Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname fascistforge.com ISP ITL LLC
- Continent Europe Flag
- UA
- Country Ukraine Country Code UA
- Region Unknown Local time 02 Apr 2019 03:12 EEST
- City Unknown Postal Code Unknown
- IP Address 195.54.163.187 Latitude 50.45
- Longitude 30.523
- =======================================================================================================================================
- #######################################################################################################################################
- > fascistforge.com
- Server: 185.93.180.131
- Address: 185.93.180.131#53
- Non-authoritative answer:
- Name: fascistforge.com
- Address: 195.54.163.187
- >
- #######################################################################################################################################
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: http://www.hostinger.com
- Updated Date: 2019-03-09T04:21:18Z
- Creation Date: 2019-03-09T04:21:18Z
- Registry Expiry Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.HOSTINGER.COM
- Name Server: NS2.HOSTINGER.COM
- Name Server: NS3.HOSTINGER.COM
- Name Server: NS4.HOSTINGER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-04-02T00:15:20Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: https://www.hostinger.com
- Updated Date: 2019-03-09T04:21:20Z
- Creation Date: 2019-03-09T04:21:18Z
- Registrar Registration Expiration Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID: Not Available From Registry
- Registrant Name: Domain Admin
- Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Registrant Street: 10 Corporate Drive
- Registrant City: Burlington
- Registrant State/Province: MA
- Registrant Postal Code: 01803
- Registrant Country: US
- Registrant Phone: +1.8022274003
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: contact@privacyprotect.org
- Registry Admin ID: Not Available From Registry
- Admin Name: Domain Admin
- Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Admin Street: 10 Corporate Drive
- Admin City: Burlington
- Admin State/Province: MA
- Admin Postal Code: 01803
- Admin Country: US
- Admin Phone: +1.8022274003
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: contact@privacyprotect.org
- Registry Tech ID: Not Available From Registry
- Tech Name: Domain Admin
- Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Tech Street: 10 Corporate Drive
- Tech City: Burlington
- Tech State/Province: MA
- Tech Postal Code: 01803
- Tech Country: US
- Tech Phone: +1.8022274003
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: contact@privacyprotect.org
- Name Server: ns1.hostinger.com
- Name Server: ns2.hostinger.com
- Name Server: ns3.hostinger.com
- Name Server: ns4.hostinger.com
- DNSSEC: Unsigned
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
- #######################################################################################################################################
- HostIP:195.54.163.187
- HostName:fascistforge.com
- Gathered Inet-whois information for 195.54.163.187
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 195.54.162.0 - 195.54.163.255
- netname: SECOM-UA
- country: NL
- org: ORG-PDMP1-RIPE
- admin-c: DMP64-RIPE
- tech-c: GVP4-RIPE
- status: ASSIGNED PI
- mnt-by: RIPE-NCC-END-MNT
- mnt-by: SECOM-UA-MNT
- mnt-routes: ITL-MNT
- mnt-domains: SECOM-UA-MNT
- created: 2010-06-03T14:39:12Z
- last-modified: 2018-10-11T09:16:27Z
- source: RIPE
- sponsoring-org: ORG-ML410-RIPE
- organisation: ORG-PDMP1-RIPE
- org-name: PE Dobrogivskiy Muroslav Petrovich
- remarks: ServerCommunications
- remarks: http://secom.com.ua
- org-type: other
- address: 21009, PB 867, Vinnitsa, Ukraine
- phone: +380443839153
- abuse-c: AR21445-RIPE
- admin-c: DMP5-RIPE
- tech-c: GVP4-RIPE
- mnt-ref: SECOM-UA-MNT
- mnt-ref: SOLTECH-MNT
- mnt-ref: PROWEB-MNT
- mnt-by: SECOM-UA-MNT
- created: 2010-04-06T18:25:38Z
- last-modified: 2018-07-05T12:04:32Z
- source: RIPE # Filtered
- person: Dobrogivskiy Muroslav Petrovich
- address: 21009, Vinnytsia, PO 867
- phone: +38.097.91.56.132
- nic-hdl: DMP64-RIPE
- mnt-by: SECOM-UA-MNT
- created: 2017-06-20T16:39:00Z
- last-modified: 2017-08-08T13:23:02Z
- source: RIPE # Filtered
- person: Goloven'ko V'yacheslav Petrovich
- address: 21009, PB 867, Vinnitsa, Ukraine
- phone: +38.067.746.06.62
- mnt-by: SECOM-UA-MNT
- nic-hdl: GVP4-RIPE
- created: 2010-04-06T18:22:37Z
- last-modified: 2017-06-20T16:49:12Z
- source: RIPE # Filtered
- % Information related to '195.54.163.0/24AS15626'
- route: 195.54.163.0/24
- descr: SECOM-UA
- origin: AS15626
- mnt-by: ITL-MNT
- created: 2016-05-16T18:02:36Z
- last-modified: 2016-05-16T18:02:36Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.93.2 (WAGYU)
- Gathered Inic-whois information for fascistforge.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: http://www.hostinger.com
- Updated Date: 2019-03-09T04:21:18Z
- Creation Date: 2019-03-09T04:21:18Z
- Registry Expiry Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.HOSTINGER.COM
- Name Server: NS2.HOSTINGER.COM
- Name Server: NS3.HOSTINGER.COM
- Name Server: NS4.HOSTINGER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-04-02T00:19:38Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Gathered Netcraft information for fascistforge.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for fascistforge.com
- Netcraft.com Information gathered
- Gathered Subdomain information for fascistforge.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 possible subdomain(s) for host fascistforge.com, Searched 0 pages containing 0 results
- Gathered E-Mail information for fascistforge.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host fascistforge.com, Searched 0 pages containing 0 results
- Gathered TCP Port information for 195.54.163.187
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 22/tcp open
- 80/tcp open
- 111/tcp open
- Portscan Finished: Scanned 150 ports, 142 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://fascistforge.com
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Fascist Forge
- [+] IP address: 195.54.163.187
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Crawl-delay: 10
- Disallow: /admin/*
- -----------[end of contents]-------------
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: http://www.hostinger.com
- Updated Date: 2019-03-09T04:21:18Z
- Creation Date: 2019-03-09T04:21:18Z
- Registry Expiry Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.HOSTINGER.COM
- Name Server: NS2.HOSTINGER.COM
- Name Server: NS3.HOSTINGER.COM
- Name Server: NS4.HOSTINGER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-04-02T00:19:52Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 195.54.163.187
- [i] Country: Ukraine
- [i] State:
- [i] City:
- [i] Latitude: 50.45
- [i] Longitude: 30.5233
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Tue, 02 Apr 2019 00:20:00 GMT
- [i] X-Powered-By: PHP/7.2.16
- [i] Set-Cookie: ips4_IPSSessionFront=4tm5b1djq0duia0omfs1imgm5m; path=/; HttpOnly
- [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [i] Cache-Control: no-store, no-cache, must-revalidate
- [i] Pragma: no-cache
- [i] X-XSS-Protection: 0
- [i] X-IPS-Cached-Response: Tue, 02 Apr 2019 00:19:53 GMT
- [i] Content-Type: text/html;charset=UTF-8
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- fascistforge.com. 1792 IN A 195.54.163.187
- fascistforge.com. 21592 IN NS ns1.hostinger.com.
- fascistforge.com. 21592 IN NS ns2.hostinger.com.
- fascistforge.com. 21592 IN NS ns3.hostinger.com.
- fascistforge.com. 21592 IN NS ns4.hostinger.com.
- fascistforge.com. 21592 IN SOA ns1.hostinger.com. hostmaster.fascistforge.com. 2019032700 28800 7200 604800 86400
- fascistforge.com. 14392 IN TXT "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
- fascistforge.com. 14392 IN CAA 0 issue "letsencrypt.org"
- fascistforge.com. 14392 IN CAA 0 issuewild "letsencrypt.org"
- fascistforge.com. 14392 IN CAA 0 issue "comodoca.com"
- fascistforge.com. 14392 IN CAA 0 issuewild "comodoca.com"
- fascistforge.com. 14392 IN CAA 0 issue "digicert.com"
- fascistforge.com. 14392 IN CAA 0 issuewild "digicert.com"
- fascistforge.com. 14392 IN CAA 0 issue "globalsign.com"
- fascistforge.com. 14392 IN CAA 0 issuewild "globalsign.com"
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 195.54.163.187
- Network = 195.54.163.187 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 195.54.163.187 - 195.54.163.187 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-02 00:20 UTC
- Nmap scan report for fascistforge.com (195.54.163.187)
- Host is up (0.12s latency).
- rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
- PORT STATE SERVICE
- 21/tcp closed ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
- #######################################################################################################################################
- [?] Enter the target: example( http://domain.com )
- http://fascistforge.com/
- [!] IP Address : 195.54.163.187
- [!] fascistforge.com doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for fascistforge.com
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/fascistforge.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp closed ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns3.hostinger.com. (173.192.183.247) AS36351 SoftLayer Technologies Inc. United States
- ns2.hostinger.com. (31.220.23.1) AS47583 Hostinger International Limited United States
- ns4.hostinger.com. (31.170.164.249) AS47583 Hostinger International Limited United Kingdom
- ns1.hostinger.com. (31.170.163.241) AS47583 Hostinger International Limited United States
- [+] Host Records (A)
- fascistforge.comHTTP: (vps15802ua.hyperhost.name) (195.54.163.187) AS15626 ITL Company Ukraine
- [+] TXT Records
- "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
- [+] DNS Map: https://dnsdumpster.com/static/map/fascistforge.com.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- pixel-1554164407301267-web-@fascistforge.com
- pixel-155416440882891-web-@fascistforge.com
- [+] Hosts found in search engines:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [-] Resolving hostnames IPs...
- 195.54.163.187:www.fascistforge.com
- [+] Virtual hosts:
- --------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- Enter Address Website = fascistforge.com
- Reversing IP With HackTarget 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] vps15802ua.hyperhost.name
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [*] IP: 195.54.163.187
- [*] Domain: fascistforge.com
- [*] Total Domains: 1
- [+] fascistforge.com
- #######################################################################################################################################
- Geo IP Lookup 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] IP Address: 195.54.163.187
- [+] Country: Ukraine
- [+] State:
- [+] City:
- [+] Latitude: 50.45
- [+] Longitude: 30.5233
- #######################################################################################################################################
- Whois 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Domain Name: FASCISTFORGE.COM
- [+] Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- [+] Registrar WHOIS Server: whois.hostinger.com
- [+] Registrar URL: http://www.hostinger.com
- [+] Updated Date: 2019-03-09T04:21:18Z
- [+] Creation Date: 2019-03-09T04:21:18Z
- [+] Registry Expiry Date: 2020-03-09T04:21:18Z
- [+] Registrar: Hostinger, UAB
- [+] Registrar IANA ID: 1636
- [+] Registrar Abuse Contact Email: abuse@hostinger.com
- [+] Registrar Abuse Contact Phone: +37064503378
- [+] Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- [+] Name Server: NS1.HOSTINGER.COM
- [+] Name Server: NS2.HOSTINGER.COM
- [+] Name Server: NS3.HOSTINGER.COM
- [+] Name Server: NS4.HOSTINGER.COM
- [+] DNSSEC: unsigned
- [+] URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- [+] >>> Last update of whois database: 2019-04-02T00:19:23Z <<<
- [+] For more information on Whois status codes, please visit https://icann.org/epp
- [+] The Registry database contains ONLY .COM, .NET, .EDU domains and
- [+] Registrars.
- #######################################################################################################################################
- Bypass Cloudflare 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [!] CloudFlare Bypass 31.220.23.236 | cpanel.fascistforge.com
- [!] CloudFlare Bypass 31.220.23.243 | webmail.fascistforge.com
- [!] CloudFlare Bypass 195.54.163.187 | www.fascistforge.com
- #######################################################################################################################################
- DNS Lookup 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] fascistforge.com. 1799 IN A 195.54.163.187
- [+] fascistforge.com. 21599 IN NS ns1.hostinger.com.
- [+] fascistforge.com. 21599 IN NS ns2.hostinger.com.
- [+] fascistforge.com. 21599 IN NS ns3.hostinger.com.
- [+] fascistforge.com. 21599 IN NS ns4.hostinger.com.
- [+] fascistforge.com. 21599 IN SOA ns1.hostinger.com. hostmaster.fascistforge.com. 2019032700 28800 7200 604800 86400
- [+] fascistforge.com. 14399 IN TXT "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
- [+] fascistforge.com. 14399 IN CAA 0 issue "letsencrypt.org"
- [+] fascistforge.com. 14399 IN CAA 0 issuewild "letsencrypt.org"
- [+] fascistforge.com. 14399 IN CAA 0 issue "comodoca.com"
- [+] fascistforge.com. 14399 IN CAA 0 issuewild "comodoca.com"
- [+] fascistforge.com. 14399 IN CAA 0 issue "digicert.com"
- [+] fascistforge.com. 14399 IN CAA 0 issuewild "digicert.com"
- [+] fascistforge.com. 14399 IN CAA 0 issue "globalsign.com"
- [+] fascistforge.com. 14399 IN CAA 0 issuewild "globalsign.com"
- #######################################################################################################################################
- Show HTTP Header 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Date: Tue, 02 Apr 2019 00:19:54 GMT
- [+] Server: Apache/2.4.38 (codeit) PHP/7.2.16
- [+] X-Powered-By: PHP/7.2.16
- [+] Set-Cookie: ips4_IPSSessionFront=q089v0fhp27osb7pnqo1js3h3c; path=/; HttpOnly
- [+] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [+] Cache-Control: no-store, no-cache, must-revalidate
- [+] Pragma: no-cache
- [+] Content-Length: 77827
- [+] X-XSS-Protection: 0
- [+] Connection: close
- [+] Content-Type: text/html;charset=UTF-8
- #######################################################################################################################################
- Port Scan 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-02 00:19 UTC
- Nmap scan report for fascistforge.com (195.54.163.187)
- Host is up (0.12s latency).
- rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
- PORT STATE SERVICE
- 21/tcp closed ftp
- 22/tcp open ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp closed pop3
- 143/tcp closed imap
- 443/tcp closed https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.01 seconds
- #######################################################################################################################################
- Robot.txt 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- User-agent: *
- Crawl-delay: 10
- Disallow: /admin/*
- #######################################################################################################################################
- Traceroute 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-04-02T00:20:01+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.7 0.8 0.7 1.2 0.3
- 2.|-- 45.79.12.6 0.0% 3 23.5 8.6 0.7 23.5 12.9
- 3.|-- dls-b22-link.telia.net 0.0% 3 0.9 2.2 0.9 4.8 2.2
- 4.|-- atl-b22-link.telia.net 33.3% 3 19.8 19.7 19.6 19.8 0.1
- 5.|-- ash-bb3-link.telia.net 0.0% 3 145.4 146.1 145.4 147.0 0.8
- 6.|-- prs-bb4-link.telia.net 0.0% 3 145.0 144.9 144.9 145.0 0.1
- 7.|-- ffm-bb4-link.telia.net 0.0% 3 145.4 145.8 145.4 146.3 0.4
- 8.|-- win-bb4-link.telia.net 0.0% 3 127.3 130.9 127.3 135.0 3.9
- 9.|-- kiev-b1-link.telia.net 0.0% 3 145.3 146.6 145.1 149.3 2.4
- 10.|-- eurotrans-ic-315184-kiev-b1.c.telia.net 0.0% 3 166.0 166.2 166.0 166.5 0.3
- 11.|-- kh-kv.ett.ua 0.0% 3 167.5 166.2 165.3 167.5 1.2
- 12.|-- itl.ett.ua 0.0% 3 166.0 166.3 166.0 166.7 0.4
- 13.|-- vz103ua.hyperhost.ua 0.0% 3 171.4 171.5 171.4 171.6 0.1
- 14.|-- vps15802ua.hyperhost.name 0.0% 3 152.6 152.8 152.6 152.9 0.2
- #######################################################################################################################################
- Ping 'fascistforge.com'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-04-02 00:20 UTC
- SENT (0.0068s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=1] IP [ttl=64 id=54108 iplen=28 ]
- RCVD (0.2084s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=1] IP [ttl=51 id=19344 iplen=28 ]
- SENT (1.0074s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=2] IP [ttl=64 id=54108 iplen=28 ]
- RCVD (1.2284s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=2] IP [ttl=51 id=19345 iplen=28 ]
- SENT (2.0093s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=3] IP [ttl=64 id=54108 iplen=28 ]
- RCVD (2.2484s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=3] IP [ttl=51 id=19346 iplen=28 ]
- SENT (3.0174s) ICMP [104.237.144.6 > 195.54.163.187 Echo request (type=8/code=0) id=55096 seq=4] IP [ttl=64 id=54108 iplen=28 ]
- RCVD (3.2684s) ICMP [195.54.163.187 > 104.237.144.6 Echo reply (type=0/code=0) id=55096 seq=4] IP [ttl=51 id=19347 iplen=28 ]
- Max rtt: 250.953ms | Min rtt: 201.491ms | Avg rtt: 226.336ms
- Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
- Nping done: 1 IP address pinged in 3.27 seconds
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-1-Debian <<>> fascistforge.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14327
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;fascistforge.com. IN A
- ;; ANSWER SECTION:
- fascistforge.com. 386 IN A 195.54.163.187
- ;; Query time: 111 msec
- ;; SERVER: 185.93.180.131#53(185.93.180.131)
- ;; WHEN: lun avr 01 20:43:18 EDT 2019
- ;; MSG SIZE rcvd: 61
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-1-Debian <<>> +trace fascistforge.com
- ;; global options: +cmd
- . 82272 IN NS h.root-servers.net.
- . 82272 IN NS g.root-servers.net.
- . 82272 IN NS d.root-servers.net.
- . 82272 IN NS f.root-servers.net.
- . 82272 IN NS i.root-servers.net.
- . 82272 IN NS j.root-servers.net.
- . 82272 IN NS c.root-servers.net.
- . 82272 IN NS m.root-servers.net.
- . 82272 IN NS b.root-servers.net.
- . 82272 IN NS k.root-servers.net.
- . 82272 IN NS a.root-servers.net.
- . 82272 IN NS e.root-servers.net.
- . 82272 IN NS l.root-servers.net.
- . 82272 IN RRSIG NS 8 0 518400 20190414170000 20190401160000 25266 . IvibDHC58rgKJiQdmTUdu9Zh7ImIo1sYMHIj4eTujf9DYSEwYYXfYahP ekE/Yt5BHe0ZLBSt8ekz7xFtHQPs3ozESB0Zj88t9qxDyVcDj7/nEwWZ XwpKQwZQZ+vawFqC6wsP5bQqabEtzGTwggNhDyZt+zRC0r7n0hho3nbU hk15L7t0k6dk6HCKjmQNvyceaOATNd8TyEHSSd21hBS5siOcEi0aGVlC YFp2QeJ2oSiKevou5iPdXN4MvHvNtKy6EAHAQ8wWawpArfCRcX14v596 gl+e6mX2Yl1Kjjx6fSNwf+bRWYmUyP2VjwrKxvgmiuUF0IHAu386M0r3 fA7S2Q==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 109 ms
- com. 172800 IN NS f.gtld-servers.net.
- com. 172800 IN NS b.gtld-servers.net.
- com. 172800 IN NS e.gtld-servers.net.
- com. 172800 IN NS l.gtld-servers.net.
- com. 172800 IN NS k.gtld-servers.net.
- com. 172800 IN NS j.gtld-servers.net.
- com. 172800 IN NS g.gtld-servers.net.
- com. 172800 IN NS a.gtld-servers.net.
- com. 172800 IN NS c.gtld-servers.net.
- com. 172800 IN NS d.gtld-servers.net.
- com. 172800 IN NS h.gtld-servers.net.
- com. 172800 IN NS m.gtld-servers.net.
- com. 172800 IN NS i.gtld-servers.net.
- com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
- com. 86400 IN RRSIG DS 8 1 86400 20190414170000 20190401160000 25266 . wOj83xWBYR5p0umWaoFQeERHgdpQXaOTtW/1WvLN30UVoloPCJ2oPXRr iV3RvToNmKavg5mlcOg7KB6ut72Zaa9X02rvo0GQaSEvhbmXNMXUN02Y 6PjSrCMAFbHYGxn0IxvGMuG+f4cYcEbqGxxIfJHfcibeXQoF3oHw/0XU QyaPvb9ldzf929ZQdzbuSL2u6/x5AdSUqB2x7haxefkf+l0zFLcuGvsY Esl8Ntm5ABpQx98njOjSIzM5V/6Z5JSN+4jpDgOGDgL8FoaVAMYnKNiA bpWw8CF1S1cfzwKMHsdVO13YiQepi1Zg9pJRw3JXKIBt6BKVFRbLI2qr BCxSog==
- ;; Received 1176 bytes from 192.36.148.17#53(i.root-servers.net) in 121 ms
- fascistforge.com. 172800 IN NS ns1.hostinger.com.
- fascistforge.com. 172800 IN NS ns2.hostinger.com.
- fascistforge.com. 172800 IN NS ns3.hostinger.com.
- fascistforge.com. 172800 IN NS ns4.hostinger.com.
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190405044524 20190329033524 16883 com. HA/ggUYURrdcmMM3U2g6O1fxF+8lrJI6rl7b6ze4MgiOCYSLSyXR+/C0 vy/x0UsemheeDRogAkUpewEUEHgBx4Wo5DFFM2CBWGl6FwgaGf+E4lFx pL8WakSo+YWf6YGcS5XiD1X9LhZnmZwg63u4JQ6g+N+zzphebLcPLDsa Dp0=
- 9JFATH1PLND0LVAKU91FEI60GKK0US84.com. 86400 IN NSEC3 1 1 0 - 9JFCSADK2EB9EQBK6KOL9UMNQ125R4IV NS DS RRSIG
- 9JFATH1PLND0LVAKU91FEI60GKK0US84.com. 86400 IN RRSIG NSEC3 8 2 86400 20190405042404 20190329031404 16883 com. jaj5lBC0n73T9+g8HAmBr70PAdAAHEFrnOxP7H3kPg1A92kUkVC6IXOj zFiN7wYG0dFVTdM9Xn3TuJ6rMgpwZ1wUfC6cvshGoKX4f2RvfuVuvCzz Z1udqJGla4XYvWz63lN0InKQoX0neT9TPT2/BTc4jEiib+OAPI5cbelJ 7i8=
- ;; Received 676 bytes from 192.54.112.30#53(h.gtld-servers.net) in 207 ms
- fascistforge.com. 1800 IN A 195.54.163.187
- ;; Received 61 bytes from 31.170.164.249#53(ns4.hostinger.com) in 135 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: fascistforge.com
- [-] DNSSEC is not configured for fascistforge.com
- [*] SOA ns1.hostinger.com 31.170.163.241
- [*] NS ns1.hostinger.com 31.170.163.241
- [*] Bind Version for 31.170.163.241 PowerDNS Authoritative Server 4.1.5 (built Nov 6 2018 17:54:28 by buildbot@869ed7fab750)
- [*] NS ns3.hostinger.com 173.192.183.247
- [*] Bind Version for 173.192.183.247 PowerDNS Authoritative Server 4.1.5 (built Nov 6 2018 17:54:28 by buildbot@869ed7fab750)
- [*] NS ns2.hostinger.com 31.220.23.1
- [*] NS ns4.hostinger.com 31.170.164.249
- [*] Bind Version for 31.170.164.249 PowerDNS Authoritative Server 4.1.5 (built Nov 6 2018 17:54:28 by buildbot@869ed7fab750)
- [-] Could not Resolve MX Records for fascistforge.com
- [*] A fascistforge.com 195.54.163.187
- [*] TXT fascistforge.com v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for fascistforge.com
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain fascistforge.com
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 31.170.163.241 - ns1.hostinger.com
- 173.192.183.247 - ns3.hostinger.com
- 31.220.23.1 - ns2.hostinger.com
- 31.170.164.249 - ns4.hostinger.com
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
- [*] Scanning fascistforge.com for A records
- 195.54.163.187 - fascistforge.com
- 31.220.23.243 - autoconfig.fascistforge.com
- 31.220.23.235 - autoconfig.fascistforge.com
- 31.220.23.236 - autoconfig.fascistforge.com
- 31.220.23.235 - cpanel.fascistforge.com
- 31.220.23.243 - cpanel.fascistforge.com
- 31.220.23.236 - cpanel.fascistforge.com
- 31.220.23.236 - phpmyadmin.fascistforge.com
- 31.220.23.235 - phpmyadmin.fascistforge.com
- 31.220.23.243 - phpmyadmin.fascistforge.com
- 31.220.23.243 - webmail.fascistforge.com
- 31.220.23.236 - webmail.fascistforge.com
- 31.220.23.235 - webmail.fascistforge.com
- 195.54.163.187 - www.fascistforge.com
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 31.220.23.243 403 alias webmail.fascistforge.com openresty
- 31.220.23.243 403 host clcp.hostinger.com openresty
- 31.220.23.235 403 host clcp.hostinger.com openresty
- 31.220.23.236 403 host clcp.hostinger.com openresty
- 195.54.163.187 200 alias www.fascistforge.com Apache/2.4.38 (codeit) PHP/7.2.16
- 195.54.163.187 200 host fascistforge.com Apache/2.4.38 (codeit) PHP/7.2.16
- #######################################################################################################################################
- [+] Testing domain
- www.fascistforge.com 195.54.163.187
- [+] Dns resolving
- Domain name Ip address Name server
- fascistforge.com 195.54.163.187 vps15802ua.hyperhost.name
- Found 1 host(s) for fascistforge.com
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on fascistforge.com
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 160.28 seconds
- Subdomain Ip address Name server
- www.fascistforge.com 195.54.163.187 vps15802ua.hyperhost.name
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- fascistforge.com -----
- Host's addresses:
- __________________
- fascistforge.com. 1800 IN A 195.54.163.187
- Name Servers:
- ______________
- ns2.hostinger.com. 86399 IN A 31.220.23.1
- ns4.hostinger.com. 86399 IN A 31.170.164.249
- ns1.hostinger.com. 86399 IN A 31.170.163.241
- ns3.hostinger.com. 86399 IN A 173.192.183.247
- Mail (MX) Servers:
- ___________________
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for fascistforge.com on ns2.hostinger.com ...
- Trying Zone Transfer for fascistforge.com on ns4.hostinger.com ...
- Trying Zone Transfer for fascistforge.com on ns1.hostinger.com ...
- Trying Zone Transfer for fascistforge.com on ns3.hostinger.com ...
- brute force file not specified, bay.
- #######################################################################################################################################
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: http://www.hostinger.com
- Updated Date: 2019-03-09T04:21:18Z
- Creation Date: 2019-03-09T04:21:18Z
- Registry Expiry Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.HOSTINGER.COM
- Name Server: NS2.HOSTINGER.COM
- Name Server: NS3.HOSTINGER.COM
- Name Server: NS4.HOSTINGER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-04-02T01:42:29Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Domain Name: FASCISTFORGE.COM
- Registry Domain ID: 2367532161_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.hostinger.com
- Registrar URL: https://www.hostinger.com
- Updated Date: 2019-03-09T04:21:20Z
- Creation Date: 2019-03-09T04:21:18Z
- Registrar Registration Expiration Date: 2020-03-09T04:21:18Z
- Registrar: Hostinger, UAB
- Registrar IANA ID: 1636
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID: Not Available From Registry
- Registrant Name: Domain Admin
- Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Registrant Street: 10 Corporate Drive
- Registrant City: Burlington
- Registrant State/Province: MA
- Registrant Postal Code: 01803
- Registrant Country: US
- Registrant Phone: +1.8022274003
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: contact@privacyprotect.org
- Registry Admin ID: Not Available From Registry
- Admin Name: Domain Admin
- Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Admin Street: 10 Corporate Drive
- Admin City: Burlington
- Admin State/Province: MA
- Admin Postal Code: 01803
- Admin Country: US
- Admin Phone: +1.8022274003
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: contact@privacyprotect.org
- Registry Tech ID: Not Available From Registry
- Tech Name: Domain Admin
- Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
- Tech Street: 10 Corporate Drive
- Tech City: Burlington
- Tech State/Province: MA
- Tech Postal Code: 01803
- Tech Country: US
- Tech Phone: +1.8022274003
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: contact@privacyprotect.org
- Name Server: ns1.hostinger.com
- Name Server: ns2.hostinger.com
- Name Server: ns3.hostinger.com
- Name Server: ns4.hostinger.com
- DNSSEC: Unsigned
- Registrar Abuse Contact Email: abuse@hostinger.com
- Registrar Abuse Contact Phone: +37064503378
- URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
- >>> Last update of WHOIS database: 2019-04-02T01:42:47Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- Registration Service Provided By: HOSTINGER.COM
- PRIVACYPROTECT.ORG is providing privacy protection services to this domain name to
- protect the owner from spam and phishing attacks. PrivacyProtect.org is not
- responsible for any of the activities associated with this domain name. If you wish
- to report any abuse concerning the usage of this domain name, you may do so at
- http://privacyprotect.org/contact. We have a stringent abuse policy and any
- complaint will be actioned within a short period of time.
- The data in this whois database is provided to you for information purposes
- only, that is, to assist you in obtaining information about or related to a
- domain name registration record. We make this information available "as is",
- and do not guarantee its accuracy. By submitting a whois query, you agree
- that you will use this data only for lawful purposes and that, under no
- circumstances will you use this data to:
- (1) enable high volume, automated, electronic processes that stress or load
- this whois database system providing you this information; or
- (2) allow, enable, or otherwise support the transmission of mass unsolicited,
- commercial advertising or solicitations via direct mail, electronic mail, or
- by telephone.
- The compilation, repackaging, dissemination or other use of this data is
- expressly prohibited without prior written consent from us. The Registrar of
- record is Hostinger, UAB.
- We reserve the right to modify these terms at any time.
- By submitting this query, you agree to abide by these terms.
- #######################################################################################################################################
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for fascistforge.com
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- SSL Certificates: www.fascistforge.com
- [-] Saving results to file: /usr/share/sniper/loot//domains/domains-fascistforge.com.txt
- [-] Total Unique Subdomains Found: 1
- www.fascistforge.com
- #######################################################################################################################################
- fascistforge.com 195.54.163.187
- www.fascistforge.com 195.54.163.187
- webmail.fascistforge.com 31.220.23.236,31.220.23.243,31.220.23.235
- #######################################################################################################################################
- ===============================================
- -=Subfinder v1.1.3 github.com/subfinder/subfinder
- ===============================================
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on fascistforge.com
- dnsdb: Unexpected return status 503
- waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.fascistforge.com/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
- dogpile: Get https://www.dogpile.com/search/web?q=fascistforge.com&qsi=1: EOF
- ipv4info: <nil>
- Starting Bruteforcing of fascistforge.com with 9985 words
- Total 8 Unique subdomains found for fascistforge.com
- .fascistforge.com
- autoconfig.fascistforge.com
- cpanel.fascistforge.com
- hostmaster.fascistforge.com
- phpmyadmin.fascistforge.com
- webmail.fascistforge.com
- www.fascistforge.com
- www.fascistforge.com
- #######################################################################################################################################
- [*] Processing domain fascistforge.com
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 31.170.164.249 - ns4.hostinger.com
- 173.192.183.247 - ns3.hostinger.com
- [-] Getting nameservers failed
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
- [*] Scanning fascistforge.com for A records
- 195.54.163.187 - fascistforge.com
- 31.220.23.243 - webmail.fascistforge.com
- 31.220.23.235 - webmail.fascistforge.com
- 31.220.23.236 - webmail.fascistforge.com
- 195.54.163.187 - www.fascistforge.com
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all
- [*] SPF record contains an All item: ~all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for fascistforge.com!
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
- Nmap scan report for fascistforge.com (195.54.163.187)
- Host is up (0.17s latency).
- rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
- Not shown: 467 closed ports, 5 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- 111/tcp open rpcbind
- 3306/tcp open mysql
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
- Nmap scan report for fascistforge.com (195.54.163.187)
- Host is up (0.13s latency).
- rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
- Not shown: 10 closed ports, 2 filtered ports
- PORT STATE SERVICE
- 67/udp open|filtered dhcps
- 123/udp open|filtered ntp
- Nmap done: 1 IP address (1 host up) scanned in 6.11 seconds
- #######################################################################################################################################
- # general
- (gen) banner: SSH-2.0-OpenSSH_7.4
- (gen) software: OpenSSH 7.4
- (gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256 -- [warn] unknown algorithm
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
- (key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- # message authentication code algorithms
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # algorithm recommendations (for OpenSSH 7.4)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-01 21:52 EDT
- NSE: [ssh-run] Failed to specify credentials and command to run.
- NSE: [ssh-brute] Trying username/password pair: root:root
- NSE: [ssh-brute] Trying username/password pair: admin:admin
- Nmap scan report for fascistforge.com (195.54.163.187)
- Host is up (0.16s latency).
- rDNS record for 195.54.163.187: vps15802ua.hyperhost.name
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-auth-methods:
- | Supported authentication methods:
- | publickey
- | gssapi-keyex
- | gssapi-with-mic
- |_ password
- | ssh-hostkey:
- |_ 2048 47:fd:ad:6a:0a:16:1e:83:b2:22:34:0d:bf:ce:08:8c (RSA)
- |_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
- |_ssh-run: Failed to specify credentials and command to run.
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.8 (95%), Linux 2.6.32 - 3.10 (95%), Linux 2.6.32 - 3.13 (95%), Linux 2.6.32 - 3.9 (95%), Linux 3.2 (95%), Linux 2.6.32 - 3.1 (94%), Linux 3.11 (94%), Linux 3.5 (94%), Linux 3.1 (94%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 17 hops
- TRACEROUTE (using port 22/tcp)
- HOP RTT ADDRESS
- 1 36.03 ms 10.243.200.1
- 2 36.08 ms 104.245.145.177
- 3 37.09 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
- 4 35.89 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
- 5 35.09 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
- 6 40.83 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
- 7 113.79 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
- 8 125.76 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
- 9 134.93 ms be2815.ccr41.ham01.atlas.cogentco.com (154.54.38.206)
- 10 143.66 ms be3027.ccr21.prg01.atlas.cogentco.com (130.117.1.206)
- 11 148.02 ms be3045.ccr22.bts01.atlas.cogentco.com (154.54.59.106)
- 12 165.48 ms be2047.rcr22.kbp01.atlas.cogentco.com (154.54.60.206)
- 13 165.13 ms 149.6.190.130
- 14 170.96 ms kh-kv.ett.ua (80.93.127.142)
- 15 176.29 ms itl.ett.ua (80.93.125.182)
- 16 176.63 ms vz103ua.hyperhost.ua (217.12.204.3)
- 17 168.71 ms vps15802ua.hyperhost.name (195.54.163.187)
- #######################################################################################################################################
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => fascistforge.com
- RHOST => fascistforge.com
- [*] 195.54.163.187:22 - SSH - Using malformed packet technique
- [*] 195.54.163.187:22 - SSH - Starting scan
- [-] 195.54.163.187:22 - SSH - User 'admin' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'administrator' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'anonymous' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'backup' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'bee' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'ftp' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'guest' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'GUEST' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'info' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'mail' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'mailadmin' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'msfadmin' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'mysql' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'nobody' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'oracle' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'owaspbwa' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'postfix' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'postgres' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'private' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'proftpd' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'public' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'root' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'superadmin' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'support' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'sys' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'system' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'systemadmin' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'systemadministrator' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'test' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'tomcat' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'user' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'webmaster' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'www-data' on could not connect
- [-] 195.54.163.187:22 - SSH - User 'Fortimanager_Access' on could not connect
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://fascistforge.com...
- ____________________ SITE INFO _____________________
- IP Title
- 195.54.163.187 Fascist Forge
- _____________________ VERSION ______________________
- Name Versions Type
- Apache 2.4.38 Platform
- PHP 7.2.16 Platform
- ___________________ INTERESTING ____________________
- URL Note Type
- /robots.txt robots.txt index Interesting
- ____________________________________________________
- Time: 2.6 sec Urls: 841 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Tue, 02 Apr 2019 02:12:04 GMT
- X-Powered-By: PHP/7.2.16
- Set-Cookie: ips4_IPSSessionFront=p8232vehbc9h9nitpol8iq0m18; path=/; HttpOnly
- Expires: Thu, 19 Nov 1981 08:52:00 GMT
- Cache-Control: no-store, no-cache, must-revalidate
- Pragma: no-cache
- Content-Encoding: gzip
- Content-Length: 13722
- X-XSS-Protection: 0
- Content-Type: text/html;charset=UTF-8
- Connection: keep-alive
- #######################################################################################################################################
- PHP 7.2.16
- X-IPS-Cached-Response: Tue, 02 Apr 2019 02:11:55 GMT
- #######################################################################################################################################
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +------------+--------------------------------------+--------------------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +------------+--------------------------------------+--------------------------------------------------+----------+----------+
- | phpMyAdmin | http://195.54.163.187:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | | |
- +------------+--------------------------------------+--------------------------------------------------+----------+----------+
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 195.54.163.187
- + Target Hostname: fascistforge.com
- + Target Port: 80
- + Start Time: 2019-04-01 20:27:40 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: Apache/2.4.38 (codeit) PHP/7.2.16
- + Retrieved x-powered-by header: PHP/7.2.16
- + The anti-clickjacking X-Frame-Options header is not present.
- + X-XSS-Protection header has been set to disable XSS Protection. There is unlikely to be a good reason for this.
- + Uncommon header 'x-ips-cached-response' found, with contents: Tue, 02 Apr 2019 00:27:39 GMT
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + "robots.txt" contains 1 entry which should be manually viewed.
- + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
- + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
- + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
- + OSVDB-3092: /system/: This might be interesting...
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect (timeout): Transport endpoint is not connected
- + Scan terminated: 18 error(s) and 10 item(s) reported on remote host
- + End Time: 2019-04-01 21:21:13 (GMT-4) (3213 seconds)
- --------------------------------------------------------------------------------------------------------------------------------------
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The site uses SSL and Expect-CT header is not present.
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- Anonymous JTSEC #OpDomesticTerrorism Full Recon #8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement