[nsp-sec] www-google.* phishing?
Chris Morrow
morrowc at ops-netman.net
Thu Feb 14 09:33:35 EST 2013
On 02/14/2013 03:29 AM, CERT-UT - Peter wrote:
> ----------- nsp-security Confidential --------
>
>
>
> Hi,
>
> A user pointed me to www.www-google.nl. It looks like Google, it feels
> like Google but it hasn't got the Valentine Doodle today so he was
> suspicious. It seems there are a number of www-google domains out there.
>
> Does anybody at Google now if they are in some way related to Google or
> they are potential sources of problems?
www-google.nl NS:
;; ANSWER SECTION:
www-google.nl. 3600 IN NS ns2.inwx.de.
www-google.nl. 3600 IN NS ns.inwx.de.
www-google.nl. 3600 IN NS ns3.inwx.de.
in general, any 'google owned' domain resolves through/is-served-by:
;; ANSWER SECTION:
google.nl. 3693 IN NS ns1.google.com.
google.nl. 3693 IN NS ns4.google.com.
google.nl. 3693 IN NS ns3.google.com.
google.nl. 3693 IN NS ns2.google.com.
If it's not ns1/2/3/4.google.com, it's very unlikely it's google's domain...
More information about the nsp-security
mailing list