Belief in conspiracy theories requires a healthy dose of paranoia, and domain name front running (DNFR) – the idea that domain name registrars like Go Daddy or Network Solutions are monitoring your domain name availability queries and registering anything you don’t immediately register yourself – sounds like a presumption of only the most suspicious and mistrustful.
However, evidence suggests that DNFR does in fact occur. Here are a few examples:
- In 2007, Jonathon Nevett, Vice President of Policy at Network Solutions, stated publicly in reference to DNFR that “the practice certainly exists in the gTLD space.”
- Ironically enough, in 2008 the same Jonathon Nevett confirmed that Network Solutions was, in fact, front running domain names, although they never admitted wrong-doing and claimed it was for the benefit of their customers.
- The ICANN Security and Stability Advisory Committee has received many complaints over the years and in October, 2007, they released the ICANN Domain Name Front Running advisory.
The Problem with Domain Name Front Running
So what’s the big deal? When a registrar registers a domain name that you have searched on and believes you are interested in, you are no longer able to purchase the desired domain name for, say, $8. Instead you either must spend whatever price the registrar sets, which likely ranges from $50 to $500, or go back to the drawing board to find a new domain name for your business.
Further, DNFR drives individuals to register domain names as soon as they first query their availability, before a final name decision has been made, just to allow them to maintain the option of using those names. As a result, an individual can end up registering extra names and spending more money than they should have to.
Possible motives for DNFR speak to the unscrupulous nature of the practice. Excerpted from Nominet’s 2007 position paper “Domain Name Front Running: Nominet Experience,” possible motives include:
- To extort money from the person who originally intended to register the name by making them pay to get it.
- To steal the business idea of the person who originally intended to register the name.
- To block or disrupt the business or project of the person who originally intended to register the name.
- To utilize the traffic that the name generates.
How Domain Name Front Running Happens
Many domain name registrars – including Moniker and Sedo, for example – maintain their own portfolio of domain names that they monetize with websites, parking or resale. While not illegal to do so, some domainers frown on this practice, arguing that owning domain name portfolios puts registrars in a conflict of interest with their customers who want to potentially purchase the same domain names. And it’s this practice that can lead to DNFR because when registrars are looking for desirable names to add to their portfolios, they have the domain name query data at their disposal.
Front Running Encouraged By Tasting
Up until 2008, domain name “tasting” allowed registrars to register large quantities of domain names, place advertisements and see if they could produce significant revenue, and then drop the ones that were not financially viable.
In 2009, 99.7 percent of domain name tasting came to an end when ICANN announced they had made large-scale domain name tasting financially unviable. (The solution they enacted charges registrars if they return more than a certain number or percentage of domains each month.) This still allows, however, for a small number of domain names to be tasted, which can lead to the unscrupulous practice of DNFR.
How to Avoid Domain Name Front Running
All of this naturally leads to the question, “How can I do a WHOIS lookup but hide my searches from prying eyes?”
The answer involves using your computer’s terminal access that connects directly to registry databases, rather than using a web interface through your computer’s browser (see figure below). By doing that, you bypass the “middleman” registrar.
On a Mac or in Linux, do the following:
- Open the Terminal application (located at /Applications/Utilities/Terminal.app). For quick access, simultaneously press Command+Space and then type in “Terminal”.
- Type “whois query.ext” without quotes, where “query” is the domain and “ext” is the extension. For
example, type “whois domainsherpa.com” to perform a WHOIS lookup of this website.
- Review the output. If the domain is unregistered, it will display, “No match for QUERY.EXT.”
On a Windows-based computer, do the following:
- Download Whois v1.01 from Microsoft and open the application.
- Type “whois query.ext” without quotes, where “query” is the domain and “ext” is the extension. For
example, type “whois domainsherpa.com” to perform a WHOIS lookup of this website.
- Review the output. If the domain is unregistered, it will display, “No match for QUERY.EXT.”
In a web browser from any computer operating system:
If you don’t want to use command line prompts, at the very least you should query InterNIC, which is operated by ICANN, directly via their website. At InterNIC you can do a WHOIS search for the following TLDs: .aero, .arpa, .asia, .biz, .cat, .com, .coop, .edu, .info, .int, .jobs, .mobi, .museum, .name, .net, .org, .pro, and
.travel.
While the above three procedures do not guarantee that your domain name search will not be tracked, they do make it far less likely.
What Not To Do
According to a blog post by Jay Westerdal in 2007, the worst thing you can do is type your desired domain name into your browser directly to see if it resolves. “Non-eXistent Domain (NXD) Data is a response the DNS system tells the asking computer if resolution on an IP address fails because the domain doesn’t exist. Yes, ISPs [Internet service providers] sell this data,” according to Westerdal. NXD data can be extracted from ISP logs and sold to research companies who can then do domain name front running or sell it to another party who could do domain name front running.
Jay Westerdal also cautions against:
- Using smaller search engines that are prone to sell any possible data they have to generate revenue,
- Using browser plugins or extensions that send data through third-party systems, and
- Using WHOIS lookup services that are not trusted.
Final Tip
Just because the idea of someone monitoring your domain name queries sounds paranoid, that doesn’t mean it’s not happening. My final tip? Buy a domain name of interest as soon as you see it available.
Domain Name Registrars Respond
[Update: 04 April 2011 @ 12:12pm PDT] As the discussion continues both here on DomainSherpa.com and on Hacker News, I decided to ask the domain name registrars mentioned in this article to respond directly to the topic of domain name front running – for the record. Below is my tweet and any responses received from the four registrars mentioned in the article.
Mason Cole, Vice President at Oversee.net (parent company to Moniker.com), stated in an email to me: “Moniker does not front-run domain names.”
Special Thanks
Thanks to the following domainer for their technical peer review of this article:
Parallel Discussion on Hacker News
For those of you who are fans of Hacker News (hackers being those with technical adeptness who find delight in solving problems and challenging limits), a parallel discussion of this article and domain name front running is taking place.
If you enjoyed this article, subscribe for updates (it's free)