Active: Stop Forum Spam
Whois Record for Moreprobe.com
IP Location: Estonia – Harjumaa – Tallinn – Starline Web Services
IP Address: 92.62.101.58
ICANN Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Created: 2009-02-19
Expires: 2010-02-19
Updated: 2009-02-19
Name Server: NS1.MOREPROBE.COM (has 1 domains)
Name Server: NS2.MOREPROBE.COM
Whois Server: whois.publicdomainregistry.com
Registrant: Renat Radov
4-i Proektirumyi proezd, vl. 8
Moskva
Moskovskaya oblast,220020
RU
Unhappy forum posters:
http://www.rotaryforum.com/forum/showthread.php?t=20301
FireEye Malware Intelligence Lab
2009.02.11
Bad Actors Part 1 – Starline Web Services
As the title suggests, the first up to bat is Starline Web Services. They are hosted by Compic in Estonia, who is legendary for allowing malicious content on their network.
Whois Record for Starlinewebservices.com
Whois Server: whois.verisign-grs.com
Domain Status: Deleted And Available Again
However if one stays on the page awhile an active webpage comes up,
ds58.esthost.eu
Website Title: Starline Web Services :: Esileht
IP Address: 195.5.116.233
IP Location: Estonia – Harjumaa – Tallinn – Compic Ltd
Domain: esthost
Registrant:
NOT DISCLOSED!
Visit www.eurid.eu for webbased whois.
Registrar:
Name: Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com
Website: www.publicdomainregistry.com
Directi refresher:
http://certifiedbug.com/blog/tag/directi/
