Blackhat SEO SPAM (VIAGRA, CIALIS & Co.) - TDS URL pattern - PHISHING
URL:
www.ramada-friedrichroda.de/apotheke-niederlande-cialis
- https://www.virustotal.com/de/url/440d20e3414b328c712cd2b8f239eedcd4384017bb38147ca9892f6d456ce261/analysis/1387125985/
TDS URL pattern
INDICATOR-COMPROMISE Suspicious .pw dns query
- https://urlquery.net/report.php?id=8396692
---> TDS PATH
keycollector.pw/got.php?sid=1
- https://www.virustotal.com/de/url/b0059244125b4a42d4ed3fee193cf1c19300c7a4499f5cfe6e1d8b51c833796a/analysis/1387126405/
- https://urlquery.net/report.php?id=8396782
---> TO PHISHING DOMAIN
edapotek.eu
- https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387126466/
MALICIOUS IP used for Rogue Meds & Cigarettes etc.: 5.152.215.126
- https://www.virustotal.com/de/url/09f69d67216a170c75e9e24f1ce49a682e2af481d34c54948168b78daf829c85/analysis/1387127170/
- https://www.virustotal.com/de/ip-address/5.152.215.126/information/
Keine Kommentare:
Kommentar veröffentlichen