Sonia Woo spam

[Guard Dog]

Hello - I have been tracing down with all sorts of IP tracers and such... Here is what I have come up with.

This was from the Platinum Play email address that 'Sonia Woo' got somehow (the one that has never been used except for at PP casino):

This spammer redirects from: pillar2338.com, allyouveeverwanted.com

It goes through several 302 redirects to land you at the casino... without ip packet tracing it can be hard to find the affy account id, so here they are:

CASINO COINS:
xxxxhttp://www.englishharbour.com/?c=24944&s=LIFOAUG23

REFERBACK:
xxxxhttp://www.gamingclub.com/casino/index.asp?s=aff97156

FORTUNE AFFILIATES:
xxxhttp://www.royalvegas.com/countdown/default.asp?BTag=MS_129610_748660_100127&link=

DIRECT MARKETING (NO AFFY ID):
MightySlots.com
RealVegasOnline.com


Again - this is a multi-redirect scheme, so for example - when re-routing to Gaming Club, the tcp trace shows:

1. go to pillar2338.com/{filename}.aspx (link in mail)

2. go to www.allyouveeverwanted.com (302 redirect from pillar2338.com)

3. go to http://www.royalvegas.com/countdown/default.asp?BTag=MS_129610_748660_100127&link= (302 redirect from allyouveeverwanted.com)



PILLAR2338.com

Sonia Woo Whois Privacy and Spam Prevention by DomainTools.com
PILLAR2338.COM
First Floor-Commercial Area
Calle 53 , Marbella
Panama City
PC
0832-0588
PA
Phone: +507.5072236382
Fax: +809.0000000000

allyouveeverwanted.com

Entertainment Networks Limited
Anne Lawrence (Whois Privacy and Spam Prevention by DomainTools.com)
+1.1418822763
Fax: +44.1481823390
La Corvee House
La Corvee
Alderney, 0123
GB