Jump to content


HelioHost

Member Since 17 May 2012
Offline Last Active Jan 11 2020 07:58 PM
-----

Topics I've Started

[HH#615289] Blocking issue

24 January 2020 - 02:36 PM

Username: shuaibas, Server: Johnny, Main domain: shuaibas.heliohost.org

Hi Support Team ,

Please unblock me. I don't know why i have been blocked? It's urgent please .

Username is : shuaibas
Email :: shuaibaslam2019@hotmail.com

server .. johnny.heliohost.org

Thanks!

Sent from Outlook

[HH#735242] [PL-1488180] Phishing attack(s) hosted on: www.idsma2store.heliohost.org

21 January 2020 - 04:08 AM

Username: N/A, Server: N/A, Main Domain: N/A

During an investigation of fraud, we discovered a compromised website (www.=
idsma2store.heliohost.org) that is being used to attack our client and thei=
r customers.

In addition to the website owner, we have addressed this report to the resp=
onsible authoritative providers who have the ability to disable the malicio=
us content in question. Based on your relationship to the content in questi=
on, please see our specific request below.

This threat has been active for at least 0.1 hours.

hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/index
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/bill.php
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/process.php
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/process2.php
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/done.php
hXXps://www.idsma2store.heliohost.org/US/81562a48de/index?dispatch=3Da5bd24=
e6e7343ad2cd337656bfb02e9e
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/index?dispatch=3Dab6e90=
fe5e601c84406fa5c42090c971
hXXps://www.idsma2store.heliohost.org/US/b323b0adf3/card.php

First detection of malicious activity: 01-21-2020 03:58:34 UTC
Most recent observation of malicious activity: 01-21-2020 04:05:31 UTC
Associated IP Addresses:
65.19.141.67

=3D=3D=3D HOSTING PROVIDER =3D=3D=3D
If you agree that this is malicious, we kindly request that you take steps =
to have the content removed as soon as possible. It is highly likely that =
the intruder who set up this phishing content has also left additional frau=
dulent material on this server such as illegitimate access points.

=3D=3D=3D WEBSITE OWNER =3D=3D=3D
We recommend taking the following actions to secure the web site and preven=
t the attackers from returning:
- Update your web applications including CMS, blog, ecommerce, and othe=
r applications (and all add-on modules/components/plugins).
- Search all of your web directories for suspicious files as attackers =
commonly leave backdoors.
- Scan the computer from which you login to your web hosting control pa=
nel or ftp server with anti-virus software.
- Change your web hosting provider if this is an ongoing issue.

If your provider has disabled your account because of this incident, you mu=
st coordinate a resolution with them directly as PhishLabs has no control o=
ver this aspect.

If we have contacted you in error, or if there is a better way for us to re=
port this incident, please let us know so that we may continue our investig=
ation.

We are grateful for your assistance.

Kind regards,
Pravin Singh
PhishLabs Security Operations
12023866001
Available 24/7

[PL-1488180]

[HH#870714] Change My Password

19 January 2020 - 01:02 PM

Username: ghanshya, Server: Johnny, Main domain: liwebsite.heliohost.org

I many try to open my account with my password
But it's not working.
I can try changing password threw e-mail
But it's doesn't Work.
So please help for changing password.

[HH#949650] Account Renew or Reactivate

18 January 2020 - 12:12 PM

Username: rds1107, Server: Johnny, Main domain: rds1107.heliohost.org

Hi,
I am user of your hosting site at www.heliohost.org. But couple of
months i could not login to my hosting account due to which my account is
deactivated.
Hosting Addr : www.rds1107.heliohost.org
subdomain : rds1107
username : srmarohit@gmail.com

So, i kindly request you to reactivate my account as soon as possible.

--
*Rohit Sharma*

[HH#521635] Issue 7985264: phishing attack at hxxps://ykebede.heliohost[.]org/oq/anothe...

17 January 2020 - 03:02 PM

Username: N/A, Server: N/A, Main Domain: N/A

Dear Sir or Madam,

We have discovered a phishing attack located on your network:

hxxps://ykebede.heliohost[.]org/oq/another.php?email=3D [65.19.141.67]
hxxps://ykebede.heliohost[.]org/oq/redirect.php [65.19.141.67]

We believe that this attack is being restricted so it is only visible from =
certain countries. Before deciding that the attack has been resolved please=
confirm it cannot be viewed from the following countries:
South Africa

This attack targets our customer, Microsoft, website URL https://incident.net...m/a11a843a81dd/

Many thanks,

Netcraft

Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 7985264

To contact us about updates regarding this attack, please respond to this e=
mail. Please note: replies to this address will be logged, but aren't alway=
s read. If you believe you have received this email in error, or you requir=
e further support, please contact: takedown@netcraft.com.

This mail can be parsed with x-arf tools. Visit http://www.xarf.org/ for mo=
re information about x-arf.