oldskoolflash Posted October 11, 2005 Share Posted October 11, 2005 Ok I got http://belfry.thebestpills4u.com shut down by tracing it to DirectI and filing a report. Having some problems with this one... Spamcop will cannot resolve http://hoarseness.livegun.info The furthest I can get is shown below - is there a reliable way to trace the upstream server so I don't have to keep posting here? I use samspade.org - sometimes it yeilds results other times I just hit a brick wall. As soon as I can get a host, I can send to my friend at Pfizer and get them shut down quicker than you can say viagra. X-Gmail-Received: d9b9a7300a2c8b93e6331067b2d3733c48fbf280 Delivered-To: x Received: by 10.36.141.7 with SMTP id o7cs18489nzd; Tue, 11 Oct 2005 06:34:08 -0700 (PDT) Received: by 10.54.125.1 with SMTP id x1mr3557375wrc; Tue, 11 Oct 2005 06:34:08 -0700 (PDT) Return-Path: <bredpitcoachman[at]africamail.com> Received: from bouffont (i220-108-232-194.s02.a024.ap.plala.or.jp [220.108.232.194]) by mx.gmail.com with SMTP id 33si538563wra.2005.10.11.06.33.55; Tue, 11 Oct 2005 06:34:08 -0700 (PDT) Received-SPF: neutral (gmail.com: 220.108.232.194 is neither permitted nor denied by domain of bredpitcoachman[at]africamail.com) Message-ID: <hqghumeayl.6189279543lfdxfircvs[at]Brax.usenetxggbwkf.com> From: "Brax.usenet" <bredpitcoachman[at]africamail.com> Date: Tue, 11 Oct 2005 22:39:34 +0900 To: x Subject: hi MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/html; charset=iso-8859-1 <html> <font color= "#FFFBFC">Urania residences Munsey megabyte Palmyra</font><br> <font color= "#FFFBFC">strait dismissed balls interframe films</font><br> <font color= "#FFFBFC">lulled clarify vacuuming reproduced bedrock</font><br> <a hreflegionhref=http://flannels.com href= "http://hoarseness.livegun.info"><font size="6"><b>buuy gener1c v11agr[at]! 0nly I.80</a> <font color= "#FFFBFC">inflatable bounds affidavit tribal deliverers</font><br> <font color= "#FFFBFC">herding relaxing Drummond sneered mosaic</font><br> <font color= "#FFFBFC">radiology Mendelizes bathrobe chink routings</font><br> </html> Tracking info: http://livegun.info = [ 202.30.198.201 ] Access to INFO WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Afilias registry database. The data in this record is provided by Afilias Limited for informational purposes only and Afilias does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that under no circumstances will you use this data to: (a) allow enable or otherwise support the transmission by e-mail telephone or facsimile of mass unsolicited commercial advertising or solicitations to entities other than the data recipient's own existing customers; or ( enable high volume automated electronic processes that send queries or data to the systems of Registry Operator a Registrar or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Afilias reserves the right to modify these terms at any time. By submitting this query you agree to abide by this policy. Domain ID: D10941464-LRMS Domain Name: LIVEGUN.INFO Created On: 03-Oct-2005 09: 01: 21 UTC Expiration Date: 03-Oct-2006 09: 01: 21 UTC Sponsoring Registrar: Direct Information Pvt. Ltd. (R159-LRMS) Status: TRANSFER PROHIBITED Registrant ID: DI_1921988 Registrant Name: Susan Maingay Registrant Organization: N/A Registrant Street1: Al. Jerozolimskie 59 Registrant City: Warsaw Registrant State/Province: Warazawa Registrant Postal Code: 00697 Registrant Country: PL Registrant Phone: 48.226955900 Registrant Email: susamaing[at]yahoo.com Admin ID: DI_1921988 Admin Name: Susan Maingay Admin Organization: N/A Admin Street1: Al. Jerozolimskie 59 Admin City: Warsaw Admin State/Province: Warazawa Admin Postal Code: 00697 Admin Country: PL Admin Phone: 48.226955900 Admin Email: susamaing[at]yahoo.com Billing ID: DI_1921988 Billing Name: Susan Maingay Billing Organization: N/A Billing Street1: Al. Jerozolimskie 59 Billing City: Warsaw Billing State/Province: Warazawa Billing Postal Code: 00697 Billing Country: PL Billing Phone: 48.226955900 Billing Email: susamaing[at]yahoo.com Tech ID: DI_1921988 Tech Name: Susan Maingay Tech Organization: N/A Tech Street1: Al. Jerozolimskie 59 Tech City: Warsaw Tech State/Province: Warazawa Tech Postal Code: 00697 Tech Country: PL Tech Phone: 48.226955900 Tech Email: susamaing[at]yahoo.com Name Server: NS1.GREATPHARMACY.INFO Name Server: NS2.GREATPHARMACY.INFO Name Server: NS2.PIILS24.INFO Name Server: NS1.PIILS24.INFO Link to comment Share on other sites More sharing options...
Merlyn Posted October 11, 2005 Share Posted October 11, 2005 Not sure if you can get this one shut down. It's hosted in Korea. http://www.spamhaus.org/sbl/sbl.lasso?query=SBL33226 Ref: SBL33226 202.30.198.200/29 is listed on the Spamhaus Block List (SBL) BUT::::::::::::::: It looks like it is registered through Direct Information Pvt. Ltd. and Direct Information Pvt. Ltd. is DirectI so you can probably do the same with this one. Same contacts as your last one hoarseness.livegun.info = 202.30.198.201 Sponsoring Registrar: Direct Information Pvt. Ltd. (R159-LRMS) inetnum: 202.30.0.0 - 202.31.255.255 netname: KRNIC-KR descr: KRNIC descr: Korea Network Information Center country: KR admin-c: HM127-AP tech-c: HM127-AP remarks: ****************************************** remarks: KRNIC is the National Internet Registry remarks: in Korea under APNIC. If you would like to remarks: find assignment information in detail remarks: please refer to the KRNIC Whois DB remarks: http://whois.nic.or.kr/english/index.html remarks: ****************************************** mnt-by: APNIC-HM mnt-lower: MNT-KRNIC-AP changed: hostmaster[at]apnic.net 19960229 changed: hostmaster[at]apnic.net 20010606 status: ALLOCATED PORTABLE source: APNIC person: Host Master address: 11F, KTF B/D, 1321-11, Seocho2-Dong, Seocho-Gu, address: Seoul, Korea, 137-857 country: KR phone: +82-2-2186-4500 fax-no: +82-2-2186-4496 e-mail: hostmaster[at]nic.or.kr nic-hdl: HM127-AP mnt-by: MNT-KRNIC-AP changed: hostmaster[at]nic.or.kr 20020507 source: APNIC inetnum: 202.30.198.0 - 202.30.198.255 netname: SHINBIRO-INFRA-KR descr: ONSE Telecom descr: 192-2, Kumi-dong, Bundang-ku, Sungnam-si descr: KYONGGI descr: 463-500 country: KR admin-c: IA15354-KR tech-c: IM15342-KR remarks: This IP address space has been allocated to KRNIC. remarks: For more information, using KRNIC Whois Database remarks: whois -h whois.nic.or.kr mnt-by: MNT-KRNIC-AP remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.krnic.net. changed: hostmaster[at]nic.or.kr source: KRNIC person: IP Administrator descr: Korea Telecom descr: 206, Jungja-dong, Bundang-gu, Sungnam-ci descr: GYUNGGI descr: 463-711 country: KR phone: +82-2-3674-5708 fax-no: +82-2-747-8701 e-mail: ip[at]ns.kornet.net nic-hdl: IA15354-KR mnt-by: MNT-KRNIC-AP changed: hostmaster[at]nic.or.kr 20050915 source: KRNIC person: IP Manager descr: Korea Telecom descr: 206, Jungja-dong, Bundang-gu, Sungnam-ci descr: GYUNGGI descr: 463-711 country: KR phone: +82-2-3674-5708 fax-no: +82-2-747-8701 e-mail: ip[at]ns.kornet.net nic-hdl: IM15342-KR mnt-by: MNT-KRNIC-AP changed: hostmaster[at]nic.or.kr source: KRNIC Link to comment Share on other sites More sharing options...
oldskoolflash Posted October 11, 2005 Author Share Posted October 11, 2005 Not sure if you can get this one shut down. It's hosted in Korea. http://www.spamhaus.org/sbl/sbl.lasso?query=SBL33226 Ref: SBL33226 202.30.198.200/29 is listed on the Spamhaus Block List (SBL) BUT::::::::::::::: It looks like it is registered through Direct Information Pvt. Ltd. and Direct Information Pvt. Ltd. is DirectI so you can probably do the same with this one. Same contacts as your last one Thanks Merlyn Link to comment Share on other sites More sharing options...
Merlyn Posted October 11, 2005 Share Posted October 11, 2005 No problem Link to comment Share on other sites More sharing options...
dra007 Posted October 11, 2005 Share Posted October 11, 2005 No problem 34001[/snapback] Good Job... wish we could join forces, I am still innundated with cialis e-mails despite reporting them for a couple of years... They just keep moving on.. Link to comment Share on other sites More sharing options...
Jeff G. Posted October 11, 2005 Share Posted October 11, 2005 Sorry, you can't stop at APNIC fingering KRNIC - you have to go one step further to see KRNIC fingering ONSE Telecom (shinbiro), as follows: 10/11/05 12:14:46 whois 202.30.198.201[at]whois.nic.or.kr whois -h whois.nic.or.kr 202.30.198.201 ... Çѱ¹ÀÎÅͳÝÁøÈï¿ø(NIDA)ÀÇ ÀÎÅͳÝÁ¤º¸¼¾ÅÍ(KRNIC)°¡ Á¦°øÇÏ´Â Whois ¼ºñ½º ÀÔ´Ï´Ù. query: 202.30.198.201 # ENGLISH KRNIC is not a ISP but a National Internet Registry similar to APNIC. The followings are information of the organization that is using the IPv4 address. IPv4 Address : 202.30.198.0-202.30.198.255 Network Name : SHINBIRO-INFRA Connect ISP Name : SHINBIRO Connect Date : 20050201 Registration Date : 20050202 [ Organization Information ] Organization ID : ORG2324 Org Name : ONSE Telecom State : KYONGGI Address : 192-2, Kumi-dong, Bundang-ku, Sungnam-si Zip Code : 463-500 [ Admin Contact Information] Name : IP Administrator Org Name : ONSE Telecom State : KYONGGI Address : 192-2, Kumi-dong, Bundang-ku, Sungnam-si Zip Code : 463-500 Phone : +82-31-738-6421 Fax : +82-31-738-6430 E-Mail : onse-ip[at]matrix.shinbiro.com [ Technical Contact Information ] Name : IP Manager Org Name : ONSE Telecom State : KYONGGI Address : 192-2, Kumi-dong, Bundang-ku, Sungnam-si Zip Code : 463-500 Phone : +82-31-738-6421 Fax : +82-31-738-6430 E-Mail : onse-ip[at]matrix.shinbiro.com -------------------------------------------------------------------------------- If the above contacts are not reachable, please see the following ISP contacts for further information or network abuse. [ ISP IPv4 Admin Contact Information ] Name : IP Administrator Phone : +82-31-738-6421 Fax : +82-31-738-6430 E-Mail : onse-ip[at]matrix.shinbiro.com [ ISP IPv4 Tech Contact Information ] Name : IP Manager Phone : +82-31-738-6421 Fax : +82-31-738-6430 E-Mail : onse-ip[at]matrix.shinbiro.com [ ISP Network Abuse Contact Information ] Name : Network abuse Phone : +82-31-738-6417 Fax : +82-31-738-6430 E-Mail : abuse[at]shinbiro.com # KOREAN KRNICÀº ±¹³» ÀÎÅͳÝÁÖ¼ÒÀÚ¿øÀ» °ü¸®ÇÏ´Â °÷ÀÔ´Ï´Ù. Á¶È¸°á°ú´Â ¾Æ·¡¿Í °°À¸¸ç, ½ÇÁ¦ Á¤º¸¿Í »óÀÌÇÒ ¼ö ÀÖ½À´Ï´Ù. IPv4 ÁÖ¼Ò : 202.30.198.0-202.30.198.255 ³×Æ®¿öÅ© À̸§ : SHINBIRO-INFRA ¿¬°á ISP¸í : SHINBIRO ISP ¿¬°á³¯Â¥ : 20050201 ÇÒ´ç³»¿ª µî·ÏÀÏ : 20050202 [ IPv4 »ç¿ë ±â°ü Á¤º¸ ] ±â°ü°íÀ¯¹øÈ£ : ORG2324 ±â°ü¸í : (ÁÖ)¿Â¼¼Åë½Å ½Ãµµ¸í : °æ±â ÁÖ¼Ò : ¼º³²½Ã ºÐ´ç±¸ ±¸¹Ìµ¿ 192-2 [ ³×Æ®¿öÅ© Ã¥ÀÓÀÚ Àι° Á¤º¸ ] À̸§ : IP ÁÖ¼Ò °ü¸®ÀÚ ±â°ü¸í : SHINBIRO ½Ãµµ¸í : °æ±â ÁÖ¼Ò : ¼º³²½Ã ºÐ´ç±¸ ±¸¹Ìµ¿ 192-2 ÀüÈ ¹øÈ£ : +82-31-738-6421 Fax : +82-31-738-6430 ÀüÀÚ ¿ìÆí : onse-ip[at]matrix.shinbiro.com [ ³×Æ®¿öÅ© ´ã´çÀÚ Àι° Á¤º¸ ] À̸§ : IP ÁÖ¼Ò ´ã´çÀÚ ±â°ü¸í : SHINBIRO ½Ãµµ¸í : °æ±â ÁÖ¼Ò : ¼º³²½Ã ºÐ´ç±¸ ±¸¹Ìµ¿ 192-2 ¿ìÆí ¹øÈ£ : 463-500 ÀüÈ ¹øÈ£ : +82-31-738-6421 Fax : +82-31-738-6430 ÀüÀÚ ¿ìÆí : onse-ip[at]matrix.shinbiro.com -------------------------------------------------------------------------------- ¸¸¾à À§ÀÇ IPv4ÁÖ¼Ò »ç¿ë±â°ü Á¤º¸°¡ ¿Ã¹Ù¸£Áö ¾ÊÀ» °æ¿ì¿¡´Â ¾Æ·¡ÀÇ ÇØ´ç ¿¬°á ISP ´ç´çÀÚ¿¡°Ô ¹®ÀÇÇϽñ⠹ٶø´Ï´Ù. [ ¿¬°áISPÀÇ IPv4ÁÖ¼Ò Ã¥ÀÓÀÚ Á¤º¸ ] À̸§ : IP ÁÖ¼Ò °ü¸®ÀÚ ÀüÈ ¹øÈ£ : +82-31-738-6421 Fax : +82-31-738-6430 ÀüÀÚ ¿ìÆí : onse-ip[at]matrix.shinbiro.com [ ¿¬°áISPÀÇ IPv4ÁÖ¼Ò °ü¸®ÀÚ Á¤º¸ ] À̸§ : IP ÁÖ¼Ò ´ã´çÀÚ ÀüÈ ¹øÈ£ : +82-31-738-6421 Fax : +82-31-738-6430 ÀüÀÚ ¿ìÆí : onse-ip[at]matrix.shinbiro.com [ ¿¬°áISPÀÇ Network Abuse ´ã´çÀÚ Á¤º¸ ] À̸§ : Network abuse ´ã´çÀÚ ÀüÈ ¹øÈ£ : +82-31-738-6417 Fax : +82-31-738-6430 ÀüÀÚ ¿ìÆí : abuse[at]shinbiro.com Link to comment Share on other sites More sharing options...
Merlyn Posted October 11, 2005 Share Posted October 11, 2005 Sorry, you can't stop at APNIC fingering KRNIC - you have to go one step further to see KRNIC fingering ONSE Telecom (shinbiro), as follows: 34008[/snapback] If he goes after the registrar and the registration is revoked it really doesn't matter where it is hosted. Link to comment Share on other sites More sharing options...
oldskoolflash Posted October 12, 2005 Author Share Posted October 12, 2005 Sorry, you can't stop at APNIC fingering KRNIC - you have to go one step further to see KRNIC fingering ONSE Telecom (shinbiro), as follows: 34008[/snapback] I have reported to shinbiro, but I'm not holding out for them to take any action. I thing Merlyn's suggestion about going after the registrar is good. Basically you've gotta go with whoever is prepared to take action, if DirectI have the the imputus at the moment then you have to use that to your advantage Link to comment Share on other sites More sharing options...
karlisma Posted October 12, 2005 Share Posted October 12, 2005 These guys are doing good. for example: gamecost.info (can be anything innocent_name.info) tracking link: http://www.spamcop.net/sc?id=z814780423zba...9bd52657167dfaz if it is .info, it will not be resolved. I mean never link with .info has been resolved, and it always points to the same layout page from V.I.P. Online IP is most of the times from shinbiro, or cnc-noc.net I don't get, why just these pages, probably there is some trick with DNS resolving, probably made speciallly for fooling spamcop. These pages allways resolve for me, with a little more than a second waiting. Link to comment Share on other sites More sharing options...
dbiel Posted October 12, 2005 Share Posted October 12, 2005 These pages allways resolve for me, with a little more than a second waiting. This is actually the answer why the parser does not resolve the address. It does not try twice and it has a fairly short wait period before it ignores the entry. If you would like to make the parser try again, simply click on the tracking URL to rerun the parse (note: do NOT click on cancel reports as that will set the reports sent/cancelled flag) To repeat, just scroll back to the top of the screen and click on the tracking URL. Note: that even with repeated running of the parser, some links will never beresolved by the parser even though they will always resolve in your own browser. If you want, you can always add a manual report. Link to comment Share on other sites More sharing options...
Jeff G. Posted October 12, 2005 Share Posted October 12, 2005 If you would like to make the parser try again, simply click on the tracking URL to rerun the parse ... To repeat, just scroll back to the top of the screen and click on the tracking URL.34054[/snapback] Please note that the above advice only works for http://www.spamcop.net because the Tracking URL on the parsing page ALWAYS refers to a page on http://www.spamcop.net. Better (and faster) advice is to use the "Refresh" or "Reload" feature of your browser (usually F5 or an icon with two green or blue arrows chasing each other around in a circle) to reload the page, whether it is on http://www.spamcop.net, http://members.spamcop.net, or http://mailsc.spamcop.net. This is faster because no scrolling up to the top of the page is necessary. Link to comment Share on other sites More sharing options...
karlisma Posted October 12, 2005 Share Posted October 12, 2005 I have to admit i am not such a newbie.... Of course i do refresh, i do it 10 times or so, until i find out that there is no result. After refreshing 5 times or so, i just copy the link in new browser tab, and here it goes - same purple site with V.I.P. online as "trickmasters". With the same no IP found discarded as fake (There were problems with geocities links, but they do resolve at 4th or 5th refresh, it is OK now, and, Yes, i have read these topics here) These - never do. Probably you have to look where the problem lies, in this particular "PURPLE V.I.P. online" page. Anyway, thank You for "You care". Link to comment Share on other sites More sharing options...
Wazoo Posted October 12, 2005 Share Posted October 12, 2005 for example: gamecost.info (can be anything innocent_name.info) if it is .info, it will not be resolved. I mean never link with .info has been resolved, and it always points to the same layout page from V.I.P. Online IP is most of the times from shinbiro, or cnc-noc.net I don't get, why just these pages, probably there is some trick with DNS resolving, probably made speciallly for fooling spamcop. These pages allways resolve for me, with a little more than a second waiting. 34053[/snapback] http://www.dnsreport.com/tools/dnsreport.c...n=gamecost.info Notice all the red blocks, notice the two DNS servers (kind of) repsonding ... note the IP address of those servers .. note the following data; 10/12/05 12:47:05 Slow traceroute gamecost.info Trace gamecost.info (202.30.198.201) ... Notice anything coincidetal ????? Your NS records at the parent servers are: ns2.wondermed.info. [222.122.46.73] [TTL=86400] [KR] ns2.drgoodhealth.info. [222.122.46.73] [TTL=86400] [KR] ns1.wondermed.info. [202.30.198.201] [TTL=86400] [KR] ns1.drgoodhealth.info. [202.30.198.201] [TTL=86400] [KR] Your NS records at your nameservers are: ns2.gamecost.info. [202.30.198.201] [TTL=600] ns1.gamecost.info. [202.30.198.201] [TTL=600] ERROR: Some of your nameservers listed at the parent nameservers did not respond. The ones that did not respond are: 222.122.46.73 222.122.46.73 Link to comment Share on other sites More sharing options...
karlisma Posted October 13, 2005 Share Posted October 13, 2005 So. Isn't it done like this especially for spamcop and similar services? To hide away, to never get blacklisted and noticed. This is what made me post these messages. Not "that they have it wrong, they nameservers not working". Anyway, there is a question when reporting spam "Make sure it is spam" And I am sure, if i check. The catch here is, not the .info nor shinbiro or goodmeds. The cathc is "V.I.P. online", and i think they are doing this intentionally. (and effectively) Link to comment Share on other sites More sharing options...
dbiel Posted October 13, 2005 Share Posted October 13, 2005 Remember that SpamCop never lists web sites. Only the IP address of the acknowledge source of the spam (not necessarily the true source) gets listed in the SpamCop Bl. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted October 13, 2005 Share Posted October 13, 2005 So. Isn't it done like this especially for spamcop and similar services? To hide away, to never get blacklisted and noticed. This is what made me post these messages. Not "that they have it wrong, they nameservers not working". 34111[/snapback] As dbiel said, web sites do not get blocklisted. You are always welcome to manually LART the spamvertized site or even add your own address to the reports going out. Link to comment Share on other sites More sharing options...
Jeff G. Posted October 13, 2005 Share Posted October 13, 2005 web sites do not get blocklisted.34129[/snapback] Web sites do not get blocklisted directly by the SCBL, but they do get listed by SURBL as an indirect result of SpamCop Reports. Link to comment Share on other sites More sharing options...
dbiel Posted October 13, 2005 Share Posted October 13, 2005 Web sites do not get blocklisted directly by the SCBL, but they do get listed by SURBL as an indirect result of SpamCop Reports.34134[/snapback] Jeff, do you have any additional information of that. Specificly the exact details as to what SpamCop forwards, does not forward, etc. In many cases the web site information is being reported for the benifit of the owner to help him deal with a spammer using the referenced site without permission. Prime example is bank scams. It smells like a new FAQ / glossary entry Wazoo made a mention of SURBL with the comment , there is an indirect feed to the SURBL, but that's a whole 'nother story.The following post is probably a good start. http://forum.spamcop.net/forums/index.php?...indpost&p=30108 Link to comment Share on other sites More sharing options...
Jeff G. Posted October 13, 2005 Share Posted October 13, 2005 Thanks for the suggestion. Please see my new FAQ Entry: How does SpamCop interface with SURBL?. Link to comment Share on other sites More sharing options...
karlisma Posted October 14, 2005 Share Posted October 14, 2005 Remember that SpamCop never lists web sites. Only the IP address of the acknowledge source of the spam (not necessarily the true source) gets listed in the SpamCop Bl. 34118[/snapback] I DO know it, but they(that particular company) are allways with the same tricks. Here we go again, another from same shelf (MyCanadianMeds) alwaysnewsites.info. So far, only these two (companies!) have come up with the same result. http://www.spamcop.net/sc?id=z815472933ze0...ddb27fb4ec895ez Can anything be done with this kind of (no)resolving? Link to comment Share on other sites More sharing options...
Jeff G. Posted October 14, 2005 Share Posted October 14, 2005 http://www.spamcop.net/sc?id=z815472933ze0...ddb27fb4ec895ez34182[/snapback] I'm beginning to wonder if the Parser can resolve ANY .info site in a spamvertised URL. I see the following nameservers for .info (via L.ROOT-SERVERS.NET): 204.74.112.1 TLD1.ULTRADNS.NET 204.74.113.1 TLD2.ULTRADNS.NET 199.7.66.1 TLD3.ULTRADNS.ORG 199.7.67.1 TLD4.ULTRADNS.ORG 192.100.59.11 TLD5.ULTRADNS.info 198.133.199.11 TLD6.ULTRADNS.CO.UK Link to comment Share on other sites More sharing options...
Jeff G. Posted October 14, 2005 Share Posted October 14, 2005 OK, I've stopped wondering. The Parser can resolve www.ultradns.info and www.savvis.info (the latter of which was stolen via UDRP) in spamvertised URLs. Link to comment Share on other sites More sharing options...
karlisma Posted October 17, 2005 Share Posted October 17, 2005 .... and then it can't again: suredoctor.info http://www.spamcop.net/sc?id=z816554620zde...fee45aa428c68bz same purple V.I.P. Online site. Maybe, they are tricking Your "the engine". Link to comment Share on other sites More sharing options...
Wazoo Posted October 17, 2005 Share Posted October 17, 2005 .... and then it can't again: suredoctor.info http://www.spamcop.net/sc?id=z816554620zde...fee45aa428c68bz same purple V.I.P. Online site. Maybe, they are tricking Your "the engine". 34329[/snapback] Nothing reeally 'new' ... again, web-site and DNS both hosted on the same system, bad NS records, etc., etc., etc. ... http://www.dnsreport.com/tools/dnsreport.c...suredoctor.info Link to comment Share on other sites More sharing options...
karlisma Posted October 18, 2005 Share Posted October 18, 2005 so, does this mean - no need to worry, because anyway, they will not do anything about this spamvertising act, and i should not refresh report page to resolve? Something like - no great deal, let them do what they're upto, we do not care etal? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.