Not Sure How to ask this.......

A place where newbies can post without (much) fear of reprisal. All mission posts should still go in the applicable forum.
Forum rules
Older HTS users: Be nice to the new people.

NEW USERS: This is NOT the place to post about missions! Refer to "Missions" category.

Not Sure How to ask this.......

Post by Ghost In The Machine on Mon Jun 30, 2014 12:13 pm
([msg=81895]see Not Sure How to ask this.......[/msg])

I have recently received an email and like usual it met all my hints for spam.

i have through what ive learned online and this site have begun the hobby of locating these email ip addresses and using the ips to locate and reply back with their ip addresses location and a street view of where it was sent through and so far not a single one of those emails has replied back some even dont exist anymore!

but ive come accross this one today and after much research ive discovered that (its a good thing) i dont know as much as i thought so ive come to ask here about how to do this.

the email was sent through a site called ipbounce and as far as i can tell its dkim signature is not there something ive read that spammers are able to do

heres what i see in show original:


Return-Path: <bounces+1477575.9802254.22024@icpbounce.com>
Received: from drone063.ral.icpbounce.com (drone063.ral.icpbounce.com. [64.132.109.55])
by mx.google.com with ESMTP id x2si24490552qai.74.2014.06.30.03.44.39
for <MyEmailAddress>;
Mon, 30 Jun 2014 03:44:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of bounces+1477575.9802254.22024@icpbounce.com designates 64.132.109.55 as permitted sender) client-ip=64.132.109.55;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of bounces+1477575.9802254.22024@icpbounce.com designates 64.132.109.55 as permitted sender) smtp.mail=bounces+1477575.9802254.22024@icpbounce.com;
dkim=pass header.i=@icontactmail6.com
Message-Id: <53b13f97.0245e00a.5dba.7b5eSMTPIN_ADDED_MISSING@mx.google.com>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=default; d=icontactmail6.com;
h=Mime-Version:From:To:Date:Reply-To:Subject:List-Unsubscribe:X-Feedback-ID:Content-Type;
bh=nOiwWZvLl81/BLK+IEsXFvCh4fSdHVRcCIfaiEJdj/M=;
b=iIzCfRcziMhSoX0OKtuSyPYIWyoAbNseK4ZjqZvydSfhWm+2fcJA3u8051ZEChCl/p1HG06w+My8
wU2I4jm5pErqVK/KitWMRQ2LjrDZNPgRklR89p1YVZPEpq2H7Cc9J32Z4u57AOp1iQq+2fg5akYn
zDN1cD8vJjrF7bNREtE=
Mime-Version: 1.0
From: "vurmifa" <vurmifa@nycmail.com>
To: <MyEmailAddress>
Date: Mon, 30 Jun 2014 06:44:36 -0400
Reply-To: vurmifa@nycmail.com
Subject: H elo !
Errors-To: bounces+1477575.9802254.22024@icpbounce.com
List-Unsubscribe: <https://app.icontact.com/icp/listunsubscribe.php?r=9802254&l=3120&s=NHV0&m=22024&c=1477575>, <mailto:bounces+1477575.9802254.22024@icpbounce.com>
X-List-Unsubscribe: <https://app.icontact.com/icp/listunsubscribe.php?r=9802254&l=3120&s=NHV0&m=22024&c=1477575>
X-Unsubscribe-Web: <https://app.icontact.com/icp/listunsubscribe.php?r=9802254&l=3120&s=NHV0&m=22024&c=1477575>
X-Feedback-ID: 01_1477575_22024:01_1477575:01:vocus
X-ICPINFO:
X-Return-Path-Hint: bounces+1477575.9802254.22024@icpbounce.com
Content-Type: multipart/alternative; boundary="cdf82e78-582d-4a55-9037-dacf81ae37d3"


--cdf82e78-582d-4a55-9037-dacf81ae37d3
Content-Type: text/plain; charset = "utf-8"
Content-Transfer-Encoding: quoted-printable


now i do not know if what ive asked to figure out falls into the illegal category and i apologize in advance for any mod that has to waste their time deleting this im really new to all this and hate to ask for help but everything ive tried doesnt garner my results.

I AM NOT LOOKING TO HACK THIS PERSONS COMPUTER I AM JUST LOOKING FOR THEIR IP ADDRESS TO SEND THEM THEIR LOCATION THEN REPORT THEM FOR SCAMMING


any help is greatly appreciated
Ghost In The Machine
New User
New User
 
Posts: 11
Joined: Thu May 22, 2014 7:33 pm
Blog: View Blog (0)


Re: Not Sure How to ask this.......

Post by akorshikai on Mon Jun 30, 2014 12:32 pm
([msg=81896]see Re: Not Sure How to ask this.......[/msg])

Ghost In The Machine wrote:I AM JUST LOOKING FOR THEIR IP ADDRESS TO SEND THEM THEIR LOCATION THEN REPORT THEM FOR SCAMMING.


Truthfully, it's easier if you just unsubscribe, or alternatively setup a rule that auto-deletes any email you receive from the nycmail.com domain. Additionally, don't trust IP mappings. Chances are you're looking at a proxy. Moreover, it only gives you an approximate location and at best - who their ISP is. (Research Network Address Translation).

Getting back to your spammers, here's their contact information.

ATTN Domain Inquiries
World Media Group, LLC
90 Washington Valley Rd., #1128
Bedminster, NJ 07921

Phone: (908) 903-0200
Phone (abuse): 1-877-381-2449
akorshikai
New User
New User
 
Posts: 44
Joined: Sat Jun 28, 2014 8:21 pm
Blog: View Blog (0)


Re: Not Sure How to ask this.......

Post by Ghost In The Machine on Mon Jun 30, 2014 12:38 pm
([msg=81898]see Re: Not Sure How to ask this.......[/msg])

thanks for taking the time to reply!!

i appreciate that info and i am currently writing it down

but.....

i didnt want the easy way i like a challenge and would love to learn the ethical and legal way to find what im seeking i already have basic knowledge of using traceroute in my terminal and using those produced ips in ipaddresslookup

but if this is something that cannot be done to the extent im seeking legally then i guess im stuck with just phoning them in
Ghost In The Machine
New User
New User
 
Posts: 11
Joined: Thu May 22, 2014 7:33 pm
Blog: View Blog (0)



Return to NZone

Who is online

Users browsing this forum: No registered users and 0 guests