WhoIs mgmforex.com

This is a MALWARE INFESTED SITE.Logo_Fraudalert
mgmforex.png
Address lookup

canonical name :mgmforex.com
aliases :www.mgmforex.com
addresses :209.159.145.174
Domain Whois record

Queried whois.internic.net with “dom mgmforex.com”…

Domain Name: MGMFOREX.COM
Registry Domain ID: 1595568960_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.PublicDomainRegistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-01-24T21:54:53Z
Creation Date: 2010-05-03T21:30:33Z

Registry Expiry Date: 2024-05-03T21:30:33Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
Domain Status: clientTransferProhibited

Name Server: NS1.DNS-HOSTINGSOURCE.COM
Name Server: NS2.DNS-HOSTINGSOURCE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-10-15T18:25:28Z <<>> Last update of WHOIS database: 2017-10-15T18:25:41Z <<<

Network Whois record

Queried rwhois.trouble-free.net with "209.159.145.174"…

%rwhois V-1.5:003fff:00 city.trouble-free.net (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-INTSRV.209.159.144.0/20
network:Auth-Area:209.159.144.0/20
network:Network-Name:INTSRV-209.159.145.128
network:IP-Network:209.159.145.128/25
network:Org-Name:Hostingsource
network:Street-Address:10 Cypress Lane
network:City:NY
network:State:Plainview
network:Postal-Code:11803
network:Country-Code:US
network:Created:20091125
network:Updated:20150922
network:Updated-By:abuse@interserver.net

%ok
Queried whois.arin.net with "n 209.159.145.174"…

NetRange: 209.159.144.0 – 209.159.159.255
CIDR: 209.159.144.0/20
NetName: INTERSERVER
NetHandle: NET-209-159-144-0-1
Parent: NET209 (NET-209-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Interserver, Inc (INTER-83)
RegDate: 2009-12-07
Updated: 2012-02-24
Comment: Send abuse complaints to abuse@interserver.net
Ref: https://whois.arin.net/rest/net/NET-209-159-144-0-1

OrgName: Interserver, Inc
OrgId: INTER-83
Address: 110 Meadowlands Pkwy
Address: 1st Floor
City: Secaucus
StateProv: NJ
PostalCode: 07094
Country: US
RegDate: 2003-03-17
Updated: 2017-01-28
Comment: Please Use abuse@interserver.net for all abuse complaints
Ref: https://whois.arin.net/rest/org/INTER-83

ReferralServer: rwhois://rwhois.trouble-free.net:4321

OrgNOCHandle: NOC1390-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-201-605-1440
OrgNOCEmail: abuse@interserver.net
OrgNOCRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

OrgTechHandle: NOC1390-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-201-605-1440
OrgTechEmail: abuse@interserver.net
OrgTechRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

OrgAbuseHandle: NOC1390-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-201-605-1440
OrgAbuseEmail: abuse@interserver.net
OrgAbuseRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RAbuseHandle: NOC1390-ARIN
RAbuseName: Network Operations Center
RAbusePhone: +1-201-605-1440
RAbuseEmail: abuse@interserver.net
RAbuseRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RTechHandle: NOC1390-ARIN
RTechName: Network Operations Center
RTechPhone: +1-201-605-1440
RTechEmail: abuse@interserver.net
RTechRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RNOCHandle: NOC1390-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-201-605-1440
RNOCEmail: abuse@interserver.net
RNOCRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

scamFRAUDalert.ORG cybersquatting WARNING

SFA_Google_For SALE

Cybersquatting is a common practice online. scamFRAUDalert is no exception. What is Logo_Fraudalertincreasing becoming annoying is the amount of interest in our domain name. Zillions of so called scam ALERT sites have emerged. A cyber criminal has purchased the domain name scamfraudalert.org and is actively attempting to infect as many computer as he/she can.

SCAMMERS  have reinvented themselves to now providing ALERTS in all world to confused, muddy and discredit legitimate scam sites as ours.

Cybersquatting is a practice of registering, selling or using a domain name with the intent of profiting from the goodwill of someone else’s trademark. It generally refers to the practice of buying up domain names that use the names of existing businesses with the intent to sell the names for a profit to those businesses.

Below is the latest attempt of this squatter – URL discarded t.co / iB1oliNuVY
SFA_org_T.co Squatter
You get redirected to a Malware Infested Site
SFA_org_T.co Squatter2
scamfraudalert_org
scamfraudalerts_com.png

SFA_Google_For SALE

Read About the Phishing and Malware Expedition with domain scamFRAUDalert.org (screenshot below)

SFA_phishinggoogle-translate-1504195331710
SFA_Google_For SALE


screencapture-google-search-1507908626744


Domain Whois record
Queried whois.internic.net with “dom scamfraudalerts.com”…

Domain Name: SCAMFRAUDALERTS.COM
Registry Domain ID: 2096067633_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namebright.com
Registrar URL: http://www.NameBright.com
Updated Date: 2017-02-08T13:08:54Z
Creation Date: 2017-02-07T19:14:41Z
Registry Expiry Date: 2018-02-07T19:14:41Z
Registrar: DropCatch.com 808 LLC
Registrar IANA ID: 2567
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: NSG1.NAMEBRIGHTDNS.COM
Name Server: NSG2.NAMEBRIGHTDNS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-08-30T08:44:49Z <<<


Address lookup
canonical name:scamfraudalert.org

aliases
addresses:192.184.12.62
Domain Whois record

Queried whois.publicinterestregistry.net with “scamfraudalert.org”…

Domain Name: SCAMFRAUDALERT.ORG
Registry Domain ID: D402200000001715160-LROR
Registrar WHOIS Server:
Registrar URL: http://www.sitename.com
Updated Date: 2017-05-04T03:46:53Z
Creation Date: 2017-03-04T14:30:24Z
Registry Expiry Date: 2018-03-04T14:30:24Z
Registrar Registration Expiration Date:
Registrar: SiteName Ltd.
Registrar IANA ID: 437
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Reseller:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

Registry Registrant ID: C136922651-LROR
Registrant Name: Domain Manager
Registrant Organization: samirnet -domain names for sale
Registrant Street: Flat No. 48 Cunningham Apts Edward Road
Registrant City: Bangalore
Registrant State/Province:
Registrant Postal Code: 560052
Registrant Country: IN
Registrant Phone: +91.802260640
Registrant Email: samirnet2@gmail.com

Registry Admin ID: C136922651-LROR
Admin Name: Domain Manager
Admin Organization: samirnet -domain names for sale
Admin Street: Flat No. 48 Cunningham Apts Edward Road
Admin City: Bangalore
Admin State/Province:
Admin Postal Code: 560052
Admin Country: IN
Admin Phone: +91.802260640
Admin Email: samirnet2@gmail.com

Registry Tech ID: C136922651-LROR
Tech Name: Domain Manager
Tech Organization: samirnet -domain names for sale
Tech Street: Flat No. 48 Cunningham Apts Edward Road
Tech City: Bangalore
Tech State/Province:
Tech Postal Code: 560052
Tech Country: IN
Tech Phone: +91.802260640

Tech Email: samirnet2@gmail.com
Name Server: NS15.ABOVE.COM
Name Server: NS16.ABOVE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2017-08-30T08:45:24Z


from: James Ashmore [abuse@trellian.com]
to: scamFRAUDalert [scamfraudalert@gmail.com]
______________________________________
Hello,

Thank you for your message.

Acknowledgement that written correspondence has been received.

Above.com Monetization AutoPilot is a routing/redirection service only; we do not host any of the content of the domain/s or IP addresses in question. As this is the case, we dispute any claim of hosting any copyrighted content.

As we are not the governing body for these disputes, any cancellation of services will be done in accordance to the outcome of a UDRP from WIPO.

Kind regards,
James Ashmore
__________________________
Trellian.com Abuse Team :abuse@trellian.com
USA: +1 310-736-4230
Australia::+61- 3-9589-7946
http://www.above.com
http://www.above.com


AUSTRALIA

Office Hours:
M-F 9:00 am to 5:00 pm
Australian Eastern Std Time

Phone: + 61-3-9589-7946
Fax: + 61-3-9589-7951

USA Office
Trellian Direct Search Network
Above.com
5220 Pacific Concourse Dr
Suite 100
Los Angeles, CA 90045

WhoIs searchingmagnified.com

scamfraudalertdotorg redirects to a MALWARE DISTRIBUTOR
http://www.searchingmagnified.com/?dn=scamfraudalert.org&pid=7POS8W0N0
SFA_searchinggmagnified
SFA_searchinggmagnified2.PNG

ns2004.ztomy.com

Address lookup
canonical name:www.searchingmagnified.com
aliases
addresses:208.91.196.4
Domain Whois record

Queried whois.internic.net with “dom searchingmagnified.com”…

Domain Name: SEARCHINGMAGNIFIED.COM
Registry Domain ID: 1858468524_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.PublicDomainRegistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-05-31T17:10:52Z
Creation Date: 2014-05-13T10:19:45Z

Registry Expiry Date: 2020-05-13T10:19:45Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
Domain Status: clientTransferProhibited
Name Server: NS1004.ZTOMY.COM
Name Server: NS2004.ZTOMY.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:

Last update of whois database: 2017-08-19T16:04:42Z
Queried whois.publicdomainregistry.com with “searchingmagnified.com

Domain Name: SEARCHINGMAGNIFIED.COM
Registry Domain ID: 1858468524_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-05-31T17:10:52Z
Creation Date: 2014-05-13T10:19:45Z

Registrar Registration Expiration Date: 2020-05-13T10:19:45Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Domain Status: clientTransferProhibited

Registry Registrant ID: Not Available From Registry
Registrant Name: Domain Admin
Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
Registrant Street: 10 Corporate Drive
Registrant City: Burlington
Registrant State/Province: MA
Registrant Postal Code: 01803
Registrant Country: US
Registrant Phone: +1.8022274003
Registrant Email: contact@privacyprotect.org
Registry Admin ID: Not Available From Registry

Admin Name: Domain Admin
Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
Admin Street: 10 Corporate Drive
Admin City: Burlington
Admin State/Province: MA
Admin Postal Code: 01803
Admin Country: US
Admin Phone: +1.8022274003
Admin Email: contact@privacyprotect.org
Registry Tech ID: Not Available From Registry

Tech Name: Domain Admin
Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
Tech Street: 10 Corporate Drive
Tech City: Burlington
Tech State/Province: MA
Tech Postal Code: 01803
Tech Country: US
Tech Phone: +1.8022274003
Tech Email: contact@privacyprotect.org

Name Server: ns1004.ztomy.com
Name Server: ns2004.ztomy.com

DNSSEC:Unsigned
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
URL of the ICANN WHOIS Data Problem Reporting System:

Last update of WHOIS database: 2017-08-19T16:04:49Z

Network Whois record
Queried whois.arin.net with “n 208.91.196.4″…

NetRange: 208.91.196.0 – 208.91.197.255
CIDR: 208.91.196.0/23
NetName: CONFLUENCE-NETWORK-INC
NetHandle: NET-208-91-196-0-1
Parent: NET208 (NET-208-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS40034
Organization: Confluence Networks Inc (CN)
RegDate: 2011-04-15
Updated: 2015-11-23
Ref: https://whois.arin.net/rest/net/NET-208-91-196-0-1

OrgName: Confluence Networks Inc
OrgId: CN
Address: 3rd Floor, J & C Building, P.O. Box 362
City: Road Town
StateProv: Tortola
PostalCode: VG1110
Country: VG
RegDate: 2011-04-07
Updated: 2017-03-29
Ref: https://whois.arin.net/rest/org/CN

OrgAbuseHandle: ABUSE3065-ARIN
OrgAbuseName: Abuse Admin
OrgAbusePhone: +1-415-449-4704
OrgAbuseEmail: abuse@confluence-networks.com
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3065-ARIN

OrgNOCHandle: NOCAD51-ARIN
OrgNOCName: NOC Admin
OrgNOCPhone: +1-415-358-0891
OrgNOCEmail: noc@confluence-networks.com
OrgNOCRef: https://whois.arin.net/rest/poc/NOCAD51-ARIN

OrgTechHandle: TECHA29-ARIN
OrgTechName: Tech Admin
OrgTechPhone: +1-415-358-0891
OrgTechEmail: noc@confluence-networks.com
OrgTechRef: https://whois.arin.net/rest/poc/TECHA29-ARIN
DNS records

DNS query for 4.196.91.208.in-addr.arpa returned an error from the server: ServerFailure

name class type data time to live
http://www.searchingmagnified.com IN TXT v=spf1 a -all 300s (00:05:00)
http://www.searchingmagnified.com IN SOA
server: ns1004.ztomy.com
email: abuse@opticaljungle.com
serial: 2011062801
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 86400
300s (00:05:00)
http://www.searchingmagnified.com IN NS ns2004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN NS ns1004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN PTR ns1004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN A 208.91.196.4 300s (00:05:00)
searchingmagnified.com IN NS ns2004.ztomy.com 300s (00:05:00)
searchingmagnified.com IN SOA
server: ns1004.ztomy.com
email: abuse@opticaljungle.com
serial: 2011062801
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 86400
300s (00:05:00)
searchingmagnified.com IN PTR ns1004.ztomy.com 300s (00:05:00)
searchingmagnified.com IN A 208.91.196.4 300s (00:05:00)
searchingmagnified.com IN TXT v=spf1 a -all 300s (00:05:00)
searchingmagnified.com IN NS ns1004.ztomy.com 300s (00:05:00)
— end —
URL for this output | return to CentralOps.net, a service of Hexillion


The following A records are set to 208.91.196.4:

  1. advforward.com
  2. amitaz.com
  3. buypremiumdeals.com
  4. cdn-images.com
  5. cnomy.com
  6. completefwd.com
  7. discovereddeals.com
  8. dmnfwd.com
  9. domainfwd.com
  10. domainfwding.com
  11. fastdomainfwd.com
  12. findcrazydeals.com
  13. findfreshdeals.com
  14. freeresultsguide.com
  15. freesearchresults.com
  16. globaldomainfwd.com
  17. globalizedsearch.com
  18. globalsearchdirect.com
  19. internetmadesecure.com
  20. keywordqueryresults.com
  21. malkm.com
  22. mypageresults.com
  23. mysearchcentral.com
  24. namefwd.com
  25. newsearchstation.com
  26. ns1004.ztomy.com
  27. onlinefastsearch.com
  28. pagequeryresults.com
  29. quickfwd.com
  30. rediscoversearch.com
  31. resultfwding.com
  32. sdomainparking.com
  33. searchacross.com
  34. searchdirectresults.com
  35. searchdiscovered.com
  36. searchedforward.com
  37. searchedresults.com
  38. searchedreveal.com
  39. searcheduncovered.com
  40. searchesexplored.com
  41. searchesinteractive.com
  42. searchesinvent.com
  43. searchesresult.com
  44. searchharbor.com
  45. searchhotspot.com
  46. searchignited.com
  47. searchingexplore.com
  48. searchingmagnified.com
  49. searchinguncovered.com
  50. searchinvented.com
  51. searchmagnified.com
  52. searchmagnitude.co
  53. searchmeaningful.com
  54. searchqueryresults.com
  55. searchrediscovered.com
  56. searchreinvented.com
  57. searchremagnified.com
  58. searchresultsguide.com
  59. searchtargeted.com
  60. searchtermresults.com
  61. sendfwd.com
  62. sitequeryresults.com
  63. smartseekerz.com
  64. targetedinfo.com
  65. targetedlistings.net
  66. targetedtopic.com
  67. thegreatestsearch.com
  68. theusefulsearch.com
  69. universalfwd.com
  70. usinternetsearch.com
  71. virlz.com
  72. webqueryresults.com
  73. ztomy.com

WHOIS PREDATORSREGISTRY.COM aka PERVERTREPORT.COM

scamFRAUDalert see it appropriate to ALERT consumers that Pervertreport.com is a part of a growing list of insidious sites being operated by a group of cyber criminals based in Latvia, MEDIOLEX LTD with handlers or affiliates around the the globe. We have identified that the affiliates in India or Pakistan, United Kingdom, Russia, Dayton Ohio (US), San Francisco Bay area, Orlando, Florida (US) and Los Angeles, CA (US) are the most aggressive.

The group seems to be well connected as they have clout to publish nonsense online without FEAR or REPERCUSSION youtube videos associated with news channels like FOX News with the sole purpose to distort or discredit scamFRAUDalert.

Along with these insidious sites, comes reputation management removal sites. They are dime a dozen. This is the new gold mine for these criminals.

-pervertreport-com

Below are some of the sites we’ve been able to identified to date.

  1. AngryCitizen
  2. AngryCitizen.com
  3. awfultenant.com
  4. badbizbureau.com
  5. badbizreport.com
  6. badbizreport.is
  7. badboydirectory.com
  8. badboyescort.com
  9. BadBoyreport.kr
  10. Badboyreport.kr
  11. badbizreport.is
  12. badboysreport.com
  13. badbusinessreport.com
  14. badrenterreport.com
  15. BadScapel.com
  16. blacklistreport.com
  17. Canada-Complaints.com
  18. CarComplaints.com
  19. cheatercentral.com
  20. cheatercomplaints.com
  21. Cheaterland.com
  22. cheatersrus.com ******
  23. Cheaterville.com
  24. complaintboard.com
  25. complaintboard.in
  26. Complaintboard.in
  27. ComplaintBureau.com
  28. complaintsboard.com
  29. Complaintsbureau.com
  30. complaintsbureau.com ********
  31. ComplaintsList.com
  32. Complaintslist.com
  33. ConsumerComplaints.co
  34. ConsumerComplaints.in
  35. Consumercomplaints.in
  36. Consumer-Court.in
  37. ConsumerMotion.com
  38. DatingPsychos.com
  39. DatingScams101
  40. DeadBeatDirectory
  41. deadbeatjohns.com
  42. deadbeatregistry.com
  43. Delete Mugshots
  44. DirtyScam.com
  45. exposeascam.com
  46. exposingpsychos.com
  47. godaddyrus.com
  48. gotrevenge.com
  49. GrahakSeva.com
  50. InComplaints
  51. IndianRealEstateReviews.com
  52. jailarrest.com
  53. liarcheatersrus.com
  54. LiarsCheatersAndBastards.com
  55. LiarscheatersRus.com
  56. MeasuredUp.com
  57. MeraReview.com
  58. Merareview.com
  59. MiamiComplaints.com
  60. ns2.liarsandcheaters.com
  61. OutScam.com
  62. potentialjohns.com
  63. predatorslist.com
  64. predatorsregistry.com
  65. predatorswatch.com
  66. PredatorsWatch.com
  67. Private-Complaints.com
  68. Private-Complaints.com
  69. Private-complaints.com
  70. PropertiesReviews.com
  71. PropertyScam.in
  72. realtorcomplaints.com
  73. realtor-complaints.com
  74. Remove Legal Listings
  75. Remove Negative Reviews
  76. RepDigger.com
  77. reportadoctor.com
  78. reportdeadbeats.com
  79. ReportMyEx.com
  80. reportmyex.com
  81. Reportmyex.com
  82. reportscam
  83. ReportScam.com
  84. ReviewsTalk.com
  85. Reviewstalk.com
  86. ripoffonline.com
  87. Scamadviser.com
  88. scamboard.com
  89. Scambook.com
  90. ScamBookRemoval.com
  91. ScamExposure
  92. scamfraudreport.com
  93. Scamgroup.com
  94. spaminform.com
  95. scamhandler.com
  96. scamhandlers.com
  97. ScamNumbers.info
  98. Scamorg.com
  99. Scamorg.com
  100. ScamVoid.com
  101. ShesAHomeWrecker.com
  102. crushus.com
  103. Shesahomewrecker.com
  104. stanfordtributes.com
  105. stdexposure.com *****
  106. stdregistry.com ******
  107. stinkylist.com
  108. TheDirty.Com
  109. Thedirty.com
  110. USAComplaints.com
  111. UScomplaints.com
  112. valleymetalrecyclinginc.com
  113. Whoscammedyou.com
  114. wikiwarnings
  115. Wikiwarnings.com
  116. warning-notice.com
  117. worstcomplaints.com
  118. spaminform.com
  119. sudzibas.eu.lv
  120. voteanddate.com
  121. spamcaution.com
  122. voteanddate.in
  123. pervertreport.com
  124. usapublicdata.com
  125. badreviews.site

-www-google-com-search (27)

Address lookup

canonical name :pervertreport.com
aliases
addresses :2400:cb00:2048:1::681b:a4ea
2400:cb00:2048:1::681b:a5ea
104.27.165.234
104.27.164.234

Domain Whois record

Queried whois.internic.net with “dom pervertreport.com”…

Domain Name: PERVERTREPORT.COM
Registry Domain ID: 1914117099_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.tldregistrarsolutions.com
Registrar URL: http://www.tldregistrarsolutions.com
Updated Date: 2017-03-13T04:53:37Z
Creation Date: 2015-03-28T17:01:42Z

Registry Expiry Date: 2018-03-28T17:01:42Z
Registrar: TLD Registrar Solutions Ltd
Registrar IANA ID: 1564
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: DINA.NS.CLOUDFLARE.COM
Name Server: NORM.NS.CLOUDFLARE.COM
DNSSEC: unsigned

>>> Last update of whois database: 2017-07-30T03:01:15Z <> Last update of WHOIS database: 2017-07-30T03:01:04Z <<<
Network Whois record

Queried whois.arin.net with “n 104.27.165.234″…

NetRange: 104.16.0.0 – 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS13335
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2017-02-17
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Ref: https://whois.arin.net/rest/net/NET-104-16-0-0-1

OrgName: Cloudflare, Inc.
OrgId: CLOUD14
Address: 101 Townsend Street
City: San Francisco
StateProv: CA
PostalCode: 94107
Country: US
RegDate: 2010-07-09
Updated: 2017-02-17
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Ref: https://whois.arin.net/rest/org/CLOUD14

OrgTechHandle: ADMIN2521-ARIN
OrgTechName: Admin
OrgTechPhone: +1-650-319-8930
OrgTechEmail: admin@cloudflare.com
OrgTechRef: https://whois.arin.net/rest/poc/ADMIN2521-ARIN

OrgAbuseHandle: ABUSE2916-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-319-8930
OrgAbuseEmail: abuse@cloudflare.com
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE2916-ARIN

OrgNOCHandle: NOC11962-ARIN
OrgNOCName: NOC
OrgNOCPhone: +1-650-319-8930
OrgNOCEmail: noc@cloudflare.com
OrgNOCRef: https://whois.arin.net/rest/poc/NOC11962-ARIN

RNOCHandle: NOC11962-ARIN
RNOCName: NOC
RNOCPhone: +1-650-319-8930
RNOCEmail: noc@cloudflare.com
RNOCRef: https://whois.arin.net/rest/poc/NOC11962-ARIN

RAbuseHandle: ABUSE2916-ARIN
RAbuseName: Abuse
RAbusePhone: +1-650-319-8930
RAbuseEmail: abuse@cloudflare.com
RAbuseRef: https://whois.arin.net/rest/poc/ABUSE2916-ARIN

RTechHandle: ADMIN2521-ARIN
RTechName: Admin
RTechPhone: +1-650-319-8930
RTechEmail: admin@cloudflare.com
RTechRef: https://whois.arin.net/rest/poc/ADMIN2521-ARIN
DNS records

name class type data time to live
pervertreport.com IN HINFO
CPU: ANY obsoleted
OS: See draft-ietf-dnsop-refuse-any
3789s (01:03:09)
pervertreport.com IN NS dina.ns.cloudflare.com 86400s (1.00:00:00)
pervertreport.com IN NS norm.ns.cloudflare.com 86400s (1.00:00:00)
234.165.27.104.in-addr.arpa IN HINFO
CPU: Please stop asking for ANY
OS: See draft-ietf-dnsop-refuse-any
3

bestgirlsxx.com

Malware infected sites

94.28.173.220 resolves to dedic.dc.besthosting.ua.

The following A records are set to 194.28.173.220:
bestgirlsrus.comScam Alert 1
bestgirlsxx.com
bestxxgirls.com
dategirlsxx.com
datewrg.com
datexxgirls.com
datilinal.com
dating-lux.com
datingruss.com
datingxxgirls.com
fishflytoy.com
girlsbestrus.com
girlsbestxx.com
girlsdatexx.com
girlsonlinerus.com
girlsrusbest.com
girlsxxbest.com
girlsxxdate.com
girlsxxdating.com
ns1.continentalcargocompany.com
ns1.premiumcargocompany.com
ns2.continentalcargocompany.com
ns2.premiumcargocompany.com
onlinegirlsrus.com
onlinerugirls.com
onlinerusgirls.com
plsdating.com
rusbestgirls.com
rusgirlsbest.com
rusgirlsonline.com
rusonlinegirls.com
russadult.com
xxbestgirls.com
xxdategirls.com
xxgirlsbest.com
xxgirlsdate.com
yoyamed.com
yoyaplst.com

WhoIs ~ www1.clicksensational.com

A threat to the Global Internet Infrastructure
Money Mule eco-system 1

Money Mule eco-system 2

190.120.229.99

www1.clicksensational.com

Announced By
Origin AS Announcement Description
AS26272 190.120.224.0/20 Infolink Panama Corp
AS26272 190.120.228.0/22 Infolink Panama Corp

Address has 29 hosts associated with it.

https://route.robtex.com/190.120.229.0-24.html#netmap

190.120.229.0/24

We have 206 A records and 119 PTR records in this network. Six percent of the A records have corresponding PTR records and ten percent of the PTR records have corresponding A records.

Network Map – Network

 

IANA-BLK The whole IPv4 address space

admin-c: IANA1-AFRINIC
country: EU # Country is really world wide
descr: The whole IPv4 address space
inetnum: 0.0.0.0 – 255.255.255.255
mnt-by: AFRINIC-HM-MNT
mnt-lower: AFRINIC-HM-MNT
netname: IANA-BLK
org: ORG-IANA1-AFRINIC
remarks: The country is really worldwide.
This address space is assigned at various other places in
the world and might therefore not be in the RIPE database.
data has been transferred from RIPE Whois Database 20050221
source: AFRINIC # Filtered
status: ALLOCATED UNSPECIFIED
tech-c: IANA1-AFRINIC

BGP announced by

 

128.0.0.0/2

BGP announced by

190.120.224.0/20 Infolink_190-120-224-0-BLOCK

BGP announced by

Registered route from

Location Panama

190.120.228.0/22

Network

PA-IPCO3-LACNIC Infolink Panama Corp.

abuse-c: MIA17
address: APDO 0832-2745, –, Suite 152, World Trade C
0832-2745 – Panama – PA
changed: 20120321
country: PA
created: 20120321
inetnum: 190.120.228/22
inetnum-up: 190.120.224/20
inetrev: 190.120.228/22
nserver: NS3.FORTATRUST.COM
nslastaa: 20130727
nsstat: 20130727 AA
owner: Infolink Panama Corp.
owner-c: MIA17
ownerid: PA-IPCO3-LACNIC
phone: +507 3176046 []
responsible: Miguel Abood
status: reallocated
tech-c: MIA17

BGP announced by

Graph   Sites
IP Type Hostname
190.120.229.0 PTR mta24.wilinkmail3.net
190.120.229.1 PTR mta25.wilinkmail3.net
190.120.229.2 PTR server01.caffoartes.com.br
A webb.net.br
190.120.229.4 PTR mail.shivas01.co.cc
190.120.229.5 A besttabs-solution.com
edtabs-selection.com
perfect-onlinepharmacy.com
reliable-tablets.com
rxtabs-online.com
safe-edpills.com
trustedtablets-online.com
ultimate-pill-store.com
your-excellent-tablets.com
your-perfect-generics.com
ns1.extendedlv.com
*.trustedtablets-online.com
www.trustedtablets-online.com
190.120.229.6 PTR mail10.emktprime.com.br
190.120.229.8 PTR mail3.propaganews.com.br
190.120.229.9 PTR mail4.propaganews.com.br
190.120.229.10 PTR mail5.propaganews.com.br
190.120.229.11 A+PTR mail6.propaganews.com.br
190.120.229.12 PTR mail7.propaganews.com.br
190.120.229.13 PTR mail8.propaganews.com.br
190.120.229.16 A+PTR apcprofession.com
A jeunes-femmes-sexe.com
190.120.229.42 A femme-enculee-profond.com
190.120.229.43 PTR mail9.propaganews.com.br
A belle-gothique.com
esposa-follada-profunda.com
190.120.229.44 PTR mail10.propaganews.com.br
A cazzo-nel-culo.com
cock-in-ass.com
cock-in-the-ass.com
kogut-w-dupe.com
ns2.jorpoint.com
190.120.229.45 PTR mail11.propaganews.com.br
190.120.229.49 PTR dealsnoticedaily.com.229.120.190.in-addr.arpa
190.120.229.51 PTR dealsparktoday.com
190.120.229.52 A jetstar-airlines.com
190.120.229.56 A ns2.kikbac.com
190.120.229.61 PTR great-dating-specials.com
A azureapple.info
190.120.229.64 A+PTR shell.networkjunkies.com
190.120.229.65 PTR mail13.propaganews.com.br
190.120.229.67 PTR mktdescontos.com.br
190.120.229.68 A mail.offwhite.net
190.120.229.70 PTR smail01.textlandiamanager.com
190.120.229.71 PTR app.networksexperts.com
190.120.229.74 PTR serv74.mktdescontos.com.br
190.120.229.75 A+PTR juanin.com
190.120.229.77 A+PTR ntkernel.com
A ntndis.com
*.ntkernel.com
mail.ntkernel.com
190.120.229.78 PTR serv78.mktdescontos.com.br
190.120.229.79 PTR ns1877.hospedagemdesites.net.br
190.120.229.80 PTR www2.rewardsshere4u.com
A foreclosureangelfoundation.com
www.foreclosureangelfoundation.com
190.120.229.81 PTR pty13186.webhost10.net
190.120.229.82 PTR www.prizeshere4u.com
190.120.229.83 PTR www1.prizeshere4u.com
190.120.229.84 PTR rev1.webhost10.net
190.120.229.85 A+PTR rev2.webhost10.net
190.120.229.86 A+PTR rev3.webhost10.net
190.120.229.87 A+PTR rev4.webhost10.net
190.120.229.88 PTR mail14.propaganews.com.br
190.120.229.89 A link-building-guide.com
freakasaur.us
190.120.229.90 PTR www2.linkhere4u.com
190.120.229.91 PTR www3.linkhere4u.com
190.120.229.92 PTR www.gohere4u.com
190.120.229.93 A+PTR mail.talemail.net
A talemail.net
190.120.229.94 PTR netvalueorbiter.com
190.120.229.95 PTR mail6.marktbrasil.com.br
190.120.229.96 PTR mail11.emktprime.com.br
190.120.229.97 PTR mail7.marktbrasil.com.br
A gohonline.net
190.120.229.98 PTR www.clicksensational.com
190.120.229.99 PTR www1.clicksensational.com
A beyond-atlantis.biz
freelancersltd.biz
fundstransferalliance.biz
accounting-plus-uk.com
andromeda-uk.com
business-solution-partnerltd.com
dynamite-solutions.com
fin-advice-centre.com
accounting-plus-ltd.org
andromeda-ltd.org
bestsolutions-usa.org
business-solutionpartner-ltd.org
consult-compass-us.org
fundstransferalliance-us.org
galaxy-software-sol.org
holdings-solution.org
190.120.229.100 PTR www2.clicksensational.com
190.120.229.101 PTR mail17.propaganews.com.br
A galaxy-software-sol.cc
best-n-saveltd.com
bmc-outsourcing-inc.com
business-sol-spec.com
careerbestltd.com
corpdenhouse.com
financedrive-uk.com
freelancersltd.com
inc-londonltd.com
ramejkis.com
business-solution-spec.net
financial-advice-cen.net
financedrive-ltd.org
190.120.229.102 PTR serv102.mktdescontos.com.br
190.120.229.103 A asap-us.biz
bestsolutions-usa.biz
consult-compass-ltd.biz
biz-software.cc
infoace-ltd.com
dynamitesolutions-ltd.net
asap-us.org
beyond-atlantis-ltd.org
biz-software.org
careerbestltd.org
denhouseltd.org
incorp-london-ltd.org
incorplondonltd.org
190.120.229.104 PTR f1.servbb.com
190.120.229.106 PTR f2.servbb.com
A buffspiral.info
190.120.229.107 PTR mail3.emktprime.com.br
A coralrope.info
190.120.229.108 PTR mail4.emktprime.com.br
A forestroof.info
190.120.229.109 A+PTR f3.servbb.com
A forkspice.info
ns1.dattellix.net.ve
190.120.229.110 PTR mail5.emktprime.com.br
A gamemagnet.info
190.120.229.111 PTR www3.4utogohere.com
A rateyourcrack.com
rateyourrack.com
rateyourrear.com
rateyourrod.com
rateyoursex.com
rateyourtat.com
you-are-the-boss.com
rategateway.net
rateyourpiercing.net
rateyourrack.net
new.rateyourrack.com
www.rateyourrack.com
www.rateyourrod.com
www.rateyoursex.com
www.you-are-the-boss.com
pics.rategateway.net
190.120.229.112 PTR nosy.topdeliverysite.com
A pubtronic.com
pubtronic.net
190.120.229.113 PTR big.topdeliverysite.com
190.120.229.114 PTR angry.topdeliverysite.com
190.120.229.115 PTR cuddly.topdeliverysite.com
190.120.229.116 PTR naughty.topdeliverysite.com
190.120.229.118 PTR www.greatersuperdeals.com
190.120.229.119 PTR www1.greatersuperdeals.com
190.120.229.120 PTR www2.greatersuperdeals.com
190.120.229.121 PTR f4.servbb.com
A gehadel.com
190.120.229.122 PTR www.suprduproffer.com
190.120.229.123 PTR f5.servbb.com
190.120.229.124 A+PTR backup0.ontolo.com
190.120.229.125 PTR www3.suprduproffer.com
190.120.229.126 PTR api0.ontolo.com
190.120.229.128 PTR mail28.propaganews.com.br
190.120.229.132 PTR mail29.propaganews.com.br
190.120.229.135 PTR smail01.mobiletoolsuite.com
190.120.229.136 PTR smail52.trumpia.com
190.120.229.137 PTR ip137.soapvalues.com
190.120.229.138 PTR crunchbox1.ontolo.com
190.120.229.139 PTR mail30.propaganews.com.br
190.120.229.140 PTR host.ebillboardsinc.com
190.120.229.142 PTR smail01.mobilemarketiser.com
190.120.229.145 PTR smail35.trumpia.com
190.120.229.146 PTR www.radiodancefloor.it
190.120.229.148 A+PTR foxienet.com
190.120.229.150 A airhighnews.com
murraystore.com
promerta.com
acceddeal.info
acresfriends.info
auraraw.info
barticoupon.info
blenddeals.info
cattretail.info
cheuri.info
coneyfriends.info
crassrewards.info
culpaonline.info
cyproj.info
datedcenter.info
dunnics.info
ethicawards.info
ezgovplace.info
forteawards.info
galagiftcard.info
hazelprizes.info
hidenews.info
latersports.info
loadsinstitute.info
mayorcard.info
medalday.info
pegascoupon.info
perkyawards.info
phoenixtable.info
pottycard.info
proawards.info
quiretail.info
reelcentre.info
rivalinstitute.info
saxonawards.info
seedynews.info
shitgifts.info
redconsumers.org
straithost.org
190.120.229.151 PTR mail31.propaganews.com.br
A daveschultheis.com
frevycnulqe.com
hearthfund.org
190.120.229.152 PTR mail30.propaganews.com.br
A mail.caprxpharmacy.ru
190.120.229.153 PTR mail33.propaganews.com.br
190.120.229.154 PTR mail34.propaganews.com.br
190.120.229.155 A wearysloth.com
mail.aveleyman.com
www.aveleyman.com
190.120.229.159 PTR serv159.mktdescontos.com.br
A consolacionsda.org
190.120.229.162 A roidspharma.com
190.120.229.163 PTR crunchbox0.ontolo.com
190.120.229.164 A 656.cc
190.120.229.166 A venustv.com
*.venustv.com
com.venustv.com
ns1.venustv.com
ns2.venustv.com
root.venustv.com
ww.venustv.com
www.venustv.com
*.com.venustv.com
venustv.com.venustv.com
2242112411142222222.189.9155.in-addr.arpa
*.venustv.com.venustv.com
ns1.venustv.com.venustv.com
ns2.venustv.com.venustv.com
190.120.229.167 A moncler-doudoune-online.com
190.120.229.168 A b-p.md
190.120.229.185 PTR one.hitkill.com
190.120.229.186 PTR mail33.propaganews.com.br
mail61.server3wilink.com.br
190.120.229.187 PTR ip187.soapvalues.com
190.120.229.188 PTR ip188.soapvalues.com
190.120.229.190 A brucegaster.com
190.120.229.196 PTR sp-host3.redseal.net
190.120.229.204 PTR 204-229-120-190.aytta.com
190.120.229.207 A disarq.com
*.disarq.com
ns.disarq.com
nsbackup.disarq.com
190.120.229.208 PTR rocktopia.co.uk
A transistor.ltd.uk
ns1.transistor.ltd.uk
190.120.229.209 A ns2.transistor.ltd.uk
190.120.229.212 PTR emporioborgesbebidas.com.br
A ns3.nascomhosting.com.br
190.120.229.216 PTR serv216.mktdescontos.com.br
190.120.229.224 A asiatique-salope-nue.com
190.120.229.225 PTR us.athos.ro
190.120.229.229 PTR nascomhosting.com.br
A w8motors.com
mail.nascom.com.br
mail.nascomhosting.com.br
190.120.229.230 PTR nascomhosting.com.br
190.120.229.231 PTR dealstartertoday.com
190.120.229.232 PTR ultradailydeals.com
190.120.229.233 PTR dailydeals2you.com
190.120.229.234 A cecibubble.com
190.120.229.235 PTR depressed.makehostingsimple.com
190.120.229.236 PTR serv236.mktdescontos.com.br
190.120.229.237 PTR dirty.makehostingsimple.com
190.120.229.238 PTR envious.makehostingsimple.com
190.120.229.239 PTR two.hitkill.com
190.120.229.240 PTR naughty.makehostingsimple.com
A casting-porno-auvergne.com
chattes-rasee.com
enculer-une-femme.com
femme-gothique-sexe.com
foder-uma-mulher.com
fuck-woman-ass.com
190.120.229.241 PTR breezy.makehostingsimple.com
190.120.229.242 PTR spotty.makehostingsimple.com
190.120.229.243 PTR frightened.makehostingsimple.com
190.120.229.244 A+PTR rocktopia.co.uk
A ns1.rocktopia.co.uk
www.rocktopia.co.uk
190.120.229.245 PTR rocktopia.co.uk
A rocktopia.net
www.rocktopia.net
ns2.rocktopia.co.uk
190.120.229.246 PTR host6.supersenderbr.com
190.120.229.247 PTR host5.supersenderbr.com
190.120.229.255 PTR mail6.enviodigital1.info

WEBSITES POSTING MUG SHOTS AND EXTORTION

The IC3 has received hundreds of complaints from individuals IC3claiming they located their mug shots on 20 different websites, all of which allegedly use similar business practices. Some victims reported they were juveniles at the time of the arrests and their records were sealed. Therefore, their information should not be available to the public. Others stated the information posted on the sites was either incorrect or blatantly false.

Complainants who requested to have their mug shot removed, had to provide a copy of their driver’s license, court record and other personal identifying information. However, providing such information puts those at risk for identify theft.

Complainants were also subject to paying a fee to have their mug shot removed. Although they paid the fee, some of the mug shots were not removed. If they were removed, the mug shots appeared on similar websites.

If the victim threatened to report the websites for unlawful practice, the websites’ owners threatened to escalate the damaging information against the victim.