Jump to content

Cannot resolve URL


Recommended Posts

When I report messages from notorious E.V.A. Pharmaceutics, I'm getting "Cannot resolve referenced web site" responses, so the spamvertized site goes unreported. The url resolves fine when used however. Here's how they have it in the note body:

<A href="http://tiplyzkompr.36funhours.info/?xqsofioxtvuyesocyszctbidsmpnto">Get it</A>

I report using the two-part form.

Link to comment
Share on other sites

Please provide the Tracking URL in the future.

11/29/04 13:25:41 Slow traceroute tiplyzkompr.36funhours.info

Trace tiplyzkompr.36funhours.info ( ... RTT: 268ms TTL:192 (No rDNS) RTT: 269ms TTL:192 (No rDNS) RTT: 387ms TTL:192 (No rDNS) RTT: 286ms TTL:192 (No rDNS) RTT: 305ms TTL:192 (No rDNS)

* * * failed

* * * failed

* * * failed

* * * failed

Dig tiplyzkompr.36funhours.info[at]ns2.peiman.biz ( ...

failed, couldn't connect to nameserver

Dig tiplyzkompr.36funhours.info[at]ns1.peiman.biz ( ...

failed, couldn't connect to nameserver

Dig tiplyzkompr.36funhours.info[at]ns3.peiman.biz ( ...

failed, couldn't connect to nameserver

Dig tiplyzkompr.36funhours.info[at]xxx.xx.xxx.xx ...

Non-authoritative answer

Recursive queries supported by this server

Query for tiplyzkompr.36funhours.info type=255 class=1

tiplyzkompr.36funhours.info A (Address)

tiplyzkompr.36funhours.info MX (Mail Exchanger) Priority: 0

36funhours.info NS (Nameserver) ns3.peiman.biz

36funhours.info NS (Nameserver) ns1.peiman.biz

36funhours.info NS (Nameserver) ns2.peiman.biz

ns1.peiman.biz A (Address)

ns2.peiman.biz A (Address)

11/29/04 13:31:22 Browsing http://tiplyzkompr.36funhours.info/

Fetching http://tiplyzkompr.36funhours.info/ ...

GET / HTTP/1.1

Host: tiplyzkompr.36funhours.info

Connection: close

HTTP/1.0 200 OK

Server: Apache/2.0.40 (Red Hat Linux)

Accept-Ranges: bytes

X-Powered-By: PHP/4.2.2

Content-Type: text/html; charset=ISO-8859-1

Connection: close

<frameset><frame src="chair.php"></frameset>

whois -h whois.geektools.com tiplyzkompr.36funhours.info ...

GeekTools Whois Proxy v5.0.4 Ready.

Checking server [whois.afilias.info]

Results: NOT FOUND

Query Results For: "tiplyzkompr.36funhours.info" Query timed out

at http://www.canufly.net/~georgegg/dns/

Giving up on trying to locate the Domain name, switch to the IP address where it's sitting;

whois -h whois.apnic.net ...

inetnum: -

netname: CNCGROUP-HA

role: CNCGroup Hostmaster

e-mail: abuse[at]cnc-noc.net

address: No.156,Fu-Xing-Men-Nei Street,

address: Beijing,100031,P.R.China

nic-hdl: CH455-AP

person: Liping Zhong

address: Henan Multimedia Information Bureau

address: 70, Nong Ye Road

address: ZhengZhou, Henan 450002

address: CN

phone: +86-371-3962276

fax-no: +86-371-3962068

e-mail: antispam[at]public.zz.ha.cn


Easy assumption is that the web-site invoked is probably nothing more than a set-up to do some sort of hijack, trying to nail an unpatched, unsecure machine via one of several exploits. Simple trace-route blocked, no e-mail wanted, and name-servers suck. After running the domain through a half-dozen other tool sets, I gave up and just went for the IP ... result there would suggest that complaints would go un-heeded anyway ...

Understand your frustration, but .... not much lost in the lack of a report actually. The main thing I'd point out is that if you're going to actually visit these spamvertised sites, please make sure that your system is up to date on all security tools, patches, and fixes.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...