so-netを連想させるURL

NS乗取の期間(一例) /trails

2022-04-15 (6 days)     2022-04-18 (3 days)     3 days

https://twitter.com/harugasumi/status/1515904676339671041?s=20&t=npywSODi-MjnD04_9gduBg

【So-net】お支払い期限を過ぎています <日時>
等の件名で、So-netを騙る #フィッシングメール。
hxxps://so-net.ne.amiteq.com/
(同一ホスト内リダイレクトあり)

https://www.amiteq.com

証明書不正 sni.red.shared-server.net

1. whois

Domain Name: amiteq.com
Registry Domain ID: 1289526137_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.discount-domain.com
Registrar URL: http://www.onamae.com
Updated Date: 2022-04-18T11:07:31Z
Creation Date: 2007-10-21T16:33:14Z
Registrar Registration Expiration Date: 2022-10-21T16:33:14Z
Registrar: GMO INTERNET, INC.

Tech Email: domainmaster@kddi.com
Name Server: ns1.shsvr.net
Name Server: ns2.shsvr.net
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2022-04-18T11:07:31Z <<<

2. history dnsv.jp

amiteq.com.             86400   IN      SOA     01.dnsv.jp. hostmaster.dnsv.jp. 1650246199 3600 900 604800 300
amiteq.com.             86400   IN      NS      01.dnsv.jp.
amiteq.com.             86400   IN      NS      02.dnsv.jp.
amiteq.com.             86400   IN      NS      03.dnsv.jp.
amiteq.com.             86400   IN      NS      04.dnsv.jp.
amiteq.com.             3600    IN      MX      0 mail.amiteq.com.
amiteq.com.             3600    IN      TXT     "v=spf1 ip4:153.125.138.221 ip4:153.127.195.62~all"
amiteq.com.             3600    IN      TXT     "v=spf1 ip4:153.127.197.160 ip4:153.125.143.143 ~all"
amiteq.com.             3600    IN      TXT     "v=spf1 ip4:153.127.215.150 ip4:153.125.148.60 ~all"
amiteq.com.             3600    IN      TXT     "v=spf1 ip4:153.127.217.99 ip4:153.125.146.9 ~all"

;; ADDITIONAL SECTION:
mail.amiteq.com.        3600    IN      A       153.127.197.160

3. history

ns1.shsvr.net
ns2.shsvr.net
        GMO CLOUD K.K.Computer Engineering & Consulting, Ltd.
        2022-04-18 (3 days)     2022-04-20 (today)      2 days
01.dnsv.jp
02.dnsv.jp
03.dnsv.jp
04.dnsv.jp
        GMO Internet,Inc
        2022-04-15 (6 days)     2022-04-18 (3 days)     3 days
ns1.shsvr.net
ns2.shsvr.net
        GMO CLOUD K.K.Computer Engineering & Consulting, Ltd.
        2022-03-29 (23 days)


CategoryDns CategoryWatch CategoryTemplate

MoinQ: watchNS/dnsv/amiteq.com (last edited 2022-05-13 01:37:34 by ToshinoriMaeno)