snubbr.com

GoDaddy user reviews : Advise I buy GoDaddy?? domibot spying on whois searches?

Get GoDaddy web hosting for just $1.99. Click here to use coupon...

Special $7.49 .COM sales. Click here for this special deal...
WARNING: Somebody might be spying on WHOIS searches - mind blowing but true!!! http://forums.dnsstuff.com/tool/post...post?id=943423.

I know domibot grabbed a bunch of domains people have posted over in the aval. domains area, but take a look at that URL.....

Comments (69)

Hi ZuraX,.

Thank you for sharing! it is an interesting finding/discussion!..

Comment #1

Im surprised that people find this so shocking, if you think that companies arent gonna collect and record data then your a fool...

Comment #2

Hi Amnezia,.

In this case, I think it's a level beyond that!..

Comment #3

Amnezia say I found out you was really interested in buying a certain house and I bought it before you and then told you I wanted $1,000,000 more than what you could have bought it for?..

Comment #4

You mean like when someone wants to go and register a domain and there is a domainer sitting on it who wants $10,000 for it when it would only cost $10 at a registrar?.

Thats just how things are unfortunately. I'm not saying I agree with it, I'm just suprised at how many people are naive about things like this...

Comment #5

Hi Amnezia,.

I am not sure if you had an opportunity to read all the claims made and the facts presented in the discussion but it goes beyond collecting data about you ...but rather engage in an "unfair" competition for the sole purpose of making commercial gain. I think companies and websites that provide "whois" service, including registrars, who deliberately practice this "behavior," need to disclose it for the users.

Just my 2 cents! Thanks..

Comment #6

Companies have been keeping records of whois searches (and people checking if a domain is regged yet) for a long time. The majority of companies that log it do nothing with it but like in any industry there are people that use that knowledge for financial gain and 1 obvious way to gain is to reg thoe available domain names...

Comment #7

There are a couple of things going on, and some different practices are somewhat conflated in that discussion thread.

First off, the internet is a system accessible to 10's of millions of people. So "one in a million" coincidences should be expected to happen dozens of times a day.

In that thread, one person is talking about a domain name which he was waiting to expire, and noted that it was unexpected that someone registered it. As of right now, EVERY domain name that expires - and I mean every single one - is caught and traffic-tested. Even if there is no SnapBack or Pool bid, whatever is left over out of the 20K or so domain names which expire every day, EVERY single one will be re-registered and traffic-tested for at least five days. Deleted domain names simply do not become available - the market is that saturated.

Why five days? The answer gets into the second thing which is going on. The Versign registry-registrar contract which governs registrars' access to the .com registry has a wrinkle which is being exploited. A registrar must currently pay $6.00 to Verisign in order to register a domain name for one year. However, the registrar can rescind a registration within the first five days at no cost. While the original idea was to deal with typo's or technical errors, the contract is silent on reasons why it can be done. The bottom line is that a domain name can be registered and traffic-tested for five days.

So, here's what some people are doing. They generate lists of 100's of thousands of domain names, register the names, and keep them for a few days. At the end of the testing period, names that get any hits at all are kept, and the rest are deleted. Verisign recently stated that each week, about 7 million names are registered and about 1% of those are kept. Why doesn't Verisign stop the practice? Simple. That 1%, represents 70,000 names a week which would not otherwise be registered.

Okay, now the question is "how do I generate a list of 100K+ names to test in this manner". Well, you could just have them spit out of a combinatorial algorithm in order to generate candidate names, but what if you could buy search data - from Yahoo, MSN, Google, etc. containing millions of search queries? The way you would build your candidate name list would be to take those strings, run them against the .com zone file, identify unregistered names, and then test them.

Similarly, if you had a deal with an ISP, you could obtain lists of DNS lookup "errors" which resulted from people attempting to reach non-existent domain names, in order to generate your candidate name list.

Do you have someone's "free browser search plugin" installed on your computer which transmits all of your search queries off to some mother ship somewhere?.

There are all sorts of ways of getting at search data for candidate names, and it goes well beyond merely operating a cheesy spy-on-whois-searches mechanism.

So there are all sorts of mechanisms by which the activity of conducting searches for a particular string may be fed back into what amounts to domain trawling or "catch and release" traffic testing of domain names. Whether or not someone is spying on whois searches at any particular whois services is an open question, but it is a suspicion that has been tossed around for years.

Personally, I scratch my head and wonder sometimes at the stories that go, "I wanted to register a domain name, so I checked if it was available, and then I came back several days later and it was taken." You can register a domain name retail for as little as $8.95 at some registrars. The bottom line is that if you think an available domain name might be worth registering - then register it. Whether or not someone is feeding your search data into a domain testing program, it might be that or it might be by the sheer coincidence of 1 out of 10's of millions of internet users, that renders the name unavailable within a few days. If it's not worth nine bucks to you today, then what did you think it might be worth to you next week?.

Please note, I am not defending or advocating any particular domain registration practices here. I am simply describing the present reality.

Feel free to post this in that forum. I'm on something of "forum overload" right now...

Comment #8

Actually whois.sc has a service you can sign up for and pay per month and it says it will tell you what everyone is searching for. So about the same thing. But also such as yahoo tells on home page what people are searching for and I don't think there is anything illegal about it do I like it no lol...

Comment #9

Hi jberryhill and thank you for your insight!.

Yes, your above description reflects the market reality and makes sense! What concerned me the most is that some new domains (some of the ones mentioned in the discussion) had never been registered before ( at least there is no history of them on the net) also some very personal names; in addition to some made up names that were taken in a short period of time and right after a "whois" inquiry was conducted. Also, it appears that members in that discussion had tested this existing practice among some service providers to support this established pattern of someone having prior knowledge of the search for that particular domain.

If this is really occuring, it is basically "spying" on these searches for the purpose of making a profit, and the question would be whether this practice is legitimate to conduct or not!.

Thanks..

Comment #10

Then you know what to do about it, right?.

It's amazing when the creative solution to a problem is staring people right in the face and they don't notice it.

I'll let you meditate on that for a while. I don't see why not. I can put a whois lookup bar on my website, and if I don't have some sort of agreement with you, then why can't I use that data for any purpose I darn well please?.

Nobody's putting a gun to your head and forcing you to use my whois search bar.

You can do your own port 43 whois queries to any registrar without using a third party whois lookup service. If you want to use mine, then I can surely say "By using my site, you allow me to do whatever I want with the data you send to my server". I don't have to say that, of course, because there is nothing that gives you a right to tell me what to do with data that you send to my server. You don't want me to do that, then don't send data to my server.

It's that simple.

Take the example in that thread where the guy is going off about copyright law or some such nonsense, because he did a whois lookup for aquantz.com and then later found it to be taken. He didn't have a copyright or a trademark in the term merely because he did a whois lookup. He delivered the data - "aquantz.com" - to someone free of any restriction on how that someone could use the data. The theory is that this someone then used that data to register a domain name. I can't fathom what could possibly be illegal about that.

Now, if the site had some kind of privacy policy or something to that effect, then he MIGHT have a breach of contract claim. The damages would be approximiately nil, though.

Maybe I'm not being clear, so try this.

You walk into my living room and decide to hang out there and do whatever you like. While you are in my living room, I watch what you do. Am I "spying" on you? Uhmmm... no - it's my freaking living room, I can watch whatever goes on there.

So distinguish that from "you visit my server and send data to it". You're telling me I can't watch whatever goes on at my own server?.

I guess I just don't understand. Help me out here...

Comment #11

Thank you jberryhill for your explanation! you make a lot of sense out of it.

Sometimes what may appear "unethical" is perfectly legitimate!.

On the other hand, I think registrars that provide direct registration services and use this practice to collect users search inquiries for possible registering these names later on, either thru them or thru a third party partner, need to discolse it in their privacy policy. Thanks again for taking the time to reply!..

Comment #12

I still think it`s very unethical.These companies have an unfair advantage and this still is wrong..

I`ll get on writing some sort of script that will submit thousands of bogus whois searches everyday.Let`s see how they like their advantage then.....

Comment #13

Kektex wether something is ethical or not has no bearing on it's legality.

Regarding making a script that carries out thousands of bogus searches could be considered illegal as if it gets to a high extent then it could constitute a denial of service attack...

Comment #14

I never said it was illegal.Just unethical.They are basically a bunch of extortionists..

Of course I would never write something that would carry such an amount of searches to be considered a DoS..

Just 3 or 4 searches per hour.It is a legal use of the service they are providing and taking advantage of...

Comment #15

Sorry, but I think if it's not illegal, then it should be!.

I looked for a domain name yesterday, and after about an hour, I decided to.

Register it. When I went back to see...it was already gone!.

After waiting days for the whois to resolve, it came up registered through my.

Registrar!.

So there is noway you can tell me it doesn't happen! and the time on the reg was about 10 mins from when I searched it! ... As far as I am concerned,.

It's theft and fraud! (whoever is doing it) Don't they have a code of ethics they are supposed to follow? this is MY OPINION - from experience to me!..

Comment #16

Apparently theres no code of ethics here mis_chiff. And as long as there is people saying it`s ok,your fault for not registering the domain immediately I only see this problem getting worse..

What registrar was this? We should keep a list of these extortionists so people know to stay away from them...

Comment #17

Sorry, I won't post the name in a public thread,.

And without concrete evidence to back me up it could be a slander suit.

However, I know...just as you guys who have had happen to know.....

I have actually emailed the "person" or "company".

Or whatever it is...and asked a couple of questions.....

As far as anything else goes...legal action is not out of reach....

If I remember correctly, the electronic transmission of that search.

Will be under mine...and living in Canada...a judge may say...yup...it was hers first....lol.

We can only hope if it comes to that..

But it's not a major domain name. It's just how it came about!.

Sneaky doesn't sit well with me!..

Comment #18

This practice has been going on for quite some time. 2 names that crop up a.

Lot are Unasi and Kenyatech.

Honestly I think it's fine if you're using the registrar's systems for looking up a.

Domain name if it's available or not. You are using their system, after all, and.

As Dr. Berryhill said no one's forcing you to use it.

Here's one problem, though: from what I've been reading in various forums, it.

Seems to be happening even if you're using registrar A, and then Unasi or KT.

Grabs it at another registrar especially if chances of anyone knowing it are.

Especially small.

In fact, one recent thread in another forum has caused me great concern. I.

Can only probably hope such a thing won't happen if I try to search for an.

Otherwise unique term but didn't get it right away for whatever reason.

I just feel some registrars are "exploiting" their registrar privileges to grab the.

Names they otherwise wouldn't possibly think of, especially if chances of any-.

One coming up with the exact same but unique term are slim. OTOH, no one.

Has absolute exclusive rights to a domain name 'til it's registered and used in.

Some way.

(Of course, the simplest solution is to just register the darn name right away.

Once confirmed it's available. And make sure your card's in good standing, too.)..

Comment #19

3-4 searches an hour would do absolutelty nothing and not hinder them in the slightest. Anyway in your previous post you claimed the following:- Do the math thousands of whois searches every day is not 3-4 an hour (that would be 80-90 searches a day) Submitting bogus searches would not constitute a legal use of their service especially if you do it at a rate you suggested in your first post. (if you did it at the rate of your next post it wouldn't make the blindest bit of difference to them).

If you do not like their practice the simple solution would be to not use their service at all then they can't get your whois searches. If you want a safe way to do a whois search use the unix command for whois or use nominet or such companies search on their site...

Comment #20

I didnt realise how many people throught their data was sacred on the internet, what is being discussed here is the tip of the ice berg. There are huge amounts of data being traded for commercial gains behind closed doors.

The only way to make sure you data remains a secret on the internet is to not input it at all...

Comment #21

Where are you folks doing your name availability searches?.

And have you swept your system of browser plug-ins, instant messengers, and other spyware nonsense?.

You don't have to do a whois lookup through ANY registrar to determine name availability.

At LEAST use the Verisign registry lookup: http://registrar.verisign-grs.com/whois/.

I don't believe it would be slander at all to name the registrar, because even if they ARE looking at the whois input stream, they AREN'T doing anything illegal.

It's like saying to a stockbroker... "Gee, I think maybe I'll buy 51% of company X stock next week." Uhhhhmmmmm.......

Comment #22

Exactly. Just that some people are just paranoid towards Verisign...

Comment #23

Damn, thats waht happened to me...

I went to GoDaddy to look up www.LetMeRant.com I did not have the funds to pay for the domain so I put it on the list of domains I wanted and went back for it 2 weeks later..... www.letmerant.com was registered by http://www.domibot.com - but than droped...so I just bought it.

Now I am not crying I was just saying.

I think it's wrong them to do this, but thats my opinion.

My friend (mcaricofe) just told me a easy soution... don't look up the domains till you wnat to register them..... easy and the way too do it... eh.....

Comment #24

I think they do this so you buy it from them at a higher price... I was afraid this would happen with me and one of my domains so I did one search to see if it was available and then another right before I was about to purchase it... my entire site depended on that domain so I had to make sure I could get it...

Comment #25

Or input a little crap here and there. If 1% of a dataset is wrong, it's %100 unreliable..

Comment #26

Is the consensus that Verisign registry lookup is the most reputable whois service?.

I would think a company would pop up that would guarantee they did not data mine. This may be a smart marketing ploy as it would probably start drawing more internet users to the site to do whois searches...

Comment #27

1. I spun names on Godaddy for about a month and a half in the beginning; then I found that so many of the names I thought were decent and put on my 'to get' list were reg'd so closely after I searched for them, I and my domaining pard just said 'no way'. I switched to Whois.sc.

2. Have been spinning - even more names, I might add - at Whois for a few months now... and NEVER had one of my 'to get' names taken.

3. March 22 Whois was flubbing up on me, so I foolishly spun names on godaddy again for about 20 mins. I came up with only 3 names I really liked:.

SoloRose.com.

NetHaul.com.

FirstApple.com.

I didn't tell anyone of these names.

4. I can't register 20 names each day, 7 days a week... I like to do a little research and thinking on the better ones, so I waited; you can whois those 3 names and see how quickly those 3 names were reg'd after March 22 evening, NOT by me. The other dozen I came up with earlier that eve on Whois that I put on my 'to get' list - still available, even today.

I'm not commenting on the legality of this, obviously nothing illegal is happening; we're searching on public sources, with registrars/search agents who all obviously collect, use, and/or make public our searches.

But for some reason, some registrars make the access to our searched names available to a lot more of the right (or wrong) people.

Just makes those domainers whose livelihood is based on reg'ing new names, rather than buying proven existing names, have to try a little harder/smarter to search using 'safer' sources and tactics. So far I have no complaints with Whois.sc for that (though I do have a few complaints about some of their glitches while searching, but that's another story).

I'm going to stay away from the ethics debate here; it USED to piss me off, I had some attachment and pride to the names I invented, and some desire to eventually reg many of them; AND, on some level, spiritually if not legally, every name I invent is actually my Intellectual Property because I was the first to come up with it (if I was). But of course the law couldn't possible recognize unreg'd names, without trademarks, as being intellectual property.

Interesting aside (I'm a commercial designer): Funny how a few sheets of paper filed somewhere are needed to say 'okay, this is your intellectual property now' for a name, but if you do a little drawing, even a scribble, it is automatically recognized as being created by you and is protected by copyright - even if you don't file for it.

Anyway, it's a waste of time just getting angered over these things; I was angry with MYSELF for using GDDY again knowing full well how unsafe it was, but not angry with them - they, and anyone they make my searched names available to view, are in this to make cashola, just like me; they'll use whatever means they can, within the law. They may use more cut-throat methods than I like, but no use crying over it. Lesson learned for good, this time...

Comment #28

Actually, in every instance where this has happened, one should check back in five days. It is very likely that the whois input stream is being used to feed the 5-day test cycle. So if the domain name gets no hits, it will be thrown back.

On the question re: Verisign, I have to just throw up my hands in wonder at how people purport to rely upon a system without really knowing how it works. EVERY cross-registrar whois HAS to check the registry data first, in order to identify the registrar responsible for the rest of the whois data. So if you are doing WHOIS searches, it doesn't freakin' matter whether YOU check Verisign's data - the software you are using is DOING THAT. So, yes, Verisign can see dang near every whois search done. Now, some registrar searches will first check "is it one registered here?" first.

However, registrar-level WHOIS is not even what you should be using to check name availability.

But, yeah, if you are going to depend on other people to provide web-based thingies to do indirectly what you can bloody well do yourself then, yes, you aer going to be at the mercy of those other people to provide those web-based thingies...

Comment #29

It is simple. you found nice domain - you register it. if you will not, somebody will grab it. And enougth wonder, that somebody spying in the internet. sure somebody spying. you are doing search on somebody elses website. why owner will not know, what kind of searches you do?..

Comment #30

I was with you 100% JBH..until you made that comment. My first thought way..uhmm...if the person buying stock X was the CEO that could be considered insider trading which is very illegal. So that got me thinking...there are no laws concerning "inside registration" and maybe that's what needs to be done. I don't consider the current practices illegal or unethical. It's business. Is it fair? Probably not..but so what.

They ones with the money are the ones with the power. They can register and test millions of names per day. The average guy still needs to prepay for those test domains. If I needed to test 100 names I would need to chalk up $700+ for it. Most registrars don't refund either so you would only be credited to your account those which you delete.

I am really shocked however at the outrage of this practice. It's so common at this point. It's common sense not to whois lookup at crap sites. Any info sent to a server is pretty much open game for them to use. I am suprised Google isn't registering 1000 names a day. They could probably build a tool to register every search term that's useful.

Hey it could happen.

I also never waste time thinking about registering a name more than about 30 seconds...it's either mine or it's gone.

There should be lessons learned from this not outrage and shock...

Comment #31

My Domibot story.

Was searching for some domains a couple of days ago on what I would call a fairly esoteric topic that I hope might be important/valuable some day.

Though the #1 OVT phrase for this topic has been taken for a couple of years (as have the few other related domains I've found already reg'd on the topic), I had found a few that I liked and had them in my cart.

I was down to the last two on my search list when I went to check the plural version of the #2 OVT phrase for this topic and found that it was available. "Cool" I think, so I added it to my cart. I then went to check the singular variation and found that it was taken. I checked the whois and found it had been reg'd by Domibot that very same day!!! No time was listed so I was unable to verify whether it was done prior to the start of my search.

I immediately headed to the checkout with my goodies to minimize any chance that Domibot might try to grab them first. I'm happy to say I was successful and got them all.

Considering the topic I was researching and the timing, I found this very co-inky-dinky...

Am waiting to see if Domibot throws the domain back...

Comment #32

Hadn't check the domain that I referred to in the above post for a few days but found it was "re-reg'd" today to Kenyatech.com. Hmmm.....

Comment #33

Looks like Domibot is all over the place. A similar thing happened to me. The other day, I "found" that camroom.net was available but I didn't register it right away.

I read this thread earlier today and thought I'd better register camroom.net soon. Voila! It was already registered to no other than Domainbot, registration date was April 19th. Coincidence? Not very likely.

Gugush is right though. When you find a good name, reg it right away before someone else does...

Comment #34

I haven't used whois to check the availability of names I want to register for years now. I haven't used a web based whois in nearly a decade. I also take precautions against other ways of snooping names which haven't been mentioned here. There are ways to be highly secure but it takes quite a bit of effort.

But it's worth it in my opinion. I archived 13,105 whois queries on my networks in the last 24 hours. I'm sure a less scrupulous individual could find a number of gems in there to register. And I know there are many larger and less scrupulous players out there...

Comment #35

Can someone explain to us technically challenged individuals how one goes about checking (securely) the availability/status of domains w/o using a web based whois?.

Thanks!..

Comment #36

I`m thinking the best way right now might be to do it via the command line..

I`m writing a small script so I can do bulk checks in my shell account.Linux only though, don`t know how to do this for windows..

You could always use the www.dnsstuff.com whois check tool. I think they are good people.But you never know...

Comment #37

I checked qtbe.com yesterday, and it was available...so I.

Looked again today and it was gone...About 15 mins after my search yesterday!.

Coinkie dink - I think not!...Bad registrars looking through searches......yep!..

Comment #38

Avoiding a web interface doesn't guarantee no one can see what names you're checking. If you use a whois client data still goes over the network. It can still be recorded, intercepted, etc. I record hundreds of command line connections to internic.net every day in my whois archive.

In absence of a secure link directly into the whois database of the TLD registry, the best way to be secure is to keep your data off the network. The average user can accomplish this by downloading lists that contain every active domain in a given TLD and running their searches against that.

The only time your chosen names need to pass over the network is when you want to register them. Even then they are passed only in an SSL session with your registrar and between the registrar and the registry. If you can't trust your registrar then you shouldn't be using them.

Like I said, it's not particularly easy. But you'll never hear me whingeing that someone's registering the names I check...

Comment #39

What registrar did you use to check?.

I`m thinking we should start a list of these "bad registrars" to warn people about them...

Comment #40

...which is a law specific to securities.

When you see a guy win a wad of cash at the track, you might try to overhear him the next time he's at the betting window...

Comment #41

Same one I usually use.....namespro.ca.

Sometimes lifedomains.com.

I had an issue there about a month ago...where absolutely everything.

I typed in was telling me it was gone (thread somewhere here in namepros)..

Comment #42

Update to my #34 post above.

The domain that I was referring to is showing as available once again.

Guess it didn't get enough hits to keep. Now it's up to me to turn it in to a money maker!..

Comment #43

Oh I understand. But realistically that law was to protect the consumer from large insiders gaining knowledge and using it against the share holders. Personally I believe registrars should not be registering names. It's a conflict of interest and while currently not illegal...should be. I also want to see reform on the drop market. It's currently a rigged system as well...

Comment #44

Oh no, thats more like Muhahahaha!.

Thanks for sharing the precise info, hope the number of searches remains at five.

By the way how do they get the software triggered? I am still clueless...

Comment #45

That's an overly broad statement. There are certainly some sites, registrars even, who will monitor queries. Each will have their own algorithm for which names to register and when. There's not some omniscient organisation that monitors every whois query in the world...

Comment #46

I wish there was a way to overload their system...somehow to DDOS them with false names to register...

Comment #47

This is happening everywhere.. most of the registrars are I guess monitering the whois search. Its like making more money for thembut I dont understand that why these big players have to do such small things.....

Comment #48

Having worked for an ISP I can confirm that this is typical practice for ISP registrars.

But, you do realise there are potentially ways around this.

If you are interested in purchasing a domain name, but don't have the money beforehand, just ping it from your LOCAL MACHINE first. Don't use a DNS query online, it's potentially the same situation. If the DNS query comes back as unknown host, then there's a 50% chance it's not registered, so make a note of it. If it returns a ping response, bet your ass it's taken.

Pings aren't WHOIS'ing domains so are unlikely to be tracked. Unless somebody is purchasing DNS query information from root servers, which I very very very very very very highly doubt.

Not a definitive solution to the potential 'problem', but it should be more secure for you...

Comment #49

Bad advice. Apparently whatever you did for that ISP did not provide you much insight into how registrars, or even networks, work.

When the user pings the host they will be querying their ISP registrars DNS. The user never touches the root servers, and everyone along the pipe can see the DNS query. These queries can be (are) recorded and monitored. In fact it's the best way of finding good typo names I ever came up with. Seriously!.

Whatever you do, do not use this method to check the availability of names. Not only is it highly inaccurate but it doesn't do what is claimed. If anything it attracts more attention to your name...

Comment #50

Utter rubbish!.

If you're going to try and discredit one of my posts, please at least try and provide some technical information. Do you even KNOW how a DNS query works? Apparantly not, and all too keen to give out false and misleading information.

If I ping a domain, my ping request will first check any HOSTS setup on my local machine. If a relevant record isn't found, it will then contact the DNS servers attached to my connection. Usually, as you say, this will be my ISP's DNS servers. So I'll contact their servers and see if a DNS entry is either cached or stored on their servers.

When they find out that they have no DNS entry for this domain, their servers will query the root name servers and get the nameserver information for this domain. It'll then hit the attached nameservers (if any) and provide me with the IP address. From a connectivity point of view this is almost the same as trying to go to the URL in your browse, from a DNS query point of view.

AT NO STAGE IN THIS QUERY is the domain whois'ed. After all, why the hell would I want the whois information? So i'm NEVER checking the availability or registration status of this domain. I'm merely checking if it's accessible on the web.

I have never stated this method can be used to accurately check domain name availability. I said that this will provide you with a 50/50 chance of availability and is a HELL of a lot more safer than using a web whois search.

It's possible that ISP's may log all failed DNS queries but it's *FAR* less likely they will, when they can use a whois method - which people are far far far more likely to use instead.

Bottom line: There's no way to avoid this potential problem. But a DNS query is likely to be far safer, albeit not 100% accurate.

Oh, and on a side note, there are many many many simple ways of running your own DNS servers locally (even just a caching nameserver) which can bypass your own ISP's DNS servers. This would cut out the potential ISP 'sniffing' of invalid DNS queries...

Comment #51

Well he never said it did a whois query. What makes you think that the DNS queries can't be logged as well as prima stated? Anytime you hit the internet it's a good chance your activity is being logged somewhere...

Comment #52

An accurate description of your take on the secure checking of domain names Technical information? Such as the accurate description of how name resolution actually works in my last post? Sorry if you think it's false and misleading but that's the way it actually works. I've been coding and managing name servers for over 15 years. I'm pretty confident I know how they work. You claim authority because you have worked for an ISP. Well so have I, coding customised name servers. At which point your ISP has a record of your query.

Which is why it's just so easy to monitor these queries and get a list of cool typos. Thanks again for proving my point. Which is why your ping method is so useless. There are oodles of names registered that don't have a DNS record for the root name. I can determine whether a coin toss is heads or tails with 50/50 accuracy I just guess!.

But I can determine the availability of a name with a high degree of accuracy securely without sending any data over the network. Possible? Damn! I wrote this software when I worked for an ISP a decade ago. You're missing the point here. The average user is going to do thousands of queries a day simply by surfing. They are going to type in names, follow links, and some of them are going to be names that aren't registered. Typos, wrong extensions, and names they just didn't remember correctly.

No one is out to spy on your silly ping trick. But they will end up spying on it because they monitor these queries anyway. Bottom line, pinging a name to determine it's availability is not only inaccurate but totally insecure. Unless you have a secure leased line straight to God your DNS server is going to query some other DNS server over a line provided by your ISP. I've had software monitoring packets for DNS queries on my network for three years now.

Even if you use one of my competitors name servers...

Comment #53

Anyone know if "OregonNames.com" is another DomiBot type piece of garbage? I've seen it nab names that I've look up that are available that are names that other people 99.9% most likely don't even know exist. :s..

Comment #54

Nice theory. There is, however a number of nasty reality checks.

If you take .com for example, only 65% or so of the domains are active. That means that the nameservers are set up and are answering for them. So your program, rather than looking at the ping results, should be looking at the DNS error codes first (NOERROR/SERVFAIL/timed out etc). Merely pinging about wildly would look a bit strange especially if it is done in an automated fashion.

Then you have to have a host to ping. Now it is perfectly possible to set up a domain zonefile without any hosts. So the error rate on your solution begins to climb again.

And if the registrant uses the technique that the .eu squatters use, the domain could be registered without any nameservers. Therefore only a whois check (unless you are using some rather advanced probability based software) will show it as being registered.

Regards...jmcc..

Comment #55

OregonNames is SnapNames. I once asked this question and got my answers.

Soon after.

What site/s did you use that time that were eventually scooped up?..

Comment #56

Im currently going thru this problem with them.

Im an actor / model and theyve registered my full birth name...which is rather unique. I just sent an email to my publicist and left a message with attorney in regards to this. They have already set the site up with affiliate links and such..

Comment #57

Yikes...hopefully you will be able to get your name back from them. Let us know how that pans out...I'm curious how DomiBot deals with trademark issues and whatnot...

Comment #58

You should be able to get it back if you can show it was registered in "bad faith" - from what I gather from your post, you can..

Might cost some money if they don't reply/agree to give it to you. Did you email them yet?.

Out of interest, what is your name? Are you famous yet?..

Comment #59

Have your attorney send an official letter. If they do not respond you can still WIPO them if you badly want your name but it will cost you $1500..

Domibot aka domaincar aka unasi etc have had many wipo against them and they typically do not respond to defend themselves. I assume you would get your name back easily..

A recent name they lost at WIPO is francetelekom.com.

Link to the ruling: http://arbiter.wipo.int/domains/deci...2006-0179.html.

My post on another forum about it: http://www.dnforum.com/f26/francetel...ad-151463.html..

Comment #60

Thank you.

Update:.

My attorneys both sent letters. (My personal attorney and Publicists attorney) we have recovered my name!! Im not sure how it all went down, but I can say that GODADDY is somehow involved.

I went to register a variation of my name and Godaddy said it was taken and offered the 'back order' service. I used their WHOIS search and it came up 'blank' and said it had 'timed out'. I then went over to another registrar and completed the transaction in another window I had open.

~Emerald..

Comment #61

Of course I'm biased in my comments on this matter, since I've handled a domain name celeb site or two in my time over the years:.

You're very lucky that the original domain holder so easily caved and was scared off. Since human celebs (and wannabe celebs) are NOT trademarked companies or products, you would have had to prove bad faith, among other things, which is usually tough to do.

Most such cases are lost by celebs, while mainly the occasional ones they win make the headlines.

*************.

As to the "dombot" situation, this is a newer wrinkle. Previously, we've had to deal with the "kentechs" of the domain world, who largely relied on stealing names that had been searched for and put in the shopping carts of domainers, albeit briefly - when the domainer changed his mind about a buying a name that day, which meant taking it out of his cart, that gave the Kenyatechs and their pals the greenlight.

But now, these sleazeballs aren't even waiting for the shopping cart bit - they're going straight for the Whois query itself! These rats are obviously getting more desperate to farm OUR good name ideas, so they've upgraded their name-grabbing programs.

Naturally our Verisign village guys don't care, since their moral misgivings are blunted by all the cash these crooks are "paying them off" with in those five day turnarounds. They should have ended that ridiculous "five day farce" years ago, anyway - because after all, it does state in the disclaimers of most registrars that you're suppossed to be strictly "on your own" if you screw up and typo a domain name!.

Wow - us poor domainers get pressure from the top by famous companies and people trying to grab our names, claiming that our domain names are too similar to theirs, and pressure from the bottom by bums trying to grab our names, by usuing sneaky software programs - so we're REALLY stuck in the middle here!.

(Hmmm... wasn't there a song about that is Rez Dogs?)..

Comment #62

Im biased being a person that spends her time working.

Working at a 'normal job'. running a company and then trying to fit in working in the entertainment field, in what little hours I have left....to think that theres sum person that wants to steal MY hard work is repulsive.

I dont consider myself a 'celeb'....but I'm well known for what I do and make enough to afford great legal reps now.

I have no love for a parasite that doesnt want to work to make a living...and proving 'bad faith' isnt hard at all once you cash that first industry paycheck in your 'name'.

Maybe they have an agreement not to disclose settlement 'details'? Maybe thats why you only read about contested legal battles.

Shouldnt give out legal advice if you're not an attorney, Im not lucky. I can afford the legal representation that I have and for them to hire outside of their firms. I would love to go after someone not hiding behind a corp.

I'm not here to debate the moral side of celeb name registrations. Take your chances, you win sum , you lose sum...but you never know how much it offends someone.

The biggest name you can find probably dont really care because they're established already. I still have to work for a living and dont mind going after someone with every resource I have.

Im not knocking what you do. Ive seen sum really nice fan sites that the celebs actually read and participate in....Those are cool.

EDIT:.

As for the other companies, that just sucks that they do that to people. It sucks more that they hide behind corps....and it's pretty hard to find out who the real assholes are.

I understand what you guys (and girls) do for a living and can reepect that youve created an industry. I can understand your frustration when the playing field is no longer level. I wish I had a solution or even a suggestion on how to help...but I dont.

All I can say is: 'stick together' Because they can afford to win or lose a case by case situation.

I want to thank everyone that gave me suggestions via Email or in the Forum. I learned a lot being here and have a better understanding of things now.

Thank you all..

Comment #63

Legal advice can be given out providing the giver has taken law classes, although he may not be a paid attorney. Just as an english or journalism major can help someone compose a letter just fine - which likewise doesn't mean the letter helper needs to hold a paying job with a newspaper. (And advice, no matter how good, isn't binding, anyway - it's free, and likewise one is free to take it or leave it.).

Also, your "affording" the highest priced mouthpiece (even if your side is wrong) is no guarantee of a win - that would be POLITICS you're thinking of!.

But yes, the true fan sites that the celebs actually read and participate in are the ONLY kind worth dealing in. Those crooked ad-loaded, no-content corporate ripoffs are lower than scum, though. That's why I'm always yowling about how those corp-run FAKE search engines always get a free ride by WIPO - they're breaking every law in the books and being totally ignored.

However, the bottom line is still first come, first served. If some silly rich celeb forgot to reg their name, that was THEIR lookout. You snooze, you lose. That's democracy, baby!..

Comment #64

Taken from my Elite Deletes expired domains thread:.

"A load of those domains have been taken by GreyHare, Inc.. who is that?".

Probably Domibot's cousin or something if he keeps taking a lot of names. Domibot used to take many of them after I'd make my lists. I do my whois at Fabulous, so who knows...maybe they aren't that secure of whois and those bots can see it.

Seems like this GreyHare Inc. is another Domibot, or perhaps IS Domibot but under another name. I haven't done any research or anything to see if that might be the case, but they have taken a lot of expired names I've listed...

Comment #65

It could be them. Domibot aka domaincar aka unasi... perhaps they are trying to hide...

Comment #66

Bluesman, ok, I read at least 3 posts where you blast WIPOs failure of going after "big companies" for fake search engines. WIPO does not go after companies, they are arbitrators which are brought before them. If you can please cite a decision where a "big company" got off scott free with "fake search engine" pages, plesae let us know.

I do have an issue with your following statement:.

"Since human celebs (and wannabe celebs) are NOT trademarked companies or products, you would have had to prove bad faith, among other things, which is usually tough to do. ".

It has been long upheld that "human celebs" names are TMs in of themselves. And this is in the eyes of TM law, not personal feelings. Whether you like it or not, that is why most celebrities win thier cases. It is very easy to prove bad faith in these cases...

Comment #67

I do enjoy a nice discussion.

Im interested to know how someone in the business of buying domain names for a profit before someone else does, could, in any way, have a moralistic argument about someone else (albeit something else) doing it to them....

Maybe it's a case of "Its simply not cricket old boy......" As us English types might say.

And all this talk of legal citation - jeez I guess a little knowledge can be extremely dangerous..

And that naughty dotster (*cough*, I mean 'domibot' ) registering all those nice names. I have to say, I personally havent scoured lists of potentially available domains for quite a number of years now - mainly because there arent any worth looking for - so when I do look for emerging techs etc, and a names available, I buy... End of.. AS JB says, What the hell else do I need to consider.....

Comment #68

Credit where credit is due I just registered two names at NameCheap that I had placed in my cart 24 hours before. I decided to wait and today decided to buy them. No problemo at NameCheap...

Comment #69


This question was taken from a support group/message board and re-posted here so others can learn from it.

 

Categories: Home | Diet & Weight Management | Vitamins & Supplements | Herbs & Cleansing |

Sexual Health | Medifast Support | Nutrisystem Support | Medifast Questions |

Web Hosting | Web Hosts | Website Hosting | Hosting |

Web Hosting | GoDaddy | Digital Cameras | Best WebHosts |

Web Hosting FAQ | Web Hosts FAQ | Hosting FAQ | Hosting Group |

Hosting Questions | Camera Tips | Best Cameras To Buy | Best Cameras This Year |

Camera Q-A | Digital Cameras Q-A | Camera Forum | Nov 2010 - Cameras |

Oct 2010 - Cameras | Oct 2010 - DSLRs | Oct 2010 - Camera Tips | Sep 2010 - Cameras |

Sep 2010 - DSLRS | Sep 2010 - Camera Tips | Aug 2010 - Cameras | Aug 2010 - DSLR Tips |

Aug 2010 - Camera Tips | July 2010 - Cameras | July 2010 - Nikon Cameras | July 2010 - Canon Cameras |

July 2010 - Pentax Cameras | Medifast Recipes | Medifast Recipes Tips | Medifast Recipes Strategies |

Medifast Recipes Experiences | Medifast Recipes Group | Medifast Recipes Forum | Medifast Support Strategies |

Medifast Support Experiences |

 

(C) Copyright 2010 All rights reserved.