Saturday, January 3, 2015

Phishing Orange

PRELEVEMENT ORANGE

Regler votre prelevement

Phishing Analysis :

CLICK : Regler votre prelevement
OPEN : http://www.seesanbatik.com/logs/2
REDIRECT : http://www.saengtham.ac.th/components/com_weblinks/helpers/***/
INFORMATION : *** seems to be an UUID.
SCREENSHOT :


Email analysis :

NOTE : martine@moncelli.com
NOTE : Return-Path : < noreply@orange.fr >
NOTE : X-Remote : 92.243.6.211 (mailsgc.sogemcointer-ci.com)


NOTE : X-Virus-Scanned : amavisd-new at sogemcointer-ci.com
NOTE : X-Priority : 3
NOTE : Content-Type : text/html;
NOTE : X-Library : Indy 8.0.25
NOTE : Received : from mailsgc.sogemcointer-ci.com (92.243.6.211)
NOTE : Received : from WIN-502GDNTQ3SV (unknown [23.254.144.126])
NOTE : by mailsgc.sogemcointer-ci.com
NOTE : PRELEVEMENT ORANGE

Domains analysis :

sogemcointer-ci.com

Registrant Name: Mohamed SOUNKERE
Registrant Organization: VEONE
Registrant Street: 10 BP 1742 ABJ 10
Registrant City: Abidjan
Registrant Country: CI
Registrant Phone: +225.22478054
Registrant Email: e03d7a91bd36d1b0cc34b6d0304bf9a6-859075@contact.gandi.net

seesanbatik.com

Registrant Name: Pannathat Sukkhwan
Registrant Organization: Nai Computer Pa Bon
Registrant Street: 347/2 Mo 7 To Nong Thong O
Registrant City: Pa Bon
Registrant State/Province: Phatthalung
Registrant Postal Code: 93170
Registrant Country: TH
Registrant Phone: +001.862852828
Registrant Email: ninecompabon@gmail.com
Name Server: ns5.colorpack.net
Name Server: ns6.colorpack.net
DNSSEC:Unsigned

saengtham.ac.th

Registrar: T.H.NIC Co., Ltd.
Name Server: NS01.SABAINETWORK.COM
Name Server: NS02.SABAINETWORK.COM
Domain Holder: Saengtham College
Domain Holder: 20 Moo 6 Thakam, Samphran, Nakornpathom
Domain Holder: 73110 TH
Tech Contact: 53965 Saengtham College 20 Moo 6 Petkasam Rd.,
Tech Contact: Sampran, Nakhon Patham
Tech Contact: 73110 TH

No comments:

Post a Comment