petzl

Memberp
  • Content count

    1,844
  • Joined

  • Last visited

Everything posted by petzl

  1. phishing spam I would also attack rhe URL http://trk.bestschoolguide.com/campaigns/bk12218xfw81e/track-url/er221nbtj4141/6bc357f9cb098f50b5608061a558cf3605577d04 104.18.63.84 abuse@cloudflare.com redirects to http://www.indiabullsventures.com/AQGEN/ 115.112.249.189 4755abuse@tatacommunications.com
  2. Try adding "cert-fr.cossi@ssi.gouv.fr" to report can't read French buy maybe a Canadian can? Also give tracking URL OVH have gone back to being blackhat https://www.cert.ssi.gouv.fr
  3. The spammer is putting in fake headers! To get around this you need to look for "ARC-Authentication" and snip above that copy from there down. In notes add the bit you snip out track URL https://www.spamcop.net/sc?id=z6439116336z607dabe7cb156e8f3743b8d25d345f64z X-Google-Smtp-Source: AH8x224uqG6EmUcfBYgUUgeXFVG8X7M7w5W/y8cGQeu6qelGfT+SEvNeSk l7OwtDDHo5q1hWz5kT X-Received: by 2002:a17:902:7c95:: with SMTP id y21- v6mr18271267pll.243.1517248215276; Mon, 29 Jan 2018 09:50:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517248215; cv=none; d=google.com; s=arc-20160816; b=rEEv75F5u0pdFSKOVadtEjk7uJrCHelc0PyQpdByEDyjWWjuZAdEQzdb Zas46sOavz uq51pjdot+3JquNVN0ArIXIeJJew2WImCbj67CeH8ko2enKHNcnHlQ1EJD dViFjkCSvW h3yeMgOFqQvdv+kwXc+DD2D/1dVJgtV+zRwqNxbf6l3XouOpPm9OAvSBe1 LxCIl4+801 RhuvHrHmUiE/o/4qBrkkG98sZu/st4ucNXuFjBeFuIGOylzcgjk54wbEUR sV6ln/17pW n98BWquLG8kkXQdrvDvlSVhJX/6J7oqN2iar7/rKIoeAnaS0jFjkkBMarB /vhun3z0MW bhVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime- version:subject:message-id:reply-to :from:date:arc-authentication-results; bh=+eTI5hmwWM+vKJlIEYpqSa+SlkHtoDA4l9SsJgC1tGw=; b=hOw+HMMu1x1S7eUFnQM79pTuWFRcJBn4lEk/FyRJpWis8wxd8RSwrd1q qwME2N+mob Hi35I+9CK7jjE3se5bTIjjgs/phnbdSv/5sIymQuFxTOLWPwNK2WR2luHK c0Rf2PpqT3 BepCqTZ7svwzP1ft10n4kUJxpwJDe3ZHRZ/9GsJZfibirT/TT9O+3yEdwn 3+8ZHmWwsp EmhUGPM4kjpNy37Whc8gs+Lzlkgxqs+FfEAe+vBXLCOE5vj50tkwys2YYc 3dnFsluIGy TT25JEqtd1iaFeQcYHuvN2AJkwOQfwgFeXg1hkdPTtRLAzDSElyMbEYK+B 1yCmQ7bLXy pyYA==
  4. now try sending a mailhost to that Gmail address (often Gmail shut accounts temporarily)
  5. Tried to see if Gmail have not disabled that email address? Try sending a email to that address, Gmail will disable accounts if they come under a spam attack
  6. forward them to a email service that will allow forwarding. you tried this? Fastmail allow forwarding, must be others. Gmail will shut your account down once you get a flood of spam, FastMail also sort spam from Ham
  7. cancel those email accounts, or forward them to a email service that will allow. I use fastmail $30 a year Gmail set-up forwarding (I haven't tried) https://support.google.com/mail/answer/10957?hl=en
  8. good news you pulled all the spammers wings off
  9. I'm in Australia last time I added fuel (paypal) found patience and it came through. Used to be instant?
  10. OK you know the drill, you are better than SpamCop, Keep up the attack,
  11. I try to be better than SC and would add Botnet 41.138.91.165 abuse address (if any) to report [moov [at] moov.bj] 41.138.91.165 BOTNET SEE https://www.abuseat.org/lookup.cgi SEE ALSO CisCo sites REPUTATION IP LOOKUP https://www.talosintelligence.com If Microsoft Windows Defender is available to your customers, they need to use it! THEN Change Password >
  12. Yes report was sent to the email server that sent it. Google have disabled SpamCop reports to them, you can send one from your email account though.
  13. SC will often stop at a mail server, as if in doubt it won't report, but you can take over
  14. When SC get's a bounce it won't report for "X"(?) amount of time
  15. Japanese have little English skills and tend to turn off malware programs like windows defender because it "nags" them https://www.spamcop.net/sc?id=z6444739102zd3ea6cfa9f916bda689da0afcd930389z X-Originating-IP: [41.138.91.165] Etisalat Benin SA (SpamCop didn't pickup) in notes I put compromised/forged web and or email accounts If Microsoft Windows Defender is available to you, use it Scan for Malware! THEN Change log-on to a more secure password-Phrase! > SpamCop reports to mail server 153.149.236.27 abuse (at) ocn.ad.jp Other hosts in this "neighborhood" with spam reports 153.149.236.2 153.149.236.3 153.149.236.4 153.149.236.5 153.149.236.6 153.149.236.7 153.149.236.8 153.149.236.9 153.149.236.10 153.149.236.11 153.149.236.22153.149.236.23 153.149.236.24 153.149.236.25 153.149.236.26 153.149.236.27 153.149.236.28 153.149.236.29 153.149.236.30 153.149.236.31 153.149.236.32 153.149.236.33153.149.236.34 153.149.236.35 153.149.236.36 153.149.236.37 153.149.236.38 153.149.236.39 153.149.236.40
  16. abuse (at) ocn.ad.jp do deal with spammers just don't tell you
  17. Check you email address is still working, or if your ISP has activated spam control
  18. SpamCop is disabled from sending reports to abuse@c.exacttarget.com for starters. As they are not acting on unsubscribe try adding to report phishing-report@us-cert.gov 13.111.32.194 USA - Indiana is their domain. in notes "bogus unsubscribe"
  19. https://www.spamcop.net/sc?id=z6444027777zb7f4e3f609c2f82a167eded8f1fa5cefz just click the unsubscribe AND REPORT as spam. Also in Gmail click report as spam. Then click "report Phishing"
  20. You need someone with you to show you. DELETE YOUR PERSONAL INFORMATION YOU POSTED HERE!!! EVERY POST YOU MAKE HERE HAS A EDIT BUTTON, edit your personal info out
  21. Mailhost I created (Gmail2) still not showing up in Mailhosts. This is really pissing me off! I had SC robot send the emails, I copied the headers and body and put them in their respective fields, submitted them all, but still nothing! If I try to do it via email, I get this error: please delete your last post it discloses private infomation! what sysyrm you using I use WIN10 with Opera browser. In Gmail's webmail (which is what I use) you simply open email To the far right there is a down arrow. Click that for options Click "Show original" on that page there is "Copy to Clipboard" link click it Then go to the SpanCop link and past it in
  22. The "Alibamer" or "fake header" Spammer came alive again sent report to Cert, China from my email account, shut spammer down for a week last time. https://www.spamcop.net/sc?id=z6442078877zdcbce78955ff93c281d2d0169c7b6886z
  23. SpamCop has been modified by different owners since Julian Haight left I think we have what we have, so now need get around the quirks
  24. Are not getting (so far) any more spam from this "Alibaba" spammer. I also report to China's Cert. There are no working abuse contact for that IP Your message to ipas@cnnic.cn can not be delivered. The error was: " Quota error.(Quota exceeded)". Your original message is included as attachment. https://www.spamcop.net/sc?id=z6440769324zb77944826b82dd3c90873e053b71b743z