Anonymous JTSEC #OpIsis Full Recon #6

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.almubarakradio.com ISP SoftLayer Technologies Inc.
4. Continent Europe Flag
5. BG
6. Country Bulgaria Country Code BG
7. Region Unknown Local time 28 Jan 2019 23:45 EET
8. City Unknown Postal Code Unknown
9. IP Address 77.104.129.22 Latitude 42.7
10. Longitude 23.333
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > www.almubarakradio.com
14. Server: 27.50.70.139
15. Address: 27.50.70.139#53
16.  
17. Non-authoritative answer:
18. www.almubarakradio.com canonical name = almubarakradio.com.
19. Name: almubarakradio.com
20. Address: 77.104.129.22
21. >
22. #######################################################################################################################################
23.  
24. HostIP:77.104.129.22
25. HostName:www.almubarakradio.com
26.  
27. Gathered Inet-whois information for 77.104.129.22
28. --------------------------------------------------------------------------------------------------------------------------------------
29.  
30.  
31. inetnum: 77.104.129.0 - 77.104.129.255
32. netname: UK-SITEGROUND
33. descr: SiteGround Hosting Ltd.
34. country: GB
35. geoloc: 51.500083 -0.126181
36. admin-c: MDM-SG
37. admin-c: MDM-SG
38. tech-c: MDM-SG
39. status: ASSIGNED PA
40. mnt-by: YANI-SG
41. mnt-by: MDM-SG
42. created: 2016-02-08T08:42:06Z
43. last-modified: 2016-04-25T17:59:50Z
44. source: RIPE
45. mnt-domains: MDM-SG
46. mnt-domains: YANI-SG
47.  
48. person: Marian Marinov
49. address: Racho Petkov Kazandjiata 8, Floor 3, SiteGround
50. phone: +442071839093
51. nic-hdl: MDM-SG
52. mnt-by: MDM-SG
53. created: 2014-04-29T15:50:14Z
54. last-modified: 2017-10-30T22:34:57Z
55. source: RIPE # Filtered
56.  
57. % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
58.  
59.  
60.  
61. Gathered Inic-whois information for almubarakradio.com
62. ---------------------------------------------------------------------------------------------------------------------------------------
63. Domain Name: ALMUBARAKRADIO.COM
64. Registry Domain ID: 1809751023_DOMAIN_COM-VRSN
65. Registrar WHOIS Server: whois.123-reg.co.uk
66. Registrar URL: http://www.meshdigital.com
67. Updated Date: 2018-07-15T08:52:18Z
68. Creation Date: 2013-06-20T18:20:20Z
69. Registry Expiry Date: 2021-06-20T18:20:20Z
70. Registrar: 123-Reg Limited
71. Registrar IANA ID: 1515
72. Registrar Abuse Contact Email:
73. Registrar Abuse Contact Phone:
74. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
75. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
76. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
77. Name Server: NS1.UK11.SITEGROUND.EU
78. Name Server: NS2.UK11.SITEGROUND.EU
79. DNSSEC: unsigned
80. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
81. >>> Last update of whois database: 2019-01-28T22:26:17Z <<<
82.  
83.  
84. The Registry database contains ONLY .COM, .NET, .EDU domains and
85. Registrars.
86.  
87. Gathered Netcraft information for www.almubarakradio.com
88. ---------------------------------------------------------------------------------------------------------------------------------------
89.  
90. Retrieving Netcraft.com information for www.almubarakradio.com
91. Netcraft.com Information gathered
92.  
93. Gathered Subdomain information for almubarakradio.com
94. ---------------------------------------------------------------------------------------------------------------------------------------
95. Searching Google.com:80...
96. HostName:www.almubarakradio.com
97. HostIP:77.104.129.22
98. Searching Altavista.com:80...
99. Found 1 possible subdomain(s) for host almubarakradio.com, Searched 0 pages containing 0 results
100.  
101. Gathered E-Mail information for almubarakradio.com
102. ---------------------------------------------------------------------------------------------------------------------------------------
103. Searching Google.com:80...
104. Searching Altavista.com:80...
105. Found 0 E-Mail(s) for host almubarakradio.com, Searched 0 pages containing 0 results
106.  
107. Gathered TCP Port information for 77.104.129.22
108. --------------------------------------------------------------------------------------------------------------------------------------
109.  
110. Port State
111.  
112. 21/tcp open
113. 53/tcp open
114. 80/tcp open
115. 110/tcp open
116. 143/tcp open
117.  
118. Portscan Finished: Scanned 150 ports, 3 ports were in state closed
119. #######################################################################################################################################
120. [i] Scanning Site: http://www.almubarakradio.com
121.  
122.  
123.  
124. B A S I C I N F O
125. =======================================================================================================================================
126.  
127.  
128. [+] Site Title: Al Mubarak Radio
129. [+] IP address: 77.104.129.22
130. [+] Web Server: Could Not Detect
131. [+] CMS: WordPress
132. [+] Cloudflare: Not Detected
133. [+] Robots File: Found
134.  
135. -------------[ contents ]----------------
136.  
137. User-Agent: *
138. Sitemap: http://www.almubarakradio.com/sitemap.xml
139.  
140. -----------[end of contents]-------------
141.  
142.  
143.  
144. W H O I S L O O K U P
145. =======================================================================================================================================
146.  
147. Domain Name: ALMUBARAKRADIO.COM
148. Registry Domain ID: 1809751023_DOMAIN_COM-VRSN
149. Registrar WHOIS Server: whois.123-reg.co.uk
150. Registrar URL: http://www.meshdigital.com
151. Updated Date: 2018-07-15T08:52:18Z
152. Creation Date: 2013-06-20T18:20:20Z
153. Registry Expiry Date: 2021-06-20T18:20:20Z
154. Registrar: 123-Reg Limited
155. Registrar IANA ID: 1515
156. Registrar Abuse Contact Email:
157. Registrar Abuse Contact Phone:
158. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
159. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
160. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
161. Name Server: NS1.UK11.SITEGROUND.EU
162. Name Server: NS2.UK11.SITEGROUND.EU
163. DNSSEC: unsigned
164. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
165. >>> Last update of whois database: 2019-01-28T22:32:05Z <<<
166.  
167. For more information on Whois status codes, please visit https://icann.org/epp
168.  
169.  
170.  
171. The Registry database contains ONLY .COM, .NET, .EDU domains and
172. Registrars.
173.  
174.  
175.  
176.  
177. G E O I P L O O K U P
178. =======================================================================================================================================
179.  
180. [i] IP Address: 77.104.129.22
181. [i] Country: Bulgaria
182. [i] State:
183. [i] City:
184. [i] Latitude: 42.7
185. [i] Longitude: 23.3333
186.  
187.  
188.  
189.  
190. H T T P H E A D E R S
191. =======================================================================================================================================
192.  
193.  
194. [i] HTTP/1.1 200 OK
195. [i] Date: Mon, 28 Jan 2019 22:32:13 GMT
196. [i] Content-Type: text/html; charset=UTF-8
197. [i] X-UA-Compatible: IE=edge
198. [i] Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
199. [i] Host-Header: 192fc2e7e50945beb8231a492d6a8024
200. [i] X-Proxy-Cache: MISS
201. [i] Connection: close
202.  
203.  
204.  
205.  
206. D N S L O O K U P
207. =======================================================================================================================================
208.  
209. almubarakradio.com. 3599 IN MX 20 mx20.mailspamprotection.com.
210. almubarakradio.com. 3599 IN MX 30 mx30.mailspamprotection.com.
211. almubarakradio.com. 3599 IN MX 10 mx10.mailspamprotection.com.
212. almubarakradio.com. 21599 IN SOA ns1.uk11.siteground.eu. dnsadmin.serv01.uk11.siteground.eu. 2016032110 86400 7200 3600000 86400
213. almubarakradio.com. 21599 IN NS ns1.uk11.siteground.eu.
214. almubarakradio.com. 21599 IN NS ns2.uk11.siteground.eu.
215. almubarakradio.com. 14399 IN A 77.104.129.22
216.  
217.  
218.  
219.  
220. S U B N E T C A L C U L A T I O N
221. ======================================================================================================================================
222.  
223. Address = 77.104.129.22
224. Network = 77.104.129.22 / 32
225. Netmask = 255.255.255.255
226. Broadcast = not needed on Point-to-Point links
227. Wildcard Mask = 0.0.0.0
228. Hosts Bits = 0
229. Max. Hosts = 1 (2^0 - 0)
230. Host Range = { 77.104.129.22 - 77.104.129.22 }
231.  
232.  
233.  
234. N M A P P O R T S C A N
235. =======================================================================================================================================
236.  
237.  
238. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-28 22:32 UTC
239. Nmap scan report for almubarakradio.com (77.104.129.22)
240. Host is up (0.070s latency).
241. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
242. PORT STATE SERVICE
243. 21/tcp open ftp
244. 22/tcp filtered ssh
245. 23/tcp filtered telnet
246. 80/tcp open http
247. 110/tcp open pop3
248. 143/tcp open imap
249. 443/tcp open https
250. 3389/tcp filtered ms-wbt-server
251.  
252. Nmap done: 1 IP address (1 host up) scanned in 1.73 seconds
253. #######################################################################################################################################
254. [?] Enter the target: example( http://domain.com )
255. http://www.almubarakradio.com/
256. [!] IP Address : 77.104.129.22
257. [!] www.almubarakradio.com doesn't seem to use a CMS
258. [+] Honeypot Probabilty: 30%
259. ----------------------------------------
260. [~] Trying to gather whois information for www.almubarakradio.com
261. [+] Whois information found
262. [-] Unable to build response, visit https://who.is/whois/www.almubarakradio.com
263. ----------------------------------------
264. PORT STATE SERVICE
265. 21/tcp open ftp
266. 22/tcp filtered ssh
267. 23/tcp filtered telnet
268. 80/tcp open http
269. 110/tcp open pop3
270. 143/tcp open imap
271. 443/tcp open https
272. 3389/tcp filtered ms-wbt-server
273. Nmap done: 1 IP address (1 host up) scanned in 1.38 seconds
274. ----------------------------------------
275.  
276. [+] DNS Records
277. ns2.uk11.siteground.eu. (77.104.128.186) AS36351 SoftLayer Technologies Inc. Bulgaria
278. ns1.uk11.siteground.eu. (185.123.97.175) AS36351 SoftLayer Technologies Inc. United Kingdom
279.  
280. [+] MX Records
281. 30 (108.163.220.52) AS32475 SingleHop, Inc. United States
282.  
283. [+] MX Records
284. 20 (184.154.48.171) AS32475 SingleHop, Inc. United States
285.  
286. [+] MX Records
287. 10 (108.163.220.50) AS32475 SingleHop, Inc. United States
288.  
289. [+] Host Records (A)
290. www.almubarakradio.comHTTP: (ip-77-104-129-22.siteground.com) (77.104.129.22) AS36351 SoftLayer Technologies Inc. Bulgaria
291.  
292. [+] TXT Records
293.  
294. [+] DNS Map: https://dnsdumpster.com/static/map/almubarakradio.com.png
295.  
296. [>] Initiating 3 intel modules
297. [>] Loading Alpha module (1/3)
298. [>] Beta module deployed (2/3)
299. [>] Gamma module initiated (3/3)
300.  
301.  
302. [+] Emails found:
303. ------------------
304. pixel-1548714863800643-web-@www.almubarakradio.com
305. pixel-1548714865926013-web-@www.almubarakradio.com
306. No hosts found
307. [+] Virtual hosts:
308. -----------------
309. #######################################################################################################################################
310. ; <<>> DiG 9.11.5-P1-1-Debian <<>> almubarakradio.com
311. ;; global options: +cmd
312. ;; Got answer:
313. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33379
314. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
315.  
316. ;; OPT PSEUDOSECTION:
317. ; EDNS: version: 0, flags:; udp: 4096
318. ;; QUESTION SECTION:
319. ;almubarakradio.com. IN A
320.  
321. ;; ANSWER SECTION:
322. almubarakradio.com. 11367 IN A 77.104.129.22
323.  
324. ;; Query time: 356 msec
325. ;; SERVER: 27.50.70.139#53(27.50.70.139)
326. ;; WHEN: lun jan 28 17:35:43 EST 2019
327. ;; MSG SIZE rcvd: 63
328. #######################################################################################################################################
329. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace almubarakradio.com
330. ;; global options: +cmd
331. . 83248 IN NS k.root-servers.net.
332. . 83248 IN NS f.root-servers.net.
333. . 83248 IN NS d.root-servers.net.
334. . 83248 IN NS c.root-servers.net.
335. . 83248 IN NS g.root-servers.net.
336. . 83248 IN NS m.root-servers.net.
337. . 83248 IN NS a.root-servers.net.
338. . 83248 IN NS l.root-servers.net.
339. . 83248 IN NS b.root-servers.net.
340. . 83248 IN NS j.root-servers.net.
341. . 83248 IN NS e.root-servers.net.
342. . 83248 IN NS h.root-servers.net.
343. . 83248 IN NS i.root-servers.net.
344. . 83248 IN RRSIG NS 8 0 518400 20190210170000 20190128160000 16749 . rPW87X/BPhUNajKyFFMmUO1F+QPQdZepjd1yhk07EGwuWdTEoN+SiF69 zcXYALgQSD++biRYOXQ0jUMwQctbHtIuSGqtR5gu2zUTnC9IIicdBTQR vtZMOQi91U0R7w+ksCsDIgF7tdND00NHgw2PelfOAblwyHyoUPhTGLnh HpNOPtZt0gM404cX+O2SIvOLXEse73ZQUhXrjVwPhrELvZdK4989P7o9 7KDfv6Hi7DheU6e0PsG63it0K88SJ1A5r2glBTj+E+VlvERE/DyjslEt 9rVqZHDnmk9mnqzuVhmmgOR/v/xiV7iO5YG/v0Lpi785Bcr5hKrpo+Vo YfWsCg==
345. ;; Received 525 bytes from 27.50.70.139#53(27.50.70.139) in 358 ms
346.  
347. com. 172800 IN NS i.gtld-servers.net.
348. com. 172800 IN NS b.gtld-servers.net.
349. com. 172800 IN NS a.gtld-servers.net.
350. com. 172800 IN NS m.gtld-servers.net.
351. com. 172800 IN NS h.gtld-servers.net.
352. com. 172800 IN NS e.gtld-servers.net.
353. com. 172800 IN NS j.gtld-servers.net.
354. com. 172800 IN NS c.gtld-servers.net.
355. com. 172800 IN NS k.gtld-servers.net.
356. com. 172800 IN NS l.gtld-servers.net.
357. com. 172800 IN NS g.gtld-servers.net.
358. com. 172800 IN NS d.gtld-servers.net.
359. com. 172800 IN NS f.gtld-servers.net.
360. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
361. com. 86400 IN RRSIG DS 8 1 86400 20190210170000 20190128160000 16749 . QyxwL6jsfdjoBiSUax7OuNY5i0GicMpZgPbqIi5KPQ7j1ggkqCUtJxkz JfRpq5DxRKqkpdpSODbYJpa4Y1K7XWDKrEzii/k71385lLNvRe5AJsxM Gevg7gv+cF7fba/YkxzPbJwn/9OvgAB+U8TvOWaM9LepFQMMFk2i4gtq fvwQnDW8jH+/PUtI4+SURJRtS0Tu/IaH6kc/IOwEJYJ4d2TLwoZPEdnH YbvF13oRaeyhihEYDvmI3LUw5TMNbDGCKBug0i+VmeC+vOPsg1YA0Pur rzRHf9mMHXWaqx6CltphJrpSuaRq1npVlcMJLmjUuYRrwXVM7kPSDB7T FXrY+Q==
362. ;; Received 1206 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 78 ms
363.  
364. almubarakradio.com. 172800 IN NS ns1.uk11.siteground.eu.
365. almubarakradio.com. 172800 IN NS ns2.uk11.siteground.eu.
366. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
367. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190204054423 20190128043423 16883 com. a6+nG0HlYQFu/smtBipliyxAEgUrNXxqIn/9FuGfEPzfC+tJ41P3ne/0 fTDxnEo7AX9FZ9GYQwhf288SiBsQuemJJCqS8H9xOp6TCQa8+p9xsQY4 ZewJb9mJC2tDhke7IiQsCC4kBwVtNlzavKvVfu3MhvyeghPZEx9n+DoQ F50=
368. 9JI8VPHJL0HBHM8SDI9HGDK4R42BQ9CG.com. 86400 IN NSEC3 1 1 0 - 9JI9A9TT7OLCE01KINAD7QRP490RRST9 NS DS RRSIG
369. 9JI8VPHJL0HBHM8SDI9HGDK4R42BQ9CG.com. 86400 IN RRSIG NSEC3 8 2 86400 20190202053753 20190126042753 16883 com. gPO1iY9M5zXbNJu5LlqeA7qEwMAYaynQ5Ba+K/NDcqzY4a2D0TbEvggs wD8Er3fHlFhB6hkvoXi6q0QyAEiuz+DQ8mtIZrGQFJt3WpKhT4tKVVGV DZzK7XTYbtgFqO94rx4ekw1Ff//B7mKcsIYh53H3Jr2cJftQ2V/A3uWn hwE=
370. ;; Received 586 bytes from 192.48.79.30#53(j.gtld-servers.net) in 502 ms
371.  
372. almubarakradio.com. 14400 IN A 77.104.129.22
373. almubarakradio.com. 86400 IN NS ns1.uk11.siteground.eu.
374. almubarakradio.com. 86400 IN NS ns2.uk11.siteground.eu.
375. ;; Received 149 bytes from 77.104.128.186#53(ns2.uk11.siteground.eu) in 455 ms
376. #######################################################################################################################################
377. Traceroute 'www.almubarakradio.com '
378. ---------------------------------------------------------------------------------------------------------------------------------------
379.  
380. Start: 2019-01-28T22:37:40+0000
381. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
382. 1.|-- 45.79.12.202 0.0% 3 1.1 1.0 0.7 1.2 0.3
383. 2.|-- 45.79.12.2 0.0% 3 0.5 0.6 0.5 0.7 0.1
384. 3.|-- te1-5.bbr01.eq01.dal01.networklayer.com 0.0% 3 1.1 1.1 1.1 1.1 0.0
385. 4.|-- ae5.cbs02.eq01.dal03.networklayer.com 33.3% 3 2.1 2.3 2.1 2.4 0.2
386. 5.|-- ae8.cbs02.dr01.dal04.networklayer.com 0.0% 3 2.3 3.1 2.3 4.6 1.3
387. 6.|-- ae2.cbs01.eq01.chi01.networklayer.com 66.7% 3 23.3 23.3 23.3 23.3 0.0
388. 7.|-- ae0.cbs02.tl01.nyc01.networklayer.com 33.3% 3 43.4 43.4 43.3 43.4 0.0
389. 8.|-- ae1.cbs01.tg01.lon01.networklayer.com 0.0% 3 113.2 112.6 112.0 113.2 0.6
390. 9.|-- c1.13.2da9.ip4.static.sl-reverse.com 0.0% 3 112.0 112.0 111.7 112.1 0.2
391. 10.|-- 7f.76.32a9.ip4.static.sl-reverse.com 0.0% 3 110.3 110.6 110.3 110.9 0.3
392. 11.|-- bb.76.32a9.ip4.static.sl-reverse.com 0.0% 3 111.0 110.7 110.2 111.0 0.4
393. 12.|-- ip-77-104-129-22.siteground.com 0.0% 3 112.7 112.4 112.2 112.7 0.3
394. #######################################################################################################################################
395. [*] Performing General Enumeration of Domain: almubarakradio.com
396. [-] DNSSEC is not configured for almubarakradio.com
397. [*] SOA ns1.uk11.siteground.eu 185.123.97.175
398. [*] NS ns2.uk11.siteground.eu 77.104.128.186
399. [*] Bind Version for 77.104.128.186 9.10.6
400. [*] NS ns1.uk11.siteground.eu 185.123.97.175
401. [*] Bind Version for 185.123.97.175 9.10.6
402. [*] MX mx10.mailspamprotection.com 108.163.201.226
403. [*] MX mx10.mailspamprotection.com 184.154.48.170
404. [*] MX mx10.mailspamprotection.com 107.6.129.66
405. [*] MX mx10.mailspamprotection.com 108.178.13.114
406. [*] MX mx10.mailspamprotection.com 107.6.149.10
407. [*] MX mx10.mailspamprotection.com 108.163.220.50
408. [*] MX mx10.mailspamprotection.com 184.154.58.226
409. [*] MX mx10.mailspamprotection.com 184.154.208.34
410. [*] MX mx10.mailspamprotection.com 69.175.69.90
411. [*] MX mx10.mailspamprotection.com 96.127.176.250
412. [*] MX mx10.mailspamprotection.com 108.163.228.170
413. [*] MX mx10.mailspamprotection.com 99.198.97.42
414. [*] MX mx10.mailspamprotection.com 184.154.177.50
415. [*] MX mx10.mailspamprotection.com 96.127.190.2
416. [*] MX mx20.mailspamprotection.com 184.154.48.171
417. [*] MX mx20.mailspamprotection.com 108.163.201.227
418. [*] MX mx20.mailspamprotection.com 184.154.58.227
419. [*] MX mx20.mailspamprotection.com 108.163.220.51
420. [*] MX mx20.mailspamprotection.com 107.6.149.11
421. [*] MX mx20.mailspamprotection.com 96.127.176.251
422. [*] MX mx20.mailspamprotection.com 184.154.208.35
423. [*] MX mx20.mailspamprotection.com 184.154.177.51
424. [*] MX mx20.mailspamprotection.com 108.163.228.171
425. [*] MX mx20.mailspamprotection.com 108.178.13.115
426. [*] MX mx20.mailspamprotection.com 69.175.69.91
427. [*] MX mx20.mailspamprotection.com 96.127.190.3
428. [*] MX mx20.mailspamprotection.com 108.178.14.82
429. [*] MX mx20.mailspamprotection.com 184.154.136.82
430. [*] MX mx30.mailspamprotection.com 184.154.208.36
431. [*] MX mx30.mailspamprotection.com 108.178.13.116
432. [*] MX mx30.mailspamprotection.com 184.154.48.172
433. [*] MX mx30.mailspamprotection.com 108.163.228.172
434. [*] MX mx30.mailspamprotection.com 96.127.176.252
435. [*] MX mx30.mailspamprotection.com 184.154.177.52
436. [*] MX mx30.mailspamprotection.com 108.178.14.83
437. [*] MX mx30.mailspamprotection.com 107.6.149.12
438. [*] MX mx30.mailspamprotection.com 108.163.201.228
439. [*] MX mx30.mailspamprotection.com 69.175.69.92
440. [*] MX mx30.mailspamprotection.com 184.154.58.228
441. [*] MX mx30.mailspamprotection.com 108.163.220.52
442. [*] MX mx30.mailspamprotection.com 96.127.190.4
443. [*] MX mx30.mailspamprotection.com 184.154.136.83
444. [*] A almubarakradio.com 77.104.129.22
445. [*] TXT _domainkey.almubarakradio.com v=DKIM1; o=~
446. [*] Enumerating SRV Records
447. [-] No SRV Records Found for almubarakradio.com
448. [+] 0 Records Found
449. #######################################################################################################################################
450. [*] Processing domain almubarakradio.com
451. [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
452. [+] Getting nameservers
453. 77.104.128.186 - ns2.uk11.siteground.eu
454. 185.123.97.175 - ns1.uk11.siteground.eu
455. [-] Zone transfer failed
456.  
457. [+] MX records found, added to target list
458. 10 mx10.mailspamprotection.com.
459. 20 mx20.mailspamprotection.com.
460. 30 mx30.mailspamprotection.com.
461.  
462. [*] Scanning almubarakradio.com for A records
463. 77.104.129.22 - almubarakradio.com
464. 77.104.129.22 - cpanel.almubarakradio.com
465. 185.123.97.175 - ftp.almubarakradio.com
466. 127.0.0.1 - localhost.almubarakradio.com
467. 77.104.129.22 - mail.almubarakradio.com
468. 77.104.129.22 - webdisk.almubarakradio.com
469. 77.104.129.22 - webmail.almubarakradio.com
470. 77.104.129.22 - whm.almubarakradio.com
471. 77.104.129.22 - www.almubarakradio.com
472. #######################################################################################################################################
473. Ip Address Status Type Domain Name Server
474. ---------- ------ ---- ----------- ------
475. 185.123.97.175 200 host ftp.almubarakradio.com
476. 127.0.0.1 host localhost.almubarakradio.com
477. 77.104.129.22 301 alias mail.almubarakradio.com
478. 77.104.129.22 301 host almubarakradio.com
479. 77.104.129.22 200 host webmail.almubarakradio.com
480. 77.104.129.22 200 alias www.almubarakradio.com
481. 77.104.129.22 200 host almubarakradio.com
482. #######################################################################################################################################
483.  
484. [+] Testing domain
485. www.almubarakradio.com 77.104.129.22
486. [+] Dns resolving
487. Domain name Ip address Name server
488. almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
489. Found 1 host(s) for almubarakradio.com
490. [+] Testing wildcard
491. Ok, no wildcard found.
492.  
493. [+] Scanning for subdomain on almubarakradio.com
494. [!] Wordlist not specified. I scannig with my internal wordlist...
495. Estimated time about 304.62 seconds
496.  
497. Subdomain Ip address Name server
498.  
499. ftp.almubarakradio.com 185.123.97.175 ns1.uk11.siteground.eu
500. localhost.almubarakradio.com 127.0.0.1 localhost
501. mail.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
502. webmail.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
503. www.almubarakradio.com 77.104.129.22 ip-77-104-129-22.siteground.com
504. #######################################################################################################################################
505. =======================================================================================================================================
506. | External hosts:
507. | [+] External Host Found: https://www.youtube.com
508. | [+] External Host Found: http://gmpg.org
509. | [+] External Host Found: https://planet.wordpress.org
510. | [+] External Host Found: https://codex.wordpress.org
511. | [+] External Host Found: https://httpd.apache.org
512. | [+] External Host Found: https://developer.wordpress.org
513. | [+] External Host Found: https://www.mysql.com
514. | [+] External Host Found: https://secure.php.net
515. | [+] External Host Found: http://httpd.apache.org
516. | [+] External Host Found: https://wordpress.org
517. =======================================================================================================================================
518. | E-mails:
519. | [+] E-mail Found: kevinh@kevcom.com
520. | [+] E-mail Found: nadeem@almubarakradio.com
521. | [+] E-mail Found: m@tidakada.com
522. | [+] E-mail Found: info@almubarakradio.com
523. | [+] E-mail Found: humbedooh@apache.org
524. | [+] E-mail Found: ninfo@almubarakradio.com
525. | [+] E-mail Found: mike@hyperreal.org
526. | [+] E-mail Found: login@example.com
527. | [+] E-mail Found: updatehelp42@wordpress.org
528. |======================================================================================================================================
529. #######################################################################################################################################
530. ---------------------------------------------------------------------------------------------------------------------------------------
531. + Target IP: 77.104.129.22
532. + Target Hostname: www.almubarakradio.com
533. + Target Port: 80
534. + Start Time: 2019-01-28 18:30:41 (GMT-5)
535. ---------------------------------------------------------------------------------------------------------------------------------------
536. + Server: No banner retrieved
537. + The anti-clickjacking X-Frame-Options header is not present.
538. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
539. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
540. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_REQ 0
541. + Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
542. + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
543. + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
544. + End Time: 2019-01-28 18:53:46 (GMT-5) (1385 seconds)
545. ---------------------------------------------------------------------------------------------------------------------------------------
546. #######################################################################################################################################
547. dnsenum VERSION:1.2.4
548.  
549. ----- www.almubarakradio.com -----
550.  
551.  
552. Host's addresses:
553. __________________
554.  
555. almubarakradio.com. 11474 IN A 77.104.129.22
556.  
557.  
558. Name Servers:
559. ______________
560.  
561. ns1.uk11.siteground.eu. 1673 IN A 185.123.97.175
562. ns2.uk11.siteground.eu. 11157 IN A 77.104.128.186
563.  
564.  
565. Mail (MX) Servers:
566. ___________________
567.  
568. mx10.mailspamprotection.com. 30 IN A 69.175.69.90
569. mx10.mailspamprotection.com. 30 IN A 99.198.97.42
570. mx10.mailspamprotection.com. 30 IN A 96.127.176.250
571. mx10.mailspamprotection.com. 30 IN A 107.6.129.66
572. mx10.mailspamprotection.com. 30 IN A 108.178.13.114
573. mx10.mailspamprotection.com. 30 IN A 107.6.149.10
574. mx10.mailspamprotection.com. 30 IN A 96.127.190.2
575. mx10.mailspamprotection.com. 30 IN A 184.154.58.226
576. mx10.mailspamprotection.com. 30 IN A 184.154.208.34
577. mx10.mailspamprotection.com. 30 IN A 184.154.48.170
578. mx10.mailspamprotection.com. 30 IN A 184.154.177.50
579. mx10.mailspamprotection.com. 30 IN A 108.163.201.226
580. mx10.mailspamprotection.com. 30 IN A 108.163.220.50
581. mx10.mailspamprotection.com. 30 IN A 108.163.228.170
582. mx30.mailspamprotection.com. 30 IN A 69.175.69.92
583. mx30.mailspamprotection.com. 30 IN A 184.154.136.83
584. mx30.mailspamprotection.com. 30 IN A 184.154.177.52
585. mx30.mailspamprotection.com. 30 IN A 184.154.48.172
586. mx30.mailspamprotection.com. 30 IN A 108.163.228.172
587. mx30.mailspamprotection.com. 30 IN A 107.6.149.12
588. mx30.mailspamprotection.com. 30 IN A 108.163.220.52
589. mx30.mailspamprotection.com. 30 IN A 108.163.201.228
590. mx30.mailspamprotection.com. 30 IN A 96.127.176.252
591. mx30.mailspamprotection.com. 30 IN A 96.127.190.4
592. mx30.mailspamprotection.com. 30 IN A 184.154.208.36
593. mx30.mailspamprotection.com. 30 IN A 108.178.13.116
594. mx30.mailspamprotection.com. 30 IN A 108.178.14.83
595. mx30.mailspamprotection.com. 30 IN A 184.154.58.228
596. mx20.mailspamprotection.com. 30 IN A 108.178.13.115
597. mx20.mailspamprotection.com. 30 IN A 108.163.220.51
598. mx20.mailspamprotection.com. 30 IN A 96.127.190.3
599. mx20.mailspamprotection.com. 30 IN A 108.178.14.82
600. mx20.mailspamprotection.com. 30 IN A 108.163.228.171
601. mx20.mailspamprotection.com. 30 IN A 184.154.136.82
602. mx20.mailspamprotection.com. 30 IN A 69.175.69.91
603. mx20.mailspamprotection.com. 30 IN A 184.154.48.171
604. mx20.mailspamprotection.com. 30 IN A 184.154.58.227
605. mx20.mailspamprotection.com. 30 IN A 107.6.149.11
606. mx20.mailspamprotection.com. 30 IN A 184.154.208.35
607. mx20.mailspamprotection.com. 30 IN A 108.163.201.227
608. mx20.mailspamprotection.com. 30 IN A 184.154.177.51
609. mx20.mailspamprotection.com. 30 IN A 96.127.176.251
610.  
611.  
612. Trying Zone Transfers and getting Bind Versions:
613. _________________________________________________
614.  
615.  
616. Trying Zone Transfer for www.almubarakradio.com on ns1.uk11.siteground.eu ...
617.  
618. Trying Zone Transfer for www.almubarakradio.com on ns2.uk11.siteground.eu ...
619.  
620. brute force file not specified, bay.
621. #######################################################################################################################################
622.  
623.  
624. Running Source: Ask
625. Running Source: Archive.is
626. Running Source: Baidu
627. Running Source: Bing
628. Running Source: CertDB
629. Running Source: CertificateTransparency
630. Running Source: Certspotter
631. Running Source: Commoncrawl
632. Running Source: Crt.sh
633. Running Source: Dnsdb
634. Running Source: DNSDumpster
635. Running Source: DNSTable
636. Running Source: Dogpile
637. Running Source: Exalead
638. Running Source: Findsubdomains
639. Running Source: Googleter
640. Running Source: Hackertarget
641. Running Source: Ipv4Info
642. Running Source: PTRArchive
643. Running Source: Sitedossier
644. Running Source: Threatcrowd
645. Running Source: ThreatMiner
646. Running Source: WaybackArchive
647. Running Source: Yahoo
648.  
649. Running enumeration on www.almubarakradio.com
650.  
651. dnsdb: Unexpected return status 503
652.  
653. ipv4info: <nil>
654.  
655. crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
656.  
657. waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.almubarakradio.com/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.almubarakradio.com/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
658.  
659.  
660. Starting Bruteforcing of www.almubarakradio.com with 9985 words
661.  
662. Total 1 Unique subdomains found for www.almubarakradio.com
663.  
664. .www.almubarakradio.com
665. #######################################################################################################################################
666. [+] www.almubarakradio.com has no SPF record!
667. [*] No DMARC record found. Looking for organizational record
668. [+] No organizational DMARC record
669. [+] Spoofing possible for www.almubarakradio.com!
670. #######################################################################################################################################
671. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:40 EST
672. Warning: 77.104.129.22 giving up on port because retransmission cap hit (2).
673. Nmap scan report for www.almubarakradio.com (77.104.129.22)
674. Host is up (0.45s latency).
675. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
676. Not shown: 459 filtered ports, 4 closed ports
677. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
678. PORT STATE SERVICE
679. 21/tcp open ftp
680. 53/tcp open domain
681. 80/tcp open http
682. 110/tcp open pop3
683. 143/tcp open imap
684. 443/tcp open https
685. 465/tcp open smtps
686. 587/tcp open submission
687. 993/tcp open imaps
688. 995/tcp open pop3s
689. 2525/tcp open ms-v-worlds
690. 3306/tcp open mysql
691. 5432/tcp open postgresql
692. #######################################################################################################################################
693. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:41 EST
694. Nmap scan report for www.almubarakradio.com (77.104.129.22)
695. Host is up (0.25s latency).
696. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
697. Not shown: 2 filtered ports
698. PORT STATE SERVICE
699. 53/udp open domain
700. 67/udp open|filtered dhcps
701. 68/udp open|filtered dhcpc
702. 69/udp open|filtered tftp
703. 88/udp open|filtered kerberos-sec
704. 123/udp open|filtered ntp
705. 139/udp open|filtered netbios-ssn
706. 161/udp open|filtered snmp
707. 162/udp open|filtered snmptrap
708. 389/udp open|filtered ldap
709. 520/udp open|filtered route
710. 2049/udp open|filtered nfs
711. #######################################################################################################################################
712. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:41 EST
713. Nmap scan report for www.almubarakradio.com (77.104.129.22)
714. Host is up (0.38s latency).
715. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
716.  
717. PORT STATE SERVICE VERSION
718. 21/tcp open ftp Pure-FTPd
719. | ftp-brute:
720. | Accounts: No valid accounts found
721. |_ Statistics: Performed 2146 guesses in 190 seconds, average tps: 11.6
722. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
723. Device type: general purpose
724. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (90%)
725. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
726. Aggressive OS guesses: Linux 4.9 (90%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
727. No exact OS matches for host (test conditions non-ideal).
728. Network Distance: 18 hops
729.  
730. TRACEROUTE (using port 21/tcp)
731. HOP RTT ADDRESS
732. 1 234.05 ms 10.245.200.1
733. 2 234.12 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
734. 3 234.11 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
735. 4 235.27 ms 64.120.119.228
736. 5 235.46 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
737. 6 236.79 ms 36351.hkg.equinix.com (119.27.63.40)
738. 7 ...
739. 8 272.66 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
740. 9 266.44 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
741. 10 298.86 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
742. 11 299.31 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
743. 12 454.12 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
744. 13 429.60 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
745. 14 452.00 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
746. 15 460.89 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
747. 16 463.32 ms 169.50.118.127
748. 17 436.92 ms c1.76.32a9.ip4.static.sl-reverse.com (169.50.118.193)
749. 18 439.55 ms ip-77-104-129-22.siteground.com (77.104.129.22)
750. #######################################################################################################################################
751. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:47 EST
752. Nmap scan report for www.almubarakradio.com (77.104.129.22)
753. Host is up (0.45s latency).
754. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
755.  
756. PORT STATE SERVICE VERSION
757. 53/tcp open domain ISC BIND 9.10.6
758. |_dns-fuzz: Server didn't response to our probe, can't fuzz
759. | dns-nsec-enum:
760. |_ No NSEC records found
761. | dns-nsec3-enum:
762. |_ DNSSEC NSEC3 not supported
763. | dns-nsid:
764. |_ bind.version: 9.10.6
765. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
766. Device type: general purpose
767. Running: Linux 2.6.X
768. OS CPE: cpe:/o:linux:linux_kernel:2.6
769. OS details: Linux 2.6.18 - 2.6.22
770. Network Distance: 18 hops
771.  
772. Host script results:
773. | dns-blacklist:
774. | SPAM
775. |_ l2.apews.org - SPAM
776. | dns-brute:
777. | DNS Brute-force hostnames:
778. | www.almubarakradio.com - 77.104.129.22
779. | mail.almubarakradio.com - 77.104.129.22
780. |_ ftp.almubarakradio.com - 185.123.97.175
781.  
782. TRACEROUTE (using port 53/tcp)
783. HOP RTT ADDRESS
784. 1 237.24 ms 10.245.200.1
785. 2 237.40 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
786. 3 237.84 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
787. 4 239.82 ms xe-4-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.228)
788. 5 239.11 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
789. 6 239.64 ms 36351.hkg.equinix.com (119.27.63.40)
790. 7 244.70 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
791. 8 270.97 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
792. 9 269.60 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
793. 10 301.44 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
794. 11 298.77 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
795. 12 455.98 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
796. 13 431.60 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
797. 14 459.09 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
798. 15 452.91 ms 169.45.19.205
799. 16 456.72 ms 169.50.118.123
800. 17 448.38 ms b9.76.32a9.ip4.static.sl-reverse.com (169.50.118.185)
801. 18 434.84 ms ip-77-104-129-22.siteground.com (77.104.129.22)
802. #######################################################################################################################################
803. http://www.almubarakradio.com [200 OK] Country[ROMANIA][RO], Frame, HTML5, HTTPServer[nginx], IP[77.104.129.22], JQuery[1.12.4,4.4.3], Lightbox, MetaGenerator[WordPress 5.0.3], Script[text/javascript], Title[Al Mubarak Radio], UncommonHeaders[link,host-header,x-proxy-cache], WordPress[5.0.3], X-UA-Compatible[IE=edge], YouTube, nginx
804. #######################################################################################################################################
805.  
806. wig - WebApp Information Gatherer
807.  
808.  
809. Scanning http://www.almubarakradio.com...
810. _________________________________________ SITE INFO __________________________________________
811. IP Title
812. 77.104.129.22 Al Mubarak Radio
813.  
814. __________________________________________ VERSION ___________________________________________
815. Name Versions Type
816. WordPress 5.0.3 CMS
817. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
818. 2.4.9
819. nginx Platform
820.  
821. ________________________________________ INTERESTING _________________________________________
822. URL Note Type
823. /wp-login.php Wordpress login page Interesting
824. /readme.html Readme file Interesting
825. /login/ Login Page Interesting
826.  
827. ___________________________________________ TOOLS ____________________________________________
828. Name Link Software
829. wpscan https://github.com/wpscanteam/wpscan WordPress
830. CMSmap https://github.com/Dionach/CMSmap WordPress
831.  
832. ______________________________________________________________________________________________
833. Time: 120.8 sec Urls: 451 Fingerprints: 40401
834. #######################################################################################################################################
835. HTTP/1.1 200 OK
836. Server: nginx
837. Date: Mon, 28 Jan 2019 23:52:16 GMT
838. Content-Type: text/html; charset=UTF-8
839. Connection: keep-alive
840. X-UA-Compatible: IE=edge
841. Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
842. Host-Header: 192fc2e7e50945beb8231a492d6a8024
843.  
844. HTTP/1.1 200 OK
845. Server: nginx
846. Date: Mon, 28 Jan 2019 23:52:18 GMT
847. Content-Type: text/html; charset=UTF-8
848. Connection: keep-alive
849. X-UA-Compatible: IE=edge
850. Link: <http://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <http://www.almubarakradio.com/>; rel=shortlink
851. Host-Header: 192fc2e7e50945beb8231a492d6a8024
852. #######################################################################################################################################
853. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:52 EST
854. Nmap scan report for www.almubarakradio.com (77.104.129.22)
855. Host is up (0.46s latency).
856. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
857.  
858. PORT STATE SERVICE VERSION
859. 110/tcp open pop3 Dovecot pop3d
860. | pop3-brute:
861. | Accounts: No valid accounts found
862. |_ Statistics: Performed 214 guesses in 194 seconds, average tps: 1.1
863. |_pop3-capabilities: UIDL USER PIPELINING AUTH-RESP-CODE TOP CAPA SASL(PLAIN LOGIN) STLS RESP-CODES
864. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
865. Device type: general purpose
866. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
867. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
868. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
869. No exact OS matches for host (test conditions non-ideal).
870. Network Distance: 18 hops
871.  
872. TRACEROUTE (using port 110/tcp)
873. HOP RTT ADDRESS
874. 1 233.92 ms 10.245.200.1
875. 2 233.97 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
876. 3 234.45 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
877. 4 235.24 ms 64.120.119.226
878. 5 235.02 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
879. 6 236.86 ms 36351.hkg.equinix.com (119.27.63.40)
880. 7 ...
881. 8 266.95 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
882. 9 266.92 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
883. 10 298.44 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
884. 11 321.54 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
885. 12 460.24 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
886. 13 436.29 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
887. 14 461.22 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
888. 15 458.44 ms cb.13.2da9.ip4.static.sl-reverse.com (169.45.19.203)
889. 16 461.62 ms 169.50.118.117
890. 17 442.74 ms bf.76.32a9.ip4.static.sl-reverse.com (169.50.118.191)
891. 18 458.13 ms ip-77-104-129-22.siteground.com (77.104.129.22)
892. #######################################################################################################################################
893. https://www.almubarakradio.com [200 OK] Country[ROMANIA][RO], Frame, HTML5, HTTPServer[nginx], IP[77.104.129.22], JQuery[1.12.4,4.4.3], Lightbox, MetaGenerator[WordPress 5.0.3], Script[text/javascript], Title[Al Mubarak Radio], UncommonHeaders[link,host-header,x-proxy-cache], WordPress[5.0.3], X-UA-Compatible[IE=edge], YouTube, nginx
894. #######################################################################################################################################
895. wig - WebApp Information Gatherer
896.  
897.  
898. Scanning https://www.almubarakradio.com...
899. _________________________________________ SITE INFO __________________________________________
900. IP Title
901. 77.104.129.22 Al Mubarak Radio
902.  
903. __________________________________________ VERSION ___________________________________________
904. Name Versions Type
905. WordPress 5.0.3 CMS
906. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
907. 2.4.9
908. nginx Platform
909.  
910. ________________________________________ INTERESTING _________________________________________
911. URL Note Type
912. /wp-login.php Wordpress login page Interesting
913. /readme.html Readme file Interesting
914. /login/ Login Page Interesting
915.  
916. ___________________________________________ TOOLS ____________________________________________
917. Name Link Software
918. wpscan https://github.com/wpscanteam/wpscan WordPress
919. CMSmap https://github.com/Dionach/CMSmap WordPress
920.  
921. ______________________________________________________________________________________________
922. Time: 187.1 sec Urls: 451 Fingerprints: 40401
923. #######################################################################################################################################
924. HTTP/2 200
925. server: nginx
926. date: Tue, 29 Jan 2019 00:02:01 GMT
927. content-type: text/html; charset=UTF-8
928. x-ua-compatible: IE=edge
929. link: <https://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <https://www.almubarakradio.com/>; rel=shortlink
930. host-header: 192fc2e7e50945beb8231a492d6a8024
931.  
932. HTTP/2 200
933. server: nginx
934. date: Tue, 29 Jan 2019 00:02:04 GMT
935. content-type: text/html; charset=UTF-8
936. x-ua-compatible: IE=edge
937. link: <https://www.almubarakradio.com/wp-json/>; rel="https://api.w.org/", <https://www.almubarakradio.com/>; rel=shortlink
938. host-header: 192fc2e7e50945beb8231a492d6a8024
939. #######################################################################################################################################
940. Version: 1.11.12-static
941. OpenSSL 1.0.2-chacha (1.0.2g-dev)
942.  
943. Connected to 77.104.129.22
944.  
945. Testing SSL server www.almubarakradio.com on port 443 using SNI name www.almubarakradio.com
946.  
947. TLS Fallback SCSV:
948. Server supports TLS Fallback SCSV
949.  
950. TLS renegotiation:
951. Session renegotiation not supported
952.  
953. TLS Compression:
954. Compression disabled
955.  
956. Heartbleed:
957. TLS 1.2 not vulnerable to heartbleed
958. TLS 1.1 not vulnerable to heartbleed
959. TLS 1.0 not vulnerable to heartbleed
960.  
961. Supported Server Cipher(s):
962. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
963. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
964. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
965. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
966. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
967. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
968. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
969. Accepted TLSv1.2 128 bits AES128-SHA
970. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
971. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
972. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
973. Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
974. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
975. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
976. Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
977. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
978. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
979. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
980. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
981. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
982. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
983. Accepted TLSv1.2 256 bits AES256-SHA256
984. Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
985. Accepted TLSv1.2 128 bits AES128-SHA256
986. Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
987. Accepted TLSv1.2 256 bits AES256-SHA
988. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
989. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
990. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
991. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
992. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
993. Accepted TLSv1.1 128 bits AES128-SHA
994. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
995. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
996. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
997. Accepted TLSv1.1 256 bits AES256-SHA
998. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
999. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1000.  
1001. SSL Certificate:
1002. Signature Algorithm: sha256WithRSAEncryption
1003. RSA Key Strength: 2048
1004.  
1005. Subject: almubarakradio.com
1006. Altnames: DNS:almubarakradio.com, DNS:www.almubarakradio.com
1007. Issuer: Let's Encrypt Authority X3
1008.  
1009. Not valid before: Jan 21 15:06:00 2019 GMT
1010. Not valid after: Apr 21 15:06:00 2019 GMT
1011. #######################################################################################################################################
1012. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:04 EST
1013. Nmap scan report for www.almubarakradio.com (77.104.129.22)
1014. Host is up (0.45s latency).
1015. rDNS record for 77.104.129.22: ip-77-104-129-22.siteground.com
1016.  
1017. PORT STATE SERVICE VERSION
1018. 5432/tcp open postgresql PostgreSQL DB 8.4.20 - 8.4.22
1019. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1020. Device type: general purpose
1021. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
1022. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
1023. Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%), OpenWrt Chaos Calmer (Linux 3.18) (85%)
1024. No exact OS matches for host (test conditions non-ideal).
1025. Network Distance: 18 hops
1026.  
1027. TRACEROUTE (using port 5432/tcp)
1028. HOP RTT ADDRESS
1029. 1 233.09 ms 10.245.200.1
1030. 2 233.30 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1031. 3 233.28 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
1032. 4 234.28 ms 64.120.119.228
1033. 5 234.68 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1034. 6 235.47 ms 36351.hkg.equinix.com (119.27.63.40)
1035. 7 ...
1036. 8 266.34 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1037. 9 265.38 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1038. 10 297.82 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1039. 11 300.85 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1040. 12 455.45 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1041. 13 439.07 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1042. 14 456.83 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1043. 15 454.64 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
1044. 16 456.10 ms 169.50.118.115
1045. 17 456.92 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1046. 18 450.19 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1047. ######################################################################################################################################
1048. --------------------------------------------------------
1049. <<<Yasuo discovered following vulnerable applications>>>
1050. --------------------------------------------------------
1051. +----------+---------------------------------+---------------------------------------+----------+----------+
1052. | App Name | URL to Application | Potential Exploit | Username | Password |
1053. +----------+---------------------------------+---------------------------------------+----------+----------+
1054. | v0pCr3w | http://77.104.129.22:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
1055. +----------+---------------------------------+---------------------------------------+----------+----------+
1056. #######################################################################################################################################
1057. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:30 EST
1058. Warning: 77.104.129.22 giving up on port because retransmission cap hit (2).
1059. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1060. Host is up (0.44s latency).
1061. Not shown: 459 filtered ports, 4 closed ports
1062. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1063. PORT STATE SERVICE
1064. 21/tcp open ftp
1065. 53/tcp open domain
1066. 80/tcp open http
1067. 110/tcp open pop3
1068. 143/tcp open imap
1069. 443/tcp open https
1070. 465/tcp open smtps
1071. 587/tcp open submission
1072. 993/tcp open imaps
1073. 995/tcp open pop3s
1074. 2525/tcp open ms-v-worlds
1075. 3306/tcp open mysql
1076. 5432/tcp open postgresql
1077. #######################################################################################################################################
1078. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:31 EST
1079. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1080. Host is up (0.26s latency).
1081. Not shown: 2 filtered ports
1082. PORT STATE SERVICE
1083. 53/udp open domain
1084. 67/udp open|filtered dhcps
1085. 68/udp open|filtered dhcpc
1086. 69/udp open|filtered tftp
1087. 88/udp open|filtered kerberos-sec
1088. 123/udp open|filtered ntp
1089. 139/udp open|filtered netbios-ssn
1090. 161/udp open|filtered snmp
1091. 162/udp open|filtered snmptrap
1092. 389/udp open|filtered ldap
1093. 520/udp open|filtered route
1094. 2049/udp open|filtered nfs
1095. #######################################################################################################################################
1096. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:31 EST
1097. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1098. Host is up (0.38s latency).
1099.  
1100. PORT STATE SERVICE VERSION
1101. 21/tcp open ftp Pure-FTPd
1102. | ftp-brute:
1103. | Accounts: No valid accounts found
1104. |_ Statistics: Performed 2152 guesses in 185 seconds, average tps: 11.7
1105. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1106. Device type: general purpose
1107. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
1108. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
1109. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
1110. No exact OS matches for host (test conditions non-ideal).
1111. Network Distance: 18 hops
1112.  
1113. TRACEROUTE (using port 21/tcp)
1114. HOP RTT ADDRESS
1115. 1 237.60 ms 10.245.200.1
1116. 2 237.64 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1117. 3 238.17 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1118. 4 239.13 ms te-0-2-0-20.504.br02.hkg-12.hk.leaseweb.net (64.120.119.230)
1119. 5 238.53 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1120. 6 240.45 ms 36351.hkg.equinix.com (119.27.63.40)
1121. 7 241.24 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1122. 8 270.25 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1123. 9 270.23 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1124. 10 305.08 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1125. 11 302.06 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1126. 12 451.63 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1127. 13 442.09 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1128. 14 461.27 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1129. 15 449.63 ms 169.45.19.205
1130. 16 461.08 ms 169.50.118.115
1131. 17 433.62 ms c1.76.32a9.ip4.static.sl-reverse.com (169.50.118.193)
1132. 18 449.52 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1133. ######################################################################################################################################
1134. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:37 EST
1135. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1136. Host is up (0.37s latency).
1137.  
1138. PORT STATE SERVICE VERSION
1139. 53/tcp open domain ISC BIND 9.10.6
1140. |_dns-fuzz: Server didn't response to our probe, can't fuzz
1141. | dns-nsec-enum:
1142. |_ No NSEC records found
1143. | dns-nsec3-enum:
1144. |_ DNSSEC NSEC3 not supported
1145. | dns-nsid:
1146. |_ bind.version: 9.10.6
1147. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1148. Device type: general purpose
1149. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
1150. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
1151. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
1152. No exact OS matches for host (test conditions non-ideal).
1153. Network Distance: 18 hops
1154.  
1155. Host script results:
1156. | dns-blacklist:
1157. | SPAM
1158. |_ l2.apews.org - SPAM
1159. | dns-brute:
1160. | DNS Brute-force hostnames:
1161. | stats.siteground.com - 192.168.0.15
1162. | ns1.siteground.com - 181.224.128.30
1163. | apps.siteground.com - 172.217.13.110
1164. | apps.siteground.com - 2607:f8b0:4020:804:0:0:0:200e
1165. | download.siteground.com - 184.154.235.243
1166. | ns2.siteground.com - 181.224.128.31
1167. | blog.siteground.com - 184.154.235.13
1168. | www.siteground.com - 181.224.128.30
1169. | www.siteground.com - 181.224.128.31
1170. | forum.siteground.com - 184.154.235.107
1171. | cdn.siteground.com - 181.224.128.32
1172. | cdn.siteground.com - 181.224.128.33
1173. | chat.siteground.com - 216.104.36.122
1174. | dev.siteground.com - 184.154.235.240
1175. | internal.siteground.com - 184.154.235.10
1176. | mail.siteground.com - 198.143.151.98
1177. | mail2.siteground.com - 181.224.128.61
1178. |_ mail3.siteground.com - 69.175.85.2
1179.  
1180. TRACEROUTE (using port 53/tcp)
1181. HOP RTT ADDRESS
1182. 1 234.75 ms 10.245.200.1
1183. 2 234.83 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1184. 3 234.82 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
1185. 4 237.01 ms te-0-2-0-20.504.br02.hkg-12.hk.leaseweb.net (64.120.119.230)
1186. 5 237.05 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1187. 6 240.38 ms 36351.hkg.equinix.com (119.27.63.40)
1188. 7 237.47 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1189. 8 270.61 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1190. 9 268.04 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1191. 10 300.12 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1192. 11 299.43 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1193. 12 455.05 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1194. 13 440.04 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1195. 14 458.62 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1196. 15 443.83 ms 169.45.19.203
1197. 16 457.01 ms 169.50.118.127
1198. 17 451.88 ms b9.76.32a9.ip4.static.sl-reverse.com (169.50.118.185)
1199. 18 452.90 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1200. #######################################################################################################################################
1201. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:38 EST
1202. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1203. Host is up (0.23s latency).
1204.  
1205. PORT STATE SERVICE VERSION
1206. 67/udp open|filtered dhcps
1207. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1208. Too many fingerprints match this host to give specific OS details
1209. Network Distance: 18 hops
1210.  
1211. TRACEROUTE (using proto 1/icmp)
1212. HOP RTT ADDRESS
1213. 1 237.93 ms 10.245.200.1
1214. 2 237.95 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1215. 3 238.56 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1216. 4 239.17 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1217. 5 238.99 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1218. 6 240.44 ms 36351.hkg.equinix.com (119.27.63.40)
1219. 7 241.23 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1220. 8 274.08 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1221. 9 270.56 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1222. 10 302.79 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1223. 11 298.18 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1224. 12 453.00 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1225. 13 436.20 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1226. 14 454.57 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1227. 15 451.61 ms 169.45.19.205
1228. 16 454.98 ms 169.50.118.127
1229. 17 454.01 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1230. 18 459.56 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1231. ######################################################################################################################################
1232. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:40 EST
1233. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1234. Host is up (0.24s latency).
1235.  
1236. PORT STATE SERVICE VERSION
1237. 68/udp open|filtered dhcpc
1238. Too many fingerprints match this host to give specific OS details
1239. Network Distance: 18 hops
1240.  
1241. TRACEROUTE (using proto 1/icmp)
1242. HOP RTT ADDRESS
1243. 1 234.06 ms 10.245.200.1
1244. 2 234.10 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1245. 3 234.64 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1246. 4 235.31 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1247. 5 235.28 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1248. 6 236.65 ms 36351.hkg.equinix.com (119.27.63.40)
1249. 7 237.71 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1250. 8 266.69 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1251. 9 266.36 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1252. 10 298.51 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1253. 11 298.04 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1254. 12 452.95 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1255. 13 437.98 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1256. 14 454.89 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1257. 15 451.71 ms 169.45.19.205
1258. 16 457.10 ms 169.50.118.127
1259. 17 453.71 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1260. 18 455.45 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1261. #######################################################################################################################################
1262. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:42 EST
1263. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1264. Host is up (0.23s latency).
1265.  
1266. PORT STATE SERVICE VERSION
1267. 69/udp open|filtered tftp
1268. Too many fingerprints match this host to give specific OS details
1269. Network Distance: 18 hops
1270.  
1271. TRACEROUTE (using proto 1/icmp)
1272. HOP RTT ADDRESS
1273. 1 237.93 ms 10.245.200.1
1274. 2 238.13 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1275. 3 238.57 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1276. 4 239.14 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1277. 5 238.97 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1278. 6 240.37 ms 36351.hkg.equinix.com (119.27.63.40)
1279. 7 241.20 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1280. 8 270.92 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1281. 9 270.21 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1282. 10 304.74 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1283. 11 299.65 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1284. 12 455.86 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1285. 13 438.22 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1286. 14 457.43 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1287. 15 453.99 ms 169.45.19.205
1288. 16 457.46 ms 169.50.118.127
1289. 17 455.87 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1290. 18 455.69 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1291. #######################################################################################################################################
1292. http://77.104.129.22 [200 OK] Country[ROMANIA][RO], IP[77.104.129.22], Meta-Refresh-Redirect[/cgi-sys/defaultwebpage.cgi], UncommonHeaders[host-header,x-proxy-cache], cPanel
1293. http://77.104.129.22/cgi-sys/defaultwebpage.cgi [200 OK] Country[ROMANIA][RO], HTML5, IP[77.104.129.22], Title[SiteGround Web Hosting Server Default Page], UncommonHeaders[host-header,x-proxy-cache]
1294. #######################################################################################################################################
1295.  
1296. wig - WebApp Information Gatherer
1297.  
1298.  
1299. Scanning http://77.104.129.22...
1300. _________________________________________ SITE INFO _________________________________________
1301. IP Title
1302. 77.104.129.22
1303.  
1304. __________________________________________ VERSION __________________________________________
1305. Name Versions Type
1306. Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1307. 2.4.9
1308. nginx Platform
1309.  
1310. ________________________________________ INTERESTING ________________________________________
1311. URL Note Type
1312. /install.php Installation file Interesting
1313. /robots.txt robots.txt index Interesting
1314. /test.php Test file Interesting
1315.  
1316. _____________________________________________________________________________________________
1317. Time: 90.1 sec Urls: 808 Fingerprints: 40401
1318. #######################################################################################################################################
1319. HTTP/1.1 200 OK
1320. Server: nginx
1321. Date: Mon, 28 Jan 2019 23:46:35 GMT
1322. Content-Type: text/html
1323. Content-Length: 111
1324. Connection: keep-alive
1325. Last-Modified: Mon, 13 Nov 2017 15:37:17 GMT
1326. ETag: "6f-55ddf0b95a540"
1327. Accept-Ranges: bytes
1328. Host-Header: 192fc2e7e50945beb8231a492d6a8024
1329.  
1330. HTTP/1.1 200 OK
1331. Server: nginx
1332. Date: Mon, 28 Jan 2019 23:46:35 GMT
1333. Content-Type: text/html
1334. Content-Length: 111
1335. Connection: keep-alive
1336. Last-Modified: Mon, 13 Nov 2017 15:37:17 GMT
1337. ETag: "6f-55ddf0b95a540"
1338. Accept-Ranges: bytes
1339. Host-Header: 192fc2e7e50945beb8231a492d6a8024
1340. #######################################################################################################################################
1341. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:46 EST
1342. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1343. Host is up (0.45s latency).
1344.  
1345. PORT STATE SERVICE VERSION
1346. 110/tcp open pop3 Dovecot pop3d
1347. | pop3-brute:
1348. | Accounts: No valid accounts found
1349. |_ Statistics: Performed 212 guesses in 190 seconds, average tps: 1.1
1350. |_pop3-capabilities: STLS TOP RESP-CODES UIDL SASL(PLAIN LOGIN) USER CAPA PIPELINING AUTH-RESP-CODE
1351. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1352. Device type: general purpose
1353. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
1354. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
1355. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
1356. No exact OS matches for host (test conditions non-ideal).
1357. Network Distance: 18 hops
1358.  
1359. TRACEROUTE (using port 443/tcp)
1360. HOP RTT ADDRESS
1361. 1 233.79 ms 10.245.200.1
1362. 2 233.83 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1363. 3 233.83 ms xe-2-0-3.br01.hkg-10.hk.leaseweb.net (43.249.36.8)
1364. 4 234.81 ms 64.120.119.230
1365. 5 234.38 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1366. 6 236.00 ms 36351.hkg.equinix.com (119.27.63.40)
1367. 7 ...
1368. 8 265.88 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1369. 9 265.42 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1370. 10 297.57 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1371. 11 302.01 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1372. 12 457.24 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1373. 13 440.86 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1374. 14 455.84 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1375. 15 456.69 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
1376. 16 446.75 ms 169.50.118.115
1377. 17 448.32 ms b7.76.32a9.ip4.static.sl-reverse.com (169.50.118.183)
1378. 18 451.17 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1379. #######################################################################################################################################
1380. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:50 EST
1381. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1382. Host is up (0.23s latency).
1383.  
1384. PORT STATE SERVICE VERSION
1385. 123/udp open|filtered ntp
1386. Too many fingerprints match this host to give specific OS details
1387. Network Distance: 18 hops
1388.  
1389. TRACEROUTE (using proto 1/icmp)
1390. HOP RTT ADDRESS
1391. 1 235.39 ms 10.245.200.1
1392. 2 235.43 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1393. 3 236.07 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1394. 4 236.76 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1395. 5 236.44 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1396. 6 238.78 ms 36351.hkg.equinix.com (119.27.63.40)
1397. 7 236.53 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1398. 8 268.55 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1399. 9 267.83 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1400. 10 299.84 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1401. 11 297.32 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1402. 12 452.49 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1403. 13 435.48 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1404. 14 454.07 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1405. 15 450.67 ms 169.45.19.205
1406. 16 457.40 ms 169.50.118.127
1407. 17 458.37 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1408. 18 455.57 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1409. #######################################################################################################################################
1410. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:52 EST
1411. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1412. Host is up (0.45s latency).
1413.  
1414. PORT STATE SERVICE VERSION
1415. 161/tcp filtered snmp
1416. 161/udp open|filtered snmp
1417. Too many fingerprints match this host to give specific OS details
1418. Network Distance: 18 hops
1419.  
1420. TRACEROUTE (using proto 1/icmp)
1421. HOP RTT ADDRESS
1422. 1 235.32 ms 10.245.200.1
1423. 2 235.36 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1424. 3 236.10 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1425. 4 236.13 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1426. 5 236.13 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1427. 6 237.49 ms 36351.hkg.equinix.com (119.27.63.40)
1428. 7 238.65 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1429. 8 268.00 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1430. 9 267.41 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1431. 10 299.64 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1432. 11 298.10 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1433. 12 453.63 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1434. 13 436.64 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1435. 14 456.26 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1436. 15 452.05 ms 169.45.19.205
1437. 16 456.27 ms 169.50.118.127
1438. 17 453.71 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1439. 18 452.36 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1440. #######################################################################################################################################
1441. ^ ^
1442. _ __ _ ____ _ __ _ _ ____
1443. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1444. | V V // o // _/ | V V // 0 // 0 // _/
1445. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1446. <
1447. ...'
1448.  
1449. WAFW00F - Web Application Firewall Detection Tool
1450.  
1451. By Sandro Gauci && Wendel G. Henrique
1452.  
1453. Checking https://77.104.129.22
1454. Generic Detection results:
1455. The site https://77.104.129.22 seems to be behind a WAF or some sort of security solution
1456. Reason: Blocking is being done at connection/packet level.
1457. Number of requests: 12
1458. #######################################################################################################################################
1459. Version: 1.11.12-static
1460. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1461.  
1462. Connected to 77.104.129.22
1463.  
1464. Testing SSL server 77.104.129.22 on port 443 using SNI name 77.104.129.22
1465.  
1466. TLS Fallback SCSV:
1467. Server supports TLS Fallback SCSV
1468.  
1469. TLS renegotiation:
1470. Session renegotiation not supported
1471.  
1472. TLS Compression:
1473. Compression disabled
1474.  
1475. Heartbleed:
1476. TLS 1.2 not vulnerable to heartbleed
1477. TLS 1.1 not vulnerable to heartbleed
1478. TLS 1.0 not vulnerable to heartbleed
1479.  
1480. Supported Server Cipher(s):
1481. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
1482. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
1483. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
1484. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
1485. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
1486. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
1487. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1488. Accepted TLSv1.2 128 bits AES128-SHA
1489. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1490. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1491. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1492. Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
1493. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
1494. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1495. Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
1496. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
1497. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1498. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1499. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1500. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1501. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1502. Accepted TLSv1.2 256 bits AES256-SHA256
1503. Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
1504. Accepted TLSv1.2 128 bits AES128-SHA256
1505. Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
1506. Accepted TLSv1.2 256 bits AES256-SHA
1507. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1508. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1509. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
1510. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
1511. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1512. Accepted TLSv1.1 128 bits AES128-SHA
1513. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1514. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1515. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1516. Accepted TLSv1.1 256 bits AES256-SHA
1517. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1518. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1519.  
1520. SSL Certificate:
1521. Signature Algorithm: sha256WithRSAEncryption
1522. RSA Key Strength: 2048
1523.  
1524. Subject: *.sgcpanel.com
1525. Altnames: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1526. Issuer: AlphaSSL CA - SHA256 - G2
1527.  
1528. Not valid before: Mar 12 07:55:09 2018 GMT
1529. Not valid after: May 9 08:29:28 2019 GMT
1530. #######################################################################################################################################
1531. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 18:58 EST
1532. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1533. Host is up (0.45s latency).
1534.  
1535. PORT STATE SERVICE VERSION
1536. 5432/tcp open postgresql PostgreSQL DB 8.4.20 - 8.4.22
1537. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1538. Device type: general purpose
1539. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
1540. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
1541. Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
1542. No exact OS matches for host (test conditions non-ideal).
1543. Network Distance: 18 hops
1544.  
1545. TRACEROUTE (using port 5432/tcp)
1546. HOP RTT ADDRESS
1547. 1 235.23 ms 10.245.200.1
1548. 2 235.32 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1549. 3 235.31 ms xe-0-1-0.br01.hkg-10.hk.leaseweb.net (43.249.36.14)
1550. 4 236.59 ms 64.120.119.226
1551. 5 236.56 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
1552. 6 238.10 ms 36351.hkg.equinix.com (119.27.63.40)
1553. 7 ...
1554. 8 268.96 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1555. 9 267.35 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1556. 10 300.19 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1557. 11 299.98 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1558. 12 457.12 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1559. 13 437.87 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1560. 14 459.68 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1561. 15 453.68 ms cd.13.2da9.ip4.static.sl-reverse.com (169.45.19.205)
1562. 16 448.86 ms 169.50.118.123
1563. 17 456.01 ms b7.76.32a9.ip4.static.sl-reverse.com (169.50.118.183)
1564. 18 446.10 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1565. #######################################################################################################################################
1566. --------------------------------------------------------------------------------------------------------------------------------------
1567. <<<Yasuo discovered following vulnerable applications>>>
1568. --------------------------------------------------------------------------------------------------------------------------------------
1569. +----------+---------------------------------+---------------------------------------+----------+----------+
1570. | App Name | URL to Application | Potential Exploit | Username | Password |
1571. +----------+---------------------------------+---------------------------------------+----------+----------+
1572. | v0pCr3w | http://77.104.129.22:80/jos.php | ./exploits/multi/http/v0pcr3w_exec.rb | | |
1573. +----------+---------------------------------+---------------------------------------+----------+----------+
1574. #######################################################################################################################################
1575. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:05 EST
1576. NSE: Loaded 148 scripts for scanning.
1577. NSE: Script Pre-scanning.
1578. NSE: Starting runlevel 1 (of 2) scan.
1579. Initiating NSE at 19:05
1580. Completed NSE at 19:05, 0.00s elapsed
1581. NSE: Starting runlevel 2 (of 2) scan.
1582. Initiating NSE at 19:05
1583. Completed NSE at 19:05, 0.00s elapsed
1584. Initiating Ping Scan at 19:05
1585. Scanning 77.104.129.22 [4 ports]
1586. Completed Ping Scan at 19:05, 0.49s elapsed (1 total hosts)
1587. Initiating Parallel DNS resolution of 1 host. at 19:05
1588. Completed Parallel DNS resolution of 1 host. at 19:05, 0.02s elapsed
1589. Initiating Connect Scan at 19:05
1590. Scanning ip-77-104-129-22.siteground.com (77.104.129.22) [1000 ports]
1591. Discovered open port 993/tcp on 77.104.129.22
1592. Discovered open port 995/tcp on 77.104.129.22
1593. Discovered open port 443/tcp on 77.104.129.22
1594. Discovered open port 80/tcp on 77.104.129.22
1595. Discovered open port 143/tcp on 77.104.129.22
1596. Discovered open port 110/tcp on 77.104.129.22
1597. Discovered open port 53/tcp on 77.104.129.22
1598. Discovered open port 3306/tcp on 77.104.129.22
1599. Discovered open port 5432/tcp on 77.104.129.22
1600. Completed Connect Scan at 19:05, 18.20s elapsed (1000 total ports)
1601. Initiating Service scan at 19:05
1602. Scanning 9 services on ip-77-104-129-22.siteground.com (77.104.129.22)
1603. Completed Service scan at 19:05, 15.24s elapsed (9 services on 1 host)
1604. Initiating OS detection (try #1) against ip-77-104-129-22.siteground.com (77.104.129.22)
1605. Retrying OS detection (try #2) against ip-77-104-129-22.siteground.com (77.104.129.22)
1606. Initiating Traceroute at 19:06
1607. Completed Traceroute at 19:06, 1.25s elapsed
1608. Initiating Parallel DNS resolution of 18 hosts. at 19:06
1609. Completed Parallel DNS resolution of 18 hosts. at 19:06, 16.50s elapsed
1610. NSE: Script scanning 77.104.129.22.
1611. NSE: Starting runlevel 1 (of 2) scan.
1612. Initiating NSE at 19:06
1613. Completed NSE at 19:06, 27.03s elapsed
1614. NSE: Starting runlevel 2 (of 2) scan.
1615. Initiating NSE at 19:06
1616. Completed NSE at 19:06, 0.01s elapsed
1617. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1618. Host is up, received syn-ack ttl 48 (0.41s latency).
1619. Scanned at 2019-01-28 19:05:25 EST for 88s
1620. Not shown: 986 filtered ports
1621. Reason: 986 no-responses
1622. PORT STATE SERVICE REASON VERSION
1623. 25/tcp closed smtp conn-refused
1624. 53/tcp open domain syn-ack ISC BIND 9.10.6
1625. | dns-nsid:
1626. |_ bind.version: 9.10.6
1627. 80/tcp open http syn-ack nginx
1628. |_http-server-header: nginx
1629. 110/tcp open pop3 syn-ack Dovecot pop3d
1630. |_pop3-capabilities: RESP-CODES USER PIPELINING CAPA STLS SASL(PLAIN LOGIN) UIDL AUTH-RESP-CODE TOP
1631. | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
1632. | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1633. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1634. | Public Key type: rsa
1635. | Public Key bits: 2048
1636. | Signature Algorithm: sha256WithRSAEncryption
1637. | Not valid before: 2018-03-12T07:55:09
1638. | Not valid after: 2019-05-09T08:29:28
1639. | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
1640. | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
1641. | -----BEGIN CERTIFICATE-----
1642. | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
1643. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
1644. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
1645. | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
1646. | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
1647. | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
1648. | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
1649. | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
1650. | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
1651. | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
1652. | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
1653. | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
1654. | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
1655. | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
1656. | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
1657. | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
1658. | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
1659. | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
1660. | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
1661. | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
1662. | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
1663. | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
1664. | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
1665. | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
1666. | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
1667. | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
1668. | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
1669. | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
1670. | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
1671. | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
1672. | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
1673. | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
1674. | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
1675. | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
1676. | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
1677. | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
1678. | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
1679. |_-----END CERTIFICATE-----
1680. |_ssl-date: 2019-01-29T00:06:36+00:00; 0s from scanner time.
1681. 111/tcp closed rpcbind conn-refused
1682. 139/tcp closed netbios-ssn conn-refused
1683. 143/tcp open imap syn-ack Dovecot imapd
1684. |_imap-capabilities: AUTH=PLAIN post-login OK capabilities AUTH=LOGINA0001 more IMAP4rev1 ENABLE ID STARTTLS LOGIN-REFERRALS LITERAL+ listed SASL-IR NAMESPACE IDLE Pre-login have
1685. | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
1686. | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1687. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1688. | Public Key type: rsa
1689. | Public Key bits: 2048
1690. | Signature Algorithm: sha256WithRSAEncryption
1691. | Not valid before: 2018-03-12T07:55:09
1692. | Not valid after: 2019-05-09T08:29:28
1693. | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
1694. | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
1695. | -----BEGIN CERTIFICATE-----
1696. | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
1697. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
1698. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
1699. | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
1700. | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
1701. | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
1702. | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
1703. | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
1704. | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
1705. | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
1706. | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
1707. | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
1708. | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
1709. | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
1710. | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
1711. | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
1712. | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
1713. | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
1714. | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
1715. | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
1716. | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
1717. | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
1718. | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
1719. | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
1720. | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
1721. | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
1722. | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
1723. | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
1724. | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
1725. | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
1726. | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
1727. | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
1728. | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
1729. | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
1730. | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
1731. | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
1732. | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
1733. |_-----END CERTIFICATE-----
1734. |_ssl-date: 2019-01-29T00:06:31+00:00; 0s from scanner time.
1735. 443/tcp open ssl/http syn-ack nginx
1736. |_http-server-header: nginx
1737. |_http-title: 400 The plain HTTP request was sent to HTTPS port
1738. | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
1739. | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1740. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1741. | Public Key type: rsa
1742. | Public Key bits: 2048
1743. | Signature Algorithm: sha256WithRSAEncryption
1744. | Not valid before: 2018-03-12T07:55:09
1745. | Not valid after: 2019-05-09T08:29:28
1746. | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
1747. | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
1748. | -----BEGIN CERTIFICATE-----
1749. | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
1750. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
1751. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
1752. | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
1753. | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
1754. | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
1755. | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
1756. | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
1757. | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
1758. | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
1759. | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
1760. | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
1761. | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
1762. | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
1763. | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
1764. | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
1765. | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
1766. | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
1767. | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
1768. | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
1769. | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
1770. | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
1771. | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
1772. | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
1773. | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
1774. | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
1775. | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
1776. | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
1777. | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
1778. | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
1779. | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
1780. | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
1781. | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
1782. | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
1783. | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
1784. | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
1785. | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
1786. |_-----END CERTIFICATE-----
1787. |_ssl-date: TLS randomness does not represent time
1788. | tls-alpn:
1789. | h2
1790. |_ http/1.1
1791. | tls-nextprotoneg:
1792. | h2
1793. |_ http/1.1
1794. 445/tcp closed microsoft-ds conn-refused
1795. 993/tcp open ssl/imap syn-ack Dovecot imapd
1796. | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
1797. | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1798. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1799. | Public Key type: rsa
1800. | Public Key bits: 2048
1801. | Signature Algorithm: sha256WithRSAEncryption
1802. | Not valid before: 2018-03-12T07:55:09
1803. | Not valid after: 2019-05-09T08:29:28
1804. | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
1805. | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
1806. | -----BEGIN CERTIFICATE-----
1807. | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
1808. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
1809. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
1810. | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
1811. | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
1812. | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
1813. | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
1814. | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
1815. | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
1816. | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
1817. | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
1818. | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
1819. | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
1820. | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
1821. | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
1822. | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
1823. | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
1824. | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
1825. | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
1826. | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
1827. | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
1828. | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
1829. | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
1830. | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
1831. | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
1832. | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
1833. | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
1834. | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
1835. | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
1836. | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
1837. | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
1838. | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
1839. | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
1840. | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
1841. | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
1842. | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
1843. | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
1844. |_-----END CERTIFICATE-----
1845. |_ssl-date: 2019-01-29T00:06:27+00:00; 0s from scanner time.
1846. 995/tcp open ssl/pop3 syn-ack Dovecot pop3d
1847. | ssl-cert: Subject: commonName=*.sgcpanel.com/organizationalUnitName=Domain Control Validated
1848. | Subject Alternative Name: DNS:*.sgcpanel.com, DNS:sgcpanel.com
1849. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1850. | Public Key type: rsa
1851. | Public Key bits: 2048
1852. | Signature Algorithm: sha256WithRSAEncryption
1853. | Not valid before: 2018-03-12T07:55:09
1854. | Not valid after: 2019-05-09T08:29:28
1855. | MD5: e7fe b60b 9ec0 5c19 4fc0 b580 9559 5d8a
1856. | SHA-1: 363d 030c 4d60 7dab 9339 ae0f adbe 8bf2 c20a c452
1857. | -----BEGIN CERTIFICATE-----
1858. | MIIG2DCCBcCgAwIBAgIMXlKnt9EoL1eOQN/eMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
1859. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
1860. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDMxMjA3NTUwOVoXDTE5MDUw
1861. | OTA4MjkyOFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
1862. | FQYDVQQDDA4qLnNnY3BhbmVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
1863. | AQoCggEBANomHOJkXSUzMaeen2d6TYH0Gocy8ZF1enu5K2qp2ka8l8OdqFq+Mksc
1864. | +o+gokcCpkFDEQp5ADHcOURBebRTpQyvKzrRsV5nkhfc38pHbf7F7OGlvWcG/SrM
1865. | h6ZegWYRDK/GB8u6U7xNUbWtvyl6QnSTrtzpuyuU7w4U9sE0srE/yrIFpe7VFHQd
1866. | jgyUBW0VDkuKuF4nQzt+cycFa9Y5cVjf1nt5Z2HNv4dqHFZ70DfphFpAt+sIGopb
1867. | hhOQCvq/q7C9cfGCW0y3NCK0oMOB/86UpilwpE+SwHtHtSK5rQxlWLqCoWAoVruu
1868. | erbcIHUX6DB4VGrz0acYz8+dO0wT8wMCAwEAAaOCA8gwggPEMA4GA1UdDwEB/wQE
1869. | AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
1870. | Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
1871. | BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
1872. | MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
1873. | L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
1874. | BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
1875. | Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5zZ2NwYW5lbC5jb22C
1876. | DHNnY3BhbmVsLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
1877. | VR0OBBYEFI/uiWe3CQtLSxH1F6cUvzijpGDaMB8GA1UdIwQYMBaAFPXN1TwIUPlq
1878. | Tzq3l9pWg+Zp0mj3MIIB+AYKKwYBBAHWeQIEAgSCAegEggHkAeIAdgCkuQmQtBhY
1879. | FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWIZNMTMAAAEAwBHMEUCIQCBHXu6
1880. | laaYmWlv8N6wMT8sOqhvcY/H7KsG3/jRJ9f4PgIgYWbYfR+w6Q9IGunf77rM4Q8e
1881. | 2Fc4U2tedSkSahR4L14AdwDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+
1882. | zAAAAWIZNMVNAAAEAwBIMEYCIQCizoCalGXkPXDV3ldffK67WSmjmlDCMy6C/JSr
1883. | jvgH5QIhANRi1lHAaG+dTdClSSAjuzsbGRaplKByMIbOoQes47AFAHYAu9nfvB+K
1884. | cbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiGTTFiAAABAMARzBFAiAHNOnJ
1885. | GrX3y7ntMmyb9jrnZjWCNHl7ZxOEM3EFrie6AgIhAK8jV1TnrpH8WiqWpGzl/JYC
1886. | GkNFl1KTXL8CQcj13C1pAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ
1887. | 0N0AAAFiGTTFdAAABAMASDBGAiEAtHpJaDBTglzp8WPgRj/0ChtbEHT6ACpKtTUJ
1888. | 7AJu+QkCIQCnYyFBIbe0SDu0TQxIlYehlKx8uZffr9zN4G4aNYMgtzANBgkqhkiG
1889. | 9w0BAQsFAAOCAQEAXj4cWgey1tCt8PNHJwNEf5RUXBJImRNgZfNzpaDqZDrUmFmx
1890. | MgCYw1wKIgtG/l6d93KoA05enuqQOa53qZh25+g2BmroxqZxELQvlg6mv97dq9Ay
1891. | 0a6X2NSsxkX5uKtQY8SUmn9kpg7pfP2xSzBj5s7JfpvmS2TmekMAEEN6inE+X9WD
1892. | suhLNuZkQpJZlxBgfHqr5BH+CsblsPledhyC+6+ykTQKUZW5cN0OthHZj6at9HXJ
1893. | lwVGa8bVS1CCTkcl2li7L7xcbPdFJQ3pHAb1E9KEEKDluzgwyzbNBD3rXfg0l79X
1894. | RWYFXfdZSKLnIGdHF5I71zAIB3yS8yt4pqrqjQ==
1895. |_-----END CERTIFICATE-----
1896. |_ssl-date: 2019-01-29T00:06:27+00:00; 0s from scanner time.
1897. 3306/tcp open mysql syn-ack MySQL (blocked - too many connection errors)
1898. 4001/tcp closed newoak conn-refused
1899. 5432/tcp open postgresql syn-ack PostgreSQL DB 8.4.20 - 8.4.22
1900. Device type: general purpose|WAP|storage-misc
1901. Running (JUST GUESSING): Linux 2.6.X|4.X|2.4.X|3.X (92%), HP embedded (85%)
1902. OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:3.18
1903. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
1904. Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 4.9 (88%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (87%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (86%), OpenWrt White Russian 0.9 (Linux 2.4.30) (86%), HP P2000 G3 NAS device (85%), Linux 3.18 (85%), Linux 2.6.32 (85%)
1905. No exact OS matches for host (test conditions non-ideal).
1906. TCP/IP fingerprint:
1907. SCAN(V=7.70%E=4%D=1/28%OT=53%CT=25%CU=%PV=N%DS=18%DC=T%G=N%TM=5C4F991D%P=x86_64-pc-linux-gnu)
1908. SEQ(SP=100%GCD=1%ISR=10D%TI=Z%CI=Z%II=I%TS=U)
1909. OPS(O1=M4B3NNSNW8%O2=M4B3NNSNW8%O3=M4B3NW8%O4=M4B3NNSNW8%O5=M4B3NNSNW8%O6=M4B3NNS)
1910. WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)
1911. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW8%CC=Y%Q=)
1912. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
1913. T2(R=N)
1914. T3(R=N)
1915. T4(R=N)
1916. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
1917. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1918. T7(R=N)
1919. U1(R=N)
1920. IE(R=Y%DFI=N%TG=40%CD=S)
1921.  
1922. Network Distance: 18 hops
1923. TCP Sequence Prediction: Difficulty=257 (Good luck!)
1924. IP ID Sequence Generation: All zeros
1925.  
1926. Host script results:
1927. |_clock-skew: mean: 0s, deviation: 0s, median: 0s
1928.  
1929. TRACEROUTE (using proto 1/icmp)
1930. HOP RTT ADDRESS
1931. 1 235.02 ms 10.245.200.1
1932. 2 235.05 ms v106.ce01.hkg-10.hk.leaseweb.net (43.249.36.188)
1933. 3 235.06 ms te-0-0-0-0.br02.hkg-10.hk.leaseweb.net (43.249.36.10)
1934. 4 236.36 ms te-0-3-0-4.505.br02.hkg-12.hk.leaseweb.net (64.120.119.232)
1935. 5 236.36 ms ae-102.bb10.hkg-12.leaseweb.net (31.31.38.194)
1936. 6 237.25 ms 36351.hkg.equinix.com (119.27.63.40)
1937. 7 236.43 ms ae6.cbs02.pn01.hkg01.networklayer.com (169.45.19.170)
1938. 8 267.18 ms ae0.cbs02.eq01.sng02.networklayer.com (169.45.19.189)
1939. 9 267.16 ms b3.13.2da9.ip4.static.sl-reverse.com (169.45.19.179)
1940. 10 299.97 ms ae0.bbr01.sr01.che01.networklayer.com (50.97.19.248)
1941. 11 298.03 ms ae7.bbr02.sr01.che01.networklayer.com (50.97.19.247)
1942. 12 453.49 ms ae2.bbr01.eq01.par02.networklayer.com (50.97.19.251)
1943. 13 436.41 ms ae5.cbs01.eq01.par02.networklayer.com (50.97.19.140)
1944. 14 455.12 ms ae1.cbs02.eq01.lon03.networklayer.com (50.97.19.175)
1945. 15 452.24 ms 169.45.19.205
1946. 16 455.91 ms 169.50.118.127
1947. 17 457.98 ms bb.76.32a9.ip4.static.sl-reverse.com (169.50.118.187)
1948. 18 456.55 ms ip-77-104-129-22.siteground.com (77.104.129.22)
1949.  
1950. NSE: Script Post-scanning.
1951. NSE: Starting runlevel 1 (of 2) scan.
1952. Initiating NSE at 19:06
1953. Completed NSE at 19:06, 0.00s elapsed
1954. NSE: Starting runlevel 2 (of 2) scan.
1955. Initiating NSE at 19:06
1956. Completed NSE at 19:06, 0.00s elapsed
1957. Read data files from: /usr/bin/../share/nmap
1958. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1959. Nmap done: 1 IP address (1 host up) scanned in 88.51 seconds
1960. Raw packets sent: 92 (7.124KB) | Rcvd: 2297 (2.017MB)
1961. #######################################################################################################################################
1962. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-28 19:06 EST
1963. NSE: Loaded 148 scripts for scanning.
1964. NSE: Script Pre-scanning.
1965. Initiating NSE at 19:06
1966. Completed NSE at 19:06, 0.00s elapsed
1967. Initiating NSE at 19:06
1968. Completed NSE at 19:06, 0.00s elapsed
1969. Initiating Parallel DNS resolution of 1 host. at 19:06
1970. Completed Parallel DNS resolution of 1 host. at 19:06, 0.03s elapsed
1971. Initiating UDP Scan at 19:06
1972. Scanning ip-77-104-129-22.siteground.com (77.104.129.22) [14 ports]
1973. Discovered open port 53/udp on 77.104.129.22
1974. Completed UDP Scan at 19:06, 3.26s elapsed (14 total ports)
1975. Initiating Service scan at 19:06
1976. Scanning 12 services on ip-77-104-129-22.siteground.com (77.104.129.22)
1977. Service scan Timing: About 16.67% done; ETC: 19:16 (0:08:10 remaining)
1978. Completed Service scan at 19:08, 102.58s elapsed (12 services on 1 host)
1979. Initiating OS detection (try #1) against ip-77-104-129-22.siteground.com (77.104.129.22)
1980. Retrying OS detection (try #2) against ip-77-104-129-22.siteground.com (77.104.129.22)
1981. Initiating Traceroute at 19:08
1982. Completed Traceroute at 19:08, 7.30s elapsed
1983. Initiating Parallel DNS resolution of 1 host. at 19:08
1984. Completed Parallel DNS resolution of 1 host. at 19:08, 0.02s elapsed
1985. NSE: Script scanning 77.104.129.22.
1986. Initiating NSE at 19:08
1987. Completed NSE at 19:09, 20.32s elapsed
1988. Initiating NSE at 19:09
1989. Completed NSE at 19:09, 2.20s elapsed
1990. Nmap scan report for ip-77-104-129-22.siteground.com (77.104.129.22)
1991. Host is up (0.34s latency).
1992.  
1993. PORT STATE SERVICE VERSION
1994. 53/udp open domain ISC BIND 9.10.6
1995. | dns-nsid:
1996. |_ bind.version: 9.10.6
1997. 67/udp open|filtered dhcps
1998. 68/udp open|filtered dhcpc
1999. 69/udp open|filtered tftp
2000. 88/udp open|filtered kerberos-sec
2001. 123/udp open|filtered ntp
2002. 137/udp filtered netbios-ns
2003. 138/udp filtered netbios-dgm
2004. 139/udp open|filtered netbios-ssn
2005. 161/udp open|filtered snmp
2006. 162/udp open|filtered snmptrap
2007. 389/udp open|filtered ldap
2008. 520/udp open|filtered route
2009. 2049/udp open|filtered nfs
2010. Too many fingerprints match this host to give specific OS details
2011.  
2012. TRACEROUTE (using port 137/udp)
2013. HOP RTT ADDRESS
2014. 1 233.82 ms 10.245.200.1
2015. 2 ... 3
2016. 4 232.65 ms 10.245.200.1
2017. 5 240.79 ms 10.245.200.1
2018. 6 240.78 ms 10.245.200.1
2019. 7 240.77 ms 10.245.200.1
2020. 8 240.76 ms 10.245.200.1
2021. 9 240.75 ms 10.245.200.1
2022. 10 240.75 ms 10.245.200.1
2023. 11 ... 18
2024. 19 233.79 ms 10.245.200.1
2025. 20 233.33 ms 10.245.200.1
2026. 21 ... 28
2027. 29 234.96 ms 10.245.200.1
2028. 30 231.46 ms 10.245.200.1
2029.  
2030. NSE: Script Post-scanning.
2031. Initiating NSE at 19:09
2032. Completed NSE at 19:09, 0.00s elapsed
2033. Initiating NSE at 19:09
2034. Completed NSE at 19:09, 0.00s elapsed
2035. Read data files from: /usr/bin/../share/nmap
2036. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2037. Nmap done: 1 IP address (1 host up) scanned in 145.31 seconds
2038. Raw packets sent: 134 (11.618KB) | Rcvd: 4382 (2.493MB)
2039. #######################################################################################################################################
2040. [+] URL: http://www.almubarakradio.com/
2041. [+] Started: Mon Jan 28 17:02:51 2019
2042.  
2043. Interesting Finding(s):
2044.  
2045. [+] http://www.almubarakradio.com/
2046. | Interesting Entries:
2047. | - X-UA-Compatible: IE=edge
2048. | - Host-Header: 192fc2e7e50945beb8231a492d6a8024
2049. | - X-Proxy-Cache: MISS
2050. | Found By: Headers (Passive Detection)
2051. | Confidence: 100%
2052.  
2053. [+] http://www.almubarakradio.com/robots.txt
2054. | Found By: Robots Txt (Aggressive Detection)
2055. | Confidence: 100%
2056.  
2057. [+] http://www.almubarakradio.com/xmlrpc.php
2058. | Found By: Direct Access (Aggressive Detection)
2059. | Confidence: 100%
2060. | References:
2061. | - http://codex.wordpress.org/XML-RPC_Pingback_API
2062. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
2063. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
2064. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
2065. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
2066.  
2067. [+] http://www.almubarakradio.com/readme.html
2068. | Found By: Direct Access (Aggressive Detection)
2069. | Confidence: 100%
2070.  
2071. [+] WordPress version 5.0.3 identified (Latest, released on 2019-01-09).
2072. | Detected By: Rss Generator (Passive Detection)
2073. | - http://www.almubarakradio.com/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
2074. | - http://www.almubarakradio.com/comments/feed/, <generator>https://wordpress.org/?v=5.0.3</generator>
2075.  
2076. [+] WordPress theme in use: oceanwp
2077. | Location: http://www.almubarakradio.com/wp-content/themes/oceanwp/
2078. | Last Updated: 2019-01-14T00:00:00.000Z
2079. | Readme: http://www.almubarakradio.com/wp-content/themes/oceanwp/readme.txt
2080. | Changelog: http://www.almubarakradio.com/wp-content/themes/oceanwp/changelog.md
2081. | [!] The version is out of date, the latest version is 1.6.1
2082. | Style URL: http://www.almubarakradio.com/wp-content/themes/oceanwp/style.css
2083. |
2084. | Detected By: Urls In Homepage (Passive Detection)
2085. |
2086. | Version: 1.5.20 (80% confidence)
2087. | Detected By: Style (Passive Detection)
2088. | - http://www.almubarakradio.com/wp-content/themes/oceanwp/style.css, Match: 'Version: 1.5.20'
2089.  
2090. [+] Enumerating Vulnerable Plugins
2091. [+] Checking Plugin Versions
2092.  
2093. [i] No plugins Found.
2094.  
2095. [+] Enumerating Vulnerable Themes
2096. Checking Known Locations - Time: 00:01:48 <> (289 / 289) 100.00% Time: 00:01:48
2097. [+] Checking Theme Versions
2098.  
2099. [i] No themes Found.
2100.  
2101. [+] Enumerating Timthumbs
2102. Checking Known Locations - Time: 00:05:43 <> (1001 / 2573) 38.90% ETA: 00:09:0 Checking Known
2103. [i] No Timthumbs Found.
2104.  
2105. [+] Enumerating Config Backups
2106. Checking Config Backups - Time: 00:00:05 <===> (21 / 21) 100.00% Time: 00:00:05
2107.  
2108. [i] No Config Backups Found.
2109.  
2110. [+] Enumerating DB Exports
2111. Checking DB Exports - Time: 00:00:14 <=======> (36 / 36) 100.00% Time: 00:00:14
2112.  
2113. [i] Db Export(s) Identified:
2114.  
2115. [+] http://www.almubarakradio.com/db.sql
2116. | Detected By: Direct Access (Aggressive Detection)
2117.  
2118. [+] Enumerating Medias (Permalink setting must be set to "Plain" for those to be detected)
2119. Brute Forcing Attachment IDs - Time: 00:00:00 <> (0 / 100) 0.00% ETA: ??:??:? Brute Forcing
2120. [i] No Medias Found.
2121.  
2122. [+] Enumerating Users
2123. Brute Forcing Author IDs - Time: 00:00:04 <==> (10 / 10) 100.00% Time: 00:00:04
2124.  
2125. [i] User(s) Identified:
2126.  
2127. [+] admin
2128. | Detected By: Wp Json Api (Aggressive Detection)
2129. | - http://www.almubarakradio.com/wp-json/wp/v2/users/
2130. | Confirmed By:
2131. | Oembed API - Author URL (Aggressive Detection)
2132. | - http://www.almubarakradio.com/wp-json/oembed/1.0/embed?url=http://www.almubarakradio.com/&format=json
2133. | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2134. | Login Error Messages (Aggressive Detection)
2135.  
2136. [+] almub
2137. | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
2138. | Confirmed By: Login Error Messages (Aggressive Detection)
2139.  
2140. [+] Finished: Mon Jan 28 17:21:25 2019
2141. [+] Requests Done: 3071
2142. [+] Cached Requests: 7
2143. [+] Data Sent: 697.775 KB
2144. [+] Data Received: 101.623 MB
2145. [+] Memory used: 206.461 MB
2146. [+] Elapsed time: 00:18:33
2147. #######################################################################################################################################
2148. [-] Date & Time: 28/01/2019 17:02:47
2149. [I] Threads: 5
2150. [-] Target: http://www.almubarakradio.com (77.104.129.22)
2151. [M] Website Not in HTTPS: http://www.almubarakradio.com
2152. [L] X-Frame-Options: Not Enforced
2153. [I] Strict-Transport-Security: Not Enforced
2154. [I] X-Content-Security-Policy: Not Enforced
2155. [I] X-Content-Type-Options: Not Enforced
2156. [L] Robots.txt Found: http://www.almubarakradio.com/robots.txt
2157. [I] CMS Detection: WordPress
2158. [I] Wordpress Version: 5.0.3
2159. [I] Wordpress Theme: oceanwp
2160. [-] WordPress usernames identified:
2161. [M] admin
2162. [M] almub
2163. [M] XML-RPC services are enabled
2164. [I] Forgotten Password Allows Username Enumeration: http://www.almubarakradio.com/wp-login.php?action=lostpassword
2165. [I] Autocomplete Off Not Found: http://www.almubarakradio.com/wp-login.php
2166. [-] Default WordPress Files:
2167. [I] http://www.almubarakradio.com/license.txt
2168. [I] http://www.almubarakradio.com/readme.html
2169. [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/COPYING.txt
2170. [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/LICENSE.txt
2171. [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/genericons/README.txt
2172. [I] http://www.almubarakradio.com/wp-content/themes/twentyfourteen/readme.txt
2173. [I] http://www.almubarakradio.com/wp-content/themes/twentynineteen/readme.txt
2174. [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/COPYING.txt
2175. [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/LICENSE.txt
2176. [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/genericons/README.txt
2177. [I] http://www.almubarakradio.com/wp-content/themes/twentythirteen/readme.txt
2178. [I] http://www.almubarakradio.com/wp-content/themes/twentytwelve/readme.txt
2179. [I] http://www.almubarakradio.com/wp-includes/ID3/license.commercial.txt
2180. [I] http://www.almubarakradio.com/wp-includes/ID3/license.txt
2181. [I] http://www.almubarakradio.com/wp-includes/ID3/readme.txt
2182. [I] http://www.almubarakradio.com/wp-includes/images/crystal/license.txt
2183. [I] http://www.almubarakradio.com/wp-includes/js/plupload/license.txt
2184. [I] http://www.almubarakradio.com/wp-includes/js/swfupload/license.txt
2185. [I] http://www.almubarakradio.com/wp-includes/js/tinymce/license.txt
2186. [-] Searching Wordpress Plugins ...
2187. [I] Enigma2.php?boarddir=http:
2188. [I] admin_panel.php?wp_footnotes_current_settings[post_footnotes]=&lt;
2189. /bin/sh: 1: lt: not found
2190. /bin/sh: 1: [&=/]: not found
2191. [I] admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=&lt;
2192. /bin/sh: 1: lt: not found
2193. /bin/sh: 1: [&=/]: not found
2194. [I] adrotate
2195. [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
2196. [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
2197. [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
2198. [I] ads-box
2199. [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
2200. [I] compact-wp-audio-player v1.9.6
2201. [I] elementor v2.3.8
2202. [I] feed
2203. [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
2204. [I] firestats
2205. [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
2206. [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
2207. [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
2208. [I] media-element-html5-video-and-audio-player v4.2.8
2209. [I] ocean-extra v1.4.30
2210. [I] pay-with-tweet.php
2211. [M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
2212. [I] simple-ads-manager
2213. [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
2214. [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
2215. [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
2216. [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
2217. [I] wp-bannerize
2218. [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
2219. [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
2220. [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
2221. [I] Checking for Directory Listing Enabled ...
2222. [-] Date & Time: 28/01/2019 17:14:22
2223. [-] Completed in: 0:11:35
2224. #######################################################################################################################################
2225. Anonymous JTSEC #OpIsis Full Recon #6