Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1776again.com
- ###########################################################################################
- whois 1776again.com
- Whois Server Version 2.0
- Domain names in the .com and .net domains can now be registered
- with many different competing registrars. Go to http://www.internic.net
- for detailed information.
- Domain Name: 1776AGAIN.COM
- Registrar: FASTDOMAIN, INC.
- Sponsoring Registrar IANA ID: 1154
- Whois Server: whois.fastdomain.com
- Referral URL: http://www.fastdomain.com
- Name Server: NS1.IPAGE.COM
- Name Server: NS2.IPAGE.COM
- Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Updated Date: 01-nov-2016
- Creation Date: 16-nov-2012
- Expiration Date: 16-nov-2017
- >>> Last update of whois database: Tue, 02 May 2017 23:19:18 GMT <<<
- Domain Name: 1776AGAIN.COM
- Registry Domain ID: 1759839567_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.fastdomain.com
- Registrar URL: http://www.ipage.com/
- Updated Date: 2016-11-01T16:55:09Z
- Creation Date: 2012-11-16T18:50:36Z
- Registrar Registration Expiration Date: 2017-11-16T18:50:36Z
- Registrar: FastDomain Inc.
- Registrar IANA ID: 1154
- Registrar Abuse Contact Email: support@ipage-inc.com
- Registrar Abuse Contact Phone: +1.8017659400
- Reseller: iPage Inc.
- Domain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)
- Registry Registrant ID: FAST-15019563
- Registrant Name: DOMAIN PRIVACY SERVICE FBO REGISTRANT
- Registrant Organization:
- Registrant Street: 10 CORPORATE DRIVE SUITE 300
- Registrant City: BURLINGTON
- Registrant State/Province: MASSACHUSETTS
- Registrant Postal Code: 01803
- Registrant Country: US
- Registrant Phone: +1.8774724399
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: WHOIS@IPAGE.COM
- Registry Admin ID: FAST-15019563
- Admin Name: DOMAIN PRIVACY SERVICE FBO REGISTRANT
- Admin Organization:
- Admin Street: 10 CORPORATE DRIVE SUITE 300
- Admin City: BURLINGTON
- Admin State/Province: MASSACHUSETTS
- Admin Postal Code: 01803
- Admin Country: US
- Admin Phone: +1.8774724399
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: WHOIS@IPAGE.COM
- Registry Tech ID: FAST-15019563
- Tech Name: DOMAIN PRIVACY SERVICE FBO REGISTRANT
- Tech Organization:
- Tech Street: 10 CORPORATE DRIVE SUITE 300
- Tech City: BURLINGTON
- Tech State/Province: MASSACHUSETTS
- Tech Postal Code: 01803
- Tech Country: US
- Tech Phone: +1.8774724399
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: WHOIS@IPAGE.COM
- Name Server: NS1.IPAGE.COM
- Name Server: NS2.IPAGE.COM
- ###########################################################################################
- dig 1776again.com any
- ../../../../lib/isc/unix/net.c:581: sendmsg() failed: Operation not permitted
- ; <<>> DiG 9.10.3-P4-Debian <<>> 1776again.com any
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6454
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 3
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;1776again.com. IN ANY
- ;; ANSWER SECTION:
- 1776again.com. 3600 IN A 66.96.147.105
- 1776again.com. 3600 IN NS ns1.ipage.com.
- 1776again.com. 3600 IN NS ns2.ipage.com.
- 1776again.com. 3600 IN SOA ns1.ipage.com. dnsadmin.ipage.com. 2012111655 10800 3600 604800 3600
- 1776again.com. 3600 IN MX 30 mx.1776again.com.
- 1776again.com. 3600 IN TXT "v=spf1 ip4:66.96.128.0/18 ?all"
- ;; ADDITIONAL SECTION:
- mx.1776again.com. 3600 IN A 66.96.140.104
- mx.1776again.com. 3600 IN A 66.96.140.105
- ;; Query time: 111 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Tue May 02 19:19:25 EDT 2017
- ;; MSG SIZE rcvd: 239
- ###########################################################################################
- Checking for HTTP-Loadbalancing [Date]: 23:19:36, 23:19:36, 23:19:36, 23:19:36, 23:19:36, 23:19:36, 23:19:36, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:37, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:38, 23:19:39, 23:19:39, 23:19:39, 23:19:39, 23:19:39, 23:19:39, 23:19:39, 23:19:39, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:40, 23:19:41, 23:19:41, 23:19:41, 23:19:41, 23:19:41, 23:19:41, 23:19:41, NOT FOUND
- ###########################################################################################
- ###########################################################################################
- nmap -PN -n -F -T4 -sV -A -oG temp.txt 1776again.com
- Starting Nmap 7.40 ( https://nmap.org ) at 2017-05-02 19:19 EDT
- Nmap scan report for 1776again.com (66.96.147.105)
- Host is up (0.033s latency).
- Not shown: 54 closed ports, 37 filtered ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp ProFTPD 1.2.10
- 80/tcp open http nginx
- | http-methods:
- |_ Potentially risky methods: TRACE
- | http-robots.txt: 1 disallowed entry
- |_/wp-admin/
- |_http-server-header: Apache/2
- |_http-title: Database Error
- 110/tcp open pop3 Dovecot pop3d
- |_pop3-capabilities: PIPELINING AUTH-RESP-CODE RESP-CODES SASL(PLAIN LOGIN) TOP USER UIDL CAPA STLS
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 143/tcp open imap Dovecot imapd
- |_imap-capabilities: listed IDLE ENABLE Pre-login LOGIN-REFERRALS have ID UNSELECT capabilities LITERAL+ OK post-login AUTH=PLAIN more SASL-IR IMAP4rev1 AUTH=LOGINA0001 STARTTLS
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/http nginx
- | http-methods:
- |_ Potentially risky methods: TRACE
- |_http-server-header: Apache/2
- | http-title: 400 The plain HTTP request was sent to HTTPS port
- |_Requested resource was https://www.1776again.com/
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- | tls-nextprotoneg:
- |_ http/1.1
- 465/tcp open ssl/smtp Exim smtpd 4.X
- | smtp-commands: bosauthsmtp10.yourhostingaccount.com Hello 1776again.com [162.247.73.193], SIZE 34603008, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 587/tcp open smtp Exim smtpd
- | smtp-commands: bosauthsmtp10.yourhostingaccount.com Hello 1776again.com [162.247.73.193], SIZE 34603008, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.eigbox.com
- | Subject Alternative Name: DNS:*.eigbox.com, DNS:eigbox.com
- | Not valid before: 2016-04-15T00:00:00
- |_Not valid after: 2019-04-15T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imap Dovecot imapd
- |_imap-capabilities: listed IDLE ENABLE Pre-login AUTH=LOGINA0001 have ID UNSELECT capabilities LITERAL+ OK post-login AUTH=PLAIN SASL-IR more IMAP4rev1 LOGIN-REFERRALS
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3 Dovecot pop3d
- |_pop3-capabilities: UIDL USER AUTH-RESP-CODE SASL(PLAIN LOGIN) PIPELINING RESP-CODES CAPA TOP
- | ssl-cert: Subject: commonName=*.ipage.com
- | Subject Alternative Name: DNS:*.ipage.com, DNS:ipage.com
- | Not valid before: 2016-04-07T00:00:00
- |_Not valid after: 2019-04-25T23:59:59
- |_ssl-date: TLS randomness does not represent time
- TRACEROUTE (using port 135/tcp)
- HOP RTT ADDRESS
- 1 31.70 ms 10.42.0.1
- 2 31.70 ms 66.96.147.105
- ###########################################################################################
- Protocol on 66.96.147.105:110/tcp matches pop3
- Protocol on 66.96.147.105:143/tcp matches imap
- Protocol on 66.96.147.105:443/tcp matches http
- Unrecognized response from 66.96.147.105:587/tcp (by trigger http) received.
- Please send this output and the name of the application to vh@thc.org:
- 0000: 3535 3420 534d 5450 2073 796e 6368 726f [ 554 SMTP synchro ]
- 0010: 6e69 7a61 7469 6f6e 2065 7272 6f72 0d0a [ nization error.. ]
- Protocol on 66.96.147.105:80/tcp matches http
- Protocol on 66.96.147.105:465/tcp matches ssl
- Protocol on 66.96.147.105:80/tcp matches http-apache-2
- Protocol on 66.96.147.105:443/tcp matches ssl
- Protocol on 66.96.147.105:993/tcp matches ssl
- Protocol on 66.96.147.105:995/tcp matches ssl
- Protocol on 66.96.147.105:21/tcp matches ftp
- NetRange: 66.96.128.0 - 66.96.191.255
- CIDR: 66.96.128.0/18
- NetName: BIZLAND-FC01
- NetHandle: NET-66-96-128-0-1
- Parent: NET66 (NET-66-0-0-0-0)
- NetType: Direct Allocation
- OriginAS:
- Organization: The Endurance International Group, Inc. (EIG-12)
- RegDate: 2001-04-03
- Updated: 2012-03-02
- Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
- Ref: https://whois.arin.net/rest/net/NET-66-96-128-0-1
- OrgName: The Endurance International Group, Inc.
- OrgId: EIG-12
- Address: 10 Corporate Drive
- Address: Suite 300
- City: Burlington
- StateProv: MA
- PostalCode: 01803
- Country: US
- RegDate: 2005-02-07
- Updated: 2017-01-28
- Ref: https://whois.arin.net/rest/org/EIG-12
- OrgAbuseHandle: EIGAB-ARIN
- OrgAbuseName: eig-abuse
- OrgAbusePhone: +1-877-659-6181
- OrgAbuseEmail: eig-abuse@maileig.com
- OrgAbuseRef: https://whois.arin.net/rest/poc/EIGAB-ARIN
- OrgTechHandle: EIGAR-ARIN
- OrgTechName: eig-arin
- OrgTechPhone: +1-866-897-5421
- OrgTechEmail: eig-arin@maileig.com
- OrgTechRef: https://whois.arin.net/rest/poc/EIGAR-ARIN
- OrgNOCHandle: ENO91-ARIN
- OrgNOCName: EIG Network Operations
- OrgNOCPhone: +1-877-659-6181
- OrgNOCEmail: eig-noc@maileig.com
- OrgNOCRef: https://whois.arin.net/rest/poc/ENO91-ARIN
- [+] using maximum random delay of 10 millisecond(s) between requests
- email.1776again.com
- IP address #1: 66.96.147.20
- mx.1776again.com
- IP address #1: 66.96.140.104
- IP address #2: 66.96.140.105
- webmail.1776again.com
- IP address #1: 66.96.147.20
- 66.96.147.105:www.1776again.com
- [+] Virtual hosts:
- ==================
- 66.96.147.105 redrockgsg.com
- 66.96.147.105 themonroesocial
- 66.96.147.105 emp.tm-hm.com
- 66.96.147.105 www.ollschool-lakeoswego.org
- 66.96.147.105 www.aapca1.org
- 66.96.147.105 crossfitpoulsbo
- 66.96.147.105 urbanhivemarket
- 66.96.147.105 www.healthdepartment
- 66.96.147.105 dflc.org
- 66.96.147.105 www.comfortlandmed
- 66.96.147.105 windwardsailing
- 66.96.147.105 smart
- 66.96.147.105 www.stylehouseinteriors
- 66.96.147.105 aradjc
- 66.96.147.105 www.vazquezlandscaping
- 66.96.147.105 www.codstreetfaire
- 66.96.147.105 www.cocosbridal
- 66.96.147.105 captainkirksguideservice
- 66.96.147.105 nevadagold
- 66.96.147.105 williamscustombikes
- 66.96.147.105 www.goborntomove.com
- 66.96.147.105 www.nflretiredplayersassociation.org
- 66.96.147.105 www.ajmdeliveryservice
- 66.96.147.105 www.katemurrayphotography.com
- 66.96.147.105 www.kqhpatentlaw.com
- 66.96.147.105 www.wingfieldrifleclub
- 66.96.147.105 www.centricltd
- 66.96.147.105 www.bluefieldtechno.com
- 66.96.147.105 www.lacdepaix
- 66.96.147.105 www.budlifeusa
- 66.96.147.105 www.westernwireharness.com
- 66.96.147.105 www.tycocityhotel
- 66.96.147.105 estatesandelders
- 66.96.147.105 www.naplesexecutive.net
- 66.96.147.105 experiencegemini.com
- 66.96.147.105 www.heritagecorporatebenefits
- 66.96.147.105 torreslandscapinginc
- 66.96.147.105 seniorcareinusa.com
- 66.96.147.105 hilltopbaptist
- 66.96.147.105 www.traxconstruction
- 66.96.147.105 nutrab
- 66.96.147.105 illustra-advisory
- 66.96.147.105 saltoslandscaping
- 66.96.147.105 andrewshouse
- 66.96.147.105 www.laqshya
- 66.96.147.105 go4technologies
- 66.96.147.105 www.onewayoramother
- 66.96.147.105 operatorsurvivaltool
- 66.96.147.105 trudeaumcavoy.com
- 66.96.147.105 www.gaylordrefuge.com
- 66.96.147.105 zipcodeboutiques.com
- 66.96.147.105 bcsnowtracks.com
- 66.96.147.105 ustrustadvisory.com
- 66.96.147.105 www.simbatravels
- 66.96.147.105 dubaidermatologist
- 66.96.147.105 www.cottagechildrenscenter
- 66.96.147.105 www.oscarpainting
- 66.96.147.105 oregonresource.org
- 66.96.147.105 xtremehealthyliving
- 66.96.147.105 ehanzi
- 66.96.147.105 kissentaxes.com
- 66.96.147.105 www.alummah
- 66.96.147.105 www.aaroofingexperts
- 66.96.147.105 www.dealersdist.com
- 66.96.147.105 www.amarinthaisanjose
- 66.96.147.105 www.longlastingpainting
- ---------------------------------------------------------------------------
- + Target IP: 66.96.147.105
- + Target Hostname: 1776again.com
- + Target Port: 80
- + Start Time: 2017-05-02 19:20:26 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: Apache/2
- + Retrieved x-powered-by header: PHP/5.5.22
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: http://www.1776again.com/
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Uncommon header 'link' found, with contents: <http://www.1776again.com/wp-json/>; rel="https://api.w.org/"
- + Entry '/wp-admin/admin-ajax.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
- + "robots.txt" contains 2 entries which should be manually viewed.
- + Apache/2 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
- + Server banner has changed from 'Apache/2' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
- + Allowed HTTP Methods: OPTIONS, GET, HEAD, POST, TRACE
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
- + Server leaks inodes via ETags, header found with file /error_log, fields: 0x7b 0x54263da0500ff
- + OSVDB-3092: /error_log: This might be interesting...
- + OSVDB-3092: /home/: This might be interesting...
- + /readme.html: This WordPress file reveals the installed version.
- + OSVDB-3092: /license.txt: License file found may identify site software.
- + 7449 requests: 0 error(s) and 16 item(s) reported on remote host
- + End Time: 2017-05-02 20:15:03 (GMT-4) (3277 seconds)
- Host's addresses:
- __________________
- 1776again.com. 3600 IN A 66.96.147.105
- Wildcard detection using: tageowftmrvu
- _______________________________________
- tageowftmrvu.1776again.com. 3600 IN A 66.96.147.105
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Wildcards detected, all subdomains will point to the same IP address
- Omitting results containing 66.96.147.105.
- Maybe you are using OpenDNS servers.
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Name Servers:
- ______________
- ns1.ipage.com. 3600 IN A 66.96.142.162
- ns1.ipage.com. 3600 IN A 66.96.142.116
- ns1.ipage.com. 3600 IN A 66.96.142.163
- ns2.ipage.com. 3600 IN A 65.254.254.151
- Mail (MX) Servers:
- ___________________
- mx.1776again.com. 3600 IN A 66.96.140.104
- mx.1776again.com. 3600 IN A 66.96.140.105
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- DNS Servers for 1776again.com:
- ns1.ipage.com
- ns2.ipage.com
- Trying zone transfer first...
- Testing ns1.ipage.com
- Request timed out or transfer not allowed.
- Testing ns2.ipage.com
- Request timed out or transfer not allowed.
- Unsuccessful in zone transfer (it was worth a shot)
- Okay, trying the good old fashioned way... brute force
- Checking for wildcard DNS...
- ** Found 97408355174.1776again.com at 66.96.147.105.
- ** High probability of wildcard DNS.
- Now performing 2280 test(s)...
- 66.96.147.20 email.1776again.com
- 66.96.140.104 mx.1776again.com
- 66.96.140.105 mx.1776again.com
- 66.96.147.20 webmail.1776again.com
- Subnets found (may want to probe here using nmap or unicornscan):
- 66.96.140.0-255 : 2 hostnames found.
- 66.96.147.0-255 : 2 hostnames found.
- traceroute -T -O info 66.96.147.105
- traceroute to 66.96.147.105 (66.96.147.105), 30 hops max, 60 byte packets
- 1 10.42.0.1 (10.42.0.1) 30.671 ms 30.654 ms 30.653 ms
- 2 gw2-carp2.calyxinstitute.org (162.247.73.3) 31.030 ms 31.031 ms 31.030 ms
- 3 100ge13-1.core1.nyc4.he.net (184.105.64.177) 32.258 ms 32.259 ms 32.258 ms
- 4 * * *
- 5 * * *
- 6 ENDURANCE-I.bear2.Boston1.Level3.net (4.53.56.190) 37.709 ms 36.103 ms 36.281 ms
- 7 254.252.148.207.static.yourhostingaccount.com (207.148.252.254) 36.278 ms 36.201 ms 36.336 ms
- 8 105.147.96.66.static.eigbox.net (66.96.147.105) <syn,ack> 36.127 ms 36.325
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement