Feds Indicated 5 For Data Breach Conspiracy

The US Attorney in New Jersey announced the indicated of five (5) individuals involve in major bank heists and data breaches against US Companies. These individuals appears to be Russians and Ukrainian nationals with the help of Albert “Soupnazi” Gonzalez, the ring leader. The press release is below.

___________________

FOR IMMEDIATE RELEASE
July 25, 2013

 Hackers Targeted Major Payment Processors, Retailers and Financial Institutions Around the World

NEWARK, N.J. – A federal indictment made public today in New Jersey charges five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers, resulted in hundreds of millions of dollars in losses and is the largest such scheme ever prosecuted in the United States.

New Jersey U.S. Attorney Paul J. Fishman announced the charges today along with Special Agent in Charge James Mottola of the U.S. Secret Service (USSS), Criminal Investigations, Newark Division and Acting Assistant Attorney General for the Department of Justice’s Criminal Division Mythili Raman. The USSS led the investigation of the indicted conspiracy.

The defendants allegedly sought corporate victims engaged in financial transactions, retailers that received and transmitted financial data and other institutions with information they could exploit for profit. The defendants are charged with attacks on NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. It is not alleged that the NASDAQ hack affected its trading platform.

“This type of crime is the cutting edge,” U.S. Attorney Fishman said. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security.  And this case shows there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day.  We cannot be too vigilant and we cannot be too careful.”

“The defendants charged today were allegedly responsible for spearheading a world-wide hacking conspiracy that victimized a wide array of consumers and entities, causing hundreds of millions of dollars in losses,” Acting Assistant Attorney General Raman said. “Despite substantial efforts by the defendants to conceal their alleged crimes, the Department and its law enforcement counterparts have cracked this extensive scheme and are seeking justice for its many victims.  Today’s indictment will no doubt serve as a serious warning to those who would utilize illegal and fraudulent means to steal sensitive information online.”

“As is evident by this indictment, the Secret Service will continue to apply innovative techniques to successfully investigate and arrest transnational cyber criminals,” said Special Agent in Charge Mottola of the Newark Field Office. “While the global nature of cyber-crime continues to have a profound impact on our financial institutions, this case demonstrates the global investigative steps that U.S. Secret Service Special Agents are taking to ensure that criminals will be pursued and prosecuted no matter where they reside.”

According to the second superseding indictment unsealed today in Newark federal court and other court filings:

The five men each served particular roles in the scheme. Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia, and Alexandr Kalinin, 26, of St. Petersburg, Russia, each specialized in penetrating network security and gaining access to the corporate victims’ systems. Roman Kotov, 32, of Moscow, also a hacker, specialized in mining the networks Drinkman and Kalinin compromised to steal valuable data. The hackers hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Odessa, Ukraine.  Dmitriy Smilianets, 29, of Moscow, sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.

Kalinin and Drinkman were previously charged in New Jersey as “Hacker 1” and “Hacker 2” in a 2009 indictment charging Albert Gonzalez, 32, of Miami, in connection with five corporate data breaches – including the breach of Heartland Payment Systems Inc., which at the time was the largest ever reported. Gonzalez is currently serving 20 years in federal prison for those offenses. The U.S. Attorney’s Office for the Southern District of New York today announced two additional indictments against Kalinin: one charges him in connection with hacking certain computer servers used by NASDAQ and a second indictment, unsealed today, charged Kalinin and another Russian hacker, Nikolay Nasenkov, with an international scheme to steal bank account information by hacking U.S.-based financial institutions.  Rytikov was previously charged in the Eastern District of Virginia with an unrelated scheme. Kotov and Smilianets have not previously been charged publicly in the United States.

Drinkman and Smilianets were arrested at the request of the United States while traveling in the Netherlands on June 28, 2012. Smilianets was extradited Sept. 7, 2012, and remains in federal custody. He will appear in District of New Jersey federal court to be arraigned on the superseding indictment on a date to be determined. Drinkman is in custody in the Netherlands pending an extradition hearing. Kalinin, Kotov and Rytikov remain at large. All of the defendants are Russian nationals except for Rytikov, who is a citizen of Ukraine.

The Attacks

The five defendants conspired with others to penetrate the computer networks of several of the largest payment processing companies, retailers and financial institutions in the world, stealing the personal identifying information of individuals. They took user names and passwords, means of identification, credit and debit card numbers and other corresponding personal identification information of cardholders. Conservatively, the conspirators unlawfully acquired more than 160 million card numbers through hacking.

The initial entry was often gained using a “SQL injection attack.” SQL, or Structured Query Language, is a type of programing language designed to manage data held in particular types of databases; the hackers identified vulnerabilities in SQL databases and used those vulnerabilities to infiltrate a computer network. Once the network was infiltrated, the defendants placed malicious code, or malware, on the system. This malware created a “back door,” leaving the system vulnerable and helping the defendants maintain access to the network.  In some cases, the defendants lost access to the system due to companies’ security efforts, but were able to regain access through persistent attacks.

Instant message chats obtained by law enforcement reveal the defendants often targeted the victim companies for many months, waiting patiently as their efforts to bypass security were underway. The defendants had malware implanted in multiple companies’ servers for more than a year.

The defendants used their access to the networks to install “sniffers,” which were programs designed to identify, collect and steal data from the victims’ computer networks. The defendants then used an array of computers located around the world to store the stolen data and ultimately sell it to others.

Selling the Data

After acquiring the card numbers and associated data – which they referred to as “dumps” – the conspirators sold it to resellers around the world. The buyers then sold the dumps through online forums or directly to individuals and organizations. Smilianets was in charge of sales, vending the data only to trusted identity theft wholesalers. He would charge approximately $10 for each stolen American credit card number and associated data, approximately $50 for each European credit card number and associated data and approximately $15 for each Canadian credit card number and associated data – offering discounted pricing to bulk and repeat customers. Ultimately, the end users encoded each dump onto the magnetic strip of a blank plastic card and cashed out the value of the dump by either withdrawing money from ATMs or making purchases with the cards.

Covering Their Tracks

The defendants used a number of methods to conceal the scheme. Unlike traditional Internet service providers, Rytikov allowed his clients to hack with the knowledge he would never keep records of their online activities or share information with law enforcement.

Over the course of the conspiracy, the defendants communicated through private and encrypted communications channels to avoid detection. Fearing law enforcement would intercept even those communications, some of the conspirators attempted to meet in person.

To protect against detection by the victim companies, the defendants altered the settings on victim company networks to disable security mechanisms from logging their actions. The defendants also worked to evade existing protections by security software.

*          *          *

As a result of the scheme, financial institutions, credit card companies and consumers suffered hundreds of millions in losses – including more than $300 million in losses reported by just three of the corporate victims – and immeasurable losses to the identity theft victims in costs associated with stolen identities and false charges.

The maximum potential penalties for each defendant per count are as follows:

Count(s) Defendants Violation Maximum Penalty/Count
1 All Conspiracy to gain unauthorized access to computers 5 years; $250,000 fine or twice the gain or loss from the offense
2 All Conspiracy to commit wire fraud 30 years; $1 million fine or twice the gain or loss from the offense
3-8 Drinkman
Kalinin
Kotov
Smilianets
Unauthorized access to computers 5 years; $250,000 fine or twice the gain or loss from the offense
9-11 Drinkman
Kalinin
Kotov
Smilianets
Wire fraud 30 years; $1 million fine or twice the gain or loss from the offense

U.S. Attorney Fishman credited the special agents of the U.S. Secret Service, Criminal Investigations, under the direction of Director Pierson, and special agents from the Newark Division, under the direction of Special Agent in Charge James Mottola, for the ongoing investigation leading to today’s charges.

The government is represented by Erez Liebermann, Deputy Chief of the New Jersey U.S. Attorney’s Office Criminal Division; Assistant U.S. Attorney Gurbir Grewal of the Computer Hacking and Intellectual Property Section of the Office’s Economic Crimes Unit; and Trial Attorney James Silver of the Department of Justice’s Computer Crime and Intellectual Property Section in Washington.

U.S. Attorney Fishman thanked the Department’s Office of International Affairs in Washington for their extraordinary support, as well as public prosecutors with the Dutch Ministry of Security and Justice and the National High Tech Crime Unit of the Dutch National Police. Fishman also acknowledged the U.S. Attorney’s Offices in the District of Kansas and the Northern District of Georgia for their valuable contributions in the development of the prosecution.

The charges and allegations contained in the indictment are merely accusations and the defendants are considered innocent unless and until proven guilty.

13-310

Defense counsel:

Vladimir Drinkman: Bart Stapert Esq., Amsterdam, Netherlands (for Netherlands-based proceedings)
Dmitriy Smilianets: Bruce Provda Esq., Queens, N.Y.

Drinkman, Vladimir Et Al., Indictment

domainsilver.pl ~ 91.217.52.124

spam ~ spam ~ spam

inetnum: 91.217.52.0 – 91.217.53.255

no spam!
netname: ASFAJNCOM
descr: FAJNCOM s.r.o.
country: CZ
org: ORG-FAJN1-RIPE
admin-c: BART3-RIPE
tech-c: BART3-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: FAJNCOM-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: FAJNCOM-MNT
mnt-domains: FAJNCOM-MNT
source: RIPE # Filtered

organisation: ORG-FAJN1-RIPE
org-name: FAJNCOM s.r.o.
org-type: OTHER
address: Czech Republic, Orlicke Podhuri, Rozsocha 11
mnt-ref: FAJNCOM-MNT
mnt-by: FAJNCOM-MNT
source: RIPE # Filtered

person: Bohumil Bartos
address: Orlicke Podhuri, Rozsocha 11, Czech Republic
phone: +420733513236
nic-hdl: BART3-RIPE
mnt-by: FAJNCOM-MNT
source: RIPE # Filtered
route: 91.217.52.0/23
descr: Fajncom Route
origin: AS51463
mnt-by: FAJNCOM-MNT
source: RIPE # Filtered

Sites on IP 91.217.52.124
Displaying items 1 to 100, out of a total of 211

  1. aextrabingokpcash.com/
  2. aextraclubkpcash.com/
  3. alinemagiceudice.com/
  4. amagiccasheurodice.com/
  5. amagiccashvipsp.com/
  6. amagicclubluxurysp.com/
  7. amagictopeudice.com/
  8. aspstarsgame.com/
  9. astarsmagiceudice.com/
  10. aweblifemagicdsp.com/
  11. awebmagiceurodice.com/
  12. awebmagicgoldensp.com/
  13. cashmagiceurodice.com/
  14. egoldensupereurodice.com/
  15. emagicclubluxurysp.com/
  16. estarsvivaeudice.com/
  17. eweblifemagicdsp.com/
  18. extrabingokpcash.com/
  19. extrawebgoldensp.com/
  20. goldenmagiceurodice.com/
  21. igoldenvivaeurodice.com/
  22. ilotclubluxurysp.com/
  23. iluxlifemagicsp.com/
  24. imagicclubluxurysp.com/
  25. imagicwebgoldensp.com/
  26. istarsvivaeudice.com/
  27. istarsvivaeurodice.com/
  28. isupercasheurodice.com/
  29. ivivabingoseurodice.com/
  30. ivivacasheurodice.com/
  31. ivivawebgoldensp.com/
  32. iweblifemagicdsp.com/
  33. iwebmagicgoldensp.com/
  34. iwebsupereurodice.com/
  35. iwebvivaeurodice.com/
  36. jbonusextrabetday.com/
  37. jmagiceudice.com/
  38. jstarsvivaeudice.com/
  39. jstarsvivaeurodice.com/
  40. jultraextrabetday.com/
  41. jvivacasheurodice.com/
  42. jvivaclubluxurysp.com/
  43. jvivatopeudice.com/
  44. jvivawebgoldensp.com/
  45. luxurylinemagicsp.com/
  46. magicbingoseurodice.com/
  47. magiccasheurodice.com/
  48. magicclubluxurysp.com/
  49. magicwebgoldensp.com/
  50. olinesupereudice.com/
  51. olotcashvipsp.com/
  52. oluxurylineextrasp.com/
  53. oultraextrabetday.com/
  54. ovipgrandfestival.com/
  55. ovivabingoseurodice.com/
  56. ovivaclubluxurysp.com/
  57. ovivawebgoldensp.com/
  58. owebmagicgoldensp.com/
  59. qcashvivaeurodice.com/
  60. qgoldenvivaeurodice.com/
  61. qluxurylinelotsp.com/
  62. qoluxurylinevivasp.com/
  63. qvivaclubluxurysp.com/
  64. qvivawebgoldensp.com/
  65. qwebvivaeurodice.com/
  66. qwebvivagoldensp.com/
  67. ubonusextrabetday.com/
  68. uextralivebetday.com/
  69. ugoldenvivaeurodice.com/
  70. uluxurylinemagicsp.com/
  71. umagiccashvipsp.com/
  72. umagicclubluxurysp.com/
  73. umagicwebgoldensp.com/
  74. ustarssupereurodice.com/
  75. ustarsvivaeudice.com/
  76. uvivabingoseurodice.com/
  77. uvivaclubluxurysp.com/
  78. uweblifeextradsp.com/
  79. uweblifemagicdsp.com/
  80. uwebmagicgoldensp.com/
  81. uwebvivaeurodice.com/
  82. uwebvivagoldensp.com/
  83. webmagiceurodice.com/
  84. webmagicgoldensp.com/
  85. aextraclubkpcash.com/
  86. alinemagiceudice.com/
  87. amagiccasheurodice.com/
  88. amagiccashvipsp.com/
  89. amagiclifevipsp.com/
  90. amagictopeudice.com/
  91. aweblifemagicdsp.com/
  92. aweblinemagicsp.com/
  93. awebmagicgoldensp.com/
  94. bonuslotbetday.com/
  95. cashmagiceurodice.com/
  96. egoldensupereurodice.com/
  97. elotnetbetday.com/
  98. eluxlifelotsp.com/
  99. eluxlifemagicsp.com/
  100. emagiccashvipsp.com/
  101. emagicclubluxurysp.com/
  102. emagicwebgoldensp.com/
  103. estarsvivaeudice.com/
  104. esupertopeudice.com/
  105. eweblifemagicdsp.com/
  106. extracashwebkp.com/
  107. extraclubcashkp.com/
  108. extraclubkpcash.com/
  109. extrahillkpcash.com/
  110. goldenmagiceurodice.com/
  111. icashvivaeurodice.com/
  112. icovipcash.com/
  113. icoviplive.com/
  114. ihotdicestars.com/
  115. ilotclubluxurysp.com/
  116. iluxlifemagicsp.com/
  117. imagiccashvipsp.com/
  118. imydicestars.com/
  119. istarseurodice.com/
  120. isupercasheurodice.com/
  121. ivivacasheurodice.com/
  122. ivivatopeudice.com/
  123. ivivawebgoldensp.com/
  124. http://www.iwebextrabetday.com/
  125. iweblifemagicdsp.com/
  126. iweblinemagicsp.com/
  127. iwebsupereurodice.com/
  128. jhotcashwebkp.com/
  129. jhotdicestars.com/
  130. jlinevivaeudice.com/
  131. jluxlifevivasp.com/
  132. jmagiceudice.com/
  133. jmydicestars.com/
  134. jstarsvivaeurodice.com/
  135. jvivacasheurodice.com/
  136. jvivacashvipsp.com/
  137. jvivaclubluxurysp.com/
  138. jvivawebgoldensp.com/
  139. jweblinevivasp.com/
  140. jwebvivagoldensp.com/
  141. lifelinelotbetday.com/
  142. lotclubbetday.com/
  143. lotlivebetday.com/
  144. otnetbetday.com/
  145. luxlifelotsp.com/
  146. uxlifemagicsp.com/
  147. luxurylinemagicsp.com/
  148. magiccashvipsp.com/
  149. magicclubluxurysp.com/
  150. magiclifevipsp.com/
  151. magictopeudice.com/
  152. ogoldenvivaeurodice.com/
  153. olinesupereudice.com/
  154. oluxlifevivasp.com/
  155. ovivaclubluxurysp.com/
  156. oworldlifevipsp.com/
  157. qextracashvipsp.com/
  158. qgoldenvivaeurodice.com/
  159. qhotbingokpcash.com/
  160. qhotclubcashkp.com/
  161. qvivatopeudice.com/
  162. qweblifelotdsp.com/
  163. qwebvivaeurodice.com/
  164. starsmagiceurodice.com/
  165. ubonusextrabetday.com/
  166. uextracashvipsp.com/
  167. uextralivebetday.com/
  168. ugoldenvivaeurodice.com/
  169. ulinevivaeudice.com/
  170. uluxurylineextrasp.com/
  171. umagiccashvipsp.com/
  172. umagiclifevipsp.com/
  173. unetcovipcash.com/
  174. unetcovipstar.com/
  175. unetcoviptop.com/
  176. uvivaclubluxurysp.com/
  177. uweblifelotdsp.com/
  178. uwebvivagoldensp.com/
  179. weblifemagicdsp.com/
  180. weblinelotsp.com/
  181. weblinemagicsp.com/
  182. weblinevivasp.com/
  183. weblotbetday.com/
  184. webmagicgoldensp.com/
  185. yextracashwebkp.com/
  186. yextraclubcashkp.com/
  187. yextrahillkpcash.com/
  188. ygoldensupereurodice.com/
  189. ylinesupereudice.com/
  190. yluxurylineextrasp.com/
  191. ymagiccashvipsp.com/
  192. ymagiclifevipsp.com/
  193. ymagicwebgoldensp.com/
  194. hyweblifeextradsp.com/
  195. hyweblinemagicsp.com/
  196. yweblotgoldensp.com/
  197. zworldcashvipsp.com/
  198. zworldwebgoldensp.com/
  199. yextraclubcashkp.com/
  200. yextraclubkpcash.com/
  201. yextrahillkpcash.com/
  202. yextralivebetday.com/
  203. ygoldensupereurodice.com/
  204. ygoldenvivaeurodice.com/
  205. ylinesupereudice.com/
  206. hyluxurylineextrasp.com/
  207. ymagicclubluxurysp.com/
  208. yweblifeextradsp.com/
  209. yweblinenetsp.com/
  210. http://zlinenetspweb.com/

palladiumgroup.biz ~ Palladium Group Inc

The Purpose of this post is to ALERT you that the job you are about to apply for or may have applied FOR or is CONSIDERING APPLYING FOR is FRAUDULENT.

These job postings are an attempt to lure you into cashing counterfeit checks and have you wire funds via Western Union or MoneyGram. Essentially You Become A Money or RePackage Mule.

The identity of an individual or entity have been stolen along with fund from their bank accounts. You are being recruited to wire transfer these funds either by WESTERN UNION, MONEYGRAM, into your bank, a DOMESTIC BANK or FOREIGN BANK ACCOUNT

  1. Understanding The Cyber Theft Ring
  2. Money Mule Explained
  3. Protecting Yourself Against Money Mule
  4. Washingtonpost.com by Brian Kerbs
  5. Interview With A Money Mule
  6. Bobbear.co.UK ~ Historical Money Mule Sites

____________________

  1. vision-systems-ltd.com
  2. vision-systems-uk.org
  3. career@bechtel-us.com
  4. pnsexpress.com
  5. widespreadlogist.com

Main Address:
Office Suites
105 POST STREET
MIDLAND MI 48640-2658E
USA

Tel: 1-989-941-0260
Fax” 1-585-410-6004

E-mail:

Administration: mail to:
admin@palladiumgroup.biz

Support: mail to:
support@palladiumgroup.biz

Job: mail to:
job@palladiumgroup.biz

Webmaster: mail to:
webmaster@palladiumgroup.biz

WhoIs ~ seobuckle.com

The email ucokpunk@gmail.com is related to these domains :

1. diplook.com
2. goldpricestat.com
3. imagestall.com
4. kampusdokter.com
5. liberatefile.com
6. pdfcracks.com
7. seobuckle.com
8. sumberbacaan.com
9. sushisaltlakecity.com

Address lookup
canonical name seobuckle.com

aliases
addresses 198.252.98.50
Domain Whois record

Queried whois.internic.net with “dom seobuckle.com

Domain Name: SEOBUCKLE.COM
Registrar: GODADDY.COM, LLC
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS5.HAWKHOST.COM
Name Server: NS6.HAWKHOST.COM
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 20-jul-2013
Creation Date: 05-jan-2013
Expiration Date: 05-jan-2014

>>> Last update of whois database: Thu, 25 Jul 2013 23:43:24 UTC <<<
Queried whois.godaddy.com with “seobuckle.com”…

Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
Domain Name: SEOBUCKLE.COM
Created on: 05-Jan-13
Expires on: 05-Jan-14
Last Updated on: 05-Jan-13

Registrant:
Muhammad M.S
Rappocini Raya, Citra Griyatama A/14.
Makassar, South Sulawesi 90222
Indonesia

Administrative Contact:
M.S, Muhammad ucokpunk@gmail.com
Rappocini Raya, Citra Griyatama A/14.
Makassar, South Sulawesi 90222
Indonesia
62411876616

Technical Contact:
M.S, Muhammad ucokpunk@gmail.com
Rappocini Raya, Citra Griyatama A/14.
Makassar, South Sulawesi 90222
Indonesia
62411876616

Domain servers in listed order:
NS5.HAWKHOST.COM
NS6.HAWKHOST.COM
Network Whois record

Queried whois.arin.net with “n 198.252.98.50″…

NetRange: 198.252.96.0 – 198.252.111.255
CIDR: 198.252.96.0/20
OriginAS: AS36351, AS30496
NetName: HAWKHOST
NetHandle: NET-198-252-96-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
RegDate: 2013-02-20
Updated: 2013-02-20
Ref: http://whois.arin.net/rest/net/NET-198-252-96-0-1

OrgName: Hawk Host Inc.
OrgId: HH-63
Address: 710 Tower St South PO Box 50081
City: Fergus
StateProv: ON
PostalCode: N1M 2R0
Country: CA
RegDate: 2012-08-30
Updated: 2013-02-21
Ref: http://whois.arin.net/rest/org/HH-63

OrgNOCHandle: ROBER214-ARIN
OrgNOCName: Robertson, Jonathan
OrgNOCPhone: +1-408-761-1354
OrgNOCEmail: cody@hawkhoststatus.com
OrgNOCRef: http://whois.arin.net/rest/poc/ROBER214-ARIN

OrgAbuseHandle: ABUSE3589-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-800-859-8803
OrgAbuseEmail: abuse@hawkhost.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3589-ARIN

OrgTechHandle: ROBER214-ARIN
OrgTechName: Robertson, Jonathan
OrgTechPhone: +1-408-761-1354
OrgTechEmail: cody@hawkhoststatus.com
OrgTechRef: http://whois.arin.net/rest/poc/ROBER214-ARIN

OrgTechHandle: BJF6-ARIN
OrgTechName: Farrell, Brian J
OrgTechPhone: +1-800-859-8803
OrgTechEmail: brian@hawkhost.com
OrgTechRef: http://whois.arin.net/rest/poc/BJF6-ARIN

OrgNOCHandle: BJF6-ARIN
OrgNOCName: Farrell, Brian J
OrgNOCPhone: +1-800-859-8803
OrgNOCEmail: brian@hawkhost.com
OrgNOCRef: http://whois.arin.net/rest/poc/BJF6-ARIN

OrgNOCHandle: NETWO5641-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-800-859-8803
OrgNOCEmail: noc@hawkhost.com
OrgNOCRef: http://whois.arin.net/rest/poc/NETWO5641-ARIN

OrgTechHandle: NETWO5641-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-800-859-8803
OrgTechEmail: noc@hawkhost.com
OrgTechRef: http://whois.arin.net/rest/poc/NETWO5641-ARIN
DNS records

name class type data time to live
seobuckle.com IN MX
preference: 0
exchange: seobuckle.com
86400s (1.00:00:00)
seobuckle.com IN NS ns5.hawkhost.com 86400s (1.00:00:00)
seobuckle.com IN NS ns6.hawkhost.com 86400s (1.00:00:00)
seobuckle.com IN A 198.252.98.50 86400s (1.00:00:00)
50.98.252.198.in-addr.arpa IN PTR 198.252.98.50-static.reverse.arandomserver.com 86400s (1.00:00:00)
98.252.198.in-addr.arpa IN SOA
server: dns10.hawkhost.com
email: cody@hawkhost.com
serial: 2013032007
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 86400
86400s (1.00:00:00)
98.252.198.in-addr.arpa IN RRSIG
type covered: NSEC (47)
algorithm: RSA/SHA-1 (5)
labels: 5
original ttl: 10800 (03:00:00)
signature expiration: 2013-08-04 20:00:33Z
signature inception: 2013-07-25 20:00:33Z
key tag: 31943
signer’s name: 198.in-addr.arpa
signature:
(1024 bits)
B0E8B7AB23802C524199F7D17B08E181
82BDDDBBEE743B80EBE03A4A9C37C6FC
14F7179C20E391A682BA7257A676BE30
3CCEA640459BFF263CFF3ADB97817D54
B73930F08CD35081049A0FD9430EDBEF
55522BE8A9450343FD74EA98D322F863
BA2C7FD6B397B187128E46BE3B1F8717
423D2B901ACF1D363C4CC87A18D49F12
10800s (03:00:00)
98.252.198.in-addr.arpa IN NSEC
next domain name: 99.252.198.in-addr.arpa
record types: NS RRSIG NSEC
10800s (03:00:00)
98.252.198.in-addr.arpa IN NS dns11.hawkhost.com 86400s (1.00:00:00)
98.252.198.in-addr.arpa IN NS dns9.hawkhost.com 86400s (1.00:00:00)
98.252.198.in-addr.arpa IN NS dns10.hawkhost.com 86400s (1.00:00:00)
— end —

awesome-pennystocks.com

Address lookup

canonical name awesome-pennystocks.com.
aliases
addresses 174.132.104.42
Domain Whois record

Queried whois.internic.net with “dom awesome-pennystocks.com”…

Domain Name: AWESOME-PENNYSTOCKS.COM
Registrar: NAME.COM LLC
Whois Server: whois.name.com
Referral URL: http://www.name.com
Name Server: NS1219.HOSTGATOR.COM
Name Server: NS1220.HOSTGATOR.COM
Status: clientTransferProhibited
Updated Date: 25-oct-2012
Creation Date: 20-oct-2011
Expiration Date: 20-oct-2013

>>> Last update of whois database: Thu, 25 Jul 2013 23:39:22 UTC <<<
Queried whois.name.com with "awesome-pennystocks.com"…

Domain Name: awesome-pennystocks.com
Registrar: Name.com LLC

Expiration Date: 2013-10-20 19:32:39
Creation Date: 2011-10-20 19:32:39

Name Servers:
ns1219.hostgator.com
ns1220.hostgator.com

REGISTRANT CONTACT INFO
felice calista
felice calista
sunter sts 1
jakarta
jakut
10480
ID
Phone: +62.8561082289
Email Address: felicesayang@gmail.com

ADMINISTRATIVE CONTACT INFO
felice calista
felice calista
sunter sts 1
jakarta
jakut
10480
ID
Phone: +62.8561082289
Email Address: felicesayang@gmail.com

TECHNICAL CONTACT INFO
felice calista
felice calista
sunter sts 1
jakarta
jakut
10480
ID
Phone: +62.8561082289
Email Address: felicesayang@gmail.com

BILLING CONTACT INFO
felice calista
felice calista
sunter sts 1
jakarta
jakut
10480
ID
Phone: +62.8561082289
Email Address: felicesayang@gmail.com

Timestamp: 1374795592.6974
Network Whois record

Queried rwhois.theplanet.com with "174.132.104.42"…

%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Auth-Area:174.132.0.0/15
network:Class-Name:network
network:Created:20110323
network:Updated:20110323

network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.174.132.0.0/15
network:Auth-Area:174.132.0.0/15
network:Network-Name:SOFTLAYER-174.132.0.0
network:IP-Network:174.132.104.0/24
network:IP-Network-Block:174.132.104.0-174.132.104.255
network:Organization;I:SoftLayer
network:Street-Address:4849 Alpha Road
network:City:Dallas
network:State:TX
network:Postal-Code:75244
network:Country-Code:US
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@softlayer.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2011-02-18 09:44:18
network:Updated-By:ipadmin@softlayer.com

%ok
Queried whois.arin.net with "n 174.132.104.42"…

NetRange: 174.132.0.0 – 174.133.255.255
CIDR: 174.132.0.0/15
OriginAS: AS36420, AS30315, AS13749, AS21844
NetName: NETBLK-THEPLANET-BLK-15
NetHandle: NET-174-132-0-0-1
Parent: NET-174-0-0-0-0
NetType: Direct Allocation
RegDate: 2008-06-17
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-174-132-0-0-1

OrgName: ThePlanet.com Internet Services, Inc.
OrgId: TPCM
Address: 315 Capitol
Address: Suite 205
City: Houston
StateProv: TX
PostalCode: 77002
Country: US
RegDate: 1999-08-31
Updated: 2010-10-13
Ref: http://whois.arin.net/rest/org/TPCM

ReferralServer: rwhois://rwhois.theplanet.com:4321

OrgAbuseHandle: ABUSE271-ARIN
OrgAbuseName: The Planet Abuse
OrgAbusePhone: +1-281-714-3560
OrgAbuseEmail: abuse@theplanet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

OrgNOCHandle: THEPL-ARIN
OrgNOCName: The Planet NOC
OrgNOCPhone: +1-281-714-3000
OrgNOCEmail: noc@theplanet.com
OrgNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

OrgTechHandle: TECHN33-ARIN
OrgTechName: Technical Support
OrgTechPhone: +1-281-714-3000
OrgTechEmail: admins@theplanet.com
OrgTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

RNOCHandle: THEPL-ARIN
RNOCName: The Planet NOC
RNOCPhone: +1-281-714-3000
RNOCEmail: noc@theplanet.com
RNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

RAbuseHandle: ABUSE271-ARIN
RAbuseName: The Planet Abuse
RAbusePhone: +1-281-714-3560
RAbuseEmail: abuse@theplanet.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

RTechHandle: TECHN33-ARIN
RTechName: Technical Support
RTechPhone: +1-281-714-3000
RTechEmail: admins@theplanet.com
RTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN
DNS records

name class type data time to live
awesome-pennystocks.com IN TXT v=spf1 a mx include:websitewelcome.com ~all 14400s (04:00:00)
awesome-pennystocks.com IN MX
preference: 0
exchange: awesome-pennystocks.com
14400s (04:00:00)
awesome-pennystocks.com IN SOA
server: ns1219.hostgator.com
email: root@gator610.hostgator.com
serial: 2012081201
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
awesome-pennystocks.com IN NS ns1220.hostgator.com 86400s (1.00:00:00)
awesome-pennystocks.com IN NS ns1219.hostgator.com 86400s (1.00:00:00)
awesome-pennystocks.com IN A 174.132.104.42 14400s (04:00:00)
42.104.132.174.in-addr.arpa IN PTR 2a.68.84ae.static.theplanet.com 86400s (1.00:00:00)
104.132.174.in-addr.arpa IN SOA
server: ns3.arpa.networklayer.com
email: root@softlayer.com
serial: 2013032600
refresh: 7200
retry: 600
expire: 1728000
minimum ttl: 43200
86400s (1.00:00:00)
104.132.174.in-addr.arpa IN NS ns4.arpa.networklayer.com 86400s (1.00:00:00)
104.132.174.in-addr.arpa IN NS ns3.arpa.networklayer.com 86400s (1.00:00:00)
— end —