Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by petzl

  1. They are into "list washing" when they are hosting pedophilia and I tell them I think they get worried!
  2. Hello, This case has been investigated and resolved by the Amazon EC2 Abuse Team. If you believe this case to be unresolved, please either respond to this email with detailed logs or file another case with detailed logs to that end. Thank you for your attention in this matter. Regards, Amazon EC2 Abuse Team
  3. Fake bounce can be set up on most email clients even Gmail can do it You need a copy of headers to find out who is bouncing and contact their abuse desk The IP you stated has never been listed by SpamCop in the last 90 days. A badly set-up email server can be set-up to bounce emails NOT listed on SpamCop. As SpamCop only lists for 24 hours after last spam, some set-up "unable to deliver" in the hope the spam stops when it retries. Advice is always free till you act on it. I'm a member not admin
  4. Never been on the SpamCop blacklist. who is stating it is? Sometimes a "clever Trevor" have a blocklist working in reverse? Or it could be a fake bounce from someone you are mailing too?
  5. SpamCop in early days had limited band width looking up URL's gave it a hernia, often URL's have no proven connection to spammer! I use a VPN so my computers IP is unknown, This VPN also uses "Mace" which "returns IP addresses of unwanted domain names as an address that's not routable on the public internet." To get other redirects, "MIG" put me on to https://www.virustotal.com/#/home/url good enough for me
  6. Netdemon gives the IP address. Just tried it yes it works well thanks https://www.virustotal.com/#/url/87a1133f47025b43f18b4af7431bc40fb324c2ca6ff58f922e98ea7093ce8d3e/detection
  7. You need to also remove the "gillion or so" BCC addresses, replace with a X.
  8. From: spammer[]spam.cxm Hey! There is a blank line between the headers and the body! Needs TWO blank lines Spamware often does not separate headers from body and if it has 2000+ spam victim email address to "X" out in a visible BCC field it will have a hernia!
  9. netdemon offers a safe txt browser. I use this to get IP's of URL's I get spammed by Russian crime gang and not keen on clicking link. They sometimes try to download ransomware to your computer.
  10. just get the bogus abuse email address right "granatnetou[AT]gmail.com" Ukraine bogus address https://www.first.org/members/teams/cert-ua URL abuse[AT]hostkey.us bounce try sales https://www.us-cert.gov
  11. SC just looks at link provided the link in this case is a redirect link with a abuse address that bounces. Try to be better than SpamCop is you have the time In the case of porn spammers send to the CERT of that country as well.
  12. I get abuse[AT]hostkey.us bounces/bitbin try SALES[AT]HOSTKEY.COM First URL --- 02/22/19 05:27:49 AUS Eastern Daylight Time --- reading URL http://rrnntqutxtf.charlie-washington.infx/?eid=bWlnYWwwMEBob3RtYWlsLmNvbXwzMDcxNjM --- contacting host rrnntqutxtf.charlie-washington.info [] on port 80 HTTP/1.1 302 Found Server: nginx/1.10.2 Date: Thu, 21 Feb 2019 18:21:07 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/5.3.3 Location: http://www.geoearnings.cxm/lgtrack/OTcuMTY?email=bWlnYWwwMEBob3RtYWlsLmNvbQ%3D%3D --- connection closed THEN URL http://www.geoearnings.cxm/ gives me another redirection abuse@amazonaws.com USA - Washington Final redirection https://www.localflirtbuddies.cxm abuse[AT]amazonaws.com Ireland get Cert address from here https://www.first.org/members/teams/ include Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS > amazonaws.com send your complaints to spammer, These are the Cybercriminals amazon are contacting in this case "Thank you for submitting your abuse report. We have begun our investigation into the source of the activity or content you reported.We've determined that an Amazon EC2 instance was running at the IP address you provided in your abuse report. We have reached out to our customer to determine the nature and cause of this activity or content in your report."
  13. Mine is not registered (lost my registration) works well, but you need to work it out which is not hard. If a site redirects to another, netdemon show you the site it redirects to, this requires another "netdemon window" to go to that site, which will include the reportable IP of that redirected site. you can open many "panes" in netdemon
  14. Not a bug? SpamCop recieved no body in text? when there is no body you just hit the enter key twice under last line Subject: PAYMENT NOTIFICATION OF YOUR FUNDS. To: undisclosed-recipients:; Content-Type: text/plain; charset="UTF-8" Bcc: x here and write No text in spam body
  15. I use a windows program which is sort of free they no longer sell the program http://www.netdemon.net/ Text browser shows the IP and the redirect sites the destination site is run by Needs working out by copy/pasting sites it forwards to and searching with new page. The end site is this one blackhats abuse[AT]amazonaws.com My "scri_pt" is accurate enforced in USA so they would/should worry
  16. This is a redirect to a porno site Find the IP of that site and report it the following reply usually gets it taken down. Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS >
  17. OK best way to go. In that case runing "Windows10Upgrade9252.exe" will only say "you have the latest"
  18. Seems "normal" with all AV's - A pain. If you just use "update", in my case, left a lot of problems and the "normal" un-stability of WIN10 and checks if indeed you have the latest version. https://www.digitalcitizen.life/how-get-anniversary-update-today-windows-10-update-assistant
  19. You will still need a AV but all need a fair bit of learning about. Windows Defender is as good as any, a pain to work out also.
  20. I'm in Sydney Australia still run "Windows10Upgrade9252.exe" .if you can find it from Microsoft
  21. I were saying run it before removal. To see if it says something. (may have IP's on a bad list) To get a STABLE WIN10 you need to run "Windows10Upgrade9252.exe" from Microsoft not the "Check for updates" this will do a FULL upgrade without removing files/programs
  22. Run a scan with your "Anti-V-software", looks like that's what shut your browser down? Get the latest WIN10 upgrade "Windows10Upgrade9252.exe" from Microsoft https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/windows-10-fall-creators-update-how-to-get-it-now/c034b09b-eec4-4647-8baf-0638327e1867
  23. Different operating System. I went from WINXP to WIN8 now WIN10 64bit touch screen so can't help.