Based on the recent comment posted below, it is compelling to provide some perspectives as to how we dotted the lines to Cyberbunker.com.
To begin with, the website http://potentialpredators.com caught our attention and we begun an investigative online monitoring and reporting of site.
http://scamfraudalert.org/2012/09/20/whois-potential-predators-www-potentialpredators-com/
The site operators immediately engaged in a series of scam tactics including name changes
http://PredatorsWatch.com The Leading Predators Watch Site on the Net and movement of sites to various hosts.
Below are some of the sites erected to discredit scamFRAUDalert and detract online vistors.
- https://www.youtube.com/watch?v=qUvqoM9ZDTY
- Better Business Bureau – Disconnected Phone number: A 866 number SFA perviously owned and had disconnected:
- A site we are suspicious of is the DatingJudge.com
- Isiah Factor – FOX NEWS REPORTER
Cyberbunker ended up hosting site. Based on researched work we done online, we had knowledge of cyberbunker operations. This web host provide a SAFE HAVEN FOR CYBERCRIMINALS.
This is a very powerful and dangerous group of individuals and in our opinion, they should not be taken lightly.
AS34109
AS51787
CB3ROB LTD.
CB3ROB LTD. & Co. KG
CyberBunker and affiliates
Address lookup
lookup failed http://www.cb3rob.net
Could not find an IP address for this domain name.
Domain Whois record
Queried whois.internic.net with “dom cb3rob.net”…
Domain Name: CB3ROB.NET
Registrar: CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Name Server: NS1.CB3ROB.NET
Name Server: NS2.CB3ROB.NET
Status: clientHold
Updated Date: 21-mar-2013
Creation Date: 04-jan-1999
Expiration Date: 04-jan-2016
Last update of whois database: Fri, 07 Mar 2014 15:27:56 UTC
Queried whois.joker.com with “cb3rob.net”…
Domain Name: cb3rob.net
Registry Domain ID: 5161181_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.joker.com
Registrar URL: http://joker.com/
Updated Date: 2013-03-21T08:35:20Z
Creation Date: 1999-01-04T00:00:00Z
Registrar Registration Expiration Date: 2016-01-04T05:00:00Z
Registrar: CSL Computer Service Langenbach GmbH d/b/a joker.com
Registrar IANA ID: 113
Registrar Abuse Contact Email: abuse@joker.com
Registrar Abuse Contact Phone: +49.21186767447
Domain Status: clientHold
Registry Registrant ID: CNET-584239
Registrant Name: CB3ROB Hostmaster
Registrant Organization: CB3ROB Ltd. & Co. KG
Registrant Street: Koloniestrasse 34
Registrant City: BERLIN
Registrant Postal Code: D-13359
Registrant Country: DE
Registrant Phone: +31.878747479
Registrant Email: hostmaster@cb3rob.net
Registry Admin ID: CNET-73324
Admin Name: CB3ROB Hostmaster
Admin Organization: CB3ROB Ltd. & Co. KG
Admin Street: Koloniestrasse 34
Admin City: BERLIN
Admin Postal Code: D-13359
Admin Country: DE
Admin Phone: +31.878747479
Admin Email: hostmaster@cb3rob.net
Registry Tech ID: CNET-73324
Tech Name: CB3ROB Hostmaster
Tech Organization: CB3ROB Ltd. & Co. KG
Tech Street: Koloniestrasse 34
Tech City: BERLIN
Tech Postal Code: D-13359
Tech Country: DE
Tech Phone: +31.878747479
Tech Email: hostmaster@cb3rob.net
Name Server: ns1.cb3rob.net 84.22.96.10 2a02:880:0:a::1337
Name Server: ns2.cb3rob.net 84.22.97.10 2a02:880:0:b::1337
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2014-03-07T15:28:29Z <<<
Query Time: 0.012433
Query Source: 64.79.168.170
WHOIS Source: joker.com live whois service
Related Article:
scamFRAUDalert™ Report 
On Saturday, 25 August 2012 12:08 -0700,
in article W7WdnXbhZMEDv6TNnZ2dnUVZ_sKXn…@earthlink.com
Thane <m…@ix.netcom.com> wrote:
David Ritz wrote:
On Saturday, 25 August 2012 11:14 -0700, in article
MPG.2aa28ff0cedf7195989…@news.aioe.org
Jessica m…@privacy.net
wrote:
The Payload site in the spam is http://pharmacymedicinegroup.com which resolves to 84.22.127.43
WHOIS tells me less than nothing and traceroute times out yet the
page still manages to display itself. Anyone know who is hosting
these criminals today?
CB3ROB-CYBERBUNKER, known for spammer & cybercriminal hosting:
Already blacklisted URIBL and others.
pharmacymedicinegroup.com.dbl.spamhaus.org descriptive text
“http://www.spamhaus.org/query/dbl?domain=pharmacymedicinegroup.com”
pharmacymedicinegroup.com.multi.uribl.com descriptive text
“Blacklisted, see
http://lookup.uribl.com/?domain=pharmacymedicinegroup.com”
pharmacymedicinegroup.com.multi.surbl.org descriptive text “Blocked,
pharmacymedicinegroup.com on lists [jp][ws], See:
http://www.surbl.org/lists.html”
– —
David Ritz <dr…@mindspring.com>
Be kind to animals; kiss a shark.
Information related to ‘84.22.96.0 – 84.22.127.255’
inetnum: 84.22.96.0 – 84.22.127.255
netname: NL-CB3ROB-20040921
descr: CB3ROB Ltd. & Co. KG
country: DE
org: ORG-CA76-RIPE
admin-c: CBRC1-RIPE
tech-c: CBRC1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MNT-CB3ROB
mnt-domains: MNT-CB3ROB
mnt-routes: MNT-CB3ROB
source: RIPE # Filtered
organisation: ORG-CA76-RIPE
org-name: CB3ROB Ltd. & Co. KG
org-type: LIR
address: CB3ROB Ltd. & Co. KG
Hostmaster
Koloniestrasse 34
D-13359 BERLIN
GERMANY
phone: +31878747479
fax-no: +31878747479
admin-c: CBRC1-RIPE
admin-c: CBAB1-RIPE
admin-c: ZYXE1-RIPE
admin-c: CBSK1-RIPE
admin-c: CBYT1-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MNT-CB3ROB
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
role: CB3ROB Hostmaster
address: CB3ROB Ltd. & Co. KG
address: Koloniestrasse 34
address: D-13359
address: BERLIN
address: Germany
mnt-by: MNT-CB3ROB
phone: +31 87 8747479
admin-c: CBRC1-RIPE
tech-c: CBRC1-RIPE
nic-hdl: CBRC1-RIPE
source: RIPE # Filtered
% Information related to ‘84.22.96.0/19AS34109’
route: 84.22.96.0/19
descr: R84-22-96-0
origin: AS34109
mnt-by: MNT-CB3ROB
source: RIPE # Filtered
Address lookup
lookup failed cb3rob.net
Could not find an IP address for this domain name.
Domain Whois record
Queried whois.internic.net with “dom cb3rob.net”…
Domain Name: CB3ROB.NET
Registrar: CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Name Server: NS1.CB3ROB.NET
Name Server: NS2.CB3ROB.NET
Status: clientHold
Updated Date: 21-mar-2013
Creation Date: 04-jan-1999
Expiration Date: 04-jan-2016
Last update of whois database: Sat, 03 Jan 2015 22:52:12 GMT
Queried whois.joker.com with “cb3rob.net”…
Domain Name: cb3rob.net
Registry Domain ID: 5161181_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.joker.com
Registrar URL: http://joker.com/
Updated Date: 2013-03-21T08:35:20Z
Creation Date: 1999-01-04T00:00:00Z
Registrar Registration Expiration Date: 2016-01-04T05:00:00Z
Registrar: CSL Computer Service Langenbach GmbH d/b/a joker.com
Registrar IANA ID: 113
Registrar Abuse Contact Email: abuse@joker.com
Registrar Abuse Contact Phone: +49.21186767447
Domain Status: clientHold
Registry Registrant ID:
Registrant Name: CB3ROB Hostmaster
Registrant Organization: CB3ROB Ltd. & Co. KG
Registrant Street: Koloniestrasse 34
Registrant City: BERLIN
Registrant Postal Code: D-13359
Registrant Country: DE
Registrant Phone: +31.878747479
Registrant Email: hostmaster@cb3rob.net
Registry Admin ID:
Admin Name: CB3ROB Hostmaster
Admin Organization: CB3ROB Ltd. & Co. KG
Admin Street: Koloniestrasse 34
Admin City: BERLIN
Admin Postal Code: D-13359
Admin Country: DE
Admin Phone: +31.878747479
Admin Email: hostmaster@cb3rob.net
Registry Tech ID:
Tech Name: CB3ROB Hostmaster
Tech Organization: CB3ROB Ltd. & Co. KG
Tech Street: Koloniestrasse 34
Tech City: BERLIN
Tech Postal Code: D-13359
Tech Country: DE
Tech Phone: +31.878747479
Tech Email: hostmaster@cb3rob.net
Name Server: ns1.cb3rob.net 84.22.96.10 2a02:880:0:a::1337
Name Server: ns2.cb3rob.net 84.22.97.10 2a02:880:0:b::1337
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2015-01-03T22:52:18Z <<<
Query Time: 0.138184
Query Source: 63.134.201.222
WHOIS Source: joker.com live whois service
Be extremely caution, there are a bunch of scammers that control huge amount of domains that are vitally dangerous. I personally met them accidentally and then all started to happen with me. If someone is really too much affected with them and has legal evidence, please get in touch with me on osdc@outlook.com.
Address lookup
canonical name predatorswatch.com.
aliases
addresses 176.74.176.178
Domain Whois record
Queried whois.internic.net with “dom predatorswatch.com”…
Domain Name: PREDATORSWATCH.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: BUY.INTERNETTRAFFIC.COM
Name Server: SELL.INTERNETTRAFFIC.COM
Status: clientTransferProhibited
Updated Date: 12-feb-2014
Creation Date: 09-nov-2012
Expiration Date: 09-nov-2014
Last update of whois database: Fri, 07 Mar 2014 15:45:25 UTC
Queried whois.enom.com with “predatorswatch.com”…
Domain Name: PREDATORSWATCH.COM
Registry Domain ID: 1758177351_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2014-02-24 17:34:21Z
Creation Date: 2012-11-09 14:23:33Z
Registrar Registration Expiration Date: 2014-11-09 14:23:33Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Registrar Abuse Contact Email: abuse@enom.com
Registrar Abuse Contact Phone: +1.425-274-4500
Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOIS AGENT
Registrant Organization: WHOIS PRIVACY PROTECTION SERVICE, INC.
Registrant Street: PO BOX 639
Registrant Street: C/O PREDATORSWATCH.COM
Registrant City: KIRKLAND
Registrant State/Province: WA
Registrant Postal Code: 98083
Registrant Country: US
Registrant Phone: +1.4252740657
Registrant Phone Ext:
Registrant Fax: +1.4259744730
Registrant Fax Ext:
Registrant Email: DGKXBLWHLB@WHOISPRIVACYPROTECT.COM
Registry Admin ID:
Admin Name: WHOIS AGENT
Admin Organization: WHOIS PRIVACY PROTECTION SERVICE, INC.
Admin Street: PO BOX 639
Admin Street: C/O PREDATORSWATCH.COM
Admin City: KIRKLAND
Admin State/Province: WA
Admin Postal Code: 98083
Admin Country: US
Admin Phone: +1.4252740657
Admin Phone Ext:
Admin Fax: +1.4259744730
Admin Fax Ext:
Admin Email: DGKXBLWHLB@WHOISPRIVACYPROTECT.COM
Registry Tech ID:
Tech Name: WHOIS AGENT
Tech Organization: WHOIS PRIVACY PROTECTION SERVICE, INC.
Tech Street: PO BOX 639
Tech Street: C/O PREDATORSWATCH.COM
Tech City: KIRKLAND
Tech State/Province: WA
Tech Postal Code: 98083
Tech Country: US
Tech Phone: +1.4252740657
Tech Phone Ext:
Tech Fax: +1.4259744730
Tech Fax Ext:
Tech Email: DGKXBLWHLB@WHOISPRIVACYPROTECT.COM
Name Server: BUY.INTERNETTRAFFIC.COM
Name Server: SELL.INTERNETTRAFFIC.COM
DNSSEC: unSigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Last update of WHOIS database: 2014-02-24 17:34:21Z
Network Whois record
Queried whois.ripe.net with “-B 176.74.176.178″…
% Information related to ‘176.74.176.160 – 176.74.176.191’
% Abuse contact for ‘176.74.176.160 – 176.74.176.191’ is ‘abuse@peer1.com’
inetnum: 176.74.176.160 – 176.74.176.191
netname: SchillingAviation
descr: Schilling Aviation
country: GB
org: ORG-PNEL1-RIPE
admin-c: NOC116-RIPE
tech-c: NOC116-RIPE
status: ASSIGNED PA
mnt-domains: PNE-NETADMIN-MNT
mnt-by: PNE-NETADMIN-MNT
source: RIPE
changed: net-admin@peer1.net 20120514
organisation: ORG-PNEL1-RIPE
org-name: Peer 1 Network Enterprises Limited
org-type: LIR
address: Peer 1 Network Inc. 1000-555 West Hastings Street V6B 4N5 Vancouver Canada
phone: +16046837747
fax-no: +16046834634
e-mail: support@peer1.com
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: PNE-NETADMIN-MNT
mnt-by: RIPE-NCC-HM-MNT
changed: hostmaster@ripe.net 20090408
changed: bitbucket@ripe.net 20090409
changed: bitbucket@ripe.net 20090409
changed: bitbucket@ripe.net 20090415
changed: bitbucket@ripe.net 20091012
changed: bitbucket@ripe.net 20091214
changed: bitbucket@ripe.net 20100222
changed: bitbucket@ripe.net 20100817
changed: bitbucket@ripe.net 20100906
changed: bitbucket@ripe.net 20100908
changed: bitbucket@ripe.net 20100929
changed: bitbucket@ripe.net 20110209
changed: bitbucket@ripe.net 20110503
changed: bitbucket@ripe.net 20110504
changed: bitbucket@ripe.net 20110504
changed: bitbucket@ripe.net 20110512
changed: bitbucket@ripe.net 20110513
changed: bitbucket@ripe.net 20110519
changed: bitbucket@ripe.net 20110524
changed: bitbucket@ripe.net 20120427
changed: bitbucket@ripe.net 20120516
changed: bitbucket@ripe.net 20120516
changed: bitbucket@ripe.net 20120522
changed: bitbucket@ripe.net 20120627
changed: bit-bucket@ripe.net 20130405
changed: bit-bucket@ripe.net 20130405
abuse-c: PE1
source: RIPE
person: Peer 1 Support
address: Suite 1000 – 555 West Hastings St.
address: Vancouver
address: British Columbia
address: Canada
phone: +6044842588
e-mail: support@peer1.com
nic-hdl: NOC116-RIPE
mnt-by: PNE-NETADMIN-MNT
source: RIPE
changed: lenticknap@peer1.com 20130405
% This query was served by the RIPE Database Query Service version 1.71 (WHOIS1)
DNS records
DNS query for 178.176.74.176.in-addr.arpa returned an error from the server: NameError
name class type data time to live
predatorswatch.com IN A 176.74.176.178 300s (00:05:00)
predatorswatch.com IN NS buy.internettraffic.com 86400s (1.00:00:00)
predatorswatch.com IN NS sell.internettraffic.com 86400s (1.00:00:00)
— end —