drugs botnet Penis Patch and Anatrim - kyfell.com
  Home FAQ Contact Sign in
news.admin.net-abuse.email only
 
Advanced search
POPULAR GROUPS

more...
 Up
drugs botnet Penis Patch and Anatrim - kyfell.com         

Group: news.admin.net-abuse.email · Group Profile
Author: TomezNet
Date: Aug 3, 2006 09:06

kyfell.com
Advanced Laboratories Inc.
Copyright Penis Enlarge Patch Rx 2005

The same domain was used by Anatrim spammers during registration of
mocdes.com (ns1.mocdes.com IP 221.206.5.45) for lyvinton.com

lyvinton.com IP 221.210.8.201
MX record relay.lyvinton.com IP 221.206.5.45
ns2.bionetiv.net A IN 128037 221.210.8.201
ns1.bionetiv.net A IN 128037 221.91.232.126
ns1.mocdes.com [221.206.5.45]

Additional domains on spammers network:
kolpons.com IP N/A
ns1.mocdes.com [221.206.5.45]
ns2.bionetiv.net [221.210.8.201]

mocdes.com IP N/A
ns1.mocdes.com [221.206.5.45]
ns2.mocdes.com [58.20.179.3]

linglof.net [221.206.5.45, 221.210.8.201] => Penis Enlarge Patch Rx
ns1.mocdes.com [221.206.5.45]
ns2.bionetiv.net [221.210.8.201]

bionetiv.net IP N/A
ns1.bionetiv.net [221.91.232.126]
ns2.bionetiv.net [221.210.8.201]

kyfell.com
resolved so far to 68.52.156.252 to 82.225.72.182 to 82.241.133.40 to
222.79.57.84 to 222.79.148.49 to 60.166.111.170 to 61.73.227.251 to
220.184.204.158 to 221.154.42.58

Name Server:
ns4.perfectmov.com [222.79.148.49, 210.213.142.71]
ns2.insanepope.com [210.213.142.71, 222.94.16.116]
ns1.insanepope.com [61.207.228.19, 222.92.134.141]
ns5.perfectmov.com [86.66.164.44]

68.52.156.252 PTR record: c-68-52-156-252.hsd1.tn.comcast.net
DNS.CMC.CO.DENVER.COMCAST.NET

82.225.72.182 PTR record: hel59-2-82-225-72-182.fbx.proxad.net
ns3-rev.proxad.net / ns0.proxad.net

82.241.133.40 PTR record: lie77-2-82-241-133-40.fbx.proxad.net
ns2-rev.proxad.net / ns0.proxad.net

222.79.57.84 PTR record: pc84.broad.dynamic.fz.fj.cn.cndata.com
dns.fz.fj.cn

222.79.148.49 PTR record: pc49.broad.dynamic.qz.fj.cn.cndata.com
dns2.qz.fj.cn

No PTR records exist for 60.166.111.170
at CHINANET-AH

No PTR records exist for 61.73.227.251
rev1.kornet.net

220.184.204.158 PTR record:
158.204.184.220.broad.hz.zj.dynamic.cndata.com
dns-noc.zjhzptt.net.cn

No PTR records exist for 221.154.42.58
rev1.kornet.net

Also checked:
ns3.perfectmov.com [58.209.45.63]
ns2.perfectmov.com [222.94.16.116]
ns1.perfectmov.com [222.92.134.141]

ns1.insanepope.com [61.207.228.19]

222.79.148.49 PTR record: pc49.broad.dynamic.qz.fj.cn.cndata.com
dns.qz.fj.cn

210.213.142.71 PTR record: 210.213.142.71.pldt.net
web.i-gate.net.ph

No PTR records exist for 222.94.16.116
ns.ptt.js.cn

61.207.228.19 PTR record: p4019-ipad22osakakita.osaka.ocn.ne.jp
ns-kg001.ocn.ad.jp

No PTR records exist for 222.92.134.141
ns.jsinfo.net

86.66.164.44 PTR record: 44.164.66-86.rev.gaoland.net
dns2.gaoland.net

No PTR records exist for 58.209.45.63
ns.jsinfo.net

As for linglof.net whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA
DNS.COM.CN
Domain Name.......... linglof.net
Creation Date........ 2006-07-27 01:43:34
Registration Date.... 2006-07-27 01:43:34
Expiry Date.......... 2007-07-27 01:43:34
Organisation Name.... liu hao
Organisation Address. guang zhou
Organisation Address.
Organisation Address. guang zhou
Organisation Address. 516000
Organisation Address. GD
Organisation Address. CN

Admin Name........... liu hao
Admin Address........ guang zhou
Admin Address........
Admin Address........ guang zhou
Admin Address........ 516000
Admin Address........ GD
Admin Address........ CN
Admin Email.......... admin[]linglof.net
Admin Phone.......... +86.203210000
Admin Fax............ +86.203210000

Tech Name............ liu hao
Tech Address......... guang zhou
Tech Address.........
Tech Address......... guang zhou
Tech Address......... 516000
Tech Address......... GD
Tech Address......... CN
Tech Email........... admin@linglof.net
Tech Phone........... +86.203210000
Tech Fax............. +86.203210000

Bill Name............ liu hao
Bill Address......... guang zhou
Bill Address.........
Bill Address......... guang zhou
Bill Address......... 516000
Bill Address......... GD
Bill Address......... CN
Bill Email........... admin@linglof.net
Bill Phone........... +86.203210000
Bill Fax............. +86.203210000
Name Server.......... ns1.mocdes.com
Name Server.......... ns2.bionetiv.net

As for kyfell.com whois:
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN

Domain Name.......... kyfell.com
Creation Date........ 2006-06-27 02:41:23
Registration Date.... 2006-06-27 02:41:23
Expiry Date.......... 2007-06-27 02:41:23
Organisation Name.... shi jun
Organisation Address. nan chang
Organisation Address.
Organisation Address. nan chang
Organisation Address. 321000
Organisation Address. JX
Organisation Address. CN

Admin Name........... shi jun
Admin Address........ nan chang
Admin Address........
Admin Address........ nan chang
Admin Address........ 321000
Admin Address........ JX
Admin Address........ CN
Admin Email.......... admin@kyfell.com
Admin Phone.......... +86.79832110002
Admin Fax............ +86.79832110002

Tech Name............ shi jun
Tech Address......... nan chang
Tech Address.........
Tech Address......... nan chang
Tech Address......... 321000
Tech Address......... JX
Tech Address......... CN
Tech Email........... admin@kyfell.com
Tech Phone........... +86.79832110002
Tech Fax............. +86.79832110002

Bill Name............ shi jun
Bill Address......... nan chang
Bill Address.........
Bill Address......... nan chang
Bill Address......... 321000
Bill Address......... JX
Bill Address......... CN
Bill Email........... admin@kyfell.com
Bill Phone........... +86.79832110002
Bill Fax............. +86.79832110002
Name Server.......... ns4.perfectmov.com
Name Server.......... ns2.insanepope.com
Name Server.......... ns1.insanepope.com
Name Server.......... ns5.perfectmov.com

Let see whois for perfectmov.com:
Registrar: TUCOWS INC.

Registrant:
michael fyvie
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK

Domain name: PERFECTMOV.COM

Administrative Contact:
fyvie, michael mifyv[]portland.co.uk
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK
+4467249131
Technical Contact:
fyvie, michael mifyv@portland.co.uk
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK
+4467249131

Registration Service Provider:
DiscountDomainRegistry.com
http://DiscountDomainRegistry.com

Customers may contact us for domain login/passwords, DNS/Nameserver
changes, and general domain support questions at
http://discountdomainregistry.com/crm/ .

Registrar of Record: TUCOWS, INC.
Record last updated on 23-Jul-2006.
Record expires on 20-Jul-2007.
Record created on 20-Jul-2006.

Domain servers in listed order:
NS1.PERFECTMOV.COM 221.154.42.58
NS2.PERFECTMOV.COM 60.17.214.85
NS3.PERFECTMOV.COM 58.209.38.162
NS4.PERFECTMOV.COM 221.234.59.39
NS5.PERFECTMOV.COM 86.66.164.44

Domain status: ACTIVE

Let see whois for insanepope.com:
Registrar: TUCOWS INC.
Registrant:
michael fyvie
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK

Domain name: INSANEPOPE.COM

Administrative Contact:
fyvie, michael mifyv[]portland.co.uk
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK
+4467249131
Technical Contact:
fyvie, michael mifyv@portland.co.uk
1/43 castle street
port bannatyne, Outside US/Canada pa20 onb
UK
+4467249131

Registration Service Provider:
DiscountDomainRegistry.com
http://DiscountDomainRegistry.com

Customers may contact us for domain login/passwords, DNS/Nameserver
changes, and general domain support questions at
http://discountdomainregistry.com/crm/ .

Registrar of Record: TUCOWS, INC.
Record last updated on 23-Jul-2006.
Record expires on 20-Jul-2007.
Record created on 20-Jul-2006.

Domain servers in listed order:
NS1.INSANEPOPE.COM 60.166.3.5
NS2.INSANEPOPE.COM 82.230.232.178
NS3.INSANEPOPE.COM 80.236.177.74
NS4.INSANEPOPE.COM 58.210.81.50
NS5.INSANEPOPE.COM 86.66.164.44

Domain status: ACTIVE

Full spam in sightings:
http://groups.google.com/group/news.admin.net-abuse.sightings/msg/db575af7173ba6...

Cheers, Tomez
1 Comment
diggit! del.icio.us! reddit!