121
(0.14%) had a corresponding DANE TLSA
record. Due to the concentration of mail services, the fraction of .CZ
domains using DANE-protected servers is significantly higher:
11.96% (181 260 domains).
As illustrated in the subsequent graph, the number of domains with DANE-protected mail servers (on the prevalent port 25) exhibited a gradual increase during the initial months of 2025. However, this growth trajectory subsequently decelerated, resulting in a slight uptick compared to the early 2024 figures. This development may be attributed to a domain migration to a registrar that does not support DANE.
Server Software
This section illustrates estimated evolution of market shares achieved by various implementations of the most common Internet services – DNS, WWW, and email – based on data obtained by the DNS crawler tool. A caveat of this approach is that the values largely depend on the willingness of server administrators to disclose the correct information.
If a domain uses multiple servers with different implementations of a given server, then the same domain is counted repeatedly for all implementations.
Web Servers
Web services within the .CZ domain are mostly run on Apache and NGINX servers. The following graph indicates that while the Apache has possibly suffered a notable decrease (although apparently in favor of undisclosed web server implementations where Apache quite probably remains implemented), the OpenResty continues to gain ground in 2025.
Mail Servers
Finally, the following graph shows market shares of main mail servers. Of the second-level domains with a detected implementation, most is served by Postfix, although its popularity appears to be slightly declining in the last three years.
It should be noted that for mail and web servers, in most cases, reliable detection of the underlying software is not possible, as server implementations intentionally conceal their identity for security reasons.