API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 20th, 2016
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.71 KB | None | 0 0
raw download clone embed print report
  1. 54032 195.320158 SPAMMER.IP -> ***.***.***.*** DNS 94 Standard query 0x9d1b A mail.hostdomain.com
  2. 54035 195.321585 ***.***.***.*** -> SPAMMER.IP DNS 159 Standard query response 0x9d1b A SERVER.IP
  3. 54238 195.566725 SPAMMER.IP -> SERVER.IP TCP 62 53631 > smtp [SYN] Seq=0 Win=8192 Len=0 MSS=1336 SACK_PERM=1
  4. 54239 195.566774 SERVER.IP -> SPAMMER.IP TCP 62 smtp > 53631 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0 MSS=1460 SACK_PERM=1
  5. 55193 196.249248 SPAMMER.IP -> SERVER.IP TCP 60 53631 > smtp [ACK] Seq=1 Ack=1 Win=17368 Len=0
  6. 55580 196.666431 SERVER.IP -> SPAMMER.IP SMTP 86 S: 220 SERVER.HOSTNAME ESMTP
  7. 55686 196.894907 SPAMMER.IP -> SERVER.IP SMTP 84 C: EHLO mail.hostdomain.com
  8. 55687 196.894943 SERVER.IP -> SPAMMER.IP TCP 54 smtp > 53631 [ACK] Seq=33 Ack=31 Win=14600 Len=0
  9. 55688 196.895055 SERVER.IP -> SPAMMER.IP SMTP 186 S: 250-SERVER.HOSTNAME | 250-AUTH=LOGIN CRAM-MD5 PLAIN | 250-AUTH LOGIN CRAM-MD5 PLAIN | 250-STARTTLS | 250-PIPELINING | 250 8BITMIME
  10. 55775 197.122597 SPAMMER.IP -> SERVER.IP SMTP 60 C: RSET
  11. 55776 197.122627 SERVER.IP -> SPAMMER.IP SMTP 67 S: 250 flushed
  12. 55785 197.148616 SPAMMER.IP -> SERVER.IP TCP 62 53693 > smtp [SYN] Seq=0 Win=8192 Len=0 MSS=1336 SACK_PERM=1
  13. 55786 197.148664 SERVER.IP -> SPAMMER.IP TCP 62 smtp > 53693 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0 MSS=1460 SACK_PERM=1
  14. 55867 197.362198 SPAMMER.IP -> SERVER.IP SMTP 93 C: MAIL FROM:<zwjmmp@hostdomain.com>
  15. 55868 197.362290 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  16. 55872 197.375466 SPAMMER.IP -> SERVER.IP TCP 60 53693 > smtp [ACK] Seq=1 Ack=1 Win=17368 Len=0
  17. 55875 197.383672 SERVER.IP -> SPAMMER.IP SMTP 86 S: 220 SERVER.HOSTNAME ESMTP
  18. 55988 197.601895 SPAMMER.IP -> SERVER.IP SMTP 89 C: RCPT TO:<cvdias@officenet.com.br>
  19. 55990 197.602505 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  20. 56012 197.632476 SPAMMER.IP -> SERVER.IP SMTP 84 C: EHLO mail.hostdomain.com
  21. 56013 197.632508 SERVER.IP -> SPAMMER.IP TCP 54 smtp > 53693 [ACK] Seq=33 Ack=31 Win=14600 Len=0
  22. 56014 197.632601 SERVER.IP -> SPAMMER.IP SMTP 186 S: 250-SERVER.HOSTNAME | 250-AUTH=LOGIN CRAM-MD5 PLAIN | 250-AUTH LOGIN CRAM-MD5 PLAIN | 250-STARTTLS | 250-PIPELINING | 250 8BITMIME
  23. 56049 197.846024 SPAMMER.IP -> SERVER.IP SMTP 87 C: RCPT TO:<cvdias@staples.com.br>
  24. 56050 197.846679 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  25. 56051 197.868153 SPAMMER.IP -> SERVER.IP SMTP 60 C: RSET
  26. 56052 197.868250 SERVER.IP -> SPAMMER.IP SMTP 67 S: 250 flushed
  27. 56109 198.105521 SPAMMER.IP -> SERVER.IP SMTP 84 C: RCPT TO:<cvdiniz@bol.com.br>
  28. 56110 198.105595 SPAMMER.IP -> SERVER.IP SMTP 94 C: MAIL FROM:<hvnvkjo@hostdomain.com>
  29. 56111 198.105655 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  30. 56112 198.106137 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  31. 56175 198.349570 SPAMMER.IP -> SERVER.IP SMTP 92 C: RCPT TO:<cvitortristao@yahoo.com.br>
  32. 56176 198.349644 SPAMMER.IP -> SERVER.IP SMTP 86 C: RCPT TO:<cvdiniz@terra.com.br>
  33. 56177 198.350130 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  34. 56178 198.350135 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  35. 56243 198.579995 SPAMMER.IP -> SERVER.IP SMTP 82 C: RCPT TO:<cvitt@uol.com.br>
  36. 56244 198.580010 SPAMMER.IP -> SERVER.IP SMTP 60 C: DATA
  37. 56245 198.580199 SERVER.IP -> SPAMMER.IP SMTP 68 S: 354 go ahead
  38. 56247 198.580554 SERVER.IP -> SPAMMER.IP SMTP 62 S: 250 ok
  39. 56302 198.824990 SPAMMER.IP -> SERVER.IP SMTP 107 C: DATA fragment, 53 bytes
  40. 56303 198.825670 SPAMMER.IP -> SERVER.IP SMTP 1390 C: DATA fragment, 1336 bytes
  41.  
  42. ...
  43. 176771 933.568294 SERVER.IP -> JUST.ME SMTP 98 S: 220 SERVER.HOSTNAME ESMTP
  44. 176774 933.599309 JUST.ME -> SERVER.IP TCP 66 43327 > smtp [ACK] Seq=1 Ack=33 Win=29312 Len=0 TSval=7229555 TSecr=805922528
  45. 179392 950.040074 JUST.ME -> SERVER.IP SMTP 96 C: EHLO mail.hostdomain.com
  46. 179393 950.040114 SERVER.IP -> JUST.ME TCP 66 smtp > 43327 [ACK] Seq=33 Ack=31 Win=14592 Len=0 TSval=805926646 TSecr=7233666
  47. 179394 950.040201 SERVER.IP -> JUST.ME SMTP 198 S: 250-SERVER.HOSTNAME | 250-AUTH=LOGIN CRAM-MD5 PLAIN | 250-AUTH LOGIN CRAM-MD5 PLAIN | 250-STARTTLS | 250-PIPELINING | 250 8BITMIME
  48. 179407 950.071243 JUST.ME -> SERVER.IP TCP 66 43327 > smtp [ACK] Seq=31 Ack=165 Win=30336 Len=0 TSval=7233673 TSecr=805926646
  49. 180750 953.435989 JUST.ME -> SERVER.IP SMTP 72 C: RSET
  50. 180751 953.436024 SERVER.IP -> JUST.ME SMTP 79 S: 250 flushed
  51. 180795 953.463600 JUST.ME -> SERVER.IP TCP 66 43327 > smtp [ACK] Seq=37 Ack=178 Win=30336 Len=0 TSval=7234522 TSecr=805927495
  52. 188977 972.572521 JUST.ME -> SERVER.IP SMTP 104 C: MAIL FROM:<zujzj@hostdomain.com>
  53. 188978 972.572603 SERVER.IP -> JUST.ME SMTP 74 S: 250 ok
  54. 188981 972.603855 JUST.ME -> SERVER.IP TCP 66 43327 > smtp [ACK] Seq=75 Ack=186 Win=30336 Len=0 TSval=7239306 TSecr=805932279
  55. 202579 1000.840006 JUST.ME -> SERVER.IP SMTP 99 C: RCPT TO:<dkkd@officenet.com.br>
  56. 202580 1000.840462 SERVER.IP -> JUST.ME SMTP 137 S: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
  57. ...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!