API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 15th, 2021
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.94 KB | None | 0 0
raw download clone embed print report
  1. RIGEL posted this on telegram a while ago.
  2.  
  3. They're trying to FOMO people into thinking that they have to buy because with this marketing the price will go up.
  4.  
  5. https://i.imgur.com/D0Vu4OU.png
  6.  
  7. Let’s analyze those links.
  8.  
  9.  
  10. https://crymarket.org/2021/02/01/rigel-finance-a-modern-day-cryptocurrency-platform-for-individuals-and-businesses/
  11. http://www.digitaljournal.com/pr/4959201
  12.  
  13. http://markets.financialcontent.com/streetinsider/news/read/40925265
  14. http://markets.financialcontent.com/wral/news/read/40925265
  15. http://markets.financialcontent.com/startribune/news/read/40925265
  16. http://markets.financialcontent.com/ibtimes/news/read/40925265
  17. http://markets.financialcontent.com/wss/news/read/40925265
  18. http://markets.financialcontent.com/bostonherald/news/read/40925265
  19.  
  20. http://business.dailytimesleader.com/dailytimesleader/news/read/40925265
  21. http://finance.dailyherald.com/dailyherald/news/read/40925265
  22.  
  23.  
  24. The blue part of the url tells the website which layout to show, the red part is the ID of the article.
  25.  
  26.  
  27. - Mixed ("wrong" hostname and layout) still works
  28. http://business.dailytimesleader.com/dailyherald/news/read/40925265
  29. http://finance.dailyherald.com/dailytimesleader/news/read/40925265
  30. http://finance.dailyherald.com/bostonherald/news/read/40925265
  31.  
  32.  
  33. Both "business.dailytimesleader.com" and "finance.dailyherald.com"
  34. point to "51.81.67.46 ph3a.us-east-1.financialcontent.com", this is probably subdomain hijacking.
  35.  
  36.  
  37. Open CMD/powershell/terminal and type this:
  38. (Use -c2 on linux and -n2 on windows)
  39.  
  40. $ ping -c2 business.dailytimesleader.com
  41. PING ph3b.us-east-1.financialcontent.com (51.81.67.47) 56(84) bytes of data.
  42. 64 bytes from ph3b.us-east-1.financialcontent.com (51.81.67.47): icmp_seq=1 ttl=51 time=118 ms
  43. 64 bytes from ph3b.us-east-1.financialcontent.com (51.81.67.47): icmp_seq=2 ttl=51 time=118 ms
  44.  
  45. $ ping -c2 dailytimesleader.com
  46. PING dailytimesleader.com (50.28.1.53) 56(84) bytes of data.
  47. 64 bytes from host3.horizonweb01.com (50.28.1.53): icmp_seq=1 ttl=56 time=134 ms
  48. 64 bytes from host3.horizonweb01.com (50.28.1.53): icmp_seq=2 ttl=56 time=134 ms
  49.  
  50.  
  51. $ ping -c2 finance.dailyherald.com
  52. PING ph3a.us-east-1.financialcontent.com (51.81.67.46) 56(84) bytes of data.
  53. 64 bytes from ph3a.us-east-1.financialcontent.com (51.81.67.46): icmp_seq=1 ttl=50 time=116 ms
  54. 64 bytes from ph3a.us-east-1.financialcontent.com (51.81.67.46): icmp_seq=2 ttl=50 time=116 ms
  55.  
  56. $ ping -c2 dailyherald.com
  57. PING dailyherald.com (107.154.75.234) 56(84) bytes of data.
  58. 64 bytes from 107.154.75.234.ip.incapdns.net (107.154.75.234): icmp_seq=1 ttl=58 time=111 ms
  59. 64 bytes from 107.154.75.234.ip.incapdns.net (107.154.75.234): icmp_seq=2 ttl=58 time=112 ms
  60.  
  61.  
  62. As you can see the subdomains point to a different IP Address than the main domains.
  63.  
  64. If you go to "dailytimesleader.com" or "dailyherald.com" and search for "RIGEL" you will find nothing.
  65.  
  66.  
  67.  
  68.  
  69. Since I’m a genrous guy here’s 16 more articles for RIGEL’s next PR PACKAGE!
  70.  
  71. markets.financialcontent.com/borgernewsherald/news/read/40925265
  72. markets.financialcontent.com/bpas/news/read/40925265
  73. markets.financialcontent.com/crain.businessinsurance/news/read/40925265
  74. markets.financialcontent.com/deseretnews/news/read/40925265
  75. markets.financialcontent.com/dowtheoryletters/news/read/40925265
  76. markets.financialcontent.com/fatpitch.valueinvestingnews/news/read/40925265
  77. markets.financialcontent.com/investplace/news/read/40925265
  78. markets.financialcontent.com/kelownadailycourier/news/read/40925265
  79. markets.financialcontent.com/observernewsonline/news/read/40925265
  80. markets.financialcontent.com/pennwell.bioopticsworld/news/read/40925265
  81. markets.financialcontent.com/pennwell.cabling/news/read/40925265
  82. markets.financialcontent.com/presstelegram/news/read/40925265
  83. markets.financialcontent.com/prnews.pressrelease/news/read/40925265
  84. markets.financialcontent.com/spoke/news/read/40925265
  85. markets.financialcontent.com/stocks/news/read/40925265
  86. markets.financialcontent.com/townhall/news/read/40925265
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!