SHARE
TWEET

Anonymous JTSEC #OpIsraël Full Recon #4

a guest Jan 25th, 2019 1,058 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ######################################################################################################################################
  2. Hostname    www.orgil.co.il         ISP     Bezeq International
  3. Continent   Asia        Flag    
  4. IL
  5. Country     Israel      Country Code    IL
  6. Region  Unknown         Local time  24 Jan 2019 17:25 IST
  7. City    Unknown         Postal Code     Unknown
  8. IP Address  62.219.78.222       Latitude    31.5
  9.             Longitude   34.75
  10.  
  11. ######################################################################################################################################
  12. > www.orgil.co.il
  13. Server:     194.187.251.67
  14. Address:    194.187.251.67#53
  15.  
  16. Non-authoritative answer:
  17. Name:   www.orgil.co.il
  18. Address: 62.219.78.222
  19. >
  20. ######################################################################################################################################
  21. HostIP:62.219.78.222
  22. HostName:www.orgil.co.il
  23.  
  24. Gathered Inet-whois information for 62.219.78.222
  25. --------------------------------------------------------------------------------------------------------------------------------------
  26.  
  27.  
  28. inetnum:        62.219.78.0 - 62.219.78.255
  29. netname:        LIVE-DNS
  30. descr:          LIVE-DNS
  31. country:        IL
  32. admin-c:        BNT1-RIPE
  33. tech-c:         BHT2-RIPE
  34. status:         ASSIGNED PA
  35. remarks:        please send ABUSE complains to abuse@bezeqint.net
  36. remarks:        We are more than NO. 1
  37. mnt-by:         AS8551-MNT
  38. mnt-lower:      AS8551-MNT
  39. created:        2005-12-04T13:41:09Z
  40. last-modified:  2010-10-12T14:22:00Z
  41. source:         RIPE
  42.  
  43. role:           BEZEQINT HOSTMASTERS TEAM
  44. address:        Bezeq International
  45. address:        40 hashacham st.
  46. address:        Petach Tikva 49170 Israel
  47. phone:          +972 1 800014014
  48. fax-no:         +972 3 9257674
  49. admin-c:        MR916-RIPE
  50. tech-c:         LBHM-RIPE
  51. tech-c:         HMSB-RIPE
  52. nic-hdl:        BHT2-RIPE
  53. remarks:        Please Send Spam and Abuse ONLY to abuse@bezeqint.net
  54. mnt-by:         AS8551-MNT
  55. created:        2002-10-29T10:01:49Z
  56. last-modified:  2009-02-15T12:35:43Z
  57. source:         RIPE # Filtered
  58.  
  59. role:           BEZEQINT NETWORKING TEAM
  60. address:        Bezeq International
  61. address:        40 hashacham st.
  62. address:        Petach Tikva 49170 Israel
  63. phone:          +972 1 800014014
  64. fax-no:         +972 3 9257674
  65. admin-c:        MR916-RIPE
  66. tech-c:         MR916-RIPE
  67. tech-c:         RD1278-RIPE
  68. nic-hdl:        BNT1-RIPE
  69. remarks:        Please Send Spam and Abuse ONLY to abuse@bezeqint.net
  70. mnt-by:         AS8551-MNT
  71. created:        2005-09-27T12:31:29Z
  72. last-modified:  2018-12-05T14:57:44Z
  73. source:         RIPE # Filtered
  74.  
  75. % Information related to '62.219.64.0/19AS8551'
  76.  
  77. route:          62.219.64.0/19
  78. descr:          BEZEQ-INTERNATIONAL
  79. origin:         AS8551
  80. mnt-by:         AS8551-MNT
  81. created:        2002-09-09T08:13:29Z
  82. last-modified:  2017-04-05T11:15:09Z
  83. source:         RIPE # Filtered
  84.  
  85. % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
  86.  
  87.  
  88.  
  89. Gathered Inic-whois information for orgil.co.il
  90. ---------------------------------------------------------------------------------------------------------------------------------------
  91. domain:       orgil.co.il
  92.  
  93. descr:        naor brachel
  94. descr:        achi meir 5
  95. descr:        ramat gan
  96. descr:        52587
  97. descr:        Israel
  98. fax-no:       +972 73 3211288
  99. e-mail:       naor1964 AT gmail.com
  100. admin-c:      LD-NB5813-IL
  101. tech-c:       LD-NB5813-IL
  102. zone-c:       LD-NB5813-IL
  103. nserver:      park1.livedns.co.il
  104. nserver:      park2.livedns.co.il
  105. validity:     21-08-2019
  106. DNSSEC:       unsigned
  107. status:       Transfer Locked
  108. changed:      domain-registrar AT isoc.org.il 20170821 (Assigned)
  109.  
  110. person:       naor brachel
  111. address      achi meir 5
  112. address      ramat gan
  113. address      52587
  114. address      Israel
  115. phone:        +972 3 7554488
  116. fax-no:       +972 73 3211288
  117. e-mail:       naor1964 AT gmail.com
  118. nic-hdl:      LD-NB5813-IL
  119. changed:      Managing Registrar 20170821
  120.  
  121. registrar name: LiveDns Ltd
  122. registrar info: http://domains.livedns.co.il
  123.  
  124. % Rights to the data above are restricted by copyright.
  125.  
  126. Gathered Netcraft information for www.orgil.co.il
  127. --------------------------------------------------------------------------------------------------------------------------------------
  128.  
  129. Retrieving Netcraft.com information for www.orgil.co.il
  130. Netcraft.com Information gathered
  131.  
  132. Gathered Subdomain information for orgil.co.il
  133. --------------------------------------------------------------------------------------------------------------------------------------
  134. Searching Google.com:80...
  135. Searching Altavista.com:80...
  136. Found 0 possible subdomain(s) for host orgil.co.il, Searched 0 pages containing 0 results
  137.  
  138. Gathered E-Mail information for orgil.co.il
  139. ---------------------------------------------------------------------------------------------------------------------------------------
  140. Searching Google.com:80...
  141. Searching Altavista.com:80...
  142. Found 0 E-Mail(s) for host orgil.co.il, Searched 0 pages containing 0 results
  143.  
  144. Gathered TCP Port information for 62.219.78.222
  145. ---------------------------------------------------------------------------------------------------------------------------------------
  146.  
  147.  Port       State
  148.  
  149. 80/tcp      open
  150.  
  151. Portscan Finished: Scanned 150 ports, 3 ports were in state closed
  152. #######################################################################################################################################
  153. [i] Scanning Site: http://www.orgil.co.il
  154.  
  155.  
  156.  
  157. B A S I C   I N F O
  158. =======================================================================================================================================
  159.  
  160.  
  161. [+] Site Title: דומיין|דומיינים|איחסון אתרים|אחסון אתרים|רישום דומיין|רישום דומיינים|איחסון
  162. [+] IP address: 62.219.78.222
  163. [+] Web Server: Could Not Detect
  164. [+] CMS: Joomla
  165. [+] Cloudflare: Not Detected
  166. [+] Robots File: Found
  167.  
  168. -------------[ contents ]----------------  
  169. User-agent: *
  170. Disallow: /
  171. -----------[end of contents]-------------
  172.  
  173.  
  174.  
  175. W H O I S   L O O K U P
  176. =======================================================================================================================================
  177.  
  178.    
  179. % The data in the WHOIS database of the .il registry is provided
  180. % by ISOC-IL for information purposes, and to assist persons in
  181. % obtaining information about or related to a domain name
  182. % registration record. ISOC-IL does not guarantee its accuracy.
  183. % By submitting a WHOIS query, you agree that you will use this
  184. % Data only for lawful purposes and that, under no circumstances
  185. % will you use this Data to: (1) allow, enable, or otherwise
  186. % support the transmission of mass unsolicited, commercial
  187. % advertising or solicitations via e-mail (spam);
  188. % or  (2) enable high volume, automated, electronic processes that
  189. % apply to ISOC-IL (or its systems).
  190. % ISOC-IL reserves the right to modify these terms at any time.
  191. % By submitting this query, you agree to abide by this policy.
  192.  
  193. query:        orgil.co.il
  194.  
  195. reg-name:     orgil
  196. domain:       orgil.co.il
  197.  
  198. descr:        naor brachel
  199. descr:        achi meir 5
  200. descr:        ramat gan
  201. descr:        52587
  202. descr:        Israel
  203. fax-no:       +972 73 3211288
  204. e-mail:       naor1964 AT gmail.com
  205. admin-c:      LD-NB5813-IL
  206. tech-c:       LD-NB5813-IL
  207. zone-c:       LD-NB5813-IL
  208. nserver:      park1.livedns.co.il
  209. nserver:      park2.livedns.co.il
  210. validity:     21-08-2019
  211. DNSSEC:       unsigned
  212. status:       Transfer Locked
  213. changed:      domain-registrar AT isoc.org.il 20170821 (Assigned)
  214.  
  215. person:       naor brachel
  216. address      achi meir 5
  217. address      ramat gan
  218. address      52587
  219. address      Israel
  220. phone:        +972 3 7554488
  221. fax-no:       +972 73 3211288
  222. e-mail:       naor1964 AT gmail.com
  223. nic-hdl:      LD-NB5813-IL
  224. changed:      Managing Registrar 20170821
  225.  
  226. registrar name: LiveDns Ltd
  227. registrar info: http://domains.livedns.co.il
  228.  
  229. % Rights to the data above are restricted by copyright.
  230.  
  231.  
  232.  
  233.  
  234. G E O  I P  L O O K  U P
  235. =======================================================================================================================================
  236.  
  237. [i] IP Address: 62.219.78.222
  238. [i] Country: Israel
  239. [i] State:  
  240. [i] City:  
  241. [i] Latitude: 31.5
  242. [i] Longitude: 34.75
  243.  
  244.  
  245.  
  246.  
  247. H T T P   H E A D E R S
  248. =======================================================================================================================================
  249.  
  250.  
  251. [i]  HTTP/1.1 200 OK
  252. [i]  Cache-Control: private
  253. [i]  Content-Length: 100096
  254. [i]  Content-Type: text/html; charset=utf-8
  255. [i]  X-AspNet-Version: 2.0.50727
  256. [i]  X-Powered-By: ASP.NET
  257. [i]  Date: Thu, 24 Jan 2019 15:32:24 GMT
  258. [i]  Connection: close
  259.  
  260.  
  261.  
  262.  
  263. D N S   L O O K U P
  264. ======================================================================================================================================
  265.  
  266. orgil.co.il.        14399   IN  A   62.219.78.222
  267. orgil.co.il.        14399   IN  NS  park1.livedns.co.il.
  268. orgil.co.il.        14399   IN  NS  park2.livedns.co.il.
  269. orgil.co.il.        3599    IN  MX  0 orgil-co-il.mail.protection.outlook.com.
  270. orgil.co.il.        14399   IN  SOA park1.livedns.co.il. hostmaster.orgil.co.il. 2017090502 3600 600 1209600 14400
  271. orgil.co.il.        3599    IN  TXT "v=spf1 include:spf.protection.outlook.com -all"
  272. orgil.co.il.        3599    IN  TXT "MS=ms92420837"
  273.  
  274.  
  275.  
  276.  
  277. S U B N E T   C A L C U L A T I O N
  278. =======================================================================================================================================
  279.  
  280. Address       = 62.219.78.222
  281. Network       = 62.219.78.222 / 32
  282. Netmask       = 255.255.255.255
  283. Broadcast     = not needed on Point-to-Point links
  284. Wildcard Mask = 0.0.0.0
  285. Hosts Bits    = 0
  286. Max. Hosts    = 1   (2^0 - 0)
  287. Host Range    = { 62.219.78.222 - 62.219.78.222 }
  288.  
  289.  
  290.  
  291. N M A P   P O R T   S C A N
  292. =======================================================================================================================================
  293.  
  294.  
  295. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-24 15:32 UTC
  296. Nmap scan report for orgil.co.il (62.219.78.222)
  297. Host is up (0.14s latency).
  298. rDNS record for 62.219.78.222: bzq-78-222.red.bezeqint.net
  299. PORT     STATE    SERVICE
  300. 21/tcp   filtered ftp
  301. 22/tcp   filtered ssh
  302. 23/tcp   filtered telnet
  303. 80/tcp   open     http
  304. 110/tcp  filtered pop3
  305. 143/tcp  filtered imap
  306. 443/tcp  filtered https
  307. 3389/tcp filtered ms-wbt-server
  308.  
  309. Nmap done: 1 IP address (1 host up) scanned in 2.93 seconds
  310. #######################################################################################################################################
  311. [?] Enter the target: example( http://domain.com )
  312. http://www.orgil.co.il
  313. [!] IP Address : 62.219.78.222
  314. [+] Operating System : Windows
  315. [!] www.orgil.co.il doesn't seem to use a CMS
  316. [+] Honeypot Probabilty: 0%
  317. ---------------------------------------------------------------------------------------------------------------------------------------
  318. [~] Trying to gather whois information for www.orgil.co.il
  319. [+] Whois information found
  320. [-] Unable to build response, visit https://who.is/whois/www.orgil.co.il
  321. ---------------------------------------------------------------------------------------------------------------------------------------
  322. PORT     STATE    SERVICE
  323. 21/tcp   filtered ftp
  324. 22/tcp   filtered ssh
  325. 23/tcp   filtered telnet
  326. 80/tcp   open     http
  327. 110/tcp  filtered pop3
  328. 143/tcp  filtered imap
  329. 443/tcp  filtered https
  330. 3389/tcp filtered ms-wbt-server
  331. Nmap done: 1 IP address (1 host up) scanned in 2.70 seconds
  332. ---------------------------------------------------------------------------------------------------------------------------------------
  333. There was an error getting results
  334.  
  335. [-] DNS Records
  336. [>] Initiating 3 intel modules
  337. [>] Loading Alpha module (1/3)
  338. [>] Beta module deployed (2/3)
  339. [>] Gamma module initiated (3/3)
  340. [+] Emails found:
  341. ---------------------------------------------------------------------------------------------------------------------------------------
  342. pixel-1548344029239903-web-@www.orgil.co.il
  343. pixel-1548344032609324-web-@www.orgil.co.il
  344. No hosts found
  345. [+] Virtual hosts:
  346. ---------------------------------------------------------------------------------------------------------------------------------------
  347. #######################################################################################################################################
  348. =======================================================================================================================================
  349. | E-mails:
  350. | [+] E-mail Found: renew@livedns.co.il
  351. | [+] E-mail Found: sales@livedns.co.il
  352. =======================================================================================================================================
  353. | External hosts:
  354. | [+] External Host Found: http://www.livedns.co.il
  355. =======================================================================================================================================
  356. ######################################################################################################################################
  357. ; <<>> DiG 9.11.5-P1-1-Debian <<>> orgil.co.il
  358. ;; global options: +cmd
  359. ;; Got answer:
  360. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63255
  361. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  362.  
  363. ;; OPT PSEUDOSECTION:
  364. ; EDNS: version: 0, flags:; udp: 4096
  365. ;; QUESTION SECTION:
  366. ;orgil.co.il.           IN  A
  367.  
  368. ;; ANSWER SECTION:
  369. orgil.co.il.        14400   IN  A   62.219.78.222
  370.  
  371. ;; Query time: 263 msec
  372. ;; SERVER: 194.187.251.67#53(194.187.251.67)
  373. ;; WHEN: jeu jan 24 10:44:49 EST 2019
  374. ;; MSG SIZE  rcvd: 56
  375. #######################################################################################################################################
  376.  <<>> DiG 9.11.5-P1-1-Debian <<>> +trace orgil.co.il
  377. ;; global options: +cmd
  378. .           86000   IN  NS  e.root-servers.net.
  379. .           86000   IN  NS  k.root-servers.net.
  380. .           86000   IN  NS  g.root-servers.net.
  381. .           86000   IN  NS  l.root-servers.net.
  382. .           86000   IN  NS  a.root-servers.net.
  383. .           86000   IN  NS  d.root-servers.net.
  384. .           86000   IN  NS  m.root-servers.net.
  385. .           86000   IN  NS  b.root-servers.net.
  386. .           86000   IN  NS  i.root-servers.net.
  387. .           86000   IN  NS  c.root-servers.net.
  388. .           86000   IN  NS  h.root-servers.net.
  389. .           86000   IN  NS  j.root-servers.net.
  390. .           86000   IN  NS  f.root-servers.net.
  391. .           86000   IN  RRSIG   NS 8 0 518400 20190206050000 20190124040000 16749 . GyLUryAEdEDmlxR3SnGPcH6fODRTKJ1u2E7KNSL5fK19NqTRX53ho9fE j8N3GFfMd7cXOteZ2yoaNjtfE5KV3EKNolOCfsXMt0zgx82B8PEsTZxp Oiukfa3LQKtv/e6gp281TnxuIyjM8kQ6yL1nLtYkWGCv50GMNTUQzQ2v bmcgwYrFsGPA+Ud7YOI8WHf80h8btErLaWu37gk/74rw9Ds45G0O77Ir 0V+PfJfRK0hX3LopzWutnfXWjSXt+La4+Mt0kASMupzoYtO9ZHU3lrnE zWEwWQv7Tti/Iklp+pKWQ0BEgqJmpNS+86BW4cq+vnb6oSJQNkKaaxu+ S/kD0w==
  392. ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 192 ms
  393.  
  394. il.         172800  IN  NS  nse.ns.il.
  395. il.         172800  IN  NS  lookup.iucc.ac.il.
  396. il.         172800  IN  NS  nsa.ns.il.
  397. il.         172800  IN  NS  nsb.ns.il.
  398. il.         172800  IN  NS  sns-pb.isc.org.
  399. il.         172800  IN  NS  ns2.ns.il.
  400. il.         172800  IN  NS  ns1.ns.il.
  401. il.         172800  IN  NS  ns3.ns.il.
  402. il.         172800  IN  NS  ilns.ilan.net.il.
  403. il.         86400   IN  DS  44729 8 2 7FA5A2FD091C340D4A01864B4F82D66D0769F3D3A0A1C48F8ABD2A64 B1689921
  404. il.         86400   IN  RRSIG   DS 8 1 86400 20190206050000 20190124040000 16749 . U5YNelBol0QzzsFgB3b0QoBPN5Ws2c5kVh8+W3LZcXDAdUC/fgmE0MeO 6lK5GxSsR4IGO87RPPQGjw3Wn0nITRmRcgC52GbUVtHCeYrlkA61hJed RR17wQqruIyHd1AJKoeAnqoJWswigko/zDw9KYO4ZnmZzVtCH5Res6ch Y4KY7aSP7HWuvCaKAYTPGdHwrFDoCTF9qaM7+qlrUhmMFUcJ6Xk6i1T5 SnZjXVrisUADw/+AiJa4vuEAKLsvVTpBuxuXNLuwUCCxtl6lfgS4nqjr gkVauZGj+3x8AcIUt4tq3zpIz7UIrbd9OfR06Y9jb6s3ZqSk4DJBRGte Eimf/A==
  405. ;; Received 855 bytes from 2001:503:ba3e::2:30#53(a.root-servers.net) in 43 ms
  406.  
  407. orgil.co.il.        86400   IN  NS  park2.livedns.co.il.
  408. orgil.co.il.        86400   IN  NS  park1.livedns.co.il.
  409. i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 I808NA34LO7Q55K3FAOBFSHSVU39TF9J NS SOA RRSIG DNSKEY NSEC3PARAM
  410. i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190224140907 20190124130907 7233 co.il. JvGonWN408TUbaiAJpLQF7yAM1GiyfvqqlkdmuCn74zWyffBVUsz/BoW FPFozDRHS7vt3Z30mk2gVu86rCHOUHOTmGijcF9Uk8zY3dS2P6He4o2R HwIa74trRRX8fjd1VyPVyPK8ZPMzrCTlV8Rd3IHgTi9zbrkw+KbMwu70 RQ61zKKi4CWZ0fQxwJtMPOljj3Y2yzemAOXFloCAHJlM5/jzwmVR6c56 IKtiNjCy5nPjnwPSOB9EAe9iBpWBPw72Ui090/lJsTGfHB5wvTZ0Ups3 4qZTgjQsyWsEFjskgkDC8eQNZbHQ+MIC4pPMVMcDyEtnc2K5NvwFTldW o5f/yg==
  411. c2fulibva4ggam91k16pht5ca62mjpf3.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 DPV5RPOSFL03GR9JRS43LBJ02MAV4NC7 NS DS RRSIG
  412. c2fulibva4ggam91k16pht5ca62mjpf3.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190224140907 20190124130907 7233 co.il. KqMdeBBp6tFqpeygldvUHT3y90x6NWmlW8CkzMqMfLuNnrHXPjL8W8ll JkJJNWhE2tP8Up/3bz4c7EZF059Ji4k7i/qKB4Y1/f6PZiGBo+LYl8Vw uTkzoTJzEjU6IuHAI+ZmhBcYaBPkygEkgnrnVI6ZZKfRksStf/WwLYq/ UB7XQTWWplwssMkKxatlTWVSOdr66aTSl7HLza/17Js6xYZv6twokNZf P8rle5UiVVAxGyqC6NIRyplO5A9Dc3D80/YKokiRexaXXQzyLS/PBe+k EQrjSRsVnxRSlJ34CR/FhbOy3qJQ6ntqcMAngeMF8lGqI6Mslp4y/z/1 iYNUUQ==
  413. ;; Received 877 bytes from 2001:678:e:103::53#53(ns3.ns.il) in 86 ms
  414.  
  415. orgil.co.il.        14400   IN  A   62.219.78.222
  416. orgil.co.il.        14400   IN  NS  park1.livedns.co.il.
  417. orgil.co.il.        14400   IN  NS  park2.livedns.co.il.
  418. ;; Received 136 bytes from 62.219.78.217#53(park1.livedns.co.il) in 224 ms
  419. #######################################################################################################################################
  420. [*] Performing General Enumeration of Domain: orgil.co.il
  421. [-] DNSSEC is not configured for orgil.co.il
  422. [*]      SOA park1.livedns.co.il 62.219.78.217
  423. [*]      NS park2.livedns.co.il 185.60.169.2
  424. [*]      Bind Version for 185.60.169.2 Livedns
  425. [*]      NS park1.livedns.co.il 62.219.78.217
  426. [*]      Bind Version for 62.219.78.217 9.7.0
  427. [*]      MX orgil-co-il.mail.protection.outlook.com 104.47.4.36
  428. [*]      MX orgil-co-il.mail.protection.outlook.com 104.47.6.36
  429. [*]      A orgil.co.il 62.219.78.222
  430. [*]      TXT orgil.co.il v=spf1 include:spf.protection.outlook.com -all
  431. [*]      TXT orgil.co.il MS=ms92420837
  432. [*] Enumerating SRV Records
  433. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 52.113.66.144 5061 1
  434. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:1::b 5061 1
  435. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:b::f 5061 1
  436. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:8::f 5061 1
  437. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:9::f 5061 1
  438. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:2::b 5061 1
  439. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:a::f 5061 1
  440. [*]      SRV _sipfederationtls._tcp.orgil.co.il sipfed.online.lync.com 2603:1047:0:5::b 5061 1
  441. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 52.113.66.144 443 1
  442. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:9::f 443 1
  443. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:b::f 443 1
  444. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:a::f 443 1
  445. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:2::b 443 1
  446. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:8::f 443 1
  447. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:1::b 443 1
  448. [*]      SRV _sip._tls.orgil.co.il sipdir.online.lync.com 2603:1047:0:5::b 443 1
  449. [+] 16 Records Found
  450. #######################################################################################################################################
  451. *] Processing domain orgil.co.il
  452. [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
  453. [+] Getting nameservers
  454. 185.60.169.2 - park2.livedns.co.il
  455. 62.219.78.217 - park1.livedns.co.il
  456. [-] Zone transfer failed
  457.  
  458. [+] TXT records found
  459. "v=spf1 include:spf.protection.outlook.com -all"
  460. "MS=ms92420837"
  461.  
  462. [+] MX records found, added to target list
  463. 0 orgil-co-il.mail.protection.outlook.com.
  464.  
  465. [*] Scanning orgil.co.il for A records
  466. 62.219.78.222 - orgil.co.il                        
  467. 52.98.2.200 - autodiscover.orgil.co.il                
  468. 52.98.0.168 - autodiscover.orgil.co.il          
  469. 40.100.145.168 - autodiscover.orgil.co.il
  470. 52.98.1.232 - autodiscover.orgil.co.il
  471. 13.76.177.110 - enterpriseenrollment.orgil.co.il                
  472. 40.69.218.132 - enterpriseregistration.orgil.co.il
  473. 52.113.66.206 - lyncdiscover.orgil.co.il              
  474. 40.126.14.102 - msoid.orgil.co.il                  
  475. 52.113.66.144 - sip.orgil.co.il                        
  476. 62.219.78.222 - www.orgil.co.il                      
  477. ######################################################################################################################################
  478. [+] Testing domain
  479.         www.orgil.co.il          62.219.78.222      
  480. [+] Dns resolving
  481.        Domain name               Ip address              Name server      
  482.        orgil.co.il             62.219.78.222      bzq-78-222.red.bezeqint.net
  483. Found 1 host(s) for orgil.co.il
  484. [+] Testing wildcard
  485.     Ok, no wildcard found.
  486.  
  487. [+] Scanning for subdomain on orgil.co.il
  488. [!] Wordlist not specified. I scannig with my internal wordlist...
  489.     Estimated time about 330.31 seconds
  490.  
  491.         Subdomain                Ip address              Name server
  492.      
  493.      www.orgil.co.il           62.219.78.222      bzq-78-222.red.bezeqint.net
  494. #######################################################################################################################################
  495. dnsenum VERSION:1.2.4
  496.  
  497. -----   www.orgil.co.il   -----
  498.  
  499.  
  500. Host's addresses:
  501. __________________
  502.  
  503. www.orgil.co.il.                         14398    IN    A        62.219.78.222
  504.  
  505.  
  506. Name Servers:
  507. ______________
  508. #######################################################################################################################################
  509.  
  510. Running Source: Ask
  511. Running Source: Archive.is
  512. Running Source: Baidu
  513. Running Source: Bing
  514. Running Source: CertDB
  515. Running Source: CertificateTransparency
  516. Running Source: Certspotter
  517. Running Source: Commoncrawl
  518. Running Source: Crt.sh
  519. Running Source: Dnsdb
  520. Running Source: DNSDumpster
  521. Running Source: DNSTable
  522. Running Source: Dogpile
  523. Running Source: Exalead
  524. Running Source: Findsubdomains
  525. Running Source: Googleter
  526. Running Source: Hackertarget
  527. Running Source: Ipv4Info
  528. Running Source: PTRArchive
  529. Running Source: Sitedossier
  530. Running Source: Threatcrowd
  531. Running Source: ThreatMiner
  532. Running Source: WaybackArchive
  533. Running Source: Yahoo
  534.  
  535. Running enumeration on www.orgil.co.il
  536.  
  537. dnsdb: Unexpected return status 503
  538.  
  539. crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
  540.  
  541. waybackarchive: strconv.Atoi: parsing "org.archive.util.io.RuntimeIOException: org.archive.wayback.exception.RobotAccessControlException: Blocked By Robots": invalid syntax
  542.  
  543. ipv4info: <nil>
  544.  
  545.  
  546. Starting Bruteforcing of www.orgil.co.il with 9985 words
  547.  
  548. Total 1 Unique subdomains found for www.orgil.co.il
  549.  
  550. .www.orgil.co.il
  551. #######################################################################################################################################
  552. [+] www.orgil.co.il has no SPF record!
  553. [*] No DMARC record found. Looking for organizational record
  554. [+] No organizational DMARC record
  555. [+] Spoofing possible for www.orgil.co.il!
  556. #######################################################################################################################################
  557. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:02 EST
  558. Nmap scan report for www.orgil.co.il (62.219.78.222)
  559. Host is up (0.28s latency).
  560. rDNS record for 62.219.78.222: bzq-78-222.red.bezeqint.net
  561. Not shown: 471 filtered ports, 4 closed ports
  562. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  563. PORT   STATE SERVICE
  564. 80/tcp open  http
  565. #######################################################################################################################################
  566. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:02 EST
  567. Nmap scan report for www.orgil.co.il (62.219.78.222)
  568. Host is up (0.24s latency).
  569. rDNS record for 62.219.78.222: bzq-78-222.red.bezeqint.net
  570. Not shown: 2 filtered ports
  571. PORT     STATE         SERVICE
  572. 53/udp   open|filtered domain
  573. 67/udp   open|filtered dhcps
  574. 68/udp   open|filtered dhcpc
  575. 69/udp   open|filtered tftp
  576. 88/udp   open|filtered kerberos-sec
  577. 123/udp  open|filtered ntp
  578. 139/udp  open|filtered netbios-ssn
  579. 161/udp  open|filtered snmp
  580. 162/udp  open|filtered snmptrap
  581. 389/udp  open|filtered ldap
  582. 520/udp  open|filtered route
  583. 2049/udp open|filtered nfs
  584. #######################################################################################################################################
  585.                                  ^     ^
  586.         _   __  _   ____ _   __  _    _   ____
  587.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  588.       | V V // o // _/ | V V // 0 // 0 // _/
  589.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
  590.                                 <
  591.                                 ...'
  592.  
  593.     WAFW00F - Web Application Firewall Detection Tool
  594.  
  595.     By Sandro Gauci && Wendel G. Henrique
  596.  
  597. Checking http://www.orgil.co.il
  598. Generic Detection results:
  599. The site http://www.orgil.co.il seems to be behind a WAF or some sort of security solution
  600. Reason: Blocking is being done at connection/packet level.
  601. Number of requests: 11
  602. #######################################################################################################################################
  603. http://www.orgil.co.il [200 OK] ASP_NET[2.0.50727], Country[ISRAEL][IL], Email[sales@livedns.co.il], IP[62.219.78.222], JQuery, Meta-Author[LiveDns Ltd - Web Development Department], Script[application/ld+json,text/javascript], Title[דומיין|דומיינים|איחסון אתרים|אחסון אתרים|רישום דומיין|רישום דומיינים|איחסון], X-Powered-By[ASP.NET], X-UA-Compatible[IE=EmulateIE8]
  604. ######################################################################################################################################
  605. wig - WebApp Information Gatherer
  606.  
  607.  
  608. Scanning http://www.orgil.co.il...
  609. _____________________ SITE INFO ______________________
  610. IP               Title                                
  611. 62.219.78.222    דומיין|דומיינים|איחסון אתרים|אחסון
  612.                                                      
  613. ______________________ VERSION _______________________
  614. Name             Versions          Type              
  615. ASP.NET          2.0.50727         Platform          
  616.                                                      
  617. ____________________ INTERESTING _____________________
  618. URL              Note              Type              
  619. /robots.txt      robots.txt index  Interesting        
  620.                                                      
  621. ______________________________________________________
  622. Time: 248.7 sec  Urls: 646         Fingerprints: 40401
  623. #######################################################################################################################################
  624. HTTP/1.1 200 OK
  625. Cache-Control: private
  626. Content-Length: 100096
  627. Content-Type: text/html; charset=utf-8
  628. X-AspNet-Version: 2.0.50727
  629. X-Powered-By: ASP.NET
  630. Date: Sat, 26 Jan 2019 00:07:16 GMT
  631. Connection: keep-alive
  632.  
  633. HTTP/1.1 200 OK
  634. Cache-Control: private
  635. Content-Length: 100096
  636. Content-Type: text/html; charset=utf-8
  637. X-AspNet-Version: 2.0.50727
  638. X-Powered-By: ASP.NET
  639. Date: Sat, 26 Jan 2019 00:07:18 GMT
  640. Connection: keep-alive
  641. ######################################################################################################################################
  642. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  643. |     App Name      |          URL to Application          |                  Potential Exploit                  | Username | Password |
  644. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  645. | JBoss jmx-console | http://62.219.78.222:80/jmx-console/ | ./exploit/multi/http/jboss_deploymentfilerepository | None     | None     |
  646. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  647. #######################################################################################################################################
  648. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 18:53 EST
  649. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  650. Host is up (0.27s latency).
  651. Not shown: 471 filtered ports, 4 closed ports
  652. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  653. PORT   STATE SERVICE
  654. 80/tcp open  http
  655. #######################################################################################################################################
  656. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 18:53 EST
  657. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  658. Host is up (0.23s latency).
  659. Not shown: 2 filtered ports
  660. PORT     STATE         SERVICE
  661. 53/udp   open|filtered domain
  662. 67/udp   open|filtered dhcps
  663. 68/udp   open|filtered dhcpc
  664. 69/udp   open|filtered tftp
  665. 88/udp   open|filtered kerberos-sec
  666. 123/udp  open|filtered ntp
  667. 139/udp  open|filtered netbios-ssn
  668. 161/udp  open|filtered snmp
  669. 162/udp  open|filtered snmptrap
  670. 389/udp  open|filtered ldap
  671. 520/udp  open|filtered route
  672. 2049/udp open|filtered nfs
  673. ######################################################################################################################################
  674. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 18:53 EST
  675. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  676. Host is up.
  677.  
  678. PORT   STATE         SERVICE VERSION
  679. 67/udp open|filtered dhcps
  680. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  681. Too many fingerprints match this host to give specific OS details
  682.  
  683. TRACEROUTE (using proto 1/icmp)
  684. HOP RTT       ADDRESS
  685. 1   229.34 ms 10.251.200.1
  686. 2   229.37 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  687. 3   229.96 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  688. 4   230.76 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  689. 5   233.16 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  690. 6   487.85 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  691. 7   299.61 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  692. 8   491.50 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  693. 9   491.53 ms 63.243.205.12
  694. 10  482.92 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  695. 11  493.52 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  696. 12  484.91 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  697. 13  483.41 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  698. 14  482.47 ms 195.219.100.130
  699. 15  514.22 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  700. 16  514.26 ms bzq-219-189-9.dsl.bezeqint.net (62.219.189.9)
  701. 17  512.14 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  702. 18  513.37 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  703. 19  510.90 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  704. 20  512.16 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  705. 21  ... 30
  706. #######################################################################################################################################
  707. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 18:55 EST
  708. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  709. Host is up.
  710.  
  711. PORT   STATE         SERVICE VERSION
  712. 68/udp open|filtered dhcpc
  713. Too many fingerprints match this host to give specific OS details
  714.  
  715. TRACEROUTE (using proto 1/icmp)
  716. HOP RTT       ADDRESS
  717. 1   237.51 ms 10.251.200.1
  718. 2   237.55 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  719. 3   238.31 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  720. 4   239.35 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  721. 5   240.30 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  722. 6   492.00 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  723. 7   306.82 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  724. 8   500.04 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  725. 9   500.07 ms 63.243.205.12
  726. 10  491.27 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  727. 11  499.06 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  728. 12  489.82 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  729. 13  488.98 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  730. 14  487.80 ms 195.219.100.130
  731. 15  518.83 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  732. 16  524.86 ms bzq-219-189-9.cablep.bezeqint.net (62.219.189.9)
  733. 17  520.68 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  734. 18  522.86 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  735. 19  516.96 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  736. 20  516.73 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  737. 21  ... 30
  738. #######################################################################################################################################
  739. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 18:57 EST
  740. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  741. Host is up.
  742.  
  743. PORT   STATE         SERVICE VERSION
  744. 69/udp open|filtered tftp
  745. Too many fingerprints match this host to give specific OS details
  746.  
  747. TRACEROUTE (using proto 1/icmp)
  748. HOP RTT       ADDRESS
  749. 1   235.05 ms 10.251.200.1
  750. 2   235.26 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  751. 3   235.84 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  752. 4   236.89 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  753. 5   238.53 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  754. 6   490.88 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  755. 7   303.85 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  756. 8   497.29 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  757. 9   497.33 ms 63.243.205.12
  758. 10  488.91 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  759. 11  499.68 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  760. 12  490.41 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  761. 13  489.64 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  762. 14  488.79 ms 195.219.100.130
  763. 15  519.19 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  764. 16  517.05 ms bzq-219-189-9.cablep.bezeqint.net (62.219.189.9)
  765. 17  517.68 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  766. 18  520.04 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  767. 19  517.30 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  768. 20  517.82 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  769. 21  ... 30
  770. #######################################################################################################################################
  771.                                  ^     ^
  772.         _   __  _   ____ _   __  _    _   ____
  773.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  774.       | V V // o // _/ | V V // 0 // 0 // _/
  775.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
  776.                                 <
  777.                                 ...'
  778.  
  779.     WAFW00F - Web Application Firewall Detection Tool
  780.  
  781.     By Sandro Gauci && Wendel G. Henrique
  782.  
  783. Checking http://62.219.78.222
  784. Generic Detection results:
  785. The site http://62.219.78.222 seems to be behind a WAF or some sort of security solution
  786. Reason: Blocking is being done at connection/packet level.
  787. Number of requests: 11
  788. #######################################################################################################################################
  789. http://62.219.78.222 [200 OK] ASP_NET[2.0.50727], Country[ISRAEL][IL], Email[sales@livedns.co.il], IP[62.219.78.222], JQuery, Meta-Author[LiveDns Ltd - Web Development Department], Script[application/ld+json,text/javascript], Title[דומיין|דומיינים|איחסון אתרים|אחסון אתרים|רישום דומיין|רישום דומיינים|איחסון], X-Powered-By[ASP.NET], X-UA-Compatible[IE=EmulateIE8]
  790. #######################################################################################################################################
  791. wig - WebApp Information Gatherer
  792.  
  793.  
  794. Scanning http://62.219.78.222...
  795. _____________________ SITE INFO ______________________
  796. IP               Title                                
  797. 62.219.78.222    דומיין|דומיינים|איחסון אתרים|אחסון
  798.                                                      
  799. ______________________ VERSION _______________________
  800. Name             Versions          Type              
  801. ASP.NET          2.0.50727         Platform          
  802.                                                      
  803. ____________________ INTERESTING _____________________
  804. URL              Note              Type              
  805. /robots.txt      robots.txt index  Interesting        
  806.                                                      
  807. ______________________________________________________
  808. Time: 193.2 sec  Urls: 646         Fingerprints: 40401
  809. #######################################################################################################################################
  810. HTTP/1.1 200 OK
  811. Cache-Control: private
  812. Content-Length: 100242
  813. Content-Type: text/html; charset=utf-8
  814. X-AspNet-Version: 2.0.50727
  815. X-Powered-By: ASP.NET
  816. Date: Sat, 26 Jan 2019 00:03:49 GMT
  817. Connection: keep-alive
  818.  
  819. HTTP/1.1 200 OK
  820. Cache-Control: private
  821. Content-Length: 100242
  822. Content-Type: text/html; charset=utf-8
  823. X-AspNet-Version: 2.0.50727
  824. X-Powered-By: ASP.NET
  825. Date: Sat, 26 Jan 2019 00:03:50 GMT
  826. Connection: keep-alive
  827. #######################################################################################################################################
  828. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:04 EST
  829. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  830. Host is up.
  831.  
  832. PORT    STATE         SERVICE VERSION
  833. 123/udp open|filtered ntp
  834. Too many fingerprints match this host to give specific OS details
  835.  
  836. TRACEROUTE (using proto 1/icmp)
  837. HOP RTT       ADDRESS
  838. 1   229.06 ms 10.251.200.1
  839. 2   229.29 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  840. 3   229.91 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  841. 4   230.70 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  842. 5   232.12 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  843. 6   483.16 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  844. 7   299.37 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  845. 8   491.37 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  846. 9   491.38 ms 63.243.205.12
  847. 10  482.64 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  848. 11  493.78 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  849. 12  484.58 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  850. 13  483.92 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  851. 14  482.55 ms 195.219.100.130
  852. 15  513.60 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  853. 16  511.44 ms bzq-219-189-9.dsl.bezeqint.net (62.219.189.9)
  854. 17  510.66 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  855. 18  512.87 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  856. 19  510.14 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  857. 20  517.74 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  858. 21  ... 30
  859. #######################################################################################################################################
  860. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:06 EST
  861. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  862. Host is up (0.23s latency).
  863.  
  864. PORT    STATE         SERVICE VERSION
  865. 161/tcp filtered      snmp
  866. 161/udp open|filtered snmp
  867. Too many fingerprints match this host to give specific OS details
  868.  
  869. TRACEROUTE (using proto 1/icmp)
  870. HOP RTT       ADDRESS
  871. 1   227.80 ms 10.251.200.1
  872. 2   227.82 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  873. 3   228.38 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  874. 4   229.59 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  875. 5   230.93 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  876. 6   542.97 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  877. 7   542.79 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  878. 8   543.00 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  879. 9   543.02 ms 63.243.205.12
  880. 10  543.01 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  881. 11  768.55 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  882. 12  768.52 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  883. 13  768.51 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  884. 14  768.49 ms 195.219.100.130
  885. 15  768.52 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  886. 16  738.75 ms bzq-219-189-9.dsl.bezeqint.net (62.219.189.9)
  887. 17  737.75 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  888. 18  740.02 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  889. 19  738.26 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  890. 20  738.22 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  891. 21  ... 30
  892. ######################################################################################################################################
  893. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  894. |     App Name      |          URL to Application          |                  Potential Exploit                  | Username | Password |
  895. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  896. | JBoss jmx-console | http://62.219.78.222:80/jmx-console/ | ./exploit/multi/http/jboss_deploymentfilerepository | None     | None     |
  897. +-------------------+--------------------------------------+-----------------------------------------------------+----------+----------+
  898. #######################################################################################################################################
  899. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:10 EST
  900. NSE: Loaded 148 scripts for scanning.
  901. NSE: Script Pre-scanning.
  902. NSE: Starting runlevel 1 (of 2) scan.
  903. Initiating NSE at 19:10
  904. Completed NSE at 19:10, 0.00s elapsed
  905. NSE: Starting runlevel 2 (of 2) scan.
  906. Initiating NSE at 19:10
  907. Completed NSE at 19:10, 0.00s elapsed
  908. Initiating Ping Scan at 19:10
  909. Scanning 62.219.78.222 [4 ports]
  910. Completed Ping Scan at 19:10, 0.26s elapsed (1 total hosts)
  911. Initiating Parallel DNS resolution of 1 host. at 19:10
  912. Completed Parallel DNS resolution of 1 host. at 19:10, 0.02s elapsed
  913. Initiating Connect Scan at 19:10
  914. Scanning bzq-78-222.red.bezeqint.net (62.219.78.222) [1000 ports]
  915. Discovered open port 80/tcp on 62.219.78.222
  916. Completed Connect Scan at 19:10, 12.06s elapsed (1000 total ports)
  917. Initiating Service scan at 19:10
  918. Scanning 1 service on bzq-78-222.red.bezeqint.net (62.219.78.222)
  919. Completed Service scan at 19:11, 38.54s elapsed (1 service on 1 host)
  920. Initiating OS detection (try #1) against bzq-78-222.red.bezeqint.net (62.219.78.222)
  921. Retrying OS detection (try #2) against bzq-78-222.red.bezeqint.net (62.219.78.222)
  922. Initiating Traceroute at 19:11
  923. Completed Traceroute at 19:11, 4.01s elapsed
  924. Initiating Parallel DNS resolution of 20 hosts. at 19:11
  925. Completed Parallel DNS resolution of 20 hosts. at 19:11, 16.50s elapsed
  926. NSE: Script scanning 62.219.78.222.
  927. NSE: Starting runlevel 1 (of 2) scan.
  928. Initiating NSE at 19:11
  929. NSE Timing: About 95.14% done; ETC: 19:12 (0:00:02 remaining)
  930. NSE Timing: About 99.31% done; ETC: 19:12 (0:00:00 remaining)
  931. Completed NSE at 19:13, 74.81s elapsed
  932. NSE: Starting runlevel 2 (of 2) scan.
  933. Initiating NSE at 19:13
  934. Completed NSE at 19:13, 0.00s elapsed
  935. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  936. Host is up, received reset ttl 64 (0.23s latency).
  937. Scanned at 2019-01-25 19:10:41 EST for 151s
  938. Not shown: 996 filtered ports
  939. Reason: 996 no-responses
  940. PORT    STATE  SERVICE      REASON       VERSION
  941. 25/tcp  closed smtp         conn-refused
  942. 80/tcp  open   http-proxy   syn-ack      Squid http proxy
  943. |_http-open-proxy: Proxy might be redirecting requests
  944. 139/tcp closed netbios-ssn  conn-refused
  945. 445/tcp closed microsoft-ds conn-refused
  946. Device type: general purpose|storage-misc|broadband router|WAP
  947. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (90%), Asus embedded (87%)
  948. OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u
  949. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  950. Aggressive OS guesses: Linux 3.18 (93%), Linux 3.16 - 4.6 (93%), Linux 3.10 - 4.11 (91%), Linux 3.13 (91%), Linux 3.13 or 4.2 (91%), Linux 4.2 (91%), Linux 4.4 (91%), HP P2000 G3 NAS device (90%), Linux 3.2 - 4.9 (90%), Linux 3.16 (89%)
  951. No exact OS matches for host (test conditions non-ideal).
  952. TCP/IP fingerprint:
  953. SCAN(V=7.70%E=4%D=1/25%OT=80%CT=25%CU=%PV=N%G=N%TM=5C4BA618%P=x86_64-pc-linux-gnu)
  954. SEQ(SP=107%GCD=1%ISR=10C%TI=Z%CI=Z%TS=8)
  955. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
  956. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
  957. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
  958. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  959. T2(R=N)
  960. T3(R=N)
  961. T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  962. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  963. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  964. T7(R=N)
  965. U1(R=N)
  966. IE(R=N)
  967.  
  968. Uptime guess: 42.340 days (since Fri Dec 14 11:03:56 2018)
  969. TCP Sequence Prediction: Difficulty=263 (Good luck!)
  970. IP ID Sequence Generation: All zeros
  971.  
  972. TRACEROUTE (using proto 1/icmp)
  973. HOP RTT       ADDRESS
  974. 1   227.65 ms 10.251.200.1
  975. 2   228.01 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
  976. 3   228.26 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
  977. 4   229.43 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  978. 5   231.05 ms ix-et-7.hcore1.h71-hong-kong.as6453.net (180.87.160.197)
  979. 6   481.92 ms if-ae-38-2.tcore1.hk2-hong-kong.as6453.net (116.0.67.86)
  980. 7   296.94 ms if-et-17-2.hcore1.kv8-chiba.as6453.net (116.0.67.62)
  981. 8   490.37 ms if-ae-5-2.tcore2.sv1-santa-clara.as6453.net (209.58.86.142)
  982. 9   490.42 ms 63.243.205.12
  983. 10  481.39 ms if-ae-12-2.tcore1.nto-new-york.as6453.net (63.243.128.28)
  984. 11  493.98 ms if-ae-8-2.tcore2.nto-new-york.as6453.net (63.243.128.70)
  985. 12  485.11 ms if-ae-32-2.tcore2.ldn-london.as6453.net (63.243.216.23)
  986. 13  484.08 ms if-ae-3-2.thar1.lrt-london.as6453.net (80.231.62.74)
  987. 14  482.70 ms 195.219.100.130
  988. 15  513.43 ms bzq-179-72-241.cust.bezeqint.net (212.179.72.241)
  989. 16  511.63 ms bzq-219-189-9.cablep.bezeqint.net (62.219.189.9)
  990. 17  510.11 ms bzq-179-124-85.cust.bezeqint.net (212.179.124.85)
  991. 18  513.07 ms bzq-179-124-81.cust.bezeqint.net (212.179.124.81)
  992. 19  509.33 ms bzq-179-124-158.cust.bezeqint.net (212.179.124.158)
  993. 20  510.26 ms bzq-218-2-197.cablep.bezeqint.net (81.218.2.197)
  994. 21  ... 30
  995.  
  996. NSE: Script Post-scanning.
  997. NSE: Starting runlevel 1 (of 2) scan.
  998. Initiating NSE at 19:13
  999. Completed NSE at 19:13, 0.00s elapsed
  1000. NSE: Starting runlevel 2 (of 2) scan.
  1001. Initiating NSE at 19:13
  1002. Completed NSE at 19:13, 0.00s elapsed
  1003. Read data files from: /usr/bin/../share/nmap
  1004. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1005. Nmap done: 1 IP address (1 host up) scanned in 152.04 seconds
  1006.            Raw packets sent: 122 (9.392KB) | Rcvd: 59 (4.787KB)
  1007. #######################################################################################################################################
  1008. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 19:13 EST
  1009. NSE: Loaded 148 scripts for scanning.
  1010. NSE: Script Pre-scanning.
  1011. Initiating NSE at 19:13
  1012. Completed NSE at 19:13, 0.00s elapsed
  1013. Initiating NSE at 19:13
  1014. Completed NSE at 19:13, 0.00s elapsed
  1015. Initiating Parallel DNS resolution of 1 host. at 19:13
  1016. Completed Parallel DNS resolution of 1 host. at 19:13, 0.02s elapsed
  1017. Initiating UDP Scan at 19:13
  1018. Scanning bzq-78-222.red.bezeqint.net (62.219.78.222) [14 ports]
  1019. Completed UDP Scan at 19:13, 3.11s elapsed (14 total ports)
  1020. Initiating Service scan at 19:13
  1021. Scanning 12 services on bzq-78-222.red.bezeqint.net (62.219.78.222)
  1022. Service scan Timing: About 8.33% done; ETC: 19:32 (0:17:58 remaining)
  1023. Completed Service scan at 19:14, 102.57s elapsed (12 services on 1 host)
  1024. Initiating OS detection (try #1) against bzq-78-222.red.bezeqint.net (62.219.78.222)
  1025. Retrying OS detection (try #2) against bzq-78-222.red.bezeqint.net (62.219.78.222)
  1026. Initiating Traceroute at 19:15
  1027. Completed Traceroute at 19:15, 7.27s elapsed
  1028. Initiating Parallel DNS resolution of 1 host. at 19:15
  1029. Completed Parallel DNS resolution of 1 host. at 19:15, 0.02s elapsed
  1030. NSE: Script scanning 62.219.78.222.
  1031. Initiating NSE at 19:15
  1032. Completed NSE at 19:15, 20.32s elapsed
  1033. Initiating NSE at 19:15
  1034. Completed NSE at 19:15, 1.72s elapsed
  1035. Nmap scan report for bzq-78-222.red.bezeqint.net (62.219.78.222)
  1036. Host is up (0.23s latency).
  1037.  
  1038. PORT     STATE         SERVICE      VERSION
  1039. 53/udp   open|filtered domain
  1040. 67/udp   open|filtered dhcps
  1041. 68/udp   open|filtered dhcpc
  1042. 69/udp   open|filtered tftp
  1043. 88/udp   open|filtered kerberos-sec
  1044. 123/udp  open|filtered ntp
  1045. 137/udp  filtered      netbios-ns
  1046. 138/udp  filtered      netbios-dgm
  1047. 139/udp  open|filtered netbios-ssn
  1048. 161/udp  open|filtered snmp
  1049. 162/udp  open|filtered snmptrap
  1050. 389/udp  open|filtered ldap
  1051. 520/udp  open|filtered route
  1052. 2049/udp open|filtered nfs
  1053. Too many fingerprints match this host to give specific OS details
  1054.  
  1055. TRACEROUTE (using port 137/udp)
  1056. HOP RTT       ADDRESS
  1057. 1   227.56 ms 10.251.200.1
  1058. 2   ... 3
  1059. 4   230.15 ms 10.251.200.1
  1060. 5   229.22 ms 10.251.200.1
  1061. 6   229.22 ms 10.251.200.1
  1062. 7   229.21 ms 10.251.200.1
  1063. 8   229.21 ms 10.251.200.1
  1064. 9   229.20 ms 10.251.200.1
  1065. 10  229.22 ms 10.251.200.1
  1066. 11  ... 18
  1067. 19  231.80 ms 10.251.200.1
  1068. 20  227.42 ms 10.251.200.1
  1069. 21  ... 28
  1070. 29  228.88 ms 10.251.200.1
  1071. 30  228.25 ms 10.251.200.1
  1072.  
  1073. NSE: Script Post-scanning.
  1074. Initiating NSE at 19:15
  1075. Completed NSE at 19:15, 0.00s elapsed
  1076. Initiating NSE at 19:15
  1077. Completed NSE at 19:15, 0.00s elapsed
  1078. Read data files from: /usr/bin/../share/nmap
  1079. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1080. Nmap done: 1 IP address (1 host up) scanned in 143.06 seconds
  1081.            Raw packets sent: 147 (13.614KB) | Rcvd: 55 (4.891KB)
  1082. #######################################################################################################################################
  1083.                                                Anonymous JTSEC #OpIsraël Full Recon #4
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top