Scam Number: (314) 936-5675
Scammer’s Website or Email: https://fitgymworld.online/about-us/
Additional information about this scam:
Updated number on their website: (314)-279-7776
The Aurora Wave Begins
Mike answered, asked me typical questions. I got this information from him:
anydesk: 874305094
IP: 223.178.211.146 (Shimla)
Reported the domain to GoDaddy.
Attempted to connect to his desk using my misc vm (not my baiting vm), but the client’s offline. I’m going to port scan the IP
Open Ports:
They do have a FTP port open, which suggests that they have files stored on a NAS server or something similar
7/tcp open echo
9/tcp open discard
13/tcp open daytime
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
26/tcp open rsftp
37/tcp open time
53/tcp open domain
79/tcp open finger
80/tcp open http
81/tcp open hosts2-ns
88/tcp open kerberos-sec
106/tcp open pop3pw
110/tcp open pop3
111/tcp open rpcbind
113/tcp open ident
119/tcp open nntp
135/tcp open msrpc
139/tcp open netbios-ssn
143/tcp open imap
144/tcp open news
179/tcp open bgp
199/tcp open smux
389/tcp open ldap
427/tcp open svrloc
443/tcp open https
444/tcp open snpp
445/tcp open microsoft-ds
465/tcp open smtps
513/tcp open login
514/tcp open shell
515/tcp open printer
543/tcp open klogin
544/tcp open kshell
548/tcp open afp
554/tcp open rtsp
587/tcp open submission
631/tcp open ipp
646/tcp open ldp
873/tcp open rsync
990/tcp open ftps
993/tcp open imaps
995/tcp open pop3s
1025/tcp open NFS-or-IIS
1026/tcp open LSA-or-nterm
1027/tcp open IIS
1028/tcp open unknown
1029/tcp open ms-lsa
1110/tcp open nfsd-status
1433/tcp open ms-sql-s
1720/tcp open h323q931
1723/tcp open pptp
1755/tcp open wms
1900/tcp open upnp
2000/tcp open cisco-sccp
2001/tcp open dc
2049/tcp open nfs
2121/tcp open ccproxy-ftp
2717/tcp open pn-requester
3000/tcp open ppp
3128/tcp open squid-http
3306/tcp open mysql
3389/tcp open ms-wbt-server
3986/tcp open mapper-ws_ethd
4899/tcp open radmin
5000/tcp open upnp
5009/tcp open airport-admin
5051/tcp open ida-agent
5060/tcp open sip
5101/tcp open admdog
5190/tcp open aol
5357/tcp open wsdapi
5432/tcp open postgresql
5631/tcp open pcanywheredata
5666/tcp open nrpe
5800/tcp open vnc-http
5900/tcp open vnc
6000/tcp open X11
6001/tcp open X11:1
6646/tcp open unknown
7070/tcp open realserver
8000/tcp open http-alt
8008/tcp open http
8009/tcp open ajp13
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8443/tcp open https-alt
8888/tcp open sun-answerbook
9100/tcp open jetdirect
9999/tcp open abyss
10000/tcp open snet-sensor-mgmt
32768/tcp open filenet-tms
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
(314) 279-7776 Not in Service
IP: 223.178.211.146 (Shimla) or more likely Chandigarh Mohali