Translate

Posts mit dem Label Viagra werden angezeigt. Alle Posts anzeigen
Posts mit dem Label Viagra werden angezeigt. Alle Posts anzeigen

4/15/2014

www.ensemble-berlin.de
infected with SEO SPAM (Viagra & Co.)
ROGUE MEDICATIONS PHISHING
IP: 80.67.31.164 & 5.61.42.211 GERMANY



MALICIOUS RUSSIAN PILLS PHISHING URL:
TDS URL pattern
http://www.ensemble-berlin.de/
  • https://www.virustotal.com/de/url/fa621d60d52c535f849c29fe9327a46e2248dedcc24fbe3ccf58388cad5c5c85/analysis/1397567841/
http://www.ensemble-berlin.de/viagra-rezeptfrei-lander.html
  • https://www.virustotal.com/de/url/c516b883ef52e0fef2b2884bcad2b97ecb7db4c9cd1037a847e1d082523cc5a7/analysis/1397566470/
TDS URL pattern
  • https://urlquery.net/report.php?id=1397566888166

  • https://urlquery.net/report.php?id=1397566887262

  • https://urlquery.net/report.php?id=1397566892018
---->
http://tds.cigarettescheap.net/
  • https://www.virustotal.com/de/url/108ea225a2cbc221f9a087fbcc49495921fa191d9fb0358385673df27b0a805d/analysis/1397567431/
TDS URL pattern
  • https://urlquery.net/report.php?id=1397567579389
----->
http://apharmshop.com/
  • https://www.virustotal.com/de/url/a0cf825561616bba65374be8a7b676cbfeb2964a47b08a7a566c186b4d511158/analysis/1397567650/
------>
http://edapotek.eu/
  • https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1397567302/

Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , ,
Standort: Deutschland

2/01/2014

www.visonic.com & www.visonictech.com &
www.dhtml-menu-builder.com & elpas.com
MALICIOUS DOMAINS INFECTED (Directly or Indirectly)
BV:StartPage-FY [Trojan]

visionic.com

MALICIOUS DOMAIN: HIDDEN LINK & BV:StartPage-FY [Trojan]
www.visonic.com
  • https://www.virustotal.com/de/url/f78e05cce3d42b2e2af2d9b77e333ddf02f255b3bcdf3633a2b4301fe7cfaf73/analysis/1391264633/
HTML
  • https://www.virustotal.com/de/file/e351123b15e39ce42e458fe0ce173a3dae67e6d2e332583eee0b4542a8a0ebc4/analysis/1391264778/
  • http://www.UnmaskParasites.com/security-report/?page=www.visonic.com
www.visonictech.com ---> redirects to elpas.com
HIDDEN LINK TO:
www.visonictech.com
  • https://www.virustotal.com/de/url/bb123e45066579186a9eee70d00a7314d58bb6dd707e8a810b26c94676152ae4/analysis/1391265169/
SPAM LINK (VIAGRA):
  • http://www.UnmaskParasites.com/security-report/?page=www.visonictech.com
dhtml-menu-builder.com

TO:
www.dhtml-menu-builder.com
  • https://www.virustotal.com/de/url/8067736540845fba3def863c89bc850f5ffb0a9d718793973034a7d79021121e/analysis/1391265583/
SPECIFIC MALICIOUS LINK:
www.dhtml-menu-builder.com/include/js/ie6-png.js
  • https://www.virustotal.com/de/url/8e1fbb8ba1b128744dbb94db5a9494af8e357ef88b047044cb261bae892d4128/analysis/1391266171/
INFECTED WITH: BV:StartPage-FY [Trj]
  • https://www.virustotal.com/de/file/66da12165f89ac7a2a330ed8d75288f3c3aeb98b3ce019c890ee1b06a3a48c6f/analysis/1391265996/
  • https://www.virustotal.com/de/file/c3504e6c4b8bf4c1f8bbb265bbdba23270ce5a593f124e38fe65214e4a4b88e2/analysis/1391266028/
REFERENCE & FILE(s):

  • http://jsunpack.jeek.org/?report=eb47e3a23a0f713fe37fb08bdc85ba42651ff26c
buysoftviagra.com

VIAGRA LINK:
buysoftviagra.com
  • https://www.virustotal.com/de/url/a71b8be18ba11c82b6dc425316a7b2c5d2e8766d2c198db755be4494e18d934d/analysis/1391265844/

AS WELL INVOLVED:
elpas.com
  • https://www.virustotal.com/de/url/eef5935a084f5ae84fa9ed3cc936df3531d37802cdef07a8fdc5b7f55e9d0dc4/analysis/1391266776/
  • SEE: http://jsunpack.jeek.org/?report=a8c2e01dc1da2d7ecd26be013ef04799379b3970
SEE ALSO:
  • http://sitecheck.sucuri.net/results/www.dhtml-menu-builder.com
  • http://sitecheck.sucuri.net/results/buysoftviagra.com
  • http://quttera.com/detailed_report/www.visonictech.com


Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , ,

12/25/2013

Malicious Site: www.itv-h.nl - Blackhat SEO Rogue Medications SCAM, SPAM, PHISHING

BLACKHAT SEO SPAM (Viagra, Cialis & co.) (TDS URL PATTERN)
https://www.google.com/search?q=%22Cheap%20Vista%20for%20Students%22%20site%3Awww.itv-h.nl#q=%22Viagra%22+site%3Awww.itv-h.nl



DOMAIN

www.itv-h.nl
https://www.virustotal.com/de/url/db0b7cacafa60e9af86d59ffd9cb50607746297dc4a696b44f90ebcd22166709/analysis/1387967753/

SPECIFIC URL:
www.itv-h.nl/viagra-kob.html
https://www.virustotal.com/de/url/dd8f10f702e672d1ec9dff469c0db539494b6dc782d80ec296d07f83782c4ee7/analysis/1387967607/

TDS URL PATTERN
https://urlquery.net/report.php?id=8541346

---> REMOTE DOMAIN
keycollector.pw
https://www.virustotal.com/de/url/9a068164c93a7846ee42bde821b8945b72dde17688857863abcf750dcff2fe37/analysis/1386973287/

SPECIFIC URL:
keycollector.pw/go.php?sid=1
https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1387967941/

TDS URL PATTERN
https://urlquery.net/report.php?id=8541376

--->
edapotek.eu
https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387967991/
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , ,

12/16/2013

Deutsche Kentucky Fried Chicken Website (HESSEN) infiziert mit Blackhat SEO SPAM (PHISHING inklusive)

KOMPROMITTIERTE URL: 
Blackhat SEO SPAM (VIAGRA, CIALIS & Co.) - TDS URL PFAD - PHISHING
KFC Logo
URL:
www.kfc-hessen.de/viagra-fur-die-frau-online-kaufen

  • https://www.virustotal.com/de/url/fa0ce0aed0980ed05dc97032971980f4536b6c04fd66227e46b0b7605f962906/analysis/1387219444/

TDS URL PFAD
INDICATOR-COMPROMISE Suspicious .pw dns query

  • https://urlquery.net/report.php?id=8404039
---> TDS PFAD

 keycollector.pw/got.php?sid=1

  • https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1387220505/
  • https://urlquery.net/report.php?id=8404170

---> LEITET WEITER AN PHISHING DOMAIN

edapotek.eu

  • https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387220706/

MALICIOUS IP used for Rogue Meds & Cigarettes etc.:   5.61.42.211

  • https://www.virustotal.com/de/url/14c84d8d823c8a2dd31c0dad9aaecd39a5bc6b183093196acf12ea1f2fb0c7c3/analysis/1387223113/
ENGLISH POST:
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , , , ,

German Kentucky Fried Chicken Website Infected with Blackhat SEO SPAM (Phishing included)

MALICIOUS URL: 
Blackhat SEO SPAM (VIAGRA, CIALIS & Co.) - TDS URL pattern - PHISHING
KFC Logo
URL:
www.kfc-hessen.de/viagra-fur-die-frau-online-kaufen

  • https://www.virustotal.com/de/url/fa0ce0aed0980ed05dc97032971980f4536b6c04fd66227e46b0b7605f962906/analysis/1387219444/
TDS URL pattern
INDICATOR-COMPROMISE Suspicious .pw dns query

  • https://urlquery.net/report.php?id=8404039

 ---> TDS PATH

 keycollector.pw/got.php?sid=1

  • https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1387220505/
  • https://urlquery.net/report.php?id=8404170

---> TO PHISHING DOMAIN

edapotek.eu

  • https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1387220706/

MALICIOUS IP used for Rogue Meds & Cigarettes etc.:   5.61.42.211

  • https://www.virustotal.com/de/url/14c84d8d823c8a2dd31c0dad9aaecd39a5bc6b183093196acf12ea1f2fb0c7c3/analysis/1387223113/

 Deutsches POSTING:
http://stayaway2.blogspot.com/2013/12/deutsche-kentucky-fried-chicken-website.html
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , , , , , ,

12/14/2013

Malicious Site: www.karlavagnencatering.se - Rogue Medications
SCAM, SPAM, PHISHING

BLACKHAT SEO SPAM (Viagra, Cialis & co.) (TDS URL PATTERN)
Much to laugh about...?
DOMAIN
www.karlavagnencatering.se
https://www.virustotal.com/de/url/e3e2b39d694b0cd06f9ac6c829fc0e6bf0c1665e3cd38e2155aefc008b0806ea/analysis/1386971594

SPECIFIC URL:
www.karlavagnencatering.se/index.php?q=tablet-viagra-women
https://www.virustotal.com/de/url/d8e9c623a21b171b1a8ac58104517b98335ed9d93159a0fb8fcfa1707f9b40a6/analysis/1386969306/

TDS URL PATTERN
https://urlquery.net/report.php?id=8383382

---> REMOTE DOMAIN
keycollector.pw
https://www.virustotal.com/de/url/9a068164c93a7846ee42bde821b8945b72dde17688857863abcf750dcff2fe37/analysis/1386973287/

SPECIFIC URL:
keycollector.pw/go.php?sid=1
https://www.virustotal.com/de/url/e16207dfb15b888a78ad46df3e92878d177c415c2667e9e438c34a6c0cc9bd63/analysis/1386972436/

TDS URL PATTERN
https://urlquery.net/report.php?id=8383945
Eingestellt von um Keine Kommentare:
Labels: , , , , , , ,

12/02/2013

United Kingdom: Governmental Website with Malicious Hidden Blackhat SEO SPAM revealed - www.kidwelly.gov.uk

Blackhat SEO SPAM (also defined as Spamdexing. Rogue Medications like Viagra, Cialis etc.) have been placed on a U.K. (.gov)-Domain has been identified, Phishing Risk included.

From Kidwelly Town Council to Ordering Viagra...
Analysis:

DOMAIN: www.kidwelly.gov.uk

https://www.virustotal.com/de/url/260c4e69c8b67d926d2dd35855943e73fc4686018563119216333e30f86fa065/analysis/1386001577/
Detection of a TDS URL pattern
www.kidwelly.gov.uk @ Urlquery 1
www.kidwelly.gov.uk @ Urlquery 2
---> Pattern 1
https://www.virustotal.com/de/url/108ea225a2cbc221f9a087fbcc49495921fa191d9fb0358385673df27b0a805d/analysis/1386002253/
https://www.virustotal.com/de/url/e66426cf99e99ffef07c60a6733e9bd3e28ea9531e0a8888651ed0a0ab6368a0/analysis/1386002281/
Detection of a TDS URL pattern
Reference 1
---> Pattern 2
https://www.virustotal.com/de/url/796f23f603e37c30c96323a5a17e9240452213df055795e53fc2d94b4965c37c/analysis/1386002386/

Check This Link, there are several Links to find at Google (for now at least):

 https://www.google.com/search?q=%22Viagra%22+site%3Awww.kidwelly.gov.uk&cad=h
Eingestellt von um Keine Kommentare:
Labels: , , , , , , , , ,
Abonnieren Posts (Atom)