Payroll Account Holded - fmail.htm
Published: 2013/01/13
INTUITを騙るタイプもよく利用されます。
誘導URLは「fmail.htm」。今回のはドキュメントルートにファイルが仕掛けられてます。
http://forum.serialkosci.pl/fmail.htm http://place2rest.ru/fmail.htm http://trinityog.org/fmail.htm
いつものごとく、アクセス元の条件が合えばこういうところへ飛ばされます。
http://dmeiweilik.ru:8080/forum/links/column.php
条件が合わなければgoogleへ。
IPはいつもの使い回しですが、このドメインは既に存在しません。
domain | IP | 逆引き | AS | AS Name | Country |
---|---|---|---|---|---|
proforenses.com | 161.58.212.38 | digi12.securesites.net. | 2914 | NTT-COMMUNICATIONS-2914_-_NTT_America_Inc. | UnitedStates |
theygotskills.com | 192.217.124.206 | host.casasite.net. | 2914 | NTT-COMMUNICATIONS-2914_-_NTT_America_Inc. | UnitedStates |
www.protecciongarantizada.com.co | 161.58.212.38 | digi12.securesites.net. | 2914 | NTT-COMMUNICATIONS-2914_-_NTT_America_Inc. | UnitedStates |
spspp.com | 58.27.56.213 | tigabelas.pelayanweb.com. | 4788 | TMNET-AS-AP_TM_Net_Internet_Service_Provider | Malaysia |
rempark.by | 86.57.246.177 | by104.activeby.net. | 6697 | BELPAK-AS_Republican_Unitary_Telecommunication_Enterprise_Beltelecom | Belarus |
5plus1.psp5.opole.pl | 195.187.31.150 | serwer-24.pl. | 8308 | NASK-COMMERCIAL_NAUKOWA_I_AKADEMICKA_SIEC_KOMPUTEROWA_INSTYTUT_BADAWCZY | Poland |
domondo.ru | 81.177.6.141 | NONE | 8342 | RTCOMM-AS_OJSC_RTComm.RU | RussianFederation |
visaekb.ru | 81.177.6.141 | NONE | 8342 | RTCOMM-AS_OJSC_RTComm.RU | RussianFederation |
ciben.eu | 80.172.241.38 | web14.esoterica.pt. | 8426 | CLARANET-AS_ClaraNET_LTD | Portugal |
www.serfino.de | 82.165.39.55 | serfino.de. | 8560 | ONEANDONE-AS_1&1_Internet_AG | Germany |
me.newerlife.net | 122.155.7.200 | ns1-1557200.dragonhispeed.com. | 9931 | CAT-AP_The_Communication_Authoity_of_Thailand_CAT | Thailand |
www.nimaf.com | 122.155.165.52 | ns1.hostyim.com. | 9931 | CAT-AP_The_Communication_Authoity_of_Thailand_CAT | Thailand |
goldensky.eshost.es | 209.190.85.28 | node19.byetcluster.com. | 10297 | ENET-2_-_eNET_Inc. | UnitedKingdom |
mywwig.com | 67.214.173.114 | RNS1.XPLEAGUE.COM. | 12260 | COLOSTORE_-_Colostore.com | UnitedStates |
tooster.pl | 79.96.12.234 | v054082.home.net.pl. | 12824 | HOMEPL-AS_home.pl_sp._z_o.o. | Poland |
domaineforget.cgiquebec.ca | 66.46.171.220 | 66-46-171-220.dedicated.allstream.net. | 15290 | ALLST-15290_-_Allstream_Corp. | Canada |
www.wakfunemesis.fr | 213.186.33.3 | cluster015.ovh.net. | 16276 | OVH_OVH_Systems | France |
beitefloor.com | 61.4.83.32 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
www.xjkzc.com | 203.158.16.38 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
yanlunwood.com | 203.158.16.38 | NONE | 17964 | DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd. | China |
ladies.sg | 96.30.50.220 | host.poweredby.asia. | 19066 | WIREDTREE_-_Cogswell_Enterprises_Inc. | UnitedStates |
petersburg.allenandallen.com | 50.56.89.42 | 50-56-89-42.static.cloud-ips.com. | 19994 | RACKSPACE_-_Rackspace_Hosting | UnitedStates |
forum.bytv.by | 109.254.2.123 | vrozetke.com. | 20590 | DEC-AS_Donbass_Electronic_Communications_Ltd. | Ukraine |
aroundafricasafari.com | 174.123.87.162 | a2.57.7bae.static.theplanet.com. | 21844 | THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc. | UnitedStates |
blueowneripb.altervista.org | 176.9.140.132 | ns159.altervista.org. | 24940 | HETZNER-AS_Hetzner_Online_AG | Germany |
qeh.ir | 176.9.112.226 | static.226.112.9.176.clients.your-server.de. | 24940 | HETZNER-AS_Hetzner_Online_AG | Germany |
www.appleforum.gr | 5.9.205.198 | accesspointbox.access-point.gr. | 24940 | HETZNER-AS_Hetzner_Online_AG | Germany |
yotabit.ru | 89.109.237.19 | NONE | 25515 | CTCNET-AS_OJSC_Rostelecom | RussianFederation |
textilim.ru | 212.193.224.57 | narprod.nichost.ru. | 25535 | ASN-RUCENTER-HOSTING_Autonomous_Non-commercial_Organization__Regional_Network_Information_Center_ | RussianFederation |
ness.3fivedesigns.com | 69.163.209.148 | ps18306.dreamhost.com. | 26347 | DREAMHOST-AS_-_New_Dream_Network_LLC | UnitedStates |
www.nashvillefloodcleanup.net | 69.163.217.85 | ps18253.dreamhost.com. | 26347 | DREAMHOST-AS_-_New_Dream_Network_LLC | UnitedStates |
dacomp.info | 189.113.2.194 | hw4.webservidor.net. | 28209 | Brazil | |
www.mirada-travel.ru | 217.29.51.172 | zeus2.travelsoft.ru. | 29053 | TELENET-JSC-AS_Telenet_Ltd. | RussianFederation |
moveme.org | 74.209.248.5 | voda22.vodahost22.com. | 29944 | LATISYS-ASHBURN_-_Latisys-Ashburn_LLC | Singapore |
kokete.ru | 77.221.130.40 | srv040.infobox.ru. | 30968 | INFOBOX-AS_Infobox.ru_Autonomous_System | RussianFederation |
www.prachinburi.mol.go.th | 115.31.136.62 | NONE | 38794 | BB-BROADBAND-TH-AS-AP_BB-Broadband_Co._Ltd._Transit_AS | Thailand |
pgtandroid.ru | 37.140.193.27 | server39.hosting.reg.ru. | 39134 | SKYMEDIA_United_Network_LLC | RussianFederation |
transplantacija.lv | 94.100.6.171 | NONE | 39201 | IMEPLUSS-AS_IME_PLUSS_Ltd. | Latvia |
www.badoofakers.nl | 88.159.208.176 | 176-208.ftth.onsbrabantnet.nl. | 39309 | EDUTEL-AS_Edutel_B.V. | Netherlands |
forum.cs-zazone.ro | 31.14.179.2 | mercur.paginieuropene.com. | 40975 | CHML-AS_CHML_WEB_SERVICES_SRL | Romania |
e-zorka.pl | 195.114.1.121 | s120.superhost.pl. | 41079 | SUPERHOST-PL-AS_SuperHost.pl_sp._z_o.o. | Poland |
forum.serialkosci.pl | 192.166.218.51 | 192-166-218-51.arpa.teredo.pl. | 41508 | PL-IWACOM-AS_IWACOM_Sp._z_o.o. | Poland |
place2rest.ru | 77.222.40.121 | natal.sweb.ru. | 44112 | SWEB-AS_SpaceWeb_JSC | RussianFederation |
trinityog.org | 173.254.28.66 | just66.justhost.com. | 46606 | UNIFIEDLAYER-AS-1_-_Unified_Layer | UnitedStates |
wanabagool.com | 173.254.28.143 | just143.justhost.com. | 46606 | UNIFIEDLAYER-AS-1_-_Unified_Layer | UnitedStates |
www.theoutriggerway.com | 66.147.244.215 | box715.bluehost.com. | 46606 | UNIFIEDLAYER-AS-1_-_Unified_Layer | UnitedStates |
www.yeoanswers.com | 74.220.219.79 | box479.bluehost.com. | 46606 | UNIFIEDLAYER-AS-1_-_Unified_Layer | UnitedStates |
unbalanced.pz9.ru | 91.223.216.56 | NONE | 46636 | NATCOWEB_-_NatCoWeb_Corp. | Ukraine |
mymanor.lt | 79.98.24.13 | elnias.serveriai.lt. | 47205 | HOSTEX_UAB_HOSTEX | Lithuania |
dmtd.ru | 188.120.39.56 | vip10.deserv.net. | 49189 | RUWEB_Closed_Joint_Stock_Company__RuWeb_ | RussianFederation |
www.mexaimoda.ru | 188.120.39.56 | vip10.deserv.net. | 49189 | RUWEB_Closed_Joint_Stock_Company__RuWeb_ | RussianFederation |
sintec-oil.ru | 188.93.212.150 | cpanel7.logol.ru. | 49352 | LOGOL-AS_LTD_Hosting_Service | RussianFederation |
geilmeisj.nl | 195.211.73.89 | s101.webhostingserver.nl. | 51696 | ANTAGONIST-AS_Antagonist_B.V. | Netherlands |
thedoggiecottage.com | 173.0.139.202 | NONE | 53628 | APYLI-AS_-_Apyl_Inc | UnitedStates |
metin2zone.net | 134.0.10.166 | NONE | 197712 | CDMON_10dence_Hispahard_S.L. | Spain |
by jyake