This is most definitely spam/phishing/browser exploits. Aside from the content being utterly ridiculous and unrelated to this list, curling the bitly link gives back a redirect to (mangled to avoid accidental clicking)
hxxp://entrancejudgeroll. xyz/KSBQEDYXIP29112/numls/ That domain was registered in July 21 this year; that's older than I'd expect for spam/phishing, but still suspiciously recent. Also, the bare domain with no path gives back a 403, while adding www gives back a 503. Both are very unusual on legitimate sites. Attempting to curl that link gives back a 405 "Method not allowed", suggesting they're blocking curl. Setting the user agent to a various useragents found on the Internet (including Firefox and Chrome on Windows and OSX, Safari, IE6 and IE11), gave back simply "<pre>". I couldn't get anything else via curl. I suspect that either they're targeting specific vulnerable browsers that I didn't test, or they're using other headers to determine that I'm not a real browser and give back something benign. But there's no way I'm letting a real browser touch that site, and don't have a handy throwaway VM to test on. In short: do not click that link. On Tue, Sep 29, 2020 at 08:45:06AM +0200, Mark Clements wrote: > Could someone confirm that this is not spam, please? I realise that angelflow > has posted to this list before, but I don't like clicking on random URLs. > > Kindly, Mark. > > On 29/9/20 7:22 am, angelflow wrote: > ur > > > https://bit.ly/344E3af<https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbit.ly%2F344E3af&data=02%7C01%7Cmark.clements%40ki.se%7C9bc9e010232f4318d77c08d86437dfb4%7Cbff7eef1cf4b4f32be3da1dda043c05d%7C0%7C0%7C637369538729622785&sdata=A0mJPm1e%2BIgrryqC7bgdK9HDiLl0KPV8B6Jr8wnzrZ8%3D&reserved=0> > > > > > > > > > > > > > > > > While both products can send alerts and videos or images to your smartphone > after detecting motion, we think wireless security cameras have the advantage > when it comes to monitoring the front door. If used in tandem with a regular > doorbell and placed strategically, security cameras can give a wider viewing > area thus more surveillance power. > > > > > > > > Be on your guard. Because when that other president’s pee tape comes out, > some brave soul will have to stare at it to check that it’s real. > > > ubhkwxj otosteal octahedric allegorizing > > > kvrGoasila scribble conjugating horse-sense > > > > _______________________________________________ > Ur mailing list > [email protected]<mailto:[email protected]> > https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.impredicative.com%2Fcgi-bin%2Fmailman%2Flistinfo%2Fur&data=02%7C01%7Cmark.clements%40ki.se%7C9bc9e010232f4318d77c08d86437dfb4%7Cbff7eef1cf4b4f32be3da1dda043c05d%7C0%7C0%7C637369538729652765&sdata=G5yiaVpa1PNbVd06Vb9OA3R9NueXXV6r5NuntN6kW%2Fg%3D&reserved=0 > > > > > > När du skickar e-post till Karolinska Institutet (KI) innebär detta att KI > kommer att behandla dina personuppgifter. Här finns information om hur KI > behandlar personuppgifter<https://ki.se/medarbetare/integritetsskyddspolicy>. > > > Sending email to Karolinska Institutet (KI) will result in KI processing your > personal data. You can read more about KI’s processing of personal data > here<https://ki.se/en/staff/data-protection-policy>. > _______________________________________________ > Ur mailing list > [email protected] > http://www.impredicative.com/cgi-bin/mailman/listinfo/ur _______________________________________________ Ur mailing list [email protected] http://www.impredicative.com/cgi-bin/mailman/listinfo/ur
