New spamrun - using NoIP services
I just got a comment in my old blog. Really vile stuff, but the looks of the URL’s.
Some are for free homepage services, and others are for NoIP services. And those ping sites on Atrivo.
Those pages of course point to real domain names, via scripts and whatnot.
One of those domains is registered to:
n/a
Sid Fedorov (f-1@ukr.net)
Volutova 2520
Praha
null,15800
CZ
Tel. +42.0602885127
Creation Date: 01-Jul-2004
Expiration Date: 01-Jul-2005
Domain servers in listed order:
dns98.3fn.net
ns2.3fn.net
And the domain pings
216.195.34.180
which is associated with 3fn.net.
I’ve seen nameservers from 3fn before, related to spam.
The spamming IP is from a place I’ve seen before - a bank in Japan. Probably an open proxy.
May 7th, 2006 at 4:54 am
Hi from Scotland,
I’m having a few problems trying to take europenorth off the air - it keeps on popping up again - it shares some of the name server reference:
Name Server: NS2.3FN.NET
Name Server: DNS10.3FN.NET
Any ideas how I can get this closed down - what does it refer to?
Thanks, Rob
Whilst www.europenorth.com is still off line (thanks!) www.Europenorth.net is still out there, defrauding innocent people. It is also cloned at www.Europenorth.biz
Please do all you can to take all versions off the air.
Rob,
Scotland
Domain Name: EUROPENORTH.BIZ
Domain ID: D13208792-BIZ
Sponsoring Registrar: GANDI SARL
Sponsoring Registrar IANA ID: 81
Domain Status: clientTransferProhibited
Registrant ID: O-984428-GANDI
Registrant Name: Roger Kohles
Registrant Organization: Roger Kohles
Registrant Address1: 2912 South 59th Street
Registrant City: Lincoln
Registrant State/Province: Nebraska
Registrant Postal Code: 68506
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.4024848806
Registrant Email: 50dbb1b1ec0ec51dfcb6dce911a114b0-986217@owner.gandi.net
Administrative Contact ID: RK411-GANDI
Administrative Contact Name: Roger Kohles
Administrative Contact Address1: 2912 South 59th Street
Administrative Contact City: Lincoln
Administrative Contact State/Province: Nebraska
Administrative Contact Postal Code: 68506
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.4024848806
Administrative Contact Email: b20b75b0ee0d00183e8028b76264160c-rk411@contact.gandi.net
Billing Contact ID: AR41-GANDI
Billing Contact Name: CONTACT NOT AUTHORITATIVE see http://www.gandi.net/whois
Billing Contact Organization: Gandi SARL
Billing Contact Address1: 38 rue Notre-Dame de Nazareth
Billing Contact City: Paris
Billing Contact Postal Code: 75003
Billing Contact Country: France
Billing Contact Country Code: FR
Billing Contact Email: support@gandi.net
Technical Contact ID: AR41-GANDI
Technical Contact Name: CONTACT NOT AUTHORITATIVE see http://www.gandi.net/whois
Technical Contact Organization: Gandi SARL
Technical Contact Address1: 38 rue Notre-Dame de Nazareth
Technical Contact City: Paris
Technical Contact Postal Code: 75003
Technical Contact Country: France
Technical Contact Country Code: FR
Technical Contact Email: support@gandi.net
Name Server: NS2.3FN.NET
Name Server: DNS10.3FN.NET
Created by Registrar: GANDI SARL
Last Updated by Registrar: GANDI SARL
Domain Registration Date: Thu Apr 27 17:43:31 GMT 2006
Domain Expiration Date: Thu Apr 26 23:59:59 GMT 2007
Domain Last Updated Date: Thu Apr 27 18:01:13 GMT 2006
Domain Name: EUROPENORTH.NET
Registrar: YESNIC CO. LTD.
Whois Server: whois.yesnic.com
Referral URL: http://www.yesnic.com
Name Server: NS2.BEKARIS.COM
Name Server: NS1.BEKARIS.COM
Status: ACTIVE
EPP Status: ok
Updated Date: 24-Apr-2006
Creation Date: 24-Apr-2006
Expiration Date: 24-Apr-2007
May 7th, 2006 at 5:37 am
Exactly what’s up with europenorth?
I didn’t see any of the sites actually working, except the .biz that had a redirect to .net.