myLocAbuse — [#myLocAbuse-INC-I535bg9eHjHz]

[ SpamCop V5.4.0 ]
This message is brief for your comfort. Please use links below for details.

Email from 89.163.247.40 / Sat, 14 Aug 2021 07:35:47 -0700
https://www.spamcop.net/w3m?i=z7135766111zae4d90a67d69a3ef9b44694376262a64z
[ Comments from recipient regarding 89.163.247.40 ]
> Do not share my identity with the customer who sent this unsolicited bulk email.
>
> You can forward this report to the customer if there is no information that can be used by a person of reprehensible character to attack me or my email address.
>
> Sie können diesen Bericht an den Kunden weiterleiten, wenn keine Informationen vorhanden sind, die von einer Person mit verwerflichem Charakter verwendet werden können, um mich oder meine E-Mail-Adresse anzugreifen.
>
> On 14 Aug 2021 at 07:35:48 -0700 (PDT) someone abusing the email source IP address 89.163.247.40 sent this unsolicited phishing email spoofing Cisco Systems to fraudulently capture sensitive information from current and potential Cisco Systems customers. The email’s content appears to be hidden on an exploited host at 89.163.247.40 (dunnite.org.uk) in order to avoid discovery by email servers’ spam, phishing, and malware detectors. The email code itself also contained over 5KB of text strings concerning random topics unrelated to the email’s topic to further escape discovery. This same content was sent from and hosted on a different IP address on a different network yesterday, which like this one was also not owned by Cisco. No legitimate business email would have reason to go to such lengths to hide its content.

Spamvertised web site: http://dunnite.org.uk/rdef2.php?32=1o315c224248b095b.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40a1MfO
https://www.spamcop.net/w3m?i=z7135766112z97f3ab898d025e65b681b29599f9b1fbz
[ Additional links on dunnite.org.uk: ]
http://dunnite.org.uk/r1f90.php?32=1o31604ba92533c73_0sw4.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40t59rh
http://dunnite.org.uk/rdef2.php?32=1o315c224248b095b.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40a1MfO
http://dunnite.org.uk/re37c.php?32=1o31610af6663666d.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40p49bd
http://dunnite.org.uk/rdef2.php?32=1o315c224248b095b.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40a1MfO is 89.163.247.40; Sat, 14 Aug 2021 16:20:03 GMT
[ Comments from recipient regarding http://dunnite.org.uk/rdef2.php?32=1o315c224248b095b.9e1z2ues.A00xarfmhn11pzk7qa_l21040.go7r0Y2lteDkxY3E3dHA40a1MfO ]
> Do not share my identity with the customer who sent this unsolicited bulk email.
>
> You can forward this report to the customer if there is no information that can be used by a person of reprehensible character to attack me or my email address.
>
> Sie können diesen Bericht an den Kunden weiterleiten, wenn keine Informationen vorhanden sind, die von einer Person mit verwerflichem Charakter verwendet werden können, um mich oder meine E-Mail-Adresse anzugreifen.
>
> On 14 Aug 2021 at 07:35:48 -0700 (PDT) someone abusing the email source IP address 89.163.247.40 sent this unsolicited phishing email spoofing Cisco Systems to fraudulently capture sensitive information from current and potential Cisco Systems customers. The email’s content appears to be hidden on an exploited host at 89.163.247.40 (dunnite.org.uk) in order to avoid discovery by email servers’ spam, phishing, and malware detectors. The email code itself also contained over 5KB of text strings concerning random topics unrelated to the email’s topic to further escape discovery. This same content was sent from and hosted on a different IP address on a different network yesterday, which like this one was also not owned by Cisco. No legitimate business email would have reason to go to such lengths to hide its content.

[ Additional comments from recipient ]
> Do not share my identity with the customer who sent this unsolicited bulk email.
>
> You can forward this report to the customer if there is no information that can be used by a person of reprehensible character to attack me or my email address.
>
> Sie können diesen Bericht an den Kunden weiterleiten, wenn keine Informationen vorhanden sind, die von einer Person mit verwerflichem Charakter verwendet werden können, um mich oder meine E-Mail-Adresse anzugreifen.
>
> On 14 Aug 2021 at 07:35:48 -0700 (PDT) someone abusing the email source IP address 89.163.247.40 sent this unsolicited phishing email spoofing Cisco Systems to fraudulently capture sensitive information from current and potential Cisco Systems customers. The email’s content appears to be hidden on an exploited host at 89.163.247.40 (dunnite.org.uk) in order to avoid discovery by email servers’ spam, phishing, and malware detectors. The email code itself also contained over 5KB of text strings concerning random topics unrelated to the email’s topic to further escape discovery. This same content was sent from and hosted on a different IP address on a different network yesterday, which like this one was also not owned by Cisco. No legitimate business email would have reason to go to such lengths to hide its content.
[ Offending message ]
Delivered-To: x
Received: by 2002:a5d:4521:0:0:0:0:0 with SMTP id j1csp185127wra;
Sat, 14 Aug 2021 07:35:48 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwSP69suBw3ZzLcomCRLeDjqMYTq9ylYF6hMLd/UOGD7wswUVoJaGom7/jjsT+dhYKpZ4rz
X-Received: by 2002:a17:906:a24c:: with SMTP id bi12mr7771965ejb.530.1628951747906;
Sat, 14 Aug 2021 07:35:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1628951747; cv=none;
d=google.com; s=arc-20160816;
b=F3nOU7OW1mLmLoEKxth/TwcvWOA/Lgjim3x9FGoc5GFeN6KWXwRa53wZoaWBDDHISG
M9W9uZDFbjaVbB5Qt5nPM2rmuFV1y3N8NRErk5WVwhDD1OWIt0WqB2bJCF5ALIrlKEhf
2fkvt4HuteqY6hYdXIiG5RiWM4GJ1v3Lt8xzw6d7Lw7hRmiPi4Q5LM3jxRz1QG/hgtx/
t8C7MpXwyfpeyWsyoNalZlcEAWIyuSBJ7LCbms/nB05pzanQsz9hKcpKf6Iu+PzcS7Ce
TkDKakqnHeOIeM4LavUr50gTvqR4ERCWv4YnbRrWwChsN0WQMTe2cP4eeno9ylQYJ3Oy
jhrQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=date:references:mime-version:in-reply-to:subject:from:to
:mime-version:message-id:domainkey-signature:dkim-signature;
bh=dW6QHy3ppEsXO9HDho1qw4ZZQBKUXm/MT2RFoKArWIo=;
b=M0eK35MLlHrcdLcJfrLiesvxXjYqND2AP25BllQMWepHO6C/HuXDJwiomwJFNBlQrX
W1k8YkZoAduj8+P2j/yyJgO7hXfVcXAiRwdJjddW5m2nshofBTqs5KvULMnLC9cezX6C
YdLa51f2qEyGZbG2Q0mxKw7uYBWJJqBWRbJb1EwWIZBcdgqO1wTbWmMyFuZNnHCFxfb7
Qd8rpT8cqsnvSyiuZZcah+aPU0HXE1bLwJZdiByGbI2jvUGdttl9J/RgEpV80c+GCYRt
zH0mILMNHDrt+E2apl4Z3ciaAt/+yjj+Q0joTYDhVr8HiiWljpMkL+mODAZfVFBvpn7V
yZGw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@dunnite.org.uk header.s=SELECTOR1 header.b=»jWEpy/2p»;
spf=pass (google.com: domain of return@dunnite.org.uk designates 89.163.247.40 as permitted sender) smtp.mailfrom=return@dunnite.org.uk
Return-Path: <return@dunnite.org.uk>
Received: from dunnite.org.uk (dunnite.org.uk. [89.163.247.40])
by mx.google.com with ESMTP id cx28si5208599edb.322.2021.08.14.07.35.47
for ;
Sat, 14 Aug 2021 07:35:47 -0700 (PDT)
Received-SPF: pass (google.com: domain of return@dunnite.org.uk designates 89.163.247.40 as permitted sender) client-ip=89.163.247.40;
Authentication-Results: mx.google.com;
dkim=pass header.i=@dunnite.org.uk header.s=SELECTOR1 header.b=»jWEpy/2p»;
spf=pass (google.com: domain of return@dunnite.org.uk designates 89.163.247.40 as permitted sender) smtp.mailfrom=return@dunnite.org.uk
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=SELECTOR1; d=dunnite.org.uk;
h=Message-ID:Mime-Version:To:From:Subject:In-Reply-to:MIME-Version:References:Date:Content-Type; i=admin.4Ujh@dunnite.org.uk;
bh=flGnXHok0+Rtfdq4zm+owYt4SUY=;
b=jWEpy/2pkWS3+n78MhfzgrAfolrZkkUJ7DZ8pujyMFKo4VtfQJ5itFVyQjAkYunP5P245Y1wRaZ8
YiXip6QpCYNvwKxqTUKkoMLln1qAlHerdZv4QrjQQOZTaVMkqMAzNb9CsqgfZ8q9X0INGRpeWHyj
V/lY8cQcpb6lA29FmRQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=SELECTOR1; d=dunnite.org.uk;
b=wbh9VqiRFOsR4YIMO9cwYIFl+9YfHMsNK94x5G7WZI3mhFoW9x4n8r+pwLet/xHS2/hrZF6Q9M2u
j75T4O9OdqMUr3DhMv4nd9TzUd6nNtOccmQIbXZf/Ea6Gy237ywt+j172I6bS0pqxmFAKnMx+JbW
gLEhBpjsQmWSjxvLWYE=;
Received: from dunnite.org.uk (127.0.0.1) by dunnite.org.uk id h2vac616lt03 for ; Sat, 14 Aug 2021 10:16:48 -0400 (envelope-from <return@dunnite.org.uk>)
Message-ID: <=?UT_________________________________________________9898@dunnite.org.uk>
MIME-Version: 1.0
To: x
From: «*YOu’reApproVeD*» <admin.4ujh@dunnite.org.uk>
Subject: Re kentchristopherdavi Please confirm your registration!
In-Reply-to: x
Mime-Version: 1.0
References: x
X-Originating-IP: 89.163.247.40
X-ListMember: x
Return-Path: admin.0sPrBw9cL62oB99@return@dunnite.org.uk
Date: __smptDate
x-mid: 910378
Content-Type: multipart/alternative; boundary=»—-=_Part_8854546565_2032323.002313215415421«

Добавить комментарий

Ваш адрес email не будет опубликован.