Cover Image

UPDATE: phishing che ruba credenziali di Facebook

13 Giugno 2020 - Tempo di lettura: 4 minuti

Abbiamo appena rilevato un dominio utilizzato per operazioni malevole di phishing ai danni di Facebook. Il dominio che segnaliamo in questo report è assolutamente da evitare, non fa parte di Facebook ed è creato con l'unico scopo di rubare credenziali di accesso valide.

URL:

m-facebook-profile.item4324853[.]com

Analisi dominio

{
    "status": 1,
    "domain_name": "item4324853.com",
    "query_time": "2020-06-13 17:43:15",
    "whois_server": "whois.namecheap.com",
    "domain_registered": "yes",
    "create_date": "2020-06-10",
    "expiry_date": "2021-06-10",
    "domain_registrar": {
        "iana_id": 1068,
        "registrar_name": "NAMECHEAP INC",
        "whois_server": "whois.namecheap.com",
        "website_url": "http://www.namecheap.com",
        "email_address": "abuse@namecheap.com",
        "phone_number": "+1.6613102107"
    },
    "registrant_contact": {
        "full_name": "WhoisGuard Protected",
        "company_name": "WhoisGuard, Inc.",
        "mailing_address": "P.O. Box 0823-03411",
        "city_name": "Panama",
        "state_name": "Panama",
        "country_name": "Panama",
        "country_code": "PA",
        "email_address": "721c8cba0b3a4a0da694df0f7bd57783.protect@whoisguard.com",
        "phone_number": "+507.8365503",
        "fax_number": "+51.17057182"
    },
    "administrative_contact": {
        "full_name": "WhoisGuard Protected",
        "company_name": "WhoisGuard, Inc.",
        "mailing_address": "P.O. Box 0823-03411",
        "city_name": "Panama",
        "state_name": "Panama",
        "country_name": "Panama",
        "country_code": "PA",
        "email_address": "721c8cba0b3a4a0da694df0f7bd57783.protect@whoisguard.com",
        "phone_number": "+507.8365503",
        "fax_number": "+51.17057182"
    },
    "technical_contact": {
        "full_name": "WhoisGuard Protected",
        "company_name": "WhoisGuard, Inc.",
        "mailing_address": "P.O. Box 0823-03411",
        "city_name": "Panama",
        "state_name": "Panama",
        "country_name": "Panama",
        "country_code": "PA",
        "email_address": "721c8cba0b3a4a0da694df0f7bd57783.protect@whoisguard.com",
        "phone_number": "+507.8365503",
        "fax_number": "+51.17057182"
    },
    "name_servers": [
        "dns1.namecheaphosting.com",
        "dns2.namecheaphosting.com"
    ],
    "domain_status": [
        "addPeriod",
        "clientTransferProhibited"
    ]
}

Analisi Hosting

Country United States
Organization Namecheap
ISP Namecheap
Last Update 2020-06-13T09:57:51.151343
Hostnames premium31-2.web-hosting.com
ASN AS22612

Screenshot di compromissione

intopic.it