Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[email] [software piracy] [196.217.149.38] (nasdaqnelamer.com / sobaka-soft.com / canadian-rxx.net) For [MUNGED]

0 views
Skip to first unread message

TomezNet

unread,
Mar 6, 2007, 1:01:47 AM3/6/07
to
Received From:
IP 196.217.149.38 adsl196-38-149-217-196.adsl196-13.iam.net.ma
(at dns2.iam.net.ma / menara.ma)

Spamvert:
nasdaqnelamer.com IP 58.83.4.160
(SBL51894 - SBL51895 - SBL51900) (at hylink-cn / chinanetlink.com /
APNIC)

More Alex Rodrigez software piracy sightings:
http://groups.google.com/groups/search?q=%22Alex+Rodrigez%22+group%3A*abuse&start=0&scoring=d&

More info below:
====================

X-SID-PRA: Vanessa JEFFERY <dogmati...@cathedralacademy.com>
X-Message-Info: txF49lGdW405+Xj+lcEYO5xUwIm1nkf4otWUQdDhShI=
Received: from tomts17-srv.bellnexxia.net ([209.226.175.71]) by bay0-
pamc1-f7.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444);
Mon, 5 Mar 2007 14:14:54 -0800
Received: from [MUNGED]
by toip19.srvr.bell.ca with ESMTP; 05 Mar 2007 17:14:45 -0500
Received: (qmail 13318 invoked by uid 110); 5 Mar 2007 17:14:45 -0500
Delivered-To: [MUNGED]
Received: (qmail 12082 invoked from network); 5 Mar 2007 17:14:26
-0500
Received: from adsl196-38-149-217-196.adsl196-13.iam.net.ma (HELO user-
xcer5wg3vs) (196.217.149.38)
by [MUNGED] with SMTP; 5 Mar 2007 17:14:26 -0500
Return-Path: <dogmati...@cathedralacademy.com>
Received: from 65.23.10.155 (HELO MAIL.cathedralacademy.com)
by [MUNGED] with esmtp (<1-8A1B?@8W. *O5-)
id ,3PV)<-2)8D1Y-H2
for [MUNGED]; Mon, 5 Mar 2007 22:14:21 +0000
From: "Vanessa JEFFERY" <dogmati...@cathedralacademy.com>
To: <[MUNGED]>
Subject: For [MUNGED]
Date: Mon, 5 Mar 2007 22:14:21 +0000
Message-ID: <01c75f73$a0358bd0$6c822ecf@dogmatistwaggle>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01C75F73.A0358BD0"
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Thread-Index: Aca6Q33E1FWQ24/38;LT3/0<=2QJSL==
X-OriginalArrivalTime: 05 Mar 2007 22:14:54.0328 (UTC)
FILETIME=[B3A6CF80:01C75F73]

This is a multi-part message in MIME format.

------=_NextPart_000_0006_01C75F73.A0358BD0
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 7bit

Downloadable Software (DS) is a fast-paced company providing high
quality software. You've come to the right place if you need
professionally implemented programming solutions for your usage.
Thousands of happy customers have already benefited from our soft
and solutions. Hundreds are joining this community every day.
We deliver superior software products and services that empower our
partners and customers to dramatically improve their development,
deployment, integration and management of quality applications
worldwide.VIEW ALL PRODUCTSMost popular OEM products:Microsoft Windows
Vista Business
Retail Price $299.00
Our $79.95Microsoft Office 2007 Enterprise
Retail Price $899.00
Our $79.95Macromedia Dreamweaver 8
Retail Price $399.99
Our $49.95Adobe Creative Suite 2 Premium for Windows
Retail Price $1199.00
Our $149.95Microsoft Office 2003 Professional with Business
Contact Manager for Outlook
Retail Price $550.00
Our $69.95Adobe Illustrator CS2
Retail Price $499.00
Our $59.95 Adobe Premiere 2.0
Retail Price $849.00
Our $59.95 CorelDraw Graphics Suite X3
Retail Price $399.00
Our $59.95 Macromedia Studio 8
Retail Price 999.00
Our 99.95 Autodesk AutoCAD 2007
Retail Price $3995.00
Our $129.95Intuit QuickBooks 2006 Premier Edition
Retail Price $399.95
Our $69.95 Avid Liquid Pro 7
Retail Price $999.00
Our $69.95Adobe Acrobat 8.0 Professional
Retail Price $449.00
Our $79.95Microsoft Money Home &amp; Business 7
Retail Price $89.90
Our $39.95 MS \/\/indo\/\/s XP Professional with SP2
Retail Price $269.99
Our $49.95Adobe Photoshop CS2 V 9.0
Retail Price $599.00
Our $69.95 MicrÓsoft Office XP Professional
Retail Price $499.00
Our $49.95VIEW ALL PRODUCTS


------=_NextPart_000_0006_01C75F73.A0358BD0
Content-Type: text/html;
charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office"
xmlns:w=3D"urn:sc=
hemas-microsoft-com:office:word" xmlns=3D"http://www.w3.org/TR/REC-
html40">

<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html;
charset=3Diso-8859-2">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered
medium)">
</head>
<body>
<body>
<p><strong>Downloadable Software</strong> (DS) is a fast-paced company
prov=
iding <strong>high quality software</strong>. You've come to the right
plac=
e if you need professionally implemented programming solutions for
your usa=
ge. Thousands of <strong>happy customers</strong> have already
benefited =
from our soft and solutions. Hundreds are <strong>joining this
community</s=
trong> every day.<br />
We deliver superior software products and services that empower our
partner=
s and customers to dramatically improve their development,
deployment, in=
tegration and management of quality applications worldwide.</p>
<p><a href=3D"http://nasdaqnelamer.com/"><strong>VIEW ALL PRODUCTS</
strong>=
</a></p>
<p><strong>Most popular OEM products</strong>:</p>
<p><strong>Microsoft Windows Vista Business</strong><br>
<em>Retail Price $299.00</em><br>
<strong>Our $79.95</strong></p>
<p><strong>Microsoft Office 2007 Enterprise</strong> <br>
<em>Retail Price $899.00</em><br>
<strong>Our $79.95</strong></p>
<p><strong>Macromedia Dreamweaver 8</strong><br>
<em>Retail Price $399.99</em><br>
<strong>Our $49.95</strong></p>
<p><strong>Adobe Creative Suite 2 Premium for Windows</strong> <br>
<em>Retail Price $1199.00</em><br>
<strong>Our $149.95</strong></p>
<p><strong>Microsoft Office 2003 Professional with Business Contact
Manager=
for Outlook</strong><br>
<em>Retail Price $550.00</em><br>
<strong>Our $69.95</strong></p>
<p><strong>Adobe Illustrator CS2 </strong><br>
<em>Retail Price $499.00</em><br>
<strong>Our $59.95 </strong></p>
<p><strong>Adobe Premiere 2.0 </strong><br>
<em>Retail Price $849.00</em><br>
<strong>Our $59.95 </strong></p>
<p><strong>CorelDraw Graphics Suite X3</strong><br>
<em>Retail Price $399.00</em><br>
<strong>Our $59.95 </strong></p>
<p><strong>Macromedia Studio 8</strong><br>
<em>Retail Price 999.00</em><br>
<strong>Our 99.95 </strong></p>
<p><strong>Autodesk AutoCAD 2007 </strong><br>
<em>Retail Price $3995.00</em><br>
<strong>Our $129.95</strong></p>
<p><strong>Intuit QuickBooks 2006 Premier Edition</strong> <br>
<em>Retail Price $399.95</em><br>
<strong>Our $69.95 </strong></p>
<p><strong>Avid Liquid Pro 7 </strong><br>
<em>Retail Price $999.00</em><br>
<strong>Our $69.95</strong></p>
<p><strong>Adobe Acrobat 8.0 Professional</strong> <br>
<em>Retail Price $449.00</em><br>
<strong>Our $79.95</strong></p>
<p><strong>Microsoft Money Home &amp; Business 7 </strong><br>
<em>Retail Price $89.90</em><br>
<strong>Our $39.95 </strong></p>
<p><strong>MS \/\/indo\/\/s XP Professional with SP2 </strong><br>
<em>Retail Price $269.99</em><br>
<strong>Our $49.95</strong></p>
<p><strong>Adobe Photoshop CS2 V 9.0 </strong><br>
<em>Retail Price $599.00</em><br>
<strong>Our $69.95 </strong></p>
<p><strong>Micr=EEsoft Office XP Professional </strong><br>
<em>Retail Price $499.00</em><br>
<strong>Our $49.95</strong></p>
<p><a href=3D"http://nasdaqnelamer.com/"><strong>VIEW ALL PRODUCTS</
strong>=
</a></p>
</body>
</body>
</html>

------=_NextPart_000_0006_01C75F73.A0358BD0--

-- END OF SPAM --

See:
IP 196.217.149.38 adsl196-38-149-217-196.adsl196-13.iam.net.ma

http://www.moensted.dk/spam/?addr=196.217.149.38
http://www.spamhaus.org/query/bl?ip=196.217.149.38
http://www.spamhaus.org/pbl/query/PBL059894
http://cbl.abuseat.org/lookup.cgi?ip=196.217.149.38
Bad host, no cookie - see http://njabl.org/lookup?196.217.149.38
http://www.apews.org/?page=test&C=2&E=44644&ip=196.217.149.38
http://spamcop.net/w3m?action=checkblock&ip=196.217.149.38

postmaster and abuse[]iam.net.ma are listed in rfc-ignorant.org
database
postmaster and abuse[]menara.ma are listed in rfc-ignorant.org
database

inetnum: 196.217.128.0 - 196.217.191.255
netname: IAM
descr: ADSL subscriber - Casa and south morocoo

ASN: 6713
ASN Name: IAM-AS (Itissalat Al-MAGHRIB)
Country (per IP registrar): MA [Morocco]
Country IP Range: 196.217.0.0 to 196.217.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=6713

3 SBL listings for IPs under the responsibility of iam.net.ma
http://www.spamhaus.org/sbl/listings.lasso?isp=iam.net.ma

See:
nasdaqnelamer.com IP 58.83.4.160
ns1.sobaka-soft.com [58.83.4.160] [TTL=172800] [CN]
ns2.sobaka-soft.com [195.189.81.174] [TTL=172800] [RU]

NS records at your nameservers are:
ns1.nasdaqnelamer.com [58.83.4.160] [TTL=3600]
ns2.nasdaqnelamer.com [195.189.81.174] [TTL=3600]

SOA record [TTL=2560] is:
Primary nameserver: ns1.nasdaqnelamer.com
Hostmaster E-mail address: hostm...@nasdaqnelamer.com
Serial #: 1173118655

nasdaqnelamer.com has no MX records

http://www.moensted.dk/spam/?addr=58.83.4.160
Escalated Listing (Spam or Spam Support) See: http://www.sorbs.net/lookup.shtml?58.83.4.160
http://www.spamhaus.org/query/bl?ip=58.83.4.160

More 58.83.4.160 sightings:
http://groups.google.com/groups/search?q=58.83.4.160+group%3A*abuse

inetnum: 58.83.4.0 - 58.83.7.255
netname: hylink-cn
descr: henyang hylink technology co., LTD
country: CN
mnt-lower: MAINT-CN-HYLINK
remarks: please send spam reports to w...@chinanetlink.com
changed: BLUESKY...@163.COM

person: lusheng wang
nic-hdl: LW935-AP
e-mail: w...@chinanetlink.com

Prefix: 58.83.4.0/22
AS: 4837
AS Name: China Network Communications Group China Network
Communications (CNC Group)
http://www.cidr-report.org/cgi-bin/as-report?as=4837

Aliases on the same IP:
al.unchets.eu
unchets.eu
ns1.unchets.eu

ASN: 4134
ASN Name: CHINANET-BACKBONE (No.31,Jin-rong Street)
Country (per IP registrar): CN [China]
Country IP Range: 58.82.0.0 to 58.83.255.255
http://www.cidr-report.org/cgi-bin/as-report?as=4134

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51894
58.83.4.160/32 is listed on the Spamhaus Block List (SBL)

03-Mar-2007 06:10 GMT | SR02

bulletproof hosting

7 SBL/ROKSO listings for IPs under the responsibility of hylink-cn
http://www.spamhaus.org/sbl/listings.lasso?isp=hylink-cn

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51895
58.83.4.0/22 is listed on the Spamhaus Block List (SBL)

03-Mar-2007 06:28 GMT | SR02

hylink-cn - spammer operated allocation
New name, same old problems in this CNCGroup-HN downstream.

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51900
58.83.0.0/16 is listed on the Spamhaus Block List (SBL)

03-Mar-2007 06:37 GMT | SR02

tianjian

58.83.0.0/22 and 58.83.4.0/22 are known to be operated by spammers. It
appears the entire /16 is part of the same operation. B-class networks
registered to Hotmail addresses are not reliable.

24 SBL/ROKSO listings for IPs under the responsibility of APNIC
http://www.spamhaus.org/sbl/listings.lasso?isp=APNIC

Let see whois:
Registrar: ONLINENIC, INC.

Dates:
Created 05-mar-2007 Updated 05-mar-2007 Expires 05-mar-2008

Registrant:
Alex Rodrigez Dom...@locu.st +689.423997
Alex Rodrigez
PK 1 West End - PO Box 4170
Papeete Tahiti,na,PF 98702

Domain Name: nasdaqnelamer.com
Record last updated at 2007-03-05 11:53:54
Record created on 2007/3/5
Record expired on 2008/3/5

Domain servers in listed order:
ns1.sobaka-soft.com
ns2.sobaka-soft.com

Administrator:
name:(Alex Rodrigez)
Email:(Dom...@locu.st) tel-- +689.423997
Alex Rodrigez
PK 1 West End - PO Box 4170
\r
t Papeete Tahiti
na,
PF
zipcode:98702

Technical Contactor:
name:(Alex Rodrigez)
Email:(Dom...@locu.st) tel-- +689.423997
Alex Rodrigez
PK 1 West End - PO Box 4170
\r
t Papeete Tahiti
na,
PF

zipcode:98702

Billing Contactor:
name:(Alex Rodrigez)
Email:(Dom...@locu.st) tel-- +689.423997
Alex Rodrigez
PK 1 West End - PO Box 4170
\r
t Papeete Tahiti
na,
PF

zipcode:98702

Registration Service Provider:
name: Alex Rodrigez
tel: +689.423997
fax: +689.423997
web:http://

More Alex Rodrigez DomainS[]locu.st sightings:
http://groups.google.com/groups/search?q=%22Do...@locu.st%22+group%3A*abuse

See:
ns2.sobaka-soft.com IP 195.189.81.174

ns2.sobaka-soft.com has no MX records -> sobaka-soft.com has no MX
records

http://www.moensted.dk/spam/?addr=195.189.81.174
http://www.spamhaus.org/query/bl?ip=195.189.81.174

No PTR records exist for 195.189.81.174
at jux.severen.com

inetnum: 195.189.80.0 - 195.189.83.255
netname: CIFRA-NET
descr: Limited company Betacom
role: Severen-Telecom NOC
remarks: Network operation center staff
org: ORG-SL18-RIPE
address: Severen-Telecom
e-mail: kondra...@severen.net
e-mail: an...@cifracom.ru

route: 195.189.80.0/22
descr: CIFRA network route (cifracom.ru)
descr: Saint-Petersburg
origin: AS41025
mnt-by: SEVEREN-MNT
source: RIPE
changed: kondra...@severen.net

Prefix: 195.189.80.0/22
Prefix Name: CIFRA network route Saint Petersburg
ASN: 41025
ASN Name: CIFRA AS Limited company Betacom www cifracom ru
Country (per IP registrar): RU [Russian Federation]
Country IP Range: 195.189.80.0 to 195.189.83.255
Country fraud profile: High
http://www.cidr-report.org/cgi-bin/as-report?as=41025

Aliases on the same IP:
our.pihtunoem.com
pihtunoem.com
ns1.pihtunoem.com
ns2.pihtunoem.com
zakupaiteoem.com
ns1.zakupaiteoem.com
ns2.zakupaiteoem.com
vovmu.net
ns1.vovmu.net
ns2.vovmu.net
ns2.pcoffice2007.com
ns2.sobaka-soft.com
ns2.unchets.eu

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51034
195.189.81.174/31 is listed on the Spamhaus Block List (SBL/ROKSO)

02-Mar-2007 11:54 GMT | SR02

Leo Kuvayev / BadCow

Downloadable Software / srul5.com, moisharx.com

1 SBL/ROKSO listings for IPs under the responsibility of severen.com
http://www.spamhaus.org/sbl/listings.lasso?isp=severen.com

Let see whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
Domain Name.......... sobaka-soft.com
Creation Date........ 2007-02-24 02:20:50
Registration Date.... 2007-02-24 02:20:50
Expiry Date.......... 2008-02-24 02:20:50
Organisation Name.... zhong fei
Organisation Address. jiang xi nan change
Organisation Address.
Organisation Address. nan chang
Organisation Address. 321000
Organisation Address. JX
Organisation Address. CN

Admin Name........... zhong fei
Admin Address........ jiang xi nan change
Admin Address........
Admin Address........ nan chang
Admin Address........ 321000
Admin Address........ JX
Admin Address........ CN
Admin Email.......... admin[]canadian-rxx.net
Admin Phone.......... +86.79132100023
Admin Fax............ +86.79132100023

Tech Name............ zhong fei
Tech Address......... jiang xi nan change
Tech Address.........
Tech Address......... nan chang
Tech Address......... 321000
Tech Address......... JX
Tech Address......... CN
Tech Email........... ad...@canadian-rxx.net
Tech Phone........... +86.79132100023
Tech Fax............. +86.79132100023

Bill Name............ zhong fei
Bill Address......... jiang xi nan change
Bill Address.........
Bill Address......... nan chang
Bill Address......... 321000
Bill Address......... JX
Bill Address......... CN
Bill Email........... ad...@canadian-rxx.net
Bill Phone........... +86.79132100023
Bill Fax............. +86.79132100023
Name Server.......... ns2.sobaka-soft.com
Name Server.......... ns1.sobaka-soft.com

More sobaka-soft.com sightings:
http://groups.google.com/groups/search?q=sobaka-soft.com+group%3A*abuse

See Registrant contact domain:
canadian-rxx.net IP 200.62.226.85
ns1.ourboycot.com [63.223.11.14] [TTL=172800] [US]
ns1.perceivablenut.com [63.223.11.14] [TTL=172800] [US]
ns2.grisaillesag.com [83.15.82.74] [TTL=172800] [PL]
ns2.transitstars.com [64.94.117.200] [TTL=172800] [US]

[canadian-rxx.net has 1 MX record mail.canadian-rxx.net (10)]

http://www.moensted.dk/spam/?addr=200.62.226.85
http://www.spamhaus.org/query/bl?ip=200.62.226.85

http://www.spamhaus.org/sbl/sbl.lasso?query=SBL51012
200.62.226.85/32 is listed on the Spamhaus Block List (SBL/ROKSO)

07-Feb-2007 21:50 GMT | SR20

Yambo Financials

Yambo botnet webservers/nameservers (compromised systems)

3 SBL/ROKSO listings for IPs under the responsibility of telmex.com.pe
http://www.spamhaus.org/sbl/listings.lasso?isp=telmex.com.pe

Let see whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
Domain Name.......... canadian-rxx.net
Creation Date........ 2007-02-13 15:22:25
Registration Date.... 2007-02-13 15:22:25
Expiry Date.......... 2008-02-13 15:22:25
Organisation Name.... peng fei
Organisation Address. guang zhou
Organisation Address.
Organisation Address. guang zhou
Organisation Address. 321000
Organisation Address. GD
Organisation Address. CN

Admin Name........... peng fei
Admin Address........ guang zhou
Admin Address........
Admin Address........ guang zhou
Admin Address........ 321000
Admin Address........ GD
Admin Address........ CN
Admin Email.......... admin[]canadian-rxx.net
Admin Phone.......... +86.2032100020
Admin Fax............ +86.2032100020

Tech Name............ peng fei
Tech Address......... guang zhou
Tech Address.........
Tech Address......... guang zhou
Tech Address......... 321000
Tech Address......... GD
Tech Address......... CN
Tech Email........... ad...@canadian-rxx.net
Tech Phone........... +86.2032100020
Tech Fax............. +86.2032100020

Bill Name............ peng fei
Bill Address......... guang zhou
Bill Address.........
Bill Address......... guang zhou
Bill Address......... 321000
Bill Address......... GD
Bill Address......... CN
Bill Email........... ad...@canadian-rxx.net
Bill Phone........... +86.2032100020
Bill Fax............. +86.2032100020
Name Server.......... ns1.ourboycot.com [63.223.11.14] => SBL49084
Name Server.......... ns2.grisaillesag.com [85.136.20.235] =>
SBL50921
Name Server.......... ns2.transitstars.com [64.94.117.200]
Name Server.......... ns1.perceivablenut.com [63.223.11.14] =>
SBL49084

No PTR records exist for 64.94.117.200 (transitstars.com)
at ns2.sef.pnap.net / ns1.pnap.net / Internap / DOTSTER
DNS Servers: NS1.FRAUDSHUTDOWN.COM NS2.FRAUDSHUTDOWN.COM

More Registrant canadian-rxx.net sightings:
http://groups.google.com/groups/search?q=canadian-rxx.net+group%3A*abuse

Read more:
http://groups.google.com/group/news.admin.net-abuse.sightings/msg/74abe83fb198c3b2

Cheers, Tomez


--
All postings to news.admin.net-abuse.sightings are unconfirmed and
unverified unless stated otherwise by the moderators. All opinions
expressed above are considered the opinions of the original poster,
not the moderators or their respective employers.

For a copy of the guidelines to this group, see:

http://www.killfile.org/~tskirvin/nana/

0 new messages