Date: Tue, 11 Sep 2012 15:32:42 -0300
From: "US Airways - Reservations" [reservations@myusairways.com]
Subject: Please confirm your US Airways online registration.
You can check in from 24 hours and up to 60 minutes before your flight (2 hours if you're flying internationally). Then, all you need to do is print your boarding pass and proceed to the gate.
Confirmation code: 592499
Check-in online: Online reservation details
Flight
6840
Departure city and time
Washington, DC (DCA) 10:00PM
Depart date: 9/12/2012
We are committed to protecting your privacy. Your information is kept private and confidential. For information about our privacy policy visit usairways.com.
US Airways, 111 W. Rio Salado Pkwy, Tempe, AZ 85281 , Copyright US Airways , All rights reserved.
==========
Date: Tue, 11 Sep 2012 23:29:14 +0700
From: "US Airways - Reservations" [intuitpayroll@e.payroll.intuit.com]
Subject: US Airways online check-in.
you {l2} check in from 24 hours and up to 60 minutes before your flight (2 hours if you're flying {l3}). {l4}, all you {l5} to do is print your boarding pass and {l6} to the gate.
confirmation code: {digit}
check-in online: online reservation details
flight
{digit}
departure city and time
washington, dc (dca) 10:00pm
depart date: 9/12/2012
we are committed to protecting your privacy. your information is kept private and confidential. for information about our privacy policy visit usairways.com.
us airways, 111 w. rio salado pkwy, tempe, az 85281 , copyright us airways , all rights reserved.
The malicious payload is at [donotclick]blue-lotusgrove.net/main.php?page=559e008e5ed98bf7 (report here) hosted on 203.91.113.6 (G Mobile, Mongolia), the same IP used in this attack. The following domains are on the same server, they can all be considered to be malicious:
padded.pl
spiki.pl
fruno.pl
nextbox.pl
omariosca.com
hemiga.com
decorera.com
seneesamj.com
unitmusiceditior.com
likenstendarts.com
flatbuzz.com
morepic.net
dushare.net
blue-lotusgrove.net
nitor-solutions.net
gsigallery.net
atfood.ru
indyware.ru
advia.kz
iowa.kz
autumn.kz
wet.kz
No comments:
Post a Comment