They have been caught distributing malvertizing.
Current registration details are:
ICANN Registrar: REGTIME LTD
Created 24 March 2008
IP: 126.96.36.199 – New York, Internet Path Inc
Jacob Tua (firstname.lastname@example.org)
+381 113 114 094
It should be noted that gilmoursmedia.com was originally registered via the infamous ESTDOMAINS, to a “Jacob Tua” of Maltiskam 12-67, Belgrade, 11008, telephone +381.113114094.
More importantly, the email address for “Jacob Tua” was “email@example.com“. See this Apple discussion forum conversation about a the clipboard hijacking problem – the same clipboard hijacking problem that led to Adobe changing the way Flash behaves:
The domain being copied to clipboard via the Flash exploit was “windowsxp-privacy.net“, which just so happened to be registered to, you guessed it, firstname.lastname@example.org!! This information was posted to the discussion thread on 20 August 2008.
“Jacob Tua” was also listed as owning adclickmate.net, another domain associated with malvertizing:
The contact phone number for Gilmours Media is/was the same as that for “Trackstar Media”, being tel 401.237.4731.
But the address is different, being 17 Vernon Street, Warren:
trackstarmedia.com was suspended due to inaccurate WHOIS information. That domain has also been featured on this blog before: