[nsp-sec] ltwltter.com phishing site, Attention twitter and anyone who can help get this shutdown
Aaron Hughes
aaron at unitedlayer.com
Sun Aug 28 00:22:07 EDT 2011
New Twitter looking message that takes you to http://ltwltter.com/login/sessions/ stealing passwords for twitter accounts.
Upstream is Chinanet.
Domain Name: LTWLTTER.COM
Registrar: XIAMEN ENAME NETWORK TECHNOLOGY CORPORATION LIMITED DBA ENAME CORP
Whois Server: whois.ename.com
Referral URL: http://www.ename.com
Name Server: NS1.ENAME.NET
Name Server: NS2.ENAME.NET
Name Server: NS3.ENAME.NET
Name Server: NS4.ENAME.NET
Name Server: NS5.ENAME.NET
Name Server: NS6.ENAME.NET
whois -h whois.apnic.net 60.190.218.71
% [whois.apnic.net node-5]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 60.190.218.0 - 60.190.218.127
netname: NINBO-LANZHONG-LTD
country: CN
descr: Ninbo Lanzhong Network Ltd
descr:
admin-c: TD195-AP
tech-c: CS64-AP
status: ASSIGNED NON-PORTABLE
changed: auto-dbm at dcb.hz.zj.cn 20100105
mnt-by: MAINT-CN-CHINANET-ZJ-SX
source: APNIC
role: CHINANET-ZJ Shaoxing
address: No.9 Sima Road,Shaoxing,Zhejiang.312000
country: CN
phone: +86-575-5136199
fax-no: +86-575-5114449
e-mail: anti-spam at mail.sxptt.zj.cn
trouble: send spam reports to anti-spam at mail.sxptt.zj.cn
trouble: and abuse reports to anti-spam at mail.sxptt.zj.cn
trouble: Please include detailed information and times in UTC
admin-c: CH109-AP
tech-c: CH109-AP
nic-hdl: CS64-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master at dcb.hz.zj.cn 20031204
source: APNIC
person: Taichun Du
nic-hdl: TD195-AP
e-mail: anti-spam at mail.sxptt.zj.cn
address: Shaoxing,Zhejiang.Postcode:312000
phone: +86-574-88311333
country: CN
changed: auto-dbm at dcb.hz.zj.cn 20100105
mnt-by: MAINT-CN-CHINANET-ZJ-SX
source: APNIC
--
Aaron Hughes
UnitedLayer, Inc.
Chief Network Architect
+1-415-349-2128
aaron at unitedlayer.com
http://www.unitedlayer.com/
More information about the nsp-security
mailing list