On 02/05/2023 18:18, Michael Peddemors via mailop wrote:
Do you have a sampling of the IPs, and we can see if it correlates with
some of our datasets?
We saw similar requests earlier this year, around February and March.
One of our applications generates URLs in the form "...?key=chars>&n=" -
Do you have a sampling of the IPs, and we can see if it correlates with
some of our datasets?
Sure would be nice if the big guys, did a better job of SWIP on their
ranges, so we know which ones they operate, vs the ones they rent.
On 2023-05-02 07:34, Abuse Department - Advision via mailop wr
On 5/2/23 14:34, Abuse Department - Advision via mailop wrote:
> I'm starting to think that this is not a malicious activity but some
> kind of anonymization/url checking action from some Microsoft or anti
> Malware system.
>
> Those are some example of the encoded parameters
>
> [...]
>
> uggcf
Hi all,
since 28/04 we are observing a huge amount of requests coming from
Microsoft ips to our link tracking system.
In the emails we send we override al links to point to our link tracking
system, but we are seeing that many tracking requests are coming with the
query string parameters obfuscate
