anghelina Posted July 22, 2016 Share Posted July 22, 2016 a. anghelinab. steviec. antiquariato-it.com My account was likely to be suspended without e-mail notification.Please, reactivate it. Link to comment Share on other sites More sharing options...
Byron Posted July 22, 2016 Share Posted July 22, 2016 That's not the username for that account. Link to comment Share on other sites More sharing options...
anghelina Posted July 22, 2016 Author Share Posted July 22, 2016 Sorry, I misspelled the HelioHost username in the thread title. It should be named Suspended: AnghelinaThe rest of the data is correct.Could you please reactivate the account? Link to comment Share on other sites More sharing options...
Byron Posted July 22, 2016 Share Posted July 22, 2016 That's still the wrong username and that account was suspended for spam. Link to comment Share on other sites More sharing options...
Krydos Posted July 22, 2016 Share Posted July 22, 2016 We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From scomp@aol.net Wed Jul 13 11:07:36 2016 Return-Path: <scomp@aol.net> X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from smr-a01e.mx.aol.com (smr-a01e.mx.aol.com [204.29.186.241]) by abuse.he.net (Postfix) with ESMTPS id 133EB54011B for <report@abuse.he.net>; Wed, 13 Jul 2016 11:07:36 -0700 (PDT) Received: from scmp-m008.mail.aol.com (scmp-m008.mail.aol.com [172.29.110.249]) by smr-a01e.mx.aol.com (AOL Mail Bouncer) with ESMTP id 6B7E638000BB for <report@abuse.he.net>; Wed, 13 Jul 2016 14:07:35 -0400 (EDT) Received: from scomp@aol.net by scmp-m008.mail.aol.com; Wed, 13 Jul 2016 14:07:33 EDT To: report@abuse.he.net From: scomp@aol.net Date: Wed, 13 Jul 2016 14:07:33 EDT Subject: Email Feedback Report for IP 65.19.143.2 MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="boundary-1138-29572-2659438-7973" X-AOL-INRLY: stevie.heliohost.org [65.19.143.2] scmp-m008 X-Loop: scomp --boundary-1138-29572-2659438-7973 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message with the message-id of E1bNNoj-0007l3-Cb@stevie.heliohost.org received from IP address 65.19.143.2 on Wed, 13 Jul 2016 13:19:11 -0400 (EDT) For information, please review the top portion of the following page: http://postmaster.aol.com/Postmaster.FeedbackLoop.php For information about AOL E-mail guidelines, please see http://postmaster.aol.com/Postmaster.Guidelines.php If you would like to cancel or change the configuration for your FBL please use the tool located at: http://postmaster.aol.com/SupportRequest.FBL.php --boundary-1138-29572-2659438-7973 Content-Disposition: inline Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Wed, 13 Jul 2016 13:19:11 -0400 (EDT) Source-IP: 65.19.143.2 Reported-Domain: stevie.heliohost.org Redacted-Address: redacted Redacted-Address: redacted@ --boundary-1138-29572-2659438-7973 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <abroskin@stevie.heliohost.org> Received: from stevie.heliohost.org (stevie.heliohost.org [65.19.143.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaig-aan04.mx.aol.com (Internet Inbound) with ESMTPS id D6778700000AB for <redacted>; Wed, 13 Jul 2016 13:19:11 -0400 (EDT) Received: from abroskin by stevie.heliohost.org with local (Exim 4.82) (envelope-from <abroskin@stevie.heliohost.org>) id 1bNNoj-0007l3-Cb for redacted; Wed, 13 Jul 2016 10:18:59 -0700 To: redacted@aol.com Subject: Hi Pamla Young X-cpchn: dpupsxszbirlrqzjtksicufiofoqjlr X-sdoyaxjgaxxc: qndgyfpoejtcn X-kuhpwsiioem: mdumjsuiuaxjiolurwglzkmlvxz X-vzbsabunbkawwg: iupuczriyeozftpsrel X-ukeszcoam: ckkrpxkvdtandifnwzxhciccjl X-laeughsxzdjbwbxno: qthjxizztaycfd Message-Id: <E1bNNoj-0007l3-Cb@stevie.heliohost.org> From: abroskin@stevie.heliohost.org Date: Wed, 13 Jul 2016 10:18:59 -0700 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - stevie.heliohost.org X-AntiAbuse: Original Domain - aol.com X-AntiAbuse: Originator/Caller UID/GID - [5080 32003] / [47 12] X-AntiAbuse: Sender Address Domain - stevie.heliohost.org X-Get-Message-Sender-Via: stevie.heliohost.org: authenticated_id: abroskin/primary_hostname/system user X-Source: /usr/bin/php X-Source-Args: /usr/bin/php /home1/abroskin/public_html/formatting-heaps.php X-Source-Dir: antiquariato-it.com:/public_html x-aol-global-disposition: G X-AOL-SCOLL-DMARC: mtaig-aan04.mx.aol.com ; domain : stevie.heliohost.org ; policy : none ; result : F Authentication-Results: mx.aol.com; spf=none (aol.com: the domain stevie.heliohost.org appears to have no SPF Record.) smtp.mailfrom=stevie.heliohost.org; dmarc=fail (aol.com: the domain stevie.heliohost.org reports that Neither SPF nor DKIM align.) header.from=stevie.heliohost.org; x-aol-sid: 3039ac1b13465786780f7274 X-AOL-IP: 65.19.143.2 X-AOL-SPF: domain : stevie.heliohost.org SPF : none Pamla Young, you are considered approved for no fax Cash Advance from $200 to $1000 Click to Apply Now http://antiquariato-it.com/formatting-heaps.php?xmlkhzz=aHR0cDovL2dldGxvYW5zZmFzdC50b3AvP2w9TkhaenJBc2VuYUFWWVMzUVY2VV9jRVdBS0tOZVJiMU8ybFg5bFMtb0F1az0= Indiana 46816, USA - 2016 Wed 13:19:00 13 Jul --boundary-1138-29572-2659438-7973-- Link to comment Share on other sites More sharing options...
anghelina Posted July 23, 2016 Author Share Posted July 23, 2016 How can I fix it, if I am deprived of access to the site content? Link to comment Share on other sites More sharing options...
Krydos Posted July 23, 2016 Share Posted July 23, 2016 As you can see in the spam report someone was sending emails with this file on your account: /home1/abroskin/public_html/formatting-heaps.php Someone has compromised your account. I strongly recommend deleting everything from public_html and setting it all up again. You should also change all of your passwords. You need to fix this immediately. If you get suspended for spam again you will most likely not get another chance. Your account is now unsuspended. Let us know if you need any additional help. Link to comment Share on other sites More sharing options...
anghelina Posted July 25, 2016 Author Share Posted July 25, 2016 Thank you so much!I've fulfilled all your recommendations.Meanwhile, I am puzzled with the means my account was hacked with and try to seal all the possible security holes to avoidsuch an incident in the future.Could the hacker sneak into my site through the mail form driven with mailer.php? Link to comment Share on other sites More sharing options...
Recommended Posts