ROKSO Home  |  ROKSO FAQs & Policies  |  About Spamhaus  |  FAQs
ROKSO
The Register of Known Spam Operations
Nikhil Kumar Pragji / Dark-Mailer

Evidence Menu:

Nikhil Kumar Pragji / Dark-Mailer Index


Country: Australia
State: Queensland
Through the Dark-Mailer Windows based proxy-botnet based spamware, this spammer is responsible for and behind a large portion of the world's illegally sent spam.


Nikhil Kumar Pragji / Dark-Mailer SBL Listings History
Current SBL Listings
Archived SBL Listings

Nikhil Lee - nikhil.specialham.com


several Windows2003 boxes running DarkMailer were uncovered on McColo.com's network. Details:

email: jobiehost@hotmail.com
Contact Name: Nikhil Lee

Rock Community Care Inc
P.O. Box 3922
SOUTH BRISBANE MC QLD 4101

payment type: wire transfer


IPs:
64.71.177.112
64.71.177.116
64.71.177.117
64.71.177.118
64.71.177.123
64.71.177.124
64.71.177.125
65.19.154.32
65.19.154.55


accessed from this dynamically assigned IP:

203.45.189.190 [CPE-203-45-189-190.qld.bigpond.net.au]


Ref: SBL29974 (64.62.171.128/25)


(may be related)

<http://www.spews.org/S1389.html>

Old:
--- contacting nameserver: ns6.dns1234.com [65.126.18.102]

openrelaycheck.com A 65.126.10.105
openrelaycheck.com NS nikhil.specialham.com
openrelaycheck.com SOA
origin = nikhil.specialham.com
mail addr = admin@specialham.com
serial = 5
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 ()
minimum ttl = 3600 (1 hour)
openrelaycheck.com MX 10 openrelaycheck.com
nikhil.specialham.com A 65.126.18.100
openrelaycheck.com A 65.126.10.105


--- contacting nameserver: ns6.dns1234.com [65.126.18.102]

sendfakemail.com A 65.126.18.105
sendfakemail.com NS nikhil.specialham.com
sendfakemail.com SOA
origin = nikhil.specialham.com
mail addr = admin@specialham.com
serial = 5
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 ()
minimum ttl = 3600 (1 hour)
sendfakemail.com MX 10 sendfakemail.com
nikhil.specialham.com A 65.126.18.100
sendfakemail.com A 65.126.18.105




The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.
The address of this ROKSO record is: https://www.spamhaus.org/rokso/evidence/ROK8513/

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.
© 1998-2016 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy