Liste der Anhänge anzeigen (Anzahl: 3)
Zitat:
Zitat von
elfriede8
Toleadoo sagt: [...
Alles richtig, inklusive dem letzten Satz.
Was die toleadoo GmbH hier natürlich nicht sagt: die Werbung wird von der eGentic (ehemals Planet 49) beauftragt.
Bei der eGentic heißt das "big bang ads" / whois:
Spammer <-> Publisher <-> eGENTIC GmbH <-> toleadoo GmbH
Somit muss man fragen: lassen Sie das über die eGentic beauftragen?
Warum sollte man sonst mühsam im Aufruf der toleadoo GmbH-URL immer die Affiliate ID übermitteln?
Zitat:
Zitat von AffliliateIDs
&sub_id=1588
&sub_id=1705
&sub_id=1951
&sub_id=1954
&sub_id=1955
&sub_id=4139
&sub_id=7129-8814
Code:
eGENTIC GmbH
Am Unisys Park 1
65843 Sulzbach
Creditreform no.: 6070367405
Register number: HRB 80853
Liste der Anhänge anzeigen (Anzahl: 7)
header:
01: Received: from hhhdj.datacomputer.life ([188.93.233.187]) by mx-ha.gmx.net
02: (mxgmx116 [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Thu, 07 Jul 2022 xx:xx:xx +0200
header:
01: Received: from mgp.getyourgain.online ([195.58.39.119]) by mx-ha.gmx.net
02: (mxgmx117 [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Thu, 07 Jul 2022 xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 5)
header:
01: Received: from zgud.getyourgain.online ([195.58.39.35]) by mx-ha.gmx.net
02: (mxgmx117 [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Thu, 14 Jul 2022 xx:xx:xx +0200
header:
01: Received: from bbob.hiyoursummer.store ([213.109.192.101]) by mx-ha.gmx.net
02: (mxgmx114 [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Thu, 14 Jul 2022 xx:xx:xx +0200
Was für erbärmliche Bettnässer:
whois:/sc/todo=cp_naturvel&context=de#imprint
whois:/sc/todo=cp_toleadoo&context=de#imprint
Liste der Anhänge anzeigen (Anzahl: 6)
header:
01: Received: from v20u.brainsummer.xyz ([195.58.39.211]) by mx-ha.gmx.net
02: (mxgmx017 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Fri, 22 Jul 2022 xx:xx:xx +0200
Hans Dampf Timo in allen Gassen
Liste der Anhänge anzeigen (Anzahl: 6)
header:
01: Received: from love.lowispan.com ([146.59.59.190]) by mx-ha.gmx.net (mxgmx004
02: [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Fri, 22 Jul 2022 xx:xx:xx +0200
| Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
|---|
whois:
/vazhdo.php
?url=
//msstrum.com?*schnapp* |
whois:52.28.127.221 |
[X] ja / [ ] nein |
whois:
/?*schnapp* |
whois:31.207.39.224 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=15411
&c=42650
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp* |
whois:34.91.44.202 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=15411
&c=42650
&m=3
&s1=
&s2=*schnapp*
&s3=*schnapp*
&ckmguid=*schnapp* |
whois:34.76.75.249 |
[X] ja / [ ] nein |
whois:
/_static
/_supload
/_prelander
/138_729
/?partner_pk=1899
&wingame_pk=138
&freetest_pk=729
&sub_id=1588
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:514
whois:2606:4700::6812:414
whois:104.18.5.20
whois:104.18.4.20 |
[X] ja / [ ] nein |
whois:
/cgi-bin
/wingame.pl
?partner_pk=1899
&wingame_pk=138
&freetest_pk=729
&sub_id=1588
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:514
whois:2606:4700::6812:414
whois:104.18.5.20
whois:104.18.4.20 |
[ ] ja / [X] nein |
Emsiges Spammchen...
Liste der Anhänge anzeigen (Anzahl: 6)
.
header:
01: Received: from tkppcnbrszln.com ([84.54.51.224]) by mx-ha.gmx.net (mxgmx104
02: [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Sun, 24 Jul 2022 xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 7)
Spammy ist jetzt 'a=1856' bzw. 'sub_id=1856'
header:
01: Received: from k7kt.Patience.com ([135.181.231.157]) by mx-ha.gmx.net
02: (mxgmx015 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Sat, 27 Aug 2022 xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 7)
header:
01: Received: from 8LA.outbound-mail.sendgrid.net ([135.181.229.87]) by
02: mx-ha.gmx.net (mxgmx002 [212.227.15.9]) with ESMTP (Nemesis) id
03: x for <x>; Sun, 28 Aug 2022
04: xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 8)
Zitat:
Zitat von
elfriede8
...] wieder Toleadoo und Naturvel gemischt.
die eGentic ist ein klassischer MistMischkonzern.
header:
01: Received: from 8LA.outbound-mail.sendgrid.net ([135.181.231.247]) by
02: mx-ha.gmx.net (mxgmx003 [212.227.15.9]) with ESMTP (Nemesis) id
03: x for <x>; Sun, 28 Aug 2022
04: xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 7)
header:
01: Received: from establish.lowispan.com ([146.59.59.174]) by mx-ha.gmx.net
02: (mxgmx003 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Fri, 07 Oct 2022 xx:xx:xx +0200
header:
01: Received: from establish.lowispan.com ([146.59.59.174]) by mx-ha.gmx.net
02: (mxgmx003 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Fri, 07 Oct 2022 xx:xx:xx +0200
| Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
|---|
whois:
/t.aspx?s=88
&url=//whois:getitjust.com
?*schnapp* |
whois:69.166.143.119 |
[X] ja / [ ] nein |
whois:
?*schnapp* |
whois:194.39.205.153 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=*schnapp*
&c=*schnapp*
&m=*schnapp*
&s1=
&s2=82_146.59.59.174_135_*schnapp*
&s3=*schnapp* |
whois:35.195.30.15 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=*schnapp*
&c=*schnapp*
&m=*schnapp*
&s1=
&s2=82_146.59.59.174_135_*schnapp*
&s3=*schnapp*
&ckmguid=*schnapp* |
whois:34.76.75.249 |
[X] ja / [ ] nein |
whois:
/_static
/_supload
/_prelander
/138_729_1
/?partner_pk=1899
&wingame_pk=138
&freetest_pk=729
&sub_id=1588
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:935
whois:2606:4700::6812:835
whois:104.18.9.53
whois:104.18.8.53 |
[X] ja / [ ] nein |
whois:
/cgi-bin
/wingame.pl?partner_pk=1899
&wingame_pk=138
&freetest_pk=729
&sub_id=1588
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:414
whois:2606:4700::6812:514
whois:104.18.4.20
whois:104.18.5.20 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 6)
Jetzt war ja lange Ruhe...
header:
01: Received: from mail-lj1-f169.google.com ([209.85.208.169]) by mx-ha.gmx.net
02: (mxgmx114 [212.227.17.5]) with ESMTPS (Nemesis) ID: [ID filtered]
03: for <x>; Fri, 20 Jan 2023 xx:xx:xx +0100
Liste der Anhänge anzeigen (Anzahl: 7)
header:
01: Received: from 195.158.248.233 ([196.120.16.184]) by mail.gmx.net (mrgmx105
02: [212.227.17.168]) with ESMTPSA (Nemesis) ID: [ID filtered]
03: <x>; Fri, 31 Mar 2023 xx:xx:xx +0200
header:
01: Received: from 196.120.16.184 ([196.120.16.184]) by mail.gmx.net (mrgmx105
02: [212.227.17.168]) with ESMTPSA (Nemesis) ID: [ID filtered]
03: <x>; Fri, 31 Mar 2023 xx:xx:xx +0200
Spammy verwendet den Atomic Mail Sender 9.61.0.523 um die shice rauszupusten.
Da stehen manche interessante Details drin:
Code:
{"u":"D042AF5A4150EBF13671E7CA58A97B74","i":"PayPal 1000","r":"g","t":"BQsJohDaMQsQyohaloHuBbDrt","l":"https://cluaboa.com/?a=2329&oc=*schnapp*&c=*schnapp*&m=*schnapp*&s1=","v":"9.61.0.523"}
Liste der Anhänge anzeigen (Anzahl: 10)
header:
01: Received: from [127.0.0.1] ([62.171.190.165]) by mail.gmx.net (mrgmx005
02: [212.227.17.190]) with ESMTPSA (Nemesis) ID: [ID filtered]
03: <x>; Mon, 03 Apr 2023 xx:xx:xx +0200
| Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
|---|
whois:
/p
/*Link zur nächsten URL - base64-codiert*
/click
/*betroffene E-Mail-Adresse - base64-codiert* |
whois:62.171.190.165 |
[X] ja / [ ] nein |
whois:
/?a=2329
&oc=*schnapp*
&c=*schnapp*
&m=*schnapp*
&s1=achour |
whois:35.195.74.163 |
[X] ja / [ ] nein |
whois:
/_static
/_supload
/_prelander
/138_1279
/?partner_pk=1899
&wingame_pk=138
&freetest_pk=1279
&sub_id=2329
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:514
whois:2606:4700::6812:414
whois:104.18.4.20
whois:104.18.5.20 |
[X] ja / [ ] nein |
whois:
/cgi-bin
/wingame.pl?partner_pk=1899
&wingame_pk=138
&freetest_pk=1279
&sub_id=2329
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:514
whois:2606:4700::6812:414
whois:104.18.4.20
whois:104.18.5.20
|
[ ] ja / [X] nein |
Code:
canonical name ouzmail.com.
aliases
addresses 62.171.190.165
Domain Whois record
Queried whois.internic.net with "dom ouzmail.com"...
Domain Name: OUZMAIL.COM
Registry Domain ID: 2678011536_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2023-02-27T20:02:22Z
Creation Date: 2022-02-27T13:03:11Z
Registry Expiry Date: 2024-02-27T13:03:11Z
Registrar: NameCheap, Inc.
Registrar IANA ID: 1068
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: +1.6613102107
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: DNS1.REGISTRAR-SERVERS.COM
Name Server: DNS2.REGISTRAR-SERVERS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2023-04-03T04:10:33Z <<<
Wenn die Spark 5 GmbH nicht so dämlich wäre, könnte man sich sogar als Spammer bewerben:
whois:/aff_c?offer_id=9805&aff_id=2801&url_id=21569
Liste der Anhänge anzeigen (Anzahl: 5)
header:
01: Received: from dsfgswfdgdfb.df.sdgf ([103.72.79.165]) by mx-ha.gmx.net
02: (mxgmx006 [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Wed, 12 Apr 2023 xx:xx:xx +0200
Liste der Anhänge anzeigen (Anzahl: 6)
header:
01: Received: from aroundyou.live ([216.71.122.75]) by mx-ha.gmx.net (mxgmx006
02: [212.227.15.9]) with ESMTP (Nemesis) ID: [ID filtered]
03: <x>; Tue, 13 Jun 2023 xx:xx:xx +0200
| Beworbene Domain |
IP Adresse(n) |
Weiterleitung (j/n) |
|---|
whois:
/banner.php?id=44
&url=//whois:norsarchos.com?*schnapp* |
whois:84.255.234.163 |
[X] ja / [ ] nein |
whois:
/?*schnapp* |
whois:107.6.170.154 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=15374
&c=42568
&m=3
&s1=
&s2=82_216.71.122.75_135_*schnapp*
&s3=*schnapp* |
whois:34.90.119.27 |
[X] ja / [ ] nein |
whois:
/?a=1588
&oc=15374
&c=42568
&m=3
&s1=
&s2=82_216.71.122.75_135_*schnapp*
&s3=*schnapp*
&ckmguid=*schnapp* |
whois:35.241.249.45 |
[X] ja / [ ] nein |
whois:
/_static
/_supload
/_prelander
/136_1280
/?partner_pk=1899
&wingame_pk=136
&freetest_pk=1280
&sub_id=1588
&sub_id_postback=*schnapp* |
whois:2606:4700::6812:4ae
whois:2606:4700::6812:5ae
whois:104.18.4.174
whois:104.18.5.174 |
[ ] ja / [X] nein |
Liste der Anhänge anzeigen (Anzahl: 1)
header:
01: Received: from bean.demaglater.cc ([216.71.122.149]) by mx-ha.gmx.net
02: (mxgmx106 [212.227.17.5]) with ESMTP (Nemesis) ID: [ID filtered]
03: for <x>; Mon, 07 Aug 2023 xx:xx:xx +0200
