The hacker gang attacking IBR

Any research, news or information regarding the wide variety of techniques criminals use to take over your computers or web servers.

The hacker gang attacking IBR

Postby Amouse » Fri Dec 17, 2010 11:28 pm

Here you go.

http://www.kamtiez.us

As many researchers as possible grab a copy of this scum bags web site.
And all the other web sites he has kindly supplied.

This is the gang who has been attacking my web server and it is most likely, IBR.
This gang is associated with Shane Atkinson and most likely Dean Westbury.
If you are saying I know the name Westbury... He was a member of Global Web Promotions and I suspect the person who wrote sobig. He has been known to attack me and my resources back in 2003 - 2006 and only stopped when I asked Vinton Cerf to whack him after he made a threatening phone call to my mother.
The turn of events. I discover who Shane Atkinson is and publish this (2003). Global Web Promotions exposed shortly after and the US govt convicted Van Essen and Lance Atkinson. Westbury fled Australia and started threatening me. I believe Westbury blames me for the fact he had to leave Aus. Back in those days I was saying Westbury was the author of the malware for the send safe bot net. (sobig which has been attributed to Ruslan) Search "who wrote sobig" for the pdf file.

That is all I will say at this point. I have a mountain of evidence after following a trail that started with a spammer sending bank phishes to an email address created for me on another service.

--
Anony Mouse
Amouse
Spam Reporter
 
Posts: 140
Joined: Sat Jun 13, 2009 11:34 pm

No hacker gang is attacking IBR

Postby Red Dwarf » Sat Dec 18, 2010 4:10 am

Amouse wrote:This is the gang who has been attacking my web server and it is most likely, IBR.


What attack on IBR are you referring to? I would be interested to hear what evidence exists on which you have based that claim. At this time, IBR is not under a DDOS attack. Of course, like every other web server in existence, there are daily if not hourly attempts to probe for vulnerabilities, but nothing out of the ordinary.

I appreciate your concern, but I see no evidence.
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10485
Joined: Tue Jun 27, 2006 2:01 am

Re: No hacker gang is attacking IBR

Postby Amouse » Sat Dec 18, 2010 6:27 am

Red Dwarf wrote:
Amouse wrote:This is the gang who has been attacking my web server and it is most likely, IBR.


What attack on IBR are you referring to? I would be interested to hear what evidence exists on which you have based that claim. At this time, IBR is not under a DDOS attack. Of course, like every other web server in existence, there are daily if not hourly attempts to probe for vulnerabilities, but nothing out of the ordinary.

I appreciate your concern, but I see no evidence.


Attacks on members as per joe jobs etc.

I told you when I first joined this forum who the perp was... You laughed at me virtually but I know the MO...

The MO of Dean Westbury the author of sobig and member of Global Web Promotions who just happens to live in the Philippines...

Read the next post.

I have 359 urls all with redirectors pointing to CPh and similar brands and that is just a drop on the ocean gathered over 4 days.

I have now tracked to the hackers loading these pages as a result of tracking the activities of Shane Atkinson.
Feel free to poke holes in everything I say but I have yet to see anyone put a name to the brands other than those who blame Leo... But Leo is in jail yet Yambo lives.
Amouse
Spam Reporter
 
Posts: 140
Joined: Sat Jun 13, 2009 11:34 pm

Re: The hacker gang attacking IBR

Postby Amouse » Sat Dec 18, 2010 7:08 am

Compare my apache deny list against the information below.
You will find many of the web sites (ip address/range) associated with the list of hackers *hackername

Add 2 and 2 together. It does make 4! The bad actors you see are well known. This research fills in some gaps.
This is the south east Asian side of the gang that includes many Russian/Ukrainian bad actors.
I think this gang is headed by Shane Atkinson and Dean Westbury.
This deny list is a who's who of those involved in CPh type meds spam.

deny from 223.25.242.0/24 < Major bad actor form Russia/Ukraine
deny from 109.230.213.0/24
deny from 109.230.217.0/24
deny from hinet.net
deny from 78.172.53.0/24
deny from intelbi.ru
deny from kumirtele.com
deny from ecatel.net
deny from uch.net
deny from eti.br
deny from server.lu
deny from triolan.net
deny from 221.194.132.0/24
deny from 111.160.68.0/24
deny from 46.118.208.0/24
deny from corbina.ru < these are soviet block hackers
deny from 83.66.226.0/24
deny from 92.241.160.0/19
deny from rootvps.pl < these are soviet block hackers
deny from emailgun.co.uk
deny from 125.16.9.0/24
deny from 95.67.80.0/24
deny from 89.248.160.0/21
deny from 77.253.236.0/24
deny from 77.92.233.0/24
deny from 95.68.79.0/24
deny from 217.77.208.0/20
deny from 77.93.0.0/19
deny from 64.27.0.0/19
deny from 212.178.0.0/19
deny from 178.239.48.0/20
deny from 123.112.0.0/12
deny from 84.108.112.0/20
deny from 77.79.192.0/18
deny from 46.118.0.0/15
deny from 88.243.0.0/17
deny from 195.54.162.0/23
deny from 173.242.112.0/20
deny from 91.212.226.0/24
deny from 178.150.0.0/15
deny from 195.162.68.0/23
deny from 89.248.168.0/24
deny from 84.22.142.0/24
deny from 95.65.0.0/17
deny from 84.234.64.0/20
deny from 91.121.0.0/16
deny from 91.201.66.0/23
deny from 79.142.64.0/20
deny from 91.214.44.0/22
deny from 213.5.64.0/21
deny from 91.210.104.0/22
deny from 188.165.0.0/16
deny from 193.105.210.0/24
deny from 78.160.0.0/11
deny from 78.172.0.0/17
deny from 46.109.0.0/16
deny from 121.101.208.0/20
deny from 92.240.64.0/19
deny from 95.169.160.0/19
deny from 77.79.128.0/18
deny from 91.211.16.0/24
deny from 88.210.32.0/19
deny from 76.73.0.0/17
deny from 124.157.192.0/20
deny from 95.168.160.0/19
deny from 91.211.16.0/22
deny from 77.120.128.0/18
deny from 188.95.48.0/21
deny from 109.228.100.112/24
deny from 59.63.0.0/13
deny from 178.92.0.0/14
deny from 66.90.64.0/18
deny from 173.192.0.0/24
deny from 69.57.166.0/25
deny from 212.117.160.0/19
deny from 109.104.87.0/24
deny from 193.111.114.0/23

Ring leader = kaMtiEz = Kamtiez Rawk

http://www.facebook.com/xkamtiezx

Here are a few examples of the 359 unique hacked sites.
Often the site owners note the spam being sent and fix.

I created this list yesterday so most should still be open.
Remove the end html or php file name to view the dir listing.
googlexxx.php = shell
html is redirector
last php file is php spam bot that I replace to rape spammies urls.
Sending IP is 223.25.242.134

http://www.ip-look-up.com/IpInfoDetail- ... 220.0.html
Softlayer I think but I do not get a whois on the ip address on my machine.

http://www.digitalxxnew.ro/images/googl ... badfc5.php
http://www.digitalxxnew.ro/images/desk.html
http://www.digitalxxnew.ro/images/square.php

http://elitenerdherd.com/images/google2 ... 064c85.php
http://elitenerdherd.com/images/pill.html
http://elitenerdherd.com/images/dad,%20daddy.php

http://www.perfumesofthepast.nl/winkel/ ... 4f8c02.php
http://www.perfumesofthepast.nl/winkel/images/cook.html
http://www.perfumesofthepast.nl/winkel/images/risk.php
This site has losts of exploit stuff on it.

http://www.extravagantdeals.net/images/ ... 52b756.php
http://www.extravagantdeals.net/images/ ... 20601e.php
http://www.extravagantdeals.net/images/ ... taste.html
http://www.extravagantdeals.net/images/ ... /eight.php

http://shop.reginabally.net/images/goog ... 2f84fd.php
http://shop.reginabally.net/images/crazy.html
http://shop.reginabally.net/images/whale.php

http://www.wolftrancedesign.com/images/ ... 096b68.php
http://www.wolftrancedesign.com/images/definitely.html
http://www.wolftrancedesign.com/images/nerve.php

whois starrxwellness.net

Domain Name: STARRXWELLNESS.NET
Registrar: KEY-SYSTEMS GMBH
Whois Server: whois.rrpproxy.net
Referral URL: http://www.key-systems.net
Name Server: NS1.STARRXWELLNESS.NET
Name Server: NS2.STARRXWELLNESS.NET
Status: ok
Updated Date: 07-nov-2010
Creation Date: 26-oct-2010
Expiration Date: 26-oct-2011

>>> Last update of whois database: Fri, 17 Dec 2010 21:48:33 UTC <<<

DOMAIN: STARRXWELLNESS.NET

RSP: DNReg Limited

owner-contact: P-NGK299
owner-fname: Nataliya
owner-lname: Kondrateva
owner-street: mkr. Davydovskij-3 d.30 kv.104
owner-city: Kostroma
owner-state: Kostromskaya oblast
owner-zip: 156016
owner-country: RU
owner-phone: 7.4942620901
owner-fax: 7.4942620901
owner-email: vx@bz3.ru

admin-contact: P-NGK299
admin-fname: Nataliya
admin-lname: Kondrateva
admin-street: mkr. Davydovskij-3 d.30 kv.104
admin-city: Kostroma
admin-state: Kostromskaya oblast
admin-zip: 156016
admin-country: RU
admin-phone: 7.4942620901
admin-fax: 7.4942620901
admin-email: vx@bz3.ru

tech-contact: P-NGK299
tech-fname: Nataliya
tech-lname: Kondrateva
tech-street: mkr. Davydovskij-3 d.30 kv.104
tech-city: Kostroma
tech-state: Kostromskaya oblast
tech-zip: 156016
tech-country: RU
tech-phone: 7.4942620901
tech-fax: 7.4942620901
tech-email: vx@bz3.ru

billing-contact: P-NGK299
billing-fname: Nataliya
billing-lname: Kondrateva
billing-street: mkr. Davydovskij-3 d.30 kv.104
billing-city: Kostroma
billing-state: Kostromskaya oblast
billing-zip: 156016
billing-country: RU
billing-phone: 7.4942620901
billing-fax: 7.4942620901
billing-email: vx@bz3.ru

nameserver: ns1.starrxwellness.net 218.86.115.243
nameserver: ns2.starrxwellness.net 218.67.78.181

;; ANSWER SECTION:
hXXp://www.starrxwellness.net. 417 IN A 218.201.145.110

whois 218.201.145.110

inetnum: 218.201.96.0 - 218.201.191.255
netname: CMNET-shandong
descr: China Mobile Communications Corporation - shandong
country: CN
admin-c: JH457-AP
tech-c: JH457-AP
mnt-by: MAINT-CN-CMCC
mnt-lower: MAINT-CN-CMCC-shandong
remarks: ------------------------------
remarks: Please send abuse e-mail to
remarks: huangjie@sd.chinamobile.com
remarks: Please send probe e-mail to
remarks: huangjie@sd.chinamobile.com
remarks: -------------------------------
changed: weichenguang@chinamobile.com 20050309
status: ALLOCATED NON-PORTABLE
source: APNIC

person: jie huang
nic-hdl: JH457-AP
e-mail: huangjie@sd.chinamobile.com
address: Department of Networks
address: 84,Road DaWeiEr,Jinan,
address: Shandong Province, China,250001
phone: +86-0531-6168748
fax-no: +86-0531-6168774
country: cn
changed: huangjie@sd.chinamobile.com 20040806
mnt-by: MAINT-CN-CMCC-SHANDONG
source: APNIC


whois bz3.ru

domain: BZ3.RU
nserver: dns1.naunet.ru.
nserver: dns2.naunet.ru.
state: REGISTERED, DELEGATED, UNVERIFIED
person: Private Person
phone: +7 812 5706062
e-mail: contact@bz3.ru
registrar: NAUNET-REG-RIPN
created: 2010.09.21
paid-till: 2011.09.21
source: TCI

Last updated on 2010.12.18 00:50:46 MSK/MSD

;; QUESTION SECTION:
;BZ3.RU. IN MX

;; ANSWER SECTION:
BZ3.RU. 3600 IN MX 10 aspmx.l.google.com.
BZ3.RU. 3600 IN MX 30 aspmx3.googlemail.com.
BZ3.RU. 3600 IN MX 20 alt2.aspmx.l.google.com.
BZ3.RU. 3600 IN MX 30 aspmx4.googlemail.com.
BZ3.RU. 3600 IN MX 20 alt1.aspmx.l.google.com.
BZ3.RU. 3600 IN MX 30 aspmx2.googlemail.com.
BZ3.RU. 3600 IN MX 30 aspmx5.googlemail.com.

;; ADDITIONAL SECTION:
aspmx3.googlemail.com. 2339 IN A 72.14.213.27
alt2.aspmx.l.google.com. 74 IN A 74.125.39.27
aspmx4.googlemail.com. 3470 IN A 209.85.229.27
alt1.aspmx.l.google.com. 50 IN A 209.85.229.27
aspmx2.googlemail.com. 933 IN A 74.125.43.27
aspmx5.googlemail.com. 1677 IN A 74.125.157.27
aspmx.l.google.com. 112 IN A 74.125.157.27

Domain ID:D160923081-LROR
Domain Name:INDONESIANCODER.ORG
Created On:14-Dec-2010 14:30:17 UTC
Expiration Date:14-Dec-2011 14:30:17 UTC
Sponsoring Registrar:Mesh Digital Limited (R1728-LROR)
Status:INACTIVE
Status:TRANSFER PROHIBITED
Status:ADDPERIOD
Registrant ID:DOMAINMONSTER
Registrant Name:DOMAINMONSTER BACKORDER
Registrant Organization:Mesh Digital Limited
Registrant Street1:Quarry Court
Registrant Street2:Lime Quarry Mews
Registrant Street3:
Registrant City:Guildford
Registrant State/Province:
Registrant Postal Code:GU1 2RD
Registrant Country:GB
Registrant Phone:+44.1483304030
Registrant Phone Ext.:
Registrant FAX:+44.1483304031
Registrant FAX Ext.:
Registrant Email:support@domainmonster.com
Admin ID:DOMAINMONSTER
Admin Name:DOMAINMONSTER BACKORDER
Admin Organization:Mesh Digital Limited
Admin Street1:Quarry Court
Admin Street2:Lime Quarry Mews
Admin Street3:
Admin City:Guildford
Admin State/Province:
Admin Postal Code:GU1 2RD
Admin Country:GB
Admin Phone:+44.1483304030
Admin Phone Ext.:
Admin FAX:+44.1483304031
Admin FAX Ext.:
Admin Email:support@domainmonster.com
Tech ID:DOMAINMONSTER
Tech Name:DOMAINMONSTER BACKORDER
Tech Organization:Mesh Digital Limited
Tech Street1:Quarry Court
Tech Street2:Lime Quarry Mews
Tech Street3:
Tech City:Guildford
Tech State/Province:
Tech Postal Code:GU1 2RD
Tech Country:GB
Tech Phone:+44.1483304030
Tech Phone Ext.:
Tech FAX:+44.1483304031
Tech FAX Ext.:
Tech Email:support@domainmonster.com
Name Server:
Name Server:

http://www.indonesiancoder.co.cc/

dig indonesiancoder.co.cc

; <<>> DiG 9.6-ESV-R1 <<>> indonesiancoder.co.cc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16112
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;indonesiancoder.co.cc. IN A

;; ANSWER SECTION:
indonesiancoder.co.cc. 14400 IN A 75.126.185.28

NetRange: 75.126.0.0 - 75.126.255.255
CIDR: 75.126.0.0/16
OriginAS: AS36351
NetName: SOFTLAYER-4-3
NetHandle: NET-75-126-0-0-1
Parent: NET-75-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.ARPA.GLOBAL-DATACENTER.COM
NameServer: NS1.ARPA.GLOBAL-DATACENTER.COM
Comment: abuse@softlayer.com
RegDate: 2006-05-12
Updated: 2009-08-26
Ref: http://whois.arin.net/rest/net/NET-75-126-0-0-1

OrgName: SoftLayer Technologies Inc.
OrgId: SOFTL
Address: 1950 N Stemmons Freeway
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US
RegDate: 2005-10-26
Updated: 2009-07-02
Ref: http://whois.arin.net/rest/org/SOFTL

ReferralServer: rwhois://rwhois.softlayer.com:4321

OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-442-0605
OrgAbuseEmail: abuse@softlayer.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1025-ARIN

OrgTechHandle: IPADM258-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-214-442-0600
OrgTechEmail: ipadmin@softlayer.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

RNOCHandle: IPADM258-ARIN
RNOCName: IP Admin
RNOCPhone: +1-214-442-0600
RNOCEmail: ipadmin@softlayer.com
RNOCRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

RAbuseHandle: ABUSE1025-ARIN
RAbuseName: Abuse
RAbusePhone: +1-214-442-0605
RAbuseEmail: abuse@softlayer.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE1025-ARIN

RTechHandle: IPADM258-ARIN
RTechName: IP Admin
RTechPhone: +1-214-442-0600
RTechEmail: ipadmin@softlayer.com
RTechRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.160.0/19
network:Auth-Area:75.126.160.0/19
network:Network-Name:SOFTLAYER-75.126.160.0
network:IP-Network:75.126.185.28/30
network:IP-Network-Block:75.126.185.28-75.126.185.31
network:Organization;I:Venture Computers Of Canada Inc
network:Street-Address:705 Middlefield Road Suite 108
network:City:Scarborough
network:State:ON
network:Postal-Code:M1V5H5
network:Country-Code:CA
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:kevinm@venture-computers.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:20081221
network:Updated:20101121
network:Updated-By:ipadmin@softlayer.com

dig indonesiancoder.org

; <<>> DiG 9.6-ESV-R1 <<>> indonesiancoder.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39825
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;indonesiancoder.org. IN A

;; AUTHORITY SECTION:
org. 900 IN SOA a0.org.afilias-nst.info. noc.afilias-nst.info. 2009442570 1800 900 604800 86400

dig kamtiez.web.id

; <<>> DiG 9.6-ESV-R1 <<>> kamtiez.web.id
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29009
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;kamtiez.web.id. IN A

;; ANSWER SECTION:
kamtiez.web.id. 14400 IN A 74.53.227.162

;; Query time: 424 msec
;; SERVER: 202.27.158.40#53(202.27.158.40)
;; WHEN: Sat Dec 18 11:31:59 2010
;; MSG SIZE rcvd: 48

NetRange: 74.52.0.0 - 74.55.255.255
CIDR: 74.52.0.0/14
OriginAS: AS36420, AS30315, AS13749, AS21844
NetName: NETBLK-THEPLANET-BLK-14
NetHandle: NET-74-52-0-0-1
Parent: NET-74-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.THEPLANET.COM
NameServer: NS1.THEPLANET.COM
RegDate: 2006-02-17
Updated: 2009-02-24
Ref: http://whois.arin.net/rest/net/NET-74-52-0-0-1

OrgName: ThePlanet.com Internet Services, Inc.
OrgId: TPCM
Address: 315 Capitol
Address: Suite 205
City: Houston
StateProv: TX
PostalCode: 77002
Country: US
RegDate: 1999-08-31
Updated: 2010-10-13
Ref: http://whois.arin.net/rest/org/TPCM

ReferralServer: rwhois://rwhois.theplanet.com:4321

OrgTechHandle: TECHN33-ARIN
OrgTechName: Technical Support
OrgTechPhone: +1-214-782-7800
OrgTechEmail: admins@theplanet.com
OrgTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

OrgNOCHandle: THEPL-ARIN
OrgNOCName: The Planet NOC
OrgNOCPhone: +1-281-714-3555
OrgNOCEmail: noc@theplanet.com
OrgNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

OrgAbuseHandle: ABUSE271-ARIN
OrgAbuseName: The Planet Abuse
OrgAbusePhone: +1-281-714-3560
OrgAbuseEmail: abuse@theplanet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

RTechHandle: TECHN33-ARIN
RTechName: Technical Support
RTechPhone: +1-214-782-7800
RTechEmail: admins@theplanet.com
RTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

RNOCHandle: THEPL-ARIN
RNOCName: The Planet NOC
RNOCPhone: +1-281-714-3555
RNOCEmail: noc@theplanet.com
RNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

RAbuseHandle: ABUSE271-ARIN
RAbuseName: The Planet Abuse
RAbusePhone: +1-281-714-3560
RAbuseEmail: abuse@theplanet.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

Found a referral to rwhois.theplanet.com:4321.

%rwhois V-1.5:003eff:00 whois.theplanet.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-THEPLANET-BLK-14
network:Auth-Area:74.52.0.0/14
network:Network-Name:TPIS-BLK-74-53-227-0
network:IP-Network:74.53.227.160/28
network:IP-Network-Block:74.53.227.160 - 74.53.227.175
network:Organization-Name:WebsiteWelcome
network:Organization-City:Boca Raton
network:Organization-State:FL
network:Organization-Zip:33496
network:Organization-Country:USA
network:Description-Usage:customer
network:Server-Pri:ns1.theplanet.com
network:Server-Sec:ns2.theplanet.com
network:Tech-Contact;I:abuse@theplanet.com
network:Admin-Contact;I:abuse@theplanet.com
network:Created:20070629
network:Updated:20070629

dig hXXp://www.kamtiez.us

; <<>> DiG 9.6-ESV-R1 <<>> hXXp://www.kamtiez.us
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47794
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.kamtiez.us. IN A

;; ANSWER SECTION:
hXXp://www.kamtiez.us. 3600 IN CNAME ghs.google.com.
ghs.google.com. 603884 IN CNAME ghs.l.google.com.
ghs.l.google.com. 299 IN A 72.14.203.121

NetRange: 72.14.192.0 - 72.14.255.255
CIDR: 72.14.192.0/18
OriginAS:
NetName: GOOGLE
NetHandle: NET-72-14-192-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.GOOGLE.COM
NameServer: NS3.GOOGLE.COM
NameServer: NS4.GOOGLE.COM
NameServer: NS1.GOOGLE.COM
RegDate: 2004-11-10
Updated: 2007-04-10
Ref: http://whois.arin.net/rest/net/NET-72-14-192-0-1

OrgName: Google Inc.
OrgId: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
RegDate: 2000-03-30
Updated: 2009-08-07
Ref: http://whois.arin.net/rest/org/GOGL

OrgTechHandle: ZG39-ARIN
OrgTechName: Google Inc
OrgTechPhone: +1-650-253-0000
OrgTechEmail: arin-contact@google.com
OrgTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN

RTechHandle: ZG39-ARIN
RTechName: Google Inc
RTechPhone: +1-650-253-0000
RTechEmail: arin-contact@google.com
RTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN

Domain Name: KAMTIEZ.US
Domain ID: D25914687-US
Sponsoring Registrar: FAST DOMAIN INC.
Registrar URL (registration services): whois.fastdomain.com
Domain Status: clientTransferProhibited
Domain Status: serverTransferProhibited
Domain Status: serverUpdateProhibited
Registrant ID: FAST-14099275
Registrant Name: kaMtiEz rOx
Registrant Organization: indonesian coder < Maybe Dean Westbury
Registrant Address1: indonesian coder 666
Registrant City: hell city
Registrant State/Province: indonesian coder 666
Registrant Postal Code: 1115
Registrant Country: Philippines
Registrant Country Code: PH
Registrant Phone Number: +63.7128888
Registrant Email: newman@robee.com
Registrant Application Purpose: P1
Registrant Nexus Category: C11
Administrative Contact ID: FAST-14099270
Administrative Contact Name: Enjoy Gaw
Administrative Contact Organization: Carlson
Administrative Contact Address1: #97 Tomas Arguelles St. corner Bayani St.,
Administrative Contact City: Quezon City
Administrative Contact Postal Code: 1115
Administrative Contact Country: Philippines
Administrative Contact Country Code: PH
Administrative Contact Phone Number: +63.7128888
Administrative Contact Email: newman@robee.com
Administrative Application Purpose: P1
Administrative Nexus Category: C11
Billing Contact ID: FAST-14099270
Billing Contact Name: Enjoy Gaw
Billing Contact Organization: Carlson
Billing Contact Address1: #97 Tomas Arguelles St. corner Bayani St.,
Billing Contact City: Quezon City
Billing Contact Postal Code: 1115
Billing Contact Country: Philippines
Billing Contact Country Code: PH
Billing Contact Phone Number: +63.7128888
Billing Contact Email: newman@robee.com
Billing Application Purpose: P1
Billing Nexus Category: C11
Technical Contact ID: FAST-12785447
Technical Contact Name: Bluehost Inc
Technical Contact Organization: Bluehost.com
Technical Contact Address1: 1958 South 950 East
Technical Contact City: Provo
Technical Contact State/Province: Utah
Technical Contact Postal Code: 84606
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.8017659400
Technical Contact Facsimile Number: +1.8017651992
Technical Contact Email: whois@bluehost.com
Technical Application Purpose: P1
Technical Nexus Category: C21
Name Server: NS2.AFRAID.ORG
Name Server: NS1.AFRAID.ORG
Name Server: NS3.AFRAID.ORG
Name Server: NS4.AFRAID.ORG
Created by Registrar: FAST DOMAIN INC.
Last Updated by Registrar: FAST DOMAIN INC.
Domain Registration Date: Fri Dec 11 00:51:39 GMT 2009
Domain Expiration Date: Sat Dec 10 23:59:59 GMT 2011
Domain Last Updated Date: Sun Dec 12 03:07:08 GMT 2010

Server Name: BLUEHOST.COM.VIVIANWEAVER.COM
IP Address: 69.89.25.182
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com

Server Name: BLUEHOST.COM.VIVAVENEZIA.COM
IP Address: 209.63.57.200
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com

Server Name: BLUEHOST.COM.SEAEXPLORERSSCUBA.COM
IP Address: 209.63.57.200
Registrar: MYDOMAIN, INC.
Whois Server: whois.namesdirect.com
Referral URL: http://www.namesdirect.com

Server Name: BLUEHOST.COM.SCUBANICA.COM
IP Address: 66.147.242.195
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.SABANOVIC.COM
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.RYANESTESPHOTOS.COM
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.OLIVEOILZAKROS.NET
IP Address: 74.220.195.31
IP Address: 69.89.16.4
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.MOBILE-PHONES-SHOP.NET
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.MOBILE-PHONES-SHOP.COM
IP Address: 74.220.195.31
IP Address: 69.89.16.4
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.KEITHTHURMAN.COM
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.HEARTSOFTHAILAND.COM
IP Address: 74.220.195.31
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com

Server Name: BLUEHOST.COM.DGENERATION.NET
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.CRETA-NATURE.NET
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.CRETA-NATURE.COM
IP Address: 69.89.16.4
IP Address: 74.220.195.31
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.BELLOBABYROOMS.COM
IP Address: 66.147.242.151
Registrar: DSTR ACQUISITION PA I, LLC DBA DOMAINBANK.COM
Whois Server: whois.dotster.com
Referral URL: http://www.dotster.com

Server Name: BLUEHOST.COM.BAHAY4RENT.COM
IP Address: 74.220.198.218
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM.ANSWERMAN59.COM
IP Address: 74.220.219.74
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com

Server Name: BLUEHOST.COM.ALAZAMAH.COM
IP Address: 69.89.16.4
IP Address: 74.220.195.50
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com

Server Name: BLUEHOST.COM.5DOLLARSTOCKPHOTO.COM
IP Address: 98.131.214.210
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com

Server Name: BLUEHOST.COM
IP Address: 74.220.195.50
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com

Domain Name: BLUEHOST.COM
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com
Name Server: NS1.BLUEHOST.COM
Name Server: NS2.BLUEHOST.COM
Status: clientTransferProhibited
Updated Date: 15-aug-2008
Creation Date: 15-nov-2002
Expiration Date: 15-nov-2011

Registrar: FastDomain Inc.
Provider Name....: BlueHost.Com
Provider Whois...: whois.bluehost.com
Provider Homepage: http://www.bluehost.com/

Domain Name: BLUEHOST.COM

Created on..............: 2002-11-15 10:33:55 GMT
Expires on..............: 2016-07-14 17:30:09 GMT
Last modified on........: 2009-06-23 22:17:48 GMT

Registrant Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT

Administrative Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT

Technical Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT

Status: Locked

Domain servers in listed order:

NS1.BLUEHOST.COM
NS2.BLUEHOST.COM
=-=-=-=

Domain Name: ROBEE.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.ROBEE.COM
Name Server: NS2.ROBEE.COM
Status: clientTransferProhibited
Updated Date: 14-dec-2010
Creation Date: 27-dec-1997
Expiration Date: 26-dec-2013

>>> Last update of whois database: Fri, 17 Dec 2010 23:40:16 UTC <<<

Registrant:
Robee Stickers
418 Quezon Avenue
Quezon City, MM 1114
PH

Domain Name: ROBEE.COM

Administrative Contact:
Gaw, Newman gawnewman@yahoo.com
420 Quezon Avenue
Quezon City, Manila 1114
PH
(632)740-7690

Technical Contact:
Network Solutions, LLC. customerservice@networksolutions.com
13861 Sunrise Valley Drive
Herndon, VA 20171
US
1-888-642-9675 fax: 571-434-4620


Record expires on 26-Dec-2013.
Record created on 27-Dec-1997.
Database last updated on 17-Dec-2010 18:18:42 EST.

Domain servers in listed order:

NS1.ROBEE.COM 74.220.195.31
NS2.ROBEE.COM 69.89.16.4

kaMtiEz

* Jundab
http://jundab.co.tv/

muntilan mania (jundab.arrozy@gmail.com)
muntilan magelang jawa tengah indonesia
56415 Jawa Tengah (Djawa Tengah)
Indonesia
Phone: 62939115989

jundab.co.tv. 172800 IN A 64.191.56.23

OrgName: Network Operations Center Inc.
OrgId: NOC
Address: PO Box 591
City: Scranton
StateProv: PA
PostalCode: 18501-0591
Country: US

Guestbook

* Jundab "apa web anda yang di hack?"
Details
2010-12-11 2:33 AM
#
* Tamu "kenapa hack saya, sama2 orang magelang"
Details
2010-12-09 6:17 PM
#
* pramudyadhio.blogspot.com "berkunjung"
Details
2010-12-03 10:09 AM
#
* Ganyot ":D"
Details
2010-12-02 4:39 PM
#

* PrOReBeLL "mangstab mastah :D"
Details
2010-10-13 9:49 PM
#
* Tamu "hjj"
Details
2010-10-06 3:28 PM
#
* mini cd "wew.. ada shoutboxnya.. mangstabhh gan.."
Details
2010-10-04 5:46 PM
#
* Tamu ":-("
Details
2010-10-02 9:40 AM
#
* Tamu "fsdf"
Details
2010-10-02 9:39 AM
#
* Tamu "dsad"
Details
2010-10-02 9:36 AM
#
Page view
1 Sebelumnya Selanjutnya

* otong
Indonesian

http://opera15.blogspot.com/

* r3m1ck

http://r3m1ck.uni.cc/ not found no whois no dns

* ibl13z

whois ibl13z.biz
Domain Name: IBL13Z.BIZ
Domain ID: D38693710-BIZ
Sponsoring Registrar: THE REGISTRY AT INFO AVENUE
Sponsoring Registrar IANA ID: 123
Registrar URL (registration services): whois.iaveregistry.com
Domain Status: clientDeleteProhibited
Domain Status: clientHold
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID: PP-SP-001
Registrant Name: Domain Admin
Registrant Organization: PrivacyProtect.org
Registrant Address1: P.O. Box 97
Registrant Address2: Note - All Postal Mails Rejected, visit Privacyprotect.org
Registrant City: Moergestel
Registrant Postal Code: 5066 ZH
Registrant Country: Netherlands
Registrant Country Code: NL
Registrant Phone Number: +45.36946676
Registrant Email: contact@privacyprotect.org

No web no dns

* h4ruk4n4t4
http://www.h4ruk4n4t4.co.cc/

dig hXXp://www.h4ruk4n4t4.co.cc

; <<>> DiG 9.6-ESV-R1 <<>> hXXp://www.h4ruk4n4t4.co.cc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7043
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.h4ruk4n4t4.co.cc. IN A

;; ANSWER SECTION:
hXXp://www.h4ruk4n4t4.co.cc. 86291 IN CNAME ghs.google.com.
ghs.google.com. 604154 IN CNAME ghs.l.google.com.
ghs.l.google.com. 297 IN A 74.125.43.121

;; Query time: 88 msec
;; SERVER: 202.27.158.40#53(202.27.158.40)
;; WHEN: Sat Dec 18 17:19:52 2010
;; MSG SIZE rcvd: 102


* CS-31

http://undercrew.mc-crew.org/

Domain Name:MC-CREW.ORG
Created On:07-May-2010 14:30:34 UTC
Last Updated On:07-Jul-2010 03:47:26 UTC
Expiration Date:07-May-2011 14:30:34 UTC
Sponsoring Registrar:Blue Razor Domains, Inc. (R1268-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:CR47384108
Registrant Name:Registration Private
Registrant Organization:Domains by Proxy, Inc.
Registrant Street1:DomainsByProxy.com
Registrant Street2:15111 N. Hayden Rd., Ste 160, PMB 353
Registrant Street3:
Registrant City:Scottsdale
Registrant State/Province:Arizona
Registrant Postal Code:85260
Registrant Country:US

undercrew.mc-crew.org. 3466 IN A 69.43.160.175

Trellian Pty Ltd NET-69-43-160-0-1 (NET-69-43-160-0-1) 69.43.160.0 - 69.43.160.255

http://www.trellian.com/ SEO Scum

Domain Name: TRELLIAN.COM

Registrant:
Hostmaster Hostmaster
8 East concourse

Beaumaris
Victoria
3193
AU
hostmaster@trellian.com
Tel. 61.395897946
Fax.

* senot

http://www.senot.net/

no web no whois no dns

* cimpli

http://cimpli.uni.cc/blog/

no web no whois no dns

* Neo-Gabriel

http://systems-gabriel.isgreat.org/Neo-Gabriel.html

no web no whois no dns

* tRipLeZiX

http://www.the-triplezix.com/v1/

Domain Name: the-triplezix.com
Registrar: Name.com LLC

Protected Domain Services Customer ID: NCR-2869055

Expiration Date: 2011-05-15 04:46:47
Creation Date: 2009-05-15 04:46:47

Name Servers:
nsa.name.com
nsb.name.com

REGISTRANT CONTACT INFO
Protected Domain Services - Customer ID: NCR-2869055
125 Rampart Way
Suite 300
Denver
CO
80230
US
Phone: +1.7202492374
Email Address: the-triplezix.com@protecteddomainservices.com

ADMINISTRATIVE CONTACT INFO
Protected Domain Services - Customer ID: NCR-2869055
125 Rampart Way
Suite 300
Denver
CO
80230
US
Phone: +1.7202492374
Email Address: the-triplezix.com@protecteddomainservices.com

hXXp://www.the-triplezix.com. 183 IN A 208.43.239.180

NetRange: 208.43.0.0 - 208.43.255.255
CIDR: 208.43.0.0/16
OriginAS: AS36351
NetName: SOFTLAYER-4-6
NetHandle: NET-208-43-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.ARPA.GLOBAL-DATACENTER.COM
NameServer: NS1.ARPA.GLOBAL-DATACENTER.COM
RegDate: 2008-04-22
Updated: 2009-08-27
Ref: http://whois.arin.net/rest/net/NET-208-43-0-0-1

OrgName: SoftLayer Technologies Inc.
OrgId: SOFTL
Address: 1950 N Stemmons Freeway
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US


* MaGeLanGcYbEr

http://www.magelangcyber.us/

Domain Name: MAGELANGCYBER.US
Domain ID: D26252732-US
Sponsoring Registrar: FAST DOMAIN INC.
Registrar URL (registration services): whois.fastdomain.com
Domain Status: clientHold
Domain Status: clientTransferProhibited
Registrant ID: FAST-14161025
Registrant Name: kaMtiEz rawk
Registrant Organization: magelangcyber
Registrant Address1: localhost
Registrant City: putty
Registrant State/Province: British Columbia
Registrant Postal Code: V5X 2H6
Registrant Country: Canada
Registrant Country Code: CA
Registrant Phone Number: +1.6047737339
Registrant Email: seansul84@hotmail.com
Registrant Application Purpose: P1
Registrant Nexus Category: C11
Administrative Contact ID: FAST-14155630
Name Server: NS1.HOSTMONSTER.COM
Name Server: NS2.HOSTMONSTER.COM
Created by Registrar: FAST DOMAIN INC.
Last Updated by Registrar: FAST DOMAIN INC.
Domain Registration Date: Wed Jan 20 02:37:49 GMT 2010
Domain Expiration Date: Wed Jan 19 23:59:59 GMT 2011
Domain Last Updated Date: Mon Jun 14 14:24:28 GMT 2010


no web no dns

* d0ntcry

http://d0nt-cry.blogspot.com/
http://www.d0ntcry.co.cc/

Registrant ahmad sutanto

60237
hero city, jawa timur
INDONESIA

soerabaya cyber team
Email : dont.cry.soerabaya@gmail.com
Phone : 031-60771779
Instant messenger : terbawa_suasana (Yahoo!)

Updated Date : 09-Feb-2009
Creation Date : 27-Nov-2008

dig hXXp://www.d0ntcry.co.cc

; <<>> DiG 9.6-ESV-R1 <<>> hXXp://www.d0ntcry.co.cc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24855
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.d0ntcry.co.cc. IN A

;; ANSWER SECTION:
hXXp://www.d0ntcry.co.cc. 86400 IN CNAME ghs.google.com.
ghs.google.com. 336151 IN CNAME ghs.l.google.com.
ghs.l.google.com. 141 IN A 74.125.43.121

* bobyhikaru

http://bobyhikaru.biz/
Domain Name: BOBYHIKARU.BIZ
Domain ID: D36601103-BIZ
Sponsoring Registrar: MELBOURNE IT LTD
Sponsoring Registrar IANA ID: 13
Registrar URL (registration services): whois.inww.com
Domain Status: ok
Registrant ID: D125655265486895
Registrant Name: Elisabeth Veenendaal
Registrant Organization: Private Registration US
Registrant Address1: PO Box 61359
Registrant City: Sunnyvale
Registrant State/Province: CA
Registrant Postal Code: 94088
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.5105952002
Registrant Email: contact@myprivateregistration.com
Administrative Contact ID: B125655331691732

bobyhikaru.biz. 3600 IN A 72.52.172.44

NetRange: 72.52.128.0 - 72.52.255.255
CIDR: 72.52.128.0/17
OriginAS:
NetName: LIQUIDWEB-6
NetHandle: NET-72-52-128-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
NameServer: NS.LIQUIDWEB.COM
NameServer: NS1.LIQUIDWEB.COM
RegDate: 2006-08-03
Updated: 2007-03-26
Ref: http://whois.arin.net/rest/net/NET-72-52-128-0-1

OrgName: Liquid Web, Inc.
OrgId: LQWB
Address: 4210 Creyts Rd.
City: Lansing
StateProv: MI
PostalCode: 48917
Country: US
RegDate: 2001-07-20
Updated: 2008-12-19

* bobyhikaru2

http://bobyputra.com/

Domain Name: BOBYPUTRA.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: NS1.EVERYDNS.NET
Name Server: NS2.EVERYDNS.NET
Name Server: NS3.EVERYDNS.NET
Name Server: NS4.EVERYDNS.NET
Status: ok
Updated Date: 08-feb-2010
Creation Date: 07-feb-2010
Expiration Date: 07-feb-2012

>>> Last update of whois database: Sat, 18 Dec 2010 05:10:25 UTC <<<

Domain Name.......... bobyputra.com
Creation Date........ 2010-02-08
Registration Date.... 2010-02-08
Expiry Date.......... 2012-02-08
Organisation Name.... Jane Fraser
Organisation Address. PO Box 61359
Organisation Address.
Organisation Address. Sunnyvale
Organisation Address. 94088
Organisation Address. CA
Organisation Address. US

Admin Name........... Admin PrivateRegContact
Admin Address........ PO Box 61359
Admin Address........ registered post accepted only
Admin Address........ Sunnyvale
Admin Address........ 94088
Admin Address........ CA
Admin Address........ US
Admin Email.......... contact@myprivateregistration.com
Admin Phone.......... +1.5105952002
Admin Fax............

bobyputra.com. 3600 IN A 49.0.6.165

inetnum: 49.0.6.160 - 49.0.6.175
netname: IDM-ID
descr: Indonesia Digital Media, PT
country: ID
admin-c: TY836-AP
tech-c: FN77-AP
remarks: spam and abuse reports : noc@idm.co.id
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-IDM-ID
changed: ty@idm.co.id 20101106
source: APNIC

route: 49.0.4.0/22
descr: Route object of IDM-ID
descr: Indonesia Digital Media, PT
country: ID
origin: AS55830
mnt-by: MAINT-IDM-ID
changed: ty@idm.co.id 20101025
source: APNIC

person: Tajid Yakub
address: Jl. Mede No.5
address: Utan Kayu Utara, Matraman
address: Jakarta Timur 13120
country: ID
phone: +62 21 85911602
e-mail: ty@idm.co.id
nic-hdl: TY836-AP
mnt-by: MAINT-IDM-ID
changed: ty@idm.co.id 20101025
source: APNIC

person: Firmansyah Nainggolan
address: Jl. Mede No.5
address: Utan Kayu Utara, Matraman
address: Jakarta Timur 13120
country: ID
phone: +62 21 85911602
e-mail: rha@idm.co.id
nic-hdl: FN77-AP
mnt-by: MAINT-IDM-ID
changed: ty@idm.co.id 20101025

* devil-nongkrong

http://www.devil-nongkrong.co.cc/

Registrant Devil Nongkrong


Jakarta, Jakarta Pusat
INDONESIA

Devilzc0de Crew
Email : devilznongkrong@gmail.com
Phone : 02199809678
Instant messenger : Devil_Nongkrong@yahoo.com (Yahoo!)

Updated Date : 16-Nov-2009
Creation Date : 28-Jul-2009

no web no dns

* kill-9 team

http://kill-nines.blogspot.com/
hXXp://www.kill-9.tk
hXXp://www.kill-nine.co.nr
hXXp://www.killnine.co.tv

arianom@sctvonline.com

hXXp://www.kill-9.us
hXXp://www.tool.kill-9.us
hXXp://www.arianom.co.tv
hXXp://www.indonesiancoder.com

hXXp://www.jatimcom.biz NS on this range
Epic Technology Solutions LLC. I123-067214120000-2009816 (NET-67-214-120-0-1) 67.214.120.0 - 67.214.120.255
123.Net, Inc. 123NET-BLK-I123-3 (NET-67-214-112-0-1) 67.214.112.0 - 67.214.127.255


BV Dot TK / Dot TK administrator
P.O. Box 11774
1001 GT Amsterdam
Netherlands

Domain Name: kill-nine.co.nr - Basic Free Domain Name

Status: Approved, Active

Owner: niner, anderson

Country: Hong Kong

Registration Date: Dec 20, 2009 - 01:52 am

Website Category: Education

Website Title: KILL-9 CREW

Website Description:

kill-nine.co.nr is a best site for education and computer networking


killnine.co.tv
Registrant :

antonio banderas (arianom99@ymail.com)
surabaya
64451 Jawa Timur (Djawa Timur)
Indonesia
Phone: 031256478

kill-nines.blogspot.com. 3464 IN CNAME blogspot.l.google.com.
blogspot.l.google.com. 90 IN A 74.125.19.132

hXXp://www.kill-9.tk. 300 IN A 209.172.59.196
hXXp://www.kill-9.tk. 300 IN A 217.119.57.22
hXXp://www.kill-9.tk. 300 IN A 178.162.164.24

hXXp://www.kill-nine.co.nr. 86400 IN A 208.100.40.200

hXXp://www.killnine.co.tv. 86400 IN CNAME killnine.co.tv.
killnine.co.tv. 86400 IN A 209.190.24.9

Taloha, Inc. IWEB-HD-T2523CL-495 (NET-209-172-59-192-1) 209.172.59.192 - 209.172.59.199
inetnum: 217.119.57.16 - 217.119.57.23
netname: SYNNET-VERZA
descr: BV Dot TK
inetnum: 178.162.164.24 - 178.162.164.31
netname: BV-Dot-TK-969545
descr: BV Dot TK

NetRange: 208.100.0.0 - 208.100.63.255
CIDR: 208.100.0.0/18
OriginAS: AS32748
NetName: STEADFAST-2
NetHandle: NET-208-100-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
NameServer: NS3.STEADFAST.NET
NameServer: NS4.STEADFAST.NET
Comment: abuse@steadfast.net. Reports sent
OrgName: Steadfast Networks
OrgId: NOZON
Address: 350 E. Cermak Rd.
Address: Suite 240
City: Chicago
StateProv: IL
PostalCode: 60616
Country: US
RegDate: 2004-05-21
Updated: 2010-01-14

autharea=208.100.0.0/18
xautharea=208.100.0.0/18
network:Class-Name:network
network:Auth-Area:208.100.0.0/18
network:ID:NET-1768.208.100.40.200/30
network:Network-Name:Secondary IPs
network:IP-Network:208.100.40.200/30
network:IP-Network-Block:208.100.40.200 - 208.100.40.203

<obsolete information removed>

network:Tech-Contact:MAINT-1768.208.100.40.200/30
network:Created:20070731195916000
network:Updated:20080204181902000
network:Updated-By:noc@steadfast.net
contact:POC-Name:Steadfast Networks Network Operations Center
contact:POC-Email:noc@steadfast.net
contact:POC-Phone:+1-312-602-2689
contact:Tech-Name:Steadfast Networks Network Operations Center
contact:Tech-Email:noc@steadfast.net
contact:Tech-Phone:+1-312-602-2689
contact:Abuse-Name:Steadfast Networks Abuse Department
contact:Abuse-Email:abuse@steadfast.net

NetRange: 209.190.0.0 - 209.190.127.255
CIDR: 209.190.0.0/17
OriginAS:
NetName: COLUMBUS-NAP
NetHandle: NET-209-190-0-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.EE.NET
NameServer: NS2.EE.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 1997-12-19
Updated: 2008-07-17
Ref: http://whois.arin.net/rest/net/NET-209-190-0-0-1

OrgName: Columbus Network Access Point, Inc.
OrgId: CNAP
Address: 50 W, Broad St, Suite 627
City: Columbus
StateProv: OH
PostalCode: 43215
Country: US


* vodkabilly

http://www.vodkabilly.madpath.com/

Domain Name: MADPATH.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS1.XTGEM.COM
Name Server: NS2.XTGEM.COM
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 23-sep-2010
Creation Date: 14-dec-2006
Expiration Date: 14-dec-2014

>>> Last update of whois database: Sat, 18 Dec 2010 07:54:15 UTC <<<

Registrant:
Povilas Musteikis
Rygos 13
Vilnius, 05257
Lithuania

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: MADPATH.COM
Created on: 14-Dec-06
Expires on: 14-Dec-14
Last Updated on: 23-Sep-10

Administrative Contact:
Musteikis, Povilas povilas@musteikis.lt
Rygos 13
Vilnius, 05257
Lithuania
+370.64164111 Fax --

Technical Contact:
Musteikis, Povilas povilas@musteikis.lt
Rygos 13
Vilnius, 05257
Lithuania
+370.64164111 Fax --

Domain servers in listed order:
NS1.XTGEM.COM
NS2.XTGEM.COM

hXXp://www.vodkabilly.madpath.com. 86060 IN A 213.163.85.226

inetnum: 213.163.85.127 - 213.163.85.255
netname: SERVERBOOST
descr: Serverboost IP space
country: NL
admin-c: SR4706-RIPE
tech-c: SR4706-RIPE
status: ASSIGNED PA
mnt-by: SERVERBOOST-MNT
source: RIPE # Filtered

role: Serverboost role
address: Piet Paaltjensplein 62
address: 3027 TZ Rotterdam
address: The Netherlands
phone: +31 (0)6 1482 4915
abuse-mailbox: abuse@serverboost.nl

NS1.XTGEM.COM. 86400 IN A 213.163.86.14
NS2.XTGEM.COM. 86161 IN A 213.163.85.222

* Gh4mb4S
http://ghambas.co.cc/

http://www.facebook.com/Gh4mb4S
Denny Rosebanditz (Cruutz Di Dada)

Registrant denny kristanto

68162
jember, jawa timur
INDONESIA

unthaxuthux
Email : ghambass@yahoo.co.id
Phone : -
Instant messenger : unthaxunthux@rocketmail.com (Yahoo!)

Updated Date : 10-Jun-2009
Creation Date : 10-Jun-2009

ghambas.co.cc. 86400 IN A 209.51.196.245

XLHost.com Inc XLHOST-13947-2 (NET-209-51-196-240-1) 209.51.196.240 - 209.51.196.255

Domain Name: XLHOST.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: DNS2.EE.NET
Name Server: DNS3.EE.NET
Status: clientTransferProhibited
Updated Date: 05-jan-2010
Creation Date: 05-jan-2000
Expiration Date: 05-jan-2020

>>> Last update of whois database: Sat, 18 Dec 2010 08:13:59 UTC <<<
Registrant:
eNET Inc.
3000 E. Dublin Granville Road
Columbus, OH 43231
US

Domain Name: XLHOST.COM

Administrative Contact, Technical Contact:
Kharazi, Saeed ski@EE.NET
eNET Inc.
3000 East Dublin-Granville Road
Columbus, OH 43231
US
(614) 794-5971 fax: (614) 794-9016

Record expires on 05-Jan-2020.
Record created on 05-Jan-2000.
Database last updated on 18-Dec-2010 03:03:47 EST.

Domain servers in listed order:

DNS2.EE.NET 206.222.1.2
DNS3.EE.NET 206.222.1.3

* zee eichel

http://blogs.zeez0ne.info/

Holding page

Domain ID:D35633742-LRMS
Domain Name:ZEEZ0NE.INFO
Created On:01-Dec-2010 10:12:08 UTC
Expiration Date:01-Dec-2011 10:12:08 UTC
Sponsoring Registrar:Key-Systems GmbH (R124-LRMS)
Status:TRANSFER PROHIBITED
Registrant ID:P-27058133
Registrant Name:Telos CHAMIR
Registrant Organization:
Registrant Street1:212-229 Wanchai Road
Registrant Street2:
Registrant Street3:
Registrant City:Wanchai
Registrant State/Province:
Registrant Postal Code:238855
Registrant Country:HK
Registrant Phone:+852.2871383
Registrant Phone Ext.:
Registrant FAX:+852.2871383
Registrant FAX Ext.:
Registrant Email:teloschamir@gmail.com

* tukulesto

http://www.tukulesto.co.cc/

blogspot page no content

Registrant Andre Nurhanggoro

6606
Kenjeran, Soerabaya
INDONESIA

INDONESIAN CODER
Email : tukulesto@hackermail.com
Instant messenger : punk_dos (Yahoo!)

Updated Date : 30-Dec-2009
Creation Date : 02-Jun-2008

hXXp://www.tukulesto.co.cc. 86400 IN CNAME ghs.google.com.
ghs.google.com. 319908 IN CNAME ghs.l.google.com.
ghs.l.google.com. 32 IN A 74.125.77.121

Domain Name: HACKERMAIL.COM
Registrar: PSI-USA, INC. DBA DOMAIN ROBOT
Whois Server: whois.psi-usa.info
Referral URL: http://www.psi-usa.info
Name Server: PDNS1.ULTRADNS.NET
Name Server: PDNS2.ULTRADNS.NET
Name Server: PDNS3.ULTRADNS.ORG
Name Server: PDNS4.ULTRADNS.ORG
Name Server: PDNS5.ULTRADNS.INFO
Name Server: PDNS6.ULTRADNS.CO.UK
Status: clientTransferProhibited
Updated Date: 14-aug-2010
Creation Date: 13-dec-1998
Expiration Date: 12-dec-2012

>>> Last update of whois database: Sat, 18 Dec 2010 09:27:55 UTC <<<

domain: hackermail.com
status: LOCK
owner-c: LULU-10980077
admin-c: LULU-10980068
tech-c: LULU-10980068
zone-c: LULU-10980068
nserver: pdns2.ultradns.net
nserver: pdns6.ultradns.co.uk
nserver: pdns5.ultradns.info
nserver: pdns1.ultradns.net
nserver: pdns4.ultradns.org
nserver: pdns3.ultradns.org
created: 1998-12-13 05:00:00
expire: 2012-12-12 05:00:00 (registry time)
changed: 2010-09-30 09:26:47

[owner-c] handle: 10980077
[owner-c] type: PERSON
[owner-c] title:
[owner-c] fname: GMX Internet
[owner-c] lname: Services Inc.
[owner-c] org:
[owner-c] address: c/o Ernst-Frey-Strasse 9
[owner-c] city: Karlsruhe
[owner-c] pcode: 76135
[owner-c] country: DE
[owner-c] state: DE
[owner-c] phone: +49-721-91374-0
[owner-c] fax: +49-721-91374-215
[owner-c] email: hostmaster@1und1.de
[owner-c] protection: B
[owner-c] updated: 2010-09-30 12:48:06

[admin-c] handle: 10980068
[admin-c] type: PERSON
[admin-c] title:
[admin-c] fname: Jan
[admin-c] lname: Oetjen
[admin-c] org:
[admin-c] address: c/o Ernst-Frey-Strasse 9
[admin-c] city: Karlsruhe
[admin-c] pcode: 76135
[admin-c] country: DE
[admin-c] state: DE
[admin-c] phone: +49-721-91374-0
[admin-c] fax: +49-721-91374-215
[admin-c] email: hostmaster@1und1.de
[admin-c] protection: B
[admin-c] updated: 2010-09-30 12:50:54

[tech-c] handle: 10980068
[tech-c] type: PERSON
[tech-c] title:
[tech-c] fname: Jan
[tech-c] lname: Oetjen
[tech-c] org:
[tech-c] address: c/o Ernst-Frey-Strasse 9
[tech-c] city: Karlsruhe
[tech-c] pcode: 76135
[tech-c] country: DE
[tech-c] state: DE
[tech-c] phone: +49-721-91374-0
[tech-c] fax: +49-721-91374-215
[tech-c] email: hostmaster@1und1.de
[tech-c] protection: B
[tech-c] updated: 2010-09-30 12:50:54

[zone-c] handle: 10980068
[zone-c] type: PERSON
[zone-c] title:
[zone-c] fname: Jan
[zone-c] lname: Oetjen
[zone-c] org:
[zone-c] address: c/o Ernst-Frey-Strasse 9
[zone-c] city: Karlsruhe
[zone-c] pcode: 76135
[zone-c] country: DE
[zone-c] state: DE
[zone-c] phone: +49-721-91374-0
[zone-c] fax: +49-721-91374-215
[zone-c] email: hostmaster@1und1.de
[zone-c] protection: B
[zone-c] updated: 2010-09-30 12:50:54

hackermail.com. 86400 IN A 209.20.74.102

NetRange: 209.20.64.0 - 209.20.95.255
CIDR: 209.20.64.0/19
OriginAS: AS12200
NetName: SLICE-STL-SG
NetHandle: NET-209-20-64-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.SLICEHOST.NET
NameServer: NS1.SLICEHOST.NET
Comment: http://www.slicehost.com
RegDate: 2008-03-12
Updated: 2008-07-03
Ref: http://whois.arin.net/rest/net/NET-209-20-64-0-1

OrgName: Slicehost LLC
OrgId: SLICE
Address: 4579 Laclede Avenue #258
City: St. Louis
StateProv: MO
PostalCode: 63108
Country: US
RegDate: 2006-12-06
Updated: 2009-08-17
Ref: http://whois.arin.net/rest/org/SLICE

OrgAbuseHandle: SAD96-ARIN
OrgAbuseName: Slicehost Abuse Department
OrgAbusePhone: +1-210-312-4000
OrgAbuseEmail: abuse@rackspace.com
OrgAbuseRef: http://whois.arin.net/rest/poc/SAD96-ARIN

OrgNOCHandle: NETWO1456-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-210-312-4000
OrgNOCEmail: noc@rackspace.com
OrgNOCRef: http://whois.arin.net/rest/poc/NETWO1456-ARIN

OrgTechHandle: NETWO1456-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-210-312-4000
OrgTechEmail: noc@rackspace.com
OrgTechRef: http://whois.arin.net/rest/poc/NETWO1456-ARIN

RTechHandle: NETWO1456-ARIN
RTechName: Network Operations
RTechPhone: +1-210-312-4000
RTechEmail: noc@rackspace.com
RTechRef: http://whois.arin.net/rest/poc/NETWO1456-ARIN

RAbuseHandle: NETWO1456-ARIN
RAbuseName: Network Operations
RAbusePhone: +1-210-312-4000
RAbuseEmail: noc@rackspace.com
RAbuseRef: http://whois.arin.net/rest/poc/NETWO1456-ARIN

RNOCHandle: NETWO1456-ARIN
RNOCName: Network Operations
RNOCPhone: +1-210-312-4000
RNOCEmail: noc@rackspace.com
RNOCRef: http://whois.arin.net/rest/poc/NETWO1456-ARIN

;; ANSWER SECTION:
hackermail.com. 600 IN MX 15 mailin-03.mx.aol.com.
hackermail.com. 600 IN MX 15 mailin-02.mx.aol.com.
hackermail.com. 600 IN MX 15 mailin-01.mx.aol.com.
hackermail.com. 600 IN MX 15 mailin-04.mx.aol.com.

;; ADDITIONAL SECTION:
mailin-02.mx.aol.com. 813 IN A 205.188.155.110
mailin-02.mx.aol.com. 813 IN A 205.188.190.1
mailin-02.mx.aol.com. 813 IN A 64.12.90.65
mailin-02.mx.aol.com. 813 IN A 64.12.139.193
mailin-02.mx.aol.com. 813 IN A 205.188.103.1
mailin-01.mx.aol.com. 813 IN A 64.12.222.197
mailin-01.mx.aol.com. 813 IN A 205.188.146.193
mailin-01.mx.aol.com. 813 IN A 205.188.159.42
mailin-01.mx.aol.com. 813 IN A 64.12.90.1
mailin-01.mx.aol.com. 813 IN A 64.12.90.98
mailin-04.mx.aol.com. 3061 IN A 205.188.146.194
mailin-04.mx.aol.com. 3061 IN A 205.188.157.18
mailin-04.mx.aol.com. 3061 IN A 64.12.90.66
mailin-04.mx.aol.com. 3061 IN A 64.12.138.161
mailin-04.mx.aol.com. 3061 IN A 205.188.103.2
mailin-03.mx.aol.com. 813 IN A 64.12.137.169
mailin-03.mx.aol.com. 813 IN A 205.188.59.193
mailin-03.mx.aol.com. 813 IN A 205.188.156.193
mailin-03.mx.aol.com. 813 IN A 205.188.190.2
mailin-03.mx.aol.com. 813 IN A 64.12.90.97

* vYc0d

http://vyc0d.blogspot.com/

http://www.indonesianhacker.org/forum/

Domain Name:INDONESIANHACKER.ORG
Created On:11-Nov-2009 13:02:20 UTC
Last Updated On:14-Mar-2010 09:55:53 UTC
Expiration Date:11-Nov-2011 13:02:20 UTC
Sponsoring Registrar:Melbourne IT, Ltd (R52-LROR)
Status:OK
Registrant ID:D125792402710768
Registrant Name:Richard Fox
Registrant Organization:Private Registration US

hXXp://www.indonesianhacker.org. 3600 IN A 49.0.6.165

inetnum: 49.0.6.160 - 49.0.6.175
netname: IDM-ID
descr: Indonesia Digital Media, PT
country: ID
admin-c: TY836-AP
tech-c: FN77-AP
remarks: spam and abuse reports : noc@idm.co.id
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-IDM-ID
changed: ty@idm.co.id 20101106
source: APNIC

* indonesiancoder

http://indonesiancoder.com/

root@indonesiancoder.com

Domain Name: INDONESIANCODER.COM
Registrar: ONLINENIC, INC.
Whois Server: whois.onlinenic.com
Referral URL: http://www.OnlineNIC.com
Name Server: HERETIC.INDONESIANCODER.COM
Name Server: LUNATIC.INDONESIANCODER.COM
Status: ok
Updated Date: 23-dec-2009
Creation Date: 20-dec-2008
Expiration Date: 20-dec-2010

>>> Last update of whois database: Sat, 18 Dec 2010 09:53:52 UTC <<<

Registrant:
Surabaya HackerLink root@xtremenitro.org +62.62081336663
Surabaya Hacker Link
Localhost 8080
Surabaya,Jawa Timur Jawa Timur,INDONESIA 3128


Domain Name:indonesiancoder.com
Record last updated at 2009-12-23 17:23:10
Record created on 2008/12/20
Record expired on 2010/12/20


Domain servers in listed order:
heretic.indonesiancoder.com lunatic.indonesiancoder.com

Administrator:
Localhost 8080
Surabaya
Jawa Timur Jawa Timur,
INDONESIA
3128

name:(Surabaya HackerLink)
mail:(root@xtremenitro.org) +62.62081336663
Surabaya Hacker Link
Technical Contactor:
Localhost 8080
Surabaya
Jawa Timur Jawa Timur,
INDONESIA
3128

name:(Surabaya HackerLink)
mail:(root@xtremenitro.org) +62.62081336663
Surabaya Hacker Link
Billing Contactor:
Localhost 8080
Surabaya
Jawa Timur Jawa Timur,
INDONESIA
3128

name:(Surabaya HackerLink)
mail:(root@xtremenitro.org) +62.62081336663
Surabaya Hacker Link

Registration Service Provider:
name: DraCoola Multimedia
tel: +62.3160678666
fax: +62.315035231
web:http://www.dracoola.com

indonesiancoder.com. 6333 IN A 75.126.221.216

NetRange: 75.126.0.0 - 75.126.255.255
CIDR: 75.126.0.0/16
OriginAS: AS36351
NetName: SOFTLAYER-4-3
NetHandle: NET-75-126-0-0-1
Parent: NET-75-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.ARPA.GLOBAL-DATACENTER.COM
NameServer: NS1.ARPA.GLOBAL-DATACENTER.COM
Comment: abuse@softlayer.com
RegDate: 2006-05-12
Updated: 2009-08-26
Ref: http://whois.arin.net/rest/net/NET-75-126-0-0-1

OrgName: SoftLayer Technologies Inc.
OrgId: SOFTL
Address: 1950 N Stemmons Freeway
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US
RegDate: 2005-10-26
Updated: 2009-07-02
Ref: http://whois.arin.net/rest/org/SOFTL

OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-442-0605
OrgAbuseEmail: abuse@softlayer.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1025-ARIN

OrgTechHandle: IPADM258-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-214-442-0600
OrgTechEmail: ipadmin@softlayer.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

RNOCHandle: IPADM258-ARIN
RNOCName: IP Admin
RNOCPhone: +1-214-442-0600
RNOCEmail: ipadmin@softlayer.com
RNOCRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

RTechHandle: IPADM258-ARIN
RTechName: IP Admin
RTechPhone: +1-214-442-0600
RTechEmail: ipadmin@softlayer.com
RTechRef: http://whois.arin.net/rest/poc/IPADM258-ARIN

RAbuseHandle: ABUSE1025-ARIN
RAbuseName: Abuse
RAbusePhone: +1-214-442-0605
RAbuseEmail: abuse@softlayer.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE1025-ARIN

%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.192.0/19
network:Auth-Area:75.126.192.0/19
network:Network-Name:SOFTLAYER-75.126.192.0
network:IP-Network:75.126.221.216/30
network:IP-Network-Block:75.126.221.216-75.126.221.219
network:Organization;I:DraCoola Multimedia
network:Street-Address:Jagiran 1 No. 67
network:City:Surabaya
network:State:ot
network:Postal-Code:60136
network:Country-Code:ID
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@dracoola.net
network:Admin-Contact;I:IPADM258-ARIN
network:Created:20070422
network:Updated:20100917
network:Updated-By:ipadmin@softlayer.com
Amouse
Spam Reporter
 
Posts: 140
Joined: Sat Jun 13, 2009 11:34 pm

Re: The hacker gang attacking IBR

Postby AlphaCentauri » Sat Dec 18, 2010 12:41 pm

The joe jobs I'm getting appear to come from at least two distinct sources, based on which of my email addresses get which joe jobs, so it's not a single "gang." They don't have the same mailing lists and apparently haven't thought to share with one another.

I'm not that interested in baiting the individual spammers. (I assume that's you posting on the comments in indonesiancoder as Anony Mouse?). As you point out with Kuvayev, and as we've seen with the arrests of the Atkinsons or Ralsky or Soloway or any of the other "Spam Kings," there's enough money in spamming that taking out the head doesn't kill the snake. "Spam Kings" aren't tyrannizing some group of subjects who will turn to legitimate business if their Kings are arrested. They're already mailing for multiple affiliate programs and will just adjust their efforts accordingly.

My goal is changing the environment that allows scum like them to flourish in the first place. That relies on educating the legitimate internet services they exploit as well as the users who are naive enough to order on their sites. Being confrontational can be counterproductive, as business owners at ISPs and registrars may respond by digging in their heels and doing things that are not in their own best interest, just to prove that they don't kowtow to people like me.

If spammers want to "attack" me in juvenile ways by (gasp!) sending me more spam in joe jobs or by using my email address as the "from," it just provides me evidence about them that I wouldn't receive in other ways. It's more entertaining than threatening. Trying to hack a server or DDoS us is more of what I would call an "attack," and as Red said, currently we're just seeing the same background noise that all forums see.
User avatar
AlphaCentauri
You are kiillllling-a my bizinisss!
 
Posts: 5989
Joined: Thu Mar 01, 2007 3:01 am


Return to Botnets, Hijacks and Hacking

Who is online

Users browsing this forum: No registered users and 1 guest

cron