Scam Number: +1-844-721-2068
Domain Used: C00d0e000Er0
Extra Info: From a porn site ad that pops up when you click on something, here’s a urlscan of the popup perfectwebserver.xyz - urlscan.io.
Scam Number: +1-844-721-2068
Whois of domain with the popup has interesting info
Domain Name: PERFECTWEBSERVER.XYZ Registry Domain ID: Not Available From Registry Registrar WHOIS Server: whois.publicdomainregistry.com Registrar URL: www.publicdomainregistry.com Updated Date: 2022-06-17T10:44:27Z Creation Date: 2022-06-17T10:38:39Z Registrar Registration Expiration Date: 2023-06-17T23:59:59Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registry Registrant ID: Not Available From Registry Registrant Name: lyla2 kiehn1 Registrant Organization: Registrant Street: naka faizabad Registrant City: faizabad Registrant State/Province: Uttar Pradesh Registrant Postal Code: 224001 Registrant Country: IN Registrant Phone: +91.8790128765 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: Registry Admin ID: Not Available From Registry Admin Name: lyla2 kiehn1 Admin Organization: Admin Street: naka faizabad Admin City: faizabad Admin State/Province: Uttar Pradesh Admin Postal Code: 224001 Admin Country: IN Admin Phone: +91.8790128765 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: Registry Tech ID: Not Available From Registry Tech Name: lyla2 kiehn1 Tech Organization: Tech Street: naka faizabad Tech City: faizabad Tech State/Province: Uttar Pradesh Tech Postal Code: 224001 Tech Country: IN Tech Phone: +91.8790128765 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: Name Server: ns1.perfectwebserver.xyz Name Server: ns2.perfectwebserver.xyz DNSSEC: Unsigned Registrar Abuse Contact Email: Registrar Abuse Contact Phone: +1.2013775952 URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2022-06-17T13:53:33Z <<< For more information on Whois status codes, please visit https://icann.org/epp Registration Service Provided By: BIGROCK The data in this whois database is provided to you for information purposes only, that is, to assist you in obtaining information about or related to a domain name registration record. We make this information available "as is", and do not guarantee its accuracy. By submitting a whois query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) enable high volume, automated, electronic processes that stress or load this whois database system providing you this information; or (2) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone. The compilation, repackaging, dissemination or other use of this data is expressly prohibited without prior written consent from us. The Registrar of record is PDR Ltd. d/b/a PublicDomainRegistry.com. We reserve the right to modify these terms at any time. By submitting this query, you agree to abide by these terms.
Some or all of it may be incorrect, this is the email in the whois
How did you find these other domains? Was it finding popups like normal or through some other way
This is the full list of sites they created today, all of them are hosted on the same IP on digitalocean [220.127.116.11]
VirusTotal - Ip address - 18.104.22.168
Latest popup at C00d0e000Er0 from the other redirect at https://webzonehub.xyz/ changes number to +1-844-721-2235. Here’s a urlscan of the popup https://urlscan.io/result/7b5b5c6b-8068-4623-b433-5e4dea2b646c/.
Takedown issued for consultationzone.xyz and perfectwebserver.xyz
Yeah, netcraft is way better at takedowns than having to manually report to the hosting provider
Takedown from netcraft: https://incident.netcraft.com/f9bfde77b9e8/
New redirect: gethubcrative.xyz
Latest Popup at C00d0e000Er0
Changes number to 844-721-2068