Aallannott.techAccount justice for the people big tech ignores
The researcher track

Volunteers who source the chain, in public, with their real name on the work.

This is not bug-bounty hunting. It is forensic journalism with a fixed format: trace a real scam through the five layers, file the abuse reports, publish what each layer did or refused to do. Verified researcher, verified case, verified outcome.

What a researcher actually does on one case

  1. Pick an open case. Real victim, real receipts, already on the network.
  2. Trace the chain. WHOIS the domain, identify the registrar, identify the host (often Cloudflare in front of something), identify the destination account and processor, identify the carrier if there is a phone leg.
  3. File the reports. Each layer's public abuse channel, with the case ID. The filings themselves are attached to the case.
  4. Record what happens. Date filed, date acknowledged, date acted on, or date refused. No editorial. Just the record.
  5. Hand off. If the case escalates to public disclosure, the researcher's work is the file that journalists and regulators read first.

Who can do this

  • You have a VID. Your real name is on your work.
  • You are willing to file under that name. No anonymous research is accepted onto the network.
  • You have basic OSINT skill: WHOIS, DNS, reverse-IP, Shodan-equivalent lookups, public registries. Anything past public sources is out of scope.
  • You read at least one of: a country's anti-fraud law, GDPR, the DSA, ICANN's transfer policy, a registrar's published terms. You will be citing them in your filings.

What is in scope

  • Public WHOIS, DNS records, certificate transparency logs.
  • Publicly accessible pages on the scam site.
  • Filing abuse reports at the addresses each layer publishes.
  • Cross-referencing public databases (sanctions lists, registrar history, court records).

What is out of scope, period

  • Any attempt to bypass authentication. No credential stuffing, no SQLi probing, no scraping behind a login.
  • Any contact with the scammer pretending to be a victim. That is for police, not us.
  • Any attempt to identify the human behind the scammer. We name the layer that protected them. We do not dox.
  • Any acceptance of payment or favor from a layer to soften a published finding. Instant removal from the researcher list.

How a researcher gets verified

  1. Open a free VID-anchored account at upgradeai.net/signup.
  2. Two existing verified researchers vouch for you, on a Wall call you can request from /wall/request.
  3. Your first case is reviewed by one of them before filings go out under your name. After three clean cases, you file solo.

Why a competent person would do this for free

Because the work is permanent and named. Every case file lives on the network forever. Every refusal you document at a registrar is a piece of public record that helps the next victim, the next regulator, the next journalist, and the next researcher. The reputation that comes from twenty named, documented cases is more durable than any private bug-bounty payout, and it is the reputation that gets paid in the next round — by the network, by journalists, by people who want their case taken seriously.

Back to the advocacy network → · The five-layer map · Live-video proof