Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname www.almubarakradio.com ISP SoftLayer Technologies Inc.
- Continent Europe Flag
- BG
- Country Bulgaria Country Code BG
- Region Unknown Local time 28 Jan 2019 23:45 EET
- City Unknown Postal Code Unknown
- IP Address 77.104.129.22 Latitude 42.7
- Longitude 23.333
- =======================================================================================================================================
- #######################################################################################################################################
- > www.almubarakradio.com
- Server: 27.50.70.139
- Address: 27.50.70.139#53
- Non-authoritative answer:
- www.almubarakradio.com canonical name = almubarakradio.com.
- Name: almubarakradio.com
- Address: 77.104.129.22
- >
- #######################################################################################################################################
- HostIP:77.104.129.22
- HostName:www.almubarakradio.com
- Gathered Inet-whois information for 77.104.129.22
- --------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 77.104.129.0 - 77.104.129.255
- netname: UK-SITEGROUND
- descr: SiteGround Hosting Ltd.
- country: GB
- geoloc: 51.500083 -0.126181
- admin-c: MDM-SG
- admin-c: MDM-SG
- tech-c: MDM-SG
- status: ASSIGNED PA
- mnt-by: YANI-SG
- mnt-by: MDM-SG
- created: 2016-02-08T08:42:06Z
- last-modified: 2016-04-25T17:59:50Z
- source: RIPE
- mnt-domains: MDM-SG
- mnt-domains: YANI-SG
- person: Marian Marinov
- address: Racho Petkov Kazandjiata 8, Floor 3, SiteGround
- phone: +442071839093
- nic-hdl: MDM-SG
- mnt-by: MDM-SG
- created: 2014-04-29T15:50:14Z
- last-modified: 2017-10-30T22:34:57Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
- Gathered Inic-whois information for almubarakradio.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: ALMUBARAKRADIO.COM
- Registry Domain ID: 1809751023_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.123-reg.co.uk
- Registrar URL: http://www.meshdigital.com
- Updated Date: 2018-07-15T08:52:18Z
- Creation Date: 2013-06-20T18:20:20Z
- Registry Expiry Date: 2021-06-20T18:20:20Z
- Registrar: 123-Reg Limited
- Registrar IANA ID: 1515
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: NS1.UK11.SITEGROUND.EU
- Name Server: NS2.UK11.SITEGROUND.EU
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-01-28T22:26:17Z <<<
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Gathered Netcraft information for www.almubarakradio.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for www.almubarakradio.com
- Netcraft.com Information gathered
- Gathered Subdomain information for almubarakradio.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.almubarakradio.com
- HostIP:77.104.129.22
- Searching Altavista.com:80...
- Found 1 possible subdomain(s) for host almubarakradio.com, Searched 0 pages containing 0 results
- Gathered E-Mail information for almubarakradio.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host almubarakradio.com, Searched 0 pages containing 0 results
- Gathered TCP Port information for 77.104.129.22
- --------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 21/tcp open
- 53/tcp open
- 80/tcp open
- 110/tcp open
- 143/tcp open
- Portscan Finished: Scanned 150 ports, 3 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://www.almubarakradio.com
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title: Al Mubarak Radio
- [+] IP address: 77.104.129.22
- [+] Web Server: Could Not Detect
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-Agent: *
- Sitemap: http://www.almubarakradio.com/sitemap.xml
- -----------[end of contents]-------------
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: ALMUBARAKRADIO.COM
- Registry Domain ID: 1809751023_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.123-reg.co.uk
- Registrar URL: http://www.meshdigital.com
- Updated Date: 2018-07-15T08:52:18Z
- Creation Date: 2013-06-20T18:20:20Z
- Registry Expiry Date: 2021-06-20T18:20:20Z
- Registrar: 123-Reg Limited
- Registrar IANA ID: 1515
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: NS1.UK11.SITEGROUND.EU
- Name Server: NS2.UK11.SITEGROUND.EU
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-01-28T22:32:05Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 77.104.129.22
- [i] Country: Bulgaria
- [i] State:
- [i] City:
- [i] Latitude: 42.7
- [i] Longitude: 23.3333
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 28 Jan 2019 22:32:13 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] X-UA-Compatible: IE=edge
- [i] Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
- [i] Host-Header: 192fc2e7e50945beb8231a492d6a8024
- [i] X-Proxy-Cache: MISS
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- almubarakradio.com. 3599 IN MX 20 mx20.mailspamprotection.com.
- almubarakradio.com. 3599 IN MX 30 mx30.mailspamprotection.com.
- almubarakradio.com. 3599 IN MX 10 mx10.mailspamprotection.com.
- almubarakradio.com. 21599 IN SOA ns1.uk11.siteground.eu. dnsadmin.serv01.uk11.siteground.eu. 2016032110 86400 7200 3600000 86400
- almubarakradio.com. 21599 IN NS ns1.uk11.siteground.eu.
- almubarakradio.com. 21599 IN NS ns2.uk11.siteground.eu.
- almubarakradio.com. 14399 IN A 77.104.129.22
- S U B N E T C A L C U L A T I O N
- ======================================================================================================================================
- Address = 77.104.129.22
- Network = 77.104.129.22 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 77.104.129.22 - 77.104.129.22 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-28 22:32 UTC
- Nmap scan report for almubarakradio.com (77.104.129.22)
- Host is up (0.070s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.73 seconds
- #######################################################################################################################################
- [?] Enter the target: example( http://domain.com )
- http://www.almubarakradio.com/
- [!] IP Address : 77.104.129.22
- [!] www.almubarakradio.com doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ----------------------------------------
- [~] Trying to gather whois information for www.almubarakradio.com
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.almubarakradio.com
- ----------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.38 seconds
- ----------------------------------------
- [+] DNS Records
- ns2.uk11.siteground.eu. (77.104.128.186) AS36351 SoftLayer Technologies Inc. Bulgaria
- ns1.uk11.siteground.eu. (185.123.97.175) AS36351 SoftLayer Technologies Inc. United Kingdom
- [+] MX Records
- 30 (108.163.220.52) AS32475 SingleHop, Inc. United States
- [+] MX Records
- 20 (184.154.48.171) AS32475 SingleHop, Inc. United States
- [+] MX Records
- 10 (108.163.220.50) AS32475 SingleHop, Inc. United States
- [+] Host Records (A)
- www.almubarakradio.comHTTP: (ip-77-104-129-22.siteground.com) (77.104.129.22) AS36351 SoftLayer Technologies Inc. Bulgaria
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/almubarakradio.com.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ------------------
- pixel-1548714863800643-web-@www.almubarakradio.com
- pixel-1548714865926013-web-@www.almubarakradio.com
- No hosts found
- [+] Virtual hosts:
- -----------------
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> almubarakradio.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33379
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;almubarakradio.com. IN A
- ;; ANSWER SECTION:
- almubarakradio.com. 11367 IN A 77.104.129.22
- ;; Query time: 356 msec
- ;; SERVER: 27.50.70.139#53(27.50.70.139)
- ;; WHEN: lun jan 28 17:35:43 EST 2019
- ;; MSG SIZE rcvd: 63
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace almubarakradio.com
- ;; global options: +cmd
- . 83248 IN NS k.root-servers.net.
- . 83248 IN NS f.root-servers.net.
- . 83248 IN NS d.root-servers.net.
- . 83248 IN NS c.root-servers.net.
- . 83248 IN NS g.root-servers.net.
- . 83248 IN NS m.root-servers.net.
- . 83248 IN NS a.root-servers.net.
- . 83248 IN NS l.root-servers.net.
- . 83248 IN NS b.root-servers.net.
- . 83248 IN NS j.root-servers.net.
- . 83248 IN NS e.root-servers.net.
- . 83248 IN NS h.root-servers.net.
- . 83248 IN NS i.root-servers.net.
- . 83248 IN RRSIG NS 8 0 518400 20190210170000 20190128160000 16749 . rPW87X/BPhUNajKyFFMmUO1F+QPQdZepjd1yhk07EGwuWdTEoN+SiF69 zcXYALgQSD++biRYOXQ0jUMwQctbHtIuSGqtR5gu2zUTnC9IIicdBTQR vtZMOQi91U0R7w+ksCsDIgF7tdND00NHgw2PelfOAblwyHyoUPhTGLnh HpNOPtZt0gM404cX+O2SIvOLXEse73ZQUhXrjVwPhrELvZdK4989P7o9 7KDfv6Hi7DheU6e0PsG63it0K88SJ1A5r2glBTj+E+VlvERE/DyjslEt 9rVqZHDnmk9mnqzuVhmmgOR/v/xiV7iO5YG/v0Lpi785Bcr5hKrpo+Vo YfWsCg==
- ;; Received 525 bytes from 27.50.70.139#53(27.50.70.139) in 358 ms
- com. 172800 IN NS i.gtld-servers.net.
- com. 172800 IN NS b.gtld-servers.net.
- com. 172800 IN NS a.gtld-servers.net.
- com. 172800 IN NS m.gtld-servers.net.
- com. 172800 IN NS h.gtld-servers.net.
- com. 172800 IN NS e.gtld-servers.net.
- com. 172800 IN NS j.gtld-servers.net.
- com. 172800 IN NS c.gtld-servers.net.
- com. 172800 IN NS k.gtld-servers.net.
- com. 172800 IN NS l.gtld-servers.net.
- com. 172800 IN NS g.gtld-servers.net.
- com. 172800 IN NS d.gtld-servers.net.
- com. 172800 IN NS f.gtld-servers.net.
- com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
- com. 86400 IN RRSIG DS 8 1 86400 20190210170000 20190128160000 16749 . QyxwL6jsfdjoBiSUax7OuNY5i0GicMpZgPbqIi5KPQ7j1ggkqCUtJxkz JfRpq5DxRKqkpdpSODbYJpa4Y1K7XWDKrEzii/k71385lLNvRe5AJsxM Gevg7gv+cF7fba/YkxzPbJwn/9OvgAB+U8TvOWaM9LepFQMMFk2i4gtq fvwQnDW8jH+/PUtI4+SURJRtS0Tu/IaH6kc/IOwEJYJ4d2TLwoZPEdnH YbvF13oRaeyhihEYDvmI3LUw5TMNbDGCKBug0i+VmeC+vOPsg1YA0Pur rzRHf9mMHXWaqx6CltphJrpSuaRq1npVlcMJLmjUuYRrwXVM7kPSDB7T FXrY+Q==
- ;; Received 1206 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 78 ms
- almubarakradio.com. 172800 IN NS ns1.uk11.siteground.eu.
- almubarakradio.com. 172800 IN NS ns2.uk11.siteground.eu.
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190204054423 20190128043423 16883 com. a6+nG0HlYQFu/smtBipliyxAEgUrNXxqIn/9FuGfEPzfC+tJ41P3ne/0 fTDxnEo7AX9FZ9GYQwhf288SiBsQuemJJCqS8H9xOp6TCQa8+p9xsQY4 ZewJb9mJC2tDhke7IiQsCC4kBwVtNlzavKvVfu3MhvyeghPZEx9n+DoQ F50=
- 9JI8VPHJL0HBHM8SDI9HGDK4R42BQ9CG.com. 86400 IN NSEC3 1 1 0 - 9JI9A9TT7OLCE01KINAD7QRP490RRST9 NS DS RRSIG
- 9JI8VPHJL0HBHM8SDI9HGDK4R42BQ9CG.com. 86400 IN RRSIG NSEC3 8 2 86400 20190202053753 20190126042753 16883 com. gPO1iY9M5zXbNJu5LlqeA7qEwMAYaynQ5Ba+K/NDcqzY4a2D0TbEvggs wD8Er3fHlFhB6hkvoXi6q0QyAEiuz+DQ8mtIZrGQFJt3WpKhT4tKVVGV DZzK7XTYbtgFqO94rx4ekw1Ff//B7mKcsIYh53H3Jr2cJftQ2V/A3uWn hwE=
- ;; Received 586 bytes from 192.48.79.30#53(j.gtld-servers.net) in 502 ms
- almubarakradio.com. 14400 IN A 77.104.129.22
- almubarakradio.com. 86400 IN NS ns1.uk11.siteground.eu.
- almubarakradio.com. 86400 IN NS ns2.uk11.siteground.eu.
- ;; Received 149 bytes from 77.104.128.186#53(ns2.uk11.siteground.eu) in 455 ms
- #######################################################################################################################################
- Traceroute 'www.almubarakradio.com '
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-01-28T22:37:40+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 1.1 1.0 0.7 1.2 0.3
- 2.|-- 45.79.12.2 0.0% 3 0.5 0.6 0.5 0.7 0.1
- 3.|-- te1-5.bbr01.eq01.dal01.networklayer.com 0.0% 3 1.1 1.1 1.1 1.1 0.0
- 4.|-- ae5.cbs02.eq01.dal03.networklayer.com 33.3% 3 2.1 2.3 2.1 2.4 0.2
- 5.|-- ae8.cbs02.dr01.dal04.networklayer.com 0.0% 3 2.3 3.1 2.3 4.6 1.3
- 6.|-- ae2.cbs01.eq01.chi01.networklayer.com 66.7% 3 23.3 23.3 23.3 23.3 0.0
- 7.|-- ae0.cbs02.tl01.nyc01.networklayer.com 33.3% 3 43.4 43.4 43.3 43.4 0.0
- 8.|-- ae1.cbs01.tg01.lon01.networklayer.com 0.0% 3 113.2 112.6 112.0 113.2 0.6
- 9.|-- c1.13.2da9.ip4.static.sl-reverse.com 0.0% 3 112.0 112.0 111.7 112.1 0.2
- 10.|-- 7f.76.32a9.ip4.static.sl-reverse.com 0.0% 3 110.3 110.6 110.3 110.9 0.3
- 11.|-- bb.76.32a9.ip4.static.sl-reverse.com 0.0% 3 111.0 110.7 110.2 111.0 0.4
- 12.|-- ip-77-104-129-22.siteground.com 0.0% 3 112.7 112.4 112.2 112.7 0.3
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: almubarakradio.com
- [-] DNSSEC is not configured for almubarakradio.com
- [*] SOA ns1.uk11.siteground.eu 185.123.97.175
- [*] NS ns2.uk11.siteground.eu 77.104.128.186
- [*] Bind Version for 77.104.128.186 9.10.6
- [*] NS ns1.uk11.siteground.eu 185.123.97.175
- [*] Bind Version for 185.123.97.175 9.10.6
- [*] MX mx10.mailspamprotection.com 108.163.201.226
- [*] MX mx10.mailspamprotection.com 184.154.48.170
- [*] MX mx10.mailspamprotection.com 107.6.129.66
- [*] MX mx10.mailspamprotection.com 108.178.13.114
- [*] MX mx10.mailspamprotection.com 107.6.149.10
- [*] MX mx10.mailspamprotection.com 108.163.220.50
- [*] MX mx10.mailspamprotection.com 184.154.58.226
- [*] MX mx10.mailspamprotection.com 184.154.208.34
- [*] MX mx10.mailspamprotection.com 69.175.69.90
- [*] MX mx10.mailspamprotection.com 96.127.176.250
- [*] MX mx10.mailspamprotection.com 108.163.228.170
- [*] MX mx10.mailspamprotection.com 99.198.97.42
- [*] MX mx10.mailspamprotection.com 184.154.177.50
- [*] MX mx10.mailspamprotection.com 96.127.190.2
- [*] MX mx20.mailspamprotection.com 184.154.48.171
- [*] MX mx20.mailspamprotection.com 108.163.201.227
- [*] MX mx20.mailspamprotection.com 184.154.58.227
- [*] MX mx20.mailspamprotection.com 108.163.220.51
- [*] MX mx20.mailspamprotection.com 107.6.149.11
- [*] MX mx20.mailspamprotection.com 96.127.176.251
- [*] MX mx20.mailspamprotection.com 184.154.208.35
- [*] MX mx20.mailspamprotection.com 184.154.177.51
- [*] MX mx20.mailspamprotection.com 108.163.228.171
- [*] MX mx20.mailspamprotection.com 108.178.13.115
- [*] MX mx20.mailspamprotection.com 69.175.69.91
- [*] MX mx20.mailspamprotection.com 96.127.190.3
- [*] MX mx20.mailspamprotection.com 108.178.14.82
- [*] MX mx20.mailspamprotection.com 184.154.136.82
- [*] MX mx30.mailspamprotection.com 184.154.208.36
- [*] MX mx30.mailspamprotection.com 108.178.13.116
- [*] MX mx30.mailspamprotection.com 184.154.48.172
- [*] MX mx30.mailspamprotection.com 108.163.228.172
- [*] MX mx30.mailspamprotection.com 96.127.176.252
- [*] MX mx30.mailspamprotection.com 184.154.177.52
- [*] MX mx30.mailspamprotection.com 108.178.14.83
- [*] MX mx30.mailspamprotection.com 107.6.149.12
- [*] MX mx30.mailspamprotection.com 108.163.201.228
- [*] MX mx30.mailspamprotection.com 69.175.69.92
- [*] MX mx30.mailspamprotection.com 184.154.58.228
- [*] MX mx30.mailspamprotection.com 108.163.220.52
- [*] MX mx30.mailspamprotection.com 96.127.190.4
- [*] MX mx30.mailspamprotection.com 184.154.136.83
- [*] A almubarakradio.com 77.104.129.22
- [*] TXT _domainkey.almubarakradio.com v=DKIM1; o=~
- [*] Enumerating SRV Records
- [-] No SRV Records Found for almubarakradio.com
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain almubarakradio.com
- [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
- [+] Getting nameservers
- 77.104.128.186 - ns2.uk11.siteground.eu
- 185.123.97.175 - ns1.uk11.siteground.eu
- [-] Zone transfer failed
- [+] MX records found, added to target list
- 10 mx10.mailspamprotection.com.
- 20 mx20.mailspamprotection.com.
- 30 mx30.mailspamprotection.com.
- [*] Scanning almubarakradio.com for A records
- 77.104.129.22 - almubarakradio.com
- 77.104.129.22 - cpanel.almubarakradio.com
- 185.123.97.175 - ftp.almubarakradio.com
- 127.0.0.1 - localhost.almubarakradio.com
- 77.104.129.22 - mail.almubarakradio.com
- 77.104.129.22 - webdisk.almubarakradio.com
- 77.104.129.22 - webmail.almubarakradio.com
- 77.104.129.22 - whm.almubarakradio.com
- 77.104.129.22 - www.almubarakradio.com
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 185.123.97.175 200 host ftp.almubarakradio.com
- 127.0.0.1 host localhost.almubarakradio.com
- 77.104.129.22 301 alias mail.almubarakradio.com
- 77.104.129.22 301 host almubarakradio.com
- 77.104.129.22 200 host webmail.almubarakradio.com
- 77.104.129.22 200 alias www.almubarakradio.com
- 77.104.129.22 200 host almubarakradio.com
- #######################################################################################################################################
- [+] Testing domain
- www.almubarakradio.com 77.104.129.22
- [+] Dns resolving
- Domain name Ip address Name server
- almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
- Found 1 host(s) for almubarakradio.com
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on almubarakradio.com
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 304.62 seconds
- Subdomain Ip address Name server
- ftp.almubarakradio.com 185.123.97.175 ns1.uk11.siteground.eu
- localhost.almubarakradio.com 127.0.0.1 localhost
- mail.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
- webmail.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
- www.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
- #######################################################################################################################################
- =======================================================================================================================================
- | External hosts:
- | [+] External Host Found: https://www.youtube.com
- | [+] External Host Found: http://gmpg.org
- | [+] External Host Found: https://planet.wordpress.org
- | [+] External Host Found: https://codex.wordpress.org
- | [+] External Host Found: https://httpd.apache.org
- | [+] External Host Found: https://developer.wordpress.org
- | [+] External Host Found: https://www.mysql.com
- | [+] External Host Found: https://secure.php.net
- | [+] External Host Found: http://httpd.apache.org
- | [+] External Host Found: https://wordpress.org
- =======================================================================================================================================
- | E-mails:
- | [+] E-mail Found: kevinh@kevcom.com
- | [+] E-mail Found: nadeem@almubarakradio.com
- | [+] E-mail Found: m@tidakada.com
- | [+] E-mail Found: info@almubarakradio.com
- | [+] E-mail Found: humbedooh@apache.org
- | [+] E-mail Found: ninfo@almubarakradio.com
- | [+] E-mail Found: mike@hyperreal.org
- | [+] E-mail Found: login@example.com
- | [+] E-mail Found: updatehelp42@wordpress.org
- |======================================================================================================================================
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 77.104.129.22
- + Target Hostname: www.almubarakradio.com
- + Target Port: 80
- + Start Time: 2019-01-28 18:30:41 (GMT-5)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_REQ 0
- + Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
- + End Time: 2019-01-28 18:53:46 (GMT-5) (1385 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- www.almubarakradio.com -----
- Host's addresses:
- __________________
- almubarakradio.com. 11474 IN A 77.104.129.22
- Name Servers:
- ______________
- ns1.uk11.siteground.eu. 1673 IN A 185.123.97.175
- ns2.uk11.siteground.eu. 11157 IN A 77.104.128.186
- Mail (MX) Servers:
- ___________________
- mx10.mailspamprotection.com. 30 IN A 69.175.69.90
- mx10.mailspamprotection.com. 30 IN A 99.198.97.42
- mx10.mailspamprotection.com. 30 IN A 96.127.176.250
- mx10.mailspamprotection.com. 30 IN A 107.6.129.66
- mx10.mailspamprotection.com. 30 IN A 108.178.13.114
- mx10.mailspamprotection.com. 30 IN A 107.6.149.10
- mx10.mailspamprotection.com. 30 IN A 96.127.190.2
- mx10.mailspamprotection.com. 30 IN A 184.154.58.226
- mx10.mailspamprotection.com. 30 IN A 184.154.208.34
- mx10.mailspamprotection.com. 30 IN A 184.154.48.170
- mx10.mailspamprotection.com. 30 IN A 184.154.177.50
- mx10.mailspamprotection.com. 30 IN A 108.163.201.226
- mx10.mailspamprotection.com. 30 IN A 108.163.220.50
- mx10.mailspamprotection.com. 30 IN A 108.163.228.170
- mx30.mailspamprotection.com. 30 IN A 69.175.69.92
- mx30.mailspamprotection.com. 30 IN A 184.154.136.83
- mx30.mailspamprotection.com. 30 IN A 184.154.177.52
- mx30.mailspamprotection.com. 30 IN A 184.154.48.172
- mx30.mailspamprotection.com. 30 IN A 108.163.228.172
- mx30.mailspamprotection.com. 30 IN A 107.6.149.12
- mx30.mailspamprotection.com. 30 IN A 108.163.220.52
- mx30.mailspamprotection.com. 30 IN A 108.163.201.228
- mx30.mailspamprotection.com. 30 IN A 96.127.176.252
- mx30.mailspamprotection.com. 30 IN A 96.127.190.4
- mx30.mailspamprotection.com. 30 IN A 184.154.208.36
- mx30.mailspamprotection.com. 30 IN A 108.178.13.116
- mx30.mailspamprotection.com. 30 IN A 108.178.14.83
- mx30.mailspamprotection.com. 30 IN A 184.154.58.228
- mx20.mailspamprotection.com. 30 IN A 108.178.13.115
- mx20.mailspamprotection.com. 30 IN A 108.163.220.51
- mx20.mailspamprotection.com. 30 IN A 96.127.190.3
- mx20.mailspamprotection.com. 30 IN A 108.178.14.82
- mx20.mailspamprotection.com. 30 IN A 108.163.228.171
- mx20.mailspamprotection.com. 30 IN A 184.154.136.82
- mx20.mailspamprotection.com. 30 IN A 69.175.69.91
- mx20.mailspamprotection.com. 30 IN A 184.154.48.171
- mx20.mailspamprotection.com. 30 IN A 184.154.58.227
- mx20.mailspamprotection.com. 30 IN A 107.6.149.11
- mx20.mailspamprotection.com. 30 IN A 184.154.208.35
- mx20.mailspamprotection.com. 30 IN A 108.163.201.227
- mx20.mailspamprotection.com. 30 IN A 184.154.177.51
- mx20.mailspamprotection.com. 30 IN A 96.127.176.251
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for www.almubarakradio.com on ns1.uk11.siteground.eu ...
- Trying Zone Transfer for www.almubarakradio.com on ns2.uk11.siteground.eu ...
- brute force file not specified, bay.
- #######################################################################################################################################
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on www.almubarakradio.com
- dnsdb: Unexpected return status 503
- ipv4info: <nil>
- crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
- waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.almubarakradio.com/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.almubarakradio.com/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
- Starting Bruteforcing of www.almubarakradio.com with 9985 words
- Total 1 Unique subdomains found for www.almubarakradio.com
- .www.almubarakradio.com
- #######################################################################################################################################
- [+] www.almubarakradio.com has no SPF record!
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for www.almubarakradio.com!
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:40 EST
- Warning: 77.104.129.22 giving up on port because retransmission cap hit (2).
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.45s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- Not shown: 459 filtered ports, 4 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2525/tcp open ms-v-worlds
- 3306/tcp open mysql
- 5432/tcp open postgresql
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:41 EST
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.25s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:41 EST
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.38s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 2146 guesses in 190 seconds, average tps: 11.6
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (90%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (90%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 234.05 ms 10.245.200.1
- 2 234.12 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 234.11 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
- 4 235.27 ms 64.120.119.228
- 5 235.46 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 236.79 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 ...
- 8 272.66 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 266.44 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 298.86 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 299.31 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 454.12 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 429.60 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 452.00 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 460.89 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
- 16 463.32 ms 169.50.118.127
- 17 436.92 ms c1.76.32a9.ip4.static.sl-reverse.com (169.50.118.193)
- 18 439.55 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:47 EST
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.45s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND 9.10.6
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: 9.10.6
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running: Linux 2.6.X
- OS CPE: cpe:/o:linux:linux_kernel:2.6
- OS details: Linux 2.6.18 - 2.6.22
- Network Distance: 18 hops
- Host script results:
- | dns-blacklist:
- | SPAM
- |_ l2.apews.org - SPAM
- | dns-brute:
- | DNS Brute-force hostnames:
- | www.almubarakradio.com - 77.104.129.22
- | mail.almubarakradio.com - 77.104.129.22
- |_ ftp.almubarakradio.com - 185.123.97.175
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 237.24 ms 10.245.200.1
- 2 237.40 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
- 3 237.84 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 239.82 ms xe-4-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.228)
- 5 239.11 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
- 6 239.64 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 244.70 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 270.97 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 269.60 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 301.44 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 298.77 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 455.98 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 431.60 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 459.09 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 452.91 ms 169.45.19.205
- 16 456.72 ms 169.50.118.123
- 17 448.38 ms b9.76.32a9.ip4.static.sl-reverse.com (169.50.118.185)
- 18 434.84 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- http://www.almubarakradio.com [200 OK] Country[ROMANIA][RO], Frame, HTML5, HTTPServer[nginx], IP[77.104.129.22], JQuery[1.12.4,4.4.3], Lightbox, MetaGenerator[WordPress 5.0.3], Script[text/javascript], Title[Al Mubarak Radio], UncommonHeaders[link,host-header,x-proxy-cache], WordPress[5.0.3], X-UA-Compatible[IE=edge], YouTube, nginx
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://www.almubarakradio.com...
- _________________________________________ SITE INFO __________________________________________
- IP Title
- 77.104.129.22 Al Mubarak Radio
- __________________________________________ VERSION ___________________________________________
- Name Versions Type
- WordPress 5.0.3 CMS
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
- 2.4.9
- nginx Platform
- ________________________________________ INTERESTING _________________________________________
- URL Note Type
- /wp-login.php Wordpress login page Interesting
- /readme.html Readme file Interesting
- /login/ Login Page Interesting
- ___________________________________________ TOOLS ____________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ______________________________________________________________________________________________
- Time: 120.8 sec Urls: 451 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Server: nginx
- Date: Mon, 28 Jan 2019 23:52:16 GMT
- Content-Type: text/html; charset=UTF-8
- Connection: keep-alive
- X-UA-Compatible: IE=edge
- Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- HTTP/1.1 200 OK
- Server: nginx
- Date: Mon, 28 Jan 2019 23:52:18 GMT
- Content-Type: text/html; charset=UTF-8
- Connection: keep-alive
- X-UA-Compatible: IE=edge
- Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:52 EST
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.46s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 214 guesses in 194 seconds, average tps: 1.1
- |_pop3-capabilities: UIDL USER PIPELINING AUTH-RESP-CODE TOP CAPA SASL(PLAIN LOGIN) STLS RESP-CODES
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 110/tcp)
- HOP RTT ADDRESS
- 1 233.92 ms 10.245.200.1
- 2 233.97 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 234.45 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
- 4 235.24 ms 64.120.119.226
- 5 235.02 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
- 6 236.86 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 ...
- 8 266.95 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 266.92 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 298.44 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 321.54 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 460.24 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 436.29 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 461.22 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 458.44 ms cb.13.2da9.ip4.static.sl-reverse.com (169.45.19.203)
- 16 461.62 ms 169.50.118.117
- 17 442.74 ms bf.76.32a9.ip4.static.sl-reverse.com (169.50.118.191)
- 18 458.13 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- https://www.almubarakradio.com [200 OK] Country[ROMANIA][RO], Frame, HTML5, HTTPServer[nginx], IP[77.104.129.22], JQuery[1.12.4,4.4.3], Lightbox, MetaGenerator[WordPress 5.0.3], Script[text/javascript], Title[Al Mubarak Radio], UncommonHeaders[link,host-header,x-proxy-cache], WordPress[5.0.3], X-UA-Compatible[IE=edge], YouTube, nginx
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://www.almubarakradio.com...
- _________________________________________ SITE INFO __________________________________________
- IP Title
- 77.104.129.22 Al Mubarak Radio
- __________________________________________ VERSION ___________________________________________
- Name Versions Type
- WordPress 5.0.3 CMS
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
- 2.4.9
- nginx Platform
- ________________________________________ INTERESTING _________________________________________
- URL Note Type
- /wp-login.php Wordpress login page Interesting
- /readme.html Readme file Interesting
- /login/ Login Page Interesting
- ___________________________________________ TOOLS ____________________________________________
- Name Link Software
- wpscan https://github.com/wpscanteam/wpscan WordPress
- CMSmap https://github.com/Dionach/CMSmap WordPress
- ______________________________________________________________________________________________
- Time: 187.1 sec Urls: 451 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/2 200
- server: nginx
- date: Tue, 29 Jan 2019 00:02:01 GMT
- content-type: text/html; charset=UTF-8
- x-ua-compatible: IE=edge
- link: <https://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <https://www.almubarakradio.com/>; rel=shortlink
- host-header: 192fc2e7e50945beb8231a492d6a8024
- HTTP/2 200
- server: nginx
- date: Tue, 29 Jan 2019 00:02:04 GMT
- content-type: text/html; charset=UTF-8
- x-ua-compatible: IE=edge
- link: <https://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <https://www.almubarakradio.com/>; rel=shortlink
- host-header: 192fc2e7e50945beb8231a492d6a8024
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 77.104.129.22
- Testing SSL server www.almubarakradio.com on port 443 using SNI name www.almubarakradio.com
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Session renegotiation not supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: almubarakradio.com
- Altnames: DNS:almubarakradio.com, DNS:www.almubarakradio.com
- Issuer: Let's Encrypt Authority X3
- Not valid before: Jan 21 15:06:00 2019 GMT
- Not valid after: Apr 21 15:06:00 2019 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:04 EST
- Nmap scan report for www.almubarakradio.com (77.104.129.22)
- Host is up (0.45s latency).
- rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
- PORT STATE SERVICE VERSION
- 5432/tcp open postgresql PostgreSQL DB 8.4.20 - 8.4.22
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%), OpenWrt Chaos Calmer (Linux 3.18) (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 5432/tcp)
- HOP RTT ADDRESS
- 1 233.09 ms 10.245.200.1
- 2 233.30 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 233.28 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
- 4 234.28 ms 64.120.119.228
- 5 234.68 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 235.47 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 ...
- 8 266.34 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 265.38 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 297.82 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 300.85 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 455.45 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 439.07 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 456.83 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 454.64 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
- 16 456.10 ms 169.50.118.115
- 17 456.92 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 450.19 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- ######################################################################################################################################
- --------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | v0pCr3w | http://77.104.129.22:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:30 EST
- Warning: 77.104.129.22 giving up on port because retransmission cap hit (2).
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.44s latency).
- Not shown: 459 filtered ports, 4 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2525/tcp open ms-v-worlds
- 3306/tcp open mysql
- 5432/tcp open postgresql
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:31 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.26s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:31 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.38s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 2152 guesses in 185 seconds, average tps: 11.7
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 237.60 ms 10.245.200.1
- 2 237.64 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
- 3 238.17 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 239.13 ms te-0-2-0-20.504.br02.hkg-12.hk.leaseweb.net (64.120.119.230)
- 5 238.53 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 240.45 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 241.24 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 270.25 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 270.23 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 305.08 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 302.06 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 451.63 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 442.09 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 461.27 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 449.63 ms 169.45.19.205
- 16 461.08 ms 169.50.118.115
- 17 433.62 ms c1.76.32a9.ip4.static.sl-reverse.com (169.50.118.193)
- 18 449.52 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:37 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.37s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND 9.10.6
- |_dns-fuzz: Server didn't response to our probe, can't fuzz
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: 9.10.6
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- Host script results:
- | dns-blacklist:
- | SPAM
- |_ l2.apews.org - SPAM
- | dns-brute:
- | DNS Brute-force hostnames:
- | stats.siteground.com - 192.168.0.15
- | ns1.siteground.com - 181.224.128.30
- | apps.siteground.com - 172.217.13.110
- | apps.siteground.com - 2607:f8b0:4020:804:0:0:0:200e
- | download.siteground.com - 184.154.235.243
- | ns2.siteground.com - 181.224.128.31
- | blog.siteground.com - 184.154.235.13
- | www.siteground.com - 181.224.128.30
- | www.siteground.com - 181.224.128.31
- | forum.siteground.com - 184.154.235.107
- | cdn.siteground.com - 181.224.128.32
- | cdn.siteground.com - 181.224.128.33
- | chat.siteground.com - 216.104.36.122
- | dev.siteground.com - 184.154.235.240
- | internal.siteground.com - 184.154.235.10
- | mail.siteground.com - 198.143.151.98
- | mail2.siteground.com - 181.224.128.61
- |_ mail3.siteground.com - 69.175.85.2
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 234.75 ms 10.245.200.1
- 2 234.83 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 234.82 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
- 4 237.01 ms te-0-2-0-20.504.br02.hkg-12.hk.leaseweb.net (64.120.119.230)
- 5 237.05 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
- 6 240.38 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 237.47 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 270.61 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 268.04 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 300.12 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 299.43 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 455.05 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 440.04 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 458.62 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 443.83 ms 169.45.19.203
- 16 457.01 ms 169.50.118.127
- 17 451.88 ms b9.76.32a9.ip4.static.sl-reverse.com (169.50.118.185)
- 18 452.90 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:38 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.23s latency).
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 237.93 ms 10.245.200.1
- 2 237.95 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 238.56 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 239.17 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 238.99 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 240.44 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 241.23 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 274.08 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 270.56 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 302.79 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 298.18 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 453.00 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 436.20 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 454.57 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 451.61 ms 169.45.19.205
- 16 454.98 ms 169.50.118.127
- 17 454.01 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 459.56 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:40 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.24s latency).
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 234.06 ms 10.245.200.1
- 2 234.10 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 234.64 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 235.31 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 235.28 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 236.65 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 237.71 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 266.69 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 266.36 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 298.51 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 298.04 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 452.95 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 437.98 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 454.89 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 451.71 ms 169.45.19.205
- 16 457.10 ms 169.50.118.127
- 17 453.71 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 455.45 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:42 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.23s latency).
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 237.93 ms 10.245.200.1
- 2 238.13 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 238.57 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 239.14 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 238.97 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 240.37 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 241.20 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 270.92 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 270.21 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 304.74 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 299.65 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 455.86 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 438.22 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 457.43 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 453.99 ms 169.45.19.205
- 16 457.46 ms 169.50.118.127
- 17 455.87 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 455.69 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- http://77.104.129.22 [200 OK] Country[ROMANIA][RO], IP[77.104.129.22], Meta-Refresh-Redirect[/cgi-sys/defaultwebpage.cgi], UncommonHeaders[host-header,x-proxy-cache], cPanel
- http://77.104.129.22/cgi-sys/defaultwebpage.cgi [200 OK] Country[ROMANIA][RO], HTML5, IP[77.104.129.22], Title[SiteGround Web Hosting Server Default Page], UncommonHeaders[host-header,x-proxy-cache]
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://77.104.129.22...
- _________________________________________ SITE INFO _________________________________________
- IP Title
- 77.104.129.22
- __________________________________________ VERSION __________________________________________
- Name Versions Type
- Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
- 2.4.9
- nginx Platform
- ________________________________________ INTERESTING ________________________________________
- URL Note Type
- /install.php Installation file Interesting
- /robots.txt robots.txt index Interesting
- /test.php Test file Interesting
- _____________________________________________________________________________________________
- Time: 90.1 sec Urls: 808 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Server: nginx
- Date: Mon, 28 Jan 2019 23:46:35 GMT
- Content-Type: text/html
- Content-Length: 111
- Connection: keep-alive
- Last-Modified: Mon, 13 Nov 2017 15:37:17 GMT
- ETag: "6f-55ddf0b95a540"
- Accept-Ranges: bytes
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- HTTP/1.1 200 OK
- Server: nginx
- Date: Mon, 28 Jan 2019 23:46:35 GMT
- Content-Type: text/html
- Content-Length: 111
- Connection: keep-alive
- Last-Modified: Mon, 13 Nov 2017 15:37:17 GMT
- ETag: "6f-55ddf0b95a540"
- Accept-Ranges: bytes
- Host-Header: 192fc2e7e50945beb8231a492d6a8024
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:46 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 212 guesses in 190 seconds, average tps: 1.1
- |_pop3-capabilities: STLS TOP RESP-CODES UIDL SASL(PLAIN LOGIN) USER CAPA PIPELINING AUTH-RESP-CODE
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 233.79 ms 10.245.200.1
- 2 233.83 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
- 3 233.83 ms xe-2-0-3.br01.hkg-10.hk.leaseweb.net (43.249.36.8)
- 4 234.81 ms 64.120.119.230
- 5 234.38 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 236.00 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 ...
- 8 265.88 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 265.42 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 297.57 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 302.01 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 457.24 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 440.86 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 455.84 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 456.69 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
- 16 446.75 ms 169.50.118.115
- 17 448.32 ms b7.76.32a9.ip4.static.sl-reverse.com (169.50.118.183)
- 18 451.17 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:50 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.23s latency).
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 235.39 ms 10.245.200.1
- 2 235.43 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 236.07 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 236.76 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 236.44 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 238.78 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 236.53 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 268.55 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 267.83 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 299.84 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 297.32 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 452.49 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 435.48 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 454.07 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 450.67 ms 169.45.19.205
- 16 457.40 ms 169.50.118.127
- 17 458.37 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 455.57 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:52 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 161/tcp filtered snmp
- 161/udp open|filtered snmp
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 235.32 ms 10.245.200.1
- 2 235.36 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 236.10 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 236.13 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 236.13 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 237.49 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 238.65 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 268.00 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 267.41 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 299.64 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 298.10 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 453.63 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 436.64 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 456.26 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 452.05 ms 169.45.19.205
- 16 456.27 ms 169.50.118.127
- 17 453.71 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 452.36 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://77.104.129.22
- Generic Detection results:
- The site https://77.104.129.22 seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 12
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 77.104.129.22
- Testing SSL server 77.104.129.22 on port 443 using SNI name 77.104.129.22
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Session renegotiation not supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.sgcpanel.com
- Altnames: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- Issuer: AlphaSSL CA - SHA256 - G2
- Not valid before: Mar 12 07:55:09 2018 GMT
- Not valid after: May 9 08:29:28 2019 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:58 EST
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.45s latency).
- PORT STATE SERVICE VERSION
- 5432/tcp open postgresql PostgreSQL DB 8.4.20 - 8.4.22
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 5432/tcp)
- HOP RTT ADDRESS
- 1 235.23 ms 10.245.200.1
- 2 235.32 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 235.31 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
- 4 236.59 ms 64.120.119.226
- 5 236.56 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
- 6 238.10 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 ...
- 8 268.96 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 267.35 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 300.19 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 299.98 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 457.12 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 437.87 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 459.68 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 453.68 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
- 16 448.86 ms 169.50.118.123
- 17 456.01 ms b7.76.32a9.ip4.static.sl-reverse.com (169.50.118.183)
- 18 446.10 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- #######################################################################################################################################
- --------------------------------------------------------------------------------------------------------------------------------------
- <<<Yasuo discovered following vulnerable applications>>>
- --------------------------------------------------------------------------------------------------------------------------------------
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | App Name | URL to Application | Potential Exploit | Username | Password |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- | v0pCr3w | http://77.104.129.22:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
- +----------+---------------------------------+---------------------------------------+----------+----------+
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:05 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 19:05
- Completed NSE at 19:05, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 19:05
- Completed NSE at 19:05, 0.00s elapsed
- Initiating Ping Scan at 19:05
- Scanning 77.104.129.22 [4 ports]
- Completed Ping Scan at 19:05, 0.49s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 19:05
- Completed Parallel DNS resolution of 1 host. at 19:05, 0.02s elapsed
- Initiating Connect Scan at 19:05
- Scanning ip-77-104-129-22.siteground.com (77.104.129.22) [1000 ports]
- Discovered open port 993/tcp on 77.104.129.22
- Discovered open port 995/tcp on 77.104.129.22
- Discovered open port 443/tcp on 77.104.129.22
- Discovered open port 80/tcp on 77.104.129.22
- Discovered open port 143/tcp on 77.104.129.22
- Discovered open port 110/tcp on 77.104.129.22
- Discovered open port 53/tcp on 77.104.129.22
- Discovered open port 3306/tcp on 77.104.129.22
- Discovered open port 5432/tcp on 77.104.129.22
- Completed Connect Scan at 19:05, 18.20s elapsed (1000 total ports)
- Initiating Service scan at 19:05
- Scanning 9 services on ip-77-104-129-22.siteground.com (77.104.129.22)
- Completed Service scan at 19:05, 15.24s elapsed (9 services on 1 host)
- Initiating OS detection (try #1) against ip-77-104-129-22.siteground.com (77.104.129.22)
- Retrying OS detection (try #2) against ip-77-104-129-22.siteground.com (77.104.129.22)
- Initiating Traceroute at 19:06
- Completed Traceroute at 19:06, 1.25s elapsed
- Initiating Parallel DNS resolution of 18 hosts. at 19:06
- Completed Parallel DNS resolution of 18 hosts. at 19:06, 16.50s elapsed
- NSE: Script scanning 77.104.129.22.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 19:06
- Completed NSE at 19:06, 27.03s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 19:06
- Completed NSE at 19:06, 0.01s elapsed
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up, received syn-ack ttl 48 (0.41s latency).
- Scanned at 2019-01-28 19:05:25 EST for 88s
- Not shown: 986 filtered ports
- Reason: 986 no-responses
- PORT STATE SERVICE REASON VERSION
- 25/tcp closed smtp conn-refused
- 53/tcp open domain syn-ack ISC BIND 9.10.6
- | dns-nsid:
- |_ bind.version: 9.10.6
- 80/tcp open http syn-ack nginx
- |_http-server-header: nginx
- 110/tcp open pop3 syn-ack Dovecot pop3d
- |_pop3-capabilities: RESP-CODES USER PIPELINING CAPA STLS SASL(PLAIN LOGIN) UIDL AUTH-RESP-CODE TOP
- | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- | -----BEGIN CERTIFICATE-----
- | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
- | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
- | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
- | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
- | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
- | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
- | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
- | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
- | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
- | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
- | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
- | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
- | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
- | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
- | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
- | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
- | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
- | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
- | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
- | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
- | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
- | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
- | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
- | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
- | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
- | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
- | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
- | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
- | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
- | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
- | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
- | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
- | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
- | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
- | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
- | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-29T00:06:36+00:00; 0s from scanner time.
- 111/tcp closed rpcbind conn-refused
- 139/tcp closed netbios-ssn conn-refused
- 143/tcp open imap syn-ack Dovecot imapd
- |_imap-capabilities: AUTH=PLAIN post-login OK capabilities AUTH=LOGINA0001 more IMAP4rev1 ENABLE ID STARTTLS LOGIN-REFERRALS LITERAL+ listed SASL-IR NAMESPACE IDLE Pre-login have
- | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- | -----BEGIN CERTIFICATE-----
- | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
- | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
- | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
- | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
- | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
- | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
- | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
- | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
- | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
- | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
- | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
- | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
- | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
- | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
- | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
- | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
- | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
- | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
- | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
- | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
- | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
- | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
- | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
- | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
- | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
- | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
- | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
- | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
- | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
- | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
- | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
- | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
- | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
- | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
- | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
- | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-29T00:06:31+00:00; 0s from scanner time.
- 443/tcp open ssl/http syn-ack nginx
- |_http-server-header: nginx
- |_http-title: 400 The plain HTTP request was sent to HTTPS port
- | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- | -----BEGIN CERTIFICATE-----
- | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
- | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
- | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
- | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
- | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
- | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
- | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
- | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
- | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
- | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
- | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
- | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
- | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
- | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
- | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
- | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
- | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
- | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
- | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
- | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
- | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
- | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
- | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
- | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
- | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
- | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
- | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
- | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
- | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
- | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
- | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
- | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
- | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
- | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
- | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
- | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- | tls-alpn:
- | h2
- |_ http/1.1
- | tls-nextprotoneg:
- | h2
- |_ http/1.1
- 445/tcp closed microsoft-ds conn-refused
- 993/tcp open ssl/imap syn-ack Dovecot imapd
- | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- | -----BEGIN CERTIFICATE-----
- | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
- | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
- | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
- | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
- | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
- | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
- | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
- | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
- | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
- | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
- | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
- | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
- | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
- | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
- | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
- | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
- | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
- | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
- | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
- | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
- | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
- | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
- | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
- | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
- | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
- | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
- | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
- | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
- | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
- | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
- | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
- | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
- | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
- | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
- | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
- | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-29T00:06:27+00:00; 0s from scanner time.
- 995/tcp open ssl/pop3 syn-ack Dovecot pop3d
- | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
- | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2018-03-12T07:55:09
- | Not valid after: 2019-05-09T08:29:28
- | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
- | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
- | -----BEGIN CERTIFICATE-----
- | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
- | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
- | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
- | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
- | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
- | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
- | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
- | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
- | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
- | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
- | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
- | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
- | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
- | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
- | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
- | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
- | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
- | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
- | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
- | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
- | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
- | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
- | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
- | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
- | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
- | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
- | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
- | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
- | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
- | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
- | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
- | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
- | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
- | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
- | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
- | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-29T00:06:27+00:00; 0s from scanner time.
- 3306/tcp open mysql syn-ack MySQL (blocked - too many connection errors)
- 4001/tcp closed newoak conn-refused
- 5432/tcp open postgresql syn-ack PostgreSQL DB 8.4.20 - 8.4.22
- Device type: general purpose|WAP|storage-misc
- Running (JUST GUESSING): Linux 2.6.X|4.X|2.4.X|3.X (92%), HP embedded (85%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:3.18
- OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
- Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 4.9 (88%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (87%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (86%), OpenWrt White Russian 0.9 (Linux 2.4.30) (86%), HP P2000 G3 NAS device (85%), Linux 3.18 (85%), Linux 2.6.32 (85%)
- No exact OS matches for host (test conditions non-ideal).
- TCP/IP fingerprint:
- SCAN(V=7.70%E=4%D=1/28%OT=53%CT=25%CU=%PV=N%DS=18%DC=T%G=N%TM=5C4F991D%P=x86_64-pc-linux-gnu)
- SEQ(SP=100%GCD=1%ISR=10D%TI=Z%CI=Z%II=I%TS=U)
- OPS(O1=M4B3NNSNW8%O2=M4B3NNSNW8%O3=M4B3NW8%O4=M4B3NNSNW8%O5=M4B3NNSNW8%O6=M4B3NNS)
- WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)
- ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW8%CC=Y%Q=)
- T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
- T2(R=N)
- T3(R=N)
- T4(R=N)
- T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
- T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T7(R=N)
- U1(R=N)
- IE(R=Y%DFI=N%TG=40%CD=S)
- Network Distance: 18 hops
- TCP Sequence Prediction: Difficulty=257 (Good luck!)
- IP ID Sequence Generation: All zeros
- Host script results:
- |_clock-skew: mean: 0s, deviation: 0s, median: 0s
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 235.02 ms 10.245.200.1
- 2 235.05 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
- 3 235.06 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
- 4 236.36 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
- 5 236.36 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
- 6 237.25 ms 36351.hkg.equinix.com (119.27.63.40)
- 7 236.43 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
- 8 267.18 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
- 9 267.16 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
- 10 299.97 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
- 11 298.03 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
- 12 453.49 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
- 13 436.41 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
- 14 455.12 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
- 15 452.24 ms 169.45.19.205
- 16 455.91 ms 169.50.118.127
- 17 457.98 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
- 18 456.55 ms ip-77-104-129-22.siteground.com (77.104.129.22)
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 19:06
- Completed NSE at 19:06, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 19:06
- Completed NSE at 19:06, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 88.51 seconds
- Raw packets sent: 92 (7.124KB) | Rcvd: 2297 (2.017MB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:06 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 19:06
- Completed NSE at 19:06, 0.00s elapsed
- Initiating NSE at 19:06
- Completed NSE at 19:06, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 19:06
- Completed Parallel DNS resolution of 1 host. at 19:06, 0.03s elapsed
- Initiating UDP Scan at 19:06
- Scanning ip-77-104-129-22.siteground.com (77.104.129.22) [14 ports]
- Discovered open port 53/udp on 77.104.129.22
- Completed UDP Scan at 19:06, 3.26s elapsed (14 total ports)
- Initiating Service scan at 19:06
- Scanning 12 services on ip-77-104-129-22.siteground.com (77.104.129.22)
- Service scan Timing: About 16.67% done; ETC: 19:16 (0:08:10 remaining)
- Completed Service scan at 19:08, 102.58s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against ip-77-104-129-22.siteground.com (77.104.129.22)
- Retrying OS detection (try #2) against ip-77-104-129-22.siteground.com (77.104.129.22)
- Initiating Traceroute at 19:08
- Completed Traceroute at 19:08, 7.30s elapsed
- Initiating Parallel DNS resolution of 1 host. at 19:08
- Completed Parallel DNS resolution of 1 host. at 19:08, 0.02s elapsed
- NSE: Script scanning 77.104.129.22.
- Initiating NSE at 19:08
- Completed NSE at 19:09, 20.32s elapsed
- Initiating NSE at 19:09
- Completed NSE at 19:09, 2.20s elapsed
- Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
- Host is up (0.34s latency).
- PORT STATE SERVICE VERSION
- 53/udp open domain ISC BIND 9.10.6
- | dns-nsid:
- |_ bind.version: 9.10.6
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 233.82 ms 10.245.200.1
- 2 ... 3
- 4 232.65 ms 10.245.200.1
- 5 240.79 ms 10.245.200.1
- 6 240.78 ms 10.245.200.1
- 7 240.77 ms 10.245.200.1
- 8 240.76 ms 10.245.200.1
- 9 240.75 ms 10.245.200.1
- 10 240.75 ms 10.245.200.1
- 11 ... 18
- 19 233.79 ms 10.245.200.1
- 20 233.33 ms 10.245.200.1
- 21 ... 28
- 29 234.96 ms 10.245.200.1
- 30 231.46 ms 10.245.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 19:09
- Completed NSE at 19:09, 0.00s elapsed
- Initiating NSE at 19:09
- Completed NSE at 19:09, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 145.31 seconds
- Raw packets sent: 134 (11.618KB) | Rcvd: 4382 (2.493MB)
- #######################################################################################################################################
- [+] URL: http://www.almubarakradio.com/
- [+] Started: Mon Jan 28 17:02:51 2019
- Interesting Finding(s):
- [+] http://www.almubarakradio.com/
- | Interesting Entries:
- | - X-UA-Compatible: IE=edge
- | - Host-Header: 192fc2e7e50945beb8231a492d6a8024
- | - X-Proxy-Cache: MISS
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] http://www.almubarakradio.com/robots.txt
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] http://www.almubarakradio.com/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] http://www.almubarakradio.com/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] WordPress version 5.0.3 identified (Latest, released on 2019-01-09).
- | Detected By: Rss Generator (Passive Detection)
- | - http://www.almubarakradio.com/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
- | - http://www.almubarakradio.com/comments/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
- [+] WordPress theme in use: oceanwp
- | Location: http://www.almubarakradio.com/wp-content/themes/oceanwp/
- | Last Updated: 2019-01-14T00:00:00.000Z
- | Readme: http://www.almubarakradio.com/wp-content/themes/oceanwp/readme.txt
- | Changelog: http://www.almubarakradio.com/wp-content/themes/oceanwp/changelog.md
- | [!] The version is out of date, the latest version is 1.6.1
- | Style URL: http://www.almubarakradio.com/wp-content/themes/oceanwp/style.css
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 1.5.20 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - http://www.almubarakradio.com/wp-content/themes/oceanwp/style.css, Match: 'Version: 1.5.20'
- [+] Enumerating Vulnerable Plugins
- [+] Checking Plugin Versions
- [i] No plugins Found.
- [+] Enumerating Vulnerable Themes
- Checking Known Locations - Time: 00:01:48 <> (289 / 289) 100.00% Time: 00:01:48
- [+] Checking Theme Versions
- [i] No themes Found.
- [+] Enumerating Timthumbs
- Checking Known Locations - Time: 00:05:43 <> (1001 / 2573) 38.90% ETA: 00:09:0 Checking Known
- [i] No Timthumbs Found.
- [+] Enumerating Config Backups
- Checking Config Backups - Time: 00:00:05 <===> (21 / 21) 100.00% Time: 00:00:05
- [i] No Config Backups Found.
- [+] Enumerating DB Exports
- Checking DB Exports - Time: 00:00:14 <=======> (36 / 36) 100.00% Time: 00:00:14
- [i] Db Export(s) Identified:
- [+] http://www.almubarakradio.com/db.sql
- | Detected By: Direct Access (Aggressive Detection)
- [+] Enumerating Medias (Permalink setting must be set to "Plain" for those to be detected)
- Brute Forcing Attachment IDs - Time: 00:00:00 <> (0 / 100) 0.00% ETA: ??:??:? Brute Forcing
- [i] No Medias Found.
- [+] Enumerating Users
- Brute Forcing Author IDs - Time: 00:00:04 <==> (10 / 10) 100.00% Time: 00:00:04
- [i] User(s) Identified:
- [+] admin
- | Detected By: Wp Json Api (Aggressive Detection)
- | - http://www.almubarakradio.com/wp-json/wp/v2/users/
- | Confirmed By:
- | Oembed API - Author URL (Aggressive Detection)
- | - http://www.almubarakradio.com/wp-json/oembed/1.0/embed?url=http://www.almubarakradio.com/&format=json
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- | Login Error Messages (Aggressive Detection)
- [+] almub
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- | Confirmed By: Login Error Messages (Aggressive Detection)
- [+] Finished: Mon Jan 28 17:21:25 2019
- [+] Requests Done: 3071
- [+] Cached Requests: 7
- [+] Data Sent: 697.775 KB
- [+] Data Received: 101.623 MB
- [+] Memory used: 206.461 MB
- [+] Elapsed time: 00:18:33
- #######################################################################################################################################
- [-] Date & Time: 28/01/2019 17:02:47
- [I] Threads: 5
- [-] Target: http://www.almubarakradio.com (77.104.129.22)
- [M] Website Not in HTTPS: http://www.almubarakradio.com
- [L] X-Frame-Options: Not Enforced
- [I] Strict-Transport-Security: Not Enforced
- [I] X-Content-Security-Policy: Not Enforced
- [I] X-Content-Type-Options: Not Enforced
- [L] Robots.txt Found: http://www.almubarakradio.com/robots.txt
- [I] CMS Detection: WordPress
- [I] Wordpress Version: 5.0.3
- [I] Wordpress Theme: oceanwp
- [-] WordPress usernames identified:
- [M] admin
- [M] almub
- [M] XML-RPC services are enabled
- [I] Forgotten Password Allows Username Enumeration: http://www.almubarakradio.com/wp-login.php?action=lostpassword
- [I] Autocomplete Off Not Found: http://www.almubarakradio.com/wp-login.php
- [-] Default WordPress Files:
- [I] http://www.almubarakradio.com/license.txt
- [I] http://www.almubarakradio.com/readme.html
- [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/COPYING.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/LICENSE.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/README.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/readme.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentynineteen/readme.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/COPYING.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/LICENSE.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/README.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/readme.txt
- [I] http://www.almubarakradio.com/wp-content/themes/twentytwelve/readme.txt
- [I] http://www.almubarakradio.com/wp-includes/ID3/license.commercial.txt
- [I] http://www.almubarakradio.com/wp-includes/ID3/license.txt
- [I] http://www.almubarakradio.com/wp-includes/ID3/readme.txt
- [I] http://www.almubarakradio.com/wp-includes/images/crystal/license.txt
- [I] http://www.almubarakradio.com/wp-includes/js/plupload/license.txt
- [I] http://www.almubarakradio.com/wp-includes/js/swfupload/license.txt
- [I] http://www.almubarakradio.com/wp-includes/js/tinymce/license.txt
- [-] Searching Wordpress Plugins ...
- [I] Enigma2.php?boarddir=http:
- [I] admin_panel.php?wp_footnotes_current_settings[post_footnotes]=<
- /bin/sh: 1: lt: not found
- /bin/sh: 1: [&=/]: not found
- [I] admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=<
- /bin/sh: 1: lt: not found
- /bin/sh: 1: [&=/]: not found
- [I] adrotate
- [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
- [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
- [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
- [I] ads-box
- [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
- [I] compact-wp-audio-player v1.9.6
- [I] elementor v2.3.8
- [I] feed
- [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
- [I] firestats
- [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
- [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
- [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
- [I] media-element-html5-video-and-audio-player v4.2.8
- [I] ocean-extra v1.4.30
- [I] pay-with-tweet.php
- [M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
- [I] simple-ads-manager
- [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
- [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
- [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
- [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
- [I] wp-bannerize
- [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
- [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
- [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
- [I] Checking for Directory Listing Enabled ...
- [-] Date & Time: 28/01/2019 17:14:22
- [-] Completed in: 0:11:35
- #######################################################################################################################################
- Anonymous JTSEC #OpIsis Full Recon #6
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement