IT.COM

analysis Major Fraud Operation - Need a report from DomainTools.com if someone has membership.

NameSilo
Watch

Super-Annuation

#Top Member
Impact
1,065
upload_2021-4-14_3-14-22.png


Above is the ARIN fraud report submission

This is the email from auDA for the first site in below text


upload_2021-4-14_3-15-27.png


Domain: LogoInfinix.com.au
ABN: 42115829257
Email: [email protected]
Name: Kristy Tate
Registrant: Chen Hao - CHEN HAO CONSULTING PTY LTD (possible) 55 638 442 029
(auDA are bringing these guys down for me within 14 days (just received email,) site being taken away, can show email)



LogoInfinix.com - Same site



LogoInfynix.com - Same site



nexusghostwriting.com - Site Down - on same server (Run by Digital Blue Ocean LLC)



NexusIllustration.com - Scam Site - I Reported to Tawk.to legal action team as advised by person speaking to me
[email protected]
+1 469-555-2292



AceIllustrationz.com - Scam Site - On Same Server
Email Us:[email protected]
Call Us:+1-888-297-2482



ASPIRE GHOSTWRITING - Scam Site - Same Server
aspyreghostwriting.com/
https://www.facebook.com/Aspire-Ghostwriting-102727125017211/
1151 S Hill St H300,
Los Angeles, CA 90015
[email protected]
+1-877-313-2877(Sales)
+1-213-769-1019 (Support)



Applisticx.com - Site Down



amgtpbblh.pw - Site Down



Now I Googled Digital Ocean LLC and I cam across the next site.



ipqualityscore.com
This site gave me the details for Digital Ocean LLC which is hosting the 72 domain names (some mentioned above) and the name Digital Ocean LLC came from DomainTools.com. Same server run by Digital Ocean LLC!
Phone: Call Us Call us at +1 (800) 713-2618
Email: Call Us [email protected]
Live Chat: Call Us Chat with a specialist now!



The site below is on the same server as the rest above.


fxforyouandme.com - Phony Investment Site - Same amount of domain names hosted on as ipqualityscore.com (which is hosted on the server all the above are on,) which gave me the details for Digital Ocean LLC plus shares same number of websites on server as Digital Ocean LLC, Who are hosting the above domain names / fraud services



Now all of these share Digital Ocean LLC nameserver with 72 domain names, and all of which are phony services.
I'm contacting ARIN and getting them to bring this shit down, and ICANN to strip the domain names away because mostly USA jurisdiction. auDA have already done this for the first domain name (logoinfinix.com.au)

I hate scammers!

Can anyone who has membership to DomainTools.com get the full report of Domain Names on server as the above domains? It cost $50 and I cannot be F##KED to pay money for this exercise.
 
Last edited:
1
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
I'm confused, why (and what) did you report to ARIN?

My confusion is probably because I'm missing some context. Could you provide some?
 
7
•••
1) LogoInfinix.com.au have been taken down (evidence above) because I reported them to auDA as they were a scam service

2) LogoInfinix.com, LogoInfinyx.com are still up and running. They're a scam service that just take money.

3) The server the above 3 domain names are on host 72 other domains, all of which are scam services.

4) The company behind the server is DigitalOcean, and they have many comments on their website stating scam, no refund, business failing etc, yet they're trading at $43.00. Now I'm not certain, but I imagine they have compliance obligations here, and it can't be a coincidence that all 72 websites are scam services on the RapidServer360.com server.

5) ARIN should be involved here regarding the designation of numbers and I'm curious as I can't find the server block for all domains using IPv4Info.com. I'm not sure if anything suspicious is happening regarding IP designation, but I thought they should know.

6) I'm going to email ICANN and Afternic regarding the use of the domain names being fraudulent and scam services given the obligations of both, predominantly registrars monitoring use and responding to fraud claims

7) Here is some information regarding the first service which led me to the corrupt server: https://whois.domaintools.com/logoinfinix.com

8) and here is the reverse lookup for all domains that I want a report of: https://reversens.domaintools.com/search/?q=rapidserver360.com

If someone could get that report and send me a list of all the domains on the server, I would appreciate it very much.
 
0
•••
Who uses .com.au? What a mouthful.

At least “De” for “De” Germans is short, if at all.

.Com or go home. Cant say, i’m surprised.
 
Last edited:
1
•••
Who uses .com.au? What a mouthful

At least “De” for “De” Germans is short,


It's a sub-service of their 2x .com domains. They're targeting Australian people. I couldn't have that.
 
2
•••
Just filled out complaint form in Word, and emailed UDRP; [email protected]

These are the domains (out of the 72 I have access to) I am requesting action so far (LogoInfinix.com.au already taken down, perfect):

Disputed Domain Name(s):

LogoInfinix.com


LogoInfynix.com

VideoInfinix.com

WebdesignInfinix.com

AspyreGhostwriting.com

NexusGhostwriting.com

Applisticx.com

FXForYouAndMe.com (This one is simply horrible)
 
0
•••
Just filled out complaint form in Word, and emailed UDRP; [email protected]

These are the domains (out of the 72 I have access to) I am requesting action so far (LogoInfinix.com.au already taken down, perfect):

Disputed Domain Name(s):

LogoInfinix.com


LogoInfynix.com

VideoInfinix.com

WebdesignInfinix.com

AspyreGhostwriting.com

NexusGhostwriting.com

Applisticx.com

FXForYouAndMe.com (This one is simply horrible)

I am confused. UDRP is for trademark and simular disputes.

You need standing, aka your brand is being infringed on. Someone with no tie to the domain or brand doesn't have standing, as far as UDRP is concerned.

Brad
 
3
•••
The company behind the server is DigitalOcean, and they have many comments on their website stating scam, no refund, business failing etc, yet they're trading at $43.00
DigitalOcean is a cloud hosting service provider. You might as well get mad at Intel since whatever scammers do is being possible thanks to Intel processors.
 
2
•••
I am confused. UDRP is for trademark and simular disputes.

You need standing, aka your brand is being infringed on. Someone with no tie to the domain or brand doesn't have standing, as far as UDRP is concerned.

Brad


"A copy of this Complaint has also been sent to the Registrar(s) with which the domain name(s) that is/are the subject of the Complaint is/are registered."

This is at the bottom of the second page for disputes. I want to make the registrar aware of the complaint. The document allows for disputes for misuse of a domain in regards to fraud. Grey, but it should start things. I want every service provided by each of the domains on the server looked at.

Thanks though. auDA worked with me on this, hopefully it'll support a bigger case. Can't hurt.

I'm familiar with their relationship with WIPO.
 
0
•••
DigitalOcean is a cloud hosting service provider. You might as well get mad at Intel since whatever scammers do is being possible thanks to Intel processors.


Yet they don't even have a phone number. Long short I think.
 
0
•••
So @Super-Annuation, if I understand this correctly, auDA have acted very quickly to shut down a .com.au site that was in breach of auDA policy?

@Samer, yes it's a mouthful, but most Australian businesses use .com.au because it is tightly regulated and controlled.

This is a good example of why it is so trusted in Australia - .com.au can only be registered by citizens with registered businesses, tax-file numbers or similar, so owners are easy to track down and be prosecuted if they have broken the law. I'm not sure exactly what has allegedly transpired in this case, so won't get involved in that.
 
Last edited:
6
•••
I looked up digital ocean a few weeks ago can't even remember why but ignored it.
 
1
•••
But why do we want to be an Internet Cop?
 
2
•••
Hi @Super-Annuation

I was triggered because you started your posting with a report to ARIN. So, let me focus on the Internet Number Resource Fraud Reporting service at ARIN. This service is not intended for reporting things like you're experiencing.

From the ARIN site:

Please note that this reporting process is NOT for reporting illegal or fraudulent Internet activity like network abuse, phishing, spam, identity theft, hacking, scams, or any other activity unrelated to the scope of ARIN’s mission.

https://www.arin.net/reference/tools/fraud_report/

All RIRs (RIPE NCC, ARIN, APNIC, AFRINIC, LACNIC) get tons of emails from concerned users, because they do a whois on an IP address and find out that the RIR is the source of the problem. Most of the time, this is not the case.


If you're seeing irregularities with organizations that operate under their own BGP ASN, and the abuse is clearly related to Internet number resources (e.g. BGP hijacking cases) or incorrect/fraudulent RIR whois information, you have a good chance of successfully reporting such a matter to the RIR.
 
1
•••
These are the domains (out of the 72 I have access to) ....

Disputed Domain Name(s):

Further, keep the websites/domains out of public eyes cos scammers can read too and disappear quickly.

Next. In cybersecurity world there are specific steps / rulers defined upfront and the registrar/ registry is not a very fast link to combat the problem.

Submit your complaint to the US IC3 department (read more).

If you are going to become Cyber sleuth, consider joining the IBM X-Force Threat Intelligence

Regards
 
1
•••
Yet they don't even have a phone number. Long short I think.

You can simply report them to DO, provide evidence and they'll take them down.

It's a rather straightforward process to be honest.

Not having a telephone number for support doesn't change much where it concerns your issue. No provider in their right mind will take down a client based on the odd phonecall they get.

Edit:
https://www.digitalocean.com/company/contact/

Report abuse, all the way at the bottom.
 
Last edited:
2
•••
So @Super-Annuation, if I understand this correctly, auDA have acted very quickly to shut down a .com.au site that was in breach of auDA policy?

@Samer, yes it's a mouthful, but most Australian businesses use .com.au because it is tightly regulated and controlled.

This is a good example of why it is so trusted in Australia - .com.au can only be registered by citizens with registered businesses, tax-file numbers or similar, so owners are easy to track down and be prosecuted if they have broken the law. I'm not sure exactly what has allegedly transpired in this case, so won't get involved in that.


Yes, they've been brilliant.
 
1
•••
But why do we want to be an Internet Cop?

I just don't want any Australian being scammed. It didn't take much time out of my day. "Internet Cop" lol love this.
 
0
•••
Further, keep the websites/domains out of public eyes cos scammers can read too and disappear quickly.

Next. In cybersecurity world there are specific steps / rulers defined upfront and the registrar/ registry is not a very fast link to combat the problem.

Submit your complaint to the US IC3 department (read more).

If you are going to become Cyber sleuth, consider joining the IBM X-Force Threat Intelligence

Regards

I appreciate your help here, LOX! I had no idea of this process, so thank you very much. Hopefully other people read this thread in an event like this, because your comment offers great help!

Don't think I have the brains for IBM lol.
 
1
•••
Found another one.

This time UK

-> eshconsultancy.co.uk (A guest speaker)

1) Just received an email saying account may be suspended at a particular registry.
2) Subject line was TheRegistryName: Account Suspended
3) A hyperlink that read "CLICK Here"
4) The body of the email read:

"thiѕ؜؜؜ р؜؜؜rо؜؜؜с؜؜؜е؜؜؜durе؜؜؜ iѕ؜؜؜ а؜؜؜utо؜؜؜mа؜؜؜tiс؜؜؜ а؜؜؜nd а؜؜؜imѕ؜؜؜ tо؜؜؜ ѕ؜؜؜trе؜؜؜nɡ؜؜؜thе؜؜؜n thе؜؜؜ ѕ؜؜؜е؜؜؜с؜؜؜uritу؜؜؜ о؜؜؜f о؜؜؜ur infrа؜؜؜ѕ؜؜؜truс؜؜؜turе؜؜؜.

Wе؜؜؜ thа؜؜؜nk у؜؜؜о؜؜؜u fо؜؜؜r у؜؜؜о؜؜؜ur truѕ؜؜؜t а؜؜؜nd о؜؜؜ur ѕ؜؜؜uр؜؜؜р؜؜؜о؜؜؜rt rе؜؜؜mа؜؜؜inѕ؜؜؜ а؜؜؜t у؜؜؜о؜؜؜ur diѕ؜؜؜р؜؜؜о؜؜؜ѕ؜؜؜а؜؜؜l if nе؜؜؜с؜؜؜е؜؜؜ѕ؜؜؜ѕ؜؜؜а؜؜؜rу؜؜؜.

Gо؜؜؜t quе؜؜؜ѕ؜؜؜tiо؜؜؜n? Simр؜؜؜lе؜؜؜ ɡ؜؜؜е؜؜؜t in tо؜؜؜uс؜؜؜h viа؜؜؜ livе؜؜؜ с؜؜؜hа؜؜؜t, р؜؜؜hо؜؜؜nе؜؜؜ о؜؜؜r е؜؜؜mа؜؜؜il. Wе؜؜؜'ll bе؜؜؜ hа؜؜؜р؜؜؜р؜؜؜у؜؜؜ tо؜؜؜ hе؜؜؜lр؜؜؜.

Wа؜؜؜rm rе؜؜؜ɡ؜؜؜а؜؜؜rdѕ؜؜؜

Н؜؜؜а؜؜؜rrу؜؜؜ В؜؜؜а؜؜؜kе؜؜؜r
В؜؜؜illinɡ؜؜؜ mа؜؜؜nа؜؜؜ɡ؜؜؜е؜؜؜r

Ϲ؜؜؜о؜؜؜р؜؜؜у؜؜؜riɡ؜؜؜ht : Р؜؜؜ti Ltd 13 080 859 721. а؜؜؜ll riɡ؜؜؜htѕ؜؜؜ rе؜؜؜ѕ؜؜؜е؜؜؜rvе؜؜؜d."

5) The email used is [email protected]
6) Here is the link. I haven't clicked Ϲ؜؜؜LIϹ؜؜؜К؜؜؜ Н؜؜؜Е؜؜؜RЕ
7) Microsoft says do not open the link



So another damn scammer...؜؜؜ Obvious one too which is pretty funny, but I think I should report them too.

This one has nothing to do with the above "consortium" if you will.
 
0
•••
Back