Archiv verlassen und diese Seite im Standarddesign anzeigen : Mein Neue Foto
Received: from [218.222.84.179] (helo=U084179.ppp.dion.ne.jp)
by mx32.web.de with smtp (WEB.DE 4.105 #323)
ID: [ID filtered]
for xxx; Sat, 08 Oct 2005 xx:xx:xx +0200
Received: from mail.com (mail-com-bk.mr.outblaze.com [64.71.166.194])
by U084179.ppp.dion.ne.jp (Postfix) with ESMTP ID: [ID filtered]
for <xxx>; Sat, 08 Oct 2005 xx:xx:xx -0500
From: "Dejection R. Peripheries" <macrotron [at] mail.com>
To: Oliveer <xxx>
Subject: Mein Neue Foto
Date: Sat, 08 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000
X-Virus-Scanned: by amavisd-milter at U084179.ppp.dion.ne.jp
Sender: macrotron [at] mail.com
Hallo!
Wie geht es Ihnen?
Wo werden Sie so lang gewesen?
Ich versprach senden an Sie einige Fotos über mich!
Also, und jetzt können Sie meine Fotos auf meinem Photoalbum sehen!
My Foto Album (http://bestphotoalbum.net)
Tja, irgendwie doch keine Fotos :mad: Schade :rolleyes:
in diesem Sinne
Oliver
Tja, irgendwie doch keine Fotos :mad: Schade :rolleyes:
Aber dafür einen hervorragenden Verantwortlichen. Als Kinder haben wir immer gesagt:
"Wenn Dummheit weh tun würde ..."
Versuch Dich doch mal mit den Domains
- http://www.my-photos.de
- http://www.my-files.de
Ist bei mir am 05.10.2005 auch eingetroffen:
Return-Path: <esler [at] ondagrupera.com>
Delivery-Date: Wed, 05 Oct 2005 xx:xx:xx +0200
Received: from [221.219.184.19] (helo=louiskoo.com)
by mxeu9.kundenserver.de with ESMTP (Nemesis),
ID: [ID filtered]
Received: from ondagrupera.com (ondagrupera.com [216.187.103.170])
by louiskoo.com (Postfix) with ESMTP ID: [ID filtered]
for <xxxx>; Wed, 05 Oct 2005 xx:xx:xx -0500
From: "Devin L. Bennie" <esler [at] ondagrupera.com>
To: Abuse <xxxxx>
Subject: [SPAM] [SPAM?]: Mein Neue Foto
Date: Wed, 05 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1082
X-Virus-Scanned: by Ameriserv.net Anti-Virus E-Gateway
Envelope-To: xxxxxx
X-SpamScore: 1.864
tests= DATE_IN_PAST_06_12 MIME_HTML_NO_CHARSET
X-Spam-Flag: Yes
X-Spam-Level: 6/5
Selbe Mail ging bei mir auch ein und wenn ich den Link öffne dann meldet sich meine Norton Firewall ziemlich heftig zu Wort und warnt vor gefährlichen Scripten und auch Trojanern.
Received: from [220.79.79.154] (helo=dbzmail.com)
by mx32.web.de with smtp (WEB.DE 4.105 #323)
ID: [ID filtered]
for poor [at] spamvictim.tld; Sat, 08 Oct 2005 xx:xx:xx +0200
Received: from kellychen.com (kellychen-com-bk.mr.outblaze.com [205.158.62.177])
by dbzmail.com (Postfix) with ESMTP ID: [ID filtered]
for <poor [at] spamvictim.tld>; Fri, 07 Oct 2005 xx:xx:xx -0500
From: "Essequibo J. Erythrocyte" <ma_s [at] kellychen.com>
To: x <poor [at] spamvictim.tld>
Subject: Mein Neue Foto
Date: Fri, 07 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2505.0000
X-Virus-Scanned: Norton
Sender: ma_s [at] kellychen.com
Sven Udo
10.10.2005, 02:16
Hilfe, die "Soviets" kommen zurück :skull: From Soviets I. Carousal Sun Oct 9 xx:xx:xx 2005
X-Apparently-To: xxxxxxxx [at] yahoo.com.au via 66.218.93.232; Sun, 09 Oct 2005 xx:xx:xx -0700
X-YahooFilteredBulk: 82.3.140.138
X-Originating-IP: [82.3.140.138]
Return-Path: <chdioux [at] sesmail.com>
Authentication-Results: mta127.mail.mud.yahoo.com from=sesmail.com; domainkeys=neutral (no sig)
Received: from 82.3.140.138 (HELO cpc2-dove1-4-0-cust138.asfd.cable.ntl.com) (82.3.140.138) by mta127.mail.mud.yahoo.com with SMTP; Sun, 09 Oct 2005 xx:xx:xx -0700
Received: from sesmail.com (sesmail-com-bk.mr.outblaze.com [205.158.62.181]) by cpc2-dove1-4-0-cust138.asfd.cable.ntl.com (Postfix) with ESMTP ID: [ID filtered]
From: "Soviets I. Carousal" <chdioux [at] sesmail.com> Add to Address Book
To: "xxxxxxxxxxxx" <poor [at] spamvictim.tld>
Subject: Mein Neue Foto
Date: Sun, 09 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
Content-Length: 843 Hallo!
Wie geht es Ihnen?
Wo werden Sie so lang gewesen?
Ich versprach senden an Sie einige Fotos über mich!
Also, und jetzt können Sie meine Fotos auf meinem Photoalbum sehen!
My Foto Album http://bestphotoalbum.net/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Da kommt ja bei mir eine illustere Gesellschaft zusammen:
http://bestphotoalbum.net/ is a URL.
Domain Dossier will continue with bestphotoalbum.net.
Address lookup
canonical name bestphotoalbum.net.
aliases
addresses 62.219.85.199
68.187.213.82
82.131.7.68
Domain Whois record
Queried whois.internic.net with "dom bestphotoalbum.net"...
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: BESTPHOTOALBUM.NET
Registrar: COMPUTER SERVICES LANGENBACH GMBH DBA JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Queried whois.joker.com with "bestphotoalbum.net"...
domain: bestphotoalbum.net
owner: Jeffrey Baccus
email: ver84kd [at] gmail.com
address: 9313 Western Trail
city: Irving
state: TX
postal-code: 75063
country: US
% Information related to '62.219.85.0 - 62.219.87.255'
inetnum: 62.219.85.0 - 62.219.87.255
netname: NV-BEER-SHEVA-TECHNOLOGY-COLLEGE
descr: NACE-LAN
country: IL
admin-c: YK76-RIPE
tech-c: BHT2-RIPE
status: ASSIGNED PA
remarks: please send ABUSE complains to abuse [at] bezeqint.net
remarks: INFRA-AW
mnt-by: AS8551-MNT
mnt-lower: AS8551-MNT
changed: hostmaster [at] bezeqint.net 20041102
source: RIPE
Das ist hier am WE auch öfters angekommen. Hier mal einer der Header:
Return-Path: <erskine [at] queretaro.com>
Received: from 20118163202.host.telemar.net.br (HELO earthlink.net)
(201.18.163.202) by 0 with SMTP; 10 Oct 2005 00:XX:XX -0000
Received: from queretaro.com (queretaro-com.mr.outblaze.com
[208.36.123.75]) by earthlink.net (Postfix) with ESMTP ID: [ID filtered]
<poor [at] spamvictim.tld>; Sun, 09 Oct 2005 10:XX:XX -0500
From: "Clans K. Khachaturian" <erskine [at] queretaro.com>
To: me <poor [at] spamvictim.tld>
Subject: Mein Neue Foto
Date: Sun, 09 Oct 2005 10:XX:XX -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1123
X-AntiVirus: OK! AntiVir MailGate Version 2.0.1; AVE: 6.15.0.0; VDF:
6.15.0.6
Spamvertized wurde http://bestphotoalbum.net
Received: from [218.158.40.214] (helo=allsaintsfan.com)
by mx26.web.de with smtp (WEB.DE 4.105 #323)
ID: [ID filtered]
for xxx; Mon, 10 Oct 2005 xx:xx:xx +0200
Received: from ezagenda.com (ezagenda-com-bk.mr.outblaze.com [205.158.62.177])
by allsaintsfan.com (Postfix) with ESMTP ID: [ID filtered]
for <xxx>; Sun, 09 Oct 2005 xx:xx:xx -0500
From: "Cubbyhole C. Epoxy" <ganadist [at] ezagenda.com>
To: Oliveer <xxx>
Subject: Mein Neue Foto
Date: Sun, 09 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
X-Virus-Scanned: by Ameriserv.net Anti-Virus E-Gateway
Sender: ganadist [at] ezagenda.com
Mich hat der auch mal wieder belästigt. :mad:
in diesem Sinne
Oliver
Raencker
10.10.2005, 10:25
Und auch bei mir ist der aufgeschlagen:
Return-Path: <mark_smirnenski [at] yahoo.co.uks>
Delivery-Date: Mon, 10 Oct 2005 xx:xx:xx +0200
Received: from [24.232.166.80] (helo=OL80-166.fibertel.com.ar)
by mxeu8.kundenserver.de with ESMTP (Nemesis),
ID: [ID filtered]
Received: from yahoo.co.uks (yahoo.co.uks [115.29.12.19])
by OL80-166.fibertel.com.ar (Postfix) with ESMTP ID: [ID filtered]
for <***********************>; Sun, 09 Oct 2005 xx:xx:xx -0500
From: "Tuna O. Oglethorpe" <mark_smirnenski [at] yahoo.co.uks>
To: ****** <***********************>
Subject: Mein Neue Foto
Date: Sun, 09 Oct 2005 xx:xx:xx -0500
Message-ID: [ID filtered]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4024
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
X-Virus-Scanned: by AMaViS perl-11 mion
Envelope-To: ***********************
bestphotoalbum.net wird ganz offensichtlich auf einem Botnetz gehostet, ähnlich wie die neulich hier gesehenen Phishing-Domains von Leo.
68.187.213.82
62.219.85.199
82.131.7.68
68.187.213.82
213.54.152.79
172.176.156.61
84.130.69.229
70.246.221.175
ns1.fastsecurity.net 67.84.62.212 Optimum Online (Cable)
ns2.fastsecurity.net 217.34.33.173 btopenworld
84.130.69.229
DTAG-DIAL19 - da ist spätestens nach 24h hängen im Schacht. (Zwangstrennung) :D
Zwangstrennung...
Das ist für die kein Problem.
Bei erneuter Einwahl sendet der Trojaner sicherlich seine neue IP an den "Master" in Russland.
Das schon, aber ich hab heute einen Spam bekommen für
http://84.165.203.183/eBay/index.htm
Nach der Trennung ist der Spam für die Katz :cool:
Powered by vBulletin® Version 4.2.3 Copyright ©2024 Adduco Digital e.K. und vBulletin Solutions, Inc. Alle Rechte vorbehalten.