polonus
12
Consider this abuse from IP: http://www.projecthoneypot.org/ip_142.4.201.113
Sending unsolicited commercial or bulk e-mail to Microsoft’s computer network is prohibited.
The block could very well be spam related! *
This site check an sich was clean:
Checking: http://urlquery.net/javascript/jquery-ui-1.9.2.custom.min.js?id=7519818
File size: 232.23 KB
File MD5: 7368211102cd69dfb5930379c7948a0e
I get this response from websniffer:
]
See decoded files info here: http://jsunpack.jeek.org/?report=5ee9d403d5b43e293e89dd412ef10b0cc3b1912d
Seems site has been compromised!
Header returned by request for: htxp://AMAZE.HOSTOXIDE.COM/cgi-sys/defaultwebpage.cgi -> 142.4.202.42
Content after the < /html> tag should be considered suspicious.
57:
Host not fopund by DNS → http://www.dnscolos.com/dnsreport.php
Failed Parent nameservers HOSTOXIDE.COM Your NS records at the parent server are:
Failed Nameservers for domain in DNS HOSTOXIDE.COM Your NS records at your nameservers are:Mailserver connection test
HELO, MAIL FROM, RCPT TO, QUIT Connect to mailserver c02d7ea975f30549ebe862c3093658.pamx1.hotmail.COM FAILED (could be greylisting)
550 Requested action not taken: mailbox unavailable
Mailserver greeting The server should have an A record which points to the mailserver for the hostname
which is presented in the greeting
c02d7ea975f30549ebe862c3093658.pamx1.hotmail.COM
220 BAY0-PAMC1-F6.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft’s computer network is prohibited.
polonus