cNotes 検索 一覧 カテゴリ

BHEK2関連ですがs002って

Published: 2012/12/06

誘導URLがこのよう感じ。

 http://titusnetworking.com/im.php?s002
 http://www.cregybad.org/track.php?s002
 http://www.rousnay.com/start.php?s002

xxx.phpに関しては他のバリエーションもあるようです。s002は固定。

過去の記録をみるとこのタイプのURLは2012/10/30にごくわずかに観測していた記録がありました。そして12/5から大量に観測してます。

BlackHoleExplotKit2.0(BHEK2)関連ですね。


今回はUSが多いですかね。
nameIP逆引きASAS nameCountry
clintop.com193.193.194.194sleipnir.carrier.kiev.ua.3254LNUA_LN.UA_Ltd.Ukraine
www.commserv.com.sg116.12.233.194dmsvr1sg.commserv.com.3758ERX-SINGNET_SingNetSingapore
sh-zhengting.com222.73.178.224mail.shanghai-channel.cn.4812CHINANET-SH-AP_China_Telecom_(Group)China
innfire.ru195.131.162.2ieph.ru.6690WEBPLUS-AS_Web_Plus_ZAORussianFederation
npftin.spb.ru194.8.181.65vh2.sp.ru.6690WEBPLUS-AS_Web_Plus_ZAORussianFederation
nspedagogov.spb.ru194.8.181.65vh2.sp.ru.6690WEBPLUS-AS_Web_Plus_ZAORussianFederation
tattoo.mieland.net85.214.135.112linuxcounter.net.6724STRATO_STRATO_AGGermany
alexfernandez.es62.101.175.3962.101.175.39.dyn.user.ono.com.6739ONO-AS_Cableuropa_-_ONOSpain
www.kotode.hu195.70.47.138s35.mediacenter.hu.8358INTERWARE-AS_GTS_Hungary_Tavkozlesi_Ktf.Hungary
magnacharta1.org50.21.182.119perfora.net.8560ONEANDONE-AS_1&1_Internet_AGUnitedStates
www.albboas.de62.75.193.165static-ip-62-75-193-165.inaddr.ip-pool.com.8972PLUSSERVER-AS_intergenia_AGGermany
www.bpmchildcare.com202.83.74.23374-233.qivo.net.au.9723ISEEK-AS-AP_ISEEK_LtdAustralia
www.vietnamluxury.vn69.64.71.669-64-71-6.dedicated.abac.net.10316CODERO-AS_-_CoderoUnitedStates
singleposts.com209.217.254.17vps.chorro1.com.11042LANDIS-HOLDINGS-INC_-_Landis_Holdings_IncUnitedStates
greatlakesplastic.com24.39.183.2rrcs-24-39-183-2.nys.biz.rr.com.11351RR-NYSREGION-ASN-01_-_Road_Runner_HoldCo_LLCUnitedStates
ellegisrl.biz62.48.32.160linuxcluster.playnet.it.13284BRT-AS_Brain_Technology_S.p.A.Italy
cinemadenblog.com23.21.115.69ec2-23-21-115-69.compute-1.amazonaws.com.14618AMAZON-AES_-_Amazon.com_Inc.UnitedStates
dimanda.de81.201.154.4ip-81-201-154-4.static.reverse.dsi.net.16205DSINET-ASN_DSI_GmbH_Daten_Service_InformationssystemeGermany
chez-stef.fr213.186.33.2cdn.straweb-consulting.com.customer.cdn.ovh.net.16276OVH_OVH_SystemsFrance
cregybad.org46.105.8.20vps13461.ovh.net.16276OVH_OVH_SystemsFrance
justinbiebercrew.com178.33.228.231ns230652.ovh.net.16276OVH_OVH_SystemsFrance
martynas.me188.165.31.4cluster003.ovh.net.16276OVH_OVH_SystemsFrance
pracowniaprofesja.pl87.98.236.8787-98-236-87.ovh.net.16276OVH_OVH_SystemsPoland
www.cregybad.org46.105.8.20vps13461.ovh.net.16276OVH_OVH_SystemsFrance
www.imteeaz.com178.33.232.2fr3.fodytechnologies.com.16276OVH_OVH_SystemsFrance
arideonline.com205.134.239.195edge25.inmotionhosting.com.17139CORPCOLO_-_Corporate_Colocation_Inc.UnitedStates
freeseosemtraining.com205.134.253.133vps3913.inmotionhosting.com.17139CORPCOLO_-_Corporate_Colocation_Inc.UnitedStates
mobile-pedia.com205.134.253.133vps3913.inmotionhosting.com.17139CORPCOLO_-_Corporate_Colocation_Inc.UnitedStates
vinoblogs.com173.247.254.213ld113.inmotionhosting.com.17139CORPCOLO_-_Corporate_Colocation_Inc.UnitedStates
koleksiartikel.com210.48.154.90euro.centralmalaysia.com.17971TMVADS-AP_TM-VADS_DC_HostingMalaysia
ozon-ru.info81.222.215.135mailwebkrl.beget.ru.20597ELTEL-AS_ELTEL.NET_Autonomous_SystemRussianFederation
www.theironingbasket.com81.21.75.40server55.donhost.co.uk.20738AS20738_Webfusion_Internet_SolutionsUnitedKingdom
titusnetworking.com173.255.201.227li211-227.members.linode.com.21844THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc.UnitedStates
www.rousnay.com174.132.168.222de.a8.84ae.static.theplanet.com.21844THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc.UnitedStates
camcoat.com84.40.2.180lsh508.securepod.com.24679SSERV-AS_Hostway_Deutschland_GmbHEurope
ural.ellips.ru212.193.228.205ellips.nichost.ru.25535ASN-RUCENTER-HOSTING_Autonomous_Non-commercial_Organization__Regional_Network_Information_Center_RussianFederation
family.joeinfo.org173.236.174.104apache2-pat.hartke.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
joeinfo.org173.236.174.104apache2-pat.hartke.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
revelstokealliance.com67.205.50.69ps14978.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
ringtones.joeinfo.org173.236.174.104apache2-pat.hartke.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
tunneltunnel.com69.163.149.213apache2-yak.cavs.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
webcal.joeinfo.org173.236.174.104apache2-pat.hartke.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
blacklatinos.org50.63.35.1p3nlhg298c1298.shr.prod.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
carnerbarzakay.com72.167.131.40p3slh159.shr.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
cleanandgreenclub.com50.63.215.1p3nlhg390c1390.shr.prod.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
linuxsysadmin.org72.167.232.117p3nlh041.shr.prod.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
ucedfoundation.org184.168.56.1p3nlhg250c1250.shr.prod.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
www.candodivas.com184.168.206.1p3nlhg130c1130.shr.prod.phx3.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
www.meepoly.com50.63.41.132ip-50-63-41-132.ip.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
www.chateautelavi.com212.58.108.178host-212-58-108-178.customer.co.ge.28751CAUCASUS-NET-AS_Caucasus_Online_Ltd.Georgia
www.raunistula.fi217.149.52.110web110.webhotelli.fi.29422NBLNETWORKS-AS_Nebula_Oy_Autonomous_SystemFinland
brontespankings.com92.61.154.18792-61-154-187.static.servage.net.29671SERVAGE_Servage_GmbHEurope
qualitycounter.com208.131.133.67208.131.133.67.west-datacenter.net.29854WESTHOST_-_WestHost_Inc.UnitedStates
twincitiesplaygrounds.com65.254.248.22065-254-248-220.yourhostingaccount.com.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
www.andrewkrauseband.com66.96.160.136136.160.96.66.static.eigbox.net.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
www.intentionpieces.com66.96.147.112112.147.96.66.static.eigbox.net.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
www.ultimatespeedacademy.org66.96.132.1414.132.96.66.static.eigbox.net.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
loom.site.aplus.net64.29.151.221hostedc40.carrierzone.com.30447INFB2-AS_-_InternetNamesForBusiness.comUnitedStates
www.supershowbolivia.com67.23.241.179phoenix.imdservices.net.33182DIMENOC_-_HostDime.com_Inc.Bolivia
lifelineeducators.com70.90.116.14570-90-116-145-BusName-summit.co.hfc.comcastbusiness.net.33652CMCS_-_Comcast_Cable_Communications_Inc.UnitedStates
ethioforum.net184.172.211.150win.winks.co.il.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
kingdomlightchurch.co.za50.22.210.114hera.jcwhosting.biz.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
wongapromocode.biz108.167.136.120ns1692.websitewelcome.com.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
www.wongapromocode.biz108.167.136.120ns1692.websitewelcome.com.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
cezas.ismedia.pl46.21.220.244ip-46-21-220-244.nette.pl.39288CZUBYPL-NET_Nette_sp._z_o.o._Autonomous_SystemPoland
wusley.spb.ru213.183.63.3server23.hosting.reg.ru.39792ANDERS-AS_Anders_Telecom_Ltd.RussianFederation
www.lipro2.eu217.112.36.21uvds19.valuehost.ru.40966VALUEHOST-AS_ValuehostUnitedKingdom
effectit.com217.70.33.155www1-php52.stad.levonline.com.41175INTERNETBORDER_Internet_Border_Technolgies_ABSweden
www.europaclub.sk92.240.253.3web3s8.dnsserver.eu.42005LIGHTSTORM-COMMUNICATIONS-SRO-SK-AS_LightStorm_Communications_s.r.o.Slovakia
www.ampajoanmirobcn.cat82.98.131.97d201.dinaserver.com.42612DINAHOSTING-AS_ASN_de_Dinahosting_SLSpain
www.fikraburada.com94.199.206.49srvc49.turhost.com.42807AEROTEK-AS_Aerotek_Bilisim_Taahhut_Sanayi_ve_Ticaret_Limited_SirketiTurkey
french-polishers-london.co.uk77.74.192.20no.rdns-yet.ukservers.com.42831UKSERVERS-AS_UK_Dedicated_Servers_LimitedUnitedKingdom
cemcagkan.com77.245.149.14linmail.mail.trdns.com.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
erdalbalaban.com77.245.149.55host55.b6.nw.com.tr.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
haluwood.com77.245.149.33srv75626s1.trdns.com.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
mutfakdolaplarifiyati.com77.245.154.98host1.trdns.com.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
turkkoleksiyon.com77.245.149.55host55.b6.nw.com.tr.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
vimag.hu87.229.7.250www0.flionet.hu.43711SZERVERNET-HU-AS_Szervernet_Ltd.Hungary
creatorsshop.com69.89.30.3069-89-30-30.unifiedlayer.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
goldinwords.com50.87.114.18950-87-114-189.unifiedlayer.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
haylialyce.com66.147.244.113box813.bluehost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
jessicabennettdesign.com66.147.244.132box832.bluehost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
jumpgreen.org69.89.31.110box310.bluehost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
mentecuantica.com67.20.67.8567-20-67-85.unifiedlayer.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
www.aspbackdoor.com74.220.215.60host260.hostmonster.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
www.haylialyce.com66.147.244.113box813.bluehost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
www.mystickitchen.com173.254.28.41just41.justhost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
www.raftcalgary.com69.89.31.193box393.bluehost.com.46606BLUEHOST-AS-2_-_Unified_LayerUnitedStates
vipglamur.ru194.63.140.55web0115.nthost.ru.50113SUPERSERVERS_SuperServers_LtdRussianFederation
wordpresslayout.nl91.220.37.160ns1.knothev1.nl.50673SERVERIUS-AS_Serverius_Holding_B.V.Netherlands
www.beslenme.tv46.235.13.6546.235.13.65.static.slmhosting.net.56582NETFACTOR-ASN_NETFACTOR_TELEKOMINIKASYON_VE_TEKNOLOJI_HIZMETLERI_SANAYI_VE_JSCTurkey
retrocinemaclub.com91.146.107.31nepal.footholds.net.198047UKWEB-EQX_UK_Webhosting_LtdUnitedKingdom

[カテゴリ:spam観察日記]

by jyake