| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Mar 14 01:49:10 2006 From: abryson at bytefocus.com (Alice Bryson) Subject: strange domain name in phishing email BTW, this kind of ip address would not always work. i try to use http://2887060730/ to access an internal web server http://172.21.12.250, but failed. It said 400 bad request. I use Windows XP IE 6, web server is Apache on Windows 2003, does anyone know why? 2006/3/11, Jianqiang Xin <jqxin2006@...il.com>: > hi, > I received several phishing emails. One interesting thing is the link to > phishing website has the link: > http://1406379699/dbweb/ws/ebay/index.htm > > If you click it, it goes to a fake ebay server. The DNS result shows: > > > 1406379699 > Server: > Address: > > Name: ip-166-179.sn2.eutelia.it > Address: 83.211.166.179 > > I do not understand why 1406379699 equal to ip-166-179.sn2.eutelia.it? > Thanks for your help. > > > yours, > jqxin2006 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > -- Homepage:http://www.lwang.org We collect spam for research at: mailto:abryson@...efocus.com
Powered by blists - more mailing lists