domingo, 26 de abril de 2026

phishing: Natura

Email:boletins@gold.venha.im

Link do phishing:https://s.pass.com.br/NaturaCadari/exz/m29/cyflqo/01.html




Estrutura do Phishing:
HTTP/2 301 
cache-control: private
content-length: 197
content-type: text/html; charset=utf-8
location: https://www.minhaloja.natura.com/c/promocoes?consultoria=cadari&marca=natura
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=kf3n4q5110wisnircmupn5py; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 27 Apr 2026 02:43:38 GMT

HTTP/2 503 
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 280
expires: Mon, 27 Apr 2026 00:43:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 27 Apr 2026 00:43:37 GMT
set-cookie: ab_home=b; path=/; secure


                
              
Domain Name: venha.im
Domain Managers
Name: Redacted
Address
Redacted
Domain Owners / Registrant
Name: Redacted
Address
Redacted
Administrative Contact
Name: Redacted
Address
Redacted
Billing Contact
Name: Redacted
Address
Redacted
Technical Contact
Name: Redacted
Address
Redacted
Domain Details
Expiry Date: 13/11/2026 00:59:52
Name Server:ns1.softlayer.com.
Name Server:ns2.softlayer.com


{
  "domain": "venha.im",
  "base_domain": "venha.im",
  "dnssec": false,
  "soa": {
    "record": "ns1.softlayer.com. support.softlayer.com. 2025030404 7200 600 1728000 43200",
    "values": {
      "primary_nameserver": "ns1.softlayer.com",
      "rname_email_address": "support@softlayer.com",
      "serial": 2025030404,
      "refresh": 7200,
      "retry": 600,
      "expire": 1728000,
      "minimum": 43200
    }
  },
  "ns": {
    "hostnames": [
      "ns1.softlayer.com",
      "ns2.softlayer.com"
    ],
    "warnings": []
  },
  "mx": {
    "hosts": [],
    "warnings": []
  },
  "mta_sts": {
    "valid": false,
    "error": "An MTA-STS DNS record does not exist."
  },
  "spf": {
    "record": null,
    "valid": false,
    "void_dns_lookups": null,
    "error": "An SPF record does not exist."
  },
  "dmarc": {
    "record": null,
    "location": null,
    "valid": false,
    "error": "A DMARC record does not exist."
  },
  "smtp_tls_reporting": {
    "valid": false,
    "error": "An SMTP TLS Reporting record does not exist."
  },
  "bimi": {
    "record": null,
    "valid": false,
    "selector": "default",
    "error": "A BIMI record does not exist at the default selector."
  }
}


;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35545
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;venha.im. IN A

;; ANSWER SECTION:
venha.im. 21600 IN A 74.63.196.62

;; Query time: 141 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Mon Apr 27 00:47:44 UTC 2026
;; MSG SIZE rcvd: 53
Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)