MoinQ:

Contents

  1. whois
  2. history
  3. gmoserver
  4. subdomains

https://www.insatsusigoto.com

http://amex.insatsusigoto.com

account が盗まれたようだ。

2022-04-07 あたりで、NSの変更が行われている。

dnsv.jp 上にワイルドカードは存在しない。-- ToshinoriMaeno 2022-04-23 04:08:25

1. whois

   Domain Name: INSATSUSIGOTO.COM
   Registry Domain ID: 1784274031_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.discount-domain.com
   Registrar URL: http://gmo.jp
   Updated Date: 2022-04-07T12:11:16Z
   Creation Date: 2013-03-05T01:56:03Z
   Registry Expiry Date: 2023-03-05T01:56:03Z
   Registrar: GMO Internet, Inc. d/b/a Onamae.com
   Registrar IANA ID: 49
   Registrar Abuse Contact Email: abuse@gmo.jp
   Registrar Abuse Contact Phone: +81.337709199
   Domain Status: ok https://icann.org/epp#ok
   Name Server: 01.DNSV.JP
   Name Server: 02.DNSV.JP
   Name Server: 03.DNSV.JP
   Name Server: 04.DNSV.JP
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2022-04-22T02:12:46Z <<<

2. history

01.dnsv.jp
02.dnsv.jp
03.dnsv.jp
04.dnsv.jp
        GMO Internet,Inc
        2022-04-09 (13 days)    2022-04-22 (today)      13 days
dns01.gmoserver.jp
dns02.gmoserver.jp
        GMO Internet,Inc
        2017-05-26 (5 years)    2022-04-09 (13 days)    5 years

$ dig amex.insatsusigoto.com @01.dnsv.jp

; <<>> DiG 9.16.1-Ubuntu <<>> amex.insatsusigoto.com @01.dnsv.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11093
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; NSID: 61 66 62 ("afb")
;; QUESTION SECTION:
;amex.insatsusigoto.com.                IN      A

;; ANSWER SECTION:
amex.insatsusigoto.com. 3600    IN      A       202.61.137.79

;; AUTHORITY SECTION:
insatsusigoto.com.      86400   IN      NS      01.dnsv.jp.
insatsusigoto.com.      86400   IN      NS      02.dnsv.jp.
insatsusigoto.com.      86400   IN      NS      03.dnsv.jp.
insatsusigoto.com.      86400   IN      NS      04.dnsv.jp.

;; Query time: 3 msec
;; SERVER: 157.7.32.53#53(157.7.32.53)
;; WHEN: 金  4月 22 11:14:28 JST 2022
;; MSG SIZE  rcvd: 149

202.61.137.79
        BGPNET Global ASN
        2022-04-07 (15 days)    2022-04-22 (today)      15 days

3. gmoserver

$ dig amex.insatsusigoto.com @dns01.gmoserver.jp

; <<>> DiG 9.16.1-Ubuntu <<>> amex.insatsusigoto.com @dns01.gmoserver.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49781
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; NSID: 68 62 65 ("hbe")
;; QUESTION SECTION:
;amex.insatsusigoto.com.                IN      A

;; AUTHORITY SECTION:
insatsusigoto.com.      600     IN      SOA     dns01.gmoserver.jp. hostmaster.insatsusigoto.com. 2013030601 28800 7200 604800 600

;; Query time: 11 msec
;; SERVER: 157.7.33.81#53(157.7.33.81)
;; WHEN: 金  4月 22 11:18:50 JST 2022
;; MSG SIZE  rcvd: 123

4. subdomains

dojin.insatsusigoto.com         ‐       ‐
smtp.insatsusigoto.com          ‐       ‐
sassi.insatsusigoto.com         ‐       ‐
insatsusigoto.com               ‐       ‐
pop.insatsusigoto.com           ‐       ‐
www.insatsusigoto.com           ‐       ‐
amex.insatsusigoto.com          BGPNET Global ASN       ‐
mx.insatsusigoto.com            ‐       ‐
imap.insatsusigoto.com          ‐       ‐
ftp.insatsusigoto.com           ‐       ‐

CategoryDns CategoryWatch CategoryTemplate

MoinQ: フィッシング/dnsv/insatsusigoto.com (last edited 2023-03-01 23:28:55 by ToshinoriMaeno)