Untitled

# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:20:57
===================================================================================================
| Domain: http://fbi.gov/
| Server: ATLAS Platform
| IP: 69.58.186.114
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
===================================================================================================
| TYPE ERROR
|
===================================================================================================
| SERVER MOBILE
|
===================================================================================================
| LANGUAGE
|
| xml:lang="en-us"
| lang="en-us"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| a href="https://bankrobbers.fbi.gov/">Bank Robbers
| script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-1603990-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https' : 'http') + '://www.fbi.gov/urchin.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();
| a href="https://twitter.com/FBI" title="FBI Twitter">
| a href="http://twitter.com/FBI" title="Twitter">Twitter
| a href="http://www.facebook.com/FBI" title="FBI Facebook">
| a href="http://www.facebook.com/FBI" title="Facebook">Facebook
| label for="login">
| style type="text/css" media="print">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/print-cachekey-5df8ff797f0afb73f823f8daab1c84a9.css);
| style type="text/css" media="screen">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/base-cachekey-f1019f5890f765731a3a75be920e1c81.css);
| style type="text/css">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/deprecated-cachekey-58f8be95b079ec2b704aab409d863a4d.css);
| style type="text/css" media="all">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/ploneCustom-cachekey-5570b8b557b2e5a987a871b7512c4120.css);
| style type="text/css">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/IEAllVersions-cachekey-47fe4aec844750fe79784dbdf0d9d18f.css);
| style type="text/css" media="screen">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/ie8fixes-cachekey-474305edd4ddbe01843a7bb92da1f6ae.css);
| style type="text/css" media="print">@import url(https://www.fbi.gov/portal_css/FBI%202010%20Theme/ie_print-cachekey-4581b058cf3f4a5b59c00a7a2e7a74b9.css);
===================================================================================================
| WHOIS
|
| % DOTGOV WHOIS Server ready
|
|    Domain Name: FBI.GOV
|
|    Status: ACTIVE
|
|
|
| >>> Last update of whois database: 2015-07-09T20:20:54Z <<<
|
| Please be advised that this whois server only contains information pertaining
|
| to the .GOV domain. For information for other domains please use the whois
|
| server at RS.INTERNIC.NET.
|
===================================================================================================
| BANNER GRABBING:
| X-Meta-Generator: Plone - http://plone.org
| X-Meta-Location:
===================================================================================================
===================================================================================================
| PING
|
| PING fbi.gov (69.58.186.114) 56(84) bytes of data.
|
| --- fbi.gov ping statistics ---
| 4 packets transmitted, 0 received, 100% packet loss, time 3024ms
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| fbi.gov   mail exchanger = 10 smtpc.fbi.gov.
| Authoritative answers can be found from:
| *** Can't find fbi.gov: No answer
| fbi.gov   nameserver = a3.fbi.gov.
| fbi.gov   nameserver = a2.fbi.gov.
| fbi.gov   nameserver = a1.fbi.gov.
| Name: fbi.gov
| Address: 69.58.186.114
| fbi.gov
|   origin = a1.fbi.gov
|   mail addr = mdnshelp.verisign.com
|   serial = 1415239807
|   refresh = 600
|   retry = 1800
|   expire = 1209600
|   minimum = 1800
| fbi.gov   text = "v=spf1 +mx ip4:153.31.0.0/16 -all"
===================================================================================================
| NMAP
|
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:21 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:21
| Scanning fbi.gov (69.58.186.114) [4 ports]
| Completed Ping Scan at 13:21, 3.05s elapsed (1 total hosts)
| Nmap scan report for fbi.gov (69.58.186.114) [host down]
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
| Nmap done: 1 IP address (0 hosts up) scanned in 4.68 seconds
|            Raw packets sent: 8 (304B) | Rcvd: 0 (0B)
===================================================================================================
|
| Directory check:
| Skipped because http://fbi.gov/uniscan529/ did not return the code 404
===================================================================================================
|
| File check:
| Skipped because http://fbi.gov/uniscan816/ did not return the code 404
===================================================================================================
|
| Check robots.txt:
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
| [+] Crawling finished, 1 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| Source Code Disclosure:
|
| E-mails:
|
| Web Backdoors:
|
| External hosts:
|
| PHPinfo() Disclosure:
|
| File Upload Forms:
|
| Ignored Files:
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 0 New directories added
|
|
| FCKeditor tests:
| Skipped because http://fbi.gov/testing123 did not return the code 404
|
|
| Timthumb < 1.33 vulnerability:
|
|
| Backup Files:
| Skipped because http://fbi.gov/testing123 did not return the code 404
|
|
| Blind SQL Injection:
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
===================================================================================================
| Static tests:
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.1 Loaded.
|
|
| Local File Include:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:24:58
===================================================================================================
| [*] http://cia.gov/ redirected to http://www.cia.gov/
| [*] New target is: http://www.cia.gov/
===================================================================================================
| Domain: http://www.cia.gov/
| IP: 23.203.216.96
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
===================================================================================================
| TYPE ERROR
|
| http://www.cia.gov/ha4J]en|O{CVN2s-">F.php responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .php doesn't exist! any results from this server may be void
| http://www.cia.gov/jH}]^x(Xc9L0/BG(%@8.html responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .html doesn't exist! any results from this server may be void
| http://www.cia.gov/]!"Y_7/xW<}R5wsafP|5.htm responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .htm doesn't exist! any results from this server may be void
| http://www.cia.gov/@h5\xe}<P-du'0\WmPv.aspx responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .aspx doesn't exist! any results from this server may be void
| http://www.cia.gov/ti^(;H`OPbB>j=jf3w].asp responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .asp doesn't exist! any results from this server may be void
| http://www.cia.gov/V"KZ:0uf]WQNNxyqQ[nm.jsp responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .jsp doesn't exist! any results from this server may be void
| http://www.cia.gov/Zg(Wg.s6VF[Jvb:7:5S(.cgi responded with code: 200 the server might just responde with this code even when the dir, file, or Extention: .cgi doesn't exist! any results from this server may be void
===================================================================================================
| SERVER MOBILE
|
===================================================================================================
| LANGUAGE
|
| lang="en"
| xml:lang="en"
| lang="ar"
| xml:lang="ar"
| lang="zh-cn"
| xml:lang="zh-cn"
| lang="fr"
| xml:lang="fr"
| lang="ru"
| xml:lang="ru"
| lang="es"
| xml:lang="es"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| a class="icon-twitter hide-text" href="https://twitter.com/CIA">Twitter
| a class="twitter-timeline" data-dnt="true" width="235" height="322" href="https://twitter.com/CIA" data-widget-id="497085799548993536">Tweets by @CIA
| script> setTimeout(function () { !function (d, s, id) { var js, fjs = d.getElementsByTagName(s)[0], p = /^http:/.test(d.location) ? 'http' : 'https'; if (!d.getElementById(id)) { js = d.createElement(s); js.id = id; js.src = p + "://platform.twitter.com/widgets.js"; fjs.parentNode.insertBefore(js, fjs); } } (document, "script", "twitter-wjs"); }, 500);
| a class="social-6" href="https://twitter.com/CIA">CIA Twitter
| a class="icon-facebook hide-text" href="https://www.facebook.com/Central.Intelligence.Agency">Facebook
| a class="social-5" href="https://www.facebook.com/Central.Intelligence.Agency">CIA Facebook
===================================================================================================
| WHOIS
|
| % DOTGOV WHOIS Server ready
|
| No match for "WWW.CIA.GOV".
|
|
|
| >>> Last update of whois database: 2015-07-09T20:24:55Z <<<
|
| Please be advised that this whois server only contains information pertaining
|
| to the .GOV domain. For information for other domains please use the whois
|
| server at RS.INTERNIC.NET.
|
===================================================================================================
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
| PING e6221.dscna.akamaiedge.net (23.203.216.96) 56(84) bytes of data.
| 64 bytes from a23-203-216-96.deploy.static.akamaitechnologies.com (23.203.216.96): icmp_seq=1 ttl=53 time=27.6 ms
| 64 bytes from a23-203-216-96.deploy.static.akamaitechnologies.com (23.203.216.96): icmp_seq=2 ttl=53 time=33.0 ms
| 64 bytes from a23-203-216-96.deploy.static.akamaitechnologies.com (23.203.216.96): icmp_seq=3 ttl=53 time=31.4 ms
| 64 bytes from a23-203-216-96.deploy.static.akamaitechnologies.com (23.203.216.96): icmp_seq=4 ttl=54 time=74.0 ms
|
| --- e6221.dscna.akamaiedge.net ping statistics ---
| 4 packets transmitted, 4 received, 0% packet loss, time 3003ms
| rtt min/avg/max/mdev = 27.691/41.582/74.066/18.857 ms
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| www.cia.gov   canonical name = www.cia.gov.edgekey.net.
| www.cia.gov.edgekey.net   canonical name = e6221.dscna.akamaiedge.net.
| Authoritative answers can be found from:
| Name: e6221.dscna.akamaiedge.net
| Address: 23.203.216.96
===================================================================================================
| NMAP
|
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:25 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:25
| Scanning www.cia.gov (23.203.216.96) [4 ports]
| Completed Ping Scan at 13:25, 1.03s elapsed (1 total hosts)
| Initiating Parallel DNS resolution of 1 host. at 13:25
| Completed Parallel DNS resolution of 1 host. at 13:25, 0.00s elapsed
| Initiating SYN Stealth Scan at 13:25
| Scanning www.cia.gov (23.203.216.96) [1000 ports]
| Discovered open port 554/tcp on 23.203.216.96
| Discovered open port 21/tcp on 23.203.216.96
| Discovered open port 80/tcp on 23.203.216.96
| Discovered open port 443/tcp on 23.203.216.96
| Discovered open port 7070/tcp on 23.203.216.96
| Completed SYN Stealth Scan at 13:26, 51.22s elapsed (1000 total ports)
| Initiating Service scan at 13:26
| Scanning 5 services on www.cia.gov (23.203.216.96)
| Service scan Timing: About 60.00% done; ETC: 13:29 (0:01:28 remaining)
| Completed Service scan at 13:28, 133.42s elapsed (5 services on 1 host)
| Initiating OS detection (try #1) against www.cia.gov (23.203.216.96)
| Retrying OS detection (try #2) against www.cia.gov (23.203.216.96)
| Initiating Traceroute at 13:28
| Completed Traceroute at 13:28, 0.03s elapsed
| NSE: Script scanning 23.203.216.96.
| Initiating NSE at 13:28
| Completed NSE at 13:29, 75.46s elapsed
| Nmap scan report for www.cia.gov (23.203.216.96)
| Host is up (0.019s latency).
| rDNS record for 23.203.216.96: a23-203-216-96.deploy.static.akamaitechnologies.com
| Not shown: 995 filtered ports
| PORT     STATE SERVICE     VERSION
| 21/tcp   open  ftp?
| |_ftp-bounce: no banner
| 80/tcp   open  http        AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
| |_http-methods: No Allow or Public header in OPTIONS response (status code 501)
| |_http-title: Did not follow redirect to https://www.cia.gov/
| 443/tcp  open  ssl/http    AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
| |_http-favicon: Unknown favicon MD5: C0E9990D1233AE79509FF2E4F2D840F4
| |_http-methods: No Allow or Public header in OPTIONS response (status code 501)
| | http-title: Welcome to the CIA Web Site \xE2\x80\x94 Central Intelligence Agency
| |_Requested resource was https://www.cia.gov/index.html
| | ssl-cert: Subject: commonName=www.cia.gov/organizationName=Central Intelligence Agency/stateOrProvinceName=Virginia/countryName=US
| | Issuer: commonName=Symantec Class 3 EV SSL CA - G3/organizationName=Symantec Corporation/countryName=US
| | Public Key type: rsa
| | Public Key bits: 2048
| | Not valid before: 2015-04-01T00:00:00
| | Not valid after:  2016-04-11T23:59:59
| | MD5:   23ca 3805 cff2 7a57 2892 547b 3653 dbc3
| |_SHA-1: 4c8a 6b27 3c38 5b92 05d6 3508 629b 737c 73f0 690a
| 554/tcp  open  rtsp?
| 7070/tcp open  realserver?
| Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
| OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
| No OS matches for host
| Network Distance: 1 hop
| TCP Sequence Prediction: Difficulty=213 (Good luck!)
| IP ID Sequence Generation: Incremental
|
| TRACEROUTE (using port 554/tcp)
| HOP RTT      ADDRESS
| 1   12.66 ms a23-203-216-96.deploy.static.akamaitechnologies.com (23.203.216.96)
|
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
| Nmap done: 1 IP address (1 host up) scanned in 268.65 seconds
|            Raw packets sent: 3104 (139.174KB) | Rcvd: 126 (10.403KB)
===================================================================================================
|
| Directory check:
| Skipped because http://www.cia.gov/uniscan40/ did not return the code 404
===================================================================================================
|
| File check:
| Skipped because http://www.cia.gov/uniscan694/ did not return the code 404
===================================================================================================
|
| Check robots.txt:
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
===================================================================================================
| Stress tests:
| Plugin name: Mini Stress Test v.1.1 Loaded.
|
|
| Mini Stress Test:
| Looking for best cost:
| Cost: [1] http://fbi.gov/a
| Using http://fbi.gov/a as target
| [+] Crawling finished, 139 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| Source Code Disclosure:
|
| E-mails:
|
| Web Backdoors:
|
| External hosts:
| [+] External Host Found: https://twitter.com
| [+] External Host Found: http://www.usa.gov
| [+] External Host Found: http://www.dni.gov
| [+] External Host Found: http://www.foia.cia.gov
| [+] External Host Found: http://get.adobe.com
| [+] External Host Found: http://www.microsoft.com
| [+] External Host Found: http://www.youtube.com
| [+] External Host Found: https://www.youtube.com
| [+] External Host Found: https://www.facebook.com
| [+] External Host Found: https://www.flickr.com
| [+] External Host Found: http://www.flickr.com
|
| PHPinfo() Disclosure:
|
| File Upload Forms:
|
| Ignored Files:
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 1 New directories added
|
|
| FCKeditor tests:
| Skipped because http://www.cia.gov/++theme++contextual.agencytheme/css/testing123 did not return the code 404
|
|
| Timthumb < 1.33 vulnerability:
|
|
| Backup Files:
| Skipped because http://www.cia.gov/++theme++contextual.agencytheme/css/testing123 did not return the code 404
|
|
| Blind SQL Injection:
| Mini Stress Test End.
===================================================================================================
Scan end date: 9-7-2015 13:31:42


HTML report saved in: report/fbi.gov.html
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:37:39
===================================================================================================
| [*] http://federalreserve.gov/ redirected to http://www.federalreserve.gov/
| [*] New target is: http://www.federalreserve.gov/
===================================================================================================
| Domain: http://www.federalreserve.gov/
| IP: 132.200.148.151
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
===================================================================================================
| TYPE ERROR
|
===================================================================================================
| SERVER MOBILE
|
===================================================================================================
| LANGUAGE
|
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js">
| script src="http://admin.brightcove.com/js/APIModules_all.js">
| a href="/paymentsystems/default.htm">Payment
| a href="/newsevents/press/other/20150126a.htm">Improving the U.S. Payment System
| br/> Find out more about the future of the U.S. payment system and plans for collaborating with stakeholders to achieve shared goals.&#160;
| a target="_self" href="http://www.federalreserve.gov/newsevents/press/other/20150126a.htm">Strategies for Improving the U.S. Payment System paper
| a target="_self" href="https://fedpaymentsimprovement.org/">FedPayments Improvement website
| a target="_self" href="https://fedpaymentsimprovement.org/events/">Upcoming Events
| a href="http://www.federalreserve.gov/consumerinfo/independent-foreclosure-review-payment-agreement.htm" target="_self">Independent Foreclosure Review Payment Agreement
| img src="/gifjpg/masthead.jpg" alt="Board of Governors of the Federal Reserve System. The Federal Reserve, the central bank of the United States, provides the nation with a safe, flexible, and stable monetary and financial system.">
| a href="/bankinforeg/default.htm">Banking
| a href="/newsevents/press/bcreg/20150706a.htm">Agencies announce EGRPRA outreach meeting in Kansas City focusing on rural banking issues
| h5>Financial Accounts of the United States
| a href="/releases/z1/">Financial Accounts of the United States - Z.1
| a href="javascript:exitWindow('https://twitter.com/federalreserve','ext')">
===================================================================================================
| WHOIS
|
| % DOTGOV WHOIS Server ready
|
| No match for "WWW.FEDERALRESERVE.GOV".
|
|
|
| >>> Last update of whois database: 2015-07-09T20:37:41Z <<<
|
| Please be advised that this whois server only contains information pertaining
|
| to the .GOV domain. For information for other domains please use the whois
|
| server at RS.INTERNIC.NET.
|
===================================================================================================
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
| PING www.federalreserve.frb.akadns.net (132.200.148.151) 56(84) bytes of data.
|
| --- www.federalreserve.frb.akadns.net ping statistics ---
| 4 packets transmitted, 0 received, 100% packet loss, time 3022ms
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| www.federalreserve.gov    canonical name = www.federalreserve.frb.akadns.net.
| Authoritative answers can be found from:
| Name: www.federalreserve.frb.akadns.net
| Address: 132.200.148.151
===================================================================================================
| NMAP
|
===================================================================================================
| Static tests:
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.1 Loaded.
|
|
| Local File Include:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:37 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:37
| Scanning www.federalreserve.gov (132.200.148.151) [4 ports]
| Completed Ping Scan at 13:37, 1.04s elapsed (1 total hosts)
| Initiating Parallel DNS resolution of 1 host. at 13:37
| Completed Parallel DNS resolution of 1 host. at 13:37, 0.38s elapsed
| Initiating SYN Stealth Scan at 13:37
| Scanning www.federalreserve.gov (132.200.148.151) [1000 ports]
| Discovered open port 21/tcp on 132.200.148.151
| Discovered open port 80/tcp on 132.200.148.151
| Discovered open port 443/tcp on 132.200.148.151
| Discovered open port 554/tcp on 132.200.148.151
| Discovered open port 7070/tcp on 132.200.148.151
| Completed SYN Stealth Scan at 13:38, 12.21s elapsed (1000 total ports)
| Initiating Service scan at 13:38
| Scanning 5 services on www.federalreserve.gov (132.200.148.151)
| Service scan Timing: About 40.00% done; ETC: 13:43 (0:02:54 remaining)
| Completed Service scan at 13:40, 131.60s elapsed (5 services on 1 host)
| Initiating OS detection (try #1) against www.federalreserve.gov (132.200.148.151)
| Initiating Traceroute at 13:40
| Completed Traceroute at 13:40, 3.05s elapsed
| Initiating Parallel DNS resolution of 11 hosts. at 13:40
| Completed Parallel DNS resolution of 11 hosts. at 13:40, 0.34s elapsed
| NSE: Script scanning 132.200.148.151.
| Initiating NSE at 13:40
| Completed NSE at 13:41, 75.58s elapsed
| Nmap scan report for www.federalreserve.gov (132.200.148.151)
| Host is up (0.052s latency).
| Not shown: 995 filtered ports
| PORT     STATE SERVICE     VERSION
| 21/tcp   open  ftp?
| |_ftp-bounce: no banner
| 80/tcp   open  http-proxy  F5 BIG-IP load balancer http proxy
| |_http-favicon: Unknown favicon MD5: E87B855CBCD39123AF0272D30E2D580A
| | http-methods: OPTIONS TRACE GET HEAD POST
| | Potentially risky methods: TRACE
| |_See http://nmap.org/nsedoc/scripts/http-methods.html
| |_http-open-proxy: Proxy might be redirecting requests
| |_http-title: Board of Governors of the Federal Reserve System
| 443/tcp  open  ssl/https
| |_http-favicon: Unknown favicon MD5: E87B855CBCD39123AF0272D30E2D580A
| | http-methods: OPTIONS TRACE GET HEAD POST
| | Potentially risky methods: TRACE
| |_See http://nmap.org/nsedoc/scripts/http-methods.html
| | http-server-header: Software version grabbed from Server header.
| | Consider submitting a service fingerprint.
| |_Run with --script-args http-server-header.skip
| |_http-title: Board of Governors of the Federal Reserve System
| | ssl-cert: Subject: commonName=*.federalreserve.gov/organizationName=Federal Reserve System/stateOrProvinceName=District of Columbia/countryName=US
| | Issuer: commonName=Symantec Class 3 Secure Server CA - G4/organizationName=Symantec Corporation/countryName=US
| | Public Key type: rsa
| | Public Key bits: 2048
| | Not valid before: 2015-03-10T00:00:00
| | Not valid after:  2017-03-10T23:59:59
| | MD5:   a567 96c8 f26d c402 ea2f 0d60 2508 ccbd
| |_SHA-1: 7cbf 099b 0f9c 2faa bcad bdef a220 89b3 8ebb d4fd
| 554/tcp  open  rtsp?
| 7070/tcp open  realserver?
| Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
| Device type: WAP|storage-misc
| Running: Apple embedded
| OS CPE: cpe:/h:apple:airport_extreme
| OS details: Apple AirPort Extreme WAP or Time Capsule NAS device
| Network Distance: 14 hops
| TCP Sequence Prediction: Difficulty=211 (Good luck!)
| IP ID Sequence Generation: Busy server or unknown class
| Service Info: Device: load balancer
|
| TRACEROUTE (using port 443/tcp)
| HOP RTT       ADDRESS
| 1   33.32 ms  10.0.1.1
| 2   ...
| 3   33.51 ms  dtr04mtpkca-tge-0-0-0-13.mtpk.ca.charter.com (96.34.101.229)
| 4   33.53 ms  crr02mtpkca-tge-0-4-0-1.mtpk.ca.charter.com (96.34.98.98)
| 5   33.54 ms  bbr01mtpkca-bue-3.mtpk.ca.charter.com (96.34.2.26)
| 6   36.23 ms  be4016.ccr23.lax05.atlas.cogentco.com (38.104.84.101)
| 7   36.23 ms  be2179.ccr22.lax01.atlas.cogentco.com (154.54.41.81)
| 8   36.25 ms  be2017.ccr21.lax04.atlas.cogentco.com (154.54.0.237)
| 9   ...
| 10  107.64 ms ae-5-5.car1.Baltimore1.Level3.net (4.69.134.102)
| 11  121.18 ms 4.34.2.54
| 12  ...
| 13  121.11 ms 132.200.132.44
| 14  121.03 ms 132.200.148.151
|
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
| Nmap done: 1 IP address (1 host up) scanned in 228.79 seconds
|            Raw packets sent: 2070 (93.576KB) | Rcvd: 1750 (145.634KB)
===================================================================================================
|
| Directory check:
===================================================================================================
| Stress tests:
| Plugin name: Mini Stress Test v.1.1 Loaded.
|
|
| Mini Stress Test:
| Looking for best cost:
| Cost: [1] http://www.cia.gov/
| [+] CODE: 200 URL: http://www.federalreserve.gov/bios/
| Cost: [8] http://www.cia.gov/about-cia/leadership
| [+] CODE: 200 URL: http://www.federalreserve.gov/careers/
| [+] CODE: 200 URL: http://www.federalreserve.gov/feeds/
| Using http://www.cia.gov/about-cia/leadership as target
| [+] CODE: 200 URL: http://www.federalreserve.gov/open/
| [+] CODE: 200 URL: http://www.federalreserve.gov/publications/
| [+] CODE: 200 URL: http://www.federalreserve.gov/releases/
| Mini Stress Test End.
===================================================================================================
Scan end date: 9-7-2015 13:44:9


HTML report saved in: report/www.cia.gov.html
| [+] CODE: 200 URL: http://www.federalreserve.gov/support/
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:44:28
===================================================================================================
| Domain: http://en.kremlin.ru/
| Server: nginx
| IP: 95.173.136.70
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
===================================================================================================
| TYPE ERROR
|
===================================================================================================
| SERVER MOBILE
|
===================================================================================================
|
| File check:
===================================================================================================
| LANGUAGE
|
| lang="en"
| hreflang="ru"
| hreflang="en"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| div class="events_index__block is-active" data-block="admin">
| a href="/events/administration">Presidential Executive Office
| a href="/events/administration/49898" itemprop="url">
| a href="/events/administration/49882" itemprop="url">
| a href="/events/administration/49868" itemprop="url">
| a href="/events/administration/49859" itemprop="url">
| a href="/events/administration/49879" itemprop="url">
| a href="/events/administration/49752" itemprop="url">
| a class="link__at_section" href="/events/administration">All news of the Presidential Executive Office
| a href="http://twitter.com/KremlinRussia_E" rel="me" target="_blank">Twitter
| a href="http://twitter.com/KremlinRussia_E" class="sidebar__special" itemprop="url" tabindex="0" rel="me" target="_blank" >
===================================================================================================
| WHOIS
|
| % By submitting a query to RIPN's Whois Service
|
| % you agree to abide by the following terms of use:
|
| % http://www.ripn.net/about/servpol.html#3.2 (in Russian)
|
| % http://www.ripn.net/about/en/servpol.html#3.2 (in English).
|
|
|
| No entries found for the selected source(s).
|
|
|
| Last updated on 2015.07.09 23:41:34 MSK
|
|
|
===================================================================================================
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
| PING en.kremlin.ru (95.173.136.70) 56(84) bytes of data.
|
| --- en.kremlin.ru ping statistics ---
| 4 packets transmitted, 0 received, 100% packet loss, time 3024ms
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| *** Can't find en.kremlin.ru: No answer
| Authoritative answers can be found from:
| Name: en.kremlin.ru
| Address: 95.173.136.70
| Address: 95.173.136.71
| Address: 95.173.136.72
===================================================================================================
| NMAP
|
| [+] CODE: 200 URL: http://www.federalreserve.gov/default.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/favicon.ico
| [+] CODE: 200 URL: http://www.federalreserve.gov/install/install.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/junk.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/login.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/maint.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/maintenance.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/test.aspx
| [+] CODE: 200 URL: http://www.federalreserve.gov/trace.axd
===================================================================================================
|
| Check robots.txt:
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:48:8
===================================================================================================
| [*] http://www.snsbank.nl/ redirected to http://www.snsbank.nl/particulier/
| [*] New target is: http://www.snsbank.nl/particulier/
===================================================================================================
| Domain: http://www.snsbank.nl/particulier/
| IP: 194.53.208.72
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
===================================================================================================
| TYPE ERROR
|
===================================================================================================
| SERVER MOBILE
|
| index page reqested with an Iphone UserAgent is diferent then with a regular UserAgent. This Host may have a mobile site
===================================================================================================
| LANGUAGE
|
| xml:lang="nl"
| lang="nl"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| title>Voor sparen, een betaalrekening, verzekeringen of een hypotheek: SNS Bank
| link rel="shortcut icon" href="/static/snsbank/img/icons/favicon.ico" type="image/x-icon" />
| meta name="description" content="Hoge spaarrente, rente op je betaalrekening, een voordelige (inboedel)verzekering en een passende hypotheek? Allemaal eenvoudig geregeld bij SNS Bank." />
| meta name="keywords" content="sparen, spaarrekening, rente, betaalrekening, verzekering(en), hypotheek, internetbankieren, online afsluiten, veilig, service, spaarrente, winkels , rentetarieven, bankzaken, geldautomaten" />
| link type="text/css" rel="stylesheet" media="screen, projection" href="/static/snsbank/css/home.css" />
| link type="text/css" rel="stylesheet" media="screen, projection" href="/static/snsbank/css/sns_home.css" />
| link type="text/css" rel="stylesheet" media="print" href="/static/snsbank/css/print.css" />
| link type="text/css" rel="stylesheet" media="screen, projection" href="/static/snsbank/css/redesign-overwrite.css" />
| script type="text/javascript" src="/static/snsbank/js/redesign/html5shiv.js">
| link type="text/css" rel="stylesheet" href="/static/snsbank/css/lte-ie9-buttons.css" />
| link type="text/css" rel="stylesheet" href="/static/snsbank/css/ie-webfont-fix.css" />
| link type="text/css" media="screen,projection" rel="stylesheet" href="/static/snsbank/css/home-ie7-corrections.css" />
| link type="text/css" rel="stylesheet" href="/static/snsbank/css/gx-ie-overrule.css" />
| script src="/static/snsbank/js/sns_home.js" type="text/javascript">
| script src="/static/snsbank/js/unloadswf.js" type="text/javascript">
| a name="Meer informatie" class="" href="https://www.snsbank.nl/particulier/klantenservice/besturingssystemen-en-browsers-snsbank.nl.html">Kijk hier voor meer informatie
| script src="/static/snsbank/js/omniture/s_code.min.js" type="text/javascript">
| img src="/static/snsbank/img/restyle/logo-new.png" alt="SNS Bank" width="171" height="60" />
| a href="https://heelnormaal.snsbank.nl">
| a href="/" id="homeLink" title="SNS bank logo - link naar home">
| img class="" src="/static/snsbank/img/restyle/logo-new.png" alt="SNS bank logo - link naar home" width="171" height="60" />
| script type="text/javascript"> $( document ).ready(function() { var gsa_site = $("#gsa_site_input").val(); if (gsa_site.length == 0) {gsa_site = "snsbank_particulier";} $(".gsa_searchKeyWords").autocomplete({ source: function( request, response ) { $.ajax({ type: "POST", url: "/web/wcbservlet/gsaservlet/suggest?q=" + request.term + "&max=10&site=" + gsa_site + "&client=snsbank_web&access=p&format=rich", dataType: "json", success: function(data){ //The results are not really in the format jQuery UI expects var finalData =$.map(data.results, function(item) { return { label:item.name, value:item.name } }); response(finalData); } }); }, select: function(event, ui) { if(ui.item){ $('.gsa_searchKeyWords').val(ui.item.value); } $('#gsa_site_input').val(gsa_site); $('.headerSearchForm').submit(); }, minLength: 1 }); });
| input type="hidden" name="site" value="snsbank_particulier" id="gsa_site_input" />
| input type="hidden" name="client" value="snsbank_web" id="gsa_client_input" />
| input type="submit" id="submitlogout" value="Inloggen internetbankieren"/>
| a class="bullet" href="https://www.snsbank.nl/particulier/klantenservice/mijn-sns/mijn-sns-aanvragen.html">Mijn SNS aanvragen
| a title="SNS Bank drempelvrij internetbankieren" href="http://www.snsbank.nl/drempelvrij" onclick="window.open(this.href).opener=null;return false;">
| img class="drempelvrijGroen" src="/static/snsbank/img/hyperlinks/drempelvrijGroen.png" alt="SNS Bank drempelvrij internetbankieren" />
| a href="https://www.snsbank.nl/web/file?uuid=c2c2f843-8d48-474b-a704-b60658d389a5&owner=d5fe9abf-6784-4174-8c82-bc8310dcc108&contentid=9977">actievoorwaarden
| a href="https://www.snsbank.nl/particulier/klantenservice/contact/contact-met-sns.html" class="decorated-link" title="https://www.snsbank.nl/particulier/klantenservice/contact/contact-met-sns.html">Telefoon & e-mail
| a href="https://www.snsbank.nl/particulier/klantenservice/banken/zoek-een-winkel.html" class="decorated-link" title="https://www.snsbank.nl/particulier/klantenservice/banken/zoek-een-winkel.html">SNS Winkels
| a href="https://www.snsbank.nl/particulier/klantenservice/zoek-een-winkel.html" class="decorated-link" title="https://www.snsbank.nl/particulier/klantenservice/zoek-een-winkel.html">SNS Geldautomaten
| a href="http://www.facebook.com/snsbank?promo=smed_fb" class="decorated-link" title="http://www.facebook.com/snsbank?promo=smed_fb">Facebook
| a href="http://www.twitter.com/snsbank?promo=smed_tw" class="decorated-link" title="http://www.twitter.com/snsbank?promo=smed_tw">Twitter
| a href="http://community.snsbank.nl/" class="decorated-link" title="http://community.snsbank.nl/">SNS Community
| a href="https://www.snsbank.nl/particulier/klantenservice/contact/contact-met-sns.html" class="decorated-link" title="https://www.snsbank.nl/particulier/klantenservice/contact/contact-met-sns.html">Alle contactgegevens
| a href="https://www.snsbank.nl/particulier/klantenservice/mijn-sns/bankieren-met-je-mobiel.html" class="bullet" title="https://www.snsbank.nl/particulier/klantenservice/mijn-sns/bankieren-met-je-mobiel.html">SNS Mobiel bankieren app
| a href="http://www.snsbank.nl/particulier/klantenservice.html" class="bullet" title="http://www.snsbank.nl/particulier/klantenservice.html">Meer klantenservice
| h2>Over SNS Bank
| a href="/particulier/over-sns/werken-bij-sns-bank.html" class="bullet" title="Werken bij SNS Bank">Vacatures
| a href="http://www.snsbank.nl/particulier/over-sns-bank/veilig-bankieren.html" class="bullet" title="http://www.snsbank.nl/particulier/over-sns-bank/veilig-bankieren.html">Veilig bankieren
| a href="/particulier/over-sns.html" class="bullet" title="Over ons">Meer over SNS Bank
| a title="SNS Bank" rel="nofollow" href="http://www.snsbank.nl">SNS Bank
| a id="thuiswinkel-logo" href="https://www.thuiswinkel.org/leden/sns-bank/certificaat" rel="nofollow">
| a id="reaal-logo-link" href="http://www.snsbank.nl/particulier/over-sns-bank/drempelvrij.html">
| script language="JavaScript" type="text/javascript"> s.un="advsnsbanklive"; s.pageName="Particulier:Home"; var page = "Home"; if(page == "Pagina niet gevonden"){ s.pageType = "errorPage";} if(page == "Gebruikersnaam gewijzigd"){ s.prop32 = "naam"; s.eVar45 = "instellingen gewijzigd"; s.events = "event32"; } //page Type s.prop26="Home"; s.prop26=""; if(typeof stepNumber == "string" && typeof (stepName) !== "undefined"){ s.pageName = s.pageName + ":" + stepNumber + ":" + stepName; } s.prop1="particulier"; s.prop3="976048"; s.prop4="15482930"; var loginstatus = 'niet ingelogd'; s.prop27 = loginstatus; s.eVar4=""; s.server = "www.snsbank.nl"; s.prop6 = '2015/07/09 22:48'; var productname=";;1"; if (productname == ";") { s.products=""; } else { s.products=";;1"; } var cookieVal = document.cookie.substring(document.cookie.indexOf('=')+1,document.cookie.indexOf(';')); var gender; if(loginstatus == 'ingelogd'){ s.eVar44 = ''; s.prop40 = ''; s.prop41 = ''; s.eVar15 = ''; s.eVar34 = ''; s.eVar16 = ''; gender = ''; if(gender=='M'){ s.eVar17='man';} else if(gender=='V'){ s.eVar17='vrouw';} else{ s.eVar17='other';} s.eVar35 = ''; }else{ s.eVar35 = cookieVal; } /************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/ var s_code=s.t();if(s_code)document.write(s_code)
| script src="/static/snsbank/js/snsafterbodyload_home.js" type="text/javascript">
| img id="jsenabled" src="/static/snsbank/img/blank.gif" width="0" height="0" alt="" />
| script type="text/javascript"> $(document).ready(function(){ var gsaUrl='//www.snsbank.nl/web/file?uuid=6326ab14-7108-4250-9bdd-3e1ad3c50de6&owner=d5fe9abf-6784-4174-8c82-bc8310dcc108&contentid=9789'; if(gsaUrl.lengh== 0 || gsaUrl == 'gsa_json_suggestion_url'){ gsaUrl = '//www.snsbank.nl/web/file'; } $.getJSON(gsaUrl, function(data) { //autocomplete $( ".gsa_searchKeyWords" ).autocomplete({ source: function(request, response) { var results = $.ui.autocomplete.filter(data, request.term); response(results.slice(0, 8)); }, minLength: 3, select: function(t, n) { if (n.item) { $(".gsa_searchKeyWords").val(n.item.value) } $("[name='headerSearchForm']").submit() } }) // Overrides the default autocomplete filter function to search only from the beginning of the string $.ui.autocomplete.filter = function (array, term) { var matcher = new RegExp("^" + $.ui.autocomplete.escapeRegex(term), "i"); return $.grep(array, function (value) { return matcher.test(value.label || value.value || value); }); }; }); });
| form action="/mijnsns/secure/login.html" method="get">
===================================================================================================
| WHOIS
|
| Error: invalid domain name
|
===================================================================================================
| BANNER GRABBING:
| X-XSS-Protection: 1; mode=block
===================================================================================================
===================================================================================================
| PING
|
| PING www.snsbank.nl (194.53.208.72) 56(84) bytes of data.
|
| --- www.snsbank.nl ping statistics ---
| 4 packets transmitted, 0 received, 100% packet loss, time 3023ms
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| *** Can't find www.snsbank.nl: No answer
| Authoritative answers can be found from:
| Name: www.snsbank.nl
| Address: 194.53.208.72
===================================================================================================
| NMAP
|
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:44 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:44
| Scanning en.kremlin.ru (95.173.136.70) [4 ports]
| Completed Ping Scan at 13:44, 1.32s elapsed (1 total hosts)
| Initiating Parallel DNS resolution of 1 host. at 13:44
| Completed Parallel DNS resolution of 1 host. at 13:44, 0.71s elapsed
| Initiating SYN Stealth Scan at 13:44
| Scanning en.kremlin.ru (95.173.136.70) [1000 ports]
| Discovered open port 21/tcp on 95.173.136.70
| Discovered open port 554/tcp on 95.173.136.70
| Discovered open port 80/tcp on 95.173.136.70
| Discovered open port 7070/tcp on 95.173.136.70
| Completed SYN Stealth Scan at 13:45, 20.75s elapsed (1000 total ports)
| Initiating Service scan at 13:45
| Scanning 4 services on en.kremlin.ru (95.173.136.70)
| Service scan Timing: About 50.00% done; ETC: 13:49 (0:02:11 remaining)
| Completed Service scan at 13:47, 131.18s elapsed (4 services on 1 host)
| Initiating OS detection (try #1) against en.kremlin.ru (95.173.136.70)
| Retrying OS detection (try #2) against en.kremlin.ru (95.173.136.70)
| Initiating Traceroute at 13:47
| Completed Traceroute at 13:47, 3.06s elapsed
| Initiating Parallel DNS resolution of 13 hosts. at 13:47
| Completed Parallel DNS resolution of 13 hosts. at 13:47, 0.67s elapsed
| NSE: Script scanning 95.173.136.70.
| Initiating NSE at 13:47
| Completed NSE at 13:48, 75.10s elapsed
| Nmap scan report for en.kremlin.ru (95.173.136.70)
| Host is up (0.098s latency).
| Other addresses for en.kremlin.ru (not scanned): 95.173.136.71 95.173.136.72
| Not shown: 995 filtered ports
| PORT     STATE  SERVICE     VERSION
| 21/tcp   open   ftp?
| |_ftp-bounce: no banner
| 80/tcp   open   http        nginx
| |_http-favicon: Unknown favicon MD5: A43DD8031096B0DC66E1A876F671A81C
| |_http-methods: No Allow or Public header in OPTIONS response (status code 405)
| | http-robots.txt: 11 disallowed entries
| | /search /subscribe/sms/send /subscribe/sms/check
| | /subscribe/sms/save /subscribe/sms/unsubscribe /subscribe/daily/send
| | /subscribe/daily/subscribe /subscribe/daily/unsubscribe /subscribe/weekly/send
| |_/subscribe/weekly/unsubscribe /subscribe/weekly/save
| |_http-title: President of\xC2\xA0Russia
| 443/tcp  closed https
| 554/tcp  open   rtsp?
| 7070/tcp open   realserver?
| Device type: WAP|storage-misc|general purpose|printer|broadband router
| Running (JUST GUESSING): Apple embedded (93%), NetBSD 4.X (93%), Ricoh embedded (88%), Apple NetBSD 4.X (85%), Motorola embedded (85%)
| OS CPE: cpe:/h:apple:airport_extreme cpe:/o:netbsd:netbsd:4.0 cpe:/h:ricoh:aficio_mp_c6000 cpe:/h:ricoh:aficio_mp_gx3050n cpe:/h:apple:airport_express cpe:/o:apple:netbsd:4 cpe:/h:motorola:surfboard_sb5101
| Aggressive OS guesses: Apple AirPort Extreme WAP or Time Capsule NAS device (93%), Apple AirPort Extreme WAP (93%), NetBSD 4.0 (93%), Apple AirPort Extreme WAP or Time Capsule NAS device (NetBSD 4.99) (88%), Ricoh Aficio MP C6000 or GX3050N printer (88%), Apple AirPort Express WAP (NetBSD) (85%), Apple Time Capsule NAS device (NetBSD 4.99) (85%), Motorola SURFboard SB5101 cable modem (85%)
| No exact OS matches for host (test conditions non-ideal).
| Network Distance: 15 hops
| TCP Sequence Prediction: Difficulty=212 (Good luck!)
| IP ID Sequence Generation: Incremental
|
| TRACEROUTE (using port 443/tcp)
| HOP RTT       ADDRESS
| 1   3.53 ms   10.0.1.1
| 2   ...
| 3   25.04 ms  dtr04mtpkca-tge-0-0-0-13.mtpk.ca.charter.com (96.34.101.229)
| 4   26.05 ms  crr02mtpkca-tge-0-4-0-0.mtpk.ca.charter.com (96.34.98.96)
| 5   25.56 ms  bbr01mtpkca-bue-3.mtpk.ca.charter.com (96.34.2.26)
| 6   29.19 ms  prr01lsanca-bue-2.lsan.ca.charter.com (96.34.3.5)
| 7   29.21 ms  v104.core1.lax1.he.net (64.71.191.253)
| 8   106.83 ms 100ge11-2.core1.ash1.he.net (184.105.80.201)
| 9   189.12 ms 10ge7-11.core1.par2.he.net (184.105.213.94)
| 10  189.12 ms 100ge5-2.core1.fra1.he.net (72.52.92.14)
| 11  293.33 ms 216.66.87.134
| 12  284.95 ms 95.167.93.162
| 13  288.30 ms 188.254.31.82
| 14  ...
| 15  292.97 ms 95.173.136.70
|
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
| Nmap done: 1 IP address (1 host up) scanned in 243.72 seconds
|            Raw packets sent: 2111 (97.820KB) | Rcvd: 1875 (179.566KB)
===================================================================================================
|
| Directory check:
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:48 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:48
| Scanning www.snsbank.nl (194.53.208.72) [4 ports]
| Completed Ping Scan at 13:48, 1.01s elapsed (1 total hosts)
| Initiating Parallel DNS resolution of 1 host. at 13:48
| Completed Parallel DNS resolution of 1 host. at 13:48, 0.76s elapsed
| Initiating SYN Stealth Scan at 13:48
| Scanning www.snsbank.nl (194.53.208.72) [1000 ports]
| Discovered open port 554/tcp on 194.53.208.72
| Discovered open port 80/tcp on 194.53.208.72
| Discovered open port 21/tcp on 194.53.208.72
| Discovered open port 7070/tcp on 194.53.208.72
| Discovered open port 443/tcp on 194.53.208.72
| Completed SYN Stealth Scan at 13:49, 32.99s elapsed (1000 total ports)
| Initiating Service scan at 13:49
| Scanning 5 services on www.snsbank.nl (194.53.208.72)
| Service scan Timing: About 60.00% done; ETC: 13:53 (0:01:27 remaining)
| Completed Service scan at 13:51, 131.28s elapsed (5 services on 1 host)
| Initiating OS detection (try #1) against www.snsbank.nl (194.53.208.72)
| Initiating Traceroute at 13:51
| Completed Traceroute at 13:51, 6.18s elapsed
| Initiating Parallel DNS resolution of 15 hosts. at 13:51
| Completed Parallel DNS resolution of 15 hosts. at 13:51, 0.77s elapsed
| NSE: Script scanning 194.53.208.72.
| Initiating NSE at 13:51
| Completed NSE at 13:53, 76.27s elapsed
| Nmap scan report for www.snsbank.nl (194.53.208.72)
| Host is up (0.067s latency).
| Not shown: 995 filtered ports
| PORT     STATE SERVICE     VERSION
| 21/tcp   open  ftp?
| |_ftp-bounce: no banner
| 80/tcp   open  http        Apache httpd
| |_http-favicon: Unknown favicon MD5: B66B97AE26AFA00F4E48CF8060CEA764
| |_http-methods: No Allow or Public header in OPTIONS response (status code 403)
| | http-robots.txt: 1 disallowed entry
| |_/mijnsns/
| | http-title: Voor sparen, een betaalrekening, verzekeringen of een hypothee...
| |_Requested resource was http://www.snsbank.nl/particulier/home.html
| 443/tcp  open  ssl/http    Apache httpd
| |_http-favicon: Unknown favicon MD5: B66B97AE26AFA00F4E48CF8060CEA764
| |_http-methods: No Allow or Public header in OPTIONS response (status code 403)
| | http-robots.txt: 1 disallowed entry
| |_/mijnsns/
| | http-title: Voor sparen, een betaalrekening, verzekeringen of een hypothee...
| |_Requested resource was https://www.snsbank.nl/particulier/home.html
| | ssl-cert: Subject: commonName=www.snsbank.nl/organizationName=SNS Bank N.V./stateOrProvinceName=Utrecht/countryName=NL
| | Issuer: commonName=Symantec Class 3 EV SSL CA - G3/organizationName=Symantec Corporation/countryName=US
| | Public Key type: rsa
| | Public Key bits: 2048
| | Not valid before: 2014-09-17T00:00:00
| | Not valid after:  2015-09-18T23:59:59
| | MD5:   baf0 c673 1ab7 1f70 089c 1ac7 0f7d 6cab
| |_SHA-1: 1721 68d1 44e1 fa7b 813d 72dc 6194 e29c faab 3a28
| |_ssl-date: 2015-07-09T20:51:44+00:00; -1s from local time.
| 554/tcp  open  rtsp?
| 7070/tcp open  realserver?
| Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
| Device type: WAP|storage-misc
| Running: Apple embedded
| OS CPE: cpe:/h:apple:airport_extreme
| OS details: Apple AirPort Extreme WAP or Time Capsule NAS device
| TCP Sequence Prediction: Difficulty=217 (Good luck!)
| IP ID Sequence Generation: Incremental
|
| TRACEROUTE (using port 443/tcp)
| HOP RTT       ADDRESS
| 1   7.87 ms   10.0.1.1
| 2   ...
| 3   26.76 ms  dtr04mtpkca-tge-0-0-0-13.mtpk.ca.charter.com (96.34.101.229)
| 4   30.89 ms  crr02mtpkca-tge-0-3-0-4.mtpk.ca.charter.com (96.34.97.228)
| 5   34.52 ms  bbr01mtpkca-bue-3.mtpk.ca.charter.com (96.34.2.26)
| 6   40.28 ms  bbr01rvsdca-bue-1.rvsd.ca.charter.com (96.34.0.22)
| 7   89.57 ms  bbr01dllstx-bue-6.dlls.tx.charter.com (96.34.0.20)
| 8   120.81 ms bbr01blvlil-bue-4.blvl.il.charter.com (96.34.0.16)
| 9   76.18 ms  bbr01olvemo-bue-3.olve.mo.charter.com (96.34.0.14)
| 10  89.62 ms  bbr02chcgil-bue-2.chcg.il.charter.com (96.34.0.12)
| 11  111.33 ms prr01chcgil-bue-4.chcg.il.charter.com (96.34.3.11)
| 12  88.27 ms  96-34-152-58.static.unas.mo.charter.com (96.34.152.58)
| 13  207.24 ms 84.116.137.50
| 14  205.60 ms nl-ams05a-rd2-xe-2-0-2.aorta.net (84.116.130.121)
| 15  212.47 ms 84-116-130-126.aorta.net (84.116.130.126)
| 16  208.50 ms 84.116.244.22
| 17  ... 30
|
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
| Nmap done: 1 IP address (1 host up) scanned in 254.62 seconds
|            Raw packets sent: 3113 (139.468KB) | Rcvd: 3932 (373.993KB)
===================================================================================================
|
| Directory check:
===================================================================================================
|
| File check:
| Skipped because http://en.kremlin.ru/uniscan617/ did not return the code 404
===================================================================================================
|
| Check robots.txt:
| [+] User-agent: *
| [+] # news
| [+] Disallow: /search
| [+] # subscription
| [+] Disallow: /subscribe/sms/send
| [+] Disallow: /subscribe/sms/check
| [+] Disallow: /subscribe/sms/save
| [+] Disallow: /subscribe/sms/unsubscribe
| [+] Disallow: /subscribe/daily/send
| [+] Disallow: /subscribe/daily/subscribe
| [+] Disallow: /subscribe/daily/unsubscribe
| [+] Disallow: /subscribe/weekly/send
| [+] Disallow: /subscribe/weekly/unsubscribe
| [+] Disallow: /subscribe/weekly/save
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 13:53:54
| [+] Crawling finished, 1 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| Source Code Disclosure:
|
| E-mails:
|
| Web Backdoors:
|
| External hosts:
|
| PHPinfo() Disclosure:
|
| File Upload Forms:
|
| Ignored Files:
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 0 New directories added
|
|
| FCKeditor tests:
===================================================================================================
| [*] http://ovh.com/ redirected to http://www.ovh.com/us/
| [*] New target is: http://www.ovh.com/us/
===================================================================================================
| Domain: http://www.ovh.com/us/
| Skipped because http://en.kremlin.ru/testing123 did not return the code 404
|
|
| Timthumb < 1.33 vulnerability:
| IP: 198.27.92.1
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
===================================================================================================
| FAVICON.ICO
|
|
|
| Backup Files:
===================================================================================================
| ERROR INFORMATION
|
| Skipped because http://en.kremlin.ru/testing123 did not return the code 404
|
|
| Blind SQL Injection:
===================================================================================================
| TYPE ERROR
|
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
===================================================================================================
| SERVER MOBILE
|
===================================================================================================
| LANGUAGE
|
| lang="en"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| a href="https://us.ovh.com/us/cgi-bin/order/renew.cgi" qtlid="667797">Renew
| a href="/us/dedicated-servers/sql_server_2012.xml" class="" style="" name="Menu/distrib-More/sql" onclick="trackMenu(this);">Databases
| a href="https://twitter.com/OVH" class="shareThis shareTT" name="HomePage/Social-Twitter" onclick="trackHome(this);" target="_blank">
| a class="twitter-timeline" href="https://twitter.com/OVH" data-widget-id="474484984405688320" qtlid="920243" lang="en">@OVH tweets
| script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+"://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");
| script language="javascript" type="text/javascript"> function sendCodes(){ var nic = document.login_form.reloging_nic.value; document.location = '/fr/support/send_codes.pl?reloging_nic='+nic; } function trackHome(elem){ function SendPk(elem){ var ValueOfTrack = $(elem).name; _paq.push(['trackPageView', ValueOfTrack]); } if(!!Browser.firefox || !!Browser.safari){ setTimeout(SendPk, 50, elem); } else { SendPk(elem); } }
| a href="https://ca.ovh.com/manager/login.html" class="manager">
===================================================================================================
| WHOIS
|
|
|
| Whois Server Version 2.0
|
|
|
|
|
|
|
|
|
|
|
| No match for "WWW.OVH.COM".
|
| >>> Last update of whois database: Thu, 09 Jul 2015 20:53:43 GMT <<<
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Registrars.
|
|
|
| For more information on Whois status codes, please visit
|
| https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
|
===================================================================================================
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
===================================================================================================
| Static tests:
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| PING www.ovh.com (198.27.92.1) 56(84) bytes of data.
| 64 bytes from www.ovh.com (198.27.92.1): icmp_seq=1 ttl=244 time=30.3 ms
| 64 bytes from www.ovh.com (198.27.92.1): icmp_seq=2 ttl=244 time=29.2 ms
| 64 bytes from www.ovh.com (198.27.92.1): icmp_seq=3 ttl=244 time=30.6 ms
| 64 bytes from www.ovh.com (198.27.92.1): icmp_seq=4 ttl=244 time=29.4 ms
|
| --- www.ovh.com ping statistics ---
| 4 packets transmitted, 4 received, 0% packet loss, time 3002ms
| rtt min/avg/max/mdev = 29.297/29.935/30.620/0.589 ms
===================================================================================================
| TRACEROUTE
|
| Plugin name: Remote File Include tests v.1.1 Loaded.
===================================================================================================
| NSLOOKUP
|
|
|
| Local File Include:
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| *** Can't find www.ovh.com: No answer
| Authoritative answers can be found from:
| Name: www.ovh.com
| Address: 198.27.92.1
===================================================================================================
| NMAP
|
|
|
| Remote Command Execution:
|
|
| Remote File Include:
===================================================================================================
| Stress tests:
| Plugin name: Mini Stress Test v.1.1 Loaded.
|
|
| Mini Stress Test:
| Looking for best cost:
| Cost: [1] http://en.kremlin.ru/a
| Using http://en.kremlin.ru/a as target
| Mini Stress Test End.
===================================================================================================
Scan end date: 9-7-2015 13:59:12


HTML report saved in: report/en.kremlin.ru.html
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 13:54 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| Initiating Ping Scan at 13:54
| Scanning www.ovh.com (198.27.92.1) [4 ports]
| Completed Ping Scan at 13:54, 1.03s elapsed (1 total hosts)
| Initiating Parallel DNS resolution of 1 host. at 13:54
| Completed Parallel DNS resolution of 1 host. at 13:54, 0.01s elapsed
| Initiating SYN Stealth Scan at 13:54
| Scanning www.ovh.com (198.27.92.1) [1000 ports]
| Discovered open port 21/tcp on 198.27.92.1
| Discovered open port 554/tcp on 198.27.92.1
| Discovered open port 443/tcp on 198.27.92.1
| Discovered open port 80/tcp on 198.27.92.1
| Increasing send delay for 198.27.92.1 from 0 to 5 due to 25 out of 82 dropped probes since last increase.
| Increasing send delay for 198.27.92.1 from 5 to 10 due to 146 out of 486 dropped probes since last increase.
| Increasing send delay for 198.27.92.1 from 10 to 20 due to 11 out of 25 dropped probes since last increase.
| Increasing send delay for 198.27.92.1 from 20 to 40 due to 11 out of 22 dropped probes since last increase.
| Increasing send delay for 198.27.92.1 from 40 to 80 due to max_successful_tryno increase to 4
| Increasing send delay for 198.27.92.1 from 80 to 160 due to 30 out of 99 dropped probes since last increase.
| Discovered open port 7070/tcp on 198.27.92.1
| Increasing send delay for 198.27.92.1 from 160 to 320 due to 46 out of 153 dropped probes since last increase.
| Completed SYN Stealth Scan at 13:56, 148.94s elapsed (1000 total ports)
| Initiating Service scan at 13:56
| Scanning 5 services on www.ovh.com (198.27.92.1)
| Completed Service scan at 13:58, 110.03s elapsed (5 services on 1 host)
| Initiating OS detection (try #1) against www.ovh.com (198.27.92.1)
| Retrying OS detection (try #2) against www.ovh.com (198.27.92.1)
| Initiating Traceroute at 13:58
| Completed Traceroute at 13:58, 3.02s elapsed
| Initiating Parallel DNS resolution of 10 hosts. at 13:58
| Completed Parallel DNS resolution of 10 hosts. at 13:58, 0.64s elapsed
| NSE: Script scanning 198.27.92.1.
| Initiating NSE at 13:58
| Completed NSE at 13:59, 30.62s elapsed
| Nmap scan report for www.ovh.com (198.27.92.1)
| Host is up (0.033s latency).
| Not shown: 991 closed ports
| PORT     STATE    SERVICE        VERSION
| 21/tcp   open     tcpwrapped
| 80/tcp   open     tcpwrapped
| |_http-favicon: Unknown favicon MD5: E5A2FDFC2A827E425F15662C07F2276F
| |_http-methods: No Allow or Public header in OPTIONS response (status code 302)
| | http-robots.txt: 43 disallowed entries (15 shown)
| | /cgi-bin/ /images/ /fr/images/ /javascripts/ /js/
| | /fr/images.xml /themes/ /fr/themes/ /autoedit/ /banners/
| |_/flashbanners/ /flashBanners/ /errors/ /templates/ /tmp/
| | http-title: Web Hosting, Cloud and Dedicated Servers - OVH
| |_Requested resource was http://www.ovh.com/us/index.xml
| 135/tcp  filtered msrpc
| 139/tcp  filtered netbios-ssn
| 443/tcp  open     ssl/https
| |_http-favicon: Unknown favicon MD5: E5A2FDFC2A827E425F15662C07F2276F
| |_http-methods: No Allow or Public header in OPTIONS response (status code 302)
| | http-robots.txt: 43 disallowed entries (15 shown)
| | /cgi-bin/ /images/ /fr/images/ /javascripts/ /js/
| | /fr/images.xml /themes/ /fr/themes/ /autoedit/ /banners/
| |_/flashbanners/ /flashBanners/ /errors/ /templates/ /tmp/
| | http-server-header: Software version grabbed from Server header.
| | Consider submitting a service fingerprint.
| |_Run with --script-args http-server-header.skip
| | http-title: Web Hosting, Cloud and Dedicated Servers - OVH
| |_Requested resource was https://www.ovh.com/us/index.xml
| | ssl-cert: Subject: commonName=www.ovh.com/organizationName=OVH SAS/stateOrProvinceName=Nord/countryName=FR
| | Issuer: commonName=Symantec Class 3 EV SSL CA - G3/organizationName=Symantec Corporation/countryName=US
| | Public Key type: rsa
| | Public Key bits: 2048
| | Not valid before: 2015-04-20T00:00:00
| | Not valid after:  2017-05-05T23:59:59
| | MD5:   8de3 7b3d 927a 32ba 0db6 7297 210a 6f2a
| |_SHA-1: 795c 78ac c491 135a 01ff f517 4038 c914 ea5d 5ab3
| 445/tcp  filtered microsoft-ds
| 554/tcp  open     tcpwrapped
| 593/tcp  filtered http-rpc-epmap
| 7070/tcp open     tcpwrapped
| Device type: WAP|storage-misc|general purpose|printer
| Running (JUST GUESSING): Apple embedded (92%), NetBSD 4.X (92%), Ricoh embedded (87%)
| OS CPE: cpe:/h:apple:airport_extreme cpe:/o:netbsd:netbsd:4.0 cpe:/h:ricoh:aficio_mp_c6000 cpe:/h:ricoh:aficio_mp_gx3050n
| Aggressive OS guesses: Apple AirPort Extreme WAP or Time Capsule NAS device (92%), Apple AirPort Extreme WAP (92%), NetBSD 4.0 (92%), Apple AirPort Extreme WAP or Time Capsule NAS device (NetBSD 4.99) (87%), Ricoh Aficio MP C6000 or GX3050N printer (87%)
| No exact OS matches for host (test conditions non-ideal).
| Network Distance: 11 hops
| TCP Sequence Prediction: Difficulty=205 (Good luck!)
| IP ID Sequence Generation: Busy server or unknown class
|
| TRACEROUTE (using port 111/tcp)
| HOP RTT      ADDRESS
| 1   16.48 ms 10.0.1.1
| 2   ...
| 3   36.63 ms dtr04mtpkca-tge-0-0-0-13.mtpk.ca.charter.com (96.34.101.229)
| 4   44.24 ms crr02mtpkca-tge-0-4-0-1.mtpk.ca.charter.com (96.34.98.98)
| 5   68.89 ms bbr01mtpkca-bue-3.mtpk.ca.charter.com (96.34.2.26)
| 6   71.52 ms bbr01snloca-bue-1.snlo.ca.charter.com (96.34.0.27)
| 7   50.51 ms bbr02snloca-bue-4.snlo.ca.charter.com (96.34.0.29)
| 8   40.15 ms bbr01snjsca-bue-6.snjs.ca.charter.com (96.34.0.0)
| 9   69.03 ms prr02snjsca-bue-2.snjs.ca.charter.com (96.34.3.93)
| 10  36.83 ms snj-1-6k.ca.us (178.32.135.92)
| 11  41.40 ms www.ovh.com (198.27.92.1)
|
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
| Nmap done: 1 IP address (1 host up) scanned in 303.13 seconds
|            Raw packets sent: 1981 (91.994KB) | Rcvd: 3941 (310.381KB)
===================================================================================================
|
| Directory check:
| [+] CODE: 200 URL: http://www.ovh.com/us/about/
| [+] CODE: 200 URL: http://www.ovh.com/us/aboutus/
| [+] CODE: 200 URL: http://www.ovh.com/us/blog/
| [+] CODE: 200 URL: http://www.ovh.com/us/community/
| [+] CODE: 200 URL: http://www.ovh.com/us/conseils/
| [+] CODE: 200 URL: http://www.ovh.com/us/email/
| [+] CODE: 200 URL: http://www.ovh.com/us/emails/
| [+] CODE: 200 URL: http://www.ovh.com/us/es/
| [+] CODE: 200 URL: http://www.ovh.com/us/images/
| [+] CODE: 200 URL: http://www.ovh.com/us/javascripts/
| [+] CODE: 200 URL: http://www.ovh.com/us/news/
| [+] CODE: 200 URL: http://www.ovh.com/us/solutions/
| [+] CODE: 200 URL: http://www.ovh.com/us/support/
| [+] CODE: 200 URL: http://www.ovh.com/us/themes/
| [+] CODE: 200 URL: http://www.ovh.com/us/us/
| [+] CODE: 200 URL: http://www.ovh.com/us/web/
===================================================================================================
|
| File check:
| [+] CODE: 200 URL: http://www.ovh.com/us/favicon.ico
| [+] CODE: 200 URL: http://www.ovh.com/us/robots.txt
| [+] CODE: 200 URL: http://www.ovh.com/us/sitemap.xml
===================================================================================================
|
| Check robots.txt:
| [+] User-agent: *
| [+]
| [+] Disallow: /*?
| [+] Disallow: /cgi-bin/
| [+] Disallow: /us/cgi-bin/
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 14:12:15
===================================================================================================
| Domain: http://nsa.gov/
| IP:
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| nsa.gov   mail exchanger = 20 emvm-gh1-uea09.nsa.gov.
| nsa.gov   mail exchanger = 20 emvm-gh1-uea08.nsa.gov.
| Authoritative answers can be found from:
| *** Can't find nsa.gov: No answer
| nsa.gov   nameserver = dsdn-gh1-uea06.nsa.gov.
| nsa.gov   nameserver = dsdn-gh1-uea05.nsa.gov.
| nsa.gov
|   origin = dsdn-gh1-uea05.nsa.gov
|   mail addr = please_set_email.absolutely.nowhere
|   serial = 2011061518
|   refresh = 10800
|   retry = 3600
|   expire = 2419200
|   minimum = 900
| nsa.gov   text = "MS=ms94088313"
===================================================================================================
| NMAP
|
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2015-07-09 14:12 PDT
| NSE: Loaded 120 scripts for scanning.
| NSE: Script Pre-scanning.
| NSE: Script Post-scanning.
| Read data files from: /usr/local/bin/../share/nmap
| Nmap done: 0 IP addresses (0 hosts up) scanned in 2.20 seconds
|            Raw packets sent: 0 (0B) | Rcvd: 0 (0B)
===================================================================================================
|
| Directory check:
| Skipped because http://nsa.gov/uniscan653/ did not return the code 404
===================================================================================================
|
| File check:
| Skipped because http://nsa.gov/uniscan975/ did not return the code 404
===================================================================================================
|
| Check robots.txt:
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
| [+] Crawling finished, 1 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| Source Code Disclosure:
|
| E-mails:
|
| Web Backdoors:
|
| External hosts:
|
| PHPinfo() Disclosure:
|
| File Upload Forms:
|
| Ignored Files:
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 0 New directories added
|
|
| FCKeditor tests:
| Skipped because http://nsa.gov/testing123 did not return the code 404
|
|
| Timthumb < 1.33 vulnerability:
|
|
| Backup Files:
| Skipped because http://nsa.gov/testing123 did not return the code 404
|
|
| Blind SQL Injection:
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
===================================================================================================
| Stress tests:
| Plugin name: Mini Stress Test v.1.1 Loaded.
|
|
| Mini Stress Test:
| Looking for best cost:
| Using a as target
####################################
# Uniscan project                  #
# http://uniscan.sourceforge.net/  #
####################################
V. 6.2


Scan date: 9-7-2015 14:13:48
===================================================================================================
| [*] http://cloudflare.com/ redirected to http://www.cloudflare.com/
| [*] New target is: http://www.cloudflare.com/
===================================================================================================
| Domain: http://www.cloudflare.com/
| Server: cloudflare-nginx
| IP: 198.41.215.163
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
===================================================================================================
| WEB SERVICES
|
| Web service Found: site uses google analytics
===================================================================================================
| FAVICON.ICO
|
===================================================================================================
| ERROR INFORMATION
|
|  www.cloudflare.com | 404 - Page Cannot Be Found The page you are looking for cannot be found. Similar results are provided below, or you can try another search Search site To find the missing content, try these steps: Visit the domain home page Reload this page Search for the missing content with the search box above Loading... SmartErrors powered by CloudFlarePrivacy policy
===================================================================================================
| TYPE ERROR
|
===================================================================================================
| SERVER MOBILE
|
| index page reqested with an Iphone UserAgent is diferent then with a regular UserAgent. This Host may have a mobile site
===================================================================================================
| LANGUAGE
|
| lang="en-US"
===================================================================================================
| INTERESTING STRINGS IN HTML
|
| script data-cfasync="true" type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-10218544-2']); _gaq.push(['_setDomainName', 'none']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();
| a id="footer-twitter" href="https://twitter.com/cloudflare" target="_blank" rel="noreferrer">
| a id="footer-facebook" href="https://www.facebook.com/CloudFlare?ref=ts" target="_blank" rel="noreferrer">
| li class="login">
| a href="https://www.cloudflare.com/a/login" target="_self">Login
| script>$.cf.data = {"login":false};
===================================================================================================
| WHOIS
|
|
|
| Whois Server Version 2.0
|
|
|
|
|
|
|
|
|
|
|
|    Server Name: WWW.CLOUDFLARE.COM.CASHNMONEY.COM
|
|    IP Address: 107.170.23.95
|
|    Registrar: GODADDY.COM, LLC
|
|    Whois Server: whois.godaddy.com
|
|    Referral URL: http://registrar.godaddy.com
|
|
|
| >>> Last update of whois database: Thu, 09 Jul 2015 21:13:37 GMT <<<
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Registrars.
|
|
|
| For more information on Whois status codes, please visit
|
| https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
|
===================================================================================================
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
| PING www.cloudflare.com.cdn.cloudflare.net (198.41.215.163) 56(84) bytes of data.
| 64 bytes from 198.41.215.163: icmp_seq=1 ttl=53 time=16.5 ms
| 64 bytes from 198.41.215.163: icmp_seq=2 ttl=53 time=19.2 ms
| 64 bytes from 198.41.215.163: icmp_seq=3 ttl=57 time=17.5 ms
| 64 bytes from 198.41.215.163: icmp_seq=4 ttl=53 time=18.4 ms
|
| --- www.cloudflare.com.cdn.cloudflare.net ping statistics ---
| 4 packets transmitted, 4 received, 0% packet loss, time 3003ms
| rtt min/avg/max/mdev = 16.555/17.938/19.241/1.004 ms
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server:       127.0.1.1
| Address:  127.0.1.1#53
|
| Non-authoritative answer:
| www.cloudflare.com    canonical name = www.cloudflare.com.cdn.cloudflare.net.
| Authoritative answers can be found from:
| Name: www.cloudflare.com.cdn.cloudflare.net
| Address: 198.41.215.163
| Address: 198.41.214.163
===================================================================================================
| NMAP
|
| Mini Stress Test End.
===================================================================================================
Scan end date: 9-7-2015 14:14:23


HTML report saved in: report/nsa.gov.html