Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it: https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo... https://www.webiron.com/abuse_feed/abuse@1d4.us
My ISP just sent a ticket to me about the Webiron abuse, should I just respond to the ISP? Or do I dare actually load that webiron site? On 26.1.16 23:10, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi, you ISP opened that ticket so you answer the ISP. ~Josef Am 29.01.2016 um 03:31 schrieb 12xBTM:
My ISP just sent a ticket to me about the Webiron abuse, should I just respond to the ISP? Or do I dare actually load that webiron site?
On 26.1.16 23:10, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Let me rephrase: Do I follow the steps outlined by Webiron or just ignore them? I had always intended to respond to the ISP. On 29.1.16 2:11, Josef 'veloc1ty' Stautner wrote:
Hi,
you ISP opened that ticket so you answer the ISP.
~Josef
Am 29.01.2016 um 03:31 schrieb 12xBTM:
My ISP just sent a ticket to me about the Webiron abuse, should I just respond to the ISP? Or do I dare actually load that webiron site?
On 26.1.16 23:10, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi, I responded them the first few times. After I got angry about automated abuse I ignored them. Just answering your ISP is fine. ~Josef Am 29.01.2016 um 15:01 schrieb 12xBTM:
Let me rephrase:
Do I follow the steps outlined by Webiron or just ignore them? I had always intended to respond to the ISP.
On 29.1.16 2:11, Josef 'veloc1ty' Stautner wrote:
Hi,
you ISP opened that ticket so you answer the ISP.
~Josef
Am 29.01.2016 um 03:31 schrieb 12xBTM:
My ISP just sent a ticket to me about the Webiron abuse, should I just respond to the ISP? Or do I dare actually load that webiron site?
On 26.1.16 23:10, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi Josef, actually I complained to Webiron once for their Spamming and they put me on a "list" of recipients to which they not send emails. It worked after their second attempt :-) Generally spoken we have an autoreply on our abuse-ripe address. When someone then replies again we really look after the abuse complaint. best regards Dirk On 29.01.2016 15:09, Josef Stautner wrote:
Hi,
I responded them the first few times. After I got angry about automated abuse I ignored them. Just answering your ISP is fine.
~Josef
Am 29.01.2016 um 15:01 schrieb 12xBTM:
Let me rephrase:
Do I follow the steps outlined by Webiron or just ignore them? I had always intended to respond to the ISP.
On 29.1.16 2:11, Josef 'veloc1ty' Stautner wrote:
Hi,
you ISP opened that ticket so you answer the ISP.
~Josef
Am 29.01.2016 um 03:31 schrieb 12xBTM:
My ISP just sent a ticket to me about the Webiron abuse, should I just respond to the ISP? Or do I dare actually load that webiron site?
On 26.1.16 23:10, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 01/29/2016 03:01 PM, 12xBTM wrote:
Do I follow the steps outlined by Webiron or just ignore them?
We didn't ignore them at first but answered why we think that kind of measure is not useful nor appropriate. Since they ignored us, we started to ignore their purely informational reports, too. -- Moritz Bartl https://www.torservers.net/
We quickly have created a poc to prevent their webbug of being useful: https://github.com/TheSchokomilchFoundation/IronFist IronFist will parse their latest JSON data (by downloading it via a Tor connection if a Tor-socks is available on 127.0.0.1:9050) It then generates a list of all current ip + email combinations, e.g. https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@_____inamobile.com/... https://www.webiron.com/images/misc/_88.93._44.86/noc@_____omein.nl/webiron-... https://www.webiron.com/images/misc/_48.25_.83._6/abuse@m____kauf.de/webiron... https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___servers.net/webi... https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___rce.com/webiron-... https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@_____tewelcome.c... https://www.webiron.com/images/misc/6_._64._._4/security@___ic.net/webiron-l... https://www.webiron.com/images/misc/6_._64._._4/antispam@___.hz.zj.cn/webiro... https://www.webiron.com/images/misc/6_._64._._4/anti_spam@____.hz.zj.cn/webi... Those urls could then be visited via the same Tor connections which would then make the tracker hopefully useless, as 100% of all URLS are visited. The latter functionality has not yet been included. It might not be prudent to do this after all. On 27.01.2016 05:10 AM, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
What does it change that webiron know or doesn't know if you have seen those f*cking abuse email? My exit node IP is listed as having an email sent to abuse@... and I never received any email at abuse@... I might be missing something but who cares about webiron? I care about what my ISP thinks and they don't seems to think so highly of them because it's one of the largest ISP on the webiron list and according to that new feature of webiron, they never open their email. On 2016-01-29 2:13 PM, Schokomilch NOC wrote:
We quickly have created a poc to prevent their webbug of being useful:
https://github.com/TheSchokomilchFoundation/IronFist
IronFist will parse their latest JSON data (by downloading it via a Tor connection if a Tor-socks is available on 127.0.0.1:9050) It then generates a list of all current ip + email combinations, e.g.
https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@_____inamobile.com/...
https://www.webiron.com/images/misc/_88.93._44.86/noc@_____omein.nl/webiron-...
https://www.webiron.com/images/misc/_48.25_.83._6/abuse@m____kauf.de/webiron...
https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___servers.net/webi...
https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___rce.com/webiron-...
https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@_____tewelcome.c...
https://www.webiron.com/images/misc/6_._64._._4/security@___ic.net/webiron-l...
https://www.webiron.com/images/misc/6_._64._._4/antispam@___.hz.zj.cn/webiro...
https://www.webiron.com/images/misc/6_._64._._4/anti_spam@____.hz.zj.cn/webi...
Those urls could then be visited via the same Tor connections which would then make the tracker hopefully useless, as 100% of all URLS are visited.
The latter functionality has not yet been included. It might not be prudent to do this after all.
On 27.01.2016 05:10 AM, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo...
https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
It was more of an idea to disrupt whatever they are trying to build. They actually banned our email server (which does not share its IP with Tor) so even if we reply to their shitty mails, we can't get off their list anymore... hah On 30.01.2016 02:26 AM, Operator AnonymizedDotio1 wrote:
What does it change that webiron know or doesn't know if you have seen those f*cking abuse email?
My exit node IP is listed as having an email sent to abuse@... and I never received any email at abuse@...
I might be missing something but who cares about webiron? I care about what my ISP thinks and they don't seems to think so highly of them because it's one of the largest ISP on the webiron list and according to that new feature of webiron, they never open their email.
On 2016-01-29 2:13 PM, Schokomilch NOC wrote:
We quickly have created a poc to prevent their webbug of being useful:
https://github.com/TheSchokomilchFoundation/IronFist
IronFist will parse their latest JSON data (by downloading it via a Tor connection if a Tor-socks is available on 127.0.0.1:9050) It then generates a list of all current ip + email combinations, e.g.
https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@_____inamobile.com/... https://www.webiron.com/images/misc/_88.93._44.86/noc@_____omein.nl/webiron-... https://www.webiron.com/images/misc/_48.25_.83._6/abuse@m____kauf.de/webiron... https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___servers.net/webi... https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___rce.com/webiron-... https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@_____tewelcome.c... https://www.webiron.com/images/misc/6_._64._._4/security@___ic.net/webiron-l... https://www.webiron.com/images/misc/6_._64._._4/antispam@___.hz.zj.cn/webiro... https://www.webiron.com/images/misc/6_._64._._4/anti_spam@____.hz.zj.cn/webi... Those urls could then be visited via the same Tor connections which would then make the tracker hopefully useless, as 100% of all URLS are visited.
The latter functionality has not yet been included. It might not be prudent to do this after all.
On 27.01.2016 05:10 AM, Nicholas Suan wrote:
Looks like Webiron is spamming again, and this time they're including a web bug in the mail to see if you've opened it:
https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo... https://www.webiron.com/abuse_feed/abuse@1d4.us _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
participants (8)
-
12xBTM -
Dirk -
Josef 'veloc1ty' Stautner -
Josef Stautner
-
Moritz Bartl -
Nicholas Suan -
Operator AnonymizedDotio1 -
Schokomilch NOC