CERT Group Inc. scam

CERT Group Inc. Fraud

Don't Bear Internet Fraud

CERT Group Inc. scam screenshot (25-Oct-2009)

CERT Group Inc. scam. This is just the latest of the numerous highly generic Russian scam websites that has been set up to form a front for a money laundering fraud job advertisement. (The identical job was posted by the Calisto Trading Inc., Reynolds Investment, & Simple Investments fraudsters and others). It's a bit slicker than most but at the end of the day its function is to con you into believing that they are a legitimate company when the evidence clearly demonstrates that they are crooks. It's an identical scam to Epayment Solutions, Emarket Solutions Inc., Legal Operations Inc., Secure Operations Inc., Oranta Group Inc., Ketler Group Inc., Profit Financing Inc., Logic Group Inc., Maxi Group Inc., Fair Group, Fartex Group, MGPA Group Inc., Sky Group Inc., Idea Group Inc., Air Group Inc., Ideal Group Inc., Capital Group Inc., Fox Group Inc., Ebusiness Group Inc., Onicks Group Inc., Multi Group Inc. Single Group, DDK Group Inc., DC Group Inc., Key Group Inc., Multiconcept Group Inc., Alliance Group Inc., Prospera Group Inc., MENA Group Inc., Invalda Group Inc. and Cosco Group Inc. frauds among others. This fraud website has been produced in several languages. They may vary the template, but it's the same old fraud and the same old website content. The website carries a clear money mule solicitation, their multiple domains were only registered very recently and all their contact and location details are always bogus. Thanks to the guys at malwareurl.com for the 'heads-up' on this one.

This fraudster should not be confused with any legitimate company of the same or similar name - the above website graphics and the included money laundering job clearly identify the fake website and these fraudsters.

CERT Group Inc. : Evidence of Criminal Fraud

i) CERT Group Inc. claim on their website "The company was set up in 1990 in New York, the USA by three enthusiasts who have financial education", but the criminal's domain cert-groupnet.cn was only registered with 厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (31-Jul-2009) for the 'criminal's domain' minimum period of only one year. A clear indication of a fake domain.

ii) A webcheck shows that CERT Group Inc. are not registered in the NY state business register, clear evidence of a fake company. Check for yourself.

iii) Our Partners: They used a fake Serfreport webpage to display a fake news item also to lend legitimacy to their company.The fake webpage is just a page on the criminal's own server.

iv) Our Partners: They use a fake News.de webpage to display a fake news item also to lend legitimacy to their company.The fake webpage is just a page on the criminal's own server.

v) Our Partners: They used a fake Yahoo finance webpage to lend legitimacy to their company by showing a bogus stock figure for the equally bogus CERT Group Inc. The fake webpage is just a page on the criminal's own server.

vi) Our Partners: They used a fake Businesswire webpage to display a fake news item also to lend legitimacy to their company. The fake webpage is just a page on the criminal's own server.

vii) Our Partners: They use a fake Stockhouse webpage to display a fake news item also to lend legitimacy to their company.The fake webpage is just a page on the criminal's own server.

viii) A Google search for "CERT Group Inc." shows zero web presence for these crooks, (ignoring their own fake multiple websites, of course). Not to be confused with any genuine company of the same name.

ix) This scam is related or identical to the numerous scams listed above - this is a serial fraudster. (Do a Google search for "The company was set up in 1990 in New York, the USA by three enthusiasts who have financial education" for details of some other aliases).

x) Another alias, another set of clearly fake Location Details (copied from their website)

Main Address:
Office Suites
1216 East Fayette Street
Syracuse, NY 13210
USA

Tel: 1-315-876-9846
Fax: 1-315-679-4976

Remember that these crooks are not a registered company in New York state, which pretty well guarantees that the above location details will be bogus.

• - A Google search for the address "1216 East Fayette Street, Syracuse, NY" returns no hits at all.
• - A Google Maps business search for the address "1216 East Fayette Street, Syracuse, NY" also returns no hits for these crooks.
• - A USPS zipcode check on the address "1216 East Fayette Street, Syracuse, NY" returns the message "The address you provided is not recognized by the US Postal Service as an address we serve. Mail sent to this address may be returned." It is clearly a completely fictitious address.
• - There are no Google hits for the telephone number "1-315-876-9846" apart from a scam query and their own fake multiple websites, of course.
• - There are no Google hits for the Fax. number "1-315-679-4976" apart from a scam query and their own fake multiple websites, of course.

xii) Here is the obvious money laundering position of "FINANCIAL AGENT" posted on their website:

FINANCIAL AGENT

This vacancy is valid for American and Australian residents ONLY.
AVAILABLE

Location: Australia, USA
Status: Open
Employee Type: Part-Time Employee

Major operational duties are prompt receiving and processing stockbrokers' payments for their further transfer according to the specified method. Detailed work scheme will be provided upon request.

Requirements:

    * Expert skills in managing payments and transfers between our company and clients
    * Knowledge of basic payment systems
    * Ability to schedule working hours effectively
    * Availability for 3-4 hours a day
    * Advanced PC and Internet skills
    * Minimum 18 y.o.

Payment basis: During the trial period you will be paid USD 2,300 per month. You will also receive 8% commission for each payment received from our client. With current volume of clients, on average, your overall income will amount up to USD 4,000 per month. After the trial period your base salary will be as high as USD 3,000 per month plus 8% commission.

Benefits:

    * Flexible working schedule
    * Possibility to combine this part time job with your primary occupation
    * Free training courses

IMPORTANT INFO:
Our analysts have been observing pronounced economic growth in all the departments of CERT Group Inc during the latest quarter of this year. This became possible due to perfect and well coordinated work of our team! According to statistical data, 98% of CERT Group Inc financial managers being employed for less than three months are completely satisfied with their earnings and would like to improve their professional skills and advance their careers with our Company. The management of CERT Group Inc is striving for strengthening and expanding our corporation to get a hold in the major part of today's financial services market.

Click here to learn more of this vacancy

If you would like to apply for this position and learn more, please email us at job@cert-groupnet.cn. Time spent for consideration of your application can be drastically reduced if you attach your resume to your email.

In other words, just your average ILLEGAL money laundering mule position of accepting STOLEN FUNDS into your bank account that will get your account and your assets frozen, and could earn you a criminal record. Clear evidence of criminal fraud.

xiii) No legitimate company is going to spamvertise among the untrained, inexperienced and uncertified general population for a "FINANCIAL AGENT" acting as a criminal money transfer agent. It clearly defines CERT Group Inc. as a criminal fraud organisation.

xiv) The identical illegal job was posted by the fraudsters other aliases as listed above.

xv) More details of the money mule function as published on the criminal's website:

Financial Manager

Location: USA, statewide
Availability: currently available
Employment type: Part-time employment
Number of employees required: 3

CANDIDATE REQUIREMENTS.

    * not less than 18 years old
    * internet access to reply emails promptly
    * availability by phone (1-2 hours a day)
    * a bank account to process payments
    * good credit history with your bank (new bank account is an option)
    * no criminal offense or convictions
    * experience in the field of finance is preferred

DUTIES

We are searching for people to process payments coming from our clients. CERT Group Inc will provide an agent with detailed instructions as regards payment processing operations including sender full name and amount total for each separate case.

When funds enter employee's bank account, Financial Agent's duty is to withdraw cash and transfer the funds via International Wire Transfer or Western Union/Money Gram money transfer systems. The main advantage of our services is the shortest possible time within which the seller can receive money for the services/goods sold. If this operation is delayed, our clients are entitled to cancel their contract with us and we suffer financial loss. Therefore, successful applicant must be very responsible and careful!

TRIAL PERIOD POLICY

Successful applicants are offered the position on a probationary period basis (1 month). This is the period when a new employee will be trained and receive online support while working and being paid. A personal supervisor can recommend termination during/after the trial period depending on agent's activity. New employee should be responsible and strictly follow supervisor's recommendations to pass the Probationary Period successfully and be employed by us on a regular basis.

SALARY

During the probationary period we offer USD 2,300 monthly salary plus 8% commission for each payment processing operation. For example, an average $5,000 payment will entail $400 commission (but WU/MG fee is paid from this money, please see for more details below). Furthermore, we offer $50 bonus for each transaction completed by 11 a.m. (local time). With the current number of clients, on average, your overall income will amount to up to USD 4,000 per month. A successful agent may ask for additional tasks and earn more. After the probationary period base salary will be as high as USD 3,000 per month plus 8% commission. Base salary ($2,300) will be transferred at the end of each month to employee's bank account. Commission (8%) is to be deducted from the processed money.

IMPORTANT DETAILS

    * Financial Agent is supposed to process received assets during one business day, i.e. from the moment of money entering his bank account to the moment of re-send to our client in accordance with contract terms. If money enters employee's account on a day-off or holiday, all payment processing procedures have to be completed during the next working day.
    * Financial Agent receives invoices for each transaction every 14 days. This document is a confirmation of transaction validity, and in case of any (if any at all) unforeseen circumstances it will evidence your personal non-participation. All invoices will contain detailed information on money sender and will be both sealed and certified with President's signature.
      *After the Probationary Period completion, invoices will be sent every business day.
    * Since business transfers can be processed with delays, Financial Manager should specify each transfer as a private remittance. This provision is also applicable in case of a third party interest in the transfer.
    * Our clients appreciate our operational efficiency and are ready to pay extra fee for shorter transaction terms. If we manage to deliver goods to buyer within 10 days, the deal is considered to be fulfilled at the earliest possible date.
    * All the fees (WU/MG) are paid from employee's commission. HOWEVER, our company undertakes to reimburse part of expenses which are incurred in connection with money transfer (WIRE or by Western Union/Money gram system) should money transfer charges exceed 3%. All in all, your net profit will amount to 5-8% of the total amount of each payment processing operation.
    * We don't ask for any investment to start cooperating with our company.
    * The company offers incentive bonus program based on work results with regard to several factors, i.e. total sum of money transferred, payment processing time, etc.

OUR BENEFITS

Probationary period imposes restrictions on the employment benefits of our corporation. Financial Manager will be able to receive CERT Group Inc employment benefits only after probationary period completion. Employment benefits will include:

    * stock options
    * child-care subsidies
    * flex-time
    * business casual attire
    * free training and professional development programs

*Detailed information concerning the employment benefits will be provided after probationary period successful completion.

Just more clear and irrefutable evidence of the illegal money mule function that these fraudsters are trying to con you into accepting. You will end up with your bank account and all your assets frozen, the loss of a great deal of money and possibly facing criminal charges. Don't be tempted.

xvi) The Spam - see the identical previous Multiconcept Group Inc. fraud and other aliases as listed above for a typical spam from these crooks and other response details.

The above evidence clearly demonstrates beyond any doubt that the CERT Group Inc. website has been set up by money laundering criminal fraudsters purely for the purpose of spamvertising an illegal money laundering 'mule' job. If you are an abuse team that has received an abuse report regarding these fraudsters, please consider immediate termination of their services in view of the absolutely undeniable evidence of criminal fraud - please don't delay - these criminals will not respond to any communication from you, (all their whois data is false), but will simply take advantage of any attempt at communication as a delaying tactic to allow them time to carry on their criminal activity and prepare their next network.

CERT Group Inc. Fraudsters - current hosting details

Main Domains, Hosts and Registrars

Domain

cert-groupnet.cn
certgroupinc.cn
cert-group.cc
cert-groupinc.cc

Registrar

厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (31-Jul-2009)
厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (31-Jul-2009)
BIZCN.COM, INC. (31-Jul-2009)
BIZCN.COM, INC. (31-Jul-2009)

Host Network

CHINA RAILWAY TELECOMMUNICATIONS CENTER
CHINA RAILWAY TELECOMMUNICATIONS CENTER
CHINA RAILWAY TELECOMMUNICATIONS CENTER
CHINA RAILWAY TELECOMMUNICATIONS CENTER

Host IP

222.35.137.235
222.35.137.234
222.35.137.234
222.35.137.235

Multiconcept:
Active
Suspended or Inactive
Parked

Please notify me of any other current domains used by this criminal.

Domain Whois Data:

Domain Name: cert-groupnet.cn
ROID: 20090731s10001s51993250-cn
Domain Status: ok
Registrant Organization: Cehhost, icn.
Registrant Name: MichellGregory
Administrative Email: Gregory.Michell2009@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns2.totallysmiled.cn
Name Server:ns1.reddbutton.cn
Name Server:ns3.totallysmiled.cn
Registration Date: 2009-07-31 21:01
Expiration Date: 2010-07-31 21:01

Domain Name: certgroupinc.cn
ROID: 20090731s10001s51997042-cn
Domain Status: ok
Registrant Organization: Cehhost, icn.
Registrant Name: MichellGregory
Administrative Email: Gregory.Michell2009@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns2.totallysmiled.cn
Name Server:ns1.reddbutton.cn
Name Server:ns3.totallysmiled.cn
Registration Date: 2009-07-31 21:01
Expiration Date: 2010-07-31 21:01

   Domain Name: CERT-GROUPINC.CC
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS2.DUMMYKEATH.CC
   Name Server: NS1.DIAMOND-DREAM.CC
   Name Server: NS3.DUMMYKEATH.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 31-jul-2009
   Creation Date: 31-jul-2009
   Expiration Date: 31-jul-2010

Domain name: cert-groupinc.cc

Registrant Contact:
   Cehhost, icn.
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Administrative Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Technical Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Billing Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

DNS:
ns1.diamond-dream.cc
ns2.dummykeath.cc
ns3.dummykeath.cc

Created: 2009-07-31
Expires: 2010-07-31

   Domain Name: CERT-GROUP.CC
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS2.DUMMYKEATH.CC
   Name Server: NS1.DIAMOND-DREAM.CC
   Name Server: NS3.DUMMYKEATH.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 31-jul-2009
   Creation Date: 31-jul-2009
   Expiration Date: 31-jul-2010

Domain name: cert-group.cc

Registrant Contact:
   Cehhost, icn.
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Administrative Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Technical Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

Billing Contact:
   Gregory Michell Gregory.Michell2009@yahoo.com
   +352-457-575 fax: +352-457-575
   Unit 221-2 Lanz steer, 8 Fleming Road
   Beaverton Baivin 853
   cn

DNS:
ns1.diamond-dream.cc
ns2.dummykeath.cc
ns3.dummykeath.cc

Created: 2009-07-31
Expires: 2010-07-31

   Domain Name: WINDCONTROL.CC
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.WINDCONTROL.CC
   Name Server: NS2.WINDCONTROL.CC
   Name Server: NS3.WINDCONTROL.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 13-jul-2009
   Creation Date: 24-jun-2009
   Expiration Date: 24-jun-2010

Registrant Contact:
   DomainsRef
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Administrative Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Technical Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Billing Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

DNS:
ns1.windcontrol.cc
ns2.windcontrol.cc
ns3.windcontrol.cc

Created: 2009-06-25
Expires: 2010-06-25

Domain Name: totallysmiled.cn
ROID: 20090625s10001s10504439-cn
Domain Status: ok
Registrant Organization: DomainsRef
Registrant Name: MorganGregory
Administrative Email: morgan.greg@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns1.totallysmiled.cn
Name Server:ns2.totallysmiled.cn
Name Server:ns3.totallysmiled.cn
Registration Date: 2009-06-25 08:03
Expiration Date: 2010-06-25 08:03

   Domain Name: full-controll.cc
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.FULL-CONTROLL.CC
   Name Server: NS2.FULL-CONTROLL.CC
   Name Server: NS3.FULL-CONTROLL.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 13-jul-2009
   Creation Date: 24-jun-2009
   Expiration Date: 24-jun-2010

Domain Name: geniouspartner.cn
ROID: 20090625s10001s10505181-cn
Domain Status: ok
Registrant Organization: DomainsRef
Registrant Name: MorganGregory
Administrative Email: morgan.greg@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns1.geniouspartner.cn
Name Server:ns2.geniouspartner.cn
Name Server:ns3.geniouspartner.cn
Registration Date: 2009-06-25 08:03
Expiration Date: 2010-06-25 08:03

Domain Name: theblackend.cn
ROID: 20090625s10001s10502615-cn
Domain Status: ok
Registrant Organization: DomainsRef
Registrant Name: MorganGregory
Administrative Email: morgan.greg@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns1.theblackend.cn
Name Server:ns2.theblackend.cn
Name Server:ns3.theblackend.cn
Registration Date: 2009-06-25 08:02
Expiration Date: 2010-06-25 08:02

Domain Name: reddbutton.cn
ROID: 20090625s10001s10613544-cn
Domain Status: ok
Registrant Organization: DomainsRef
Registrant Name: MorganGregory
Administrative Email: morgan.greg@yahoo.com
Sponsoring Registrar: 厦门东南融通在线科技有限公司
Name Server:ns1.reddbutton.cn
Name Server:ns2.reddbutton.cn
Name Server:ns3.reddbutton.cn
Registration Date: 2009-06-25 08:17
Expiration Date: 2010-06-25 08:17

   Domain Name: DUMMYKEATH.CC
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.DUMMYKEATH.CC
   Name Server: NS2.DUMMYKEATH.CC
   Name Server: NS3.DUMMYKEATH.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 13-jul-2009
   Creation Date: 24-jun-2009
   Expiration Date: 24-jun-2010

Registrant Contact:
   DomainsRef
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Administrative Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Technical Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Billing Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

DNS:
ns1.dummykeath.cc
ns2.dummykeath.cc
ns3.dummykeath.cc

Created: 2009-06-25
Expires: 2010-06-25

   Domain name: diamond-dream.cc
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.DIAMOND-DREAM.CC
   Name Server: NS2.DIAMOND-DREAM.CC
   Name Server: NS3.DIAMOND-DREAM.CC
   Status: CLIENT-XFER-PROHIBITED
   Status: CLIENT-DELETE-PROHIBITED
   Updated Date: 13-jul-2009
   Creation Date: 24-jun-2009
   Expiration Date: 24-jun-2010

Registrant Contact:
   DomainsRef
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Administrative Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Technical Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

Billing Contact:
   Gregory Morgan morgan.greg@yahoo.com
   +1776759091 fax: +1776759091
   73/2 Sun str.
   Dallas TX 6636872
   us

DNS:
ns1.diamond-dream.cc
ns2.diamond-dream.cc
ns3.diamond-dream.cc

Created: 2009-06-25
Expires: 2010-06-25

Criminal Registered Nameserver Domains and Registrars

theblackend.cn - 厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (25-Jun-2009)
totallysmiled.cn - 厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (25-Jun-2009)
diamond-dream.cc - BIZCN.COM, INC. - 24-Jun-2009
full-controll.cc - BIZCN.COM, INC. - 24-Jun-2009
geniouspartner.cn - 厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (25-Jun-2009)
reddbutton.cn - 厦门东南融通在线科技有限公司 (Online Technology Co., Ltd., Xiamen Longtop) (25-Jun-2009)
windcontrol.cc - BIZCN.COM, INC. - 24-Jun-2009
dummykeath.cc - BIZCN.COM, INC. - 24-Jun-2009

DNS Lookup: cert-groupnet.cn A record
Searching for cert-groupnet.cn A record at l.root-servers.net [199.7.83.42]: Got referral to a.dns.cn. (zone: cn.)
Searching for cert-groupnet.cn A record at a.dns.cn. [203.119.25.1]: Got referral to ns1.reddbutton.cn. (zone: cert-groupnet.cn.)
Searching for cert-groupnet.cn A record at ns1.reddbutton.cn. [222.35.137.236]: Reports cert-groupnet.cn.
Response:

Domain	Type	Class	TTL	Answer
cert-groupnet.cn.	A	IN	120	222.35.137.235
cert-groupnet.cn.	NS	IN	120	ns1.reddbutton.cn.
cert-groupnet.cn.	NS	IN	120	ns2.totallysmiled.cn.
cert-groupnet.cn.	NS	IN	120	ns3.totallysmiled.cn.
ns1.reddbutton.cn.	A	IN	172800	222.35.137.236
ns2.totallysmiled.cn.	A	IN	172800	67.215.243.212
ns3.totallysmiled.cn.	A	IN	172800	193.169.12.62

Looking up at the 3 cert-groupnet.cn. parent servers:

Server	Response
ns2.totallysmiled.cn [67.215.243.212]	222.35.137.235
ns3.totallysmiled.cn [193.169.12.62]	222.35.137.235
ns1.reddbutton.cn [222.35.137.236]	222.35.137.235

The host is CHINA RAILWAY TELECOMMUNICATIONS CENTER on IP address 222.35.137.235
The criminal's nameserver host (ns2.totallysmiled.cn [67.215.243.212]) is Secured Private Network of Santa Ana CA
The criminal's nameserver host (ns3.totallysmiled.cn [193.169.12.62]) is TITANNET (Financial company "Titan" LTD) of Belize City, Belize
The criminal's nameserver host (ns1.reddbutton.cn [222.35.137.236]) is CHINA RAILWAY TELECOMMUNICATIONS CENTER

DNS Lookup: certgroupinc.cn A record
Searching for certgroupinc.cn A record at i.root-servers.net [192.36.148.17]: Got referral to A.DNS.cn. (zone: cn.)
Searching for certgroupinc.cn A record at A.DNS.cn. [203.119.25.1]: Got referral to ns2.totallysmiled.cn. (zone: certgroupinc.cn.)
Searching for certgroupinc.cn A record at ns2.totallysmiled.cn. [67.215.243.212]: Reports certgroupinc.cn.
Response:

Domain	Type	Class	TTL	Answer
certgroupinc.cn.	A	IN	120	222.35.137.234
certgroupinc.cn.	NS	IN	120	ns3.totallysmiled.cn.
certgroupinc.cn.	NS	IN	120	ns2.totallysmiled.cn.
certgroupinc.cn.	NS	IN	120	ns1.reddbutton.cn.
ns1.reddbutton.cn.	A	IN	172800	222.35.137.236
ns2.totallysmiled.cn.	A	IN	172800	67.215.243.212
ns3.totallysmiled.cn.	A	IN	172800	193.169.12.62

Looking up at the 3 certgroupinc.cn. parent servers:

Server	Response
ns2.totallysmiled.cn [67.215.243.212]	222.35.137.234
ns3.totallysmiled.cn [193.169.12.62]	222.35.137.234
ns1.reddbutton.cn [222.35.137.236]	222.35.137.234

The host is CHINA RAILWAY TELECOMMUNICATIONS CENTER on IP address 222.35.137.234
The criminal's nameserver host (ns2.totallysmiled.cn [67.215.243.212]) is Secured Private Network of Santa Ana CA
The criminal's nameserver host (ns3.totallysmiled.cn [193.169.12.62]) is TITANNET (Financial company "Titan" LTD) of Belize City, Belize
The criminal's nameserver host (ns1.reddbutton.cn [222.35.137.236]) is CHINA RAILWAY TELECOMMUNICATIONS CENTER

DNS Lookup: cert-group.cc A record
Searching for cert-group.cc A record at a.root-servers.net [198.41.0.4]: Got referral to H5.NSTLD.COM. (zone: cc.)
Searching for cert-group.cc A record at H5.NSTLD.COM. [192.54.112.34]: Got referral to NS2.DUMMYKEATH.cc. (zone: cert-group.cc.)
Searching for cert-group.cc A record at NS2.DUMMYKEATH.cc. [67.215.243.211]: Reports cert-group.cc.
Response:

Domain	Type	Class	TTL	Answer
cert-group.cc.	A	IN	120	222.35.137.234
cert-group.cc.	NS	IN	120	ns2.dummykeath.cc.
cert-group.cc.	NS	IN	120	ns3.dummykeath.cc.
cert-group.cc.	NS	IN	120	ns1.diamond-dream.cc.
ns1.diamond-dream.cc.	A	IN	172800	222.35.137.235
ns2.dummykeath.cc.	A	IN	172800	67.215.243.211
ns3.dummykeath.cc.	A	IN	172800	193.169.12.61

Looking up at the 3 cert-group.cc. parent servers:

Server	Response
ns2.dummykeath.cc [67.215.243.211]	222.35.137.234
ns3.dummykeath.cc [193.169.12.61]	222.35.137.234
ns1.diamond-dream.cc [222.35.137.235]	222.35.137.234

The host is CHINA RAILWAY TELECOMMUNICATIONS CENTER on IP address 222.35.137.234
The criminal's nameserver host (ns2.dummykeath.cc [67.215.243.211]) is Secured Private Network of Santa Ana CA
The criminal's nameserver host (ns3.dummykeath.cc [193.169.12.61]) is TITANNET (Financial company "Titan" LTD) of Belize City, Belize
The criminal's nameserver host (ns1.diamond-dream.cc [222.35.137.235]) is CHINA RAILWAY TELECOMMUNICATIONS CENTER

DNS Lookup: cert-groupinc.cc A record
Searching for cert-groupinc.cc A record at b.root-servers.net [192.228.79.201]: Got referral to A5.NSTLD.COM. (zone: cc.)
Searching for cert-groupinc.cc A record at A5.NSTLD.COM. [192.5.6.34]: Got referral to NS1.DIAMOND-DREAM.cc. (zone: cert-groupinc.cc.)
Searching for cert-groupinc.cc A record at NS1.DIAMOND-DREAM.cc. [222.35.137.235]: Reports cert-groupinc.cc.
Response:

Domain	Type	Class	TTL	Answer
cert-groupinc.cc.	A	IN	120	222.35.137.235
cert-groupinc.cc.	NS	IN	120	ns1.diamond-dream.cc.
cert-groupinc.cc.	NS	IN	120	ns3.dummykeath.cc.
cert-groupinc.cc.	NS	IN	120	ns2.dummykeath.cc.
ns1.diamond-dream.cc.	A	IN	172800	222.35.137.235
ns2.dummykeath.cc.	A	IN	172800	67.215.243.211
ns3.dummykeath.cc.	A	IN	172800	193.169.12.61

Looking up at the 3 cert-groupinc.cc. parent servers:

Server	Response
ns3.dummykeath.cc [193.169.12.61]	222.35.137.235
ns2.dummykeath.cc [67.215.243.211]	222.35.137.235
ns1.diamond-dream.cc [222.35.137.235]	222.35.137.235

The host is CHINA RAILWAY TELECOMMUNICATIONS CENTER on IP address 222.35.137.235
The criminal's nameserver host (ns3.dummykeath.cc [193.169.12.61]) is TITANNET (Financial company "Titan" LTD) of Belize City, Belize
The criminal's nameserver host (ns2.dummykeath.cc [67.215.243.211]) is Secured Private Network of Santa Ana CA
The criminal's nameserver host (ns1.diamond-dream.cc [222.35.137.235]) is CHINA RAILWAY TELECOMMUNICATIONS CENTER

***Latest News*** - Initial entry 25th. October 2009