Very OT, is this cybersquatting

In IE, I googled the business of a friend of mine, to get his work phone number.
First came two paid ads, which varied.
Then the next entry was of the form acmesupply.net and it was a page that sold fancy sneakers. They have an enormous selection, many brands, almost all between 86 and 90 a pair. Yet the google entry had my friend's businsess's suburban town, zipcode, and phone number.
The 3rd entry was for www.acmesupply.net which is my friend's webpage, and it was for my friend's business.
The next 5 hits were all my friend's business, 3 of which were like www.acmesupply.net\home and two of which were like acmesupply.net\contactus , but still went to one of his pages.
The next two (it only displayed 10 on the first page) were listings of his business on yellowpages and manta, and his linkedin page.
If I tell him about this, will he be able to get the shoe site to change its url? It sort of looks like he is selling sneakers, which makes his very professional business look amateurish. OTOH, will the average google user really think the page is his?
Should I tell him about this?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Are these the real the URL that you used? Nothing comes up for them. Therefore I don't have a clue what was happening. Doubt you can get a URL changed unless it is identical.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
It's confusing if you don't use the real URLs. You say the sneaker store has the same URL. Is that a misprint on your part?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 18 Nov 2015 16:40:29 -0500, "Mayayana"

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
| > It's confusing if you don't use the real URLs. You | >say the sneaker store has the same URL. Is that | >a misprint on your part? | > | They are the same except one has www in front and the other doesn't.
There's something missing from this story. I can understand if you want to protect your friend's privacy, but without checking it out ourselves there's no way to know what's going on.
If your friend owns his domain then he owns the whole thing -- acmesupply.net. Someone else can't buy the subdomain. Usually a subdomain is a folder on the server. For instance, files.acmesupply.net can be set up to point to a folder names "files". www is default. Usually if a website is not set up to respond to just the domain name, the browser will automatically try adding "www."
All of that is to say that the other link is probably not to the same domain, even though it may seem so. To find out you have to right-click the link, copy it, aste it into Notepad, then extract the real link from Googles spyware link. For example, I just searched for Sears and got www.sears.com. That's what Google tells me the link goes to, but it actually doesn't. The link is like so:
https://www.google.com/url?q=http://www.sears.com/&sa=U&ved CgfRRRbtEwQQisnuWng5vJAhWBFT4GTyNemU&usgQ48HtrENh5BGDWs-iwWqHukIllT39DaWCVrpjHQg
Google is sending my click through their server, along with a kind of cookie. (You really should switch to duckduckgo.)
If both links are, indeed, to acmesupply.com then why not visit the sneaker link and see what you find? It may be that your friend has not paid for legitimate webhosting but is instead trying to save a few bucks by hosting his site on a cheap or freebie server that shows ads.
A third possibility is that your browser has been infected with malware that's injecting ads.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

It even found acmesupply.eu !!! It has a 353 country code (Ireland), links for 6 european countries, and quotes prices in British pounds. Here it is, HQ in London. Not a competitor, but if DDG found it, it should have found my friend.
Also found something with a similar name in Switzerland.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
| > (You really should switch to duckduckgo.) | | I've heard about that, but had little reason to try it. So I tried it | this time. | | A) it doesn't highlight or otherwise indicate that I've been to one of | the webpages listed, not even via duckduckgo.
That may be because the Google links are not actually to the website. Showing a visited link color depends on the webpage and your browser history. So when you go to DDG your browser may not see those links as visited because they're not Google links. I know DDG doesn't block a visited color because I see them.
| B) It started with ads too, but more importantly, using the same | search terms acme supply baltimore it never found my friend's | url, first not in the first 32 hits!!
Interesting. I do find Google helps in some cases when I can't find things through DDG, but your description is extreme. I'm guessing that's probably mostly due to Google spyware. Anyone who allows such things as cookies and script will usually see a customized page at Google. They guess at what you're interested in. (I stopped reading their news for the same reason. I want to read the news, not what Google's code guesses I'm interested in reading.)
In other words, your friend's site may not be nearly as highly rated as it seems to be when you do a Google search. It might be interesting to have other friends do a search and see what they get.
If you don't actively study and apply privacy techniques then you're probably being tracked by about a dozen companies, nearly everywhere you go. Google is the most extreme, by far. But they're only one. Facebook will know most of the sites you visit even if you don't have a Facebook account, so long as you allow frames and don't block them in your HOSTS file.
[ Even visited links, actually, are sometimes used for tracking. Script can be used to determine the font color of an item on the page. By adding lots of links to a page, even if they're not visible, script can track which of those sites are in your browser history. (I don't think Google bothers with such esoterica. Most people allow Google to spy on everything they do, anyway. And they can track your movements through the booby- trapped links themselves. But it's an interesting bit of trivia.) ]
The result of all that tracking is that most people are seeing a lot of custom-generated webpages. The ads, especially, will be custom. But often the content is custom: links, news, item prices...all can change depending on what the website host knows about you.
I'm curious about what's happening, but I can't think of a likely answer based on the information you've provided. If you don't want to share the details you may just have to figure it out for yourself. But it might be worth checking whether you can find another case of the same thing. If you're getting 2 different sites and you're *sure* they both result from the exact same domain, then that sounds like it could be something on your system. In other words, if you go to xyz.net and it's the wrong place, but www.xyz.net is not the wrong place, that could be a HOSTS file corruption, a malware browser plugin, or something that's changed your DNS server. You can check all of those. Check all of your plugins. Check your HOSTS file. In network settings, select the Properties of the tcp/ip item to see your DNS setting. It's usually provided by your ISP. A better option is to use OpenNIC
107.170.95.180 (NY, US) 104.237.144.172 (NJ, US) 75.127.14.107 (NY, US)
or OpenDNS
208.67.222.222 208.67.220.220
You can look up your current DNS server IP here, if you think it might be suspicious:
http://www.ip-adress.com/whois/
For those who don't know, DNS is domain name server. It's essentially a phone book. The real address of xyz.net is not xyz.net but rather a numeric IP address. DNS servers provide translation for browsers. So one way malware can work is to replace your DNS server IP address with another, dishonest one. By doing that they can do things like send you to scam.cn when you type in a URL for online banking, and your browser will show you to be at your bank's website. The HOSTS file is your local version of DNS, like your personal phone number list. It overrides DNS because browsers will check it first. So that's another malware target.
Personally I'd be most suspicious about a plugin, because that can edit the page you see, while a DNS server can only change where you end up when you enter xyz.net. But, again, this is grasping at straws without knowing the details.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Thu, 19 Nov 2015 09:37:28 -0500, "Mayayana"

I figured if it has the color that means it's been visited, the page is in the (firefox, say) cache. And that if you purge the cache, as they sometimes suggest doing, there will be no indication you've been anywhere. (and I like knowing because sometimes I want go to a page I've already been to, and sometimes I want a new page.

The last sentence, I don't understand at all.

Google definitely knows I'm in Baltimore. It always knows that. I just searched for Supply (For new readers of the thread, it's not really supply. The actual category is still a secret.) and it gave me a list of supply stores in Baltimore. Alas, there were 60 or 80 and he was not listed.
That's largely because he's near but not in Baltimore. (His business is near his home so he doesn't have to commute much, especially when he goes in more than once in a day.)
He hasn't complained about that exactly, but he has complained that if a generic search is done, for supply, he doesn't come up anywhere near the top. He may have even paid to get himself higher, but his competitors are paying too. And alphabetically, his company doesn't start with A, like Acme does. It's much closer to the end of the alphabet, even though it's a good name -- notice how many other supply companies had similar names.
Did you realize that Aamco Transmissions started off as a shlock business that had so little going for it they had to start their name with 2 A's so that people looking in the Yellow Pages found them first? Wikip says it's more complicated, "In 1957, he founded the Anthony A. Martino Company, or AAMCO in Philadelphia, under the name AAMCO Auto and Truck Repair. This name was chosen not only to reflect the initials of the founder, but also to make it appear higher in the Yellow pages listings of the day.[3] "
I retract the word shlock.
From the footnote, the Aamco blog, "By 1957, with the demand for his signature transmission repair service booming, Martino opened his first repair shop three miles from the ESSO station at 133 East Eleanor Avenue in Northeast Philadelphia. He called the shop AAMCO Auto and Truck Repair as he did engine and other minor repairs at the shop beyond transmissions. At this time, people became aware that the AAMCO acronym stood for Anthony A. Martino Company. The name was easy to remember but also marketing genius for its top alphabetical listing in the yellow pages under auto repair, as there was no separate “Auto Transmission” category at the time."

I can ask a friend to do that.

I should use my HOSTS file more. Frames? Frames on webpages? I havent' seen them for a long time.
Years ago I was having trouble using Facebook search**, and I thought maybe it's because I wasn't registered, so I registered but told them nothing about myself, including my real name. Then my young niece had a page and she asked me to be a friend and I said okay if I can use a phony name. But then I started using my Facebook account in place of registering. Does that mean she gets spam from every website I sign into using my Facebook account?
**Search didn't work any better after I registered and the guy is probably dead. He was not a friend, just trouble, and I wondered if he ever straightened out.

The older I get, the less I have to loose. I figure I can explose myself to 20-year carcinogens now and I won't get cancer until I'm 88. If nothing unusual happens, that's how long I expect to live anyhow, though I could die anytime between tomorrow and 104, no 106.

The one in windows\system32\drivers\etc has only two lines: 127.0.0.1 localhost ::1 localhost
There is one other, with a longer path name, and for some reason Everything is showing my other partitions, even though the harddrive dock is turned off! Last time I used Everything, when I turned off the dock, only files in the C: partition showed.

I don't know how to do this. I used Start/network and got my router and my computer, but that's the place, right?

I didn't understand this or OpenNIC.

This page doesn't insist on a www prefix, so I put in
acmesupply.net and www.acmesupply.net and the results are exactly the same, as they should be.
It's my friend and one email address is obsolete afaik, but the other two are almost surely good. It's got his personal name and it describes at length his business. He's not renting from anyone.
It says clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
And it doesn't expire for another year. .....

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
| > That may be because the Google links are not actually | >to the website. Showing a visited link color depends on | >the webpage and your browser history. So when you | | I figured if it has the color that means it's been visited, the page | is in the (firefox, say) cache. And that if you purge the cache, as | they sometimes suggest doing, there will be no indication you've been | anywhere. (and I like knowing because sometimes I want go to a page | I've already been to, and sometimes I want a new page. |
Yes, but Google is proxying through their own site. You're never actually navigating directly to the target site: www.google.com/q=whereYouReallyWantToGo.com
I thought that might prevent the site registering as visited at DDG, because you never clicked on a link to whereYouReallyWantToGo.com.
| >go to DDG your browser may not see those links as | >visited because they're not Google links. I know DDG | >doesn't block a visited color because I see them. | | The last sentence, I don't understand at all. | As you said, visited links are saved by the browser and normally the browser will show the visited link color for those sites, but it can also be changed in the webpage. CSS can be used to make the active link and visited link color the same. That's not unusual. In that case you'd have to view the page without styles to see the visited color. But I know DDG is not doing that because I see visited links colored differently at DDG.
| He hasn't complained about that exactly, but he has complained that if | a generic search is done, for supply, he doesn't come up anywhere near | the top. He may have even paid to get himself higher, but his | competitors are paying too. And alphabetically, his company doesn't | start with A, like Acme does. It's much closer to the end of the | alphabet, even though it's a good name -- notice how many other supply | companies had similar names. | I don't think it helps much to pay. SEO is, to a large extent, a flim flam operation. It helps to have frequent page updates and to have lots of incoming links. It also helps to be well established. But if there are a lot of businesses in the same field it will be difficult to break in.
Also, SEO tricks can often downgrade one's rating. My dentist hired a webpage designer who listed just about every town in E. MA in the META tags. That's likely to hurt rather than help. If Google sniffs SEO tricks they'll punish for it.
I did a website for a plumber a couple of years ago. He was already #1 or #2 when I searched for a plumber with his city name, but his site was junky. Meanwhile, his web host talked him into getting a second site to improve his ratings. The plumber made the second site with drag/drop online, using mostly the same content as the first site. He wouldn't listen to my warning, figuring that the college kid making $7/hour doing tech support at the webhost was an expert, and I wasn't. The result was that his first website went down in the rankings. Google considers it a cheat when you put the same content on multiple sites.
If your friend wants to increase traffic, the best bet would be to do "link trades" with relevant trade groups or other sites that make sense. For instance, the Chamber of Commerce probably takes part in such link trades. He might also advertise on Yelp and ask people to write reviews. Yelp and others have been repeatedly accused of favoring companies that pay for ads. I have no doubt that's true. I, myself, have been called repeatedly by a contractor review site for builders. After they explained the deal I realized that what they were really talking about was ads, not listings and reviews. I'd pay a few hundred dollars to be a member and I'd pay them a fee for referrals. But the public facing company advertises a dependable way to find trustworthy contractors. In general I wouldn't put much faith in online reviews or recommendations. Especially if the site is free to use. If the visitor is not paying for advice then the reviewed companies are almost certainly paying for rigged ratings. In that sense, something like Yelp is a mixed blessing. But a lot of people use it.
I don't think the first letter of the company will affect much of anything.
| I should use my HOSTS file more. Frames? Frames on webpages? I | havent' seen them for a long time. |
Blocking frames is the only way to block iframes. Fortunately, most sites no longer use frames. But iframes have become very common. An iframe is a webpage embedded in a webpage. But it doesn't have to have a border or a scrollbar. On a typical commercial page there may be 10 iframes. Google/ Doubleclick uses them for ads. Facebook uses them for Like buttons. By putting their image in an iframe it looks the same, but technically you've visited their website. That allows them to run script and set first-party cookies. One of the worst browser vulnerabilities, cross site scripting, is typically done through iframes. Criminals hack a vulnerable site, such as a site made with Wordpress, and insert an iframe to load something from their malware site. They then run script from the malware site to do a driveby download. At one point there was wide agreement that iframes should be phased out. But then came the spyware and high functionality of "Web 2.0". Now iframes are very common.
In any Mozilla browser you can set browser.frames.enabled to False in order to prevent loading external tracking and many ads. But it will break a few pages. I find it works best to use two browsers: One has NoScript and allows session cookies, frames, etc. The other, which I use most of the time, is optimized for privacy and security. No referrer, no iframes, no script, no cookies, no supper cookies, etc.
| Years ago I was having trouble using Facebook search**, and I thought | maybe it's because I wasn't registered, so I registered but told them | nothing about myself, including my real name. Then my young niece had | a page and she asked me to be a friend and I said okay if I can use a | phony name. But then I started using my Facebook account in place of | registering. Does that mean she gets spam from every website I sign | into using my Facebook account? |
I don't know much about that, other than what I read. I think it means that if you buy kinky lingerie your niece might get a message saying that you liked Acme Panties, which has their new crotchless line on sale. :)
One thing's for sure -- if Zuck finds out that you didn't use your real name you may be drawn and quartered for the crime of "misrepresenting yourself in such a way as to reduce the profits of advertisers." On Facebook, your friends *are* the advertisers. (Czar Cheryl Sandberg says so, recasting them as "brands", which she has the nerve to cast as a category of friend:
Facebook "enables brands to find their voices. and to have genuine, personal relationships with their customers" ..."to make marketing truly social".
Who needs professional integrity when you've got Orwellian psychosis helping to increase profits?
| | The one in windows\system32\drivers\etc has only two lines: | 127.0.0.1 localhost | ::1 localhost |
See here for info and a starter kit:
http://www.jsware.net/jsware/privacytips.php5#hosts
You can also just write your own HOSTS file, and there are other samples online. The only reason to start with someone else's HOSTS file is to get the list of common advertisers and trackers to block.
| > In network settings, select | >the Properties of the tcp/ip item to see your DNS setting. | | I don't know how to do this. I used Start/network and got my router | and my computer, but that's the place, right? | Control Panel -> Network _> local area connection (probably) -> Properties. Select Internet Protocol (TCP/IP). There may also be an IPv6 entry. Click Properties. Somewhere there you should see your DNS server IP address(es).
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Let me try to be more clear.

The entry was "of the form" acmesupply.net. http://acmesupply.net
My friend's url is of the form http://www.acmesupply.net
If someone is www.name.net , is it permitted for someone else to have name.net?
His url is about his trade and his business, which has nothing to do with sneakers.
I'm not going to post my friend's url without discussing it with him first, and the question is whether there is any point to telling him about this at all. It will just annoy him to know about this if it can't be changed.

....

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 11/18/2015 4:18 PM, Micky wrote:

No, is the answer to your question but there is some missing and confusing information in your post. We own a computer business and also own MANY domain names so I do know I bit about the subject. To satisfy your curiosity may I suggest that you simply point your browser to http://www.netim.com/domain-name/whois-search.html and search for the domain name of your friend. The resulting info will show who actually owns it, etc.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Exactly. It's confusing how the search leads to a page not related to the search.

Okay, I did that, and he's listed as the owner, complete with his full name, POB and suburban town. I would have looked up acmesupply without the www, but WWW is hard-coded in front of the URL box on that page.
Thanks, and if I didn't say it, thanks all.
I could contact that sneaker site, but I doubt they'll know what to do or be willing to spend much time doing it, especially since if anything it brings them a teeny tiny bit of more business.
And google doesn't even have an email address.
Though I did complain strongly about the new format of google maps, on their on-the-map comment box, and I don't read my gmail, but I finally read it and they replied on topic and really did get rid of the boxes that annoyed me, just like I asked. (and probably millions of others did too.)

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

What I just said:

He works 50 hours a week or more, is always on call, and he has plenty of annoyances already: customers who don't pay (although he can tell that the recession is almost over because many more customers are paying), impossible to find enough qualified staff, even though he pays a good salary and benefits including sick and vacation days and health insurance (he's not big enough to covered by the law that says he has to, but he still has for more than 10 years), not actually making a profit some years but holding out for better years, etc. He doesn't need another annoyance unless it's something that can be solved.
And even then maybe the time to solve it would be more than it's worth, if this page isn't actually costing him business. I don't know what the average googler thinks if he sees it ??, and if he goes to the next 6 hits which are all for my friend's business.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

True, but my best guess right now is that this is some sort of google.com fluke. When I enter acmesupply.net directly, even without the www, I get my friend's page.
When I search for acme supply baltimore and get a hit whose summary is all about sneakers but which it says is named acmesupply.net, and I click on it, I get that page about sneakers but every page that links from it, like Help, Contact Us, Register, has a totally different domain, one with a name that a sneaker store would likely have. I'm sure they're sellling sneakers but I'm also sure people have to buy and checkout via that domain.
Yes, there seems to be no way to buy sneakers while remaining on the only page with my friend's page's name. The moment I do anything, I"m on a page that has the other name. WRITTEN LAST, MY CONCLUSION.
Which makes this hypothetical. (but thanks for making me check it out more!) But say they screw up some orders, you're right that if they still remember to google the name in those three words, they'll see his POB, suburban town, and phone number, and they might well call him, and he won't know what they're talking about. I think most people won't go back to google.com but will go to the webpage they've been dealing with, that they saved as a bookmark, that's a link on invoice they get.
I'll check out reviews of the site. (This took me a day.) Okay.... it doesn't do too well on reviews, though sometimes reviews are unnecesarily suspicious. Indeed the site is scamadviser and there are at least 5 pages accusing scamadviser of being a scam, well at least of claiming good sites are scams!! "this website is calling our website dangerous just because we have registered it in singapore and updating it from New Zealand. Are you kidding me? We are a verified business by Norton and have tons of proper information including our company's registration number on our website. It's an awkward rating website like MyWOT." And "ScamAdviser.com is worst than a scam, they use misleading, abuse and offensive title on search engine to damage other legit online businesses and push them to hopeless. Why I say that:" http://www.complaintsboard.com/complaints/scamadvisercom-a-next-big-scam-on-the-web-is-damaging-other-legit-online-businesses-c631201.html
But most of these people like it, https://answers.yahoo.com/question/index?qid 120916003800AA87S7A
Scamadviser is the only hit that negatively rates the sneaker site, and it does so not because of complaints.
But I have already copied in what it says: "Low Trust Rating. This Site May Not Be Safe to Use. Site is Seychelles based , but most likely from China...
Registered contact email address is a free one [Alert Result] Technical contact email address is a free one [Alert Result] Administrative contact email address is a free one [Alert Result] High Number Of Suspicous Websites On This Server (check the server tab) [Alert Result] This registrar is used by a high % of spammers and fraud sites [Alert Result] This Site Maybe Linked With Other Risky Sites [Alert Result] This website is 19 Days old [Alert Result] The website expected life (366 days) is relatively short. [Alert Result] The website appears to be less than six months old [Alert Result] This website setup involves countries known to be high risk [Alert Result] This website is likely to be operating from a high risk country Analysis Details:- This webite is very new , and as such doesn't have an online reputation yet. As with all new businesses , we suggest that you take care and if necessary get in contact with the owners before placing an order of value. This site has a high risk country associated with it. This may be as you expect but care should be taken if purchasing an item from a site that you didn't expect to be associated with the countries listed above. Certain countries are listed as being high risk because of the high percentage of online fraud or tendency to send fake/replica items.
Free email addresses have been used in the setup of this website. This is not necesarily worrying, depending on the site. For online shops, this can be a sign that the site has some risk
The website has been newly registered with a short life expectancy, which follows the pattern used by many fraudulent and fake selling websites. Please be vigilant and take extra care before providing any payment information. "
All in all I think there is a flaw in Google's creation of its long complicated url and the way google redirects from the url of its creation
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

The order of Domain Name Service (DNS) lookup is:
1) First lookup ".net" at the root server. Returns the IP address(es) of the DNS server for .net 2) Now lookup "name" at the DNS server for .net. Returns the IP address(es) of the DNS server for name.net. 3) Now lookup www at the DNS server for name.net. returns the IP address(es) ('A' record) of the server 'www'.
So, name.net 'owns' the subdomain www, in the sense that it is responsible for providing the IP address of the server 'www.name.net'.
Which means you have it backwards. It is permitted for the owner of name.net to 'sublet' www.name.net to an external entity such as your friend.
Likely his website is hosted by 'name.net', someone has screwed up the DNS configuration or Google is inserting ads. Try running with adblockplus.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.