Another day, another illicit SQUAT - WebNX (AS18450)

Michael Smith mksmith at
Sat Oct 29 02:45:40 UTC 2016

I would use LACNIC’s whois server for these queries.  They have info from all the registries, which is an amazing service that seems beyond the other RIRs. 

whois -h <>

HostUS HOSTUS-IPV4-5 (NET-103-11-64-0-1) -
Gaiacom, L.C. SOLVPS-103-11-67-0-24 (NET-103-11-67-0-1) -


> On Oct 28, 2016, at 4:36 PM, Ronald F. Guilmette <rfg at> wrote:
> In message <CADVNyRb-LE2GAgxae149RUwz5fkzQh-9Es6ZcEg_e0N7LVDa9g at>
> Doug Clements <dclements at> wrote:
>> How does one get ARIN to register resources to come up with this result?
>> The /16 is APNIC but there are 2 subnets that appear to be allocated from
>> ARIN. Having just typed 'whois' I completely missed the fact
>> that the supernet was APNIC until I checked the web interface.
> Oh!!  Wow!!  I totally missed this also, i.e. that ARIN is showing an
> allocation for to HostUs.Us in Texas.
> That's really weird, but even that doesn't either explain or excuse
> what still looks like an illicit squat (by an unrelated Los Angeles
> company) on the block to me... perhaps one that's been
> re-sold to a spammer (which seems possible, given the spam I got).
> In my own defense, I didn't see the ARIN allocation because I have a
> normative process that I use for looking up IP addresses.  It's
> hierarchical, and I always start with whatver has to
> say.  And it says that that belongs to APNIC, so of course,
> I only looked at what had to say about
> And it says that it's unallocated.  (And apparently, data shown for
> announced prefixes on the web site is also obtained in this
> same straightforward way, because it also is showing as
> registered to "Asia Pacific Network Information Centre".)
> This isn't the first time I've wished that the right hand knew (or cared)
> what the left hand was doing.  I've asked the folks at IANA about this
> sort of thing in the past, i.e. them giving pointers to the apparently
> wrong RiR whois server, and they just won't fix it.  They just shrug and
> say "Not our problem man!"  And in this case, maybe they're right.  If
> APNIC gave two subparts of 103/8 to ARIN, it might have been helpful
> if their own whois server was made aware of that fact.
> Sigh.  I have to keep reminding myself of what one friend of mine keeps
> on telling me... "Ron, there you go again, trying to think about these
> things logically."
> Regards,
> rfg

More information about the NANOG mailing list