WhoIs – pegashosting.com – Money Mule Server [AS28753]

October 13, 2010Leave a comment

Reverse IP Lookup for 78.159.112.46
IP Address: 78.159.112.46
IP Location: Germany
Internet host name for this ip address: node1.webgater.com

Websites shared hosted on 78.159.112.46
Websafeclicks http://www.websafeclicks.com
Zetaclicks4 http://www.zetaclicks4.com
Searchclick2 http://www.searchclick2.com
Searchmeup4 http://www.searchmeup4.com

I cannot verify if the netblock WHOIS details are accurate:
inetnum: 178.162.135.0 – 178.162.135.255
netname: Maxim-Staricin-966729
descr: PegasHosting Network
country: UA
admin-c: MS20894-RIPE
tech-c: SR614-RIPE
status: ASSIGNED PA
mnt-by: NETDIRECT-MNT
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
source: RIPE # Filtered

person: Maxim Staricin
address: 6/40 Mira str.
address: Kiev 03134
address: Ukraine
phone: +380994005332
fax-no: +380994005332
abuse-mailbox: abuse@pegashosting.com
nic-hdl: MS20894-RIPE
mnt-by: NETDIRECT-MNT
source: RIPE # Filtered

pegashosting.com was only registered in February, so hardly an old company.

Service Provided By: Center of Ukrainian Internet Names
Website: http://www.ukrnames.com
Contact: +380.577626123

Domain Name: PEGASHOSTING.COM

Creation Date: 01-Feb-2010
Modification Date: 01-Feb-2010
Expiration Date: 01-Feb-2011

Domain servers in listed order:
ns1.pegashosting.com
ns2.pegashosting.com

Registrant:
Staricin Maxim
PegasHosting.com
6/40 Mira str.
Kiev, 03134
UKRAINE
+380.994005332

Billing Contact:
Staricin Maxim abuse@pegashosting.com
Private person
6/40 Mira str.
Kiev, 03134
UKRAINE
+380.994005332

Administrative Contact:
Staricin Maxim abuse@pegashosting.com
PegasHosting.com
6/40 Mira str.
Kiev, 03134
UKRAINE
+380.994005332

Technical Contact:
Staricin Maxim abuse@pegashosting.com
PegasHosting.com
6/40 Mira str.
Kiev, 03134
UKRAINE
+380.994005332

Address lookup

canonical name pegashosting.com
aliases
addresses 208.73.210.29
Domain Whois record

Queried whois.internic.net with “dom pegashosting.com”…

Domain Name: PEGASHOSTING.COM
Registrar: ! #1 HOST KOREA, INC.
Whois Server: whois.1hostkorea.com
Referral URL: http://www.1hostkorea.com
Name Server: NS1.DSREDIRECTION.COM
Name Server: NS2.DSREDIRECTION.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 02-oct-2010
Creation Date: 02-oct-2010
Expiration Date: 02-oct-2011

Last update of whois database: Thu, 14 Oct 2010 04:46:25 UTC
Queried whois.1hostkorea.com with “pegashosting.com”…
Domain Name: PEGASHOSTING.COM
Registrar: 1HOSTKOREA

Registrant [1300164]:
Admin – admin@overseedomainmanagement.com
Oversee Domain Management, LLC
515 South Flower Street
Suite 4400
Los Angeles
CA
90071
US

Administrative Contact [1300164]:
Admin – admin@overseedomainmanagement.com
Oversee Domain Management, LLC
515 South Flower Street
Suite 4400
Los Angeles
CA
90071
US
Phone: +1.2132653191

Billing Contact [1300164]:
Admin – admin@overseedomainmanagement.com
Oversee Domain Management, LLC
515 South Flower Street
Suite 4400
Los Angeles
CA
90071
US
Phone: +1.2132653191

Technical Contact [1300164]:
Admin – admin@overseedomainmanagement.com
Oversee Domain Management, LLC
515 South Flower Street
Suite 4400
Los Angeles
CA
90071
US
Phone: +1.2132653191

Domain servers in listed order:

NS1.DSREDIRECTION.COM
NS2.DSREDIRECTION.COM

Record created on: 2010-10-02 14:29:19.0
Database last updated on: 2010-10-02 18:30:29.02
Domain Expires on: 2011-10-02 14:29:19.0

Network Whois record

Queried whois.arin.net with “n 208.73.210.29″…

NetRange: 208.73.208.0 – 208.73.215.255
CIDR: 208.73.208.0/21
OriginAS:
NetName: OVERSEE-NET-2
NetHandle: NET-208-73-208-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Assignment
NameServer: NS2.OVERSEE.NET
NameServer: NS1.OVERSEE.NET
RegDate: 2006-12-28
Updated: 2006-12-28
Ref: http://whois.arin.net/rest/net/NET-208-73-208-0-1

OrgName: Oversee.net
OrgId: OVERS-1
Address: 515 S. Flower St
Address: Suite 4400
City: Los Angeles
StateProv: CA
PostalCode: 90071
Country: US
RegDate: 2003-08-01
Updated: 2008-11-10
Ref: http://whois.arin.net/rest/org/OVERS-1

OrgTechHandle: OVERS-ARIN
OrgTechName: Oversee NOC
OrgTechPhone: +1-213-408-0080
OrgTechEmail: ipadmin@oversee.net
OrgTechRef: http://whois.arin.net/rest/poc/OVERS-ARIN

OrgAbuseHandle: OVERS-ARIN
OrgAbuseName: Oversee NOC
OrgAbusePhone: +1-213-408-0080
OrgAbuseEmail: ipadmin@oversee.net
OrgAbuseRef: http://whois.arin.net/rest/poc/OVERS-ARIN
DNS records

DNS query for 29.210.73.208.in-addr.arpa returned an error from the server: NameError

name class type data time to live
pegashosting.com IN A 208.73.210.29 600s (00:10:00)
pegashosting.com IN NS ns2.dsredirection.com 3600s (01:00:00)
pegashosting.com IN NS ns1.dsredirection.com 3600s (01:00:00)
pegashosting.com IN MX
preference: 0
exchange: 127.0.0.1
7200s (02:00:00)
pegashosting.com IN SOA
server: ns1.dsredirection.com
email: hostmaster.oversee.net
serial: 2010100804
refresh: 16384
retry: 2048
expire: 1048576
minimum ttl: 25670
3600s (01:00:00)
pegashosting.com IN TXT v=spf1 -all 3600s (01:00:00)
— end —

Escrow-ento.com
Careers-kivox.com
Careers-tekset.com
Deutschenoote.com
Es-trabajowug.com
Gamestaff.org
Hat.am
Intelligentlogistics.biz
Jobs-kivox.com
Jobs-tekset.com
Kivox-careers.com
Kivox-company.com
Kivox-consulting.com
Kivox-jobs.com
Kivox-today.com
Mcashjdg.com
Mejdskas.com
Mhasdhfg.com
Mksdjhfu.com
Myasjhaa.com
Pootervom.com
Shop-n-ship.net
Tekset-careers.com
Tekset-consulting.com
Tekset-jobs.com
Tekset-news.com
Trilane-careers.com
Trilane-consulting.com
Trilane-jobs.com
Trilanecareers.com
Trilaneconsulting.com
Work-at-duolux.com
Work-at-tekset.com
Spicegrossisten.com
Spicegrossisten.org
Mlhsgdhh.com
Jacksonstatue.com
Gl-transport.com
N-transport.com
Hiring-westunion.com
Ebaysquaretrade.com
Bongblogs.net
Bonglove.net
Kydesniki.net
Love4net.net
Office-exchange.biz
Office-exchange.info
Avalonassistants.com
Bettertasks.com
Kptarnews.com
Adjustedresults.com
Resultscache.com
Mailcenter-yahoo.com
Allhdmovies.com
X-torrents.info
X-torrents.name
X-torrents.net
X-torrents.nu
X-torrents.org
X-torrents.ru
Beachamateursite.info
Hotlatinotube.info
Hotnudistmix.info
Partyhotpregnant.info
Redheadvideovideos.info
Siteblondhot.info
Todaysnewest.com
Tubegirlsexy.info
Tuberedheadnudist.info
Tuberedheadsexy.info
Wetlesbianstube.info
Big-stan.ru
Careers-at-lexor.com
Careers-stendal.com
Europe-stendal.com
Hallway-careers.com
Hallway-group-careers.com
Hallway-group-jobs.com
Hallway-jobs.com
Hallway-news.com
Hallway-today.com
Immobilie-vitrea.com
Jobs-at-stendalgroup.com
Jobs-stendal.com
Kernet.name
Lexor-careers.com
Lexor-consulting.com
Lexor-jobs.com
Lexor-sl-careers.com
Lexor-sl-consulting.com
Lexor-sl.com
Lexorsl.com
Mybisiness.org
News-stendal.com
Onlinerentalparadise.com
Silentspy.ru
Stendal-applications.com
Stendal-careers-now.com
Stendal-careers-today.com
Stendal-consulting-group.com
Stendal-consulting.com
Stendal-news.com
Stendal-today.com
Stendalcareers.com
Stendaljobs.com
Stendaltoday.com
Vitrea-arbeit.com
Vitrea-deutchland.eu
Vitrea-estate-agents.com
Vitrea-estate.eu
Vitrea-immobilie-karrieren.com
Vitrea-immobilie.com
Vitrea-karrieren.com
Vitrea-today.com
Vitrea-uk.com
Vitreaestate-europe.com
Vitreaestatecareers.com
Vitreajobs.com
Vitreanews.com
Wr-mail.ru
Arbeit-vitrea.com
Careers-at-stendal.com
Careers-at-vitrea.com
Jobs-at-hallway-group.com
Jobs-at-lexor.com
Jobs-at-stendal.com
Jobs-lexor.com
Karrieren-immobilie-vitrea.com
Karrieren-vitrea.com
Msk-guvd.org
Westunionhiring.com
Romlife.net
Mypsp.my
Qzzb.ru
Softcracks.com
Mayki.in
Sms-partner.net
Wmmailz.com
Xandgo.net
Dragporno.ru
Megaru.com
Nafani.net
Pop-banner.ru
Watchporno.ru
Xlivetv.ru
Alternativedabell.com
Alternativedago.com
Alternativedasound.com
Alternativedassound.com
Alternativedasting.com
Best-freemovie.com
Best-freemovies.com
Dasoundservices.com
Datingprivates.com
Datingteen.net
Datingteenonline.net
Datingwork.com
Free-moviebest.com
Freemoviebest.com
Fremoviesbest.com
Moviebest-free.com
Moviefree-best.com
Moviesbest-free.com
Moviesfree-best.com
Myalternativedating.com
Naebalova.net
Releaseadultsex.com
Releaseating.com
Thefreedating.com
Webalternativedating.com
Webfreeadultsexnet.com
Sportsbear.net
Tdsse.net
Qctsupport.com
Neomaks.ru
Videobum.net
Pornogandon.ru
Mp3gigant.net
Gpssystemsused.com
Mangomeds.net
Mangomeds.org
Medswhite.com
Ourmeds.org
4aclepsa.com
Medisupprt.com
Cadipll.com
Bonus-file.net
Yastreb.biz

pcvirus-destroyer.com ns1.pcvirus-destroyer.com => 213.155.22.193
ns2.pcvirus-destroyer.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.146 Directs to Trojan 2009-09-26
details
systemthreatkiller.com ns1.systemthreatkiller.com => 213.155.22.193
ns2.systemthreatkiller.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.146 Directs to Trojan 2009-09-26
details
yoursystem-protector.com ns1.yoursystem-protector.com => 213.155.22.193
ns2.yoursystem-protector.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.146 Directs to Trojan 2009-09-26
details
pcthreatremover.com ns1.pcthreatremover.com => 213.155.22.193
ns2.pcthreatremover.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.147 Fake codec page / Directs to Trojan 2009-09-24
details
pctrouble-remover.com ns1.pctrouble-remover.com => 213.155.22.193
ns2.pctrouble-remover.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.147 Directs to Trojan FakeSmoke 2009-09-22
details
malware-reaper.com ns1.malware-reaper.com => 213.155.22.193
ns2.malware-reaper.com => 213.155.22.194
(AS41665) HOSTING
213.155.22.193 Fake scanner page / Directs to TRojan FakeSmoke 2009-09-22
details
scareware-killer.com ns1.scareware-killer.com => 213.155.22.193
ns2.scareware-killer.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.147 Fake scanner page / Directs to Trojan FakeSmoke (SaveDefender) 2009-09-20
details
scan-4-clean.com ns1.scan-4-clean.com => 213.155.22.193
ns2.scan-4-clean.com => 213.155.22.194
(AS28753) NETDIRECT
78.159.97.147 Fake scanner page / SoftSafeness 2009-09-16
details
topspyfreecheck.com ns1.topspyfreecheck.com => 213.155.22.193
ns2.topspyfreecheck.com => 213.155.22.194
(AS4645) HKNET
203.169.164.18 Fake scanner page / SoftSafeness 2009-09-16
details
checkerforfree.com ns1.checkerforfree.com => 213.155.22.193
ns2.checkerforfree.com => 213.155.22.194
(AS4645) HKNET
203.169.164.18 Fake scanner page / Directs to Trojan 2009-09-15
details

Stimul Media aka Rx Partners – stimul-cash.com

October 13, 2010February 23, 20141 Comment

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration

Click Here
National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Behind The Online Pharmacy

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

October 22, 2007
Stimul Media and Rx Partners relation
Filed under: reviews — Crevete @ 6:51 am
Today I signed up for two pharmacy affiliate programs: Rx Partners and Stimul Cash (former known as Stimul Media). As you know, signing up for these two is quite hard these days and you are required to have invitation code plus webmaster approval to start making money with them. Here is a conversation with the approval guy (Mark from Rx-Partners):

14:58:58 Me: Hello! I want to sign-up with stimul-media but the signup form does not appear. https://www.stimul-media.com/signup.html Please leave offline message if it’s the case.
11:32:00 stimul-media: please register here http://www2.stimul-cash.com/signup.html
13:18:31 Me: Hello! How can I sign-up on stimul-cash.com and give credit to a friend that reffered me? Is http://www2.stimul-cash.com/?partner=2331 going to work?
13:19:22 stimul-media: yes, it will work.
13:19:34 : ok, thanks
13:22:22 stimul-media: are you signing up in Rx-parterns as well?
13:22:38 Me: yes
13:22:51 Me: how did you know?
13:23:20 430886685: we run both programs
13:23:34 Me: I understand
13:23:42 430886685: can yo uplease tellme how exactly are you planning to advertisie our sites?
I will advertise on http://www.bubub.org/, search engine traffic.
13:25:15 430886685: I have apporved your account
13:25:23 Me: ok
13:25:31 Me: thank you
That’s a lot of money these dudes are making. Two of the top affiliate programs. Hope this shit will work for me. If you want to sign up with Rx Partners and need an invitation code please leave a comment, I will respond in less than an hour. Also if you need affiliate coaching don’t hesitate to

bother me.
Later!

Address lookup
canonical name http://www.stimul-cash.com
aliases
addresses 72.52.4.173
Domain Whois record

Queried whois.internic.net with “dom stimul-cash.com”…

Domain Name: WWW.STIMUL-CASH.COM
Registrar: REALTIME REGISTER BV
Whois Server: whois.yoursrs.com
Referral URL: http://www.realtimeregister.com
Name Server: NS0.STIMULCASH.COM
Name Server: NS1.STIMULCASH.COM
Status: clientTransferProhibited
Updated Date: 24-sep-2010
Creation Date: 16-mar-2007
Expiration Date: 16-mar-2013

>>> Last update of whois database: Wed, 13 Oct 2010 20:26:41 UTC <<<
Queried whois.yoursrs.com with “stimul-cash.com”…

Domain Name:stimul-cash.com
Name Server:ns1.stimulcash.com
Name Server:ns0.stimulcash.com

Created On:2010-08-13
Last Updated On:2010-09-24
Expiration Date:2013-03-16
Dealer:stimul
Registrant ID:stimul
Registrant Name:Vitaly Petrov
Registrant Organization:STIMUL-MEDIA.COM
Registrant Street1:Petrozavodskaya st, 16
Registrant Street2:
Registrant Street3:
Registrant City:Moscow
Registrant State/Province:
Registrant Postal Code:125414
Registrant Country:RU
Registrant Phone:+7.9160248086
Registrant Fax:
Registrant Email:vitalypetrov76@yahoo.com

Admin ID:stimul
Admin Name:Vitaly Petrov
Admin Organization:STIMUL-MEDIA.COM
Admin Street1:Petrozavodskaya st, 16
Admin Street2:
Admin Street3:
Admin City:Moscow
Admin State/Province:
Admin Postal Code:125414
Admin Country:RU
Admin Phone:+7.9160248086
Admin Fax:
Admin Email:vitalypetrov76@yahoo.com

Billing ID:stimul
Billing Name:Vitaly Petrov
Billing Organization:STIMUL-MEDIA.COM
Billing Street1:Petrozavodskaya st, 16
Billing Street2:
Billing Street3:
Billing City:Moscow
Billing State/Province:
Billing Postal Code:125414
Billing Country:RU
Billing Phone:+7.9160248086
Billing Fax:
Billing Email:vitalypetrov76@yahoo.com

Tech ID:stimul
Tech Name:Vitaly Petrov
Tech Organization:STIMUL-MEDIA.COM
Tech Street1:Petrozavodskaya st, 16
Tech Street2:
Tech Street3:
Tech City:Moscow
Tech State/Province:
Tech Postal Code:125414
Tech Country:RU
Tech Phone:+7.9160248086
Tech Fax:
Tech Email:vitalypetrov76@yahoo.com

Network Whois record
Queried whois.arin.net with “n 72.52.4.173″…

NetRange: 72.52.0.0 – 72.52.63.255
CIDR: 72.52.0.0/18
OriginAS:
NetName: PROLEXIC
NetHandle: NET-72-52-0-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.PROLEXIC.NET
NameServer: NS1.PROLEXIC.NET
Comment: http://www.prolexic.com / NOC hours are 24/7
RegDate: 2005-07-11
Updated: 2007-06-27
Ref: http://whois.arin.net/rest/net/NET-72-52-0-0-1

OrgName: Prolexic Technologies, Inc.
OrgId: PROLE
Address: 1930 Harrison Street
City: Hollywood
StateProv: FL
PostalCode: 33020
Country: US
RegDate: 2004-07-15
Updated: 2009-10-16
Ref: http://whois.arin.net/rest/org/PROLE

OrgTechHandle: HOSTM528-ARIN
OrgTechName: Hostmaster
OrgTechPhone: +1-866-800-0366
OrgTechEmail: hostmaster@prolexic.com
OrgTechRef: http://whois.arin.net/rest/poc/HOSTM528-ARIN

RTechHandle: HOSTM528-ARIN
RTechName: Hostmaster
RTechPhone: +1-866-800-0366
RTechEmail: hostmaster@prolexic.com
RTechRef: http://whois.arin.net/rest/poc/HOSTM528-ARIN
DNS records

name class type data time to live
stimul-cash.com IN MX
preference: 10
exchange: mail.stimul-cash.com
600s (00:10:00)
stimul-cash.com IN A 72.52.4.173 600s (00:10:00)
stimul-cash.com IN SOA
server: ns0.stimulcash.com
email: root.stimulcash.com
serial: 2010824934
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 1200
600s (00:10:00)
stimul-cash.com IN NS ns0.stimulcash.com 600s (00:10:00)
stimul-cash.com IN NS ns1.stimulcash.com 600s (00:10:00)
173.4.52.72.in-addr.arpa IN PTR unknown.prolexic.com 86400s (1.00:00:00)
— end —
IP address: 72.52.4.173
Host name: stimul-cash.com
Alias:
stimul-cash.com
72.52.4.173 is from United States(US) in region North America

TraceRoute to 72.52.4.173 [stimul-cash.com]
Hop (ms) (ms) (ms) IP Address Host name
1 53 41 30 72.249.128.5 –
2 23 14 8 8.9.232.73 xe-5-3-0.edge3.dallas1.level3.net
3 Timed out 41 Timed out 66.192.240.94 dal2-pr1-ge-5-0-0-0.us.twtelecom.net
4 26 37 23 157.238.224.193 xe-0-4-0-1.r07.dllstx09.us.bb.gin.ntt.net
5 24 46 11 129.250.3.66 ae-6.r20.dllstx09.us.bb.gin.ntt.net
6 63 41 42 129.250.6.87 as-0.r21.miamfl02.us.bb.gin.ntt.net
7 48 47 41 209.200.132.34 blackhole.prolexic.com
8 51 69 80 157.238.179.6 ge-4-12.r02.miamfl02.us.ce.gin.ntt.net
9 51 44 55 209.200.132.34 blackhole.prolexic.com
10 69 80 58 72.52.4.173 unknown.prolexic.com
Trace complete

Retrieving DNS records for stimul-cash.com…
DNS servers
ns0.stimulcash.com
ns1.stimulcash.com
Query for DNS records for stimul-cash.com failed: Timed out
Whois query for stimul-cash.com…
Query error: Timed out
Network IP address lookup:

Whois query for 72.52.4.173…

Results returned from whois.arin.net:
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=72.52.4.173?showDetails=true&showARIN=false
#

OrgTechHandle: HOSTM528-ARIN
OrgTechName: Hostmaster
OrgTechPhone: +1-866-800-0366
OrgTechEmail: hostmaster@prolexic.com
OrgTechRef: http://whois.arin.net/rest/poc/HOSTM528-ARIN

RTechHandle: HOSTM528-ARIN
RTechName: Hostmaster
RTechPhone: +1-866-800-0366
RTechEmail: hostmaster@prolexic.com
RTechRef: http://whois.arin.net/rest/poc/HOSTM528-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html

679-205-2937
1-679-205-2937
(679)205-2937

Billing LTD – VERITASGROUP-LLC.COM

October 13, 20101 Comment

The Purpose of This Post Is To ALERT You That The Job You Are About To APPLY For or May Have Applied For or is CONSIDERING APPLYING For Is Scam Alert 1 Fraudulent. A LEGITIMATE COMPANY IDENTITY OR AN INDIVIDUAL IDENTITY HAS BEEN STOLEN OR A BOGUS ONE CREATED

These job postings are an attempt to lure you into cashing counterfeit checks and have you wire funds via Western Union or MoneyGram -Essentially You Become A Money or RePackage Mule

Understanding The Cyber Theft Ring
Money Mule Explained

Washingtonpost.com by Brian Kerbs

Interview With A Money Mule

Hi,

I just recevied this one yesterday from totaljobs.com (does it look familiar?). I think I will unsubscribe if they can’t filter this kind of rubbish out.

My name is Nastasha van der Berg and I represent Billing LTD.

We’ve reviewed your CV and I’m pleased to offer you a chance to fill a vacant Payment Processing Agent position which we currently have available in your area.

We are a large company founded and based in the UK. Billing LTD deals mainly with providing IT services to clients within the United Kingdom, while recruiting individuals and agencies from all around the world.

This is a part-time position with a flexible schedule. Working 2 to 3 hours a day from your home while staying in contact with our company via your supervisor and receiving all your tasks online.

During the training period you’ll be paid GBP 1,500 a month. In addition you’ll keep 8% from every money transfer processed. Total income, considering the current volume of clients, will be up to GBP 2,500 per month. After you successfully pass the training period, base salary will be increased up to GBP 1,800 per month. Furthermore, you may ask for an extra hours or even a full-time job.

My goal is to spark your interest. In the present economy our position offers training, support and a pay scale comparable to entry level position requiring 40 hours per week. I hope you will explore, compare, and then contact me with your questions.

Sincerely yours,

Nastasha van der Berg

Billing LTD.

Here are some more scam sites, registered on the 27th and 28th, and not live yet:

US-BURGESSGROUP.NET
US-CIELGROUP.NET
US-LOGESTYGROUP.NET
LLOYDGROUPLTD.NET

Here is another batch of sites, registered on the 6th, also not live yet:

ATG-GROUPCOMP.COM
DESERT-GOLDGROUP.COM
EASYTRANSFERLLC.COM
FINCONSULTUK-LTD.COM
FIVECORNERSGROUPUK.COM
FREE-LIVEGROUPUK.COM
KRYPTON-GROUPINC.COM
LLOYDGROUPLTDUK.COM
MAJESTIC-GROUPSVC.COM
STAFFORDSGROUPINC.COM
US-LEAPROFGROUP.COM
VERITASGROUP-LLC.COM
VIRTUE-MAINGROUP.COM

Here are the new name servers registered on the 6th:

NS1.LIBUKERTY.CC (also NS1 and NS2)
NS1.NSDOOMED.CC (also NS1 and NS2)
NS1.SIPNSDOM2.CC (also NS1 and NS2)

Here are some new scam sites, registered on the 12th:

FOXLEY-GROUP.CC (Foxley Group LLC)
Tel 1-347-394-5001, Fax 1-800-803-5302
admin@foxley-group.cc,
support@foxley-group.cc,
job@foxley-group.cc,
webmaster@foxley-group.cc

INCO-GROUPNET.CC (INCO Group Inc)
Tel 1-315-254-2358
Fax 1-800-803-5302
admin@inco-groupnet.cc
support@inco-groupnet.cc
job@inco-groupnet.cc
webmaster@inco-groupnet.cc

POUND-GROUPLLC.CC (Pound Group LLC)
Tel 1-347-274-8182,
Fax 1-800-803-5302
admin@pound-groupllc.cc,
support@pound-groupllc.cc,
job@pound-groupllc.cc,
webmaster@pound-groupllc.cc

Here are the new name servers, registered on the 8th:

NS1.SURPLUSUSA.CC (also NS2 and NS3)
NS1.USABONDS.CC (also NS2 and NS3)
NS1.USAFUNDS.CC (also NS2 and NS3)

WhoIs – Paymentbit.net

October 13, 20101 Comment

Address lookup
canonical name paymentbit.net.
aliases
addresses 69.43.160.144
Domain Whois record

Queried whois.internic.net with “dom paymentbit.net”…

Domain Name: PAYMENTBIT.NET
Registrar: BIG HOUSE SERVICES INC.
Whois Server: whois.bighouseservices.com
Referral URL: http://www.bighouseservices.com
Name Server: NS1.ISAACHOST.COM
Name Server: NS2.ISAACHOST.COM
Status: clientTransferProhibited
Updated Date: 28-jul-2010
Creation Date: 27-jul-2010
Expiration Date: 27-jul-2011

Last update of whois database: Wed, 13 Oct 2010 18:01:19 UTC
Queried whois.bighouseservices.com with “paymentbit.net”.

Registration Service Provided By: eNom, Inc.
Contact: info2@eNom.com

Domain name: paymentbit.net
Administrative Contact:
Isaac Goldstein namejet@isaacgoldstein.com
+852.81757533
Fax: +852.1
Level 19 Two International Finance Centre
8 Finance Street, Central
Hong Kong, HK 0000
HK

Technical Contact:
Isaac Goldstein namejet@isaacgoldstein.com
+852.81757533
Fax: +852.1
Level 19 Two International Finance Centre
8 Finance Street, Central
Hong Kong, HK 0000
HK

Registrant Contact:
Isaac Goldstein
Fax:
Level 19 Two International Finance Centre
8 Finance Street, Central
Hong Kong, HK 0000
HK

Status: Locked

Name Servers:
NS1.ISAACHOST.COM
NS2.ISAACHOST.COM

Creation date: 27 Jul 2010 11:18:00
Expiration date: 27 Jul 2011 11:18:00

Version 6.3 4/3/2002
Network Whois record

Queried whois.arin.net with “n ! NET-69-43-160-0-1″…

NetRange: 69.43.160.0 – 69.43.160.255
CIDR: 69.43.160.0/24
OriginAS: AS22489
NetName: NET-69-43-160-0-1
NetHandle: NET-69-43-160-0-1
Parent: NET-69-43-128-0-1
NetType: Reassigned
NameServer: NS1.TRELLIAN.COM
NameServer: NS2.TRELLIAN.COM
RegDate: 2010-06-18
Updated: 2010-06-18
Ref: http://whois.arin.net/rest/net/NET-69-43-160-0-1

OrgName: Trellian Pty Ltd
OrgId: TRELL-4
Address: 8 East Concourse
City: Beaumaris
StateProv: VIC
PostalCode: 3193
Country: AU
RegDate: 2010-06-18
Updated: 2010-06-18
Ref: http://whois.arin.net/rest/org/TRELL-4

OrgTechHandle: HOSTM1579-ARIN
OrgTechName: Hostmaster
OrgTechPhone: +613 9589 7946
OrgTechEmail: hostmaster@trellian.com
OrgTechRef: http://whois.arin.net/rest/poc/HOSTM1579-ARIN

RTechHandle: HOSTM1579-ARIN
RTechName: Hostmaster
RTechPhone: +613 9589 7946
RTechEmail: hostmaster@trellian.com
RTechRef: http://whois.arin.net/rest/poc/HOSTM1579-ARIN
DNS records

DNS query for 144.160.43.69.in-addr.arpa returned an error from the server: NameError

name class type data time to live
paymentbit.net IN SOA
server: ns1.aphost.com
email: mx.aphost.com
serial: 2005021502
refresh: 1440
retry: 720
expire: 360000
minimum ttl: 8640
14400s (04:00:00)

paymentbit.net IN NS ns2.aphost.com 300s (00:05:00)
paymentbit.net IN NS ns1.aphost.com 300s (00:05:00)
paymentbit.net IN A 69.43.160.144 300s (00:05:00)

Sharing IP with 29 domains:

1softwarespot.com
Adult-billing.com
Bestsoftclub.com
Billhlp.com
Billingcenteronline.com
Billinghost.net
Billingintegrator.com
Billingmill.com
Billingserviceonline.com
Billingsquad.net
Billinternet.com
Billsvc.com
Customerhlp.com
Dopaymentsonline.com
Ebillingcenter.com
Fantazybill.com
Interbills.com
Justnetbilling.net
Legalbillingsystems.com
Mainbillingcenter.com
Megafixer.com
Orderhlp.com
Paymentbit.com
Paymentbit.net
Paymentforge.com
Safepaymentsonline.com
Softwbill.com
Spankyhosting.com
Support-wizard.com
Truebillingservices.com

09021030408721.cn

1softwarespot.com

8e9.net

50nb.com

78.108.183

203.202.239

adnetserver.net

adult-billing.com

alex-first.com

allcooltubeshere.com

ameks.net

antispy2008.hk

antispywareguard.com

antispywerepro.com

antvirushelp.cm

av-pro-2009.com

avg-online-scanner.com

avira-online-scan.com

avpro2009.com

bestsoftclub.com

betterfasterpc.com

billhlp.com

billinghost.net

billingintegrator.com

billingmill.com

billingsquad.net

billinternet.com

billsvc.com

bizcn.com

bonus-protection.com

celebs4you-online2008.com

codecdownload.best-softwareportal.com

cool-porntube.com

crazy-party-pics.info

customerhlp.com

ddd.burimilol.com

defender-review.com

defender2009.com

dl.storage-proas2009.com

domain5123.net

dopaymentsonline.com

doublered.info

download-goodsoft.com

download-top-software.net

dream-ads.eu

easynetsearch.com

erabl-pict.com

erosets.net

fast-xxx-tube.net

feeds.videosz.com

ffseik.com

files.proas2009-dl.com

free-download-basez.com

fun4uuuu.com

galleries.videosz.com

get-files-4free.net

gfdsgf333.com

gknf21.net

greatporntubehere.com

helper-security.com

ho0k.com

homesiterenew.com

i-av-scanner2008.net

i-av-sscan2009.com

imp-porntube.net

interbills.com

internetcamz.com

ipowerwebz.mine.nu

juga-tube.com

justnetbilling.net

legalbillingsystems.com

life-download.net

livepc-update.com

lmt.www.conxion.com

localfun2.com

lsp-test-nax.ind.in

mac.sofotex.com

megafixer.com

megasexytube.com

megazmovie.com

mekiller.com

microsoft.protectionsoftwaredownload.com

mysecureexpertcleaner.com

mysy8.com

orderhlp.com

ox-tube.com

paymentbit.com

paymentbit.net

paymentforge.com

pewpewpew-hotcams.com

pillsexpert.com

pistvan.hu

pmsoftware.biz

powerfulvirusremover2008.com

prosecureexpertcleaner.com

prosecureexpertcleanerpro.com

registrydoctor2008-online.com

registrydoctor2008-pro.com

registrydoctor2008-scan.com

registrydoctorpro2008.com

remotespy.com

safepaymentsonline.com

sales.buy-antispyware-pro-xp.com

scan.proantispyware-scanner.com

scanner.extraantivir.com

secure.paymentbit.net

securefileshred.com

securefileshredder.com

securefileshredder2009.com

securefilesshred.com

securefilesshredder.com

smart-tube.net

sofotex.com

softwbill.com

ss1.videosz.com

strongvirusremover2008.com

super-av-scanner.com

supersecurefileshredder.com

support-wizard.com

switzerlandgirl.eu

switzerlandpussy.eu

systembooster2009.com

top-software-bazes.com

topregistrydoctor2008.com

truebillingservices.com

tube-ax.com

tube-chick.net

tube-dot.com

universel-software.com

upgrade-soft-ware-now.com

virusremover2008flash.com

virusremover2008plus.com

vvexe.com

webcam4uu.com

wieyou.com

winsecureexpertcleaner.com

winwebsecurity.com

http://www.09021030408721.cn

http://www.8e9.net

http://www.50nb.com

http://www.adnetserver.net

http://www.alex-first.com

http://www.ameks.net

http://www.antispy2008.hk

http://www.antispywerepro.com

http://www.antvirushelp.cm

http://www.betterfasterpc.com

http://www.bizcn.com

http://www.crazy-party-pics.info

http://www.doublered.info

http://www.download-top-software.net

http://www.dream-ads.eu

http://www.easynetsearch.com

http://www.erosets.net

http://www.fast-xxx-tube.net

http://www.ffseik.com

http://www.get-files-4free.net

http://www.gfdsgf333.com

http://www.gknf21.net

http://www.go-go-cash.com

http://www.greatporntubehere.com

http://www.helper-security.com

http://www.ho0k.com

http://www.homesiterenew.com

http://www.itcompany.com

http://www.life-download.net

http://www.lottoforever.com

http://www.marketbrowser.com

http://www.mekiller.com

http://www.mysy8.com

http://www.pcspeedscan.com

http://www.pewpewpew-hotcams.com

http://www.pmsoftware.biz

http://www.remotespy.com

http://www.sofotex.com

http://www.switzerlandgirl.eu

http://www.switzerlandpussy.eu

http://www.theshacker.com

http://www.tube-chick.net

http://www.tube-dot.com

http://www.virus-trigger.com

http://www.virusresponse2009.com

http://www.vvexe.com

http://www.youtube19.com

http://www.zlkon.lv

http://www.zloy.org

http://www.zoomovies.org

xmas-camss.com

xp-vista-scanner-pro.com

yoursecureexpertcleaner.com

youtube19.com

zlkon.lv

zloy.org

zoomovies.org

— end —

WhoIs – internetserviceteam.com – internet-service-team.info

October 13, 2010Leave a comment

84-16-252-115.internetserviceteam.com
84-16-252-116.internetserviceteam.com
84-16-252-117.internetserviceteam.com
84-16-252-118.internetserviceteam.com
89-149-194-210.internetserviceteam.com
89-149-210-26.internetserviceteam.com
internet-service-team.info
internetserviceteam.info
internet-service-team.org
internetserviceteam.org
jointoperationrecords.org
internet-service-team.net
internetserviceteam.net
internet-service-team.com
internetserviceteam.com
internet-service-team.biz
internetserviceteam.biz

The home page for InternetServiceTeam.com is blank, so the I supect that this is not a good spider.

Address lookup
canonical name internetserviceteam.com
aliases
addresses 217.20.112.80
Domain Whois record

Queried whois.internic.net with “dom internetserviceteam.com”…

Domain Name: INTERNETSERVICETEAM.COM
Registrar: PSI-USA, INC. DBA DOMAIN ROBOT
Whois Server: whois.psi-usa.info
Referral URL: http://www.psi-usa.info
Name Server: NS10.DNSPRO.DE
Name Server: NS9.DNSPRO.DE
Name Server: QUART.DNSPRO.DE
Name Server: TERT.DNSPRO.DE
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 25-apr-2010
Creation Date: 24-apr-2002
Expiration Date: 24-apr-2011

Last update of whois database: Wed, 13 Oct 2010 12:05:29 UTC
Queried whois.psi-usa.info with “internetserviceteam.com”…
=============
PSI-USA, Inc.
=============

This is the PSI-USA, Inc. WHOIS server.

All requests are logged.

Requesting IP: 209.200.90.14
Requesting URL: http://whois.psi-usa.info
Requesting Object: domain internetserviceteam.com
Timestamp: 2010-10-13 14:06:03

You can see the policy that you agree by submitting a query to this server: whois -h whois.psi-usa.info POLICY
domain: internetserviceteam.com
status: LOCK
owner-c: LULU-449414
admin-c: LULU-449414
tech-c: LULU-449414
zone-c: LULU-449414
nserver: ns9.dnspro.de
nserver: ns10.dnspro.de
nserver: tert.dnspro.de
nserver: quart.dnspro.de
created: 2002-04-24 19:04:23
expire: 2011-04-24 19:04:23 (registry time)
changed: 2010-04-26 10:35:57

[owner-c] handle: 449414
[owner-c] type: ORG
[owner-c] title:
[owner-c] fname: Wiethold
[owner-c] lname: Wagner
[owner-c] org: netdirekt e.K.
[owner-c] address: Kleyerstrasse 79 / Tor 13
[owner-c] city: Frankfurt
[owner-c] pcode: 60326
[owner-c] country: DE
[owner-c] state: Frankfurt
[owner-c] phone: +49-69-9055688-0
[owner-c] fax: +49-69-9055688-22
[owner-c] email: info@netdirekt.de
[owner-c] protection: B
[owner-c] remarks: Please send abuse Complaints to abuse@internetserviceteam.com
[owner-c] remarks: >
[owner-c] updated: 2009-07-13 14:07:46

[admin-c] handle: 449414
[admin-c] type: ORG
[admin-c] title:
[admin-c] fname: Wiethold
[admin-c] lname: Wagner
[admin-c] org: netdirekt e.K.
[admin-c] address: Kleyerstrasse 79 / Tor 13
[admin-c] city: Frankfurt
[admin-c] pcode: 60326
[admin-c] country: DE
[admin-c] state: Frankfurt
[admin-c] phone: +49-69-9055688-0
[admin-c] fax: +49-69-9055688-22
[admin-c] email: info@netdirekt.de
[admin-c] protection: B
[admin-c] remarks: Please send abuse Complaints to abuse@internetserviceteam.com
[admin-c] remarks: >
[admin-c] updated: 2009-07-13 14:07:46

[tech-c] handle: 449414
[tech-c] type: ORG
[tech-c] title:
[tech-c] fname: Wiethold
[tech-c] lname: Wagner
[tech-c] org: netdirekt e.K.
[tech-c] address: Kleyerstrasse 79 / Tor 13
[tech-c] city: Frankfurt
[tech-c] pcode: 60326
[tech-c] country: DE
[tech-c] state: Frankfurt
[tech-c] phone: +49-69-9055688-0
[tech-c] fax: +49-69-9055688-22
[tech-c] email: info@netdirekt.de
[tech-c] protection: B
[tech-c] remarks: Please send abuse Complaints to abuse@internetserviceteam.com
[tech-c] remarks: >
[tech-c] updated: 2009-07-13 14:07:46

[zone-c] handle: 449414
[zone-c] type: ORG
[zone-c] title:
[zone-c] fname: Wiethold
[zone-c] lname: Wagner
[zone-c] org: netdirekt e.K.
[zone-c] address: Kleyerstrasse 79 / Tor 13
[zone-c] city: Frankfurt
[zone-c] pcode: 60326
[zone-c] country: DE
[zone-c] state: Frankfurt
[zone-c] phone: +49-69-9055688-0
[zone-c] fax: +49-69-9055688-22
[zone-c] email: info@netdirekt.de
[zone-c] protection: B
[zone-c] remarks: Please send abuse Complaints to abuse@internetserviceteam.com
[zone-c] remarks: >
[zone-c] updated: 2009-07-13 14:07:46

Network Whois record

Queried whois.ripe.net with “-B 217.20.112.80″…

% Information related to ‘217.20.112.0 – 217.20.112.255’

inetnum: 217.20.112.0 – 217.20.112.255
netname: NETDIRECT-NET
descr: netdirekt e. K.
country: DE
admin-c: WW200-RIPE
tech-c: SR614-RIPE
status: ASSIGNED PA
mnt-by: NETDIRECT-MNT
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
mnt-domains: NETDIRECT-MNT
changed: technik@netdirekt.de 20040224
source: RIPE

person: Wiethold Wagner
address: netdirekt e. K.
address: Kleyer Strasse 79 / Tor 14
address: 60326 Frankfurt
address: DE
phone: +49 69 90556880
fax-no: +49 69 905568822
e-mail: info@netdirekt.de
abuse-mailbox: abuse@netdirekt.de
nic-hdl: WW200-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20040224
changed: technik@netdirekt.de 20100617
source: RIPE

person: Simon Roehl
address: netdirekt e. K.
address: Kleyer Strasse 79 /Tor 14
address: 60326 Frankfurt
address: DE
phone: +49 69 90556880
fax-no: +49 69 905568822
e-mail: technik@netdirekt.de
abuse-mailbox: abuse@netdirekt.de
nic-hdl: SR614-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20040224
changed: technik@netdirekt.de 20100617
source: RIPE

Information related to ‘217.20.112.0/20AS28753’

route: 217.20.112.0/20
descr: netdirect Frankfurt, DE
origin: AS28753
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20030220
source: RIPE
DNS records

name class type data time to live
internetserviceteam.com IN NS ns10.dnspro.de 50000s (13:53:20)
internetserviceteam.com IN NS ns9.dnspro.de 50000s (13:53:20)
internetserviceteam.com IN A 217.20.112.80 50000s (13:53:20)
internetserviceteam.com IN SOA
server: ns9.dnspro.de
email: ns.netdirekt.de
serial: 7012701
refresh: 10800
retry: 3600
expire: 605000
minimum ttl: 50000
50000s (13:53:20)
80.112.20.217.in-addr.arpa IN SOA
server: ns9.dnspro.de
email: ns.netdirekt.de
serial: 4062002
refresh: 10800
retry: 3600
expire: 1209700
minimum ttl: 100000
100000s (1.03:46:40)
80.112.20.217.in-addr.arpa IN NS tert.dnspro.de 100000s (1.03:46:40)
80.112.20.217.in-addr.arpa IN NS ns9.dnspro.de 100000s (1.03:46:40)
80.112.20.217.in-addr.arpa IN NS ns10.dnspro.de 100000s (1.03:46:40)
80.112.20.217.in-addr.arpa IN NS quart.dnspro.de 100000s (1.03:46:40)
80.112.20.217.in-addr.arpa IN PTR ad150.unix-server.com 100000s (1.03:46:40)
— end —

WhoIs you10meds.com

October 13, 2010Leave a comment

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration

Click Here
National Association of Boards of Pharmacy (NABP)

Warning

Behind The Online Pharmacy

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

Address lookup
canonical name you10meds.com.
aliases
addresses 212.95.58.190
Domain Whois record

Queried whois.internic.net with “dom you10meds.com”…

Domain Name: YOU10MEDS.COM
Registrar: REGTIME LTD.
Whois Server: whois.regtime.net
Referral URL: http://www.webnames.ru
Name Server: NS1.YOU10MEDS.COM
Name Server: NS2.YOU10MEDS.COM
Status: ok
Updated Date: 11-aug-2010
Creation Date: 11-aug-2009
Expiration Date: 11-aug-2011

> Last update of whois database: Wed, 13 Oct 2010 15:36:32 UTC <<<
Queried whois.regtime.net with "you10meds.com"…

% Regtime Ltd. WHOIS server

Domain name: you10meds.com

Name servers:
ns1.you10meds.com
ns2.you10meds.com

Registrar: Regtime Ltd.
Creation date: 2009-08-11
Expiration date: 2011-08-11
Status: active

Registrant:
Rodriges John
Email: bridal@ukr.net
Organization: Private person
Address: 13520 Shoesmaker AVE
City: Norwalk
State: CA
ZIP: 90650
Country: US
Phone: +8.5623210912
Administrative Contact:
Rodriges John
Email: bridal@ukr.net
Organization: Private person
Address: 13520 Shoesmaker AVE
City: Norwalk
State: CA
ZIP: 90650
Country: US
Phone: +8.5623210912
Technical Contact:
Rodriges John
Email: bridal@ukr.net
Organization: Private person
Address: 13520 Shoesmaker AVE
City: Norwalk
State: CA
ZIP: 90650
Country: US
Phone: +8.5623210912
Billing Contact:
Rodriges John
Email: bridal@ukr.net
Organization: Private person
Address: 13520 Shoesmaker AVE
City: Norwalk
State: CA
ZIP: 90650
Country: US
Phone: +8.5623210912

Network Whois record

Queried whois.ripe.net with "-B 212.95.58.190"…

% Information related to '212.95.58.0 – 212.95.58.255'

inetnum: 212.95.58.0 – 212.95.58.255
netname: INFERNO-NAME-967806
descr: inferno.name Dedicated server customer IP
country: DE
admin-c: SA4597-RIPE
tech-c: SR614-RIPE
status: ASSIGNED PA
mnt-by: NETDIRECT-MNT
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
changed: technik@netdirekt.de 20081229
changed: technik@netdirekt.de 20100429
source: RIPE

person: Sogreev Anton
address: 12 Knez Mihailova
address: apt. 18
address: Belgrade
address: 11000
address: Serbia
remarks:########################################
remarks: ==== Inferno Solutions Customer ====
remarks: Please report abuse incidents to abuse@inferno.name
remarks: Messages sent to other contact addresses may not be
remarks: acted upon.
remarks:#########################################
phone: +1 619 684 2664
e-mail: mail@inferno.name
abuse-mailbox: abuse@inferno.name
nic-hdl: SA4597-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20081010
changed: technik@netdirekt.de 20100428
source: RIPE

% Information related to '212.95.32.0/19AS28753'

route: 212.95.32.0/19
descr: ORG-nA8-RIPE
origin: AS28753
org: ORG-nA8-RIPE
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20080919
source: RIPE

organisation: ORG-nA8-RIPE
org-name: netdirect
org-type: LIR
address: netdirekt e. K.
Kleyer Strasse 79 / Tor 14
60326 Frankfurt
Germany
phone: +49 69 90556880
fax-no: +49 69 905568822
e-mail: ripe@netdirekt.de
admin-c: SR614-RIPE
admin-c: WW200-RIPE
mnt-ref: NETDIRECT-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
changed: hostmaster@ripe.net 20040415
changed: bitbucket@ripe.net 20050329
changed: bitbucket@ripe.net 20060223
changed: bitbucket@ripe.net 20060223
changed: bitbucket@ripe.net 20060815
changed: bitbucket@ripe.net 20070108
changed: bitbucket@ripe.net 20070509
changed: bitbucket@ripe.net 20070813
changed: bitbucket@ripe.net 20080516
changed: bitbucket@ripe.net 20080527
changed: bitbucket@ripe.net 20081014
changed: bitbucket@ripe.net 20090102
changed: bitbucket@ripe.net 20090227
changed: bitbucket@ripe.net 20090708
changed: bitbucket@ripe.net 20090709
changed: bitbucket@ripe.net 20090710
changed: bitbucket@ripe.net 20090929
changed: bitbucket@ripe.net 20090929
changed: bitbucket@ripe.net 20091204
changed: bitbucket@ripe.net 20100105
changed: bitbucket@ripe.net 20100205
changed: bitbucket@ripe.net 20100825
source: RIPE
DNS records

name class type data time to live
you10meds.com IN A 212.95.58.190 14400s (04:00:00)
you10meds.com IN MX
preference: 10
exchange: mail.you10meds.com
14400s (04:00:00)
you10meds.com IN TXT v=spf1 a mx ip4:212.95.58.190 ~all 14400s (04:00:00)
you10meds.com IN SOA
server: ns1.you10meds.com
email: hostmaster.you10meds.com
serial: 2009081101
refresh: 14400
retry: 3600
expire: 1209600
minimum ttl: 86400
14400s (04:00:00)
you10meds.com IN NS ns1.you10meds.com 14400s (04:00:00)
you10meds.com IN NS ns2.you10meds.com 14400s (04:00:00)
190.58.95.212.in-addr.arpa IN SOA
server: ns9.dnspro.de
email: ns.netdirekt.de
serial: 10081500
refresh: 10800
retry: 3600
expire: 1209700
minimum ttl: 100000
100000s (1.03:46:40)
190.58.95.212.in-addr.arpa IN NS ns9.dnspro.de 100000s (1.03:46:40)
190.58.95.212.in-addr.arpa IN NS ns10.dnspro.de 100000s (1.03:46:40)
190.58.95.212.in-addr.arpa IN PTR 212-95-58-190.local

IP address: 212.95.58.190
Host name: you10meds.com
Alias:
you10meds.com
212.95.58.190 is from Germany(DE) in region Western Europe

TraceRoute to 212.95.58.190 [you10meds.com]
Hop (ms) (ms) (ms) IP Address Host name
1 10 11 6 72.249.128.5 –
2 51 15 6 206.123.64.22 –
3 42 48 32 216.52.191.97 core2.tge5-2-bbnet2.ext1.dal.pnap.net
4 23 21 20 216.52.191.97 core2.tge5-2-bbnet2.ext1.dal.pnap.net
5 8 8 22 12.90.228.13 –
6 14 9 7 12.122.100.6 cr1.dlstx.ip.att.net
7 15 7 13 12.122.139.21 ggr3.dlstx.ip.att.net
8 11 10 12 192.205.35.226 –
9 32 57 72 4.69.134.22 ae-7-7.ebr3.atlanta2.level3.net
10 57 43 48 4.69.132.86 ae-2-2.ebr1.washington1.level3.net
11 63 68 48 4.69.132.86 ae-2-2.ebr1.washington1.level3.net
12 57 63 59 4.69.134.134 ae-71-71.csw2.washington1.level3.net
13 44 43 138 4.69.137.53 ae-42-42.ebr2.frankfurt1.level3.net
14 142 136 137 4.69.140.30 ae-92-92.csw4.frankfurt1.level3.net
15 144 168 132 4.69.140.30 ae-92-92.csw4.frankfurt1.level3.net
16 194 136 141 4.68.23.206 ae-4-99.edge6.frankfurt1.level3.net
17 142 139 145 77.109.91.122 77.109.91.122.static.edpnet.net
18 149 137 142 77.109.91.122 77.109.91.122.static.edpnet.net
19 Timed out Timed out 151 178.162.188.37 178-162-188-37.local
20 153 147 157 178.162.188.37 178-162-188-37.local
21 147 139 144 212.95.58.190 –
Trace complete

Retrieving DNS records for you10meds.com…
DNS servers
ns2.you10meds.com [212.95.58.191]
ns1.you10meds.com [212.95.58.190]

Answer records
you10meds.com A 212.95.58.190 14400s
you10meds.com MX
preference: 10
exchange: mail.you10meds.com
14400s
you10meds.com TXT v=spf1 a mx ip4:212.95.58.190 ~all 14400s
you10meds.com SOA
server: ns1.you10meds.com
email: hostmaster@you10meds.com
serial: 2009081101
refresh: 14400
retry: 3600
expire: 1209600
minimum ttl: 86400
14400s
you10meds.com NS ns1.you10meds.com 14400s
you10meds.com NS ns2.you10meds.com 14400s

Authority records

Additional records
mail.you10meds.com A 212.95.58.190 14400s
ns1.you10meds.com A 212.95.58.190 14400s
ns2.you10meds.com A 212.95.58.191 14400s

Whois query for you10meds.com…
Query error: Timed out
Network IP address lookup:

Whois query for 212.95.58.190
Results returned from whois.arin.net:

The following results may also be obtained via:
http://whois.arin.net/rest/nets;q=212.95.58.190?showDetails=true&showARIN=false

NetRange: 212.0.0.0 – 212.255.255.255
CIDR: 212.0.0.0/8
OriginAS:
NetName: RIPE-NCC-212
NetHandle: NET-212-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: TINNIE.ARIN.NET
NameServer: NS-PRI.RIPE.NET
NameServer: SUNIC.SUNET.SE
NameServer: SNS-PB.ISC.ORG
NameServer: SEC3.APNIC.NET
NameServer: NS3.NIC.FR
NameServer: SEC1.APNIC.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
RegDate: 1997-11-14
Updated: 2009-03-25
Ref: http://whois.arin.net/rest/net/NET-212-0-0-0-1

OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2004-12-13
Ref: http://whois.arin.net/rest/org/RIPE

ReferralServer: whois://whois.ripe.net:43

ARIN WHOIS data and services are subject to the Terms of Use
available at: https://www.arin.net/whois_tou.html

Results returned from whois.ripe.net:
This is the RIPE Database query service.
The objects are in RPSL format.

The RIPE Database is subject to Terms and Conditions.
See http://www.ripe.net/db/support/db-terms-conditions.pdf

Information related to ‘212.95.58.0 – 212.95.58.255’

person: Sogreev Anton
address: 12 Knez Mihailova
address: apt. 18
address: Belgrade
address: 11000
address: Serbia
remarks:##########################################################
remarks: ==== Inferno Solutions Customer ====
remarks: Please report abuse incidents to abuse@inferno.name
remarks: Messages sent to other contact addresses may not be
remarks: acted upon.
remarks:##########################################################
phone: +1 619 684 2664
e-mail: mail@inferno.name
abuse-mailbox: abuse@inferno.name
nic-hdl: SA4597-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20081010
changed: technik@netdirekt.de 20100428
source: RIPE

Information related to ‘212.95.32.0/19AS28753’

	ROBERT FONDERSMITH on National Credit Solutions,…
	survivingamericancos… on American Cosigners LLC a/k/a C…
	SFA Reporter on WhoIs reputationarea.com?
	JD Detective Agency on WhoIs CuteStat.com aka Name.co…
	MyLife.com – s… on Mylife.com aka Reunion.com
	JB Warner on WhoIs ScamGuard?
	Taylor on American Mega-Million Lottery…
	SFA Reporter on Apps Developers From Indi…
	SFA Reporter on infosoft-group.com – Met…
	SFA Reporter on We Are Getting Closer To Ident…

scamFRAUDalert™ Report

| Consumer Protection | Cyber-Crime Alerts |

Day: October 13, 2010

WhoIs – pegashosting.com – Money Mule Server [AS28753]

Stimul Media aka Rx Partners – stimul-cash.com

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration

Click Here
National Association of Boards of Pharmacy (NABP)

Warning

Behind The Online Pharmacy

Buying Medication Online Can Be Safe

679-205-2937
1-679-205-2937
(679)205-2937

Billing LTD – VERITASGROUP-LLC.COM

Understanding The Cyber Theft Ring
Money Mule Explained

Washingtonpost.com by Brian Kerbs

Interview With A Money Mule

WhoIs – Paymentbit.net

WhoIs – internetserviceteam.com – internet-service-team.info

WhoIs you10meds.com

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration

Click Here
National Association of Boards of Pharmacy (NABP)

Warning

Behind The Online Pharmacy

Buying Medication Online Can Be Safe

Share this:

Buying Prescription Drugs Online May Be Dangerous Says Drug Enforcement Administration

Warning

679-205-2937 1-679-205-2937 (679)205-2937

Share this:

Share this:

Share this:

Share this:

Buying Prescription Drugs Online May Be Dangerous Says Drug Enforcement Administration

Warning

Share this:

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration

679-205-2937
1-679-205-2937
(679)205-2937

Buying Prescription Drugs Online
May Be Dangerous
Says Drug Enforcement Administration