Changelog spam - inform.htm
Published: 2012/12/03
Chanegelog系のスパムです。これも昔からあるネタです。
たとえばサブジェクトのバリエーションはこんな感じです。
Fwd: Re: changelog UPD. Fwd: Your Changelog UPDATED Fwd: Changelog New Fwd: Re: Changelog as promised (upd.) Re: Fwd: Your Changelog UPDATED Re: Your Changelog Fwd: Changelog 2011 update Fwd: Re: Changelog Oct. Re: Fwd: Your Changelog Re: Fwd: changelog UPD. Fwd: Changelog as promised(updated) Fwd: changelog UPD. Re: Changelog 2011 update
文面はいたってシンプル。
誘導URLの特徴はinform.htm
http://www.hxyyq.com/inform.htm http://www.precisionbuilding.com.au/inform.htm http://scherbininvest.ru/inform.htm http://kvjk.lt/inform.htm
飛ばされる攻撃サイトはここ。
http://podarunoki.ru:8080/forum/links/column.php
改竄されてる一般サイトですが今回は中国が多いですかね。
domain | IP | 逆引き | AS | AS name | Country |
---|---|---|---|---|---|
giuseppepuopolo.it | 46.16.168.208 | ip-168-208.sn1.7host.com. | 3257 | TINET-BACKBONE_Tinet_SpA | Italy |
www.precisionbuilding.com.au | 207.210.100.66 | explorer.dnsprotect.com. | 3595 | GNAXNET-AS_-_Global_Net_Access_LLC | UnitedStates |
semi-arch.com | 58.215.64.147 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
www.tenjan.com | 61.139.126.97 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
www.xwyjt.com | 116.254.188.24 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
zjwangdu.com | 58.215.64.147 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
zousuper.gotoip55.com | 118.123.20.111 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
feelingpump.com.cn | 61.152.91.38 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
snfchina.com | 218.83.160.69 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
tcdcgs.com | 218.83.160.69 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
web.986x.com | 218.83.160.69 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
www.banpo.com.cn | 114.80.116.60 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
www.gaoyoudan.com | 61.152.239.145 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
www.toorui.com.cn | 61.152.239.188 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
yz4hospital.com | 61.152.239.145 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
zhaobiao.yaming-lighting.com | 175.102.7.207 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
www.chinargroup.ru | 195.131.162.2 | ieph.ru. | 6690 | WEBPLUS-AS_Web_Plus_ZAO | RussianFederation |
osservatoriosociale.provincia.pistoia.it | 159.213.64.10 | www.provincia.pistoia.it. | 6882 | RTRT-PEGASO_Regione_Toscana | Italy |
scherbininvest.ru | 213.189.197.108 | axx108.distributed.zenon.net. | 6903 | ZENON-AS_ZENON_N.S.P. | RussianFederation |
oginomorihoikuen.com | 157.7.144.5 | www.gmoserver.jp. | 7506 | INTERQ_GMO_InternetInc | Japan |
www.sanahealth.com.hk | 202.181.165.91 | cix091.tsimtung.com. | 7540 | HKCIX-AS-AP_HongKong_Commercial_Internet_Exchange | HongKong |
www.real80.nl | 176.62.198.31 | NONE | 8315 | ARGEWEB-AS_Amsio_B.V. | Netherlands |
chaikot.ru | 81.177.140.172 | NONE | 8342 | RTCOMM-AS_OJSC_RTComm.RU | RussianFederation |
tv-orion.ru | 81.177.6.223 | srv3-h-st.jino.ru. | 8342 | RTCOMM-AS_OJSC_RTComm.RU | RussianFederation |
www.varelaaldia.com.ar | 201.235.253.66 | sfa66.servidoraweb.net. | 10318 | CABLEVISION_S.A. | Argentina |
www.esp.mg.gov.br | 200.198.55.34 | saturno.esp.mg.gov.br. | 10670 | PRODEMGE_Cia._Processamento_Dados_MG | Brazil |
cms.mpi-systems.pl | 79.96.88.133 | v073285.home.net.pl. | 12824 | HOMEPL-AS_home.pl_sp._z_o.o. | Poland |
sbait.eu | 79.96.47.7 | v062745.home.net.pl. | 12824 | HOMEPL-AS_home.pl_sp._z_o.o. | Poland |
www.kansai.com.ar | 23.23.211.79 | ec2-23-23-211-79.compute-1.amazonaws.com. | 14618 | AMAZON-AES_-_Amazon.com_Inc. | UnitedStates |
xmlintongtrade.com | 8.8.8.8 | google-public-dns-a.google.com. | 15169 | GOOGLE_-_Google_Inc. | UnitedStates |
www.bhc.co.rs | 217.26.70.77 | NONE | 15982 | VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37 | Serbia |
361degrees.net.in | 180.179.207.87 | NONE | 17439 | NETMAGIC-AP_Netmagic_Datacenter_Mumbai | India |
mthai.jobjob.co.th | 202.60.207.21 | NONE | 17887 | STT-AS-TH-AP_i-STT_Nation_Ltd. | Thailand |
8158buy.com | 115.47.111.76 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
97bike.com | 203.158.16.75 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
hytfgasses.com | 61.4.83.32 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
vu-buttonbadges.com | 61.4.83.39 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.dtrcgl.com | 115.47.69.129 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.hxyyq.com | 203.158.16.15 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.hzhuali.cn | 203.158.16.75 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.tuscc.cn | 61.4.83.32 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
xibeiwa.com | 115.47.67.202 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.hotechedge.com | 81.21.75.64 | NONE | 20738 | AS20738_Webfusion_Internet_Solutions | UnitedKingdom |
forecon.hk | 216.40.223.68 | ev1s-216-40-223-68.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates |
www.corisdelecuador.com | 64.46.67.186 | NONE | 23216 | MEGADATOS_S.A. | UnitedStates |
www.frenchresidence.com.au | 202.60.94.216 | shine.shinemultimedia.com.au. | 24238 | DEDICATED-SERVERS-BNE-AS-AP_Dedicated_Servers_-_Brisbane | Australia |
benztheskull.altervista.org | 188.40.83.138 | ns79.altervista.org. | 24940 | HETZNER-AS_Hetzner_Online_AG_RZ | Germany |
powerprinter.com.ar | 200.58.114.77 | murcia.dattaweb.com. | 27823 | Dattatec.com | Argentina |
www.roztoczetomaszowskie.pl | 82.96.94.2 | baldur.vel.pl. | 29686 | PROBENETWORKS-AS_Probe_Networks | Germany |
www.lwwbx.net | 173.254.227.237 | NONE | 29761 | OC3-NETWORKS-AS-NUMBER_-_OC3_Networks_&_Web_Solutions_LLC | UnitedStates |
qualitycounter.com | 208.131.133.67 | 208.131.133.67.west-datacenter.net. | 29854 | WESTHOST_-_WestHost_Inc. | UnitedStates |
luvtheskinyouarein.com | 64.29.151.221 | hostedc40.carrierzone.com. | 30447 | INFB2-AS_-_InternetNamesForBusiness.com | UnitedStates |
www.camelieantiche.com | 62.149.140.13 | webx3.aruba.it. | 31034 | ARUBA-ASN_Aruba_S.p.A. | Italy |
www.perledabruzzo.it | 62.149.140.191 | webx181.aruba.it. | 31034 | ARUBA-ASN_Aruba_S.p.A. | Italy |
www.quattrodonneincanto.it | 62.149.140.228 | webx218.aruba.it. | 31034 | ARUBA-ASN_Aruba_S.p.A. | Italy |
genetics.kemsu.ru | 82.179.12.253 | web1.kemsu.ru. | 34707 | KEMSU-AS_State_Educational_Institution_of_higher_professional_Education__Kemerovo_State_University_ | RussianFederation |
www.pscmconnect.org | 198.58.82.140 | stats.antelope.arvixe.com. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates |
ihealth.org.zm | 196.12.12.88 | ns4.iconnect.zm. | 36959 | afczas | Zambia |
shopfanxian.com | 116.255.205.70 | NONE | 37943 | CNNIC-GIANT_ZhengZhou_GIANT_Computer_Network_Technology_Co._Ltd | China |
www.abclook.com | 42.121.0.228 | NONE | 37963 | CNNIC-ALIBABA-CN-NET-AP_Alibaba_(China)_Technology_Co._Ltd. | China |
boutique.bt-studio.fr | 81.88.48.95 | NONE | 39729 | REGISTER-AS_Register.IT_S.p.A. | Italy |
localand.cionir.fr | 81.88.48.95 | NONE | 39729 | REGISTER-AS_Register.IT_S.p.A. | Italy |
breadnbutter.cn | 112.126.218.124 | ip112.hichina.com. | 45096 | CNNIC-ALIBABA-BJ-NET-AP_Alibaba_(Beijing)_Technology_Co._Ltd. | China |
alphabetalent.vn | 112.213.89.98 | ns8998.dotvndns.vn. | 45544 | PAVIETNAM-AS-VN_PAVIETNAM_Co.Ltd | Vietnam |
www.nghiphu.vn | 112.213.89.47 | ns8947.dotvndns.vn. | 45544 | PAVIETNAM-AS-VN_PAVIETNAM_Co.Ltd | Vietnam |
bracodimitrijevic.com | 173.254.28.145 | just145.justhost.com. | 46606 | BLUEHOST-AS-2_-_Unified_Layer | UnitedStates |
mainframewizard.com | 66.147.244.107 | box807.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Unified_Layer | UnitedStates |
kvjk.lt | 79.98.24.19 | smauglys.serveriai.lt. | 47205 | HOSTEX_UAB_HOSTEX | Lithuania |
by jyake