FYI; if you find www.jimharrison.org, please DO NOT GO THERE. It's not my site, I don't own or run it and you will be blessed with a nifty piece of malware if you go there. As you can see, I've notified the relevant ISPs, but don't hold your breath for a takedown any time soon. -----Original Message----- Sent: Friday, November 10, 2006 4:55 PM To: dsipes@xxxxxxxxxxxxx; abuse@xxxxxxxxxxxxxx Subject: your customer is hosting or referring to malware Importance: High Domain lookup: D:\ >nslookup -type=any -recurse www.jimharrison.org 4.2.2.2 Server: vnsc-bak.sys.gtei.net Address: 4.2.2.2 Non-authoritative answer: www.jimharrison.org internet address = 66.235.219.116 Domain whois: http://www.dnsstuff.com/tools/whois.ch?ip=jimharrison.org&server=whois.p ublicinterestregistry.net&email=on IP whois: http://www.dnsstuff.com/tools/whois.ch?ip=66.235.219.116&server=whois.ar in.net&email=on ..directs to: 81.95.146.98/index.html?id=index12 (DO NOT GO TO THIS SITE!) IP whois: http://www.dnsstuff.com/tools/whois.ch?ip=81.95.146.98&server=whois.ripe .net&email=on The content delivered from the site at 81.95.146.98 is a piece of malware. The person hosting the www.jimharrison.org website knows this, as the reference to this website is poorly obscured via ASCII encoding in an iframe object. Please take all necessary actions to remove these sites. Thank you, Jim Harrison All mail to and from this domain is GFI-scanned.