The hosting is public but is not anonymous. The Whois information is public but your customers are conveniently kept anonymous. The rating used to identify domains - liNNN-NNN.member.linode.com - it was meant to practice spam and crime. Your boss raised a company of tens of millions of dollars stepping on the neck of the people. He's a sociopath. Marilson From: Abuse Sent: Saturday, September 05, 2015 11:37 PM To: Marilson Cc: abuse@name.com ; registryabuse@rightside.co ; spam@uce.gov Subject: Re: spam-phishing Hello Marlison, When identifying the owners of those IP addresses, please take into account that Linode is a VPS (Virtual Private Server) hosting provider. The IP addresses we own are registered to the owners of the company, but are then allocated to customers of our hosting service. Due to the nature of public hosting, it is possible for some malicious users to slip through from time to time. Our Abuse Department works diligently to prevent and stop malicious activity from occurring on our platform. Please note that we take the integrity of our network very seriously and do everything within our power to prevent such activity from occurring. Please do not hesitate to contact us if any further abuse occurs. We will address the issue with any and all customers and systems involved in the abusive behavior. If you have any questions or concerns regarding this situation, please feel free to reach out to us at any time. Kind Regards, Tim Linode Abuse Team On 9/5/15 9:33 PM, Marilson wrote: Oh really? This customer has been terminated as of yesterday?! Well, well, well! Do you terminated with Christopher Aker? With the Linode CEO Christopher S. Aker?? The owner and registrant of li1275-114.members.linode.com and li994-31.members.linode.com ? With stupid sociopath who does not stop sending spam with virus to my address? I’m touched by size detachment and social attitude so magnanimous. I must believe that you also terminated with the owner and registrant of the domain li1409-91.members.linode.com Tom Asaro, right? https://blog.linode.com/2006/11/05/linodecom-welcomes-tom-asaro/ Look what Whois PDR says about 45.79.176.114 (li1275-114.members.linode.com) : “Query terms are too ambiguous. Please refine query.” kkkkkkkkkkkkkkkk For GeekTools, members.linode.com is: “Bad server (Verisign), retrying lookup.” Tell me Tim of abuse team, do you like fairy tales? Don’t you feel ashamed to write a bullshit that size? There is nothing dumber than underestimate people's intelligence. Yours bosses are a bunch of sociopaths who respond to complaints by sending spam with virus to those who denounce them. Tim, you said too: “It appears they were utilizing a new account.” Tell me sharp boy, how many domains Linode has? This is better than stand up comic! Tim, in due course I will write the biography of Mr. Christopher S. Aker - with 3 paragraphs - and send for you to read. I'll explain how he managed to create the Linode and because he has the habits and hobbies he has, and because he is uncle. See you! Marilson From: Abuse Sent: Saturday, September 05, 2015 7:31 AM To: Marilson Cc: abuse@name.com ; registryabuse@rightside.co ; spam@uce.gov Subject: Re: spam-phishing Hello, Thank you for bringing this to our attention. This customer has been terminated as of yesterday. It appears they were utilizing a new account. If you have any questions or concerns, please don't hesitate to ask. Regards, Tim Linode Abuse Team Abuse@Linode.com On 9/5/15 6:19 AM, Marilson wrote: Well motherfuckers, pay attention – respect is not for whom wants is for whom deserve! In August 27 you said: “We will take the necessary actions to ensure that this is resolved in a timely manner.” Liars! Fucking sociopaths! In August 15 you said: “The customer that was associated with this iP address has been removed as our client.” Liars! Fucking sociopaths! In July 28 you said: “We have informed the client, and are investigating.” Liars! Fucking sociopaths! Your customers - lixxxx-xxx.members.linode.com - continue sending spam with virus with the complicity of you from Linode, Name, Rightside and FTC-UCE, bunch of scoundrels, bunch of arrogants, bunch of psychopaths. If you will respond to my complaints by sending virus I will send my complaints with appropriate insults to your immoral behavior. Idiot, don't be so stupid! Do you think I'll click to see a "picture" hidden on purpose? Stupid, arrogant and sociopath. HEADER – THE EVIDENCE Delivered-To: marilson.mapa@gmail.com Received: by 10.103.27.68 with SMTP id b65csp482081vsb; Wed, 2 Sep 2015 20:24:31 -0700 (PDT) X-Received: by 10.140.29.3 with SMTP id a3mr2770719qga.97.1441250671628; Wed, 02 Sep 2015 20:24:31 -0700 (PDT) Return-Path: mailto:www-data@li1275-114.members.linode.com Received: from localhost ([2600:3c03::f03c:91ff:fec8:ffbc]) by mx.google.com with ESMTP id l15si28378023qkh.74.2015.09.02.20.24.31 for mailto:marilson.mapa@gmail.com; Wed, 02 Sep 2015 20:24:31 -0700 (PDT) Received-SPF: neutral (google.com: 2600:3c03::f03c:91ff:fec8:ffbc is neither permitted nor denied by best guess record for domain of www-data@li1275-114.members.linode.com) client-ip=2600:3c03::f03c:91ff:fec8:ffbc; Authentication-Results: mx.google.com; spf=neutral (google.com: 2600:3c03::f03c:91ff:fec8:ffbc is neither permitted nor denied by best guess record for domain of www-data@li1275-114.members.linode.com) smtp.mailfrom=www-data@li1275-114.members.linode.com Received: by localhost (Postfix, from userid 33) id 70F9B25916; Thu, 3 Sep 2015 03:23:13 +0000 (UTC) To: marilson.mapa@gmail.com Subject: Promoção férias de montão master-card, você e sua família com tudo pago. X-PHP-Originating-Script: 0:LIV.php MIME-Version: 1.0 From: <> Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 Message-Id: <20150903032313.70F9B25916@localhost> Date: Thu, 3 Sep 2015 03:23:13 +0000 (UTC) TEXT Sent: Thursday, September 03, 2015 12:23 AM To: marilson.mapa@gmail.com Subject: Promoção férias de montão master-card, você e sua família com tudo pago. From: Sokhumpheak Thong Sent: Thursday, August 27, 2015 4:45 AM To: Marilson Subject: Re: spam-phishing Hello, Thank you for the report. We will take the necessary actions to ensure that this is resolved in a timely manner. Regards, Soh Linode LLC On 27 Aug, 2015, at 1:51 am, Marilson <marilson.mapa@gmail.com> wrote: Tell me gentlemen of Linode, do you have some client who does not practice crime? Your client was removed – see below August 15 - or one of the domains that belongs to your client has been blocked? Shame on you!!! ID BY DBIP IP address 45.33.44.31 Address type IPv4 Hostname li994-31.members.linode.com ISP Linode Timezone America/New_York (UTC-4) HEADER Delivered-To: marilson.mapa@gmail.com Received: by 10.28.150.202 with SMTP id y193csp4128745wmd; Wed, 26 Aug 2015 18:52:45 -0700 (PDT) X-Received: by 10.68.243.103 with SMTP id wx7mr2645647pbc.60.1440640364697; Wed, 26 Aug 2015 18:52:44 -0700 (PDT) Return-Path: <root@45.33.44.31> Received: from localhost ([2600:3c01::f03c:91ff:fec8:8323]) by mx.google.com with ESMTP id xn7si855608pab.189.2015.08.26.18.52.44 for <marilson.mapa@gmail.com>; Wed, 26 Aug 2015 18:52:44 -0700 (PDT) Received-SPF: neutral (google.com: 2600:3c01::f03c:91ff:fec8:8323 is neither permitted nor denied by best guess record for domain of root@45.33.44.31) client-ip=2600:3c01::f03c:91ff:fec8:8323; Authentication-Results: mx.google.com; spf=neutral (google.com: 2600:3c01::f03c:91ff:fec8:8323 is neither permitted nor denied by best guess record for domain of root@45.33.44.31) smtp.mailfrom=root@45.33.44.31 Received: by localhost (Postfix, from userid 0) id B622A42A37; Thu, 27 Aug 2015 01:42:33 +0000 (UTC) content-type: text/html Subject: SAC - Ultimo Aviso de Bloqueio From: SAC@sacseg.com.br To: marilson.mapa@gmail.com Message-Id: <20150827014316.B622A42A37@localhost> Date: Thu, 27 Aug 2015 01:42:33 +0000 (UTC) TEXT – hiperlink removed From: SAC@sacseg.com.br Sent: Wednesday, August 26, 2015 10:42 PM To: marilson.mapa@gmail.com Subject: SAC - Ultimo Aviso de Bloqueio Clique aqui ou em Mostrar Imagens deste email para Visualizar este e-mail por Completo. From: Jermaine Chism Sent: Saturday, August 15, 2015 9:48 AM To: Marilson Cc: abuse@linode.com ; abuse@name.com ; spam@uce.gov ; submit.snA38em0rJTkVJ7B@spam.spamcop.net ; registryabuse@rightside.co Subject: Re: spam-phishing Hello, The customer that was associated with this iP address has been removed as our client. If you need additional assistance regarding this, please let us know. Kind Regards, Jermaine Linode Support On Aug 15, 2015, at 8:34 AM, Marilson <marilson.mapa@gmail.com> wrote: At Tuesday, July 28, 2015 3:15 AM you said: “We have informed the client, and are investigating. Thank you, Samantha Linode Abuse Department” Yesterday I received the same phishing hosted by li1409-91.members.linode.com. Is phishing your specialty? HEADER Delivered-To: marilson.mapa@gmail.com Received: by 10.27.37.212 with SMTP id l203csp1170367wll; Fri, 14 Aug 2015 00:20:23 -0700 (PDT) X-Received: by 10.112.136.201 with SMTP id qc9mr35541330lbb.94.1439536822882; Fri, 14 Aug 2015 00:20:22 -0700 (PDT) Return-Path: <www-data@localhost> Received: from localhost (li1409-91.members.linode.com. [139.162.142.91]) by mx.google.com with ESMTP id 9si8495710wjt.113.2015.08.14.00.20.22 for <marilson.mapa@gmail.com>; Fri, 14 Aug 2015 00:20:22 -0700 (PDT) Received-SPF: neutral (google.com: 139.162.142.91 is neither permitted nor denied by best guess record for domain of www-data@localhost) client-ip=139.162.142.91; Authentication-Results: mx.google.com; spf=neutral (google.com: 139.162.142.91 is neither permitted nor denied by best guess record for domain of www-data@localhost) smtp.mailfrom=www-data@localhost Date: Fri, 14 Aug 2015 00:20:22 -0700 (PDT) Message-Id: <55cd96b6.6902c20a.d7991.ffff81d5SMTPIN_ADDED_MISSING@mx.google.com> Received: by localhost (Postfix, from userid 33) id 4237B12C60; Fri, 14 Aug 2015 06:01:47 +0000 (UTC) To: marilson.mapa@gmail.com Subject: NFe*Boleto X-PHP-Originating-Script: 0:Pll_llP.php From: 294236 marillacmoreira <marillaine@terra.com.br TEXT -----Mensagem Original----- From: 294236 marillacmoreira Sent: Friday, August 14, 2015 4:20 AM To: marilson.mapa@gmail.com Subject: NFe*Boleto > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marillaura@terra.com.br > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marillianobre@bol.com.br > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marillyn_damazio@yahoo.com.br > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marilofm@bol.com.br XXXXXXXXXXXXXXXXXXXXXXXXXXXX MANY OTHERS XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marilseg@terra.com.br > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: 294236 marillacmoreira <marilson.mapa@gmail.com > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 Message-Id: <20150814060147.4237B12C60@localhost> Date: Fri, 14 Aug 2015 06:01:47 +0000 (UTC) <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type"><title>GrupoAcol</title></head><body><big style="font-family: Arial Narrow;">Brasilia, 14 de Agosto de 2015</big><br> *************************************<br> <big style="font-family: Arial Narrow;">Mensagem eletronica nao responda - Noreply</big><br> <big style="font-family: Arial Narrow;">_____________________________________<br> Anexo,<br> <br> Protocolo - Compras e Prestacao de servicos<br> <br> </big><big style="font-family: Arial Narrow;">Anexo: </big><big style="font-family: Arial Narrow;"><a href="http://j.mp/GrupoAcolBrasil-DF">NF-e Boleto</a> ( 345 Kb )</big><big style="font-family: Arial Narrow;"><span style="font-weight: bold;"><br> <br> </span>Tabela de Codigos ANP - 320103002</big><small style="font-family: Arial Narrow;"><br> </small><big style="font-family: Arial Narrow;"><span style="font-weight: bold;"></span><br> NFe-Boleto - Emissao 12/08/2015<br> NFe-Boleto - Vencimento 12/09/2015<br> NFe-Boleto - Valor - R$ 1.254,26</big><br style="font-family: Arial Narrow;"> <big style="font-family: Arial Narrow;"><big></big></big><br> <h2 class="company-section hidden-xs hidden-sm" style="margin: 0px 0px 20px; font-family: 'Source Sans Pro',Tahoma,sans-serif; font-weight: 600; line-height: 1.1; color: rgb(0, 153, 0); font-size: 20px; font-style: normal; font-variant: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 1; word-spacing: 0px; background-color: rgb(255, 255, 255);">Contatos do Grupo Acol</h2> <p class="company-card" style="margin: 0px 0px 10px; line-height: 1; color: rgb(51, 51, 51); font-family: Tahoma,Arial; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 1; word-spacing: 0px; background-color: rgb(255, 255, 255);"><span class="company-card-item company-card-group hidden-xs hidden-sm" itemprop="name" style="font-size: 13px; display: block; line-height: 1.4;"><span class="Apple-converted-space"> </span><b style="font-weight: bold;">Grupo Acol</b></span><br class="company-card-split" style=""><span class="company-card-item company-card-group" style="font-size: 13px; display: block; line-height: 1.4;"><span class="Apple-converted-space"> </span><b style="font-weight: bold;">Endereço:</b></span><span class="company-card-content" style="display: block; padding-left: 25px; line-height: 1.4;"><span itemprop="address" itemscop e="" itemtype="http://schema.org/PostalAddress"><span itemprop="streetAddress">QNM 25 CJ H lt 5 lj 1 - Ceilandia Sul</span><span class="Apple-converted-space"> </span><br style=""><span itemprop="postalCode">72215-258</span><span class="Apple-converted-space"> </span><span itemprop="addressRegion">Ceilandia</span></span><span class="company-card-coords" style="font-size: 11px; display: block; color: rgb(153, 153, 153); margin-top: 3px;">Distrito Federal, Ceilândia, Ceilândia Sul</span></span><br class="company-card-split" style=""><span id="company-card-phone" class="company-card-item clearfix" data-phone="(61)3371-0369" style="font-size: 13px; display: block; line-height: 1.4;"><span class="company-card-item-label" style="float: left;"><span class="Apple-converted-space"> </span><b style="font-weight: bold;">Telefone:</b></span><span class="company-card-item-value phone open" itemprop="telephone" style="overflow: hidden; float: left; margin-left: 5px; width: auto; wh ite-space: nowrap;">(61) 3371-0369</span></span></p> From: Marilson Sent: Tuesday, July 28, 2015 3:05 AM To: abuse@linode.com Cc: crime.internet@dpf.gov.br ; spam@uce.gov ; mail-abuse@cert.br ; mail-abuse@nic.br Subject: spam-phishing Sirs, Your client, zedocarmoreis@yahoo.com.br , is practicing phishing. Please don't provide him the tools and means to spamming. Thanks Marilson HEADER Delivered-To: marilson.mapa@gmail.com Received: by 10.27.37.212 with SMTP id l203csp1414307wll; Mon, 27 Jul 2015 12:33:27 -0700 (PDT) X-Received: by 10.66.163.201 with SMTP id yk9mr70446240pab.63.1438025606013; Mon, 27 Jul 2015 12:33:26 -0700 (PDT) Return-Path: <www-data@outlook.com> Received: from outlook.com (li857-126.members.linode.com. [139.162.15.126]) by mx.google.com with ESMTP id sl3si46313086pab.135.2015.07.27.12.33.24 for <marilson.mapa@gmail.com>; Mon, 27 Jul 2015 12:33:26 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning www-data@outlook.com does not designate 139.162.15.126 as permitted sender) client-ip=139.162.15.126; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning www-data@outlook.com does not designate 139.162.15.126 as permitted sender) smtp.mail=www-data@outlook.com; dmarc=fail (p=NONE dis=NONE) header.from=yahoo.com.br Date: Mon, 27 Jul 2015 12:33:26 -0700 (PDT) Message-Id: <55b68786.6390420a.bc2ff.7ed3SMTPIN_ADDED_MISSING@mx.google.com> Received: by outlook.com (Postfix, from userid 33) id 5DF82DACD; Mon, 27 Jul 2015 19:33:24 +0000 (UTC) To: marilson.mapa@gmail.com Subject: Cielo Fidelidade - Você possui pontos para resgatar X-PHP-Originating-Script: 0:egyox3fxpm2u8btje5b9n2ssjk.php From: Cielo Resgatar Pontos 802689 mink.shop <zedocarmoreis@yahoo.com.br IP address 139.162.15.126 Address type IPv4 Hostname li857-126.members.linode.com ISP Linode Timezone America/New_York (UTC-4) Local time 02:04:12 Country United States TEXT -----Mensagem Original----- From: Cielo Resgatar Pontos 802689 mink.shop Sent: Monday, July 27, 2015 4:33 PM To: marilson.mapa@gmail.com Subject: Cielo Fidelidade - Você possui pontos para resgatar > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <sahamba@hotmail.com > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <fhoamaral@zipmail.com.br > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <thaiscloss@hotmail.com > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <amorese@gmail.com > MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <rafaelrosass@gmail.com XXXXXXXXXXXXXXX MANY OTHERS XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX MIME-Version: 1.0 Content-type: text/html; charset=iso-8859-1 X-Mailer: Microsoft Office Outlook, Build 17.551210 From: Cielo Resgatar Pontos 802689 mink.shop <marilson.mapa@gmail.com