More Bitcoin spammers for your amusement, or mine at least.

Two copies of this just hit the email box. Why don’t you follow the link they want to give me $30 to put their link on. I’ll just be waiting here.


Delivered-To: dgerard@gmail.com
Received: by 10.103.37.134 with SMTP id l128csp2389975vsl;
Tue, 13 Sep 2016 15:40:17 -0700 (PDT)
X-Received: by 10.66.243.80 with SMTP id ww16mr5444378pac.19.1473806417570;
Tue, 13 Sep 2016 15:40:17 -0700 (PDT)
Return-Path:
Received: from b22.web-hosting.com (b22.web-hosting.com. [199.188.205.56])
by mx.google.com with ESMTPS id v27si29714522pfj.178.2016.09.13.15.40.17
for
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 13 Sep 2016 15:40:17 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of bitcpodg@business22.web-hosting.com designates 199.188.205.56 as permitted sender) client-ip=199.188.205.56;
Authentication-Results: mx.google.com;
spf=pass (google.com: best guess record for domain of bitcpodg@business22.web-hosting.com designates 199.188.205.56 as permitted sender) smtp.mailfrom=bitcpodg@business22.web-hosting.com
Received: from bitcpodg by business22.web-hosting.com with local (Exim 4.86_1) (envelope-from ) id 1bjwND-003Lvq-4b for dgerard@gmail.com; Tue, 13 Sep 2016 18:40:15 -0400
To: dgerard@gmail.com
Subject: I pay you $30 for a link in http://rocknerd.co.uk/2016/08/25/get-rich-with-bitcoin-advertising-on-rocknerd-citation-needed/
X-PHP-Originating-Script: 912:███████████████.php
From: John Flex
Message-Id:
Sender:
Date: Tue, 13 Sep 2016 18:40:15 -0400
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - business22.web-hosting.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [912 32007] / [47 12]
X-AntiAbuse: Sender Address Domain - business22.web-hosting.com
X-Get-Message-Sender-Via: business22.web-hosting.com: authenticated_id: bitcpodg/from_h
X-Authenticated-Sender: business22.web-hosting.com: john@bitcoinmarketing.website
X-Source:
X-Source-Args: /usr/sbin/proxyexec -q -d -s /var/lib/proxyexec/cagefs.sock/socket /bin/cagefs.server
X-Source-Dir: bitcoinmarketing.website:/public_html
X-From-Rewrite: unmodified, already matched

Hi, i would like to know if is possible to pay you $30 so you can add a link to a bitcoin site from the following page:

http://rocknerd.co.uk/2016/08/25/get-rich-with-bitcoin-advertising-on-rocknerd-citation-needed/

Can i send you sample of the text link that i want to add?

Thank you for your time.

Yet again, I’ve blanked out the name of the PHP script they used for their spam run, which appears to be the same script as the previous spammer used. Because I just tested their script on their website. And successfully sent an email to myself. They’ve created a wide-open spam relay.

Rule 3, holy shit.

Leave a Reply

Your email address will not be published. Required fields are marked *