Jump to content

ob1db

Membera
  • Content Count

    121
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ob1db

  • Rank
    Advanced Member

Recent Profile Visitors

1,803 profile views
  1. Spamcop sez: Parsing input: www.nationalsurveysonline.com No recent reports, no history availableHost www.nationalsurveysonline.com (checking ip) = 66.206.3.37Routing details for 66.206.3.37[refresh/show] Cached whois for 66.206.3.37 : abuse@hivelocity.netUsing abuse net on abuse@hivelocity.netabuse net hivelocity.net = postmaster@hivelocity.net, abuse@hivelocity.netUsing best contacts postmaster@hivelocity.net abuse@hivelocity.netpostmaster@hivelocity.net redirects to abuse@hivelocity.net But I tracked down the following direct report as I have been INUNDATED by these spammers! Domain Name: NATIONALSURVEYSONLINE.COM Registry Domain ID: 2337211756_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.moniker.com Registrar URL: http://www.moniker.com Updated Date: 2020-12-06T20:45:24Z Creation Date: 2018-11-26T21:51:56Z Registry Expiry Date: 2021-11-26T21:51:56Z Registrar: Moniker Online Services LLC Registrar IANA ID: 228 Registrar Abuse Contact Email: abuse@moniker.com
  2. You are right, I just searched on and am about to correct my post, LOL!
  3. abuse@gtt.net is the correct reporting for this IP address, not abuse@brookstonenetworks.com, as brookstonenetworks.com no longer exists. You searched for: 67.200.116.254 Network Net Range 67.200.116.0 - 67.200.117.255 CIDR 67.200.116.0/23 Name GTT-RESULTS-GENERATION Handle NET-67-200-116-0-1 Parent RGS-BLK12 (NET-67-200-0-0-1) Net Type Reassigned Origin AS AS3257 Customer Results Generation (C07425230) Registration Date 2019-09-12 Last Updated 2019-09-12 Comments ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE RESTful Link https://whois.arin.net/rest/net/NET-67-200-116-0-1 See Also Upstream network's resource POC records. See Also Upstream organization's POC records. See Also Related delegations. Customer Name Results Generation Handle C07425230 Street 8127 Mesa Dr suite B206-319 City Austin State/Province TX Postal Code 78759 Country US Registration Date 2019-09-12 Last Updated 2019-09-12 Comments RESTful Link https://whois.arin.net/rest/customer/C07425230 See Also Upstream network's resource POC records. See Also Upstream organization's POC records. Point of Contact Name AS3257 Netguard Handle AS3251-ARIN Company GTT Street Hugenottenallee 167 City Neu-Isenburg State/Province Postal Code 63263 Country DE Registration Date 2009-07-03 Last Updated 2020-06-05 Comments Phone +49 6102 8235 389 (Fax) +49 6102 8235 381 (Office) Email netguard@gtt.net RESTful Link https://whois.arin.net/rest/poc/AS3251-ARIN Point of Contact Note ARIN has attempted to validate the data for this POC, but has received no response from the POC since 2020-04-30 Name GTT Abuse Department Handle GAD46-ARIN Company GTT Communications, Inc. Street 8484 Westpark Drive Suite 720 City McLean State/Province VA Postal Code 22102 Country US Registration Date 2014-04-16 Last Updated 2019-05-01 Comments Phone +1-703-442-5501 (Fax) +1-703-442-5500 (Office) Email abuse@gtt.net RESTful Link https://whois.arin.net/rest/poc/GAD46-ARIN
  4. I have been manually forwarding amazonaws.com reports to abuse@amazonaws.com for the last 2 months. They have been responsive and appear to have taken action on more than one submission. Perhaps a deputy can contact amazonaws and confirm if they will now accept spamcop reports as well?
  5. abuse-contact@publicdomainregistry.com, see below whois Also ran SC on this Parsing input: publicdomainregistry.com Host publicdomainregistry.com (checking ip) = 162.251.80.231 Routing details for 162.251.80.231 [refresh/show] Cached whois for 162.251.80.231 : abuse@confluence-networks.com Using abuse net on abuse@confluence-networks.com abuse net confluence-networks.com = abuse@confluence-networks.com, abuse@softlayer.com Possibly should report to these as well? The listed DNS servers come back with the same 2 reporting addresses. Domain Name: SEODOMAINREGIST.COM Registry Domain ID: 2064269964_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.publicdomainregistry.com Registrar URL: www.publicdomainregistry.com Updated Date: 2016-10-07T14:56:23Z Creation Date: 2016-10-07T14:56:23Z Registrar Registration Expiration Date: 2017-10-07T14:56:23Z Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registrar IANA ID: 303 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registry Registrant ID: Not Available From Registry Registrant Name: Domain Admin Registrant Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org Registrant Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator Registrant City: Nobby Beach Registrant State/Province: Queensland Registrant Postal Code: QLD 4218 Registrant Country: AU Registrant Phone: +45.36946676 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: contact@privacyprotect.org Registry Admin ID: Not Available From Registry Admin Name: Domain Admin Admin Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org Admin Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator Admin City: Nobby Beach Admin State/Province: Queensland Admin Postal Code: QLD 4218 Admin Country: AU Admin Phone: +45.36946676 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: contact@privacyprotect.org Registry Tech ID: Not Available From Registry Tech Name: Domain Admin Tech Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org Tech Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator Tech City: Nobby Beach Tech State/Province: Queensland Tech Postal Code: QLD 4218 Tech Country: AU Tech Phone: +45.36946676 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: contact@privacyprotect.org Name Server: 1a7ea920.bitcoin-dns.hosting Name Server: a8332f3a.bitcoin-dns.hosting Name Server: ad636824.bitcoin-dns.hosting Name Server: c358ea2d.bitcoin-dns.hosting DNSSEC:Unsigned Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com Registrar Abuse Contact Phone: +1.2013775952
  6. The parser suggests complainloop[at]ebay.com for PayPal spoofs and phishing. There is nothing wrong with CC to that address, but the instructions from PayPal are as follows: If you believe you've received a phishing email, follow these steps right away: Forward the entire email to spoof[at]paypal.com. Do not alter the subject line or forward the message as an attachment. Delete the suspicious email from your inbox.
  7. NetRange: 67.222.156.146 - 67.222.156.153 CIDR: 67.222.156.148/30, 67.222.156.152/31, 67.222.156.146/31 NetName: KNOWNHOSTNET NetHandle: NET-67-222-156-146-1 Parent: DFW-DATACENTER (NET-67-222-128-0-1) NetType: Reassigned OriginAS: AS30277 Customer: KnownHost (C05603890) RegDate: 2015-02-19 Updated: 2015-02-19 Ref: http://whois.arin.net/rest/net/NET-67-222-156-146-1 CustName: KnownHost Address: 1379 Dilworthtown Crossing Address: Suite 214 City: West Chester StateProv: PA PostalCode: 19382 Country: US RegDate: 2015-02-19 Updated: 2015-02-19 Ref: http://whois.arin.net/rest/customer/C05603890 OrgAbuseHandle: DFWDA-ARIN OrgAbuseName: DFW Datacenter OrgAbusePhone: +1-214-256-3746 OrgAbuseEmail: sales[at]dfw-datacenter.com
  8. Information related to '185.24.152.0 - 185.24.155.255' inetnum: 185.24.152.0 - 185.24.155.255 netname: FR-CPRO-TELECOM-20130422 descr: Rhoval SAS country: FR org: ORG-CIS15-RIPE admin-c: WBN1-RIPE tech-c: WBN1-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: MNT-CPRO-WBN mnt-routes: MNT-CPRO-WBN created: 2013-04-22T11:29:26Z last-modified: 2013-04-23T13:22:26Z source: RIPE # Filtered organisation: ORG-CIS15-RIPE org-name: Rhoval SAS org-type: LIR address: 53, avenue des Langories address: 26000 address: Valence address: FRANCE phone: +33475781414 fax-no: +33475560507 admin-c: DLE10-RIPE admin-c: TPI7-RIPE admin-c: WBN2-RIPE abuse-mailbox: noc [at] rhoval.com
  9. Spamcop sez: Parsing input: 31.135.3.227 No recent reports, no history available Routing details for 31.135.3.227 [refresh/show] Cached whois for 31.135.3.227 : office[at]dmre-network.net Using last resort contacts office[at]dmre-network.net office[at]dmre-network.net bounces (341 sent : 171 bounces) But a quick search at ripe.net gets this: Abuse contact info: abuse[at]alex-net.ro inetnum: 31.135.0.0 - 31.135.3.255 netname: ALEX-NET-MIERCUREACIUC descr: ALEX NET SRL country: RO org: ORG-ANS20-RIPE admin-c: GL8724-RIPE tech-c: GL8724-RIPE status: ASSIGNED PA mnt-by: SENSITIVENET-MNT mnt-routes: ALEXNET-MNT mnt-domains: ALEXNET-MNT created: 2015-03-23T14:14:43Z last-modified: 2015-03-23T14:14:43Z source: RIPE # Filtered
  10. All the apple adresses the system has are marked as bouncing. phishing contact for apple.com is reportphishing[at]apple.com
  11. Abuse contacts for '95.211.208.0 - 95.211.209.255' are 'abuse[at]nl.leaseweb.com' and 'abuse[at]us.leaseweb.com' Not sure which to use, sites in that range are technically hosted in the Netherlands. Perhaps both is best? Spamcop has 'abuse[at]leaseweb.com' which is currently devnulled. Ripe has the same one. I'll ping leaseweb support and suggest the update Ripe and ask about whether there is a preference between the 2 reporting addresses. David
  12. John, You have made your feelings and opinions on Jeff quite clear elsewhere on the forums repeatedly. The reply above isn't helpful or appropriate. It also is not correct regarding what I posted. If you still have a need to rant on Jeff, would you please have the courtesy to do it elsewhere on the forums? The rest of us here are trying to help each other. Or you can start a new thread if you think it is so important. Thanks, David
  13. Folks, I have some good news on this after all. Some "lost" material MAY still be retrievable! I won't go into details here, but if anyone else is in the same self-created dire situation I am in where you didn't get all your stuff downloaded on time, please feel free to contact me. I'll find out if your stuff is retrievable. If it is, it make take a week or 2 to receive, FYI. Ping me at my old SC address: ob1db[at]spamcop.net. I'll find out if your stuff is also retrievable. Let me know which items are a priority. David
  14. ob1db

    Forwarding and FAQ update

    There were extensive notices sent out, very odd if you didn't get any of them. In any case, I have some good news on this after all. Some material MAY still be retrievable! I won't go into details here, but if anyone else is in the same self-created dire situation I am in where you didn't get all your stuff downloaded on time, please feel free to contact me. I'll find out if your stuff is retrievable. If it is, it make take a week or 2 to receive, FYI Ping me at my old SC address: ob1db[at]spamcop.net. I'll find out if your stuff is retrievable as well. Let me know which items are a priority. I will also post this information as a new topic on the board. David
  15. Folks, I have some good news on this after all. Some material MAY still be retrievable! I won't go into details here, but if anyone else is in the same self-created dire situation I am in where you didn't get all your stuff downloaded on time, please feel free to contact me. I'll find out if your stuff is retrievable. Ping me at my old SC address: ob1db[at]spamcop.net. I'll find out if your stuff is retrievable as well. I will also post this information as a new topic on the board. David
×