So yesterday we reported that a member on Namepros found a way without hacking any security or anything like that, to find sales data from Afternic. It now looks like Afternic fixed the glitch and banned the member.
On Namepros the member explained how he came upon the data and that it was all sitting there on a public profile where anyone could access it without being logged in.
It seems they plugged the leak. Since now it’s game over, let me get you the details of my source.
When I sold BeautyTreatments.com there about 10 days back, I noticed the buyer username was “apollo” @ afternic.com/apollo, its profile gave no name but said it signed up since 2006 but no sales, no listings. And there was a recent activity widget on that profile which was showing some sales data. It occurred to me that this may be the unofficial account of Afternic, from which they may be doing acquisition for their clients.
So, the folks at Afternic were posting the sales data on a PUBLIC PROFILE page and banned my account for making PUBLIC the data which was already PUBLICLY accessible, without you being required to even sign in.
At that point I quickly wrote a python script to read that information every hour, that’s how we got to that list for about 7 days. So, the Afternic domain sales total for this week was $635,537 spread out across 382 sales with an average of $1664 per sale.
Full thread on Namepros