D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様1社: 2023/03/15
※2023/03/15 更新
マルウェア感染させると考えられるURLを検知（2023/03/15）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://192[.]119[.]74[.]208/wp[.]exe
Agent Tesla


URL
hxxps://mufibk[.]world/gallery/photo_004[.]exe
hxxps://kifngo[.]world/gallery/photo_004[.]exe
Amadey


URL
hxxp://167[.]235[.]148[.]216/auth
hxxp://176[.]124[.]200[.]101/auth
hxxp://95[.]140[.]158[.]196/auth
hxxp://116[.]203[.]69[.]241/auth
hxxp://77[.]91[.]84[.]147/auth
hxxp://79[.]137[.]204[.]106/auth
Aurora Stealer


URL
hxxp://85[.]31[.]45[.]29/myoffice/index[.]php
hxxp://85[.]31[.]45[.]29/goddid/index[.]php
Azorult


URL
hxxp://195[.]133[.]40[.]45/asdasd[.]ppc
hxxp://195[.]133[.]40[.]45/asdasd[.]sparc
hxxp://195[.]133[.]40[.]45/asdasd[.]arm5
hxxp://195[.]133[.]40[.]45/asdasd[.]mpsl
hxxp://195[.]133[.]40[.]45/asdasd[.]arm4
hxxp://195[.]133[.]40[.]45/asdasd[.]mips
hxxp://195[.]133[.]40[.]45/asdasd[.]arm6
Bashlite


URL
hxxp://43[.]143[.]153[.]235/__utm[.]gif
hxxps://47[.]93[.]60[.]109/IE9CompatViewList[.]xml
hxxp://47[.]103[.]64[.]64:1111/pixel[.]gif
hxxps://fensisup[.]shop:4433/match
hxxp://27[.]122[.]56[.]137:443/components/remove[.]gif
hxxp://143[.]42[.]120[.]56:8084/discussion/mayo-clinic-radio-als/
hxxps://103[.]234[.]72[.]215:9001/fwlink
hxxp://45[.]66[.]159[.]41:4445/en_US/all[.]js
hxxp://143[.]42[.]120[.]56:8086/discussion/mayo-clinic-radio-als/
hxxp://143[.]42[.]120[.]56:48888/hubcap/mayo-clinic-radio-full-shows/
hxxp://13[.]214[.]153[.]85/IE9CompatViewList[.]xml
hxxp://45[.]207[.]58[.]57:2090/j[.]ad
hxxp://vsrssup[.]com/ch[.]html
hxxp://15[.]152[.]246[.]8:50080/broadcast
hxxp://45[.]12[.]131[.]79:8989/pixel[.]gif
hxxp://cs[.]docker-compose-update[.]com:8880/IE9CompatViewList[.]xml
hxxps://47[.]94[.]91[.]32:34231/cm
hxxp://185[.]232[.]92[.]68:10080/www/handle/doc
hxxps://34[.]125[.]190[.]77:5005/dot[.]gif
hxxp://42[.]194[.]197[.]135:88/push
hxxps://43[.]139[.]159[.]179:442/activity
hxxps://vsrssup[.]com/zh
hxxp://185[.]11[.]61[.]199/j[.]ad
hxxp://47[.]102[.]120[.]55:8081/en_US/all[.]js
hxxps://8[.]131[.]118[.]10/activity
hxxp://47[.]102[.]120[.]55:8082/g[.]pixel
hxxps://64[.]176[.]37[.]78:5678/__utm[.]gif
hxxp://179[.]43[.]162[.]31/j[.]ad
hxxp://106[.]52[.]163[.]222:30003/updates[.]rss
hxxps://43[.]136[.]134[.]43/j[.]ad
hxxps://101[.]43[.]165[.]220/ce[.]css
hxxp://23[.]105[.]214[.]171:8080/__utm[.]gif
hxxp://171[.]22[.]30[.]252/j[.]ad
hxxps://124[.]222[.]143[.]27:10443/api/getit
hxxp://198[.]148[.]102[.]150:4567/g[.]pixel
hxxp://206[.]223[.]33[.]170/updates[.]rss
hxxp://5[.]8[.]18[.]112/j[.]ad
hxxps://82[.]157[.]75[.]169/pixel[.]gif
hxxp://180[.]76[.]161[.]95/IE9CompatViewList[.]xml
hxxp://8[.]131[.]118[.]10/pixel
hxxp://dyshangcheng[.]info:8888/push
hxxp://101[.]43[.]165[.]220/ce[.]css
hxxps://cdn[.]contentsecure[.]net/jquery-3[.]3[.]1[.]min[.]js
hxxp://set[.]hik[.]icu/pixel[.]gif
hxxp://47[.]113[.]147[.]223:801/ca
hxxps://47[.]98[.]173[.]89/ca
hxxps://43[.]143[.]18[.]98:44323/ptj
hxxps://45[.]227[.]252[.]243/push
hxxp://121[.]4[.]59[.]117:9993/updates[.]rss
hxxp://91[.]206[.]93[.]139/jquery-3[.]3[.]1[.]min[.]js
hxxp://47[.]115[.]210[.]110:8080/load
hxxp://95[.]214[.]27[.]59:8877/ga[.]js
Cobalt Strike


URL
hxxp://ernjxs12[.]top/gate[.]php
hxxp://ernlen22[.]top/gate[.]php
CryptBot


URL
hxxp://62[.]109[.]31[.]200/bootscriptPref/prodServer/scripttracegameMath/game/prodbootCamlimit/plugin/screenbinmobile/prodbin/MathPython/prod/screencutPython/vmTraffic[.]php
hxxp://77[.]91[.]77[.]179/2/Geotrafficwp[.]php
hxxp://185[.]143[.]220[.]212/eternalflowertrack[.]php
DCRat


URL
hxxp://185[.]227[.]152[.]83/ssshd
hxxp://185[.]227[.]152[.]83/sshd
Dofloo


URL
hxxps://4fly[.]su/search/NrRU1QOR77up6YK5/
hxxp://tnsukbi[.]ac[.]th/assets/aNjY9A7LhUg/
hxxps://4fly[.]su:443/search/NrRU1QOR77up6YK5/
hxxp://xn----7sbfecm2ak0azy[.]xn--p1ai/examples1/8V2sHugKijs/
hxxp://xn--j1aadhdbbpr7hb[.]xn--p1ai/answer/xLtp8Rcegl15zK8B03m/
hxxps://res-energo[.]pro/search/ZTyxuAVvotJXUv/
hxxps://bbvoyage[.]com/useragreement/wT3Xx3Yg4SF3Oou/
hxxp://www[.]dnautik[.]com/wp-includes/2KIUhNvW5/
hxxps://xyktza[.]nbxyk[.]net/bwzysov/index/X3hFHbueMtgoEi/etaJ35/
hxxp://rref[.]su/uchastniki/rNNdVArBjNc100n3p/
hxxp://mealux[.]by/pab4/wxuGxcqF85M/
hxxp://abrokov[.]com/lang/SZnqErcEtuE/
hxxp://api[.]660011[.]cc/wp-includes/b028GIRSxa4lY/
hxxp://www[.]garrett[.]kz/faq/B0faEHvS9msSo9xbVe/
hxxp://arlex[.]su/services/IE2h6fBsQRQOhHBI691U/
Emotet


URL
hxxp://84[.]38[.]133[.]20/mon/monnn[.]exe
hxxp://jsrmach[.]com/wp-admin/gcoder[.]exe
Formbook


URL
hxxp://124[.]220[.]35[.]63/103[.]exe
hxxp://124[.]220[.]35[.]63/669[.]exe
hxxp://124[.]220[.]35[.]63/niubi[.]exe
hxxp://124[.]220[.]35[.]63/9666[.]exe
hxxp://124[.]220[.]35[.]63/xinxin[.]exe
Ghost RAT


URL
hxxps://zoltan-acs[.]com/scarica/azienda[.]zip
hxxps://zoltan-acs[.]com/scarica/Agenzia[.]zip
hxxps://zoltan-acs[.]com/scarica/contratto[.]zip
hxxps://zoltan-acs[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://zoltan-acs[.]com/scarica/cliente[.]zip
hxxps://zoltan-acs[.]com/scarica/Direzione[.]zip
hxxps://zoltan-acs[.]com/scarica/marzo[.]zip
hxxps://zoltan-acs[.]com/scarica/impresa[.]zip
hxxps://barsamweb[.]com/scarica/Agenzia[.]zip
hxxps://pooramkuries[.]com/scarica/Agenzia[.]zip
hxxps://barsamweb[.]com/scarica/impresa[.]zip
hxxps://pooramkuries[.]com/scarica/azienda[.]zip
hxxps://barsamweb[.]com/scarica/contratto[.]zip
hxxps://pooramkuries[.]com/scarica/cliente[.]zip
hxxps://rayzahna[.]com/scarica/azienda[.]zip
hxxps://barsamweb[.]com/scarica/Direzione[.]zip
hxxps://barsamweb[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://pooramkuries[.]com/scarica/contratto[.]zip
hxxps://barsamweb[.]com/scarica/marzo[.]zip
hxxps://pooramkuries[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://barsamweb[.]com/scarica/cliente[.]zip
hxxps://barsamweb[.]com/scarica/azienda[.]zip
hxxps://pooramkuries[.]com/scarica/marzo[.]zip
hxxps://pooramkuries[.]com/scarica/Direzione[.]zip
hxxps://pooramkuries[.]com/scarica/impresa[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/contratto[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/Agenzia[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/azienda[.]zip
hxxps://rayzahna[.]com/scarica/marzo[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/impresa[.]zip
hxxps://rayzahna[.]com/scarica/impresa[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/Direzione[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/cliente[.]zip
hxxps://rayzahna[.]com/scarica/Direzione[.]zip
hxxps://rayzahna[.]com/scarica/contratto[.]zip
hxxps://rayzahna[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://rayzahna[.]com/scarica/cliente[.]zip
hxxps://rayzahna[.]com/scarica/Agenzia[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/marzo[.]zip
hxxp://alemaanwebtv[.]net/connect/index[.]php
hxxps://lucas-tilsner[.]de/connect/index[.]php
hxxp://balneario[.]tissotodontologia[.]com[.]br/connect/index[.]php
hxxp://somautomotivorj[.]com[.]br/connect/index[.]php
hxxps://reasonartit[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://reasonartit[.]com/scarica/Direzione[.]zip
hxxps://reasonartit[.]com/scarica/Agenzia[.]zip
hxxps://dailyushistory[.]com/scarica/Agenzia[.]zip
hxxps://reasonartit[.]com/scarica/contratto[.]zip
hxxps://reasonartit[.]com/scarica/marzo[.]zip
hxxps://reasonartit[.]com/scarica/cliente[.]zip
hxxps://dailyushistory[.]com/scarica/contratto[.]zip
hxxps://dailyushistory[.]com/scarica/Direzione[.]zip
hxxps://reasonartit[.]com/scarica/impresa[.]zip
hxxps://dailyushistory[.]com/scarica/azienda[.]zip
hxxps://reasonartit[.]com/scarica/azienda[.]zip
hxxps://dailyushistory[.]com/scarica/marzo[.]zip
hxxps://dailyushistory[.]com/scarica/Agenzia_Entrate[.]zip
hxxps://dailyushistory[.]com/scarica/impresa[.]zip
hxxps://dailyushistory[.]com/scarica/cliente[.]zip
hxxps://www[.]admin-sense[.]com/connect/index[.]php
hxxp://itsghp[.]com/connect/index[.]php
hxxp://tjsai[.]ch/connect/index[.]php
hxxps://dailyushistory[.]com/scarica/AgenziaEntrate[.]zip
hxxps://trungtambaohanhmaylanh[.]com/scarica/AgenziaEntrate[.]zip
hxxps://barsamweb[.]com/scarica/AgenziaEntrate[.]zip
hxxps://pooramkuries[.]com/scarica/AgenziaEntrate[.]zip
hxxps://rayzahna[.]com/scarica/AgenziaEntrate[.]zip
hxxps://zoltan-acs[.]com/scarica/AgenziaEntrate[.]zip
hxxps://reasonartit[.]com/scarica/AgenziaEntrate[.]zip
hxxp://puwasit[.]lab[.]cvc[.]ac[.]th/connect/index[.]php
hxxp://befizzi[.]de/connect/index[.]php
hxxps://noithatxuanchien[.]com/connect/index[.]php
hxxp://threerosesbeauty[.]com/connect/index[.]php
Gozi


URL
hxxps://anydeskremote[.]shop/MHFNV-AnyDesk[.]zip
hxxp://anydeskremote[.]shop/MHFNV-AnyDesk[.]zip
hxxps://downloadanydesk[.]info/MHFNV-AnyDesk[.]zip
lampion


URL
hxxp://185[.]246[.]220[.]60/cbn/five/fre[.]php
hxxps://sempersim[.]su/hb1/fre[.]php
hxxp://68[.]183[.]13[.]128/?page_id=6303
hxxp://sempersim[.]su/hb1/fre[.]php
hxxps://sempersim[.]su/hb2/fre[.]php
hxxp://sempersim[.]su/hb2/fre[.]php
hxxp://68[.]183[.]13[.]128/?page_id=215360
hxxp://185[.]246[.]220[.]85/king/five/fre[.]php
LokiBot


URL
hxxp://117[.]253[.]106[.]168:59689/Mozi[.]m
hxxp://112[.]239[.]71[.]35:32929/Mozi[.]m
Mozi


URL
hxxps://esrarengo[.]com/lKC6Pyy/120
hxxps://insurancegag[.]com/oq/oq[.]js?
hxxps://gepex[.]ma/oee/oee[.]js?
hxxps://chiomadigitalconsultant[.]com[.]ng/iq/iq[.]js?
hxxps://burnandsweat[.]com/ia/ia[.]js
hxxps://classified[.]com[.]bd/ti/ti[.]js?
hxxps://moviprime[.]com/tig/tig[.]js?
hxxps://elanis-dz[.]org/kmj2/120
hxxps://maanstores[.]com/HoB/120
hxxps://ltrain[.]ir/rl/rl[.]js
hxxps://sunflexpackagers[.]com/odtm/odtm[.]js
hxxps://radioskn[.]com/qeeo/qeeo[.]js
hxxps://scmsgroup[.]org/et/et[.]js
hxxps://moglowskincare[.]com/qap/qap[.]js
hxxps://ric-finanz[.]com/um/um[.]js
hxxps://kingspartypromotions[.]com/sibi/sibi[.]js
hxxps://mgpconsulting[.]com[.]mx/eia/eia[.]js
hxxps://cloudzsoft[.]com/daee/daee[.]js
hxxps://majlissala[.]ma/eusn/eusn[.]js
hxxp://newzblogzart410[.]cf/erdc/erdc[.]js
hxxps://hagere[.]et/ldoo/ldoo[.]js
hxxps://drraducampeanu[.]ro/rnu/rnu[.]js
hxxp://newzblogzart412[.]cf/nmo/nmo[.]js
hxxps://osamasabir[.]com/teto/teto[.]js
hxxps://handikaputra[.]my[.]id/iemn/iemn[.]js
hxxps://essperu[.]com[.]pe/uaep/uaep[.]js
hxxps://nusatoyota[.]co[.]id/teev/teev[.]js
hxxps://impresstv[.]net/sl/sl[.]js
hxxps://hikersband[.]sa/io/io[.]js
hxxps://chiomadigitalagency[.]com[.]ng/ait/ait[.]js
hxxps://hmbconstructions[.]com/umn/umn[.]js
hxxps://majesticmicalhotel[.]com/otsp/otsp[.]js
hxxps://gepex[.]ma/oee/oee[.]js
hxxps://harsh24[.]ml/ixn/ixn[.]js
hxxps://dankard[.]com[.]ng/tuaa/tuaa[.]js
hxxps://p-alwatany-ps[.]com/eioo/eioo[.]js
hxxps://greatermen[.]com/eqpu/eqpu[.]js
hxxps://borsystemslimited[.]com/mno/mno[.]js
hxxps://security-audit-internal-audit[.]com/mei/mei[.]js
hxxp://newzblogzart592[.]cf/le/le[.]js
hxxps://hotelvillamaior[.]com[.]br/pi/pi[.]js
hxxps://faharigas[.]co[.]ke/cote/cote[.]js
hxxps://sonteq[.]co[.]ke/uesm/uesm[.]js
hxxps://marketingsolutionbd[.]com/olt/olt[.]js
hxxps://moviprime[.]com/tig/tig[.]js
hxxps://propertysupermarket[.]ug/lqa/lqa[.]js
hxxps://smilehope[.]org/siu/siu[.]js
hxxps://hotrecruiter[.]com/tu/tu[.]js
hxxps://amcghbd[.]org/xeuq/xeuq[.]js
hxxp://backdfxcf2[.]ml/eg/eg[.]js
hxxps://skynnex[.]com/ru/ru[.]js
hxxps://heykemisola[.]ng/et/et[.]js
hxxps://dockworthservicesint[.]com/odeo/odeo[.]js
hxxps://nortskyltd[.]com/oaum/oaum[.]js
hxxps://jotamaia[.]com[.]br/naai/naai[.]js
hxxps://famelandfittings[.]co[.]ke/leta/leta[.]js
hxxps://classified[.]com[.]bd/ti/ti[.]js
hxxps://safirnikrah[.]ir/aa/aa[.]js
hxxps://sistemprint[.]pe/orir/orir[.]js
hxxps://insurancegag[.]com/oq/oq[.]js
hxxps://sivsanbupriyal[.]com/tatm/tatm[.]js
hxxps://rustamov[.]az/eo/eo[.]js
hxxps://mahdipes[.]ir/sm/sm[.]js
hxxps://promenadesfantomes[.]com/ine/ine[.]js
hxxps://gathkenya[.]com/ttla/ttla[.]js
hxxp://srpimpex[.]in/efe/efe[.]js
hxxps://auditek[.]com[.]pe/it/it[.]js
hxxps://presidentialmetals[.]net/eon/eon[.]js
hxxp://newzblogzart22[.]cf/di/di[.]js
hxxps://perpusmtsns[.]my[.]id/stan/stan[.]js
hxxps://agewatchafrica[.]com/enno/enno[.]js
hxxps://omnicare[.]com[.]bd/ssuq/ssuq[.]js
hxxps://spoar[.]org[.]in/gcn/gcn[.]js
hxxp://newzblogzart589[.]cf/tuba/tuba[.]js
hxxps://krishnaplastpack[.]com/ota/ota[.]js
hxxps://fazalcoldstorage[.]com/atqu/atqu[.]js
hxxps://filmebunehd1[.]com/aa/aa[.]js
hxxp://davidprestigeas[.]com/tuc/tuc[.]js
hxxps://innovita[.]az/as/as[.]js
hxxps://cloudrealestate[.]co[.]ke/ra/ra[.]js
hxxps://kiranudyog[.]com/as/as[.]js
hxxps://pashupatimitra[.]edu[.]np/itau/itau[.]js
hxxps://biddingenterprise[.]com[.]au/ud/ud[.]js
hxxps://healthmired[.]com/oeni/oeni[.]js
hxxps://mail-verification[.]ml/crea/crea[.]js
hxxps://roadtorace[.]es/admi/admi[.]js
hxxps://beadvisors[.]ma/ii/ii[.]js
hxxps://agriformexico[.]com/so/so[.]js
hxxps://bitkiselgida[.]com/cm/cm[.]js
hxxps://byoug[.]org/setu/setu[.]js
hxxps://expertwritingpros[.]com/aee/aee[.]js
hxxps://chiomadigitalconsultant[.]com[.]ng/iq/iq[.]js
hxxps://learningbelt[.]academy/erdn/erdn[.]js
hxxp://datapawa[.]com/niis/niis[.]js
hxxps://pecadosdelamalta[.]com/ltse/ltse[.]js
hxxp://hmgeneralcompany[.]com/lc/lc[.]js
hxxps://sushishop[.]com[.]tr/eatn/eatn[.]js
hxxps://worleybuildersinc[.]com/ma/ma[.]js
hxxps://tarimtokat[.]com/tae/tae[.]js
hxxps://yektamehr[.]com/ps/ps[.]js
hxxps://vitoturizm[.]com[.]tr/ao/ao[.]js
hxxps://upplysningavancez[.]com/eidq/eidq[.]js
hxxps://zombieproofsecurity[.]co[.]za/ei/ei[.]js
hxxps://zonaah[.]co[.]uk/lmo/lmo[.]js
hxxps://tanzanitedecor[.]com/ui/ui[.]js
hxxps://rafisceferzade[.]com/i92M/120
hxxps://bajamilagro[.]com/uirr/uirr[.]js
hxxp://hotrecruiter[.]com/oall/oall[.]js
hxxps://upplysningavancez[.]com/evltll/t
hxxps://firojkhan[.]com[.]np/sni/sni[.]js
hxxps://firojkhan[.]com[.]np/sni/sni[.]js?44403
hxxp://hotrecruiter[.]com/oall/oall[.]js?97586
hxxps://princegenesis[.]com/YyzOtB/t
hxxps://milanojackets[.]com/jNrPzS/t
hxxps://softswapp[.]com/VCv/t
hxxps://heraemlak[.]com/plsyRhg/t
QakBot


URL
hxxps://kechakchi[.]com/tmp/index[.]php
hxxp://217[.]182[.]46[.]178/betmaster_timur[.]exe
RedLine Stealer


URL
hxxp://143[.]42[.]136[.]20/580/vbc[.]exe
hxxp://143[.]42[.]136[.]20/80[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]80[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]80[.]doc
Remcos


URL
hxxp://5[.]42[.]199[.]9/f0b7b22cedd39d91[.]php
Stealc


URL
hxxp://91[.]107[.]199[.]176/edit[.]zip
hxxp://135[.]181[.]87[.]234/edit[.]zip
hxxp://91[.]107[.]229[.]3/edit[.]zip
Vidar




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://192[.]119[.]74[.]208/wp[.]exe	Agent Tesla
URL	hxxps://mufibk[.]world/gallery/photo_004[.]exe hxxps://kifngo[.]world/gallery/photo_004[.]exe	Amadey
URL	hxxp://167[.]235[.]148[.]216/auth hxxp://176[.]124[.]200[.]101/auth hxxp://95[.]140[.]158[.]196/auth hxxp://116[.]203[.]69[.]241/auth hxxp://77[.]91[.]84[.]147/auth hxxp://79[.]137[.]204[.]106/auth	Aurora Stealer
URL	hxxp://85[.]31[.]45[.]29/myoffice/index[.]php hxxp://85[.]31[.]45[.]29/goddid/index[.]php	Azorult
URL	hxxp://195[.]133[.]40[.]45/asdasd[.]ppc hxxp://195[.]133[.]40[.]45/asdasd[.]sparc hxxp://195[.]133[.]40[.]45/asdasd[.]arm5 hxxp://195[.]133[.]40[.]45/asdasd[.]mpsl hxxp://195[.]133[.]40[.]45/asdasd[.]arm4 hxxp://195[.]133[.]40[.]45/asdasd[.]mips hxxp://195[.]133[.]40[.]45/asdasd[.]arm6	Bashlite
URL	hxxp://43[.]143[.]153[.]235/__utm[.]gif hxxps://47[.]93[.]60[.]109/IE9CompatViewList[.]xml hxxp://47[.]103[.]64[.]64:1111/pixel[.]gif hxxps://fensisup[.]shop:4433/match hxxp://27[.]122[.]56[.]137:443/components/remove[.]gif hxxp://143[.]42[.]120[.]56:8084/discussion/mayo-clinic-radio-als/ hxxps://103[.]234[.]72[.]215:9001/fwlink hxxp://45[.]66[.]159[.]41:4445/en_US/all[.]js hxxp://143[.]42[.]120[.]56:8086/discussion/mayo-clinic-radio-als/ hxxp://143[.]42[.]120[.]56:48888/hubcap/mayo-clinic-radio-full-shows/ hxxp://13[.]214[.]153[.]85/IE9CompatViewList[.]xml hxxp://45[.]207[.]58[.]57:2090/j[.]ad hxxp://vsrssup[.]com/ch[.]html hxxp://15[.]152[.]246[.]8:50080/broadcast hxxp://45[.]12[.]131[.]79:8989/pixel[.]gif hxxp://cs[.]docker-compose-update[.]com:8880/IE9CompatViewList[.]xml hxxps://47[.]94[.]91[.]32:34231/cm hxxp://185[.]232[.]92[.]68:10080/www/handle/doc hxxps://34[.]125[.]190[.]77:5005/dot[.]gif hxxp://42[.]194[.]197[.]135:88/push hxxps://43[.]139[.]159[.]179:442/activity hxxps://vsrssup[.]com/zh hxxp://185[.]11[.]61[.]199/j[.]ad hxxp://47[.]102[.]120[.]55:8081/en_US/all[.]js hxxps://8[.]131[.]118[.]10/activity hxxp://47[.]102[.]120[.]55:8082/g[.]pixel hxxps://64[.]176[.]37[.]78:5678/__utm[.]gif hxxp://179[.]43[.]162[.]31/j[.]ad hxxp://106[.]52[.]163[.]222:30003/updates[.]rss hxxps://43[.]136[.]134[.]43/j[.]ad hxxps://101[.]43[.]165[.]220/ce[.]css hxxp://23[.]105[.]214[.]171:8080/__utm[.]gif hxxp://171[.]22[.]30[.]252/j[.]ad hxxps://124[.]222[.]143[.]27:10443/api/getit hxxp://198[.]148[.]102[.]150:4567/g[.]pixel hxxp://206[.]223[.]33[.]170/updates[.]rss hxxp://5[.]8[.]18[.]112/j[.]ad hxxps://82[.]157[.]75[.]169/pixel[.]gif hxxp://180[.]76[.]161[.]95/IE9CompatViewList[.]xml hxxp://8[.]131[.]118[.]10/pixel hxxp://dyshangcheng[.]info:8888/push hxxp://101[.]43[.]165[.]220/ce[.]css hxxps://cdn[.]contentsecure[.]net/jquery-3[.]3[.]1[.]min[.]js hxxp://set[.]hik[.]icu/pixel[.]gif hxxp://47[.]113[.]147[.]223:801/ca hxxps://47[.]98[.]173[.]89/ca hxxps://43[.]143[.]18[.]98:44323/ptj hxxps://45[.]227[.]252[.]243/push hxxp://121[.]4[.]59[.]117:9993/updates[.]rss hxxp://91[.]206[.]93[.]139/jquery-3[.]3[.]1[.]min[.]js hxxp://47[.]115[.]210[.]110:8080/load hxxp://95[.]214[.]27[.]59:8877/ga[.]js	Cobalt Strike
URL	hxxp://ernjxs12[.]top/gate[.]php hxxp://ernlen22[.]top/gate[.]php	CryptBot
URL	hxxp://62[.]109[.]31[.]200/bootscriptPref/prodServer/scripttracegameMath/game/prodbootCamlimit/plugin/screenbinmobile/prodbin/MathPython/prod/screencutPython/vmTraffic[.]php hxxp://77[.]91[.]77[.]179/2/Geotrafficwp[.]php hxxp://185[.]143[.]220[.]212/eternalflowertrack[.]php	DCRat
URL	hxxp://185[.]227[.]152[.]83/ssshd hxxp://185[.]227[.]152[.]83/sshd	Dofloo
URL	hxxps://4fly[.]su/search/NrRU1QOR77up6YK5/ hxxp://tnsukbi[.]ac[.]th/assets/aNjY9A7LhUg/ hxxps://4fly[.]su:443/search/NrRU1QOR77up6YK5/ hxxp://xn----7sbfecm2ak0azy[.]xn--p1ai/examples1/8V2sHugKijs/ hxxp://xn--j1aadhdbbpr7hb[.]xn--p1ai/answer/xLtp8Rcegl15zK8B03m/ hxxps://res-energo[.]pro/search/ZTyxuAVvotJXUv/ hxxps://bbvoyage[.]com/useragreement/wT3Xx3Yg4SF3Oou/ hxxp://www[.]dnautik[.]com/wp-includes/2KIUhNvW5/ hxxps://xyktza[.]nbxyk[.]net/bwzysov/index/X3hFHbueMtgoEi/etaJ35/ hxxp://rref[.]su/uchastniki/rNNdVArBjNc100n3p/ hxxp://mealux[.]by/pab4/wxuGxcqF85M/ hxxp://abrokov[.]com/lang/SZnqErcEtuE/ hxxp://api[.]660011[.]cc/wp-includes/b028GIRSxa4lY/ hxxp://www[.]garrett[.]kz/faq/B0faEHvS9msSo9xbVe/ hxxp://arlex[.]su/services/IE2h6fBsQRQOhHBI691U/	Emotet
URL	hxxp://84[.]38[.]133[.]20/mon/monnn[.]exe hxxp://jsrmach[.]com/wp-admin/gcoder[.]exe	Formbook
URL	hxxp://124[.]220[.]35[.]63/103[.]exe hxxp://124[.]220[.]35[.]63/669[.]exe hxxp://124[.]220[.]35[.]63/niubi[.]exe hxxp://124[.]220[.]35[.]63/9666[.]exe hxxp://124[.]220[.]35[.]63/xinxin[.]exe	Ghost RAT
URL	hxxps://zoltan-acs[.]com/scarica/azienda[.]zip hxxps://zoltan-acs[.]com/scarica/Agenzia[.]zip hxxps://zoltan-acs[.]com/scarica/contratto[.]zip hxxps://zoltan-acs[.]com/scarica/Agenzia_Entrate[.]zip hxxps://zoltan-acs[.]com/scarica/cliente[.]zip hxxps://zoltan-acs[.]com/scarica/Direzione[.]zip hxxps://zoltan-acs[.]com/scarica/marzo[.]zip hxxps://zoltan-acs[.]com/scarica/impresa[.]zip hxxps://barsamweb[.]com/scarica/Agenzia[.]zip hxxps://pooramkuries[.]com/scarica/Agenzia[.]zip hxxps://barsamweb[.]com/scarica/impresa[.]zip hxxps://pooramkuries[.]com/scarica/azienda[.]zip hxxps://barsamweb[.]com/scarica/contratto[.]zip hxxps://pooramkuries[.]com/scarica/cliente[.]zip hxxps://rayzahna[.]com/scarica/azienda[.]zip hxxps://barsamweb[.]com/scarica/Direzione[.]zip hxxps://barsamweb[.]com/scarica/Agenzia_Entrate[.]zip hxxps://pooramkuries[.]com/scarica/contratto[.]zip hxxps://barsamweb[.]com/scarica/marzo[.]zip hxxps://pooramkuries[.]com/scarica/Agenzia_Entrate[.]zip hxxps://barsamweb[.]com/scarica/cliente[.]zip hxxps://barsamweb[.]com/scarica/azienda[.]zip hxxps://pooramkuries[.]com/scarica/marzo[.]zip hxxps://pooramkuries[.]com/scarica/Direzione[.]zip hxxps://pooramkuries[.]com/scarica/impresa[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/contratto[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/Agenzia[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/Agenzia_Entrate[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/azienda[.]zip hxxps://rayzahna[.]com/scarica/marzo[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/impresa[.]zip hxxps://rayzahna[.]com/scarica/impresa[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/Direzione[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/cliente[.]zip hxxps://rayzahna[.]com/scarica/Direzione[.]zip hxxps://rayzahna[.]com/scarica/contratto[.]zip hxxps://rayzahna[.]com/scarica/Agenzia_Entrate[.]zip hxxps://rayzahna[.]com/scarica/cliente[.]zip hxxps://rayzahna[.]com/scarica/Agenzia[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/marzo[.]zip hxxp://alemaanwebtv[.]net/connect/index[.]php hxxps://lucas-tilsner[.]de/connect/index[.]php hxxp://balneario[.]tissotodontologia[.]com[.]br/connect/index[.]php hxxp://somautomotivorj[.]com[.]br/connect/index[.]php hxxps://reasonartit[.]com/scarica/Agenzia_Entrate[.]zip hxxps://reasonartit[.]com/scarica/Direzione[.]zip hxxps://reasonartit[.]com/scarica/Agenzia[.]zip hxxps://dailyushistory[.]com/scarica/Agenzia[.]zip hxxps://reasonartit[.]com/scarica/contratto[.]zip hxxps://reasonartit[.]com/scarica/marzo[.]zip hxxps://reasonartit[.]com/scarica/cliente[.]zip hxxps://dailyushistory[.]com/scarica/contratto[.]zip hxxps://dailyushistory[.]com/scarica/Direzione[.]zip hxxps://reasonartit[.]com/scarica/impresa[.]zip hxxps://dailyushistory[.]com/scarica/azienda[.]zip hxxps://reasonartit[.]com/scarica/azienda[.]zip hxxps://dailyushistory[.]com/scarica/marzo[.]zip hxxps://dailyushistory[.]com/scarica/Agenzia_Entrate[.]zip hxxps://dailyushistory[.]com/scarica/impresa[.]zip hxxps://dailyushistory[.]com/scarica/cliente[.]zip hxxps://www[.]admin-sense[.]com/connect/index[.]php hxxp://itsghp[.]com/connect/index[.]php hxxp://tjsai[.]ch/connect/index[.]php hxxps://dailyushistory[.]com/scarica/AgenziaEntrate[.]zip hxxps://trungtambaohanhmaylanh[.]com/scarica/AgenziaEntrate[.]zip hxxps://barsamweb[.]com/scarica/AgenziaEntrate[.]zip hxxps://pooramkuries[.]com/scarica/AgenziaEntrate[.]zip hxxps://rayzahna[.]com/scarica/AgenziaEntrate[.]zip hxxps://zoltan-acs[.]com/scarica/AgenziaEntrate[.]zip hxxps://reasonartit[.]com/scarica/AgenziaEntrate[.]zip hxxp://puwasit[.]lab[.]cvc[.]ac[.]th/connect/index[.]php hxxp://befizzi[.]de/connect/index[.]php hxxps://noithatxuanchien[.]com/connect/index[.]php hxxp://threerosesbeauty[.]com/connect/index[.]php	Gozi
URL	hxxps://anydeskremote[.]shop/MHFNV-AnyDesk[.]zip hxxp://anydeskremote[.]shop/MHFNV-AnyDesk[.]zip hxxps://downloadanydesk[.]info/MHFNV-AnyDesk[.]zip	lampion
URL	hxxp://185[.]246[.]220[.]60/cbn/five/fre[.]php hxxps://sempersim[.]su/hb1/fre[.]php hxxp://68[.]183[.]13[.]128/?page_id=6303 hxxp://sempersim[.]su/hb1/fre[.]php hxxps://sempersim[.]su/hb2/fre[.]php hxxp://sempersim[.]su/hb2/fre[.]php hxxp://68[.]183[.]13[.]128/?page_id=215360 hxxp://185[.]246[.]220[.]85/king/five/fre[.]php	LokiBot
URL	hxxp://117[.]253[.]106[.]168:59689/Mozi[.]m hxxp://112[.]239[.]71[.]35:32929/Mozi[.]m	Mozi
URL	hxxps://esrarengo[.]com/lKC6Pyy/120 hxxps://insurancegag[.]com/oq/oq[.]js? hxxps://gepex[.]ma/oee/oee[.]js? hxxps://chiomadigitalconsultant[.]com[.]ng/iq/iq[.]js? hxxps://burnandsweat[.]com/ia/ia[.]js hxxps://classified[.]com[.]bd/ti/ti[.]js? hxxps://moviprime[.]com/tig/tig[.]js? hxxps://elanis-dz[.]org/kmj2/120 hxxps://maanstores[.]com/HoB/120 hxxps://ltrain[.]ir/rl/rl[.]js hxxps://sunflexpackagers[.]com/odtm/odtm[.]js hxxps://radioskn[.]com/qeeo/qeeo[.]js hxxps://scmsgroup[.]org/et/et[.]js hxxps://moglowskincare[.]com/qap/qap[.]js hxxps://ric-finanz[.]com/um/um[.]js hxxps://kingspartypromotions[.]com/sibi/sibi[.]js hxxps://mgpconsulting[.]com[.]mx/eia/eia[.]js hxxps://cloudzsoft[.]com/daee/daee[.]js hxxps://majlissala[.]ma/eusn/eusn[.]js hxxp://newzblogzart410[.]cf/erdc/erdc[.]js hxxps://hagere[.]et/ldoo/ldoo[.]js hxxps://drraducampeanu[.]ro/rnu/rnu[.]js hxxp://newzblogzart412[.]cf/nmo/nmo[.]js hxxps://osamasabir[.]com/teto/teto[.]js hxxps://handikaputra[.]my[.]id/iemn/iemn[.]js hxxps://essperu[.]com[.]pe/uaep/uaep[.]js hxxps://nusatoyota[.]co[.]id/teev/teev[.]js hxxps://impresstv[.]net/sl/sl[.]js hxxps://hikersband[.]sa/io/io[.]js hxxps://chiomadigitalagency[.]com[.]ng/ait/ait[.]js hxxps://hmbconstructions[.]com/umn/umn[.]js hxxps://majesticmicalhotel[.]com/otsp/otsp[.]js hxxps://gepex[.]ma/oee/oee[.]js hxxps://harsh24[.]ml/ixn/ixn[.]js hxxps://dankard[.]com[.]ng/tuaa/tuaa[.]js hxxps://p-alwatany-ps[.]com/eioo/eioo[.]js hxxps://greatermen[.]com/eqpu/eqpu[.]js hxxps://borsystemslimited[.]com/mno/mno[.]js hxxps://security-audit-internal-audit[.]com/mei/mei[.]js hxxp://newzblogzart592[.]cf/le/le[.]js hxxps://hotelvillamaior[.]com[.]br/pi/pi[.]js hxxps://faharigas[.]co[.]ke/cote/cote[.]js hxxps://sonteq[.]co[.]ke/uesm/uesm[.]js hxxps://marketingsolutionbd[.]com/olt/olt[.]js hxxps://moviprime[.]com/tig/tig[.]js hxxps://propertysupermarket[.]ug/lqa/lqa[.]js hxxps://smilehope[.]org/siu/siu[.]js hxxps://hotrecruiter[.]com/tu/tu[.]js hxxps://amcghbd[.]org/xeuq/xeuq[.]js hxxp://backdfxcf2[.]ml/eg/eg[.]js hxxps://skynnex[.]com/ru/ru[.]js hxxps://heykemisola[.]ng/et/et[.]js hxxps://dockworthservicesint[.]com/odeo/odeo[.]js hxxps://nortskyltd[.]com/oaum/oaum[.]js hxxps://jotamaia[.]com[.]br/naai/naai[.]js hxxps://famelandfittings[.]co[.]ke/leta/leta[.]js hxxps://classified[.]com[.]bd/ti/ti[.]js hxxps://safirnikrah[.]ir/aa/aa[.]js hxxps://sistemprint[.]pe/orir/orir[.]js hxxps://insurancegag[.]com/oq/oq[.]js hxxps://sivsanbupriyal[.]com/tatm/tatm[.]js hxxps://rustamov[.]az/eo/eo[.]js hxxps://mahdipes[.]ir/sm/sm[.]js hxxps://promenadesfantomes[.]com/ine/ine[.]js hxxps://gathkenya[.]com/ttla/ttla[.]js hxxp://srpimpex[.]in/efe/efe[.]js hxxps://auditek[.]com[.]pe/it/it[.]js hxxps://presidentialmetals[.]net/eon/eon[.]js hxxp://newzblogzart22[.]cf/di/di[.]js hxxps://perpusmtsns[.]my[.]id/stan/stan[.]js hxxps://agewatchafrica[.]com/enno/enno[.]js hxxps://omnicare[.]com[.]bd/ssuq/ssuq[.]js hxxps://spoar[.]org[.]in/gcn/gcn[.]js hxxp://newzblogzart589[.]cf/tuba/tuba[.]js hxxps://krishnaplastpack[.]com/ota/ota[.]js hxxps://fazalcoldstorage[.]com/atqu/atqu[.]js hxxps://filmebunehd1[.]com/aa/aa[.]js hxxp://davidprestigeas[.]com/tuc/tuc[.]js hxxps://innovita[.]az/as/as[.]js hxxps://cloudrealestate[.]co[.]ke/ra/ra[.]js hxxps://kiranudyog[.]com/as/as[.]js hxxps://pashupatimitra[.]edu[.]np/itau/itau[.]js hxxps://biddingenterprise[.]com[.]au/ud/ud[.]js hxxps://healthmired[.]com/oeni/oeni[.]js hxxps://mail-verification[.]ml/crea/crea[.]js hxxps://roadtorace[.]es/admi/admi[.]js hxxps://beadvisors[.]ma/ii/ii[.]js hxxps://agriformexico[.]com/so/so[.]js hxxps://bitkiselgida[.]com/cm/cm[.]js hxxps://byoug[.]org/setu/setu[.]js hxxps://expertwritingpros[.]com/aee/aee[.]js hxxps://chiomadigitalconsultant[.]com[.]ng/iq/iq[.]js hxxps://learningbelt[.]academy/erdn/erdn[.]js hxxp://datapawa[.]com/niis/niis[.]js hxxps://pecadosdelamalta[.]com/ltse/ltse[.]js hxxp://hmgeneralcompany[.]com/lc/lc[.]js hxxps://sushishop[.]com[.]tr/eatn/eatn[.]js hxxps://worleybuildersinc[.]com/ma/ma[.]js hxxps://tarimtokat[.]com/tae/tae[.]js hxxps://yektamehr[.]com/ps/ps[.]js hxxps://vitoturizm[.]com[.]tr/ao/ao[.]js hxxps://upplysningavancez[.]com/eidq/eidq[.]js hxxps://zombieproofsecurity[.]co[.]za/ei/ei[.]js hxxps://zonaah[.]co[.]uk/lmo/lmo[.]js hxxps://tanzanitedecor[.]com/ui/ui[.]js hxxps://rafisceferzade[.]com/i92M/120 hxxps://bajamilagro[.]com/uirr/uirr[.]js hxxp://hotrecruiter[.]com/oall/oall[.]js hxxps://upplysningavancez[.]com/evltll/t hxxps://firojkhan[.]com[.]np/sni/sni[.]js hxxps://firojkhan[.]com[.]np/sni/sni[.]js?44403 hxxp://hotrecruiter[.]com/oall/oall[.]js?97586 hxxps://princegenesis[.]com/YyzOtB/t hxxps://milanojackets[.]com/jNrPzS/t hxxps://softswapp[.]com/VCv/t hxxps://heraemlak[.]com/plsyRhg/t	QakBot
URL	hxxps://kechakchi[.]com/tmp/index[.]php hxxp://217[.]182[.]46[.]178/betmaster_timur[.]exe	RedLine Stealer
URL	hxxp://143[.]42[.]136[.]20/580/vbc[.]exe hxxp://143[.]42[.]136[.]20/80[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]80[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]80[.]doc	Remcos
URL	hxxp://5[.]42[.]199[.]9/f0b7b22cedd39d91[.]php	Stealc
URL	hxxp://91[.]107[.]199[.]176/edit[.]zip hxxp://135[.]181[.]87[.]234/edit[.]zip hxxp://91[.]107[.]229[.]3/edit[.]zip	Vidar

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております