MIG Posted February 8, 2019 Share Posted February 8, 2019 https://www.spamcop.net/sc?id=z6518469737z783d805be9fc021c6a1e671dab218766z Morning all, I'd be interested to hear what others think about the source of 50.31.49.41 please? Cheers. Link to comment Share on other sites More sharing options...
petzl Posted February 9, 2019 Share Posted February 9, 2019 2 hours ago, MIG said: https://www.spamcop.net/sc?id=z6518469737z783d805be9fc021c6a1e671dab218766z Morning all, I'd be interested to hear what others think about the source of 50.31.49.41 please? Cheers. abuse[AT]steadfast.net. Link to comment Share on other sites More sharing options...
RobiBue Posted February 9, 2019 Share Posted February 9, 2019 1 hour ago, petzl said: abuse[AT]steadfast.net. I concur. Sendgrid is a spammer friendly host and needs to be made aware that this is not acceptable. Thus: https://whois.arin.net/rest/net/NET-50-31-32-0-1/pft?s=50.31.49.41 gives me parent: STEADFAST-6 (NET-50-31-0-0-1) which in turn returns Related organization's POC records. from which I can take (extrapolate?(sic)) Abuse: ABUSE959-ARIN (ABUSE959-ARIN) -> https://whois.arin.net/rest/poc/ABUSE959-ARIN.html and you have the aforementioned abuse email address Link to comment Share on other sites More sharing options...
MIG Posted February 9, 2019 Author Share Posted February 9, 2019 Hi Petzel & RobiBue, Thank you, both of you; I concur, however these are the replies I get from Sendgrid: quote: "the domain sendgrid.net is not currently registered through our service. The IP address 50.31.49.41 does not belong to our service, & the URL of virustotal.com shows, the current registrar of the domain sengrid.net is GoDaddy.com, LLC. We therefore suggest to contact GoDaddy.com, LLC or the registrant of the domain. & as we mentioned in our previous mail, the domain is not registered through our service, and the IP address belongs to GoDaddy.com, LLC. Therefore the responsible registrar in question is GoDaddy.com, LLC. Please contact abuse@godaddy.com for further investigation: addresses 50.31.49.41 Domain Whois record Queried whois.internic.net with "dom sendgrid.net"... Domain Name: SENDGRID.NET Registry Domain ID: 1552841547_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:24Z Creation Date: 2009-04-20T09:09:23Z Registry Expiry Date: 2019-04-20T09:09:23Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505" unquote 😕 Link to comment Share on other sites More sharing options...
Lking Posted February 9, 2019 Share Posted February 9, 2019 16 minutes ago, RobiBue said: Sendgrid is a spammer friendly host and needs to be made aware that this is not acceptable. which is a good reason for SpamCop to devnull the report sent to sendgrid.com Quote If reported today, reports would be sent to: Re: 50.31.49.41 (Administrator of IP block - statistics only)abuse#sendgrid.com@devnull.spamcop.net Link to comment Share on other sites More sharing options...
MIG Posted February 9, 2019 Author Share Posted February 9, 2019 🤔Mmm Lking, I don't disagree with SC, just curious that SendGrid are denying hosting the source, leaving me 😕😵😕 Link to comment Share on other sites More sharing options...
petzl Posted February 9, 2019 Share Posted February 9, 2019 16 minutes ago, Lking said: which is a good reason for SpamCop to devnull the report sent to sendgrid.com My whois states Comment: Please submit all reports of abuse to Comment: abuse[AT]steadfast.net. Reports sent to Comment: other addresses will not be processed. Link to comment Share on other sites More sharing options...
Lking Posted February 9, 2019 Share Posted February 9, 2019 5 minutes ago, MIG said: just curious that SendGrid are denying hosting the source, Rule #1 petzl, yes but if they are spammer friendly why clog the internet with spam reports? Link to comment Share on other sites More sharing options...
RobiBue Posted February 9, 2019 Share Posted February 9, 2019 14 minutes ago, MIG said: Hi Petzel & RobiBue, Thank you, both of you; I concur, however these are the replies I get from Sendgrid: quote: "the domain sendgrid.net is not currently registered through our service. The IP address 50.31.49.41 does not belong to our service, & the URL of virustotal.com shows, the current registrar of the domain sengrid.net is GoDaddy.com, LLC. We therefore suggest to contact GoDaddy.com, LLC or the registrant of the domain. & as we mentioned in our previous mail, the domain is not registered through our service, and the IP address belongs to GoDaddy.com, LLC. Therefore the responsible registrar in question is GoDaddy.com, LLC. Please contact abuse@godaddy.com for further investigation: addresses 50.31.49.41 Domain Whois record Queried whois.internic.net with "dom sendgrid.net"... Domain Name: SENDGRID.NET Registry Domain ID: 1552841547_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:24Z Creation Date: 2009-04-20T09:09:23Z Registry Expiry Date: 2019-04-20T09:09:23Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505" unquote 😕 I would like to know how they can explain the following ARIN entry: https://whois.arin.net/rest/net/NET-50-31-32-0-1/pft?s=50.31.49.41 which clearly names Origin AS: AS11377 Organization: SendGrid, Inc. (SENDG) and is definitely sendgrid.com and not sendgrid.net Link to comment Share on other sites More sharing options...
MIG Posted February 9, 2019 Author Share Posted February 9, 2019 6 minutes ago, Lking said: Rule #1 Even to me Lking? I'm shattered! Link to comment Share on other sites More sharing options...
MIG Posted February 9, 2019 Author Share Posted February 9, 2019 2 minutes ago, RobiBue said: I would like to know how they can explain the following ARIN entry: https://whois.arin.net/rest/net/NET-50-31-32-0-1/pft?s=50.31.49.41 which clearly names Origin AS: AS11377 Organization: SendGrid, Inc. (SENDG) and is definitely sendgrid.com and not sendgrid.net They're not explaining RobiBue, just streadfastly denying, that's why I reached out here, after days of denials I was confident SFC⭐A⭐ Team would clarify & you 3 have! Thanks, always. Not only is SC a firstclass tool, the SCF is full of genius gems Link to comment Share on other sites More sharing options...
Lking Posted February 9, 2019 Share Posted February 9, 2019 3 minutes ago, MIG said: Even to me Lking? I'm shattered! 🤣🤣 I am afraid so grasshopper. Link to comment Share on other sites More sharing options...
MIG Posted February 9, 2019 Author Share Posted February 9, 2019 1 minute ago, Lking said: 🤣🤣 I am afraid so grasshopper. Help!🦗stuck prone, from😂🤣😂🤣 too much! Link to comment Share on other sites More sharing options...
RobiBue Posted February 9, 2019 Share Posted February 9, 2019 2 hours ago, MIG said: Hi Petzel & RobiBue, Thank you, both of you; I concur, however these are the replies I get from Sendgrid: quote: "the domain sendgrid.net is not currently registered through our service. The IP address 50.31.49.41 does not belong to our service, & the URL of virustotal.com shows, the current registrar of the domain sengrid.net is GoDaddy.com, LLC. We therefore suggest to contact GoDaddy.com, LLC or the registrant of the domain. & as we mentioned in our previous mail, the domain is not registered through our service, and the IP address belongs to GoDaddy.com, LLC. Therefore the responsible registrar in question is GoDaddy.com, LLC. Please contact abuse@godaddy.com for further investigation: addresses 50.31.49.41 Domain Whois record Queried whois.internic.net with "dom sendgrid.net"... Domain Name: SENDGRID.NET Registry Domain ID: 1552841547_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:24Z Creation Date: 2009-04-20T09:09:23Z Registry Expiry Date: 2019-04-20T09:09:23Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505" 😕 unquote very interesting: 02/08/19 22:49:04 whois dom sendgrid.com@whois.internic.net whois -h whois.internic.net dom sendgrid.com ... Domain Name: SENDGRID.COM Registry Domain ID: 1552841541_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:24Z Creation Date: 2009-04-20T09:09:19Z Registry Expiry Date: 2019-04-20T09:09:19Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505 and 02/08/19 22:48:32 whois dom sendgrid.net .net is a domain of Network services Searches for .net can be run at http://www.crsnic.net/ whois -h whois.crsnic.net dom sendgrid.net ... Domain Name: SENDGRID.NET Registry Domain ID: 1552841547_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:24Z Creation Date: 2009-04-20T09:09:23Z Registry Expiry Date: 2019-04-20T09:09:23Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505 so, interestingly, sendgrid.com and sendgrid.net are both registered through godaddy, and, coincidentally, both sendgrid domains were created 2009-04-20T09:09 with a 4 second time difference, and both were also coincidentally updated exactly at the same time and date 2018-04-21T14:31:24Z also the registry domain ID is very odd: Registry Domain ID: 1552841541_DOMAIN_COM-VRSN Registry Domain ID: 1552841547_DOMAIN_NET-VRSN the numbers are waaaaaaaaaaaay too close.... and digging deeper, I look at godaddy's whois database search: https://www.godaddy.com/whois/results.aspx?domain=sendgrid.net WHOIS search results Domain Name: SENDGRID.NET Registry Domain ID: 1552841547_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:23Z Creation Date: 2009-04-20T09:09:23Z Registrar Registration Expiration Date: 2019-04-20T09:09:23Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: +1.4806242505 Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited Registry Registrant ID: Not Available From Registry Registrant Name: Operations Team Registrant Organization: SendGrid, Inc Registrant Street: 1801 California Street Registrant Street: Suite 500 Registrant City: Denver Registrant State/Province: Colorado Registrant Postal Code: 80202 Registrant Country: US Registrant Phone: +1.8779698647 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: domains-abuse@sendgrid.com Registry Admin ID: Not Available From Registry Admin Name: Operations Team Admin Organization: SendGrid, Inc Admin Street: 1801 California Street Admin Street: Suite 500 Admin City: Denver Admin State/Province: Colorado Admin Postal Code: 80202 Admin Country: US Admin Phone: +1.8779698647 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: domains-abuse@sendgrid.com Registry Tech ID: Not Available From Registry Tech Name: Operations Team Tech Organization: SendGrid, Inc Tech Street: 1801 California Street Tech Street: Suite 500 Tech City: Denver Tech State/Province: Colorado Tech Postal Code: 80202 Tech Country: US Tech Phone: +1.8779698647 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: domains-abuse@sendgrid.com Name Server: NS10.DNSMADEEASY.COM Name Server: NS11.DNSMADEEASY.COM Name Server: NS12.DNSMADEEASY.COM Name Server: NS13.DNSMADEEASY.COM Name Server: NS14.DNSMADEEASY.COM Name Server: NS15.DNSMADEEASY.COM DNSSEC: unsigned wait a minute... what's that? Domain Name: SENDGRID.NET Registrant Email: domains-abuse@sendgrid.com hmmm.... let's look up the other one now: https://www.godaddy.com/whois/results.aspx?domain=sendgrid.com WHOIS search results Domain Name: SENDGRID.COM Registry Domain ID: 1552841541_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2018-04-21T14:31:23Z Creation Date: 2009-04-20T09:09:19Z Registrar Registration Expiration Date: 2019-04-20T09:09:19Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: +1.4806242505 Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited Registry Registrant ID: Not Available From Registry Registrant Name: Operations Team Registrant Organization: SendGrid, Inc Registrant Street: 1801 California Street Registrant Street: Suite 500 Registrant City: Denver Registrant State/Province: Colorado Registrant Postal Code: 80202 Registrant Country: US Registrant Phone: +1.8779698647 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: domains-abuse@sendgrid.com Registry Admin ID: Not Available From Registry Admin Name: Operations Team Admin Organization: SendGrid, Inc Admin Street: 1801 California Street Admin Street: Suite 500 Admin City: Denver Admin State/Province: Colorado Admin Postal Code: 80202 Admin Country: US Admin Phone: +1.8779698647 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: domains-abuse@sendgrid.com Registry Tech ID: Not Available From Registry Tech Name: Operations Team Tech Organization: SendGrid, Inc Tech Street: 1801 California Street Tech Street: Suite 500 Tech City: Denver Tech State/Province: Colorado Tech Postal Code: 80202 Tech Country: US Tech Phone: +1.8779698647 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: domains-abuse@sendgrid.com Name Server: NS10.DNSMADEEASY.COM Name Server: NS11.DNSMADEEASY.COM Name Server: NS12.DNSMADEEASY.COM Name Server: NS13.DNSMADEEASY.COM Name Server: NS14.DNSMADEEASY.COM Name Server: NS15.DNSMADEEASY.COM DNSSEC: unsigned Domain Name: SENDGRID.COM Registrant Email: domains-abuse@sendgrid.com and last but not least: Domain Name: SENDGRID.NET Registrant Name: Operations Team Registrant Organization: SendGrid, Inc Registrant Street: 1801 California Street Registrant Street: Suite 500 Registrant City: Denver Registrant State/Province: Colorado Registrant Postal Code: 80202 Registrant Country: US Registrant Phone: +1.8779698647 vs. Domain Name: SENDGRID.COM Registrant Name: Operations Team Registrant Organization: SendGrid, Inc Registrant Street: 1801 California Street Registrant Street: Suite 500 Registrant City: Denver Registrant State/Province: Colorado Registrant Postal Code: 80202 Registrant Country: US Registrant Phone: +1.8779698647 And the winner is: Rule#1! Oh, you got the wrong sendgrid in colorado! you need the other sendgrid in colorado! The one with the same address and same phone number. Link to comment Share on other sites More sharing options...
MIG Posted February 13, 2019 Author Share Posted February 13, 2019 RobiBue, Apologies for no response to your brilliant 🕵️♂️analysis, documenting same and your lethal humor, YOU'RE a bloody legend! No response (from me) due to 💻 crashed & burned during massive storm, all bu's, recovery, etc failed, needed admission to ER! BC some SCF doco disappears into some black hole from which nothing can be retrieved, I'm now archiving all great, helpful, useful posts, of which, many are yours. 🙏Thank you🙏 so much🙏! Link to comment Share on other sites More sharing options...
RobiBue Posted February 13, 2019 Share Posted February 13, 2019 4 hours ago, MIG said: RobiBue, Apologies for no response to your brilliant 🕵️♂️analysis, documenting same and your lethal humor, YOU'RE a bloody legend! No response (from me) due to 💻 crashed & burned during massive storm, all bu's, recovery, etc failed, needed admission to ER! BC some SCF doco disappears into some black hole from which nothing can be retrieved, I'm now archiving all great, helpful, useful posts, of which, many are yours. 🙏Thank you🙏 so much🙏! sorry to hear that. hope y'all are ok though. btw I wasn't expecting a reply, just passing information I find for the good of everyone if someone does have info that doesn't support my theory, I would gladly look at it from a different objective standpoint. 🔭🔍🔬 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.