Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Nom de l'hôte 9tv.co.il FAI Variti International GmbH
- Continent Europe Drapeau
- CH
- Pays Suisse Code du pays CH
- Région Inconnu Heure locale 28 Oct 2018 02:35 CET
- Ville Inconnu Code Postal Inconnu
- Adresse IP 185.203.72.162 Latitude 47.145
- #######################################################################################################################################
- > 9tv.co.il
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- Name: 9tv.co.il
- Address: 185.203.72.162
- #######################################################################################################################################
- HostIP:185.203.72.162
- HostName:9tv.co.il
- Gathered Inet-whois information for 185.203.72.162
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 185.203.72.0 - 185.203.75.255
- netname: CH-VARITI-20170512
- country: CH
- org: ORG-VIG19-RIPE
- admin-c: AM41696-RIPE
- tech-c: AM41696-RIPE
- status: ALLOCATED PA
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: ch-variti-1-mnt
- created: 2017-05-12T08:13:49Z
- last-modified: 2017-05-12T08:13:49Z
- source: RIPE
- organisation: ORG-VIG19-RIPE
- org-name: Variti International GmbH
- org-type: LIR
- address: Denkmalstrasse 2
- address: 6006
- address: Luzern
- address: SWITZERLAND
- admin-c: AM41696-RIPE
- tech-c: AM41696-RIPE
- abuse-c: AR40358-RIPE
- mnt-ref: ch-variti-1-mnt
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: ch-variti-1-mnt
- created: 2017-05-11T07:36:52Z
- last-modified: 2017-05-11T15:01:59Z
- source: RIPE # Filtered
- phone: +41 41 417 20 57
- person: Andreas Muller
- address: Denkmalstrasse 2
- address: 6006
- address: Luzern
- address: SWITZERLAND
- phone: +41 41 417 20 57
- nic-hdl: AM41696-RIPE
- mnt-by: ch-variti-1-mnt
- created: 2017-05-11T07:36:52Z
- last-modified: 2017-05-11T15:03:45Z
- source: RIPE
- % Information related to '185.203.72.0/24AS42240'
- route: 185.203.72.0/24
- origin: AS42240
- mnt-by: ch-variti-1-mnt
- created: 2017-05-29T10:03:52Z
- last-modified: 2018-07-10T16:37:18Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.92.6 (BLAARKOP)
- Gathered Inic-whois information for 9tv.co.il
- ---------------------------------------------------------------------------------------------------------------------------------------
- domain: 9tv.co.il
- descr: Vash Telekanal LTD
- descr: Thela Ha Haar 44
- descr: Modiin
- descr: 45457
- descr: Israel
- phone: +972 50 7126999
- e-mail: ervinm AT 9tv.co.il
- admin-c: DT-SR7715-IL
- tech-c: DT-SR7716-IL
- zone-c: DT-SR7717-IL
- nserver: ns0.dnsmadeeasy.com
- nserver: ns1.dnsmadeeasy.com
- nserver: ns2.dnsmadeeasy.com
- nserver: ns3.dnsmadeeasy.com
- nserver: ns4.dnsmadeeasy.com
- validity: 30-05-2019
- DNSSEC: unsigned
- status: Transfer Locked
- changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
- changed: domain-registrar AT isoc.org.il 20060514 (Changed)
- changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
- changed: domain-registrar AT isoc.org.il 20080813 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20YV@13073�zH10 (Cuhanged)
- changed: domain-registrar AT isoc.org.il 20130916 (Changed)
- changed: domain-registrar AT isoc.org.il 20140429 (Changed)
- changed: domain-registrar AT isoc.org.il 20�U@14043�~H00 (C�hanged)��J)�
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7715-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7716-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7717-IL
- changed: Managing Registrar 20140429
- registrar name: Domain The Net Technologies Ltd
- registrar info: https://www.domainthenet.com
- % Rights to the data above are restricted by coV@pyrig�zHh0t.
- Gathered Netcraft information for 9tv.co.il
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for 9tv.co.il
- Netcraft.com Information gathered
- Gathered Subdomain information for 9tv.co.il
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:golden.9tv.co.il
- HostIP:62.90.177.24
- HostName:www.9tv.co.il
- HostIP:185.203.72.162
- Searching Altavista.com:80...
- Found 2 possible subdomain(s) for host 9tv.co.il, Searched 0 pages containing 0 results
- Gathered E-Mail information for 9tv.co.il
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host 9tv.co.il, Searched 0 pages containing 0 results
- Gathered TCP Port information for 185.203.72.162
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 80/tcp open
- Portscan Finished: Scanned 150 ports, 2 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://9tv.co.il
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: 9 Канал | Новости Израиля и мира | Лента новостей | ТВ видео онлайн
- [+] IP address: 185.203.72.162
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Allow: /
- Disallow: /a-panel/
- Disallow: /cgi-bin/
- Disallow: /facebook/
- Disallow: /flowplayer/
- Disallow: /images/
- Disallow: /php/
- Disallow: /new99/
- Disallow:/news/2016/12/10/235701.html
- Allow: /new99/css/
- -----------[end of contents]-------------
- W H O I S L O O K U P
- =======================================================================================================================================
- % The data in the WHOIS database of the .il registry is provided
- % by ISOC-IL for information purposes, and to assist persons in
- % obtaining information about or related to a domain name
- % registration record. ISOC-IL does not guarantee its accuracy.
- % By submitting a WHOIS query, you agree that you will use this
- % Data only for lawful purposes and that, under no circumstances
- % will you use this Data to: (1) allow, enable, or otherwise
- % support the transmission of mass unsolicited, commercial
- % advertising or solicitations via e-mail (spam);
- % or (2) enable high volume, automated, electronic processes that
- % apply to ISOC-IL (or its systems).
- % ISOC-IL reserves the right to modify these terms at any time.
- % By submitting this query, you agree to abide by this policy.
- query: 9tv.co.il
- reg-name: 9tv
- domain: 9tv.co.il
- descr: Vash Telekanal LTD
- descr: Thela Ha Haar 44
- descr: Modiin
- descr: 45457
- descr: Israel
- phone: +972 50 7126999
- e-mail: ervinm AT 9tv.co.il
- admin-c: DT-SR7715-IL
- tech-c: DT-SR7716-IL
- zone-c: DT-SR7717-IL
- nserver: ns0.dnsmadeeasy.com
- nserver: ns1.dnsmadeeasy.com
- nserver: ns2.dnsmadeeasy.com
- nserver: ns3.dnsmadeeasy.com
- nserver: ns4.dnsmadeeasy.com
- validity: 30-05-2019
- DNSSEC: unsigned
- status: Transfer Locked
- changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
- changed: domain-registrar AT isoc.org.il 20060514 (Changed)
- changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
- changed: domain-registrar AT isoc.org.il 20080813 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130916 (Changed)
- changed: domain-registrar AT isoc.org.il 20140429 (Changed)
- changed: domain-registrar AT isoc.org.il 20140430 (Changed)
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7715-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7716-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7717-IL
- changed: Managing Registrar 20140429
- registrar name: Domain The Net Technologies Ltd
- registrar info: https://www.domainthenet.com
- % Rights to the data above are restricted by copyright.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 185.203.72.162
- [i] Country: CH
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 47.144901
- [i] Longitude: 8.155100
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Sun, 28 Oct 2018 01:41:54 GMT
- [i] Content-Type: text/html
- [i] Vary: Accept-Encoding
- [i] Access-Control-Allow-Origin: *
- [i] X-VARITI-CCR: 424323559:1
- [i] Set-Cookie: ipp_uid2=bcu3ipU7whAsP8q6/rjSfiJjsS3GvP48+VtOS2g==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- [i] Set-Cookie: ipp_uid1=1540690914507; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- [i] Set-Cookie: ipp_uid=1540690914507/bcu3ipU7whAsP8q6/rjSfiJjsS3GvP48+VtOS2g==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- [i] Set-Cookie: rerf=AAAAAFvVE+JrfU2JA1T3Ag==; expires=Tue, 27-Nov-18 01:41:54 GMT; path=/
- [i] P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- 9tv.co.il. 21599 IN NS ns4.dnsmadeeasy.com.
- 9tv.co.il. 21599 IN NS ns3.dnsmadeeasy.com.
- 9tv.co.il. 21599 IN NS ns2.dnsmadeeasy.com.
- 9tv.co.il. 21599 IN NS ns0.dnsmadeeasy.com.
- 9tv.co.il. 21599 IN NS ns1.dnsmadeeasy.com.
- 9tv.co.il. 599 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
- 9tv.co.il. 599 IN TXT "v=spf1 ip4:146.185.58.83 -all"
- 9tv.co.il. 599 IN SPF "v=spf1 a mx include:_spf.activetrail.com -all"
- 9tv.co.il. 599 IN SPF "v=spf1 ip4:146.185.58.83 -all"
- 9tv.co.il. 599 IN SPF "v=spf1 a mx include:_spf.activetrail.com ip4:146.185.58.83 -all"
- 9tv.co.il. 299 IN MX 0 mail.9tv.co.il.
- 9tv.co.il. 299 IN A 185.203.72.162
- 9tv.co.il. 21599 IN SOA ns0.dnsmadeeasy.com. dns.dnsmadeeasy.com. 2008010313 43200 3600 1209600 180
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 185.203.72.162
- Network = 185.203.72.162 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 185.203.72.162 - 185.203.72.162 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2018-10-28 01:42 UTC
- Nmap scan report for 9tv.co.il (185.203.72.162)
- Host is up (0.081s latency).
- PORT STATE SERVICE
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp filtered https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.94 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 17
- [+] Subdomain: cpanel1.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: pcs2.9tv.co.il
- [-] IP: 62.219.67.46
- [+] Subdomain: oma.9tv.co.il
- [-] IP: 146.185.58.82
- [+] Subdomain: ad.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: food.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: bstore.9tv.co.il
- [-] IP: 93.157.83.220
- [+] Subdomain: vek.9tv.co.il
- [-] IP: 62.219.67.44
- [+] Subdomain: cpanel.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: mail.9tv.co.il
- [-] IP: 146.185.58.83
- [+] Subdomain: sultan.9tv.co.il
- [-] IP: 62.219.67.44
- [+] Subdomain: golden.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: drp.9tv.co.il
- [-] IP: 146.185.61.50
- [+] Subdomain: autodiscover.9tv.co.il
- [-] IP: 146.185.58.82
- [+] Subdomain: apps.9tv.co.il
- [-] IP: 93.157.83.221
- [+] Subdomain: musketeers.9tv.co.il
- [-] IP: 62.219.67.44
- [+] Subdomain: www.9tv.co.il
- [-] IP: 93.157.83.216
- [+] Subdomain: relay.9tv.co.il
- [-] IP: 146.185.58.83
- #######################################################################################################################################
- [?] Enter the target: http://9tv.co.il/
- [!] IP Address : 185.203.72.162
- [!] 9tv.co.il doesn't seem to use a CMS
- [+] Honeypot Probabilty: 0%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for 9tv.co.il
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/9tv.co.il
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp filtered https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 2.01 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns0.dnsmadeeasy.com. (208.94.148.2) AS16552 Tiggee LLC United States
- ns1.dnsmadeeasy.com. (208.80.124.2) AS16552 Tiggee LLC United States
- ns4.dnsmadeeasy.com. (208.80.127.2) AS16552 Tiggee LLC United States
- ns2.dnsmadeeasy.com. (208.80.126.2) AS16552 Tiggee LLC United States
- ns3.dnsmadeeasy.com. (208.80.125.2) AS16552 Tiggee LLC United States
- [+] MX Records
- 0 (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
- [+] Host Records (A)
- 9tv.co.il (185.203.72.162) AS42240 Variti International GmbH
- cpanel1.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- oma.9tv.co.ilHTTPS: (146.185.58.82) AS57259 Broadnet Communications Ltd. Israel
- ad.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- food.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- bstore.9tv.co.ilHTTP: (93.157.83.220) AS41714 Broadnet Communications Ltd. Israel
- cpanel.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- mail.9tv.co.il (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
- golden.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- drp.9tv.co.ilHTTP: (146.185.61.50) AS57259 Broadnet Communications Ltd. Israel
- autodiscover.9tv.co.ilHTTPS: (146.185.58.82) AS57259 Broadnet Communications Ltd. Israel
- apps.9tv.co.ilHTTP: (93.157.83.221) AS41714 Broadnet Communications Ltd. Israel
- www.9tv.co.ilHTTP: (93.157.83.216) AS41714 Broadnet Communications Ltd. Israel
- relay.9tv.co.il (146.185.58.83) AS57259 Broadnet Communications Ltd. Israel
- vek.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
- sultan.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
- musketeers.9tv.co.il (bzq-67-44.red.bezeqint.net) (62.219.67.44) AS8551 Bezeq International Israel
- pcs2.9tv.co.il (bzq-67-46.red.bezeqint.net) (62.219.67.46) AS8551 Bezeq International Israel
- [+] TXT Records
- "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
- "v=spf1 ip4:146.185.58.83 -all"
- [+] DNS Map: https://dnsdumpster.com/static/map/9tv.co.il.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- pixel-1540690922615919-web-@9tv.co.il
- pixel-1540690925210676-web-@9tv.co.il
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 93.157.83.216:ad.9tv.co.il
- 185.203.72.162:www.9tv.co.il
- [+] Virtual hosts:
- --------------------------------------------------------------------------------------------------------------------------------------
- [~] Crawling the target for fuzzable URLs
- [-] No fuzzable URLs found
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-1-Debian <<>> 9tv.co.il
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1442
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;9tv.co.il. IN A
- ;; ANSWER SECTION:
- 9tv.co.il. 207 IN A 185.203.72.162
- ;; Query time: 289 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: sam oct 27 21:52:30 EDT 2018
- ;; MSG SIZE rcvd: 54
- #######################################################################################################################################
- [+] Hosting Info for Website: 9tv.co.il
- [+] Visitors per day: 8,520
- [+] IP Address: ...
- [+] IP Reverse DNS (Host): 185.203.72.162
- [+] Hosting Company IP Owner: Variti International Gmbh
- [+] Hosting IP Range: 185.203.72.0 - 185.203.75.255 (1,024 ip)
- [+] Owner Address: Denkmalstrasse 2, 6006, Luzern, Switzerland
- [+] Owner Country: CHE
- [+] Owner Phone: +41 41 417 20 57
- [+] Owner CIDR: 185.203.72.0/22
- [+] NS: ns3.dnsmadeeasy.com
- [+] NS: ns1.dnsmadeeasy.com
- [+] NS: ns2.dnsmadeeasy.com
- [+] NS: ns0.dnsmadeeasy.com
- [+] NS: ns4.dnsmadeeasy.com
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: 9tv.co.il
- [-] DNSSEC is not configured for 9tv.co.il
- [*] SOA ns0.dnsmadeeasy.com 208.94.148.2
- [*] NS ns1.dnsmadeeasy.com 208.80.124.2
- [*] Bind Version for 208.80.124.2 DNS Made Easy Anycast
- [*] NS ns1.dnsmadeeasy.com 2600:1801:1::1
- [*] Bind Version for 2600:1801:1::1 DNS Made Easy Anycast
- [*] NS ns0.dnsmadeeasy.com 208.94.148.2
- [*] Bind Version for 208.94.148.2 DNS Made Easy Anycast
- [*] NS ns0.dnsmadeeasy.com 2600:1800::1
- [*] Bind Version for 2600:1800::1 DNS Made Easy Anycast
- [*] NS ns2.dnsmadeeasy.com 208.80.126.2
- [*] Bind Version for 208.80.126.2 DNS Made Easy Anycast
- [*] NS ns2.dnsmadeeasy.com 2600:1802:2::1
- [*] Bind Version for 2600:1802:2::1 DNS Made Easy Anycast
- [*] NS ns3.dnsmadeeasy.com 208.80.125.2
- [*] Bind Version for 208.80.125.2 DNS Made Easy Anycast
- [*] NS ns3.dnsmadeeasy.com 2600:1801:3::1
- [*] Bind Version for 2600:1801:3::1 DNS Made Easy Anycast
- [*] NS ns4.dnsmadeeasy.com 208.80.127.2
- [*] Bind Version for 208.80.127.2 DNS Made Easy Anycast
- [*] NS ns4.dnsmadeeasy.com 2600:1802:4::1
- [*] Bind Version for 2600:1802:4::1 DNS Made Easy Anycast
- [*] MX mail.9tv.co.il 146.185.58.83
- [*] A 9tv.co.il 185.203.72.162
- [*] SPF v=spf1 a mx include:_spf.activetrail.com ip4:146.185.58.83 -all
- [*] SPF v=spf1 ip4:146.185.58.83 -all
- [*] SPF v=spf1 a mx include:_spf.activetrail.com -all
- [*] TXT 9tv.co.il k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB
- [*] TXT 9tv.co.il v=spf1 ip4:146.185.58.83 -all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for 9tv.co.il
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain 9tv.co.il
- [+] Getting nameservers
- 208.80.124.2 - ns1.dnsmadeeasy.com
- 208.94.148.2 - ns0.dnsmadeeasy.com
- 208.80.126.2 - ns2.dnsmadeeasy.com
- 208.80.125.2 - ns3.dnsmadeeasy.com
- 208.80.127.2 - ns4.dnsmadeeasy.com
- [-] Zone transfer failed
- [+] TXT records found
- "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
- "v=spf1 ip4:146.185.58.83 -all"
- [+] MX records found, added to target list
- 0 mail.9tv.co.il.
- [*] Scanning 9tv.co.il for A records
- 185.203.72.162 - 9tv.co.il
- 93.157.83.216 - ad.9tv.co.il
- 62.90.177.29 - apps.9tv.co.il
- 93.157.83.216 - api.9tv.co.il
- 146.185.58.82 - autodiscover.9tv.co.il
- 93.157.83.216 - bb.9tv.co.il
- 93.157.83.216 - blog.9tv.co.il
- 93.157.83.216 - book.9tv.co.il
- 62.90.177.24 - cpanel.9tv.co.il
- 62.219.67.44 - crm.9tv.co.il
- 62.219.67.44 - dev.9tv.co.il
- 93.157.83.216 - dev1.9tv.co.il
- 146.185.58.84 - ftp.9tv.co.il
- 62.219.11.140 - images.9tv.co.il
- 146.185.58.83 - mail.9tv.co.il
- 62.219.67.58 - mobile.9tv.co.il
- 62.219.67.44 - promo.9tv.co.il
- 62.219.67.44 - radio.9tv.co.il
- 146.185.58.83 - relay.9tv.co.il
- 62.219.11.42 - shop.9tv.co.il
- 62.219.11.140 - up.9tv.co.il
- 146.185.58.66 - vpn.9tv.co.il
- 185.203.72.162 - www.9tv.co.il
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 93.157.83.216 host ad.9tv.co.il
- 93.157.83.216 host api.9tv.co.il
- 62.90.177.29 302 host apps.9tv.co.il
- 93.157.83.216 host bb.9tv.co.il
- 93.157.83.216 host blog.9tv.co.il
- 62.219.67.44 host crm.9tv.co.il
- 62.219.67.44 host dev.9tv.co.il
- 93.157.83.216 host dev1.9tv.co.il
- 146.185.58.84 host ftp.9tv.co.il
- 62.219.11.140 host images.9tv.co.il
- 146.185.58.83 host mail.9tv.co.il
- 62.219.67.58 host mobile.9tv.co.il
- 62.90.177.19 403 host mysql1.9tv.co.il
- 62.219.67.44 host promo.9tv.co.il
- 62.219.67.44 host radio.9tv.co.il
- 146.185.58.83 host relay.9tv.co.il
- 62.219.11.42 200 host shop.9tv.co.il
- 62.219.67.44 host stock.9tv.co.il
- 146.185.58.66 host vpn.9tv.co.il
- 185.203.72.162 301 host www.9tv.co.il
- #######################################################################################################################################
- [+] Testing domain
- www.9tv.co.il 185.203.72.162
- [+] Dns resolving
- Domain name Ip address Name server
- No address associated with hostname 9tv.co.il
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on 9tv.co.il
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 136.7 seconds
- Subdomain Ip address Name server
- crm.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
- dev.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
- images.9tv.co.il 62.219.11.140 mailman.gush-shalom.org
- mobile.9tv.co.il 62.219.67.58 bzq-67-58.red.bezeqint.net
- promo.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
- radio.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
- shop.9tv.co.il 62.219.11.42 cpanel1.secured.co.il
- stock.9tv.co.il 62.219.67.44 bzq-67-44.red.bezeqint.net
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
- Nmap scan report for 185.203.72.162
- Host is up (0.20s latency).
- Not shown: 471 filtered ports, 3 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 5666/tcp open nrpe
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
- Nmap scan report for 185.203.72.162
- Host is up (0.16s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:43 EDT
- Nmap scan report for 185.203.72.162
- Host is up.
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 163.82 ms 10.248.200.1
- 2 163.85 ms 177.67.82.193
- 3 165.37 ms 177.67.87.185
- 4 165.34 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 271.08 ms mai-b1-link.telia.net (80.239.193.161)
- 7 442.45 ms ash-bb4-link.telia.net (62.115.120.176)
- 8 386.89 ms 62.115.122.158
- 9 374.63 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 436.46 ms ffm-b7-link.telia.net (62.115.143.93)
- 11 430.98 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:45 EDT
- Nmap scan report for 185.203.72.162
- Host is up.
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 158.76 ms 10.248.200.1
- 2 158.79 ms 177.67.82.193
- 3 158.81 ms 177.67.87.185
- 4 159.50 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 265.27 ms mai-b1-link.telia.net (80.239.193.161)
- 7 437.45 ms ash-bb4-link.telia.net (62.115.120.176)
- 8 369.37 ms 62.115.122.158
- 9 370.75 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 429.39 ms ffm-b7-link.telia.net (62.115.143.93)
- 11 438.42 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:47 EDT
- Nmap scan report for 185.203.72.162
- Host is up.
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 160.67 ms 10.248.200.1
- 2 160.73 ms 177.67.82.193
- 3 162.64 ms 177.67.87.185
- 4 161.82 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 267.75 ms mai-b1-link.telia.net (80.239.193.161)
- 7 431.13 ms ash-bb4-link.telia.net (62.115.120.176)
- 8 382.81 ms 62.115.122.158
- 9 372.33 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 440.58 ms ffm-b7-link.telia.net (62.115.143.93)
- 11 428.40 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
- 12 ... 30
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://185.203.72.162
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 14
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://185.203.72.162...
- _____________________ SITE INFO ______________________
- IP Title
- 185.203.72.162
- ______________________ VERSION _______________________
- Name Versions Type
- ____________________ INTERESTING _____________________
- URL Note Type
- /readme.html Readme file Interesting
- /install.php Installation file Interesting
- /test.php Test file Interesting
- ______________________________________________________
- Time: 62.3 sec Urls: 598 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 500 Internal Server Error
- Date: Sun, 28 Oct 2018 01:51:49 GMT
- Content-Type: text/html
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:51 EDT
- Nmap scan report for 185.203.72.162
- Host is up.
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 163.33 ms 10.248.200.1
- 2 163.38 ms 177.67.82.193
- 3 164.83 ms 177.67.87.185
- 4 164.81 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 270.55 ms mai-b1-link.telia.net (80.239.193.161)
- 7 431.73 ms ash-bb4-link.telia.net (62.115.120.176)
- 8 377.57 ms 62.115.122.158
- 9 374.21 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 438.17 ms ffm-b7-link.telia.net (62.115.143.93)
- 11 433.22 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 21:54 EDT
- Nmap scan report for 185.203.72.162
- Host is up (0.16s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp open|filtered snmp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 160.69 ms 10.248.200.1
- 2 160.71 ms 177.67.82.193
- 3 169.52 ms 177.67.87.185
- 4 165.83 ms 5-178-46-202.seabone.net (5.178.46.202)
- 5 ...
- 6 267.95 ms mai-b1-link.telia.net (80.239.193.161)
- 7 425.20 ms ash-bb4-link.telia.net (62.115.120.176)
- 8 372.58 ms 62.115.122.158
- 9 371.18 ms ffm-bb4-link.telia.net (62.115.122.139)
- 10 436.55 ms ffm-b7-link.telia.net (62.115.143.93)
- 11 409.35 ms ancile-ic-335680-ffm-b7.c.telia.net (62.115.162.243)
- 12 ... 30
- #######################################################################################################################################
- I, [2018-10-27T21:56:57.127504 #4644] INFO -- : Initiating port scan
- I, [2018-10-27T21:57:59.181812 #4644] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-27_21-56-57.xml
- I, [2018-10-27T21:57:59.182828 #4644] INFO -- : Discovered open port: 185.203.72.162:80
- I, [2018-10-27T21:58:01.026892 #4644] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
- I, [2018-10-27T21:58:02.922792 #4644] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
- I, [2018-10-27T21:58:06.509512 #4644] INFO -- : <<<Enumerating vulnerable applications>>>
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+--------------------+-------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+--------------------+-------------------+----------+----------+
- +----------+--------------------+-------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:00 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 22:00
- Completed NSE at 22:00, 0.00s elapsed
- Initiating NSE at 22:00
- Completed NSE at 22:00, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 22:00
- Completed Parallel DNS resolution of 1 host. at 22:00, 0.02s elapsed
- Initiating SYN Stealth Scan at 22:00
- Scanning 185.203.72.162 [474 ports]
- Discovered open port 80/tcp on 185.203.72.162
- Discovered open port 5666/tcp on 185.203.72.162
- Completed SYN Stealth Scan at 22:00, 14.11s elapsed (474 total ports)
- Initiating Service scan at 22:00
- Scanning 2 services on 185.203.72.162
- Completed Service scan at 22:00, 35.95s elapsed (2 services on 1 host)
- Initiating OS detection (try #1) against 185.203.72.162
- Retrying OS detection (try #2) against 185.203.72.162
- Initiating Traceroute at 22:00
- Completed Traceroute at 22:00, 0.17s elapsed
- Initiating Parallel DNS resolution of 2 hosts. at 22:00
- Completed Parallel DNS resolution of 2 hosts. at 22:00, 0.11s elapsed
- NSE: Script scanning 185.203.72.162.
- Initiating NSE at 22:00
- Completed NSE at 22:01, 9.41s elapsed
- Initiating NSE at 22:01
- Completed NSE at 22:01, 0.00s elapsed
- Nmap scan report for 185.203.72.162
- Host is up (0.16s latency).
- Not shown: 469 filtered ports
- PORT STATE SERVICE VERSION
- 25/tcp closed smtp
- 80/tcp open http-proxy Squid http proxy
- |_http-open-proxy: Proxy might be redirecting requests
- |_http-title: 500 Server error
- 139/tcp closed netbios-ssn
- 445/tcp closed microsoft-ds
- 5666/tcp open tcpwrapped
- Device type: general purpose|storage-misc|broadband router|WAP
- Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (90%), Asus embedded (87%)
- OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22
- Aggressive OS guesses: Linux 3.18 (93%), Linux 3.16 - 4.6 (93%), Linux 3.10 - 4.11 (91%), Linux 3.13 (91%), Linux 3.13 or 4.2 (91%), Linux 4.2 (91%), Linux 4.4 (91%), HP P2000 G3 NAS device (90%), Linux 3.2 - 4.9 (90%), Linux 2.6.32 (89%)
- No exact OS matches for host (test conditions non-ideal).
- Uptime guess: 54.559 days (since Mon Sep 3 08:36:34 2018)
- Network Distance: 2 hops
- TCP Sequence Prediction: Difficulty=257 (Good luck!)
- IP ID Sequence Generation: All zeros
- TRACEROUTE (using port 25/tcp)
- HOP RTT ADDRESS
- 1 158.48 ms 10.248.200.1
- 2 158.46 ms 185.203.72.162
- NSE: Script Post-scanning.
- Initiating NSE at 22:01
- Completed NSE at 22:01, 0.00s elapsed
- Initiating NSE at 22:01
- Completed NSE at 22:01, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 65.12 seconds
- Raw packets sent: 1499 (70.804KB) | Rcvd: 340 (40.672KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:01 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 22:01
- Completed NSE at 22:01, 0.00s elapsed
- Initiating NSE at 22:01
- Completed NSE at 22:01, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 22:01
- Completed Parallel DNS resolution of 1 host. at 22:01, 0.02s elapsed
- Initiating UDP Scan at 22:01
- Scanning 185.203.72.162 [14 ports]
- Completed UDP Scan at 22:01, 2.54s elapsed (14 total ports)
- Initiating Service scan at 22:01
- Scanning 12 services on 185.203.72.162
- Service scan Timing: About 8.33% done; ETC: 22:20 (0:17:58 remaining)
- Completed Service scan at 22:02, 102.58s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against 185.203.72.162
- Retrying OS detection (try #2) against 185.203.72.162
- Initiating Traceroute at 22:02
- Completed Traceroute at 22:03, 7.19s elapsed
- Initiating Parallel DNS resolution of 1 host. at 22:03
- Completed Parallel DNS resolution of 1 host. at 22:03, 0.02s elapsed
- NSE: Script scanning 185.203.72.162.
- Initiating NSE at 22:03
- Completed NSE at 22:03, 20.30s elapsed
- Initiating NSE at 22:03
- Completed NSE at 22:03, 1.29s elapsed
- Nmap scan report for 185.203.72.162
- Host is up (0.17s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 158.33 ms 10.248.200.1
- 2 ... 3
- 4 158.87 ms 10.248.200.1
- 5 162.33 ms 10.248.200.1
- 6 162.33 ms 10.248.200.1
- 7 162.18 ms 10.248.200.1
- 8 162.19 ms 10.248.200.1
- 9 162.20 ms 10.248.200.1
- 10 162.24 ms 10.248.200.1
- 11 ... 18
- 19 159.15 ms 10.248.200.1
- 20 157.94 ms 10.248.200.1
- 21 ... 27
- 28 160.25 ms 10.248.200.1
- 29 ...
- 30 158.62 ms 10.248.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 22:03
- Completed NSE at 22:03, 0.00s elapsed
- Initiating NSE at 22:03
- Completed NSE at 22:03, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 140.43 seconds
- Raw packets sent: 147 (13.614KB) | Rcvd: 451 (58.689KB)
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- 9tv.co.il -----
- Host's addresses:
- __________________
- 9tv.co.il. 179 IN A 185.203.72.162
- Name Servers:
- ______________
- ns2.dnsmadeeasy.com. 50960 IN A 208.80.126.2
- ns3.dnsmadeeasy.com. 81873 IN A 208.80.125.2
- ns0.dnsmadeeasy.com. 50959 IN A 208.94.148.2
- ns1.dnsmadeeasy.com. 50959 IN A 208.80.124.2
- ns4.dnsmadeeasy.com. 81872 IN A 208.80.127.2
- Mail (MX) Servers:
- ___________________
- mail.9tv.co.il. 300 IN A 146.185.58.83
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for 9tv.co.il on ns2.dnsmadeeasy.com ...
- Trying Zone Transfer for 9tv.co.il on ns3.dnsmadeeasy.com ...
- Trying Zone Transfer for 9tv.co.il on ns0.dnsmadeeasy.com ...
- Trying Zone Transfer for 9tv.co.il on ns1.dnsmadeeasy.com ...
- Trying Zone Transfer for 9tv.co.il on ns4.dnsmadeeasy.com ...
- brute force file not specified, bay.
- #######################################################################################################################################
- [+] List of software found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- Adobe PDF Library 15.0
- Adobe InDesign CC 13.1 (Macintosh)
- #######################################################################################################################################
- % The data in the WHOIS database of the .il registry is provided
- % by ISOC-IL for information purposes, and to assist persons in
- % obtaining information about or related to a domain name
- % registration record. ISOC-IL does not guarantee its accuracy.
- % By submitting a WHOIS query, you agree that you will use this
- % Data only for lawful purposes and that, under no circumstances
- % will you use this Data to: (1) allow, enable, or otherwise
- % support the transmission of mass unsolicited, commercial
- % advertising or solicitations via e-mail (spam);
- % or (2) enable high volume, automated, electronic processes that
- % apply to ISOC-IL (or its systems).
- % ISOC-IL reserves the right to modify these terms at any time.
- % By submitting this query, you agree to abide by this policy.
- query: 9tv.co.il
- reg-name: 9tv
- domain: 9tv.co.il
- descr: Vash Telekanal LTD
- descr: Thela Ha Haar 44
- descr: Modiin
- descr: 45457
- descr: Israel
- phone: +972 50 7126999
- e-mail: ervinm AT 9tv.co.il
- admin-c: DT-SR7715-IL
- tech-c: DT-SR7716-IL
- zone-c: DT-SR7717-IL
- nserver: ns0.dnsmadeeasy.com
- nserver: ns1.dnsmadeeasy.com
- nserver: ns2.dnsmadeeasy.com
- nserver: ns3.dnsmadeeasy.com
- nserver: ns4.dnsmadeeasy.com
- validity: 30-05-2019
- DNSSEC: unsigned
- status: Transfer Locked
- changed: domain-registrar AT isoc.org.il 20040530 (Assigned)
- changed: domain-registrar AT isoc.org.il 20060514 (Changed)
- changed: domain-registrar AT isoc.org.il 20080813 (Transferred)
- changed: domain-registrar AT isoc.org.il 20080813 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130731 (Changed)
- changed: domain-registrar AT isoc.org.il 20130916 (Changed)
- changed: domain-registrar AT isoc.org.il 20140429 (Changed)
- changed: domain-registrar AT isoc.org.il 20140430 (Changed)
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7715-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7716-IL
- changed: Managing Registrar 20140429
- person: Steve Rekun
- address Channel 9
- address Tzela Ha Haar 44
- address Modiin
- address 67898
- address Israel
- phone: +972 3 6232999
- e-mail: steve AT 9tv.co.il
- nic-hdl: DT-SR7717-IL
- changed: Managing Registrar 20140429
- registrar name: Domain The Net Technologies Ltd
- registrar info: https://www.domainthenet.com
- #######################################################################################################################################
- [-] Enumerating subdomains now for 9tv.co.il
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- SSL Certificates: autodiscover.9tv.co.il
- SSL Certificates: mail.9tv.co.il
- SSL Certificates: oma.9tv.co.il
- SSL Certificates: www.oma.9tv.co.il
- SSL Certificates: golden.9tv.co.il
- SSL Certificates: cpanel.9tv.co.il
- SSL Certificates: www.9tv.co.il
- SSL Certificates: api.9tv.co.il
- SSL Certificates: cpanel1.9tv.co.il
- SSL Certificates: www.cpanel1.9tv.co.il
- SSL Certificates: apps.9tv.co.il
- SSL Certificates: www.apps.9tv.co.il
- SSL Certificates: food.9tv.co.il
- SSL Certificates: ad.9tv.co.il
- SSL Certificates: sultan.9tv.co.il
- SSL Certificates: musketeers.9tv.co.il
- SSL Certificates: vek.9tv.co.il
- SSL Certificates: drp.9tv.co.il
- SSL Certificates: www.drp.9tv.co.il
- ThreatCrowd: ad.9tv.co.il
- Virustotal: golden.9tv.co.il
- Virustotal: www.9tv.co.il
- Virustotal: bstore.9tv.co.il
- Virustotal: ad.9tv.co.il
- Virustotal: mail.9tv.co.il
- Virustotal: oma.9tv.co.il
- Virustotal: cpanel.9tv.co.il
- Virustotal: food.9tv.co.il
- Virustotal: apps.9tv.co.il
- Virustotal: sultan.9tv.co.il
- Virustotal: doska.9tv.co.il
- Virustotal: mobile.9tv.co.il
- Virustotal: vek.9tv.co.il
- Virustotal: zstore.9tv.co.il
- Virustotal: astore.9tv.co.il
- Yahoo: www.9tv.co.il
- Bing: golden.9tv.co.il
- Bing: ad.9tv.co.il
- Netcraft: sultan.9tv.co.il
- Netcraft: www.9tv.co.il
- DNSdumpster: oma.9tv.co.il
- DNSdumpster: bstore.9tv.co.il
- DNSdumpster: drp.9tv.co.il
- DNSdumpster: cpanel.9tv.co.il
- DNSdumpster: www.9tv.co.il
- DNSdumpster: relay.9tv.co.il
- DNSdumpster: pcs2.9tv.co.il
- DNSdumpster: apps.9tv.co.il
- DNSdumpster: ad.9tv.co.il
- DNSdumpster: cpanel1.9tv.co.il
- DNSdumpster: food.9tv.co.il
- DNSdumpster: golden.9tv.co.il
- DNSdumpster: mail.9tv.co.il
- DNSdumpster: musketeers.9tv.co.il
- DNSdumpster: sultan.9tv.co.il
- DNSdumpster: autodiscover.9tv.co.il
- DNSdumpster: vek.9tv.co.il
- Google: doska.9tv.co.il
- [-] Saving results to file: /usr/share/sniper/loot/9tv.co.il/domains/domains-9tv.co.il.txt
- [-] Total Unique Subdomains Found: 26
- www.9tv.co.il
- ad.9tv.co.il
- api.9tv.co.il
- apps.9tv.co.il
- www.apps.9tv.co.il
- astore.9tv.co.il
- autodiscover.9tv.co.il
- bstore.9tv.co.il
- cpanel.9tv.co.il
- cpanel1.9tv.co.il
- www.cpanel1.9tv.co.il
- doska.9tv.co.il
- drp.9tv.co.il
- www.drp.9tv.co.il
- food.9tv.co.il
- golden.9tv.co.il
- mail.9tv.co.il
- mobile.9tv.co.il
- musketeers.9tv.co.il
- oma.9tv.co.il
- www.oma.9tv.co.il
- pcs2.9tv.co.il
- relay.9tv.co.il
- sultan.9tv.co.il
- vek.9tv.co.il
- zstore.9tv.co.il
- #######################################################################################################################################
- apps.9tv.co.il,62.90.177.29
- ad.9tv.co.il,93.157.83.216
- bb.9tv.co.il,93.157.83.216
- autodiscover.9tv.co.il,146.185.58.82
- blog.9tv.co.il,93.157.83.216
- crm.9tv.co.il,62.219.67.44
- dev1.9tv.co.il,93.157.83.216
- dev.9tv.co.il,62.219.67.44
- ftp.9tv.co.il,146.185.58.84
- images.9tv.co.il,62.219.11.140
- mail.9tv.co.il,146.185.58.83
- mysql1.9tv.co.il,62.90.177.19
- mobile.9tv.co.il,62.219.67.58
- promo.9tv.co.il,62.219.67.44
- radio.9tv.co.il,62.219.67.44
- relay.9tv.co.il,146.185.58.83
- cpanel1.9tv.co.il,62.90.177.24
- cpanel.9tv.co.il,62.90.177.24
- golden.9tv.co.il,62.90.177.24
- oma.9tv.co.il,146.185.58.82
- www.9tv.co.il,185.203.72.162
- 9tv.co.il,185.203.72.162
- shop.9tv.co.il,62.219.11.42
- stock.9tv.co.il,62.219.67.44
- vpn.9tv.co.il,146.185.58.66
- drp.9tv.co.il,146.185.61.50
- food.9tv.co.il,185.203.72.162
- bstore.9tv.co.il,185.203.72.163
- api.9tv.co.il,93.157.83.216
- sultan.9tv.co.il,62.219.67.44
- up.9tv.co.il,62.219.11.140
- pcs2.9tv.co.il,62.219.67.46
- musketeers.9tv.co.il,62.219.67.44
- school.9tv.co.il,62.219.67.44
- media2.9tv.co.il,185.203.72.163
- media1.9tv.co.il,62.90.177.27
- vek.9tv.co.il,62.219.67.44
- zstore.9tv.co.il,62.219.11.140
- elections.9tv.co.il,62.219.67.44
- book.9tv.co.il,93.157.83.216
- astore.9tv.co.il,62.219.11.139
- doska.9tv.co.il,91.226.245.19
- date.9tv.co.il,91.226.245.88
- pcs1.9tv.co.il,62.219.67.43
- pcs3.9tv.co.il,62.219.67.59
- #######################################################################################################################################
- [*] Processing domain 9tv.co.il
- [+] Getting nameservers
- 208.80.124.2 - ns1.dnsmadeeasy.com
- 208.94.148.2 - ns0.dnsmadeeasy.com
- 208.80.126.2 - ns2.dnsmadeeasy.com
- 208.80.125.2 - ns3.dnsmadeeasy.com
- 208.80.127.2 - ns4.dnsmadeeasy.com
- [-] Zone transfer failed
- [+] TXT records found
- "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4hpcoaTAYYJ1mxFYdOH2zgq308Ak2sxgRh6ekG7Pxp9TwJTpmk/M43UUNcPRYK1CgnkmOEcLHaUFaCMqLdajAXFLchgA99P25D5859zEKUDIFNJqivc/6q3asy61JUvQR/TifruXD7L8zLppx165HEjqBd8/C2xP2VkGmyJCJRQIDAQAB"
- "v=spf1 ip4:146.185.58.83 -all"
- [+] MX records found, added to target list
- 0 mail.9tv.co.il.
- [*] Scanning 9tv.co.il for A records
- 185.203.72.162 - 9tv.co.il
- 185.203.72.162 - www.9tv.co.il
- 146.185.58.83 - mail.9tv.co.il
- 146.185.58.84 - ftp.9tv.co.il
- 62.90.177.24 - cpanel.9tv.co.il
- 146.185.58.82 - autodiscover.9tv.co.il
- 93.157.83.216 - blog.9tv.co.il
- 62.219.67.44 - dev.9tv.co.il
- 146.185.58.66 - vpn.9tv.co.il
- 62.219.67.58 - mobile.9tv.co.il
- 62.219.11.42 - shop.9tv.co.il
- 62.219.11.140 - images.9tv.co.il
- 93.157.83.216 - api.9tv.co.il
- 62.219.67.44 - crm.9tv.co.il
- 62.90.177.29 - apps.9tv.co.il
- 146.185.58.83 - relay.9tv.co.il
- 93.157.83.216 - ad.9tv.co.il
- 62.219.67.44 - radio.9tv.co.il
- 93.157.83.216 - bb.9tv.co.il
- 62.219.67.44 - promo.9tv.co.il
- 93.157.83.216 - dev1.9tv.co.il
- 93.157.83.216 - book.9tv.co.il
- 62.219.11.140 - up.9tv.co.il
- 62.219.67.44 - school.9tv.co.il
- 185.203.72.162 - food.9tv.co.il
- 185.203.72.163 - media2.9tv.co.il
- 62.90.177.19 - mysql1.9tv.co.il
- 62.219.67.44 - stock.9tv.co.il
- 62.90.177.27 - media1.9tv.co.il
- 62.219.67.44 - elections.9tv.co.il
- 146.185.58.82 - oma.9tv.co.il
- 91.226.245.88 - date.9tv.co.il
- 62.90.177.24 - golden.9tv.co.il
- 91.226.245.19 - doska.9tv.co.il
- 62.90.177.24 - cpanel1.9tv.co.il
- #######################################################################################################################################
- ad.9tv.co.il
- api.9tv.co.il
- apps.9tv.co.il
- autodiscover.9tv.co.il
- cpanel1.9tv.co.il
- cpanel.9tv.co.il
- drp.9tv.co.il
- food.9tv.co.il
- golden.9tv.co.il
- mail.9tv.co.il
- musketeers.9tv.co.il
- oma.9tv.co.il
- sultan.9tv.co.il
- vek.9tv.co.il
- www.9tv.co.il
- www.apps.9tv.co.il
- www.cpanel1.9tv.co.il
- www.drp.9tv.co.il
- www.oma.9tv.co.il
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 ip4:146.185.58.83 -all
- [*] SPF record contains an All item: -all
- [*] Found DMARC record:
- [*] v=DMARC1; p=none
- [+] DMARC policy set to none
- [+] Spoofing possible for 9tv.co.il!
- #######################################################################################################################################
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for 9tv.co.il... Done
- Using nameservers:
- - 208.80.124.2
- - 208.94.148.2
- - 208.80.126.2
- - 208.80.125.2
- - 208.80.127.2
- Checking for wildcard DNS... Done
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: Netcraft... Done (0 hosts)
- Running collector: Google Transparency Report... Done (11 hosts)
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: PublicWWW... Done (0 hosts)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: HackerTarget... Done (18 hosts)
- Running collector: Certificate Search... Done (19 hosts)
- Running collector: Dictionary... Done (27 hosts)
- Running collector: Wayback Machine... Timed out
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Running collector: DNSDB... Error
- -> DNSDB returned unexpected response code: 503
- Running collector: Threat Crowd... Done (1 host)
- Resolving 50 unique hosts...
- 185.203.72.162 .9tv.co.il
- 185.203.72.162 9tv.co.il
- 93.157.83.216 ad.9tv.co.il
- 93.157.83.216 api.9tv.co.il
- 62.90.177.29 apps.9tv.co.il
- 146.185.58.82 autodiscover.9tv.co.il
- 185.203.72.163 bstore.9tv.co.il
- 62.90.177.24 cpanel.9tv.co.il
- 62.90.177.24 cpanel1.9tv.co.il
- 146.185.61.50 drp.9tv.co.il
- 185.203.72.162 food.9tv.co.il
- 62.90.177.24 golden.9tv.co.il
- 146.185.58.83 mail.9tv.co.il
- 62.219.67.44 musketeers.9tv.co.il
- 146.185.58.82 oma.9tv.co.il
- 62.219.67.46 pcs2.9tv.co.il
- 146.185.58.83 relay.9tv.co.il
- 62.219.67.44 sultan.9tv.co.il
- 62.219.67.44 vek.9tv.co.il
- 185.203.72.162 www.9tv.co.il
- Found subnets:
- - 185.203.72.0-255 : 5 hosts
- - 62.219.67.0-255 : 4 hosts
- - 146.185.58.0-255 : 4 hosts
- - 62.90.177.0-255 : 4 hosts
- - 93.157.83.0-255 : 2 hosts
- Wrote 20 hosts to:
- - file:///root/aquatone/9tv.co.il/hosts.txt
- - file:///root/aquatone/9tv.co.il/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 20 hosts from /root/aquatone/9tv.co.il/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for 9tv.co.il... Done
- Using nameservers:
- - 208.80.124.2
- - 208.94.148.2
- - 208.80.126.2
- - 208.80.125.2
- - 208.80.127.2
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 20
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/9tv.co.il/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 20 hosts from /root/aquatone/9tv.co.il/hosts.json
- Probing 20 ports...
- 80/tcp 62.219.67.46 pcs2.9tv.co.il
- 80/tcp 146.185.61.50 drp.9tv.co.il
- 80/tcp 185.203.72.162 9tv.co.il, .9tv.co.il, www.9tv.co.il and 1 more
- 80/tcp 93.157.83.216 ad.9tv.co.il, api.9tv.co.il
- 80/tcp 146.185.58.83 mail.9tv.co.il, relay.9tv.co.il
- 80/tcp 185.203.72.163 bstore.9tv.co.il
- 80/tcp 62.90.177.29 apps.9tv.co.il
- 80/tcp 62.219.67.44 musketeers.9tv.co.il, sultan.9tv.co.il, vek.9tv.co.il
- 80/tcp 62.90.177.24 cpanel.9tv.co.il, cpanel1.9tv.co.il, golden.9tv.co.il
- 80/tcp 146.185.58.82 autodiscover.9tv.co.il, oma.9tv.co.il
- 443/tcp 146.185.58.82 autodiscover.9tv.co.il, oma.9tv.co.il
- 443/tcp 62.90.177.24 cpanel.9tv.co.il, cpanel1.9tv.co.il, golden.9tv.co.il
- 443/tcp 62.90.177.29 apps.9tv.co.il
- Wrote open ports to file:///root/aquatone/9tv.co.il/open_ports.txt
- Wrote URLs to file:///root/aquatone/9tv.co.il/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- Processing 26 pages...
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:17 EDT
- Nmap scan report for 9tv.co.il (185.203.72.162)
- Host is up (0.20s latency).
- Not shown: 471 filtered ports, 3 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 5666/tcp open nrpe
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 22:18 EDT
- Nmap scan report for 9tv.co.il (185.203.72.162)
- Host is up (0.16s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://9tv.co.il
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 14
- #######################################################################################################################################
- http://9tv.co.il [200 OK] Cookies[ipp_uid,ipp_uid1,ipp_uid2,rerf], Email[Rating@Mail.ru,maoz@9tv.co.il,stasy@9tv.co.il,tamih@9tv.co.il], Facebook-Plugin[likebox], Frame, Google-Analytics[Universal][UA-10448114-1], HTML5, IP[185.203.72.162], JQuery, Modernizr[2.6.2.min], Script[text/javascript], Title[9 Канал | Новости Израиля и мира | Лента новостей | ТВ видео онлайн], UncommonHeaders[access-control-allow-origin,x-variti-ccr]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://9tv.co.il...
- _____________________ SITE INFO ______________________
- IP Title
- 185.203.72.162 9 Канал | Новости Израиля и мира |
- ______________________ VERSION _______________________
- Name Versions Type
- PHP 5.5.38 Platform
- ____________________ INTERESTING _____________________
- URL Note Type
- /robots.txt robots.txt index Interesting
- /info.php PHP info file Interesting
- /test/ Test directory Interesting
- ______________________________________________________
- Time: 121.1 sec Urls: 679 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Sun, 28 Oct 2018 02:20:42 GMT
- Content-Type: text/html
- Vary: Accept-Encoding
- Access-Control-Allow-Origin: *
- X-VARITI-CCR: 418934033:1
- Set-Cookie: ipp_uid2=NqAGkp5jSaHPvHd6/qKlWjDEsx7vmCwTQTUwECw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- Set-Cookie: ipp_uid1=1540693241958; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- Set-Cookie: ipp_uid=1540693241958/NqAGkp5jSaHPvHd6/qKlWjDEsx7vmCwTQTUwECw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/
- Set-Cookie: rerf=AAAAAFvVHPo6YRq5A4HJAg==; expires=Tue, 27-Nov-18 02:20:42 GMT; path=/
- P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
- Content-Encoding: gzip
- Connection: keep-alive
- ######################################################################################################################################
- I, [2018-10-27T22:20:43.941477 #8906] INFO -- : Initiating port scan
- I, [2018-10-27T22:21:49.289413 #8906] INFO -- : Using nmap scan output file logs/nmap_output_2018-10-27_22-20-43.xml
- I, [2018-10-27T22:21:49.290412 #8906] INFO -- : Discovered open port: 185.203.72.162:80
- I, [2018-10-27T22:21:51.024363 #8906] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
- I, [2018-10-27T22:21:52.669216 #8906] INFO -- : Discovered tcpwrapped port: 185.203.72.162:5666
- I, [2018-10-27T22:21:56.042740 #8906] INFO -- : <<<Enumerating vulnerable applications>>>
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+--------------------+-------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+--------------------+-------------------+----------+----------+
- +----------+--------------------+-------------------+----------+----------+
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 185.203.72.162
- + Target Hostname: 185.203.72.162
- + Target Port: 80
- + Start Time: 2018-10-27 22:56:04 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
- + Cookie rerf created without the httponly flag
- + Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 5 item(s) reported on remote host
- + End Time: 2018-10-27 23:17:54 (GMT-4) (1310 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- ######################################################################################################################################
- -------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 185.203.72.162
- + Target Hostname: 9tv.co.il
- + Target Port: 80
- + Start Time: 2018-10-28 00:29:39 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: nginx
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'x-variti-ccr' found, with contents: 419552490:3
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Cookie ipp_uid2 created without the httponly flag
- + Cookie ipp_uid1 created without the httponly flag
- + Cookie ipp_uid created without the httponly flag
- + Cookie rerf created without the httponly flag
- + Server leaks inodes via ETags, header found with file /robots.txt, inode: 1840803, size: 216, mtime: Thu Apr 20 07:04:20 2017
- + Entry '/a-panel/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
- + Retrieved x-powered-by header: PHP/5.5.38
- + /facebook/: PHP include error may indicate local or remote file inclusion is possible.
- + Entry '/facebook/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
- + Entry '/news/2016/12/10/235701.html' in robots.txt returned a non-forbidden or redirect HTTP code (200)
- + "robots.txt" contains 10 entries which should be manually viewed.
- + Uncommon header 'tcn' found, with contents: list
- + Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. See http://www.wisec.it/sectou.php?id=4698ebdc59d15. The following alternatives for 'index' were found: index.html
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 17 item(s) reported on remote host
- + End Time: 2018-10-28 00:33:03 (GMT-4) (204 seconds)
- --------------------------------------------------------------------------------------------------------------------------------------
- ######################################################################################################################################
- =======================================================================================================================================
- | Domain: http://9tv.co.il/
- | IP: 185.203.72.162
- =======================================================================================================================================
- |
- | Directory check:
- | [+] CODE: 200 URL: http://9tv.co.il/RSS/
- | [+] CODE: 200 URL: http://9tv.co.il/adbanner/
- | [+] CODE: 200 URL: http://9tv.co.il/adclick/
- | [+] CODE: 200 URL: http://9tv.co.il/adios_papa/
- | [+] CODE: 200 URL: http://9tv.co.il/adlink/
- | [+] CODE: 200 URL: http://9tv.co.il/adm/fckeditor/
- | [+] CODE: 200 URL: http://9tv.co.il/adm/
- | [+] CODE: 200 URL: http://9tv.co.il/adlinks/
- | [+] CODE: 200 URL: http://9tv.co.il/adlog/
- | [+] CODE: 200 URL: http://9tv.co.il/adminhtml/
- | [+] CODE: 200 URL: http://9tv.co.il/admingta/
- | [+] CODE: 200 URL: http://9tv.co.il/admin/FCKeditor/
- | [+] CODE: 200 URL: http://9tv.co.il/admbin/
- | [+] CODE: 200 URL: http://9tv.co.il/admin/
- | [+] CODE: 200 URL: http://9tv.co.il/adminapi/
- | [+] CODE: 200 URL: http://9tv.co.il/administracao/
- | [+] CODE: 200 URL: http://9tv.co.il/admin/scripts/fckeditor/
- | [+] CODE: 200 URL: http://9tv.co.il/admin/fckeditor/admins/
- | [+] CODE: 200 URL: http://9tv.co.il/adsales/
- | [+] CODE: 200 URL: http://9tv.co.il/adserv/
- | [+] CODE: 200 URL: http://9tv.co.il/adsense/
- | [+] CODE: 200 URL: http://9tv.co.il/adserve/
- | [+] CODE: 200 URL: http://9tv.co.il/adserver/
- | [+] CODE: 200 URL: http://9tv.co.il/adsrv/
- | [+] CODE: 200 URL: http://9tv.co.il/advert/
- | [+] CODE: 200 URL: http://9tv.co.il/auditoria/
- | [+] CODE: 200 URL: http://9tv.co.il/audition/
- | [+] CODE: 200 URL: http://9tv.co.il/audits/
- | [+] CODE: 200 URL: http://9tv.co.il/auditor/
- | [+] CODE: 200 URL: http://9tv.co.il/auradam/
- | [+] CODE: 200 URL: http://9tv.co.il/autenticacao/
- | [+] CODE: 200 URL: http://9tv.co.il/aut/
- | [+] CODE: 200 URL: http://9tv.co.il/authorid/
- | [+] CODE: 200 URL: http://9tv.co.il/author/
- | [+] CODE: 200 URL: http://9tv.co.il/autoconf/
- | [+] CODE: 200 URL: http://9tv.co.il/authcode/
- | [+] CODE: 200 URL: http://9tv.co.il/automize/
- | [+] CODE: 200 URL: http://9tv.co.il/automake/
- | [+] CODE: 200 URL: http://9tv.co.il/bannerad/
- | [+] CODE: 200 URL: http://9tv.co.il/block/
- | [+] CODE: 200 URL: http://9tv.co.il/blogger/
- | [+] CODE: 200 URL: http://9tv.co.il/blogher/
- | [+] CODE: 200 URL: http://9tv.co.il/bloghome/
- | [+] CODE: 200 URL: http://9tv.co.il/blackice/
- | [+] CODE: 200 URL: http://9tv.co.il/blogid/
- | [+] CODE: 200 URL: http://9tv.co.il/blogapi/
- | [+] CODE: 200 URL: http://9tv.co.il/bloglogo/
- | [+] CODE: 200 URL: http://9tv.co.il/blogmap/
- | [+] CODE: 200 URL: http://9tv.co.il/blogg/
- | [+] CODE: 200 URL: http://9tv.co.il/blognews/
- | [+] CODE: 200 URL: http://9tv.co.il/blogi/
- | [+] CODE: 200 URL: http://9tv.co.il/blogmen/
- | [+] CODE: 200 URL: http://9tv.co.il/brand/
- | [+] CODE: 200 URL: http://9tv.co.il/calhas/
- | [+] CODE: 200 URL: http://9tv.co.il/camabox/
- | [+] CODE: 200 URL: http://9tv.co.il/camaboxcasal/
- | [+] CODE: 200 URL: http://9tv.co.il/camping/
- | [+] CODE: 200 URL: http://9tv.co.il/calls/
- | [+] CODE: 200 URL: http://9tv.co.il/camp/
- | [+] CODE: 200 URL: http://9tv.co.il/calendrier/
- | [+] CODE: 200 URL: http://9tv.co.il/calcoo/
- | [+] CODE: 200 URL: http://9tv.co.il/campi/
- | [+] CODE: 200 URL: http://9tv.co.il/campanhas/
- | [+] CODE: 200 URL: http://9tv.co.il/campo_ere/
- | [+] CODE: 200 URL: http://9tv.co.il/can-spam/
- | [+] CODE: 200 URL: http://9tv.co.il/cd/
- | [+] CODE: 200 URL: http://9tv.co.il/collinb/
- | [+] CODE: 200 URL: http://9tv.co.il/com_tra/
- | [+] CODE: 200 URL: http://9tv.co.il/comarcas/
- | [+] CODE: 200 URL: http://9tv.co.il/comarca/
- | [+] CODE: 200 URL: http://9tv.co.il/com_gcalendar/
- | [+] CODE: 200 URL: http://9tv.co.il/com_docman/
- | [+] CODE: 200 URL: http://9tv.co.il/com_int/
- | [+] CODE: 200 URL: http://9tv.co.il/column/
- | [+] CODE: 200 URL: http://9tv.co.il/com_mailto/
- | [+] CODE: 200 URL: http://9tv.co.il/com_joomap/
- | [+] CODE: 200 URL: http://9tv.co.il/comic/
- | [+] CODE: 200 URL: http://9tv.co.il/comedouros/
- | [+] CODE: 200 URL: http://9tv.co.il/comment/
- | [+] CODE: 200 URL: http://9tv.co.il/commando/
- | [+] CODE: 200 URL: http://9tv.co.il/commands/
- | [+] CODE: 200 URL: http://9tv.co.il/comfort/
- | [+] CODE: 200 URL: http://9tv.co.il/comments/
- | [+] CODE: 200 URL: http://9tv.co.il/contact/
- | [+] CODE: 200 URL: http://9tv.co.il/cookies/
- | [+] CODE: 200 URL: http://9tv.co.il/correiapinto/
- | [+] CODE: 200 URL: http://9tv.co.il/cooler_s_alca/
- | [+] CODE: 200 URL: http://9tv.co.il/coza_next_bag/
- | [+] CODE: 200 URL: http://9tv.co.il/counter/
- | [+] CODE: 200 URL: http://9tv.co.il/contacte/
- | [+] CODE: 200 URL: http://9tv.co.il/counties/
- | [+] CODE: 200 URL: http://9tv.co.il/corz/
- | [+] CODE: 200 URL: http://9tv.co.il/counts/
- | [+] CODE: 200 URL: http://9tv.co.il/country/
- | [+] CODE: 200 URL: http://9tv.co.il/corzoogle/
- | [+] CODE: 200 URL: http://9tv.co.il/corrida/
- | [+] CODE: 200 URL: http://9tv.co.il/corp/
- | [+] CODE: 200 URL: http://9tv.co.il/cpanel/
- | [+] CODE: 200 URL: http://9tv.co.il/datasets/
- | [+] CODE: 200 URL: http://9tv.co.il/dbc/
- | [+] CODE: 200 URL: http://9tv.co.il/dbd-pgpp/
- | [+] CODE: 200 URL: http://9tv.co.il/dbm/
- | [+] CODE: 200 URL: http://9tv.co.il/db/
- | [+] CODE: 200 URL: http://9tv.co.il/dbn/
- | [+] CODE: 200 URL: http://9tv.co.il/dating/
- | [+] CODE: 200 URL: http://9tv.co.il/dbus/
- | [+] CODE: 200 URL: http://9tv.co.il/dbox/
- | [+] CODE: 200 URL: http://9tv.co.il/dbp/
- | [+] CODE: 200 URL: http://9tv.co.il/dbi/
- | [+] CODE: 200 URL: http://9tv.co.il/dbsec/
- | [+] CODE: 200 URL: http://9tv.co.il/dbms/
- | [+] CODE: 200 URL: http://9tv.co.il/facebook/
- | [+] CODE: 200 URL: http://9tv.co.il/flashfxp/
- | [+] CODE: 200 URL: http://9tv.co.il/flashxss/
- | [+] CODE: 200 URL: http://9tv.co.il/flashget/
- | [+] CODE: 200 URL: http://9tv.co.il/flashpro/
- | [+] CODE: 200 URL: http://9tv.co.il/first/
- | [+] CODE: 200 URL: http://9tv.co.il/flashs/
- | [+] CODE: 200 URL: http://9tv.co.il/flickr/
- | [+] CODE: 200 URL: http://9tv.co.il/flick/
- | [+] CODE: 200 URL: http://9tv.co.il/flex/
- | [+] CODE: 200 URL: http://9tv.co.il/flonorm/
- | [+] CODE: 200 URL: http://9tv.co.il/flipo/
- | [+] CODE: 200 URL: http://9tv.co.il/flog/
- | [+] CODE: 200 URL: http://9tv.co.il/flist/
- | [+] CODE: 200 URL: http://9tv.co.il/flip/
- | [+] CODE: 200 URL: http://9tv.co.il/fluxo/
- | [+] CODE: 200 URL: http://9tv.co.il/football/
- | [+] CODE: 200 URL: http://9tv.co.il/info/
- | [+] CODE: 200 URL: http://9tv.co.il/kfind/
- | [+] CODE: 200 URL: http://9tv.co.il/keywords/
- | [+] CODE: 200 URL: http://9tv.co.il/keypass/
- | [+] CODE: 200 URL: http://9tv.co.il/keyword/
- | [+] CODE: 200 URL: http://9tv.co.il/king/
- | [+] CODE: 200 URL: http://9tv.co.il/kikimimi/
- | [+] CODE: 200 URL: http://9tv.co.il/kibeloco/
- | [+] CODE: 200 URL: http://9tv.co.il/kfsensor/
- | [+] CODE: 200 URL: http://9tv.co.il/kmix/
- | [+] CODE: 200 URL: http://9tv.co.il/kisyubbs/
- | [+] CODE: 200 URL: http://9tv.co.il/kit_banho/
- | [+] CODE: 200 URL: http://9tv.co.il/kitap/
- | [+] CODE: 200 URL: http://9tv.co.il/konqueror/
- | [+] CODE: 200 URL: http://9tv.co.il/klipper/
- #######################################################################################################################################
- | Check robots.txt:
- | [+] User-agent: *
- | [+] Allow: /
- | [+] Disallow: /a-panel/
- | [+] Disallow: /cgi-bin/
- | [+] Disallow: /facebook/
- | [+] Disallow: /flowplayer/
- | [+] Disallow: /images/
- | [+] Disallow: /php/
- | [+] Disallow: /new99/
- | [+] Disallow:/news/2016/12/10/235701.html
- | [+] Allow: /new99/css/
- #######################################################################################################################################
- | External hosts:
- | [+] External Host Found: http://pagead2.googlesyndication.com
- | [+] External Host Found: http://isrageo.com
- | [+] External Host Found: http://booknik.ru
- | [+] External Host Found: http://top.mail.ru
- | [+] External Host Found: http://pogoda.co.il
- | [+] External Host Found: http://bs.serving-sys.com
- | [+] External Host Found: https://www.facebook.com
- | [+] External Host Found: http://www.google.com
- | [+] External Host Found: http://izrus.co.il
- | [+] External Host Found: http://zahav.ru
- | [+] External Host Found: http://top100.rambler.ru
- | [+] External Host Found: http://ajax.googleapis.com
- | [+] External Host Found: https://www.google.com
- | [+] External Host Found: http://akamai.advsnx.net
- | [+] External Host Found: https://ajax.googleapis.com
- | [+] External Host Found: http://browsehappy.com
- | [+] External Host Found: http://www.forumdaily.com
- | [+] External Host Found: http://doska.co.il
- | [+] External Host Found: http://www.google.co.il
- | [+] External Host Found: http://echo.msk.ru
- | [+] External Host Found: http://www.openvideoads.org
- | [+] External Host Found: https://twitter.com
- | [+] External Host Found: https://www.youtube.com
- | [+] External Host Found: http://www.luckymirror.ru
- | [+] External Host Found: http://www.beinisrael.com
- | [+] External Host Found: http://detki.co.il
- | [+] External Host Found: http://80.179.151.76
- | [+] External Host Found: http://newsru.co.il
- | [+] External Host Found: http://code.jquery.com
- | [+] External Host Found: http://counter.rambler.ru
- | [+] External Host Found: http://relevantinfo.co.il
- | [+] External Host Found: http://rusdate.co.il
- | [+] External Host Found: https://kupi.co.il
- | [+] External Host Found: https://disqus.com
- | [+] External Host Found: http://assets.vicomi.com
- | [+] External Host Found: http://www.themarker.com
- | [+] External Host Found: http://arti-media.net
- | [+] External Host Found: https://cdnjs.cloudflare.com
- | [+] External Host Found: http://p.artipbox.net
- #######################################################################################################################################
- | E-mails:
- | [+] E-mail Found: mailadom@9tv.co.il
- | [+] E-mail Found: webmaster@9tv.co.il
- | [+] E-mail Found: publiccomplains@9tv.co.il
- | [+] E-mail Found: hrm@9tv.co.il
- | [+] E-mail Found: online.redaktor@9tv.co.il
- | [+] E-mail Found: yuriw@9tv.co.il
- | [+] E-mail Found: enquiries@openvideoads.org
- | [+] E-mail Found: annats@9tv.co.il
- | [+] E-mail Found: stasy@9tv.co.il
- | [+] E-mail Found: tamih@9tv.co.il
- | [+] E-mail Found: annas@9tv.co.il
- | [+] E-mail Found: maoz@9tv.co.il
- | [+] E-mail Found: license@php.net
- | [+] E-mail Found: adib@9tv.co.il
- | [+] E-mail Found: your@email.com
- #######################################################################################################################################
- | PHPinfo() Disclosure:
- | [+] phpinfo() page: http://9tv.co.il/info/
- | System: Linux cpanel1.9tv.co.il 2.6.32-042stab120.6 #1 SMP Thu Oct 27 16:59:03 MSK 2016 x86_64
- | PHP version: 5.5.38
- | DOCUMENT_ROOT: /home/tvco9tvc/public_html
- | SCRIPT_FILENAME: /home/tvco9tvc/public_html/info.php
- | allow_url_fopen: On
- | allow_url_include: Off
- | disable_functions: <i>no value</i>
- | OpenSSL Library Version: OpenSSL 1.0.2p 14 Aug 2018
- #######################################################################################################################################
- Anonymous JTSEC #OpIsrael Full Recon #8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement