Translate

12/15/2013

Malicious URL: www.ramada-friedrichroda.de - Rogue Medications
SCAM, SPAM, PHISHING

MALICIOUS URL: 
Blackhat SEO SPAM (VIAGRA, CIALIS & Co.) - TDS URL pattern - PHISHING



URL:

www.ramada-friedrichroda.de/apotheke-niederlande-cialis

  • https://www.virustotal.com/de/url/440d20e3414b328c712cd2b8f239eedcd4384017bb38147ca9892f6d456ce261/analysis/1387125985/

TDS URL pattern
INDICATOR-COMPROMISE Suspicious .pw dns query

  • https://urlquery.net/report.php?id=8396692

---> TDS PATH

keycollector.pw/got.php?sid=1

  • https://www.virustotal.com/de/url/b0059244125b4a42d4ed3fee193cf1c19300c7a4499f5cfe6e1d8b51c833796a/analysis/1387126405/
  • https://urlquery.net/report.php?id=8396782

---> TO PHISHING DOMAIN

edapotek.eu

  • https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387126466/

MALICIOUS IP used for Rogue Meds & Cigarettes etc.:   5.152.215.126

  • https://www.virustotal.com/de/url/09f69d67216a170c75e9e24f1ce49a682e2af481d34c54948168b78daf829c85/analysis/1387127170/
  • https://www.virustotal.com/de/ip-address/5.152.215.126/information/

Keine Kommentare:

Kommentar veröffentlichen