Subject: RANKED AS THE #1 OPPORTUNITY!!!!

The Deadbeats Hall of Lame
Warning: Not all menu items are working. We're working on this but this site is a low-priority project.
Got video tapes? Need DVDs? $32 per tape gets it done fast!
The report for this spam can be found at: 2001 Deadbeats Page 06.
Return-Path: <katie617@hotmail.com>
Received: from cnnb.com.cn (61.153.19.90) by studio42.com with SMTP (Eudora 
Internet Mail Server 3.0.3) for <webmaster@studio42.com>; Thu, 6 Sep 2001 18:38:58 +0100
Received: (qmail 32755 invoked by uid 501); 7 Sep 2001 09:25:46 +0800
Received: from unknown (HELO 202.104.147.40) (65.141.15.68)  by 61.153.19.90 
with SMTP; 7 Sep 2001 09:25:46 +0800
Message-ID: <0000338a195c$00000ecf$00006a9f@202.101.10.68>
To: <Undisclosed Recipients@studio42.com>
From: katie617@hotmail.com
Subject: RANKED AS THE #1 OPPORTUNITY!!!!
Date: Thu, 06 Sep 2001 11:45:49 -0700
MIME-Version: 1.0
Content-Type: text/html;	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Priority: 1
X-MSMail-Priority: High
Reply-To: katie611@hotmail.com

$ nslookup 61.153.19.90
Server:  studio42.com
Address:  10.1.1.2

*** studio42.com can't find 61.153.19.90: Non-existent host/domain
$ nslookup cnnb.com.cn
Server:  studio42.com
Address:  10.1.1.2

Non-authoritative answer:
Name:    cnnb.com.cn
Address:  61.153.19.89
Close enough. I want the netblock so I can block it. China need not send mail to Studio42.

$ whois 61.153.19.90@whois.apnic.net
[whois.apnic.net]

% Rights restricted by copyright. See http://www.apnic.net/db/dbcopyright.html
% (whois6.apnic.net)

inetnum:     61.153.0.0 - 61.153.255.255
netname:     CHINANET-ZJ
descr:       CHINANET Zhejiang province network
descr:       Data Communication Division
descr:       China Telecom
country:     CN
admin-c:     CH93-AP
tech-c:      YC30-AP
mnt-by:      MAINT-CHINANET
mnt-lower:   MAINT-CHINANET-ZJ
changed:     weitj@cndata.com 20010315
source:      APNIC

person:      Chinanet Hostmaster
address:     A12,Xin-Jie-Kou-Wai Street
country:     CN
phone:       +86-10-62370437
fax-no:      +86-10-62053995
e-mail:      hostmaster@ns.chinanet.cn.net
nic-hdl:     CH93-AP
mnt-by:      MAINT-CHINANET
changed:     hostmaster@ns.chinanet.cn.net 20000101
source:      APNIC

person:      YICHUN WANG
address:     NO 378 YAN'AN ROAD,HANGZHOU, ZHEJIANG PROVINCE,310006
country:     CN
phone:       +86-571-7015441
fax-no:      +86-571-7015514
e-mail:      ycwang@dcb.hz.zj.cn
nic-hdl:     YC30-AP
mnt-by:      MAINT-CHINANET-ZJ
changed:     ycwang@dcb.hz.zj.cn 20000328
source:      APNIC

OK, done. Onto the spammer:

$ nslookup 202.104.147.40
Server:  studio42.com
Address:  10.1.1.2

*** studio42.com can't find 202.104.147.40: Server failed

$ whois 202.104.147.40@whois.apnic.net
[whois.apnic.net]

% Rights restricted by copyright. See http://www.apnic.net/db/dbcopyright.html
% (whois6.apnic.net)

inetnum:     202.104.147.0 - 202.104.147.255
netname:     SHENZHEN-LMXX-INFOR-LTD
descr:       SHENZHEN-LONGMAIXINXI INFORAMATION CO.LTD
country:     CN
admin-c:     LX140-AP
tech-c:      LX140-AP
mnt-by:      MAINT-CHINANET-GD
changed:     ipadm@gddc.com.cn 20010622
source:      APNIC

person:      LI XINKAIG
address:     F9,HONGBO MANSION,HONGHUYI STREET,SHENZHEN
country:     CN
phone:       +86-755-8810640
fax-no:      +86-755-8810301
e-mail:      ipuser@gddc.com.cn
nic-hdl:     LX140-AP
mnt-by:      MAINT-CHINANET-GD
changed:     ipadm@gddc.com.cn 20010622
source:      APNIC

Somehow I don't think this is the spammer, but merely an open relay on the network.
Regardless, another Chinese netblock to block.

Onto the web site:

$ nslookup tigerhold1.com
Server:  studio42.com
Address:  10.1.1.2

Non-authoritative answer:
Name:    tigerhold1.com
Address:  64.39.171.43

$ whois 64.39.171.43@whois.arin.net
[whois.arin.net]
Golden Triangle Online (NETBLK-GOLDEN-BLK-2)
   279 King St. W. Third Floor
   Kitchener, ON N2G 1B6
   CA

   Netname: GOLDEN-BLK-2
   Netblock: 64.39.160.0 - 64.39.191.255
   Maintainer: GTO

   Coordinator:
      Dominguez, Francisco  (FD194-ARIN)  fxdoming@golden.net
      519-576-3334 (FAX) (519)576-5567

   Domain System inverse mapping provided by:

   NS.GOLDEN.NET                199.166.210.2
   NS2.GOLDEN.NET               199.166.210.5

   ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

   Record last updated on 02-Apr-2001.
   Database last updated on 5-Sep-2001 23:16:33 EDT.

$ whois tigerhold1.com@whois.networksolutions.com
[whois.networksolutions.com]
The Data in Network Solutions' WHOIS database is provided by Network
Solutions for information purposes, and to assist persons in obtaining
information about or related to a domain name registration record.
Network Solutions does not guarantee its accuracy.  By submitting a
WHOIS query, you agree that you will use this Data only for lawful
purposes and that, under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail
(spam); or  (2) enable high volume, automated, electronic processes
that apply to Network Solutions (or its systems).  Network Solutions
reserves the right to modify these terms at any time.  By submitting
this query, you agree to abide by this policy.

 The data contained in Dotster, Inc.'s WHOIS database, while
believed by the company to be reliable, is provided "as is",
with no guarantee or warranties regarding its accuracy.  This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose, including, but not
limited to, allowing or making possible dissemination or
collection of this data in part or in its entirety for any
purpose, such as the transmission of unsolicited advertising and
solicitations, is expressly forbidden without the prior written
permission of Dotster, Inc. By submitting an inquiry, you agree
to these terms of usage and limitations of warranty.
Please limit your queries to 10 per minute and one connection.

Registrant:
   Marigold Flowering
   127 Hyde Street
    Los Angeles, CA 90026
   US

   Registrar: Dotster (http://www.dotster.com)
   Domain Name: TIGERHOLD1.COM
      Created on: 30-JAN-01
      Expires on: 30-JAN-02
      Last Updated on: 29-AUG-01

   Administrative Contact:
      Smathers, George  georgesmathers@excite.com
      Marigold Flowering
      127 Hyde Street
       Los Angeles, CA  90026
      US
      213 626 8878
      213 455 9872

   Technical Contact:
      Smathers, George  georgesmathers@excite.com
      Marigold Flowering
      127 Hyde Street
       Los Angeles, CA  90026
      US
      213 626 8878
      213 455 9872


   Domain servers in listed order:
      NS1.THUNDERSTAR.NET
      NS2.THUNDERSTAR.NET

Register a domain name at www.dotster.com

End of Whois Information
The previous information has been obtained either directly from the
registrant or a registrar of the domain name other than Network Solutions.
Network Solutions, therefore, does not guarantee its accuracy or
completeness.
Got Betacam SP or UMatic SP tapes? We can transfer those for you!