Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Email Analysis Report
- Email: cs@vmcustomer.com
- Reputation: none
- Suspicious: True
- Spotted: 0 Times
- Blacklisted: False
- Last Seen: never
- Known Spam: False
- Domain Report
- Domain: @vmcustomer.com
- Domain Exists: True
- Domain Rep: low
- Domain Age: None Days
- New Domain: False
- Deliverable: True
- Free Provider: False
- Disposable: False
- Spoofable: True
- Malicious Activity Report
- Malicious Activity: False
- Recent Activity: False
- Credentials Leaked: False
- Found in breach: False
- Profiles Found
- No Profiles Found For This User
- Summary of Report:
- Suspicious
- We have not observed this email address on the internet, and it has no profiles on major services like LinkedIn, Facebook, and iCloud
- A lack of digital presence may simply indicate a new email address, but is typically suspicious
- INFO] Date: 27/09/21 | Time: 04:15:49
- [INFO] ------TARGET info------
- [*] TARGET: https://oyshpt.squarespace.com/
- [*] TARGET IP: 198.49.23.177
- [ALERT] oyshpt.squarespace.com has a load balancer for IPv4 with the following IPs:
- [*] 198.185.159.177
- [*] 198.185.159.176
- [*] 198.49.23.177
- [*] 198.49.23.176
- [*] DNS servers: dns1.p06.nsone.net.
- [*] TARGET server: Squarespace
- [*] CC: US
- [*] Country: United States
- [*] RegionCode: NY
- [*] RegionName: New York
- [*] City: New York
- [*] ASN: AS53831
- [*] BGP_PREFIX: 198.49.23.0/24
- [*] ISP: SQUARESPACE, US
- [INFO] SSL/HTTPS certificate detected
- [*] Issuer: issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
- [*] Subject: subject=C = US, ST = New York, L = New York, O = "Squarespace, Inc.", CN = *.squarespace.com
- [INFO] Possible abuse mails are:
- [*] abuse@squarespace.com
- [*] postmaster@squarespace.com
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [ALERT] robots.txt file FOUND in http://oyshpt.squarespace.com/robots.txt
- [INFO] Checking for HTTP status codes recursively from http://oyshpt.squarespace.com/robots.txt
- [INFO] Status code Folders
- [*] 200 http://oyshpt.squarespace.com/config
- [*] 200 http://oyshpt.squarespace.com/search
- [INFO] Starting FUZZing in http://oyshpt.squarespace.com/FUzZzZzZzZz...
- [INFO] Status code Folders
- [ALERT] Look in the source code. It may contain passwords
- [INFO] Links found from https://oyshpt.squarespace.com/ http://198.49.23.177/:
- [*] https://oyshpt.squarespace.com/
- [*] https://oyshpt.squarespace.com/cart
- [*] https://oyshpt.squarespace.com/#page
- [*] https://status.squarespace.com/
- [*] https://twitter.com/squarespace
- [*] https://www.facebook.com/squarespace
- [*] https://www.instagram.com/squarespace/
- [*] https://www.jintumap.com/?Acessorios
- [*] https://www.jintumap.com/?Banho-e-beachwear
- [*] https://www.jintumap.com/?Calado
- [*] https://www.jintumap.com/?Condicoes-de-uso
- [*] https://www.jintumap.com/?consultations
- [*] https://www.jintumap.com/?dress-automn-2021
- [*] https://www.jintumap.com/?fatos-de-banhos
- [*] https://www.jintumap.com/?Lingerie
- [*] https://www.jintumap.com/?Loungewear
- [*] https://www.jintumap.com/?Privacidade
- [*] https://www.jintumap.com/?Sleep
- [*] https://www.jintumap.com/?Sobre-nos-space
- [*] https://www.jintumap.com/?Sport
- [*] https://www.jintumap.com/?sports-psh-leggings
- [*] https://www.jintumap.com/?top-biqui-2021
- cut: invalid field range
- Try 'cut --help' for more information.
- [INFO] Shodan detected the following opened ports on 198.49.23.177:
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [INFO] Useful links related to oyshpt.squarespace.com - 198.49.23.177:
- [*] https://www.virustotal.com/pt/ip-address/198.49.23.177/information/
- [*] https://www.hybrid-analysis.com/search?host=198.49.23.177
- [*] https://www.shodan.io/host/198.49.23.177
- [*] https://www.senderbase.org/lookup/?search_string=198.49.23.177
- [*] https://www.alienvault.com/open-threat-exchange/ip/198.49.23.177
- [*] http://pastebin.com/search?q=198.49.23.177
- [*] http://urlquery.net/search.php?q=198.49.23.177
- [*] http://www.alexa.com/siteinfo/oyshpt.squarespace.com
- [*] http://www.google.com/safebrowsing/diagnostic?site=oyshpt.squarespace.com
- [*] https://censys.io/ipv4/198.49.23.177
- [*] https://www.abuseipdb.com/check/198.49.23.177
- [*] https://urlscan.io/search/#198.49.23.177
- [*] https://github.com/search?q=198.49.23.177&type=Code
- [INFO] Useful links related to AS53831 - 198.49.23.0/24:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:53831
- [*] https://www.senderbase.org/lookup/?search_string=198.49.23.0/24
- [*] http://bgp.he.net/AS53831
- [*] https://stat.ripe.net/AS53831
- [INFO] Date: 27/09/21 | Time: 04:16:41
- [INFO] Total time: 0 minute(s) and 52 second(s)
- --------------------------------------------------PART 2----------------------------------------------------------
- url scan https://www.jintumap.com/?Acessorios
- [INFO] Date: 27/09/21 | Time: 04:56:27
- [INFO] ------TARGET info------
- [*] TARGET: https://www.oyshlingerie.online/acess%C3%B3rios-l-ODAwMjAxNDc=-MjAyMTA5MDQwMzI1NTI5NDMw.html?u=c38or/iDVT4=
- [*] TARGET IP: 91.92.112.220
- [INFO] NO load balancer detected for www.jintumap.com...
- [*] DNS servers: dns29.hichina.com.
- [*] TARGET server: nginx/1.14.2
- [*] CC: NL
- [*] Country: Netherlands
- [*] RegionCode: NH
- [*] RegionName: North Holland
- [*] City: Amsterdam
- [*] ASN: AS197328
- [*] BGP_PREFIX: 91.92.112.0/23
- [*] ISP: INETLTD Istanbuldc Veri Merkezi Ltd Sti, TR
- [INFO] SSL/HTTPS certificate detected
- [*] Issuer: issuer=C = US, O = Let's Encrypt, CN = R3
- [*] Subject: subject=CN = www.jintumap.com
- [ALERT] Let's Encrypt is commonly used for Phishing
- [INFO] Possible abuse mails are:
- [*] abuse@jintumap.com
- [*] abuse@rh.com.tr
- [*] abuse@sayfa.net
- [*] abuse@www.jintumap.com
- [*] ripe4@sayfa.net
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [INFO] Checking for HTTP status codes recursively from /acess%C3%B3rios-l-ODAwMjAxNDc=-MjAyMTA5MDQwMzI1NTI5NDMw.html?u=c38or/iDVT4=
- [INFO] Status code Folders
- [*] 404 http://www.jintumap.com/acess%C3%B3rios-l-ODAwMjAxNDc=-MjAyMTA5MDQwMzI1NTI5NDMw.html?u=c38or/
- [INFO] Starting FUZZing in http://www.jintumap.com/FUzZzZzZzZz...
- [INFO] Status code Folders
- [ALERT] Look in the source code. It may contain passwords
- [INFO] Links found from https://www.oyshlingerie.online/acess%C3%B3rios-l-ODAwMjAxNDc=-MjAyMTA5MDQwMzI1NTI5NDMw.html?u=c38or/iDVT4= http://91.92.112.220/:
- [*] https://www.17ordertrack.com/
- [*] https://www.ciohcgf.xyz/
- [*] https://www.ciohcgf.xyz/agrega-c-139.html
- [*] https://www.ciohcgf.xyz/aunque-este-par-de-zapatos-de-tacón-es-simple-en-diseño-da-una-agradable-ligereza-al-caminar-p-204.html
- [*] https://www.ciohcgf.xyz/botas-t-290.html
- [*] https://www.ciohcgf.xyz/en-mis-zapatos-p-206.html
- [*] https://www.ciohcgf.xyz/media-longitud-t-294.html
- [*] https://www.ciohcgf.xyz/movimientos-t-295.html
- [*] https://www.ciohcgf.xyz/para-aquellas-mujeres-maduras-siempre-tienen-un-encanto-más-elegante-p-205.html
- [*] https://www.ciohcgf.xyz/peinado-ondulado-c-138.html
- [*] https://www.ciohcgf.xyz/privacypolicy.html
- [*] https://www.ciohcgf.xyz/tacones-altos-t-293.html
- [*] https://www.ciohcgf.xyz/termsofservice.html
- [*] https://www.ciohcgf.xyz/zapatillas-t-291.html
- [*] https://www.ciohcgf.xyz/zapatos-c-140.html
- [*] https://www.ciohcgf.xyz/zapatos-t-292.html
- [*] https://www.oyshlingerie.online/
- [*] https://www.oyshlingerie.online/recently_browse.html
- [*] https://www.oyshlingerie.online/search.html
- [*] https://www.oyshlingerie.online/shopping_cart.html
- cut: invalid field range
- Try 'cut --help' for more information.
- [INFO] Shodan detected the following opened ports on 91.92.112.220:
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [INFO] Useful links related to www.jintumap.com - 91.92.112.220:
- [*] https://www.virustotal.com/pt/ip-address/91.92.112.220/information/
- [*] https://www.hybrid-analysis.com/search?host=91.92.112.220
- [*] https://www.shodan.io/host/91.92.112.220
- [*] https://www.senderbase.org/lookup/?search_string=91.92.112.220
- [*] https://www.alienvault.com/open-threat-exchange/ip/91.92.112.220
- [*] http://pastebin.com/search?q=91.92.112.220
- [*] http://urlquery.net/search.php?q=91.92.112.220
- [*] http://www.alexa.com/siteinfo/www.jintumap.com
- [*] http://www.google.com/safebrowsing/diagnostic?site=www.jintumap.com
- [*] https://censys.io/ipv4/91.92.112.220
- [*] https://www.abuseipdb.com/check/91.92.112.220
- [*] https://urlscan.io/search/#91.92.112.220
- [*] https://github.com/search?q=91.92.112.220&type=Code
- [INFO] Useful links related to AS197328 - 91.92.112.0/23:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:197328
- [*] https://www.senderbase.org/lookup/?search_string=91.92.112.0/23
- [*] http://bgp.he.net/AS197328
- [*] https://stat.ripe.net/AS197328
- [INFO] Date: 27/09/21 | Time: 04:56:56
- [INFO] Total time: 0 minute(s) and 29 second(s)
- ------------------------------------------------------------PART 3------------------------------------------------
- [INFO] Date: 27/09/21 | Time: 05:22:30
- [INFO] ------TARGET info------
- [*] TARGET: https://www.ciohcgf.xyz/
- [*] TARGET IP: 91.92.112.220
- [INFO] NO load balancer detected for www.ciohcgf.xyz...
- [*] DNS servers: dns11.hichina.com.
- [*] TARGET server: nginx/1.14.2
- [*] CC: NL
- [*] Country: Netherlands
- [*] RegionCode: NH
- [*] RegionName: North Holland
- [*] City: Amsterdam
- [*] ASN: AS197328
- [*] BGP_PREFIX: 91.92.112.0/23
- [*] ISP: INETLTD Istanbuldc Veri Merkezi Ltd Sti, TR
- [INFO] SSL/HTTPS certificate detected
- [*] Issuer: issuer=C = US, O = Let's Encrypt, CN = R3
- [*] Subject: subject=CN = www.ciohcgf.xyz
- [ALERT] Let's Encrypt is commonly used for Phishing
- [INFO] Possible abuse mails are:
- [*] abuse@ciohcgf.xyz
- [*] abuse@rh.com.tr
- [*] abuse@sayfa.net
- [*] abuse@www.ciohcgf.xyz
- [*] ripe4@sayfa.net
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [INFO] Starting FUZZing in http://www.ciohcgf.xyz/FUzZzZzZzZz...
- [INFO] Status code Folders
- [ALERT] Look in the source code. It may contain passwords
- [INFO] SAME content in http://www.ciohcgf.xyz/ AND http://91.92.112.220/
- [INFO] Links found from https://www.ciohcgf.xyz/:
- [*] https://www.ciohcgf.xyz/
- [*] https://www.ciohcgf.xyz/agrega-c-139.html
- [*] https://www.ciohcgf.xyz/aunque-este-par-de-zapatos-de-tacón-es-simple-en-diseño-da-una-agradable-ligereza-al-caminar-p-204.html
- [*] https://www.ciohcgf.xyz/botas-t-290.html
- [*] https://www.ciohcgf.xyz/en-mis-zapatos-p-206.html
- [*] https://www.ciohcgf.xyz/media-longitud-t-294.html
- [*] https://www.ciohcgf.xyz/movimientos-t-295.html
- [*] https://www.ciohcgf.xyz/para-aquellas-mujeres-maduras-siempre-tienen-un-encanto-más-elegante-p-205.html
- [*] https://www.ciohcgf.xyz/peinado-ondulado-c-138.html
- [*] https://www.ciohcgf.xyz/privacypolicy.html
- [*] https://www.ciohcgf.xyz/tacones-altos-t-293.html
- [*] https://www.ciohcgf.xyz/termsofservice.html
- [*] https://www.ciohcgf.xyz/zapatillas-t-291.html
- [*] https://www.ciohcgf.xyz/zapatos-c-140.html
- [*] https://www.ciohcgf.xyz/zapatos-t-292.html
- cut: invalid field range
- Try 'cut --help' for more information.
- [INFO] Shodan detected the following opened ports on 91.92.112.220:
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [INFO] Useful links related to www.ciohcgf.xyz - 91.92.112.220:
- [*] https://www.virustotal.com/pt/ip-address/91.92.112.220/information/
- [*] https://www.hybrid-analysis.com/search?host=91.92.112.220
- [*] https://www.shodan.io/host/91.92.112.220
- [*] https://www.senderbase.org/lookup/?search_string=91.92.112.220
- [*] https://www.alienvault.com/open-threat-exchange/ip/91.92.112.220
- [*] http://pastebin.com/search?q=91.92.112.220
- [*] http://urlquery.net/search.php?q=91.92.112.220
- [*] http://www.alexa.com/siteinfo/www.ciohcgf.xyz
- [*] http://www.google.com/safebrowsing/diagnostic?site=www.ciohcgf.xyz
- [*] https://censys.io/ipv4/91.92.112.220
- [*] https://www.abuseipdb.com/check/91.92.112.220
- [*] https://urlscan.io/search/#91.92.112.220
- [*] https://github.com/search?q=91.92.112.220&type=Code
- [INFO] Useful links related to AS197328 - 91.92.112.0/23:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:197328
- [*] https://www.senderbase.org/lookup/?search_string=91.92.112.0/23
- [*] http://bgp.he.net/AS197328
- [*] https://stat.ripe.net/AS197328
- [INFO] Date: 27/09/21 | Time: 05:22:56
- [INFO] Total time: 0 minute(s) and 26 second(s)
Add Comment
Please, Sign In to add comment