Search the Community
Showing results for tags 'whois'.
Found 3 results
I went to report this domain and saw it tries to report to Hotmail? Clearly wrong, so how do we or who admins changes for reporting. ALSO for amazonnaw reporting, I saw awhile ago reports re no longer sent to them, so I send them via my email, which is a sh**ty way to expose my email address but at least they are shutting down spamming domains. Remind me again why spamcop is not sending reports since they do seem to be responding? http://HipMie.com http://whois.domaintools.com/hipmie.com Domain Name: HIPMIE.COMRegistry Domain ID: 2366330834_DOMAIN_COM-VRSNRegistrar WHOIS Server: whois.uniregistrar.netRegistrar URL: http://uniregistry.comUpdated Date: 2019-03-05-T16:00:52ZCreation Date: 2019-03-05-T16:00:46ZRegistrar Registration Expiration Date: 2020-03-05-T16:00:46ZRegistrar: UNIREGISTRAR CORPRegistrar IANA ID: 1659Registrar Abuse Contact Email: Registrar Abuse Contact Phone: +1.4426008800Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibitedRegistrant Organization: Registrant State/Province: FLRegistrant Country: USRegistrant Email: https://uniregistry.com/whois/contact/hipmie.com?landerid=whoisName Server: ns1.uniregistry-dns.comName Server: ns1.uniregistry-dns.netName Server: ns2.uniregistry-dns.comName Server: ns2.uniregistry-dns.net
The spam with tracking URL https://www.spamcop.net/sc?id=z6246572546z9a124429f6c8f92ebdeb5a0ab269ed34z shows a frequent phenomenon which seems to me to be a failure of the Spamcop engine to see abuse contact information that is clearly visible in the output of whois. In the example above, Spamcop claims in reference to the spam source: whois.ripe.net 126.96.36.199 (nothing found) No reporting addresses found for 188.8.131.52, using devnull for tracking. Yet, when I run (RIPE) whois 184.108.40.206 one of the first things in the output is this: % Abuse contact for '220.127.116.11 - 18.104.22.168' is 'firstname.lastname@example.org' Usually, I can add the abuse contact that Spamcop is ignoring via the user notification (although in this case, it gets mysteriously stripped off). Why doesn't Spamcop see and use this information?
Just a heads-up... Some abuse contact info is appearing in "%" comment lines in returned whois info, and this isn't beeing seen by SpamCop. I submitted a spam message, received from the address in the whois output below, and SC used nomaster (https://www.spamcop.net/sc?id=z6150159699zf64fd115c02b2d6e1cf28dbf87b528e4z) [jhg[at]www ~]$ whois 22.214.171.124 [Querying whois.arin.net] [Redirected to whois.ripe.net] [Querying whois.ripe.net] [whois.ripe.net] % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '126.96.36.199 - 188.8.131.52' % Abuse contact for '184.108.40.206 - 220.127.116.11' is 'nic[at]smartnet.kz' inetnum: 18.104.22.168 - 22.214.171.124 netname: SMARTNET descr: P2P address for clients in Almaty country: KZ admin-c: BU909-RIPE tech-c: BU909-RIPE remarks: INFRA-AW status: ASSIGNED PA mnt-by: MNT-SMARTNET created: 2011-09-14T04:44:54Z last-modified: 2011-09-14T04:44:54Z source: RIPE # Filtered person: Baurzhan Ussunov address: Almaty, Al-Farabi av, 73/2 address: Republic of Kazakhstan phone: + 7 727 356 01 33 fax-no: +7 727 356 01 10 nic-hdl: BU909-RIPE mnt-by: MNT-SMARTNET created: 2008-10-23T06:55:51Z last-modified: 2008-10-23T08:13:09Z source: RIPE # Filtered % Information related to '126.96.36.199/24AS43994' route: 188.8.131.52/24 descr: SMARTNET descr: Almaty block origin: AS43994 mnt-by: MNT-SMARTNET created: 2011-04-22T10:35:40Z last-modified: 2011-04-22T10:35:40Z source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.80.1 (DB-2)