I was paid another visit by our pal, Thomas Reece. Today, he is using Verio as his host. All of his domains are registered with Moniker.com. Interestingly, the WHOIS record seems to have some inaccurate information in it, which is against their terms of service. If you've been blog spammed, pick one of the domains listed, check the WHOIS, and alert Moniker if there is inaccurate information in it. The WHOIS record from today is below. The contact phone number does not correspond to the address listed, and the registrant's address simply does not exist. Make sure to ping the URL, and alert the host du jour what that account is being used for.
One of the (munged) domains in the spam is: personal-loan [dot] ca [dot] fidelityfunding [dot] net
If you just visit fidelityfunding [dot] net, you get a 404. But if you ping personal-loan [dot] ca, that seems to be a live site. I'll bet anyone a nickel there's a redirect script hiding at fidelityfunding [dot] net.
All of the URLs in the spam have the same structure, and they all point back to the same IP at Verio, and all are registered by Moniker. And, it seems we're not the only ones harassed by Thomas Reece. More love here: http://thepete.com/index.php?p=1493
Checking server [whois.crsnic.net]
Checking server [whois.moniker.com]
Results:
Moniker.com Whois Server Version 2.0
The Data in Moniker.com's WHOIS database
is provided for information purposes only, and is
designed to assist persons in obtaining information
related to domain name registration records.
Moniker.com does not guarantee its accuracy.
By submitting a WHOIS query, you agree that you
will use this Data only for lawful purposes and
that, under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the
transmission of mass unsolicited, commercial
advertising or solicitations via e-mail (spam); or
(2) enable high volume, automated, electronic
processes that apply to Moniker.com (or its
systems). Moniker.com reserves the right
to modify these terms at any time. By submitting
this query, you agree to abide by this policy.
Domain Name: FIDELITYFUNDING.NET
Registrant:
Jane Phill
61 Street
NYC
NY
US
10048
Administrative Contact:
Reece, Thomas (NIC-21871) contact100@team-support-24x7.net
Thomas Reece
249 W 89 Street
NYC
NY, US
10024
Phone: 2128732251
Billing Contact:
Reece, Thomas (NIC-21871) contact100@team-support-24x7.net
Thomas Reece
249 W 89 Street
NYC
NY, US
10024
Phone: 2128732251
Technical Contact:
Reece, Thomas (NIC-21871) contact100@team-support-24x7.net
Thomas Reece
249 W 89 Street
NYC
NY, US
10024
Phone: 2128732251
Domain servers in listed order:
NS0.DNS-1995.NET
NS1.DNS-1995.NET
Record created on 1999-08-09 20:29:00.0
Database last updated on 2004-12-31 07:50:51.233
Domain Expires on 2006-08-09 20:29:00.0