Copies of Policies ― page-3.htm
Published: 2012/11/28
観測日: 2012/11/27
通数: 100通/day
手法: 誘導URL型
目的: マルウェア感染
この文面に使われているネタも以前同じものがあったと思います。
誘導URLの特徴が
http://www.daytonahomes.ca/page-3.htm http://www.tlmcpj.com/page-3.htm http://www.wawo.cc/page-3.htm
。
飛び先は
http://ganiopatia.ru:8080/forum/links/column.php
です。攻撃は新し目。
踏み台サイトですが、毎度毎度初めて見るホスティングサービスがありますね。
domain | IP | 逆引き | AS | AS name | Country |
---|---|---|---|---|---|
tianyi-china.com | 116.254.188.24 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | China |
ipoem.cca.gov.tw | 210.69.67.12 | NONE | 4782 | GSNET_Data_Communication_Business_Group | Taiwan |
vf.kk.gov.tw | 210.69.67.12 | NONE | 4782 | GSNET_Data_Communication_Business_Group | Taiwan |
www.taimali.gov.tw | 61.60.26.29 | 61-60-26-29.HINET-IP.hinet.net. | 4782 | GSNET_Data_Communication_Business_Group | Taiwan |
www.wawo.cc | 61.152.239.145 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | China |
www.moshi8.com | 114.113.239.50 | NONE | 4847 | CNIX-AP_China_Networks_Inter-Exchange | China |
rioofby.vh35.hoster.by | 93.125.99.4 | vh35.hoster.by. | 6697 | BELPAK-AS_Republican_Association_BELTELECOM | Belarus |
mjm.mezon.ru | 37.77.135.198 | gate-obit.mezon.ru. | 8492 | OBIT-AS_Obit_Telecommunications_St.Petersburg_Russia | RussianFederation |
www.macgregor.edu.hk | 223.255.186.34 | macgregor.edu.hk. | 9381 | NEWTT-IP-AP_Wharf_T&T_Ltd. | HongKong |
www.cmha.ua.edu | 130.160.21.131 | webhost1.ua.edu. | 12173 | UA_-_The_University_of_Alabama | UnitedStates |
www.kovaripatent.hu | 91.82.85.51 | onlinefax.eu. | 12301 | INVITEL_Invitel_Tavkozlesi_Zrt. | Hungary |
blog.ortosultasto.it | 62.48.32.160 | linuxcluster.playnet.it. | 13284 | BRT-AS_Brain_Technology_S.p.A. | Italy |
www.educadog.it | 62.48.32.160 | linuxcluster.playnet.it. | 13284 | BRT-AS_Brain_Technology_S.p.A. | Italy |
www.daytonahomes.ca | 64.56.146.114 | iphost-64-56-146-114.edm.wiband.net. | 15102 | ASN-WIBAND-1_-_WiBand_Communications | Canada |
rezevici-apartmani.com | 217.26.70.79 | NONE | 15982 | VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37 | Serbia |
98903375.p81.sqnet.cn | 203.158.16.66 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
bhdlw.com | 180.86.123.77 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
tmtqtq.com | 115.47.136.102 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.tlmcpj.com | 115.47.69.38 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
oic.com.bd | 81.21.75.85 | server57.donhost.co.uk. | 20738 | AS20738_Webfusion_Internet_Solutions | UnitedKingdom |
www.meteocenter.it | 77.89.7.180 | PTR-77.89.7.180. | 21309 | CASAWEB-AS_ACANTHO_SPA | Italy |
wilsad.cal24.pl | 46.4.74.241 | pekin.cal.pl. | 24940 | HETZNER-AS_Hetzner_Online_AG_RZ | Germany |
www.bioera.it | 62.108.234.203 | NONE | 25518 | ZUCCHETTI-AS_ZUCCHETTI_SPA | Italy |
vdg-el.com | 195.208.0.138 | NONE | 25535 | ASN-RUCENTER-HOSTING_Autonomous_Non-commercial_Organization__Regional_Network_Information_Center_ | RussianFederation |
www.construireavecsaint-gobain.fr | 89.107.174.117 | . | 25593 | LINKBYNET-AS_Linkbynet_S.A | France |
domainmarkets.ru | 217.65.10.37 | NONE | 29076 | CITYTELECOM-AS_Citytelecom.ru | RussianFederation |
cristo-pelli.eu | 82.96.94.35 | thor.vel.pl. | 29686 | PROBENETWORKS-AS_Probe_Networks | Germany |
pszr.info | 77.221.130.27 | srv027.infobox.ru. | 30968 | INFOBOX-AS_Infobox.ru_Autonomous_System | RussianFederation |
nighttraits.net | 199.204.47.194 | shared70.mtl.net.vexxhost.com. | 33028 | THENEBULACLOUD_-_vexxhost | Canada |
rusladoga.ru | 80.93.62.50 | sig.z8.ru. | 35569 | PETERHOST-MOSCOW_Concorde_Ltd. | RussianFederation |
utw.wroclaw.pl | 194.88.154.131 | 194-88-154-131.host.static.webio.pl. | 35787 | IC-AS_Internet_Cafe_uslugi_informatyczne_Miroslaw_Backiel | Poland |
museodecienciasamb.org.mx | 50.97.141.132 | linux.servidor1.net. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates |
sciwoburn.com | 184.173.81.183 | 184.173.81.183-static.reverse.softlayer.com. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | UnitedStates |
www.ftn.pr.ac.rs | 194.9.95.45 | s378.loopia.se. | 39570 | LOOPIA_Loopia_AB | Sweden |
elan_svatky.toronto.raynet.cz | 81.91.222.67 | toronto.raynet.cz. | 39817 | OVANET_Ovanet_a.s. | CzechRepublic |
veg.baxtool.com | 178.20.153.9 | s23.freehost.com.ua. | 42331 | FREEHOST_PE_Freehost | Ukraine |
sorisa.su | 77.222.56.28 | portland.sweb.ru. | 44112 | SWEB-AS_SpaceWeb_JSC | RussianFederation |
sohungry.cn | 66.147.244.152 | box652.bluehost.com. | 46606 | BLUEHOST-AS-2_-_Unified_Layer | UnitedStates |
mixmediagroup.ru | 109.234.152.215 | NONE | 49505 | SELECTEL_Selectel_Ltd. | RussianFederation |
by jyake