View difference between Paste ID: <a href="/vF4U27wv">vF4U27wv</a> and <a href="/SBmjvsm7">SBmjvsm7</a>

(BUFFALO, NY) - MARCH 2013 : COLOCROSSING AKA JON BILOH HOSTING IRANIANS ILLEGALLY / VIOLATING IRAN USA TRADE EMBARGO
1		(BUFFALO, NY) - MARCH 2013 : COLOCROSSING AKA JON BILOH HOSTING IRANIANS ILLEGALLY / VIOLATING IRAN USA TRADE EMBARGO
2
3
4		This is a story about an internet provider, who built a low end marketplace under false pretenses.
5
6		Colocrossing, is a Buffalo, New York, company that specializes in colocation and dedicated server rentals.
7
8		The United States Treasury lists the Country of Iran on an embargo list. United States citizens and corporations are disallowed from conducting business or trade with Iranians.
9		[link: http://www.treasury.gov/resource-center/sanctions/Programs/pages/iran.aspx]
10
11		This is how Colocrossing is engaged in business transactions with multiple Iranian companies. It involves both direct downstream peering to a company named Herodap Solutions E, which used a California apartment address for various registration details.
12
13		We show the peering this way:
14
15		Go to: http://bgp.he.net/AS36352
16
17		Click: Peers v4 ---> http://bgp.he.net/AS36352#_peers
18
19		* notice #13 *
20		13 AS61406
21
22		Click: AS61406 ---> http://bgp.he.net/AS61406
23
24		Click: Prefixes v4 ---> http://bgp.he.net/AS61406#_prefixes
25
26		Prefix Description
27		185.2.12.0/23 Herodap Solutions E
28		185.2.14.0/23 Herodap Solutions E
29
30		Note the Iranian flag.
31
32
33		[source: http://www.ris.ripe.net/dashboard/AS61406 ]
34
35		Prefix Size Last seen First seen Whois Registry Peers seeing
36		185.2.14.0/23 23 2013-02-15 22:44:55 UTC 2012-12-03 21:31:02 UTC W RIPE NCC 103
37		185.2.12.0/23 23 2013-02-15 22:44:55 UTC 2012-12-03 21:30:31 UTC W RIPE NCC 103
38
39		[source: http://www.cidr-report.org/cgi-bin/as-report?as=AS61406&view=2.0]
40		aut-num: AS61406
41		as-name: HerodapSolutions
42		descr: Herodap solutions E
43
44		Information related to 'AS61406'
45
46		aut-num: AS61406
47		as-name: HerodapSolutions
48		descr: Herodap solutions E
49		org: ORG-HA311-RIPE
50		import: from AS36352 accept ANY
51		import: from AS57497 accept ANY
52		export: to AS36352 announce AS61406
53		export: to AS57497 announce AS61406
54		admin-c: AH8153-RIPE
55		tech-c: AH8153-RIPE
56		mnt-by: RIPE-NCC-END-MNT
57		mnt-by: AH86906-MNT
58		source: RIPE # Filtered
59
60		organisation: ORG-HA311-RIPE
61		org-name: Herodap solutions E
62		org-type: OTHER
63		address: Stenhammarsvagen 31 802 67
64		mnt-ref: FH72714-MNT
65		mnt-by: AH86906-MNT
66		source: RIPE # Filtered
67
68		person: Abolfazl Hayati
69		address: 435 Reflections Cir Apt 11 San Ramon Ca 94583
70		phone: +19038904393
71		nic-hdl: AH8153-RIPE
72		mnt-by: AH86906-MNT
73		source: RIPE # Filtered
74
75
76		Now we have following points:
77		AS61406
78		Herodap Solutions E
79		HerodapSolutions
80		Abolfazl Hayati
81		435 Reflections Cir Apt 11
82		185.2.12.0/23
83		185.2.14.0/23
84
85
86		435 Reflections Cir Apt 11:
87
88		http://www.enom.com/whois/royal-servers-com.html
89		ROYAL-SERVERS.COM
90
91		Registration Date: 31-Oct-2007
92		Expiration Date: 31-Oct-2013
93
94		Status:ACTIVE
95
96
97		Name Servers:
98		ns1.royal-servers.com
99		ns2.royal-servers.com
100
101
102		Registrant Contact Details:
103		Royal Server
104		seyed jafar bagheri
105
106
107		435 Reflections Cir ,Apt 11
108		Sah roman
109		California,94583
110		US
111		Tel. +925.3894455
112
113
114
115		Domain Name: MAJMAELMI.COM
116
117		Registration Date: 01-Sep-2007
118		Expiration Date: 01-Sep-2013
119
120		Status:LOCKED
121
122		Name Servers:
123		ns1.mymizban.com
124		ns2.mymizban.com
125
126		Registrant Contact Details:
127		Sindad
128		Morteza Soltani ([email protected])
129		AmirAbad Shomali, Sindad Corp
130		Tehran
131		Tehran,94583
132		IR
133		Tel. +21.44008444
134
135
136		Domain Name: MYMIZBAN.COM
137
138		Registration Date: 02-Jul-2006
139		Expiration Date: 02-Jul-2013
140
141		Status:ACTIVE
142
143
144		Name Servers:
145		ns1.mymizban.com
146		ns2.mymizban.com
147
148
149		Registrant Contact Details:
150		Sindad
151		Morteza Soltani
152
153
154		AmirAbad Shomali, Sindad Corp
155		Tehran
156		Tehran,94583
157		IR
158		Tel. +21.44008444
159
160
161		Domain Name: MAHKAAME.COM
162
163		Registration Date: 19-Nov-2011
164		Expiration Date: 19-Nov-2013
165
166
167		Name Servers:
168		ns1.pcosb.com
169		ns2.pcosb.com
170
171
172		Registrant Contact Details:
173		Sindad
174		Morteza Soltani ([email protected])
175		AmirAbad Shomali, Sindad Corp
176		Tehran
177		Tehran,94583
178		IR
179		Tel. +21.44008444
180
181
182		Domain Name: PCOSB.COM
183
184		Registration Date: 05-Mar-2011
185		Expiration Date: 05-Mar-2014
186
187		Status:ACTIVE
188
189
190		Name Servers:
191		ns1.pcosb.com
192		ns2.pcosb.com
193
194
195		Registrant Contact Details:
196		pcosb.com
197		morteza hadizadeh paskiabi ([email protected])
198		no77,mansor st,Motahari st
199		Tehran
200		ID,17657
201		IR
202		Tel. +98.02184318200
203		Fax. +98.02184318200
204
205
206		Domain Name: FARDA-OIL.COM
207
208		Registration Date: 14-Dec-2011
209		Expiration Date: 14-Dec-2013
210
211		Name Servers:
212		ns1.sindad.com
213		ns2.sindad.com
214
215
216		Registrant Contact Details:
217		Sindad
218		Morteza Soltani ([email protected])
219		AmirAbad Shomali, Sindad Corp
220		Tehran
221		Tehran,94583
222		IR
223		Tel. +21.44008444
224
225		Domains hosted on as61406
226		Domain IP Address
227		jahanesanat.ir 185.2.12.13
228		vahidhashemi.com 185.2.12.13
229		bazykon.com 185.2.12.13
230
231
232		Information related to 'jahanesanat.ir'
233
234		domain: jahanesanat.ir
235		ascii: jahanesanat.ir
236		remarks: (Domain Holder) Seyed mohamad ali eslami
237		remarks: (Domain Holder Address) No.5,8th Alley,Dore shahr St.,Qom, IR3715646565, IR
238		holder-c: ---
239		admin-c: se55-irnic
240		tech-c: se55-irnic
241		bill-c: to52-irnic
242		nserver: ns1.bazykon.com
243		nserver: ns2.bazykon.com
244		last-updated: 2012-10-26
245		expire-date: 2015-12-06
246		source: IRNIC # Filtered
247
248		nic-hdl: se55-irnic
249		person: Seyed Mohammad Ali Eslami
250		e-mail: [email protected]
251		address: Doreshar, 8 Alley, No. 8, Unit 3,, Qom, Qom, IR
252		phone: 09122524529
253		fax-no: 09122524529
254
255
256		tracepath jahanesanat.ir
257		6: nyk-bb1-link.telia.net 57.671ms asymm 7
258		7: buf-b1-link.telia.net 37.034ms asymm 8
259		8: giglinx-ic-155660-buf-b1.c.telia.net 32.716ms
260		9: host.colocrossing.com 40.298ms
261
262
263
264		Domain Name: VAHIDHASHEMI.COM
265
266		Registration Date: 31-Jan-2012
267		Expiration Date: 31-Jan-2014
268
269		Name Servers:
270		ns1.bazykon.com
271		ns2.bazykon.com
272
273
274		Registrant Contact Details:
275		Sarreh
276		Seyed Vahid Hashemi ([email protected])
277		Tehran
278		Tehran
279		Tehran,560078
280		IR
281		Tel. +98.12345678
282
283
284		tracepath VAHIDHASHEMI.COM
285		6: nyk-bb1-link.telia.net 29.005ms asymm 7
286		7: buf-b1-link.telia.net 37.001ms asymm 8
287		8: giglinx-ic-155660-buf-b1.c.telia.net 40.294ms
288		9: host.colocrossing.com 40.289ms
289
290
291
292		Domain Name: BAZYKON.COM
293
294		Registration Date: 14-Mar-2010
295		Expiration Date: 14-Mar-2013
296
297		Name Servers:
298		ns1.bazykon.com
299		ns2.bazykon.com
300
301
302		Registrant Contact Details:
303		PrivacyProtect.org
304		Domain Admin ([email protected])
305		ID#10760, PO Box 16
306		Note - Visit PrivacyProtect.org to contact the domain owner/operator
307		Nobby Beach
308		Queensland,QLD 4218
309		AU
310		Tel. +45.36946676
311
312
313		tracepath ns1.bazykon.com
314		6: nyk-bb1-link.telia.net 28.723ms asymm 7
315		7: buf-b1-link.telia.net 37.049ms asymm 8
316		8: giglinx-ic-155660-buf-b1.c.telia.net 40.363ms
317		9: host.colocrossing.com 40.135ms
318
319		tracepath ns2.bazykon.com
320		6: nyk-bb1-link.telia.net 29.017ms asymm 7
321		7: buf-b1-link.telia.net 36.914ms asymm 8
322		8: giglinx-ic-155660-buf-b1.c.telia.net 32.865ms
323		9: host.colocrossing.com 39.041ms
324
325
326
327
328		Domain Name: AMELBANA.COM
329
330		Registration Date: 14-Sep-2011
331		Expiration Date: 14-Sep-2013
332
333		Name Servers:
334		ns1.bazykon.com
335		ns2.bazykon.com
336
337
338		Registrant Contact Details:
339		Amelbana
340		Naser Aydani ([email protected])
341		iran - tehran
342		Tehran
343		Tehran,560078
344		IR
345		Tel. +098.9124342811
346
347
348		nslookup amelbana.com
349		Server: 127.0.0.1
350		Address: 127.0.0.1#53
351
352		Non-authoritative answer:
353		Name: amelbana.com
354		Address: 185.2.12.13
355
356		tracepath amelbana.com
357		6: nyk-bb1-link.telia.net 27.774ms asymm 7
358		7: buf-b1-link.telia.net 36.913ms asymm 8
359		8: giglinx-ic-155660-buf-b1.c.telia.net 32.865ms
360		9: host.colocrossing.com 40.278ms
361
362
363
364		Domain Name: ETTELAATHEKMATVAMAREFAT.COM
365
366		Registration Date: 25-Apr-2007
367		Expiration Date: 25-Apr-2013
368
369
370		Name Servers:
371		ns1.bazykon.com
372		ns2.bazykon.com
373
374
375		Registrant Contact Details:
376		tlgtco
377		m rab ([email protected])
378		uae
379		dubai
380		Dubai,560078
381		AE
382		Tel. +021.12345678
383
384		Administrative Contact Details:
385		tlgtco
386		m rab ([email protected])
387		uae
388		dubai
389		Dubai,560078
390		AE
391		Tel. +021.12345678
392
393
394		nslookup ettelaathekmatvamarefat.com
395		Non-authoritative answer:
396		Name: ettelaathekmatvamarefat.com
397		Address: 185.2.12.13
398
399
400		tracepath ettelaathekmatvamarefat.com
401		6: nyk-bb1-link.telia.net 29.035ms asymm 7
402		7: buf-b1-link.telia.net 38.302ms asymm 8
403		8: giglinx-ic-155660-buf-b1.c.telia.net 32.896ms
404		9: host.colocrossing.com 38.986ms
405
406
407		Domain Name: KETABETTELAAT.COM
408
409		Registration Date: 17-Dec-2009
410		Expiration Date: 17-Dec-2013
411
412		Status:ACTIVE
413
414
415		Name Servers:
416		ns1.bazykon.com
417		ns2.bazykon.com
418
419
420		Registrant Contact Details:
421		tlgtco
422		m rab ([email protected])
423		uae
424		dubai
425		Dubai,560078
426		AE
427		Tel. +021.12345678
428
429		Administrative Contact Details:
430		tlgtco
431		m rab ([email protected])
432		uae
433		dubai
434		Dubai,560078
435		AE
436		Tel. +021.12345678
437
438		Technical Contact Details:
439		tlgtco
440		m rab ([email protected])
441		uae
442		dubai
443		Dubai,560078
444		AE
445		Tel. +021.12345678
446
447
448		nslookup ketabettelaat.com
449		Non-authoritative answer:
450		Name: ketabettelaat.com
451		Address: 185.2.12.13
452
453
454		tracepath ketabettelaat.com
455		6: nyk-bb1-link.telia.net 51.575ms asymm 7
456		7: buf-b1-link.telia.net 37.009ms asymm 8
457		8: giglinx-ic-155660-buf-b1.c.telia.net 34.081ms
458		9: host.colocrossing.com 38.955ms
459
460
461
462
463		Domain Name:OSTAN.ORG
464		Created On:20-Nov-2007 10:40:56 UTC
465		Last Updated On:08-Nov-2012 18:33:00 UTC
466		Expiration Date:20-Nov-2013 10:40:56 UTC
467		Sponsoring Registrar:PDR Ltd. d/b/a PublicDomainRegistry.com (R27-LROR)
468		Status:OK
469		Registrant ID:DI_11332140
470		Registrant Name:m rab
471		Registrant Organization:tlgtco
472		Registrant Street1:uae
473		Registrant Street2:
474		Registrant Street3:
475		Registrant City:dubai
476		Registrant State/Province:Dubai
477		Registrant Postal Code:560078
478		Registrant Country:AE
479		Registrant Phone:+021.12345678
480		Registrant Phone Ext.:
481		Registrant FAX:
482		Registrant FAX Ext.:
483		Registrant Email:[email protected]
484		Admin ID:DI_11332140
485
486
487		nslookup ostan.org
488		Non-authoritative answer:
489		Name: ostan.org
490		Address: 185.2.12.13
491
492		tracepath ostan.org
493		6: nyk-bb1-link.telia.net 28.968ms asymm 7
494		7: buf-b1-link.telia.net 36.917ms asymm 8
495		8: giglinx-ic-155660-buf-b1.c.telia.net 34.105ms
496		9: host.colocrossing.com 40.200ms
497
498
499		Domain Name: SARREH.COM
500
501		Registration Date: 26-Aug-2009
502		Expiration Date: 26-Aug-2013
503
504		Status:ACTIVE
505
506
507		Name Servers:
508		ns1.bazykon.com
509		ns2.bazykon.com
510
511
512		Registrant Contact Details:
513		tlgtco
514		m rab ([email protected])
515		uae
516		dubai
517		Dubai,560078
518		AE
519		Tel. +021.12345678
520
521		nslookup sarreh.com
522		Non-authoritative answer:
523		Name: sarreh.com
524		Address: 185.2.12.13
525
526		tracepath sarreh.com
527		6: nyk-bb1-link.telia.net 27.761ms asymm 7
528		7: buf-b1-link.telia.net 38.116ms asymm 8
529		8: giglinx-ic-155660-buf-b1.c.telia.net 32.873ms
530		9: host.colocrossing.com 38.964ms
531
532
533
534		Domain Name: JAHANESANAT.COM
535
536		Registration Date: 06-Nov-2004
537		Expiration Date: 06-Nov-2013
538
539		Status:ACTIVE
540
541
542		Name Servers:
543		ns1.bazykon.com
544		ns2.bazykon.com
545
546
547		Registrant Contact Details:
548		PrivacyProtect.org
549		Domain Admin ([email protected])
550		ID#10760, PO Box 16
551		Note - Visit PrivacyProtect.org to contact the domain owner/operator
552		Nobby Beach
553		Queensland,QLD 4218
554		AU
555		Tel. +45.36946676
556
557
558		nslookup jahanesanat.com
559		Non-authoritative answer:
560		Name: jahanesanat.com
561		Address: 185.2.12.13
562
563		tracepath jahanesanat.com
564		6: nyk-bb1-link.telia.net 61.554ms asymm 7
565		7: buf-b1-link.telia.net 38.252ms asymm 8
566		8: giglinx-ic-155660-buf-b1.c.telia.net 40.292ms
567
568
569
570		Domain Name: NAREIN.COM
571
572		Registration Date: 22-Feb-2010
573		Expiration Date: 22-Feb-2013
574
575		Name Servers:
576		ns1.bazykon.com
577		ns2.bazykon.com
578
579
580		Registrant Contact Details:
581		Sarreh
582		Seyed Vahid Hashemi ([email protected])
583		Tehran
584		Tehran
585		Tehran,560078
586		IR
587		Tel. +98.12345678
588
589		nslookup narein.com
590		Non-authoritative answer:
591		Name: narein.com
592		Address: 185.2.12.13
593
594		tracepath narein.com
595		17: buf-b1-link.telia.net 45.858ms
596		18: giglinx-ic-155660-buf-b1.c.telia.net 44.558ms asymm 17
597		19: host.colocrossing.com 38.262ms asymm 18
598
599
600		Domain Name: ROMANTACO.COM
601
602		Registration Date: 01-Aug-2012
603		Expiration Date: 01-Aug-2013
604
605		Name Servers:
606		ns1.bazykon.com
607		ns2.bazykon.com
608
609
610		Registrant Contact Details:
611		tlgtco
612		m rab ([email protected])
613		uae
614		dubai
615		Dubai,560078
616		AE
617		Tel. +021.12345678
618
619
620		nslookup romantaco.com
621		Non-authoritative answer:
622		Name: romantaco.com
623		Address: 185.2.12.13
624
625
626		tracepath romantaco.com
627		17: buf-b1-link.telia.net 37.951ms
628		18: giglinx-ic-155660-buf-b1.c.telia.net 49.870ms
629		19: host.colocrossing.com 38.652ms asymm 18
630
631
632
633		thunderlights.com
634
635		vphost.org?
636
637
638
639		http://www.irnike.com/ --- was hosted in december - 185.2.12.34
640
641		http://spsdevnic.net/
642
643		http://7servers.net/
644
645		Administrator:
646		name: SPS Developing Group
647		mail: [email protected] tel: +98.1712325140
648		fax: +98.1712325140
649		org: Poshtibanan Pardazesh Aseman Inc.
650
651		address: No. 9, 6th Floor, Morvarid Tower, Valiasr St.,
652		city: Gorgan
653		province: Golestan
654		country: IR
655		postcode: 4916619394
656
657		Technical Contactor:
658		name: SPS Developing Group
659		mail: [email protected] tel: +98.1712325140
660		fax: +98.1712325140
661		org: Poshtibanan Pardazesh Aseman Inc.
662
663		address: No. 9, 6th Floor, Morvarid Tower, Valiasr St.,
664		city: Gorgan
665		province: Golestan
666		country: IR
667		postcode: 4916619394
668
669
670		nslookup 7servers.net
671		Non-authoritative answer:
672		Name: 7servers.net
673		Address: 185.2.12.51
674
675
676		tracepath 7servers.net
677		17: buf-b1-link.telia.net 37.995ms
678		18: giglinx-ic-155660-buf-b1.c.telia.net 77.696ms
679		19: host.colocrossing.com 43.791ms asymm 18
680
681
682
683
684		185.2.12.0/23 (EU ) Faraso Samaneh Pasargad Ltd.
685		185.2.14.0/23 (EU ) Faraso Samaneh Pasargad Ltd.
686
687
688
689		http://www.webhostingtalk.ir/f15/66607/
690
691
692
693		http://blog.dynamoo.com/2012/12/zbot-sites-to-block-51212.html
694
695		Poshtibanan Pardazesh Aseman
696
697		mail.9movie.ir
698		9movie.ir
699		ofoghnews.ir
700		dibisolutions.info
701		bazykon.com
702		froodgolf.com
703		iihsep.com
704		iihsep.ir
705		golestanmet.ir
706		ferdowsifinance.ir
707		irpoultry.net
708		rahpuyan-car.com
709		rahbord.info
710		rahpuyan-kar.com
711		tamebartar.com
712		golbto.com
713		usaip.eu
714		arpj.net
715		GoLbTo.com
716		MirBehBahAni.com
717		vorkan.ir
718		bema.biz
719		aaico.net
720		e-pnu.com
721		aatbiz.com
722		www.Behfarm.com
723		avdco.net
724		porosha.com
725		iranoilseeds.com
726		Talashgroupco.com
727		Tobnoxel.com
728		ganrrc.org.ir
729		gup.ir
730		emexinvestment.com
731		bushoo.com
732		thunderlights.com