GeorgeK

Hello,

I've helped others recover stolen domains, and knew contacting Dotster would be a waste in terms of getting things done this weekend -- the key is to reach DirectI.com.

I got in touch with Bhavin Turakhia, whose contact info is:

Bhavin Turakhia
bhavin.t @ directi.com
Tel: +91-9820097557

I got him on MSN Messenger, screen name was the same as the email above. HE WOULD NOT CHANGE THE NAMESERVERS, GRRRRRRRRR.

To cover his butt, he wants Sleazy to FAX him:

http://in.directi.com/contactus/sales/

I would fax the US and Indian offices, but he's in India.

Here's what he said:

Bhavin@Directi says:
* we will check the list and make sure if theree are any fake whois we send a whois abuse notification
* we will inspect the transfer and figure whether it was genuine
* we will get a fax letter from the orignal registrant
* we will undo the transfer if we get all the abv info

Personally, I think the above is a joke, that knowing it's a stolen domain he wouldn't restore it to the prior ns1.national-net.com and ns2.national-net.com nameservers. He knows me from the WLS and SiteFinder debates, too (e.g. www.whois.sc/verisign-dns/ ).

But, hopefully Sleazy will get them to change the nameservers at least, pending the undo of the transfer next week.

Sleazy is losing major traffic. The thief's Extreme tracker wasn't password protected:

http://extremetracking.com/open;unique?login=xyber123

466,000 uniques yesterday.

If you check the Alexa ranking of easy-dater.com, it is very high (and that didn't sway Bhavin either, hmmm).

Using xyber000 found as a tracker on other domains, it became obvious the thief also stole: f3.com, aem.com and other domains too.

I continue to be appalled at the lack of help of registrars in domain thefts (I've helped recover other high profile ones, e.g. yy.com, helped avert n i g g er. com, and others that can't be named for legal reasons). Hopefully folks on this board with significant domains will assist in convincing ICANN that their policies need to be strengthened.

If you want to submit comments about the ridiculously weak Transfers Policy, do so at:

http://www.icann.org/announcements/a...nt-12jan05.htm

Basically, the security flaw is that the system ASSUMES (falsely) that the GAINING registrar does proper authentication of the transfers. That's an assumption that is false, clearly. It needs to go back to a system of double-authentication, where the losing registrar also authenticates the transfer request, before letting it go through. Moniker is one registrar to consider moving to (I keep all my domains at OpenSRS, whose security is great too).

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

SmokeyTheBear

good work .. bump for sleazy

__________________
hatisblack at yahoo.com

Jace

very cool man...nice work

SleazyDream

awesome - nobody wants to do anything till monday though ugggggggg

__________________
This dog, is dog, a dog, good dog, way dog, to dog, keep dog, an dog, idiot dog, busy dog, for dog, 20 dog, seconds dog!

Now read without the word dog.

GeorgeK

Sleazy: What's your screen name, etc? I'd send the fax right away, and CALL DirectI, too. No need to wait until Monday. Do all YOU can today.

Bhavin said he had to "go to a meeting" -- on Sunday? Hmmm. Embarrassing them, but they need to do better, and not worry about some fictitious legal liability from a fake WHOIS, and worry about REAL LIABILITY if you decide to sue them for falsely authenticating the domain transfer.

They have systemic problems -- f3.com, aem.com are a few that were stolen by the same thief, apparently, and I know of at least 2 other high profile names that ended up at DirectI that are 99% stolen.

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

GeorgeK

Looks like DirectI.com has updated the nameservers to ns1.suspended-domain.com and ns2.suspended-domain.com

A step in the right direction, but if I was the registrar, I'd simply change them back to the correct ones, and not worry about fictitious WHOIS hijackers coming back to sue me. I've never lost a legal case in my life, either -- folks who've tried should know I own dontfuckwithme.com

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

rebel23

very interesting post, keep up the good work

__________________
ICQ: 37378183

SleazyDream

already talked to those guys toniight and got the run around. uggg

i will send them a fax though

__________________
This dog, is dog, a dog, good dog, way dog, to dog, keep dog, an dog, idiot dog, busy dog, for dog, 20 dog, seconds dog!

Now read without the word dog.

GeorgeK

Address it directly to Bhavin (I know him from the WLS and SiteFinder debates, and sent him followup emails in addition to the MSN conversation). You have to get beyond the frontline support at all these registrars, and he's the one ultimately that will make the decisions (he owns that registrar).

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

GeorgeK

Make sure to specify in the fax what the nameservers should be updated to, also. It's best that DirectI.com change the nameservers, ASAP, as it might take days to transfer back to Dotster.

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

Hung Like Bull

The great thing about this is the fact Sleazy got owned.
It's called Karma.

It was a long time coming. Wait until the mailers, and the DDOS'ers get ahold of him. This is nothing yet. lol

Idiot! lol

Hung Like Bull

That has got to be a sobering thought realizing that in reality you are an absolute nobody. A "player" would have had it fixed up within hours. Idiot! lol

jayeff

This is the second thread I have seen with everyone very gung ho and ready to knock people like this guy in India who apparently cannot distinguish between the "real" registrant and some crook. But really, if the vast majority of the people on this board don't know much more about "Sleazy" than his handle and online persona, how do you expect someone 5,000 miles away to make that kind of judgement call?

And face it, if getting domains taken offline, ownership changed, etc., were all down to a few words on ICQ, an email, or whatever, every webmaster board would be end-to-end domain theft threads. Sure it is frustrating that it takes time to put wrongs right and you have to prove your story, but would you trust a registrar or a host who worked any other way? The security flaws they do have are surely enough.

GeorgeK

jayeff: Yep, but Bhavin knows me, so I'm disappointed he wouldn't take that into account (along with the fact that the WHOIS was fake), and trust his instincts to change the nameservers to the right ones immediately, while his investigation was ongoing, instead of adhering to "policies" that allow a thief to profit from delay. Having the nameservers now in a "suspended" state is a slightly better outcome, but they can and should do better.

I've been down the legal road too (folks that know me from other domain forums know I've been outspoken in protecting registrant rights), which takes time and ultimately makes the lawyers the big winners. For folks that SAY they're businessmen (and registrars are entrepreneurs for the most part like others here), they should know better, and know they face ZERO legal threat from a FAKE WHOIS.

__________________
I buy good domain names. Send lists to George (at) LOFFS.com

SleazyDream

no kidding.

__________________
This dog, is dog, a dog, good dog, way dog, to dog, keep dog, an dog, idiot dog, busy dog, for dog, 20 dog, seconds dog!

Now read without the word dog.

SleazyDream

idiot


...

__________________
This dog, is dog, a dog, good dog, way dog, to dog, keep dog, an dog, idiot dog, busy dog, for dog, 20 dog, seconds dog!

Now read without the word dog.