cNotes 検索 一覧 カテゴリ

3b3.org

Published: 2009/02/24

たぶんインジェクションURLの中で目立っている爆弾系の新しいURLですね。

3bomb.comと3b3.orgには同じIPアドレスが使われています。

 nuclear3.com
 ↓
 3bomb.com
 ↓
 3b3.org
 3b3.org/*.js
 ⇒w.7t43.cn/01/*.htm

whois情報は一部匿名化されてます。

 Domain ID:D155411953-LROR
 Domain Name:3B3.ORG
 Created On:20-Feb-2009 03:14:16 UTC
 Last Updated On:20-Feb-2009 03:14:57 UTC
 Expiration Date:20-Feb-2010 03:14:16 UTC
 Sponsoring Registrar:Spot Domain LLC dba Domainsite.com (R87-LROR)
 Status:TRANSFER PROHIBITED
 Status:ADDPERIOD
 Registrant ID:ds-1128259
 Registrant Name:Protected Domain Services
 Registrant Organization:Protected Domain Services
 Registrant Street1:125 Rampart Way
 Registrant Street2:
 Registrant Street3:
 Registrant City:Denver
 Registrant State/Province:CO
 Registrant Postal Code:80230
 Registrant Country:US

IPはパキスタンのServer4Saleです。ここは最近目立ちますね。

 CustName:   Server4Sale
 Address:    1508-11, Caesars Tower, Shahra-e-Faisal
 City:       Karachi
 StateProv:  
 PostalCode: 00000
 Country:    PK
 RegDate:    2008-12-15
 Updated:    2008-12-15
 
 NetRange:   70.38.99.96 - 70.38.99.103 
 CIDR:       70.38.99.96/29 
 OriginAS:   AS32613
 NetName:    IWEB-HD-T1322CL-1521
 NetHandle:  NET-70-38-99-96-1
 Parent:     NET-70-38-0-0-1
 NetType:    Reassigned
 Comment:    
 RegDate:    2008-12-15
 Updated:    2008-12-15

[カテゴリ:botnet観察日記]

by jyake