|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1113
Location: USA
|
 Posted: Sun May 25, 2008 5:40 pm Post subject: [SIRT#178975] dating site on kaj52.com / volbon.com |
|
|
Spam Alert
Full Report:  /dating_site_spam178975.html
Changed status to confirmed spam.IP Converted: 220.214.94.104
dword = 3705036392
hex1 = 0xdcd65e68
hex2 = 0xdc.0xd6.0x5e.0x68
oct = 0334.0326.0136.0150
View CIDR AS4732 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4732
"4732 | JP | apnic | 1995-08-30 | DION KDDI CORPORATION"<br />
Extended information for AS4732:
State/Province:
Country: jp
Responsible Domain: kddi.com
Abuse Email: abuse@dion.ne.jp
IP Converted: 210.249.60.67
dword = 3539549251
hex1 = 0xd2f93c43
hex2 = 0xd2.0xf9.0x3c.0x43
oct = 0322.0371.074.0103
View CIDR AS4732 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4732
"4732 | JP | apnic | 1995-08-30 | DION KDDI CORPORATION"<br />
Extended information for AS4732:
State/Province:
Country: jp
Responsible Domain: kddi.com
Abuse Email: abuse@dion.ne.jp
IP Converted: 121.1.252.81
dword = 2030173265
hex1 = 0x7901fc51
hex2 = 0x79.0x1.0xfc.0x51
oct = 0171.01.0374.0121
View CIDR AS4685 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4685
"4685 | JP | apnic | 1995-08-30 | ASAHI-NET Asahi Net"<br />
Extended information for AS4685:
State/Province:
Country: jp
Responsible Domain: asahi-net.or.jp
Abuse Email: postmaster@asahi-net.or.jp
Criminal Evidence
See the McAfee Site Advisor information at http://siteadvisor.com/sites/kaj52.com which points out that this domain is advertised in unsolicited spam e-mail. Reviewers of the SiteAdvisor community have also posted spam samples distributed by this commercial spam e-mailer.
> ENOM, INC.
REGISTRATION OF THE WEB SITE: kaj52.com
ACTION: To suspend this criminal site which breaks your terms of service, set the domain status to clientHold
> YESNIC CO. LTD.
> TUCOWS INC.
REGISTRATION OF THE NAME SERVERS
These name servers are registered by criminals to resolve only illegal web sites. This breaks your terms of service. You can safely suspend them:
ddns.volbon.net | 210.249.60.67 | Japan
ddns.voldon.com | 121.1.252.81 | Japan
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
> DION KDDI CORPORATION
IP ADDRESS OF HOST: 220.214.94.104
The IP address of this criminal site is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
> DION KDDI CORPORATION
IP ADDRESS OF NAMESERVER (ddns.volbon.net): 210.249.60.67
The IP address of this criminal nameserver is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
> ASAHI-NET Asahi Net
IP ADDRESS OF NAMESERVER (ddns.voldon.com): 121.1.252.81
The IP address of this criminal nameserver is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
> Japan CERT
The IP addresses being used by these criminal domain names land within your jurisdiction
ACTION: Please take time to clean up this network of all infections, ensure all software and operating system software is updated, and all passwords are changed to be more secure to thwart further infections behind this network.
The criminality of these domain names can be verified using the following SiteAdvisor link format, http://www.siteadvisor.com/lookup/?q=domainname.tld
CRIMINAL EVIDENCE: VIOLATION OF CAN-SPAM LAWS
Delivered-To: xxx
Received: by 10.150.143.6 with SMTP id q6cs93341ybd;
Wed, 23 Apr 2008 10:49:50 -0700 (PDT)
Received: by 10.142.71.15 with SMTP id t15mr223424wfa.315.1208972985181;
Wed, 23 Apr 2008 10:49:45 -0700 (PDT)
Return-Path: <5wc4mxax3th2m0@yahoo.com>
Received: from gmail.com ([116.3.23.93])
by mx.google.com with ESMTP id 30si543064wfa.2.2008.04.23.10.49.43;
Wed, 23 Apr 2008 10:49:45 -0700 (PDT)
Received-SPF: neutral (google.com: 116.3.23.93 is neither permitted nor denied by domain of 5wc4mxax3th2m0@yahoo.com) client-ip=116.3.23.93;
Authentication-Results: mx.google.com; spf=neutral (google.com: 116.3.23.93 is neither permitted nor denied by domain of 5wc4mxax3th2m0@yahoo.com) smtp.mail=5wc4mxax3th2m0@yahoo.com
Message-Id: <480f76b9.1e018e0a.7b81.5f8cSMTPIN_ADDED@mx.google.com>
Reply-To: =?ISO-2022-JP?B?GyRCO2QkTyQiJEokPyROJGIkThsoQg==?= <5wc4mxax3th2m0@yahoo.com>
From: =?ISO-2022-JP?B?GyRCO2QkTyQiJEokPyROJGIkThsoQg==?= <5wc4mxax3th2m0@yahoo.com>
To: <xxx>
Subject: =?ISO-2022-JP?B?GyRCPEwlYSRiGyhCVEVMGyRCJGIkRyQtJGskaBsoQg==?=
Date: Thu, 24 Apr 2008 02:48:42 +09:00
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-2022-jp"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Nomal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
GyRCIig3SEJTJCskaT13QC1BajxqJEtEPiVhITwlaxsoQk9LGyRCInYbKEINCg0KGyRCIk0lVyVtJVUlIyE8JWskSyUiJUklbCU5OHgzK0NmPXdALRsoQjY4JQ0KaHR0cDovL2thajUyLmNvbS9mYmIvP21lPWhINmFqQzh6OUhESjZQMkg5M0hUSGpSNFBrYjg2NzY3SEQ2ajROM09MUTRITk83Mg0KGyRCIigycSQmQTAkSzxMPz8kSEA4QDwkRzNORycbKEJPSxskQiJ2GyhCDQoNChskQiJNPEw/PyEmGyhCVGVsGyRCSFY0MEE0OHgzKxsoQg0KaHR0cDovL2thajUyLmNvbS9mYmIvP21lPWhINmFqQzh6OUhESjZQMkg5M0hUSGpSNFBrYjg2NzY3SEQ2ajROM09MUTRITk83Mg0KGyRCNDBBNEw1TkEkQCQrJGkhIj13QC0kThsoQlBGGyRCJHI4KyRrJEAkMSRHJGI9PEosS35CLSRHJDkkaCFBInYbKEINCg0KGyRCIiE9d0AtJSIlSSVsJTk4K0p8QmpGQ0U1IiEkYjUuSn0kTiRiJE4kSyQ3JEYyPCQ1JCQhIxsoQg0KaHR0cDovL2thajUyLmNvbS9mYmIvP21lPWhINmFqQzh6OUhESjZQMkg5M0hUSGpSNFBrYjg2NzY3SEQ2ajROM09MUTRITk83Mg0KGyRCPGpCMyQtJE9FUE8/JEAkMSRHGyhCWxskQjQwTjsbKEJdDQoNCg0KDQoNChskQkdbPy41cUhdJE8kMyRBJGkbKEINCm5vbmVlZEByZWplY3Qua2FqNTIuY29t
CAN-SPAM Law states that:
Commercial mailers are not to abuse open relays to send their mail.
Commercial mailers are to offer AND honor opt-out requests - there has been many attempts to opt-out of this spam without any action taken.
Commercial mailers are NOT to munge or otherwise forge the headers of spam e-mail to mask their identity.
Commercial mailers are to offer a physical address at which the mailer can be contacted via postal mail.
This commercial mailer breaks a multitude of these rules set by CAN-SPAM Laws.
| Quote: | | http://kaj52.com/fbb/?me=hH6ajC8z9HDJ6P2H93HTHjR4Pkb86767HD6j4N3OLQ4HNO72 |
|
|
| Back to top |
|
 |
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1113
Location: USA
|
| Posted: Wed Jun 04, 2008 5:46 pm Post subject: |
|
|
Seems eNom took care of kaj52.com.
But, tucows hasn't responded to the volbon.com complaint...
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Wed Jun 04, 2008 7:56 pm Post subject: |
|
|
That is voldon.com
| Code: | Domain name: VOLDON.COM
Administrative Contact:
Futamura, Hajime futamura@relief.sakura.ne.jp
3-2
Asagiridai
Akasi, Hyogo 673-0852
JP
+81.9072785073
Technical Contact:
Futamura, Hajime futamura@relief.sakura.ne.jp
3-2
Asagiridai
Akasi, Hyogo 673-0852
JP
+81.9072785073
Registration Service Provider:
DOMAIN 21 Registration Services, nic2x804@my.domain-21.net
http://domain21.maplearts.net/
This company may be contacted for domain support questions in Japanese.
Registrar of Record: TUCOWS, INC. |
There is a Tucows affiliate dealer as an alternative contact.
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
