Change your OIP and L2C passwords immediately, and at first chance change all your PTR passwords! This site seems to me to be a way to fool people in to creating an account, and many people use the same name and pass on similar sites, change them now so he can't hijack your accounts and divert the payment. Also, beware, OIP and L2C have a space to put in your SSN, I never give these to a site unless they demand it right before payment, but if you put them in and used the same pass he can get your SSN, with it identity theft is possible and fairly easy, I've seen it done. I can only hope none of you use the same pass for these kind of programs as you do for your primary mail or egold or paypal stuff.
I heard talk about something on his site attempting intrusions, I examined his source and there are no scripts other than an exit popup from a know advertiser. There are no embedded scripts or objects that I could find. However, it may be possible to scan a port automatically with PHP, I don't know if PHP can create sockets (I know very well it can be done with Perl or shell scripts). I did a fast rip with wget and did not see any hidden executables, but there is high port UDP activity coming from his site-he was not smart to ever encounter an IPTables user, eh? One odd little thing though-another site called paidemailsdaily (odd that there is also a site called paidmaildaily?) was mentioned in a letter from alienemails-alien warned that there was some kind of trojan in a popup there, I did not see any activity, I doubt that stuff can infect Konqueror or Lynx as most scripts only impact Windows junk anyway. But I started to think, what if this is a two part exploit? Say for example he somehow plants a popup at this paidemails daily site or is somehow involved with something there, and then next day unleashes this clickhunter site, designed to scan for the port the supposed trojan might occupy? A longshot but you never know nowadays I guess. Still I think identity theft is a likely goal, be careful people.

I did a little "investigating" at his site, I tracked down the information from RIPE. It is a slovak site. I won't bother contacting the upstream provider or the hosting company as I doubt they read english. PES consultants hosting, their sales site is webpriestor.sk

Registration info I pulled from a table:

Informcie o dom ne
Vlastnk: ATTI spol. s r. o.
Mesto: Komarno
I O: 30998271 (is this an ICQ number maybe??)
IP adresa: 212.80.70.84

matches the IP I got from whois and tracert.

Did some more stalking and found a "topsite" for hosting providers there http://www.czechweb.cz/providers/

and then I saw this interesting link: Diskuzn f rum
I can't read that kind of language but it seemed to be debates over hosting companies and there is someone posting there named "Petr". Might be how he spells it for his language.
Done all I can for now, the proxy I was using is now getting 403.6 (forbidden, IP ban) when I hit his site and I'm not going there with my real IP.

If any and I mean ANYTHING happens to any of my accounts at any PTR that I think is his fault, his scam site and that entire hosting company will recieve 300megabits per second of my displeasure...no joke...I will ddos them in to a flaming heap of burning 404 if anything happens to my money or he messes with my people in my downlines. I have reported this site to every traffic exchange that I am a member of, if it was US based I think the NSA and FBI would like to look at him too, but there is no jurisdiction for that part of the world-if he rips you off there won't be very much you can do and often these foreign hosting companies are crooked as well. Change your passes now and warn everyone to stay away that hasn't heard yet.