Anonymous Operation IsraelUSA JTSEC full recon #9


#######################################################################################################################################
 Nom de l'hôte 	www.askezra.co.il 	  	FAI 	012 Smile Communications LTD. (AS9116)
Continent 	Asie 	  	Drapeau
IL
Pays 	Israël 	  	Code du pays 	IL (ISR)
Région 	Inconnu 	  	Heure locale 	16 Dec 2017 18:43 IST
Ville 	Inconnu 	  	Latitude 	31.5
Adresse IP 	62.128.52.211 	  	Longitude 	34.75
######################################################################################################################################
[i] Scanning Site: http://askezra.co.il


B A S I C   I N F O
====================


[+] Site Title:
[+] IP address: 62.128.52.211
[+] Web Server: nginx
[+] CMS: Could Not Detect
[+] Cloudflare: Not Detected
[+] Robots File: Found

-------------[ contents ]----------------
User-agent: *
Allow: /


-----------[end of contents]-------------


W H O I S   L O O K U P
========================


% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        askezra.co.il

reg-name:     askezra
domain:       askezra.co.il

descr:        Chava Weberman
descr:        Hapoel Hatzair 18
descr:        Givataim
descr:        53211
descr:        Israel
phone:        +972 52 8812679
e-mail:       evaweberman AT gmail.com
admin-c:      LD-CW3482-IL
tech-c:       LD-CW3482-IL
zone-c:       LD-CW3482-IL
nserver:      park1.livedns.co.il
nserver:      park2.livedns.co.il
validity:     22-12-2018
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20081222 (Assigned)

person:       Chava Weberman
address:      Haklarnit 10
address:      Rishon Letzion
address:      75571
address:      Israel
phone:        +972 52 8812679
e-mail:       evaweberman AT gmail.com
nic-hdl:      LD-CW3482-IL
changed:      Managing Registrar 20070701
changed:      Managing Registrar 20110612

registrar name: LiveDns Ltd
registrar info: http://domains.livedns.co.il

% Rights to the data above are restricted by copyright.


G E O  I P  L O O K  U P
=========================

[i] IP Address: 62.128.52.211
[i] Country: IL
[i] State: HaMerkaz
[i] City: Yavne
[i] Latitude: 31.815599
[i] Longitude: 34.720798


H T T P   H E A D E R S
=======================


[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:58:46 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:58:55 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:03 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:12 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:20 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:29 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:37 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:46 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 16:59:55 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:03 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:12 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:20 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:29 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:37 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:46 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:00:54 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:01:03 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:01:11 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:01:20 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No
[i]  HTTP/1.1 302 Moved Temporarily
[i]  Server: nginx
[i]  Date: Sat, 16 Dec 2017 17:01:28 GMT
[i]  Content-Type: text/html
[i]  Content-Length: 154
[i]  Connection: close
[i]  Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
[i]  P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
[i]  Location: http://askezra.co.il/
[i]  X-Rocket-Nginx-Bypass: No


D N S   L O O K U P
===================

askezra.co.il.		14399	IN	SOA	park1.livedns.co.il. hostmaster.askezra.co.il. 2008122506 3600 600 1209600 14400
askezra.co.il.		14399	IN	NS	park2.livedns.co.il.
askezra.co.il.		14399	IN	NS	park1.livedns.co.il.
askezra.co.il.		14399	IN	MX	30 ASPMX3.GOOGLEMAIL.COM.
askezra.co.il.		14399	IN	MX	30 ASPMX4.GOOGLEMAIL.COM.
askezra.co.il.		14399	IN	MX	30 ASPMX5.GOOGLEMAIL.COM.
askezra.co.il.		14399	IN	MX	10 ASPMX.L.GOOGLE.COM.
askezra.co.il.		14399	IN	MX	20 ALT1.ASPMX.L.GOOGLE.COM.
askezra.co.il.		14399	IN	MX	20 ALT2.ASPMX.L.GOOGLE.COM.
askezra.co.il.		14399	IN	MX	30 ASPMX2.GOOGLEMAIL.COM.
askezra.co.il.		14399	IN	A	62.128.52.211


S U B N E T   C A L C U L A T I O N
====================================

Address       = 62.128.52.211
Network       = 62.128.52.211 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 62.128.52.211 - 62.128.52.211 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-16 17:01 UTC
Nmap scan report for askezra.co.il (62.128.52.211)
Host is up (0.14s latency).
rDNS record for 62.128.52.211: rosh.spd.co.il
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           ProFTPD
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   open     smtp          Exim smtpd
80/tcp   open     http          nginx
110/tcp  open     pop3          Dovecot DirectAdmin pop3d
143/tcp  open     imap          Dovecot imapd
443/tcp  open     ssl/http      nginx
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 16.61 seconds

[!] IP Address : 62.128.52.211
[!] Server: nginx
[!] Powered By: PHP/5.2.17
[-] Clickjacking protection is not in place.
[+] Operating System : Windows
[!] www.askezra.co.il doesn't seem to use a CMS
[+] Honeypot Probabilty: 30%
----------------------------------------
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           ProFTPD
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   open     smtp          Exim smtpd
80/tcp   open     http          nginx
110/tcp  open     pop3          Dovecot DirectAdmin pop3d
143/tcp  open     imap          Dovecot imapd
443/tcp  open     ssl/http      nginx
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
----------------------------------------

[+] DNS Records

[+] Host Records (A)
www.askezra.co.ilHTTP: (rosh.spd.co.il) (62.128.52.211) AS9116 012 Smile Communications LTD. Israel

[+] TXT Records

[+] DNS Map: https://dnsdumpster.com/static/map/www.askezra.co.il.png

[>] Initiating 3 intel modules
[>] Loading Alpha module (1/3)
[>] Beta module deployed (2/3)
[>] Gamma module initiated (3/3)
No emails found
No hosts found
[+] Virtual hosts:
-----------------
[>] Crawling the target for fuzzable URLs

[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
Server:		2001:568:ff09:10c::53
Address:	2001:568:ff09:10c::53#53

Non-authoritative answer:
Name:	askezra.co.il
Address: 62.128.52.211

askezra.co.il has address 62.128.52.211
askezra.co.il mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM.
askezra.co.il mail is handled by 10 ASPMX.L.GOOGLE.COM.
askezra.co.il mail is handled by 30 ASPMX2.GOOGLEMAIL.COM.
askezra.co.il mail is handled by 30 ASPMX5.GOOGLEMAIL.COM.
askezra.co.il mail is handled by 30 ASPMX4.GOOGLEMAIL.COM.
askezra.co.il mail is handled by 30 ASPMX3.GOOGLEMAIL.COM.
askezra.co.il mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM.
[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is askezra.co.il
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 62.128.52.211. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 62.128.52.211. Module test failed
[-] No distance calculation. 62.128.52.211 appears to be dead or no ports known
[+] Host: 62.128.52.211 is up (Guess probability: 50%)
[+] Target: 62.128.52.211 is alive. Round-Trip Time: 0.50370 sec
[+] Selected safe Round-Trip Time value is: 1.00740 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[+] Primary guess:
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Other guesses:
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Host 62.128.52.211 Running OS:  (Guess probability: 91%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.
[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m

% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        askezra.co.il

reg-name:     askezra
domain:       askezra.co.il

descr:        Chava Weberman
descr:        Hapoel Hatzair 18
descr:        Givataim
descr:        53211
descr:        Israel
phone:        +972 52 8812679
e-mail:       evaweberman AT gmail.com
admin-c:      LD-CW3482-IL
tech-c:       LD-CW3482-IL
zone-c:       LD-CW3482-IL
nserver:      park1.livedns.co.il
nserver:      park2.livedns.co.il
validity:     22-12-2018
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20081222 (Assigned)

person:       Chava Weberman
address:      Haklarnit 10
address:      Rishon Letzion
address:      75571
address:      Israel
phone:        +972 52 8812679
e-mail:       evaweberman AT gmail.com
nic-hdl:      LD-CW3482-IL
changed:      Managing Registrar 20070701
changed:      Managing Registrar 20110612

registrar name: LiveDns Ltd
registrar info: http://domains.livedns.co.il

% Rights to the data above are restricted by copyright.
[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


Full harvest..
[-] Searching in Google..
	Searching 0 results...
	Searching 100 results...
	Searching 200 results...
[-] Searching in PGP Key server..
[-] Searching in Bing..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
[-] Searching in Exalead..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
	Searching 250 results...


[+] Emails found:
------------------
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
62.128.52.211:www.askezra.co.il
[+] Virtual hosts:
==================
62.128.52.211	www.lapid-nadlan.co.il
62.128.52.211	www.annushka.co.il
62.128.52.211	www.flights2eilat.co.il
62.128.52.211	www.chocotop.co.il
62.128.52.211	www.edenseeds.co.il
62.128.52.211	www.sassonancientart
62.128.52.211	www.drorbamidbar.co.il
62.128.52.211	www.jti.co.il
62.128.52.211	www.askezra.co.il

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
******************************************************

[-] Starting online search...

[-] Searching for doc files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for pdf files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for xls files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for csv files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for txt files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------

processing
user
email

[+] List of users found:
--------------------------

[+] List of software found:
-----------------------------

[+] List of paths and servers found:
---------------------------------------

[+] List of e-mails found:
----------------------------
[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m

; <<>> DiG 9.11.2-5-Debian <<>> -x askezra.co.il
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43727
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;il.co.askezra.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3600	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017102477 1800 900 604800 3600

;; Query time: 473 msec
;; SERVER: 2001:568:ff09:10c::53#53(2001:568:ff09:10c::53)
;; WHEN: Sat Dec 16 13:44:45 EST 2017
;; MSG SIZE  rcvd: 123

dnsenum VERSION:1.2.4
[1;34m
-----   askezra.co.il   -----
[0m[1;31m

Host's addresses:
__________________

[0maskezra.co.il.                           7261     IN    A        62.128.52.211
[1;31m

Name Servers:
______________

[0mpark1.livedns.co.il.                     14395    IN    A        62.219.78.217
park2.livedns.co.il.                     14392    IN    A        185.60.169.2
[1;31m

Mail (MX) Servers:
___________________

[0mASPMX.L.GOOGLE.COM.                      293      IN    A        209.85.201.27
ASPMX2.GOOGLEMAIL.COM.                   53       IN    A        64.233.186.27
ASPMX5.GOOGLEMAIL.COM.                   293      IN    A        173.194.79.26
ASPMX4.GOOGLEMAIL.COM.                   293      IN    A        108.177.15.26
ASPMX3.GOOGLEMAIL.COM.                   49       IN    A        209.85.202.26
ALT1.ASPMX.L.GOOGLE.COM.                 50       IN    A        64.233.186.26
ALT2.ASPMX.L.GOOGLE.COM.                 42       IN    A        209.85.202.27
[1;31m

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

[0m
Trying Zone Transfer for askezra.co.il on park1.livedns.co.il ...

Trying Zone Transfer for askezra.co.il on park2.livedns.co.il ...

brute force file not specified, bay.
[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
[91m
                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m

                # Coded By Ahmed Aboul-Ela - @aboul3la

[94m[-] Enumerating subdomains now for askezra.co.il[0m
[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
[92m[-] Searching now in Baidu..[0m
[92m[-] Searching now in Yahoo..[0m
[92m[-] Searching now in Google..[0m
[92m[-] Searching now in Bing..[0m
[92m[-] Searching now in Ask..[0m
[92m[-] Searching now in Netcraft..[0m
[92m[-] Searching now in DNSdumpster..[0m
[92m[-] Searching now in Virustotal..[0m
[92m[-] Searching now in ThreatCrowd..[0m
[92m[-] Searching now in SSL Certificates..[0m
[92m[-] Searching now in PassiveDNS..[0m
[91mYahoo: [0mwww.askezra.co.il
[91mVirustotal: [0mwww.askezra.co.il
[93m[-] Saving results to file: [0m[91m/usr/share/sniper/loot/domains/domains-askezra.co.il.txt[0m
[93m[-] Total Unique Subdomains Found: 1[0m
[92mwww.askezra.co.il[0m

[91m ╔═╗╦═╗╔╦╗╔═╗╦ ╦[0m
[91m ║  ╠╦╝ ║ ╚═╗╠═╣[0m
[91m ╚═╝╩╚═ ╩o╚═╝╩ ╩[0m
[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
[94m
[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-askezra.co.il-full.txt
[0m
[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m

[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
PING askezra.co.il (62.128.52.211) 56(84) bytes of data.
64 bytes from rosh.spd.co.il (62.128.52.211): icmp_seq=1 ttl=53 time=179 ms

--- askezra.co.il ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 179.179/179.179/179.179/0.000 ms

[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 13:46 EST
Nmap scan report for askezra.co.il (62.128.52.211)
Host is up (0.18s latency).
rDNS record for 62.128.52.211: rosh.spd.co.il
Not shown: 466 filtered ports
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE
21/tcp   open  ftp
53/tcp   open  domain
80/tcp   open  http
443/tcp  open  https
993/tcp  open  imaps
995/tcp  open  pop3s
2222/tcp open  EtherNetIP-1

Nmap done: 1 IP address (1 host up) scanned in 14.35 seconds

[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
[93m + -- --=[Port 21 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 13:47 EST
Nmap scan report for askezra.co.il (62.128.52.211)
Host is up (0.18s latency).
rDNS record for 62.128.52.211: rosh.spd.co.il

PORT   STATE SERVICE VERSION
21/tcp open  ftp     ProFTPD
| ftp-brute:
|   Accounts: No valid accounts found
|_  Statistics: Performed 2452 guesses in 181 seconds, average tps: 12.8
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (91%)
OS CPE: cpe:/o:linux:linux_kernel:2.6.39 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3
Aggressive OS guesses: Linux 2.6.39 (91%), Linux 4.4 (91%), Linux 3.10 - 3.12 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 4.0 (86%), Linux 3.10 - 4.8 (85%), Linux 3.11 - 4.1 (85%), Linux 3.18 (85%), Linux 3.2 - 4.8 (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 13 hops

TRACEROUTE (using port 21/tcp)
HOP RTT       ADDRESS
1   109.56 ms 10.13.0.1
2   110.18 ms 37.187.24.253
3   109.61 ms 10.50.225.61
4   109.91 ms 10.17.129.42
5   109.61 ms 10.73.0.54
6   ...
7   113.20 ms be100-1107.ldn-1-a9.uk.eu (91.121.215.179)
8   113.19 ms edge.lon-01012.net.il (195.66.225.114)
9   113.17 ms edge.lon-01012.net.il (195.66.225.114)
10  183.49 ms 80.179.165.213.static.012.net.il (80.179.165.213)
11  ...
12  182.69 ms 62.128.52.2.static.hosting.spd.co.il (62.128.52.2)
13  169.46 ms rosh.spd.co.il (62.128.52.211)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 220.38 seconds
[0m[36m[1m[37m
         .                                         .
 .

      [34mdBBBBBBb  dBBBP dBBBBBBP dBBBBBb  [37m.                       o
     [34m  '   dB'                     BBP
    dB'dB'dB' dBBP     dBP     dBP BB
   dB'dB'dB' dBP      dBP     dBP  BB
  dB'dB'dB' dBBBBP   dBP     dBBBBBBB

                                   [31mdBBBBBP  [34mdBBBBBb  dBP    dBBBBP dBP dBBBBBBP
          [37m.                  [36m.                  [34mdB' dBP    dB'.BP
                             [36m|       [31mdBP[34m    dBBBB' dBP    dB'.BP dBP    dBP
                           [36m--o--    [31mdBP[34m    dBP    dBP    dB'.BP dBP    dBP
                             [36m|     [31mdBBBBP[34m dBP    dBBBBP dBBBBP dBP    dBP[37m

                                                                    .
                .
        o                  [32mTo boldly go where no
                            shell has gone before
[0m

       =[ [33mmetasploit v4.16.22-dev[0m                         ]
+ -- --=[ 1707 exploits - 970 auxiliary - 299 post        ]
+ -- --=[ 503 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

[0m[0mRHOST => askezra.co.il
[0mRHOSTS => askezra.co.il
[0m[1m[34m[*][0m askezra.co.il:21 - Banner: 220 FTP Server
[1m[34m[*][0m askezra.co.il:21 - USER: 331 Password required for yQM:)
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[0m[1m[33m[!][0m You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[1m[34m[*][0m Started reverse TCP double handler on 127.0.0.1:4444
[1m[34m[*][0m askezra.co.il:21 - Sending Backdoor Command
[1m[31m[-][0m askezra.co.il:21 - Not backdoored
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[91m + -- --=[Port 22 closed... skipping.[0m
[91m + -- --=[Port 23 closed... skipping.[0m
[91m + -- --=[Port 25 closed... skipping.[0m
[93m + -- --=[Port 53 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 13:56 EST
Nmap scan report for askezra.co.il (62.128.52.211)
Host is up (0.23s latency).
rDNS record for 62.128.52.211: rosh.spd.co.il

PORT   STATE SERVICE VERSION
53/udp open  domain  ISC BIND 6.6.6
|_dns-cache-snoop: 0 of 100 tested domains are cached.
|_dns-fuzz: The server seems impervious to our assault.
| dns-nsec-enum:
|_  No NSEC records found
| dns-nsec3-enum:
|_  DNSSEC NSEC3 not supported
| dns-nsid:
|_  bind.version: 6.6.6
Too many fingerprints match this host to give specific OS details
Network Distance: 12 hops

Host script results:
| dns-brute:
|   DNS Brute-force hostnames:
|     host.co.il - 148.251.90.173
|     development.co.il - 46.101.238.24
|     mysql.co.il - 216.239.32.21
|     mysql.co.il - 216.239.34.21
|     mysql.co.il - 216.239.36.21
|     mysql.co.il - 216.239.38.21
|     http.co.il - 212.150.243.210
|     images.co.il - 67.23.177.200
|     test.co.il - 127.0.0.1
|     news.co.il - 188.166.109.104
|     info.co.il - 104.31.92.2
|     info.co.il - 104.31.93.2
|     noc.co.il - 96.31.35.145
|     info.co.il - 2400:cb00:2048:1:0:0:681f:5c02
|     info.co.il - 2400:cb00:2048:1:0:0:681f:5d02
|     test1.co.il - 192.185.236.196
|     internet.co.il - 95.175.32.10
|     test2.co.il - 209.88.192.216
|     dns.co.il - 82.80.253.15
|     ns1.co.il - 178.32.55.171
|     intra.co.il - 62.219.78.158
|     intranet.co.il - 194.90.1.109
|     testing.co.il - 192.117.125.106
|     ns2.co.il - 92.222.209.88
|     upload.co.il - 192.185.139.151
|     download.co.il - 148.251.90.173
|     ntp.co.il - 107.154.156.178
|     ntp.co.il - 107.154.163.178
|     vnc.co.il - 194.90.1.109
|     ops.co.il - 108.167.143.8
|     voip.co.il - 212.179.240.8
|     erp.co.il - 69.163.219.179
|     owa.co.il - 212.29.214.195
|     pbx.co.il - 81.218.230.2
|     secure.co.il - 62.219.17.162
|     server.co.il - 148.251.90.173
|     shop.co.il - 188.166.109.104
|     sip.co.il - 213.8.172.5
|     sql.co.il - 192.254.237.210
|     linux.co.il - 81.218.80.235
|     squid.co.il - 23.99.97.249
|     local.co.il - 173.212.236.162
|     ssh.co.il - 81.218.229.185
|     log.co.il - 82.80.201.26
|     mail.co.il - 192.118.70.232
|     ssl.co.il - 82.80.253.21
|     stage.co.il - 52.58.94.54
|     manage.co.il - 192.117.172.13
|     mobile.co.il - 182.50.132.56
|     monitor.co.il - 194.90.1.109
|     mta.co.il - 212.199.167.22
|     adserver.co.il - 195.128.177.33
|     alpha.co.il - 34.248.159.186
|     alpha.co.il - 54.229.170.136
|     web.co.il - 192.115.21.75
|     app.co.il - 82.80.73.209
|     whois.co.il - 109.74.198.188
|     www2.co.il - 64.90.49.227
|     apps.co.il - 72.52.4.122
|     beta.co.il - 185.70.251.47
|     blog.co.il - 212.143.60.51
|     firewall.co.il - 62.219.67.17
|     forum.co.il - 62.219.11.147
|     ftp.co.il - 198.23.57.32
|     git.co.il - 81.218.229.200
|     help.co.il - 82.80.209.181
|     home.co.il - 104.31.84.173
|     home.co.il - 104.31.85.173
|     home.co.il - 2400:cb00:2048:1:0:0:681f:54ad
|     home.co.il - 2400:cb00:2048:1:0:0:681f:55ad
|     chat.co.il - 95.175.47.103
|     citrix.co.il - 165.160.13.20
|     citrix.co.il - 165.160.15.20
|     cms.co.il - 194.90.203.76
|     corp.co.il - 204.93.178.102
|     crs.co.il - 136.243.93.246
|     cvs.co.il - 194.90.8.80
|     demo.co.il - 212.235.14.43
|_    dev.co.il - 84.94.227.90

TRACEROUTE (using port 53/udp)
HOP RTT       ADDRESS
1   235.09 ms 10.13.0.1
2   247.85 ms 37.187.24.253
3   243.85 ms 10.50.225.61
4   251.37 ms 10.17.129.42
5   239.39 ms 10.73.0.50
6   ...
7   261.92 ms be100-1111.ldn-5-a9.uk.eu (213.251.128.65)
8   254.91 ms edge.lon-01012.net.il (195.66.225.114)
9   258.44 ms 195.66.226.60
10  267.99 ms EDGE-LON-MX-02-so-4-0-0-0.ip4.012.net.il (80.179.165.17)
11  286.81 ms 80.179.165.222.static.012.net.il (80.179.165.222)
12  284.27 ms rosh.spd.co.il (62.128.52.211)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 627.50 seconds
[91m + -- --=[Port 79 closed... skipping.[0m
[93m + -- --=[Port 80 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://askezra.co.il
Generic Detection results:
No WAF detected by the generic detection
Number of requests: 13

[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttp://askezra.co.il[0m [307 Temporary Redirect] [1m[37mCookies[0m[[37mSPDTC[0m], [1m[37mCountry[0m[[37mISRAEL[0m][[1m[31mIL[0m], [1m[37mHTTPServer[0m[[1m[36mnginx[0m], [1m[37mIP[0m[[37m62.128.52.211[0m], [1m[37mRedirectLocation[0m[[37mhttp://askezra.co.il/[0m], [1m[37mTitle[0m[[1m[33m307 Temporary Redirect[0m], [1m[37mUncommonHeaders[0m[[37mx-rocket-nginx-bypass[0m], [1m[37mnginx[0m

[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: askezra.co.il:80[0m
[92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
[92m+ -- --=[Site not vulnerable to Host Header Injection![0m
[91m+ -- --=[Site vulnerable to Cross-Frame Scripting![0m
[91m+ -- --=[Site vulnerable to Clickjacking![0m

[93mHTTP/1.1 405 Not Allowed
Server: nginx
Date: Sat, 16 Dec 2017 19:09:23 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx</center>
</body>
</html>
[0m
[93mHTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 16 Dec 2017 19:09:41 GMT
Content-Type: text/html
Content-Length: 180
Connection: keep-alive
Set-Cookie: SPDTC=f6b06a6df03894ef816b8933c97e95c9; path=/
P3P: CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"
Location: http://askezra.co.il/
X-Rocket-Nginx-Bypass: No

<html>
<head><title>307 Temporary Redirect</title></head>
<body bgcolor="white">
<center><h1>307 Temporary Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>
[0m


[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
[94m+ -- --=[Checking if X-Content options are enabled on askezra.co.il...[0m [93m

[94m+ -- --=[Checking if X-Frame options are enabled on askezra.co.il...[0m [93m

[94m+ -- --=[Checking if X-XSS-Protection header is enabled on askezra.co.il...[0m [93m

[94m+ -- --=[Checking HTTP methods on askezra.co.il...[0m [93m

[94m+ -- --=[Checking if TRACE method is enabled on askezra.co.il...[0m [93m

[94m+ -- --=[Checking for META tags on askezra.co.il...[0m [93m

[94m+ -- --=[Checking for open proxy on askezra.co.il...[0m [93m

[94m+ -- --=[Enumerating software on askezra.co.il...[0m [93m
Server: nginx

[94m+ -- --=[Checking if Strict-Transport-Security is enabled on askezra.co.il...[0m [93m

[94m+ -- --=[Checking for Flash cross-domain policy on askezra.co.il...[0m [93m
<html>
<head><title>307 Temporary Redirect</title></head>
<body bgcolor="white">
<center><h1>307 Temporary Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

[94m+ -- --=[Checking for Silverlight cross-domain policy on askezra.co.il...[0m [93m
<html>
<head><title>307 Temporary Redirect</title></head>
<body bgcolor="white">
<center><h1>307 Temporary Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on askezra.co.il...[0m [93m

[94m+ -- --=[Retrieving robots.txt on askezra.co.il...[0m [93m
User-agent: *
Allow: /


[94m+ -- --=[Retrieving sitemap.xml on askezra.co.il...[0m [93m
<html>
<head><title>307 Temporary Redirect</title></head>
<body bgcolor="white">
<center><h1>307 Temporary Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

[94m+ -- --=[Checking cookie attributes on askezra.co.il...[0m [93m
Set-Cookie: SPDTC=cc4a1ddde199e595e27b373799c52bb2; path=/

[94m+ -- --=[Checking for ASP.NET Detailed Errors on askezra.co.il...[0m [93m

[0m
[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          62.128.52.211
+ Target Hostname:    askezra.co.il
+ Target Port:        80
+ Start Time:         2017-12-16 14:12:58 (GMT-5)
---------------------------------------------------------------------------
+ Server: nginx
+ Cookie SPDTC created without the httponly flag
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'x-rocket-nginx-bypass' found, with contents: No
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Root page / redirects to: http://askezra.co.il/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x497f4219 0x18
+ "robots.txt" contains 1 entry which should be manually viewed.
+ OSVDB-3092: /license.txt: License file found may identify site software.
+ 7506 requests: 7 error(s) and 8 item(s) reported on remote host
+ End Time:           2017-12-16 14:48:22 (GMT-5) (2124 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/askezra.co.il-port80.jpg
[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m

[1;35m    _____ [1;37m .701F. .iBR.   .7CL. .70BR.   .7BR. .7BR'''Cq.   .70BR.      [0;31m.1BR'''Yp, .8BR'''Cq.
[1;35m   (_____)[1;37m   01     01N.    C     01       C     01   .01.    01        [1;31m  01    Yb   01   .01.
[1;35m   (() ())[1;37m   01     C YCb   C     01       C     01   ,C9     01        [0;31m  01    dP   01   ,C9
[1;35m    \   / [1;37m   01     C  .CN. C     01       C     0101dC9      01        [1;31m  01'''bg.   0101dC9
[1;35m     \ /  [1;37m   01     C   .01.C     01       C     01  YC.      01      , [0;31m  01    .Y   01  YC.
[1;35m     /=\  [1;37m   01     C     Y01     YC.     ,C     01   .Cb.    01     ,C [1;31m  01    ,9   01   .Cb.
[1;35m    [___] [1;37m .J01L. .JCL.    YC      .b0101d'.   .J01L. .J01. .J01010101C [0;31m.J0101Cd9  .J01L. .J01./ [1;37m2.1

[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.26-1 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
[1;37m------------------------------------------------------------------------------------------------------------------------[0m

[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [16-12-2017 14:49:43][0;37m
[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m

[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-askezra.co.il.txt  ][0m
[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:askezra.co.il ]
[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.com.pe ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.cc ID: 006748068166572874491:55ez0c3j3ey ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m

[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 0 ][0m
[1;37m[ INFO ][1;33m Not a satisfactory result was found![0m


[1;37m[ INFO ] [ Shutting down ][0m
[1;37m[ INFO ] [ End of process INURLBR at [16-12-2017 14:51:33][0m
[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-askezra.co.il.txt  ][0m
[1;37m|_________________________________________________________________________________________[0m

[1;37m\_________________________________________________________________________________________/[0m

[91m + -- --=[Port 110 closed... skipping.[0m
[91m + -- --=[Port 111 closed... skipping.[0m
[91m + -- --=[Port 135 closed... skipping.[0m
[91m + -- --=[Port 139 closed... skipping.[0m
[91m + -- --=[Port 161 closed... skipping.[0m
[91m + -- --=[Port 162 closed... skipping.[0m
[91m + -- --=[Port 389 closed... skipping.[0m
[93m + -- --=[Port 443 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://askezra.co.il

[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
   ____ _                 _ _____     _ _
  / ___| | ___  _   _  __| |  ___|_ _(_) |
 | |   | |/ _ \| | | |/ _` | |_ / _` | | |
 | |___| | (_) | |_| | (_| |  _| (_| | | |
  \____|_|\___/ \__,_|\__,_|_|  \__,_|_|_|
    v1.0.1                      by m0rtem


[14:51:44] Initializing CloudFail - the date is: 16/12/2017
[14:51:44] Fetching initial information from: askezra.co.il...
[14:51:52] Server IP: 62.128.52.211
[14:51:52] Testing if askezra.co.il is on the Cloudflare network...
[14:51:52] askezra.co.il is not part of the Cloudflare network, quitting...
[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttps://askezra.co.il[0m [307 Temporary Redirect] [1m[37mCookies[0m[[37mSPDTC[0m], [1m[37mCountry[0m[[37mISRAEL[0m][[1m[31mIL[0m], [1m[37mHTTPServer[0m[[1m[36mnginx[0m], [1m[37mIP[0m[[37m62.128.52.211[0m], [1m[37mRedirectLocation[0m[[37mhttps://askezra.co.il/[0m], [1m[37mTitle[0m[[1m[33m307 Temporary Redirect[0m], [1m[37mUncommonHeaders[0m[[37mx-rocket-nginx-bypass[0m], [1m[37mnginx[0m

[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m


 AVAILABLE PLUGINS
 -----------------

  PluginOpenSSLCipherSuites
  PluginCertInfo
  PluginCompression
  PluginChromeSha1Deprecation
  PluginHSTS
  PluginSessionResumption
  PluginSessionRenegotiation
  PluginHeartbleed


 CHECKING HOST(S) AVAILABILITY
 -----------------------------

   askezra.co.il:443                   => 62.128.52.211:443


 SCAN RESULTS FOR ASKEZRA.CO.IL:443 - 62.128.52.211:443
 ------------------------------------------------------

  * Deflate Compression:
      OK - Compression disabled

  * Session Renegotiation:
      Client-initiated Renegotiations:   OK - Rejected
      Secure Renegotiation:              OK - Supported

  * Certificate - Content:
      SHA1 Fingerprint:                  06e4539a1f048bb207d5538ea099e56d0044bb51
      Common Name:                       *.spd.co.il
      Issuer:                            RapidSSL SHA256 CA - G2
      Serial Number:                     2A0FF6BFE1C614B2F20E230E0A1803A9
      Not Before:                        Jul  4 00:00:00 2016 GMT
      Not After:                         Jul  4 23:59:59 2019 GMT
      Signature Algorithm:               sha256WithRSAEncryption
      Public Key Algorithm:              rsaEncryption
      Key Size:                          4096 bit
      Exponent:                          65537 (0x10001)
      X509v3 Subject Alternative Name:   {'DNS': ['*.spd.co.il', 'spd.co.il']}

  * Certificate - Trust:
      Hostname Validation:               FAILED - Certificate does NOT match askezra.co.il
      Microsoft CA Store (09/2015):      FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
      Google CA Store (09/2015):         ERROR: timeout - timed out
      Java 6 CA Store (Update 65):       ERROR: timeout - timed out
      Mozilla NSS CA Store (09/2015):    ERROR: timeout - timed out
      Apple CA Store (OS X 10.10.5):     ERROR: timeout - timed out
      Certificate Chain Received:        ['*.spd.co.il', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']

  * Certificate - OCSP Stapling:
      NOT SUPPORTED - Server did not send back an OCSP response.

  * Session Resumption:
      With Session IDs:                  PARTIALLY SUPPORTED (2 successful, 0 failed, 3 errors, 5 total attempts). Try --resum_rate.
        ERROR #1: timeout - timed out
        ERROR #2: timeout - timed out
        ERROR #3: timeout - timed out
      With TLS Session Tickets:          ERROR: timeout - timed out

  * SSLV3 Cipher Suites:
      Undefined - An unexpected error happened:
                 DHE-RSA-SEED-SHA                    timeout - timed out
                 DHE-DSS-SEED-SHA                    timeout - timed out

  * SSLV2 Cipher Suites:
      Server rejected all cipher suites.


 SCAN COMPLETED IN 44.17 S
 -------------------------
Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
Testing SSL server [32maskezra.co.il[0m on port [32m443[0m using SNI name [32maskezra.co.il[0m

  [1;34mTLS Fallback SCSV:[0m
Server [32msupports[0m TLS Fallback SCSV

  [1;34mTLS renegotiation:[0m
[32mSecure[0m session renegotiation supported

  [1;34mTLS Compression:[0m
Compression [32mdisabled[0m

  [1;34mHeartbleed:[0m
TLS 1.2 [32mnot vulnerable[0m to heartbleed
TLS 1.1 [32mnot vulnerable[0m to heartbleed
TLS 1.0 [32mnot vulnerable[0m to heartbleed

  [1;34mSupported Server Cipher(s):[0m
[32mPreferred[0m TLSv1.2  [32m128[0m bits  [32mECDHE-RSA-AES128-GCM-SHA256  [0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  [32mECDHE-RSA-AES256-GCM-SHA384  [0m Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  [32mDHE-RSA-AES128-GCM-SHA256    [0m DHE 2048 bits
Accepted  TLSv1.2  [32m256[0m bits  [32mDHE-RSA-AES256-GCM-SHA384    [0m DHE 2048 bits
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  DHE-RSA-AES128-SHA256         DHE 2048 bits
Accepted  TLSv1.2  [32m128[0m bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  TLSv1.2  [32m256[0m bits  DHE-RSA-AES256-SHA256         DHE 2048 bits
Accepted  TLSv1.2  [32m256[0m bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  TLSv1.2  [32m128[0m bits  AES128-GCM-SHA256
Accepted  TLSv1.2  [32m256[0m bits  AES256-GCM-SHA384
Accepted  TLSv1.2  [32m128[0m bits  AES128-SHA256
Accepted  TLSv1.2  [32m256[0m bits  AES256-SHA256
Accepted  TLSv1.2  [32m128[0m bits  AES128-SHA
Accepted  TLSv1.2  [32m256[0m bits  AES256-SHA
Accepted  TLSv1.2  [32m256[0m bits  ECDHE-RSA-CAMELLIA256-SHA384  Curve P-256 DHE 256
Accepted  TLSv1.2  [32m256[0m bits  DHE-RSA-CAMELLIA256-SHA256    DHE 2048 bits
Accepted  TLSv1.2  [32m128[0m bits  ECDHE-RSA-CAMELLIA128-SHA256  Curve P-256 DHE 256
Accepted  TLSv1.2  [32m128[0m bits  DHE-RSA-CAMELLIA128-SHA256    DHE 2048 bits
Accepted  TLSv1.2  [32m256[0m bits  DHE-RSA-CAMELLIA256-SHA       DHE 2048 bits
Accepted  TLSv1.2  [32m128[0m bits  DHE-RSA-CAMELLIA128-SHA       DHE 2048 bits
Accepted  TLSv1.2  [32m256[0m bits  CAMELLIA256-SHA256
Accepted  TLSv1.2  [32m128[0m bits  CAMELLIA128-SHA256
Accepted  TLSv1.2  [32m256[0m bits  CAMELLIA256-SHA
Accepted  TLSv1.2  [32m128[0m bits  CAMELLIA128-SHA
[32mPreferred[0m TLSv1.1  [32m128[0m bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  [32m256[0m bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  [32m128[0m bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  TLSv1.1  [32m256[0m bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  TLSv1.1  [32m128[0m bits  AES128-SHA
Accepted  TLSv1.1  [32m256[0m bits  AES256-SHA
Accepted  TLSv1.1  [32m256[0m bits  DHE-RSA-CAMELLIA256-SHA       DHE 2048 bits
Accepted  TLSv1.1  [32m128[0m bits  DHE-RSA-CAMELLIA128-SHA       DHE 2048 bits
Accepted  TLSv1.1  [32m256[0m bits  CAMELLIA256-SHA
Accepted  TLSv1.1  [32m128[0m bits  CAMELLIA128-SHA
[32mPreferred[0m [33mTLSv1.0[0m  [32m128[0m bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  AES128-SHA
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  AES256-SHA
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  DHE-RSA-CAMELLIA256-SHA       DHE 2048 bits
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  DHE-RSA-CAMELLIA128-SHA       DHE 2048 bits
Accepted  [33mTLSv1.0[0m  [32m256[0m bits  CAMELLIA256-SHA
Accepted  [33mTLSv1.0[0m  [32m128[0m bits  CAMELLIA128-SHA

  [1;34mSSL Certificate:[0m
Signature Algorithm: [32msha256WithRSAEncryption[0m
RSA Key Strength:    [32m4096[0m

Subject:  *.spd.co.il
Altnames: DNS:*.spd.co.il, DNS:spd.co.il
Issuer:   RapidSSL SHA256 CA - G2

Not valid before: [32mJul  4 00:00:00 2016 GMT[0m
Not valid after:  [32mJul  4 23:59:59 2019 GMT[0m
[1m
###########################################################
    testssl       2.9dev from [m[1mhttps://testssl.sh/dev/[m
[1m
      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
[1m
###########################################################[m

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


[7m Start 2017-12-16 14:54:38        -->> 62.128.52.211:443 (askezra.co.il) <<--[m

 rDNS (62.128.52.211):   rosh.spd.co.il.
 Service detected:       HTTP


[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m

[1m SSLv2      [m[1;32mnot offered (OK)[m
[1m SSLv3      [m[1;32mnot offered (OK)[m
[1m TLS 1      [moffered
[1m TLS 1.1    [moffered
[1m TLS 1.2    [m[1;32moffered (OK)[m
[1m TLS 1.3    [mnot offered
[1m SPDY/NPN   [mh2, http/1.1 (advertised)
[1m HTTP2/ALPN [mh2, http/1.1 (offered)

[1m[4m Testing ~standard cipher categories [m

[1m NULL ciphers (no encryption)                  [m[1;32mnot offered (OK)[m
[1m Anonymous NULL Ciphers (no authentication)    [m[1;32mnot offered (OK)[m
[1m Export ciphers (w/o ADH+NULL)                 [m[1;32mnot offered (OK)[m
[1m LOW: 64 Bit + DES encryption (w/o export)     [m[1;32mnot offered (OK)[m
[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    [m[0;32mnot offered (OK)[m
[1m Triple DES Ciphers (Medium)                   [mnot offered (OK)
[1m High encryption (AES+Camellia, no AEAD)       [m[0;32moffered (OK)[m
[1m Strong encryption (AEAD ciphers)              [m[1;32moffered (OK)[m


[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m

[0;32m PFS is offered (OK)[m          ECDHE-RSA-AES256-GCM-SHA384
                              ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
                              DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-CCM8
                              DHE-RSA-AES256-CCM DHE-RSA-AES256-SHA256
                              DHE-RSA-AES256-SHA ECDHE-RSA-CAMELLIA256-SHA384
                              DHE-RSA-CAMELLIA256-SHA256
                              DHE-RSA-CAMELLIA256-SHA
                              ECDHE-RSA-AES128-GCM-SHA256
                              ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
                              DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-CCM8
                              DHE-RSA-AES128-CCM DHE-RSA-AES128-SHA256
                              DHE-RSA-AES128-SHA ECDHE-RSA-CAMELLIA128-SHA256
                              DHE-RSA-CAMELLIA128-SHA256
                              DHE-RSA-CAMELLIA128-SHA
[1m Elliptic curves offered:     [m[0;32mprime256v1[m [0;32msecp384r1[m [0;32msecp521r1[m [0;32mX25519[m


[1m[4m Testing server preferences [m

[1m Has server cipher order?     [m[1;32myes (OK)[m
[1m Negotiated protocol          [m[1;32mTLSv1.2[m
[1m Negotiated cipher            [m[1;33mECDHE-RSA-AES128-GCM-SHA256[m, [0;32m256 bit ECDH (P-256)[m
[1m Cipher order[m
    TLSv1:     ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
               DHE-RSA-AES256-SHA AES128-SHA AES256-SHA DHE-RSA-CAMELLIA256-SHA
               DHE-RSA-CAMELLIA128-SHA CAMELLIA256-SHA CAMELLIA128-SHA
    TLSv1.1:   ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
               DHE-RSA-AES256-SHA AES128-SHA AES256-SHA DHE-RSA-CAMELLIA256-SHA
               DHE-RSA-CAMELLIA128-SHA CAMELLIA256-SHA CAMELLIA128-SHA
    TLSv1.2:   ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
               DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384
               ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
               ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
               DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA256
               DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES256-GCM-SHA384
               AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA
               DHE-RSA-AES256-CCM8 DHE-RSA-AES256-CCM DHE-RSA-AES128-CCM8
               DHE-RSA-AES128-CCM AES256-CCM8 AES256-CCM AES128-CCM8 AES128-CCM
               ECDHE-RSA-CAMELLIA256-SHA384 DHE-RSA-CAMELLIA256-SHA256
               ECDHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA256
               DHE-RSA-CAMELLIA256-SHA DHE-RSA-CAMELLIA128-SHA
               CAMELLIA256-SHA256 CAMELLIA128-SHA256 CAMELLIA256-SHA
               CAMELLIA128-SHA


[1m[4m Testing server defaults (Server Hello) [m

[1m TLS extensions (standard)    [m"renegotiation info/#65281" "server name/#0"
                              "EC point formats/#11" "session ticket/#35"
                              "next protocol/#13172" "encrypt-then-mac/#22"
                              "extended master secret/#23"
                              "application layer protocol negotiation/#16"
[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
[1m SSL Session ID support       [myes
[1m Session Resumption           [mTickets: yes, ID: yes
[1m TLS clock skew[m               Random values, no fingerprinting possible
[1m Signature Algorithm          [m[0;32mSHA256 with RSA[m
[1m Server key size              [mRSA [0;32m4096[m bits
[1m Fingerprint / Serial         [mSHA1 06E4539A1F048BB207D5538EA099E56D0044BB51 / 2A0FF6BFE1C614B2F20E230E0A1803A9
                              SHA256 8442AD6BDF1A497ACA110FBD39AA14B30A6A7772614DAB672421D2B2227B439A
[1m Common Name (CN)             [m[3m*.spd.co.il[m
[1m subjectAltName (SAN)         [m[3m*.spd.co.il spd.co.il [m
[1m Issuer                       [m[3mRapidSSL SHA256 CA - G2[m ([3mGeoTrust Inc.[m from [3mUS[m)
[1m Trust (hostname)             [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
[1m Chain of trust[m               [1;31mNOT ok[m (chain incomplete)
[1m EV cert[m (experimental)       no
[1m Certificate Expiration       [m[0;32m565 >= 60 days[m (2016-07-03 20:00 --> 2019-07-04 19:59 -0400)
[1m # of certificates provided[m   7
[1m Certificate Revocation List  [mhttp://gs.symcb.com/gs.crl
[1m OCSP URI                     [mhttp://gs.symcd.com
[1m OCSP stapling                [m[1;33mnot offered[m
[1m OCSP must staple             [mno
[1m DNS CAA RR[m (experimental)    [1;33mnot offered[m
[1m Certificate Transparency     [m[0;32myes[m (certificate extension)


[1m[4m Testing HTTP header response @ "/" [m

[1m HTTP Status Code           [m  307 Temporary Redirect, redirecting to "https://askezra.co.il/"
[1m HTTP clock skew              [m-1 sec from localtime
[1m Strict Transport Security    [m--
[1m Public Key Pinning           [m--
[1m Server banner                [mnginx
[1m Application banner           [m--
[1m Cookie(s)                    [m1 issued: [0;33mNOT[m secure, [0;33mNOT[m HttpOnly -- HTTP status 307 signals you maybe missed the web application
[1m Security headers             [m[0;33m--[m
[1m Reverse Proxy banner         [m--


[1m[4m Testing vulnerabilities [m

[1m Heartbleed[m (CVE-2014-0160)                [1;32mnot vulnerable (OK)[m, no heartbeat extension
[1m CCS[m (CVE-2014-0224)                       [1;32mnot vulnerable (OK)[m
[1m Ticketbleed[m (CVE-2016-9244), experiment.  [1;32mnot vulnerable (OK)[m
[1m ROBOT                                     [m[1;32mnot vulnerable (OK)[m
[1m Secure Renegotiation [m(CVE-2009-3555)      [1;32mnot vulnerable (OK)[m
[1m Secure Client-Initiated Renegotiation     [m[0;32mnot vulnerable (OK)[m
[1m CRIME, TLS [m(CVE-2012-4929)                [0;32mnot vulnerable (OK)[m
[1m BREACH[m (CVE-2013-3587)                    [1;32mno HTTP compression (OK) [m - only supplied "/" tested
[1m POODLE, SSL[m (CVE-2014-3566)               [1;32mnot vulnerable (OK)[m
[1m TLS_FALLBACK_SCSV[m (RFC 7507)              [0;32mDowngrade attack prevention supported (OK)[m
[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329)    [1;32mnot vulnerable (OK)[m
[1m FREAK[m (CVE-2015-0204)                     [1;32mnot vulnerable (OK)[m
[1m DROWN[m (CVE-2016-0800, CVE-2016-0703)      [1;32mnot vulnerable on this host and port (OK)[m
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=8442AD6BDF1A497ACA110FBD39AA14B30A6A7772614DAB672421D2B2227B439A could help you to find out
[1m LOGJAM[m (CVE-2015-4000), experimental      [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no common primes detected
[1m BEAST[m (CVE-2011-3389)                     TLS1: [1;33mECDHE-RSA-AES128-SHA
                                                 ECDHE-RSA-AES256-SHA
                                                 DHE-RSA-AES128-SHA
                                                 DHE-RSA-AES256-SHA AES128-SHA
                                                 AES256-SHA
                                                 DHE-RSA-CAMELLIA256-SHA
                                                 DHE-RSA-CAMELLIA128-SHA
                                                 CAMELLIA256-SHA
                                                 CAMELLIA128-SHA [m
                                           [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
[1m LUCKY13[m (CVE-2013-0169), experimental     potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
[1m RC4[m (CVE-2013-2566, CVE-2015-2808)        [0;32mno RC4 ciphers detected (OK)[m


[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH[0;32m 256[m   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 xc028   ECDHE-RSA-AES256-SHA384           ECDH[0;32m 256[m   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 xc014   ECDHE-RSA-AES256-SHA              ECDH[0;32m 256[m   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 x9f     DHE-RSA-AES256-GCM-SHA384         DH[0;32m 2048[m    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
 xc0a3   DHE-RSA-AES256-CCM8               DH[0;32m 2048[m    AESCCM8     256      TLS_DHE_RSA_WITH_AES_256_CCM_8
 xc09f   DHE-RSA-AES256-CCM                DH[0;32m 2048[m    AESCCM      256      TLS_DHE_RSA_WITH_AES_256_CCM
 x6b     DHE-RSA-AES256-SHA256             DH[0;32m 2048[m    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
 x39     DHE-RSA-AES256-SHA                DH[0;32m 2048[m    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
 xc077   ECDHE-RSA-CAMELLIA256-SHA384      ECDH[0;32m 256[m   Camellia    256      TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
 xc4     DHE-RSA-CAMELLIA256-SHA256        DH[0;32m 2048[m    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
 x88     DHE-RSA-CAMELLIA256-SHA           DH[0;32m 2048[m    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
 x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384
 xc0a1   AES256-CCM8                       RSA        AESCCM8     256      TLS_RSA_WITH_AES_256_CCM_8
 xc09d   AES256-CCM                        RSA        AESCCM      256      TLS_RSA_WITH_AES_256_CCM
 x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
 xc0     CAMELLIA256-SHA256                RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
 x84     CAMELLIA256-SHA                   RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH[0;32m 256[m   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 xc027   ECDHE-RSA-AES128-SHA256           ECDH[0;32m 256[m   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 xc013   ECDHE-RSA-AES128-SHA              ECDH[0;32m 256[m   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 x9e     DHE-RSA-AES128-GCM-SHA256         DH[0;32m 2048[m    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
 xc0a2   DHE-RSA-AES128-CCM8               DH[0;32m 2048[m    AESCCM8     128      TLS_DHE_RSA_WITH_AES_128_CCM_8
 xc09e   DHE-RSA-AES128-CCM                DH[0;32m 2048[m    AESCCM      128      TLS_DHE_RSA_WITH_AES_128_CCM
 xc0a0   AES128-CCM8                       RSA        AESCCM8     128      TLS_RSA_WITH_AES_128_CCM_8
 xc09c   AES128-CCM                        RSA        AESCCM      128      TLS_RSA_WITH_AES_128_CCM
 x67     DHE-RSA-AES128-SHA256             DH[0;32m 2048[m    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
 x33     DHE-RSA-AES128-SHA                DH[0;32m 2048[m    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 xc076   ECDHE-RSA-CAMELLIA128-SHA256      ECDH[0;32m 256[m   Camellia    128      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
 xbe     DHE-RSA-CAMELLIA128-SHA256        DH[0;32m 2048[m    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
 x45     DHE-RSA-CAMELLIA128-SHA           DH[0;32m 2048[m    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
 x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256
 x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA
 xba     CAMELLIA128-SHA256                RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
 x41     CAMELLIA128-SHA                   RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA


[1m[4m Running client simulations via sockets [m

 Android 2.3.7                TLSv1.0 DHE-RSA-AES128-SHA, [0;32m2048 bit DH[m
 Android 4.1.1                TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.3                  TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Android 7.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Chrome 51 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Chrome 57 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 Firefox 49 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Firefox 53 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m253 bit ECDH (X25519)[m
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 8 XP                      No connection
 IE 8 Win 7                   TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 IE 11 Win 7                  TLSv1.2 DHE-RSA-AES128-GCM-SHA256, [0;32m2048 bit DH[m
 IE 11 Win 8.1                TLSv1.2 DHE-RSA-AES128-GCM-SHA256, [0;32m2048 bit DH[m
 IE 11 Win Phone 8.1 Update   TLSv1.2 DHE-RSA-AES128-GCM-SHA256, [0;32m2048 bit DH[m
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
 Safari 5.1.9 OS X 10.6.8     TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
 Java 8u31                    TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m

[7m Done 2017-12-16 15:03:33 [ 547s] -->> 62.128.52.211:443 (askezra.co.il) <<--[m
#######################################################################################################################################
Nom de l'hôte 	ipanema.co.il 	  	FAI 	012 Smile Communications LTD. (AS9116)
Continent 	Asie 	  	Drapeau
IL
Pays 	Israël 	  	Code du pays 	IL (ISR)
Région 	06 	  	Heure locale 	16 Dec 2017 22:33 IST
Ville 	Bet Shemesh 	  	Latitude 	31.75
Adresse IP 	212.199.178.28 	  	Longitude 	34.989
#######################################################################################################################################
i] Scanning Site: https://ipanema.co.il


B A S I C   I N F O
====================


[+] Site Title: איפנימה אתר המותגים הברזילאיים
[+] IP address: 212.199.178.28
[+] Web Server: Apache/2
[+] CMS: WordPress
[+] Cloudflare: Not Detected
[+] Robots File: Found

-------------[ contents ]----------------
User-agent: Yandex

Disallow: /wp-admin

Disallow: /wp-includes

Disallow: /wp-login.php

Disallow: /wp-register.php

Disallow: /wp-content/themes

Disallow: /wp-content/plugins

Disallow: /wp-content/upgrade

Disallow: /wp-content/themes_backup

Disallow: /wp-comments

Disallow: /cgi-bin

Disallow: /testApp

Disallow: *?s=

Host: ipanema.co.il


User-agent: *

Disallow: /wp-admin

Disallow: /wp-includes

Disallow: /wp-login.php

Disallow: /wp-register.php

Disallow: /wp-content/themes

Disallow: /wp-content/plugins

Disallow: /wp-content/upgrade

Disallow: /wp-content/themes_backup

Disallow: /wp-comments

Disallow: /cgi-bin

Disallow: *?s=
-----------[end of contents]-------------


W H O I S   L O O K U P
========================


% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        ipanema.co.il

reg-name:     ipanema
domain:       ipanema.co.il

descr:        elbaz jonney
descr:        yehuda marguza 38
descr:        yaffo
descr:        74011
descr:        Israel
phone:        +972 3 6838019
e-mail:       ipanema AT bizinfo.co.il
admin-c:      LD-AS24500-IL
tech-c:       LD-AS24500-IL
zone-c:       LD-AS24500-IL
nserver:      park1.livedns.co.il
nserver:      park2.livedns.co.il
validity:     03-03-2019
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20080303 (Assigned)
changed:      domain-registrar AT isoc.org.il 20080518 (Changed)
changed:      domain-registrar AT isoc.org.il 20090311 (Changed)
changed:      domain-registrar AT isoc.org.il 20141215 (Changed)

person:       Asaf Shatzman
address:      hasita 7
address:      ofarim
address:      71948
address:      Israel
phone:        +972 54 6571571
e-mail:       asaf AT lantronics.co.il
nic-hdl:      LD-AS24500-IL
changed:      domain-registrar AT isoc.org.il 20120424
changed:      Managing Registrar 20130814

registrar name: LiveDns Ltd
registrar info: http://domains.livedns.co.il

% Rights to the data above are restricted by copyright.


G E O  I P  L O O K  U P
=========================

[i] IP Address: 212.199.178.28
[i] Country: IL
[i] State: Yerushalayim
[i] City: Bet Shemesh
[i] Latitude: 31.749599
[i] Longitude: 34.988800


H T T P   H E A D E R S
=======================


[i]  HTTP/1.1 200 OK
[i]  Date: Sat, 16 Dec 2017 20:43:05 GMT
[i]  Server: Apache/2
[i]  Vary: Accept-Encoding,User-Agent
[i]  Cache-Control: max-age=0
[i]  Expires: Sat, 16 Dec 2017 20:43:05 GMT
[i]  Connection: close
[i]  Content-Type: text/html; charset=UTF-8


D N S   L O O K U P
===================

ipanema.co.il.		14399	IN	SOA	park1.livedns.co.il. hostmaster.ipanema.co.il. 2014121503 3600 600 1209600 14400
ipanema.co.il.		14399	IN	NS	park2.livedns.co.il.
ipanema.co.il.		14399	IN	NS	park1.livedns.co.il.
ipanema.co.il.		1799	IN	A	212.199.178.28


S U B N E T   C A L C U L A T I O N
====================================

Address       = 212.199.178.28
Network       = 212.199.178.28 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 212.199.178.28 - 212.199.178.28 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2017-12-16 20:43 UTC
Nmap scan report for ipanema.co.il (212.199.178.28)
Host is up (0.16s latency).
rDNS record for 212.199.178.28: 212.199.178.28.static.012.net.il
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           Pure-FTPd
22/tcp   open     ssh           OpenSSH 6.6.1 (protocol 2.0)
23/tcp   filtered telnet
25/tcp   open     smtp          Exim smtpd 4.88
80/tcp   open     http?
110/tcp  open     pop3          Dovecot DirectAdmin pop3d
143/tcp  open     imap          Dovecot imapd
443/tcp  open     ssl/https?
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server

[!] IP Address : 212.199.178.28
[!] Server: Apache/2
[-] Clickjacking protection is not in place.
[!] CMS Detected : WordPress
[i] The remote host tried to redirect to: https://ipanema.co.il/
[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]N
[+] URL: http://ipanema.co.il/
[+] Started: Sat Dec 16 15:41:26 2017

[+] Interesting header: SERVER: Apache/2
[+] This site seems to be a multisite (http://codex.wordpress.org/Glossary#Multisite)
[+] XML-RPC Interface available under: http://ipanema.co.il/xmlrpc.php

[i] WordPress version can not be detected

[+] WordPress theme in use: theme477922

[+] Name: theme477922
 |  Location: http://ipanema.co.il/wp-content/themes/theme477922/
 |  Style URL: http://ipanema.co.il/wp-content/themes/theme477922/style.css
 |  Referenced style.css: https://ipanema.co.il/wp-content/themes/theme477922/style.css

[+] Enumerating plugins from passive detection ...
[+] No plugins found

[+] Finished: Sat Dec 16 15:44:37 2017
[+] Requests Done: 355
[+] Memory used: 14.008 MB
[+] Elapsed time: 00:03:11
[+] Honeypot Probabilty: 30%
----------------------------------------
PORT     STATE    SERVICE       VERSION
21/tcp   open     ftp           Pure-FTPd
22/tcp   open     ssh           OpenSSH 6.6.1 (protocol 2.0)
23/tcp   filtered telnet
25/tcp   open     smtp          Exim smtpd 4.88
80/tcp   open     http?
110/tcp  open     pop3          Dovecot DirectAdmin pop3d
143/tcp  open     imap          Dovecot imapd
443/tcp  open     ssl/https?
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server


[+] DNS Records
park1.livedns.co.il. (62.219.78.217) AS8551 Bezeq International Israel
park2.livedns.co.il. (185.60.169.2) AS201857 LiveDns Ltd Israel

[+] Host Records (A)
www.ipanema.co.ilHTTP: (212.199.178.28.static.012.net.il) (212.199.178.282) AS9116 012 Smile Communications LTD. Israel

[+] TXT Records

[+] DNS Map: https://dnsdumpster.com/static/map/ipanema.co.il.png

[>] Initiating 3 intel modules
[>] Loading Alpha module (1/3)
[>] Beta module deployed (2/3)
[>] Gamma module initiated (3/3)
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
212.199.178.28:www.ipanema.co.il
[+] Virtual hosts:
-----------------
[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
Server:		2001:568:ff09:10c::53
Address:	2001:568:ff09:10c::53#53

Non-authoritative answer:
Name:	ipanema.co.il
Address: 212.199.178.28

ipanema.co.il has address 212.199.178.28
[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is ipanema.co.il
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 212.199.178.28. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 212.199.178.28. Module test failed
[-] No distance calculation. 212.199.178.28 appears to be dead or no ports known
[+] Host: 212.199.178.28 is up (Guess probability: 50%)
[+] Target: 212.199.178.28 is alive. Round-Trip Time: 0.49556 sec
[+] Selected safe Round-Trip Time value is: 0.99112 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[+] Primary guess:
[+] Host 212.199.178.28 Running OS: ÑÍU (Guess probability: 100%)
[+] Other guesses:
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS: ÑÍU (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS: ÑÍU (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Host 212.199.178.28 Running OS:  (Guess probability: 100%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.
[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m

% The data in the WHOIS database of the .il registry is provided
% by ISOC-IL for information purposes, and to assist persons in
% obtaining information about or related to a domain name
% registration record. ISOC-IL does not guarantee its accuracy.
% By submitting a WHOIS query, you agree that you will use this
% Data only for lawful purposes and that, under no circumstances
% will you use this Data to: (1) allow, enable, or otherwise
% support the transmission of mass unsolicited, commercial
% advertising or solicitations via e-mail (spam);
% or  (2) enable high volume, automated, electronic processes that
% apply to ISOC-IL (or its systems).
% ISOC-IL reserves the right to modify these terms at any time.
% By submitting this query, you agree to abide by this policy.

query:        ipanema.co.il

reg-name:     ipanema
domain:       ipanema.co.il

descr:        elbaz jonney
descr:        yehuda marguza 38
descr:        yaffo
descr:        74011
descr:        Israel
phone:        +972 3 6838019
e-mail:       ipanema AT bizinfo.co.il
admin-c:      LD-AS24500-IL
tech-c:       LD-AS24500-IL
zone-c:       LD-AS24500-IL
nserver:      park1.livedns.co.il
nserver:      park2.livedns.co.il
validity:     03-03-2019
DNSSEC:       unsigned
status:       Transfer Locked
changed:      domain-registrar AT isoc.org.il 20080303 (Assigned)
changed:      domain-registrar AT isoc.org.il 20080518 (Changed)
changed:      domain-registrar AT isoc.org.il 20090311 (Changed)
changed:      domain-registrar AT isoc.org.il 20141215 (Changed)

person:       Asaf Shatzman
address:      hasita 7
address:      ofarim
address:      71948
address:      Israel
phone:        +972 54 6571571
e-mail:       asaf AT lantronics.co.il
nic-hdl:      LD-AS24500-IL
changed:      domain-registrar AT isoc.org.il 20120424
changed:      Managing Registrar 20130814

registrar name: LiveDns Ltd
registrar info: http://domains.livedns.co.il

% Rights to the data above are restricted by copyright.
[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


Full harvest..
[-] Searching in Google..
	Searching 0 results...
	Searching 100 results...
	Searching 200 results...
[-] Searching in PGP Key server..
[-] Searching in Bing..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
[-] Searching in Exalead..
	Searching 50 results...
	Searching 100 results...
	Searching 150 results...
	Searching 200 results...
	Searching 250 results...


[+] Emails found:
------------------
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
212.199.178.28:www.ipanema.co.il
[+] Virtual hosts:
==================
212.199.178.28	ipanema.co.il

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
******************************************************

[-] Starting online search...

[-] Searching for doc files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for pdf files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for xls files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for csv files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------


[-] Searching for txt files, with a limit of 200
	Searching 100 results...
	Searching 200 results...
Results: 0 files found
Starting to download 50 of them:
----------------------------------------

processing
user
email

[+] List of users found:
--------------------------

[+] List of software found:
-----------------------------

[+] List of paths and servers found:
---------------------------------------

[+] List of e-mails found:
----------------------------
[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m

; <<>> DiG 9.11.2-5-Debian <<>> -x ipanema.co.il
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5180
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;il.co.ipanema.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3600	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017102477 1800 900 604800 3600

;; Query time: 395 msec
;; SERVER: 2001:568:ff09:10c::53#53(2001:568:ff09:10c::53)
;; WHEN: Sat Dec 16 15:41:30 EST 2017
;; MSG SIZE  rcvd: 123

dnsenum VERSION:1.2.4
[1;34m
-----   ipanema.co.il   -----
[0m[1;31m

Host's addresses:
__________________

[0mipanema.co.il.                           1095     IN    A        212.199.178.28
[1;31m

Name Servers:
______________

[0mpark1.livedns.co.il.                     7390     IN    A        62.219.78.217
park2.livedns.co.il.                     7387     IN    A        185.60.169.2
[1;31m

Mail (MX) Servers:
___________________

[0m[1;31m

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

[0m
Trying Zone Transfer for ipanema.co.il on park1.livedns.co.il ...

Trying Zone Transfer for ipanema.co.il on park2.livedns.co.il ...

brute force file not specified, bay.
[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
[91m
                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m

                # Coded By Ahmed Aboul-Ela - @aboul3la

[94m[-] Enumerating subdomains now for ipanema.co.il[0m
[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
[92m[-] Searching now in Baidu..[0m
[92m[-] Searching now in Yahoo..[0m
[92m[-] Searching now in Google..[0m
[92m[-] Searching now in Bing..[0m
[92m[-] Searching now in Ask..[0m
[92m[-] Searching now in Netcraft..[0m
[92m[-] Searching now in DNSdumpster..[0m
[92m[-] Searching now in Virustotal..[0m
[92m[-] Searching now in ThreatCrowd..[0m
[92m[-] Searching now in SSL Certificates..[0m
[92m[-] Searching now in PassiveDNS..[0m
[91mSSL Certificates: [0mwww.ipanema.co.il
[91mVirustotal: [0mwww.ipanema.co.il
[91mDNSdumpster: [0mwww.ipanema.co.il
[93m[-] Saving results to file: [0m[91m/usr/share/sniper/loot/domains/domains-ipanema.co.il.txt[0m
[93m[-] Total Unique Subdomains Found: 1[0m
[92mwww.ipanema.co.il[0m

[91m ââââŠââââŠâââââŠ âŠ[0m
[91m â  â âŠâ â ââââ ââ£[0m
[91m ââââ©ââ â©oââââ© â©[0m
[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
[94m
www.ipanema.co.il
[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-ipanema.co.il-full.txt
[0m
[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m

[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
PING ipanema.co.il (212.199.178.28) 56(84) bytes of data.
64 bytes from 212.199.178.28.static.012.net.il (212.199.178.28): icmp_seq=1 ttl=50 time=202 ms

--- ipanema.co.il ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 202.644/202.644/202.644/0.000 ms

[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 15:43 EST
Nmap scan report for ipanema.co.il (212.199.178.28)
Host is up (0.29s latency).
rDNS record for 212.199.178.28: 212.199.178.28.static.012.net.il
Not shown: 462 filtered ports, 1 closed port
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
143/tcp  open  imap
443/tcp  open  https
993/tcp  open  imaps
995/tcp  open  pop3s
2222/tcp open  EtherNetIP-1

Nmap done: 1 IP address (1 host up) scanned in 35.92 seconds

[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
[93m + -- --=[Port 21 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 15:44 EST
Nmap scan report for ipanema.co.il (212.199.178.28)
Host is up (0.22s latency).
rDNS record for 212.199.178.28: 212.199.178.28.static.012.net.il
Skipping host ipanema.co.il (212.199.178.28) due to host timeout
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 921.80 seconds
[0m[36m[0m[1m[31m
                                   .,,.                  .
                                .\$$$$$L..,,==aaccaacc%#s$b.       [37md[32m8,    [37md8[32mP
                     [37md8[36mP        [31m#$$$$$$$$$$$$$$$$$$$$$$$$$$$b.    [37m`BP  d88[32m8888p
                  [37md[36m888888P      [31m'7$$$$\""""''^^`` .7$$$|D*"'```         [37m?[32m88'
  [37md8[36mbd8b.d8p [37md8[36m888b [37m?[36m88' [37md88[36m8b8b[31m            _.os#$|8*"`   [37md8[32mP       [37m?8[32mb  88P
  [37m8[36m8P`?P'?P [37md8[36mb_,dP 88P [37md8[36mP' ?88[31m       .oaS###S*"`       [37md8[32mP [37md88[32m88b $whi?[32m88b 88b
 [36md88  d8 ?8 88b     [37m8[36m8b 88b  ,88b [31m.osS$$$$*" [32m?88,.d88b, [37md[32m88 [37md[32m8P' ?88 88P `?8b
[36md88' d88b 8b`?8888P'`?8b`?88P'[31m.aS$$$$Q*"`    [32m`?88'  ?88 ?88 88b  d88 d88[31m
                          .a#$$$$$$"`          [32m88b  d8P  88b`?8888P'[31m
                       ,s$$$$$$$"`             [32m888888P'   88n[31m      _.,,,ass;:
                    .a$$$$$$$P`               [32md88P'[31m    .,.ass%#S$$$$$$$$$$$$$$'
                 .a$###$$$P`           _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$'
              ,a$$###$$P`  _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS'
           .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$'
[37m___________[0m_____________________________[1m[30m_______________________[31m   ,&$$$$$$'[30m_____[31m
                                                                 ll&&$$$$'
                                                              .;;lll&&&&'
                                                            ...;;lllll&'
                                                          ......;;;llll;;;....
                                                           ` ......;;;;... .  .
[0m

       =[ [33mmetasploit v4.16.22-dev[0m                         ]
+ -- --=[ 1707 exploits - 970 auxiliary - 299 post        ]
+ -- --=[ 503 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

[0m[0mRHOST => ipanema.co.il
[0mRHOSTS => ipanema.co.il
[0m[1m[31m[-][0m ipanema.co.il:21 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (ipanema.co.il:21).
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[0m[1m[33m[!][0m You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[1m[34m[*][0m Started reverse TCP double handler on 127.0.0.1:4444
[1m[31m[-][0m ipanema.co.il:21 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (ipanema.co.il:21).
[1m[34m[*][0m Exploit completed, but no session was created.
[0m[93m + -- --=[Port 22 opened... running tests...[0m
[exception] cannot connect to ipanema.co.il port 22: timed out

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 16:04 EST
Nmap scan report for ipanema.co.il (212.199.178.28)
Host is up.
rDNS record for 212.199.178.28: 212.199.178.28.static.012.net.il

PORT   STATE    SERVICE VERSION
22/tcp filtered ssh
Too many fingerprints match this host to give specific OS details

TRACEROUTE (using proto 1/icmp)
HOP RTT       ADDRESS
1   109.24 ms 10.13.0.1
2   112.54 ms 37.187.24.253
3   109.49 ms 10.50.225.60
4   109.70 ms 10.17.129.42
5   109.32 ms 10.73.0.54
6   ...
7   112.57 ms be100-1111.ldn-5-a9.uk.eu (213.251.128.65)
8   112.57 ms edge.lon-01012.net.il (195.66.225.114)
9   112.56 ms 80.179.165.54.static.012.net.il (80.179.165.54)
10  121.16 ms EDGE-FRA-01-ae3-121.ip4.012.net.il (80.179.165.65)
11  124.24 ms EDGE-FRA-02-ae0-0.ip4.012.net.il (80.179.166.82)
12  174.17 ms BRDR.MR-01-pos3-0.bb.012.net.il (80.179.166.26)
13  173.88 ms 82.102.132.85
14  174.62 ms 31.154.102.177
15  174.49 ms 31.154.102.180
16  ...
17  175.97 ms 84.95.248.2.forward.012.net.il (84.95.248.2)
18  175.24 ms 185.151.196.60
19  ... 30

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 30.68 seconds
[0m[36m[0m[1m[31m
                                   .,,.                  .
                                .\$$$$$L..,,==aaccaacc%#s$b.       [37md[32m8,    [37md8[32mP
                     [37md8[36mP        [31m#$$$$$$$$$$$$$$$$$$$$$$$$$$$b.    [37m`BP  d88[32m8888p
                  [37md[36m888888P      [31m'7$$$$\""""''^^`` .7$$$|D*"'```         [37m?[32m88'
  [37md8[36mbd8b.d8p [37md8[36m888b [37m?[36m88' [37md88[36m8b8b[31m            _.os#$|8*"`   [37md8[32mP       [37m?8[32mb  88P
  [37m8[36m8P`?P'?P [37md8[36mb_,dP 88P [37md8[36mP' ?88[31m       .oaS###S*"`       [37md8[32mP [37md88[32m88b $whi?[32m88b 88b
 [36md88  d8 ?8 88b     [37m8[36m8b 88b  ,88b [31m.osS$$$$*" [32m?88,.d88b, [37md[32m88 [37md[32m8P' ?88 88P `?8b
[36md88' d88b 8b`?8888P'`?8b`?88P'[31m.aS$$$$Q*"`    [32m`?88'  ?88 ?88 88b  d88 d88[31m
                          .a#$$$$$$"`          [32m88b  d8P  88b`?8888P'[31m
                       ,s$$$$$$$"`             [32m888888P'   88n[31m      _.,,,ass;:
                    .a$$$$$$$P`               [32md88P'[31m    .,.ass%#S$$$$$$$$$$$$$$'
                 .a$###$$$P`           _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$'
              ,a$$###$$P`  _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS'
           .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$'
[37m___________[0m_____________________________[1m[30m_______________________[31m   ,&$$$$$$'[30m_____[31m
                                                                 ll&&$$$$'
                                                              .;;lll&&&&'
                                                            ...;;lllll&'
                                                          ......;;;llll;;;....
                                                           ` ......;;;;... .  .
[0m

       =[ [33mmetasploit v4.16.22-dev[0m                         ]
+ -- --=[ 1707 exploits - 970 auxiliary - 299 post        ]
+ -- --=[ 503 payloads - 40 encoders - 10 nops            ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

[0m[0mUSER_FILE => /usr/share/brutex/wordlists/simple-users.txt
[0mRHOSTS => ipanema.co.il
[0m[1m[33m[!][0m RHOST is not a valid option for this module. Did you mean RHOSTS?
RHOST => ipanema.co.il
[0m[1m[34m[*][0m 212.199.178.28:22 - SSH - Checking for false positives
[1m[34m[*][0m 212.199.178.28:22 - SSH - Starting scan
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'admin' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'administrator' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'anonymous' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'backup' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'bee' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'ftp' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'guest' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'GUEST' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'info' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'mail' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'mailadmin' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'msfadmin' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'mysql' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'nobody' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'oracle' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'owaspbwa' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'postfix' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'postgres' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'private' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'proftpd' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'public' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'root' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'superadmin' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'support' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'sys' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'system' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'systemadmin' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'systemadministrator' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'test' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'tomcat' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'user' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'webmaster' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'www-data' on could not connect
[1m[31m[-][0m 212.199.178.28:22 - SSH - User 'Fortimanager_Access' on could not connect
[1m[34m[*][0m Scanned 1 of 1 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[0m[1m[31m[-][0m Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
[0m[0m[1m[34m[*][0m ipanema.co.il:22      - Scanned 1 of 1 hosts (100% complete)
[1m[34m[*][0m Auxiliary module execution completed
[0m[91m + -- --=[Port 23 closed... skipping.[0m
[91m + -- --=[Port 25 closed... skipping.[0m
[93m + -- --=[Port 53 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 16:27 EST
Nmap scan report for ipanema.co.il (212.199.178.28)
Host is up.
rDNS record for 212.199.178.28: 212.199.178.28.static.012.net.il
Skipping host ipanema.co.il (212.199.178.28) due to host timeout
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 926.89 seconds
[91m + -- --=[Port 79 closed... skipping.[0m
[93m + -- --=[Port 80 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://ipanema.co.il

[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttp://ipanema.co.il[0m [ Unassigned]

[94m	__  ______ _____ [0m
[94m	\ \/ / ___|_   _|[0m
[94m	 \  /\___ \ | |  [0m
[94m	 /  \ ___) || |  [0m
[94m	/_/\_|____/ |_|  [0m

[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
[94m+ -- --=[Target: ipanema.co.il:80[0m
[93m+ -- --=[Port is closed![0m

[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
[94m+ -- --=[Checking if X-Content options are enabled on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking if X-Frame options are enabled on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking if X-XSS-Protection header is enabled on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking HTTP methods on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking if TRACE method is enabled on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for META tags on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for open proxy on ipanema.co.il...[0m [93m

[94m+ -- --=[Enumerating software on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking if Strict-Transport-Security is enabled on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for Flash cross-domain policy on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for Silverlight cross-domain policy on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on ipanema.co.il...[0m [93m

[94m+ -- --=[Retrieving robots.txt on ipanema.co.il...[0m [93m

[94m+ -- --=[Retrieving sitemap.xml on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking cookie attributes on ipanema.co.il...[0m [93m

[94m+ -- --=[Checking for ASP.NET Detailed Errors on ipanema.co.il...[0m [93m

[0m
[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- Nikto v2.1.6
---------------------------------------------------------------------------
+ No web server found on ipanema.co.il:80
---------------------------------------------------------------------------
+ 0 host(s) tested
[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/ipanema.co.il-port80.jpg
[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m

[1;35m    _____ [1;37m .701F. .iBR.   .7CL. .70BR.   .7BR. .7BR'''Cq.   .70BR.      [0;31m.1BR'''Yp, .8BR'''Cq.
[1;35m   (_____)[1;37m   01     01N.    C     01       C     01   .01.    01        [1;31m  01    Yb   01   .01.
[1;35m   (() ())[1;37m   01     C YCb   C     01       C     01   ,C9     01        [0;31m  01    dP   01   ,C9
[1;35m    \   / [1;37m   01     C  .CN. C     01       C     0101dC9      01        [1;31m  01'''bg.   0101dC9
[1;35m     \ /  [1;37m   01     C   .01.C     01       C     01  YC.      01      , [0;31m  01    .Y   01  YC.
[1;35m     /=\  [1;37m   01     C     Y01     YC.     ,C     01   .Cb.    01     ,C [1;31m  01    ,9   01   .Cb.
[1;35m    [___] [1;37m .J01L. .JCL.    YC      .b0101d'.   .J01L. .J01. .J01010101C [0;31m.J0101Cd9  .J01L. .J01./ [1;37m2.1

[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.26-1 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 [02;31m][0m
[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
[1;37m------------------------------------------------------------------------------------------------------------------------[0m

[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [16-12-2017 17:28:59][0;37m
[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m

[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-ipanema.co.il.txt  ][0m
[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:ipanema.co.il ]
[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.gm ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.com.kw ID: 010479943387663786936:wjwf2xkhfmq ][0m

[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m

[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 0 ][0m
[1;37m[ INFO ][1;33m Not a satisfactory result was found![0m


[1;37m[ INFO ] [ Shutting down ][0m
[1;37m[ INFO ] [ End of process INURLBR at [16-12-2017 17:30:49][0m
[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-ipanema.co.il.txt  ][0m
[1;37m|_________________________________________________________________________________________[0m

[1;37m\_________________________________________________________________________________________/[0m

[93m + -- --=[Port 110 opened... running tests...[0m

Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-16 17:30 EST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 10.00 seconds
[91m + -- --=[Port 111 closed... skipping.[0m
[91m + -- --=[Port 135 closed... skipping.[0m
[91m + -- --=[Port 139 closed... skipping.[0m
[91m + -- --=[Port 161 closed... skipping.[0m
[91m + -- --=[Port 162 closed... skipping.[0m
[91m + -- --=[Port 389 closed... skipping.[0m
[93m + -- --=[Port 443 opened... running tests...[0m
[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://ipanema.co.il

[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
   ____ _                 _ _____     _ _
  / ___| | ___  _   _  __| |  ___|_ _(_) |
 | |   | |/ _ \| | | |/ _` | |_ / _` | | |
 | |___| | (_) | |_| | (_| |  _| (_| | | |
  \____|_|\___/ \__,_|\__,_|_|  \__,_|_|_|
    v1.0.1                      by m0rtem


[17:31:13] Initializing CloudFail - the date is: 16/12/2017
[17:31:13] Fetching initial information from: ipanema.co.il...
[17:31:21] Server IP: 212.199.178.28
[17:31:21] Testing if ipanema.co.il is on the Cloudflare network...
[17:31:21] ipanema.co.il is not part of the Cloudflare network, quitting...
[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
[1m[34mhttps://ipanema.co.il[0m [ Unassigned]

[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m


 AVAILABLE PLUGINS
 -----------------

  PluginOpenSSLCipherSuites
  PluginCertInfo
  PluginCompression
  PluginChromeSha1Deprecation
  PluginHSTS
  PluginSessionResumption
  PluginSessionRenegotiation
  PluginHeartbleed


 CHECKING HOST(S) AVAILABILITY
 -----------------------------

   ipanema.co.il                       => WARNING: Could not connect (timeout); discarding corresponding tasks.


 SCAN COMPLETED IN 13.04 S
 -------------------------
Version: [32m1.11.10-static[0m
OpenSSL 1.0.2-chacha (1.0.2g-dev)
[0m
[1m
###########################################################
    testssl       2.9dev from [m[1mhttps://testssl.sh/dev/[m
[1m
      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
[1m
###########################################################[m

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


[0;35mUnable to open a socket to 212.199.178.28:443. [m
#######################################################################################################################################