How To Keep Your Domain Name Searches Safe From Poachers

Belief in conspiracy theories requires a healthy dose of paranoia, and domain name front running (DNFR) – the idea that domain name registrars like Go Daddy or Network Solutions are monitoring your domain name availability queries and registering anything you don’t immediately register yourself – sounds like a presumption of only the most suspicious and mistrustful.

However, evidence suggests that DNFR does in fact occur. Here are a few examples:

  • In 2007, Jonathon Nevett, Vice President of Policy at Network Solutions, stated publicly in reference to DNFR that “the practice certainly exists in the gTLD space.”
  • Ironically enough, in 2008 the same Jonathon Nevett confirmed that Network Solutions was, in fact, front running domain names, although they never admitted wrong-doing and claimed it was for the benefit of their customers.
  • The ICANN Security and Stability Advisory Committee has received many complaints over the years and in October, 2007, they released the ICANN Domain Name Front Running advisory.

The Problem with Domain Name Front Running


So what’s the big deal? When a registrar registers a domain name that you have searched on and believes you are interested in, you are no longer able to purchase the desired domain name for, say, $8. Instead you either must spend whatever price the registrar sets, which likely ranges from $50 to $500, or go back to the drawing board to find a new domain name for your business.

Further, DNFR drives individuals to register domain names as soon as they first query their availability, before a final name decision has been made, just to allow them to maintain the option of using those names. As a result, an individual can end up registering extra names and spending more money than they should have to.

Possible motives for DNFR speak to the unscrupulous nature of the practice. Excerpted from Nominet’s 2007 position paper “Domain Name Front Running: Nominet Experience,” possible motives include:

  1. To extort money from the person who originally intended to register the name by making them pay to get it.
  2. To steal the business idea of the person who originally intended to register the name.
  3. To block or disrupt the business or project of the person who originally intended to register the name.
  4. To utilize the traffic that the name generates.

How Domain Name Front Running Happens


Many domain name registrars – including Moniker and Sedo, for example – maintain their own portfolio of domain names that they monetize with websites, parking or resale. While not illegal to do so, some domainers frown on this practice, arguing that owning domain name portfolios puts registrars in a conflict of interest with their customers who want to potentially purchase the same domain names. And it’s this practice that can lead to DNFR because when registrars are looking for desirable names to add to their portfolios, they have the domain name query data at their disposal.


Front Running Encouraged By Tasting


Up until 2008, domain name “tasting” allowed registrars to register large quantities of domain names, place advertisements and see if they could produce significant revenue, and then drop the ones that were not financially viable.

In 2009, 99.7 percent of domain name tasting came to an end when ICANN announced they had made large-scale domain name tasting financially unviable. (The solution they enacted charges registrars if they return more than a certain number or percentage of domains each month.) This still allows, however, for a small number of domain names to be tasted, which can lead to the unscrupulous practice of DNFR.


How to Avoid Domain Name Front Running


All of this naturally leads to the question, “How can I do a WHOIS lookup but hide my searches from prying eyes?”

The answer involves using your computer’s terminal access that connects directly to registry databases, rather than using a web interface through your computer’s browser (see figure below). By doing that, you bypass the “middleman” registrar.

Prevent Domain Name Front Running (DNFR)

On a Mac or in Linux, do the following:

  1. Open the Terminal application (located at /Applications/Utilities/Terminal.app). For quick access, simultaneously press Command+Space and then type in “Terminal”.

  2. Type “whois query.ext” without quotes, where “query” is the domain and “ext” is the extension. For
    example, type “whois domainsherpa.com” to perform a WHOIS lookup of this website.

  3. Review the output. If the domain is unregistered, it will display, “No match for QUERY.EXT.”

On a Windows-based computer, do the following:

  1. Download Whois v1.01 from Microsoft and open the application.

  2. Type “whois query.ext” without quotes, where “query” is the domain and “ext” is the extension. For
    example, type “whois domainsherpa.com” to perform a WHOIS lookup of this website.

  3. Review the output. If the domain is unregistered, it will display, “No match for QUERY.EXT.”
In a web browser from any computer operating system:

If you don’t want to use command line prompts, at the very least you should query InterNIC, which is operated by ICANN, directly via their website. At InterNIC you can do a WHOIS search for the following TLDs: .aero, .arpa, .asia, .biz, .cat, .com, .coop, .edu, .info, .int, .jobs, .mobi, .museum, .name, .net, .org, .pro, and
.travel.

While the above three procedures do not guarantee that your domain name search will not be tracked, they do make it far less likely.


What Not To Do


According to a blog post by Jay Westerdal in 2007, the worst thing you can do is type your desired domain name into your browser directly to see if it resolves. “Non-eXistent Domain (NXD) Data is a response the DNS system tells the asking computer if resolution on an IP address fails because the domain doesn’t exist. Yes, ISPs [Internet service providers] sell this data,” according to Westerdal. NXD data can be extracted from ISP logs and sold to research companies who can then do domain name front running or sell it to another party who could do domain name front running.

Jay Westerdal also cautions against:

  • Using smaller search engines that are prone to sell any possible data they have to generate revenue,
  • Using browser plugins or extensions that send data through third-party systems, and
  • Using WHOIS lookup services that are not trusted.

Final Tip


Just because the idea of someone monitoring your domain name queries sounds paranoid, that doesn’t mean it’s not happening. My final tip? Buy a domain name of interest as soon as you see it available.


Domain Name Registrars Respond


[Update: 04 April 2011 @ 12:12pm PDT] As the discussion continues both here on DomainSherpa.com and on Hacker News, I decided to ask the domain name registrars mentioned in this article to respond directly to the topic of domain name front running – for the record. Below is my tweet and any responses received from the four registrars mentioned in the article.

domain-name-front-running-domainsherpa

domain-name-front-running-godaddy-response

Moniker.comMason Cole, Vice President at Oversee.net (parent company to Moniker.com), stated in an email to me: “Moniker does not front-run domain names.”


Special Thanks


Thanks to the following domainer for their technical peer review of this article:


Parallel Discussion on Hacker News


domain name front running discussion on Ycombinator Hacker NewsFor those of you who are fans of Hacker News (hackers being those with technical adeptness who find delight in solving problems and challenging limits), a parallel discussion of this article and domain name front running is taking place.

More About…

Keywords:
Companies:
People:

Uniregistry.com Pro Tools

Leave a Reply

Comments should be respectful and on-topic. Read our full comment policy (opens in new window). Comments may be moderated; if not posted immediately, it is awaiting review and will be posted soon.

 

48 Responses to “How To Keep Your Domain Name Searches Safe From Poachers”

  1. V says:

    Michael,

    I have been testing this theory since 2012 and this practice is indeed ALIVE & WELL today.

    About a couple of years prior, I had an idea for a domain name (I had 4-5 domains, two were decoys and one preferred).

    I visited INTERNIC Whois to verify that all domains were available, typed the domains in a private browser, went to GoDaddy to register (All three shown as available at a regular price), ADDED all of the domains to my cart.

    I removed the domains and purchased one. I conducted this process over several months purchasing the second domain. I again searched for the third domain (Still available) and again added to my cart. Removed the domain from my cart to purchase another domain.

    Earlier this week, I visited GoDaddy to register the last remaining domain and now it suddenly appeared as not available. I checked INTERNIC Whois and the registrant is a company called ‘Huge Domains’ – the registration date is listed as 2/12/2010. This registration date is COMPLETELY FALSE as I had the domain in my GoDaddy cart for more than a year. I typed the domain in my browser and landed on a parked page, “This Domain Name is For Sale $2,500”.

    Based on my experience, GoDaddy is not only practicing DNFR, they are also in collusion with Huge Domains (Based out of Denver, CO) – which I am convinced is a predatory organization.

    I would strongly urge ICANN to create legislation to regulate secondary domainers that would prohibit squatting on domains for longer than a period of 1 year. At the conclusion of the year, the unsold domain must be returned to the open market.

    PS. I’ve since found another domain and registered the name at another registrar. I intend to transfer all of my domains out of GoDaddy.

  2. Debbie R. says:

    This practice is suppose to be unlawful but it is alive and well. I’m so tired of these unscrupulous people taking any name I happen to look up and stealing domains that lapse and then trying to get you to buy them from them for an exorbitant price! I hope that the laws become stricter and enforcement greater on they jerks!

    1. Hi Debbie,

      I have not been able to prove that DNFR is still in existence in mass. I’m sure there are use cases where it might happen, but I cannot prove it.

      “I’m so tired of these unscrupulous people taking any name I happen to look up and stealing domains that lapse and then trying to get you to buy them from them for an exorbitant price!”

      Do you have any proof of DNFR? If so, please either share it here or contact me at http://www.domainsherpa.com/contact/ with your data and I’ll promise to investigate it further.

      Thanks and regards,
      Michael

  3. CC says:

    Thank you so much for this. I am a newbie, and I have already had instances where I inquired about a domain name, it was a available for $2.99 + fees; however, by the time I came back to buy said domain(s) a few mins or hours later, the prices were now premium. I was wondering about DNFR (although I did not know the term before reading this article). It is better to be safe than sorry, so thank you, thank you for this article. Your website helps newbies a lot, it really does. Whether I make money or not in this business, I would have learned so much from your website.

  4. M Hassan says:

    namecheap.com and hover.com are definitely using DNFR.. I tried many times, each time the price goes up to $2000+ in namecheap.com, while hover.com asks me to make an offer. But when I go check the same desired domain at CANN or using Domain Info Lookup Utility from (sysinternals.com) the query returns with “availability”.

  5. Noor shehla says:

    Hi I am from Pakistan I checked two domain names on go-daddy they were respectively
    1- top dreams
    2-dreamsay
    Both were available, i was busy writing an article, and delayed registering the name – can you believe that just after half an hour the site says both names are taken.
    If I wanted any of the names I have to buy the name for 200 dollars– this was amazing—- those people who say people of Pakistan do fraud–then what is this???? Please do not check your domain names on Godaddy nor register your site on their server. They are giving a bad name to all who are directly or indirectly linked to internet business.

  6. GoDaddy doesn’t do it? I smell bs.

    I and my friends had a great business idea. I worked hard to come up with a name and a domain to go along with it. Searched for it on GoDaddy and it was available. I had to discuss this with my friends (who are also my partners) before finalizing on the name. They liked it. And next day I try to register the domain and it was unavailable. When I tried to access it, the domain was parked with GoDaddy.

    This is anecdotal and I can’t prove anything just with it, but I’m sure there must be others out there with a similar experience.

    1. Hi Salman,

      Thanks for your comment. I understand your frustration.

      Just yesterday, 104,042 .com domain names were newly registered. Those are brand-new, hand registrations at registrars like GoDaddy around the world. In one day. See http://www.tldwatch.com/tld-summary-table/ for a summary.

      It is possible that a great domain name had more than one person think of it within a few day time period, especially if it’s a generic or really cool brandable sounding domain name.

      If it’s parked at GoDaddy it’s likely registered there and the registrant just hasn’t put up a site yet. Go looks up the details of the domain using http://whois.sc/domain.com and see who it is registered to. GoDaddy doesn’t hold domain names (doesn’t maintain a portfolio of investment domains) so it cannot be them.

      Yes, there are others out there that have had a similar experience. I’m sure I have and I know of others that have too. It’s unfortunate but a fact of life when .com is the most popular extension.

      Best regards,
      Michael

      1. Scott says:

        GoDaddy reps post quotes from CEO about how bad domain kiting is and how they don’t do it. They certainly assist in this process using a subsidiary by selling info placed into their search bar – and help to screw their customers today.

        Yesterday, I searched a domain and it was open – less than two hours later it was snapped up by DigX in Las Vegas and registered through GoDaddy and put on auction. I have dozens of domains through GD but will start moving them as they expire. This is corrupt and should be illegal – just as Bill Parsons claimed years ago.

        I no longer trust Go Daddy with my business or information. I now believe they will stab you in the back – and probably make money off of your blood.

  7. mark says:

    Hi
    i am unable to use download and install this whois software.
    Kindly help
    Thanks
    Regards

  8. wowo says:

    thanks man… this is what i need. I couldn’t realize how frustrating buy good domain.

  9. AV says:

    Here is my question. Say I searched for (and found available) a name that was pretty rare. I waited for a day before grabbing it – only to find it registered – the registrar being the webhost I used to search the name (godaddy.com). Now – when I look up the WHOIS record – it shows as being originally registered in 1996! Is it possible for godaddy to register – and put a ‘fake’ date on the registration record? Or is that impossible?

    Thanks

    1. Where did you search for it? Sometimes I search for domain names and see it listed as available, but it’s not. This happened to me just yesterday. I was looking up some domains for educational reasons and saw NewYorkCity.info was available using a third party tool/website. Surprised. I went to the registry (http://info.info/find-domain/newyorkcity.info) and saw that it was taken (registered 25-Jul-2001). Lesson learned for me: sometimes the APIs between sites don’t work the way they’re supposed to.

      1. Nick says:

        Same thing happened to me with godaddy, I get a good domain and saw it was available on their site, I go back about an hour later to register it and see its taken along with the .net and .ca versions which were also available, I check on a whois site and it says registered with godaddy like 6 years ago… same with the .net and .ca versions but at different dates, now can you seriously think that all 3 of them were mistakenly showed as available? and of course they were all put up for auction as well..

        1. Nick says:

          apparently I was mistaken regarding the .ca version because I see now theres a site operating on it that seems active, my memory gets jumbled sometimes and I was tired so maybe i didnt check the .ca version after all, but what I said seems to be true about about the .net and .com versions although after seeing the .ca website I’m starting to doubt my memory of that night even though it was just couple days ago :l .. the point is I’m not a credible source but there is others who report the same happening with godaddy so make sure to follow this guide, but who knows it might not even be godaddy because I and a lot of other people too probably also searched the DN in a search engine. I just don’t want to slander godaddy.

  10. John says:

    Goddady just did that with my future domain websec.me I’ve almost registered on july 17, I even went to shopping cart but wanted to think a little more, today 08/16 I’ve tried to register and it was registered on July 20 by GoDaddy. That’s a shame.
    I’m very angry with goddady.

    1. There are tens of thousands of technologists around the world who understand about websec.

      I just looked today and it looks like the domain name has expired and the status is “Repossessed by Go Daddy”. Watch it at GoDaddy Auctions, it will likely go to auction there soon. Good luck, if you’re still interested.

  11. Cythia Dedman says:

    Excellent read, thanks a lot for this posting.

  12. Emiko Lefever says:

    Your article is very helpful. I discovered your site a few days ago. Thank you for your great work!

  13. Simonetta says:

    Nice article on the topic of front running.

    I would just like to point out one little detail about Sedo.com (for full disclosure, I am an employee there).

    Sedo operates a marketplace for domain names that are registered and listed for sale. We are an ICANN accredited registrar, but do not currently have any names registered in our accreditation.

    Sedo is referring clients to one of our registrar partners in case a user is searching for a domain name that is still available for first time registration. We do not have control over what happens with the search that is subsequently performed on our registrar partner’s website. But if you search for a name at Sedo and it is still available you will be put in a position to immediately acquire that name without Sedo attempting to beat you to it.

    Feel free to try this on our website: http//www.sedo.com

  14. Sharlene Humber says:

    Love your blog. Very educational.

  15. Tyson F. Gautreaux says:

    Well, now that’s a post well worth reading!

  16. Leonardo Tibbetts says:

    Many thanks for that good article, that must have taken some time to put together with superb info.

  17. Mary Jean M. says:

    Can I just say what a relief to find someone who actually knows what theyre talking about on the internet. You definitely know how to bring an issue to light and make it important. More people need to read this and understand this side of the story.

  18. Lawrence Kannellis says:

    Really enjoyed reading this. Thank you.

  19. Jenny C. says:

    Seriously good info on this site. I’m very glad I read your article on Hackernews this morning! I’m a subscriber now! :)

  20. BullS says:

    @Neil—- everybody agrees with me whether they like it or not.

    There are 2 types of people — #1-one who makes money on the internet ( like ME)

    and –
    #2 -one who makes the #1 rich by just playing games,wasting time on the websites that #1 creates.

    Which one are you?

  21. Does the MS whois application allow bulk search? unless there is a viable alternative that allows bulk searching, it is fairly moot

    1. I’m not sure if it allows bulk search. I’m on a Mac nowadays. It appears to be single-line action, which is like the version for Mac/Linux.

      Some individuals on Hacker News have suggested that there are options out there for bulk (with links), but they rely on the goodness and virtuousness of the individuals running the service.

      You can look at those services here: http://news.ycombinator.com/item?id=2405375

      Let me know if you find anything useful and I’ll update the article.

  22. tom williams says:

    As Andy Grove, former CEO of Intel wisely said (based on Intel’s and his own personal experience) in his much read business book, of the same title:

    ONLY THE PARANOID SURVIVE

    word to the wise

  23. It’s not often I’m going to agree with BullS, but if you *really* believe a name is valuable, spend the $5-10 to reg it.

    1. BullS says:

      Why I love this BS domain game.

      I register 10 domains every day- who cares whether I like them or not.

      At the end of the 4th day , I see which ones have clicks and worth keeping.

      Then I called GD and tell them I want my money back on those BS domains.

      That why I love this game.

  24. For those interested, an additional discussion is taking place at Hacker News: http://bit.ly/fZ4hCz

    1. a says:

      Yeah! Nice to see a domainer getting links up on Hacker News. You’re obviously doing something right :)

      1. Thanks, a. I’m a HN fan, and have never had an article go this high on HN before (was #3 at one time).

        I like to to think of myself as a hacker, but compared to some of the feats of individuals at Y-Combinator, I’m just a hack. ;)

    2. Brett G. says:

      Totally awesome. I’m a fan of HN and you’ve got 100 points on this article. Nice!

  25. Eric says:

    GoDaddy has stolen many of my domains! (in addition to slaughtering elephants)

    1. BullS says:

      Eric,
      With the way things are, everybody has to steal to survive.

  26. Developer says:

    When I used whois tool (from microsoft) for my domain, it connected via whois. – that is, my registrar’s whois server. I don’t think whois tool will prevent this misuse because whether via a web interface or via a command line tool, the request has to go via registrar’s server. It’s a case of fence eating the crops.

  27. BullS says:

    good work Michael.

    My final tip? Buy a domain name of interest as soon as you see it available.—

    thank GOD…they did not register BullShitWebsites.com

    Yo, I know who the domainer is owning the BullShitWebsite, he lives in S.Florida.

Domaining magazine site recommended by Domaining.com
Copyright © 2010-2016 DomainSherpa. All rights reserved. Reproduction without explicit permission is prohibited.
About  |  Advertising  |  Affiliate Links  |  Disclaimer  |  Disclosures  |  Privacy  |  Terms  |  Contact Us
Want a Proven System for Domain Name Investing?

DomainSherpa founder and publisher Michael Cyger created the ultimate accelerated learning system for domain name investing. Want a $50 discount coupon?

Sign up for the DomainSherpa newsletter below.

PLUS, you'll receive a free copy of the ebook entitled "Turning a $12,750 Profit on One Domain Name in 6 Months."

Free "$12,750 Profit" eBook. Click Here.