Dynadot

Hijacked Domain cwr.com

Spaceship Spaceship
Watch

Daehler Ralph

Established Member
Impact
96
I have a very important message for all domainers. I have bought 1 month ago the domain cwr.com (Registrar Networksolutions) over Sedo for USD 19950 and the transfer happened successful after a few problems with an invalid Authorization Code for a transfer to my GoDaddy account, I decided to takeover the domain to my account by Networksolutions. But yesterday Network Solution has transferred the domain back to the old owner without any information. I have opened a ticket by Network Solution and they explained me that the domain was hijacked and sold later and also back transferred to the old owner.
Sedo hasn't checked well the whois-Informations with the seller contact information, which was somebody from Mexico.
Now I have lost my money and for Sedo is the task closed when the domain is transferred.
A warning on all domaines that can happen to everybody which buy a domain on a non-registrar-platform like Sedo.
 
17
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Seems you could run an easy scam.

1. Put a valuable domain in its own account with a newly created email.
2. List domain at Sedo
3. Sell domain and get paid under scam whois and overseas bank
4. Use real info and tell registrar the domain was stolen.

Now you got paid from Sedo and the registrar returns domain from the unsuspecting buyer at Sedo.
Yes great analyze. It's so easy to get money like that.
And then you wait 1 or 2 years and repeat the same scam with the same domain.
 
1
•••
WHOIS Registrant Name History of CWR.com according to DomainIQ
  • December 2014 -- RJR Enterprises Chuck Risley
  • April 2015 -- Perfect Privacy, LLC [possibly updated 2015-03-12T19:03:30Z]
  • October 17th, 2018 -- Glenn Smith [possibly updated 2018-10-07T17:26:04Z] *tagging @ninjadomain for comment*
  • October 18th, 2018 -- Alejandro Garcia Briseno* [possibly updated 2018-10-18T04:19:32Z] [email protected]
  • October 25th, 2018 -- Perfect Privacy [possibly updated 2018-10-24T18:04:20Z]
  • December 5th, 2018 -- Protected, WhoisGuard [p. updated 2018-11-03T07:30:15Z] [email protected]**
  • December 19th, 2018 -- Daehler, R (assuming @Daehler Ralph) [p. updated 2018-12-14T11:47:03Z]
  • January 4th, 2019 -- RJR Enterprises Chuck Risley [p. updated 2019-01-04T17:21:13Z]
**Registrant Name shows Protected WHOIS Guard, yet it reveals WHOIS Info. The address listed appears to be a UPS store.
Show attachment 106223

Hosting History
Show attachment 106222



I had given him (AGB) a loan with cwr.com as collateral. He paid me back with interest as he has done with a few domains. The strange thing is I had offered him $30k for the domain and he said it was too low. I have not heard from him (AGB) in a few weeks so not sure what is going on. If a big value domain, I always recommend trying to reach the previous owner to make sure everything is legitimate.
 
2
•••
It appears Alejandro Garcia Briseno (AGB) may have sold other 3L.com on Sedo.

Given the allegations behind other domains sold by AGB, there is a possibility that other domains sold by AGB may have also been stolen, such as GHE.com

The previous owner of GHE.com was using a Mindspring.com email address that had been pwned multiple times.

Show attachment 106307

I will work on contacting the previous owner of GHE.com to confirm the status.

If anyone is in contact with Nat Cohen of Telepathy.com, they might want to reach out to him to make him aware of this red flag.
Wow you are great. Thanks for all. I have written an message to Nat Cohen. I don't think that he will respond me. What do you think, can I do to get my money back?
 
0
•••
0
•••
But domainers are already complaining about escrow.com procedures, that are less intrusive.

Buyers need to do due diligence. Sedo is not the seller, and not even a real broker most of the time. Just a third party assisting with payment and technicalities. They cover their a$$, not yours.
Nobody is going to hold you by the hand. But if for some reason that is your expectation, review the terms of service first to double-check what is covered and what isn't.
Sometimes I am surprised that people are casually spending so much money in confidence on the Internet.

The other thing that crossed my mind is the prohibition from contacting the other party directly that is in place by the auction houses. If they won't let buyer contact and confirm who the seller is, why do they take commission? Unless you brought your buyer/seller to the platform, you can only rely on the auction house to check who the other party is. Why on earth should they walk free - commission in hand - while the buyer is left out of money and domain? Seriously, I doubt that their silly terms and conditions would wash with me, if I happened to be in the victims' shoes. Not that I would be buying a 20k name anyway. 😂😂😂 I would be flying out to wherever that name is before I hand over that kind of money! We all know someone somewhere who knows somebody somewhere, in the event that we can't really physically be there. Meeting in a public place would mean the police would have a very good who the domain thief is!
 
Last edited:
4
•••
Last edited:
1
•••
I want to get now the banking Details of Sedo, this would help then if this guy (AGB) really exists.
 
0
•••
**Registrant Name shows Protected WHOIS Guard, yet it reveals WHOIS Info. The address listed appears to be a UPS store.
123360_a207b753ba3a1a56f7db1a01272c1521.png

:oops: Apparently that address is just the address of WhoIsGuard.

So nothing there; except the alejandro @ cdcybernet email address...
 
Last edited:
0
•••
Wow you are great. Thanks for all. I have written an message to Nat Cohen.

First things first, attempt to confirm or deny the status of the domain with previous owner. As the sale of GHE.com could have very well been legit. At this point it's just a red flag, given the other allegations behind the seller.
What do you think, can I do to get my money back?

Document everything. Did you have any communication with the seller?

Where's all the communication with Sedo?

I want to get now the banking Details of Sedo, this would help then if this guy (AGB) really exists.

Why the banking details of Sedo?

You would need the payout details. Proof of Identity. And possibly IP Addresses.

But to do this, you'd likely need to subpoena this information through the courts.

I would also pay you a good price when you could help me to get the money back.

That money might be better spent with a qualified lawyer such as @jberryhill (or others) ... As this will likely require legal intervention.
 
Last edited:
1
•••
Perhaps a lawyer such as Berryhill could help you negotiate with Sedo to minimize your lost.

I am slowly learning not to even deal with these big domain marketplaces as if something goes wrong, no matter how much you have spent at their marketplace, they will not help out. Also, I would not deal with any reseller until you are certain they are trustworthy as too many red flags with some people.

Prayers for something to work out!
 
3
•••
Perhaps a lawyer such as Berryhill could help you negotiate with Sedo to minimize your lost.

I am slowly learning not to even deal with these big domain marketplaces as if something goes wrong, no matter how much you have spent at their marketplace, they will not help out. Also, I would not deal with any reseller until you are certain they are trustworthy as too many red flags with some people.

Prayers for something to work out!

I saw this name at Sedo as I mentioned earlier and in the whois history I thought I saw you in there Ninja, I was like I know who that is and did he sell? Because then the seller was Mexico and I thought it was a stolen name same with NWX.com.
 
0
•••
I had given Alejandro a loan with cwr.com as collateral. He paid me back with an extra fee like he did with a few domains. I tried buying for $30k, but he said the offer was too low. I have not heard from him in awhile so my only advice is to not deal with him until he is cleared.
 
1
•••
Completely disagree.

The expectation is that the seller/brokerage has vetted the listing. In this case it’s Sedo, a seller of millions in domains.

I’d sue them immediately for transfer of stolen goods. They are supposed to ensure that what they sell is legitimate. They are also assuming that transfer of goods is final, upon payment from buyer.

This is the official reply from Sedo as I posted in the thread I was contacting them, because I want the official position of marketplaces for an article, I remember seeing CWR.com and NWX.com thinking of buying, once I did the homework I knew they were stolen.

So here is the reply from SEDO, I bolded the part where they say we ain't paying you back.

Sedo takes domain theft very seriously and is committed to protecting domain ownership rights. We encourage anyone who feels they have lost a domain due to fraud to report the theft in accordance with our stolen domain policy (https://sedo.com/us/about-us/policies/stolen-domain-policy/

Stolen Domain Policy - Sedo
Stolen Domain Policy . Along with protecting intellectual property rights, Sedo is committed to protecting domain ownership rights, whether those of our users, third parties, or our own.
sedo.com
) so that Sedo’s Security & Compliance team can review the domain and block it from our services, as appropriate, to prevent a sale on our marketplace in the first place.

Unfortunately, as with anything sold on a secondary market, buyers bear a degree of risk that a domain was once stolen or that the seller has otherwise violated the terms of the purchase and sale agreement. While Sedo employs strict marketplace terms and conditions, between WHOIS privacy and disparate registry policies, it is impossible for Sedo or anyone to guarantee that a domain has never been stolen or remains subject to any other kind of legal dispute. The domain’s registrar, ICANN, or a court of law are the venues to resolve any dispute and Sedo gives our full cooperation once a dispute has been initiated.


We empathize with our buyer’s desire to eliminate that risk entirely but we ask buyers to perform their due diligence research prior to agreeing to a purchase (especially to ensure that their purchase or intended use does not violate a third party’s trademark which is a key element in UDRP proceedings) and to review their registrar policies on how they would handle a claim of domain theft.


Sedo does help our buyers minimize risk by requiring sellers to provide a legally binding representation and warranty that they have the authority to sell the name. Once a purchase and sale has been completed, however, Sedo cannot return the funds paid to a seller as we are not an appropriate party to arbitrate a dispute. If a domain is later taken away from a buyer because of the seller’s violation of the purchase and sale agreement Sedo advises the buyer to seek legal counsel to pursue the seller for breach of contract and will support the buyer by providing a documentation history regarding the transaction. This allows a buyer who ends up losing the domain because of theft to pursue the seller for a refund/damages.
 
4
•••
I had given Alejandro a loan with cwr.com as collateral. He paid me back with an extra fee like he did with a few domains. I tried buying for $30k, but he said the offer was too low. I have not heard from him in awhile so my only advice is to not deal with him until he is cleared.
 

Attachments

  • Screenshot from 2019-01-08 13-03-20.png
    Screenshot from 2019-01-08 13-03-20.png
    285.3 KB · Views: 108
2
•••
I just emailed Alejandro and let him know that you need help. Hopefully, he will do the right thing!
 
3
•••
I have collected the informations. And i Have to inform a few companies about this security hole of the domain market place. The most of the people which are buying domains on this mass plattforms doesn”t know enough about that problem like me. And this will happen again. This is a case for the police. It”s going to prevent such stories in the future.
 
Last edited:
0
•••
Not sure when it was added, but CWR.com is currently being offered for sale on PerfectDomain.com with a $225,000 BIN. It's listed by Domain Admin Seek99.

upload_2019-1-9_4-59-10.png


**Note**

Seek99 is a known internet alias for Oliver Hoger (@Oliver Hoger) who is the CEO of PerfectDomain.com. If Seek99 is indeed his seller account, he may simply be brokering the domain; not sure.
 
Last edited:
1
•••
I have also informed PerfectDomain by message. When we always inform all plattforms, when we see that the domain is listed for sale. We can prevent a same situation. Then domain Name must be worthless for the owner.
 
0
•••
Once a purchase and sale has been completed, however, Sedo cannot return the funds paid to a seller as we are not an appropriate party to arbitrate a dispute. If a domain is later taken away from a buyer because of the seller’s violation of the purchase and sale agreement Sedo advises the buyer to seek legal counsel to pursue the seller for breach of contract and will support the buyer by providing a documentation history regarding the transaction.
This again urges me to think about finding an insurance company that can give me a policy against domain ownership issues.
 
2
•••
This again urges me to think about finding an insurance company that can give me a policy against domain ownership issues.

Yes, I mentioned that years ago, no one seemed interested but I think it's a good idea.
 
2
•••
This again urges me to think about finding an insurance company that can give me a policy against domain ownership issues.

Would the insurance company physically send a representative to the domain owner to sign a purchase / ownership agreement?

In a perfect world, I suppose an iron clad domain sale would be notarized, video taped, and live streamed at the WHOIS address.

But how to know WHOIS wasn't changed years ago?

Would you need original owner, and each owner after that, to confirm the domain is not stolen? What if owner didn't renew, and assumed stolen, when it was actually deleted / auctioned?

It almost seems like an insurance company can create some sort of ## point checklist to determine risk factors. The harder it is to verify, the more expensive the policy. But given the resources needed, it might only be feasible for high value purchases.
 
Last edited:
3
•••
I wonder if this alleged hijacking affected other domains using @cwr.com WHOIS email?

upload_2019-1-9_7-55-43.png
 
1
•••
It appears Alejandro Garcia Briseno (AGB) may have sold other 3L.com on Sedo.

Given the allegations behind other domains sold by AGB, there is a possibility that other domains sold by AGB may have also been stolen, such as GHE.com

The previous owner of GHE.com was using a Mindspring.com email address that had been pwned multiple times.

Show attachment 106307

I will work on contacting the previous owner of GHE.com to confirm the status.

If anyone is in contact with Nat Cohen of Telepathy.com, they might want to reach out to him to make him aware of this red flag.

Hello

I have made a lot of investigations on the web and contacting the owner.
For me was the domain stolen from the Glenn Smith Account on 17. October and then transferred on the 18. October 2018 to the AGB-Account for sale on different platforms like SEDO. The DNS was keep as it was from the original owner that he is not realizing that his domain is stolen till the domain is sold.
The money is lost but I would like know what exactly happened. I will get in Contact with Network Solutions to find the Hijacker.
 
0
•••
Whois History:

WHOIS Registrant Name History of CWR.com according to DomainIQ
  • December 2014 -- RJR Enterprises Chuck Risley
  • April 2015 -- Perfect Privacy, LLC [possibly updated 2015-03-12T19:03:30Z]
  • October 17th, 2018 -- Glenn Smith [possibly updated 2018-10-07T17:26:04Z] *tagging @ninjadomain for comment*
  • October 18th, 2018 -- Alejandro Garcia Briseno* [possibly updated 2018-10-18T04:19:32Z] [email protected]
  • October 25th, 2018 -- Perfect Privacy [possibly updated 2018-10-24T18:04:20Z]
  • December 5th, 2018 -- Protected, WhoisGuard [p. updated 2018-11-03T07:30:15Z] [email protected]**
  • December 19th, 2018 -- Daehler, R (assuming @Daehler Ralph) [p. updated 2018-12-14T11:47:03Z]
  • January 4th, 2019 -- RJR Enterprises Chuck Risley [p. updated 2019-01-04T17:21:13Z]
**Registrant Name shows Protected WHOIS Guard, yet it reveals WHOIS Info. The address listed appears to be a UPS store.
 
0
•••
Alejandro obviously offers a sale service for domain names. The you cannot get the money back
Also found a site of him:
www.dndisputes.com

@ninjadomain How much you had to pay for the sale of the domain cwr.com to Alejandro?
 
0
•••
Back