D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様7社: 2023/03/09
※2023/03/09 更新
マルウェア感染させると考えられるURLを検知（2023/03/09）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://198[.]46[.]174[.]170/999/vbc[.]exe
hxxp://192[.]3[.]101[.]160/206/vbc[.]exe
hxxp://198[.]46[.]174[.]170/1080/vbc[.]exe
hxxp://23[.]94[.]231[.]188/3131/vbc[.]exe
hxxp://23[.]94[.]231[.]188/31[.]31[.]31[.]doc
hxxp://192[.]3[.]194[.]46/olori[.]exe
hxxp://vaishnavidevelopers[.]co[.]in/p65[.]txt
Agent Tesla


URL
hxxps://niancr[.]world/java/centos/33940/10032b[.]exe
hxxp://193[.]56[.]146[.]218/images/IMG_489440/index[.]php
hxxp://77[.]91[.]78[.]17/0jVu73d/index[.]php
hxxp://94[.]142[.]138[.]182/0jVu73d/index[.]php
Amadey


URL
hxxp://5[.]181[.]80[.]102/ppc
hxxp://5[.]181[.]80[.]102/m68k
hxxp://5[.]181[.]80[.]102/586
hxxp://5[.]181[.]80[.]102/dc
hxxp://5[.]181[.]80[.]102/dss
hxxp://5[.]181[.]80[.]102/sh4
hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]sparc
hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]ppc
hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]mpsl
Bashlite


URL
hxxp://152[.]89[.]196[.]12:82/jquery-3[.]3[.]1[.]min[.]js
hxxps://185[.]11[.]61[.]199/j[.]ad
hxxps://cloudapifirst[.]com/damage/v3[.]12/L3YDJ6WL92RA
hxxps://101[.]43[.]147[.]69/activity
hxxp://119[.]3[.]176[.]226:8888/en_US/all[.]js
hxxps://207[.]148[.]93[.]50/pixel[.]gif
hxxp://101[.]42[.]34[.]190:2222/j[.]ad
hxxp://79[.]137[.]203[.]113/dpixel
hxxp://54[.]36[.]102[.]43:4444/dot[.]gif
hxxp://45[.]128[.]210[.]231:800/cx
hxxps://23[.]95[.]48[.]45:4433/pixel
hxxp://38[.]60[.]49[.]64:10001/www/handle/doc
hxxps://23[.]227[.]196[.]17:445/cs
hxxp://youthconscience[.]com/Remove/x/996NV95ZCC
hxxps://175[.]142[.]139[.]198/g[.]pixel
hxxp://43[.]143[.]63[.]128:55555/dot[.]gif
hxxp://141[.]164[.]35[.]244:8080/__utm[.]gif
hxxps://public[.]dsixonsat[.]com/design/query/9X5M3SOE0F
hxxps://secure[.]dsixonsat[.]com/design/query/9X5M3SOE0F
hxxps://mail[.]dsixonsat[.]com/design/query/9X5M3SOE0F
hxxps://dsixonsat[.]com/design/query/9X5M3SOE0F
hxxp://45[.]32[.]32[.]225/__utm[.]gif
hxxp://43[.]129[.]88[.]120:62088/Uploads/images/malleables/001[.]png
hxxps://kbangbi[.]net:3309/owa/auth[.]owa
hxxps://54[.]36[.]102[.]43/visit[.]js
hxxp://152[.]89[.]196[.]238:92/activity
hxxp://2[.]58[.]82[.]81:8085/IE9CompatViewList[.]xml
hxxps://194[.]135[.]24[.]246/en_US/all[.]js
hxxps://23[.]19[.]58[.]129/Validate/exiar/8GSU9PJ5S3
hxxps://tolanayo[.]com/Validate/exiar/8GSU9PJ5S3
hxxp://194[.]135[.]24[.]246/ca
hxxps://124[.]222[.]3[.]42:4433/j[.]ad
hxxps://212[.]193[.]30[.]14:10443/jquery-3[.]3[.]1[.]min[.]js
hxxp://45[.]88[.]170[.]140:5566/ga[.]js
hxxps://update[.]pwserver[.]top/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://www[.]jquery-cdn[.]cf:8119/dot[.]gif
hxxp://www[.]amazmm[.]live/c/msdownload/update/others/2023/01/29136388_
hxxps://194[.]135[.]104[.]48/dot[.]gif
hxxp://1[.]13[.]80[.]134:8080/dot[.]gif
hxxps://43[.]139[.]166[.]32/j[.]ad
hxxps://45[.]61[.]186[.]108:4433/IE9CompatViewList[.]xml
hxxp://88[.]214[.]27[.]53/dpixel
hxxp://81[.]68[.]136[.]116/pixel
hxxps://45[.]32[.]254[.]178/en_US/all[.]js
hxxps://youthconscience[.]com/Remove/x/996NV95ZCC
hxxps://purpleinfluenceonline[.]com/Set/v5[.]45/M653VW9UHWS
hxxps://20[.]10[.]45[.]194/load
hxxp://103[.]67[.]191[.]89:8080/ga[.]js
hxxps://198[.]52[.]127[.]146:21989/dpixel
hxxp://purpleinfluenceonline[.]com/Set/v5[.]45/M653VW9UHWS
hxxp://119[.]91[.]153[.]107:123/push
hxxp://23[.]105[.]214[.]171:8080/load
hxxps://103[.]42[.]212[.]94/ptj
hxxps://158[.]150[.]11[.]76/ga[.]js
hxxp://47[.]96[.]156[.]250:4445/j[.]ad
hxxp://47[.]95[.]149[.]125:9999/api/logout
hxxp://150[.]158[.]11[.]76:8080/__utm[.]gif
hxxp://124[.]223[.]91[.]53/ga[.]js
hxxp://150[.]158[.]11[.]76/j[.]ad
hxxp://116[.]62[.]218[.]6:2222/match
hxxp://securitysc[.]xyz:8080/IE9CompatViewList[.]xml
hxxp://120[.]48[.]12[.]88:20000/fwlink
hxxp://110[.]41[.]131[.]105:6666/match
hxxp://110[.]41[.]131[.]105:7777/dpixel
hxxp://162[.]19[.]155[.]49:8008/visit[.]js
hxxps://147[.]78[.]47[.]209/j[.]ad
hxxps://103[.]187[.]168[.]153:55915/fwlink
hxxp://45[.]207[.]58[.]57:2090/cx
hxxp://182[.]61[.]6[.]63:9999/ptj
hxxp://147[.]78[.]47[.]209/updates[.]rss
hxxp://140[.]143[.]232[.]178:8082/visit[.]js
hxxps://119[.]91[.]153[.]107:4433/ca
hxxps://imperialback[.]com/Detect/devs/NJYO2MUY4V
hxxp://198[.]148[.]102[.]150:4567/dot[.]gif
Cobalt Strike


URL
hxxp://45[.]63[.]74[.]55/83Video/LineJs/4LinuxPublic/SqlPhpDb/pythonBase/Provider0/BasePrivatedatalife0/GeoBetterasync/Wpwordpress/Generator/Bigloadprivate1/2TrackRequest/6Packet5/phpSecureCpuDbprivate/317f1e761f2faa8da781a4762b9dcc2c5cad209a-d659d96d15c7a1206f44eb36ed72495563140859/
Coinminer


URL
hxxp://lahdlk32[.]top/gate[.]php
CryptBot


URL
hxxp://341560[.]clmonth[.]nyashteam[.]top/nyashsupport[.]php
hxxp://178[.]250[.]158[.]47/prodbootcore/messagerecord/limit/frame/Mathscreen/generatorcore/localloglocalgenerator/Pythongenerator/pluginWarhtopphp/systemmobile/binrecord/Warrecord/traceboot/lineTosecureapi[.]php
DCRat


URL
hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/?140151
hxxp://www[.]189dom[.]com/xue80/C0aJr5tfI5Pvi8m/?140152
hxxp://mtp[.]evotek[.]vn/wp-content/L/?140152
hxxps://www[.]snaptikt[.]com/wp-includes/aM4Cz6wp2K4sfQ/?140152
hxxps://diasgallery[.]com/about/R/?140152
hxxp://139[.]219[.]4[.]166/wp-includes/XXrRaJtiutdHn7N13/?140152
hxxps://diasgallery[.]com/about/R/
hxxp://mtp[.]evotek[.]vn/wp-content/L/
hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/
hxxp://www[.]189dom[.]com/xue80/C0aJr5tfI5Pvi8m/
hxxps://midcoastsupplies[.]com[.]au/configNQS/rGgpv/
hxxps://www[.]snaptikt[.]com/wp-includes/aM4Cz6wp2K4sfQ/
hxxps://midcoastsupplies[.]com[.]au/configNQS/mh7qtrxo/
hxxp://139[.]219[.]4[.]166/wp-includes/XXrRaJtiutdHn7N13/
hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/?141047
hxxps://diasgallery[.]com:443/about/R/
hxxps://baumart[.]lv/wp-admin/S8jHW33QU77gLz/
hxxp://beyond[.]psiloveyou[.]co[.]za/dR05Bvq90dvlsVBzn/
hxxp://3313v[.]com/ki7xh/QpSQfw9CPTFtNs4/
hxxp://melkovsky[.]com/advice/ZRSaP7QA5yTv1fZs/
hxxps://lisaerp[.]com/ncsA/g7zWosP/
hxxp://xinyuhuang[.]com/images/48onjwxGImMdiUx/
hxxp://www[.]dnautik[.]com/wp-includes/UmAJjAP/
hxxps://tatianka[.]com/pub/WJPrHm5OtTt/
hxxp://ali[.]faqun[.]cn/8uhjvgd/nhAOl4DRmdOKz/
hxxp://106[.]54[.]169[.]77/wp-content/yxQWf/
hxxps://tatianka[.]com:443/pub/WJPrHm5OtTt/
hxxp://blog[.]perio[.]com[.]tr/wp-admin/Boo3JTROHh7/
hxxps://acfs-brisbane[.]org[.]au/ARCHIVE/Cen7LJ4iXlpWfb0/
hxxps://diagnostic[.]net/news/5P/
hxxps://besthome[.]kz/docs/xtbWXvPtI0qQM/
hxxps://moiki[.]online/speedsale/XJdpbjT/
hxxp://ly[.]bi3x[.]org/magazini/pWKy5V5/
hxxps://radiomarket[.]shop/catalog_def/6DZvRQnbYvOhjQfMnU/
hxxp://ali[.]faqun[.]cn/8uhjvgd/nhAOl4DRmdOKz/?114352&c=1
hxxp://106[.]54[.]169[.]77/wp-content/yxQWf/?114352&c=1
hxxp://blog[.]perio[.]com[.]tr/wp-admin/Boo3JTROHh7/?114134&c=1
hxxp://www[.]dnautik[.]com/wp-includes/UmAJjAP/?090459&c=1
hxxps://163[.]44[.]196[.]120:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/
hxxps://103[.]132[.]242[.]26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/
hxxp://103[.]132[.]242[.]26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/
hxxps://91[.]121[.]146[.]47:8080/jwthxfret/
hxxps://91[.]121[.]146[.]47:8080/ymnpwdwpx/sospyzw/
hxxps://45[.]235[.]8[.]30:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/
hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ
hxxps://103[.]75[.]201[.]2/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/
hxxps://acfs-brisbane[.]org[.]au/ARCHIVE/dTVHslBcIgEB/
Emotet


URL
hxxps://b847d[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent
FAKEUPDATES


URL
hxxp://truongnoivu-phqn[.]edu[.]vn/media/hansborja2[.]1[.]exe
hxxp://208[.]67[.]105[.]179/handsomezx[.]exe
Formbook


URL
hxxp://124[.]220[.]35[.]63/wait1[.]exe
hxxp://124[.]220[.]35[.]63/KKSEZ1[.]exe
Ghost RAT


URL
hxxps://phelieuthinhvuong[.]com/scarica/cliente[.]zip
hxxps://phelieuthinhvuong[.]com/scarica/impresa[.]zip
hxxps://phelieuthinhvuong[.]com/scarica/AgenziaEntrate[.]zip
hxxps://tcbdining[.]com/scarica/impresa[.]zip
hxxps://tcbdining[.]com/scarica/AgenziaEntrate[.]zip
hxxps://tcbdining[.]com/scarica/cliente[.]zip
hxxps://pretorlex[.]com/scarica/cliente[.]zip
hxxps://pretorlex[.]com/scarica/impresa[.]zip
hxxps://pretorlex[.]com/scarica/AgenziaEntrate[.]zip
hxxps://stuniquehospital[.]com/scarica/impresa[.]zip
hxxps://stuniquehospital[.]com/scarica/AgenziaEntrate[.]zip
hxxps://stuniquehospital[.]com/scarica/cliente[.]zip
hxxps://image-thaihometown[.]com/mise/Contratto[.]zip
hxxps://image-thaihometown[.]com/mise/Normativa[.]zip
hxxps://image-thaihometown[.]com/mise/Gestione[.]zip
hxxps://image-thaihometown[.]com/mise/Cliente[.]zip
hxxps://image-thaihometown[.]com/mise/Servizi[.]zip
hxxps://image-thaihometown[.]com/mise/Disposizioni[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Disposizioni[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Servizi[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Contratto[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Gestione[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Cliente[.]zip
hxxps://servicio[.]asi[.]com[.]uy/mise/Normativa[.]zip
hxxps://threerosesbeauty[.]com/mise/Gestione[.]zip
hxxps://threerosesbeauty[.]com/mise/Normativa[.]zip
hxxps://carrimagerygarage[.]com/scarica/AgenziaEntrate[.]zip
hxxps://carrimagerygarage[.]com/scarica/Direzione[.]zip
hxxps://carrimagerygarage[.]com/scarica/azienda[.]zip
hxxps://carrimagerygarage[.]com/scarica/impresa[.]zip
hxxps://carrimagerygarage[.]com/scarica/contratto[.]zip
hxxps://carrimagerygarage[.]com/scarica/cliente[.]zip
hxxps://medktech[.]com/scarica/azienda[.]zip
hxxps://medktech[.]com/scarica/impresa[.]zip
hxxps://medktech[.]com/scarica/Direzione[.]zip
hxxps://medktech[.]com/scarica/contratto[.]zip
hxxps://medktech[.]com/scarica/AgenziaEntrate[.]zip
hxxps://medktech[.]com/scarica/cliente[.]zip
hxxps://stuniquehospital[.]com/scarica/contratto[.]zip
hxxps://pretorlex[.]com/scarica/contratto[.]zip
hxxps://phelieuthinhvuong[.]com/scarica/azienda[.]zip
hxxps://phelieuthinhvuong[.]com/scarica/contratto[.]zip
hxxps://phelieuthinhvuong[.]com/scarica/Direzione[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/impresa[.]zip
hxxps://crystalcoin[.]cc/scarica/cliente[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/contratto[.]zip
hxxps://pretorlex[.]com/scarica/Direzione[.]zip
hxxps://tcbdining[.]com/scarica/contratto[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/azienda[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/cliente[.]zip
hxxps://stuniquehospital[.]com/scarica/azienda[.]zip
hxxps://stuniquehospital[.]com/scarica/Direzione[.]zip
hxxps://crystalcoin[.]cc/scarica/contratto[.]zip
hxxps://crystalcoin[.]cc/scarica/azienda[.]zip
hxxps://pretorlex[.]com/scarica/azienda[.]zip
hxxps://crystalcoin[.]cc/scarica/Direzione[.]zip
hxxps://tcbdining[.]com/scarica/azienda[.]zip
hxxps://crystalcoin[.]cc/scarica/impresa[.]zip
hxxps://crystalcoin[.]cc/scarica/AgenziaEntrate[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/AgenziaEntrate[.]zip
hxxps://tcbdining[.]com/scarica/Direzione[.]zip
hxxps://kitdigital[.]tecoinfor[.]com/scarica/Direzione[.]zip
Gozi


URL
hxxp://nerf-0148-unknown[.]guru/bot/regex
hxxp://185[.]106[.]92[.]104/bot/regex
hxxp://116[.]202[.]111[.]176/rlmp32wlve[.]dll
Laplas


URL
hxxp://15[.]204[.]49[.]145/files/New1[.]exe
LgoogLoader


URL
hxxp://79[.]110[.]62[.]143/7889/vbc[.]exe
hxxp://185[.]246[.]220[.]60/shen/five/fre[.]php
hxxps://sempersim[.]su/ha23/fre[.]php
hxxp://sempersim[.]su/ha23/fre[.]php
hxxp://penairs[.]ml/Panel/five/PvqDq929BSx_A_D_M1n_a[.]php
LokiBot


URL
hxxp://85[.]239[.]52[.]29/ONT[.]php
hxxp://45[.]66[.]249[.]191/RA[.]php
hxxp://85[.]239[.]52[.]47/TIDC[.]php
QakBot


URL
hxxps://suplv[.]fun/gallery/photo_003[.]exe
hxxps://libnde[.]eu/gallery/photo_004[.]exe
hxxps://tornomoita[.]com/RoMunITrLKUraN4728294[.]exe
hxxps://musivb[.]eu/gallery/photo_004[.]exe
RedLine Stealer


URL
hxxp://15[.]204[.]49[.]145/files/JavHa[.]exe
Rhadamanthys


URL
hxxp://192[.]3[.]101[.]160/205/vbc[.]exe
hxxp://192[.]227[.]162[.]28/mar9/g8ci[.]exe
hxxp://198[.]46[.]174[.]170/1070/vbc[.]exe
Snake Keylogger


URL
hxxps://www[.]imagn[.]world/storage/debug2[.]ps1
Socelars


URL
hxxp://185[.]234[.]247[.]18/mi
hxxp://185[.]234[.]247[.]18/ar
hxxp://185[.]234[.]247[.]18/3
hxxp://185[.]234[.]247[.]18/a
Specter


URL
hxxp://194[.]87[.]71[.]146/00166dce18674502/mozglue[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/vcruntime140[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/softokn3[.]dll
hxxp://194[.]87[.]71[.]146/00166dce18674502/vcruntime140[.]dll
hxxp://194[.]87[.]71[.]146/1ba5bb0d68094a78[.]php
hxxp://194[.]87[.]71[.]146/00166dce18674502/nss3[.]dll
hxxp://194[.]87[.]71[.]146/00166dce18674502/freebl3[.]dll
hxxp://194[.]87[.]71[.]146/00166dce18674502/softokn3[.]dll
hxxp://194[.]87[.]71[.]146/00166dce18674502/sqlite3[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/mozglue[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/sqlite3[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/nss3[.]dll
hxxp://194[.]87[.]71[.]146/00166dce18674502/msvcp140[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/freebl3[.]dll
hxxp://194[.]87[.]71[.]200/00166dce18674502/msvcp140[.]dll
hxxp://194[.]87[.]71[.]200/1ba5bb0d68094a78[.]php
hxxp://37[.]28[.]157[.]52/75c330d4b64e47af[.]php
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/sqlite3[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/mozglue[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/softokn3[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/vcruntime140[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/freebl3[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/nss3[.]dll
hxxp://37[.]28[.]157[.]52/5ad16f419214886f/msvcp140[.]dll
hxxp://94[.]142[.]138[.]163/2b1fd477f413315b[.]php
hxxp://94[.]142[.]138[.]163/ffbd2baf5084a199/sqlite3[.]dll
Stealc




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://198[.]46[.]174[.]170/999/vbc[.]exe hxxp://192[.]3[.]101[.]160/206/vbc[.]exe hxxp://198[.]46[.]174[.]170/1080/vbc[.]exe hxxp://23[.]94[.]231[.]188/3131/vbc[.]exe hxxp://23[.]94[.]231[.]188/31[.]31[.]31[.]doc hxxp://192[.]3[.]194[.]46/olori[.]exe hxxp://vaishnavidevelopers[.]co[.]in/p65[.]txt	Agent Tesla
URL	hxxps://niancr[.]world/java/centos/33940/10032b[.]exe hxxp://193[.]56[.]146[.]218/images/IMG_489440/index[.]php hxxp://77[.]91[.]78[.]17/0jVu73d/index[.]php hxxp://94[.]142[.]138[.]182/0jVu73d/index[.]php	Amadey
URL	hxxp://5[.]181[.]80[.]102/ppc hxxp://5[.]181[.]80[.]102/m68k hxxp://5[.]181[.]80[.]102/586 hxxp://5[.]181[.]80[.]102/dc hxxp://5[.]181[.]80[.]102/dss hxxp://5[.]181[.]80[.]102/sh4 hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]sparc hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]ppc hxxp://46[.]3[.]197[.]29/fuckjewishpeople[.]mpsl	Bashlite
URL	hxxp://152[.]89[.]196[.]12:82/jquery-3[.]3[.]1[.]min[.]js hxxps://185[.]11[.]61[.]199/j[.]ad hxxps://cloudapifirst[.]com/damage/v3[.]12/L3YDJ6WL92RA hxxps://101[.]43[.]147[.]69/activity hxxp://119[.]3[.]176[.]226:8888/en_US/all[.]js hxxps://207[.]148[.]93[.]50/pixel[.]gif hxxp://101[.]42[.]34[.]190:2222/j[.]ad hxxp://79[.]137[.]203[.]113/dpixel hxxp://54[.]36[.]102[.]43:4444/dot[.]gif hxxp://45[.]128[.]210[.]231:800/cx hxxps://23[.]95[.]48[.]45:4433/pixel hxxp://38[.]60[.]49[.]64:10001/www/handle/doc hxxps://23[.]227[.]196[.]17:445/cs hxxp://youthconscience[.]com/Remove/x/996NV95ZCC hxxps://175[.]142[.]139[.]198/g[.]pixel hxxp://43[.]143[.]63[.]128:55555/dot[.]gif hxxp://141[.]164[.]35[.]244:8080/__utm[.]gif hxxps://public[.]dsixonsat[.]com/design/query/9X5M3SOE0F hxxps://secure[.]dsixonsat[.]com/design/query/9X5M3SOE0F hxxps://mail[.]dsixonsat[.]com/design/query/9X5M3SOE0F hxxps://dsixonsat[.]com/design/query/9X5M3SOE0F hxxp://45[.]32[.]32[.]225/__utm[.]gif hxxp://43[.]129[.]88[.]120:62088/Uploads/images/malleables/001[.]png hxxps://kbangbi[.]net:3309/owa/auth[.]owa hxxps://54[.]36[.]102[.]43/visit[.]js hxxp://152[.]89[.]196[.]238:92/activity hxxp://2[.]58[.]82[.]81:8085/IE9CompatViewList[.]xml hxxps://194[.]135[.]24[.]246/en_US/all[.]js hxxps://23[.]19[.]58[.]129/Validate/exiar/8GSU9PJ5S3 hxxps://tolanayo[.]com/Validate/exiar/8GSU9PJ5S3 hxxp://194[.]135[.]24[.]246/ca hxxps://124[.]222[.]3[.]42:4433/j[.]ad hxxps://212[.]193[.]30[.]14:10443/jquery-3[.]3[.]1[.]min[.]js hxxp://45[.]88[.]170[.]140:5566/ga[.]js hxxps://update[.]pwserver[.]top/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://www[.]jquery-cdn[.]cf:8119/dot[.]gif hxxp://www[.]amazmm[.]live/c/msdownload/update/others/2023/01/29136388_ hxxps://194[.]135[.]104[.]48/dot[.]gif hxxp://1[.]13[.]80[.]134:8080/dot[.]gif hxxps://43[.]139[.]166[.]32/j[.]ad hxxps://45[.]61[.]186[.]108:4433/IE9CompatViewList[.]xml hxxp://88[.]214[.]27[.]53/dpixel hxxp://81[.]68[.]136[.]116/pixel hxxps://45[.]32[.]254[.]178/en_US/all[.]js hxxps://youthconscience[.]com/Remove/x/996NV95ZCC hxxps://purpleinfluenceonline[.]com/Set/v5[.]45/M653VW9UHWS hxxps://20[.]10[.]45[.]194/load hxxp://103[.]67[.]191[.]89:8080/ga[.]js hxxps://198[.]52[.]127[.]146:21989/dpixel hxxp://purpleinfluenceonline[.]com/Set/v5[.]45/M653VW9UHWS hxxp://119[.]91[.]153[.]107:123/push hxxp://23[.]105[.]214[.]171:8080/load hxxps://103[.]42[.]212[.]94/ptj hxxps://158[.]150[.]11[.]76/ga[.]js hxxp://47[.]96[.]156[.]250:4445/j[.]ad hxxp://47[.]95[.]149[.]125:9999/api/logout hxxp://150[.]158[.]11[.]76:8080/__utm[.]gif hxxp://124[.]223[.]91[.]53/ga[.]js hxxp://150[.]158[.]11[.]76/j[.]ad hxxp://116[.]62[.]218[.]6:2222/match hxxp://securitysc[.]xyz:8080/IE9CompatViewList[.]xml hxxp://120[.]48[.]12[.]88:20000/fwlink hxxp://110[.]41[.]131[.]105:6666/match hxxp://110[.]41[.]131[.]105:7777/dpixel hxxp://162[.]19[.]155[.]49:8008/visit[.]js hxxps://147[.]78[.]47[.]209/j[.]ad hxxps://103[.]187[.]168[.]153:55915/fwlink hxxp://45[.]207[.]58[.]57:2090/cx hxxp://182[.]61[.]6[.]63:9999/ptj hxxp://147[.]78[.]47[.]209/updates[.]rss hxxp://140[.]143[.]232[.]178:8082/visit[.]js hxxps://119[.]91[.]153[.]107:4433/ca hxxps://imperialback[.]com/Detect/devs/NJYO2MUY4V hxxp://198[.]148[.]102[.]150:4567/dot[.]gif	Cobalt Strike
URL	hxxp://45[.]63[.]74[.]55/83Video/LineJs/4LinuxPublic/SqlPhpDb/pythonBase/Provider0/BasePrivatedatalife0/GeoBetterasync/Wpwordpress/Generator/Bigloadprivate1/2TrackRequest/6Packet5/phpSecureCpuDbprivate/317f1e761f2faa8da781a4762b9dcc2c5cad209a-d659d96d15c7a1206f44eb36ed72495563140859/	Coinminer
URL	hxxp://lahdlk32[.]top/gate[.]php	CryptBot
URL	hxxp://341560[.]clmonth[.]nyashteam[.]top/nyashsupport[.]php hxxp://178[.]250[.]158[.]47/prodbootcore/messagerecord/limit/frame/Mathscreen/generatorcore/localloglocalgenerator/Pythongenerator/pluginWarhtopphp/systemmobile/binrecord/Warrecord/traceboot/lineTosecureapi[.]php	DCRat
URL	hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/?140151 hxxp://www[.]189dom[.]com/xue80/C0aJr5tfI5Pvi8m/?140152 hxxp://mtp[.]evotek[.]vn/wp-content/L/?140152 hxxps://www[.]snaptikt[.]com/wp-includes/aM4Cz6wp2K4sfQ/?140152 hxxps://diasgallery[.]com/about/R/?140152 hxxp://139[.]219[.]4[.]166/wp-includes/XXrRaJtiutdHn7N13/?140152 hxxps://diasgallery[.]com/about/R/ hxxp://mtp[.]evotek[.]vn/wp-content/L/ hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/ hxxp://www[.]189dom[.]com/xue80/C0aJr5tfI5Pvi8m/ hxxps://midcoastsupplies[.]com[.]au/configNQS/rGgpv/ hxxps://www[.]snaptikt[.]com/wp-includes/aM4Cz6wp2K4sfQ/ hxxps://midcoastsupplies[.]com[.]au/configNQS/mh7qtrxo/ hxxp://139[.]219[.]4[.]166/wp-includes/XXrRaJtiutdHn7N13/ hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ/?141047 hxxps://diasgallery[.]com:443/about/R/ hxxps://baumart[.]lv/wp-admin/S8jHW33QU77gLz/ hxxp://beyond[.]psiloveyou[.]co[.]za/dR05Bvq90dvlsVBzn/ hxxp://3313v[.]com/ki7xh/QpSQfw9CPTFtNs4/ hxxp://melkovsky[.]com/advice/ZRSaP7QA5yTv1fZs/ hxxps://lisaerp[.]com/ncsA/g7zWosP/ hxxp://xinyuhuang[.]com/images/48onjwxGImMdiUx/ hxxp://www[.]dnautik[.]com/wp-includes/UmAJjAP/ hxxps://tatianka[.]com/pub/WJPrHm5OtTt/ hxxp://ali[.]faqun[.]cn/8uhjvgd/nhAOl4DRmdOKz/ hxxp://106[.]54[.]169[.]77/wp-content/yxQWf/ hxxps://tatianka[.]com:443/pub/WJPrHm5OtTt/ hxxp://blog[.]perio[.]com[.]tr/wp-admin/Boo3JTROHh7/ hxxps://acfs-brisbane[.]org[.]au/ARCHIVE/Cen7LJ4iXlpWfb0/ hxxps://diagnostic[.]net/news/5P/ hxxps://besthome[.]kz/docs/xtbWXvPtI0qQM/ hxxps://moiki[.]online/speedsale/XJdpbjT/ hxxp://ly[.]bi3x[.]org/magazini/pWKy5V5/ hxxps://radiomarket[.]shop/catalog_def/6DZvRQnbYvOhjQfMnU/ hxxp://ali[.]faqun[.]cn/8uhjvgd/nhAOl4DRmdOKz/?114352&c=1 hxxp://106[.]54[.]169[.]77/wp-content/yxQWf/?114352&c=1 hxxp://blog[.]perio[.]com[.]tr/wp-admin/Boo3JTROHh7/?114134&c=1 hxxp://www[.]dnautik[.]com/wp-includes/UmAJjAP/?090459&c=1 hxxps://163[.]44[.]196[.]120:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/ hxxps://103[.]132[.]242[.]26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/ hxxp://103[.]132[.]242[.]26:8080/rbxfldxgrsfbf/jujecq/arsxtaqmruuplpum/aisjudrqltljeax/ hxxps://91[.]121[.]146[.]47:8080/jwthxfret/ hxxps://91[.]121[.]146[.]47:8080/ymnpwdwpx/sospyzw/ hxxps://45[.]235[.]8[.]30:8080/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/ hxxps://midcoastsupplies[.]com[.]au/configNQS/Es2oE4GEH7fbZ hxxps://103[.]75[.]201[.]2/vrdmtoakonzv/lpyrpszqkwnl/yxwfl/xrqsvqy/ hxxps://acfs-brisbane[.]org[.]au/ARCHIVE/dTVHslBcIgEB/	Emotet
URL	hxxps://b847d[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent	FAKEUPDATES
URL	hxxp://truongnoivu-phqn[.]edu[.]vn/media/hansborja2[.]1[.]exe hxxp://208[.]67[.]105[.]179/handsomezx[.]exe	Formbook
URL	hxxp://124[.]220[.]35[.]63/wait1[.]exe hxxp://124[.]220[.]35[.]63/KKSEZ1[.]exe	Ghost RAT
URL	hxxps://phelieuthinhvuong[.]com/scarica/cliente[.]zip hxxps://phelieuthinhvuong[.]com/scarica/impresa[.]zip hxxps://phelieuthinhvuong[.]com/scarica/AgenziaEntrate[.]zip hxxps://tcbdining[.]com/scarica/impresa[.]zip hxxps://tcbdining[.]com/scarica/AgenziaEntrate[.]zip hxxps://tcbdining[.]com/scarica/cliente[.]zip hxxps://pretorlex[.]com/scarica/cliente[.]zip hxxps://pretorlex[.]com/scarica/impresa[.]zip hxxps://pretorlex[.]com/scarica/AgenziaEntrate[.]zip hxxps://stuniquehospital[.]com/scarica/impresa[.]zip hxxps://stuniquehospital[.]com/scarica/AgenziaEntrate[.]zip hxxps://stuniquehospital[.]com/scarica/cliente[.]zip hxxps://image-thaihometown[.]com/mise/Contratto[.]zip hxxps://image-thaihometown[.]com/mise/Normativa[.]zip hxxps://image-thaihometown[.]com/mise/Gestione[.]zip hxxps://image-thaihometown[.]com/mise/Cliente[.]zip hxxps://image-thaihometown[.]com/mise/Servizi[.]zip hxxps://image-thaihometown[.]com/mise/Disposizioni[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Disposizioni[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Servizi[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Contratto[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Gestione[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Cliente[.]zip hxxps://servicio[.]asi[.]com[.]uy/mise/Normativa[.]zip hxxps://threerosesbeauty[.]com/mise/Gestione[.]zip hxxps://threerosesbeauty[.]com/mise/Normativa[.]zip hxxps://carrimagerygarage[.]com/scarica/AgenziaEntrate[.]zip hxxps://carrimagerygarage[.]com/scarica/Direzione[.]zip hxxps://carrimagerygarage[.]com/scarica/azienda[.]zip hxxps://carrimagerygarage[.]com/scarica/impresa[.]zip hxxps://carrimagerygarage[.]com/scarica/contratto[.]zip hxxps://carrimagerygarage[.]com/scarica/cliente[.]zip hxxps://medktech[.]com/scarica/azienda[.]zip hxxps://medktech[.]com/scarica/impresa[.]zip hxxps://medktech[.]com/scarica/Direzione[.]zip hxxps://medktech[.]com/scarica/contratto[.]zip hxxps://medktech[.]com/scarica/AgenziaEntrate[.]zip hxxps://medktech[.]com/scarica/cliente[.]zip hxxps://stuniquehospital[.]com/scarica/contratto[.]zip hxxps://pretorlex[.]com/scarica/contratto[.]zip hxxps://phelieuthinhvuong[.]com/scarica/azienda[.]zip hxxps://phelieuthinhvuong[.]com/scarica/contratto[.]zip hxxps://phelieuthinhvuong[.]com/scarica/Direzione[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/impresa[.]zip hxxps://crystalcoin[.]cc/scarica/cliente[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/contratto[.]zip hxxps://pretorlex[.]com/scarica/Direzione[.]zip hxxps://tcbdining[.]com/scarica/contratto[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/azienda[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/cliente[.]zip hxxps://stuniquehospital[.]com/scarica/azienda[.]zip hxxps://stuniquehospital[.]com/scarica/Direzione[.]zip hxxps://crystalcoin[.]cc/scarica/contratto[.]zip hxxps://crystalcoin[.]cc/scarica/azienda[.]zip hxxps://pretorlex[.]com/scarica/azienda[.]zip hxxps://crystalcoin[.]cc/scarica/Direzione[.]zip hxxps://tcbdining[.]com/scarica/azienda[.]zip hxxps://crystalcoin[.]cc/scarica/impresa[.]zip hxxps://crystalcoin[.]cc/scarica/AgenziaEntrate[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/AgenziaEntrate[.]zip hxxps://tcbdining[.]com/scarica/Direzione[.]zip hxxps://kitdigital[.]tecoinfor[.]com/scarica/Direzione[.]zip	Gozi
URL	hxxp://nerf-0148-unknown[.]guru/bot/regex hxxp://185[.]106[.]92[.]104/bot/regex hxxp://116[.]202[.]111[.]176/rlmp32wlve[.]dll	Laplas
URL	hxxp://15[.]204[.]49[.]145/files/New1[.]exe	LgoogLoader
URL	hxxp://79[.]110[.]62[.]143/7889/vbc[.]exe hxxp://185[.]246[.]220[.]60/shen/five/fre[.]php hxxps://sempersim[.]su/ha23/fre[.]php hxxp://sempersim[.]su/ha23/fre[.]php hxxp://penairs[.]ml/Panel/five/PvqDq929BSx_A_D_M1n_a[.]php	LokiBot
URL	hxxp://85[.]239[.]52[.]29/ONT[.]php hxxp://45[.]66[.]249[.]191/RA[.]php hxxp://85[.]239[.]52[.]47/TIDC[.]php	QakBot
URL	hxxps://suplv[.]fun/gallery/photo_003[.]exe hxxps://libnde[.]eu/gallery/photo_004[.]exe hxxps://tornomoita[.]com/RoMunITrLKUraN4728294[.]exe hxxps://musivb[.]eu/gallery/photo_004[.]exe	RedLine Stealer
URL	hxxp://15[.]204[.]49[.]145/files/JavHa[.]exe	Rhadamanthys
URL	hxxp://192[.]3[.]101[.]160/205/vbc[.]exe hxxp://192[.]227[.]162[.]28/mar9/g8ci[.]exe hxxp://198[.]46[.]174[.]170/1070/vbc[.]exe	Snake Keylogger
URL	hxxps://www[.]imagn[.]world/storage/debug2[.]ps1	Socelars
URL	hxxp://185[.]234[.]247[.]18/mi hxxp://185[.]234[.]247[.]18/ar hxxp://185[.]234[.]247[.]18/3 hxxp://185[.]234[.]247[.]18/a	Specter
URL	hxxp://194[.]87[.]71[.]146/00166dce18674502/mozglue[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/vcruntime140[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/softokn3[.]dll hxxp://194[.]87[.]71[.]146/00166dce18674502/vcruntime140[.]dll hxxp://194[.]87[.]71[.]146/1ba5bb0d68094a78[.]php hxxp://194[.]87[.]71[.]146/00166dce18674502/nss3[.]dll hxxp://194[.]87[.]71[.]146/00166dce18674502/freebl3[.]dll hxxp://194[.]87[.]71[.]146/00166dce18674502/softokn3[.]dll hxxp://194[.]87[.]71[.]146/00166dce18674502/sqlite3[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/mozglue[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/sqlite3[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/nss3[.]dll hxxp://194[.]87[.]71[.]146/00166dce18674502/msvcp140[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/freebl3[.]dll hxxp://194[.]87[.]71[.]200/00166dce18674502/msvcp140[.]dll hxxp://194[.]87[.]71[.]200/1ba5bb0d68094a78[.]php hxxp://37[.]28[.]157[.]52/75c330d4b64e47af[.]php hxxp://37[.]28[.]157[.]52/5ad16f419214886f/sqlite3[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/mozglue[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/softokn3[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/vcruntime140[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/freebl3[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/nss3[.]dll hxxp://37[.]28[.]157[.]52/5ad16f419214886f/msvcp140[.]dll hxxp://94[.]142[.]138[.]163/2b1fd477f413315b[.]php hxxp://94[.]142[.]138[.]163/ffbd2baf5084a199/sqlite3[.]dll	Stealc

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております