Hijacked Domain cwr.com

[Daehler Ralph]

I have a very important message for all domainers. I have bought 1 month ago the domain cwr.com (Registrar Networksolutions) over Sedo for USD 19950 and the transfer happened successful after a few problems with an invalid Authorization Code for a transfer to my GoDaddy account, I decided to takeover the domain to my account by Networksolutions. But yesterday Network Solution has transferred the domain back to the old owner without any information. I have opened a ticket by Network Solution and they explained me that the domain was hijacked and sold later and also back transferred to the old owner.
Sedo hasn't checked well the whois-Informations with the seller contact information, which was somebody from Mexico.
Now I have lost my money and for Sedo is the task closed when the domain is transferred.
A warning on all domaines that can happen to everybody which buy a domain on a non-registrar-platform like Sedo.

 

[ninjadomain]

I just gave him a small loan of $$$$ with cwr.com as collateral, thinking he was the owner. I tried to buy for $25k to $30k, but he said it wasn't enough. I saw it sell for $20k on Sedo before you purchased and asked him what was going on and Alejandro said it was a pricing error and he was not going to sell.

 

[Daehler Ralph]

That s not possible. See the whois. Everything is clear now. Everybody can see what happened now

 

[ninjadomain]

You would need to ask Sedo as I am pretty certain they sold earlier. I would also contact network solutions as they will see that it (if I am correct) that the domain was with him all of this time prior to the loan from me and after.

He offered to sell me jdu.com also, but I did not buy.

 

[ninjadomain]

Update on Jdu.com according to Godaddy:

They have assessed the domain name listing to be valid and the domain ownership not to be in question. Domain has had the same owner with GoDaddy since 2005.

 

[ninjadomain]

You would need to ask Sedo as I am pretty certain they sold earlier. I would also contact network solutions as they will see that it (if I am correct) that the domain was with him all of this time prior to the loan from me and after.

He offered to sell me jdu.com also, but I did not buy.

 

[Daehler Ralph]

Oki Can you send the email from Network Solutions to email me ralphix(@)gmx.net that I can send to Network Solutions. They need that for their checkings. Thanks

 

[ninjadomain]

I

Oki Can you send the email from Network Solutions to email me ralphix(@)gmx.net that I can send to Network Solutions. They need that for their checkings. Thanks

I called them yesterday and they took care of it, also forwarded you the email.

I would suggest trying to negotiate with Sedo (for at least some of the commission) and if they do not help you then just stop doing business with them. Also, filing a police report to track where the funds went and perhaps get your funds back that way.

Best of Success!

 

[Daehler Ralph]

I have requested a new whois history list on reg.com for a few 2 dollars. And this whois history is totally different and doesn't show your name Glenn. But this list is also no complete.
I will publish this list here. Just network solution is able to find this AGB from Mexico.

 

[Daehler Ralph]

You see here the detailed whois lists which I have requested. I have also one from reg.com but this one is more detailed and shows all. Thanks all for sending. See 17. and 18. October 2018. I have an open ticket by Network Solutions and they are going to check.

 

[Daehler Ralph]

I have received a Response from network solutions with make no sense and with no meaning. The Whois History is agreed. Fact is that the domain was stolen by the Glenn Smith Account (Ninja Domain Email) on the 17. October 2018 from the origin owner.
For all:
NEVER BUY DOMAINS WITH NETWORK SOLUTIONS AS REGISTRAR!!!

 

[ninjadomain]

Ralph,

I have NEVER stolen a domain! The only explanation is:

1) Network Solutions is neglecting where Alejandro took from the owner's account.
2) Alejandro was the original owner and pretended it got stolen.
3) Alejandro used my information for his account.
4)Etc.

 

[ninjadomain]

Another possibility is Alejandro never changed any information from the original account, thereby making it appear the domain had not changed. This seems to be a common tactic for the ones doing wrong.

 

[Chris Hydrick]

Fact is that the domain was stolen by the Glenn Smith Account (Ninja Domain Email) on the 17. October 2018 from the origin owner.

@Daehler Ralph -- I can sense your frustration, and empathize with your loss but accusing @ninjadomain (when he has been responsive and transparent) is defamatory at worst, and disrespectful at best. He has no obligation to assist, and provide screenshots, but here he is, helping.

With respect to your command of the English language, NinjaDomain has had to explain multiple times that he did NOT buy the domain from AGB, only held it as loan collateral. This makes me wonder what other aspects you are mistaken about...

NinjaDomain also provided a screenshot of a NetSol email showing domain being transferred from Alejandros account to NinjaDomains.

Clearly it shows Alejandro as the account holder prior to Glenn. (that email would be more beneficial if we knew the exact date of email; but based on WHOIS updates, it could have occurred around 7 October 2018 when his name first appeared on WHOIS)

I'm not sure what Network Solutions told you @Daehler Ralph, but if you are telling them the domain was stolen by Glenn, then it's no wonder their investigation is ruling against you.

The Whois History is agreed.

Did you notice the other WHOIS updates prior to October 2018?

From what I can tell (I may be missing some), the WHOIS updated date changed on:

• 2017-08-19T00:30:08Z
• 2017-03-05T14:48:28Z
• 2015-11-01T14:19:29Z
• 2015-09-24T16:17:09Z

WHOIS remained under privacy through these updates. Just noting, since there appears to be proof of the domain first being transferred from AGB NetSol to Glenn
NetSol account, then the domain was likely in AGB NetSol account under privacy, prior to the transfer to Glenn.

<<<<<<<<<<>>>>>>>>>>

What sticks out the most to me is the below comment from @ninjadomain

I saw it sell for $20k on Sedo before you purchased and asked him what was going on and Alejandro said it was a pricing error and he was not going to sell.

Not sure what exactly that email says, but since Alejandro said it was a pricing error, clearly he had knowledge of the Sedo sale. And should this turn into what was previously theorized, that email could serve as proof of the scam. Though, I'm not so sure that theory is what actually happened here...

<<<<<<<<<<<<>>>>>>>>>>>>

Not sure if this is related, but around the same time of this fiasco, Alejandro was reaching out to NetSol via Twitter...

Also on Twitter, but two years earlier in 2016, Alejandro and NetSol appear to carry out on an odd public conversation about password resets... HERE ... and less than a week later he was locked out again?

 

[Daehler Ralph]

oki that can be but it‘s difficult to unterstand here. the whois is correct. but why the emailadress??? but anyway it happened. when so then sorry to you.

 

[Chris Hydrick]

oki that can be but it‘s difficult to unterstand here. the whois is correct. but why the emailadress??? but anyway it happened. when so then sorry to you.

????

 

[ninjadomain]

Alejandro used privacy and/or kept everything the same. I would/will never steal a domain, but if I did I would never use my contact information.

 

[Daehler Ralph]

oki then i say sorry to you. we forget this story.

 

[Daehler Ralph]

but obviously network solution is not interested in solving such problems and to locate this Alejandro. I have now transfered all my domains away from this unsecure registrar.
network solution has also deleted the incident thread????

 

[ninjadomain]

10/07

 

[ninjadomain]

but obviously network solution is not interested in solving such problems and to locate this Alejandro. I have now transfered all my domains away from this unsecure registrar.

I would recommend Godaddy or Epik.

 

[ninjadomain]

Sedo should have reversed the funds (if they caught in time). Most likely you will need to get a court order to have the information (which may be fake) and this would cost you time and $$,$$$ so probably best to move on unless you have a ton of money. I also have been scammed $$,$$$ - $$$,$$$ over the years and it can be devastating in many ways, but if you can at all move on and move on more carefully each time.

but obviously network solution is not interested in solving such problems and to locate this Alejandro. I have now transfered all my domains away from this unsecure registrar.
network solution has also deleted the incident thread????

 

[Daehler Ralph]

I have received a Response from network solutions with make no sense and with no meaning. The Whois History is agreed. Fact is that the domain was stolen by the Glenn Smith Account (Ninja Domain Email) on the 17. October 2018 from the origin owner.
For all:
NEVER BUY DOMAINS WITH NETWORK SOLUTIONS AS REGISTRAR!!!

I want to say sorry here to Glenn Smith from @ninjadomain. I am sure that you are not involved in this domain hijack. This will happen again that this Alejandro Garcia Briseno will hack other domains and nobody can do anything.

I am very disappointed from platform like Sedo that they don't give some money back. I am or was a very good customer of them. I have sold this year nfc.com and the year before deh.com jur.com and hse.com on Sedo platform and they don't want to pay me a part of the money back. Poor company

 

[Joseph CA]

I’m very sorry about your lost.

 

[elevator]

It's probably not hijacked, you probably bought stolen property.

Due prudence just like you do when you buy a house is always indicated. One does a title search and a domain should be researched in a similar fashion before large sums of money changes hands.

If you look carefully there were probably clues that the domain was stolen or similar.

Not saying I don't feel your pain but man you have to be careful buying domains nowadays. If it sounds to good to be true then it probably is.

What is the purpose of sedo's verification when you are submitting domains on their platform ?
They must be held responsible for this kind of incidents when it happened like this, after all they have done verifications before having the domain on their platform and even before the transfer of the cash to the seller. The seller can not be a new one with them.
They must look for the money or domain name and send back to the buyer.

 

[carob]

What is the purpose of sedo's verification when you are submitting domains on their platform ?

All that verification does is verify that you control the domain, via the registrar where the domain is registered. That shows Sedo that you can deliver it if it is sold, since you have shown them you control the registrar account it is in. That certainly does not prove that you own the domain - account holder and registrant can be two different parties and the domain could even be stolen already.

And you could put any name and address in that you wanted in the WHOIS, if you wanted it to be public and mislead people. For .com only the email address in the WHOIS has to be verified, by the registrar sending an email to that address with a link to click to verify.

If sales are going to be guaranteed or insured a new level of service is needed it seems, not just at Sedo.