Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname fortressoffaith.com ISP Liquid Web, L.L.C
- Continent North America Flag
- US
- Country United States Country Code US
- Region Michigan Local time 22 Oct 2019 06:58 EDT
- City Lansing Postal Code 48917
- IP Address 72.52.244.17 Latitude 42.735
- Longitude -84.625
- ======================================================================================================================================
- #######################################################################################################################################
- > fortressoffaith.com
- Server: 185.93.180.131
- Address: 185.93.180.131#53
- Non-authoritative answer:
- Name: fortressoffaith.com
- Address: 72.52.244.17
- >
- #######################################################################################################################################
- Domain Name: FORTRESSOFFAITH.COM
- Registry Domain ID: 1555724340_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.domaindiscover.com
- Registrar URL: http://www.domaindiscover.com
- Updated Date: 2017-09-10T17:28:57Z
- Creation Date: 2009-05-14T22:06:41Z
- Registry Expiry Date: 2024-05-14T22:06:41Z
- Registrar: TierraNet Inc. d/b/a DomainDiscover
- Registrar IANA ID: 86
- Registrar Abuse Contact Email: abuse@tierra.net
- Registrar Abuse Contact Phone: 858-560-9416
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.BIGHORNHOSTING.COM
- Name Server: NS2.BIGHORNHOSTING.COM
- DNSSEC: unsigned
- #######################################################################################################################################
- Domain Name: FORTRESSOFFAITH.COM
- Registry Domain ID:
- Registrar WHOIS Server: whois.domaindiscover.com
- Registrar URL: https://www.tierra.net
- Updated Date: 2017-09-10T10:28:20Z
- Creation Date: 2009-05-14T15:06:40Z
- Registrar Registration Expiration Date: 2024-05-14T14:06:41Z
- Registrar: TIERRANET INC. DBA DOMAINDISCOVER
- Registrar IANA ID: 86
- Registrar Abuse Contact Email: icann-abuse-reports@tierra.net
- Registrar Abuse Contact Phone: +1.6193932105
- Reseller:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Registry Registrant ID:
- Registrant Name: Tom Wallace
- Registrant Organization: Fortress of Faith
- Registrant Street: PO Box 30485
- Registrant City: Bellingham
- Registrant State/Province: WA
- Registrant Postal Code: 98228
- Registrant Country: US
- Registrant Phone: +1.3608205904
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: tomwallace66@gmail.com
- Registry Admin ID:
- Admin Name: Tom Wallace
- Admin Organization: Fortress of Faith
- Admin Street: PO Box 30485
- Admin City: Bellingham
- Admin State/Province: WA
- Admin Postal Code: 98228
- Admin Country: US
- Admin Phone: +1.3608205904
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: tomwallace66@gmail.com
- Registry Tech ID:
- Tech Name: Tom Wallace
- Tech Organization: Fortress of Faith
- Tech Street: PO Box 30485
- Tech City: Bellingham
- Tech State/Province: WA
- Tech Postal Code: 98228
- Tech Country: US
- Tech Phone: +1.3608205904
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: tomwallace66@gmail.com
- Name Server: NS1.BIGHORNHOSTING.COM
- Name Server: NS2.BIGHORNHOSTING.COM
- DNSSEC:
- #######################################################################################################################################
- [+] Target : fortressoffaith.com
- [+] IP Address : 72.52.244.17
- [+] Headers :
- [+] Connection : Keep-Alive
- [+] X-Powered-By : PHP/7.0.33
- [+] Access-Control-Allow-Origin : *
- [+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
- [+] Cache-Control : no-store, no-cache, must-revalidate
- [+] Pragma : no-cache
- [+] Content-Type : text/html; charset=UTF-8
- [+] X-UA-Compatible : IE=edge
- [+] Link : <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/", <https://fortressoffaith.com/>; rel=shortlink
- [+] Etag : "7781-1571145912;gz"
- [+] X-LiteSpeed-Cache : hit
- [+] Transfer-Encoding : chunked
- [+] Content-Encoding : gzip
- [+] Vary : Accept-Encoding
- [+] Date : Tue, 22 Oct 2019 11:09:22 GMT
- [+] Server : LiteSpeed
- [+] Alt-Svc : quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
- [+] SSL Certificate Information :
- [+] commonName : fortressoffaith.com
- [+] countryName : US
- [+] organizationName : Let's Encrypt
- [+] commonName : Let's Encrypt Authority X3
- [+] Version : 3
- [+] Serial Number : 0314BCBEF273AA2570B41FF74FF4483AB90A
- [+] Not Before : Sep 16 02:16:18 2019 GMT
- [+] Not After : Dec 15 02:16:18 2019 GMT
- [+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
- [+] subject Alt Name : (('DNS', 'cpanel.fortressoffaith.com'), ('DNS', 'fortressoffaith.com'), ('DNS', 'mail.fortressoffaith.com'), ('DNS', 'webdisk.fortressoffaith.com'), ('DNS', 'webmail.fortressoffaith.com'), ('DNS', 'www.fortressoffaith.com'))
- [+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
- [+] Whois Lookup :
- [+] NIR : None
- [+] ASN Registry : arin
- [+] ASN : 32244
- [+] ASN CIDR : 72.52.128.0/17
- [+] ASN Country Code : US
- [+] ASN Date : 2006-08-03
- [+] ASN Description : LIQUIDWEB - Liquid Web, L.L.C, US
- [+] cidr : 72.52.128.0/17
- [+] name : LIQUIDWEB
- [+] handle : NET-72-52-128-0-1
- [+] range : 72.52.128.0 - 72.52.255.255
- [+] description : Liquid Web, L.L.C
- [+] country : US
- [+] state : MI
- [+] city : Lansing
- [+] address : 4210 Creyts Rd.
- [+] postal_code : 48917
- [+] emails : ['abuse@liquidweb.com', 'ipadmin@liquidweb.com']
- [+] created : 2006-08-03
- [+] updated : 2016-12-19
- [+] Crawling Target...
- [+] Looking for robots.txt........[ Found ]
- [+] Extracting robots Links.......[ 2 ]
- [+] Looking for sitemap.xml.......[ Not Found ]
- [+] Extracting CSS Links..........[ 18 ]
- [+] Extracting Javascript Links...[ 17 ]
- [+] Extracting Internal Links.....[ 20 ]
- [+] Extracting External Links.....[ 6 ]
- [+] Extracting Images.............[ 11 ]
- [+] Total Links Extracted : 74
- [+] Dumping Links in /opt/FinalRecon/dumps/fortressoffaith.com.dump
- [+] Completed!
- #######################################################################################################################################
- [+] Starting At 2019-10-22 07:11:48.884536
- [+] Collecting Information On: https://fortressoffaith.com/
- [#] Status: 200
- --------------------------------------------------
- [#] Web Server Detected: LiteSpeed
- [#] X-Powered-By: PHP/7.0.33
- [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
- [+] CORS Wildcard Detected !
- - Connection: Keep-Alive
- - X-Powered-By: PHP/7.0.33
- - Access-Control-Allow-Origin: *
- - Expires: Thu, 19 Nov 1981 08:52:00 GMT
- - Cache-Control: no-store, no-cache, must-revalidate
- - Pragma: no-cache
- - Content-Type: text/html; charset=UTF-8
- - X-UA-Compatible: IE=edge
- - Link: <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/", <https://fortressoffaith.com/>; rel=shortlink
- - Etag: "7781-1571145912;gz"
- - X-LiteSpeed-Cache: hit
- - Transfer-Encoding: chunked
- - Content-Encoding: gzip
- - Vary: Accept-Encoding
- - Date: Tue, 22 Oct 2019 11:11:49 GMT
- - Server: LiteSpeed
- - Alt-Svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
- --------------------------------------------------
- [#] Finding Location..!
- [#] status: success
- [#] country: United States
- [#] countryCode: US
- [#] region: MI
- [#] regionName: Michigan
- [#] city: Lansing
- [#] zip: 48917
- [#] lat: 42.6898
- [#] lon: -84.6427
- [#] timezone: America/Detroit
- [#] isp: Liquid Web, L.L.C
- [#] org: SourceDNS
- [#] as: AS32244 Liquid Web, L.L.C
- [#] query: 72.52.244.17
- --------------------------------------------------
- [x] Didn't Detect WAF Presence on: https://fortressoffaith.com/
- --------------------------------------------------
- [#] Starting Reverse DNS
- [-] Failed ! Fail
- --------------------------------------------------
- [!] Scanning Open Port
- [#] 21/tcp open ftp
- [#] 53/tcp open domain
- [#] 80/tcp open http
- [#] 110/tcp open pop3
- [#] 143/tcp open imap
- [#] 443/tcp open https
- [#] 465/tcp open smtps
- [#] 587/tcp open submission
- [#] 993/tcp open imaps
- [#] 995/tcp open pop3s
- [#] 2200/tcp open ici
- [#] 3306/tcp open mysql
- --------------------------------------------------
- [+] Collecting Information Disclosure!
- [#] Detecting sitemap.xml file
- [-] sitemap.xml file not Found!?
- [#] Detecting robots.txt file
- [!] robots.txt File Found: https://fortressoffaith.com//robots.txt
- [#] Detecting GNU Mailman
- [!] GNU Mailman App Detected: https://fortressoffaith.com//mailman/admin
- [!] version: 2.1.27
- --------------------------------------------------
- [+] Crawling Url Parameter On: https://fortressoffaith.com/
- --------------------------------------------------
- [#] Searching Html Form !
- [-] No Html Form Found!?
- --------------------------------------------------
- [!] Found 3 dom parameter
- [#] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F&format=xml
- [#] https://fortressoffaith.com//#content
- [#] https://crm.fundly.com/6609/Pages/fundraising/#/5
- --------------------------------------------------
- [!] 3 Internal Dynamic Parameter Discovered
- [+] https://fortressoffaith.com/xmlrpc.php?rsd
- [+] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F
- [+] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Ffortressoffaith.com%2F&format=xml
- --------------------------------------------------
- [!] 1 External Dynamic Parameter Discovered
- [#] https://play.google.com/store/apps/details?id=com.mobincube.fortress_of_faith.sc_DWXU1A
- --------------------------------------------------
- [!] 32 Internal links Discovered
- [+] https://fortressoffaith.com/feed/
- [+] https://fortressoffaith.com/wp-includes/wlwmanifest.xml
- [+] https://fortressoffaith.com/
- [+] https://fortressoffaith.com/
- [+] https://fortressoffaith.com/
- [+] https://fortressoffaith.com/contact/
- [+] https://fortressoffaith.com/terms-conditions/
- [+] https://fortressoffaith.com/privacy-policy/
- [+] https://fortressoffaith.com/study/
- [+] https://fortressoffaith.com/daily-articles-2/
- [+] https://fortressoffaith.com/articles-by-category/
- [+] https://fortressoffaith.com/radio-2/
- [+] https://fortressoffaith.com/radio-2/
- [+] https://fortressoffaith.com/islam-the-religion/
- [+] https://fortressoffaith.com/islam-terrorism/
- [+] https://fortressoffaith.com/islam-in-proficy/
- [+] https://fortressoffaith.com/in-the-news/
- [+] https://fortressoffaith.com/muslims-the-people/
- [+] https://fortressoffaith.com/evangelizing-muslims/
- [+] https://fortressoffaith.com/apologetic-responses/
- [+] https://fortressoffaith.com/other-issues/
- [+] https://fortressoffaith.com/when-muslims-play-the-race-card/
- [+] https://fortressoffaith.com/when-muslims-play-the-race-card/
- [+] https://fortressoffaith.com/elementor-11586/
- [+] https://fortressoffaith.com/elementor-11586/
- [+] https://fortressoffaith.com/islam-and-pedophilia/
- [+] https://fortressoffaith.com/islam-and-pedophilia/
- [+] https://fortressoffaith.com/newsletter-subscribe/
- [+] https://fortressoffaith.com//" class=
- [+] https://fortressoffaith.com//" class=
- [+] https://fortressoffaith.com//" class=
- [+] https://fortressoffaith.com//" class=
- --------------------------------------------------
- [!] 4 External links Discovered
- [#] https://gmpg.org/xfn/11
- [#] https://crm.fundly.com/6609/Pages/fundraising/#/5
- [#] http://fortressoffaith.sermon.net/rss/main/audio
- [#] http://www.fortressoffaith.org/
- --------------------------------------------------
- [#] Mapping Subdomain..
- [!] Found 3 Subdomain
- - webdisk.fortressoffaith.com
- - cpanel.fortressoffaith.com
- - webmail.fortressoffaith.com
- --------------------------------------------------
- [!] Done At 2019-10-22 07:12:21.575711
- #######################################################################################################################################
- [i] Scanning Site: https://fortressoffaith.com
- B A S I C I N F O
- ====================
- [+] Site Title: Fortress of Faith – Refuting Islam
- [+] IP address: 72.52.244.17
- [+] Web Server: LiteSpeed
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- -----------[end of contents]-------------
- W H O I S L O O K U P
- ========================
- Domain Name: FORTRESSOFFAITH.COM
- Registry Domain ID: 1555724340_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.domaindiscover.com
- Registrar URL: http://www.domaindiscover.com
- Updated Date: 2017-09-10T17:28:57Z
- Creation Date: 2009-05-14T22:06:41Z
- Registry Expiry Date: 2024-05-14T22:06:41Z
- Registrar: TierraNet Inc. d/b/a DomainDiscover
- Registrar IANA ID: 86
- Registrar Abuse Contact Email: abuse@tierra.net
- Registrar Abuse Contact Phone: 858-560-9416
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS1.BIGHORNHOSTING.COM
- Name Server: NS2.BIGHORNHOSTING.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-10-22T11:12:52Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 72.52.244.17
- [i] Country: United States
- [i] State: Michigan
- [i] City: Lansing
- [i] Latitude: 42.7348
- [i] Longitude: -84.6245
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.0 200 OK
- [i] Connection: close
- [i] X-Powered-By: PHP/7.0.33
- [i] Access-Control-Allow-Origin: *
- [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
- [i] Cache-Control: no-store, no-cache, must-revalidate
- [i] Pragma: no-cache
- [i] Content-Type: text/html; charset=UTF-8
- [i] X-UA-Compatible: IE=edge
- [i] Link: <https://fortressoffaith.com/wp-json/>; rel="https://api.w.org/"
- [i] Link: <https://fortressoffaith.com/>; rel=shortlink
- [i] Etag: "7781-1571145912;;;"
- [i] X-LiteSpeed-Cache: hit
- [i] Date: Tue, 22 Oct 2019 11:13:07 GMT
- [i] Server: LiteSpeed
- D N S L O O K U P
- ===================
- fortressoffaith.com. 14399 IN TXT "v=spf1 +a +mx +ip4:72.52.144.226 ~all"
- fortressoffaith.com. 21599 IN SOA ns1.bighornhosting.com. pierre.bighornhost.net. 2017071303 3600 7200 1209600 86400
- fortressoffaith.com. 21599 IN NS ns2.bighornhosting.com.
- fortressoffaith.com. 21599 IN NS ns1.bighornhosting.com.
- fortressoffaith.com. 14399 IN A 72.52.244.17
- fortressoffaith.com. 14399 IN MX 0 fortressoffaith.com.
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 72.52.244.17
- Network = 72.52.244.17 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 72.52.244.17 - 72.52.244.17 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-22 11:13 UTC
- Nmap scan report for fortressoffaith.com (72.52.244.17)
- Host is up (0.028s latency).
- rDNS record for 72.52.244.17: andrew.uswebhost.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp closed ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds
- S U B - D O M A I N F I N D E R
- ==================================
- [i] Total Subdomains Found : 2
- [+] Subdomain: cpanel.fortressoffaith.com
- [-] IP: 72.52.244.17
- [+] Subdomain: webmail.fortressoffaith.com
- [-] IP: 72.52.244.17
- #######################################################################################################################################
- Trying "fortressoffaith.com"
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18658
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 3
- ;; QUESTION SECTION:
- ;fortressoffaith.com. IN ANY
- ;; ANSWER SECTION:
- fortressoffaith.com. 14400 IN MX 0 fortressoffaith.com.
- fortressoffaith.com. 14400 IN A 72.52.244.17
- fortressoffaith.com. 43200 IN SOA ns1.bighornhosting.com. pierre.bighornhost.net. 2017071303 3600 7200 1209600 86400
- fortressoffaith.com. 14400 IN TXT "v=spf1 +a +mx +ip4:72.52.144.226 ~all"
- fortressoffaith.com. 43200 IN NS ns2.bighornhosting.com.
- fortressoffaith.com. 43200 IN NS ns1.bighornhosting.com.
- ;; AUTHORITY SECTION:
- fortressoffaith.com. 43200 IN NS ns2.bighornhosting.com.
- fortressoffaith.com. 43200 IN NS ns1.bighornhosting.com.
- ;; ADDITIONAL SECTION:
- fortressoffaith.com. 14400 IN A 72.52.244.17
- ns2.bighornhosting.com. 43200 IN A 72.52.244.68
- ns1.bighornhosting.com. 43200 IN A 72.52.144.226
- Received 304 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 88 ms
- ######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace fortressoffaith.com
- ;; global options: +cmd
- . 82914 IN NS j.root-servers.net.
- . 82914 IN NS f.root-servers.net.
- . 82914 IN NS k.root-servers.net.
- . 82914 IN NS h.root-servers.net.
- . 82914 IN NS d.root-servers.net.
- . 82914 IN NS c.root-servers.net.
- . 82914 IN NS e.root-servers.net.
- . 82914 IN NS m.root-servers.net.
- . 82914 IN NS g.root-servers.net.
- . 82914 IN NS l.root-servers.net.
- . 82914 IN NS i.root-servers.net.
- . 82914 IN NS b.root-servers.net.
- . 82914 IN NS a.root-servers.net.
- . 82914 IN RRSIG NS 8 0 518400 20191104050000 20191022040000 22545 . V7L2dB4F79xO9lx8hztPB86SYLY35tcInKqSk8aLbD8fvpqah4DWHoDe 2xbqt74EJPvBDnnxjmyB4tREMvAE2pcJYRcXgEXojn3yhrQSsQ3jFs5F PjYgRw0D2xB2yHw8rQ4l16CD7aEVgG+FefFGqt3W+daAM1PO+IYKW0wG ZlUdJNJSe51nOWemZldGoqlKha/wznCidzCCANqSG6ZPNuvTOgIFhRZB drsNOA4MFLWYNYyQpPWFiqtgkB5nZx3ACgXg/VY6Jy/blXbeM75bse+V 1878EtXXH4TdBRmzNhEyyy6uJa9iO9OjpIn2SDrdVRzSlWOKvOH+Pw8i KLe1JA==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 107 ms
- com. 172800 IN NS a.gtld-servers.net.
- com. 172800 IN NS b.gtld-servers.net.
- com. 172800 IN NS c.gtld-servers.net.
- com. 172800 IN NS d.gtld-servers.net.
- com. 172800 IN NS e.gtld-servers.net.
- com. 172800 IN NS f.gtld-servers.net.
- com. 172800 IN NS g.gtld-servers.net.
- com. 172800 IN NS h.gtld-servers.net.
- com. 172800 IN NS i.gtld-servers.net.
- com. 172800 IN NS j.gtld-servers.net.
- com. 172800 IN NS k.gtld-servers.net.
- com. 172800 IN NS l.gtld-servers.net.
- com. 172800 IN NS m.gtld-servers.net.
- com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
- com. 86400 IN RRSIG DS 8 1 86400 20191104050000 20191022040000 22545 . CPiZLu+5g2FPKEBREYZ3/y+dZsCiKF/jITgwc8/o4Qfj86LICQpXSO+D q9ePdIb+eIyR4VP0b5P58/c3QfEd+AkHbzRc59yPvptWoz8kTrffpWQU yY2Nz1WNkg6A1g1YhFFRkgr4gaUvWeMIWD10wB2gEqbxk/ZfVW3BNw3J BzQ6fu9EPG1sd2FopWsqCM285+ASZEUsCuJmGu+Q+yq6CaD/03g/suQE +gWd3debwSwxxOGYd0t2bFWGPZZYzhrfoXsbULy2iYlkrdlJJM0akfzU z8+XGGVA6LvANBExB6lFXR7zBE3gQukDGO6KNfSWwx3LoQH0W6EQLURq z3TVNg==
- ;; Received 1179 bytes from 2001:500:2d::d#53(d.root-servers.net) in 24 ms
- fortressoffaith.com. 172800 IN NS ns1.bighornhosting.com.
- fortressoffaith.com. 172800 IN NS ns2.bighornhosting.com.
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191026044727 20191019033727 12163 com. L8X10nb9SRkzwcSf3SNTRa/24YQW0ay6SOzHltG4lknjnQgtMbu0/N3s LQH9wqc0SLy+qN+AYBKC8MtLicMWvYcx/SGRVlvfdgwcAR7wU7qxtJ8T vlfETNOWMGMwkPu//+yaJfWziWFnoLqnNeDcvlqnF0J3z0Ur89Bpb/NT Wng/L/BRj46mgZmQjllYzPHkR0cPAxYoFrLSCpal170H+g==
- FOGN3I94H2A9UGV5GFGT14N1QSTKOIUM.com. 86400 IN NSEC3 1 1 0 - FOGOAI8781JFAU7MD4IU4EB1VVESAI23 NS DS RRSIG
- FOGN3I94H2A9UGV5GFGT14N1QSTKOIUM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191026052133 20191019041133 12163 com. lUrL25dru63cxGOk+vq82XgBUfPzLKjG4TgbL8GBYzu9azyvKT+gNLcm PUhd2X0c+TEtsMYV06L2EWIhAuj33N6rCHMGMNdn30oDk3Ds6WUSHZBw Pj+6ufMybBfqP8p/8UF/WrbcZjQsU/ix/F6vTY8H3HOtjqURILZifx6n dicy432cu5H4zeGX8eW5LXbUr5ToCOH5tMg5Mvo+/g1vgg==
- ;; Received 680 bytes from 2001:500:856e::30#53(d.gtld-servers.net) in 54 ms
- fortressoffaith.com. 14400 IN A 72.52.244.17
- fortressoffaith.com. 86400 IN NS ns2.bighornhosting.com.
- fortressoffaith.com. 86400 IN NS ns1.bighornhosting.com.
- ;; Received 175 bytes from 72.52.144.226#53(ns1.bighornhosting.com) in 325 ms
- ######################################################################################################################################
- [*] Performing General Enumeration of Domain: fortressoffaith.com
- [-] DNSSEC is not configured for fortressoffaith.com
- [*] SOA ns1.bighornhosting.com 72.52.144.226
- [*] NS ns2.bighornhosting.com 72.52.244.68
- [*] Bind Version for 72.52.244.68 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- [*] NS ns1.bighornhosting.com 72.52.144.226
- [*] Bind Version for 72.52.144.226 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- [*] MX fortressoffaith.com 72.52.244.17
- [*] A fortressoffaith.com 72.52.244.17
- [*] TXT fortressoffaith.com v=spf1 +a +mx +ip4:72.52.144.226 ~all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for fortressoffaith.com
- [+] 0 Records Found
- ######################################################################################################################################
- [*] Processing domain fortressoffaith.com
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 72.52.244.68 - ns2.bighornhosting.com
- 72.52.144.226 - ns1.bighornhosting.com
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx +ip4:72.52.144.226 ~all"
- [+] MX records found, added to target list
- 0 fortressoffaith.com.
- [*] Scanning fortressoffaith.com for A records
- 72.52.244.17 - fortressoffaith.com
- 72.52.244.17 - cpanel.fortressoffaith.com
- 72.52.144.226 - ftp.fortressoffaith.com
- 72.52.244.17 - mail.fortressoffaith.com
- 72.52.244.17 - webdisk.fortressoffaith.com
- 72.52.244.17 - webmail.fortressoffaith.com
- 72.52.244.17 - whm.fortressoffaith.com
- 72.52.244.17 - www.fortressoffaith.com
- #######################################################################################################################################
- Domains still to check: 1
- Checking if the hostname fortressoffaith.com. given is in fact a domain...
- Analyzing domain: fortressoffaith.com.
- Checking NameServers using system default resolver...
- IP: 72.52.244.68 (United States)
- HostName: ns2.bighornhosting.com Type: NS
- HostName: andrew.uswebhost.com Type: PTR
- IP: 72.52.144.226 (United States)
- HostName: ns1.bighornhosting.com Type: NS
- HostName: andrew.uswebhost.com Type: PTR
- Checking MailServers using system default resolver...
- IP: 72.52.244.17 (United States)
- HostName: fortressoffaith.com Type: MX
- HostName: andrew.uswebhost.com Type: PTR
- Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
- No zone transfer found on nameserver 72.52.144.226
- No zone transfer found on nameserver 72.52.244.68
- Checking SPF record...
- Checking 192 most common hostnames using system default resolver...
- IP: 72.52.244.17 (United States)
- HostName: fortressoffaith.com Type: MX
- HostName: andrew.uswebhost.com Type: PTR
- HostName: www.fortressoffaith.com. Type: A
- IP: 72.52.144.226 (United States)
- HostName: ns1.bighornhosting.com Type: NS
- HostName: andrew.uswebhost.com Type: PTR
- Type: SPF
- HostName: ftp.fortressoffaith.com. Type: A
- IP: 72.52.244.17 (United States)
- HostName: fortressoffaith.com Type: MX
- HostName: andrew.uswebhost.com Type: PTR
- HostName: www.fortressoffaith.com. Type: A
- HostName: mail.fortressoffaith.com. Type: A
- IP: 72.52.244.17 (United States)
- HostName: fortressoffaith.com Type: MX
- HostName: andrew.uswebhost.com Type: PTR
- HostName: www.fortressoffaith.com. Type: A
- HostName: mail.fortressoffaith.com. Type: A
- HostName: webmail.fortressoffaith.com. Type: A
- Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
- Checking netblock 72.52.144.0
- Checking netblock 72.52.244.0
- Searching for fortressoffaith.com. emails in Google
- Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
- Host 72.52.144.226 is up (echo-reply ttl 56)
- Host 72.52.244.68 is up (reset ttl 64)
- Host 72.52.244.17 is up (reset ttl 64)
- Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
- Scanning ip 72.52.144.226 (ftp.fortressoffaith.com.):
- NSOCK ERROR [56.2870s] mksock_bind_addr(): Bind to 0.0.0.0:22 failed (IOD #121): Address already in use (98)
- 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- | dns-nsid:
- |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: LiteSpeed
- |_http-title: Site doesn't have a title (text/html).
- 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- |_pop3-capabilities: USER PIPELINING CAPA RESP-CODES TOP SASL(PLAIN LOGIN) STLS AUTH-RESP-CODE UIDL
- |_ssl-date: TLS randomness does not represent time
- 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- |_imap-capabilities: STARTTLS AUTH=PLAIN SASL-IR NAMESPACE capabilities IMAP4rev1 post-login Pre-login more have ID AUTH=LOGINA0001 listed IDLE ENABLE LOGIN-REFERRALS LITERAL+ OK
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: LiteSpeed
- |_http-title: Site doesn't have a title (text/html).
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-09T00:00:00
- | Not valid after: 2018-06-09T23:59:59
- | MD5: 8e4f acd9 49e8 1ce2 6852 8d9d e6af a499
- |_SHA-1: 25ae d633 8140 a626 8fa9 c672 a9aa 164a 3cd3 1156
- |_ssl-date: 2019-10-22T11:31:31+00:00; -1s from scanner time.
- | tls-alpn:
- | h2
- | spdy/3
- | spdy/2
- |_ http/1.1
- 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- |_smtp-commands: Couldn't establish connection on port 465
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imaps? syn-ack ttl 56
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3s? syn-ack ttl 56
- |_ssl-date: TLS randomness does not represent time
- 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- | Thread ID: 57087
- | Capabilities flags: 63486
- | Some Capabilities: LongColumnFlag, ODBCClient, ConnectWithDatabase, FoundRows, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, SupportsCompression, SupportsLoadDataLocal, Support41Auth, SupportsMultipleStatments, SupportsMultipleResults, SupportsAuthPlugins
- | Status: Autocommit
- | Salt: fUY?k#ga/e1b{fkgBT`f
- |_ Auth Plugin Name: mysql_native_password
- Device type: general purpose|WAP|storage-misc|firewall|proxy server|broadband router
- Running (JUST GUESSING): FreeBSD 6.X (92%), Linux 3.X|4.X|2.6.X (88%), Dell embedded (85%), Cisco embedded (85%), Riverbed embedded (85%), Zhone embedded (85%)
- OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- |_clock-skew: -1s
- Scanning ip 72.52.244.68 (andrew.uswebhost.com (PTR)):
- 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- | dns-nsid:
- |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: LiteSpeed
- |_http-title: Site doesn't have a title (text/html).
- 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- |_pop3-capabilities: STLS AUTH-RESP-CODE TOP PIPELINING UIDL USER RESP-CODES CAPA SASL(PLAIN LOGIN)
- |_ssl-date: TLS randomness does not represent time
- 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- |_imap-capabilities: ID LITERAL+ listed IMAP4rev1 IDLE NAMESPACE LOGIN-REFERRALS post-login Pre-login OK ENABLE have more capabilities STARTTLS SASL-IR AUTH=LOGINA0001 AUTH=PLAIN
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: LiteSpeed
- |_http-title: Site doesn't have a title (text/html).
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: 2019-10-22T11:34:39+00:00; -1s from scanner time.
- | tls-alpn:
- | h2
- | spdy/3
- | spdy/2
- |_ http/1.1
- 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=andrew.uswebhost.com
- | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-04-22T00:00:00
- | Not valid after: 2020-04-21T23:59:59
- | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imaps? syn-ack ttl 56
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3s? syn-ack ttl 56
- |_ssl-date: TLS randomness does not represent time
- 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- | Thread ID: 58267
- | Capabilities flags: 63486
- | Some Capabilities: SupportsCompression, FoundRows, InteractiveClient, IgnoreSpaceBeforeParenthesis, IgnoreSigpipes, SupportsLoadDataLocal, Support41Auth, LongColumnFlag, DontAllowDatabaseTableColumn, ConnectWithDatabase, Speaks41ProtocolOld, SupportsTransactions, ODBCClient, Speaks41ProtocolNew, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
- | Status: Autocommit
- | Salt: v5@!$2nT:dkjUHK}VvoL
- |_ Auth Plugin Name: mysql_native_password
- OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- |_clock-skew: -1s
- Scanning ip 72.52.244.17 (webmail.fortressoffaith.com.):
- 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- | dns-nsid:
- |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-title: Site doesn't have a title (text/html).
- 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- |_imap-capabilities: LOGIN-REFERRALS STARTTLS SASL-IR AUTH=LOGINA0001 post-login NAMESPACE have AUTH=PLAIN ID ENABLE OK IMAP4rev1 more IDLE listed capabilities Pre-login LITERAL+
- 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- | http-cookie-flags:
- | /:
- | PHPSESSID:
- |_ httponly flag not set
- |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- | http-robots.txt: 1 disallowed entry
- |_/wp-admin/
- |_http-title: Did not follow redirect to https://bighornhosting.com/
- | ssl-cert: Subject: commonName=bighornhosting.com
- | Subject Alternative Name: DNS:bighornhosting.com, DNS:cpanel.bighornhosting.com, DNS:mail.bighornhosting.com, DNS:webdisk.bighornhosting.com, DNS:webmail.bighornhosting.com, DNS:whm.bighornhosting.com, DNS:www.bighornhosting.com
- | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-09-18T02:08:45
- | Not valid after: 2019-12-17T02:08:45
- | MD5: d01a 9027 47d9 e638 609d 2c22 c3c4 722c
- |_SHA-1: b6a1 69c7 f8fc 7d21 9237 3776 009f 080c 07f2 1ebf
- 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- 993/tcp open ssl/imaps? syn-ack ttl 56
- 995/tcp open ssl/pop3s? syn-ack ttl 56
- 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- | Thread ID: 59305
- | Capabilities flags: 63486
- | Some Capabilities: Support41Auth, Speaks41ProtocolOld, SupportsTransactions, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, SupportsCompression, ODBCClient, SupportsLoadDataLocal, ConnectWithDatabase, FoundRows, LongColumnFlag, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
- | Status: Autocommit
- | Salt: By\Am&nz:SoVC*HmkT?~
- |_ Auth Plugin Name: mysql_native_password
- Device type: general purpose|storage-misc|firewall|webcam
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (93%), Synology DiskStation Manager 5.X (87%), FreeBSD 6.X (86%), WatchGuard Fireware 11.X (86%), Tandberg embedded (86%)
- OS Info: Service Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- WebCrawling domain's web servers... up to 50 max links.
- + URL to crawl: http://ns1.bighornhosting.com
- + Date: 2019-10-22
- + Crawling URL: http://ns1.bighornhosting.com:
- + Links:
- + Crawling http://ns1.bighornhosting.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://ftp.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: http://ftp.fortressoffaith.com.:
- + Links:
- + Crawling http://ftp.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://ns1.bighornhosting.com
- + Date: 2019-10-22
- + Crawling URL: https://ns1.bighornhosting.com:
- + Links:
- + Crawling https://ns1.bighornhosting.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://ftp.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: https://ftp.fortressoffaith.com.:
- + Links:
- + Crawling https://ftp.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://ns2.bighornhosting.com
- + Date: 2019-10-22
- + Crawling URL: http://ns2.bighornhosting.com:
- + Links:
- + Crawling http://ns2.bighornhosting.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://ns2.bighornhosting.com
- + Date: 2019-10-22
- + Crawling URL: https://ns2.bighornhosting.com:
- + Links:
- + Crawling https://ns2.bighornhosting.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://www.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: http://www.fortressoffaith.com.:
- + Links:
- + Crawling http://www.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://mail.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: http://mail.fortressoffaith.com.:
- + Links:
- + Crawling http://mail.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://fortressoffaith.com
- + Date: 2019-10-22
- + Crawling URL: http://fortressoffaith.com:
- + Links:
- + Crawling http://fortressoffaith.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://webmail.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: http://webmail.fortressoffaith.com.:
- + Links:
- + Crawling http://webmail.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://www.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: https://www.fortressoffaith.com.:
- + Links:
- + Crawling https://www.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mail.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: https://mail.fortressoffaith.com.:
- + Links:
- + Crawling https://mail.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://fortressoffaith.com
- + Date: 2019-10-22
- + Crawling URL: https://fortressoffaith.com:
- + Links:
- + Crawling https://fortressoffaith.com (timed out)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://webmail.fortressoffaith.com.
- + Date: 2019-10-22
- + Crawling URL: https://webmail.fortressoffaith.com.:
- + Links:
- + Crawling https://webmail.fortressoffaith.com. (timed out)
- + Searching for directories...
- + Searching open folders...
- --Finished--
- Summary information for domain fortressoffaith.com.
- -----------------------------------------
- Domain Ips Information:
- IP: 72.52.144.226
- HostName: ns1.bighornhosting.com Type: NS
- HostName: andrew.uswebhost.com Type: PTR
- Type: SPF
- HostName: ftp.fortressoffaith.com. Type: A
- Country: United States
- Is Active: True (echo-reply ttl 56)
- Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
- Script Info: |_http-server-header: LiteSpeed
- Script Info: |_http-title: Site doesn't have a title (text/html).
- Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- Script Info: |_pop3-capabilities: USER PIPELINING CAPA RESP-CODES TOP SASL(PLAIN LOGIN) STLS AUTH-RESP-CODE UIDL
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- Script Info: |_imap-capabilities: STARTTLS AUTH=PLAIN SASL-IR NAMESPACE capabilities IMAP4rev1 post-login Pre-login more have ID AUTH=LOGINA0001 listed IDLE ENABLE LOGIN-REFERRALS LITERAL+ OK
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
- Script Info: |_http-server-header: LiteSpeed
- Script Info: |_http-title: Site doesn't have a title (text/html).
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2017-06-09T00:00:00
- Script Info: | Not valid after: 2018-06-09T23:59:59
- Script Info: | MD5: 8e4f acd9 49e8 1ce2 6852 8d9d e6af a499
- Script Info: |_SHA-1: 25ae d633 8140 a626 8fa9 c672 a9aa 164a 3cd3 1156
- Script Info: |_ssl-date: 2019-10-22T11:31:31+00:00; -1s from scanner time.
- Script Info: | tls-alpn:
- Script Info: | h2
- Script Info: | spdy/3
- Script Info: | spdy/2
- Script Info: |_ http/1.1
- Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: |_smtp-commands: Couldn't establish connection on port 465
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 993/tcp open ssl/imaps? syn-ack ttl 56
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | mysql-info:
- Script Info: | Protocol: 10
- Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | Thread ID: 57087
- Script Info: | Capabilities flags: 63486
- Script Info: | Some Capabilities: LongColumnFlag, ODBCClient, ConnectWithDatabase, FoundRows, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, SupportsCompression, SupportsLoadDataLocal, Support41Auth, SupportsMultipleStatments, SupportsMultipleResults, SupportsAuthPlugins
- Script Info: | Status: Autocommit
- Script Info: | Salt: fUY?k#ga/e1b{fkgBT`f
- Script Info: |_ Auth Plugin Name: mysql_native_password
- Script Info: Device type: general purpose|WAP|storage-misc|firewall|proxy server|broadband router
- Script Info: Running (JUST GUESSING): FreeBSD 6.X (92%), Linux 3.X|4.X|2.6.X (88%), Dell embedded (85%), Cisco embedded (85%), Riverbed embedded (85%), Zhone embedded (85%)
- Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- Script Info: |_clock-skew: -1s
- IP: 72.52.244.68
- HostName: ns2.bighornhosting.com Type: NS
- HostName: andrew.uswebhost.com Type: PTR
- Country: United States
- Is Active: True (reset ttl 64)
- Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
- Script Info: |_http-server-header: LiteSpeed
- Script Info: |_http-title: Site doesn't have a title (text/html).
- Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- Script Info: |_pop3-capabilities: STLS AUTH-RESP-CODE TOP PIPELINING UIDL USER RESP-CODES CAPA SASL(PLAIN LOGIN)
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- Script Info: |_imap-capabilities: ID LITERAL+ listed IMAP4rev1 IDLE NAMESPACE LOGIN-REFERRALS post-login Pre-login OK ENABLE have more capabilities STARTTLS SASL-IR AUTH=LOGINA0001 AUTH=PLAIN
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
- Script Info: |_http-server-header: LiteSpeed
- Script Info: |_http-title: Site doesn't have a title (text/html).
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: 2019-10-22T11:34:39+00:00; -1s from scanner time.
- Script Info: | tls-alpn:
- Script Info: | h2
- Script Info: | spdy/3
- Script Info: | spdy/2
- Script Info: |_ http/1.1
- Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=andrew.uswebhost.com
- Script Info: | Subject Alternative Name: DNS:andrew.uswebhost.com, DNS:www.andrew.uswebhost.com
- Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-04-22T00:00:00
- Script Info: | Not valid after: 2020-04-21T23:59:59
- Script Info: | MD5: 3aea ca91 d196 86ca 0a14 cb01 f4e7 ab54
- Script Info: |_SHA-1: 9e8f 8e39 347d 195f 5283 099c cde1 1eb8 1f5f 5ada
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 993/tcp open ssl/imaps? syn-ack ttl 56
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
- Script Info: |_ssl-date: TLS randomness does not represent time
- Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | mysql-info:
- Script Info: | Protocol: 10
- Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | Thread ID: 58267
- Script Info: | Capabilities flags: 63486
- Script Info: | Some Capabilities: SupportsCompression, FoundRows, InteractiveClient, IgnoreSpaceBeforeParenthesis, IgnoreSigpipes, SupportsLoadDataLocal, Support41Auth, LongColumnFlag, DontAllowDatabaseTableColumn, ConnectWithDatabase, Speaks41ProtocolOld, SupportsTransactions, ODBCClient, Speaks41ProtocolNew, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
- Script Info: | Status: Autocommit
- Script Info: | Salt: v5@!$2nT:dkjUHK}VvoL
- Script Info: |_ Auth Plugin Name: mysql_native_password
- Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- Script Info: |_clock-skew: -1s
- IP: 72.52.244.17
- HostName: fortressoffaith.com Type: MX
- HostName: andrew.uswebhost.com Type: PTR
- HostName: www.fortressoffaith.com. Type: A
- HostName: mail.fortressoffaith.com. Type: A
- HostName: webmail.fortressoffaith.com. Type: A
- Country: United States
- Is Active: True (reset ttl 64)
- Port: 21/tcp open ftp syn-ack ttl 56 Pure-FTPd
- Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
- Port: 80/tcp open http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
- Script Info: |_http-title: Site doesn't have a title (text/html).
- Port: 110/tcp open pop3 syn-ack ttl 56 Dovecot pop3d
- Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
- Script Info: |_imap-capabilities: LOGIN-REFERRALS STARTTLS SASL-IR AUTH=LOGINA0001 post-login NAMESPACE have AUTH=PLAIN ID ENABLE OK IMAP4rev1 more IDLE listed capabilities Pre-login LITERAL+
- Port: 443/tcp open ssl/http syn-ack ttl 56 LiteSpeed httpd
- Script Info: | http-cookie-flags:
- Script Info: | /:
- Script Info: | PHPSESSID:
- Script Info: |_ httponly flag not set
- Script Info: |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
- Script Info: | http-robots.txt: 1 disallowed entry
- Script Info: |_/wp-admin/
- Script Info: |_http-title: Did not follow redirect to https://bighornhosting.com/
- Script Info: | ssl-cert: Subject: commonName=bighornhosting.com
- Script Info: | Subject Alternative Name: DNS:bighornhosting.com, DNS:cpanel.bighornhosting.com, DNS:mail.bighornhosting.com, DNS:webdisk.bighornhosting.com, DNS:webmail.bighornhosting.com, DNS:whm.bighornhosting.com, DNS:www.bighornhosting.com
- Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-09-18T02:08:45
- Script Info: | Not valid after: 2019-12-17T02:08:45
- Script Info: | MD5: d01a 9027 47d9 e638 609d 2c22 c3c4 722c
- Script Info: |_SHA-1: b6a1 69c7 f8fc 7d21 9237 3776 009f 080c 07f2 1ebf
- Port: 465/tcp open ssl/smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
- Script Info: | smtp-commands: andrew.uswebhost.com Hello nmap.scanme.org [45.131.4.11], SIZE 52428800, 8BITMIME, PIPELINING, STARTTLS, HELP,
- Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Port: 993/tcp open ssl/imaps? syn-ack ttl 56
- Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
- Port: 3306/tcp open mysql syn-ack ttl 56 MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | mysql-info:
- Script Info: | Protocol: 10
- Script Info: | Version: 5.5.5-10.2.27-MariaDB-cll-lve
- Script Info: | Thread ID: 59305
- Script Info: | Capabilities flags: 63486
- Script Info: | Some Capabilities: Support41Auth, Speaks41ProtocolOld, SupportsTransactions, IgnoreSpaceBeforeParenthesis, DontAllowDatabaseTableColumn, IgnoreSigpipes, InteractiveClient, Speaks41ProtocolNew, SupportsCompression, ODBCClient, SupportsLoadDataLocal, ConnectWithDatabase, FoundRows, LongColumnFlag, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
- Script Info: | Status: Autocommit
- Script Info: | Salt: By\Am&nz:SoVC*HmkT?~
- Script Info: |_ Auth Plugin Name: mysql_native_password
- Script Info: Device type: general purpose|storage-misc|firewall|webcam
- Script Info: Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (93%), Synology DiskStation Manager 5.X (87%), FreeBSD 6.X (86%), WatchGuard Fireware 11.X (86%), Tandberg embedded (86%)
- Os Info: Host: andrew.uswebhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- #######################################################################################################################################
- ----- fortressoffaith.com -----
- Host's addresses:
- __________________
- fortressoffaith.com. 11399 IN A 72.52.244.17
- Name Servers:
- ______________
- ns2.bighornhosting.com. 83399 IN A 72.52.244.68
- ns1.bighornhosting.com. 84553 IN A 72.52.144.226
- Mail (MX) Servers:
- ___________________
- fortressoffaith.com. 11398 IN A 72.52.244.17
- _______________________________________________
- ftp.fortressoffaith.com. 12507 IN A 72.52.144.226
- mail.fortressoffaith.com. 12494 IN CNAME fortressoffaith.com.
- fortressoffaith.com. 12549 IN A 72.52.244.17
- webmail.fortressoffaith.com. 12459 IN A 72.52.244.17
- www.fortressoffaith.com. 12502 IN CNAME fortressoffaith.com.
- fortressoffaith.com. 12502 IN A 72.52.244.17
- Launching Whois Queries:
- _________________________
- whois ip result: 72.52.144.0 -> 72.52.128.0/17
- #######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- CompressionPlugin
- OpenSslCipherSuitesPlugin
- HeartbleedPlugin
- RobotPlugin
- CertificateInfoPlugin
- FallbackScsvPlugin
- OpenSslCcsInjectionPlugin
- HttpHeadersPlugin
- SessionRenegotiationPlugin
- SessionResumptionPlugin
- EarlyDataPlugin
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 72.52.244.17:443 => 72.52.244.17
- SCAN RESULTS FOR 72.52.244.17:443 - 72.52.244.17
- ------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * OpenSSL Heartbleed:
- OK - Not vulnerable to Heartbleed
- * Certificate Information:
- Content
- SHA1 Fingerprint: b6a169c7f8fc7d2192373776009f080c07f21ebf
- Common Name: bighornhosting.com
- Issuer: Let's Encrypt Authority X3
- Serial Number: 272989317180563932023806509179710043591674
- Not Before: 2019-09-18 02:08:45
- Not After: 2019-12-17 02:08:45
- Signature Algorithm: sha256
- Public Key Algorithm: RSA
- Key Size: 2048
- Exponent: 65537 (0x10001)
- DNS Subject Alternative Names: ['bighornhosting.com', 'cpanel.bighornhosting.com', 'mail.bighornhosting.com', 'webdisk.bighornhosting.com', 'webmail.bighornhosting.com', 'whm.bighornhosting.com', 'www.bighornhosting.com']
- Trust
- Hostname Validation: FAILED - Certificate does NOT match 72.52.244.17
- Android CA Store (9.0.0_r9): OK - Certificate is trusted
- Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
- Java CA Store (jdk-12.0.1): OK - Certificate is trusted
- Mozilla CA Store (2019-03-14): OK - Certificate is trusted
- Windows CA Store (2019-05-27): OK - Certificate is trusted
- Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
- Received Chain: bighornhosting.com --> Let's Encrypt Authority X3
- Verified Chain: bighornhosting.com --> Let's Encrypt Authority X3 --> DST Root CA X3
- Received Chain Contains Anchor: OK - Anchor certificate not sent
- Received Chain Order: OK - Order is valid
- Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
- Extensions
- OCSP Must-Staple: NOT SUPPORTED - Extension not found
- Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
- OCSP Stapling
- OCSP Response Status: successful
- Validation w/ Mozilla Store: OK - Response is trusted
- Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
- Cert Status: good
- Cert Serial Number: 03223E560BAB9BF324451A91529F013413FA
- This Update: Oct 21 03:00:00 2019 GMT
- Next Update: Oct 28 03:00:00 2019 GMT
- * TLSV1_1 Cipher Suites:
- Server rejected all cipher suites.
- * TLSV1 Cipher Suites:
- Server rejected all cipher suites.
- * Downgrade Attacks:
- TLS_FALLBACK_SCSV: OK - Supported
- * OpenSSL CCS Injection:
- OK - Not vulnerable to OpenSSL CCS injection
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * TLS 1.2 Session Resumption Support:
- With Session IDs: PARTIALLY SUPPORTED (4 successful, 1 failed, 0 errors, 5 total attempts).
- With TLS Tickets: OK - Supported
- * TLSV1_2 Cipher Suites:
- Forward Secrecy OK - Supported
- RC4 OK - Not Supported
- Preferred:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- Accepted:
- TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 301 Moved Permanently - https://bighornhosting.com/
- * TLSV1_3 Cipher Suites:
- Server rejected all cipher suites.
- * Session Renegotiation:
- Client-initiated Renegotiation: OK - Rejected
- Secure Renegotiation: OK - Supported
- * ROBOT Attack:
- OK - Not vulnerable
- SCAN COMPLETED IN 37.66 S
- -------------------------
- #######################################################################################################################################
- adding 72.52.244.17/32 mode `TCPscan' ports `7,9,11,13,18,19,21-23,25,37,39,42,49,50,53,65,67-70,79-81,88,98,100,105-107,109-111,113,118,119,123,129,135,137-139,143,150,161-164,174,177-179,191,199-202,204,206,209,210,213,220,345,346,347,369-372,389,406,407,422,443-445,487,500,512-514,517,518,520,525,533,538,548,554,563,587,610-612,631-634,636,642,653,655,657,666,706,750-752,765,779,808,873,901,923,941,946,992-995,1001,1023-1030,1080,1210,1214,1234,1241,1334,1349,1352,1423-1425,1433,1434,1524,1525,1645,1646,1649,1701,1718,1719,1720,1723,1755,1812,1813,2048-2050,2101-2104,2140,2150,2233,2323,2345,2401,2430,2431,2432,2433,2583,2628,2776,2777,2988,2989,3050,3130,3150,3232,3306,3389,3456,3493,3542-3545,3632,3690,3801,4000,4400,4321,4567,4899,5002,5136-5139,5150,5151,5222,5269,5308,5354,5355,5422-5425,5432,5503,5555,5556,5678,6000-6007,6346,6347,6543,6544,6789,6838,6666-6670,7000-7009,7028,7100,7983,8079-8082,8088,8787,8879,9090,9101-9103,9325,9359,10000,10026,10027,10067,10080,10081,10167,10498,11201,15345,17001-17003,18753,20011,20012,21554,22273,26274,27374,27444,27573,31335-31338,31787,31789,31790,31791,32668,32767-32780,33390,47262,49301,54320,54321,57341,58008,58009,58666,59211,60000,60006,61000,61348,61466,61603,63485,63808,63809,64429,65000,65506,65530-65535' pps 300
- using interface(s) eth0
- added module payload for port 5060 proto 17
- added module payload for port 1900 proto 17
- added module payload for port 53 proto 17
- added module payload for port 80 proto 6
- added module payload for port 80 proto 6
- added module payload for port 518 proto 17
- scaning 1.00e+00 total hosts with 3.38e+02 total packets, should take a little longer than 8 Seconds
- drone type Unknown on fd 4 is version 1.1
- drone type Unknown on fd 3 is version 1.1
- added module payload for port 5060 proto 17
- added module payload for port 1900 proto 17
- added module payload for port 53 proto 17
- added module payload for port 80 proto 6
- added module payload for port 80 proto 6
- added module payload for port 518 proto 17
- scan iteration 1 out of 1
- using pcap filter: `dst 192.168.0.52 and ! src 192.168.0.52 and (tcp)'
- using TSC delay
- sender statistics 299.8 pps with 338 packets sent total
- listener statistics 94 packets recieved 0 packets droped and 0 interface drops
- #######################################################################################################################################
- Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 07:54 EDT
- Nmap scan report for andrew.uswebhost.com (72.52.244.17)
- Host is up (0.14s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 500/udp open|filtered isakmp
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 2.56 seconds
- ######################################################################################################################################
- Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 07:31 EDT
- Nmap scan report for andrew.uswebhost.com (72.52.244.17)
- Host is up (0.32s latency).
- Not shown: 928 filtered ports, 60 closed ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- 53/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
- 80/tcp open http LiteSpeed httpd
- 110/tcp open pop3 Dovecot pop3d
- 143/tcp open imap Dovecot imapd
- 443/tcp open ssl/http LiteSpeed httpd
- 465/tcp open ssl/smtp Exim smtpd 4.92
- 587/tcp open smtp Exim smtpd 4.92
- 993/tcp open ssl/imaps?
- 995/tcp open ssl/pop3s?
- 2200/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- 3306/tcp open mysql MySQL 5.5.5-10.2.27-MariaDB-cll-lve
- Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
- #######################################################################################################################################
- https://fortressoffaith.com/ [200 OK] Country[UNITED STATES][US], Google-Analytics[Universal][UA-113358977-1], HTML5, HTTPServer[LiteSpeed], IP[72.52.244.17], JQuery, LiteSpeed, MetaGenerator[WordPress 5.2.4], PHP[7.0.33], Script[text/javascript], Title[Fortress of Faith – Refuting Islam], UncommonHeaders[access-control-allow-origin,link,x-litespeed-cache,alt-svc], WordPress[5.2.4], X-Powered-By[PHP/7.0.33], X-UA-Compatible[IE=edge]
- #######################################################################################################################################
- [+] URL: https://fortressoffaith.com/
- [+] Started: Tue Oct 22 07:04:11 2019
- Interesting Finding(s):
- [+] https://fortressoffaith.com/
- | Interesting Entries:
- | - x-powered-by: PHP/7.0.33
- | - access-control-allow-origin: *
- | - x-ua-compatible: IE=edge
- | - x-litespeed-cache: hit
- | - server: LiteSpeed
- | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] https://fortressoffaith.com/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/wp-cron.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 60%
- | References:
- | - https://www.iplocation.net/defend-wordpress-from-ddos
- | - https://github.com/wpscanteam/wpscan/issues/1299
- [+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
- | Detected By: Emoji Settings (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
- [+] WordPress theme in use: generatepress
- | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
- | Latest Version: 2.3.2 (up to date)
- | Last Updated: 2019-06-25T00:00:00.000Z
- | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
- | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
- | Style Name: GeneratePress
- | Style URI: https://generatepress.com
- | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
- | Author: Tom Usborne
- | Author URI: https://tomusborne.com
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.3.2 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
- [+] Enumerating All Plugins (via Passive Methods)
- [+] Checking Plugin Versions (via Passive and Aggressive Methods)
- [i] Plugin(s) Identified:
- [+] cuepro
- | Location: https://fortressoffaith.com/wp-content/plugins/cuepro/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] elementor
- | Location: https://fortressoffaith.com/wp-content/plugins/elementor/
- | Latest Version: 2.7.4 (up to date)
- | Last Updated: 2019-10-06T13:05:00.000Z
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.7.4 (100% confidence)
- | Detected By: Query Parameter (Passive Detection)
- | - https://fortressoffaith.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.7.4
- | - https://fortressoffaith.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.7.4
- | Confirmed By: Readme - Stable Tag (Aggressive Detection)
- | - https://fortressoffaith.com/wp-content/plugins/elementor/readme.txt
- [+] elementor-pro
- | Location: https://fortressoffaith.com/wp-content/plugins/elementor-pro/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] feedburner-alternative-and-rss-redirect
- | Location: https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/
- | Latest Version: 2.3 (up to date)
- | Last Updated: 2019-10-02T13:01:00.000Z
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.3 (100% confidence)
- | Detected By: Readme - Stable Tag (Aggressive Detection)
- | - https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/readme.txt
- | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
- | - https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/readme.txt
- [+] maticpress-client
- | Location: https://fortressoffaith.com/wp-content/plugins/maticpress-client/
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | The version could not be determined.
- [+] Enumerating Config Backups (via Passive and Aggressive Methods)
- Checking Config Backups - Time: 00:00:12 <=============> (21 / 21) 100.00% Time: 00:00:12
- [i] No Config Backups Found.
- [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
- [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
- [+] Finished: Tue Oct 22 07:05:12 2019
- [+] Requests Done: 70
- [+] Cached Requests: 6
- [+] Data Sent: 19.748 KB
- [+] Data Received: 467.155 KB
- [+] Memory used: 133.723 MB
- [+] Elapsed time: 00:01:01
- #######################################################################################################################################
- [+] URL: https://fortressoffaith.com/
- [+] Started: Tue Oct 22 07:04:14 2019
- Interesting Finding(s):
- [+] https://fortressoffaith.com/
- | Interesting Entries:
- | - x-powered-by: PHP/7.0.33
- | - access-control-allow-origin: *
- | - x-ua-compatible: IE=edge
- | - x-litespeed-cache: hit
- | - server: LiteSpeed
- | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] https://fortressoffaith.com/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/wp-cron.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 60%
- | References:
- | - https://www.iplocation.net/defend-wordpress-from-ddos
- | - https://github.com/wpscanteam/wpscan/issues/1299
- [+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
- | Detected By: Emoji Settings (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
- [+] WordPress theme in use: generatepress
- | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
- | Latest Version: 2.3.2 (up to date)
- | Last Updated: 2019-06-25T00:00:00.000Z
- | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
- | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
- | Style Name: GeneratePress
- | Style URI: https://generatepress.com
- | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
- | Author: Tom Usborne
- | Author URI: https://tomusborne.com
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.3.2 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
- [+] Enumerating Users (via Passive and Aggressive Methods)
- Brute Forcing Author IDs - Time: 00:00:07 <==> (10 / 10) 100.00% Time: 00:00:07
- [i] User(s) Identified:
- [+] pcoovert
- | Detected By: Wp Json Api (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] admin
- | Detected By: Wp Json Api (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Oembed API - Author URL (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=json
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] josh
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
- [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
- [+] Finished: Tue Oct 22 07:05:05 2019
- [+] Requests Done: 40
- [+] Cached Requests: 19
- [+] Data Sent: 13.985 KB
- [+] Data Received: 321.54 KB
- [+] Memory used: 114.797 MB
- [+] Elapsed time: 00:00:51
- #######################################################################################################################################
- [+] URL: https://fortressoffaith.com/
- [+] Started: Tue Oct 22 07:07:05 2019
- Interesting Finding(s):
- [+] https://fortressoffaith.com/
- | Interesting Entries:
- | - x-powered-by: PHP/7.0.33
- | - access-control-allow-origin: *
- | - x-ua-compatible: IE=edge
- | - x-litespeed-cache: hit
- | - server: LiteSpeed
- | - alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/robots.txt
- | Interesting Entries:
- | - /wp-admin/
- | - /wp-admin/admin-ajax.php
- | Found By: Robots Txt (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/xmlrpc.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] https://fortressoffaith.com/readme.html
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] This site has 'Must Use Plugins': https://fortressoffaith.com/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] Upload directory has listing enabled: https://fortressoffaith.com/wp-content/uploads/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 100%
- [+] https://fortressoffaith.com/wp-cron.php
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 60%
- | References:
- | - https://www.iplocation.net/defend-wordpress-from-ddos
- | - https://github.com/wpscanteam/wpscan/issues/1299
- [+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
- | Detected By: Emoji Settings (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.2.4'
- | Confirmed By: Meta Generator (Passive Detection)
- | - https://fortressoffaith.com/, Match: 'WordPress 5.2.4'
- [+] WordPress theme in use: generatepress
- | Location: https://fortressoffaith.com/wp-content/themes/generatepress/
- | Latest Version: 2.3.2 (up to date)
- | Last Updated: 2019-06-25T00:00:00.000Z
- | Readme: https://fortressoffaith.com/wp-content/themes/generatepress/readme.txt
- | Style URL: https://fortressoffaith.com/wp-content/themes/generatepress/style.css
- | Style Name: GeneratePress
- | Style URI: https://generatepress.com
- | Description: GeneratePress is a lightweight WordPress theme built with a focus on speed and usability. Performanc...
- | Author: Tom Usborne
- | Author URI: https://tomusborne.com
- |
- | Detected By: Urls In Homepage (Passive Detection)
- |
- | Version: 2.3.2 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - https://fortressoffaith.com/wp-content/themes/generatepress/style.css, Match: 'Version: 2.3.2'
- [+] Enumerating Users (via Passive and Aggressive Methods)
- Brute Forcing Author IDs - Time: 00:00:02 <============> (10 / 10) 100.00% Time: 00:00:02
- [i] User(s) Identified:
- [+] pcoovert
- | Detected By: Wp Json Api (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] admin
- | Detected By: Wp Json Api (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/wp/v2/users/?per_page=100&page=1
- | Confirmed By:
- | Oembed API - Author URL (Aggressive Detection)
- | - https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=json
- | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [+] josh
- | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
- [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
- [!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
- [+] Finished: Tue Oct 22 07:07:14 2019
- [+] Requests Done: 16
- [+] Cached Requests: 43
- [+] Data Sent: 4.43 KB
- [+] Data Received: 50.064 KB
- [+] Memory used: 113.871 MB
- [+] Elapsed time: 00:00:09
- #######################################################################################################################################
- [INFO] ------TARGET info------
- [*] TARGET: https://fortressoffaith.com/
- [*] TARGET IP: 72.52.244.17
- [INFO] NO load balancer detected for fortressoffaith.com...
- [*] DNS servers: ns1.bighornhosting.com.
- [*] TARGET server: LiteSpeed
- [*] CC: US
- [*] Country: United States
- [*] RegionCode: MI
- [*] RegionName: Michigan
- [*] City: Lansing
- [*] ASN: AS32244
- [*] BGP_PREFIX: 72.52.128.0/17
- [*] ISP: LIQUIDWEB - Liquid Web, L.L.C, US
- [INFO] SSL/HTTPS certificate detected
- [*] Issuer: issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
- [*] Subject: subject=CN = fortressoffaith.com
- [ALERT] Let's Encrypt is commonly used for Phishing
- [INFO] DNS enumeration:
- [*] ftp.fortressoffaith.com 72.52.144.226
- [*] mail.fortressoffaith.com fortressoffaith.com. 72.52.244.17
- [*] webmail.fortressoffaith.com 72.52.244.17
- [INFO] Possible abuse mails are:
- [*] abuse@fortressoffaith.com
- [*] abuse@sourcedns.com
- [*] admin@sourcedns.com
- [*] ipadmin@liquidweb.com
- [*] lisa@webclickhosting.com
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [ALERT] robots.txt file FOUND in http://fortressoffaith.com/robots.txt
- [INFO] Checking for HTTP status codes recursively from http://fortressoffaith.com/robots.txt
- [INFO] Status code Folders
- [*] 200 http://fortressoffaith.com/wp-admin/
- [INFO] Starting FUZZing in http://fortressoffaith.com/FUzZzZzZzZz...
- [INFO] Status code Folders
- [*] 200 http://fortressoffaith.com/news
- [ALERT] Look in the source code. It may contain passwords
- [INFO] Links found from https://fortressoffaith.com/ http://72.52.244.17/:
- [*] http://72.52.244.17/cgi-sys/defaultwebpage.cgi
- [*] http://fortressoffaith.sermon.net/21099434
- [*] http://fortressoffaith.sermon.net/21099740
- [*] http://fortressoffaith.sermon.net/rss/main/audio
- [*] https://crm.fundly.com/6609/Pages/fundraising/#/5
- [*] https://fortressoffaith.com/
- [*] https://fortressoffaith.com/apologetic-responses/
- [*] https://fortressoffaith.com/articles-by-category/
- [*] https://fortressoffaith.com/contact/
- [*] https://fortressoffaith.com/#content
- [*] https://fortressoffaith.com/daily-articles-2/
- [*] https://fortressoffaith.com/elementor-11586/
- [*] https://fortressoffaith.com/evangelizing-muslims/
- [*] https://fortressoffaith.com/feed/
- [*] https://fortressoffaith.com/in-the-news/
- [*] https://fortressoffaith.com/islam-and-pedophilia/
- [*] https://fortressoffaith.com/islam-in-proficy/
- [*] https://fortressoffaith.com/islam-terrorism/
- [*] https://fortressoffaith.com/islam-the-religion/
- [*] https://fortressoffaith.com/muslims-the-people/
- [*] https://fortressoffaith.com/newsletter-subscribe/
- [*] https://fortressoffaith.com/other-issues/
- [*] https://fortressoffaith.com/privacy-policy/
- [*] https://fortressoffaith.com/radio-2/
- [*] https://fortressoffaith.com/study/
- [*] https://fortressoffaith.com/terms-conditions/
- [*] https://fortressoffaith.com/when-muslims-play-the-race-card/
- [*] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/
- [*] https://fortressoffaith.com/wp-json/oembed/1.0/embed?url=https://fortressoffaith.com/&format=xml
- [*] https://play.google.com/store/apps/details?id=com.mobincube.fortress_of_faith.sc_DWXU1A
- [*] http://www.fortressoffaith.org/
- [INFO] GOOGLE has 294,000 results (0.20 seconds) about http://fortressoffaith.com/
- [INFO] Shodan detected the following opened ports on 72.52.244.17:
- [*] 1
- [*] 110
- [*] 143
- [*] 2082
- [*] 2083
- [*] 2086
- [*] 2087
- [*] 21
- [*] 3306
- [*] 4
- [*] 443
- [*] 53
- [*] 587
- [*] 80
- [*] 993
- [*] 995
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [*] Total Sites
- [INFO] Useful links related to fortressoffaith.com - 72.52.244.17:
- [*] https://www.virustotal.com/pt/ip-address/72.52.244.17/information/
- [*] https://www.hybrid-analysis.com/search?host=72.52.244.17
- [*] https://www.shodan.io/host/72.52.244.17
- [*] https://www.senderbase.org/lookup/?search_string=72.52.244.17
- [*] https://www.alienvault.com/open-threat-exchange/ip/72.52.244.17
- [*] http://pastebin.com/search?q=72.52.244.17
- [*] http://urlquery.net/search.php?q=72.52.244.17
- [*] http://www.alexa.com/siteinfo/fortressoffaith.com
- [*] http://www.google.com/safebrowsing/diagnostic?site=fortressoffaith.com
- [*] https://censys.io/ipv4/72.52.244.17
- [*] https://www.abuseipdb.com/check/72.52.244.17
- [*] https://urlscan.io/search/#72.52.244.17
- [*] https://github.com/search?q=72.52.244.17&type=Code
- [INFO] Useful links related to AS32244 - 72.52.128.0/17:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:32244
- [*] https://www.senderbase.org/lookup/?search_string=72.52.128.0/17
- [*] http://bgp.he.net/AS32244
- [*] https://stat.ripe.net/AS32244
- [INFO] Date: 22/10/19 | Time: 07:09:58
- [INFO] Total time: 1 minute(s) and 56 second(s)
- #######################################################################################################################################
- [-] Target: https://fortressoffaith.com (72.52.244.17)
- [I] Server: LiteSpeed
- [I] X-Powered-By: PHP/7.0.33
- [L] X-Frame-Options: Not Enforced
- [I] Strict-Transport-Security: Not Enforced
- [I] X-Content-Security-Policy: Not Enforced
- [I] X-Content-Type-Options: Not Enforced
- [L] Robots.txt Found: https://fortressoffaith.com/robots.txt
- [I] CMS Detection: WordPress
- [I] Wordpress Version: 5.2.4
- [I] Wordpress Theme: generatepress
- [-] WordPress usernames identified:
- [M] Josh Rodriguez
- [M] Pierre Coovert
- [M] Tom Wallace
- [M] admin
- [M] josh
- [M] pcoovert
- [M] XML-RPC services are enabled
- [M] Website vulnerable to XML-RPC Brute Force Vulnerability
- [I] Autocomplete Off Not Found: https://fortressoffaith.com/wp-login.php
- [-] Default WordPress Files:
- [I] https://fortressoffaith.com/license.txt
- [I] https://fortressoffaith.com/readme.html
- [I] https://fortressoffaith.com/wp-content/themes/twentynineteen/readme.txt
- [I] https://fortressoffaith.com/wp-includes/ID3/license.commercial.txt
- [I] https://fortressoffaith.com/wp-includes/ID3/license.txt
- [I] https://fortressoffaith.com/wp-includes/ID3/readme.txt
- [I] https://fortressoffaith.com/wp-includes/images/crystal/license.txt
- [I] https://fortressoffaith.com/wp-includes/js/plupload/license.txt
- [I] https://fortressoffaith.com/wp-includes/js/swfupload/license.txt
- [I] https://fortressoffaith.com/wp-includes/js/tinymce/license.txt
- [-] Searching Wordpress Plugins ...
- [I] advanced-uploader v3.2
- [M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
- [I] cuepro
- [I] elementor v2.7.4
- [I] elementor-pro
- [I] feed
- [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
- [I] feedburner-alternative-and-rss-redirect v2.3
- [I] maticpress-client
- [I] woocommerce v3.4.0
- [M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
- [I] Checking for Directory Listing Enabled ...
- [L] https://fortressoffaith.com/wp-admin/css
- [L] https://fortressoffaith.com/wp-admin/images
- [L] https://fortressoffaith.com/wp-admin/includes
- [L] https://fortressoffaith.com/wp-admin/js
- [L] https://fortressoffaith.com/wp-admin/maint
- [L] https://fortressoffaith.com/wp-includes
- [L] https://fortressoffaith.com/wp-includes/ID3
- [L] https://fortressoffaith.com/wp-includes/IXR
- [L] https://fortressoffaith.com/wp-includes/Requests
- [L] https://fortressoffaith.com/wp-includes/SimplePie
- [L] https://fortressoffaith.com/wp-includes/Text
- [L] https://fortressoffaith.com/wp-includes/blocks
- [L] https://fortressoffaith.com/wp-includes/certificates
- [L] https://fortressoffaith.com/wp-includes/css
- [L] https://fortressoffaith.com/wp-includes/customize
- [L] https://fortressoffaith.com/wp-includes/fonts
- [L] https://fortressoffaith.com/wp-includes/images
- [L] https://fortressoffaith.com/wp-includes/js
- [L] https://fortressoffaith.com/wp-includes/pomo
- [L] https://fortressoffaith.com/wp-includes/random_compat
- [L] https://fortressoffaith.com/wp-includes/rest-api
- [L] https://fortressoffaith.com/wp-includes/sodium_compat
- [L] https://fortressoffaith.com/wp-includes/theme-compat
- [L] https://fortressoffaith.com/wp-includes/widgets
- [L] https://fortressoffaith.com/wp-content/plugins/advanced-uploader
- [L] https://fortressoffaith.com/wp-content/plugins/cuepro
- [L] https://fortressoffaith.com/wp-content/plugins/elementor
- [L] https://fortressoffaith.com/wp-content/plugins/elementor-pro
- [L] https://fortressoffaith.com/wp-content/plugins/feedburner-alternative-and-rss-redirect
- [L] https://fortressoffaith.com/wp-content/plugins/woocommerce
- [-] Date & Time: 22/10/2019 07:26:10
- [-] Completed in: 0:21:46
- #######################################################################################################################################
- Anonymous JTSEC #OpDomesticTerrorism Full Recon #5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement