[an error occurred while processing this directive]
The report for this spam can be found at: 2008 Form Abuser Edition.
Return-Path: <apache@flatus.studio42.com>
Received: from flatus.studio42.com (10.1.42.10) by studio42.com with
ESMTP (Eudora Internet Mail Server 3.2.10) for <chris@studio42.com>;
Sun, 24 Aug 2008 16:02:00 -0700
Received: from flatus.studio42.com (localhost.localdomain [127.0.0.1])
by flatus.studio42.com (8.12.5/8.12.5) with ESMTP id m7ON2G5F030725 for
<chris@studio42.com>; Sun, 24 Aug 2008 16:02:16 -0700
Received: (from apache@localhost) by flatus.studio42.com (8.12.5/8.12.5/Submit)
id m7ON2DH7030723; Sun, 24 Aug 2008 16:02:13 -0700
Date: Sun, 24 Aug 2008 16:02:13 -0700
Message-Id: <200808242302.m7ON2DH7030723@flatus.studio42.com>
Received: from [88.87.18.126] by www.studio42.com (NMS FormMail 3.14c1)
with HTTP; Sun, 24 Aug 2008 23:02:13 GMT (script-name /cgi-bin/fuckoffspammers.cgi)
(http-host www.studio42.com) (http-referer http://www.studio42.com/forms/mailform.html)
X-Mailer: NMS FormMail 3.14c1
To: chris@studio42.com
From: itansaddy@stred.biz (basyUphorpbop)
Subject: Studio42 General Form
Below is the result of your feedback form. It was submitted by
basyUphorpbop (itansaddy@stred.biz) on Sunday, August 24, 2008 at 16:02:13
---------------------------------------------------------------------------
subject: Studio42 General Form
realname: basyUphorpbop
email: itansaddy@stred.biz
subject: Studio42 General Form
realname: basyUphorpbop
email: itansaddy@stred.biz
phone: 123456
Description: women's riding waterproof boots
<a href=http://maoneski.gethosted.info/tires8424.html>miner boot gtx</a>
<a href=http://tireworrld.gethosted.info/tires997.html>dunlop front tire crf450</a>
http://ttworld.gethosted.info/tires7953.html toyo tires sold in publo colorado
Urgent: Yes
Contact: Email
IP: 88.87.18.126
DNS: (none)
Referer: http://www.studio42.com/forms/mailform.html
Page: www.studio42.com/forms/mailform.html
---------------------------------------------------------------------------
[studio42@flatus counter]$ host 88.87.18.126
Host 126.18.87.88.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus counter]$ whois 88.87.18.126@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '88.87.18.0 - 88.87.18.127'
inetnum: 88.87.18.0 - 88.87.18.127
netname: BYALA-NET
descr: ND Ltd.
country: BG
admin-c: VD855-RIPE
tech-c: GD4898-RIPE
status: ASSIGNED PA
mnt-by: MNT-telnetbg
source: RIPE # Filtered
person: Viktor Dimitrov
address: Bulgaria, Poslki Trymbesh
address: Veliko Tarnovo 5180
address: 54 Tyrgovska St.
e-mail: vdimitrov@magibg.com
phone: +35961415201
nic-hdl: VD855-RIPE
source: RIPE # Filtered
person: Gerasim Dosev
address: 9 V Poltava Str.
address: 5000 Veliko Tarnovo
address: BULGARIA
phone: +359 88 7202449
e-mail: illusion@magibg.com
mnt-by: mnt-gdosev
nic-hdl: GD4898-RIPE
source: RIPE # Filtered
% Information related to '88.87.0.0/19AS34754'
route: 88.87.0.0/19
descr: Telnet Ltd.
origin: AS34754
mnt-by: mnt-telnetbg
source: RIPE # Filtered
% Information related to '88.87.18.0/23AS34754'
route: 88.87.18.0/23
descr: Customers via arbanasi
origin: AS34754
mnt-by: MNT-telnetbg
source: RIPE # Filtered
Scammer located.
Onto scammer's sites:
[studio42@flatus counter]$ host maoneski.gethosted.info
maoneski.gethosted.info has address 67.228.208.55
[studio42@flatus counter]$ host tireworrld.gethosted.info
tireworrld.gethosted.info has address 67.228.208.55
[studio42@flatus counter]$ host ttworld.gethosted.info
ttworld.gethosted.info has address 67.228.208.55
[studio42@flatus counter]$ whois 67.228.208.55@whois.arin.net
[whois.arin.net]
OrgName: SoftLayer Technologies Inc.
OrgID: SOFTL
Address: 1950 N Stemmons Freeway
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US
ReferralServer: rwhois://rwhois.softlayer.com:4321
NetRange: 67.228.0.0 - 67.228.255.255
CIDR: 67.228.0.0/16
OriginAS: AS36351
NetName: SOFTLAYER-4-5
NetHandle: NET-67-228-0-0-1
Parent: NET-67-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.SOFTLAYER.COM
NameServer: NS2.SOFTLAYER.COM
Comment: abuse@softlayer.com
RegDate: 2007-11-07
Updated: 2008-01-25
RAbuseHandle: ABUSE1025-ARIN
RAbuseName: Abuse
RAbusePhone: +1-214-442-0605
RAbuseEmail: abuse@softlayer.com
RNOCHandle: IPADM258-ARIN
RNOCName: IP Admin
RNOCPhone: +1-214-442-0600
RNOCEmail: ipadmin@softlayer.com
RTechHandle: IPADM258-ARIN
RTechName: IP Admin
RTechPhone: +1-214-442-0600
RTechEmail: ipadmin@softlayer.com
OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-442-0605
OrgAbuseEmail: abuse@softlayer.com
OrgTechHandle: IPADM258-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-214-442-0600
OrgTechEmail: ipadmin@softlayer.com
# ARIN WHOIS database, last updated 2008-08-24 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
[studio42@flatus counter]$ whois gethosted.info@whois.geektools.com
[whois.geektools.com]
GeekTools Whois Proxy v5.0.4 Ready.
Checking access for 69.85.141.229... ok.
Checking server [whois.afilias.info]
Results:
Access to INFO WHOIS information is provided to assist persons in
determining the contents of a domain name registration record in the
Afilias registry database. The data in this record is provided by
Afilias Limited for informational purposes only, and Afilias does not
guarantee its accuracy. This service is intended only for query-based
access. You agree that you will use this data only for lawful purposes
and that, under no circumstances will you use this data to: (a) allow,
enable, or otherwise support the transmission by e-mail, telephone, or
facsimile of mass unsolicited, commercial advertising or solicitations
to entities other than the data recipient's own existing customers; or
(b) enable high volume, automated, electronic processes that send
queries or data to the systems of Registry Operator, a Registrar, or
Afilias except as reasonably necessary to register domain names or
modify existing registrations. All rights reserved. Afilias reserves
the right to modify these terms at any time. By submitting this query,
you agree to abide by this policy.
Domain ID:D11244855-LRMS
Domain Name:GETHOSTED.INFO
Created On:12-Nov-2005 12:19:21 UTC
Last Updated On:28-Apr-2008 17:46:31 UTC
Expiration Date:12-Nov-2009 12:19:21 UTC
Sponsoring Registrar:eNom, Inc. (R126-LRMS)
Status:OK
Registrant ID:5d15e00b4d8
Registrant Name:WhoisGuard Protected
Registrant Organization:WhoisGuard
Registrant Street1:8939 S. Sepulveda Blvd. #110 -
Registrant Street2:
Registrant Street3:
Registrant City:Westchester
Registrant State/Province:CA
Registrant Postal Code:90045
Registrant Country:US
Registrant Phone:+1.6613102107
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:a601c06b48034c41ba41d5b7da2534a4.protect@whoisguard.com
Admin ID:5d15e00b4d8
Admin Name:WhoisGuard Protected
Admin Organization:WhoisGuard
Admin Street1:8939 S. Sepulveda Blvd. #110 -
Admin Street2:
Admin Street3:
Admin City:Westchester
Admin State/Province:CA
Admin Postal Code:90045
Admin Country:US
Admin Phone:+1.6613102107
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:a601c06b48034c41ba41d5b7da2534a4.protect@whoisguard.com
Billing ID:5d15e00b4d8
Billing Name:WhoisGuard Protected
Billing Organization:WhoisGuard
Billing Street1:8939 S. Sepulveda Blvd. #110 -
Billing Street2:
Billing Street3:
Billing City:Westchester
Billing State/Province:CA
Billing Postal Code:90045
Billing Country:US
Billing Phone:+1.6613102107
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:a601c06b48034c41ba41d5b7da2534a4.protect@whoisguard.com
Tech ID:5d15e00b4d8
Tech Name:WhoisGuard Protected
Tech Organization:WhoisGuard
Tech Street1:8939 S. Sepulveda Blvd. #110 -
Tech Street2:
Tech Street3:
Tech City:Westchester
Tech State/Province:CA
Tech Postal Code:90045
Tech Country:US
Tech Phone:+1.6613102107
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:a601c06b48034c41ba41d5b7da2534a4.protect@whoisguard.com
Name Server:NS1.GETHOSTED.INFO
Name Server:NS2.GETHOSTED.INFO
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
