Any WhoIs Guru's out there

[Merlyn]

Can anyone find the whois for help2004.net

[dbiel]

Domain Name: HELP2004.NET

Registrar: ENOM, INC.

Whois Server: whois.enom.com

Referral URL: http://www.enom.com

Name Server: NS1.NAMESATLARGE.US

Name Server: NS2.NAMESATLARGE.US

Name Server: NS3.NAMESATLARGE.US

Name Server: NS4.NAMESATLARGE.US

Status: REGISTRAR-LOCK

Updated Date: 25-aug-2004

Creation Date: 25-aug-2004

Expiration Date: 25-aug-2005

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

HELP2004.NET

SSL Cert: No valid SSL on this Host, Get Secure

Website Status: not active

Cached Whois: Cached today

Record Type: Domain Name

Monitor: Monitor or Backorder

Wildcard search: 'help2004' or 'help 2004' in all domains.

Other TLDs: .com .net .org .info .biz .us

X X [4 available domains]

Name Server: NS1.NAMESATLARGE.US

ICANN Registrar: ENOM, INC.

Created: 2004-08-25

Expires: 2005-08-25

Status: REGISTRAR-LOCK

--------------------------------------------------------------------------------

Domain not found.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Pinging HELP2004.NET [201.3.236.74]:

Ping #1: Got reply from 201.3.236.74 in 967ms [TTL=50]

Ping #2: * [No response]

Ping #3: * [No response]

Ping #4: Got reply from 201.3.236.74 in 791ms [TTL=50]

Done pinging HELP2004.NET!

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Reverse DNS for 201.3.236.74

Generated by www.DNSstuff.com

Country: BRAZIL

Preparation:

The reverse DNS entry for an IP is found by reversing the IP, adding it to "in-addr.arpa", and looking up the PTR record.

So, the reverse DNS entry for 201.3.236.74 is found by looking up the PTR record for

74.236.3.201.in-addr.arpa.

All DNS requests start by asking the root servers, and they let us know what to do next.

See How Reverse DNS Lookups Work for more information.

How I am searching:

Asking d.root-servers.net for 74.236.3.201.in-addr.arpa PTR record:

d.root-servers.net says to go to NS2.DNS.BR. (zone: 201.in-addr.arpa.)

Asking NS2.DNS.BR. for 74.236.3.201.in-addr.arpa PTR record:

ns2.dns.br says to go to NS3.BRASILTELECOM.NET.BR. (zone: 236.3.201.in-addr.arpa.)

Asking NS3.BRASILTELECOM.NET.BR. for 74.236.3.201.in-addr.arpa PTR record: Reports that no PTR records exist.

Answer:

No PTR records exist for 201.3.236.74. [Neg TTL=43200 seconds]

Details:

NS3.BRASILTELECOM.NET.BR. (an authoritative nameserver for 236.3.201.in-addr.arpa., which is in charge of the reverse DNS for 201.3.236.74)

says that there are no PTR records for 201.3.236.74.

To get reverse DNS set up for 201.3.236.74, you need to speak to your Internet provider. You could also

check with abuse[at]brasiltelecom.net.br., who is in charge of the 236.3.201.in-addr.arpa. zone.

Note that all Internet accessible hosts are expected to have a reverse DNS entry (per RFC1912 2.1),

and many mailservers (such as AOL) will likely block E-mail from mailservers with no reverse DNS entry.

To see the reverse DNS traversal, to make sure that all DNS servers are reporting the correct results, you can Click Here.

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Country: BRAZIL

Looking up 201.3.236.74 at whois.radb.net.

NOTE: More information appears to be available at AS8167.

route: 201.3.128.0/17

descr: Proxy-registered route object

origin: AS8167

remarks: auto-generated route object

remarks: this next line gives the robot something to recognize

remarks: L'enfer, c'est les autres

remarks:

remarks: This route object is for a Level 3 customer route

remarks: which is being exported under this origin AS.

remarks:

remarks: This route object was created because no existing

remarks: route object with the same origin was found, and

remarks: since some Level 3 peers filter based on these objects

remarks: this route may be rejected if this object is not created.

remarks:

remarks: Please contact********[at]Level3.net if you have any

remarks: questions regarding this object.

mnt-by: LEVEL3-MNT

changed: ****[at]Level3.net 20040817

source: LEVEL3

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Getting MX record for help2004.net... Got it!

Host Preference IP(s) [Country] mail.help2004.net. 60 201.3.236.74 [bR] --------------------------------------------------------------------------------

Step 1: Try connecting to the following mailserver:

mail.help2004.net. - 201.3.236.74

Step 2: If still unsuccessful, queue the E-mail for later delivery.

--------------------------------------------------------------------------------

Trying to connect to all mailservers:

mail.help2004.net. - 201.3.236.74 [Could not connect: Got an unknown RCPT TO response: 554 : Relay access denied

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

NetGeo results for 201.3.236.74

Generated by www.DNSstuff.com

201.3.236.74 [iana.org or RESERVED-14] appears to be located at: MARINA DEL REY, CALIFORNIA, US.

Full results follow:

--------------------------------------------------------------------------------

VERSION=1.0

TARGET: 201.3.236.74

NAME: RESERVED-14

NUMBER: 201.0.0.0 - 201.255.255.255

CITY: MARINA DEL REY

STATE: CALIFORNIA

COUNTRY: US

LAT: 33.98

LONG: -118.45

LAT_LONG_GRAN: City

LAST_UPDATED: 14-Oct-1999

NIC: ARIN

LOOKUP_TYPE: Block Allocation

RATING:

DOMAIN_GUESS: iana.org

STATUS: OK

[DavidT]

Can anyone find the whois for help2004.net

The registrar for the name, "enom" is not responding with any information other than the nameservers. Despite the ".us" on the nameservers, it's actually hosted in Brazil. There are multiple reports on this domain in "news.admin.net-abuse.sightings" already. Someone needs to hit Enom with some strongly-worded complaints. Don't do business with shady registrars like them!

DT

[Wazoo]

08/27/04 20:44:05 Slow traceroute help2004.net

Trace help2004.net (201.3.236.74) ...

144.223.244.26 RTT: 197ms TTL:128 (sl-brazi-1-0.sprintlink.net ok)

201.10.217.29 RTT: 194ms TTL:128 (BrT-G7-0-0-ctacore01.brasiltelecom.net.br bogus rDNS: host not found [authoritative])

201.10.192.193 RTT: 209ms TTL:128 (BrT-G1-3-0-fnscore01.brasiltelecom.net.br bogus rDNS: host not found [authoritative])

201.10.234.130 RTT: 211ms TTL:128 (No rDNS)

* * * failed

201.3.236.74 RTT: 342ms TTL: 48 (help2004.net ok)

08/27/04 20:48:46 Slow traceroute www.help2004.net

Trace www.help2004.net (201.3.236.74) ...

08/27/04 20:45:33 whois help2004.net

.net is a domain of Network services

Searches for .net can be run at http://www.crsnic.net/

whois -h whois.crsnic.net help2004.net ...

Redirecting to ENOM, INC.

whois -h whois.enom.com help2004.net ...

Domain not found.

whois -h whois.registro.br 201.3.236.74 ...

inetnum: 201.3/16

aut-num: AS8167

abuse-c: BTA17

owner: Brasil Telecom S/A - Filial Distrito Federal

ownerid: 076.535.764/0326-90

responsible: Brasil Telecom S. A. - CNRS

address: SEPS 702/092 Cj. B - Bl B 3 andar Gen. Alencastro, S/N,

address: 70390-025 - Brasilia - DF

phone: (61) 415-4201 []

owner-c: BTC14

tech-c: BTC14

nic-hdl-br: BTA17

person: Brasil Telecom S. A - Abuso

e-mail: abuse[at]NOC.BRASILTELECOM.NET.BR

address: CNRS - Telebrasilia - SCN Quadra, 03, Bloco A

address: 70710-500 - Brasilia - DF

phone: (0800) 6414040

created: 20030624

changed: 20030624

nic-hdl-br: BTC14

person: Brasil Telecom S. A. - CNRS

e-mail: suporte[at]NOC.BRASILTELECOM.NET.BR

address: SCN Quadra 3 Ed. Telebrasilia, S/N, S/C

address: 70000-000 - Brasilia - DF

phone: (61) 0800 [6414040]

created: 20031003

changed: 20031003

remarks: Security issues should also be addressed to

remarks: nbso[at]nic.br, http://www.nbso.nic.br/

remarks: Mail abuse issues should also be addressed to

remarks: mail-abuse[at]nic.br

HTH

[Merlyn]

The only real way to shut em down is to show invalid whois data but without any it is very hard to do.

It shouldn't exist but it does.

Aren't dns/whois games fun?

[turetzsr]

Can anyone find the whois for help2004.net

15951[/snapback]

...You probably already know these but, FWIW, here's what I used to use b4 I started relying on SpamCop:

1. General: G E E K T O O L S
   
2. US/Canada: ARIN
   
3. Latin America: LACNIC
   
4. Europe, Africa, Middle East: RIPE
   
5. Asia-Pacific: APNIC
   
6. Brazil: Registro.br
   
7. Korea: krnic
   
8. Japan: JPNIC (English)
   

[Wazoo]

Not that it matters, and I have no doubt you're already been there, but .. just in case ... the site asked about does a redirect to http://www.help2004.net/agrje which then runs up a "fill in the blanks with your data" scri_pt to send out via another .php scri_pt. Not sure if you want to hack .. errr, peek a bit .... or simply chase down the alleged "PRO-MORTGAGE" (ha!) ... definitely a U.S. based scam

[Wazoo]

http://www.enom.com/domains/Register.asp

SEARCH RESULTS:

help2004.net is available.

help2004.com is tagged as "not" available

Timing off?? Credit card bounced??

08/27/04 21:42:04 whois help2004.com

.com is a domain of USA & International Commercial

Searches for .com can be run at http://www.crsnic.net/

whois -h whois.crsnic.net help2004.com ...

Redirecting to INTERCOSMOS MEDIA GROUP, INC. D/B/A DIRECTNIC.COM

whois -h whois.directnic.com help2004.com ...

Registration and WHOIS Service Provided By: directNIC.com

08/27/04 21:43:47 Slow traceroute help2004.com

Trace help2004.com (204.251.10.218) ...

Registrant:

Pre-Paid Legal Independent Asc

1418 Bath Street #C

Santa Barbara, CA 93101

US

800-803-5722

Fax:800-298-1525

Domain Name: HELP2004.COM

Administrative Contact:

Douglas, Stephen steve[at]prepaidlegal.com

1418 Bath Street #C

Santa Barbara, CA 93101

US

800-803-5722

Fax:800-298-1525

Technical Contact:

Douglas, Stephen steve[at]prepaidlegal.com

1418 Bath Street #C

Santa Barbara, CA 93101

US

800-803-5722

Fax:800-298-1525

Record expires on 11-25-2004

Record created on 11-25-2003

Domain servers in listed order:

NS0.DIRECTNIC.COM 204.251.10.100

NS1.DIRECTNIC.COM 206.251.177.2