>...
>On Montag, 12. Juni 2006 10:03 Jamie L. Penman-Smithson wrote:
>> On 12 Jun 2006, at 07:53, Michael Monnerie wrote:
>> > yesterday I've got some new kind of spam:
>> >
>> > X-Envelope-From: [EMAIL PROTECTED]
>> > Received: from abruxateatro.com (unknown [210.245.161.31])
>> > by power2u.goelsen.net (Postfix) with SMTP id ____________
>> > for <_____________>; Sun, 11 Jun 2006 18:25:57 +0200 (CEST)
>> >
>> > X-Envelope-From: [EMAIL PROTECTED]
>> > Received: from acidstufftv.com (unknown [210.245.161.31])
>> > by power2u.goelsen.net (Postfix) with SMTP id ____________
>> > for <_____________>; Sun, 11 Jun 2006 18:25:58 +0200 (CEST)
>> >
>> > These domains don't exist now, but obviously did yesterday. Did
>> > anybody
>> > else see such SPAM? How can I check if a domain ever existed?
>> > Is anybody working on a check for new domains, so that you could
>> > say "if
>> > a domain is newer than 2 days, temporary reject"?
>>
>> abruxateatro.com still exists in DNS. although it looks like just a
>> "domain parked" site:
>
>Oh, I got fooled by:
># whois abruxateatro.com
>NO DOMAIN (1)
>
>So, that domain at least exists. Could there be a check for whether a=20
>domain has an MX record, and if not give it some points? Would make=20
>sense, I guess, because normally e-mail is two-way...
>
>And what about the acidstufftv.com domain?
>
>mfg zmi
>=2D-=20
>// Michael Monnerie, Ing.BSc ----- http://it-management.at
>// Tel: 0660/4156531 .network.your.ideas.
>// PGP Key: "lynx -source http://zmi.at/zmi3.asc | gpg --import"
>// Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE
>// Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE
>...
Sloppy (and maybe even blackhat) registrars (belgiumdomains.com,
capdom.com and domaindoorman.com).
You don't need a 'MX' - fallback to 'A' is still part of the
standards.
Both sites have non-parked pages (or did in the past) - See:
http://whois.domaintools.com/abruxateatro.com
and
http://whois.domaintools.com/acidstufftv.com
Paul Shupak
[EMAIL PROTECTED]
--------------------------------------------------------------------------------
% whois -h whois.completewhois.com abruxateatro.com
Completewhois.Com Whois Server, Version 0.91a33, compiled on May 28, 2006
Please see http://www.completewhois.com/help.htm for command-line options
Use of this server and any information obtained here is allowed only
if you follow our policies at http://www.completewhois.com/policies.htm
[DOMAIN whois information for ABRUXATEATRO.COM ]
Domain Name: ABRUXATEATRO.COM
Namespace: ICANN Unsponsored Generic TLD - http://www.icann.org
TLD Info: See IANA Whois - http://www.iana.org/root-whois/com.htm
Registry: VeriSign, Inc. - http://www.verisign-grs.com
Registrar: Whois data parsing problem, no registrar information found
Whois Server: rs.internic.net
Name Server[from dns, whois ip]: DNS4.K--SERVICE.COM 66.45.237.186
Name Server[from dns, dns ip]: DNS4.K--SERVICE.COM 64.20.33.131
Name Server[from dns, whois ip]: DNS2.K--SERVICE.COM 66.45.237.186
Name Server[from dns, dns ip]: DNS2.K--SERVICE.COM 64.20.39.27
Name Server[from dns, whois ip]: DNS.K--SERVICE.COM 66.45.237.186
Name Server[from dns, dns ip]: DNS.K--SERVICE.COM 64.20.33.4
Domain ABRUXATEATRO.COM not found in registry whois server.
But this domain appears to be delegated in dns. This is either an error with
registrar whois database or it is possible this domain was recently registered
and whois data is not yet available. Completewhois domain information above
should list current nameservers as has been found in dns, for more information
regarding this domain, please do whois lookup on these nameservers or IPs
[RS.INTERNIC.NET]
...
% jwhois acidstufftv.com
[Querying whois.internic.net]
[Redirected to whois.domaindoorman.com]
[Querying whois.domaindoorman.com]
[whois.domaindoorman.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Wang Lee (ACIDSTUFFTV-COM-DOM)
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
+852.30149162
[EMAIL PROTECTED]
Domain Name: ACIDSTUFFTV.COM
Status: PROTECTED
Administrative Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Technical Contact, Zone Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Record last updated on 12-Jun-2006.
Record expires on 12-Jun-2007.
Record created on 12-Jun-2006.
Domain servers in listed order:
Name Server: DNS4.K--SERVICE.COM
Name Server: DNS2.K--SERVICE.COM
Name Server: DNS.K--SERVICE.COM
% jwhois k--service.com
[Querying whois.internic.net]
[Redirected to whois.belgiumdomains.com]
[Querying whois.belgiumdomains.com]
[whois.belgiumdomains.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Wang Lee (K--SERVICE-COM-DOM)
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
+852.30149162
[EMAIL PROTECTED]
Domain Name: K--SERVICE.COM
Status: PROTECTED
Administrative Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Technical Contact, Zone Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Record last updated on 03-Jun-2006.
Record expires on 18-May-2007.
Record created on 18-May-2006.
Domain servers in listed order:
Name Server: DNS5.NAME--P.COM
Name Server: DNS3.NAME--P.COM
Name Server: DNS1.NAME--P.COM
% whois -h whois.completewhois.com name--p.com
Completewhois.Com Whois Server, Version 0.91a33, compiled on May 28, 2006
Please see http://www.completewhois.com/help.htm for command-line options
Use of this server and any information obtained here is allowed only
if you follow our policies at http://www.completewhois.com/policies.htm
[DOMAIN whois information for NAME--P.COM ]
Domain Name: NAME--P.COM
Namespace: ICANN Unsponsored Generic TLD - http://www.icann.org
TLD Info: See IANA Whois - http://www.iana.org/root-whois/com.htm
Registry: VeriSign, Inc. - http://www.verisign-grs.com
Registrar: BELGIUMDOMAINS, LLC - http://www.belgiumdomains.com
Whois Server: whois.belgiumdomains.com
Name Server[whois+dns with ip] DNS.DNS-PARKING-SERVICE.COM 64.20.41.162
Name Server[whois+dns with ip] DNS1.DNS-PARKING-SERVICE.COM 64.20.43.106
Name Server[whois+dns with ip] DNS2.DNS-PARKING-SERVICE.COM 66.45.225.10
Updated Date: 18-May-2006
Creation Date: 18-May-2006
Expiration Date: 18-May-2007
Status: ACTIVE
[whois.belgiumdomains.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Cambridge Capital, Ltd (NAME--P-COM-DOM)
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
+1.5097526515
[EMAIL PROTECTED]
Domain Name: NAME--P.COM
Status: PROTECTED
Administrative Contact:
Cambridge Capital, Ltd [EMAIL PROTECTED]
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Technical Contact, Zone Contact:
Cambridge Capital, Ltd [EMAIL PROTECTED]
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Record last updated on 12-Jun-2006.
Record expires on 18-May-2007.
Record created on 18-May-2006.
Domain servers in listed order:
Name Server: DNS2.DNS-PARKING-SERVICE.COM
Name Server: DNS1.DNS-PARKING-SERVICE.COM
Name Server: DNS.DNS-PARKING-SERVICE.COM
## BS DNS
% dig abruxateatro.com any +noqu +norec @66.45.237.186
; <<>> DiG 9.3.2 <<>> abruxateatro.com any +noqu +norec @66.45.237.186
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35069
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; ANSWER SECTION:
abruxateatro.com. 7200 IN A 66.45.240.180
;; AUTHORITY SECTION:
. 259200 IN NS ns.
;; Query time: 94 msec
;; SERVER: 66.45.237.186#53(66.45.237.186)
;; WHEN: Tue Jun 13 11:34:39 2006
;; MSG SIZE rcvd: 65
## Nore garbage
% dig acidstufftv.com any +noqu +norec @66.45.237.186
; <<>> DiG 9.3.2 <<>> acidstufftv.com any +noqu +norec @66.45.237.186
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32122
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; ANSWER SECTION:
acidstufftv.com. 7200 IN A 66.45.240.180
;; AUTHORITY SECTION:
. 259200 IN NS ns.
;; Query time: 93 msec
;; SERVER: 66.45.237.186#53(66.45.237.186)
;; WHEN: Tue Jun 13 11:35:38 2006
;; MSG SIZE rcvd: 64
# There are at least 228,068 other sites hosted at 66.45.240.180
% jwhois 66.45.240.180
[Querying whois.arin.net]
[whois.arin.net]
OrgName: Interserver, Inc
OrgID: INTER-83
Address: PO Box 244
City: Fort Lee
StateProv: NJ
PostalCode: 07024
Country: US
ReferralServer: rwhois://rwhois.trouble-free.net:4321
NetRange: 66.45.224.0 - 66.45.255.255
CIDR: 66.45.224.0/19
NetName: INTERSERVER
NetHandle: NET-66-45-224-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: DNS4.INTERSERVER.NET
NameServer: DNS5.INTERSERVER.NET
Comment:
RegDate: 2003-09-23
Updated: 2004-05-14
RTechHandle: MLA13-ARIN
RTechName: Lavrik, Michael
RTechPhone: +1-877-566-8398
RTechEmail: [EMAIL PROTECTED]
OrgTechHandle: NOC1390-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-201-643-0134
OrgTechEmail: [EMAIL PROTECTED]
# ARIN WHOIS database, last updated 2006-06-12 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
% jwhois trouble-free.net
[Querying whois.internic.net]
[Redirected to whois.opensrs.net]
[Querying whois.opensrs.net]
[whois.opensrs.net]
Registrant:
Trouble-Free
PO Box 244
Fort Lee, NJ 07024
US
Domain name: TROUBLE-FREE.NET
Administrative Contact:
Lavrik, Michael [EMAIL PROTECTED]
PO Box 244
Fort Lee, NJ 07024
US
201-242-9173
Technical Contact:
Lavrik, Michael [EMAIL PROTECTED]
Po Box 244
Fort Lee, NJ 07024
US
201-242-9173
Registration Service Provider:
InterServer, Inc, [EMAIL PROTECTED]
877-566-8398
201-643-1034 (fax)
http://www.interserver.net
This company may be contacted for domain login/passwords,
DNS/Nameserver changes, and general domain support questions.
Use https://interserver.net/manage_domain.php to manage domain name(s).
Please visit https://interserver.net for company information.
Registrar of Record: TUCOWS, INC.
Record last updated on 15-Sep-2005.
Record expires on 13-Oct-2006.
Record created on 13-Oct-2000.
Domain servers in listed order:
DNS4.INTERSERVER.NET 66.45.228.78
DNS5.INTERSERVER.NET 66.45.228.3
OPS.TROUBLE-FREE.NET 66.45.228.10
Domain status: REGISTRAR-LOCK
The Data in the Tucows Registrar WHOIS database is provided to you by Tucows
for information purposes only, and may be used to assist you in obtaining
information about or related to a domain name's registration record.
Tucows makes this information available "as is," and does not guarantee its
accuracy.
By submitting a WHOIS query, you agree that you will use this data only for
lawful purposes and that, under no circumstances will you use this data to:
a) allow, enable, or otherwise support the transmission by e-mail,
telephone, or facsimile of mass, unsolicited, commercial advertising or
solicitations to entities other than the data recipient's own existing
customers; or (b) enable high volume, automated, electronic processes that
send queries or data to the systems of any Registry Operator or
ICANN-Accredited registrar, except as reasonably necessary to register
domain names or modify existing registrations.
The compilation, repackaging, dissemination or other use of this Data is
expressly prohibited without the prior written consent of Tucows.
Tucows reserves the right to terminate your access to the Tucows WHOIS
database in its sole discretion, including without limitation, for excessive
querying of the WHOIS database or for failure to otherwise abide by this
policy.
Tucows reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.
NOTE: THE WHOIS DATABASE IS A CONTACT DATABASE ONLY. LACK OF A DOMAIN
RECORD DOES NOT SIGNIFY DOMAIN AVAILABILITY.
## Your "spammers" below
% whois -h whois.completewhois.com wangleedomains.com
Completewhois.Com Whois Server, Version 0.91a33, compiled on May 28, 2006
Please see http://www.completewhois.com/help.htm for command-line options
Use of this server and any information obtained here is allowed only
if you follow our policies at http://www.completewhois.com/policies.htm
[DOMAIN whois information for WANGLEEDOMAINS.COM ]
Domain Name: WANGLEEDOMAINS.COM
Namespace: ICANN Unsponsored Generic TLD - http://www.icann.org
TLD Info: See IANA Whois - http://www.iana.org/root-whois/com.htm
Registry: VeriSign, Inc. - http://www.verisign-grs.com
Registrar: BELGIUMDOMAINS, LLC - http://www.belgiumdomains.com
Whois Server: whois.belgiumdomains.com
Name Server[from whois+dns, whois ip]: NS1.WANGLEEDOMAINS.COM 216.75.55.34
Name Server[from whois+dns, whois ip]: NS2.WANGLEEDOMAINS.COM 216.75.55.34
Updated Date: 15-May-2006
Creation Date: 15-May-2006
Expiration Date: 15-May-2007
Status: ACTIVE
[whois.belgiumdomains.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Wang Lee Domains (WANGLEEDOMAINS-COM-DOM)
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
+852.30149162
[EMAIL PROTECTED]
Domain Name: WANGLEEDOMAINS.COM
Status: PROTECTED
Administrative Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Technical Contact, Zone Contact:
Wang Lee [EMAIL PROTECTED]
Olympia Plaza
255 King's Road
North Point,
Hong Kong
+852.30149162
Fax- +852.30149162
Record last updated on 03-Jun-2006.
Record expires on 15-May-2007.
Record created on 15-May-2006.
Domain servers in listed order:
Name Server: NS2.WANGLEEDOMAINS.COM
Name Server: NS1.WANGLEEDOMAINS.COM
% jwhois cambridgecapltd.com
[Querying whois.internic.net]
[Redirected to whois.capdom.com]
[Querying whois.capdom.com]
[whois.capdom.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Cambridge Capital, Ltd (CAMBRIDGECAPLTD-COM-DOM)
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
+1.5097526515
[EMAIL PROTECTED]
Domain Name: CAMBRIDGECAPLTD.COM
Status: PROTECTED
Administrative Contact:
Cambridge Capital, Ltd [EMAIL PROTECTED]
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Technical Contact, Zone Contact:
Cambridge Capital, Ltd [EMAIL PROTECTED]
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Record last updated on 07-Jun-2006.
Record expires on 11-May-2008.
Record created on 11-May-2000.
Domain servers in listed order:
Name Server: NS2.ICE-HOSTING.COM
Name Server: NS1.ICE-HOSTING.COM
## Gee, a PO Box in the Virgin Islands
% whois -h whois.completewhois.com ice-hosting.com
Completewhois.Com Whois Server, Version 0.91a33, compiled on May 28, 2006
Please see http://www.completewhois.com/help.htm for command-line options
Use of this server and any information obtained here is allowed only
if you follow our policies at http://www.completewhois.com/policies.htm
[DOMAIN whois information for ICE-HOSTING.COM ]
Domain Name: ICE-HOSTING.COM
Namespace: ICANN Unsponsored Generic TLD - http://www.icann.org
TLD Info: See IANA Whois - http://www.iana.org/root-whois/com.htm
Registry: VeriSign, Inc. - http://www.verisign-grs.com
Registrar: CAPITOLDOMAINS, LLC - http://www.capdom.com
Whois Server: whois.capdom.com
Name Server[whois+dns with ip] NS1.DOTREGISTRAR.NET 209.67.69.20
Name Server[whois+dns with ip] NS2.DOTREGISTRAR.NET 69.25.27.174
Updated Date: 24-Jan-2006
Creation Date: 22-Jul-2003
Expiration Date: 22-Jul-2007
Status: ACTIVE
[whois.capdom.com]
This whois service shows the information for .COM, .NET and .ORG domains
The fact that your query returns "NOT FOUND" does not necessarily mean that
the domain may be available for registration. To search all domains, please
go to the shared registry whois located at:
http://www.internic.net/whois.html
Registrant:
Netrian Ventures Ltd. (ICE-HOSTING-COM-DOM)
c/o Global Consultants Group Inc.
P.O. Box 3174
Road Town, Tortola
VG
+1.4197939661
+1.4197939661
[EMAIL PROTECTED]
Domain Name: ICE-HOSTING.COM
Status: PROTECTED
Administrative Contact:
Netrian Ventures Ltd. [EMAIL PROTECTED]
P.O. Box 3174
Road Town, Tortola
VG
+1.4197939661
Fax- +1.4197939661
Technical Contact, Zone Contact:
Netrian Ventures Ltd. [EMAIL PROTECTED]
P.O. Box 3174
Road Town, Tortola
VG
+1.4197939661
Fax- +1.4197939661
Record last updated on 07-Jun-2006.
Record expires on 22-Jul-2007.
Record created on 22-Jul-2003.
Domain servers in listed order:
Name Server: NS2.DOTREGISTRAR.NET
Name Server: NS1.DOTREGISTRAR.NET
