Ozempic Pharmacy Scammer – Bodelin Ramcess Tikeng

One unintended side-effect of the Ozempic weight loss craze is the multitude of new scam websites popping up. Often these web sites are hosted offshore in Ukraine, etc. but the people running them are often in the good old USA. This is most unfortunate for those who truly suffer from diabetes and need to obtain low cost Ozempic and similar medications to help regulate their blood sugar levels.

The following names, phone numbers, and crypto addresses are all linked to this growing internet SCAM;

ozempicpharmacy.com, +1 (970) 564-3556 (Google Voice)
allymeds.com, +1 (303) 578-6885 (Google Voice)
savemedshop.com
milestonemedstore.com
promedsshop.com, +1 (801) 997-0535 (Google Voice)
unitedprestigepharmacy.com, +1 (424) 377-2912, unitedprestigepharmacy@gmail.com

usexpressfreightlogistics.com, Fake Logistics Company used extort more money
DiscoBest LLC, +1 773-827-3794 (T-Mobile & Zelle Account)
Bitcoin Address: 3BFvjWmisw2Jq8kDnqKprhfnqWFpw7fJPE

and of course many others. All of these web sites have the same underlying design, information, and owner and have been added to our Internet Pharmacy SCAMs – Wall of Shame

Fortunately most of these are now offline; however, more keep popping up.

One of the primary scammers is a “cashier” that collects money on behalf of these websites via Sprint/T-Mobile phone number +1 773-827-3794 is the company DiscoBest LLC in the Chicago, Illinois area with the registered agent BODELIN RAMCESS TIKENG.

**RAMCESS TIKENG, an internet scammer now #OpenToWork**

When he is not collecting money for this internet scam, he claims to be an Account Aanalyst with Blue Cross and Blue Shield since September 2023. He claims to have studied data analytics and Business Intelligence at Northwestern University. He claims to be from Douala, Cameroon

Email: tikengromual@gmail.com

Facebook: https://www.facebook.com/ramcesslavenir.tikeng

Twitter: @RTikeng

LinkedIn: https://www.linkedin.com/in/ramcess-tikeng

GitHub: https://github.com/Btikeng

Phone Numbers: +1 773-827-3794, +1 618-719-4581

Stay tuned for more updates to this story. This is a continuing investigation.

Corporation/LLC Search/Certificate of Good Standing

LLC File Detail Report

File Number

09517537

Entity Name

DISCOBEST LLC

Status

INVOLUNTARY DISSOLUTION on Friday, 13 May 2022

Entity Information

Principal Office

505 S WEBER RD UNIT 307
BOLINGBROOK, IL 604900000

Entity Type

LLC

Type of LLC

Domestic

Organization/Admission Date

Wednesday, 18 November 2020

Jurisdiction

Duration

PERPETUAL

Agent Information

Name

BODELIN R. TIKENG

Address

505 S WEBER RD UNIT 307
BOLINGBROOK , IL 60490

Change Date

Wednesday, 21 April 2021

Annual Report

For Year

2021

Filing Date

00/00/0000

Managers

Name
Address

BODELIN, TIKENG
505 S WEBER RD UNIT 307
BOLINGBROOK, IL 604900000

Old LLC Name

12/17/2020

DISCO LLC

Series Name

NOT AUTHORIZED TO ESTABLISH SERIES

Address lookup

canonical name	ozempicpharmacy.com.
aliases
addresses	185.233.186.53

Domain Whois record

Queried whois.internic.net with “dom ozempicpharmacy.com“…

   Domain Name: OZEMPICPHARMACY.COM
   Registry Domain ID: 2737014526_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2022-11-08T20:26:15Z
   Creation Date: 2022-11-07T14:08:48Z
   Registry Expiry Date: 2023-11-07T14:08:48Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: MARS1.FREEDNSDEDI.COM
   Name Server: MARS2.FREEDNSDEDI.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:30:39Z <<<

Queried whois.namesilo.com with “ozempicpharmacy.com“…

Domain Name: ozempicpharmacy.com
Registry Domain ID: 2737014526_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2023-02-09T07:00:00Z
Creation Date: 2022-11-07T07:00:00Z
Registrar Registration Expiration Date: 2023-11-07T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: PrivacyGuardian.org llc
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org
Registry Admin ID: 
Admin Name: Domain Administrator
Admin Organization: PrivacyGuardian.org llc
Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Admin City: Phoenix
Admin State/Province: AZ
Admin Postal Code: 85016
Admin Country: US
Admin Phone: +1.3478717726
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org
Registry Tech ID: 
Tech Name: Domain Administrator
Tech Organization: PrivacyGuardian.org llc
Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85016
Tech Country: US
Tech Phone: +1.3478717726
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org
Name Server: mars1.freednsdedi.com
Name Server: mars2.freednsdedi.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<

Network Whois record

Queried whois.ripe.net with “-B 185.233.186.53“…

% Information related to '185.233.186.0 - 185.233.186.255'

% Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com'

inetnum:        185.233.186.0 - 185.233.186.255
netname:        WeHostServersLTD
descr:          Your Premium Hosting Provider
org:            ORG-WL264-RIPE
country:        UA
admin-c:        MO7516-RIPE
tech-c:         MO7516-RIPE
abuse-c:        ACRO40689-RIPE
mnt-routes:     W3HOSTS3RV3RS-MNT
mnt-domains:    W3HOSTS3RV3RS-MNT
remarks:        | WeHostServers LTD is a premium hosting service provider,
remarks:        | that doesn't allow any kind of abusive activities on it's network.
remarks:        | All of the Hosting Services are used by our Resellers & not used
remarks:        | by us. So, in case of any complaint do contact us at relevant
remarks:        | abuse email address provided as;
remarks:        Phishing complaints to "phishing-abuse@wehostservers.com"
remarks:        Botnests complaints to "bots-abuse@wehostservers.com"
remarks:        | copyrights complaints to "copyrights@wehostservers.com"
remarks:        | General complaints to "abuse@wehostservers.com"
status:         ASSIGNED PA
mnt-by:         ru-quasar-1-mnt
created:        2019-07-05T18:29:30Z
last-modified:  2021-04-22T08:34:06Z
source:         RIPE

organisation:   ORG-WL264-RIPE
org-name:       We-Host-Servers LTD
org-type:       OTHER
address:        Industrivej, Nuuk 3901, Greenland
e-mail:         info@wehostservers.com
abuse-c:        ACRO40689-RIPE
mnt-ref:        ru-quasar-1-mnt
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:26:26Z
last-modified:  2021-04-21T14:26:26Z
source:         RIPE

person:         Maria Owaiza
address:        Muesmatt 301, Bern - CH
phone:          +5078381583
nic-hdl:        MO7516-RIPE
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:30:33Z
last-modified:  2021-04-21T14:30:33Z
source:         RIPE

% Information related to '185.233.186.0/24AS30860'

route:          185.233.186.0/24
origin:         AS30860
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-22T08:06:52Z
last-modified:  2021-04-22T08:06:52Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.105 (DEXTER)

DNS records

DNS query for 53.186.233.185.in-addr.arpa returned an error from the server: NameError

name

class

type

data

time to live

ozempicpharmacy.com

TXT

v=spf1 +a +mx +ip4:185.233.186.53 ~all

14400s

(04:00:00)

ozempicpharmacy.com

preference:	0
exchange:	ozempicpharmacy.com

14400s

(04:00:00)

ozempicpharmacy.com

185.233.186.53

14400s

(04:00:00)

ozempicpharmacy.com

mars2.freednsdedi.com

86400s

(1.00:00:00)

ozempicpharmacy.com

mars1.freednsdedi.com

86400s

(1.00:00:00)

ozempicpharmacy.com

SOA

server:	mars1.freednsdedi.com
email:	info@offshorededi.com
serial:	2022110804
refresh:	3600
retry:	1800
expire:	1209600
minimum ttl:	86400

86400s

(1.00:00:00)

Traceroute

Tracing route to ozempicpharmacy.com [185.233.186.53]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.160

ae103.ppr03.dal13.networklayer.com

169.48.118.132

84.76.30a9.ip4.static.sl-reverse.com

169.45.18.5

ae2.cbs01.eq01.chi01.networklayer.com

50.97.17.43

ae9.bbr01.tl01.nyc01.networklayer.com

198.32.160.182

nyiix.retn.net

147

156

147

87.245.232.216

ae11-11.rt.ntl.kiv.ua.retn.net

152

87.245.237.57

be4-100g.cr-2.g50.kiev.volia.net

145

77.123.156.134

134.156.123.77.colo.static.dcvolia.com

145

77.123.156.2

cs2-ss13.dc.volia.com

147

185.233.186.53

Trace complete

Service scan

FTP – 21 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 06:31. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout.

SMTP – 25 220-mars.privacyhost.net ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 06:31:20 +0000 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 mars.privacyhost.net lost input connection

HTTP – 80 HTTP/1.1 301 Moved Permanently Date: Sun, 19 Feb 2023 06:31:20 GMT Server: Apache X-Redirect-By: WordPress Location: https://ozempicpharmacy.com/ Connection: close Content-Type: text/html; charset=UTF-8

POP3 – 110 +OK Dovecot ready.

IMAP – 143 * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

HTTPS – 443 Error: A call to SSPI failed, see inner exception.

— end —

Address lookup

canonical name	allymeds.com.
aliases
addresses	185.233.186.31

Domain Whois record

Queried whois.internic.net with “dom allymeds.com“…

   Domain Name: ALLYMEDS.COM
   Registry Domain ID: 2718471799_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2022-08-17T12:09:31Z
   Creation Date: 2022-08-16T12:11:07Z
   Registry Expiry Date: 2023-08-16T12:11:07Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: LUNAR1.FREEDNSDEDI.COM
   Name Server: LUNAR2.FREEDNSDEDI.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:32:58Z <<<

Queried whois.namesilo.com with “allymeds.com“…

Domain Name: allymeds.com
Registry Domain ID: 2718471799_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2023-02-05T07:00:00Z
Creation Date: 2022-08-16T07:00:00Z
Registrar Registration Expiration Date: 2023-08-16T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: See PrivacyGuardian.org
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org
Registry Admin ID: 
Admin Name: Domain Administrator
Admin Organization: See PrivacyGuardian.org
Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Admin City: Phoenix
Admin State/Province: AZ
Admin Postal Code: 85016
Admin Country: US
Admin Phone: +1.3478717726
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org
Registry Tech ID: 
Tech Name: Domain Administrator
Tech Organization: See PrivacyGuardian.org
Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85016
Tech Country: US
Tech Phone: +1.3478717726
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org
Name Server: lunar1.freednsdedi.com
Name Server: lunar2.freednsdedi.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<

Network Whois record

Queried whois.ripe.net with “-B 185.233.186.31“…

% Information related to '185.233.186.0 - 185.233.186.255'

% Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com'

inetnum:        185.233.186.0 - 185.233.186.255
netname:        WeHostServersLTD
descr:          Your Premium Hosting Provider
org:            ORG-WL264-RIPE
country:        UA
admin-c:        MO7516-RIPE
tech-c:         MO7516-RIPE
abuse-c:        ACRO40689-RIPE
mnt-routes:     W3HOSTS3RV3RS-MNT
mnt-domains:    W3HOSTS3RV3RS-MNT
remarks:        | WeHostServers LTD is a premium hosting service provider,
remarks:        | that doesn't allow any kind of abusive activities on it's network.
remarks:        | All of the Hosting Services are used by our Resellers & not used
remarks:        | by us. So, in case of any complaint do contact us at relevant
remarks:        | abuse email address provided as;
remarks:        Phishing complaints to "phishing-abuse@wehostservers.com"
remarks:        Botnests complaints to "bots-abuse@wehostservers.com"
remarks:        | copyrights complaints to "copyrights@wehostservers.com"
remarks:        | General complaints to "abuse@wehostservers.com"
status:         ASSIGNED PA
mnt-by:         ru-quasar-1-mnt
created:        2019-07-05T18:29:30Z
last-modified:  2021-04-22T08:34:06Z
source:         RIPE

organisation:   ORG-WL264-RIPE
org-name:       We-Host-Servers LTD
org-type:       OTHER
address:        Industrivej, Nuuk 3901, Greenland
e-mail:         info@wehostservers.com
abuse-c:        ACRO40689-RIPE
mnt-ref:        ru-quasar-1-mnt
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:26:26Z
last-modified:  2021-04-21T14:26:26Z
source:         RIPE

person:         Maria Owaiza
address:        Muesmatt 301, Bern - CH
phone:          +5078381583
nic-hdl:        MO7516-RIPE
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:30:33Z
last-modified:  2021-04-21T14:30:33Z
source:         RIPE

% Information related to '185.233.186.0/24AS30860'

route:          185.233.186.0/24
origin:         AS30860
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-22T08:06:52Z
last-modified:  2021-04-22T08:06:52Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.105 (BUSA)

DNS records

name

class

type

data

time to live

allymeds.com

TXT

v=spf1 +a +mx +ip4:185.233.186.31 ~all

14400s

(04:00:00)

allymeds.com

SOA

server:	lunar1.freednsdedi.com
email:	info@offshorededi.com
serial:	2023021901
refresh:	3600
retry:	1800
expire:	1209600
minimum ttl:	86400

86400s

(1.00:00:00)

allymeds.com

lunar1.freednsdedi.com

86400s

(1.00:00:00)

allymeds.com

lunar2.freednsdedi.com

86400s

(1.00:00:00)

allymeds.com

185.233.186.31

14400s

(04:00:00)

allymeds.com

preference:	0
exchange:	allymeds.com

14400s

(04:00:00)

31.186.233.185.in-addr.arpa

PTR

3600s

(01:00:00)

186.233.185.in-addr.arpa

dns10.v-sys.org

3600s

(01:00:00)

186.233.185.in-addr.arpa

dns11.v-sys.org

3600s

(01:00:00)

186.233.185.in-addr.arpa

dns12.v-sys.org

3600s

(01:00:00)

186.233.185.in-addr.arpa

SOA

server:	dns10.v-sys.org
email:	support@v-sys.org
serial:	2023012815
refresh:	10800
retry:	3600
expire:	604800
minimum ttl:	60

3600s

(01:00:00)

Traceroute

Tracing route to allymeds.com [185.233.186.31]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.158

ae103.ppr02.dal13.networklayer.com

169.48.118.130

82.76.30a9.ip4.static.sl-reverse.com

169.45.18.40

ae16.cbs02.dr01.dal04.networklayer.com

169.45.18.5

ae2.cbs01.eq01.chi01.networklayer.com

50.97.17.49

ae0.cbs02.tl01.nyc01.networklayer.com

50.97.17.43

ae9.bbr01.tl01.nyc01.networklayer.com

198.32.160.182

nyiix.retn.net

153

147

149

87.245.232.216

ae11-11.rt.ntl.kiv.ua.retn.net

150

87.245.237.59

be4-100g.cr-1.g50.kiev.volia.net

152

77.123.156.132

132.156.123.77.colo.static.dcvolia.com

151

152

77.123.156.1

cs1-ss13.dc.volia.com

152

185.233.186.31

Trace complete

Service scan

FTP – 21 220 ProFTPD Server (ProFTPD Default Installation) [::ffff:185.233.186.31]

SMTP – 25 220-lunar.freednsdedi.com ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 01:33:27 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 lunar.freednsdedi.com lost input connection

HTTP – 80 HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 19 Feb 2023 06:33:28 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Redirect-By: WordPress Location: https://allymeds.com/

POP3 – 110 +OK Dovecot ready.

IMAP – 143 * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

HTTPS – 443 Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 2048 bits Issuer: CN=R3, O=Let's Encrypt, C=US Subject: CN=*.allymeds.com Subject Alternative Name: DNS Name=*.allymeds.com, DNS Name=allymeds.com Serial number: 04A3CC880B6EC8FD816A4318BA49C8185C47 Not valid before: 2023-01-02 01:08:51Z Not valid after: 2023-04-02 01:08:50Z SHA1 fingerprint: CE360E816A5E29A0EC01AA4D2664428D0CD6CF36HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Feb 2023 06:33:30 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Link: <https://allymeds.com/wp-json/>; rel=”https://api.w.org/”, <https://allymeds.com/wp-json/wp/v2/pages/283>; rel=”alternate”; type=”application/json”, <https://allymeds.com/>; rel=shortlink

— end —

Address lookup

canonical name	savemedshop.com.
aliases
addresses	185.233.186.53

Domain Whois record

Queried whois.internic.net with “dom savemedshop.com“…

   Domain Name: SAVEMEDSHOP.COM
   Registry Domain ID: 2714076384_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2022-07-27T16:57:13Z
   Creation Date: 2022-07-27T16:54:01Z
   Registry Expiry Date: 2023-07-27T16:54:01Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: MARS1.FREEDNSDEDI.COM
   Name Server: MARS2.FREEDNSDEDI.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:35:28Z <<<

Queried whois.namesilo.com with “savemedshop.com“…

Domain Name: savemedshop.com
Registry Domain ID: 2714076384_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2023-02-08T07:00:00Z
Creation Date: 2022-07-27T07:00:00Z
Registrar Registration Expiration Date: 2023-07-27T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: See PrivacyGuardian.org
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org
Registry Admin ID: 
Admin Name: Domain Administrator
Admin Organization: See PrivacyGuardian.org
Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Admin City: Phoenix
Admin State/Province: AZ
Admin Postal Code: 85016
Admin Country: US
Admin Phone: +1.3478717726
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org
Registry Tech ID: 
Tech Name: Domain Administrator
Tech Organization: See PrivacyGuardian.org
Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85016
Tech Country: US
Tech Phone: +1.3478717726
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org
Name Server: mars1.freednsdedi.com
Name Server: mars2.freednsdedi.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<

Network Whois record

Queried whois.ripe.net with “-B 185.233.186.53“…

% Information related to '185.233.186.0 - 185.233.186.255'

% Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com'

inetnum:        185.233.186.0 - 185.233.186.255
netname:        WeHostServersLTD
descr:          Your Premium Hosting Provider
org:            ORG-WL264-RIPE
country:        UA
admin-c:        MO7516-RIPE
tech-c:         MO7516-RIPE
abuse-c:        ACRO40689-RIPE
mnt-routes:     W3HOSTS3RV3RS-MNT
mnt-domains:    W3HOSTS3RV3RS-MNT
remarks:        | WeHostServers LTD is a premium hosting service provider,
remarks:        | that doesn't allow any kind of abusive activities on it's network.
remarks:        | All of the Hosting Services are used by our Resellers & not used
remarks:        | by us. So, in case of any complaint do contact us at relevant
remarks:        | abuse email address provided as;
remarks:        Phishing complaints to "phishing-abuse@wehostservers.com"
remarks:        Botnests complaints to "bots-abuse@wehostservers.com"
remarks:        | copyrights complaints to "copyrights@wehostservers.com"
remarks:        | General complaints to "abuse@wehostservers.com"
status:         ASSIGNED PA
mnt-by:         ru-quasar-1-mnt
created:        2019-07-05T18:29:30Z
last-modified:  2021-04-22T08:34:06Z
source:         RIPE

organisation:   ORG-WL264-RIPE
org-name:       We-Host-Servers LTD
org-type:       OTHER
address:        Industrivej, Nuuk 3901, Greenland
e-mail:         info@wehostservers.com
abuse-c:        ACRO40689-RIPE
mnt-ref:        ru-quasar-1-mnt
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:26:26Z
last-modified:  2021-04-21T14:26:26Z
source:         RIPE

person:         Maria Owaiza
address:        Muesmatt 301, Bern - CH
phone:          +5078381583
nic-hdl:        MO7516-RIPE
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-21T14:30:33Z
last-modified:  2021-04-21T14:30:33Z
source:         RIPE

% Information related to '185.233.186.0/24AS30860'

route:          185.233.186.0/24
origin:         AS30860
mnt-by:         W3HOSTS3RV3RS-MNT
created:        2021-04-22T08:06:52Z
last-modified:  2021-04-22T08:06:52Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.105 (DEXTER)

DNS records

DNS query for 53.186.233.185.in-addr.arpa returned an error from the server: NameError

name

class

type

data

time to live

savemedshop.com

TXT

v=spf1 +a +mx +ip4:185.233.186.53 ~all

14400s

(04:00:00)

savemedshop.com

preference:	0
exchange:	savemedshop.com

14400s

(04:00:00)

savemedshop.com

185.233.186.53

14400s

(04:00:00)

savemedshop.com

mars2.freednsdedi.com

86400s

(1.00:00:00)

savemedshop.com

mars1.freednsdedi.com

86400s

(1.00:00:00)

savemedshop.com

SOA

server:	mars1.freednsdedi.com
email:	info@offshorededi.com
serial:	2022072704
refresh:	3600
retry:	1800
expire:	1209600
minimum ttl:	86400

86400s

(1.00:00:00)

Traceroute

Tracing route to savemedshop.com [185.233.186.53]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.160

ae103.ppr03.dal13.networklayer.com

169.48.118.132

84.76.30a9.ip4.static.sl-reverse.com

169.45.18.40

ae16.cbs02.dr01.dal04.networklayer.com

169.45.18.5

ae2.cbs01.eq01.chi01.networklayer.com

50.97.17.49

ae0.cbs02.tl01.nyc01.networklayer.com

50.97.17.43

ae9.bbr01.tl01.nyc01.networklayer.com

198.32.160.182

nyiix.retn.net

147

87.245.232.216

ae11-11.rt.ntl.kiv.ua.retn.net

152

87.245.237.57

be4-100g.cr-2.g50.kiev.volia.net

146

145

77.123.156.134

134.156.123.77.colo.static.dcvolia.com

145

146

77.123.156.2

cs2-ss13.dc.volia.com

147

185.233.186.53

Trace complete

Service scan

FTP – 21 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 06:35. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout.

SMTP – 25 220-mars.privacyhost.net ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 06:35:56 +0000 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 mars.privacyhost.net lost input connection

HTTP – 80 HTTP/1.1 301 Moved Permanently Date: Sun, 19 Feb 2023 06:35:56 GMT Server: Apache X-Redirect-By: WordPress Location: https://savemedshop.com/ Connection: close Content-Type: text/html; charset=UTF-8

POP3 – 110 +OK Dovecot ready.

IMAP – 143 * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

HTTPS – 443 Error: A call to SSPI failed, see inner exception.

— end —

Address lookup

canonical name	milestonemedstore.com.
aliases
addresses	162.222.215.173

Domain Whois record

Queried whois.internic.net with “dom milestonemedstore.com“…

   Domain Name: MILESTONEMEDSTORE.COM
   Registry Domain ID: 2685974945_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2022-04-01T10:19:01Z
   Creation Date: 2022-04-01T10:07:36Z
   Registry Expiry Date: 2023-04-01T10:07:36Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: NS1.RIVALHOST.COM
   Name Server: NS2.RIVALHOST.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:36:58Z <<<

Queried whois.namesilo.com with “milestonemedstore.com“…

Domain Name: milestonemedstore.com
Registry Domain ID: 2685974945_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2023-02-04T07:00:00Z
Creation Date: 2022-04-01T07:00:00Z
Registrar Registration Expiration Date: 2023-04-01T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: See PrivacyGuardian.org
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org
Registry Admin ID: 
Admin Name: Domain Administrator
Admin Organization: See PrivacyGuardian.org
Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Admin City: Phoenix
Admin State/Province: AZ
Admin Postal Code: 85016
Admin Country: US
Admin Phone: +1.3478717726
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org
Registry Tech ID: 
Tech Name: Domain Administrator
Tech Organization: See PrivacyGuardian.org
Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85016
Tech Country: US
Tech Phone: +1.3478717726
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org
Name Server: ns1.rivalhost.com
Name Server: ns2.rivalhost.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<

Network Whois record

Queried whois.arin.net with “n 162.222.215.173“…

NetRange:       162.222.212.0 - 162.222.215.255
CIDR:           162.222.212.0/22
NetName:        USWHSS
NetHandle:      NET-162-222-212-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS393277
Organization:   USWHSS.COM (RL-151)
RegDate:        2013-10-09
Updated:        2016-11-29
Comment:        USWHSS - United States Web Hosting Security Services. Standard NOC hours are 10am to 6pm Central Time
Ref:            https://rdap.arin.net/registry/ip/162.222.212.0


OrgName:        USWHSS.COM
OrgId:          RL-151
Address:        2524 N Broadway, Suite 491
City:           Edmond
StateProv:      OK
PostalCode:     73034
Country:        US
RegDate:        2013-09-13
Updated:        2022-09-11
Comment:        Standard NOC hours are 7:00 AM to 7:00 PM Central Time (-6GMT)
Ref:            https://rdap.arin.net/registry/entity/RL-151


OrgAbuseHandle: NOC13324-ARIN
OrgAbuseName:   Network Operations Center
OrgAbusePhone:  +1-405-562-8855 
OrgAbuseEmail:  abuse@rivalhost.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NOC13324-ARIN

OrgTechHandle: NOC13326-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-405-562-8855 
OrgTechEmail:  admin@uswhss.com
OrgTechRef:    https://rdap.arin.net/registry/entity/NOC13326-ARIN

DNS records

DNS query for milestonemedstore.com failed: TimedOut

DNS query for 173.215.222.162.in-addr.arpa returned an error from the server: NameError

name

class

type

data

time to live

milestonemedstore.com

SOA

server:	ns1.bitcoin-dns.com
email:	admin@wendy699.com
serial:	2023012300
refresh:	3600
retry:	1800
expire:	1209600
minimum ttl:	86400

86399s

(23:59:59)

milestonemedstore.com

TXT

v=spf1 ip4:173.254.229.130 ip4:162.222.215.173 +a +mx +ip4:172.240.245.100 ~all

14399s

(03:59:59)

milestonemedstore.com

preference:	0
exchange:	milestonemedstore.com

14399s

(03:59:59)

milestonemedstore.com

162.222.215.173

14399s

(03:59:59)

milestonemedstore.com

ns1.bitcoin-dns.com

86399s

(23:59:59)

milestonemedstore.com

ns2.bitcoin-dns.com

86399s

(23:59:59)

Traceroute

Tracing route to milestonemedstore.com [162.222.215.173]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.162

ae103.ppr04.dal13.networklayer.com

169.48.118.142

8e.76.30a9.ip4.static.sl-reverse.com

169.45.18.38

ae17.cbs01.dr01.dal04.networklayer.com

169.45.18.7

ae2.cbs01.cs01.lax01.networklayer.com

169.53.16.238

ee.10.35a9.ip4.static.sl-reverse.com

206.72.210.159

as8100.any2ix.coresite.com

96.44.180.226

Trace aborted

Service scan

FTP – 21 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 22:37. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout.

SMTP – 25 220-srvr-qn.wendy699.com ESMTP Exim 4.95 #2 Sat, 18 Feb 2023 22:37:33 -0800 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 srvr-qn.wendy699.com lost input connection

HTTP – 80 HTTP/1.1 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 x-litespeed-tag: 319_HTTP.200,319_HTTP.301 x-redirect-by: WordPress location: https://milestonemedstore.com/ x-litespeed-cache-control: no-cache date: Sun, 19 Feb 2023 06:37:34 GMT server: LiteSpeed

POP3 – 110 +OK Dovecot ready.

IMAP – 143 * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

HTTPS – 443 Error: A call to SSPI failed, see inner exception.

— end —

Address lookup

canonical name	promedsshop.com.
aliases
addresses	192.64.117.218

Domain Whois record

Queried whois.internic.net with “dom promedsshop.com“…

   Domain Name: PROMEDSSHOP.COM
   Registry Domain ID: 2701507297_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2022-07-05T02:53:53Z
   Creation Date: 2022-06-05T06:28:18Z
   Registry Expiry Date: 2023-06-05T06:28:18Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: abuse@namesilo.com
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: DNS1.NAMECHEAPHOSTING.COM
   Name Server: DNS2.NAMECHEAPHOSTING.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:39:15Z <<<

Queried whois.namesilo.com with “promedsshop.com“…

Domain Name: promedsshop.com
Registry Domain ID: 2701507297_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2023-02-06T07:00:00Z
Creation Date: 2022-06-04T07:00:00Z
Registrar Registration Expiration Date: 2023-06-04T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: abuse@namesilo.com
Registrar Abuse Contact Phone: +1.4805240066
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: See PrivacyGuardian.org
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org
Registry Admin ID: 
Admin Name: Domain Administrator
Admin Organization: See PrivacyGuardian.org
Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Admin City: Phoenix
Admin State/Province: AZ
Admin Postal Code: 85016
Admin Country: US
Admin Phone: +1.3478717726
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org
Registry Tech ID: 
Tech Name: Domain Administrator
Tech Organization: See PrivacyGuardian.org
Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85016
Tech Country: US
Tech Phone: +1.3478717726
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org
Name Server: dns1.namecheaphosting.com
Name Server: dns2.namecheaphosting.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<

Network Whois record

Queried whois.namecheaphosting.com with “192.64.117.218“…

%rwhois V-1.0,V-1.5:00090h:00 billing.web-hosting.com (Ubersmith RWhois Server V-4.5.5)
autharea=192.64.117.0/24
xautharea=192.64.117.0/24
network:Class-Name:network
network:Auth-Area:192.64.117.0/24
network:ID:NET-165368.192.64.117.218
network:Network-Name:server306.web-hosting.com (shared #3)
network:IP-Network:192.64.117.218
network:IP-Network-Block:192.64.117.218
network:Org-Name:Web-hosting.com
network:Street-Address:3402 East University Drive
network:City:Phoenix
network:State:AZ
network:Postal-Code:85034
network:Country-Code:US
network:Tech-Contact:MAINT-165368.192.64.117.218
network:Created:20210216164853000
network:Updated:20210216165122000
network:Updated-By:net-admin@namecheap.com
contact:POC-Name:Network team
contact:POC-Email:net-admin@namecheap.com
contact:POC-Phone:
contact:Tech-Name:Network team
contact:Tech-Email:net-admin@namecheap.com
contact:Tech-Phone:
contact:Abuse-Name:Abuse team
contact:Abuse-Email:abuse@namecheaphosting.com
%ok

Queried whois.arin.net with “n 192.64.117.218“…

NetRange:       192.64.112.0 - 192.64.119.255
CIDR:           192.64.112.0/21
NetName:        NCNET-3
NetHandle:      NET-192-64-112-0-1
Parent:         NET192 (NET-192-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS16626, AS174, AS3356, AS4323, AS22612, AS32421
Organization:   Namecheap, Inc. (NAMEC-4)
RegDate:        2012-12-17
Updated:        2015-03-24
Comment:        http://namecheap.com
Comment:        for any abuse please use: abuse@namecheap.com
Ref:            https://rdap.arin.net/registry/ip/192.64.112.0


OrgName:        Namecheap, Inc.
OrgId:          NAMEC-4
Address:        11400 W. Olympic Blvd. Suite 200
City:           Los Angeles
StateProv:      CA
PostalCode:     90064
Country:        US
RegDate:        2011-01-28
Updated:        2017-01-28
Ref:            https://rdap.arin.net/registry/entity/NAMEC-4

ReferralServer:  rwhois://whois.namecheaphosting.com:4321

OrgTechHandle: EFIME-ARIN
OrgTechName:   Efimenko, Igor 
OrgTechPhone:  +1-323-375-2822 
OrgTechEmail:  igor.e@namecheap.com
OrgTechRef:    https://rdap.arin.net/registry/entity/EFIME-ARIN

OrgTechHandle: TECHT4-ARIN
OrgTechName:   Tech team
OrgTechPhone:  +1-661-310-2107 
OrgTechEmail:  tech@namecheaphosting.com
OrgTechRef:    https://rdap.arin.net/registry/entity/TECHT4-ARIN

OrgAbuseHandle: ABUSE2885-ARIN
OrgAbuseName:   Abuse team
OrgAbusePhone:  +1-323-375-2822 
OrgAbuseEmail:  abuse@namecheaphosting.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE2885-ARIN

DNS records

DNS query for 218.117.64.192.in-addr.arpa failed: TimedOut

name

class

type

data

time to live

promedsshop.com

HINFO

CPU:	RFC8482
OS:

3600s

(01:00:00)

Traceroute

Tracing route to promedsshop.com [192.64.117.218]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.162

ae103.ppr04.dal13.networklayer.com

169.48.118.134

86.76.30a9.ip4.static.sl-reverse.com

169.45.18.86

ae16.cbs01.eq01.dal03.networklayer.com

50.97.17.53

ae33.bbr01.eq01.dal03.networklayer.com

206.223.118.231

eqix-da1.imperva.com

Trace aborted

Service scan

FTP – 21 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 45 allowed. 220-Local time is now 01:39. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout.

SMTP – 25 220-server306.web-hosting.com ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 01:39:37 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 server306.web-hosting.com lost input connection

HTTP – 80 HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 date: Sun, 19 Feb 2023 06:39:37 GMT server: LiteSpeed location: https://promedsshop.com/ x-turbo-charged-by: LiteSpeed connection: close

POP3 – 110 +OK Dovecot ready.

IMAP – 143 * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

HTTPS – 443 Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 2048 bits Issuer: CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, S=Greater Manchester, C=GB Subject: CN=promedsshop.com Subject Alternative Name: DNS Name=promedsshop.com, DNS Name=www.promedsshop.com Serial number: 00A88366BFD07B40D9738329D03DE7421F Not valid before: 2022-07-05 00:00:00Z Not valid after: 2023-07-05 23:59:59Z SHA1 fingerprint: CE6FE3734FB772F5B437F1EDED92465785276DCEHTTP/1.1 200 OK
keep-alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
link: <https://promedsshop.com/wp-json/>; rel=”https://api.w.org/”
link: <https://promedsshop.com/wp-json/wp/v2/pages/13>; rel=”alternate”; type=”application/json”
link: <https://promedsshop.com/>; rel=shortlink
etag: “7094-1676769614;;;”
x-litespeed-cache: hit
date: Sun, 19 Feb 2023 06:39:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
connection: close

— end —

Address lookup

canonical name	usexpressfreightlogistics.com.
aliases
addresses	191.101.13.111 2a02:4780:b:999:0:3b5f:97c7:2

Domain Whois record

Queried whois.internic.net with “dom usexpressfreightlogistics.com“…

   Domain Name: USEXPRESSFREIGHTLOGISTICS.COM
   Registry Domain ID: 2750841813_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.hostinger.com
   Registrar URL: http://www.hostinger.com
   Updated Date: 2023-01-12T11:39:40Z
   Creation Date: 2023-01-12T11:39:39Z
   Registry Expiry Date: 2024-01-12T11:39:39Z
   Registrar: Hostinger, UAB
   Registrar IANA ID: 1636
   Registrar Abuse Contact Email: abuse@hostinger.com
   Registrar Abuse Contact Phone: +37064503378
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: NS1.DNS-PARKING.COM
   Name Server: NS2.DNS-PARKING.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-02-19T06:49:18Z <<<

Queried whois.hostinger.com with “usexpressfreightlogistics.com“…

Domain Name: USEXPRESSFREIGHTLOGISTICS.COM
Registry Domain ID: 2750841813_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.hostinger.com
Registrar URL: https://www.hostinger.com
Updated Date: 2023-01-12T11:39:41Z
Creation Date: 2023-01-12T11:39:39Z
Registrar Registration Expiration Date: 2024-01-12T11:39:39Z
Registrar: Hostinger, UAB
Registrar IANA ID: 1636
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Domain Admin
Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
Registrant Street: 10 Corporate Drive   
Registrant City: Burlington
Registrant State/Province: MA
Registrant Postal Code: 01803
Registrant Country: US
Registrant Phone: +1.8022274003
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: contact@privacyprotect.org
Registry Admin ID: Not Available From Registry
Admin Name: Domain Admin
Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
Admin Street: 10 Corporate Drive   
Admin City: Burlington
Admin State/Province: MA
Admin Postal Code: 01803
Admin Country: US
Admin Phone: +1.8022274003
Admin Phone Ext: 
Admin Fax: 
Admin Fax Ext: 
Admin Email: contact@privacyprotect.org
Registry Tech ID: Not Available From Registry
Tech Name: Domain Admin
Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
Tech Street: 10 Corporate Drive   
Tech City: Burlington
Tech State/Province: MA
Tech Postal Code: 01803
Tech Country: US
Tech Phone: +1.8022274003
Tech Phone Ext: 
Tech Fax: 
Tech Fax Ext: 
Tech Email: contact@privacyprotect.org
Name Server: ns1.dns-parking.com
Name Server: ns2.dns-parking.com
DNSSEC: Unsigned
Registrar Abuse Contact Email: abuse@hostinger.com
Registrar Abuse Contact Phone: +37064503378
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2023-02-19T06:49:32Z <<<

Network Whois record

Queried whois.lacnic.net with “191.101.13.111“…

% IP Client: 63.134.201.221
 % This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

%ERROR:201: access denied for 168.121.184.16
%
% Sorry, access from your host has been permanently
% denied because of a repeated excessive querying.
% For more information, see
% http://www.ripe.net/data-tools/db/faq/faq-db/why-did-you-receive-the-error-201-access-denied

% This query was served by the RIPE Database Query Service version 1.105 (DEXTER)

DNS records

DNS query for 111.13.101.191.in-addr.arpa returned an error from the server: NameError

name

class

type

data

time to live

usexpressfreightlogistics.com

HINFO

CPU:	RFC8482
OS:

3789s

(01:03:09)

usexpressfreightlogistics.com

ns2.dns-parking.com

86400s

(1.00:00:00)

usexpressfreightlogistics.com

ns1.dns-parking.com

86400s

(1.00:00:00)

2.0.0.0.7.c.7.9.f.5.b.3.0.0.0.0.9.9.9.0.b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa

HINFO

CPU:	RFC8482
OS:

3789s

(01:03:09)

b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa

HINFO

CPU:	RFC8482
OS:

3789s

(01:03:09)

b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa

rdns1.hostinger.com

600s

(00:10:00)

b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa

rdns2.hostinger.com

600s

(00:10:00)

Traceroute

Tracing route to usexpressfreightlogistics.com [191.101.13.111]…

hop

rtt

ip address

fully qualified domain name

169.254.158.58

169.48.118.156

ae103.ppr01.dal13.networklayer.com

169.48.118.128

80.76.30a9.ip4.static.sl-reverse.com

169.45.18.90

ae16.cbs02.eq01.dal03.networklayer.com

50.97.17.57

ae34.bbr01.eq01.dal03.networklayer.com

4.14.131.61

lag-151.ear3.dallas1.level3.net

4.15.8.34

iron-mounta.bear1.phoenix1.level3.net

148.51.252.66

po301.cr01.ngspn.azp2.imdc.com

148.51.252.34

po31.cr01.ngspn.azp1.imdc.com

148.51.252.201

po491.ar01.ngspn.azp1.imdc.com

153.92.2.201

156.67.75.237

191.101.13.111

Trace complete

Service scan

FTP – 21 220 FTP Server ready.

SMTP – 25 Error: TimedOut

HTTP – 80 HTTP/1.1 301 Moved Permanently Connection: close date: Sun, 19 Feb 2023 06:49:44 GMT server: LiteSpeed location: https://usexpressfreightlogistics.com/ platform: hostinger content-security-policy: upgrade-insecure-requests

POP3 – 110 Error: TimedOut

IMAP – 143 Error: TimedOut

HTTPS – 443 Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 4096 bits Issuer: CN=R3, O=Let's Encrypt, C=US Subject: CN=usexpressfreightlogistics.com Subject Alternative Name: DNS Name=usexpressfreightlogistics.com, DNS Name=www.usexpressfreightlogistics.com Serial number: 03AE9306410C5B61F91357DA7BE09D98AAFA Not valid before: 2023-01-12 10:41:23Z Not valid after: 2023-04-12 10:41:22Z SHA1 fingerprint: 1F5A763146870870E0037D16EEB38262EB3AA6ABHTTP/1.1 200 OK
Connection: close
x-powered-by: PHP/8.0.26
content-type: text/html; charset=UTF-8
link: <https://usexpressfreightlogistics.com/index.php/wp-json/>; rel=”https://api.w.org/”
link: <https://usexpressfreightlogistics.com/index.php/wp-json/wp/v2/pages/302>; rel=”alternate”; type=”application/json”
link: <https://usexpressfreightlogistics.com/>; rel=shortlink
etag: “188-1676743722;;;”
x-litespeed-cache: hit
date: Sun, 19 Feb 2023 06:49:48 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=”:443″; ma=2592000, h3-29=”:443″; ma=2592000, h3-Q050=”:443″; ma=2592000, h3-Q046=”:443″; ma=2592000, h3-Q043=”:443″; ma=2592000, quic=”:443″; ma=2592000; v=”43,46″

— end —

Author

Max Headroom

The first real AI living "20 Minutes into the Future". Sys-Admin and Editor at The Bitstream. Former reporter at Network 23 and Big Time TV. Not responsible for New Coke - I was just doing my job.

View all posts

Tags: Extortion Fraud

Ozempic Pharmacy Scammer – Bodelin Ramcess Tikeng

Related Stories

Air Force, Space Force join Army for Bring-Your-Own-Device enrollment

Navy should hit back harder against Houthi online disinformation

Beavers takes reins from Sherman as acting DOD information officer

Navigating fed cybersecurity: Strategies to achieve network compliance

Pentagon zero-trust office aims to start data tagging, labeling in ′24

Defense Innovation Unit project makes supercomputers more accessible

Corporation/LLC Search/Certificate of Good Standing

LLC File Detail Report

Entity Information

Agent Information

Annual Report

Managers

Old LLC Name

Series Name

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Address lookup

Domain Whois record

Network Whois record

DNS records

Traceroute

Service scan

Author

Trending

Related Stories