Rebecca J. Burns, previous owner of the domain CQD.com and founder of ComQuest Designs, has come forward in social media, claiming that her domain was stolen.
A few days ago, we were informed that CQD.com was taken away from domain investor, James Booth, who said he paid $26,000 dollars to acquire it.
The story so far:
Initially, Network Solutions received a complaint from ComQuest Designs, that the domain CQD.com was stolen, and took possession of it, weeks after James Booth acquired it.
Several days later, the domain was released back to James Booth, who apparently provided evidence of acquiring the domain in an Escrow.com transaction.
Rebecca J. Burns is the owner of ComQuest Designs, a Gainesville, FL firm, and the previous owner of CQD.com, per the WHOIS records provided by DomaintTools.
Ms. Burns stated that she intends to file legal action in order to reclaim her domain, and provided the following information in a report filed yesterday:
On December 27, 2018 I was checking on my domains and noticed Network Solutions was transferring CQD.com from me to a unknown party. I called Network Solutions immediately to ask what was going on / to report it and they put a legal lock on it. Seems a person (unknown to me) sold my CQD.com domain (worth $150k or more) on the escrow.com platform to James Booth, aka Namespro, a domain reseller several weeks prior to me catching this activity. I called Escrow.com and they stated the buyer paid 19k for my domain. The seller was in California. I was told by Legal Lock, Escrow.com and Network Solutions NOT to contact the buyer, that their legal team(s) were investigating and would handle it. […]
Network Solutions PROMISED my domain would not be transferred as I reported the hack, the fraud. However, today (3/7/18) I found out because I was following up with a phone call to Network Solutions, as I had been emailing requests for status but never heard back from them, that their Director of Investigation, Tom Lam at Web.com, in Nova Scotia had concluded his “investigation” into my complaint and found no reason to stop the transfer. WHAT? He never reached out to speak to me. What did his “investigation” entail? Nothing with me, that’s for sure! SO my CQD.com is now transferred as of today to a person who purchased stolen personal property so that he can resell it and make a huge profit. I never authorized this transaction. I never signed any paperwork. I never spoke to anyone with my voice at my phone number allowing this!
From a Facebook post, Ms. Burn appears to have listed CQD.com for sale on Afternic on November 30, 2015, seeking $150,000 dollars at a minimum. It is therefore impossible to have been the seller in this latest exchange, and the conclusion should be that the domain was sold to domain investor, James Booth, by a third party without the consent of Ms. Burns.
In an interesting twist, CQD.com first changed hands in mid October 2017, and was moved to the Chinese domain registrar Ename, a popular destination for domains stolen by Chinese hackers.
On October 17, 2017, the domain’s WHOIS info was as follows:
Redacted as unrelated.
On October 25, 2017, the domain was moved back to Network Solutions, and the WHOIS information was restored to that of its previous owner, ComQuest Designs. We aren’t aware of any actions that might have triggered this domain ownership reversal, but usually such swift registrar changes occur when a domain is reported as stolen.
We will update this post once there is new information about this matter.
Update: The following photo was provided by Quanming “Mike” Han, showing the person he negotiated with via Escrow.com in mid-October, used the name “Junior” with an email “jamunkel@hotmail.com.”
Mr. Han canceled that escrow, when he became suspicious of the authority of the seller to sell CQD.com.
Copyright © 2024 DomainGang.com · All Rights Reserved.
I had a similar situation happen to me, I purchase the domain name; “Petro. co.ve” from GoDaddy, I own this domain name for a number of weeks during this time the Domain name was pending registration I called GoDaddy and asked why the domain name was pending registration and when I try to register the domain name the registration would not go through. GoDaddy told me that they would contact the register and in doing so they informed me that.. “The register was behind on their registrations.” so, this domain name kept the status of registration pending all the while I owned it. Then, I was informed by GoDaddy that the domain name was being deleted from my account.
Reason being.. Someone else owned the domain name, and it was registered to me by mistake. It seems to me like something fishy is going on, the “.co.ve” has a open registration (anyone can own it) GoDaddy informed me that they would be refunding my money however, I am unable to track where the domain name is actually registered now. I believe someone else wanted this name and took steps to take it away from me.
Mark – Sorry to hear, however, your case has nothing similar to the domain theft reported in this article. It looks like a registry issue, versus an outright domain theft.
Two Questions
“On December 27, 2018 I was checking on my domains and noticed Network Solutions was transferring CQD.com from me to a unknown party.”
1 Is Rebecca from the future?
2 Assuming she meant December 2017, what happened a few months earlier in October 2017 when the domain was moved to eName, then back to Network Solutions? Did Rebecca have to intervene then?
FWIW
The above email address [33702641@qq.com] is listed on the November 19, 2017 technical WHOIS email for FLPW.com of Canada’s Big Wang Business. WHOIS registrant MichaelB9@Yeah.net aka ChineseDomainMarketplace.com. Perhaps, somebody with Skype , can reach out to Mr. Mike Han for comment @ DomainKing2
I am the one who bought it on octorber 2017, then i found it is no safe so i returned. i have escrow.com record and i also lost money on that purchase. This is Mike Han, the domain broker and domain investor from China!!!! You describe me as the hacker!!!This is pure slander!
Mike Han – No, simply stating here that the WHOIS info changed last year before this incident, and that it was moved to Ename, a registrar that has in the past shielded domain thefts by Chinese. The WHOIS info was recorded by DomainTools.
If you were also a victim and indeed lost money, then you bought the domain from the thief. I’ve removed your WHOIS info.
Mike Han — if you really are a victim (as you claim), you can help the investigation by providing additional information, such as:
(1) How did you find out it wasn’t safe? And who did you return it to?
(2) How did you do out to CQD.com was offered for sale? And how were the terms negotiated?
(3) How much money did you lose?
Posting screenshots of your correspondence with the alleged thief and escrow.com to the below bolded namePros thread will not only help the investigation, but will help clarify your role as victim, rather than a person of interest.
https://www.namepros.com/threads/domainer-scammed-for-26k-on-a-stolen-domain.1068888/
Lastly, for future reference, if you would have contacted DomainGang and/or posted on namePros, when you were allegedly scammed (in October) it could have prevented others from being scammed as well.
(2) How did you **find** out CQD.com was offered for sale? And how were the terms negotiated? ie email, messenger, phone, etc?
Stranger by the minute. People really need to start posting screenshots.
This is Mike Han again, you guys seems very curious about my transaction of cod.com. So i will show you guys the details. However, i do not find any place to upload the screenshot of the transaction of cod.com on domain gang.com.
At first, i contacted the seller of cod.com for a client, and we agreed on the price of $19K, so we started the escrow.com transaction. My client trusted me so he give me the money first, that’s why i acted as buyer on the escrow.com transaction and the domain transferred to me after the escrow.com secured the money. After I received the domain, my client asked me again if the domain is safe. So i checked again, and i find it is a little strange. The seller’s name wasn’t match with the whois and the website showed. Therefore, i suggested my client give it up and returned the domain. I contacted escrow.com and let them not to release the money, and i give the code to the seller so that it can be transferred back to them.
We received the money back from escrow.com after the domain back to the seller. So our lost is just the fees on escrow.com and bank transfer fees. If anyone will help me upload the record, you can email me 33702641@qq.com.
Mike Han – Email the screenshot to info [at] domaingang [dot] com
David — I agree that those involved need to start posting screenshots, BUT I also think seasoned domainers like yourself need to exercise more caution with their comments. ie Stop assuming and start researching
For example, you said
“March 2017 – Rebecca aka CQD owner aka @spoiltrider for no apparent reason, registers the domain ComquestDesigns.com as an alternative to CQD.com.”
However, if you bothered to check a free historical WHOIS record, you would find that Rebecca had registered ComquestDesigns.com on June 18th, 2015 using her Yahoo email address. Possibly hosted with 1and1.com. Given the current registration date (March 2017) it’s safe to assume that she didn’t renew the domain; ie the 2017 WHOIS date is a re-registration If you can’t tell by the bold my issue with your comment, is you assumed she registered her full business name for no apparent reason.
Then you said “The owner of CQD.com is the person on the WHOIS. And that is James Booth. Period.” … So you’re saying you’ve seen screenshots from James that proves he actually dealt with Rebecca? As far as I know, James hasn’t posted any…
Nevins – I try not to assume too much, but maybe every now and then….
Thanks for the insight into the whois history for comquestdesigns. I did a quick whois search and saw 2017.
Even if it was 2015, there is so much we do not know. Looking at this from my perspective, not knowing this individual personally, I still don’t even know if the person portraying themself as Rebecca….is actually Rebecca from the whois history.
All I know is that we have a person claiming they did not sell their domain, and two other people saying they lawfully purchased the domain and paid through escrow. One returned the domain and the latter kept it. The one that kept it claims they did “their” due diligence. The person claiming they did not sell says they did receive a message from the current registrant. Who’s telling the truth?
Additionally, we have a registrar that has sided with the current registrant.
What is to be done with all of this? The person claiming to be a victim needs to lawyer up.
Seems these parties are no longer asking for any type of assistance. Perhaps they are moving on.
If nothing changes, the current registrant (James Booth), will remain…
David —Thank you for the respectful response, to a some what heated comment. Much appreciated, and apologies if I offended.
Like you, I am not 100% that the parties (Mr. Han and Ms. Burns) are real and/or who they say they are…
Truth be known, I am not 100% convinced that @spoiltrider (Rebecca) is real. I am also not convinced Mr. Han is real. This is one big mess.
I did notice an interesting “coincidence” in how “Mr. Han” and “Rebecca” communicate.,,
In Ms. Burns defense, she is using nP (which has a decent proxy detection system). Hopefully mods verified her Florida location. As for Mr. Han, perhaps nP writer James Iles can vouch for him via what looks like a 2016 sale of 781358.com from Mr. Iles to Mr. Han.
I tried emailing both of them; no response yet.
Meanwhile, nP member Tonecas is giving domainers a good name by using his time to post great research in the nP thread.
Why can’t James Booth be proactive as well? I get that he doesn’t care to prove his innocence via screenshots to the community. But you’d hope, if Ms. Burns really is a victim, then James would be proactive during this confusion; at the very least forward her…
… emails. #ShameOnJames
So Rebecca finally posted a screenshot from escrow.com, and I am a bit confused. Would staff had logged into Rebecca’s account to take a screenshot, to send it to Rebecca?
(1) Notice the URL shows my escrow: my.escrow.com/myescrow/transaction.asp?TID=3463051
(2) Transaction ID is blacked out, yet it’s still in the URL and under the total above escrow ID.
(3) The is an R (for Rebecca?) at the top right of the screenshot next to the new transaction button.
(4) There is a light blue line under the my transaction tab. Assuming because the page is viewing that tab.
Why would escrow staff log into her account to send her a screenshot? Can’t staff access that info with their elevated accounts? And why would staff black out the transaction ID once, but left it visible in two other areas?
The transaction was cancelled 18 days after the seller selected auth code transfer. Mike Han had the domain in his ename account for 8 days before it went back to Rebecca’s NetSol account. 4 days later the escrow transaction cancels.
Somethings not adding up.
What I don’t understand:
Rebecca (nP Spoiltrider) claims Escrow.com sent her screenshots of two emails between Rebecca@CQD.com and JDN808@gmail.com dated November 6th.
James Booth appears on the WHOIS November 9th
https://www.namepros.com/threads/domainer-scammed-for-26k-on-a-stolen-domain.1068888/page-19#post-6629032
In one email, Rebecca@CQD.com writes, “I’ve just hidden the buyers name and transaction ID in an attached screenshot. Please find the screenshot attached.”
(nP Spoiltrider) claims the screenshot with the buyer name and transaction ID hidden was sent to her by escrow.com:
“how did i get this? it was sent to me by a party at escrow.com when they began asking me who i am.”
(1) How did escrow.com obtain the two emails from JDN808@gmail.com and Rebecca@CQD.com, to include the redacted screenshot?
(2) Is there a way to validate that Escrow.com sent these emails to (nP Spoiltrider)? Perhaps, if (nP Spoiltrider) provided a screenshot that included an escrow.com email address, then it could be confirmed.
(3) Who is JDN808@Gmail.com? Is that James Booth? …Or a third buyer party? e.g. (Mike Han,…
… James Booth, Jack K?)
(side note: my comments are getting cut off. My last comment said it had six characters left from the 1200 total, yet it cut off the last 22 characters of my previous comment.)
I possibly answered my own question.
It appears that Jack K aka JDN808@gmail.com is Jack Kalfayan.
Possibly DBA quickcontractsltd@gmail.com OR bidder alias QC1 on NameJet.com
https://www.namepros.com/threads/bidding-on-your-own-names-at-namejet.1030874/page-47#post-6270475
Mike Han – Thank you very much for your assistance. You are a stand up guy! I say this not only in gratitude of your help, but also because you noticed the obvious red flags, and made this decision not to deal with stolen domains.
I’d also like to retract my statements that I’m not sure if Mike or Rebecca were real people. I can’t confirm 100% having not met them in person, but I have corresponded with them via different media method, and I do think their stories are believable.
Stay tuned…
Update: Domain no longer stolen, per https://domaingang.com/domain-news/cqd-com-domain-no-longer-stolen-returned-to-owner/