| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Mar 11 10:04:12 2006 From: ad at heapoverflow.com (ad@...poverflow.com) Subject: strange domain name in phishing email -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 google is cool http://www.alexcarlock.com/ip.asp Jianqiang Xin wrote: > hi, > I received several phishing emails. One interesting thing is the > link to phishing website has the link: > http://1406379699/dbweb/ws/ebay/index.htm > > If you click it, it goes to a fake ebay server. The DNS result shows: > > > 1406379699 > Server: > Address: > > Name: ip-166-179.sn2.eutelia.it <http://ip-166-179.sn2.eutelia.it> > Address: 83.211.166.179 <http://83.211.166.179> > > I do not understand why 1406379699 equal to > ip-166-179.sn2.eutelia.it <http://ip-166-179.sn2.eutelia.it>? Thanks > for your help. > > > yours, > jqxin2006 > > ---------------------------------------------------------------------- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > __________ NOD32 1.1438 (20060310) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (MingW32) iD8DBQFEEqCWFJS99fNfR+YRAtKmAKCnpts+WgH6xXo/6FY1Ic3KjkDa+gCfaYaa HBpMyL+whXgLoHo/tg//MD0= =mlVo -----END PGP SIGNATURE-----
Powered by blists - more mailing lists