[AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]

Haydn Cockayne h.cockayne at kolbe.wa.edu.au
Tue Jul 1 15:02:09 EST 2014


Yep, that's it. Sorry - should have been more specific.

*Haydn Cockayne* | ICT Operations Officer

Kolbe Catholic College <http://www.kolbe.wa.edu.au/> | Dowling St,
Rockingham, WA, 6168 <http://goo.gl/maps/SkJZ5>
Helpdesk: 9591 4222 | Direct: 9591 4207


On Tue, Jul 1, 2014 at 12:50 PM, Bradley Amm <Bradley.Amm at homegroupwa.com.au
> wrote:

>  What he meant was if a domain is on Cloudflare you can go to
> direct.thedomain.com and get the direct website
>
> EG My test website is hosted on Cloudflare. But direct.bradleyamm.com
> will give you the hosted site on VentraIP
>
>
>
> Just DNS entries
>
>
>
>
>
>
>
> Kind Regards
>
>
>
> *Bradley Amm*
>
> 11 Delawney St Balcatta WA 6021
>
> *P* 08 6241 4404 *F* 6241 4455 *M* 0448 815 710
>
> W www.homegroupwa.com.au
>
>
>
> [image: new-footer]
>
>
>
>
>
> *From:* AusNOG [mailto:ausnog-bounces at lists.ausnog.net] *On Behalf Of *ANSA
> SERVERS
> *Sent:* Tuesday, 1 July 2014 12:47 PM
> *To:* Haydn Cockayne; Jesse O'Connor
> *Cc:* ausnog at lists.ausnog.net; john.tomic at auda.org.au
>
> *Subject:* Re: [AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]
>
>
>
> Hi Haydn,
>
>
>
> That website does not exsist
>
>
>
> *From:* Haydn Cockayne [mailto:h.cockayne at kolbe.wa.edu.au
> <h.cockayne at kolbe.wa.edu.au>]
> *Sent:* Tuesday, 1 July 2014 2:46 PM
> *To:* Jesse O'Connor
> *Cc:* ANSA SERVERS; ausnog at lists.ausnog.net; john.tomic at auda.org.au
> *Subject:* Re: [AusNOG] WARNING! WARNING: SCAM [Domain Register Pty Ltd]
>
>
>
> By default direct.domain.com will give you the real IP of a domain hosted
> by Cloudflare
>
>
>   *Haydn Cockayne* | ICT Operations Officer
>
> Kolbe Catholic College <http://www.kolbe.wa.edu.au/> | Dowling St,
> Rockingham, WA, 6168 <http://goo.gl/maps/SkJZ5>
> Helpdesk: 9591 4222 | Direct: 9591 4207
>
>
>
> On Tue, Jul 1, 2014 at 11:59 AM, Jesse O'Connor <jessexoc at gmail.com>
> wrote:
>
>  Hi Matthew,
>
>
>
> > Is there anyone on the list that works for CloudFlare? It seems this
> company wants to ensure that their server cannot be tracked or have been
> ddosed before. I am trying to find the datacentre that’s hosting the server
> and have the server shutdown. If they are smart they are possibly using a
> US server.
>
>
>
> I do not work for CloudFlare, but you could try looking for subdomains
> that might not be behind CloudFlare, then looking at the owner of those
> IPs:
>
>
>
> https://www.google.com.au/search?q=site:*.domainregister.com.au
>
> Found one: manage.domainregister.com.au
>
>
>
> $ host manage.domainregister.com.au
>
> manage.domainregister.com.au has address 87.76.16.45
>
> manage.domainregister.com.au has IPv6 address ::87.76.16.45
>
>
>
> $ whois 87.76.16.45
>
> ...snip...
>
> organisation:   ORG-FHL6-RIPE
>
> org-name:       Future Hosting LLC
>
> org-type:       other
>
> address:        39555 Orchard Hill Place, Suite 600
>
> address:        Novi, MI 48375, US
>
> mnt-ref:        MNT-4DDATACENTRES
>
> mnt-by:         VP88412-MNT
>
> tech-c:         VP3935-RIPE
>
> admin-c:        VP3935-RIPE
>
> abuse-c:        VAH17-RIPE
>
> abuse-mailbox:  security at vpsdatacenter.com
>
> abuse-mailbox:  security at futurehosting.com
>
> source:         RIPE # Filtered
>
> ...snip...
>
>
>
> Cheers,
>
> Jesse
>
>
>
> On Tue, Jul 1, 2014 at 1:05 PM, ANSA SERVERS <info at ausnetservers.net.au>
> wrote:
>
>   Hey All,
>
>
>
> Just heads up to EVERYONE in the hosting / domain registration business
> Australia and worldwide this company (Domain Register Pty Ltd) is possibly
> scamming your clients into purchasing domain names and forward hosting that
> they do not need or want with their invoice looking quotes.
>
>
>
> This company has already been done by the ACCC once and have come back
> again this year with a clause on their quote “This is an invitation to
> register, disregard this letter if you are not the proprietor or if you do
> not wish to register”
>
>
>
> However, earlier this year the privacy laws changed and this company
> should be offering an opt out option to not receive this content. I have
> called them at least 10 times telling them to remove my postal box from
> their marketing lists.
>
>
>
> NetRegistry and myself are already across the issue. I have contacted the
> AFP, ACCC AuDA and Consumer Affairs VIC as well as listed it on scam watch.
> But this new entity is operating from within the laws So it’s a matter of
> buyer beware
>
>
>
> We have received over 120 of these letters addressed to clients since
> April 2013. Thankfully it’s our address not theirs!
>
>
>
> Is there anyone on the list that works for CloudFlare? It seems this
> company wants to ensure that their server cannot be tracked or have been
> ddosed before. I am trying to find the datacentre that’s hosting the server
> and have the server shutdown. If they are smart they are possibly using a
> US server.
>
>
>
> I wouldn’t mind having their 1300 number terminated as well.
>
>
>
> More information here:
>
>
>
> http://whois.domaintools.com/domainregister.com.au
>
>
> http://www.netregistry.com.au/support/warning-domain-registration-scam-from-domain-register-pty-ltd-april-2013/
>
>
> http://www.netregistry.com.au/support/WARNING-Domain-Registration-scam-from-Domain-Name-Group-Pty-Ltd-July-2010/
>
>
> http://www.auda.org.au/about-auda/our-services/consumer-alerts/unsolicited-letters-from-domain-name-group-pty-ltd-and-domain-register-pty-ltd/
>
>
>
> Contact me for further information
>
>
>
> Regards,
>
>
>
> *Matthew Matters  *Managing Director / CEO of Aus Net Servers Australia
> Pty Ltd
> Management Department  |  Small Business Hosting Sales & Services  |  Aus
> Net Servers Australia Pty Ltd
>
> P  1300 933 038  |  M  0428 028 091  |  E  mmatters at ausnetservers.net.au |
>  W  www.ausnetservers.net.au
>
> ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated
> Hosting Solutions For Small Business Since 2007
>
>
>
>
>
>
>
> [image: LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image:
> Twitter] <http://www.twitter.com/ansaservers>The information transmitted
> in this e-mail is for the exclusive use of the intended addressee and may
> contain confidential and/or privileged material. Any review,
> re-transmission, dissemination or other use of it, or the taking of any
> action in reliance upon this information by persons and/or entities other
> than the intended recipient is prohibited. If you received this in error,
> please inform the sender and/or addressee immediately and delete the
> material. If you have been sent this email and it is not addressed to you
> please forward the email as is to hostmaster at ausnetservers.net.au and
> delete all local and inta-local copies including backups from your system.
> E-mails may not be secure, may contain computer viruses and may be
> corrupted in transmission. Please carefully check this e-mail (and any
> attachment) accordingly. No warranties are given and no liability is
> accepted for any loss or damage caused by such matters. This email has been
> scanned before transmission with business grade antivirus and antispam
> software but as mentioned above no warranties can be given that the email
> has not been contaminated after transmission.
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> [image: LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image:
> Twitter] <http://www.twitter.com/ansaservers>The information transmitted
> in this e-mail is for the exclusive use of the intended addressee and may
> contain confidential and/or privileged material. Any review,
> re-transmission, dissemination or other use of it, or the taking of any
> action in reliance upon this information by persons and/or entities other
> than the intended recipient is prohibited. If you received this in error,
> please inform the sender and/or addressee immediately and delete the
> material. If you have been sent this email and it is not addressed to you
> please forward the email as is to hostmaster at ausnetservers.net.au and
> delete all local and inta-local copies including backups from your system.
> E-mails may not be secure, may contain computer viruses and may be
> corrupted in transmission. Please carefully check this e-mail (and any
> attachment) accordingly. No warranties are given and no liability is
> accepted for any loss or damage caused by such matters. This email has been
> scanned before transmission with business grade antivirus and antispam
> software but as mentioned above no warranties can be given that the email
> has not been contaminated after transmission.
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140701/b743fabd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 6837 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140701/b743fabd/attachment.jpg>


More information about the AusNOG mailing list