Jump to content

petzl

Memberp
  • Content Count

    2,295
  • Joined

  • Last visited

Everything posted by petzl

  1. petzl

    Massive spam Attack - Looking For Input

    Seems to me Namecheap are "shining" on you Spamhaus does list domains surprised namecheap are not on it? Namecheap don't like negative publicity Bodgie, worthless , inferior; false. name address? probably email as well, try forward as attachment spammers spam to "green1.dakotaATgmail.com", if proven fake (bounces) you can try ICANN to deregister Namecheap for non-compliance.. Registrars are supposed to confirm accuracy? All domain sites contact information has to be true and accurate. SpamCop was once deregistered when it changed its fax number and neglected to update this. Joker.com did not support spammers This was during the "spam wars" where $$new blocklist opportunists$$ attacked SpamCop because of it's success and were dobbed in by competitor/s ASAP fax number was noticed changed. Namecheap seems to have security issues this is a reply in comments from article about Namecheap. Credit Card info stolen (last purchase: Namecheap)My last purchase was a DNS certificate through NameCheap. 24 hours later: $1,000 of fraud coming through on that card. Anyone else here having any issues?
  2. petzl

    Massive spam Attack - Looking For Input

    is out of action I checked, possible for servers to scan outgoing email? Also in Gmails webmail click spam for "report phishing" in options after opening email. Gmail will block from domains as opposed to blocking IP's if enough phishing hits just checked again, Thursday 22/08, it's back-up! http://67.229.173.51 Registrar Abuse Contact Email: mailto:abuse@namecheap.com
  3. petzl

    Massive spam Attack - Looking For Input

    You lost me on this one. Send to who, the Registrar, Host or Cert? And for DDOS attack? Is this what I am getting with a spambot. Or is that more of a server that's getting it not my home network? What addresses are you putting in the TO field. Domain Addresses or Host IP's? look at a SpamCop report, it will list what IP address it came from and a "key word" to look for, I use Opera web browser and "Ctrl + F" put a search bar on top, put/paste this keyword into it and you should easily see the offending IP, more importantly the server name picking it up. KEYWORD to use in future searches. "win32whois" will give the abuse addresses to post to. include the US cert and who ever. "" Best to do this from your Gmail web page, after opening email, click options "3 vertical dots" (top right) then select "Show original" a new page/tab will open showing you the IP "SPF: PASS with IP 111.111.111.111 Learn more" under that it will give the domain name "DKIM: 'PASS' with domain emails.XXXXXXX Learn more" Depending on spam you "forward as attachment" to (Always in the "To" field) abuse desks government agencies. this means you are telling recipients who is getting reports maybe raising your priority. put these abuse contacts in your address book or on notepad to copy/paste later, "phishing-report at us-cert gov" sounds good but most if not all Gov agencies sit on their elbows because they can't find their ass's, but looks threatening to abuse desks and you may get lucky and them VERY unlucky Seems to me Namecheap are saying they are bring domains down, don't forget to check though. http://67.229.79.114 is still up?
  4. petzl

    Massive spam Attack - Looking For Input

    Namecheap are the registrar all they have to do is change password access, seem spammer is using compromised accounts? so would think they can disown them, Spamhaus is also evidence in reports. NameCheap are the most abused by botnet spammers http://domainincite.com/22472-spamhaus-ranks-most-botted-tlds-and-registrars Not good publicity for NameCheap so they may look into it? Also report the host IP abuse (a few do something also use/report to the country CERT ) Also there is no need to use up SpamCop data just send as attachment from your email/Gmail account (mark as phishing) as attachment, much cheaper. for DDoS attack. put all addresses in the TO field. example of what I put in email body to give you a heads-up show spamhaus link in your case (if one is given) Namecheap are playing the fool noway they can't get a domain name from a IP address Traceroute will/should do this 67.229.79.114 = http://palterer.org abuse[AT]namecheap.com 89.163.243.41 = new.bedlamized.com abuse[AT]namecheap.com 62.210.76.243 agmaa.net abuse[AT]namecheap.com botnet source - ddos 36.27.123.65 antispamXzjnoc.hz.zj.cn see http://www.abuseat.org/lookup.cgi?ip=36.27.123.65 offending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader
  5. nayon.isnpAT[bangla.net.bd seems is the correct address
  6. petzl

    Massive spam Attack - Looking For Input

    https://www.spamcop.net/sc?id=z6566520311z41fa0c960e85e844a30002d278ed6f9az https://www.spamcop.net/sc?id=z6566520312z6ce0103f34a127b8f20ded2333c8d06az https://www.spamcop.net/sc?id=z6566520330z977931b5a816ec376b8d9d8e3faee0b6z looked at 3 all seem to be free webhosting sites worldwide 67.229.79.114 abusexvpls.com 1st reported on Submitted: 8/7/201 Registrar Abuse Contact Email: mailto:abuse[AT]namecheap.com http://67.229.79.114 89.163.243.41 abusexmyloc.de 1st reported Submitted: 8/7/2019 Registrar Abuse Contact Email: mailto:abuse[AT]namecheap.com http://89.163.243.41 62.210.76.243 abusexonline.net 1st reported Submitted: 8/18/2019 Registrar Abuse Contact Email: mailto:abuse[AT]namecheap.com http://62.210.76.243 "Please enter your email address below to unsbscribe from future mailings." put in the appropriate abuse address, not yours if you must. this is a whack a mole reporting By using different IP addresses the spammer is avoiding blacklisting, seems that spammer is flooding you from all their free sites A good Website/registrar WhoIs ror windows http://www.gena01.com/win32whois/ NameCheap are US based so come under US law. Should have credit card details of criminal. “Book 'em, Danno. Murder One.”
  7. Google seem to of taken link down?
  8. petzl

    AWS spam source

    AWS has a crime problem starting at it's abuse address, they seem in on it! try here for latest abuse address https://aws.amazon.com/security/report-suspicious-emails/
  9. My template attracts Russia's attention it applies to all porn spam/ Not seen one with "proof of age" on file.
  10. petzl

    godaddy spam source

    Show 1 spamcop tracking url
  11. https://www.spamcop.net/sc?id=z6564775200zb0e68f15592a9b6948787f714e4ec177z The SpamCop tracking URL shows the Gmail abuse address is probably bogus (Bitbin) the IP of URL is a botnet https://www.abuseat.org/lookup.cgi?ip=92.63.192.124 Front for child porn phishing spam operator. Send report to response[AT]cert-gib[DOT]ru no working abuse address. Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS >
  12. petzl

    AWS spam source

    Found another address for AWS spoofing[AT]amazon[DOT]com they want phishing message sent as attachment https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=201489190 Got a phishing spam that is using AWS URL's email address probably sold by Facebook https://www.spamcop.net/sc?id=z6564692784zcf8bc46efe5fe75fafde0e89a94da795z
  13. petzl

    Sendgrid reports dev'nulled?

    spam reporting started in 1998 and had some hiccups, some providers believed SpamCop was buggy so did not want reports they couldn't rely on. Once turned off there was no time limit for the block (Devnull). Same for alternative or SpamCop abuse addresses given by abuse desks.
  14. petzl

    AWS spam source

    I only got action by sending abuse reports to Amazons sales department. Explaining that abusexamazonaws.com have gone rouge! Remove all @ symbols from email addies as spammer scan here for valid addresses (best is to use [AT]. I just put x over it)
  15. petzl

    Sendgrid reports dev'nulled?

    Would like to know when (date) occurred as this is often a legacy issue which may or may-not apply today? Some are from last millennium!
  16. URL's appear "word wrapped"
  17. petzl

    abuse AT linode.com

    would help if you could give a SpamCop tracking URL or a IP? Send a buse report from your email to inode to seee what or if they auto-ack.
  18. petzl

    'The Great Hack' Netflix

    Always have my video off not my microphone though? Data is of on my smartphone till I need it. Explore how a data company named Cambridge Analytica came to symbolize the dark side of social media in the wake of the 2016 U.S. presidential election. Trailer Got to see the full version. Seems to me to be a anti-Trump conspiracy theory Lawyer turning up in court with pink hair, a gold ring through "his" nose escapes me? Just political trash wouldn't bother watching it? But I'm in Sydney Australia have no idea about American politics.
  19. petzl

    no reporting for IP 109.94.2.125

    get a windows computer program http://www.nirsoft.net/utils/ipnetinfo.html or use a web whois search https://dnslytics.com/whois-lookup Then you can also send to a Countries Community Emergency Response Team (CERT) https://www.first.org/members/teams/
  20. petzl

    spam via VPN

    By not running a Virus/Malware program there is no way of knowing when/if your computer has been compromised This is also now "smart TV", "smart phone". smart fridge and so-on
  21. petzl

    spam via VPN

    A lot of VPN problems are due to compromised accounts. Seems there are a lot who won't run a Virus/Malware program I use two, Windows defender and SpyHunter Both can be a pain to set-up properly and they are always "updating", requiring watching!
  22. Email server website hyamer.com 220 states.hyamer.com ESMTP Postfix Test Result SMTP TLS Warning - Does not support TLS. SMTP Reverse DNS Mismatch OK - 171.22.120.197 resolves to states.hyamer.com
  23. petzl

    SC parse incomplete

    looks like a network receiving email 95.213.181.165 abusexselectel.ru
×