API tools faq
paste
Advertisement
MalwareMustDie

#MalwareMustDie - PD079-BHEK2-20121210-2

MalwareMustDie
Dec 10th, 2012
4,743
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.88 KB | None | 0 0
raw download clone embed print report
  1. // re-assemble url w/ IP...
  2.  
  3. h00p://42.121.116.38:8080/forum/links/column.php
  4. h00p://202.180.221.186:8080/forum/links/column.php
  5. h00p://203.80.16.81:8080/forum/links/column.php
  6. h00p://208.87.243.131:8080/forum/links/column.php
  7. h00p://219.255.134.110:8080/forum/links/column.php
  8.  
  9. //retry... 1st IP (42.121.116.38) http://42.121.116.38:8080/forum/links/column.php
  10.  
  11. --14:16:37-- http://42.121.116.38:8080/forum/links/column.php
  12. => `./sample'
  13. Connecting to 42.121.116.38:8080... seconds 0.00, connected.
  14. Created socket 1916.
  15. Releasing 0x003d5600 (new refcount 0).
  16. Deleting unused 0x003d5600.
  17.  
  18. ---request begin---
  19. GET /forum/links/column.php HTTP/1.0
  20. Referer: http://www.lincolnlutheran.org/mail.htm?BIX5MYP=X95RG45NH502A48920J6K&D5IS=IX2OLOH2BXWB4X&DM6=PCKKFX5TNF&0UPZJ4=ZX0L2OUF&OAJG8Q9=KAK0XV65C2F1G6W9I9PBV461O&I57G=R010XDKGQGJXDI&UI6=U6Z4ELZPRCW8FK0D15PUTV6&WPYXJ8=Y6C1G1BXWBE&
  21. User-Agent: MalwareMustdie is Burping at your doors
  22. Accept: */*
  23. Host: 42.121.116.38:8080
  24. Connection: Keep-Alive
  25. ---request end---
  26. HTTP request sent, awaiting response...
  27. ---response begin---
  28. HTTP/1.1 200 OK
  29. Server: nginx/1.0.10
  30. Date: Mon, 10 Dec 2012 05:16:36 GMT
  31. Content-Type: text/html; charset=CP-1251
  32. Connection: close
  33. X-Powered-By: PHP/5.3.18-1~dotdeb.0
  34. Vary: Accept-Encoding
  35. ---response end---
  36. 200 OK
  37. Length: unspecified [text/html]
  38. [ <=> ] 102,671 42.00K/s
  39. Closed fd 1916
  40. 14:16:42 (41.89 KB/s) - `./sample' saved [102671]
  41.  
  42.  
  43. //retry... 2nd IP (202.180.221.186) http://202.180.221.186:8080/forum/links/column.php
  44.  
  45. HTTP request sent, awaiting response...
  46. ---response begin---
  47. HTTP/1.1 502 Bad Gateway
  48. Server: nginx/1.0.4
  49. Date: Mon, 10 Dec 2012 05:19:00 GMT
  50. Content-Type: text/html; charset=CP-1251
  51. Connection: keep-alive
  52. X-Powered-By: PHP/5.3.18-1~dotdeb.0
  53. Vary: Accept-Encoding
  54. Content-Length: 0
  55. ---response end---
  56. 502 Bad Gateway
  57. Registered socket 1916 for persistent reuse.
  58. Skipping 0 bytes of body: [] done.
  59. 14:21:09 ERROR 502: Bad Gateway. // BHEK is UP in there but not accepting this request..(OVERDUE reference url)
  60.  
  61.  
  62. // retry 3rd (203.80.16.81) http://203.80.16.81:8080/forum/links/column.php
  63. --14:25:14-- http://203.80.16.81:8080/forum/links/column.php
  64. => `./sample'
  65. Connecting to 203.80.16.81:8080... seconds 0.00, Closed fd 1916
  66. failed: Connection refused. // BHEK is INACTIVE
  67.  
  68.  
  69. // retry 4th http://208.87.243.131:8080/forum/links/column.php
  70. --14:26:44-- http://208.87.243.131:8080/forum/links/column.php
  71. => `./sample'
  72. Connecting to 208.87.243.131:8080... seconds 0.00, Closed fd 1916
  73. failed: Connection refused. // BHEK is INACTIVE
  74.  
  75. // retry 5th
  76. --14:28:00-- http://219.255.134.110:8080/forum/links/column.php
  77. => `./sample'
  78. Connecting to 219.255.134.110:8080... seconds 0.00, (TIMEOUT) // BHEK is DOWN/UNEXIST
  79.  
  80. ---
  81. #MalwareMustDie - @unixfreaxjp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!