A team of British scientists led by Professor Milton Wainwright from Sheffield University have found what they believe to be an alien organism arriving from space in the stratosphere. They claim to have found a microscopic titanium sphere containing biological matter the likes of which have never been seen on Earth. But with only one sample collected and no DNA testing possible on it, the scientific community at large are sceptical.
CyberCriminals ? StayAwayFrom'Em ! Let'Em ComeToYou...
Translate
12/28/2013
VIDEO: Are there Aliens in our atmosphere ?
A team of British scientists led by Professor Milton Wainwright from Sheffield University have found what they believe to be an alien organism arriving from space in the stratosphere. They claim to have found a microscopic titanium sphere containing biological matter the likes of which have never been seen on Earth. But with only one sample collected and no DNA testing possible on it, the scientific community at large are sceptical.
Cybercrime Review Who is Who:
Kaleb Harper Ketchens
El Paso Independent School District Computer System (EPISD) Hacker
On April 5th 2012, Kaleb Harper Ketchens, 20, from Meridian, Mississippi was arrested under federal charges from the FBI El Paso Division, in connection with an unauthorized access of the El Paso Independent School District computer system.
On March 28th, 2012, Ketchens got charged with two counts of computer fraud and one count of fraud and
related activity in connection with identification documents,
authentication features, and information.
Around August 29th, 2011, Ketchens illegally hacked into the EPISD System (El Paso Independent School District Computer System) to get students' identification numbers and posted them later on a hacker underground website. The computer security breach was discovered when a computer security company noticed a hacker bragging on a website about breaking into the EPISD system. The hacker, using the name "Host Bustorz," claimed that he broke into the EPISD network but would not post Social Security numbers online.
EPISD officials had said the hacker broke into the district's internal network and gained access to information such as names, birth dates, addresses and Social Security numbers of district employees and students.
The computer hacking caused the school district to warn parents to take precautionary measures to protect their children's identity with online identity fraud alerts.
After his Court appearence, Ketchens was released on a 10.000 USD unsecured bond and was ordered to appear on April 19th, 2012 before U.S. Magistrate Judge Norbert Garney in El Paso for his arraignment.
In September 2012 Ketchens plead guilty and the federal judge in El Paso accepted the fraud pleas. On his sentencing date December 12th, 2012, Ketchens was facing up to five years in prison on each count.
Other INFO-LINKS:
Kaleb Ketchens (Photo courtesy: KVIA-TV) |
Around August 29th, 2011, Ketchens illegally hacked into the EPISD System (El Paso Independent School District Computer System) to get students' identification numbers and posted them later on a hacker underground website. The computer security breach was discovered when a computer security company noticed a hacker bragging on a website about breaking into the EPISD system. The hacker, using the name "Host Bustorz," claimed that he broke into the EPISD network but would not post Social Security numbers online.
EPISD officials had said the hacker broke into the district's internal network and gained access to information such as names, birth dates, addresses and Social Security numbers of district employees and students.
The computer hacking caused the school district to warn parents to take precautionary measures to protect their children's identity with online identity fraud alerts.
After his Court appearence, Ketchens was released on a 10.000 USD unsecured bond and was ordered to appear on April 19th, 2012 before U.S. Magistrate Judge Norbert Garney in El Paso for his arraignment.
U.S. Magistrate Judge Norbert Garney |
Other INFO-LINKS:
- http://www.fbi.gov/elpaso/press-releases/2012/el-paso-fbi-agents-arrest-mississippi-man-for-unauthorized-access-of-el-paso-independent-school-district-computer-system
Trojan-Downloader.JS.Iframe.dfe - Infected Domain: v042585.home.net.pl (POLAND)
DOMAIN:
INFECTED WITH:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=v042585.home.net.pl
v042585.home.net.plhttps://www.virustotal.com/de/url/cbdc44c866aa94f13d1626d721c7d0ed2e92b6575e5122b213a9dc6e8fb72ded/analysis/1388240722/
INFECTED WITH:
Trojan-Downloader.JS.Iframe.dfe
- https://www.virustotal.com/de/file/646f32ef14273ae0846deb527c5c16f70c0178fb9b1be15353c3f339e468f3ad/analysis/1388240861/
- https://urlquery.net/report.php?id=8587848
micro-wave.be
- https://www.virustotal.com/de/url/46f8656edf75d8c3b048d7f3b7ecf23d89f17f74262e47d2e0a57f7623bd538e/analysis/1388241255/
micro-wave.be/talkingheadsdemo/KMYP2vNq.php
- https://www.virustotal.com/de/url/e7e4e29b775ff91d0278b2fb992ac4c8e361e6104726140adcc0649d1351411d/analysis/1388241208/
- https://www.virustotal.com/de/file/600817e3794af79c1464b1003c8864035e3200130ba6fbc49fd86deab3ce84c9/analysis/1383361608/
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=v042585.home.net.pl
Malicious Site: romhc.org.uk - Blackhat SEO Spam - Rogue Applications etc. SCAM, PHISHING
BLACKHAT SEO SPAM - TDS URL pattern - RBN 434
https://www.google.com/search?q=%22Cheap%20Vista%20for%20Students%22%20site%3Aromhc.org.uk#q=%22Adobe%22+site%3Aromhc.org.uk
DOMAIN:
--->
IP romhc.org.uk: 74.220.207.77
https://www.google.com/search?q=%22Cheap%20Vista%20for%20Students%22%20site%3Aromhc.org.uk#q=%22Adobe%22+site%3Aromhc.org.uk
DOMAIN:
romhc.org.uk
- https://www.virustotal.com/de/url/fdf4cf336eedca039caf6ff3fed712e937f006b214e15ea7b69152e1e0c3315a/analysis/1388235750/
- https://urlquery.net/report.php?id=8582533
romhc.org.uk/index.php?q=adobe-web-premium-student-discount
- https://www.virustotal.com/de/url/929018858465569e78df15ed77e8ce8ef42f487a76e99e7f3ac43d79db3a3573/analysis/1388222771/
- https://urlquery.net/report.php?id=8582530
keycollector.pw
- https://www.virustotal.com/de/url/9a068164c93a7846ee42bde821b8945b72dde17688857863abcf750dcff2fe37/analysis/1388235992/
keycollector.pw/go.php?sid=1
- https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1388236011/
--->
qualisoft.biz
- https://www.virustotal.com/de/url/27091106895406579538ebe33e76cccf4bd476210f3229c77669af925b050388/analysis/1388236240/
euxzqvcxgbirbtra.qualisoft.biz
- https://www.virustotal.com/de/url/a7d545757276ed198bb6efc694ff44c82105b43c8a5581190ee2cb582ecafcf1/analysis/1388236376/
IP romhc.org.uk: 74.220.207.77
- https://www.virustotal.com/de/url/acc2a6be4299a171f54c7de4da8ff07c1836e88f52a6166bc3401dcdeed70327/analysis/1388236607/
- https://www.virustotal.com/de/ip-address/74.220.207.77/information/
Corruption at the U.S. Customs and Border Protection:
Officer Lorne “Hammer” Jones allowing Tons of Marijuana
to be smuggled through his inspection lanes
On December 20th 2013, a veteran U.S. Customs and Border Protection officer was convicted by a federal jury today of allowing tons of marijuana and loads of people to be smuggled through "his" inspection lanes.
A jury in federal court deliberated for five days before convicting Lorne Leslie "Hammer" Jones, 50, of helping smugglers enter the U.S. through the San Ysidro and Otay Mesa border crossings.
"Lorne Jones allowed greed to destroy everything his badge represents," said U.S. Atty. Laura Duffy.
Jones was on the take for a decade beginning in 2000, first waving cars and vanloads of aliens and drugs through his lane at the San Ysidro port of entry, and eventually graduating to tractor-trailers jammed with marijuana at the commercial port at Otay Mesa.
Prosecutors said that Jones, a former Marine, received as much as 500.000 USD from smugglers, allowing a lavish lifestyle that included a boat, trips to Las Vegas and season tickets to San Diego Chargers games.
Prosecutors used a database that tracks people and vehicles crossing the border to argue that Jones knew for years that large vehicles operated by drug trafficking organizations were passing through the lanes where he was an inspector.
Jones volunteered to work overtime shifts so he could wave through vans jammed with undocumented immigrants and drugs, and trucks full of marijuana, prosecutors said.
Jones' involvement in the conspiracy became known when a van stuffed with four tons of marijuana was detected at the San Ysidro crossing by another inspector and a pot-sniffing dog, according to testimony. Jones was supposed to wave the van through the crossing, but the detection was made before the van reached his position.
Among the prosecution witnesses was a former colleague of Jones' who testified that the pair was helping smugglers in the early 2000s. The colleague has since served four years in prison.
Jones had been an inspector since 1994. He was indicted in 2010. Sentencing was set for March 24, 2014 at 9 a.m.
A jury in federal court deliberated for five days before convicting Lorne Leslie "Hammer" Jones, 50, of helping smugglers enter the U.S. through the San Ysidro and Otay Mesa border crossings.
"Lorne Jones allowed greed to destroy everything his badge represents," said U.S. Atty. Laura Duffy.
Jones was on the take for a decade beginning in 2000, first waving cars and vanloads of aliens and drugs through his lane at the San Ysidro port of entry, and eventually graduating to tractor-trailers jammed with marijuana at the commercial port at Otay Mesa.
Prosecutors said that Jones, a former Marine, received as much as 500.000 USD from smugglers, allowing a lavish lifestyle that included a boat, trips to Las Vegas and season tickets to San Diego Chargers games.
Prosecutors used a database that tracks people and vehicles crossing the border to argue that Jones knew for years that large vehicles operated by drug trafficking organizations were passing through the lanes where he was an inspector.
Jones volunteered to work overtime shifts so he could wave through vans jammed with undocumented immigrants and drugs, and trucks full of marijuana, prosecutors said.
Jones' involvement in the conspiracy became known when a van stuffed with four tons of marijuana was detected at the San Ysidro crossing by another inspector and a pot-sniffing dog, according to testimony. Jones was supposed to wave the van through the crossing, but the detection was made before the van reached his position.
San Ysidro Checkpoint in San Diego |
Jones had been an inspector since 1994. He was indicted in 2010. Sentencing was set for March 24, 2014 at 9 a.m.
Category MALICIOUS IP: 177.97.145.173 - Kelihos Spambot - Brazil
The IP Address 177.97.145.173 (IP LOCATION: Brazil) is listed in the CBL (Composite Blocking List). It appears to be infected with a spam sending trojan, proxy and/or some other form of botnet. This IP is infected (or NATting for a computer that is infected) with the Kelihos Spambot. In other words, it's participating in a botnet.
REFERENCES:
LISTED @ CBLABUSEAT:
Fwd/Rev DNS Match: No
Email Reputation: Poor
REFERENCES:
- https://www.virustotal.com/de/url/e6fa619af189caf9a9822a91b5b969916a773e727bf608b8d7dd2e6b2484ad68/analysis/1388217360/
LISTED @ CBLABUSEAT:
Fwd/Rev DNS Match: No
Email Reputation: Poor
- http://www.senderbase.org/lookup/?search_string=177.97.145.173
12/27/2013
Documentary VIDEO: Drone On...The Future of UAV Over the US
You have probably heard about drones in the recent news. These unmaned flying objects are momentarily used mainly throughout the Middle East and North Africa. When they aren't spying on suspected terrorists they're probably killing them with "Hellfire"-Missiles.
However, drones are on their way to the United States and will be used to keep an eye on "things", so they're not going to kill you. At least not yet. MotherboardTV has been fascinated with the drones for a while now and realized that there are some misconceptions about the unmanned aerial vehicles. (22 Minutes)
However, drones are on their way to the United States and will be used to keep an eye on "things", so they're not going to kill you. At least not yet. MotherboardTV has been fascinated with the drones for a while now and realized that there are some misconceptions about the unmanned aerial vehicles. (22 Minutes)
After TARGET Data Breach: There is a Need to target on Web Security
As multinational banks as other financial institutes struggle to protect clients after a massive data breach at retail giant Target, small service companies also should be concerned about their Online Security. Its just not tough enough to be protected in a secure way, as Online Fraud is increasing every year in a more and more faster way.
Between November 27th and December 15th, cybercriminals hurried off with data from 40 million credit and debit card accounts of people who shopped regulary at Target’s 1.924 stores in the United States and in Canada.
So far, at least three class-action lawsuits have been filed.
The U.S. Small Business Administration says cyber threats are an issue for everyone, and small businesses are becoming more common targets for such threats and crimes because they often have fewer preventive or responsive resources, as being or getting protected in a competent way also increases the costs. But Security start with yourself.
The USSBA though offers in its latest online training course some of the Basics in: “What is cybersecurity?”. (See Link at the end of this post beneath)
With the help of technology and best practices, cybersecurity is the effort to pro-tect computers, programs, networks and data from fraudulent Attacks. Or to ask in other words:
It’s essential to do your part to keep these details safe and out of the hands of those who could use your data to compromise you and everything surrounding your business.
CNN reported, that nearly half of the data breaches that Verizon has recorded in 2012, took place in companies Staff with less than one thousand. Symantec reports show that 31 % of all Cyberattacks in 2012 happened to businesses that had less than 250 employees. In 2011 Attacks were rising up to 81 percent.
Website tampering is a form of Web-based attack in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without the Webmasters authorization. This finally directs the browser to a link, page or site other than the one the user intended (although it may look exactly the same to the usual client).
Parameter tampering can be employed by Cybercriminals and identity thieves to stealthily obtain personal or business information about the user. Countermeasures specific to the prevention of parameter tampering involve the validation of all parameters to ensure that they conform to standards concerning minimum and maximum allowable length, allowable numeric range, allowable character sequences and patterns, whether or not the parameter is actually required to conduct the transaction in question, and whether or not null is allowed.
A denial-of-service attack DoS happens on a CPU or Web site and locks the computer and/or crashes the system, resulting in stopped or slowed work flow.
Malware code and/or viruses are sent over the Internet and aim to find and send your files, find and delete critical data, or block your computer or system. They can hide in programs or documents and make copies of themselves without your knowledge.
What Prevention measures YOU should take
The main first step secureing the critical information of your business, is to create a far-reaching firm security policy. Second Step: keep them up-to-date. Third Step: convincing your employees to keep the proprieties according to the policies.
If interested, the following Link brings you to the Small Business Learning Center at www.sba.gov and will take 30 Minutes:
Click to Start Your Course now !
Between November 27th and December 15th, cybercriminals hurried off with data from 40 million credit and debit card accounts of people who shopped regulary at Target’s 1.924 stores in the United States and in Canada.
So far, at least three class-action lawsuits have been filed.
The U.S. Small Business Administration says cyber threats are an issue for everyone, and small businesses are becoming more common targets for such threats and crimes because they often have fewer preventive or responsive resources, as being or getting protected in a competent way also increases the costs. But Security start with yourself.
USSBA Seal |
With the help of technology and best practices, cybersecurity is the effort to pro-tect computers, programs, networks and data from fraudulent Attacks. Or to ask in other words:
Why is cybersecurity important ?
Consider all the information you have that needs to be secure, like personal information for employees, Businesspartner information, sensitive information for consumers, and also sensitive and secret business information.
It’s essential to do your part to keep these details safe and out of the hands of those who could use your data to compromise you and everything surrounding your business.
CNN reported, that nearly half of the data breaches that Verizon has recorded in 2012, took place in companies Staff with less than one thousand. Symantec reports show that 31 % of all Cyberattacks in 2012 happened to businesses that had less than 250 employees. In 2011 Attacks were rising up to 81 percent.
The Methods
The Range of ways getting compromised is Vast. This Range might vary between Web site tampering, data breach, DoS up to Malware and Trojans.
Website tampering is a form of Web-based attack in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without the Webmasters authorization. This finally directs the browser to a link, page or site other than the one the user intended (although it may look exactly the same to the usual client).
Parameter tampering can be employed by Cybercriminals and identity thieves to stealthily obtain personal or business information about the user. Countermeasures specific to the prevention of parameter tampering involve the validation of all parameters to ensure that they conform to standards concerning minimum and maximum allowable length, allowable numeric range, allowable character sequences and patterns, whether or not the parameter is actually required to conduct the transaction in question, and whether or not null is allowed.
A denial-of-service attack DoS happens on a CPU or Web site and locks the computer and/or crashes the system, resulting in stopped or slowed work flow.
Malware code and/or viruses are sent over the Internet and aim to find and send your files, find and delete critical data, or block your computer or system. They can hide in programs or documents and make copies of themselves without your knowledge.
What Prevention measures YOU should take
The main first step secureing the critical information of your business, is to create a far-reaching firm security policy. Second Step: keep them up-to-date. Third Step: convincing your employees to keep the proprieties according to the policies.
- Be ensured that your computer hardware and software are updated regularly.
- Change passwords periodically and use firewalls to protect your systems.
- You should back up your data on a regular basis so that if something is compromised, you have a secure copy.
If interested, the following Link brings you to the Small Business Learning Center at www.sba.gov and will take 30 Minutes:
Click to Start Your Course now !
Labels:
Business,
Cyber Attack,
Cyber Safety Tips,
Cybercrime,
Cybersecurity,
Data Breach,
Online Security,
Online Theft,
Security Prevention,
Small Business Administration,
Target Corporation,
United States
Cybercrime Review Who is Who:
Anil Kheda (Rampid Interactive Hacker)
In November 2012 Anil Kheda, a dutch National, got charged under federal constitution in the District of New Hampshire with allegedly conspiring to hack into and disable computer servers belonging to Rampid Interactive, a New Hampshire-based company that publishes and hosts a multi-player online role-playing game called “Outwar” (+75.000 active players).
From November 2007 to August 2008, Anil Kheda (the "Leader") and some additional members of the Plot, all of whom were avid “Outwar” players, accessed Rampid’s computer servers without authorization and rendered “Outwar” unplayable for days at a time.
They also used their unauthorized access to Rampid’s servers to alter user accounts, causing the restoration of suspended player accounts and the accrual of unearned game points, and to obtain a copy of all or portions of the “Outwar” computer source code, which they used to help create a competitor online game, named “Outcraft.”
The indictment also stated that Kheda and his alleged online buddies sent Rampid interstate communications threatening to continue to hack into Rampid’s computer systems unless Rampid agreed to pay them money or provide them with other benefits. Kheda claimed to have found vulnerabilities in the Rampid's network and the Outwar source code that allowed him to gain administrator access to the underlying functions of the game.
His ability to repeatedly delete a user database seems to indicate his claims were at least partially true. This lack although, caused Outwar to go down for a total of about two weeks over the nine-month stretch, causing Rampid to lose more than 100.000 USD in lost revenues, wages, hosting costs, long term loss of business, as well as the loss of exclusive use of their proprietary source code, which it had invested approximately 1.5 million USD in creating the Platform.
According to court documents, Kheda earned approximately 10.000 USD in profits from operating “Outcraft,” which has approximately 10.000 players worldwide.
"You guys have the following three options," Kheda wrote in a December 2007 e-mail included in the federal indictment.":
"Pimpster may have pussed out after [an employee at Rampid] called his mom, I'll never talk to that noob snitch again," Kheda wrote, according to the indictment. "However I am still around, you guys probably thought that pimpster has been doing this all by himself, think again noobs."
What finally Sentence Kheda received (or not) is so far unknown, as i checked the Web, but came up with nothing so far. Kepping an eye on it although.
From November 2007 to August 2008, Anil Kheda (the "Leader") and some additional members of the Plot, all of whom were avid “Outwar” players, accessed Rampid’s computer servers without authorization and rendered “Outwar” unplayable for days at a time.
They also used their unauthorized access to Rampid’s servers to alter user accounts, causing the restoration of suspended player accounts and the accrual of unearned game points, and to obtain a copy of all or portions of the “Outwar” computer source code, which they used to help create a competitor online game, named “Outcraft.”
The indictment also stated that Kheda and his alleged online buddies sent Rampid interstate communications threatening to continue to hack into Rampid’s computer systems unless Rampid agreed to pay them money or provide them with other benefits. Kheda claimed to have found vulnerabilities in the Rampid's network and the Outwar source code that allowed him to gain administrator access to the underlying functions of the game.
His ability to repeatedly delete a user database seems to indicate his claims were at least partially true. This lack although, caused Outwar to go down for a total of about two weeks over the nine-month stretch, causing Rampid to lose more than 100.000 USD in lost revenues, wages, hosting costs, long term loss of business, as well as the loss of exclusive use of their proprietary source code, which it had invested approximately 1.5 million USD in creating the Platform.
According to court documents, Kheda earned approximately 10.000 USD in profits from operating “Outcraft,” which has approximately 10.000 players worldwide.
"You guys have the following three options," Kheda wrote in a December 2007 e-mail included in the federal indictment.":
1. Let me play again on my master account (with everything that was on it), and I will report everything when I come across a vulnerability.During another exchange with Rampid employees, Kheda allegedly demanded he be given the name and address of a fellow hacker called Pimpster, who is listed as an unindicted co-conspirator in the indictment. Kheda ultimately demanded he be given contact details for the UK juvenile after he backed out of the alleged conspiracy to hack Rampid's network, according to prosecutors.
2. Pay me $1500 and you will never hear from me again.
3. Don't reply to this e-mail and you are gonna wish you picked one of the other options.
"Pimpster may have pussed out after [an employee at Rampid] called his mom, I'll never talk to that noob snitch again," Kheda wrote, according to the indictment. "However I am still around, you guys probably thought that pimpster has been doing this all by himself, think again noobs."
What finally Sentence Kheda received (or not) is so far unknown, as i checked the Web, but came up with nothing so far. Kepping an eye on it although.
Category MALICIOUS DOMAIN: anadoluerenleri.org - HEUR:Trojan.Script.Iframer - Exploit Kit Blackhole (Turkey)
MALICIOUS DOMAIN:
anadoluerenleri.org
- https://www.virustotal.com/de/url/e16489216d92994fbac3bbcb9cb37d95d0d2cd1e4fb010be8b34728cceaccbae/analysis/1388152745/
- https://www.virustotal.com/de/file/30a611161ae8c4a3d06ca0052795ce7adc378dbf09405536f98bb9a1697ee3b9/analysis/1388153111/
- https://www.virustotal.com/de/file/67c43a96d2475e927f5bf7d98796bef0f899031983ff1cdf5c9d564ca32970bc/analysis/1388153087/
- https://urlquery.net/report.php?id=8568895
rcmeewprehhjewea.info
- https://www.virustotal.com/de/url/412467cad9e07b697b7dfb855b20bec7f27f603e7e722c6bc49bde31551e4b3c/analysis/1388153380/
rcmeewprehhjewea.info/in.cgi?14
- https://www.virustotal.com/de/url/a7da15f9a7b751e57c085195fde2dfb5ae73516edd7ce5c33c136c90e79298e3/analysis/1388153366/
- http://www.google.com/safebrowsing/diagnostic?site=anadoluerenleri.org
12/26/2013
It Works Spa: Christopher Tierney of Omaha provided Computer and Electronic Services for Prostitution Spas. Sentenced to 3 years of Probation Plus a 15.000 $ Fine ! ZACK
United States Attorney Deborah R. Gilg announced that Christopher J. Tierney was sentenced on December 23rd, 2013, by U.S. District Judge Laurie Smith Camp to a term of probation of three years. Tierney was also ordered to pay a fine of 15.000 USD.
Tierney pled guilty on August 19th, 2013, to one count of conspiracy to use facilities in interstate commerce in aid of a racketeering enterprise (that is, a business enterprise involving prostitution) and to induce travel in interstate commerce with intent to engage in prostitution.
District Judge Camp |
Deborah R. Gilg |
Tierney provided computer and electronic services for the spas. He set up a spa website accessible over the Internet. The website advertised available services and contact information. He also upgraded the website to include a “Members Only” section.
Established customers of the spas could access a Members Only section of the website to read about the female workers providing services and view provocative pictures of them. Tierney conducted “photo shoots” of workers for inclusion in the Members Only section of the website. The website also allowed customers to communicate with the spas by e-mail and to set up appointments online. Tierney also participated in “sessions” with workers during which he received sex acts in exchange for money.
In addition to setting up the website for the spas, Tierney set up and maintained surveillance cameras at the 93rd Street Spa and later at the 72nd Street Spa. Using those cameras and the Internet, Tierney and others could remotely monitor what was occurring inside and outside the 72nd Street Spa.
Tierney also created and upgraded a computerized record keeping and management system, entitled “Spa Manager.” The Spa Manager system generated text messages to workers’ cell phones to notify them of appointments for which they had been scheduled. The Spa Manager system also tracked various data related to the spas’ operation.
SOURCE: FBI
12/25/2013
SPAM, SCAM, PHISHING: online-mktsharing.com - Devenez investisseur - Du Fric Pour Les Nuls (Money for Losers)
SPAM, SCAM, PHISHING: Devenez investisseur - Du Fric Pour Les Nuls (Money for Losers)
online-mktsharing.com
- https://www.virustotal.com/de/url/4cdfde29c80ee6e69947e3ed735022deaa42c0aee539c4dcbab81b46697ee4e6/analysis/
- https://www.virustotal.com/de/url/e2393028ea241dfada8f90331d7848644c5624a3ed3a02626edfe20681cd60f7/analysis/1387973314/
- https://www.projecthoneypot.org/ip_199.241.147.136
- http://www.senderbase.org/lookup/?search_string=199.241.147.136
Malicious Site: www.itv-h.nl - Blackhat SEO Rogue Medications SCAM, SPAM, PHISHING
BLACKHAT SEO SPAM (Viagra, Cialis & co.) (TDS URL PATTERN)
https://www.google.com/search?q=%22Cheap%20Vista%20for%20Students%22%20site%3Awww.itv-h.nl#q=%22Viagra%22+site%3Awww.itv-h.nl
DOMAIN
www.itv-h.nl
https://www.virustotal.com/de/url/db0b7cacafa60e9af86d59ffd9cb50607746297dc4a696b44f90ebcd22166709/analysis/1387967753/
SPECIFIC URL:
www.itv-h.nl/viagra-kob.html
https://www.virustotal.com/de/url/dd8f10f702e672d1ec9dff469c0db539494b6dc782d80ec296d07f83782c4ee7/analysis/1387967607/
TDS URL PATTERN
https://urlquery.net/report.php?id=8541346
---> REMOTE DOMAIN
keycollector.pw
https://www.virustotal.com/de/url/9a068164c93a7846ee42bde821b8945b72dde17688857863abcf750dcff2fe37/analysis/1386973287/
SPECIFIC URL:
keycollector.pw/go.php?sid=1
https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1387967941/
TDS URL PATTERN
https://urlquery.net/report.php?id=8541376
--->
edapotek.eu
https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387967991/
https://www.google.com/search?q=%22Cheap%20Vista%20for%20Students%22%20site%3Awww.itv-h.nl#q=%22Viagra%22+site%3Awww.itv-h.nl
DOMAIN
www.itv-h.nl
https://www.virustotal.com/de/url/db0b7cacafa60e9af86d59ffd9cb50607746297dc4a696b44f90ebcd22166709/analysis/1387967753/
SPECIFIC URL:
www.itv-h.nl/viagra-kob.html
https://www.virustotal.com/de/url/dd8f10f702e672d1ec9dff469c0db539494b6dc782d80ec296d07f83782c4ee7/analysis/1387967607/
TDS URL PATTERN
https://urlquery.net/report.php?id=8541346
---> REMOTE DOMAIN
keycollector.pw
https://www.virustotal.com/de/url/9a068164c93a7846ee42bde821b8945b72dde17688857863abcf750dcff2fe37/analysis/1386973287/
SPECIFIC URL:
keycollector.pw/go.php?sid=1
https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1387967941/
TDS URL PATTERN
https://urlquery.net/report.php?id=8541376
--->
edapotek.eu
https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387967991/
12/24/2013
Category MALICIOUS DOMAIN: alspix.com - Trojan.JS.Iframe.aeq
Site seems to be cleaned up by now!
(10/01/2014)
alspix.com
- https://www.virustotal.com/de/url/66200488885b335345b60b418b5fda29c9bd2347eef2db7323f53f8831c3e832/analysis/1387898227/
- https://www.virustotal.com/de/url/f42d5d37a5353c401a09d261ad82238dacc1c423dd6e8ddb3bdda107c65a50f3/analysis/1387898448/
alspix.com/Links.html
- https://www.virustotal.com/de/url/d85a62e6c85a546951cf8ea032f4030a6b64697e2faf9bcf41ad65710817f433/analysis/1387898171/
- https://www.virustotal.com/de/file/f62a2c4ce65bd226e230e5336ab304e004460e680357e9e4f9e0d8d84b30313a/analysis/1387898792/
alspix.com/counter.php
- https://www.virustotal.com/de/url/d63f9e0ef3db9fb40e4a554fdd5fbce03f62336789e00050d44f32a5ea2045a7/analysis/1387899030/
- https://www.virustotal.com/de/file/cbd0feb69bcc3bc468d193f547184901efd1b9fac33607e3e8f2cede43d24549/analysis/1387898775/
alspix.com/testimonials.html
- https://www.virustotal.com/de/url/1b77d58c4f5cecbdf6695eadf8b1da76a5986bea9cabbe3946dc0bc5d6db43fe/analysis/
- https://urlquery.net/report.php?id=8530275
alspix.com/People.html
- https://www.virustotal.com/de/url/0eb4c2112166c681e379d25fed06231463aa53bf7657f1a9e158cb597488ce4d/analysis/1387899360/
- https://urlquery.net/report.php?id=8530271
SB13-357: US-CERT - Vulnerability Summary for the Week
of December 16, 2013
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
For Details SEE:
Cybercrime Review: East West Conspiracy - Andrew Auernheimer
Convicted of Hacking AT&T’s Servers
Auernheimer |
Andrew Auernheimer was convicted on November 20th, 2012, of both counts of a superseding indictment:
1) conspiracy to access AT&T’s servers without authorization and
2) disclose that information to a reporter at Gawker magazine and possession and transfer of means of identification for more than 120.000 iPad users.
Auernheimer was tried before U.S. District Judge Susan D. Wigenton in Newark federal court.
Susan Wigenton |
The iPad is a touch-screen tablet computer, developed and marketed by Apple Computers Inc., that allows users to, among other things, access the Internet and send and receive electronic mail.
Since its introduction in January 2010, AT&T has provided iPad users with Internet connectivity via AT&T’s 3G wireless network. During the registration process for subscribing to the network, a user is required to provide an e-mail address, billing address, and password.
Prior to mid-June 2010, AT&T automatically linked an iPad 3G user’s e-mail address to the Integrated Circuit Card Identifier (ICC-ID), a number unique to the user’s iPad, when he or/and she registered.
Every time a user accessed the AT&T website, the ICC-ID was recognized and the e-mail address was automatically populated for faster, user-friendly access to the site. AT&T kept the ICC-IDs and associated e-mail addresses confidential.
At that time, when an iPad 3G communicated with AT&T’s website, its ICC-ID was automatically displayed in the Universal Resource Locator, or URL, of the AT&T website in plain text. Seeing this, and discovering that each ICC-ID was connected to an iPad 3G user e-mail address, hackers wrote a script termed the “iPad 3G Account Slurper” and deployed it against AT&T’s servers.
The Account Slurper attacked AT&T’s servers for several days in early June 2010 and was designed to harvest as many ICC-ID/e-mail address pairings as possible. It worked by mimicking the behavior of an iPad 3G so that AT&T’s servers would be deceived into granting the Account Slurper access.
Co-conspirator, Daniel Spitler |
From June 5th, 2010 on through June 9th, 2010, the Account Slurper stole for its hacker-authors approximately 120.000 ICC-ID/e-mail address pairings for iPad 3G customers.
Immediately following the theft, the hackers of the Account Slurper provided the stolen e-mail addresses and ICC-IDs to the website Gawker, which published the stolen information in redacted form, along with an article concerning the breach. The article indicated that the breach “exposed the most exclusive e-mail list on the planet” and named a number of famous individuals whose e-mails had been compromised, including Diane Sawyer, Harvey Weinstein, New York Mayor Michael Bloomberg, and then-White House Chief of Staff Rahm Emanuel. The article also stated that iPad users could be vulnerable to spam marketing and malicious hacking. A group calling itself “Goatse Security” was identified as obtaining the subscriber data.
Goatse Security is a so-called “security research” group, composed of Internet hackers, to which both Spitler and Auernheimer belonged.
During the data breach, Spitler and Auernheimer communicated with one another using Internet Relay Chat, an Internet instant messaging program. Those chats not only demonstrated that Spitler and Auernheimer were responsible for the data breach, but also that they conducted the breach to simultaneously damage AT&T and promote themselves and Goatse Security. As the data breach continued, so too did the discussions between Spitler, Auernheimer, and other Goatse Security members about the best way to take advantage of the breach and associated theft. On June 10, 2010, immediately after going public with the breach, Spitler and Auernheimer discussed destroying evidence of their crime.
Each count on which Auernheimer was convicted is punishable by a maximum potential penalty of five years in prison and a fine of 250.000 USD.
12/23/2013
HAPPY CHRISTMAS PHISH: www.ginalogodesigner.com & adlai.freewalt.org
Hello,
I am a freelance graphic designer and a website developer and I can get a very creative logo / brand identity designed for your website / company at a very low price of $75 per logo.
I will provide you with 4 different designs to choose from and then unlimited reasonable revisions for them until you are satisfied with any one of the design for your branding.
The final logo file will be high resolution vector format which you can be used for print / web as per your requirement. I will also provide with a logo guide which you can use as a reference to provide more information about the logo you need. You can also place a logo design request through our online order form below or via email as well.
http://www.ginalogodesigner.com/
Some sample designs are given below for your reference....SPAM, SSCAM, PHISHING DOMAIN(s):
In addition I also do website designing starting at $199 per website and write articles / content for your website at $10 per page of 500 words.
If you need hosting service, our plans start at $2.95 per month and should you want I can also arrange for references as well who can vouch that this is a genuine offer and not a spam. Should you want to see some more of my logo designs / website samples, please do ask for them. I assure you of quality work and do look forward to hearing from you.
Regards,
Gina
www.ginalogodesigner.com
- https://www.virustotal.com/de/url/66e7494410f2b8a583c2a50f7b1c74b2b84da6169de9d12063b33000e0ffac1f/analysis/1387823691/
- https://www.mywot.com/en/scorecard/ginalogodesigner.com
- LISTED AT SPAMHAUS: http://www.spamhaus.org/query/domain/ginalogodesigner.com
- LISTED AT SCUMWARE: http://www.scumware.org/search.scumware
- LISTED AT SURBL: http://www.surbl.org/surbl-analysis
- https://www.virustotal.com/de/url/6b1829d546ba90497f59e1bac1563ea9cdbce9a98e90fbae3883a2d9ce413990/analysis/1387825004/
- https://www.virustotal.com/de/ip-address/118.67.248.167/information/
adlai.freewalt.org
- https://www.virustotal.com/de/url/da8b9ba3d31b4ab147062a5c8e1b3c96f3f2c9836306bbd81b0a856075315931/analysis/1387824104/
- https://www.mywot.com/en/scorecard/adlai.freewalt.org
103.7.207.1
- https://www.virustotal.com/de/url/d0c751ba4e2bbf05289ec16875c26a9a09d5a4aef1577c3a612359b415d227e7/analysis/1387825314/
Email Reputation: Poor
- http://www.senderbase.org/senderbase_queries/detailip?search_string=103.7.207.1
- http://www.spamhaus.org/query/domain/dealfree.org
HAPPY CHRISTMAS: PHISHING, SCAM, SPAM URLs: www.isplifenet.com - 14-tataidc.co.in & several others
POTENTIALLY MALICIOUS SPAM, SCAM, PHISHING SITE:
DOMAIN(s):
IPs ---> DOMAINs:
1)
14-tataidc.co.in: 69.43.160.163
2a)
ww2.14-tataidc.co.in: 208.73.210.82
information.com: 54.208.229.237
oversee.net: 204.13.160.53
3)
otnnetwork.net: 208.73.210.16
4)
spi.domainsponsor.com: 204.13.161.51
5)
p1.dntrck.com: 107.23.206.187
6a)
www.dntx.com: 54.208.38.17
dntx.com: 62.116.130.8
7a)
gw1r.safeinternetads.com: 128.204.198.72
hosted-by.snelis.com: 5.104.225.6
snelis.com: 5.104.225.6
8a)
exclusiverewards.freegamesey.com: 209.222.16.2
www.choopa.com: 64.237.47.23
-------------------------------------------
9)
ocsp.thawte.com: 199.7.48.72
10)
vcgrn.trackvoluum.com: 54.246.173.202
11a)
rewardzone.bestasavingas.com: 217.23.2.245
worldstream.nl: 93.190.136.5
12)
static.rewardzone.bestasavingas.com: 198.105.212.101
13)
bidr.trellian.com: 69.43.160.215
14)
www.newbie-trading.com: 213.175.203.194
15)
r14---sn-aigllne7.googlevideo.com: 74.125.4.179
16)
r1---sn-uxap5nvoxg5-j2il.googlevideo.com: 80.239.174.108
Header Analysis Quick Report
Originating IP: 13.11.20.22
Originating ISP: Xerox Corporation
City: Norwalk
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
www.isplifenet.com
- https://www.virustotal.com/de/url/83a2bf1be9701c6883cec19cb12e72126c6b3aa094443aedc1e8228945860eac/analysis/1387450541/
unsubscribe.isplifenet.com
- https://www.virustotal.com/de/url/a8b3138ffd14b3d2709266e6a93af77e439ad57160a6e1c53259207c0e2dc585/analysis/1387450543/
14-tataidc.co.in
- https://www.virustotal.com/de/url/cebc38f55209a66ca7a399a9fd6b689a70adc70990f8899e16d441314ad4d953/analysis/1387450550/
- https://www.virustotal.com/de/file/2ad60c60be6754ca7a727706a038a4c87f679f9f12de43f793977825693cfc4e/analysis/1387451422/
- http://jsunpack.jeek.org/?report=8e333daedf51fd032e4cc5581052ec42a57ecc95
- https://urlquery.net/report.php?id=8449364
- http://www.spamhaus.org/dbl/removal/record/14-tataidc.co.in
- https://www.mywot.com/en/scorecard/14-tataidc.co.in
- http://quttera.com/detailed_report/14-tataidc.co.in
ww2.14-tataidc.co.in
- https://www.virustotal.com/de/url/b95ff21454f1ebdb3fffce0fd71e2c8f6ce43fa8d2a602c6cb06998c9870b6bd/analysis/1387452324/
otnnetwork.net
- https://www.virustotal.com/de/url/40635e98f9e9a3e150419d3af5671d4cfc7a51bc7c2fa58e80f2986782fad6fc/analysis/1387452535/
- http://www.surbl.org/surbl-analysis
- http://www.malwaredomains.com/
- http://www.mywot.com/en/scorecard/otnnetwork.net
spi.domainsponsor.com
- https://www.virustotal.com/de/url/f565870c0bacdea851e5571ee9f4440eb4f3aad0f2c0817195cf4ced3cf41e99/analysis/1387452634/
- http://hosts-file.net/?s=spi.domainsponsor.com
- https://www.mywot.com/en/scorecard/spi.domainsponsor.com
p1.dntrck.com
- https://www.virustotal.com/de/url/8afebde2e1a8a83b3837e6b1f14a5d734119f61d7f951af3f6a26c390547103e/analysis/1387452717/
- https://www.mywot.com/en/scorecard/p1.dntrck.com
- http://quttera.com/detailed_report/p1.dntrck.com
www.dntx.com
- https://www.virustotal.com/de/url/f7cc059efe657567de6671f3f76727dabae4997d70a01bd53a0257de2e1833e9/analysis/1387452924/
- http://hosts-file.net/?s=dntx.com
- https://www.mywot.com/en/scorecard/dntx.com
gw1r.safeinternetads.com
- https://www.virustotal.com/de/url/117639845a659c313fde22983a46e4488249b57da4bbf3aa6d3e402d4303d0c6/analysis/1387453084/
- http://quttera.com/detailed_report/gw1r.safeinternetads.com
exclusiverewards.freegamesey.com (RBN 138)
- https://www.virustotal.com/de/url/fba0ab5df6ddcb139fdc1eaad0ce0acc631ab5796e64e5a00553f452fd30b941/analysis/1387470817/
- http://trafficlight.bitdefender.com/info?url=http://exclusiverewards.freegamesey.com
ocsp.thawte.com
- https://www.virustotal.com/de/url/4ca0caf577326a1de1a2100716e7bd04082cb3d44ea6a233550e1fa9e9f975ea/analysis/1387453812/
- https://www.mywot.com/en/scorecard/ocsp.thawte.com
vcgrn.trackvoluum.com
- https://www.virustotal.com/de/url/ca0189815c4733156e39fdd3d4376a92ccbc30ec2292ee24c7d53857a7ae02b7/analysis/1387453892/
- http://www.siteadvisor.com/sites/vcgrn.trackvoluum.com
rewardzone.bestasavingas.com
- https://www.virustotal.com/de/url/2d1a7ceaf1bbd072ca6613a4995058067d16094453bf5092256f0a9e9bfbd816/analysis/
- http://trafficlight.bitdefender.com/info?url=http://rewardzone.bestasavingas.com
static.rewardzone.bestasavingas.com
- https://www.virustotal.com/de/url/89c5dff71d710c9a793758f9820ac563d53927984ee16ea3f5eb88adaf0e940a/analysis/1387481019/
- http://trafficlight.bitdefender.com/info?url=http://static.rewardzone.bestasavingas.com
bidr.trellian.com
- https://www.virustotal.com/de/url/33898ecfbb88e9e73f39497a79483b06600b9175c69e446dd3b08b7e5410c0a1/analysis/
- https://www.mywot.com/en/scorecard/bidr.trellian.com
www.newbie-trading.com
- https://www.virustotal.com/de/url/0fda33c577354dba8fafc0c69c37b3008522c1a814f9b1ce24f396348780c24c/analysis/1387456562/
r14---sn-aigllne7.googlevideo.com
- https://www.virustotal.com/de/url/813c9d8a55d01af66b5973074ac14e2f0120a135dcfd2bc8ddba927162849b3f/analysis/1387456805/
r1---sn-uxap5nvoxg5-j2il.googlevideo.com
- https://www.virustotal.com/de/url/b6a019f549cf20558481ace3f7691c9e9b79120bac589311034869c0bacfe5a0/analysis/1387457049/
IPs ---> DOMAINs:
1)
14-tataidc.co.in: 69.43.160.163
- https://www.virustotal.com/de/url/52e7d87c4cdf0ac9061883413b6155a0ab72a0a9001c103f4a615cbbe8290843/analysis/1387455602/
- https://www.projecthoneypot.org/ip_69.43.160.163
- https://www.virustotal.com/de/ip-address/69.43.160.163/information/
2a)
ww2.14-tataidc.co.in: 208.73.210.82
- https://www.virustotal.com/de/url/644a05a90a0ef4f3d7ef48811d4fb8dd47822e399e52f23e3dd10199632c004d/analysis/1387458238/
- https://www.virustotal.com/de/ip-address/208.73.210.82/information/
- https://www.virustotal.com/de/url/e8f4eeba2dac3a5da0e0d47b8be9abe830eff7e5eb6a20436e41857ef9fc5874/analysis/1387458439/
- https://www.virustotal.com/de/url/e6f81a2bf160fc0b03d4a5f9b9bf20e8df1db9dcd7132afb032c74bd14c1709d/analysis/
- https://www.virustotal.com/de/url/f15b51ff5adc0d4ef194cb4e8defc8d18ccb9fa99410505abfd57d42d7c82e49/analysis/1387458701/
- http://www.senderbase.org/lookup/?search_string=208.73.210.82
information.com: 54.208.229.237
- https://www.virustotal.com/de/url/83c3cfeebe61ec3c0f4e9357c4762fb71172e3521e56a397c888fb1843cffe70/analysis/1387466571/
- https://www.mywot.com/en/scorecard/information.com
- http://hosts-file.net/?s=information.com
oversee.net: 204.13.160.53
- https://www.virustotal.com/de/url/d79ba406a18021762f074ff83bf768c5b35e8b6cdb6eb6e11f7cb3ffa51f7159/analysis/1387467268/
- https://www.mywot.com/en/scorecard/oversee.net
- http://hosts-file.net/?s=oversee.net
3)
otnnetwork.net: 208.73.210.16
- https://www.virustotal.com/de/ip-address/208.73.210.16/information/
- https://www.virustotal.com/de/url/23bfc10d15f39cfdd3790669b5c23acecb9f04b255ed30ceb16b2fd518148200/analysis/
4)
spi.domainsponsor.com: 204.13.161.51
- https://www.virustotal.com/de/url/f914c5a0ab5388332b89d0d89732474c01da6ed29231e13446198dc83bc647e6/analysis/1387468194/
- https://www.virustotal.com/de/ip-address/204.13.161.51/information/
5)
p1.dntrck.com: 107.23.206.187
- https://www.virustotal.com/de/url/7ca8bad2dd427c3d5ee77a10b29af0da63025109fe63077b575801b9b4122fee/analysis/1387468593/
6a)
www.dntx.com: 54.208.38.17
- https://www.virustotal.com/de/url/e3593a49a17fbfd20b5a730aa801c440d4a3e8d8846bb6a2e399769225f56ec6/analysis/1387469091/
- http://quttera.com/detailed_report/54.208.38.17
- https://www.virustotal.com/de/file/cb9c22b64d1f1af46600b38bc13eb3f760664ee2ba32cda399af1e1f0464fe28/analysis/
dntx.com: 62.116.130.8
- https://www.virustotal.com/de/url/b7f1c044424b92c7dd2cca5e69e8ac13eacd532247760e7a02da04a76ce3ad19/analysis/1387469465/
- https://www.virustotal.com/de/url/7c2b6eb64df33a6b3080764a920d6b05581284eda231cd8b567fb86b324e94a8/analysis/1387469524/
- https://www.virustotal.com/de/ip-address/62.116.130.8/information/
- https://www.projecthoneypot.org/ip_62.116.130.8
7a)
gw1r.safeinternetads.com: 128.204.198.72
- https://www.virustotal.com/de/url/9dfd48f981ed367ce2506da0dd926a03aaeccf82616f3c11484200cf123b871e/analysis/1387470957/
- http://www.senderbase.org/lookup/?search_string=128.204.198.72
- https://www.virustotal.com/de/url/8aa229442adfec4cf273a588476bd1567221ce7ef5649b40d3e89103df1472e1/analysis/1387471794/
- https://www.virustotal.com/de/url/c33dba36b8e43bb4a6474f2ec0c3f5beefa68bc7ff5f2c7101b7639fcb10adcc/analysis/1387473209/
hosted-by.snelis.com: 5.104.225.6
- https://www.virustotal.com/de/url/12e2db8537dd2fc3420f76ab3d76124e4d89ee90e8b2a8781135a0a8cdb36168/analysis/1387472807/
- http://www.senderbase.org/lookup/host/?search_string=hosted-by.snelis.com
- http://www.malwaredomains.com/
- http://www.dshield.org/suspicious_domains.html#search
- http://sitecheck.sucuri.net/results/hosted-by.snelis.com
snelis.com: 5.104.225.6
- https://www.virustotal.com/de/url/12e2db8537dd2fc3420f76ab3d76124e4d89ee90e8b2a8781135a0a8cdb36168/analysis/1387472807/
- http://sitecheck.sucuri.net/results/snelis.com
- http://quttera.com/detailed_report/snelis.com
8a)
exclusiverewards.freegamesey.com: 209.222.16.2
- https://www.virustotal.com/de/url/e970941401a83d22b197e5b4b76977b1770e8ee762c50c1b89cb12ba9342eb65/analysis/
- https://www.virustotal.com/de/url/530088ff7a44ced367de007cc63560634567a00901eee54101f431d868a72564/analysis/1387474609/
- https://www.mywot.com/en/scorecard/hosted-by.reliablesite.net
- https://www.virustotal.com/de/url/2158f207cd2a11d253f129ed8fc21f96df30b8fe81be9b1d30b1c609241d0ed9/analysis/1387474851/
- https://www.mywot.com/en/scorecard/reliablesite.net
- https://www.virustotal.com/de/url/c2cc2e127f94daa6b89046f4cebdd76f35eaec21e7bcc9254268d38868caaaa1/analysis/1387475338/
www.choopa.com: 64.237.47.23
- https://www.virustotal.com/de/url/daf9829742fcbf9d97f174ab13a4e05d773514d0de92ae9457aae73d3ddadc0b/analysis/1387476198/
- https://www.virustotal.com/de/url/0a1c21aae102da150159cfdf88ec0a25416953d8101424458127404cf904a1c1/analysis/
- https://www.virustotal.com/de/ip-address/64.237.47.23/information/
- http://quttera.com/detailed_report/64.237.47.23
-------------------------------------------
9)
ocsp.thawte.com: 199.7.48.72
- https://www.virustotal.com/de/url/407a618a010795872671e7a882fe2ad4939b68fd484a6edacbb3e718bb4f1081/analysis/1387477362/
10)
vcgrn.trackvoluum.com: 54.246.173.202
- https://www.virustotal.com/de/url/c3f8254938a5999138732c602604aa59ff42ee85193f54cbed9424c310383f63/analysis/1387478173/
11a)
rewardzone.bestasavingas.com: 217.23.2.245
- https://www.virustotal.com/de/url/cdc35a39e44632a1f3e89ce415a28b27ca2335e3ef7ebb99543c8621f21c02da/analysis/1387478662/
- https://www.virustotal.com/de/url/fa690a6ef35209ef852a20f696f7750bc498ea5f5fe252c0d00b1bebf724a2a0/analysis/1387478901/
- https://www.mywot.com/en/scorecard/customer.worldstream.nl
- https://www.virustotal.com/de/url/8ac640f4649ae042143c9749c3924ba6c42f2f19ced19b515ae92f20fc27cfc1/analysis/1387479250/
- http://www.malwaredomains.com/
- https://www.mywot.com/en/scorecard/worldstream.nl
- http://quttera.com/detailed_report/worldstream.nl
- http://www.senderbase.org/lookup/domain/?search_string=worldstream.nl
worldstream.nl: 93.190.136.5
- https://www.virustotal.com/de/url/539941b2536aaeb29e40558a97f30e5b1b4c7aebec741d83bcc3947dfad94c7b/analysis/1387480350/
- https://www.virustotal.com/de/ip-address/93.190.136.5/information/
- http://quttera.com/detailed_report/93.190.136.5
- https://www.mywot.com/en/scorecard/93.190.136.5
12)
static.rewardzone.bestasavingas.com: 198.105.212.101
- https://www.virustotal.com/de/url/cd347941677fae5e62953894293718fea6475c9e98097ce8ab8f25d074022d3c/analysis/1387481172/
13)
bidr.trellian.com: 69.43.160.215
- https://www.virustotal.com/de/url/53bf7c6c15f0950bc94b1c783edfc9b20a34219e7eb96d2665c81d735f76a4f8/analysis/1387481732/
- https://www.virustotal.com/de/ip-address/69.43.160.215/information/
- https://www.virustotal.com/de/url/65d93b29c209a0879bf92e3eae289910a89fa06fbd61906dd66c719a913c73ec/analysis/1387481893/
- http://hosts-file.net/?s=trellian.com
- http://quttera.com/detailed_report/69.43.160.215
- https://www.mywot.com/en/scorecard/trellian.com
- https://www.virustotal.com/de/url/7b46d2ac80262cf01a5b8cca1c60ee03c63bc818c0c1f8f340b2c689068017fb/analysis/1387482135/
14)
www.newbie-trading.com: 213.175.203.194
- https://www.virustotal.com/de/url/cdf2257ff6af306f523439638ceb9c59025dd39e7acf88a864f54f09470b0837/analysis/1387482490/
15)
r14---sn-aigllne7.googlevideo.com: 74.125.4.179
- https://www.virustotal.com/de/url/ca40378c40c566e293fc9d5308d4e319d6f600245c384d5fd8c3b6bdc386aa89/analysis/1387484517/
16)
r1---sn-uxap5nvoxg5-j2il.googlevideo.com: 80.239.174.108
- https://www.virustotal.com/de/url/3506588a00db2e39fe2545dfd9858ad437aed440a99a7083120cd936d1877ca3/analysis/1387484783/
- https://www.virustotal.com/de/url/078b51d98008fdf0de705e16c2fe3c55f43bba1e577af6bfb04a9bfc147e6136/analysis/1387485014/
- http://trafficlight.bitdefender.com/info?url=http://80-239-174-108.customer.teliacarrier.com
- https://www.virustotal.com/de/url/b78c2d9cc6f5e2c7cca0b9b84cf656a08087f8ec96ca716b51b0dd709a544728/analysis/1387484867/
- http://trafficlight.bitdefender.com/info?url=http://customer.teliacarrier.com
Header Analysis Quick Report
Originating IP: 13.11.20.22
Originating ISP: Xerox Corporation
City: Norwalk
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
Abonnieren
Posts (Atom)