HomeAboutMailing ListList Chatter /0/0 35.170.78.142

Determining Website Ownership/Author - Need Help

2020-09-22 by: Andy Burnett
From: Andy Burnett 
------------------------------------------------------

Hey Everyone,

A client I work with is being targeted by someone(s) online who has created
a website to host a Wordpress blog and post defamatory messages about them
and their colleagues.  We'd like to determine who created the site to pursue
potential legal action, as they're likely the author of the blog entries,
but figuring something like that out has quickly moved above my skill level. 
The site owner is using domain protection to obfuscate their WHOIS record
and Cloudflare's CDN plugin to make it difficult to determine the site's
source IP.  Would anyone here know where to hire forensic IT support?  Would
anyone here have the skills to do this type of analysis?  If anyone's
interested, please let me know and we can discuss it offline.  Hope you all
are doing well.

Andy



--
Sent from: http://chugalug.1100489.n5.nabble.com/



=============================================================== From: Sudo Bash ------------------------------------------------------ You'll need a subpoena for the Domain Records if it is protected by proxy.

=============================================================== From: Aaron welch ------------------------------------------------------ Take screen caps and see if you can get a download of the entire site=E2=80= =99s content immediately. Also take note of the abuse address at the registrar. I would also recommend getting traffic stats for the domain name from Alexa or similar site to show that traffic is actually going to the domain. This will help determine material damages to a digital presence. Fighting defamation is hard because you have to prove that the statements being made are not only damaging, but also factually incorrect. My question to you is, does this have a material impact to the business other than hurt feelings at this point? -Aaron On Tue, Sep 22, 2020 at 4:20 PM Andy Burnett wrote: ed m ll Aaron Welch Chief Mechanic @ Geek Ventures 423-505-9999 n2nightfall@gmail.com "Enabling people to do great things with their own ideas."

=============================================================== From: Lynn Dixon ------------------------------------------------------ Quite honestly you=E2=80=99re gonna have a hard time Legally dealing with this due to free speech protection. You only have libel but it=E2=80=99s a hard battle as the burden of proof is on you to sh= ow, and convince a judge it=E2=80=99s worthy of going after. You=E2=80=99re going = to have to prove that the intention of the statement was to bring harm which is very hard to do in a lot of these cases. You=E2=80=99ll also have to prove without a s= hadow of a doubt that you ha e been financially impacted this negatively since it=E2= =80=99s a business. This is going to be a long arduous process and will likely cost more than it=E2=80=99s worth. =80=99s . xa s on rt em , d

=============================================================== From: Aaron welch ------------------------------------------------------ Agreed. One other thing to consider is that if their efforts are making no material difference, then they are just pounding digital sand. -Aaron show, and g to have to prove to shadow of =E2=80=99s : =80=99s r. exa is s ion urt s, rd s Aaron Welch Chief Mechanic @ Geek Ventures 423-505-9999 n2nightfall@gmail.com "Enabling people to do great things with their own ideas."

=============================================================== From: Billy ------------------------------------------------------ If the hosting site and domain is under US jurisdiction, then it=E2=80=99s h= ard to completely hide it away.=20 The registrar and hosting company need a credit card. They need to have an e= mail address and a billing address. Granted, there are ways around that, but not everyone thinks of those things= . You can obtain those records through a court order and discovery. You can also obtain the records of administrative access for the registratio= n of the domain and the hosting company. This will be expensive. It will also take a long time. Bright side is if you can prove damages, then you might be able to collect a= ttorney fees - which will probably be a lot (see above). Keep in mind, if this person filed and operates this as a corporation, then i= t might be even harder to track down an individual - especially if that corp= oration was filed outside the US. That=E2=80=99s a typical way for savvy fol= ks to protect themselves from liability and lawsuits. Think: win suit agains= t a corporation, but it has no assets and closes immediately via bankruptcy.= It=E2=80=99s a bit more complicated than that, but I=E2=80=99ve seen it in a= ction plenty of times. --b material difference, then they are just pounding digital sand. bel but it=E2=80=99s a hard battle as the burden of proof is on you to show,= and convince a judge it=E2=80=99s worthy of going after. You=E2=80=99re go= ing to have to prove that the intention of the statement was to bring harm w= hich is very hard to do in a lot of these cases. You=E2=80=99ll also have t= o prove without a shadow of a doubt that you ha e been financially impacted t= his negatively since it=E2=80=99s a business.=20 it=E2=80=99s worth. =20 e: =80=99s content immediately. Also take note of the abuse address at the regi= strar. I would also recommend getting traffic stats for the domain name from= Alexa or similar site to show that traffic is actually going to the domain.= This will help determine material damages to a digital presence. s being made are not only damaging, but also factually incorrect. My questio= n to you is, does this have a material impact to the business other than hur= t feelings at this point? wrote: ated hem ursue s, evel.=20 rd s ould all

=============================================================== From: John D ------------------------------------------------------ This isn't really a tech question either. This is a legal question. If they have the money to spend on a lawyer they can probably subpoena for whoever is the subscriber from clouldflare/etc. I'd 100% advise against listening to legal advice in an outlet like this. You'd really need to speak to an attorney, and honestly, most cases like this are settled by the offending party if all they want is the content removed. But they may spend thousands or more alone in just accomplishing that. An attorney can also likely reach out to the company and send a demand letter and the company might drop them. They could also try contacting the host directly to see if they would be willing to remove the content, but the host isn't likely to identify the subscriber without a court order. Anyway, just a thought, but yeah. When it gets to stuff like this it's no longer a technical question. It's a legal one. They need to speak to an attorney. o show, and ng to have to prove to a shadow of =E2=80=99s n =E2=80=99s ar. lexa his ct. 's u