Gettys short email response. Plus interesting picscout url

[holysmokes]

I received this string of code in my analytic data the same day they responded to my written letter. Gettys response was in email format.

This particular email was short, unlike their other emails which range in 5-8 paragraphs (cookie cutter emails).

I mailed them a letter asking for proof of copyright registration, signed paper work of artist transferring copyright paper work to Getty. Photographer information so that I may contact them to apologize. Exact day of infringement and how they calculated their damages. Also, pointing out that they are aware I innocently acquired 'their' image, enforcing without really saying that I know I'll only have to pay $200 if this does go to court.

This new email was no more than 2 paragraphs, stating if the matter were to go to court then the information requested will be presented. Maybe a one last effort to scare me? But I know this is common for them to answer in that form when asking for info like that.

In their previous emails, they still finish off with saying they are still seeking $xxx damages and that I pay promptly within 2 weeks. This one, had nothing of that nature.

They simply told me the exact day of infringement and explained how they are estimating damages.

Any who, here is what's more interesting.

https://stock.picscout.com/monitoring/getty/login.aspx

I hope they logged in that day to remove my name and said, "the hell with this guy, he keeps mailing back forms when we email him and isn't budging." I know that's a bit farfetched, but this is the only time I have seen this code on the days they respond. I track activity everyday, especially on days I receive communication from Getty just to see what 'tracking code' comes their way, and this was a new one. Hell, they could have logged in to escalate for all I know lol.

Anyone else see this referral traffic from Getty?

[Matthew Chan]

Very interesting.

Do we know of any hackers that can get us inside to take a peek?  LOL.

https://stock.picscout.com/monitoring/getty/login.aspx

[lucia]

Did you see this as a referrer? Inside your .htaccess file, include these things:

====

Options +FollowSymlinks
RewriteEngine on
# methods
RewriteCond %{REQUEST_METHOD} ^PROPFIND$ [NC,OR]
RewriteCond %{REQUEST_METHOD} ^OPTIONS$ [NC,OR]
# referrers
RewriteCond %{HTTP_REFERER} (gettywan|gettyimages\.com|getty\.com|picscout\.com|\.aspx) [NC,or]
RewriteCond %{HTTP_REFERER}  (imagesearch) [NC,or]
RewriteCond %{HTTP_REFERER}  (C:\\) [NC]
RewriteRule .* - [F,L]

The
RewriteRule .* - [F,L]

But blocks anything in the long "or" list from being served anything.

The
"RewriteCond %{HTTP_REFERER} (gettywan|gettyimages\.com|getty\.com|picscout\.com|\.aspx) [NC,or]" bit will block any referers that contain either 'gettyimages.com', 'getty.com', 'picsout.com' or '\.aspx' .   

For a while I had a simpler line blocking anything containing getty, but that blocks "getty-images-letter-forums" which was inconvenient!  I'm adding \.aspx because it looks like they could just install the login.aspx file on other domains. People are rarely going to be surfing over from pages ending with .aspx!

For information on gettywan.com see

http://www.extortionletterinfo.com/forum/getty-images-letter-forum/too-all-webmasters-do-you-recall-this-getty-traffic-source/msg4057/#msg4057

[Robert Krausankas (BuddhaPi)]

Very interesting.

Do we know of any hackers that can get us inside to take a peek?  LOL.

https://stock.picscout.com/monitoring/getty/login.aspx

I'm completely ignoring this from this moment on..