WhoIs mgmforex.com

This is a MALWARE INFESTED SITELogo_Fraudalert
mgmforex.png
Address lookup

canonical name :mgmforex.com
aliases :www.mgmforex.com
addresses :209.159.145.174
Domain Whois record

Queried whois.internic.net with “dom mgmforex.com”…

Domain Name: MGMFOREX.COM
Registry Domain ID: 1595568960_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.PublicDomainRegistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-01-24T21:54:53Z
Creation Date: 2010-05-03T21:30:33Z

Registry Expiry Date: 2024-05-03T21:30:33Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
Domain Status: clientTransferProhibited

Name Server: NS1.DNS-HOSTINGSOURCE.COM
Name Server: NS2.DNS-HOSTINGSOURCE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-10-15T18:25:28Z <<>> Last update of WHOIS database: 2017-10-15T18:25:41Z <<<

Network Whois record

Queried rwhois.trouble-free.net with “209.159.145.174”…

%rwhois V-1.5:003fff:00 city.trouble-free.net (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-INTSRV.209.159.144.0/20
network:Auth-Area:209.159.144.0/20
network:Network-Name:INTSRV-209.159.145.128
network:IP-Network:209.159.145.128/25
network:Org-Name:Hostingsource
network:Street-Address:10 Cypress Lane
network:City:NY
network:State:Plainview
network:Postal-Code:11803
network:Country-Code:US
network:Created:20091125
network:Updated:20150922
network:Updated-By:abuse@interserver.net

%ok
Queried whois.arin.net with “n 209.159.145.174″…

NetRange: 209.159.144.0 – 209.159.159.255
CIDR: 209.159.144.0/20
NetName: INTERSERVER
NetHandle: NET-209-159-144-0-1
Parent: NET209 (NET-209-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Interserver, Inc (INTER-83)
RegDate: 2009-12-07
Updated: 2012-02-24
Comment: Send abuse complaints to abuse@interserver.net
Ref: https://whois.arin.net/rest/net/NET-209-159-144-0-1

OrgName: Interserver, Inc
OrgId: INTER-83
Address: 110 Meadowlands Pkwy
Address: 1st Floor
City: Secaucus
StateProv: NJ
PostalCode: 07094
Country: US
RegDate: 2003-03-17
Updated: 2017-01-28
Comment: Please Use abuse@interserver.net for all abuse complaints
Ref: https://whois.arin.net/rest/org/INTER-83

ReferralServer: rwhois://rwhois.trouble-free.net:4321

OrgNOCHandle: NOC1390-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-201-605-1440
OrgNOCEmail: abuse@interserver.net
OrgNOCRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

OrgTechHandle: NOC1390-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-201-605-1440
OrgTechEmail: abuse@interserver.net
OrgTechRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

OrgAbuseHandle: NOC1390-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-201-605-1440
OrgAbuseEmail: abuse@interserver.net
OrgAbuseRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RAbuseHandle: NOC1390-ARIN
RAbuseName: Network Operations Center
RAbusePhone: +1-201-605-1440
RAbuseEmail: abuse@interserver.net
RAbuseRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RTechHandle: NOC1390-ARIN
RTechName: Network Operations Center
RTechPhone: +1-201-605-1440
RTechEmail: abuse@interserver.net
RTechRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

RNOCHandle: NOC1390-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-201-605-1440
RNOCEmail: abuse@interserver.net
RNOCRef: https://whois.arin.net/rest/poc/NOC1390-ARIN

Advertisements

Playoninflatables.com Network Compromised

scamFRAUDalert see it appropriate to issue this ALERT as the network for PlayOn Alert_logoInflatables is being compromised sending out malicious attacks on computers.
WordAd_SFA2.PNG
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
10/14/2017 12:26:45 PM,High,An intrusion attempt by playoninflatables.com was blocked.,
Blocked,
No Action Required,
Web Attack: JSCoinminer Download 6,
No Action Required,
No Action Required,
“playoninflatables.com (23.229.148.192, 80)”,
playoninflatables.com/,”DESKTOP-8UGRPC2 (192.168.0.14, 57225)”,
playoninflatables.com (23.229.148.192),”TCP, www-http”
Network traffic from playoninflatables.com/ matches the signature of a known attack.

scamFRAUDalert.ORG cybersquatting WARNING

Essentially what this CRIMINAL=samirnet2@gmail.com has done is to hijack scamFRAUDalert Twitter URL and redirecting it to scamfraudalert.org=MALWARE
SFA_Google_For SALE
We have been able to identify the criminal publisher ID:”pub-2955686772232536
cutestats
Cybersquatting is a common practice online. scamFRAUDalert is no exception. What is Logo_Fraudalertincreasing becoming annoying is the amount of interest in our domain name. Zillions of so called scam ALERT sites have emerged. A cyber criminal has purchased the domain name scamfraudalert.org and is actively attempting to infect as many computers as he/she can.

SCAMMERS  have reinvented themselves to now providing ALERTS in all world to confused, muddy and discredit legitimate scam sites as ours.

Cybersquatting is a practice of registering, selling or using a domain name with the intent of profiting from the goodwill of someone else’s trademark. It generally refers to the practice of buying up domain names that use the names of existing businesses with the intent to sell the names for a profit to those businesses.

Below is the latest attempt of this squatter – URL discarded t.co / iB1oliNuVY
SFA_org_T.co Squatter
You get redirected to a Malware Infested Site
SFA_org_T.co Squatter2
scamfraudalert_org
scamfraudalerts_com.png

SFA_Google_For SALE

Read About the Phishing and Malware Expedition with domain scamFRAUDalert.org (screenshot below)

SFA_phishinggoogle-translate-1504195331710
SFA_Google_For SALE


screencapture-google-search-1507908626744
t.co_ibolinuvy=malware3
t.co_ibolinuvy=malware2


Domain Whois record
Queried whois.internic.net with “dom scamfraudalerts.com”…

Domain Name: SCAMFRAUDALERTS.COM
Registry Domain ID: 2096067633_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namebright.com
Registrar URL: http://www.NameBright.com
Updated Date: 2017-02-08T13:08:54Z
Creation Date: 2017-02-07T19:14:41Z
Registry Expiry Date: 2018-02-07T19:14:41Z
Registrar: DropCatch.com 808 LLC
Registrar IANA ID: 2567
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: NSG1.NAMEBRIGHTDNS.COM
Name Server: NSG2.NAMEBRIGHTDNS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-08-30T08:44:49Z <<<


Address lookup
canonical name:scamfraudalert.org

aliases
addresses:192.184.12.62
Domain Whois record

Queried whois.publicinterestregistry.net with “scamfraudalert.org”…

Domain Name: SCAMFRAUDALERT.ORG
Registry Domain ID: D402200000001715160-LROR
Registrar WHOIS Server:
Registrar URL: http://www.sitename.com
Updated Date: 2017-05-04T03:46:53Z
Creation Date: 2017-03-04T14:30:24Z
Registry Expiry Date: 2018-03-04T14:30:24Z
Registrar Registration Expiration Date:
Registrar: SiteName Ltd.
Registrar IANA ID: 437
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Reseller:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

Registry Registrant ID: C136922651-LROR
Registrant Name: Domain Manager
Registrant Organization: samirnet -domain names for sale
Registrant Street: Flat No. 48 Cunningham Apts Edward Road
Registrant City: Bangalore
Registrant State/Province:
Registrant Postal Code: 560052
Registrant Country: IN
Registrant Phone: +91.802260640
Registrant Email: samirnet2@gmail.com

Registry Admin ID: C136922651-LROR
Admin Name: Domain Manager
Admin Organization: samirnet -domain names for sale
Admin Street: Flat No. 48 Cunningham Apts Edward Road
Admin City: Bangalore
Admin State/Province:
Admin Postal Code: 560052
Admin Country: IN
Admin Phone: +91.802260640
Admin Email: samirnet2@gmail.com

Registry Tech ID: C136922651-LROR
Tech Name: Domain Manager
Tech Organization: samirnet -domain names for sale
Tech Street: Flat No. 48 Cunningham Apts Edward Road
Tech City: Bangalore
Tech State/Province:
Tech Postal Code: 560052
Tech Country: IN
Tech Phone: +91.802260640

Tech Email: samirnet2@gmail.com
Name Server: NS15.ABOVE.COM
Name Server: NS16.ABOVE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2017-08-30T08:45:24Z


from: James Ashmore [abuse@trellian.com]
to: scamFRAUDalert [scamfraudalert@gmail.com]
______________________________________
Hello,

Thank you for your message.

Acknowledgement that written correspondence has been received.

Above.com Monetization AutoPilot is a routing/redirection service only; we do not host any of the content of the domain/s or IP addresses in question. As this is the case, we dispute any claim of hosting any copyrighted content.

As we are not the governing body for these disputes, any cancellation of services will be done in accordance to the outcome of a UDRP from WIPO.

Kind regards,
James Ashmore
__________________________
Trellian.com Abuse Team :abuse@trellian.com
USA: +1 310-736-4230
Australia::+61- 3-9589-7946
http://www.above.com
http://www.above.com


AUSTRALIA

Office Hours:
M-F 9:00 am to 5:00 pm
Australian Eastern Std Time

Phone: + 61-3-9589-7946
Fax: + 61-3-9589-7951

USA Office
Trellian Direct Search Network
Above.com
5220 Pacific Concourse Dr
Suite 100
Los Angeles, CA 90045

WhoIs searchingmagnified.com

scamfraudalertdotorg redirects to a MALWARE DISTRIBUTOR
http://www.searchingmagnified.com/?dn=scamfraudalert.org&pid=7POS8W0N0
SFA_searchinggmagnified
SFA_searchinggmagnified2.PNG

ns2004.ztomy.com

Address lookup
canonical name:www.searchingmagnified.com
aliases
addresses:208.91.196.4
Domain Whois record

Queried whois.internic.net with “dom searchingmagnified.com”…

Domain Name: SEARCHINGMAGNIFIED.COM
Registry Domain ID: 1858468524_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.PublicDomainRegistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-05-31T17:10:52Z
Creation Date: 2014-05-13T10:19:45Z

Registry Expiry Date: 2020-05-13T10:19:45Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
Domain Status: clientTransferProhibited
Name Server: NS1004.ZTOMY.COM
Name Server: NS2004.ZTOMY.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:

Last update of whois database: 2017-08-19T16:04:42Z
Queried whois.publicdomainregistry.com with “searchingmagnified.com

Domain Name: SEARCHINGMAGNIFIED.COM
Registry Domain ID: 1858468524_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.publicdomainregistry.com
Registrar URL: http://www.publicdomainregistry.com

Updated Date: 2017-05-31T17:10:52Z
Creation Date: 2014-05-13T10:19:45Z

Registrar Registration Expiration Date: 2020-05-13T10:19:45Z
Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
Registrar IANA ID: 303
Domain Status: clientTransferProhibited

Registry Registrant ID: Not Available From Registry
Registrant Name: Domain Admin
Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
Registrant Street: 10 Corporate Drive
Registrant City: Burlington
Registrant State/Province: MA
Registrant Postal Code: 01803
Registrant Country: US
Registrant Phone: +1.8022274003
Registrant Email: contact@privacyprotect.org
Registry Admin ID: Not Available From Registry

Admin Name: Domain Admin
Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
Admin Street: 10 Corporate Drive
Admin City: Burlington
Admin State/Province: MA
Admin Postal Code: 01803
Admin Country: US
Admin Phone: +1.8022274003
Admin Email: contact@privacyprotect.org
Registry Tech ID: Not Available From Registry

Tech Name: Domain Admin
Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
Tech Street: 10 Corporate Drive
Tech City: Burlington
Tech State/Province: MA
Tech Postal Code: 01803
Tech Country: US
Tech Phone: +1.8022274003
Tech Email: contact@privacyprotect.org

Name Server: ns1004.ztomy.com
Name Server: ns2004.ztomy.com

DNSSEC:Unsigned
Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
Registrar Abuse Contact Phone: +1.2013775952
URL of the ICANN WHOIS Data Problem Reporting System:

Last update of WHOIS database: 2017-08-19T16:04:49Z

Network Whois record
Queried whois.arin.net with “n 208.91.196.4″…

NetRange: 208.91.196.0 – 208.91.197.255
CIDR: 208.91.196.0/23
NetName: CONFLUENCE-NETWORK-INC
NetHandle: NET-208-91-196-0-1
Parent: NET208 (NET-208-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS40034
Organization: Confluence Networks Inc (CN)
RegDate: 2011-04-15
Updated: 2015-11-23
Ref: https://whois.arin.net/rest/net/NET-208-91-196-0-1

OrgName: Confluence Networks Inc
OrgId: CN
Address: 3rd Floor, J & C Building, P.O. Box 362
City: Road Town
StateProv: Tortola
PostalCode: VG1110
Country: VG
RegDate: 2011-04-07
Updated: 2017-03-29
Ref: https://whois.arin.net/rest/org/CN

OrgAbuseHandle: ABUSE3065-ARIN
OrgAbuseName: Abuse Admin
OrgAbusePhone: +1-415-449-4704
OrgAbuseEmail: abuse@confluence-networks.com
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3065-ARIN

OrgNOCHandle: NOCAD51-ARIN
OrgNOCName: NOC Admin
OrgNOCPhone: +1-415-358-0891
OrgNOCEmail: noc@confluence-networks.com
OrgNOCRef: https://whois.arin.net/rest/poc/NOCAD51-ARIN

OrgTechHandle: TECHA29-ARIN
OrgTechName: Tech Admin
OrgTechPhone: +1-415-358-0891
OrgTechEmail: noc@confluence-networks.com
OrgTechRef: https://whois.arin.net/rest/poc/TECHA29-ARIN
DNS records

DNS query for 4.196.91.208.in-addr.arpa returned an error from the server: ServerFailure

name class type data time to live
http://www.searchingmagnified.com IN TXT v=spf1 a -all 300s (00:05:00)
http://www.searchingmagnified.com IN SOA
server: ns1004.ztomy.com
email: abuse@opticaljungle.com
serial: 2011062801
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 86400
300s (00:05:00)
http://www.searchingmagnified.com IN NS ns2004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN NS ns1004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN PTR ns1004.ztomy.com 300s (00:05:00)
http://www.searchingmagnified.com IN A 208.91.196.4 300s (00:05:00)
searchingmagnified.com IN NS ns2004.ztomy.com 300s (00:05:00)
searchingmagnified.com IN SOA
server: ns1004.ztomy.com
email: abuse@opticaljungle.com
serial: 2011062801
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 86400
300s (00:05:00)
searchingmagnified.com IN PTR ns1004.ztomy.com 300s (00:05:00)
searchingmagnified.com IN A 208.91.196.4 300s (00:05:00)
searchingmagnified.com IN TXT v=spf1 a -all 300s (00:05:00)
searchingmagnified.com IN NS ns1004.ztomy.com 300s (00:05:00)
— end —
URL for this output | return to CentralOps.net, a service of Hexillion


The following A records are set to 208.91.196.4:

  1. advforward.com
  2. amitaz.com
  3. buypremiumdeals.com
  4. cdn-images.com
  5. cnomy.com
  6. completefwd.com
  7. discovereddeals.com
  8. dmnfwd.com
  9. domainfwd.com
  10. domainfwding.com
  11. fastdomainfwd.com
  12. findcrazydeals.com
  13. findfreshdeals.com
  14. freeresultsguide.com
  15. freesearchresults.com
  16. globaldomainfwd.com
  17. globalizedsearch.com
  18. globalsearchdirect.com
  19. internetmadesecure.com
  20. keywordqueryresults.com
  21. malkm.com
  22. mypageresults.com
  23. mysearchcentral.com
  24. namefwd.com
  25. newsearchstation.com
  26. ns1004.ztomy.com
  27. onlinefastsearch.com
  28. pagequeryresults.com
  29. quickfwd.com
  30. rediscoversearch.com
  31. resultfwding.com
  32. sdomainparking.com
  33. searchacross.com
  34. searchdirectresults.com
  35. searchdiscovered.com
  36. searchedforward.com
  37. searchedresults.com
  38. searchedreveal.com
  39. searcheduncovered.com
  40. searchesexplored.com
  41. searchesinteractive.com
  42. searchesinvent.com
  43. searchesresult.com
  44. searchharbor.com
  45. searchhotspot.com
  46. searchignited.com
  47. searchingexplore.com
  48. searchingmagnified.com
  49. searchinguncovered.com
  50. searchinvented.com
  51. searchmagnified.com
  52. searchmagnitude.co
  53. searchmeaningful.com
  54. searchqueryresults.com
  55. searchrediscovered.com
  56. searchreinvented.com
  57. searchremagnified.com
  58. searchresultsguide.com
  59. searchtargeted.com
  60. searchtermresults.com
  61. sendfwd.com
  62. sitequeryresults.com
  63. smartseekerz.com
  64. targetedinfo.com
  65. targetedlistings.net
  66. targetedtopic.com
  67. thegreatestsearch.com
  68. theusefulsearch.com
  69. universalfwd.com
  70. usinternetsearch.com
  71. virlz.com
  72. webqueryresults.com
  73. ztomy.com

What We Know of Our Botnet Master

Search Results for 209.8.25.156 [no reverse DNS set]

We know our botnet master uses the domains below as part of Ddos attacks.

4 Results for 209.8.25.156 (Umaxsearch.com)

Website DMOZ Wikipedia Yahoo

1. Lookuplive.com
2. Searchmeup.com
3. Topsearch10.com
4. Umaxsearch.com

WhoIs Lookup performed by Karen’s WhoIs
http://www.karenware.com/

Whois Server Version 1.3

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: UMAXSEARCH.COM
Registrar: ONLINENIC, INC.
Whois Server: whois.35.com
Referral URL: http://www.OnlineNIC.com
Name Server: NS1.UMAXSEARCH.COM
Name Server: NS2.UMAXSEARCH.COM
Status: clientTransferProhibited
Status: clientDeleteProhibited
Updated Date: 09-apr-2007
Creation Date: 11-sep-2003
Expiration Date: 11-sep-2008

Last update of whois database: Sun, 28 Oct 2007 09:28:15 UTC <<<

Registrant:
Leos Rousek wello@mail.ru +4.20721121332
Leos Rousek
Na Prikope 858/20
Praha 1,Praha,CZ 113 80

Domain Name:umaxsearch.com
Record last updated at 2007-04-09 03:22:19
Record created on 2003/9/11
Record expired on 2008/9/11

http://www.siteadvisor.com/sites/206.161.121.115/summary

What is Search-Space.com?
Search-Space.com and Start-Space.com are website search engines organized into a wide variety of categories and groups. They link to another search engine called Umaxsearch.com. Both Search-Space.com and Start-Space.com are both owed by a company called Web Interactive based in Russia. They take over as your start page or default search engine in Internet Explorer. Both appear to be a variant of the CoolWebSearch homepage hijacker as well.

Both pages redirect to the IP address http://69.31.80.210 which is the Umaxsearch.com page, but they use variables in the search string to display different results page with pay per click search engine results.
http://www.pchell.com/support/searchspace.shtml

206.161.121.115

Coolwebsearch.com Terminated Affiliates List

Date: 17 September 2006
Source:
http://www.coolwebsearch.com/hijacking.html
2005-05-19: UPDATE

008i.com
0ml.net
103.nowfind.biz
195.225.176.14
24-7-search.com
69.50.164.196
69.50.164.197
911-search.info
all-find.net
all-find.org
allneedsearch.com
allstarsearch.net
allwebseek.com
azesearch.com
b0o.net
best-search.info
bestsearch.name
big-search.biz
blastsearch.net
boredlife.com
cameup.com
cannotfind.net
coopto.directwebsearch.net
count.cc
daily-search.com
datasearch.info
find777.com
find-everything.com
find-more.net
find-online.net
find-on-the-net.com
findpalm.biz
findpollen.net
gigasearch.biz
heretofind.com
hot-search.biz
infoglobus.com
instafinder.com
iwantsearch.com
judin.ru
kita-search.com
kliksearch.com
likesurfing.com
line-plus.com
list2004.com
magicsearch.us
makemesearch.com
martfinder.com
myhandysearch.com
ne-ebu.com
new-search.info
ntsearch.com
online-service.cc
oz.msie.tv
perfect-search.net
petardas.com
placeforsearch.com
power-search.info
ravesearch.net
richfind.com
rootsearch.biz
runsearch.com
search.xrenoder.com
search-1.net
search4fun.net
search-777.com
search-all-fast.com
searchcentral.cc
searchcomplete.com
search-control.com
searchdesire.com
searchforfree.info
searchinwww.cc
search-it-now.net
searchmeup.com
search-paga.com
searchpage.cc
searchterror.com
search-to-find.com
search-town.net
searchweb2.com
searchx.cc
searchxp.com
speed-search.biz
supacoopa.directwebsearch.net
swift-look.com
targetclicks.net
teen-biz.com
thenewsearch.com
top-search.us
try-this-search.biz
umaxsearch.com
v73.us
viewpornkey.com
vip-search.biz
web.all-find.org
weba.directwebsearch.net
web-searcher.info
worldnetsearch.org
wow-access.com
http://www.search-motor.com
http://www.zapros.com
xyesearch.com
xysearch.biz
yellow-pages.ws
your-search.info
yoursearch.ws
yoursearch247.com
your-searcher.com
yupsearch.com
zetta-search.com

May also be associated with the following domains:
123find.org
123find.com
http://www.ggfind.info/search.php?q=scamfraudalert&btnG2=Search

80.82.139.133
87.118.70.2

Who Is Dubtempo.com

Address lookup
canonical name: dubtempo.com

aliases
addresses:192.254.232.235
Domain Whois record

Queried whois.internic.net with “dom dubtempo.com

Domain Name: DUBTEMPO.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: NS2545.HOSTGATOR.COM
Name Server: NS2546.HOSTGATOR.COM
Status: clientTransferProhibited
Updated Date: 08-nov-2014
Creation Date: 18-nov-2008
Expiration Date: 18-nov-2015

Last update of whois database: Sun, 04 Jan 2015 04:50:32 GMT
Queried whois.enom.com with “dubtempo.com

Domain Name: DUBTEMPO.COM
Registry Domain ID: 1529065689_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2014-11-04T08:27:35.00Z
Creation Date: 2008-11-18T06:45:00.00Z

Registrar Registration Expiration Date: 2015-11-18T06:45:38.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Registrar Abuse Contact Email: abuse@enom.com
Registrar Abuse Contact Phone: +1.4252982646
Reseller: NAMECHEAP.COM

Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
Registrant Organization: WHOISGUARD, INC.
Registrant Street: P.O. BOX 0823-03411
Registrant City: PANAMA
Registrant State/Province: PANAMA
Registrant Postal Code: 00000
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Fax: +51.17057182
Registrant Email: 531EF55410A74170B82C4DCFEE226E4D.PROTECT@WHOISGUARD.COM

Registry Admin ID:
Admin Name: WHOISGUARD PROTECTED
Admin Organization: WHOISGUARD, INC.
Admin Street: P.O. BOX 0823-03411
Admin City: PANAMA
Admin State/Province: PANAMA
Admin Postal Code: 00000
Admin Country: PA
Admin Phone: +507.8365503
Admin Fax: +51.17057182
Admin Email: 531EF55410A74170B82C4DCFEE226E4D.PROTECT@WHOISGUARD.COM

Registry Tech ID:
Tech Name: WHOISGUARD PROTECTED
Tech Organization: WHOISGUARD, INC.
Tech Street: P.O. BOX 0823-03411
Tech City: PANAMA
Tech State/Province: PANAMA
Tech Postal Code: 00000
Tech Country: PA
Tech Phone: +507.8365503
Tech Fax: +51.17057182
Tech Email: 531EF55410A74170B82C4DCFEE226E4D.PROTECT@WHOISGUARD.COM

Name Server: NS2545.HOSTGATOR.COM
Name Server: NS2546.HOSTGATOR.COM

DNSSEC: unSigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Last update of WHOIS database: 2014-11-04T08:27:35.00Z
Network Whois record

Queried rwhois.websitewelcome.com with “192.254.232.235”…

%rwhois V-1.5:003eff:00 rwhois.websitewelcome.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-BO.192.254.128.0/17
network:Auth-Area:192.254.128.0/17
network:Network-Name:BO-192.254.128.0/17
network:IP-Network:192.254.128.0/17
network:IP-Network-Block:192.254.128.0 – 192.254.255.255
network:Organization;I:WEBSITEWELCOME.COM
network:Tech-Contact;I:support@websitewelcome.com
network:Admin-Contact;I:support@websitewelcome.com
network:Created:20130717
network:Updated:20130717
network:Updated-By:support@websitewelcome.com

%ok
Queried whois.arin.net with “n 192.254.232.235″…

NetRange: 192.254.128.0 – 192.254.255.255
CIDR: 192.254.128.0/17
NetName: HGBLOCK-9
NetHandle: NET-192-254-128-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: WEBSITEWELCOME.COM (BO)
RegDate: 2013-06-11
Updated: 2013-06-11
Ref: http://whois.arin.net/rest/net/NET-192-254-128-0-1

OrgName: WEBSITEWELCOME.COM
OrgId: BO
Address: 5005 Mitchelldale
Address: Suite #100
City: Houston
StateProv: TX
PostalCode: 77092
Country: US
RegDate: 2011-02-16
Updated: 2013-11-13
Ref: http://whois.arin.net/rest/org/BO

ReferralServer: rwhois://rwhois.websitewelcome.com:4321

OrgAbuseHandle: IPADM551-ARIN
OrgAbuseName: IP Admin
OrgAbusePhone: +1-866-964-2867
OrgAbuseEmail: ipadmin@websitewelcome.com
OrgAbuseRef: http://whois.arin.net/rest/poc/IPADM551-ARIN

OrgNOCHandle: IPADM551-ARIN
OrgNOCName: IP Admin
OrgNOCPhone: +1-866-964-2867
OrgNOCEmail: ipadmin@websitewelcome.com
OrgNOCRef: http://whois.arin.net/rest/poc/IPADM551-ARIN

OrgTechHandle: IPADM551-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-866-964-2867
OrgTechEmail: ipadmin@websitewelcome.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM551-ARIN
DNS records

DNS query for 235.232.254.192.in-addr.arpa returned an error from the server: NameError

name class type data time to live
dubtempo.com IN TXT v=spf1 +a +mx +ip4:198.57.247.176 ?all 14400s (04:00:00)
dubtempo.com IN MX
preference: 0
exchange: dubtempo.com
14400s (04:00:00)
dubtempo.com IN SOA
server: ns6423.hostgator.com
email: dnsadmin@gator3212.hostgator.com
serial: 2014111917
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
dubtempo.com IN NS ns2546.hostgator.com 86400s (1.00:00:00)
dubtempo.com IN NS ns2545.hostgator.com 86400s (1.00:00:00)
dubtempo.com IN A 192.254.232.235 14400s (04:00:00)
— end —
URL for this output | return to CentralOps.net, a service of Hexillion

Whois cialisonlinecanadamed.com

Buying Prescription Drugs Online May Be Dangerous Says
Drug Enforcement Administration
Scam Alert 1

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)
Who's Behind Online Pharmacy 

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.


Address lookup
canonical name cialisonlinecanadamed.com

aliases
addresses 74.52.238.243
Domain Whois record

Queried whois.internic.net with “dom cialisonlinecanadamed.com”…

Domain Name: CIALISONLINECANADAMED.COM
Registrar: TODAYNIC.COM, INC.
Whois Server: whois.todaynic.com
Referral URL: http://www.NOW.CN
Name Server: NS1.ZEOHOST.COM
Name Server: NS2.ZEOHOST.COM
Status: clientTransferProhibited
Updated Date: 16-jun-2012
Creation Date: 16-jun-2012
Expiration Date: 16-jun-2013

Last update of whois database: Mon, 25 Jun 2012 06:48:35 UTC <<<
Queried whois.todaynic.com with “cialisonlinecanadamed.com”…

Domain name: cialisonlinecanadamed.com
Status: Active

Registrant:
Name: Carmen Z. Duffey
Organization: Carmen Z. Duffey
Address: 3726 Cabell Avenue
City: Washington
Province/state: VA
Country: US
Postal Code: 20008
Email: support@viagraonlinephmc.com

Administrative Contact:
Name: Carmen Z. Duffey
Organization: Carmen Z. Duffey
Address: 3726 Cabell Avenue
City: Washington
Province/state: VA
Country: US
Postal Code: 20008
Phone: +1.7035448936
Fax: +1.7035448936
Email: support@viagraonlinephmc.com

Technical Contact:
Name: Carmen Z. Duffey
Organization: Carmen Z. Duffey
Address: 3726 Cabell Avenue
City: Washington
Province/state: VA
Country: US
Postal Code: 20008

Nameserver Information:
ns1.zeohost.com
ns2.zeohost.com

Create: 2012-06-16 15:04:07
Update: 2012-06-16
Expired: 2013-06-16
QueryTimes: 13

Network Whois record
Queried rwhois.theplanet.com with “74.52.238.243

%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-THEPLANET-BLK-14
network:Auth-Area:74.52.0.0/14
network:Network-Name:TPIS-BLK-74-52-238-0
network:IP-Network:74.52.238.240/28
network:IP-Network-Block:74.52.238.240 – 74.52.238.255
network:Organization;I:WebsiteWelcome
network:Street-Address:N/A
network:City:Boca Raton
network:State:FL
network:Postal-Code:33496
network:Country-Code:USA
network:Tech-Contact;I:abuse@websitewelcome.com
network:Admin-Contact;I:abuse@websitewelcome.com
network:Created:20061223
network:Updated:20061223

%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok

Queried whois.arin.net with “n 74.52.238.243″…

NetRange: 74.52.0.0 – 74.55.255.255
CIDR: 74.52.0.0/14
OriginAS: AS36420, AS30315, AS13749, AS21844
NetName: NETBLK-THEPLANET-BLK-14
NetHandle: NET-74-52-0-0-1
Parent: NET-74-0-0-0-0
NetType: Direct Allocation
RegDate: 2006-02-17
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-74-52-0-0-1

OrgName: ThePlanet.com Internet Services, Inc.
OrgId: TPCM
Address: 315 Capitol
Address: Suite 205
City: Houston
StateProv: TX
PostalCode: 77002
Country: US
RegDate: 1999-08-31
Updated: 2010-10-13
Ref: http://whois.arin.net/rest/org/TPCM

ReferralServer: rwhois://rwhois.theplanet.com:4321

OrgTechHandle: TECHN33-ARIN
OrgTechName: Technical Support
OrgTechPhone: +1-214-782-7800
OrgTechEmail: admins@theplanet.com
OrgTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

OrgNOCHandle: THEPL-ARIN
OrgNOCName: The Planet NOC
OrgNOCPhone: +1-281-822-4204
OrgNOCEmail: noc@theplanet.com
OrgNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

OrgAbuseHandle: ABUSE271-ARIN
OrgAbuseName: The Planet Abuse
OrgAbusePhone: +1-281-714-3560
OrgAbuseEmail: abuse@theplanet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

RAbuseHandle: ABUSE271-ARIN
RAbuseName: The Planet Abuse
RAbusePhone: +1-281-714-3560
RAbuseEmail: abuse@theplanet.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

RTechHandle: TECHN33-ARIN
RTechName: Technical Support
RTechPhone: +1-214-782-7800
RTechEmail: admins@theplanet.com
RTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

RNOCHandle: THEPL-ARIN
RNOCName: The Planet NOC
RNOCPhone: +1-281-822-4204
RNOCEmail: noc@theplanet.com
RNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

DNS records
name class type data time to live
cialisonlinecanadamed.com IN TXT v=spf1 a mx include:websitewelcome.com ~all 14400s (04:00:00)
cialisonlinecanadamed.com IN MX
preference: 0
exchange: cialisonlinecanadamed.com
14400s (04:00:00)
cialisonlinecanadamed.com IN SOA
server: ns1.zeohost.com
email: root@chevette.websitewelcome.com
serial: 2012061901
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
cialisonlinecanadamed.com IN NS ns2.zeohost.com 86400s (1.00:00:00)
cialisonlinecanadamed.com IN NS ns1.zeohost.com 86400s (1.00:00:00)
cialisonlinecanadamed.com IN A 74.52.238.243 14400s (04:00:00)
243.238.52.74.in-addr.arpa IN PTR f3.ee.344a.static.theplanet.com 86400s (1.00:00:00)
238.52.74.in-addr.arpa IN SOA
server: ns3.arpa.networklayer.com
email: root@softlayer.com
serial: 2011083100
refresh: 7200
retry: 600
expire: 1728000
minimum ttl: 43200
86400s (1.00:00:00)
238.52.74.in-addr.arpa IN NS ns3.arpa.networklayer.com 86400s (1.00:00:00)
238.52.74.in-addr.arpa IN NS ns4.arpa.networklayer.com 86400s (1.00:00:00)

— end —


The following A records are set to 74.52.238.243:

  1. bestgenericcialisonline.com
  2. bestgenericviagraonline.com
  3. buycanadapropeciaonline.com
  4. buycheappropeciacanada.com
  5. buypropeciaonlinecanada.com
  6. canadapropeciabuy.com
  7. canadapropeciaonline.com
  8. canadianviagrapharmacydrug.com
  9. cheapropeciaonline.com
  10. cheapviagrapillsonline.com
  11. cialisbuyonlinecanada.com
  12. cialisforsaleonline.com
    cialisnoprescriptiononlineusa.com
  13. cialisonlinebestprice.com
  14. cialisonlinecanadamed.com
  15. cialisonlinecanadauk.com
  16. cialisonlineordercanada.com
  17. cialisonlinephmc.com
  18. cialisonlinepurchase.com
  19. cialisonlinesales.com
  20. cialispillsonlinesale.com
  21. cialisrxonline.com
  22. cialiswithoutprescriptiononline.com
  23. genericviagraonlinebuy.com
  24. ns2.auxiliopc.com,
  25. ns2.buycarisoprodolonlinerx.com,
  26. ns2.buyfioricetonlinecod.com,
  27. ns2.byteworxweb.com,
  28. ordercialisnoprescription.co
  29. ordercialisonlinecanada.com
  30. orderviagranoprescription.com
  31. orderviagraonlinecanada.com
  32. pennsylvaniaplasticsurgeryassociates.com
  33. propeciaforsaleonline.com
  34. propeciaonlinecanada.com
  35. propeciaonlinecanadamed.com
  36. propeciaonlinephmc.com
  37. propeciaorderonlinecanada.com
  38. propeciapillsforsale.com
  39. propeciawhithoutprescription.com
  40. viagraonlinegenericphmc.com
  41. viagraonlineordercanada.com
  42. viagraonlinepharmacybuy.com
  43. viagraonlinephmc.com
  44. viagraonlinepurchase.com
  45. viagrapillsonlinesale.com
  46. viagrawithoutprescriptiononline.com