Kewl Posted July 5, 2018 Share Posted July 5, 2018 Are the reports about this spamvertised website going to the spammer? Re: http://www.superlative.com/landing/studio-agent... (Administrator of network hosting website referenced in spam) dkanash{AT}superlativeDOTcom Quote Link to comment Share on other sites More sharing options...
Lking Posted July 5, 2018 Share Posted July 5, 2018 We can not tell without a Tracking URL. Then we would know what reports the parser sent. In general the spamvertised links in submitted email are the lowest priority, but given resources, yes reports would be sent. Quote Link to comment Share on other sites More sharing options...
RobiBue Posted July 5, 2018 Share Posted July 5, 2018 It seems to me that superlative.com has a large IP address space (https://whois.arin.net/rest/net/NET-74-118-120-0-1/pft?s=74.118.120.0.) That shows a /22 range with 1024 addresses (well, minus 2) they could be the spammer host (or not). there doesn't seem to be an upstream they are subletting from... at least I couldn't find one... This link (https://ipinfo.io/74.118.123.4) tells me a bit of a different story, but the data could be old... Quote Link to comment Share on other sites More sharing options...
Kewl Posted July 5, 2018 Author Share Posted July 5, 2018 tracking...z6472540791zbc4dc308f7bf81c46ac845f7c9579a94z Quote Link to comment Share on other sites More sharing options...
Lking Posted July 6, 2018 Share Posted July 6, 2018 Thank you for the Tracking URL. To answer your original question 6 hours ago, Kewl said: Are the reports about this spamvertised website going to the spammer? Yes. If you look at the bottom of the parser report, spam reports are sent to jstrader{AT}superlative{DOT}com " (Administrator of network hosting website referenced in spam) " Quote Link to comment Share on other sites More sharing options...
RobiBue Posted July 6, 2018 Share Posted July 6, 2018 Yeah, that would be them themselves. IOW you'd be sending the report straight to the spammer.... unfortunately, they get their addresses straight from IANA/ARIN At least that's what I see, unless someone has more insight... Quote Link to comment Share on other sites More sharing options...
Kewl Posted July 10, 2018 Author Share Posted July 10, 2018 Thanks for the feedback folks. I will just continue to uncheck the reports about the spamvertised website. Quote Link to comment Share on other sites More sharing options...
petzl Posted July 12, 2018 Share Posted July 12, 2018 On 7/6/2018 at 12:30 PM, RobiBue said: unfortunately, they get their addresses straight from IANA/ARIN Yes or they have "legacy" entries from those manually put in to override ARIN. These should be done with an expiry date many are defunct. RIPE is more accurate, however years ago they denied SpamCop look-ups I use a windows program http://www.nirsoft.net/utils/ipnetinfo.html for domains http://www.gena01.com/win32whois/ for text web-browser http://www.netdemon.net/ it does more like port scan can no longer register as programer retired. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.