Who Is Monitoring Your Domain Searches?
It has happened to most of us:
- A perfect domain name pops into your mind.
- A quick check at your favorite domain registrar reveals that the domain is still available.
- For some reason, you put off the actual registration for a few days.
- And when you come back to finally register the domain, it's taken by someone else!
In many cases, this is simply a coincidence. But there are increasing reports of domain search data being sold to domain tasting companies which then register your domain ideas to see if they attract any traffic.
No traffic? No problem. The domain taster simply drops the domain after five days. But if the domain proves popular, the taster will keep it and monetize its traffic through PPC (pay per click) ads.
Bob Parsons of GoDaddy.com was one of the first to raise hell about domain tasting. He focused on what he calls "domain kiting" - repeatedly registering a domain and dropping it right before the end of Verisign's 5 days refund period, only to reregister it shortly thereafter. This strategy ensures that the domain taster never actually pays for the domain, even though his payment is "on deposit" with Verisign and therefore tied up permanently.
GoDaddy and its associated companies do not engage in domain tasting, according to Parsons. Not that they would have to: GoDaddy already earns millions of dollars in PPC revenue off their client's newly registered and/or unused domains.
While the Daily Domainer considers random domain tasting to be a legitimate business, we believe that leeching off the domain searches of others (who expect their domain ideas to remain private) differs by several orders of ethical magnitude. Recent mainstream press reports about domain tasting in general are bad enough already.
For example, last night an Associated Press article made the rounds (read the full version here) and the arguments are predictable: Domain tasting is defended by those who are engaged in it and attacked by those who either missed the boat or consider themselves too "above-board" to take advantage of the opportunity.
Until recently, prospective domain tasters had to set up their own domain registrar to get started. But even individual domainers can now use registrars such as Dynadot or Moniker to register domains and give them back within 4 to 5 days at no charge (Dynadot). This is very helpful if you're eying several domains and are undecided which ones to use.
So what can domain owners learn from this?
- Delay searching for available domains until you're actually prepared to follow through with the registration. Better still, search for and register new domain ideas immediately whenever inspiration strikes you.
- If one of your domain searches is registered by a domain taster shortly after you checked availability of the domain, and you still want the domain, wait five days and it might become available again. Do not visit the domain during these five days, otherwise the domain taster will believe that the domain gets enough traffic to warrant adding it to his permanent portfolio!
- If you're thinking of several domains for a project and are undecided which one to use, register all of your domain ideas immediately. If you use a registrar like Moniker or Dynadot, you'll have 4-5 days to decide if you actually want to keep a domain once you have registered it. This practically eliminates the danger of impulse registrations that you might regret later.
Finally, if after reading this post and despite all our warnings you are thinking about joining the "dark side" of domain leeches and spies, here's how you could go about it.
- Set up your own domain search tool or approach registrars that will sell you their search data (not GoDaddy of course, they are too ethical to even consider doing something like that!
). - Once you have gained access to the domain search data, analyze it and register promising domains to test them for traffic. The faster you do this, the better.
- Keep domains that earn at least 5% to 10% of their annual registration fee during the first five days. Drop all others.
And last not least: Be prepared for a massive backlash from disappointed end users who will publicly accuse you of having "stolen" their domain!
Good analysis. This happened to me and I blogged about it here:
http://www.miketheinternetguy.com/blog/miscellaneous/dont-get-your-domain-name-stolen/
This loophole really should be closed. I can't think of a reasonable reason for it to remain open especially with the low cost of a domain name
GoDaddy does this too. It happened to me several times.
I always suspected this was true, though even some friends of mine in IT thought I was a "conspiracy theorist" - but even recently it happened - the timespan was literally two or so days. I intended to register netcastmusic.com and was relegated to netcasttunes.com. If you go to the former page, you might be interested to see who parked the former domain name listed.
Great article.
Yes, GoDaddy does this too! I've had a few domains poached after inquiring about them through GoDaddy. Also, what right does GoDaddy have to use MY PAID domain name for their own PPC ads? That's dishonest!
godaddy absolutely without any shadow of a doubt swipes or sells domains. it happened to me over a year ago - i bitched and moaned on another forum i visit, and a few people acknowledged they thought it might have happened to them.
for me, the registration occurred within hours. as real estate agent, i register a lot of domains (http://findlochmerehomes.com, http://findprestongolfhomes.com, etc) and point them all to my main site - http://www.trihomewiz.com.
i now A) no longer use godaddy.com (bob parsons whining and crying notwithstanding) and i now no longer hesitate when registering domains.
the recommendation for dynadot helping to avoid impulse domain shopping is a good one.
Two of my hosting customers had domains stolen by GoDaddy.
GoDaddy can talk all they want, their actions speak much louder than their words.
I will never give them my money.
godaddy. go and don't come back.
Anyone have some example of a really hard to guess domain name that became suddenly mysteriously reserved? I guess only thing you can do is hope it will become available again and monitor the expiration with a tool like http://expired-domain.bemmu.com
The solution is so simple it is trivial and makes the problem irrelevant.
Don't use a registrar to check domain availability. Use whois. Problem solved.
http://www.arin.net/whois/
If you can't trust ARIN, we're all screwed anyway.
It happened to me as well with godaddy. How can they actually say they do not do these sort of thing.
This is outrageous if true. A response from GoDaddy is needed.
There's also a monitor on domain expirations. When you run a WHOIS query, you'll notice (on some sites) that it reports an update to the WHOIS database. This information is used by those who want to register domain names that have expired but are currently sitting in limbo, awaiting to be returned to the general public. I lost a domain name (because GoDaddy screwed up my transfer) and it was immediately registered by a domain squatter that wanted a large sum of money to transfer it back to me. The name was quite obscure and, after wondering why they had jumped on it while leaving many of my other (more desirable) expired domain names, I decided to conduct a reasonable test: I found a list of expiring names, selected 10 relatively obscure names and continuously ran WHOIS queries on 10 of them. After a week or so, all 10 had been registered by squatters while it appeared that only between 10 and 20 percent of other sites were registered. Try it yourself!
I just want to ask the author of this post what Godaddys dick tastes like, because he's obviously had it all up in his mouth.
Finally, my suspicions have vocalized by someone else. This has happened to me a number of times. I have always thought there was "someone" watching me as I searched for available domains. GRRRR.
Like hell godaddy doesn't do it…those bastards make money on selling those search list…what kind of BS story is this??
I think the solution is simple.
Make an app that baits these services by searching (by dozens/hundreds/thousands of ip addresses) nonsensical, but keyword-linked domains, then when these jerks register them, the same group visits the sites (again, hundreds of times), then the squatters see response, so they pay for the domains. Voila! Money wasted. Do this creatively (using about 50 different non-identical methods) and ultimately, these poachers have million$ invested in worthless turkey domains, and they go out of business.
Of course, this would be a shared effort by whatever number of users share the same opinion of this practice. Not in the least illegal or unethical. Just "junk searches"
Just what I suspected.
Dont you guys realize that looking at whois lookup records is not the same as domain tasting?
Same thing happened to me with Network Solutions.
Here is my writeup:
http://www.swingnote.com/netsol/networksolutions_whois.php
3 days after I posted to Digg, the domain was released and I grabbed it.
Markus Diersbock
All of you guys have forgotten a big player! YAHOO does it too. I lost many good domains I tasted through yahoo. Some was even registered within the seconds I was trying to register it too. On hitting on the final comfirm button, I only get a message from yahoo that the domain name was already regsitered where as I search and it was available. so what can we do when they have the millons of dollars to write spiders which crawls and steal our info? I guest the solution is teaching everyone and no one to click on a packed website. no revenue for these idiots.
I wondered about these tactics after several lost domains seemed to be picked up out of the blue.
As always it is common sense to play your cards close to your chest or to openly work with others and share your ideas.
I was bored at work one day and used GoDaddy to look up a few domain names. I found one that was available and I thought I might get it just for fun. Work called before I could register it and my session timed out and I forgot about it.
Two days later I tried to register it, and it was taken! I was a little bummed, but nothing too bad since it was going to be for fun anyway. This was about a week ago.
Then I saw this on Digg, checked again, and it was available. GoDaddy definitely did it.
The problem could be easily avoided, if people didn't use web-based whois services. On the commandline you can check for domain availability with "dig domainname.com" or just "host domain.net".
Not sure if this is a GoDaddy issue. I'd suspect the culprits to be at Verisign, which receives all .com and .net domain requests from ALL registrars and would be the most obvious point to collect such data.
Isn't it amazing all the skullduggery in the world and at the workplace.
It is hard to tell if some organisation might be watching over your shoulder while you are searching for some of the potential popular domain names. You just won't know.
Don't you all get it? Do you really think there is a mass conspiracy by GoDaddy, Network Solutions, Yahoo, and who knows who else to spy on you and sell your query data? For what? Given the economics of tasting, tasters could not afford to spend much money on such data. Why the heck would the likes of Yahoo (billion dollar company) or GoDaddy (hundreds of millions of dollars) get involved in such questionable nonsense for nickels and dimes?
Think about it. When this happens to you, most of the time the name ends up at DomainDoorman, BelgiumDomains, CapitolDomains, or NameKing right? It's tough, but there are other ways of getting the data without paying anyone.
The problem is the only solution is closing the loophole that allows tasting at all. But of course, that affects others who are doing it in lower volumes and less intrusively (been going on since 1999, maybe earlier).
Interesting.
A Vice President of Go Daddy has posted in a couple of online news sites that they don't sell queries. Yet…people insist on believing otherwise, especially if they have no further way of checking further.
The original purpose of the 120-hour (5 day) add/grace period is to provide sufficient time to correct misspellings, accidental registrations, and chargebacks. This practice has since been used for another line of "business" since at least 2001.
Hijacking your research? I can't agree to that, especially when people really have no realistic expectations of online privacy, especially when YOU are "legitimately breaking" (for lack of a better term) into someone's property.
Without further conclusive proof, people are free to entertain whatever fantasies they want. But if it's any consolation, this is being tackled by a couple of ICANN's committes.
A fool and his ideas are soon taken.
Most of life is just showing up and as well employing common sense.
OK - Any solutions-oriented ideas on how to get your address back, assuming it's not getting significant traffic?
First, recognize that it isn't "your" address until it's registered to you. There's no legal authority on earth saying this or that domain name is yours until it's registered to you and paid for.
Next, don't check the domain name on your browser or contact its current registrant.
With luck, they'll eventually drop the domain name within 120-hours (5 days) from its creation date if they see no benefit in keeping it.
Sometimes you can find domain search services that don't query registrars or whois at all for availability. This puts a full halt on domain swiping like this.
For example http://web2nam.es/ uses "dig" which queries for associated nameservers.
There is no way then for a registrar to tell the difference between someone interested in buying a domain and someone making a typo in their browser bar.
In response to this topic I set out to make a domain researching tool people can trust. My solution? Use an open source whois script and give the web users directory browsing rights to the site. This way the users can verify that their searches are not being monitored by looking through the source code.
Simple? Yes. Effective? I hope so.
http://www.overtwhois.com/
I searched for a domain on GoDaddy and two days later it was gone. Go Daddy are cheats. Not only do they partake in this awful practice, they claim that they do not. Or perhaps they just sell the search data, and try and look forthright by denouncing, as they put it, 'kiting'.
Well I just had this happen to me while searching for a name on Godaddy.
After all the Godaddy horror stories of them stealing domain names and now this, I will be transferring all my domains somewhere else.
Godaddy are a bunch of scamming liars.
I first read about this in a Daily Domainer newsletter article from last month and it struck me as just plain wrong. I've since created a site to address this that guarantees safe whois searches (see privacy policy) at http://www.purewhois.com
This service is provided free and we just ask that folks refrain from abusing it with automated volume query tools.
-Ken
I've learned a valuable lesson with this issue.
NEVER cancel a backorder on a domain.
The last 4 domains I've won backorder on were won after a domainer "tasted" the domain and released it. I was notified 6-7 days after the backorder failure that the domain had in fact been successfully captured.
And those backorders WERE with godaddy, but the domain was captured by some asian registrar, and then released 5 days later.
Just a helpful tip.
R
I've been in the expired domain business for a while now. Been using godaddy since day one - I initially had a habit of searching for dropped or unregistered domain names and saving the list to do a bit of research and get back to a couple of days later.Funny thing I always found was my "list" was not "available" anymore. For those of you who use Tdnam.com (godaddy's) auction house on expiring and expired domains - I bet you the same thing happens there as well. I had won an auction for a high traffic high PR domain - paid for it - but after two FULL weeks get an email from godaddy saying the domain has been returned to the owner and my payment will be refunded in the next couple of days. WHAT BULL! - I've herd of domain tasters putting up sales for their domain on ebay - if it sells well - they register it and transfer the name - if it doesn't - they let it drop after the 5 days
I have two domains registered and hosted with godaddy and what I have heard here makes me wonder if they are an ethical company. I guess you learn by your mistakes.
Yep - Godaddy is proven to do this. Beyond question.
My girlfriend looked at a domain name on Godaddy that NOBODY would ever think of using - two obscure words in Old English. Within a few hours it had been registered by someone else. A week later she checked again - it was available and she got it.
She only tested it using Godaddy.
So either Godaddy as a business is doing this, or there is a spy at Godaddy.
Other possibilities are ISP data and spyware:
http://pocketseo.com/domains/7
I contacted GoDaddy about my article and the President's Office responded that GoDaddy does not do domain kiting.
Baloney!!! Godaddy.com themselves are apperntly an active participant in this debacle.
Just this weekend I did a domain search, and sure enough, before I could book it - 36 hours later a company called Ultrarpm registered the domain, and put up one of those catch-all sites.
When I called Godaddy support they claimed to know nothing about it, and told me to try in 5 days.
But, upon further investigation, it appears that Ultrarpm is registered by DomainsByProxy.com - An "affiliate" of Godaddy.com (according to their website).
Who's kidding who here…
On October 10th, I did a whois search on three domains. One was a nonsensical combination of two words. One is a hrebew name, phonetically spelled in english (not one google search exists for this keyword). The other, granted, could be common enough that someone out on the Internet could go for it at the same time.
The next day I go back to register them, and all three are taken, two by the same company (Wan-Fu):
Marketing Total S.A.
P.O. Box 556
Main Street
Charlestown, West Indies
KN
+852.30106405
+852.30106405
soluciones
Wan-Fu China, Ltd.
P.O.Box CB-11901
Nassau,
BS
+31.847486135
+31.847486135
business
The fact that the same company took of the domains (the hebrew word and the nonsensical name) and that both companies are obviously domain squatters, is coincidence enough.
To make matters worse, I was using the Unix whois client, not a web page, which leads me to believe someone is actually "sniffing" the whois requests at certain registrars.
This is a truly scummy practice. My guess, though, is that these people use the grace period to see if there is any interest and when there isn't any, throw it back into the pool of available domains. Will see next week.
Yesterday, I did a search on both estibot and whois.sc.. About 4 different names with each of them. I used estibot to check the overture traffic, and those on whois.sc I wasn't concerned about the overture. Anyway, 6 out of the 8 ( 3 i had checked on estibot and 3 on whois.sc ) Were registered less than 1 minute and 30 seconds later by
BelgiumDomains
501 NE 1st. Ave. Suite #201
Miami, FL 33132
347-214-0249
The evidence is overwhelming that they were using illegal data sniffing to steal these domains. I have already contacted a very experienced attorney on the matter and I will update when I get further along.
However, in the meantime, I suggest not using whois.sc or estibot.com at all.
Brad-
Thank you for reporting this problem also via e-mail. I appreciate that. I'm the programmer of EstiBot and this causes great concern. I can tell you for sure that the searches on EstiBot are not given to any third party. I sometimes go through some of the searches myself for research and improvement purposes, but I do not register any of these names and do not give the names to anyone else.
What is happening here is that Belgium Domains is sniffing the whois services, not EstiBot itself. EstiBot performs a whois search for the appraised domains, because it's an important part of the valuation.
However, if you wish to use EstiBot without performing a whois search, this is possible using the bulk tool estibot.com/batch.php. The data is handled completely internally, and a whois search is only performed if you specifically request it from the results page. If you do not, then no data is sent to an external site.
I will do my utmost to prevent this sort of thing happening, because EstiBot is intended to be a truly useful site for domainers and I hate to see this happen, especially as I use it myself for my own domain research! I am currently looking at alternative solutions for whois services for dotcom domains.
The culprit in this case seems to be Network Solutions. Their whois seems to be compromised. I will try to find an alternative whois service. Any help is appreciated, if you have suggestions please let me know, you will find my contact details on the site. I am willing to pay for a reliable whois service.
Finally I'd like to remind everyone that every time you do a whois search with any service, you run a risk of losing your domain.
I'll keep you posted on developments. Feel free to contact me further.
Thanks-
Josh
Domain tasting - what a laugh, use your brain, their are many top level TLD's
still available if you know what you are doing.
This happen to me too.
First time when I was using whois.domaintools.com. I search one name and it was gone next day
Second time it happened when I was searching on verisign (thinking that atleast they will not do that). This time it was too much. There were three of the domains which were taken away. Registrant were:
MAISON TROPICALE S.A.
P.O. Box 58
The Valley, British West Indies
AI
+31.847261054
+31.847261054
info
I sent a mail to verisign and them but no response. Today I checked and 2 of these are again available.
I see your point -
I have heard about this for a while now, especially when doing searches using tools like Domaintools.
Now, whenever I need to check the availability of a domain, I always use Dynadot to check. Its one registrar that I believe operates fairly.
There's also a monitor on domain expirations. When you run a WHOIS query, you'll notice (on some sites) that it reports an update to the WHOIS database. This information is exercised by those who want to conserve domain entitles that have run out but are currently pourparler in limbo, awaiting to be returned to the watch officer public. I lost a domain fix (forasmuch as GoDaddy screwed up my transfer) and it was just then catalogueed by a domain squatter that wanted a portly sum of profit to transfer it back to me. The heroine was indubitably obscure and, astern openmouthed why ruling class had jumped on it lastingness casting away lavish of my secondary (more en rapport) over domain exemplifys, I decided to handle a whorish test: I begin a versed of expiring entitles, selected 10 purely obscure immortals and continuously ran WHOIS queries on 10 of the top. After a second or so, all 10 had been compass abouted by squatters tense it appeared that only between 10 and 20 percent of nonessential sites were chromatic scaleed. Try it himself!
Interesting article!
Thanks
WOW…I had no idea this is happening in the domain business…when I need a new domain I just search for one and never wonder the good ones are nowhere to find
I have many auto domains, however, their are still many domains still available, BrakeNClutch.com (n) has been available for at least 2 years that I know of, this is a top name, I have been checking it with many registrars and recommended it to many in the business as a great name for their enterprise and as a potentially a good buy, as to date it is still available, I just checked, now any astute domain taster should have picked it up by now - ? why has no else registered it, I have no doubt that when it is gone the buyer will have scooped a great name for their business or a domain buyer will want a considerable amount for it.
I had no idea there is such a jungle out there in the domaining business.
just happened to me
. My domain could of been worth thousands….
backorders were with godaddy, but the domain was captured by some asian registrar
I would certainly be nice if your
home page could be read. The left
margin that contains SS for sale
down to your offer to join your site
blocks out the beginning of each sentence
with a 1024×768 setting on the screen.
As a victim of a hijacking of a domain
name after checking availability yesterday,
I was really interested
in the article regarding the problem.
Now, whenever I need to check the availability of a domain, I always use Dynadot to check. Its one registrar that I believe operates fairly.
Thanks for the tip. Did know about this before. I have missed out on some great doamin names lik this before. Now I just go ahead and register the domain, once I think about it.
I have began to hear about people stealing or trying to steal other peoples domains. What can we do you stop it?
No doubt I tried to register a domain two weeks ago, then backed off, however could not register it when I came back to try three days ago. Do they really make money doing this?
That's kind of nasty, but, should be expected and no worse than much of the other stuff that people do on the internet today.
From the command line type:
whois domainyouwant.com
This will let you know if the domain is already owned or not.
Works out of the box on Mac's or Linux. For Windows users… well, it's probably too technical for them.
I'll make sure to use either Moniker or Dynadot in the future. Wasted too much on impulse buys!
Its always amazing the amount of human inguenity no matter what the tools
You do the work and always as if there is a person out there looking for something for nothing so to speak
The only difference now is the technology. It used to be a close neighbour. Now it can be someone half way around the world , who is looking over your shoulder.
I've got a friend who does this. He says you can make some money at it, but staying ahead of everyone else is time consuming. Not sure if it is actually worth it.
I add my self to this list. I look for the domain name "pinkmorning.com" in the middle of march 2008 with godaddy and servage.com. Today (22 march 2008) the domain is already registered (the registration date is march 17 2008), thru Godaddy.com by someone of earthlink.net (a internet access provider).
We can all agree that poaching domain names is wrong, and needs to be stopped but what are solutions? What can be done? Is there an oversight committee that’s supposed be watching this sort of thing? When is the internet community going to organize itself?
DailyDomainer has an interesting article titled “Who is monitoring your domain searches?”, outlining how domain tasting work and how one could protect himself against it. There are three
It also happened to me. I did a search for a domain at godaddy and it is available. After a few days, when i try to buy it, it is already gone.
This tells me to go ahead and register my real estate domains as soon as I think about it.
I think there is a program that are able to check who is checking on the available domain, if there are too many people checking, it will automatically register it.
Shady business that it picks up the domain you registered if it gets traffic…err not registered but viewing.
I searched for a domain name on godaddy yesterday, the url was available and then today went to purchase it… it had been bought! I find it VERY hard to believe it was a coincidence. I'll wait 5 days then try again. I'll be emailing godaddy anyway raising the issue.
Rob on Apr 22nd, 2008 at 6:28 am
I have found in several cases that if this happens go back to the domain in a few days or a week and search it again, you may find that it is available again.
I suspect for some reason when you initiate a search it may trigger a registration, then, when the process is not completed it drops the registration, I have had this happen to me. Monitoring must go on in some cases, however, their may be an issue with the registration automation - food for thought.
A friend of mine lost a domain at godaddy the same way.
Feb 20th, 2007 at 7:34 am
[...] DailyDomainer has an interesting article titled “Who is monitoring your domain searches?”, outlining how domain tasting work and how one could protect himself against it. There are three [...]
Feb 20th, 2007 at 10:48 am
[...] squatting business are pretty shady characters, and I don't want them stealing my ideas.read more | digg story [...]
Feb 21st, 2007 at 12:41 pm
[...] Who Is Monitoring Your Domain Searches? DailyDomainer highlights the risk of domains being registered by others due to your searches and the article provides some tips to avoid it (Tags: registering domains, domaining) [...]
Feb 22nd, 2007 at 12:52 am
[...] there are some easy precautions you can take when doing your research. The following tips are from this post about domain tasting from the Daily [...]
Mar 7th, 2007 at 11:37 pm
[...] the domain purchasing system has been hijacked by a group of crafty entrepreneurs assholes who intend to use other people's domain names to [...]
Mar 19th, 2007 at 1:58 pm
[...] subversive transfers, there are an increasing number of reports of people having their domain ideas pinched before they can register the domain themselves. It appears that a number of domain research tools [...]
Mar 31st, 2007 at 2:00 am
[...] have an excellent article on domain tasting. You read about this issue all of the time on webmaster forums. Someone has an idea for a site, [...]
Aug 3rd, 2007 at 12:14 am
[...] Who Is Monitoring Your Domain Searches? Kinda freaky that people might jack domains based on your searches. [...]
Aug 27th, 2007 at 8:30 pm
[...] Well, I guess there are many reasons. I read this article on the web earlier today. I though they hit the whole thing right on the head. They say it's [...]
Sep 18th, 2007 at 3:14 pm
[...] registered and was now unavailable. This experience is not uncommon and it is happening because someone is monitoring domain name searches. The way to avoid it is to do your brainstorming ahead of time and be prepared to buy when you find [...]
Oct 19th, 2007 at 7:40 am
[...] a quick overview of the problem, read this article back from [...]
Oct 25th, 2007 at 4:58 pm
[...] утечки через CNet Domain Search, через VeriSign и Network Solutions, через регистратора GoDaddy и разные другие сервисы поиска свободных [...]
Nov 29th, 2007 at 9:32 pm
[...] Who Is Monitoring Your Domain Searches?: Is someone watching every domain you search for? It's entirely possible that they are and are taking your ideas. Learn all about this practice in this article from Daily Domainer. [...]
Dec 5th, 2007 at 8:37 pm
[...] Who Is Monitoring Your Domain Searches? » Daily Domainer [...]
Dec 12th, 2007 at 2:10 am
[...] subversive transfers, there are an increasing number of reports of people having their domain ideas pinched before they can register the domain themselves. It appears that a number of domain research tools [...]
Jan 26th, 2008 at 1:39 pm
[...] to another domain and still measure additional revenue coming in from redirected traffic. Here is a great post for those who want to learn more about this, and here is an article from Washington Post. If you [...]