Recent malicious URLs analyzed #3

Report containing malicious urls logged:

POST /kj97hk9878b8j9hb.php?ini=XXX HTTP/1.1
User-Agent: Mozilla/6.0 (Windows; wget 3.0)
Host: simplycomics. in
 
POST /logos/XXX/61e3a327d/logo.gif HTTP/1.1
User-Agent: Mozilla/6.0 (Windows; wget 3.0)
Host: greatwebdata. in
 
POST /werber/b10353d72/217.gif HTTP/1.1
User-Agent: Mozilla/6.0 (Windows; wget 3.0)
Host: droolbuy. in
 
POST /perce/XXX/21c383b7c/qwerce.gif HTTP/1.1
User-Agent: Mozilla/6.0 (Windows; wget 3.0)
Host: migented. in
 
POST /college_news/college_news/college_news/college_news/build.php HTTP/1.0
User-Agent: Mozilla/3.0 (compatible; Indy Library)
Host: www.cnscut. cn
 
GET /zeus/zeus/config.bin HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 91.206.200.242
 
GET /help.txt HTTP/1.1
User-Agent: Mozilla/3.0 (compatible; Indy Library)
Host: www.cnscut. cn
 
GET /images/Telegrama.exe HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 80.13.172.136
 
GET /gx/444.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: toxtb. info
 
GET /xztj/555.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: rvvxe. info
 
GET /xztj1/888.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: qvnok. info
 
GET /gx2/333.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: ucfya. info
 
POST /zeus/zeus/server%5bphp%5d/gate.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 91.206.200.242
 
GET /1/210.exe HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: www.nxmtv. info
 
GET /v14/setup.php?act=fb_get HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Host: ddk100. com
 
GET /1015000813 HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: susimumezez. com
 
GET /v14/setup.php?act=fb_start&id=XXX HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Host: ddk100. com
 
GET /1/210.exe HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: udjng. info
 
GET /v14/setup.php?act=fb_get HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Host: ddk100. com
 
GET /xztj/555.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: rvvxe. info
 
POST /1wave.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Host: hawfruit. com
 
GET /2wave.php?Yfe6r8E2QkJI0l5aLw0nFAqjiyWNidTqKNSAKIduCPnN2WO7JO4xDtdtjJndzsJ2hg== HTTP/1.0
Referer: hxxp://tubefaster. com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: mattfoy. com
 
POST /1wave.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Host: hslibrary. com
 
GET /2wave.php?Yfe6r8M2QkJI0l5aLwkkExXuhTmDw4fxMdTKZ54jDfbUwHqhI/MuDdF/zZvXnLZr HTTP/1.0
Referer: hxxp://ad.adserverplus. com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: utling. com
 
POST /1wave.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Host: topsaj. com
 
GET /2wave.php?Yfe6r8U2QkJI0l5aLw0mEQKjiyWNidTqKNSAKIduCPnN2WO7JO4xDtdtjJndzsJ2hg== HTTP/1.0
Referer: http://trailersandvideos. com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: thevehic. com
 
GET /xztj1/888.txt HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: qvnok. info
 
GET /in.cgi?groups HTTP/1.0
Referer: hxxp://sl.servednetworks. com/www/delivery/afr.php?zoneid=57&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: m28m. in
 
GET /2wave.php?Yfe6r8k2QkJI0l5aLQwvHBXuhTmDw4fxMdTKZ54jDfbUwHqhI/MuDdF/zZvXnLZr HTTP/1.0
Referer: hxxp://www.investopedia. com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: thevehic. com

POST /kj97hk9878b8j9hb.php?ini=XXX HTTP/1.1 User-Agent: Mozilla/6.0 (Windows; wget 3.0) Host: simplycomics. in POST /logos/XXX/61e3a327d/logo.gif HTTP/1.1 User-Agent: Mozilla/6.0 (Windows; wget 3.0) Host: greatwebdata. in POST /werber/b10353d72/217.gif HTTP/1.1 User-Agent: Mozilla/6.0 (Windows; wget 3.0) Host: droolbuy. in POST /perce/XXX/21c383b7c/qwerce.gif HTTP/1.1 User-Agent: Mozilla/6.0 (Windows; wget 3.0) Host: migented. in POST /college_news/college_news/college_news/college_news/build.php HTTP/1.0 User-Agent: Mozilla/3.0 (compatible; Indy Library) Host: www.cnscut. cn GET /zeus/zeus/config.bin HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: 91.206.200.242 GET /help.txt HTTP/1.1 User-Agent: Mozilla/3.0 (compatible; Indy Library) Host: www.cnscut. cn GET /images/Telegrama.exe HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: 80.13.172.136 GET /gx/444.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: toxtb. info GET /xztj/555.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: rvvxe. info GET /xztj1/888.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: qvnok. info GET /gx2/333.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: ucfya. info POST /zeus/zeus/server%5bphp%5d/gate.php HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: 91.206.200.242 GET /1/210.exe HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: www.nxmtv. info GET /v14/setup.php?act=fb_get HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Host: ddk100. com GET /1015000813 HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: susimumezez. com GET /v14/setup.php?act=fb_start&id=XXX HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Host: ddk100. com GET /1/210.exe HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: udjng. info GET /v14/setup.php?act=fb_get HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Host: ddk100. com GET /xztj/555.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: rvvxe. info POST /1wave.php HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: hawfruit. com GET /2wave.php?Yfe6r8E2QkJI0l5aLw0nFAqjiyWNidTqKNSAKIduCPnN2WO7JO4xDtdtjJndzsJ2hg== HTTP/1.0 Referer: hxxp://tubefaster. com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: mattfoy. com POST /1wave.php HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: hslibrary. com GET /2wave.php?Yfe6r8M2QkJI0l5aLwkkExXuhTmDw4fxMdTKZ54jDfbUwHqhI/MuDdF/zZvXnLZr HTTP/1.0 Referer: hxxp://ad.adserverplus. com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: utling. com POST /1wave.php HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Host: topsaj. com GET /2wave.php?Yfe6r8U2QkJI0l5aLw0mEQKjiyWNidTqKNSAKIduCPnN2WO7JO4xDtdtjJndzsJ2hg== HTTP/1.0 Referer: http://trailersandvideos. com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: thevehic. com GET /xztj1/888.txt HTTP/1.0 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: qvnok. info GET /in.cgi?groups HTTP/1.0 Referer: hxxp://sl.servednetworks. com/www/delivery/afr.php?zoneid=57&cb=INSERT_RANDOM_NUMBER_HERE User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: m28m. in GET /2wave.php?Yfe6r8k2QkJI0l5aLQwvHBXuhTmDw4fxMdTKZ54jDfbUwHqhI/MuDdF/zZvXnLZr HTTP/1.0 Referer: hxxp://www.investopedia. com/ User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Host: thevehic. com

URLVoid domain analysis:

URLVoid Blog

Latest news about Internet threats

Recent malicious URLs analyzed #3

Leave a Reply Cancel reply