Subject: Ground Floor Pre-IPO Opportunity

[an error occurred while processing this directive]
The report for this spam can be found at: 1998 Deadbeats Page 14.
Return-Path: <best25@worldonline.nl>
Received: from mail.baystreet.com (mail.baystreet.com [207.102.108.129])	
by tomcat.ns.net (8.8.5/8.8.5) with ESMTP id TAA18759	for <cpicket@ns.net>; 
Fri, 18 Sep 1998 19:39:27 -0700 (PDT)
From: best25@worldonline.nl
Message-Id: <199809190239.TAA18759@tomcat.ns.net>
Received: from [207.102.108.129] ([209.203.195.179]) by mail.baystreet.com
          (Post.Office MTA v3.5.1 release 219 ID# 0-55097U100L2S100V35)
          with SMTP id com; Fri, 18 Sep 1998 19:36:13 -0700
Date: Fri, 18 Sep 98 22:35:30 EST
To: allofyou@aol.com
Subject: Ground Floor Pre-IPO Opportunity
X-UIDL: 78ea95e3ac3302c18240c14ea778b27e

>nslookup 207.102.108.129
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    mail.baystreet.com
Address:  207.102.108.129
Hijacked server located. Now, the spammer forged the IP address to either relay, or to just
forge.

>nslookup 209.203.195.179
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    209-203-195-179.dialup.954access.net
Address:  209.203.195.179
Spammer located. I'm not amused.

Onto the web site:
>nslookup 195.188.169.213
Server:  ns.mediacity.com
Address:  205.216.172.10

*** ns.mediacity.com can't find 195.188.169.213: Non-existent host/domain

>traceroute 195.188.169.213
traceroute to 195.188.169.213 (195.188.169.213), 30 hops max, 40 byte packets
 1  grfge002 (205.216.172.1)  0.477 ms  0.296 ms  0.290 ms
 2  bordercore2-hssi0-0-0.SanFrancisco.mci.net (166.48.15.249)  2.352 ms  2.306ms  2.245 ms
 3  core7.SanFrancisco.mci.net (204.70.4.93)  2.772 ms  2.459 ms  2.644 ms
 4  Hssi5-1-0.BR1.SFO1.alter.net (206.157.77.78)  3.608 ms  3.321 ms  3.248 ms
 5  114.ATM3-0.XR2.SCL1.ALTER.NET (146.188.145.210)  5.498 ms  5.698 ms  5.179 ms
 6  294.ATM3-0.TR2.SCL1.ALTER.NET (146.188.146.30)  4.981 ms  4.938 ms  5.335 ms
 7  107.ATM6-0.TR2.DCA1.ALTER.NET (146.188.136.225)  74.533 ms  74.214 ms  73.779 ms
 8  198.ATM9-0-0.XR2.TCO1.ALTER.NET (146.188.161.189)  75.761 ms  82.450 ms  75.901 ms
 9  192.ATM1-0-0.GW1.TCO1.ALTER.NET (146.188.160.37)  82.481 ms  77.725 ms  79.580 ms
10  Telewest-gw.customer.ALTER.NET (157.130.33.26)  89.818 ms  76.582 ms  76.607 ms
11  h21-isp1-edi.cableinet.net (193.38.108.66)  207.531 ms  208.985 ms  210.551 ms
12  s11-lochfort-edi.cableinet.net (194.117.150.144)  218.454 ms  223.354 ms  231.519 ms
13  195.188.169.213 (195.188.169.213)  222.242 ms  229.916 ms  231.281 ms

>whois -h whois.arin.net 195.188.169.0
European Regional Internet Registry/RIPE NCC (NETBLK-RIPE-C)
   These addresses have been further assigned to European users.
   Their contact information can be found in the RIPE database.
   See below how to use that database to obtain up-to-date information.

   Netname: RIPE-CBLK3
   Netblock: 195.0.0.0 - 195.255.255.0
   Maintainer: RIPE

   Coordinator:
      RIPE Network Co-ordination Centre  (RNC-ORG-ARIN)  nicdb@RIPE.NET
      +31 20 535 4444
Fax- +31 20 535 4445

   Domain System inverse mapping provided by:

   NS.RIPE.NET                  193.0.0.193
   NS.EU.NET                    192.16.202.11
   AUTH03.NS.UU.NET             198.6.1.83
   NS2.NIC.FR                   192.93.0.4
   SUNIC.SUNET.SE               192.36.148.18
   MUNNARI.OZ.AU                128.250.1.21
   SVC01.APNIC.NET              202.12.28.131

I think I'll just go to the upstream on this one.
Got Betacam SP or UMatic SP tapes? We can transfer those for you!