Just keep going, disregard their attempt at hiding the truth
1 Like
866-260-0025 active
1 Like
Scammers yapping like puppies
2 Likes
thelabelbar.com
cpanel.thelabelbar.com
cpcalendars.thelabelbar.com
cpcontacts.thelabelbar.com
mail.thelabelbar.com
webdisk.thelabelbar.com
webmail.thelabelbar.com
www.thelabelbar.com
2 Likes
you’ll have to wait for some illegal content on the website, but i think it’s hosted on www.bigrock.com hosting, who in turn rent server space from Amazon
bitch at: [email protected]
if no action escalate to Amazon
2 Likes
i’ll have a deep look into it and report back on my findings
2 Likes
I can’t find any connections to Bigrock and SNVA. But you are right they do Amazon too. Can you make a chart with all the information I gathered as well? Update found the bigrock connection
1 Like
Sounds good happy huntings
I missed information on thelabelbar website nice find
Found thelabelbar number: 9555151333
One more I forgot to post which is my bad which was to link @Chronus posted about Flycoair which as we all know is apart of SNVA: FlycoAir.com Travel Scam
1 Like
Some basic info, nothing special
server IP: 65.0.113.20 (ec2-65-0-113-20.ap-south-1.compute.amazonaws.com)
Domain Provider: bigrock.com
Front-end Framework: Bootstrap
Server provider: AWS (Amazon.com)
Whois - Domain
Domain Name: THELABELBAR.COM
Registry Domain ID: 1948826647_DOMAIN_COM-VRSN
Registrar WHOIS Server: Whois.bigrock.com
Registrar URL: http://www.bigrock.com
Updated Date: 2021-06-24T02:06:36Z
Creation Date: 2015-07-24T09:32:55Z
Registry Expiry Date: 2022-07-24T09:32:55Z
Registrar: BigRock Solutions Ltd
Registrar IANA ID: 1495
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.832-295-1535
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: NS1.FIRST-NS.DE
Name Server: ROBOTNS2.SECOND-NS.DE
Name Server: ROBOTNS3.SECOND-NS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2021-09-17T15:45:55Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
Domain Name: THELABELBAR.COM
Registry Domain ID: 1948826647_DOMAIN_COM-VRSN
Registrar WHOIS Server: Whois.bigrock.com
Registrar URL: www.bigrock.com
Updated Date: 2021-06-24T02:06:38Z
Creation Date: 2015-07-24T09:32:55Z
Registrar Registration Expiration Date: 2022-07-24T09:32:55Z
Registrar: BigRock Solutions Ltd.
Registrar IANA ID: 1495
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Pamela Narang
Registrant Organization: W2C LLC
Registrant Street: 232 Old Connecticut Path, Wayland, MA, 01778-3149 USA
Registrant City: Wayland
Registrant State/Province: Massachusetts
Registrant Postal Code: 01778
Registrant Country: US
Registrant Phone: +1.8445284481
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]
Registry Admin ID: Not Available From Registry
Admin Name: Pamela Narang
Admin Organization: W2C LLC
Admin Street: 232 Old Connecticut Path, Wayland, MA, 01778-3149 USA
Admin City: Wayland
Admin State/Province: Massachusetts
Admin Postal Code: 01778
Admin Country: US
Admin Phone: +1.8445284481
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: [email protected]
Registry Tech ID: Not Available From Registry
Tech Name: Pamela Narang
Tech Organization: W2C LLC
Tech Street: 232 Old Connecticut Path, Wayland, MA, 01778-3149 USA
Tech City: Wayland
Tech State/Province: Massachusetts
Tech Postal Code: 01778
Tech Country: US
Tech Phone: +1.8445284481
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: [email protected]
Name Server: ns1.first-ns.de
Name Server: robotns2.second-ns.de
Name Server: robotns3.second-ns.com
DNSSEC: Unsigned
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1-415-349-0015
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2021-09-17T15:46:09Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
Registration Service Provided By: BIGROCK
Whois - IP
NetRange: 65.0.0.0 - 65.3.255.255
CIDR: 65.0.0.0/14
NetName: AMAZO-4
NetHandle: NET-65-0-0-0-1
Parent: NET65 (NET-65-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon.com, Inc. (AMAZO-4)
RegDate: 2018-09-18
Updated: 2018-09-18
Ref: https://rdap.arin.net/registry/ip/65.0.0.0
OrgName: Amazon.com, Inc.
OrgId: AMAZO-4
Address: Amazon Web Services, Inc.
Address: P.O. Box 81226
City: Seattle
StateProv: WA
PostalCode: 98108-1226
Country: US
RegDate: 2005-09-29
Updated: 2021-07-22
Comment: For details of this service please see
Comment: http://ec2.amazonaws.com
Ref: https://rdap.arin.net/registry/entity/AMAZO-4
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: [email protected]
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: [email protected]
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: [email protected]
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
# end
# start
NetRange: 65.0.0.0 - 65.3.255.255
CIDR: 65.0.0.0/14
NetName: AMAZON-BOM
NetHandle: NET-65-0-0-0-2
Parent: AMAZO-4 (NET-65-0-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services India (ADSI-6)
RegDate: 2020-04-28
Updated: 2020-04-28
Ref: https://rdap.arin.net/registry/ip/65.0.0.0
OrgName: Amazon Data Services India
OrgId: ADSI-6
Address: L&T Business Park, Gate No.5, Tower A
Address: Ground Floor, Sakivihar Road, Pawai
City: Mumbai
StateProv: MAHARASHTRA
PostalCode: 400072
Country: IN
RegDate: 2016-08-05
Updated: 2019-08-02
Ref: https://rdap.arin.net/registry/entity/ADSI-6
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: [email protected]
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
DNS
Host's addresses:
__________________
thelabelbar.com. 86138 IN A 65.0.113.20
Name Servers:
______________
ns1.first-ns.de. 521 IN A 213.239.242.238
robotns2.second-ns.de. 86321 IN A 213.133.105.6
robotns3.second-ns.com. 7121 IN A 193.47.99.3
Mail (MX) Servers:
___________________
aspmx.l.google.com. 214 IN A 142.250.110.26
alt1.aspmx.l.google.com. 214 IN A 142.251.9.26
alt2.aspmx.l.google.com. 214 IN A 142.250.150.26
alt3.aspmx.l.google.com. 214 IN A 74.125.200.26
alt4.aspmx.l.google.com. 214 IN A 142.250.157.26
Trying Zone Transfers and getting Bind Versions:
_________________________________________________
Trying Zone Transfer for thelabelbar.com on ns1.first-ns.de ...
AXFR record query failed: REFUSED
Trying Zone Transfer for thelabelbar.com on robotns2.second-ns.de ...
AXFR record query failed: REFUSED
Trying Zone Transfer for thelabelbar.com on robotns3.second-ns.com ...
AXFR record query failed: REFUSED
Brute force
_______________________________________________
admin.thelabelbar.com. 86400 IN A 65.0.113.20
test.thelabelbar.com. 300 IN A 65.0.113.20
www.thelabelbar.com. 86400 IN A 65.0.113.20
thelabelbar.com class C netranges:
___________________________________
65.0.113.0/24
Server info
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey:
| 2048 1f:23:4c:81:7e:ca:59:a4:8c:c5:3e:51:1a:f7:81:ae (RSA)
| 256 b7:07:6e:07:62:b4:fa:93:f5:03:96:b3:a2:aa:1d:1c (ECDSA)
|_ 256 8d:77:c0:f6:42:84:88:7c:fc:ff:3d:9e:84:42:2a:22 (ED25519)
80/tcp open http Apache Tomcat 8.5.57
|_http-favicon: Unknown favicon MD5: 7D4140C76BF7648531683BFA4F7F8C22
| http-methods:
|_ Supported Methods: OPTIONS GET HEAD POST
|_http-title: Coming Soon 2
443/tcp open ssl/https
|_http-title: Site doesn't have a title (text/plain;charset=UTF-8).
| ssl-cert: Subject: commonName=www.thelabelbar.com
| Subject Alternative Name: DNS:www.thelabelbar.com, DNS:thelabelbar.com
| Issuer: commonName=GoGetSSL RSA DV CA/organizationName=GoGetSSL/countryName=LV
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2020-10-19T00:00:00
| Not valid after: 2021-10-19T23:59:59
| MD5: cb9c 5f05 1abd b2df 6642 9f25 2e7c 8152
|_SHA-1: a2f3 157e a402 2f8d 9f2c 5189 e1fb 7aac 9bc4 17c8
|_ssl-date: 2021-09-17T16:11:43+00:00; 0s from scanner time.
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Linux 3.X (88%)
OS CPE: cpe:/o:linux:linux_kernel:3
Aggressive OS guesses: Linux 3.10 - 3.13 (88%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 14.897 days (since Thu Sep 2 14:40:26 2021)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=254 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 443/tcp)
HOP RTT ADDRESS
1 13.94 ms ec2-65-0-113-20.ap-south-1.compute.amazonaws.com (65.0.113.20)
Just basic info
1 Like
Hopefully you find more information about SNVA that I missed.
1 Like
i have a maltego “graph” at the moment (if you happen to have that installed i
super awkward to export graphically, the one ^ was a cropped screenshot.
those german name servers are common to at least thelabelbar and icasr domains
1 Like
Found a new HR name and number: Janvi Vij and the number is: 7290063345
1 Like
They use Microsoft solutions, Amadeus, and Java J2EE for their websites next phones and computers.
1 Like
Found another link: https://snva-ventures-private-limited.business.site/
Some more phone numbers: 096549 99205 078348 11199
078349 63322
092891 31406