SHARE
TWEET

Anonymous JTSEC #OpDomesticTerrorism Full Recon #8

JTSEC1333 Apr 2nd, 2019 551 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. =======================================================================================================================================
  3. Hostname    fascistforge.com        ISP     ITL LLC
  4. Continent   Europe      Flag    
  5. UA
  6. Country     Ukraine         Country Code    UA
  7. Region  Unknown         Local time  02 Apr 2019 03:12 EEST
  8. City    Unknown         Postal Code     Unknown
  9. IP Address  195.54.163.187      Latitude    50.45
  10.             Longitude   30.523
  11.  
  12. =======================================================================================================================================
  13. #######################################################################################################################################
  14. > fascistforge.com
  15. Server:     185.93.180.131
  16. Address:    185.93.180.131#53
  17.  
  18. Non-authoritative answer:
  19. Name:   fascistforge.com
  20. Address: 195.54.163.187
  21. >
  22. #######################################################################################################################################
  23.   Domain Name: FASCISTFORGE.COM
  24.    Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  25.    Registrar WHOIS Server: whois.hostinger.com
  26.    Registrar URL: http://www.hostinger.com
  27.    Updated Date: 2019-03-09T04:21:18Z
  28.    Creation Date: 2019-03-09T04:21:18Z
  29.    Registry Expiry Date: 2020-03-09T04:21:18Z
  30.    Registrar: Hostinger, UAB
  31.    Registrar IANA ID: 1636
  32.    Registrar Abuse Contact Email: abuse@hostinger.com
  33.    Registrar Abuse Contact Phone: +37064503378
  34.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  35.    Name Server: NS1.HOSTINGER.COM
  36.    Name Server: NS2.HOSTINGER.COM
  37.    Name Server: NS3.HOSTINGER.COM
  38.    Name Server: NS4.HOSTINGER.COM
  39.    DNSSEC: unsigned
  40.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  41. >>> Last update of whois database: 2019-04-02T00:15:20Z <<<
  42.  
  43. For more information on Whois status codes, please visit https://icann.org/epp
  44.  
  45. NOTICE: The expiration date displayed in this record is the date the
  46. registrar's sponsorship of the domain name registration in the registry is
  47. currently set to expire. This date does not necessarily reflect the expiration
  48. date of the domain name registrant's agreement with the sponsoring
  49. registrar.  Users may consult the sponsoring registrar's Whois database to
  50. view the registrar's reported date of expiration for this registration.
  51.  
  52. TERMS OF USE: You are not authorized to access or query our Whois
  53. database through the use of electronic processes that are high-volume and
  54. automated except as reasonably necessary to register domain names or
  55. modify existing registrations; the Data in VeriSign Global Registry
  56. Services' ("VeriSign") Whois database is provided by VeriSign for
  57. information purposes only, and to assist persons in obtaining information
  58. about or related to a domain name registration record. VeriSign does not
  59. guarantee its accuracy. By submitting a Whois query, you agree to abide
  60. by the following terms of use: You agree that you may use this Data only
  61. for lawful purposes and that under no circumstances will you use this Data
  62. to: (1) allow, enable, or otherwise support the transmission of mass
  63. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  64. or facsimile; or (2) enable high volume, automated, electronic processes
  65. that apply to VeriSign (or its computer systems). The compilation,
  66. repackaging, dissemination or other use of this Data is expressly
  67. prohibited without the prior written consent of VeriSign. You agree not to
  68. use electronic processes that are automated and high-volume to access or
  69. query the Whois database except as reasonably necessary to register
  70. domain names or modify existing registrations. VeriSign reserves the right
  71. to restrict your access to the Whois database in its sole discretion to ensure
  72. operational stability.  VeriSign may restrict or terminate your access to the
  73. Whois database for failure to abide by these terms of use. VeriSign
  74. reserves the right to modify these terms at any time.
  75.  
  76. The Registry database contains ONLY .COM, .NET, .EDU domains and
  77. Registrars.
  78. Domain Name: FASCISTFORGE.COM
  79. Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  80. Registrar WHOIS Server: whois.hostinger.com
  81. Registrar URL: https://www.hostinger.com
  82. Updated Date: 2019-03-09T04:21:20Z
  83. Creation Date: 2019-03-09T04:21:18Z
  84. Registrar Registration Expiration Date: 2020-03-09T04:21:18Z
  85. Registrar: Hostinger, UAB
  86. Registrar IANA ID: 1636
  87. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  88. Registry Registrant ID: Not Available From Registry
  89. Registrant Name: Domain Admin
  90. Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
  91. Registrant Street: 10 Corporate Drive  
  92. Registrant City: Burlington
  93. Registrant State/Province: MA
  94. Registrant Postal Code: 01803
  95. Registrant Country: US
  96. Registrant Phone: +1.8022274003
  97. Registrant Phone Ext:
  98. Registrant Fax:
  99. Registrant Fax Ext:
  100. Registrant Email: contact@privacyprotect.org
  101. Registry Admin ID: Not Available From Registry
  102. Admin Name: Domain Admin
  103. Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
  104. Admin Street: 10 Corporate Drive  
  105. Admin City: Burlington
  106. Admin State/Province: MA
  107. Admin Postal Code: 01803
  108. Admin Country: US
  109. Admin Phone: +1.8022274003
  110. Admin Phone Ext:
  111. Admin Fax:
  112. Admin Fax Ext:
  113. Admin Email: contact@privacyprotect.org
  114. Registry Tech ID: Not Available From Registry
  115. Tech Name: Domain Admin
  116. Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
  117. Tech Street: 10 Corporate Drive  
  118. Tech City: Burlington
  119. Tech State/Province: MA
  120. Tech Postal Code: 01803
  121. Tech Country: US
  122. Tech Phone: +1.8022274003
  123. Tech Phone Ext:
  124. Tech Fax:
  125. Tech Fax Ext:
  126. Tech Email: contact@privacyprotect.org
  127. Name Server: ns1.hostinger.com
  128. Name Server: ns2.hostinger.com
  129. Name Server: ns3.hostinger.com
  130. Name Server: ns4.hostinger.com
  131. DNSSEC: Unsigned
  132. Registrar Abuse Contact Email: abuse@hostinger.com
  133. Registrar Abuse Contact Phone: +37064503378
  134. URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
  135. #######################################################################################################################################
  136. HostIP:195.54.163.187
  137. HostName:fascistforge.com
  138.  
  139. Gathered Inet-whois information for 195.54.163.187
  140. ---------------------------------------------------------------------------------------------------------------------------------------
  141.  
  142.  
  143. inetnum:        195.54.162.0 - 195.54.163.255
  144. netname:        SECOM-UA
  145. country:        NL
  146. org:            ORG-PDMP1-RIPE
  147. admin-c:        DMP64-RIPE
  148. tech-c:         GVP4-RIPE
  149. status:         ASSIGNED PI
  150. mnt-by:         RIPE-NCC-END-MNT
  151. mnt-by:         SECOM-UA-MNT
  152. mnt-routes:     ITL-MNT
  153. mnt-domains:    SECOM-UA-MNT
  154. created:        2010-06-03T14:39:12Z
  155. last-modified:  2018-10-11T09:16:27Z
  156. source:         RIPE
  157. sponsoring-org: ORG-ML410-RIPE
  158.  
  159. organisation:   ORG-PDMP1-RIPE
  160. org-name:       PE Dobrogivskiy Muroslav Petrovich
  161. remarks:        ServerCommunications
  162. remarks:        http://secom.com.ua
  163. org-type:       other
  164. address:        21009, PB 867, Vinnitsa, Ukraine
  165. phone:          +380443839153
  166. abuse-c:        AR21445-RIPE
  167. admin-c:        DMP5-RIPE
  168. tech-c:         GVP4-RIPE
  169. mnt-ref:        SECOM-UA-MNT
  170. mnt-ref:        SOLTECH-MNT
  171. mnt-ref:        PROWEB-MNT
  172. mnt-by:         SECOM-UA-MNT
  173. created:        2010-04-06T18:25:38Z
  174. last-modified:  2018-07-05T12:04:32Z
  175. source:         RIPE # Filtered
  176.  
  177. person:         Dobrogivskiy Muroslav Petrovich
  178. address:        21009, Vinnytsia,  PO 867
  179. phone:          +38.097.91.56.132
  180. nic-hdl:        DMP64-RIPE
  181. mnt-by:         SECOM-UA-MNT
  182. created:        2017-06-20T16:39:00Z
  183. last-modified:  2017-08-08T13:23:02Z
  184. source:         RIPE # Filtered
  185.  
  186. person:         Goloven'ko V'yacheslav Petrovich
  187. address:        21009, PB 867, Vinnitsa, Ukraine
  188. phone:          +38.067.746.06.62
  189. mnt-by:         SECOM-UA-MNT
  190. nic-hdl:        GVP4-RIPE
  191. created:        2010-04-06T18:22:37Z
  192. last-modified:  2017-06-20T16:49:12Z
  193. source:         RIPE # Filtered
  194.  
  195. % Information related to '195.54.163.0/24AS15626'
  196.  
  197. route:          195.54.163.0/24
  198. descr:          SECOM-UA
  199. origin:         AS15626
  200. mnt-by:         ITL-MNT
  201. created:        2016-05-16T18:02:36Z
  202. last-modified:  2016-05-16T18:02:36Z
  203. source:         RIPE
  204.  
  205. % This query was served by the RIPE Database Query Service version 1.93.2 (WAGYU)
  206.  
  207.  
  208.  
  209. Gathered Inic-whois information for fascistforge.com
  210. ---------------------------------------------------------------------------------------------------------------------------------------
  211.    Domain Name: FASCISTFORGE.COM
  212.    Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  213.    Registrar WHOIS Server: whois.hostinger.com
  214.    Registrar URL: http://www.hostinger.com
  215.    Updated Date: 2019-03-09T04:21:18Z
  216.    Creation Date: 2019-03-09T04:21:18Z
  217.    Registry Expiry Date: 2020-03-09T04:21:18Z
  218.    Registrar: Hostinger, UAB
  219.    Registrar IANA ID: 1636
  220.    Registrar Abuse Contact Email: abuse@hostinger.com
  221.    Registrar Abuse Contact Phone: +37064503378
  222.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  223.    Name Server: NS1.HOSTINGER.COM
  224.    Name Server: NS2.HOSTINGER.COM
  225.    Name Server: NS3.HOSTINGER.COM
  226.    Name Server: NS4.HOSTINGER.COM
  227.    DNSSEC: unsigned
  228.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  229. >>> Last update of whois database: 2019-04-02T00:19:38Z <<<
  230.  
  231. For more information on Whois status codes, please visit https://icann.org/epp
  232.  
  233. NOTICE: The expiration date displayed in this record is the date the
  234. registrar's sponsorship of the domain name registration in the registry is
  235. currently set to expire. This date does not necessarily reflect the expiration
  236. date of the domain name registrant's agreement with the sponsoring
  237. registrar.  Users may consult the sponsoring registrar's Whois database to
  238. view the registrar's reported date of expiration for this registration.
  239.  
  240. TERMS OF USE: You are not authorized to access or query our Whois
  241. database through the use of electronic processes that are high-volume and
  242. automated except as reasonably necessary to register domain names or
  243. modify existing registrations; the Data in VeriSign Global Registry
  244. Services' ("VeriSign") Whois database is provided by VeriSign for
  245. information purposes only, and to assist persons in obtaining information
  246. about or related to a domain name registration record. VeriSign does not
  247. guarantee its accuracy. By submitting a Whois query, you agree to abide
  248. by the following terms of use: You agree that you may use this Data only
  249. for lawful purposes and that under no circumstances will you use this Data
  250. to: (1) allow, enable, or otherwise support the transmission of mass
  251. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  252. or facsimile; or (2) enable high volume, automated, electronic processes
  253. that apply to VeriSign (or its computer systems). The compilation,
  254. repackaging, dissemination or other use of this Data is expressly
  255. prohibited without the prior written consent of VeriSign. You agree not to
  256. use electronic processes that are automated and high-volume to access or
  257. query the Whois database except as reasonably necessary to register
  258. domain names or modify existing registrations. VeriSign reserves the right
  259. to restrict your access to the Whois database in its sole discretion to ensure
  260. operational stability.  VeriSign may restrict or terminate your access to the
  261. Whois database for failure to abide by these terms of use. VeriSign
  262. reserves the right to modify these terms at any time.
  263.  
  264. The Registry database contains ONLY .COM, .NET, .EDU domains and
  265. Registrars.
  266.  
  267. Gathered Netcraft information for fascistforge.com
  268. ---------------------------------------------------------------------------------------------------------------------------------------
  269.  
  270. Retrieving Netcraft.com information for fascistforge.com
  271. Netcraft.com Information gathered
  272.  
  273. Gathered Subdomain information for fascistforge.com
  274. ---------------------------------------------------------------------------------------------------------------------------------------
  275. Searching Google.com:80...
  276. Searching Altavista.com:80...
  277. Found 0 possible subdomain(s) for host fascistforge.com, Searched 0 pages containing 0 results
  278.  
  279. Gathered E-Mail information for fascistforge.com
  280. ---------------------------------------------------------------------------------------------------------------------------------------
  281. Searching Google.com:80...
  282. Searching Altavista.com:80...
  283. Found 0 E-Mail(s) for host fascistforge.com, Searched 0 pages containing 0 results
  284.  
  285. Gathered TCP Port information for 195.54.163.187
  286. ---------------------------------------------------------------------------------------------------------------------------------------
  287.  
  288.  Port       State
  289.  
  290. 22/tcp      open
  291. 80/tcp      open
  292. 111/tcp     open
  293.  
  294. Portscan Finished: Scanned 150 ports, 142 ports were in state closed
  295. #######################################################################################################################################
  296. [i] Scanning Site: http://fascistforge.com
  297.  
  298.  
  299.  
  300. B A S I C   I N F O
  301. =======================================================================================================================================
  302.  
  303.  
  304. [+] Site Title: Fascist Forge
  305. [+] IP address: 195.54.163.187
  306. [+] Web Server: Could Not Detect
  307. [+] CMS: Could Not Detect
  308. [+] Cloudflare: Not Detected
  309. [+] Robots File: Found
  310.  
  311. -------------[ contents ]----------------  
  312. User-agent: *
  313. Crawl-delay: 10
  314. Disallow: /admin/*
  315.  
  316.  
  317. -----------[end of contents]-------------
  318.  
  319.  
  320.  
  321. W H O I S   L O O K U P
  322. =======================================================================================================================================
  323.  
  324.        Domain Name: FASCISTFORGE.COM
  325.    Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  326.    Registrar WHOIS Server: whois.hostinger.com
  327.    Registrar URL: http://www.hostinger.com
  328.    Updated Date: 2019-03-09T04:21:18Z
  329.    Creation Date: 2019-03-09T04:21:18Z
  330.    Registry Expiry Date: 2020-03-09T04:21:18Z
  331.    Registrar: Hostinger, UAB
  332.    Registrar IANA ID: 1636
  333.    Registrar Abuse Contact Email: abuse@hostinger.com
  334.    Registrar Abuse Contact Phone: +37064503378
  335.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  336.    Name Server: NS1.HOSTINGER.COM
  337.    Name Server: NS2.HOSTINGER.COM
  338.    Name Server: NS3.HOSTINGER.COM
  339.    Name Server: NS4.HOSTINGER.COM
  340.    DNSSEC: unsigned
  341.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  342. >>> Last update of whois database: 2019-04-02T00:19:52Z <<<
  343.  
  344. For more information on Whois status codes, please visit https://icann.org/epp
  345.  
  346.  
  347.  
  348. The Registry database contains ONLY .COM, .NET, .EDU domains and
  349. Registrars.
  350.  
  351.  
  352.  
  353.  
  354. G E O  I P  L O O K  U P
  355. =======================================================================================================================================
  356.  
  357. [i] IP Address: 195.54.163.187
  358. [i] Country: Ukraine
  359. [i] State:  
  360. [i] City:  
  361. [i] Latitude: 50.45
  362. [i] Longitude: 30.5233
  363.  
  364.  
  365.  
  366.  
  367. H T T P   H E A D E R S
  368. =======================================================================================================================================
  369.  
  370.  
  371. [i]  HTTP/1.1 200 OK
  372. [i]  Date: Tue, 02 Apr 2019 00:20:00 GMT
  373. [i]  X-Powered-By: PHP/7.2.16
  374. [i]  Set-Cookie: ips4_IPSSessionFront=4tm5b1djq0duia0omfs1imgm5m; path=/; HttpOnly
  375. [i]  Expires: Thu, 19 Nov 1981 08:52:00 GMT
  376. [i]  Cache-Control: no-store, no-cache, must-revalidate
  377. [i]  Pragma: no-cache
  378. [i]  X-XSS-Protection: 0
  379. [i]  X-IPS-Cached-Response: Tue, 02 Apr 2019 00:19:53 GMT
  380. [i]  Content-Type: text/html;charset=UTF-8
  381. [i]  Connection: close
  382.  
  383.  
  384.  
  385.  
  386. D N S   L O O K U P
  387. =======================================================================================================================================
  388.  
  389. fascistforge.com.   1792    IN  A   195.54.163.187
  390. fascistforge.com.   21592   IN  NS  ns1.hostinger.com.
  391. fascistforge.com.   21592   IN  NS  ns2.hostinger.com.
  392. fascistforge.com.   21592   IN  NS  ns3.hostinger.com.
  393. fascistforge.com.   21592   IN  NS  ns4.hostinger.com.
  394. fascistforge.com.   21592   IN  SOA ns1.hostinger.com. hostmaster.fascistforge.com. 2019032700 28800 7200 604800 86400
  395. fascistforge.com.   14392   IN  TXT "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
  396. fascistforge.com.   14392   IN  CAA 0 issue "letsencrypt.org"
  397. fascistforge.com.   14392   IN  CAA 0 issuewild "letsencrypt.org"
  398. fascistforge.com.   14392   IN  CAA 0 issue "comodoca.com"
  399. fascistforge.com.   14392   IN  CAA 0 issuewild "comodoca.com"
  400. fascistforge.com.   14392   IN  CAA 0 issue "digicert.com"
  401. fascistforge.com.   14392   IN  CAA 0 issuewild "digicert.com"
  402. fascistforge.com.   14392   IN  CAA 0 issue "globalsign.com"
  403. fascistforge.com.   14392   IN  CAA 0 issuewild "globalsign.com"
  404.  
  405.  
  406.  
  407.  
  408. S U B N E T   C A L C U L A T I O N
  409. =======================================================================================================================================
  410.  
  411. Address       = 195.54.163.187
  412. Network       = 195.54.163.187 / 32
  413. Netmask       = 255.255.255.255
  414. Broadcast     = not needed on Point-to-Point links
  415. Wildcard Mask = 0.0.0.0
  416. Hosts Bits    = 0
  417. Max. Hosts    = 1   (2^0 - 0)
  418. Host Range    = { 195.54.163.187 - 195.54.163.187 }
  419.  
  420.  
  421.  
  422. N M A P   P O R T   S C A N
  423. =======================================================================================================================================
  424.  
  425. Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-02 00:20 UTC
  426. Nmap scan report for fascistforge.com (195.54.163.187)
  427. Host is up (0.12s latency).
  428. rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
  429.  
  430. PORT     STATE  SERVICE
  431. 21/tcp   closed ftp
  432. 22/tcp   open   ssh
  433. 23/tcp   closed telnet
  434. 80/tcp   open   http
  435. 110/tcp  closed pop3
  436. 143/tcp  closed imap
  437. 443/tcp  closed https
  438. 3389/tcp closed ms-wbt-server
  439.  
  440. Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
  441. #######################################################################################################################################
  442. [?] Enter the target: example( http://domain.com )
  443. http://fascistforge.com/
  444. [!] IP Address : 195.54.163.187
  445. [!] fascistforge.com doesn't seem to use a CMS
  446. [+] Honeypot Probabilty: 30%
  447. ---------------------------------------------------------------------------------------------------------------------------------------
  448. [~] Trying to gather whois information for fascistforge.com
  449. [+] Whois information found
  450. [-] Unable to build response, visit https://who.is/whois/fascistforge.com
  451. ---------------------------------------------------------------------------------------------------------------------------------------
  452. PORT     STATE  SERVICE
  453. 21/tcp   closed ftp
  454. 22/tcp   open   ssh
  455. 23/tcp   closed telnet
  456. 80/tcp   open   http
  457. 110/tcp  closed pop3
  458. 143/tcp  closed imap
  459. 443/tcp  closed https
  460. 3389/tcp closed ms-wbt-server
  461. Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds
  462. ---------------------------------------------------------------------------------------------------------------------------------------
  463.  
  464. [+] DNS Records
  465. ns3.hostinger.com. (173.192.183.247) AS36351 SoftLayer Technologies Inc. United States
  466. ns2.hostinger.com. (31.220.23.1) AS47583 Hostinger International Limited United States
  467. ns4.hostinger.com. (31.170.164.249) AS47583 Hostinger International Limited United Kingdom
  468. ns1.hostinger.com. (31.170.163.241) AS47583 Hostinger International Limited United States
  469.  
  470. [+] Host Records (A)
  471. fascistforge.comHTTP: (vps15802ua.hyperhost.name) (195.54.163.187) AS15626 ITL Company Ukraine
  472.  
  473. [+] TXT Records
  474. "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
  475.  
  476. [+] DNS Map: https://dnsdumpster.com/static/map/fascistforge.com.png
  477.  
  478. [>] Initiating 3 intel modules
  479. [>] Loading Alpha module (1/3)
  480. [>] Beta module deployed (2/3)
  481. [>] Gamma module initiated (3/3)
  482.  
  483.  
  484. [+] Emails found:
  485. ---------------------------------------------------------------------------------------------------------------------------------------
  486. pixel-1554164407301267-web-@fascistforge.com
  487. pixel-155416440882891-web-@fascistforge.com
  488.  
  489. [+] Hosts found in search engines:
  490. ---------------------------------------------------------------------------------------------------------------------------------------
  491. [-] Resolving hostnames IPs...
  492. 195.54.163.187:www.fascistforge.com
  493. [+] Virtual hosts:
  494. --------------------------------------------------------------------------------------------------------------------------------------
  495. #######################################################################################################################################
  496. Enter Address Website = fascistforge.com
  497.  
  498. Reversing IP With HackTarget 'fascistforge.com'
  499. ---------------------------------------------------------------------------------------------------------------------------------------
  500.  
  501. [+] vps15802ua.hyperhost.name
  502. #######################################################################################################################################
  503.  
  504. Reverse IP With YouGetSignal 'fascistforge.com'
  505. ---------------------------------------------------------------------------------------------------------------------------------------
  506.  
  507. [*] IP: 195.54.163.187
  508. [*] Domain: fascistforge.com
  509. [*] Total Domains: 1
  510.  
  511. [+] fascistforge.com
  512. #######################################################################################################################################
  513.  
  514. Geo IP Lookup 'fascistforge.com'
  515. ---------------------------------------------------------------------------------------------------------------------------------------
  516.  
  517. [+] IP Address: 195.54.163.187
  518. [+] Country: Ukraine
  519. [+] State:
  520. [+] City:
  521. [+] Latitude: 50.45
  522. [+] Longitude: 30.5233
  523. #######################################################################################################################################
  524.  
  525. Whois 'fascistforge.com'
  526. ---------------------------------------------------------------------------------------------------------------------------------------
  527.  
  528. [+]    Domain Name: FASCISTFORGE.COM
  529. [+]    Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  530. [+]    Registrar WHOIS Server: whois.hostinger.com
  531. [+]    Registrar URL: http://www.hostinger.com
  532. [+]    Updated Date: 2019-03-09T04:21:18Z
  533. [+]    Creation Date: 2019-03-09T04:21:18Z
  534. [+]    Registry Expiry Date: 2020-03-09T04:21:18Z
  535. [+]    Registrar: Hostinger, UAB
  536. [+]    Registrar IANA ID: 1636
  537. [+]    Registrar Abuse Contact Email: abuse@hostinger.com
  538. [+]    Registrar Abuse Contact Phone: +37064503378
  539. [+]    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  540. [+]    Name Server: NS1.HOSTINGER.COM
  541. [+]    Name Server: NS2.HOSTINGER.COM
  542. [+]    Name Server: NS3.HOSTINGER.COM
  543. [+]    Name Server: NS4.HOSTINGER.COM
  544. [+]    DNSSEC: unsigned
  545. [+]    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  546. [+] >>> Last update of whois database: 2019-04-02T00:19:23Z <<<
  547. [+] For more information on Whois status codes, please visit https://icann.org/epp
  548. [+] The Registry database contains ONLY .COM, .NET, .EDU domains and
  549. [+] Registrars.
  550. #######################################################################################################################################
  551.  
  552. Bypass Cloudflare 'fascistforge.com'
  553. ---------------------------------------------------------------------------------------------------------------------------------------
  554.  
  555. [!] CloudFlare Bypass 31.220.23.236 | cpanel.fascistforge.com
  556. [!] CloudFlare Bypass 31.220.23.243 | webmail.fascistforge.com
  557. [!] CloudFlare Bypass 195.54.163.187 | www.fascistforge.com
  558. #######################################################################################################################################
  559.  
  560. DNS Lookup 'fascistforge.com'
  561. ---------------------------------------------------------------------------------------------------------------------------------------
  562.  
  563. [+] fascistforge.com.   1799    IN  A   195.54.163.187
  564. [+] fascistforge.com.   21599   IN  NS  ns1.hostinger.com.
  565. [+] fascistforge.com.   21599   IN  NS  ns2.hostinger.com.
  566. [+] fascistforge.com.   21599   IN  NS  ns3.hostinger.com.
  567. [+] fascistforge.com.   21599   IN  NS  ns4.hostinger.com.
  568. [+] fascistforge.com.   21599   IN  SOA ns1.hostinger.com. hostmaster.fascistforge.com. 2019032700 28800 7200 604800 86400
  569. [+] fascistforge.com.   14399   IN  TXT "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
  570. [+] fascistforge.com.   14399   IN  CAA 0 issue "letsencrypt.org"
  571. [+] fascistforge.com.   14399   IN  CAA 0 issuewild "letsencrypt.org"
  572. [+] fascistforge.com.   14399   IN  CAA 0 issue "comodoca.com"
  573. [+] fascistforge.com.   14399   IN  CAA 0 issuewild "comodoca.com"
  574. [+] fascistforge.com.   14399   IN  CAA 0 issue "digicert.com"
  575. [+] fascistforge.com.   14399   IN  CAA 0 issuewild "digicert.com"
  576. [+] fascistforge.com.   14399   IN  CAA 0 issue "globalsign.com"
  577. [+] fascistforge.com.   14399   IN  CAA 0 issuewild "globalsign.com"
  578. #######################################################################################################################################
  579.  
  580. Show HTTP Header 'fascistforge.com'
  581. ---------------------------------------------------------------------------------------------------------------------------------------
  582.  
  583. [+] HTTP/1.1 200 OK
  584. [+] Date: Tue, 02 Apr 2019 00:19:54 GMT
  585. [+] Server: Apache/2.4.38 (codeit) PHP/7.2.16
  586. [+] X-Powered-By: PHP/7.2.16
  587. [+] Set-Cookie: ips4_IPSSessionFront=q089v0fhp27osb7pnqo1js3h3c; path=/; HttpOnly
  588. [+] Expires: Thu, 19 Nov 1981 08:52:00 GMT
  589. [+] Cache-Control: no-store, no-cache, must-revalidate
  590. [+] Pragma: no-cache
  591. [+] Content-Length: 77827
  592. [+] X-XSS-Protection: 0
  593. [+] Connection: close
  594. [+] Content-Type: text/html;charset=UTF-8
  595. #######################################################################################################################################
  596.  
  597. Port Scan 'fascistforge.com'
  598. ---------------------------------------------------------------------------------------------------------------------------------------
  599.  
  600. Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-02 00:19 UTC
  601. Nmap scan report for fascistforge.com (195.54.163.187)
  602. Host is up (0.12s latency).
  603. rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
  604.  
  605. PORT     STATE  SERVICE
  606. 21/tcp   closed ftp
  607. 22/tcp   open   ssh
  608. 23/tcp   closed telnet
  609. 80/tcp   open   http
  610. 110/tcp  closed pop3
  611. 143/tcp  closed imap
  612. 443/tcp  closed https
  613. 3389/tcp closed ms-wbt-server
  614.  
  615. Nmap done: 1 IP address (1 host up) scanned in 1.01 seconds
  616. #######################################################################################################################################
  617.  
  618. Robot.txt 'fascistforge.com'
  619. ---------------------------------------------------------------------------------------------------------------------------------------
  620.  
  621. User-agent: *
  622. Crawl-delay: 10
  623. Disallow: /admin/*
  624. #######################################################################################################################################
  625.  
  626. Traceroute 'fascistforge.com'
  627. ---------------------------------------------------------------------------------------------------------------------------------------
  628.  
  629. Start: 2019-04-02T00:20:01+0000
  630. HOST: web01                                   Loss%   Snt   Last   Avg  Best  Wrst StDev
  631.   1.|-- 45.79.12.202                             0.0%     3    0.7   0.8   0.7   1.2   0.3
  632.   2.|-- 45.79.12.6                               0.0%     3   23.5   8.6   0.7  23.5  12.9
  633.   3.|-- dls-b22-link.telia.net                   0.0%     3    0.9   2.2   0.9   4.8   2.2
  634.   4.|-- atl-b22-link.telia.net                  33.3%     3   19.8  19.7  19.6  19.8   0.1
  635.   5.|-- ash-bb3-link.telia.net                   0.0%     3  145.4 146.1 145.4 147.0   0.8
  636.   6.|-- prs-bb4-link.telia.net                   0.0%     3  145.0 144.9 144.9 145.0   0.1
  637.   7.|-- ffm-bb4-link.telia.net                   0.0%     3  145.4 145.8 145.4 146.3   0.4
  638.   8.|-- win-bb4-link.telia.net                   0.0%     3  127.3 130.9 127.3 135.0   3.9
  639.   9.|-- kiev-b1-link.telia.net                   0.0%     3  145.3 146.6 145.1 149.3   2.4
  640.  10.|-- eurotrans-ic-315184-kiev-b1.c.telia.net  0.0%     3  166.0 166.2 166.0 166.5   0.3
  641.  11.|-- kh-kv.ett.ua                             0.0%     3  167.5 166.2 165.3 167.5   1.2
  642.  12.|-- itl.ett.ua                               0.0%     3  166.0 166.3 166.0 166.7   0.4
  643.  13.|-- vz103ua.hyperhost.ua                     0.0%     3  171.4 171.5 171.4 171.6   0.1
  644.  14.|-- vps15802ua.hyperhost.name                0.0%     3  152.6 152.8 152.6 152.9   0.2
  645. #######################################################################################################################################
  646.  
  647. Ping 'fascistforge.com'
  648. ---------------------------------------------------------------------------------------------------------------------------------------
  649.  
  650.  
  651. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-04-02 00:20 UTC
  652. SENT (0.0068s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=1] IP [ttl=64 id=54108 iplen=28 ]
  653. RCVD (0.2084s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=1] IP [ttl=51 id=19344 iplen=28 ]
  654. SENT (1.0074s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=2] IP [ttl=64 id=54108 iplen=28 ]
  655. RCVD (1.2284s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=2] IP [ttl=51 id=19345 iplen=28 ]
  656. SENT (2.0093s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=3] IP [ttl=64 id=54108 iplen=28 ]
  657. RCVD (2.2484s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=3] IP [ttl=51 id=19346 iplen=28 ]
  658. SENT (3.0174s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=4] IP [ttl=64 id=54108 iplen=28 ]
  659. RCVD (3.2684s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=4] IP [ttl=51 id=19347 iplen=28 ]
  660.  
  661. Max rtt: 250.953ms | Min rtt: 201.491ms | Avg rtt: 226.336ms
  662. Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
  663. Nping done: 1 IP address pinged in 3.27 seconds
  664. #######################################################################################################################################
  665. ; <<>> DiG 9.11.5-P4-1-Debian <<>> fascistforge.com
  666. ;; global options: +cmd
  667. ;; Got answer:
  668. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14327
  669. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  670.  
  671. ;; OPT PSEUDOSECTION:
  672. ; EDNS: version: 0, flags:; udp: 4096
  673. ;; QUESTION SECTION:
  674. ;fascistforge.com.      IN  A
  675.  
  676. ;; ANSWER SECTION:
  677. fascistforge.com.   386 IN  A   195.54.163.187
  678.  
  679. ;; Query time: 111 msec
  680. ;; SERVER: 185.93.180.131#53(185.93.180.131)
  681. ;; WHEN: lun avr 01 20:43:18 EDT 2019
  682. ;; MSG SIZE  rcvd: 61
  683. #######################################################################################################################################
  684. ; <<>> DiG 9.11.5-P4-1-Debian <<>> +trace fascistforge.com
  685. ;; global options: +cmd
  686. .           82272   IN  NS  h.root-servers.net.
  687. .           82272   IN  NS  g.root-servers.net.
  688. .           82272   IN  NS  d.root-servers.net.
  689. .           82272   IN  NS  f.root-servers.net.
  690. .           82272   IN  NS  i.root-servers.net.
  691. .           82272   IN  NS  j.root-servers.net.
  692. .           82272   IN  NS  c.root-servers.net.
  693. .           82272   IN  NS  m.root-servers.net.
  694. .           82272   IN  NS  b.root-servers.net.
  695. .           82272   IN  NS  k.root-servers.net.
  696. .           82272   IN  NS  a.root-servers.net.
  697. .           82272   IN  NS  e.root-servers.net.
  698. .           82272   IN  NS  l.root-servers.net.
  699. .           82272   IN  RRSIG   NS 8 0 518400 20190414170000 20190401160000 25266 . IvibDHC58rgKJiQdmTUdu9Zh7ImIo1sYMHIj4eTujf9DYSEwYYXfYahP ekE/Yt5BHe0ZLBSt8ekz7xFtHQPs3ozESB0Zj88t9qxDyVcDj7/nEwWZ XwpKQwZQZ+vawFqC6wsP5bQqabEtzGTwggNhDyZt+zRC0r7n0hho3nbU hk15L7t0k6dk6HCKjmQNvyceaOATNd8TyEHSSd21hBS5siOcEi0aGVlC YFp2QeJ2oSiKevou5iPdXN4MvHvNtKy6EAHAQ8wWawpArfCRcX14v596 gl+e6mX2Yl1Kjjx6fSNwf+bRWYmUyP2VjwrKxvgmiuUF0IHAu386M0r3 fA7S2Q==
  700. ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 109 ms
  701.  
  702. com.            172800  IN  NS  f.gtld-servers.net.
  703. com.            172800  IN  NS  b.gtld-servers.net.
  704. com.            172800  IN  NS  e.gtld-servers.net.
  705. com.            172800  IN  NS  l.gtld-servers.net.
  706. com.            172800  IN  NS  k.gtld-servers.net.
  707. com.            172800  IN  NS  j.gtld-servers.net.
  708. com.            172800  IN  NS  g.gtld-servers.net.
  709. com.            172800  IN  NS  a.gtld-servers.net.
  710. com.            172800  IN  NS  c.gtld-servers.net.
  711. com.            172800  IN  NS  d.gtld-servers.net.
  712. com.            172800  IN  NS  h.gtld-servers.net.
  713. com.            172800  IN  NS  m.gtld-servers.net.
  714. com.            172800  IN  NS  i.gtld-servers.net.
  715. com.            86400   IN  DS  30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
  716. com.            86400   IN  RRSIG   DS 8 1 86400 20190414170000 20190401160000 25266 . wOj83xWBYR5p0umWaoFQeERHgdpQXaOTtW/1WvLN30UVoloPCJ2oPXRr iV3RvToNmKavg5mlcOg7KB6ut72Zaa9X02rvo0GQaSEvhbmXNMXUN02Y 6PjSrCMAFbHYGxn0IxvGMuG+f4cYcEbqGxxIfJHfcibeXQoF3oHw/0XU QyaPvb9ldzf929ZQdzbuSL2u6/x5AdSUqB2x7haxefkf+l0zFLcuGvsY Esl8Ntm5ABpQx98njOjSIzM5V/6Z5JSN+4jpDgOGDgL8FoaVAMYnKNiA bpWw8CF1S1cfzwKMHsdVO13YiQepi1Zg9pJRw3JXKIBt6BKVFRbLI2qr BCxSog==
  717. ;; Received 1176 bytes from 192.36.148.17#53(i.root-servers.net) in 121 ms
  718.  
  719. fascistforge.com.   172800  IN  NS  ns1.hostinger.com.
  720. fascistforge.com.   172800  IN  NS  ns2.hostinger.com.
  721. fascistforge.com.   172800  IN  NS  ns3.hostinger.com.
  722. fascistforge.com.   172800  IN  NS  ns4.hostinger.com.
  723. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
  724. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190405044524 20190329033524 16883 com. HA/ggUYURrdcmMM3U2g6O1fxF+8lrJI6rl7b6ze4MgiOCYSLSyXR+/C0 vy/x0UsemheeDRogAkUpewEUEHgBx4Wo5DFFM2CBWGl6FwgaGf+E4lFx pL8WakSo+YWf6YGcS5XiD1X9LhZnmZwg63u4JQ6g+N+zzphebLcPLDsa Dp0=
  725. 9JFATH1PLND0LVAKU91FEI60GKK0US84.com. 86400 IN NSEC3 1 1 0 - 9JFCSADK2EB9EQBK6KOL9UMNQ125R4IV NS DS RRSIG
  726. 9JFATH1PLND0LVAKU91FEI60GKK0US84.com. 86400 IN RRSIG NSEC3 8 2 86400 20190405042404 20190329031404 16883 com. jaj5lBC0n73T9+g8HAmBr70PAdAAHEFrnOxP7H3kPg1A92kUkVC6IXOj zFiN7wYG0dFVTdM9Xn3TuJ6rMgpwZ1wUfC6cvshGoKX4f2RvfuVuvCzz Z1udqJGla4XYvWz63lN0InKQoX0neT9TPT2/BTc4jEiib+OAPI5cbelJ 7i8=
  727. ;; Received 676 bytes from 192.54.112.30#53(h.gtld-servers.net) in 207 ms
  728.  
  729. fascistforge.com.   1800    IN  A   195.54.163.187
  730. ;; Received 61 bytes from 31.170.164.249#53(ns4.hostinger.com) in 135 ms
  731. #######################################################################################################################################
  732. [*] Performing General Enumeration of Domain: fascistforge.com
  733. [-] DNSSEC is not configured for fascistforge.com
  734. [*]      SOA ns1.hostinger.com 31.170.163.241
  735. [*]      NS ns1.hostinger.com 31.170.163.241
  736. [*]      Bind Version for 31.170.163.241 PowerDNS Authoritative Server 4.1.5 (built Nov  6 2018 17:54:28 by buildbot@869ed7fab750)
  737. [*]      NS ns3.hostinger.com 173.192.183.247
  738. [*]      Bind Version for 173.192.183.247 PowerDNS Authoritative Server 4.1.5 (built Nov  6 2018 17:54:28 by buildbot@869ed7fab750)
  739. [*]      NS ns2.hostinger.com 31.220.23.1
  740. [*]      NS ns4.hostinger.com 31.170.164.249
  741. [*]      Bind Version for 31.170.164.249 PowerDNS Authoritative Server 4.1.5 (built Nov  6 2018 17:54:28 by buildbot@869ed7fab750)
  742. [-] Could not Resolve MX Records for fascistforge.com
  743. [*]      A fascistforge.com 195.54.163.187
  744. [*]      TXT fascistforge.com v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all
  745. [*] Enumerating SRV Records
  746. [-] No SRV Records Found for fascistforge.com
  747. [+] 0 Records Found
  748. #######################################################################################################################################
  749. [*] Processing domain fascistforge.com
  750. [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
  751. [+] Getting nameservers
  752. 31.170.163.241 - ns1.hostinger.com
  753. 173.192.183.247 - ns3.hostinger.com
  754. 31.220.23.1 - ns2.hostinger.com
  755. 31.170.164.249 - ns4.hostinger.com
  756. [-] Zone transfer failed
  757.  
  758. [+] TXT records found
  759. "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
  760.  
  761. [*] Scanning fascistforge.com for A records
  762. 195.54.163.187 - fascistforge.com                        
  763. 31.220.23.243 - autoconfig.fascistforge.com                
  764. 31.220.23.235 - autoconfig.fascistforge.com
  765. 31.220.23.236 - autoconfig.fascistforge.com
  766. 31.220.23.235 - cpanel.fascistforge.com                            
  767. 31.220.23.243 - cpanel.fascistforge.com
  768. 31.220.23.236 - cpanel.fascistforge.com
  769. 31.220.23.236 - phpmyadmin.fascistforge.com                          
  770. 31.220.23.235 - phpmyadmin.fascistforge.com
  771. 31.220.23.243 - phpmyadmin.fascistforge.com
  772. 31.220.23.243 - webmail.fascistforge.com                    
  773. 31.220.23.236 - webmail.fascistforge.com
  774. 31.220.23.235 - webmail.fascistforge.com
  775. 195.54.163.187 - www.fascistforge.com  
  776. #######################################################################################################################################
  777. Ip Address  Status  Type    Domain Name         Server
  778. ----------  ------  ----    -----------         ------
  779. 31.220.23.243   403     alias   webmail.fascistforge.com    openresty
  780. 31.220.23.243   403 host    clcp.hostinger.com      openresty
  781. 31.220.23.235   403 host    clcp.hostinger.com      openresty
  782. 31.220.23.236   403 host    clcp.hostinger.com      openresty
  783. 195.54.163.187  200     alias   www.fascistforge.com        Apache/2.4.38 (codeit) PHP/7.2.16
  784. 195.54.163.187  200 host    fascistforge.com        Apache/2.4.38 (codeit) PHP/7.2.16
  785. #######################################################################################################################################
  786. [+] Testing domain
  787.     www.fascistforge.com        195.54.163.187    
  788. [+] Dns resolving
  789.        Domain name               Ip address              Name server      
  790.      fascistforge.com          195.54.163.187     vps15802ua.hyperhost.name
  791. Found 1 host(s) for fascistforge.com
  792. [+] Testing wildcard
  793.     Ok, no wildcard found.
  794.  
  795. [+] Scanning for subdomain on fascistforge.com
  796. [!] Wordlist not specified. I scannig with my internal wordlist...
  797.     Estimated time about 160.28 seconds
  798.  
  799.         Subdomain                Ip address              Name server
  800.      
  801.    www.fascistforge.com        195.54.163.187     vps15802ua.hyperhost.name
  802.  
  803. #######################################################################################################################################
  804. dnsenum VERSION:1.2.4
  805.  
  806. -----   fascistforge.com   -----
  807.  
  808.  
  809. Host's addresses:
  810. __________________
  811.  
  812. fascistforge.com.                        1800     IN    A        195.54.163.187
  813.  
  814.  
  815. Name Servers:
  816. ______________
  817.  
  818. ns2.hostinger.com.                       86399    IN    A        31.220.23.1
  819. ns4.hostinger.com.                       86399    IN    A        31.170.164.249
  820. ns1.hostinger.com.                       86399    IN    A        31.170.163.241
  821. ns3.hostinger.com.                       86399    IN    A        173.192.183.247
  822.  
  823.  
  824. Mail (MX) Servers:
  825. ___________________
  826.  
  827.  
  828.  
  829. Trying Zone Transfers and getting Bind Versions:
  830. _________________________________________________
  831.  
  832.  
  833. Trying Zone Transfer for fascistforge.com on ns2.hostinger.com ...
  834.  
  835. Trying Zone Transfer for fascistforge.com on ns4.hostinger.com ...
  836.  
  837. Trying Zone Transfer for fascistforge.com on ns1.hostinger.com ...
  838.  
  839. Trying Zone Transfer for fascistforge.com on ns3.hostinger.com ...
  840.  
  841. brute force file not specified, bay.
  842. #######################################################################################################################################
  843.    Domain Name: FASCISTFORGE.COM
  844.    Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  845.    Registrar WHOIS Server: whois.hostinger.com
  846.    Registrar URL: http://www.hostinger.com
  847.    Updated Date: 2019-03-09T04:21:18Z
  848.    Creation Date: 2019-03-09T04:21:18Z
  849.    Registry Expiry Date: 2020-03-09T04:21:18Z
  850.    Registrar: Hostinger, UAB
  851.    Registrar IANA ID: 1636
  852.    Registrar Abuse Contact Email: abuse@hostinger.com
  853.    Registrar Abuse Contact Phone: +37064503378
  854.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  855.    Name Server: NS1.HOSTINGER.COM
  856.    Name Server: NS2.HOSTINGER.COM
  857.    Name Server: NS3.HOSTINGER.COM
  858.    Name Server: NS4.HOSTINGER.COM
  859.    DNSSEC: unsigned
  860.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  861. >>> Last update of whois database: 2019-04-02T01:42:29Z <<<
  862.  
  863. For more information on Whois status codes, please visit https://icann.org/epp
  864.  
  865. NOTICE: The expiration date displayed in this record is the date the
  866. registrar's sponsorship of the domain name registration in the registry is
  867. currently set to expire. This date does not necessarily reflect the expiration
  868. date of the domain name registrant's agreement with the sponsoring
  869. registrar.  Users may consult the sponsoring registrar's Whois database to
  870. view the registrar's reported date of expiration for this registration.
  871.  
  872. TERMS OF USE: You are not authorized to access or query our Whois
  873. database through the use of electronic processes that are high-volume and
  874. automated except as reasonably necessary to register domain names or
  875. modify existing registrations; the Data in VeriSign Global Registry
  876. Services' ("VeriSign") Whois database is provided by VeriSign for
  877. information purposes only, and to assist persons in obtaining information
  878. about or related to a domain name registration record. VeriSign does not
  879. guarantee its accuracy. By submitting a Whois query, you agree to abide
  880. by the following terms of use: You agree that you may use this Data only
  881. for lawful purposes and that under no circumstances will you use this Data
  882. to: (1) allow, enable, or otherwise support the transmission of mass
  883. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  884. or facsimile; or (2) enable high volume, automated, electronic processes
  885. that apply to VeriSign (or its computer systems). The compilation,
  886. repackaging, dissemination or other use of this Data is expressly
  887. prohibited without the prior written consent of VeriSign. You agree not to
  888. use electronic processes that are automated and high-volume to access or
  889. query the Whois database except as reasonably necessary to register
  890. domain names or modify existing registrations. VeriSign reserves the right
  891. to restrict your access to the Whois database in its sole discretion to ensure
  892. operational stability.  VeriSign may restrict or terminate your access to the
  893. Whois database for failure to abide by these terms of use. VeriSign
  894. reserves the right to modify these terms at any time.
  895.  
  896. The Registry database contains ONLY .COM, .NET, .EDU domains and
  897. Registrars.
  898. Domain Name: FASCISTFORGE.COM
  899. Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
  900. Registrar WHOIS Server: whois.hostinger.com
  901. Registrar URL: https://www.hostinger.com
  902. Updated Date: 2019-03-09T04:21:20Z
  903. Creation Date: 2019-03-09T04:21:18Z
  904. Registrar Registration Expiration Date: 2020-03-09T04:21:18Z
  905. Registrar: Hostinger, UAB
  906. Registrar IANA ID: 1636
  907. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  908. Registry Registrant ID: Not Available From Registry
  909. Registrant Name: Domain Admin
  910. Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
  911. Registrant Street: 10 Corporate Drive  
  912. Registrant City: Burlington
  913. Registrant State/Province: MA
  914. Registrant Postal Code: 01803
  915. Registrant Country: US
  916. Registrant Phone: +1.8022274003
  917. Registrant Phone Ext:
  918. Registrant Fax:
  919. Registrant Fax Ext:
  920. Registrant Email: contact@privacyprotect.org
  921. Registry Admin ID: Not Available From Registry
  922. Admin Name: Domain Admin
  923. Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
  924. Admin Street: 10 Corporate Drive  
  925. Admin City: Burlington
  926. Admin State/Province: MA
  927. Admin Postal Code: 01803
  928. Admin Country: US
  929. Admin Phone: +1.8022274003
  930. Admin Phone Ext:
  931. Admin Fax:
  932. Admin Fax Ext:
  933. Admin Email: contact@privacyprotect.org
  934. Registry Tech ID: Not Available From Registry
  935. Tech Name: Domain Admin
  936. Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
  937. Tech Street: 10 Corporate Drive  
  938. Tech City: Burlington
  939. Tech State/Province: MA
  940. Tech Postal Code: 01803
  941. Tech Country: US
  942. Tech Phone: +1.8022274003
  943. Tech Phone Ext:
  944. Tech Fax:
  945. Tech Fax Ext:
  946. Tech Email: contact@privacyprotect.org
  947. Name Server: ns1.hostinger.com
  948. Name Server: ns2.hostinger.com
  949. Name Server: ns3.hostinger.com
  950. Name Server: ns4.hostinger.com
  951. DNSSEC: Unsigned
  952. Registrar Abuse Contact Email: abuse@hostinger.com
  953. Registrar Abuse Contact Phone: +37064503378
  954. URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
  955. >>> Last update of WHOIS database: 2019-04-02T01:42:47Z <<<
  956.  
  957. For more information on Whois status codes, please visit https://icann.org/epp
  958.  
  959. Registration Service Provided By: HOSTINGER.COM
  960.  
  961. PRIVACYPROTECT.ORG is providing privacy protection services to this domain name to
  962. protect the owner from spam and phishing attacks. PrivacyProtect.org is not
  963. responsible for any of the activities associated with this domain name. If you wish
  964. to report any abuse concerning the usage of this domain name, you may do so at
  965. http://privacyprotect.org/contact. We have a stringent abuse policy and any
  966. complaint will be actioned within a short period of time.
  967.  
  968. The data in this whois database is provided to you for information purposes
  969. only, that is, to assist you in obtaining information about or related to a
  970. domain name registration record. We make this information available "as is",
  971. and do not guarantee its accuracy. By submitting a whois query, you agree
  972. that you will use this data only for lawful purposes and that, under no
  973. circumstances will you use this data to:
  974. (1) enable high volume, automated, electronic processes that stress or load
  975. this whois database system providing you this information; or
  976. (2) allow, enable, or otherwise support the transmission of mass unsolicited,
  977. commercial advertising or solicitations via direct mail, electronic mail, or
  978. by telephone.
  979. The compilation, repackaging, dissemination or other use of this data is
  980. expressly prohibited without prior written consent from us. The Registrar of
  981. record is Hostinger, UAB.
  982. We reserve the right to modify these terms at any time.
  983. By submitting this query, you agree to abide by these terms.
  984. #######################################################################################################################################
  985.  
  986.                  ____        _     _ _     _   _____
  987.                 / ___| _   _| |__ | (_)___| |_|___ / _ __
  988.                 \___ \| | | | '_ \| | / __| __| |_ \| '__|
  989.                  ___) | |_| | |_) | | \__ \ |_ ___) | |
  990.                 |____/ \__,_|_.__/|_|_|___/\__|____/|_|
  991.  
  992.                 # Coded By Ahmed Aboul-Ela - @aboul3la
  993.    
  994. [-] Enumerating subdomains now for fascistforge.com
  995. [-] verbosity is enabled, will show the subdomains results in realtime
  996. [-] Searching now in Baidu..
  997. [-] Searching now in Yahoo..
  998. [-] Searching now in Google..
  999. [-] Searching now in Bing..
  1000. [-] Searching now in Ask..
  1001. [-] Searching now in Netcraft..
  1002. [-] Searching now in DNSdumpster..
  1003. [-] Searching now in Virustotal..
  1004. [-] Searching now in ThreatCrowd..
  1005. [-] Searching now in SSL Certificates..
  1006. [-] Searching now in PassiveDNS..
  1007. SSL Certificates: www.fascistforge.com
  1008. [-] Saving results to file: /usr/share/sniper/loot//domains/domains-fascistforge.com.txt
  1009. [-] Total Unique Subdomains Found: 1
  1010. www.fascistforge.com
  1011. #######################################################################################################################################
  1012. fascistforge.com 195.54.163.187
  1013. www.fascistforge.com 195.54.163.187
  1014. webmail.fascistforge.com 31.220.23.236,31.220.23.243,31.220.23.235
  1015. #######################################################################################################################################
  1016. ===============================================
  1017. -=Subfinder v1.1.3 github.com/subfinder/subfinder
  1018. ===============================================
  1019.  
  1020.  
  1021. Running Source: Ask
  1022. Running Source: Archive.is
  1023. Running Source: Baidu
  1024. Running Source: Bing
  1025. Running Source: CertDB
  1026. Running Source: CertificateTransparency
  1027. Running Source: Certspotter
  1028. Running Source: Commoncrawl
  1029. Running Source: Crt.sh
  1030. Running Source: Dnsdb
  1031. Running Source: DNSDumpster
  1032. Running Source: DNSTable
  1033. Running Source: Dogpile
  1034. Running Source: Exalead
  1035. Running Source: Findsubdomains
  1036. Running Source: Googleter
  1037. Running Source: Hackertarget
  1038. Running Source: Ipv4Info
  1039. Running Source: PTRArchive
  1040. Running Source: Sitedossier
  1041. Running Source: Threatcrowd
  1042. Running Source: ThreatMiner
  1043. Running Source: WaybackArchive
  1044. Running Source: Yahoo
  1045.  
  1046. Running enumeration on fascistforge.com
  1047.  
  1048. dnsdb: Unexpected return status 503
  1049.  
  1050. waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.fascistforge.com/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
  1051.  
  1052. dogpile: Get https://www.dogpile.com/search/web?q=fascistforge.com&qsi=1: EOF
  1053.  
  1054. ipv4info: <nil>
  1055.  
  1056.  
  1057. Starting Bruteforcing of fascistforge.com with 9985 words
  1058.  
  1059. Total 8 Unique subdomains found for fascistforge.com
  1060.  
  1061. .fascistforge.com
  1062. autoconfig.fascistforge.com
  1063. cpanel.fascistforge.com
  1064. hostmaster.fascistforge.com
  1065. phpmyadmin.fascistforge.com
  1066. webmail.fascistforge.com
  1067. www.fascistforge.com
  1068. www.fascistforge.com
  1069. #######################################################################################################################################
  1070. [*] Processing domain fascistforge.com
  1071. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
  1072. [+] Getting nameservers
  1073. 31.170.164.249 - ns4.hostinger.com
  1074. 173.192.183.247 - ns3.hostinger.com
  1075. [-] Getting nameservers failed
  1076. [-] Zone transfer failed
  1077.  
  1078. [+] TXT records found
  1079. "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
  1080.  
  1081. [*] Scanning fascistforge.com for A records
  1082. 195.54.163.187 - fascistforge.com
  1083. 31.220.23.243 - webmail.fascistforge.com
  1084. 31.220.23.235 - webmail.fascistforge.com
  1085. 31.220.23.236 - webmail.fascistforge.com
  1086. 195.54.163.187 - www.fascistforge.com
  1087. #######################################################################################################################################
  1088. [*] Found SPF record:
  1089. [*] v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all
  1090. [*] SPF record contains an All item: ~all
  1091. [*] No DMARC record found. Looking for organizational record
  1092. [+] No organizational DMARC record
  1093. [+] Spoofing possible for fascistforge.com!
  1094. #######################################################################################################################################
  1095. Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
  1096. Nmap scan report for fascistforge.com (195.54.163.187)
  1097. Host is up (0.17s latency).
  1098. rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
  1099. Not shown: 467 closed ports, 5 filtered ports
  1100. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  1101. PORT     STATE SERVICE
  1102. 22/tcp   open  ssh
  1103. 80/tcp   open  http
  1104. 111/tcp  open  rpcbind
  1105. 3306/tcp open  mysql
  1106. #######################################################################################################################################
  1107. Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
  1108. Nmap scan report for fascistforge.com (195.54.163.187)
  1109. Host is up (0.13s latency).
  1110. rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
  1111. Not shown: 10 closed ports, 2 filtered ports
  1112. PORT    STATE         SERVICE
  1113. 67/udp  open|filtered dhcps
  1114. 123/udp open|filtered ntp
  1115.  
  1116. Nmap done: 1 IP address (1 host up) scanned in 6.11 seconds
  1117. #######################################################################################################################################
  1118. # general
  1119. (gen) banner: SSH-2.0-OpenSSH_7.4
  1120. (gen) software: OpenSSH 7.4
  1121. (gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
  1122. (gen) compression: enabled (zlib@openssh.com)
  1123.  
  1124. # key exchange algorithms
  1125. (kex) curve25519-sha256                     -- [warn] unknown algorithm
  1126. (kex) curve25519-sha256@libssh.org          -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
  1127. (kex) ecdh-sha2-nistp256                    -- [fail] using weak elliptic curves
  1128.                                             `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
  1129. (kex) ecdh-sha2-nistp384                    -- [fail] using weak elliptic curves
  1130.                                             `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
  1131. (kex) ecdh-sha2-nistp521                    -- [fail] using weak elliptic curves
  1132.                                             `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
  1133. (kex) diffie-hellman-group-exchange-sha256  -- [warn] using custom size modulus (possibly weak)
  1134.                                             `- [info] available since OpenSSH 4.4
  1135. (kex) diffie-hellman-group16-sha512         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
  1136. (kex) diffie-hellman-group18-sha512         -- [info] available since OpenSSH 7.3
  1137. (kex) diffie-hellman-group-exchange-sha1    -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1138.                                             `- [warn] using weak hashing algorithm
  1139.                                             `- [info] available since OpenSSH 2.3.0
  1140. (kex) diffie-hellman-group14-sha256         -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
  1141. (kex) diffie-hellman-group14-sha1           -- [warn] using weak hashing algorithm
  1142.                                             `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
  1143. (kex) diffie-hellman-group1-sha1            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1144.                                             `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
  1145.                                             `- [warn] using small 1024-bit modulus
  1146.                                             `- [warn] using weak hashing algorithm
  1147.                                             `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
  1148.  
  1149. # host-key algorithms
  1150. (key) ssh-rsa                               -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
  1151. (key) rsa-sha2-512                          -- [info] available since OpenSSH 7.2
  1152. (key) rsa-sha2-256                          -- [info] available since OpenSSH 7.2
  1153. (key) ecdsa-sha2-nistp256                   -- [fail] using weak elliptic curves
  1154.                                             `- [warn] using weak random number generator could reveal the key
  1155.                                             `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
  1156. (key) ssh-ed25519                           -- [info] available since OpenSSH 6.5
  1157.  
  1158. # encryption algorithms (ciphers)
  1159. (enc) chacha20-poly1305@openssh.com         -- [info] available since OpenSSH 6.5
  1160.                                             `- [info] default cipher since OpenSSH 6.9.
  1161. (enc) aes128-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
  1162. (enc) aes192-ctr                            -- [info] available since OpenSSH 3.7
  1163. (enc) aes256-ctr                            -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
  1164. (enc) aes128-gcm@openssh.com                -- [info] available since OpenSSH 6.2
  1165. (enc) aes256-gcm@openssh.com                -- [info] available since OpenSSH 6.2
  1166. (enc) aes128-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1167.                                             `- [warn] using weak cipher mode
  1168.                                             `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
  1169. (enc) aes192-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1170.                                             `- [warn] using weak cipher mode
  1171.                                             `- [info] available since OpenSSH 2.3.0
  1172. (enc) aes256-cbc                            -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1173.                                             `- [warn] using weak cipher mode
  1174.                                             `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
  1175. (enc) blowfish-cbc                          -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1176.                                             `- [fail] disabled since Dropbear SSH 0.53
  1177.                                             `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
  1178.                                             `- [warn] using weak cipher mode
  1179.                                             `- [warn] using small 64-bit block size
  1180.                                             `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
  1181. (enc) cast128-cbc                           -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1182.                                             `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
  1183.                                             `- [warn] using weak cipher mode
  1184.                                             `- [warn] using small 64-bit block size
  1185.                                             `- [info] available since OpenSSH 2.1.0
  1186. (enc) 3des-cbc                              -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
  1187.                                             `- [warn] using weak cipher
  1188.                                             `- [warn] using weak cipher mode
  1189.                                             `- [warn] using small 64-bit block size
  1190.                                             `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
  1191.  
  1192. # message authentication code algorithms
  1193. (mac) umac-64-etm@openssh.com               -- [warn] using small 64-bit tag size
  1194.                                             `- [info] available since OpenSSH 6.2
  1195. (mac) umac-128-etm@openssh.com              -- [info] available since OpenSSH 6.2
  1196. (mac) hmac-sha2-256-etm@openssh.com         -- [info] available since OpenSSH 6.2
  1197. (mac) hmac-sha2-512-etm@openssh.com         -- [info] available since OpenSSH 6.2
  1198. (mac) hmac-sha1-etm@openssh.com             -- [warn] using weak hashing algorithm
  1199.                                             `- [info] available since OpenSSH 6.2
  1200. (mac) umac-64@openssh.com                   -- [warn] using encrypt-and-MAC mode
  1201.                                             `- [warn] using small 64-bit tag size
  1202.                                             `- [info] available since OpenSSH 4.7
  1203. (mac) umac-128@openssh.com                  -- [warn] using encrypt-and-MAC mode
  1204.                                             `- [info] available since OpenSSH 6.2
  1205. (mac) hmac-sha2-256                         -- [warn] using encrypt-and-MAC mode
  1206.                                             `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
  1207. (mac) hmac-sha2-512                         -- [warn] using encrypt-and-MAC mode
  1208.                                             `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
  1209. (mac) hmac-sha1                             -- [warn] using encrypt-and-MAC mode
  1210.                                             `- [warn] using weak hashing algorithm
  1211.                                             `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
  1212.  
  1213. # algorithm recommendations (for OpenSSH 7.4)
  1214. (rec) -diffie-hellman-group14-sha1          -- kex algorithm to remove
  1215. (rec) -ecdh-sha2-nistp256                   -- kex algorithm to remove
  1216. (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
  1217. (rec) -diffie-hellman-group1-sha1           -- kex algorithm to remove
  1218. (rec) -diffie-hellman-group-exchange-sha1   -- kex algorithm to remove
  1219. (rec) -ecdh-sha2-nistp521                   -- kex algorithm to remove
  1220. (rec) -ecdh-sha2-nistp384                   -- kex algorithm to remove
  1221. (rec) -ecdsa-sha2-nistp256                  -- key algorithm to remove
  1222. (rec) -blowfish-cbc                         -- enc algorithm to remove
  1223. (rec) -3des-cbc                             -- enc algorithm to remove
  1224. (rec) -aes256-cbc                           -- enc algorithm to remove
  1225. (rec) -cast128-cbc                          -- enc algorithm to remove
  1226. (rec) -aes192-cbc                           -- enc algorithm to remove
  1227. (rec) -aes128-cbc                           -- enc algorithm to remove
  1228. (rec) -hmac-sha2-512                        -- mac algorithm to remove
  1229. (rec) -umac-128@openssh.com                 -- mac algorithm to remove
  1230. (rec) -hmac-sha2-256                        -- mac algorithm to remove
  1231. (rec) -umac-64@openssh.com                  -- mac algorithm to remove
  1232. (rec) -hmac-sha1                            -- mac algorithm to remove
  1233. (rec) -hmac-sha1-etm@openssh.com            -- mac algorithm to remove
  1234. (rec) -umac-64-etm@openssh.com              -- mac algorithm to remove
  1235. #######################################################################################################################################
  1236. Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
  1237. NSE: [ssh-run] Failed to specify credentials and command to run.
  1238. NSE: [ssh-brute] Trying username/password pair: root:root
  1239. NSE: [ssh-brute] Trying username/password pair: admin:admin
  1240. Nmap scan report for fascistforge.com (195.54.163.187)
  1241. Host is up (0.16s latency).
  1242. rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
  1243.  
  1244. PORT   STATE SERVICE VERSION
  1245. 22/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
  1246. | ssh-auth-methods:
  1247. |   Supported authentication methods:
  1248. |     publickey
  1249. |     gssapi-keyex
  1250. |     gssapi-with-mic
  1251. |_    password
  1252. | ssh-hostkey:
  1253. |_  2048 47:fd:ad:6a:0a:16:1e:83:b2:22:34:0d:bf:ce:08:8c (RSA)
  1254. |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
  1255. |_ssh-run: Failed to specify credentials and command to run.
  1256. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1257. Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
  1258. No exact OS matches for host (test conditions non-ideal).
  1259. Network Distance: 17 hops
  1260.  
  1261. TRACEROUTE (using port 22/tcp)
  1262. HOP RTT       ADDRESS
  1263. 1   36.03 ms  10.243.200.1
  1264. 2   36.08 ms  104.245.145.177
  1265. 3   37.09 ms  te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
  1266. 4   35.89 ms  te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
  1267. 5   35.09 ms  te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
  1268. 6   40.83 ms  be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
  1269. 7   113.79 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
  1270. 8   125.76 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
  1271. 9   134.93 ms be2815.ccr41.ham01.atlas.cogentco.com (154.54.38.206)
  1272. 10  143.66 ms be3027.ccr21.prg01.atlas.cogentco.com (130.117.1.206)
  1273. 11  148.02 ms be3045.ccr22.bts01.atlas.cogentco.com (154.54.59.106)
  1274. 12  165.48 ms be2047.rcr22.kbp01.atlas.cogentco.com (154.54.60.206)
  1275. 13  165.13 ms 149.6.190.130
  1276. 14  170.96 ms kh-kv.ett.ua (80.93.127.142)
  1277. 15  176.29 ms itl.ett.ua (80.93.125.182)
  1278. 16  176.63 ms vz103ua.hyperhost.ua (217.12.204.3)
  1279. 17  168.71 ms vps15802ua.hyperhost.name (195.54.163.187)
  1280. #######################################################################################################################################
  1281. USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
  1282. RHOSTS => fascistforge.com
  1283. RHOST => fascistforge.com
  1284. [*] 195.54.163.187:22 - SSH - Using malformed packet technique
  1285. [*] 195.54.163.187:22 - SSH - Starting scan
  1286. [-] 195.54.163.187:22 - SSH - User 'admin' on could not connect
  1287. [-] 195.54.163.187:22 - SSH - User 'administrator' on could not connect
  1288. [-] 195.54.163.187:22 - SSH - User 'anonymous' on could not connect
  1289. [-] 195.54.163.187:22 - SSH - User 'backup' on could not connect
  1290. [-] 195.54.163.187:22 - SSH - User 'bee' on could not connect
  1291. [-] 195.54.163.187:22 - SSH - User 'ftp' on could not connect
  1292. [-] 195.54.163.187:22 - SSH - User 'guest' on could not connect
  1293. [-] 195.54.163.187:22 - SSH - User 'GUEST' on could not connect
  1294. [-] 195.54.163.187:22 - SSH - User 'info' on could not connect
  1295. [-] 195.54.163.187:22 - SSH - User 'mail' on could not connect
  1296. [-] 195.54.163.187:22 - SSH - User 'mailadmin' on could not connect
  1297. [-] 195.54.163.187:22 - SSH - User 'msfadmin' on could not connect
  1298. [-] 195.54.163.187:22 - SSH - User 'mysql' on could not connect
  1299. [-] 195.54.163.187:22 - SSH - User 'nobody' on could not connect
  1300. [-] 195.54.163.187:22 - SSH - User 'oracle' on could not connect
  1301. [-] 195.54.163.187:22 - SSH - User 'owaspbwa' on could not connect
  1302. [-] 195.54.163.187:22 - SSH - User 'postfix' on could not connect
  1303. [-] 195.54.163.187:22 - SSH - User 'postgres' on could not connect
  1304. [-] 195.54.163.187:22 - SSH - User 'private' on could not connect
  1305. [-] 195.54.163.187:22 - SSH - User 'proftpd' on could not connect
  1306. [-] 195.54.163.187:22 - SSH - User 'public' on could not connect
  1307. [-] 195.54.163.187:22 - SSH - User 'root' on could not connect
  1308. [-] 195.54.163.187:22 - SSH - User 'superadmin' on could not connect
  1309. [-] 195.54.163.187:22 - SSH - User 'support' on could not connect
  1310. [-] 195.54.163.187:22 - SSH - User 'sys' on could not connect
  1311. [-] 195.54.163.187:22 - SSH - User 'system' on could not connect
  1312. [-] 195.54.163.187:22 - SSH - User 'systemadmin' on could not connect
  1313. [-] 195.54.163.187:22 - SSH - User 'systemadministrator' on could not connect
  1314. [-] 195.54.163.187:22 - SSH - User 'test' on could not connect
  1315. [-] 195.54.163.187:22 - SSH - User 'tomcat' on could not connect
  1316. [-] 195.54.163.187:22 - SSH - User 'user' on could not connect
  1317. [-] 195.54.163.187:22 - SSH - User 'webmaster' on could not connect
  1318. [-] 195.54.163.187:22 - SSH - User 'www-data' on could not connect
  1319. [-] 195.54.163.187:22 - SSH - User 'Fortimanager_Access' on could not connect
  1320. [*] Scanned 1 of 1 hosts (100% complete)
  1321. [*] Auxiliary module execution completed
  1322. #######################################################################################################################################
  1323. wig - WebApp Information Gatherer
  1324.  
  1325.  
  1326. Scanning http://fascistforge.com...
  1327. ____________________ SITE INFO _____________________
  1328. IP             Title                                
  1329. 195.54.163.187  Fascist Forge                      
  1330.                                                    
  1331. _____________________ VERSION ______________________
  1332. Name           Versions          Type              
  1333. Apache         2.4.38            Platform          
  1334. PHP            7.2.16            Platform          
  1335.                                                    
  1336. ___________________ INTERESTING ____________________
  1337. URL            Note              Type              
  1338. /robots.txt    robots.txt index  Interesting        
  1339.                                                    
  1340. ____________________________________________________
  1341. Time: 2.6 sec  Urls: 841         Fingerprints: 40401
  1342. #######################################################################################################################################
  1343. HTTP/1.1 200 OK
  1344. Date: Tue, 02 Apr 2019 02:12:04 GMT
  1345. X-Powered-By: PHP/7.2.16
  1346. Set-Cookie: ips4_IPSSessionFront=p8232vehbc9h9nitpol8iq0m18; path=/; HttpOnly
  1347. Expires: Thu, 19 Nov 1981 08:52:00 GMT
  1348. Cache-Control: no-store, no-cache, must-revalidate
  1349. Pragma: no-cache
  1350. Content-Encoding: gzip
  1351. Content-Length: 13722
  1352. X-XSS-Protection: 0
  1353. Content-Type: text/html;charset=UTF-8
  1354. Connection: keep-alive
  1355. #######################################################################################################################################
  1356.  PHP 7.2.16
  1357.  X-IPS-Cached-Response: Tue, 02 Apr 2019 02:11:55 GMT
  1358. #######################################################################################################################################
  1359. --------------------------------------------------------
  1360. <<<Yasuo discovered following vulnerable applications>>>
  1361. --------------------------------------------------------
  1362. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1363. |  App Name  |          URL to Application          |                Potential Exploit                 | Username | Password |
  1364. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1365. | phpMyAdmin | http://195.54.163.187:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb |          |          |
  1366. +------------+--------------------------------------+--------------------------------------------------+----------+----------+
  1367. #######################################################################################################################################
  1368. ---------------------------------------------------------------------------------------------------------------------------------------
  1369. + Target IP:          195.54.163.187
  1370. + Target Hostname:    fascistforge.com
  1371. + Target Port:        80
  1372. + Start Time:         2019-04-01 20:27:40 (GMT-4)
  1373. ---------------------------------------------------------------------------------------------------------------------------------------
  1374. + Server: Apache/2.4.38 (codeit) PHP/7.2.16
  1375. + Retrieved x-powered-by header: PHP/7.2.16
  1376. + The anti-clickjacking X-Frame-Options header is not present.
  1377. + X-XSS-Protection header has been set to disable XSS Protection. There is unlikely to be a good reason for this.
  1378. + Uncommon header 'x-ips-cached-response' found, with contents: Tue, 02 Apr 2019 00:27:39 GMT
  1379. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  1380. + "robots.txt" contains 1 entry which should be manually viewed.
  1381. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
  1382. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
  1383. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
  1384. + OSVDB-3092: /system/: This might be interesting...
  1385. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect (timeout): Transport endpoint is not connected
  1386. + Scan terminated:  18 error(s) and 10 item(s) reported on remote host
  1387. + End Time:           2019-04-01 21:21:13 (GMT-4) (3213 seconds)
  1388. --------------------------------------------------------------------------------------------------------------------------------------
  1389. + The anti-clickjacking X-Frame-Options header is not present.
  1390. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  1391. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
  1392. + The site uses SSL and Expect-CT header is not present.
  1393. ---------------------------------------------------------------------------------------------------------------------------------------
  1394. #######################################################################################################################################
  1395.                                        Anonymous JTSEC  #OpDomesticTerrorism Full Recon #8
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top