[nsp-sec] Phishing website at www.bbvanetoffice.com.srvdll.ru
Carles Fragoso
cfragoso at cesicat.cat
Mon Jun 21 10:22:03 EDT 2010
Hi,
www.bbvanetoffice.com.srvdll.ru is being used as a phishing website for BBVA Spanish Bank:
[URL]
http://www.bbvanetoffice.com.srvdll.ru/local_bdno/login_bbvanetoffice.html/
[WHOIS]
domain: SRVDLL.RU
nserver: ns1.asiakommerling.com.
nserver: ns1.growth-property.net.
state: REGISTERED, DELEGATED, VERIFIED
person: Private Person
phone: +7 4852 470249
e-mail: altho at maillife.ru
registrar: NAUNET-REG-RIPN
created: 2010.06.13
paid-till: 2011.06.13
source: TCI
Last updated on 2010.06.21 17:53:42 MSK/MSD
[DNS]
[2010-06-21 14:10:08 +0000]
1680 | 93.173.56.77 | 93.172.0.0/15 | IL | ripencc | 2008-05-05 | NV-ASN 013 NetVision Ltd.
3269 | 79.11.199.153 | 79.10.0.0/15 | IT | ripencc | 2007-02-21 | ASN-IBSNAZ Telecom Italia S.p.a.
3269 | 79.44.12.201 | 79.44.0.0/15 | IT | ripencc | 2007-02-21 | ASN-IBSNAZ Telecom Italia S.p.a.
6713 | 41.251.28.199 | 41.251.16.0/20 | MA | afrinic | 2006-02-02 | IAM-AS
6830 | 77.250.219.196 | 77.250.0.0/15 | NL | ripencc | 2007-01-26 | UPC UPC Broadband
6856 | 217.25.227.130 | 217.25.224.0/20 | RU | ripencc | 2006-05-24 | IC-VORONEZH-AS IC-VORONEZH
8788 | 212.80.41.143 | 212.80.32.0/19 | UA | ripencc | 2008-06-03 | ADAMANT Adamant ISP autonomous System
9299 | 112.203.29.12 | 112.203.0.0/19 | PH | apnic | 2009-02-16 | IPG-AS-AP Philippine Long Distance Telephone Company
For those who have direct contact at indicated IPs, do not hesitate to forward this notification.
Regards,
-- Carlos
More information about the nsp-security
mailing list