- This topic is empty.
-
Posts
-
IP 80.249.99.18
CHECK 80.249.99.18 IN RBLSIP: 80.249.99.18
Reverse: jamie.ukinternetsites.comAliases: oneworldoneminute.com
xww.oneworldoneminute.com >>>
xconnectingvibes.com
xww.connectingvibes.com >>>
xww.sirseanconnerylookalike.co.uk >>>
xsirseanconnerylookalike.co.uk
xmonochrome-spirit.co.uk
xwww.monochrome-spirit.co.uk >>>
xfletchermunsoneffect.co.uk
xwww.fletchermunsoneffect.co.uk >>>
xwww.blacksabbath.co.uk >>>
xblacksabbath.co.uk
xwww.sbbo.co.uk >>>
xsbbo.co.uk
xwww.justart.co.uk >>>
xjustart.co.uk
xby-arrangement-gosport.co.uk
xwww.by-arrangement-gosport.co.uk >>>
xwww.jenkinfarm.co.uk >>>
xjenkinfarm.co.uk
xcitytailor.co.uk
xscotchalets.co.uk
xwww.scotchalets.co.uk >>>
xbrookparkfarmcattery.co.uk
xwww.brookparkfarmcattery.co.uk >>>
xwww.chaldonbooks.co.uk >>>
xchaldonbooks.co.uk
xwww.aweltd.co.uk >>>
xaweltd.co.uk
xwww.suffolk2cv.com >>>
xsuffolk2cv.comPrefix: 80.249.96.0/20
Prefix Name: PNAP NYC nildram routes NetConnex Broadband Ltd London, UK See AS21396 for more details PNAP NYC nildram routes
AS: 21396
AS Name: NETCONNEX NetConnex Broadband Ltd. – London, UKchaldonbooks.co.uk
a 80.249.99.18(GB) xjamie.ukinternetsites.comns ns1.internetbackbone.co.uk 66.70.21.143(US)
ns ns2.internetbackbone.co.uk 80.249.99.25(GB)
mx chaldonbooks.co.uk 80.249.99.18
greek39
california casino play cards online jeu virtuel de casino casino …… cds off | casino game casino game | online game poker online game poker | link http http://www.scrapesite.com link http http://www.scrapedsite.com | dress up …
california_casino.saltalaruleta.info/ – 165k – Cached – Similar pagesgran casino madrid palms hotel casino las vegas reno eldorado …… groupe tranchant casino groupe tranchant | link http http://www.scrapedsite.com link http http://www.scrapedsite.com | jeu casino casino francais en ligne jeu …
gran_casino_madrid.saltalaruleta.info/ – 166k – Cached – Similar pagesSource code
gran casino madrid video downlaod free jeu casino partouche casino jeu casino roulette download casino descarga pc grand casino tunica ms play casino poker online free games for pc casino vegas splendido online gamme atlantic casino city closing palm hotel and gold bingo strip poker free casino o net best free casino bonus real estate free simulated kasino online jobs at the mohegan sun casino bataille navale casino hotel las tropicana vegas beau rivage casino mississippi hide ip from party poker poker tournaments los angeles station casino las vegas nevada el dorado hotel and casino dvd free ware jeu pc strip poker free money casino code best chimpanzee poker series world fun online play poker poker java game casino indian seneca aladdin hotel casino vegas musik download best kasino gambling online play vegas casino online online auto parts boom town casino harvey bonus casino online play beat me up guide casino francais bonus casino deposit free no sign up casino online slot strong casino video poker gratis canadian patent
greek39
So who is this person? Well his legit site is ukinternetsites.co.uk. The whois I am using shows the following:
Domain name:
ukinternetsites.co.ukRegistrant:
Clarke DuncanRegistrant type:
UK IndividualRegistrant’s address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.Registrant’s agent:
UK Internet Sites Limited t/a British NIC [Tag = BRITISHNIC]
URL: http://www.britishnic.comRelevant dates:
Registered on: 05-Aug-2000
Renewal date: 05-Aug-2008
Last updated: 29-Jul-2006Registration status:
Registered until renewal date.Name servers:
ns1.internetbackbone.co.uk ……………same server where the spam is coming from
ns2.internetbackbone.co.ukI have just posted all the information needed to find a solution. My suggestion would be since CP is not responding is inform either the CIA or the FBI. Beleive me they would love to investigate this one. From what I know they would have a interest. Never know where things like this lead too.
CP I believe hired this company too send out spam email and scrape sites. I do have proof of wrong doing. I have complained via phone call about the scrapes recently and less than 24 hours later the page defaulted to google search. I know Google certainly didn’t do it, so who did? the answer seems quite apparent to me, it was CP.
In any case there is more info of course. I can only hope CP take this seriously.
I sorry about the cryptic logic behind this post but this is how I do it. If this can’t be understood by most then start investigating. I never compromise my own security.
greek39
I keep giving answers and yet there are no responses. Don’t take this personally but it is very rare I give out exact details. Now I have posted your answer it sits right in front of you. If you don’t understand perhaps try and figure out what I am saying.
I realize no one had ask me personally to provide answers, but please at least try and make sense of it. Being a webmaster is only one step learnning how to protect your property is the next.
greek39
This is how I receive my email. The mail travels through numerous of filters before it reaches me. It must have a propper score evaluation based on certain criteria I have installed in the program. This particular email I would class as seeder. Something if openned and actually hit my PC would be thrown into my host directory. Once embedded it would act as a key logger. The program gave it 33.5 points required points is 5.0. This email I would classify as dangerous.
Some do make it through and are terminated and encrypted by 212 and over written 10x.
Do not open these spam email, unless you know what you are doing.There was a post at the meister not to long ago. A member claimed to have received some cpays email spam. I looked at it and remembered thinking what a mistake that was. The email was riddled with viruses.
The lesson as it always has been do not open email if you do not know what it is. If you insist on openning it tranfer to folder.
Spam detection software, running on the system “greek39.com”, has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn’t spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.Content preview: Tenor? Cheap VlAfGRA http://xxx.kiloppasdetionjdedas.com
hot I dropped the polpettone into the glowing ashes. […]Content analysis details: (33.5 points, 5.0 required)
pts rule name description
—-
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
2.0 DATE_IN_PAST_96_XX Date: is 96 hours or more before Received: date
0.0 HTML_MESSAGE BODY: HTML included in message
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 1.0000]
2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
[82.226.70.95 listed in dnsbl.sorbs.net]
1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked – see <http://xxx.spamcop.net/bl.shtml?82.226.70.95>]
3.9 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[82.226.70.95 listed in sbl-xbl.spamhaus.org]
2.8 RCVD_IN_NJABL_SPAM RBL: NJABL: sender is confirmed spam source
[82.226.70.95 listed in combined.njabl.org]
3.8 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: kiloppasdetionjdedas.com]
4.1 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: kiloppasdetionjdedas.com]
2.1 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: kiloppasdetionjdedas.com]
3.0 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: kiloppasdetionjdedas.com]
4.5 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
[URIs: kiloppasdetionjdedas.com]The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it does contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.greek39
Here we go again… :rollover: :1circling
