From: LinkedIn.Invitations [mailto:8B44145D0@bhuna.net]The malicious payload is at [donotclick]64.111.24.162/links/assure_numb_engineers.php allocated to Data 102 in the US and then suballocated to:
Sent: 17 October 2012 10:06
Subject: New invitation is waiting for your response
Hi [redacted],
User sent you an invitation to connect 6 days ago. How would you like to respond?
Accept Ignore Privately
Alexis Padilla
C.H. Robinson Worldwide (Sales Director)
You are receiving Invitation emails. Unsubscribe.
This email was intended for [redacted].
Learn why we included this.
2012, LinkedIn Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA
network:Network-Name:Buzy Bee Hosting /27
network:IP-Network:64.111.24.160/27
network:IP-Network-Block:64.111.24.160 - 64.111.24.191
network:Org-Name:Buzy Bee Hosting
network:Street-Address:1451 North Challenger Dr
network:City:Pueblo West
network:State:CO
network:Postal-Code:81007
network:Country-Code:US
Blocking the IP (and possibly the /27 block) is probably wise.
No comments:
Post a Comment