[an error occurred while processing this directive]
The report for this spam can be found at: 2008 Liu Li Edition.
.
Return-Path: <richardhowells767@hotmail.com>
Received: from bay0-omc3-s36.bay0.hotmail.com (65.54.246.236) by studio42.com
with ESMTP (Eudora Internet Mail Server 3.2.10) for <myfreepaysite@studio42.com>;
Mon, 28 Apr 2008 22:07:32 -0700
Received: from BAY106-W16 ([65.54.161.116]) by bay0-omc3-s36.bay0.hotmail.com
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 28 Apr 2008 22:07:21 -0700
Message-ID: <BAY106-W1696CCD62324917CA17F8DF8D90@phx.gbl>
Return-Path: richardhowells767@hotmail.com
X-Originating-IP: [212.154.177.98]
From: Richard Howells <richardhowells767@hotmail.com>
To: <myprays@usa.com>
Subject: Vpxl pills are a unique blend of all natural and FDA approved ingredients.
Date: Tue, 29 Apr 2008 05:07:21 +0000
Importance: Normal
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 29 Apr 2008 05:07:21.0546 (UTC) FILETIME=[E7A39AA0:01C8A9B6]
67% of all women admitted that they are unhappy with their partner's penis size.
http://nvuayte.com
_________________________________________________________________
Make i'm yours.Ê Create a custom banner to support your cause.
http://im.live.com/Messenger/IM/Contribute/Default.aspx?source=TXT_TAGHM_MSN_Make_IM_Yours
[studio42@flatus studio42]$ host 65.54.246.236
236.246.54.65.in-addr.arpa domain name pointer bay0-omc3-s36.bay0.hotmail.com.
[studio42@flatus studio42]$ whois 65.54.246.236@whois.arin.net
[whois.arin.net]
OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
NetRange: 65.52.0.0 - 65.55.255.255
CIDR: 65.52.0.0/14
NetName: MICROSOFT-1BLK
NetHandle: NET-65-52-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:
RegDate: 2001-02-14
Updated: 2004-12-09
RTechHandle: ZM23-ARIN
RTechName: Microsoft Corporation
RTechPhone: +1-425-882-8080
RTechEmail: noc@microsoft.com
OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName: Hotmail Abuse
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@hotmail.com
OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName: MSN ABUSE
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@msn.com
OrgNOCHandle: ZM23-ARIN
OrgNOCName: Microsoft Corporation
OrgNOCPhone: +1-425-882-8080
OrgNOCEmail: noc@microsoft.com
OrgTechHandle: MSFTP-ARIN
OrgTechName: MSFT-POC
OrgTechPhone: +1-425-882-8080
OrgTechEmail: iprrms@microsoft.com
# ARIN WHOIS database, last updated 2008-04-28 19:40
# Enter ? for additional hints on searching ARIN's WHOIS database.
Hotmail doesn't want to be left out of the spammer's games.
Onto the spammer:
[studio42@flatus studio42]$ host 212.154.177.98
Host 98.177.154.212.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus studio42]$ whois 212.154.177.98@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '212.154.177.0 - 212.154.177.255'
inetnum: 212.154.177.0 - 212.154.177.255
netname: SHYMMETRO
descr: JSC Kazakhtelecom, South Kazakhstan Affiliate
descr: Metro Ethernet Network
descr: Shymkent
country: KZ
remarks: INFRA-AW
admin-c: JS7303-RIPE
tech-c: JS7303-RIPE
status: ASSIGNED PA
mnt-by: KNIC-MNT
source: RIPE # Filtered
person: Jandos Shaldanbaev
address: JSC Kazakhtelecom, South Kazakhstan Affiliate
address: 24 Kazibek bi Str, Shymkent, 160000
address: Kazakhstan
phone: +7 7252 589414
e-mail: cec@shimkent.kz
fax-no: +7 7252 589714
nic-hdl: JS7303-RIPE
source: RIPE # Filtered
% Information related to '212.154.128.0/17AS9198'
route: 212.154.128.0/17
descr: Kazakhtelecom Data Network Administration
origin: AS9198
mnt-by: KNIC-MNT
source: RIPE # Filtered
% Information related to '212.154.176.0/22AS9198'
route: 212.154.176.0/22
descr: Kazakhtelecom Data Network Administration
origin: AS9198
mnt-by: KNIC-MNT
source: RIPE # Filtered
Most likely a zombie
Onto scammer site:
[studio42@flatus studio42]$ host nvuayte.com
nvuayte.com has address 116.123.47.67
[studio42@flatus studio42]$ host 116.123.47.67
Host 67.47.123.116.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus studio42]$ whois 116.123.47.67@whois.krnic.net
[whois.krnic.net]
query: 116.123.47.67
# ENGLISH
KRNIC is not an ISP but a National Internet Registry similar to APNIC.
The IPv4 address is allocated and still held by the following ISP,
or its Whois information is not updated after assigned to end users.
Please contact following ISP for further information.
[ ISP Organization Information ]
Org Name : Hanaro Telecom Inc.
Service Name : HANANET
Org Address : Yeoeuido-dong Yeongdeungpo-gu SEOUL
Org Detail Address: 17-7 Asia One Bldg.
[ ISP IPv4 Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@hanaro.com
[ ISP IPv4 Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-mail : ip-adm@hanaro.com
[ ISP Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-mail : abuse@hanaro.com
[studio42@flatus studio42]$ whois nvuayte.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: NVUAYTE.COM
Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com
Name Server: NS1.OWAJGNED.COM
Name Server: NS2.OWAJGNED.COM
Status: ok
Updated Date: 27-apr-2008
Creation Date: 27-apr-2008
Expiration Date: 27-apr-2009
>>> Last update of whois database: Tue, 29 Apr 2008 01:29:43 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.paycenter.com.cn]
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:nvuayte.com
Registrant:
Liu Li
huan cheng nan lu 104 hao
710002
Administrative Contact:
liuli
Liu Li
huan cheng nan lu 104 hao
xian Shanxi 710002
CN
tel: 298 323298
fax: 298 323298
yayun22@163.com
Technical Contact:
liuli
Liu Li
huan cheng nan lu 104 hao
xian Shanxi 710002
CN
tel: 323298
fax: 323298
yayun22@163.com
Billing Contact:
liuli
Liu Li
huan cheng nan lu 104 hao
xian Shanxi 710002
CN
tel: 323298
fax: 323298
yayun22@163.com
Registration Date: 2008-04-28
Update Date: 2008-04-28
Expiration Date: 2009-04-28
Primary DNS: ns1.owajgned.com 116.123.47.67
Secondary DNS: ns2.owajgned.com 211.49.115.50
I bet I know what's next:
[studio42@flatus studio42]$ host ns1.owajgned.com
ns1.owajgned.com has address 116.123.47.67
[studio42@flatus studio42]$ host ns2.owajgned.com
ns2.owajgned.com has address 211.49.115.50
[studio42@flatus studio42]$ host 211.49.115.50
Host 50.115.49.211.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus studio42]$ whois 211.49.115.50@whois.krnic.net
[whois.krnic.net]
query: 211.49.115.50
# ENGLISH
KRNIC is not an ISP but a National Internet Registry similar to APNIC.
The following is organization information that is using the IPv4 address.
IPv4 Address : 211.49.115.0-211.49.115.255
Network Name : HANANET-INFRA
Connect ISP Name : HANANET
Connect Date : 20000921
Registration Date : 20031020
Publishes : Y
[ Organization Information ]
Organization ID : ORG3930
Org Name : Hanaro Telecom Inc.
Address : Yeoeuido-dong Yeongdeungpo-gu SEOUL
Detail Address : 17-7 Asia One Bldg.
Zip Code : 150-874
[ Technical Contact Information ]
Name : IP manager
Org Name : Hanaro Telecom Inc.
Address : Yeoeuido-dong Yeongdeungpo-gu SEOUL
Detail Address : 17-7 Asia One Bldg.
Zip Code : 150-874
Phone : +82-2-106-2
E-Mail : ip-adm@hanaro.com
--------------------------------------------------------------------------------
If the above contacts are not reachable, please contact following ISP
for further information.
[ ISP IPv4 Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@hanaro.com
[ ISP IPv4 Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@hanaro.com
[ ISP Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@hanaro.com
[studio42@flatus studio42]$ whois owajgned.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: OWAJGNED.COM
Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com
Name Server: NS1.OWAJGNED.COM
Name Server: NS2.OWAJGNED.COM
Status: ok
Updated Date: 15-apr-2008
Creation Date: 15-apr-2008
Expiration Date: 15-apr-2009
>>> Last update of whois database: Tue, 29 Apr 2008 05:31:15 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.paycenter.com.cn]
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:owajgned.com
Registrant:
Liu Bing
NO.216,wanbaodadao street,changsha City
410000
Administrative Contact:
LiuBing
Liu Bing
NO.216,wanbaodadao street,changsha City
changsha Hunan 410000
CN
tel: 288 3265698
fax: 288 3265698
yayun22@163.com
Technical Contact:
LiuBing
Liu Bing
NO.216,wanbaodadao street,changsha City
changsha Hunan 410000
CN
tel: 3265698
fax: 3265698
yayun22@163.com
Billing Contact:
LiuBing
Liu Bing
NO.216,wanbaodadao street,changsha City
changsha Hunan 410000
CN
tel: 3265698
fax: 3265698
yayun22@163.com
Registration Date: 2008-04-15
Update Date: 2008-04-15
Expiration Date: 2009-04-15
Primary DNS: ns1.owajgned.com 116.123.47.67
Secondary DNS: ns2.owajgned.com 211.49.115.50
