Saludos.
-----------------------------
Cita:
hola
tu server aparentemente ha sido hackeado y el datacenter ha bloqueado la ip, para resolverlo tienes que entrar por consola y repararlo. podemos agregar otra ip para que te ande por ssh.
Register Court: Registergericht Ansbach, HRB 3204
Management Board: Dipl. Ing. (FH) Martin Hetzner
Chairwoman of the Supervisory Board: Diana Rothhan
----- attachment -----
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Sat, 30 Jun 2012 08:27:57 +0200
Received: from [212.227.137.126] (helo=mout-eu2.dedicatemail.com)
by lms.your-server.de with esmtp (Exim 4.74)
(envelope-from <[email protected]>)
id 1Skr9x-0000z6-92
for [email protected]; Sat, 30 Jun 2012 08:27:57 +0200
Received: from mout-eu2.dedicatemail.com (localhost.localdomain [127.0.0.1])
by mout-eu2.dedicatemail.com (Postfix) with ESMTP id 165FB27F
for <[email protected]>; Sat, 30 Jun 2012 08:27:49 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=dedicatemail.com; h=date
:to:from:reply-to:subject:message-id:mime-version:content-type;
s=mout; bh=BgFCW2jWIcGwvHOEQEzgJbeE/Qs=; b=1pdCy/5lgsxonsDik2jh
LliPTIIRxktTGhjRuS0CqgOOlOMlyOI04/8qqYByOpFAS4/W0izSgumMuohtvDdM
e/vxa5SmOeWdQ8mh5QU3/6kxzXtJ4FE35zptIVrVm5AOQ1uqFx6LwSlIZtu4/CBH
lwms0OShWPt2F/pqtKndPV0=
Received: from mx01.dedicatemail.com (mail-in.dedicatemail.com [87.106.148.128])
by mout-eu2.dedicatemail.com (Postfix) with ESMTP id 1052626E
for <[email protected]>; Sat, 30 Jun 2012 08:27:49 +0200 (CEST)
Received: from abuse-help.dedicateservices.com (abuse-help.dedicateservices.com [212.227.136.64])
by mx01.dedicatemail.com (Postfix) with ESMTP id EB27D4D2C
for <[email protected]>; Sat, 30 Jun 2012 08:27:48 +0200 (CEST)
Date: Sat, 30 Jun 2012 08:27:48 +0200
To: [email protected]
From: cyscon GmbH - SIRT <[email protected]>
Reply-to: [email protected]
Subject: [SIRT#0000478074] Malicious content (CYSC.HTML.DEF-8) hosted on 178.63.204.168 within your network!
Message-ID: <[email protected] omain>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
Auto-Submitted: auto-generated
X-ARF: YES
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="b1_58f564b796a525540f33a1855965d94d"
X-Virus-Scanned: Clear (ClamAV 0.97.3/15101/Fri Jun 29 23:10:28 2012)
X-Spam-Score: 0.6 (/)
Delivered-To: [email protected]
--b1_58f564b796a525540f33a1855965d94d
Content-Type: text/plain; charset = "utf-8"
Content-Transfer-Encoding: quoted-printable
TO WHOM IT MAY CONCERN:
The security experts of cyscon GmbH like to ask you to remove/review the =
below mentioned file from/on your servers. At least one of our scanners d=
etect it, and we consider it as malicious:=20
################################################## ######################
# begin logs
IP: 178.63.204.168
URL: http://reydecopas.com
Port: 80
Tested on: Sat, 30 Jun 2012 08:27:38 +0200
Result: CYSC.HTML.DEF-8=20
# end logs
################################################## ######################
tu server aparentemente ha sido hackeado y el datacenter ha bloqueado la ip, para resolverlo tienes que entrar por consola y repararlo. podemos agregar otra ip para que te ande por ssh.
Register Court: Registergericht Ansbach, HRB 3204
Management Board: Dipl. Ing. (FH) Martin Hetzner
Chairwoman of the Supervisory Board: Diana Rothhan
----- attachment -----
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Sat, 30 Jun 2012 08:27:57 +0200
Received: from [212.227.137.126] (helo=mout-eu2.dedicatemail.com)
by lms.your-server.de with esmtp (Exim 4.74)
(envelope-from <[email protected]>)
id 1Skr9x-0000z6-92
for [email protected]; Sat, 30 Jun 2012 08:27:57 +0200
Received: from mout-eu2.dedicatemail.com (localhost.localdomain [127.0.0.1])
by mout-eu2.dedicatemail.com (Postfix) with ESMTP id 165FB27F
for <[email protected]>; Sat, 30 Jun 2012 08:27:49 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=dedicatemail.com; h=date
:to:from:reply-to:subject:message-id:mime-version:content-type;
s=mout; bh=BgFCW2jWIcGwvHOEQEzgJbeE/Qs=; b=1pdCy/5lgsxonsDik2jh
LliPTIIRxktTGhjRuS0CqgOOlOMlyOI04/8qqYByOpFAS4/W0izSgumMuohtvDdM
e/vxa5SmOeWdQ8mh5QU3/6kxzXtJ4FE35zptIVrVm5AOQ1uqFx6LwSlIZtu4/CBH
lwms0OShWPt2F/pqtKndPV0=
Received: from mx01.dedicatemail.com (mail-in.dedicatemail.com [87.106.148.128])
by mout-eu2.dedicatemail.com (Postfix) with ESMTP id 1052626E
for <[email protected]>; Sat, 30 Jun 2012 08:27:49 +0200 (CEST)
Received: from abuse-help.dedicateservices.com (abuse-help.dedicateservices.com [212.227.136.64])
by mx01.dedicatemail.com (Postfix) with ESMTP id EB27D4D2C
for <[email protected]>; Sat, 30 Jun 2012 08:27:48 +0200 (CEST)
Date: Sat, 30 Jun 2012 08:27:48 +0200
To: [email protected]
From: cyscon GmbH - SIRT <[email protected]>
Reply-to: [email protected]
Subject: [SIRT#0000478074] Malicious content (CYSC.HTML.DEF-8) hosted on 178.63.204.168 within your network!
Message-ID: <[email protected] omain>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
Auto-Submitted: auto-generated
X-ARF: YES
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="b1_58f564b796a525540f33a1855965d94d"
X-Virus-Scanned: Clear (ClamAV 0.97.3/15101/Fri Jun 29 23:10:28 2012)
X-Spam-Score: 0.6 (/)
Delivered-To: [email protected]
--b1_58f564b796a525540f33a1855965d94d
Content-Type: text/plain; charset = "utf-8"
Content-Transfer-Encoding: quoted-printable
TO WHOM IT MAY CONCERN:
The security experts of cyscon GmbH like to ask you to remove/review the =
below mentioned file from/on your servers. At least one of our scanners d=
etect it, and we consider it as malicious:=20
################################################## ######################
# begin logs
IP: 178.63.204.168
URL: http://reydecopas.com
Port: 80
Tested on: Sat, 30 Jun 2012 08:27:38 +0200
Result: CYSC.HTML.DEF-8=20
# end logs
################################################## ######################
