» Spam from mass mailer Carnegie Sun, Zhang Jun and associates «

Spammers: News on Carnegie Sun, Zhang Jun and associates

July 2004

No news is good news…

Actually, I would be very surprised if he wasn't still churning them out, but I've locked down Ackadia against Spam so I see very, very little, and nothing from him and his "associates"

May 2004

May 8th

Amazingly, to me, this got past the initial filters during an update…

The easyest way to find the right person is to look where they are at.
It's "easiest", hmmm.
The dating web site CREATED BY WOMEN
Yes, right, and they aren't really mail harvesting, noooo!

abuddysetyouup.com IP: 202.102.245.125
Creation Date: 22-apr-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

April 2004

April 14th

Need time to work on other projects so, for now, I will block Carnegies junk.

Domain: findingsite.com
IP: 202.102.245.125
Creation Date: 8-apr-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

April 1st ~ 13th

Surprisingly, another one from Intimate-Travel.com. Link was dead mind.

Domain: thedatingsiteyouwilllove.com
IP: 202.102.249.20
Creation Date: 8-apr-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

(Message id)
Domain: sitetofindlove.com
IP: 202.102.249.20
Rest as above.

NOTE: This the one appears to have had trojan attached. (W32.Netsky.P@mm) I suspect.
Subject: anydrug
Body begans (random text ?): Package yourself from where your are going instead of where you have been. … Link was to ( www.boys555drugs.biz ) (His buddy: Upravlenije imenami Zamoras)

The same domain was also used for the regular Blind Date mail harvesting scams.



Domain: lookingforahotone.com
IP: 202.102.245.125
Updated Date: 23-mar-2004
Creation Date: 11-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn



Domain: datethewrongone.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: numberonedatingsite.com
IP: 202.102.249.20
Updated Date: 08-apr-2004 Creation Date: 08-apr-2004 Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Zhengzhou Telecom bureau Multimedia Information Bureau,, Zhengzhou city, Henan Provice
e-mail: antispam@public.zz.ha.cn



Domain: lovetobewithanyone.com
IP: not found
Updated Date: 05-apr-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.



Domain: loveromanceandflowers.com
IP: 61.186.254.82
Updated Date: 26-mar-2004
Creation Date: 26-mar-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: singlesarethebest.com
IP: 219.153.1.173
Updated Date: 01-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: loveromeoandjulietstyle.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

March 2004

March 28th ~ 31st

Domain: browsingformylove.com
IP: 61.186.254.82
Creation Date: 26-mar-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: nomorebeingalone.com
IP: 211.99.38.55
Updated Date: 17-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

March 17th ~ 27th

Domain: gettingadateisthehardpart.com
IP: (not live yet)
Updated Date: 26-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun

(not live yet)



Domain: wanttogetadate.com
IP: 219.153.1.173
Updated Date: 01-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: needtogetadate.com
IP: 211.99.38.55
Updated Date: 17-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: lookingtobemarried.com
IP: 211.99.38.55
Updated Date: 17-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: winningadateonline.com
IP: 219.153.1.173
Updated Date: 01-mar-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: careaboutsomeone.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: datefrom.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: lovelifetrouble.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn



From:
Domain: Lookingtostayoutoflovetrouble.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn



Body:
Domain: datearoundtheworld.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Unsubscribe (which is identical to almost every other page….) :
Domain: complainaboutdating.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: instantmatchdating.com
IP: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Updated Date: 07-mar-2004
Creation Date: 22-jan-2004
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

March 15th

The most important detail about [ hottiesgalore.com ] - and a few others recently is this address in the message:
ste# 126 4-1150 N. Terminal Ave. Nanaimo, British Columbia V9S 5L6 Canada
Seen that before a few times.
In the long run, just makes it easier to bury this lot when I bring it all together.

Domain: hottiesgalore.com
IP: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

March 10 ~ 14th

Domain: needtofindlovechat.com
IP: 219.153.5.76
Creation Date: 23-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



As unsubscribe to above:

Domain: fightnottobesingle.com
IP: 66.216.74.58
Updated Date: 02-mar-2004
Creation Date: 20-feb-2004
Registrar: NAMEVIEW, INC. (Whois Server: whois.nameview.com)
Host is: DMNI, PO Box 5843, Fort Lauderdale, FL, 33310

*blink*
Name not found!
Appears to be a held domain… I'll check later, if I remember

Domain: dontdateajerk.com
IP: 211.99.38.55
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: alotofdating.com
IP: 219.153.4.11
Updated Date: 27-feb-2004
Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: ChinaNet Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: lookingtosavemylovelife.com IP: 202.102.245.125 Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn



Domain: findingtherightmanorwoman.com
IP: 211.99.38.55
Updated Date: 2-feb-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

Tues, March 9th

Domain: findingtherightdatingservice.com
IP: 211.99.38.55
Updated Date: 2-feb-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: lookingforloveindifficultplaces.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

Mon, March 8th

I see so much Spam from Zhang that I've ceased counting them. A dozen different domains a day, every day is normal. However, this one below from a mortgage scam perked me up, seeing as he claims a US address.
Incidentally, another from him had scores of cc:'s in the header!

Domain: lowerrates4you.com
IP: 61.145.118.240
Updated Date: 02-mar-2004
Creation Date: 26-feb-2004
Registrar: GANDI
Person: Zhang Jun, Saving First, PO Box 66, 98270, Marysville, Washington, United States of America
phone: +1.4255080670
e-mail: joejoe198023@yahoo.com

Host:CHINANET Guangdong province network
e-mail: anti-spam@ns.chinanet.cn.net
e-mail: ipadm@gddc.com.cn

Sat, March 6th

domain: lookingforlostsouls.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan province multimedia information bureau
e-mail: antispam@public.zz.ha.cn

Wed, March 3rd

Domain: wanttogetinvolvedinalovelife.com
IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: matchingmaking.com
IP: host not found - no nameserver
Updated Date: 05-feb-2004
Creation Date: 07-jan-2004
Status: REDEMPTIONPERIOD
Registrar: BULKREGISTER, LLC.

Again, sent via one of Paul Cotton's 'SafetyNet / Joinin.com domains - http://akkadian.com/ interestingly enough!

Tues, March 2nd

Domain: lisforlove.com
IP: 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan provice multimedia information bureau
e-mail: antispam@public.zz.ha.cn


Sender was [anytimenow.com] - Conveniently… Updated Date: 27-feb-2004
Brennan, James, Unit 7, Midshires Business Park, Smeaton Close, Aylesbury, Bucks HP19 8HL, GB
Tel: 44 0845 6448161 email: (james@redkitesolutions.com)
Hmmm. Can't decide if he was spoofed or not. I reckon so.

Monday March 1st

Domain: afriendlinedyouup.com
IP: 219.156.0.0   and   219.153.4.11
Updated Date: 27-feb-2004
* Creation Date: 25-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CNCGROUP Henan province network
e-mail: abuse@cnc-noc.net
e-mail: antispam@public.zz.ha.cn

* Yet again BulkRegister apparently show their commitment to habouring Spammers!

As long as they pay on time, I premise! Unless BulkRegister is Carnegie and co.!? No never know!
Clearly, demonstratedly and repeatedly they have sold 'him/them' hundreds if not thousands of domains in the full understanding and knowledge that they are being used wholly for Spamming…

From "stupidlovelife.com" on behalf of [ vpage305rx.biz ]
Registrant: Upravlenije imenami Zamoras, Ulbrokas 7 k.1, Pasta kaste 233, Riga, Riga, LV 1021, Latvia
Email: admin@gohsadsa.biz

February 2004

Sun 29th

Domain: wanttofindlove.com
IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

One of these was advertising "Vkiagra" for [ effectiveherbs.com ]
Created 29-Nov-2003, Updated Date: 25-feb-2004
Registrant: Vong Junjie, 572 Qinjian Road, Jiaxing, ZHEJIANG 314000, CN (email: lolitafans@hotmail.com)

Fri 27th

Filtered almost all the dregs out, but I'll letting this one in for now!

Domain: stupidlovelife.com IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd

My copy was sent by [ postitmail.com ] Tim Hall of Email Everyday (timhall@4hismail.com)
Another reported to me was sent by: UltimateEmail.com, Inc (Tech@UltimateEmail.com & Admin@UltimateEmail.com )

Thurs 26th

Rewrote my filters. I'll see a lot less from these now, espically Zhangs, put I will allow a number of Carnegies through to keep at eye on him!

Domain: stayingoutoftrouble.com
IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: gonebutnotforgottenlove.com
IP: 202.102.245.125
IP: 219.153.4.11
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Henan provice multimedia information bureau
email: antispam@public.zz.ha.cn



Others from Zhang included:
sw4decz.com
saving-for-you.com/
ffr3ws.com

(However "improvedpills.com" was registered to Vong Junjie
[ 572 Qinjian Road, Jiaxing, ZHEJIANG 314000, CN (lolitafans@hotmail.com) ]
The Host is Whythe-Internet, one commonly used by a group of software pirates.

Extremely inappropriate material also come from Carnegie and co. via [ happyhappy.us ]
Owner: "Unknown", 3380 Vets Hwy, Bohemia, New York, 11756, United States, US, +1.6316925555, [ email: admin@heywazup.us ]

Monday 23rd

You know those daft, meaningless religious Spam. They are linked to this clown and his 'affiliates too!"

Domain: todateornottodate.com
IP: 219.153.4.11
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Chongqing province network



Domain: accessiblepeopletodate.com
IP: 61.186.254.82
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Chongqing province network



Domain: blinddatinglove.com
IP: 219.129.20.254
Creation Date: 11-feb-2004 Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Guangdong province network

Another, offering dodgy car insurance, was from Zhang [ auto-warranty-quotes.com ]
Created for the purpose, naturally … Creation Date: 05-feb-2004 - Registrar was Joker.com
Sender was shannamonterrosa@v-sexi.com
Of equal note was the senders address at the bottom of the Spam…
It appears Mr Carnegie has a new name and address to trade under…

Ensin Wind, LTD, 65B les tides Blvd, Suite 5874, Laval QC H7M 2M5, Canada

Others from Zhang include:
rredd43.com (created: 05-feb-2004) (Registrar: BIZCN.COM, INC.) (jimmy@bizcn.com, abuse@bizcn.com)
edas53pha.com (ditto)

Another cames from one of UltimateEmail.com, Inc 's sites. I'm watching them beggers too!
A few more here like "From" [ igotanewjob.com ] are beginning to link them to Spammer [ UltimateEmail.com, Inc ]. The name fits the pattern too.

Sunday 22nd Feb

WooHoo! More dirt on Carnegie, compliments of Walt…

Paul -

Found the 'Carnegie Sun' spammer mentioned on your site. I also have been receiving a lot of that spammer's junk.

The 'mothership' for this spammer appears to be www.instantblinddate.com, at IP 64.39.19.154, hosted by rackspace.

Compare the graphics in any of the Carnegie Sun spams to the graphics at instantblinddate.com and you will see they are the same.

instantblinddate.com has an 'affiliate" program'; this could be a spamming affiliate, or instantblinddate.com themselves.

Regards,
Walt

I've been looking for something like this for a while. Given the sheer number of sites and Spam, there had to be a network of some sort in place. When I can find the equivalent for Zhang Jun we'll be another step closing to nailing this lot. Note the creation date. Obviously this scam has been going on for quite a long time.

Domain: instantblinddate.com
IP: 64.39.19.154
Updated Date: 19-nov-2003
Creation Date: 26-nov-2002
Registrar: BULKREGISTER, LLC.
Administrative Contact :Instant Blind Date, P.O. Box 398, Nassau, 1, BS
email: admin@instant-blind-date.com
Phone 242-248-8378
email for "affilites: affiliates@instantblinddate.com
Host: Rackspace.com, 112 E. Pecan St., Suite 600, San Antonio, TX, 78205, US
email: abuse@rackspace.com

Domain: someonetoloveishardtofind.com
IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

(unsubsubscribe was Zhang's [ amilsdcx.com ]
Another - advertising pharmaceutical was from [ techmaximal2779drugs.biz ]
The owner is claimed to be Upravlenije imenami Zamoras of Latvia [ email admin@gohsadsa.biz ]


(Typed it in as someontoloveisneeded.com !)
Domain: Someonetoloveisneeded.com
IP: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn

Spam was advertising more pharmaceutical for [ leman9868pills.biz ]
The owner is claimed to be Upravlenije imenami Zamoras of Latvia [ email admin@gohsadsa.biz ]



Zhang's include:
nbhy7u.com
and many more including:

From: allpharmess.com (Zhang)…
…with pharmaceutical Spam for [ getcheapdrugs.biz ]

I knew I'd link these two beggers sooner or later.
This means what exactly?
My by estimates up to 10% of *ALL* Spam is coming from this one person/company/group of 'affiliates'
i.e. I average 130 Spam a day at the minute - most days these account for 10-20 of them, perhaps more!

Domain: getcheapdrugs.biz
IP: 200.233.0.6
Registrar: Florida based IHolding.com, Inc. dba Dotregistrar.com
Registrant: (Hidden by SafeBilling Inc ( email: russia@safebilling.org)

Note… DotRegisters T&C forbid..
ii) Using domain names registered through DotRegistrar to send unsolicited mass mailings of a commercial nature to Internet users, e.g., spamming;
Dotregistrar.com (email: jp@dotregistrar.com   Try also abuse@dotregistrar.com)


The title of SafeBilling.org - before being whisked to "http://ya.ru/" - is "We keep your money safe"
Yandex Technologies Ltd. - Yandex LLC Network Operations - ( Spam issues: abuse@yandex.ru )
Now you know where to forward the countless getcheapdrugs.biz we see every day!

21st Feb

You know the most depressing thought? Day in day out, over several rashes of Spam, they make enough money from gullible people buying the pills to afford to be able to set up and discard 2-3 domains every time!

Domain: remembermylovelife.com.
IP addresses: 211.99.38.55
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: dateiwanttoget.com
IP addresses: 61.186.254.82
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: onlineservicesfordating.com
IP addresses: 219.153.1.173
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

Note - again we see velnet.com in the header for this Spam.
It came via ISP Cableonda.net (gblx.net(   Spamcop reported:
"ISP has indicated spam will cease ISP resolved this issue sometime after Sat, 21 Feb 2004 22:10:19 UTC"

Domain: beingwithout.com
IP address: 219.129.20.254
Creation Date: 11-feb-2004
Registrar: BULKREGISTER, LLC.
Owner: Carnegie Sun
Host: CHINANET Guangdong province network
e-mail: anti-spam@ns.chinanet.cn.net
e-mail: ipadm@gddc.com.cn

Note: Again, we see Zhang Sun offering to unsubscribe via amilsdcx.com


Zhang's for the day include:
88care.com
allpharmess.com
crerided.com
dd3efr.com
dfruddd.com
filemeds.com
hrmeds.com
nbpharms.com
shoulpharm.com
syetdmmeds.com
pharmesw2.com
roninnz.com
zazs3v.com

Getting later, as ever I'll have to erase the rest. You see the point though. All these above are the onces that got as far as the third set of Anti-Spam filters - and I still don't have enough hours in a day to trace them all!

20th Feb

You know the most depressing thought? Day in day out, over several rashes of Spam, they make enough money from gullible people buying the pills to afford to be able to set up and discard 2-3 domains every time!

selfaddcfrt.com
decedse.com
shoapc.com
cvewals.com
vcvcfb.com


Domain: singleslovetodate.com
IP: 219.153.1.173
Registrar: BULKREGISTER, LLC.
Creation Date: 22-jan-2004
Owner: Carnegie Sun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: beingabletodate.com
IP: 219.129.20.254
Registrar: BULKREGISTER, LLC.
Creation Date: 11-feb-2004
Owner: Carnegie Sun
Host: CHINANET Guangdong province network
e-mail: anti-spam@ns.chinanet.cn.net
e-mail: ipadm@gddc.com.cn

19th Feb

Domain: realityofdating.com
IP addresses: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn
e-mail: bjth@btamail.net.cn



Domain: datingonlineisbest.com
IP: 61.186.254.82
Registrar: BULKREGISTER, LLC.
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: datingaccessiblepeople.com
IP: 61.186.254.82
Registrar: BULKREGISTER, LLC.
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: dauntinglovelife.com
IP: 202.102.245.125
Registrar: BULKREGISTER, LLC.
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: Henan provice multimedia information bureau, Zhengzhou city, Henan Provice, CN
e-mail: antispam@public.zz.ha.cn
email: zhail@email.online.ha.cn

Appears our Mr Sun has a new lackey/associate in China to help him with his scams. I've seem a few others by the person below in recent days and finally tied them together with one of todays spam…

Domain: medsfactory.com
IP: 217.69.123.139
Registrar: ENOM, INC
(complain with abuse@enom.com)
Updated Date: 14-feb-2004
Creation Date: 29-nov-2003
Administrative Contact: Vong Junjie, 572 Qinjian Road, Jiaxing, ZHEJIANG 314000, CN
email: lolitafans@hotmail.com
tel +86.13505739091
Host: Whythe-Internet customer network, Russia
email: abuse@@Whythe-Internet.com



rfcr5d.com
219.153.1.216
Registrar: DIRECT INFORMATION PVT. LTD., DBA DIRECTI.COM
Creation Date: 14-feb-2004
Registrant: zhang jun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



ws2sxd.com
219.153.1.216
Registrar: DIRECT INFORMATION PVT. LTD., DBA DIRECTI.COM
Creation Date: 14-feb-2004
Registrant: zhang jun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

Mr Zhang is going through so many domains business must be really brisk. As those silly people answering Spam and encouraging them to continue. I'm undecided in the names mean something in Chinese or they are using you many they have a random generator creating them!
In future I'll just give the domain for him. This is in getting silly! And yes, that is over a dozen more I picked out of this mornings email… Begger that for a game of soldiers. Killing everything using ISO-8859-1 in the subject line.

denomyyu.com
dsffer3w.com
dssasxw.com
ffjjfexcecd.com
kkuut.com
sdce3w3.com
sdxd3e.com
toolkyytg.com

awwzhange.com - ?
dssasxw.com - ?
pouustd.com - ?
qqmeds3.com - ?
sspharmes.com - ?

18th Feb

Domain: blinddatingreality.com
IP: 202.102.245.125
Registrar: BULKREGISTER, LLC.
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: Henan provice multimedia information bureau, Zhengzhou city, Henan Provice, CN
e-mail: antispam@public.zz.ha.cn
email: zhail@email.online.ha.cn



Domain: needtogetalovelife.com
IP: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: spedwee.com
IP addresses 219.153.1.216
Registrar: XIN NET CORP
Creation Date: 11-feb-2004
Registrant: zhang jun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: 4eddbed.com
IP addresses 219.153.1.216
Registrar: XIN NET CORP
Creation Date: 11-feb-2004
Registrant: zhang jun
CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: cmmeds4.com
IP addresses 219.153.0.70
Creation Date: 11-feb-2004
Registrar: XIN NET CORP
Registrant: zhang jun
CHINANET Chongqing province network
e-mail: anti-spam@ns.chinanet.cn.net
notify: abuse@cta.cq.cn



Domain: cxcwemd4.com
IP: 219.153.0.70
Registrar: DIRECT INFORMATION PVT. LTD., DBA DIRECTI.COM
Creation Date: 13-feb-2004
Registrant: zhang jun

Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

16th Feb 2004

From: aliceinchainsmail.com
IP addresses:
66.150.161.135
69.25.27.170
66.150.161.134
66.150.161.136
66.150.161.140
66.150.161.141
66.150.161.133
69.25.27.171
Which is : UltimateEmail.com, Inc
. Contact, 222 West Walnut Ave. Suite B, El Segundo, CA 90245 US
Phone: +1.3103223458 (FAX) +1.8014576747     Admin@UltimateEmail.com
It is Registered through: domainbank.com
I tend to read 'Registered through' as We need to hide our details so you can't complaint about us!
This is hosted via : Dotster.com, 11807 NE 99th Street, Suite 1100, Vancouver, WA, 98682, US


Being Canadian, you tend to notice little fobars like the fact Vancouver is in British Columbia, not Washington…
I do remember some nonesense about a Canadian town being classed as American. I'll have to look into that. Something stinks, eh!
TechPhone: +1-206-256-9500 ( ~ Vancouver is area code 604. Seattle however, is area code 206…)
TechEmail: noc@internap.com
OrgAbuseEmail: abuse@internap.com

In body:

Domain: aoodlkd.com
IP address: 219.153.1.216
Registrar: XIN NET CORP
Creation Date: 11-feb-2004
Registant: Zhang Jun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net


And unsubscribe was:


Domain: diffrs.com
IP address: 211.96.97.169
Registrar: XIN NET CORP
Creation Date: 06-feb-2004
Registant: Zhang Jun
Host: HUI TE GONG SI, CHENGDU CITY,SICHUAN PROVINCE
address: 911 Room,Xin Tong Center,No.8 Beijing Railway Station
address: East Avenue, Beijing,PRC. China
email: ip_address@cnuninet.com



Domain: ssce45.com.
IP address: 219.153.1.216
Registrar: XIN NET CORP.
Creation Date: 11-feb-2004
Registrant: zhang jun
Host: CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Yet again used as from : v-sexi.com
Updated Date: 07-apr-2003
Creation Date: 09-apr-2000
Expiration Date: 09-apr-2004



Body was possibileaspects.com and shordrive.com
Owner is: BR IT Consulting
Registered through: GoDaddy.com
Creation Date: 02-feb-2004 and 05-feb-2004 respectively.

These I have not associated with Carnegie, but v-sexi.com I am tying to, so I'll include it here for now.


Another one from these had froms off:

utoometoo.biz
Creation Date: 22-jan-2004

wallacerights.com
Creation Date: 05-feb-2004


Registrant Leni Neto,
BR IT Consulting, Av Cons Nebias, 340 Cj 64, Santos, Sao Paulo, 11015-002, Brazil
Tel: +55.1332235453     lneto77@uol.com.br


Both with GoDaddy…


GO DADDY SOFTWARE, INC. anti-spam policy:
https://www.godaddy.com/gdshop/no_spam.asp

To report spam abuse, email Abuse@godaddy.com or visit https://www.godaddy.com/gdshop/spamreport/spamreport.asp



velnet.com (used with lovingforlife.com Blind Date Spam)

Domain: tacomail.com (used with needtobealone.com Spam)
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE (report to: domain-admin@melbourneit.com.au)
Updated Date: 11-jun-2003
Creation Date: 30-may-2000
Expiration Date: 30-may-2004

Admin/Owner: Paul Cotton, SafetyNet Systems Ltd, PO Box 162, Aberystwyth, SY23 4WH, Ceredigion, UK
Admin Email………. paulc@joinin.com


Ever again, we see the sender as SafetyNet Systems Ltd, this time in the form of:
Domain: pammy.com
IP addresses 66.17.131.35 and 64.29.16.227
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Updated Date: 03-feb-2004
Creation Date: 22-feb-2001
Expiration Date: 22-feb-2005


Clearly, to me, SafetyNet acting like a front company, playing on the fact most people (now) assume the sender is always spoofed….

Yet another Carnegie Sun…

Domain: blinddatinghappiness.com
IP Address: 202.102.245.125
Updated Date: 26-jan-2004
Registrar: BULKREGISTER, LLC.
Creation Date: 22-jan-2004
Owner: Carnegie Sun - reg@carnegiesun.com
Henan provice multimedia information bureau,
e-mail: antispam@public.zz.ha.cn
changed: zhail@email.online.ha.cn



Note the clear use of Zhang Jun's [ amilsdcx.com ] as the unsubscribe…
Registrar: XIN NET CORP. ( report to: liwei@chinadns.com )

Again we see SafetyNet covering for Carnegie…
From: fairyqueen.com
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Updated Date: 03-feb-2004
Creation Date: 14-feb-2001
Admin Address…….. SafetyNet Systems Ltd
Host: Dialtone Inc. (report to manolo@dialtone.com)

Domain for Blind Date used here was: needtobealone.com

12th Feb 2004

Here's 51st domain onwards I've tied to the Blind Date Spammer 'Carnegie Sun' and associates to…
Comments to follow:

Domain: aguytyemdse.com
IP address: 219.150.150.161
Registrar: DIRECT INFORMATION PVT. LTD., DBA DIRECTI.COM
Creation Date: 09-feb-2004
Registrant: zhang jun
Host: Myzone.cn, Henan Telecom Cor. Ltd, Zhengzhou City, Henan province
e-mail: ip@hntele.com



qmedsr54re.com
IP address: 219.150.150.161
Registrar: DIRECT INFORMATION PVT. LTD., DBA DIRECTI.COM
Creation Date: 09-feb-2004
Registrant: zhang jun
Host: Myzone.cn, Henan Telecom Cor. Ltd, Zhengzhou City, Henan province
e-mail: ip@hntele.com



Domain: Datingonlineisgreat.com
IP address: 61.186.254.71
Registrar: BULKREGISTER, LLC.
Creation Date: 22-jan-2004
Registrant: Carnegie Sun
descr: China Telecom, CHINANET Chongqing Province Network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain: a11zing29.com
IP address: 61.242.169.12
Registrar: INTERCOSMOS MEDIA GROUP, INC. D/B/A DIRECTNIC.COM
NOTE:Name Server: NS0.HOTTOYZ.BIZ
Updated Date: 11-feb-2004
Creation Date: 04-mar-2003
Expiration Date: 04-mar-2004
Registrant: Chrisolas Marketing Intl Inc, 404-999 Canada Place, Vancouver, BC v6c3e2, CA
tel: 1 604 641 1393
Hansen, Randy
email: admin@chrisolasglobal.com
Host: China United Telecommunications Corporation, Beijing email: hostmaster@apnic.net email: ipas@cnnic.net.cn e-mail: ip_address@cnuninet.com

Note: I've formally reported this Randy Hansen to the FTC twice!

Domain: Needalovelifeintheworstway.com
IP address: 211.99.38.55
Registrar: Bulk Register, LLC
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
descr: Isp,Icp
e-mail: support@bj160.com.cn



Domain: Lovetobeonline.com.
IP addresse:219.153.1.173
Registrar: Bulk Register, LLC
Creation Date: 22-jan-2004
Owner: Carnegie Sun
Host: China Telecom, CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
email: anti-spam@ns.chinanet.cn.net



Domain: Canyoudatesomeoneavailable.com
IP address: addresses 61.186.254.82
Registrar: Bulk Register, LLC
Creation Date: 22-jan-2004
Owner: Carnegie Sun
Host: China Telecom, CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
email: anti-spam@ns.chinanet.cn.net

Here's the 40th through about 50th domain I've tied to the Blind Date Spammer 'Carnegie Sun' and associates to…
Comments to follow:

From:
Domain: v-sexi.com
: Record last updated on 07-Apr-2003.
Record expires on 09-Apr-2004.
Administrative Contact: Odurinde, Temi ( temi@velnet.com )
Registrant: Velnet Limited, 72 Park Grove Road, London, Oxon, England E11 4PU

Again we have a domain used more than a few times. Perhaps this is a pattern, I don't know. All I know it the more I follow this Sun/Jun the less I trust anyone who's names pop up more than once.

Addenda 16th Feb: Crops up several more time. I will be reporting these to local authorities

Domain Name:amilsdcx.com
Registrar: XIN NET CORP.
Status: REGISTRAR-HOLD
Updated Date: 06-feb-2004
Creation Date: 02-feb-2004
Registrant: zhang jun, P.O. BOX 38, 118000 ( spring2004@126.com )



Domain: touchd4d.com
IP address: 219.153.1.215
Registrar: BIZCN.COM, INC
. Creation Date: 01-feb-2004
Registrant: zhang jun, P.O. BOX 38, 118000 ( spring2004@126.com )
Host: China Telecom, CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Touchd4d.com Redirects to:
Domain: we4rdx.com
IP address: 219.153.1.215
Status: ACTIVE
Creation Date: 01-feb-2004
Registrant: zhang jun, P.O. BOX 38, 118000 ( spring2004@126.com )
Host: China Telecom, CHINANET Chongqing province network
e-mail: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net



Domain Name: Bestmortgate-quote.com
IP address: 66.194.152.0.1
Registrar: COMPUTER SERVICES LANGENBACH GMBH DBA JOKER.COM
Creation Date: 05-feb-2004
owner: zhang jun, P.O. Box 38, dandong, Liaoning, 118000, CN
email: someone2here@yahoo.com
Host: Infinitum Technologies Inc, 111 North Orange Ave., Suite 1050, Orlando, FL
OrgAbuseName: Time Warner Telecom Abuse Desk
OrgAbusePhone: +1-800-898-6473
OrgAbuseEmail: abuse@twtelecom.net



blinddatingbliss.com
addresses 202.102.245.125
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrar: BULKREGISTER, LLC.
Administrative Contact: Carnegie Sun: reg@carnegiesun.com
Host: Henan provice multimedia information bureau,
person: Liping Zhong
email hostmaster@email.online.ha.cn
e-mail: antispam@public.zz.ha.cn



Domain: wantaniceperson.com.
IP address: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Status: ACTIVE
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Host: Beijing FeiHua Communication technology.Co,Ltd
person: Tang Hua
email: bjth@btamail.net.cn
e-mail: support@bj160.com.cn



From for the next one was : velnet.co.uk
Lookup failed, but they are live and hosted with Tiscali, it seems
Registered on: 10-Jan-2000
Renewal Date: 10-Jan-2006
Last updated: 25-Nov-2003
Registrant: Temitope Odurinde
c/o Internet Technologies Europe Ltd, London, N4 3GG

And Velnet pops up again… Perhaps they were spoofed yet again, but I'm cynical, what can I say! For the record, certainly they seem like a legitimate company.




Addenda 16th Feb: Crops up several more time. I will be reporting these to local authorities

Domain: curbbde.com
IP address: 219.153.1.215
Registrar: BIZCN.COM, INC.
Status: ACTIVE
Creation Date: 01-feb-2004
Registrant Contact: zhang jun ( spring2004@126.com )
Host: China Telecom, CHINANET Chongqing province network
Abuse E-mail : abuse@cta.cq.cn

This next domain appears as the From: address pharmacy Spam from [amilsdcx.com] and [touchd4d.com]…

Domain Name: I-LOVE-CATS.COM
Registrar: NAMESECURE.COM
Updated Date: 11-feb-2004
Creation Date: 26-aug-1999
Expiration Date: 26-aug-2007

All things being equal, I'm rather unfair including this… To be honest, it looks like and may well be an genuine site being spoofed, but given it was updated a day before it spammed me, it makes be wary! Consider this part of my suspicious nature, rather than a slur on an animal loving domain…

Domain Name: needalovelife.com
IP Address: 211.99.38.55
Registrar: Bulkregister.com LLC
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Registrant: Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: lovingtrouble.com.
IP address: 211.99.38.55
Registrar: Bulkregister.com LLC
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain: datingonlinetoget.com.
IP address: 61.186.254.82
Registrar: Bulkregister.com LLC
Creation Date: 22-jan-2004
Owner: Carnegie Sun
Host: China Telecom, CHINANET Chongqing Province Network
email: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

Here's the 39th through (at least) 40th domains I've tied to the Blind Date Spammer 'Carnegie Sun' and associates to…
Comments to follow:

From:
Domain: likeireallycare.com
IP addresses 64.7.200.22
Updated Date: 08-jan-2004
Creation Date: 10-feb-2000
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Owner: Vortal Group Inc., 10061 Talbert Ave, Fountain Valley, 92708, CA, US
Admin Email: amann@vortalgroup.com

Again, where Spam in concerned, I am rather dubious about "coincidences".
As such, whilst I can't see a direct link I personally suspect these may be associated with or tied to Carnegie Sun and Co. in some way. The being used twice, recent updates just before Spamming (being spoofed?) use of none native registrars…

Domain Name: LOVINGFORLIFE.COM
IP Address: 211.99.38.55
Registrar: BULKREGISTER, LLC.
Updated Date: 26-jan-2004
Creation Date: 22-jan-2004
Owner, as ever, Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
email: bjth@btamail.net.cn
e-mail: support@bj160.com.cn



From: Domain: Poppet.com.
IP Addresses [ 66.17.131.35 ] [ 64.29.16.227 ]
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Updated Date: 27-sep-2003
Creation Date: 26-sep-2000
Admin Name: Paul Cotton
Owner: SafetyNet Systems Ltd, PO Box 162, Aberystwyth, SY23 4WH, Ceredigion, UNITED KINGDOM
Email: paulc@joinin.com

Again, where Spam in concerned, I am rather dubious about "coincidences"
As such, whilst again, I can't prove a direct link I personally believe these may be associated with or tied to Carnegie Sun and Co.
The question I - thus you - have to ask is this. Why, for the second time in days, is a domain of theirs used as the From in a Spam to me.
We have a Welsh company, hosted in Texas, using an Australian Registrar and hosting domains in Florida….
No-one else see that as strange? And that's just this one. I will be back tracking though the hundreds of other Spam I have for further ties.
If you are curious, the last one was from Taureans.com (again hosted in Florida), used in a mortgage Spam from Frank Downs (cybermediapro@excite.com), also of Florida.

66.17.131.0.1… Colo4Dallas LP,2000 Irving Blvd, Dallas, TX, 75247, US
64.29.16.227… Dialtone Inc., 4101 SW 47th Ave, Suite 101, Davie, FL, 33314, US

Domain: gettinganonlinedate.com.
IP address: 61.186.254.82
Registrar: BULKREGISTER, LLC.
Owner: Carnegie
Creation Date: 22-jan-2004
Host: China Telecom, CHINANET Chongqing Province Network
send spam reports to abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

Here's the 32nd through 38th domain I've tied to the Blind Date Spammer 'Carnegie Sun' and associates to…
Comments to follow:

Domain Name: lotsoffishinthesea.com
IP Address: 219.153.1.173
Creation Date: 22-jan-2004
Registrar: Bulk Register, LLC
Owner Carnegie Sun
Host: China Telecom, Chongqing province network
email: spam reports to abuse@cta.cq.cn
email: anti-spam@ns.chinanet.cn.net



Domain Name: Meforthewildlife.com
IP address: 219.153.1.173
Creation Date: 22-jan-2004
Registrar: Bulk Register, LLC
Owner Carnegie Sun
Host: China Telecom, Chongqing province network
email: spam reports to abuse@cta.cq.cn
email: anti-spam@ns.chinanet.cn.net



Domain Name: Seeingahottie.com
IP address: 211.99.38.55
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Registrar: Bulk Register, LLC
Owner Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
e-mail: support@bj160.com.cn



Domain Name: Lookingtomakeamatch.com
IP Address: 202.102.245.125
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Registrar: Bulk Register, LLC
Owner Carnegie Sun
Host: Henan provice multimedia information bureau,
email: hostmaster@email.online.ha.cn
email: antispam@public.zz.ha.cn



Domain Name: Wantaniceperson.com
IP Adress: 211.99.38.55
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Registrar: Bulk Register, LLC
Owner Carnegie Sun
Host: Beijing FeiHua Communication technology.Co,Ltd
email: bjth@btamail.net.cn
email: support@bj160.com.cn



Domain: soldrupfvc.com.
IP address 61.241.149.233
Registrar: XIN NET CORP.
Whois Server: whois.paycenter.com.cn
Creation Date: 02-feb-2004
Registrant:zhang jun, P.O. BOX 38, dan dong Liaoning, 18000, CN
tel: 86 415 6169599
fax: 86 415 6169599
email: spring2004@126.com
Host: AH-MAANSHAN-ZHENGFUXINXIZHONGXIN, Beijing
e-mail: ip_address@cnuninet.com



Domain: bacconed.com
61.241.149.231
Registrar: BIZCN.COM, INC.
Updated Date: 01-feb-2004
Creation Date: 26-jan-2004
Registrant: zhang jun
Host: AH-MAANSHAN-ZHENGFUXINXIZHONGXIN, Beijing
e-mail: ip_address@cnuninet.com

Here's 31st domain I've tied to the Blind Date Spammer 'Carnegie Sun' to…
Further material from this person involved farm animals. Nuff said!

Domain :www.who0z22.com
IP Address: 24.232.59.105
Updated Date: 28-jan-2004
Creation Date: 28-jan-2004
Registrar: Computer Services Langenbach Gmbh, DBA Joker.com
Status: ACTIVE

organization: Roan
owner: Mas
email: mrxpap@cosmology.org
address: 173823
city: Alan
state: --
postal-code: Eu0921
country: PW

Querying whois.arin.net with "24.232.59.105"…

status: reallocated
Host: Cablevision S.A., Buenos Aires
email: Patricio Latini [ platini@fibertel.com.ar ]

'Registration details are obviously honest and reliable then', he says, sarcastically.

The site is real enough, and shepherds you towards a more adult domain [ extremexxxfootage.com ] offering (at the moment) videos of the Paris Hilton…

This is hosted in Beijing and registered by Tucows to:
PowerZest IT Ltd, 37b New Cavendish Street, London, W1G 8JR, UK.
Looking at the owners home domains ( powerzest.com, pzest.com ) takes you to an American seeming website…
USA Toll Free - 1-800-447-6439

As these things are measured, despite your moral views, it's a viable and rather lucrative business.

(Apparently) hiring Spammers to promote your business is another matter, one I will be taking up with the Metropolitan Police on Monday.

Incidentally, the email was from:

Domain: guysarestupid.com
Registrar: BulkRegistar, LLC
Updated Date: 06-feb-2004
Creation Date: 13-feb-2000
Owner: Vortal Group Inc., 10061 Talbert Ave, Fountain Valley, ca 92708, US

Again, one sees a tie. Spammers don't generally spoof the same domain twice in a row, as far as I'm aware…

The unsubscribe was, again, [ nepzzz.com ]

Here's numbers 28 thru 30 used by Spammer Carnegie Sun and associates.

Domain: Needtogoout.com
IP address: 211.99.38.55
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004

Owner / Registrar: Carnegie Sun and Bulkregister.com

Host: Beijing FeiHua Communication technology.Co,Ltd
email: bjth@btamail.net.cn
email: support@bj160.com



Domain: ilovetoblinddate.com
IP : 202.102.245.51
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Owner / Registrar: Carnegie Sun and Bulkregister.com

Querying whois.apnic.net with "202.102.245.51"…

Host: , 70 nongye road, Zhengzhou city, Henan Provice 450002, China.
e-mail: antispam@public.zz.ha.cn
changed: zhail@email.online.ha.cn 20001124



Domain Name: Fishinginlove.com
IP Address: 61.186.254.82
Registrar: Bulkregister.com LLC
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

Host: China Telecom, Chongqing Data Communication Bureau
notify: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net

Here's numbers 27 used by Spammer Carnegie Sun and associates.
This was actually given as the 'unsubscribe' and appears to be based in China. An associate, perhaps.

Domain Name: Nepzzz.com
Updated Date: 30-jan-2004
Creation Date: 04-jan-2004
IP: None, held
Registrar: XIN NET CORP.
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.paycenter.com.cn
Status: REGISTRAR-HOLD

Querying whois.internic.net with "dom nepzzz.com"…

Registrant: zhang jun, P.O. BOX 38, 118000, China
tel: 86 0415 6169599
fax: 86 0415 6169599
spring2004@126.com

I had to laugh, buried in the headers - which the spammer had messed* up and made spill onto the body of the message was this domain: "imsuingyou.com", owned by the Vortal Group [ www.vortalgroup.com ~ amann@vortalgroup.com ].
Needless to say they got a copy of the Spam complaint too

Here's domains 23 thru 26 used by Spammer Carnegie Sun and associates.
I'd reported a few of these before, but forgot to add them:

I suppose I should bandy words like "alleged", "seems to be" and "I believe" but come on…

He/they might use a score of addresses, registrars and domains all over the world, but all the end of the day, it's the same sticky fingerprints…

Incidentally, while the "Blind Date" Spam might look innocuous, and the "Intimate" ones might be acceptable to others, what do you say to the Viagra related ones - advertising for [ bunnd.com/vp5 ] )
Or maybe scores of other I miss due to filtering countless thousand Spam a month, or the fact even for the ones that get through/ are allowed through it's impossible to validate the addresses of everyone. I spend several hours a day just on this lot…

Added to this, I have evidence that links him/them to trojans…

Sooner or later they will make (another?) fatal mistake and I'll bury them!

If this lot are giving your email box a bad time, feel free to let me know, may be use Anti-Spam section of the new forum

*Goes back to his writing, muttering about having far better things to do with his time*

Domain: intimate-travelclub.com
IP: 219.153.1.214
Status: ACTIVE
Updated Date: 30-jan-2004
Creation Date: 30-jan-2004

Registrar: Melbourne IT, Ltd., D/B/A Internet Names Worldwide
Owner: intimate travelclub, 1709 road 225#, NewYork, 357724, CHINA
      *Blink* Really!? NewYork is in China eh?
email: wefg@hotmail.com
Tel: / Fax +010.4574545283

Querying whois.apnic.net with "219.153.1.214"…
inetnum: 219.151.128.0 - 219.153.255.255
descr: China Telecom, Chongqing province network
spam reports to abuse@cta.cq.cn
anti-spam@ns.chinanet.cn.net

The unsubscribe for this Spam was:

Domain Name: Matchmaking.com
IP: No host
Registrar: ENOM, INC.
Status: REGISTRAR-LOCK
Updated Date: 28-oct-2003
Creation Date: 13-apr-2002
Expiration Date: 13-apr-2009

Registrant Contact:
WebQuest.com Inc, PO Box 577583, Modesto, CA 95355, US
(cvmerchants@yahoo.com)
Tel / Fax: +1.12095491102
Fax: +1.2095491102



Domain Name: Intimiate-travel.com
Registrar: GO Daddy Software, Inc.
Status: ACTIVE *
Updated Date: 29-jan-2004
Creation Date: 03-nov-2003
Expiration Date: 03-nov-2008

* (Spammers site killed, it seems. The page advertises the registrar.)

The contact details for this where hidden by Proxy, Inc, so I just reported it to them for abuse instead…
"Thank you for contacting us regarding unwanted email that you received from intimate-travel.com"
Here's a copy of the full reply from Proxy Inc

Domain: whatsindabag.us
IP: WAS: 64.35.6.138
IP Now: 216.55.26.137
Created: 03-Dec-2003
Sponsoring Registrar: Go Daddy Software, Inc
Domain Status: ok
Registrant ID: GODA-04712868
Registrant Name: admin contact
Registrant Organization: Unknown
    Unknown!?
(Ye, right. You enter a businees agreement with someone that won't give you their name!)
*mutter*

Registrant Address: 3380 Vets Hwy, Bohemia, New York,11756, United States
Phone Number: +1.6316925555
Email: admin@heywazup.us
Registrant Application Purpose: P3
Registrant Nexus Category: C11
Administrative Contact ID: GODA-24712868

Created by Registrar: GO DADDY SOFTWARE, INC.
Last Updated by Registrar: GO DADDY SOFTWARE, INC.
Domain Registration Date: Wed Dec 03 15:43:14 GMT 2003
Domain Expiration Date: Thu Dec 02 23:59:59 GMT 2004
Domain Last Updated Date: Wed Dec 03 15:43:42 GMT 2003

Querying whois.arin.net with "216.55.26.137"…
OrgName: Allegiance Telecom Companies Worldwide, Dallas, TX, 75207, US
NetRange: 216.55.0.0 - 216.55.63.255
OrgAbuseEmail: abuse@algx.net

*Hmmm!*

Domain: Heywazup.us
IP address: 216.55.26.137
Sponsoring Registrar: GO DADDY SOFTWARE, INC.
Domain Status:ok
Registrant…
ID: GODA-04492715 Name: admin contact
Organization:Veritact, 3380 Vets Hwy, Bohemia, New York, 11756, United States, US
Phone Number: +1.6316925555
Email: admin@heywazup.us
Application Purpose: P3
Nexus Category: C11

Last Updated by Registrar: GO DADDY SOFTWARE, INC.
Domain Registration Date: Tue Nov 11 12:36:26 GMT 2003
Domain Expiration Date: Wed Nov 10 23:59:59 GMT 2004
Domain Last Updated Date: Tue Nov 11 12:36:54 GMT 2003

Querying whois.arin.net with "216.55.26.137"…
OrgName: Allegiance Telecom Companies Worldwide, Dallas, TX, US
OrgAbuseEmail: abuse@algx.net
OrgNOCName: ALGX Network Control Center
OrgNOCPhone: +1-866-696-2794
OrgNOCEmail: noc@algx.net
OrgTechName: Allegiance Telecom Companies Worldwide
OrgTechPhone: +1-800-581-8711
OrgTechEmail: ipreq@algx.net

It's quite possible the ISP (XO) stomped on this for abuse - I reported it within minutes of the Spam arriving…


As these things go, I've been online for at least a decade or so and I'm rather good at finding things. Yet the only thing I've found on Veritact for this snippet on some logs of banned emailers…

This email was sent to: [ hidden to protect the innocent ]
You are receiving this email because you have been confirmed as a member of this mailing list.
Veritact is not responsible for third party offers, services or products and makes no representations or warranties, expressed or implied, regarding them.
To be removed from this mailing list please click here
[<a href="http://list.usweeklynews.com/unsubscribe.jsp?id= …> ]
Powered by Veritact

Needless to say, this implies spamming activities.
This re-directs to [ http://www.paradiseclub.com/ap/click?gonetsol ]

Tracking…

Domain: usweeklynews.com
IP address: 216.129.161.21
Updated Date: 15-jan-2004
Creation Date: 22-jan-2003
Expiration Date: 22-jan-2005

Registrar: INTERCOSMOS MEDIA GROUP, INC. D/B/A DIRECTNIC.COM
Registrant: Go Entertainment, Inc., 3380 Veterans Memorial Hwy., Bohemia, NY 11716, US
(Tel ? : 631 981 2911)
scorescash1@yahoo.com

Querying whois.arin.net with "216.129.161.21"…
OrgName: THE INTERNET ADVISORY CORPORATION
Address: 2455 E Sunrise Blvd-Suite 401, Fort Lauderdale, FL, 33304, US
NetRange: 216.129.160.0 - 216.129.175.255
TechEmail: jeff@network5.net

And going with paradiseclub.com

Domain: Paradiseclub.com
IP: 216.129.160.150
Updated Date: 09-oct-2002
Creation Date: 26-feb-1997
Expiration Date: 27-feb-2005
Status: ACTIVE

Registrant: Go Entertainment, Inc, 3380 Veterans Memorial Hwy., Bohemia, NY 11716, US, 6319812911
Administrative Contact: scorescash1@yahoo.com

Querying whois.arin.net with "216.129.160.150"…
OrgName: THE INTERNET ADVISORY CORPORATION
TechEmail: jeff@network5.net

Shows just how long this lot has been Spamming though, eh!
Incidently, address lookup fails for network5.net, but apparently the company did file for Chapter 11 in October 2003. Haven't the time to look into it. At the end, despite not trusting any Internet company from Florida, they were just the host ISP.

Around twenty two identical domains…
To be honest I'm losing count of the times I've reported this, but I, for one won't give up on this menace. Feel free to feel sending me information. When it goes to court, they don't have a leg to start on!

Domain No. 22 : searchingforasoulmate.com
IP: 219.153.4.11
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

Querying whois.apnic.net with "219.153.4.11"…
descr: China Telecom
changed: hostmaster@ns.chinanet.cn.net 20021209
status: ALLOCATED NON-PORTABLE
trouble: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net


Domain No. 21 : wanttobeinlovewithanyone.com
IP: 219.153.4.11
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

Querying whois.apnic.net with "219.153.4.11"…
descr: China Telecom
trouble: abuse@cta.cq.cn
e-mail: anti-spam@ns.chinanet.cn.net
nic-hdl: CH93-AP

Domain No. 20 : lovebeinginlove.com
IP address: 211.99.38.55
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004

yadda yadda Carnegie and Bulkregister

Querying whois.apnic.net with "211.99.38.55"…

inetnum: 211.99.32.0 - 211.99.39.255
descr: Beijing FeiHua Communication technology.Co,Ltd
descr: Isp,Icp
descr: No.11 Xichangan Street,Beijing
changed: bjth@btamail.net.cn
status: ALLOCATED PORTABLE
person: Tang Hua, support@bj160.com.cn
address: TONEK Co,No.11 Xichangan Street,Beijing

January 2004

31st Jan 2004

None for several hours myself, but it seems the Australians are getting battered by number 18: [againsearchingforamate.com ]
(Thanks for the heads up Mark)
… a few hours later a couple more arrived. That's 19 domains I'm aware off. Keep the reports coming!

Domain: datinganiceperson.com
IP address: 61.152.188.71
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004

yadda yadda Carnegie and Bulkregister

Querying whois.apnic.net with "61.186.254.71"…

China Telecom, Data Communication Division, Chongqing Province Network
abuse@cta.cq.cn
anti-spam@ns.chinanet.cn.net


Domain: againsearchingforamate.com
IP address: 61.186.254.71
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004
yadda yadda Carnegie and Bulkregister

Querying whois.apnic.net with "61.186.254.71"…

China Telecom, Data Communication Division, Chongqing Province Network
abuse@cta.cq.cn
anti-spam@ns.chinanet.cn.net

29th Jan 2004

*Achoo*
As if I've not enough viruses in my mail, I've caught a cold. Blah!

I've few news items to go in and, when I get a minute, another two tutorials / How-to's…

One on how to avoid MS Outlook Express automatically previewing images - which can be tracked by Spammers (or just plain nasty!).   The other is how to tell if that message from your bank - like the 'Union Planters' scam I just reported - or Paypal (again, reported, as ever) is for real or some crook trying to empty your bank account. It will also tell you how to report this to the authorities.

If you have any requests or queries, feel free to ask by email or the new forum….

If you are a Spammer reading this, feel free to blame 'Carnegie' for what I will do to your lucrative lines. No really, spoofing my domain for your rubbish, not a good idea, hmmm. If you are lucky I'll get bored, shore up the filters and leave the world to stew in it's own mess. Y'all keep winding me up and I'll make you look back to the halcyon times of Spamcop, Spamhaus and dodging Microsoft lawyers with a tear in your eyes!

Jan 28th

Another day, another dollar domain… No, make that two, no three domains. *Sheesh*
*Blink* Four domains today! That makes at least 17 domains in just two weeks…

Domain: mateforadate.com
IP: 219.153.4.11
yadda yadda: Carnegie Sun and BulkRegistar…
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

Querying whois.apnic.net with "219.153.4.11"…
China Telecom, Chongqing province network…
abuse@cta.cq.cn
anti-spam@ns.chinanet.cn.net


Domain: shopforadate.com
IP: 66.232.224.185
yadda yadda: Carnegie Sun and BulkRegistar…
Updated Date: 22-jan-2004
Creation Date: 12-jan-2004

Querying whois.arin.net with "66.232.224.185"…

Interweb Hosting, LLC (range: 66.232.224.0 - 66.232.239.255)
ImPro West (range: 66.232.224.0 - 66.232.224.255 )
CustName: ImPro West, 55 Lisgar Street, Suite 104, Toronto, ON, M6J-3X6, CA
E-mail: interweb1@verizon.net



Domain : wanttobeinlovewithsomeone.com
IP Address: 219.153.4.11
yadda yadda: Carnegie Sun and BulkRegistar…
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

… inetnum: 219.151.128.0 - 219.153.255.255
China Telecom
CHINANET Chongqing province network, A12,Xin-Jie-Kou-Wai St.,Beijing :
CHINANET CQ, The mainstreet 3 daping ,chongqing data communication bureau, CN
send spam reports to abuse@cta.cq.cn

… Chinanet Hostmaster, No.31 ,jingrong street,beijing, 100032, CN
phone: +86-10-66027112
e-mail: anti-spam@ns.chinanet.cn.net



Domain: needtodateaperson.com IP Address: 66.232.224.185 yadda yadda: Carnegie Sun and BulkRegistar…
Updated Date: 12-jan-2004
Creation Date: 12-jan-2004

Querying whois.arin.net with "66.232.224.185"…

Interweb Hosting, LLC (range: 66.232.224.0 - 66.232.239.255)
ImPro West (range: 66.232.224.0 - 66.232.224.255 )
CustName: ImPro West, 55 Lisgar Street, Suite 104, Toronto, ON, M6J-3X6, CA
E-mail: interweb1@verizon.net

My, my, my, what do I see here. Impro West and Verizon… Seems, dear reader, we have come full circle, hmmm!

To quote the 17th Century poet, Sir Walter Scott, (from 'The Lay of the Last Minstrel', I believe) :
Oh, what a tangled web we weave, when at first we practice to deceive…

27th Jan 2004

Eh up. Number thirteen, unlucky for some!
Let's upset this Spammer again and see if I can tear it down before it get goes going!

Domain: datingserviceforsingles.com
IP address: 61.186.254.82
yadda yadda: Carnegie Sun and BulkRegistar…
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004

Querying whois.apnic.net with "61.186.254.82"…
CHINANET Chongqing Province Network, Data Communication Division, China Telecom
The mainstreet 3 daping ,chongqing data communication bureau
send spam reports to [ abuse@cta.cq.cn ] and [ anti-spam@ns.chinanet.cn.net ]

So, it's not just me!
Started getting emails from all over from other people who have been spammed, spoofed and sent viruses from this company. All adds to the list when it goes to court. Keep sending!

It is my belief that I - that we - can change the justice system such that ISP's and registrars - like Verizon and BulkRegistrar - can be held accountable for Spammers actions.

Not the spoofed stuff, not even hosting Spammers, as such, but if they are repeatedly, constantly ignoring complaints, or making motions and doing nothing about them, then they are sending a clear message to us that they couldn't care less as long as it doesn't affect their profits, and to Spammers that they are free to use their network (as long as they abuse other ISP's instead).

There is undeniable proof that this company is a bulk Spammer with no regard for the law, much less the targets of his Spam. As those I've complained to - scores of times - see fit to allow these Spammers to operate it is therefore my intention to prove 'guilt by association' and/or 'guilt by corporate neglect' and/or 'derelection of duty' on behalf of ISP's and Registrars allowing this to continue for so long.

Needless to say that as well as seeking recompense from the Spammer, I will also be looking for all costs and punitive damages to the full extent of the law from those knowingly providing him with network facilities.

I also hope to set a precedent in law with this action.   Given the litigatious nature of America, and increasing the UK, such a ruling would make subsequent ISP's and registrars think twice before allowing Spammers to proliferate on their systems.

At the end of the day, I don't care about UBE, but I REALLY care about the endless stram of UBE *we* recieve and I will fight my corner will all the resources and tenacity I have. There's some 200 major Spammers in the world, almost every one of which abuses me and my family on a daily basis and the integrity of the Internet. I'm dragging the false positives out the bins, tired of editing filters, of reporting viruses and filth…

~ I will have my own Independance Day, when the world as one stands up and shouts: "We will not be Spammed."

Spammers can hide behind all the fake addresses and ghost systems they want, but rest assured, if it takes me a decade, I will destroy them one by one, and/or the networks and advertisers that feed them!

Domain : needtodate.com
IP: 219.153.4.11
Registrar: BulkRegister, LLC.
Updated Date: 22-jan-2004
Creation Date: 22-jan-2004
Owner remains: Carnegie Sun, given as living is Nassau


Looking up host:
inetnum: 219.151.128.0 - 219.153.255.255
China Telecom, A12,Xin-Jie-Kou-Wai St., Beijing 100088, CN.
changed: hostmaster@ns.chinanet.cn.net
address: The mainstreet 3 daping ,chongqing data communication bureau, CN
trouble: send spam reports to [ abuse@cta.cq.cn ]

Chinanet Hostmaster, No.31 ,jingrong st.,beijing, 100032, CN
e-mail: [ anti-spam@ns.chinanet.cn.net ]


Domain: cantwaittodate.com
IP: 61.152.188.71
Registrar: BulkRegister, LLC.
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004
Owner remains: Carnegie Sun, given as living is Nassau

inetnum: 61.152.188.0 - 61.152.188.255
Shanghai TuXiang Data Telecommunication Co.,Ltd. CN
[ ip-admin@mail.online.sh.cn ]
Zhou Feng, No.34, East Yanan Road, Shanghai, CN
e-mail: feng_z@8163.net.cn
changed: [ ip-admin@mail.online.sh.cn ]

Note well the creation date of [ needtodate ] !
Despite overtures that they are doing all they can, despite knowing full well this company is a Spammer, BulkRegister are still selling them ever more domains…

What more needs to be said?   Personally I'm inclined to stop adding them to the list of folk I report this spammer to, but instead I'll let them hang themselves with their own rope!


… sooner after reporting, China Telecom got back to me:

Your information was greatly appreciated! We've started tackling this problem, and what's more we solicit for your further concern. For any question, please feel free to contact us.

Many Thanks

If I had the time, I'd learn Cantonese and Russian, then I could really get to grips with Spammers!

Jan 26th

At least someone thinks Spam is a nuisance!

To whom it may concern,

I think maybe we surprised the spammer that we stopped the website so quickly. It is about 1am when we saw the email, so maybe the spammer thought they could get at least 24 hours of spam from it?

Anyway, look at the website yourself, and you will see we suspended/terminated it now. For those other websites or mail senders, please refer to them as we cannot stop other websites not hosted on our system.

Sincerely,
Security Administrator
[security@zentek-international.com ]
Zentek International Co. Ltd."

And…

No problem, we also do not support spam. Our service TOS / AUP clearly says no spam. Of course, just today we started getting complaints for that website. Thus we move quickly to suspend the site to prevent further spam issues.

That the domains are still live after weeks of complaining to BulkRegisters is just wrong on so many levels, if you ask me.


Call me jaded and cynical, but given Verizons silence and BulkRegister claims to be investigating, yet they have taken no action, I have to ask myself why not!? Added to this, which gave me several double-takes, their emails of the 15th and 21st are identical.

Given that far smaller providers quickly take action, one or more of these are the only possible answers I can see, none of which I like…

One or both…

1. … are incompetant in dealing with this.
2. … don't care because the Spammer is not using up their bandwidth, seeing as it's spoofed.
3. … are making too much money from this company, thus won't take action against it.
4. … they are, in some way, linked to the Spammer.
5. … they are this spammer!

As I say, these are merely the thoughts I am forced to think, rather that a statement of fact, but it makes you wonder, eh. I wonder if all the ISP's who's bandwidth has been stolen are happy with Verizons and Bulkregisters lack of action? Or those supplying Verizon for that matter. Perhaps I will ask them all…

The messages I am complaining about are clearly, undeniably illegal Spam, yet of the ten domains I have complained about, five remain live. It also has several links to an alleged mass Spammer*. Added to this, the site appears (to me at least) to purely be a new way of harvesting email addresses for the purpose of Spamming. At the end of the day, no matter now you cut it, they are the ones with the switch. Time to see what the world's press make of all this.

*"Microsoft alleges in another suit that Pittsburgh-based and its affiliates sent e-mails using "spoofed" domain names, such as msn.com and aol.com.

We are in the e-mail business, but no, we do not send spam, responded Philip Adelberg, identified in the lawsuit as Interweb Hosting's president. He declined to comment further during a brief phone conversation yesterday afternoon, explaining that he had learned of the suit only 20 minutes earlier"

25th Jan - Given up playing softball!

…and we have the 10th Domain, losing count of the Spams mind - 25 to 30, probably rather more - I only example a fraction of my Spam!

[ intimate-travel.com ]
Registered through: GoDaddy.com
Registrar: GoDaddy Software, Inc.
Registrant: Domains by Proxy, Inc.
Updated Date: 12-jan-2004
Creation Date: 03-nov-2003

Querying whois.apnic.net with "203.98.189.28"…
Zentek, Hong Kong: security@zentek-international.com
Maintained by NewWorld Tel: anthony.liang@newworldtel.com

(From 21st Jan, re: lookingforasinglewomanorman.com )

Good Afternoon Paul,

We are currently researching this issue and your input has become a part of our investigation. We apologize profusely for the actions of this individual and will be taking all necessary actions as delegated in our investigation process. Your input and cooperation is very much appreciated.

Sincerely, Brooke Schroeder CSR

[ lookingforasinglewomanorman.com ]

Darn me, this site's live again. Right!!!

22nd Jan

…and we have the 8th and 9th. The first was not not yet live and already the Spams coming!

Domain: singleatlast.com
IP address 66.232.224.8
Registrar: Bulkregister, LLC
Name Server: No nameserver
Status: REDEMPTIONPERIOD
Updated Date: 14-jan-2004
Creation Date: 27-oct-2003


Domain: looknforlove.com
IP Address addresses 211.99.38.55
Registrar: Bulkregister, LLC
Status: ACTIVE
Updated Date: 12-jan-2004
Creation Date: 07-jan-2004

Querying whois.apnic.net with "211.99.38.55"…
Beijing FeiHua Communication technology.Co,Ltd
Named contacts:
bjth@btamail.net.cn
support@bj160.com.cn
luoyan@cnnic.net.cn

The registrants email, as ever, is given as:
[ Carnegie Sun, Saffrey Square, Suite 104A P.O. Box N-9306, Nassau, BS ]

However, the body in the new messages interestingly offers us:
[ Carnegie Sun, LTD 2135A des Laurentides Blvd, Suite 10057 Laval QC H7M 4M2 Canada ]
Hardly a million miles from Toronto, eh!

This is all least the 19th Spam since January 20th when I decided I'd had enough.
This site is live and, it appears, he's back to hosting in China!

Seeing as he appears to be back in Canada, (if he ever left) he again falls under Canada's:

Personal Information Protection and Electronic Documents Act (Revised 1st Jan 2004)

… in that he has dishonestly obtained my email address and is using it to bombard me with spoofed UCE Spam. Plus of course, he forged my address for one sending.

I've added 'Web Junkie' Mark Stachiew, Content Producer for the Montreal section of canada.com to the list of possible interested parties.
What's interesting is last year, much to my disgust, I had to block Canada.com for a while due to the level of spoofed Spam coming from it. Perhaps what goes around comes around!

21st Jan

… and we have the 5th, 6th and 7th domains rolling in… Neither are even live and already the Spams coming!

Domain: lookingforasingleperson.com
IP address: Host not found
Registrar: Bulkregister, LLC
Creation Date: 27-oct-2003
Updated Date: 14-jan-2004
Status: Redemption period


Domain: ahottieiswhatiwant.com
IP address: 61.152.188.71
Registrar: Bulkregister, LLC
Creation Date: 07-jan-2004
Updated Date: 12-jan-2004
Status: Active

Querying whois.apnic.net with "61.152.188.71"…

Shanghai TuXiang Data Telecommunication Co.,Ltd.
(Range 61.152.188.0 - 61.152.188.255 )
Contact: ip-admin@mail.online.sh.cn
Also : feng_z@8163.net.cn



(For fake unsubscribe): Domain: seeingnoone.com
Registrar: Bulkregister, LLC
Creation Date: 27-oct-2003
Updated Date: 14-jan-2004
Status: Redemption period

20th January

It's the 20th now and they are on the fourth domain, though they overlap two at a time.
Indeed, at the time of writing they have mirrored the site to both domains they are using.

Domain:lookingforasinglewomanorman.com.
IP address 66.232.224.8
Registrar: Bulkregister, LLC
Creation Date: 12-jan-2004

Domain Contact: Carnegie Sun, Saffrey Square, Suite 104A P.O. Box N-9306, Nassau
Phone:: 2420000000   reg@carnegiesun.com

***FLEX***
Giving him a last warning served to double the Spam sent from them, including delving into Chinese placebo's. Some people, it seems, have to learn the hard … sometimes when you push and push against a wall, it falls on back you. I am that wall!

19th Jan

Here's what BulkRegistar had to say :

Good Morning Paul,

We are currently researching this issue and your input has become a part of our investigation. We apologize profusely for the actions of this individual and will be taking all necessary actions as delegated in our investigation process. Your input and cooperation is very much appreciated.

Sincerely, Brooke Schroeder CSR

Further proof, if any was needed, that some ISP's and reputable* registrars at least will react as fast as they can to stop Spammers abusing there network.

*I know of at three 'registrars' that are Spammers, all of which I've formally reported to the FTC for investigation.

However, the Spam continues. Soooo….

January 18th

Both these domains where promptly taken down, but darn me if they didn't load another domain to the same IP address!   I'll have that closed too, so I will!

Domain: Lookingforagooddate.com
IP address :66.232.224.8
Creation Date: 12-jan-2004

Domain Contact: Carnegie Sun, Saffrey Square, Suite 104A P.O. Box N-9306, Nassau
Phone:: 2420000000   reg@carnegiesun.com

Adding these admin to the list for forwarding Spam too:
Verizon admin: Christian Anderson [ christian.andersen@verizon.com ]
Cindy Soulia, Genuity [ csoulia@genuity.net ] :
OrgTechEmail: [ ipaddressing@level3.com ]

January 16th

Seeing as they feel the need to blame me for their peddling, I feel the need to see their gang put out of operation!

These clowns are now using: [ bestwaytofindamate.com ]
The domain and the addresses they use might be different, but the body isn't. It's like the phoenix computer computers of the 90's. Startup, side the funds, then go 'bankrupt'. A week later, new name, new address, same advert. Like the publishing companies they still owned a fortune to for advertising didn't wise up fast. That's the thing about crooks, predictably lazy, to say the least. Anyway…

Sticking with the Registrar: Bulkregister, LLC
we now have:

Domain: bestwaytofindamate.com
IP: 66.232.224.8
Created: 2004-01-12
Domain Contact: Carnegie Sun, Saffrey Square, Suite 104A P.O. Box N-9306, Nassau
Phone:: 2420000000   reg@carnegiesun.com

Querying whois.arin.net with "66.232.224.8"…
ImPro West, Toronto - OrgTechEmail : [ INTERWEB1@verizon.net ]

14th Jan 2004: Spoofed!   Again!

On a more annoying note, someone has faked my domain as the sender for a Spam campaign, probably sent via infected systems.
If you get a message, apparently from 'bocenztfbeozfxo@ackadia.com' or similar gimmerish, don't blame me!

The subject line was Your Special Invite
With the message reading: "One of your Friends set you up on a date with another Friend."
… "A Dateing Site Created By Women" etc etc

Notice they can't even spell 'dating' correctly!
Different spammers have different signatures, one uses quotes from Mark Twain, another use tag codes. These use random strings like this:

brought their stories with them into captivity. wanderers, travellers, martha was puzzled and shook her head, thoughtfully. then she from the apple-tree, and circling round in the air, caught sight great store by it, and would never part with it to a stranger!

They have since (last day or so) replace this verbiage with a number string, but it makes no difference to me!   I have reported hundreds of Spam with the same content. The low lifes responsible are currently using "loveblinddates.com" as the domain.
Needless to say I will be looking out for this in future, only this time it's personal…

Domain: loveblinddates.com
Created: 24th Nov, 2003
IP: 219.153.4.11
Registrar: [ www.bulkregister.com] Bulkregister, LLC
Reporting this to: Thomas Cunningham [ ipadmin@alabanza.com] and their Admin Contact [ internal@bulkregister.com ]

Domain Contact:
Date Manager, 1634 Via de la Ciudad, Guatemala City, 73820, GT
info@datemanager1.com

Querying whois.apnic.net with "219.153.4.11"…
China Telecom…
trouble: send spam reports to abuse@cta.cq.cn
remarks: spam complaint to anti-spam@ns.chinanet.cn.net