Steve 0 Posted April 22, 2020 https://www.spamcop.net/sc?id=z6629778003z5e644dc4a48c7fddcdc37d472089d0f5z Tried refreshing the page several times and nothing worked to bring up the abuse contact for this IP Address. Upon running a check at whois.nic.ad.jp, I got this result: Quote [ JPNIC database provides information regarding IP address and ASN. Its use ] [ is restricted to network administration purposes. For further information, ] [ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ] Network Information: a. [Network Number] 210.227.118.80/29 b. [Network Name] BIHORO g. [Organization] Bihoro Town m. [Administrative Contact] JP00155955 (densan@town.bihoro.hokkaido.jp) n. [Technical Contact] JP00155955 (densan@town.bihoro.hokkaido.jp) p. [Nameserver] [Assigned Date] 2017/11/20 [Return Date] [Last Update] 2017/11/20 14:11:04(JST) Less Specific Info. ---------- NTT COMMUNICATIONS CORPORATION [Allocation] 210.227.0.0/16 Open Computer Network SUBA-131-13P [Sub Allocation] 210.227.118.0/24 More Specific Info. ---------- No match!! Let's see what happens when I manually report it to densan@town.bihoro.hokkaido.jp. Quote Parsing header: 0: Received: from anshin.town.bihoro.hokkaido.jp (anshin.town.bihoro.hokkaido.jp. [210.227.118.83]) by mx.google.com with ESMTP id 5si1319690pga.103.2020.04.21.02.20.23; Tue, 21 Apr 2020 02:20:24 -0700 (PDT) Hostname verified: anshin.town.bihoro.hokkaido.jpGmail/Postini received mail from sending system 210.227.118.83 1: Received: from [193.56.28.103] (unknown [193.56.28.103]) by anshin.town.bihoro.hokkaido.jp (Postfix) with ESMTPA id CDA9B20D474F; Tue, 21 Apr 2020 18:18:05 +0900 (JST) No unique hostname found for source: 193.56.28.103 Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust this Received line. Tracking message source: 210.227.118.83: "whois 210.227.118.83@whois.apnic.net" (Getting contact from whois.apnic.net mirror)Display data: Redirect to nic.ad.jp: Display data: "whois 210.227.118.83/e@whois.nic.ad.jp" (Getting contact from jpnic) Display data: "whois JP00155955/e@whois.nic.ad.jp" (Getting contact from jpnic) nothing found nothing found No reporting addresses found for 210.227.118.83, using devnull for tracking. Message is 17 hours old210.227.118.83 not listed in cbl.abuseat.org210.227.118.83 listed in dnsbl.sorbs.net ( 1 )210.227.118.83 not listed in accredit.habeas.com210.227.118.83 not listed in plus.bondedsender.org210.227.118.83 not listed in iadb.isipp.com Share this post Link to post Share on other sites
petzl 0 Posted April 22, 2020 8 hours ago, Steve said: https://www.spamcop.net/sc?id=z6629778003z5e644dc4a48c7fddcdc37d472089d0f5z Tried refreshing the page several times and nothing worked to bring up the abuse contact for this IP Address. Upon running a check at whois.nic.ad.jp, I got this result: Botnet device needs scanning with password change "abuse[AT]webhostedgroup[DOT]com"https://www.abuseat.org/lookup.cgi?ip=193.56.28.103 Through compromised WEB IP 210.227.118.83 device needs scanning with password change hostmaster[AT]nic[DOT]ad[DOT]jp Share this post Link to post Share on other sites