[NetBehaviour] "Stolen" Domain Name, a Masterful Tangle

Alan Sondheim sondheim at panix.com
Sun Jan 7 04:51:53 CET 2018

"Stolen" Domain Name, a Masterful Tangle


I registered asondheim.org, only to find I lost the domain after
never being notified I needed to renew it (admittedly my bad).
It was immediately bought up by someone in Australia, who
offered naturally to sell it back to me (the first I heard of
the problem). I refused. Now it's Ukrainian (?), bought and sold
and useless. This happened years ago. Who knows what evil lurks
in the heart of asondheim.org? I don't. (Wild west domains
indeed. The mystery shallows.)

5	whois asondheim.org

Registry Domain ID: D90723418-LROR
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.wildwestdomains.com
Updated Date: 2017-11-10T01:20:56Z
Creation Date: 2002-09-28T17:58:20Z
Registry Expiry Date: 2018-09-28T17:59:31Z
Registrar Registration Expiration Date:
Registrar: Wild West Domains, LLC
Registrar IANA ID: 440
Registrar Abuse Contact Email: abuse at wildwestdomains.com
Registrar Abuse Contact Phone: +1.4806242505

Domain Status: clientDeleteProhibited
https://icann.org/epp#clientDeleteProhibited Domain Status:
https://icann.org/epp#clientRenewProhibited Domain Status:
https://icann.org/epp#clientTransferProhibited Domain Status:

Registry Registrant ID: C199002696-LROR
Registrant Name: Oleksandr Grytsai
Registrant Organization:
Registrant Street: Dorfstrasse 244a
Registrant City: Trimmis
Registrant State/Province: HM
Registrant Postal Code: 7203
Registrant Country: UA
Registrant Phone: +380.2559402812
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dotcom.laboratory at gmail.com
Registry Admin ID: C199002698-LROR
Admin Name: Oleksandr Grytsai
Admin Organization:
Admin Street: Dorfstrasse 244a
Admin City: Trimmis
Admin State/Province: HM
Admin Postal Code: 7203
Admin Country: UA
Admin Phone: +380.2559402812
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: dotcom.laboratory at gmail.com
Registry Tech ID: C199002697-LROR
Tech Name: Oleksandr Grytsai
Tech Organization:
Tech Street: Dorfstrasse 244a
Tech City: Trimmis
Tech State/Province: HM
Tech Postal Code: 7203
Tech Country: UA
Tech Phone: +380.2559402812
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: dotcom.laboratory at gmail.com
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:
>>> Last update of WHOIS database: 2018-01-05T20:05:50Z <<<

For more information on Whois status codes, please visit

Access to Public Interest Registry WHOIS information is provided
to assist persons in determining the contents of a domain name
registration record in the Public Interest Registry registry
database. The data in this record is provided by Public Interest
Registry for informational purposes only, and Public Interest
Registry does not guarantee its accuracy. This service is
intended only for query-based access. You agree that you will
use this data only for lawful purposes and that, under no
circumstances will you use this data to: (a) allow, enable, or
otherwise support the transmission by e-mail, telephone, or
facsimile of mass unsolicited, commercial advertising or
solicitations to entities other than the data recipient's own
existing customers; or (b) enable high volume, automated,
electronic processes that send queries or data to the systems of
Registry Operator, a Registrar, or Afilias except as reasonably
necessary to register domain names or modify existing
registrations. All rights reserved. Public Interest Registry
reserves the right to modify these terms at any time. By
submitting this query, you agree to abide by this policy.


Then I found this:

  Posted 09 July 2005 - 03:22 PM
Hi - I am trying to transfer www.asondheim.org over to you. I just
received an email confirmation letter with the URL
https://rr-n1-tor.op...ndex.cgi?away=1 - whoever they are,
and this leads to something called Wild West Domains.

Is this you? What's going on here? Is TCH affiliated with them? Is someone
trying to hijack the domain name?

Please answer quickly if you can - this is rather unnerving.

After I enter the password this is what I get:

A request has been received to transfer the domain asondheim.org away from
the Registrar OpenSRS.
This request was entered at 08-JUL-2005 07:06:56 by Wild West Domains,

If this is a valid request and you wish to approve this transfer, please
select the Approve box below, and then hit Submit.
If you wish to decline this transfer, please select Decline below, and
then Submit.

-- The request was made to Tucows, which has held the domain.

- Alan

Edited by sondheim, 09 July 2005 - 03:24 PM.


More information about the NetBehaviour mailing list