Anonymous JTSEC #OpIsrael Full Recon #8

1. #######################################################################################################################################
2. Nom de l'hôte 9tv.co.il FAI Variti International GmbH
3. Continent Europe Drapeau
4. CH
5. Pays Suisse Code du pays CH
6. Région Inconnu Heure locale 28 Oct 2018 02:35 CET
7. Ville Inconnu Code Postal Inconnu
8. Adresse IP 185.203.72.162 Latitude 47.145
9. #######################################################################################################################################
10. > 9tv.co.il
11. Server: 38.132.106.139
12. Address: 38.132.106.139#53
13.  
14. Non-authoritative answer:
15. Name: 9tv.co.il
16. Address: 185.203.72.162
17. #######################################################################################################################################
18. HostIP:185.203.72.162
19. HostName:9tv.co.il
20.  
21. Gathered Inet-whois information for 185.203.72.162
22. ---------------------------------------------------------------------------------------------------------------------------------------
23.  
24.  
25. inetnum: 185.203.72.0 - 185.203.75.255
26. netname: CH-VARITI-20170512
27. country: CH
28. org: ORG-VIG19-RIPE
29. admin-c: AM41696-RIPE
30. tech-c: AM41696-RIPE
31. status: ALLOCATED PA
32. mnt-by: RIPE-NCC-HM-MNT
33. mnt-by: ch-variti-1-mnt
34. created: 2017-05-12T08:13:49Z
35. last-modified: 2017-05-12T08:13:49Z
36. source: RIPE
37.  
38. organisation: ORG-VIG19-RIPE
39. org-name: Variti International GmbH
40. org-type: LIR
41. address: Denkmalstrasse 2
42. address: 6006
43. address: Luzern
44. address: SWITZERLAND
45. admin-c: AM41696-RIPE
46. tech-c: AM41696-RIPE
47. abuse-c: AR40358-RIPE
48. mnt-ref: ch-variti-1-mnt
49. mnt-by: RIPE-NCC-HM-MNT
50. mnt-by: ch-variti-1-mnt
51. created: 2017-05-11T07:36:52Z
52. last-modified: 2017-05-11T15:01:59Z
53. source: RIPE # Filtered
54. phone: +41 41 417 20 57
55.  
56. person: Andreas Muller
57. address: Denkmalstrasse 2
58. address: 6006
59. address: Luzern
60. address: SWITZERLAND
61. phone: +41 41 417 20 57
62. nic-hdl: AM41696-RIPE
63. mnt-by: ch-variti-1-mnt
64. created: 2017-05-11T07:36:52Z
65. last-modified: 2017-05-11T15:03:45Z
66. source: RIPE
67.  
68. % Information related to '185.203.72.0/24AS42240'
69.  
70. route: 185.203.72.0/24
71. origin: AS42240
72. mnt-by: ch-variti-1-mnt
73. created: 2017-05-29T10:03:52Z
74. last-modified: 2018-07-10T16:37:18Z
75. source: RIPE
76.  
77. % This query was served by the RIPE Database Query Service version 1.92.6 (BLAARKOP)
78.  
79.  
80.  
81. Gathered Inic-whois information for 9tv.co.il
82. ---------------------------------------------------------------------------------------------------------------------------------------
83. domain: 9tv.co.il
84.  
85. descr: Vash Telekanal LTD
86. descr: Thela Ha Haar 44
87. descr: Modiin
88. descr: 45457
89. descr: Israel
90. phone: +972 50 7126999
91. e-mail: ervinm AT 9tv.co.il
92. admin-c: DT-SR7715-IL
93. tech-c: DT-SR7716-IL
94. zone-c: DT-SR7717-IL
95. nserver: ns0.dnsmadeeasy.com
96. nserver: ns1.dnsmadeeasy.com
97. nserver: ns2.dnsmadeeasy.com
98. nserver: ns3.dnsmadeeasy.com
99. nserver: ns4.dnsmadeeasy.com
100. validity: 30-05-2019
101. DNSSEC: unsigned
102. status: Transfer Locked
103. changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
104. changed: domain-registrar AT isoc.org.il 20060514 (Changed)
105. changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
106. changed: domain-registrar AT isoc.org.il 20080813 (Changed)
107. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
108. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
109. changed: domain-registrar AT isoc.org.il 20YV@13073�zH10 (Cuhanged)
110. changed: domain-registrar AT isoc.org.il 20130916 (Changed)
111. changed: domain-registrar AT isoc.org.il 20140429 (Changed)
112. changed: domain-registrar AT isoc.org.il 20�U@14043�~H00 (C�hanged)��J)�
113.  
114. person: Steve Rekun
115. address Channel 9
116. address Tzela Ha Haar 44
117. address Modiin
118. address 67898
119. address Israel
120. phone: +972 3 6232999
121. e-mail: steve AT 9tv.co.il
122. nic-hdl: DT-SR7715-IL
123. changed: Managing Registrar 20140429
124.  
125. person: Steve Rekun
126. address Channel 9
127. address Tzela Ha Haar 44
128. address Modiin
129. address 67898
130. address Israel
131. phone: +972 3 6232999
132. e-mail: steve AT 9tv.co.il
133. nic-hdl: DT-SR7716-IL
134. changed: Managing Registrar 20140429
135.  
136. person: Steve Rekun
137. address Channel 9
138. address Tzela Ha Haar 44
139. address Modiin
140. address 67898
141. address Israel
142. phone: +972 3 6232999
143. e-mail: steve AT 9tv.co.il
144. nic-hdl: DT-SR7717-IL
145. changed: Managing Registrar 20140429
146.  
147. registrar name: Domain The Net Technologies Ltd
148. registrar info: https://www.domainthenet.com
149.  
150. % Rights to the data above are restricted by coV@pyrig�zHh0t.
151.  
152. Gathered Netcraft information for 9tv.co.il
153. ---------------------------------------------------------------------------------------------------------------------------------------
154.  
155. Retrieving Netcraft.com information for 9tv.co.il
156. Netcraft.com Information gathered
157.  
158. Gathered Subdomain information for 9tv.co.il
159. ---------------------------------------------------------------------------------------------------------------------------------------
160. Searching Google.com:80...
161. HostName:golden.9tv.co.il
162. HostIP:62.90.177.24
163. HostName:www.9tv.co.il
164. HostIP:185.203.72.162
165. Searching Altavista.com:80...
166. Found 2 possible subdomain(s) for host 9tv.co.il, Searched 0 pages containing 0 results
167.  
168. Gathered E-Mail information for 9tv.co.il
169. ---------------------------------------------------------------------------------------------------------------------------------------
170. Searching Google.com:80...
171. Searching Altavista.com:80...
172. Found 0 E-Mail(s) for host 9tv.co.il, Searched 0 pages containing 0 results
173.  
174. Gathered TCP Port information for 185.203.72.162
175. ---------------------------------------------------------------------------------------------------------------------------------------
176.  
177. Port State
178.  
179. 80/tcp open
180.  
181. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
182. #######################################################################################################################################
183. [i] Scanning Site: http://9tv.co.il
184.  
185.  
186.  
187. B A S I C I N F O
188. =======================================================================================================================================
189.  
190.  
191. [+] Site Title: 9 Канал | Новости Израиля и мира | Лента новостей | ТВ видео онлайн
192. [+] IP address: 185.203.72.162
193. [+] Web Server: Could Not Detect
194. [+] CMS: Could Not Detect
195. [+] Cloudflare: Not Detected
196. [+] Robots File: Found
197.  
198. -------------[ contents ]----------------
199. User-agent: *
200. Allow: /
201. Disallow: /a-panel/
202. Disallow: /cgi-bin/
203. Disallow: /facebook/
204. Disallow: /flowplayer/
205. Disallow: /images/
206. Disallow: /php/
207. Disallow: /new99/
208. Disallow:/news/2016/12/10/235701.html
209. Allow: /new99/css/
210. -----------[end of contents]-------------
211.  
212.  
213.  
214. W H O I S L O O K U P
215. =======================================================================================================================================
216.  
217.  
218. % The data in the WHOIS database of the .il registry is provided
219. % by ISOC-IL for information purposes, and to assist persons in
220. % obtaining information about or related to a domain name
221. % registration record. ISOC-IL does not guarantee its accuracy.
222. % By submitting a WHOIS query, you agree that you will use this
223. % Data only for lawful purposes and that, under no circumstances
224. % will you use this Data to: (1) allow, enable, or otherwise
225. % support the transmission of mass unsolicited, commercial
226. % advertising or solicitations via e-mail (spam);
227. % or (2) enable high volume, automated, electronic processes that
228. % apply to ISOC-IL (or its systems).
229. % ISOC-IL reserves the right to modify these terms at any time.
230. % By submitting this query, you agree to abide by this policy.
231.  
232. query: 9tv.co.il
233.  
234. reg-name: 9tv
235. domain: 9tv.co.il
236.  
237. descr: Vash Telekanal LTD
238. descr: Thela Ha Haar 44
239. descr: Modiin
240. descr: 45457
241. descr: Israel
242. phone: +972 50 7126999
243. e-mail: ervinm AT 9tv.co.il
244. admin-c: DT-SR7715-IL
245. tech-c: DT-SR7716-IL
246. zone-c: DT-SR7717-IL
247. nserver: ns0.dnsmadeeasy.com
248. nserver: ns1.dnsmadeeasy.com
249. nserver: ns2.dnsmadeeasy.com
250. nserver: ns3.dnsmadeeasy.com
251. nserver: ns4.dnsmadeeasy.com
252. validity: 30-05-2019
253. DNSSEC: unsigned
254. status: Transfer Locked
255. changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
256. changed: domain-registrar AT isoc.org.il 20060514 (Changed)
257. changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
258. changed: domain-registrar AT isoc.org.il 20080813 (Changed)
259. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
260. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
261. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
262. changed: domain-registrar AT isoc.org.il 20130916 (Changed)
263. changed: domain-registrar AT isoc.org.il 20140429 (Changed)
264. changed: domain-registrar AT isoc.org.il 20140430 (Changed)
265.  
266. person: Steve Rekun
267. address Channel 9
268. address Tzela Ha Haar 44
269. address Modiin
270. address 67898
271. address Israel
272. phone: +972 3 6232999
273. e-mail: steve AT 9tv.co.il
274. nic-hdl: DT-SR7715-IL
275. changed: Managing Registrar 20140429
276.  
277. person: Steve Rekun
278. address Channel 9
279. address Tzela Ha Haar 44
280. address Modiin
281. address 67898
282. address Israel
283. phone: +972 3 6232999
284. e-mail: steve AT 9tv.co.il
285. nic-hdl: DT-SR7716-IL
286. changed: Managing Registrar 20140429
287.  
288. person: Steve Rekun
289. address Channel 9
290. address Tzela Ha Haar 44
291. address Modiin
292. address 67898
293. address Israel
294. phone: +972 3 6232999
295. e-mail: steve AT 9tv.co.il
296. nic-hdl: DT-SR7717-IL
297. changed: Managing Registrar 20140429
298.  
299. registrar name: Domain The Net Technologies Ltd
300. registrar info: https://www.domainthenet.com
301.  
302. % Rights to the data above are restricted by copyright.
303.  
304.  
305.  
306.  
307. G E O I P L O O K U P
308. =======================================================================================================================================
309.  
310. [i] IP Address: 185.203.72.162
311. [i] Country: CH
312. [i] State: N/A
313. [i] City: N/A
314. [i] Latitude: 47.144901
315. [i] Longitude: 8.155100
316.  
317.  
318.  
319.  
320. H T T P H E A D E R S
321. =======================================================================================================================================
322.  
323.  
324. [i] HTTP/1.1 200 OK
325. [i] Date: Sun, 28 Oct 2018 01:41:54 GMT
326. [i] Content-Type: text/html
327. [i] Vary: Accept-Encoding
328. [i] Access-Control-Allow-Origin: *
329. [i] X-VARITI-CCR: 424323559:1
330. [i] Set-Cookie: ipp_uid2=bcu3ipU7whAsP8q6/rjSfiJjsS3GvP48+VtOS2g==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
331. [i] Set-Cookie: ipp_uid1=1540690914507; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
332. [i] Set-Cookie: ipp_uid=1540690914507/bcu3ipU7whAsP8q6/rjSfiJjsS3GvP48+VtOS2g==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
333. [i] Set-Cookie: rerf=AAAAAFvVE+JrfU2JA1T3Ag==; expires=Tue, 27-Nov-18 01:41:54 GMT; path=/
334. [i] P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
335. [i] Connection: close
336.  
337.  
338.  
339.  
340. D N S L O O K U P
341. =======================================================================================================================================
342.  
343. 9tv.co.il. 21599 IN NS ns4.dnsmadeeasy.com.
344. 9tv.co.il. 21599 IN NS ns3.dnsmadeeasy.com.
345. 9tv.co.il. 21599 IN NS ns2.dnsmadeeasy.com.
346. 9tv.co.il. 21599 IN NS ns0.dnsmadeeasy.com.
347. 9tv.co.il. 21599 IN NS ns1.dnsmadeeasy.com.
348. 9tv.co.il. 599 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
349. 9tv.co.il. 599 IN TXT "v=spf1 ip4:146.185.58.83 -all"
350. 9tv.co.il. 599 IN SPF "v=spf1 a mx include:_spf.activetrail.com -all"
351. 9tv.co.il. 599 IN SPF "v=spf1 ip4:146.185.58.83 -all"
352. 9tv.co.il. 599 IN SPF "v=spf1 a mx include:_spf.activetrail.com ip4:146.185.58.83 -all"
353. 9tv.co.il. 299 IN MX 0 mail.9tv.co.il.
354. 9tv.co.il. 299 IN A 185.203.72.162
355. 9tv.co.il. 21599 IN SOA ns0.dnsmadeeasy.com. dns.dnsmadeeasy.com. 2008010313 43200 3600 1209600 180
356.  
357.  
358.  
359.  
360. S U B N E T C A L C U L A T I O N
361. =======================================================================================================================================
362.  
363. Address = 185.203.72.162
364. Network = 185.203.72.162 / 32
365. Netmask = 255.255.255.255
366. Broadcast = not needed on Point-to-Point links
367. Wildcard Mask = 0.0.0.0
368. Hosts Bits = 0
369. Max. Hosts = 1 (2^0 - 0)
370. Host Range = { 185.203.72.162 - 185.203.72.162 }
371.  
372.  
373.  
374. N M A P P O R T S C A N
375. =======================================================================================================================================
376.  
377.  
378. Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-28 01:42 UTC
379. Nmap scan report for 9tv.co.il (185.203.72.162)
380. Host is up (0.081s latency).
381. PORT STATE SERVICE
382. 21/tcp filtered ftp
383. 22/tcp filtered ssh
384. 23/tcp filtered telnet
385. 80/tcp open http
386. 110/tcp filtered pop3
387. 143/tcp filtered imap
388. 443/tcp filtered https
389. 3389/tcp filtered ms-wbt-server
390.  
391. Nmap done: 1 IP address (1 host up) scanned in 1.94 seconds
392.  
393.  
394.  
395. S U B - D O M A I N F I N D E R
396. =======================================================================================================================================
397.  
398.  
399. [i] Total Subdomains Found : 17
400.  
401. [+] Subdomain: cpanel1.9tv.co.il
402. [-] IP: 93.157.83.216
403.  
404. [+] Subdomain: pcs2.9tv.co.il
405. [-] IP: 62.219.67.46
406.  
407. [+] Subdomain: oma.9tv.co.il
408. [-] IP: 146.185.58.82
409.  
410. [+] Subdomain: ad.9tv.co.il
411. [-] IP: 93.157.83.216
412.  
413. [+] Subdomain: food.9tv.co.il
414. [-] IP: 93.157.83.216
415.  
416. [+] Subdomain: bstore.9tv.co.il
417. [-] IP: 93.157.83.220
418.  
419. [+] Subdomain: vek.9tv.co.il
420. [-] IP: 62.219.67.44
421.  
422. [+] Subdomain: cpanel.9tv.co.il
423. [-] IP: 93.157.83.216
424.  
425. [+] Subdomain: mail.9tv.co.il
426. [-] IP: 146.185.58.83
427.  
428. [+] Subdomain: sultan.9tv.co.il
429. [-] IP: 62.219.67.44
430.  
431. [+] Subdomain: golden.9tv.co.il
432. [-] IP: 93.157.83.216
433.  
434. [+] Subdomain: drp.9tv.co.il
435. [-] IP: 146.185.61.50
436.  
437. [+] Subdomain: autodiscover.9tv.co.il
438. [-] IP: 146.185.58.82
439.  
440. [+] Subdomain: apps.9tv.co.il
441. [-] IP: 93.157.83.221
442.  
443. [+] Subdomain: musketeers.9tv.co.il
444. [-] IP: 62.219.67.44
445.  
446. [+] Subdomain: www.9tv.co.il
447. [-] IP: 93.157.83.216
448.  
449. [+] Subdomain: relay.9tv.co.il
450. [-] IP: 146.185.58.83
451. #######################################################################################################################################
452. [?] Enter the target: http://9tv.co.il/
453. [!] IP Address : 185.203.72.162
454. [!] 9tv.co.il doesn't seem to use a CMS
455. [+] Honeypot Probabilty: 0%
456. ---------------------------------------------------------------------------------------------------------------------------------------
457. [~] Trying to gather whois information for 9tv.co.il
458. [+] Whois information found
459. [-] Unable to build response, visit https://who.is/whois/9tv.co.il
460. ---------------------------------------------------------------------------------------------------------------------------------------
461. PORT STATE SERVICE
462. 21/tcp filtered ftp
463. 22/tcp filtered ssh
464. 23/tcp filtered telnet
465. 80/tcp open http
466. 110/tcp filtered pop3
467. 143/tcp filtered imap
468. 443/tcp filtered https
469. 3389/tcp filtered ms-wbt-server
470. Nmap done: 1 IP address (1 host up) scanned in 2.01 seconds
471. ---------------------------------------------------------------------------------------------------------------------------------------
472.  
473. [+] DNS Records
474. ns0.dnsmadeeasy.com. (208.94.148.2) AS16552 Tiggee LLC United States
475. ns1.dnsmadeeasy.com. (208.80.124.2) AS16552 Tiggee LLC United States
476. ns4.dnsmadeeasy.com. (208.80.127.2) AS16552 Tiggee LLC United States
477. ns2.dnsmadeeasy.com. (208.80.126.2) AS16552 Tiggee LLC United States
478. ns3.dnsmadeeasy.com. (208.80.125.2) AS16552 Tiggee LLC United States
479.  
480. [+] MX Records
481. 0 (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
482.  
483. [+] Host Records (A)
484. 9tv.co.il (185.203.72.162) AS42240 Variti International GmbH
485. cpanel1.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
486. oma.9tv.co.ilHTTPS: (146.185.58.82) AS57259 Broadnet Communications Ltd. Israel
487. ad.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
488. food.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
489. bstore.9tv.co.ilHTTP: (93.157.83.220) AS41714 Broadnet Communications Ltd. Israel
490. cpanel.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
491. mail.9tv.co.il (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
492. golden.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
493. drp.9tv.co.ilHTTP: (146.185.61.50) AS57259 Broadnet Communications Ltd. Israel
494. autodiscover.9tv.co.ilHTTPS: (146.185.58.82) AS57259 Broadnet Communications Ltd. Israel
495. apps.9tv.co.ilHTTP: (93.157.83.221) AS41714 Broadnet Communications Ltd. Israel
496. www.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
497. relay.9tv.co.il (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
498. vek.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
499. sultan.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
500. musketeers.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
501. pcs2.9tv.co.il (bzq-67-46.red.bezeqint.net) (62.219.67.46) AS8551 Bezeq International Israel
502.  
503. [+] TXT Records
504. "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
505. "v=spf1 ip4:146.185.58.83 -all"
506.  
507. [+] DNS Map: https://dnsdumpster.com/static/map/9tv.co.il.png
508.  
509. [>] Initiating 3 intel modules
510. [>] Loading Alpha module (1/3)
511. [>] Beta module deployed (2/3)
512. [>] Gamma module initiated (3/3)
513.  
514.  
515. [+] Emails found:
516. ---------------------------------------------------------------------------------------------------------------------------------------
517. pixel-1540690922615919-web-@9tv.co.il
518. pixel-1540690925210676-web-@9tv.co.il
519.  
520. [+] Hosts found in search engines:
521. ---------------------------------------------------------------------------------------------------------------------------------------
522. [-] Resolving hostnames IPs...
523. 93.157.83.216:ad.9tv.co.il
524. 185.203.72.162:www.9tv.co.il
525. [+] Virtual hosts:
526. --------------------------------------------------------------------------------------------------------------------------------------
527. [~] Crawling the target for fuzzable URLs
528. [-] No fuzzable URLs found
529. #######################################################################################################################################
530. ; <<>> DiG 9.11.5-1-Debian <<>> 9tv.co.il
531. ;; global options: +cmd
532. ;; Got answer:
533. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1442
534. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
535.  
536. ;; OPT PSEUDOSECTION:
537. ; EDNS: version: 0, flags:; udp: 4096
538. ;; QUESTION SECTION:
539. ;9tv.co.il. IN A
540.  
541. ;; ANSWER SECTION:
542. 9tv.co.il. 207 IN A 185.203.72.162
543.  
544. ;; Query time: 289 msec
545. ;; SERVER: 38.132.106.139#53(38.132.106.139)
546. ;; WHEN: sam oct 27 21:52:30 EDT 2018
547. ;; MSG SIZE rcvd: 54
548. #######################################################################################################################################
549. [+] Hosting Info for Website: 9tv.co.il
550. [+] Visitors per day: 8,520
551. [+] IP Address: ...
552. [+] IP Reverse DNS (Host): 185.203.72.162
553. [+] Hosting Company IP Owner: Variti International Gmbh
554. [+] Hosting IP Range: 185.203.72.0 - 185.203.75.255 (1,024 ip)
555. [+] Owner Address: Denkmalstrasse 2, 6006, Luzern, Switzerland
556. [+] Owner Country: CHE
557. [+] Owner Phone: +41 41 417 20 57
558. [+] Owner CIDR: 185.203.72.0/22
559.  
560. [+] NS: ns3.dnsmadeeasy.com
561. [+] NS: ns1.dnsmadeeasy.com
562. [+] NS: ns2.dnsmadeeasy.com
563. [+] NS: ns0.dnsmadeeasy.com
564. [+] NS: ns4.dnsmadeeasy.com
565. #######################################################################################################################################
566. [*] Performing General Enumeration of Domain: 9tv.co.il
567. [-] DNSSEC is not configured for 9tv.co.il
568. [*] SOA ns0.dnsmadeeasy.com 208.94.148.2
569. [*] NS ns1.dnsmadeeasy.com 208.80.124.2
570. [*] Bind Version for 208.80.124.2 DNS Made Easy Anycast
571. [*] NS ns1.dnsmadeeasy.com 2600:1801:1::1
572. [*] Bind Version for 2600:1801:1::1 DNS Made Easy Anycast
573. [*] NS ns0.dnsmadeeasy.com 208.94.148.2
574. [*] Bind Version for 208.94.148.2 DNS Made Easy Anycast
575. [*] NS ns0.dnsmadeeasy.com 2600:1800::1
576. [*] Bind Version for 2600:1800::1 DNS Made Easy Anycast
577. [*] NS ns2.dnsmadeeasy.com 208.80.126.2
578. [*] Bind Version for 208.80.126.2 DNS Made Easy Anycast
579. [*] NS ns2.dnsmadeeasy.com 2600:1802:2::1
580. [*] Bind Version for 2600:1802:2::1 DNS Made Easy Anycast
581. [*] NS ns3.dnsmadeeasy.com 208.80.125.2
582. [*] Bind Version for 208.80.125.2 DNS Made Easy Anycast
583. [*] NS ns3.dnsmadeeasy.com 2600:1801:3::1
584. [*] Bind Version for 2600:1801:3::1 DNS Made Easy Anycast
585. [*] NS ns4.dnsmadeeasy.com 208.80.127.2
586. [*] Bind Version for 208.80.127.2 DNS Made Easy Anycast
587. [*] NS ns4.dnsmadeeasy.com 2600:1802:4::1
588. [*] Bind Version for 2600:1802:4::1 DNS Made Easy Anycast
589. [*] MX mail.9tv.co.il 146.185.58.83
590. [*] A 9tv.co.il 185.203.72.162
591. [*] SPF v=spf1 a mx include:_spf.activetrail.com ip4:146.185.58.83 -all
592. [*] SPF v=spf1 ip4:146.185.58.83 -all
593. [*] SPF v=spf1 a mx include:_spf.activetrail.com -all
594. [*] TXT 9tv.co.il k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB
595. [*] TXT 9tv.co.il v=spf1 ip4:146.185.58.83 -all
596. [*] Enumerating SRV Records
597. [-] No SRV Records Found for 9tv.co.il
598. [+] 0 Records Found
599. #######################################################################################################################################
600. [*] Processing domain 9tv.co.il
601. [+] Getting nameservers
602. 208.80.124.2 - ns1.dnsmadeeasy.com
603. 208.94.148.2 - ns0.dnsmadeeasy.com
604. 208.80.126.2 - ns2.dnsmadeeasy.com
605. 208.80.125.2 - ns3.dnsmadeeasy.com
606. 208.80.127.2 - ns4.dnsmadeeasy.com
607. [-] Zone transfer failed
608.  
609. [+] TXT records found
610. "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
611. "v=spf1 ip4:146.185.58.83 -all"
612.  
613. [+] MX records found, added to target list
614. 0 mail.9tv.co.il.
615.  
616. [*] Scanning 9tv.co.il for A records
617. 185.203.72.162 - 9tv.co.il
618. 93.157.83.216 - ad.9tv.co.il
619. 62.90.177.29 - apps.9tv.co.il
620. 93.157.83.216 - api.9tv.co.il
621. 146.185.58.82 - autodiscover.9tv.co.il
622. 93.157.83.216 - bb.9tv.co.il
623. 93.157.83.216 - blog.9tv.co.il
624. 93.157.83.216 - book.9tv.co.il
625. 62.90.177.24 - cpanel.9tv.co.il
626. 62.219.67.44 - crm.9tv.co.il
627. 62.219.67.44 - dev.9tv.co.il
628. 93.157.83.216 - dev1.9tv.co.il
629. 146.185.58.84 - ftp.9tv.co.il
630. 62.219.11.140 - images.9tv.co.il
631. 146.185.58.83 - mail.9tv.co.il
632. 62.219.67.58 - mobile.9tv.co.il
633. 62.219.67.44 - promo.9tv.co.il
634. 62.219.67.44 - radio.9tv.co.il
635. 146.185.58.83 - relay.9tv.co.il
636. 62.219.11.42 - shop.9tv.co.il
637. 62.219.11.140 - up.9tv.co.il
638. 146.185.58.66 - vpn.9tv.co.il
639. 185.203.72.162 - www.9tv.co.il
640. #######################################################################################################################################
641. Ip Address Status Type Domain Name Server
642. ---------- ------ ---- ----------- ------
643. 93.157.83.216 host ad.9tv.co.il
644. 93.157.83.216 host api.9tv.co.il
645. 62.90.177.29 302 host apps.9tv.co.il
646. 93.157.83.216 host bb.9tv.co.il
647. 93.157.83.216 host blog.9tv.co.il
648. 62.219.67.44 host crm.9tv.co.il
649. 62.219.67.44 host dev.9tv.co.il
650. 93.157.83.216 host dev1.9tv.co.il
651. 146.185.58.84 host ftp.9tv.co.il
652. 62.219.11.140 host images.9tv.co.il
653. 146.185.58.83 host mail.9tv.co.il
654. 62.219.67.58 host mobile.9tv.co.il
655. 62.90.177.19 403 host mysql1.9tv.co.il
656. 62.219.67.44 host promo.9tv.co.il
657. 62.219.67.44 host radio.9tv.co.il
658. 146.185.58.83 host relay.9tv.co.il
659. 62.219.11.42 200 host shop.9tv.co.il
660. 62.219.67.44 host stock.9tv.co.il
661. 146.185.58.66 host vpn.9tv.co.il
662. 185.203.72.162 301 host www.9tv.co.il
663. #######################################################################################################################################
664.  
665. [+] Testing domain
666. www.9tv.co.il 185.203.72.162
667. [+] Dns resolving
668. Domain name Ip address Name server
669. No address associated with hostname 9tv.co.il
670. [+] Testing wildcard
671. Ok, no wildcard found.
672.  
673. [+] Scanning for subdomain on 9tv.co.il
674. [!] Wordlist not specified. I scannig with my internal wordlist...
675. Estimated time about 136.7 seconds
676.  
677. Subdomain Ip address Name server
678.  
679. crm.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
680. dev.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
681. images.9tv.co.il 62.219.11.140 mailman.gush-shalom.org
682. mobile.9tv.co.il 62.219.67.58 bzq-67-58.red.bezeqint.net
683. promo.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
684. radio.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
685. shop.9tv.co.il 62.219.11.42 cpanel1.secured.co.il
686. stock.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
687.  
688. #######################################################################################################################################
689. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
690. Nmap scan report for 185.203.72.162
691. Host is up (0.20s latency).
692. Not shown: 471 filtered ports, 3 closed ports
693. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
694. PORT STATE SERVICE
695. 80/tcp open http
696. 5666/tcp open nrpe
697. #######################################################################################################################################
698. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
699. Nmap scan report for 185.203.72.162
700. Host is up (0.16s latency).
701. Not shown: 2 filtered ports
702. PORT STATE SERVICE
703. 53/udp open|filtered domain
704. 67/udp open|filtered dhcps
705. 68/udp open|filtered dhcpc
706. 69/udp open|filtered tftp
707. 88/udp open|filtered kerberos-sec
708. 123/udp open|filtered ntp
709. 139/udp open|filtered netbios-ssn
710. 161/udp open|filtered snmp
711. 162/udp open|filtered snmptrap
712. 389/udp open|filtered ldap
713. 520/udp open|filtered route
714. 2049/udp open|filtered nfs
715. #######################################################################################################################################
716. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
717. Nmap scan report for 185.203.72.162
718. Host is up.
719.  
720. PORT STATE SERVICE VERSION
721. 67/udp open|filtered dhcps
722. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
723. Too many fingerprints match this host to give specific OS details
724.  
725. TRACEROUTE (using proto 1/icmp)
726. HOP RTT ADDRESS
727. 1 163.82 ms 10.248.200.1
728. 2 163.85 ms 177.67.82.193
729. 3 165.37 ms 177.67.87.185
730. 4 165.34 ms 5-178-46-202.seabone.net (5.178.46.202)
731. 5 ...
732. 6 271.08 ms mai-b1-link.telia.net (80.239.193.161)
733. 7 442.45 ms ash-bb4-link.telia.net (62.115.120.176)
734. 8 386.89 ms 62.115.122.158
735. 9 374.63 ms ffm-bb4-link.telia.net (62.115.122.139)
736. 10 436.46 ms ffm-b7-link.telia.net (62.115.143.93)
737. 11 430.98 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
738. 12 ... 30
739. #######################################################################################################################################
740. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:45 EDT
741. Nmap scan report for 185.203.72.162
742. Host is up.
743.  
744. PORT STATE SERVICE VERSION
745. 68/udp open|filtered dhcpc
746. Too many fingerprints match this host to give specific OS details
747.  
748. TRACEROUTE (using proto 1/icmp)
749. HOP RTT ADDRESS
750. 1 158.76 ms 10.248.200.1
751. 2 158.79 ms 177.67.82.193
752. 3 158.81 ms 177.67.87.185
753. 4 159.50 ms 5-178-46-202.seabone.net (5.178.46.202)
754. 5 ...
755. 6 265.27 ms mai-b1-link.telia.net (80.239.193.161)
756. 7 437.45 ms ash-bb4-link.telia.net (62.115.120.176)
757. 8 369.37 ms 62.115.122.158
758. 9 370.75 ms ffm-bb4-link.telia.net (62.115.122.139)
759. 10 429.39 ms ffm-b7-link.telia.net (62.115.143.93)
760. 11 438.42 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
761. 12 ... 30
762. #######################################################################################################################################
763. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:47 EDT
764. Nmap scan report for 185.203.72.162
765. Host is up.
766.  
767. PORT STATE SERVICE VERSION
768. 69/udp open|filtered tftp
769. Too many fingerprints match this host to give specific OS details
770.  
771. TRACEROUTE (using proto 1/icmp)
772. HOP RTT ADDRESS
773. 1 160.67 ms 10.248.200.1
774. 2 160.73 ms 177.67.82.193
775. 3 162.64 ms 177.67.87.185
776. 4 161.82 ms 5-178-46-202.seabone.net (5.178.46.202)
777. 5 ...
778. 6 267.75 ms mai-b1-link.telia.net (80.239.193.161)
779. 7 431.13 ms ash-bb4-link.telia.net (62.115.120.176)
780. 8 382.81 ms 62.115.122.158
781. 9 372.33 ms ffm-bb4-link.telia.net (62.115.122.139)
782. 10 440.58 ms ffm-b7-link.telia.net (62.115.143.93)
783. 11 428.40 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
784. 12 ... 30
785. #######################################################################################################################################
786. ^ ^
787. _ __ _ ____ _ __ _ _ ____
788. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
789. | V V // o // _/ | V V // 0 // 0 // _/
790. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
791. <
792. ...'
793.  
794. WAFW00F - Web Application Firewall Detection Tool
795.  
796. By Sandro Gauci && Wendel G. Henrique
797.  
798. Checking http://185.203.72.162
799. Generic Detection results:
800. No WAF detected by the generic detection
801. Number of requests: 14
802. #######################################################################################################################################
803. wig - WebApp Information Gatherer
804.  
805.  
806. Scanning http://185.203.72.162...
807. _____________________ SITE INFO ______________________
808. IP Title
809. 185.203.72.162
810.  
811. ______________________ VERSION _______________________
812. Name Versions Type
813.  
814. ____________________ INTERESTING _____________________
815. URL Note Type
816. /readme.html Readme file Interesting
817. /install.php Installation file Interesting
818. /test.php Test file Interesting
819.  
820. ______________________________________________________
821. Time: 62.3 sec Urls: 598 Fingerprints: 40401
822. #######################################################################################################################################
823. HTTP/1.1 500 Internal Server Error
824. Date: Sun, 28 Oct 2018 01:51:49 GMT
825. Content-Type: text/html
826. Connection: keep-alive
827. #######################################################################################################################################
828. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:51 EDT
829. Nmap scan report for 185.203.72.162
830. Host is up.
831.  
832. PORT STATE SERVICE VERSION
833. 123/udp open|filtered ntp
834. Too many fingerprints match this host to give specific OS details
835.  
836. TRACEROUTE (using proto 1/icmp)
837. HOP RTT ADDRESS
838. 1 163.33 ms 10.248.200.1
839. 2 163.38 ms 177.67.82.193
840. 3 164.83 ms 177.67.87.185
841. 4 164.81 ms 5-178-46-202.seabone.net (5.178.46.202)
842. 5 ...
843. 6 270.55 ms mai-b1-link.telia.net (80.239.193.161)
844. 7 431.73 ms ash-bb4-link.telia.net (62.115.120.176)
845. 8 377.57 ms 62.115.122.158
846. 9 374.21 ms ffm-bb4-link.telia.net (62.115.122.139)
847. 10 438.17 ms ffm-b7-link.telia.net (62.115.143.93)
848. 11 433.22 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
849. 12 ... 30
850. #######################################################################################################################################
851. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:54 EDT
852. Nmap scan report for 185.203.72.162
853. Host is up (0.16s latency).
854.  
855. PORT STATE SERVICE VERSION
856. 161/tcp filtered snmp
857. 161/udp open|filtered snmp
858. Too many fingerprints match this host to give specific OS details
859.  
860. TRACEROUTE (using proto 1/icmp)
861. HOP RTT ADDRESS
862. 1 160.69 ms 10.248.200.1
863. 2 160.71 ms 177.67.82.193
864. 3 169.52 ms 177.67.87.185
865. 4 165.83 ms 5-178-46-202.seabone.net (5.178.46.202)
866. 5 ...
867. 6 267.95 ms mai-b1-link.telia.net (80.239.193.161)
868. 7 425.20 ms ash-bb4-link.telia.net (62.115.120.176)
869. 8 372.58 ms 62.115.122.158
870. 9 371.18 ms ffm-bb4-link.telia.net (62.115.122.139)
871. 10 436.55 ms ffm-b7-link.telia.net (62.115.143.93)
872. 11 409.35 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
873. 12 ... 30
874.  
875. #######################################################################################################################################
876.  
877. I, [2018-10-27T21:56:57.127504 #4644] INFO -- : Initiating port scan
878. I, [2018-10-27T21:57:59.181812 #4644] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-27_21-56-57.xml
879. I, [2018-10-27T21:57:59.182828 #4644] INFO -- : Discovered open port: 185.203.72.162:80
880. I, [2018-10-27T21:58:01.026892 #4644] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
881. I, [2018-10-27T21:58:02.922792 #4644] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
882. I, [2018-10-27T21:58:06.509512 #4644] INFO -- : <<<Enumerating vulnerable applications>>>
883. --------------------------------------------------------
884. <<<Yasuo discovered following vulnerable applications>>>
885. --------------------------------------------------------
886. +----------+--------------------+-------------------+----------+----------+
887. | App Name | URL to Application | Potential Exploit | Username | Password |
888. +----------+--------------------+-------------------+----------+----------+
889. +----------+--------------------+-------------------+----------+----------+
890. #######################################################################################################################################
891. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:00 EDT
892. NSE: Loaded 148 scripts for scanning.
893. NSE: Script Pre-scanning.
894. Initiating NSE at 22:00
895. Completed NSE at 22:00, 0.00s elapsed
896. Initiating NSE at 22:00
897. Completed NSE at 22:00, 0.00s elapsed
898. Initiating Parallel DNS resolution of 1 host. at 22:00
899. Completed Parallel DNS resolution of 1 host. at 22:00, 0.02s elapsed
900. Initiating SYN Stealth Scan at 22:00
901. Scanning 185.203.72.162 [474 ports]
902. Discovered open port 80/tcp on 185.203.72.162
903. Discovered open port 5666/tcp on 185.203.72.162
904. Completed SYN Stealth Scan at 22:00, 14.11s elapsed (474 total ports)
905. Initiating Service scan at 22:00
906. Scanning 2 services on 185.203.72.162
907. Completed Service scan at 22:00, 35.95s elapsed (2 services on 1 host)
908. Initiating OS detection (try #1) against 185.203.72.162
909. Retrying OS detection (try #2) against 185.203.72.162
910. Initiating Traceroute at 22:00
911. Completed Traceroute at 22:00, 0.17s elapsed
912. Initiating Parallel DNS resolution of 2 hosts. at 22:00
913. Completed Parallel DNS resolution of 2 hosts. at 22:00, 0.11s elapsed
914. NSE: Script scanning 185.203.72.162.
915. Initiating NSE at 22:00
916. Completed NSE at 22:01, 9.41s elapsed
917. Initiating NSE at 22:01
918. Completed NSE at 22:01, 0.00s elapsed
919. Nmap scan report for 185.203.72.162
920. Host is up (0.16s latency).
921. Not shown: 469 filtered ports
922. PORT STATE SERVICE VERSION
923. 25/tcp closed smtp
924. 80/tcp open http-proxy Squid http proxy
925. |_http-open-proxy: Proxy might be redirecting requests
926. |_http-title: 500 Server error
927. 139/tcp closed netbios-ssn
928. 445/tcp closed microsoft-ds
929. 5666/tcp open tcpwrapped
930. Device type: general purpose|storage-misc|broadband router|WAP
931. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (90%), Asus embedded (87%)
932. OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22
933. Aggressive OS guesses: Linux 3.18 (93%), Linux 3.16 - 4.6 (93%), Linux 3.10 - 4.11 (91%), Linux 3.13 (91%), Linux 3.13 or 4.2 (91%), Linux 4.2 (91%), Linux 4.4 (91%), HP P2000 G3 NAS device (90%), Linux 3.2 - 4.9 (90%), Linux 2.6.32 (89%)
934. No exact OS matches for host (test conditions non-ideal).
935. Uptime guess: 54.559 days (since Mon Sep 3 08:36:34 2018)
936. Network Distance: 2 hops
937. TCP Sequence Prediction: Difficulty=257 (Good luck!)
938. IP ID Sequence Generation: All zeros
939.  
940. TRACEROUTE (using port 25/tcp)
941. HOP RTT ADDRESS
942. 1 158.48 ms 10.248.200.1
943. 2 158.46 ms 185.203.72.162
944.  
945. NSE: Script Post-scanning.
946. Initiating NSE at 22:01
947. Completed NSE at 22:01, 0.00s elapsed
948. Initiating NSE at 22:01
949. Completed NSE at 22:01, 0.00s elapsed
950. Read data files from: /usr/bin/../share/nmap
951. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
952. Nmap done: 1 IP address (1 host up) scanned in 65.12 seconds
953. Raw packets sent: 1499 (70.804KB) | Rcvd: 340 (40.672KB)
954. #######################################################################################################################################
955. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:01 EDT
956. NSE: Loaded 148 scripts for scanning.
957. NSE: Script Pre-scanning.
958. Initiating NSE at 22:01
959. Completed NSE at 22:01, 0.00s elapsed
960. Initiating NSE at 22:01
961. Completed NSE at 22:01, 0.00s elapsed
962. Initiating Parallel DNS resolution of 1 host. at 22:01
963. Completed Parallel DNS resolution of 1 host. at 22:01, 0.02s elapsed
964. Initiating UDP Scan at 22:01
965. Scanning 185.203.72.162 [14 ports]
966. Completed UDP Scan at 22:01, 2.54s elapsed (14 total ports)
967. Initiating Service scan at 22:01
968. Scanning 12 services on 185.203.72.162
969. Service scan Timing: About 8.33% done; ETC: 22:20 (0:17:58 remaining)
970. Completed Service scan at 22:02, 102.58s elapsed (12 services on 1 host)
971. Initiating OS detection (try #1) against 185.203.72.162
972. Retrying OS detection (try #2) against 185.203.72.162
973. Initiating Traceroute at 22:02
974. Completed Traceroute at 22:03, 7.19s elapsed
975. Initiating Parallel DNS resolution of 1 host. at 22:03
976. Completed Parallel DNS resolution of 1 host. at 22:03, 0.02s elapsed
977. NSE: Script scanning 185.203.72.162.
978. Initiating NSE at 22:03
979. Completed NSE at 22:03, 20.30s elapsed
980. Initiating NSE at 22:03
981. Completed NSE at 22:03, 1.29s elapsed
982. Nmap scan report for 185.203.72.162
983. Host is up (0.17s latency).
984.  
985. PORT STATE SERVICE VERSION
986. 53/udp open|filtered domain
987. 67/udp open|filtered dhcps
988. 68/udp open|filtered dhcpc
989. 69/udp open|filtered tftp
990. 88/udp open|filtered kerberos-sec
991. 123/udp open|filtered ntp
992. 137/udp filtered netbios-ns
993. 138/udp filtered netbios-dgm
994. 139/udp open|filtered netbios-ssn
995. 161/udp open|filtered snmp
996. 162/udp open|filtered snmptrap
997. 389/udp open|filtered ldap
998. 520/udp open|filtered route
999. 2049/udp open|filtered nfs
1000. Too many fingerprints match this host to give specific OS details
1001.  
1002. TRACEROUTE (using port 137/udp)
1003. HOP RTT ADDRESS
1004. 1 158.33 ms 10.248.200.1
1005. 2 ... 3
1006. 4 158.87 ms 10.248.200.1
1007. 5 162.33 ms 10.248.200.1
1008. 6 162.33 ms 10.248.200.1
1009. 7 162.18 ms 10.248.200.1
1010. 8 162.19 ms 10.248.200.1
1011. 9 162.20 ms 10.248.200.1
1012. 10 162.24 ms 10.248.200.1
1013. 11 ... 18
1014. 19 159.15 ms 10.248.200.1
1015. 20 157.94 ms 10.248.200.1
1016. 21 ... 27
1017. 28 160.25 ms 10.248.200.1
1018. 29 ...
1019. 30 158.62 ms 10.248.200.1
1020.  
1021. NSE: Script Post-scanning.
1022. Initiating NSE at 22:03
1023. Completed NSE at 22:03, 0.00s elapsed
1024. Initiating NSE at 22:03
1025. Completed NSE at 22:03, 0.00s elapsed
1026. Read data files from: /usr/bin/../share/nmap
1027. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1028. Nmap done: 1 IP address (1 host up) scanned in 140.43 seconds
1029. Raw packets sent: 147 (13.614KB) | Rcvd: 451 (58.689KB)
1030. #######################################################################################################################################
1031. dnsenum VERSION:1.2.4
1032.  
1033. ----- 9tv.co.il -----
1034.  
1035.  
1036. Host's addresses:
1037. __________________
1038.  
1039. 9tv.co.il. 179 IN A 185.203.72.162
1040.  
1041.  
1042. Name Servers:
1043. ______________
1044.  
1045. ns2.dnsmadeeasy.com. 50960 IN A 208.80.126.2
1046. ns3.dnsmadeeasy.com. 81873 IN A 208.80.125.2
1047. ns0.dnsmadeeasy.com. 50959 IN A 208.94.148.2
1048. ns1.dnsmadeeasy.com. 50959 IN A 208.80.124.2
1049. ns4.dnsmadeeasy.com. 81872 IN A 208.80.127.2
1050.  
1051.  
1052. Mail (MX) Servers:
1053. ___________________
1054.  
1055. mail.9tv.co.il. 300 IN A 146.185.58.83
1056.  
1057.  
1058. Trying Zone Transfers and getting Bind Versions:
1059. _________________________________________________
1060.  
1061.  
1062. Trying Zone Transfer for 9tv.co.il on ns2.dnsmadeeasy.com ...
1063.  
1064. Trying Zone Transfer for 9tv.co.il on ns3.dnsmadeeasy.com ...
1065.  
1066. Trying Zone Transfer for 9tv.co.il on ns0.dnsmadeeasy.com ...
1067.  
1068. Trying Zone Transfer for 9tv.co.il on ns1.dnsmadeeasy.com ...
1069.  
1070. Trying Zone Transfer for 9tv.co.il on ns4.dnsmadeeasy.com ...
1071.  
1072. brute force file not specified, bay.
1073. #######################################################################################################################################
1074.  
1075. [+] List of software found:
1076. ---------------------------------------------------------------------------------------------------------------------------------------
1077. Adobe PDF Library 15.0
1078. Adobe InDesign CC 13.1 (Macintosh)
1079. #######################################################################################################################################
1080. % The data in the WHOIS database of the .il registry is provided
1081. % by ISOC-IL for information purposes, and to assist persons in
1082. % obtaining information about or related to a domain name
1083. % registration record. ISOC-IL does not guarantee its accuracy.
1084. % By submitting a WHOIS query, you agree that you will use this
1085. % Data only for lawful purposes and that, under no circumstances
1086. % will you use this Data to: (1) allow, enable, or otherwise
1087. % support the transmission of mass unsolicited, commercial
1088. % advertising or solicitations via e-mail (spam);
1089. % or (2) enable high volume, automated, electronic processes that
1090. % apply to ISOC-IL (or its systems).
1091. % ISOC-IL reserves the right to modify these terms at any time.
1092. % By submitting this query, you agree to abide by this policy.
1093.  
1094. query: 9tv.co.il
1095.  
1096. reg-name: 9tv
1097. domain: 9tv.co.il
1098.  
1099. descr: Vash Telekanal LTD
1100. descr: Thela Ha Haar 44
1101. descr: Modiin
1102. descr: 45457
1103. descr: Israel
1104. phone: +972 50 7126999
1105. e-mail: ervinm AT 9tv.co.il
1106. admin-c: DT-SR7715-IL
1107. tech-c: DT-SR7716-IL
1108. zone-c: DT-SR7717-IL
1109. nserver: ns0.dnsmadeeasy.com
1110. nserver: ns1.dnsmadeeasy.com
1111. nserver: ns2.dnsmadeeasy.com
1112. nserver: ns3.dnsmadeeasy.com
1113. nserver: ns4.dnsmadeeasy.com
1114. validity: 30-05-2019
1115. DNSSEC: unsigned
1116. status: Transfer Locked
1117. changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
1118. changed: domain-registrar AT isoc.org.il 20060514 (Changed)
1119. changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
1120. changed: domain-registrar AT isoc.org.il 20080813 (Changed)
1121. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
1122. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
1123. changed: domain-registrar AT isoc.org.il 20130731 (Changed)
1124. changed: domain-registrar AT isoc.org.il 20130916 (Changed)
1125. changed: domain-registrar AT isoc.org.il 20140429 (Changed)
1126. changed: domain-registrar AT isoc.org.il 20140430 (Changed)
1127.  
1128. person: Steve Rekun
1129. address Channel 9
1130. address Tzela Ha Haar 44
1131. address Modiin
1132. address 67898
1133. address Israel
1134. phone: +972 3 6232999
1135. e-mail: steve AT 9tv.co.il
1136. nic-hdl: DT-SR7715-IL
1137. changed: Managing Registrar 20140429
1138.  
1139. person: Steve Rekun
1140. address Channel 9
1141. address Tzela Ha Haar 44
1142. address Modiin
1143. address 67898
1144. address Israel
1145. phone: +972 3 6232999
1146. e-mail: steve AT 9tv.co.il
1147. nic-hdl: DT-SR7716-IL
1148. changed: Managing Registrar 20140429
1149.  
1150. person: Steve Rekun
1151. address Channel 9
1152. address Tzela Ha Haar 44
1153. address Modiin
1154. address 67898
1155. address Israel
1156. phone: +972 3 6232999
1157. e-mail: steve AT 9tv.co.il
1158. nic-hdl: DT-SR7717-IL
1159. changed: Managing Registrar 20140429
1160.  
1161. registrar name: Domain The Net Technologies Ltd
1162. registrar info: https://www.domainthenet.com
1163. #######################################################################################################################################
1164.  
1165. [-] Enumerating subdomains now for 9tv.co.il
1166. [-] verbosity is enabled, will show the subdomains results in realtime
1167. [-] Searching now in Baidu..
1168. [-] Searching now in Yahoo..
1169. [-] Searching now in Google..
1170. [-] Searching now in Bing..
1171. [-] Searching now in Ask..
1172. [-] Searching now in Netcraft..
1173. [-] Searching now in DNSdumpster..
1174. [-] Searching now in Virustotal..
1175. [-] Searching now in ThreatCrowd..
1176. [-] Searching now in SSL Certificates..
1177. [-] Searching now in PassiveDNS..
1178. SSL Certificates: autodiscover.9tv.co.il
1179. SSL Certificates: mail.9tv.co.il
1180. SSL Certificates: oma.9tv.co.il
1181. SSL Certificates: www.oma.9tv.co.il
1182. SSL Certificates: golden.9tv.co.il
1183. SSL Certificates: cpanel.9tv.co.il
1184. SSL Certificates: www.9tv.co.il
1185. SSL Certificates: api.9tv.co.il
1186. SSL Certificates: cpanel1.9tv.co.il
1187. SSL Certificates: www.cpanel1.9tv.co.il
1188. SSL Certificates: apps.9tv.co.il
1189. SSL Certificates: www.apps.9tv.co.il
1190. SSL Certificates: food.9tv.co.il
1191. SSL Certificates: ad.9tv.co.il
1192. SSL Certificates: sultan.9tv.co.il
1193. SSL Certificates: musketeers.9tv.co.il
1194. SSL Certificates: vek.9tv.co.il
1195. SSL Certificates: drp.9tv.co.il
1196. SSL Certificates: www.drp.9tv.co.il
1197. ThreatCrowd: ad.9tv.co.il
1198. Virustotal: golden.9tv.co.il
1199. Virustotal: www.9tv.co.il
1200. Virustotal: bstore.9tv.co.il
1201. Virustotal: ad.9tv.co.il
1202. Virustotal: mail.9tv.co.il
1203. Virustotal: oma.9tv.co.il
1204. Virustotal: cpanel.9tv.co.il
1205. Virustotal: food.9tv.co.il
1206. Virustotal: apps.9tv.co.il
1207. Virustotal: sultan.9tv.co.il
1208. Virustotal: doska.9tv.co.il
1209. Virustotal: mobile.9tv.co.il
1210. Virustotal: vek.9tv.co.il
1211. Virustotal: zstore.9tv.co.il
1212. Virustotal: astore.9tv.co.il
1213. Yahoo: www.9tv.co.il
1214. Bing: golden.9tv.co.il
1215. Bing: ad.9tv.co.il
1216. Netcraft: sultan.9tv.co.il
1217. Netcraft: www.9tv.co.il
1218. DNSdumpster: oma.9tv.co.il
1219. DNSdumpster: bstore.9tv.co.il
1220. DNSdumpster: drp.9tv.co.il
1221. DNSdumpster: cpanel.9tv.co.il
1222. DNSdumpster: www.9tv.co.il
1223. DNSdumpster: relay.9tv.co.il
1224. DNSdumpster: pcs2.9tv.co.il
1225. DNSdumpster: apps.9tv.co.il
1226. DNSdumpster: ad.9tv.co.il
1227. DNSdumpster: cpanel1.9tv.co.il
1228. DNSdumpster: food.9tv.co.il
1229. DNSdumpster: golden.9tv.co.il
1230. DNSdumpster: mail.9tv.co.il
1231. DNSdumpster: musketeers.9tv.co.il
1232. DNSdumpster: sultan.9tv.co.il
1233. DNSdumpster: autodiscover.9tv.co.il
1234. DNSdumpster: vek.9tv.co.il
1235. Google: doska.9tv.co.il
1236. [-] Saving results to file: /usr/share/sniper/loot/9tv.co.il/domains/domains-9tv.co.il.txt
1237. [-] Total Unique Subdomains Found: 26
1238. www.9tv.co.il
1239. ad.9tv.co.il
1240. api.9tv.co.il
1241. apps.9tv.co.il
1242. www.apps.9tv.co.il
1243. astore.9tv.co.il
1244. autodiscover.9tv.co.il
1245. bstore.9tv.co.il
1246. cpanel.9tv.co.il
1247. cpanel1.9tv.co.il
1248. www.cpanel1.9tv.co.il
1249. doska.9tv.co.il
1250. drp.9tv.co.il
1251. www.drp.9tv.co.il
1252. food.9tv.co.il
1253. golden.9tv.co.il
1254. mail.9tv.co.il
1255. mobile.9tv.co.il
1256. musketeers.9tv.co.il
1257. oma.9tv.co.il
1258. www.oma.9tv.co.il
1259. pcs2.9tv.co.il
1260. relay.9tv.co.il
1261. sultan.9tv.co.il
1262. vek.9tv.co.il
1263. zstore.9tv.co.il
1264. #######################################################################################################################################
1265. apps.9tv.co.il,62.90.177.29
1266. ad.9tv.co.il,93.157.83.216
1267. bb.9tv.co.il,93.157.83.216
1268. autodiscover.9tv.co.il,146.185.58.82
1269. blog.9tv.co.il,93.157.83.216
1270. crm.9tv.co.il,62.219.67.44
1271. dev1.9tv.co.il,93.157.83.216
1272. dev.9tv.co.il,62.219.67.44
1273. ftp.9tv.co.il,146.185.58.84
1274. images.9tv.co.il,62.219.11.140
1275. mail.9tv.co.il,146.185.58.83
1276. mysql1.9tv.co.il,62.90.177.19
1277. mobile.9tv.co.il,62.219.67.58
1278. promo.9tv.co.il,62.219.67.44
1279. radio.9tv.co.il,62.219.67.44
1280. relay.9tv.co.il,146.185.58.83
1281. cpanel1.9tv.co.il,62.90.177.24
1282. cpanel.9tv.co.il,62.90.177.24
1283. golden.9tv.co.il,62.90.177.24
1284. oma.9tv.co.il,146.185.58.82
1285. www.9tv.co.il,185.203.72.162
1286. 9tv.co.il,185.203.72.162
1287. shop.9tv.co.il,62.219.11.42
1288. stock.9tv.co.il,62.219.67.44
1289. vpn.9tv.co.il,146.185.58.66
1290. drp.9tv.co.il,146.185.61.50
1291. food.9tv.co.il,185.203.72.162
1292. bstore.9tv.co.il,185.203.72.163
1293. api.9tv.co.il,93.157.83.216
1294. sultan.9tv.co.il,62.219.67.44
1295. up.9tv.co.il,62.219.11.140
1296. pcs2.9tv.co.il,62.219.67.46
1297. musketeers.9tv.co.il,62.219.67.44
1298. school.9tv.co.il,62.219.67.44
1299. media2.9tv.co.il,185.203.72.163
1300. media1.9tv.co.il,62.90.177.27
1301. vek.9tv.co.il,62.219.67.44
1302. zstore.9tv.co.il,62.219.11.140
1303. elections.9tv.co.il,62.219.67.44
1304. book.9tv.co.il,93.157.83.216
1305. astore.9tv.co.il,62.219.11.139
1306. doska.9tv.co.il,91.226.245.19
1307. date.9tv.co.il,91.226.245.88
1308. pcs1.9tv.co.il,62.219.67.43
1309. pcs3.9tv.co.il,62.219.67.59
1310. #######################################################################################################################################
1311. [*] Processing domain 9tv.co.il
1312. [+] Getting nameservers
1313. 208.80.124.2 - ns1.dnsmadeeasy.com
1314. 208.94.148.2 - ns0.dnsmadeeasy.com
1315. 208.80.126.2 - ns2.dnsmadeeasy.com
1316. 208.80.125.2 - ns3.dnsmadeeasy.com
1317. 208.80.127.2 - ns4.dnsmadeeasy.com
1318. [-] Zone transfer failed
1319.  
1320. [+] TXT records found
1321. "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
1322. "v=spf1 ip4:146.185.58.83 -all"
1323.  
1324. [+] MX records found, added to target list
1325. 0 mail.9tv.co.il.
1326.  
1327. [*] Scanning 9tv.co.il for A records
1328. 185.203.72.162 - 9tv.co.il
1329. 185.203.72.162 - www.9tv.co.il
1330. 146.185.58.83 - mail.9tv.co.il
1331. 146.185.58.84 - ftp.9tv.co.il
1332. 62.90.177.24 - cpanel.9tv.co.il
1333. 146.185.58.82 - autodiscover.9tv.co.il
1334. 93.157.83.216 - blog.9tv.co.il
1335. 62.219.67.44 - dev.9tv.co.il
1336. 146.185.58.66 - vpn.9tv.co.il
1337. 62.219.67.58 - mobile.9tv.co.il
1338. 62.219.11.42 - shop.9tv.co.il
1339. 62.219.11.140 - images.9tv.co.il
1340. 93.157.83.216 - api.9tv.co.il
1341. 62.219.67.44 - crm.9tv.co.il
1342. 62.90.177.29 - apps.9tv.co.il
1343. 146.185.58.83 - relay.9tv.co.il
1344. 93.157.83.216 - ad.9tv.co.il
1345. 62.219.67.44 - radio.9tv.co.il
1346. 93.157.83.216 - bb.9tv.co.il
1347. 62.219.67.44 - promo.9tv.co.il
1348. 93.157.83.216 - dev1.9tv.co.il
1349. 93.157.83.216 - book.9tv.co.il
1350. 62.219.11.140 - up.9tv.co.il
1351. 62.219.67.44 - school.9tv.co.il
1352. 185.203.72.162 - food.9tv.co.il
1353. 185.203.72.163 - media2.9tv.co.il
1354. 62.90.177.19 - mysql1.9tv.co.il
1355. 62.219.67.44 - stock.9tv.co.il
1356. 62.90.177.27 - media1.9tv.co.il
1357. 62.219.67.44 - elections.9tv.co.il
1358. 146.185.58.82 - oma.9tv.co.il
1359. 91.226.245.88 - date.9tv.co.il
1360. 62.90.177.24 - golden.9tv.co.il
1361. 91.226.245.19 - doska.9tv.co.il
1362. 62.90.177.24 - cpanel1.9tv.co.il
1363. #######################################################################################################################################
1364.  
1365. ad.9tv.co.il
1366. api.9tv.co.il
1367. apps.9tv.co.il
1368. autodiscover.9tv.co.il
1369. cpanel1.9tv.co.il
1370. cpanel.9tv.co.il
1371. drp.9tv.co.il
1372. food.9tv.co.il
1373. golden.9tv.co.il
1374. mail.9tv.co.il
1375. musketeers.9tv.co.il
1376. oma.9tv.co.il
1377. sultan.9tv.co.il
1378. vek.9tv.co.il
1379. www.9tv.co.il
1380. www.apps.9tv.co.il
1381. www.cpanel1.9tv.co.il
1382. www.drp.9tv.co.il
1383. www.oma.9tv.co.il
1384. #######################################################################################################################################
1385. [*] Found SPF record:
1386. [*] v=spf1 ip4:146.185.58.83 -all
1387. [*] SPF record contains an All item: -all
1388. [*] Found DMARC record:
1389. [*] v=DMARC1; p=none
1390. [+] DMARC policy set to none
1391. [+] Spoofing possible for 9tv.co.il!
1392. #######################################################################################################################################
1393. __
1394. ____ _____ ___ ______ _/ /_____ ____ ___
1395. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1396. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1397. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1398. /_/ discover v0.5.0 - by @michenriksen
1399.  
1400. Identifying nameservers for 9tv.co.il... Done
1401. Using nameservers:
1402.  
1403. - 208.80.124.2
1404. - 208.94.148.2
1405. - 208.80.126.2
1406. - 208.80.125.2
1407. - 208.80.127.2
1408.  
1409. Checking for wildcard DNS... Done
1410.  
1411. Running collector: Censys... Skipped
1412. -> Key 'censys_secret' has not been set
1413. Running collector: Netcraft... Done (0 hosts)
1414. Running collector: Google Transparency Report... Done (11 hosts)
1415. Running collector: VirusTotal... Skipped
1416. -> Key 'virustotal' has not been set
1417. Running collector: PublicWWW... Done (0 hosts)
1418. Running collector: PTRArchive... Error
1419. -> PTRArchive returned unexpected response code: 502
1420. Running collector: PassiveTotal... Skipped
1421. -> Key 'passivetotal_key' has not been set
1422. Running collector: HackerTarget... Done (18 hosts)
1423. Running collector: Certificate Search... Done (19 hosts)
1424. Running collector: Dictionary... Done (27 hosts)
1425. Running collector: Wayback Machine... Timed out
1426. Running collector: Riddler... Skipped
1427. -> Key 'riddler_username' has not been set
1428. Running collector: Shodan... Skipped
1429. -> Key 'shodan' has not been set
1430. Running collector: DNSDB... Error
1431. -> DNSDB returned unexpected response code: 503
1432. Running collector: Threat Crowd... Done (1 host)
1433.  
1434. Resolving 50 unique hosts...
1435. 185.203.72.162 .9tv.co.il
1436. 185.203.72.162 9tv.co.il
1437. 93.157.83.216 ad.9tv.co.il
1438. 93.157.83.216 api.9tv.co.il
1439. 62.90.177.29 apps.9tv.co.il
1440. 146.185.58.82 autodiscover.9tv.co.il
1441. 185.203.72.163 bstore.9tv.co.il
1442. 62.90.177.24 cpanel.9tv.co.il
1443. 62.90.177.24 cpanel1.9tv.co.il
1444. 146.185.61.50 drp.9tv.co.il
1445. 185.203.72.162 food.9tv.co.il
1446. 62.90.177.24 golden.9tv.co.il
1447. 146.185.58.83 mail.9tv.co.il
1448. 62.219.67.44 musketeers.9tv.co.il
1449. 146.185.58.82 oma.9tv.co.il
1450. 62.219.67.46 pcs2.9tv.co.il
1451. 146.185.58.83 relay.9tv.co.il
1452. 62.219.67.44 sultan.9tv.co.il
1453. 62.219.67.44 vek.9tv.co.il
1454. 185.203.72.162 www.9tv.co.il
1455.  
1456. Found subnets:
1457.  
1458. - 185.203.72.0-255 : 5 hosts
1459. - 62.219.67.0-255 : 4 hosts
1460. - 146.185.58.0-255 : 4 hosts
1461. - 62.90.177.0-255 : 4 hosts
1462. - 93.157.83.0-255 : 2 hosts
1463.  
1464. Wrote 20 hosts to:
1465.  
1466. - file:///root/aquatone/9tv.co.il/hosts.txt
1467. - file:///root/aquatone/9tv.co.il/hosts.json
1468. __
1469. ____ _____ ___ ______ _/ /_____ ____ ___
1470. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1471. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1472. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1473. /_/ takeover v0.5.0 - by @michenriksen
1474.  
1475. Loaded 20 hosts from /root/aquatone/9tv.co.il/hosts.json
1476. Loaded 25 domain takeover detectors
1477.  
1478. Identifying nameservers for 9tv.co.il... Done
1479. Using nameservers:
1480.  
1481. - 208.80.124.2
1482. - 208.94.148.2
1483. - 208.80.126.2
1484. - 208.80.125.2
1485. - 208.80.127.2
1486.  
1487. Checking hosts for domain takeover vulnerabilities...
1488.  
1489. Finished checking hosts:
1490.  
1491. - Vulnerable : 0
1492. - Not Vulnerable : 20
1493.  
1494. Wrote 0 potential subdomain takeovers to:
1495.  
1496. - file:///root/aquatone/9tv.co.il/takeovers.json
1497.  
1498. __
1499. ____ _____ ___ ______ _/ /_____ ____ ___
1500. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1501. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1502. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1503. /_/ scan v0.5.0 - by @michenriksen
1504.  
1505. Loaded 20 hosts from /root/aquatone/9tv.co.il/hosts.json
1506.  
1507. Probing 20 ports...
1508. 80/tcp 62.219.67.46 pcs2.9tv.co.il
1509. 80/tcp 146.185.61.50 drp.9tv.co.il
1510. 80/tcp 185.203.72.162 9tv.co.il, .9tv.co.il, www.9tv.co.il and 1 more
1511. 80/tcp 93.157.83.216 ad.9tv.co.il, api.9tv.co.il
1512. 80/tcp 146.185.58.83 mail.9tv.co.il, relay.9tv.co.il
1513. 80/tcp 185.203.72.163 bstore.9tv.co.il
1514. 80/tcp 62.90.177.29 apps.9tv.co.il
1515. 80/tcp 62.219.67.44 musketeers.9tv.co.il, sultan.9tv.co.il, vek.9tv.co.il
1516. 80/tcp 62.90.177.24 cpanel.9tv.co.il, cpanel1.9tv.co.il, golden.9tv.co.il
1517. 80/tcp 146.185.58.82 autodiscover.9tv.co.il, oma.9tv.co.il
1518. 443/tcp 146.185.58.82 autodiscover.9tv.co.il, oma.9tv.co.il
1519. 443/tcp 62.90.177.24 cpanel.9tv.co.il, cpanel1.9tv.co.il, golden.9tv.co.il
1520. 443/tcp 62.90.177.29 apps.9tv.co.il
1521.  
1522. Wrote open ports to file:///root/aquatone/9tv.co.il/open_ports.txt
1523. Wrote URLs to file:///root/aquatone/9tv.co.il/urls.txt
1524. __
1525. ____ _____ ___ ______ _/ /_____ ____ ___
1526. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1527. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1528. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1529. /_/ gather v0.5.0 - by @michenriksen
1530.  
1531. Processing 26 pages...
1532. #######################################################################################################################################
1533. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:17 EDT
1534. Nmap scan report for 9tv.co.il (185.203.72.162)
1535. Host is up (0.20s latency).
1536. Not shown: 471 filtered ports, 3 closed ports
1537. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1538. PORT STATE SERVICE
1539. 80/tcp open http
1540. 5666/tcp open nrpe
1541. #######################################################################################################################################
1542. Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:18 EDT
1543. Nmap scan report for 9tv.co.il (185.203.72.162)
1544. Host is up (0.16s latency).
1545. Not shown: 2 filtered ports
1546. PORT STATE SERVICE
1547. 53/udp open|filtered domain
1548. 67/udp open|filtered dhcps
1549. 68/udp open|filtered dhcpc
1550. 69/udp open|filtered tftp
1551. 88/udp open|filtered kerberos-sec
1552. 123/udp open|filtered ntp
1553. 139/udp open|filtered netbios-ssn
1554. 161/udp open|filtered snmp
1555. 162/udp open|filtered snmptrap
1556. 389/udp open|filtered ldap
1557. 520/udp open|filtered route
1558. 2049/udp open|filtered nfs
1559. #######################################################################################################################################
1560.  
1561. ^ ^
1562. _ __ _ ____ _ __ _ _ ____
1563. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1564. | V V // o // _/ | V V // 0 // 0 // _/
1565. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1566. <
1567. ...'
1568.  
1569. WAFW00F - Web Application Firewall Detection Tool
1570.  
1571. By Sandro Gauci && Wendel G. Henrique
1572.  
1573. Checking http://9tv.co.il
1574. Generic Detection results:
1575. No WAF detected by the generic detection
1576. Number of requests: 14
1577. #######################################################################################################################################
1578. http://9tv.co.il [200 OK] Cookies[ipp_uid,ipp_uid1,ipp_uid2,rerf], Email[Rating@Mail.ru,maoz@9tv.co.il,stasy@9tv.co.il,tamih@9tv.co.il], Facebook-Plugin[likebox], Frame, Google-Analytics[Universal][UA-10448114-1], HTML5, IP[185.203.72.162], JQuery, Modernizr[2.6.2.min], Script[text/javascript], Title[9 Канал | Новости Израиля и мира | Лента новостей | ТВ видео онлайн], UncommonHeaders[access-control-allow-origin,x-variti-ccr]
1579. #######################################################################################################################################
1580. wig - WebApp Information Gatherer
1581.  
1582.  
1583. Scanning http://9tv.co.il...
1584. _____________________ SITE INFO ______________________
1585. IP Title
1586. 185.203.72.162 9 Канал | Новости Израиля и мира |
1587.  
1588. ______________________ VERSION _______________________
1589. Name Versions Type
1590. PHP 5.5.38 Platform
1591.  
1592. ____________________ INTERESTING _____________________
1593. URL Note Type
1594. /robots.txt robots.txt index Interesting
1595. /info.php PHP info file Interesting
1596. /test/ Test directory Interesting
1597.  
1598. ______________________________________________________
1599. Time: 121.1 sec Urls: 679 Fingerprints: 40401
1600. #######################################################################################################################################
1601. HTTP/1.1 200 OK
1602. Date: Sun, 28 Oct 2018 02:20:42 GMT
1603. Content-Type: text/html
1604. Vary: Accept-Encoding
1605. Access-Control-Allow-Origin: *
1606. X-VARITI-CCR: 418934033:1
1607. Set-Cookie: ipp_uid2=NqAGkp5jSaHPvHd6/qKlWjDEsx7vmCwTQTUwECw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
1608. Set-Cookie: ipp_uid1=1540693241958; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
1609. Set-Cookie: ipp_uid=1540693241958/NqAGkp5jSaHPvHd6/qKlWjDEsx7vmCwTQTUwECw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
1610. Set-Cookie: rerf=AAAAAFvVHPo6YRq5A4HJAg==; expires=Tue, 27-Nov-18 02:20:42 GMT; path=/
1611. P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
1612. Content-Encoding: gzip
1613. Connection: keep-alive
1614.  
1615. ######################################################################################################################################
1616.  
1617. I, [2018-10-27T22:20:43.941477 #8906] INFO -- : Initiating port scan
1618. I, [2018-10-27T22:21:49.289413 #8906] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-27_22-20-43.xml
1619. I, [2018-10-27T22:21:49.290412 #8906] INFO -- : Discovered open port: 185.203.72.162:80
1620. I, [2018-10-27T22:21:51.024363 #8906] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
1621. I, [2018-10-27T22:21:52.669216 #8906] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
1622. I, [2018-10-27T22:21:56.042740 #8906] INFO -- : <<<Enumerating vulnerable applications>>>
1623. --------------------------------------------------------
1624. <<<Yasuo discovered following vulnerable applications>>>
1625. --------------------------------------------------------
1626. +----------+--------------------+-------------------+----------+----------+
1627. | App Name | URL to Application | Potential Exploit | Username | Password |
1628. +----------+--------------------+-------------------+----------+----------+
1629. +----------+--------------------+-------------------+----------+----------+
1630. #######################################################################################################################################
1631. --------------------------------------------------------------------------------------------------------------------------------------
1632. + Target IP: 185.203.72.162
1633. + Target Hostname: 185.203.72.162
1634. + Target Port: 80
1635. + Start Time: 2018-10-27 22:56:04 (GMT-4)
1636. ---------------------------------------------------------------------------------------------------------------------------------------
1637. + Server: No banner retrieved
1638. + The anti-clickjacking X-Frame-Options header is not present.
1639. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1640. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1641. + No CGI Directories found (use '-C all' to force check all possible dirs)
1642. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
1643. + Cookie rerf created without the httponly flag
1644. + Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
1645. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
1646. + Scan terminated: 20 error(s) and 5 item(s) reported on remote host
1647. + End Time: 2018-10-27 23:17:54 (GMT-4) (1310 seconds)
1648. ---------------------------------------------------------------------------------------------------------------------------------------
1649. ######################################################################################################################################
1650. -------------------------------------------------------------------------------------------------------------------------------------
1651. + Target IP: 185.203.72.162
1652. + Target Hostname: 9tv.co.il
1653. + Target Port: 80
1654. + Start Time: 2018-10-28 00:29:39 (GMT-4)
1655. ---------------------------------------------------------------------------------------------------------------------------------------
1656. + Server: nginx
1657. + The anti-clickjacking X-Frame-Options header is not present.
1658. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1659. + Uncommon header 'x-variti-ccr' found, with contents: 419552490:3
1660. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1661. + Cookie ipp_uid2 created without the httponly flag
1662. + Cookie ipp_uid1 created without the httponly flag
1663. + Cookie ipp_uid created without the httponly flag
1664. + Cookie rerf created without the httponly flag
1665. + Server leaks inodes via ETags, header found with file /robots.txt, inode: 1840803, size: 216, mtime: Thu Apr 20 07:04:20 2017
1666. + Entry '/a-panel/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1667. + Retrieved x-powered-by header: PHP/5.5.38
1668. + /facebook/: PHP include error may indicate local or remote file inclusion is possible.
1669. + Entry '/facebook/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1670. + Entry '/news/2016/12/10/235701.html' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1671. + "robots.txt" contains 10 entries which should be manually viewed.
1672. + Uncommon header 'tcn' found, with contents: list
1673. + Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. See http://www.wisec.it/sectou.php?id=4698ebdc59d15. The following alternatives for 'index' were found: index.html
1674. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
1675. + Scan terminated: 20 error(s) and 17 item(s) reported on remote host
1676. + End Time: 2018-10-28 00:33:03 (GMT-4) (204 seconds)
1677. --------------------------------------------------------------------------------------------------------------------------------------
1678. ######################################################################################################################################
1679. =======================================================================================================================================
1680. | Domain: http://9tv.co.il/
1681. | IP: 185.203.72.162
1682. =======================================================================================================================================
1683. |
1684. | Directory check:
1685. | [+] CODE: 200 URL: http://9tv.co.il/RSS/
1686. | [+] CODE: 200 URL: http://9tv.co.il/adbanner/
1687. | [+] CODE: 200 URL: http://9tv.co.il/adclick/
1688. | [+] CODE: 200 URL: http://9tv.co.il/adios_papa/
1689. | [+] CODE: 200 URL: http://9tv.co.il/adlink/
1690. | [+] CODE: 200 URL: http://9tv.co.il/adm/fckeditor/
1691. | [+] CODE: 200 URL: http://9tv.co.il/adm/
1692. | [+] CODE: 200 URL: http://9tv.co.il/adlinks/
1693. | [+] CODE: 200 URL: http://9tv.co.il/adlog/
1694. | [+] CODE: 200 URL: http://9tv.co.il/adminhtml/
1695. | [+] CODE: 200 URL: http://9tv.co.il/admingta/
1696. | [+] CODE: 200 URL: http://9tv.co.il/admin/FCKeditor/
1697. | [+] CODE: 200 URL: http://9tv.co.il/admbin/
1698. | [+] CODE: 200 URL: http://9tv.co.il/admin/
1699. | [+] CODE: 200 URL: http://9tv.co.il/adminapi/
1700. | [+] CODE: 200 URL: http://9tv.co.il/administracao/
1701. | [+] CODE: 200 URL: http://9tv.co.il/admin/scripts/fckeditor/
1702. | [+] CODE: 200 URL: http://9tv.co.il/admin/fckeditor/admins/
1703. | [+] CODE: 200 URL: http://9tv.co.il/adsales/
1704. | [+] CODE: 200 URL: http://9tv.co.il/adserv/
1705. | [+] CODE: 200 URL: http://9tv.co.il/adsense/
1706. | [+] CODE: 200 URL: http://9tv.co.il/adserve/
1707. | [+] CODE: 200 URL: http://9tv.co.il/adserver/
1708. | [+] CODE: 200 URL: http://9tv.co.il/adsrv/
1709. | [+] CODE: 200 URL: http://9tv.co.il/advert/
1710. | [+] CODE: 200 URL: http://9tv.co.il/auditoria/
1711. | [+] CODE: 200 URL: http://9tv.co.il/audition/
1712. | [+] CODE: 200 URL: http://9tv.co.il/audits/
1713. | [+] CODE: 200 URL: http://9tv.co.il/auditor/
1714. | [+] CODE: 200 URL: http://9tv.co.il/auradam/
1715. | [+] CODE: 200 URL: http://9tv.co.il/autenticacao/
1716. | [+] CODE: 200 URL: http://9tv.co.il/aut/
1717. | [+] CODE: 200 URL: http://9tv.co.il/authorid/
1718. | [+] CODE: 200 URL: http://9tv.co.il/author/
1719. | [+] CODE: 200 URL: http://9tv.co.il/autoconf/
1720. | [+] CODE: 200 URL: http://9tv.co.il/authcode/
1721. | [+] CODE: 200 URL: http://9tv.co.il/automize/
1722. | [+] CODE: 200 URL: http://9tv.co.il/automake/
1723. | [+] CODE: 200 URL: http://9tv.co.il/bannerad/
1724. | [+] CODE: 200 URL: http://9tv.co.il/block/
1725. | [+] CODE: 200 URL: http://9tv.co.il/blogger/
1726. | [+] CODE: 200 URL: http://9tv.co.il/blogher/
1727. | [+] CODE: 200 URL: http://9tv.co.il/bloghome/
1728. | [+] CODE: 200 URL: http://9tv.co.il/blackice/
1729. | [+] CODE: 200 URL: http://9tv.co.il/blogid/
1730. | [+] CODE: 200 URL: http://9tv.co.il/blogapi/
1731. | [+] CODE: 200 URL: http://9tv.co.il/bloglogo/
1732. | [+] CODE: 200 URL: http://9tv.co.il/blogmap/
1733. | [+] CODE: 200 URL: http://9tv.co.il/blogg/
1734. | [+] CODE: 200 URL: http://9tv.co.il/blognews/
1735. | [+] CODE: 200 URL: http://9tv.co.il/blogi/
1736. | [+] CODE: 200 URL: http://9tv.co.il/blogmen/
1737. | [+] CODE: 200 URL: http://9tv.co.il/brand/
1738. | [+] CODE: 200 URL: http://9tv.co.il/calhas/
1739. | [+] CODE: 200 URL: http://9tv.co.il/camabox/
1740. | [+] CODE: 200 URL: http://9tv.co.il/camaboxcasal/
1741. | [+] CODE: 200 URL: http://9tv.co.il/camping/
1742. | [+] CODE: 200 URL: http://9tv.co.il/calls/
1743. | [+] CODE: 200 URL: http://9tv.co.il/camp/
1744. | [+] CODE: 200 URL: http://9tv.co.il/calendrier/
1745. | [+] CODE: 200 URL: http://9tv.co.il/calcoo/
1746. | [+] CODE: 200 URL: http://9tv.co.il/campi/
1747. | [+] CODE: 200 URL: http://9tv.co.il/campanhas/
1748. | [+] CODE: 200 URL: http://9tv.co.il/campo_ere/
1749. | [+] CODE: 200 URL: http://9tv.co.il/can-spam/
1750. | [+] CODE: 200 URL: http://9tv.co.il/cd/
1751. | [+] CODE: 200 URL: http://9tv.co.il/collinb/
1752. | [+] CODE: 200 URL: http://9tv.co.il/com_tra/
1753. | [+] CODE: 200 URL: http://9tv.co.il/comarcas/
1754. | [+] CODE: 200 URL: http://9tv.co.il/comarca/
1755. | [+] CODE: 200 URL: http://9tv.co.il/com_gcalendar/
1756. | [+] CODE: 200 URL: http://9tv.co.il/com_docman/
1757. | [+] CODE: 200 URL: http://9tv.co.il/com_int/
1758. | [+] CODE: 200 URL: http://9tv.co.il/column/
1759. | [+] CODE: 200 URL: http://9tv.co.il/com_mailto/
1760. | [+] CODE: 200 URL: http://9tv.co.il/com_joomap/
1761. | [+] CODE: 200 URL: http://9tv.co.il/comic/
1762. | [+] CODE: 200 URL: http://9tv.co.il/comedouros/
1763. | [+] CODE: 200 URL: http://9tv.co.il/comment/
1764. | [+] CODE: 200 URL: http://9tv.co.il/commando/
1765. | [+] CODE: 200 URL: http://9tv.co.il/commands/
1766. | [+] CODE: 200 URL: http://9tv.co.il/comfort/
1767. | [+] CODE: 200 URL: http://9tv.co.il/comments/
1768. | [+] CODE: 200 URL: http://9tv.co.il/contact/
1769. | [+] CODE: 200 URL: http://9tv.co.il/cookies/
1770. | [+] CODE: 200 URL: http://9tv.co.il/correiapinto/
1771. | [+] CODE: 200 URL: http://9tv.co.il/cooler_s_alca/
1772. | [+] CODE: 200 URL: http://9tv.co.il/coza_next_bag/
1773. | [+] CODE: 200 URL: http://9tv.co.il/counter/
1774. | [+] CODE: 200 URL: http://9tv.co.il/contacte/
1775. | [+] CODE: 200 URL: http://9tv.co.il/counties/
1776. | [+] CODE: 200 URL: http://9tv.co.il/corz/
1777. | [+] CODE: 200 URL: http://9tv.co.il/counts/
1778. | [+] CODE: 200 URL: http://9tv.co.il/country/
1779. | [+] CODE: 200 URL: http://9tv.co.il/corzoogle/
1780. | [+] CODE: 200 URL: http://9tv.co.il/corrida/
1781. | [+] CODE: 200 URL: http://9tv.co.il/corp/
1782. | [+] CODE: 200 URL: http://9tv.co.il/cpanel/
1783. | [+] CODE: 200 URL: http://9tv.co.il/datasets/
1784. | [+] CODE: 200 URL: http://9tv.co.il/dbc/
1785. | [+] CODE: 200 URL: http://9tv.co.il/dbd-pgpp/
1786. | [+] CODE: 200 URL: http://9tv.co.il/dbm/
1787. | [+] CODE: 200 URL: http://9tv.co.il/db/
1788. | [+] CODE: 200 URL: http://9tv.co.il/dbn/
1789. | [+] CODE: 200 URL: http://9tv.co.il/dating/
1790. | [+] CODE: 200 URL: http://9tv.co.il/dbus/
1791. | [+] CODE: 200 URL: http://9tv.co.il/dbox/
1792. | [+] CODE: 200 URL: http://9tv.co.il/dbp/
1793. | [+] CODE: 200 URL: http://9tv.co.il/dbi/
1794. | [+] CODE: 200 URL: http://9tv.co.il/dbsec/
1795. | [+] CODE: 200 URL: http://9tv.co.il/dbms/
1796. | [+] CODE: 200 URL: http://9tv.co.il/facebook/
1797. | [+] CODE: 200 URL: http://9tv.co.il/flashfxp/
1798. | [+] CODE: 200 URL: http://9tv.co.il/flashxss/
1799. | [+] CODE: 200 URL: http://9tv.co.il/flashget/
1800. | [+] CODE: 200 URL: http://9tv.co.il/flashpro/
1801. | [+] CODE: 200 URL: http://9tv.co.il/first/
1802. | [+] CODE: 200 URL: http://9tv.co.il/flashs/
1803. | [+] CODE: 200 URL: http://9tv.co.il/flickr/
1804. | [+] CODE: 200 URL: http://9tv.co.il/flick/
1805. | [+] CODE: 200 URL: http://9tv.co.il/flex/
1806. | [+] CODE: 200 URL: http://9tv.co.il/flonorm/
1807. | [+] CODE: 200 URL: http://9tv.co.il/flipo/
1808. | [+] CODE: 200 URL: http://9tv.co.il/flog/
1809. | [+] CODE: 200 URL: http://9tv.co.il/flist/
1810. | [+] CODE: 200 URL: http://9tv.co.il/flip/
1811. | [+] CODE: 200 URL: http://9tv.co.il/fluxo/
1812. | [+] CODE: 200 URL: http://9tv.co.il/football/
1813. | [+] CODE: 200 URL: http://9tv.co.il/info/
1814. | [+] CODE: 200 URL: http://9tv.co.il/kfind/
1815. | [+] CODE: 200 URL: http://9tv.co.il/keywords/
1816. | [+] CODE: 200 URL: http://9tv.co.il/keypass/
1817. | [+] CODE: 200 URL: http://9tv.co.il/keyword/
1818. | [+] CODE: 200 URL: http://9tv.co.il/king/
1819. | [+] CODE: 200 URL: http://9tv.co.il/kikimimi/
1820. | [+] CODE: 200 URL: http://9tv.co.il/kibeloco/
1821. | [+] CODE: 200 URL: http://9tv.co.il/kfsensor/
1822. | [+] CODE: 200 URL: http://9tv.co.il/kmix/
1823. | [+] CODE: 200 URL: http://9tv.co.il/kisyubbs/
1824. | [+] CODE: 200 URL: http://9tv.co.il/kit_banho/
1825. | [+] CODE: 200 URL: http://9tv.co.il/kitap/
1826. | [+] CODE: 200 URL: http://9tv.co.il/konqueror/
1827. | [+] CODE: 200 URL: http://9tv.co.il/klipper/
1828. #######################################################################################################################################
1829. | Check robots.txt:
1830. | [+] User-agent: *
1831. | [+] Allow: /
1832. | [+] Disallow: /a-panel/
1833. | [+] Disallow: /cgi-bin/
1834. | [+] Disallow: /facebook/
1835. | [+] Disallow: /flowplayer/
1836. | [+] Disallow: /images/
1837. | [+] Disallow: /php/
1838. | [+] Disallow: /new99/
1839. | [+] Disallow:/news/2016/12/10/235701.html
1840. | [+] Allow: /new99/css/
1841. #######################################################################################################################################
1842. | External hosts:
1843. | [+] External Host Found: http://pagead2.googlesyndication.com
1844. | [+] External Host Found: http://isrageo.com
1845. | [+] External Host Found: http://booknik.ru
1846. | [+] External Host Found: http://top.mail.ru
1847. | [+] External Host Found: http://pogoda.co.il
1848. | [+] External Host Found: http://bs.serving-sys.com
1849. | [+] External Host Found: https://www.facebook.com
1850. | [+] External Host Found: http://www.google.com
1851. | [+] External Host Found: http://izrus.co.il
1852. | [+] External Host Found: http://zahav.ru
1853. | [+] External Host Found: http://top100.rambler.ru
1854. | [+] External Host Found: http://ajax.googleapis.com
1855. | [+] External Host Found: https://www.google.com
1856. | [+] External Host Found: http://akamai.advsnx.net
1857. | [+] External Host Found: https://ajax.googleapis.com
1858. | [+] External Host Found: http://browsehappy.com
1859. | [+] External Host Found: http://www.forumdaily.com
1860. | [+] External Host Found: http://doska.co.il
1861. | [+] External Host Found: http://www.google.co.il
1862. | [+] External Host Found: http://echo.msk.ru
1863. | [+] External Host Found: http://www.openvideoads.org
1864. | [+] External Host Found: https://twitter.com
1865. | [+] External Host Found: https://www.youtube.com
1866. | [+] External Host Found: http://www.luckymirror.ru
1867. | [+] External Host Found: http://www.beinisrael.com
1868. | [+] External Host Found: http://detki.co.il
1869. | [+] External Host Found: http://80.179.151.76
1870. | [+] External Host Found: http://newsru.co.il
1871. | [+] External Host Found: http://code.jquery.com
1872. | [+] External Host Found: http://counter.rambler.ru
1873. | [+] External Host Found: http://relevantinfo.co.il
1874. | [+] External Host Found: http://rusdate.co.il
1875. | [+] External Host Found: https://kupi.co.il
1876. | [+] External Host Found: https://disqus.com
1877. | [+] External Host Found: http://assets.vicomi.com
1878. | [+] External Host Found: http://www.themarker.com
1879. | [+] External Host Found: http://arti-media.net
1880. | [+] External Host Found: https://cdnjs.cloudflare.com
1881. | [+] External Host Found: http://p.artipbox.net
1882. #######################################################################################################################################
1883. | E-mails:
1884. | [+] E-mail Found: mailadom@9tv.co.il
1885. | [+] E-mail Found: webmaster@9tv.co.il
1886. | [+] E-mail Found: publiccomplains@9tv.co.il
1887. | [+] E-mail Found: hrm@9tv.co.il
1888. | [+] E-mail Found: online.redaktor@9tv.co.il
1889. | [+] E-mail Found: yuriw@9tv.co.il
1890. | [+] E-mail Found: enquiries@openvideoads.org
1891. | [+] E-mail Found: annats@9tv.co.il
1892. | [+] E-mail Found: stasy@9tv.co.il
1893. | [+] E-mail Found: tamih@9tv.co.il
1894. | [+] E-mail Found: annas@9tv.co.il
1895. | [+] E-mail Found: maoz@9tv.co.il
1896. | [+] E-mail Found: license@php.net
1897. | [+] E-mail Found: adib@9tv.co.il
1898. | [+] E-mail Found: your@email.com
1899. #######################################################################################################################################
1900. | PHPinfo() Disclosure:
1901. | [+] phpinfo() page: http://9tv.co.il/info/
1902. | System: Linux cpanel1.9tv.co.il 2.6.32-042stab120.6 #1 SMP Thu Oct 27 16:59:03 MSK 2016 x86_64
1903. | PHP version: 5.5.38
1904. | DOCUMENT_ROOT: /home/tvco9tvc/public_html
1905. | SCRIPT_FILENAME: /home/tvco9tvc/public_html/info.php
1906. | allow_url_fopen: On
1907. | allow_url_include: Off
1908. | disable_functions: <i>no value</i>
1909. | OpenSSL Library Version: OpenSSL 1.0.2p 14 Aug 2018
1910. #######################################################################################################################################
1911. Anonymous JTSEC #OpIsrael Full Recon #8