xbiz world
xbiz premiere

WhoIs Searches May Be Compromised

SAN FRANCISCO — Domain name queries may be compromised, according to eWeek.com columnist and Internet security expert Larry Seltzer, who believes that a shady cyber squatter is monitoring queries and registering domains before prospective site owners get a chance to do so.

Seltzer began his investigation after an email from a reader who complained that a company known as Chesterton Holdings had registered her query, placed a landing page at the domain and then dumped the site several days later only after seeing poor traffic results.

The Chesterton Holdings site, which gives virtually no information about the company or its owners, offers visitors the following description of its services:

"We acquire domain names through an automated process rather than by any process that would intentionally infringe on any person's rights. If you have any questions about a domain, please submit your query to us below. It is our policy to transfer a domain name to any entity that, in our reasonable opinion, has a legitimate claim. We will promptly transfer a domain name to you if you can show us that you have a legitimate claim."

According to Seltzer, his concerned reader had used CNET’s domain search page, which offers meta-search results from several services, including Web.com, Dot.FM, Enic.cc and APlus.net.

Seltzer ran his own domain queries using the same methods, finding that in less than 30 hours Chesterton Holdings had registered his queries.

A call placed by Seltzer’s reader to APlus.net suggested that Chesterton monitors WhoIs queries, something that Seltzer believes to be impossible.

Seltzer contacted CNET to inform them of the problem. While neither he nor CNET had any concrete answers, Seltzer decided to post.

“With a whole lot more testing, I think I could figure out the source of Chesterton's domain name feed, but I decided it was time to get the story out first,” he said.

Seltzer posited four theories on how Chesterton had accessed the WhoIs queries:

  • “CNET, or someone at CNET, could be passing the requests on to Chesterton. I don't believe this for a second.”

  • “One of the hosting services that CNET is checking with (and there could be more than they indicate) could be passing data on to Chesterton. This seems unlikely to me.”

  • “Chesterton could have compromised one of the servers involved in the process, for instance the WhoIs server used by one of the hosting services. This seems possible to me. There are a number of other hacking techniques, DNS cache poisoning for example, that could indirectly give Chesterton access to data from these queries.”

  • “Verisign could be passing the data on to Chesterton. I don't believe this, either.”

    • An XBIZ story in May reported that add/drop domain registration schemes were on the rise, according to GoDaddy.com CEO Bob Parsons. Practitioners of the schemes take advantage of the five-day window before they are charged for the domain, meaning that a company such as Chesterton, if Seltzer’s allegations are correct, could register compromised queries without incurring any registration costs.

    Despite Seltzer’s efforts the mystery remains.

    “Even though I've speculated on possibilities that are more or less likely than others, I don't think I'm close to a definitive explanation,” he said. “All I really know is that there's no legitimate way to do what Chesterton Holdings is doing, and I hope they finally get called for it.”

    Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
    Reproduction in whole or in part in any form or medium without express written permission is prohibited.

    More News

    Polish Government Proposes AV Mandate for Adult Sites

    Poland’s Council of Ministers on Tuesday endorsed a proposed national law that would require sites and platforms to age-verify users to prevent minors from accessing adult content online.

    Brazil Launches Complaints Page for AV Violations, Other Issues

    Brazil’s National Data Protection Authority (ANPD) on Monday debuted a portal where citizens can report possible violations of the country’s Digital Statute for Children and Adolescents (Digital ECA), which requires adult websites to age-verify users located in Brazil.

    FSC Launches 'Speak Out' Media Campaign for Creators

    The Free Speech Coalition (FSC) has announced the launch of FSC Speak Out, a media campaign for content creators to tell their stories.

    Pineapple Support, Stripchat to Host LGBTQ Support Group

    Pineapple Support and Stripchat are hosting a free online support group for LGBTQ+ individuals within the adult industry, titled "LGBTQ and Proud."

    Pornhub Awards Fiesta: A Night of Music, Dancing and Camaraderie

    The eighth annual Pornhub Awards transformed Los Candiles Night Club in Glassell Park into a celebration of glamour, glitter, fashion and fame Wednesday night, as performers, creators and industry insiders toasted the year’s winners and danced late into the night while Diplo and Midnight Mary kept the party pulsing from behind the decks.

    Ukrainian Parliament Rejects Porn Decriminalization Bill

    The Verkhovna Rada, Ukraine’s parliament, on Thursday voted against passage of a bill that would have decriminalized the creation and distribution of pornography in that country — an activity that currently carries a prison sentence of three to five years.

    FSC Launches Pride Fundraising Drive

    The Free Speech Coalition (FSC) has launched its Pride Fundraising Drive to support its efforts on behalf of the LGBTQ+ community.

    Cultpix Debuts AI-Generated Vintage Adult Films at Cannes

    At this year’s Cannes Film Festival, B-movie streaming service Cultpix debuted a collection of AI-generated short films drawn from erotic magazine photo spreads published 50 years ago.

    Ofcom Fines Youngtek Solutions $800K for AV Noncompliance

    U.K. media regulator Ofcom on Wednesday imposed fines totaling 600,000 pounds (more than $800,000) against adult site operator Youngtek Solutions for failing to implement age checks and respond to information requests as required for compliance with the Online Safety Act.

    Pornhub Launches Lesbian Site 'Pornhub Sapphic'

    Pornhub has launched Pornhub Sapphic, a site dedicated to female and non-binary content and creators.

    Show More