• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About petzl

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Gender
  • Location
    Sydney Australia
  • Interests
    I am not a number I am a free man

Recent Profile Visitors

2,547 profile views
  1. A shame Now only a shaky SpamCop left
  2. Email providers should have a warning "Get ready to avert your eyes" not all images are invisible!
  3. Seem a number of variants copy from including this line down ARC-Authentication-Results: i=1;; spf=pass ( domain of designates as permitted sender) Then copy and paste the above bit in notes' After SpamCop has parsed it.
  4. From reporting page Attention SpamCop Community: To standardize procedures across our Talos product lines, we will be changing our payment processor from PayPal to Stripe effective March 12, 2018. Payment confirmations will be coming from the SpamCop Stripe Processing System as of that date.
  5. would like to know the actual Youtube video these/this spam uses in received spam? Java scrip hides the source, tried right click video source no-good. These criminals have 100's posted under bogus names on youtube example "" on the right shows from all same crime gang they go through heres my last abuse report Criminal phishing, bogus reply address, bogus unsubscribe This/my email address I believe provided to this Russian (?) Crime gang by FaceBook posted from is an open proxy URL Resolves to Redirects to Resolves to : linked via phishing spam bogus reply address, bogus unsubscribe numerous youtube videos posted anon no listed owner/channel?
  6. only sometimes works! This one has have ONLY the headers copied from and below, the link show what needs to be posted ARC-Authentication-Results: i=1;;;action=display the "headers" above that are copied and put in notes
  7. You need to cut the post (yhen past) in notes, after you copy the rest for parsing Delivered-To: x Received: by with SMTP id f8csp2123766wrh; Sat, 10 Mar 2018 03:20:26 -0800 (PST) X-Received: by 2002:a19:4f13:: with SMTP id d19-v6mr1066967lfb.59.1520680826479; Sat, 10 Mar 2018 03:20:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520680826; cv=none;; s=arc-20160816; b=P7TdXGavTfbFddBKoAk45QuiOQMYIy63/m8SeRSw9gq8o141uxioRpVtcyGGZLAXUd v5+9sp8/fPduSl8O0ipNT+8FEtUUXPNDUAoqWmOk2skh4OZL7WLHM06V2tqNRh2JTaoT OOVgjfAk1maFMU3XfRX+Y8uJUksZ2wQIIClfcbcB/ogzV1wyWIQGk05o/KIlDuA2Se6f u242J6KH1aXlRPlAoNHPHaxpFtx6Djv4yMf5cIOnNUa06HN7QSXaPxvgOk5z8z6aP1Qf n21KEciqCNWUsQzVDY8ylBw8F0kFtnL1AFmRusWP1Gzpd5sV+bbHeqvq1bdJNw1gjRid tDng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arc-20160816; h=to:subject:message-id:date:from:reply-to:mime-version :dkim-signature:arc-authentication-results; bh=mJPni5t3wrzB2pC259Guvd85UzX0iE/CzbIPS4vPCws=; b=E76LVMupyIlJ2IIbta3Hw9IvXEN+PYxHLz1zNGhG60yGJqVK/BrZ2AJDAG6RKTYHR9 vL6dEnXmXgwSRWCwEJdlKgJI8JSMV9Ang8y/5e8H4qS6EUsIyYWeOnzlnXWrXDcGK3Zg Fd5FkQUOURbL/S36gVI7fG1mK7hDLCHHVO6Pka2dClu0JaSr26/KS2sx/4TDzZ8hUQil Gk5XTijkD7Dyp8dbWwdYVHsgoEEMlF2VzZWvXUfUTpHzhKfGM0o8sGHKwiRdY1sisO8D txnJLD89f1VkcLojlE+HByvleR0vdesfGJH+bvAu1uvKW8kJXdJvcce1+8M805wt+Y4f 7Jug== Results are no whois/abuse info but a search by me gives "support[at} info[at] abuse[at]he.nett" for your "z_User_Notification" put ip address in these notes As they appear to be in USA also report to phishing-report[at]us-cert[dot]gov
  8. tracking images are often invisible pictures linked by spammers to verify your email address. It would be your email provider not loading image source. Most allow you to click a "load images" button?
  9. SpamCop uses a very basic/ancient "web browser", depending what browser you use you may get this also Some sites may block SpamCops IP. Also with me I believe FaceBook sell your info, I set up a gmail account with full name like after using it for a FB account a Russian Crime gang have it?
  10. BEFORE you submit a tracking url is provided at top of page This ARC "stamp" is marking a "X-Received" line just remove/cut that line and SpamCop will parse fine . Put/past that line in notes X-Received: by 2002:a17:902:7c95:: with SMTP id y21- v6mr18271267pll.243.1517248215276;
  11. Not anymore too many cannot or won't get their mailhost set-up/working used to have "Quick" reporting
  12. phishing spam I would also attack rhe URL redirects to
  13. Try adding "" to report can't read French buy maybe a Canadian can? Also give tracking URL OVH have gone back to being blackhat
  14. The spammer is putting in fake headers! To get around this you need to look for "ARC-Authentication" and snip above that copy from there down. In notes add the bit you snip out track URL X-Google-Smtp-Source: AH8x224uqG6EmUcfBYgUUgeXFVG8X7M7w5W/y8cGQeu6qelGfT+SEvNeSk l7OwtDDHo5q1hWz5kT X-Received: by 2002:a17:902:7c95:: with SMTP id y21- v6mr18271267pll.243.1517248215276; Mon, 29 Jan 2018 09:50:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517248215; cv=none;; s=arc-20160816; b=rEEv75F5u0pdFSKOVadtEjk7uJrCHelc0PyQpdByEDyjWWjuZAdEQzdb Zas46sOavz uq51pjdot+3JquNVN0ArIXIeJJew2WImCbj67CeH8ko2enKHNcnHlQ1EJD dViFjkCSvW h3yeMgOFqQvdv+kwXc+DD2D/1dVJgtV+zRwqNxbf6l3XouOpPm9OAvSBe1 LxCIl4+801 RhuvHrHmUiE/o/4qBrkkG98sZu/st4ucNXuFjBeFuIGOylzcgjk54wbEUR sV6ln/17pW n98BWquLG8kkXQdrvDvlSVhJX/6J7oqN2iar7/rKIoeAnaS0jFjkkBMarB /vhun3z0MW bhVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arc-20160816; h=content-transfer-encoding:mime- version:subject:message-id:reply-to :from:date:arc-authentication-results; bh=+eTI5hmwWM+vKJlIEYpqSa+SlkHtoDA4l9SsJgC1tGw=; b=hOw+HMMu1x1S7eUFnQM79pTuWFRcJBn4lEk/FyRJpWis8wxd8RSwrd1q qwME2N+mob Hi35I+9CK7jjE3se5bTIjjgs/phnbdSv/5sIymQuFxTOLWPwNK2WR2luHK c0Rf2PpqT3 BepCqTZ7svwzP1ft10n4kUJxpwJDe3ZHRZ/9GsJZfibirT/TT9O+3yEdwn 3+8ZHmWwsp EmhUGPM4kjpNy37Whc8gs+Lzlkgxqs+FfEAe+vBXLCOE5vj50tkwys2YYc 3dnFsluIGy TT25JEqtd1iaFeQcYHuvN2AJkwOQfwgFeXg1hkdPTtRLAzDSElyMbEYK+B 1yCmQ7bLXy pyYA==
  15. now try sending a mailhost to that Gmail address (often Gmail shut accounts temporarily)