[AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]

Brad Peczka brad at bradpeczka.com
Tue Jul 1 14:48:49 EST 2014


Looks fine to me?

Regards,
-Brad.

--

bradpeczka$ dig -t A direct.domainregister.com.au

; <<>> DiG 9.8.3-P1 <<>> -t A direct.domainregister.com.au
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43658
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;direct.domainregister.com.au.	IN	A

;; ANSWER SECTION:
direct.domainregister.com.au. 261 IN	A	87.76.16.45

________________________________________
From: AusNOG [ausnog-bounces at lists.ausnog.net] On Behalf Of ANSA SERVERS [info at ausnetservers.net.au]
Sent: Tuesday, 1 July 2014 12:47 PM
To: Haydn Cockayne; Jesse O'Connor
Cc: ausnog at lists.ausnog.net; john.tomic at auda.org.au
Subject: Re: [AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]

Hi Haydn,

That website does not exsist

From: Haydn Cockayne [mailto:h.cockayne at kolbe.wa.edu.au]
Sent: Tuesday, 1 July 2014 2:46 PM
To: Jesse O'Connor
Cc: ANSA SERVERS; ausnog at lists.ausnog.net; john.tomic at auda.org.au
Subject: Re: [AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]

By default direct.domain.com<http://direct.domain.com> will give you the real IP of a domain hosted by Cloudflare


Haydn Cockayne | ICT Operations Officer

Kolbe Catholic College<http://www.kolbe.wa.edu.au/> | Dowling St, Rockingham, WA, 6168<http://goo.gl/maps/SkJZ5>
Helpdesk: 9591 4222 | Direct: 9591 4207

On Tue, Jul 1, 2014 at 11:59 AM, Jesse O'Connor <jessexoc at gmail.com<mailto:jessexoc at gmail.com>> wrote:
Hi Matthew,

> Is there anyone on the list that works for CloudFlare? It seems this company wants to ensure that their server cannot be tracked or have been ddosed before. I am trying to find the datacentre that’s hosting the server and have the server shutdown. If they are smart they are possibly using a US server.

I do not work for CloudFlare, but you could try looking for subdomains that might not be behind CloudFlare, then looking at the owner of those IPs:

https://www.google.com.au/search?q=site:*.domainregister.com.au
Found one: manage.domainregister.com.au<http://manage.domainregister.com.au/>

$ host manage.domainregister.com.au<http://manage.domainregister.com.au/>
manage.domainregister.com.au<http://manage.domainregister.com.au/> has address 87.76.16.45
manage.domainregister.com.au<http://manage.domainregister.com.au/> has IPv6 address ::87.76.16.45

$ whois 87.76.16.45
...snip...
organisation:   ORG-FHL6-RIPE
org-name:       Future Hosting LLC
org-type:       other
address:        39555 Orchard Hill Place, Suite 600
address:        Novi, MI 48375, US
mnt-ref:        MNT-4DDATACENTRES
mnt-by:         VP88412-MNT
tech-c:         VP3935-RIPE
admin-c:        VP3935-RIPE
abuse-c:        VAH17-RIPE
abuse-mailbox:  security at vpsdatacenter.com<mailto:security at vpsdatacenter.com>
abuse-mailbox:  security at futurehosting.com<mailto:security at futurehosting.com>
source:         RIPE # Filtered
...snip...

Cheers,
Jesse

On Tue, Jul 1, 2014 at 1:05 PM, ANSA SERVERS <info at ausnetservers.net.au<mailto:info at ausnetservers.net.au>> wrote:
Hey All,

Just heads up to EVERYONE in the hosting / domain registration business Australia and worldwide this company (Domain Register Pty Ltd) is possibly scamming your clients into purchasing domain names and forward hosting that they do not need or want with their invoice looking quotes.

This company has already been done by the ACCC once and have come back again this year with a clause on their quote “This is an invitation to register, disregard this letter if you are not the proprietor or if you do not wish to register”

However, earlier this year the privacy laws changed and this company should be offering an opt out option to not receive this content. I have called them at least 10 times telling them to remove my postal box from their marketing lists.

NetRegistry and myself are already across the issue. I have contacted the AFP, ACCC AuDA and Consumer Affairs VIC as well as listed it on scam watch. But this new entity is operating from within the laws So it’s a matter of buyer beware

We have received over 120 of these letters addressed to clients since April 2013. Thankfully it’s our address not theirs!

Is there anyone on the list that works for CloudFlare? It seems this company wants to ensure that their server cannot be tracked or have been ddosed before. I am trying to find the datacentre that’s hosting the server and have the server shutdown. If they are smart they are possibly using a US server.

I wouldn’t mind having their 1300 number terminated as well.

More information here:

http://whois.domaintools.com/domainregister.com.au
http://www.netregistry.com.au/support/warning-domain-registration-scam-from-domain-register-pty-ltd-april-2013/
http://www.netregistry.com.au/support/WARNING-Domain-Registration-scam-from-Domain-Name-Group-Pty-Ltd-July-2010/
http://www.auda.org.au/about-auda/our-services/consumer-alerts/unsolicited-letters-from-domain-name-group-pty-ltd-and-domain-register-pty-ltd/

Contact me for further information

Regards,

Matthew Matters  Managing Director / CEO of Aus Net Servers Australia Pty Ltd
Management Department  |  Small Business Hosting Sales & Services  |  Aus Net Servers Australia Pty Ltd
P  1300 933 038<tel:1300%20933%20038>  |  M  0428 028 091<tel:0428%20028%20091>  |  E  mmatters at ausnetservers.net.au<mailto:mmatters at ausnetservers.net.au> |  W  www.ausnetservers.net.au<http://www.ausnetservers.net.au/>
ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated Hosting Solutions For Small Business Since 2007



[http://cdn.ausnetservers.net.au/Exchange/image004.jpg]<http://www.linkedin.com/company/aus-net-servers-australia>[http://cdn.ausnetservers.net.au/Exchange/image006.jpg]<http://www.twitter.com/ansaservers>The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au<mailto:hostmaster at ausnetservers.net.au> and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

[http://cdn.ausnetservers.net.au/Exchange/image004.jpg] <http://www.linkedin.com/company/aus-net-servers-australia> [http://cdn.ausnetservers.net.au/Exchange/image006.jpg]  <http://www.twitter.com/ansaservers> The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.


More information about the AusNOG mailing list