Unauthorized ACH Transaction - NACHA

NACHAを騙るタイプ

これもZeuS系ですかね。

利用されるURL

 boironftp.com
 azurcorporation.com

  Domain Name: BOIRONFTP.COM
   Registrar: GODADDY.COM, INC.
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com
   Name Server: NS1.SUSPENDED-FOR.SPAM-AND-ABUSE.COM
   Name Server: NS2.SUSPENDED-FOR.SPAM-AND-ABUSE.COM
   Status: clientDeleteProhibited
   Status: clientRenewProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 23-jul-2010
   Creation Date: 27-feb-2009
   Expiration Date: 27-feb-2011

あ、調べるのが遅かった。。。Aレコードなしで。

 Domain Name: AZURCORPORATION.COM
   Registrar: OVH
   Whois Server: whois.ovh.com
   Referral URL: http://www.ovh.com
   Name Server: NS28687.OVH.NET
   Name Server: SDNS1.OVH.NET
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Updated Date: 20-nov-2009
   Creation Date: 20-nov-2007
   Expiration Date: 20-nov-2010

 91.121.96.212
 inetnum:        91.121.64.0 - 91.121.127.255
 netname:        OVH
 descr:          OVH SAS
 descr:          Dedicated Servers
 descr:          http://www.ovh.com
 country:        FR

[カテゴリ:spam観察日記]

by jyake