lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4653002b0603110157n7cb40a10g5f86488c4b5ca4f2@mail.gmail.com>
Date: Sat Mar 11 09:57:23 2006
From: jqxin2006 at gmail.com (Jianqiang Xin)
Subject: strange domain name in phishing email

hi,
I received several phishing emails. One interesting thing is the link to
phishing website has the link:
http://1406379699/dbweb/ws/ebay/index.htm

If you click it, it goes to a fake ebay server. The DNS result shows:

> 1406379699
Server:
Address:

Name:    ip-166-179.sn2.eutelia.it
Address:  83.211.166.179

I do not understand why 1406379699 equal to ip-166-179.sn2.eutelia.it?
Thanks for your help.


yours,
jqxin2006
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060311/fee32dc2/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ