Dynadot

I'm Bill Hartzer, Director of DNProtect AMA

Spaceship Spaceship
Watch
I'm Bill Hartzer, and I am the Director of DNProtect.

I developed the algorithm behind DNP Score, which gives you a free analysis/report of any domain name.

I have also personally dealt with hundreds of stolen domain name cases since DNProtect has been offering the service the past few years.

Ask me anything related to domain name due diligence or stolen domain names.
 
17
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
I'll start out.

Let's say a domain is stolen. The owner contacts you.
Then what, what is the process like for a domain owner?

Also, how do you get most of your leads?
It is via ads, organic search, word of mouth, etc.?

Brad
 
Last edited:
9
•••
Usually, when we receive an inquiry from someone who claims to the be domain owner, it's via a form on the website. There are several different "types" of cases, and oftentimes a domain actually isn't actually stolen. Rather, something else happened. For example, someone failed to renew the domain and it's still "their domain" that they want back. Not stolen, but we're able to deal with those issues.

So, first it can be pretty obvious the response that is needed. Secondly, I usually do the proper forensic research on the domain (current registrant, whois ownership history, etc.). In most cases I can determine if it's actually stolen or not based on whois history of the domain. Then, if it's actually stolen, it depends on what the situation is; I may notify a registrar directly, I may work with them to first get a police report done, then determine if we can recover the domain name without a domain attorney, which is usually the case. Some get to the UDRP and URS stages.

At this point, we have several different sources: word of mouth, alerts I have set up and monitor, social media, Google Ads, organic search, and investigating other domains that have been stolen. Usually, if we find or hear about one stolen domain, there are others stolen at the same time.
 
5
•••
Bill,

Is DNProtect related to EPIK in anyway?
 
4
•••
2
•••
I thought it is a known fact that Epik is DNProtect's either sole or majority shareholder.

It also follows weird Epik way of branding when a noun is followed by a verb similar to NameLiquidate. You won't see that kind of pattern often in the English-speaking countries, as it is not natural way of speaking. More like Yoda-speak.

PS the website doesn't mention Epik, but the traditional exclusion of the residents of WA (it was speculated that it could be to avoid the local regulators' attention in another thread), as well as TrustRatings mark in footer also are indirect pointers.
 
Last edited:
4
•••
As a domainer, I have already been subject of targeted attacks / whole registrar accounts(!), not individual domains /. Were extremely smart combinations of technical and social engineering stuff directed on myself and the registrar support. Bill, based on your experience, what actions would you recommend to domainer to proactively protect himself? Some things are obvious - not using [email protected] email as a whois email of this exact somedomain.com for example. Other things are less obvious, but are still important...

Another question - you mentioned UDRP, but how relevant is UDRP if the domain is simply stolen? Does it mean that it was regged in bad faith? Are there already decided UDRP cases where Dnprotect represented the Complainant for stolen domains?
 
Last edited:
4
•••
Hello,

Is it normal to get the "banned" results for a domain on a landing page on Dan or Sedo as shown in the screenshot?


1.jpg
 
0
•••
It sounds like a big part of your job involves open source research. Do you have any tools or resources you've found especially helpful when investigating the background of a domain--any hidden gems the rest of the industry might not know about?
 
15
•••
Bill,

Is DNProtect related to EPIK in anyway?
I started DNProtect in February 2020 as a partnership with Rob M. So 50/50 with Rob, not Epik. Ownership could change in the future.
 
10
•••
As a domainer, I have already been subject of targeted attacks / whole registrar accounts(!), not individual domains /. Were extremely smart combinations of technical and social engineering stuff directed on myself and the registrar support. Bill, based on your experience, what actions would you recommend to domainer to proactively protect himself? Some things are obvious - not using [email protected] email as a whois email of this exact somedomain.com for example. Other things are less obvious, but are still important...

Another question - you mentioned UDRP, but how relevant is UDRP if the domain is simply stolen? Does it mean that it was regged in bad faith? Are there already decided UDRP cases where Dnprotect represented the Complainant for stolen domains?
There are inevitably going to be domains that are targeted more frequently than others, mainly because they're valuable. My best recommendation is that you should develop a strong relationship with your registrar so they know you--and if there is a targeted attack they can deal with it, let you know, or reach out to you. There are some registrars that are more secure than others, but at the end of the day if you have a relationship with someone at your registrar then if there is an issue that can be the first line of defense so to speak.

The majority of the stolen domain name cases we can resolve without having to resort to filing a UDRP or URS. And we have resolved them without doing so. But if you want to point to a case in particular, it's the UDRP for Patterns(.com). There were a lot of P-type domains stolen by one particular individual around the same time from Network Solutions. We identified that Patterns was stolen based on our forensic domain research at the time. I notified the owner of the domain, who didn't actually know it was stolen. After some convincing, and several phone calls later, we were on a path to recovering the domain. Account was accessed without permission at Network Solutions, domain transferred out to BizCN who was absolutely uncooperative, so we had to file the UDRP. What helped there was the company was using the domain for a website for quite a long time, and they were able to claim a common law trademark, along with the evidence that the domain was acquired by the current registrant under false pretenses (stealing the domain).
 
12
•••
Hello,

Is it normal to get the "banned" results for a domain on a landing page on Dan or Sedo as shown in the screenshot?


Show attachment 224349
Yes, it's "normal" so to speak for parked domains (or pages with landing pages only) on the domain to be removed from Google and Bing. That's to be expected, and isn't an issue but we point it out because if it has a live website on the domain you'd want to know about it. Banned won't affect the domain's DNP Score.

If it's on Google' safe browsing report, that's a completely separate issue, as the domain is considered to have some sort of malicious content on it. Or it did in the past and it's still on the list. You'd want to do what you can to get removed from that list.
 
0
•••
I started DNProtect in February 2020 as a partnership with Rob M. So 50/50 with Rob, not Epik. Ownership could change in the future.
This is confusing, because it's an Epik brand:

1664916115921.png
 
18
•••
It sounds like a big part of your job involves open source research. Do you have any tools or resources you've found especially helpful when investigating the background of a domain--any hidden gems the rest of the industry might not know about?
Yes, a big part of forensic domain research that I do involves a lot of different tools. Whois history is crucial, such as through DomainIQ. DNS Trails' historical DNS data can be very helpful as well. At the end of the day, though, having the right registrar contacts, picking up the phone and calling people, and sites like publicwww is also critical as well.
You can have the data there right in front of you, and if you don't know what you're looking at, though, it can be tough; there are tell-tale signs that a domain name is stolen, just by looking at whois history on a domain.
 
0
•••
0
•••
I agree, statements like that on social media can be confusing. I wouldn't believe everything you read on the internet :)
Thanks. Will you correct it?
 
1
•••
Thanks. Will you correct it?
Tweets can't be edited, so it's not possible to correct that particular post.
But yeah, any public messaging going forward will be correct.
 
0
•••
Tweets can't be edited, so it's not possible to correct that particular post.
But yeah, any public messaging going forward will be correct.
I was playing around with your API, and it kept prompting me to log into Epik. I'm not sure whether that was intentional, but I would've just assumed it was part of Epik if you hadn't said otherwise. I can definitely see how the confusion arises.
 
7
•••
I was playing around with your API, and it kept prompting me to log into Epik. I'm not sure whether that was intentional, but I would've just assumed it was part of Epik if you hadn't said otherwise. I can definitely see how the confusion arises.
Not sure why that is happening, it may be asking you to log into Federated Identity, not Epik?
 
0
•••
Not sure why that is happening, it may be asking you to log into Federated Identity, not Epik?
But that is another Epik brand. They cannot separate themselves from their brands.
 
7
•••
But that is another Epik brand. They cannot separate themselves from their brands.
I understand your concern, will see how it all plays out in the future.
 
0
•••
Tweets can't be edited, so it's not possible to correct that particular post.
But yeah, any public messaging going forward will be correct.

I agree, statements like that on social media can be confusing. I wouldn't believe everything you read on the internet :)
Especially what Epik posts. You should let Rob delete the post on Twitter if editing is not possible. Why keep a post that is not true :)
 
Last edited:
14
•••
Congratulations @bhartzer . this thread is 3rd most popular thread this week.
 
0
•••
I understand your concern, will see how it all plays out in the future.
It is not a concern I have but just a statement of fact. Just don't present brands as separate entities when they are clearly part of Epik. There is nothing wrong for a company to have different brands.
 
5
•••
You mentioned you developed the algorithm yourself. What did that entail, and how did you decide to weight each factor? Are there other factors people should consider when conducting due diligence that might have been too difficult or subjective to incorporate into your algorithm?
 
8
•••
Back