[nsp-sec] Phishing site at 79.170.89.30

[Torbjorn Wictorin]

hi,

it has been phishing mails attempting to get people to fill in a web page:

...
Dear webmail owner
....
hXXp://validatedata43.9hz.com/
....


nc -v validatedata43.9hz.com 80
DNS fwd/rev mismatch: validatedata43.9hz.com != web1.desktopmachine.com

Name:   validatedata43.9hz.com
Address: 79.170.89.30

route:          79.170.88.0/21
descr:          XL Network
origin:         AS35470
mnt-by:         XLIS-NL-MNT

XL,  please handle this.

Torbjörn Wictorin, SUNet CERT