Type to search

Phishing: johnnoren.com

Phishing domain johnnoren.com has been tagged as a malicious domain which is hosting content in order to phish unaware internet users. The domain johnnoren.com should be considered dangerous and communication towards that domain should be flagged as malicious.

If you see someone sharing johnnoren.com, then do not hesitate to inform them that they are sharing a phishing site. If you do not know the user, and you are sure that it is being done on purpose, it is wise to take a screenshot, so you can use it as evidence – once you have taken the screenshot, you can “block” the user in order to avoid future messages.

Malicious behavior which is often seen on phishing sites;

  • Fake forms which request personal information.
  • Affiliate surveys which generate an online revenue for the cybercriminals/scammers.
  • Download buttons which download malicious/adware applications or plugins.


Phishing: johnnoren.com

If you have left information on the phishing domain johnnoren.com

The chance is there that you are reading this because you have left information on the phishing site – if that is the case, we strongly recommend you to take action in order to minimize the damage which can be done by the phished data.

Inform the police

If you have left personal information which you do not want to see online, inform the police agency in your environment about the fact that you think that you have been phished. They will instruct you on which steps you need to take.

Affiliate programs

The second step is to make sure that you did not sign-up for any affiliate programs which demand a payment each week/day or per message. If that is the case, you need to search up the phone number on Google and make sure that you find instructions on how to disable the affiliate program.

You can also call up your phone provider to inform them that you have signed up for an affiliate program via a phishing page, if they care, they should continue to help you in order to disable that affiliate  program.

Your bank

Call your bank if you have left personal/financial information on the phishing page, they will be able to instruct you in which steps you need to take to minimize the effect of the performed phishing attack.

Your work

If you have left information on the phishing page with your “work/company” profile, then make sure that you inform your IT-manager or the “Cyber” Security Officer in the company. This will allow them to minimize the effect on the company.

What you should always have enabled

When you are using devices that contain private or sensitive information, we strongly recommend you to use an up to date anti-virus on that device. The anti-virus will protect your device against malicious applications. The use of a VPN is also recommended, the VPN will hide your IP from the outside world, making it hard for anyone on the internet to identify your location via the IP. This can also be done by using TOR.

Detailed information on johnnoren.com

Current date:
Currently hosted on IP:

Autonomous System Number (ASN):

Pages hosted on IP:
61.600 pages

The pages which are hosted on do not have to be malicious, the fact that the IP has been flagged is because of the fact that at least “one” page on johnnoren.com was identified as a phishing page.


How to remove johnnoren.com malware/adware/spyware

The removal of malicious content on your device can be done in various ways, below, you will be able to find tools which will help you to remove johnnoren.com, and any other malicious content from your device.

Antivirus products

If you want to scan your device for malware, spyware and other type of malicious content – it is strongly recommended to use one of the AV products which are listed below, these AV products can be downloaded for free and are capable of finding and removing malware.

Extra “Anti-Rootkit”:

The antivirus products which are listed above, are free to use and can be downloaded from their official websites. They can cleanup your device from any content which have been left by johnnoren.com.

Registry fix products

Malware and spyware often adjust the registry on the Windows device, it is strongly recommended to use the HijackThis tool by TrendMicro to clean-up malicious / bad registry key values. The HijackThis tool is fully automated so you do not need to be an expert to clean up the registry.

Temp / “trash” content removal

The next thing you want to cleanup are the temporary items which are hiding on your device. In order to cleanup those temporary items / trash, you can use the CCleaner tool from Piriform, this tool is free and it can be downloaded directly from their site – the tool is automated, and it will allow you to cleanup your device from unwanted temporary files (which can be leftovers of the malware/spyware).


If you want to protect yourself against Ransomware / Cryptoware malware then you can use the following products below, these products are preventive products, so they need to be installed before any ransomware attacks take place. These tools cannot be used to recover ransomware attacks – they are only protecting you against those type of attacks, but once an attack has taken place, it cannot be used for recovery.

Participate in malware research

The Cyberwarzone Community holds a forum for “Malware & Phishing research“, you are invited to participate on the forum. You do not need to sign-up, and it is totally free.

Extra information on johnnoren.com

If you have extra information about this attack, and you are allowed to share that information, then please do not hesitate to add extra information to this post about johnnoren.com via the comment section below. We thank you in advance.

Share this info with your network: