MARCH 11--A year-long Department of Homeland Security undercover operation targeting prospective “sex tourists” was torpedoed last month after a blogger unwittingly stumbled upon a sleazy web site set up by federal agents and engineered a reverse sting on investigators she mistook for pedophiles.
As detailed Wednesday by TSG, federal agents early last year launched a web site for the “Precious Treasure Holiday Company,” which offered to arrange trips to Canada from Cleveland, Ohio for customers seeking sexual encounters with children. The site--online at precioustreasureholidaycompany.com--succeeded in enticing several suspects to either arrange or explicitly discuss via e-mail trips for illicit encounters.
Last month, however, the DHS undercover site was abruptly taken offline by the Massachusetts-based web hosting firm on whose servers it was housed. Amazingly, the company was unaware that “Precious Treasure Holiday Company,” which it has “suspended,” was the centerpiece of the DHS operation.
The demise of the web site began in mid-February when an Illinois computer programmer (who is active in online efforts to expose human trafficking and pedophiles) clicked through to the DHS site via an online link. When she landed on the site’s homepage, the woman recalled in an interview, “I was like, ‘Holy crap!’”
She immediately spotted symbols used by pedophiles to indicate “boy lover,” “girl lover,” and “child lover.” Additionally, she recognized that the acronym for the site’s name--“PTHC”--was pedophile shorthand for “preteen hardcore.” During a review of the “amateurish” site, the woman, who asked that she not be identified by name, determined that its source code included a “noindex” directive that kept the site from being crawled and preserved by search engines and the Internet Archive (archive.org).
The computer programmer also noticed that the “Precious Treasure Holiday Company” site appeared to have been designed using a 2003 version of Microsoft’s FrontPage. In retrospect, she remarked, the use of such outdated software should have tipped her to the fact that the site was a U.S. government production.
After discovering the site, the woman sent an e-mail to the Cleveland Police Department noting that, “last night I came across a site that appeared to be promoting a sex tourism site out of Cleveland.” She included the site’s URL in the note she sent to the department’s general e-mail address. The woman also went to the National Center for Missing & Exploited Children’s web site and submitted information about the “Precious Treasure Holiday Company” via the group’s CyberTipline.
Continuing her sleuthing, the woman had a colleague send an inquiry seeking additional information from the “Precious Treasure Holiday Company” proprietors. “My wife and I are looking for some fun,” the February 15 e-mail read. “I want things to be sweet.”
On February 17, “Ray Gould” wrote back, attaching a one-page PDF that further described his company’s sex tours “with your special girl or boy.” The PDF was locked, but “Gould” provided the password: “PTHC.” As if the undercover operation could not be more blatant, the name “Ray Gould” is a reference to the pseudonym of a notorious pedophile who spent five years on the FBI's Ten Most Wanted Fugitives before his capture and imprisonment in 2007.
The “Precious Treasure Holiday Company” flier noted that the tour included “Transportation to and from private place with your special girl or boy – your fantasy come true!” Two price options were detailed, along with the notice that a $100 down payment was required to “reserve date and child.” Prospective customers were also informed that prices did not include “Condoms, lube etc…” Additionally, the flier stated, “Adoption sales also available. Canadian trucker’s coming to U.S. we can help you to.”
Now armed with the explicit flier, the computer programmer sent a February 24 e-mail to the customer relations department at Endurance International Group, the Massachusetts firm hosting the “Precious Treasure Holiday Company” web site. She attached a copy of the PDF she had received days earlier. The site, she wrote, “appears to be promoting sex tourism,” adding, “This seems to be illegal, and I would assume that it would violate most providers’ acceptable use policies.”
Later that day, Shimon Bakshi, a customer service manager, wrote back to thank her and report, “We have suspended the site.” Two weeks later, visitors to precioustreasureholidaycompany.com are still getting a placeholder page with the notice “This site has been suspended.”
While expressing regret for inadvertently derailing the DHS undercover site, the woman said she could not understand why federal agents did not clue in the web hosting firm as to who was behind the “Precious Treasure Holiday Company” web site. Or why DHS did not simply place the site on a server it owned or better controlled (and to which it would easily have been able to mask its connection).
“I can’t figure out why they didn’t anticipate that someone might find the site and have a problem with it,” the computer programmer said.
Just too funny!