Welcome back to another good article, you might’ve noticed my rather long depature or maybe not. I really need to get to know the forum’s new UI but i’ll adjust to it eventually. So, You wanna fuck with scammers and have no clue how to find their websites IP? How to report the website & it’s IP? Well look no further. This also goes down the rabbit hole and explains more interesting scam that’ll be sure to impress your friends, family, co-workers and even twitter. Now remember some things are bound to payment and the services listed are 100% deserving to be paid without defrauding them or using stolen API keys.
Let’s first begin at an easy level with finding scam pages:
- scammer.info (Here)
- Asking the elderly
- Signing up to random & Very Sketchy sites with a temp email address.
- Hanging around discord servers such as gaming, content creation and Content Creator’s YT Discords
- TypoSquatting (Accidentially mispelling a domain)
- Using anonfiles and getting free popups.
- Check your spam box, Ask your family, friends, and etc to do so.
How do you use google dorks?
intitle: “[Your topic here]” (Do not remove the quotes)
Filter by within the last week and you should be good to go.
Using MMC3 Hashes on https://shodan.io to find websites with the same fav.ico hashes.
Query Shodan to find Websites such as dark web scams: http.html:“Fullz” will give you credit card fraud scams and their IPs.
Using https://search.censys.io/ one can create an account and search via SSL Certs & Domain by using parsed.names: [Your domain here without http:// or https://] or by using the “Hosts” tab by simply entering “Your Domain without the https://www bullshit”
Using zoomeye one can also do the same thing as shodan but instead of http.html you’d just run title: “Your HTML Title here” if there’s not more than 1 word, Quotes are not needed I just add them to ensure it’s refined or doesn’t miss the target.
Ping, Yes sometimes all you need is to open CMD/Terminal and run ping [Your website here without HTTP(S)://
viewdns.info Sometimes one can find out that a website previously ran on another unmasked IP and maybe added cloudflare or DDoSGaurd in this case viewing the IP History may reveal the IP, this site is basic and super powerful.
Some proof can be found in my recent tweets of mine where I’ve managed to identify several dark net marketplace’s origin IP. We’re always in a constant battle with Ransomware, botnets and more but hopefully you can find scammers, link their websites together and report them to the registrar, hosting provider and proper law enforcement agencies.