Author Topic: Whois info on URLs spammed  (Read 462 times)

Tom

  • Crazy poster
  • *
  • Posts: 210
  • Karma: 41
    • View Profile
Whois info on URLs spammed
« on: 2017-10-01 13:39:52 »
Some arse posted this:
Spoiler: show
Quote
Get ddos protection :https://www.fortinet.com/products/ddos/fortiddos.html

FortiDDoS Demo

In this full working demo of a FortiDDoS DDoS Attack Mitigation Appliance you’ll be able to explore the system dashboard, intuitive GUI, global settings, and protection profiles to see for yourself how comprehensive, yet easy it is to set up thresholds, address/service definitions, and access control lists. Also check out the detailed reporting and graphing tools.
Get the demo


DDoS

Distributed Denial of Service (DDoS) attacks are ever-evolving and use a variety of technologies. To successfully combat these attacks, you need a dynamic, multi-layered security solution. FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools.


I checked website, emailed owners about this

Here is relevant whois info I could pull up

If you notice here one of the emails is a yahoo email, isn't that a little suspicious for a website like that?

Edit: Added the raw whois data:
Code: [Select]
Domain Name: FORTINET.COM
Registry Domain ID: 62220315_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2017-03-05T14:46:13Z
Creation Date: 2001-02-16T23:42:12Z
Registrar Registration Expiration Date: 2027-02-16T05:00:00Z
Registrar: NETWORK SOLUTIONS, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.8003337680
Reseller:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Fortinet Inc.
Registrant Organization: Fortinet Inc.
Registrant Street: 899 KIFER RD
Registrant City: SUNNYVALE
Registrant State/Province: CA
Registrant Postal Code: 94086-5205
Registrant Country: US
Registrant Phone: +1.4082357700
Registrant Phone Ext:
Registrant Fax: +1.4082357737
Registrant Fax Ext:
Registrant Email: [email protected]
Registry Admin ID:
Admin Name: Ying, Shiny
Admin Organization: Fortinet Inc.
Admin Street: 4190 Still Creek Dr.
Admin City: Burnaby
Admin State/Province: BC
Admin Postal Code: V5C 6C6
Admin Country: CA
Admin Phone: +1.6044301297
Admin Phone Ext:
Admin Fax: +1.6042938885
Admin Fax Ext:
Admin Email: [email protected]
Registry Tech ID:
Tech Name: Ying, Shiny
Tech Organization: Fortinet Inc.
Tech Street: 4190 Still Creek Dr.
Tech City: Burnaby
Tech State/Province: BC
Tech Postal Code: V5C 6C6
Tech Country: CA
Tech Phone: +1.6044301297
Tech Phone Ext:
Tech Fax: +1.6042938885
Tech Fax Ext:
Tech Email: [email protected]
Name Server: NS1.FORTINET.COM
Name Server: NS2.FORTINET.COM
Name Server: NS3.FORTINET.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

Can someone check if the email used to sign up is from that website?
« Last Edit: 2017-10-01 13:57:11 by Tom »

Covarr

  • Covarr-Let
  • Administrator
  • No life
  • *
  • Posts: 3917
  • Karma: 115
  • The Great Redarr.
    • View Profile
Re: Whois info on URLs spammed
« Reply #1 on: 2017-10-01 14:04:03 »
This is the same spammer from a few weeks ago. Working with some kind of botnet. Every account he registers is from a different email, all from domains that don't have actual websites. My suspicion is that these domains are hacked or stolen. Unfortunately, he has a seemingly limitless supply of them, so I can't do anything as simple as banning the email.

I'm re-enabling admin approval on accounts for now. In the mean time, I'm going to silently curse SMF for being so useless against bots and spammers.