Liste der Anhänge anzeigen (Anzahl: 5)
header:
01: Received: from difficult.spydaradio.co.uk ([146.59.57.85]) by mx-ha.gmx.net
02: (mxgmx014 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Tue, 05 Oct 2021 xx:xx:xx +0200
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/estadisticas
/r.asp?idsector=*schnapp*
&e=*schnapp*
&c=*schnapp*
&d=//whois:37.97.146.78?*schnapp* |
whois:80.67.99.3 |
[X] ja / [ ] nein |
whois:
/?*schnapp* |
whois:37.97.146.78 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=*schnapp*
&c=*schnapp*
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp* |
whois:34.91.99.156 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=*schnapp*
&c=*schnapp*
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp*
&ckmguid=*schnapp* |
whois:34.90.173.82 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=110
&aff_id=1010
&aff_sub=1588
&aff_sub2=*schnapp* |
whois:34.250.4.239
whois:99.80.191.246
whois:52.215.106.33 |
[X] ja / [ ] nein |
whois:
/derm,bestshopping,voucher,com_112.html
?idPartner=43
&idCampaignAd=0
&subId=1010-1588
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_409.html
?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 4)
Spammy muss jetzt schon seine verschissene Hetzner-IP TimeWeb Ltd.-IP hinter Microsoft 365 verstecken...
header:
01: Received: from EUR04-HE1-obe.outbound.protection.outlook.com ([52.100.18.232])
02: by mx-ha.gmx.net (mxgmx015 [212.227.15.9]) with ESMTPS (Nemesis) id
03: x for <x>; Fri, 22 Oct 2021
04: xx:xx:xx +0200
05: [...]
06: Received: from gadnr.org (185.104.114.15) by
07: DB8EUR05FT007.mail.protection.outlook.com (10.233.239.88) with Microsoft SMTP
08: Server ID: [ID filtered]
09: +0000
10: [...]
11: X-OriginatorOrg: andreaswind.onmicrosoft.com
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/
/*schnapp* |
whois:167.99.129.197 |
[X] ja / [ ] nein |
whois:
/*schnapp*
/2
/*schnapp*
/*schnapp* |
whois:169.239.129.48 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=379
&aff_id=1079
&url_id=56
&aff_sub2=*schnapp*
&aff_sub=471373 |
whois:52.215.106.33
whois:34.250.4.239
whois:99.80.191.246 |
[X] ja / [ ] nein |
whois:
/de,bikesupport4you,com_451.html?idPartner=43
&idCampaignAd=0
&subId=1079-471373
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_931.html
?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 1)
Faszinierend:
Code:
canonical name s1.golead.de.
aliases
addresses 168.119.31.202
das SAN-Zertifikat auf der IPv4-Adresse spricht dann was von
Code:
Subject Alternative Name: DNS Name=deru.trip-park.com
Liste der Anhänge anzeigen (Anzahl: 2)
header:
01: Received: from buried.senedo.in ([52.231.183.27]) by mx-ha.gmx.net (mxgmx014
02: [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Tue, 26 Oct 2021 xx:xx:xx +0200
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/out.php?id=00909
&go=
/
/*schnapp*@@@@@@@@@@0xC12A8802
/?*schnapp* |
whois:103.37.113.183 |
[X] ja / [ ] nein |
http://*schnapp*whois:@193.42.136.2
/?*schnapp* |
whois:193.42.136.2 |
[X] ja / [ ] nein |
whois:
/*schnapp*
/
/*schnapp*
/*schnapp* |
whois:50.115.165.101 |
[X] ja / [ ] nein |
whois:
/bikefans
/?aff_id=1079
&aff_sub2=*schnapp*
&aff_sub=471105 |
whois:37.48.73.166 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=379
&aff_id=1079
&aff_sub2=*schnapp*
&aff_sub=471105 |
whois:99.80.191.246
whois:52.215.106.33
whois:34.250.4.239 |
[X] ja / [ ] nein |
whois:
/de,cube,yourbikenow,com_154.html
?idPartner=43
&idCampaignAd=0
&subId=1079-471105
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_488.html
?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 5)
header:
01: Received: from foot.takenice.com ([5.9.167.169]) by mx-ha.gmx.net (mxgmx002
02: [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Thu, 04 Nov 2021 xx:xx:xx +0100
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/estadisticas
/r.asp?idsector=*schnapp*
&e=*schnapp*
&c=*schnapp*
&d=//whois:penteralo.pro?*schnapp* |
whois:80.67.99.3 |
[X] ja / [ ] nein |
whois:
/?*schnapp* |
whois:37.97.146.197 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=13130
&c=*schnapp*
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp* |
whois:34.91.99.156 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=*schnapp*
&c=*schnapp*
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp*
&ckmguid=*schnapp* |
whois:34.91.99.156 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=*schnapp*
&aff_id=1010
&aff_sub=1588
&aff_sub2=*schnapp* |
whois:34.250.4.239
whois:52.215.106.33
whois:99.80.191.246 |
[X] ja / [ ] nein |
whois:
/deli,bestshopping,voucher,com_126.html?idPartner=43
&idCampaignAd=0
&subId=1010-1588
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_446.html?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 4)
header:
01: Received: from amazon.fr ([94.103.188.5]) by mx-ha.gmx.net (mxgmx116
02: [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Mon, 08 Nov 2021 xx:xx:xx +0100
04: [...]
05: Subject: Uberraschung am schwarzen Freitag! Geheime E-Mail fur dich
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/launch.php?url=//whois:185.133.208.43
/cl
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp* |
whois:2606:4700:3033::ac43:c761
whois:2606:4700:3037::6815:5ce4
whois:104.21.92.228
whois:172.67.199.97 |
[X] ja / [ ] nein |
whois:
/cl
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp*
/*schnapp* |
whois:185.133.208.43 |
[X] ja / [ ] nein |
whois:
/?a=1746
&oc=*schnapp*
&c=*schnapp*
&m=*schnapp*
&s1=*schnapp*
&s2=*schnapp*
&s3=*schnapp* |
whois:34.91.99.156 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=379
&aff_id=1010
&url_id=56
&aff_sub=1746
&aff_sub2=*schnapp* |
whois:34.250.4.239
whois:99.80.191.246
whois:52.215.106.33 |
[X] ja / [ ] nein |
whois:
/de,bikesupport4you,com_451.html
?idPartner=43
&idCampaignAd=0
&subId=1010-1746
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_931.html?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Auf der IPv4-Adresse whois:168.119.31.202 mit dem Host-Header whois: laufen derzeit 434 'Campaigns'.
80,83 % auf den Namen der PELEMA PTE. LTD.
18,71 % auf den Namen der Performance Lead GmbH
0,23 % auf den Namen der Hyperservice GmbH
Liste der Anhänge anzeigen (Anzahl: 4)
Obi ist an der Reihe für die Datensammlerei herzuhalten:
header:
01: Received: from mail-yb1-f189.google.com ([209.85.219.189]) by mx-ha.gmx.net
02: (mxgmx015 [212.227.15.9]) with ESMTPS (Nemesis) ID: [ID filtered]
03: for <x>; Thu, 09 Dec 2021 xx:xx:xx +0100
Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
whois:
/*schnapp* |
whois:67.199.248.11
whois:67.199.248.10 |
[X] ja / [ ] nein |
whois:
/?a=1398
&oc=*schnapp*
&c=*schnapp*
&m=3
&s1= |
whois:34.91.151.72 |
[X] ja / [ ] nein |
whois:
/aff_c?offer_id=592
&aff_id=1010
&aff_sub=1398
&aff_sub2=*schnapp* |
whois:34.250.4.239
whois:52.215.106.33
whois:99.80.191.246 |
[X] ja / [ ] nein |
whois:
/www,meinbaumarktgutschein,com_250.html
?idPartner=43
&idCampaignAd=0
&subId=1010-1398
&subIdentifier=*schnapp*
&aps=___ |
whois:168.119.31.202 |
[X] ja / [ ] nein |
whois:
/campaign_637.html
?coyoteAffiliTokenId=*schnapp*
&aps=___
& |
whois:168.119.31.202 |
[ ] ja / [X] nein |
Obi? Der Baumarkt?
Ritzeratze! voller Tücke,
In die Brücke eine Lücke.