Вы находитесь на странице: 1из 13

THE SOFMEN AND NERD PILOTS BOT, EXPLOIT, TROJAN AND EXPLOIT PACKAGE DELIVERY NETWORK

FOR “RISE UP” TERRORIST ORGANISATION: THIS IS VERSION ONE WAITING BUILDING FURTHER DATA
FOR RECORD!

BY DALE JAKE CORNER

CORNER COMPUTING SOLUTIONS

206 853 5207

Observe the interconnection between these two companies. They both share and are located on
exploited servers known for credit card fraud and many other international crimes, included being
connected with the “RISE UP” terrorist organization as named by a complaint filed by an unknown
individual.

The entire trail starts at, that’s right, craigslist.

NOTE: Totals of Ip addresses, addresses and emails associated with this are listed at the bottom.

Company A: Sofmen.com

CLIST AD LINK: https://seattle.craigslist.org/see/cps/d/we-build-business-apps-


ios/6706075636.html
CLIST RELAY EMAIL: pcb9w-6706075636@serv.craigslist.org
SCREEN CAPTURES:
https://ibb.co/bYbOMp
https://ibb.co/fOKzu9
EXTRA DATA ON SUBJECT:
"Joel and Skye"
(206) 202-3045
Sofmen.com
66.160.128.173
Registrant Name: Anuj Khandelwal
Registrant Organization: Sofmen Inc
Registrant Street: 19413 Kerwin Ranch Ct
Registrant City: Saratoga
Registrant State/Province:
Registrant Postal Code: 95070
Registrant Country: US
Registrant Phone: +1.6508883316
Registrant Fax: +1.6502402240
Registrant Email: anuj.khandelwal@sofmen.com

Company B: Nerdpilots.com
CLIST AD LINK: https://seattle.craigslist.org/see/cps/d/nerdpilots-24-7-web-
design/6699950158.html
CLIST RELAY EMAIL: q2xhz-6699950158@serv.craigslist.org
SCREEN CAPS: https://ibb.co/mjLT7K
EXTRA DATA ON SUBJECT:
www.nerdpilots.com
204.197.243.116
Registrant Name: kevin Pereira
Registrant Organization:
Registrant Street: sacred heart villa , near adarsh hospital
Registrant Street: ambedkar road, koppa
Registrant City: Koppa
Registrant State/Province: Karnataka
Registrant Postal Code: 577126
Registrant Country: IN
Registrant Phone: +91.9480473233
Registrant Email: kevinpereira1234512@gmail.com
Location address:
6325 N WALL ST
SPOKANE WA 99208-4144 USA
Mailing address:
8821 E VALLEYWAY AVE
SPOKANE VALLEY WA 99212-2856 USA

<COMPANY A DATA AND EVIDENCE START>


SOFMEN AND ANUJ HERE ARE ON THE SAME SERVER AS PART OF THE BOT NET

sofmen.com
66.160.128.173
Registrant Name: Anuj Khandelwal
Registrant Organization: Sofmen Inc
Registrant Street: 19413 Kerwin Ranch Ct
Registrant City: Saratoga
Registrant State/Province:
Registrant Postal Code: 95070
Registrant Country: US
Registrant Phone: +1.6508883316
Registrant Phone Ext:
Registrant Fax: +1.6502402240
Registrant Fax Ext:
Registrant Email: anuj.khandelwal@sofmen.com
anujs2cents.com 2018-01-10 AUTOMATTIC INC.
192.0.78.24 <- kevin Pereira also located here
https://www.virustotal.com/#/ip-address/192.0.78.24
https://www.abuseipdb.com/check/192.0.78.24
192.0.78.25 <- kevin Pereira also located here
https://www.virustotal.com/#/ip-address/192.0.78.25
https://www.abuseipdb.com/check/192.0.78.25

Anuj Khandelwal
There are 23 domains that matched this search query.
These are listed below:
Domain Name Creation Date Registrar
anujkhandelwal.com 2016-09-13 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
DOWN
anujs2cents.com 2018-01-10 AUTOMATTIC INC.
See top of report
b2bparadise.com 2003-03-18 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
162.210.70.23
https://www.abuseipdb.com/check/162.210.70.23
SAME OWNER AS TOP OF REPORT UNDER SOFMEN.COM

behomeindia.com 2014-12-29 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


DOWN

behomeindia.in 2014-12-29 ENDURANCE DOMAINS TECHNOLOGY LLP (R173-AFIN)


DOWN

calyxwellness.com 2015-01-30 BIGROCK SOLUTIONS LIMITED


IP IS CURRENTLY DOWN take a look below
Registrant Name: Anuj Khandelwal
Registrant Organization: Calyx Analyticals
Registrant Street: 603 kumar surabhi nr laxminarayan theatre satara road
Registrant City: PUNE
Registrant State/Province: Maharashtra
Registrant Postal Code: 411009
Registrant Country: IN
Registrant Phone: +91.2024422424
Registrant Email: anujkk@hotmail.com

charliesleather.com 2004-02-09 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


66.160.128.162
Registrant Name: Anuj Khandelwal
Registrant Organization: Sofmen Inc
Registrant Street: 19413 Kerwin Ranch Ct
Registrant City: Saratoga
Registrant State/Province:
Registrant Postal Code: 95070
Registrant Country: US
Registrant Phone: +1.6508883316
Registrant Fax: +1.6502402240
Registrant Email: anuj.khandelwal@sofmen.com

cisolutionsindia.com 2015-09-07 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


192.155.96.238
Registrant Name: Anuj Khandelwal
Registrant Organization: C&I solutions
Registrant Street: 28 Tara Nagar First Khatipura Road Jhotwara
Registrant City: Jaipur
Registrant State/Province: Rajasthan
Registrant Postal Code: 302012
Registrant Country: IN
Registrant Phone: +91.9784088800
Registrant Email: aj.khandelwal21@gmail.com

foamparty.in 2017-03-16 GODADDY.COM, LLC (R101-AFIN)


46.105.241.193
Registrant Name: ANUJ KHANDELWAL
Registrant Organization: FOAM PARTY IN INDIA
Registrant Street: B-6 , SHREE MANSION
Registrant Street: C SCHEME
Registrant City: JAIPUR
Registrant State/Province: Rajasthan
Registrant Postal Code: 302001
Registrant Country: IN
Registrant Phone: +91.9314502006
Registrant Fax: +91.9799979000
Registrant Email: info@foampartyinindia.com

foampartyindia.com 2017-03-16 GODADDY.COM, LLC


46.105.241.193
SAME AS ABOVE WHOIS DATA
foampartyindia.in 2017-03-16 GODADDY.COM, LLC (R101-AFIN)
184.168.131.241
SAME AS ABOVE WHOIS DATA
foampartyinindia.in 2017-03-16 GODADDY.COM, LLC (R101-AFIN)
184.168.131.241
SAME AS ABOVE WHOIS DATA
homeshopo.com 2016-01-24 GODADDY.COM, LLC
IP IS CURRENTLY DOWN
indianastro.co.uk 2017-01-02 GODADDY.COM, LLP. [TAG = GODADDY]
IP IS CURRENTLY DOWN
ktplgwl.com 2016-03-18 GODADDY.COM, LLC
103.21.58.98
Registrant Name: ANUJ KHANDELWAL
Registrant Organization:
Registrant Street: GWALIOR
Registrant Street: 3RD FLOOR RUKMANI MANSION SARAFA BAZAR LASHKAR GWALIOR
Registrant City: GWALIOR
Registrant State/Province: Madhya Pradesh
Registrant Postal Code: 474001
Registrant Country: IN
Registrant Phone: +91.9826253253
Registrant Email: ktplanuj@yahoo.co.in
learnnplaypreschool.com 2016-11-12 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
IP IS CURRENTLY DOWN
mrdiyindia.com 2018-08-31 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
IP IS CURRENTLY DOWN
plumecashmere.co.in 2015-12-21 GODADDY.COM, LLC (R101-AFIN)
IP IS CURRENTLY DOWN
scrapkid.com 2009-02-22 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
64.62.249.177
Kerwin Ranch Addresses as seen above
sofmen.com 2002-02-26 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
DATA IS HELD ABOVE
themeevolution.com 2017-03-08 ZNET TECHNOLOGIES PVT LTD.
195.201.179.80
Registrant Name: anuj khandelwal
Registrant Organization: 1993
Registrant Street: 36 kailash puri
Registrant City: Jaipur
Registrant State/Province: Rajasthan
Registrant Postal Code: 302001
Registrant Country: IN
Registrant Phone: +91.8233382080
Registrant Email: webdevanuj@gmail.com
troop508.org 2004-08-25 GODADDY.COM, LLC
66.135.61.148
Kerwin Ranch Address as seen above
walkingwanderers.com 2016-12-09 BIGROCK SOLUTIONS LIMITED
IP APPEARS TO BE DOWN AND IS NOT CURRENTLY RESPONDING
<COMPANY A DATA AND EVIDENCE END>

<COMPANY B DATA AND EVIDENCE START>


www.nerdpilots.com
204.197.243.116
Registrant Name: kevin Pereira
Registrant Organization:
Registrant Street: sacred heart villa , near adarsh hospital
Registrant Street: ambedkar road, koppa
Registrant City: Koppa
Registrant State/Province: Karnataka
Registrant Postal Code: 577126
Registrant Country: IN
Registrant Phone: +91.9480473233
Registrant Email: kevinpereira1234512@gmail.com

Location address:
6325 N WALL ST
SPOKANE WA 99208-4144 USA
Mailing address:
8821 E VALLEYWAY AVE
SPOKANE VALLEY WA 99212-2856 USA

WEBSITES BELONGING TO THAT EMAIL: kevinpereira1234512@gmail.com


alaga.org 1997-09-04 GODADDY.COM, LLC IP UP
184.168.221.77 UH OH
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.221.77
https://ibb.co/b1TeBe
RECORD OF ABUSE:
https://www.abuseipdb.com/check/184.168.221.77

FULL WHOIS MATCH TO PREVIOUS DATA


clothify.xyz 2017-10-25 GO DADDY, LLC IP DOWN
jejubot.org 2018-02-09 GODADDY.COM, LLC IP DOWN
FULL WHOIS MATCH TO PREVIOUS DATA

ALL WEBSITES UNDER THE NAME


kevin Pereira
There are 43 domains that matched this search query.
These are listed below:
Domain Name Creation Date Registrar
alaga.org 1997-09-04 GODADDY.COM, LLC SEE ABOVE

api-x.net 2005-08-17 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


204.11.58.194 Name: Match Address: Non Match
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/204.11.58.194
https://ibb.co/dTM5jz
RECORD OF ABUSE:
https://www.abuseipdb.com/check/204.11.58.194

atlantisapartments.com.au NETREGISTRY
162.255.119.253 Name Match
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/162.255.119.253
https://ibb.co/gWBVjz
RECORD OF ABUSE:
https://www.abuseipdb.com/check/162.255.119.253

attack.media 2016-04-30 GODADDY.COM, LLC


184.168.131.241 Name and Whois Match
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.131.241
https://ibb.co/jVPGPz
RECORD OF ABUSE: LOTS OF REPORTS
https://www.abuseipdb.com/check/184.168.131.241

b-w-events.com 2018-04-15 OVH


188.165.51.93 NAME MATCH With New Data
Registrant Organization: agence communication
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/188.165.51.93
https://ibb.co/f2h6re
RECORD OF ABUSE:
https://www.abuseipdb.com/check/184.168.131.241

clothify.xyz 2017-10-25 GO DADDY, LLC

desaiengineering.com 2015-04-10 GODADDY.COM, LLC


165.227.61.127 NAME MATCH WITH NEW WHIOS DATA
RECORD OF ABUSE:
https://www.abuseipdb.com/report?ip=165.227.61.127
Registrant Name: Kevin PEREIRA
Registrant Street: VIRANJALI MARG,
Registrant City: NAVSARI
Registrant State/Province: Gujarat
Registrant Postal Code: 396445
Registrant Country: IN
Registrant Phone: +91.9898983436
Registrant Email: kevin@alastrine.com

SECTIONAL DATA FOR THE ABOVE RECORD ONLY START


results for kevin@alastrine.com
There are 5 domains that matched this search query.
These are listed below:

Domain Name Creation Date Registrar


desaiengineering.com 2015-04-10 GODADDY.COM, LLC
fatloss.studio 2017-12-22 GODADDY.COM, LLC
foramarch.com 2014-11-12 GODADDY.COM, LLC
ganeshstone.com 2015-02-06 GODADDY.COM, LLC
selfeapp.in 2016-11-17 GODADDY.COM, LLC (R101-AFIN)
SECTIONAL DATA FOR THE ABOVE RECORD ONLY END

emidar.in 2014-01-31 GODADDY.COM, LLC (R101-AFIN)

fantasygirls.co 2013-09-04 GODADDY.COM, INC.


184.168.221.52 NAME MATCH NEW WHOIS DATA
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.221.52
https://ibb.co/ksaFjz
RECORD OF ABUSE:
https://www.abuseipdb.com/check/184.168.221.52
Registrant Name: Kevin Pereira
Registrant Street: PO BOX 820471
Registrant City: DALLAS
Registrant State/Province: Texas
Registrant Postal Code: 75382
Registrant Country: US
Registrant Phone: +1.9727348393
Registrant Email: kevin@kevinp.net
SECTIONAL DATA FOR THE ABOVE RECORD ONLY START
results for kevin@kevinp.net
There are 8 domains that matched this search query.
These are listed below:

Domain Name Creation Date Registrar


fantasygirls.co 2013-09-04 GODADDY.COM, INC.
fantasygirls.me 2013-09-04 GODADDY.COM, LLC
humpdink.com 2005-03-03 TUCOWS DOMAINS INC.
kevasoft.com 2013-09-04 GODADDY.COM, LLC
kevinp.net 2002-04-05 TUCOWS DOMAINS INC.
kevinpereira.me 2013-09-04 GODADDY.COM, LLC
studio78photo.com 2013-09-04 GODADDY.COM, LLC
studio78soft.com 2013-09-04 GODADDY.COM, LLC
SECTIONAL DATA FOR THE ABOVE RECORD ONLY END

fantasygirls.me 2013-09-04 GODADDY.COM, LLC


184.168.221.59 NAME MATCH
Same as above
VIRUSES AND EXPLOITS ON SERVER:
https://ibb.co/gs3XxK
https://www.virustotal.com/#/ip-address/184.168.221.59
SAME PO BOX IN TEXAS BEING USED AS HERE
https://www.virustotal.com/#/ip-address/184.168.221.52
RECORD OF ABUSE:
https://www.abuseipdb.com/check/184.168.221.59

fatloss.studio 2017-12-22 GODADDY.COM, LLC


165.227.61.127 NAME MATCH

foramarch.com 2014-11-12 GODADDY.COM, LLC


165.227.61.127 Another match to india same as ABOVE
Registrant Name: Kevin PEREIRA
Registrant Street: VIRANJALI MARG,
Registrant City: NAVSARI
Registrant State/Province: Gujarat
Registrant Postal Code: 396445
Registrant Country: IN
Registrant Phone: +91.9898983436
Registrant Email: kevin@alastrine.com

ganeshstone.com 2015-02-06 GODADDY.COM, LLC


165.227.61.127 Match same as above

humpdink.com 2005-03-03 TUCOWS DOMAINS INC.


98.137.244.36 Name match and data protected, evil, always hides
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/98.137.244.36
https://ibb.co/iJ3Mre
jejubot.org 2018-02-09 GODADDY.COM, LLC

kevasoft.com 2013-09-04 GODADDY.COM, LLC


184.168.221.56 NAME MATCH WITH TEXAS PO BOX SEEN ABOVE
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.221.52
https://ibb.co/gCA4cK
RECORD OF ABUSE:
https://www.abuseipdb.com/check/184.168.221.56

kevin-pereira.com 2016-03-07 1&1 INTERNET SE IP DOWN


kevinp.in 2012-05-24 ENDURANCE DOMAINS TECHNOLOGY LLP (R173-AFIN) IP DOWN

kevinp.net 2002-04-05 TUCOWS DOMAINS INC.


98.137.244.36 NAME MATCH WITH HIDDEN DATA
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/98.137.244.36
https://ibb.co/iJ3Mre

kevinpereira.info 2006-10-11 TIERRANET INC. DBA DOMAINDISCOVER


full name match
216.104.165.22 Appears clean so far Lots of negatives though
216.104.165.82 Appears clean so far Lots of negatives though
RECORD OF ABUSE:
https://www.virustotal.com/#/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805
daca546b/detection
https://www.virustotal.com/#/file/01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805
daca546b/community

REPORTS AND DATA ENDED HERE ON FIRST DAY OF CALCULATION BELOW IS THE REST
OF THE DATA CONCERNING “KEVIN PEREIRA” AS AN OWNER OF WEB SITES.

kevinpereira.me 2013-09-04 GODADDY.COM, LLC


184.168.221.51
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.221.51
https://ibb.co/nMawMp
Data goes back to texas PO box owned by kevin Pereira
Record of abuse: https://www.abuseipdb.com/check/184.168.221.51

kevinsantos.com.br IP DOWN
kmccl.net IP DOWN 2002-11-01 MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
NOTE THAT THE NAME KEVIN PEREIRA MATCHES
Registrant Name: Debraj Das
Registrant Organization: Kotak Securities Limited
Registrant Street: 27BKC, 8th Floor, Plot No. C-27, "G" Block
Registrant Street: Bandra Kurla Complex Bandra East
Registrant City: Mumbai
Registrant State/Province: Maharashtra
Registrant Postal Code: 400051
Registrant Country: IN
Registrant Phone: +91.43361223
Registrant Email: debraj.d@kotak.com

lostboysgarage.net 2015-06-24 GODADDY.COM, LLC


184.168.221.12 Note the ip!
RECORD OF ABUSE: https://www.abuseipdb.com/check/184.168.221.12
VIRUSES AND EXPLOITS ON SERVER:
https://www.virustotal.com/#/ip-address/184.168.221.12
https://ibb.co/dC07SU
Registrant Name: Kevin Pereira
Registrant Organization:
Registrant Street: 8821 E Valleyway Ave
Registrant City: Spokane Valley
Registrant State/Province: Washington
Registrant Postal Code: 99212
Registrant Country: US
Registrant Phone: +1.5099948953
Registrant Email: lostboysgarage@outlook.com
madoverthings.com 2017-03-14 TUCOWS DOMAINS INC.
144.208.79.24 Name match data hidden
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/mLDDZ9
https://www.virustotal.com/#/ip-address/144.208.79.24

malishakrew.com 2015-07-06 GODADDY.COM, LLC


72.167.191.69
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/gDJxu9
https://www.virustotal.com/#/ip-address/72.167.191.69
RECORD OF ABUSE: https://www.abuseipdb.com/check/72.167.191.69
Registrant Name: kevin pereira
Registrant Organization:
Registrant Street: 1493 w 35th pl,
Registrant City: los angeles
Registrant State/Province: California
Registrant Postal Code: 90018
Registrant Country: US
Registrant Phone: +1.3235373398
Registrant Email: pereirakevin@yahoo.com

metrobound.com 1999-12-10 1&1 INTERNET SE


74.208.236.31 Data protected with full name match
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/foqAE9
https://www.virustotal.com/#/ip-address/74.208.236.31
microrecycling.com 2000-09-28 1&1 INTERNET SE
74.208.236.31 Data protected with full name match

newvisionabatement.com 2016-02-09 TUCOWS DOMAINS INC.


52.87.54.55 Data protected with full name match
APPEARS CLEAN

pereira.cloud 2016-02-16 UNITED-DOMAINS AG


112.140.180.152 Data protected with full name match
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/bvd5E9
https://www.virustotal.com/#/ip-address/112.140.180.152

pereira.id.au NETREGISTRY
208.43.179.160
RECORD OF ABUSE: -160 community
score: https://www.virustotal.com/#/file/c623c1144c540ad5f5ee378220c6237026df828fa5d63c95e0
72de454aa1113a/community
Registrant Contact ID: PEKE1018
Registrant Contact Name: Kevin Pereira
Tech Contact ID: PEKE1018
Tech Contact Name: Kevin Pereira
Name Server: NS0.MYOWNSERVER.NET
Name Server: NS100.MYOWNSERVER.NET
DNSSEC: unsigned
Registrant: Kevin A. Pereira
Registrant ID: OTHER ID Domain
Eligibility Type: Citizen/Resident
pereira.net.au NETREGISTRY IP DOWN
pereira.rocks 2014-09-11 UNITED-DOMAINS AG
89.31.143.20
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/ioSJ1p
https://www.virustotal.com/#/ip-address/89.31.143.20
RECORD OF ABUSE: https://www.abuseipdb.com/check/89.31.143.20
Terrorist group called "rise up" <----------------------------------SPECIAL ATTENTION
role: Hostmaster udag
address: united-domains AG
address: Gautinger Strasse 10
address: D-82319 Starnberg
address: Germany
remarks: to report abuse use abuse@united-domains.de
phone: +49 8151 36867 0
fax-no: +49 8151 36867 77

pointlesspod.com 2014-02-12 NAMECHEAP INC.


192.64.119.54
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/mn8i1p
https://www.virustotal.com/#/ip-address/192.64.119.54
RECORD OF ABUSE: currently an open proxy
https://www.liveipmap.com/?ip=192.64.119.54

promocoesdejaneiro-2018.com 2018-01-15 ASCIO TECHNOLOGIES, INC. DANMARK - FILIAL AF


ASCIO TECHNOLOGIES, INC. USA IP ADDRESS APPEARS DOWN

rachelchang.com 2007-01-22 TIERRANET INC. D/B/A DOMAINDISCOVER


216.104.165.29 This server appears clean but is still connected to the same individual
OPEN PROXY:https://www.liveipmap.com/?ip=216.104.165.29
216.104.165.89 SAME AS ABOVE
Registrant Name: Kevin Pereira
Registrant Organization:
Registrant Street: 27 Tuhans Road
Registrant City: Mount Waverley
Registrant State/Province: VIC
Registrant Postal Code: 3149
Registrant Country: AU
rachelpereira.net 2006-10-31 TIERRANET INC. D/B/A DOMAINDISCOVER
216.104.165.29 SAME AS ABOVE
216.104.165.89 SAME AS ABOVE

selfeapp.in 2016-11-17 GODADDY.COM, LLC (R101-AFIN) IP IS DOWN

skrtmag.com 2017-02-23 AUTOMATTIC INC.


192.0.78.24 Name match for registrant
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/e0Fo1p
https://www.virustotal.com/#/ip-address/192.0.78.24
RECORD OF ABUSE: Server is also used to run scams SEO
https://www.abuseipdb.com/check/192.0.78.24
https://www.liveipmap.com/?ip=192.0.78.24

192.0.78.25
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/ccCwnU
https://www.virustotal.com/#/ip-address/192.0.78.25
RECORD OF ABUSE: Server has been exploited and used for criminal activities
https://www.abuseipdb.com/check/192.0.78.25
https://www.liveipmap.com/?ip=192.0.78.25

studio78photo.com 2013-09-04 GODADDY.COM, LLC


184.168.221.60 FULL NAME MATCH FORMER TEXAS PO BOX DATA MATCH AS SEEN ABOVE
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/ePBxSU
https://www.virustotal.com/#/ip-address/184.168.221.60
RECORD OF ABUSE: https://www.abuseipdb.com/check/184.168.221.60

studio78soft.com 2013-09-04 GODADDY.COM, LLC


50.63.202.44
FORMER TEXAS PO BOX DATA MATCH AS SEEN ABOVE
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/bPzO1p
https://www.virustotal.com/#/ip-address/50.63.202.44
RECORD OF ABUSE:
https://www.abuseipdb.com/check/50.63.202.44

tjapparelsourcing.com 2012-03-27 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


88.198.6.198
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/mOZR49
https://www.virustotal.com/#/ip-address/88.198.6.198
Registrant Name: Kevin Pereira
Registrant Organization: tjapparelsourcing
Registrant Street: 38/17, Jaganathan Colony Foxen Street, Perambur
Registrant City: Chennai
Registrant State/Province: Tamilnadu
Registrant Postal Code: 600011
Registrant Country: IN
Registrant Phone: +91.7299912506
Registrant Email: baranee2001@gmail.com

xhamster.store 2017-10-02 PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM


162.210.70.23
The data here is now hidden, but the name matches none the less
VIRUSES AND EXPLOITS ON SERVER: https://ibb.co/dki0xU
https://www.virustotal.com/#/ip-address/162.210.70.23
RECORD OF ABUSE:
https://www.abuseipdb.com/check/162.210.70.23
https://www.liveipmap.com/?ip=162.210.70.23
<COMPANY B DATA AND EVIDENCE END>

EMAILS

13 total emails between the two companies

6 belonging to Anuj (COMPANY A) currently

7 belonging to Kevin (COMPANY B)currently

IP ADDRESSES

13 ip addresses belonging to Anuj (COMPANY A) currently 2 shared with Company B currently


33 ip addresses belonging to Kevin (COMPANY B) currently 2 being shared with Company A currently

ADDRESSES

6 addresses belonging to anuj (COMPANY A) Currently

10 addresses belonging to Kevin (COMPANY B)Currently

FOR REPORTING PURPOSES:

POSSIBLE ADMINISTRATION AND DEPLOYMENT OF A BOT NETWORK BY BELOW


INDIVIDUAL. HOLDING AND DISTRIBUTING VIRUSES AND OR COMPONENTS OF SUCH.
CONNECTED IP ADDRESSES TO SUBJECT APPEAR UNDER EXPLOITATION. Evidence on
subject below. PROBABLE ECONOMIC TERRORIST ACTION! Group: Rise Up

www.nerdpilots.com
204.197.243.116
kevin Pereira
sacred heart villa , near adarsh hospital
ambedkar road, koppa
Koppa Karnataka 577126 IN
919480473233
kevinpereira1234512@gmail.com
Location address:
6325 N WALL ST
SPOKANE WA 99208-4144 USA
Mailing address:
8821 E VALLEYWAY AVE
SPOKANE VALLEY WA 99212-2856 USA