Jump to content

[Resolved] Spamcop Appears To Report Incorrect Cached Whois


dutch

Recommended Posts

Posted

I got 7 spam messages from IP addresses

173.232.242.194

173.232.242.195

173.232.242.197

173.232.242.199

173.232.242.198

173.232.242.200

Spamcop reports the cached WHOIS as bestwebostinghub.com. This is owned by bluehost.com, a hosting company in Provo UT. I contacted them via chat and email, and got to their "terms of service" tech group, who asserts these IPs are not hosted by them.

Here is a snip from one of the reports, all 7, except for the 6 different IPs look the same.

2: Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by CAS06-ORD1.mex06.mlsrvr.com (172.29.0.45) with Microsoft

SMTP Server (TLS) id 15.0.847.32 via Frontend Transport; Fri, 5 Sep 2014 08:40:27 -0500

Hostname verified: gate.forward.smtp.ord1c.emailsrvr.com

emailsrvr.com received mail from emailsrvr.com ( 108.166.43.128 )

3: Received: from [173.232.242.195] ([173.232.242.195:47770] helo=ns5.myblueskydns.com) by smtp17.gate.ord1c.rsapps.net (envelope-from

<yourbloombergbusinessweek[at]myblueskydns.com>) (ecelerity 2.2.3.49 r(42060/42061)) with ESMTP id 63/B3-28107-34DB9045; Fri, 05 Sep 2014

09:40:19 -0400

No unique hostname found for source: 173.232.242.195

emailsrvr.com received mail from sending system 173.232.242.195

Tracking message source: 173.232.242.195:

Routing details for 173.232.242.195

Using smaller IP block (/ 8 vs. / 16 )

Removing 1 larger (> / 8 ) route(s) from cache

[refresh/show] Cached whois for 173.232.242.195 : support[at]bestwebhostinghub.com

Using abuse net on support[at]bestwebhostinghub.com

No abuse net record for bestwebhostinghub.com

Using default postmaster contacts postmaster[at]bestwebhostinghub.com

http://www.spamcop.net/sc?id=z5962000805z7...101d6a22124a1fz 2/2

Message is 24 hours old

173.232.242.195 not listed in cbl.abuseat.org

173.232.242.195 not listed in dnsbl.sorbs.net

173.232.242.195 not listed in accredit.habeas.com

173.232.242.195 not listed in plus.bondedsender.org

173.232.242.195 not listed in iadb.isipp.com

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...