Spam Alert
Full Report:  /MaxGain_spam191526.html
Consumed following related reports:
[191527] http://www.diplixae.com/counter.php
Changed status to confirmed spam.IP Converted: 124.236.241.91
dword = 2095903067
hex1 = 0x7cecf15b
hex2 = 0x7c.0xec.0xf1.0x5b
oct = 0174.0354.0361.0133
View CIDR AS4134 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4134
"4134 | CN | apnic | 2002-08-01 | CHINANET-BACKBONE No.31,Jin-rong Street"<br />
Extended information for AS4134:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
IP Converted: 221.230.2.221
dword = 3722838749
hex1 = 0xdde602dd
hex2 = 0xdd.0xe6.0x2.0xdd
oct = 0335.0346.02.0335
View CIDR AS17672 Report: http://www.cidr-report.org/cgi-bin/as-report?as=17672
"17672 | CN | apnic | 2002-11-18 | CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT"<br />
Extended information for AS17672:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
Criminal Evidence
See the Spam Wiki entry at http://www.spamtrackers.eu/wiki/index.php?title=MaxGain
or from China: http://www.spamtrackers.hk/wiki/index.php?title=MaxGain
See the McAfee Site Advisor information at http://siteadvisor.com/sites/diplixae.com
> XIN NET TECHNOLOGY CORPORATION / SINO-I
REGISTRATION OF THE WEB SITE: diplixae.com
ACTION: To suspend this criminal site which breaks your terms of service, set the domain status to clientHold
> XIN NET TECHNOLOGY CORPORATION / SINO-I
REGISTRATION OF THE NAME SERVERS
These name servers are registered by criminals to resolve only illegal web sites. This breaks your terms of service. You can safely suspend them:
ns1.dixatern.com 221.230.2.221 221.230.2.221 Blacklisted China http://rss.uribl.com/ns/dixatern_com.html http://www.spamhaus.org/SBL/sbl.lasso?query=SBL64972 | http://www.spamhaus.org/query/bl?ip=221.230.2.221
ns2.dixatern.com 124.236.241.91 124.236.241.91 Blacklisted China http://rss.uribl.com/ns/dixatern_com.html http://www.spamhaus.org/SBL/sbl.lasso?query=SBL65127
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
Following, is the current blocklisted (for appearing in URIBL honeypots via e-mail) domains which are being resolved by these nameservers:
#1 vicaket.com Sat, 31 May 2008 23:22:27 +0000
#2 osienai.com Thu, 29 May 2008 07:42:52 +0000
#3 posieamiso.com Thu, 29 May 2008 05:58:21 +0000
#4 rieakgiea.com Thu, 29 May 2008 04:34:31 +0000
#5 poslpoaie.com Thu, 29 May 2008 04:30:46 +0000
#6 oisuegne.com Thu, 29 May 2008 03:59:21 +0000
#7 poslencue.com Thu, 29 May 2008 03:53:13 +0000
#8 poaisore.com Thu, 29 May 2008 03:50:02 +0000
#9 pogjienab.com Thu, 29 May 2008 02:55:58 +0000
#10 muaoegne.com Thu, 29 May 2008 02:55:54 +0000
#11 ncueiopls.com Thu, 29 May 2008 01:59:24 +0000
There is no danger in suspending this nameserver. It's sole use is for criminal/malicious intent.
> CHINANET-BACKBONE No.31,Jin-rong Street
> CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT (incl. postmaster@hbtele.com, anti-spam@ns.chinanet.cn.net, hostmaster@hbtele.com, abuse@jsinfo.net, abuse@jlonline.com, abuse@public1.ptt.js.cn, spam@jsinfo.net)
IP ADDRESS OF HOST: 124.236.241.91, 221.230.2.221
The IP address of this criminal site is within your allocated address space.
This IP address is currently linked with the following fraudulent, criminal-operated domains:
www.lamiucca.com A 124.236.241.91
www.flaipnea.com A 124.236.241.91
www.polraha.com A 124.236.241.91
www.wocemiha.com A 124.236.241.91
www.mizaleka.com A 124.236.241.91
www.piruieoa.com A 124.236.241.91
www.gerioipa.com A 124.236.241.91
ns2.plowusera.com A 124.236.241.91
www.wehasata.com A 124.236.241.91
www.jaruebta.com A 124.236.241.91
www.totihota.com A 124.236.241.91
www.mirjherb.com A 124.236.241.91
www.franveeac.com A 124.236.241.91
www.satteac.com A 124.236.241.91
www.qualietac.com A 124.236.241.91
www.halkteacc.com A 124.236.241.91
www.cikalkec.com A 124.236.241.91
ns2.faneanic.com A 124.236.241.91
www.danxiesc.com A 124.236.241.91
vansmeruc.com A 124.236.241.91
www.chukumed.com A 124.236.241.91
onlayted.com A 124.236.241.91
ns2.freigae.com A 124.236.241.91
www.tryallae.com A 124.236.241.91
soopiwae.com A 124.236.241.91
www.tiwutibe.com A 124.236.241.91
ns1.lakenteee.com A 124.236.241.91
ns1.daleakee.com A 124.236.241.91
ns2.daleakee.com A 124.236.241.91
www.jimalmee.com A 124.236.241.91
ns2.jmapeanee.com A 124.236.241.91
www.usatenee.com A 124.236.241.91
girlafe.com A 124.236.241.91
www.kaneahe.com A 124.236.241.91
www.bmrlaihe.com A 124.236.241.91
www.vmaoitphe.com A 124.236.241.91
ns2.sugahujie.com A 124.236.241.91
www.lumpstie.com A 124.236.241.91
ns2.feaeleke.com A 124.236.241.91
elkinke.com A 124.236.241.91
www.mijjaele.com A 124.236.241.91
ns1.craipele.com A 124.236.241.91
ns2.craipele.com A 124.236.241.91
ns2.poasetele.com A 124.236.241.91
www.bariqile.com A 124.236.241.91
www.stiackle.com A 124.236.241.91
www.benatelle.com A 124.236.241.91
www.sabeatle.com A 124.236.241.91
www.rotatome.com A 124.236.241.91
kacceane.com A 124.236.241.91
ns2.praweane.com A 124.236.241.91
ealkene.com A 124.236.241.91
www.qauterre.com A 124.236.241.91
ns2.fissaure.com A 124.236.241.91
www.sitogase.com A 124.236.241.91
www.ortugaese.com A 124.236.241.91
www.faligrese.com A 124.236.241.91
www.nugpise.com A 124.236.241.91
www.viadesse.com A 124.236.241.91
www.tohobate.com A 124.236.241.91
www.favafate.com A 124.236.241.91
grailkate.com A 124.236.241.91
www.todalate.com A 124.236.241.91
www.crpalate.com A 124.236.241.91
trpaoate.com A 124.236.241.91
www.bliahte.com A 124.236.241.91
ns1.ppareante.com A 124.236.241.91
ns2.ppareante.com A 124.236.241.91
www.mizalatte.com A 124.236.241.91
www.bianmette.com A 124.236.241.91
www.pitaohue.com A 124.236.241.91
vuhgiue.com A 124.236.241.91
www.truiumiue.com A 124.236.241.91
www.msoritue.com A 124.236.241.91
www.mialknave.com A 124.236.241.91
www.satymewe.com A 124.236.241.91
www.satarjwe.com A 124.236.241.91
www.miueuaye.com A 124.236.241.91
www.fcotleye.com A 124.236.241.91
www.osirugye.com A 124.236.241.91
zalatye.com A 124.236.241.91
www.flamieaze.com A 124.236.241.91
www.falkberag.com A 124.236.241.91
www.kdlieah.com A 124.236.241.91
www.fhosrigh.com A 124.236.241.91
www.saliteci.com A 124.236.241.91
www.kopioeki.com A 124.236.241.91
www.dotidali.com A 124.236.241.91
pingsli.com A 124.236.241.91
daneteyi.com A 124.236.241.91
muthofak.com A 124.236.241.91
waynavel.com A 124.236.241.91
kuhikil.com A 124.236.241.91
hiualkes.com A 124.236.241.91
llardoines.com A 124.236.241.91
ccuicuis.com A 124.236.241.91
bracruis.com A 124.236.241.91
dailleks.com A 124.236.241.91
rlamsals.com A 124.236.241.91
vneogoors.com A 124.236.241.91
alsmoats.com A 124.236.241.91
scielsit.com A 124.236.241.91
raohusst.com A 124.236.241.91
smeriutt.com A 124.236.241.91
www.lamiucca.com A 221.230.2.221
ns2.muciahea.com A 221.230.2.221
www.flaipnea.com A 221.230.2.221
www.hirsutea.com A 221.230.2.221
www.wocemiha.com A 221.230.2.221
fa.paeazia.com A 221.230.2.221
e.paeazia.com A 221.230.2.221
lipgdw.paeazia.com A 221.230.2.221
z.paeazia.com A 221.230.2.221
hiabelka.com A 221.230.2.221
www.gripiema.com A 221.230.2.221
mzbi.posirna.com A 221.230.2.221
www.ensokgoa.com A 221.230.2.221
www.vigamiqa.com A 221.230.2.221
www.wehasata.com A 221.230.2.221
www.totihota.com A 221.230.2.221
ns1.heywiotta.com A 221.230.2.221
wyprj.ilkexza.com A 221.230.2.221
tbfm.ilkexza.com A 221.230.2.221
xptbxp.ilkexza.com A 221.230.2.221
icpmq.ilkexza.com A 221.230.2.221
yt.ilkexza.com A 221.230.2.221
pykw.ilkexza.com A 221.230.2.221
eyz.ilkexza.com A 221.230.2.221
www.aevaetib.com A 221.230.2.221
www.franveeac.com A 221.230.2.221
www.qualietac.com A 221.230.2.221
uzga.cryatecc.com A 221.230.2.221
hxudf.cryatecc.com A 221.230.2.221
qt.rayetecc.com A 221.230.2.221
www.cikalkec.com A 221.230.2.221
www.traimmec.com A 221.230.2.221
ns1.faneanic.com A 221.230.2.221
www.danxiesc.com A 221.230.2.221
www.dujuyted.com A 221.230.2.221
oezriyeba.profilemyspacecomdexcfmfusiactionuserid.com A 221.230.2.221
duwbng.profilemyspacecomdexcfmfusiactionuserid.com A 221.230.2.221
ebino.profilemyspacecomdexcfmfusiactionuserid.com A 221.230.2.221
shoezplace.com A 221.230.2.221
ttsdi.valkaece.com A 221.230.2.221
vryytp.valkaece.com A 221.230.2.221
talnacee.com A 221.230.2.221
ns2.lakenteee.com A 221.230.2.221
www.jimalmee.com A 221.230.2.221
ns1.jmapeanee.com A 221.230.2.221
www.usatenee.com A 221.230.2.221
losirkge.com A 221.230.2.221
www.kaneahe.com A 221.230.2.221
melbutche.com A 221.230.2.221
posirkaie.com A 221.230.2.221
xtb.poiqlgie.com A 221.230.2.221
oavr.poiqlgie.com A 221.230.2.221
timeatie.com A 221.230.2.221
poveale.com A 221.230.2.221
tryapiale.com A 221.230.2.221
www.mijjaele.com A 221.230.2.221
www.stiackle.com A 221.230.2.221
ns2.coasterle.com A 221.230.2.221
www.sabeatle.com A 221.230.2.221
eiameme.com A 221.230.2.221
oisiane.com A 221.230.2.221
www.blisane.com A 221.230.2.221
ealkene.com A 221.230.2.221
leahlkene.com A 221.230.2.221
ddpu.posirne.com A 221.230.2.221
w.posirne.com A 221.230.2.221
www.kiloapoe.com A 221.230.2.221
msxfi.micalape.com A 221.230.2.221
eurex.micalape.com A 221.230.2.221
y.micalape.com A 221.230.2.221
nvlqwy.micalape.com A 221.230.2.221
www.ortugaese.com A 221.230.2.221
www.faligrese.com A 221.230.2.221
www.nublingse.com A 221.230.2.221
areolise.com A 221.230.2.221
ns2.druitnise.com A 221.230.2.221
www.nugpise.com A 221.230.2.221
phontose.com A 221.230.2.221
ns2.herieapse.com A 221.230.2.221
www.miallapse.com A 221.230.2.221
quekjate.com A 221.230.2.221
www.todalate.com A 221.230.2.221
www.crpalate.com A 221.230.2.221
kraiplate.com A 221.230.2.221
qjte.kraiplate.com A 221.230.2.221
akxh.kraiplate.com A 221.230.2.221
gi.kraiplate.com A 221.230.2.221
efelki.kraiplate.com A 221.230.2.221
guwi.kraiplate.com A 221.230.2.221
kcaroiani.com A 221.230.2.221
tariconi.com A 221.230.2.221
alnoasri.com A 221.230.2.221
pialketi.com A 221.230.2.221
bliancek.com A 221.230.2.221
trauorank.com A 221.230.2.221
afujihil.com A 221.230.2.221
jenymarl.com A 221.230.2.221
ticalken.com A 221.230.2.221
joirawen.com A 221.230.2.221
qaujcenn.com A 221.230.2.221
ahsearn.com A 221.230.2.221
foartun.com A 221.230.2.221
posiramlo.com A 221.230.2.221
neondeso.com A 221.230.2.221
lalanenas.com A 221.230.2.221
cienaries.com A 221.230.2.221
daomattes.com A 221.230.2.221
bracruis.com A 221.230.2.221
tonavedos.com A 221.230.2.221
jusanters.com A 221.230.2.221
limmzenat.com A 221.230.2.221
hereramot.com A 221.230.2.221
tihecoryt.com A 221.230.2.221
ACTION: Black-hole the route to this address to prevent further criminal activity
The criminality of these domain names can be verified using the following SiteAdvisor link format, http://www.siteadvisor.com/lookup/?q=domainname.tld
CRIMINAL EVIDENCE- PROOF OF UNSOLICITED E-MAIL:
Delivered-To: xxx
Received: by 10.151.45.9 with SMTP id x9cs91513ybj;
Fri, 23 May 2008 22:25:51 -0700 (PDT)
Received: by 10.67.115.4 with SMTP id s4mr1710728ugm.66.1211606749923;
Fri, 23 May 2008 22:25:49 -0700 (PDT)
Return-Path: <ahcsrevo1971@jtag.ru>
Received: from cpc1-warw2-0-0-cust810.brhm.cable.ntl.com (cpc1-warw2-0-0-cust810.brhm.cable.ntl.com [86.20.187.43])
by mx.google.com with ESMTP id t2si13761454gve.9.2008.05.23.22.25.49;
Fri, 23 May 2008 22:25:49 -0700 (PDT)
Received-SPF: neutral (google.com: 86.20.187.43 is neither permitted nor denied by domain of ahcsrevo1971@jtag.ru) client-ip=86.20.187.43;
Authentication-Results: mx.google.com; spf=neutral (google.com: 86.20.187.43 is neither permitted nor denied by domain of ahcsrevo1971@jtag.ru) smtp.mail=ahcsrevo1971@jtag.ru
User-Agent: Microsoft-Entourage/12.1.0.080305
Date: Sat, 24 May 2008 06:25:57 +0100
Subject: Time waits for no man
From: Mraz <ahcsrevo1971@JTAG.RU>
To: "xxx" <xxx>
Message-ID: <361899D4.5%ahcsrevo1971@JTAG.RU>
Thread-Topic: Time waits for no man
Thread-Index: Aci9ZwbZxjBp6FQTTA2dMoiHB9GaCg==
Mime-version: 1.0
Content-type: multipart/alternative;
boundary="B_2570565667_68192"
--B_2570565667_68192
Content-type: text/plain;
charset="US-ASCII"
Content-transfer-encoding: 7bit
Impossible is nothing, we can make your tiny cocktail sausage into a big fat bratwurst. http://www.diplixae.com/
--B_2570565667_68192
Content-type: text/html;
charset="US-ASCII"
Content-transfer-encoding: quoted-printable
<HTML>
<HEAD>
<TITLE>Time waits for no man</TITLE>
</HEAD>
<BODY>
<FONT SIZE=3D"4"><FONT FACE=3D"Verdana, Arial"><SPAN =
STYLE=3D'font-size:11pt'>Impossible is nothing, we can make your tiny =
cocktail sausage into a big fat bratwurst. <a =
href=3D"http://www.diplixae.com/">http://www.diplixae.com/</a><BR>
</SPAN></FONT></FONT></FONT>
</BODY>
</HTML>
--B_2570565667_68192--
This is the evidence of unsolicited e-mail which references this domain registered by XIN Net.
> ATTN: China CERT
The IP addresses, and the hosts referenced within this SIRT Report/e-mail are within your jurisdiction.
Please enforce the need for hightened Internet Security so no further malicious intent occurs from these addresses, or hosting providers.
| Quote: | | http://www.diplixae.com/ |
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
