Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[email] [Soloway] (dazh.cn - dnsfamily.com) Re: regarding your site status

0 views
Skip to first unread message

TomezNet

unread,
Apr 8, 2006, 5:01:07 AM4/8/06
to
Received From:
IP 203.237.205.90 admin.woosuk.ac.kr
(at core.woosuk.ac.kr / b.dns.kr / snu.ac.kr)

Open proxy
http://opm.blitzed.org/203.237.205.90

Spamvert:
nebc.dazh.cn IP 220.166.64.52 (at CHINANET-SC)
ns2.dnsfamily.com [218.107.216.80]
(at CNCNET-CN / dns-xm1.fjxm.cncnet.net)
ns1.dnsfamily.com [218.85.132.246]
(at CHINANET-FJ / dns.fz.fj.cn)

Robert Soloway - Newport Internet Marketing
http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK1096

static.flickr.com IP 68.142.213.135
static.flickr.com Resolved to storage1.flickr.vip.mud.yahoo.com to IP
68.142.213.135
(at NS3.YAHOO.COM)

More info below:
====================
Return-Path: <BernardG...@ice.is>
Delivered-To: xx..xx@xx..xx.com
Received: (qmail 19712 invoked from network); 4 Apr 2006 00:56:16 -0000
Received: from xxx.ws2800.net (209.51.1.....)
by xx..xx..xx.net with DES-CBC3-SHA encrypted SMTP; 4 Apr 2006
00:56:16 -0000
Received: from [203.237.205.90] (helo=admin.woosuk.ac.kr)
by xxx.ws2800.net with smtp (Exim 4.52)
id 1FQZq3-00034k-HM; Mon, 03 Apr 2006 20:56:08 -0400
X-Message-Info: 117cbMaHCR41BqZE683YR00HJJrmHXHayjsPCrhZKkaq12A
Received: from clix.pt (90.102.15.46) by fu403-a96.sitek.net with
Microsoft SMTPSVC(2.3.3597.3509);
Tue, 04 Apr 2006 02:47:02 +0100
Received: from spray.no (anet.ne.jp 72.166.192.126)
by userzap.net (8.12.10/8.12.9) with ESMTP id ni72DN047
for <xx..xx@xx..xx.biz>; Tue, 04 Apr 2006 04:52:02 +0300
(EST)
(envelope-from BernardG...@ice.is)
Received: from O928328 (modemcable50.00-857.hz.inmail.sk
118.142.184.36)
(authenticated bits=1)
by chaiyomail.com (8.12.10/8.12.9) with ESMTP id
slt44OK27rpf866
for <xx..xx@xx..xx.biz>; Tue, 04 Apr 2006 03:55:02 +0200
(EST)
(envelope-from BernardG...@ice.is)
Message-ID: <8hob875au9$erc95t57b14$1zhv50a3@WAW6331388214523>
From: "Web Administrator" <BernardG...@ice.is>
To: [MUNGED]
Subject: Re: regarding your site status
Date: Tue, 04 Apr 2006 03:53:02 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--411188100978923572"
X-Spam-Flag: YES

Content-Type: text/html;

<font type="arial">
<a href="http://nebc.dazh.cn/"><img
src="http://static.flickr.com/54/115618537_7837705854_m.jpg"><BR><BR>
<font size=4><B>Click to Advertise Your Web Site Today for Free to
2,000,000 Email Users</A><BR><BR><BR><BR><BR>

<font size=2><i><b>...only if you are a non-profit charity.</b>simply
click on "charity info" on our corporate web site for<br>
full details on this non-commercial special offer to assist
charities. this non-commercial email &<br>
non-commercial email offer have a primary sole purpose to assist
non-profit charities with their<br>
non-commercial email message only. if you are not a non-profit charity,

please immediately delete<br>
this email, do not visit our web site, do not read this email, do not
contact us and do not respond<br>
to this email or email offer as this email is not intended for any
commercial purpose of any kind.<br><br>

another primary purpose of this email is to share with you some funny
and interesting signs...</html>

</div> </body> </html>

-- END OF SPAM --

More Soloway sightings:
http://groups.google.com/groups/search?q=Soloway+group%3A*abuse&start=0&scoring=d&

See:
IP 203.237.205.90 admin.woosuk.ac.kr

http://www.moensted.dk/spam/?addr=203.237.205.90
http://cbl.abuseat.org/lookup.cgi?ip=203.237.205.90
http://www.spamhaus.org/query/bl?ip=203.237.205.90
http://dsbl.org/listing?203.237.205.90

More 203.237.205.90 sightings:
http://groups.google.com/groups/search?q=203.237.205.90+group%3A*abuse

IPv4 Address : 203.237.205.0-203.237.205.255
Network Name : KREN-HOTLINE2003219141
Organization ID : ORG385502
Org Name : useokUniversity

ASN: 4766
ASN Name: KIXS-AS-KR (Korea Telecom)
http://www.cidr-report.org/cgi-bin/as-report?as=4766

6 SBL/ROKSO listings for IPs under the responsibility of snu.ac.kr
http://www.spamhaus.org/sbl/listings.lasso?isp=snu.ac.kr

See:
nebc.dazh.cn IP 220.166.64.52
ns2.dnsfamily.com [218.107.216.80]
ns1.dnsfamily.com [218.85.132.246] => CHINANET-FJ

Let see whois at whois.cnnic.net.cn:

Domain Name: dazh.cn
ROID: 20050904s10001s25639010-cn
Domain Status: ok
Registrant Organization: ????
Registrant Name: ???
Administrative Email: amen...@126.com
Sponsoring Registrar: ??????????????
Name Server:ns1.dnsfamily.com
Name Server:ns2.dnsfamily.com
Registration Date: 2005-09-04 12:00
Expiration Date: 2006-09-04 12:00

nebc.dazh.cn has no MX records -> dazh.cn has no MX records

http://www.moensted.dk/spam/?addr=220.166.64.52
http://www.spambag.org/cgi-bin/spambag?mailfrom=chinanetsc

inetnum: 220.166.64.0 - 220.166.65.255
netname: SC-MIANYANG-IDC
descr: SC-MIANYANG-IDC
descr: Mianyang,Sichuan
descr: PR China
country: CN

ASN: 4134
ASN Name: CHINANET-BACKBONE (No.31,Jin-rong Street)
http://www.cidr-report.org/cgi-bin/as-report?as=4134

See Soloway
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL39964

2 SBL/ROKSO listings for IPs under the responsibility of CHINANET-SC
http://www.spamhaus.org/sbl/listings.lasso?isp=CHINANET-SC

See:
static.flickr.com
Resolved static.flickr.com to storage1.flickr.vip.mud.yahoo.com to IP
68.142.213.135

av1-mrin.yahoo.com A IN 1800 216.145.48.106
av2-mrin.yahoo.com A IN 1800 216.145.48.70
ns1.yahoo.com A IN 172800 66.218.71.63
ns2.yahoo.com A IN 172800 66.163.169.170
ns3.yahoo.com A IN 172800 217.12.4.104
ns5.yahoo.com A IN 172800 216.109.116.17
ns7.yahoo.com A IN 172800 68.142.226.82

[static.flickr.com has 1 MX record (0)]

http://www.moensted.dk/spam/?addr=68.142.213.135

OrgName: Inktomi Corporation
OrgID: INKT

ASN: 14780
ASN Name: INKTOMI-LAWSON
http://www.cidr-report.org/cgi-bin/as-report?as=14780

5 SBL/ROKSO listings for IPs under the responsibility of yahoo.com
http://www.spamhaus.org/sbl/listings.lasso?isp=yahoo.com

Let see whois:
Registrar: EMARKMONITOR INC. DBA MARKMONITOR

Registrant:
Yahoo! Inc. (DOM-1391541)
701 First Avenue
Sunnyvale CA 94089
US

Domain Name: flickr.com

Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com

Administrative Contact:
Domain Administrator (NIC-1457976) Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
domai...@yahoo-inc.com
+1.4083493300
Fax- +1.4083493301
Technical Contact, Zone Contact:
Domain Administrator (NIC-1457976) Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
domai...@yahoo-inc.com
+1.4083493300
Fax- +1.4083493301

Created on..............: 2003-Nov-22.
Expires on..............: 2007-Nov-22.
Record last updated on..: 2005-Nov-09 15:09:25.

Domain servers in listed order:
NS1.YAHOO.COM
NS2.YAHOO.COM
NS3.YAHOO.COM
NS5.YAHOO.COM
NS7.YAHOO.COM

More static.flickr.com sightings:
http://groups.google.com/groups/search?q=flickr.com+group%3A*abuse&start=0&scoring=d&

See:
ns2.dnsfamily.com IP 218.107.216.80 (at dns-xm1.fjxm.cncnet.net)

ns2.dnsfamily.com has no MX records -> dnsfamily.com has no MX records

http://www.moensted.dk/spam/?addr=218.107.216.80
http://www.spamsources.fabel.dk/ip/218.107.216.80

inetnum: 218.107.192.0 - 218.107.223.255
netname: CNC-FJ-xiamen-MAN
country: CN
descr: Fujian Xiamen branch of China Netcom

ASN: 9929
ASN Name: CNCNET-CN (China Netcom Corp.)
http://www.cidr-report.org/cgi-bin/as-report?as=9929

5 SBL listings for IPs under the responsibility of china-netcom.com
http://www.spamhaus.org/sbl/listings.lasso?isp=china-netcom.com

Let see whois:
Registrar: XIN NET TECHNOLOGY CORPORATION

Domain Name: dnsfamily.com

DNS Servers:
NS1.4EVERDNS.COM 218.5.77.19
NS2.4EVERDNS.COM 61.151.252.240
NS1.DNSFAMILY.COM 218.85.132.246
NS2.DNSFAMILY.COM 218.107.216.80

Registrant:
huiyu chen
xiamen
361004

Administrative Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kittyyuc[]hotmail.com

Technical Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kitt...@hotmail.com

Billing Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kitt...@hotmail.com

Registration Date: 2006-01-09
Update Date: 2006-03-02
Expiration Date: 2007-01-09

Primary DNS: ns1.DNSFAMILY.com 218.85.132.246
Secondary DNS: ns2.DNSFAMILY.com 218.107.216.80

Cheers, Tomez

--
All postings to news.admin.net-abuse.sightings are unconfirmed and
unverified unless stated otherwise by the moderators. All opinions
expressed above are considered the opinions of the original poster,
not the moderators or their respective employers.

For a copy of the guidelines to this group, see:

http://www.killfile.org/~tskirvin/nana/

0 new messages