cNotes 検索 一覧 カテゴリ

Tax Payment Failed - wp-content.htm

Published: 2012/06/15

観測日: 2012/6/14

通数: 200通/day

手法: 誘導URL型

目的: マルウェア感染

特徴:

サイトに設置されるスクリプトファイルのファイル名が「wp-content.htm」

時期にあわせて定期的に流行るTax Payment Failed系。

Fromが最近多いLinkedIn。

  • CVE-2010-1885
  • CVE-2012-0507

こんな文面で。

URLはこんなの。

 http://2029dickens.com/wp-content.htm
 http://alazka.sch.id/wp-content.htm
 http://alliancecencom.com/wp-content.htm
 http://artterra.spb.ru/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://auditoriya.ru/f4ef278680b/wp-content.htm
 http://bekier.com/tamara1/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://blog.iwantallama.info/wp-content.htm
 http://bodyboarding.ro/wp-content.htm
 http://canhviet.vn/admin/tkb_application/plugins/fckeditor/editor/plugins/ajaxfilemanager/inc/wp-content.htm
 http://china-center.kz/wp-content.htm
 http://clubufone.com/static/wp-content.htm
 http://cospunk.com/wp-content.htm
 http://critidos.free.fr/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://crossover-online.de/62f2589eea8cb6d49b8cf35ff9ad36d1/wp-content.htm
 http://crystalare.com/catalog/tmp/wp-content.htm
 http://designlana.com/wp-content.htm
 http://dir.arangam.net/wp-content.htm
 http://dustinsdream.org/wp-content.htm
 http://ebooks.subculture-maniax.com/wp-content.htm
 http://ecademy.plrproducts-kabineti.com/wp-content.htm
 http://eskuvoszerviz.hu/fotok/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://examguru.net/shop/admin/backups/wp-content.htm
 http://exlsoft.com/admin/backups/wp-content.htm
 http://fantalupoasta.altervista.org/WeBid/wp-content.htm
 http://fauxbyjosi.com/gallery/zen/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://foxtuning.com/wp-content.htm
 http://gabriellacilmi.altervista.org/gallery/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://gallery.thuyandsimon.com/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://geekdegeek.fr/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://gerbencadee.nl/wp-content/themes/easyone/report.htm
 http://giggoals.com/wp-content/themes/bukowski/report.htm
 http://gilladogaconstruction.com/wp-content.htm
 http://girlstime.ru/wp-content.htm
 http://goanfoods.com/catalog/admin/images/graphs/wp-content.htm
 http://graphics.paramorespain.com/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://hadzija.rs/wp-content.htm
 http://hktas.org.rs/wp-content.htm
 http://holabandola.me/wp-content.htm
 http://iberianmomentum.com/catalog/images/wp-content.htm
 http://iocs.hu/galeria/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://jan.sierrafan.pl/galeria/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://japanomania.ru/wp-content.htm
 http://kdbhatia.in/wp-content.htm
 http://lnx.cavalieresrl.com/catalog/wp-content.htm
 http://lnx.tonyassante.com/fotolourdes/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://logossm.ru/wp-content.htm
 http://lysithea.fr/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://magicalart.jp/wp-content.htm
 http://mamnonduhangkenh1.edu.vn/js/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://nabegra.com/gallery/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://nextgenintelligence.com/wp-content.htm
 http://obecdrazice.sk/objednavky/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://oblacik.emanuelholub.sk/eshop/images/wp-content.htm
 http://photos.hunterofstories.com/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://polishcooperation.net/wp-content.htm
 http://pragm.ath.cx/twwiki/twwiki/uploads/wp-content.htm
 http://riser-recliner-chairs.co.uk/images/wp-content.htm
 http://risingenergy.com.cn/wp-content.htm
 http://rockhillchiropractic.us/wp-content/plugins/easy-google-analytics-for-wordpress/report.htm
 http://sammooreart.com/wp-content/themes/classic/report.htm
 http://sc-altenmuenster.de/wp-content.htm
 http://shuffle-info.x0.com/dl/wp-content.htm
 http://stanzie.pl/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://stlukesmedcollege.edu.ph/admin/js/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://tabarnhart.net/wp-content.htm
 http://test-hosting-35.wns.fi/wp-content.htm
 http://test.xtrem-sports.org/wp-content.htm
 http://victorandtamira.com/gallery/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://vjuv.com/wp-content.htm
 http://webcal.katemosh.de/includes/wp-content.htm
 http://www.100pour100-photo.com/zenphoto/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.andrewkmitchell.com/blog/wp-content.htm
 http://www.anibut.pl/wp-content.htm
 http://www.asianomadictour.cn/wp-content.htm
 http://www.beatapiekarskadaly.com/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.beolingua.co.rs/wp-content.htm
 http://www.bravar.co.rs/wp-content.htm
 http://www.bricketpellet.com/wp-content.htm
 http://www.budujemydomnadziei.vel.pl/wp-content.htm
 http://www.dancefactory.cc/wp-content.htm
 http://www.danipiva.rs/wp-content.htm
 http://www.delamarepro.com/primesurvival/gallery/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.dmn.rs/wp-content.htm
 http://www.ebele.jp/wp-content.htm
 http://www.elpilarcurico.cl/galerias2/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.elsaver.lv/wp-content.htm
 http://www.ethno.co.rs/wp-content.htm
 http://www.free-web-biz-videos.com/wp-content.htm
 http://www.gerrionophetveld.nl/zenphoto/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.grusch.com/wp-content.htm
 http://www.intercell.rs/wp-content.htm
 http://www.jackandlaura.com/wp-content/plugins/report.htm
 http://www.jaeger-von-fall.de/scripts/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.jankardel.bplaced.net/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.jontki.pl/wp-content.htm
 http://www.kajuete-binsfeld.de/gallery/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.kinderopvangamerongen.nl/zenphoto/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.lngeducation.co.rs/wp-content.htm
 http://www.maribomedico.dk/ajaxfilemanager/jscripts/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.mcbmun.com/wp-content.htm
 http://www.meganklineevents.com/zenphoto/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.minshang.org.cn/wp-content.htm
 http://www.multidruk.net/galeria/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.natashkas.lv/wordpress/wp-content.htm
 http://www.nelsoncomics.com/wp/wp-content/themes/zenphoto/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.nifs.tsinghua.edu.cn/wp-content.htm
 http://www.novafarby.pl/wp-content.htm
 http://www.oldham.infolinia.org/wp-content.htm
 http://www.oratoriomogliano.it/zenphoto/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.orientalrugsofbath.com/admin/backups/wp-content.htm
 http://www.ottzen.com/wp-content/themes/classic/report.htm
 http://www.partizanshooting.rs/wp-content.htm
 http://www.planta-lux.hu/wp-content.htm
 http://www.ples.org.rs/wp-content.htm
 http://www.printech.no/pdf/wp-content.htm
 http://www.profident.rs/en/wp-content.htm
 http://www.romanofoto.altervista.org/zp-core/plugins/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.rvgsigns.com/wp-content/plugins/polldaddy/report.htm
 http://www.sadouti.cn/wp-content.htm
 http://www.sitearena.com/wp-content.htm
 http://www.stacsnc.com/shop/wp-content.htm
 http://www.stefmark.co.rs/wp-content.htm
 http://www.stephkelleyphotography.com/wp-content.htm
 http://www.sus-tec.com/wp-content.htm
 http://www.termotehna-mr.rs/wp-content.htm
 http://www.texing.cc/wp-content.htm
 http://www.thecovenantschool.com/photos/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.theoryphotoart.com/portfolio/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.trainthatcat.com/wp-content/plugins/mass-page-remover/report.htm
 http://www.unesourisetmoi.info/ze/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.universityofsuccess.org/e-shop/catalog/wp-content.htm
 http://www.usp.com.fj/gallery/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.vinilmaster.ru/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.walkinthewild.net/EN/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.wikiimages.org/wp-content/plugins/after-the-deadline/report.htm
 http://www.willsmoody.com/illustration/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://www.winners.co.rs/wp-content.htm
 http://www.yzsk.cn/wp-content.htm
 http://xiaosai.me/wp-content.htm
 http://ybimages.com/gallery/zp-core/zp-extensions/tiny_mce/plugins/ajaxfilemanager/inc/wp-content.htm
 http://zet.valsts.lv/wp-content.htm

そしてここへ。

 http://seledkindoms.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c
 http://seledkindoms.ru:8080/forum/Set.jar

日本を含め世界中のホスティングサービス。。。

domainip逆引きASAS Namecountry
crystalare.com66.11.234.21266-11-234-212.inap.sea.dotster.net.2044IINET-2044_-_Infinity_Internet_Inc.UnitedStates
dustinsdream.org66.11.230.22366-11-230-223.iinet.pdx.dotster.net.2044IINET-2044_-_Infinity_Internet_Inc.UnitedStates
gilladogaconstruction.com66.11.230.16966-11-230-169.iinet.pdx.dotster.net.2044IINET-2044_-_Infinity_Internet_Inc.UnitedStates
xiaosai.me106.187.39.214li382-214.members.linode.com.2516KDDI_KDDI_CORPORATIONJapan
examguru.net65.254.51.162cosmic.dnsprotect.com.3595GNAXNET-AS_-_Global_Net_Access_LLCUnitedStates
designlana.com63.250.48.129unix02.hsphere.cc.4906FDS-01_-_Frontline_Data_Services_IncUnitedStates
webcal.katemosh.de62.112.144.34mail2.kastning.net.5464NETDISCOUNTER_Netdiscounter_GmbH_autonomous_systemGermany
oblacik.emanuelholub.sk217.67.31.3inet.nameserver.sk.5578GTS-SK-AS_GTS_Nextra_a.s.Slovakia
sc-altenmuenster.de81.169.150.81NONE6724STRATO_STRATO_AGGermany
pragm.ath.cx62.99.220.22062.99.220.220.sh.interxion.inode.at.6830UPC_UPC_Broadband_Holding_B.V.Austria
www.dancefactory.cc81.223.232.50a12.lxcluster.at.6830UPC_UPC_Broadband_Holding_B.V.Austria
www.grusch.com81.223.232.50a12.lxcluster.at.6830UPC_UPC_Broadband_Holding_B.V.Austria
clubufone.com210.56.8.89lhr-mail.comsats.net.pk.7590COMSATS_Commission_on_Science_and_Technology_forPakistan
mamnonduhangkenh1.edu.vn123.30.172.179static.vdc.vn.7643VNPT-AS-VN_Vietnam_Posts_and_Telecommunications_(VNPT)Vietnam
www.natashkas.lv213.21.225.60TokRa.Toivo.Lv.8285Versia_LtdLatvia
zet.valsts.lv213.21.225.5iesaku.apmeklet.www.valsts.lv.8285Versia_LtdLatvia
www.bricketpellet.com217.116.47.110woodhorse.snowflake.hu.8358INTERWARE-AS_GTS_Hungary_Tavkozlesi_Ktf.Hungary
www.planta-lux.hu217.116.47.110woodhorse.snowflake.hu.8358INTERWARE-AS_GTS_Hungary_Tavkozlesi_Ktf.Hungary
www.danipiva.rs212.200.56.19cpanel.zrlocal.net.8400TELEKOM-AS_TELEKOM_SRBIJA_a.d.Serbia
riser-recliner-chairs.co.uk194.105.78.45host-45.cvs.sovision.net.8553AVENSYS_Avensys_Networks_LtdUnitedKingdom
iberianmomentum.com217.160.124.245iberianmomentum.com.8560ONEANDONE-AS_1&1_Internet_AGSpain
victorandtamira.com74.208.88.24perfora.net.8560ONEANDONE-AS_1&1_Internet_AGUnitedStates
www.meganklineevents.com74.208.135.124perfora.net.8560ONEANDONE-AS_1&1_Internet_AGUnitedStates
www.unesourisetmoi.info82.165.212.38kundenserver.de.8560ONEANDONE-AS_1&1_Internet_AGGermany
shuffle-info.x0.com59.106.19.18www588.sakura.ne.jp.9370SAKURA-B_SAKURA_Internet_Inc.Japan
ebooks.subculture-maniax.com112.78.112.171www1831.sakura.ne.jp.9371SAKURA-C_SAKURA_Internet_Inc.Japan
magicalart.jp49.212.66.201201.66.212.49.static.www2973m.sakura.ne.jp.9371SAKURA-C_SAKURA_Internet_Inc.Japan
nabegra.com219.94.163.181www1541.sakura.ne.jp.9371SAKURA-C_SAKURA_Internet_Inc.Japan
www.ebele.jp112.78.125.159www2319.sakura.ne.jp.9371SAKURA-C_SAKURA_Internet_Inc.Japan
www.trainthatcat.com184.170.147.128NONE11051CYBERVERSE_-_Cyberverse_Inc.UnitedStates
www.jackandlaura.com184.155.126.211184-155-126-211.cpe.cableone.net.11492CABLEONE_-_CABLE_ONE_INC.UnitedStates
critidos.free.fr212.27.63.159perso159-g5.free.fr.12322PROXAD_Free_SASFrance
www.anibut.pl79.96.124.48v082344.home.net.pl.12824HOMEPL-AS_home.pl_sp._z_o.o.Poland
dir.arangam.net173.245.61.123cf-173-245-61-123.cloudflare.com.13335CLOUDFLARENET_-_CloudFlare_Inc.UnitedStates
dir.arangam.net173.245.61.45cf-173-245-61-45.cloudflare.com.13335CLOUDFLARENET_-_CloudFlare_Inc.UnitedStates
goanfoods.com66.135.55.144web970.linux-hosting.com.13768PEER1_-_Peer_1_Network_Inc.UnitedStates
www.elpilarcurico.cl190.8.110.131NONE14259Gtd_Internet_S.A.Chile
test-hosting-35.wns.fi195.14.15.24NONE15527ANVIA_Anvia_OyjFinland
hadzija.rs217.26.70.83NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
hktas.org.rs217.26.70.74NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.beolingua.co.rs217.26.70.82NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.bravar.co.rs217.26.70.86NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.dmn.rs217.26.70.79NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.ethno.co.rs217.26.70.90NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.intercell.rs217.26.70.84NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.lngeducation.co.rs217.26.70.85NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.partizanshooting.rs217.26.70.80NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.ples.org.rs217.26.70.82NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.profident.rs217.26.70.53NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.stefmark.co.rs217.26.70.75NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.termotehna-mr.rs217.26.70.79NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.winners.co.rs217.26.70.83NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
www.maribomedico.dk86.58.185.214lima.conviator.com.16095JAYNET_jay.net_a/sDenmark
geekdegeek.fr213.186.33.40cluster011.ovh.net.16276OVH_OVH_SystemsFrance
jan.sierrafan.pl91.121.12.127krysinski.com.pl.16276OVH_OVH_SystemsFrance
lysithea.fr213.186.33.17cluster006.ovh.net.16276OVH_OVH_SystemsFrance
stanzie.pl87.98.239.19cluster010.ovh.net.16276OVH_OVH_SystemsPoland
www.100pour100-photo.com213.186.33.19cluster010.ovh.net.16276OVH_OVH_SystemsFrance
www.beatapiekarskadaly.com188.165.21.172europa.host247.pl.16276OVH_OVH_SystemsPoland
www.multidruk.net87.98.239.17cluster006.ovh.net.16276OVH_OVH_SystemsPoland
ybimages.com205.134.253.188biz75.inmotionhosting.com.17139CORPCOLO_-_Corporate_Colocation_Inc.UnitedStates
alazka.sch.id117.102.121.22NONE17451BIZNET-AS-AP_BIZNET_ISPIndonesia
risingenergy.com.cn61.4.83.32NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.asianomadictour.cn203.158.16.75NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.minshang.org.cn115.47.171.7NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.nifs.tsinghua.edu.cn61.4.83.39NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.sadouti.cn115.47.170.87NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.texing.cc203.158.16.72NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
www.yzsk.cn203.158.16.38NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
sammooreart.com69.50.216.149server.umcpro11.com.18866ATJEU_-_atjeu_publishing_llcUnitedStates
www.nelsoncomics.com216.239.138.215216-239-138.215.cluster.omnis.com.19237OMNIS_-_Omnis_Network_LLCUnitedStates
www.willsmoody.com217.10.138.192NONE20547SIXDG-AS_Six_Degrees_Managed_Data_LimitedUnitedKingdom
girlstime.ru81.222.215.84mailmega.beget.ru.20597ELTEL-AS_ELTEL.NET_Autonomous_SystemRussianFederation
japanomania.ru81.222.215.84mailmega.beget.ru.20597ELTEL-AS_ELTEL.NET_Autonomous_SystemRussianFederation
www.orientalrugsofbath.com217.199.162.129lvps217-199-162-129.vps.webfusion.co.uk.20738AS20738_Webfusion_Internet_SolutionsUnitedKingdom
www.sus-tec.com81.21.75.85server57.donhost.co.uk.20738AS20738_Webfusion_Internet_SolutionsUnitedKingdom
www.delamarepro.com87.117.194.93atlantic.tidyhosts.com.20860IOMART-AS_IomartUnitedKingdom
alliancecencom.com174.122.89.43hun.hunterofstories.com.21844THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc.UnitedStates
photos.hunterofstories.com174.122.89.43hun.hunterofstories.com.21844THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc.UnitedStates
stlukesmedcollege.edu.ph174.120.194.2merton.webserversystems.com.21844THEPLANET-AS_-_ThePlanet.com_Internet_Services_Inc.UnitedStates
www.usp.com.fj144.120.8.2belo.usp.ac.fj.24390USP-AS-AP_University_of_the_South_PacificFiji
fantalupoasta.altervista.org213.133.109.72ns121.altervista.org.24940HETZNER-AS_Hetzner_Online_AG_RZGermany
gabriellacilmi.altervista.org78.46.92.147ns87.altervista.org.24940HETZNER-AS_Hetzner_Online_AG_RZGermany
www.jankardel.bplaced.net176.9.52.231server3.bplaced.net.24940HETZNER-AS_Hetzner_Online_AG_RZGermany
www.novafarby.pl46.4.74.241pekin.cal.pl.24940HETZNER-AS_Hetzner_Online_AG_RZGermany
www.romanofoto.altervista.org178.63.47.210ns115.altervista.org.24940HETZNER-AS_Hetzner_Online_AG_RZGermany
www.kajuete-binsfeld.de88.84.128.125v35554.1blu.de.24989IXEUROPE-DE-FRANKFURT-ASN_Equinix_Germany_(Previously_IX_Europe_Germany_AS)Germany
www.kinderopvangamerongen.nl195.74.65.11shared4.isq.aleto.nl.25459NEDZONE-AS_NedZone_Internet_BVNetherlands
logossm.ru90.156.201.108fe.shared.masterhost.ru.25532MASTERHOST-AS_.masterhost_autonomous_systemRussianFederation
logossm.ru90.156.201.37fe.shared.masterhost.ru.25532MASTERHOST-AS_.masterhost_autonomous_systemRussianFederation
logossm.ru90.156.201.68fe.shared.masterhost.ru.25532MASTERHOST-AS_.masterhost_autonomous_systemRussianFederation
logossm.ru90.156.201.79fe.shared.masterhost.ru.25532MASTERHOST-AS_.masterhost_autonomous_systemRussianFederation
2029dickens.com69.163.187.75apache2-echo.minsk.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
blog.iwantallama.info173.236.177.187apache2-grog.alkurud.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
bodyboarding.ro173.236.204.107apache2-cid.alathfar.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
gallery.thuyandsimon.com69.163.242.208apache2-twiddle.epiphone.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
tabarnhart.net173.236.199.14apache2-imp.warsaw.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
test.xtrem-sports.org208.113.201.155apache2-udder.agamemnon.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
www.free-web-biz-videos.com173.236.244.200apache2-snort.luxembourg.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
www.mcbmun.com67.205.50.160apache2-olive.hoffa.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
www.stephkelleyphotography.com69.163.206.175apache2-jolly.tallinn.dreamhost.com.26347DREAMHOST-AS_-_New_Dream_Network_LLCUnitedStates
iocs.hu212.52.167.194fustoss.lanten.hu.28924INTEGRITY-HU-AS_INTEGRITY_Informatics_Ltd.Hungary
www.vinilmaster.ru78.108.90.129NONE29076CITYTELECOM-AS_Citytelecom.ruRussianFederation
eskuvoszerviz.hu87.229.73.237m10.maxer.hu.29278DENINET-HU-AS_Deninet_KFTHungary
ecademy.plrproducts-kabineti.com91.186.20.67dns2.supremecenter16.co.uk.29550SIMPLYTRANSIT_Simply_Transit_LtdUnitedKingdom
www.walkinthewild.net91.186.20.113dns2.supremecenter14.co.uk.29550SIMPLYTRANSIT_Simply_Transit_LtdUnitedKingdom
crossover-online.de82.149.226.21182-149-226-211.static.aixit.com.29551HGCOMP-ASN_Aixit_GmbHGermany
www.budujemydomnadziei.vel.pl82.96.94.80gemini.vel.pl.29686PROBENETWORKS-AS_Probe_NetworksGermany
www.jontki.pl82.96.94.2baldur.vel.pl.29686PROBENETWORKS-AS_Probe_NetworksGermany
giggoals.com174.127.106.167slmp-550-12.slc.westdc.net.29854WESTHOST_-_WestHost_Inc.UnitedStates
bekier.com66.96.131.132132.131.96.66.static.eigbox.net.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
fauxbyjosi.com66.96.147.105105.147.96.66.static.eigbox.net.29873BIZLAND-SD_-_The_Endurance_International_Group_Inc.UnitedStates
foxtuning.com67.159.35.165NONE30058FDCSERVERS_-_FDCservers.netUnitedStates
lnx.cavalieresrl.com62.149.140.76webx66.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
lnx.tonyassante.com62.149.140.46webx36.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
www.oratoriomogliano.it62.149.140.195webx185.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
www.stacsnc.com62.149.140.108webx98.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
www.theoryphotoart.com62.149.140.221webx211.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
www.universityofsuccess.org62.149.140.12webx2.aruba.it.31034ARUBA-ASN_Aruba_S.p.A._-_NetworkItaly
www.thecovenantschool.com69.167.180.90NONE32244LIQUID-WEB-INC_-_Liquid_Web_Inc.UnitedStates
nextgenintelligence.com173.83.48.187NONE32392OPENTRANSFER-ECOMMERCE_-_Ecommerce_CorporationUnitedStates
rockhillchiropractic.us66.116.156.14NONE32392OPENTRANSFER-ECOMMERCE_-_Ecommerce_CorporationUnitedStates
holabandola.me69.175.7.250web82.justhost.com.32475SINGLEHOP-INC_-_SingleHopUnitedStates
exlsoft.com108.163.161.219NONE32613IWEB-AS_-_iWeb_Technologies_Inc.Canada
www.andrewkmitchell.com208.117.46.238NONE32748STEADFAST_-_Steadfast_NetworksUnitedStates
www.jaeger-von-fall.de83.138.64.73jamnet.han-solo.net.34895HOSTNET-DE-AS_hostNET_Medien_GmbHGermany
www.elsaver.lv87.246.135.212NONE35351BASNET-ASBASNETSIA_ASLatvia
graphics.paramorespain.com173.192.131.192173.192.131.192-static.reverse.softlayer.com.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
kdbhatia.in174.37.207.80prodesignz.net.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
www.sitearena.com184.172.171.162184.172.171.162-static.reverse.softlayer.com.36351SOFTLAYER_-_SoftLayer_Technologies_Inc.UnitedStates
cospunk.com122.252.15.229supremecenter300.com.38220SIS-GROUP-SYD-AS-AP_SIS_Group_Datacentre_SydneyAustralia
polishcooperation.net195.114.0.27infolinia.org.41079SUPERHOST-PL-AS_SuperHost.pl_sp._z_o.o.Poland
www.oldham.infolinia.org195.114.0.27infolinia.org.41079SUPERHOST-PL-AS_SuperHost.pl_sp._z_o.o.Poland
auditoriya.ru89.111.176.89fe113-1.hc.ru.41126CENTROHOST-AS_JSC_CentrohostRussianFederation
www.printech.no91.189.121.10NONE42400MULTIHOST-AS_Multihost_IT_ASNorway
artterra.spb.ru78.108.81.40masterito.majordomo.ru.43362MAJORDOMO_MAJORDOMO_LLCRussianFederation
canhviet.vn112.78.6.1919-6-78-112.static.reverse.digipower.vn.45538ODS-AS-VN_Online_data_servicesVietnam
www.rvgsigns.com69.89.27.224box224.bluehost.com.46606BLUEHOST-AS-2_-_Bluehost_Inc.UnitedStates
www.wikiimages.org74.220.215.54host254.hostmonster.com.46606BLUEHOST-AS-2_-_Bluehost_Inc.UnitedStates
vjuv.com79.98.24.11narcizas.serveriai.lt.47205HOSTEX_UAB_HOSTEXLithuania
china-center.kz212.154.192.78vkz8-3.hoster.kz.50482KAZAKHTELECOM-AS_JSC_KazakhtelecomKazakhstan
obecdrazice.sk195.210.29.6tin.websupport.sk.51013WEBSUPPORT-SRO-SK-AS_Websupport_s.r.o.Slovakia
gerbencadee.nl193.202.110.63srv63.one.com.51468ONECOM_One.com_A/SDenmark
www.gerrionophetveld.nl193.202.110.28srv28.one.com.51468ONECOM_One.com_A/SDenmark
www.ottzen.com193.202.110.7srv7.one.com.51468ONECOM_One.com_A/SDenmark

本体の方の一つは、

 domain:        SELEDKINDOMS.RU
 nserver:       ns1.seledkindoms.ru. 62.213.64.161
 nserver:       ns2.seledkindoms.ru. 62.76.189.62
 nserver:       ns3.seledkindoms.ru. 85.214.204.32
 nserver:       ns4.seledkindoms.ru. 50.57.88.200
 nserver:       ns5.seledkindoms.ru. 41.66.137.155
 nserver:       ns6.seledkindoms.ru. 50.57.43.49
 state:         REGISTERED, DELEGATED, UNVERIFIED
 person:        Private Person
 registrar:     NAUNET-REG-RIPN
 admin-contact: https://client.naunet.ru/c/whoiscontact
 created:       2012.06.05
 paid-till:     2013.06.05
 free-date:     2013.07.06
 source:        TCI
IPnameASAS Name
78.83.233.242ns.streambg.net.47366MVN-AS_MVN_Systems_LtdBulgaria
110.234.176.99server-t99.e2enetworks.net.in.37986TULIP_Tulip_Telecom_Ltd.India
173.224.209.130woodstock.unixbsd.info.40676PSYCHZ_-_Psychz_NetworksUnitedStates
213.17.171.186213-17-171-186.ip.netia.com.pl.12741INTERNETIA-AS_Netia_SAPoland

[カテゴリ:spam観察日記]

by jyake