Author Topic: how to stop this evil? (coolnuff.com)  (Read 8645 times)

0 Members and 1 Guest are viewing this topic.

August 14, 2011, 10:03:33 pm
Read 8645 times

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
my constant complains have not really a effect on cutting down this...

any help to down them is welcome !

-- gerhard


http://support.clean-mx.de/clean-mx/viruses.php?domain=coolnuff.com&sort=first%20desc&limit=0,1000

August 15, 2011, 01:00:46 am
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

August 15, 2011, 01:05:41 am
Reply #2

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Btw, also known as domainparking.name and installrevenue.net ;)
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

August 16, 2011, 03:30:35 pm
Reply #3

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
Btw, also known as domainparking.name and installrevenue.net ;)

just released anoher bunch of complains to them

-- gerhard
Code: [Select]
email:select distinct email from viruses where fp=0 and email ="anti-spam@mail.sxptt.zj.cn" and response="alive" and id >1 while:1 if ((country ==true) || (isource ==true) || (domain ==true) || (cert ==true)|| (email 1==true)){ durun:Array ( [0] => anti-spam@mail.sxptt.zj.cn [email] => anti-spam@mail.sxptt.zj.cn ) sqladmin:select id,email,review,country,source,domain,count(*) as sumx from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc /nWill process: 5 Users select id,email,review,country,source,domain,count(*) as sumx from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc
select * from ip2email where ip="60.190.223.75" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="60.190.223.75" |2011-07-22 14:09:45 CEST |920997 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.4873773
|2011-07-22 14:09:45 CEST |920998 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=9.334743E-03
|2011-07-22 14:09:45 CEST |921004 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F3432347F6D478D36796DA&v=2&t=0.6919672
|2011-07-26 11:24:12 CEST |924598 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.5170862
|2011-07-26 11:24:12 CEST |924599 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6464807
|2011-07-27 12:24:03 CEST |925902 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.3768579
|2011-07-28 15:18:10 CEST |929913 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.2709619
|2011-07-28 15:18:10 CEST |929914 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.879162
|2011-07-29 09:23:09 CEST |931103 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.6919824
|2011-07-29 09:23:09 CEST |931104 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.9952509
|2011-07-29 09:23:09 CEST |931105 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6047174
|2011-07-31 23:32:07 CEST |947438 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.8195459
|2011-07-31 23:32:07 CEST |947440 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.9103662
|2011-07-31 23:32:07 CEST |947441 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=1.078433E-02
|2011-08-07 14:55:10 CEST |955205 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.6284754
|2011-08-07 14:55:10 CEST |955206 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.9201013
|2011-08-07 14:55:10 CEST |955207 |TR/Crypt.XDR.Gen |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/s5_r.jpg?t=0.3981745
|2011-08-08 12:48:54 CEST |955668 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0,1209528
|2011-08-08 12:48:54 CEST |955669 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=C1DF13F78111F6528E63540E077DCF0C0&t=0,8235895
|2011-08-08 12:48:54 CEST |955670 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=4D535BBF44D4BC186F82F8A2A1DB468528B&t=0,2664606
|2011-08-08 12:48:54 CEST |955672 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=B9A76E8AC252E133E3FEAAF11C54E417E770B&t=0,1963922
|2011-08-08 12:48:54 CEST |955673 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=9D83997D1A8A28FA809D6239A9E1FF0CAB3C0&t=0,1260797
|2011-08-08 12:48:55 CEST |955750 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=DCC228CCD04021858368C8936B1023D74A8&t=9,005374E-02
|2011-08-08 12:48:55 CEST |955751 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=18064AAE3FAF34908C67CC976A11E317&t=0,3627588
|2011-08-08 12:48:55 CEST |955759 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=948A7D999D0D9733C5285903F882FB388219AB9DA&t=0,894787
|2011-08-08 12:48:55 CEST |955760 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=E1FF76924BDB00A47B96A8F2F18B995A4AD1A593F&t=0,5531122
|2011-08-08 12:48:55 CEST |955763 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=4E5018FC71E12DFFD2CFCA91DB93&t=0,2665522
|2011-08-08 12:48:55 CEST |955764 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=1F01DE3AC95905D70C11B&t=0,5650751
|2011-08-08 12:48:55 CEST |955765 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0,4463007
|2011-08-08 12:48:55 CEST |955766 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=3B25E90DC1513CEEB45CC6EB96EEC230&t=0,7814447
|2011-08-08 12:48:55 CEST |955767 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=918FA94D78E873A13CD4E5C8502&t=0,8195307
|2011-08-08 12:48:55 CEST |955769 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/sn.php?c=F8E65FBB45D53793A54EFCA7C5BEEB&t=0,3606684
|2011-08-08 14:18:10 CEST |959470 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.7468531
|2011-08-08 14:18:10 CEST |959472 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.644314
|2011-08-08 14:18:10 CEST |959473 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3667719
|2011-08-08 16:52:33 CEST |959504 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.1597711
|2011-08-08 16:52:33 CEST |959505 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6023981
|2011-08-08 16:52:33 CEST |959506 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.7436334
|2011-08-08 16:52:33 CEST |959509 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5438043
|2011-08-08 16:52:33 CEST |959510 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6072809
|2011-08-09 10:54:50 CEST |960137 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.2264063
|2011-08-09 10:54:50 CEST |960138 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=6.747073E-02
|2011-08-09 10:54:50 CEST |960139 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.2359888
|2011-08-09 10:54:50 CEST |960140 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.7439234
|2011-08-09 10:54:50 CEST |960141 |TR/Crypt.XDR.Gen |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/s5_r.jpg?t=0.8757593
|2011-08-09 10:54:50 CEST |960146 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FB432847EFD46ED3799615FC5AE9ED&v=2&t=0.7286646
|2011-08-09 10:54:50 CEST |960147 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3319361
|2011-08-09 10:54:50 CEST |960148 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5854608
|2011-08-10 13:07:42 CEST |964141 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.9470026
|2011-08-11 11:45:14 CEST |964692 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg
|2011-08-11 12:10:03 CEST |964882 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.3486444
|2011-08-11 12:10:03 CEST |964883 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.1107752
|2011-08-11 12:10:03 CEST |964886 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FB432847EFD46ED3799615FC5AE9ED&v=2&t=0.9714929
|2011-08-11 23:43:54 CEST |965594 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.5965387
|2011-08-11 23:43:54 CEST |965595 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=5.350894E-02
|2011-08-11 23:43:54 CEST |965596 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.5062677
|2011-08-11 23:43:54 CEST |965597 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6236994
|2011-08-11 23:43:54 CEST |965599 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.1888239
|2011-08-11 23:43:54 CEST |965600 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5842707
|2011-08-11 23:43:54 CEST |965601 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6207697
|2011-08-12 10:50:50 CEST |965766 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.1860163
|2011-08-12 10:50:50 CEST |965767 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.77055
|2011-08-12 10:50:50 CEST |965768 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.1434137
|2011-08-12 10:50:50 CEST |965769 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.7146417
|2011-08-12 10:50:50 CEST |965775 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7117121
|2011-08-12 10:50:50 CEST |965776 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.9506037
|2011-08-12 12:29:15 CEST |966145 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.1936914
|2011-08-12 12:29:15 CEST |966146 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=5.697268E-02
|2011-08-12 12:29:15 CEST |966152 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2681543
|2011-08-12 12:29:15 CEST |966153 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3642542
|2011-08-12 17:40:06 CEST |966295 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0,1352808
|2011-08-12 17:40:06 CEST |966299 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0,1337702
|2011-08-12 20:06:15 CEST |966335 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.5359918
|2011-08-12 20:06:15 CEST |966339 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.9032404
|2011-08-14 13:59:20 CEST |967628 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.3382379
|2011-08-14 13:59:20 CEST |967659 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2620203
|2011-08-14 13:59:20 CEST |967660 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7091333
|2011-08-14 13:59:20 CEST |967661 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.8268091
|2011-08-14 22:40:03 CEST |968554 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg
|2011-08-16 12:48:01 CEST |969274 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.3932459
|2011-08-16 12:48:01 CEST |969275 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.8544886
|2011-08-16 12:48:01 CEST |969276 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6578943
|2011-08-16 12:48:01 CEST |969277 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.6776697
|2011-08-16 12:48:01 CEST |969296 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.1357386
|2011-08-16 12:48:01 CEST |969297 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2466699
|2011-08-16 12:48:01 CEST |969298 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5254785
|2011-08-16 12:48:01 CEST |969299 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5930139
|2011-08-16 12:48:01 CEST |969300 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7708704
|2011-08-16 12:48:01 CEST |969301 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F3432347F6D478D36796DA&v=2&t=0.8498957
|2011-08-16 12:48:01 CEST |969302 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.491482
|2011-08-16 12:48:01 CEST |969303 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.837063
|2011-08-16 12:48:01 CEST |969304 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2014734
|2011-08-16 12:48:01 CEST |969305 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.342312
|2011-08-16 12:48:01 CEST |969306 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3956262
|2011-08-16 12:48:01 CEST |969307 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.4682123
|2011-08-16 12:48:01 CEST |969308 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6232263
|2011-08-16 12:48:01 CEST |969309 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.9527552
|2011-08-16 12:48:01 CEST |969310 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.957699
|2011-08-16 12:48:01 CEST |969311 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=3.899783E-02
|2011-08-16 16:25:21 CEST |969443 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.3513605
|2011-08-16 16:25:21 CEST |969444 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.7605402
|2011-08-16 16:25:21 CEST |969445 |TR/VBKrypt.dqgn.17 |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/ck3.jpg?t=0.8830377
|2011-08-16 16:25:21 CEST |969446 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.3154108
|2011-08-16 16:25:21 CEST |969447 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=0.4429132
|2011-08-16 16:25:21 CEST |969448 |WORM/VBNA.aotb |60.190.223.75 |coolnuff.com |http://ru.coolnuff.com:2011/myck.jpg?t=5.956668E-02
|2011-08-16 16:25:21 CEST |969463 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7279627
|2011-08-16 16:25:21 CEST |969464 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.8787195
|2011-08-16 16:25:21 CEST |969465 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7460749
|2011-08-16 16:25:21 CEST |969466 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.157345
|2011-08-16 16:25:21 CEST |969467 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6639063
|2011-08-16 16:25:21 CEST |969468 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F3DCE8CA8E5FFAF6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=1.302737E-02
|2011-08-16 16:25:21 CEST |969469 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2561457
|2011-08-16 16:25:21 CEST |969470 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3495294
|2011-08-16 16:25:21 CEST |969471 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2B69F4DC9ECA8C5FF1F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6536066
|2011-08-16 16:25:21 CEST |969472 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.4523432
|2011-08-16 16:25:21 CEST |969473 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7042505
|2011-08-16 16:25:21 CEST |969474 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2F69C0DCE5CA9F5FF3F6CFDFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.9814722
|2011-08-16 17:14:51 CEST |969493 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.3308985
|2011-08-16 17:14:51 CEST |969494 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.6731226
|2011-08-16 17:14:51 CEST |969495 |unknown_html |60.190.223.75 |nucleardiscover.com |http://w.nucleardiscover.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=6.753176E-02
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/viruses_complain_920997.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_920997.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/viruses_complain_920997.1313508557.mail
select * from ip2email where ip="60.190.223.152" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="60.190.223.152" |2011-08-08 13:48:20 CEST |955967 |unknown_html_RFI_shell |60.190.223.152 |addsuchmenmy.com |http://addsuchmenmy.com/
|2011-08-08 13:48:20 CEST |956044 |unknown_html_RFI_shell |60.190.223.152 |appeboycoldcausa.com |http://appeboycoldcausa.com/
|2011-08-08 13:48:21 CEST |956594 |unknown_html_RFI_shell |60.190.223.152 |cryuseslwsn.com |http://cryuseslwsn.com/
|2011-08-08 13:48:22 CEST |956817 |unknown_html_RFI_shell |60.190.223.152 |eaascousafind.com |http://eaascousafind.com/
|2011-08-08 13:48:23 CEST |957121 |unknown_html_RFI_shell |60.190.223.152 |gawebingdiac.com |http://gawebingdiac.com/
|2011-08-08 13:48:23 CEST |957310 |unknown_html_RFI_shell |60.190.223.152 |hadheailsudy.com |http://hadheailsudy.com/
|2011-08-08 13:48:23 CEST |957422 |unknown_html_RFI_shell |60.190.223.152 |housafoncecay.com |http://housafoncecay.com/
|2011-08-08 13:48:27 CEST |958684 |unknown_html_RFI_shell |60.190.223.152 |sitlowhad.com |http://sitlowhad.com/
|2011-08-08 13:48:29 CEST |959353 |unknown_html_RFI_shell |60.190.223.152 |wheterokhorse.com |http://wheterokhorse.com/
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/viruses_complain_955967.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_955967.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/viruses_complain_955967.1313508557.mail
select * from ip2email where ip="60.190.223.132" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="60.190.223.132" |2011-08-15 10:35:36 CEST |968732 |unknown_html |60.190.223.132 |nucleardiscover.com |http://cs.nucleardiscover.com:88/getcookie.asp
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/viruses_complain_968732.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_968732.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/viruses_complain_968732.1313508557.mail
select * from ip2email where ip="122.224.50.224" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="122.224.50.224" |2011-08-15 10:00:25 CEST |968644 |TR/Rootkit.Gen |122.224.50.224 |zhuyy.com |http://idc.zhuyy.com/error/dnf.exe
|2011-08-15 10:00:25 CEST |968645 |TR/Gendal.6204691 |122.224.50.224 |zhuyy.com |http://idc.zhuyy.com/error/sr/10.exe
|2011-08-15 10:00:25 CEST |968646 |TR/Hijacker.Gen |122.224.50.224 |zhuyy.com |http://idc.zhuyy.com/error/sr/qq.exe
|2011-08-15 10:30:25 CEST |968722 |unknown_html |122.224.50.224 |zhuyy.com |http://idc.zhuyy.com/error/sr/gezhong.txt
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/viruses_complain_968644.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_968644.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/viruses_complain_968644.1313508557.mail
select * from ip2email where ip="115.239.224.235" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from viruses where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="115.239.224.235" |2011-08-06 13:19:15 CEST |953963 |PUA.HTML.Infected.WebPage-2 |115.239.224.235 |csolwg.cn |http://bbs.csolwg.cn/
|2011-08-06 13:19:15 CEST |953964 |PUA.HTML.Infected.WebPage-2 |115.239.224.235 |csolwg.cn |http://bbs.csolwg.cn/hack.php?H_name=adv&u=1002
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/viruses_complain_953963.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_953963.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/viruses_complain_953963.1313508557.mail


restart to phishing from viruses
email:select distinct email from phishing where fp=0 and email ="anti-spam@mail.sxptt.zj.cn" and response="alive" and id >1 while:1 if ((country ==true) || (isource ==true) || (domain ==true) || (cert ==true)|| (email 1==true)){ durun:Array ( [0] => anti-spam@mail.sxptt.zj.cn [email] => anti-spam@mail.sxptt.zj.cn ) sqladmin:select id,email,review,country,source,domain,count(*) as sumx from phishing where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc /nWill process: 1 Users select id,email,review,country,source,domain,count(*) as sumx from phishing where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc
select * from ip2email where ip="122.224.6.164" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from phishing where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="122.224.6.164" |2011-08-08 19:21:31 CEST |954037 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.8217279
|2011-08-12 12:21:02 CEST |956775 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.2716181
|2011-08-15 10:40:19 CEST |957333 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.7715113
|2011-08-16 12:41:02 CEST |957863 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.1900598
|2011-08-16 12:50:02 CEST |957865 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.5060388
|2011-08-16 12:50:03 CEST |957866 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.163357
|2011-08-16 12:50:03 CEST |957867 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.4379236
|2011-08-16 12:50:03 CEST |957868 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.7911341
|2011-08-16 12:50:03 CEST |957869 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.2777063
|2011-08-16 16:21:12 CEST |957936 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.320492
|2011-08-16 16:21:12 CEST |957937 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.4800226
|2011-08-16 16:21:12 CEST |957938 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.5142023
|2011-08-16 16:21:13 CEST |957939 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.6999781
|2011-08-16 16:21:13 CEST |957940 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.8626978
|2011-08-16 16:21:13 CEST |957941 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.9089014
|2011-08-16 16:21:13 CEST |957942 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.9147608
|2011-08-16 16:21:13 CEST |957943 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.3429682
|2011-08-16 16:21:13 CEST |957944 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.9205133
|2011-08-16 16:21:13 CEST |957945 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.6711847
|2011-08-16 16:21:13 CEST |957946 |122.224.6.164 |yigeyuming.com |http://hn.yigeyuming.com:82/hn.gif?t=0.459347
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/phishing_complain_954037.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/phishing_complain_954037.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/phishing_complain_954037.1313508557.mail


restart to portals from phishing
email:select distinct email from portals where fp=0 and email ="anti-spam@mail.sxptt.zj.cn" and response="alive" and id >1 while:1 if ((country ==true) || (isource ==true) || (domain ==true) || (cert ==true)|| (email 1==true)){ durun:Array ( [0] => anti-spam@mail.sxptt.zj.cn [email] => anti-spam@mail.sxptt.zj.cn ) sqladmin:select id,email,review,country,source,domain,count(*) as sumx from portals where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc /nWill process: 1 Users select id,email,review,country,source,domain,count(*) as sumx from portals where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" group by review order by email desc,review desc
select * from ip2email where ip="60.190.217.133" select * from email where email="anti-spam@mail.sxptt.zj.cn" select * from portals where (recent="up" or recent="toggle") and response="alive" and domain != "" and domain !="0.0.0.0" and fp=0 and email="anti-spam@mail.sxptt.zj.cn" and review="60.190.217.133" |2011-08-02 10:45:02 CEST |194351 |unknown_html |60.190.217.133 |8787au.com |http://www.8787au.com/cf.html
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de anti-spam@mail.sxptt.zj.cn /tmp/portals_complain_194351.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/portals_complain_194351.1313508557.mail
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de abuse@clean-mx.de /tmp/portals_complain_194351.1313508557.mail


restart to portals from portals

August 16, 2011, 06:37:37 pm
Reply #4

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Received an e-mail from CNCERT this morning, saying it would be taken care of, but it was still live as of ~20 mins or so ago, so god knows what's taking them so long :(
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

August 16, 2011, 08:20:21 pm
Reply #5

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
Received an e-mail from CNCERT this morning, saying it would be taken care of, but it was still live as of ~20 mins or so ago, so god knows what's taking them so long :(

every complain to them also results in a complain to cncert as you see in my prior posting..

Code: [Select]
/usr/sbin/gwrsigmail.pl abuse@clean-mx.de cncert@cert.org.cn /tmp/viruses_complain_920997.1313508557.mail

and I never got a sucess from cncert!

jpcert or mycer, dkcert eecert ... and so on.... are much more better !

-- gerhard

August 17, 2011, 03:05:00 am
Reply #6

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Yep, prefer dealing with the others myself too.

You should've received a copy of the last e-mail I got from them.
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

August 17, 2011, 08:09:56 am
Reply #7

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
Yep, prefer dealing with the others myself too.

You should've received a copy of the last e-mail I got from them.

hm no mail ....please to abuse@clean-mx.de ... thx
update found it... has been in quarantine....
-- gerhard