Jump to content

[Resolved] Spamcop Appears To Report Incorrect Cached Whois


dutch
 Share

Recommended Posts

I got 7 spam messages from IP addresses

173.232.242.194

173.232.242.195

173.232.242.197

173.232.242.199

173.232.242.198

173.232.242.200

Spamcop reports the cached WHOIS as bestwebostinghub.com. This is owned by bluehost.com, a hosting company in Provo UT. I contacted them via chat and email, and got to their "terms of service" tech group, who asserts these IPs are not hosted by them.

Here is a snip from one of the reports, all 7, except for the 6 different IPs look the same.

2: Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by CAS06-ORD1.mex06.mlsrvr.com (172.29.0.45) with Microsoft

SMTP Server (TLS) id 15.0.847.32 via Frontend Transport; Fri, 5 Sep 2014 08:40:27 -0500

Hostname verified: gate.forward.smtp.ord1c.emailsrvr.com

emailsrvr.com received mail from emailsrvr.com ( 108.166.43.128 )

3: Received: from [173.232.242.195] ([173.232.242.195:47770] helo=ns5.myblueskydns.com) by smtp17.gate.ord1c.rsapps.net (envelope-from

<yourbloombergbusinessweek[at]myblueskydns.com>) (ecelerity 2.2.3.49 r(42060/42061)) with ESMTP id 63/B3-28107-34DB9045; Fri, 05 Sep 2014

09:40:19 -0400

No unique hostname found for source: 173.232.242.195

emailsrvr.com received mail from sending system 173.232.242.195

Tracking message source: 173.232.242.195:

Routing details for 173.232.242.195

Using smaller IP block (/ 8 vs. / 16 )

Removing 1 larger (> / 8 ) route(s) from cache

[refresh/show] Cached whois for 173.232.242.195 : support[at]bestwebhostinghub.com

Using abuse net on support[at]bestwebhostinghub.com

No abuse net record for bestwebhostinghub.com

Using default postmaster contacts postmaster[at]bestwebhostinghub.com

http://www.spamcop.net/sc?id=z5962000805z7...101d6a22124a1fz 2/2

Message is 24 hours old

173.232.242.195 not listed in cbl.abuseat.org

173.232.242.195 not listed in dnsbl.sorbs.net

173.232.242.195 not listed in accredit.habeas.com

173.232.242.195 not listed in plus.bondedsender.org

173.232.242.195 not listed in iadb.isipp.com

Link to comment
Share on other sites

I got 7 spam messages from IP addresses

173.232.242.194

173.232.242.195

173.232.242.197

173.232.242.199

173.232.242.198

173.232.242.200

According to http://myip.ms/view/ip_addresses/291772467...173.232.242.255

IP Owner: Eonix Corporation

Owner Full IP Range: 173.232.0.0 - 173.232.255.255

Owner Address: 2360 Corporate Circle Suite 400, Henderson, NV, 89074, US

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...