Anonymous JTSEC #OpDomesticTerrorism Full Recon #1

1. #######################################################################################################################################
2. Nom de l'hôte www.therebel.media FAI Akamai International B.V.
3. Continent Amérique du Nord Drapeau
4. US
5. Pays Etats-Unis d'Amérique Code du pays US
6. Région Inconnu Heure locale 25 Jan 2019 19:23 CST
7. Ville Inconnu Code Postal Inconnu
8. Adresse IP 104.72.70.183 Latitude 37.751
9. Longitude -97.822
10. #######################################################################################################################################
11. > www.therebel.media
12. Server: 27.50.70.139
13. Address: 27.50.70.139#53
14.  
15. Non-authoritative answer:
16. www.therebel.media canonical name = www.therebel.media.edgekey.net.
17. www.therebel.media.edgekey.net canonical name = e15521.e2.akamaiedge.net.
18. Name: e15521.e2.akamaiedge.net
19. Address: 104.72.70.183
20. Name: e15521.e2.akamaiedge.net
21. Address: 104.72.70.116
22. >
23. #######################################################################################################################################
24.  
25. HostIP:23.32.5.54
26. HostName:www.therebel.media
27.  
28. Gathered Inet-whois information for 23.32.5.54
29. ---------------------------------------------------------------------------------------------------------------------------------------
30.  
31.  
32. inetnum: 23.19.64.0 - 23.83.63.255
33. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
34. descr: IPv4 address block not managed by the RIPE NCC
35. remarks: ------------------------------------------------------
36. remarks:
37. remarks: For registration information,
38. remarks: you can consult the following sources:
39. remarks:
40. remarks: IANA
41. remarks: http://www.iana.org/assignments/ipv4-address-space
42. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
43. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
44. remarks:
45. remarks: AFRINIC (Africa)
46. remarks: http://www.afrinic.net/ whois.afrinic.net
47. remarks:
48. remarks: APNIC (Asia Pacific)
49. remarks: http://www.apnic.net/ whois.apnic.net
50. remarks:
51. remarks: ARIN (Northern America)
52. remarks: http://www.arin.net/ whois.arin.net
53. remarks:
54. remarks: LACNIC (Latin America and the Carribean)
55. remarks: http://www.lacnic.net/ whois.lacnic.net
56. remarks:
57. remarks: ------------------------------------------------------
58. country: EU # Country is really world wide
59. admin-c: IANA1-RIPE
60. tech-c: IANA1-RIPE
61. status: ALLOCATED UNSPECIFIED
62. mnt-by: RIPE-NCC-HM-MNT
63. created: 2019-01-07T10:48:01Z
64. last-modified: 2019-01-07T10:48:01Z
65. source: RIPE
66.  
67. role: Internet Assigned Numbers Authority
68. address: see http://www.iana.org.
69. admin-c: IANA1-RIPE
70. tech-c: IANA1-RIPE
71. nic-hdl: IANA1-RIPE
72. remarks: For more information on IANA services
73. remarks: go to IANA web site at http://www.iana.org.
74. mnt-by: RIPE-NCC-MNT
75. created: 1970-01-01T00:00:00Z
76. last-modified: 2001-09-22T09:31:27Z
77. source: RIPE # Filtered
78.  
79. % Information related to '23.32.5.0/24AS16625'
80.  
81. route: 23.32.5.0/24
82. descr: Akamai Technologies
83. origin: AS16625
84. mnt-by: AKAM1-RIPE-MNT
85. created: 2016-12-23T09:50:04Z
86. last-modified: 2018-09-04T18:36:30Z
87. source: RIPE-NONAUTH
88.  
89. % Information related to '23.32.5.0/24AS20940'
90.  
91. route: 23.32.5.0/24
92. descr: Akamai Technologies
93. origin: AS20940
94. mnt-by: AKAM1-RIPE-MNT
95. created: 2016-12-23T09:50:04Z
96. last-modified: 2018-09-04T18:36:29Z
97. source: RIPE-NONAUTH
98.  
99. % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
100.  
101.  
102.  
103. Gathered Inic-whois information for therebel.media
104. ---------------------------------------------------------------------------------------------------------------------------------------
105. Domain Name: therebel.media
106. Registry Domain ID: 7ca2751dcb1647079f81c39e4c4542d0-DONUTS
107. Registrar WHOIS Server: WHOIS.ENOM.COM
108. Registrar URL: http://www.enom.com
109. Updated Date: 2019-01-25T16:25:56Z
110. Creation Date: 2015-02-09T22:44:06Z
111. Registry Expiry Date: 2020-02-09T22:44:06Z
112. Registrar: eNom, LLC
113. Registrar IANA ID: 48
114. Registrar Abuse Contact Email:
115. Registrar Abuse Contact Phone:
116. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
117. Domain Status: renewPeriod https://icann.org/epp#renewPeriod
118. Registry Registrant ID: REDACTED FOR PRIVACY
119. Registrant Name: REDACTED FOR PRIVACY
120. Registrant Organization: Rebel Media
121. Registrant Street: REDACTED FOR PRIVACY
122. Registrant City: REDACTED FOR PRIVACY
123. Registrant State/Province: ON
124. Registrant Postal Code: REDACTED FOR PRIVACY
125. Registrant Country: CA
126. Registrant Phone: REDACTED FOR PRIVACY
127. Registrant Phone Ext: REDACTED FOR PRIVACY
128. Registrant Fax: REDACTED FOR PRIVACY
129. Registrant Fax Ext: REDACTED FOR PRIVACY
130. Registrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to c�ontact t}�oU�9��he Registrant,�ѡg� Admin, or0ԡg� Tech contact of %+@the qOR PRIVACY
131. Registrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
132. Registry Admin ID: REDACTED FOR PRIVACY
133. Admin Name: REDACTED FOR PRIVACY
134. Admin Organization: REDACTED FOR PRIVACY
135. Admin Street: REDACTED FOR PRIVACY
136. Admin City: REDACTED FOR PRIVACY
137. Admin State/Province: REDACTED FOR PRIVACY
138. Admin Postal Code: REDACTED FOR PRIVACY
139. }�oU�9�ountryueried domai+n name.
140. Registry Admin ID: REDACTED FOR PRIVACY
141. Admin Name: REDACTED FOR PRIVACY
142. Admin Organization: REDACTED FOR PRIVACY
143. Admin Street: REDACTED FOR PRIVACY
144. Admin City: REDACTED FOR PRIVACY
145. Admin State/Province: REDACTED FOR PRIVACY
146. Admin Postal Code: REDACTED FOR PRIVACY
147. #######################################################################################################################################
148. [i] Scanning Site: https://www.therebel.media
149.  
150.  
151.  
152. B A S I C I N F O
153. =======================================================================================================================================
154.  
155.  
156. [+] Site Title: The Rebel
157. [+] IP address: 23.32.5.54
158. [+] Web Server: Apache/2.4.7 (Ubuntu)
159. [+] CMS: Could Not Detect
160. [+] Cloudflare: Not Detected
161. [+] Robots File: Found
162.  
163. -------------[ contents ]----------------
164. User-Agent: *
165. Disallow: /admin/
166. Disallow: /utils/
167. Disallow: /forms/
168. Disallow: /users/
169. Sitemap: http://www.therebel.media/sitemap_index.xml
170.  
171. -----------[end of contents]-------------
172.  
173.  
174.  
175. W H O I S L O O K U P
176. ======================================================================================================================================
177.  
178. Domain Name: therebel.media
179. Registry Domain ID: 7ca2751dcb1647079f81c39e4c4542d0-DONUTS
180. Registrar WHOIS Server: WHOIS.ENOM.COM
181. Registrar URL: http://www.enom.com
182. Updated Date: 2019-01-25T16:25:56Z
183. Creation Date: 2015-02-09T22:44:06Z
184. Registry Expiry Date: 2020-02-09T22:44:06Z
185. Registrar: eNom, LLC
186. Registrar IANA ID: 48
187. Registrar Abuse Contact Email:
188. Registrar Abuse Contact Phone:
189. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
190. Domain Status: renewPeriod https://icann.org/epp#renewPeriod
191. Registry Registrant ID: REDACTED FOR PRIVACY
192. Registrant Name: REDACTED FOR PRIVACY
193. Registrant Organization: Rebel Media
194. Registrant Street: REDACTED FOR PRIVACY
195. Registrant City: REDACTED FOR PRIVACY
196. Registrant State/Province: ON
197. Registrant Postal Code: REDACTED FOR PRIVACY
198. Registrant Country: CA
199. Registrant Phone: REDACTED FOR PRIVACY
200. Registrant Phone Ext: REDACTED FOR PRIVACY
201. Registrant Fax: REDACTED FOR PRIVACY
202. Registrant Fax Ext: REDACTED FOR PRIVACY
203. Registrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
204. Registry Admin ID: REDACTED FOR PRIVACY
205. Admin Name: REDACTED FOR PRIVACY
206. Admin Organization: REDACTED FOR PRIVACY
207. Admin Street: REDACTED FOR PRIVACY
208. Admin City: REDACTED FOR PRIVACY
209. Admin State/Province: REDACTED FOR PRIVACY
210. Admin Postal Code: REDACTED FOR PRIVACY
211. Admin Country: REDACTED FOR PRIVACY
212. Admin Phone: REDACTED FOR PRIVACY
213. Admin Phone Ext: REDACTED FOR PRIVACY
214. Admin Fax: REDACTED FOR PRIVACY
215. Admin Fax Ext: REDACTED FOR PRIVACY
216. Admin Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
217. Registry Tech ID: REDACTED FOR PRIVACY
218. Tech Name: REDACTED FOR PRIVACY
219. Tech Organization: REDACTED FOR PRIVACY
220. Tech Street: REDACTED FOR PRIVACY
221. Tech City: REDACTED FOR PRIVACY
222. Tech State/Province: REDACTED FOR PRIVACY
223. Tech Postal Code: REDACTED FOR PRIVACY
224. Tech Country: REDACTED FOR PRIVACY
225. Tech Phone: REDACTED FOR PRIVACY
226. Tech Phone Ext: REDACTED FOR PRIVACY
227. Tech Fax: REDACTED FOR PRIVACY
228. Tech Fax Ext: REDACTED FOR PRIVACY
229. Tech Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
230. Name Server: ns20.nationbuilder.com
231. Name Server: ns21.nationbuilder.com
232. Name Server: ns22.nationbuilder.com
233. Name Server: ns23.nationbuilder.com
234. DNSSEC: unsigned
235. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
236. >>> Last update of WHOIS database: 2019-01-26T05:56:37Z <<<
237.  
238. For more information on Whois status codes, please visit https://icann.org/epp
239.  
240. Terms of Use: Donuts Inc. provides this Whois service for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Donuts does not guarantee its accuracy. Users accessing the Donuts Whois service agree to use the data only for lawful purposes, and under no circumstances may this data be used to: a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the registrar’s own existing customers and b) enable high volume, automated, electronic processes that send queries or data to the systems of Donuts or any ICANN-accredited registrar, except as reasonably necessary to register domain names or modify existing registrations. When using the Donuts Whois service, please consider the following: The Whois service is not a replacement for standard EPP commands to the SRS service. Whois is not considered authoritative for registered domain objects. The Whois service may be scheduled for downtime during production or OT&E maintenance periods. Queries to the Whois services are throttled. If too many queries are received from a single IP address within a specified time, the service will begin to reject further queries for a period of time to prevent disruption of Whois service access. Abuse of the Whois system through data mining is mitigated by detecting and limiting bulk query access from single sources. Where applicable, the presence of a [Non-Public Data] tag indicates that such data is not made publicly available due to applicable data privacy laws or requirements. Should you wish to contact the registrant, please refer to the Whois records available through the registrar URL listed above. Access to non-public data may be provided, upon request, where it can be reasonably confirmed that the requester holds a specific legitimate interest and a proper legal basis for accessing the withheld da
241. ta. Access to this data can be requested by submitting a request via the form found at https://donuts.domains/about/policies/whois-layered-access/ Donuts Inc. reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
242.  
243.  
244.  
245.  
246. G E O I P L O O K U P
247. =======================================================================================================================================
248.  
249. [i] IP Address: 52.216.9.186
250. [i] Country: United States
251. [i] State: Virginia
252. [i] City: Ashburn
253. [i] Latitude: 39.0481
254. [i] Longitude: -77.4728
255.  
256.  
257.  
258.  
259. H T T P H E A D E R S
260. =======================================================================================================================================
261.  
262.  
263. [i] HTTP/1.0 200 OK
264. [i] Access-Control-Allow-Origin: *
265. [i] Access-Control-Request-Method: GET, POST, PUT, DELETE
266. [i] Content-Type: text/html; charset=utf-8
267. [i] ETag: W/"58b96276e2a672938556fab1d8de1670-gzip"
268. [i] Server: Apache/2.4.7 (Ubuntu)
269. [i] Status: 200 OK
270. [i] X-Content-Type-Options: nosniff
271. [i] X-Frame-Options: ALLOWALL
272. [i] X-Middleware-Start: t=1548482201120175
273. [i] X-Powered-By: Phusion Passenger Enterprise 5.0.28
274. [i] X-Rack-Cache: stale, invalid
275. [i] X-Request-Id: 1afa051a-fc91-48fc-9067-d092ca04ecb0
276. [i] X-Runtime: 0.081075
277. [i] X-Served-By: app10
278. [i] Expires: Sat, 26 Jan 2019 05:56:41 GMT
279. [i] Cache-Control: max-age=0, no-cache, no-store
280. [i] Pragma: no-cache
281. [i] Date: Sat, 26 Jan 2019 05:56:41 GMT
282. [i] Connection: close
283. [i] Set-Cookie: _nbuild_nocache=true; path=/; expires=Sun, 26 Jan 2020 05:56:41 -0000
284. [i] Set-Cookie: _nbuild_token=anl7boeN%2F9D%2B4adKuxF7QiRHTXn4XLnPT731wO7yWk8%3D; path=/; secure; HttpOnly
285. [i] Set-Cookie: _nbuild_session=3406b8de9364b522dafa8433bc4038d9; path=/; HttpOnly
286.  
287.  
288.  
289.  
290. D N S L O O K U P
291. =======================================================================================================================================
292.  
293. therebel.media. 4 IN A 52.216.16.170
294. therebel.media. 21599 IN NS ns-1227.awsdns-25.org.
295. therebel.media. 21599 IN NS ns-184.awsdns-23.com.
296. therebel.media. 21599 IN NS ns-2005.awsdns-58.co.uk.
297. therebel.media. 21599 IN NS ns-671.awsdns-19.net.
298. therebel.media. 899 IN SOA ns-2005.awsdns-58.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
299. therebel.media. 299 IN MX 1 aspmx.l.google.com.
300. therebel.media. 299 IN MX 10 alt3.aspmx.l.google.com.
301. therebel.media. 299 IN MX 10 alt4.aspmx.l.google.com.
302. therebel.media. 299 IN MX 5 alt1.aspmx.l.google.com.
303. therebel.media. 299 IN MX 5 alt2.aspmx.l.google.com.
304. therebel.media. 299 IN TXT "MS=ms70016162"
305. therebel.media. 299 IN TXT "v=spf1 a mx include:_spf.google.com include:sendgrid.net ~all"
306.  
307.  
308.  
309.  
310. S U B N E T C A L C U L A T I O N
311. =======================================================================================================================================
312.  
313. Address = 52.216.108.74
314. Network = 52.216.108.74 / 32
315. Netmask = 255.255.255.255
316. Broadcast = not needed on Point-to-Point links
317. Wildcard Mask = 0.0.0.0
318. Hosts Bits = 0
319. Max. Hosts = 1 (2^0 - 0)
320. Host Range = { 52.216.108.74 - 52.216.108.74 }
321.  
322.  
323.  
324. N M A P P O R T S C A N
325. ======================================================================================================================================
326.  
327.  
328. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-26 05:56 UTC
329. Nmap scan report for therebel.media (52.216.96.122)
330. Host is up (0.0073s latency).
331. rDNS record for 52.216.96.122: s3-website-us-east-1.amazonaws.com
332. PORT STATE SERVICE
333. 21/tcp filtered ftp
334. 22/tcp filtered ssh
335. 23/tcp filtered telnet
336. 80/tcp open http
337. 110/tcp filtered pop3
338. 143/tcp filtered imap
339. 443/tcp filtered https
340. 3389/tcp filtered ms-wbt-server
341.  
342. Nmap done: 1 IP address (1 host up) scanned in 1.30 seconds
343.  
344.  
345.  
346. S U B - D O M A I N F I N D E R
347. ======================================================================================================================================
348.  
349.  
350. [i] Total Subdomains Found : 2
351.  
352. [+] Subdomain: gorka.therebel.media
353. [-] IP: 132.148.194.157
354.  
355. [+] Subdomain: mail.therebel.media
356. [-] IP: 198.57.164.126
357. #######################################################################################################################################
358. [?] Enter the target: example( http://domain.com )
359. https://www.therebel.media/
360. [!] IP Address : 23.32.5.54
361. [!] www.therebel.media doesn't seem to use a CMS
362. [+] Honeypot Probabilty: 0%
363. ---------------------------------------------------------------------------------------------------------------------------------------
364. [~] Trying to gather whois information for www.therebel.media
365. [+] Whois information found
366. [-] Unable to build response, visit https://who.is/whois/www.therebel.media
367. ---------------------------------------------------------------------------------------------------------------------------------------
368. PORT STATE SERVICE
369. 21/tcp filtered ftp
370. 22/tcp filtered ssh
371. 23/tcp filtered telnet
372. 80/tcp open http
373. 110/tcp filtered pop3
374. 143/tcp filtered imap
375. 443/tcp open https
376. 3389/tcp filtered ms-wbt-server
377. Nmap done: 1 IP address (1 host up) scanned in 3.04 seconds
378. ---------------------------------------------------------------------------------------------------------------------------------------
379. There was an error getting results
380.  
381. [-] DNS Records
382. [>] Initiating 3 intel modules
383. [>] Loading Alpha module (1/3)
384. [>] Beta module deployed (2/3)
385. [>] Gamma module initiated (3/3)
386.  
387.  
388. [+] Emails found:
389. ---------------------------------------------------------------------------------------------------------------------------------------
390. pixel-1548482755895549-web-@www.therebel.media
391. pixel-154848275910377-web-@www.therebel.media
392. No hosts found
393. [+] Virtual hosts:
394. ---------------------------------------------------------------------------------------------------------------------------------------
395. #######################################################################################################################################
396. ; <<>> DiG 9.11.5-P1-1-Debian <<>> therebel.media
397. ;; global options: +cmd
398. ;; Got answer:
399. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48063
400. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
401.  
402. ;; OPT PSEUDOSECTION:
403. ; EDNS: version: 0, flags:; udp: 4096
404. ;; QUESTION SECTION:
405. ;therebel.media. IN A
406.  
407. ;; ANSWER SECTION:
408. therebel.media. 5 IN A 52.216.238.218
409.  
410. ;; Query time: 405 msec
411. ;; SERVER: 27.50.70.139#53(27.50.70.139)
412. ;; WHEN: sam jan 26 01:27:57 EST 2019
413. ;; MSG SIZE rcvd: 59
414. #######################################################################################################################################
415. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace therebel.media
416. ;; global options: +cmd
417. . 79625 IN NS l.root-servers.net.
418. . 79625 IN NS h.root-servers.net.
419. . 79625 IN NS f.root-servers.net.
420. . 79625 IN NS d.root-servers.net.
421. . 79625 IN NS e.root-servers.net.
422. . 79625 IN NS b.root-servers.net.
423. . 79625 IN NS j.root-servers.net.
424. . 79625 IN NS k.root-servers.net.
425. . 79625 IN NS m.root-servers.net.
426. . 79625 IN NS g.root-servers.net.
427. . 79625 IN NS a.root-servers.net.
428. . 79625 IN NS i.root-servers.net.
429. . 79625 IN NS c.root-servers.net.
430. . 79625 IN RRSIG NS 8 0 518400 20190207230000 20190125220000 16749 . p3HxhmXeyDLC8XOjqrdowF+mSxUguADldqdiGumGbhBgjosU9ps1A8oX eAUtULdme3H+Y+aaVHx9YdNqw7l0UQ8OSM8oM6qgYmjTZAv8Ak2FMkAt BMO/5J0XXh5H2waDUIVIKjs+0uN1h7I9oZKrLjC4eilMLXc11GLUTSp3 EQGzbJlqqMD1fAaXmHUnSz2UAsqVDi32aDtyOmD4VsQy9lvHXlhkqOj5 NX9+YW5dmecyVXweDekreOAykE9tW9U2gCJn3oZrMN+IxVDrTeMxPLZ6 063PIwD9r3Bu2Qcdv3p1k3irdOlLoDO1i4zvSnE2TA71VzY9bnYyCLgA 13GFlA==
431. ;; Received 525 bytes from 27.50.70.139#53(27.50.70.139) in 348 ms
432.  
433. media. 172800 IN NS demand.gamma.aridns.net.au.
434. media. 172800 IN NS demand.beta.aridns.net.au.
435. media. 172800 IN NS demand.alpha.aridns.net.au.
436. media. 172800 IN NS demand.delta.aridns.net.au.
437. media. 86400 IN DS 58966 8 1 D226735F01B6C8722C3B812E10691EF3F40BBCA9
438. media. 86400 IN DS 58966 8 2 93C1569DBDDE5D844CD5A00900535B640FF33CC6C57DE66D76845D1A C0F13CEB
439. media. 86400 IN RRSIG DS 8 1 86400 20190208050000 20190126040000 16749 . hCmvrQuWR8SvfnJgIbkRA4gbo5fgIeSwWqg1p1wyjeyhYNZWuvPzhm5O KXud/qRPZAciAEKhfEQXP52woB2rfHwec6het2S2WiDaGaYGz9fXZg1F 85mT7CqNmBvy9FUnhdhIoBYTuo6+VpbFRjcjvxTXpf3V0IDJSf9pOotz cVGz/rT1FvExDhg0nOnW+jQgxp9xZAhfL5cj/sjHCd+pxYLtMLvCIQWw 7+ruU2C+mLaOaC9NyM+XJZubL1KujTfS/UtvXMaVRX6iSUbXCvsjV7qO L101xshwCcbVIkX0pQUPL9xsbm6XsLyeXmF2zmpCeJJ9GqY64CpgNdr2 I2kRIA==
440. ;; Received 738 bytes from 192.112.36.4#53(g.root-servers.net) in 291 ms
441.  
442. therebel.media. 86400 IN NS ns23.nationbuilder.com.
443. therebel.media. 86400 IN NS ns22.nationbuilder.com.
444. therebel.media. 86400 IN NS ns21.nationbuilder.com.
445. therebel.media. 86400 IN NS ns20.nationbuilder.com.
446. bivhvcs8hu8cnsq6hto8rv18s3uvohbe.media. 86400 IN NSEC3 1 1 1 F7231E27 BJ4BL952KGT0KODU8U9JJQVGFQ2POERQ NS SOA RRSIG DNSKEY NSEC3PARAM TYPE65534
447. bivhvcs8hu8cnsq6hto8rv18s3uvohbe.media. 86400 IN RRSIG NSEC3 8 2 86400 20190221085044 20190122080642 61290 media. FD+xihmSOePxrzxlFiwpMpSfHLcmeIGKtwWRTm4sGnJmNCCEOQbpMLQR 5q3GByRaSuHPx3MQl5/0HDnAp6JaTCDnHou3rz2IGeKq7yZektcymnRE lUmfKk19Ks3RxdW2+pNRgN1e/T71lcA5zLw2hptcY9ISp5obwElXQvU3 iqO3PleVhgOc3bk6S5CUyX5WIKvVHzl5KqidqeYgUZoFWg==
448. bccrpgi937kueg34g4nd91bd4k34oe0j.media. 86400 IN NSEC3 1 1 1 F7231E27 BER58Q3TSUCEKRS18BTLH7O61O31Q322 NS DS RRSIG
449. bccrpgi937kueg34g4nd91bd4k34oe0j.media. 86400 IN RRSIG NSEC3 8 2 86400 20190222123738 20190123123159 61290 media. eToyig60L6bH+aqaBYvHlWv6pyt3Vnx5n4ke3rsPm57LK+xLZjSBPylR n5nQjBw7DIiQhzG2msXy8xzjJEC4VfrNt79g7SRyyKqcX5Vc/aD123+5 8g5UsM0+QwQJv1AhePJ8VJrjwNVxiMunF+CroUqyfZgajwxq7sWhklxC Y04xP1ev7kjaiYQmRPpqyvhGvxnS4vQ7WwIaX2ozYE3Vfg==
450. ;; Received 731 bytes from 2001:dcd:1::7#53(demand.alpha.aridns.net.au) in 89 ms
451.  
452. therebel.media. 5 IN A 52.216.65.42
453. therebel.media. 172800 IN NS ns-1227.awsdns-25.org.
454. therebel.media. 172800 IN NS ns-184.awsdns-23.com.
455. therebel.media. 172800 IN NS ns-2005.awsdns-58.co.uk.
456. therebel.media. 172800 IN NS ns-671.awsdns-19.net.
457. ;; Received 199 bytes from 205.251.194.159#53(ns23.nationbuilder.com) in 404 ms
458. #######################################################################################################################################
459. Traceroute 'www.therebel.media '
460. ---------------------------------------------------------------------------------------------------------------------------------------
461.  
462. Start: 2019-01-26T06:33:06+0000
463. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
464. 1.|-- 45.79.12.202 0.0% 3 0.8 1.0 0.8 1.1 0.1
465. 2.|-- 45.79.12.2 0.0% 3 0.9 0.9 0.5 1.4 0.4
466. 3.|-- 45.79.12.9 0.0% 3 1.4 2.2 1.4 2.9 0.8
467. 4.|-- dls-b22-link.telia.net 0.0% 3 1.9 1.2 0.8 1.9 0.6
468. 5.|-- dls-b21-link.telia.net 0.0% 3 2.2 1.8 1.6 2.2 0.4
469. 6.|-- dls-b23-link.telia.net 0.0% 3 1.5 1.4 1.4 1.5 0.0
470. 7.|-- akamai-ic-341035-dls-b21.c.telia.net 0.0% 3 38.0 37.7 37.1 38.1 0.5
471. 8.|-- ae16.cyrusone-dfw.netarch.akamai.com 0.0% 3 4.1 40.4 2.1 114.9 64.6
472. 9.|-- a23-53-127-32.deploy.static.akamaitechnologies.com 0.0% 3 2.3 2.0 1.8 2.3 0.3
473. #######################################################################################################################################
474. Ip Address Status Type Domain Name Server
475. ---------- ------ ---- ----------- ------
476. 198.57.164.126 200 host mail.therebel.media
477. 23.32.5.72 302 alias uk.therebel.media
478. 23.32.5.72 302 alias uk.therebel.media.edgekey.net
479. 23.32.5.72 302 host e15521.e2.akamaiedge.net
480. 23.32.5.54 302 host e15521.e2.akamaiedge.net
481. 23.32.5.54 302 alias www.therebel.media
482. 23.32.5.54 302 alias www.therebel.media.edgekey.net
483. 23.32.5.54 302 host e15521.e2.akamaiedge.net
484. 23.32.5.72 302 host e15521.e2.akamaiedge.net
485. #######################################################################################################################################
486. [*] Performing General Enumeration of Domain: therebel.media
487. [-] DNSSEC is not configured for therebel.media
488. [*] SOA ns-2005.awsdns-58.co.uk 205.251.199.213
489. [*] NS ns-671.awsdns-19.net 205.251.194.159
490. [*] NS ns-671.awsdns-19.net 2600:9000:5302:9f00::1
491. [*] NS ns-1227.awsdns-25.org 205.251.196.203
492. [*] NS ns-1227.awsdns-25.org 2600:9000:5304:cb00::1
493. [*] NS ns-184.awsdns-23.com 205.251.192.184
494. [*] NS ns-184.awsdns-23.com 2600:9000:5300:b800::1
495. [*] NS ns-2005.awsdns-58.co.uk 205.251.199.213
496. [*] NS ns-2005.awsdns-58.co.uk 2600:9000:5307:d500::1
497. [*] MX alt1.aspmx.l.google.com 74.125.195.26
498. [*] MX alt4.aspmx.l.google.com 173.194.219.26
499. [*] MX alt3.aspmx.l.google.com 74.125.126.27
500. [*] MX aspmx.l.google.com 172.217.194.27
501. [*] MX alt2.aspmx.l.google.com 64.233.179.26
502. [*] MX alt1.aspmx.l.google.com 2607:f8b0:400e:c09::1b
503. [*] MX alt4.aspmx.l.google.com 2607:f8b0:4002:c03::1b
504. [*] MX alt3.aspmx.l.google.com 2607:f8b0:4001:c1d::1a
505. [*] MX aspmx.l.google.com 2404:6800:4003:c04::1a
506. [*] MX alt2.aspmx.l.google.com 2607:f8b0:4003:c09::1b
507. [*] A therebel.media 52.216.139.146
508. [*] TXT therebel.media MS=ms70016162
509. [*] TXT therebel.media v=spf1 a mx include:_spf.google.com include:sendgrid.net ~all
510. [*] Enumerating SRV Records
511. [-] No SRV Records Found for therebel.media
512. [+] 0 Records Found
513. #######################################################################################################################################
514. [*] Processing domain therebel.media
515. [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
516. [+] Getting nameservers
517. 205.251.192.184 - ns-184.awsdns-23.com
518. 205.251.196.203 - ns-1227.awsdns-25.org
519. 205.251.199.213 - ns-2005.awsdns-58.co.uk
520. 205.251.194.159 - ns-671.awsdns-19.net
521. [-] Zone transfer failed
522.  
523. [+] TXT records found
524. "v=spf1 a mx include:_spf.google.com include:sendgrid.net ~all"
525. "MS=ms70016162"
526.  
527. [+] MX records found, added to target list
528. 10 alt4.aspmx.l.google.com.
529. 5 alt1.aspmx.l.google.com.
530. 10 alt3.aspmx.l.google.com.
531. 1 aspmx.l.google.com.
532. 5 alt2.aspmx.l.google.com.
533.  
534. [*] Scanning therebel.media for A records
535. 54.231.48.186 - therebel.media
536. 198.57.164.126 - mail.therebel.media
537. 104.72.70.116 - uk.therebel.media
538. 104.72.70.183 - uk.therebel.media
539. 104.72.70.183 - www.therebel.media
540. 104.72.70.116 - www.therebel.media
541. #######################################################################################################################################
542. =======================================================================================================================================
543. | E-mails:
544. | [+] E-mail Found: tips@therebel.media
545. | [+] E-mail Found: evangelistsofcanada@gmail.com
546. | [+] E-mail Found: arlene.pyle@cbc.ca
547. | [+] E-mail Found: support@therebel.media
548. | [+] E-mail Found: bigmoe60@hotmail.com
549. | [+] E-mail Found: sunera.thobani@ubc.ca
550. | [+] E-mail Found: eitan@therebel.media
551. | [+] E-mail Found: utchison@ofl.ca
552. | [+] E-mail Found: .horationelson@myself.com
553. | [+] E-mail Found: careers@therebel.media
554. | [+] E-mail Found: fiona.conway@cbc.ca
555. | [+] E-mail Found: jack.nagler@cbc.ca
556. | [+] E-mail Found: yan@ofl.ca
557. | [+] E-mail Found: content@therebel.media
558. | [+] E-mail Found: trilliumalden@live.ca
559. | [+] E-mail Found: johnjacox31@gmail.com
560. | [+] E-mail Found: donations@therebel.media
561. | [+] E-mail Found: subscriptions@therebel.media
562. | [+] E-mail Found: donations@therebel.medi
563. | [+] E-mail Found: ombudsman@cbc.ca
564. | [+] E-mail Found: dmurrell@unb.ca
565. | [+] E-mail Found: leader@chp.ca
566. | [+] E-mail Found: pokeeto@outlook.com
567. | [+] E-mail Found: silverbloom04@hotmail.com
568. | [+] E-mail Found: themegaphone@schoolofhardnocks.ca
569. | [+] E-mail Found: oyeyetemple@gmail.com
570. | [+] E-mail Found: mbudsman@cbc.ca
571. | [+] E-mail Found: anda@ofl.ca
572. | [+] E-mail Found: member@therebel.media
573. | [+] E-mail Found: frasbow@live.ca
574. | [+] E-mail Found: tips@therebel.media,
575. | [+] E-mail Found: info@therebel.media
576. | [+] E-mail Found: sos@international.gc.ca
577. | [+] E-mail Found: info@northlands.com
578. | [+] E-mail Found: gmcgregor@ottawacitizen.com
579. | [+] E-mail Found: illuminaticlub0@gmail.com,
580. | [+] E-mail Found: rickz2vp@hotmail.com
581. | [+] E-mail Found: ads@therebel.media
582. | [+] E-mail Found: ay@parl.gc.ca
583. | [+] E-mail Found: reeland@parl.gc.ca
584. | [+] E-mail Found: esther.enkin@cbc.ca
585. | [+] E-mail Found: andrew.leach@ualberta.ca
586. | [+] E-mail Found: legal@therebel.media
587. | [+] E-mail Found: theo@theocaldwell.com
588. | [+] E-mail Found: info@conservative.ca
589. =======================================================================================================================================
590. #######################################################################################################################################
591. [+] Testing domain
592. www.therebel.media 104.72.70.183
593. [+] Dns resolving
594. Domain name Ip address Name server
595. therebel.media 52.216.168.242 s3-website-us-east-1.amazonaws.com
596. Found 1 host(s) for therebel.media
597. [+] Testing wildcard
598. Ok, no wildcard found.
599.  
600. [+] Scanning for subdomain on therebel.media
601. [!] Wordlist not specified. I scannig with my internal wordlist...
602. Estimated time about 169.15 seconds
603.  
604. Subdomain Ip address Name server
605.  
606. mail.therebel.media 198.57.164.126 cpanel.can2000.net
607. uk.therebel.media 104.72.70.183 a104-72-70-183.deploy.static.akamaitechnologies.com
608. www.therebel.media 104.72.70.183 a104-72-70-183.deploy.static.akamaitechnologies.com
609. #######################################################################################################################################
610. ---------------------------------------------------------------------------------------------------------------------------------------
611. + Target IP: 23.32.5.72
612. + Target Hostname: www.therebel.media
613. + Target Port: 443
614. ---------------------------------------------------------------------------------------------------------------------------------------
615. + SSL Info: Subject: /CN=www.therebel.media
616. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
617. Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
618. + Start Time: 2019-01-26 01:04:46 (GMT-5)
619. ---------------------------------------------------------------------------------------------------------------------------------------
620. + Server: Apache/2.4.7 (Ubuntu)
621. + Cookie _nbuild_nocache created without the secure flag
622. + Cookie _nbuild_nocache created without the httponly flag
623. + Cookie _nbuild_session created without the secure flag
624. + Retrieved x-powered-by header: Phusion Passenger Enterprise 5.0.28
625. + Retrieved x-served-by header: app14
626. + Server leaks inodes via ETags, header found with file /, fields: 0xW/daa481fe14f1ea011858713fe8b9d8a2 0xgzip
627. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
628. + Uncommon header 'x-request-id' found, with contents: 16848de0-e197-469e-a4e9-2cfff1effeee
629. + Uncommon header 'access-control-request-method' found, with contents: GET, POST, PUT, DELETE
630. + Uncommon header 'x-runtime' found, with contents: 0.076294
631. + Uncommon header 'x-served-by' found, with contents: app14
632. + Uncommon header 'x-middleware-start' found, with contents: t=1548482691126528
633. + Uncommon header 'x-rack-cache' found, with contents: stale, invalid
634. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
635. + Uncommon header 'x-nb-code' found, with contents: 1007
636. + Entry '/admin/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
637. + "robots.txt" contains 4 entries which should be manually viewed.
638. + Uncommon header 'x-content-digest' found, with contents: da39a3ee5e6b4b0d3255bfef95601890afd80709
639. + Apache/2.4.7 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
640. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error at /var/lib/nikto/plugins/LW2.pm line 5157.
641. at /var/lib/nikto/plugins/LW2.pm line 5157.
642. ; at /var/lib/nikto/plugins/LW2.pm line 5157.
643. + Scan terminated: 20 error(s) and 19 item(s) reported on remote host
644. + End Time: 2019-01-26 01:21:35 (GMT-5) (1009 seconds)
645. ---------------------------------------------------------------------------------------------------------------------------------------
646. #######################################################################################################################################
647. dnsenum VERSION:1.2.4
648.  
649. ----- www.therebel.media -----
650.  
651.  
652. Host's addresses:
653. __________________
654.  
655. e15521.e2.akamaiedge.net. 19 IN A 23.32.5.54
656. e15521.e2.akamaiedge.net. 19 IN A 23.32.5.72
657.  
658.  
659. Name Servers:
660. ______________
661. #######################################################################################################################################
662. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 01:07 EST
663. Nmap scan report for www.therebel.media (23.32.5.54)
664. Host is up (0.34s latency).
665. Other addresses for www.therebel.media (not scanned): 23.32.5.72
666. rDNS record for 23.32.5.54: a23-32-5-54.deploy.static.akamaitechnologies.com
667. Not shown: 471 filtered ports, 3 closed ports
668. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
669. PORT STATE SERVICE
670. 80/tcp open http
671. 443/tcp open https
672. #######################################################################################################################################
673. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 01:08 EST
674. Nmap scan report for www.therebel.media (23.32.5.54)
675. Host is up (0.23s latency).
676. Other addresses for www.therebel.media (not scanned): 23.32.5.72
677. rDNS record for 23.32.5.54: a23-32-5-54.deploy.static.akamaitechnologies.com
678. Not shown: 2 filtered ports
679. PORT STATE SERVICE
680. 53/udp open|filtered domain
681. 67/udp open|filtered dhcps
682. 68/udp open|filtered dhcpc
683. 69/udp open|filtered tftp
684. 88/udp open|filtered kerberos-sec
685. 123/udp open|filtered ntp
686. 139/udp open|filtered netbios-ssn
687. 161/udp open|filtered snmp
688. 162/udp open|filtered snmptrap
689. 389/udp open|filtered ldap
690. 520/udp open|filtered route
691. 2049/udp open|filtered nfs
692. #######################################################################################################################################
693.  
694. ^ ^
695. _ __ _ ____ _ __ _ _ ____
696. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
697. | V V // o // _/ | V V // 0 // 0 // _/
698. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
699. <
700. ...'
701.  
702. WAFW00F - Web Application Firewall Detection Tool
703.  
704. By Sandro Gauci && Wendel G. Henrique
705.  
706. Checking http://www.therebel.media
707. The site http://www.therebel.media is behind a ModSecurity (OWASP CRS)
708. Number of requests: 12
709. #######################################################################################################################################
710. http://www.therebel.media [302 Found] Country[UNITED STATES][US], IP[23.32.5.54], RedirectLocation[https://www.therebel.media/], Ruby-on-Rails, UncommonHeaders[access-control-allow-origin,x-middleware-start,x-nb-code,x-rack-cache,x-request-id,x-served-by], X-Powered-By[Phusion Passenger Enterprise 5.0.28]
711. https://www.therebel.media/ [200 OK] Apache[2.4.7], Cookies[_nbuild_nocache,_nbuild_session,_nbuild_token], Country[UNITED STATES][US], Frame, Google-Analytics[UA-59791339-1], HTML5, HTTPServer[Ubuntu Linux][Apache/2.4.7 (Ubuntu)], HttpOnly[_nbuild_session,_nbuild_token], IP[23.32.5.72], JQuery, Open-Graph-Protocol[article], PoweredBy[NationBuilder], Ruby-on-Rails, Script[text/javascript], Title[The Rebel], UncommonHeaders[access-control-allow-origin,access-control-request-method,x-content-type-options,x-middleware-start,x-rack-cache,x-request-id,x-served-by], X-Frame-Options[ALLOWALL], X-Powered-By[Phusion Passenger Enterprise 5.0.28], X-UA-Compatible[IE=edge]
712. #######################################################################################################################################
713.  
714. wig - WebApp Information Gatherer
715.  
716.  
717. Scanning https://www.therebel.media...
718. _____________________ SITE INFO ______________________
719. IP Title
720. 23.32.5.54 The Rebel
721. 23.32.5.72
722.  
723. ______________________ VERSION _______________________
724. Name Versions Type
725. Apache 2.4.7 Platform
726. Ubuntu 14.04 OS
727.  
728. ____________________ INTERESTING _____________________
729. URL Note Type
730. /robots.txt robots.txt index Interesting
731.  
732. ______________________________________________________
733. Time: 225.9 sec Urls: 788 Fingerprints: 40401
734. #######################################################################################################################################
735. HTTP/1.1 302 Found
736. Access-Control-Allow-Origin: *
737. Content-Type: text/html
738. Location: https://www.therebel.media/
739. Status: 302 Found
740. X-Middleware-Start: t=1548483240817260
741. X-nb-code: 1011
742. X-Powered-By: Phusion Passenger Enterprise 5.0.28
743. X-Rack-Cache: miss
744. X-Request-Id: 4fc76dd9-5208-4b50-a136-351c9f366f43
745. X-Runtime: 0.064512
746. X-Served-By: app13
747. Content-Length: 0
748. Expires: Sat, 26 Jan 2019 06:14:01 GMT
749. Cache-Control: max-age=0, no-cache, no-store
750. Pragma: no-cache
751. Date: Sat, 26 Jan 2019 06:14:01 GMT
752. Connection: keep-alive
753.  
754. HTTP/1.1 302 Found
755. Access-Control-Allow-Origin: *
756. Content-Type: text/html
757. Location: https://www.therebel.media/
758. Status: 302 Found
759. X-Middleware-Start: t=1548483242078938
760. X-nb-code: 1011
761. X-Powered-By: Phusion Passenger Enterprise 5.0.28
762. X-Rack-Cache: miss
763. X-Request-Id: d6acd65f-5621-4430-af8b-e337221656b3
764. X-Runtime: 0.065847
765. X-Served-By: app10
766. Content-Length: 0
767. Expires: Sat, 26 Jan 2019 06:14:02 GMT
768. Cache-Control: max-age=0, no-cache, no-store
769. Pragma: no-cache
770. Date: Sat, 26 Jan 2019 06:14:02 GMT
771. Connection: keep-alive
772.  
773. HTTP/1.1 200 OK
774. Access-Control-Allow-Origin: *
775. Access-Control-Request-Method: GET, POST, PUT, DELETE
776. Content-Type: text/html; charset=utf-8
777. ETag: W/"8a2ce9516071e06dcf13e06163289744"
778. Server: Apache/2.4.7 (Ubuntu)
779. Status: 200 OK
780. X-Content-Type-Options: nosniff
781. X-Frame-Options: ALLOWALL
782. X-Middleware-Start: t=1548483244237211
783. X-Powered-By: Phusion Passenger Enterprise 5.0.28
784. X-Rack-Cache: stale, invalid
785. X-Request-Id: 82919a8e-7a88-46d1-b5b4-e139cd838145
786. X-Runtime: 0.079457
787. X-Served-By: app13
788. Content-Length: 0
789. Expires: Sat, 26 Jan 2019 06:14:04 GMT
790. Cache-Control: max-age=0, no-cache, no-store
791. Pragma: no-cache
792. Date: Sat, 26 Jan 2019 06:14:04 GMT
793. Connection: keep-alive
794. Set-Cookie: _nbuild_nocache=true; path=/; expires=Sun, 26 Jan 2020 06:14:04 -0000
795. Set-Cookie: _nbuild_token=bKK8bXNRkzYxYw%2BzMcAnXz83djWv5SnE5nP2w8FXhS8%3D; path=/; secure; HttpOnly
796. Set-Cookie: _nbuild_session=786ff12cbc6e216a078ee30283be8d26; path=/; HttpOnly
797. #######################################################################################################################################
798.  
799. ^ ^
800. _ __ _ ____ _ __ _ _ ____
801. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
802. | V V // o // _/ | V V // 0 // 0 // _/
803. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
804. <
805. ...'
806.  
807. WAFW00F - Web Application Firewall Detection Tool
808.  
809. By Sandro Gauci && Wendel G. Henrique
810.  
811. Checking https://www.therebel.media
812. The site https://www.therebel.media is behind a ModSecurity (OWASP CRS)
813. Number of requests: 11
814. #######################################################################################################################################
815. https://www.therebel.media [200 OK] Apache[2.4.7], Cookies[_nbuild_nocache,_nbuild_session,_nbuild_token], Country[UNITED STATES][US], Frame, Google-Analytics[UA-59791339-1], HTML5, HTTPServer[Ubuntu Linux][Apache/2.4.7 (Ubuntu)], HttpOnly[_nbuild_session,_nbuild_token], IP[23.32.5.54], JQuery, Open-Graph-Protocol[article], PoweredBy[NationBuilder], Ruby-on-Rails, Script[text/javascript], Title[The Rebel], UncommonHeaders[access-control-allow-origin,access-control-request-method,x-content-type-options,x-middleware-start,x-rack-cache,x-request-id,x-served-by], X-Frame-Options[ALLOWALL], X-Powered-By[Phusion Passenger Enterprise 5.0.28], X-UA-Compatible[IE=edge]
816. #######################################################################################################################################
817.  
818. wig - WebApp Information Gatherer
819.  
820.  
821. Scanning https://www.therebel.media...
822. _____________________ SITE INFO _____________________
823. IP Title
824. 23.32.5.54 The Rebel
825. 23.32.5.72
826.  
827. ______________________ VERSION ______________________
828. Name Versions Type
829. Apache 2.4.7 Platform
830. Ubuntu 14.04 OS
831.  
832. ____________________ INTERESTING ____________________
833. URL Note Type
834. /robots.txt robots.txt index Interesting
835.  
836. _____________________________________________________
837. Time: 19.4 sec Urls: 788 Fingerprints: 40401
838. #######################################################################################################################################
839. HTTP/1.1 200 OK
840. Access-Control-Allow-Origin: *
841. Access-Control-Request-Method: GET, POST, PUT, DELETE
842. Content-Type: text/html; charset=utf-8
843. ETag: W/"531be910ca9751e8ffdc45938717c662"
844. Server: Apache/2.4.7 (Ubuntu)
845. Status: 200 OK
846. X-Content-Type-Options: nosniff
847. X-Frame-Options: ALLOWALL
848. X-Middleware-Start: t=1548483356156277
849. X-Powered-By: Phusion Passenger Enterprise 5.0.28
850. X-Rack-Cache: stale, invalid
851. X-Request-Id: 05836a5e-d771-438d-9408-58a14b899630
852. X-Runtime: 0.094076
853. X-Served-By: app10
854. Content-Length: 0
855. Expires: Sat, 26 Jan 2019 06:15:56 GMT
856. Cache-Control: max-age=0, no-cache, no-store
857. Pragma: no-cache
858. Date: Sat, 26 Jan 2019 06:15:56 GMT
859. Connection: keep-alive
860. Set-Cookie: _nbuild_nocache=true; path=/; expires=Sun, 26 Jan 2020 06:15:56 -0000
861. Set-Cookie: _nbuild_token=LXzcq0eT8jMuRpmtPjZtdsJJ1liOUypGh2I0fJVgyR8%3D; path=/; secure; HttpOnly
862. Set-Cookie: _nbuild_session=d4002cc8d5b4062512a0bc0bbc8614a9; path=/; HttpOnly
863.  
864. HTTP/1.1 200 OK
865. Access-Control-Allow-Origin: *
866. Access-Control-Request-Method: GET, POST, PUT, DELETE
867. Content-Type: text/html; charset=utf-8
868. ETag: W/"2423ff611fe7a26586c8e1dc0549caa0"
869. Server: Apache/2.4.7 (Ubuntu)
870. Status: 200 OK
871. X-Content-Type-Options: nosniff
872. X-Frame-Options: ALLOWALL
873. X-Middleware-Start: t=1548483358631660
874. X-Powered-By: Phusion Passenger Enterprise 5.0.28
875. X-Rack-Cache: stale, invalid
876. X-Request-Id: d805c658-597e-479b-ba7d-2641fe752022
877. X-Runtime: 0.105382
878. X-Served-By: app13
879. Content-Length: 0
880. Expires: Sat, 26 Jan 2019 06:15:58 GMT
881. Cache-Control: max-age=0, no-cache, no-store
882. Pragma: no-cache
883. Date: Sat, 26 Jan 2019 06:15:58 GMT
884. Connection: keep-alive
885. Set-Cookie: _nbuild_nocache=true; path=/; expires=Sun, 26 Jan 2020 06:15:58 -0000
886. Set-Cookie: _nbuild_token=m%2BV0fjJqJSGFGSOgMxVAD%2BegmcnNfhGZ5ULziUPiuT8%3D; path=/; secure; HttpOnly
887. Set-Cookie: _nbuild_session=e909bdd0d279368c437fbfa2033762d9; path=/; HttpOnly
888. #######################################################################################################################################
889. Version: 1.11.12-static
890. OpenSSL 1.0.2-chacha (1.0.2g-dev)
891.  
892. Connected to 104.72.70.116
893.  
894. Testing SSL server www.therebel.media on port 443 using SNI name www.therebel.media
895.  
896. TLS Fallback SCSV:
897. Server supports TLS Fallback SCSV
898.  
899. TLS renegotiation:
900. Secure session renegotiation supported
901.  
902. TLS Compression:
903. Compression disabled
904.  
905. Heartbleed:
906. TLS 1.2 not vulnerable to heartbleed
907. TLS 1.1 not vulnerable to heartbleed
908. TLS 1.0 not vulnerable to heartbleed
909.  
910. Supported Server Cipher(s):
911. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
912. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
913. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
914. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
915. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
916. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
917. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
918. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
919. Accepted TLSv1.2 256 bits AES256-SHA256
920. Accepted TLSv1.2 128 bits AES128-SHA256
921. Accepted TLSv1.2 256 bits AES256-SHA
922. Accepted TLSv1.2 128 bits AES128-SHA
923. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
924. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
925. Accepted TLSv1.1 256 bits AES256-SHA
926. Accepted TLSv1.1 128 bits AES128-SHA
927. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
928. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
929. Accepted TLSv1.0 256 bits AES256-SHA
930. Accepted TLSv1.0 128 bits AES128-SHA
931.  
932. SSL Certificate:
933. Signature Algorithm: sha256WithRSAEncryption
934. RSA Key Strength: 2048
935.  
936. Subject: www.therebel.media
937. Altnames: DNS:australia.therebel.media, DNS:uk.therebel.media, DNS:www.lerebelle.media, DNS:www.marklathamsoutsiders.com, DNS:www.therebel.media
938. Issuer: Let's Encrypt Authority X3
939.  
940. Not valid before: Nov 21 18:06:45 2018 GMT
941. Not valid after: Feb 19 18:06:45 2019 GMT
942. #######################################################################################################################################
943. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:27 EST
944. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
945. Host is up (0.25s latency).
946. Not shown: 470 filtered ports, 4 closed ports
947. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
948. PORT STATE SERVICE
949. 80/tcp open http
950. 443/tcp open https
951. #######################################################################################################################################
952. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:27 EST
953. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
954. Host is up (0.24s latency).
955. Not shown: 2 filtered ports, 1 closed port
956. PORT STATE SERVICE
957. 67/udp open|filtered dhcps
958. 68/udp open|filtered dhcpc
959. 69/udp open|filtered tftp
960. 88/udp open|filtered kerberos-sec
961. 123/udp open|filtered ntp
962. 139/udp open|filtered netbios-ssn
963. 161/udp open|filtered snmp
964. 162/udp open|filtered snmptrap
965. 389/udp open|filtered ldap
966. 520/udp open|filtered route
967. 2049/udp open|filtered nfs
968. #######################################################################################################################################
969. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:27 EST
970. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
971. Host is up (0.13s latency).
972.  
973. PORT STATE SERVICE VERSION
974. 67/udp open|filtered dhcps
975. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
976. Too many fingerprints match this host to give specific OS details
977. Network Distance: 10 hops
978.  
979. TRACEROUTE (using proto 1/icmp)
980. HOP RTT ADDRESS
981. 1 228.44 ms 10.245.200.1
982. 2 228.48 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
983. 3 229.29 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
984. 4 229.32 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
985. 5 229.34 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
986. 6 367.53 ms 4826.hkg.equinix.com (119.27.63.115)
987. 7 343.48 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
988. 8 343.50 ms 114.31.192.39
989. 9 350.52 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
990. 10 343.51 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
991. #######################################################################################################################################
992. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:29 EST
993. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
994. Host is up (0.12s latency).
995.  
996. PORT STATE SERVICE VERSION
997. 68/udp open|filtered dhcpc
998. Too many fingerprints match this host to give specific OS details
999. Network Distance: 10 hops
1000.  
1001. TRACEROUTE (using proto 1/icmp)
1002. HOP RTT ADDRESS
1003. 1 228.61 ms 10.245.200.1
1004. 2 229.49 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1005. 3 229.54 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
1006. 4 229.57 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1007. 5 229.83 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1008. 6 368.16 ms 4826.hkg.equinix.com (119.27.63.115)
1009. 7 344.08 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
1010. 8 365.58 ms 114.31.192.39
1011. 9 346.98 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1012. 10 344.17 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1013. #######################################################################################################################################
1014. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:31 EST
1015. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1016. Host is up (0.12s latency).
1017.  
1018. PORT STATE SERVICE VERSION
1019. 69/udp open|filtered tftp
1020. Too many fingerprints match this host to give specific OS details
1021. Network Distance: 10 hops
1022.  
1023. TRACEROUTE (using proto 1/icmp)
1024. HOP RTT ADDRESS
1025. 1 228.10 ms 10.245.200.1
1026. 2 228.12 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1027. 3 229.22 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
1028. 4 229.24 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1029. 5 229.26 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1030. 6 367.53 ms 4826.hkg.equinix.com (119.27.63.115)
1031. 7 343.20 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
1032. 8 344.14 ms 114.31.192.39
1033. 9 344.51 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1034. 10 343.21 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1035. #######################################################################################################################################
1036. ^ ^
1037. _ __ _ ____ _ __ _ _ ____
1038. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1039. | V V // o // _/ | V V // 0 // 0 // _/
1040. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1041. <
1042. ...'
1043.  
1044. WAFW00F - Web Application Firewall Detection Tool
1045.  
1046. By Sandro Gauci && Wendel G. Henrique
1047.  
1048. Checking http://104.72.70.183
1049. Generic Detection results:
1050. No WAF detected by the generic detection
1051. Number of requests: 14
1052. #######################################################################################################################################
1053.  
1054. wig - WebApp Information Gatherer
1055.  
1056.  
1057. Scanning http://104.72.70.183...
1058. _____________________ SITE INFO ______________________
1059. IP Title
1060. 104.72.70.183
1061.  
1062. ______________________ VERSION _______________________
1063. Name Versions Type
1064.  
1065. ____________________ INTERESTING _____________________
1066. URL Note Type
1067. /readme.html Readme file Interesting
1068. /install.php Installation file Interesting
1069. /test.php Test file Interesting
1070.  
1071. ______________________________________________________
1072. Time: 52.8 sec Urls: 598 Fingerprints: 40401
1073. #######################################################################################################################################
1074. HTTP/1.1 400 Bad Request
1075. Mime-Version: 1.0
1076. Content-Type: text/html
1077. Content-Length: 208
1078. Expires: Sat, 26 Jan 2019 01:35:34 GMT
1079. Date: Sat, 26 Jan 2019 01:35:34 GMT
1080. Connection: keep-alive
1081.  
1082. HTTP/1.1 400 Bad Request
1083. Mime-Version: 1.0
1084. Content-Type: text/html
1085. Content-Length: 208
1086. Expires: Sat, 26 Jan 2019 01:35:35 GMT
1087. Date: Sat, 26 Jan 2019 01:35:35 GMT
1088. Connection: keep-alive
1089. #######################################################################################################################################
1090. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:35 EST
1091. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1092. Host is up (0.12s latency).
1093.  
1094. PORT STATE SERVICE VERSION
1095. 123/udp open|filtered ntp
1096. Too many fingerprints match this host to give specific OS details
1097. Network Distance: 10 hops
1098.  
1099. TRACEROUTE (using proto 1/icmp)
1100. HOP RTT ADDRESS
1101. 1 228.25 ms 10.245.200.1
1102. 2 228.27 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1103. 3 228.78 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
1104. 4 228.99 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1105. 5 229.65 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1106. 6 367.89 ms 4826.hkg.equinix.com (119.27.63.115)
1107. 7 343.38 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
1108. 8 367.11 ms 114.31.192.39
1109. 9 347.10 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1110. 10 343.43 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1111. #######################################################################################################################################
1112. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:37 EST
1113. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1114. Host is up (0.29s latency).
1115.  
1116. PORT STATE SERVICE VERSION
1117. 161/tcp filtered snmp
1118. 161/udp open|filtered snmp
1119. Too many fingerprints match this host to give specific OS details
1120. Network Distance: 10 hops
1121.  
1122. TRACEROUTE (using proto 1/icmp)
1123. HOP RTT ADDRESS
1124. 1 229.65 ms 10.245.200.1
1125. 2 229.67 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1126. 3 230.04 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
1127. 4 230.06 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1128. 5 231.03 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1129. 6 368.95 ms 4826.hkg.equinix.com (119.27.63.115)
1130. 7 344.54 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
1131. 8 345.69 ms 114.31.192.39
1132. 9 380.27 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1133. 10 344.55 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1134. #######################################################################################################################################
1135. Version: 1.11.12-static
1136. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1137.  
1138. Connected to 104.72.70.183
1139.  
1140. Testing SSL server 104.72.70.183 on port 443 using SNI name 104.72.70.183
1141.  
1142. TLS Fallback SCSV:
1143. Server does not support TLS Fallback SCSV
1144.  
1145. TLS renegotiation:
1146. Session renegotiation not supported
1147.  
1148. TLS Compression:
1149. Compression disabled
1150.  
1151. Heartbleed:
1152. TLS 1.2 not vulnerable to heartbleed
1153. TLS 1.1 not vulnerable to heartbleed
1154. TLS 1.0 not vulnerable to heartbleed
1155.  
1156. Supported Server Cipher(s):
1157. #######################################################################################################################################
1158. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:43 EST
1159. NSE: Loaded 148 scripts for scanning.
1160. NSE: Script Pre-scanning.
1161. NSE: Starting runlevel 1 (of 2) scan.
1162. Initiating NSE at 20:43
1163. Completed NSE at 20:43, 0.00s elapsed
1164. NSE: Starting runlevel 2 (of 2) scan.
1165. Initiating NSE at 20:43
1166. Completed NSE at 20:43, 0.00s elapsed
1167. Initiating Ping Scan at 20:43
1168. Scanning 104.72.70.183 [4 ports]
1169. Completed Ping Scan at 20:43, 0.26s elapsed (1 total hosts)
1170. Initiating Parallel DNS resolution of 1 host. at 20:43
1171. Completed Parallel DNS resolution of 1 host. at 20:43, 0.02s elapsed
1172. Initiating Connect Scan at 20:43
1173. Scanning a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183) [1000 ports]
1174. Discovered open port 80/tcp on 104.72.70.183
1175. Discovered open port 443/tcp on 104.72.70.183
1176. Completed Connect Scan at 20:43, 13.75s elapsed (1000 total ports)
1177. Initiating Service scan at 20:43
1178. Scanning 2 services on a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1179. Service scan Timing: About 50.00% done; ETC: 20:45 (0:00:36 remaining)
1180. Completed Service scan at 20:44, 36.22s elapsed (2 services on 1 host)
1181. Initiating OS detection (try #1) against a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1182. Retrying OS detection (try #2) against a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1183. Initiating Traceroute at 20:44
1184. Completed Traceroute at 20:44, 0.37s elapsed
1185. Initiating Parallel DNS resolution of 10 hosts. at 20:44
1186. Completed Parallel DNS resolution of 10 hosts. at 20:44, 16.50s elapsed
1187. NSE: Script scanning 104.72.70.183.
1188. NSE: Starting runlevel 1 (of 2) scan.
1189. Initiating NSE at 20:44
1190. NSE Timing: About 98.92% done; ETC: 20:45 (0:00:00 remaining)
1191. NSE Timing: About 99.64% done; ETC: 20:45 (0:00:00 remaining)
1192. Completed NSE at 20:46, 90.06s elapsed
1193. NSE: Starting runlevel 2 (of 2) scan.
1194. Initiating NSE at 20:46
1195. Completed NSE at 20:46, 0.70s elapsed
1196. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1197. Host is up, received reset ttl 64 (0.24s latency).
1198. Scanned at 2019-01-25 20:43:35 EST for 164s
1199. Not shown: 994 filtered ports
1200. Reason: 994 no-responses
1201. PORT STATE SERVICE REASON VERSION
1202. 25/tcp closed smtp conn-refused
1203. 53/tcp closed domain conn-refused
1204. 80/tcp open http-proxy syn-ack Squid http proxy
1205. |_http-open-proxy: Proxy might be redirecting requests
1206. |_http-title: Invalid URL
1207. 139/tcp closed netbios-ssn conn-refused
1208. 443/tcp open https? syn-ack
1209. 445/tcp closed microsoft-ds conn-refused
1210. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1211. SF-Port443-TCP:V=7.70%I=7%D=1/25%Time=5C4BBB5C%P=x86_64-pc-linux-gnu%r(SSL
1212. SF:SessionReq,7,"\x15\x03\x04\0\x02\x02P")%r(TLSSessionReq,7,"\x15\x03\x04
1213. SF:\0\x02\x02P")%r(SSLv23SessionReq,7,"\x15\x03\x04\0\x02\x02P");
1214. Device type: general purpose|storage-misc|broadband router|WAP
1215. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (87%)
1216. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22
1217. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
1218. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (90%), Linux 3.16 (90%)
1219. No exact OS matches for host (test conditions non-ideal).
1220. TCP/IP fingerprint:
1221. SCAN(V=7.70%E=4%D=1/25%OT=80%CT=25%CU=%PV=N%DS=10%DC=T%G=N%TM=5C4BBBEB%P=x86_64-pc-linux-gnu)
1222. SEQ(SP=103%GCD=1%ISR=108%TI=Z%CI=Z%TS=8)
1223. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
1224. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
1225. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
1226. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
1227. T2(R=N)
1228. T3(R=N)
1229. T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1230. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
1231. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1232. T7(R=N)
1233. U1(R=N)
1234. IE(R=Y%DFI=N%TG=40%CD=S)
1235.  
1236. Uptime guess: 43.094 days (since Thu Dec 13 18:31:04 2018)
1237. Network Distance: 10 hops
1238. TCP Sequence Prediction: Difficulty=259 (Good luck!)
1239. IP ID Sequence Generation: All zeros
1240.  
1241. TRACEROUTE (using proto 1/icmp)
1242. HOP RTT ADDRESS
1243. 1 231.16 ms 10.245.200.1
1244. 2 231.20 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1245. 3 231.60 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
1246. 4 231.64 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1247. 5 232.60 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1248. 6 370.59 ms 4826.hkg.equinix.com (119.27.63.115)
1249. 7 346.03 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
1250. 8 346.62 ms 114.31.192.39
1251. 9 347.60 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1252. 10 346.08 ms a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1253.  
1254. NSE: Script Post-scanning.
1255. NSE: Starting runlevel 1 (of 2) scan.
1256. Initiating NSE at 20:46
1257. Completed NSE at 20:46, 0.00s elapsed
1258. NSE: Starting runlevel 2 (of 2) scan.
1259. Initiating NSE at 20:46
1260. Completed NSE at 20:46, 0.00s elapsed
1261. Read data files from: /usr/bin/../share/nmap
1262. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1263. Nmap done: 1 IP address (1 host up) scanned in 164.43 seconds
1264. Raw packets sent: 83 (7.760KB) | Rcvd: 45 (3.844KB)
1265. #######################################################################################################################################
1266. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:46 EST
1267. NSE: Loaded 148 scripts for scanning.
1268. NSE: Script Pre-scanning.
1269. Initiating NSE at 20:46
1270. Completed NSE at 20:46, 0.00s elapsed
1271. Initiating NSE at 20:46
1272. Completed NSE at 20:46, 0.00s elapsed
1273. Initiating Parallel DNS resolution of 1 host. at 20:46
1274. Completed Parallel DNS resolution of 1 host. at 20:46, 0.02s elapsed
1275. Initiating UDP Scan at 20:46
1276. Scanning a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183) [14 ports]
1277. Completed UDP Scan at 20:46, 3.02s elapsed (14 total ports)
1278. Initiating Service scan at 20:46
1279. Scanning 11 services on a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1280. Service scan Timing: About 9.09% done; ETC: 21:04 (0:16:20 remaining)
1281. Completed Service scan at 20:48, 102.59s elapsed (11 services on 1 host)
1282. Initiating OS detection (try #1) against a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1283. Initiating Traceroute at 20:48
1284. Completed Traceroute at 20:48, 7.28s elapsed
1285. Initiating Parallel DNS resolution of 1 host. at 20:48
1286. Completed Parallel DNS resolution of 1 host. at 20:48, 0.02s elapsed
1287. NSE: Script scanning 104.72.70.183.
1288. Initiating NSE at 20:48
1289. Completed NSE at 20:48, 20.24s elapsed
1290. Initiating NSE at 20:48
1291. Completed NSE at 20:48, 1.61s elapsed
1292. Nmap scan report for a104-72-70-183.deploy.static.akamaitechnologies.com (104.72.70.183)
1293. Host is up (0.28s latency).
1294.  
1295. PORT STATE SERVICE VERSION
1296. 53/udp closed domain
1297. 67/udp open|filtered dhcps
1298. 68/udp open|filtered dhcpc
1299. 69/udp open|filtered tftp
1300. 88/udp open|filtered kerberos-sec
1301. 123/udp open|filtered ntp
1302. 137/udp filtered netbios-ns
1303. 138/udp filtered netbios-dgm
1304. 139/udp open|filtered netbios-ssn
1305. 161/udp open|filtered snmp
1306. 162/udp open|filtered snmptrap
1307. 389/udp open|filtered ldap
1308. 520/udp open|filtered route
1309. 2049/udp open|filtered nfs
1310. Too many fingerprints match this host to give specific OS details
1311. Network Distance: 10 hops
1312.  
1313. TRACEROUTE (using port 137/udp)
1314. HOP RTT ADDRESS
1315. 1 228.07 ms 10.245.200.1
1316. 2 ... 3
1317. 4 228.51 ms 10.245.200.1
1318. 5 229.80 ms 10.245.200.1
1319. 6 229.63 ms 10.245.200.1
1320. 7 229.63 ms 10.245.200.1
1321. 8 229.63 ms 10.245.200.1
1322. 9 229.63 ms 10.245.200.1
1323. 10 229.65 ms 10.245.200.1
1324. 11 ... 18
1325. 19 228.76 ms 10.245.200.1
1326. 20 228.06 ms 10.245.200.1
1327. 21 ... 27
1328. 28 229.23 ms 10.245.200.1
1329. 29 ...
1330. 30 227.87 ms 10.245.200.1
1331.  
1332. NSE: Script Post-scanning.
1333. Initiating NSE at 20:48
1334. Completed NSE at 20:48, 0.00s elapsed
1335. Initiating NSE at 20:48
1336. Completed NSE at 20:48, 0.00s elapsed
1337. Read data files from: /usr/bin/../share/nmap
1338. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1339. Nmap done: 1 IP address (1 host up) scanned in 138.51 seconds
1340. Raw packets sent: 113 (8.276KB) | Rcvd: 58 (5.809KB)
1341. #######################################################################################################################################
1342. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:28 EST
1343. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1344. Host is up (0.37s latency).
1345. Not shown: 471 filtered ports, 3 closed ports
1346. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1347. PORT STATE SERVICE
1348. 80/tcp open http
1349. 443/tcp open https
1350. #######################################################################################################################################
1351. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:31 EST
1352. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1353. Host is up (0.23s latency).
1354. Not shown: 2 filtered ports
1355. PORT STATE SERVICE
1356. 53/udp open|filtered domain
1357. 67/udp open|filtered dhcps
1358. 68/udp open|filtered dhcpc
1359. 69/udp open|filtered tftp
1360. 88/udp open|filtered kerberos-sec
1361. 123/udp open|filtered ntp
1362. 139/udp open|filtered netbios-ssn
1363. 161/udp open|filtered snmp
1364. 162/udp open|filtered snmptrap
1365. 389/udp open|filtered ldap
1366. 520/udp open|filtered route
1367. 2049/udp open|filtered nfs
1368. #######################################################################################################################################
1369. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:31 EST
1370. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1371. Host is up (0.15s latency).
1372.  
1373. PORT STATE SERVICE VERSION
1374. 67/udp open|filtered dhcps
1375. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1376. Too many fingerprints match this host to give specific OS details
1377. Network Distance: 11 hops
1378.  
1379. TRACEROUTE (using proto 1/icmp)
1380. HOP RTT ADDRESS
1381. 1 228.91 ms 10.245.200.1
1382. 2 228.96 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1383. 3 230.25 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1384. 4 231.50 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1385. 5 231.46 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1386. 6 369.54 ms 4826.hkg.equinix.com (119.27.63.115)
1387. 7 369.59 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1388. 8 369.98 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1389. 9 370.97 ms 114.31.192.39
1390. 10 377.02 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1391. 11 367.24 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1392. #######################################################################################################################################
1393. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:33 EST
1394. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1395. Host is up (0.15s latency).
1396.  
1397. PORT STATE SERVICE VERSION
1398. 68/udp open|filtered dhcpc
1399. Too many fingerprints match this host to give specific OS details
1400. Network Distance: 11 hops
1401.  
1402. TRACEROUTE (using proto 1/icmp)
1403. HOP RTT ADDRESS
1404. 1 229.49 ms 10.245.200.1
1405. 2 229.51 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1406. 3 230.86 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1407. 4 230.89 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1408. 5 230.90 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1409. 6 369.48 ms 4826.hkg.equinix.com (119.27.63.115)
1410. 7 369.52 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1411. 8 370.15 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1412. 9 370.20 ms 114.31.192.39
1413. 10 370.24 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1414. 11 368.69 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1415. #######################################################################################################################################
1416. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:35 EST
1417. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1418. Host is up (0.15s latency).
1419.  
1420. PORT STATE SERVICE VERSION
1421. 69/udp open|filtered tftp
1422. Too many fingerprints match this host to give specific OS details
1423. Network Distance: 11 hops
1424.  
1425. TRACEROUTE (using proto 1/icmp)
1426. HOP RTT ADDRESS
1427. 1 228.01 ms 10.245.200.1
1428. 2 228.05 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1429. 3 228.83 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1430. 4 229.63 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1431. 5 229.66 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1432. 6 368.09 ms 4826.hkg.equinix.com (119.27.63.115)
1433. 7 368.12 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1434. 8 368.96 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1435. 9 368.99 ms 114.31.192.39
1436. 10 372.77 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1437. 11 369.01 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1438. #######################################################################################################################################
1439.  
1440. ^ ^
1441. _ __ _ ____ _ __ _ _ ____
1442. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1443. | V V // o // _/ | V V // 0 // 0 // _/
1444. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1445. <
1446. ...'
1447.  
1448. WAFW00F - Web Application Firewall Detection Tool
1449.  
1450. By Sandro Gauci && Wendel G. Henrique
1451.  
1452. Checking http://104.72.70.116
1453. Generic Detection results:
1454. No WAF detected by the generic detection
1455. Number of requests: 14
1456. #######################################################################################################################################
1457. wig - WebApp Information Gatherer
1458.  
1459.  
1460. Scanning http://104.72.70.116...
1461. _____________________ SITE INFO ______________________
1462. IP Title
1463. 104.72.70.116
1464.  
1465. ______________________ VERSION _______________________
1466. Name Versions Type
1467.  
1468. ____________________ INTERESTING _____________________
1469. URL Note Type
1470. /readme.html Readme file Interesting
1471. /install.php Installation file Interesting
1472. /test.php Test file Interesting
1473. /test.htm Test file Interesting
1474.  
1475. ______________________________________________________
1476. Time: 50.2 sec Urls: 598 Fingerprints: 40401
1477. #######################################################################################################################################
1478. HTTP/1.1 400 Bad Request
1479. Mime-Version: 1.0
1480. Content-Type: text/html
1481. Content-Length: 207
1482. Expires: Sat, 26 Jan 2019 01:39:26 GMT
1483. Date: Sat, 26 Jan 2019 01:39:26 GMT
1484. Connection: keep-alive
1485.  
1486. HTTP/1.1 400 Bad Request
1487. Mime-Version: 1.0
1488. Content-Type: text/html
1489. Content-Length: 207
1490. Expires: Sat, 26 Jan 2019 01:39:27 GMT
1491. Date: Sat, 26 Jan 2019 01:39:27 GMT
1492. Connection: keep-alive
1493. #######################################################################################################################################
1494. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:39 EST
1495. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1496. Host is up (0.15s latency).
1497.  
1498. PORT STATE SERVICE VERSION
1499. 123/udp open|filtered ntp
1500. Too many fingerprints match this host to give specific OS details
1501. Network Distance: 11 hops
1502.  
1503. TRACEROUTE (using proto 1/icmp)
1504. HOP RTT ADDRESS
1505. 1 229.29 ms 10.245.200.1
1506. 2 229.35 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1507. 3 229.37 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1508. 4 230.66 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1509. 5 230.70 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1510. 6 369.36 ms 4826.hkg.equinix.com (119.27.63.115)
1511. 7 369.38 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1512. 8 369.61 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1513. 9 370.79 ms 114.31.192.39
1514. 10 781.16 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1515. 11 367.90 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1516. #######################################################################################################################################
1517. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:41 EST
1518. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1519. Host is up (0.30s latency).
1520.  
1521. PORT STATE SERVICE VERSION
1522. 161/tcp filtered snmp
1523. 161/udp open|filtered snmp
1524. Too many fingerprints match this host to give specific OS details
1525. Network Distance: 11 hops
1526.  
1527. TRACEROUTE (using proto 1/icmp)
1528. HOP RTT ADDRESS
1529. 1 229.18 ms 10.245.200.1
1530. 2 229.21 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1531. 3 229.23 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1532. 4 230.60 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1533. 5 230.63 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1534. 6 368.69 ms 4826.hkg.equinix.com (119.27.63.115)
1535. 7 368.73 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1536. 8 370.13 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1537. 9 370.10 ms 114.31.192.39
1538. 10 370.70 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1539. 11 367.36 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1540. #######################################################################################################################################
1541. Version: 1.11.12-static
1542. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1543.  
1544. Connected to 104.72.70.116
1545.  
1546. Testing SSL server 104.72.70.116 on port 443 using SNI name 104.72.70.116
1547.  
1548. TLS Fallback SCSV:
1549. Server does not support TLS Fallback SCSV
1550.  
1551. TLS renegotiation:
1552. Session renegotiation not supported
1553.  
1554. TLS Compression:
1555. Compression disabled
1556.  
1557. Heartbleed:
1558. TLS 1.2 not vulnerable to heartbleed
1559. TLS 1.1 not vulnerable to heartbleed
1560. TLS 1.0 not vulnerable to heartbleed
1561.  
1562. Supported Server Cipher(s):
1563. #######################################################################################################################################
1564. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:47 EST
1565. NSE: Loaded 148 scripts for scanning.
1566. NSE: Script Pre-scanning.
1567. NSE: Starting runlevel 1 (of 2) scan.
1568. Initiating NSE at 20:47
1569. Completed NSE at 20:47, 0.00s elapsed
1570. NSE: Starting runlevel 2 (of 2) scan.
1571. Initiating NSE at 20:47
1572. Completed NSE at 20:47, 0.00s elapsed
1573. Initiating Ping Scan at 20:47
1574. Scanning 104.72.70.116 [4 ports]
1575. Completed Ping Scan at 20:47, 0.27s elapsed (1 total hosts)
1576. Initiating Parallel DNS resolution of 1 host. at 20:47
1577. Completed Parallel DNS resolution of 1 host. at 20:47, 0.03s elapsed
1578. Initiating Connect Scan at 20:47
1579. Scanning a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116) [1000 ports]
1580. Discovered open port 80/tcp on 104.72.70.116
1581. Discovered open port 443/tcp on 104.72.70.116
1582. Completed Connect Scan at 20:47, 12.56s elapsed (1000 total ports)
1583. Initiating Service scan at 20:47
1584. Scanning 2 services on a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1585. Service scan Timing: About 50.00% done; ETC: 20:48 (0:00:36 remaining)
1586. Completed Service scan at 20:48, 37.40s elapsed (2 services on 1 host)
1587. Initiating OS detection (try #1) against a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1588. Retrying OS detection (try #2) against a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1589. Initiating Traceroute at 20:48
1590. Completed Traceroute at 20:48, 0.61s elapsed
1591. Initiating Parallel DNS resolution of 11 hosts. at 20:48
1592. Completed Parallel DNS resolution of 11 hosts. at 20:48, 16.50s elapsed
1593. NSE: Script scanning 104.72.70.116.
1594. NSE: Starting runlevel 1 (of 2) scan.
1595. Initiating NSE at 20:48
1596. NSE Timing: About 99.28% done; ETC: 20:49 (0:00:00 remaining)
1597. NSE Timing: About 99.64% done; ETC: 20:49 (0:00:00 remaining)
1598. NSE Timing: About 99.64% done; ETC: 20:50 (0:00:00 remaining)
1599. Completed NSE at 20:50, 91.93s elapsed
1600. NSE: Starting runlevel 2 (of 2) scan.
1601. Initiating NSE at 20:50
1602. Completed NSE at 20:50, 0.75s elapsed
1603. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1604. Host is up, received reset ttl 64 (0.21s latency).
1605. Scanned at 2019-01-25 20:47:25 EST for 167s
1606. Not shown: 995 filtered ports
1607. Reason: 995 no-responses
1608. PORT STATE SERVICE REASON VERSION
1609. 25/tcp closed smtp conn-refused
1610. 80/tcp open http-proxy syn-ack Squid http proxy
1611. |_http-open-proxy: Proxy might be redirecting requests
1612. |_http-title: Invalid URL
1613. 139/tcp closed netbios-ssn conn-refused
1614. 443/tcp open https? syn-ack
1615. 445/tcp closed microsoft-ds conn-refused
1616. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1617. SF-Port443-TCP:V=7.70%I=7%D=1/25%Time=5C4BBC41%P=x86_64-pc-linux-gnu%r(SSL
1618. SF:SessionReq,7,"\x15\x03\x04\0\x02\x02P")%r(TLSSessionReq,7,"\x15\x03\x04
1619. SF:\0\x02\x02P")%r(SSLv23SessionReq,7,"\x15\x03\x04\0\x02\x02P");
1620. Device type: general purpose|storage-misc|broadband router|WAP|phone
1621. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (87%), Google Android 4.X (87%)
1622. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:google:android:4.0
1623. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
1624. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (90%), Linux 3.16 (90%)
1625. No exact OS matches for host (test conditions non-ideal).
1626. TCP/IP fingerprint:
1627. SCAN(V=7.70%E=4%D=1/25%OT=80%CT=25%CU=%PV=N%DS=11%DC=T%G=N%TM=5C4BBCD4%P=x86_64-pc-linux-gnu)
1628. SEQ(SP=100%GCD=1%ISR=10A%TI=Z%CI=Z%TS=8)
1629. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
1630. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
1631. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
1632. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
1633. T2(R=N)
1634. T3(R=N)
1635. T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1636. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
1637. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1638. T7(R=N)
1639. U1(R=N)
1640. IE(R=Y%DFI=N%TG=40%CD=S)
1641.  
1642. Uptime guess: 42.407 days (since Fri Dec 14 11:03:56 2018)
1643. Network Distance: 11 hops
1644. TCP Sequence Prediction: Difficulty=256 (Good luck!)
1645. IP ID Sequence Generation: All zeros
1646.  
1647. TRACEROUTE (using proto 1/icmp)
1648. HOP RTT ADDRESS
1649. 1 229.51 ms 10.245.200.1
1650. 2 229.53 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1651. 3 230.53 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1652. 4 231.32 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
1653. 5 231.13 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1654. 6 369.94 ms 4826.hkg.equinix.com (119.27.63.115)
1655. 7 369.97 ms Te-0-1-0-2-1.cor02.syd04.nsw.VOCUS.net.au (119.161.84.21)
1656. 8 370.00 ms BE-1.cor01.syd11.nsw.VOCUS.net.au (114.31.192.40)
1657. 9 370.00 ms 114.31.192.39
1658. 10 378.06 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
1659. 11 367.33 ms a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1660.  
1661. NSE: Script Post-scanning.
1662. NSE: Starting runlevel 1 (of 2) scan.
1663. Initiating NSE at 20:50
1664. Completed NSE at 20:50, 0.00s elapsed
1665. NSE: Starting runlevel 2 (of 2) scan.
1666. Initiating NSE at 20:50
1667. Completed NSE at 20:50, 0.00s elapsed
1668. Read data files from: /usr/bin/../share/nmap
1669. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1670. Nmap done: 1 IP address (1 host up) scanned in 167.20 seconds
1671. Raw packets sent: 84 (7.248KB) | Rcvd: 46 (3.562KB)
1672. #######################################################################################################################################
1673. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-25 20:50 EST
1674. NSE: Loaded 148 scripts for scanning.
1675. NSE: Script Pre-scanning.
1676. Initiating NSE at 20:50
1677. Completed NSE at 20:50, 0.00s elapsed
1678. Initiating NSE at 20:50
1679. Completed NSE at 20:50, 0.00s elapsed
1680. Initiating Parallel DNS resolution of 1 host. at 20:50
1681. Completed Parallel DNS resolution of 1 host. at 20:50, 0.02s elapsed
1682. Initiating UDP Scan at 20:50
1683. Scanning a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116) [14 ports]
1684. Completed UDP Scan at 20:50, 3.11s elapsed (14 total ports)
1685. Initiating Service scan at 20:50
1686. Scanning 12 services on a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1687. Service scan Timing: About 8.33% done; ETC: 21:09 (0:17:47 remaining)
1688. Completed Service scan at 20:51, 102.58s elapsed (12 services on 1 host)
1689. Initiating OS detection (try #1) against a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1690. Retrying OS detection (try #2) against a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1691. Initiating Traceroute at 20:52
1692. Completed Traceroute at 20:52, 7.28s elapsed
1693. Initiating Parallel DNS resolution of 1 host. at 20:52
1694. Completed Parallel DNS resolution of 1 host. at 20:52, 0.02s elapsed
1695. NSE: Script scanning 104.72.70.116.
1696. Initiating NSE at 20:52
1697. Completed NSE at 20:52, 20.32s elapsed
1698. Initiating NSE at 20:52
1699. Completed NSE at 20:52, 1.74s elapsed
1700. Nmap scan report for a104-72-70-116.deploy.static.akamaitechnologies.com (104.72.70.116)
1701. Host is up (0.29s latency).
1702.  
1703. PORT STATE SERVICE VERSION
1704. 53/udp open|filtered domain
1705. 67/udp open|filtered dhcps
1706. 68/udp open|filtered dhcpc
1707. 69/udp open|filtered tftp
1708. 88/udp open|filtered kerberos-sec
1709. 123/udp open|filtered ntp
1710. 137/udp filtered netbios-ns
1711. 138/udp filtered netbios-dgm
1712. 139/udp open|filtered netbios-ssn
1713. 161/udp open|filtered snmp
1714. 162/udp open|filtered snmptrap
1715. 389/udp open|filtered ldap
1716. 520/udp open|filtered route
1717. 2049/udp open|filtered nfs
1718. Too many fingerprints match this host to give specific OS details
1719.  
1720. TRACEROUTE (using port 138/udp)
1721. HOP RTT ADDRESS
1722. 1 227.77 ms 10.245.200.1
1723. 2 ... 3
1724. 4 230.59 ms 10.245.200.1
1725. 5 229.61 ms 10.245.200.1
1726. 6 229.61 ms 10.245.200.1
1727. 7 229.60 ms 10.245.200.1
1728. 8 229.60 ms 10.245.200.1
1729. 9 229.59 ms 10.245.200.1
1730. 10 229.63 ms 10.245.200.1
1731. 11 ... 18
1732. 19 228.95 ms 10.245.200.1
1733. 20 227.54 ms 10.245.200.1
1734. 21 ... 27
1735. 28 228.82 ms 10.245.200.1
1736. 29 ...
1737. 30 227.60 ms 10.245.200.1
1738.  
1739. NSE: Script Post-scanning.
1740. Initiating NSE at 20:52
1741. Completed NSE at 20:52, 0.00s elapsed
1742. Initiating NSE at 20:52
1743. Completed NSE at 20:52, 0.00s elapsed
1744. Read data files from: /usr/bin/../share/nmap
1745. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1746. Nmap done: 1 IP address (1 host up) scanned in 143.22 seconds
1747. Raw packets sent: 135 (8.008KB) | Rcvd: 35 (3.519KB)
1748. #######################################################################################################################################
1749. Anonymous JTSEC #OpDomesticTerrorism Full Recon #1