I've never
met Robert, or used his 'service' etc - but a lot people
including Microsoft (of
which im sure you have heard of) consider him a problem.Broadcastingtoday.biz (and other domains) spam methods. who be Robert (aka Bob) Soloway of NIM Corporation.
|
Quick page links: MIRROR of this Page http://uk.geocities.com/sjwest01 Primer Fact from Fiction
- beyond the bullshit and lies Legal problems Robert's
legal
issues. Inside a ? sub-rented
spammers house which Bob has NIM Tracking methods. - sort of spam
'spyware' A Suspected Bob Soloway operation explained.
new IP's blocked by me and spaming
for Bob (reports seen) * new Member of the press ? |
Notices: Most of the links on this page are internal. Search engine visitors: This page has lots of Anyhow please meet my (and probably yours too)
|
Fact from
Fiction - a primer on Bob Solaway
This page is not 'fan' literature, but an attempt to put together
the facts of how Robert spams you and me. - it is not all of my own
work. And an attempt to get people who are thinking of using
Roberts 'services' as counter to his claims which a court has as part
of the evidence against him.
I've never
met Robert, or used his 'service' etc - but a lot people
including Microsoft (of
which im sure you have heard of) consider him a problem.
So if you thinking about taking Robert up on his offer consider this.
Lets summarise, He spams, his mailings are not 'can-spam' compliant,
and this is not me making these claims this information can be found
throughout this document
For the record - I just list the spams that my Domain owner email
gets. Robert for some strange reason kept appearing in my inbox.
So this is a 'homage' to his business operation. Should you
think this just 'sour grapes' then I suggest you email some of the
clients who having taken up Robert and paid him discovered
the truth.
So before you send Robert money to his 'paypal' account - please
read the experience of 'clients', court documents and so on.
Once equipped with the facts - hope you will 'do the
right thing'.
A wiki entry
on Bob for those of you who like extra sources of information
What
about this spamis nonsense.
Those of you lucky enough to get a spamis spam (I was lucky)
will know that Robert is having a go at the people who are taking him
to court. I have no idea of what Bob is on but it is weird
stuff.
Many 'spammers' become anti-spammers when they are rumbled.
How long it continues for is a debatable point.
Bob is still Bob - so he is still a spammer.
As to Bob being 'persecuted' well if Bob thinks that way - then
his 'stupidity' helped started it.
That I think is a fair assessment on Spamis which a domain registrar
has now terminated for breaking some rules
set out in their terms and
conditions.
The text below explains how I was introduced to Bob Solaway and how
this page was eventually created.
If you came from my spamming
the domain owner
page then you
know the background.
otherwise let me recap.
In 2002 a couple of domains I look
after changed registrar,
so this
meant the contacts in the whois changed. The whois lists
information about the owner and the technical contacts various internet
rfc's
require you have these so people can contact you, the downside of this
ideal system is that spammers can also spam you as most domains not
owned by spammers follow the rules..
Since spammers can joe-job you it is best not to have filters on
these email accounts as it might be a another domain warning you that a
spammer is using your domain name (if you don't know it already)
So the billing, technical, and administrator plus the owner contacts
changed in the year 2002 - for good
measure a web page was setup advising persons of this. In June
2004 Broadcastingtoday.biz raided the whois by some means and decided
to send me spam. and to all of the accounts I created in 2002.
which is nice of them since
these accounts don't send email.
Enough history - lets move to 2004.
So in June 2004 I got spammed via my whois entries so I renamed a
few things and started my
experiment. I also renamed the billing and technical contacts.
they have since rescanned the whois and have sent spam to these new
names this has become experiment 2. No
web page was put up with the changes so they are
definitely raiding the whois for there claimed 28 million email
addresses.
The spams to the domain aliases are similar to the experiment (see
link) I am running this
is the 'body' of a freshly subscribed address from my whois entry - a
spam example from the 15th September 2004..
<<>> DiG 9.2.4 <<>> www.broadcastemailcorp.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8845
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.broadcastemailcorp.org. IN A
;; ANSWER SECTION:
www.broadcastemailcorp.org. 1685 IN CNAME odo4.meibu.com.
odo4.meibu.com. 20 IN A 218.88.44.247
email like this to 28 million people for free...
http://www.broadcastingtoday.biz
----------------
this email was sent to gain attention to non-profit
organizations that aid low-income individuals gain
access to the internet and technology looking for
immediate exposure. we make no profit on any of
these services, and we offer this service to help
organizations benefiting impoverished individuals
gain access to the internet throughout the world.
emailing is only zero amount if you are a non-profit
organization that aids low-income individuals gain
access to the internet. at our web site above, simply
contact us by mail for further details.
the primary purpose of this email is directed at non-profit
organizations that benefit low income individuals gain access
to the internet and technology in all countries worldwide.
several organizations worldwide have already taken
advantage of our free offer, and we look forward to
benefiting many more in the future.
if you are not a non-profit organization interested in our
non-commercial/non-profit email notifications that benefit
various world causes, please unsubscribe at:
contact us at: po box 1259, seattle, wa 98111
(look familiar?) They are consistent in there attempts to spam me,
since i have not
unopted from the billing and technical contacts the spam is less than
from the owner email which has had 30 ish spams after opting out of the
Broadcastingtoday.biz list. Surprisingly Robert does not appear
to spam webmaster or postmaster accounts - but I'm sure that will
change
one day.
Suspected
operations of Bob Soloway.
This is pure speculation on the basis of the facts seen from this
page (TO WRITE COME BACK SOON)
Being subscribed:
1, Spam Victim: registers an internet domain
2, Bob Soloway: Hires help, or looks up what was entered in step 1,
either using a mining tool, or a box of spyware/virus spybots pc that
mask the number of requests for ahem 'sales leads' like email
addresses.
Being spammed:
1, Bob Using non american internet companies (normally Korea, or China)
Bob sets up the same website over and over again
2, Bob uses/or employs help or his own
1 Spybot
network or
2 open proxy Microsoft windows
exchange servers to send (example ip
addresses
here)
his spam
using Darkmailer.
Trying to unsubscribe:
1, Means you get even more spam - a 'feature' yet to developed by Bob -
well you wanted spam didn't you ? or a misunderstanding of the word
'no'
really means 'yes'
Other things Bob does well:
1. Autocreation of yahoo geocities (free webspace) aliases/accounts that link
to websites if Bob is having problems (I am only using for Bob dataset
examples only here, other spam that employs the geocities redirect I
would not make the call about) I assume a script of some kind is run
That covers it
I'd like to credit basaltbuster who lives at gmail for this, I'm no
songwriter - alas you cannot buy it on itunes, or if your into open
source sing it yourself, if anyboy wants to mp3 it, I'd willingly
host it.
To the tune of the Beach Boys song Barbara Ann:
went for my mail .... had to get a pail
the inbox is full of all of his crappy bull
soloway .... bob bob ... bob soloway
you got me clicking and a reading
... larting and deleting
soloway ... bob bob .... bob soloway
bob is the man ham sending out the charity scam spam
special offers just for you ... who are dumb enough to choose
soloway ... bob bob ... bob soloway
you got me clicking and a reading
... larting and deleting
soloway ... bob bob .... bob soloway
advertise to many ... for just a couple pennys
soon millions will regret the day you ever met
soloway .... bob bob ... bob soloway
you got me clicking and a reading
... larting and deleting
soloway ... bob bob .... bob soilaway
some day in jail he will regret sending all the mail
and all the boxes that he crammed ... in violation of can spam
soloway ... bob bob .... bob soloway
newportcorp.cn
you got me larting and deleting ... clicking and a reading
soloway ... bob bob ... bob soloway
Its all part of the Soloway experience. - if the crazy frog can get
to number 1....
Domains
Owned (observed so far)
EMAILTODAY2004.COM - details about them links for all on this page.
BROADCASTEMAILINGTODAY.BIZ - details about them located on this page.
BROADCASTINGTODAY.BIZ - details about them on this page.
BROADCASTEMAIL.ORG - details about them on this page.
newportmarketing.com - details about them on this page
BROADCASTEMAIL.US - details about them on this page.
broadcastadvertise.org - details about them on this page
spamis.net details about them on this page
spamis.cc details about them on this page
spamis.biz details about them on this page
broadcastemailadvertising.net details about them on this page.
optinemailing.net details about them on this page
optin2millions.com details about them on this page
optin2millions.net details about them on this page
optinemailingtoday.com details about them on this page
optinemails.org details about them on this page
optinemailtoday.biz details about them on this page
optinemailing.biz details about them on this page
optinemailings.us NEUSTAR seem to have shut it (external link to (NEUSTAR REGISTRAR) down
broadcastingemail.us details about them on this page
emailingtoday.org details abut them on this page
searchengineranking.cn details about them on this page
broadcastingemailing.org details about them on this page
security-validations.com details about them on this page
broadcastemailservices.biz details about them on this page
broadcastemailservices.org details about them on this page
3322.ORG details about them on this page
broadcastemailcorp.org details about them on this page
cyberservices.com details about them on this page
China here we come
newportcorp.cn details about them on this page.
jzgx.nydns.cn details about them on this page.
broadcastemailingcorp.cn details about them on this page
then: IP hosts (see the list below)
http://de.geocities.com/email24624broadcast65559/ to details -> http://83.69.46.224/wm/
http://83.237.66.218/wm/
http://uk.geocities.com/Griselda70698Sol20116/ redirects to -> http://210.179.190.250/wm/
http://uk.geocities.com/Ingamar91782Leoine31932/ also redirects to
http://210.179.190.250/wm/
as does
http://uk.geocities.com/Gabbie86388Ninetta16900
http://de.geocities.com/Louis22093Tamma24664/
http://210.179.190.250/broadcastemail redirects to: http://uk.geocities.com/Fancy9059Cammy99965/
and http://de.geocities.com/Petronille78514Sarena78406/
and http://uk.geocities.com/Brina9829Krysta60333/
http://uk.geocities.com/Yasmeen25258Kaila54034/
etc - more stuff below.
* denotes active spamvertising
Spamming
Method
Going back to broadcastingtoday.biz He has also 'lost' half
million
addresses in his latest spam
(experiment 1 item 75) but I'm afraid I'm
not one of them. Then
(on the 1st October) However good news he's back to 28 million
addresses. So it seems one can never 'get off'
Jan 2005: Good news The webmaster has reported a spam from
broadcastemailingtoday.biz that just leaves postmaster ...
Lets be 'Geeky' and take a look at the mail.log file:
01/10/2004 03:11:54 PM pD9E51757.dip.t-dialin.net (217.229.23.87)
connected
01/10/2004 03:11:59 PM Message 004E0061 (MessageID:
<JIUQTKJMWASOTLWYPXCURQ@fastestresponse.net>) received from
pD9E51757.dip.t-dialin.net (217.229.23.87) size 2466 bytes
01/10/2004 03:11:59 PM SMTP Server: pD9E51757.dip.t-dialin.net
(217.229.23.87) disconnected. 1 message[s] received
01/10/2004 03:11:59 PM Attempting delivery to: User
billing@Domain.name, admin@Domain.name admin@Domain.name from
donc@boardermail.com
Notice that broadcastingtoday.biz is nowhere to be found in in the
headers but 'boardermail.com' or 'fastestresponse.net' and
instead of sending his junk from Korea Robert is sending it from
217.229.23.87 which is somewhere in Germany Which is not quite
how Robert 'advertises' his package on his website as apparently they
all have broadcastingtoday.biz in the headers. Sorry to say i
cannot see it - can you ?.
RANGE 217.224.0.0 - 217.237.161.47
?newportcorp.cn
netname: DTAG-DIAL15
descr: Deutsche Telekom AG
country: DE
remarks: ******************************************************************
remarks: * Abuse Contact: http://www.t-com.de/ip-abuse in case of Spam, *
remarks: * Hack Attacks, Illegal Activity, Violation, Scans, Probes, etc. *
remarks: ******************************************************************
source: RIPE
details about them
route: 217.224.0.0/11
descr: Deutsche Telekom AG, Internet service provider
address: Deutsche Telekom AG D-90492 Nuernberg Germany
phone: +49 180 5334332, fax-no: +49 180 5334252
e-mail: abuse@t-ipnet.de
So it appears he is using hacked windows pc's to send his
email You see this email marketing business is very legitimate
indeed. Lets be charitable and try another being the 4th October
details about them
04/10/2004 10:46:51 AM SMTP Server: 202-178-191-45.cm.dynamic.apol.com.tw (202.178.191.45) disconnected. 1 message[s] received
Now thats coming from Taiwan, which certainly is not part of
Korea, The next comes again from Germany and pD95D7049.dip.t-dialin.net
(217.93.112.73)
What domain spams what role account (it will be updated on Roberts
next domain rotation)
|
Domain spams to email account/aliases: |
remote |
postmaster |
info@ |
web |
billing |
admin |
technical |
owner |
|
EMAILTODAY2004.COM |
|
|
new |
|
|
|
|
y |
|
BROADCASTEMAILINGTODAY.BIZ |
|
|
column |
Y |
y |
y |
y |
y |
|
BROADCASTINGTODAY.BIZ |
|
|
|
|
|
|
|
y |
|
**** BROADCASTEMAIL.ORG |
|
|
|
y |
y |
y |
y |
y |
|
** BROADCASTEMAIL.us |
|
|
y |
|
y |
y |
y |
|
|
broadcastadvertise.org |
|
|
|
|
|
y |
|
|
|
spamis.net |
|
|
|
|
|
|
|
|
|
spamis.cc |
|
|
|
|
|
|
|
|
|
broadcastemailadvertising.net |
|
||||||||
spamis.biz ? |
|
|
|
|
y |
y |
|
|
|
optinemailing.net |
|
|
|
|
|
|
|
|
|
optin2millions.com |
|
|
|
Y |
|
|
|
|
|
optin2millions.net |
|
|
|
Y |
Y |
|
|
|
|
optinemailingtoday.com |
|
|
y |
|
|
|
Y |
|
|
optinemails.org |
|
|
|
|
Y |
|
|
|
|
optinemailtoday.biz |
|
|
|
|
Y |
|
|
Y |
|
optinemailings.us - KILLED |
|
|
|
|
Y |
|
|
|
|
broadcastingemail.us |
|
|
|
|
|
|
|
|
|
emailingtoday.org |
|
|
|
|
Y |
|
Y |
Y |
|
searchengineranking.cn |
|
|
|
|
|
|
|
Y |
|
broadcastingemailing.org |
|
|
|
|
|
|
|
Y |
|
security-validations.com (heard about) |
|
|
|
|
|
|
|
|
|
broadcastemailservices.biz |
|
|
|
|
|
|
|
Y |
|
broadcastemailservices.org |
|
|
|
|
|
Y |
|
Y |
|
3322.ORG |
|
|
|
|
Y |
|
|
|
|
broadcastemailcorp.org |
|
|
|
|
Y |
T |
|
Y |
|
http://de.geocities.com/email24624broadcast65559/ |
|
|
|
|
Y |
Y |
|
Y |
|
http://83.237.66.218/wm/ - via geocites (free websites) |
|
|
|
|
|
|
|
Y |
|
http://210.179.190.250/wm/ - via geocites again |
|
|
|
|
Y |
Y |
Y |
Y |
|
http://83.237.66.218/broadcastemail/ <- renamed from wm |
|
|
|
|
|
|
|
Y |
|
http://147.46.30.174/broadcastemail/ |
|
|
|
|
|
|
|
Y |
|
http://147.46.240.97/broadcastemail/ |
|
|
|
|
|
|
|
|
|
http://198.93.1.73/broadcastemail/ <- America!! |
|
|
|
|
|
|
|
Y |
|
http://147.46.135.180/broadcastemail/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
http://219.136.53.13/broadcastemail/ |
|
|
|
|
|
|
|
|
|
broadcastemailcorp.odo.com.cn |
|
|
Y |
|
Y |
Y |
Y |
|
|
http://210.66.241.1/broadcastemail/ |
|
|
|
|
|
|
|
Y |
|
http://securesite.odo.com.cn (seen evidence of spaming seen here) |
Y |
Y |
|
|
|
|
|
Y |
|
http://195.6.54.3/broadcastemail/ |
Y |
|
|
|
|
|
|
|
|
http://217.74.161.86/broadcastemail/ (russia) |
Y |
|
|
|
|
|
|
|
|
http://62.119.28.243/broadcastemail/ |
Y |
|
|
|
|
|
|
|
|
http://broad.ztjm.com/ (china) |
Y
|
|
|
|
|
|
|
|
|
http://62.149.193.221/broadcastemail/ (italy) |
Y
|
|
|
|
|
|
|
|
|
http://83.17.42.146/broadcastemail/ (poland) |
|
|
|
|
|
|
|
|
|
http://210.7.70.150/broadcastemail/ (india - very lower caste) |
Y
|
|
|
|
|
|
|
|
|
http://62.204.237.170/broadcastemail/ (cz,eu) |
Y
|
|
|
|
|
|
|
|
|
http://advertising.voddo.cn/ (China) |
|
|
|
|
|
|
|
|
|
http://62.123.150.18/broadcastemail/ (Italy) |
Y
|
|
|
|
|
|
|
|
|
http://217.40.152.75/broadcastemail/ (England) |
Y
|
|
|
|
|
|
|
|
|
http://62.193.238.142/broadcastemail/ (France) - date entry |
|
|
|
|
|
|
|
|
|
http://broad.1122.ish.cn/ (China) |
|
|
|
|
|
|
|
|
|
newportcorp.cn pointed to -> 222.210.196.86 (china) |
Y
|
|
|
|
|
|
|
|
|
http://jzgx.nydns.cn/ 60.18.162.5 (china) |
|
|
|
|
|
|
|
|
|
http://62.193.224.161/broadcastemail/ |
|
|
|
|
|
|
|
|
|
http://www.broadcastemailingcorp.cn/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
' * ' denotes active current spam domain.
'**' prior spamvertised domain name
'***' prior domain before that
text in red
denotes a remote observation from a report i've seen
Remote report column denotes the email address could not be determined
by myself (but the spam was deemed to be a Bob 'classic') .
etc...
- Red seen by others
- Black This information is observed by me alone -
if you google hard
enough im sure others will confirm these findings.
|
Apnic (asia) |
Ripe (europe/russia) |
Other (Lanic) |
Arin (america) |
newportcorp.cn (et al) |
http://217.74.161.86/broadcastemail/ (russia) |
|
|
Moving along - Since this page was
once more dedicated to the
Soloway Junk i get for our own domains technical contacts here is a
list of the claimed ip addresses
note that despite his domains being hosted in China/Korea But we
have
ip's here from Japan, Australia, Brazil and New Zealand (and thats just
the first couple). the dns
entry
also seems to be
telling me some of these appear to be dynamic ranges.
You have to admire the consistency of Roberts Operation - sorry I'm
being sarcastic
As soon as I get confirmed Bob spam the table below will be updated
|
Our Bob Soloway Spam |
|||||||||
|
Date (each entry denotes a spam) |
'Published' |
Sent IP (confirmed) |
Origination ? (not confirmed) |
email it was claimed from eg is it from |
|||||
|
|
n/a |
Listwashed it appears Sob! |
|
|
|||||
|
31 Jan |
|
BSN-210-250-53.dial-up.dsl.siol.net (BSN-210-250-53.dial-up.dsl.siol.net [195.210.250.53]) |
ifkzdbsm5.eon.net.au (0.12.140.61) by tz2-jre46.interfree.it |
Mason Townsend
ebatlaster@uymail.com |
|||||
|
27 January x 7 need I say more |
|
Received: from pool-70-16-232-93.rich.east.verizon.net (pool-70-16-232-93.rich.east.verizon.net [70.16.232.93]) |
Reply-To: "Blake Thorne" <restonparker@coolgoose.com> |
||||||
|
2006 |
|
||||||||
|
25 December |
|
from HSE-Ottawa-ppp157893.sympatico.ca
(HSE-Ottawa-ppp157893.sympatico.ca [64.229.132.56]) |
mail13.mdlc.shaw.ca (138.40.128.105) by
z1-jco775.valentini.net.ar with Microsoft SMTPSVC(5.0.2195.6824); |
Daisy Chung rollandkrisp @fishhoo.com |
|||||
|
4th December (3) |
|
from pool-71-254-43-40.roa.east.verizon.net (pool-71-254-43-40.roa.east.verizon.net [71.254.43.40]) |
01.172.149.24 by bqpbz949-ji16.z9.pwgsc.gc.ca with DAV; |
Brandon Doherty timrolland @care2.com or |
|||||
|
1 December (2) |
|
from 200-122-115-170.dsl.prima.net.ar (unknown [200.122.115.170]) |
dns1interfree.it (150.192.91.240) by fzz5-sg42.umontreal.ca |
new members of staff ! |
|||||
|
1 December (2) |
|
from h196.166.141.67.ip.alltel.net (h196.166.141.67.ip.alltel.net [67.141.166.196]) |
from slump (50.222.12.208) by ko4.downpour.draco.daly.adv.es |
Melody Hooper |
|||||
|
24 November |
|
from 26-49-112.adsl.terra.cl (26-49-112.adsl.terra.cl [200.112.49.26]) |
rom week (154.232.64.159) |
Becky Erwin donaldcrisp @ boardermail. com |
|||||
|
24 November |
|
26-49-112.adsl.terra.cl (26-49-112.adsl.terra.cl [200.112.49.26]) |
from week (154.232.64.159) |
Becky |
|||||
|
19 November |
|
sl51B6348C.pool.t-online.hu (dsl51B6348C.pool.t-online.hu [81.182.52.140]) |
adv.es (115.172.122.172) by zi4-q07.interfree.it with Microsoft SMTPSVC(6.0.1024.9818); |
me ! |
|||||
|
9 November |
|
dialpool-210-214-204-58.maa.sify.net (dialpool-210-214-204-58.maa.sify.net [210.214.204.58]) |
ns3deacons.com.hk (35.108.67.198) by jk3-mn05.wzcmariahuis.be |
why i am sending spam to myself again |
|||||
|
8 November |
|
from host123.200-82-88.telecom.net.ar (host123.200-82-88.telecom.net.ar [200.82.88.123]) |
from xpflwn24.web.de (4.38.5.7) by fa898-dhc.etnic.be |
why I sent it |
|||||
|
3 November, to 'Billing' |
|
from 200-233-176-225.xd-dynamic.ctbcnetsuper.com.br (200-233-176-225.xd-dynamic.ctbcnetsuper.com.br [200.233.176.225]) |
arboreal-dns.mweb.co.zw (208.48.66.146) by aha52-i385.sxhealth.co.nz |
us |
|||||
|
16 October, I say I say I need that Japanese phase book for
'fuck off bob'. |
|
from zaqdb737afe.zaq.ne.jp (zaqdb737afe.zaq.ne.jp [219.115.122.254]) |
no crap |
Cullen, Gerry <charityinfo @coolgoose.com> |
|||||
|
5 October, Bobs been hitting the spam filter im told, but this
made it through, so yep Bobs still spamming. |
|
from OUR IP ADDRESS (unknown [202.158.187.170]) |
no crap - |
"Mrs. Lusk" <charityinfo@ m a i l .c o m > |
|||||
|
26 August |
Trojan.Spybot |
200216103247.user.veloxzone.com.br (200216103247.user.veloxzone.com.br [200.216.103.247]) |
localhost.localdomain (HELO localhost.localdomain [127.0.0.1]) |
billing @ 'me' |
|||||
|
26 August |
|
by pompous.sacmail.com (Mostfix) |
|||||||
|
23 August |
|
cm6.gamma40.maxonline.com.sg (cm6.gamma40.maxonline.com.sg [202.156.40.6]) |
64 by zab3-aek95.vnmnh7.graffiti.net with DAV; |
me again, but I 'love' Robert Spam |
|||||
|
19 August |
|
from sub51-128.uhh.hawaii.edu (sub51-128.uhh.hawaii.edu [132.160.51.128] |
me but im apparently sending it from |
||||||
|
18 August |
|
from rndf-146-55-196.telkomadsl.co.za (rndf-146-55-196.telkomadsl.co.za [165.146.55.196]) |
none apparently |
im sending his spam to myself via south africa |
|||||
|
9 August |
|
stjhnf0123w-142163145101.nl.aliant.net (unknown [142.163.145.101]) |
(from qrb258cowbell@localhost) |
|
|||||
|
8 August |
|
hlfxns0145w-142167143103.ns.aliant.net (hlfxns0145w-142167143103.ns.aliant.net [142.167.143.103]) |
osvg514.inmail24.com (106) by vl4-iy831.138mail.com |
Demetrius Engle xrs.net |
|||||
|
31 July |
|
SHASTA189200.ig.com.br (unknown [200.151.189.200]) |
174 by yj73-tq919.fn2.yyhmail.com with DAV; |
graffiti.net |
|||||
|
30 July |
|
USER.36.178.5.201.dial-ip.telemar.net.br (unknown [201.5.178.36]) |
from nomogram (120) |
gawab.com |
|||||
|
29 July |
|
ppp-0-110.dts.mg (ppp-0-110.dts.mg [193.251.140.110]) |
cns848mcnaughton@localhost |
oh guess |
|||||
|
28 July |
|
BSN-210-230-216.dsl.siol.net (BSN-210-230-216.dsl.siol.net [195.210.230.216]) |
mail5085.otp.merseymail.com (234) by w9-f5.merseymail.com with Microsoft SMTPSVC(5.0.2195.6824); |
casino.com (spot a pattern yet?) |
|||||
|
25 July |
|
ppp1349.va-east.my-users.ne.jp (ppp1349.va-eas69.46.224t.my-users.ne.jp [219.100.144.49]) |
khzgpc3.fresnomail.com (220) by d58-b.fresnomail.comchloroplastfcn064 (booky144) by fresnomail.com (sae4) with SMTP id <181873747ta133a> (Authid: EstherHorne); Mon, 25 Jul 2005 11:15:37 +0300 |
lissamail.com |
|
||||
|
25 July |
|
pool-141-153-229-140.nwrk.east.verizon.net (pool-141-153-229-140.nwrk.east.verizon.net |
92 by exdhf0-lz0.q57.xmail.net with DAV; |
asheville.com |
|||||
|
25 July |
|
pool-138-88-176-85.res.east.verizon.net (pool-138-88-176-85.res.east.verizon.net [138.88.176.85]) |
from 118 by vz651-r6.rllx4.myway.com with DAV; |
graffiti.net |
|||||
|
20 July |
|
pool-138-89-212-150.atc.east.verizon.net (pool-138-89-212-150.atc.east.verizon.net [138.89.212.150]) |
rom boyhood (12) by x7.emendable.inoffensive.belies.joinme.com |
lycos.com |
|||||
|
20 July |
|
207-18-135-4.flex.net (unknown [207.18.135.4]) |
assimilable-dns.doramail.com (72) by xn8-k89.doramail.com with Microsoft SMTPSVC(5.0.2195.6824); |
fresnomail.com | |||||
|
18 July |
|
Not yet convinced about Bob ? see this |
|||||||
|
17 July |
|
201-011-224-137.cslce7007.dsl.brasiltelecom.net.br (unknown [201.11.224.137]) |
|
koreamail.com |
|||||
|
17 July |
Trojan.Spybot |
a84-0-197-145.adsl-pool.axelero.hu (a84-0-197-145.adsl-pool.axelero.hu [84.0.197.145]) |
talcum-dns.allsaintsfan.com (68) by kod81-sr23.graffiti.net with Microsoft SMTPSVC(5.0.2195.6824); |
canada-11.com |
|||||
|
17 July |
|
200-126-91-229.bk6-dsl.surnet.cl (200-126-91-229.bk6-dsl.surnet.cl [200.126.91.229]) |
Received: from mailpanda.com (20) by f64-u749.usa-11.com with Microsoft SMTPSVC(8.4.3737.5659); |
grafiti.net |
|||||
|
16 July |
|
rom mail4934.oxfrd.mailpanda.com (176) by q931-h91.mailpanda.com with Microsoft SMTPSVC(5.0.2195.6824); |
Received: from D84 (h197.gdy52.rm.mailpanda.com 31) |
outgun.com |
|||||
| 10 July |
|
from
pool-138-88-90-162.res.east.verizon.net
(pool-138-88-90-162.res.east.verizon.net [138.88.90.162]) |
from
cochrane-gp454.credent.koreamail.com (230) by p8-pqd677.koreamail.com
with Microsoft SMTPSVC(5.0.2195.6824); Sat, 09 Jul 2005 21:02:33 -0300 |
" Tracey Potts " <billpaxton@casino.com> | |||||
|
2 July |
|
85-49-161-26.mad2.adsl.uni2.es
(85-49-161-26.mad2.adsl.uni2.es [85.49.161.26]) |
mail360.gdoo.spamis.biz (177) by je4-lz4.spamis.cc with Microsoft SMTPSVC(5.0.2195.6824); |
||||||
|
30 June |
|
12-215-214-8.client.mchsi.com (12-215-214-8.client.mchsi.com
[12.215.214.8]) |
|
||||||
|
14 June |
|
61-230-132-106.dynamic.hinet.net
(61-230-132-106.dynamic.hinet.net [61.230.132.106]) |
from sq8bedraggle@localhost) |
no |
|||||
|
6 June |
|
Received: from 22 details about them 0-133-87-182.HINET-IP.hinet.net
(220-133-87-182.HINET-IP.hinet.net [220.133.87.182]) |
Received: from xih7.cashette.com (91) |
no |
|||||
|
31 March |
|
unknown [61.68.161.165] |
cypcsiz7.centralpets.com (254.132.0.249) by i362-dni.care2.com |
No and im not telliing you |
|||||
|
19 March |
|
* Back in business ! |
224.155.244.156 by dj95-v53.uaeq570.bolt.com with DAV |
No it was not and I am not telling you anymore |
|||||
|
Status: |
|
Listwashed (no I did not opt out) |
* unless Robert starts spamming the technical contacts |
|
|||||
|
26 February |
|
201-255-30-155.mrse.com.ar ([201.255.30.155]) |
xhufgn682.bluebottle.com (189.163.92.27) by
v5-vvx10.bluebottle.com |
Siegel <rfrasier0@lycos.com> |
|||||
|
15 February |
Trojan.Spybot |
[200.11.78.138] |
from jppxyvrzp3.bolt.com (62.36.232.228) by
hvy5-qx50.boardermail.com |
shawnm@surfy.net |
|||||
|
13 February |
|
83.151.137.114 |
from bst4.bolt.com (84.182.60.76) by ek925-o42.boardermail.com |
Doug Heller roddy@bolt.com |
|||||
|
12 February |
|
adsl-69-209-114-1 details about them 69.dsl.klmzmi.ameritech.net [69.209.114.169] |
from badland-dns.bolt.com (192.74.0.223) by du6-hu2.boardermail.com |
Clifford Boone <patknowles@collegeclub.com> |
|||||
|
10 February |
|
[201.10.157.213] |
from gilkfibewgmf026.bluebottle.com (192.179.137.224) by
b6-z60.boardermail.com |
Earnestine Land <monksj@fastermail.com> |
|||||
|
8 February |
|
[211.211.41.168] |
from bluebottle.com (6.64.71.72) by np7-duy81.bolt.com |
Delmer Grant <mikebono@myway.com> |
|||||
|
3 February |
|
CPQ13941688621 ([4.31.111.51] |
from dns72boardermail.com (182.234.241.234) by
hd02-lpu48.bolt.com |
|
|||||
|
3 February |
|
ACD48E37.ipt.aol.com ([172.212.142.55]) |
from boujko6.bluebottle.com (151.136.192.89) by
b32-am.bluebottle.com |
Guy Shipley annalee@blazemail.com |
|||||
|
1 February |
? |
56.137.99-84.rev.gaoland.net [84.99.137.56] |
from bolt.com (240.50.226.183) by rj4-syj740.boardermail.com |
Omar Conner <mikegraves@138mail.com> |
|||||
|
31 January |
|
dilayt.customers.pfts.com |
dns312boardermail.com (58.156.249.44) by
odf6-p78.bluebottle.com |
Ian Dickson stevelitz@fastermail.com |
|||||
|
31 January |
|
200-147-136-99.tlm.dialuol.com.br ([200.147.136.99]) |
dns312boardermail.com (58.156.249.44) by
odf6-p78.bluebottle.com |
Ian Dickson stevelitz@fastermail.com |
|||||
|
31 January |
|
[63.170.38.115] |
wmzhmbzts36.boardermail.com (168.243.32.208) by
id438-a.boardermail.com |
Percy Chung christel@dbzmail.com |
|||||
|
30 January |
|
202.97.143.253 |
mail3691.fnsy.boardermail.com (155.108.135.40) by
f71-vw048.boardermail.com |
Troy Reyna" <todd82@bolt.com> |
|||||
|
29 January |
|
182.red-217-217-138.user.auna.net ([217.217.138.182] |
from dingy
(16.219.44.19) by
st114.dave.avenge.diffractometer.boardermail.com
<797526972318.OITH9599.vrux0-mail.apposite.courtroom.net.cable.rogers.com@anomalous>
|
Glenn Garrett harveypar@yyhmail.com |
|||||
|
29 January |
|
from F3P1L3 ([80.218.124.42]) |
from sdp856.bluebottle.com (38.164.30.184) by
gy3-di68.bluebottle.com |
Janet Land |
|||||
|
28
January |
|
213.37.113.156 |
mz35.bolt.com 181.200.152.116 by ot40-i.bolt.com |
Craig Hathaway |
|||||
|
28 January |
|
80.97.138.1602/07 |
176.16.24.157 by ug2-p7.y5.boardermail.com with DAV |
Mrs Goldstein |
|||||
|
22 Janaury |
|
host74-57.pool80182.interbusiness.it 80.182.57.74 |
dns744bolt.com (208.56.236.172) by qc3-bf70.bolt.com |
Kate Maddox |
|||||
|
21 January |
|
42.85.97-84.rev.gaoland.net 84.97.85.42 |
basidiomycetes-g908.extendible.bolt.com (192.128.8.248) by ty65-xf452.bolt.com |
Guadalupe Medina <lonnie@mail2artist.com> |
|||||
|
21 January |
|
42.85.97-84.rev.gaoland.net 84.97.85.42 |
180.83.244.64 by owogk30-xc7.uvkc2.boardermail.com with DAV |
Jane Solomon" <oharam@asianavenue.com> |
|||||
|
21 Janaury |
|
0-177-130.onocable.ono.com 84.120.177.130 |
dns09bolt.com (169.198.209.116) by q797-t47.boardermail.com |
Randell Shirley |
|||||
|
18 January |
|
195.146.59.57 |
from plcqloh3.bolt.com (84.0.40.64) by phq8-jrb.bluebottle.com |
Judith " <jonlowry@asiamail.com> |
|||||
|
18 January |
|
82.101.184.32 |
taus353.bluebottle.com (226.102.86.240) by
nnz0-ro6.boardermail.com |
Mandy " <scottroeder@budweiser.com> |
|||||
|
17 January (1) |
Trojan.Spybot |
62.59.34.226 |
mail9000.mjtox.boardermail.com (243.64.0.212) by o371-np9.boardermail.com
|
Melisa Sanders" <shawnm@surfy.net> |
|||||
|
16 January (1) |
|
172.182.12.83 |
250.209.48.199 by qiq6-s604.hurz6.bolt.com with DAV; |
Beatriz Paige <marykotch@outgun.com> |
|||||
|
15 January (1) |
|
[80.117.93.169] |
from czarina (30.32.120.148) by sl399.guise.monad.know.bluebottle.com |
Preston Metcalf <tomay@outgun.com> |
|||||
|
14 January (1) |
|
wll-16-pppoe033.t-net.net.ve ([200.31.129.33]) |
(from 63inaudible@localhost) by 15-cataclysmic99.601.bolt.com |
Ignacio <allgoods@cardtown.com> |
|||||
|
14 January (1) |
|
202-63-181-63.broadband.isp.exatt.net
([202.63.181.63]) |
yearn (206.237.88.1) by 07.counterproposal.meadowland.holman.boardermail.com |
Sheila " <davidploy@marchmail.com>" |
|||||
|
13 January |
|
200.31.151.11 |
(187.16.164.29) by 392.declare.reformatory.panjandrum.bluebottle.com |
Connie " |
|||||
|
10 January |
|
dup-200-65-205-4.prodigy.net.mx [200.65.205.4] |
45.104.37.240 by 200.65.205.4 |
Ernest Braun <timdommer@collegeclub.com> |
|||||
|
5 January |
|
client-200.121.251.53.speedy.net.pe ([200.121.251.53]) ? |
mail492.xs.boardermail.com (144.88.192.144) by
sh686-qv1.bolt.com |
Edwin Bond" <jaredb@graffiti.net> |
|||||
|
5 January |
|
[200.208.143.64] |
orig 72.190.186.160 by 200.208.14mixailovich@tekcom.ru3.64 |
Morgan Santiago" <joeblake@emailaccount.com> |
|||||
|
5 January |
|
WLL-66-pppoe073.t-net.net.ve ([200.35.72.73]) |
236.184.234.144 by 200.35.72.73 |
Valentin Palacios" <jongotti@shadango.com> |
|||||
|
Year: 2005 |
|
Monitored (January 18) |
|
|
|||||
|
31 December (1) |
|
222220.bsb.virtua.com.br ([200.167.222.220]) |
depressible-z36.cuprous.bolt.com (162.156.110.252) by x289-pd875.boardermail.com |
"Cherie Johnston <jimmack@marchmail.com>" |
|||||
|
31 December (1) |
|
from d012181.adsl.hansenet.de224.155.244.156 by dj95-v53.uaeq570.bolt.com with DAV ([80.171.12.181] |
from serology-dns.bolt.com (251.38.97.9) by lq7-yey0.bolt.com |
"Tia Varner <herbertevans@hamptonroads.com>" |
|||||
|
31 December (1) |
|
dialin-212-144-190-010.arcor-ip.net ([212.144.190.10]) |
from gw27revert@localhost) by e56-tananarive09.my09qtf.boardermail.com |
Karen Sams <jaredb@graffiti.net>" |
|||||
|
9 December |
|
([164.77.173.11]) |
from cervix
(140.216.45.43)
by
ku235.rainfall.timothy.liquefaction.bolt.com
|
"Leta Purcell" <donaldcrisp@boardermail.com>" |
|||||
|
29 December (all three) |
|
from CEMAG-SERVER ([200.255.104.6]) |
"from 198.110.36.172 by 217.253.207.181; Wed, 29 Dec 2004
10:10:52 +0600" |
mixailovich@tekcom.ru
No but its both a boy and a girl say hi to "Jami Simons"
<timdommer@collegeclub.com>" |
|||||
|
25 December |
|
Static-IP-cr200118116224.cable.net.co ([200.118.116.224])
|
No its - " Mckinney" <tomprowe@graffiti.net>" |
||||||
|
22 December (all three) |
|
112-52-89.adsl.terra.cl ([200.89.52.112]) |
behind.doit.org ([250.50.248.144]
helo=infamous.ostracism.doit.org |
Try "Tricia Darling" <evansjayme@kittymail.com>" |
|||||
|
21 December |
Trojan.Spybot |
from 202-149-43-251.broadband.isp.exatt.net ([202.149.43.251] |
mta1.uhyjqgo.ssl.bluebottle.com) by mta649.mail.swl.boardermail.com by mta031.mail.comfort.boardermail.com |
Well we are getting warmer its - "Denise Duncan"
<jesscollins@surfy.net>" |
|||||
|
21 December |
|
host122-154.pool80181.interbusiness.it 80.181.154.122 |
from (mta1.pijvmfw.ssl.snail-mail.net) by mta649.mail.swl.netster.com by mta272.mail.protein.antisocial.com |
" Talbot" <katief@mail2katie.com> |
|||||
|
21 December (all three) |
|
17924635.rjo.virtua.com.br (200.179.246.35) |
from yeah.doit.org 50.216.240.120 |
No its "Odell Hubbard" <bakerf@fishhoo.com>" |
|||||
|
15 December (all three) |
|
usr092.pial056-01.wpc.im.wakwak.ne.jp ([211.132.180.92]) |
from huckster.striker.cl ([93.72.200.44]
helo=mail.uccangel.org) by smtp0.esmp.cl |
No its - Mai Walters" <rawlings@postmark.net> |
|||||
|
10 December 2004 |
|
203-173-51-128.dyn.iinet.net.au ([203.173.51.128]) |
iy13.outgun.com (139.16.90.52) by iwv72-use.bolt.com |
This column was added for the fun of it. |
|||||
|
10 December 2004 |
|
202-74-218-156.ue.woosh.co.nz ([202.74.218.156]) |
iy13.outgun.com (139.16.90.52) by iwv72-use.bolt.com |
|
|||||
|
10 December 2004 |
|
pm3-4-7.hillsboro.mwt.net ([207.190.85.7]) |
uf7-stir2.b50wul.blazemail.com |
|
|||||
|
10 December 2004 |
|
202-74-218-156.ue.woosh.co.nz ([202.74.218.156]) |
uf7-stir2.b50wul.blazemail.com |
|
|||||
|
Year: 2004 |
|
Monitored: (December 32) |
|
|
|||||
I will update this when new Junk from Robert comes in - Just that he
loves sending me this 'gold'. Further
proper examples of Roberts spams (and to view his 'fortune 100 client'
list) can be seen in experiment
1 , and experiment 2.
Domain Owner spam,
I've done some fun stuff with spam they get, but its time to stop
but i will continue to list Bobs spam here
|
Bob Soloway Domain Owner spam Analysis |
|
|
date: 29 March 2006 |
Return-Path: <JanellWeeks3@montevideo.com.uy> Notes: This is the world of Bob Soloway three continents in one email
- full spam is numbered 1418 on the web pages listed and linked to
elsewhere. |
|
next |
... |
Roberts clients apparently include these highly reputable areas of
trading in:
Robert's 'Clients' also Include these stupid retards
http://success-4-u.biz/?refid=BcastEmail-123456789
affiliate: Helen Allen, Hamilton Island, Queensland, Australia
and see Poochieheaven.com (no this is not
a joke) recommendation
Thats my
experiment experience - don't 'opt-out'. I never wanted it
to begin
with or signed up for it The only way I seemed to stop his junk
to the domain owner (that was just one email address) was to write
these web pages.
Getting
some spamcop reports with headers in (stored to) -
Im parsing what i can- since these are Bobs spams its interesting to
note how there geting delivered, my lack of recenr Bob specific spam
means this is something you can do to.
|
Spam Cop reports seen |
|||
|
Date |
From |
IP Where.... |
Has |
March 1 06 |
cc spamcop report |
60.181.144.90 |
seems to have the Trojan.spybot virus |
March 2 06 |
cc spamcop report |
211.200.129.39 (Korea)* |
ip 211.200.129.39 has MIME-tools 4.104 (Entity 4.116) seems to have the Trojan.spybot virus |
March 2 06 |
cc spamcop report |
211.33.79.125 |
211.33.79.125 has Mutt/1.5.1i seems to have the Trojan.spybot virus |
March 2 06 |
cc spamcop report |
221.139.207.34
|
221.139.207.34 has Sylpheed version 0.8.2 (GTK+ 1.2.10; i586-alt-linux) |
2 March |
cc Spamcop report |
220.125.192.85 KOREA TELECOM |
has MailGate v3.0 seems to have the Trojan.spybot virus |
2 March |
cc Spamcop report |
TOO MUNGED TO DECIPER |
has MailGate v3.0 seems to have the Trojan.spybot virus |
3 March |
cc Spamcop report |
87.0.195.186 ITALY |
has malaysia.net and Internet Mail Service (5.5.2650.21) seems to have the Trojan.spybot virus |
3 March |
cc Spamcop report |
70.101.151.228 CANADA/?says US? |
has The Bat! (v1.60q) and ?cashette.com seems to have the Trojan.spybot virus |
3 March |
cc Spamcop report |
24.63.250.136 Comcast Cable/US |
Mutt/1.5.1i and ? snail-mail.net seems to have the Trojan.spybot virus |
3 March |
cc Spamcop report |
211.177.66.70(x2)probably Korea |
no mailer but malaysia.net seems to have the Trojan.spybot virus |
3 March |
cc Spamcop report |
63.223.65.162 - US |
MIME-tools 5.503 (Entity 5.501) and ureach.com ? has ? exchange open proxy or xmailer ? |
6 March |
cc Spamcop report |
211.56.136.174 probably Korea |
Calypso Version 3.20.01.01 (4) seems to have the Trojan.spybot virus |
6 March |
cc Spamcop report |
60.210.147.185 - China |
MIME-tools 5.503 (Entity 5.501) seems to have the Trojan.spybot virus |
6 March |
cc Spamcop report |
58.69.36.173 - Phillipino spam |
MailGate v3.0 seems to have the Trojan.spybot virus |
7 March |
cc Spamcop report |
61.73.165.25 - Korea |
Microsoft Internet Mail 4.70.1155 seems to have the Trojan.spybot virus (india) |
7 March |
cc Spamcop report |
221.192.216.207 - China |
MIME-tools 4.104 (Entity 4.116) seems to have the Trojan.spybot virus |
12 March |
cc Spamcop report |
59.14.170.94 - Korea |
X-Authentication-Warning: R53-alias2.ZQ6meo.ciberaula.infase.es |
12 March |
cc Spamcop report |
218.27.38.154 CNCGROUP-JL China |
Calypso Version 3.30.00.00 |
12 March |
cc Spamcop report |
40.232.92.121 |
mauimail.com Pegasus Mail for Win32 (v2.53/R1) |
12 March 2006 |
cc Spamcop report |
138.217.21.239 Australia |
Mutt/1.5.1i Trojan.spybot virus |
12 March 2006 |
cc Spamcop report |
61.18.63.169 - HK (China) |
Calypso Version 3.20.01.01 (4) Trojan.spybot virus |
15 March 2006 |
cc Spamcop report |
adsl-67-114-113-210.dsl.bkfd14.pacbell.net |
Internet Mail Service (5.5.2650.21) |
15 March 2006 |
cc Spamcop report |
48.114.151.152 |
Calypso Version 3.20.01.01 (4) Trojan.spybot virus |
15 March 2006 |
cc Spamcop report |
132.117.92.200 |
The Bat! (v1.53d) Trojan.spybot virus |
15 March 2006 |
cc Spamcop report |
216.250.47.66 All West Communications |
Mutt/1.5.1i Trojan.spybot virus |
15 March 2006 |
cc Spamcop report |
88.243.240.9 Turk Telekom Turkey |
Internet Mail Service (5.5.2650.21) |
15 March 2006 |
cc Spamcop report |
102.16.24.65 - |
Mutt/1.5.1i Trojan.spybot virus |
19 March |
cc Spamcop report |
80.243.245.135 - outremer-telecom.fr |
Mutt/1.5.1i Trojan.spybot virus |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* for the record our email boxes blocks any email request sent to it
from south korea, or china - it solves the volume of spam problem for
us, if you thinks that is hard - i suggest you ask to see the log file,
china and korea love to fake whats they spend most of their time
sending - which is spam willingly, or unwillingly
Both take spammers money too.
Yes This page is a mess but the gives you a time line for me to
discovering Roberts activities
next
14 May: Quiet here (no Bob spam) An
interesting url from the the BBB.org http://www.thebbb.org/commonreport.html?bid=22009796
Marketplace Experience
Based on BBB files, this company has an unsatisfactory recordwith the
BBB Definition:
unsatisfactory record - A company has an "unsatisfactory business performance record" with the Bureau is based on the experiences reflected in BBB files. This file condition results when the company has failed to resolve or respond to complaints, repeatedly failed to respond or resolve issues in a timely manner, failed to resolve the underlying issues for a patternof complaints, failed to honor their commitment to mediate or arbitrate disputes or honor mediated agreements or arbitrated decisions, failed to substantiate, modify or discontinue false advertising claims that are challenged by the BBB, or failed to discontinue unauthorized use of the BBB name and logo, a Federally protected trademark.
BBB Definition:
pattern - More than 2 complaints involving the same allegations usually within 12 months that are significant in relation to the company's size and volume of business.
Bureau due to failure to respond to one or more complaints and or two or
more otherwise unresolvedcomplaints.
BBB Definition:
unresolved - The company failed to resolve the complaint issues.
more news from http://blog.opsan.com/archive/2005/07/29/1148.asp
new domain for our cheeky spammer (its great to be a chinese citizen)
Parsing input: http://www.broadcastemailingcorp.cn/
Host www.broadcastemailingcorp.cn (checking ip) = 218.244.140.39 >
abuse@hichina.com
Registrant Organization: ????
Registrant Name: ??
Administrative Email: cnreg@hichina.com
Sponsoring Registrar: ??????????(??)????
Name Server:dns9.hichina.com
Name Server:dns10.hichina.com
Registration Date: 2006-05-11 11:26
Expiration Date: 2007-05-11 11:26
inetnum: 218.244.128.0 - 218.244.159.255
netname: HICHINA
country: CN
descr: 3/F,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,
Beijing 100011,China
admin-c: ZX103-AP
tech-c: ZX163-AP
status: ALLOCATED PORTABLE
changed: shenzhi@cnnic.cn 20050606
mnt-by: MAINT-CNNIC-AP
source: APNIC
person: Zhang Xiangdong
nic-hdl: ZX103-AP
e-mail: abuse@hichina.com
address: 3/F,HiChina Mansion,No.27 Gulouwai Avenue
address: Dongcheng District, Beijing 100011, China
phone: +86-10-64242299-8602
fax-no: +86-10-64242299-8354
country: CN
changed: ipas@cnnic.net.cn 20050413
mnt-by: MAINT-CNNIC-AP
source: APNIC
person: Song Yingqiao
address: 3/F,HiChina Mansion,No.27 Gulouwai Avenue
address: Dongcheng District, Beijing 100011, China
country: CN
phone: +86-10-64242299-8328
fax-no: +86-10-64242299-8354
e-mail: songyq@hichina.com
nic-hdl: ZX163-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20050413
source: APNIC
inetnum: 218.244.128.0 - 218.244.159.255
netname: HICHINA
country: CN
descr: 3/F,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,
Beijing 100011,China
admin-c: ZX103-CN
tech-c: ZX163-CN
status: ALLOCATED PORTABLE
changed: shenzhi@cnnic.cn 20050606
mnt-by: MAINT-CNNIC-AP
source: CNNIC
person: Zhang Xiangdong
nic-hdl: ZX103-CN
e-mail: abuse@hichina.com
address: 3/F,HiChina Mansion,No.27 Gulouwai Avenue
address: Dongcheng District, Beijing 100011, China
phone: +86-10-64242299-8602
fax-no: +86-10-64242299-8354
country: CN
changed: ipas@cnnic.net.cn 20050413
mnt-by: MAINT-CNNIC-AP
source: CNNIC
person: Song Yingqiao
address: 3/F,HiChina Mansion,No.27 Gulouwai Avenue
address: Dongcheng District, Beijing 100011, China
country: CN
phone: +86-10-64242299-8328
fax-no: +86-10-64242299-8354
e-mail: songyq@hichina.com
nic-hdl: ZX163-CN
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20050413
source: CNNIC
> How those Chinese hate spam ....
Blonde reports
"The person that returned my
call was friendly until I explained I'd not received my package, then
immediately turned kinda rude. Told me to email support at
newportcorp@mailshack.com.
Then it occured to me that the number on the caller id was Robert
Soloway, (I'm a little slow catching on sometimes) so I asked the guy
why the number was listed as Robert Soloway instead of Newport
Broadcasting. He hung up on me."
> And rude to a customer .... - oh my He seems to be using
http://62.193.224.161/broadcastemail/ (old style site - FRANCE) for
specials, These guys 62.193.224.0 - 62.193.239.255 AMEN-EUROPE-NETWORK abuse@amenworld.com seem to like
him (2nd ip)
inetnum: 62.193.224.0 - 62.193.239.255
netname: AMEN-EUROPE-NETWORK
descr: AMEN European Network
descr: For Spam/Abuse requests please send mail to abuse@amenworld.com
country: FR
admin-c: AN1108-RIPE
tech-c: AN910-RIPE
status: ASSIGNED PA
mnt-by: AMEN-MNT
mnt-lower: AMEN-MNT
mnt-routes: AMEN-MNT
rev-srv: ns1.amenworld.com
rev-srv: ns2.amenworld.com
source: RIPE # Filtered
role: AMEN NOC
address: AMEN - Agence des Medias Numeriques
address: 12/14, rond-point des champs elysees
address: 75008 Paris, France
phone: +33 8 92 55 66 77
e-mail: abuse@amen.fr
nic-hdl: AN910-RIPE
admin-c: JD2263-RIPE
tech-c: AN1018-RIPE
tech-c: AN1019-RIPE
mnt-by: AMEN-MNT
source: RIPE # Filtered
person: Gorun RENAULT
address: AMEN - Agence des Medias Numeriques
address: 12/14, rond-point des champs elysees
address: 75008 Paris, France
phone: +33 8 92 55 66 77
fax-no: +33 1 40 87 76 89
e-mail: gorun.renault@amen.fr
nic-hdl: AN1108-RIPE
mnt-by: AMEN-MNT
source: RIPE # Filtered
% Information related to '62.193.224.0/22AS28677'
route: 62.193.224.0/22
descr: AMEN Networks
origin: AS28677
mnt-by: AMEN-MNT
source: RIPE # Filtered
1 May: April was 'interesting' Three Soloway
hosts down
http://210.7.70.150/broadcastemail/ (india)
http://broad.1122.ish.cn/
jzgx.nydns.cn/
I expect some movement on Bob 'bulking up' on hostnames soon - the
india host stopped responding after two months - seems rather spam
friendly that indian isp , that is unless the rumours about spammer
Ralsky come true. Our friends the French still seem to be
clueless but then again the french with computers seems plain
strange.
I will continue to mirror this page just in case a repeat of April
happens again.
22 April: Funny
things a happening and not just here
Just in case you think im the only
one complaining or documenting mr soloway Im not - blog.opsan.com
(mentioned before) got an honourable
mention in a recent Bob Soloway spam run as an 'impediment to him spamming' - the
site above has a proper comment system rather than my sorry yahoo
guestbook. Despite this being a boring webpage i try and verify
the info i get, I got an above average page hit rate to in April over
easter, make of that what you will.
From that site: Acebirddog reports that Bobs 'spam me forever lists'
- have been sold to he thinks to phishers who if you dont know are
those very nice people who ask you for your id just before they raid
your bank account - A casual glance at the spam I saved (all three
experiments 'evidence') show that I've won the lottery, had 419 scams
etc although low in number compared to drugs and software spam I got so
I'm sure pointing a finger to Bob Soloway could not be too hard .
While I'd not say he did (having not seen it), I'm sure he could
have, alas my spam filtering is vicious, and with Max (mentioned
elsewhere) not helping I pass this bit of info on. Effective
sales leads are targeted to people, just becuase you have an contact
means there is a duty of care how you treat it - for instance you would
not sell the list of mafia informers to the mafia.
The 'duty of care' never existed as far as im concerned -
client case studies whatever (and not written by me) can be
found throughout this document.
20 April: New Chinese domain reported hosting
Mr Spam (no China really is 'anti spam') Mirror of this page also
setup, If China is 'anti spam' then G.W Bush, and all members of the
Chinese communist party and the new german Pope are homosexuals.
Couple of Chinese terminations reported (or did Bob fail to pay the
bill ?)
Meet jzgx.nydns.cn (thanks to Tomez)
nydns.cn
Domain Name: nydns.cn
ROID: 20050414s10001s06775213-cn
Domain Status: ok
Registrant Organization: 楠羽网络科技公司
Registrant Name: 王洪羽
Administrative Email: why_119@tom.com
Sponsoring Registrar: 北京新网数码信息技术有限公司
Name Server:ns.xinnetdns.com
Name Server:ns.xinnet.cn
Registration Date: 2005-04-14 16:12
Expiration Date: 2007-04-14 16:12
inetnum: 60.16.0.0 - 60.23.255.255
netname: CNCGROUP-LN
country: CN
descr: CNCGROUP Liaoning province network
admin-c: CH455-AP
tech-c: GZ84-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-LN
mnt-routes: MAINT-CNCGROUP-RR
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20040416
changed: hm-changed@apnic.net 20060124
source: APNIC
route: 60.16.0.0/13
descr: CNC Group CHINA169 Liaoning Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC
role: CNCGroup Hostmaster
e-mail: abuse@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: abuse@cnc-noc.net 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC
person: Guangyu Zhan
nic-hdl: GZ84-AP
e-mail: abuse@online.ln.cn
address: DATA Communication Bureau of Liaoning Province,China
address: 38 Lianhe Road,Dadong District Shenyang 110044,China
phone: +86-24-22800096
fax-no: +86-24-22800368
country: CN
changed: zhangy@lntelecom.com 20030122
mnt-by: MAINT-CNCGROUP-LN
source: APNIC
15 April: We where popular the last couple of
days
Alas
geocities stats are not very good but it seems that 26 browsers tried
over and over again to access this page for every hour, -
So Im assuming it Bob and his 'army' of spambot pc's. I see
no refering url or page of entry so perhaps i can now infer to you that
Bob is ddosing geocities now ?.
Does that mean his geocites redirect days are over ? time will tell
Geocities got fed up and blocked the ip's it seems.
12 April: No eu activity activity yet,
quite on the spam front too.
Tomez (report to nanae) discovers newportcorp.cn
- guess where
inetnum: 222.208.0.0 - 222.215.255.255
netname: CHINANET-SC
descr: CHINANET Sichuan province network
descr: China
Let see whois at whois.cnnic.net.cn:
Domain Name: newportcorp.cn
ROID: 20060330s10001s47212991-cn
Domain Status: ok
Registrant Organization: ????
Registrant Name: ??
Administrative Email: cnreg@hichina.com
Sponsoring Registrar: ??????????????????
Name Server: dns9.hichina.com [218.30.103.100]
Name Server: dns10.hichina.com [218.244.143.64]
Registration Date: 2006-03-30 11:21
Expiration Date: 2007-03-30 11:21
See also:
only4testinter.vicp.net IP 222.210.196.86
ns2.vicp.net [210.51.180.211]
ns1.vicp.net [202.105.21.217]
only4testinter.vicp.net has no MX records -> vicp.net has no MX
records
Let see whois:
Registrar: ONLINENIC, INC.
Registrant:
ORAY Network Resource Co., Ltd. domainreg@oray.net +86.2061073333
Vavic Network Technology, Inc.
1F Office,NO 15,Jiangong Road,Tianhe S&T Zone Guangzhou,510655P.R.C
Guangzhou,Guangdong,CN 510655
Domain Name: vicp.net
Record last updated at 2006-02-16 23:44:34
Record created on 2001/8/15
Record expired on 2011/8/15
Domain servers in listed order:
ns1.vicp.net ns2.vicp.net
Administrator:
Name-- Vavic Network Technology, Inc.
EMail-: (domainreg@oray.net)
tel --: +86.2061073333
org: Vavic Network Technology, Inc.
1F Office,NO 15,Jiangong Road,Tianhe S&T Zone Guangzhou,510655P.R.C
Guangzhou,Guangdong,CN 510655
Technical Contactor:
Name-- Vavic Network Technology, Inc.
EMail-: (domainreg[]oray.net)
tel --: +86.2061073333
org: Vavic Network Technology, Inc.
1F Office,NO 15,Jiangong Road,Tianhe S&T Zone Guangzhou,510655
P.R.C
Guangzhou,Guangdong,CN 510655
Billing Contactor:
Name-- Vavic Network Technology, Inc.
EMail-: (domainreg@oray.net)
tel --: +86.2061073333
org: Vavic Network Technology, Inc.
1F Office,NO 15,Jiangong Road,Tianhe S&T Zone Guangzhou,510655P.R.C
Guangzhou,Guangdong,CN 510655
See original spam in sightings:
http://groups.google.com/group/news.admin.net-abuse.sightings/msg/936e3d380c28c656
And see also DNS dnsfamily.com used by Soloway for
nebc.dazh.cn IP 220.166.64.52 (at CHINANET-SC)
ns2.dnsfamily.com [218.107.216.80]
(at CNCNET-CN / dns-xm1.fjxm.cncnet.net)
ns1.dnsfamily.com [218.85.132.246]
(at CHINANET-FJ / dns.fz.fj.cn)
Let see whois:
Registrar: XIN NET TECHNOLOGY CORPORATION
Domain Name: dnsfamily.com
DNS Servers:
NS1.4EVERDNS.COM 218.5.77.19
NS2.4EVERDNS.COM 61.151.252.240
NS1.DNSFAMILY.COM 218.85.132.246
NS2.DNSFAMILY.COM 218.107.216.80
Registrant:
huiyu chen
xiamen
361004
Administrative Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kittyyuc@hotmail.com
Technical Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kittyyuc@hotmail.com
Billing Contact:
huiyu chen
huiyu chen
xiamen
xiamen Fujian 361004
China
tel: 86 596 6637835
fax: 86 596 6637835
kittyyuc@hotmail.com
Registration Date: 2006-01-09
Update Date: 2006-03-02
Expiration Date: 2007-01-09
Primary DNS: ns1.DNSFAMILY.com 218.85.132.246
Secondary DNS: ns2.DNSFAMILY.com 218.107.216.80
See original spam in sightings:
http://groups.google.com/group/news.admin.net-abuse.sightings/msg/1a28a5ee6aa40155
Credit to Tomez for the above,
Admin note to any spammers - comment spam to the guestbook
feature will not help your seo ratings, it is not displayed. - so if
you hired
an seo spammer (better results in Google for 5 seconds) and you wonder
why nobody is visiting you now know why.
Valid comments eg dealing with Bob will not be displayed either they
will be added to this page. tips are anon and welcome..
3 April: No website termination to log
recently, which allows to me to make a point about France and there
employment issues (in the news) if a french isp cannot terminate a well
known rokso spammers site (i'm not asking for miracles, and note i dont
make those demands on the spam friendlyness of India, and China isp's)
- while those sites might not currently spamvertised (see 29 march
entry for the current host with the most), its still Bob Soloway.
So the question is there nobody at abuse@amenworld.com who is
sufficienty educated enough to kill the site ? it seems there is work
in france but nobody seems to
a know how to do it,
or
b or is paid to do it.
They've had some spamcop reports too.
admin note: new section for Domain owner spam analysis that Bob
should send to me - why ? I'm packing up the spam statistical analysis
'experiments'. well when you go document 700 spams + (a 5mb
webpage) and you will know the answer, alas Bob cannot celebrate,
I'm still going to continue writing this page.
1 April: This is no joke but Bob Soloway
spammed me! lucky me - hes using flickr.com too
http://static.flickr.com/51/113583781_17411093f6_m.jpg
Lots of other garbage too, once on, never off with our Bob
29 March: - eight days of nothing - then new
(broad.1122
account ?) on host http://broad.1122.ish.cn/ (China)
; <<>> DiG 9.2.4 <<>> broad.1122.ish.cn
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10284
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broad.1122.ish.cn.
IN A
;; ANSWER SECTION:
broad.1122.ish.cn. 3094
IN A
60.191.23.122
whois ish.cn
Domain Name: ish.cn
ROID: 20040920s10001s02686110-cn
Domain Status: ok
Registrant Organization: 杭州森蓝计算机网络有限公司
Registrant Name: 钱永强
Administrative Email: myqyq@yahoo.com.cn
Sponsoring Registrar: 北京新网数码信息技术有限公司
Name Server:ns.xinnetdns.com
Name Server:ns.xinnet.cn
Registration Date: 2004-09-20 09:12
Expiration Date: 2006-09-20 09:12
60.191.23.96 - 60.191.23.127
netname: HANGZHOU-WANGTONG-LTD
country: CN
descr: HangZhou WangTong Technology CO.,LTD
descr:
admin-c: YX315-AP
tech-c: CH122-AP
status: ASSIGNED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20050429
mnt-by: MAINT-CN-CHINANET-ZJ-HZ
source: APNIC
role: CHINANET-ZJ Hangzhou
address: No.352 Tiyuchang Road,Hangzhou,Zhejiang.310003
country: CN
phone: +86-571-85157929
fax-no: +86-571-85102776
e-mail: anti_spam@mail.hz.zj.cn
trouble: send spam reports to anti_spam@mail.hz.zj.cn
trouble: and abuse reports to anti_spam@mail.hz.zj.cn
trouble: Please include detailed information and times in UTC
admin-c: CH54-AP
tech-c: CH54-AP
nic-hdl: CH122-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIC
person: YuanDong Xu
nic-hdl: YX315-AP
e-mail: dkhxtb@mail.hz.zj.cn
address: Floor 17th,ChangDiHuoJu Mansion,No.259 WenSan Road,Hangzhou,Zhejiang.Postcode:310000
phone: +86-571-85511187
country: CN
21 March: A short analysis of new website
(non techy), lets discuss
opting out first.
first question is: how did I 'opt' to get Bob spam ? unknown ? i
have my ideas.
second question is: how do i know what email list(s) im on ?
third question is: will i get more spam after removing myself ? -
probably
Now: Moving on to the success stories of NIM - It seems that many of the spam claims made by Bob have been removed from the new website for instance uskia et all, and he is urging his spammy clients to donate to The Salvation Army,Doctors Without Borders,Mercy Corps and not forgetting Child Help USA. - Perhaps what is means is when Bob mentions a donation was made in a spam email/website - he did not contribute but somebody else did ?
I wonder what happened to the 'success' (found on the old website,
and in his spam emails) the stories of
america remembers: killed in action - notes: think is http://usakia.org/ they never replied to
my query either.
foundation, his grace: evangelistic ministries - notes: ?
north valley aikikai: aikido education academy - notes: ? Information: (760) 788-3267 or www.ramona-aikikai.com
(dead url)
lars ranch: abused children's sanctuary notes: ? the neverland
moonwalking dance school ?
musici europae: classic music foundation notes: ? husband and wife
duo of Tony Brychta and
Marianna Alaberdova ? from Google cache
coleman broadcasting: youth education network . notes: Kansas
somewhere, can only find a address,
Coleman Broadcasting Network Po Box 300165,Kansas City, MO 64130 no
url a phone of (816) 861-378seven
Perhaps charity spam email does not work after all ?
I note (technical) he is using a counter script from
rapidcounter.com
20 March: Images of Bob (our spammer comes
out of the the closet) from the new website ? see below
Site seems to be dead http://advertising.voddo.cn/
(China)
- see if they stay down
Leaves France, China, and India up
The remaining Chinese site (http://broad.ztjm.com/) has a new website see:
I like the spam to be numero 1 spammer " NEBC Founder Ranked as The #1 Broadcast Emailer in The
World by Wikipedia; The World's Largest Online Encyclopedia. " Class! - Bet Forrester like there name being used
to.
The site needs more investigation but Im sure the
owner of poochieheaven.com would take issue for the
satisfaction cliam.
I got fooled and payed for Soloways broadcast email that was supposed to be all opt in.
Well now I have nothing but complaints about spam and am receiving virus' in my email all the time.
I asked for a refund but they said no.
Still I get complaints about emails being sent out after I told them to stop sending them.
So I wonder what can we do about this.
My business has slowed so much and I think my site's reputation is at stake.
Other 'recomendations' are here.
India, France have old website designs which
looked like:
19 March: 'e' larts me to France -
bonjour to http://62.193.238.142/broadcastemail/
inetnum: 62.193.224.0 - 62.193.239.255
netname: AMEN-EUROPE-NETWORK
descr: AMEN European Network
descr: For Spam/Abuse requests please send mail to abuse@amenworld.com
country: FR
admin-c: AN1108-RIPE
tech-c: AN910-RIPE
status: ASSIGNED PA
mnt-by: AMEN-MNT
mnt-lower: AMEN-MNT
mnt-routes: AMEN-MNT
rev-srv: ns1.amenworld.com
rev-srv: ns2.amenworld.com
source: RIPE # Filtered
role: AMEN NOC
address: AMEN - Agence des Medias Numeriques
address: 12/14, rond-point des champs elysees
address: 75008 Paris, France
phone: +33 8 92 55 66 77
e-mail: abuse@amen.fr
nic-hdl: AN910-RIPE
admin-c: JD2263-RIPE
tech-c: AN1018-RIPE
tech-c: AN1019-RIPE
mnt-by: AMEN-MNT
source: RIPE # Filtered
Humour - yahoos guestbook alerter email is being deemed as spam by
yahoo webmail - so before anybody pays (ahem spams) to have there mail
put in our inboxes instead of bul - which aol are going to do -
its nice to know that parts of yahoo wont be paying it. Thats
good enough for me.
Admin note: Tables differenciated between our spam, and
spamcop
reports
15 March: http://62.123.150.18/broadcastemail/
(Italy) down after six days. What a list of infected pc's
retail/civil defence/wall
stree/china If Bob Soloways using it must be legit....
India (very spammy) / China / and Russia current homes for
bobs 'webhosting'.
14 March:
http://217.40.152.75/broadcastemail - England is down
new section web hosts up
13 March: advertising.voddo.cn is still up -
not down the tour
continues - Danke for the cc on the list of redirects at
http://blog.opsan.com/archive/2005/07/29/1148.aspx
Lets have a Bob world spam tour logo.
12 March: Confusion cleared up - spamcop
reports added - bob down to one geocities url in those reports, (not
the three one expects) 1st senderbase infected pc used by Bob
identifed too.
but now one green box to add too....
Bobs in England now at http://217.40.152.75/broadcastemail/ - man
can he Globetrot
Of note here to any people still thinking - Bob seems a 'genuine
businessman' - perhaps you might ask why is he ordering english
broadband internet connections when his office is not available to get
english (european) broadband from British Telecom.
His address Executive Residence, Inc. 1200 Western Avenue
Room 17E
Seattle, Washington - which Im sure the english broadband checker at
bt.com would say something along the lines of 'no service possible'.
My thanks to 'e'
% Information related to '217.40.152.72 - 217.40.152.79'
inetnum: 217.40.152.72 - 217.40.152.79
netname: Mary-MEADOWS-000000006186527
descr: BT-ADSL
remarks: Please send abuse notification to abuse@btopenworld.com
country: GB
admin-c: DY128-RIPE
tech-c: DY128-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
source: RIPE # Filtered
person: Robin Griffith
remarks: *******************************************************
remarks: * Please send abuse reports to abuse@btopenworld.com *
remarks: *******************************************************
address: Openworld
address: British Telecommunications plc
address: 81 Newgate Street
address: London
address: EC1A 7AJ
address: UK
phone: +44 1473 647774
abuse-mailbox: abuse@btopenworld.com
nic-hdl: DY128-RIPE
mnt-by: BTNET-MNT
source: RIPE # Filtered
% Information related to '217.32.0.0/12AS2856'
route: 217.32.0.0/12
descr: BT Public Internet Service
origin: AS2856
mnt-by: BTNET-MNT
source: RIPE # Filtered
update: I'm getting confused
where back in in Italy (last there 4th March)
on http://62.123.150.18/broadcastemail/
inetnum: 62.149.192.0 - 62.149.223.255
netname: TECHNORAIL-NET
descr: Technorail srl
descr: Internet Service and Access Provider
country: IT
admin-c: SC279-RIPE
tech-c: SC279-RIPE
status: ASSIGNED PA
mnt-by: TECHNORAIL-MNT
source: RIPE # Filtered
person: Stefano Cecconi
address: Aruba S.p.A.
address: Piazza Garibaldi 8
address: 52010 soci (AR)
phone: +39 0575 51571
fax-no: +39 0575 561831
e-mail: hostmaster@technorail.com
nic-hdl: SC279-RIPE
source: RIPE # Filtered
% Information related to '62.149.128.0/17AS31034'
route: 62.149.128.0/17
descr: Technorail S.r.l. - Aruba.it
origin: AS31034
mnt-by: TECHNORAIL-MNT
source: RIPE # Filtered
New domain http://advertising.voddo.cn/
in China, 'E' reports that czech is down, that leaves China, and India
up I need a traffic light system as to what is up, and how long it was
up views please. - but now on with the new
Domain Name: voddo.cn
ROID: 20060223s10001s45519825-cn
Domain Status: ok
Registrant Organization: 苏风
Registrant Name: 苏风
Administrative Email: cnreg@hichina.com
Sponsoring Registrar: 创联万网国际信息技术(北京)有限公司
Name Server:dhserver.sharella.com
Name Server:dhserver2.sharella.com
Registration Date: 2006-02-23 13:45
Expiration Date: 2007-02-23 13:45
;; ANSWER SECTION:
voddo.cn.
60 IN
A 218.88.45.202
Which is our anti-spam friends at Chinanet
inetnum: 218.88.0.0 - 218.89.255.255
netname: CHINANET-SC
descr: CHINANET sichuan province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
changed: hostmaster@ns.chinanet.cn.net 20020408
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20041126
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051212
mnt-by: MAINT-CHINANET
source: APNIC
person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail: ipadmin@my-public.sc.cninfo.net
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
changed: ipadmin@my-public.sc.cninfo.net 20030317
mnt-by: MAINT-CHINANET-SC
source: APNIC
6 March: Spamcop reports added to respective
sections, Its seems safe to say that Bob 'loves' Trojan.Spybot, a song
too here (thanks Basault) - if you want it removed
its no problem
4 March: Hell Im getting Soloway Jetlag! -
imagine if i got airmiles ...
India and Czech now, Poland reportely 'dead' - Thanks 'E' -
sleazy countries 'hosting' Bob websites are still up -
Hi India http://210.7.70.150/broadcastemail/ welcome to the club Bishwo Chhetri & DIRECT INTERNET LTD.
inetnum: 210.7.64.0 - 210.7.95.255
netname: DIL
descr: DIRECT INTERNET LTD.
descr: 42 Dakshineshwar
descr: 10 Hailey Road
descr: New Delhi - 110 001
country: IN
admin-c: YK161-AP
tech-c: BC176-AP
remarks: FOR SPAM & SECURITY INCIDENTS,
remarks: SEND EMAIL TO - abuse@primus-india.com
mnt-by: APNIC-HM
mnt-lower: MAINT-IN-DIL
changed: hm-changed@apnic.net 20020517
status: ALLOCATED PORTABLE
source: APNIC
person: Yashpal Kapoor
nic-hdl: YK161-AP
e-mail: ykapoor@primus-direct.com
address: 42/10, Hailey Road,
address: New Delhi - 110001
phone: +91.11.2373.7270
fax-no: +91.11.2373.7280
country: IN
remarks: FOR SPAM & SECURITY INCIDENTS,
remarks: SEND EMAIL TO - abuse@primus-direct.com
changed: bchhetri@primus-direct.com 20031001
mnt-by: MAINT-IN-DIL
source: APNIC
person: Bishwo Chhetri
nic-hdl: BC176-AP
e-mail: bchhetri@primus-direct.com
address: 274, Captain Gaur Marg,
address: Sriniwaspuri, New Delhi
address: 110 065, India.
phone: +91-11-2692-4281
fax-no: +91-11-2692-4278
country: IN
remarks: FOR SPAM & SECURITY INCIDENTS,
remarks: SEND EMAIL TO - abuse@primus-direct.com
changed: bchhetri@primus-direct.com 20031001
mnt-by: MAINT-IN-DIL
source: APNIC
Czech (eu) now meet http://62.204.237.170/broadcastemail/
: 62.204.236.0 - 62.204.237.255
netname: TTN-THSOFT-NET1
descr: THSOFT network
country: cz
admin-c: JS3270-RIPE
tech-c: TH101-RIPE
status: ASSIGNED PA
mnt-by: CZTTNET-MNT
source: RIPE # Filtered
person: Jiri Stefek
address: TTNET s.r.o.
Raisova 232
Zamberk 564 01
phone: +420465612567
fax-no: +420465612567
e-mail: jirka@tyhan.cz
nic-hdl: JS3270-RIPE
mnt-by: CZTTNET-MNT
remarks:
source: RIPE # Filtered
person: Tomas Holenda
address: TTNET s.r.o.
Raisova 232
Zamberk 564 01
phone: +420465612567
fax-no: +420465612567
e-mail: tomas@thsoft.cz
nic-hdl: TH101-RIPE
mnt-by: CZTTNET-MNT
source: RIPE # Filtered
% Information related to '62.204.224.0/19AS34040'
route: 62.204.224.0/19
descr: TTNET Route
origin: AS34040
mnt-by: CZTTNET-MNT
source: RIPE # Filtered
Now poland too and Polish
Telecom !-!-!-!-! to you to
http://83.17.42.146/broadcastemail/ (apparently Dead saturday
pm)
inetnum: 83.0.0.0 - 83.31.255.255
org: ORG-PT1-RIPE
netname: PL-TPSA-20031203
descr: Polish Telecom
descr: PROVIDER Local Registry
country: PL
admin-c: KP21-RIPE
admin-c: TK569-RIPE
admin-c: JS1838-RIPE
tech-c: TPHT
status: ALLOCATED PA
remarks: In case of abuse contact abuse@telekomunikacja.pl
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: TPNET
mnt-lower: AS5617-MNT
mnt-routes: AS5617-MNT
source: RIPE # Filtered
organisation: ORG-PT1-RIPE
org-name: Polish Telecom
org-type: LIR
address: Nowogrodzka 47A
address: 00-695
address: Warszawa
address: Poland
phone: +48 22 625 74 96
phone: +48 44 4480030
fax-no: +48 22 625 23 83
fax-no: +48 44 47 35 72
admin-c: KP21-RIPE
admin-c: JS1838-RIPE
admin-c: TK569-RIPE
admin-c: TW880-RIPE
admin-c: EHD2-RIPE
mnt-ref: TPNET
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
role: TP S.A. Hostmaster
address: TP S.A. "POLPAK"
address: ul. Nowogrodzka 47A
address: 00-695 Warszawa
address: Poland
phone: +48 22 6252383
fax-no: +48 22 6225182
remarks: trouble: Network problems: hostmaster@tpnet.pl
remarks: trouble: Abuse and spam notification: abuse@telekomunikacja.pl
remarks: trouble: DNS problems: dns@tpnet.pl
remarks: trouble: Routing problems: registry@tpnet.pl
admin-c: TK569-RIPE
tech-c: TK569-RIPE
tech-c: JS1838-RIPE
nic-hdl: TPHT
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks: Please send spam and abuse notification only to abuse@telekomunikacja.pl
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
mnt-by: TPNET
source: RIPE # Filtered
abuse-mailbox: abuse@telekomunikacja.pl
person: Tomasz Kielb
address: TP S.A. - POLPAK
address: ul. Nowogrodzka 47A
address: 00-695 Warszawa
address: POLAND
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks:
remarks: In case of abuse (intrusion attempts, hacking,
remarks: spamming or other unaccepted behavior) from
remarks: TP S.A. address space, please contact only to:
remarks:
remarks: abuse@tpnet.pl
remarks:
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
phone: +48 800 120 810
phone: +48 800 120 811
fax-no: +48 22 5230178
nic-hdl: TK569-RIPE
mnt-by: TPNET
source: RIPE # Filtered
person: Jaroslaw Salamon
address: TP S.A. -POLPAK
address: ul. Nowogrodzka 47A
address: 00-695 Warszawa
address: POLAND
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks:
remarks: In case of abuse (intrusion attempts, hacking,
remarks: spamming or other unaccepted behavior) from
remarks: TP S.A. address space, please contact only to:
remarks:
remarks: abuse@telekomunikacja.pl
remarks:
remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
phone: +48 800 120 810
phone: +48 800 120 811
fax-no: +48 22 5230178
nic-hdl: JS1838-RIPE
mnt-by: TPNET
source: RIPE # Filtered
person: Konrad Plich
address: TP S.A. CST POLPAK
address: ul. Sienkiewicza 9
address: 97-300 Piotrkow Tryb.
address: Poland
remarks: ---------------------------------------------
remarks: In case of abuse (intrusion attempts, hacking,
remarks: spamming or other unaccepted behavior) from
remarks: TP S.A. address space, please mail only to:
remarks: abuse@tpnet.pl
remarks: ----------------------------------------------
phone: + 48 44 6480030
fax-no: + 48 44 6473572
nic-hdl: KP21-RIPE
mnt-by: AS5617-MNT
source: RIPE # Filtered
Email to uskia
- (internal link) no reply yet 'but fingers crossed'
.... and thanks to 'E' - China and
Italy Bob websites
'broad' - seems to be new so is ztjm.com > broad.ztjm.com
Domain Name: ZTJM.COM
Registrar: BIZCN.COM, INC.
Whois Server: whois.bizcn.com
Referral URL: http://www.bizcn.com
Name Server: NS5.CNMSN.NET
Name Server: NS6.CNMSN.NET
Status: REGISTRAR-LOCK
Updated Date: 24-mar-2005
Creation Date: 24-mar-2005
Expiration Date: 24-mar-2006
China = spam freindly folks - hangzhou ztjm
co.,ltd. Yongqiang Qian myqyq@yahoo.com.cn
0571-28819615 fax: 0571-28812367 hz hz zj 310000 cn
And Italy time (geocites redirects) meet http://62.149.193.221/broadcastemail/ - 'killed' by out
Italian friends in a few hours nice quick termination Italy !.
inetnum: 62.149.192.0 - 62.149.223.255
netname: TECHNORAIL-NET
descr: Technorail srl
descr: Internet Service and Access Provider
country: IT
admin-c: SC279-RIPE
tech-c: SC279-RIPE
status: ASSIGNED PA
mnt-by: TECHNORAIL-MNT
source: RIPE # Filtered
person: Stefano Cecconi
address: Aruba S.p.A.
address: Piazza Garibaldi 8
address: 52010 soci (AR)
phone: +39 0575 51571
fax-no: +39 0575 561831
e-mail: hostmaster@technorail.com
nic-hdl: SC279-RIPE
source: RIPE # Filtered
% Information related to '62.149.128.0/17AS31034'
route: 62.149.128.0/17
descr: Technorail S.r.l. - Aruba.it
origin: AS31034
mnt-by: TECHNORAIL-MNT
source: RIPE # Filtered
'E' reports that some geocities sites are also apparently down - .se
and .ru - but Ive not bothered to check.
Once you host Bob, you stay in the list. - theres got to be some 'fame'
for hosting Robert Soloway.
3 March: meet a dumb isp - and a dumb scheme
to stop spam - it wont stop Bob - trust me.
2 March: Let introduce 'the its got a virus section' Getting a numbe rof
cc'ed spamcop reports and not to confuse its origin, from the spams we
get its going get its on section
ip 211.200.129.39 has MIME-tools 4.104 (Entity 4.116)
seems to have the Trojan.spybot
virus
211.33.79.125 has Mutt/1.5.1i seems to have the Trojan.spybot virus
221.139.207.34 has Sylpheed version 0.8.2 (GTK+ 1.2.10; i586-alt-linux)
seems to have the Trojan.spybot virus
Are you thinking what im thinking ? no then take a peek.
1 March: In following up on how did the spam
get there (see below entry) I have added a column to the domain roles
spamed with Bob Soloways spam table, should it be easy to 'match'
then i will indicate how the spam was delivered by our esteemed spammer.
During a rather dull day doing some non
productive office nonsense,
I went onto one of those high school friend finder sites, nothing 100%
definitive but this chap hits our profile pretty close not many
Soloways aged '26' can you do better ? drop me a line ?
Robert Soloway Cotati CA 26
Robert Soloway Rohnert Park CA 26
So I think I know where he might have gone to school.
RANCHO BODEGA SCHOOL
8297 OLD REDWOOD HWY
COTATI CA
or in the Rohnert Park area
BEREAN BAPTIST CHRISTIAN ACADEMY
CONSECUTIVE INSTRUCTIONS SCH
DEFOREST HAMILTON JUV HALL SCH
EL CAMINO CONT HIGH SCHOOL
EREAN BAPTIST CHRISTIAN ACADEM
PHOENIX HIGH SCHOOL
RANCHO COTATE HIGH SCHOOL
ROHNERT PARK COMMUNITY SCHOOL
The Pheonix high school had some members but the others did
not have much of a membership, if somebody a little more local than I
am could dig (1996-1998) then it might be worthwhile persuing - might
be wrong but I'd love a mugshot of Bob to put here.
Move to another website (thanks for the tip off) say hi to Fredrik
Skold and http://62.119.28.243/broadcastemail/
inetnum: 62.119.28.0 - 62.119.28.255
netname: FSDATA-NET
descr: FS DATA
descr: Uppsala
country: SE
admin-c: FS1367-RIPE
tech-c: FS1367-RIPE
status: ASSIGNED PA
mnt-by: AS8434-MNT
source: RIPE # Filtered
person: Fredrik Skold
address: F S DATA
address: Box 140
address: S-265 Astorp
address: Sweden
phone: +46 42 57500
fax-no: +46 42 57575
e-mail: fredrik@fsdata.se
nic-hdl: FS1367-RIPE
source: RIPE # Filtered
% Information related to '62.119.0.0/16AS8434'
route: 62.119.0.0/16
descr: UTFORS-BLK
origin: AS8434
member-of: AS8434:RS-PA-BLK
remarks: *** Contact abuse@utfors.se regarding ABUSE please! ***
mnt-by: UTFORS-MNT
source: RIPE # Filtered
admin note: This page was finally spell checked, bad spelling (mine)
starts from here again!
27 Feb: Thanks for the extra yahoo
redirects, some user agents too report 1 and 2 claim .
Microsoft Internet Mail 4.70.1155 --> Trojan.SpBot
PObox II beta1.0 --> Trojan.SpBot
60.181.144.90, seems to have the Trojan.spybot virus
From my associates site at http://blog.opsan.com/archive/2005/07/29/1148.aspx
leave comments there, or use my contact form I'm
easy - but if its got any interest about Bob then we'd love to hear
about
it, be it unpaid bills, disputes, sex problems etc - if you can point
to online court documents/other stuff to back it up even better.
Talk to Bob, have a desire to know more?
Mr. Soloway ICQ 171-437-039
Robert Alan Soloway with a DOB of 7/10/79 and a California DL of
B5133985 has a couple of traffic tickets that show an address of 1547
Upland Pl., Medford, OR 97501, with a license plate of 4AKK886. He also
has a speeding ticket from 8/31/01 with the 279 Granite St. address, an
Oregon DL of 9678932, and a license plate of ROBCR4 and ROBCR2.
For those of you unable to put the dots together, Bob had a
website in France (using geocites redirects) which got cancelled, and
then took up 'house' in russia, but he is spamming from China. if
you can justify using a spambotted pc in china to send spam about
spammer with a website in russia (currently) then I salute you.
My view of the matter is - its something only a spammer would do
Now back to 60.181.144.90 - Meet the citizen comrades ...
inetnum: 60.181.0.0 - 60.181.255.255
netname: CHINANET-ZJ-WZ
country: CN
descr: CHINANET-ZJ Wenzhou node network
descr: Zhejiang Telecom
admin-c: CZ4-AP
tech-c: CW27-AP
status: ALLOCATED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20050429
mnt-by: MAINT-CHINANET-ZJ
mnt-lower: MAINT-CN-CHINANET-ZJ-WZ
source: APNIC
role: CHINANET ZHEJIANG
address: No.378 Yan'an Road,Hangzhou,Zhejiang.310006
country: CN
phone: +86-571-87080702
fax-no: +86-571-87027816
e-mail: antispam@dcb.hz.zj.cn
trouble: send spam reports to antispam@dcb.hz.zj.cn
trouble: and abuse reports to antispam@dcb.hz.zj.cn
trouble: Please include detailed information and times in UTC
admin-c: CZ61-AP
tech-c: CZ61-AP
nic-hdl: CZ4-AP
remarks: http://www.zjtelecom.com.cn
mnt-by: MAINT-CHINANET-ZJ
changed: hjh@dcb.hz.zj.cn 20050914
source: APNIC
role: CHINANET-ZJ Wenzhou
address: No.2-1 Huancheng Road(East),Wenzhou,Zhejiang.325000
country: CN
phone: +86-577-88818629
fax-no: +86-577-88818635
e-mail: anti_spam@wz.zj.cn
trouble: send spam reports to anti_spam@wz.zj.cn
trouble: and abuse reports to anti_spam@wz.zj.cn
trouble: Please include detailed information and times in UTC
admin-c: CH117-AP
tech-c: CH117-AP
nic-hdl: CW27-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIc
Thats not going to be sorted out soon as it is in china.
26 Feb: Vodka time boys and girls ! Bobs gone and got hosting with our friends the Russians - seems dead now though, A big 'hi' to krsn.ru
All Redirected to:
http://217.74.161.86/broadcastemail/ (sound familiar)
IP 217.74.161.86 kompas.krsn.ru
(at krsn.ru / intertax.ru)
IP 217.74.161.86 on intertax.ru
217.74.161.86 PTR record: kompas.krsn.ru
at ns.krsn.ru
inetnum: 217.74.160.0 - 217.74.162.255
netname: Intertax-Net
descr: JSC Intertax
descr: 78, K.Marksa st.
descr: Krasnoyarsk 660049, Russia
country: RU
route: 217.74.160.0/20
descr: JSC Intertax - ISP in Krasnoyarsk region of Russia.
descr: ru.intertax address space
25 Feb: Puis j'avoir un certain Spam de Bob
de France svp ? or if your english 'ALO ALO we hate Bob' click
Not responding either (either a bob fuckup, or nice kill by friends
the French) unseen website but spam report seen - and good enough for
me Thanks Tomez for this and the other article
New URL:
http://195.6.54.3/broadcastemail/
IP 195.6.54.3
No PTR records exist for 195.6.54.3
at bow.rain.fr / francetelecom.net
inetnum: 195.6.54.0 - 195.6.54.7
netname: FR-CIEME-INFORMATIQUE
descr: CIEME INFORMATIQUE
country: FR
ASN: 3215
ASN
Name: AS3215 (France Telecom Transpac)
He gets around our Bob.
24 Feb: After emailing
child help usa,direct relief international and doctors without borders
I've yet to hear anything, so either they don't give a shit, or
never had any donation from Mr Soloway. Go make up your own mind,
or ask the charities yourself
20 Feb: Internet Mail Service (5.5.2650.21)
from here - seems to be classed as an
'Exchange Open Proxy' abuse in Google - Never used a exchange
server as an production mail server for obvious reasons. If true then
its an illegal use of somebody else's server, and Bob loves Billy Gates
products to spam spybots which is funny since
the 'spamis' debacle done by Bob and covered here in this page.
The other query I had was for %XMAILER - is ?
xmailer - xmailer.exe - Process Information
Process File: xmailer.exe
Process Name: 123 hidden sender
Description: xmailer.exe is an advertising program
by 123 hidden sender. This process monitors your browsing habits and
distributes the data back to the author's servers for analysis. This
also prompts advertising popups. This program is a registered security
risk and should be removed immediately.
A further search in Google reveals
Anonymous bulk email software for email marketing, 123 Hidden Sender
Real anonymous bulk email software, Super Email Harvester, extractor, harvester for online advertising, marketing.
www.123hiddensender.com/
Download 123 Hidden Sender 3.40 Free Trial - 123 Hidden Sender ...
Download 123 Hidden Sender 3.40 for free - 123 Hidden Sender ends real ANONYMOUS bulk emails.
Comrades search on "123 hidden sender" I rest my case. with this
" Sends absolute ANONYMOUS bulk
emails. You won't lose your ISP service. It is trouble free! Your IP
will will never be shown in the email headers.
Description
123 Hidden Sender Screenshot
View full-size screenshot
123 Hidden
Sender sends absolute
ANONYMOUS bulk emails. You won't lose your ISP service. It is trouble
free! Your IP address will not be shown in the email headers! All you
do is input your message, subject, and email addresses, and then 123
Hidden Sender does all the rest. No relays to deal with anymore. No
need for expensive bulk ISPs. Port 25 is not a problem.
123 Hidden Sender is a anonymous bulk
email software program based on a unique know-how sending technology.
It provides real anonymous instant delivery - you can use your regular
Internet connection because your IP address will never be shown in the
email headers.
faq of bulk email software.
Frequesntly Asked Questions of 123 Hidden Sender
faq of bulk email software. Download
the help document of 123 Hidden Sender
faq of bulk email software. Order 123
Hidden Sender NOW!
Feature and Benefits
Send absolute ANONYMOUS bulk emails.
Real anonymous (using proprietary proxy routing - the next wave in bulk
email stealth technology, New technology, not a conventional port 25
mailer). You will not lose your ISP service. Your IP will will never be
shown in the email headers.
Sending speed depends on your
connection only (thread count control - up to 500).
Lowest prices.
Free client software.
All required data client software
retrieves from our center automatically (no more hunting for relays or
paying hundreds ofdollars for open relays).
No port 25 needed (not affected by
port 25 blocking ISPs).
No SMTP servers needed.
Free support, Free upgrade. "
The pot calls the kettle black.
18 Feb: Off topic humour to start with from
our spammy friends at Roach Runner (rr.com) - it made me smile
[Note added by 24.170.23.242 (cpe-24-170-23-242.jam.res.rr.com)]
I don't know why we were contacted about this. I can't seem to find any
info on your page that relates to us. Our company is telebay.com -- and
when I did a control F on your page and searched for "telebay" I
couldn't find it. I see a bunch of other posts about other websites and
spam issues, but not ours.
On another note:
1) Telebay does not even utilize emailing as part of our marketing
efforts. The only people we send email to would be our affiliates, and
this is about to be changed to a RSS feed, instead.
2) If any spam was sent, it could only be one of our affiliates
violating our strict NO SPAM POLICY. If you have anything to report,
please let us know the affiliate's ID. This can be found immediately
after the URL the affiliate would be marketing, such as either of these
two examples:
* http://www.telebay.com/IDhere
* http://www.telebay.com/IDhere/page.html
Being serious again: Der where rr users - and naturally stupid.
From a list of emails for Bobs list and the emailer iding itself as
MIME-tools 5.503 (Entity 5.501)
Mozilla 4.61 [en]C-CCK-MCD C-UDP; (Win98; I)
Sylpheed version 0.8.2 (GTK+ 1.2.10; i586-alt-linux)
seen here yet to id these
Internet Mail Service (5.5.2650.21)
%XMAILER
Im sure something will 'popup'.
17 Feb: Remote News Bobs moving (yes again)
More
Geocities(au) redirects:- http://210.66.241.1/broadcastemail/
Meet some of Bob's friends again in Taiwan.
Last there on the 4th Feb
2006 same ip too and active again, My 'blindness' to getting
Bobs stuff is beginginning to irritate me - perhaps when I hit 1000
spams, or do a years worth of spam here my
'eye
sight' will return.
To my other mutual 'friend' Max who works
with the commision in Seattle - did you sell me out ? or are you
working
both sides ? For the record your not the 'Better Business Bureau' but
if
you make me think about doing that your organisation should be
reclassified then I will be happy to.
You know the routine.
inetnum: 210.66.0.0 - 210.66.255.255
netname: SEEDNET
descr: Digital United Inc.
descr: 9F, No. 125, Song Jiang Road
descr: Taipei, Taiwan
country: TW
admin-c: CY74-AP
tech-c: CY74-AP
mnt-by: MAINT-TW-TWNIC
changed: hostmaster@twnic.net 20000113
changed: hm-changed@apnic.net 20021219
status: ALLOCATED PORTABLE
source: APNIC
person: Chyi-Chuan Yang
nic-hdl: CY74-AP
e-mail: ccyang@du.net.tw
address: 9F, 125, song jiang road
address: Taipei, 104, R.O.C
phone: +886-2-2737-7298
fax-no: +886-2-2739-7512
country: TW
changed: hostmaster@twnic.net.tw 20050531
mnt-by: MAINT-TW-TWNIC
source: APNIC
inetnum: 210.66.240.0 - 210.66.241.255
netname: SEEDNET-NET
descr: Digital United Inc.
descr: 9F, No. 220, Gangchi Road,Taipei 114, Taiwan, R.O.C.
descr: Taipei Taiwan
country: TW
admin-c: RN472-TW
tech-c: RN472-TW
mnt-by: MAINT-TW-TWNIC
remarks: This information has been partially mirrored by APNIC from
remarks: TWNIC. To obtain more specific information, please use the
remarks: TWNIC whois server at whois.twnic.net.
changed: michaelc@du.net.tw 20040827
status: ASSIGNED NON-PORTABLE
source: TWNIC
person: Seednet Seednet
address: Seednet
address: TAIPEI
address: N/A Taiwan
country: TW
phone: +886-2-0800-073330
e-mail: root123@seed.net.tw
nic-hdl: RN472-TW
changed: hostmaster@twnic.net 20020124
source: TWNIC
16 Feb: Charity
Time boys and girls, for
those of you who
really 'read' the Soloway spams will notice that there are a lot
of charities listed
For your benefit I have gone and done some 'Googling' and put in the
the urls,
these are perhaps charities you might like to avoid donating to,
Some of these are large organisations. A lot of these take credit cards
via websites for what its worth, so may means that the donation
was for not a lot and the charity mention means absolutely nothing as
well
Questions I like to know include:
is something i will be asking each charity listed. When time
permits, should they respond i will put the answer here, or if you can
find out as well so much the the better
|
Charities 'Claimed' he Helped ? with a $1 dollar donation ? |
Charities Spammed using Bob services |
|
adventist develop & relief
agency international, |
america remembers: killed in action - foundation, his grace: evangelistic ministries north valley aikikai: aikido education academy
notes: Kansas somewhere, can only find a address, - whom sell a 'Pray TV dvd' Not wishing to 'promote' |
Thats a strange list of organisations Bobs claimed to spammed for most appear to be 'dead' in internet space as of writing this, or very 'local' to Washington State.
list 1child help usa, http://www.childhelpusa.org/ 'e'
direct relief international http://www.directrelief.org/ 'e'
doctors without borders, http://www.doctorswithoutborders.org/ 'e'
list 2
only 'kia' looks like its working - 6/1 failure rate ? when you use Bob
? make up your own mind.
administrative note: I'm getting reports from other now text
denoting remote observation will be shown by using the red colour
14 Feb: Thank goodness Valentines day is over
- my spam load should contain more warez mircosoft offerings than
fake 'potions'
This is to confirm this entry (9 feb), A
friend sent me this, - I am still looking forward to my own personal
copy
though (line breaks mine, http url links removed.)
EMAIL ADVERTISE YOUR SITE TO 3,000,000 INTERNET USERS FOR FREE
http://securesite.odo.com.cn
------ ----- ---- --- -- - -
..for all charity/non-profit organization contacts...
..as a new year thank you to the world and all the good that nonprofits
and charities are doing to assist society, our corporation is doing what it
can to help and has decided to give away a non-commercial email sending
service without cost to charities and nonprofits in need, which is the primary
and only purpose of this non-commercial email.
simply visit our company web site above, fill out any of the order
forms on the web site with your nonprofit/charity contact details, but do not press
submit. instead, print out what is displayed on the screen and send a letter to
the mailing address on our company web site above with your nonprofit/charity
mission
statement, a copy of the paperwork from your governmental authority
confirming your nonprofit/charity status in your city/state/province/country of
origin enclosed, and we will then contact you with all you need to know to have your
special non-commercial, non-transactional, non-relationship, courtesy
charity/nonprofit emailing message sent out to 3 million people without cost.
this non-commercial, non-transactional, non-relationship, courtesy
emailing has an important primary purpose of helping society by assisting nonprofits
and charities have their nonprofit/non-commercial mission statement/special
message/web site sent out to a large number of emails as a courtesy to help worldwide in
national & global relief efforts for various causes in need of non-commercial,
non-transactional, non-relationship support.
thanks to the technology of email, here are only a few of the countless
chrities & nonprofit organizations we have countributed to in the past year:
adventist develop & relief agency international, child help usa, direct relief
international, doctors without borders, episcopal relief and development, international medical corps,
mercy corps, operation usa, red cross hurricane relief division, red cross
washington state chapter, the salvation army, among countless others in need of global
assistance.
on one day alone at our organization, six nonprofits/charities
responded to one of our nonprofit emailings and then subsequently received their noncost,
non-commercial emailing without charge to them: america remembers: killed in action
foundation, his grace: evangelistic ministries, north valley aikikai: aikido education
academy, lars ranch: abused children's sanctuary, musici europae: classic music foundation,
coleman broadcasting: youth education network . we hope to assist countless
nonprofits and charities have their special non-commercial email sent out in 2006.
Help us fulfill our goal, in that we believe emailing can be a beneficial worldwide
contribution to millions.
disclaimer: please note that this non-commercial, non-transactional,
non-relationship email originated from a computer outside of the united states of
america by a citizen of a foreign country and obeys all non-commercial email laws of the
country of the citizen that initated this non-commercial email that does not offer any product
or service available for purchase/lease/trade/barter for any commercial nature of
any kind.
if you are not associated with a nonprofit/charity and/or this is not a
nonprofit/charity contact email address and/or you are not interested in our occassional
non-commercial, non-transactional, non-cost, non-relationship, courtesy emailings we
perform to assist various nonprofits and charities interesting in sending out their
special non-commercial message and/or non-commercial web site, press the delist option at our
company web site at http://broadcastemailcorp.odo.com.cn
Starting to write a new intro section here
13 Feb: Rumours true ? I make no comment,
just pass along
Re: Soloway spamming again...www.ottislan.com
From: davesjunk1<nospam>@gmail.com
Date: Sunday 12 February 2006 07:02:05
Groups: news.admin.net-abuse.email
Hi,
Maybe this is the wrong place for this but I found the newsgroup
through a search on ottislan.com
I'm the poor fool who's credit card info was stolen and used to
register www.ottislan.com and (12) other sites at www.bookyourname.com.
The registrar has not responded to any of my emails, faxs, or phone
calls about canceling these registrations.
ICANN and Versign have not been much help either and referred me back
to www.bookyourname.com
My question is how do I have the WHOIS info corrected. I have already
reported the errors on ICANN's website
Other question is how do I find out what other sites were reqistered in
my name.
Any help is appreciated
Thanks,
David
whois ottislan.com
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: OTTISLAN.COM
Registrar: ONLINE SAS
Whois Server: whois.bookmyname.com
Referral URL: http://www.bookmyname.com
Name Server: NS0.SIMPLELOO.COM
Name Server: NS0.ALBEITI.COM
Status: ACTIVE
Updated Date: 07-feb-2006
Creation Date: 06-feb-2006
Expiration Date: 06-feb-2007
>>> Last update of whois database: Sun, 12 Feb 2006 02:41:17
EST <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry
is
currently set to expire. This date does not necessarily reflect the
expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois
database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume
and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining
information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this
Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail,
telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not
to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the
right
to restrict your access to the Whois database in its sole discretion to
ensure
operational stability. VeriSign may restrict or terminate your
access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
%% BookMyName Whois version 1.0
%%
%% NOTICE: Access to this information is provided to assist persons
%% in determining the contents of a domain name registration record in
%% our database. The data in this record is provided by BookMyName for
%% informational purposes only.
%% You agree that you will use this data only for lawful purposes and
%% that, under no circumstances will you use this data to: (a) allow,
%% enable, or otherwise support the transmission by e-mail, telephone,
or
%% facsimile of mass unsolicited, commercial advertising or
solicitations
%% to entities other than the data recipient's own existing customers;
%% or (b) enable high volume, automated, electronic processes that
%% send queries or data to the systems of Registry Operator or any
%% ICANN-Accredited Registrar, except as reasonably necessary to
register
%% domain names or modify existing registrations.
%% All rights reserved. BookMyName reserves the right to modify these
%% terms at any time. By submitting this query, you agree to abide by
%% this policy.
DOMAIN
Domain Name : ottislan.com
(OTTISL2-BMN-DOM)
Registrar : BookMyName
Whois Server : whois.bookmyname.com
Referral URL : https://www.bookmyname.com
Registrant / Admin Contact :
PERSON
David STYNES (STYNES2-BMN-PE)
30 cameron ave
02140 cambridge
UNITED STATES MA
phone
: 7816469250
fax
:
e-mail
: trancettee@yahoo.com
Billing Contact :
PERSON
David STYNES (STYNES2-BMN-PE)
30 cameron ave
02140 cambridge
UNITED STATES MA
phone
: 7816469250
fax
:
e-mail
: trancettee@yahoo.com
Technical Contact :
PERSON
David STYNES (STYNES2-BMN-PE)
30 cameron ave
02140 cambridge
UNITED STATES MA
phone
: 7816469250
fax
:
e-mail
: trancettee@yahoo.com
Domain servers :
ns0.simpleloo.com (NSC167-BMN-HST)
ns0.albeiti.com (NAC193-BMN-HST)
Created on 02/06/2006 20:21:08
Updated on 02/07/2006 13:16:20
Expires on 02/06/2007 15:21:08
9 Feb: Rumours of movement to
http://securesite.odo.com.cn from broadcastemailcorp.odo.com.cn
(internal page link) Not had one yet - but i am looking forward to it.
7 Feb: From spam 906
(how they fly by)
SmartMailer Version 1.56 -German Privat License-
Bob seems to changed 'anonymous' remailers, (perhaps the demo time
on the shareware was up?) see 6 feb 2006 those
of you with a political bone in your body will find this ironic -
imagine for a moment that you trade with the chinese government and its
agents in the telecom industry there, but you use a private anonymous
remailer as well, so Bob on one hand is saying any political expression
(or religious) is ok, but then supports they very same people in China
that repress the said individuals above.
Thats 'Class' Bob, I hope you too see the irony
This actually gets even better for the con men (virus
writers) wrote a description of it:
This also means Bob is still using botnet pc's
Trojan.SpBot |
 |
| Discovered on: April 05, 2005 |
| Last Updated on: April 11, 2005 06:21:18 AM |
|
Trojan.Spbot is a Trojan horse program that allows a compromised computer to be used as an email relay. Computers compromised in this way are often used to relay spam.
| Type: | Trojan Horse |
| Systems Affected: | Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP |
 |
||||||||
|
||||||||
|
|
|||||||||||||||||||||||||||
When the Trojan is executed, it performs the following actions:
Symantec Security Response encourages all users and administrators
to adhere to the following basic security "best practices":
The following instructions pertain to all current and recent Symantec
antivirus products, including the Symantec AntiVirus and Norton
AntiVirus product lines.
Now thats damming.
6 Feb: I was ignorant of this so time to
investigate
The Bat! (v1.51) Educational
Which comes from spam 878 of my spam
experiment. So what is the bat ? - it seems its Bobs newest spam
emailer
from http://www.ritlabs.com/ email them on office@ritlabs.com from the
website
"
Download The Bat! 2.00 for free - Powerful, highly configurable
email client with ... Fake Email Mailer is a powerful anonymous emailer
to send fake emails ...
Shareware (Free to try)
OS: Windows 9x/ME/NT 3.x/NT/XP/2000
Price: 45$ "
The ironic thing is the software is not produced by 'americans'
(regulars please think about Spamis claims and protecting american
'jobs', or if not read about it here) and the software he is only
paying half of that fee. Quite why Bob Soloways spam should be
'anonymous' is something i leave you all to think about.
I feel sorry for Darkmailer, Bobs previous spam emailing client, lets just hope darkmailer was not employing americans (per spamis claims of 'protecting' americans jobs via chinese websites.
Much humour is to be found here
[DOMAIN whois information for RITLABS.COM ]
Domain Name: RITLABS.COM
Registrant:
RITLABS S.R.L
180 Stefan cel Mare, office 102
Chisinau, MD MD-2004
MD
Domain name: RITLABS.COM
Administrative Contact:
Demchenko, Serg serg@ritlabs.com
180 Stefan cel Mare, office 101
Chisinau, MD MD-2004
MD
+ 373-2 246889 Fax: (312)577-0481
Technical Contact:
Hostmaster, CIFNet hostmaster@cifnet.com
PO Box 5966
Vernon Hills, IL 60061-5966
US
(773)989-0442 Fax: (312)803-0951
Registration Service Provider:
CIFNet, Inc., hostmaster@cifnet.com
(773)989-0442
(312)803-0951 (fax)
http://www.cifnet.com
This company may be contacted for domain login/passwords,
DNS/Nameserver changes, and general domain support questions.
Registrar of Record: TUCOWS, INC.
Record last updated on 02-Oct-2005.
Record expires on 12-Dec-2006.
Record created on 13-Dec-1996.
Domain servers in listed order:
NS1.CIFNET.COM 198.63.208.9
NS2.CIFNET.COM 198.63.208.11
NS1.ELTEL.NET 217.170.67.5
NS.ELTEL.NET 217.170.64.5
Domain status: REGISTRAR-LOCK
Trying "RITLABS.COM"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21320
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;RITLABS.COM. IN ANY
;; ANSWER SECTION:
RITLABS.COM. 86396 IN NS ns1.eltel.net.
RITLABS.COM. 86396 IN NS ns1.cifnet.COM.
RITLABS.COM. 86396 IN NS ns2.cifnet.COM.
RITLABS.COM. 86396 IN NS ns.eltel.net.
;; AUTHORITY SECTION:
RITLABS.COM. 86396 IN NS ns.eltel.net.
RITLABS.COM. 86396 IN NS ns1.eltel.net.
RITLABS.COM. 86396 IN NS ns1.cifnet.COM.
RITLABS.COM. 86396 IN NS ns2.cifnet.COM.
;; ADDITIONAL SECTION:
ns.eltel.net. 172796 IN A 217.170.64.5
ns1.eltel.net. 172796 IN A 217.170.67.5
ns1.cifnet.COM. 172797 IN A 198.63.208.9
ns2.cifnet.COM. 86398 IN A 198.63.208.11
Received 236 bytes from 216.151.192.222#53 in 2 ms
#53
Non-authoritative answer:
RITLABS.COM
origin = ns1.cifnet.COM
mail addr = yk.cifnet.COM
serial = 10410270
refresh = 10800
retry = 3600
expire = 604800
minimum = 86400
Authoritative answers can be found from:
RITLABS.COM nameserver = ns1.cifnet.COM.
RITLABS.COM nameserver = ns2.cifnet.COM.
RITLABS.COM nameserver = ns.eltel.net.
RITLABS.COM nameserver = ns1.eltel.net.
ns.eltel.net internet address = 217.170.64.5
ns1.eltel.net internet address = 217.170.67.5
ns1.cifnet.COM internet address = 198.63.208.9
ns2.cifnet.COM internet address = 198.63.208.11
Non-authoritative answer:
Name: RITLABS.COM
Address: 198.63.208.135
ns1.cifnet.COM has origin of ns1.cifnet.COM
ns1.cifnet.COM has hostmaster address of yk.cifnet.COM
ns1.cifnet.COM has serial number 10410270
ns1.eltel.net has origin of ns1.cifnet.COM
ns1.eltel.net has hostmaster address of yk.cifnet.COM
ns1.eltel.net has serial number 10410270
ns.eltel.net has origin of ns1.cifnet.COM
ns.eltel.net has hostmaster address of yk.cifnet.COM
ns.eltel.net has serial number 10410270
ns2.cifnet.COM has origin of ns1.cifnet.COM
ns2.cifnet.COM has hostmaster address of yk.cifnet.COM
ns2.cifnet.COM has serial number 10410270
[IPv4 whois information for 198.63.208.135 ]
[whois.arin.net]
OrgName: NTT America, Inc.
OrgID: NTTAM-1
Address: 8005 South Chester Street
Address: Suite 200
City: Centennial
StateProv: CO
PostalCode: 80112
Country: US
ReferralServer: rwhois://rwhois.verio.net:4321/
NetRange: 198.63.0.0 - 198.66.255.255
CIDR: 198.63.0.0/16, 198.64.0.0/15, 198.66.0.0/16
NetName: NTTA-198-63
NetHandle: NET-198-63-0-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
NameServer: NS0.VERIO.NET
NameServer: NS1.VERIO.NET
NameServer: NS2.VERIO.NET
NameServer: NS3.VERIO.NET
NameServer: NS4.VERIO.NET
Comment: *Rwhois information on assignments from this block available
Comment: at rwhois.verio.net port 4321
RegDate: 1993-02-11
Updated: 2005-12-30
RTechHandle: VIA4-ORG-ARIN
RTechName: Verio, Inc.
RTechPhone: +1-303-645-1900
RTechEmail: vipar@verio.net
OrgAbuseHandle: NAAC-ARIN
OrgAbuseName: NTT America Abuse Contact
OrgAbusePhone: +1-800-551-1630
OrgAbuseEmail: abuse@us.ntt.net
OrgNOCHandle: NASC-ARIN
OrgNOCName: NTT America Support Contact
OrgNOCPhone: +1-800-551-1630
OrgNOCEmail: support@us.ntt.net
OrgTechHandle: VIPAR-ARIN
OrgTechName: VIPAR
OrgTechPhone: +1-303-645-1900
OrgTechEmail: vipar@verio.net
# ARIN WHOIS database, last updated 2006-02-04 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
[RWHOIS: RWHOIS.VERIO.NET]
Results:
Class-Name network
Auth-Area 198.63.192.0/19
ID NETBLK-A010-CUST-22140.127.0.0.1/32
Handle NETBLK-A010-CUST-22140
Network-Name A010-CUST-22140
IP-Network 198.63.208.0/22
In-Addr-Server NS1-CIF-VRIO-HST.127.0.0.1/32
In-Addr-Server NS2-CIF-VRIO-HST.127.0.0.1/32
IP-Network-Block 198.63.208.0 - 198.63.211.255
Org-Name CIFNet.com
Street-Address 427 S. LaSalle
City Chicago
State IL
Postal-Code 60656
Country-Code USA
Tech-Contact A010-CUST-22140.127.0.0.1/32
Created 2001-03-05 18:57:36+00
Updated 2001-03-30 04:20:21+00
Class-Name network
Auth-Area 198.63.192.0/19
ID NETBLK-A010-198-063-192.127.0.0.1/32
Handle NETBLK-A010-198-063-192
Network-Name A010-198-063-192
IP-Network 198.63.192.0/19
In-Addr-Server C60-VRIO-HST.127.0.0.1/32
In-Addr-Server U60-VRIO-HST.127.0.0.1/32
IP-Network-Block 198.63.192.0 - 198.63.223.255
Org-Name Verio, Inc. - Chicago
Street-Address 20 N Wacker Drive, Ste 1960
City Chicago
State IL
Postal-Code 60606
Country-Code US
Tech-Contact VC146-VRIO.127.0.0.1/32
Created 2000-11-03 23:03:03+00
Updated 2001-03-30 04:11:18+00
[DNS Information on 198.63.208.135]
Whois Domain Lookup on ip 198.63.208.135 has been requested but failed
DNS Error while getting PTR record for ip
[DNS (DNSINFO) information for 198.63.208.135 ]
Trying "135.208.63.198.in-addr.arpa"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28999
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;135.208.63.198.in-addr.arpa. IN PTR
;; ANSWER SECTION:
135.208.63.198.in-addr.arpa. 86400 IN PTR www.ritlabs.com.
;; AUTHORITY SECTION:
208.63.198.in-addr.arpa. 86400 IN NS ns1.cifnet.com.
208.63.198.in-addr.arpa. 86400 IN NS ns2.cifnet.com.
;; ADDITIONAL SECTION:
ns1.cifnet.com. 172790 IN A 198.63.208.9
ns2.cifnet.com. 86391 IN A 198.63.208.11
Received 149 bytes from 216.151.192.222#53 in 344 ms
#53
Non-authoritative answer:
135.208.63.198.in-addr.arpa name = www.ritlabs.com.
Authoritative answers can be found from:
208.63.198.in-addr.arpa nameserver = ns2.cifnet.com.
208.63.198.in-addr.arpa nameserver = ns1.cifnet.com.
ns1.cifnet.com internet address = 198.63.208.9
ns2.cifnet.com internet address = 198.63.208.11
Non-authoritative answer:
135.208.63.198.in-addr.arpa name = www.ritlabs.com.
Authoritative answers can be found from:
208.63.198.in-addr.arpa nameserver = ns1.cifnet.com.
208.63.198.in-addr.arpa nameserver = ns2.cifnet.com.
ns1.cifnet.com internet address = 198.63.208.9
ns2.cifnet.com internet address = 198.63.208.11
4 February: After hosting in china at
218.88.32.239 Bob moves back to geocites redirects again and the new
latest and greatest host of http://210.66.241.1/broadcastemail/
Which is Taiwan - hello to Taiwan and Chyi-Chuan
Yang of Digital United Inc, nice to have you on this page!
inetnum: 210.66.0.0 - 210.66.255.255
netname: SEEDNET
descr: Digital United Inc.
descr: 9F, No. 125, Song Jiang Road
descr: Taipei, Taiwan
country: TW
admin-c: CY74-AP
tech-c: CY74-AP
mnt-by: MAINT-TW-TWNIC
changed: hostmaster@twnic.net 20000113
changed: hm-changed@apnic.net 20021219
status: ALLOCATED PORTABLE
source: APNIC
person: Chyi-Chuan Yang
nic-hdl: CY74-AP
e-mail: ccyang@du.net.tw
address: 9F, 125, song jiang road
address: Taipei, 104, R.O.Cphone: +886-2-2737-7298
fax-no: +886-2-2739-7512
country: TW
changed: hostmaster@twnic.net.tw 20050531
mnt-by: MAINT-TW-TWNIC
source: APNIC
inetnum: 210.66.240.0 - 210.66.241.255
netname: SEEDNET-NET
descr: Digital United Inc.
descr: 9F, No. 220, Gangchi Road,Taipei 114, Taiwan, R.O.C.
descr: Taipei Taiwan
country: TW
admin-c: RN472-TW
tech-c: RN472-TW
mnt-by: MAINT-TW-TWNIC
remarks: This information has been partially mirrored by APNIC from
remarks: TWNIC. To obtain more specific information, please use the
remarks: TWNIC whois server at whois.twnic.net.
changed: michaelc@du.net.tw 20040827
status: ASSIGNED NON-PORTABLE
source: TWNIC
person: Seednet Seednet
address: Seednet
address: TAIPEI
address: N/A Taiwan
country: TW
phone: +886-2-0800-073330
e-mail: root123@seed.net.tw
nic-hdl: RN472-TW
changed: hostmaster@twnic.net 20020124
source: TWNIC
30 Janaury: Bob's Seem to have given up on the geocities redirects to webhosts.
do4.vicp.net.
aliases broadcastemailcorp.odo.com.cn
addresses 218.88.32.239
Domain Whois record
Queried whois.cnnic.net.cn with "odo.com.cn"...
Domain Name: odo.com.cn
uri:
ROID: 20030701s10011s00299427-cn
Domain Status: ok
Registrant Organization: ??????????????
Registrant Name: ???
Administrative Email: marshall@odo.com.cn
Sponsoring Registrar: ??????????????
Name Server:dhserver.sharella.com
Name Server:dhserver2.sharella.com
Registration Date: 2003-07-01 09:51
Expiration Date: 2006-07-01 09:51
Network Whois record
Queried whois.apnic.net with "218.88.32.239"...
inetnum: 218.88.0.0 - 218.89.255.255
netname: CHINANET-SC
descr: CHINANET sichuan
province network
descr: Data Communication
Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
changed: hostmaster@ns.chinanet.cn.net
20020408
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20041126
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn
20051212
mnt-by: MAINT-CHINANET
source: APNIC
person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail:
ipadmin@my-public.sc.cninfo.net
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of
Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
changed: ipadmin@my-public.sc.cninfo.net
20030317
mnt-by: MAINT-CHINANET-SC
source: APNIC
DNS records
DNS query for 239.32.88.218.in-addr.arpa returned an error from the
server: NameError
name class type
data time to live
broadcastemailcorp.odo.com.cn IN
CNAME odo4.vicp.net
60s (00:01:00)
odo4.vicp.net IN
A 218.88.32.239
14s (00:00:14)
odo.com.cn IN A
218.88.36.60 60s (00:01:00)
odo.com.cn IN NS
dhserver.sharella.local 3600s
(01:00:00)
odo.com.cn IN NS
dhserver2.sharella.local 3600s
(01:00:00)
odo.com.cn IN SOA
server: dhserver.sharella.local
email: admin.sharella.local
serial: 2074
refresh: 900
retry: 600
expire: 86400
minimum ttl: 3600
3600s (01:00:00)
27 January: Back to Odo - Bob seems to like Odo
in the name of things meet http://broadcastemailcorp.odo.com.cn/
See another 'odo' !
whois odo.com.cn
Domain Name: odo.com.cn
ROID: 20030701s10011s00299427-cn
Domain Status: ok
Registrant Organization: 成都瀚阳电子工程有限责任公司
Registrant Name: 胡国辉
Administrative Email: marshall@odo.com.cn
Sponsoring Registrar: 北京新网数码信息技术有限公司
Name Server:dhserver.sharella.com
Name Server:dhserver2.sharella.com
Registration Date: 2003-07-01 09:51
Expiration Date: 2006-07-01 09:51
Thats got to be China. - this news just in China loves Bob official
23 Janaury: Moving to
http://219.136.53.13/broadcastemail/ which is China (nice to be proven
wrong !) and the "Guangdong Data Communication Bureau" so lets go
meet wumian@gdnmc.guangzhou.gd.cn
How those Chinese 'hate' Spam.
inetnum: 219.136.53.8 - 219.136.53.15
netname: GUANGZHOU-JSSHL-NETBAR
descr: GUANGZHOU JINSHISU NETBAR
country: CN
admin-c: SH439-AP
tech-c: SH439-AP
status: ASSIGNED NON-PORTABLE
changed: ipadm@gddc.com.cn 20040820
mnt-by: MAINT-CHINANET-GD
source: APNIC
person: SHI HUA
nic-hdl: SH439-AP
e-mail: ipuser@gddc.com.cn
address: NO 302 RO.CHUNHUISAN GUANGZHOU
country: CN
phone: +86-20-82091277
fax-no: +86-20-82091277
changed: ipadm@gddc.com.cn 20040820
mnt-by: MAINT-CHINANET-GD
source: APNIC
16 Janaury: Bob i see is back to Korea http://147.46.216.152/broadcastemail/ see and has given up with the
unsubscribe list being on a different website (that odo site) to the
one the geocites spam site redirects you to - the whole point of this
is why
does he bother with it I'm getting more spam than every
before if you look at the spam experiments i run.
update: Since the change from 'giving up' on domain names, he Seems
also to be rotating between Korea, and Russia hosts, I mention this as
if unsubscribe 'worked' - rather than just confirmed the email address
was active how does Mr Soloway known which unsubscribe list is active
or not.
Expect an entry here soon - to say Bob is in Korea (again).
the Russians and Koreans listed seem to be in the business of doing
bullet proof spam sites - I do hope they got paid.
9 January: Meet 83.237.66.218
again Yuriy Kaminir
( 095 ) 0959683121 Thats Russia detailed nonsense is under the link.
07 January: Thanks to my tipper! But Bobs
back in Korea, never a
North Korean commie around to invade South Korea when you need one.
Wackamole Korean Style meet some Koreans you have all met before.
Hi Bung
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU
country: KR
descr: Seoul National University
admin-c: BL348-AP
tech-c: EJ86-AP
remarks: ***********************************************
remarks: KRNIC of NIDA is the National Internet Registry
remarks: in Korea under APNIC. If you would like to
remarks: find assignment information in detail
remarks: please refer to the NIDA Whois DB
remarks: http://whois.nida.or.kr/english/index.html
remarks: ***********************************************
status: ALLOCATED PORTABLE
changed: hostmaster@nic.or.kr 20040625
changed: hm-changed@apnic.net 20040926
mnt-by: MNT-KRNIC-AP
changed: hm-changed@apnic.net 20041007
source: APNIC
person: Bung Lee
nic-hdl: BL348-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
person: Eunjoo Jung
nic-hdl: EJ86-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU-KR
descr: Seoul National University
descr: Sillim9-dong, Gwanak-gu, Seoul
descr: San56-1Beonji Jungangjeonsanwon
descr: 151-742
country: KR
admin-c: EJ55-KR
tech-c: EJ55-KR
remarks: This IP address space has been allocated to KRNIC.
remarks: For more information, using KRNIC Whois Database
remarks: whois -h whois.nic.or.kr
mnt-by: MNT-KRNIC-AP
remarks: This information has been partially mirrored by APNIC from
remarks: KRNIC. To obtain more specific information, please use the
remarks: KRNIC whois server at whois.krnic.net.
changed: hostmaster@nic.or.kr
source: KRNIC
person: Eunjoo Jung
descr: Seoul National University
descr: Sillim9-dong, Gwanak-gu, Seoul
descr: San56-1Beonji Jungangjeonsanwon
descr: 151-742
country: KR
phone: +82-2-880-5380
e-mail: ercc_net@plaza.snu.ac.kr
nic-hdl: EJ55-KR
mnt-by: MNT-KRNIC-AP
changed: hostmaster@nic.or.kr
source: KRNIC
04 January 2006: Happy new year now lets go
meet http://198.93.1.73/broadcastemail/ Woohoo an american
spammer, Bobs finally come home!
rgName: InnoMedia, Inc.
OrgID: INNOME-1
Address: 90 Rio Robles Road
City: San Jose
StateProv: CA
PostalCode: 95134
Country: US
NetRange: 198.93.1.0 - 198.93.1.255
CIDR: 198.93.1.0/24
NetName: INNOMEDIA2-1-28
NetHandle: NET-198-93-1-0-1
Parent: NET-198-92-0-0-1
NetType: Reassigned
Comment:
RegDate: 2000-11-29
Updated: 2000-11-29
RTechHandle: AK154-ARIN
RTechName: Ko, Alice
RTechPhone: +1-408-432-5520
RTechEmail: ako@innomedia.com
30 December: new host
http://147.46.240.97/broadcastemail/ Same people as last time Say hi to
Bung lee
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU
country: KR
descr: Seoul National University
admin-c: BL348-AP
tech-c: EJ86-AP
remarks: ***********************************************
remarks: KRNIC of NIDA is the National Internet Registry
remarks: in Korea under APNIC. If you would like to
remarks: find assignment information in detail
remarks: please refer to the NIDA Whois DB
remarks: http://whois.nida.or.kr/english/index.html
remarks: ***********************************************
status: ALLOCATED PORTABLE
changed: hostmaster@nic.or.kr 20040625
changed: hm-changed@apnic.net 20040926
mnt-by: MNT-KRNIC-AP
changed: hm-changed@apnic.net 20041007
source: APNIC
person: Bung Lee
nic-hdl: BL348-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
person: Eunjoo Jung
nic-hdl: EJ86-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU-KR
descr: Seoul National University
descr: Sillim9-dong, Gwanak-gu, Seoul
descr: San56-1Beonji Jungangjeonsanwon
descr: 151-742
country: KR
admin-c: EJ55-KR
tech-c: EJ55-KR
remarks: This IP address space has been allocated to KRNIC.
remarks: For more information, using KRNIC Whois Database
remarks: whois -h whois.nic.or.kr
mnt-by: MNT-KRNIC-AP
remarks: This information has been partially mirrored by APNIC from
remarks: KRNIC. To obtain more specific information, please use the
remarks: KRNIC whois server at whois.krnic.net.
changed: hostmaster@nic.or.kr
source: KRNIC
person: Eunjoo Jung
descr: Seoul National University
descr: Sillim9-dong, Gwanak-gu, Seoul
descr: San56-1Beonji Jungangjeonsanwon
descr: 151-742
country: KR
phone: +82-2-880-5380
e-mail: ercc_net@plaza.snu.ac.kr
nic-hdl: EJ55-KR
mnt-by: MNT-KRNIC-AP
changed: hostmaster@nic.or.kr
source: KRNIC
25 December: A Happy new year to everybody -
bob is now spamming 'root'.
Other news Bob is using India Geocities (free hosting, new country used
germany and uk before) and pointing it to Seoul National University
(see below)
The dedication. - see you all in 2006 if not before.
17 December: Meet
http://147.46.30.174/broadcastemail/ you know the routine...
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU
country: KR
descr: Seoul National University
admin-c: BL348-AP
tech-c: EJ86-AP
remarks: ***********************************************
remarks: KRNIC of NIDA is the National Internet Registry
remarks: in Korea under APNIC. If you would like to
remarks: find assignment information in detail
remarks: please refer to the NIDA Whois DB
remarks: http://whois.nida.or.kr/english/index.html
remarks: ***********************************************
status: ALLOCATED PORTABLE
changed: hostmaster@nic.or.kr 20040625
changed: hm-changed@apnic.net 20040926
mnt-by: MNT-KRNIC-AP
changed: hm-changed@apnic.net 20041007
source: APNIC
person: Bung Lee
nic-hdl: BL348-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
person: Eunjoo Jung
nic-hdl: EJ86-AP
e-mail: ercc_net@plaza.snu.ac.kr
address: San 56-1, Shillim-dong, Kwanak-gu, Seoul
phone: +82-2-880-5380
fax-no: +82-2-889-7486
country: KR
changed: hostmaster@nic.or.kr 20040625
mnt-by: MNT-KRNIC-AP
source: APNIC
inetnum: 147.46.0.0 - 147.46.255.255
netname: NET-SNU-KR
descr: Seoul National University
descr: Seoul National University Computing Center, San 56-1, Shillim-dong, Kwanak-gu
descr: SEOUL
descr: 151-742
country: KR
admin-c: BL50-KR
tech-c: EJ109-KR
remarks: This IP address space has been allocated to KRNIC.
remarks: For more information, using KRNIC Whois Database
remarks: whois -h whois.nic.or.kr
mnt-by: MNT-KRNIC-AP
remarks: This information has been partially mirrored by APNIC from
remarks: KRNIC. To obtain more specific information, please use the
remarks: KRNIC whois server at whois.krnic.net.
changed: hostmaster@nic.or.kr 20050915
한국인터넷진흥원(NIDA)의 인터넷정보센터(KRNIC)가 제공하는 Whois 서비스 입니다.
query: 147.46.30.174
# KOREAN
조회결과는 아래와 같으며, 실제 정보와 상이할 수 있습니다.
IPv4 주소 : 147.46.0.0-147.46.255.255
네트워크 이름 : NET-SNU
할당내역 등록일 : 20040625
할당정보공개여부 : Y
[ IPv4 사용 기관 정보 ]
기관고유번호 : ORG384075
기관명 : 서울대학교
주소 : 서울 관악구 신림9동
상세주소 : 산56-1번지 중앙전산원
우편 번호 : 151-742
[ 네트워크 담당자 인물 정보 ]
이름 : 정은주
기관명 : 서울대학교
주소 : 서울 관악구 신림9동
상세주소 : 산56-1번지 중앙전산원
우편 번호 : 151-742
전화 번호 : +82-2-880-5380
전자 우편 : ercc_net@plaza.snu.ac.kr
--------------------------------------------------------------------------------
만약 위의 IPv4주소 사용기관 정보가 올바르지 않을 경우
한국인터넷진흥원(hostmaster@nic.or.kr)으로 문의하시기 바랍니다.
# ENGLISH
KRNIC is not an ISP but a National Internet Registry similar to APNIC.
The followings is organization information that is using the IPv4 address.
IPv4 Address : 147.46.0.0-147.46.255.255
Network Name : NET-SNU
Registration Date : 20040625
Publishes : Y
[ Organization Information ]
Organization ID : ORG384075
Org Name : Seoul National University
Address : Sillim9-dong, Gwanak-gu, Seoul
Detail address : San56-1Beonji Jungangjeonsanwon
Zip Code : 151-742
[ Technical Contact Information ]
Name : Eunjoo Jung
Org Name : Seoul National University
Address : Sillim9-dong, Gwanak-gu, Seoul
Detail address : San56-1Beonji Jungangjeonsanwon
Zip Code : 151-742
Phone : +82-2-880-5380
E-Mail : ercc_net@plaza.snu.ac.kr
- NIDA/KRNIC Whois Service -
Oh my Seoul National University becomes a spam hoster. - oh my and I
thought you went to university to learn not spam.
9 December: We been here before but its been
renamed from /wm/ to http://83.237.66.218/broadcastemail/ which is our
Friend in Russia - say hello to Yuriy
Kaminir again.
update: late news: Bob fails to stop court process (again)
> http://www.mortgagespam.com/soloway/26.pdf
its been covered before here - another round lost by Bob. "Its a
spammer"
6 December: I have just discovered Bob
owns a time machine, the domain owner contacts got a spam from the
future over the weekend when the mail was checked, dated Monday the 5th
December how cool is that!!!
consider: its insert time: Sun, 4 Dec 2005 03:21:39 +0000
(GMT), and the date displayed Mon, December 5, 2005
Other notes:
So Bob owns a time machine, or if you don't believe that - thats
another email header he forges.
1 December: Theres been a lot of activity
recently so lets time out and examine the logic (if you can find it) in
Bobs current activities which is a
Still with me ? how does the opt-out in China - get to Korea or
'ahem' to Bobs spam injection points which I list in the domain owner
spam page, and admin contacts on this page. I once opted out of
Bob's spam, and we are still getting them.
If you can find the 'logic' can you please tell me.
29 November: tipoff thankyou again ! Blog entry
(long) with this, you see its other people too - probably had links to
this in here somewhere to this
Mr. Robert Alan Soloway
Executive Residence, Inc.
1200 Western Avenue
Room 17E
Seattle, Washington
Tel: 206-226-9558 (reception) 206-223-1270 (sucker number)
His personal phone number: 206-223-1271
email: nim@cyberservices.com
Registrar Homepage: http://www.register.com
Domain Name: cyberservices.com
Created on..............: 13 May 1996 00:00:00
Expires on..............: 14 May 2006 00:00:00
Registrant Info:
NJDomains, Abuse Contact: abuse@mail.com
Gerald Gorman
33 Knightsbridge Rd.
Piscataway, NJ 08854
US
Phone: 9086960929
Fax..: none
Email: abuse@mail.com_gerald.gorman@att.net
Administrative Info:
NJDomains, Abuse Contact: abuse@mail.com
Gerald Gorman
33 Knightsbridge Rd.
Piscataway, NJ 08854
US
Phone: 9086960929
Fax..: none
Email: abuse@mail.com_gerald.gorman@att.net
Technical Info:
NJDomains, Abuse Contact: abuse@mail.com
Gerald Gorman
33 Knightsbridge Rd.
Piscataway, NJ 08854
US
Phone: 9086960929
Fax..: none
Email: abuse@mail.com_gerald.gorman@att.net
Status: Locked
Domain servers in listed order:
dns01.gpn.register.com
dns02.gpn.register.com
dns03.gpn.register.com
dns04.gpn.register.com
dns05.gpn.register.com
Whois-Services: ypx7yp2yy94pc.cyberservices.com@whois-services.com
Mail records are:
20 ob-mail-com-bk.mr.outblaze.com. [TTL=1800] IP=64.71.166.194
10 ob-mail-com.mr.outblaze.com. [TTL=1800] IP=205.158.62.33
not much else no www/etc
Who be:
Hurricane Electric HURRICANE-2 (NET-64-71-128-0-1)
64.71.128.0 - 64.71.191.255
Outblaze Limited HURRICANE-CE1460-541 (NET-64-71-166-192-1)
64.71.166.192 - 64.71.166.223
XO Communications XOXO-BLK-0 (NET-205-158-0-0-1)
205.158.0.0 - 205.158.255.255
Outblaze, Limited XOXO-205-158-62-0 (NET-205-158-62-0-1)
205.158.62.0 - 205.158.62.255
28 November: Our friends at Korea telecom have renamed the url from http://210.179.190.250/wm to http://210.179.190.250/broadcastemail
27 November: new geocities redirect to Korea
(26 November Entry) http://uk.geocities.com/Griselda70698Sol20116/ and
http://uk.geocities.com/Ingamar91782Leoine31932/ points here. Bob's
html ad (normally text) are pretty awful and contain email
typo's - whether this is 'tracking' item is up for discussion.
26 November: Thank you again for the
tip off !. Korea here we come http://210.179.190.250/wm so lets go and
have a screen dump Lets do Russia ip from yesterday hello again
to the 'Evropeyskiy sportivnyy klub', this brings back a few
memories....
Korea, if only <insert nasty country brainwave...> there.
query: 210.179.190.250
# KOREAN
조회하신 IPv4주소는 ISP가 아직 할당하지 않은 주소이거나 고객(End-User)에게 IPv4주소를
할당한 후 할당내역을 한국인터넷진원에 등록하지 않은 주소공간입니다.
따라서, 조회하신 IPv4주소에 대한 문의는 아래의 ISP 담당자에게 문의하시기 바랍니다.
[ ISP의 IPv4주소 관리기관 정보 ]
기 관 명 : (주)케이티
서비스명 : PUBNET
기관 주소 : 성남시 분당구 정자동
기관 상세 주소: 206
[ ISP의 IPv4주소 책임자 정보 ]
이 름 : IP주소 책임자
전화번호 : +82-2-3674-5890
전자우편 : ip@pubnet.ne.kr
[ ISP의 IPv4주소 관리자 정보 ]
이 름 : IP주소 관리자
전화번호 : +82-2-3674-5890
전자우편 : ip@pubnet.ne.kr
[ ISP의 Network Abuse 담당자 정보 ]
이 름 : Pubnet Abuse 담당자
전화번호 : +82-2-3674-5890
전자우편 : abuse@pubnet.ne.kr
# ENGLISH
KRNIC is not a ISP but a National Internet Registry similar to APNIC.
The address is allocated yet
Please contact following ISP for further information
[ ISP Organization Information ]
Org Name : Korea Telecom-PUBNET
Service Name : PUBNET
Org Address : 206, Jungja, Bundang-Gu, Sungnam-ci
[ ISP IP Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-3674-5890
E-Mail : ip@pubnet.ne.kr
[ ISP IP Tech Contact Information ]
Name : IP Manager
Phone : +82-2-3674-5890
E-mail : ip@pubnet.ne.kr
[ ISP Network Abuse Contact Information ]
Name : Pubnet Abuse Manger
Phone : +82-2-3674-5890
E-mail : abuse@pubnet.ne.kr
A big hello to Korea Telecom
add wiki link to introduction.
25 November: Thanks for the the tipoff!
Bob is still using ip but has moved to the address http://83.237.66.218/wm/
Which is Russia - say hello to Yuriy
Kaminir. Nice to see that Bob is providing the turkey for
american workers this christmas (i refer to his spamis claims he made
earlier in the year).
inetnum: 83.237.66.216 - 83.237.66.223
netname: OOO-Evropeyskiy-sportivnyy-klub
descr: OOO "Evropeyskiy sportivnyy klub"
descr: Moscow, Russia
country: RU
admin-c: YK170-RIPE
tech-c: YK170-RIPE
status: ASSIGNED PA
mnt-by: MTU-NOC
changed: lir@mtu.ru 20041111
source: RIPE
person: Yuriy Kaminir
address: Admirala Makarova
address: Moscow, Russia
phone: +7 ( 095 ) 0959683121
nic-hdl: YK170-RIPE
mnt-by: MTU-NOC
changed: lir@mtu.ru 20041111
source: RIPE
% Information related to '83.237.0.0/16AS8359'
route: 83.237.0.0/16
descr: ZAO MTU-Intel's Moscow Region Network
descr: ZAO MTU-Intel
descr: Moscow, Russia
origin: AS8359
notify: noc@mtu.ru
mnt-by: MTU-NOC
remarks: *****************************************
remarks: Please send abuse reports to abuse@mtu.ru
remarks: *****************************************
changed: noc@mtu.ru 20040213
source: RIPE
23 November: Bobs keeping me busy! He
is spamming via Yahoo and redirecting to an ip address a 1.2.3.4
(thing) rather than 'Bobisaspammer.com' etc
Email link is: http://de.geocities.com/email24624broadcast65559/
others include *
But redirect to here: http://83.69.46.224/wm/
from the html: " email address at: broadcastemailcorp odo4 . meibu .
com / dounsub . php"
Thats going to work, very 'can-spam'
* Some kind of new tracking device?
update broadcastemailcorp.org seems to have died... Thats what
happens when you use the nameservers at joker.
| MX | FAIL | MX Category | ERROR: I couldn't find any MX records for BROADCASTEMAILCORP.ORG. If you want to receive E-mail on this domain, you should have MX record(s). Without any MX records, mailservers should attempt to deliver mail to the A record for BROADCASTEMAILCORP.ORG. I can't continue in a case like this, so I'm assuming you don't receive mail on this domain. |
| FAIL | Connect to mail servers | ERROR: I could not find any mailservers for BROADCASTEMAILCORP.ORG. |
| WWW | FAIL | WWW Category | ERROR: I couldn't find any A records for www.BROADCASTEMAILCORP.ORG. But I did find a referral to a.ns.joker.com. (and maybe others). If you want a website at www.BROADCASTEMAILCORP.ORG, you will need an A record for www.BROADCASTEMAILCORP.ORG. If you do not want a website at www.BROADCASTEMAILCORP.ORG, you can ignore this error. |
Which CZ - europe
% Information related to '83.69.46.0 - 83.69.46.255'
inetnum: 83.69.46.0 - 83.69.46.255
netname: SCNETCZ
remarks: INFRA-AW
descr: Losan s.r.o.
country: CZ
admin-c: MH38-RIPE
tech-c: MM6144-RIPE
status: ASSIGNED PA
mnt-by: LOSAN-MNT
source: RIPE # Filtered
person: Milan Husak
address: Brezenecka 4808
Chomutov
430 04
phone: +420737142369
nic-hdl: MH38-RIPE
source: RIPE # Filtered
person: Michal Malina
address: Brezenecka 4808
Chomutov
430 04
phone: +420737142369
Big shout to "Michal Malina" hi comrade!
17 November: Bit soon but please meet broadcastemailcorp.org or ' broadcastemailcorp . org '
Domain ID:D108098127-LROR
Domain Name:BROADCASTEMAILCORP.ORG
Created On:03-Nov-2005 08:52:54 UTC
Last Updated On:03-Nov-2005 09:00:08 UTC
Expiration Date:03-Nov-2006 08:52:54 UTC
Sponsoring Registrar:CSL Computer Service Langenbach GmbH (R25-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CORG-138397
Registrant Name:Bob Soloway
Registrant Street1:PO Box 1259
Registrant Street2:
Registrant Street3:
Registrant City:Seattle
Registrant State/Province:--
Registrant Postal Code:WA
Registrant Country:US
Registrant Phone:+206.2231271
Registrant Phone Ext.:
Registrant FAX:+206.2231271
Registrant FAX Ext.:
Registrant Email:today2005@earthling.net
Admin ID:CORG-135817
Admin Name:Bob Soloway
Admin Street1:PO Box 1259
Admin Street2:
Admin Street3:
Admin City:Seattle
Admin State/Province:--
Admin Postal Code:WA
Admin Country:US
Admin Phone:+206.2231271
Admin Phone Ext.:
Admin FAX:+206.2231271
Admin FAX Ext.:
Admin Email:today2005@earthling.net
Tech ID:CORG-135817
Tech Name:Bob Soloway
Tech Street1:PO Box 1259
Tech Street2:
Tech Street3:
Tech City:Seattle
Tech State/Province:--
Tech Postal Code:WA
Tech Country:US
Tech Phone:+206.2231271
Tech Phone Ext.:
Tech FAX:+206.2231271
Tech FAX Ext.:
Tech Email:today2005@earthling.net
Name Server:A.NS.JOKER.COM
Name Server:B.NS.JOKER.COM
Name Server:C.NS.JOKER.COM
and nameservered there too.
<<>> DiG 9.2.4 <<>> broadcastemailcorp.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59426
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastemailcorp.org.
IN A
;; AUTHORITY SECTION:
broadcastemailcorp.org. 10800
IN SOA
a.ns.joker.com. hostmaster.joker.com. 2005111529 86400 7200 1209600
86400
But it redirects to here...
<<>> DiG 9.2.4 <<>> www.broadcastemailcorp.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8845
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.broadcastemailcorp.org. IN A
;; ANSWER SECTION:
www.broadcastemailcorp.org. 1685 IN CNAME odo4.meibu.com.
odo4.meibu.com. 20 IN A 218.88.44.247
update 29/11/2005 odo4.meibu.com. moved to: 218.88.38.117
inetnum: 218.88.0.0 - 218.89.255.255
netname: CHINANET-SC
descr: CHINANET sichuan province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
changed: hostmaster@ns.chinanet.cn.net 20020408
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20041126
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501777
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051107
mnt-by: MAINT-CHINANET
source: APNIC
person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail: ipadmin@my-public.sc.cninfo.net
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
changed: ipadmin@my-public.sc.cninfo.net 20030317
mnt-by: MAINT-CHINANET-SC
source: APNIC
Well its still China, see those Chinese really do hate spam.
<end of update>
Who and where ? Say 'hi' to qingdao meibu in China that was a
surprise to all of you
Domain Name:meibu.com
Registrant:
Liu Chunming
qingdao
266071
�
Administrative Contact:
liu cm
qingdao meibu
qingdao dayao 3 road 19#
shandong qin Shandong 266071
China
tel: 86 0532 5779616
fax: 86 0532 5779617
meibu@sohu.com
Technical Contact:
liu cm
qingdao meibu
qingdao dayao 3 road 19#
shandong qin Shandong 266071
China
tel: 86 0532 5779616
fax: 86 0532 5779617
meibu@sohu.com
Billing Contact:
liu cm
qingdao meibu
qingdao dayao 3 road 19#
shandong qin Shandong 266071
China
tel: 86 0532 5779616
fax: 86 0532 5779617
meibu@sohu.com
Registration Date: 2001-06-25
Update Date: 2005-01-11
Expiration Date: 2008-06-25
Primary DNS:
ns1.meibu.com
221.2.55.235
Secondary DNS:
ns2.meibu.com
202.104.237.179
and Chinanet too!
inetnum: 218.88.0.0 - 218.89.255.255
netname: CHINANET-SC
descr: CHINANET sichuan province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
changed: hostmaster@ns.chinanet.cn.net 20020408
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20041126
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501777
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051107
mnt-by: MAINT-CHINANET
source: APNIC
person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail: ipadmin@my-public.sc.cninfo.net
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
changed: ipadmin@my-public.sc.cninfo.net 20030317
mnt-by: MAINT-CHINANET-SC
source: APNIC
They really do hate spam those chinese government types.
3 November: Meet Bob 'hiding' behind some chinese people on odo10 and 3322.ORG
Domain ID:D81041153-LROR
Domain Name:3322.ORG
Created On:11-Dec-2001 18:35:40 UTC
Last Updated On:07-Mar-2005 07:15:34 UTC
Expiration Date:11-Dec-2009 18:35:40 UTC
Sponsoring Registrar:OnlineNIC Inc. (R64-LROR)
Status:OK
Registrant ID:ONLC-615124-4
Registrant Name:Bentium Ltd.
Registrant Organization:Yaako Ltd.
Registrant Street1:1406, Yinyuan Building 37, West Guanhe Road
Registrant Street2:1406, Yinyuan Building 37, West Guanhe Road
Registrant Street3:
Registrant City:Changzhou
Registrant State/Province:JS
Registrant Postal Code:213002
Registrant Country:CN
Registrant Phone:+86.5196113322
Registrant Phone Ext.:
Registrant FAX:+86.5196620244
Registrant FAX Ext.:
Registrant Email:ppyy@staff.cn99.com
Admin ID:ONLC-615124-1
Admin Name:Yong, Peng
Admin Organization:Yaako Ltd.
Admin Street1:1406, Yinyuan Building 37, West Guanhe Road
Admin Street2:1406, Yinyuan Building 37, West Guanhe Road
Admin Street3:
Admin City:Changzhou
Admin State/Province:JS
Admin Postal Code:213002
Admin Country:CN
Admin Phone:+86.5196113322
Admin Phone Ext.:
Admin FAX:+86.5196620244
Admin FAX Ext.:
Admin Email:ppyy@staff.cn99.com
Tech ID:ONLC-615124-2
Tech Name:Yong, Peng
Tech Organization:Yaako Ltd.
Tech Street1:1406, Yinyuan Building 37, West Guanhe Road
Tech Street2:1406, Yinyuan Building 37, West Guanhe Road
Tech Street3:
Tech City:Changzhou
Tech State/Province:JS
Tech Postal Code:213002
Tech Country:CN
Tech Phone:+86.5196113322
Tech Phone Ext.:
Tech FAX:+86.5196620244
Tech FAX Ext.:
Tech Email:ppyy@staff.cn99.com
Name Server:NS2.3322.NET
Name Server:NS1.3322.NET
Where:
dig 3322.org
; <<>> DiG 9.2.4 <<>> 3322.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62854
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;3322.org. IN A
;; ANSWER SECTION:
3322.org. 60 IN A 61.177.95.125
Surprisingly Thats China
name: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC
route: 61.177.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC
role: CHINANET JIANGSU
address: No.268,Hanzhong Road,Nanjing 210029
country: CN
phone: +86-25-6588783
fax-no: +86-25-6588740
e-mail: ip@jsinfo.net
trouble: send anti-spam reports to spam@jsinfo.net
trouble: send abuse reports to abuse@jsinfo.net
trouble: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@ptt.js.cn 20020530
changed: ip@jsinfo.net 20021213
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501719
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051021
mnt-by: MAINT-CHINANET
source: APNIC
Glad to see those Chinese 'hating' spam
2 November: Keep me busy... had to laugh at
this email extract
x@x nonprofit/charity contact email address right? if so...
WE WILL EMAIL YOUR WEB SITE TO 2,500,00 0PT-IN EMAILS FOR [Free]
First Open Your Web Browser and Type in:
www . broadcastemailservices . org
So everybody please say hello to broadcastemailservices . org, or broadcastemailservices.org
Domain ID:D107975459-LROR
Domain Name:BROADCASTEMAILSERVICES.ORG
Created On:28-Oct-2005 02:39:04 UTC
Last Updated On:31-Oct-2005 08:47:11 UTC
Expiration Date:28-Oct-2006 02:39:04 UTC
Sponsoring Registrar:CSL Computer Service Langenbach GmbH (R25-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CORG-137882
Registrant Name:Bob Soloway
Registrant Street1:PO Box 1259
Registrant Street2:
Registrant Street3:
Registrant City:Seattle
Registrant State/Province:--
Registrant Postal Code:WA
Registrant Country:US
Registrant Phone:+206.2231271
Registrant Phone Ext.:
Registrant FAX:+206.2231271
Registrant FAX Ext.:
Registrant Email:today2005@earthling.net
Admin ID:CORG-135817
Admin Name:Bob Soloway
Admin Street1:PO Box 1259
Admin Street2:
Admin Street3:
Admin City:Seattle
Admin State/Province:--
Admin Postal Code:WA
Admin Country:US
Admin Phone:+206.2231271
Admin Phone Ext.:
Admin FAX:+206.2231271
Admin FAX Ext.:
Admin Email:today2005@earthling.net
Tech ID:CORG-135817
Tech Name:Bob Soloway
Tech Street1:PO Box 1259
Tech Street2:
Tech Street3:
Tech City:Seattle
Tech State/Province:--
Tech Postal Code:WA
Tech Country:US
Tech Phone:+206.2231271
Tech Phone Ext.:
Tech FAX:+206.2231271
Tech FAX Ext.:
Tech Email:today2005@earthling.net
Name Server:NS1.BROADCASTEMAILSERVICES.ORG
Name Server:NS2.BROADCASTEMAILSERVICES.ORG
Where
DiG 9.2.4 <<>> broadcastemailservices.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63586
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastemailservices.org. IN A
;; ANSWER SECTION:
broadcastemailservices.org. 30 IN A 221.11.134.39
Thats ns1 and ns2. thats being cheap Bob and thats ... China - how
they hate spam those Chinese comrades.
inetnum: 221.11.128.0 - 221.11.223.255
netname: CNCGROUP-HI
descr: CNC Group Hainan province network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: CH455-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HI
changed: hm-changed@apnic.net 20030122
status: ALLOCATED PORTABLE
source: APNIC
role: CNCGroup Hostmaster
e-mail: abuse@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: inetnum: 221.11.128.0 - 221.11.223.255
netname: CNCGROUP-HI
descr: CNC Group Hainan province network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: CH455-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HI
changed: hm-changed@apnic.net 20030122
status: ALLOCATED PORTABLE
source: APNIC
role: CNCGroup Hostmaster
e-mail: abuse@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: abuse@cnc-noc.net 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC
20041119
mnt-by: MAINT-CNCGROUP
source: APNIC
1 November: Following on from the recommendation I found a better version online
I got fooled and payed for Soloways broadcast email that was supposed to be all opt in.
Well now I have nothing but complaints about spam and am receiving virus' in my email all the time.
I asked for a refund but they said no.
Still I get complaints about emails being sent out after I told them to stop sending them.
So I wonder what can we do about this.
My business has slowed so much and I think my site's reputation is at stake.
That domain is poochieheaven.com - help ! Other recomendations are here.
31 October: yet to have any spam from this
(give it time), meet broadcastemailservices.biz
whois broadcastemailservices.biz
Domain Name: BROADCASTEMAILSERVICES.BIZ
Domain ID: D11321182-BIZ
Sponsoring Registrar: CSL COMPUTER SERVICE (D.B.A. JOKER.
COM)
Sponsoring Registrar IANA ID: 113
Domain Status: clientDeleteProhibited
Domain Status: clientRenewProhibited
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID: CNEU-127712
Registrant Name: Bob Soloway
Registrant Address1: PO Box 1259
Registrant City: Seattle
Registrant State/Province: --
Registrant Postal Code: WA
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +206.2231271
Registrant Facsimile Number: +206.2231271
Registrant Email: today2005@earthling.net
Administrative Contact ID: CNEU-127711
Administrative Contact Name: Bob Soloway
Administrative Contact Address1: PO Box 1259
Administrative Contact City: Seattle
Administrative Contact State/Province: --
Administrative Contact Postal Code: WA
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +206.2231271
Administrative Contact Facsimile Number: +206.2231271
Administrative Contact Email: today2005@earthling.net
Billing Contact ID: CNEU-127711
Billing Contact Name: Bob Soloway
Billing Contact Address1: PO Box 1259
Billing Contact City: Seattle
Billing Contact State/Province: --
Billing Contact Postal Code: WA
Billing Contact Country: United States
Billing Contact Country Code: US
Billing Contact Phone Number: +206.2231271
Billing Contact Facsimile Number: +206.2231271
Billing Contact Email: today2005@earthling.net
Technical Contact ID: CNEU-127711
Technical Contact Name: Bob Soloway
Technical Contact Address1: PO Box 1259
Technical Contact City: Seattle
Technical Contact State/Province: --
Technical Contact Postal Code: WA
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +206.2231271
Technical Contact Facsimile Number: +206.2231271
Technical Contact Email: today2005@earthling.net
Name Server: NS2.ZONEEDIT.COM
Name Server: NS17.ZONEEDIT.COM
Created by Registrar: CSL COMPUTER SERVICE (D.B.A. JOKER.
COM)
Last Updated by Registrar: CSL COMPUTER SERVICE (D.B.A. JOKER.
COM)
Domain Registration Date: Fri Oct 28 02:53:40 GMT 2005
Domain Expiration Date: Fri Oct 27 23:59:59 GMT 2006
Domain Last Updated Date: Sat Oct 29 06:52:01 GMT 2005
Where: DiG 9.2.4 <<>> broadcastemailservices.biz
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 286
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastemailservices.biz.
IN A
;; ANSWER SECTION:
broadcastemailservices.biz. 7200 IN
A 222.77.185.251
Thats... China
inetnum: 222.76.0.0 - 222.79.255.255
netname: CHINANET-FJ
descr: CHINANET fujian province network
descr: China Telecom
descr: No1,jin-rong Street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: CA67-AP
changed: hm-changed@apnic.net 20031024
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-FJ
mnt-routes: MAINT-CHINANET-FJ
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
status: ALLOCATED PORTABLE
source: APNIC
role: CHINANETFJ IP ADMIN
address: 7,East Street,Fuzhou,Fujian,PRC
country: CN
phone: +86-591-3333169-293
fax-no: +86-591-3371954
e-mail: fjnic@fjdcb.fz.fj.cn
trouble: send spam reports and abuse reports
trouble: to abuse@fjdcb.fz.fj.cn
trouble: Please include detailed information and
trouble: times in UTC
admin-c: FH71-AP
tech-c: FH71-AP
nic-hdl: CA67-AP
mnt-by: MAINT-CHINANET-FJ
changed: fjnic@fjdcb.fz.fj.cn 20020719
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501719
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051021
mnt-by: MAINT-CHINANET
source: APNIC
also (thanks Fridge) Citizens, Gladiators meet security-validations.com
Domain Name ..................... security-validations.com
Name Server ..................... dns7.hichina.com
dns8.hichina.com
Registrant ID ................... hc847466383-cn
Registrant Name ................. Tanveer
Ahmad
Registrant Organization ......... Tanveer Ahmad Shah
Registrant Address .............. Tanveer Ahmad Shah
Registrant City ................. usa
Registrant Province/State ....... uas
Registrant Postal Code .......... 100000
Registrant Country Code ......... US
Registrant Phone Number ......... +86.10000000000 -
Registrant Fax .................. +86.10000000000 -
Registrant Email ................ leohosting@hotmail.com
Administrative ID ............... hc734116639-cn
Administrative Name .............
Administrative Organization .....
Administrative Address .......... JINGTIAN WEST ROAD
Administrative City ............. SHENZHEN
Administrative Province/State ... GUANGDONG
Administrative Postal Code ...... 518034
Administrative Country Code ..... CN
Administrative Phone Number ..... +86.075583092575 -
Administrative Fax .............. +86.075583092575 -
Administrative Email ............ office@jinre.net
Billing ID ...................... hc434116639-cn
Billing Name ....................
Billing Organization ............
Billing Address ................. JINGTIAN WEST ROAD
Billing City .................... SHENZHEN
Billing Province/State .......... GUANGDONG
Billing Postal Code ............. 518034
Billing Country Code ............ CN
Billing Phone Number ............ +86.075583092575 -
Billing Fax ..................... +86.075583092575 -
Billing Email ................... office@jinre.net
Technical ID .................... hc134116639-cn
Technical Name ..................
Technical Organization ..........
Technical Address ............... JINGTIAN WEST ROAD
Technical City .................. SHENZHEN
Technical Province/State ........ GUANGDONG
Technical Postal Code ........... 518034
Technical Country Code .......... CN
Technical Phone Number .......... +86.075583092575 -
Technical Fax ................... +86.075583092575 -
Technical Email ................. office@jinre.net
Expiration Date ................. 2006-06-25 04:44:19
Is this Bobs new lover Tanveer Ahmad, what happened to stephen ?
Plenty of fake stuff in there '+86.10000000000' Of note
dns7.hichina.com. 154193
IN A
218.30.103.250 from searchengineraking.cn
<<>> DiG 9.2.4 <<>> dns7.hichina.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40181
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;dns7.hichina.com.
IN A
;; ANSWER SECTION:
dns7.hichina.com. 123517
IN A
218.30.103.247
dns7.hichina.com. 123517
IN A
218.30.103.250
which is still our spammy friends at the Chinese government
inetnum: 218.30.96.0 - 218.30.127.255
netname: CHINANET-IDC-BJ
descr: CHINANET IDC center
descr: China Telecom
descr: Beijing 100088
country: CN
admin-c: HC55-AP
tech-c: HC55-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINATELECOM-BJ
changed: bjnic@bjtelecom.net 20040322
status: ALLOCATED NON-PORTABLE
source: APNIC
domain: 103.30.218.in-addr.arpa
descr: Hichina
country: CN
admin-c: CH93-AP
tech-c: CH93-AP
zone-c: CH93-AP
nserver: dns1.hichina.com
nserver: dns2.hichina.com
mnt-by: maint-chinanet
changed: shenjun@cndata.com 20040310
source: APNIC
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net < like they give a shit
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501719
fax-no: +86-10-58501724
country: CN
changed: lqing@chinatelecom.com.cn 20051021
mnt-by: MAINT-CHINANET
source: APNIC
person: Hostmaster of Beijing Telecom corporation CHINA TELECOM
nic-hdl: HC55-AP
e-mail: bjnic@bjtelecom.net
address: Beijing Telecom
address: No. 107 XiDan Beidajie, Xicheng District Beijing
phone: +86-010-58503461
fax-no: +86-010-58503054
country: cn
changed: bjnic@bjtelecom.net 20040115
mnt-by: MAINT-CHINATELECOM-BJ
source: APNIC
21 October: Meet 'searchengineranking.cn' A departure
from the usual Bob selection of names but 'Hi' Its very slow but
its Bob- we have seen this before I think (excuse rubbish screen dump)
whois searchengineranking.cn
Domain Name: searchengineranking.cn
ROID: 20050719s10001s22674827-cn
Domain Status: ok
Registrant Organization: stephen
Registrant Name: stephen
Administrative Email: postmaster@2ndDNS.com
Sponsoring Registrar: 创联万网国际信息技术(北京)有限公司
Name Server:dns7.hichina.com
Name Server:dns8.hichina.com
Registration Date: 2005-07-19 13:00
Expiration Date: 2006-07-19 13:00
Bob 'Stephen' oh my !!! is he your lover ?
Where
dig searchengineranking.cn
; <<>> DiG 9.2.4 <<>> searchengineranking.cn
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7124
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;searchengineranking.cn.
IN A
;; AUTHORITY SECTION:
searchengineranking.cn. 10662
IN SOA
dns7.hichina.com. hostmaster.hichina.com. 2005102001 21600 3600 1728000
21600
Hmmm ... or..
dns7.hichina.com. 154193
IN A
218.30.103.250
dns7.hichina.com. 154193
IN A
218.30.103.247
which is China.
inetnum: 218.30.96.0 - 218.30.127.255
netname: CHINANET-IDC-BJ
descr: CHINANET IDC center
descr: China Telecom
descr: Beijing 100088
country: CN
admin-c: HC55-AP
tech-c: HC55-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINATELECOM-BJ
changed: bjnic@bjtelecom.net 20040322
status: ALLOCATED NON-PORTABLE
source: APNIC
person: Hostmaster of Beijing Telecom corporation CHINA TELECOM
nic-hdl: HC55-AP
e-mail: bjnic@bjtelecom.net
address: Beijing Telecom
address: No. 107 XiDan Beidajie, Xicheng District Beijing
phone: +86-010-58503461
fax-no: +86-010-58503054
country: cn
changed: bjnic@bjtelecom.net 20040115
mnt-by: MAINT-CHINATELECOM-BJ
source: APNIC
Domain ID:D107836737-LROR
Domain Name:BROADCASTINGEMAILING.ORG
Created On:16-Oct-2005 19:51:29 UTC
Last Updated On:19-Oct-2005 10:21:25 UTC
Expiration Date:16-Oct-2006 19:51:29 UTC
Sponsoring Registrar:CSL Computer Service Langenbach GmbH (R25-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CORG-136800
Registrant Name:Bob Soloway
Registrant Street1:PO Box 1259
Registrant Street2:
Registrant Street3:
Registrant City:Seattle
Registrant State/Province:--
Registrant Postal Code:WA
Registrant Country:US
Registrant Phone:+206.2231271
Registrant Phone Ext.:
Registrant FAX:+206.2231271
Registrant FAX Ext.:
Registrant Email:today2005@earthling.net
Admin ID:CORG-135817
Admin Name:Bob Soloway
Admin Street1:PO Box 1259
Admin Street2:
Admin Street3:
Admin City:Seattle
Admin State/Province:--
Admin Postal Code:WA
Admin Country:US
Admin Phone:+206.2231271
Admin Phone Ext.:
Admin FAX:+206.2231271
Admin FAX Ext.:
Admin Email:today2005@earthling.net
Tech ID:CORG-135817
Tech Name:Bob Soloway
Tech Street1:PO Box 1259
Tech Street2:
Tech Street3:
Tech City:Seattle
Tech State/Province:--
Tech Postal Code:WA
Tech Country:US
Tech Phone:+206.2231271
Tech Phone Ext.:
Tech FAX:+206.2231271
Tech FAX Ext.:
Tech Email:today2005@earthling.net
Name Server:NS2.ASSETSSECURITYSERVICE.COM
Name Server:NS1.ASSETSSECURITYSERVICE.COM
Where:
dig broadcastingemailing.org
; <<>> DiG 9.2.4 <<>> broadcastingemailing.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63833
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastingemailing.org.
IN A
;; ANSWER SECTION:
broadcastingemailing.org. 3600 IN
A 222.73.4.71
Thats .. China ... and
inetnum: 222.73.4.66 - 222.73.4.85
netname: null
descr: null
country: CN
admin-c: WQ58-AP
tech-c: WL371-AP
mnt-by: MAINT-CHINANET-SH
changed: wanglin@shaidc.com 20051018
status: ASSIGNED NON-PORTABLE
source: APNIC
person: Wang Qing
address: 6F,380 Fushan Road,Shanghai 200122
country: CN
phone: +86-21-68761255-807
fax-no: +86-21-68761255-805
e-mail: wanglin@shaidc.com
nic-hdl: WQ58-AP
mnt-by: MAINT-CN-SHTELE-XINCHAN
changed: wanglin@shaidc.com 20021007
source: APNIC
person: Wang Lin
address: 6F,380 Fushan Road,Shanghai 200122
country: CN
phone: +86-21-68761255-807
fax-no: +86-21-68761255-805
e-mail: wanglin@shaidc.com
nic-hdl: WL371-AP
mnt-by: MAINT-CN-SHTELE-XINCHAN
changed: wanglin@shaidc.com 20021007
source: APNIC
20 October: Testimonial
time again:
From: Angela Adcox
Comment: Hi, I came across your site today. I was
investigating the optinemailing.biz. I was one of the suckers who paid
150.00 to have my site advertised through broadcast email. I was told
it was all opt in emails. Now I am getting email complaints daily
Hello and a belated welcome, she gave me no email.
Strange.....
More 'recommendations' can be found elsewhere. (another 'better' version of this in Google is: "I got fooled and payed for Soloways
broadcast email that was supposed to be all opt in. Well now I have
nothing but complaints about spam and am receiving virus' in my email
all the time. I asked for a refund but they said no. Still I get
complaints about emails being sent out after I told them to stop
sending them. So I wonder what can we do about this. My business has slowed
so much and I think my site's reputation is at stake". )
Need more recommendations try.here
Thats one for the website Bob.
16 October: Spam to (from Japan) and he
has gone shopping
Domain ID:D107700584-LROR
Domain Name:EMAILINGTODAY.ORG
Created On:04-Oct-2005 21:28:24 UTC
Last Updated On:10-Oct-2005 00:14:41 UTC
Expiration Date:04-Oct-2006 21:28:24 UTC
Sponsoring Registrar:CSL Computer Service Langenbach GmbH (R25-LROR)
Status:TRANSFER PROHIBITED
Registrant ID:CORG-135818
Registrant Name:Bob Soloway
Registrant Street1:PO Box 1259
Registrant Street2:
Registrant Street3:
Registrant City:Seattle
Registrant State/Province:--
Registrant Postal Code:WA
Registrant Country:US
Registrant Phone:+206.2231271
Registrant Phone Ext.:
Registrant FAX:+206.2231271
Registrant FAX Ext.:
Registrant Email:today2005@earthling.net
Admin ID:CORG-135817
Admin Name:Bob Soloway
Admin Street1:PO Box 1259
Admin Street2:
Admin Street3:
Admin City:Seattle
Admin State/Province:--
Admin Postal Code:WA
Admin Country:US
Admin Phone:+206.2231271
Admin Phone Ext.:
Admin FAX:+206.2231271
Admin FAX Ext.:
Admin Email:today2005@earthling.net
Tech ID:CORG-135817
Tech Name:Bob Soloway
Tech Street1:PO Box 1259
Tech Street2:
Tech Street3:
Tech City:Seattle
Tech State/Province:--
Tech Postal Code:WA
Tech Country:US
Tech Phone:+206.2231271
Tech Phone Ext.:
Tech FAX:+206.2231271
Tech FAX Ext.:
Tech Email:today2005@earthling.net
Name Server:S1.REDBUYER.COM
Name Server:S2.REDBUYER.COM
where ? why Patriotic China. Dont you feel sorry for those
american workers Bob ? - you are a patriot ?, you confessed your love
in a 'spamis' spam.
dig emailingtoday.org
; <<>> DiG 9.2.4 <<>> emailingtoday.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48580
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;emailingtoday.org.
IN A
;; ANSWER SECTION:
emailingtoday.org. 2000
IN A
222.174.34.151
;; Query time: 407 msec
inetnum: 222.173.0.0 - 222.175.255.255
netname: CHINATELECOM-SD
descr: CHINANET SHANDONG
PROVINCE NETWORK
descr: Shandong Telecom
Corporation
descr: NO.71 Jingshi
Road,jinan,shandong
country: CN
admin-c: CH93-AP
tech-c: LB56-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINATELECOM-SD
mnt-routes: MAINT-CHINATELECOM-SD
status: ALLOCATED PORTABLE
source: APNIC
person: Chinanet Hostmaster
address: No.31 ,jingrong street,beijing
address: 100032
country: CN
phone: +86-10-66027112
fax-no: +86-10-58501144
e-mail:
hostmaster@ns.chinanet.cn.net
e-mail: anti-spam@ns.chinanet.cn.net
nic-hdl: CH93-AP
mnt-by: MAINT-CHINANET
changed: hostmaster@ns.chinanet.cn.net
20021016
remarks: hostmaster is not for spam
complaint,please send spam complaint to anti-spam@ns.chinanet.cn.net
source: APNIC
Well done Bob.
6 October: Ladies and Gents, Boys and Girls,
Lords, and Ladies
meet broadcastingemail.us
Domain Name: BROADCASTINGEMAIL.US
Domain ID: D8714297-US
Sponsoring Registrar: PRIMUS TELECOMMUNICATIONS PTY LTD.
Domain Status: ok
Registrant ID: ID00210189-PR
Registrant Name: Bob Soloway
Registrant Address1: PO Box 1259
Registrant City: Seattle
Registrant State/Province: WA
Registrant Postal Code: 98101
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.2062231271
Registrant Email: today2005@earthling.net
Registrant Application Purpose: P3
Registrant Nexus Category: C11
Administrative Contact ID: ID00210189-PR
Administrative Contact Name: Bob Soloway
Administrative Contact Address1: PO Box 1259
Administrative Contact City: Seattle
Administrative Contact State/Province: WA
Administrative Contact Postal Code: 98101
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.2062231271
Administrative Contact Email: today2005@earthling.net
Administrative Application Purpose: P3
Administrative Nexus Category: C11
Billing Contact ID: ID00210189-PR
Billing Contact Name: Bob Soloway
Billing Contact Address1: PO Box 1259
Billing Contact City: Seattle
Billing Contact State/Province: WA
Billing Contact Postal Code: 98101
Billing Contact Country: United States
Billing Contact Country Code: US
Billing Contact Phone Number: +1.2062231271
Billing Contact Email: today2005@earthling.net
Billing Application Purpose: P3
Billing Nexus Category: C11
Technical Contact ID: ID00210189-PR
Technical Contact Name: Bob Soloway
Technical Contact Address1: PO Box 1259
Technical Contact City: Seattle
Technical Contact State/Province: WA
Technical Contact Postal Code: 98101
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.2062231271
Technical Contact Email: today2005@earthling.net
Technical Application Purpose: P3
Technical Nexus Category: C11
Name Server: S1.REDBUYER.COM
Name Server: S2.REDBUYER.COM
Created by Registrar: PRIMUS TELECOMMUNICATIONS PTY LTD.
Last Updated by Registrar: PRIMUS TELECOMMUNICATIONS PTY LTD.
Domain Registration Date: Wed Oct 05 16:16:18 GMT 2005
Domain Expiration Date: Wed Oct 04 23:59:59 GMT 2006
Domain Last Updated Date: Thu Oct 06 00:13:02 GMT 2005
>>>> Whois database was last updated on: Thu Oct 06 14:35:26 GMT 2005 <<<<
Where ?
broadcastingemail.us
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52807
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastingemail.us. IN A
;; ANSWER SECTION:
broadcastingemail.us. 2000 IN A 222.174.34.151
;; Query time
Thats .... China, glad to see bob supporting americans in employment
netnum: 222.173.0.0 - 222.175.255.255
netname: CHINATELECOM-SD
descr: CHINANET SHANDONG PROVINCE NETWORK
descr: Shandong Telecom Corporation
descr: NO.71 Jingshi Road,jinan,shandong
country: CN
admin-c: CH93-AP
tech-c: LB56-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINATELECOM-SD
mnt-routes: MAINT-CHINATELECOM-SD
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20040316
source: APNIC
person: Chinanet Hostmaster
address: No.31 ,jingrong street,beijing
address: 100032
country: CN
phone: +86-10-66027112
fax-no: +86-10-58501144
e-mail: hostmaster@ns.chinanet.cn.net
e-mail: anti-spam@ns.chinanet.cn.net
nic-hdl: CH93-AP
mnt-by: MAINT-CHINANET
changed: hostmaster@ns.chinanet.cn.net 20021016
remarks: hostmaster is not for spam complaint,please send spam complaint to anti-spam@ns.chinanet.cn.net
source: APNIC
person: Lin Bin
nic-hdl: LB56-AP
e-mail: linb@sdtele.com
address: NO.71 Jingshi Road,Jinan,Shandong
address: 250061,China
phone: +86-531-3198141
fax-no: +86-531-3198193
country: CN
changed: ipadmin@sdtele.com 20040213
mnt-by: MAINT-CHINATELECOM-SD
source: APNIC
5 October: The optinemailings.us
domain registration has been killed by the retarded folks at
Neustar it seems (they run .biz too) Sorry cant tell you anything
if there is no domain record (as of 5 October)
SPAM TRACKING update: Watch out for ROLE @ DOMAIN in the
message body if you report Bobs crap expect
more crap from him
ROLE @ DOMAIN is your non-profit/charity contact email address right?
If so... WE WILL EMAIL YOUR WEB SITE TO 2,500,00 OPT-IN EMAILS FOR FREE
http://www.optinemailings.us
----- ---- --- -- - -
simply visit our company web site above for details on how it works, then
send a letter to the mailing address on our company web site above with
your non-profit and/or charity status and address in your country of origin
enclosed, along with your email address and we will then send you all the
specifications needed on how to receive this non-cost, non-commercial, non-
transactional, non-relationship, charity/non-profit courtesy emailing.
This non-commercial, non-transactional, non-relationship, courtesy emailing
has an important primary purpose of helping society by assisting non-profits
& charities have their non-profit/non-commercial mission statement/special
message sent out to 2.5 million opt-in emails as a courtesy to help worldwide
in national & global relief efforts for various causes in need of support.
if this is not a non-profit/charity contact email address and/or you are not
interested in our occassional non-commercial, non-transactional, non-cost,
non-relationship, courtesy emailings we perform for various non-profits and
charities, remove the email above: http://www.optinemailings.us/dounsub.php
contact us at: charity info, po box 1259, seattle, wa 98101, usa
----- ---- --- -- - -
thanks to the technology of email, here are only a few of the countless
charities & non-profit organizations we have countributed to in the past:
adventist develop & relief agency international, child help usa, direct
relief international, doctors without borders, episcopal relief and
development, international medical corps, mercy corps, operation usa, red
cross hurricane relief division, red cross washington state chapter, the
salvation army, among countless others in need of global assistance.
30 September: admin web stats for the year,
We all love Bob spamming honest!
24 September: Another court defeat for Bob
Soloway - 'stolen' from a newsgroup, but its Bob related.
Not only the $10,075,000 statutory penalty, but he also scored a
permanent
injunction against Soloway's (and his agents, affiliates, etc., etc.)
sending spam with the usual header violations.
http://www.mortgagespam.com/soloway/19.pdf
Enjoy.
Bobs reply (apparenlty)
rsoloway@iname.com says...
>
>Comments from Robert Soloway:
>
>I've been reading these posts and have found them quite
entertaining,
>although unfortunately nobody here is aware of the true facts of the
>matter at hand.
>
>Unfortunately, the injunction was filed improperly with the court.
>There was never a request for an original injunction requested in
the
>original court complaint papers, so the injunction is invalidated
upon
>notification to the court, (as it will be invalidated next week, and
>hopefully braver will be sanctioned potentially criminally, not just
>civilly for his misuse and abuse of the court system.)
>
>All I can say is.. everything has now fallen into place with the
>default judgement and malpractice
injunction. I sincerely wish braver
>the best with his company and himself and sincerely hope that he has
>already secured the best and most expensive possible lawyer on
retainer
>in the state of Washington, as I have done in the state of Oklahoma.
>- Robert Soloway
Yep Bobs dumb.
22 September: Ladies and Gents meet
optinemailing.biz
whois optinemailing.biz
Domain
Name:
OPTINEMAILING.BIZ
Domain
ID:
D10685747-BIZ
Sponsoring
Registrar:
CSL COMPUTER SERVICE (D.B.A. JOKER.COM)
Sponsoring Registrar IANA
ID:
113
Domain
Status:
clientDeleteProhibited
Domain
Status:
clientRenewProhibited
Domain
Status:
clientTransferProhibited
Domain
Status:
clientUpdateProhibited
Registrant
ID:
CNEU-123633
Registrant
Name:
Bob Soloway
Registrant
Organization:
NIM
Registrant
Address1:
PO Box 1259
Registrant
City:
Seattle
Registrant
State/Province:
WA
Registrant Postal
Code:
98111
Registrant
Country:
United States
Registrant Country
Code:
US
Registrant Phone
Number:
+120.62231271
Registrant Facsimile
Number:
+120.62231271
Registrant
Email:
bsoloway@inorbit.com
Administrative Contact
ID:
CNEU-123632
Administrative Contact
Name:
Bob Soloway
Administrative Contact
Organization: NIM
Administrative Contact
Address1:
PO Box 1259
Administrative Contact
City:
Seattle
Administrative Contact
State/Province: WA
Administrative Contact Postal
Code: 98111
Administrative Contact
Country:
United States
Administrative Contact Country
Code: US
Administrative Contact Phone
Number: +120.62231271
Administrative Contact Facsimile Number:
+120.62231271
Administrative Contact
Email:
bsoloway@inorbit.com
Billing Contact
ID:
CNEU-123632
Billing Contact
Name:
Bob Soloway
Billing Contact
Organization:
NIM
Billing Contact
Address1:
PO Box 1259
Billing Contact
City:
Seattle
Billing Contact
State/Province:
WA
Billing Contact Postal
Code:
98111
Billing Contact
Country:
United States
Billing Contact Country
Code:
US
Billing Contact Phone
Number:
+120.62231271
Billing Contact Facsimile
Number:
+120.62231271
Billing Contact
Email: bsoloway@inorbit.com
Technical Contact
ID:
CNEU-123632
Technical Contact
Name:
Bob Soloway
Technical Contact
Organization:
NIM
Technical Contact
Address1:
PO Box 1259
Technical Contact
City:
Seattle
Technical Contact
State/Province:
WA
Technical Contact Postal
Code:
98111
Technical Contact
Country:
United States
Technical Contact Country
Code:
US
Technical Contact Phone
Number:
+120.62231271
Technical Contact Facsimile
Number:
+120.62231271
Technical Contact
Email:
bsoloway@inorbit.com
Name
Server:
NS1.VIRTUALUSE.COM
Name
Server:
NS2.VIRTUALUSE.COM
Name
Server:
NS3.VIRTUALUSE.COM
Name
Server:
NS4.VIRTUALUSE.COM
Created by
Registrar:
CSL COMPUTER SERVICE (D.B.A. JOKER.COM)
Last Updated by
Registrar:
CSL COMPUTER SERVICE (D.B.A. JOKER.COM)
Domain Registration
Date:
Thu Aug 18 14:16:02 GMT 2005
Domain Expiration
Date:
Thu Aug 17 23:59:59 GMT 2006
Domain Last Updated
Date:
Mon Sep 19 22:01:12 GMT 2005
Registrar Fields
----------------
IDNLang:
de
Where or wohin ?
dig OPTINEMAILING.BIZ
; <<>> DiG 9.2.4 <<>> OPTINEMAILING.BIZ
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25049
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;OPTINEMAILING.BIZ.
IN A
;; ANSWER SECTION:
OPTINEMAILING.BIZ.
0 IN
A 194.126.190.13
;; Query time:
Thats Russia Comrades.
inetnum: 194.126.188.0 - 194.126.191.255
netname: Tekcom
descr: Tekcom Project
country: RU
org: ORG-TP17-RIPE
admin-c: MV3243-RIPE
tech-c: MV3243-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-by: MNT-TEKCOM
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-routes: MNT-TEKCOM
mnt-domains: MNT-TEKCOM
source: RIPE # Filtered
organisation: ORG-TP17-RIPE
org-name: Tekcom Project
org-type: NON-REGISTRY
address: Russian Federation
address: Moscow
address: Verxniya Radichenskava St. 3-1
e-mail: mixailovich@tekcom.ru
admin-c: MV3243-RIPE
tech-c: MV3243-RIPE
mnt-ref: MNT-TEKCOM
mnt-by: MNT-TEKCOM
source: RIPE # Filtered
person: Mikhail Vlasov
address: Russian Federation
address: Moscow
address: Verxniya Radichenskava St. 3-1
e-mail: mixailovich@tekcom.ru
phone: +7 921 9246323
nic-hdl: MV3243-RIPE
source: RIPE # Filtered
21 September: Bob's a funny guy at times, Im
not sure what hes on, but he makes good jokes. He is still on the
spamis crap (which im sending to myself by the way) and he is still
complaining about Microsoft (sending him to court) This time its
sending jobs to China. Now Bob is a serial offender at using
Chinese companies to host his web sites (theres a lot of 'cn' in these
pages). If your not sure look at 'Moscow' just up from here.
So I assume Bob is worried by this (?better spam defences in
exchange?, if your dumb enough to have a exchange server), but not
bothered enough to 'try' and host his domains in 'America'. The
moral behind this story is
Don't complain about 'losing american jobs', when your 'patrotism'
to
american workers and business can be called into question.
Remember ladies and gentlemen Bobs a Spammer, and no patriot
of america by the gauging of his offshore 'non american' business
activites recorded in this web page.
Enough surmon for today, and a copy of the email (which you will be
sending to yourself) will no doubt be coming into an email account of
yours soon.
12 September: Bobs given up with the proper
spamis headers (see experiment) . So if
your posting messages to a spam reporting service look out for
Received-SPF: neutral (gmail.com: 193.188.71.2 is neither permitted nor denied by domain of ?@gmail.com)
As ?@gmail.com was my email address, this technique seems to have
replaced the nonsense word. However the moron keeps sending me
his crap, and tells me that I sent it to. If you don't know what
spf is I suggest you google/search for it
9 September: From another domain
account, quite how he can mail spam services, and then complain
via Spamis does make me smile while using my email address in the to
and from headers is quite beyond belief..
[SPAMIS NOTIFICATION]:
Fully "READY" to Begin Increasing Public Service Announcement
Emails to 20 Times the Amount of Internet Users by 25 Times the
Current Sending Rate & Speed When a Certain Activity Transpires.
[CURRENTLY IN WAITING FOR THIS ACTIVITY TO TRANSPIRE]
Says it all. Well once a spammer always a spammer.
5 September: Have added translate tool at top
of page, and here.
Page/Text Translate:
30 August: Statistics time, for those of you
unaware of the spam collection we do off this webpage may i point you
towards these graphs of my own
creation (your browser will need javascript/ecmascript). Im
still trying to figure out how to automate the charts (give me time),
but the by month spam is indicative 'proof' that can-spam does
not work.
The other chart based on category of the received spam speaks
volumes about Bob's main source of income. - I've put the
419's scams together with the mlm scams for clarity after all they are
all 'scams'.
Due to the problems of opening all three experiments webpages and doing graphs here its the best I can come up with without the thing taking several minutes to load and fire up all kind of scripting alerts on your web browser. Graphs of each experiment can be found on the appropriate web pages.
So if you want to take a long term view at Bobs client list be my
guest.
25 August: Surprise everybody meet optinemailtoday.biz
Domain
Name:
OPTINEMAILTODAY.BIZ
Domain
ID:
D10683405-BIZ
Sponsoring
Registrar:
NETWORK SOLUTIONS INC.
Sponsoring Registrar IANA
ID:
2
Domain
Status:
clientTransferProhibited
Registrant
ID:
39827714
Registrant
Name:
None
Registrant
Organization:
None
Registrant
Address1:
PO Box 1259
Registrant
City:
Seattle
Registrant
State/Province:
WA
Registrant Postal
Code:
98111
Registrant
Country:
United States
Registrant Country
Code:
US
Registrant Phone
Number:
+1.2062231271
Registrant
Email:
no.valid.email@worldnic.com
Administrative Contact
ID:
39827714
Administrative Contact
Name:
None
Administrative Contact
Organization: None
Administrative Contact
Address1:
PO Box 1259
Administrative Contact
City:
Seattle
Administrative Contact
State/Province: WA
Administrative Contact Postal
Code: 98111
Administrative Contact
Country:
United States
Administrative Contact Country
Code: US
Administrative Contact Phone
Number: +1.2062231271
Administrative Contact
Email:
no.valid.email@worldnic.com
Billing Contact
ID:
39827715
Billing Contact
Name:
None
Billing Contact
Organization:
None
Billing Contact
Address1:
PO Box 1259
Billing Contact
City:
Seattle
Billing Contact
State/Province:
WA
Billing Contact Postal
Code:
98111
Billing Contact
Country:
United States
Billing Contact Country
Code:
US
Billing Contact Phone
Number:
+1.2062231271
Billing Contact
Email: bsoloway@inorbit.com
Technical Contact
ID:
39827714
Technical Contact
Name:
None
Technical Contact
Organization:
None
Technical Contact
Address1:
PO Box 1259
Technical Contact
City:
Seattle
Technical Contact
State/Province:
WA
Technical Contact Postal
Code:
98111
Technical Contact
Country:
United States
Technical Contact Country
Code:
US
Technical Contact Phone
Number:
+1.2062231271
Technical Contact
Email:
no.valid.email@worldnic.com
Name
Server:
NS1.VIRTUALUSE.COM
Name
Server:
NS2.VIRTUALUSE.COM
Name
Server:
NS3.VIRTUALUSE.COM
Name
Server:
NS4.VIRTUALUSE.COM
Created by
Registrar:
NETWORK SOLUTIONS INC.
Last Updated by
Registrar:
NETWORK SOLUTIONS INC.
Domain Registration
Date:
Thu Aug 18 07:13:54 GMT 2005
Domain Expiration
Date:
Thu Aug 17 23:59:59 GMT 2006
Domain Last Updated
Date:
Mon Aug 22 05:56:10 GMT 2005
OK no.valid.email@worldnic.com thats normally how bob does
things.
; <<>> DiG 9.2.4 <<>> optinemailtoday.biz
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19926
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;optinemailtoday.biz.
IN A
;; ANSWER SECTION:
optinemailtoday.biz. 3600
IN A
218.244.189.18
Thats China
inetnum: 218.244.160.0 - 218.244.191.255
netname: CHINACOM
descr: CHINA COMMUNICATIONS SYSTEM Co.,Ltd
country: CN
admin-c: GJ121-AP
tech-c: WY152-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20020328
status: ALLOCATED PORTABLE
source: APNIC
person: Guo Jinbo
nic-hdl: GJ121-AP
e-mail: ipmaster@cetc-chinacomm.com.cn
address: NO.1 North Road of Workers Stadium, Chaoyang District, Beijing, China
phone: +86-10-64169966
fax-no: +86-10-64163632
country: CN
changed: wangjingying@cetc-chinacomm.com.cn 20031211
mnt-by: MAINT-CNNIC-AP
source: APNIC
person: Wang YongqiangHey nice to see China sorting out its spam problem again.
nic-hdl: WY152-AP
e-mail: ipmaster@cetc-chinacomm.com.cn
address: NO.1 North Road of Workers Stadium, Chaoyang District, Beijing, China
phone: +86-10-64163626
fax-no: +86-10-64163632
country: CN
changed: wangjingying@cetc-chinacomm.com.cn
23 August: We have a new domain Ladies
and Gents please meet: optinemails.org
Domain ID:D107210890-LROR
Domain Name:OPTINEMAILS.ORG
Created On:18-Aug-2005 07:46:33 UTC
Last Updated On:22-Aug-2005 06:04:23 UTC
Expiration Date:18-Aug-2006 07:46:33 UTC
Sponsoring Registrar:Moniker Online Services Inc. (R145-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:MONIKER158873
Registrant Name:Robert Soloway
Registrant Street1:PO Box 1259
Registrant Street2:
Registrant Street3:
Registrant City:Seattle
Registrant State/Province:WA
Registrant Postal Code:98111
Registrant Country:US
Registrant Phone:+1.2062231271
Registrant Phone Ext.:
Registrant FAX:+1.2062231271
Registrant FAX Ext.:
Registrant Email:bsoloway@inorbit.com
Admin ID:MONIKER158873
Admin Name:Robert Soloway
Admin Street1:PO Box 1259
Admin Street2:
Admin Street3:
Admin City:Seattle
Admin State/Province:WA
Admin Postal Code:98111
Admin Country:US
Admin Phone:+1.2062231271
Admin Phone Ext.:
Admin FAX:+1.2062231271
Admin FAX Ext.:
Admin Email:bsoloway@inorbit.com
Tech ID:MONIKER158873
Tech Name:Robert Soloway
Tech Street1:PO Box 1259
Tech Street2:
Tech Street3:
Tech City:Seattle
Tech State/Province:WA
Tech Postal Code:98111
Tech Country:US
Tech Phone:+1.2062231271
Tech Phone Ext.:
Tech FAX:+1.2062231271
Tech FAX Ext.:
Tech Email:bsoloway@inorbit.com
Name Server:NS3.VIRTUALUSE.COM
Name Server:NS2.VIRTUALUSE.COM
Name Server:NS4.VIRTUALUSE.COM
Name Server:NS1.VIRTUALUSE.COM
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Hmm smelly where
; <<>> DiG 9.2.4 <<>> optinemails.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30940
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;optinemails.org.
IN A
;; ANSWER SECTION:
optinemails.org.
3544 IN
A 218.244.189.18
;; Query time: 19 msec
Thats China
inetnum: 218.244.160.0 - 218.244.191.255
netname: CHINACOM
descr: CHINA COMMUNICATIONS SYSTEM Co.,Ltd
country: CN
admin-c: GJ121-AP
tech-c: WY152-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20020328
status: ALLOCATED PORTABLE
source: APNIC
person: Guo Jinbo
nic-hdl: GJ121-AP
e-mail: ipmaster@cetc-chinacomm.com.cn
address: NO.1 North Road of Workers Stadium, Chaoyang District, Beijing, China
phone: +86-10-64169966
fax-no: +86-10-64163632
country: CN
changed: wangjingying@cetc-chinacomm.com.cn 20031211
mnt-by: MAINT-CNNIC-AP
source: APNIC
person: Wang Yongqiang
nic-hdl: WY152-AP
e-mail: ipmaster@cetc-chinacomm.com.cn
address: NO.1 North Road of Workers Stadium, Chaoyang District, Beijing, China
phone: +86-10-64163626
fax-no: +86-10-64163632
country: CN
changed: wangjingying@cetc-chinacomm.com.cn
Hey nice to see China sorting out its spam problem.
22 August: Bob has spammed my domain owner account. DMA go give those
Congressman and Senator a bribe. Once on never off.
19 August: It seems that I am sending
Bob's spam to myself, but somehow I'm sending spam from myself to our
mail server in europe via a computer in South Africa hmm i don't think
that was me. Bobby has been on that darkmailer training course
(see the legal discovery pdf and prior entry). My thats
quite funny really. I've really got meet this nutjob called
Robert
one day. Like they say 'revenge is a dish best served cold.'
8 August: Oh well Bob, null points for
BAD HEADER MIME error: error: unexpected end of preamble
Meet new domain
optinemailingtoday.com, completing the set
with .net as well
-----------------------------------------------
Queried Domain Information as follows
-----------------------------------------------
Domain Name : optinemailtoday.com
::Registrant::
Name : Rob
Email : rsoloway@saintly.com
Address :
POBOX1259 - SEATTLE - WA - 98111
Zipcode : 98111
Nation : US
Tel : 2062231271
Fax :
::Administrative Contact::
Name : Rob
Email : rsoloway@saintly.com
Address :
POBOX1259 - SEATTLE - WA - 98111
Zipcode : 98111
Nation : US
Tel : 2062231271
Fax :
::Technical Contact::
Name : Rob
Email : rsoloway@saintly.com
Address :
POBOX1259 - SEATTLE - WA - 98111
Zipcode : 98111
Nation : US
Tel : 2062231271
Fax :
::Name Servers::
ns1.virtualuse.com
ns2.virtualuse.com
ns3.virtualuse.com
ns4.virtualuse.com
::Dates & Status::
Created Date
2005-07-31 11:21:38 EDT
Updated Date
2005-07-31 11:21:38 EDT
Valid
Date 2006-07-31 11:21:38 EDT
Status ACTIVE
Where ? why Russia comradski
dig optinemailtoday.com
; <<>> DiG 9.2.4 <<>> optinemailtoday.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9338
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;optinemailtoday.com.
IN A
;; ANSWER SECTION:
optinemailtoday.com.
0 IN
A 194.126.190.14
organisation: ORG-TP17-RIPE
org-name: Tekcom Project
org-type: NON-REGISTRY
address: Russian Federation
address: Moscow
address: Verxniya Radichenskava St. 3-1
e-mail: mixailovich@tekcom.ru
admin-c: MV3243-RIPE
tech-c: MV3243-RIPE
mnt-ref: MNT-TEKCOM
mnt-by: MNT-TEKCOM
source: RIPE # Filtered
person: Mikhail Vlasov
address: Russian Federation
address: Moscow
address: Verxniya Radichenskava St. 3-1
e-mail: mixailovich@tekcom.ru
phone: +7 921 9246323
nic-hdl: MV3243-RIPE
source: RIPE # Filtered
20 July: My Bob's been busy recently and I
have only put a few of the spam entries on the list.
I think Bob must have a learning difficulty as he is very slow to
understand what the word 'no' means and also with the news. Who
says you cannot have fun with people with learning difficulties.
18 July: Bob you need to go a darkmailer (his
open proxy spamming software) training course
Its spam. Way to go bob. Monkeys in a zoo
spam better than bob
17 July: Today, yes today im yet again part
of the 4.6 million plus people who said yes to Bob Soloway
meet the new domain optin2millions.net.
Got an email from spamis (seemed personal) - Jay ? have you been
passing my details on ?
Essentially Saying should microsoft have any power at all ? - well if nobody used Microsoft how would Bob spam us ?. Microsoft is a problem because of its size but not the problem bob thinks it has. Quite why should i worry about Microsoft when I just found im on yet another bob spam run. Americans
details about them
eh.
The logic is this: Microsoft write (bad) software, Bob spams.
Id rather 'trust' the software company than the person called Bob.
new domain: optin2millions.net
Domain Name : optin2millions.net
::Registrant::
Name : Robert Soloway
Email : 2millions@mail.com
Address : PO Box
1259 - Seattle, WA
Zipcode : 98101
Nation : US
Tel : (206)223-1271
details about them
Fax : (206)223-1271
::Administrative Contact::
Name : Robert Soloway
Email : 2millions@mail.com
Address : PO Box
1259 - Seattle, WA
Zipcode : 98101
Nation : US
Tel : (206)223-1271
Fax : (206)223-1271
::Technical Contact::
Name : Robert Soloway
Email : 2millions@mail.com
Address : PO Box
1259 - Seattle, WA
Zipcode : 98101
Nation : US
Tel : (206)223-1271
Fax : (206)223-1271
::Name Servers::
ns3.nowhostthis.com
ns1.nowhostthis.com
::Dates & Status::
Created Date
2005-07-10 12:25:26 EDT
Updated Date
2005-07-10 12:25:26 EDT
Valid
Date 2006-07-10 12:25:26 EDT
Status ACTIVE
Where ? well surprise me its China home of the spammers ? dig
optin2millions.net
; <<>> DiG 9.2.4 <<>> optin2millions.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38354
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;optin2millions.net.
IN A
;; ANSWER SECTION:
optin2millions.net. 3600
IN A
221.11.133.64
;; Query time: 3048 msec
inetnum: 221.11.128.0 - 221.11.223.255
netname: CNCGROUP-HI
descr: CNC Group Hainan province network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: CH455-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HI
changed: hm-changed@apnic.net 20030122
status: ALLOCATED PORTABLE
source: APNIC
role: CNCGroup Hostmaster
e-mail: abuse@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: abuse@cnc-noc.net 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC
10 July: Webmaster gets the history lesson.
Please meet OPTIN2MILLIONS.COM
Registrant:
Bobby Soloway
POBOX1259
Seattle, WA 98101
US
Domain name: OPTIN2MILLIONS.COM
Administrative Contact:
Soloway, Bobby bsoloway200@usa.com
POBOX1259
Seattle, WA 98101
US
+1.2062231271
Technical Contact:
Direct, Domain dnstech@domaindirect.com
96 Mowat Avenue
Toronto, ON M6K 3M1
CA
+1.4165312084 Fax: +1.4165315584
Registration Service Provider:
Domain Direct, dnstech@domaindirect.com
1-416-531-2084
http://www.domaindirect.com
This company may be contacted for domain
login/passwords,
DNS/Nameserver changes, and general domain support
questions.
Registrar of Record: TUCOWS, INC.
Record last updated on 08-Jul-2005.
Record expires on 05-Jul-2006.
Record created on 05-Jul-2005.
Domain servers in listed order:
NS1.DOMAINDIRECT.COM 216.40.33.21
NS2.DOMAINDIRECT.COM 216.40.33.22
NS3.DOMAINDIRECT.COM 204.50.180.58
Domain status: REGISTRAR-LOCK
5 July: The guy who checks the
spam-quaranteened messages now and then (eg once in a blue moon) told
me Bob made an appearance or too there, and said something that a Bob
was giving a 'history lession'. Like we care.
Also: I met a person today as well who told me that Novell in there
courseware where using the example domain "SpamIsUs.com" to block
spam. sounds close? Just think is they used spamis.net they
could have done a lot of there customers a huge favour.
Made me smile.... I might even drop them a line.
2 July: Bobs in Spain now, and the
postmaster saw another bounce in the queue Yep Bobs gone and renewed
another domain Ladies and Gentlemen may I introduce
optinemailing.net The Joys of working saturdays....
Primus Telecommunications Pty Ltd
(PlanetDomain/PrimusDomain)
Domain Name: OPTINEMAILING.NET
Reseller..............: #1 Cheap Domains
Created on............: 22 Jun 2005
00:00:00 EST
Expires on............: 22 Jun 2006
00:00:00 EST
Record last updated on: 22 Jun 2005
00:00:00 EST
Status................: ACTIVE
Domain Name: OPTINEMAILING.NET
Reseller..............: #1 Cheap Domains
Created on............: 22 Jun 2005
00:00:00 EST
Expires on............: 22 Jun 2006
00:00:00 EST
Record last updated on: 22 Jun 2005
00:00:00 EST
Status................: ATIVE
Owner, Administrative Contact, Technical Contact, Billing
Contact:
Bob Soloway (ID00192989)
POBOX1259
Seattle, WA 98111
United States
Phone: +1.2062231271
Email: opt2005@mail.com
Domain servers in listed order:
NS1.VIRTUALUSE.COM
NS2.VIRTUALUSE.COM
NS3.VIRTUALUSE.COM
NS4.VIRTUALUSE.COM
Hey a new domain registrar! Now where ....
dig optinemailing.net
; <<>> DiG 9.2.4 <<>> optinemailing.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59688
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;optinemailing.net.
IN A
;; ANSWER SECTION:
optinemailing.net. 1210
IN A
210.22.50.99
;; Query time: 21 msec
Thats China.
inetnum: 210.22.50.0 - 210.22.50.127
netname: shilong-trade-ltd
country: cn
descr: xian city,shanxi province
admin-c: TC254-AP
tech-c: TC254-AP
status: ASSIGNED NON-PORTABLE
changed: moujh@china-netcom.com 20021106
mnt-by: MAINT-CN-ZM28
source: APNIC
person: TECH GROUP CNC
address: 9/F, Building A, Corporate Square, No. 35 Financial Street,
address: Xicheng District, Beijing 100032, P.R.China
country: CN
phone: +86-10-88093588
fax-no: +86-10-88091442
e-mail: tech-group@china-netcom.com
nic-hdl: TC254-AP
mnt-by: MAINT-CN-ZM28
changed: zhaomq@china-netcom.com 20010917
source: APNIC
Smells like a Bob, have to wait until i get proper spam email though
1 July: Spamis.biz - you should know
the routine by now.... Its Bob again
whois spamis.biz
Domain
Name:
SPAMIS.BIZ
Domain
ID:
D9727894-BIZ
Sponsoring
Registrar:
TUCOWS INC.
Sponsoring Registrar IANA
ID:
69
Domain
Status:
clientTransferProhibited
Domain
Status:
clientUpdateProhibited
Registrant
ID:
TUDGUMZSDRD4TIV9
Registrant
Name:
Robert Soloway
Registrant
Organization:
SPAMIS
Registrant
Address1:
PO Box 1259
Registrant
City:
Seattle
Registrant
State/Province:
WA
Registrant Postal
Code:
98111
Registrant
Country:
United States
Registrant Country
Code:
US
Registrant Phone
Number:
+1.2062231271
Registrant
Email:
contact@broadcastadvertise.net
Administrative Contact
ID:
TU7PPZAYNKB0HFZU
Administrative Contact
Name:
Domain Direct
Administrative Contact
Organization: Domain
Direct
Administrative Contact
Address1:
96 Mowat Avenue
Administrative Contact
City:
Toronto
Administrative Contact
State/Province: ON
Administrative Contact Postal
Code: M6K3M1
Administrative Contact
Country:
Canada
Administrative Contact Country
Code: CA
Administrative Contact Phone
Number: +1.4165312084
Administrative Contact Facsimile Number:
+1.4165315584
Administrative Contact
Email:
admin-contact@domaindirect.net
Billing Contact
ID:
TUAFYHRK4M9KJRXR
Billing Contact
Name:
Domain Direct
Billing Contact
Organization:
Domain Direct
Billing Contact
Address1:
96 Mowat Avenue
Billing Contact
City:
Toronto
Billing Contact
State/Province:
ON
Billing Contact Postal
Code:
M6K3M1
Billing Contact
Country:
Canada
Billing Contact Country
Code:
CA
Billing Contact Phone
Number:
+1.4165312084
Billing Contact Facsimile
Number:
+1.4165315584
Billing Contact
Email:
admin-contact@domaindirect.net
Technical Contact
ID:
TUSEET3MHGQ2FPDX
Technical Contact
Name:
Domain Direct
Technical Contact
Organization:
Domain Direct
Technical Contact
Address1:
96 Mowat Avenue
Technical Contact
City:
Toronto
Technical Contact
State/Province:
ON
Technical Contact Postal
Code:
M6K3M1
Technical Contact
Country:
Canada
Technical Contact Country
Code:
CA
Technical Contact Phone
Number:
+1.4165312084
Technical Contact Facsimile
Number:
+1.4165315584
Technical Contact
Email:
dnstech@domaindirect.com
Name
Server:
NS1.DOMAINDIRECT.COM
Name
Server:
NS2.DOMAINDIRECT.COM
Name
Server:
NS3.DOMAINDIRECT.COM
Created by
Registrar:
TUCOWS INC.
Last Updated by
Registrar:
TUCOWS INC.
Domain Registration
Date:
Sat May 14 21:42:30 GMT 2005
Domain Expiration
Date:
Sat May 13 23:59:59 GMT 2006
Domain Last Updated
Date:
Sat May 14 21:42:33 GMT 2005
>>>> Whois database was last updated on: Thu Jun 30
19:14:53 GMT 2005 <<<<
where ? Looks lile ... Canada - Bob loves doing business in America
... NOT .....
dig spamis.biz
; <<>> DiG 9.2.4 <<>> spamis.biz
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54843
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;spamis.biz.
IN A
;; ANSWER SECTION:
spamis.biz.
600 IN
A 216.40.33.117
;; Query time:
Address: 96 Mowat Avenue
City: Toronto
StateProv: ON
PostalCode: M6K-3M1
Country: CA
NetRange: 216.40.32.0 - 216.40.47.255
CIDR: 216.40.32.0/20
NetName: TUCOWS-BLK1
NetHandle: NET-216-40-32-0-1
Parent: NET-216-0-0-0-0
NetType: Direct Assignment
NameServer: DNS1.TUCOWS.COM
NameServer: DNS2.TUCOWS.COM
NameServer: DNS3.TUCOWS.COM
Comment:
RegDate: 2000-06-09
Updated: 2003-10-10
NOCHandle: OPERA30-ARIN
NOCName: Operations Admin
NOCPhone: +1-416-535-0123
NOCEmail: dnsadmin@tucows.com
TechHandle: OPERA26-ARIN
TechName: Operations Team
TechPhone: +1-416-535-0123
TechEmail: dnstech@tucows.com
OrgTechHandle: OPERA26-ARIN
OrgTechName: Operations Team
OrgTechPhone: +1-416-535-0123
OrgTechEmail: dnstech@tucows.com
Lol.
30 June: New 'poo' in in the inbox and it
looks like its been sent via another bot net computer (meaning the
owner does not know there sending spam) - but quite humorous
this one Breaking News for
Robert for this month is a piece of old journalism from November last
year. I wont indulge you with it.
Something in the mail points to a ?new? domain spamis.biz
Something else to checkout...
My Bob seems to have cash to flash on domain registrars recently.
24 June: Bob is apparently spamming
again, and recycling some old domain names he has used in the past. The
host reported changes . Welcome insert a fanfare to broadcastemailadvertising.net
Here comes the dns, and registration.
Domain Name : broadcastemailadvertising.net
::Registrant::
Name : Joseph Lehmann
Email : Lehmann1@safe-mail.net
Address : 1661 Oro Vista RD
Zipcode : 92154
Nation : US
Tel : 619-749-3840
Fax :
::Administrative Contact::
Name : Joseph Lehmann
Email : Lehmann1@safe-mail.net
Address : 1661 Oro Vista RD
Zipcode : 92154
Nation : US
Tel : 619-749-3840
Fax :
::Technical Contact::
Name : Joseph Lehmann
Email : Lehmann1@safe-mail.net
Address : 1661 Oro Vista RD
Zipcode : 92154
Nation : US
Tel : 619-749-3840
Fax :
::Name Servers::
ns8983.broadcastemailadvertising.net
ns1594.broadcastemailadvertising.net
::Dates & Status::
Created Date 2005-06-09 12:52:13 EDT
Updated Date 2005-06-09 12:52:13 EDT
Valid Date 2006-06-09 12:52:13 EDT
Status ACTIVE
; <<>> DiG 9.2.4 <<>> broadcastemailadvertising.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1564
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;broadcastemailadvertising.net. IN A
;; ANSWER SECTION:
broadcastemailadvertising.net. 43200 IN A 218.234.109.216
;; Query time:
Well that currently is Korea
inetnum: 218.234.0.0 - 218.239.255.255
netname: HANANET
descr: Hanaro Telecom Co.
descr: Kukje Electornics Cneter Bldg. 1445-3 Seocho-Dong Seocho-Ku
country: KR
Who is Joseph ?
20 June: Created a comment section about this spamis ranting Bobs got
up and running and found out the .org site is defunct.
Not sure whats happening about spamis.cc
that was also reporting 'not found'
17 June: The mail system team found this late
last night - the spam filter/mail system thing rejected Bob's message,
but the message was badly formatted according to how email should be
sent.
So the mailserver then tried to send a message back. Lets have
a look at the log.
connect to spamis.org[216.40.33.117]: Connection refused (port 25)
Jun 16 00:31:58 hostname MAILSERVER TYPE/smtp[NUMBER]: MSG ID: to=<contact@spamis.org>,
relay=none, delay=3327, status=deferred (connect to spamis.org[216.40.33.117]: Connection refused)
The mailserver could not even connect to his mailserver that one of
his spammy isp setup for Bob. The mail team deleted the message
from the outbound queue.
So it seems that Bob here is very happy to send send his delusional
crap via open proxies - (see list), but very unwilling to receive
stuff. Hmm too many spammers do this.
Have at laugh at Bob, we are.
10 June: contact@spamis.org
Bob 'thinks' that microsoft sends the spam, not himself - whom also
sent this spam to us. I love this moron with learning
difficulties. Now the spammer decides he is now an anti-spammer
and yes I believe in pixies too.
I may dislike Microsoft but if they are intentionally spamming
people then it is a profit centre.
I think it should to be mentioned as a product on there website - can't
see it sorry. Personally we are all looking forward to Bob using
this site as evidence in his spams to prove his perverted logic.
We can only dream.
.You are receiving this email notification because...
-> MICROSOFT SENDS ILLEGAL UNSOLICITED COMMERCIAL SPAM <-
OUR MISSION: Worldwide Boycott of MICROSOFT Software / Hardware / Service
SHOW YOUR SUPPORT: "Don't Support Illegal Spam, Don't Buy Microsoft Produ
Bob has ?apparently? been sub-renting this house
Facts are a little confused
There is also apparently a Rob Cain at the address and a gardener as
well (?Saladoff family?)
Soneone has sold the house with the picture of the cars
in. This house was being used by Bob for domain
registrations.
Thanks to the Real Estate agent who made these available
publicly over
the web and also to the person who told me about it (a large thank you
to you.)
So we now have interior pictures. After the last picture there
is more text relating to the sale
It will be interesting to see if the money goes to Microsoft - or
this not his to begin with -
Robert has been buying new domains and webhosting his new address seems to be here.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
A big thank you to Gateway Real Estate
http://www.ashlandagent.com/sold.htm (V E R Y S L O W W E B
S I T E)
Property Type: Residential
Status
)
Status Sold
Date 05/20/05
Listing# 251104
Price 1,093,000
Address 279 Granite St
City Ashland
Area Ashland
BD 3
BA 3
Lot Size 0.230
Sq Ft 3748
Property Type Residential
Property Subtype Residential
Area Ashland
Beds 3 Sq Ft(approx)
3748 Seller
Baths(FH) 3 (3 0) Price/Sq Ft
291.62
Year Built 1999 Lot Sq Ft(approx)
10019 ((Assessor))
Tax Act ID 10930582
DOM 24 Lot Acres (approx)
0.230
TRS 39 1E 8 Selling Price
$1,093,000 SP%LP 100.00
Marketing Remarks This beautiful home is located across from Lithia
Park by the upper duck pond.The focus of the main floor is the large
family/kitchen area with its 19'ceilings, oversized windows, fireplace,
& hardwood floors. On the second floor, a bridge over the main
floor separates the master bed/bath from the other two bedrooms. Each
bedroom has its own balcony and walk-in closet. Below the main level is
a 500' finished space that offers many possibilities. From this level,
you enter the 4-car garage. The 1/4 acre is totally maintenance
free.Some great trails are easily accessible from this property.
6 June:
He's back! with spam, I'm still one of those 'lucky' 7 and half
million. Way to go Bob!
CHARITY CONTACT:
email your web site to 7,500,000+ opt-in email addresses for free...
http://www.broadcastadvertising.org
3 June:
Another domain spamis.cc essentially a large rant about marketing is
not spamming - Robert thats good well done - shame you had
to say it
I quote from the webpage: MISSION STATEMENT FROM SPAMIS
FOUNDER:
Microsoft has secretly been spending countless vast resources trying to
remove all sources of this data on the internet, canceling messages,
shredding internal documents and memos and having employees sign
confidentiality agreements relating to keeping quiet about their past
and current spamming practices. Unfortunately for them, there's
only so much evidence shredding they can do...
Through 2005 and 2006, we will expose Microsoft for what it
claims to be. "We are a Spamhaus" as stated by the Microsoft Email
Abuse Administrator; Mike Lyman.
Through thousands of now public Microsoft internal documents, memos,
emails, online messages, white papers, and ex-Microsoft and anonymous
current employee statements that we have obtained (all through
legitimate and legal methods.) to be released publicly worldwide to
over 1,940,000,000 internet user email addresses and 16,310 media
outlets worldwide, our goal is 99.9% saturation of the Internet public
with the information we have obtained on Microsoft's spamming
practices.
his quote ends.
Quite frankly he is going to spam you again. - you heard it here
first. and straight from Robert.
Here we go:
Registrant:
Robert Alan S. (contact@spamis.org)
SPAMIS
PO Box 1259
Seattle, WA 98111
US
+1.2062231271
Domain Name: spamis.cc
Administrative, Technical, Billing Contact:
Robert Alan S. (contact@spamis.org)
SPAMIS
PO Box 1259
Seattle, WA 98111
US
+1.2062231271
Record created on May 17 2005.
Record expires on May 17 2006.
Domain servers:
ns1.dnsdns1.com
ns2.dnsdns1.com
Domain Service Provider:
Primus Telecom
Where ..
dig spamis.cc
; <<>> DiG 9.2.4 <<>> spamis.cc
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48541
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;spamis.cc.
IN A
;; ANSWER SECTION:
spamis.cc.
14400 IN
A 81.2.197.66
;; Query time: 54 msec
81.2.197.66 is ... Czech Republic, - europe
inetnum: 81.2.197.0 - 81.2.197.255
netname: CZ-INTERNET
descr: Servers Ktis
descr: Ktis 2
descr: okres Prachatice
descr: 384 03
country: CZ
admin-c: ZZ70-RIPE
tech-c: PK677-RIPE
status: ASSIGNED PA
mnt-by: INTERNET-CZ-MNT
source: RIPE # Filtered
person: Zdenka Zadrazilova
address: INTERNET CZ, a.s.
details about them
address: Ktis 2
ad
