[gnso-rds-pdp-wg] [OFF TOPIC] Hard to push for transparency, unless it starts at the top..

pkngrds at klos.net pkngrds at klos.net
Mon Oct 30 19:53:15 UTC 2017 

On 10/30/2017 2:24 PM, Michael Peddemors wrote:
> This happened to come across the desk..
>
> SpamAuditor's reporting spam..
>
> Received: from host16.registrar-servers.com (HELO host16.registrar-servers.com) (198.54.115.245)
>
> Obvious choice would be to contact their abuse department..
>
> whois registrar-servers.com
>
>     Domain Name: REGISTRAR-SERVERS.COM
>     Registry Domain ID: 1326800137_DOMAIN_COM-VRSN
>     Registrar WHOIS Server: whois.enom.com

Use the WHOIS server listed to get more information about the domain:

    Domain Name: REGISTRAR-SERVERS.COM
    Registry Domain ID: 1326800137_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.enom.com
    Registrar URL: www.enom.com
    Updated Date: 2017-10-10T01:10:02.00Z
    Creation Date: 2007-11-08T15:04:30.00Z
    Registrar Registration Expiration Date: 2018-11-08T15:04:00.00Z
    Registrar: ENOM, INC.
    Registrar IANA ID: 48
    Reseller: NAMECHEAP, INC
    Domain Status: clientTransferProhibited
    https://www.icann.org/epp#clientTransfer
    Prohibited
    Registry Registrant ID:
    Registrant Name: NAMECHEAP.COM NAMECHEAP.COM
    Registrant Organization: NAMECHEAP, INC
    Registrant Street: 4600 EAST WASHINGTON STREET, SUITE 305
    Registrant City: PHOENIX
    Registrant State/Province: AZ
    Registrant Postal Code: 85034
    Registrant Country: US
    Registrant Phone: +1.6613102107
    Registrant Phone Ext:
    Registrant Fax: +1.6613102107
    Registrant Fax Ext:
    Registrant Email: SUPPORT at NAMECHEAP.COM
    Registry Admin ID:
    Admin Name: NAMECHEAP.COM NAMECHEAP.COM
    Admin Organization: NAMECHEAP, INC
    Admin Street: 4600 EAST WASHINGTON STREET, SUITE 305
    Admin City: PHOENIX
    Admin State/Province: AZ
    Admin Postal Code: 85034
    Admin Country: US
    Admin Phone: +1.6613102107
    Admin Phone Ext:
    Admin Fax: +1.6613102107
    Admin Fax Ext:
    Admin Email: SUPPORT at NAMECHEAP.COM
    Registry Tech ID:
    Tech Name: NAMECHEAP.COM NAMECHEAP.COM
    Tech Organization: NAMECHEAP, INC
    Tech Street: 4600 EAST WASHINGTON STREET, SUITE 305
    Tech City: PHOENIX
    Tech State/Province: AZ
    Tech Postal Code: 85034
    Tech Country: US
    Tech Phone: +1.6613102107
    Tech Phone Ext:
    Tech Fax: +1.6613102107
    Tech Fax Ext:
    Tech Email: SUPPORT at NAMECHEAP.COM
    Name Server: A1.VERISIGNDNS.COM
    Name Server: A2.VERISIGNDNS.COM
    Name Server: A3.VERISIGNDNS.COM
    DNSSEC: unSigned
    Registrar Abuse Contact Email: abuse at enom.com
    Registrar Abuse Contact Phone: +1.4252982646
    URL of the ICANN WHOIS Data Problem Reporting System:
    http://wdprs.internic.net/

That implies 'SUPPORT at NAMECHEAP.COM', not that you would get any 
satisfaction from them - they seem to be more interested in letting bad 
guys run rampant on their servers than doing a little bit of work to 
find the problem and fix it!

As someone else suggested, use WHOIS on the actual IP address and get this:

    #
    # ARIN WHOIS data and services are subject to the Terms of Use
    # available at: https://www.arin.net/whois_tou.html
    #
    # If you see inaccuracies in the results, please report at
    # https://www.arin.net/public/whoisinaccuracy/index.xhtml
    #


    #
    # Query terms are ambiguous.  The query is assumed to be:
    #     "n 198.54.115.245"
    #
    # Use "?" to get help.
    #

    #
    # The following results may also be obtained via:
    #
    https://whois.arin.net/rest/nets;q=198.54.115.245?showDetails=true&showARIN=fa
    lse&showNonArinTopLevelNet=false&ext=netref2
    #

    NetRange:       198.54.112.0 - 198.54.127.255
    CIDR:           198.54.112.0/20
    NetName:        NAMEC-4
    NetHandle:      NET-198-54-112-0-1
    Parent:         NET198 (NET-198-0-0-0-0)
    NetType:        Direct Allocation
    OriginAS:
    Organization:   Namecheap, Inc. (NAMEC-4)
    RegDate:        2015-11-13
    Updated:        2015-11-13
    Ref: https://whois.arin.net/rest/net/NET-198-54-112-0-1


    OrgName:        Namecheap, Inc.
    OrgId:          NAMEC-4
    Address:        11400 W. Olympic Blvd. Suite 200
    City:           Los Angeles
    StateProv:      CA
    PostalCode:     90064
    Country:        US
    RegDate:        2011-01-28
    Updated:        2017-01-28
    Ref:            https://whois.arin.net/rest/org/NAMEC-4

    ReferralServer:  rwhois://whois.namecheaphosting.com:4321

    OrgTechHandle: EFIME-ARIN
    OrgTechName:   Efimenko, Igor
    OrgTechPhone:  +1-323-375-2822
    OrgTechEmail:  igor.e at namecheap.com
    OrgTechRef:    https://whois.arin.net/rest/poc/EFIME-ARIN

    OrgTechHandle: TECHT4-ARIN
    OrgTechName:   Tech team
    OrgTechPhone:  +1-661-310-2107
    OrgTechEmail:  tech at namecheaphosting.com
    OrgTechRef:    https://whois.arin.net/rest/poc/TECHT4-ARIN

    OrgAbuseHandle: ABUSE2885-ARIN
    OrgAbuseName:   Abuse team
    OrgAbusePhone:  +1-323-375-2822
    OrgAbuseEmail:  abuse at namecheaphosting.com
    OrgAbuseRef:    https://whois.arin.net/rest/poc/ABUSE2885-ARIN


    #
    # ARIN WHOIS data and services are subject to the Terms of Use
    # available at: https://www.arin.net/whois_tou.html
    #
    # If you see inaccuracies in the results, please report at
    # https://www.arin.net/public/whoisinaccuracy/index.xhtml
    #

But that sends you to the same useless company.  :o(

Patrick Klos
Klos Technologies, Inc.

>     Registrar URL:http://www.enom.com
>     Updated Date: 2017-10-19T15:09:30Z
>     Creation Date: 2007-11-08T15:04:30Z
>     Registry Expiry Date: 2018-11-08T15:04:30Z
>     Registrar: eNom, Inc.
>     Registrar IANA ID: 48
>     Registrar Abuse Contact Email:
>     Registrar Abuse Contact Phone:
>     Domain Status: clientTransferProhibitedhttps://icann.org/epp#clientTransferProhibited
>     Name Server: A1.VERISIGNDNS.COM
>     Name Server: A2.VERISIGNDNS.COM
>     Name Server: A3.VERISIGNDNS.COM
>     DNSSEC: unsigned
>     URL of the ICANN Whois Inaccuracy Complaint Form:https://www.icann.org/wicf/
>
> X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
> X-AntiAbuse: Primary Hostname - host16.registrar-servers.com
> X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
> X-AntiAbuse: Sender Address Domain - 2DayCloud.com
> X-Get-Message-Sender-Via: host16.registrar-servers.com: authenticated_id:info at 2daycloud.com
> X-Authenticated-Sender: host16.registrar-servers.com:info at 2daycloud.com
>
> So, you tell me.. how would you report this abuse ;)
>
>   
>   
> -- 
> "Catch the Magic of Linux..."
> ------------------------------------------------------------------------
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us athttp://www.linuxmagic.com  @linuxmagic
> ------------------------------------------------------------------------
> A Wizard IT Company - For More Infohttp://www.wizard.ca  
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> ------------------------------------------------------------------------
> 604-682-0300 Beautiful British Columbia, Canada
>
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171030/0d871c2e/attachment.html>

More information about the gnso-rds-pdp-wg mailing list