> XIN NET TECHNOLOGY CORPORATION / SINO-I
REGISTRATION OF THE WEB SITE: posirjire.com
ACTION: To suspend this criminal site which breaks your terms of service, set the domain status to clientHold
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
> CHINA169-BACKBONE CNCGROUP China169 Backbone (incl. postmaster@sd.cninfo.net,security@pub.sd.cninfo.net,postmaster@pub.sd.cninfo.net,abuse@cnc-noc.net)
IP ADDRESS OF HOST: 61.162.229.152
The IP address of this criminal site is within your allocated address space.
> CHINANET-BACKBONE No.31,Jin-rong Street
> CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT (incl. hostmaster@hbtele.com,postmaster@hbtele.com,anti-spam@ns.chinanet.cn.net)
IP ADDRESS OF NAMESERVER: 124.236.241.91
The IP address of this criminal nameserver is within your allocated address space.
Delivered-To: xxx
Received: by 10.151.45.9 with SMTP id x9cs105670ybj;
Sat, 24 May 2008 05:22:47 -0700 (PDT)
Received: by 10.210.59.14 with SMTP id h14mr2047935eba.13.1211631765561;
Sat, 24 May 2008 05:22:45 -0700 (PDT)
Return-Path: <Mai-uoyjat@3d-systems.co.uk>
Received: from ?78.89.2.102? ([78.89.2.102])
by mx.google.com with ESMTP id i4si9671549nfh.1.2008.05.24.05.22.43;
Sat, 24 May 2008 05:22:45 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning Mai-uoyjat@3d-systems.co.uk does not designate 78.89.2.102 as permitted sender) client-ip=78.89.2.102;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning Mai-uoyjat@3d-systems.co.uk does not designate 78.89.2.102 as permitted sender) smtp.mail=Mai-uoyjat@3d-systems.co.uk
User-Agent: Microsoft-Entourage/12.1.0.080305
Date: Sat, 24 May 2008 15:22:40 +0300
Subject: Jammin with 9 full
From: Mai <Mai-uoyjat@3d-systems.co.uk>
To: "xxx" <xxx>
Message-ID: <DE466296.4%Mai-uoyjat@3d-systems.co.uk>
Thread-Topic: Jammin with 9 full
Thread-Index: Aci9sgF1Pp+aezR3TlqtlkojZwA52A==
Mime-version: 1.0
Content-type: multipart/alternative;
boundary="B_5932288118_12525"
<HTML>
<HEAD>
<TITLE>Jammin with 9 full</TITLE>
</HEAD>
<BODY>
<FONT SIZE=3D"4"><FONT FACE=3D"Verdana, Arial"><SPAN =
STYLE=3D'font-size:11pt'>The bare truth is that these wonderful pills =
truly do enhance your performance <a =
href=3D"http://www.posirjire.com/">http://www.posirjire.com/</a><BR>
</SPAN></FONT></FONT></FONT>
</BODY>
</HTML>
--B_5932288118_12525--
In the chance that this commercial mailer associated with this mailing is found to be a U.S. citizen and linked with off-shore hosting/registration, and use of hijacked servers in the future, this mailing was sent in violation of many requirements set forth by the CAN-SPAM Act outlined at the following page:
http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm
> ATTN: China CERT
You are being copied this report due to the fact that the servers and the ISPs currently providing service to these criminally-operated domain names are within your jurisdiction.
Please meet with the hosts, and customers associated with the machines behind these IP addresses and ensure that the machines connecting to these IP addresses are cleaned of all malicious intent. For help, reference the CastleCops Malware Removal and Prevention article:
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
Further, enforce the need for hightened Internet Security, and the need for stronger and more secure password phrases to prevent further malicious abuse from these addresses.
Quote:
http://www.posirjire.com/index.php
Author: tembow, Posted: Wed Jun 25, 2008 6:38 am Post subject:
Arrival-Date: Tue, 24 Jun 2008 17:24:23 +0000 (UTC)
/MaxGain_spam192151.html