Jump to content

Search the Community

Showing results for tags 'SPAM'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General Discussion
    • Website Management and Coding
    • Technology and the Internet
    • Philosophy, Politics, and Science
    • Art and Entertainment
    • Other Discussion
  • HelioHost
    • Questions
    • Customer Service
    • How You Can Help
  • HelioNet
    • News
    • Contact HelioNet

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 9 results

  1. Was wondering what address invites are coming from so I can add it to be sure an invite doesn't end up lost in my spam folder.
  2. Stevie is once again blacklisted and major email providers are refusing mail originating from Stevie! It seems that CBL has us blacklisted for CryptPHP. See: http://cbl.abuseat.org/lookup.cgi?ip=65.19.143.2
  3. Stevie is once again blacklisted and major email providers are refusing mail originating from Stevie!
  4. Stevie is blacklisted again. Could / would Heliohost admins setup a blacklist watch for the Heliohost servers ... , and upon receiving an alert start the delisting process ? That would be more efficient than waiting for users to be impacted and report the blacklisting in this forum. Alert History Status Name Description TimeStamp 65.19.143.2 Blacklist Added to INPS_DE 3/17/2015 7:08:58 AM 65.19.143.2 Blacklist Removed from CBL 3/12/2015 6:37:17 AM 65.19.143.2 Blacklist Removed from Spamhaus ZEN 3/12/2015 6:37:17 AM 65.19.143.2 Blacklist Added to CBL 3/10/2015 6:13:34 AM 65.19.143.2 Blacklist Added to Spamhaus ZEN 3/10/2015 6:13:34 AM 65.19.143.2 Blacklist Removed from LASHBACK 1/9/2015 4:18:33 AM 65.19.143.2 Blacklist Added to LASHBACK 1/2/2015 4:18:37 AM 65.19.143.2 Blacklist Removed from CBL 12/2/2014 11:22:17 AM 65.19.143.2 Blacklist Removed from Spamhaus ZEN 12/2/2014 11:22:17 AM 65.19.143.2 Blacklist Added to CBL 11/28/2014 2:08:00 AM 65.19.143.2 Blacklist Added to Spamhaus ZEN 11/28/2014 2:08:00 AM
  5. Emails are bouncing off hotmail because 65.19.143.2 is blacklisted on Spamhaus and CBL. Spamhaus report 65.19.143.2 is listed in the XBL, because it appears in CBL CBL Reports: IP Address 65.19.143.2 is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet. It was last detected at 2015-03-08 20:00 GMT (+/- 30 minutes), approximately 1 days, 15 hours ago. Due to how these infections are being delisted without being corrected, you cannot delist this IP address until there's been at least 48 hours of no-relisting. The host at this IP address is infected with the CryptPHP PHP malware. CryptoPHP is a threat that uses backdoored Joomla, WordPress andn Drupal themes and plug-ins to compromise webservers on a large scale. More information about this threat can be found on the referenced link below. Fox-IT: CryptoPHP - Analysis of a hidden threat inside popular content management systems Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign This infection almost certainly means that the infected web site has used pirated plugins from the nulledstylez.com, dailynulled.com sites or some other site that specializes in providing "nulled" (pirated) software. Fox-IT's research has shown that every pirated theme or plug-in on these two sites has been infested with the cryptophp malware. This was detected by a TCP connection from 65.19.143.2 on port 34915 going to IP address 192.42.116.41 (the sinkhole) on port 80. The botnet command and control domain for this connection was "kelmanstar.biz". Behind a NAT, you should be able to find the infected machine by looking for attempted connections to IP address 192.42.116.41 or host name kelmanstar.biz on any port with a network sniffer such as wireshark or by configuring the router to block and log such connections. Equivalently, you can examine your DNS server or proxy server logs to references to 192.42.116.41 or kelmanstar.biz. See Advanced Techniques for more detail on how to use wireshark - ignore the references to port 25/SMTP traffic - the identifying activity is NOT on port 25. This detection corresponds to a connection at 2015-03-08 20:20:11 (GMT - this timestamp is believed accurate to within one second). Fox-IT has published a new blog item on this infection. Fox-IT has written two Python scripts that should be very good at finding these infections: check_url.py and check_filesystems.py. The first script scans a web site to find the infection, the second is used for scanning the web site's filesystem to find the infection. Please go to the above Fox-IT link to obtain these scripts and further instructions. Fox-IT recommends that you should NOT try to "repair" the infection. The infected account should be reinstalled from scratch. I shall repeat the previous paragraph: removing the "social.png" file DOES NOT remove the infection. "social.png" is only just one small piece of it. The infected account should be reinstalled from scratch. This listing cannot be delisted until at least 48 hours (2 days) have elapsed from the last listing. In 2 days from the above listing timestamp, come back here and you'll be able to delist this IP.
  6. 65.19.143.2 Blacklist blacklist:65.19.143.2 On LASHBACK The Lashback Unsubscribe Blacklist (UBL) typically suggests that your network was subjected to a possible directory harvesting attack where some...More Alert History Name Description TimeStamp 65.19.143.2 Blacklist Added to LASHBACK 1/2/2015 4:18:37 AM 65.19.143.2 Blacklist Removed from CBL 12/2/2014 11:22:17 AM 65.19.143.2 Blacklist Removed from Spamhaus ZEN 12/2/2014 11:22:17 AM 65.19.143.2 Blacklist Added to CBL 11/28/2014 2:08:00 AM 65.19.143.2 Blacklist Added to Spamhaus ZEN 11/28/2014 2:08:00 AM
  7. Just sent an email from one of my domain accounts to a Yahoo address and the message was returned to sender ("Mail delivery failed: returning message to sender") with the following explanation: "Connections will not be accepted from 65.19.143.2, because the ip is in Spamhaus's list." I went to Spamhaus and entered the IP address (which belongs to the Stevie server). Here's the result: I assume you will take care of this and there's nothing for me to do?
  8. Hello, I have a problem with MySQL innoDB tables. This happens after Stevie was crashed. Now all InnoDB tables are not accessible with error message: Unknown table engine 'InnoDB'. Thanks in advance!
  9. Seems like stevvie has been listed with spamcop. See link below: http://www.spamcop.net/bl.shtml?65.19.143.2 This entails that emails are being refused by a number of providers whilst the listing is active. Anybody knows of a workaround?
×
×
  • Create New...