petzl

Memberp
  • Content count

    1,715
  • Joined

  • Last visited

Community Reputation

0 Neutral

About petzl

  • Rank
    Been There

Contact Methods

  • Website URL
    http://tinyurl.com/abba-money-money-money-midi
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Sydney Australia
  • Interests
    I am not a number I am a free man
  1. Need a tracking URL of at least 1 reported spam
  2. Top two reports 137.171.123.19 , 168.1.53.243 are dead 3rd report SpamCop give wrond abuse address 117.51.232.200 ipas [AT] cnnic [dot] cn
  3. SpamCop reporting addresses I see often as a legacy issue and are set in mud (ignored/old defunct reporting addresses) https://www.spamcop.net/sc?id=z6354566965z58e6e1b554cd81aafb9894c99b1451dcz 98.138.207.12 : abuse [at] yahoo-inc.com is sent to yahoo [at] admin.spamcop.net 104.140.17.220 : noc [at] serverhub.com is sent to spamcop [at] serverhub.com You need to use SpamCop to "clue" one in as to IP source, Then check abuse addresses with a "who is" program like "IPNetInfo" And send from the email it was sent to (some have privacy concerns in doing this). Also submit from SpamCop
  4. Gmail reads all mail electronically. You would be sending spam, be it that you are trying to report it. Just " using the tool in the upper right corner of this screen" show original and you can push a button to copy text for pasting in SpamCop
  5. Would help if you gave a SpamCop trackingURL Here is your TRACKING URL - it may be saved for future reference: https://www.spamcop.net/sc?id=z6338527151za71ac855aa3c8f89902419badfabbd3cz
  6. TRACKING URL - it may be saved for future reference: https://www.spamcop.net/sc?id=z6322145333z1430805affc509d4a856f69864c9a63bz needed truncating
  7. The abuse address for 80.147.59.28 is abuse@telekom.de as well as abuse@t-online.de (which seem asleep at wheel) Ramp up report to them using notes eg > 80.147.59.28 (Administrator of network where email originates) BOTNET ATTACK HOST (compromsed computer) http://www.abuseat.org/lookup.cgi?ip=80.147.59.28 IP Address 80.147.59.28 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet. It was last detected at 2016-10-12 19:00 GMT (+/- 30 minutes), approximately 30 minutes ago. It has been relisted following a previous removal at 2016-09-24 15:54 GMT (18 days, 4 hours ago) This IP is infected (or NATting for a computer that is infected) with a spam-sending botnet, most likely kelihos. In other words, it's participating in a botnet. TO REMOVE INFECTION Norton Power Eraser is a Windows free tool and doesn't require installation. It just needs to be downloaded and run. https://security.symantec.com/nbrt/npe.aspx SCAN INFECTED COMPUTER FOR MALWARE The following Cisco site shows servers/computers with prior or existing BOTNET infections http://www.senderbase.org/lookup/ip/?search_string=80.147.59.28 Still spewing spam https://www.spamcop.net/w3m?action=checkblock&ip=80.147.59.28 >
  8. Start hammering their facebook page! https://www.facebook.com/omnis/
  9. http://forum.firetrust.com/viewtopic.php?f=50&t=10200 link works?
  10. Found a link but I now no longer use MailWasher just use WebMail on Gmail http://forum.firetrust.com/viewtopic.php?f=50&t=10200 how I used to set-up "blocklists" which worked very well
  11. there was no tracking code in message. Tricking codes are "invisible" images in HTML mail which have unique numbers assiged to your email address. sometimes a unique code on spam Your email address has been found either by dictionary attack or one of your friends has a compromised computer. https://www.spamcop.net/sc?id=z6246114078z8e6c38330124db76fbfb0ff051dcf1afz 14.189.154.196 is an open proxy meaning it's a Botnet attack host. http://www.abuseat.org/lookup.cgi?ip=14.189.154.196 IP Address 14.189.154.196 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet. It was last detected at 2016-06-05 07:00 GMT (+/- 30 minutes), approximately 17 hours, 30 minutes ago. This IP is infected (or NATting for a computer that is infected) with the Conficker botnet. TO REMOVE INFECTION Norton Power Eraser is a Windows free tool and doesn't require installation. It just needs to be downloaded and run. https://security.symantec.com/nbrt/npe.aspx VN seems to have a lot of Botnet infects (means clients have compromised computers in he control of criminals. The ISP needs to contact their customer have them do a Malware scan and Change log-on to a more secure password!
  12. Would help if you gave a trking url? even a IP address. In the mean time have no idea what you are on about?
  13. There are two "whois" sites SpamCop looks up Arin I check with Ripe to see if there is a difference if there is I add it to report A free Windows Ripe WhoIs program is here http://www.nirsoft.net/utils/ipnetinfo.html
  14. "Quick" reporting only sends to the IP SpamCop detects as sending spam which should be % Abuse contact for '82.57.200.0 - 82.57.207.255' is 'abuse[at]business.telecomitalia.it' 167.88.109.197 (Administrator of network where email originates) abuse[at]retail.telecomitalia.it https://www.spamcop.net/sc?id=z6234543446zc088e93784a7d290ce8a1d1c18a1e080z This IP is a Botnet mass spam sender http://www.senderbase.org/lookup/?search_string=167.88.109.197
  15. send a SpamCop Tracking URL! Before you submit top of page (do not click links in spam they could be harmful) Here is your TRACKING URL - it may be saved for future reference: https://www.spamcop.net/sc?id=z6234007816z8753243c4760423776c866a734daeb39z Skip to Reports