Differences between revisions 13 and 14
Revision 13 as of 2022-05-10 00:54:05
Size: 2187
Comment:
Revision 14 as of 2022-05-19 14:12:27
Size: 2267
Comment:
Deletions are marked like this. Additions are marked like this.
Line 53: Line 53:
     80 153.121.57.92
     71 153.121.59.121
     80 153.121.71.35
      2 153.126.176.199
     80 153.121.57.92   ----
     71 153.121.59.121  ----
     80 153.121.71.35   ----
      2 153.126.176.199  共用
Line 58: Line 58:
     54 160.16.137.105
   18 160.16.139.230
      6 160.16.205.92
    101 202.181.103.105
     54 160.16.137.105 ----
      6 160.16.205.92   eg.launchcart.jp
        160.16.95.24 1405.co.jp 3 years

    101 202.181.103.105 ----

1. さくら

https://sakura.musecosme.jp/ 詐欺サイト

watchNS/さくら/musecosme.jp

/reteck.co.jp

1.1. フィッシングサイト

1.1.1. 192.64.112.174

reteck.co.jp    7,540,700       Namecheap, Inc. Google LLC
glorybid.com            Namecheap, Inc. ‐
ae.reteck.jp            Namecheap, Inc. ‐
www.glorybid.com                Namecheap, Inc. ‐
www.reteck.co.jp                Namecheap, Inc. ‐
www.mobileversion.glorybid.com          Namecheap, Inc. ‐
cpcontacts.glorybid.com         Namecheap, Inc. ‐
helloiot.com            Namecheap, Inc. OVH SAS
webdisk.glorybid.com            Namecheap, Inc. ‐
portal.reteck.jp                Namecheap, Inc. ‐
mobileversion.glorybid.com              Namecheap, Inc. ‐
cpanel.glorybid.com             Namecheap, Inc. ‐
webmail.glorybid.com            Namecheap, Inc. ‐
www.helloiot.com                Namecheap, Inc. ‐
www.asdfghjklqwertyuiopzxcvbnm.reteck.jp                Namecheap, Inc. ‐
cpcalendars.glorybid.com                Namecheap, Inc. ‐
reteck.jp               Namecheap, Inc. ‐
mail.glorybid.com               Namecheap, Inc. ‐
www.ae.reteck.jp                Namecheap, Inc. ‐

1.2. メール送信 IPアドレス

webサーバーが動作しているIPアドレスはなさそう。

  • メイル送信のためにだけ契約しているとしたら、spamサイトか。

spamhausでヒットしないのはなぜか。

      4 133.167.89.93
     12 133.242.151.55
      6 133.242.184.166
     12 153.120.0.95
      4 153.120.31.184
      2 153.120.31.185
     28 153.120.44.85
     11 153.121.50.99
     80 153.121.57.92   ----
     71 153.121.59.121  ----
     80 153.121.71.35   ----
      2 153.126.176.199  共用
    298 153.126.187.246
     54 160.16.137.105  ----
      6 160.16.205.92   eg.launchcart.jp
        160.16.95.24    1405.co.jp   3 years
    101 202.181.103.105 ----

1.3. HELO

嘘のHELO/EHLOを送ってくる例:

     18 [contact0.eki-net.com]
     12 [dfdg0.amazon.co.jp]
     12 [dfdg0.aplus.co.jp]
     28 [dgfgf0.mobilesuica.com]
     21 [info0.mastercard.co.jp]
     80 [info0.vpass.ne.jp]
    125 [mail0.contact.vpass.ne.jp]
    161 [userid0.aeon.co.jp]
      2 [WIN-FG5V1VK4I4D]


CategoryDns CategoryWatch CategoryTemplate

Moin2Qmail: フィッシング/さくら (last edited 2022-05-19 14:12:27 by ToshinoriMaeno)