CloudFlare appears to be signing and hosting scam Chinese website

I have come across the website lkeine.com , which at first glace appears to be a legitimate retail site. They have an SSL certificate signed by CloudFlare. From whois, I see that in addition to signing their SSL certificate, cloudflare is hosting their DNS records. The IP addresses returned by those cloudflare DNS servers all also point back to CloudFlare-owned networks (both for HTTP/S traffic and mail). So one way or another, CloudFlare is hosting this content. So CloudFlare must have some more records to trace back, correct? In order to get an SSL certificate, it is supposed to mean that CloudFlare has done some kind of work to verify their legitimacy, correct? Can you please explain exactly what that work entails?

I strongly believe they are not legitimate, and are in fact running a scam operation.

Here are the reasons I believe this site to be a scam:

  • Prices for the products listed are “too good to be true”
  • Their registrar is “Alibaba Cloud Computing (Beijing) Co., Ltd.”; no where in their web site do they claim any Chinese association.
  • The address they list is “4530 Templeton Park Circle, Unit 73 Colorado Springs CO US” - this is just some random apartment build in a residential neighborhood.
  • The phone number they list (7193581147) is disconnected.
  • There has been no reply to mail sent to their listed [email protected] nor to messages submitted on their site.
  • They claim to accept payment from Visa/Mastercard/etc… but actually only accept payment via paypal, Through some clever trickery, they have managed to hide their PayPal seller name until after a payment has been made. After completing a payment, the seller’s actual name is revealed - it’s all chinese characters: “青岛佳恒工程造价咨询有限公司莱阳分公司”. According to Google Translate, this means “Qingdao Jiaheng Engineering Cost Consulting Co., Ltd. Laiyang Branch”
  • There is no way to cancel an order on their website.

CloudFlare appears to be hosting and supporting a Chinese Scam operation. What is CloudFlare prepared to do about this?

Report it at cloudflare.com/abuse.