Jump to content

petzl

Memberp
  • Content Count

    2,322
  • Joined

  • Last visited

Everything posted by petzl

  1. Yes definitely criminal phishing offering prizes to get your email address and other info
  2. But it doesn't follow redirects? But it tells you if site is safe. https://www.webconfs.com/http-header-check.php Does not always give redirects either
  3. Yes spammer already has your email. Got one from these scum this morning here are the notes 54.213.31.253 (Administrator of network where email originates) abuse@amazonaws.com phishing-report@us-cert.gov https://bit.ly/2EPC64E?1819469901?DL4B7Sr6I8Unq8090859 67.199.248.10 abuse@bitly.com redirects https://mmwaq.slutsnearby.com/c/1f0a2cb367c37dee?s1=25218&s2=158751&j1=1&j3=1&s3=17004&s5=432018&click_id=nthml5c841f5915e67849990878 URL IP 34.194.20.115 abuse@amazonaws.com phishing-report@us-cert.gov
  4. They are trying to be "clever" I'm doing all I can to do what happened to the Backpage operator he went from a multimillionaire to skidrow. You have to put full directions in your notes Amazon will only look at copy and pasted headers with notes Example my Russian cyber-criminals "notes" Criminal phishing, bogus reply address, bogus unsubscribe This/my email address I believe sold to this Russian (?) Crime gang by FaceBook .. email source 94.100.177.97 abuse@corp.mail.ru URL in spam link obfuscation https://www.google.com/#btnI=ixyvb-ddvef-rgcse&q=jiofdahiugfhajpsdh.ru Resolves to 64.233.191.105 network-abuse@google.com phishing-report@us-cert.gov redirects through http://jiofdahiugfhajpsdh.ru 185.26.122.56 abuse-c@hostland.ru Redirection ends https://appteslerapp.com/?click=39192426&mode=optin&api_url=%2F%2Fgotrack.static500.com%2Fapi%2Fv1 188.166.113.230 abuse@digitalocean.com phishing-report@us-cert.gov offending email (eml) forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader >
  5. You a pediatrician? Any lewd site is supposed to have by law .on site proof of age, without this it you don't know! in notes with sex sites I send this. I don't want it and never subscribe for perverted rubbish. It's pedophilia as far as I and the law is concerned! A Forrest Gump moment for me was when Trump had the FBI seize "Backpage" for that exact reason Hope Amazon AWS have the same fate! Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS >
  6. Netdemon is really safe for finding IP's and other info A better way to check out URL''s suggested by "MIG" https://www.virustotal.com/#/home/url
  7. They are into "list washing" when they are hosting pedophilia and I tell them I think they get worried!
  8. Hello, This case has been investigated and resolved by the Amazon EC2 Abuse Team. If you believe this case to be unresolved, please either respond to this email with detailed logs or file another case with detailed logs to that end. Thank you for your attention in this matter. Regards, Amazon EC2 Abuse Team
  9. Fake bounce can be set up on most email clients even Gmail can do it You need a copy of headers to find out who is bouncing and contact their abuse desk The IP you stated has never been listed by SpamCop in the last 90 days. A badly set-up email server can be set-up to bounce emails NOT listed on SpamCop. As SpamCop only lists for 24 hours after last spam, some set-up "unable to deliver" in the hope the spam stops when it retries. Advice is always free till you act on it. I'm a member not admin
  10. Never been on the SpamCop blacklist. who is stating it is? Sometimes a "clever Trevor" have a blocklist working in reverse? Or it could be a fake bounce from someone you are mailing too?
  11. SpamCop in early days had limited band width looking up URL's gave it a hernia, often URL's have no proven connection to spammer! I use a VPN so my computers IP is unknown, This VPN also uses "Mace" which "returns IP addresses of unwanted domain names as an address that's not routable on the public internet." To get other redirects, "MIG" put me on to https://www.virustotal.com/#/home/url good enough for me
  12. Netdemon gives the IP address. Just tried it yes it works well thanks https://www.virustotal.com/#/url/87a1133f47025b43f18b4af7431bc40fb324c2ca6ff58f922e98ea7093ce8d3e/detection
  13. You need to also remove the "gillion or so" BCC addresses, replace with a X.
  14. From: spammer[]spam.cxm Hey! There is a blank line between the headers and the body! Needs TWO blank lines Spamware often does not separate headers from body and if it has 2000+ spam victim email address to "X" out in a visible BCC field it will have a hernia!
  15. netdemon offers a safe txt browser. I use this to get IP's of URL's I get spammed by Russian crime gang and not keen on clicking link. They sometimes try to download ransomware to your computer.
  16. just get the bogus abuse email address right "granatnetou[AT]gmail.com" Ukraine bogus address https://www.first.org/members/teams/cert-ua URL abuse[AT]hostkey.us bounce try sales https://www.us-cert.gov
  17. SC just looks at link provided the link in this case is a redirect link with a abuse address that bounces. Try to be better than SpamCop is you have the time In the case of porn spammers send to the CERT of that country as well.
  18. I get 139.60.161.75 abuse[AT]hostkey.us bounces/bitbin try SALES[AT]HOSTKEY.COM First URL --- 02/22/19 05:27:49 AUS Eastern Daylight Time --- reading URL http://rrnntqutxtf.charlie-washington.infx/?eid=bWlnYWwwMEBob3RtYWlsLmNvbXwzMDcxNjM --- contacting host rrnntqutxtf.charlie-washington.info [139.60.161.75] on port 80 HTTP/1.1 302 Found Server: nginx/1.10.2 Date: Thu, 21 Feb 2019 18:21:07 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/5.3.3 Location: http://www.geoearnings.cxm/lgtrack/OTcuMTY?email=bWlnYWwwMEBob3RtYWlsLmNvbQ%3D%3D --- connection closed THEN URL http://www.geoearnings.cxm/ gives me another redirection 52.71.44.153 abuse@amazonaws.com USA - Washington Final redirection https://www.localflirtbuddies.cxm 52.48.235.139 abuse[AT]amazonaws.com Ireland get Cert address from here https://www.first.org/members/teams/ include Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS > amazonaws.com send your complaints to spammer, These are the Cybercriminals amazon are contacting in this case "Thank you for submitting your abuse report. We have begun our investigation into the source of the activity or content you reported.We've determined that an Amazon EC2 instance was running at the IP address you provided in your abuse report. We have reached out to our customer to determine the nature and cause of this activity or content in your report."
  19. Mine is not registered (lost my registration) works well, but you need to work it out which is not hard. If a site redirects to another, netdemon show you the site it redirects to, this requires another "netdemon window" to go to that site, which will include the reportable IP of that redirected site. you can open many "panes" in netdemon
  20. Not a bug? SpamCop recieved no body in text? when there is no body you just hit the enter key twice under last line Subject: PAYMENT NOTIFICATION OF YOUR FUNDS. To: undisclosed-recipients:; Content-Type: text/plain; charset="UTF-8" Bcc: x here and write No text in spam body
  21. I use a windows program which is sort of free they no longer sell the program http://www.netdemon.net/ Text browser shows the IP and the redirect sites the destination site is run by Needs working out by copy/pasting sites it forwards to and searching with new page. The end site is this one 52.30.84.167 blackhats abuse[AT]amazonaws.com My "scri_pt" is accurate enforced in USA so they would/should worry
  22. This is a redirect to a porno site Find the IP of that site and report it the following reply usually gets it taken down. Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS >
  23. OK best way to go. In that case runing "Windows10Upgrade9252.exe" will only say "you have the latest"
  24. Seems "normal" with all AV's - A pain. If you just use "update", in my case, left a lot of problems and the "normal" un-stability of WIN10 and checks if indeed you have the latest version. https://www.digitalcitizen.life/how-get-anniversary-update-today-windows-10-update-assistant
×