Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[email] [drugs botnet - Anatrim] (lyvinton.com - bionetiv.net - mocdes.com - kyfell.com - kolpons.com) Be leaner and slimmer by next week

2 views
Skip to first unread message

TomezNet

unread,
Aug 3, 2006, 12:00:15 AM8/3/06
to
Received From:
IP 85.56.79.231 85-56-79-231.sev2.adsl.uni2.es
(at m2dnscache2.net.uni2.es / es.francetelecom.com)

Spamvert:
www.lyvinton.com IP 221.210.8.201
(SBL43348 - SBL44804) (at CNCGROUP-HL)

ns2.bionetiv.net IP 221.210.8.201 => SBL44957 / CNCGROUP-HL
ns1.bionetiv.net IP 221.91.232.126 => BBTEC / softbank.co.jp
ns1.mocdes.com [221.206.5.45] => SBL43348 / SBL44804

Web:
Copyright Anatrim 2006

More Anatrim sightings:
http://groups.google.com/groups/search?q=Anatrim+group%3A*abuse&start=0&scoring=d&

More info below:
====================

X-SID-PRA: Horacio Burt <cardm...@1000kmedia.com>
X-SID-Result: TempError
X-Message-Info: txF49lGdW41yqfUvCVMU6Do4ffszWJ/ZsGbWe7jQbNA=
Received: from tomts38-srv.bellnexxia.net ([209.226.175.95]) by
bay0-pamc1-f5.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Wed, 2 Aug 2006 16:22:51 -0700
Received: from xx..xx..xx.net ([207.58.1....])
by toip4.bellnexxia.net with ESMTP; 02 Aug 2006 19:22:50 -0400
Message-Id: <578r3m$nmc...@toip4.bellnexxia.net>
Received: (qmail 11585 invoked by uid 110); 2 Aug 2006 19:22:49 -0400
Delivered-To: xx..xx@xx..xx.com
Received: (qmail 11565 invoked from network); 2 Aug 2006 19:22:49 -0400
Received: from 85-56-79-231.sev2.adsl.uni2.es (HELO SpeedTouch.lan)
(85.56.79.231)
by xx..xx..xx.net with SMTP; 2 Aug 2006 19:22:49 -0400
From: "Horacio Burt" <cardm...@1000kmedia.com>
To: xx..xx@xx..xx.com
Subject: Be leaner and slimmer by next week
Date: Wed, 2 Aug 2006 23:22:39 -0060
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_006A_01C6B69B.4F817C70"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.3790.1830
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Return-Path: cardm...@1000kmedia.com
X-OriginalArrivalTime: 02 Aug 2006 23:22:51.0517 (UTC)
FILETIME=[93083AD0:01C6B68A]

This is a multi-part message in MIME format.

------=_NextPart_000_006A_01C6B69B.4F817C70
Content-Type: text/plain;
charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

Anatrim -- The newest and most exciting fat loss product available -
As=20
scen on Oprah
Did you know obesity kills more and more people every year? We know you
hate the extra pounds, the ugly look and the social stigmata
attached=20
to
fat people. Moreover, you can barely do anything about the craving
for=20
more food.
This all sounds familiar? Then we have something for you!
Introducing Anatrim, the ultimate product for weight loss. The greatest
thing is that Anatrim improves the quality of your life, making you
crave food less, giving you better mood and eliminating the extra
weight. Read what people say about this product:"This is wonderful!=20
Instead of watching TV and stuffing myself with food
I became more interested in exercise. Anatrim got me on the right=20
track.
I am more fit now, and there are lots of men around me!"Victoria K.,=20
Colorado"I tried some passive weight losing, you know, but with
little=20
result.
This terrible appetite would just kick in and spoil everything. Once I
heard about Anatrim in the media, and I rather liked the information. I
tried using it, and my wife said I'm a different person now, 4 months
later. 30 pounds off and I keep losing them! And you know, the bedroom
thing is cool, too."Steve Doubt, Colorado
Anatrim helps your brain understand you don't need that much food. It
improves your mood, gives you energy and attacks obesity. All thanks to
its natural blend!Find out more about this great product now!Remove
you=20
e-mail

------=_NextPart_000_006A_01C6B69B.4F817C70
Content-Type: text/html;
charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html;
charset=windows-1250">
<META content="MSHTML 6.00.3790.1830" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY><html>
<body>
<font size=3D"4">
<center>
<b>
<a href=3D"http://www.lyvinton.com/">Anatrim -- The newest and most=20
exciting fat loss product available - As scen on Oprah</a>
</center>
</font>
<br>
<br>
Did you know obesity kills more and more people every year? We know you
hate the extra pounds, the ugly look and the social stigmata
attached=20
to
fat people. Moreover, you can barely do anything about the craving
for=20
more food.
This all sounds familiar? Then we have something for you!<br>
<br>
Introducing Anatrim, the ultimate product for weight loss. The greatest
thing is that Anatrim improves the quality of your life, making you
crave food less, giving you better mood and eliminating the extra
weight. Read what people say about this product:<br>
<br>
<i>"This is wonderful! Instead of watching TV and stuffing myself
with=20
food
I became more interested in exercise. Anatrim got me on the right=20
track.
I am more fit now, and there are lots of men around me!"</i>
<p align=3Dright>Victoria K., Colorado</p>
<i>"I tried some passive weight losing, you know, but with little=20
result.
This terrible appetite would just kick in and spoil everything. Once I
heard about Anatrim in the media, and I rather liked the information. I
tried using it, and my wife said I'm a different person now, 4 months
later. 30 pounds off and I keep losing them! And you know, the bedroom
thing is cool, too."</i>
<p align=3Dright>Steve Doubt, Colorado</p>
Anatrim helps your brain understand you don't need that much food. It
improves your mood, gives you energy and attacks obesity. All thanks to
its natural blend!<br>
<br>
<br>
<font size=3D"4">
<center>
<a href=3D"http://www.lyvinton.com/">Find out more about this great=20
product now!</a>
</center>
</font>
</b>
<br>
<br>
<br>
<br>
<br>
<font size=3D"2">
<a href=3D"http://www.lyvinton.com/u.php">Remove you e-mail</a>
</font>
</body>
</html></BODY></HTML>

------=_NextPart_000_006A_01C6B69B.4F817C70--


-- END OF SPAM --

See:
IP 85.56.79.231 85-56-79-231.sev2.adsl.uni2.es

http://www.moensted.dk/spam/?addr=85.56.79.231
http://cbl.abuseat.org/lookup.cgi?ip=85.56.79.231
http://www.spamhaus.org/query/bl?ip=85.56.79.231
http://spamcop.net/w3m?action=checkblock&ip=85.56.79.231

inetnum: 85.56.0.0 - 85.59.255.255
netname: UNI2-NET
descr: Addresses IP for Home clients
descr: Uni2 - Woo
country: ES [Spain]

route: 85.48.0.0/12
descr: Uni2 PA Block 1
origin: AS12479
mnt-by: UNI2-MNT
changed: admin...@uni2.es 20041014
changed: admin...@es.francetelecom.com
ASN: 12479
ASN Name: UNI2-AS (Uni2 Autonomous System)
Country IP Range: 85.48.0.0 to 85.63.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=12479

6 SBL listings for IPs under the responsibility of es.francetelecom.com
http://www.spamhaus.org/sbl/listings.lasso?isp=es.francetelecom.com

See:
www.lyvinton.com IP 221.210.8.201
ns2.bionetiv.net A IN 128037 221.210.8.201
ns1.bionetiv.net A IN 128037 221.91.232.126
ns1.mocdes.com [221.206.5.45]

www.lyvinton.com has no MX records -> [lyvinton.com has 1 MX record
relay.lyvinton.com (10)]

http://www.moensted.dk/spam/?addr=221.206.5.45
http://www.spamhaus.org/query/bl?ip=221.206.5.45

More 221.206.5.45 sightings:
http://groups.google.com/groups/search?q=221.206.5.45+group%3A*abuse

inetnum: 221.206.0.0 - 221.206.255.255
netname: CNCGROUP-HL
descr: CNCGROUP Heilongjiang Province Network

route: 221.206.0.0/16
descr: CNC Group CHINA169 Heilongjiang Province Network
country: CN
origin: AS4837
ASN: 4837
ASN Name: CHINA169-Backbone (CNCGROUP China169 Backbone)
Country IP Range: 221.200.0.0 to 221.207.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=4837

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL43348
221.206.5.0/24 is listed on the Spamhaus Block List (SBL)

14-Jun-2006 00:50 GMT | SR04

Dirty block

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL44804
221.206.0.0/16 is listed on the Spamhaus Block List (SBL)

25-Jul-2006 08:01 GMT | SR02

CNCGROUP-HL province network (escalated listing)

98 SBL/ROKSO listings for IPs under the responsibility of cncgroup-hl
http://www.spamhaus.org/sbl/listings.lasso?isp=cncgroup-hl

Let see whois:
Registrar: ONLINENIC, INC.

Registrant:
liu fang admin[]kolpons.com +86.2083219992
liu
guang zhou tian he
guang zhou,guang dong,China 516000

Domain Name:lyvinton.com
Record last updated at 2006-08-02 12:36:53
Record created on 2006/7/26
Record expired on 2007/7/26

Domain servers in listed order:
ns2.bionetiv.net ns1.mocdes.com

Administrator:
Name-- liu fang
EMail-: (ad...@kolpons.com)
tel --: +86.2083219992
org: liu fang
guang zhou tian he
guang zhou,guang dong,CN 516000

Technical Contactor:
Name-- liu fang
EMail-: (ad...@kolpons.com)
tel --: +86.2083219992
org: liu fang
guang zhou tian he
guang zhou,guang dong,CN 516000

Billing Contactor:
Name-- liu fang
EMail-: (ad...@kolpons.com)
tel --: +86.2083219992
org: liu fang
guang zhou tian he
guang zhou,guang dong,CN 516000

See:
ns2.bionetiv.net IP 221.210.8.201

ns2.bionetiv.net has no MX records -> bionetiv.net has no MX records

http://www.moensted.dk/spam/?addr=221.210.8.201
http://www.spamhaus.org/query/bl?ip=221.210.8.201

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL44957
221.208.0.0/14 is listed on the Spamhaus Block List (SBL)

28-Jul-2006 06:34 GMT | SR02

CNCGROUP-HL province network (escalated listing)

Let see whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN

Domain Name.......... bionetiv.net
Creation Date........ 2006-07-27 01:43:20
Registration Date.... 2006-07-27 01:43:20
Expiry Date.......... 2007-07-27 01:43:20
Organisation Name.... liu hao
Organisation Address. guang zhou
Organisation Address.
Organisation Address. guang zhou
Organisation Address. 516000
Organisation Address. GD
Organisation Address. CN

Admin Name........... liu hao
Admin Address........ guang zhou
Admin Address........
Admin Address........ guang zhou
Admin Address........ 516000
Admin Address........ GD
Admin Address........ CN
Admin Email.......... admin[]linglof.net
Admin Phone.......... +86.203210000
Admin Fax............ +86.203210000

Tech Name............ liu hao
Tech Address......... guang zhou
Tech Address.........
Tech Address......... guang zhou
Tech Address......... 516000
Tech Address......... GD
Tech Address......... CN
Tech Email........... ad...@linglof.net
Tech Phone........... +86.203210000
Tech Fax............. +86.203210000

Bill Name............ liu hao
Bill Address......... guang zhou
Bill Address.........
Bill Address......... guang zhou
Bill Address......... 516000
Bill Address......... GD
Bill Address......... CN
Bill Email........... ad...@linglof.net
Bill Phone........... +86.203210000
Bill Fax............. +86.203210000
Name Server.......... ns2.bionetiv.net [221.210.8.201]
Name Server.......... ns1.bionetiv.net [221.91.232.126]

See:
ns1.bionetiv.net IP 221.91.232.126

http://www.moensted.dk/spam/?addr=221.91.232.126

inetnum: 221.16.0.0 - 221.111.255.255
netname: BBTEC / softbank.co.jp
descr: Japan nation-wide Network of SOFTBANK BB Corp.
country: JP

route: 221.91.0.0/16
descr: BBT-CIDR-BLOCK
origin: AS17676
notify: ad...@bbtec.net
route: 221.91.0.0/16
descr: Yahoo BB CIDR BLOCK
origin: AS17676
mnt-by: MAINT-AS17676
changed: mka...@bb.softbank.co.jp
ASN: 17676
ASN Name: JPNIC-JP-ASN-BLOCK (Japan Network Information Center)
Country IP Range: 221.64.0.0 to 221.95.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=17676

5 SBL/ROKSO listings for IPs under the responsibility of softbank.co.jp
http://www.spamhaus.org/sbl/listings.lasso?isp=softbank.co.jp

See:
ns1.mocdes.com IP 221.206.5.45

ns1.mocdes.com has no MX records -> mocdes.com has no MX records

http://www.moensted.dk/spam/?addr=221.206.5.45
http://www.spamhaus.org/query/bl?ip=221.206.5.45

Listed:
SBL43348 / SBL44804

More 221.206.5.45 sightings:
http://groups.google.com/groups/search?q=221.206.5.45+group%3A*abuse

Let see whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN

Domain Name.......... mocdes.com
Creation Date........ 2006-06-27 02:41:09
Registration Date.... 2006-06-27 02:41:09
Expiry Date.......... 2007-06-27 02:41:09
Organisation Name.... shi jun
Organisation Address. nan chang
Organisation Address.
Organisation Address. nan chang
Organisation Address. 321000
Organisation Address. JX
Organisation Address. CN

Admin Name........... shi jun
Admin Address........ nan chang
Admin Address........
Admin Address........ nan chang
Admin Address........ 321000
Admin Address........ JX
Admin Address........ CN
Admin Email.......... admin[]kyfell.com
Admin Phone.......... +86.79832110002
Admin Fax............ +86.79832110002

Tech Name............ shi jun
Tech Address......... nan chang
Tech Address.........
Tech Address......... nan chang
Tech Address......... 321000
Tech Address......... JX
Tech Address......... CN
Tech Email........... ad...@kyfell.com
Tech Phone........... +86.79832110002
Tech Fax............. +86.79832110002

Bill Name............ shi jun
Bill Address......... nan chang
Bill Address.........
Bill Address......... nan chang
Bill Address......... 321000
Bill Address......... JX
Bill Address......... CN
Bill Email........... ad...@kyfell.com
Bill Phone........... +86.79832110002
Bill Fax............. +86.79832110002
Name Server.......... ns2.mocdes.com [58.20.179.3]
Name Server.......... ns1.mocdes.com [221.206.5.45]

More mocdes.com sightings:
http://groups.google.com/groups/search?q=mocdes.com+group%3A*abuse


See additional spammer domains from registration:

kolpons.com

Let see whois:
Registrar: ONLINENIC, INC.
DNS Servers:
ns1.mocdes.com [221.206.5.45]
ns2.bionetiv.net [221.210.8.201]

Registrant:
liu fang ad...@kolpons.com +86.2083219992
liu
guang zhou tian he
guang zhou,guang dong,China 516000

Domain Name:kolpons.com
Record last updated at 2006-08-02 10:30:08
Record created on 2006/7/26
Record expired on 2007/7/26

Domain servers in listed order:
ns2.bionetiv.net ns1.mocdes.com

Administrator:
name: liu fang
mail: ad...@kolpons.com tel: +86.2083219992
org: liu fang

address: guang zhou tian he
city: guang zhou
,province: guang dong
,country: CN
postcode: 516000

Technical Contactor:
name: liu fang
mail: ad...@kolpons.com tel: +86.2083219992
org: liu fang

address: guang zhou tian he
city: guang zhou
,province: guang dong
,country: CN
postcode: 516000

Billing Contactor:
name: liu fang
mail: ad...@kolpons.com tel: +86.2083219992
org: liu fang

address: guang zhou tian he
city: guang zhou
,province: guang dong
,country: CN
postcode: 516000

See:
kyfell.com
Resolved kyfell.com to 68.52.156.252 to 82.225.72.182 to 82.241.133.40
to 222.79.57.84 to 222.79.148.49

kyfell.com has no MX records

68.52.156.252 PTR record: c-68-52-156-252.hsd1.tn.comcast.net
DNS.CMC.CO.DENVER.COMCAST.NET

82.225.72.182 PTR record: hel59-2-82-225-72-182.fbx.proxad.net
ns3-rev.proxad.net / ns0.proxad.net

82.241.133.40 PTR record: lie77-2-82-241-133-40.fbx.proxad.net
ns2-rev.proxad.net / ns0.proxad.net

222.79.57.84 PTR record: pc84.broad.dynamic.fz.fj.cn.cndata.com
dns.fz.fj.cn

222.79.148.49 PTR record: pc49.broad.dynamic.qz.fj.cn.cndata.com
dns2.qz.fj.cn

Let see whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN

Domain Name.......... kyfell.com
Creation Date........ 2006-06-27 02:41:23
Registration Date.... 2006-06-27 02:41:23
Expiry Date.......... 2007-06-27 02:41:23
Organisation Name.... shi jun
Organisation Address. nan chang
Organisation Address.
Organisation Address. nan chang
Organisation Address. 321000
Organisation Address. JX
Organisation Address. CN

Admin Name........... shi jun
Admin Address........ nan chang
Admin Address........
Admin Address........ nan chang
Admin Address........ 321000
Admin Address........ JX
Admin Address........ CN
Admin Email.......... ad...@kyfell.com
Admin Phone.......... +86.79832110002
Admin Fax............ +86.79832110002

Tech Name............ shi jun
Tech Address......... nan chang
Tech Address.........
Tech Address......... nan chang
Tech Address......... 321000
Tech Address......... JX
Tech Address......... CN
Tech Email........... ad...@kyfell.com
Tech Phone........... +86.79832110002
Tech Fax............. +86.79832110002

Bill Name............ shi jun
Bill Address......... nan chang
Bill Address.........
Bill Address......... nan chang
Bill Address......... 321000
Bill Address......... JX
Bill Address......... CN
Bill Email........... ad...@kyfell.com
Bill Phone........... +86.79832110002
Bill Fax............. +86.79832110002
Name Server.......... ns4.perfectmov.com [222.79.148.49]
Name Server.......... ns2.insanepope.com [210.213.142.71]
Name Server.......... ns1.insanepope.com [61.207.228.19]
Name Server.......... ns5.perfectmov.com [86.66.164.44]

More kyfell.com sightings:
http://groups.google.com/groups/search?q=kyfell.com+group%3A*abuse&start=0&scoring=d&

Cheers, Tomez

--
All postings to news.admin.net-abuse.sightings are unconfirmed and
unverified unless stated otherwise by the moderators. All opinions
expressed above are considered the opinions of the original poster,
not the moderators or their respective employers.

For a copy of the guidelines to this group, see:

http://www.killfile.org/~tskirvin/nana/

0 new messages