NameCheap domain registration has been compromised

**Mike-XS** · 6 November, 2010, 23:25 PM

Hey guys.. Simple question:

What's the best way to search for new unregistered domains without your domain searches being taken by someone else or having those new names registered before you can do it. ?

I usually use Namecheap to find new unregistered domains, but not anymore after this week.

You've probably heard this before:

I had some unregistered names I was planning to use taken the other day and registered by someone else.

Now it's my turn.

Happened this week to me too.

Certainly the practice is nothing new:
Who Is Monitoring Your Domain Searches?

I already knew it happens to people at places like Network Solutions and Godaddy, I just never expected it to happen with Namecheap. At least now I know better.

I know network solutions has a permanent bad reputation for all the domain theft and scams they tried to get away with over the years, eg: Network Solutions steals domain ideas; Confirmed! , wasn't expecting it from Namecheap.

---

I found this PHP script you can use to check a domain directly.

To use it, set the form action to use the same name as whatever you save the file as eg domain-whois.php.

Code:

<form method="POST" action="domain-whois.php">

or use $_SERVER['PHP_SELF'] for the action, to post to itself.

Code:

<form method="POST" action="<?php $_SERVER['PHP_SELF'] ?>">

Code:

<?php
/*
simple whois/domain availability check using cURL:
http://www.php.net/manual/en/book.curl.php#95000
*/

function domain_check($domain) {

$data = 'http://'.$domain;

// Create a curl handle to a non-existing location
$ch = curl_init($data);

// Execute
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);

// Check if any error occured
if(curl_errno($ch))
{
    return '<span style="color:#22c922">The domain is available!</span>';
} else {
    return '<span style="color:#c92222">The domain is not available</span>';
}

// Close handle
curl_close($ch);
}

// Usage:
if(isset($_POST['domain'])) {
 echo domain_check($_POST['domain'].$_POST['tld']);
}

?>

<form method="POST" action="domain-whois.php">
http:// <input type="text" name="domain">
<select name="tld">
<option value=".com">.com</option>
<option value=".org">.org</option>
<option value=".net">.net</option>
</option>
<input type="submit" value="Check">
</form>

Basically my questions are :

Does anyone know of any domain registrar site to use that won't result in what I search for being stolen before I can register it ?

And is there a more secure method or service we can use to search for unregistered domains that doesn't end up with someone stealing your ideas ?

Or maybe just don't search for anything unless you are prepared to register it on the spot ?

Has this happened to anyone else recently ?

**Andy101** · 7 November, 2010, 14:53 PM

http://domaintools.com claim to never let this happen last time I checked.

**TopDogger** · 7 November, 2010, 15:13 PM

Network Solutions was the first to start doing this several years ago. They claimed iot was to protect the domains on behalf of their customers. Ri-i-i-i-i-ght!

I had the same problem with GoDaddy a couple of years ago. When I searched and found a good name, if I didn't register it on the spot, it was either in Godaddy's auctions the next day or it got registered by another major registrar, such as Melbourne IT.

I agree with Andy and I use Domain Tools' bulk search exclusively when searching for domains. I have never had a problem with it other than one time when I found a premium domain that they said was available, but had actually been registered 2 days earlier.

BTW, check your link to the article, Mike. It currently leads to a spam page.

**UncleP** · 8 November, 2010, 19:35 PM

Wow, I'm REALLY surprised at namecheap (allegedly) doing underhand stuff, tbh they're one of the one's I trusted. I personally haven't had any such problems with them but I'll be a bit more cautious now. I have heard of GoDaddy being untrustworthy and some others I won't mention but it seems no-one can be trusted now :sigh:

I have had a bad experience with eurodns though, they 'stole' a domain name. I looked up and then registered a .it (Italian) domain name, a good one too, and after I'd paid with credit card I got a message to say the payment had problems and was refused so it didn't go through. When I then tried to re-register it with a different card it had been taken and I couldn't get it anymore, this was only minutes later. However I was able to register two other .it domains using that first card without issues, wtf? B*stards!

I chose eurodns because they were the cheapest at the time for those tld's but I had one hell of a job trying to set up those other domains with nameservers for hosting, their control panel is a real nightmare to use and communicating with their support is like trying to nail jelly to a tree, so definately one to avoid imho. (Yes, I can prove the above if any lawyers ask but only on production of a subpoena (covering my 'six')) This was over a year ago now but I won't ever trust them again.

I did try the script posted btw and it showed domains in redemption as available, which they're not, and I have been using something similar myself for many months, usually just to check nameserver info and expiry dates mostly but it does show up owner details too on some tld's.

So for the benefit of anyone that want's a copy here it is, use at your own risk

There are 3 files total, index.css, index.php & whois.php so just copy 'n paste into files and upload to their own folder (directory) on the domain of your choosing. It works on the same principle i.e. uses unix own inbuilt stuff ...

index.css:

Code:

#wrapper {
 margin: 1em auto;
 padding: 1em;
 width: 900px;
 border: 1px solid #000;
}
h1 {
 color: #560000;
 text-align: center;
}
h2, form, address, p {
 text-align: center;
}
address {
 margin-top: 1em;
}
pre {
 word-wrap: break-word; /* This prevents words from spilling outside the black box */
 font-family: serif;
}

index.php:

Code:

<!DOCTYPE html>
<html>
 <head>
  <title>Whois Page</title>
  <link rel="stylesheet" type="text/css" href="index.css" />
 </head>
 
 <body>
  <div id="wrapper">
   <h1>My Own Whois Page</h1>
   <h2>Perform a whois lookup now!</h2>
   <form method="post" action="whois.php">
    <input type="text" name="domain" onfocus="this.select()" value="domain.com" />
    <input type="submit" name="submit" value="Lookup" />
   </form>
   <address>&copy; 2010 <a title="Home" href="index.php">Home</a></address>  
  </div>
</body>
</html>

&
whois.php

Code:

<?php
$domain = $_POST["domain"];
$process = escapeshellcmd("$domain");
$output = shell_exec("whois $process");
?>
<!DOCTYPE html>
<html>
 <head>
  <title>Whois Page - Looking up <?php echo htmlspecialchars("$domain"); ?></title>
  <link rel="stylesheet" type="text/css" href="index.css" />
 </head>
 
 <body>
  <div id="wrapper">
   <h1>My Own Whois Look-Up Page</h1>
   <?php if ( $domain !== NULL ) { ?>
   <h2>Looking up <?php echo htmlspecialchars("$domain"); ?></h2>
   <form method="post" action="whois.php">Another?
    <input type="text" name="domain" onfocus="this.select()" value="<?php echo $domain; ?>" />
    <input type="submit" name="submit" value="Lookup" />
   </form>
   <pre><?php echo htmlspecialchars("$output"); ?></pre>
   <?php } else { ?>
   <p>No domain was specified.</p>
   <?php } ?>
   <address>&copy; 2010 <a title="Home" href="index.php">Home</a></address>
  </div>
</body>
</html>

This does work for me but I'm not posting a demo 'cause it'll get hammered by spammers and/or bots.

**proxynetwork** · 8 November, 2010, 21:07 PM

why not just use name.com?

**Andy101** · 12 December, 2010, 09:51 AM

A safe first step may be to simply resolve a domain name in your browser i.e. surf to it? Then it's not obvious that you are intending to register a domain name but maybe entered a typo.

But domaintools.com is the best approach I think.

Running a script on your server that accesses the whois databases should be OK too I think. But if you are searching on a domain registrar's page and log out, then it may be fair game for IT staff or whoever has access to the logs to register a domain name that you backed out of registering maybe?

**SonnyCooL** · 12 December, 2010, 14:50 PM

though ICANN solve this issue by adding 10 or 20 cent to each domain register ? previously is ok to cheat , cause no fees, they can drop anytime but now with fees ?

If this is true, then registrar must have a very clever script to filter all those junk domain inquiry everyday ...

**iowadawg** · 12 December, 2010, 18:07 PM

Some time back, namecheap did say in twitter and on their blog that they did not register any domains for their own use or to keep for resell.

It could be just bad luck on your part that someone regged the domains.
Does happen.

**Mike-XS** · 12 December, 2010, 18:43 PM

Thanks for the script UncleP

Looking back, I think it's probably more enom's fault that someone had access to the search queries, since namecheap are only a reseller for them, the domain queries may go outside of namecheap. I don't really know how their network works.

Yeah, bad luck and stuff does happen.

I'm pretty sure that this wasn't a coincidence, but I guess that's what everyone says when they lose an awesome domain. I just left it for too long before registering it.