Does “domain sniffing”, in which a third party registers domains you’ve searched for, really happen?
I’ve always been skeptical that domain sniffing happens on a wide scale. Here’s what domain sniffing is about: you query a whois site or domain registrar for a domain to check its availability. You wait a few days and then go back to register the domain. To your surprise, it has been registered by someone else. Domain sniffing means that someone was able to view (“sniff”) your domain queries and use this information to register the domains.
But does domain sniffing really happen? Few people point to evidence other than anecdotal incidents (“I checked for a domain, and three days later it was gone!”). My advice to people searching for a domain is to go ahead and register it when you find a good one. At $8, why risk it? Plus, it could just be coincidence that someone registered a domain you searched for.
Or maybe not. I looked up a domain about a week ago and didn’t get around to registering it right away. I went back a few days later to register it and it was taken. “OK”, I thought, “it’s reasonable that someone else might want this domain, even though it’s obscure”. However, there are a couple peculiar things about the registration. First, the registrant is protected by whois privacy. Why would this person want to protect their identity on a non-sensitive domain? Yes, it cuts down on spam, but this still raises a red flag. Second, the domain is parked at a major registrar. If someone snapped up the domain for parking revenue why would they keep it at this registrar and let the registrar profit? Again, it could be coincidence…or is it?
At this point I recalled an article by Larry Seltzer of eWeek. He researched a situation at CNET last year and detailed his findings. Someone complained to him that her search for a domain at CNET resulted in a registration by a third party. CNET’s search box aggregated domain queries to a number of providers, which opened the door for a number of potential sniffers. Seltzer searched for three random domains at CNET and they were all registered 30 hours later — by the same party.
There are other ways a domain could be sniffed. Here’s one theory from a thread at Webmaster World:
Place an advertisement at one one the popular domain check sites. Whenever a domain is checked, it shows up in the URL field of that particular user’s browser, and correspondingly shows up on the advertisers log as the URL from which the image (advertisement) was served. An simple automated script pulls the domains out of the log, checks for known words, number of characters, etc, and automatically registers those that fit the criteria. If they don’t get any traffic to the autmatically generated landing page, the domain drops after 5 days, and doesn’t cost the register anything. If they do, they pay the 6 bucks and keep the name.
Was the domain I searched for sniffed? If so, was it by the registrar or just some rogue employee? I’ve thought of a way to
find out who is hiding behind the whois privacy, although it will cost some money and time. I’m going to run test queries to look for patterns before proceding. In the meantime, if you have concrete evidence of a domain being sniffed, please e-mail the details to editor (at) domainnamewire.com.
Very interesting article. I look forward to reading what you find.
hi there.
i don’t know how they do it, but it’s 100% true. sniffing is a fact. a year ago i wanted to register a domain name that i really needed, a shitty one – riskwerks.com. i checked it a few times, it was available. 3-4 hours later it was gone… i was really angry. that’s the fasted sniffing so far.
try yourself. take 10 domains (5letter or something like that), check them 2-3 times. and wait 2-3 days. probably 50% of em will be registered.
There’s domain tasting. There’s the well-known ingenuity of domainers. And there are easy ways to obtain domain search data.
Put those three together and add the anecdotal evidence provided by prospective registrants who found that their domains were been registered shortly after they had searched for them.
It IS happening. It may not be ethical, but it’s not illegal either. And you can bet that it’s profitable, especially if you can taste tens if not hundreds of thousands of such domains each and every day.
The lesson for domain owners?
* Delay searching for available domains until you’re actually prepared to follow through with the registration. Better still, search for and register new domain ideas immediately whenever inspiration strikes you.
* If one of your domain searches is registered by a domain taster shortly after you checked availability of the domain, and you still want the domain, wait five days and it might become available again. Do not visit the domain during these five days, otherwise the domain taster will believe that the domain gets enough traffic to warrant adding it to his permanent portfolio!
* If you’re thinking of several domains for a project and are undecided which one to use, register all of your domain ideas immediately. If you use a registrar like Moniker or Dynadot, you’ll have 4-5 days to decide if you actually want to keep a domain once you have registered it. This practically eliminates the danger of impulse registrations that you might regret later.
I’ve the same experience too. Last year, I checked for a domain availability and it showed that I could own it. As I was still considering my domain-would-be, I waited. The next day, when I checked again, the domain was no longer available and due to my curiosity, I headed to the domain that I wanted. To my surprised, the domain that I wanted is put on sale.
Dailer Domainer is right. Delay your searches until you make up your mind to buy it.
Thanks for all the tips.
Hi,
Coincidentally Jay Westerdal,President and CEO of DomainTools and Name Intelligence also wrote about Domain Stealing in his blog today.
Brief excerpt:
“We have been investigating domain name research theft crimes for the last two years and talking with the many victims. If you are a victim, please contact us – the more technical a description of the event the better. We are collating events of all the victims and we will update everyone if there is a common thing to avoid. We will also be passing our evidence on to local authorities in the proper jurisdictions.”
Full article here:
http://snipurl.com/DomainTheft
Patrick
Patrick, I guess great minds think alike 🙂
Everyone should take a look at Jay’s post using the link above. This is particularly interesting: ISPs sell data about which non-existent domains people search for.
I guess John Berryhill was right when he suggested that Verizon could find out which typos of its domain are worth registering:
http://tinyurl.com/2jf7st
I read about this in an article in the Daily Domainer newsletter last month and it struck me as just plain wrong; so I’ve since decided to create a site that allows for safe whois searches at http://www.purewhois.com.
This service is provided free and we just ask that folks refrain from abusing it with automated volume query tools.
-Ken
Is purwhois.com still working? I get an HTTP error 500 (purewhois.com is unable to handle this request) everytime I try to check a site after pressing the “search” button
Interesting story: a few years ago (about 2007?) I heard about a court case involving a guy called Mike Rowe who had a software company, and owned the domain mikerowesoft.com. Microsoft took him to court over the matter and he ended up making a great deal of money from the media. I read about this a couple of months on so checked for a few similar domains (co.uk etc) which were available. The next day I dug out my credit card and found all the domains had been registered. Very suss.