You are not logged in.
Hey guys, since about 3 days ago, I have been receiving like 30 registrations from this IP: 78.129.202.3 and 78.157.143.201. That/those moron(s) use the same email domain: @fasif.com. Probably he won the 1st prize for spammer of this week, right?
I wish I have his real email so that the prize could be sent to him.
Offline
Urk, this same bot hit me about 24 times this weekend when I was busy working 15 hour days and unable to get my wireless working. >_>
Offline
That same person/bot hit me about 15 times today and probably will appear tomorrow with the same quantity. That guy is really a lame. None of the registration has passed.
Offline
Some info of this person's ip from whois:
person: Alexander A Solovyov
address: LIMT Group Ltd.
Mira 67
Perm
614036
Russian Federation
phone: +7 342 2763167
e-mail: abuse@limt.ru
e-mail: noc@limt.ru
e-mail: svr.band@gmail.com
What a lame, he named his email abuse@...
svr.band@gmail.com looks like Stevie Ray Vaughan to me lol
Anyway, I don't think the figures are reliable but they must mean something.
Last edited by kurtcobainvn (2008-04-16 7:51 am)
Offline
I got a slew of fasif.com spammers also. I banned anything coming from @fasif.com.
Offline
Hello,
Last weeks we have on a daily basis been recieving hundreds of submitted forms with nonsense text from our website. This is
causing big problems in our work.
When contacting the Swedish police in this matter they helped us finding the IP-adress to the source. The IP adress of the submitted forms is 78.129.202.9 and the police said it corresponds to the person Alexander A Solovyov at the company LIMT Group Ltd. Below is an example of one submitted form as of today.
What could we do about this?
Best regards
David
Return-Path: <postmaster@tux04.epsab.com>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail2.space2u.com
X-Spam-Level: 2/5
X-Spam-Status: No, score=0.1 required=10.0 tests=BAYES_00,FH_FROMEML_NOTLD
shortcircuit=no autolearn=no version=3.2.4
Received: from tux04.epsab.com (h-156-24.A170.cust.bahnhof.se [85.24.156.24])
by mail2.space2u.com (8.14.2/8.13.8) with ESMTP id m3U8OEqr029942
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for <david@netway.se>; Wed, 30 Apr 2008 10:24:17 +0200
Received: (qmail 857 invoked by uid 48); 30 Apr 2008 10:24:13 +0200
Date: 30 Apr 2008 10:24:13 +0200
Message-ID: <20080430082413.10100.qmail@tux04.epsab.com>
To: ingemar@2000taletsvetenskap.nu, david@netway.se
From: ()
Subject: Ny medlem - 2000taletsvetenskap.nu
X-Generated-By: Matt Wright's FormMail.pl v1.9s-p7
X-Script-URL: http://www.2000taletsvetenskap.nu:80/cg … ormmail.pl
X-Originating-IP: [78.129.202.9]
Status:
X-FS-Classification-spam: 2
X-FS-Diagnostics: database-version=2008-04-22 tests=DIRECT_MX_FORGED_RECEIVED,DNS_AVAILABLE,FS_UNTRUSTED_2,RDNS_DYNAMIC_IP_2,FS_CLASS_SPAM_2
Below is the result of your feedback form. It was submitted by
() on Wednesday, April 30, 2008 at 10:24:13
---------------------------------------------------------------------------
Fornamn: zZSOUubAqXTo
Efternamn: jCVxYowjWJgCVYLhu
Adress: zXGdNURoZTwpSSOmOs
Postnr: oQSKWLQrRNlSpLjBCpj
Stad: XzliiMhSLDKrDRvZmha
Tfnnr: sGdSvmKTACEfWqu
-----------------------------------------------------------------------
Offline
First thing to do is block the LIMT net-block;
inetnum: 78.129.202.0 - 78.129.203.255 netname: LIMT_Group-1 descr: LIMT Group Ltd country: RU admin-c: AAS166-RIPE tech-c: AAS166-RIPE status: ASSIGNED PA mnt-by: RAPIDSWITCH-MNT source: RIPE # Filtered person: Alexander A Solovyov address: LIMT Group Ltd. address: Mira 67 address: Perm address: 614036 address: Russian Federation phone: +7 342 2763167 e-mail: abuse@limt.ru e-mail: noc@limt.ru e-mail: svr.band@gmail.com nic-hdl: AAS166-RIPE mnt-by: RAPIDSWITCH-MNT source: RIPE # Filtered % Information related to '78.129.128.0/17AS29131' route: 78.129.128.0/17 descr: RapidSwitch Ltd origin: AS29131 mnt-by: RAPIDSWITCH-MNT source: RIPE # Filtered
http://hosts-file.net/?s=78.129.202.9
I'd also recommend blocking everything coming from blocks related to or owned by, RapidSwitch;
http://www.stopforumspam.com/forum/t110 … 105-GAH%21
http://www.robtex.com/as/as29131.html
Offline
