Dynadot

warning I lose $42,000 on an escrow.com transaction as pdd.com, help please.

Spaceship Spaceship
Watch

American

Established Member
Impact
44
Hi,
I bought pdd.com via escrow.com and the seller took the domain back on networksolutions.com after he received the money $42,000 US dollar.

for detailed information, please view http://www.drjw.com/

Any suggestions about what I can do is welcome, thank you!

If you know a lawyer who is an expert in online domain name disputes, please tell me his/her contact information, thank you very much!
 
17
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Can you post that screenshots of that email as well? To include all contact you had with Patrick. Thx.





Also, as you say you have gathered his IP, can you answer if you've shared that info with NetSol, Escrow, Sedo, and possible law enforcement?

I also want to note, if you have his IP, that you should message it to NamePros staff. I don't believe they will be able to give you much, if any, user information (if exists), but they may be able to add additional info to the proper authorities, if IP address matched a hit. If you don't send NP anything, I don't assume they would get involved, as I don't assume Escrow (or others involved) will be reaching out to NP with info requesting additional info. Though, it would be great if the industry collaborated for such things. Even if NP doesn't have any hits from that IP, if it was a legit IP, then NP may identify the scammer if the scammer makes his way to NP...
I don't have his real ip,He used a proxy server, just do not want me to find his true message.
I'm already sent all transaction detail about pdd.com and 3620.com to NS and web.com.but it's not work.
 
0
•••
American, did you ask Web why your account was locked? What was the complaint against you and when was it reported? So we know if NetworkSolution took measures or not before or after your sales to find out who the thief or just an IT insider that need quick money ??
 
0
•••
American, did you ask Web why your account was locked? What was the complaint against you and when was it reported? So we know if NetworkSolution took measures or not before or after your sales to find out who the thief or just an IT insider that need quick money ??
I ask them day by day,but they just give me back onece or twice a week.
 
0
•••
American, Post the IP (or cloak IP) maybe someone can go to that source and ask for you. Who knows. IF the thief is hiding behind proxy server, someone may ask that proxy server about a particular user on that day (particular day and time stamp) and it will reveal the source. If you give that information and time stamp of IP.
 
1
•••
I'm already sent all transaction detail about pdd.com and 3620.com to NS and web.com.but it's not work.

Cool. Now can you please post the negotiation email(s) you claim to have had with [email protected] regarding PDD.com...

Without such email(s) being presented, it is unknown how you agreed on a price, or decided to use Escrow.

This is the 4th time you are being asked for it in this thread...
 
Last edited:
3
•••
American, Post the IP (or cloak IP) maybe someone can go to that source and ask for you. Who knows. IF the thief is hiding behind proxy server, someone may ask that proxy server about a particular user on that day (particular day and time stamp) and it will reveal the source. If you give that information and time stamp of IP.
first:209.85.218.67
scound:74.125.82.193
These two ip was his usually used that i can see it in my email.
Time zone was UTC+02:00
 
1
•••
I think you have something. RBG is Rubin Brown an accounting firm in MO. Could this Patrick somehow connected to that firm? Because according to Whois, if Networksolution finds out that Patrick is a thief, removed the PDD back to whoever is [email protected] shouldn't his account be block? On the 6, PDD was reversed by NS/Web, but on the 7, RBG is still with this "Patrick".

Then later, it is now back to supposedly RBG. I am not sure what to make of this. Did Networksolution reply to a "hey my domain got stolen" by PDD or was it by "Patrick" ? And is Patrick somehow related to RBG????

How are these domains easily be stolen from 1) An accounting firm 2) An IT firm????

I can't figure it out.

---------------RBG.com went into privacy for more than a year
What????? Is there a theft? Or is it someone from RBG?

My assumption would be that RBG.com was also stolen. Then RBG.com contacted NetSol (or vice versa), and the domain was returned to the previous owner, Rubin Brown.

This may have triggered an investigation into Patrick Sitrok's NetSol account, where NetSol would have noticed Patrick pushed domains 3620.com, and PDD.com to OP. Then, they locked OPs NetSol account.

Now, I am not sure what triggered what first. PDD.com could have first contacted NetSol, and that may have triggered RBG.com to have been returned to Rubin Brown. (or vice versa)

One thing that may be considered when trying to determine this, are the dates. ie

It appears WHOIS was updated back (from Patrick Sitrok) to Ruben Brown on 10 Dec 2017.

OP claims to have been on vacation 10 Dec 2017. And on 11 Dec 2017, OP finds his NetSol account locked, and PPD.com had been removed from his account.

upload_2018-1-11_19-25-50.png
 
Last edited:
0
•••
0
•••
Provide your information with proof to the government of the country where that man reside. Also request that government for assistance related to this matter because indirectly it defames that country also.

The registrar of the domain must investigate and help followed by any instruction of any superior authority(govt.).
 
0
•••
first:209.85.218.67
scound:74.125.82.193
These two ip was his usually used that i can see it in my email.
Time zone was UTC+02:00

How did you obtain these IP addresses? Can you please screenshot. Need proof to confirm you extracted the proper IP addresses...

Gmail help forum has a hit (2010) regarding 74.125.82.193 -- "I want to know location of email sender by unkown user from gmail" HERE

You will need a court order to subpoena Google for additional information behind account [email protected].
 
Last edited:
0
•••
1
•••
Last edited:
1
•••
你是如何获得这些IP地址的?你能截图吗?需要证明确认你提取了正确的IP地址...

Gmail的帮助论坛有一个关于74.125.82.193(2010年) - “我想知道由Gmail的未知用户的电子邮件发件人的位置” 这里

您需要法院命令才能传递Google帐户[email protected]背后的其他信息。
upload_2018-1-12_11-46-25.png
upload_2018-1-12_11-46-46.png
 
1
•••
很酷。现在,您可以发送您声明与[email protected]有关PDD.com 的谈判电子邮件 ...

如果没有这样的电子邮件,这是不知道你是如何同意的价格,或决定使用托管。

这是你在这个线程中第四次被要求...
Here you go.
 

Attachments

  • PDD.COM.docx
    4.9 MB · Views: 105
1
•••
3
•••
VDG.com sells via sedo auction.10 bids. USA Seller. 2017 sedo creation date.upload_2018-1-12_1-32-37.png
upload_2018-1-12_1-21-55.png


A month later Patrick offers OP VDG.com for $16k...

upload_2018-1-12_1-21-24.png


On or around 7 Jan 2018 -- VDG.com WHOIS updates to LWCRST MRKTNG. VDG.com transfers out of NetSol, and into GoDaddy. Tagging GoDaddy reps @Paul Nicks and @Joe Styler so somebody from GD is aware...

upload_2018-1-12_1-24-10.png
 
Last edited:
0
•••
Just a quick comment about privacy going on and off and on at Netsol, especially at weekends:
Worth checking - is that a know glitch?

I say that because there was a known issue at Moniker.com where privacy would spontaneously go off and on, like it was blinking repeatedly.
 
0
•••
0
•••
VDG.com sells via sedo auction.10 bids. USA Seller. 2017 sedo creation date.Show attachment 77572
Show attachment 77569

A month later Patrick offers OP VDG.com for $16k...

Show attachment 77568

On or around 7 Jan 2018 -- VDG.com WHOIS updates to LWCRST MRKTNG. VDG.com transfers out of NetSol, and into GoDaddy. Tagging GoDaddy reps @Paul Nicks and @Joe Styler so somebody from GD is aware...

Show attachment 77570
I'm not sure what you are asking? If you are saying you think the domain is stolen please have the domain owner contact us via his registrar who can let us know if the transfer was bad.
 
0
•••
I'm not sure what you are asking? If you are saying you think the domain is stolen please have the domain owner contact us via his registrar who can let us know if the transfer was bad.

... and how would I do that if I do not know who the domain owner was? WHOIS privacy...

It looks like @American was sold a stolen domain. Possibly two stolen domains. And if so, whomever sold him those two stolen domain, also offered him VDG.com before it was transferred to GD.

If it turns out @American did in fact purchase two stolen domains from the same person who offered him VDG.com, is it not possible that the third domain (VDG) could also have been stolen?

Now, I'm not asking you to speculate on the above rhetorical / speculative question. In an ideal world, given this revealed information, GoDaddy stolen domain department, would communicate with NetSol stolen domain department. Though, GD prob needs NetSol to contact GD first. An important question to be asked (as I am not directly involved) is if @American had sent NetSol the negotiation emails, he just posted on this forum. Because, if so, I would think (hope) NetSol would have looked into VDG.com, seeing as it was also offered.

Anyways, @Joe Styler, thank you for the quick response. Not sure if you've been following this thread, but I don't think we have all the facts yet.
 
Last edited:
3
•••
I have not been following it which is why i asked what was happening. 11 pages is a lot to read. If a domain name is stolen and moved to us we need proof. That can come in one of two ways. The original registrant can contact the registrar they registered the domain name with and explain to them what happened at which point they contact us and we work on it with them. Or a governing authority can tell us to move the domain somewhere, i.e. a court /legal/ governmental order, arbitration panel like udrp or wipo, verisign, etc. depending on the various facts of the domain movement some or all of these could come into play.
We take domain theft very seriously and will work with the right parties to resolve things.
 
3
•••
... and how would I do that if I do not know who the domain owner was? WHOIS privacy...

It looks like @American was sold a stolen domain. Possibly two stolen domains. And if so, whomever sold him those two stolen domain, also offered him VDG.com before it was transferred to GD.

If it turns out @American did in fact purchase two stolen domains from the same person who offered him VDG.com, is it not possible that the third domain (VDG) could also have been stolen?

Now, I'm not asking you to speculate on the above rhetorical / speculative question. In an ideal world, given this revealed information, GoDaddy stolen domain department, would communicate with NetSol stolen domain department. Though, GD prob needs NetSol to contact GD first. An important question to be asked (as I am not directly involved) is if @American had sent NetSol the negotiation emails, he just posted on this forum. Because, if so, I would think (hope) NetSol would have looked into VDG.com, seeing as it was also offered.

Anyways, @Joe Styler, thank you for the quick response. Not sure if you've been following this thread, but I don't think we have all the facts yet.

Here's another scenario, if VDG is not stolen. That Patrick must be an IT consultant of PDD or works for PDD and also worked on a project for the accounting firm. Notice the distance, MO and IN are very close.

So let's say VDG is not stolen. Meaning whoever Patrick is, he worked for both PDD and the accounting firm at some point, and that PDD may have sold it to him for years ago, and VDG also sold it to him cheap. He decides to make a quick buck, by reporting it stolen, since VDG is always on privacy for more than a year.

In this case we may have a serial thief who is a real person somewhere in IN or MO, working for both the IT and accounting companies.

--------------
Basically domain PDD was reported stolen, and same person sold VDG, which comes to a conclusion that VDG must be stolen also. Now if Goddady say there is no report of stolen domain on VDG, which means that the thief is a legitimate buyer of VDG. And the approximate location of the two companies are very close, and base on the analysis done before that PDD is out of business or changed its business, and that someone inquired about PDD a long time ago but never got a respond. I think Patrick is a real person that probably is selling these domains more than once and reported it stolen so he can do it again. Because the email is @pdd or @VDG at some point.
 
Last edited:
2
•••
Here's another scenario, if VDG is not stolen. That Patrick must be an IT consultant of PDD or works for PDD and also worked on a project for the accounting firm. Notice the distance, MO and IN are very close.

So let's say VDG is not stolen. Meaning whoever Patrick is, he worked for both PDD and the accounting firm at some point, and that PDD may have sold it to him for years ago, and VDG also sold it to him cheap. He decides to make a quick buck, by reporting it stolen, since VDG is always on privacy for more than a year.

In this case we may have a serial thief who is a real person somewhere in IN or MO, working for both the IT and accounting companies.

Have you read the email transcript @American attached in a post a few posts up?

It reveals some insight that may change your perspective.
 
1
•••
I read the attached. Patrick said he's a broker for both domains, close friend of the owner.
At the end, he signed as "Stas K" which I don't know, Russian????

This now makes me think further, that there is an IT consultant working with both the accounting VDG and PDD the IT company. Somehow Patrick is that consultant or a friend of that consultant, so it confirms my thinking that there are 2 thiefs, and there is an insider! So according to Godaddy, there is no report of VDG as stolen. Which confirms that Patrick is a real person that is somehow connect to PDD & VDG and both companies are in close distance.

And the whois for most part was private or @VDG or @pdd, which means, the thiefs were selling it and reporting stolen so it goes right back to them, and resold again!
 
Last edited:
1
•••
(1)
upload_2018-1-12_14-45-25.png

(2)
upload_2018-1-12_14-45-49.png

(3)
upload_2018-1-12_14-46-2.png

(4)
upload_2018-1-12_14-46-29.png

(5)
upload_2018-1-12_14-46-38.png

(6)
upload_2018-1-12_14-46-45.png

(7)
upload_2018-1-12_14-47-5.png

(8)
upload_2018-1-12_14-47-14.png

(9)
upload_2018-1-12_14-47-23.png

(10)
upload_2018-1-12_14-47-31.png
 
2
•••
Back