Anonymous Operation IsraelUSA JTSEC full recon #12

1. #######################################################################################################################################
2. Hostname www.irs.gov ISP Unknown
3. Continent Unknown Flag
4. US
5. Country United States Country Code US
6. Region Unknown Local time 30 Dec 2017 13:40 CST
7. City Unknown Latitude 37.751
8. IP Address (IPv6) 2600:141b:4:399::f50 Longitude -97.822
9. #######################################################################################################################################
10. [i] Scanning Site: https://irs.gov
11.  
12.  
13.  
14. B A S I C I N F O
15. ====================
16.  
17.  
18. [+] Site Title: Internal Revenue Service | An official website of the United States government
19. [+] IP address: 166.123.218.220
20. [+] Web Server: BigIP
21. [+] CMS: Could Not Detect
22. [+] Cloudflare: Not Detected
23. [+] Robots File: Could NOT Find robots.txt!
24.  
25.  
26.  
27.  
28. W H O I S L O O K U P
29. ========================
30.  
31. % DOTGOV WHOIS Server ready
32. Domain Name: IRS.GOV
33. Status: ACTIVE
34.  
35. >>> Last update of whois database: 2017-12-30T19:42:53Z <<<
36. Please be advised that this whois server only contains information pertaining
37. to the .GOV domain. For information for other domains please use the whois
38. server at RS.INTERNIC.NET.
39.  
40.  
41.  
42.  
43. G E O I P L O O K U P
44. =========================
45.  
46. [i] IP Address: 166.123.218.220
47. [i] Country: US
48. [i] State: District of Columbia
49. [i] City: Washington
50. [i] Latitude: 38.897900
51. [i] Longitude: -77.041702
52.  
53.  
54.  
55.  
56. H T T P H E A D E R S
57. =======================
58.  
59.  
60. [i] HTTP/1.0 302 Found
61. [i] Location: https://www.irs.gov/
62. [i] Server: BigIP
63. [i] Connection: close
64. [i] Content-Length: 0
65. [i] HTTP/1.0 200 OK
66. [i] Content-Type: text/html; charset=UTF-8
67. [i] X-Drupal-Dynamic-Cache: UNCACHEABLE
68. [i] Link: <https://www.irs.gov/government-entities/home>; rel="alternate"; hreflang="en"
69. [i] Link: </government-entities/home>; rel="canonical"
70. [i] Link: </node/19911>; rel="shortlink"
71. [i] Link: </government-entities/home>; rel="revision"
72. [i] X-UA-Compatible: IE=edge
73. [i] Content-Language: en
74. [i] X-Content-Type-Options: nosniff
75. [i] X-Frame-Options: SameOrigin
76. [i] Last-Modified: Thu, 28 Dec 2017 16:04:26 GMT
77. [i] ETag: "1514477066"
78. [i] X-Generator: Drupal 8 (https://www.drupal.org)
79. [i] X-Drupal-Cache: MISS
80. [i] X-Request-ID: v-c7156d20-ebe8-11e7-bf68-0e08d7b5118e
81. [i] X-AH-Environment: prod
82. [i] X-Varnish: 362189157 361696731
83. [i] X-Cache-Hits: 5
84. [i] X-Age: 87
85. [i] Cache-Control: public, max-age=86400
86. [i] Expires: Sun, 31 Dec 2017 19:43:07 GMT
87. [i] Date: Sat, 30 Dec 2017 19:43:07 GMT
88. [i] Connection: close
89. [i] Set-Cookie: AKA_A2=1; expires=Sat, 30-Dec-2017 20:43:07 GMT; secure; HttpOnly
90. [i] Link: <https://js-agent.newrelic.com>;rel="preconnect",<https://syndication.twitter.com>;rel="preconnect",<https://platform.twitter.com>;rel="preconnect",<https://static.addtoany.com>;rel="preconnect"
91. [i] Strict-Transport-Security: max-age=31536000
92.  
93.  
94.  
95.  
96. D N S L O O K U P
97. ===================
98.  
99. irs.gov. 7199 IN NS ns1.irs.gov.
100. irs.gov. 7199 IN NS ns2.irs.gov.
101. irs.gov. 7199 IN NS ns3.irs.gov.
102. irs.gov. 7199 IN NS ns4.irs.gov.
103. irs.gov. 7199 IN RRSIG NS 8 2 7200 20180106133642 20171230123642 26514 irs.gov. FcKZ2PhmcHXPTmMPhlywmeEw31+uTnjZwR6uz7RmO1iXse5s+EwqjBCo xQdBfATzvNdAUiTKEDl3nX2gBOY2DKaTODpC+A3AetM19/fWs1mAPu2m 1I7W81uVXJFxt7HcipuWu/rhPChrcGKYAqH9S+WBSM4NO/1hTv6JPwq/ 5PKHd2ITGBHdG9Ad39yG+SrO3+JOVfJtnJJMYZnkLiXNbLUKXyJc5LLD ZGx5u3EBM9h9OGnGH8q1KwKt3wqiZgoXWgf0IUWc2A3UkWXyUT87iFVn rDX7k4o/uDQgeRers303zXzurD+X1tkJszKDQL8SnSioxZ/5kCNEn/Yr XJ9+4w==
104. irs.gov. 599 IN A 166.123.218.220
105. irs.gov. 599 IN RRSIG A 8 2 600 20180106133642 20171230123642 26514 irs.gov. BTSv3dR0Qth3POzPshquc9smHdruD4ZSSN3YtJGc0dnNaMranwd1mdmc a55jHp12IsNTga0UpGQZVwOQv9uKIiaQNiHHIU1j0veBwVMlM4DNaL2K M+qtxRtnh9Gppgg1aYWvIc/h/8vmph5qDl1lV3ciEM2Hb7m9ze1x8j5U ns8EY+/ReBoQ0PcbQ/5y448iDhtKz06YGkczxNNx10EH271C2PtU3ZDB C0VMyQvKRlYeeE/+ACcVH0EvjzG8KC2IKb/64PlNjvuzTOJsEWxbsKrf gA45u8q4bS/CsF5lrRl11/MVFjkKNK95owWYwFYugQBCpqcQzDlaiqpt MWLF8A==
106. irs.gov. 599 IN TXT "v=spf1 ip4:152.216.0.0/20 ip6:2610:30::/32 include:qai.irs.gov -all"
107. irs.gov. 599 IN RRSIG TXT 8 2 600 20180106133642 20171230123642 26514 irs.gov. BF2nH7kNDqjkKHDaCc7XqJZGo9v1aTD7VPBu92yAYmAq8FbGNv9iL1lM Ndoa+Ns/iNraNZzifxSowbTN6bELy4CBWAqwm23CPUvAJiPfPdJLlg6J ZS8BmN450AOY2MnE0LJZ75G6Fg9gVTeFrUvxkmWhvqWk0k8Km4/PNbFy jtcYSB2rRFREeUyM2DxVZ5mBVsCt1Oxm8eTlw1Eelsc7uCcNse/iu4hd yWb7IWjSmGHMD+ZPREqlNFBprLuyRQyinhZ6tRV+fkwV4cEgZS/m8hda xYcjKUR+08zA5/1/f00QdhWSKxMpuWxp3EKkXc6iT/R3C5h9S3PtuEi8 gLokvg==
108. irs.gov. 7199 IN MX 10 emg1.irs.gov.
109. irs.gov. 7199 IN MX 10 emg2.irs.gov.
110. irs.gov. 7199 IN MX 10 emg3.irs.gov.
111. irs.gov. 7199 IN MX 10 emg4.irs.gov.
112. irs.gov. 7199 IN MX 10 emg5.irs.gov.
113. irs.gov. 7199 IN MX 10 emg6.irs.gov.
114. irs.gov. 7199 IN MX 20 emgc.irs.gov.
115. irs.gov. 7199 IN MX 20 emge.irs.gov.
116. irs.gov. 7199 IN MX 20 emgw.irs.gov.
117. irs.gov. 7199 IN RRSIG MX 8 2 7200 20180106133642 20171230123642 26514 irs.gov. HZvdQRqP4GzWqX8wbirVc76bV0+LN+Pqe5tkUTdUR8mwWycWS/LDCjGq JH9S1JGkzKW/c/jn5k4UHOuMeP3c/SfilXTcTb//vnmGwZIR3498jGFB DTPkx93OKA9vcwncYCKDp/YXNSCrWxn1XKh0VILkojCrQX13nC71m1x3 16C7fnMIO3jp81nFTzwG9PC1d/v9XsT1CZkTp7yZGN2PjkKMxb6q/IBV ZsT4tSCODYRhU6gqJkGmZzVkwb8ZhylR1YimVxtKltlpQw7KQbGaCDXl W0kfRnvhNIUh7ITtLPMVL/snoQ9a5fQt5ME3owWM9y79ZLtcjRJv0BKA NYOggQ==
118. irs.gov. 7199 IN DNSKEY 256 3 8 AwEAAXVVom+xnnZ6NSYI33s7jEDQs16SNrbZgKnHNENi0BMx+0+8A8fZ DWECMNLTYSugrqXI0QK2uLk8p/jBofz27Yi5Rz67UJwGLwxtPYCQ7tjU vbI1K2ZJE8OOBkx7xScOUIrZ4o3xJ1ScOvcoIccC9paJFH6umVJZQ8Qp eYZTIeqvIVjgyhMSb2Vd6/0uGVqtsOYX8eCYmMhr8sgf8d/2uFHBJX/r zrLAkpi9JS8tG2pFuRuEeL0QQNzVmwTxyv/FnUyNuWbHUt5tPtPMQFve IgVKvJ9mRT2K0RFPfeV2Gcmu2/8I0rKyfrlRtvbMo/5SL8f62DkyhoiC gGHG56TOkQ0=
119. irs.gov. 7199 IN DNSKEY 256 3 8 AwEAAXiEjlZWaHTQaGLWMJRCYm/vmMyxA4uRVGguvGhXdiatUX8eQhbs u0TzVaHSDSAtxmy3+8ISxzMYvmB3qEMPzvbC2+/gl7zmXHSUEVUJd4BQ YMTZL23OVYjBEP55n08GeVdQWUD0FwMA7W2jlnfr/KC+O50YEPFY8IpW KoBPSnQkMvtvkd1/1ppsR4UubPYate+YP2rpp34V3LvZQqseTHSHtmml sv8Y9ZJsJ4fTwEJQ8rOqYO1Q68Rp6LQmwNL/gJSu53kMkLWTTsOHFkfr LmWDKnox7wSY2O/3CwVUq5AMvOQOSNa4iJ5krOw9lWmQnRHx3hsFpG6p KR4nTTDNt1U=
120. irs.gov. 7199 IN DNSKEY 257 3 8 AwEAAYjPxMjaUb6idR4a3wB0w5r8/OQxTCE+Aui8hV0mXIKtjsyabjd+ dDlCq/EqKQgswHDRi4A6hn8v/TEgnz2RqQrKnatKMVJHdmvlnuH6Mb0N 5p7V2QBF+h5f0gSU9cd3+os+z4pAJcXRqpukC5YZ0xX87sbTe0I/47Vr Q4WD49YSs48Y19fq3biHz7SG6UIKm0rEhSl2Z0KrNiyedTyKKX1LhcFp nNF8eHawfVzuopAQPlECYP6NLvbw8uIebPqncgdtM7O0okNgZEebgcrV zbkdDrejdUGI1mD7q+7LuREhqq+RJ+ysA9L+sm6p249jMvFlqebTjFJu Y++cEU9OvHk=
121. irs.gov. 7199 IN DNSKEY 257 3 8 AwEAAde7qfoZbfKu9gRezjqYRxAR6earnU6TFCcD9ap44Cdw3buxQjSr YjPDLSc8VKT+kdSUxg8Q4AmEjqxqhfE5s7lcjww3oUsglMUvPfh7l3bc jqHGbl3Ef3VzkjDxWoE9wrnkyDFNJInVzdf/D6wbq+MUYAxHUiXt/HZM tUkG0X0JdVll7C2J+7yNvDTR/akZcRawTnsa37ZTbzViA5PNK5YRoKOu rWrC2FaE8EKvNSm6gwE8C1WH22OEV4MZT9b6irA8tO8phpNlXSt/9LFt wZEBXUm3rFCW9/RDfqAr2yu77ieBCZ+GPH1kdTXCXbVNnYHT5N0KxarL fU8j/oAmiCc=
122. irs.gov. 7199 IN RRSIG DNSKEY 8 2 7200 20180106133642 20171230123642 29552 irs.gov. ztFMyRVZTp/k4xvScRLZySVglAaLEw5klY68Kr+uKq76iYzh31w1UgJj NNPtWbXoCcbShJDvu6in17KfXybzY1AEq8EYxrhJ/CDD12y+2nKdp+hs y8Coypei6cDpHCPuMoebwq/vM+frxO0dq/Mfbg0ZFB3LUna18CHiY7yU Zj7WRgm2S2eu6Rb2LjVriEE7PpI/roK8aCygGnNQ4q0GYcJNWGlqf77o alMABVbXY8nAeLlkRwsyxATUZa3UR8tNEass+gMVvREooN9q7nO04qGw mPFXlbdnhwX8FEk0chVhcHKEgqG8TeWruk+J9XfPfd1XLVEhl6A2OaLF d8cHTQ==
123. irs.gov. 7199 IN NSEC3PARAM 1 0 25 AABBCCDD
124. irs.gov. 7199 IN RRSIG NSEC3PARAM 8 2 7200 20180106133642 20171230123642 26514 irs.gov. HuvM0Iragu1G2ccjgrM2SvRXAaSwlVDzY6pqcQhiC6H2IgKbm5xO0YuF HN7sxH6jwX3WXxpCSy9QlgIdCBc2W1CpYsoggjYumaJKtquQOzdq3i7d 2WgMERWlWG+to38GbL/qSqHry/xPHnENm9dv+OrFqQCSrX+UwAeqfvMJ 0JQtfbvUwy7RGQ6PvLl4MPQQ+zmRN6Qn0yR3yxHMsxLuN1RL8CTbeC+7 pbM5EcpwSgMonVSf+2/kITOhn6AKyBHidu7ganvKMIE6y+6/zhj2hQJ5 BBf8e2x0r66uOdy37FaRIdbE4lr+h3NT6YqsWU4mUJT2l4DkNXiTqs0j 8pepIw==
125. irs.gov. 7199 IN SOA ns1.irs.gov. it\.aciouns\.external\.dns\.admin.irs.gov. 2010086683 3600 1800 2419200 900
126. irs.gov. 7199 IN RRSIG SOA 8 2 7200 20180106133642 20171230123642 26514 irs.gov. c0qusVA1tT59rt07zYYrPCdmJHoNwsbNu0eXC9ydH8phr4RFUYNFVbff F1PTSXi6A5tskcfpkK7QTRGmM5fXkNE4hvc4MgN1GjDwhIzv5x7pVA7d /MTtgKBIqQ1YJKKZORuuBN+v0At8NaaTOcjBLd/MddTZSY7uXkyBsXKO +GA5WfwHr5pSaa6FLmGJNuV/fyFdSBgieLkkKGZWBnk6xaTh+b7GGjaD nTR9cdVnOQN5xn3uf47wh9KGjWOFUpo3ASKbS3sqiZeQgfDWnD5scSJn hyDhxB/P+AoZEZ33wZkyiKg0pP/OsDdWHGKDR9rcSfowUEOGHxpdUbYU AETK/g==
127.  
128.  
129.  
130.  
131. S U B N E T C A L C U L A T I O N
132. ====================================
133.  
134. Address = 166.123.218.220
135. Network = 166.123.218.220 / 32
136. Netmask = 255.255.255.255
137. Broadcast = not needed on Point-to-Point links
138. Wildcard Mask = 0.0.0.0
139. Hosts Bits = 0
140. Max. Hosts = 1 (2^0 - 0)
141. Host Range = { 166.123.218.220 - 166.123.218.220 }
142.  
143.  
144.  
145. N M A P P O R T S C A N
146. ============================
147.  
148.  
149. Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-30 19:43 UTC
150. Nmap scan report for irs.gov (166.123.218.220)
151. Host is up (0.020s latency).
152. rDNS record for 166.123.218.220: cfpa.gov
153. PORT STATE SERVICE VERSION
154. 21/tcp filtered ftp
155. 22/tcp filtered ssh
156. 23/tcp filtered telnet
157. 25/tcp filtered smtp
158. 80/tcp open http?
159. 110/tcp filtered pop3
160. 143/tcp filtered imap
161. 443/tcp open ssl/https?
162. 445/tcp filtered microsoft-ds
163. 3389/tcp filtered ms-wbt-server
164.  
165. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
166. Nmap done: 1 IP address (1 host up) scanned in 39.24 seconds
167.  
168.  
169.  
170. S U B - D O M A I N F I N D E R
171. ==================================
172.  
173.  
174. [i] Total Subdomains Found : 62
175.  
176. [+] Subdomain: ns100.irs.gov
177. [-] IP: 152.216.7.166
178.  
179. [+] Subdomain: emg1.irs.gov
180. [-] IP: 152.216.7.170
181.  
182. [+] Subdomain: ns1.irs.gov
183. [-] IP: 152.216.7.164
184.  
185. [+] Subdomain: internet1.irs.gov
186. [-] IP: 152.216.3.3
187.  
188. [+] Subdomain: migext-02.irs.gov
189. [-] IP: 152.216.7.239
190.  
191. [+] Subdomain: tigext-02.irs.gov
192. [-] IP: 152.216.11.223
193.  
194. [+] Subdomain: wigext-02.irs.gov
195. [-] IP: 152.216.15.254
196.  
197. [+] Subdomain: mtb012cesmigext02.irs.gov
198. [-] IP: 152.216.7.53
199.  
200. [+] Subdomain: mem020cestigext02.irs.gov
201. [-] IP: 152.216.11.53
202.  
203. [+] Subdomain: emg2.irs.gov
204. [-] IP: 152.216.11.140
205.  
206. [+] Subdomain: ns2.irs.gov
207. [-] IP: 152.216.7.165
208.  
209. [+] Subdomain: internet2.irs.gov
210. [-] IP: 152.216.3.4
211.  
212. [+] Subdomain: emg3.irs.gov
213. [-] IP: 152.216.7.171
214.  
215. [+] Subdomain: ns3.irs.gov
216. [-] IP: 152.216.11.132
217.  
218. [+] Subdomain: internet3.irs.gov
219. [-] IP: 152.216.3.5
220.  
221. [+] Subdomain: emg4.irs.gov
222. [-] IP: 152.216.11.141
223.  
224. [+] Subdomain: ns4.irs.gov
225. [-] IP: 152.216.11.133
226.  
227. [+] Subdomain: internet4.irs.gov
228. [-] IP: 152.216.7.3
229.  
230. [+] Subdomain: emg5.irs.gov
231. [-] IP: 152.216.7.172
232.  
233. [+] Subdomain: ns5.irs.gov
234. [-] IP: 152.216.13.164
235.  
236. [+] Subdomain: internet5.irs.gov
237. [-] IP: 152.216.7.4
238.  
239. [+] Subdomain: emg6.irs.gov
240. [-] IP: 152.216.11.142
241.  
242. [+] Subdomain: ns6.irs.gov
243. [-] IP: 152.216.13.165
244.  
245. [+] Subdomain: internet6.irs.gov
246. [-] IP: 152.216.7.5
247.  
248. [+] Subdomain: emg7.irs.gov
249. [-] IP: 152.216.13.170
250.  
251. [+] Subdomain: internet7.irs.gov
252. [-] IP: 152.216.11.3
253.  
254. [+] Subdomain: emg8.irs.gov
255. [-] IP: 152.216.13.171
256.  
257. [+] Subdomain: internet8.irs.gov
258. [-] IP: 152.216.11.4
259.  
260. [+] Subdomain: emg9.irs.gov
261. [-] IP: 152.216.13.172
262.  
263. [+] Subdomain: internet9.irs.gov
264. [-] IP: 152.216.11.5
265.  
266. [+] Subdomain: sdta.irs.gov
267. [-] IP: 152.216.7.80
268.  
269. [+] Subdomain: sdtb.irs.gov
270. [-] IP: 152.216.11.80
271.  
272. [+] Subdomain: emgc.irs.gov
273. [-] IP: 152.216.11.167
274.  
275. [+] Subdomain: emge.irs.gov
276. [-] IP: 152.216.7.167
277.  
278. [+] Subdomain: fire.irs.gov
279. [-] IP: 152.216.7.75
280.  
281. [+] Subdomain: excise.irs.gov
282. [-] IP: 152.216.3.65
283.  
284. [+] Subdomain: stateexcise.irs.gov
285. [-] IP: 152.216.3.66
286.  
287. [+] Subdomain: taxpayeradvocate.irs.gov
288. [-] IP: 173.46.141.54
289.  
290. [+] Subdomain: nsste.irs.gov
291. [-] IP: 66.77.65.227
292.  
293. [+] Subdomain: meetingsexternal.irs.gov
294. [-] IP: 152.216.7.46
295.  
296. [+] Subdomain: migdnsfirewall.irs.gov
297. [-] IP: 152.216.7.19
298.  
299. [+] Subdomain: tigdnsfirewall.irs.gov
300. [-] IP: 152.216.11.19
301.  
302. [+] Subdomain: fire.dr.irs.gov
303. [-] IP: 152.216.11.75
304.  
305. [+] Subdomain: careerconnector.irs.gov
306. [-] IP: 209.183.216.81
307.  
308. [+] Subdomain: mail1.rpr.irs.gov
309. [-] IP: 208.95.154.75
310.  
311. [+] Subdomain: gw.rpr.irs.gov
312. [-] IP: 208.95.154.68
313.  
314. [+] Subdomain: uatrpr.irs.gov
315. [-] IP: 172.17.2.62
316.  
317. [+] Subdomain: careerconnector.jobs.irs.gov
318. [-] IP: 209.183.216.61
319.  
320. [+] Subdomain: efiletest1.ems.irs.gov
321. [-] IP: 152.216.11.69
322.  
323. [+] Subdomain: efilea.ems.irs.gov
324. [-] IP: 152.216.7.65
325.  
326. [+] Subdomain: efileb.ems.irs.gov
327. [-] IP: 152.216.11.67
328.  
329. [+] Subdomain: efilec.ems.irs.gov
330. [-] IP: 152.216.11.69
331.  
332. [+] Subdomain: efiled.ems.irs.gov
333. [-] IP: 152.216.7.70
334.  
335. [+] Subdomain: www.retirementplans.irs.gov
336. [-] IP: 67.207.147.177
337.  
338. [+] Subdomain: exstars.irs.gov
339. [-] IP: 152.216.7.84
340.  
341. [+] Subdomain: exfirs.irs.gov
342. [-] IP: 152.216.3.71
343.  
344. [+] Subdomain: procurement.irs.gov
345. [-] IP: 208.197.188.3
346.  
347. [+] Subdomain: fire.test.irs.gov
348. [-] IP: 152.216.7.74
349.  
350. [+] Subdomain: emgw.irs.gov
351. [-] IP: 152.216.13.169
352.  
353. [+] Subdomain: directpay.irs.gov
354. [-] IP: 204.194.122.42
355.  
356. [+] Subdomain: www01.directpay.irs.gov
357. [-] IP: 204.194.124.44
358.  
359. [+] Subdomain: www03.directpay.irs.gov
360. [-] IP: 204.194.122.44
361.  
362. [!] IP Address : 172.229.214.131
363. [!] www.irs.gov doesn't seem to use a CMS
364. [+] Honeypot Probabilty: 0%
365. ----------------------------------------
366. [+] Robots.txt retrieved
367. #
368. # robots.txt
369. #
370. # This file is to prevent the crawling and indexing of certain parts
371. # of your site by web crawlers and spiders run by sites like Yahoo!
372. # and Google. By telling these "robots" where not to go on your site,
373. # you save bandwidth and server resources.
374. #
375. # This file will be ignored unless it is at the root of your host:
376. # Used: http://example.com/robots.txt
377. # Ignored: http://example.com/site/robots.txt
378. #
379. # For more information about the robots.txt standard, see:
380. # http://www.robotstxt.org/robotstxt.html
381.  
382. User-agent: *
383. # CSS, JS, Images
384. Allow: /core/*.css$
385. Allow: /core/*.css?
386. Allow: /core/*.js$
387. Allow: /core/*.js?
388. Allow: /core/*.gif
389. Allow: /core/*.jpg
390. Allow: /core/*.jpeg
391. Allow: /core/*.png
392. Allow: /core/*.svg
393. Allow: /profiles/*.css$
394. Allow: /profiles/*.css?
395. Allow: /profiles/*.js$
396. Allow: /profiles/*.js?
397. Allow: /profiles/*.gif
398. Allow: /profiles/*.jpg
399. Allow: /profiles/*.jpeg
400. Allow: /profiles/*.png
401. Allow: /profiles/*.svg
402. # Directories
403. Disallow: /core/
404. Disallow: /profiles/
405. # Files
406. Disallow: /README.txt
407. Disallow: /web.config
408. # Paths (clean URLs)
409. Disallow: /admin/
410. Disallow: /comment/reply/
411. Disallow: /filter/tips/
412. Disallow: /node/add/
413. Disallow: /search/
414. Disallow: /site-index-search?*
415. Disallow: /tax-pros-index-search?*
416. Disallow: /statistics-index-search?*
417. Disallow: /spanish-index-date-search?*
418. Disallow: /spanish-index-search?*
419. Disallow: /site-index-date-search?*
420. Disallow: /site-index-header-search?*
421. Disallow: /site-index-search?*
422. Disallow: /notices-index-search?*?*
423. Disallow: /newsroom-index-search?*
424. Disallow: /ita-index-search?*
425. Disallow: /forms-pubs-accessible-search?*
426. Disallow: /forms-pubs-prior-search?*
427. Disallow: /forms-pubs-search?*
428. Disallow: /faq-index-search?*
429. Disallow: /user/register/
430. Disallow: /user/password/
431. Disallow: /user/login/
432. Disallow: /user/logout/
433. Disallow: /zh-hans/node/
434. Disallow: /zh-hant/node/
435. Disallow: /es/node/
436. Disallow: /vi/node/
437. Disallow: /ht/node/
438. Disallow: /ru/node/
439. Disallow: /ko/node/
440. # Paths (no clean URLs)
441. Disallow: /index.php/zh-hans/node/
442. Disallow: /index.php/zh-hant/node/
443. Disallow: /index.php/es/node/
444. Disallow: /index.php/vi/node/
445. Disallow: /index.php/ht/node/
446. Disallow: /index.php/ru/node/
447. Disallow: /index.php/ko/node/
448. Disallow: /index.php/admin/
449. Disallow: /index.php/comment/reply/
450. Disallow: /index.php/filter/tips/
451. Disallow: /index.php/node/add/
452. Disallow: /index.php/search/
453. Disallow: /index.php/user/password/
454. Disallow: /index.php/user/register/
455. Disallow: /index.php/user/login/
456. Disallow: /index.php/user/logout/
457. ----------------------------------------
458. PORT STATE SERVICE VERSION
459. 21/tcp filtered ftp
460. 22/tcp filtered ssh
461. 23/tcp filtered telnet
462. 25/tcp filtered smtp
463. 80/tcp open http AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
464. 110/tcp filtered pop3
465. 143/tcp filtered imap
466. 443/tcp open ssl/http AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
467. 445/tcp filtered microsoft-ds
468. 3389/tcp filtered ms-wbt-server
469. ----------------------------------------
470.  
471. [+] DNS Records
472.  
473. [+] Host Records (A)
474. www.irs.govHTTP: (a23-5-135-59.deploy.static.akamaitechnologies.com) (23.5.135.59) AS20940 Akamai International B.V. United States
475.  
476. [+] TXT Records
477.  
478. [+] DNS Map: https://dnsdumpster.com/static/map/www.irs.gov.png
479.  
480. [>] Initiating 3 intel modules
481. [>] Loading Alpha module (1/3)
482. [>] Beta module deployed (2/3)
483. [>] Gamma module initiated (3/3)
484. No emails found
485. No hosts found
486. [+] Virtual hosts:
487. -----------------
488. [>] Crawling the target for fuzzable URLs
489. [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +
490. Server: 192.168.1.254
491. Address: 192.168.1.254#53
492.  
493. Non-authoritative answer:
494. Name: irs.gov
495. Address: 166.123.218.220
496.  
497. irs.gov has address 166.123.218.220
498. irs.gov mail is handled by 10 emg2.irs.gov.
499. irs.gov mail is handled by 10 emg3.irs.gov.
500. irs.gov mail is handled by 10 emg4.irs.gov.
501. irs.gov mail is handled by 10 emg5.irs.gov.
502. irs.gov mail is handled by 10 emg6.irs.gov.
503. irs.gov mail is handled by 20 emgc.irs.gov.
504. irs.gov mail is handled by 20 emge.irs.gov.
505. irs.gov mail is handled by 20 emgw.irs.gov.
506. irs.gov mail is handled by 10 emg1.irs.gov.
507.  + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
508.  
509. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
510.  
511. [+] Target is irs.gov
512. [+] Loading modules.
513. [+] Following modules are loaded:
514. [x] [1] ping:icmp_ping - ICMP echo discovery module
515. [x] [2] ping:tcp_ping - TCP-based ping discovery module
516. [x] [3] ping:udp_ping - UDP-based ping discovery module
517. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
518. [x] [5] infogather:portscan - TCP and UDP PortScanner
519. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
520. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
521. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
522. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
523. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
524. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
525. [x] [12] fingerprint:smb - SMB fingerprinting module
526. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
527. [+] 13 modules registered
528. [+] Initializing scan engine
529. [+] Running scan engine
530. [-] ping:tcp_ping module: no closed/open TCP ports known on 166.123.218.220. Module test failed
531. [-] ping:udp_ping module: no closed/open UDP ports known on 166.123.218.220. Module test failed
532. [-] No distance calculation. 166.123.218.220 appears to be dead or no ports known
533. [+] Host: 166.123.218.220 is down (Guess probability: 0%)
534. [+] Cleaning up scan engine
535. [+] Modules deinitialized
536. [+] Execution completed.
537.  + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
538. % DOTGOV WHOIS Server ready
539. Domain Name: IRS.GOV
540. Status: ACTIVE
541.  
542. >>> Last update of whois database: 2017-12-30T19:42:38Z <<<
543. Please be advised that this whois server only contains information pertaining
544. to the .GOV domain. For information for other domains please use the whois
545. server at RS.INTERNIC.NET.
546.  + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
547.  
548. *******************************************************************
549. * *
550. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
551. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
552. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
553. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
554. * *
555. * TheHarvester Ver. 2.7 *
556. * Coded by Christian Martorella *
557. * Edge-Security Research *
558. * cmartorella@edge-security.com *
559. *******************************************************************
560.  
561.  
562. Full harvest..
563. [-] Searching in Google..
564. Searching 0 results...
565. Searching 100 results...
566. Searching 200 results...
567. [-] Searching in PGP Key server..
568. [-] Searching in Bing..
569. Searching 50 results...
570. Searching 100 results...
571. Searching 150 results...
572. Searching 200 results...
573. [-] Searching in Exalead..
574. Searching 50 results...
575. Searching 100 results...
576. Searching 150 results...
577. Searching 200 results...
578. Searching 250 results...
579.  
580.  
581. [+] Emails found:
582. ------------------
583. Beverly.B.Zorn@irs.gov
584. CSIRC@irs.gov
585. Cobbs@publish.no.irs.gov
586. David.N.Trussell@irs.gov
587. David.T.Lawson@irs.gov
588. FBARquestions@irs.gov
589. John.R.Dunnivan@csirc.irs.gov
590. John.R.Dunnivan@irs.gov
591. Malette@ci.irs.gov
592. Robert.Beringer@csirc.irs.gov
593. Russell.Ferguson@m1.irs.gov
594. afried@nocs.insp.irs.gov
595. beverly.b.zorn@irs.gov
596. bruce_gowans@sddens.is.irs.gov
597. crouchet@adc.swr.irs.gov
598. csirc@csirc.irs.gov
599. csirc@irs.gov
600. ctr.bsc.personnel.1@irs.gov
601. dataloss@irs.gov
602. dave.c.brown@m1.irs.gov
603. dennis.dicarlantonio@irs.gov
604. devon.a.bryan@irs.gov
605. devon.bryan@csirc.irs.gov
606. devon.bryan@irs.gov
607. dtrussell@m1.irs.gov
608. edi.crd.ra@irs.gov
609. eduard@publish.no.irs.gov
610. frank.thompson@publish.no.irs.gov
611. frankie.vazquez-nenadich@irs.gov
612. jconway@publish.no.irs.gov
613. jerry.conway@publish.no.irs.gov
614. jerry.dixon@csirc.irs.gov
615. jerry.w.dixon@irs.gov
616. joseph.burton@ci.irs.gov
617. lwallace@publish.no.irs.gov
618. mark.mcgee@irs.gov
619. mlarsen@m1.irs.gov
620. phishing@irs.gov
621. richard.g.harman@irs.gov
622. rwferg49@m1.irs.gov
623. stimulus.payment@irs.gov
624. tipss@irs.gov
625. tmorizot@adc.is.irs.gov
626. tony.l.donley@irs.gov
627. vberry@publish.no.irs.gov
628. vicki.lowen@m1.irs.gov
629. will.dejong@irs.gov
630.  
631. [+] Hosts found in search engines:
632. ------------------------------------
633. [-] Resolving hostnames IPs...
634. 173.46.141.54:TaxpayerAdvocate.irs.gov
635. 172.229.214.131:Www.irs.gov
636. 172.229.214.131:apps.irs.gov
637. 172.229.214.131:idverify.irs.gov
638. 96.127.96.43:jobs.irs.gov
639. 172.229.216.17:sa.www4.irs.gov
640. 172.229.216.17:sa1.www4.irs.gov
641. 172.229.214.131:services.irs.gov
642. 172.229.214.131:stayexempt.irs.gov
643. 52.84.96.170:taxmap.irs.gov
644. 173.46.141.54:taxpayeradvocate.irs.gov
645. 172.229.214.131:www.irs.gov
646. 52.222.89.129:www.jobs.irs.gov
647. 173.46.141.54:www.taxpayeradvocate.irs.gov
648. [+] Virtual hosts:
649. ==================
650.  
651. ******************************************************
652. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
653. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
654. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
655. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
656. * |___/ *
657. * Metagoofil Ver 2.2 *
658. * Christian Martorella *
659. * Edge-Security.com *
660. * cmartorella_at_edge-security.com *
661. ******************************************************
662.  
663. [-] Starting online search...
664.  
665. [-] Searching for doc files, with a limit of 200
666. Searching 100 results...
667. Searching 200 results...
668. Results: 5 files found
669. Starting to download 50 of them:
670. ----------------------------------------
671.  
672. [1/50] /webhp?hl=en-CA
673. [x] Error downloading /webhp?hl=en-CA
674. [2/50] /intl/en/ads
675. [x] Error downloading /intl/en/ads
676. [3/50] /services
677. [x] Error downloading /services
678. [4/50] /intl/en/policies/privacy/
679. [5/50] /intl/en/policies/terms/
680.  
681. [-] Searching for pdf files, with a limit of 200
682. Searching 100 results...
683. Searching 200 results...
684. Results: 0 files found
685. Starting to download 50 of them:
686. ----------------------------------------
687.  
688.  
689. [-] Searching for xls files, with a limit of 200
690. Searching 100 results...
691. Searching 200 results...
692. Results: 0 files found
693. Starting to download 50 of them:
694. ----------------------------------------
695.  
696.  
697. [-] Searching for csv files, with a limit of 200
698. Searching 100 results...
699. Searching 200 results...
700. Results: 0 files found
701. Starting to download 50 of them:
702. ----------------------------------------
703.  
704.  
705. [-] Searching for txt files, with a limit of 200
706. Searching 100 results...
707. Searching 200 results...
708. Results: 0 files found
709. Starting to download 50 of them:
710. ----------------------------------------
711.  
712. processing
713. user
714. email
715.  
716. [+] List of users found:
717. --------------------------
718.  
719. [+] List of software found:
720. -----------------------------
721.  
722. [+] List of paths and servers found:
723. ---------------------------------------
724.  
725. [+] List of e-mails found:
726. ----------------------------
727.  + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
728.  
729. ; <<>> DiG 9.11.2-5-Debian <<>> -x irs.gov
730. ;; global options: +cmd
731. ;; Got answer:
732. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54674
733. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
734.  
735. ;; OPT PSEUDOSECTION:
736. ; EDNS: version: 0, flags:; udp: 4096
737. ;; QUESTION SECTION:
738. ;gov.irs.in-addr.arpa. IN PTR
739.  
740. ;; AUTHORITY SECTION:
741. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102519 1800 900 604800 3600
742.  
743. ;; Query time: 474 msec
744. ;; SERVER: 192.168.1.254#53(192.168.1.254)
745. ;; WHEN: Sat Dec 30 14:44:15 EST 2017
746. ;; MSG SIZE rcvd: 117
747.  
748. dnsenum VERSION:1.2.4
749. 
750. ----- irs.gov -----
751. 
752.  
753. Host's addresses:
754. __________________
755.  
756. irs.gov. 500 IN A 166.123.218.220
757. 
758.  
759. Name Servers:
760. ______________
761.  
762. ns1.irs.gov. 7200 IN A 152.216.7.164
763. ns4.irs.gov. 7200 IN A 152.216.11.133
764. ns2.irs.gov. 7200 IN A 152.216.7.165
765. ns3.irs.gov. 7200 IN A 152.216.11.132
766. 
767.  
768. Mail (MX) Servers:
769. ___________________
770.  
771. emg3.irs.gov. 7200 IN A 152.216.7.171
772. emg4.irs.gov. 7200 IN A 152.216.11.141
773. emg5.irs.gov. 7200 IN A 152.216.7.172
774. emg6.irs.gov. 7200 IN A 152.216.11.142
775. emgc.irs.gov. 7200 IN A 152.216.11.139
776. emge.irs.gov. 7200 IN A 152.216.7.167
777. emgw.irs.gov. 7200 IN A 152.216.13.169
778. emg1.irs.gov. 7200 IN A 152.216.7.170
779. emg2.irs.gov. 7200 IN A 152.216.11.140
780. 
781.  
782. Trying Zone Transfers and getting Bind Versions:
783. _________________________________________________
784.  
785. 
786. Trying Zone Transfer for irs.gov on ns1.irs.gov ...
787.  
788. Trying Zone Transfer for irs.gov on ns4.irs.gov ...
789.  
790. Trying Zone Transfer for irs.gov on ns2.irs.gov ...
791.  
792. Trying Zone Transfer for irs.gov on ns3.irs.gov ...
793.  
794. brute force file not specified, bay.
795.  + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
796. 
797. ____ _ _ _ _ _____
798. / ___| _ _| |__ | (_)___| |_|___ / _ __
799. \___ \| | | | '_ \| | / __| __| |_ \| '__|
800. ___) | |_| | |_) | | \__ \ |_ ___) | |
801. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
802.  
803. # Coded By Ahmed Aboul-Ela - @aboul3la
804.  
805. [-] Enumerating subdomains now for irs.gov
806. [-] verbosity is enabled, will show the subdomains results in realtime
807. [-] Searching now in Baidu..
808. [-] Searching now in Yahoo..
809. [-] Searching now in Google..
810. [-] Searching now in Bing..
811. [-] Searching now in Ask..
812. [-] Searching now in Netcraft..
813. [-] Searching now in DNSdumpster..
814. [-] Searching now in Virustotal..
815. [-] Searching now in ThreatCrowd..
816. [-] Searching now in SSL Certificates..
817. [-] Searching now in PassiveDNS..
818. SSL Certificates: sdt-a.irs.gov
819. SSL Certificates: sdt-b.irs.gov
820. SSL Certificates: sdt.irs.gov
821. SSL Certificates: find.irs.gov
822. SSL Certificates: elmscontent.web.irs.gov
823. SSL Certificates: apps.perf.irs.gov
824. SSL Certificates: apps.perfstaging.irs.gov
825. SSL Certificates: efile.perf.irs.gov
826. SSL Certificates: efile.perfstaging.irs.gov
827. SSL Certificates: eitc.perf.irs.gov
828. SSL Certificates: eitc.perfstaging.irs.gov
829. SSL Certificates: forms.perf.irs.gov
830. SSL Certificates: forms.perfstaging.irs.gov
831. SSL Certificates: freefile.perf.irs.gov
832. SSL Certificates: freefile.perfstaging.irs.gov
833. SSL Certificates: jobs.perf.irs.gov
834. SSL Certificates: jobs.perfstaging.irs.gov
835. SSL Certificates: marketingexpress.perf.irs.gov
836. SSL Certificates: marketingexpress.perfstaging.irs.gov
837. SSL Certificates: m.jobs.perf.irs.gov
838. SSL Certificates: m.jobs.perfstaging.irs.gov
839. SSL Certificates: perf.irs.gov
840. SSL Certificates: perfstaging.irs.gov
841. SSL Certificates: search.perf.irs.gov
842. SSL Certificates: search.perfstaging.irs.gov
843. SSL Certificates: stayexempt.perf.irs.gov
844. SSL Certificates: stayexempt.perfstaging.irs.gov
845. SSL Certificates: www.eitc.perf.irs.gov
846. SSL Certificates: www.eitc.perfstaging.irs.gov
847. SSL Certificates: www.jobs.perf.irs.gov
848. SSL Certificates: www.jobs.perfstaging.irs.gov
849. SSL Certificates: www.marketingexpress.perf.irs.gov
850. SSL Certificates: www.marketingexpress.perfstaging.irs.gov
851. SSL Certificates: www.m.jobs.perf.irs.gov
852. SSL Certificates: www.m.jobs.perfstaging.irs.gov
853. SSL Certificates: www.perf.irs.gov
854. SSL Certificates: www.perfstaging.irs.gov
855. SSL Certificates: gwone.rpr.irs.gov
856. SSL Certificates: gw.rpr.irs.gov
857. SSL Certificates: dev.edit.eitc.irs.gov
858. SSL Certificates: dev.edit.irs.gov
859. SSL Certificates: dev.edit.marketingexpress.irs.gov
860. SSL Certificates: dev.edit.stayexempt.irs.gov
861. SSL Certificates: eite.edit.eitc.irs.gov
862. SSL Certificates: eite.edit.irs.gov
863. SSL Certificates: eite.edit.marketingexpress.irs.gov
864. SSL Certificates: eite.edit.stayexempt.irs.gov
865. SSL Certificates: pete.edit.eitc.irs.gov
866. SSL Certificates: pete.edit.irs.gov
867. SSL Certificates: pete.edit.marketingexpress.irs.gov
868. SSL Certificates: pete.edit.stayexempt.irs.gov
869. SSL Certificates: prod.edit.eitc.irs.gov
870. SSL Certificates: prod.edit.irs.gov
871. SSL Certificates: prod.edit.marketingexpress.irs.gov
872. SSL Certificates: prod.edit.stayexempt.irs.gov
873. SSL Certificates: sit.edit.eitc.irs.gov
874. SSL Certificates: sit.edit.irs.gov
875. SSL Certificates: sit.edit.marketingexpress.irs.gov
876. SSL Certificates: sit.edit.stayexempt.irs.gov
877. SSL Certificates: trainingc.edit.eitc.irs.gov
878. SSL Certificates: trainingc.edit.irs.gov
879. SSL Certificates: trainingc.edit.marketingexpress.irs.gov
880. SSL Certificates: trainingc.edit.stayexempt.irs.gov
881. SSL Certificates: trainingd.edit.eitc.irs.gov
882. SSL Certificates: trainingd.edit.irs.gov
883. SSL Certificates: trainingd.edit.marketingexpress.irs.gov
884. SSL Certificates: trainingd.edit.stayexempt.irs.gov
885. SSL Certificates: connect.irs.gov
886. SSL Certificates: taxmap.irs.gov
887. SSL Certificates: elmsdev.web.irs.gov
888. SSL Certificates: exstars.irs.gov
889. SSL Certificates: elmssandbox.irs.gov
890. SSL Certificates: apps.irs.gov
891. SSL Certificates: efile.irs.gov
892. SSL Certificates: eitc.irs.gov
893. SSL Certificates: freefile.irs.gov
894. SSL Certificates: idverify.irs.gov
895. SSL Certificates: marketingexpress.irs.gov
896. SSL Certificates: search.irs.gov
897. SSL Certificates: services.irs.gov
898. SSL Certificates: stayexempt.irs.gov
899. SSL Certificates: www.efile.irs.gov
900. SSL Certificates: www.eitc.irs.gov
901. SSL Certificates: www.freefile.irs.gov
902. SSL Certificates: www.idverify.irs.gov
903. SSL Certificates: www.irs.gov
904. SSL Certificates: www.marketingexpress.irs.gov
905. SSL Certificates: www.stayexempt.irs.gov
906. SSL Certificates: fire.test.irs.gov
907. SSL Certificates: fire.irs.gov
908. SSL Certificates: solr.edit.eitc.irs.gov
909. SSL Certificates: solr.edit.irs.gov
910. SSL Certificates: solr.edit.marketingexpress.irs.gov
911. SSL Certificates: solr.edit.stayexempt.irs.gov
912. SSL Certificates: elmsstage.web.irs.gov
913. SSL Certificates: www.directpay.irs.gov
914. SSL Certificates: directpay.irs.gov
915. SSL Certificates: elms.web.irs.gov
916. SSL Certificates: rpr.irs.gov
917. SSL Certificates: meetings-external.irs.gov
918. SSL Certificates: uatrprfi.irs.gov
919. SSL Certificates: rprfi.irs.gov
920. SSL Certificates: rprvr.irs.gov
921. SSL Certificates: uatrprvr.irs.gov
922. SSL Certificates: uatrpr.irs.gov
923. SSL Certificates: lcmstest.web.irs.gov
924. SSL Certificates: lcmsprod.web.irs.gov
925. SSL Certificates: lcmsext.web.irs.gov
926. SSL Certificates: mig-ext-02.irs.gov
927. SSL Certificates: tig-ext-02.irs.gov
928. SSL Certificates: wig-ext-02.irs.gov
929. SSL Certificates: dev.jobs.irs.gov
930. SSL Certificates: jobs.irs.gov
931. SSL Certificates: staging.jobs.irs.gov
932. SSL Certificates: www.jobs.irs.gov
933. SSL Certificates: preview.irs.gov
934. SSL Certificates: bistage.web.irs.gov
935. SSL Certificates: bi.web.irs.gov
936. SSL Certificates: elmstrain.web.irs.gov
937. SSL Certificates: forms.irs.gov
938. SSL Certificates: la1.www4.irs.gov
939. SSL Certificates: la2.www4.irs.gov
940. SSL Certificates: la.www4.irs.gov
941. SSL Certificates: la1.alt.www4.irs.gov
942. SSL Certificates: la2.alt.www4.irs.gov
943. SSL Certificates: la.alt.www4.irs.gov
944. SSL Certificates: la3.www4.irs.gov
945. SSL Certificates: la4.www4.irs.gov
946. SSL Certificates: la.alt-iep.www4.irs.gov
947. SSL Certificates: la-iep.www4.irs.gov
948. SSL Certificates: sa3.www4.irs.gov
949. SSL Certificates: sa4.www4.irs.gov
950. SSL Certificates: sa-iep.www4.irs.gov
951. SSL Certificates: sa1.www4.irs.gov
952. SSL Certificates: sa2.www4.irs.gov
953. SSL Certificates: sa.www4.irs.gov
954. SSL Certificates: smallbiz.irs.gov
955. SSL Certificates: www.smallbiz.irs.gov
956. SSL Certificates: fire.dr.irs.gov
957. SSL Certificates: taxpayeradvocate.irs.gov
958. SSL Certificates: myaccess.hctc.irs.gov
959. SSL Certificates: m.irs.gov
960. SSL Certificates: fire-dr.irs.gov
961. SSL Certificates: STEPRDZFWAL01.hctc.irs.gov
962. SSL Certificates: eauthcred.irs.gov
963. SSL Certificates: EMG1.irs.gov
964. SSL Certificates: EMG2.irs.gov
965. SSL Certificates: EMG3.irs.gov
966. SSL Certificates: EMG4.irs.gov
967. SSL Certificates: EMG5.irs.gov
968. SSL Certificates: EMG6.irs.gov
969. SSL Certificates: EMG7.irs.gov
970. SSL Certificates: EMG8.irs.gov
971. SSL Certificates: EMG9.irs.gov
972. SSL Certificates: EMGC.irs.gov
973. SSL Certificates: EMGE.irs.gov
974. SSL Certificates: EMGW.irs.gov
975. SSL Certificates: state-excise.irs.gov
976. SSL Certificates: egainStage1.connect.irs.gov
977. SSL Certificates: reports.connect.irs.gov
978. SSL Certificates: legacy.jobs.irs.gov
979. SSL Certificates: m.jobs.irs.gov
980. SSL Certificates: www.m.jobs.irs.gov
981. SSL Certificates: meetings-ext-admin.enterprise.irs.gov
982. SSL Certificates: mig-cwms-1a.uc.enterprise.irs.gov
983. SSL Certificates: mig-cwms-2a.uc.enterprise.irs.gov
984. SSL Certificates: www.meetings-external.irs.gov
985. SSL Certificates: gwtwo.rpr.irs.gov
986. SSL Certificates: www.forms.irs.gov
987. Yahoo: www.irs.gov
988. Yahoo: sa.www4.irs.gov
989. Yahoo: apps.irs.gov
990. Yahoo: la1.www4.irs.gov
991. Yahoo: taxmap.irs.gov
992. Yahoo: fire.irs.gov
993. Yahoo: www.stayexempt.irs.gov
994. Yahoo: www.directpay.irs.gov
995. Yahoo: www.eitc.irs.gov
996. Yahoo: www.taxpayeradvocate.irs.gov
997. Yahoo: meetings-external.irs.gov
998. Yahoo: jobs.irs.gov
999. Yahoo: taxpayeradvocate.irs.gov
1000. Yahoo: fire.test.irs.gov
1001. Yahoo: la2.www4.irs.gov
1002. Yahoo: exstars.irs.gov
1003. Yahoo: www.smallbiz.irs.gov
1004. Yahoo: directpay.irs.gov
1005. Yahoo: idverify.irs.gov
1006. Yahoo: find.irs.gov
1007. ThreatCrowd: ns100.irs.gov
1008. ThreatCrowd: emg1.irs.gov
1009. ThreatCrowd: ns1.irs.gov
1010. ThreatCrowd: emg2.irs.gov
1011. ThreatCrowd: ns2.irs.gov
1012. ThreatCrowd: apps2.irs.gov
1013. ThreatCrowd: emg3.irs.gov
1014. ThreatCrowd: ns3.irs.gov
1015. ThreatCrowd: apps3.irs.gov
1016. ThreatCrowd: internet3.irs.gov
1017. ThreatCrowd: emg4.irs.gov
1018. ThreatCrowd: ns4.irs.gov
1019. ThreatCrowd: la1.www4.irs.gov
1020. ThreatCrowd: sa1.www4.irs.gov
1021. ThreatCrowd: la2.www4.irs.gov
1022. ThreatCrowd: sa2.www4.irs.gov
1023. ThreatCrowd: la.www4.irs.gov
1024. ThreatCrowd: sa.www4.irs.gov
1025. ThreatCrowd: sa2extpete.www4.irs.gov
1026. ThreatCrowd: la1.alt.www4.irs.gov
1027. ThreatCrowd: la2.alt.www4.irs.gov
1028. ThreatCrowd: la.alt.www4.irs.gov
1029. ThreatCrowd: emg5.irs.gov
1030. ThreatCrowd: ns5.irs.gov
1031. ThreatCrowd: emg6.irs.gov
1032. ThreatCrowd: ns6.irs.gov
1033. ThreatCrowd: internet6.irs.gov
1034. ThreatCrowd: internet9.irs.gov
1035. ThreatCrowd: www.eitc.irs.gov
1036. ThreatCrowd: eauthcred.irs.gov
1037. ThreatCrowd: find.irs.gov
1038. ThreatCrowd: efile.irs.gov
1039. ThreatCrowd: freefile.irs.gov
1040. ThreatCrowd: www.freefile.irs.gov
1041. ThreatCrowd: fire.irs.gov
1042. ThreatCrowd: excise.irs.gov
1043. ThreatCrowd: state-excise.irs.gov
1044. ThreatCrowd: taxpayeradvocate.irs.gov
1045. ThreatCrowd: www.taxpayeradvocate.irs.gov
1046. ThreatCrowd: policy-update.irs.gov
1047. ThreatCrowd: perf.irs.gov
1048. ThreatCrowd: www.sbrg.irs.gov
1049. ThreatCrowd: search.irs.gov
1050. ThreatCrowd: meetings-external.irs.gov
1051. ThreatCrowd: m.irs.gov
1052. ThreatCrowd: taxmap.irs.gov
1053. ThreatCrowd: ftp.irs.gov
1054. ThreatCrowd: informer.irs.gov
1055. ThreatCrowd: rpr.irs.gov
1056. ThreatCrowd: jobs.irs.gov
1057. ThreatCrowd: careerconnector.jobs.irs.gov
1058. ThreatCrowd: www.jobs.irs.gov
1059. ThreatCrowd: services.irs.gov
1060. ThreatCrowd: forms.irs.gov
1061. ThreatCrowd: apps.irs.gov
1062. ThreatCrowd: exstars.irs.gov
1063. ThreatCrowd: www.marketingexpress.irs.gov
1064. ThreatCrowd: connect.irs.gov
1065. ThreatCrowd: egainstage1.connect.irs.gov
1066. ThreatCrowd: test.connect.irs.gov
1067. ThreatCrowd: sdt.irs.gov
1068. ThreatCrowd: dev.edit.irs.gov
1069. ThreatCrowd: www.stayexempt.irs.gov
1070. ThreatCrowd: fire.test.irs.gov
1071. ThreatCrowd: emgw.irs.gov
1072. ThreatCrowd: www.irs.gov
1073. ThreatCrowd: directpay.irs.gov
1074. ThreatCrowd: www.directpay.irs.gov
1075. ThreatCrowd: idverify.irs.gov
1076. ThreatCrowd: www.idverify.irs.gov
1077. ThreatCrowd: www.smallbiz.irs.gov
1078. Virustotal: dev.taxpayeradvocate.irs.gov
1079. Virustotal: taxmap.irs.gov
1080. Virustotal: egainstage1.connect.irs.gov
1081. Virustotal: sa2extpete.www4.irs.gov
1082. Virustotal: perf.irs.gov
1083. Virustotal: eauthcred.irs.gov
1084. Virustotal: dev.edit.irs.gov
1085. Virustotal: test.connect.irs.gov
1086. Virustotal: sdt.irs.gov
1087. Virustotal: la.alt.www4.irs.gov
1088. Virustotal: connect.irs.gov
1089. Virustotal: exstars.irs.gov
1090. Virustotal: www.smallbiz.irs.gov
1091. Virustotal: careerconnector.jobs.irs.gov
1092. Virustotal: meetings-external.irs.gov
1093. Virustotal: ftp.irs.gov
1094. Virustotal: ns100.irs.gov
1095. Virustotal: services.irs.gov
1096. Virustotal: la1.alt.www4.irs.gov
1097. Virustotal: la2.alt.www4.irs.gov
1098. Virustotal: internet6.irs.gov
1099. Virustotal: state-excise.irs.gov
1100. Virustotal: emg3.irs.gov
1101. Virustotal: emg2.irs.gov
1102. Virustotal: emgw.irs.gov
1103. Virustotal: www.marketingexpress.irs.gov
1104. Virustotal: excise.irs.gov
1105. Virustotal: www.sbrg.irs.gov
1106. Virustotal: emg5.irs.gov
1107. Virustotal: emg4.irs.gov
1108. Virustotal: www.directpay.irs.gov
1109. Virustotal: la.www4.irs.gov
1110. Virustotal: find.irs.gov
1111. Virustotal: emg6.irs.gov
1112. Virustotal: emg1.irs.gov
1113. Virustotal: www.idverify.irs.gov
1114. Virustotal: ns5.irs.gov
1115. Virustotal: ns6.irs.gov
1116. Virustotal: efile.irs.gov
1117. Virustotal: freefile.irs.gov
1118. Virustotal: taxpayeradvocate.irs.gov
1119. Virustotal: www.stayexempt.irs.gov
1120. Virustotal: ns2.irs.gov
1121. Virustotal: ns1.irs.gov
1122. Virustotal: ns4.irs.gov
1123. Virustotal: internet3.irs.gov
1124. Virustotal: internet9.irs.gov
1125. Virustotal: ns3.irs.gov
1126. Virustotal: fire.test.irs.gov
1127. Virustotal: www.freefile.irs.gov
1128. Virustotal: www.taxpayeradvocate.irs.gov
1129. Virustotal: fire.irs.gov
1130. Virustotal: la1.www4.irs.gov
1131. Virustotal: sa2.www4.irs.gov
1132. Virustotal: www.eitc.irs.gov
1133. Virustotal: rpr.irs.gov
1134. Virustotal: idverify.irs.gov
1135. Virustotal: apps2.irs.gov
1136. Virustotal: sa1.www4.irs.gov
1137. Virustotal: forms.irs.gov
1138. Virustotal: apps3.irs.gov
1139. Virustotal: directpay.irs.gov
1140. Virustotal: la2.www4.irs.gov
1141. Virustotal: apps.irs.gov
1142. Virustotal: search.irs.gov
1143. Virustotal: www.irs.gov
1144. Virustotal: jobs.irs.gov
1145. Virustotal: sa.www4.irs.gov
1146. Virustotal: www.jobs.irs.gov
1147. HTTPSConnectionPool(host='dnsdumpster.com', port=443): Read timed out. (read timeout=25)
1148. ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
1149. Bing: apps.irs.gov
1150. Bing: fire.irs.gov
1151. Bing: www.irs.gov
1152. Bing: meetings-external.irs.gov
1153. Bing: la1.www4.irs.gov
1154. Bing: www.stayexempt.irs.gov
1155. Bing: jobs.irs.gov
1156. Bing: la1.alt.www4.irs.gov
1157. Bing: exstars.irs.gov
1158. Bing: www.smallbiz.irs.gov
1159. Bing: fire.test.irs.gov
1160. Bing: services.irs.gov
1161. Bing: www.marketingexpress.irs.gov
1162. Bing: connect.irs.gov
1163. Bing: search.irs.gov
1164. Bing: taxpayeradvocate.irs.gov
1165. Bing: la.alt.www4.irs.gov
1166. Bing: directpay.irs.gov
1167. Bing: sdt.irs.gov:11443
1168. Bing: idverify.irs.gov
1169. Bing: sa.www4.irs.gov
1170. Bing: taxmap.irs.gov
1171. Bing: la2.www4.irs.gov
1172. Bing: www.eitc.irs.gov
1173. Bing: sa3.www4.irs.gov
1174. Bing: la2.alt.www4.irs.gov
1175. Bing: find.irs.gov
1176. Bing: sa2.www4.irs.gov
1177. Bing: la.www4.irs.gov
1178. Google: taxpayeradvocate.irs.gov
1179. Google: www.jobs.irs.gov
1180. Google: www.eitc.irs.gov
1181. Google: www.stayexempt.irs.gov
1182. Google: taxmap.irs.gov
1183. Google: www.smallbiz.irs.gov
1184. Google: www.marketingexpress.irs.gov
1185. Google: rpr.irs.gov
1186. Google: directpay.irs.gov
1187. Google: apps.irs.gov
1188. Google: la.www4.irs.gov
1189. Google: sa.www4.irs.gov
1190. Google: forms.irs.gov
1191. Google: idverify.irs.gov
1192. Google: jobs.irs.gov
1193. Baidu: apps.irs.gov
1194. Baidu: find.irs.gov
1195. Baidu: sa1.www4.irs.gov
1196. Baidu: freefile.irs.gov
1197. Baidu: www.idverify.irs.gov
1198. Baidu: efile.irs.gov
1199. Baidu: la1.www4.irs.gov
1200. Baidu: taxmap.irs.gov
1201. Baidu: rpr.irs.gov
1202. Baidu: stayexempt.irs.gov
1203. Baidu: www.smallbiz.irs.gov
1204. Baidu: sa.www4.irs.gov
1205. Baidu: www.jobs.irs.gov
1206. Baidu: sa2.www4.irs.gov
1207. Baidu: directpay.irs.gov
1208. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-irs.gov.txt
1209. [-] Total Unique Subdomains Found: 200
1210. www.irs.gov
1211. EMG1.irs.gov
1212. EMG2.irs.gov
1213. EMG3.irs.gov
1214. EMG4.irs.gov
1215. EMG5.irs.gov
1216. EMG6.irs.gov
1217. EMG7.irs.gov
1218. EMG8.irs.gov
1219. EMG9.irs.gov
1220. EMGC.irs.gov
1221. EMGE.irs.gov
1222. EMGW.irs.gov
1223. apps.irs.gov
1224. apps2.irs.gov
1225. apps3.irs.gov
1226. connect.irs.gov
1227. egainStage1.connect.irs.gov
1228. egainstage1.connect.irs.gov
1229. reports.connect.irs.gov
1230. test.connect.irs.gov
1231. directpay.irs.gov
1232. www.directpay.irs.gov
1233. fire.dr.irs.gov
1234. eauthcred.irs.gov
1235. dev.edit.irs.gov
1236. eite.edit.irs.gov
1237. pete.edit.irs.gov
1238. prod.edit.irs.gov
1239. sit.edit.irs.gov
1240. solr.edit.irs.gov
1241. trainingc.edit.irs.gov
1242. trainingd.edit.irs.gov
1243. efile.irs.gov
1244. www.efile.irs.gov
1245. eitc.irs.gov
1246. www.eitc.irs.gov
1247. dev.edit.eitc.irs.gov
1248. eite.edit.eitc.irs.gov
1249. pete.edit.eitc.irs.gov
1250. prod.edit.eitc.irs.gov
1251. sit.edit.eitc.irs.gov
1252. solr.edit.eitc.irs.gov
1253. trainingc.edit.eitc.irs.gov
1254. trainingd.edit.eitc.irs.gov
1255. elmssandbox.irs.gov
1256. emg1.irs.gov
1257. emg2.irs.gov
1258. emg3.irs.gov
1259. emg4.irs.gov
1260. emg5.irs.gov
1261. emg6.irs.gov
1262. emgw.irs.gov
1263. meetings-ext-admin.enterprise.irs.gov
1264. mig-cwms-1a.uc.enterprise.irs.gov
1265. mig-cwms-2a.uc.enterprise.irs.gov
1266. excise.irs.gov
1267. exstars.irs.gov
1268. find.irs.gov
1269. fire.irs.gov
1270. fire-dr.irs.gov
1271. forms.irs.gov
1272. www.forms.irs.gov
1273. freefile.irs.gov
1274. www.freefile.irs.gov
1275. ftp.irs.gov
1276. STEPRDZFWAL01.hctc.irs.gov
1277. myaccess.hctc.irs.gov
1278. idverify.irs.gov
1279. www.idverify.irs.gov
1280. informer.irs.gov
1281. internet3.irs.gov
1282. internet6.irs.gov
1283. internet9.irs.gov
1284. jobs.irs.gov
1285. www.jobs.irs.gov
1286. careerconnector.jobs.irs.gov
1287. dev.jobs.irs.gov
1288. legacy.jobs.irs.gov
1289. m.jobs.irs.gov
1290. www.m.jobs.irs.gov
1291. staging.jobs.irs.gov
1292. m.irs.gov
1293. marketingexpress.irs.gov
1294. www.marketingexpress.irs.gov
1295. dev.edit.marketingexpress.irs.gov
1296. eite.edit.marketingexpress.irs.gov
1297. pete.edit.marketingexpress.irs.gov
1298. prod.edit.marketingexpress.irs.gov
1299. sit.edit.marketingexpress.irs.gov
1300. solr.edit.marketingexpress.irs.gov
1301. trainingc.edit.marketingexpress.irs.gov
1302. trainingd.edit.marketingexpress.irs.gov
1303. meetings-external.irs.gov
1304. www.meetings-external.irs.gov
1305. mig-ext-02.irs.gov
1306. ns1.irs.gov
1307. ns100.irs.gov
1308. ns2.irs.gov
1309. ns3.irs.gov
1310. ns4.irs.gov
1311. ns5.irs.gov
1312. ns6.irs.gov
1313. perf.irs.gov
1314. www.perf.irs.gov
1315. apps.perf.irs.gov
1316. efile.perf.irs.gov
1317. eitc.perf.irs.gov
1318. www.eitc.perf.irs.gov
1319. forms.perf.irs.gov
1320. freefile.perf.irs.gov
1321. jobs.perf.irs.gov
1322. www.jobs.perf.irs.gov
1323. m.jobs.perf.irs.gov
1324. www.m.jobs.perf.irs.gov
1325. marketingexpress.perf.irs.gov
1326. www.marketingexpress.perf.irs.gov
1327. search.perf.irs.gov
1328. stayexempt.perf.irs.gov
1329. perfstaging.irs.gov
1330. www.perfstaging.irs.gov
1331. apps.perfstaging.irs.gov
1332. efile.perfstaging.irs.gov
1333. eitc.perfstaging.irs.gov
1334. www.eitc.perfstaging.irs.gov
1335. forms.perfstaging.irs.gov
1336. freefile.perfstaging.irs.gov
1337. jobs.perfstaging.irs.gov
1338. www.jobs.perfstaging.irs.gov
1339. m.jobs.perfstaging.irs.gov
1340. www.m.jobs.perfstaging.irs.gov
1341. marketingexpress.perfstaging.irs.gov
1342. www.marketingexpress.perfstaging.irs.gov
1343. search.perfstaging.irs.gov
1344. stayexempt.perfstaging.irs.gov
1345. policy-update.irs.gov
1346. preview.irs.gov
1347. rpr.irs.gov
1348. gw.rpr.irs.gov
1349. gwone.rpr.irs.gov
1350. gwtwo.rpr.irs.gov
1351. rprfi.irs.gov
1352. rprvr.irs.gov
1353. www.sbrg.irs.gov
1354. sdt.irs.gov
1355. sdt-a.irs.gov
1356. sdt-b.irs.gov
1357. search.irs.gov
1358. services.irs.gov
1359. smallbiz.irs.gov
1360. www.smallbiz.irs.gov
1361. state-excise.irs.gov
1362. stayexempt.irs.gov
1363. www.stayexempt.irs.gov
1364. dev.edit.stayexempt.irs.gov
1365. eite.edit.stayexempt.irs.gov
1366. pete.edit.stayexempt.irs.gov
1367. prod.edit.stayexempt.irs.gov
1368. sit.edit.stayexempt.irs.gov
1369. solr.edit.stayexempt.irs.gov
1370. trainingc.edit.stayexempt.irs.gov
1371. trainingd.edit.stayexempt.irs.gov
1372. taxmap.irs.gov
1373. taxpayeradvocate.irs.gov
1374. www.taxpayeradvocate.irs.gov
1375. dev.taxpayeradvocate.irs.gov
1376. fire.test.irs.gov
1377. tig-ext-02.irs.gov
1378. uatrpr.irs.gov
1379. uatrprfi.irs.gov
1380. uatrprvr.irs.gov
1381. bi.web.irs.gov
1382. bistage.web.irs.gov
1383. elms.web.irs.gov
1384. elmscontent.web.irs.gov
1385. elmsdev.web.irs.gov
1386. elmsstage.web.irs.gov
1387. elmstrain.web.irs.gov
1388. lcmsext.web.irs.gov
1389. lcmsprod.web.irs.gov
1390. lcmstest.web.irs.gov
1391. wig-ext-02.irs.gov
1392. la.alt.www4.irs.gov
1393. la1.alt.www4.irs.gov
1394. la2.alt.www4.irs.gov
1395. la.alt-iep.www4.irs.gov
1396. la.www4.irs.gov
1397. la-iep.www4.irs.gov
1398. la1.www4.irs.gov
1399. la2.www4.irs.gov
1400. la3.www4.irs.gov
1401. la4.www4.irs.gov
1402. sa.www4.irs.gov
1403. sa-iep.www4.irs.gov
1404. sa1.www4.irs.gov
1405. sa2.www4.irs.gov
1406. sa2extpete.www4.irs.gov
1407. sa3.www4.irs.gov
1408. sa4.www4.irs.gov
1409. sdt.irs.gov:11443
1410.  
1411.  ╔═╗╦═╗╔╦╗╔═╗╦ ╦
1412.  ║ ╠╦╝ ║ ╚═╗╠═╣
1413.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
1414.  + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
1415. 
1416. apps.irs.gov
1417. apps.perf.irs.gov
1418. apps.perfstaging.irs.gov
1419. bistage.web.irs.gov
1420. bi.web.irs.gov
1421. connect.irs.gov
1422. dev.edit.eitc.irs.gov
1423. dev.edit.irs.gov
1424. dev.edit.marketingexpress.irs.gov
1425. dev.edit.stayexempt.irs.gov
1426. dev.jobs.irs.gov
1427. directpay.irs.gov
1428. eauthcred.irs.gov
1429. efile.irs.gov
1430. efile.perf.irs.gov
1431. efile.perfstaging.irs.gov
1432. egainStage1.connect.irs.gov
1433. eitc.irs.gov
1434. eitc.perf.irs.gov
1435. eitc.perfstaging.irs.gov
1436. eite.edit.eitc.irs.gov
1437. eite.edit.irs.gov
1438. eite.edit.marketingexpress.irs.gov
1439. eite.edit.stayexempt.irs.gov
1440. elmscontent.web.irs.gov
1441. elmsdev.web.irs.gov
1442. elmssandbox.irs.gov
1443. elmsstage.web.irs.gov
1444. elmstrain.web.irs.gov
1445. elms.web.irs.gov
1446. EMG1.irs.gov
1447. EMG2.irs.gov
1448. EMG3.irs.gov
1449. EMG4.irs.gov
1450. EMG5.irs.gov
1451. EMG6.irs.gov
1452. EMG7.irs.gov
1453. EMG8.irs.gov
1454. EMG9.irs.gov
1455. EMGC.irs.gov
1456. EMGE.irs.gov
1457. EMGW.irs.gov
1458. exstars.irs.gov
1459. find.irs.gov
1460. fire-dr.irs.gov
1461. fire.dr.irs.gov
1462. fire.irs.gov
1463. fire.test.irs.gov
1464. forms.irs.gov
1465. forms.perf.irs.gov
1466. forms.perfstaging.irs.gov
1467. freefile.irs.gov
1468. freefile.perf.irs.gov
1469. freefile.perfstaging.irs.gov
1470. gwone.rpr.irs.gov
1471. gw.rpr.irs.gov
1472. gwtwo.rpr.irs.gov
1473. idverify.irs.gov
1474. jobs.irs.gov
1475. jobs.perf.irs.gov
1476. jobs.perfstaging.irs.gov
1477. la1.alt.www4.irs.gov
1478. la1.www4.irs.gov
1479. la2.alt.www4.irs.gov
1480. la2.www4.irs.gov
1481. la3.www4.irs.gov
1482. la4.www4.irs.gov
1483. la.alt-iep.www4.irs.gov
1484. la.alt.www4.irs.gov
1485. la-iep.www4.irs.gov
1486. la.www4.irs.gov
1487. lcmsext.web.irs.gov
1488. lcmsprod.web.irs.gov
1489. lcmstest.web.irs.gov
1490. legacy.jobs.irs.gov
1491. marketingexpress.irs.gov
1492. marketingexpress.perf.irs.gov
1493. marketingexpress.perfstaging.irs.gov
1494. meetings-ext-admin.enterprise.irs.gov
1495. meetings-external.irs.gov
1496. mig-cwms-1a.uc.enterprise.irs.gov
1497. mig-cwms-2a.uc.enterprise.irs.gov
1498. mig-ext-02.irs.gov
1499. m.irs.gov
1500. m.jobs.irs.gov
1501. m.jobs.perf.irs.gov
1502. m.jobs.perfstaging.irs.gov
1503. myaccess.hctc.irs.gov
1504. perf.irs.gov
1505. perfstaging.irs.gov
1506. pete.edit.eitc.irs.gov
1507. pete.edit.irs.gov
1508. pete.edit.marketingexpress.irs.gov
1509. pete.edit.stayexempt.irs.gov
1510. preview.irs.gov
1511. prod.edit.eitc.irs.gov
1512. prod.edit.irs.gov
1513. prod.edit.marketingexpress.irs.gov
1514. prod.edit.stayexempt.irs.gov
1515. reports.connect.irs.gov
1516. rprfi.irs.gov
1517. *.rpr.irs.gov
1518. rpr.irs.gov
1519. rprvr.irs.gov
1520. sa1.www4.irs.gov
1521. sa2.www4.irs.gov
1522. sa3.www4.irs.gov
1523. sa4.www4.irs.gov
1524. sa-iep.www4.irs.gov
1525. sa.www4.irs.gov
1526. sdt-a.irs.gov
1527. sdt-b.irs.gov
1528. sdt.irs.gov
1529. search.irs.gov
1530. search.perf.irs.gov
1531. search.perfstaging.irs.gov
1532. services.irs.gov
1533. sit.edit.eitc.irs.gov
1534. sit.edit.irs.gov
1535. sit.edit.marketingexpress.irs.gov
1536. sit.edit.stayexempt.irs.gov
1537. smallbiz.irs.gov
1538. solr.edit.eitc.irs.gov
1539. solr.edit.irs.gov
1540. solr.edit.marketingexpress.irs.gov
1541. solr.edit.stayexempt.irs.gov
1542. staging.jobs.irs.gov
1543. state-excise.irs.gov
1544. stayexempt.irs.gov
1545. stayexempt.perf.irs.gov
1546. stayexempt.perfstaging.irs.gov
1547. STEPRDZFWAL01.hctc.irs.gov
1548. taxmap.irs.gov
1549. taxpayeradvocate.irs.gov
1550. tig-ext-02.irs.gov
1551. trainingc.edit.eitc.irs.gov
1552. trainingc.edit.irs.gov
1553. trainingc.edit.marketingexpress.irs.gov
1554. trainingc.edit.stayexempt.irs.gov
1555. trainingd.edit.eitc.irs.gov
1556. trainingd.edit.irs.gov
1557. trainingd.edit.marketingexpress.irs.gov
1558. trainingd.edit.stayexempt.irs.gov
1559. uatrprfi.irs.gov
1560. uatrpr.irs.gov
1561. uatrprvr.irs.gov
1562. wig-ext-02.irs.gov
1563. www.directpay.irs.gov
1564. www.efile.irs.gov
1565. www.eitc.irs.gov
1566. www.eitc.perf.irs.gov
1567. www.eitc.perfstaging.irs.gov
1568. www.forms.irs.gov
1569. www.freefile.irs.gov
1570. www.idverify.irs.gov
1571. www.irs.gov
1572. www.jobs.irs.gov
1573. www.jobs.perf.irs.gov
1574. www.jobs.perfstaging.irs.gov
1575. www.marketingexpress.irs.gov
1576. www.marketingexpress.perf.irs.gov
1577. www.marketingexpress.perfstaging.irs.gov
1578. www.meetings-external.irs.gov
1579. www.m.jobs.irs.gov
1580. www.m.jobs.perf.irs.gov
1581. www.m.jobs.perfstaging.irs.gov
1582. www.perf.irs.gov
1583. www.perfstaging.irs.gov
1584. www.smallbiz.irs.gov
1585. www.stayexempt.irs.gov
1586.  [+] Domains saved to: /usr/share/sniper/loot/domains/domains-irs.gov-full.txt
1587. 
1588.  + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
1589. jobs.irs.gov. 300 IN CNAME dualstack.icwmain-st-relbweb-1oalnmgizwgt9-1764011829.us-gov-west-1.elb.amazonaws.com.
1590. www.jobs.irs.gov. 600 IN CNAME dualstack.icwmain-st-relbweb-1oalnmgizwgt9-1764011829.us-gov-west-1.elb.amazonaws.com.
1591. preview.irs.gov. 7200 IN CNAME dualstack.mc-27081-1393943438.us-east-1.elb.amazonaws.com.
1592. taxmap.irs.gov. 600 IN CNAME d1f7o9a3m882iv.cloudfront.net.
1593.  + -- ----------------------------=[Checking Email Security]=----------------- -- +
1594.  
1595.  + -- ----------------------------=[Pinging host]=---------------------------- -- +
1596. PING irs.gov (166.123.218.220) 56(84) bytes of data.
1597.  
1598. --- irs.gov ping statistics ---
1599. 1 packets transmitted, 0 received, 100% packet loss, time 0ms
1600.  
1601.  
1602.  + -- ----------------------------=[Running TCP port scan]=------------------- -- +
1603.  
1604. Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-30 14:48 EST
1605. Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 0 undergoing Host Discovery
1606. Parallel DNS resolution of 1 host. Timing: About 0.00% done
1607. Nmap scan report for irs.gov (166.123.218.220)
1608. Host is up (0.20s latency).
1609. rDNS record for 166.123.218.220: testdev.workplace.gov
1610. Not shown: 471 filtered ports
1611. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1612. PORT STATE SERVICE
1613. 80/tcp open http
1614. 443/tcp open https
1615.  
1616. Nmap done: 1 IP address (1 host up) scanned in 137.93 seconds
1617.  
1618.  + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
1619.  + -- --=[Port 21 closed... skipping.
1620.  + -- --=[Port 22 closed... skipping.
1621.  + -- --=[Port 23 closed... skipping.
1622.  + -- --=[Port 25 closed... skipping.
1623.  + -- --=[Port 53 closed... skipping.
1624.  + -- --=[Port 79 closed... skipping.
1625.  + -- --=[Port 80 opened... running tests...
1626.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
1627.  
1628. ^ ^
1629. _ __ _ ____ _ __ _ _ ____
1630. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1631. | V V // o // _/ | V V // 0 // 0 // _/
1632. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1633. <
1634. ...'
1635.  
1636. WAFW00F - Web Application Firewall Detection Tool
1637.  
1638. By Sandro Gauci && Wendel G. Henrique
1639.  
1640. Checking http://irs.gov
1641. The site http://irs.gov is behind a F5 BIG-IP APM
1642. Number of requests: 6
1643.  
1644.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
1645. http://irs.gov [302 Found] Country[UNITED STATES][US], HTTPServer[BigIP], IP[166.123.218.220], RedirectLocation[http://www.irs.gov/]
1646. http://www.irs.gov/ [301 Moved Permanently] Country[UNITED STATES][US], IP[23.222.116.217], RedirectLocation[https://www.irs.gov/]
1647. https://www.irs.gov/ [200 OK] Content-Language[en], Cookies[AKA_A2], Country[UNITED STATES][US], Drupal, Frame, HTML5, HttpOnly[AKA_A2], IP[23.222.116.217], JQuery, MetaGenerator[Drupal 8 (https://www.drupal.org)], Script[application/json,text/javascript], Strict-Transport-Security[max-age=31536000], Title[Internal Revenue Service | An official website of the United States government], UncommonHeaders[x-drupal-dynamic-cache,link,x-content-type-options,x-generator,x-drupal-cache,x-request-id,x-ah-environment,x-varnish,x-cache-hits,x-age], Varnish, X-Frame-Options[SameOrigin], X-UA-Compatible[IE=edge], YouTube
1648.  
1649.  __ ______ _____ 
1650.  \ \/ / ___|_ _|
1651.  \ /\___ \ | | 
1652.  / \ ___) || | 
1653.  /_/\_|____/ |_| 
1654.  
1655. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1656. + -- --=[Target: irs.gov:80
1657. + -- --=[Site not vulnerable to Cross-Site Tracing!
1658.  
1659.  + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
1660. + -- --=[Checking if X-Content options are enabled on irs.gov... 
1661.  
1662. + -- --=[Checking if X-Frame options are enabled on irs.gov... 
1663.  
1664. + -- --=[Checking if X-XSS-Protection header is enabled on irs.gov... 
1665.  
1666. + -- --=[Checking HTTP methods on irs.gov... 
1667.  
1668. + -- --=[Checking if TRACE method is enabled on irs.gov... 
1669.  
1670. + -- --=[Checking for META tags on irs.gov... 
1671.  
1672. + -- --=[Checking for open proxy on irs.gov... 
1673.  
1674. + -- --=[Enumerating software on irs.gov... 
1675. Server: BigIP
1676.  
1677. + -- --=[Checking if Strict-Transport-Security is enabled on irs.gov... 
1678.  
1679. + -- --=[Checking for Flash cross-domain policy on irs.gov... 
1680.  
1681. + -- --=[Checking for Silverlight cross-domain policy on irs.gov... 
1682.  
1683. + -- --=[Checking for HTML5 cross-origin resource sharing on irs.gov... 
1684.  
1685. + -- --=[Retrieving robots.txt on irs.gov... 
1686.  
1687. + -- --=[Retrieving sitemap.xml on irs.gov... 
1688.  
1689. + -- --=[Checking cookie attributes on irs.gov... 
1690.  
1691. + -- --=[Checking for ASP.NET Detailed Errors on irs.gov... 
1692. <i class="fa fa-4x fa-exclamation-triangle pup-error-message__icon" aria-hidden="true"></i>
1693. <h1 class="pup-error-message__title">Page Not Found.</h1>
1694. <h2 class="pup-error-message__subtitle">Error 404.</h2>
1695. <p class="pup-error-message__body">Sorry, this page isn't available.</p>
1696. <p class="pup-error-message__body_strong pup-error-message__big_top">Please check the web address or try searching by the keyword below.</p>
1697. <div class="pup-error-message__page_search">
1698. <p class="pup-error-message__body_strong pup-error-message__small_top">Popular searches:</p>
1699. <ul class="pup-error-message__links">
1700. <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","scriptPath":null,"pathPrefix":"","currentPath":"","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","dataLayer":{"defaultLang":"en","languages":{"en":{"id":"en","name":"English","direction":"ltr","weight":-10},"es":{"id":"es","name":"Spanish","direction":"ltr","weight":-9},"zh-hans":{"id":"zh-hans","name":"Chinese, Simplified","direction":"ltr","weight":-8},"zh-hant":{"id":"zh-hant","name":"Chinese, Traditional","direction":"ltr","weight":-7},"ko":{"id":"ko","name":"Korean","direction":"ltr","weight":-6},"ru":{"id":"ru","name":"Russian","direction":"ltr","weight":-5},"vi":{"id":"vi","name":"Vietnamese","direction":"ltr","weight":-4},"ht":{"id":"ht","name":"Haitian Creole","direction":"ltr","weight":-3}}},"bootstrap":{"forms_has_error_value_toggle":1,"modal_animation":1,"modal_backdrop":"true","modal_keyboard":1,"modal_show":1,"modal_size":"","popover_enabled":1,"popover_animation":1,"popover_container":"body","popover_content":"","popover_delay":"0","popover_html":0,"popover_placement":"right","popover_selector":"","popover_title":"","popover_trigger":"click","popover_trigger_autoclose":1,"tooltip_enabled":1,"tooltip_animation":1,"tooltip_container":"body","tooltip_delay":"0","tooltip_html":0,"tooltip_placement":"auto left","tooltip_selector":"","tooltip_trigger":"hover"},"ajaxTrustedUrl":{"\/site-index-search":true},"chosen":{"selector":"select:visible","minimum_single":20,"minimum_multiple":20,"minimum_width":200,"options":{"disable_search":false,"disable_search_threshold":0,"allow_single_deselect":false,"search_contains":true,"placeholder_text_multiple":"Choose some option","placeholder_text_single":"Choose an option","no_results_text":"No results match","inherit_select_classes":true}},"ajax":[],"user":{"uid":0,"permissionsHash":"a033deaf7b6c2e188117eb27f6d2d96df50dd2ce5a44156c89f5e8da73930e1d"}}</script>
1701. <script type="text/javascript">window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","licenseKey":"b67fc6a152","applicationID":"70700070","transactionName":"blMHY0AHDUcDUEZQWFcZJFRGDwxaTVBaVkRcWDpHQAM8RgddVlxFZkUAW1cFFw==","queueTime":0,"applicationTime":910,"atts":"QhQEFQgdHkk=","errorBeacon":"bam.nr-data.net","agent":""}</script></body>
1702.  
1703. 
1704.  + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
1705. - Nikto v2.1.6
1706. ---------------------------------------------------------------------------
1707. + Target IP: 166.123.218.220
1708. + Target Hostname: irs.gov
1709. + Target Port: 80
1710. + Start Time: 2017-12-30 15:00:56 (GMT-5)
1711. ---------------------------------------------------------------------------
1712. + Server: BigIP
1713. + The anti-clickjacking X-Frame-Options header is not present.
1714. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1715. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1716. + Root page / redirects to: http://www.irs.gov/
1717. + No CGI Directories found (use '-C all' to force check all possible dirs)
1718. + Scan terminated: 20 error(s) and 3 item(s) reported on remote host
1719. + End Time: 2017-12-30 15:02:11 (GMT-5) (75 seconds)
1720. ---------------------------------------------------------------------------
1721. + 1 host(s) tested
1722.  + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
1723. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/irs.gov-port80.jpg
1724.  + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
1725.  + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
1726.  
1727.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
1728.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
1729.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
1730.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
1731.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
1732.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
1733.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
1734.  
1735. __[ ! ] Neither war between hackers, nor peace for the system.
1736. __[ ! ] http://blog.inurl.com.br
1737. __[ ! ] http://fb.com/InurlBrasil
1738. __[ ! ] http://twitter.com/@googleinurl
1739. __[ ! ] http://github.com/googleinurl
1740. __[ ! ] Current PHP version::[ 7.0.26-1 ]
1741. __[ ! ] Current script owner::[ root ]
1742. __[ ! ] Current uname::[ Linux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 ]
1743. __[ ! ] Current pwd::[ /usr/share/sniper ]
1744. __[ ! ] Help: php inurlbr.php --help
1745. ------------------------------------------------------------------------------------------------------------------------
1746.  
1747. [ ! ] Starting SCANNER INURLBR 2.1 at [30-12-2017 15:02:52]
1748. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1749. It is the end user's responsibility to obey all applicable local, state and federal laws.
1750. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1751.  
1752. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-irs.gov.txt ]
1753. [ INFO ][ DORK ]::[ site:irs.gov ]
1754. [ INFO ][ SEARCHING ]:: {
1755. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.vu ]
1756.  
1757. [ INFO ][ SEARCHING ]:: 
1758. -[:::]
1759. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1760.  
1761. [ INFO ][ SEARCHING ]:: 
1762. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1763. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.co.jp ID: 003917828085772992913:gmoeray5sa8 ]
1764.  
1765. [ INFO ][ SEARCHING ]:: 
1766. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1767.  
1768. [ INFO ][ TOTAL FOUND VALUES ]:: [ 99 ]
1769.  
1770. 
1771.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1772. |_[ + ] [ 0 / 99 ]-[15:03:02] [ - ] 
1773. |_[ + ] Target:: [ https://www.irs.gov/ ]
1774. |_[ + ] Exploit:: 
1775. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1776. |_[ + ] More details:: 
1777. |_[ + ] Found:: UNIDENTIFIED
1778. 
1779.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1780. |_[ + ] [ 1 / 99 ]-[15:03:03] [ - ] 
1781. |_[ + ] Target:: [ https://www.irs.gov/businesses ]
1782. |_[ + ] Exploit:: 
1783. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1784. |_[ + ] More details:: 
1785. |_[ + ] Found:: UNIDENTIFIED
1786. 
1787.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1788. |_[ + ] [ 2 / 99 ]-[15:03:03] [ - ] 
1789. |_[ + ] Target:: [ https://www.irs.gov/faqs ]
1790. |_[ + ] Exploit:: 
1791. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1792. |_[ + ] More details:: 
1793. |_[ + ] Found:: UNIDENTIFIED
1794. 
1795.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1796. |_[ + ] [ 3 / 99 ]-[15:03:03] [ - ] 
1797. |_[ + ] Target:: [ https://www.irs.gov/newsroom ]
1798. |_[ + ] Exploit:: 
1799. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1800. |_[ + ] More details:: 
1801. |_[ + ] Found:: UNIDENTIFIED
1802. 
1803.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1804. |_[ + ] [ 4 / 99 ]-[15:03:03] [ - ] 
1805. |_[ + ] Target:: [ https://www.irs.gov/refunds ]
1806. |_[ + ] Exploit:: 
1807. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1808. |_[ + ] More details:: 
1809. |_[ + ] Found:: UNIDENTIFIED
1810. 
1811.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1812. |_[ + ] [ 5 / 99 ]-[15:03:04] [ - ] 
1813. |_[ + ] Target:: [ https://www.irs.gov/filing ]
1814. |_[ + ] Exploit:: 
1815. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1816. |_[ + ] More details:: 
1817. |_[ + ] Found:: UNIDENTIFIED
1818. 
1819.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1820. |_[ + ] [ 6 / 99 ]-[15:03:04] [ - ] 
1821. |_[ + ] Target:: [ https://www.irs.gov/payments ]
1822. |_[ + ] Exploit:: 
1823. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1824. |_[ + ] More details:: 
1825. |_[ + ] Found:: UNIDENTIFIED
1826. 
1827.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1828. |_[ + ] [ 7 / 99 ]-[15:03:04] [ - ] 
1829. |_[ + ] Target:: [ https://www.irs.gov/statistics ]
1830. |_[ + ] Exploit:: 
1831. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1832. |_[ + ] More details:: 
1833. |_[ + ] Found:: UNIDENTIFIED
1834. 
1835.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1836. |_[ + ] [ 8 / 99 ]-[15:03:04] [ - ] 
1837. |_[ + ] Target:: [ https://www.irs.gov/retirement-plans ]
1838. |_[ + ] Exploit:: 
1839. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1840. |_[ + ] More details:: 
1841. |_[ + ] Found:: UNIDENTIFIED
1842. 
1843.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1844. |_[ + ] [ 9 / 99 ]-[15:03:05] [ - ] 
1845. |_[ + ] Target:: [ https://www.jobs.irs.gov/resources ]
1846. |_[ + ] Exploit:: 
1847. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.6.31, IP:2620:108:d00f::34de:5981:443 
1848. |_[ + ] More details:: 
1849. |_[ + ] Found:: UNIDENTIFIED
1850. 
1851.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1852. |_[ + ] [ 10 / 99 ]-[15:03:05] [ - ] 
1853. |_[ + ] Target:: [ https://www.irs.gov/newsroom/irs2goapp ]
1854. |_[ + ] Exploit:: 
1855. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1856. |_[ + ] More details:: 
1857. |_[ + ] Found:: UNIDENTIFIED
1858. 
1859.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1860. |_[ + ] [ 11 / 99 ]-[15:03:05] [ - ] 
1861. |_[ + ] Target:: [ https://www.irs.gov/es/filing ]
1862. |_[ + ] Exploit:: 
1863. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1864. |_[ + ] More details:: 
1865. |_[ + ] Found:: UNIDENTIFIED
1866. 
1867.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1868. |_[ + ] [ 12 / 99 ]-[15:03:06] [ - ] 
1869. |_[ + ] Target:: [ https://www.irs.gov/ko/korean ]
1870. |_[ + ] Exploit:: 
1871. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1872. |_[ + ] More details:: 
1873. |_[ + ] Found:: UNIDENTIFIED
1874. 
1875.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1876. |_[ + ] [ 13 / 99 ]-[15:03:06] [ - ] 
1877. |_[ + ] Target:: [ https://www.irs.gov/individuals/parents ]
1878. |_[ + ] Exploit:: 
1879. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1880. |_[ + ] More details:: 
1881. |_[ + ] Found:: UNIDENTIFIED
1882. 
1883.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1884. |_[ + ] [ 14 / 99 ]-[15:03:06] [ - ] 
1885. |_[ + ] Target:: [ https://www.irs.gov/compliance/appeals ]
1886. |_[ + ] Exploit:: 
1887. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1888. |_[ + ] More details:: 
1889. |_[ + ] Found:: UNIDENTIFIED
1890. 
1891.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1892. |_[ + ] [ 15 / 99 ]-[15:03:06] [ - ] 
1893. |_[ + ] Target:: [ https://www.irs.gov/ru/russian ]
1894. |_[ + ] Exploit:: 
1895. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1896. |_[ + ] More details:: 
1897. |_[ + ] Found:: UNIDENTIFIED
1898. 
1899.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1900. |_[ + ] [ 16 / 99 ]-[15:03:07] [ - ] 
1901. |_[ + ] Target:: [ https://www.irs.gov/es/spanish ]
1902. |_[ + ] Exploit:: 
1903. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1904. |_[ + ] More details:: 
1905. |_[ + ] Found:: UNIDENTIFIED
1906. 
1907.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1908. |_[ + ] [ 17 / 99 ]-[15:03:07] [ - ] 
1909. |_[ + ] Target:: [ https://www.irs.gov/tax-professionals ]
1910. |_[ + ] Exploit:: 
1911. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1912. |_[ + ] More details:: 
1913. |_[ + ] Found:: UNIDENTIFIED
1914. 
1915.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1916. |_[ + ] [ 18 / 99 ]-[15:03:07] [ - ] 
1917. |_[ + ] Target:: [ https://www.irs.gov/individuals/employees ]
1918. |_[ + ] Exploit:: 
1919. |_[ + ] Information Server:: HTTP/1.1 302 Moved Temporarily, , IP:2600:141b:4:399::f50:443 
1920. |_[ + ] More details:: 
1921. |_[ + ] Found:: UNIDENTIFIED
1922. 
1923.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1924. |_[ + ] [ 19 / 99 ]-[15:03:07] [ - ] 
1925. |_[ + ] Target:: [ https://www.irs.gov/individuals/students ]
1926. |_[ + ] Exploit:: 
1927. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1928. |_[ + ] More details:: 
1929. |_[ + ] Found:: UNIDENTIFIED
1930. 
1931.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1932. |_[ + ] [ 20 / 99 ]-[15:03:08] [ - ] 
1933. |_[ + ] Target:: [ https://www.irs.gov/help/ita ]
1934. |_[ + ] Exploit:: 
1935. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1936. |_[ + ] More details:: 
1937. |_[ + ] Found:: UNIDENTIFIED
1938. 
1939.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1940. |_[ + ] [ 21 / 99 ]-[15:03:08] [ - ] 
1941. |_[ + ] Target:: [ https://www.irs.gov/help/tools ]
1942. |_[ + ] Exploit:: 
1943. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1944. |_[ + ] More details:: 
1945. |_[ + ] Found:: UNIDENTIFIED
1946. 
1947.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1948. |_[ + ] [ 22 / 99 ]-[15:03:08] [ - ] 
1949. |_[ + ] Target:: [ https://www.irs.gov/taxpayer-advocate ]
1950. |_[ + ] Exploit:: 
1951. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1952. |_[ + ] More details:: 
1953. |_[ + ] Found:: UNIDENTIFIED
1954. 
1955.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1956. |_[ + ] [ 23 / 99 ]-[15:03:08] [ - ] 
1957. |_[ + ] Target:: [ https://www.irs.gov/individuals/military ]
1958. |_[ + ] Exploit:: 
1959. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1960. |_[ + ] More details:: 
1961. |_[ + ] Found:: UNIDENTIFIED
1962. 
1963.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1964. |_[ + ] [ 24 / 99 ]-[15:03:09] [ - ] 
1965. |_[ + ] Target:: [ https://www.irs.gov/businesses/partnerships ]
1966. |_[ + ] Exploit:: 
1967. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1968. |_[ + ] More details:: 
1969. |_[ + ] Found:: UNIDENTIFIED
1970. 
1971.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1972. |_[ + ] [ 25 / 99 ]-[15:03:09] [ - ] 
1973. |_[ + ] Target:: [ https://www.irs.gov/forms-instructions ]
1974. |_[ + ] Exploit:: 
1975. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1976. |_[ + ] More details:: 
1977. |_[ + ] Found:: UNIDENTIFIED
1978. 
1979.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1980. |_[ + ] [ 26 / 99 ]-[15:03:09] [ - ] 
1981. |_[ + ] Target:: [ https://www.irs.gov/vi/vietnamese ]
1982. |_[ + ] Exploit:: 
1983. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1984. |_[ + ] More details:: 
1985. |_[ + ] Found:: UNIDENTIFIED
1986. 
1987.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1988. |_[ + ] [ 27 / 99 ]-[15:03:09] [ - ] 
1989. |_[ + ] Target:: [ https://www.irs.gov/newsroom/videos ]
1990. |_[ + ] Exploit:: 
1991. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
1992. |_[ + ] More details:: 
1993. |_[ + ] Found:: UNIDENTIFIED
1994. 
1995.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1996. |_[ + ] [ 28 / 99 ]-[15:03:09] [ - ] 
1997. |_[ + ] Target:: [ https://www.irs.gov/government-entities ]
1998. |_[ + ] Exploit:: 
1999. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2000. |_[ + ] More details:: 
2001. |_[ + ] Found:: UNIDENTIFIED
2002. 
2003.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2004. |_[ + ] [ 29 / 99 ]-[15:03:10] [ - ] 
2005. |_[ + ] Target:: [ https://www.eitc.irs.gov/training ]
2006. |_[ + ] Exploit:: 
2007. |_[ + ] Information Server:: HTTP/1.1 302 Moved Temporarily, , IP:2600:141b:4:3a2::f50:443 
2008. |_[ + ] More details:: 
2009. |_[ + ] Found:: UNIDENTIFIED
2010. 
2011.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2012. |_[ + ] [ 30 / 99 ]-[15:03:10] [ - ] 
2013. |_[ + ] Target:: [ https://www.irs.gov/individuals ]
2014. |_[ + ] Exploit:: 
2015. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2016. |_[ + ] More details:: 
2017. |_[ + ] Found:: UNIDENTIFIED
2018. 
2019.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2020. |_[ + ] [ 31 / 99 ]-[15:03:11] [ - ] 
2021. |_[ + ] Target:: [ https://www.jobs.irs.gov/ ]
2022. |_[ + ] Exploit:: 
2023. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.6.31, IP:2620:108:d00f::34de:5981:443 
2024. |_[ + ] More details:: 
2025. |_[ + ] Found:: UNIDENTIFIED
2026. 
2027.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2028. |_[ + ] [ 32 / 99 ]-[15:03:11] [ - ] 
2029. |_[ + ] Target:: [ https://www.irs.gov/taxtopics ]
2030. |_[ + ] Exploit:: 
2031. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2032. |_[ + ] More details:: 
2033. |_[ + ] Found:: UNIDENTIFIED
2034. 
2035.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2036. |_[ + ] [ 33 / 99 ]-[15:03:11] [ - ] 
2037. |_[ + ] Target:: [ https://www.irs.gov/publications ]
2038. |_[ + ] Exploit:: 
2039. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2040. |_[ + ] More details:: 
2041. |_[ + ] Found:: UNIDENTIFIED
2042. 
2043.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2044. |_[ + ] [ 34 / 99 ]-[15:03:11] [ - ] 
2045. |_[ + ] Target:: [ https://www.irs.gov/oic ]
2046. |_[ + ] Exploit:: 
2047. |_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, , IP:2600:141b:4:399::f50:443 
2048. |_[ + ] More details:: 
2049. |_[ + ] Found:: UNIDENTIFIED
2050. 
2051.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2052. |_[ + ] [ 35 / 99 ]-[15:03:11] [ - ] 
2053. |_[ + ] Target:: [ https://www.irs.gov/irm ]
2054. |_[ + ] Exploit:: 
2055. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2056. |_[ + ] More details:: 
2057. |_[ + ] Found:: UNIDENTIFIED
2058. 
2059.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2060. |_[ + ] [ 36 / 99 ]-[15:03:12] [ - ] 
2061. |_[ + ] Target:: [ https://www.irs.gov/corporations ]
2062. |_[ + ] Exploit:: 
2063. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2064. |_[ + ] More details:: 
2065. |_[ + ] Found:: UNIDENTIFIED
2066. 
2067.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2068. |_[ + ] [ 37 / 99 ]-[15:03:12] [ - ] 
2069. |_[ + ] Target:: [ https://www.irs.gov/instructions ]
2070. |_[ + ] Exploit:: 
2071. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2072. |_[ + ] More details:: 
2073. |_[ + ] Found:: UNIDENTIFIED
2074. 
2075.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2076. |_[ + ] [ 38 / 99 ]-[15:03:12] [ - ] 
2077. |_[ + ] Target:: [ https://www.irs.gov/irb ]
2078. |_[ + ] Exploit:: 
2079. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2080. |_[ + ] More details:: 
2081. |_[ + ] Found:: UNIDENTIFIED
2082. 
2083.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2084. |_[ + ] [ 39 / 99 ]-[15:03:12] [ - ] 
2085. |_[ + ] Target:: [ https://www.eitc.irs.gov/ ]
2086. |_[ + ] Exploit:: 
2087. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:2600:141b:4:3a2::f50:443 
2088. |_[ + ] More details:: 
2089. |_[ + ] Found:: UNIDENTIFIED
2090. 
2091.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2092. |_[ + ] [ 40 / 99 ]-[15:03:13] [ - ] 
2093. |_[ + ] Target:: [ https://www.stayexempt.irs.gov/ ]
2094. |_[ + ] Exploit:: 
2095. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:2600:141b:4:399::f50:443 
2096. |_[ + ] More details:: 
2097. |_[ + ] Found:: UNIDENTIFIED
2098. 
2099.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2100. |_[ + ] [ 41 / 99 ]-[15:03:13] [ - ] 
2101. |_[ + ] Target:: [ https://taxmap.irs.gov/ ]
2102. |_[ + ] Exploit:: 
2103. |_[ + ] Information Server:: HTTP/1.1 302 Moved Temporarily, X-Powered-By: Express, IP:2600:9000:2045:a000:9:3863:b1c0:93a1:443 
2104. |_[ + ] More details:: 
2105. |_[ + ] Found:: UNIDENTIFIED
2106. 
2107.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2108. |_[ + ] [ 42 / 99 ]-[15:03:22] [ - ] 
2109. |_[ + ] Target:: [ https://www.smallbiz.irs.gov/ ]
2110. |_[ + ] Exploit:: 
2111. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET, IP:216.12.134.16:443 
2112. |_[ + ] More details::  / - / , ISP: 
2113. |_[ + ] Found:: UNIDENTIFIED
2114. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 48937 out of 158646 bytes received
2115. 
2116.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2117. |_[ + ] [ 43 / 99 ]-[15:03:22] [ - ] 
2118. |_[ + ] Target:: [ https://www.marketingexpress.irs.gov/ ]
2119. |_[ + ] Exploit:: 
2120. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:2600:141b:4:399::f50:443 
2121. |_[ + ] More details:: 
2122. |_[ + ] Found:: UNIDENTIFIED
2123. 
2124.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2125. |_[ + ] [ 44 / 99 ]-[15:03:23] [ - ] 
2126. |_[ + ] Target:: [ https://www.irs.gov/newsroom/whats-hot ]
2127. |_[ + ] Exploit:: 
2128. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2129. |_[ + ] More details:: 
2130. |_[ + ] Found:: UNIDENTIFIED
2131. 
2132.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2133. |_[ + ] [ 45 / 99 ]-[15:03:23] [ - ] 
2134. |_[ + ] Target:: [ https://www.irs.gov/credits-deductions/businesses ]
2135. |_[ + ] Exploit:: 
2136. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2137. |_[ + ] More details:: 
2138. |_[ + ] Found:: UNIDENTIFIED
2139. 
2140.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2141. |_[ + ] [ 46 / 99 ]-[15:03:24] [ - ] 
2142. |_[ + ] Target:: [ https://www.jobs.irs.gov/about/locations ]
2143. |_[ + ] Exploit:: 
2144. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.6.31, IP:2620:108:d00f::34de:5981:443 
2145. |_[ + ] More details:: 
2146. |_[ + ] Found:: UNIDENTIFIED
2147. 
2148.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2149. |_[ + ] [ 47 / 99 ]-[15:03:24] [ - ] 
2150. |_[ + ] Target:: [ https://www.irs.gov/individuals/transcript-availability ]
2151. |_[ + ] Exploit:: 
2152. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2153. |_[ + ] More details:: 
2154. |_[ + ] Found:: UNIDENTIFIED
2155. 
2156.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2157. |_[ + ] [ 48 / 99 ]-[15:03:24] [ - ] 
2158. |_[ + ] Target:: [ https://www.irs.gov/help/navigate-irsgov ]
2159. |_[ + ] Exploit:: 
2160. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2161. |_[ + ] More details:: 
2162. |_[ + ] Found:: UNIDENTIFIED
2163. 
2164.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2165. |_[ + ] [ 49 / 99 ]-[15:03:24] [ - ] 
2166. |_[ + ] Target:: [ https://www.irs.gov/zh-hant/chinese ]
2167. |_[ + ] Exploit:: 
2168. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2169. |_[ + ] More details:: 
2170. |_[ + ] Found:: UNIDENTIFIED
2171. 
2172.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2173. |_[ + ] [ 50 / 99 ]-[15:03:24] [ - ] 
2174. |_[ + ] Target:: [ https://www.irs.gov/help/telephone-assistance ]
2175. |_[ + ] Exploit:: 
2176. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2177. |_[ + ] More details:: 
2178. |_[ + ] Found:: UNIDENTIFIED
2179. 
2180.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2181. |_[ + ] [ 51 / 99 ]-[15:03:25] [ - ] 
2182. |_[ + ] Target:: [ https://www.irs.gov/individuals/outreach-corner ]
2183. |_[ + ] Exploit:: 
2184. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2185. |_[ + ] More details:: 
2186. |_[ + ] Found:: UNIDENTIFIED
2187. 
2188.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2189. |_[ + ] [ 52 / 99 ]-[15:03:25] [ - ] 
2190. |_[ + ] Target:: [ https://www.irs.gov/newsroom/tax-quotes ]
2191. |_[ + ] Exploit:: 
2192. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2193. |_[ + ] More details:: 
2194. |_[ + ] Found:: UNIDENTIFIED
2195. 
2196.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2197. |_[ + ] [ 53 / 99 ]-[15:03:25] [ - ] 
2198. |_[ + ] Target:: [ https://www.irs.gov/individuals/international-taxpayers ]
2199. |_[ + ] Exploit:: 
2200. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2201. |_[ + ] More details:: 
2202. |_[ + ] Found:: UNIDENTIFIED
2203. 
2204.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2205. |_[ + ] [ 54 / 99 ]-[15:03:25] [ - ] 
2206. |_[ + ] Target:: [ https://www.irs.gov/advocate/taxpayer-rights ]
2207. |_[ + ] Exploit:: 
2208. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2209. |_[ + ] More details:: 
2210. |_[ + ] Found:: UNIDENTIFIED
2211. 
2212.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2213. |_[ + ] [ 55 / 99 ]-[15:03:26] [ - ] 
2214. |_[ + ] Target:: [ https://www.irs.gov/newsroom/facts-figures ]
2215. |_[ + ] Exploit:: 
2216. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2217. |_[ + ] More details:: 
2218. |_[ + ] Found:: UNIDENTIFIED
2219. 
2220.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2221. |_[ + ] [ 56 / 99 ]-[15:03:26] [ - ] 
2222. |_[ + ] Target:: [ https://www.irs.gov/help/irsgov-accessibility ]
2223. |_[ + ] Exploit:: 
2224. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2225. |_[ + ] More details:: 
2226. |_[ + ] Found:: UNIDENTIFIED
2227. 
2228.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2229. |_[ + ] [ 57 / 99 ]-[15:03:26] [ - ] 
2230. |_[ + ] Target:: [ https://www.irs.gov/help/ita/credits ]
2231. |_[ + ] Exploit:: 
2232. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2233. |_[ + ] More details:: 
2234. |_[ + ] Found:: UNIDENTIFIED
2235. 
2236.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2237. |_[ + ] [ 58 / 99 ]-[15:03:26] [ - ] 
2238. |_[ + ] Target:: [ https://www.irs.gov/charities-non-profits ]
2239. |_[ + ] Exploit:: 
2240. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2241. |_[ + ] More details:: 
2242. |_[ + ] Found:: UNIDENTIFIED
2243. 
2244.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2245. |_[ + ] [ 59 / 99 ]-[15:03:27] [ - ] 
2246. |_[ + ] Target:: [ https://www.irs.gov/individuals/refund-timing ]
2247. |_[ + ] Exploit:: 
2248. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2249. |_[ + ] More details:: 
2250. |_[ + ] Found:: UNIDENTIFIED
2251. 
2252.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2253. |_[ + ] [ 60 / 99 ]-[15:03:27] [ - ] 
2254. |_[ + ] Target:: [ https://www.irs.gov/businesses/research-credit ]
2255. |_[ + ] Exploit:: 
2256. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2257. |_[ + ] More details:: 
2258. |_[ + ] Found:: UNIDENTIFIED
2259. 
2260.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2261. |_[ + ] [ 61 / 99 ]-[15:03:27] [ - ] 
2262. |_[ + ] Target:: [ https://www.irs.gov/newsroom/fact-sheets ]
2263. |_[ + ] Exploit:: 
2264. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2265. |_[ + ] More details:: 
2266. |_[ + ] Found:: UNIDENTIFIED
2267. 
2268.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2269. |_[ + ] [ 62 / 99 ]-[15:03:27] [ - ] 
2270. |_[ + ] Target:: [ https://www.irs.gov/businesses/corporations/fatcafaqs ]
2271. |_[ + ] Exploit:: 
2272. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2273. |_[ + ] More details:: 
2274. |_[ + ] Found:: UNIDENTIFIED
2275. 
2276.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2277. |_[ + ] [ 63 / 99 ]-[15:03:28] [ - ] 
2278. |_[ + ] Target:: [ https://www.irs.gov/individuals/seniors-retirees ]
2279. |_[ + ] Exploit:: 
2280. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2281. |_[ + ] More details:: 
2282. |_[ + ] Found:: UNIDENTIFIED
2283. 
2284.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2285. |_[ + ] [ 64 / 99 ]-[15:03:28] [ - ] 
2286. |_[ + ] Target:: [ https://www.irs.gov/newsroom/irs-guidance ]
2287. |_[ + ] Exploit:: 
2288. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2289. |_[ + ] More details:: 
2290. |_[ + ] Found:: UNIDENTIFIED
2291. 
2292.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2293. |_[ + ] [ 65 / 99 ]-[15:03:28] [ - ] 
2294. |_[ + ] Target:: [ https://www.irs.gov/retirement-plans/newsletters ]
2295. |_[ + ] Exploit:: 
2296. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2297. |_[ + ] More details:: 
2298. |_[ + ] Found:: UNIDENTIFIED
2299. 
2300.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2301. |_[ + ] [ 66 / 99 ]-[15:03:28] [ - ] 
2302. |_[ + ] Target:: [ https://www.irs.gov/statistics/enforcement-examinations ]
2303. |_[ + ] Exploit:: 
2304. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2305. |_[ + ] More details:: 
2306. |_[ + ] Found:: UNIDENTIFIED
2307. 
2308.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2309. |_[ + ] [ 67 / 99 ]-[15:03:28] [ - ] 
2310. |_[ + ] Target:: [ https://www.irs.gov/affordable-care-act ]
2311. |_[ + ] Exploit:: 
2312. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2313. |_[ + ] More details:: 
2314. |_[ + ] Found:: UNIDENTIFIED
2315. 
2316.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2317. |_[ + ] [ 68 / 99 ]-[15:03:29] [ - ] 
2318. |_[ + ] Target:: [ https://www.irs.gov/statistics/taxpayer-assistance ]
2319. |_[ + ] Exploit:: 
2320. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2321. |_[ + ] More details:: 
2322. |_[ + ] Found:: UNIDENTIFIED
2323. 
2324.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2325. |_[ + ] [ 69 / 99 ]-[15:03:29] [ - ] 
2326. |_[ + ] Target:: [ https://www.irs.gov/about-irs/procurement ]
2327. |_[ + ] Exploit:: 
2328. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2329. |_[ + ] More details:: 
2330. |_[ + ] Found:: UNIDENTIFIED
2331. 
2332.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2333. |_[ + ] [ 70 / 99 ]-[15:03:29] [ - ] 
2334. |_[ + ] Target:: [ https://www.irs.gov/forms-pubs/ebook ]
2335. |_[ + ] Exploit:: 
2336. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2337. |_[ + ] More details:: 
2338. |_[ + ] Found:: UNIDENTIFIED
2339. 
2340.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2341. |_[ + ] [ 71 / 99 ]-[15:03:29] [ - ] 
2342. |_[ + ] Target:: [ https://www.irs.gov/newsroom/multimedia-center ]
2343. |_[ + ] Exploit:: 
2344. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2345. |_[ + ] More details:: 
2346. |_[ + ] Found:: UNIDENTIFIED
2347. 
2348.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2349. |_[ + ] [ 72 / 99 ]-[15:03:30] [ - ] 
2350. |_[ + ] Target:: [ https://www.irs.gov/payments/direct-pay ]
2351. |_[ + ] Exploit:: 
2352. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2353. |_[ + ] More details:: 
2354. |_[ + ] Found:: UNIDENTIFIED
2355. 
2356.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2357. |_[ + ] [ 73 / 99 ]-[15:03:30] [ - ] 
2358. |_[ + ] Target:: [ https://www.jobs.irs.gov/resources/benefits ]
2359. |_[ + ] Exploit:: 
2360. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.6.31, IP:2620:108:d00f::34de:5981:443 
2361. |_[ + ] More details:: 
2362. |_[ + ] Found:: UNIDENTIFIED
2363. 
2364.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2365. |_[ + ] [ 74 / 99 ]-[15:03:30] [ - ] 
2366. |_[ + ] Target:: [ https://www.irs.gov/help/ita/deductions ]
2367. |_[ + ] Exploit:: 
2368. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2369. |_[ + ] More details:: 
2370. |_[ + ] Found:: UNIDENTIFIED
2371. 
2372.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2373. |_[ + ] [ 75 / 99 ]-[15:03:31] [ - ] 
2374. |_[ + ] Target:: [ https://www.irs.gov/newsroom/latest-news ]
2375. |_[ + ] Exploit:: 
2376. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2377. |_[ + ] More details:: 
2378. |_[ + ] Found:: UNIDENTIFIED
2379. 
2380.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2381. |_[ + ] [ 76 / 99 ]-[15:03:31] [ - ] 
2382. |_[ + ] Target:: [ https://www.irs.gov/businesses/international-businesses ]
2383. |_[ + ] Exploit:: 
2384. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2385. |_[ + ] More details:: 
2386. |_[ + ] Found:: UNIDENTIFIED
2387. 
2388.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2389. |_[ + ] [ 77 / 99 ]-[15:03:31] [ - ] 
2390. |_[ + ] Target:: [ https://www.irs.gov/individuals/get-transcript ]
2391. |_[ + ] Exploit:: 
2392. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2393. |_[ + ] More details:: 
2394. |_[ + ] Found:: UNIDENTIFIED
2395. 
2396.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2397. |_[ + ] [ 78 / 99 ]-[15:03:31] [ - ] 
2398. |_[ + ] Target:: [ https://www.irs.gov/tax-exempt-bonds ]
2399. |_[ + ] Exploit:: 
2400. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2401. |_[ + ] More details:: 
2402. |_[ + ] Found:: UNIDENTIFIED
2403. 
2404.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2405. |_[ + ] [ 79 / 99 ]-[15:03:32] [ - ] 
2406. |_[ + ] Target:: [ https://www.stayexempt.irs.gov/home/accessibility ]
2407. |_[ + ] Exploit:: 
2408. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:2600:141b:4:399::f50:443 
2409. |_[ + ] More details:: 
2410. |_[ + ] Found:: UNIDENTIFIED
2411. 
2412.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2413. |_[ + ] [ 80 / 99 ]-[15:03:32] [ - ] 
2414. |_[ + ] Target:: [ https://www.stayexempt.irs.gov/home/privacy ]
2415. |_[ + ] Exploit:: 
2416. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:2600:141b:4:399::f50:443 
2417. |_[ + ] More details:: 
2418. |_[ + ] Found:: UNIDENTIFIED
2419. 
2420.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2421. |_[ + ] [ 81 / 99 ]-[15:03:32] [ - ] 
2422. |_[ + ] Target:: [ https://www.irs.gov/instructions/i1098et ]
2423. |_[ + ] Exploit:: 
2424. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2425. |_[ + ] More details:: 
2426. |_[ + ] Found:: UNIDENTIFIED
2427. 
2428.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2429. |_[ + ] [ 82 / 99 ]-[15:03:32] [ - ] 
2430. |_[ + ] Target:: [ https://www.irs.gov/instructions/i8233 ]
2431. |_[ + ] Exploit:: 
2432. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2433. |_[ + ] More details:: 
2434. |_[ + ] Found:: UNIDENTIFIED
2435. 
2436.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2437. |_[ + ] [ 83 / 99 ]-[15:03:33] [ - ] 
2438. |_[ + ] Target:: [ https://www.irs.gov/publications/p590a ]
2439. |_[ + ] Exploit:: 
2440. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2441. |_[ + ] More details:: 
2442. |_[ + ] Found:: UNIDENTIFIED
2443. 
2444.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2445. |_[ + ] [ 84 / 99 ]-[15:03:33] [ - ] 
2446. |_[ + ] Target:: [ https://www.irs.gov/publications/p939 ]
2447. |_[ + ] Exploit:: 
2448. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2449. |_[ + ] More details:: 
2450. |_[ + ] Found:: UNIDENTIFIED
2451. 
2452.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2453. |_[ + ] [ 85 / 99 ]-[15:03:33] [ - ] 
2454. |_[ + ] Target:: [ https://www.irs.gov/privacy-disclosure/security-summit ]
2455. |_[ + ] Exploit:: 
2456. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2457. |_[ + ] More details:: 
2458. |_[ + ] Found:: UNIDENTIFIED
2459. 
2460.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2461. |_[ + ] [ 86 / 99 ]-[15:03:34] [ - ] 
2462. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc102 ]
2463. |_[ + ] Exploit:: 
2464. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2465. |_[ + ] More details:: 
2466. |_[ + ] Found:: UNIDENTIFIED
2467. 
2468.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2469. |_[ + ] [ 87 / 99 ]-[15:03:34] [ - ] 
2470. |_[ + ] Target:: [ https://www.irs.gov/publications/p15 ]
2471. |_[ + ] Exploit:: 
2472. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2473. |_[ + ] More details:: 
2474. |_[ + ] Found:: UNIDENTIFIED
2475. 
2476.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2477. |_[ + ] [ 88 / 99 ]-[15:03:35] [ - ] 
2478. |_[ + ] Target:: [ https://www.irs.gov/individuals/site-coordinator-corner ]
2479. |_[ + ] Exploit:: 
2480. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2481. |_[ + ] More details:: 
2482. |_[ + ] Found:: UNIDENTIFIED
2483. 
2484.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2485. |_[ + ] [ 89 / 99 ]-[15:03:35] [ - ] 
2486. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc756 ]
2487. |_[ + ] Exploit:: 
2488. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2489. |_[ + ] More details:: 
2490. |_[ + ] Found:: UNIDENTIFIED
2491. 
2492.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2493. |_[ + ] [ 90 / 99 ]-[15:03:35] [ - ] 
2494. |_[ + ] Target:: [ https://www.irs.gov/irm/part10 ]
2495. |_[ + ] Exploit:: 
2496. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2497. |_[ + ] More details:: 
2498. |_[ + ] Found:: UNIDENTIFIED
2499. 
2500.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2501. |_[ + ] [ 91 / 99 ]-[15:03:35] [ - ] 
2502. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc506 ]
2503. |_[ + ] Exploit:: 
2504. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2505. |_[ + ] More details:: 
2506. |_[ + ] Found:: UNIDENTIFIED
2507. 
2508.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2509. |_[ + ] [ 92 / 99 ]-[15:03:36] [ - ] 
2510. |_[ + ] Target:: [ https://www.irs.gov/businesses/corporations/fatca-governments ]
2511. |_[ + ] Exploit:: 
2512. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2513. |_[ + ] More details:: 
2514. |_[ + ] Found:: UNIDENTIFIED
2515. 
2516.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2517. |_[ + ] [ 93 / 99 ]-[15:03:36] [ - ] 
2518. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc456 ]
2519. |_[ + ] Exploit:: 
2520. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2521. |_[ + ] More details:: 
2522. |_[ + ] Found:: UNIDENTIFIED
2523. 
2524.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2525. |_[ + ] [ 94 / 99 ]-[15:03:36] [ - ] 
2526. |_[ + ] Target:: [ https://www.irs.gov/newsroom/commissioner-john-koskinen ]
2527. |_[ + ] Exploit:: 
2528. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2529. |_[ + ] More details:: 
2530. |_[ + ] Found:: UNIDENTIFIED
2531. 
2532.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2533. |_[ + ] [ 95 / 99 ]-[15:03:36] [ - ] 
2534. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc703 ]
2535. |_[ + ] Exploit:: 
2536. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2537. |_[ + ] More details:: 
2538. |_[ + ] Found:: UNIDENTIFIED
2539. 
2540.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2541. |_[ + ] [ 96 / 99 ]-[15:03:37] [ - ] 
2542. |_[ + ] Target:: [ https://www.irs.gov/taxtopics/tc203 ]
2543. |_[ + ] Exploit:: 
2544. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2545. |_[ + ] More details:: 
2546. |_[ + ] Found:: UNIDENTIFIED
2547. 
2548.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2549. |_[ + ] [ 97 / 99 ]-[15:03:46] [ - ] 
2550. |_[ + ] Target:: [ https://www.smallbiz.irs.gov/CarDonations ]
2551. |_[ + ] Exploit:: 
2552. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET, IP:216.12.134.16:443 
2553. |_[ + ] More details::  / - / , ISP: 
2554. |_[ + ] Found:: UNIDENTIFIED
2555. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 48937 out of 337821 bytes received
2556. 
2557.  _[ - ]::--------------------------------------------------------------------------------------------------------------
2558. |_[ + ] [ 98 / 99 ]-[15:03:46] [ - ] 
2559. |_[ + ] Target:: [ https://www.irs.gov/instructions/i9465 ]
2560. |_[ + ] Exploit:: 
2561. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:2600:141b:4:399::f50:443 
2562. |_[ + ] More details:: 
2563. |_[ + ] Found:: UNIDENTIFIED
2564.  
2565. [ INFO ] [ Shutting down ]
2566. [ INFO ] [ End of process INURLBR at [30-12-2017 15:03:46]
2567. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2568. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-irs.gov.txt ]
2569. |_________________________________________________________________________________________
2570.  
2571. \_________________________________________________________________________________________/
2572.  
2573.  + -- --=[Port 110 closed... skipping.
2574.  + -- --=[Port 111 closed... skipping.
2575.  + -- --=[Port 135 closed... skipping.
2576.  + -- --=[Port 139 closed... skipping.
2577.  + -- --=[Port 161 closed... skipping.
2578.  + -- --=[Port 162 closed... skipping.
2579.  + -- --=[Port 389 closed... skipping.
2580.  + -- --=[Port 443 opened... running tests...
2581.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
2582.  
2583. ^ ^
2584. _ __ _ ____ _ __ _ _ ____
2585. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2586. | V V // o // _/ | V V // 0 // 0 // _/
2587. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2588. <
2589. ...'
2590.  
2591. WAFW00F - Web Application Firewall Detection Tool
2592.  
2593. By Sandro Gauci && Wendel G. Henrique
2594.  
2595. Checking https://irs.gov
2596. The site https://irs.gov is behind a F5 BIG-IP APM
2597. Number of requests: 6
2598.  
2599.  + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
2600.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
2601. https://irs.gov [302 Found] Country[UNITED STATES][US], HTTPServer[BigIP], IP[166.123.218.220], RedirectLocation[https://www.irs.gov/]
2602. https://www.irs.gov/ [200 OK] Content-Language[en], Cookies[AKA_A2], Country[UNITED STATES][US], Drupal, Frame, HTML5, HttpOnly[AKA_A2], IP[23.222.116.217], JQuery, MetaGenerator[Drupal 8 (https://www.drupal.org)], Script[application/json,text/javascript], Strict-Transport-Security[max-age=31536000], Title[Internal Revenue Service | An official website of the United States government], UncommonHeaders[x-drupal-dynamic-cache,link,x-content-type-options,x-generator,x-drupal-cache,x-request-id,x-ah-environment,x-varnish,x-cache-hits,x-age], Varnish, X-Frame-Options[SameOrigin], X-UA-Compatible[IE=edge], YouTube
2603.  
2604.  + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
2605. Version: 1.11.10-static
2606. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2607. 
2608. Testing SSL server irs.gov on port 443 using SNI name irs.gov
2609.  
2610. TLS Fallback SCSV:
2611. Server supports TLS Fallback SCSV
2612.  
2613. TLS renegotiation:
2614. Secure session renegotiation supported
2615.  
2616. TLS Compression:
2617. Compression disabled
2618.  
2619. Heartbleed:
2620. TLS 1.2 not vulnerable to heartbleed
2621. TLS 1.1 not vulnerable to heartbleed
2622. TLS 1.0 not vulnerable to heartbleed
2623.  
2624. Supported Server Cipher(s):
2625. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384  Curve P-256 DHE 256
2626. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256  Curve P-256 DHE 256
2627. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2628. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2629. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2630. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2631. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2632. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2633. Accepted TLSv1.2 256 bits AES256-SHA256
2634. Accepted TLSv1.2 256 bits AES256-SHA
2635. Accepted TLSv1.2 128 bits AES128-SHA256
2636. Accepted TLSv1.2 128 bits AES128-SHA
2637. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA  Curve P-256 DHE 256
2638. Accepted TLSv1.2 112 bits DES-CBC3-SHA 
2639. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2640. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2641. Accepted TLSv1.1 256 bits AES256-SHA
2642. Accepted TLSv1.1 128 bits AES128-SHA
2643. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA  Curve P-256 DHE 256
2644. Accepted TLSv1.1 112 bits DES-CBC3-SHA 
2645. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2646. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2647. Accepted TLSv1.0 256 bits AES256-SHA
2648. Accepted TLSv1.0 128 bits AES128-SHA
2649. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA  Curve P-256 DHE 256
2650. Accepted TLSv1.0 112 bits DES-CBC3-SHA 
2651.  
2652. SSL Certificate:
2653. Signature Algorithm: sha256WithRSAEncryption
2654. RSA Key Strength: 2048
2655.  
2656. Subject: treasury.gov
2657. Altnames: DNS:treasury.gov, DNS:tigta.gov, DNS:consumerfinancialbureau.gov, DNS:transparency.treasury.gov, DNS:ustreas.gov, DNS:consumerprotectionbureau.gov, DNS:cdfifund.gov, DNS:www.tigta.gov, DNS:mymoney.gov, DNS:fsoc.gov, DNS:consumerfinancialprotectionbureau.gov, DNS:cfpb.gov, DNS:bcfp.gov, DNS:consumerbureau.gov, DNS:consumerfinance.gov, DNS:irssales.gov, DNS:cfpa.gov, DNS:mha.gov, DNS:irs.gov, DNS:makinghomeaffordable.gov, DNS:sigtarp.gov, DNS:irsauctions.gov, DNS:consumerprotection.gov, DNS:financialresearch.gov, DNS:consumerfinancial.gov, DNS:financialstability.gov, DNS:treas.gov, DNS:myira.gov, DNS:ama.gov, DNS:usaspending.gov
2658. Issuer: Entrust Certification Authority - L1K
2659.  
2660. Not valid before: Dec 16 02:34:13 2016 GMT
2661. Not valid after: Dec 16 03:04:10 2019 GMT
2662. 
2663. ###########################################################
2664. testssl 2.9dev from https://testssl.sh/dev/
2665. 
2666. This program is free software. Distribution and
2667. modification under GPLv2 permitted.
2668. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
2669.  
2670. Please file bugs @ https://testssl.sh/bugs/
2671. 
2672. ###########################################################
2673.  
2674. Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
2675. on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
2676. (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
2677.  
2678.  
2679.  Start 2017-12-30 15:04:36 -->> 166.123.218.220:443 (irs.gov) <<--
2680.  
2681. rDNS (166.123.218.220): mha.gov. test.redirect.treas.gov. ffb.gov.
2682. usaspending.gov. transparency.treasury.gov.
2683. financialresearch.gov. testdev.workplace.gov.
2684. sigtarp.gov. ama.gov. cdfifund.gov. tigta.gov.
2685. www.tigta.gov. es.consumerfinance.gov. treasury.gov.
2686. treas.gov. mymoney.gov. makinghomeaffordable.gov.
2687. fsoc.gov.
2688. Service detected: HTTP
2689.  
2690.  
2691.  Testing protocols via sockets except SPDY+HTTP2 
2692.  
2693.  SSLv2 not offered (OK)
2694.  SSLv3 not offered (OK)
2695.  TLS 1 offered
2696.  TLS 1.1 offered
2697.  TLS 1.2 offered (OK)
2698.  TLS 1.3 not offered
2699.  SPDY/NPN not offered
2700.  HTTP2/ALPN not offered
2701.  
2702.  Testing ~standard cipher categories 
2703.  
2704.  NULL ciphers (no encryption) not offered (OK)
2705.  Anonymous NULL Ciphers (no authentication) not offered (OK)
2706.  Export ciphers (w/o ADH+NULL) not offered (OK)
2707.  LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
2708.  Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
2709.  Triple DES Ciphers (Medium) offered
2710.  High encryption (AES+Camellia, no AEAD) offered (OK)
2711.  Strong encryption (AEAD ciphers) offered (OK)
2712.  
2713.  
2714.  Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 
2715.  
2716.  PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384
2717. ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2718. ECDHE-RSA-AES128-GCM-SHA256
2719. ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
2720.  Elliptic curves offered: prime256v1 secp384r1
2721.  
2722.  
2723.  Testing server preferences 
2724.  
2725.  Has server cipher order? yes (OK)
2726.  Negotiated protocol TLSv1.2
2727.  Negotiated cipher ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
2728.  Cipher order
2729. TLSv1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA
2730. ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
2731. TLSv1.1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA
2732. ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
2733. TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2734. ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2735. ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES256-GCM-SHA384
2736. AES128-GCM-SHA256 AES256-SHA256 AES256-SHA AES128-SHA256
2737. AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
2738.  
2739.  
2740.  Testing server defaults (Server Hello) 
2741.  
2742.  TLS extensions (standard) "renegotiation info/#65281"
2743. "EC point formats/#11"
2744.  Session Ticket RFC 5077 hint (no lifetime advertised)
2745.  SSL Session ID support yes
2746.  Session Resumption Tickets: yes, ID: yes
2747.  TLS clock skew Random values, no fingerprinting possible
2748.  Signature Algorithm SHA256 with RSA
2749.  Server key size RSA 2048 bits
2750.  Fingerprint / Serial SHA1 FC2667E1F282F80661ECF985C852FE6F51BD05AD / 3AE7932501DE34DF0000000050DAD0EE
2751. SHA256 A854DDBF787F852674D63D8E9D97F04C82A68B848C64D42778D07B55640C0026
2752.  Common Name (CN) treasury.gov
2753.  subjectAltName (SAN) treasury.gov tigta.gov
2754. consumerfinancialbureau.gov
2755. transparency.treasury.gov ustreas.gov
2756. consumerprotectionbureau.gov cdfifund.gov
2757. www.tigta.gov mymoney.gov fsoc.gov
2758. consumerfinancialprotectionbureau.gov cfpb.gov
2759. bcfp.gov consumerbureau.gov consumerfinance.gov
2760. irssales.gov cfpa.gov mha.gov irs.gov
2761. makinghomeaffordable.gov sigtarp.gov
2762. irsauctions.gov consumerprotection.gov
2763. financialresearch.gov consumerfinancial.gov
2764. financialstability.gov treas.gov myira.gov
2765. ama.gov usaspending.gov 
2766.  Issuer Entrust Certification Authority - L1K (Entrust, Inc. from US)
2767.  Trust (hostname) Ok via SAN (same w/o SNI)
2768.  Chain of trust Ok 
2769.  EV cert (experimental) no
2770.  Certificate Expiration 715 >= 60 days (2016-12-15 21:34 --> 2019-12-15 22:04 -0500)
2771.  # of certificates provided 3
2772.  Certificate Revocation List http://crl.entrust.net/level1k.crl
2773.  OCSP URI http://ocsp.entrust.net
2774.  OCSP stapling not offered
2775.  OCSP must staple no
2776.  DNS CAA RR (experimental) not offered
2777.  Certificate Transparency no
2778.  
2779.  
2780.  Testing HTTP header response @ "/" 
2781.  
2782.  HTTP Status Code  302 Found, redirecting to "https://www.irs.gov/"
2783.  HTTP clock skew Got no HTTP time, maybe try different URL?
2784.  Strict Transport Security --
2785.  Public Key Pinning --
2786.  Server banner BigIP
2787.  Application banner --
2788.  Cookie(s) (none issued at "/") -- maybe better try target URL of 30x
2789.  Security headers --
2790.  Reverse Proxy banner --
2791.  
2792.  
2793.  Testing vulnerabilities 
2794.  
2795.  Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
2796.  CCS (CVE-2014-0224) likely not vulnerable (OK) - alert description type: 28
2797.  Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session ticket extension
2798.  ROBOT not vulnerable (OK)
2799.  Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
2800.  Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), DoS threat
2801.  CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
2802.  BREACH (CVE-2013-3587) no HTTP compression (OK)  - only supplied "/" tested
2803.  POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
2804.  TLS_FALLBACK_SCSV (RFC 7507) Probably OK. But received non-RFC-compliant "handshake failure" instead of "inappropriate fallback"
2805.  SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block ciphers
2806.  FREAK (CVE-2015-0204) not vulnerable (OK)
2807.  DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
2808. make sure you don't use this certificate elsewhere with SSLv2 enabled services
2809. https://censys.io/ipv4?q=A854DDBF787F852674D63D8E9D97F04C82A68B848C64D42778D07B55640C0026 could help you to find out
2810.  LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
2811.  BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA
2812. ECDHE-RSA-AES128-SHA
2813. AES256-SHA AES128-SHA
2814. ECDHE-RSA-DES-CBC3-SHA
2815. DES-CBC3-SHA 
2816. VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2817.  LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
2818.  RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
2819.  
2820.  
2821.  Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength 
2822.  
2823. Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2824. -----------------------------------------------------------------------------------------------------------------------------
2825. xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 384 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2826. xc028 ECDHE-RSA-AES256-SHA384 ECDH 384 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2827. xc014 ECDHE-RSA-AES256-SHA ECDH 384 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2828. x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
2829. x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
2830. x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
2831. xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 384 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2832. xc027 ECDHE-RSA-AES128-SHA256 ECDH 384 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
2833. xc013 ECDHE-RSA-AES128-SHA ECDH 384 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2834. x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
2835. x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
2836. x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
2837. xc012 ECDHE-RSA-DES-CBC3-SHA ECDH 384 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
2838. x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
2839.  
2840.  
2841.  Running client simulations via sockets 
2842.  
2843. Android 2.3.7 TLSv1.0 AES128-SHA
2844. Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
2845. Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
2846. Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
2847. Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 384 bit ECDH (P-384)
2848. Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
2849. Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2850. Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2851. Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2852. Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2853. Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2854. IE 6 XP No connection
2855. IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2856. IE 8 XP TLSv1.0 DES-CBC3-SHA
2857. IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2858. IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2859. IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2860. IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2861. IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2862. Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2863. Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2864. Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2865. Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2866. Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
2867. Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2868. Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2869. Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2870. Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2871. Java 6u45 TLSv1.0 AES128-SHA
2872. Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
2873. Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
2874. OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
2875. OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2876.  
2877.  Done 2017-12-30 15:09:59 [ 326s] -->> 166.123.218.220:443 (irs.gov) <<--
2878. #######################################################################################################################################
2879. Hostname www.space.gov.il ISP Tehila Project - Prime Minister Office's (AS8867)
2880. Continent Asia Flag
2881. IL
2882. Country Israel Country Code IL (ISR)
2883. Region Unknown Local time 30 Dec 2017 22:03 IST
2884. City Unknown Latitude 31.5
2885. IP Address 147.237.1.168 Longitude 34.75
2886. #######################################################################################################################################
2887. [i] Scanning Site: http://space.gov.il
2888.  
2889.  
2890.  
2891. B A S I C I N F O
2892. ====================
2893.  
2894.  
2895. [+] Site Title:
2896. [+] IP address: 147.237.1.168
2897. [+] Web Server: Could Not Detect
2898. [+] CMS: Could Not Detect
2899. [+] Cloudflare: Not Detected
2900. [+] Robots File: Could NOT Find robots.txt!
2901.  
2902.  
2903.  
2904.  
2905. W H O I S L O O K U P
2906. ========================
2907.  
2908.  
2909. % The data in the WHOIS database of the .il registry is provided
2910. % by ISOC-IL for information purposes, and to assist persons in
2911. % obtaining information about or related to a domain name
2912. % registration record. ISOC-IL does not guarantee its accuracy.
2913. % By submitting a WHOIS query, you agree that you will use this
2914. % Data only for lawful purposes and that, under no circumstances
2915. % will you use this Data to: (1) allow, enable, or otherwise
2916. % support the transmission of mass unsolicited, commercial
2917. % advertising or solicitations via e-mail (spam);
2918. % or (2) enable high volume, automated, electronic processes that
2919. % apply to ISOC-IL (or its systems).
2920. % ISOC-IL reserves the right to modify these terms at any time.
2921. % By submitting this query, you agree to abide by this policy.
2922.  
2923. % No data was found to match the request criteria.
2924.  
2925.  
2926. % Rights to the data above are restricted by copyright.
2927.  
2928.  
2929.  
2930.  
2931. G E O I P L O O K U P
2932. =========================
2933.  
2934. [i] IP Address: 147.237.1.168
2935. [i] Country: IL
2936. [i] State: N/A
2937. [i] City: N/A
2938. [i] Latitude: 31.500000
2939. [i] Longitude: 34.750000
2940.  
2941.  
2942.  
2943.  
2944. H T T P H E A D E R S
2945. =======================
2946.  
2947.  
2948. [i] HTTP/1.0 200 OK
2949. [i] Expires: Sat, 6 May 1995 12:00:00 GMT
2950. [i] P3P: CP=NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM
2951. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
2952. [i] Pragma: no-cache
2953. [i] Content-Length: 144
2954. [i] Connection: Close
2955.  
2956.  
2957.  
2958.  
2959. D N S L O O K U P
2960. ===================
2961.  
2962. space.gov.il. 599 IN A 147.237.1.168
2963.  
2964.  
2965.  
2966.  
2967. S U B N E T C A L C U L A T I O N
2968. ====================================
2969.  
2970. Address = 147.237.1.168
2971. Network = 147.237.1.168 / 32
2972. Netmask = 255.255.255.255
2973. Broadcast = not needed on Point-to-Point links
2974. Wildcard Mask = 0.0.0.0
2975. Hosts Bits = 0
2976. Max. Hosts = 1 (2^0 - 0)
2977. Host Range = { 147.237.1.168 - 147.237.1.168 }
2978.  
2979.  
2980.  
2981. N M A P P O R T S C A N
2982. ============================
2983.  
2984.  
2985. Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-30 20:11 UTC
2986. Nmap scan report for space.gov.il (147.237.1.168)
2987. Host is up (0.14s latency).
2988. PORT STATE SERVICE VERSION
2989. 21/tcp filtered ftp
2990. 22/tcp filtered ssh
2991. 23/tcp filtered telnet
2992. 25/tcp filtered smtp
2993. 80/tcp open http?
2994. 110/tcp filtered pop3
2995. 143/tcp filtered imap
2996. 443/tcp filtered https
2997. 445/tcp filtered microsoft-ds
2998. 3389/tcp filtered ms-wbt-server
2999. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
3000. SF-Port80-TCP:V=7.01I=0D=12/30Time=5A47F2E3P=x86_64-pc-linux-gnur(HTT
3001. SF:POptions,DD7,HTTP/1\.0\x20404\x20Not\x20Found\r\nContent-Type:\x20text
3002. SF:/html;\x20charset=UTF-8\r\nCache-Control:\x20no-cache\r\nPragma:\x20no-
3003. SF:cache\r\nExpires:\x200\r\nConnection:\x20close\r\n\r\n\n!DOCTYPE\x20ht
3004. SF:ml\nhtml\x20lang=\he\\nhead\n\x20\x20\x20\x20titleerror\x20pag
3005. SF:e/title\n\x20\x20\x20\x20meta\x20charset=\utf-8\\n\x20\x20\x20\x2
3006. SF:0meta\x20name=\viewport\\x20content=\width=device-width,\x20initial
3007. SF:-scale=1\.0,\x20user-scalable=yes\\n\x20\x20\x20\x20meta\x20http-equ
3008. SF:iv=\X-UA-Compatible\\x20content=\IE=edge,chrome=1\\n\x20\x20\x20\x
3009. SF:20style\n\x20\x20\x20\x20\x20\x20\x20\x20\*\x20{\n\x20\x20\x20\x20\x2
3010. SF:0\x20\x20\x20\x20\x20\x20\x20-webkit-box-sizing:border-box;\n\x20\x20\x
3011. SF:20\x20\x20\x20\x20\x20\x20\x20\x20\x20-moz-box-sizing:border-box;\n\x20
3012. SF:\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20box-sizing:border-box;\n\x2
3013. SF:0\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3014. SF:0\x20\x20\x20\x20body\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3015. SF:0\x20direction:rtl;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20te
3016. SF:xt-align:right;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20height
3017. SF::\x20100;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20font-fa
3018. SF:mily:arial;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20di
3019. SF:splay:flex;\n\x20\x20\x20\x20margin:\x200;\n\x20\x20\x20\x20\x20\x20\x2
3020. SF:0\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20header\n\x20\x20\x20\x20\x20\x2
3021. SF:0\x20\x20\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20height:
3022. SF:90px;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20color:#285c7e;\n
3023. SF:\x20\x20\x20\x20\x20\x20\x20\x20}\n\.wra\x20{\n\x20\x20\x20\x20flex:1\x
3024. SF:201\x20auto;\n\x20\x20\x20\x20display:\x20flex;\n\x20\x20\x20\x20flex-f
3025. SF:low:column\x20nowrap)r(RTSPRequest,DD7,HTTP/1\.0\x20404\x20Not\x20Fo
3026. SF:und\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nCache-Control:\x
3027. SF:20no-cache\r\nPragma:\x20no-cache\r\nExpires:\x200\r\nConnection:\x20cl
3028. SF:ose\r\n\r\n\n!DOCTYPE\x20html\nhtml\x20lang=\he\\nhead\n\x20\x2
3029. SF:0\x20\x20titleerror\x20page/title\n\x20\x20\x20\x20meta\x20charset
3030. SF:=\utf-8\\n\x20\x20\x20\x20meta\x20name=\viewport\\x20content=\wi
3031. SF:dth=device-width,\x20initial-scale=1\.0,\x20user-scalable=yes\\n\x20\
3032. SF:x20\x20\x20meta\x20http-equiv=\X-UA-Compatible\\x20content=\IE=edge
3033. SF:,chrome=1\\n\x20\x20\x20\x20style\n\x20\x20\x20\x20\x20\x20\x20\x20
3034. SF:\*\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20-webkit-box-si
3035. SF:zing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20-moz-
3036. SF:box-sizing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3037. SF:0box-sizing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x2
3038. SF:0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20body\x20{\n\x20\x20\x20\x2
3039. SF:0\x20\x20\x20\x20\x20\x20\x20\x20direction:rtl;\n\x20\x20\x20\x20\x20\x
3040. SF:20\x20\x20\x20\x20\x20\x20text-align:right;\n\x20\x20\x20\x20\x20\x20\x
3041. SF:20\x20\x20\x20\x20\x20height:\x20100;\n\x20\x20\x20\x20\x20\x20\x20\x2
3042. SF:0\x20\x20\x20\x20\x20font-family:arial;\n\x20\x20\x20\x20\x20\x20\x20\x
3043. SF:20\x20\x20\x20\x20\x20\x20display:flex;\n\x20\x20\x20\x20margin:\x200;\
3044. SF:n\x20\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20hea
3045. SF:der\n\x20\x20\x20\x20\x20\x20\x20\x20\x20{\n\x20\x20\x20\x20\x20\x20\x2
3046. SF:0\x20\x20\x20\x20\x20height:90px;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20
3047. SF:\x20\x20\x20color:#285c7e;\n\x20\x20\x20\x20\x20\x20\x20\x20}\n\.wra\x2
3048. SF:0{\n\x20\x20\x20\x20flex:1\x201\x20auto;\n\x20\x20\x20\x20display:\x20f
3049. SF:lex;\n\x20\x20\x20\x20flex-flow:column\x20nowrap);
3050.  
3051. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3052. Nmap done: 1 IP address (1 host up) scanned in 15.38 seconds
3053.  
3054.  
3055.  
3056. S U B - D O M A I N F I N D E R
3057. ==================================
3058.  
3059.  
3060. [i] Total Subdomains Found : 2
3061.  
3062. [+] Subdomain: www.space.gov.il
3063. [-] IP: 147.237.1.168
3064.  
3065. [+] Subdomain: acssesability.space.gov.il
3066. [-] IP: 147.237.1.168
3067. [!] IP Address : 147.237.1.168
3068. [!] www.space.gov.il doesn't seem to use a CMS
3069. [+] Honeypot Probabilty: 0%
3070. ----------------------------------------
3071. PORT STATE SERVICE VERSION
3072. 21/tcp filtered ftp
3073. 22/tcp filtered ssh
3074. 23/tcp filtered telnet
3075. 25/tcp filtered smtp
3076. 80/tcp open http?
3077. 110/tcp filtered pop3
3078. 143/tcp filtered imap
3079. 443/tcp filtered https
3080. 445/tcp filtered microsoft-ds
3081. 3389/tcp filtered ms-wbt-server
3082. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
3083. SF-Port80-TCP:V=7.01I=0D=12/30Time=5A47F2A6P=x86_64-pc-linux-gnur(HTT
3084. SF:POptions,DD7,HTTP/1\.0\x20404\x20Not\x20Found\r\nContent-Type:\x20text
3085. SF:/html;\x20charset=UTF-8\r\nCache-Control:\x20no-cache\r\nPragma:\x20no-
3086. SF:cache\r\nExpires:\x200\r\nConnection:\x20close\r\n\r\n\n!DOCTYPE\x20ht
3087. SF:ml\nhtml\x20lang=\he\\nhead\n\x20\x20\x20\x20titleerror\x20pag
3088. SF:e/title\n\x20\x20\x20\x20meta\x20charset=\utf-8\\n\x20\x20\x20\x2
3089. SF:0meta\x20name=\viewport\\x20content=\width=device-width,\x20initial
3090. SF:-scale=1\.0,\x20user-scalable=yes\\n\x20\x20\x20\x20meta\x20http-equ
3091. SF:iv=\X-UA-Compatible\\x20content=\IE=edge,chrome=1\\n\x20\x20\x20\x
3092. SF:20style\n\x20\x20\x20\x20\x20\x20\x20\x20\*\x20{\n\x20\x20\x20\x20\x2
3093. SF:0\x20\x20\x20\x20\x20\x20\x20-webkit-box-sizing:border-box;\n\x20\x20\x
3094. SF:20\x20\x20\x20\x20\x20\x20\x20\x20\x20-moz-box-sizing:border-box;\n\x20
3095. SF:\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20box-sizing:border-box;\n\x2
3096. SF:0\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3097. SF:0\x20\x20\x20\x20body\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3098. SF:0\x20direction:rtl;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20te
3099. SF:xt-align:right;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20height
3100. SF::\x20100;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20font-fa
3101. SF:mily:arial;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20di
3102. SF:splay:flex;\n\x20\x20\x20\x20margin:\x200;\n\x20\x20\x20\x20\x20\x20\x2
3103. SF:0\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20header\n\x20\x20\x20\x20\x20\x2
3104. SF:0\x20\x20\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20height:
3105. SF:90px;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20color:#285c7e;\n
3106. SF:\x20\x20\x20\x20\x20\x20\x20\x20}\n\.wra\x20{\n\x20\x20\x20\x20flex:1\x
3107. SF:201\x20auto;\n\x20\x20\x20\x20display:\x20flex;\n\x20\x20\x20\x20flex-f
3108. SF:low:column\x20nowrap)r(RTSPRequest,DD7,HTTP/1\.0\x20404\x20Not\x20Fo
3109. SF:und\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nCache-Control:\x
3110. SF:20no-cache\r\nPragma:\x20no-cache\r\nExpires:\x200\r\nConnection:\x20cl
3111. SF:ose\r\n\r\n\n!DOCTYPE\x20html\nhtml\x20lang=\he\\nhead\n\x20\x2
3112. SF:0\x20\x20titleerror\x20page/title\n\x20\x20\x20\x20meta\x20charset
3113. SF:=\utf-8\\n\x20\x20\x20\x20meta\x20name=\viewport\\x20content=\wi
3114. SF:dth=device-width,\x20initial-scale=1\.0,\x20user-scalable=yes\\n\x20\
3115. SF:x20\x20\x20meta\x20http-equiv=\X-UA-Compatible\\x20content=\IE=edge
3116. SF:,chrome=1\\n\x20\x20\x20\x20style\n\x20\x20\x20\x20\x20\x20\x20\x20
3117. SF:\*\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20-webkit-box-si
3118. SF:zing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20-moz-
3119. SF:box-sizing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
3120. SF:0box-sizing:border-box;\n\x20\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x2
3121. SF:0\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20body\x20{\n\x20\x20\x20\x2
3122. SF:0\x20\x20\x20\x20\x20\x20\x20\x20direction:rtl;\n\x20\x20\x20\x20\x20\x
3123. SF:20\x20\x20\x20\x20\x20\x20text-align:right;\n\x20\x20\x20\x20\x20\x20\x
3124. SF:20\x20\x20\x20\x20\x20height:\x20100;\n\x20\x20\x20\x20\x20\x20\x20\x2
3125. SF:0\x20\x20\x20\x20\x20font-family:arial;\n\x20\x20\x20\x20\x20\x20\x20\x
3126. SF:20\x20\x20\x20\x20\x20\x20display:flex;\n\x20\x20\x20\x20margin:\x200;\
3127. SF:n\x20\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x20\x20\x20\x20\x20\x20hea
3128. SF:der\n\x20\x20\x20\x20\x20\x20\x20\x20\x20{\n\x20\x20\x20\x20\x20\x20\x2
3129. SF:0\x20\x20\x20\x20\x20height:90px;\n\x20\x20\x20\x20\x20\x20\x20\x20\x20
3130. SF:\x20\x20\x20color:#285c7e;\n\x20\x20\x20\x20\x20\x20\x20\x20}\n\.wra\x2
3131. SF:0{\n\x20\x20\x20\x20flex:1\x201\x20auto;\n\x20\x20\x20\x20display:\x20f
3132. SF:lex;\n\x20\x20\x20\x20flex-flow:column\x20nowrap);
3133. ----------------------------------------
3134.  
3135. [+] DNS Records
3136.  
3137. [+] Host Records (A)
3138. www.space.gov.il (147.237.1.168) AS8867 Tehila Project - Prime Minister Office's Israel
3139.  
3140. [+] TXT Records
3141.  
3142. [+] DNS Map: https://dnsdumpster.com/static/map/www.space.gov.il.png
3143.  
3144. [>] Initiating 3 intel modules
3145. [>] Loading Alpha module (1/3)
3146. [>] Beta module deployed (2/3)
3147. [>] Gamma module initiated (3/3)
3148. No emails found
3149. No hosts found
3150. [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +
3151. Server: 192.168.1.254
3152. Address: 192.168.1.254#53
3153.  
3154. Non-authoritative answer:
3155. Name: space.gov.il
3156. Address: 147.237.1.168
3157.  
3158. space.gov.il has address 147.237.1.168
3159.  + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
3160.  
3161. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
3162.  
3163. [+] Target is space.gov.il
3164. [+] Loading modules.
3165. [+] Following modules are loaded:
3166. [x] [1] ping:icmp_ping - ICMP echo discovery module
3167. [x] [2] ping:tcp_ping - TCP-based ping discovery module
3168. [x] [3] ping:udp_ping - UDP-based ping discovery module
3169. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
3170. [x] [5] infogather:portscan - TCP and UDP PortScanner
3171. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
3172. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
3173. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
3174. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
3175. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
3176. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
3177. [x] [12] fingerprint:smb - SMB fingerprinting module
3178. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
3179. [+] 13 modules registered
3180. [+] Initializing scan engine
3181. [+] Running scan engine
3182. [-] ping:tcp_ping module: no closed/open TCP ports known on 147.237.1.168. Module test failed
3183. [-] ping:udp_ping module: no closed/open UDP ports known on 147.237.1.168. Module test failed
3184. [-] No distance calculation. 147.237.1.168 appears to be dead or no ports known
3185. [+] Host: 147.237.1.168 is down (Guess probability: 0%)
3186. [+] Cleaning up scan engine
3187. [+] Modules deinitialized
3188. [+] Execution completed.
3189.  + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
3190.  
3191. % The data in the WHOIS database of the .il registry is provided
3192. % by ISOC-IL for information purposes, and to assist persons in
3193. % obtaining information about or related to a domain name
3194. % registration record. ISOC-IL does not guarantee its accuracy.
3195. % By submitting a WHOIS query, you agree that you will use this
3196. % Data only for lawful purposes and that, under no circumstances
3197. % will you use this Data to: (1) allow, enable, or otherwise
3198. % support the transmission of mass unsolicited, commercial
3199. % advertising or solicitations via e-mail (spam);
3200. % or (2) enable high volume, automated, electronic processes that
3201. % apply to ISOC-IL (or its systems).
3202. % ISOC-IL reserves the right to modify these terms at any time.
3203. % By submitting this query, you agree to abide by this policy.
3204.  
3205. % No data was found to match the request criteria.
3206.  
3207.  
3208. % Rights to the data above are restricted by copyright.
3209.  + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
3210.  
3211. *******************************************************************
3212. * *
3213. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
3214. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
3215. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
3216. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
3217. * *
3218. * TheHarvester Ver. 2.7 *
3219. * Coded by Christian Martorella *
3220. * Edge-Security Research *
3221. * cmartorella@edge-security.com *
3222. *******************************************************************
3223.  
3224.  
3225. Full harvest..
3226. [-] Searching in Google..
3227. Searching 0 results...
3228. Searching 100 results...
3229. Searching 200 results...
3230. [-] Searching in PGP Key server..
3231. [-] Searching in Bing..
3232. Searching 50 results...
3233. Searching 100 results...
3234. Searching 150 results...
3235. Searching 200 results...
3236. [-] Searching in Exalead..
3237. Searching 50 results...
3238. Searching 100 results...
3239. Searching 150 results...
3240. Searching 200 results...
3241. Searching 250 results...
3242.  
3243.  
3244. [+] Emails found:
3245. ------------------
3246. No emails found
3247.  
3248. [+] Hosts found in search engines:
3249. ------------------------------------
3250. [-] Resolving hostnames IPs...
3251. 147.237.1.168:acssesability.space.gov.il
3252. 147.237.1.168:www.space.gov.il
3253. [+] Virtual hosts:
3254. ==================
3255. 147.237.1.168 www.space.gov.il
3256.  
3257. ******************************************************
3258. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
3259. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
3260. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
3261. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
3262. * |___/ *
3263. * Metagoofil Ver 2.2 *
3264. * Christian Martorella *
3265. * Edge-Security.com *
3266. * cmartorella_at_edge-security.com *
3267. ******************************************************
3268.  
3269. [-] Starting online search...
3270.  
3271. [-] Searching for doc files, with a limit of 200
3272. Searching 100 results...
3273. Searching 200 results...
3274. Results: 0 files found
3275. Starting to download 50 of them:
3276. ----------------------------------------
3277.  
3278.  
3279. [-] Searching for pdf files, with a limit of 200
3280. Searching 100 results...
3281. Searching 200 results...
3282. Results: 0 files found
3283. Starting to download 50 of them:
3284. ----------------------------------------
3285.  
3286.  
3287. [-] Searching for xls files, with a limit of 200
3288. Searching 100 results...
3289. Searching 200 results...
3290. Results: 0 files found
3291. Starting to download 50 of them:
3292. ----------------------------------------
3293.  
3294.  
3295. [-] Searching for csv files, with a limit of 200
3296. Searching 100 results...
3297. Searching 200 results...
3298. Results: 0 files found
3299. Starting to download 50 of them:
3300. ----------------------------------------
3301.  
3302.  
3303. [-] Searching for txt files, with a limit of 200
3304. Searching 100 results...
3305. Searching 200 results...
3306. Results: 0 files found
3307. Starting to download 50 of them:
3308. ----------------------------------------
3309.  
3310. processing
3311. user
3312. email
3313.  
3314. [+] List of users found:
3315. --------------------------
3316.  
3317. [+] List of software found:
3318. -----------------------------
3319.  
3320. [+] List of paths and servers found:
3321. ---------------------------------------
3322.  
3323. [+] List of e-mails found:
3324. ----------------------------
3325.  + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
3326.  
3327. ; <<>> DiG 9.11.2-5-Debian <<>> -x space.gov.il
3328. ;; global options: +cmd
3329. ;; Got answer:
3330. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23902
3331. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
3332.  
3333. ;; OPT PSEUDOSECTION:
3334. ; EDNS: version: 0, flags:; udp: 4096
3335. ;; QUESTION SECTION:
3336. ;il.gov.space.in-addr.arpa. IN PTR
3337.  
3338. ;; AUTHORITY SECTION:
3339. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102519 1800 900 604800 3600
3340.  
3341. ;; Query time: 120 msec
3342. ;; SERVER: 192.168.1.254#53(192.168.1.254)
3343. ;; WHEN: Sat Dec 30 15:07:47 EST 2017
3344. ;; MSG SIZE rcvd: 122
3345.  
3346. dnsenum VERSION:1.2.4
3347. 
3348. ----- space.gov.il -----
3349. 
3350.  
3351. Host's addresses:
3352. __________________
3353.  
3354. space.gov.il. 466 IN A 147.237.1.168
3355. 
3356.  
3357. Name Servers:
3358. ______________
3359.  
3360.  + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
3361. 
3362. ____ _ _ _ _ _____
3363. / ___| _ _| |__ | (_)___| |_|___ / _ __
3364. \___ \| | | | '_ \| | / __| __| |_ \| '__|
3365. ___) | |_| | |_) | | \__ \ |_ ___) | |
3366. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
3367.  
3368. # Coded By Ahmed Aboul-Ela - @aboul3la
3369.  
3370. [-] Enumerating subdomains now for space.gov.il
3371. [-] verbosity is enabled, will show the subdomains results in realtime
3372. [-] Searching now in Baidu..
3373. [-] Searching now in Yahoo..
3374. [-] Searching now in Google..
3375. [-] Searching now in Bing..
3376. [-] Searching now in Ask..
3377. [-] Searching now in Netcraft..
3378. [-] Searching now in DNSdumpster..
3379. [-] Searching now in Virustotal..
3380. [-] Searching now in ThreatCrowd..
3381. [-] Searching now in SSL Certificates..
3382. [-] Searching now in PassiveDNS..
3383. Yahoo: www.space.gov.il
3384. Virustotal: www.space.gov.il
3385. Virustotal: acssesability.space.gov.il
3386. DNSdumpster: www.space.gov.il
3387. DNSdumpster: acssesability.space.gov.il
3388. DNSdumpster: e.space.gov.il
3389. Google: acssesability.space.gov.il
3390. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-space.gov.il.txt
3391. [-] Total Unique Subdomains Found: 3
3392. www.space.gov.il
3393. acssesability.space.gov.il
3394. e.space.gov.il
3395.  
3396.  ╔═╗╦═╗╔╦╗╔═╗╦ ╦
3397.  ║ ╠╦╝ ║ ╚═╗╠═╣
3398.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
3399.  + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
3400. 
3401.  [+] Domains saved to: /usr/share/sniper/loot/domains/domains-space.gov.il-full.txt
3402. 
3403.  + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
3404.  + -- ----------------------------=[Checking Email Security]=----------------- -- +
3405.  
3406.  + -- ----------------------------=[Pinging host]=---------------------------- -- +
3407. PING space.gov.il (147.237.1.168) 56(84) bytes of data.
3408.  
3409. --- space.gov.il ping statistics ---
3410. 1 packets transmitted, 0 received, 100% packet loss, time 0ms
3411.  
3412.  
3413.  + -- ----------------------------=[Running TCP port scan]=------------------- -- +
3414.  
3415. Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-30 15:08 EST
3416. Nmap done: 1 IP address (1 host up) scanned in 25.45 seconds
3417.  
3418.  + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
3419.  + -- --=[Port 21 closed... skipping.
3420.  + -- --=[Port 22 closed... skipping.
3421.  + -- --=[Port 23 closed... skipping.
3422.  + -- --=[Port 25 closed... skipping.
3423.  + -- --=[Port 53 closed... skipping.
3424.  + -- --=[Port 79 closed... skipping.
3425.  + -- --=[Port 80 closed... skipping.
3426.  + -- --=[Port 110 closed... skipping.
3427.  + -- --=[Port 111 closed... skipping.
3428.  + -- --=[Port 135 closed... skipping.
3429.  + -- --=[Port 139 closed... skipping.
3430.  + -- --=[Port 161 closed... skipping.
3431.  + -- --=[Port 162 closed... skipping.
3432.  + -- --=[Port 389 closed... skipping.
3433.  + -- --=[Port 443 closed... skipping.
3434.  + -- --=[Port 445 closed... skipping.
3435.  + -- --=[Port 512 closed... skipping.
3436.  + -- --=[Port 513 closed... skipping.
3437.  + -- --=[Port 514 closed... skipping.
3438.  + -- --=[Port 623 closed... skipping.
3439.  + -- --=[Port 624 closed... skipping.
3440.  + -- --=[Port 1099 closed... skipping.
3441.  + -- --=[Port 1433 closed... skipping.
3442.  + -- --=[Port 2049 closed... skipping.
3443.  + -- --=[Port 2121 closed... skipping.
3444.  + -- --=[Port 3306 closed... skipping.
3445.  + -- --=[Port 3310 closed... skipping.
3446.  + -- --=[Port 3128 closed... skipping.
3447.  + -- --=[Port 3389 closed... skipping.
3448.  + -- --=[Port 3632 closed... skipping.
3449.  + -- --=[Port 4443 closed... skipping.
3450.  + -- --=[Port 5432 closed... skipping.
3451.  + -- --=[Port 5800 closed... skipping.
3452.  + -- --=[Port 5900 closed... skipping.
3453.  + -- --=[Port 5984 closed... skipping.
3454.  + -- --=[Port 6000 closed... skipping.
3455.  + -- --=[Port 6667 closed... skipping.
3456.  + -- --=[Port 8000 closed... skipping.
3457.  + -- --=[Port 8100 closed... skipping.
3458.  + -- --=[Port 8080 closed... skipping.
3459.  + -- --=[Port 8180 closed... skipping.
3460.  + -- --=[Port 8443 closed... skipping.
3461.  + -- --=[Port 8888 closed... skipping.
3462.  + -- --=[Port 10000 closed... skipping.
3463.  + -- --=[Port 16992 closed... skipping.
3464.  + -- --=[Port 27017 closed... skipping.
3465.  + -- --=[Port 27018 closed... skipping.
3466.  + -- --=[Port 27019 closed... skipping.
3467.  + -- --=[Port 28017 closed... skipping.
3468.  + -- --=[Port 49152 closed... skipping.
3469.  + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
3470.  + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +
3471.  + -- ----------------------------=[Running Brute Force]=--------------------- -- +
3472.  __________ __ ____ ___
3473.  \______ \_______ __ ___/ |_ ____ \ \/ /
3474.  | | _/\_ __ \ | \ __\/ __ \ \ / 
3475.  | | \ | | \/ | /| | \ ___/ / \ 
3476.  |______ / |__| |____/ |__| \___ >___/\ \ 
3477.  \/ \/ \_/
3478.  
3479.  + -- --=[BruteX v1.7 by 1N3
3480.  + -- --=[http://crowdshield.com
3481.  
3482.  
3483. ################################### Running Port Scan ##############################
3484.  
3485. Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-30 15:08 EST
3486. Nmap done: 1 IP address (1 host up) scanned in 4.23 seconds
3487.  
3488. ################################### Running Brute Force ############################
3489.  
3490.  + -- --=[Port 21 closed... skipping.
3491.  + -- --=[Port 22 closed... skipping.
3492.  + -- --=[Port 23 closed... skipping.
3493.  + -- --=[Port 25 closed... skipping.
3494.  + -- --=[Port 80 closed... skipping.
3495.  + -- --=[Port 110 closed... skipping.
3496.  + -- --=[Port 139 closed... skipping.
3497.  + -- --=[Port 162 closed... skipping.
3498.  + -- --=[Port 389 closed... skipping.
3499.  + -- --=[Port 443 closed... skipping.
3500.  + -- --=[Port 445 closed... skipping.
3501.  + -- --=[Port 512 closed... skipping.
3502.  + -- --=[Port 513 closed... skipping.
3503.  + -- --=[Port 514 closed... skipping.
3504.  + -- --=[Port 993 closed... skipping.
3505.  + -- --=[Port 1433 closed... skipping.
3506.  + -- --=[Port 1521 closed... skipping.
3507.  + -- --=[Port 3306 closed... skipping.
3508.  + -- --=[Port 3389 closed... skipping.
3509.  + -- --=[Port 5432 closed... skipping.
3510.  + -- --=[Port 5900 closed... skipping.
3511.  + -- --=[Port 5901 closed... skipping.
3512.  + -- --=[Port 8000 closed... skipping.
3513.  + -- --=[Port 8080 closed... skipping.
3514.  + -- --=[Port 8100 closed... skipping.
3515.  + -- --=[Port 6667 closed... skipping.
3516.  
3517. ################################### Done! ###########################################
3518. #######################################################################################################################################