Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[email] [software piracy] [71.195.166.48] (kukun-oem.com / srul5.com - PacNames) Corel Draw

0 views
Skip to first unread message

TomezNet

unread,
Jan 7, 2007, 7:01:03 PM1/7/07
to
Received From:
IP 71.195.166.48
(at DNS.CMC.CO.DENVER.COMCAST.NET)

Spamvert:
kukun-oem.com IP 203.186.128.18
(SBL49519 - ROK6138 Polyakov) (at ctinets.com / ns1o.ctihk.com)

See Much More the same spammer sightings:
http://groups.google.com/groups/search?q=%22XSALSA%40%22+group%3A*abuse&start=0&scoring=d&

Received at an address harvested from this abuse group.

More info below:
====================

X-Apparently-To: [MUNGED] via 216.252.100.175; Sat, 06 Jan 2007
18:56:20 -0800
X-YahooFilteredBulk: 71.195.166.48
X-Originating-IP: [71.195.166.48]
Return-Path: <sekmh...@fireplaceexpress.com>
Authentication-Results: mta185.mail.re4.yahoo.com
from=fireplaceexpress.com; domainkeys=neutral (no sig)
Received: from 71.195.166.48 (HELO localhost) (71.195.166.48) by
mta185.mail.re4.yahoo.com with SMTP; Sat, 06 Jan 2007 18:56:20 -0800
Message-ID: <000001c73207$4ceb5700$0100007f@localhost>
From: "Carter Ramirez" <sekmh...@fireplaceexpress.com>
To: [MUNGED]
Subject: Corel Draw
Date: Sat, 06 Jan 2007 18:56:33 -0800
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3160
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.200
Content-Length: 654

Christmas discounts! Special New Year offers!
T0P 1O ITEMS N0W!

$79 Microsoft Windows Vista Ultimate
$79 MS Office Enterprise 2007
$79 Adobe Acrobat 8 Pro
$49 Windows XP Pro w/SP2
$99 Macromedia Studio 8
$59 Adobe Premiere 2.0
$59 Corel Grafix Suite X3
$59 Adobe Illustrator CS2
$129 Autodesk Autocad 2007
$149 Adobe Creative Suite 2

http://kukun-oem.com/?488F6C08B3C9FBDD5A4B40E282391434538D&t0

See more by this manufacturers:
Microsoft....Mac....Adobe....Borland....Macromedia
http://kukun-oem.com/?488F6C08B3C9FBDD5A4B40E282391434538D&t4

Microsoft Windows Vista Ultimate
Retail price: $399.00
Proposition: $79.95
Your benefit: $319.05 (80%)
Availability: Can be downloaded INSTANTLY.

http://kukun-oem.com/2480.php?488F6C08B3C9FBDD5A4B40E282391434538D&t3
Best choice for home and professional. (46862 reviews)

Microsoft Office 2007 Enterprise Edition
Regular price: $899.00
Our offer: $79.95
You save: $819.95 (89%)
Availability: Pay and download instantly.

http://kukun-oem.com/2442.php?488F6C08B3C9FBDD5A4B40E282391434538D&t1
Sales Rank: #1 (101912 reviews)

Adobe Acrobat 8.0 Professional
Market price: $449.00
We propose: $79.95
Your profit: $369.05 (80%)
Availability: Available for INSTANT download.

http://kukun-oem.com/2441.php?488F6C08B3C9FBDD5A4B40E282391434538D&t2
Top-ranked item. (25739 reviews)

-- END OF SPAM --

See also more spammer OEM Software sightings:
http://groups.google.com/groups/search?q=%22OEM+Software%22+group%3A*abuse&start=0&scoring=d&

See:
IP 71.195.166.48 c-71-195-166-48.hsd1.ma.comcast.net and
c-71-195-166-48.hsd1.ca.comcast.net

http://www.moensted.dk/spam/?addr=71.195.166.48
http://cbl.abuseat.org/lookup.cgi?ip=71.195.166.48
http://www.spamhaus.org/query/bl?ip=71.195.166.48
http://spamcop.net/w3m?action=checkblock&ip=71.195.166.48
Exploitable Server See: http://www.sorbs.net/lookup.shtml?71.195.166.48

Comcast Cable Communications, Inc. ATT-COMCAST (NET-71-192-0-0-1)
71.192.0.0 - 71.207.255.255
Comcast Cable Communications, Inc. FRESNO-8 (NET-71-195-160-0-1)
71.195.160.0 - 71.195.191.255

NetRange: 71.195.160.0 - 71.195.191.255
CIDR: 71.195.160.0/19
NetName: FRESNO-8
NetHandle: NET-71-195-160-0-1
Parent: NET-71-192-0-0-1
OrgTechHandle: IC161-ARIN
OrgTechName: Comcast Cable Communications Inc
OrgTechPhone: +1-856-317-7200
OrgTechEmail: CNIPEO-Ip-r...@cable.comcast.com
OrgAbuseName: Network Abuse and Policy Observance => it is still only
Observing

More comcast.net sightings:
http://groups.google.com/groups/search?q=comcast.net+group%3A*abuse&start=0&scoring=d&

route: 71.195.160.0/19
descr: Comcast Cable Communications, Inc.
1800 Bishops Gate Blvd
Mt Laurel, NJ 08054
origin: AS33651
mnt-by: MNT-CMCS
changed: tony_...@nospam.cable.comc
ASN: 33651
ASN Name: IANA-RSVD-0
Country (per IP registrar): US [United States]
Country IP Range: 71.192.0.0 to 71.255.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=24863

23 SBL/ROKSO listings for IPs under the responsibility of comcast.net
http://www.spamhaus.org/sbl/listings.lasso?isp=comcast.net

See:
kukun-oem.com IP 203.186.128.18
ns1.srul5.com [203.186.128.18] [TTL=172800] [HK] (OLS IP
222.122.180.189)
ns2.srul5.com [121.31.56.28] [TTL=172800] [CN]

NS records at your nameservers are:
ns1.kukun-oem.com [203.186.128.18] [TTL=3600]
ns2.kukun-oem.com [121.31.56.28] [TTL=3600]

kukun-oem.com has no MX records

SOA record [TTL=2560] is:
Primary nameserver: ns1.kukun-oem.com
Hostmaster E-mail address: hostm...@kukun-oem.com
Serial #: 1168122920

http://www.moensted.dk/spam/?addr=203.186.128.18
http://www.spamhaus.org/query/bl?ip=203.186.128.18

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL49748
203.186.128.18/32 is listed on the Spamhaus Block List (SBL)

04-Jan-2007 09:33 GMT | SR02

ecentralmed.com

12 SBL/ROKSO listings for IPs under the responsibility of ctihk.com
http://www.spamhaus.org/sbl/listings.lasso?isp=ctihk.com

More 203.186.128.18 sightings:
http://groups.google.com/groups/search?q=
203.186.128.18+group%3A*abuse&start=0&scoring=d&

203.186.128.18 PTR record: 203186128018.ctinets.com

inetnum: 203.186.128.16 - 203.186.128.31
netname: HK82COM
country: HK
descr: HK82.com - Tsuen Wan
admin-c: CH134-AP
tech-c: SL113-AP
status: ASSIGNED NON-PORTABLE
changed: ken...@ctihk.com 20031028
mnt-by: MAINT-HK-CTI
source: APNIC
person: CTINETS HOSTMASTER
person: Sam Leung
nic-hdl: SL113-AP
e-mail: fio...@ctihk.com
changed: hostm...@ctihk.com 20040707
mnt-by: MAINT-HK-CTI

route: 203.186.128.0/24
descr: 9/F Tower I, Grand Century Place
193 Prince Edward Road West, Mongkok
HK
origin: AS9269
mnt-by: MAINT-AS9269
changed: saml...@ctihk.com
ASN: 9269
ASN Name: CTIHK-AS-AP (City Telecom (H.K.) Ltd.)
Country (per IP registrar): HK [Hong Kong]
Country IP Range: 203.186.0.0 to 203.186.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=9269

Let see whois:
Registrar: CAPITAL NETWORKS PTY LTD

Constant spammer support by PacNames sightings:
http://groups.google.com/groups/search?q=PacNames+group%3A*abuse&start=0&scoring=d&

Registrant hiding behind PacNames => shieldedwhois.com

Domain name: KUKUN-OEM.COM
Registrar: PacNames
Referral URL: http://www.pacnames.com/

Domain Registrant: (Private Contact)
(pws.57d8c...@shieldedwhois.com)
Shielded Whois
Shielded WHOIS
PO Box 2076
Arvada CO 80001
US

Telephone: +1.5016348793
Fax:

Administrative, Technical Contact: (Private Contact)
(pws.57d8c...@shieldedwhois.com)
Shielded Whois
Shielded WHOIS
PO Box 2076
Arvada CO 80001
US

Telephone: +1.5016348793
Fax:

Name Server: NS1.SRUL5.COM
Name Server: NS2.SRUL5.COM

Domain creaton date: 2007-01-02 00:59:38.0
Domain expiration date: 2008-01-02 06:14:13.0

More kukun-oem.com sightings:
http://groups.google.com/groups/search?q=kukun-oem.com+group%3A*abuse&start=0&scoring=d&

See also more srul5.com sightings:
http://groups.google.com/groups/search?q=srul5.com+group%3A*abuse&start=0&scoring=d&

Read more:
http://groups.google.com/group/news.admin.net-abuse.sightings/msg/9a799a2d11de7b58

Cheers, Tomez

--
All postings to news.admin.net-abuse.sightings are unconfirmed and
unverified unless stated otherwise by the moderators. All opinions
expressed above are considered the opinions of the original poster,
not the moderators or their respective employers.

For a copy of the guidelines to this group, see:

http://www.killfile.org/~tskirvin/nana/

0 new messages