amirasamy Posted September 20, 2016 Posted September 20, 2016 HelioHost username: amirasamServer: StevMain domain: amirasamy.com Tried reactivating my account via the automated script but it says that username is not inactive. yet when checking for its status it says Your account has been suspended.
wolstech Posted September 20, 2016 Posted September 20, 2016 You were suspended for sending spam. Krydos or Byron may have more information since I'm unable to find an abuse report your incident.
Krydos Posted September 20, 2016 Posted September 20, 2016 We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From scomp@aol.net Mon Sep 5 11:37:21 2016 Return-Path: <scomp@aol.net> X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from smr-m05.mx.aol.com (smr-m05e.mx.aol.com [204.29.186.194]) by abuse.he.net (Postfix) with ESMTPS id 151BD5400E3 for <report@abuse.he.net>; Mon, 5 Sep 2016 11:37:21 -0700 (PDT) Received: from scmp-m012.mail.aol.com (scmp-m012.mail.aol.com [172.26.180.20]) by smr-m05.mx.aol.com (AOL Mail Bouncer) with ESMTP id 6EC49380012F for <report@abuse.he.net>; Mon, 5 Sep 2016 14:37:20 -0400 (EDT) Received: from scomp@aol.net by scmp-m012.mail.aol.com; Mon, 05 Sep 2016 14:37:19 EDT To: report@abuse.he.net From: scomp@aol.net Date: Mon, 05 Sep 2016 14:37:19 EDT Subject: Email Feedback Report for IP 65.19.143.2 MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="boundary-1138-29572-2659438-6783" X-AOL-INRLY: stevie.heliohost.org [65.19.143.2] scmp-m012 X-Loop: scomp --boundary-1138-29572-2659438-6783 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message with the message-id of 393f84966285b3604b014dffd5ee118e@amirasamy.com received from IP address 65.19.143.2 on Mon, 5 Sep 2016 12:59:14 -0400 (EDT) For information, please review the top portion of the following page: http://postmaster.aol.com/Postmaster.FeedbackLoop.php For information about AOL E-mail guidelines, please see http://postmaster.aol.com/Postmaster.Guidelines.php If you would like to cancel or change the configuration for your FBL please use the tool located at: http://postmaster.aol.com/SupportRequest.FBL.php --boundary-1138-29572-2659438-6783 Content-Disposition: inline Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Mon, 5 Sep 2016 12:59:14 -0400 (EDT) Source-IP: 65.19.143.2 Reported-Domain: stevie.heliohost.org Redacted-Address: redacted Redacted-Address: redacted@ --boundary-1138-29572-2659438-6783 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <elena_graham@amirasamy.com> Received: from stevie.heliohost.org (stevie.heliohost.org [65.19.143.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaig-mba01.mx.aol.com (Internet Inbound) with ESMTPS id 6654A7000009D for <redacted>; Mon, 5 Sep 2016 12:59:14 -0400 (EDT) Received: from amirasam by stevie.heliohost.org with local (Exim 4.82) (envelope-from <elena_graham@amirasamy.com>) id 1bgxG5-0007Ah-TU for redacted; Mon, 05 Sep 2016 10:00:35 -0700 To: redacted@aol.com Subject: Creampie pussy shot sure will. Part 3 Date: Mon, 5 Sep 2016 11:00:33 -0600 From: Elena Graham <elena_graham@amirasamy.com> Message-ID: <393f84966285b3604b014dffd5ee118e@amirasamy.com> X-Priority: 3 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="b1_393f84966285b3604b014dffd5ee118e" Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - stevie.heliohost.org X-AntiAbuse: Original Domain - aol.com X-AntiAbuse: Originator/Caller UID/GID - [4369 32003] / [47 12] X-AntiAbuse: Sender Address Domain - amirasamy.com X-Get-Message-Sender-Via: stevie.heliohost.org: authenticated_id: amirasam/from_h X-Source: /usr/bin/php X-Source-Args: /usr/bin/php /home/amirasam/public_html/wp-includes/images/media/ajax23.php X-Source-Dir: amirasamy.com:/public_html/wp-includes/images/media x-aol-global-disposition: G Authentication-Results: mx.aol.com; spf=none (aol.com: the domain amirasamy.com appears to have no SPF Record.) smtp.mailfrom=amirasamy.com; x-aol-sid: 3039ac1a856157cda4617592 X-AOL-IP: 65.19.143.2 X-AOL-SPF: domain : amirasamy.com SPF : none --b1_393f84966285b3604b014dffd5ee118e Content-Type: text/plain; charset=us-ascii Emma Mae is blonde slim girl and she's praticing handjob [ http://swistaktrains.com/session.php?f=119&hY=nU3uXr5F1GURXhGPQ&87A=CEE&8HMB=v ] The video is here. --b1_393f84966285b3604b014dffd5ee118e Content-Type: text/html; charset=us-ascii <html> <body> <div style="font-family:Arial,sans-serif;color:#000000;font-size:14px;"> Emma Mae is blonde slim girl and she's praticing handjob <a href="http://swistaktrains.com/session.php?f=119&hY=nU3uXr5F1GURXhGPQ&87A=CEE&8HMB=v">The video is here.</a> </div> </body> </html> --b1_393f84966285b3604b014dffd5ee118e-- --boundary-1138-29572-2659438-6783-- We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From scomp@aol.net Mon Sep 5 19:44:41 2016 Return-Path: <scomp@aol.net> X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from smr-m03.mx.aol.com (smr-m03e.mx.aol.com [204.29.186.195]) by abuse.he.net (Postfix) with ESMTPS id 46DB054012D for <report@abuse.he.net>; Mon, 5 Sep 2016 19:44:41 -0700 (PDT) Received: from scmp-m003.mail.aol.com (scmp-m003.mail.aol.com [172.26.254.234]) by smr-m03.mx.aol.com (AOL Mail Bouncer) with ESMTP id 50EC33800246 for <report@abuse.he.net>; Mon, 5 Sep 2016 22:44:35 -0400 (EDT) Received: from scomp@aol.net by scmp-m003.mail.aol.com; Mon, 05 Sep 2016 22:44:32 EDT To: report@abuse.he.net From: scomp@aol.net Date: Mon, 05 Sep 2016 22:44:32 EDT Subject: Email Feedback Report for IP 65.19.143.2 MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="boundary-1138-29572-2659438-7097" X-AOL-INRLY: stevie.heliohost.org [65.19.143.2] scmp-m003 X-Loop: scomp --boundary-1138-29572-2659438-7097 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message with the message-id of 2b1191136e3272e461fc9c17a877a7d8@amirasamy.com received from IP address 65.19.143.2 on Mon, 5 Sep 2016 02:07:40 -0400 (EDT) For information, please review the top portion of the following page: http://postmaster.aol.com/Postmaster.FeedbackLoop.php For information about AOL E-mail guidelines, please see http://postmaster.aol.com/Postmaster.Guidelines.php If you would like to cancel or change the configuration for your FBL please use the tool located at: http://postmaster.aol.com/SupportRequest.FBL.php --boundary-1138-29572-2659438-7097 Content-Disposition: inline Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Mon, 5 Sep 2016 02:07:40 -0400 (EDT) Source-IP: 65.19.143.2 Reported-Domain: stevie.heliohost.org Redacted-Address: redacted Redacted-Address: redacted@ --boundary-1138-29572-2659438-7097 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <hilda_greer@amirasamy.com> Received: from stevie.heliohost.org (stevie.heliohost.org [65.19.143.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaig-mbd01.mx.aol.com (Internet Inbound) with ESMTPS id 8220E70000092 for <redacted>; Mon, 5 Sep 2016 02:07:40 -0400 (EDT) Received: from amirasam by stevie.heliohost.org with local (Exim 4.82) (envelope-from <hilda_greer@amirasamy.com>) id 1bgn4a-00062Q-HU for redacted; Sun, 04 Sep 2016 23:08:00 -0700 To: redacted@aol.com Subject: info Date: Sun, 4 Sep 2016 23:08:00 -0700 From: Hilda Greer <hilda_greer@amirasamy.com> Message-ID: <2b1191136e3272e461fc9c17a877a7d8@amirasamy.com> X-Priority: 3 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="b1_2b1191136e3272e461fc9c17a877a7d8" Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - stevie.heliohost.org X-AntiAbuse: Original Domain - aol.com X-AntiAbuse: Originator/Caller UID/GID - [4369 32003] / [47 12] X-AntiAbuse: Sender Address Domain - amirasamy.com X-Get-Message-Sender-Via: stevie.heliohost.org: authenticated_id: amirasam/from_h X-Source: /usr/bin/php X-Source-Args: /usr/bin/php /home/amirasam/public_html/wp-includes/images/media/ajax23.php X-Source-Dir: amirasamy.com:/public_html/wp-includes/images/media x-aol-global-disposition: G Authentication-Results: mx.aol.com; spf=none (aol.com: the domain amirasamy.com appears to have no SPF Record.) smtp.mailfrom=amirasamy.com; x-aol-sid: 3039ac1afc0157cd0bab2706 X-AOL-IP: 65.19.143.2 X-AOL-SPF: domain : amirasamy.com SPF : none --b1_2b1191136e3272e461fc9c17a877a7d8 Content-Type: text/plain; charset=us-ascii oh hello there sir, if ur single and avail we can meetup for fun?? au+ladr43yurPoaeLRIRxU9w4jUt7l+xMdMdOeOcdgo= --b1_2b1191136e3272e461fc9c17a877a7d8 Content-Type: text/html; charset=us-ascii <html> <body> oh hello there sir, if ur single and avail we can meetup for fun?? au+ladr43yurPoaeLRIRxU9w4jUt7l+xMdMdOeOcdgo= </body> </html> --b1_2b1191136e3272e461fc9c17a877a7d8-- --boundary-1138-29572-2659438-7097-- As you can see you installed malware at /home/amirasam/public_html/wp-includes/images/media/ajax23.php and it was sending porn spam from your account.
amirasamy Posted September 25, 2016 Author Posted September 25, 2016 I'm pretty sure I didn't install a malware or use the website for any spamming. It's a personal website for an artist.Maybe it was a plugin? Can I get my account reactivated?
Recommended Posts