[Dshield] Interesting phishing attempt on Wells Fargo

simon@nuit.ca simon at nuit.ca
Wed Oct 13 06:38:27 GMT 2004


Ce jour Tue, 12 Oct 2004, Laurent Saplairoles a dit:

> Hello List

woops, forgot this bit:
 
> Message-ID: <GCXRRRTPPAQJGVENYAZXGUT at altacocina.com>

======
altococina.com :

hinfo altacocina.com
Processing altacocina.com (207.142.134.64)
altacocina.com. is in Abuse.net Contacts as 0.0.0.1
    "abuse at outblaze.com"
207.142.134.64 is in selwerd XBL as 82.149.248.192

IPQuery: 207.142.134.64 Server: whois.arin.net
Refering data:
AGIS ALERON-207-142 (NET-207-142-0-0-1) 
                                  207.142.0.0 - 207.142.255.255
Monster Pipes MONSTERPIPES-207-142-134-0-24 (NET-207-142-134-0-1) 
                                  207.142.134.0 - 207.142.134.255

Nic Handle Info:
OrgName:    AGIS 
OrgID:      AGIS
Address:    4100 Lafayette Center Drive
Address:    Suite 100
City:       Chantilly
StateProv:  VA
PostalCode: 20151
Country:    US

NetRange:   207.142.0.0 - 207.142.255.255 
CIDR:       207.142.0.0/16 
NetName:    ALERON-207-142
NetHandle:  NET-207-142-0-0-1
Parent:     NET-207-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.ALERON.NET
NameServer: NS2.ALERON.NET
NameServer: NS3.ALERON.NET
NameServer: NS4.ALERON.NET
Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:    1996-06-03
Updated:    2002-09-12
AGIS ALERON-207-142 (NET-207-142-0-0-1) 
                                  207.142.0.0 - 207.142.255.255
Monster Pipes MONSTERPIPES-207-142-134-0-24 (NET-207-142-134-0-1) 
                                  207.142.134.0 - 207.142.134.255
======

> To: operations at megassistance.com

======
megaassistance.com:

hinfo megassistance.com
Processing megassistance.com (209.52.14.71)
megassistance.com. is in Abuse.net Contacts as 0.0.0.1
    "postmaster at megassistance.com"
209.52.14.71 is megassistance.com.
209.52.14.71 is in selwerd XBL as 82.149.248.192
timeout looking up 209.52.14.71 in DK spamsources
timeout looking up 209.52.14.71 in they.com spambait

IPQuery: 209.52.14.71 Server: whois.arin.net
Refering data:
TELUS Communications Inc. TELAC-BLK6 (NET-209-52-0-0-1) 
                                  209.52.0.0 - 209.52.255.255
2iC Systems Inc. 2IC-CA-0-31 (NET-209-52-0-0-2) 
                                  209.52.0.0 - 209.52.31.255

Nic Handle Info:
OrgName:    TELUS Communications Inc. 
OrgID:      TACE
Address:    #2600 4720 Kingsway Avenue
City:       Burnaby
StateProv:  BC
PostalCode: V5N-4N2
Country:    CA

ReferralServer: rwhois://rwhois.telus.net:4321

NetRange:   209.52.0.0 - 209.52.255.255 
CIDR:       209.52.0.0/16 
NetName:    TELAC-BLK6
NetHandle:  NET-209-52-0-0-1
Parent:     NET-209-0-0-0-0
NetType:    Direct Allocation
NameServer: NANO.BC.TAC.NET
NameServer: PICO.BC.TAC.NET
Comment:    Please direct spam and abuse complaints to abuse at telus.com
Comment:    
RegDate:    2000-01-13
Updated:    2003-06-30

TechHandle: HZ18-ARIN
TechName:   HOSTMASTER 
TechPhone:  +1-604-454-5107
TechEmail:  ipadmin at telus.com 
======

> Cheers!
> -- 
> Laurent

-- 
Microsoft is to operating systems & security ....
                                 .... what McDonalds is to gourmet cooking.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: Digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20041013/3cbbd1a5/attachment.bin


More information about the list mailing list