cNotes 検索 一覧 カテゴリ

facebookを騙るスパム - page5.htm

Published: 2012/08/12

観測日: 2012/8/9

通数: 100通/day

手法: 誘導URL型

目的: マルウェア感染

特徴:

サイトに設置されるスクリプトファイルのファイル名が「page5.htm」


文面はよくあるfacebookを騙るタイプ。


誘導URLの例。

 http://4000678351.com/page5.htm
 http://assumptioncathedral.catholic.or.th/webboard/page5.htm
 http://cicegim.com/page5.htm
 http://coctail2go.com/page5.htm
 http://dba.selfip.com/page5.htm
 http://giebultowiczfoto.pl/page5.htm
 http://guyzingui.com/page5.htm
 http://illiyyun.com/page5.htm
 http://iplanit.biz/page5.htm
 http://it-source.ro/tag/sony-ericsson-vivaz/page5.htm
 http://kalkulation-am-bau.de/dump1/page5.htm
 http://linkindians.com/page5.htm
 http://melisjuwelier.de/page5.htm
 http://nagratest.com/page5.htm
 http://nouspouvonsrdc.org/page5.htm
 http://qjsy168.com/page5.htm
 http://ruf-arthen.de/wikidiehl/index.php/page5.htm
 http://ruf-arthende/wikidiehl/index.php/page5.htm
 http://selectprotectnsr.h-wilsonwebsolutions.co.uk/page5.htm
 http://shop.siouxland.dyndns.biz/page5.htm
 http://sh-zhengting.com/page5.htm
 http://sogi.cc/images/page5.htm
 http://sogicc/images/page5.htm
 http://spencergeorge.com/page5.htm
 http://test.blatornet.se/page5.htm
 http://thelivesound.altervista.org/page5.htm
 http://thessalonica.buffalostate.edu/wiki/wikilib.d/page5.htm
 http://twfighter.com/forumdata/page5.htm
 http://westers.se/page5.htm
 http://wwe.akbk.dk/index.php/page5.htm
 http://wwo.org.pk/page5.htm
 http://www.aruna.com.cn/page5.htm
 http://www.bergmannschor-reyershausen.de/page5.htm
 http://www.chspark.com/page5.htm
 http://www.dhyjjw.gov.cn/page5.htm
 http://www.enjhr.com/page5.htm
 http://www.futurexxxstar.net/page5.htm
 http://www.hojaverde.com.ec/page5.htm
 http://www.hundestudio-sibille.ch/page5.htm
 http://www.paintballalliance.com/pixel/page5.htm
 http://www.reiterstaffel-nrw.de/page5.htm
 http://www.szokeihorgaszto.hu/page5.htm
 http://www.tahodigital.rs/page5.htm
 http://www.telagile.com/page5.htm
 http://www.tgfarm.co.rs/page5.htm
 http://www.youmogu.com/page5.htm

ドメインについて。

nameip逆引きASAS nameCountry
nouspouvonsrdc.org66.11.236.16066-11-236-160.managemyvps.com.2044IINET-2044_-_Infinity_Internet_Inc.UnitedStates
www.bergmannschor-reyershausen.de80.150.6.143tld.t-online.de.3320DTAG_Deutsche_Telekom_AGGermany
ruf-arthen.de62.67.244.26s9095.evanzo-server.de.3356LEVEL3_Level_3_CommunicationsGermany
qjsy168.com222.73.178.224mail.shanghai-channel.cn.4812CHINANET-SH-AP_China_Telecom_(Group)China
sh-zhengting.com222.73.178.224mail.shanghai-channel.cn.4812CHINANET-SH-AP_China_Telecom_(Group)China
www.telagile.com61.152.91.38NONE4812CHINANET-SH-AP_China_Telecom_(Group)China
assumptioncathedral.catholic.or.th202.57.128.201petahost1.ns.co.th.7654SIAMGLOBE-AS-AP_Internet_Service_Provider_Co._Ltd.Thailand
melisjuwelier.de87.106.61.239tappisfahrschule.de.8560ONEANDONE-AS_1&1_Internet_AGGermany
kalkulation-am-bau.de80.252.104.229srv3.pob.com.8893ARTFILES-AS_Artfiles_New_Media_GmbHGermany
www.tahodigital.rs217.26.70.86NONE15982VERAT-AS-1_Drustvo_za_telekomunikacije_Verat_d.o.o_Bulevar_Vojvode_Misica_37Serbia
giebultowiczfoto.pl87.98.239.19cluster010.ovh.net.16276OVH_OVH_SystemsPoland
nagratest.com213.186.33.2cluster002.ovh.net.16276OVH_OVH_SystemsFrance
www.aruna.com.cn122.115.36.190NONE17429BGCTVNET_BEIJING_GEHUA_CATV_NETWORK_CO.LTDChina
www.enjhr.com122.115.34.21NONE17429BGCTVNET_BEIJING_GEHUA_CATV_NETWORK_CO.LTDChina
sogi.cc58.64.136.54serv136-54.hkspace.com.hk.17444NWT-AS-AP_AS_number_for_New_World_Telephone_Ltd.HongKong
4000678351.com203.158.16.75NONE17964DXTNET_Beijing_Dian-Xin-Tong_Network_Technologies_Co._Ltd.China
thessalonica.buffalostate.edu136.183.193.201thessalonica.buffalostate.edu.19933BUFFALOSTATE_-_Buffalo_State_CollegeUnitedStates
www.hundestudio-sibille.ch80.74.155.20falkenstein.sui-inter.net.21069ASN-METANET_METANET_AG_SwitzerlandSwitzerland
www.hojaverde.com.ec64.46.67.186NONE23216MEGADATOS_S.A.UnitedStates
www.chspark.com66.79.181.179NONE23338ASN-DCS-01_-_DCS_Pacific_Star_LLCUnitedStates
iplanit.biz72.167.34.121ip-72-167-34-121.ip.secureserver.net.26496AS-26496-GO-DADDY-COM-LLC_-_GoDaddy.com_LLCUnitedStates
www.szokeihorgaszto.hu79.172.211.139m17.maxer.hu.29278DENINET-HU-AS_Deninet_KFTHungary
coctail2go.com91.186.20.67dns2.supremecenter16.co.uk.29550SIMPLYTRANSIT_Simply_Transit_LtdUnitedKingdom
guyzingui.com213.229.112.103NONE29550SIMPLYTRANSIT_Simply_Transit_LtdUnitedKingdom
www.futurexxxstar.net208.53.168.57scratchy.cirtexhosting.com.30058FDCSERVERS_-_FDCservers.netUnitedStates
www.paintballalliance.com216.17.106.207NONE30266A1COLO-COM_-_A1COLO.COMUnitedStates
www.reiterstaffel-nrw.de195.42.120.240hcmg120240.tuxtools.net.31442TERIONS-BLN-AS_Terions_Communication_LtdIreland
wwo.org.pk96.127.146.10node01.tmdhosting116.com.32475SINGLEHOP-INC_-_SingleHopUnitedStates
shop.siouxland.dyndns.biz66.172.212.11466-172-212-114.longlines.com.32867LLI-BLK1_-_Long_Lines_InternetUnitedStates
dba.selfip.com69.181.133.255c-69-181-133-255.hsd1.ca.comcast.net.33651CMCS_-_Comcast_Cable_Communications_Inc.UnitedStates
it-source.ro89.44.47.182182-47-static.mxserver.ro.35818WEBFACTOR-AS_Webfactor_SRLRomania
test.blatornet.se217.70.32.136www1-php5.fordon.levonline.com.41175INTERNETBORDER_Internet_Border_Technolgies_ABSweden
westers.se217.70.32.136www1-php5.fordon.levonline.com.41175INTERNETBORDER_Internet_Border_Technolgies_ABSweden
cicegim.com77.245.149.33srv75626s1.trdns.com.43391NETDIREKT-TR_Netdirekt_A.S.Turkey
illiyyun.com77.245.149.33srv75626s1.trdns.com.43391NETDIREKT-TR_Netdirekt_A.S.Turkey

[カテゴリ:spam観察日記]

by jyake