[email] Fwd: *****SPAM***** Дрочи за копейки
Mike Paulsen
ORIGIN: 189.56.85.248
ab...@empresas.telefonica.com.br
SITE: www.nipdit.org/ra.html 68.14.239.41
ab...@cox.net
REDIRECTS TO: http://pornoporka.com/tds/tds.php?wmid=1916&sid=2351
pornoporka.com 91.202.63.89
noc.a...@gmail.com
NS: for pornoporka.com provided by everydns.net
ab...@everydns.net
REDIRECTS TO: http://gag-teens.com/tds/?rid=1377
gag-teens.com 79.143.177.7 (in a VDHost.info netblock)
whois -h whois.abuse.net vdhost.info ...
dnsm...@z8.ru (for vdhost.info)
ab...@peterstar.ru (for vdhost.info)
n...@peterstar.com (for vdhost.info)
ab...@publicdomainregistry.com (for vdhost.info)
ab...@peterstar.com (for vdhost.info)
postm...@vdhost.info (for vdhost.info)
postm...@peterhost.ru (for vdhost.info)
l...@rtcomm.ru (for vdhost.info)
dnsm...@peterhost.ru (for vdhost.info)
ab...@rtcomm.ru (for vdhost.info)
ab...@peterhost.ru (for vdhost.info)
ab...@z8.ru (for vdhost.info)
n...@peterhost.ru (for vdhost.info)
ab...@directi.com (for vdhost.info)
ab...@peterstar.net (for vdhost.info)
ab...@directihosting.com (for vdhost.info)
NS for gag-teens.com provided by 36063.earth.orderbox-dns.com
ab...@orderbox-dns.com
ab...@opticaljungle.com
ab...@theplanet.com
REDIRECTS TO: http://video-vitrina.biz/tds/?s_id=1&rid=1377
video-vitrina.biz 79.143.177.7
NS for video-vitrina.biz provided by ns1.nameself.com 195.161.113.218
whois -h whois.abuse.net nameself.com ...
p...@regtime.net (for nameself.com)
in...@regtime.net (for nameself.com)
ab...@rtcomm.ru (for nameself.com)
sup...@webnames.ru (for nameself.com)
ab...@masterhost.ru (for nameself.com)
postm...@nameself.com (for nameself.com)
12/05/08 12:53:48 Browsing http://www.nipdit.org/ra.html
Fetching http://www.nipdit.org/ra.html ...
GET /ra.html HTTP/1.1
Host: www.nipdit.org
Connection: close
User-Agent: Sam Spade 1.14
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Connection: close
Date: Fri, 05 Dec 2008 18:41:17 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Fri, 05 Dec 2008 13:39:20 GMT
ETag: "6a7486e0de56c91:10243"
Content-Length: 129
<script type="text/javascript">
<!--
window.location = "http://pornoporka.com/tds/tds.php?wmid=1916&sid=2351"
//-->
=========
12/05/08 13:09:03 Browsing http://pornoporka.com/?wmid=1916&sid=2351
Fetching http://pornoporka.com/?wmid=1916&sid=2351 ...
GET /?wmid=1916&sid=2351 HTTP/1.1
Host: pornoporka.com
Connection: close
User-Agent: Sam Spade 1.14
HTTP/1.1 302 Found
Server: nginx/0.6.32
Date: Fri, 05 Dec 2008 19:09:34 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.6
Set-Cookie: PHPSESSID=copas3qrk84tbu0au6vgh63fo0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Location: http://gag-teens.com/tds/?rid=1377
Content-Length: 0
=========
12/05/08 13:22:07 Browsing http://gag-teens.com/tds/?rid=1377
Fetching http://gag-teens.com/tds/?rid=1377 ...
GET /tds/?rid=1377 HTTP/1.1
Host: gag-teens.com
Connection: close
User-Agent: Sam Spade 1.14
HTTP/1.1 200 OK
Date: Fri, 05 Dec 2008 19:21:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch13
Set-Cookie: PHPSESSID=9ed06de7a4eeb8c34366aa82a8e0ba7c; path=/;
domain=.gag-teens.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Set-Cookie: prt_rid=1377; expires=Mon, 15-Dec-2008 19:21:30 GMT; path=/;
domain=.gag-teens.com
Set-Cookie: prt_sub=deleted; expires=Thu, 06-Dec-2007 19:21:29 GMT;
path=/; domain=.gag-teens.com
Content-Length: 5149
Connection: close
Content-Type: text/html; charset=UTF-8
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ПоÃ`€Ð½Ð¾-поÃ`€Ã`‚ал</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Description" content="ПоÃ`€Ð½Ð¾-поÃ`€Ã`‚ал" />
<meta name="Keywords" content="ПоÃ`€Ð½Ð¾-поÃ`€Ã`‚ал" />
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td style="padding: 20px 20px 20px 20px;" align="center">
<table style="border: 1px solid #FF0000;">
<tr>
<td style="padding: 2px 2px 2px 2px;">
<a href="http://video-vitrina.biz/tds/?s_id=1&rid=1377"
title="Ð�€TMидео-виÃ`‚Ã`€Ð¸Ð½Ð°"><img
src="http://gag-teens.com/tds/img/PVITR.png" border="0"
alt="Ð�€TMидео-виÃ`‚Ã`€Ð¸Ð½Ð°" title="Ð�€TMидео-виÃ`‚Ã`€Ð¸Ð½Ð°"
style="width: 304px;" /></a>
(snip)
=========
C:\>dig @ns1.everydns.net pornoporka.com +norec
; <<>> DiG 9.4.1-P1 <<>> @ns1.everydns.net pornoporka.com +norec
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1745
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;pornoporka.com. IN A
;; ANSWER SECTION:
pornoporka.com. 3600 IN A 91.202.63.89
;; AUTHORITY SECTION:
pornoporka.com. 86400 IN NS ns1.everydns.net.
pornoporka.com. 86400 IN NS ns2.everydns.net.
pornoporka.com. 86400 IN NS ns3.everydns.net.
pornoporka.com. 86400 IN NS ns4.everydns.net.
;; ADDITIONAL SECTION:
ns1.everydns.net. 7200 IN A 71.6.202.220
ns2.everydns.net. 7200 IN A 204.152.184.150
ns3.everydns.net. 7200 IN A 208.76.56.56
ns4.everydns.net. 7200 IN A 208.96.6.134
;; Query time: 343 msec
;; SERVER: 71.6.202.220#53(71.6.202.220)
;; WHEN: Fri Dec 05 13:02:29 2008
;; MSG SIZE rcvd: 196
==============
C:\>dig @36063.earth.orderbox-dns.com gag-teens.com +norec
; <<>> DiG 9.4.1-P1 <<>> @36063.earth.orderbox-dns.com gag-teens.com +norec
; (3 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 286
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;gag-teens.com. IN A
;; ANSWER SECTION:
gag-teens.com. 38400 IN A 79.143.177.7
;; Query time: 78 msec
;; SERVER: 67.15.253.219#53(67.15.253.219)
;; WHEN: Fri Dec 05 13:27:35 2008
;; MSG SIZE rcvd: 47
=========
C:\>dig @ns1.nameself.com video-vitrina.biz +norec
; <<>> DiG 9.4.1-P1 <<>> @ns1.nameself.com video-vitrina.biz +norec
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1910
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;video-vitrina.biz. IN A
;; ANSWER SECTION:
video-vitrina.biz. 28800 IN A 79.143.177.7
;; AUTHORITY SECTION:
video-vitrina.biz. 28800 IN NS ns2.nameself.com.
video-vitrina.biz. 28800 IN NS ns1.nameself.com.
;; ADDITIONAL SECTION:
ns1.nameself.com. 3600 IN A 195.161.113.218
ns2.nameself.com. 3600 IN A 217.16.27.38
ns2.nameself.com. 3600 IN A 80.93.50.149
;; Query time: 453 msec
;; SERVER: 195.161.113.218#53(195.161.113.218)
;; WHEN: Fri Dec 05 13:38:33 2008
;; MSG SIZE rcvd: 147
==========
-------- Original Message --------
From: - Fri Dec 05 09:10:49 2008
X-Account-Key: account2
X-UIDL: <630994025.63...@boardroomconsultants.com>
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <trg...@boardroomconsultants.com>
Received: from aacpub01.charter.net ([10.20.200.48]) by
mta51.charter.net (InterMail vM.7.09.01.00 201-2219-108-20080618) with
ESMTP id
<20081205150807.CAQF2...@aacpub01.charter.net> for
<mpau...@charterinternet.com>; Fri, 5 Dec 2008 10:08:07 -0500
Received: from mail2.joker-forward.com ([194.245.148.4]) by
aacpub01.charter.net with SMTP id
<20081205150807.KUNY990...@mail2.joker-forward.com>
for <mpau...@charterinternet.com>; Fri, 5 Dec 2008 10:08:07 -0500
Received: from unknown (HELO ?189.56.85.248?) (189.56.85.248) by
mailfw2.joker-forward.com with SMTP; 5 Dec 2008 15:08:18 -0000
Received: from [189.56.85.248] by
boardroomconsultants.com.s7a1.psmtp.com; Fri, 5 Dec 2008 12:08:01 -0300
X-Spam-ASN: AS10429 189.56.0.0/16
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
mailfw2.joker-forward.com
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.9 required=6.0
tests=HTML_MESSAGE,MIME_HTML_ONLY,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL,RDNS_NONE autolearn=disabled
version=3.2.4
X-Spam-Report: * 2.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay
in bl.spamcop.net * [Blocked - see
<http://www.spamcop.net/bl.shtml?189.56.85.248>] * 2.9 RCVD_IN_XBL RBL:
Received via a relay in Spamhaus XBL * [189.56.85.248 listed in
zen.spamhaus.org] * 0.0 HTML_MESSAGE BODY: HTML included in message *
1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts * 0.1
RDNS_NONE Delivered to trusted network by a host with no rDNS
Date: Fri, 5 Dec 2008 12:08:01 -0300
From: Ruth Mcleod <trg...@boardroomconsultants.com>
X-Mailer: The Bat! (v2.10.01) Educational
Reply-To: trg...@boardroomconsultants.com
X-Priority: 3 (Normal)
Message-ID: <630994025.63...@boardroomconsultants.com>
To: w...@crummy.org
Subject: *****SPAM***** Ð"рочи за копейки
MIME-Version: 1.0
Content-Type: text/html; charset=koi8-r
Content-Transfer-Encoding: 8bit
X-Spam-Prev-Subject: Ð"рочи за копейки
X-Chzlrs: 0
X-Antivirus: AVG for E-mail 8.0.176 [270.9.14/1832]
Ð--ацени! <http://www.nipdit.org/ra.html>
--
All postings to news.admin.net-abuse.sightings are unconfirmed and unverified
unless stated otherwise by the moderators. All opinions expressed above are
considered the opinions of the original poster, not the moderators or their
respective employers. For a copy of the guidelines to this group, see:
http://www.killfile.org/~tskirvin/nana/