TulipBulbs.com: Stolen, dropped & auctioned—a cautionary domain tale

Since 1998, the domain name TulipBulbs.com was used by the Messelaar Bulb Company in Ipswich, Massachusetts.

The specialty flower grower of the “finest quality topsize flower bulbs, imported from Holland” was founded in 1969 and operated its business from a great domain name for 20 years—until one day the domain was stolen.

In the words of the owner, Pieter Messelaar, the domain was “just gone” one day in early 2018. Someone had taken control of their domain account at Network Solutions and took the domain away.

How did the domain thief achieve this?


By observing that TulipBulbs.com was controlled by an email address belonging to a non-registered domain name.

It’s a typical case of domain hijacking of an “orphaned” domain name. The thief registered the controlling domain, recreated the contact email, transferred the domain TulipBulbs.com under his control, and did not renew the controlling domain the next year.

TulipBulbs.com remained under the control of the thief for several months, fully resolving as a functioning business. Eventually, it was moved for sale first at Uniregistry and then onto Epik. In late 2020 the domain was sold via Escrow.com but the process was reversed, as the seller’s sketchy contact details were unverifiable.

This is why using a service such as Escrow.com to exchange domains can protect buyers from unscrupulous sellers; Escrow.com implements the “know your customer” requirements mandated by the US government.

Via the Escrow.com transaction, TulipBulbs.com was returned to the thief who for some reason let it expire two years later; subsequently it landed on DropCatch where it was auctioned off. That auction was won by domain investor, Rick Schwartz.

We contacted the previous owner of the domain who is now retired and their tulip bulb business is closed. They were fascinated by our explanation of what transpired and stated that they aren’t going to pursue the domain name from Mr. Schwartz.

This is a cautionary tale about domain names that can be hijacked and stolen. Valuable, generic domain names are being targeted daily by unscrupulous criminals. It’s not the first nor the last time that a stolen domain ends up in the hands of a new owner, who was never aware of the domain’s history.

In the end, a domain is as safe as the domain registrant’s precautions to safeguard it.

Note: The domain’s past status and transaction history were provided to us by a third party that desires to remain unnamed.

Copyright © 2022 DomainGang.com · All Rights Reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available