[nsp-sec] Multiphish site @ AS 25653 FortressITX
Stephen Gill
gillsr at cymru.com
Wed May 21 17:57:51 EDT 2008
Hi Team,
Do we have any contacts at:
AS | IP | AS Name
25653 | 69.72.250.130 | FORTRESSITX - FortressITX
PEER_AS | IP | AS Name
1239 | 69.72.250.130 | SPRINTLINK - Sprint
1299 | 69.72.250.130 | TELIANET TeliaNet Global Network
3356 | 69.72.250.130 | LEVEL3 Level 3 Communications
3549 | 69.72.250.130 | GBLX Global Crossing Ltd.
3561 | 69.72.250.130 | SAVVIS - Savvis
4436 | 69.72.250.130 | AS-NLAYER - nLayer Communications, Inc.
If not, would one of the upstreams mind routing it through for cleanup?
http://www.allappys.com/arabs/s/pl/
Eg. ~20 different banks listed
http://www.allappys.com/arabs/s/pl/ipko/
http://www.allappys.com/arabs/s/pl/rbi/
...
Not sure if the domain is entirely bad, but if so AUSCERT could probably
lend a hand as well since it is with Wild West Domains.
Domain Name: ALLAPPYS.COM
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com
Name Server: NS1.TEKNONSERVERS.COM
Name Server: NS2.TEKNONSERVERS.COM
Status: ok
Updated Date: 07-aug-2006
Creation Date: 02-aug-2005
Expiration Date: 02-aug-2011
Registrant:
Bill Von Trapp
38 Hawkwood St
Mt Gravatt, Queensland 4122
Australia
Registered through: Teknon Domains
Domain Name: ALLAPPYS.COM
Created on: 02-Aug-05
Expires on: 02-Aug-11
Last Updated on: 07-Aug-06
Administrative Contact:
Von Trapp, Bill bifon1 at bigpond.net.au
38 Hawkwood St
Mt Gravatt, Queensland 4122
Australia
61733434648
Technical Contact:
Von Trapp, Bill bifon1 at bigpond.net.au
38 Hawkwood St
Mt Gravatt, Queensland 4122
Australia
61733434648
Domain servers in listed order:
NS1.TEKNONSERVERS.COM
NS2.TEKNONSERVERS.COM
--
Stephen Gill, Chief Scientist, Team Cymru
http://www.cymru.com | +1 312 924 4023 | gillsr at cymru.com
More information about the nsp-security
mailing list