D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様0社: 2023/03/06
※2023/03/06 更新
マルウェア感染させると考えられるURLを検知（2023/03/06）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://198[.]46[.]174[.]170/bg[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]doc
hxxp://104[.]168[.]45[.]119/gib[.]exe
hxxp://208[.]67[.]105[.]179/ahmedzx[.]exe
hxxp://198[.]46[.]174[.]170/2512/vbc[.]exe
Agent Tesla


URL
hxxp://193[.]233[.]20[.]22/lebro[.]exe
hxxp://193[.]233[.]20[.]25/buH5N004d/index[.]php
hxxp://193[.]233[.]20[.]26/Do3m4Gor/index[.]php
hxxp://77[.]73[.]134[.]52/0jVu73d/index[.]php
hxxp://77[.]73[.]134[.]52/0jVu73d/Plugins/cred64[.]dll
hxxp://77[.]73[.]134[.]52/0jVu73d/Plugins/clip64[.]dll
hxxp://193[.]233[.]20[.]26/Do3m4Gor/Plugins/cred64[.]dll
hxxp://193[.]233[.]20[.]25/buH5N004d/Plugins/cred64[.]dll
hxxp://193[.]233[.]20[.]25/buH5N004d/Plugins/clip64[.]dll
hxxp://193[.]233[.]20[.]26/Do3m4Gor/Plugins/clip64[.]dll
hxxp://212[.]118[.]43[.]106/dF30Hn4m/index[.]php
hxxp://212[.]118[.]43[.]106/dF30Hn4m/Plugins/clip64[.]dll
hxxp://212[.]118[.]43[.]106/dF30Hn4m/Plugins/cred64[.]dll
Amadey


URL
hxxps://mafaldaflamniabarateiro[.]skin/documentos/Documento_Recebido
hxxps://mournsteelhawktongue[.]mom/documentos/Documento_Recebido
hxxps://ofwejfiowerubfirewubi[.]mom/documentos/Documento_Recebido
hxxps://sidewormpower[.]pics/documentos/Documento_Recebido
Astaroth


URL
hxxp://79[.]137[.]206[.]102/Setup2[.]exe
AsyncRAT


URL
hxxp://185[.]106[.]93[.]135/auth
hxxp://82[.]115[.]223[.]9/auth
hxxp://185[.]106[.]93[.]237/1[.]exe
Aurora Stealer


URL
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm4
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]sparc
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]mpsl
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm5
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]ppc
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm6
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm7
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]mips
hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]x86
Bashlite


URL
hxxps://appcisco[.]com/vpncleint/cisco-anyconnect-4_9_0195[.]msi
BumbleBee


URL
hxxp://1[.]13[.]80[.]134:8080/g[.]pixel
hxxp://46[.]29[.]165[.]125:8888/cx
hxxp://116[.]62[.]127[.]33:3333/ga[.]js
hxxps://bravo[.]minutes-men[.]com/fo
hxxp://45[.]88[.]170[.]91:444/ptj
hxxps://124[.]70[.]100[.]184/pixel[.]gif
hxxp://104[.]168[.]9[.]28:9998/activity
hxxp://8[.]131[.]118[.]10/updates[.]rss
hxxp://45[.]207[.]58[.]57:2090/ga[.]js
hxxp://165[.]22[.]241[.]234/ptj
hxxp://124[.]70[.]92[.]91/ga[.]js
hxxps://154[.]26[.]192[.]11/push
hxxp://60[.]247[.]225[.]30:8876/ptj
hxxps://64[.]44[.]101[.]73/Get/v10[.]37/77QVTIX5Z5
hxxps://wacuvosa[.]com/Get/v10[.]37/77QVTIX5Z5
hxxps://202[.]95[.]19[.]215/cm
hxxp://45[.]9[.]74[.]66/c/msdownload/update/others/2020/10/29136388_
hxxp://43[.]139[.]78[.]242:8090/ga[.]js
hxxps://luo[.]dchu2u[.]com/__utm[.]gif
hxxp://43[.]143[.]237[.]87:5678/pixel
hxxps://34[.]125[.]190[.]77/pixel[.]gif
hxxp://47[.]106[.]123[.]86:8080/www/handle/doc
hxxps://107[.]182[.]18[.]105/updates[.]rss
hxxps://67[.]205[.]142[.]226/nv
hxxps://43[.]143[.]237[.]87/dot[.]gif
hxxp://103[.]67[.]191[.]89:8080/push
hxxp://128[.]199[.]80[.]168:8848/activity
hxxps://8[.]131[.]118[.]10/ca
hxxps://81[.]68[.]136[.]116:8081/jquery-3[.]3[.]1[.]min[.]js
hxxp://globaltechline[.]com/media[.]css
hxxp://64[.]27[.]23[.]163:8843/dot[.]gif
hxxp://143[.]42[.]120[.]56:48888/discussion/mayo-clinic-radio-als/
hxxps://3[.]65[.]214[.]164/pixel[.]gif
hxxps://43[.]156[.]59[.]131:4433/g[.]pixel
hxxps://ns1[.]xync[.]org/search/
hxxp://87[.]251[.]67[.]73:445/cm
hxxp://8[.]210[.]246[.]238:8443/www/handle/doc
hxxp://143[.]42[.]120[.]56:8082/discussion/
hxxps://108[.]165[.]178[.]43:9191/__utm[.]gif
hxxps://108[.]165[.]178[.]42:9191/fwlink
hxxps://87[.]251[.]67[.]73/j[.]ad
hxxp://43[.]130[.]70[.]58:8020/g[.]pixel
hxxp://3[.]65[.]214[.]164/push
hxxp://rsaus[.]com/jquery-3[.]3[.]1[.]min[.]js
hxxp://dyshangcheng[.]info:8888/g[.]pixel
hxxp://185[.]74[.]222[.]46:446/IE9CompatViewList[.]xml
hxxp://46[.]29[.]165[.]125:8888/load
hxxp://139[.]224[.]17[.]133/owa/
hxxp://54[.]168[.]238[.]73/push
hxxp://45[.]76[.]175[.]177/mht_image/
hxxps://23[.]106[.]215[.]231:8080/detect/BackOffice/GPS30WXFG
hxxps://vibotuco[.]com:8080/detect/BackOffice/GPS30WXFG
hxxps://psd[.]hik[.]icu/ca
hxxps://54[.]168[.]238[.]73/visit[.]js
hxxp://ndtv[.]ltd:6667/cm
hxxps://43[.]138[.]62[.]36/cm
hxxp://150[.]158[.]55[.]102:443/IE9CompatViewList[.]xml
hxxp://121[.]43[.]189[.]59:7777/updates[.]rss
hxxp://bancodobrasil[.]in/cm
hxxp://123[.]249[.]77[.]187:8080/IE9CompatViewList[.]xml
hxxp://60[.]247[.]225[.]30:8876/fwlink
hxxp://171[.]22[.]30[.]252/g[.]pixel
hxxps://116[.]204[.]65[.]207/en_US/all[.]js
hxxps://222[.]218[.]187[.]71/api/x
hxxp://121[.]43[.]189[.]59:8010/dpixel
hxxps://1[.]117[.]73[.]197/cm
hxxp://80[.]240[.]19[.]194:9000/cx
hxxp://5[.]188[.]86[.]194:8088/cx
hxxp://43[.]156[.]59[.]131:81/ca
hxxp://43[.]139[.]78[.]242:8090/cx
hxxp://5[.]188[.]86[.]194/fwlink
hxxp://157[.]245[.]153[.]7/rs[.]js
hxxps://194[.]135[.]24[.]238/cx
hxxp://194[.]135[.]24[.]238/cm
hxxp://nemucefah[.]com:443/wp-includes/skin[.]mp3
hxxp://5[.]9[.]224[.]208/design/query/9X5M3SOE0F
hxxp://38[.]147[.]171[.]220/api/x
hxxps://d1fgry9dth4dwk[.]cloudfront[.]net/s/yXG1Ce9erSHqOiGKLd5kbQiOd/field-keywords/
hxxps://172[.]96[.]237[.]159:8443/g[.]pixel
hxxps://179[.]43[.]187[.]185/us/ky/louisville/312-s-fourth-st[.]html
hxxps://office[.]mcuweb[.]cf/en_US/all[.]js
hxxps://149[.]28[.]131[.]30/push
hxxps://us-central1-noted-processor-340815[.]cloudfunctions[.]net/proxy/gp/aj/private/reviewsGallery/get-application-resources
hxxp://207[.]148[.]93[.]50:8090/cm
hxxps://posta[.]speedstorm[.]tk/__utm[.]gif
hxxp://179[.]43[.]187[.]185:8080/us/ky/louisville/312-s-fourth-st[.]html
hxxp://31[.]22[.]109[.]182:8080/cx
hxxps://57[.]128[.]195[.]112:8443/images/ZLWuaWju2m51TwSnY9wO[.]png
hxxps://43[.]128[.]115[.]54:64443/ca
hxxp://www[.]dhksblog[.]top/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
hxxp://digitalenergetic[.]com/copyright[.]css
hxxps://digitalenergetic[.]com/mt[.]js
hxxp://143[.]42[.]120[.]56:8084/hubcap/mayo-clinic-radio-full-shows/
hxxp://tibenorote[.]com:443/static-directory/fr[.]gif
hxxps://103[.]30[.]17[.]40/cx
hxxp://103[.]30[.]17[.]40/cx
hxxp://45[.]88[.]170[.]91:5555/IE9CompatViewList[.]xml
hxxp://103[.]193[.]192[.]87:8002/cx
hxxps://sufiduwo[.]com/links[.]js
hxxp://114[.]115[.]135[.]149:50050/push
hxxp://42[.]193[.]154[.]14:8001/dot[.]gif
hxxp://101[.]43[.]147[.]69:83/IE9CompatViewList[.]xml
hxxp://5[.]181[.]159[.]33/en_US/all[.]js
hxxp://106[.]52[.]46[.]225/ca
hxxp://159[.]65[.]136[.]204:4444/match
hxxp://218[.]11[.]133[.]33:8805/dot[.]gif
hxxps://43[.]139[.]166[.]32/__utm[.]gif
hxxp://psd[.]hik[.]icu/cx
hxxps://apidiscord[.]com/IE9CompatViewList[.]xml
hxxps://81[.]68[.]136[.]116/www/handle/doc
hxxp://120[.]53[.]220[.]154:8080/dpixel
hxxp://psd[.]hik[.]icu:3389/pixel[.]gif
hxxps://193[.]149[.]176[.]42/www/handle/doc
hxxps://my-mac-24[.]com/design/query/9X5M3SOE0F
hxxp://143[.]198[.]81[.]224/cs/jquery-3[.]3[.]1[.]min[.]js
hxxps://185[.]143[.]223[.]120:444/activity
hxxps://147[.]78[.]47[.]232/cx
hxxp://13[.]214[.]153[.]85/push
hxxp://143[.]42[.]120[.]56:47666/discussion/mayo-clinic-radio-als/
hxxp://107[.]172[.]78[.]195/ga[.]js
hxxps://techlineengineering[.]com/rw[.]css
hxxp://techlineengineering[.]com/sm[.]css
hxxps://69791vp629[.]yicp[.]fun/cacert[.]exe
hxxp://39[.]107[.]70[.]26:8888/g[.]pixel
hxxp://47[.]115[.]214[.]195/push
hxxp://43[.]143[.]159[.]171/IE9CompatViewList[.]xml
hxxp://42[.]192[.]222[.]92:4433/jYIQ
hxxp://42[.]192[.]222[.]92:4433/fwlink
hxxps://second[.]yayayawawawa[.]cn:8443/g[.]pixel
hxxp://152[.]89[.]196[.]245:6789/ca
Cobalt Strike


URL
hxxps://tecnozona[.]site/DW/MainV2[.]0[.]exe
hxxp://45[.]63[.]74[.]55/83Video/LineJs/4LinuxPublic/SqlPhpDb/pythonBase/Provider0/BasePrivatedatalife0/GeoBetterasync/Wpwordpress/Generator/Bigloadprivate1/2TrackRequest/6Packet5/phpSecureCpuDbprivate/d5b8e51eae54b9bef4ddbeac04318d223ea2dc3c-d659d96d15c7a1206f44eb36ed72495563140859/
hxxp://79[.]137[.]204[.]58/uac[.]exe
hxxp://79[.]137[.]204[.]58/b2date[.]exe
hxxp://79[.]137[.]206[.]102/uac[.]exe
Coinminer


URL
hxxp://xjupom52[.]top/gate[.]php
hxxp://xjuoso62[.]top/gate[.]php
hxxp://xjuupt72[.]top/gate[.]php
CryptBot


URL
hxxp://81[.]200[.]152[.]41/videogeneratorprivate[.]php
hxxp://37[.]230[.]112[.]51/_Vmmariadb/Test/dleflowerJavascriptVideo/DlewindowsMariadbPoll/2/External/ProtoncdnPacket/bigload/track/1vm/LinuxpipeEternal/WordpressTophp/eternal3Windows/ServerLine/pollvoiddbdump/WpMultiVideo/securebigloadTestTempuploads[.]php
hxxp://82[.]146[.]60[.]81/Js_serversql[.]php
hxxp://212[.]109[.]192[.]100/longpollsqlcdn[.]php
DCRat


URL
hxxps://2338d[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent
hxxps://52957[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent
hxxps://d74c8[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent
FAKEUPDATES


URL
hxxp://truongnoivu-phqn[.]edu[.]vn/media/warino2[.]1[.]exe
Formbook


URL
hxxps://scdentales[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://sikonci[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://youraccacoach[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://evolve-adv[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://edispro-qa[.]appprompt[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://crystalcoin[.]cc/impresa/Agenzia_Entrate[.]zip
hxxp://www[.]nipunpharmaskill[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://musicaondemand[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://goodstuffdist[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://designrrgroup[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://culinaria-passoapasso[.]artesanatodosucesso[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://sherryanneinteriors[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://hdstatusvideos[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://rollsbeer[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://saoudflowers[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://zsrest[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://jaccolima[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://live[.]com[.]gt/impresa/Agenzia_Entrate[.]zip
hxxp://www[.]arkidecture[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://derekludlow[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://qrroom[.]com/impresa/Agenzia_Entrate[.]zip
hxxps://votre-futur-site[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://lavacolla[.]com/impresa/Agenzia_Entrate[.]zip
hxxp://bestmagento[.]com/impresa/Agenzia_Entrate[.]zip
Gozi


URL
hxxp://45[.]159[.]188[.]109/bot/regex
hxxp://lotomania[.]info/ckeditor/themes/123[.]exe
Laplas


URL
hxxp://teleportstation[.]tk/Panel/five/fre[.]php
hxxp://107[.]172[.]81[.]7/2031/vbc[.]exe
hxxp://68[.]183[.]13[.]128/?page_id=5720585542868
hxxp://85[.]31[.]45[.]28/winspace/[.]win32[.]exe
hxxp://107[.]172[.]81[.]7/2030/vbc[.]exe
hxxp://185[.]246[.]220[.]85/bally/five/fre[.]php
LokiBot


URL
hxxp://82[.]118[.]23[.]50/c2sock
Lumma Stealer


URL
hxxp://81[.]240[.]108[.]170/request
Mars Stealer


URL
hxxp://111[.]14[.]153[.]148:40837/Mozi[.]m
hxxp://161[.]8[.]206[.]200:41970/Mozi[.]m
hxxp://123[.]14[.]116[.]145:53706/Mozi[.]m
hxxp://42[.]229[.]162[.]64:45032/Mozi[.]m
Mozi


URL
hxxp://193[.]233[.]202[.]219/niko1
PerlBot


URL
hxxp://al-shifaa[.]com/agama/gate[.]php
Pony


URL
hxxp://94[.]142[.]138[.]113/api/firegate[.]php
hxxp://62[.]204[.]41[.]88/lend/nik0300[.]exe
PrivateLoader


URL
hxxp://192[.]3[.]26[.]135/uo/Iyifjvmsf[.]png
PureCrypter


URL
hxxp://143[.]244[.]147[.]175/3r7w/020/ssd[.]dll
hxxp://157[.]245[.]254[.]227/EMs6DTE/020/ssd[.]dll
hxxp://138[.]197[.]74[.]198/eRV/020/ssd[.]dll
QakBot


URL
hxxps://evilsoftware[.]vip/dwn/%D0%A0%D0%9D%D0%9E%D0%A2%D0%9ES%D0%9D%D0%9E%D0%A0%D0%90%D0%A0%D0%A0[.]rar
hxxps://oof00[.]com/666/106[.]exe
hxxp://79[.]137[.]203[.]5/2ad49f49427f82a7d04228c4899477a7
hxxp://83[.]217[.]11[.]32/5b23d4d6c51ec61cf04fad1d98a14950
RecordBreaker


URL
hxxp://193[.]233[.]20[.]22/ti/mohta[.]exe
hxxp://193[.]56[.]146[.]10/koh/narko[.]exe
hxxp://91[.]215[.]85[.]15/doz[.]exe
hxxp://193[.]56[.]146[.]10/mel/starka[.]exe
hxxp://193[.]233[.]20[.]22/ti/mohta5[.]exe
hxxp://193[.]233[.]20[.]22/male/serko4[.]exe
hxxp://193[.]233[.]20[.]26/ti/serko4[.]exe
RedLine Stealer


URL
hxxp://195[.]3[.]223[.]218:443/admin/console/index[.]html
Rhadamanthys


URL
hxxp://192[.]3[.]26[.]135/00/pom[.]exe
hxxp://198[.]46[.]174[.]170/250/vbc[.]exe
hxxp://192[.]3[.]26[.]135/82/mmc[.]exe
hxxp://192[.]3[.]26[.]135/jn[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]doc
hxxp://192[.]3[.]26[.]135/gr8c/uaavp[.]exe
Snake Keylogger


URL
hxxp://givesd[.]link/410b5129171f10ea[.]php
hxxp://givesd[.]link/c043bcd0ba06ae1d/nss3[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/sqlite3[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/mozglue[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/freebl3[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/vcruntime140[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/msvcp140[.]dll
hxxp://givesd[.]link/c043bcd0ba06ae1d/softokn3[.]dll
hxxps://oof00[.]com/666/105[.]exe
hxxp://109[.]206[.]241[.]33/files/setup1[.]exe
Stealc


URL
hxxp://81[.]240[.]108[.]170/gate[.]php
Vidar


URL
hxxp://109[.]206[.]240[.]41:5802/is-ready
WSHRAT




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://198[.]46[.]174[.]170/bg[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]doc hxxp://104[.]168[.]45[.]119/gib[.]exe hxxp://208[.]67[.]105[.]179/ahmedzx[.]exe hxxp://198[.]46[.]174[.]170/2512/vbc[.]exe	Agent Tesla
URL	hxxp://193[.]233[.]20[.]22/lebro[.]exe hxxp://193[.]233[.]20[.]25/buH5N004d/index[.]php hxxp://193[.]233[.]20[.]26/Do3m4Gor/index[.]php hxxp://77[.]73[.]134[.]52/0jVu73d/index[.]php hxxp://77[.]73[.]134[.]52/0jVu73d/Plugins/cred64[.]dll hxxp://77[.]73[.]134[.]52/0jVu73d/Plugins/clip64[.]dll hxxp://193[.]233[.]20[.]26/Do3m4Gor/Plugins/cred64[.]dll hxxp://193[.]233[.]20[.]25/buH5N004d/Plugins/cred64[.]dll hxxp://193[.]233[.]20[.]25/buH5N004d/Plugins/clip64[.]dll hxxp://193[.]233[.]20[.]26/Do3m4Gor/Plugins/clip64[.]dll hxxp://212[.]118[.]43[.]106/dF30Hn4m/index[.]php hxxp://212[.]118[.]43[.]106/dF30Hn4m/Plugins/clip64[.]dll hxxp://212[.]118[.]43[.]106/dF30Hn4m/Plugins/cred64[.]dll	Amadey
URL	hxxps://mafaldaflamniabarateiro[.]skin/documentos/Documento_Recebido hxxps://mournsteelhawktongue[.]mom/documentos/Documento_Recebido hxxps://ofwejfiowerubfirewubi[.]mom/documentos/Documento_Recebido hxxps://sidewormpower[.]pics/documentos/Documento_Recebido	Astaroth
URL	hxxp://79[.]137[.]206[.]102/Setup2[.]exe	AsyncRAT
URL	hxxp://185[.]106[.]93[.]135/auth hxxp://82[.]115[.]223[.]9/auth hxxp://185[.]106[.]93[.]237/1[.]exe	Aurora Stealer
URL	hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm4 hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]sparc hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]mpsl hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm5 hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]ppc hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm6 hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]arm7 hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]mips hxxp://85[.]217[.]144[.]59/fuckjewishpeople[.]x86	Bashlite
URL	hxxps://appcisco[.]com/vpncleint/cisco-anyconnect-4_9_0195[.]msi	BumbleBee
URL	hxxp://1[.]13[.]80[.]134:8080/g[.]pixel hxxp://46[.]29[.]165[.]125:8888/cx hxxp://116[.]62[.]127[.]33:3333/ga[.]js hxxps://bravo[.]minutes-men[.]com/fo hxxp://45[.]88[.]170[.]91:444/ptj hxxps://124[.]70[.]100[.]184/pixel[.]gif hxxp://104[.]168[.]9[.]28:9998/activity hxxp://8[.]131[.]118[.]10/updates[.]rss hxxp://45[.]207[.]58[.]57:2090/ga[.]js hxxp://165[.]22[.]241[.]234/ptj hxxp://124[.]70[.]92[.]91/ga[.]js hxxps://154[.]26[.]192[.]11/push hxxp://60[.]247[.]225[.]30:8876/ptj hxxps://64[.]44[.]101[.]73/Get/v10[.]37/77QVTIX5Z5 hxxps://wacuvosa[.]com/Get/v10[.]37/77QVTIX5Z5 hxxps://202[.]95[.]19[.]215/cm hxxp://45[.]9[.]74[.]66/c/msdownload/update/others/2020/10/29136388_ hxxp://43[.]139[.]78[.]242:8090/ga[.]js hxxps://luo[.]dchu2u[.]com/__utm[.]gif hxxp://43[.]143[.]237[.]87:5678/pixel hxxps://34[.]125[.]190[.]77/pixel[.]gif hxxp://47[.]106[.]123[.]86:8080/www/handle/doc hxxps://107[.]182[.]18[.]105/updates[.]rss hxxps://67[.]205[.]142[.]226/nv hxxps://43[.]143[.]237[.]87/dot[.]gif hxxp://103[.]67[.]191[.]89:8080/push hxxp://128[.]199[.]80[.]168:8848/activity hxxps://8[.]131[.]118[.]10/ca hxxps://81[.]68[.]136[.]116:8081/jquery-3[.]3[.]1[.]min[.]js hxxp://globaltechline[.]com/media[.]css hxxp://64[.]27[.]23[.]163:8843/dot[.]gif hxxp://143[.]42[.]120[.]56:48888/discussion/mayo-clinic-radio-als/ hxxps://3[.]65[.]214[.]164/pixel[.]gif hxxps://43[.]156[.]59[.]131:4433/g[.]pixel hxxps://ns1[.]xync[.]org/search/ hxxp://87[.]251[.]67[.]73:445/cm hxxp://8[.]210[.]246[.]238:8443/www/handle/doc hxxp://143[.]42[.]120[.]56:8082/discussion/ hxxps://108[.]165[.]178[.]43:9191/__utm[.]gif hxxps://108[.]165[.]178[.]42:9191/fwlink hxxps://87[.]251[.]67[.]73/j[.]ad hxxp://43[.]130[.]70[.]58:8020/g[.]pixel hxxp://3[.]65[.]214[.]164/push hxxp://rsaus[.]com/jquery-3[.]3[.]1[.]min[.]js hxxp://dyshangcheng[.]info:8888/g[.]pixel hxxp://185[.]74[.]222[.]46:446/IE9CompatViewList[.]xml hxxp://46[.]29[.]165[.]125:8888/load hxxp://139[.]224[.]17[.]133/owa/ hxxp://54[.]168[.]238[.]73/push hxxp://45[.]76[.]175[.]177/mht_image/ hxxps://23[.]106[.]215[.]231:8080/detect/BackOffice/GPS30WXFG hxxps://vibotuco[.]com:8080/detect/BackOffice/GPS30WXFG hxxps://psd[.]hik[.]icu/ca hxxps://54[.]168[.]238[.]73/visit[.]js hxxp://ndtv[.]ltd:6667/cm hxxps://43[.]138[.]62[.]36/cm hxxp://150[.]158[.]55[.]102:443/IE9CompatViewList[.]xml hxxp://121[.]43[.]189[.]59:7777/updates[.]rss hxxp://bancodobrasil[.]in/cm hxxp://123[.]249[.]77[.]187:8080/IE9CompatViewList[.]xml hxxp://60[.]247[.]225[.]30:8876/fwlink hxxp://171[.]22[.]30[.]252/g[.]pixel hxxps://116[.]204[.]65[.]207/en_US/all[.]js hxxps://222[.]218[.]187[.]71/api/x hxxp://121[.]43[.]189[.]59:8010/dpixel hxxps://1[.]117[.]73[.]197/cm hxxp://80[.]240[.]19[.]194:9000/cx hxxp://5[.]188[.]86[.]194:8088/cx hxxp://43[.]156[.]59[.]131:81/ca hxxp://43[.]139[.]78[.]242:8090/cx hxxp://5[.]188[.]86[.]194/fwlink hxxp://157[.]245[.]153[.]7/rs[.]js hxxps://194[.]135[.]24[.]238/cx hxxp://194[.]135[.]24[.]238/cm hxxp://nemucefah[.]com:443/wp-includes/skin[.]mp3 hxxp://5[.]9[.]224[.]208/design/query/9X5M3SOE0F hxxp://38[.]147[.]171[.]220/api/x hxxps://d1fgry9dth4dwk[.]cloudfront[.]net/s/yXG1Ce9erSHqOiGKLd5kbQiOd/field-keywords/ hxxps://172[.]96[.]237[.]159:8443/g[.]pixel hxxps://179[.]43[.]187[.]185/us/ky/louisville/312-s-fourth-st[.]html hxxps://office[.]mcuweb[.]cf/en_US/all[.]js hxxps://149[.]28[.]131[.]30/push hxxps://us-central1-noted-processor-340815[.]cloudfunctions[.]net/proxy/gp/aj/private/reviewsGallery/get-application-resources hxxp://207[.]148[.]93[.]50:8090/cm hxxps://posta[.]speedstorm[.]tk/__utm[.]gif hxxp://179[.]43[.]187[.]185:8080/us/ky/louisville/312-s-fourth-st[.]html hxxp://31[.]22[.]109[.]182:8080/cx hxxps://57[.]128[.]195[.]112:8443/images/ZLWuaWju2m51TwSnY9wO[.]png hxxps://43[.]128[.]115[.]54:64443/ca hxxp://www[.]dhksblog[.]top/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books hxxp://digitalenergetic[.]com/copyright[.]css hxxps://digitalenergetic[.]com/mt[.]js hxxp://143[.]42[.]120[.]56:8084/hubcap/mayo-clinic-radio-full-shows/ hxxp://tibenorote[.]com:443/static-directory/fr[.]gif hxxps://103[.]30[.]17[.]40/cx hxxp://103[.]30[.]17[.]40/cx hxxp://45[.]88[.]170[.]91:5555/IE9CompatViewList[.]xml hxxp://103[.]193[.]192[.]87:8002/cx hxxps://sufiduwo[.]com/links[.]js hxxp://114[.]115[.]135[.]149:50050/push hxxp://42[.]193[.]154[.]14:8001/dot[.]gif hxxp://101[.]43[.]147[.]69:83/IE9CompatViewList[.]xml hxxp://5[.]181[.]159[.]33/en_US/all[.]js hxxp://106[.]52[.]46[.]225/ca hxxp://159[.]65[.]136[.]204:4444/match hxxp://218[.]11[.]133[.]33:8805/dot[.]gif hxxps://43[.]139[.]166[.]32/__utm[.]gif hxxp://psd[.]hik[.]icu/cx hxxps://apidiscord[.]com/IE9CompatViewList[.]xml hxxps://81[.]68[.]136[.]116/www/handle/doc hxxp://120[.]53[.]220[.]154:8080/dpixel hxxp://psd[.]hik[.]icu:3389/pixel[.]gif hxxps://193[.]149[.]176[.]42/www/handle/doc hxxps://my-mac-24[.]com/design/query/9X5M3SOE0F hxxp://143[.]198[.]81[.]224/cs/jquery-3[.]3[.]1[.]min[.]js hxxps://185[.]143[.]223[.]120:444/activity hxxps://147[.]78[.]47[.]232/cx hxxp://13[.]214[.]153[.]85/push hxxp://143[.]42[.]120[.]56:47666/discussion/mayo-clinic-radio-als/ hxxp://107[.]172[.]78[.]195/ga[.]js hxxps://techlineengineering[.]com/rw[.]css hxxp://techlineengineering[.]com/sm[.]css hxxps://69791vp629[.]yicp[.]fun/cacert[.]exe hxxp://39[.]107[.]70[.]26:8888/g[.]pixel hxxp://47[.]115[.]214[.]195/push hxxp://43[.]143[.]159[.]171/IE9CompatViewList[.]xml hxxp://42[.]192[.]222[.]92:4433/jYIQ hxxp://42[.]192[.]222[.]92:4433/fwlink hxxps://second[.]yayayawawawa[.]cn:8443/g[.]pixel hxxp://152[.]89[.]196[.]245:6789/ca	Cobalt Strike
URL	hxxps://tecnozona[.]site/DW/MainV2[.]0[.]exe hxxp://45[.]63[.]74[.]55/83Video/LineJs/4LinuxPublic/SqlPhpDb/pythonBase/Provider0/BasePrivatedatalife0/GeoBetterasync/Wpwordpress/Generator/Bigloadprivate1/2TrackRequest/6Packet5/phpSecureCpuDbprivate/d5b8e51eae54b9bef4ddbeac04318d223ea2dc3c-d659d96d15c7a1206f44eb36ed72495563140859/ hxxp://79[.]137[.]204[.]58/uac[.]exe hxxp://79[.]137[.]204[.]58/b2date[.]exe hxxp://79[.]137[.]206[.]102/uac[.]exe	Coinminer
URL	hxxp://xjupom52[.]top/gate[.]php hxxp://xjuoso62[.]top/gate[.]php hxxp://xjuupt72[.]top/gate[.]php	CryptBot
URL	hxxp://81[.]200[.]152[.]41/videogeneratorprivate[.]php hxxp://37[.]230[.]112[.]51/_Vmmariadb/Test/dleflowerJavascriptVideo/DlewindowsMariadbPoll/2/External/ProtoncdnPacket/bigload/track/1vm/LinuxpipeEternal/WordpressTophp/eternal3Windows/ServerLine/pollvoiddbdump/WpMultiVideo/securebigloadTestTempuploads[.]php hxxp://82[.]146[.]60[.]81/Js_serversql[.]php hxxp://212[.]109[.]192[.]100/longpollsqlcdn[.]php	DCRat
URL	hxxps://2338d[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent hxxps://52957[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent hxxps://d74c8[.]stuff[.]libertydentalcourse[.]ca/subscribeEvent	FAKEUPDATES
URL	hxxp://truongnoivu-phqn[.]edu[.]vn/media/warino2[.]1[.]exe	Formbook
URL	hxxps://scdentales[.]com/impresa/Agenzia_Entrate[.]zip hxxps://sikonci[.]com/impresa/Agenzia_Entrate[.]zip hxxps://youraccacoach[.]com/impresa/Agenzia_Entrate[.]zip hxxp://evolve-adv[.]com/impresa/Agenzia_Entrate[.]zip hxxp://edispro-qa[.]appprompt[.]com/impresa/Agenzia_Entrate[.]zip hxxps://crystalcoin[.]cc/impresa/Agenzia_Entrate[.]zip hxxp://www[.]nipunpharmaskill[.]com/impresa/Agenzia_Entrate[.]zip hxxps://musicaondemand[.]com/impresa/Agenzia_Entrate[.]zip hxxps://goodstuffdist[.]com/impresa/Agenzia_Entrate[.]zip hxxps://designrrgroup[.]com/impresa/Agenzia_Entrate[.]zip hxxps://culinaria-passoapasso[.]artesanatodosucesso[.]com/impresa/Agenzia_Entrate[.]zip hxxps://sherryanneinteriors[.]com/impresa/Agenzia_Entrate[.]zip hxxp://hdstatusvideos[.]com/impresa/Agenzia_Entrate[.]zip hxxps://rollsbeer[.]com/impresa/Agenzia_Entrate[.]zip hxxps://saoudflowers[.]com/impresa/Agenzia_Entrate[.]zip hxxps://zsrest[.]com/impresa/Agenzia_Entrate[.]zip hxxp://jaccolima[.]com/impresa/Agenzia_Entrate[.]zip hxxps://live[.]com[.]gt/impresa/Agenzia_Entrate[.]zip hxxp://www[.]arkidecture[.]com/impresa/Agenzia_Entrate[.]zip hxxp://derekludlow[.]com/impresa/Agenzia_Entrate[.]zip hxxps://qrroom[.]com/impresa/Agenzia_Entrate[.]zip hxxps://votre-futur-site[.]com/impresa/Agenzia_Entrate[.]zip hxxp://lavacolla[.]com/impresa/Agenzia_Entrate[.]zip hxxp://bestmagento[.]com/impresa/Agenzia_Entrate[.]zip	Gozi
URL	hxxp://45[.]159[.]188[.]109/bot/regex hxxp://lotomania[.]info/ckeditor/themes/123[.]exe	Laplas
URL	hxxp://teleportstation[.]tk/Panel/five/fre[.]php hxxp://107[.]172[.]81[.]7/2031/vbc[.]exe hxxp://68[.]183[.]13[.]128/?page_id=5720585542868 hxxp://85[.]31[.]45[.]28/winspace/[.]win32[.]exe hxxp://107[.]172[.]81[.]7/2030/vbc[.]exe hxxp://185[.]246[.]220[.]85/bally/five/fre[.]php	LokiBot
URL	hxxp://82[.]118[.]23[.]50/c2sock	Lumma Stealer
URL	hxxp://81[.]240[.]108[.]170/request	Mars Stealer
URL	hxxp://111[.]14[.]153[.]148:40837/Mozi[.]m hxxp://161[.]8[.]206[.]200:41970/Mozi[.]m hxxp://123[.]14[.]116[.]145:53706/Mozi[.]m hxxp://42[.]229[.]162[.]64:45032/Mozi[.]m	Mozi
URL	hxxp://193[.]233[.]202[.]219/niko1	PerlBot
URL	hxxp://al-shifaa[.]com/agama/gate[.]php	Pony
URL	hxxp://94[.]142[.]138[.]113/api/firegate[.]php hxxp://62[.]204[.]41[.]88/lend/nik0300[.]exe	PrivateLoader
URL	hxxp://192[.]3[.]26[.]135/uo/Iyifjvmsf[.]png	PureCrypter
URL	hxxp://143[.]244[.]147[.]175/3r7w/020/ssd[.]dll hxxp://157[.]245[.]254[.]227/EMs6DTE/020/ssd[.]dll hxxp://138[.]197[.]74[.]198/eRV/020/ssd[.]dll	QakBot
URL	hxxps://evilsoftware[.]vip/dwn/%D0%A0%D0%9D%D0%9E%D0%A2%D0%9ES%D0%9D%D0%9E%D0%A0%D0%90%D0%A0%D0%A0[.]rar hxxps://oof00[.]com/666/106[.]exe hxxp://79[.]137[.]203[.]5/2ad49f49427f82a7d04228c4899477a7 hxxp://83[.]217[.]11[.]32/5b23d4d6c51ec61cf04fad1d98a14950	RecordBreaker
URL	hxxp://193[.]233[.]20[.]22/ti/mohta[.]exe hxxp://193[.]56[.]146[.]10/koh/narko[.]exe hxxp://91[.]215[.]85[.]15/doz[.]exe hxxp://193[.]56[.]146[.]10/mel/starka[.]exe hxxp://193[.]233[.]20[.]22/ti/mohta5[.]exe hxxp://193[.]233[.]20[.]22/male/serko4[.]exe hxxp://193[.]233[.]20[.]26/ti/serko4[.]exe	RedLine Stealer
URL	hxxp://195[.]3[.]223[.]218:443/admin/console/index[.]html	Rhadamanthys
URL	hxxp://192[.]3[.]26[.]135/00/pom[.]exe hxxp://198[.]46[.]174[.]170/250/vbc[.]exe hxxp://192[.]3[.]26[.]135/82/mmc[.]exe hxxp://192[.]3[.]26[.]135/jn[.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.][.]doc hxxp://192[.]3[.]26[.]135/gr8c/uaavp[.]exe	Snake Keylogger
URL	hxxp://givesd[.]link/410b5129171f10ea[.]php hxxp://givesd[.]link/c043bcd0ba06ae1d/nss3[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/sqlite3[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/mozglue[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/freebl3[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/vcruntime140[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/msvcp140[.]dll hxxp://givesd[.]link/c043bcd0ba06ae1d/softokn3[.]dll hxxps://oof00[.]com/666/105[.]exe hxxp://109[.]206[.]241[.]33/files/setup1[.]exe	Stealc
URL	hxxp://81[.]240[.]108[.]170/gate[.]php	Vidar
URL	hxxp://109[.]206[.]240[.]41:5802/is-ready	WSHRAT

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております