Max Headroom 
BODELIN RAMCESS TIKENG - Internet Scammer
One unintended side-effect of the Ozempic weight loss craze is the multitude of new scam websites popping up. Often these web sites are hosted offshore in Ukraine, etc. but the people running them are often in the good old USA. This is most unfortunate for those who truly suffer from diabetes and need to obtain low cost Ozempic and similar medications to help regulate their blood sugar levels.
The following names, phone numbers, and crypto addresses are all linked to this growing internet SCAM;
- ozempicpharmacy.com, +1 (970) 564-3556 (Google Voice)
- allymeds.com, +1 (303) 578-6885 (Google Voice)
- savemedshop.com
- milestonemedstore.com
- promedsshop.com, +1 (801) 997-0535 (Google Voice)
- unitedprestigepharmacy.com, +1 (424) 377-2912, unitedprestigepharmacy@gmail.com
- usexpressfreightlogistics.com, Fake Logistics Company used extort more money
- DiscoBest LLC, +1 773-827-3794 (T-Mobile & Zelle Account)
- Bitcoin Address: 3BFvjWmisw2Jq8kDnqKprhfnqWFpw7fJPE
and of course many others. All of these web sites have the same underlying design, information, and owner and have been added to our Internet Pharmacy SCAMs – Wall of Shame
Fortunately most of these are now offline; however, more keep popping up.
One of the primary scammers is a “cashier” that collects money on behalf of these websites via Sprint/T-Mobile phone number +1 773-827-3794 is the company DiscoBest LLC in the Chicago, Illinois area with the registered agent BODELIN RAMCESS TIKENG.
When he is not collecting money for this internet scam, he claims to be an Account Aanalyst with Blue Cross and Blue Shield since September 2023. He claims to have studied data analytics and Business Intelligence at Northwestern University. He claims to be from Douala, Cameroon
Email: tikengromual@gmail.com
Facebook: https://www.facebook.com/ramcesslavenir.tikeng
Twitter: @RTikeng
LinkedIn: https://www.linkedin.com/in/ramcess-tikeng
GitHub: https://github.com/Btikeng
Phone Numbers: +1 773-827-3794, +1 618-719-4581
Stay tuned for more updates to this story. This is a continuing investigation.
Corporation/LLC Search/Certificate of Good Standing
LLC File Detail Report
File Number
09517537
Entity Name
DISCOBEST LLC
Status
INVOLUNTARY DISSOLUTION on Friday, 13 May 2022
Entity Information
Principal Office
505 S WEBER RD UNIT 307
BOLINGBROOK, IL 604900000
BOLINGBROOK, IL 604900000
Entity Type
LLC
Type of LLC
Domestic
Organization/Admission Date
Wednesday, 18 November 2020
Jurisdiction
IL
Duration
PERPETUAL
Agent Information
Name
Address
505 S WEBER RD UNIT 307
BOLINGBROOK , IL 60490
BOLINGBROOK , IL 60490
Change Date
Wednesday, 21 April 2021
Annual Report
For Year
2021
Filing Date
00/00/0000
Managers
Name
Address
Address
BODELIN, TIKENG
505 S WEBER RD UNIT 307
BOLINGBROOK, IL 604900000
505 S WEBER RD UNIT 307
BOLINGBROOK, IL 604900000
Old LLC Name
12/17/2020
DISCO LLC
Series Name
NOT AUTHORIZED TO ESTABLISH SERIES
Address lookup
| canonical name | ozempicpharmacy.com. |
| aliases | |
| addresses | 185.233.186.53 |
Domain Whois record
Queried whois.internic.net with “dom ozempicpharmacy.com“…
Domain Name: OZEMPICPHARMACY.COM Registry Domain ID: 2737014526_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2022-11-08T20:26:15Z Creation Date: 2022-11-07T14:08:48Z Registry Expiry Date: 2023-11-07T14:08:48Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: MARS1.FREEDNSDEDI.COM Name Server: MARS2.FREEDNSDEDI.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:30:39Z <<<
Queried whois.namesilo.com with “ozempicpharmacy.com“…
Domain Name: ozempicpharmacy.com Registry Domain ID: 2737014526_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2023-02-09T07:00:00Z Creation Date: 2022-11-07T07:00:00Z Registrar Registration Expiration Date: 2023-11-07T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: REDACTED FOR PRIVACY Registrant Organization: PrivacyGuardian.org llc Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Registrant City: Phoenix Registrant State/Province: AZ Registrant Postal Code: 85016 Registrant Country: US Registrant Phone: +1.3478717726 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org Registry Admin ID: Admin Name: Domain Administrator Admin Organization: PrivacyGuardian.org llc Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Admin City: Phoenix Admin State/Province: AZ Admin Postal Code: 85016 Admin Country: US Admin Phone: +1.3478717726 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org Registry Tech ID: Tech Name: Domain Administrator Tech Organization: PrivacyGuardian.org llc Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Tech City: Phoenix Tech State/Province: AZ Tech Postal Code: 85016 Tech Country: US Tech Phone: +1.3478717726 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: pw-3c5b5481b3489f2a402c0868f9b31fa8@privacyguardian.org Name Server: mars1.freednsdedi.com Name Server: mars2.freednsdedi.com DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<
Network Whois record
Queried whois.ripe.net with “-B 185.233.186.53“…
% Information related to '185.233.186.0 - 185.233.186.255' % Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com' inetnum: 185.233.186.0 - 185.233.186.255 netname: WeHostServersLTD descr: Your Premium Hosting Provider org: ORG-WL264-RIPE country: UA admin-c: MO7516-RIPE tech-c: MO7516-RIPE abuse-c: ACRO40689-RIPE mnt-routes: W3HOSTS3RV3RS-MNT mnt-domains: W3HOSTS3RV3RS-MNT remarks: | WeHostServers LTD is a premium hosting service provider, remarks: | that doesn't allow any kind of abusive activities on it's network. remarks: | All of the Hosting Services are used by our Resellers & not used remarks: | by us. So, in case of any complaint do contact us at relevant remarks: | abuse email address provided as; remarks: Phishing complaints to "phishing-abuse@wehostservers.com" remarks: Botnests complaints to "bots-abuse@wehostservers.com" remarks: | copyrights complaints to "copyrights@wehostservers.com" remarks: | General complaints to "abuse@wehostservers.com" status: ASSIGNED PA mnt-by: ru-quasar-1-mnt created: 2019-07-05T18:29:30Z last-modified: 2021-04-22T08:34:06Z source: RIPE organisation: ORG-WL264-RIPE org-name: We-Host-Servers LTD org-type: OTHER address: Industrivej, Nuuk 3901, Greenland e-mail: info@wehostservers.com abuse-c: ACRO40689-RIPE mnt-ref: ru-quasar-1-mnt mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:26:26Z last-modified: 2021-04-21T14:26:26Z source: RIPE person: Maria Owaiza address: Muesmatt 301, Bern - CH phone: +5078381583 nic-hdl: MO7516-RIPE mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:30:33Z last-modified: 2021-04-21T14:30:33Z source: RIPE % Information related to '185.233.186.0/24AS30860' route: 185.233.186.0/24 origin: AS30860 mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-22T08:06:52Z last-modified: 2021-04-22T08:06:52Z source: RIPE % This query was served by the RIPE Database Query Service version 1.105 (DEXTER)
DNS records
DNS query for 53.186.233.185.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |||||||||||||||
| ozempicpharmacy.com | IN | TXT | v=spf1 +a +mx +ip4:185.233.186.53 ~all | 14400s | (04:00:00) | ||||||||||||||
| ozempicpharmacy.com | IN | MX |
|
14400s | (04:00:00) | ||||||||||||||
| ozempicpharmacy.com | IN | A | 185.233.186.53 | 14400s | (04:00:00) | ||||||||||||||
| ozempicpharmacy.com | IN | NS | mars2.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| ozempicpharmacy.com | IN | NS | mars1.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| ozempicpharmacy.com | IN | SOA |
|
86400s | (1.00:00:00) | ||||||||||||||
Traceroute
Tracing route to ozempicpharmacy.com [185.233.186.53]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 2 | 1 | 1 | 169.254.158.58 |
| 2 | 1 | 1 | 1 | 169.48.118.160 | ae103.ppr03.dal13.networklayer.com |
| 3 | 1 | 0 | 0 | 169.48.118.132 | 84.76.30a9.ip4.static.sl-reverse.com |
| 4 | * | * | * |
| 5 | * | 23 | * | 169.45.18.5 | ae2.cbs01.eq01.chi01.networklayer.com |
| 6 | * | * | * |
| 7 | 42 | 46 | 59 | 50.97.17.43 | ae9.bbr01.tl01.nyc01.networklayer.com |
| 8 | 42 | 42 | 42 | 198.32.160.182 | nyiix.retn.net |
| 9 | 147 | 156 | 147 | 87.245.232.216 | ae11-11.rt.ntl.kiv.ua.retn.net |
| 10 | 152 | 152 | 152 | 87.245.237.57 | be4-100g.cr-2.g50.kiev.volia.net |
| 11 | 145 | 145 | 145 | 77.123.156.134 | 134.156.123.77.colo.static.dcvolia.com |
| 12 | 145 | 145 | 145 | 77.123.156.2 | cs2-ss13.dc.volia.com |
| 13 | * | * | * |
| 14 | 147 | 147 | 147 | 185.233.186.53 |
Trace complete
Service scan
| FTP – 21 | 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 06:31. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout. |
| SMTP – 25 | 220-mars.privacyhost.net ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 06:31:20 +0000 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 mars.privacyhost.net lost input connection |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently Date: Sun, 19 Feb 2023 06:31:20 GMT Server: Apache X-Redirect-By: WordPress Location: https://ozempicpharmacy.com/ Connection: close Content-Type: text/html; charset=UTF-8 |
| POP3 – 110 | +OK Dovecot ready. |
| IMAP – 143 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. |
| HTTPS – 443 | Error: A call to SSPI failed, see inner exception. |
— end —
Address lookup
| canonical name | allymeds.com. |
| aliases | |
| addresses | 185.233.186.31 |
Domain Whois record
Queried whois.internic.net with “dom allymeds.com“…
Domain Name: ALLYMEDS.COM Registry Domain ID: 2718471799_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2022-08-17T12:09:31Z Creation Date: 2022-08-16T12:11:07Z Registry Expiry Date: 2023-08-16T12:11:07Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: LUNAR1.FREEDNSDEDI.COM Name Server: LUNAR2.FREEDNSDEDI.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:32:58Z <<<
Queried whois.namesilo.com with “allymeds.com“…
Domain Name: allymeds.com Registry Domain ID: 2718471799_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2023-02-05T07:00:00Z Creation Date: 2022-08-16T07:00:00Z Registrar Registration Expiration Date: 2023-08-16T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: REDACTED FOR PRIVACY Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Registrant City: Phoenix Registrant State/Province: AZ Registrant Postal Code: 85016 Registrant Country: US Registrant Phone: +1.3478717726 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org Registry Admin ID: Admin Name: Domain Administrator Admin Organization: See PrivacyGuardian.org Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Admin City: Phoenix Admin State/Province: AZ Admin Postal Code: 85016 Admin Country: US Admin Phone: +1.3478717726 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org Registry Tech ID: Tech Name: Domain Administrator Tech Organization: See PrivacyGuardian.org Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Tech City: Phoenix Tech State/Province: AZ Tech Postal Code: 85016 Tech Country: US Tech Phone: +1.3478717726 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: pw-6a983be40b4c1e1aec61300b0265124f@privacyguardian.org Name Server: lunar1.freednsdedi.com Name Server: lunar2.freednsdedi.com DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<
Network Whois record
Queried whois.ripe.net with “-B 185.233.186.31“…
% Information related to '185.233.186.0 - 185.233.186.255' % Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com' inetnum: 185.233.186.0 - 185.233.186.255 netname: WeHostServersLTD descr: Your Premium Hosting Provider org: ORG-WL264-RIPE country: UA admin-c: MO7516-RIPE tech-c: MO7516-RIPE abuse-c: ACRO40689-RIPE mnt-routes: W3HOSTS3RV3RS-MNT mnt-domains: W3HOSTS3RV3RS-MNT remarks: | WeHostServers LTD is a premium hosting service provider, remarks: | that doesn't allow any kind of abusive activities on it's network. remarks: | All of the Hosting Services are used by our Resellers & not used remarks: | by us. So, in case of any complaint do contact us at relevant remarks: | abuse email address provided as; remarks: Phishing complaints to "phishing-abuse@wehostservers.com" remarks: Botnests complaints to "bots-abuse@wehostservers.com" remarks: | copyrights complaints to "copyrights@wehostservers.com" remarks: | General complaints to "abuse@wehostservers.com" status: ASSIGNED PA mnt-by: ru-quasar-1-mnt created: 2019-07-05T18:29:30Z last-modified: 2021-04-22T08:34:06Z source: RIPE organisation: ORG-WL264-RIPE org-name: We-Host-Servers LTD org-type: OTHER address: Industrivej, Nuuk 3901, Greenland e-mail: info@wehostservers.com abuse-c: ACRO40689-RIPE mnt-ref: ru-quasar-1-mnt mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:26:26Z last-modified: 2021-04-21T14:26:26Z source: RIPE person: Maria Owaiza address: Muesmatt 301, Bern - CH phone: +5078381583 nic-hdl: MO7516-RIPE mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:30:33Z last-modified: 2021-04-21T14:30:33Z source: RIPE % Information related to '185.233.186.0/24AS30860' route: 185.233.186.0/24 origin: AS30860 mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-22T08:06:52Z last-modified: 2021-04-22T08:06:52Z source: RIPE % This query was served by the RIPE Database Query Service version 1.105 (BUSA)
DNS records
| name | class | type | data | time to live | |||||||||||||||
| allymeds.com | IN | TXT | v=spf1 +a +mx +ip4:185.233.186.31 ~all | 14400s | (04:00:00) | ||||||||||||||
| allymeds.com | IN | SOA |
|
86400s | (1.00:00:00) | ||||||||||||||
| allymeds.com | IN | NS | lunar1.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| allymeds.com | IN | NS | lunar2.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| allymeds.com | IN | A | 185.233.186.31 | 14400s | (04:00:00) | ||||||||||||||
| allymeds.com | IN | MX |
|
14400s | (04:00:00) | ||||||||||||||
| 31.186.233.185.in-addr.arpa | IN | PTR | . | 3600s | (01:00:00) | ||||||||||||||
| 186.233.185.in-addr.arpa | IN | NS | dns10.v-sys.org | 3600s | (01:00:00) | ||||||||||||||
| 186.233.185.in-addr.arpa | IN | NS | dns11.v-sys.org | 3600s | (01:00:00) | ||||||||||||||
| 186.233.185.in-addr.arpa | IN | NS | dns12.v-sys.org | 3600s | (01:00:00) | ||||||||||||||
| 186.233.185.in-addr.arpa | IN | SOA |
|
3600s | (01:00:00) | ||||||||||||||
Traceroute
Tracing route to allymeds.com [185.233.186.31]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 1 | 0 | 0 | 169.254.158.58 |
| 2 | 8 | 8 | 1 | 169.48.118.158 | ae103.ppr02.dal13.networklayer.com |
| 3 | 1 | 0 | 0 | 169.48.118.130 | 82.76.30a9.ip4.static.sl-reverse.com |
| 4 | 8 | * | 5 | 169.45.18.40 | ae16.cbs02.dr01.dal04.networklayer.com |
| 5 | 23 | * | * | 169.45.18.5 | ae2.cbs01.eq01.chi01.networklayer.com |
| 6 | * | 89 | * | 50.97.17.49 | ae0.cbs02.tl01.nyc01.networklayer.com |
| 7 | 47 | 42 | 42 | 50.97.17.43 | ae9.bbr01.tl01.nyc01.networklayer.com |
| 8 | 41 | 42 | 42 | 198.32.160.182 | nyiix.retn.net |
| 9 | 153 | 147 | 149 | 87.245.232.216 | ae11-11.rt.ntl.kiv.ua.retn.net |
| 10 | 150 | 150 | 150 | 87.245.237.59 | be4-100g.cr-1.g50.kiev.volia.net |
| 11 | 152 | 152 | 152 | 77.123.156.132 | 132.156.123.77.colo.static.dcvolia.com |
| 12 | 151 | 152 | 152 | 77.123.156.1 | cs1-ss13.dc.volia.com |
| 13 | * | * | * |
| 14 | 152 | 152 | 152 | 185.233.186.31 | . |
Trace complete
Service scan
| FTP – 21 | 220 ProFTPD Server (ProFTPD Default Installation) [::ffff:185.233.186.31] |
| SMTP – 25 | 220-lunar.freednsdedi.com ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 01:33:27 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 lunar.freednsdedi.com lost input connection |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 19 Feb 2023 06:33:28 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Redirect-By: WordPress Location: https://allymeds.com/ |
| POP3 – 110 | +OK Dovecot ready. |
| IMAP – 143 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. |
| HTTPS – 443 | Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 2048 bits Issuer: CN=R3, O=Let's Encrypt, C=US Subject: CN=*.allymeds.com Subject Alternative Name: DNS Name=*.allymeds.com, DNS Name=allymeds.com Serial number: 04A3CC880B6EC8FD816A4318BA49C8185C47 Not valid before: 2023-01-02 01:08:51Z Not valid after: 2023-04-02 01:08:50Z SHA1 fingerprint: CE360E816A5E29A0EC01AA4D2664428D0CD6CF36HTTP/1.1 200 OK Server: nginx Date: Sun, 19 Feb 2023 06:33:30 GMT Content-Type: text/html; charset=UTF-8 Connection: close Vary: Accept-Encoding Link: <https://allymeds.com/wp-json/>; rel=”https://api.w.org/”, <https://allymeds.com/wp-json/wp/v2/pages/283>; rel=”alternate”; type=”application/json”, <https://allymeds.com/>; rel=shortlink |
— end —
Address lookup
| canonical name | savemedshop.com. |
| aliases | |
| addresses | 185.233.186.53 |
Domain Whois record
Queried whois.internic.net with “dom savemedshop.com“…
Domain Name: SAVEMEDSHOP.COM Registry Domain ID: 2714076384_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2022-07-27T16:57:13Z Creation Date: 2022-07-27T16:54:01Z Registry Expiry Date: 2023-07-27T16:54:01Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: MARS1.FREEDNSDEDI.COM Name Server: MARS2.FREEDNSDEDI.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:35:28Z <<<
Queried whois.namesilo.com with “savemedshop.com“…
Domain Name: savemedshop.com Registry Domain ID: 2714076384_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2023-02-08T07:00:00Z Creation Date: 2022-07-27T07:00:00Z Registrar Registration Expiration Date: 2023-07-27T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: REDACTED FOR PRIVACY Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Registrant City: Phoenix Registrant State/Province: AZ Registrant Postal Code: 85016 Registrant Country: US Registrant Phone: +1.3478717726 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org Registry Admin ID: Admin Name: Domain Administrator Admin Organization: See PrivacyGuardian.org Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Admin City: Phoenix Admin State/Province: AZ Admin Postal Code: 85016 Admin Country: US Admin Phone: +1.3478717726 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org Registry Tech ID: Tech Name: Domain Administrator Tech Organization: See PrivacyGuardian.org Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Tech City: Phoenix Tech State/Province: AZ Tech Postal Code: 85016 Tech Country: US Tech Phone: +1.3478717726 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: pw-b488eac139f46deab98168b34b8efaed@privacyguardian.org Name Server: mars1.freednsdedi.com Name Server: mars2.freednsdedi.com DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<
Network Whois record
Queried whois.ripe.net with “-B 185.233.186.53“…
% Information related to '185.233.186.0 - 185.233.186.255' % Abuse contact for '185.233.186.0 - 185.233.186.255' is 'abuse@wehostservers.com' inetnum: 185.233.186.0 - 185.233.186.255 netname: WeHostServersLTD descr: Your Premium Hosting Provider org: ORG-WL264-RIPE country: UA admin-c: MO7516-RIPE tech-c: MO7516-RIPE abuse-c: ACRO40689-RIPE mnt-routes: W3HOSTS3RV3RS-MNT mnt-domains: W3HOSTS3RV3RS-MNT remarks: | WeHostServers LTD is a premium hosting service provider, remarks: | that doesn't allow any kind of abusive activities on it's network. remarks: | All of the Hosting Services are used by our Resellers & not used remarks: | by us. So, in case of any complaint do contact us at relevant remarks: | abuse email address provided as; remarks: Phishing complaints to "phishing-abuse@wehostservers.com" remarks: Botnests complaints to "bots-abuse@wehostservers.com" remarks: | copyrights complaints to "copyrights@wehostservers.com" remarks: | General complaints to "abuse@wehostservers.com" status: ASSIGNED PA mnt-by: ru-quasar-1-mnt created: 2019-07-05T18:29:30Z last-modified: 2021-04-22T08:34:06Z source: RIPE organisation: ORG-WL264-RIPE org-name: We-Host-Servers LTD org-type: OTHER address: Industrivej, Nuuk 3901, Greenland e-mail: info@wehostservers.com abuse-c: ACRO40689-RIPE mnt-ref: ru-quasar-1-mnt mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:26:26Z last-modified: 2021-04-21T14:26:26Z source: RIPE person: Maria Owaiza address: Muesmatt 301, Bern - CH phone: +5078381583 nic-hdl: MO7516-RIPE mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-21T14:30:33Z last-modified: 2021-04-21T14:30:33Z source: RIPE % Information related to '185.233.186.0/24AS30860' route: 185.233.186.0/24 origin: AS30860 mnt-by: W3HOSTS3RV3RS-MNT created: 2021-04-22T08:06:52Z last-modified: 2021-04-22T08:06:52Z source: RIPE % This query was served by the RIPE Database Query Service version 1.105 (DEXTER)
DNS records
DNS query for 53.186.233.185.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |||||||||||||||
| savemedshop.com | IN | TXT | v=spf1 +a +mx +ip4:185.233.186.53 ~all | 14400s | (04:00:00) | ||||||||||||||
| savemedshop.com | IN | MX |
|
14400s | (04:00:00) | ||||||||||||||
| savemedshop.com | IN | A | 185.233.186.53 | 14400s | (04:00:00) | ||||||||||||||
| savemedshop.com | IN | NS | mars2.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| savemedshop.com | IN | NS | mars1.freednsdedi.com | 86400s | (1.00:00:00) | ||||||||||||||
| savemedshop.com | IN | SOA |
|
86400s | (1.00:00:00) | ||||||||||||||
Traceroute
Tracing route to savemedshop.com [185.233.186.53]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 1 | 0 | 0 | 169.254.158.58 |
| 2 | 4 | 1 | 1 | 169.48.118.160 | ae103.ppr03.dal13.networklayer.com |
| 3 | 0 | 0 | 0 | 169.48.118.132 | 84.76.30a9.ip4.static.sl-reverse.com |
| 4 | 2 | * | 2 | 169.45.18.40 | ae16.cbs02.dr01.dal04.networklayer.com |
| 5 | 23 | 38 | 35 | 169.45.18.5 | ae2.cbs01.eq01.chi01.networklayer.com |
| 6 | 44 | 44 | 44 | 50.97.17.49 | ae0.cbs02.tl01.nyc01.networklayer.com |
| 7 | 42 | 42 | 42 | 50.97.17.43 | ae9.bbr01.tl01.nyc01.networklayer.com |
| 8 | 42 | 42 | 42 | 198.32.160.182 | nyiix.retn.net |
| 9 | 147 | 147 | 147 | 87.245.232.216 | ae11-11.rt.ntl.kiv.ua.retn.net |
| 10 | 152 | 152 | 152 | 87.245.237.57 | be4-100g.cr-2.g50.kiev.volia.net |
| 11 | 146 | 145 | 145 | 77.123.156.134 | 134.156.123.77.colo.static.dcvolia.com |
| 12 | 145 | 146 | 146 | 77.123.156.2 | cs2-ss13.dc.volia.com |
| 13 | * | * | * |
| 14 | 147 | 147 | 147 | 185.233.186.53 |
Trace complete
Service scan
| FTP – 21 | 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 06:35. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout. |
| SMTP – 25 | 220-mars.privacyhost.net ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 06:35:56 +0000 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 mars.privacyhost.net lost input connection |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently Date: Sun, 19 Feb 2023 06:35:56 GMT Server: Apache X-Redirect-By: WordPress Location: https://savemedshop.com/ Connection: close Content-Type: text/html; charset=UTF-8 |
| POP3 – 110 | +OK Dovecot ready. |
| IMAP – 143 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. |
| HTTPS – 443 | Error: A call to SSPI failed, see inner exception. |
— end —
Address lookup
| canonical name | milestonemedstore.com. |
| aliases | |
| addresses | 162.222.215.173 |
Domain Whois record
Queried whois.internic.net with “dom milestonemedstore.com“…
Domain Name: MILESTONEMEDSTORE.COM Registry Domain ID: 2685974945_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2022-04-01T10:19:01Z Creation Date: 2022-04-01T10:07:36Z Registry Expiry Date: 2023-04-01T10:07:36Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.RIVALHOST.COM Name Server: NS2.RIVALHOST.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:36:58Z <<<
Queried whois.namesilo.com with “milestonemedstore.com“…
Domain Name: milestonemedstore.com Registry Domain ID: 2685974945_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2023-02-04T07:00:00Z Creation Date: 2022-04-01T07:00:00Z Registrar Registration Expiration Date: 2023-04-01T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: REDACTED FOR PRIVACY Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Registrant City: Phoenix Registrant State/Province: AZ Registrant Postal Code: 85016 Registrant Country: US Registrant Phone: +1.3478717726 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org Registry Admin ID: Admin Name: Domain Administrator Admin Organization: See PrivacyGuardian.org Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Admin City: Phoenix Admin State/Province: AZ Admin Postal Code: 85016 Admin Country: US Admin Phone: +1.3478717726 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org Registry Tech ID: Tech Name: Domain Administrator Tech Organization: See PrivacyGuardian.org Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Tech City: Phoenix Tech State/Province: AZ Tech Postal Code: 85016 Tech Country: US Tech Phone: +1.3478717726 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: pw-4a28a7358e3dcf552eb4fa96da623ad5@privacyguardian.org Name Server: ns1.rivalhost.com Name Server: ns2.rivalhost.com DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<
Network Whois record
Queried whois.arin.net with “n 162.222.215.173“…
NetRange: 162.222.212.0 - 162.222.215.255 CIDR: 162.222.212.0/22 NetName: USWHSS NetHandle: NET-162-222-212-0-1 Parent: NET162 (NET-162-0-0-0-0) NetType: Direct Allocation OriginAS: AS393277 Organization: USWHSS.COM (RL-151) RegDate: 2013-10-09 Updated: 2016-11-29 Comment: USWHSS - United States Web Hosting Security Services. Standard NOC hours are 10am to 6pm Central Time Ref: https://rdap.arin.net/registry/ip/162.222.212.0 OrgName: USWHSS.COM OrgId: RL-151 Address: 2524 N Broadway, Suite 491 City: Edmond StateProv: OK PostalCode: 73034 Country: US RegDate: 2013-09-13 Updated: 2022-09-11 Comment: Standard NOC hours are 7:00 AM to 7:00 PM Central Time (-6GMT) Ref: https://rdap.arin.net/registry/entity/RL-151 OrgAbuseHandle: NOC13324-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-405-562-8855 OrgAbuseEmail: abuse@rivalhost.com OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC13324-ARIN OrgTechHandle: NOC13326-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-405-562-8855 OrgTechEmail: admin@uswhss.com OrgTechRef: https://rdap.arin.net/registry/entity/NOC13326-ARIN
DNS records
DNS query for milestonemedstore.com failed: TimedOut
DNS query for 173.215.222.162.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |||||||||||||||
| milestonemedstore.com | IN | SOA |
|
86399s | (23:59:59) | ||||||||||||||
| milestonemedstore.com | IN | TXT | v=spf1 ip4:173.254.229.130 ip4:162.222.215.173 +a +mx +ip4:172.240.245.100 ~all | 14399s | (03:59:59) | ||||||||||||||
| milestonemedstore.com | IN | MX |
|
14399s | (03:59:59) | ||||||||||||||
| milestonemedstore.com | IN | A | 162.222.215.173 | 14399s | (03:59:59) | ||||||||||||||
| milestonemedstore.com | IN | NS | ns1.bitcoin-dns.com | 86399s | (23:59:59) | ||||||||||||||
| milestonemedstore.com | IN | NS | ns2.bitcoin-dns.com | 86399s | (23:59:59) | ||||||||||||||
Traceroute
Tracing route to milestonemedstore.com [162.222.215.173]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 1 | 1 | 0 | 169.254.158.58 |
| 2 | 1 | 1 | 1 | 169.48.118.162 | ae103.ppr04.dal13.networklayer.com |
| 3 | 0 | 1 | 0 | 169.48.118.142 | 8e.76.30a9.ip4.static.sl-reverse.com |
| 4 | 2 | * | * | 169.45.18.38 | ae17.cbs01.dr01.dal04.networklayer.com |
| 5 | 31 | * | 30 | 169.45.18.7 | ae2.cbs01.cs01.lax01.networklayer.com |
| 6 | 30 | 30 | 31 | 169.53.16.238 | ee.10.35a9.ip4.static.sl-reverse.com |
| 7 | 36 | 29 | 30 | 206.72.210.159 | as8100.any2ix.coresite.com |
| 8 | 32 | 32 | 32 | 96.44.180.226 |
| 9 | * | * | * |
| 10 | * | * | * |
| 11 | * | * | * |
| 12 | * | * | * |
Trace aborted
Service scan
| FTP – 21 | 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 22:37. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout. |
| SMTP – 25 | 220-srvr-qn.wendy699.com ESMTP Exim 4.95 #2 Sat, 18 Feb 2023 22:37:33 -0800 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 srvr-qn.wendy699.com lost input connection |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 x-litespeed-tag: 319_HTTP.200,319_HTTP.301 x-redirect-by: WordPress location: https://milestonemedstore.com/ x-litespeed-cache-control: no-cache date: Sun, 19 Feb 2023 06:37:34 GMT server: LiteSpeed |
| POP3 – 110 | +OK Dovecot ready. |
| IMAP – 143 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. |
| HTTPS – 443 | Error: A call to SSPI failed, see inner exception. |
— end —
Address lookup
| canonical name | promedsshop.com. |
| aliases | |
| addresses | 192.64.117.218 |
Domain Whois record
Queried whois.internic.net with “dom promedsshop.com“…
Domain Name: PROMEDSSHOP.COM Registry Domain ID: 2701507297_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: http://www.namesilo.com Updated Date: 2022-07-05T02:53:53Z Creation Date: 2022-06-05T06:28:18Z Registry Expiry Date: 2023-06-05T06:28:18Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: DNS1.NAMECHEAPHOSTING.COM Name Server: DNS2.NAMECHEAPHOSTING.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:39:15Z <<<
Queried whois.namesilo.com with “promedsshop.com“…
Domain Name: promedsshop.com Registry Domain ID: 2701507297_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2023-02-06T07:00:00Z Creation Date: 2022-06-04T07:00:00Z Registrar Registration Expiration Date: 2023-06-04T07:00:00Z Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Registrant Name: REDACTED FOR PRIVACY Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Registrant City: Phoenix Registrant State/Province: AZ Registrant Postal Code: 85016 Registrant Country: US Registrant Phone: +1.3478717726 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org Registry Admin ID: Admin Name: Domain Administrator Admin Organization: See PrivacyGuardian.org Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Admin City: Phoenix Admin State/Province: AZ Admin Postal Code: 85016 Admin Country: US Admin Phone: +1.3478717726 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org Registry Tech ID: Tech Name: Domain Administrator Tech Organization: See PrivacyGuardian.org Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255 Tech City: Phoenix Tech State/Province: AZ Tech Postal Code: 85016 Tech Country: US Tech Phone: +1.3478717726 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: pw-7a875f618f23e81b16994dd7463344e8@privacyguardian.org Name Server: dns1.namecheaphosting.com Name Server: dns2.namecheaphosting.com DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-18T07:00:00Z <<<
Network Whois record
Queried whois.namecheaphosting.com with “192.64.117.218“…
%rwhois V-1.0,V-1.5:00090h:00 billing.web-hosting.com (Ubersmith RWhois Server V-4.5.5) autharea=192.64.117.0/24 xautharea=192.64.117.0/24 network:Class-Name:network network:Auth-Area:192.64.117.0/24 network:ID:NET-165368.192.64.117.218 network:Network-Name:server306.web-hosting.com (shared #3) network:IP-Network:192.64.117.218 network:IP-Network-Block:192.64.117.218 network:Org-Name:Web-hosting.com network:Street-Address:3402 East University Drive network:City:Phoenix network:State:AZ network:Postal-Code:85034 network:Country-Code:US network:Tech-Contact:MAINT-165368.192.64.117.218 network:Created:20210216164853000 network:Updated:20210216165122000 network:Updated-By:net-admin@namecheap.com contact:POC-Name:Network team contact:POC-Email:net-admin@namecheap.com contact:POC-Phone: contact:Tech-Name:Network team contact:Tech-Email:net-admin@namecheap.com contact:Tech-Phone: contact:Abuse-Name:Abuse team contact:Abuse-Email:abuse@namecheaphosting.com %ok
Queried whois.arin.net with “n 192.64.117.218“…
NetRange: 192.64.112.0 - 192.64.119.255 CIDR: 192.64.112.0/21 NetName: NCNET-3 NetHandle: NET-192-64-112-0-1 Parent: NET192 (NET-192-0-0-0-0) NetType: Direct Allocation OriginAS: AS16626, AS174, AS3356, AS4323, AS22612, AS32421 Organization: Namecheap, Inc. (NAMEC-4) RegDate: 2012-12-17 Updated: 2015-03-24 Comment: http://namecheap.com Comment: for any abuse please use: abuse@namecheap.com Ref: https://rdap.arin.net/registry/ip/192.64.112.0 OrgName: Namecheap, Inc. OrgId: NAMEC-4 Address: 11400 W. Olympic Blvd. Suite 200 City: Los Angeles StateProv: CA PostalCode: 90064 Country: US RegDate: 2011-01-28 Updated: 2017-01-28 Ref: https://rdap.arin.net/registry/entity/NAMEC-4 ReferralServer: rwhois://whois.namecheaphosting.com:4321 OrgTechHandle: EFIME-ARIN OrgTechName: Efimenko, Igor OrgTechPhone: +1-323-375-2822 OrgTechEmail: igor.e@namecheap.com OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN OrgTechHandle: TECHT4-ARIN OrgTechName: Tech team OrgTechPhone: +1-661-310-2107 OrgTechEmail: tech@namecheaphosting.com OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN OrgAbuseHandle: ABUSE2885-ARIN OrgAbuseName: Abuse team OrgAbusePhone: +1-323-375-2822 OrgAbuseEmail: abuse@namecheaphosting.com OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
DNS records
DNS query for 218.117.64.192.in-addr.arpa failed: TimedOut
| name | class | type | data | time to live | |||||
| promedsshop.com | IN | HINFO |
|
3600s | (01:00:00) | ||||
Traceroute
Tracing route to promedsshop.com [192.64.117.218]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 1 | 1 | 1 | 169.254.158.58 |
| 2 | 1 | 1 | 1 | 169.48.118.162 | ae103.ppr04.dal13.networklayer.com |
| 3 | 0 | 0 | 0 | 169.48.118.134 | 86.76.30a9.ip4.static.sl-reverse.com |
| 4 | 2 | 3 | 2 | 169.45.18.86 | ae16.cbs01.eq01.dal03.networklayer.com |
| 5 | 1 | 1 | 1 | 50.97.17.53 | ae33.bbr01.eq01.dal03.networklayer.com |
| 6 | 1 | 1 | 1 | 206.223.118.231 | eqix-da1.imperva.com |
| 7 | * | * | * |
| 8 | * | * | * |
| 9 | * | * | * |
| 10 | * | * | * |
Trace aborted
Service scan
| FTP – 21 | 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 45 allowed. 220-Local time is now 01:39. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 220 Logout. |
| SMTP – 25 | 220-server306.web-hosting.com ESMTP Exim 4.95 #2 Sun, 19 Feb 2023 01:39:37 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 421 server306.web-hosting.com lost input connection |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 date: Sun, 19 Feb 2023 06:39:37 GMT server: LiteSpeed location: https://promedsshop.com/ x-turbo-charged-by: LiteSpeed connection: close |
| POP3 – 110 | +OK Dovecot ready. |
| IMAP – 143 | * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. |
| HTTPS – 443 | Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 2048 bits Issuer: CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, S=Greater Manchester, C=GB Subject: CN=promedsshop.com Subject Alternative Name: DNS Name=promedsshop.com, DNS Name=www.promedsshop.com Serial number: 00A88366BFD07B40D9738329D03DE7421F Not valid before: 2022-07-05 00:00:00Z Not valid after: 2023-07-05 23:59:59Z SHA1 fingerprint: CE6FE3734FB772F5B437F1EDED92465785276DCEHTTP/1.1 200 OK keep-alive: timeout=5, max=100 content-type: text/html; charset=UTF-8 link: <https://promedsshop.com/wp-json/>; rel=”https://api.w.org/” link: <https://promedsshop.com/wp-json/wp/v2/pages/13>; rel=”alternate”; type=”application/json” link: <https://promedsshop.com/>; rel=shortlink etag: “7094-1676769614;;;” x-litespeed-cache: hit date: Sun, 19 Feb 2023 06:39:38 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close |
— end —
Address lookup
| canonical name | usexpressfreightlogistics.com. |
| aliases | |
| addresses | 191.101.13.111 2a02:4780:b:999:0:3b5f:97c7:2 |
Domain Whois record
Queried whois.internic.net with “dom usexpressfreightlogistics.com“…
Domain Name: USEXPRESSFREIGHTLOGISTICS.COM Registry Domain ID: 2750841813_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.hostinger.com Registrar URL: http://www.hostinger.com Updated Date: 2023-01-12T11:39:40Z Creation Date: 2023-01-12T11:39:39Z Registry Expiry Date: 2024-01-12T11:39:39Z Registrar: Hostinger, UAB Registrar IANA ID: 1636 Registrar Abuse Contact Email: abuse@hostinger.com Registrar Abuse Contact Phone: +37064503378 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.DNS-PARKING.COM Name Server: NS2.DNS-PARKING.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2023-02-19T06:49:18Z <<<
Queried whois.hostinger.com with “usexpressfreightlogistics.com“…
Domain Name: USEXPRESSFREIGHTLOGISTICS.COM Registry Domain ID: 2750841813_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.hostinger.com Registrar URL: https://www.hostinger.com Updated Date: 2023-01-12T11:39:41Z Creation Date: 2023-01-12T11:39:39Z Registrar Registration Expiration Date: 2024-01-12T11:39:39Z Registrar: Hostinger, UAB Registrar IANA ID: 1636 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registry Registrant ID: Not Available From Registry Registrant Name: Domain Admin Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org) Registrant Street: 10 Corporate Drive Registrant City: Burlington Registrant State/Province: MA Registrant Postal Code: 01803 Registrant Country: US Registrant Phone: +1.8022274003 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: contact@privacyprotect.org Registry Admin ID: Not Available From Registry Admin Name: Domain Admin Admin Organization: Privacy Protect, LLC (PrivacyProtect.org) Admin Street: 10 Corporate Drive Admin City: Burlington Admin State/Province: MA Admin Postal Code: 01803 Admin Country: US Admin Phone: +1.8022274003 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: contact@privacyprotect.org Registry Tech ID: Not Available From Registry Tech Name: Domain Admin Tech Organization: Privacy Protect, LLC (PrivacyProtect.org) Tech Street: 10 Corporate Drive Tech City: Burlington Tech State/Province: MA Tech Postal Code: 01803 Tech Country: US Tech Phone: +1.8022274003 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: contact@privacyprotect.org Name Server: ns1.dns-parking.com Name Server: ns2.dns-parking.com DNSSEC: Unsigned Registrar Abuse Contact Email: abuse@hostinger.com Registrar Abuse Contact Phone: +37064503378 URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2023-02-19T06:49:32Z <<<
Network Whois record
Queried whois.lacnic.net with “191.101.13.111“…
% IP Client: 63.134.201.221 % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf %ERROR:201: access denied for 168.121.184.16 % % Sorry, access from your host has been permanently % denied because of a repeated excessive querying. % For more information, see % http://www.ripe.net/data-tools/db/faq/faq-db/why-did-you-receive-the-error-201-access-denied % This query was served by the RIPE Database Query Service version 1.105 (DEXTER)
DNS records
DNS query for 111.13.101.191.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |||||
| usexpressfreightlogistics.com | IN | HINFO |
|
3789s | (01:03:09) | ||||
| usexpressfreightlogistics.com | IN | NS | ns2.dns-parking.com | 86400s | (1.00:00:00) | ||||
| usexpressfreightlogistics.com | IN | NS | ns1.dns-parking.com | 86400s | (1.00:00:00) | ||||
| 2.0.0.0.7.c.7.9.f.5.b.3.0.0.0.0.9.9.9.0.b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa | IN | HINFO |
|
3789s | (01:03:09) | ||||
| b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa | IN | HINFO |
|
3789s | (01:03:09) | ||||
| b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa | IN | NS | rdns1.hostinger.com | 600s | (00:10:00) | ||||
| b.0.0.0.0.8.7.4.2.0.a.2.ip6.arpa | IN | NS | rdns2.hostinger.com | 600s | (00:10:00) | ||||
Traceroute
Tracing route to usexpressfreightlogistics.com [191.101.13.111]…
| hop | rtt | rtt | rtt | ip address | fully qualified domain name |
| 1 | 1 | 3 | 1 | 169.254.158.58 |
| 2 | 1 | 1 | 1 | 169.48.118.156 | ae103.ppr01.dal13.networklayer.com |
| 3 | 0 | 0 | 0 | 169.48.118.128 | 80.76.30a9.ip4.static.sl-reverse.com |
| 4 | 2 | * | 2 | 169.45.18.90 | ae16.cbs02.eq01.dal03.networklayer.com |
| 5 | 1 | 1 | 1 | 50.97.17.57 | ae34.bbr01.eq01.dal03.networklayer.com |
| 6 | 1 | 1 | 1 | 4.14.131.61 | lag-151.ear3.dallas1.level3.net |
| 7 | * | * | * |
| 8 | 32 | 32 | 32 | 4.15.8.34 | iron-mounta.bear1.phoenix1.level3.net |
| 9 | 31 | 31 | 31 | 148.51.252.66 | po301.cr01.ngspn.azp2.imdc.com |
| 10 | 33 | 33 | 32 | 148.51.252.34 | po31.cr01.ngspn.azp1.imdc.com |
| 11 | 31 | 31 | 31 | 148.51.252.201 | po491.ar01.ngspn.azp1.imdc.com |
| 12 | 31 | 31 | 31 | 153.92.2.201 |
| 13 | 33 | 33 | 33 | 156.67.75.237 |
| 14 | 32 | 31 | 32 | 191.101.13.111 |
Trace complete
Service scan
| FTP – 21 | 220 FTP Server ready. |
| SMTP – 25 | Error: TimedOut |
| HTTP – 80 | HTTP/1.1 301 Moved Permanently Connection: close date: Sun, 19 Feb 2023 06:49:44 GMT server: LiteSpeed location: https://usexpressfreightlogistics.com/ platform: hostinger content-security-policy: upgrade-insecure-requests |
| POP3 – 110 | Error: TimedOut |
| IMAP – 143 | Error: TimedOut |
| HTTPS – 443 | Certificate validation errors: None Signature algorithm: sha256RSA Public key size: 4096 bits Issuer: CN=R3, O=Let's Encrypt, C=US Subject: CN=usexpressfreightlogistics.com Subject Alternative Name: DNS Name=usexpressfreightlogistics.com, DNS Name=www.usexpressfreightlogistics.com Serial number: 03AE9306410C5B61F91357DA7BE09D98AAFA Not valid before: 2023-01-12 10:41:23Z Not valid after: 2023-04-12 10:41:22Z SHA1 fingerprint: 1F5A763146870870E0037D16EEB38262EB3AA6ABHTTP/1.1 200 OK Connection: close x-powered-by: PHP/8.0.26 content-type: text/html; charset=UTF-8 link: <https://usexpressfreightlogistics.com/index.php/wp-json/>; rel=”https://api.w.org/” link: <https://usexpressfreightlogistics.com/index.php/wp-json/wp/v2/pages/302>; rel=”alternate”; type=”application/json” link: <https://usexpressfreightlogistics.com/>; rel=shortlink etag: “188-1676743722;;;” x-litespeed-cache: hit date: Sun, 19 Feb 2023 06:49:48 GMT server: LiteSpeed platform: hostinger content-security-policy: upgrade-insecure-requests alt-svc: h3=”:443″; ma=2592000, h3-29=”:443″; ma=2592000, h3-Q050=”:443″; ma=2592000, h3-Q046=”:443″; ma=2592000, h3-Q043=”:443″; ma=2592000, quic=”:443″; ma=2592000; v=”43,46″ |
— end —
