Takýto scam aktuálne beží - chodí to emailom:
Web na adrese https://sk-slovensko-dph.web.XXX/ (XXX si experimentátori nahradia app):
1 Like
Pastnem aj hlavičky:
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: <dph-sk@xs829118.xsrv.jp>
Received: from xxx (xxxxx)
by imap-d (Cyrus 3.4.3) with LMTPA;
Mon, 16 Dec 2024 16:57:41 +0100
X-Sieve: CMU Sieve 3.0
Received: from sv10694.xserver.jp (sv10694.xserver.jp [103.141.96.55])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by xxx (Postfix) with ESMTPS id DC9FDC0B0AB
for <xxx>; Mon, 16 Dec 2024 16:57:40 +0100 (CET)
Authentication-Results: xxx;
dkim=none;
dmarc=none;
spf=pass (xxx: domain of dph-sk@xs829118.xsrv.jp designates 103.141.96.55 as permitted sender) smtp.mailfrom=dph-sk@xs829118.xsrv.jp
Received: from webmail.xserver.ne.jp (webmail.xserver.ne.jp [202.226.37.183])
by sv10694.xserver.jp (Postfix) with ESMTPA id 06372403A10741;
Tue, 17 Dec 2024 00:44:55 +0900 (JST)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_8c3cc4cc025c7d5a5e911d2210ce87bd"
Date: Mon, 16 Dec 2024 15:44:55 +0000
From: =?UTF-8?Q?Finan=C4=8Dn=C3=A1_spr=C3=A1va?= <dph-sk@xs829118.xsrv.jp>
To: undisclosed-recipients:;
Subject: =?UTF-8?Q?V=C3=A1=C5=A1_pr=C3=ADstupov=C3=BD_k=C3=B3d_k_finan?=
=?UTF-8?Q?=C4=8Dnej_podpore=2E?=
Message-ID: <34a1ae2ca9fbfca58402f1768a225388@xs829118.xsrv.jp>
X-Sender: dph-sk@xs829118.xsrv.jp
User-Agent: Roundcube Webmail/1.2.0
X-Virus-Status: CLEAN zavdclam_1734364661427332159_139909353580224
--=_8c3cc4cc025c7d5a5e911d2210ce87bd
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
Tak som si vygeneroval rodné číslo a aj telefónne:
Následne sa to pokúsi získať IP adresu cez browser requestom, ktorý v CURL vyzerá takto:
curl 'https://api.ipify.org/?format=json' -H 'Accept: */*' -H 'Accept-Language: en-US,en;q=0.5' -H 'Accept-Encoding: gzip, deflate, br, zstd' -H 'Referer: https://sk-slovensko-dph.web.app/' -H 'Origin: https://sk-slovensko-dph.web.app' -H 'DNT: 1' -H 'Sec-GPC: 1' -H 'Connection: keep-alive'
Ďalej sa mi už nechcelo, ale poskúšajte.
$ whois 199.36.158.100
Mňam:
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2024, American Registry for Internet Numbers, Ltd.
#
NetRange: 199.36.152.0 - 199.36.159.255
CIDR: 199.36.152.0/21
NetName: MEEBO
NetHandle: NET-199-36-152-0-1
Parent: NET199 (NET-199-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS19527
Organization: Google LLC (GOGL)
RegDate: 2010-09-21
Updated: 2017-12-22
Ref: https://rdap.arin.net/registry/ip/199.36.152.0
OrgName: Google LLC
OrgId: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
RegDate: 2000-03-30
Updated: 2019-10-31
Comment: Please note that the recommended way to file abuse complaints are located in the following links.
Comment:
Comment: To report abuse and illegal activity: https://www.google.com/contact/
Comment:
Comment: For legal requests: http://support.google.com/legal
Comment:
Comment: Regards,
Comment: The Google Team
Ref: https://rdap.arin.net/registry/entity/GOGL
OrgTechHandle: ZG39-ARIN
OrgTechName: Google LLC
OrgTechPhone: +1-650-253-0000
OrgTechEmail: arin-contact@google.com
OrgTechRef: https://rdap.arin.net/registry/entity/ZG39-ARIN
OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-253-0000
OrgAbuseEmail: network-abuse@google.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5250-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2024, American Registry for Internet Numbers, Ltd.
#
dalsi dovod preco by vsetko statne malo ist na *.gov.sk domeny alebo take nieco.
1 Like