Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Nom de l'hôte onaizahedu.gov.sa FAI SingleHop LLC
- Continent Amérique du Nord Drapeau
- US
- Pays Etats-Unis d'Amérique Code du pays US
- Région Illinois Heure locale 25 Oct 2018 10:36 CDT
- Ville Chicago Code Postal 60605
- Adresse IP 146.66.71.198 Latitude 41.871
- Longitude -87.628
- #######################################################################################################################################
- > onaizahedu.gov.sa
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- Name: onaizahedu.gov.sa
- Address: 146.66.71.198
- #######################################################################################################################################
- Domain Name: onaizahedu.gov.sa
- Registrant:
- MOE-Directorate of Education in Onaizah Province وزارة التربية والتعليم- إدارة التربية والتعليم بمحافظة عنيزة
- Address: طريق الملك عبدالعزيز
- Onaizah
- Saudi Arabia المملكة العربية السعودية
- Administrative Contact:
- محمد الحجي Mohammed AlHejji
- Address: عنيزة - طريق الملك عبدالعزيز
- 51911 Onaizah
- Saudi Arabia
- Technical Contact:
- محمد الحجي Mohammed AlHejji
- Address: لا يوجد
- لا يوجد Onaizah
- Saudi Arabia المملكة العربية السعودية
- Name Servers:
- ns1.m03.siteground.biz
- ns2.m03.siteground.biz
- Created on: 2000-02-15
- Last Updated on: 2017-03-29
- #######################################################################################################################################
- [i] Scanning Site: http://onaizahedu.gov.sa
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title:
- إدارة التعليم بمحافظة عنيزة
- [+] IP address: 146.66.71.198
- [+] Web Server: Could Not Detect
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- -----------[end of contents]-------------
- W H O I S L O O K U P
- =======================================================================================================================================
- % SaudiNIC Whois server.
- % Rights restricted by copyright.
- % http://nic.sa/en/view/whois-cmd-copyright
- Domain Name: onaizahedu.gov.sa
- Registrant:
- MOE-Directorate of Education in Onaizah Province وزارة التربية والتعليم- إدارة التربية والتعليم بمحافظة عنيزة
- Address: طريق الملك عبدالعزيز
- Onaizah
- Saudi Arabia المملكة العربية السعودية
- Administrative Contact:
- محمد الحجي Mohammed AlHejji
- Address: عنيزة - طريق الملك عبدالعزيز
- 51911 Onaizah
- Saudi Arabia
- Technical Contact:
- محمد الحجي Mohammed AlHejji
- Address: لا يوجد
- لا يوجد Onaizah
- Saudi Arabia المملكة العربية السعودية
- Name Servers:
- ns1.m03.siteground.biz
- ns2.m03.siteground.biz
- Created on: 2000-02-15
- Last Updated on: 2017-03-29
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 146.66.71.198
- [i] Country: US
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 37.750999
- [i] Longitude: -97.821999
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Thu, 25 Oct 2018 15:52:00 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] X-Cache-Enabled: False
- [i] Link: <http://onaizahedu.gov.sa/wp-json/>; rel="https://api.w.org/"
- [i] Vary: Accept-Encoding
- [i] Cache-Control: max-age=172800
- [i] Expires: Sat, 27 Oct 2018 15:52:00 GMT
- [i] Host-Header: 192fc2e7e50945beb8231a492d6a8024
- [i] X-Proxy-Cache: MISS
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- onaizahedu.gov.sa. 14399 IN MX 1 aspmx.l.google.com.
- onaizahedu.gov.sa. 14399 IN MX 5 alt1.aspmx.l.google.com.
- onaizahedu.gov.sa. 14399 IN MX 10 alt3.aspmx.l.google.com.
- onaizahedu.gov.sa. 14399 IN MX 10 alt4.aspmx.l.google.com.
- onaizahedu.gov.sa. 14399 IN MX 5 alt2.aspmx.l.google.com.
- onaizahedu.gov.sa. 14399 IN TXT "v=spf1 include:mailgun.org ~all"
- onaizahedu.gov.sa. 21599 IN SOA ns1.m03.siteground.biz. root.m03.siteground.biz. 2017032906 3600 7200 1209600 86400
- onaizahedu.gov.sa. 21599 IN NS ns1.m03.siteground.biz.
- onaizahedu.gov.sa. 21599 IN NS ns2.m03.siteground.biz.
- onaizahedu.gov.sa. 14399 IN A 146.66.71.198
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 146.66.71.198
- Network = 146.66.71.198 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 146.66.71.198 - 146.66.71.198 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-25 15:52 UTC
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.018s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.42 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 2
- [+] Subdomain: www.home.onaizahedu.gov.sa
- [-] IP: 146.66.71.198
- [+] Subdomain: serv.onaizahedu.gov.sa
- [-] IP: 146.66.71.198
- #######################################################################################################################################
- [?] Enter the target: http://onaizahedu.gov.sa/
- [!] IP Address : 146.66.71.198
- [!] CMS Detected : WordPress
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for onaizahedu.gov.sa
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/onaizahedu.gov.sa
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Robots.txt retrieved
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.34 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns1.m03.siteground.biz. (69.175.104.50) AS32475 SingleHop, Inc. United States
- ns2.m03.siteground.biz. (69.175.104.51) AS32475 SingleHop, Inc. United States
- [+] MX Records
- 5 (74.125.193.26) AS15169 Google Inc. United States
- [+] MX Records
- 5 (64.233.190.27) AS15169 Google Inc. United States
- [+] MX Records
- 10 (74.125.128.26) AS15169 Google Inc. United States
- [+] MX Records
- 10 (66.102.1.26) AS15169 Google Inc. United States
- [+] MX Records
- 1 (172.217.197.27) AS15169 Google Inc. United States
- [+] Host Records (A)
- home.onaizahedu.gov.saHTTP: (ip-146-66-71-198.siteground.com) (146.66.71.198) Bulgaria Bulgaria
- www.home.onaizahedu.gov.saHTTP: (ip-146-66-71-198.siteground.com) (146.66.71.198) Bulgaria Bulgaria
- serv.onaizahedu.gov.saHTTP: (ip-146-66-71-198.siteground.com) (146.66.71.198) Bulgaria Bulgaria
- [+] TXT Records
- "v=spf1 include:mailgun.org ~all"
- [+] DNS Map: https://dnsdumpster.com/static/map/onaizahedu.gov.sa.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- Gs52659@onaizahedu.gov.sa
- gm52658@onaizahedu.gov.sa
- mo@onaizahedu.gov.sa
- pixel-1540482729729762-web-@onaizahedu.gov.sa
- pixel-1540482731270313-web-@onaizahedu.gov.sa
- sclp112@onaizahedu.gov.sa
- takaful@onaizahedu.gov.sa
- web@onaizahedu.gov.sa
- wry@onaizahedu.gov.sa
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 146.66.71.198:www.onaizahedu.gov.sa
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Crawling the target for fuzzable URLs
- [+] Found 6 fuzzable URLs
- http://onaizahedu.gov.sa//?p=514
- [~] Using SQLMap api to check for SQL injection vulnerabilities. Don't worry we are using an online service and it doesn't depend on your internet connection. This scan will take 2-3 minutes.
- #######################################################################################################################################
- ; <<>> DiG 9.11.4-P2-3-Debian <<>> onaizahedu.gov.sa
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24756
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;onaizahedu.gov.sa. IN A
- ;; ANSWER SECTION:
- onaizahedu.gov.sa. 13099 IN A 146.66.71.198
- ;; Query time: 217 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: jeu oct 25 11:58:29 EDT 2018
- ;; MSG SIZE rcvd: 62
- #######################################################################################################################################
- [+] URL: http://onaizahedu.gov.sa/
- [+] Started: Thu Oct 25 11:42:02 2018
- Interesting Finding(s):
- [+] http://onaizahedu.gov.sa/
- | Interesting Entries:
- | - X-Cache-Enabled: False
- | - Host-Header: 192fc2e7e50945beb8231a492d6a8024
- | - X-Proxy-Cache: MISS
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://onaizahedu.gov.sa/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] http://onaizahedu.gov.sa/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://onaizahedu.gov.sa/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] WordPress version 4.9.8 identified (Released on 2018-08-02).
- | Detected By: Rss Generator (Passive Detection)
- | - http://onaizahedu.gov.sa/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
- | Confirmed By: Atom Generator (Passive Detection)
- | - http://onaizahedu.gov.sa/feed/atom/, <generator uri="https://wordpress.org/" version="4.9.8">WordPress</generator>
- [+] WordPress theme in use: lightmag-v3
- | Location: http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/
- | Style URL: http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/style.css?1445753475
- | Style Name: LightMag v3
- | Style URI: http://mwordpress.net
- | Description: Premium News/Magazine Wordpress theme by Mouad Achemli....
- | Author: Mouad Achemli
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 3.0 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/style.css?1445753475, Match: 'Version: 3.0'
- [+] Enumerating Vulnerable Plugins
- [+] Checking Plugin Versions
- [i] No plugins Found.
- [+] Enumerating Vulnerable Themes
- Checking Known Locations - Time: 00:01:36 <> (287 / 287) 100.00% Time: 00:01:36
- [+] Checking Theme Versions
- [i] No themes Found.
- [+] Enumerating Timthumbs
- Checking Known Locations - Time: 00:05:45 <> (1000 / 2573) 38.86% ETA: 00:09:0 Checking Known
- [i] Timthumb(s) Identified:
- [+] http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/timthumb.php
- | Detected By: Known Locations (Aggressive Detection)
- |
- | Version: 2.8.11
- | Detected By: Bad Request (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/timthumb.php, Match: 'TimThumb version : 2.8.11'
- [+] Enumerating Config Backups
- Checking Config Backups - Time: 00:00:04 <===> (21 / 21) 100.00% Time: 00:00:04
- [i] No Config Backups Found.
- [+] Enumerating DB Exports
- Checking DB Exports - Time: 00:00:14 <=======> (36 / 36) 100.00% Time: 00:00:14
- [i] No DB Exports Found.
- [+] Enumerating Medias (Permalink setting must be set to "Plain" for those to be detected)
- Brute Forcing Attachment IDs - Time: 00:00:00 <> (0 / 100) 0.00% ETA: ??:??:? Brute Forcing
- [i] No Medias Found.
- [+] Enumerating Users
- Brute Forcing Author IDs - Time: 00:00:04 <==> (10 / 10) 100.00% Time: 00:00:04
- [i] User(s) Identified:
- [+] db9v4
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al11
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- [+] al13
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- [+] al4
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al6
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al5
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al7
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- [+] al1
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al3
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al14
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-json/wp/v2/users/
- [+] it
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] web
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] wal
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] al2
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] Finished: Thu Oct 25 12:00:56 2018
- [+] Requests Done: 3092
- [+] Memory used: 159.48 MB
- [+] Elapsed time: 00:18:53
- #######################################################################################################################################
- [+] URL: http://onaizahedu.gov.sa/
- [+] Started: Thu Oct 25 12:05:16 2018
- Interesting Finding(s):
- [+] http://onaizahedu.gov.sa/
- | Interesting Entries:
- | - X-Cache-Enabled: False
- | - Host-Header: 192fc2e7e50945beb8231a492d6a8024
- | - X-Proxy-Cache: MISS
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://onaizahedu.gov.sa/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] http://onaizahedu.gov.sa/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://onaizahedu.gov.sa/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] WordPress version 4.9.8 identified (Released on 2018-08-02).
- | Detected By: Rss Generator (Passive Detection)
- | - http://onaizahedu.gov.sa/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
- | Confirmed By: Atom Generator (Passive Detection)
- | - http://onaizahedu.gov.sa/feed/atom/, <generator uri="https://wordpress.org/" version="4.9.8">WordPress</generator>
- [+] WordPress theme in use: lightmag-v3
- | Location: http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/
- | Style URL: http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/style.css?1445753475
- | Style Name: LightMag v3
- | Style URI: http://mwordpress.net
- | Description: Premium News/Magazine Wordpress theme by Mouad Achemli....
- | Author: Mouad Achemli
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 3.0 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://onaizahedu.gov.sa/wp-content/themes/lightmag-v3/style.css?1445753475, Match: 'Version: 3.0'
- [+] Enumerating All Plugins
- [+] Checking Plugin Versions
- [i] Plugin(s) Identified:
- [+] contact-form-7
- | Location: http://onaizahedu.gov.sa/wp-content/plugins/contact-form-7/
- | Latest Version: 5.0.4 (up to date)
- | Last Updated: 2018-09-04T17:26:00.000Z
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 5.0.4 (100% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://onaizahedu.gov.sa/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
- | Confirmed By:
- | Readme - Stable Tag (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-content/plugins/contact-form-7/readme.txt
- | Readme - ChangeLog Section (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-content/plugins/contact-form-7/readme.txt
- [+] wysija-newsletters
- | Location: http://onaizahedu.gov.sa/wp-content/plugins/wysija-newsletters/
- | Latest Version: 2.10.2 (up to date)
- | Last Updated: 2018-10-18T06:27:00.000Z
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.10.2 (90% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - http://onaizahedu.gov.sa/wp-content/plugins/wysija-newsletters/css/validationEngine.jquery.css?ver=2.10.2
- | Confirmed By: Readme - Stable Tag (Aggressive Detection)
- | - http://onaizahedu.gov.sa/wp-content/plugins/wysija-newsletters/readme.txt
- [+] Enumerating Config Backups
- Checking Config Backups - Time: 00:00:06 <=============> (21 / 21) 100.00% Time: 00:00:06
- [i] No Config Backups Found.
- [+] Finished: Thu Oct 25 12:06:06 2018
- [+] Requests Done: 56
- [+] Memory used: 99.766 MB
- [+] Elapsed time: 00:00:49
- #######################################################################################################################################
- [+] Hosting Info for Website: onaizahedu.gov.sa
- [+] Visitors per day: 3,580
- [+] IP Address: 146.66.71.198
- [+] IP Reverse DNS (Host): ip-146-66-71-198.siteground.com
- [+] Hosting IP Range: 146.66.71.0 - 146.66.71.255 (256 ip)
- [+] Hosting Address: Racho Petkov Kazandjiata 8, Floor 3, Siteground
- [+] Hosting Country: USA
- [+] Hosting Phone: +359886660270, +442071839093
- [+] Hosting Website: www.siteground.com
- [+] Hosting CIDR: 146.66.71.0/24
- [+] NS: ns1.m03.siteground.biz
- [+] NS: ns2.m03.siteground.biz
- #######################################################################################################################################
- [+] Testing domain
- www.onaizahedu.gov.sa 146.66.71.198
- [+] Dns resolving
- Domain name Ip address Name server
- onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- Found 1 host(s) for onaizahedu.gov.sa
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on onaizahedu.gov.sa
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 118.01 seconds
- Subdomain Ip address Name server
- calendar.onaizahedu.gov.sa 172.217.15.115 iad30s21-in-f19.1e100.net
- docs.onaizahedu.gov.sa 172.217.15.115 iad30s21-in-f19.1e100.net
- email.onaizahedu.gov.sa 34.199.3.152 ec2-34-199-3-152.compute-1.amazonaws.com
- ftp.onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- home.onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- localhost.onaizahedu.gov.sa 127.0.0.1 localhost
- mail.onaizahedu.gov.sa 172.217.15.115 iad30s21-in-f19.1e100.net
- serv.onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- webmail.onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- www.onaizahedu.gov.sa 146.66.71.198 ip-146-66-71-198.siteground.com
- #######################################################################################################################################
- [*] Processing domain onaizahedu.gov.sa
- [+] Getting nameservers
- 69.175.104.51 - ns2.m03.siteground.biz
- 69.175.104.50 - ns1.m03.siteground.biz
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 include:mailgun.org ~all"
- [+] MX records found, added to target list
- 10 alt3.aspmx.l.google.com.
- 5 alt2.aspmx.l.google.com.
- 10 alt4.aspmx.l.google.com.
- 5 alt1.aspmx.l.google.com.
- 1 aspmx.l.google.com.
- [*] Scanning onaizahedu.gov.sa for A records
- 146.66.71.198 - onaizahedu.gov.sa
- 146.66.71.198 - autodiscover.onaizahedu.gov.sa
- 146.66.71.198 - autoconfig.onaizahedu.gov.sa
- 172.217.15.115 - calendar.onaizahedu.gov.sa
- 146.66.71.198 - cpanel.onaizahedu.gov.sa
- 172.217.15.115 - docs.onaizahedu.gov.sa
- 52.25.253.172 - email.onaizahedu.gov.sa
- 54.218.42.63 - email.onaizahedu.gov.sa
- 146.66.71.198 - ftp.onaizahedu.gov.sa
- 146.66.71.198 - home.onaizahedu.gov.sa
- 127.0.0.1 - localhost.onaizahedu.gov.sa
- 172.217.15.115 - mail.onaizahedu.gov.sa
- 172.217.15.115 - sites.onaizahedu.gov.sa
- 146.66.71.198 - webdisk.onaizahedu.gov.sa
- 146.66.71.198 - webmail.onaizahedu.gov.sa
- 146.66.71.198 - whm.onaizahedu.gov.sa
- 146.66.71.198 - www.onaizahedu.gov.sa
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 172.217.15.115 302 alias calendar.onaizahedu.gov.sa ghs
- 172.217.15.115 302 host ghs.google.com ghs
- 172.217.15.115 302 alias docs.onaizahedu.gov.sa ghs
- 172.217.15.115 302 host ghs.google.com ghs
- 54.218.42.63 200 alias email.onaizahedu.gov.sa nginx
- 54.218.42.63 200 host mailgun.org nginx
- 52.25.253.172 200 host mailgun.org nginx
- 146.66.71.198 200 alias ftp.onaizahedu.gov.sa nginx
- 146.66.71.198 200 host onaizahedu.gov.sa nginx
- 146.66.71.198 403 host home.onaizahedu.gov.sa nginx
- 127.0.0.1 host localhost.onaizahedu.gov.sa
- 172.217.15.115 302 alias mail.onaizahedu.gov.sa ghs
- 172.217.15.115 302 host ghs.google.com ghs
- 146.66.71.198 301 host serv.onaizahedu.gov.sa nginx
- 146.66.71.198 200 host webmail.onaizahedu.gov.sa nginx
- 146.66.71.198 301 alias www.onaizahedu.gov.sa nginx
- 146.66.71.198 301 host onaizahedu.gov.sa nginx
- #######################################################################################################################################
- Start: 2018-10-25T16:23:12+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.201 0.0% 3 1.1 1.2 0.9 1.6 0.3
- 2.|-- 45.79.12.0 0.0% 3 0.7 0.7 0.6 0.7 0.1
- 3.|-- 45.79.12.9 0.0% 3 0.8 1.6 0.8 3.2 1.3
- 4.|-- dls-b22-link.telia.net 0.0% 3 0.9 1.1 0.9 1.3 0.2
- 5.|-- kanc-b1-link.telia.net 0.0% 3 12.1 12.1 11.9 12.2 0.2
- 6.|-- chi-b21-link.telia.net 0.0% 3 24.5 24.9 24.5 25.5 0.5
- 7.|-- serverhub-ic-324864-chi-b21.c.telia.net 0.0% 3 25.1 25.3 25.1 25.8 0.4
- 8.|-- 128.177.133.154 0.0% 3 389.1 147.4 25.4 389.1 209.4
- 9.|-- ip-146-66-71-198.siteground.com 0.0% 3 24.5 24.8 24.5 25.2 0.4
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 146.66.71.198
- + Target Hostname: onaizahedu.gov.sa
- + Target Port: 80
- + Start Time: 2018-10-25 11:57:29 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
- + End Time: 2018-10-25 12:18:14 (GMT-4) (1245 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 146.66.71.198
- + Target Hostname: 146.66.71.198
- + Target Port: 80
- + Start Time: 2018-10-25 11:57:59 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
- + End Time: 2018-10-25 12:42:01 (GMT-4) (2642 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- PING 146.66.71.198 (146.66.71.198) 56(84) bytes of data.
- 64 bytes from 146.66.71.198: icmp_seq=1 ttl=55 time=222 ms
- --- 146.66.71.198 ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 221.519/221.519/221.519/0.000 ms
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 11:53 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.20s latency).
- Not shown: 460 filtered ports, 5 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2525/tcp open ms-v-worlds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 11:53 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.20s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 11:53 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%), OpenWrt Chaos Calmer (Linux 3.18) (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 117.12 ms 10.251.200.1
- 2 117.15 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 117.17 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 117.17 ms 10.10.53.25
- 5 186.22 ms 10.10.50.129
- 6 186.20 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 186.97 ms et-0-0-23-1.cr5-mia1.ip4.gtt.net (213.200.112.22)
- 8 186.26 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 186.24 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 186.66 ms 64.125.30.193
- 11 239.48 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 235.06 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 234.31 ms ae4.cs2.lga5.us.eth.zayo.com (64.125.29.30)
- 14 234.34 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 221.30 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 234.00 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 221.29 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 234.70 ms 128.177.133.154
- 19 221.64 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:04 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain (unknown banner: donuts)
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: donuts
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ donuts
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=10/25%Time=5BD1E987%P=x86_64-pc-linux-gnu%r(DNS
- SF:VersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version
- SF:\x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\
- SF:x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (88%)
- OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 3.18 (88%), Linux 4.9 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | stats.siteground.com - 192.168.0.15
- | internal.siteground.com - 184.154.235.10
- | ns1.siteground.com - 181.224.128.30
- | apps.siteground.com - 172.217.13.110
- | ns2.siteground.com - 181.224.128.31
- | apps.siteground.com - 2607:f8b0:4020:804:0:0:0:200e
- | download.siteground.com - 184.154.235.243
- | blog.siteground.com - 184.154.235.13
- | mail.siteground.com - 198.143.151.98
- | www.siteground.com - 181.224.128.30
- | www.siteground.com - 181.224.128.31
- | cdn.siteground.com - 181.224.128.32
- | cdn.siteground.com - 181.224.128.33
- | mail2.siteground.com - 181.224.128.61
- | chat.siteground.com - 216.104.36.122
- | mail3.siteground.com - 69.175.85.2
- | forum.siteground.com - 184.154.235.107
- |_ dev.siteground.com - 184.154.235.240
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 119.09 ms 10.251.200.1
- 2 119.12 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 119.95 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 119.94 ms 10.10.53.25
- 5 192.16 ms 10.10.50.129
- 6 188.80 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 193.40 ms et-0-0-22-2.cr5-mia1.ip4.gtt.net (213.200.112.38)
- 8 188.88 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 188.87 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 188.99 ms 64.125.30.193
- 11 237.63 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 241.53 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 236.22 ms 64.125.29.30
- 14 236.25 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 232.03 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 245.28 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 233.41 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 381.60 ms 128.177.133.154
- 19 227.16 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 52.79 seconds
- + -- --=[Port 67 opened... running tests...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:05 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 116.34 ms 10.251.200.1
- 2 116.36 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 116.69 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 116.89 ms 10.10.53.25
- 5 186.15 ms 10.10.50.129
- 6 193.94 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 186.18 ms et-0-0-23-1.cr5-mia1.ip4.gtt.net (213.200.112.22)
- 8 186.19 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 186.72 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 186.23 ms 64.125.30.193
- 11 240.80 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 244.41 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 239.39 ms ae4.cs2.lga5.us.eth.zayo.com (64.125.29.30)
- 14 239.37 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 224.75 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 237.31 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 287.75 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 254.54 ms 128.177.133.154
- 19 224.73 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 120.54 seconds
- + -- --=[Port 68 opened... running tests...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:07 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 120.65 ms 10.251.200.1
- 2 120.67 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 123.87 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 122.25 ms 10.10.53.25
- 5 190.07 ms 10.10.50.129
- 6 190.05 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 190.11 ms et-0-0-21-1.cr5-mia1.ip4.gtt.net (213.200.112.30)
- 8 190.09 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 189.89 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 190.46 ms 64.125.30.193
- 11 239.16 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 243.57 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 233.54 ms 64.125.29.30
- 14 233.52 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 222.79 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 235.87 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 223.35 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 224.73 ms 128.177.133.154
- 19 223.32 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 120.42 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:09 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 115.67 ms 10.251.200.1
- 2 115.71 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 115.73 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 116.05 ms 10.10.53.25
- 5 184.79 ms 10.10.50.129
- 6 184.76 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 189.53 ms et-0-0-21-1.cr5-mia1.ip4.gtt.net (213.200.112.30)
- 8 185.51 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 185.56 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 185.61 ms 64.125.30.193
- 11 239.85 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 243.90 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 238.35 ms 64.125.29.30
- 14 238.29 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 221.06 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 234.08 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 221.51 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 422.21 ms 128.177.133.154
- 19 221.04 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://146.66.71.198
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 14
- #######################################################################################################################################
- http://146.66.71.198 [200 OK] Country[ROMANIA][RO], IP[146.66.71.198], Meta-Refresh-Redirect[/cgi-sys/defaultwebpage.cgi], UncommonHeaders[host-header,x-proxy-cache], cPanel
- http://146.66.71.198/cgi-sys/defaultwebpage.cgi [200 OK] Country[ROMANIA][RO], HTML5, IP[146.66.71.198], Title[SiteGround Web Hosting Server Default Page], UncommonHeaders[host-header,x-proxy-cache]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://146.66.71.198...
- _________________________________________ SITE INFO _________________________________________
- IP Title
- 146.66.71.198
- __________________________________________ VERSION __________________________________________
- Name Versions Type
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
- 2.4.8 | 2.4.9
- ________________________________________ INTERESTING ________________________________________
- URL Note Type
- /install.php Installation file Interesting
- /robots.txt robots.txt index Interesting
- /test.php Test file Interesting
- _____________________________________________________________________________________________
- Time: 49.4 sec Urls: 808 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Thu, 25 Oct 2018 16:12:37 GMT
- Content-Type: text/html
- Content-Length: 111
- Last-Modified: Mon, 13 Nov 2017 15:37:17 GMT
- ETag: "6f-55ddf0b95a540"
- Accept-Ranges: bytes
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:12 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 165 guesses in 147 seconds, average tps: 1.0
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: UIDL SASL(PLAIN LOGIN) USER CAPA PIPELINING AUTH-RESP-CODE RESP-CODES TOP STLS
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- TRACEROUTE (using port 110/tcp)
- HOP RTT ADDRESS
- 1 115.53 ms 10.251.200.1
- 2 115.59 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 119.07 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 119.03 ms 10.10.53.25
- 5 184.28 ms 10.10.50.129
- 6 185.44 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 184.32 ms et-0-0-21-3.cr5-mia1.ip4.gtt.net (213.200.112.6)
- 8 184.55 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 184.55 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 185.51 ms 64.125.30.193
- 11 235.33 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 239.61 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 253.64 ms ae4.cs2.lga5.us.eth.zayo.com (64.125.29.30)
- 14 264.82 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 222.78 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 235.98 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 222.92 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 223.15 ms 128.177.133.154
- 19 222.18 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 171.05 seconds
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 123 opened... running tests...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:15 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 116.27 ms 10.251.200.1
- 2 116.29 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 116.33 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 117.08 ms 10.10.53.25
- 5 185.64 ms 10.10.50.129
- 6 185.45 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 189.59 ms et-0-0-5-0.cr5-mia1.ip4.gtt.net (89.149.140.146)
- 8 185.70 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 185.70 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 185.95 ms 64.125.30.193
- 11 252.88 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 241.43 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 240.44 ms 64.125.29.30
- 14 235.84 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 226.39 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 239.47 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 226.87 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 230.75 ms 128.177.133.154
- 19 226.35 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:17 EDT
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp open|filtered snmp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 19 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 116.43 ms 10.251.200.1
- 2 116.73 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 117.52 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 117.50 ms 10.10.53.25
- 5 185.85 ms 10.10.50.129
- 6 185.83 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 185.90 ms et-0-0-21-1.cr5-mia1.ip4.gtt.net (213.200.112.30)
- 8 185.93 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 185.92 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 186.03 ms 64.125.30.193
- 11 237.08 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 245.46 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 235.49 ms 64.125.29.30
- 14 235.46 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 223.34 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 236.61 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 223.36 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 240.99 ms 128.177.133.154
- 19 223.33 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 143.43 seconds
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://146.66.71.198
- Generic Detection results:
- The site https://146.66.71.198 seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 12
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginSessionResumption
- PluginChromeSha1Deprecation
- PluginOpenSSLCipherSuites
- PluginHSTS
- PluginSessionRenegotiation
- PluginHeartbleed
- PluginCertInfo
- PluginCompression
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 146.66.71.198:443 => 146.66.71.198:443
- SCAN RESULTS FOR 146.66.71.198:443 - 146.66.71.198:443
- ------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 363d030c4d607dab9339ae0fadbe8bf2c20ac452
- Common Name: *.sgcpanel.com
- Issuer: AlphaSSL CA - SHA256 - G2
- Serial Number: 5E52A7B7D1282F578E40DFDE
- Not Before: Mar 12 07:55:09 2018 GMT
- Not After: May 9 08:29:28 2019 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['*.sgcpanel.com', 'sgcpanel.com']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match 146.66.71.198
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['*.sgcpanel.com', 'AlphaSSL CA - SHA256 - G2', 'AlphaSSL CA - SHA256 - G2']
- * Certificate - OCSP Stapling:
- OCSP Response Status: successful
- Validation w/ Mozilla's CA Store: OK - Response is trusted
- Responder Id: EE5EFFFE85DB26C626FBD3698410AD1D0DD3EF58
- Cert Status: good
- Cert Serial Number: 5E52A7B7D1282F578E40DFDE
- This Update: Oct 25 13:22:15 2018 GMT
- Next Update: Oct 29 13:22:15 2018 GMT
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 4.80 S
- ------------------------
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 146.66.71.198
- Testing SSL server 146.66.71.198 on port 443 using SNI name 146.66.71.198
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Session renegotiation not supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.sgcpanel.com
- Altnames: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- Issuer: AlphaSSL CA - SHA256 - G2
- Not valid before: Mar 12 07:55:09 2018 GMT
- Not valid after: May 9 08:29:28 2019 GMT
- #######################################################################################################################################
- I, [2018-10-25T12:21:31.547259 #32389] INFO -- : Initiating port scan
- I, [2018-10-25T12:22:27.647346 #32389] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-25_12-21-31.xml
- I, [2018-10-25T12:22:27.648481 #32389] INFO -- : Discovered open port: 146.66.71.198:80
- I, [2018-10-25T12:22:28.553944 #32389] INFO -- : Discovered open port: 146.66.71.198:443
- I, [2018-10-25T12:22:30.373740 #32389] INFO -- : Discovered open port: 146.66.71.198:465
- I, [2018-10-25T12:22:31.755141 #32389] INFO -- : Discovered open port: 146.66.71.198:993
- I, [2018-10-25T12:22:33.585184 #32389] INFO -- : <<<Enumerating vulnerable applications>>>
- ---------------------------------------------------------------------------------------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- ---------------------------------------------------------------------------------------------------------------------------------------
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | v0pCr3w | http://146.66.71.198:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:24 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 12:24
- Completed NSE at 12:24, 0.00s elapsed
- Initiating NSE at 12:24
- Completed NSE at 12:24, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 12:24
- Completed Parallel DNS resolution of 1 host. at 12:24, 0.02s elapsed
- Initiating SYN Stealth Scan at 12:24
- Scanning ip-146-66-71-198.siteground.com (146.66.71.198) [474 ports]
- Discovered open port 993/tcp on 146.66.71.198
- Discovered open port 143/tcp on 146.66.71.198
- Discovered open port 53/tcp on 146.66.71.198
- Discovered open port 443/tcp on 146.66.71.198
- Discovered open port 587/tcp on 146.66.71.198
- Discovered open port 80/tcp on 146.66.71.198
- Discovered open port 465/tcp on 146.66.71.198
- Discovered open port 2525/tcp on 146.66.71.198
- Completed SYN Stealth Scan at 12:24, 9.40s elapsed (474 total ports)
- Initiating Service scan at 12:24
- Scanning 8 services on ip-146-66-71-198.siteground.com (146.66.71.198)
- Completed Service scan at 12:25, 40.19s elapsed (8 services on 1 host)
- Initiating OS detection (try #1) against ip-146-66-71-198.siteground.com (146.66.71.198)
- Retrying OS detection (try #2) against ip-146-66-71-198.siteground.com (146.66.71.198)
- Initiating Traceroute at 12:25
- Completed Traceroute at 12:25, 0.13s elapsed
- Initiating Parallel DNS resolution of 2 hosts. at 12:25
- Completed Parallel DNS resolution of 2 hosts. at 12:25, 0.03s elapsed
- NSE: Script scanning 146.66.71.198.
- Initiating NSE at 12:25
- Completed NSE at 12:25, 10.16s elapsed
- Initiating NSE at 12:25
- Completed NSE at 12:25, 0.01s elapsed
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.14s latency).
- Not shown: 461 filtered ports
- PORT STATE SERVICE VERSION
- 25/tcp closed smtp
- 53/tcp open domain (unknown banner: donuts)
- | dns-nsid:
- |_ bind.version: donuts
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ donuts
- 80/tcp open http nginx
- |_http-server-header: nginx
- |_http-title: 502 Bad Gateway
- 111/tcp closed rpcbind
- 139/tcp closed netbios-ssn
- 143/tcp open imap Dovecot imapd
- |_imap-capabilities: OK AUTH=PLAIN ENABLE post-login more LOGIN-REFERRALS IDLE AUTH=LOGINA0001 SASL-IR have ID IMAP4rev1 STARTTLS Pre-login listed capabilities LITERAL+ NAMESPACE
- | ssl-cert: Subject: commonName=*.siteground.biz
- | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-04-16T06:31:57
- | Not valid after: 2019-06-14T08:30:37
- | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
- |_SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
- |_ssl-date: 2018-10-25T16:25:50+00:00; 0s from scanner time.
- 443/tcp open ssl/http nginx
- |_http-server-header: nginx
- |_http-title: SiteGround Web Hosting
- | ssl-cert: Subject: commonName=*.sgcpanel.com
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- |_SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- |_ssl-date: TLS randomness does not represent time
- | tls-alpn:
- | h2
- |_ http/1.1
- | tls-nextprotoneg:
- | h2
- |_ http/1.1
- 445/tcp closed microsoft-ds
- 465/tcp open ssl/smtp
- | fingerprint-strings:
- | GenericLines:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:28 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | GetRequest:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:34 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | Hello, NULL:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:06 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | Help:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:20 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | 214-Commands supported:
- |_ AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
- | smtp-commands: m03.siteground.biz Hello ip-146-66-71-198.siteground.com [190.105.229.21], SIZE 52428800, 8BITMIME, VRFY, AUTH LOGIN PLAIN, HELP,
- |_ Commands supported:
- | ssl-cert: Subject: commonName=*.siteground.biz
- | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-04-16T06:31:57
- | Not valid after: 2019-06-14T08:30:37
- | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
- |_SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
- 587/tcp open smtp
- | fingerprint-strings:
- | GenericLines:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:24:59 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | GetRequest:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:26 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | Hello:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:10 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | Help:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:18 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | 214-Commands supported:
- | AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
- | NULL:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:24:59 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- |_ and/or bulk e-mail.
- | smtp-commands: m03.siteground.biz Hello ip-146-66-71-198.siteground.com [190.105.229.21], SIZE 52428800, 8BITMIME, VRFY, AUTH LOGIN PLAIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
- | ssl-cert: Subject: commonName=*.siteground.biz
- | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-04-16T06:31:57
- | Not valid after: 2019-06-14T08:30:37
- | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
- |_SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
- 993/tcp open ssl/imap Dovecot imapd
- |_imap-capabilities: capabilities AUTH=PLAIN ENABLE post-login more LOGIN-REFERRALS IDLE AUTH=LOGINA0001 SASL-IR have IMAP4rev1 ID Pre-login listed OK LITERAL+ NAMESPACE
- | ssl-cert: Subject: commonName=*.siteground.biz
- | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-04-16T06:31:57
- | Not valid after: 2019-06-14T08:30:37
- | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
- |_SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
- |_ssl-date: 2018-10-25T16:25:46+00:00; 0s from scanner time.
- 2525/tcp open smtp
- | fingerprint-strings:
- | GenericLines:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:10 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | GetRequest:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:24:59 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | unrecognized command
- | unrecognized command
- | Hello:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:15 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | Help:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:25:23 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- | and/or bulk e-mail.
- | 214-Commands supported:
- | AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
- | NULL:
- | 220-m03.siteground.biz ESMTP #148 Thu, 25 Oct 2018 11:24:59 -0500
- | 220-We do not authorize the use of this system to transport unsolicited,
- |_ and/or bulk e-mail.
- | smtp-commands: m03.siteground.biz Hello ip-146-66-71-198.siteground.com [190.105.229.21], SIZE 52428800, 8BITMIME, VRFY, AUTH LOGIN PLAIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
- | ssl-cert: Subject: commonName=*.siteground.biz
- | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-04-16T06:31:57
- | Not valid after: 2019-06-14T08:30:37
- | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
- |_SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
- 5432/tcp closed postgresql
- 4 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port53-TCP:V=7.70%I=7%D=10/25%Time=5BD1EE66%P=x86_64-pc-linux-gnu%r(DNS
- SF:VersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version
- SF:\x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\
- SF:x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port465-TCP:V=7.70%T=SSL%I=7%D=10/25%Time=5BD1EE68%P=x86_64-pc-linux-gn
- SF:u%r(NULL,A8,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x2
- SF:0Oct\x202018\x2011:25:06\x20-0500\x20\r\n220-We\x20do\x20not\x20authori
- SF:ze\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolici
- SF:ted,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(Hello,A8,"220-m03
- SF:\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:2
- SF:5:06\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20
- SF:of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20a
- SF:nd/or\x20bulk\x20e-mail\.\r\n")%r(Help,102,"220-m03\.siteground\.biz\x2
- SF:0ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:25:20\x20-0500\x20\r\
- SF:n220-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20system
- SF:\x20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-m
- SF:ail\.\r\n214-Commands\x20supported:\r\n214\x20AUTH\x20HELO\x20EHLO\x20M
- SF:AIL\x20RCPT\x20DATA\x20BDAT\x20NOOP\x20QUIT\x20RSET\x20HELP\x20VRFY\r\n
- SF:")%r(GenericLines,DC,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,
- SF:\x2025\x20Oct\x202018\x2011:25:28\x20-0500\x20\r\n220-We\x20do\x20not\x
- SF:20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x2
- SF:0unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unreco
- SF:gnized\x20command\r\n500\x20unrecognized\x20command\r\n")%r(GetRequest,
- SF:DC,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202
- SF:018\x2011:25:34\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20the
- SF:\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\
- SF:r\n220\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\
- SF:r\n500\x20unrecognized\x20command\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port587-TCP:V=7.70%I=7%D=10/25%Time=5BD1EE61%P=x86_64-pc-linux-gnu%r(NU
- SF:LL,A8,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x
- SF:202018\x2011:24:59\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20
- SF:the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x
- SF:20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(GenericLines,DC,"220-m0
- SF:3\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:
- SF:24:59\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x2
- SF:0of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20
- SF:and/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\r\n500\x20
- SF:unrecognized\x20command\r\n")%r(Hello,A8,"220-m03\.siteground\.biz\x20E
- SF:SMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:25:10\x20-0500\x20\r\n2
- SF:20-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20system\x
- SF:20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mai
- SF:l\.\r\n")%r(Help,10B,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,
- SF:\x2025\x20Oct\x202018\x2011:25:18\x20-0500\x20\r\n220-We\x20do\x20not\x
- SF:20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x2
- SF:0unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n214-Commands\
- SF:x20supported:\r\n214\x20AUTH\x20STARTTLS\x20HELO\x20EHLO\x20MAIL\x20RCP
- SF:T\x20DATA\x20BDAT\x20NOOP\x20QUIT\x20RSET\x20HELP\x20VRFY\r\n")%r(GetRe
- SF:quest,DC,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oc
- SF:t\x202018\x2011:25:26\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\
- SF:x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited
- SF:,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20co
- SF:mmand\r\n500\x20unrecognized\x20command\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port2525-TCP:V=7.70%I=7%D=10/25%Time=5BD1EE61%P=x86_64-pc-linux-gnu%r(N
- SF:ULL,A8,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\
- SF:x202018\x2011:24:59\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x2
- SF:0the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\
- SF:x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(GetRequest,DC,"220-m03
- SF:\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:2
- SF:4:59\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20
- SF:of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20a
- SF:nd/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\r\n500\x20u
- SF:nrecognized\x20command\r\n")%r(GenericLines,DC,"220-m03\.siteground\.bi
- SF:z\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x202018\x2011:25:10\x20-0500\x2
- SF:0\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20sy
- SF:stem\x20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x2
- SF:0e-mail\.\r\n500\x20unrecognized\x20command\r\n500\x20unrecognized\x20c
- SF:ommand\r\n")%r(Hello,A8,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20T
- SF:hu,\x2025\x20Oct\x202018\x2011:25:15\x20-0500\x20\r\n220-We\x20do\x20no
- SF:t\x20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport
- SF:\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(Help,
- SF:10B,"220-m03\.siteground\.biz\x20ESMTP\x20#148\x20Thu,\x2025\x20Oct\x20
- SF:2018\x2011:25:23\x20-0500\x20\r\n220-We\x20do\x20not\x20authorize\x20th
- SF:e\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20
- SF:\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n214-Commands\x20supported:\r\n
- SF:214\x20AUTH\x20STARTTLS\x20HELO\x20EHLO\x20MAIL\x20RCPT\x20DATA\x20BDAT
- SF:\x20NOOP\x20QUIT\x20RSET\x20HELP\x20VRFY\r\n");
- Device type: general purpose|WAP|storage-misc|media device
- Running (JUST GUESSING): Linux 2.6.X|4.X|3.X|2.4.X (92%), HP embedded (85%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:hp:p2000_g3
- Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 4.9 (87%), Linux 3.18 (86%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (86%), OpenWrt White Russian 0.9 (Linux 2.4.30) (86%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (86%), HP P2000 G3 NAS device (85%), Linux 2.6.32 (85%), ProVision-ISR security DVR (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 2 hops
- TCP Sequence Prediction: Difficulty=263 (Good luck!)
- IP ID Sequence Generation: All zeros
- TRACEROUTE (using port 445/tcp)
- HOP RTT ADDRESS
- 1 117.07 ms 10.251.200.1
- 2 116.86 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- NSE: Script Post-scanning.
- Initiating NSE at 12:25
- Completed NSE at 12:25, 0.00s elapsed
- Initiating NSE at 12:25
- Completed NSE at 12:25, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 67.02 seconds
- Raw packets sent: 1012 (48.044KB) | Rcvd: 6122 (3.324MB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 12:25 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 12:25
- Completed NSE at 12:25, 0.00s elapsed
- Initiating NSE at 12:25
- Completed NSE at 12:25, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 12:25
- Completed Parallel DNS resolution of 1 host. at 12:25, 0.02s elapsed
- Initiating UDP Scan at 12:25
- Scanning ip-146-66-71-198.siteground.com (146.66.71.198) [14 ports]
- Discovered open port 53/udp on 146.66.71.198
- Completed UDP Scan at 12:25, 2.17s elapsed (14 total ports)
- Initiating Service scan at 12:25
- Scanning 12 services on ip-146-66-71-198.siteground.com (146.66.71.198)
- Service scan Timing: About 16.67% done; ETC: 12:35 (0:08:10 remaining)
- Completed Service scan at 12:27, 102.57s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against ip-146-66-71-198.siteground.com (146.66.71.198)
- Retrying OS detection (try #2) against ip-146-66-71-198.siteground.com (146.66.71.198)
- Initiating Traceroute at 12:27
- Completed Traceroute at 12:27, 7.18s elapsed
- Initiating Parallel DNS resolution of 1 host. at 12:27
- Completed Parallel DNS resolution of 1 host. at 12:27, 0.02s elapsed
- NSE: Script scanning 146.66.71.198.
- Initiating NSE at 12:27
- Completed NSE at 12:28, 20.25s elapsed
- Initiating NSE at 12:28
- Completed NSE at 12:28, 1.08s elapsed
- Nmap scan report for ip-146-66-71-198.siteground.com (146.66.71.198)
- Host is up (0.17s latency).
- PORT STATE SERVICE VERSION
- 53/udp open domain (unknown banner: donuts)
- | dns-nsid:
- |_ bind.version: donuts
- | fingerprint-strings:
- | DNSVersionBindReq:
- | version
- | bind
- | donuts
- | NBTStat:
- |_ CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-UDP:V=7.70%I=7%D=10/25%Time=5BD1EE9B%P=x86_64-pc-linux-gnu%r(DNS
- SF:VersionBindReq,3F,"\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x04bin
- SF:d\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\x0c\0\x
- SF:02\0\x03\0\0\0\0\0\x02\xc0\x0c")%r(DNSStatusRequest,C,"\0\0\x90\x04\0\0
- SF:\0\0\0\0\0\0")%r(NBTStat,32,"\x80\xf0\x80\x15\0\x01\0\0\0\0\0\0\x20CKAA
- SF:AAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01");
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 116.98 ms 10.251.200.1
- 2 ... 3
- 4 115.11 ms 10.251.200.1
- 5 120.12 ms 10.251.200.1
- 6 120.11 ms 10.251.200.1
- 7 120.10 ms 10.251.200.1
- 8 120.08 ms 10.251.200.1
- 9 120.08 ms 10.251.200.1
- 10 120.07 ms 10.251.200.1
- 11 ... 18
- 19 115.84 ms 10.251.200.1
- 20 115.46 ms 10.251.200.1
- 21 ... 28
- 29 117.39 ms 10.251.200.1
- 30 121.02 ms 10.251.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 12:28
- Completed NSE at 12:28, 0.00s elapsed
- Initiating NSE at 12:28
- Completed NSE at 12:28, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 139.03 seconds
- Raw packets sent: 134 (11.618KB) | Rcvd: 5375 (2.376MB)
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- onaizahedu.gov.sa -----
- Host's addresses:
- __________________
- onaizahedu.gov.sa. 7562 IN A 146.66.71.198
- Name Servers:
- ______________
- ns2.m03.siteground.biz. 599 IN A 69.175.104.51
- ns1.m03.siteground.biz. 599 IN A 69.175.104.50
- Mail (MX) Servers:
- ___________________
- aspmx.l.google.com. 293 IN A 172.217.197.27
- alt4.aspmx.l.google.com. 293 IN A 74.125.128.26
- alt2.aspmx.l.google.com. 293 IN A 74.125.193.26
- alt1.aspmx.l.google.com. 293 IN A 64.233.190.26
- alt3.aspmx.l.google.com. 293 IN A 66.102.1.26
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for onaizahedu.gov.sa on ns2.m03.siteground.biz ...
- Trying Zone Transfer for onaizahedu.gov.sa on ns1.m03.siteground.biz ...
- brute force file not specified, bay.
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- [1/25] /webhp?hl=en-CA
- [x] Error downloading /webhp?hl=en-CA
- [2/25] http://onaizahedu.gov.sa/Fares/Self-Service-001N.pdf
- [3/25] http://onaizahedu.gov.sa/Tech-Serv/Form-6.pdf
- ##########################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- Qusay Abu Kaff
- Unknown User
- #######################################################################################################################################
- % SaudiNIC Whois server.
- % Rights restricted by copyright.
- % http://nic.sa/en/view/whois-cmd-copyright
- Domain Name: onaizahedu.gov.sa
- Registrant:
- MOE-Directorate of Education in Onaizah Province وزارة التربية والتعليم- إدارة التربية والتعليم بمحافظة عنيزة
- Address: طريق الملك عبدالعزيز
- Onaizah
- Saudi Arabia المملكة العربية السعودية
- Administrative Contact:
- محمد الحجي Mohammed AlHejji
- Address: عنيزة - طريق الملك عبدالعزيز
- 51911 Onaizah
- Saudi Arabia
- Technical Contact:
- محمد الحجي Mohammed AlHejji
- Address: لا يوجد
- لا يوجد Onaizah
- Saudi Arabia المملكة العربية السعودية
- Name Servers:
- ns1.m03.siteground.biz
- ns2.m03.siteground.biz
- Created on: 2000-02-15
- Last Updated on: 2017-03-29
- #######################################################################################################################################
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for onaizahedu.gov.sa
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- SSL Certificates: home.onaizahedu.gov.sa
- SSL Certificates: www.home.onaizahedu.gov.sa
- Virustotal: serv.onaizahedu.gov.sa
- Virustotal: home.onaizahedu.gov.sa
- Virustotal: www.onaizahedu.gov.sa
- DNSdumpster: www.home.onaizahedu.gov.sa
- DNSdumpster: home.onaizahedu.gov.sa
- DNSdumpster: serv.onaizahedu.gov.sa
- [-] Saving results to file: /usr/share/sniper/loot/onaizahedu.gov.sa/domains/domains-onaizahedu.gov.sa.txt
- [-] Total Unique Subdomains Found: 4
- www.onaizahedu.gov.sa
- home.onaizahedu.gov.sa
- www.home.onaizahedu.gov.sa
- serv.onaizahedu.gov.sa
- #######################################################################################################################################
- autodiscover.onaizahedu.gov.sa,146.66.71.198
- calendar.onaizahedu.gov.sa,64.233.162.121,2a00:1450:4010:c0d::79
- email.onaizahedu.gov.sa,52.25.253.172,54.218.42.63
- home.onaizahedu.gov.sa,146.66.71.198
- www.home.onaizahedu.gov.sa,146.66.71.198
- ftp.onaizahedu.gov.sa,146.66.71.198
- onaizahedu.gov.sa,146.66.71.198
- serv.onaizahedu.gov.sa,146.66.71.198
- webmail.onaizahedu.gov.sa,146.66.71.198
- www.onaizahedu.gov.sa,146.66.71.198
- mail.onaizahedu.gov.sa,173.194.222.121,2a00:1450:4010:c0b::79
- docs.onaizahedu.gov.sa,173.194.222.121,2a00:1450:4010:c0b::79
- autodiscover.home.onaizahedu.gov.sa,146.66.71.198
- webmail.home.onaizahedu.gov.sa,146.66.71.198
- #######################################################################################################################################
- [*] Processing domain onaizahedu.gov.sa
- [+] Getting nameservers
- 69.175.104.50 - ns1.m03.siteground.biz
- 69.175.104.51 - ns2.m03.siteground.biz
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 include:mailgun.org ~all"
- [+] MX records found, added to target list
- 1 aspmx.l.google.com.
- 10 alt4.aspmx.l.google.com.
- 5 alt2.aspmx.l.google.com.
- 5 alt1.aspmx.l.google.com.
- 10 alt3.aspmx.l.google.com.
- [*] Scanning onaizahedu.gov.sa for A records
- 146.66.71.198 - www.onaizahedu.gov.sa
- 146.66.71.198 - onaizahedu.gov.sa
- 172.217.197.121 - mail.onaizahedu.gov.sa
- 127.0.0.1 - localhost.onaizahedu.gov.sa
- 146.66.71.198 - webmail.onaizahedu.gov.sa
- 146.66.71.198 - ftp.onaizahedu.gov.sa
- 146.66.71.198 - webdisk.onaizahedu.gov.sa
- 146.66.71.198 - cpanel.onaizahedu.gov.sa
- 146.66.71.198 - autodiscover.onaizahedu.gov.sa
- 146.66.71.198 - whm.onaizahedu.gov.sa
- 146.66.71.198 - autoconfig.onaizahedu.gov.sa
- 172.217.197.121 - docs.onaizahedu.gov.sa
- 172.217.197.121 - calendar.onaizahedu.gov.sa
- 34.199.3.152 - email.onaizahedu.gov.sa
- 52.7.61.136 - email.onaizahedu.gov.sa
- 172.217.197.121 - sites.onaizahedu.gov.sa
- 146.66.71.198 - home.onaizahedu.gov.sa
- 146.66.71.198 - serv.onaizahedu.gov.sa
- #######################################################################################################################################
- home.onaizahedu.gov.sa
- www.home.onaizahedu.gov.sa
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 include:mailgun.org ~all
- [*] SPF record contains an All item: ~all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for onaizahedu.gov.sa!
- #######################################################################################################################################
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for onaizahedu.gov.sa... Done
- Using nameservers:
- - 69.175.104.50
- - 69.175.104.51
- Checking for wildcard DNS... Done
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: Netcraft... Done (0 hosts)
- Running collector: PublicWWW... Done (0 hosts)
- Running collector: Google Transparency Report... Done (1 host)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: HackerTarget... Done (3 hosts)
- Running collector: Certificate Search... Done (2 hosts)
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: Wayback Machine... Done (4 hosts)
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: Dictionary... Done (27 hosts)
- Running collector: DNSDB... Error
- -> DNSDB returned unexpected response code: 503
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Running collector: Threat Crowd... Done (0 hosts)
- Resolving 33 unique hosts...
- 146.66.71.198 .onaizahedu.gov.sa
- 146.66.71.198 home.onaizahedu.gov.sa
- 216.58.192.83 mail.onaizahedu.gov.sa
- 146.66.71.198 onaizahedu.gov.sa
- 146.66.71.198 serv.onaizahedu.gov.sa
- 146.66.71.198 www.home.onaizahedu.gov.sa
- 146.66.71.198 www.onaizahedu.gov.sa
- Found subnets:
- - 146.66.71.0-255 : 6 hosts
- Wrote 7 hosts to:
- - file:///root/aquatone/onaizahedu.gov.sa/hosts.txt
- - file:///root/aquatone/onaizahedu.gov.sa/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 7 hosts from /root/aquatone/onaizahedu.gov.sa/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for onaizahedu.gov.sa... Done
- Using nameservers:
- - 69.175.104.50
- - 69.175.104.51
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 7
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/onaizahedu.gov.sa/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 7 hosts from /root/aquatone/onaizahedu.gov.sa/hosts.json
- Probing 4 ports...
- 80/tcp 146.66.71.198 home.onaizahedu.gov.sa, onaizahedu.gov.sa, www.onaizahedu.gov.sa and 3 more
- 80/tcp 216.58.192.83 mail.onaizahedu.gov.sa
- 443/tcp 216.58.192.83 mail.onaizahedu.gov.sa
- 443/tcp 146.66.71.198 www.onaizahedu.gov.sa, serv.onaizahedu.gov.sa, home.onaizahedu.gov.sa and 3 more
- Wrote open ports to file:///root/aquatone/onaizahedu.gov.sa/open_ports.txt
- Wrote URLs to file:///root/aquatone/onaizahedu.gov.sa/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- npm executable not found!
- Please make sure NPM package manager is installed on your system.
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 14:00 EDT
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.22s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- Not shown: 460 filtered ports, 5 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2525/tcp open ms-v-worlds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 14:00 EDT
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.13s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 14:00 EDT
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.23s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 115.64 ms 10.253.200.1
- 2 119.40 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 115.64 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 193.69 ms 10.10.53.25
- 5 184.79 ms 10.10.50.129
- 6 188.25 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 190.45 ms et-0-0-8-1.cr5-mia1.ip4.gtt.net (89.149.140.162)
- 8 188.22 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 187.87 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 189.07 ms 64.125.30.193
- 11 234.42 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 235.14 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 238.76 ms 64.125.29.30
- 14 233.92 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 221.18 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 238.25 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 221.34 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 592.02 ms 128.177.133.154
- 19 225.86 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 14:11 EDT
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.22s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- PORT STATE SERVICE VERSION
- 53/tcp open domain (unknown banner: donuts)
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: donuts
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ donuts
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port53-TCP:V=7.70%I=7%D=10/25%Time=5BD20743%P=x86_64-pc-linux-gnu%r(DNS
- SF:VersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version
- SF:\x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\
- SF:x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 19 hops
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | stats.gov.sa - 95.177.208.145
- | ntp.gov.sa - 95.177.213.236
- | gw.gov.sa - 62.149.114.51
- | gw.gov.sa - 78.93.52.195
- | internet.gov.sa - 86.111.195.19
- | internet.gov.sa - 86.111.196.15
- | internet.gov.sa - 86.111.196.16
- | internet.gov.sa - 2001:67c:130:10:0:0:0:15
- | internet.gov.sa - 2001:67c:130:10:0:0:0:16
- | internet.gov.sa - 2001:67c:18c8:11:0:0:0:19
- | intranet.gov.sa - 86.111.195.19
- | intranet.gov.sa - 86.111.196.15
- | intranet.gov.sa - 86.111.196.16
- | intranet.gov.sa - 2001:67c:130:10:0:0:0:15
- | intranet.gov.sa - 2001:67c:130:10:0:0:0:16
- | intranet.gov.sa - 2001:67c:18c8:11:0:0:0:19
- | ipv6.gov.sa - 86.111.195.101
- | ipv6.gov.sa - 2001:67c:18c8:15:0:0:0:105
- |_ mta.gov.sa - 209.99.40.223
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 117.66 ms 10.253.200.1
- 2 117.68 ms 129.109.60.190.host.ifxnetworks.com (190.60.109.129)
- 3 117.70 ms 185.73.60.190.static.host.ifxnetworks.com (190.60.73.185)
- 4 117.69 ms 10.10.53.25
- 5 187.22 ms 10.10.50.129
- 6 185.62 ms ae0-64.cr2-mia1.ip4.gtt.net (173.205.48.169)
- 7 190.67 ms et-0-0-4-0.cr5-mia1.ip4.gtt.net (89.149.140.142)
- 8 185.86 ms ae4.mpr1.mia2.us.zip.zayo.com (64.125.12.197)
- 9 185.89 ms ae3.mpr1.mia1.us.zip.zayo.com (64.125.28.9)
- 10 186.12 ms 64.125.30.193
- 11 236.32 ms ae5.cs1.dca2.us.zip.zayo.com (64.125.30.194)
- 12 237.11 ms ae0.cs2.dca2.us.eth.zayo.com (64.125.29.229)
- 13 240.09 ms 64.125.29.30
- 14 236.25 ms ae3.cs2.ord2.us.eth.zayo.com (64.125.29.213)
- 15 221.64 ms ae27.cr2.ord2.us.zip.zayo.com (64.125.30.245)
- 16 239.18 ms ae17.er2.ord7.us.zip.zayo.com (64.125.31.83)
- 17 222.60 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
- 18 224.85 ms 128.177.133.154
- 19 221.62 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://onaizahedu.gov.sa
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 16
- #######################################################################################################################################
- http://onaizahedu.gov.sa [200 OK] Country[ROMANIA][RO], Google-Analytics[Universal][UA-57522850-1], HTML5, IP[146.66.71.198], JQuery, MetaGenerator[WordPress 4.9.8], PasswordField[pwd], Script[text/javascript], Title[إدارة التعليم بمحافظة عنيزة][Title element contains newline(s)!], UncommonHeaders[x-cache-enabled,link,host-header,x-proxy-cache], WordPress[4.9.8]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://onaizahedu.gov.sa...
- _________________________________________ SITE INFO __________________________________________
- IP Title
- 146.66.71.198 إدارة التعليم بمحافظة عنيزة
- __________________________________________ VERSION ___________________________________________
- Name Versions Type
- WordPress 4.9.8 CMS
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
- 2.4.8 | 2.4.9
- PHP Platform
- ________________________________________ INTERESTING _________________________________________
- URL Note Type
- /readme.html Readme file Interesting
- /robots.txt robots.txt index Interesting
- /login/ Login Page Interesting
- ___________________________________________ TOOLS ____________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ______________________________________________________________________________________________
- Time: 104.2 sec Urls: 490 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Thu, 25 Oct 2018 18:16:04 GMT
- Content-Type: text/html; charset=UTF-8
- X-Cache-Enabled: False
- Link: <http://onaizahedu.gov.sa/wp-json/>; rel="https://api.w.org/"
- Cache-Control: max-age=172800
- Expires: Sat, 27 Oct 2018 18:16:03 GMT
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- Connection: keep-alive
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [25-10-2018 14:16:47]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-onaizahedu.gov.sa.txt ]
- [ INFO ][ DORK ]::[ site:onaizahedu.gov.sa ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.by ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.co.ma ID: 002901626849897788481:cpnctza84gq ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
- [ INFO ] Not a satisfactory result was found!
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [25-10-2018 14:16:58]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-onaizahedu.gov.sa.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-25 14:17 EDT
- Nmap scan report for onaizahedu.gov.sa (146.66.71.198)
- Host is up (0.14s latency).
- rDNS record for 146.66.71.198: ip-146-66-71-198.siteground.com
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 205 guesses in 184 seconds, average tps: 1.0
- |_pop3-capabilities: PIPELINING USER UIDL STLS SASL(PLAIN LOGIN) AUTH-RESP-CODE TOP CAPA RESP-CODES
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 118.97 ms ip-146-66-71-198.siteground.com (146.66.71.198)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://onaizahedu.gov.sa
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 15
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginCompression
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginChromeSha1Deprecation
- PluginHeartbleed
- PluginHSTS
- PluginSessionResumption
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- onaizahedu.gov.sa:443 => 146.66.71.198:443
- SCAN RESULTS FOR ONAIZAHEDU.GOV.SA:443 - 146.66.71.198:443
- ----------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 9f72b9243acb9292640cdcc907ccd1ee0b0cfcaf
- Common Name: onedu.org
- Issuer: Let's Encrypt Authority X3
- Serial Number: 0414FCB01745AF529C9B6566F96EDBD7329D
- Not Before: Sep 4 06:27:38 2018 GMT
- Not After: Dec 3 06:27:38 2018 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['onedu.org', 'www.onedu.org']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match onaizahedu.gov.sa
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['onedu.org', "Let's Encrypt Authority X3"]
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 4.97 S
- ------------------------
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 146.66.71.198
- Testing SSL server onaizahedu.gov.sa on port 443 using SNI name onaizahedu.gov.sa
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Session renegotiation not supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: onedu.org
- Altnames: DNS:onedu.org, DNS:www.onedu.org
- Issuer: Let's Encrypt Authority X3
- Not valid before: Sep 4 06:27:38 2018 GMT
- Not valid after: Dec 3 06:27:38 2018 GMT
- #######################################################################################################################################
- I, [2018-10-25T14:22:52.156025 #27463] INFO -- : Initiating port scan
- I, [2018-10-25T14:23:50.311731 #27463] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-25_14-22-52.xml
- I, [2018-10-25T14:23:50.312950 #27463] INFO -- : Discovered open port: 146.66.71.198:80
- I, [2018-10-25T14:23:51.333730 #27463] INFO -- : Discovered open port: 146.66.71.198:443
- I, [2018-10-25T14:23:53.156806 #27463] INFO -- : Discovered open port: 146.66.71.198:465
- I, [2018-10-25T14:23:54.556197 #27463] INFO -- : Discovered open port: 146.66.71.198:993
- I, [2018-10-25T14:23:56.359669 #27463] INFO -- : <<<Enumerating vulnerable applications>>>
- ---------------------------------------------------------------------------------------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- ---------------------------------------------------------------------------------------------------------------------------------------
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | v0pCr3w | http://146.66.71.198:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- #######################################################################################################################################
- =======================================================================================================================================
- | Domain: http://onaizahedu.gov.sa/
- | IP: 146.66.71.198
- =======================================================================================================================================
- |
- | Directory check:
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/Fares/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adbanner/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adclick/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/admin/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adsense/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adserv/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adserve/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adsrv/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adsales/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/adserver/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/advert/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/bannerad/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/best/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/embed/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/feed/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/files/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/icons/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/login/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/phpads/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/publicidad/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/publicidade/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/rss/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/siteads/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/sub/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/textads/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/thk/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/untitled/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/word/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/wordpress/
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/wp-admin/
- ######################################################################################################################################
- | File check:
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/admentor/adminadmin.asp
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/admin/index.php
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/clickcount.pl?view=test
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/counterbanner
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/counterbanner-ord
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/counterfiglet-ord
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/counter-ord
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/jj
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/cgi-bin/ss
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/favicon.ico
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/index.php
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/license.txt
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/readme.html
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/robots.txt
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/scripts/fpcount.exe
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/search/htx/sqlqhit.asp
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/search/htx/SQLQHit.asp
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/search/sqlqhit.asp
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/search/SQLQHit.asp
- | [+] CODE: 200 URL: http://onaizahedu.gov.sa/_vti_bin/fpcount.exe
- #######################################################################################################################################
- |
- | External hosts:
- | [+] External Host Found: https://itunes.apple.com
- | [+] External Host Found: https://www.elnahar-news.com
- | [+] External Host Found: https://ajel.sa
- | [+] External Host Found: http://qh.gov.sa
- | [+] External Host Found: http://twasul.info
- | [+] External Host Found: http://kg.medu.sa
- | [+] External Host Found: http://i1.ytimg.com
- | [+] External Host Found: http://www.al-jazirah.com
- | [+] External Host Found: https://goo.gl
- | [+] External Host Found: http://www.m3llm.net
- | [+] External Host Found: http://www.kaqa.org.sa
- | [+] External Host Found: https://drive.google.com
- | [+] External Host Found: http://w.sharethis.com
- | [+] External Host Found: https://ien.moe.gov.sa
- | [+] External Host Found: https://www.watani.edu.sa
- | [+] External Host Found: http://gaya-sa.com
- | [+] External Host Found: http://www.aleqt.com
- | [+] External Host Found: https://inma.net.sa
- | [+] External Host Found: http://ksa-watan.com
- | [+] External Host Found: http://school6th.com
- | [+] External Host Found: http://www.n-alhadath.com
- | [+] External Host Found: https://www.gulf365.co
- | [+] External Host Found: http://almnatiq.net
- | [+] External Host Found: http://goo.gl
- | [+] External Host Found: http://www.alecso.org
- | [+] External Host Found: https://eservices.mcs.gov.sa
- | [+] External Host Found: https://www.elwehda.com
- | [+] External Host Found: http://www.daralakhbar.com
- | [+] External Host Found: http://www.ien.sa
- | [+] External Host Found: http://httpd.apache.org
- | [+] External Host Found: http://www.elwehda.com
- | [+] External Host Found: https://docs.google.com
- | [+] External Host Found: https://secure.php.net
- | [+] External Host Found: http://inma-csr.com
- | [+] External Host Found: http://www.okaz.com.sa
- | [+] External Host Found: http://www.ham-24.com
- | [+] External Host Found: https://twitter.com
- | [+] External Host Found: http://swaqqas.com
- | [+] External Host Found: http://www.qiyas.sa
- | [+] External Host Found: http://wat-sa.com
- | [+] External Host Found: https://play.google.com
- | [+] External Host Found: http://www.onaizatoday.com
- | [+] External Host Found: http://www.youtube.com
- | [+] External Host Found: https://youtu.be
- | [+] External Host Found: http://www.alamn.net
- | [+] External Host Found: https://www.elghad.co
- | [+] External Host Found: http://www.makkahnews.net
- | [+] External Host Found: https://sshr.moe.sa
- | [+] External Host Found: http://inma.net.sa
- | [+] External Host Found: http://www.alweeam.com.sa
- | [+] External Host Found: http://adwaalwatan.com
- | [+] External Host Found: http://www.alecsoapps.com
- | [+] External Host Found: http://www.onaizahedu.info
- | [+] External Host Found: https://www.garbnews.net
- | [+] External Host Found: http://sdl.edu.sa
- | [+] External Host Found: https://appsto.re
- | [+] External Host Found: http://www.makkahnewspaper.com
- | [+] External Host Found: http://www.ajel.sa
- | [+] External Host Found: http://www.dicid.org
- | [+] External Host Found: http://ien.sa
- | [+] External Host Found: https://wordpress.org
- | [+] External Host Found: http://www.almmlke.com
- | [+] External Host Found: http://www.sra7h.com
- | [+] External Host Found: http://ien.edu.sa
- | [+] External Host Found: http://www.afaq-n.com.sa
- | [+] External Host Found: http://was.sa
- | [+] External Host Found: http://pda.al-jazirah.com
- | [+] External Host Found: http://qiyas.sa
- | [+] External Host Found: http://www.slaati.com
- | [+] External Host Found: https://cld.bz
- | [+] External Host Found: http://%d8%a5%d8%ac%d8%b1%d8%a7%d8%a1%d8%a7%d8%aa%d9%87
- | [+] External Host Found: http://www.garidaty.net
- | [+] External Host Found: http://www.spa.gov.sa
- | [+] External Host Found: https://garbnews.net
- | [+] External Host Found: http://www.albiladdaily.com
- | [+] External Host Found: https://www.alarab-news.com
- | [+] External Host Found: https://maps.google.com.sa
- | [+] External Host Found: https://www.mysql.com
- | [+] External Host Found: http://almaydan2.net
- | [+] External Host Found: http://www.alyaum.com
- | [+] External Host Found: http://egate.tamayaz.org.sa
- | [+] External Host Found: http://www.almaydan2.net
- | [+] External Host Found: https://tawasul.moe.gov.sa
- | [+] External Host Found: https://codex.wordpress.org
- | [+] External Host Found: http://www.alriyadh.com
- | [+] External Host Found: https://www.watny1.com
- | [+] External Host Found: http://www.almowaten.net
- | [+] External Host Found: http://onedu.org
- | [+] External Host Found: http://www.hssen.com
- | [+] External Host Found: http://ebook.sa
- | [+] External Host Found: http://www.naifprize.org.sa
- | [+] External Host Found: http://ibda.mawhiba.org
- | [+] External Host Found: http://scbnews.com
- | [+] External Host Found: https://noor.moe.sa
- | [+] External Host Found: https://www.arabyoum.com
- | [+] External Host Found: http://alwatan.com.sa
- | [+] External Host Found: https://developer.wordpress.org
- | [+] External Host Found: http://cutt.us
- | [+] External Host Found: http://gaya-sa.org
- | [+] External Host Found: http://www.3alyoum.com
- | [+] External Host Found: https://www.moe.gov.sa
- | [+] External Host Found: http://www.burnews.com
- | [+] External Host Found: http://www.alwatan.com.sa
- | [+] External Host Found: http://khaward.ae
- | [+] External Host Found: http://www.al-jazirahonline.com
- | [+] External Host Found: https://w.soundcloud.com
- | [+] External Host Found: https://planet.wordpress.org
- | [+] External Host Found: https://gaya-sa.org
- | [+] External Host Found: http://onaizah.info
- | [+] External Host Found: http://www.leaders-news.com
- | [+] External Host Found: https://www.alsharq.net.sa
- | [+] External Host Found: http://www.mawhiba.org
- | [+] External Host Found: http://www.qaey.org
- | [+] External Host Found: http://sabq.org
- | [+] External Host Found: https://www.almowaten.net
- | [+] External Host Found: http://newsress.xyz
- | [+] External Host Found: http://www.alhayat.com
- | [+] External Host Found: http://www.newsalwatan.com
- | [+] External Host Found: http://www.newsqassim.com
- | [+] External Host Found: http://www.was.sa
- | [+] External Host Found: https://httpd.apache.org
- | [+] External Host Found: https://noorresults.moe.sa
- | [+] External Host Found: https://www.youtube.com
- | [+] External Host Found: http://www.al-jazirah.com.sa
- | [+] External Host Found: https://www.dropbox.com
- #######################################################################################################################################
- | E-mails:
- | [+] E-mail Found: ftn@onaizahedu.gov.sa
- | [+] E-mail Found: shaqely.mas@gmail.com
- | [+] E-mail Found: shaqely.mr@gmail.com
- | [+] E-mail Found: shaqely@gmail.com
- | [+] E-mail Found: safety@onaizahedu.gov.sa
- | [+] E-mail Found: al@onaizahedu.gov.sa
- | [+] E-mail Found: uesrb@onaizahedu.gov.sa
- | [+] E-mail Found: teacherprize@unesco.org
- | [+] E-mail Found: humbedooh@apache.org
- | [+] E-mail Found: wry@onaizahedu.gov.sa
- | [+] E-mail Found: shaqely.ra@gmail.com
- | [+] E-mail Found: m@tidakada.com
- | [+] E-mail Found: super-dept@moe.gov.sa
- | [+] E-mail Found: xm@onaizahedu.gov.sa
- | [+] E-mail Found: mike@hyperreal.org
- | [+] E-mail Found: book@onaizahedu.gov.sa
- | [+] E-mail Found: s52600@onaizahedu.gov.sa
- | [+] E-mail Found: mkm@onaizahedu.gov.sa
- | [+] E-mail Found: mo@onaizahedu.gov.sa
- | [+] E-mail Found: tk@onaizahedu.gov.sa
- | [+] E-mail Found: shaqely.mw@gmail.com
- | [+] E-mail Found: departmentofer@gmail.com
- | [+] E-mail Found: go@onaizahedu.gov.sa
- | [+] E-mail Found: userg@onaizahedu.gov.sa
- | [+] E-mail Found: userb@onaizahedu.gov.sa
- | [+] E-mail Found: kevinh@kevcom.com
- | [+] E-mail Found: moc@onaizahedu.qov.sa
- #######################################################################################################################################
- Anonymous JTSEC #OpJamalKhashoggi Full Recon #4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement