Tuesday, February 10, 2015

TradeKey Phishing

TradeKey Logo
Dear Tradekey Customer,

You have received a new business inquiry from Taii on Tradekey.com
unfortunately, we are unable to deliver further inquiries to your email address.
Please visit the Tradekey.com member services centre to verify your email account information.

*Please Sign in here with your email-address and e-mail password to verify your account.

Wishing you the very best of business,

Thank you for using our services.

http://int2.tkcdn.com/lang/images/iso_horizontal.gif

Privacy Policy - Terms of Use - Intellectual Property Policy
Copyright Š 2015 TradeKey.com

Phishing analysis :

CLICK : *Please Sign in here with your email-address and e-mail password to verify your account.
OPEN : http://zero-max.dk/administrator/tradekey.com/index.html
SCREENSHOT :

 Tradekey Phishing

FILL : Form
CLICK : Sign In
REDIRECT : http://www.tradekey.com/

Email analysis :

NOTE : info@vffg.com
NOTE : Return-Path : < medimaxu@ns1.ahost.uz >
NOTE : Mime-Version : 1.0
NOTE : X-Source-Dir : medimax.uz:/public_html/wp-admin/js
NOTE : Sender : < medimaxu@ns1.ahost.uz >
NOTE : X-Php-Script : medimax.uz/wp-admin/js/chairo.php for 197.228.180.98
NOTE : X-Get-Message-Sender-Via : ns1.ahost.uz:
NOTE : authenticated_id: medimaxu/only user confirmed/virtual account not confirmed
NOTE : Received : from ns1.ahost.uz (ns1.ahost.uz. [83.69.139.168])
NOTE : Received : from medimaxu by ns1.ahost.uz with local (Exim 4.84)
NOTE : TradeKey New Inquiry

IP Analysis :

83.69.139.168


197.228.180.98


Zero-max.dk whois :

Domain name: zero-max.dk
DNS: zero-max.dk
Status: Active
Created: 2005/11/08
Registrant:
Userid: ZA407-DK
Name: ZERO-MAX A/S
Address: Hårup Tværvej 1
Zipcode & City: 8600 Silkeborg
Country: Danmark
Phone: +4586812288
Nameservers:
ns4.adsoft-solutions.com AOS74-DK
ns5.adsoft-solutions.com AOS74-DK
ns6.adsoft-solutions.com AOS74-DK

Medimax.uz whois :

Domain Name: MEDIMAX.UZ
Registrant: (medimax [at] yandex.ru)
Tashkent
Uzbekistan
uz
Tel. (90)9760068 2641300
Fax. 2641365
Creation Date: 14-Nov-2013
Expiration Date: 14-nov-2016
Domain servers in listed order:
ns1.ahost.uz.
ns2.ahost.uz.
Administrative Contact: (medimax [at] yandex.ru)
Tashkent
Uzbekistan, not.defined.
uz.
Tel. (90)9760068 2641300
Fax. 2641365
Technical Contact: (medimax [at] yandex.ru)
Tashkent
Uzbekistan, not.defined.
uz.
Tel. (90)9760068 2641300
Fax. 2641365
Billing Contact: (medimax [at] yandex.ru)
Tashkent
Uzbekistan, not.defined.
uz.
Tel. (90)9760068 2641300
Fax. 2641365
Status: ACTIVE

Final analysis :

Email used : medimaxu@ns1.ahost.uz,info@vffg.com
Email title : TradeKey New Inquiry
Email server sending Phishing : medimax.uz
Email server IP : 83.69.139.168
Phisher's IP : 197.228.180.98
Phishing hosted by : Zero-max.dk

No comments:

Post a Comment