Whois Domain Info

Question

I did an IP lookup this morning to trace its origins based on an email I received. Within a section labeled 'Whois Domain Info', it reads the following:

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.

COMCAST.NET.EXAMPLE.COM

COMCAST.NET

...

Now I realize this is one of Comcast's IPs and I have replaced the actual text with 'EXAMPLE.COM'. My question is related to what 'COMCAST.NET.EXAMPLE.COM' is supposed to represent. How does the IP I looked up relate to example.com in this case?

Thanks.

score 2 · Answer 1 · edited Mar 20 '17 at 10:17

2

I guess it's just Whois Spam by example.com.

See How to use command line whois for “spam infected” domains like apple.com? here at Super User.

edited Mar 20 '17 at 10:17

Community

1

answered Jan 19 '10 at 16:03

Arjan

31,511

Suma · Answer 2 · 2010-01-19T16:17:03.203

2

For the purpose of tracking source of email I would highly recommend http://www.spamcop.net/ - it can parse mail headers in a lot more reliable way than most of us can.

As for addresses like COMCAST.NET.EXAMPLE.COM, this is actually NOT a comcast IP. It is just an IP which attempts to look like a comcast one. If tracking the real owner, you always need to process the address from the end.

edited Jan 19 '10 at 16:17

answered Jan 19 '10 at 16:05

Suma

1,484

Whois Domain Info

2 Answers2