Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from email/sms: 913289145
- message: Tentativa de fraude olx
- type: smishing
- link: smso.site/DKm7 ; smso.site/9nwB ; smso.site/2nlo
- [INFO] Date: 07/10/21 | Time: 09:12:10
- [INFO] ------TARGET info------
- [*] TARGET: https://sms.order-pays.xyz/qeQgZe
- [*] TARGET IP: 193.233.15.140
- [INFO] NO load balancer detected for smso.site...
- [*] DNS servers: ns1.reg.ru. ns1.reg.ru.
- [*] TARGET server: nginx
- [*] CC: SC
- [*] Country: Seychelles
- [*] RegionCode: 13
- [*] RegionName: Grand Anse Mahe
- [*] City: Misere
- [*] ASN: AS42745
- [*] BGP_PREFIX: 193.233.15.0/24
- [*] ISP: SAFEVALUE-AS Safe Value Limited, DE
- [INFO] SSL/HTTPS certificate detected
- [*] Issuer: issuer=C = US, O = Let's Encrypt, CN = R3
- [*] Subject: subject=CN = smso.site
- [ALERT] Let's Encrypt is commonly used for Phishing
- [INFO] Possible abuse mails are:
- [*] abuse@free.net
- [*] abuse@smso.site
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [ALERT] robots.txt file FOUND in http://smso.site/robots.txt
- [INFO] Checking for HTTP status codes recursively from http://smso.site/robots.txt
- [INFO] Status code Folders
- [INFO] Starting FUZZing in http://smso.site/FUzZzZzZzZz...
- [INFO] Status code Folders
- [*] 200 http://smso.site/index
- [*] 200 http://smso.site/images
- [*] 200 http://smso.site/download
- [*] 200 http://smso.site/2006
- [*] 301 http://smso.site/news
- [*] 200 http://smso.site/crack
- [*] 200 http://smso.site/serial
- [*] 200 http://smso.site/warez
- [*] 301 http://smso.site/full
- [*] 200 http://smso.site/12
- grep: (standard input): binary file matches
- [ALERT] Look in the source code. It may contain passwords
- [ALERT] Content in http://smso.site/ AND http://www.smso.site/ is different
- [INFO] MD5 for http://smso.site/ is: 1c3333d26a85293c56600234dacc26b7
- [INFO] MD5 for http://www.smso.site/ is: f4cb5e14047d2af6f326f9e7640a5a2f
- [INFO] http://smso.site/ redirects to https://www.google.com/
- [INFO] http://www.smso.site/ redirects to https://www.google.com/
- Looking up sms.order-pays.xyz
- Unable to locate remote host sms.order-pays.xyz.
- Alert!: Unable to connect to remote host.
- lynx: Can't access startfile https://sms.order-pays.xyz/qeQgZe
- [INFO] Links found from https://sms.order-pays.xyz/qeQgZe http://193.233.15.140/:
- cut: invalid field range
- Try 'cut --help' for more information.
- [INFO] Shodan detected the following opened ports on 193.233.15.140:
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [INFO] Useful links related to smso.site - 193.233.15.140:
- [*] https://www.virustotal.com/pt/ip-address/193.233.15.140/information/
- [*] https://www.hybrid-analysis.com/search?host=193.233.15.140
- [*] https://www.shodan.io/host/193.233.15.140
- [*] https://www.senderbase.org/lookup/?search_string=193.233.15.140
- [*] https://www.alienvault.com/open-threat-exchange/ip/193.233.15.140
- [*] http://pastebin.com/search?q=193.233.15.140
- [*] http://urlquery.net/search.php?q=193.233.15.140
- [*] http://www.alexa.com/siteinfo/smso.site
- [*] http://www.google.com/safebrowsing/diagnostic?site=smso.site
- [*] https://censys.io/ipv4/193.233.15.140
- [*] https://www.abuseipdb.com/check/193.233.15.140
- [*] https://urlscan.io/search/#193.233.15.140
- [*] https://github.com/search?q=193.233.15.140&type=Code
- [INFO] Useful links related to AS42745 - 193.233.15.0/24:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:42745
- [*] https://www.senderbase.org/lookup/?search_string=193.233.15.0/24
- [*] http://bgp.he.net/AS42745
- [*] https://stat.ripe.net/AS42745
- [INFO] Date: 07/10/21 | Time: 09:12:49
- [INFO] Total time: 0 minute(s) and 39 second(s)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement