|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
seekaybee
SIRT Handler
Premium Member
Joined: Nov 14, 2007
Posts: 131
|
 Posted: Tue May 27, 2008 4:20 am Post subject: [SIRT#7841] Downloadable Software : keiuuayr.cn/zabatut.mobi |
|
|
Spam Alert
Full Report:  /Downloadable_Software_spam7841.html
Consumed following related reports:
[7171] http://lppeoeuue.cn
[7198] http://skeieuuur.cn
[8149] http://keiuuayr.cn/
[10334] http://www.poelriruu.cn
[18104] http://www.sfeuuue.cn
[18105] http://www.sfeuuue.cn/
Changed status to confirmed spam.IP Converted: 203.186.128.183
dword = 3417997495
hex1 = 0xcbba80b7
hex2 = 0xcb.0xba.0x80.0xb7
oct = 0313.0272.0200.0267
View CIDR AS9269 Report: http://www.cidr-report.org/cgi-bin/as-report?as=9269
"9269 | HK | apnic | 1998-02-13 | CTIHK-AS-AP City Telecom (H.K.) Ltd."<br />
Extended information for AS9269:
State/Province:
Country: hk
Responsible Domain: ctihk.com
Abuse Email: abuse@ctihk.com
IP Converted: 58.83.2.3
dword = 978518531
hex1 = 0x3a530203
hex2 = 0x3a.0x53.0x2.0x3
oct = 072.0123.02.03
View CIDR AS9394 Report: http://www.cidr-report.org/cgi-bin/as-report?as=9394
"9394 | CN | apnic | 1998-08-27 | CRNET CHINA RAILWAY Internet(CRNET)"<br />
Extended information for AS9394:
State/Province:
Country: cn
Responsible Domain: crc.net.cn
Abuse Email: anti-spam@chinanet.cn.net
View CIDR AS4134 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4134
"4134 | CN | apnic | 2002-08-01 | CHINANET-BACKBONE No.31,Jin-rong Street"<br />
Extended information for AS4134:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
Criminal Evidence
See the Spam Wiki entry at http://www.spamtrackers.eu/wiki/index.php?title=Downloadable_Software
or from China: http://www.spamtrackers.hk/wiki/index.php?title=Downloadable_Software
See the McAfee Site Advisor information at:
http://siteadvisor.com/sites/keiuuayr.cn
http://siteadvisor.com/sites/lppeoeuue.cn
http://siteadvisor.com/sites/poelriruu.cn
http://siteadvisor.com/sites/sfeuuue.cn
http://siteadvisor.com/sites/skeieuuur.cn
> TodayNIC
REGISTRATION OF THE WEB SITES: keiuuayr.cn, lppeoeuue.cn, poelriruu.cn, sfeuuue.cn, skeieuuur.cn
ACTION: To suspend these criminal site which break your terms of service, set the domain status to clientHold
> Beijing Innovative Linkage Technology Ltd dba dns.com.cn (abuse@DNS.COM.CN) / Afilias Ltd. (support@afilias.info)
REGISTRATION OF THE NAME SERVERS
These name servers are registered by criminals to resolve only illegal web sites. This breaks your terms of service. You can safely suspend them:
ns1.zabatut.mobi 58.83.2.3
ns2.zabatut.mobi 203.186.128.183
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
CLIENTHOLD STATUS IS NOT SUFFICIENT TO DISABLE A NAME SERVER
> CTIHK / City Telecom (H.K.) (hostmaster@ctihk.com, abuse@hkbn.net)
IP ADDRESS OF HOST: 203.186.128.183
Please consult the Spamhaus advisory at:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL64938
The IP address of this criminal site is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
The IP 203.186.128.183 is also currently being used by the following criminal websites and name servers:
ns2.zabatut.mobi A 203.186.128.183
apoliregujha.com A 203.186.128.183
ns1.apoliregujha.com A 203.186.128.183
alkdspeorja.com A 203.186.128.183
ns1.alkdspeorja.com A 203.186.128.183
vugadherapika.com A 203.186.128.183
ns1.vugadherapika.com A 203.186.128.183
cmzuaeproka.com A 203.186.128.183
ns1.cmzuaeproka.com A 203.186.128.183
mvcuzhabejrkla.com A 203.186.128.183
ns1.mvcuzhabejrkla.com A 203.186.128.183
lakdncviutirpa.com A 203.186.128.183
ns1.lakdncviutirpa.com A 203.186.128.183
mbliepakeireta.com A 203.186.128.183
ns1.mbliepakeireta.com A 203.186.128.183
qopeiruandb.com A 203.186.128.183
ns1.qopeiruandb.com A 203.186.128.183
drahejapec.com A 203.186.128.183
ns1.drahejapec.com A 203.186.128.183
zerezhanuec.com A 203.186.128.183
ns1.zerezhanuec.com A 203.186.128.183
freuipakc.com A 203.186.128.183
ns1.freuipakc.com A 203.186.128.183
guheakeporkc.com A 203.186.128.183
ns1.guheakeporkc.com A 203.186.128.183
ns1.mulakerjanc.com A 203.186.128.183
nugilakkoc.com A 203.186.128.183
ns1.nugilakkoc.com A 203.186.128.183
mgmnrwhjfjbuc.com A 203.186.128.183
ns1.mgmnrwhjfjbuc.com A 203.186.128.183
tjebancepoad.com A 203.186.128.183
ns1.tjebancepoad.com A 203.186.128.183
akieuryhvgabd.com A 203.186.128.183
ns1.akieuryhvgabd.com A 203.186.128.183
kirovaniked.com A 203.186.128.183
ns1.kirovaniked.com A 203.186.128.183
kgpvmaneryaid.com A 203.186.128.183
ns1.kgpvmaneryaid.com A 203.186.128.183
lglejrnguuaidkd.com A 203.186.128.183
ns1.lglejrnguuaidkd.com A 203.186.128.183
aberagfudroald.com A 203.186.128.183
ns1.aberagfudroald.com A 203.186.128.183
mchukgapend.com A 203.186.128.183
ns1.mchukgapend.com A 203.186.128.183
mguhjeekaldoppd.com A 203.186.128.183
ns1.mguhjeekaldoppd.com A 203.186.128.183
cawejuukae.com A 203.186.128.183
ns1.cawejuukae.com A 203.186.128.183
keiposuee.com A 203.186.128.183
ns1.keiposuee.com A 203.186.128.183
vnaueuyftgage.com A 203.186.128.183
ns1.vnaueuyftgage.com A 203.186.128.183
rupazatrake.com A 203.186.128.183
ns1.rupazatrake.com A 203.186.128.183
fjuhtrerakf.com A 203.186.128.183
ns1.fjuhtrerakf.com A 203.186.128.183
kerabudaniof.com A 203.186.128.183
ns1.kerabudaniof.com A 203.186.128.183
fkguvmgkaneg.com A 203.186.128.183
ns1.fkguvmgkaneg.com A 203.186.128.183
ajirieqjhg.com A 203.186.128.183
ns1.ajirieqjhg.com A 203.186.128.183
akdpgpytjhrj.com A 203.186.128.183
ns1.akdpgpytjhrj.com A 203.186.128.183
ageramuchak.com A 203.186.128.183
ns1.ageramuchak.com A 203.186.128.183
sebangakiak.com A 203.186.128.183
ns1.sebangakiak.com A 203.186.128.183
vusderavgek.com A 203.186.128.183
ns1.vusderavgek.com A 203.186.128.183
lebuviptrek.com A 203.186.128.183
ns1.lebuviptrek.com A 203.186.128.183
ajugradienal.com A 203.186.128.183
ns1.ajugradienal.com A 203.186.128.183
nubrapitoal.com A 203.186.128.183
ns1.nubrapitoal.com A 203.186.128.183
abruvipel.com A 203.186.128.183
ns1.abruvipel.com A 203.186.128.183
ns1.vytahokil.com A 203.186.128.183
stsh.vytahokil.com A 203.186.128.183
stp.vytahokil.com A 203.186.128.183
svr.vytahokil.com A 203.186.128.183
smt.vytahokil.com A 203.186.128.183
pnt.vytahokil.com A 203.186.128.183
dvt.vytahokil.com A 203.186.128.183
kanduvuzhxkvl.com A 203.186.128.183
ns1.kanduvuzhxkvl.com A 203.186.128.183
fjberiaorpodkam.com A 203.186.128.183
ns1.fjberiaorpodkam.com A 203.186.128.183
peiruaydm.com A 203.186.128.183
ns1.peiruaydm.com A 203.186.128.183
mafigaleran.com A 203.186.128.183
ns1.mafigaleran.com A 203.186.128.183
kruiahucn.com A 203.186.128.183
ns1.kruiahucn.com A 203.186.128.183
aprenauteon.com A 203.186.128.183
ns1.aprenauteon.com A 203.186.128.183
zagubonetkao.com A 203.186.128.183
ns1.zagubonetkao.com A 203.186.128.183
adufjekrlaodo.com A 203.186.128.183
gruvipeako.com A 203.186.128.183
grebadanchpo.com A 203.186.128.183
mgnsnurkaldp.com A 203.186.128.183
kgqopituyhq.com A 203.186.128.183
greensnakedr.com A 203.186.128.183
jajerkopr.com A 203.186.128.183
drubepdonaks.com A 203.186.128.183
vubernalps.com A 203.186.128.183
hguekallekfhgt.com A 203.186.128.183
ldkueekajerrnau.com A 203.186.128.183
otperdolu.com A 203.186.128.183
lvbakenghatdgv.com A 203.186.128.183
lapelkcmznxyytv.com A 203.186.128.183
zheloputanoz.com A 203.186.128.183
> Yongzhou City Guangzhiyuan Technology Development Co., LTD (abuse@86ad.com) / CRNET CHINA RAILWAY Internet(CRNET) (anti-spam@chinanet.cn.net) / CHINANET-BACKBONE No.31,Jin-rong Street (cncert@cert.org.cn)
IP ADDRESS OF HOST: 58.83.2.3
Please consult the Spamhaus advisories at:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL43899
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51900
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL64526
The IP address of this criminal site is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
The IP 58.83.2.3 is also currently being used by the following criminal websites and name servers:
ns1.zabatut.mobi A 58.83.2.3
ns2.apoliregujha.com A 58.83.2.3
aduperaktia.com A 58.83.2.3
ns1.aduperaktia.com A 58.83.2.3
ns2.alkdspeorja.com A 58.83.2.3
ns2.vugadherapika.com A 58.83.2.3
ns2.cmzuaeproka.com A 58.83.2.3
hlesborka.com A 58.83.2.3
ns1.hlesborka.com A 58.83.2.3
mvcuzhabejrkla.com A 58.83.2.3
ns1.mvcuzhabejrkla.com A 58.83.2.3
ns2.mvcuzhabejrkla.com A 58.83.2.3
lakdncviutirpa.com A 58.83.2.3
ns1.lakdncviutirpa.com A 58.83.2.3
ns2.lakdncviutirpa.com A 58.83.2.3
frusahupa.com A 58.83.2.3
ns1.frusahupa.com A 58.83.2.3
ns2.mbliepakeireta.com A 58.83.2.3
qopeiruandb.com A 58.83.2.3
ns1.qopeiruandb.com A 58.83.2.3
ns2.qopeiruandb.com A 58.83.2.3
ns2.drahejapec.com A 58.83.2.3
ns2.zerezhanuec.com A 58.83.2.3
kurtajcnzec.com A 58.83.2.3
ns1.kurtajcnzec.com A 58.83.2.3
ns2.freuipakc.com A 58.83.2.3
guheakeporkc.com A 58.83.2.3
ns1.guheakeporkc.com A 58.83.2.3
ns2.guheakeporkc.com A 58.83.2.3
mulakerjanc.com A 58.83.2.3
ns1.mulakerjanc.com A 58.83.2.3
ns2.mulakerjanc.com A 58.83.2.3
ns2.nugilakkoc.com A 58.83.2.3
mgmnrwhjfjbuc.com A 58.83.2.3
ns1.mgmnrwhjfjbuc.com A 58.83.2.3
ns2.mgmnrwhjfjbuc.com A 58.83.2.3
tjebancepoad.com A 58.83.2.3
ns1.tjebancepoad.com A 58.83.2.3
ns2.tjebancepoad.com A 58.83.2.3
ns2.akieuryhvgabd.com A 58.83.2.3
ns2.kirovaniked.com A 58.83.2.3
ns2.kgpvmaneryaid.com A 58.83.2.3
lglejrnguuaidkd.com A 58.83.2.3
ns1.lglejrnguuaidkd.com A 58.83.2.3
ns2.lglejrnguuaidkd.com A 58.83.2.3
ns2.aberagfudroald.com A 58.83.2.3
ns2.mchukgapend.com A 58.83.2.3
ns2.mguhjeekaldoppd.com A 58.83.2.3
ns2.cawejuukae.com A 58.83.2.3
ns2.keiposuee.com A 58.83.2.3
ns2.vnaueuyftgage.com A 58.83.2.3
ns2.rupazatrake.com A 58.83.2.3
kamenvuzydbf.com A 58.83.2.3
ns1.kamenvuzydbf.com A 58.83.2.3
fjuhtrerakf.com A 58.83.2.3
ns1.fjuhtrerakf.com A 58.83.2.3
ns2.fjuhtrerakf.com A 58.83.2.3
anudopdof.com A 58.83.2.3
ns1.anudopdof.com A 58.83.2.3
ns2.kerabudaniof.com A 58.83.2.3
ns2.fkguvmgkaneg.com A 58.83.2.3
ajirieqjhg.com A 58.83.2.3
ns1.ajirieqjhg.com A 58.83.2.3
ns2.ajirieqjhg.com A 58.83.2.3
ns2.akdpgpytjhrj.com A 58.83.2.3
ns2.ageramuchak.com A 58.83.2.3
sebangakiak.com A 58.83.2.3
ns1.sebangakiak.com A 58.83.2.3
ns2.sebangakiak.com A 58.83.2.3
vusderavgek.com A 58.83.2.3
ns1.vusderavgek.com A 58.83.2.3
ns2.vusderavgek.com A 58.83.2.3
ns2.lebuviptrek.com A 58.83.2.3
krwachik.com A 58.83.2.3
ns1.krwachik.com A 58.83.2.3
ns2.krwachik.com A 58.83.2.3
erpakidiuk.com A 58.83.2.3
ns1.erpakidiuk.com A 58.83.2.3
ns2.ajugradienal.com A 58.83.2.3
ns2.nubrapitoal.com A 58.83.2.3
ns2.abruvipel.com A 58.83.2.3
ns1.vytahokil.com A 58.83.2.3
ns2.vytahokil.com A 58.83.2.3
stsh.vytahokil.com A 58.83.2.3
stp.vytahokil.com A 58.83.2.3
pnt.vytahokil.com A 58.83.2.3
kanduvuzhxkvl.com A 58.83.2.3
ns1.kanduvuzhxkvl.com A 58.83.2.3
ns2.kanduvuzhxkvl.com A 58.83.2.3
ns2.fjberiaorpodkam.com A 58.83.2.3
peiruaydm.com A 58.83.2.3
kruiahucn.com A 58.83.2.3
zagubonetkao.com A 58.83.2.3
adufjekrlaodo.com A 58.83.2.3
vogadango.com A 58.83.2.3
vukigchako.com A 58.83.2.3
perdolizako.com A 58.83.2.3
grebadanchpo.com A 58.83.2.3
mgnsnurkaldp.com A 58.83.2.3
kgqopituyhq.com A 58.83.2.3
jajerkopr.com A 58.83.2.3
otperdolu.com A 58.83.2.3
zipenadotu.com A 58.83.2.3
dmanxhcyrgew.com A 58.83.2.3 | Quote: | | http://keiuuayr.cn |
|
|
| Back to top |
|
 |
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Tue May 27, 2008 4:57 am Post subject: |
|
|
Message delivery issues
| Quote: | support at afilias
Your mail to 'Support' with the subject
***SPAM: [SIRT#7841] Downloadable Software Spam on your network
(AS9269,AS9394,AS4134) {182949}
Is being held until the list moderator can review it for approval.
The reason it is being held:
The message headers matched a filter rule |
This address seems to no longer exist:
| Quote: | <anti-spam@chinanet.cn.net>: host ns.chinanet.cn.net[202.97.7.6] said: 553
sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) (in reply
to RCPT TO command) |
86ad.com is registered with Xin Net
| Quote: | <abuse@86ad.com>: host 86ad.com[202.59.157.215] said: 550 not local host
86ad.com, not a gateway (in reply to RCPT TO command) |
B.I.L.T. has SURBL filtering enabled:
| Quote: | <abuse@DNS.COM.CN>: host mail.DNS.COM.CN[122.70.138.16] said: 550 Does not like
recipient,your mail is rejected! (in reply to end of DATA command)
<cnreg@dns.com.cn>: host mail.DNS.COM.CN[122.70.138.16] said: 550 Does not like
recipient,your mail is rejected! (in reply to end of DATA command)
<huvan@dns.com.cn>: host mail.DNS.COM.CN[122.70.138.16] said: 550 Does not like
recipient,your mail is rejected! (in reply to end of DATA command)
<huyan@dns.com.cn>: host mail.DNS.COM.CN[122.70.138.16] said: 550 Does not like
recipient,your mail is rejected! (in reply to end of DATA command) |
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
