alert The fund can't be withdrawal from Epik.com via Masterbucks wallet

[enamebroker]

It happened on 23rd Aug 2022 and this matter lasted almost one month without any process. Masterbucks.com declined my fund withdrawal and disabled the button of fund withdrawal. And I contacted Epik.com and got no further action even if Rob Monster got involved in it for two weeks. All the time I was told in email by management review.

What is wrong with Epik.com? Do you think it is normal to disable fund withdrawal? How can I get back my fund from Epik.com? Thanks for your suggestion.

 

[bmugford]

I'm confused. They owe Epik money?

Yeah, might want to rephrase that to something like "Epik owes me money". I will retweet it.

Brad

 

[TheBuyerz]

Sorry, I modified it!!!

Thank you for that!

https://twitter.com/x/status/1619014354577555456

 

[tonyk2000]

Here are the top domains, by Esitbot value.

Interesting. Somewhat expected.
And, for the sake of completness, oldest domains (created in 1995-1998). The lists do have a lot in common...

(oldest first)

harddrives.com
redwine.com
coyote-creek.com
onlinetravel.com
patterns.com
metrovideo.com
weiners.com
bonart.com
internetv.com
orphans.com
etowns.com
acmeauto.com
snow-bird.com
utopiatravel.com
upssystem.com
notebookcomputers.com
copy-cat.com
omegaenterprises.com
businessservices.com
wild-boar.com
french-market.com
chuck-wagon.com
discount-golf.com
laptopcomputers.com
bleiswijk.com
wateringen.com
business-loans.com
sport-horse.com
vriezenveen.com
caribbean-cruises.com
discount-airfares.com
nightstars.com
municipal-bonds.com
banking-services.com
puzzleworld.com
voltaic.com
vantaggio.com
v8s.com
comic-book.com
momsapplepie.com
christmas-cards.com
orientcruises.com
hollywood-boulevard.com
wolf-den.com
novaradio.com
usacapital.com
zanesvilleoh.com
timelessimages.com
voorbeeld.com
city-maps.com
woodsinn.com
anzianos.com
mariholden.com
examinationtable.com
wetzler.com
fedweb.com
country-roads.com
argentinavirtual.com
stgeorgehotel.com
greenflooring.com
passion-fruit.com
penny-pincher.com
cocaine-addiction.com
theun.com
handcuffed.com
littledreams.com
springfieldrealtors.com
rail-travel.com
childrenslibrary.com
ultraviolence.com
stevierichards.com
life-sucks.com
badbug.com
crystal-bay.com
baby-girl.com
virtual-store.com
rochestertravel.com
linuxnotes.com
negotiationtips.com
free-rent.com
tool-rental.com
indiawedding.com
millingtonhomes.com
no1foryou.com
click21.com
flower-arrangement.com
k9rescue.com

 

[bmugford]

Just finished to check one by one all the domains on the list of 5000 that was posted yesterday, I find 81 domains THAT ARE MINE, that was first moved to Mr. Monster account and later sold, there are also domains that are still on the epik account but not my account, on this 81 domains I was able to recover just 7 domains, and you know what I recovered the domains because I received an email from them that was offering to sell me, you know what I mean, they tried to sell me MY DOMAINS, anyway as stated below are the results, now we are working on put together the list of almost 30.000 domains I had with epik, can you imagine how many other domains left my account I will discover?

all the domains stolen, transferred, sold or still on the epik account has offers even for 5 HIGH $ 5 digit, all the domain has the landing page of epik so Mr. Monster has the ability to see all the data about offers

iexcite.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
sospensione.com stolen, key-systems.net, NS1.NDSPLITTER.COM
mentali.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
eliminati.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
flusso.com stolen, key-systems.net, NS1.NDSPLITTER.COM
reelstudios.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
mirata.com stolen, key-systems.net, NS1.NDSPLITTER.COM
rauti.com stolen, key-systems.net, NS1.NDSPLITTER.COM
barnello.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
falcetti.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
drammatica.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
interlogo.com epik NS1.MYTRAFFICMANAGEMENT.COM
salvare.com stolen, key-systems.net, NS1.NDSPLITTER.COM
solvente.com stolen, key-systems.net, NS1.NDSPLITTER.COM
carpanzano.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
resistente.com stolen, key-systems.net, NS1.NDSPLITTER.COM
blackghost.com stolen, key-systems.net, NS1.NDSPLITTER.COM
kiwihotel.com stolen, key-systems.net, NS1.NDSPLITTER.COM
neoquest.com stolen, key-systems.net, NS1.NDSPLITTER.COM
bendo.com stolen, key-systems.net, NS1.NDSPLITTER.COM
professia.com stolen, key-systems.net, NS1.NDSPLITTER.COM
olympo.com stolen, key-systems.net, NS1.NDSPLITTER.COM
ciclano.com stolen, key-systems.net, NS1.NDSPLITTER.COM
reila.com stolen, key-systems.net, NS1.NDSPLITTER.COM
spadafore.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
pellicola.com stolen, key-systems.net, NS1.NDSPLITTER.COM
valido.com stolen, key-systems.net, NS1.NDSPLITTER.COM
subiti.com stolen, key-systems.net, NS1.NDSPLITTER.COM
allevo.com stolen, key-systems.net, NS1.NDSPLITTER.COM
dripper.com stolen, namecheap.com COLEMAN.NS.CLOUDFLARE.COM
autonomi.com stolen, key-systems.net, NS1.NDSPLITTER.COM
bambolina.com stolen, key-systems.net, NS1.NDSPLITTER.COM
mistergo.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
abbiocco.com epik, not on my account, NS1.MYTRAFFICMANAGEMENT.COM
badguy.com stolen, key-systems.net, NS1.NDSPLITTER.COM
namedevelopers.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
filmstaden.com stolen, key-systems.net, NS1.NDSPLITTER.COM
lusters.com stolen, key-systems.net, NS1.NDSPLITTER.COM
virro.com stolen, key-systems.net, NS1.NDSPLITTER.COM
hotelib.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
accellerate.com stolen, key-systems.net, NS1.NDSPLITTER.COM
kraza.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
orbitc.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
invitare.com stolen, key-systems.net, NS1.NDSPLITTER.COM
cmpro.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
lo1.com stolen, key-systems.net, NS1.NDSPLITTER.COM
duncancampbell.com stolen, domains.google, NS-CLOUD-E1.GOOGLEDOMAINS.COM
mariha.com stolen, key-systems.net, NS1.NDSPLITTER.COM
garantiti.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
termini.net stolen, key-systems.net, NS1.NDSPLITTER.COM
bettina.net stolen, key-systems.net, NS1.NDSPLITTER.COM
responds.com stolen, key-systems.net, NS1.NDSPLITTER.COM
pokerroomitalia.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
tavernetta.com stolen, key-systems.net, NS1.NDSPLITTER.COM
exclamacion.com stolen, key-systems.net, NS1.NDSPLITTER.COM
familienmagazin.com stolen, key-systems.net, NS1.NDSPLITTER.COM
cantante.com stolen, key-systems.net, NS1.NDSPLITTER.COM
alabamaoffroad.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
davesstuff.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
jingang.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
skychief.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
apogeecapital.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
mycopilot.com stolen, cloudflare.com, BARBARA.NS.CLOUDFLARE.COM
citipix.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
boggers.com stolen, key-systems.net, NS1.NDSPLITTER.COM
a1pr.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
forcade.com stolen, key-systems.net, NS1.NDSPLITTER.COM
deroy.com stolen, key-systems.net, NS1.NDSPLITTER.COM
educommerce.com stolen, key-systems.net, NS1.NDSPLITTER.COM
riveli.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
legalfake.com epik, not on my account NS1.MYTRAFFICMANAGEMENT.COM
ciclismo.net stolen, namebright.com, NS1.SEDOPARKING.COM
recita.com stolen, dynadot.com, NS5.AFTERNIC.COM
spagna.net stolen, dynadot.com, NS1.SEDOPARKING.COM


recovered because of their email promotion
affirmations.com
arrivo.com
calma.com
churrasco.com
cityclub.com
latia.com
vestido.com

From this list of domains, the following (36) were on the transfer to Key Systems (1/24 update) list -

exclamacion.com
neoquest.com
professia.com
rauti.com
lo1.com
solvente.com
pellicola.com
mariha.com
bendo.com
deroy.com
bambolina.com
cantante.com
forcade.com
reila.com
ciclano.com
blackghost.com
kiwihotel.com
salvare.com
lusters.com
sospensione.com
tavernetta.com
mirata.com
responds.com
allevo.com
boggers.com
flusso.com
resistente.com
olympo.com
subiti.com
badguy.com
invitare.com
familienmagazin.com
accellerate.com
educommerce.com
virro.com
filmstaden.com

Brad

 

[Igor Gabrielan]

If non-payment of escrow money could be tried to be justified by unprofitable activities and eating away in the form of salaries, then the theft of domains shows that the company has long been engaged in crime.

 

[topdom]

So looks like Epik is stealing domains, not only money. Why are they allowed to do this. Our domains should be connected to us at registry or icann level, and if we lose a domain we should be informed about it. I mean, if the connection between admin email and domain is lost, then the old owner should know when and how domain changed hands.
Why can't anyone stop this horrror and terror. Is the legal system so dumb.

 

[bmugford]

Why can't anyone stop this horrror and terror. Is the legal system so dumb.

I am not sure they are as dumb as they are slow.

Unfortunately in this case, the list of victims appears to be growing.

Brad

 

[Future Sensors]

Why are they allowed to do this.

They're not

 

[Future Sensors]

Being able to anonymize whois data has been a great gift to Rob Monster. This enabled Epik to mess around with domain ownership a lot.

https://domainnamewire.com/2019/03/12/on-privacy-and-information/

 

[Gube]

So looks like Epik is stealing domains, not only money. Why are they allowed to do this. Our domains should be connected to us at registry or icann level, and if we lose a domain we should be informed about it. I mean, if the connection between admin email and domain is lost, then the old owner should know when and how domain changed hands.
Why can't anyone stop this horrror and terror. Is the legal system so dumb.

https://www.icann.org/en/blogs/details/thick-whois-transition-update-30-6-2017-en
This *should* be coming one day.
Basically the goal is to allow the registry to see that data. This is not linked to the registrar's existing obligations such as having a complete backup of registrants info. ICANN has a process where every few months they verify registrars follow their rules; and if they don't, they receive a list of points to fix/work on. Usually only after multiple repeated "offenses" ICANN can take action.

 

[tonyk2000]

Even though recent pages of this thread raised a lot of questions about real ownership of some Epik-controlled domains, one would guess that at least some domains (allegedly) sold on 01/24 were rightfully owned by Epik (is it acceptable for a registrar to have an aftermarket portfolio, or to grab expired domains for itself, is another question). A lot of domains were sold as we see. (remaining) Epik staff is reading this thread, no doubts. Any plans to start paying masterbucks debts with the $$$ received?

Epik was previously stating, indirectly /and I think directly/ that it is Christian Business.

So -

Proverbs 3:27-28
Do not withhold good from those to whom it is due,
When it is in your power to do it.
Do not say to your neighbor, “Go, and come back,
And tomorrow I will give it,”
When you have it with you.

Romans 13:7-8
Render to all what is due them: tax to whom tax is due; custom to whom custom; fear to whom fear; honor to whom honor. Owe nothing to anyone except to love one another; for he who loves his neighbor has fulfilled the law.

Ecclesiastes 5:5
It is better that you should not vow than that you should vow and not pay.

 

[bmugford]

Being able to anonymize whois data has been a great gift to Rob Monster. This enabled Epik to mess around with domain ownership a lot.

https://domainnamewire.com/2019/03/12/on-privacy-and-information/

Show attachment 231071

I guess WHOIS privacy is a real gift, when it comes to the grift.

Epik was previously stating, indirectly /and I think directly/ that it is Christian Business.

The funny thing is the majority of the businesses in the US at least are a "Christian business" because that is the majority of people. However, they just run their businesses.

Most don't go out of their way to market themselves as some Christian free speech warriors.
That is Epik's shtick. I don't think what they have done is so "Godly".

Brad

 

[bmugford]

Even though recent pages of this thread raised a lot of questions about real ownership of some Epik-controlled domains, one would guess that at least some domains (allegedly) sold on 01/24 were rightfully owned by Epik (is it acceptable for a registrar to have an aftermarket portfolio, or to grab expired domains for itself, is another question). A lot of domains were sold as we see. (remaining) Epik staff is reading this thread, no doubts. Any plans to start paying masterbucks debts with the $$$ received?

Epik was previously stating, indirectly /and I think directly/ that it is Christian Business.

So -

Proverbs 3:27-28
Do not withhold good from those to whom it is due,
When it is in your power to do it.
Do not say to your neighbor, “Go, and come back,
And tomorrow I will give it,”
When you have it with you.

Romans 13:7-8
Render to all what is due them: tax to whom tax is due; custom to whom custom; fear to whom fear; honor to whom honor. Owe nothing to anyone except to love one another; for he who loves his neighbor has fulfilled the law.

Ecclesiastes 5:5
It is better that you should not vow than that you should vow and not pay.

Yes, some were clearly actually owned by Epik. That is why I started with the list that were tied to Epik emails.
Some of those domains might have questions, but not like many of the others.

Again, we are assuming this is a sale. At this point there is no proof of that.

There is just a transfer of domains away from Epik. There could be other reasons for this, like trying to separate the assets from Epik.

But right at the top of the list in value, you have Patterns.com.
Epik reportedly took illegitimate possession of this domain.

Here is what Bill Hartzer said about that -

The stolen domain name Patterns was recovered via UDRP and it should have been transferred to the original registrant, the true owner of the domain name.

The right thing to do here is for Epik Inc to immediately transfer ownership of Patterns to the original registrant, the one who won the UDRP.

I just recently (yesterday) learned that even though there is an agreement in place to split the proceeds of the sale of the domain name, Epik has decided that the domain name is theirs (apparently) and the original registrant has no rights to the domain name. To put it mildly, I am furious that Epik is doing this. There are SO many things wrong with this.

Instead of Epik returning this valuable domain, it was transferred.

Brad

 

[Michele Dinoia]

3 days ago I wrote an email to key-systems registrar alerting them that the domains (mine) was stolen, and they answered this:
Volker Greimann (Key-Systems)


25 Jan 2023, 14:42 UTC


Dear Michele,

our customer has informed us that these domain names were purchased earlier this month as part of a larger domain portfolio. The seller has contractually assured our customer that he is the owner and has the right to sell them. In addition, the seller had the AuthCodes for the transfer of the domains. They agreed to contact the seller immediately and try to clarify the facts.

From our end, we are unable to determine the facts of the matter, however the transfer policy has been followed.

We recommend contacting your previous registrar to establish the facts of the transfers and request that they initiate a transfer dispute if a fraudulent transfer can be established.

 

[bmugford]

3 days ago I wrote an email to key-systems registrar alerting them that the domains (mine) was stolen, and they answered this:
Volker Greimann (Key-Systems)


25 Jan 2023, 14:42 UTC


Dear Michele,

our customer has informed us that these domain names were purchased earlier this month as part of a larger domain portfolio. The seller has contractually assured our customer that he is the owner and has the right to sell them. In addition, the seller had the AuthCodes for the transfer of the domains. They agreed to contact the seller immediately and try to clarify the facts.

From our end, we are unable to determine the facts of the matter, however the transfer policy has been followed.

We recommend contacting your previous registrar to establish the facts of the transfers and request that they initiate a transfer dispute if a fraudulent transfer can be established.

Interesting. I understand their reasoning.

Though at the end of the day, if any domains were sold without authorization they will need to be returned. The buyer would then have a claim against Epik.

There is no situation where a third party just gets to sell your domains, and the buyer gets to keep them if they were an unauthorized transfer.

You can only sell domains you have the rights to sell. Did they have the right to sell Patterns.com?
It sure doesn't seem like it. That also was one of the flagship domains in the portfolio.

Brad

 

[tonyk2000]

@Michele Dinoia were you able to compose full complete list of missed domains? And, just in case, is it possible that you actually forgot to renew some? Hope not, but it is a valid question in current context...

 

[Future Sensors]

I have not been asked to recover a domain or actually recovered a domain stolen by Rob or Epik.

Would you be willing to help @Michele Dinoia if requested?

 

[bmugford]

For a minute, let's assume the portfolio sale was totally legit...

So, how many outstanding customer debts has Epik paid? Exactly.

If they sold this portfolio, where is the money going otherwise?

Brad

 

[tonyk2000]

You can only sell domains you have the rights to sell. Did they have the right to sell Patterns.com?

We're actually dealing with something unprecedented here. Being ~20 years in domaining, I though I've seen _everything_ (including for example the recent case when a registrar /SAV/ transferred a domain of their customer to SAV's GoDaddy account). It seems I was mistaken. Something new each day...

I'd say @Michele Dinoia should hire an attorney ASAP. US-based and familiar with domain-related issues. John Berryhill, Stevan Lieberman, Ari Goldberger ...

 

[Michele Dinoia]

@Michele Dinoia were you able to compose full complete list of missed domains? And, just in case, is it possible that you actually forgot to renew some? Hope not, but it is a valid question in current context...

almost there with rebuilding my portfolio of domains, there are thousands missed, I never let a domain expire unless was something like wwwfhshfshsdj.com that maybe 15 years ago was doing some $ parked

 

[Derek Peterson]

Since we all now know that Monster was running Epik as a giant personal piggy bank and stealing from people in every possible way his evil, devious mind could dream up I want to throw this theory out there for everyone to consider, since we are seeing so many reports of stolen domains and Epik's response seems to be, "it expired, it's your fault please contact legal @ epik. com"

Is it possible that Epik could edit those expiration dates manually and say push date out 9 months or so people think their domain is good to go, turn off notifications and then when domain actually expires snatch it and put date back to proper date. I guess those exp dates are just pulled from the registry (correct if wrong) but they could easily be edited in admin panel to show whatever. Everyone just trusts that date to be the correct date and no one hundreds or especially thousands will ever go do a lookup to double check it.

Maybe someone with access to the Epik code, which is all available online thanks to the Epik hack, can look into it and see how the Expiration dates are generated and if there is an easy way for admin to overwrite that date manually and then later restore.

 

[bmugford]

Epik is well known for thumbing their nose at regulations and licensing, like with escrow for instance.

How about with insurance?

In April 2022, Epik was sent a C&D order and a fine was imposed by the Washington State Office of the Insurance Commissioner (OIC).

The parties listed were Epik Holdings Inc., Epik Inc., DNProtect, and Rob Monster.

Each party was listed as unauthorized or unlicensed to offer insurance.

A status conference was held on 1/3/2023.

A default judgement was ordered against Epik Holdings Inc., Epik Inc., and Rob Monster after they failed to appear.

This was settled only days ago, on 1/19/23 by a consent order.

(This information is publicly available on the Washington State OIC website - https://fortress.wa.gov/oic/consumertoolkit/Search.aspx?searchtype=ord)

Brad

 

[jmcc]

This was settled only days ago, on 1/19/23 by a consent order.

The certificate of service shows that it was delivered via email to Rob Monster's Epik e-mail address.

Regards...jmcc

 

[uaonline]

I guess those exp dates are just pulled from the registry (correct if wrong) but they could easily be edited in admin panel to show whatever.

from breach, of the 1.5m logins attempts recorded at epik, 70k are admin override login into accounts. they login to customer accounts from ips in usa, india, germany, russia and more countries.

let me ask this question: is it ok to move a domain to another account 2 days after a domain expired? isn't there a grace period?

 

[bmugford]

let me ask this question: is it ok to move a domain to another account 2 days after a domain expired? isn't there a grace period?

Outside potential oddball extensions, and some ccTLD, that is not something I have heard of with legacy extensions.

I am not sure what is required, but I will say that it is not reasonable for a registrar to just take the domain after it has been expired for (2) days. There is supposed to be some grace period.

Brad