[tor-relays] Webiron
Schokomilch NOC
noc at schokomil.ch
Sat Jan 30 03:11:29 UTC 2016
It was more of an idea to disrupt whatever they are trying to build.
They actually banned our email server (which does not share its IP with
Tor) so even if we reply to their shitty mails, we can't get off their
list anymore... hah
On 30.01.2016 02:26 AM, Operator AnonymizedDotio1 wrote:
> What does it change that webiron know or doesn't know if you have seen
> those f*cking abuse email?
>
> My exit node IP is listed as having an email sent to abuse at ... and I
> never received any email at abuse at ...
>
> I might be missing something but who cares about webiron? I care about
> what my ISP thinks and they don't seems to think so highly of them
> because it's one of the largest ISP on the webiron list and according
> to that new feature of webiron, they never open their email.
>
> On 2016-01-29 2:13 PM, Schokomilch NOC wrote:
>> We quickly have created a poc to prevent their webbug of being useful:
>>
>> https://github.com/TheSchokomilchFoundation/IronFist
>>
>> IronFist will parse their latest JSON data (by downloading it via a
>> Tor connection if a Tor-socks is available on 127.0.0.1:9050)
>> It then generates a list of all current ip + email combinations, e.g.
>>
>> https://www.webiron.com/images/misc/2__._40.6.20_/quanhf@_____inamobile.com/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/_88.93._44.86/noc@_____omein.nl/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/_48.25_.83._6/abuse@m____kauf.de/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___servers.net/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/__.24_._8_._65/abuse@___rce.com/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/_08.__9._96._29/ipadmin@_____tewelcome.com/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/6_._64._._4/security@___ic.net/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/6_._64._._4/antispam@___.hz.zj.cn/webiron-logo_abuse.png
>> https://www.webiron.com/images/misc/6_._64._._4/anti_spam@____.hz.zj.cn/webiron-logo_abuse.png
>> Those urls could then be visited via the same Tor connections which
>> would then make the tracker hopefully useless, as 100% of all URLS are
>> visited.
>>
>> The latter functionality has not yet been included. It might not be
>> prudent to do this after all.
>>
>>
>> On 27.01.2016 05:10 AM, Nicholas Suan wrote:
>>> Looks like Webiron is spamming again, and this time they're including
>>> a web bug in the mail to see if you've opened it:
>>>
>>> https://www.webiron.com/images/misc/91.219.236.218/abuse@1d4.us/webiron-logo_abuse.png
>>> https://www.webiron.com/abuse_feed/abuse@1d4.us
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays at lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list