[an error occurred while processing this directive]
The report for this spam can be found at: 2008 Su Wei Edition.
Return-Path: <stuart-etoki@LaMesaglass.com>
Received: from tani.k.pl (193.239.59.33) by studio42.com with ESMTP (Eudora
Internet Mail Server 3.2.10) for <postmaster@studio42.com>; Tue, 3 Jun 2008 22:39:44 -0700
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_xdnFvHZYSQCbq0cnJxRXVV)"
Message-id: <50A16D2F-54E8-9942-7C3D-586B21505885@LaMesaglass.com>
From: stuart <stuart-etoki@LaMesaglass.com>
To: postmaster@studio42.com
Subject: Just 2 pills to add 2 inches
Date: Wed, 4 Jun 2008 07:39:50 +0200
X-Mailer: Apple Mail (2.924)
Small men, do not give up hope, your time is here right here.
http://www.liavema.com/
[studio42@flatus studio42]$ host 193.239.59.33
33.59.239.193.in-addr.arpa domain name pointer tani.k.pl.
[studio42@flatus studio42]$ whois 193.239.59.33@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '193.239.56.0 - 193.239.59.255'
inetnum: 193.239.56.0 - 193.239.59.255
netname: PROVIDER-WROCLAW
descr: PROVIDER Wroclaw multimedia network
descr: ul. Kozanowska 52/3
descr: Wroclaw
org: ORG-PA96-RIPE
country: PL
admin-c: TB2467-RIPE
tech-c: MF4577-RIPE
tech-c: AM7968-RIPE
status: ASSIGNED PI
mnt-by: PROVIDER-MNT
mnt-by: ATMAN-MNT
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-routes: PROVIDER-MNT
mnt-domains: PROVIDER-MNT
source: RIPE # Filtered
organisation: ORG-PA96-RIPE
org-name: PROVIDER
org-type: OTHER
address: KORBANK sp z o.o.
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30
e-mail: biuro@provider.k.pl
admin-c: TB2467-RIPE
mnt-ref: PROVIDER-MNT
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
person: Tymoteusz Bilyk
address: Provider Tymoteusz Bilyk
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30
phone: +48 71 784-40-84
e-mail: biuro@provider.k.pl
nic-hdl: TB2467-RIPE
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
person: Mirek Fafara
address: Provider Tymoteusz Bilyk
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30
phone: +48 71 784-40-84
e-mail: admin@k.pl
nic-hdl: MF4577-RIPE
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
person: Adrian Misiak
address: Provider Tymoteusz Bilyk
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30 ext. 160
phone: +48 71 784-40-84 ext. 160
e-mail: admin@k.pl
nic-hdl: AM7968-RIPE
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
% Information related to '193.239.56.0/22AS35179'
route: 193.239.56.0/22
descr: PROVIDER-WROCLAW (PL)
descr: PROVIDER Wroclaw multimedia network
descr: ul. Kozanowska 52/3
descr: Wroclaw
descr: Poland
origin: AS35179
org: ORG-PA96-RIPE
remarks: operational
mnt-by: PROVIDER-MNT
mnt-lower: PROVIDER-MNT
mnt-routes: PROVIDER-MNT
source: RIPE # Filtered
organisation: ORG-PA96-RIPE
org-name: PROVIDER
org-type: OTHER
address: KORBANK sp z o.o.
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30
e-mail: biuro@provider.k.pl
admin-c: TB2467-RIPE
mnt-ref: PROVIDER-MNT
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
% Information related to '193.239.58.0/23AS35179'
route: 193.239.58.0/23
descr: PROVIDER-WROCLAW (PL)
descr: PROVIDER Wroclaw multimedia network
descr: ul. Kozanowska 52/3
descr: Wroclaw
descr: Poland
origin: AS35179
org: ORG-PA96-RIPE
remarks: operational
mnt-by: PROVIDER-MNT
mnt-lower: PROVIDER-MNT
mnt-routes: PROVIDER-MNT
source: RIPE # Filtered
organisation: ORG-PA96-RIPE
org-name: PROVIDER
org-type: OTHER
address: KORBANK sp z o.o.
address: ul. Kozanowska 52/3
address: Wroclaw
address: Poland
phone: +48 71 781-76-30
e-mail: biuro@provider.k.pl
admin-c: TB2467-RIPE
mnt-ref: PROVIDER-MNT
mnt-by: PROVIDER-MNT
source: RIPE # Filtered
Seems like I should blacklist this.
Onto the scammer site:
[studio42@flatus studio42]$ host www.liavema.com
www.liavema.com has address 124.236.241.91
[studio42@flatus studio42]$ whois 124.236.241.91@whois.apnic.net
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 124.236.0.0 - 124.239.255.255
netname: CHINANET-HE
descr: CHINANET hebei province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: BR3-AP
tech-c: CH93-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-HE
mnt-routes: MAINT-CHINANET-HE
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20060725
source: APNIC
person: Bin Ren
nic-hdl: BR3-AP
e-mail: hostmaster@hbtele.com
address: NO.69 KunLun avenue, Shijiazhuang 050000 China
phone: +86-311-85211612
fax-no: +86-311-85211616
country: CN
changed: renbin@hbtele.com 20060606
mnt-by: MAINT-CHINANET-HE
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
[studio42@flatus studio42]$ whois liavema.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: LIAVEMA.COM
Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com
Name Server: NS1.CEAIUSTEM.COM
Name Server: NS2.CEAIUSTEM.COM
Status: ok
Updated Date: 03-jun-2008
Creation Date: 03-jun-2008
Expiration Date: 03-jun-2009
>>> Last update of whois database: Wed, 04 Jun 2008 02:14:04 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.paycenter.com.cn]
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:liavema.com
Registrant:
Hu Fang
hai ding qu cheng nan lu112 hao
421001
Administrative Contact:
yangyi
Hu Fang
hai ding qu cheng nan lu112 hao
haidingqu Beijing 421001
CN
tel: 108 2952070
fax: 108 2952070
yzlink@163.com
Technical Contact:
yangyi
Hu Fang
hai ding qu cheng nan lu112 hao
haidingqu Beijing 421001
CN
tel: 2952070
fax: 2952070
yzlink@163.com
Billing Contact:
yangyi
Hu Fang
hai ding qu cheng nan lu112 hao
haidingqu Beijing 421001
CN
tel: 2952070
fax: 2952070
yzlink@163.com
Registration Date: 2008-06-03
Update Date: 2008-06-03
Expiration Date: 2009-06-03
Primary DNS: ns1.ceaiustem.com 124.236.241.91
Secondary DNS: ns2.ceaiustem.com 221.230.2.221
Is Hu Fang the latest Beijing Butthole?
Onto his scummy DNS:
[studio42@flatus studio42]$ host ns1.ceaiustem.com
ns1.ceaiustem.com has address 124.236.241.91
[studio42@flatus studio42]$ host ns2.ceaiustem.com
ns2.ceaiustem.com has address 221.230.2.221
[studio42@flatus studio42]$ whois 221.230.2.221@whois.apnic.net
[whois.apnic.net]
% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 221.224.0.0 - 221.231.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20030626
status: ALLOCATED PORTABLE
source: APNIC
route: 221.228.0.0/14
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030630
source: APNIC
role: CHINANET JIANGSU
address: No.268,Hanzhong Road,Nanjing 210029
country: CN
phone: +86-25-6588783
fax-no: +86-25-6588740
e-mail: ip@jsinfo.net
trouble: send anti-spam reports to spam@jsinfo.net
trouble: send abuse reports to abuse@jsinfo.net
trouble: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@ptt.js.cn 20020530
changed: ip@jsinfo.net 20021213
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
[studio42@flatus studio42]$ whois ceaiustem.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: CEAIUSTEM.COM
Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com
Name Server: NS1.CEAIUSTEM.COM
Name Server: NS2.CEAIUSTEM.COM
Status: ok
Updated Date: 30-may-2008
Creation Date: 29-may-2008
Expiration Date: 29-may-2009
>>> Last update of whois database: Wed, 04 Jun 2008 02:15:36 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.paycenter.com.cn]
The Data in Paycenter's WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration
record.
Paycenter does not guarantee its accuracy. By submitting
a WHOIS query, you agree that you will use this Data only
for lawful purposes and that, under no circumstances will
you use this Data to:
(1) allow, enable, or otherwise support the transmission
of mass unsolicited, commercial advertising or solicitations
via e-mail (spam); or
(2) enable high volume, automated, electronic processes that
apply to Paycenter or its systems.
Paycenter reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Domain Name:ceaiustem.com
Registrant:
Sun Wei
shan dong sheng ji nan shi ren cheng qu yu tun gong ye yuan
550001
Administrative Contact:
SunWei
Sun Wei
shan dong sheng ji nan shi ren cheng qu yu tun gong ye yuan
jinan Shandong 550001
CN
tel: 537 2531288
fax: 537 2531288
lovekyos99@163.com
Technical Contact:
SunWei
Sun Wei
shan dong sheng ji nan shi ren cheng qu yu tun gong ye yuan
jinan Shandong 550001
CN
tel: 2531288
fax: 2531288
lovekyos99@163.com
Billing Contact:
SunWei
Sun Wei
shan dong sheng ji nan shi ren cheng qu yu tun gong ye yuan
jinan Shandong 550001
CN
tel: 2531288
fax: 2531288
lovekyos99@163.com
Registration Date: 2008-05-29
Update Date: 2008-05-31
Expiration Date: 2009-05-29
Primary DNS: ns1.ceaiustem.com 124.236.241.91
Secondary DNS: ns2.ceaiustem.com 221.230.2.221
Definate ties to another spammer.
