3322.orgのバリエーション

Web改竄の流行?と同じもので、また、3322.orgのバリエションです。

 e6t.3322.org
 s581.3322.org

 
 e6t.3322.org
 s581.3322.org
 ↓
 www.2009iiii.cn/xxx/xxx.htm
 ↓
 www.712sese.cn/xxx/xxx/htm
 ↓
 www.712sese.cn/ｘｘｘｘｘｘｘｘ
 www.712sese.cn/ｘｘｘｘｘｘｘｘ
 www.712sese.cn/ｘｘｘｘｘｘｘｘ

e6t.3322.orgとs581.3322.orgは同じIPアドレス。

 s581.3322.org.          60      IN      A       70.38.99.97
 
 ;; AUTHORITY SECTION:
 3322.org.               58      IN      NS      ns2.3322.net.
 3322.org.               58      IN      NS      ns1.3322.net.
 
 ;; ADDITIONAL SECTION:
 ns1.3322.net.           58      IN      A       61.177.95.106
 ns2.3322.net.           58      IN      A       60.191.83.242

 e6t.3322.org.           58      IN      A       70.38.99.97
 
 ;; AUTHORITY SECTION:
 3322.org.               90      IN      NS      ns2.3322.net.
 3322.org.               90      IN      NS      ns1.3322.net.
 
 ;; ADDITIONAL SECTION:
 ns1.3322.net.           89      IN      A       61.177.95.106
 ns2.3322.net.           89      IN      A       60.191.83.242

www.712sese.cnと www.2009iiii.cnは同じIPアドレス

 www.712sese.cn.         102     IN      A       59.34.197.115
 
 ;; AUTHORITY SECTION:
 www.712sese.cn.         102     IN      NS      ns.cdnhost.cn.
 www.712sese.cn.         102     IN      NS      ns2.dnsfamily.com.
 www.712sese.cn.         102     IN      NS      ns.dnsfamily.com.
 www.712sese.cn.         102     IN      NS      ns1.dnsfamily.com.
 
 ;; ADDITIONAL SECTION:
 ns.dnsfamily.com.       89      IN      A       125.65.112.26

 www.2009iiii.cn.        70      IN      A       59.34.197.115
 
 ;; AUTHORITY SECTION:
 www.2009iiii.cn.        70      IN      NS      ns.cdnhost.cn.
 www.2009iiii.cn.        70      IN      NS      ns1.dnsfamily.com.
 www.2009iiii.cn.        70      IN      NS      ns.dnsfamily.com.
 www.2009iiii.cn.        70      IN      NS      ns2.dnsfamily.com. 

 ;; ADDITIONAL SECTION:
 ns.dnsfamily.com.       70      IN      A       125.65.112.26
 

レジストラントも同じ人。

 Domain Name: 2009iiii.cn
 ROID: 20090124s10001s55070692-cn
 Domain Status: ok
 Registrant Organization: 王晓峰
 Registrant Name: 王晓峰
 Administrative Email: 610990241@qq.com
 Sponsoring Registrar: 北京万网志成科技有限公司
 Name Server:ns.cdnhost.cn
 Name Server:ns.dnsfamily.com
 Registration Date: 2009-01-24 01:24
 Expiration Date: 2010-01-24 01:24

 Domain Name: 712sese.cn
 ROID: 20090124s10001s55163757-cn
 Domain Status: ok
 Registrant Organization: 王晓峰
 Registrant Name: 王晓峰
 Administrative Email: 610990241@qq.com
 Sponsoring Registrar: 北京万网志成科技有限公司
 Name Server:ns.cdnhost.cn
 Name Server:ns.dnsfamily.com
 Registration Date: 2009-01-24 01:35
 Expiration Date: 2010-01-24 01:35

{category botnet観察日記}

by jyake