Stolen domain!

[domainmonster_m]

What made you change your mind Matt considering before you apologised?

Nothing has changed to the explanation previously supplied. I simply asked the team to work with the two parties to see if we couldn't mediate and resolve. Fact remains the "original" registrant was first to place the order, but fact also remained that we made the contact error as previously disclosed.

If the original registrant wasn't passionate about the domain (No matter whether he was a bad actor with the admin contact or not), maybe there was a simple resolution here and there was.

All in all, 24 hours on and it's amicably resolved.

 

[golddiggerguy]

I have the domain now - = Happy Client

TBH I don't know who to listen to. Both sides say the same thing, "I never changed domain details" apart from someone at DM saying "We went in and cleaned it up thats why it got transferred away" and Mr X say it wasn't him i have no idea.

My guess would be Mr X did get confirmation from DM to say they have caught it and they put the domain into his account. He then looked and thought arse they made a mistake it's not mine it's Media Blocks Ltd's but hey I have the power to change it and who'll know? And now it's come to light really wishes he hadn't done.

That's how I see it as an example but correct me if I'm wrong.

This is a mistake where I do think 2 booking were made but not within minutes of each other more like the system failed and never logged it as booked!!. The system failed and 2 bookings were made for the same domain, who was first doesn't matter. If the name was in Mr x name I would never think oh I can just update the whois by changing the legal owner and would send a support ticket in to get to the bottom of it.

If it came to it that a mistake had been made and I didn't get it, hey live and let live. The issue for me is the changing of the admin and then transferring it away from me and committing Fraud.

If people on here think I'm going on then just shout and I'll dig without posting here, but I'd like to know what happened and think I should share.

If it is the case Mr X HAS changed the email then I will post his handle as that is just one act of Fraud we know about.

If I am wrong then speak DM or MR X as these are just thoughts of what could have happened.

I know a few people will be thinking he's got his domain why doesn't he just shhh and walk away. I have walked away with the domain, I just need to know.

Example of the same level of Fraud
If a credit card which was yours was sent with a pin number to a wrong house. You then found out it was due to someone committing Fraud and changing your address details some how but you got the card back, you'd want to know more, wouldn't you ?!

 

[aZooZa]

Andy, I think it's a good resolution but there remain questions to be answered and you're quite within your rights to maintain the thread - in fact I know there is a contingent here who would like to know the ultimate answer. I just suggest that you don't name names until you're absolutely sure it's necessary, but that's your call. I do agree that the other party should post here, but I'd give him the chance to do it off his own bat first.

 

[bensd]

So, what was the domain then?

 

[domainmonster_m]

I have the domain now - = Happy Client
If it is the case Mr X HAS changed the email then I will post his handle as that is just one act of Fraud we know about.

If I am wrong then speak DM or MR X as these are just thoughts of what could have happened.

Domainmonster did not change the admin period. We clearly know Mr X's details and I would encourage him to make his opinion public in the full knowledge of his actions if he feels we did.

I will then not hesitate to have our lawyers file proceedings for damages. We did make an error with this as is documented in this thread and fact the two orders were placed within quick succession causing the original issue.

Regardless, we did not make this change period, so yes, in full agreement, come out the closet and state your case in public.

 

[rob]

Both sides say the same thing, "I never changed domain details" apart from someone at DM saying "We went in and cleaned it up thats why it got transferred away" and Mr X say it wasn't him i have no idea.

Domainmonster did not change the admin period. We clearly know Mr X's details and I would encourage him to make his opinion public in the full knowledge of his actions if he feels we did.

I will then not hesitate to have our lawyers file proceedings for damages.

Someone changed the admin email to move a domain name - and Domainmonster say it is was this Mr X. Seems quite clear that - ball in 'Mr X's court.

It was mentioned elsewhere he/she is a member here, so perhaps he/she could post their side in public rather than just private as the above is pretty strong stuff and very unfair on Domainmonster if their account is true.

 

[Ashton]

@domainmonster_m:

How close were they in order time? Please dont say 100ms, because that can't be true, unless the system submitted the orders at the same time.

What are you going to do to prevent this from happening again?

 

[Retired_member41]

I'm no longer a fan of domain monster, but Ive spent several hundred on domain backordering with them in the past so know how their registration process works.

If the time of the registrations was in the first 15 minutes after midnight, I can believe an error could occur, and yes ms could be in it.

When the free dacr and domain lore lists used to come out, it was a frenzy to try and add them to not only dacr but domain monster, and on most days by a couple of minutes past, all the decent domains were booked up.

When checking out it does that fancy thing where it tells you its been booked for you.

So it is quite plausable that more than 1 person had it in their basket and they checked out together. As soon as the checkout happened no one else could have taken it that far as the system would have blocked it.

I knew of a handful of people who I used to compete with trying to backorder at dacr and dm, so if say the 4 I knew about all tried for the same name, along with the dozens of others I was not aware of tried, I'm surprised it hasn't happened a few times thinking about it.

I know Ive mentioned it before, but I once got a success code from Nominet saying I had registered a domain, I called them up wondering why someone else had it in their account, and they said it was not possible to get a success code in error, but there it was written in the logs, no other way of getting there apart from a response from nom.

It is funny how DM said it would remain with the current keeper earlier in this thread, and bingo it hasnt.

Have I missed the domain name being disclosed?

 

[retired_member12]

...Have I missed the domain name being disclosed?

PRSS time i think!

 

[domainmonster_m]

PRSS time i think!

Yes, you have missed something. See page 11. We mediated between the two parties yesterday and one was happy for it to be transferred to the other, which solves this.

Clearly one would expect they were happy to do so at no cost as fully aware of what they had done with the admin contact.

 

[foz]

WITHOUT PREJUDICE.

I am the third party involved in this.

I received automated? emails from Domain Monster stating:

Dear Mr x.

We are pleased to inform you that your back order for xxxxxxxxxxxxx.co.uk has completed, and the domain has been registered to you.

You should shortly receive a checkout email for the domain purchase.

Kind regards

The Domainmonster.com Team

And,

Dear Mr x.

Thank you for placing an order with Domainmonster.com

Your order number is DM1167909:

Domain Purchase: xxxxxxxxxxxxx.co.uk [2 Year(s)]
-----------------------------------------------------------------------

Order Total: $73.97
Invoices will appear on your card statement as "Domainmonster.com"

To view your invoices, just log into your account at http://www.domainmonster.com/login/, or choose 'Member Login' from the top right hand corner of the Home page. Then choose the 'View Account Invoices' menu option.

Dont forget! We operate a managed renewal service to ensure you never lose your domain name(s) and will automatically renew them shortly before they are due to expire. You can easily configure these renewal preferences in your members area.

I checked the whois, golddiggerguy was the Registrant. The contact details where NOT displayed - opt-out: Y

I logged into my Domain Monster account and the domain name was there. I actioned a TAG change through their panel to my one.

My thoughts were that Domain Monster had slipped up and incorrectly registered the domain to the wrong individual. I initiated a Registrant transfer to myself.

At no point did I change the contact administration details and email address to this domain name. I am prepared to sign a sworn affidavit to that effect.

I was invoiced and billed for the domain name. I have a .pdf copy in my possession and am happy to circulate this to any trusted member on this forum.

My credit card has been charged for this domain name and my bank account reflects the charge going through.

At no point has Domain Monster contacted me concerning the domain name.

I chose to make contact with Domain Monster yesterday. I put a proposal to April in support at Domain Monster (Matt was not available).

A Registrant transfer was initiated by myself to Domain Monster and they took ownership of the domain name.

From my perspective, I have lost a domain that should rightly be mine (first to book), golddiggerguy has “appeared” to be deprived of a domain name and Domain Monster has acted appalling over this whole matter. Domain Monsters actions or lack of have created this whole incident.

Regards,
Garth.

 

[foz]

Hi All

I want to offer the balanced view from our side on this. I was made aware of this one and have since listened to the call logs and discussed with those involved today.

This issue here is very simple (Allbeit frustrating). There is nothing underhand or devious. There is no alternate story here. Many of you guys use us and one would hope the loyal fair service we've consistently provided speaks for something here.

Essentially, as pointed out, two back orders came into our system within a very short time frame. This is techically possible because the backorder isn't blocked from lookup until checked out. I'm not sure it was within 100ms, but it was within the time it took to check out. Our system unfortunately doesn't cater for this (And probably should). That said, out of 200K odd backorders on our platform we've never seen that before and don't have another instance like it (We've now checked!).

When the domain was then snapped, the domain didn't allocate because of these two orders so was manually reviewed. The domain WAS then correctly allocated and billed to the correct account (The current owner). They placed their order first, albeit within a short time frame of the other, so the domain was rightly theirs.

However, it WASN'T allocated to the correct contact. Like I say, this was done manually due to the issue of two orders, hence the 2nd orders data was showing up in the whois. This was our mistake - a human mistake.

I'm embarrassed to say, we didn't even know the wrong whois data was on the domain and most importantly we didn't change ANY admin email address's or ever fix this up. The first we knew of this was today following our investigation with Nominet too.

It seems the correct owner did realise (And I stress correct as he placed his order with us first fair and square) and clearly used Nominet's system to fix things up recognising we've done something wrong - without saying another word.

Thats basically it guys. Nothing underhand, nothing devious. A very unfortunate and frustrating circumstance for all, not least the gentleman on this forum.

Matt
CEO
Domainmonster.com

I concur, albeit a different theory to back orders.

 

[fish]

Thanks Foz for posting and providing your version of the story.

It seems there still remains a grey area in terms of what occurred and who did what with change of details info.

 

[retired_member12]

Correct me if I am wrong, but the starting point for this confusion for the two 'registrants' stems from errors at DM. The fact that Foz 'may' have done one thing or not, or that GDG 'may or may not' be entitled to the domain doesn't address the real issues. Any corrective actions, whether legal or not, are mitigated by confusing bits of confirmation.

Two points should be learned from this:
1- To all dropcatchers, make god damn sure your systems are water tight, and be fully prepared to stump up compensation to injured parties if they are not.
2- Nominet, when you come back of your holiday for today, look at this issue and come up with something to prevent unapproved changes without the expressed permission of the current 'registrant'.

Adhoc corrections, however they took place, are secondary to the real issues of good business practices and security.

 

[monaghan]

Surely a unique key on the underlying database table would prevent 2 bookings getting into the system? That's how my system is built.

 

[golddiggerguy]

Just to clear the timings with you Foz to see how close or whats at fault with DM

I made the booking on the 20/07/2010 at around 21:36 which was confirmed by an email.

If it was a totally different day or hour then it was a system glitch, if it was the same sort of time, it then was that we were both in basket / check out mode at the same time.

 

[golddiggerguy]

Just to be clear. When you saw Media Blocks Ltd did you think ah Golddiggerguy?

I checked the whois, golddiggerguy was the Registrant. The contact details where NOT displayed - opt-out: Y

Contact details were displayed see http://www.acorndomains.co.uk/domain-name-disputes/75977-stolen-domain-3.html

Even if they were hidden in the whois Media Blocks Ltd wouldn't have been hidden and wouldn't have been hard to find using Google.

I found your email with a bit of clever searching when I needed to contact you about it, using your name and all the free email prefix e.g. Hotmail.com Gmail.com etc

 

[stender]

Surely a unique key on the underlying database table would prevent 2 bookings getting into the system? That's how my system is built.

I'm no dba but even I would apply unique key constraints.

This must be the most viewed thread of all time on acorn?

 

[golddiggerguy]

This must be the most viewed thread of all time on acorn?

No it's this I bet whats your last reggd domains

 

[rob]

The important thing is that in transferring the domain, you agreed that you were the registrant or had the registrants permission and that wasn't the case. You're experienced enough to know that what you were doing was wrong yet you still went ahead and transferred the domain.

thats the bit that is wrong IMHO.

I have had a similar situation earlier in the year (which will be fully documented on here soonish, along with another incident ) and it is possible to delete, re-register or transfer the domain however you cannot do it as its fraudulent to click 'I am the registrant' when you are not.

Its like a fake signature or the like on the old transfer papers.

You just can't do that.