scam report against @ghostsender

[189]

TFm35muZovJ8Hur2eG3mMo1K1WJwbwPoQd
[font]Every thing is fine @ghostsender was refund my money and its a  misunderstanding from both sides [/font]
note : my english weak so pls try to understand

[1]

System bot message: @ghostsender (ghostsender) has been notified about this dispute via private messages and has 24hours to reply in this thread

[/url]

top ad by @briskybrisk [exp 14/07/24]

[/url]

mid ad [exp 15/07/24]

 

Taking care of cracked.io's leechers. Every day.
If you have a question regarding your leeching level, click here.

[66]

So first of all, its very hard to understand him. Some of his messages just doesnt make any sence.

So I saw his post on buyers bay (https://cracked.io/Thread-WTH-hacker-for...are-bypass) where he wanted the backend ip address of a cloudflare protected website.

So I dmed him and asked for the url and he sent me this url: https://lift-api.vfsglobal.com/ (cloudflare website, where everyone is blocked) (proof: https://ibb.co/F8nmyPy)

Then I asked for $100 for the backend ip + a site to scan for ips. (Yeah $100 is high but he accepted it, I would have also negotiated with him, it was just a start price)
I proofed him that I have access to the site (because its only possible with the backend since everyone is blocked by cloudflare) (proof: https://ibb.co/wrGsKMm)
And then he said "Youu good that the thing i want" wich means translated, that it is exactly what he needs. Then I told him we can use a mm, but since liars were offline he dmed me after some time and asked for some more screenshots of the site, and then he said send me your usdt trc20 address and he paid. (proof: https://ibb.co/grM0PSG)
Then I gave him the backend ip (http://46.101.226.197) of the cloudflare protected site (lift-api.vfsglobal.com/) and gave him the site where to scan for addresses.
And now the weird part begins. He dmed me and said its not the original api of this site and then said its: https://saint-martin-aux-bois.org. (proof: https://ibb.co/h1ndKQy) This new site he sent me points to the same address but has no cloudflare. And it looks like he claims now that I just got the address from this url because it has no cloudflare. But it is impossible because I sent him the backend + the method how todo it BEFORE he sent me this new url.

Everything can be verified:

https://lift-api.vfsglobal.com/ -> cloudflare protected site he gave me
http://46.101.226.197 -> backend ip of this site
https://search.censys.io/search?resource...global.com -> censys search result
https://saint-martin-aux-bois.org -> new url he sent me after everything [UPDATE: I get ERR_CONNECTION_REFUSED now, so I think this domain is offline now, very weird]

And then he just started writing weird stuff, and sent me a screen of his weird script not working and starting saying that its not the correct address.
Then he started deleting some messages but I managed to record it before.
Everything I'm saying can be verified, I recorded the whole chat.

So what I think is, he found this url on censys (saint-martin-aux-bois.org) and used it to say its a address of a different site, to get a refund. But the truth is that these 2 domains are pointed to the same address, wich is obvious because both are the EXACT same websites if you open them.

Where he was deleting messages: https://streamable.com/dsaaii
Full chat: https://streamable.com/thz57x

I've also sent everything to liars on telegram and I hope he will get banned fast.

[189]

hes given ip real url   he is not supplying what wanted see the forwarded dns  please 

and he says i am deleting the massage 

see this see this carefully who is deleting

please banned or refund from him   hes reputation also negative this type of guys are  making cracked a worst place

---

So first of all, its very hard to understand him. Some of his messages just doesnt make any sence.

So I saw his post on buyers bay (https://cracked.io/Thread-WTH-hacker-for...are-bypass) where he wanted the backend ip address of a cloudflare protected website.

So I dmed him and asked for the url and he sent me this url: https://lift-api.vfsglobal.com/ (cloudflare website, where everyone is blocked) (proof: https://ibb.co/F8nmyPy)

Then I asked for $100 for the backend ip + a site to scan for ips. (Yeah $100 is high but he accepted it, I would have also negotiated with him, it was just a start price)
I proofed him that I have access to the site (because its only possible with the backend since everyone is blocked by cloudflare) (proof: https://ibb.co/wrGsKMm)
And then he said "Youu good that the thing i want" wich means translated, that it is exactly what he needs. Then I told him we can use a mm, but since liars were offline he dmed me after some time and asked for some more screenshots of the site, and then he said send me your usdt trc20 address and he paid. (proof: https://ibb.co/grM0PSG)
Then I gave him the backend ip (http://46.101.226.197) of the cloudflare protected site (lift-api.vfsglobal.com/) and gave him the site where to scan for addresses.
And now the weird part begins. He dmed me and said its not the original api of this site and then said its: https://saint-martin-aux-bois.org. (proof: https://ibb.co/h1ndKQy) This new site he sent me points to the same address but has no cloudflare. And it looks like he claims now that I just got the address from this url because it has no cloudflare. But it is impossible because I sent him the backend + the method how todo it BEFORE he sent me this new url.

Everything can be verified:

https://lift-api.vfsglobal.com/ -> cloudflare protected site he gave me
http://46.101.226.197 -> backend ip of this site
https://search.censys.io/search?resource...global.com -> censys search result
https://saint-martin-aux-bois.org -> new url he sent me after everything [UPDATE: I get ERR_CONNECTION_REFUSED now, so I think this domain is offline now, very weird]

And then he just started writing weird stuff, and sent me a screen of his weird script not working and starting saying that its not the correct address.
Then he started deleting some messages but I managed to record it before.
Everything I'm saying can be verified, I recorded the whole chat.

Where he was deleting messages: https://streamable.com/dsaaii
Full chat: https://streamable.com/thz57x

I've also sent everything to liars on telegram and I hope he will get banned fast.

http://46.101.226.197   is this even a real ip of this    
https://lift-api.vfsglobal.com/    and you find it on censys you idiot  this is a global level company not shit like you a scammer and also a idiot if i get it from censys or shodan i do it myself why i am paying 100 usdt

[66]

hes given ip real url   he is not supplying what wanted see the forwarded dns  please 

and he says i am deleting the massage 

see this see this carefully who is deleting

please banned or refund from him   hes reputation also negative this type of guys are  making cracked a worst place

---

So first of all, its very hard to understand him. Some of his messages just doesnt make any sence.

So I saw his post on buyers bay (https://cracked.io/Thread-WTH-hacker-for...are-bypass) where he wanted the backend ip address of a cloudflare protected website.

So I dmed him and asked for the url and he sent me this url: https://lift-api.vfsglobal.com/ (cloudflare website, where everyone is blocked) (proof: https://ibb.co/F8nmyPy)

Then I asked for $100 for the backend ip + a site to scan for ips. (Yeah $100 is high but he accepted it, I would have also negotiated with him, it was just a start price)
I proofed him that I have access to the site (because its only possible with the backend since everyone is blocked by cloudflare) (proof: https://ibb.co/wrGsKMm)
And then he said "Youu good that the thing i want" wich means translated, that it is exactly what he needs. Then I told him we can use a mm, but since liars were offline he dmed me after some time and asked for some more screenshots of the site, and then he said send me your usdt trc20 address and he paid. (proof: https://ibb.co/grM0PSG)
Then I gave him the backend ip (http://46.101.226.197) of the cloudflare protected site (lift-api.vfsglobal.com/) and gave him the site where to scan for addresses.
And now the weird part begins. He dmed me and said its not the original api of this site and then said its: https://saint-martin-aux-bois.org. (proof: https://ibb.co/h1ndKQy) This new site he sent me points to the same address but has no cloudflare. And it looks like he claims now that I just got the address from this url because it has no cloudflare. But it is impossible because I sent him the backend + the method how todo it BEFORE he sent me this new url.

Everything can be verified:

https://lift-api.vfsglobal.com/ -> cloudflare protected site he gave me
http://46.101.226.197 -> backend ip of this site
https://search.censys.io/search?resource...global.com -> censys search result
https://saint-martin-aux-bois.org -> new url he sent me after everything [UPDATE: I get ERR_CONNECTION_REFUSED now, so I think this domain is offline now, very weird]

And then he just started writing weird stuff, and sent me a screen of his weird script not working and starting saying that its not the correct address.
Then he started deleting some messages but I managed to record it before.
Everything I'm saying can be verified, I recorded the whole chat.

Where he was deleting messages: https://streamable.com/dsaaii
Full chat: https://streamable.com/thz57x

I've also sent everything to liars on telegram and I hope he will get banned fast.

http://46.101.226.197   is this even a real ip of this    
https://lift-api.vfsglobal.com/    and you find it on censys you idiot  this is a global level company not shit like you a scammer and also a idiot if i get it from censys or shodan i do it myself why i am paying 100 usdt

If its not the backend ip, then why http://saint-martin-aux-bois.org/ and http://46.101.226.197/ point to the EXACTLY same site?
And also, you deleted messages LIVE while I was recording, so why are you lying?

[189]

Really its just recorded video of chats i can also that type of video and said this things bro the clear instructions is i need a real ip of vfsglobal not and bots severs ip you should give me my money back or the real ip of http://liftcn.vfsglobal.com/ of this domain

Dont make any other excuses


Or refund my money

[66]

Really its just recorded video of chats i can also that type of video and said this things bro the clear instructions is i need a real ip of vfsglobal not and bots severs ip you should give me my money back or the real ip of http://liftcn.vfsglobal.com/ of this domain

Dont make any other excuses


Or refund my money

I showed you the site before, you wanted more screenshots and then you agreed with it and I sent you the correct IP. I have proof for everything. And what is a "bots severs ip" now?

[189]

Now he blocked me pls moderator banned him