Kewl Posted July 5, 2018 Share Posted July 5, 2018 Are the reports about this spamvertised website going to the spammer? Re: http://www.superlative.com/landing/studio-agent... (Administrator of network hosting website referenced in spam) dkanash{AT}superlativeDOTcom Link to comment Share on other sites More sharing options...
Lking Posted July 5, 2018 Share Posted July 5, 2018 We can not tell without a Tracking URL. Then we would know what reports the parser sent. In general the spamvertised links in submitted email are the lowest priority, but given resources, yes reports would be sent. Link to comment Share on other sites More sharing options...
RobiBue Posted July 5, 2018 Share Posted July 5, 2018 It seems to me that superlative.com has a large IP address space (https://whois.arin.net/rest/net/NET-74-118-120-0-1/pft?s=74.118.120.0.) That shows a /22 range with 1024 addresses (well, minus 2) they could be the spammer host (or not). there doesn't seem to be an upstream they are subletting from... at least I couldn't find one... This link (https://ipinfo.io/74.118.123.4) tells me a bit of a different story, but the data could be old... Link to comment Share on other sites More sharing options...
Kewl Posted July 5, 2018 Author Share Posted July 5, 2018 tracking...z6472540791zbc4dc308f7bf81c46ac845f7c9579a94z Link to comment Share on other sites More sharing options...
Lking Posted July 6, 2018 Share Posted July 6, 2018 Thank you for the Tracking URL. To answer your original question 6 hours ago, Kewl said: Are the reports about this spamvertised website going to the spammer? Yes. If you look at the bottom of the parser report, spam reports are sent to jstrader{AT}superlative{DOT}com " (Administrator of network hosting website referenced in spam) " Link to comment Share on other sites More sharing options...
RobiBue Posted July 6, 2018 Share Posted July 6, 2018 Yeah, that would be them themselves. IOW you'd be sending the report straight to the spammer.... unfortunately, they get their addresses straight from IANA/ARIN At least that's what I see, unless someone has more insight... Link to comment Share on other sites More sharing options...
Kewl Posted July 10, 2018 Author Share Posted July 10, 2018 Thanks for the feedback folks. I will just continue to uncheck the reports about the spamvertised website. Link to comment Share on other sites More sharing options...
petzl Posted July 12, 2018 Share Posted July 12, 2018 On 7/6/2018 at 12:30 PM, RobiBue said: unfortunately, they get their addresses straight from IANA/ARIN Yes or they have "legacy" entries from those manually put in to override ARIN. These should be done with an expiry date many are defunct. RIPE is more accurate, however years ago they denied SpamCop look-ups I use a windows program http://www.nirsoft.net/utils/ipnetinfo.html for domains http://www.gena01.com/win32whois/ for text web-browser http://www.netdemon.net/ it does more like port scan can no longer register as programer retired. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.