<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>As it should be. <br><br><div>--</div><div><b>Joel Esler</b></div>Sent from my iPhone <span style="background-color: rgba(255, 255, 255, 0);"></span></div><div><br>On Jan 29, 2013, at 8:57 PM, Eric G <<a href="mailto:eric@...16063.....">eric@...15503...</a>> wrote:<br><br></div><blockquote type="cite"><div>On Tue, Jan 29, 2013 at 4:10 PM, waldo kitty <span dir="ltr"><<a href="mailto:wkitty42@...14940..." target="_blank">wkitty42@...14957...40...</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div class="im">On 1/29/2013 15:02, Jeff Jarmoc wrote:<br>> Obfuscated redirect to hxxp://www.news.com.december.bestdrops.2012.fxsprime<dot>com<br><br></div>yeah, i don't know what they are doing, either, but i've seen quite a few of<br>
these types of postings... they are easily recognized by their subject line<br>containing only "Fwd:" and nothing else...<br><br>i'm suspecting that they might be looking for specific connections to facilitate<br>
infectious processes... "they" are getting smarter and narrowing their targets<br>which also assists them in avoiding researchers from determining what they are<br>doing and how they are doing it :?<br><div class="im">
<br>> That site in turn gives a 302 to pinterest.  Weird that it doesn't seem to do<br>> anything; maybe it's fingerprinting browsers?<br></div></blockquote><div><br></div><div><br></div><div>I find it hilariously appropriate that a spam posting to a mailing list results in analysis and discussion on the URL contained in said spam message... guess that's what you get when you post spam to Snort-users  :0) </div>
<div><br></div><div><br></div><div>--</div><div>Eric</div><div><a href="http://www.linkedin.com/in/ericgearhart">http://www.linkedin.com/in/ericgearhart</a></div><div><br></div></div>
</div></blockquote><blockquote type="cite"><div><span>------------------------------------------------------------------------------</span><br><span>Everyone hates slow websites. So do we.</span><br><span>Make your web apps faster with AppDynamics</span><br><span>Download AppDynamics Lite for free today:</span><br><span><a href="http://p.sf.net/sfu/appdyn_d2d_jan">http://p.sf.net/sfu/appdyn_d2d_jan</a></span></div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Snort-users mailing list</span><br><span><a href="mailto:Snort-users@lists.sourceforge.net">Snort-users@lists.sourceforge.net</a></span><br><span>Go to this URL to change user options or unsubscribe:</span><br><span><a href="https://lists.sourceforge.net/lists/listinfo/snort-users">https://lists.sourceforge.net/lists/listinfo/snort-users</a></span><br><span>Snort-users list archive:</span><br><span><a href="http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users">http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users</a></span><br><span></span><br><span>Please visit <a href="http://blog.snort.org">http://blog.snort.org</a> to stay current on all the latest Snort news!</span></div></blockquote></body></html>