Spam Alert
Full Report:  /MaxGain_spam192151.html
Consumed following related reports:
[178308] http://www.posirjire.com/
[192148] http://www.posirjire.com/testimonials.php
[192149] http://www.posirjire.com/privacy.php
[192150] http://www.posirjire.com/order.php
[192152] http://www.posirjire.com/faq.php
[192153] http://www.posirjire.com/counter.php
[192154] http://www.posirjire.com/#top
[192155] http://www.posirjire.com/#
Changed status to confirmed spam.IP Converted: 61.162.229.152
dword = 1034085784
hex1 = 0x3da2e598
hex2 = 0x3d.0xa2.0xe5.0x98
oct = 075.0242.0345.0230
View CIDR AS4837 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4837
"4837 | CN | apnic | 2001-09-17 | CHINA169-BACKBONE CNCGROUP China169 Backbone"<br />
Extended information for AS4837:
State/Province:
Country: cn
Responsible Domain: cnc-noc.net
Abuse Email: abuse@cnc-noc.net
IP Converted: 124.236.241.91
dword = 2095903067
hex1 = 0x7cecf15b
hex2 = 0x7c.0xec.0xf1.0x5b
oct = 0174.0354.0361.0133
View CIDR AS4134 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4134
"4134 | CN | apnic | 2002-08-01 | CHINANET-BACKBONE No.31,Jin-rong Street"<br />
Extended information for AS4134:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
View CIDR AS17672 Report: http://www.cidr-report.org/cgi-bin/as-report?as=17672
"17672 | CN | apnic | 2002-11-18 | CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT"<br />
Extended information for AS17672:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
Criminal Evidence
See the Spam Wiki entry at http://www.spamtrackers.eu/wiki/index.php?title=MaxGain
or from China: http://www.spamtrackers.hk/wiki/index.php?title=MaxGain
See the McAfee Site Advisor information at http://siteadvisor.com/sites/posirjire.com
> XIN NET TECHNOLOGY CORPORATION / SINO-I
REGISTRATION OF THE WEB SITE: posirjire.com
ACTION: To suspend this criminal site which breaks your terms of service, set the domain status to clientHold
> XIN NET TECHNOLOGY CORPORATION / SINO-I
REGISTRATION OF THE NAME SERVERS
These name servers are registered by criminals to resolve only illegal web sites. This breaks your terms of service. You can safely suspend them:
ns1.wartyei.com 61.162.229.152 61.162.229.152 Blacklisted China http://rss.uribl.com/ns/wartyei_com.html http://www.spamhaus.org/query/bl?ip=61.162.229.152 | http://www.spamhaus.org/SBL/sbl.lasso?query=SBL65446
ns2.wartyei.com 124.236.241.91 124.236.241.91 Blacklisted China http://rss.uribl.com/ns/wartyei_com.html http://www.spamhaus.org/SBL/sbl.lasso?query=SBL65127
ACTION: To suspend these name servers successfully, follow these steps.
1. set the ns Address records to a non-routable address, such as 127.0.0.1 or 61.61.61.61.
2. Set the domain status to clientUpdateProhibited, clientTransferProhibited, clientDeleteProhibited, and clientHold
> CHINA169-BACKBONE CNCGROUP China169 Backbone (incl. postmaster@sd.cninfo.net,security@pub.sd.cninfo.net,postmaster@pub.sd.cninfo.net,abuse@cnc-noc.net)
IP ADDRESS OF HOST: 61.162.229.152
The IP address of this criminal site is within your allocated address space.
This IP address is currently linked with the following fraudulent, criminal-operated domains:
www.sidanisa.com A 61.162.229.152
ajiuesnbe.com A 61.162.229.152
www.sewatice.com A 61.162.229.152
www.rabusyce.com A 61.162.229.152
tidide.com A 61.162.229.152
ns1.daleakee.com A 61.162.229.152
ns2.jmapeanee.com A 61.162.229.152
www.geferofe.com A 61.162.229.152
www.tarobyge.com A 61.162.229.152
www.polilyhe.com A 61.162.229.152
ihoestie.com A 61.162.229.152
ns2.juaeaeale.com A 61.162.229.152
www.lebomele.com A 61.162.229.152
www.bariqile.com A 61.162.229.152
www.sasavile.com A 61.162.229.152
www.tygenime.com A 61.162.229.152
www.homasane.com A 61.162.229.152
butitane.com A 61.162.229.152
www.copanone.com A 61.162.229.152
www.sohidere.com A 61.162.229.152
www.cisatere.com A 61.162.229.152
ns1.oieusnre.com A 61.162.229.152
www.lenocase.com A 61.162.229.152
www.sitogase.com A 61.162.229.152
www.tiderase.com A 61.162.229.152
www.homotase.com A 61.162.229.152
www.favafate.com A 61.162.229.152
www.sisimate.com A 61.162.229.152
www.rymisete.com A 61.162.229.152
www.talupite.com A 61.162.229.152
tidirote.com A 61.162.229.152
www.satymewe.com A 61.162.229.152
laniriwe.com A 61.162.229.152
www.notisjwe.com A 61.162.229.152
www.motohowe.com A 61.162.229.152
www.devotowe.com A 61.162.229.152
fesimeg.com A 61.162.229.152
www.wolisifi.com A 61.162.229.152
www.dotidali.com A 61.162.229.152
www.hetarini.com A 61.162.229.152
www.totapivi.com A 61.162.229.152
www.wickalek.com A 61.162.229.152
ns2.quwateen.com A 61.162.229.152
mafinon.com A 61.162.229.152
www.taresamo.com A 61.162.229.152
www.wotybito.com A 61.162.229.152
www.warogavo.com A 61.162.229.152
www.holigies.com A 61.162.229.152
sorasos.com A 61.162.229.152
ploeysous.com A 61.162.229.152
ns2.freallent.com A 61.162.229.152
www.coaywaiu.com A 61.162.229.152
www.ceranelu.com A 61.162.229.152
www.titenely.com A 61.162.229.152
www.natipasy.com A 61.162.229.152
www.dofolety.com A 61.162.229.152
www.vibunesz.com A 61.162.229.152
ACTION: Black-hole the route to this address to prevent further criminal activity
> CHINANET-BACKBONE No.31,Jin-rong Street
> CHINATELECOM-HE-AS-AP asn for Hebei Provincial Net of CT (incl. hostmaster@hbtele.com,postmaster@hbtele.com,anti-spam@ns.chinanet.cn.net)
IP ADDRESS OF NAMESERVER: 124.236.241.91
The IP address of this criminal nameserver is within your allocated address space.
This IP address is currently linked with the following fraudulent, criminal-operated domains:
www.lamiucca.com A 124.236.241.91
www.towowida.com A 124.236.241.91
www.flaipnea.com A 124.236.241.91
www.polraha.com A 124.236.241.91
www.wocemiha.com A 124.236.241.91
www.mizaleka.com A 124.236.241.91
www.vigamiqa.com A 124.236.241.91
www.sidanisa.com A 124.236.241.91
www.wehasata.com A 124.236.241.91
www.totihota.com A 124.236.241.91
www.franveeac.com A 124.236.241.91
www.satteac.com A 124.236.241.91
www.qualietac.com A 124.236.241.91
www.halkteacc.com A 124.236.241.91
ns2.faneanic.com A 124.236.241.91
www.danxiesc.com A 124.236.241.91
onlayted.com A 124.236.241.91
soopiwae.com A 124.236.241.91
www.cibalibe.com A 124.236.241.91
www.tiwutibe.com A 124.236.241.91
www.socolace.com A 124.236.241.91
www.tisigece.com A 124.236.241.91
www.sjfatice.com A 124.236.241.91
www.sewatice.com A 124.236.241.91
www.rabusyce.com A 124.236.241.91
www.towadede.com A 124.236.241.91
www.gafipode.com A 124.236.241.91
ns1.lakenteee.com A 124.236.241.91
ns1.daleakee.com A 124.236.241.91
ns2.daleakee.com A 124.236.241.91
www.jimalmee.com A 124.236.241.91
www.usatenee.com A 124.236.241.91
girlafe.com A 124.236.241.91
www.geferofe.com A 124.236.241.91
www.secatyfe.com A 124.236.241.91
www.tarobyge.com A 124.236.241.91
www.kaneahe.com A 124.236.241.91
www.bmrlaihe.com A 124.236.241.91
www.vmaoitphe.com A 124.236.241.91
www.polilyhe.com A 124.236.241.91
www.lumpstie.com A 124.236.241.91
elkinke.com A 124.236.241.91
www.mijjaele.com A 124.236.241.91
www.lebomele.com A 124.236.241.91
ns2.craipele.com A 124.236.241.91
ns2.poasetele.com A 124.236.241.91
www.bariqile.com A 124.236.241.91
www.sasavile.com A 124.236.241.91
www.stiackle.com A 124.236.241.91
jaihanle.com A 124.236.241.91
www.sabeatle.com A 124.236.241.91
www.talumame.com A 124.236.241.91
www.tygenime.com A 124.236.241.91
www.rotatome.com A 124.236.241.91
www.hogosume.com A 124.236.241.91
www.tinalyme.com A 124.236.241.91
kacceane.com A 124.236.241.91
www.homasane.com A 124.236.241.91
www.wisodene.com A 124.236.241.91
ealkene.com A 124.236.241.91
www.salonine.com A 124.236.241.91
www.copanone.com A 124.236.241.91
www.sigaripe.com A 124.236.241.91
www.sohidere.com A 124.236.241.91
www.fuwimere.com A 124.236.241.91
www.tydinere.com A 124.236.241.91
www.cisatere.com A 124.236.241.91
ns2.fissaure.com A 124.236.241.91
www.lenocase.com A 124.236.241.91
www.sitogase.com A 124.236.241.91
www.sibonase.com A 124.236.241.91
www.tiderase.com A 124.236.241.91
www.homotase.com A 124.236.241.91
www.ortugaese.com A 124.236.241.91
www.tasidese.com A 124.236.241.91
www.faligrese.com A 124.236.241.91
www.gorofise.com A 124.236.241.91
www.nugpise.com A 124.236.241.91
www.sitatose.com A 124.236.241.91
www.tohobate.com A 124.236.241.91
www.favafate.com A 124.236.241.91
www.tonohate.com A 124.236.241.91
www.todalate.com A 124.236.241.91
zalatye.com A 124.236.241.91
daneteyi.com A 124.236.241.91
plenivalk.com A 124.236.241.91
nubouesk.com A 124.236.241.91
waynavel.com A 124.236.241.91
kuhikil.com A 124.236.241.91
hiualkes.com A 124.236.241.91
ccuicuis.com A 124.236.241.91
bracruis.com A 124.236.241.91
dailleks.com A 124.236.241.91
satnills.com A 124.236.241.91
lympeans.com A 124.236.241.91
alsmoats.com A 124.236.241.91
raohusst.com A 124.236.241.91
oplioeitt.com A 124.236.241.91
ACTION: Black-hole the route to this address to prevent further criminal activity
The criminality of these domain names can be verified using the following SiteAdvisor link format, http://www.siteadvisor.com/lookup/?q=domainname.tld
CRIMINAL EVIDENCE - VIOLATION OF CAN-SPAM LAWS:
Delivered-To: xxx
Received: by 10.151.45.9 with SMTP id x9cs105670ybj;
Sat, 24 May 2008 05:22:47 -0700 (PDT)
Received: by 10.210.59.14 with SMTP id h14mr2047935eba.13.1211631765561;
Sat, 24 May 2008 05:22:45 -0700 (PDT)
Return-Path: <Mai-uoyjat@3d-systems.co.uk>
Received: from ?78.89.2.102? ([78.89.2.102])
by mx.google.com with ESMTP id i4si9671549nfh.1.2008.05.24.05.22.43;
Sat, 24 May 2008 05:22:45 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning Mai-uoyjat@3d-systems.co.uk does not designate 78.89.2.102 as permitted sender) client-ip=78.89.2.102;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning Mai-uoyjat@3d-systems.co.uk does not designate 78.89.2.102 as permitted sender) smtp.mail=Mai-uoyjat@3d-systems.co.uk
User-Agent: Microsoft-Entourage/12.1.0.080305
Date: Sat, 24 May 2008 15:22:40 +0300
Subject: Jammin with 9 full
From: Mai <Mai-uoyjat@3d-systems.co.uk>
To: "xxx" <xxx>
Message-ID: <DE466296.4%Mai-uoyjat@3d-systems.co.uk>
Thread-Topic: Jammin with 9 full
Thread-Index: Aci9sgF1Pp+aezR3TlqtlkojZwA52A==
Mime-version: 1.0
Content-type: multipart/alternative;
boundary="B_5932288118_12525"
--B_5932288118_12525
Content-type: text/plain;
charset="US-ASCII"
Content-transfer-encoding: 7bit
The bare truth is that these wonderful pills truly do enhance your performance http://www.posirjire.com/
--B_5932288118_12525
Content-type: text/html;
charset="US-ASCII"
Content-transfer-encoding: quoted-printable
<HTML>
<HEAD>
<TITLE>Jammin with 9 full</TITLE>
</HEAD>
<BODY>
<FONT SIZE=3D"4"><FONT FACE=3D"Verdana, Arial"><SPAN =
STYLE=3D'font-size:11pt'>The bare truth is that these wonderful pills =
truly do enhance your performance <a =
href=3D"http://www.posirjire.com/">http://www.posirjire.com/</a><BR>
</SPAN></FONT></FONT></FONT>
</BODY>
</HTML>
--B_5932288118_12525--
In the chance that this commercial mailer associated with this mailing is found to be a U.S. citizen and linked with off-shore hosting/registration, and use of hijacked servers in the future, this mailing was sent in violation of many requirements set forth by the CAN-SPAM Act outlined at the following page:
http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm
> ATTN: China CERT
You are being copied this report due to the fact that the servers and the ISPs currently providing service to these criminally-operated domain names are within your jurisdiction.
Please meet with the hosts, and customers associated with the machines behind these IP addresses and ensure that the machines connecting to these IP addresses are cleaned of all malicious intent. For help, reference the CastleCops Malware Removal and Prevention article:
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
Further, enforce the need for hightened Internet Security, and the need for stronger and more secure password phrases to prevent further malicious abuse from these addresses.
| Quote: | | http://www.posirjire.com/index.php |
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
