[an error occurred while processing this directive]
The report for this spam can be found at: IN Formation Edition.

The report for this spam can also be found at: Market Response Center Edition. 
Return-Path: <amatayi@syfed.tg.refer.org>
Received: from nic.sch.bme.hu ([152.66.148.1])
          by santaclara01.pop.internex.net (Post.Office MTA v3.1.2
          release (PO203-101c) ID# 0-34792U7500L7500S0) with ESMTP
          id AAA12228 for <chris@lanets.com>;
          Sun, 5 Jul 1998 01:11:51 -0700
Received: from java.sch.bme.hu (root@java.sch.bme.hu [152.66.148.6])	
by nic.sch.bme.hu (8.8.8/8.8.8) with SMTP id KAA30403;	
Sun, 5 Jul 1998 10:07:48 +0200 (MET DST)
From: amatayi@syfed.tg.refer.org
Received: from pavilion by java.sch.bme.hu (SMI-8.6/SMI-SVR4)	id FAA18143; 
Sun, 5 Jul 1998 05:24:13 +0200
Date: Sun, 5 Jul 1998 05:24:13 +0200
Message-Id: <199807050324.FAA18143@java.sch.bme.hu>
To: Customer@yourplace.com
Subject: Find Out Anything About Anyone On The Net  !!!! !!!

>nslookup 152.66.148.1
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    nic.sch.bme.hu
Address:  152.66.148.1
How nice, relaying via Hungarian servers. With this IP address, I'd assume this would be a
router though.

>nslookup 152.66.148.6
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    java.sch.bme.hu
Address:  152.66.148.6
Hijacked server located.

Unfortunately, the above server doesn't reveal the location of the spammer. This is apparently
the trademark of Pavilion Advertising Services.

Onto the removal site:
>nslookup 209.84.246.162
Server:  ns.mediacity.com
Address:  205.216.172.10

*** ns.mediacity.com can't find 209.84.246.162: Server failed

>traceroute 209.84.246.162
traceroute to 209.84.246.162 (209.84.246.162), 30 hops max, 40 byte packets
 1  grfge002 (205.216.172.1)  0.500 ms  0.353 ms  0.291 ms
 2  bordercore2-hssi0-0-0.SanFrancisco.mci.net (166.48.15.249)  2.469 ms  2.260ms  2.262 ms
 3  core7.SanFrancisco.mci.net (204.70.4.93)  2.496 ms  2.519 ms  2.613 ms
 4  Hssi5-1-0.BR1.SFO1.alter.net (206.157.77.78)  4.973 ms  4.485 ms  4.166 ms
 5  114.ATM3-0.XR2.SCL1.ALTER.NET (146.188.145.210)  16.527 ms  19.286 ms  21.617 ms
 6  294.ATM2-0.TR2.SCL1.ALTER.NET (146.188.146.26)  24.514 ms  16.130 ms  15.598 ms
 7  107.ATM8-0-0.TR2.SEA1.ALTER.NET (146.188.137.190)  27.886 ms  27.341 ms  27.320 ms
 8  100.ATM8-0-0.XR2.SEA1.ALTER.NET (146.188.200.121)  27.504 ms  27.381 ms  27.551 ms
 9  194.ATM1-0-0.GW2.SEA1.ALTER.NET (146.188.200.53)  28.765 ms  28.187 ms  28.839 ms
10  209.84.246.1 (209.84.246.1)  35.767 ms  37.020 ms  36.897 ms
11  209.84.246.162 (209.84.246.162)  38.873 ms  45.053 ms  37.152 ms

>whois -h whois.arin.net 209.84.246.0
GTE Intelligent Network Services (NETBLK-GTE-CIDR-2) GTE-CIDR-2
                                                   209.84.0.0 - 209.84.255.255
Market Response Center (NETBLK-GTE-CUST-MRS) GTE-CUST-MRS
                                                 209.84.246.0 - 209.84.246.255

>whois -h whois.arin.net GTE-CUST-MRS
Market Response Center (NETBLK-GTE-CUST-MRS)
   5729 Lakeview Dr. Ste 101
   Kirkland, WA 98033
   USA

   Netname: GTE-CUST-MRS
   Netblock: 209.84.246.0 - 209.84.246.255

   Coordinator:
      GTE IP Administration  (GIA2-ORG-ARIN)  ipadmin@GTE.NET
      (972) 751-3900
Fax- (972) 753-1297

   Record last updated on 11-May-98.
   Database last updated on 3-Jul-98 16:09:27 EDT.
Got video tapes? Need DVDs? $32 per tape gets it done fast!