D アラート情報｜サイバーリスク情報提供サービス「D アラート」

不正URLへのアクセス、不正メールの受信

メール受信した 弊社お客様0社 URLアクセスした 弊社お客様0社: 2023/05/26
※2023/05/26 更新
マルウェア感染させると考えられるURLを検知（2023/05/26）

■IoC（※1）



Type:
IOC:
Signature:


URL
hxxp://bankslip[.]info/nash//receive[.]php
hxxp://bankslip[.]info/nash/
hxxp://bankslip[.]info/dadsroots//receive[.]php
hxxp://bankslip[.]info/dadsroots/
BlackNET RAT


URL
hxxp://85[.]217[.]144[.]143/files/PEP2[.]exe
hxxps://xptv1[.]com/wp-content/uploads/debug2[.]ps1
GCleaner


URL
hxxp://23[.]95[.]122[.]242/1210/INET_CACHE[.]exe
hxxp://23[.]95[.]122[.]242/88/vbc[.]exe
hxxp://104[.]234[.]10[.]91/ie/IEIEIEIEIE%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23ieieieieieieie[.]doc
hxxp://194[.]180[.]48[.]187/jie[.]txt
hxxp://143[.]42[.]1[.]190/2122/TEMP_CACHE[.]exe
Remcos


URL
hxxp://104[.]225[.]129[.]16/av60NL371yAuRPb[.]dat
hxxp://104[.]225[.]129[.]16/aWaBTkUgdp9uin0GK[.]dat
hxxp://104[.]225[.]129[.]16/ajZd3hVYfb14MIow[.]dat
hxxp://104[.]225[.]129[.]16/aaKjcHnN4UfoVqRzd[.]dat
hxxp://104[.]225[.]129[.]16/adRaiJD6ufSV0Pqp9[.]dat
hxxp://104[.]225[.]129[.]16/ar4uAi0wXdHUQ5I[.]dat
hxxp://85[.]239[.]53[.]207/aWaBTkUgdp9uin0GK[.]dat
hxxp://45[.]76[.]58[.]72/aWaBTkUgdp9uin0GK[.]dat
hxxp://45[.]76[.]58[.]72/ajZd3hVYfb14MIow[.]dat
hxxp://85[.]239[.]53[.]207/av60NL371yAuRPb[.]dat
hxxp://85[.]239[.]53[.]207/ajZd3hVYfb14MIow[.]dat
hxxp://85[.]239[.]53[.]207/adRaiJD6ufSV0Pqp9[.]dat
hxxp://149[.]50[.]209[.]69/aWaBTkUgdp9uin0GK[.]dat
hxxp://149[.]50[.]209[.]69/adRaiJD6ufSV0Pqp9[.]dat
hxxp://149[.]50[.]209[.]69/ajZd3hVYfb14MIow[.]dat
hxxp://146[.]19[.]75[.]52/aaKjcHnN4UfoVqRzd[.]dat
hxxp://5[.]42[.]221[.]115/aWaBTkUgdp9uin0GK[.]dat
hxxp://5[.]42[.]221[.]115/ajZd3hVYfb14MIow[.]dat
hxxp://5[.]42[.]221[.]115/av60NL371yAuRPb[.]dat
hxxp://5[.]42[.]221[.]115/aaKjcHnN4UfoVqRzd[.]dat
hxxp://146[.]19[.]75[.]52/ajZd3hVYfb14MIow[.]dat
hxxp://146[.]19[.]75[.]52/aWaBTkUgdp9uin0GK[.]dat
hxxp://146[.]19[.]75[.]52/av60NL371yAuRPb[.]dat
hxxp://45[.]76[.]58[.]72/ar4uAi0wXdHUQ5I[.]dat
hxxps://hapvidaplanos[.]com[.]br/oqzgluuidk/rentfree[.]zip
hxxps://eventon[.]us/cbtknhuvtz/rentfree[.]zip
hxxps://hearingclinic[.]com[.]pk/jvllbswxpo/rentfree[.]zip
hxxps://greenlinelabs[.]in/npztnvghey/rentfree[.]zip
hxxps://lushimarche[.]com/icpkirnnqo/rentfree[.]zip
hxxps://emilie-maillen[.]be/nvvmuhjmyk/rentfree[.]zip
hxxps://jeanclaudecelin[.]com/tolidinjfw/rentfree[.]zip
hxxps://guthealthsolutions[.]info/nlrnplwyku/rentfree[.]zip
hxxp://guthealthexperts[.]info/enwfxkcxlu/rentfree[.]zip
hxxp://adubuildersco[.]com/ewukhyqpjz/rentfree[.]zip
hxxps://ignmas[.]cl/mghguhrwep/rentfree[.]zip
hxxps://nrgservices[.]net[.]au/mu/
hxxps://sehatcom[.]com/ci/
hxxps://cleartec[.]net[.]bo/pstm/
hxxps://aroosdimashq[.]com/ldo/
hxxp://158[.]255[.]213[.]72/W5O/TB9mkKe4Qzu
hxxps://chartercarretero[.]com/udcp/
hxxps://drtopeade[.]com/aroc/
hxxps://zamzamtradingbd[.]com/som/
hxxps://dasp[.]org[.]pk/ul/
hxxp://151[.]236[.]22[.]142/mQpWA8n/kxyj5
hxxps://islip[.]net/lega/
hxxps://liberianqueencosmetic[.]com/drum/
hxxps://eagleuhd[.]com/lnue/
hxxps://biddyaniketonhighschool[.]com/flmi/
hxxps://exemplarywriters[.]com/etn/
hxxps://orcirrus[.]com/rut/
hxxps://market-mirror[.]com/pr/
hxxps://nalmaconigeria[.]com/elm/
hxxps://meamoveissobmedida[.]com/me/
hxxps://aritenorio[.]com/ueti/
hxxps://guidemyjob[.]com/igdu/
hxxps://gabconsultingtechservices[.]com/iqa/
hxxps://insourcecod[.]co[.]uk/gei/
hxxps://pga7[.]com/nt/
hxxps://fukutex[.]net/uqe/
hxxps://belachennai[.]com/pdi/
hxxps://imobiliariadigitalimoveis[.]com/mri/
hxxps://homehealthcaregroupinc[.]com/sua/
hxxps://prismaiq[.]com/li/
hxxps://ghanasupply[.]com/etc/
hxxps://cheftuoyo[.]com/sm/
hxxps://gewinnmax[.]com/uipl/
hxxps://fondoami[.]com/pql/
hxxps://mortalflix[.]com/dr/
hxxps://tscomputers[.]net[.]pe/ri/
hxxps://runetcrafts[.]com/ienu/
hxxps://wahdaniyyadatahub[.]com/ti/
hxxps://innovachem-jo[.]com/psec/
hxxps://dgisafe[.]com/qsed/
hxxp://162[.]252[.]172[.]156/T3qnD/PXNuYAPR
hxxps://urworthmore[.]com/st/
hxxps://conforfit[.]com/iu/
hxxps://toddgunterrestoration[.]com/etp/
hxxps://istbaas[.]com/sr/
hxxps://iwebtravel[.]com/ol/
hxxps://barakatpharmacy[.]com/aaqi/
hxxps://pillsenergy[.]com/iosn/
hxxps://hmtdtechvn[.]com/umta/
hxxps://idrogeolab[.]it/oaem/
hxxps://techbo[.]org/ein/
hxxps://msaedtech[.]com/eume/
hxxps://coldwarpublications[.]com/uu/
hxxps://kujme[.]com/ut/
hxxps://perezlandscapedesigns[.]com/sn/
hxxps://sufirfan[.]org/armu/
hxxps://scgcofres[.]com/biti/
hxxps://kenobs[.]org/rtem/
hxxps://top-kuwait[.]com/iirm/
hxxps://alghreef[.]com/aiq/
hxxps://alcanal[.]com/ed/
hxxps://aquarealtyservices[.]com/brio/
hxxps://midcareerguide[.]com/qai/
hxxps://buygmails[.]com/aabt/
hxxps://flyhighered[.]com/ti/
hxxps://tovecpharma[.]com/tini/
hxxps://garagedoorrepairhalifax[.]com/eort/
hxxps://pacersur[.]com/sfo/
hxxps://dbaccess[.]com/nnc/
hxxps://recrealtor[.]com/vl/
hxxps://novaesperanca[.]org[.]br/ic/
hxxps://fernandinapropertymaintenance[.]com/ouno/
hxxps://kawert[.]com/aqie/
hxxps://as2kdigital[.]com/nmts/
hxxps://blinkedgeandwillsun[.]com/dun/
hxxps://esjpakistan[.]com/do/
hxxps://accessoriesmuseum[.]com/tcs/
hxxps://akhtarweb[.]com/sma/
hxxps://africanintegrationfestival[.]com/ut/
hxxps://aboali1[.]net/coi/
hxxps://kamderas[.]com/aa/
hxxps://djgruas[.]com/os/
hxxps://adttowing[.]com/inoa/
hxxps://evollui[.]com/oid/
hxxps://questmedicalimaging[.]com/rt/
hxxps://awlaadelkhouly[.]com/svpa/
hxxps://articlesmonster[.]com/uidm/
hxxps://newsbusiness[.]net/do/
hxxps://drjosephchemistry[.]com/efcm/
hxxps://triplevmusic[.]com/usi/
hxxps://jojoexports[.]com/petl/
hxxps://hydronomicsgh[.]com/ebs/
hxxps://alfanarpalacehotel[.]com/fal/
hxxps://hepm[.]co[.]uk/ro/
hxxps://burjbiz[.]com/nusu/
hxxps://sunnex-tech[.]com/etdp/
hxxps://capstonee[.]com/nai/
hxxps://sbdcbahamas[.]com/amte/
hxxps://vuelosfantastico[.]com/iqtu/
QakBot


URL
hxxp://85[.]217[.]144[.]143/files/Setup_x32_x64[.]exe
Arkei Stealer


URL
hxxp://141[.]94[.]149[.]125/W90___11/dwm[.]exe
Formbook


URL
hxxp://178[.]62[.]222[.]195:8080/pniu2/super[.]exe
hxxp://91[.]215[.]85[.]198:19123/49b0a
hxxp://77[.]91[.]124[.]20/DSC01491/fotocr05[.]exe
hxxp://95[.]214[.]27[.]98/lend/build9[.]exe
hxxp://77[.]91[.]68[.]62/DSC01491/fotocr05[.]exe
hxxp://77[.]91[.]68[.]62/DSC01491/foto495[.]exe
RedLine Stealer


URL
hxxp://daniil39[.]ru/newamka2[.]1[.]exe
hxxp://daniil39[.]ru/ostraj2[.]1[.]exe
Warzone RAT


URL
hxxps://103[.]14[.]224[.]41/370/INT_CACHE[.]exe
hxxp://103[.]14[.]224[.]41/510/IE_NET[.]exe
hxxp://194[.]180[.]48[.]59/petercodyzx[.]exe
hxxp://103[.]14[.]224[.]41/520/IE_NET[.]exe
LokiBot


URL
hxxps://87[.]121[.]221[.]18/Explorer/vbc[.]exe
hxxp://185[.]252[.]179[.]22/black/inc/b7c6f3f48ef1c3[.]php
hxxp://45[.]88[.]66[.]43/mymonygoneagain[.]txt
hxxp://blocexpert[.]eu/[.]well-known/now[.]txt
hxxp://107[.]172[.]130[.]135/BPP[.]exe
hxxp://45[.]88[.]66[.]43/macityyyyy[.]txt
hxxp://blocexpert[.]eu/[.]well-known/server[.]txt
hxxp://blocexpert[.]eu/[.]well-known/origin[.]txt
Agent Tesla


URL
hxxp://162[.]55[.]212[.]236/Otisdssd[.]exe
hxxp://95[.]217[.]102[.]100/7a30931b86e576c1[.]php
hxxp://ronaldlitt[.]top/25d4fc7fb0cb6b78[.]php
Stealc


URL
hxxp://162[.]55[.]212[.]236/vulcancontrol[.]exe
Laplas


URL
hxxps://193[.]29[.]13[.]159/j[.]ad
hxxps://209[.]141[.]39[.]46:1443/activity
hxxp://5[.]189[.]231[.]218:7070/pixel[.]gif
hxxp://193[.]201[.]9[.]112/ptj
hxxps://193[.]201[.]9[.]112/__utm[.]gif
hxxp://1[.]14[.]68[.]150/g[.]pixel
hxxps://eas[.]cqivc[.]com/c/msdownload/update/others/2021/03/29136388_
hxxps://xytcdn[.]hongmengchuangke[.]com/c/msdownload/update/others/2021/03/29136388_
hxxps://111[.]229[.]10[.]49:8081/Level/v2[.]4/ESXMHR5SW9EQ
hxxp://1[.]12[.]243[.]119:1111/pixel
hxxp://112[.]84[.]131[.]135:8080/match
hxxp://119[.]45[.]71[.]204:8888/fwlink
hxxp://103[.]70[.]59[.]130:8945/activity
hxxp://175[.]24[.]205[.]80:7777/push
hxxp://47[.]109[.]47[.]215:8888/visit[.]js
hxxps://85[.]217[.]144[.]148/pixel[.]gif
hxxp://1[.]117[.]144[.]20:50002/fwlink
hxxps://1[.]117[.]144[.]20:50001/__utm[.]gif
hxxp://175[.]24[.]235[.]158:6060/en_US/all[.]js
hxxp://43[.]139[.]52[.]123:82/ga[.]js
hxxp://85[.]217[.]144[.]148/g[.]pixel
hxxps://124[.]70[.]200[.]2/s/ref=nb_sb_noss_1/167-3294288-0364949/field-keywords=movies
hxxps://120[.]78[.]189[.]210:9090/jquery-3[.]3[.]1[.]min[.]js
hxxp://121[.]4[.]59[.]117:9993/en_US/all[.]js
hxxps://103[.]39[.]78[.]208/ca
hxxp://139[.]9[.]216[.]32:8866/IE9CompatViewList[.]xml
hxxps://121[.]37[.]182[.]166/load
hxxp://49[.]233[.]107[.]150:7524/updates[.]rss
hxxp://121[.]5[.]5[.]192:8089/jquery-3[.]3[.]1[.]min[.]js
hxxp://120[.]245[.]62[.]185:50001/updates[.]rss
hxxp://103[.]39[.]78[.]208:8080/dpixel
hxxps://103[.]97[.]176[.]111:8443/activity
hxxps://18[.]183[.]25[.]131/j[.]ad
hxxps://118[.]195[.]189[.]67/fwlink
hxxps://app[.]professional-survey[.]com/api/Updates
hxxps://app[.]towerfinancial[.]net/api/Updates
hxxp://1[.]13[.]17[.]173:1234/a
hxxp://1[.]13[.]17[.]173:2020/ca
hxxp://1[.]13[.]17[.]173:2020/IE9CompatViewList[.]xml
hxxps://8[.]140[.]37[.]238:9999/dot[.]gif
hxxp://106[.]14[.]82[.]209:8086/__utm[.]gif
hxxp://8[.]130[.]84[.]57:8888/j[.]ad
hxxps://113[.]105[.]162[.]253/g[.]pixel
hxxps://180[.]95[.]234[.]190/dot[.]gif
hxxps://36[.]99[.]200[.]132/dot[.]gif
hxxps://112[.]84[.]131[.]135/en_US/all[.]js
hxxps://8[.]130[.]84[.]57/ga[.]js
hxxp://116[.]204[.]75[.]118:33334/push
hxxp://43[.]142[.]185[.]126:6789/updates[.]rss
hxxp://114[.]55[.]59[.]125:8081/__utm[.]gif
hxxp://81[.]70[.]84[.]223:8088/updates[.]rss
hxxp://117[.]50[.]184[.]22:8787/dpixel
hxxp://117[.]50[.]198[.]203:20001/visit[.]js
hxxp://117[.]50[.]184[.]22:8686/fwlink
hxxp://8[.]140[.]37[.]238:9090/dpixel
hxxp://117[.]50[.]184[.]22:8282/push
hxxp://117[.]50[.]184[.]22:6565/match
hxxp://139[.]155[.]0[.]238:8084/j[.]ad
hxxp://49[.]0[.]250[.]177/pixel[.]gif
hxxp://117[.]50[.]184[.]22:7676/cx
hxxps://193[.]42[.]24[.]169:8455/mobile-home
hxxp://www[.]amz123[.]world:8080/dpixel
hxxp://www[.]amz123[.]world:2082/j[.]ad
hxxp://1[.]12[.]243[.]119:1111/updates[.]rss
hxxps://106[.]12[.]127[.]251:4455/dot[.]gif
hxxps://23[.]108[.]57[.]227/Acquire/v3[.]5/XCOSIQZ8V39R
hxxps://guwamog[.]network/Acquire/v3[.]5/XCOSIQZ8V39R
hxxps://120[.]79[.]3[.]140:8443/en_US/all[.]js
hxxps://1[.]15[.]74[.]201:8443/dev_yn/Link/css/BWIB98OEC
hxxps://167[.]88[.]164[.]141/jquery-3[.]3[.]1[.]min[.]js
hxxps://124[.]222[.]160[.]123:44444/view[.]jsp
hxxp://107[.]172[.]130[.]140/ga[.]js
hxxp://103[.]100[.]159[.]212/restapi/soa2/21881/json/gethotdestination
hxxp://193[.]29[.]13[.]148/dot[.]gif
hxxps://47[.]104[.]168[.]157/news/details
hxxp://72[.]44[.]68[.]94:10001/pixel
hxxp://20[.]212[.]33[.]161/visit[.]js
hxxp://170[.]64[.]169[.]229:4433/__utm[.]gif
hxxp://175[.]24[.]201[.]188:32001/j[.]ad
hxxp://104[.]225[.]156[.]227:8443/c/msdownload/update/others/2016/12/29136388_
hxxp://47[.]104[.]168[.]157:8080/news/details
Cobalt Strike


URL
hxxp://5[.]75[.]210[.]95/addon[.]zip
hxxp://78[.]47[.]34[.]59:30303/addon[.]zip
Vidar


URL
hxxp://185[.]174[.]137[.]154/s[.]exe
SmokeLoader


URL
hxxp://77[.]91[.]124[.]20/DSC01491/foto495[.]exe
hxxp://77[.]91[.]68[.]62/wings/game/index[.]php
hxxp://77[.]91[.]68[.]62/wings/game/Plugins/clip64[.]dll
hxxp://79[.]137[.]203[.]59/1nbj4D3c/Login[.]php
Amadey


URL
hxxps://figocoin[.]it/auth[.]php
NetSupportManager RAT


URL
hxxps://centraless[.]com/dettaglio
hxxp://centraless[.]com/dettaglio
Gozi


URL
hxxp://81[.]254[.]128[.]85/Ol/C0P
hxxp://169[.]216[.]46[.]239/XE/Y
hxxp://76[.]115[.]120[.]231/H/D2a
hxxp://214[.]143[.]82[.]176/ZcHk/hYiy
hxxps://tip-cleaning[.]com/rpc/?940677
hxxps://restaurant-lavie[.]de/ine/?341677
hxxps://mattgoldenberg[.]net/dsaa/?851677
hxxps://escuelagrafica[.]com/rnet/?122677
hxxps://jazakbuilders[.]com/li/?610677
hxxps://aaieparking[.]com/ubo/?470877
hxxps://tenagakerja[.]org/ttie/?092777
hxxps://msaedtech[.]com/eve/?642677
hxxps://fodexy[.]com/rn/?354677
hxxps://edubrovnik[.]org/duqi/?912677
hxxps://lahotte[.]net/pl/?317677
hxxps://blockcereal[.]com/ai/?141677
hxxps://digitalnetcenters[.]com/aat/?371677
hxxps://popeyespizzachicken[.]com/nci/?621677
hxxps://brusselspools[.]com/iv/?754777
Pikabot




※1「i-FILTER」アクセスログを検索し端末を特定してください
    不要なアクセスを避けるため、一部変更しております。


■製品対応状況（※2）
▽i-FILTER（※3）
・[脅威情報サイト]カテゴリでブロック可能

※2 ブロックの可否は各製品の設定によるため、実際の結果はアクセスログを参照してください。
※3 暗号化された通信の場合は、SSL Adapterの設定を「利用」にする必要があります。

Type:	IOC:	Signature:
URL	hxxp://bankslip[.]info/nash//receive[.]php hxxp://bankslip[.]info/nash/ hxxp://bankslip[.]info/dadsroots//receive[.]php hxxp://bankslip[.]info/dadsroots/	BlackNET RAT
URL	hxxp://85[.]217[.]144[.]143/files/PEP2[.]exe hxxps://xptv1[.]com/wp-content/uploads/debug2[.]ps1	GCleaner
URL	hxxp://23[.]95[.]122[.]242/1210/INET_CACHE[.]exe hxxp://23[.]95[.]122[.]242/88/vbc[.]exe hxxp://104[.]234[.]10[.]91/ie/IEIEIEIEIE%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23%23ieieieieieieie[.]doc hxxp://194[.]180[.]48[.]187/jie[.]txt hxxp://143[.]42[.]1[.]190/2122/TEMP_CACHE[.]exe	Remcos
URL	hxxp://104[.]225[.]129[.]16/av60NL371yAuRPb[.]dat hxxp://104[.]225[.]129[.]16/aWaBTkUgdp9uin0GK[.]dat hxxp://104[.]225[.]129[.]16/ajZd3hVYfb14MIow[.]dat hxxp://104[.]225[.]129[.]16/aaKjcHnN4UfoVqRzd[.]dat hxxp://104[.]225[.]129[.]16/adRaiJD6ufSV0Pqp9[.]dat hxxp://104[.]225[.]129[.]16/ar4uAi0wXdHUQ5I[.]dat hxxp://85[.]239[.]53[.]207/aWaBTkUgdp9uin0GK[.]dat hxxp://45[.]76[.]58[.]72/aWaBTkUgdp9uin0GK[.]dat hxxp://45[.]76[.]58[.]72/ajZd3hVYfb14MIow[.]dat hxxp://85[.]239[.]53[.]207/av60NL371yAuRPb[.]dat hxxp://85[.]239[.]53[.]207/ajZd3hVYfb14MIow[.]dat hxxp://85[.]239[.]53[.]207/adRaiJD6ufSV0Pqp9[.]dat hxxp://149[.]50[.]209[.]69/aWaBTkUgdp9uin0GK[.]dat hxxp://149[.]50[.]209[.]69/adRaiJD6ufSV0Pqp9[.]dat hxxp://149[.]50[.]209[.]69/ajZd3hVYfb14MIow[.]dat hxxp://146[.]19[.]75[.]52/aaKjcHnN4UfoVqRzd[.]dat hxxp://5[.]42[.]221[.]115/aWaBTkUgdp9uin0GK[.]dat hxxp://5[.]42[.]221[.]115/ajZd3hVYfb14MIow[.]dat hxxp://5[.]42[.]221[.]115/av60NL371yAuRPb[.]dat hxxp://5[.]42[.]221[.]115/aaKjcHnN4UfoVqRzd[.]dat hxxp://146[.]19[.]75[.]52/ajZd3hVYfb14MIow[.]dat hxxp://146[.]19[.]75[.]52/aWaBTkUgdp9uin0GK[.]dat hxxp://146[.]19[.]75[.]52/av60NL371yAuRPb[.]dat hxxp://45[.]76[.]58[.]72/ar4uAi0wXdHUQ5I[.]dat hxxps://hapvidaplanos[.]com[.]br/oqzgluuidk/rentfree[.]zip hxxps://eventon[.]us/cbtknhuvtz/rentfree[.]zip hxxps://hearingclinic[.]com[.]pk/jvllbswxpo/rentfree[.]zip hxxps://greenlinelabs[.]in/npztnvghey/rentfree[.]zip hxxps://lushimarche[.]com/icpkirnnqo/rentfree[.]zip hxxps://emilie-maillen[.]be/nvvmuhjmyk/rentfree[.]zip hxxps://jeanclaudecelin[.]com/tolidinjfw/rentfree[.]zip hxxps://guthealthsolutions[.]info/nlrnplwyku/rentfree[.]zip hxxp://guthealthexperts[.]info/enwfxkcxlu/rentfree[.]zip hxxp://adubuildersco[.]com/ewukhyqpjz/rentfree[.]zip hxxps://ignmas[.]cl/mghguhrwep/rentfree[.]zip hxxps://nrgservices[.]net[.]au/mu/ hxxps://sehatcom[.]com/ci/ hxxps://cleartec[.]net[.]bo/pstm/ hxxps://aroosdimashq[.]com/ldo/ hxxp://158[.]255[.]213[.]72/W5O/TB9mkKe4Qzu hxxps://chartercarretero[.]com/udcp/ hxxps://drtopeade[.]com/aroc/ hxxps://zamzamtradingbd[.]com/som/ hxxps://dasp[.]org[.]pk/ul/ hxxp://151[.]236[.]22[.]142/mQpWA8n/kxyj5 hxxps://islip[.]net/lega/ hxxps://liberianqueencosmetic[.]com/drum/ hxxps://eagleuhd[.]com/lnue/ hxxps://biddyaniketonhighschool[.]com/flmi/ hxxps://exemplarywriters[.]com/etn/ hxxps://orcirrus[.]com/rut/ hxxps://market-mirror[.]com/pr/ hxxps://nalmaconigeria[.]com/elm/ hxxps://meamoveissobmedida[.]com/me/ hxxps://aritenorio[.]com/ueti/ hxxps://guidemyjob[.]com/igdu/ hxxps://gabconsultingtechservices[.]com/iqa/ hxxps://insourcecod[.]co[.]uk/gei/ hxxps://pga7[.]com/nt/ hxxps://fukutex[.]net/uqe/ hxxps://belachennai[.]com/pdi/ hxxps://imobiliariadigitalimoveis[.]com/mri/ hxxps://homehealthcaregroupinc[.]com/sua/ hxxps://prismaiq[.]com/li/ hxxps://ghanasupply[.]com/etc/ hxxps://cheftuoyo[.]com/sm/ hxxps://gewinnmax[.]com/uipl/ hxxps://fondoami[.]com/pql/ hxxps://mortalflix[.]com/dr/ hxxps://tscomputers[.]net[.]pe/ri/ hxxps://runetcrafts[.]com/ienu/ hxxps://wahdaniyyadatahub[.]com/ti/ hxxps://innovachem-jo[.]com/psec/ hxxps://dgisafe[.]com/qsed/ hxxp://162[.]252[.]172[.]156/T3qnD/PXNuYAPR hxxps://urworthmore[.]com/st/ hxxps://conforfit[.]com/iu/ hxxps://toddgunterrestoration[.]com/etp/ hxxps://istbaas[.]com/sr/ hxxps://iwebtravel[.]com/ol/ hxxps://barakatpharmacy[.]com/aaqi/ hxxps://pillsenergy[.]com/iosn/ hxxps://hmtdtechvn[.]com/umta/ hxxps://idrogeolab[.]it/oaem/ hxxps://techbo[.]org/ein/ hxxps://msaedtech[.]com/eume/ hxxps://coldwarpublications[.]com/uu/ hxxps://kujme[.]com/ut/ hxxps://perezlandscapedesigns[.]com/sn/ hxxps://sufirfan[.]org/armu/ hxxps://scgcofres[.]com/biti/ hxxps://kenobs[.]org/rtem/ hxxps://top-kuwait[.]com/iirm/ hxxps://alghreef[.]com/aiq/ hxxps://alcanal[.]com/ed/ hxxps://aquarealtyservices[.]com/brio/ hxxps://midcareerguide[.]com/qai/ hxxps://buygmails[.]com/aabt/ hxxps://flyhighered[.]com/ti/ hxxps://tovecpharma[.]com/tini/ hxxps://garagedoorrepairhalifax[.]com/eort/ hxxps://pacersur[.]com/sfo/ hxxps://dbaccess[.]com/nnc/ hxxps://recrealtor[.]com/vl/ hxxps://novaesperanca[.]org[.]br/ic/ hxxps://fernandinapropertymaintenance[.]com/ouno/ hxxps://kawert[.]com/aqie/ hxxps://as2kdigital[.]com/nmts/ hxxps://blinkedgeandwillsun[.]com/dun/ hxxps://esjpakistan[.]com/do/ hxxps://accessoriesmuseum[.]com/tcs/ hxxps://akhtarweb[.]com/sma/ hxxps://africanintegrationfestival[.]com/ut/ hxxps://aboali1[.]net/coi/ hxxps://kamderas[.]com/aa/ hxxps://djgruas[.]com/os/ hxxps://adttowing[.]com/inoa/ hxxps://evollui[.]com/oid/ hxxps://questmedicalimaging[.]com/rt/ hxxps://awlaadelkhouly[.]com/svpa/ hxxps://articlesmonster[.]com/uidm/ hxxps://newsbusiness[.]net/do/ hxxps://drjosephchemistry[.]com/efcm/ hxxps://triplevmusic[.]com/usi/ hxxps://jojoexports[.]com/petl/ hxxps://hydronomicsgh[.]com/ebs/ hxxps://alfanarpalacehotel[.]com/fal/ hxxps://hepm[.]co[.]uk/ro/ hxxps://burjbiz[.]com/nusu/ hxxps://sunnex-tech[.]com/etdp/ hxxps://capstonee[.]com/nai/ hxxps://sbdcbahamas[.]com/amte/ hxxps://vuelosfantastico[.]com/iqtu/	QakBot
URL	hxxp://85[.]217[.]144[.]143/files/Setup_x32_x64[.]exe	Arkei Stealer
URL	hxxp://141[.]94[.]149[.]125/W90___11/dwm[.]exe	Formbook
URL	hxxp://178[.]62[.]222[.]195:8080/pniu2/super[.]exe hxxp://91[.]215[.]85[.]198:19123/49b0a hxxp://77[.]91[.]124[.]20/DSC01491/fotocr05[.]exe hxxp://95[.]214[.]27[.]98/lend/build9[.]exe hxxp://77[.]91[.]68[.]62/DSC01491/fotocr05[.]exe hxxp://77[.]91[.]68[.]62/DSC01491/foto495[.]exe	RedLine Stealer
URL	hxxp://daniil39[.]ru/newamka2[.]1[.]exe hxxp://daniil39[.]ru/ostraj2[.]1[.]exe	Warzone RAT
URL	hxxps://103[.]14[.]224[.]41/370/INT_CACHE[.]exe hxxp://103[.]14[.]224[.]41/510/IE_NET[.]exe hxxp://194[.]180[.]48[.]59/petercodyzx[.]exe hxxp://103[.]14[.]224[.]41/520/IE_NET[.]exe	LokiBot
URL	hxxps://87[.]121[.]221[.]18/Explorer/vbc[.]exe hxxp://185[.]252[.]179[.]22/black/inc/b7c6f3f48ef1c3[.]php hxxp://45[.]88[.]66[.]43/mymonygoneagain[.]txt hxxp://blocexpert[.]eu/[.]well-known/now[.]txt hxxp://107[.]172[.]130[.]135/BPP[.]exe hxxp://45[.]88[.]66[.]43/macityyyyy[.]txt hxxp://blocexpert[.]eu/[.]well-known/server[.]txt hxxp://blocexpert[.]eu/[.]well-known/origin[.]txt	Agent Tesla
URL	hxxp://162[.]55[.]212[.]236/Otisdssd[.]exe hxxp://95[.]217[.]102[.]100/7a30931b86e576c1[.]php hxxp://ronaldlitt[.]top/25d4fc7fb0cb6b78[.]php	Stealc
URL	hxxp://162[.]55[.]212[.]236/vulcancontrol[.]exe	Laplas
URL	hxxps://193[.]29[.]13[.]159/j[.]ad hxxps://209[.]141[.]39[.]46:1443/activity hxxp://5[.]189[.]231[.]218:7070/pixel[.]gif hxxp://193[.]201[.]9[.]112/ptj hxxps://193[.]201[.]9[.]112/__utm[.]gif hxxp://1[.]14[.]68[.]150/g[.]pixel hxxps://eas[.]cqivc[.]com/c/msdownload/update/others/2021/03/29136388_ hxxps://xytcdn[.]hongmengchuangke[.]com/c/msdownload/update/others/2021/03/29136388_ hxxps://111[.]229[.]10[.]49:8081/Level/v2[.]4/ESXMHR5SW9EQ hxxp://1[.]12[.]243[.]119:1111/pixel hxxp://112[.]84[.]131[.]135:8080/match hxxp://119[.]45[.]71[.]204:8888/fwlink hxxp://103[.]70[.]59[.]130:8945/activity hxxp://175[.]24[.]205[.]80:7777/push hxxp://47[.]109[.]47[.]215:8888/visit[.]js hxxps://85[.]217[.]144[.]148/pixel[.]gif hxxp://1[.]117[.]144[.]20:50002/fwlink hxxps://1[.]117[.]144[.]20:50001/__utm[.]gif hxxp://175[.]24[.]235[.]158:6060/en_US/all[.]js hxxp://43[.]139[.]52[.]123:82/ga[.]js hxxp://85[.]217[.]144[.]148/g[.]pixel hxxps://124[.]70[.]200[.]2/s/ref=nb_sb_noss_1/167-3294288-0364949/field-keywords=movies hxxps://120[.]78[.]189[.]210:9090/jquery-3[.]3[.]1[.]min[.]js hxxp://121[.]4[.]59[.]117:9993/en_US/all[.]js hxxps://103[.]39[.]78[.]208/ca hxxp://139[.]9[.]216[.]32:8866/IE9CompatViewList[.]xml hxxps://121[.]37[.]182[.]166/load hxxp://49[.]233[.]107[.]150:7524/updates[.]rss hxxp://121[.]5[.]5[.]192:8089/jquery-3[.]3[.]1[.]min[.]js hxxp://120[.]245[.]62[.]185:50001/updates[.]rss hxxp://103[.]39[.]78[.]208:8080/dpixel hxxps://103[.]97[.]176[.]111:8443/activity hxxps://18[.]183[.]25[.]131/j[.]ad hxxps://118[.]195[.]189[.]67/fwlink hxxps://app[.]professional-survey[.]com/api/Updates hxxps://app[.]towerfinancial[.]net/api/Updates hxxp://1[.]13[.]17[.]173:1234/a hxxp://1[.]13[.]17[.]173:2020/ca hxxp://1[.]13[.]17[.]173:2020/IE9CompatViewList[.]xml hxxps://8[.]140[.]37[.]238:9999/dot[.]gif hxxp://106[.]14[.]82[.]209:8086/__utm[.]gif hxxp://8[.]130[.]84[.]57:8888/j[.]ad hxxps://113[.]105[.]162[.]253/g[.]pixel hxxps://180[.]95[.]234[.]190/dot[.]gif hxxps://36[.]99[.]200[.]132/dot[.]gif hxxps://112[.]84[.]131[.]135/en_US/all[.]js hxxps://8[.]130[.]84[.]57/ga[.]js hxxp://116[.]204[.]75[.]118:33334/push hxxp://43[.]142[.]185[.]126:6789/updates[.]rss hxxp://114[.]55[.]59[.]125:8081/__utm[.]gif hxxp://81[.]70[.]84[.]223:8088/updates[.]rss hxxp://117[.]50[.]184[.]22:8787/dpixel hxxp://117[.]50[.]198[.]203:20001/visit[.]js hxxp://117[.]50[.]184[.]22:8686/fwlink hxxp://8[.]140[.]37[.]238:9090/dpixel hxxp://117[.]50[.]184[.]22:8282/push hxxp://117[.]50[.]184[.]22:6565/match hxxp://139[.]155[.]0[.]238:8084/j[.]ad hxxp://49[.]0[.]250[.]177/pixel[.]gif hxxp://117[.]50[.]184[.]22:7676/cx hxxps://193[.]42[.]24[.]169:8455/mobile-home hxxp://www[.]amz123[.]world:8080/dpixel hxxp://www[.]amz123[.]world:2082/j[.]ad hxxp://1[.]12[.]243[.]119:1111/updates[.]rss hxxps://106[.]12[.]127[.]251:4455/dot[.]gif hxxps://23[.]108[.]57[.]227/Acquire/v3[.]5/XCOSIQZ8V39R hxxps://guwamog[.]network/Acquire/v3[.]5/XCOSIQZ8V39R hxxps://120[.]79[.]3[.]140:8443/en_US/all[.]js hxxps://1[.]15[.]74[.]201:8443/dev_yn/Link/css/BWIB98OEC hxxps://167[.]88[.]164[.]141/jquery-3[.]3[.]1[.]min[.]js hxxps://124[.]222[.]160[.]123:44444/view[.]jsp hxxp://107[.]172[.]130[.]140/ga[.]js hxxp://103[.]100[.]159[.]212/restapi/soa2/21881/json/gethotdestination hxxp://193[.]29[.]13[.]148/dot[.]gif hxxps://47[.]104[.]168[.]157/news/details hxxp://72[.]44[.]68[.]94:10001/pixel hxxp://20[.]212[.]33[.]161/visit[.]js hxxp://170[.]64[.]169[.]229:4433/__utm[.]gif hxxp://175[.]24[.]201[.]188:32001/j[.]ad hxxp://104[.]225[.]156[.]227:8443/c/msdownload/update/others/2016/12/29136388_ hxxp://47[.]104[.]168[.]157:8080/news/details	Cobalt Strike
URL	hxxp://5[.]75[.]210[.]95/addon[.]zip hxxp://78[.]47[.]34[.]59:30303/addon[.]zip	Vidar
URL	hxxp://185[.]174[.]137[.]154/s[.]exe	SmokeLoader
URL	hxxp://77[.]91[.]124[.]20/DSC01491/foto495[.]exe hxxp://77[.]91[.]68[.]62/wings/game/index[.]php hxxp://77[.]91[.]68[.]62/wings/game/Plugins/clip64[.]dll hxxp://79[.]137[.]203[.]59/1nbj4D3c/Login[.]php	Amadey
URL	hxxps://figocoin[.]it/auth[.]php	NetSupportManager RAT
URL	hxxps://centraless[.]com/dettaglio hxxp://centraless[.]com/dettaglio	Gozi
URL	hxxp://81[.]254[.]128[.]85/Ol/C0P hxxp://169[.]216[.]46[.]239/XE/Y hxxp://76[.]115[.]120[.]231/H/D2a hxxp://214[.]143[.]82[.]176/ZcHk/hYiy hxxps://tip-cleaning[.]com/rpc/?940677 hxxps://restaurant-lavie[.]de/ine/?341677 hxxps://mattgoldenberg[.]net/dsaa/?851677 hxxps://escuelagrafica[.]com/rnet/?122677 hxxps://jazakbuilders[.]com/li/?610677 hxxps://aaieparking[.]com/ubo/?470877 hxxps://tenagakerja[.]org/ttie/?092777 hxxps://msaedtech[.]com/eve/?642677 hxxps://fodexy[.]com/rn/?354677 hxxps://edubrovnik[.]org/duqi/?912677 hxxps://lahotte[.]net/pl/?317677 hxxps://blockcereal[.]com/ai/?141677 hxxps://digitalnetcenters[.]com/aat/?371677 hxxps://popeyespizzachicken[.]com/nci/?621677 hxxps://brusselspools[.]com/iv/?754777	Pikabot

※ 特許取得済み（特許6716051号）/ Webサイトの改ざんの検知において特許を取得

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート発信レポートサービス」 — ▲「i-FILTER@Cloud Ｄアラート配信レポートサービス」の詳細はこちらから

不正URLへのアクセス、不正メールの受信

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております

「Dアラート」よりも詳細な情報に加え、適切な対処方法もご案内する
「i-FILTER@Cloud Ｄアラート発信レポートサービス」というオプションもご用意しております