@GuysItsZach#191997 Yeah, they know scambaiters love to call them.
Hey Guys, Have some juicy info, the ssh has a cve but just a username enum has some smtp stuff, anyway here is the juicy stuff
```
Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-10 15:46 IST
NSE: Loaded 153 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:46
Completed NSE at 15:46, 0.00s elapsed
Initiating NSE at 15:46
Completed NSE at 15:46, 0.00s elapsed
Initiating NSE at 15:46
Completed NSE at 15:46, 0.00s elapsed
Initiating Ping Scan at 15:46
Scanning www.sapphiresoftech.com (173.236.154.115) [2 ports]
Completed Ping Scan at 15:46, 0.27s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:46
Completed Parallel DNS resolution of 1 host. at 15:46, 1.20s elapsed
Initiating Connect Scan at 15:46
Scanning www.sapphiresoftech.com (173.236.154.115) [1000 ports]
Discovered open port 587/tcp on 173.236.154.115
Discovered open port 22/tcp on 173.236.154.115
Discovered open port 21/tcp on 173.236.154.115
Discovered open port 443/tcp on 173.236.154.115
Discovered open port 80/tcp on 173.236.154.115
Discovered open port 5269/tcp on 173.236.154.115
Discovered open port 5222/tcp on 173.236.154.115
Completed Connect Scan at 15:47, 37.88s elapsed (1000 total ports)
Initiating Service scan at 15:47
Scanning 7 services on www.sapphiresoftech.com (173.236.154.115)
Completed Service scan at 15:47, 21.72s elapsed (7 services on 1 host)
NSE: Script scanning 173.236.154.115.
Initiating NSE at 15:47
Completed NSE at 15:48, 44.92s elapsed
Initiating NSE at 15:48
Completed NSE at 15:48, 19.95s elapsed
Initiating NSE at 15:48
Completed NSE at 15:48, 0.00s elapsed
Nmap scan report for www.sapphiresoftech.com (173.236.154.115)
Host is up (0.29s latency).
rDNS record for 173.236.154.115: sapphiresoftech.com
Not shown: 992 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 33:09:83:dd:cf:7c:15:2d:03:3c:1f:fc:07:16:71:8e (RSA)
| 256 4c:2c:f4:c5:53:a8:bf:28:7a:68:00:40:ab:39:04:00 (ECDSA)
|_ 256 fb:40:bc:cb:25:87:e7:7e:c6:10:97:f6:47:a2:97:01 (ED25519)
25/tcp closed smtp
80/tcp open http Apache httpd
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|http-title: Did not follow redirect to https://www.sapphiresoftech.com/
443/tcp open ssl/ssl Apache httpd (SSL-only mode)
| http-methods:
| Supported Methods: HEAD OPTIONS
|_http-server-header: Apache
|_http-title: 400 Bad Request
| ssl-cert: Subject: commonName=sapphiresoftech.com
| Subject Alternative Name: DNS:sapphiresoftech.com, DNS:www.sapphiresoftech.com
| Issuer: commonName=Sectigo RSA Domain Validation Secure Server CA/organizationName=Sectigo Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2020-07-08T00:00:00
| Not valid after: 2021-07-13T23:59:59
| MD5: d2df a77f f89f e61d 91e9 7447 8627 180a
|SHA-1: a901 da95 7a18 ac25 4448 c55f a31d 6d45 b40d 63b2
587/tcp open smtp Postfix smtpd
|smtp-commands: blout.dreamhost.com, PIPELINING, SIZE 40960000, ETRN, ENHANCEDSTATUSCODES, 8BITMIME,
5222/tcp open jabber Prosody Jabber client
| xmpp-info:
| STARTTLS Failed
| info:
| features:
|
| errors:
| host-unknown
|
| text: This server does not serve www.sapphiresoftech.com
| stream:stream
| (timeout)
| capabilities:
|
| stream_id: 080fe9c6-d7b9-4e1a-8a41-01ec5694190f
| xmpp:
| lang: en
| version: 1.0
| auth_mechanisms:
|
| unknown:
|
| compression_methods:
5269/tcp open jabber Prosody Jabber server (dialback)
| xmpp-info:
| STARTTLS Failed
| info:
| features:
|
| errors:
| host-unknown
|
| text: This host does not serve www.sapphiresoftech.com
| stream:stream
| (timeout)
| capabilities:
|
| stream_id: d350d571-ff5c-47c1-912e-c1ae1d40b30a
| xmpp:
| lang: en
| version: 1.0
| auth_mechanisms:
|
| unknown:
|
| compression_methods:
Service Info: Host: blout.dreamhost.com; OS: Linux; CPE: cpe:/o:linux:linux_kernel
NSE: Script Post-scanning.
Initiating NSE at 15:48
Completed NSE at 15:48, 0.00s elapsed
Initiating NSE at 15:48
Completed NSE at 15:48, 0.00s elapsed
Initiating NSE at 15:48
Completed NSE at 15:48, 0.00s elapsed
Read data files from: /usr/bin/ā¦/share/nmap
Service detection performed. Please report any incorrect results at Nmap OS/Service Fingerprint and Correction Submission Page .
Nmap done: 1 IP address (1 host up) scanned in 127.48 seconds
```
lol found this file
they are selling medcines like xanax viagra oxycodone 844-477-0999
Active again Sapphire Softech Solutions scammers
Punjabi accent
See this video about sapphiresoftech.com
https://youtu.be/ppsS0-an6CY
Continuing the discussion from Https://www.sapphiresoftech.com/ - +1-888-357-5222:
add /wfh after their website to add customer data to their database.
Hi DVR Sapphire Upland address (fake?) has this entity too allvirustoremove.org
They are likely the same.
Correct. Fake address obviously. They have a couple other companies in fact. Here are some of their other websites.
all-it-expert.business.site
And some more, i dont have the data with me right now.
Jasmeer Oberoi current job:
FUTURE COMPUTING SOLUTIONS INC
They say i am not calling the right number when I ask to purchase an antivirus like it says on there website.
Hi @Dvr Welcome. You know me from my daily tweets Aurā¦
paranoia. They are super paranoid.
How do you know if they are connected?
In the video, their name appears as money launderers (among others)
Where do you see their names? And what names? I cant see Jasmeer Oberoi which is one of the names I know about them.
Video is not primary about Sapphire. It is about Nastech who use many payment scammers and Saphhire is listed with a dozen other scamming websites/company names"
BTW Oberoi is a Punjabi surname.
Edit: I see it now but it says Sapphire Tech LLC not Sapphire Softech
Yes I know but were is it linked, Nanobaiter who was involved in investigating the scammers him and Scambaiter exposed says they are not connected.
My experience with SapphireSoftech.com. I decided to check out this site that was mentioned as a scam site. It is indeed with weird links but great prices, if only they worked. I called and got their tech support. After a conversation, they said they would call me back. Not.
I need to do MORE research about a connection. (both are owned by Punjabi families but that does not mean much yet)
but Sapphire Softech is no angel
BBB
https://www.bbb.org/us/ca/upland/profile/information-technology-services/sapphire-softech-solutions-llc-1066-89086934/complaints
One victim writesā¦
This is a scam company, they show fake virus and send pop-up on the computers and charge big amount by showing a firewall on the bestbuy websites which is actually routers for the internet connection.
they are one of the biggest scam companies in the world, my suggestion dont do business with this company, if you have done any business, take your charges back by calling your banksā¦ they are fraud