Guest User

Untitled

a guest
Sep 14th, 2016
189
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. PRELIM TARGET ANALYSIS
  2.  
  3.  
  4. CONNECTED
  5.  
  6.  
  7. ALQASSAM.PS
  8.  
  9.  
  10. nslookup alqassam.ps
  11. Server: 127.0.1.1
  12. Address: 127.0.1.1#53
  13.  
  14. Non-authoritative answer:
  15. Name: alqassam.ps
  16. Address: 104.20.83.38
  17. Name: alqassam.ps
  18. Address: 104.20.82.38
  19.  
  20. dig 104.20.82.38
  21.  
  22. ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> 104.20.82.38
  23. ;; global options: +cmd
  24. ;; Got answer:
  25. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61475
  26. ;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
  27.  
  28. ;; QUESTION SECTION:
  29. ;104.20.82.38. IN A
  30.  
  31. ;; ANSWER SECTION:
  32. 104.20.82.38. 0 IN A 104.20.82.38
  33.  
  34. ;; Query time: 0 msec
  35. ;; SERVER: 127.0.1.1#53(127.0.1.1)
  36. ;; WHEN: Tue Sep 13 22:52:39 MDT 2016
  37. ;; MSG SIZE rcvd: 46
  38.  
  39.  
  40. Host is up (0.22s latency).
  41.  
  42. TRACEROUTE (using port 80/tcp)
  43. HOP RTT ADDRESS
  44.  
  45. 1 259.43 ms 193.107.86.246
  46. 2 192.86 ms 82.221.168.253
  47. 3 234.84 ms ADVANIA-HF.ear2.Amsterdam1.Level3.net (212.72.47.118)
  48. 4 234.77 ms 6-2-4.ear2.Amsterdam1.Level3.net (212.72.47.117)
  49. 5 225.70 ms ae-240-3616.edge6.Amsterdam1.Level3.net (4.69.162.254)
  50. 6 234.92 ms 4.68.111.178
  51. 7 226.71 ms cloudflare-ic-304618-adm-b4.c.telia.net (62.115.36.94)
  52. 8 226.68 ms 104.20.82.38
  53.  
  54. Nmap done: 1 IP address (1 host up) scanned in 26.73 seconds
  55.  
  56. map scan report for 104.20.82.38
  57.  
  58. Host is up (0.21s latency).
  59. Not shown: 96 filtered ports
  60.  
  61. PORT STATE SERVICE VERSION
  62. 80/tcp open http cloudflare-nginx
  63. 443/tcp open ssl/https?
  64. 8080/tcp open http cloudflare-nginx
  65. 8443/tcp open ssl/https-alt?
  66. 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
  67. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  68. SF-Port443-TCP:V=6.40%T=SSL%I=2%D=9/13%Time=57D8D848%P=x86_64-pc-linux-gnu
  69. SF:%r(GetRequest,147,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20cloudfla
  70. SF:re-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202016\x2004:55:36\x20GMT\r\nCo
  71. SF:ntent-Type:\x20text/html\r\nContent-Length:\x20173\r\nConnection:\x20cl
  72. SF:ose\r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\n<b
  73. SF:ody\x20bgcolor=\"white\">\r\n<center><h1>403\x20Forbidden</h1></center>
  74. SF:\r\n<hr><center>cloudflare-nginx</center>\r\n</body>\r\n</html>\r\n")%r
  75. SF:(SSLSessionReq,14D,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20cl
  76. SF:oudflare-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202016\x2004:55:43\x20GMT
  77. SF:\r\nContent-Type:\x20text/html\r\nContent-Length:\x20177\r\nConnection:
  78. SF:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></
  79. SF:head>\r\n<body\x20bgcolor=\"white\">\r\n<center><h1>400\x20Bad\x20Reque
  80. SF:st</h1></center>\r\n<hr><center>cloudflare-nginx</center>\r\n</body>\r\
  81. SF:n</html>\r\n");
  82. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  83. SF-Port8443-TCP:V=6.40%T=SSL%I=2%D=9/13%Time=57D8D853%P=x86_64-pc-linux-gn
  84. SF:u%r(GetRequest,14E,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Wed,
  85. SF:\x2014\x20Sep\x202016\x2004:55:47\x20GMT\r\nContent-Type:\x20text/html\
  86. SF:r\nContent-Length:\x20177\r\nConnection:\x20close\r\nServer:\x20-nginx\
  87. SF:r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</ti
  88. SF:tle></head>\r\n<body\x20bgcolor=\"white\">\r\n<center><h1>400\x20Bad\x2
  89. SF:0Request</h1></center>\r\n<hr><center>cloudflare-nginx</center>\r\n</bo
  90. SF:dy>\r\n</html>\r\n")%r(SSLSessionReq,14D,"HTTP/1\.1\x20400\x20Bad\x20Re
  91. SF:quest\r\nServer:\x20cloudflare-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202
  92. SF:016\x2004:55:48\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:
  93. SF:\x20177\r\nConnection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Ba
  94. SF:d\x20Request</title></head>\r\n<body\x20bgcolor=\"white\">\r\n<center><
  95. SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare-nginx<
  96. SF:/center>\r\n</body>\r\n</html>\r\n");
  97. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  98. Aggressive OS guesses: Crestron XPanel control system (90%), Netgear DG834G WAP or Western Digital WD TV media player (90%), OpenWrt White Russian 0.9 (Linux 2.4.30) (88%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (88%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (88%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6) (87%), Linux 2.6.32 - 3.3 (86%)
  99. No exact OS matches for host (test conditions non-ideal).
  100.  
  101. OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  102. Nmap done: 1 IP address (1 host up) scanned in 56.19 seconds
  103.  
  104. whois alqassam.ps
  105. Domain Name: alqassam.ps
  106. Domain ID: 21167-PS
  107. WHOIS Server: 46.4.21.12
  108. Referral URL:
  109. Creation Date: 2005-04-10T22:00:00.000Z
  110. Registry Expiry Date: 2019-04-10T21:00:00.000Z
  111. Sponsoring Registrar: maktab
  112. Sponsoring Registrar IANA ID:
  113. Domain Status: ok
  114.  
  115. Registrant ID: 21162-PS
  116. Registrant Name: ehab ahmad
  117. Registrant Street: gaza
  118. Registrant City: gaza
  119. Registrant State/Province:
  120. Registrant Postal Code:
  121. Registrant Country: PS
  122. Registrant Phone: +972.080000000
  123. Registrant Phone Ext:
  124.  
  125. Admin ID: 21162-PS
  126. Admin Name: ehab ahmad
  127. Admin Street: gaza
  128. Admin City: gaza
  129. Admin State/Province:
  130. Admin Postal Code:
  131. Admin Country: PS
  132. Admin Phone: +972.080000000
  133. Admin Phone Ext:
  134.  
  135. Billing ID: 21162-PS
  136. Billing Name: ehab ahmad
  137. Billing Street: gaza
  138. Billing City: gaza
  139. Billing State/Province:
  140. Billing Postal Code:
  141. Billing Country: PS
  142. Billing Phone: +972.080000000
  143. Billing Phone Ext:
  144.  
  145. Tech ID: 21162-PS
  146. Tech Name: ehab ahmad
  147. Tech Street: gaza
  148. Tech City: gaza
  149. Tech State/Province:
  150. Tech Postal Code:
  151. Tech Country: PS
  152. Tech Phone: +972.080000000
  153. Tech Phone Ext:
  154.  
  155. Name Server: alex.ns.cloudflare.com
  156. Name Server: coco.ns.cloudflare.com
  157.  
  158. DNSSEC: unsigned
  159.  
  160. Additional Section
  161.  
  162. Sponsoring Registrar URL:
  163. Sponsoring Registrar Address: El Wehda St., El Amal Building - Gaza
  164. Sponsoring Registrar Phone: +970.82861617
  165. Sponsoring Registrar Fax: +970.82861618
  166.  
  167.  
  168. RELATED SERVERS
  169. cloudflare-ic-304618-adm-b4.c.telia.net has address 62.115.36.94
  170.  
  171. ae-130-3516.edge6.Amsterdam1.Level3.net has address 4.69.162.238
  172.  
  173. ae-240-3616.edge6.Amsterdam1.Level3.net has address 4.69.162.254
  174.  
  175. ADVANIA-HF.ear2.Amsterdam1.Level3.net has address 212.72.47.118
  176.  
  177. ALEMARA1.ORG
  178. *** Using the google directives search of site:alemara1.org, yielded multiple propaganda articles mostly in regard to " mujahideen emirates fighters"***
  179.  
  180. nslookup alemara1.org
  181.  
  182. Server: 127.0.1.1
  183. Address: 127.0.1.1#53
  184.  
  185. Non-authoritative answer:
  186. Name: alemara1.org
  187. Address: 104.20.64.150
  188. Name: alemara1.org
  189. Address: 104.20.63.150
  190.  
  191. dig alemara1.org
  192.  
  193. ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> alemara1.org
  194. ;; global options: +cmd
  195. ;; Got answer:
  196. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38557
  197. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
  198.  
  199. ;; OPT PSEUDOSECTION:
  200. ; EDNS: version: 0, flags:; udp: 4000
  201. ;; QUESTION SECTION:
  202. ;alemara1.org. IN A
  203.  
  204. ;; ANSWER SECTION:
  205. alemara1.org. 300 IN A 104.20.64.150
  206. alemara1.org. 300 IN A 104.20.63.150
  207.  
  208. ;; Query time: 266 msec
  209. ;; SERVER: 127.0.1.1#53(127.0.1.1)
  210. ;; WHEN: Tue Sep 13 20:31:53 MDT 2016
  211. ;; MSG SIZE rcvd: 73
  212.  
  213.  
  214. whois alemara1.org
  215.  
  216. Domain Name: ALEMARA1.ORG
  217. Domain ID: D163557906-LROR
  218. WHOIS Server:
  219. Referral URL: http://www.PublicDomainRegistry.com
  220. Updated Date: 2015-09-20T06:00:20Z
  221. Creation Date: 2011-10-10T07:15:51Z
  222. Registry Expiry Date: 2016-10-10T07:15:51Z
  223. Sponsoring Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
  224. Sponsoring Registrar IANA ID: 303
  225. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  226. Registrant ID: DI_18266524
  227. Registrant Name: tariq ghazniwal
  228. Registrant Organization: iea
  229. Registrant Street: kherkhan
  230. Registrant City: kabul
  231. Registrant State/Province: kabul
  232. Registrant Postal Code: 4500
  233. Registrant Country: AF
  234. Registrant Phone: +93.0979423289
  235. Registrant Phone Ext:
  236. Registrant Fax: +93.797300000
  237. Registrant Fax Ext:
  238. Registrant Email: tariqghazniwal@yahoo.com
  239. Admin ID: DI_18266524
  240. Admin Name: tariq ghazniwal
  241. Admin Organization: iea
  242. Admin Street: kherkhan
  243. Admin City: kabul
  244. Admin State/Province: kabul
  245. Admin Postal Code: 4500
  246. Admin Country: AF
  247. Admin Phone: +93.0979423289
  248. Admin Phone Ext:
  249. Admin Fax: +93.797300000
  250. Admin Fax Ext:
  251. Admin Email: tariqghazniwal@yahoo.com
  252. Tech ID: DI_18266524
  253. Tech Name: tariq ghazniwal
  254. Tech Organization: iea
  255. Tech Street: kherkhan
  256. Tech City: kabul
  257. Tech State/Province: kabul
  258. Tech Postal Code: 4500
  259. Tech Country: AF
  260. Tech Phone: +93.0979423289
  261. Tech Phone Ext:
  262. Tech Fax: +93.797300000
  263. Tech Fax Ext:
  264. Tech Email: tariqghazniwal@yahoo.com
  265. Name Server: ZARA.NS.CLOUDFLARE.COM
  266. Name Server: LLOYD.NS.CLOUDFLARE.COM
  267. DNSSEC: unsigned
  268. >>> Last update of WHOIS database: 2016-09-13T22:15:29Z <<<
  269.  
  270. Nmap scan report for 104.20.64.150
  271. Host is up (0.35s latency).
  272.  
  273. TRACEROUTE (using port 443/tcp)
  274. HOP RTT ADDRESS
  275.  
  276. 1 342.33 ms 82.221.128.253
  277. 2 339.92 ms cisco-1721.dnv.skyrr.is (82.221.34.26)
  278. 3 337.59 ms 82.221.168.253
  279. 4 376.61 ms ADVANIA-HF.ear2.Amsterdam1.Level3.net (212.72.47.118)
  280. 5 ...
  281. 6 375.24 ms ae-238-3614.edge6.Amsterdam1.Level3.net (4.69.162.246)
  282. 7 376.57 ms 4.68.111.178
  283. 8 375.30 ms cloudflare-ic-304618-adm-b4.c.telia.net (62.115.36.94)
  284. 9 375.12 ms 104.20.64.150
  285.  
  286. Nmap done: 1 IP address (1 host up) scanned in 29.50 seconds
  287.  
  288.  
  289. Nmap scan report for 104.20.64.150
  290.  
  291. Host is up (0.35s latency).
  292.  
  293. Not shown: 96 filtered ports
  294.  
  295. PORT STATE SERVICE VERSION
  296.  
  297. 80/tcp open http cloudflare-nginx
  298. 443/tcp open ssl/https
  299. 8080/tcp open http cloudflare-nginx
  300. 8443/tcp open ssl/https-alt
  301.  
  302. 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
  303. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  304. SF-Port443-TCP:V=6.40%T=SSL%I=2%D=9/13%Time=57D8BAD6%P=x86_64-pc-linux-gnu
  305. SF:%r(GetRequest,147,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20cloudfla
  306. SF:re-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202016\x2002:49:58\x20GMT\r\nCo
  307. SF:ntent-Type:\x20text/html\r\nContent-Length:\x20173\r\nConnection:\x20cl
  308. SF:ose\r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\n<b
  309. SF:ody\x20bgcolor=\"white\">\r\n<center><h1>403\x20Forbidden</h1></center>
  310. SF:\r\n<hr><center>cloudflare-nginx</center>\r\n</body>\r\n</html>\r\n")%r
  311. SF:(SSLSessionReq,14D,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20cl
  312. SF:oudflare-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202016\x2002:50:05\x20GMT
  313. SF:\r\nContent-Type:\x20text/html\r\nContent-Length:\x20177\r\nConnection:
  314. SF:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></
  315. SF:head>\r\n<body\x20bgcolor=\"white\">\r\n<center><h1>400\x20Bad\x20Reque
  316. SF:st</h1></center>\r\n<hr><center>cloudflare-nginx</center>\r\n</body>\r\
  317. SF:n</html>\r\n");
  318. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  319. SF-Port8443-TCP:V=6.40%T=SSL%I=2%D=9/13%Time=57D8BAE1%P=x86_64-pc-linux-gn
  320. SF:u%r(GetRequest,14E,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Wed,
  321. SF:\x2014\x20Sep\x202016\x2002:50:09\x20GMT\r\nContent-Type:\x20text/html\
  322. SF:r\nContent-Length:\x20177\r\nConnection:\x20close\r\nServer:\x20-nginx\
  323. SF:r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</ti
  324. SF:tle></head>\r\n<body\x20bgcolor=\"white\">\r\n<center><h1>400\x20Bad\x2
  325. SF:0Request</h1></center>\r\n<hr><center>cloudflare-nginx</center>\r\n</bo
  326. SF:dy>\r\n</html>\r\n")%r(SSLSessionReq,14D,"HTTP/1\.1\x20400\x20Bad\x20Re
  327. SF:quest\r\nServer:\x20cloudflare-nginx\r\nDate:\x20Wed,\x2014\x20Sep\x202
  328. SF:016\x2002:50:11\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:
  329. SF:\x20177\r\nConnection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Ba
  330. SF:d\x20Request</title></head>\r\n<body\x20bgcolor=\"white\">\r\n<center><
  331. SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare-nginx<
  332. SF:/center>\r\n</body>\r\n</html>\r\n");
  333. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  334. Aggressive OS guesses: Crestron XPanel control system (90%), Netgear DG834G WAP or Western Digital WD TV media player (90%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (90%),
  335. OpenWrt White Russian 0.9 (Linux 2.4.30) (88%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (88%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%),
  336. AXIS 210A or 211 Network Camera (Linux 2.6) (87%), Linux 2.6.32 - 3.3 (86%)
  337. No exact OS matches for host (test conditions non-ideal).
  338.  
  339.  
  340.  
  341.  
  342.  
  343. RELATED SERVERS
  344. cloudflare-ic-304618-adm-b4.c.telia.net has address 62.115.36.94
  345.  
  346. ae-130-3516.edge6.Amsterdam1.Level3.net has address 4.69.162.238
  347.  
  348. ae-240-3616.edge6.Amsterdam1.Level3.net has address 4.69.162.254
  349.  
  350. ADVANIA-HF.ear2.Amsterdam1.Level3.net has address 212.72.47.118
  351.  
  352. ALFURQ4N.ORG
  353. nslookup alfurq4n.org
  354.  
  355. Server: 127.0.1.1
  356. Address: 127.0.1.1#53
  357.  
  358. Non-authoritative answer:
  359. Name: alfurq4n.org
  360. Address: 31.216.48.56
  361.  
  362. dig 31.216.48.56
  363.  
  364. ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> 31.216.48.56
  365. ;; global options: +cmd
  366. ;; Got answer:
  367. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62034
  368. ;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
  369.  
  370. ;; QUESTION SECTION:
  371. ;31.216.48.56. IN A
  372.  
  373. ;; ANSWER SECTION:
  374. 31.216.48.56. 0 IN A 31.216.48.56
  375.  
  376. ;; Query time: 0 msec
  377. ;; SERVER: 127.0.1.1#53(127.0.1.1)
  378. ;; WHEN: Tue Sep 13 22:20:13 MDT 2016
  379. ;; MSG SIZE rcvd: 46
  380.  
  381.  
  382. whois alfurq4n.org
  383. Domain Name: ALFURQ4N.ORG
  384. Domain ID: D167271764-LROR
  385. WHOIS Server:
  386. Referral URL: www.tldregistrarsolutions.com
  387. Updated Date: 2016-09-13T16:13:56Z
  388. Creation Date: 2012-12-04T19:40:49Z
  389. Registry Expiry Date: 2016-12-04T19:40:49Z
  390. Sponsoring Registrar: TLD Registrar Solutions Ltd.
  391. Sponsoring Registrar IANA ID: 1564
  392. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  393. Registrant ID: INTEv20ym0gdeo69
  394. Registrant Name: Domain Admin
  395. Registrant Organization: Whois Privacy Corp.
  396. Registrant Street: Ocean Centre, Montagu Foreshore
  397. Registrant Street: East Bay Street
  398. Registrant City: Nassau
  399. Registrant State/Province: New Providence
  400. Registrant Postal Code: 0000
  401. Registrant Country: BS
  402. Registrant Phone: +1.5163872248
  403. Registrant Phone Ext:
  404. Registrant Fax:
  405. Registrant Fax Ext:
  406. Registrant Email: 547e5c88q29onass@5225b4d0pi3627q9.whoisprivacycorp.com
  407. Admin ID: INTEnnl1jj9u8i7i
  408. Admin Name: Domain Admin
  409. Admin Organization: Whois Privacy Corp.
  410. Admin Street: Ocean Centre, Montagu Foreshore
  411. Admin Street: East Bay Street
  412. Admin City: Nassau
  413. Admin State/Province: New Providence
  414. Admin Postal Code: 0000
  415. Admin Country: BS
  416. Admin Phone: +1.5163872248
  417. Admin Phone Ext:
  418. Admin Fax:
  419. Admin Fax Ext:
  420. Admin Email: 547e5c8846mtg8hd@5225b4d0pi3627q9.whoisprivacycorp.com
  421. Tech ID: INTEfgq5s0rhundn
  422. Tech Name: Domain Admin
  423. Tech Organization: Whois Privacy Corp.
  424. Tech Street: Ocean Centre, Montagu Foreshore
  425. Tech Street: East Bay Street
  426. Tech City: Nassau
  427. Tech State/Province: New Providence
  428. Tech Postal Code: 0000
  429. Tech Country: BS
  430. Tech Phone: +1.5163872248
  431. Tech Phone Ext:
  432. Tech Fax:
  433. Tech Fax Ext:
  434. Tech Email: 547e5c88plxgko80@5225b4d0pi3627q9.whoisprivacycorp.com
  435. Name Server: NS9.CLOUD.MYCPANELCLOUD.CO.UK
  436. Name Server: NS10.CLOUD.MYCPANELCLOUD.CO.UK
  437. DNSSEC: unsigned
  438. >>> Last update of WHOIS database: 2016-09-14T01:56:58Z <<<
  439.  
  440.  
  441. Nmap scan report for cloud05.mycpanelcloud.co.uk (31.216.48.56)
  442. Host is up (0.26s latency).
  443. Not shown: 83 filtered ports
  444. PORT STATE SERVICE VERSION
  445. 21/tcp open ftp Pure-FTPd
  446. 53/tcp open domain
  447. 80/tcp open http?
  448. 110/tcp open pop3 Dovecot pop3d
  449. 143/tcp open imap Dovecot imapd
  450. 443/tcp open ssl/http Apache httpd
  451. 465/tcp open ssl/smtp Exim smtpd 4.87
  452. 587/tcp open smtp Exim smtpd 4.87
  453. 993/tcp open ssl/imap Dovecot imapd
  454. 995/tcp open ssl/pop3 Dovecot pop3d
  455. 32768/tcp closed filenet-tms
  456. 49152/tcp closed unknown
  457. 49153/tcp closed unknown
  458. 49154/tcp closed unknown
  459. 49155/tcp closed unknown
  460. 49156/tcp closed unknown
  461. 49157/tcp closed unknown
  462. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
  463. SF-Port80-TCP:V=6.40%I=2%D=9/13%Time=57D8D41C%P=x86_64-pc-linux-gnu%r(GetR
  464. SF:equest,1D5,"HTTP/1\.1\x20200\x20OK\r\nLast-Modified:\x20Wed,\x2013\x20J
  465. SF:an\x202016\x2001:02:37\x20GMT\r\nContent-Type:\x20text/html\r\nServer:\
  466. SF:x20\x20-\x20Web\x20acceleration\x20by\x20http://www\.unixy\.net/varnish
  467. SF:\x20\r\nX-Cacheable:\x20YES\r\nContent-Length:\x20111\r\nAccept-Ranges:
  468. SF:\x20bytes\r\nDate:\x20Wed,\x2014\x20Sep\x202016\x2004:37:48\x20GMT\r\nX
  469. SF:-Varnish:\x20852172663\x20852172025\r\nVia:\x201\.1\x20varnish\r\nConne
  470. SF:ction:\x20close\r\nage:\x200\r\nX-Cache:\x20HIT\r\nX-Cache-Hits:\x201\r
  471. SF:\n\r\n<html><head><META\x20HTTP-EQUIV=\"refresh\"\x20CONTENT=\"0;URL=/c
  472. SF:gi-sys/defaultwebpage\.cgi\"></head><body></body></html>\n")%r(HTTPOpti
  473. SF:ons,13A,"HTTP/1\.1\x20200\x20OK\r\nAllow:\x20OPTIONS,GET,HEAD,POST\r\nC
  474. SF:ontent-Type:\x20text/html\r\nServer:\x20\x20-\x20Web\x20acceleration\x2
  475. SF:0by\x20http://www\.unixy\.net/varnish\x20\r\nX-Cacheable:\x20YES\r\nCon
  476. SF:tent-Length:\x200\r\nAccept-Ranges:\x20bytes\r\nDate:\x20Wed,\x2014\x20
  477. SF:Sep\x202016\x2004:37:49\x20GMT\r\nX-Varnish:\x20852172668\r\nVia:\x201\
  478. SF:.1\x20varnish\r\nConnection:\x20close\r\nage:\x200\r\nX-Cache:\x20MISS\
  479. SF:r\n\r\n")%r(RTSPRequest,13A,"HTTP/1\.1\x20200\x20OK\r\nAllow:\x20OPTION
  480. SF:S,GET,HEAD,POST\r\nContent-Type:\x20text/html\r\nServer:\x20\x20-\x20We
  481. SF:b\x20acceleration\x20by\x20http://www\.unixy\.net/varnish\x20\r\nX-Cach
  482. SF:eable:\x20YES\r\nContent-Length:\x200\r\nAccept-Ranges:\x20bytes\r\nDat
  483. SF:e:\x20Wed,\x2014\x20Sep\x202016\x2004:37:49\x20GMT\r\nX-Varnish:\x20852
  484. SF:172671\r\nVia:\x201\.1\x20varnish\r\nConnection:\x20close\r\nage:\x200\
  485. SF:r\nX-Cache:\x20MISS\r\n\r\n")%r(FourOhFourRequest,928,"HTTP/1\.1\x20403
  486. SF:\x20Forbidden\r\nContent-Type:\x20text/html\r\nServer:\x20\x20-\x20Web\
  487. SF:x20acceleration\x20by\x20http://www\.unixy\.net/varnish\x20\r\nX-Cachea
  488. SF:ble:\x20YES\r\nContent-Length:\x202050\r\nAccept-Ranges:\x20bytes\r\nDa
  489. SF:te:\x20Wed,\x2014\x20Sep\x202016\x2004:37:55\x20GMT\r\nX-Varnish:\x2085
  490. SF:2172733\r\nVia:\x201\.1\x20varnish\r\nConnection:\x20close\r\nage:\x200
  491. SF:\r\nX-Cache:\x20MISS\r\n\r\n\n\n<!DOCTYPE\x20html\x20PUBLIC\x20\"-//W3C
  492. SF://DTD\x20XHTML\x201\.0\x20Transitional//EN\"\x20\"http://www\.w3\.org/T
  493. SF:R/xhtml1/DTD/xhtml1-transitional\.dtd\">\n<html>\n\x20\x20<head>\n\x20\
  494. SF:x20\x20\x20<title>403\x20Forbidden</title>\n\x20\x20\x20\x20<meta\x20ht
  495. SF:tp-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=utf-8\"\x2
  496. SF:0/>\n\x20\x20\x20\x20<style\x20type=\"text/css\">\n\x20\x20\x20\x20\x20
  497. SF:\x20\x20\x20body\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\tfont-family:\x
  498. SF:20Verdana,\x20Arial,\x20Helvetica,\x20sans-serif;\n\x20\x20\x20\x20\x20
  499. SF:\x20\x20\x20\tfont-size:\x2012px;\n\x20\x20\x20\x20\x20\x20\x20\x20\tba
  500. SF:ckground-color:#367E8E;\n\x20\x20\x20\x20\x20\x20\x20\x20\tscrollbar-ba
  501. SF:se-color:\x20#005B70;\n\x20\x20\x20\x20\x20\x20\x20\x20\tscrollbar-arro
  502. SF:w-color:\x20#F3960B;\n\x20\x20\x20\x20\x20\x20\x20\x20\tscrollbar-DarkS
  503. SF:hadow-Color:\x20#000000;\n\x20\x20\x20\x20\x20\x20\x20\x20\tcolor:\x20#
  504. SF:FFFFFF;\n\t\t\tmargin:0;\n\x20\x20\x20\x20\x20\x20\x20\x20}\n\x20\x20\x
  505. SF:20\x20\x20\x20\x20\x20a\x20{\x20color:#");
  506. Device type: general purpose|webcam
  507. Running (JUST GUESSING): Linux 2.6.X|3.X (92%), FreeBSD 6.X (86%), Tandberg embedded (86%)
  508. OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/o:freebsd:freebsd:6.2 cpe:/h:tandberg:vcs
  509. Aggressive OS guesses: Linux 2.6.32 (92%), Linux 3.4 (91%), Linux 2.6.39 (91%), Linux 3.1.9 (90%), Linux 2.6.32 - 2.6.39 (90%), Linux 3.2 - 3.6 (87%), Linux 3.5 (87%), Linux 2.6.32 - 3.0 (87%), FreeBSD 6.2-RELEASE (86%), Linux 2.6.35 (86%)
  510. No exact OS matches for host (test conditions non-ideal).
  511.  
  512. OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  513. Nmap done: 1 IP address (1 host up) scanned in 65.34 seconds
  514.  
  515. Nmap scan report for cloud05.mycpanelcloud.co.uk (31.216.48.56)
  516. Host is up (0.25s latency).
  517.  
  518. TRACEROUTE (using proto 1/icmp)
  519. HOP RTT ADDRESS
  520.  
  521. 1 236.63 ms 193.107.86.246
  522. 2 236.71 ms 82.221.168.253
  523. 3 276.24 ms 149.14.34.186
  524. 4 269.59 ms te0-1-1-4.rcr21.b031955-0.ams03.atlas.cogentco.com (149.14.34.185)
  525. 5 269.67 ms be2499.ccr41.ams03.atlas.cogentco.com (130.117.1.149)
  526. 6 276.39 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  527. 7 276.36 ms be2870.ccr22.lon01.atlas.cogentco.com (154.54.58.174)
  528. 8 276.45 ms redstation.demarc.cogentco.com (149.6.184.50)
  529. 9 276.38 ms po97.core2.thn.as20860.net (62.128.222.206)
  530. 10 267.17 ms 3920.core1.dc4.as20860.net (185.91.76.22)
  531. 11 273.20 ms 300.core2.dc4.as20860.net (62.233.118.230)
  532. 12 273.20 ms 3924.core2.dc3.as20860.net (185.91.76.26)
  533. 13 260.05 ms 212.38.163.17
  534. 14 260.08 ms custfw1a.nott.melbourne.co.uk (185.25.243.241)
  535. 15 273.32 ms cloud05.mycpanelcloud.co.uk (31.216.48.56)
  536.  
  537. Nmap done: 1 IP address (1 host up) scanned in 2.78 seconds
  538.  
  539.  
  540.  
  541.  
  542. RELATED SERVERS
  543. custfw1a.nott.melbourne.co.uk has address 185.25.243.241
  544.  
  545. 3924.core2.dc3.as20860.net has address 185.91.76.26
  546.  
  547. 300.core2.dc4.as20860.net has address 62.233.118.230
  548.  
  549. 3920.core1.dc4.as20860.net has address 185.91.76.22
  550.  
  551. po97.core2.thn.as20860.net has address 62.128.222.206
  552.  
  553.  
  554.  
  555. ALSOMOD-IEA.INFO
  556.  
  557. nslookup alsomod-iea.info
  558. Server: 127.0.1.1
  559. Address: 127.0.1.1#53
  560.  
  561. Non-authoritative answer:
  562. Name: alsomod-iea.info
  563. Address: 104.27.133.197
  564. Name: alsomod-iea.info
  565. Address: 104.27.132.197
  566.  
  567. dig 104.27.132.197
  568.  
  569. ; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> 104.27.132.197
  570. ;; global options: +cmd
  571. ;; Got answer:
  572. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29449
  573. ;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
  574.  
  575. ;; QUESTION SECTION:
  576. ;104.27.132.197. IN A
  577.  
  578. ;; ANSWER SECTION:
  579. 104.27.132.197. 0 IN A 104.27.132.197
  580.  
  581. ;; Query time: 0 msec
  582. ;; SERVER: 127.0.1.1#53(127.0.1.1)
  583. ;; WHEN: Tue Sep 13 23:02:28 MDT 2016
  584. ;; MSG SIZE rcvd: 48
  585.  
  586.  
  587. Starting Nmap 6.40 ( http://nmap.org ) at 2016-09-13 23:02 MDT
  588. Nmap scan report for 104.27.132.197
  589. Host is up (0.21s latency).
  590.  
  591. TRACEROUTE (using port 80/tcp)
  592. HOP RTT ADDRESS
  593.  
  594. 1 175.65 ms 193.107.86.246
  595. 2 175.41 ms 82.221.168.253
  596. 3 216.01 ms 10.120.2.34
  597. 4 213.69 ms xe-9-1-3.edge3.London2.Level3.net (212.187.137.45)
  598. 5 213.85 ms ae-126-3512.edge5.london1.Level3.net (4.69.166.45)
  599. 6 213.89 ms ldn-b5-link.telia.net (213.248.96.37)
  600. 7 215.44 ms ldn-bb3-link.telia.net (62.115.137.188)
  601. 8 215.37 ms ldn-b5-link.telia.net (80.91.248.216)
  602. 9 206.82 ms cloudflare-ic-306325-ldn-b3.c.telia.net (62.115.42.242)
  603. 10 222.59 ms 104.27.132.197
  604.  
  605. Nmap done: 1 IP address (1 host up) scanned in 26.86 seconds
  606.  
  607.  
  608. whois alsomod-iea.info
  609. Domain Name: ALSOMOD-IEA.INFO
  610. Domain ID: D503300000017088517-LRMS
  611. WHOIS Server:
  612. Referral URL: www.ilovewww.com
  613. Updated Date: 2016-08-17T11:12:16Z
  614. Creation Date: 2016-08-13T03:32:43Z
  615. Registry Expiry Date: 2017-08-13T03:32:43Z
  616. Sponsoring Registrar: Shinjiru MSC Sdn Bhd
  617. Sponsoring Registrar IANA ID: 1741
  618. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  619. Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
  620. Registrant ID: WW_59608918
  621. Registrant Name: adil madani
  622. Registrant Organization: nunn.asia
  623. Registrant Street: doha
  624. Registrant City: doha
  625. Registrant State/Province: doha
  626. Registrant Postal Code: 6669
  627. Registrant Country: QA
  628. Registrant Phone: +974.55653730
  629. Registrant Phone Ext:
  630. Registrant Fax:
  631. Registrant Fax Ext:
  632. Registrant Email: adilmadani@yahoo.com
  633. Admin ID: WW_59608914
  634. Admin Name: adil madani
  635. Admin Organization: nunn.asia
  636. Admin Street: doha
  637. Admin City: doha
  638. Admin State/Province: doha
  639. Admin Postal Code: 6669
  640. Admin Country: QA
  641. Admin Phone: +974.55653730
  642. Admin Phone Ext:
  643. Admin Fax:
  644. Admin Fax Ext:
  645. Admin Email: adilmadani@yahoo.com
  646. Tech ID: WW_59608916
  647. Tech Name: adil madani
  648. Tech Organization: nunn.asia
  649. Tech Street: doha
  650. Tech City: doha
  651. Tech State/Province: doha
  652. Tech Postal Code: 6669
  653. Tech Country: QA
  654. Tech Phone: +974.55653730
  655. Tech Phone Ext:
  656. Tech Fax:
  657. Tech Fax Ext:
  658. Tech Email: adilmadani@yahoo.com
  659. Billing ID: WW_59608917
  660. Billing Name: adil madani
  661. Billing Organization: nunn.asia
  662. Billing Street: doha
  663. Billing City: doha
  664. Billing State/Province: doha
  665. Billing Postal Code: 6669
  666. Billing Country: QA
  667. Billing Phone: +974.55653730
  668. Billing Phone Ext:
  669. Billing Fax:
  670. Billing Fax Ext:
  671. Billing Email: adilmadani@yahoo.com
  672. Name Server: ZARA.NS.CLOUDFLARE.COM
  673. Name Server: LLOYD.NS.CLOUDFLARE.COM
  674. DNSSEC: unsigned
  675. >>> Last update of WHOIS database: 2016-09-13T18:14:52Z <<<
  676.  
  677. Nmap scan report for 104.27.132.197
  678. Host is up (0.21s latency).
  679. Not shown: 96 filtered ports
  680. PORT STATE SERVICE VERSION
  681. 80/tcp open http cloudflare-nginx
  682. 443/tcp open ssl/https?
  683. 8080/tcp open http cloudflare-nginx
  684. 8443/tcp open ssl/https-alt?
  685. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  686. Aggressive OS guesses: Crestron XPanel control system (89%), Netgear DG834G WAP or Western Digital WD TV media player (89%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (89%), OpenWrt White Russian 0.9 (Linux 2.4.30) (87%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (87%), HP P2000 G3 NAS device (86%), Linux 3.1 (86%), Linux 3.2 (86%), AXIS 210A or 211 Network Camera (Linux 2.6) (86%), Linux 2.6.32 - 3.3 (85%)
  687. No exact OS matches for host (test conditions non-ideal).
  688.  
  689. OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  690. Nmap done: 1 IP address (1 host up) scanned in 44.46 seconds
  691.  
  692.  
  693. RELATED SERVERS
  694. cloudflare-ic-306325-ldn-b3.c.telia.net has address 62.115.42.242
  695.  
  696. ae-126-3512.edge5.london1.Level3.net has address 4.69.166.45
  697.  
  698. xe-9-1-3.edge3.London2.Level3.net has address 212.187.137.45
RAW Paste Data