Jump to the Bottom Line
Several years ago, I wrote an eyewitness account about how I had personally witnessed a domain name that had never existed before – my rather naïve client had repeatedly searched and confirmed it was available without actually buying it – and then it was suddenly a “4 1/2 year old pre-owned $1788 premium domain”. Yeah, right, and I have a bridge to sell you in Brooklyn. I have never again bought a domain from GoDaddy, although I’m very sorry to say my naïve client has. BTW – she is no longer my client, and I don’t care that GoDaddy has been bought out. I have since heard that if you approach GoDaddy with screenshots of these kinds of things happening, that they just …
…blow you off with accusations of photoshopping. Some day, I will use a video screen recorder and just hand it over to the FBI. But you can do this yourself, FBI. Are you listening? Oh, wait, none of this matters anymore, as the U.S. is handing responsibility for management of the worldwide phone book of domains over to some nebulous yet to be specified (read shady deal unfolding) international body that has never heard of the first amendment. The FBI ain’t gonna have nothin’ to say about it.
Forget Armageddon wars over oil flow, gas flow, & water flow. WW III is going to be about the WWW & information flow!
So about two years after the GoDaddy incident, incredibly something very similar happened to me at another large registrar, EnomCentral! I was so horrified & shaken up, I did not write about it at the time, but the good news is I ultimately won that one. I was a relatively new customer and had transferred in a handful of domains. There were 3 more I wanted to buy – a .com and its associated .net, & .org. I had merely searched on the .com with the intention to buy it, and it was available, but I did not have it in the cart yet, I went across the house to get my purse, and then attempted to put my .com in the shopping cart, and oopsy daisy! This was now also a “pre-existing” domain. WTF? I did a quick whois on it, and poof, it had gone from having never existed before, to being so old it was past expiration, past “redemption”, and in the “pending delete” state. “Pending Delete”?
This means it did not / could not even have a web page attached to it demanding ransom. An expired domain is incapable of that. In the life cycle of a domain, “pending delete” meant it was so far past expiration it was completely dead, and even the so-called “previous owner” could not have paid the $100+ redemption fees to pull it back from the brink of extinction. It just had to be waited out past its scheduled cremation, and then anyone in the world could buy it again as “new”.
So … Why? Why did someone do this to me? It didn’t make sense. Where was the money to be made? I didn’t know how or why this had happened, but I quickly bought the .net & the .org, because I could, in reality, continue with my business plans without the .com. But the answer became clear soon enough.
I started getting emails from randomized Yahoo junk addresses, noting that I had recently bought the .net & the .org – didn’t I want the .com too? They could get it for me, if I only paid them through the nose. So, this was somebody who not only had sniffer code in EnomCentral’s new-domain search box, but also had access to who was logged in at the time. They know who I was, and were emailing me, but I did not know who they were. Pretty creepy. I received several of these over the course of the week, from several randomized garbage Yahoo email addresses. I never responded. (But I did save the emails and their full headers. Are you listening, FBI?) I was not going to be drawn into communicating with petty criminals, only to make matters worse. Oh, I knew they were petty. They were so small-time petty, they were too cheap to to even spend the under $20 registration fee it would have taken to tie up the domain properly. They had created it out of thin air in the pending delete state. They could not get it for me any more than I could get it for myself. So I placed a measured bet that if they were not willing to spend under $20 to do it the easy way, they were not going to spend the approximately $50 to do it the hard way, at a backorder domain sniper service, where they automate the process of watching domains cremate, and then rebuy them new for you. Perhaps they might have, had I handed them the several hundred dollars. Several hundred minus $50 would have made them a tidy profit, surely. But were they likely to spend the $50 on speculation, over somebody who had never communicated with them whatsoever?
I didn’t think so. I did some research and found a resonably priced backorder service with a registrar that wasn’t GoDaddy and wasn’t any of Enom’s many Enom-type names. It was a registrar new to me, that had never burned me. I didn’t know for sure the petty criminals hadn’t also placed a backorder, but at the very worst, I’d have a 50% chance of winning the domain. And about 2-3 weeks later, that’s exactly what happened. I got my domain for $50 rather than approximately $10, but I got it for less than several hundred.
Bottom Line:
So that brings me back to my headline, “Avoid Sniffer Code – the safest way to search for new domains”. How do I search for new domains these days? I’ll tell ya, I do not use web-based domain search boxes anywhere. If I know a domain already exists, and I only want to find out who owns it, sometimes I’ll use a web-based search on some site like whois.com or who.is. But if it’s a domain I suspect does not yet exist, whether for myself or for my clients, I use a command line whois, so I know it does not have sniffer code in it. For the mouse-driven point and click world, you might think this is tricky, but it’s really not hard. There are several ways to do it. On WIndows, you can follow these instructions, For Mac, here. For Ubuntu and Linux Mint, just open your terminal and type whois domainname. Myself, I will frequently use puTTy.exe, and ssh on over to sdf.lonestar.org to do my whois. I just like the place.
Then buy your domain, and do it quickly.
