API tools faq
paste
Advertisement
moshsrv

OLX

moshsrv
Oct 7th, 2021
115
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.19 KB | None | 0 0
raw download clone embed print report
  1. from email/sms: 913289145
  2. message: Tentativa de fraude olx
  3. type: smishing
  4. link: smso.site/DKm7 ; smso.site/9nwB ; smso.site/2nlo
  5.  
  6. [INFO] Date: 07/10/21 | Time: 09:12:10
  7. [INFO] ------TARGET info------
  8. [*] TARGET: https://sms.order-pays.xyz/qeQgZe
  9. [*] TARGET IP: 193.233.15.140
  10. [INFO] NO load balancer detected for smso.site...
  11. [*] DNS servers: ns1.reg.ru. ns1.reg.ru.
  12. [*] TARGET server: nginx
  13. [*] CC: SC
  14. [*] Country: Seychelles
  15. [*] RegionCode: 13
  16. [*] RegionName: Grand Anse Mahe
  17. [*] City: Misere
  18. [*] ASN: AS42745
  19. [*] BGP_PREFIX: 193.233.15.0/24
  20. [*] ISP: SAFEVALUE-AS Safe Value Limited, DE
  21. [INFO] SSL/HTTPS certificate detected
  22. [*] Issuer: issuer=C = US, O = Let's Encrypt, CN = R3
  23. [*] Subject: subject=CN = smso.site
  24. [ALERT] Let's Encrypt is commonly used for Phishing
  25. [INFO] Possible abuse mails are:
  26. [*] abuse@free.net
  27. [*] abuse@smso.site
  28. [INFO] NO PAC (Proxy Auto Configuration) file FOUND
  29. [ALERT] robots.txt file FOUND in http://smso.site/robots.txt
  30. [INFO] Checking for HTTP status codes recursively from http://smso.site/robots.txt
  31. [INFO] Status code Folders
  32. [INFO] Starting FUZZing in http://smso.site/FUzZzZzZzZz...
  33. [INFO] Status code Folders
  34. [*] 200 http://smso.site/index
  35. [*] 200 http://smso.site/images
  36. [*] 200 http://smso.site/download
  37. [*] 200 http://smso.site/2006
  38. [*] 301 http://smso.site/news
  39. [*] 200 http://smso.site/crack
  40. [*] 200 http://smso.site/serial
  41. [*] 200 http://smso.site/warez
  42. [*] 301 http://smso.site/full
  43. [*] 200 http://smso.site/12
  44. grep: (standard input): binary file matches
  45. [ALERT] Look in the source code. It may contain passwords
  46. [ALERT] Content in http://smso.site/ AND http://www.smso.site/ is different
  47. [INFO] MD5 for http://smso.site/ is: 1c3333d26a85293c56600234dacc26b7
  48. [INFO] MD5 for http://www.smso.site/ is: f4cb5e14047d2af6f326f9e7640a5a2f
  49. [INFO] http://smso.site/ redirects to https://www.google.com/
  50. [INFO] http://www.smso.site/ redirects to https://www.google.com/
  51.  
  52. Looking up sms.order-pays.xyz
  53. Unable to locate remote host sms.order-pays.xyz.
  54. Alert!: Unable to connect to remote host.
  55.  
  56. lynx: Can't access startfile https://sms.order-pays.xyz/qeQgZe
  57. [INFO] Links found from https://sms.order-pays.xyz/qeQgZe http://193.233.15.140/:
  58. cut: invalid field range
  59. Try 'cut --help' for more information.
  60. [INFO] Shodan detected the following opened ports on 193.233.15.140:
  61. [INFO] ------VirusTotal SECTION------
  62. [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
  63. [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
  64. [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
  65. [INFO] ------Alexa Rank SECTION------
  66. [INFO] Percent of Visitors Rank in Country:
  67. [INFO] Percent of Search Traffic:
  68. [INFO] Percent of Unique Visits:
  69. [INFO] Total Sites Linking In:
  70. [INFO] Useful links related to smso.site - 193.233.15.140:
  71. [*] https://www.virustotal.com/pt/ip-address/193.233.15.140/information/
  72. [*] https://www.hybrid-analysis.com/search?host=193.233.15.140
  73. [*] https://www.shodan.io/host/193.233.15.140
  74. [*] https://www.senderbase.org/lookup/?search_string=193.233.15.140
  75. [*] https://www.alienvault.com/open-threat-exchange/ip/193.233.15.140
  76. [*] http://pastebin.com/search?q=193.233.15.140
  77. [*] http://urlquery.net/search.php?q=193.233.15.140
  78. [*] http://www.alexa.com/siteinfo/smso.site
  79. [*] http://www.google.com/safebrowsing/diagnostic?site=smso.site
  80. [*] https://censys.io/ipv4/193.233.15.140
  81. [*] https://www.abuseipdb.com/check/193.233.15.140
  82. [*] https://urlscan.io/search/#193.233.15.140
  83. [*] https://github.com/search?q=193.233.15.140&type=Code
  84. [INFO] Useful links related to AS42745 - 193.233.15.0/24:
  85. [*] http://www.google.com/safebrowsing/diagnostic?site=AS:42745
  86. [*] https://www.senderbase.org/lookup/?search_string=193.233.15.0/24
  87. [*] http://bgp.he.net/AS42745
  88. [*] https://stat.ripe.net/AS42745
  89. [INFO] Date: 07/10/21 | Time: 09:12:49
  90. [INFO] Total time: 0 minute(s) and 39 second(s)
  91.  
  92.  
  93.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!