FOR YOUR INFORMATIONS and ACTIONS against these Bastards HACKERS USING your servers IP, accounts and mails boxes ! Pour votre Information et Actions contre ces hackers utilisant vos serveurs IP, comptes et boites mails ! Recu Mardi 10 Decembre 2024 après 19h32 mails escrocs ( envoyés les nuits ) via MS Outlook et usurpant ELECTRODEPOT et demandant de rappeler le 09.70.40.50.00 ( ALTICE CAMPUS ) venant de l’adresse Mail bidon: trabzon@bayi.efespilsen.com.tr mais vraie adresse mail pour répondre aux hackers: Reply-To : "SOSCARTE" no-replay@sfr.fr avec adresse IP utilisées: 40.107.20.85 gérée par abuse@microsoft.com Received : from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2085.outbound.protection.outlook.com [40.107.20.85]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mlpnf0116.laposte.net (SMTP Server) with ESMTPS id 4Y76mF37Jdz1GBwD for <@laposte.net>; Tue, 10 Dec 2024 19:32:45 +0100 (CET) ARC-Seal : i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; IP Lookup Details: IP Information - 40.107.20.85 Host name: mail-db8eur05on2085.outbound.protection.outlook.com Country: United States Country Code: US Region: City: Latitude: 37.751 Longitude: -97.822 ******************* Contenu du mail des hackers *************** ?Votre carte est actuellement en mode blocage. • Aujourd'hui, à 19:32 (il y a une heure) 21Ko • • • R De : Réponse • A : Moi • Cmd Confirmé avec succès 684,36 validé sur le site ELECTRODEPOT 1. Pour toute question ou assistance, notre équipe reste à votre disposition . Nous vous invitons à nous rejoindre sur le numeros d'urgence ? **09.70.405.500**. La Consignation sera réalisée sans confirmation préalable. Cordialement, **************** CODES HTML des hackers ******************** Return-Path : <trabzon@bayi.efespilsen.com.tr> Received : from mlpnf0116.laposte.net (mlpnf0116.sys.meshcore.net [10.94.128.95]) by mlpnb0108 with LMTPA; Tue, 10 Dec 2024 19:32:45 +0100 X-Cyrus-Session-Id : cyrus-31264-1733855565-2-5371445277477112732 X-Sieve : CMU Sieve 3.0 ARC-Seal : i=2; a=rsa-sha256; d=laposte.net; s=lpn-wlmd; t=1733855565; cv=pass; b=nX4D3BINX9vxYCYKup+27Uaoz64P1EZo9POqGSrngHjB+hd+n1N1+cThvpWcOypb3NJFcKcXj2d nr2qYIKwTqccuhDA6lfyr3yXu+pDKjkKboHBPeFncw2NpRly1Oedwoek8G5kOokomU3PhZOy8Nia XYC6Z7I/cHxP+whN09UNl3QdhUF94ej/pvTF/9kvVWNYQTUd6tu4RmNOvob/Qn6WulGzWUw6YRuR vvrVA5RmQkS2C9a8A1vwEzoNszmQc3j8pHZqL8PiRhidg5Dj4miYoAI/z2G3OleqM3h504MLZE5C uCCXYYHk+tphLirOiw/Wh9OOKuDbqQdrWDWfUTw== ARC-Message-Signature : i=2; a=rsa-sha256; c=relaxed/relaxed; d=laposte.net; s=lpn-wlmd; t=1733855565; h=DKIM-Signature:From:Subject:To:Reply-To:Date; bh= grw6gZRPStYzpVO3jBTA5MwNetrElgYIz2zZ86zcGq4=; b=LJnpMNOjeNuxO/BFLcA/b3YGjerz eJ+fQ+SazSfYTb5UFUmcv0JDxnkZZlAhPqviXo6JcbIDd+k962u1ImMzL6qQeCGSJX9qWD/2/7vR RDx+MGgCwQLsJk6fJxMOSb+uIe1UzSb/JNhRivno45CxBMdpxpUEiEK4T8/trieq3/XLbfzr8B6b CorKRK9oX9VHI59qEGYde6c6fA4UQXNeEZlaJrImiHl/qQeJoiUfKx2ygvqE4SnZAHkqP+ztAU6C YaQx3ORrZ1oF7O14xpy1ROdKPuWXAx8QLzMRx9v2z14ZKqZTcPSwr5+eTA7jBSKOCt6PYHIXdet2 6DHJAeUpjA== ARC-Authentication-Results : i=2; laposte.net; spf=pass smtp.helo=EUR05-DB8-obe.outbound.protection.outlook.com smtp.mailfrom=trabzon@bayi.efespilsen.com.tr; dkim=pass reason="good signature" header.b=Spnc3A header.d=aefesbayi.onmicrosoft.com header.s=selector2-aefesbayi-onmicrosoft-com; dmarc=none reason="No policy found"; arc=pass header.oldest-pass=0 smtp.remote-ip=40.107.20.85; bimi=skipped reason="non-pass DMARC" X-mail-filterd : {"version":"1.8.0","queueID":"4Y76mF41vmz1GBvw","contextId": "23d8b9e6-4714-4ff4-91b7-09be2f46bd26"} X-ppbforward : {"queueID":"4Y76mF41vmz1GBvw","server":"mlpnf0116"} Received : from outgoing-mail.laposte.net (localhost.localdomain [127.0.0.1]) by mlpnf0116.laposte.net (SMTP Server) with ESMTP id 4Y76mF41vmz1GBvw for <lpn000000000000000018870443@back01-mail02-04.lpn.svc.meshcore.net>; Tue, 10 Dec 2024 19:32:45 +0100 (CET) X-mail-filterd : {"version":"1.8.0","queueID":"4Y76mF37Jdz1GBwD","contextId": "8f0c92c5-cb77-4bdf-83f0-28aa904551c5"} X-lpn-mailing : LEGIT X-lpn-spamrating : 41 X-lpn-spamlevel : not-spam Authentication-Results : laposte.net; spf=pass smtp.mailfrom=trabzon@bayi.efespilsen.com.tr smtp.helo=EUR05-DB8-obe.outbound.protection.outlook.com; dkim=pass reason="good signature" header.d=aefesbayi.onmicrosoft.com header.s=selector2-aefesbayi-onmicrosoft-com header.b=Spnc3A; dmarc=none reason="No policy found"; arc=pass smtp.remote-ip=40.107.20.85 header.oldest-pass=0; bimi=skipped reason="non-pass DMARC"