|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
seekaybee
SIRT Handler
Premium Member
Joined: Nov 14, 2007
Posts: 131
|
 Posted: Thu Jun 05, 2008 4:36 am Post subject: [SIRT#182532] Downloadable Software on sokjdkjrtiuw.com |
|
|
Spam Alert
Full Report:  /Downloadable_Software_spam182532.html
Changed status to confirmed spam.IP Converted: 203.186.128.183
dword = 3417997495
hex1 = 0xcbba80b7
hex2 = 0xcb.0xba.0x80.0xb7
oct = 0313.0272.0200.0267
View CIDR AS9269 Report: http://www.cidr-report.org/cgi-bin/as-report?as=9269
"9269 | HK | apnic | 1998-02-13 | CTIHK-AS-AP City Telecom (H.K.) Ltd."<br />
Extended information for AS9269:
State/Province:
Country: hk
Responsible Domain: ctihk.com
Abuse Email: abuse@ctihk.com
Criminal Evidence
See the Spam Wiki entry at http://www.spamtrackers.eu/wiki/index.php?title=Downloadable_Software
or from China: http://www.spamtrackers.hk/wiki/index.php?title=Downloadable_Software
See the McAfee Site Advisor information at http://siteadvisor.com/sites/sokjdkjrtiuw.com
> FORTUNE INTERNET, INC. / 0101 Internet, Inc.
REGISTRATION OF THE WEB SITE: sokjdkjrtiuw.com
ACTION: To suspend this criminal site which breaks your terms of service, set the domain status to clientHold
This criminal registrant has registered at least 84 other domains which are hosting the same illegal site. See "OTHER DOMAINS" below.
> BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
REGISTRATION OF THE NAME SERVERS
These name servers are registered by criminals to resolve only illegal web sites. This breaks your terms of service. You can safely suspend them:
ns1.laga-soft.com 58.83.2.3
ns2.laga-soft.com 203.186.128.183
The domain laga-soft.com was suspended on 2008-02-24, but these name servers are still working. Please remove the name server Address records.
ns1.zabatut.mobi 58.83.2.3
ns2.zabatut.mobi 203.186.128.183
The domain zabatut.mobi was suspended on 2007-10-20, but these name servers are still working. Please remove the name server Address records.
ns1.osel-soft.com 58.83.2.3
ns2.osel-soft.com 203.186.128.183
The domain osel-soft.com was suspended on 2008-02-24, but these name servers are still working. Please remove the name server Address records.
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
CLIENTHOLD IS NOT SUFFICIENT TO DISABLE A NAME SERVER.
> CTIHK / City Telecom (H.K.) Ltd. (abuse@ctihk.com, hostmaster@ctihk.com, abuse@hkbn.net)
> ATTN: China CERT (cncert@cert.org.cn)
IP ADDRESS OF HOST: 203.186.128.183
Please see Spamhaus advisories for this IP:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL64938
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL65098
The IP address of this criminal site is within your allocated address space.
ACTION: Black-hole the route to this address to prevent further criminal activity
Please see Spamhaus list of current spam problems involving CTIHK / City Telecom (H.K.) Ltd.:
http://www.spamhaus.org/sbl/listings.lasso?isp=ctihk.com
OTHER DOMAINS:
ATTN:
> FORTUNE INTERNET, INC. / 0101 Internet, Inc.
> CTIHK / City Telecom (H.K.) Ltd.
> China CERT
The domains below are all using the IP 203.186.128.183 to host the same criminal site.
These domains were all registered by FORTUNE INTERNET, INC. / 0101 Internet, Inc.
To the domain name registrar (FORTUNE INTERNET, INC. / 0101 Internet, Inc.):
Please suspend all of these domains by setting the domain status to clientHold:
aberagfudroald.com
adufjekrlaodo.com
ajdugoeop.com
ajirieqjhg.com
ajiurtyvyytabd.com
ajkhnrmtghury.com
ajugradienal.com
akcmvueedyfha.com
akdpgpytjhrj.com
akjdfiuozxy.com
akkiuetbnvbxzye.com
amxbvyegabdk.com
amxlvlrekjrrj.com
amxnveeaixpc.com
anuepirlkajd.com
anxhgurywjdl.com
apehauerao.com
apoliregujha.com
appckznejgyay.com
arglaepocuvf.com
bjtuwprrkg.com
bukapidrak.com
buregruvfje.com
cevuryaagek.com
cnauzyxkefre.com
dkkituyhagbebf.com
erpakidiuk.com
fbnaufycbve.com
fjberiaorpodkam.com
fjuhtrerakf.com
fkbmturywekg.com
fldkviepoake.com
flgobiayhxb.com
fnbmpaoeirhyyb.com
frusahupa.com
gbnmxhnurye.com
gksjiwuetnak.com
gyerhekakeoik.com
iaufiajxnfehy.com
irloikowufy.com
iuryahgcbhzhaej.com
jreopolakejf.com
jueraoipleka.com
jvkvhzheutioaspd.com
kdoitueuryfgvavec.com
kdouaueereurgfva.com
kerabudaniof.com
kfmvpoleklad.com
kftyiuskemdn.com
kgoieutrkjhn.com
kiureaskiut.com
kttmandhyvyuek.com
lakdncviutirpa.com
mchukgapend.com
mgmnrwhjfjbuc.com
mgnsnurkaldp.com
mguhjeekaldoppd.com
mturikkneryu.com
muuvjekaeldp.com
mvcuzhabejrkla.com
netragopak.com
nslfoughzcmz.com
poaiiuhujgnbcva.com
qopeiruandb.com
rjuytbzrmtlgo.com
sebangakiak.com
skjdufuguysrt.com
slfvpoxufnba.com
soikdjfkajet.com
sokjdkjrtiuw.com
ssupivakret.com
tjebancepoad.com
uajikdipaodijf.com
verrfuhkrf.com
vnaueuyftgage.com
vuepiakdecna.com
vukigchako.com
vuriurapeo.com
vusderavgek.com
vuyiopaek.com
wlojrjifiayawh.com
xdenthutop.com
xerahduzpxi.com
zlvpzoicuehb.com
Consumed following related reports:
[174882] http://apoliregujha.com
[178175] http://drubepdonaks.com
[178974] http://mguhjeekaldoppd.com
[179431] http://fjberiaorpodkam.com
[180525] http://muuvjekaeldp.com
[180562] http://skjdufuguysrt.com
[180753] http://amxbvyegabdk.com
[180855] http://zlvpzoicuehb.com
[180899] http://akjdfiuozxy.com
[180945] http://fkbmturywekg.com
[180946] http://verrfuhkrf.com
[181122] http://kttmandhyvyuek.com
[181123] http://kttmandhyvyuek.com/
[181231] http://fnbmpaoeirhyyb.com
[181367] http://gksjiwuetnak.com
[182244] http://kgoieutrkjhn.com
[182998] http://dkkituyhagbebf.com
[182999] http://aberagfudroald.com
[182631] http://sokjdkjrtiuw.com/
[183003] http://wlojrjifiayawh.com
[183009] http://ajdugoeop.com
[183010] http://ajkhnrmtghury.com
[183011] http://akcmvueedyfha.com
[183012] http://amxlvlrekjrrj.com
[183013] http://amxnveeaixpc.com
[183014] http://anuepirlkajd.com
[183015] http://anxhgurywjdl.com
[183017] http://appckznejgyay.com
[183018] http://arglaepocuvf.com
[183023] http://bjtuwprrkg.com
[183024] http://bukapidrak.com
[183025] http://buregruvfje.com
[183026] http://cevuryaagek.com
[183027] http://cnauzyxkefre.com
[183028] http://fbnaufycbve.com
[183029] http://fldkviepoake.com
[183030] http://flgobiayhxb.com
[183031] http://gbnmxhnurye.com
[183033] http://gyerhekakeoik.com
[183034] http://iaufiajxnfehy.com
[183035] http://irloikowufy.com
[183036] http://iuryahgcbhzhaej.com
[183037] http://jreopolakejf.com
[183038] http://jueraoipleka.com
[183039] http://kfmvpoleklad.com
[183040] http://kftyiuskemdn.com
[183041] http://kiureaskiut.com
[183042] http://mturikkneryu.com
[183043] http://nslfoughzcmz.com
[183044] http://poaiiuhujgnbcva.com
[183045] http://rjuytbzrmtlgo.com
[183046] http://slfvpoxufnba.com
[183047] http://ssupivakret.com
[183048] http://uajikdipaodijf.com
[183119] http://vnaueuyftgage.com
[183122] http://vuepiakdecna.com
[183124] http://vuriurapeo.com
[183127] http://xerahduzpxi.com
| Quote: | | http://sokjdkjrtiuw.com |
|
|
| Back to top |
|
 |
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Thu Jun 05, 2008 9:13 pm Post subject: |
|
|
The original message was received at Thu, 05 Jun 2008 12:40:06 +0800
----- The following addresses had permanent fatal errors -----
<tomatofatboy@mail2web.com>
----- Transcript of session follows -----
... while talking to xsmtpin01.mail2web.com
>>> DATA
<<< 550 Rejected looks like spam score=15.8 required=5.0 trigger=11.0
=====================================
The original message was received at Thu, 05 Jun 2008 12:39:49 +0800
----- The following addresses had permanent fatal errors -----
<alfredbackup@mail2web.com>
----- Transcript of session follows -----
... while talking to xsmtpin01.mail2web.com
>>> DATA
<<< 550 Rejected looks like spam score=15.8 required=5.0 trigger=11.0
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Thu Jun 05, 2008 9:16 pm Post subject: |
|
|
Final-Recipient: rfc822; abuse@DNS.COM.CN
Action: failed
Status: 5.0.0
Remote-MTA: dns; mail.DNS.COM.CN
Diagnostic-Code: smtp; 550 Does not like recipient,your mail is rejected!
Final-Recipient: rfc822; cnreg@dns.com.cn
Action: failed
Status: 5.0.0
Remote-MTA: dns; mail.DNS.COM.CN
Diagnostic-Code: smtp; 550 Does not like recipient,your mail is rejected!
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Thu Jun 05, 2008 9:19 pm Post subject: |
|
|
The original message was received at Thu, 5 Jun 2008 12:38:47 +0800
from imss2.hkbn.net [203.186.94.25]
----- The following addresses had permanent fatal errors -----
craigli
(reason: 550 5.1.1 User unknown)
(expanded from: <hostmaster@ctihk.com>)
----- Transcript of session follows -----
550 5.1.1 craigli... User unknown
--m554cns2015062.1212640729/mail2.ctihk.com
Content-Type: message/delivery-status
Reporting-MTA: dns; mail2.ctihk.com
Received-From-MTA: DNS; imss2.hkbn.net
Arrival-Date: Thu, 5 Jun 2008 12:38:47 +0800
Final-Recipient: RFC822; hostmaster@ctihk.com
X-Actual-Recipient: RFC822; craigli@mail2.ctihk.com
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Unix; 550 5.1.1 User unknown
Last-Attempt-Date: Thu, 5 Jun 2008 12:38:49 +0800
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
