Thursday, September 24, 2015

confirmez votre compte Itunes (Phishing Apple)

Chère/Cher client(e,

Nous vous informons que votre compte arrive à expiration dans moins de 48 heures, il est impératif d'effectuer une vérification de vos informations dès à présent, sans quoi votre compte sera supprimé.
Telechargez le formulaire ci-joint et l'ouvrir dans votre navigateur et faites votre demande.

Pourquoi ce courrier électronique vous a-t-il été envoyé ?
L'envoi de ce courrier électronique s'applique lorsque la date d'expiration de votre compte arrive à terme.

Merci,
L'assistance à la clientèle Apple

Mon identifiant Apple | Assistance | Engagement de confidentialité
Copyright © 2015 iTunes S.à r.l. 31-33, rue Sainte Zithe, L-2763 Luxembourg.? Tous droits réservés.

Confirmation_N527728.html

Phishing analysis :

NOTE : open Confirmation_N527728.html
NOTE : Inside the file Confirmation_N527728.html javascript "unescape"
NOTE : Unescape file Confirmation_N527728.html
NOTE : Extract http://85.214.65.215/~php/TOS.php
NOTE : Extract http://85.214.65.215/~images/css/validationEngine.jquery.css
NOTE : The file Confirmation_N527728.html is a phishing page.
NOTE : The datas are sent to http://85.214.65.215/~php/TOS.php
NOTE : http://85.214.65.215/~php/TOS.php redirect to apple.com

85.214.65.215 analysis :

inetnum: 85.214.16.0 - 85.214.139.255
netname: STRATO-RZG-DED2
org: ORG-SRA1-RIPE
descr: Strato Rechenzentrum, Berlin
country: DE
admin-c: SRDS-RIPE
tech-c: SRDS-RIPE
remarks: ************************************************************
remarks: * Please send abuse complaints to abuse-server@strato.de *
remarks: * or fax +49-30-88615-755 ONLY. *
remarks: * Abuse reports to other e-mail addresses will be ignored. *
remarks: ************************************************************
status: ASSIGNED PA
mnt-by: STRATO-RZG-MNT
created: 2006-05-11T16:37:24Z
last-modified: 2013-07-06T09:34:26Z
source: RIPE Filtered
organisation: ORG-SRA1-RIPE
org-name: Strato AG
org-type: LIR
address: Strato AG
address: Christian Mueller
address: Pascalstrasse 10
address: 10587
address: Berlin
address: GERMANY
phone: +4930398020
fax-no: +493039802222
mnt-ref: STRATO-RZG-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: AS286-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: CM265-RIPE
admin-c: CHSE-RIPE
abuse-c: SRAC-RIPE
abuse-mailbox: abuse@strato.de
created: 2004-04-17T11:12:39Z
last-modified: 2015-08-12T13:35:20Z
source: RIPE Filtered
role: RIPE contact Dedicated Server
address: STRATO AG
address: Pascalstr. 10
address: D-10587 Berlin
address: Germany
phone: +49 30 39802-0
org: ORG-SRA1-RIPE
abuse-mailbox: abuse-server@strato.de
admin-c: XX1-RIPE
tech-c: CHSE-RIPE
nic-hdl: SRDS-RIPE
remarks: ************************************************************
remarks: * Please send abuse complaints to abuse-server@strato.de *
remarks: * or fax +49-30-88615-755 ONLY. *
remarks: * Abuse reports to other e-mail addresses will be ignored. *
remarks: * *
remarks: * For peering requests or operational issues please look *
remarks: * at the information in the AS6724 RIPE database object. *
remarks: ************************************************************
mnt-by: STRATO-RZG-MNT
created: 2010-01-15T08:35:31Z
last-modified: 2013-10-14T08:04:17Z
source: RIPE Filtered
route: 85.214.65.0/24
descr: STRATO AG
descr: prefix only advertised in case of DDoS
origin: AS6724
mnt-by: STRATO-RZG-MNT
created: 2014-02-18T16:19:23Z
last-modified: 2014-02-18T16:19:23Z
source: RIPE Filtered

% This query was served by the RIPE Database Query Service version 1.80.1 (DB-1)

Email analysis :

NOTE : Return-Path : < noreply@apple.com >
NOTE : Return-Path : noreply@apple.com
NOTE : X-Remote : 185.8.50.110 ()
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 1 (High)
NOTE : Received : from unknown (HELO final) (185.8.50.110)
NOTE : Received : from [185.8.50.110] ([127.0.0.1]) by final with Microsoft SMTPSVC
NOTE : confirmez votre compte Itunes

185.8.50.110 analysis :

inetnum: 185.8.50.0 - 185.8.51.255
netname: ARUBACLOUD-FR
descr: Aruba SAS - Cloud Services Farm4
country: FR
admin-c: SANS-RIPE
tech-c: AN3450-RIPE
status: ASSIGNED PA
mnt-by: ARUBAFR-MNT
created: 2012-10-29T11:05:37Z
last-modified: 2012-10-29T11:05:37Z
source: RIPE Filtered
role: ARUBA NOC
address: Aruba S.p.A.
address: Loc. Palazzetto 4
address: 52011 Bibbiena Stazione - Arezzo
address: Italy
abuse-mailbox: abuse@staff.aruba.it
admin-c: SS936-RIPE
tech-c: SC279-RIPE
nic-hdl: AN3450-RIPE
mnt-by: ARUBA-MNT
created: 2008-11-19T19:02:34Z
last-modified: 2011-12-28T16:45:28Z
source: RIPE Filtered
person: Eric Sansonny
address: Aruba SAS
address: Rue de Cambrai 32
address: 75019 Paris
phone: +330140388700
fax-no: +330146079808
nic-hdl: SANS-RIPE
mnt-by: ARUBAFR-MNT
created: 2012-09-20T06:28:55Z
last-modified: 2012-09-20T06:34:56Z
source: RIPE Filtered
route: 185.8.48.0/22
descr: Aruba.FR Network
origin: AS199653
mnt-by: ARUBAFR-MNT
created: 2012-10-26T15:40:29Z
last-modified: 2012-10-26T15:40:29Z
source: RIPE Filtered

No comments:

Post a Comment