Vol de photo sur le Net ?

46 x served & 5 x viewed

Il me faudrait trouver un plugin WordPress qui ajoute automatiquement un logo ou le nom de mon site en filigrane ( Watermark )  …

Exemple n°1 : http://texansonlineofficialshop.com :

Exemple n°2 : http://eka.letsfixerimages.club :

Rançon / bitcoin : Nouvelle demande de rançon 1GrwstsEVPrit3rxAg2WPTSSyRoQqJVXCD

41 x served & 8 x viewed

L’activité de cette demande de rançon : https://bitcoinwhoswho.com/address/1GrwstsEVPrit3rxAg2WPTSSyRoQqJVXCD .

Dans le source de l’email :

Return-Path: tanyq@ytport.com
...
Received: from ssqr.ytport.com (unknown [218.17.228.164])
...
X-CSA-Complaints: complaints@ytport.com
X-Complaints-To: abuse@mailer.ytport.com
Organization: Owrmbmgfgbnji
...
Date: Mon, 6 May 2019 13:36:42 +0200
...
X-MAIL:ssqr.ytport.com x46BWFco075468
...
Content-Type: image/jpeg;
        name="1557149801883.jpg"
Content-Transfer-Encoding: base64
Content-Disposition: inline;
        filename="1557149801883.jpg"
Content-ID: att_img_880970

Misère.

Rançon / bitcoin : Liste des demandes reçus

44 x served & 20 x viewed

Bitcoin : 1Gp6LXRPjQbqzKSvsTHv2RAiWzNkgXmoqo

Return-Path: <calama@workmed.cl>
...
Received: from servidor.workmed.cl (servidor.workmed.cl [200.73.113.209])
...
Date: Mon, 22 Apr 2019 18:17:37 +0200
...
Abuse-Reports-To: <abuse@mail.workmed.cl>
X-Abuse-Reports-To: abuse@mail.workmed.cl

Bitcoin : 1Bo6BKUekTefV4kKPz2nhqsWCELuR6Ep1N

Return-Path: <luomingxiu@jygdy.com>
...
Received: from mail.jygdy.com (unknown [111.11.180.157])

Bitcoin : 15LZuFSVyDAoaNLtbh4ru7ZQWvZxEosCaf

X-SPAMOUT-IP: 203.239.130.5 (TRUST)
X-Original-SENDERIP: 203.239.130.5
X-SPAMOUT-COUNTRY: KR
X-SPAMOUT-FROM: <jt.joo@elim.net>

Encore une demande de rançon : 1Bo6BKUekTefV4kKPz2nhqsWCELuR6Ep1N

52 x served & 11 x viewed

Dans le source de l’email :

Return-Path: <luomingxiu@jygdy.com>
...
X-Spam-Flag: YES
X-Spam-Level: ***************
X-Spam-Status: Yes, score=15.9 required=5.0 tests=COUNTRY2,
	HEADER_FROM_DIFFERENT_DOMAINS,HTML_IMAGE_ONLY_04,HTML_MESSAGE,
	LOCALPART_IN_SUBJECT,MIME_HTML_MOSTLY,MPART_ALT_DIFF,
	RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PBL,RCVD_IN_RP_RNBL,RCVD_IN_SBL_CSS,
	RCVD_IN_SORBS_WEB,TO_NAME_SUBJ_NO_RDNS,TO_NO_BRKTS_HTML_IMG,
	TVD_SPACE_RATIO autolearn=no autolearn_force=no version=3.4.2
X-Spam-Relay-Country: CN AL
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on spamd16.phpnet.org
X-Spam-Report: 
	*  3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
	*      [111.11.180.157 listed in zen.spamhaus.org]
	*  3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
	*      [84.20.83.21 listed in zen.spamhaus.org]
	*  1.0 COUNTRY2 No description available.
	*  0.7 LOCALPART_IN_SUBJECT Local part of To: address appears in
	*      Subject
	*  1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server
	*      [84.20.83.21 listed in dnsbl.sorbs.net]
	*  1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
	*      bl.spamcop.net
	*      [Blocked - see <https://www.spamcop.net/bl.shtml?84.20.83.21>]
	*  1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
	*      https://senderscore.org/blacklistlookup/
	*      [111.11.180.157 listed in bl.score.senderscore.com]
	*  0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
	*      mail domains are different
	*  0.3 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words
	*  0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
	*  0.7 MPART_ALT_DIFF BODY: HTML and text parts are different
	*  0.0 HTML_MESSAGE BODY: HTML included in message
	*  0.0 TVD_SPACE_RATIO No description available.
	*  0.0 TO_NAME_SUBJ_NO_RDNS Recipient username in subject + no rDNS
	*  2.0 TO_NO_BRKTS_HTML_IMG To: lacks brackets and HTML and one image
Received: from mail.jygdy.com (unknown [111.11.180.157])
...
Received: from [21.83.20.84.in-addr.arpa] ([84.20.83.21])
	(envelope-sender <luomingxiu@jygdy.com>)
...
X-WM-AuthFlag: YES
X-WM-AuthUser: luomingxiu@jygdy.com
...
X-Mailer: Sun Java(tm) System Messenger Express 6.1 HotFix 0.11 (builtJan 28
X-Complaints-To: abuse@mailer.jygdy.com
Abuse-Reports-To: <abuse@mailer.jygdy.com>
...
X-Sender: luomingxiu@jygdy.com

Et on retrouve dans Bitcoin Abuse : https://www.bitcoinabuse.com/reports/1Bo6BKUekTefV4kKPz2nhqsWCELuR6Ep1N .

Le serveur est en Chine …

https://haveibeenpwned.com : Afin de voir si notre email est dans une fuite de donnée

Lien

155 x served & 39 x viewed

Je conseille vivement le site : https://haveibeenpwned.com . Il permet de voir si notre email est dans les récentes fuites de données.