WhoIs ~ www.redstation.com Review

Money Mules/Malwares Hosting Provider A sanctuary For Cybercriminals

This  hosting company (data center) is hosting several of the money mule  and malwares sites we are encountering.scamalert
IP 109.73.77.82 = AS35662 = REDSTATION Redstation Limited

Postal address:
Redstation Limited
2 Frater Gate Business Park
Aerodrome Road
Gosport
Hampshire
PO13 0GW
UNITED KINGDOM

Telephone:
Enquiries: 0800 622 6655
24/7 Support: 0800 987 5640
International Enquiries: +44 1329 828224
International Support: +44 1329 243123

Name Server: NS1.MERXS.SU
Name Server: NS2.WERMO.SU
Name Server: NS3.MARSO.CC

This slideshow requires JavaScript.

Calling from abroad

From overseas please call us on +44 1329 828224 or for technical support call +44 1329 243123

To discuss your requirements call us on: 0800 622 6655 or email sales@redstation.com

Address lookup

canonical name http://www.redstation.com

aliases
addresses 149.3.142.10

Domain Whois record
Queried whois.internic.net with “dom redstation.com

Domain Name: REDSTATION.COM
Registrar: TUCOWS DOMAINS INC.

Whois Server: whois.tucows.com

Referral URL: http://domainhelp.opensrs.net
Name Server: DNS1.REDSTATION.CO.UK
Name Server: DNS2.REDSTATION.CO.UK

Status: clientTransferProhibited
Status: clientUpdateProhibited

Updated Date: 15-oct-2010
Creation Date: 21-sep-1999
Expiration Date: 21-sep-2020

Last update of whois database: Sat, 15 Jun 2013 00:45:19 UTC
Queried whois.tucows.com with “redstation.com”…

Registrant:
RACKCENTRE LIMITED
Wentworth House
4400 Parkway
Whiteley, Hampshire PO15 7FJ
GB

Domain name: REDSTATION.COM
Administrative Contact:
Admin, DNS admin@redstation.com
2 Frater Gate Business Park
Aerodrome Road
Gosport, Hampshire PO13 0GW
GB
+44.1329828224

Technical Contact:
Administrator, DNS admin@redstation.com
2 Frater Gate Business Park
Aerodrome Road
Gosport, Hampshire PO13 0GW
GB
+44.1329828224

Registration Service Provider:
Redstation Limited, admin@redstation.com
+44 1329 828224
http://www.redstation.com
Registrar of Record: TUCOWS, INC.
Record last updated on 12-Jun-2013

Record expires on 21-Sep-2020
Record created on 21-Sep-1999

Registrar Domain Name Help Center:
http://tucowsdomains.com

Domain servers in listed order:
DNS1.REDSTATION.CO.UK
DNS2.REDSTATION.CO.UK

Domain status: clientTransferProhibited

clientUpdateProhibited

Network Whois record
Queried whois.ripe.net with “-B 149.3.142.10″…

Information related to ‘149.3.142.8 – 149.3.142.11’

Abuse contact for ‘149.3.142.8 – 149.3.142.11’ is ‘abuse@redstation.com’

inetnum: 149.3.142.8 – 149.3.142.11

netname: REDSTATIONWEB
descr: Redstation Limited
descr: Web Server Network

country: GB
admin-c: RA1415-RIPE
tech-c: RA1415-RIPE
status: ASSIGNED PA
remarks: ABUSE REPORTS: abuse@redstation.com

mnt-by: REDSTATION-MNT
mnt-domains: REDSTATION-MNT
mnt-routes: REDSTATION-MNT

changed: ripe-admin@redstation.com 20110928
source: RIPE

role: Redstation Admin Role
address: Redstation Limited
address: 2 Frater Gate Business Park
address: Aerodrome Road
address: Gosport
address: Hampshire
address: PO13 0GW
address: UNITED KINGDOM

abuse-mailbox: abuse@redstation.com
e-mail: ripe-admin@redstation.com

admin-c: KMAC-RIPE
tech-c: PA5242-RIPE
nic-hdl: RA1415-RIPE
mnt-by: REDSTATION-MNT
changed: ripe-admin@redstation.com 20080625
source: RIPE

Information related to ‘149.3.140.0/22AS35662
route: 149.3.140.0/22

descr: FTIP002960302 Redstation Limited
origin: AS35662

mnt-by: REDSTATION-MNT
changed: kevinmcardle@redstation.com 20110725
source: RIPE

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS3)

DNS records
name class type data time to live
http://www.redstation.com IN A 149.3.142.10 60s (00:01:00)
redstation.com IN A 149.3.142.10 60s (00:01:00)
redstation.com IN NS dns2.redstation.co.uk 60s (00:01:00)
redstation.com IN NS dns1.redstation.co.uk 60s (00:01:00)
redstation.com IN SOA

server: dns1.redstation.co.uk
email: admin@redstation.co.uk
serial: 158
refresh: 300
retry: 600
expire: 600
minimum ttl: 60
60s (00:01:00)
redstation.com IN MX
preference: 5
exchange: mail.redstation.com
60s (00:01:00)

redstation.com IN TXT v=spf1 ip4:80.84.48.0/23 a mx include:redstationmail.co.uk -all 60s (00:01:00)

10.142.3.149.in-addr.arpa IN PTR http://www.redstation.com 3600s (01:00:00)
142.3.149.in-addr.arpa IN SOA

server: dns3.redstation.co.uk
email: admin@redstation.co.uk

serial: 2007071361
refresh: 1200
retry: 600
expire: 1728000
minimum ttl: 3600
3600s (01:00:00)
142.3.149.in-addr.arpa IN RRSIG
type covered: NSEC (47)
algorithm: RSA/SHA-1 (5)
labels: 5
original ttl: 10800 (03:00:00)
signature expiration: 2013-06-24 20:00:12Z
signature inception: 2013-06-14 20:00:12Z
key tag: 3017
signer’s name: 149.in-addr.arpa
signature:
(1024 bits)

382516B2216BDE33D981DCEDA76B87DD
1974F44B93E982D05DE48AAE9F5C72F8
766283F9AE625E7F88073A23F55201BD
23BB04DF6B49F068A74F989095785E57
90C88856976CD6DC3E926624FF522AF4
4DD68AE7CF785FB5600F7C0B05273B2B
BBDDD9712CDB6AB79C74862B2044AF8E
306AF43B46176656953F00F1210E8C7D

10800s (03:00:00)
142.3.149.in-addr.arpa IN NSEC
next domain name: 143.3.149.in-addr.arpa
record types: NS RRSIG NSEC
10800s (03:00:00)
142.3.149.in-addr.arpa IN NS dns3.redstation.co.uk 3600s (01:00:00)
142.3.149.in-addr.arpa IN NS dns2.redstation.co.uk 3600s (01:00:00)

Traceroute
Tracing route to http://www.redstation.com [149.3.142.10]
hop rtt rtt rtt ip address fully qualified domain name
1 1 1 1 70.84.211.97 61.d3.5446.static.theplanet.com
2 1 0 0 70.87.254.5 po101.dsr02.dllstx5.networklayer.com
3 122 3 1 70.85.127.109 po52.dsr02.dllstx3.networklayer.com
4 0 0 0 173.192.18.230 ae17.bbr02.eq01.dal03.networklayer.com
5 20 20 20 173.192.18.135 ae1.bbr01.tl01.atl01.networklayer.com
6 33 33 33 173.192.18.152 ae0.bbr01.eq01.wdc02.networklayer.com
7 34 38 53 173.192.18.195 ae7.bbr02.eq01.wdc02.networklayer.com
8 113 113 113 50.97.18.215 ae0.bbr01.eq01.ams02.networklayer.com
9 189 222 211 195.69.147.48
10 114 114 114 109.200.17.234 34-17-200-109.rackcentre.redstation.net.uk
11 120 119 120 109.200.17.250 50-17-200-109.rackcentre.redstation.net.uk
12 114 114 114 149.3.142.10 http://www.redstation.com
Trace complete

— end —

Related Article:

Advertisements

4 thoughts on “WhoIs ~ www.redstation.com Review

  1. SFA Reporter says:

    Address lookup
    canonical name marketsolutionlimited.org

    aliases
    addresses 109.73.77.82
    Domain Whois record

    Queried whois.publicinterestregistry.net with “marketsolutionlimited.org”…

    Domain ID:D168884098-LROR
    Domain Name:MARKETSOLUTIONLIMITED.ORG
    Created On:06-Jun-2013 15:28:38 UTC
    Last Updated On:06-Jun-2013 15:31:59 UTC
    Expiration Date:06-Jun-2014 15:28:38 UTC
    Sponsoring Registrar:Paknic (Private) Limited (R1605-LROR)
    Status:TRANSFER PROHIBITED
    Registrant ID:PAK13060619474-1
    Registrant Name:Tristan Platenkamp
    Registrant Organization:Tristan Platenkamp
    Registrant Street1:Drususstraat 80
    Registrant City:Nijmegen
    Registrant State/Province:GE
    Registrant Postal Code:6522 LB
    Registrant Country:NL
    Registrant Phone:+31.06509807
    Registrant FAX:+31.06509807
    Registrant Email:wallace@marketsolutionlimited.org

    Admin ID:PAK13060619474-2
    Admin Name:Tristan Platenkamp
    Admin Organization:Tristan Platenkamp
    Admin Street1:Drususstraat 80
    Admin City:Nijmegen
    Admin State/Province:GE
    Admin Postal Code:6522 LB
    Admin Country:NL
    Admin Phone:+31.06509807
    Admin FAX:+31.06509807
    Admin Email:wallace@marketsolutionlimited.org

    Tech ID:PAK13060619474-3
    Tech Name:Tristan Platenkamp
    Tech Organization:Tristan Platenkamp
    Tech Street1:Drususstraat 80
    Tech City:Nijmegen
    Tech State/Province:GE
    Tech Postal Code:6522 LB
    Tech Country:NL
    Tech Phone:+31.06509807
    Tech FAX:+31.06509807
    Tech Email:wallace@marketsolutionlimited.org

    Name Server:NS1.MALKODNS.PL
    Name Server:NS2.STEFNS.PL
    Name Server:NS3.WOLNYDNS.PL

    Name Server:
    DNSSEC:Unsigned

    Network Whois record
    Queried whois.ripe.net with “-B 109.73.77.82
    % Information related to ‘109.73.77.80 – 109.73.77.87’

    % Abuse contact for ‘109.73.77.80 – 109.73.77.87’ is ‘abuse@redstation.com’

    inetnum: 109.73.77.80 – 109.73.77.87
    netname: RSDEDI-MMLAGGOF
    descr: Dedicated Server Hosting
    country: GB
    admin-c: RA1415-RIPE
    tech-c: RA1415-RIPE
    status: ASSIGNED PA
    remarks: ABUSE REPORTS: abuse@redstation.com
    mnt-by: REDSTATION-MNT
    mnt-domains: REDSTATION-MNT
    mnt-routes: REDSTATION-MNT
    changed: ripe-admin@redstation.com 20130525
    source: RIPE

    role: Redstation Admin Role
    address: Redstation Limited
    address: 2 Frater Gate Business Park
    address: Aerodrome Road
    address: Gosport
    address: Hampshire
    address: PO13 0GW
    address: UNITED KINGDOM
    abuse-mailbox: abuse@redstation.com
    e-mail: ripe-admin@redstation.com
    admin-c: KMAC-RIPE
    tech-c: PA5242-RIPE
    nic-hdl: RA1415-RIPE
    mnt-by: REDSTATION-MNT
    changed: ripe-admin@redstation.com 20080625
    source: RIPE

    % Information related to ‘109.73.64.0/20AS35662’

    route: 109.73.64.0/20
    descr: FTIP002960302 Redstation Limited
    origin: AS35662
    mnt-by: REDSTATION-MNT
    changed: kevin.mcardle@redstation.com 20110218
    source: RIPE

    % This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS1)

    DNS records
    name class type data time to live
    marketsolutionlimited.org IN TXT v=spf1 a mx ip4:55.11.65.20/2 ip4:90.2.123.112/2 ip4:176.33.87.19/2 ip4:212.63.89.33/2 ?all 120s (00:02:00)
    marketsolutionlimited.org IN NS ns2.stefns.pl 120s (00:02:00)
    marketsolutionlimited.org IN A 109.73.77.82 120s (00:02:00)
    marketsolutionlimited.org IN MX
    preference: 10
    exchange: mx.marketsolutionlimited.org
    120s (00:02:00)
    marketsolutionlimited.org IN NS ns1.malkodns.pl 120s (00:02:00)
    marketsolutionlimited.org IN SOA
    server: ns1.marketsolutionlimited.org
    email: hostmaster@marketsolutionlimited.org
    serial: 9
    refresh: 300
    retry: 120
    expire: 86400
    minimum ttl: 60
    120s (00:02:00)
    marketsolutionlimited.org IN NS ns3.wolnydns.pl 120s (00:02:00)
    82.77.73.109.in-addr.arpa IN PTR 82-77-73-109.rackcentre.redstation.net.uk 3600s (01:00:00)
    77.73.109.in-addr.arpa IN SOA
    server: dns3.redstation.co.uk
    email: admin@redstation.co.uk
    serial: 2010260137
    refresh: 1200
    retry: 60
    expire: 1814400
    minimum ttl: 3600
    3600s (01:00:00)
    77.73.109.in-addr.arpa IN RRSIG
    type covered: NSEC (47)
    algorithm: RSA/SHA-1 (5)
    labels: 5
    original ttl: 7200 (02:00:00)
    signature expiration: 2013-07-14 14:16:16Z
    signature inception: 2013-06-14 13:16:16Z
    key tag: 48018
    signer’s name: 109.in-addr.arpa
    signature:
    (1024 bits)

    BAED0AB7C09C5282A8F6FC023AACE549
    8DA9EAD76CF9B8BE3DBDEF87A6976E86
    62AAC5003A257B076EAFDF2DBDE41AED
    CFA62B1FD769B300154A6A62FCF5D5FB
    E751BD680A3F7639B43169FA2B7E5D96
    68E2F69BA50B2CE8DDEFE9C75E94B8D6
    0AFDE23C41F2C87E4DC482A97BB3DA0B
    F99EC2C44AF68B61FCD957CE9D290B2A

    7200s (02:00:00)
    77.73.109.in-addr.arpa IN NSEC
    next domain name: 78.73.109.in-addr.arpa
    record types: NS RRSIG NSEC
    7200s (02:00:00)
    77.73.109.in-addr.arpa IN NS dns2.redstation.co.uk 3600s (01:00:00)
    77.73.109.in-addr.arpa IN NS dns3.redstation.co.uk 3600s (01:00:00)

    — end —

  2. SFA Reporter says:

    Address lookup
    canonical name marketsolutionlimited.org

    aliases
    addresses 109.73.77.82
    Domain Whois record

    Queried whois.publicinterestregistry.net with “marketsolutionlimited.org”…

    Domain ID:D168884098-LROR
    Domain Name:MARKETSOLUTIONLIMITED.ORG
    Created On:06-Jun-2013 15:28:38 UTC
    Last Updated On:06-Jun-2013 15:31:59 UTC
    Expiration Date:06-Jun-2014 15:28:38 UTC
    Sponsoring Registrar:Paknic (Private) Limited (R1605-LROR)
    Status:TRANSFER PROHIBITED
    Registrant ID:PAK13060619474-1
    Registrant Name:Tristan Platenkamp
    Registrant Organization:Tristan Platenkamp
    Registrant Street1:Drususstraat 80
    Registrant City:Nijmegen
    Registrant State/Province:GE
    Registrant Postal Code:6522 LB
    Registrant Country:NL
    Registrant Phone:+31.06509807
    Registrant FAX:+31.06509807
    Registrant Email:wallace@marketsolutionlimited.org

    Admin ID:PAK13060619474-2
    Admin Name:Tristan Platenkamp
    Admin Organization:Tristan Platenkamp
    Admin Street1:Drususstraat 80
    Admin City:Nijmegen
    Admin State/Province:GE
    Admin Postal Code:6522 LB
    Admin Country:NL
    Admin Phone:+31.06509807
    Admin FAX:+31.06509807
    Admin Email:wallace@marketsolutionlimited.org

    Tech ID:PAK13060619474-3
    Tech Name:Tristan Platenkamp
    Tech Organization:Tristan Platenkamp
    Tech Street1:Drususstraat 80
    Tech City:Nijmegen
    Tech State/Province:GE
    Tech Postal Code:6522 LB
    Tech Country:NL
    Tech Phone:+31.06509807
    Tech Email:wallace@marketsolutionlimited.org

    Name Server:NS1.MALKODNS.PL
    Name Server:NS2.STEFNS.PL
    Name Server:NS3.WOLNYDNS.PL

    DNSSEC:Unsigned
    Network Whois record

    Queried whois.ripe.net with “-B 109.73.77.82″…

    Information related to ‘109.73.77.80 – 109.73.77.87’

    Abuse contact for ‘109.73.77.80 – 109.73.77.87’ is ‘abuse@redstation.com’

    inetnum: 109.73.77.80 – 109.73.77.87
    netname: RSDEDI-MMLAGGOF
    descr: Dedicated Server Hosting
    country: GB
    admin-c: RA1415-RIPE
    tech-c: RA1415-RIPE
    status: ASSIGNED PA
    remarks: ABUSE REPORTS: abuse@redstation.com
    mnt-by: REDSTATION-MNT
    mnt-domains: REDSTATION-MNT
    mnt-routes: REDSTATION-MNT
    changed: ripe-admin@redstation.com 20130525
    source: RIPE

    role: Redstation Admin Role
    address: Redstation Limited
    address: 2 Frater Gate Business Park
    address: Aerodrome Road
    address: Gosport
    address: Hampshire
    address: PO13 0GW
    address: UNITED KINGDOM
    abuse-mailbox: abuse@redstation.com
    e-mail: ripe-admin@redstation.com
    admin-c: KMAC-RIPE
    tech-c: PA5242-RIPE
    nic-hdl: RA1415-RIPE
    mnt-by: REDSTATION-MNT
    changed: ripe-admin@redstation.com 20080625
    source: RIPE

    % Information related to ‘109.73.64.0/20AS35662’

    route: 109.73.64.0/20
    descr: FTIP002960302 Redstation Limited
    origin: AS35662
    mnt-by: REDSTATION-MNT
    changed: kevin.mcardle@redstation.com 20110218
    source: RIPE

    % This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS1)

    DNS records
    name class type data time to live
    marketsolutionlimited.org IN TXT v=spf1 a mx ip4:55.11.65.20/2 ip4:90.2.123.112/2 ip4:176.33.87.19/2 ip4:212.63.89.33/2 ?all 120s (00:02:00)
    marketsolutionlimited.org IN NS ns2.stefns.pl 120s (00:02:00)
    marketsolutionlimited.org IN A 109.73.77.82 120s (00:02:00)
    marketsolutionlimited.org IN MX
    preference: 10
    exchange: mx.marketsolutionlimited.org
    120s (00:02:00)
    marketsolutionlimited.org IN NS ns1.malkodns.pl 120s (00:02:00)
    marketsolutionlimited.org IN SOA
    server: ns1.marketsolutionlimited.org
    email: hostmaster@marketsolutionlimited.org
    serial: 9
    refresh: 300
    retry: 120
    expire: 86400
    minimum ttl: 60
    120s (00:02:00)
    marketsolutionlimited.org IN NS ns3.wolnydns.pl 120s (00:02:00)
    82.77.73.109.in-addr.arpa IN PTR 82-77-73-109.rackcentre.redstation.net.uk 3600s (01:00:00)
    77.73.109.in-addr.arpa IN SOA
    server: dns3.redstation.co.uk
    email: admin@redstation.co.uk
    serial: 2010260137
    refresh: 1200
    retry: 60
    expire: 1814400
    minimum ttl: 3600
    3600s (01:00:00)
    77.73.109.in-addr.arpa IN RRSIG
    type covered: NSEC (47)
    algorithm: RSA/SHA-1 (5)
    labels: 5
    original ttl: 7200 (02:00:00)
    signature expiration: 2013-07-14 14:16:16Z
    signature inception: 2013-06-14 13:16:16Z
    key tag: 48018
    signer’s name: 109.in-addr.arpa
    signature:
    (1024 bits)

    BAED0AB7C09C5282A8F6FC023AACE549
    8DA9EAD76CF9B8BE3DBDEF87A6976E86
    62AAC5003A257B076EAFDF2DBDE41AED
    CFA62B1FD769B300154A6A62FCF5D5FB
    E751BD680A3F7639B43169FA2B7E5D96
    68E2F69BA50B2CE8DDEFE9C75E94B8D6
    0AFDE23C41F2C87E4DC482A97BB3DA0B
    F99EC2C44AF68B61FCD957CE9D290B2A

    7200s (02:00:00)
    77.73.109.in-addr.arpa IN NSEC
    next domain name: 78.73.109.in-addr.arpa
    record types: NS RRSIG NSEC
    7200s (02:00:00)
    77.73.109.in-addr.arpa IN NS dns2.redstation.co.uk 3600s (01:00:00)
    77.73.109.in-addr.arpa IN NS dns3.redstation.co.uk 3600s (01:00:00)

    — end —

  3. SFA Reporter says:

    Domain IP:31.193.133.167 = MONEYMULE DOMAINS

    1. freelancersltd.com
    2. triad-data-tech.biz
    3. uksoltuion-enterprises.org
    4. soltuion-enterprisesuk.biz
    5. uksolutiongroup.biz
    6. itlounge-ltd-uk.com
    7. uk-it-loungeltd.net
    8. beyond-atlantis-ltd.org
    9. accounting-technology.co.uk
    10. andromeda-uk.com
    11. andromeda-ltd.org
    12. lloydsgroupstsb.com
    13. infinityplus-one.biz
    14. tj-consulting.biz
    15. nowfastsrl.biz
    16. us-bmc-outsourcing.net
    17. planet-outsource.biz
    18. titan-advisers-ltd.com
    19. fundstransferalliance.biz
    20. interbrite-solutions.biz
    21. rental-ag.com
    22. ukmax-pac-ltd.com
    23. firsthorizonbk.org
    24. jasonco-group.biz
    25. optimus-consulting.org
    26. power-stretch-inc.com
    27. ukachall-ltd.biz
    28. ukachall-ltd.org
    29. italfastsrl.biz
    30. worldwidefreelance.net
    31. dynamite-solutions.com
    32. prima-it.biz
    33. us-folcongroup.org
    34. uksolution-management.co.uk
    35. consult-compass-us.org
    36. starrbizsolutions.com
    37. finance-reports.lesecretminceurdesstars.com
    38. finance-reports.waystoloseweightfaster.com
    39. bestwaystoloseweightathome.com
    40. infoquestus.biz
    41. solution-consult.co.uk
    42. builder-u-k.co.uk
    43. ship-expressinc.net
    44. ship-expressinc.com
    45. Sunflykaraoke.com
    46. Biz-software.cc
    47. http://www.smartconsulting.cc
    48. http://www.fastexportltd.co.uk
    49. http://www.consultservices.net
    50. http://www.usa-itright.net
    51. http://www.consultservices.org
    52. http://www.consultservices.info
    53. http://www.it-right-usa.com
    54. http://www.rbs-onlineuk.com
  4. Walter Wise says:

    They are also hosting many scam fake escrow websites for Russian scammers. An example is tricell-transactions.com which is a complete and utter scam, complete with many fake websites claiming the site is legitimate. Stay away from fake escrow sites like Tricell Safe Transactions because they will steal your money.

Leave A Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s