'Whois protection service'
Joshua Brady
somitho at gmail.com
Thu Jan 27 03:47:58 UTC 2005
On Thu, 27 Jan 2005 16:26:00 +1300 (NZDT), Mark Foster
<blakjak at blakjak.net> wrote:
>
> Hi folks.
Hello Mark,
> Don't post a lot here but i'm figuring you folks will know more about this
> than my local NOG...
Glad to have you on NANOG.
> When investigating a host that spammed me today, I noted that when I
> whois'd the domain that the mailserver involved has forward/reverse dns
> pair for, the domain whois information comes up as follows:
>
> Found crsnic referral to whois.enom.com.
>
> Registration Service Provided By: Registerfly.com
> Contact: support at registerflysupport.com
> Visit: http://www.RegisterFly.com
>
> Domain name: xmux.com
>
> Registrant Contact:
> RegisterFly.com - Ref# 14155933
> Whois Protection Service - ProtectFly.com (14155933.fly at spamfly.com)
>
> I'm unsure how appropriate it is to post anything more specific in the
> open forum, but i've never seen this before. Whats the deal with hiding a
> domain name owners true identity?
> Is this not simply yet another protect-the-spammers mechanism?
It will probably be called off-topic, flamed and dragged through the
mud, yet to answer your question. It is fully legit, yet it does have
its bad sides. I use it personally to keep prank callers from calling
me directly.
[soms at posche /]$ whois somsworld.com
[Querying whois.internic.net]
[Redirected to whois.godaddy.com]
[Querying whois.godaddy.com]
[whois.godaddy.com]
Registrant:
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
Registered through: GoDaddy.com
Domain Name: SOMSWORLD.COM
Created on: 25-Aug-04
Expires on: 25-Aug-05
Last Updated on: 18-Jan-05
Administrative Contact:
Private, Registration SOMSWORLD.COM at domainsbyproxy.com
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax --
Technical Contact:
Private, Registration SOMSWORLD.COM at domainsbyproxy.com
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax --
Domain servers in listed order:
NS1.HITMANIT.COM
NS2.HITMANIT.COM
> I followed up the chain - the authoritive DNS servers for the domain in
> question are hosts within a different domain, and this also has the same
> protection engaged....
>
> Is this old hat or something new? Is this still conformant to standard
> .com/net registrant rules and regs? (here in .nz, the registry information
> is required to be current and valid, and i've never seen a Registrar pass
> itself off as the owner of a domain before (at least in any legitimate
> situation))
It is all current information, and valid. I have gotten letters passed
through to me from godaddy. Its a perfectly legit situation. Yet in
your case it may not be, and it may be used to hide the person.
> Thanks in advance,
> Mark.
--
Joshua Brady
More information about the NANOG
mailing list