Pelland Blog

Domain Tasting: The Sour Follow-Up

June 9th, 2010

Just in case there were any doubts about the validity of my previous post, here is a current real-world example in evidence. One of our clients is a tea merchant who owns the trademark to Hu-Kwa tea. They have owned the hu-kwa.com domain name for quite some time now. Last week, I was contacted by two companies within an hour, each offering to sell me hukwa.com (without the hyphen), one using multiple e-mails. The first was a company called Flex Media / Flex Media Domains, which sent me an e-mail which included a “Priority Sales” hyperlink. This outfit is supposedly located in Hollywood, Florida. The second contact came in the form of three e-mails from InTrust Domains / Domain Names International / eTraffic Services, an outfit supposedly located in Colorado Springs, Colorado, sending me what they called a “Priority Domain Availability Notice. According to their website, they “currently manage a portfolio of approximately 10,000 domains, with about 70 new domains added each day.” I did a whois lookup at the time, and it very suspiciously showed nothing. I replied to this second company via e-mail, asking them for a price and the registration history (no reply, of course), although their e-mail directed me to a form where I could “express my interest”. I didn’t use the form with either of these outfits. Yesterday, I was contacted again, with a follow-up offer to sell me the “now available” hukwa.com. This time I clicked on the form, out of curiosity. It said that the price would be $397.00 and had a payment form.

I just did another whois lookup. Guess what? The company that contacted me yesterday registered the domain name YESTERDAY. I am guessing that happened immediately upon my clicking on their link! Either they are also “tasting” for 5 days, or – once they’ve had somebody express interest – they actually will keep the domain for a year. The price is $397.00 for a domain that they bought yesterday for about $6.00 (and can probably get refunded under a grace period).

Here is the current whois lookup information for the domain:
Domain Name: HUKWA.COM
Created On: 08-JUN-2010
Last Updated On: 08-JUN-2010
Expiration Date: 08-JUN-2011
Sponsoring Registrar: THREADSHARE.COM, INC
Status: ok
Registrant Name: Domain Admin
Registrant Organization: InTrust Domain Names
Registrant Street1: 4845A Pearl East Circle
Registrant City: Boulder
Registrant State/Province: CO
Registrant Postal Code: 80301
Registrant Country: US
Registrant Phone: (1)(866) 582-2599
Registrant Email: domain@itdomainnames.net
Tech Email: domain@itdomainnames.net
Name Server: CALL.303-800-0310.COM
Name Server: FOR-SALE-AT.INTRUSTDOMAINS.COM

Check out the “website” of their registrar: http://threadshare.com/
Does this look like the site of a legitimate registrar? Not in my mind.

Here is the whois lookup for ThreadShare.com:
AboutUs: threadshare.com
Registration Service Provided By: Thought Convergence
Contact: domains@thoughtconvergence.com
Domain name: threadshare.com
Registrant Contact:
Thought Convergence, Inc.
Domain Administrator ()
11300 W. Olympic Boulevard
Suite 900
Los Angeles, CA 90064
US

ThoughtConvergence.com is located at the same address in Los Angeles.

Totally legal. Totally unethical. Isn’t the Internet wonderful?

This post was written by Peter Pelland

“Domain Tasting” Is a Pretty Tasteless Practice

May 25th, 2010

For quite some time now, I have had a suspicious feeling that one of my increasingly frequent observations was far beyond a matter of coincidence. Have you ever performed a whois lookup to check on the availability of a domain name, confirmed that it was available, but delayed registration of the domain until a later time? Sometimes it seems reasonable to presume that a domain name might be so obscure and highly personalized that there would be no chance that anyone else might consider registering that same name for years, if ever. Well, it turns out that this would be a bad presumption because in far too many instances that domain name would be lost moments later. You will have been the victim of a practice known as Domain Tasting or Domain Front Running.

I had a small business owner call me on May 24, 2010. She said that her son was interested in having a website built for his construction business. She said that a friend had checked and that the domain was available on May 20, 2010. It was an obscure, three-word domain name. I double-checked by performing a new whois lookup, and I discovered that the domain had been registered on May 20, 2010 … apparantly moments after the original whois availability search. What is happening? More importantly, how and why is it happening?

It turns out that the practice is not new. A post by the Daily Domainer back in February of 2007 generated 191 responses, most of which pointed an accusatory finger at GoDaddy. Other blog posts have singled out Network Solutions for engaging in this practice. Together, these are two of the biggest names in the domain name registration industry.

Here is how it works: It seems that many unscrupulous registrars who provide whois lookup services (which are, in fact, provided by virtually every registrar) are selling the domain search data to domain tasting outfits which, in turn, register the domain name with the registrar. Over the next few days, they test (or “taste”) the domain to see if it generates any significant amount of traffic. If it does generate traffic, they will make money from clicks on their bogus landing page. If the new domain does not generate traffic, it might be turned in for a refund under the 5 day “grace” policy of some registrars. Everybody wins, except you lose.

In the old days, Cybersquatting was a common practice, where unsavory characters would register domain names based upon legitimate small business names or product names, with the intention of then selling the names at an enormous profit margin. Domain tasters, on the other hand, cannot be bothered with selling domain names because they are more interested in earning millions of dollars, a nickel or a dime at a time. The Washington Post published an exposé of this practice, titled “Entrepreneurs Profit From Free Web Names” back in 2007. If you are not familiar with the practice, old news is still news.

How to you protect yourself?

  • Do not perform a whois query – anywhere – unless you are immediately prepared to register the domain name. This cannot be overemphasized.
  • Do not ever “search” for domain availability using Address Bar Guessing. There are ISP’s (Internet Service Providers) who have been found to engage in the practice of selling Non-eXistent Domain (NXD) Data to domainers.
  • If you have just “lost” a domain name that you failed to register, go back to look for it in 5 days.

Further reading:
http://blog.domaintools.com/2008/01/google-to-kill-domain-tasting/
http://www.domainnamenews.com/featured/domain-registrar-network-solutions-front-running-on-whois-searches/1359
http://www.billhartzer.com/pages/network-solutions-registering-domains-after-availability-lookup/
http://blog.domaintools.com/2007/03/stealing-domain-name-research/
http://blog.domaintools.com/2008/01/network-solutions-steals-domain-ideas-confirmed/
http://www.eweek.com/c/a/Security/Whois-Hijacking-My-Domain-Research/
http://www.eweek.com/c/a/Security/Bad-Taste-Another-Way-ICANN-Blew-Domain-Registration/
http://arstechnica.com/old/content/2007/10/icann-probing-insider-trading-allegations-with-domain-name-registrations.ars

This post was written by Peter Pelland