[an error occurred while processing this directive]
The report for this spam can be found at: 2008 Deadbeats Page 02.
Return-Path: <lojraks@lojra-ks.com>
Received: from nepuweb8.net-publics.de (213.203.202.22) by studio42.com
with ESMTP (Eudora Internet Mail Server 3.2.10) for <chris@studio42.com>;
Mon, 14 Apr 2008 21:02:37 -0700
Received: from mail.hi5.com (kreta207.myserver.t-online.de [80.154.33.201])
by nepuweb8.net-publics.de (Postfix) with ESMTP id 0BEF0970AA7 for <chris@studio42.com>;
Tue, 15 Apr 2008 03:25:30 +0200 (CEST)
From: "Xhinajeta Hasani" <lojraks@lojra-ks.com>
To: "chris" <chris@studio42.com>
Subject: Welcome to Www.LojraKs.Com Free Online Games
Date: Tue, 15 Apr 2008 03:25:20 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0000_01C6527E.AE8904D0"
Message-Id: <20080415012530.0BEF0970AA7@nepuweb8.net-publics.de>
You are welcome to Www.LojraKs.Com Free Online Games.
You Can Play how much you want.
There are 2200 Free Flash Games..
Best Regards
Www.LojraKs.Com
[studio42@flatus studio42]$ host 213.203.202.22
22.202.203.213.in-addr.arpa domain name pointer nepuweb8.net-publics.de.
[studio42@flatus studio42]$ whois 213.203.202.22@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '213.203.202.0 - 213.203.202.255'
inetnum: 213.203.202.0 - 213.203.202.255
netname: DE-NETPUBLICS
descr: Net-Publics
descr: Customer PA Space
country: DE
admin-c: KG476-RIPE
tech-c: BONE-RIPE
status: ASSIGNED PA
remarks: Send abuse reports to abuse@inetbone.net
mnt-by: INET-PEOPLE-MNT
mnt-lower: INET-PEOPLE-MNT
mnt-routes: INET-PEOPLE-MNT
source: RIPE # Filtered
person: Karlo Gross
address: Net-Publics
address: Blombachweg 11
address: 40625 Duesseldorf
address: DE
phone: +49 4662 775134
nic-hdl: KG476-RIPE
mnt-by: INET-PEOPLE-MNT
source: RIPE # Filtered
person: INET-People Hostmaster
address: In der Steele 37a
address: 40599 Duesseldorf
address: Germany
phone: +49 (0) 211 749699910
mnt-by: INET-PEOPLE-MNT
nic-hdl: BONE-RIPE
remarks:
remarks: +---------------------------------------------------------------
+
remarks: | please direct peering requests to: peering()inetbone.net
|
remarks: | for abuse use **only**: abuse()inetbone.net
|
remarks: +---------------------------------------------------------------
+
remarks:
source: RIPE # Filtered
abuse-mailbox: abuse@inetbone.net
% Information related to '213.203.192.0/19AS25074'
route: 213.203.192.0/19
descr: INET-People
descr: Providerservices
origin: AS25074
mnt-by: INET-PEOPLE-MNT
source: RIPE # Filtered
% Information related to '213.203.202.0/24AS25074'
route: 213.203.202.0/24
descr: iNet-People
descr: Providerservices
origin: AS25074
remarks: no-export
mnt-by: INET-PEOPLE-MNT
source: RIPE # Filtered
Poorly configured server spotted.
[studio42@flatus studio42]$ host 80.154.33.201
201.33.154.80.in-addr.arpa domain name pointer kreta207.myserver.t-online.de.
[studio42@flatus studio42]$ whois 80.154.33.201@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '80.154.32.0 - 80.154.63.255'
inetnum: 80.154.32.0 - 80.154.63.255
netname: TOIAG-ROOTSERVER-02
descr: T-Online International AG
country: DE
admin-c: DTST
tech-c: DTST
status: ASSIGNED PA
mnt-by: DTAG-NIC
source: RIPE # Filtered
person: Security Team
address: Deutsche Telekom AG
address: Germany
phone: +49 180 5334332
fax-no: +49 180 5334252
e-mail: abuse@t-ipnet.de
nic-hdl: DTST
mnt-by: DTAG-NIC
source: RIPE # Filtered
% Information related to '80.128.0.0/11AS3320'
route: 80.128.0.0/11
descr: Deutsche Telekom AG, Internet service provider
origin: AS3320
member-of: AS3320:RS-PA-TELEKOM
mnt-by: DTAG-RR
source: RIPE # Filtered
Is this the injection point? Zombie?
I can't see further. Most likely a blind pick-up.
Onto scammer site:
[studio42@flatus studio42]$ host Www.LojraKs.Com
Www.LojraKs.Com has address 4.79.81.151
[studio42@flatus studio42]$ host 4.79.81.151
Host 151.81.79.4.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus studio42]$ whois 4.79.81.151@whois.arin.net
[whois.arin.net]
OrgName: Level 3 Communications, Inc.
OrgID: LVLT
Address: 1025 Eldorado Blvd.
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US
NetRange: 4.0.0.0 - 4.255.255.255
CIDR: 4.0.0.0/8
NetName: LVLT-ORG-4-8
NetHandle: NET-4-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS1.LEVEL3.NET
NameServer: NS2.LEVEL3.NET
Comment:
RegDate:
Updated: 2004-06-04
OrgAbuseHandle: APL8-ARIN
OrgAbuseName: Abuse POC LVLT
OrgAbusePhone: +1-877-453-8353
OrgAbuseEmail: security@level3.com
OrgTechHandle: ARINC4-ARIN
OrgTechName: ARIN Contact
OrgTechPhone: +1-800-436-8489
OrgTechEmail: arin-contact@genuity.com
OrgTechHandle: TPL1-ARIN
OrgTechName: Tech POC LVLT
OrgTechPhone: +1-877-453-8353
OrgTechEmail: ipaddressing@level3.com
# ARIN WHOIS database, last updated 2008-04-14 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
[studio42@flatus studio42]$ host .LojraKs.Com
host: '.LojraKs.Com' is not a legal name (empty label)
[studio42@flatus studio42]$ whois lojraks.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: LOJRAKS.COM
Registrar: NAME.COM LLC
Whois Server: whois.name.com
Referral URL: http://www.name.com
Name Server: NS1.NAME.COM
Name Server: NS2.NAME.COM
Name Server: NS3.NAME.COM
Name Server: NS4.NAME.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 10-apr-2008
Creation Date: 10-apr-2008
Expiration Date: 10-apr-2009
>>> Last update of whois database: Tue, 15 Apr 2008 00:10:48 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.name.com]
The Data in the Name.com LLC WHOIS database is provided by Name.com LLC for info
rmation purposes, and to assist persons in obtaining information about or relate
d to a domain name registration record. Name.com LLC does not guarantee its acc
uracy. By submitting a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass unsolicited, c
ommercial advertising or solicitations via e-mail (spam); or (2) enable high vol
ume, automated, electronic processes that apply to Name.com LLC (or its systems)
. Name.com LLC reserves the right to modify these terms at any time. By submitt
ing this query, you agree to abide by this policy.
Domain Name: lojraks.com
Registrar: Name.com LLC
Expiration Date: 2009-04-10 00:00:00
Creation Date: 2008-04-10 05:22:15
Name Servers:
NS1.NAME.COM
NS2.NAME.COM
NS3.NAME.COM
NS4.NAME.COM
REGISTRANT CONTACT INFO
Protected Domain Services
125 Rampart Way
Suite 300
Denver
CO
80230
US
Email Address: lojraks.com@protecteddomainservices.com
ADMINISTRATIVE CONTACT INFO
Protected Domain Services
125 Rampart Way
Suite 300
Denver
CO
80230
US
Email Address: lojraks.com@protecteddomainservices.com
TECHNICAL CONTACT INFO
Protected Domain Services
125 Rampart Way
Suite 300
Denver
CO
80230
US
Email Address: lojraks.com@protecteddomainservices.com
BILLING CONTACT INFO
Protected Domain Services
125 Rampart Way
Suite 300
Denver
CO
80230
US
Email Address: lojraks.com@protecteddomainservices.com
0.11651000 1208232679
