Computer sleuths - help me find this website's host

Someone here's got to be a good sleuth. I need to track down who is hosting a particular website with infringing material, but the little bastards have done a good job obfuscating any whois or other relevant information.

The domain is mmodm.com

Any help appreciated.

 

Contact Information


Registrant Contact

Name: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Organization: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Mailing Address: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China,, Beijing Beijing 100120 CN

Phone: +8610.65985888

Ext:

Fax: +8610.65985438

Fax Ext:

Email: [email protected]


Admin Contact

Name: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Organization: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Mailing Address: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China,, Beijing Beijing 100120 CN

Phone: +8610.65985888

Ext:

Fax: +8610.65985438

Fax Ext:

Email: [email protected]


Tech Contact

Name: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Organization: YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Mailing Address: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China,, Beijing Beijing 100120 CN

Phone: +8610.65985888

Ext:

Fax: +8610.65985438

Fax Ext:

Email: [email protected]


Registrar

WHOIS Server: whois.hichina.com

URL: http://www.net.cn/

Registrar: HICHINA ZHICHENG TECHNOLOGY LTD.

IANA ID: 420

Abuse Contact Email: [email protected]

Abuse Contact Phone: +86.4006008500


Status

Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited

Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited


Important Dates

Updated Date: 2015-08-14

Created Date: 2013-08-24

Registration Expiration Date: 2016-08-24

 

No DNS records are returned for it so I suspect there is no host and only a registration.

there is an existing record for www.mmodm.com

Name: www.mmodm.com
Address: 5.189.128.210

That leads to a site hosted in Germany.



Country:
Germany de flag

State/Region:


City:


Latitude:
51

Longitude:
9

Continent:
EU






General IP Information


IP:
5.189.128.210

Decimal:
96305362

ISP:
Contabo GmbH

Organization:
net for SK-KONTINENT ltd.

Time zone:
Europe/Berlin

IP local Time:
10/06/2015, 02:26:10

 

Thanks. It was tricky to find, but I think the actual host is Contabo (former giga-international, which I had heard of before). Had to look for other domains hosted on the same IP. I used domaintools.com's service and they let me do a reverse lookup on the IP. It had one other site hosted, which I was able to find the host for. I assume if it's the same IP it's the same host. Now let's see if they actually respond to an abuse complaint. Somehow I doubt it. How would they manage to obscure the hosting provider? That's what I don't get.

 

That leads to this ISP.

https://contabo.de/

 

By paying for it. It's just an extra fee on domain registration.

 

What he said.

 

People actually spend real money to buy fake money in a game?

 

Yes, there is quite a bit of money to be made being a money changer. The companies that own the games hate it but are unable to stop it.

 

They also engage in copyright infringement and leeching organic traffic from legitimate sites for adsense revenue. They're parasites.

I've registered quite a few domains and I've seen the option to hide registrant information, but never seen an indication that it would hide the web hosting service as well.

I sent a DMCA claim to the host, some offshore hosts will still respect it under their general infringement guidelines. Apparently German copyright law hews close to ours, so I'm hopeful. We'll see, but I won't hold my breath!

 

can you go to your ISP/backbone and have them nullroute that IP number within their network?

 

It's not a problem with our network. They're diverting organic traffic from one of our ecommerce sites with fake coupon codes. When a customer check outs and sees the coupon code box, they Google for any codes they can use. Then they find these monkeys' site and try the fake codes. When it doesn't work, the customer abandons the cart because they'd expected to save 15%. I got 3 of these assholes with US hosts to remove mention of the site, conversions immediately improved by 30%. In the course of a year they cause us to lose serious money. These people I'm sure also primarily engage in affiliate fraud, but we don't pariticipate in affiliate networks.

 

Remove the coupon code box. User research has consistently shown that when presented with an empty coupon code box, online shoppers are less likely to complete the purchase because they feel like they should wait to find a coupon code and get the savings they're missing out on. When presented with the same cart experience and prices but no coupon code box, the sale is more likely.

Plenty of other ways to allow shoppers who do actually have coupons to enter them.

 

Yeah I want to remove it entirely as I'm aware of the effect on conversions. We have outstanding codes sent to customers in other channels, so I have to find an alternate way to let people enter them instead of in the checkout flow.

 

Can you store any coupons in their account?
Make it account level and user specific.

That way it only shows when they have a coupon from you?

 

We could do that, but we divert customers from other sales channels to this site with advertising. They're given an introductory discount. I could probably modify the system such that any new account is already loaded with a particular discount, but we use a SAAS platform so I'm not sure what's possible. Then I'd have to create logic to deny the discount to identical customers who created a new account to get the discount. Oy vey.

 

never say never when you have a screaming toddler on hand...sometimes you just break for the crying to stop