Hello,
A friend had sent you a
new electronic e-card
from our Free Electronic
e-Card Service.
Your e-Card number is: 091236A51201D3G
This e-Card was created today.
Use the following method to view your e-Card:
==============
Method
==============
To view your new greeting card,
simply click on the following link:
http://www.greet2k.com/ecards/cgi-bin/postbox.php?card=091236A51201D3G
(If your mail program does not support this feature, you will have to COPY and PASTE the address into your browser's location bar.)
Regards
Webmaster
A friend had sent you a
new electronic e-card
from our Free Electronic
e-Card Service.
Your e-Card number is: 091236A51201D3G
This e-Card was created today.
Use the following method to view your e-Card:
==============
Method
==============
To view your new greeting card,
simply click on the following link:
http://www.greet2k.com/ecards/cgi-bin/postbox.php?card=091236A51201D3G
(If your mail program does not support this feature, you will have to COPY and PASTE the address into your browser's location bar.)
Regards
Webmaster
Going to the URL in the e-mail results in an error stating "Sorry the card does not exists.", which likely means this one is still being setup. If we drop to the cgi-bin directory however, we see;
What is strange, is thedeadpit.com, was actually used in attacks a couple months ago, and is suspended so no longer resolves;
http://blog.scansafe.com/journal/2009/1/21/thedeadpitcom-tortures-web-surfers.html
Meaning our ecard author either hasn't done his homework, is a script kiddie that's not clever enough to check things actually work before using them, or is still setting it up (in which case, the domain in use will likely change).
WhoIs Information:
Referred to: whois.PublicDomainRegistry.com
By: whois.internic.net
Domain Name: THEDEADPIT.COM
Registrant:
N/A
Julia Taukova (donorsi@yahoo.com)
mustamae 4-11
Tallin
Harjumaa,14865
EE
Tel. +37.2953412
Creation Date: 03-Dec-2008
Expiration Date: 03-Dec-2009
Domain servers in listed order:
ns2.suspended-domain.com
ns1.suspended-domain.com
Referred to: whois.PublicDomainRegistry.com
By: whois.internic.net
Domain Name: THEDEADPIT.COM
Registrant:
N/A
Julia Taukova (donorsi@yahoo.com)
mustamae 4-11
Tallin
Harjumaa,14865
EE
Tel. +37.2953412
Creation Date: 03-Dec-2008
Expiration Date: 03-Dec-2009
Domain servers in listed order:
ns2.suspended-domain.com
ns1.suspended-domain.com
Ref:
http://hosts-file.net/?s=thedeadpit.com
Standard rules apply of course - NEVER EVER EVER click URL's or open attachments in e-mails.
Posts
No comments:
Post a Comment