· 6 years ago · Oct 22, 2019, 02:42 PM
1#######################################################################################################################################
2======================================================================================================================================
3Hostname www.respectwashington.us ISP Hurricane Electric LLC
4Continent North America Flag
5US
6Country United States Country Code US
7Region Unknown Local time 22 Oct 2019 07:53 CDT
8City Unknown Postal Code Unknown
9IP Address 65.49.16.26 Latitude 37.751
10 Longitude -97.822
11=======================================================================================================================================
12#######################################################################################################################################
13> www.respectwashington.us
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18www.respectwashington.us canonical name = respectwashington.us.
19Name: respectwashington.us
20Address: 65.49.16.26
21>
22#######################################################################################################################################
23Domain Name: respectwashington.us
24Registry Domain ID: D16560512-US
25Registrar WHOIS Server: whois.godaddy.com
26Registrar URL: whois.godaddy.com
27Updated Date: 2019-05-17T14:12:02Z
28Creation Date: 2008-05-12T19:02:13Z
29Registry Expiry Date: 2020-05-11T23:59:59Z
30Registrar: GoDaddy.com, Inc.
31Registrar IANA ID: 146
32Registrar Abuse Contact Email: abuse@godaddy.com
33Registrar Abuse Contact Phone: +1.4806242505
34Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
35Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
36Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
37Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
38Registry Registrant ID: C24033066-US
39Registrant Name: B. Keller
40Registrant Organization:
41Registrant Street: PO Box 3786
42Registrant Street:
43Registrant Street:
44Registrant City: Federal Way
45Registrant State/Province: Washington
46Registrant Postal Code: 98063-3786
47Registrant Country: US
48Registrant Phone: +1.2069353505
49Registrant Phone Ext:
50Registrant Fax:
51Registrant Fax Ext:
52Registrant Email: info@respectwashington.us
53Registrant Application Purpose: P3
54Registrant Nexus Category: C11
55Registry Admin ID: C24033071-US
56Admin Name: B. Keller
57Admin Organization:
58Admin Street: PO Box 3786
59Admin Street:
60Admin Street:
61Admin City: Federal Way
62Admin State/Province: Washington
63Admin Postal Code: 98063-3786
64Admin Country: US
65Admin Phone: +1.2069353505
66Admin Phone Ext:
67Admin Fax:
68Admin Fax Ext:
69Admin Email: info@respectwashington.us
70Admin Application Purpose: P3
71Admin Nexus Category: C11
72Registry Tech ID: C24033068-US
73Tech Name: B. Keller
74Tech Organization:
75Tech Street: PO Box 3786
76Tech Street:
77Tech Street:
78Tech City: Federal Way
79Tech State/Province: Washington
80Tech Postal Code: 98063-3786
81Tech Country: US
82Tech Phone: +1.2069353505
83Tech Phone Ext:
84Tech Fax:
85Tech Fax Ext:
86Tech Email: info@respectwashington.us
87Tech Application Purpose: P3
88Tech Nexus Category: C11
89Name Server: ns2.he.net
90Name Server: ns1.he.net
91DNSSEC: unsigned
92######################################################################################################################################
93[+] Target : www.respectwashington.us
94
95[+] IP Address : 65.49.16.26
96
97[+] Headers :
98
99[+] Date : Tue, 22 Oct 2019 13:02:14 GMT
100[+] Server : Apache/2.4.18 (Ubuntu)
101[+] Last-Modified : Fri, 23 Feb 2018 15:15:28 GMT
102[+] ETag : "8956-565e2a1613be1-gzip"
103[+] Accept-Ranges : bytes
104[+] Vary : Accept-Encoding
105[+] Content-Encoding : gzip
106[+] Content-Length : 11076
107[+] Keep-Alive : timeout=5, max=100
108[+] Connection : Keep-Alive
109[+] Content-Type : text/html
110
111[+] SSL Certificate Information :
112
113[+] commonName : respectwashington.us
114[+] countryName : US
115[+] organizationName : Let's Encrypt
116[+] commonName : Let's Encrypt Authority X3
117[+] Version : 3
118[+] Serial Number : 0487DBDE45DC509FE9B4B360E72AAB131161
119[+] Not Before : Sep 23 10:50:34 2019 GMT
120[+] Not After : Dec 22 10:50:34 2019 GMT
121[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
122[+] subject Alt Name : (('DNS', 'keller4america.us'), ('DNS', 'mail.respectwashington.us'), ('DNS', 'respectwashington.us'), ('DNS', 'www.keller4america.us'), ('DNS', 'www.respectwashington.us'))
123[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
124
125[+] Whois Lookup :
126
127[+] NIR : None
128[+] ASN Registry : arin
129[+] ASN : 6939
130[+] ASN CIDR : 65.49.0.0/17
131[+] ASN Country Code : US
132[+] ASN Date : 2007-10-04
133[+] ASN Description : HURRICANE - Hurricane Electric LLC, US
134[+] cidr : 65.49.0.0/17
135[+] name : HURRICANE-9
136[+] handle : NET-65-49-0-0-1
137[+] range : 65.49.0.0 - 65.49.127.255
138[+] description : Hurricane Electric LLC
139[+] country : US
140[+] state : CA
141[+] city : Fremont
142[+] address : 760 Mission Court
143[+] postal_code : 94539
144[+] emails : ['abuse@he.net', 'hostmaster@he.net']
145[+] created : 2007-10-04
146[+] updated : 2012-02-24
147
148[+] Crawling Target...
149
150[+] Looking for robots.txt........[ Not Found ]
151[+] Looking for sitemap.xml.......[ Not Found ]
152[+] Extracting CSS Links..........[ 1 ]
153[+] Extracting Javascript Links...[ 0 ]
154[+] Extracting Internal Links.....[ 0 ]
155[+] Extracting External Links.....[ 10 ]
156[+] Extracting Images.............[ 3 ]
157
158[+] Total Links Extracted : 14
159
160[+] Dumping Links in /opt/FinalRecon/dumps/www.respectwashington.us.dump
161[+] Completed!
162######################################################################################################################################
163[+] Starting At 2019-10-22 09:02:23.804210
164[+] Collecting Information On: http://www.respectwashington.us/
165[#] Status: 200
166--------------------------------------------------
167[#] Web Server Detected: Apache/2.4.18 (Ubuntu)
168[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
169- Date: Tue, 22 Oct 2019 13:02:24 GMT
170- Server: Apache/2.4.18 (Ubuntu)
171- Last-Modified: Fri, 23 Feb 2018 15:15:28 GMT
172- ETag: "8956-565e2a1613be1-gzip"
173- Accept-Ranges: bytes
174- Vary: Accept-Encoding
175- Content-Encoding: gzip
176- Content-Length: 11076
177- Keep-Alive: timeout=5, max=100
178- Connection: Keep-Alive
179- Content-Type: text/html
180--------------------------------------------------
181[#] Finding Location..!
182[#] status: success
183[#] country: United States
184[#] countryCode: US
185[#] region: CA
186[#] regionName: California
187[#] city: Fremont
188[#] zip: 94539
189[#] lat: 37.4718
190[#] lon: -121.92
191[#] timezone: America/Los_Angeles
192[#] isp: Hurricane Electric LLC
193[#] org: Hurricane Electric
194[#] as: AS6939 Hurricane Electric LLC
195[#] query: 65.49.16.26
196--------------------------------------------------
197[x] Didn't Detect WAF Presence on: http://www.respectwashington.us/
198--------------------------------------------------
199[#] Starting Reverse DNS
200[-] Failed ! Fail
201--------------------------------------------------
202[!] Scanning Open Port
203[#] 80/tcp open http
204[#] 110/tcp open pop3
205[#] 143/tcp open imap
206[#] 443/tcp open https
207[#] 465/tcp open smtps
208[#] 587/tcp open submission
209[#] 993/tcp open imaps
210[#] 995/tcp open pop3s
211--------------------------------------------------
212[+] Collecting Information Disclosure!
213[#] Detecting sitemap.xml file
214[-] sitemap.xml file not Found!?
215[#] Detecting robots.txt file
216[-] robots.txt file not Found!?
217[#] Detecting GNU Mailman
218[-] GNU Mailman App Not Detected!?
219--------------------------------------------------
220[+] Crawling Url Parameter On: http://www.respectwashington.us/
221--------------------------------------------------
222[#] Searching Html Form !
223[-] No Html Form Found!?
224--------------------------------------------------
225[-] No DOM Paramter Found!?
226--------------------------------------------------
227[-] No internal Dynamic Parameter Found!?
228--------------------------------------------------
229[!] 4 External Dynamic Parameter Discovered
230[#] http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
231[#] http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
232[#] http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
233[#] http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
234--------------------------------------------------
235[!] 23 Internal links Discovered
236[+] http://www.respectwashington.us//rw-style.css
237[+] http://www.respectwashington.us//rwhome.html
238[+] http://www.respectwashington.us//whyweneed.html
239[+] http://www.respectwashington.us//petition.html
240[+] http://www.respectwashington.us//support.html
241[+] http://www.respectwashington.us//donate.html
242[+] http://www.respectwashington.us//testimonials.html
243[+] http://www.respectwashington.us//legal-action.html
244[+] http://www.respectwashington.us//volunteer.html
245[+] http://www.respectwashington.us//contact.html
246[+] http://www.respectwashington.us//Spokane Appellant Opening Brief.pdf
247[+] http://www.respectwashington.us//001 Gomez v Spokane Complaint.pdf
248[+] http://www.respectwashington.us//022 Gomez v Spokane Status Report.pdf
249[+] http://www.respectwashington.us//GomezSettlement SR 2018.pdf
250[+] http://www.respectwashington.us//001 Diaz-Garcia Rape INFORMATION.pdf
251[+] http://www.respectwashington.us//001 Diaz-Garcia Child Molest INFORMATION.pdf
252[+] http://www.respectwashington.us//DoC2014CrimeIllegals.pdf
253[+] http://www.respectwashington.us//DoJ Incarcerated Aliens 2017.pdf
254[+] http://www.respectwashington.us//BurienPolice2016Data.pdf
255[+] http://www.respectwashington.us//studies-and-reports/FAIRCostStudyWA2012.pdf
256[+] http://www.respectwashington.us//donate.html
257[+] http://www.respectwashington.us//Oregoneo0722.pdf
258[+] http://www.respectwashington.us//studies-and-reports/FAIRCostStudyWA2012.pdf
259--------------------------------------------------
260[!] 7 External links Discovered
261[#] http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
262[#] http://www.kingcounty.gov/tools/inmate-lookup
263[#] http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
264[#] https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
265[#] http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
266[#] http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
267[#] http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
268--------------------------------------------------
269[#] Mapping Subdomain..
270[!] Found 1 Subdomain
271- respectwashington.us
272--------------------------------------------------
273[!] Done At 2019-10-22 09:02:39.319385
274#######################################################################################################################################
275[i] Scanning Site: http://www.respectwashington.us
276
277
278
279B A S I C I N F O
280====================
281
282
283[+] Site Title: RespectWashington
284[+] IP address: 65.49.16.26
285[+] Web Server: Apache/2.4.18 (Ubuntu)
286[+] CMS: Could Not Detect
287[+] Cloudflare: Not Detected
288[+] Robots File: Could NOT Find robots.txt!
289
290
291
292
293W H O I S L O O K U P
294========================
295
296 Domain Name: respectwashington.us
297Registry Domain ID: D16560512-US
298Registrar WHOIS Server: whois.godaddy.com
299Registrar URL: whois.godaddy.com
300Updated Date: 2019-05-17T14:12:02Z
301Creation Date: 2008-05-12T19:02:13Z
302Registry Expiry Date: 2020-05-11T23:59:59Z
303Registrar: GoDaddy.com, Inc.
304Registrar IANA ID: 146
305Registrar Abuse Contact Email: abuse@godaddy.com
306Registrar Abuse Contact Phone: +1.4806242505
307Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
308Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
309Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
310Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
311Registry Registrant ID: C24033066-US
312Registrant Name: B. Keller
313Registrant Organization:
314Registrant Street: PO Box 3786
315Registrant Street:
316Registrant Street:
317Registrant City: Federal Way
318Registrant State/Province: Washington
319Registrant Postal Code: 98063-3786
320Registrant Country: US
321Registrant Phone: +1.2069353505
322Registrant Phone Ext:
323Registrant Fax:
324Registrant Fax Ext:
325Registrant Email: info@respectwashington.us
326Registrant Application Purpose: P3
327Registrant Nexus Category: C11
328Registry Admin ID: C24033071-US
329Admin Name: B. Keller
330Admin Organization:
331Admin Street: PO Box 3786
332Admin Street:
333Admin Street:
334Admin City: Federal Way
335Admin State/Province: Washington
336Admin Postal Code: 98063-3786
337Admin Country: US
338Admin Phone: +1.2069353505
339Admin Phone Ext:
340Admin Fax:
341Admin Fax Ext:
342Admin Email: info@respectwashington.us
343Admin Application Purpose: P3
344Admin Nexus Category: C11
345Registry Tech ID: C24033068-US
346Tech Name: B. Keller
347Tech Organization:
348Tech Street: PO Box 3786
349Tech Street:
350Tech Street:
351Tech City: Federal Way
352Tech State/Province: Washington
353Tech Postal Code: 98063-3786
354Tech Country: US
355Tech Phone: +1.2069353505
356Tech Phone Ext:
357Tech Fax:
358Tech Fax Ext:
359Tech Email: info@respectwashington.us
360Tech Application Purpose: P3
361Tech Nexus Category: C11
362Name Server: ns2.he.net
363Name Server: ns1.he.net
364DNSSEC: unsigned
365URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
366>>> Last update of WHOIS database: 2019-10-22T13:02:47Z <<<
367
368For more information on Whois status codes, please visit https://icann.org/epp
369
370
371
372
373
374G E O I P L O O K U P
375=========================
376
377[i] IP Address: 65.49.16.26
378[i] Country: United States
379[i] State:
380[i] City:
381[i] Latitude: 37.751
382[i] Longitude: -97.822
383
384
385
386
387H T T P H E A D E R S
388=======================
389
390
391[i] HTTP/1.1 200 OK
392[i] Date: Tue, 22 Oct 2019 13:02:50 GMT
393[i] Server: Apache/2.4.18 (Ubuntu)
394[i] Last-Modified: Fri, 23 Feb 2018 15:15:28 GMT
395[i] ETag: "8956-565e2a1613be1"
396[i] Accept-Ranges: bytes
397[i] Content-Length: 35158
398[i] Vary: Accept-Encoding
399[i] Connection: close
400[i] Content-Type: text/html
401
402
403
404
405D N S L O O K U P
406===================
407
408respectwashington.us. 21599 IN A 65.49.16.26
409respectwashington.us. 21599 IN NS ns2.he.net.
410respectwashington.us. 21599 IN NS ns5.he.net.
411respectwashington.us. 21599 IN NS ns3.he.net.
412respectwashington.us. 21599 IN NS ns1.he.net.
413respectwashington.us. 21599 IN NS ns4.he.net.
414respectwashington.us. 21599 IN SOA ns1.he.net. hostmaster.he.net. 200808098 10800 1800 604800 86400
415respectwashington.us. 21599 IN MX 1 respectwashington.us.
416
417
418
419
420S U B N E T C A L C U L A T I O N
421====================================
422
423Address = 65.49.16.26
424Network = 65.49.16.26 / 32
425Netmask = 255.255.255.255
426Broadcast = not needed on Point-to-Point links
427Wildcard Mask = 0.0.0.0
428Hosts Bits = 0
429Max. Hosts = 1 (2^0 - 0)
430Host Range = { 65.49.16.26 - 65.49.16.26 }
431
432
433
434N M A P P O R T S C A N
435============================
436
437Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-22 13:02 UTC
438Nmap scan report for respectwashington.us (65.49.16.26)
439Host is up (0.064s latency).
440
441PORT STATE SERVICE
44221/tcp closed ftp
44322/tcp closed ssh
44423/tcp closed telnet
44580/tcp open http
446110/tcp open pop3
447143/tcp open imap
448443/tcp open https
4493389/tcp closed ms-wbt-server
450
451Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
452#######################################################################################################################################
453[INFO] ------TARGET info------
454[*] TARGET: http://www.respectwashington.us/
455[*] TARGET IP: 65.49.16.26
456[INFO] NO load balancer detected for www.respectwashington.us...
457[*] DNS servers: respectwashington.us.
458[*] TARGET server: Apache/2.4.18 (Ubuntu)
459[*] CC: US
460[*] Country: United States
461[*] RegionCode: CA
462[*] RegionName: California
463[*] City: Fremont
464[*] ASN: AS6939
465[*] BGP_PREFIX: 65.49.0.0/17
466[*] ISP: HURRICANE - Hurricane Electric LLC, US
467[INFO] DNS enumeration:
468[*] ftp.respectwashington.us respectwashington.us. 65.49.16.26
469[*] mail.respectwashington.us respectwashington.us. 65.49.16.26
470[INFO] Possible abuse mails are:
471[*] abuse@he.net
472[*] abuse@respectwashington.us
473[*] abuse@www.respectwashington.us
474[INFO] NO PAC (Proxy Auto Configuration) file FOUND
475[INFO] Starting FUZZing in http://www.respectwashington.us/FUzZzZzZzZz...
476[INFO] Status code Folders
477[ALERT] Look in the source code. It may contain passwords
478[INFO] SAME content in http://www.respectwashington.us/ AND http://65.49.16.26/
479[INFO] Links found from http://www.respectwashington.us/:
480[*] http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
481[*] https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
482[*] http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
483[*] http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
484[*] http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
485[*] http://www.kingcounty.gov/tools/inmate-lookup
486[*] http://www.respectwashington.us/001 Diaz-Garcia Child Molest INFORMATION.pdf
487[*] http://www.respectwashington.us/001 Diaz-Garcia Rape INFORMATION.pdf
488[*] http://www.respectwashington.us/001 Gomez v Spokane Complaint.pdf
489[*] http://www.respectwashington.us/022 Gomez v Spokane Status Report.pdf
490[*] http://www.respectwashington.us/BurienPolice2016Data.pdf
491[*] http://www.respectwashington.us/contact.html
492[*] http://www.respectwashington.us/DoC2014CrimeIllegals.pdf
493[*] http://www.respectwashington.us/DoJ Incarcerated Aliens 2017.pdf
494[*] http://www.respectwashington.us/donate.html
495[*] http://www.respectwashington.us/GomezSettlement SR 2018.pdf
496[*] http://www.respectwashington.us/legal-action.html
497[*] http://www.respectwashington.us/Oregoneo0722.pdf
498[*] http://www.respectwashington.us/petition.html
499[*] http://www.respectwashington.us/rwhome.html
500[*] http://www.respectwashington.us/Spokane Appellant Opening Brief.pdf
501[*] http://www.respectwashington.us/studies-and-reports/FAIRCostStudyWA2012.pdf
502[*] http://www.respectwashington.us/support.html
503[*] http://www.respectwashington.us/testimonials.html
504[*] http://www.respectwashington.us/volunteer.html
505[*] http://www.respectwashington.us/whyweneed.html
506[*] http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
507[*] http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
508[*] http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
509[*] http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
510[INFO] Shodan detected the following opened ports on 65.49.16.26:
511[*] 1
512[*] 110
513[*] 143
514[*] 25
515[*] 4
516[*] 443
517[*] 465
518[*] 587
519[*] 80
520[*] 995
521[INFO] ------VirusTotal SECTION------
522[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
523[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
524[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
525[INFO] ------Alexa Rank SECTION------
526[INFO] Percent of Visitors Rank in Country:
527[INFO] Percent of Search Traffic:
528[INFO] Percent of Unique Visits:
529[INFO] Total Sites Linking In:
530[*] Total Sites
531[INFO] Useful links related to www.respectwashington.us - 65.49.16.26:
532[*] https://www.virustotal.com/pt/ip-address/65.49.16.26/information/
533[*] https://www.hybrid-analysis.com/search?host=65.49.16.26
534[*] https://www.shodan.io/host/65.49.16.26
535[*] https://www.senderbase.org/lookup/?search_string=65.49.16.26
536[*] https://www.alienvault.com/open-threat-exchange/ip/65.49.16.26
537[*] http://pastebin.com/search?q=65.49.16.26
538[*] http://urlquery.net/search.php?q=65.49.16.26
539[*] http://www.alexa.com/siteinfo/www.respectwashington.us
540[*] http://www.google.com/safebrowsing/diagnostic?site=www.respectwashington.us
541[*] https://censys.io/ipv4/65.49.16.26
542[*] https://www.abuseipdb.com/check/65.49.16.26
543[*] https://urlscan.io/search/#65.49.16.26
544[*] https://github.com/search?q=65.49.16.26&type=Code
545[INFO] Useful links related to AS6939 - 65.49.0.0/17:
546[*] http://www.google.com/safebrowsing/diagnostic?site=AS:6939
547[*] https://www.senderbase.org/lookup/?search_string=65.49.0.0/17
548[*] http://bgp.he.net/AS6939
549[*] https://stat.ripe.net/AS6939
550[INFO] Date: 22/10/19 | Time: 09:04:07
551[INFO] Total time: 1 minute(s) and 21 second(s)
552######################################################################################################################################
553Trying "respectwashington.us"
554;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46465
555;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 5, ADDITIONAL: 10
556
557;; QUESTION SECTION:
558;respectwashington.us. IN ANY
559
560;; ANSWER SECTION:
561respectwashington.us. 43200 IN MX 1 respectwashington.us.
562respectwashington.us. 43200 IN SOA ns1.he.net. hostmaster.he.net. 200808098 10800 1800 604800 86400
563respectwashington.us. 43200 IN A 65.49.16.26
564respectwashington.us. 7200 IN NS ns1.he.net.
565respectwashington.us. 7200 IN NS ns5.he.net.
566respectwashington.us. 7200 IN NS ns2.he.net.
567respectwashington.us. 7200 IN NS ns4.he.net.
568respectwashington.us. 7200 IN NS ns3.he.net.
569
570;; AUTHORITY SECTION:
571respectwashington.us. 7200 IN NS ns3.he.net.
572respectwashington.us. 7200 IN NS ns1.he.net.
573respectwashington.us. 7200 IN NS ns5.he.net.
574respectwashington.us. 7200 IN NS ns2.he.net.
575respectwashington.us. 7200 IN NS ns4.he.net.
576
577;; ADDITIONAL SECTION:
578respectwashington.us. 43200 IN A 65.49.16.26
579ns2.he.net. 5670 IN A 216.218.131.2
580ns2.he.net. 5670 IN AAAA 2001:470:200::2
581ns5.he.net. 5670 IN A 216.66.80.18
582ns5.he.net. 5670 IN AAAA 2001:470:500::2
583ns3.he.net. 4649 IN A 216.218.132.2
584ns3.he.net. 5670 IN AAAA 2001:470:300::2
585ns1.he.net. 5670 IN A 216.218.130.2
586ns1.he.net. 5670 IN AAAA 2001:470:100::2
587ns4.he.net. 11042 IN A 216.66.1.2
588
589Received 491 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 101 ms
590#######################################################################################################################################
591; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace respectwashington.us
592;; global options: +cmd
593. 84866 IN NS j.root-servers.net.
594. 84866 IN NS c.root-servers.net.
595. 84866 IN NS i.root-servers.net.
596. 84866 IN NS g.root-servers.net.
597. 84866 IN NS b.root-servers.net.
598. 84866 IN NS k.root-servers.net.
599. 84866 IN NS m.root-servers.net.
600. 84866 IN NS f.root-servers.net.
601. 84866 IN NS e.root-servers.net.
602. 84866 IN NS l.root-servers.net.
603. 84866 IN NS d.root-servers.net.
604. 84866 IN NS h.root-servers.net.
605. 84866 IN NS a.root-servers.net.
606. 84866 IN RRSIG NS 8 0 518400 20191104050000 20191022040000 22545 . V7L2dB4F79xO9lx8hztPB86SYLY35tcInKqSk8aLbD8fvpqah4DWHoDe 2xbqt74EJPvBDnnxjmyB4tREMvAE2pcJYRcXgEXojn3yhrQSsQ3jFs5F PjYgRw0D2xB2yHw8rQ4l16CD7aEVgG+FefFGqt3W+daAM1PO+IYKW0wG ZlUdJNJSe51nOWemZldGoqlKha/wznCidzCCANqSG6ZPNuvTOgIFhRZB drsNOA4MFLWYNYyQpPWFiqtgkB5nZx3ACgXg/VY6Jy/blXbeM75bse+V 1878EtXXH4TdBRmzNhEyyy6uJa9iO9OjpIn2SDrdVRzSlWOKvOH+Pw8i KLe1JA==
607;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 272 ms
608
609us. 172800 IN NS a.cctld.us.
610us. 172800 IN NS b.cctld.us.
611us. 172800 IN NS c.cctld.us.
612us. 172800 IN NS e.cctld.us.
613us. 172800 IN NS f.cctld.us.
614us. 172800 IN NS k.cctld.us.
615us. 86400 IN DS 39361 8 1 09E0AF18E54225F87A3B10E95C9DA3F1E58E5B59
616us. 86400 IN DS 39361 8 2 415D8DAE2299D2C2DAB7458ED4C715268CD2EB3AE3C1C249FF1696BF 62112201
617us. 86400 IN RRSIG DS 8 1 86400 20191104050000 20191022040000 22545 . iwNdGw1iFmnlQhMmmiTvSmYrvodp8SP96yzRKIQIIGjHcoNjhjPyuCtK 0XV6r/hXQdDALEmrOYoXXm7bm4mxMUAPzELZx53gJqZnLuNSakJSSfSD v3+V7RkjAyDqsFbo8T8xqogYq5gdyfEgywvqM2AlTlCqLDKnq+PWGZSS hs5H2PRFMoBspEeeJDoX7OyaxmOqgZu7xntkkV3BLuj7TaasFeYF7+FH lLkiQIVpoQ7ZjP9V/EYYAEpD4yvfJFYEHEJ8tDQtrfQLuO8c9BrislHb 1N+yXPjCLmzI1qeyGZmCI4EPlzT6i35DOe4GK+NtnAabenxNxdG3+NOi BjnDYA==
618;; Received 702 bytes from 192.5.5.241#53(f.root-servers.net) in 235 ms
619
620respectwashington.us. 7200 IN NS ns1.he.net.
621respectwashington.us. 7200 IN NS ns2.he.net.
62204mlcpvb7mqd2gpuv2rh2rcgskp50v81.us. 86400 IN NSEC3 1 1 1 5BF34C13 056DH6NLLM6G7RO2Q55AA17ELRSE74UF NS SOA RRSIG DNSKEY NSEC3PARAM
62304mlcpvb7mqd2gpuv2rh2rcgskp50v81.us. 86400 IN RRSIG NSEC3 8 2 86400 20191120004524 20191021004231 8985 us. HBYCNylHalmWp7B1QC9PEcoa0noKP+lJdunkL9MFmGqTB/V7U+R797ki NIFoLyjrlUpC8QXAEJJCUued6hPidMcp37LmEUOOg4J5KkgBR/q+f6A1 BwWRAhj+4HU1v6OXZPOPo2sP/lxYS4uDP+7Sfnps/rMRqXgsvVE/Z7Eu Ja4B/a8NF6KhwYfLftWfYlgiC3GBcEne+lFaWLFxl7W7Lw==
624sv29nkrum42r9gdc10fr6govqbv26ibh.us. 86400 IN NSEC3 1 1 1 5BF34C13 SVCMABQOVKNKUD1ODDO1FGH255K00IS1 NS DS RRSIG
625sv29nkrum42r9gdc10fr6govqbv26ibh.us. 86400 IN RRSIG NSEC3 8 2 86400 20191120032006 20191021022206 8985 us. i9QZRvSwQL+a4v7Ur23kXNeoalK80hyCJUyRlskjq75CPl343NoN5USk Hc/emaawPWw04sAw1LlxIOZZ4D0cI0TscpJY3voblXF9k9s4EseahHuw slUfO7MpsB2l5WlImpgbkySreSZGFzCAwOh3RZzMwNTzcvLmIe4YggDe PL2RkVfFIw9bH0iCyn7gnaRBmWksNjzFm78G/cuHaB3uvg==
626;; Received 674 bytes from 156.154.125.70#53(b.cctld.us) in 238 ms
627
628respectwashington.us. 86400 IN A 65.49.16.26
629;; Received 65 bytes from 216.218.130.2#53(ns1.he.net) in 299 ms
630#######################################################################################################################################
631[*] Performing General Enumeration of Domain: respectwashington.us
632[-] DNSSEC is not configured for respectwashington.us
633[*] SOA ns1.he.net 216.218.130.2
634[*] NS ns2.he.net 216.218.131.2
635[*] Bind Version for 216.218.131.2 Served by PowerDNS - https://www.powerdns.com/
636[*] NS ns2.he.net 2001:470:200::2
637[*] Bind Version for 2001:470:200::2 Served by PowerDNS - https://www.powerdns.com/
638[*] NS ns1.he.net 216.218.130.2
639[*] Bind Version for 216.218.130.2 Served by PowerDNS - https://www.powerdns.com/
640[*] NS ns1.he.net 2001:470:100::2
641[*] Bind Version for 2001:470:100::2 Served by PowerDNS - https://www.powerdns.com/
642[*] MX respectwashington.us 65.49.16.26
643[*] A respectwashington.us 65.49.16.26
644[*] Enumerating SRV Records
645[-] No SRV Records Found for respectwashington.us
646[+] 0 Records Found
647######################################################################################################################################
648[*] Processing domain respectwashington.us
649[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
650[+] Getting nameservers
651216.218.131.2 - ns2.he.net
652216.218.130.2 - ns1.he.net
653[-] Zone transfer failed
654
655[+] MX records found, added to target list
6561 respectwashington.us.
657
658[*] Scanning respectwashington.us for A records
65965.49.16.26 - respectwashington.us
66065.49.16.26 - ftp.respectwashington.us
66165.49.16.26 - mail.respectwashington.us
66265.49.16.26 - www.respectwashington.us
663######################################################################################################################################
664
665
666 AVAILABLE PLUGINS
667 -----------------
668
669 CompressionPlugin
670 OpenSslCipherSuitesPlugin
671 HeartbleedPlugin
672 RobotPlugin
673 CertificateInfoPlugin
674 FallbackScsvPlugin
675 OpenSslCcsInjectionPlugin
676 HttpHeadersPlugin
677 SessionRenegotiationPlugin
678 SessionResumptionPlugin
679 EarlyDataPlugin
680
681
682
683 CHECKING HOST(S) AVAILABILITY
684 -----------------------------
685
686 65.49.16.26:443 => 65.49.16.26
687
688
689
690
691 SCAN RESULTS FOR 65.49.16.26:443 - 65.49.16.26
692 ----------------------------------------------
693
694 * Deflate Compression:
695 OK - Compression disabled
696
697 * OpenSSL Heartbleed:
698 OK - Not vulnerable to Heartbleed
699
700 * Certificate Information:
701 Content
702 SHA1 Fingerprint: f98a5fd3ac3822786c2f81cf471ae5b94540febf
703 Common Name: respectwashington.us
704 Issuer: Let's Encrypt Authority X3
705 Serial Number: 394679518299288580990689807411278660178273
706 Not Before: 2019-09-23 10:50:34
707 Not After: 2019-12-22 10:50:34
708 Signature Algorithm: sha256
709 Public Key Algorithm: RSA
710 Key Size: 2048
711 Exponent: 65537 (0x10001)
712 DNS Subject Alternative Names: ['keller4america.us', 'mail.respectwashington.us', 'respectwashington.us', 'www.keller4america.us', 'www.respectwashington.us']
713
714 Trust
715 Hostname Validation: FAILED - Certificate does NOT match 65.49.16.26
716 Android CA Store (9.0.0_r9): OK - Certificate is trusted
717 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
718 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
719 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
720 Windows CA Store (2019-05-27): OK - Certificate is trusted
721 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
722 Received Chain: respectwashington.us --> Let's Encrypt Authority X3
723 Verified Chain: respectwashington.us --> Let's Encrypt Authority X3 --> DST Root CA X3
724 Received Chain Contains Anchor: OK - Anchor certificate not sent
725 Received Chain Order: OK - Order is valid
726 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
727
728 Extensions
729 OCSP Must-Staple: NOT SUPPORTED - Extension not found
730 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
731
732 OCSP Stapling
733 NOT SUPPORTED - Server did not send back an OCSP response
734
735 * TLSV1_1 Cipher Suites:
736 Forward Secrecy OK - Supported
737 RC4 OK - Not Supported
738
739 Preferred:
740 None - Server followed client cipher suite preference.
741 Accepted:
742 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
743 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
744 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
745 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
746 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
747 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
748 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
749 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
750 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
751 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
752
753 * TLSV1_2 Cipher Suites:
754 Forward Secrecy OK - Supported
755 RC4 OK - Not Supported
756
757 Preferred:
758 None - Server followed client cipher suite preference.
759 Accepted:
760 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
761 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
762 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
763 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
764 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
765 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
766 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
767 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
768 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
769 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
770 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
771 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
772 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
773 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
774 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
775 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
776 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
777 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
778 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
779 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
780 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
781 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
782
783 * Downgrade Attacks:
784 TLS_FALLBACK_SCSV: OK - Supported
785
786 * OpenSSL CCS Injection:
787 OK - Not vulnerable to OpenSSL CCS injection
788
789 * SSLV3 Cipher Suites:
790 Server rejected all cipher suites.
791
792 * SSLV2 Cipher Suites:
793 Server rejected all cipher suites.
794
795 * TLSV1 Cipher Suites:
796 Forward Secrecy OK - Supported
797 RC4 OK - Not Supported
798
799 Preferred:
800 None - Server followed client cipher suite preference.
801 Accepted:
802 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
803 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
804 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
805 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
806 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
807 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
808 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
809 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
810 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
811 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
812
813 * TLS 1.2 Session Resumption Support:
814 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
815 With TLS Tickets: OK - Supported
816
817 * Session Renegotiation:
818 Client-initiated Renegotiation: OK - Rejected
819 Secure Renegotiation: OK - Supported
820
821 * TLSV1_3 Cipher Suites:
822 Server rejected all cipher suites.
823
824 * ROBOT Attack:
825 OK - Not vulnerable
826
827
828 SCAN COMPLETED IN 44.02 S
829 -------------------------
830######################################################################################################################################
831Domains still to check: 1
832 Checking if the hostname respectwashington.us. given is in fact a domain...
833
834Analyzing domain: respectwashington.us.
835 Checking NameServers using system default resolver...
836 IP: 216.218.131.2 (United States)
837 HostName: ns2.he.net Type: NS
838 HostName: ns2.he.net Type: PTR
839 IP: 216.218.130.2 (United States)
840 HostName: ns1.he.net Type: NS
841 HostName: ns1.he.net Type: PTR
842
843 Checking MailServers using system default resolver...
844 IP: 65.49.16.26 (United States)
845 HostName: respectwashington.us Type: MX
846 HostName: respectwashington.us Type: PTR
847
848 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
849 No zone transfer found on nameserver 216.218.131.2
850 No zone transfer found on nameserver 216.218.130.2
851
852 Checking SPF record...
853 No SPF record
854
855 Checking 192 most common hostnames using system default resolver...
856 IP: 65.49.16.26 (United States)
857 HostName: respectwashington.us Type: MX
858 HostName: respectwashington.us Type: PTR
859 HostName: www.respectwashington.us. Type: A
860 IP: 65.49.16.26 (United States)
861 HostName: respectwashington.us Type: MX
862 HostName: respectwashington.us Type: PTR
863 HostName: www.respectwashington.us. Type: A
864 HostName: ftp.respectwashington.us. Type: A
865 IP: 65.49.16.26 (United States)
866 HostName: respectwashington.us Type: MX
867 HostName: respectwashington.us Type: PTR
868 HostName: www.respectwashington.us. Type: A
869 HostName: ftp.respectwashington.us. Type: A
870 HostName: mail.respectwashington.us. Type: A
871
872 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
873 Checking netblock 216.218.131.0
874 Checking netblock 65.49.16.0
875 Checking netblock 216.218.130.0
876
877 Searching for respectwashington.us. emails in Google
878 craig@respectwashington.us]
879
880 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
881 Host 216.218.131.2 is up (echo-reply ttl 57)
882 Host 65.49.16.26 is up (reset ttl 64)
883 Host 216.218.130.2 is up (reset ttl 64)
884
885 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
886 Scanning ip 216.218.131.2 (ns2.he.net (PTR)):
887 53/tcp open domain syn-ack ttl 57 PowerDNS 3.3 or later
888 | dns-nsid:
889 | NSID: ns2.he.net (6e73322e68652e6e6574)
890 | id.server: ns2.he.net
891 |_ bind.version: Served by PowerDNS - https://www.powerdns.com/
892 Scanning ip 65.49.16.26 (mail.respectwashington.us.):
893 80/tcp open http syn-ack ttl 53 Apache httpd 2.4.18 ((Ubuntu))
894 | http-methods:
895 |_ Supported Methods: GET HEAD POST OPTIONS
896 |_http-server-header: Apache/2.4.18 (Ubuntu)
897 |_http-title: RespectWashington
898 110/tcp open pop3 syn-ack ttl 53 Dovecot pop3d
899 |_pop3-capabilities: TOP CAPA UIDL USER PIPELINING SASL(PLAIN LOGIN) RESP-CODES STLS AUTH-RESP-CODE
900 |_ssl-date: TLS randomness does not represent time
901 143/tcp open imap syn-ack ttl 53 Dovecot imapd
902 |_imap-capabilities: STARTTLS AUTH=PLAIN capabilities more listed IMAP4rev1 Pre-login LOGIN-REFERRALS SASL-IR OK post-login AUTH=LOGINA0001 IDLE have ENABLE ID LITERAL+
903 |_ssl-date: TLS randomness does not represent time
904 443/tcp open ssl/http syn-ack ttl 53 Apache httpd 2.4.18
905 | http-methods:
906 |_ Supported Methods: GET HEAD POST OPTIONS
907 |_http-server-header: Apache/2.4.18 (Ubuntu)
908 |_http-title: 400 Bad Request
909 | ssl-cert: Subject: commonName=respectwashington.us
910 | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
911 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
912 | Public Key type: rsa
913 | Public Key bits: 2048
914 | Signature Algorithm: sha256WithRSAEncryption
915 | Not valid before: 2019-09-23T10:50:34
916 | Not valid after: 2019-12-22T10:50:34
917 | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
918 |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
919 |_ssl-date: TLS randomness does not represent time
920 | tls-alpn:
921 |_ http/1.1
922 465/tcp open ssl/smtp syn-ack ttl 53 Postfix smtpd
923 |_smtp-commands: Couldn't establish connection on port 465
924 | ssl-cert: Subject: commonName=respectwashington.us
925 | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
926 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
927 | Public Key type: rsa
928 | Public Key bits: 2048
929 | Signature Algorithm: sha256WithRSAEncryption
930 | Not valid before: 2019-09-23T10:50:34
931 | Not valid after: 2019-12-22T10:50:34
932 | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
933 |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
934 |_ssl-date: TLS randomness does not represent time
935 587/tcp open smtp syn-ack ttl 53 Postfix smtpd
936 |_smtp-commands: respectwashington.us Hello nmap.scanme.org, STARTTLS, HELP,
937 | ssl-cert: Subject: commonName=respectwashington.us
938 | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
939 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
940 | Public Key type: rsa
941 | Public Key bits: 2048
942 | Signature Algorithm: sha256WithRSAEncryption
943 | Not valid before: 2019-09-23T10:50:34
944 | Not valid after: 2019-12-22T10:50:34
945 | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
946 |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
947 |_ssl-date: TLS randomness does not represent time
948 993/tcp open ssl/imaps? syn-ack ttl 53
949 |_ssl-date: TLS randomness does not represent time
950 995/tcp open ssl/pop3s? syn-ack ttl 53
951 |_ssl-date: TLS randomness does not represent time
952 OS Info: Service Info: Hosts: www.respectwashington.us, respectwashington.us
953 Scanning ip 216.218.130.2 (ns1.he.net (PTR)):
954 53/tcp open domain syn-ack ttl 57 PowerDNS 3.3 or later
955 | dns-nsid:
956 | NSID: ns1.he.net (6e73312e68652e6e6574)
957 | id.server: ns1.he.net
958 |_ bind.version: Served by PowerDNS - https://www.powerdns.com/
959 WebCrawling domain's web servers... up to 50 max links.
960
961 + URL to crawl: http://ftp.respectwashington.us.
962 + Date: 2019-10-22
963
964 + Crawling URL: http://ftp.respectwashington.us.:
965 + Links:
966 + Crawling http://ftp.respectwashington.us.
967 + Crawling http://ftp.respectwashington.us./rwhome.html
968 + Crawling http://ftp.respectwashington.us./whyweneed.html
969 + Crawling http://ftp.respectwashington.us./petition.html
970 + Crawling http://ftp.respectwashington.us./support.html
971 + Crawling http://ftp.respectwashington.us./donate.html
972 + Crawling http://ftp.respectwashington.us./testimonials.html
973 + Crawling http://ftp.respectwashington.us./legal-action.html
974 + Crawling http://ftp.respectwashington.us./volunteer.html
975 + Crawling http://ftp.respectwashington.us./contact.html
976 + Crawling http://ftp.respectwashington.us./MarchPetition (404 Not Found)
977 + Crawling http://ftp.respectwashington.us./
978 + Searching for directories...
979 - Found: http://ftp.respectwashington.us./rw-images/
980 - Found: http://ftp.respectwashington.us./studies-and-reports/
981 - Found: http://ftp.respectwashington.us./legal-documents/
982 + Searching open folders...
983 - http://ftp.respectwashington.us./rw-images/ (403 Forbidden)
984 - http://ftp.respectwashington.us./studies-and-reports/ (403 Forbidden)
985 - http://ftp.respectwashington.us./legal-documents/ (403 Forbidden)
986 + Crawl finished successfully.
987----------------------------------------------------------------------
988Summary of http://http://ftp.respectwashington.us.
989----------------------------------------------------------------------
990+ Links crawled:
991 - http://ftp.respectwashington.us.
992 - http://ftp.respectwashington.us./
993 - http://ftp.respectwashington.us./MarchPetition (404 Not Found)
994 - http://ftp.respectwashington.us./contact.html
995 - http://ftp.respectwashington.us./donate.html
996 - http://ftp.respectwashington.us./legal-action.html
997 - http://ftp.respectwashington.us./petition.html
998 - http://ftp.respectwashington.us./rwhome.html
999 - http://ftp.respectwashington.us./support.html
1000 - http://ftp.respectwashington.us./testimonials.html
1001 - http://ftp.respectwashington.us./volunteer.html
1002 - http://ftp.respectwashington.us./whyweneed.html
1003 Total links crawled: 12
1004
1005+ Links to files found:
1006 - http://ftp.respectwashington.us./001 Diaz-Garcia Child Molest INFORMATION.pdf
1007 - http://ftp.respectwashington.us./001 Diaz-Garcia Rape INFORMATION.pdf
1008 - http://ftp.respectwashington.us./001 Gomez v Spokane Complaint.pdf
1009 - http://ftp.respectwashington.us./022 Gomez v Spokane Status Report.pdf
1010 - http://ftp.respectwashington.us./BurienPolice2016Data.pdf
1011 - http://ftp.respectwashington.us./CheckBackInMarch.pdf
1012 - http://ftp.respectwashington.us./DoC2014CrimeIllegals.jpg
1013 - http://ftp.respectwashington.us./DoC2014CrimeIllegals.pdf
1014 - http://ftp.respectwashington.us./DoJ Incarcerated Aliens 2017.pdf
1015 - http://ftp.respectwashington.us./FAIRWA2012.pdf
1016 - http://ftp.respectwashington.us./GomezSettlement SR 2018.pdf
1017 - http://ftp.respectwashington.us./Oregoneo0722.pdf
1018 - http://ftp.respectwashington.us./Spokane Appellant Opening Brief.pdf
1019 - http://ftp.respectwashington.us./how-to-ArmstrongV2.ppt
1020 - http://ftp.respectwashington.us./legal-documents/DECLARSTEPHENSAG4-18-11424.pdf
1021 - http://ftp.respectwashington.us./legal-documents/GAO2005-478.pdf
1022 - http://ftp.respectwashington.us./legal-documents/KingBRIEFOPToMSJApr18.pdf
1023 - http://ftp.respectwashington.us./legal-documents/KingDefenseFeb2011.pdf
1024 - http://ftp.respectwashington.us./legal-documents/KingDismissMSJMar2011.pdf
1025 - http://ftp.respectwashington.us./legal-documents/KingMSJDismissDeclMar2011.pdf
1026 - http://ftp.respectwashington.us./legal-documents/KingReplySupportDismissMSJApr25.pdf
1027 - http://ftp.respectwashington.us./legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf
1028 - http://ftp.respectwashington.us./legal-documents/RingDeclareMar2011.pdf
1029 - http://ftp.respectwashington.us./legal-documents/RingMSJMar2011.pdf
1030 - http://ftp.respectwashington.us./legal-documents/RingOPToKingMSJDisApr18.pdf
1031 - http://ftp.respectwashington.us./legal-documents/RingPetitionNov2010.pdf
1032 - http://ftp.respectwashington.us./legal-documents/RingReplySupportMSjApr25.pdf
1033 - http://ftp.respectwashington.us./legal-documents/RingVRidgeMOTIONHEARING5-10-11.pdf
1034 - http://ftp.respectwashington.us./legal-documents/RingVRidgeOralArgs4-29-11.PDF
1035 - http://ftp.respectwashington.us./legal-documents/RingVRidgeOralDecTrans5-10-11.PDF
1036 - http://ftp.respectwashington.us./legal-documents/Ringhofer v Ridge 679708.wma
1037 - http://ftp.respectwashington.us./legal-documents/RinghoferPetitionReview2013.pdf
1038 - http://ftp.respectwashington.us./legal-documents/SpakovskyHeritage28.pdf
1039 - http://ftp.respectwashington.us./legal-documents/TexasHarrisCountyVoteID.pdf
1040 - http://ftp.respectwashington.us./legal-documents/USHouseAdmin2006Bettencourt.pdf
1041 - http://ftp.respectwashington.us./legal-documents/WSCADwyerOpinon12-10-12.pdf
1042 - http://ftp.respectwashington.us./legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf
1043 - http://ftp.respectwashington.us./legal-documents/WSSCAppellantReplyBrief11-14-11.pdf
1044 - http://ftp.respectwashington.us./legal-documents/WSSCDirectReviewGrounds6-24-11.pdf
1045 - http://ftp.respectwashington.us./legal-documents/WSSCOrder88293-5RinghoferVRidge.pdf
1046 - http://ftp.respectwashington.us./legal-documents/WSSCRespondentBrief10-5-11.pdf
1047 - http://ftp.respectwashington.us./legal-documents/WSSCTransfer11-21-11.pdf
1048 - http://ftp.respectwashington.us./rw-images/header-blue-new.jpg
1049 - http://ftp.respectwashington.us./rw-images/keepLegal.gif
1050 - http://ftp.respectwashington.us./rw-style.css
1051 - http://ftp.respectwashington.us./studies-and-reports/11 03 08 FINAL whitepaper.pdf
1052 - http://ftp.respectwashington.us./studies-and-reports/2005DHSHAudit6534.pdf
1053 - http://ftp.respectwashington.us./studies-and-reports/BearStearnsUnderground.pdf
1054 - http://ftp.respectwashington.us./studies-and-reports/FAIRCostStudyWA2012.pdf
1055 - http://ftp.respectwashington.us./studies-and-reports/REAL ID Not National ID Card.pdf
1056 Total links to files: 50
1057
1058+ Externals links found:
1059 - http://community.seattletimes.nwsource.com/archive/?date=20060718&slug=prisonbill18m
1060 - http://irli.org/
1061 - http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
1062 - http://seattletimes.nwsource.com/html/localnews/2014429238_apwaxgrillegalimmigrantslicenses3rdldwritethru.html
1063 - http://seattletimes.nwsource.com/html/localnews/2014643197_wagetheft31m.html
1064 - http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
1065 - http://www.alipac.us/
1066 - http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
1067 - http://www.cis.org
1068 - http://www.fairus.org/site/PageServer
1069 - http://www.familysecuritymatters.org/
1070 - http://www.familysecuritymatters.org/publications/id.9984/pub_detail.asp
1071 - http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
1072 - http://www.heritage.org/
1073 - http://www.heritage.org/Research/HealthCare/wm1714.cfm
1074 - http://www.heritage.org/Research/Immigration/bg1936.cfm
1075 - http://www.heritage.org/Research/Immigration/lm25.cfm
1076 - http://www.heritage.org/Research/Immigration/tst052107a.cfm
1077 - http://www.ice.gov/worksite/
1078 - http://www.irli.org/
1079 - http://www.judicialwatch.org/wp-content/uploads/2014/02/Judicial-Watch-Special-Illegal-Immigration-Report.pdf
1080 - http://www.kingcounty.gov/tools/inmate-lookup
1081 - http://www.legion.org/documents/legion/pdf/illegalimmigration.pdf
1082 - http://www.manhattaninstitute.org/tools/topical_index.php?topic=49
1083 - http://www.minutemanhq.com/
1084 - http://www.numbersusa.org/
1085 - http://www.ojjpac.org/sanctuary.asp
1086 - http://www.oregonir.org/
1087 - http://www.securedbordersusa.com/
1088 - http://www.sos.wa.gov/elections/initiatives/Initiatives.aspx?y=2014&t=p
1089 - http://www.soundpolitics.com/
1090 - http://www.soundpolitics.com/voterlookup.html
1091 - http://www.thesocialcontract.com/
1092 - http://www.thesocialcontract.com/artman2/publish/tsc_18_2/index.shtml
1093 - http://www.thesocialcontract.com/events/press_conf_2009apr14.html
1094 - http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
1095 - http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
1096 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
1097 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
1098 - http://www.wfir.org/
1099 - http://www.wsp.wa.gov/crime/wanted.php
1100 - http://zip4.usps.com/zip4/welcome.jsp
1101 - https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
1102 Total external links: 43
1103
1104+ Email addresses found:
1105 Total email address found: 0
1106
1107+ Directories found:
1108 - http://ftp.respectwashington.us./legal-documents/ (403 Forbidden)
1109 - http://ftp.respectwashington.us./rw-images/ (403 Forbidden)
1110 - http://ftp.respectwashington.us./studies-and-reports/ (403 Forbidden)
1111 Total directories: 3
1112
1113+ Directory indexing found:
1114 Total directories with indexing: 0
1115
1116----------------------------------------------------------------------
1117
1118
1119 + URL to crawl: http://www.respectwashington.us.
1120 + Date: 2019-10-22
1121
1122 + Crawling URL: http://www.respectwashington.us.:
1123 + Links:
1124 + Crawling http://www.respectwashington.us.
1125 + Crawling http://www.respectwashington.us./rwhome.html
1126 + Crawling http://www.respectwashington.us./whyweneed.html
1127 + Crawling http://www.respectwashington.us./petition.html
1128 + Crawling http://www.respectwashington.us./support.html
1129 + Crawling http://www.respectwashington.us./donate.html
1130 + Crawling http://www.respectwashington.us./testimonials.html
1131 + Crawling http://www.respectwashington.us./legal-action.html
1132 + Crawling http://www.respectwashington.us./volunteer.html
1133 + Crawling http://www.respectwashington.us./contact.html
1134 + Crawling http://www.respectwashington.us./MarchPetition (404 Not Found)
1135 + Crawling http://www.respectwashington.us./
1136 + Searching for directories...
1137 - Found: http://www.respectwashington.us./rw-images/
1138 - Found: http://www.respectwashington.us./studies-and-reports/
1139 - Found: http://www.respectwashington.us./legal-documents/
1140 + Searching open folders...
1141 - http://www.respectwashington.us./rw-images/ (403 Forbidden)
1142 - http://www.respectwashington.us./studies-and-reports/ (403 Forbidden)
1143 - http://www.respectwashington.us./legal-documents/ (403 Forbidden)
1144 + Crawl finished successfully.
1145----------------------------------------------------------------------
1146Summary of http://http://www.respectwashington.us.
1147----------------------------------------------------------------------
1148+ Links crawled:
1149 - http://www.respectwashington.us.
1150 - http://www.respectwashington.us./
1151 - http://www.respectwashington.us./MarchPetition (404 Not Found)
1152 - http://www.respectwashington.us./contact.html
1153 - http://www.respectwashington.us./donate.html
1154 - http://www.respectwashington.us./legal-action.html
1155 - http://www.respectwashington.us./petition.html
1156 - http://www.respectwashington.us./rwhome.html
1157 - http://www.respectwashington.us./support.html
1158 - http://www.respectwashington.us./testimonials.html
1159 - http://www.respectwashington.us./volunteer.html
1160 - http://www.respectwashington.us./whyweneed.html
1161 Total links crawled: 12
1162
1163+ Links to files found:
1164 - http://www.respectwashington.us./001 Diaz-Garcia Child Molest INFORMATION.pdf
1165 - http://www.respectwashington.us./001 Diaz-Garcia Rape INFORMATION.pdf
1166 - http://www.respectwashington.us./001 Gomez v Spokane Complaint.pdf
1167 - http://www.respectwashington.us./022 Gomez v Spokane Status Report.pdf
1168 - http://www.respectwashington.us./BurienPolice2016Data.pdf
1169 - http://www.respectwashington.us./CheckBackInMarch.pdf
1170 - http://www.respectwashington.us./DoC2014CrimeIllegals.jpg
1171 - http://www.respectwashington.us./DoC2014CrimeIllegals.pdf
1172 - http://www.respectwashington.us./DoJ Incarcerated Aliens 2017.pdf
1173 - http://www.respectwashington.us./FAIRWA2012.pdf
1174 - http://www.respectwashington.us./GomezSettlement SR 2018.pdf
1175 - http://www.respectwashington.us./Oregoneo0722.pdf
1176 - http://www.respectwashington.us./Spokane Appellant Opening Brief.pdf
1177 - http://www.respectwashington.us./how-to-ArmstrongV2.ppt
1178 - http://www.respectwashington.us./legal-documents/DECLARSTEPHENSAG4-18-11424.pdf
1179 - http://www.respectwashington.us./legal-documents/GAO2005-478.pdf
1180 - http://www.respectwashington.us./legal-documents/KingBRIEFOPToMSJApr18.pdf
1181 - http://www.respectwashington.us./legal-documents/KingDefenseFeb2011.pdf
1182 - http://www.respectwashington.us./legal-documents/KingDismissMSJMar2011.pdf
1183 - http://www.respectwashington.us./legal-documents/KingMSJDismissDeclMar2011.pdf
1184 - http://www.respectwashington.us./legal-documents/KingReplySupportDismissMSJApr25.pdf
1185 - http://www.respectwashington.us./legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf
1186 - http://www.respectwashington.us./legal-documents/RingDeclareMar2011.pdf
1187 - http://www.respectwashington.us./legal-documents/RingMSJMar2011.pdf
1188 - http://www.respectwashington.us./legal-documents/RingOPToKingMSJDisApr18.pdf
1189 - http://www.respectwashington.us./legal-documents/RingPetitionNov2010.pdf
1190 - http://www.respectwashington.us./legal-documents/RingReplySupportMSjApr25.pdf
1191 - http://www.respectwashington.us./legal-documents/RingVRidgeMOTIONHEARING5-10-11.pdf
1192 - http://www.respectwashington.us./legal-documents/RingVRidgeOralArgs4-29-11.PDF
1193 - http://www.respectwashington.us./legal-documents/RingVRidgeOralDecTrans5-10-11.PDF
1194 - http://www.respectwashington.us./legal-documents/Ringhofer v Ridge 679708.wma
1195 - http://www.respectwashington.us./legal-documents/RinghoferPetitionReview2013.pdf
1196 - http://www.respectwashington.us./legal-documents/SpakovskyHeritage28.pdf
1197 - http://www.respectwashington.us./legal-documents/TexasHarrisCountyVoteID.pdf
1198 - http://www.respectwashington.us./legal-documents/USHouseAdmin2006Bettencourt.pdf
1199 - http://www.respectwashington.us./legal-documents/WSCADwyerOpinon12-10-12.pdf
1200 - http://www.respectwashington.us./legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf
1201 - http://www.respectwashington.us./legal-documents/WSSCAppellantReplyBrief11-14-11.pdf
1202 - http://www.respectwashington.us./legal-documents/WSSCDirectReviewGrounds6-24-11.pdf
1203 - http://www.respectwashington.us./legal-documents/WSSCOrder88293-5RinghoferVRidge.pdf
1204 - http://www.respectwashington.us./legal-documents/WSSCRespondentBrief10-5-11.pdf
1205 - http://www.respectwashington.us./legal-documents/WSSCTransfer11-21-11.pdf
1206 - http://www.respectwashington.us./rw-images/header-blue-new.jpg
1207 - http://www.respectwashington.us./rw-images/keepLegal.gif
1208 - http://www.respectwashington.us./rw-style.css
1209 - http://www.respectwashington.us./studies-and-reports/11 03 08 FINAL whitepaper.pdf
1210 - http://www.respectwashington.us./studies-and-reports/2005DHSHAudit6534.pdf
1211 - http://www.respectwashington.us./studies-and-reports/BearStearnsUnderground.pdf
1212 - http://www.respectwashington.us./studies-and-reports/FAIRCostStudyWA2012.pdf
1213 - http://www.respectwashington.us./studies-and-reports/REAL ID Not National ID Card.pdf
1214 Total links to files: 50
1215
1216+ Externals links found:
1217 - http://community.seattletimes.nwsource.com/archive/?date=20060718&slug=prisonbill18m
1218 - http://irli.org/
1219 - http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
1220 - http://seattletimes.nwsource.com/html/localnews/2014429238_apwaxgrillegalimmigrantslicenses3rdldwritethru.html
1221 - http://seattletimes.nwsource.com/html/localnews/2014643197_wagetheft31m.html
1222 - http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
1223 - http://www.alipac.us/
1224 - http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
1225 - http://www.cis.org
1226 - http://www.fairus.org/site/PageServer
1227 - http://www.familysecuritymatters.org/
1228 - http://www.familysecuritymatters.org/publications/id.9984/pub_detail.asp
1229 - http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
1230 - http://www.heritage.org/
1231 - http://www.heritage.org/Research/HealthCare/wm1714.cfm
1232 - http://www.heritage.org/Research/Immigration/bg1936.cfm
1233 - http://www.heritage.org/Research/Immigration/lm25.cfm
1234 - http://www.heritage.org/Research/Immigration/tst052107a.cfm
1235 - http://www.ice.gov/worksite/
1236 - http://www.irli.org/
1237 - http://www.judicialwatch.org/wp-content/uploads/2014/02/Judicial-Watch-Special-Illegal-Immigration-Report.pdf
1238 - http://www.kingcounty.gov/tools/inmate-lookup
1239 - http://www.legion.org/documents/legion/pdf/illegalimmigration.pdf
1240 - http://www.manhattaninstitute.org/tools/topical_index.php?topic=49
1241 - http://www.minutemanhq.com/
1242 - http://www.numbersusa.org/
1243 - http://www.ojjpac.org/sanctuary.asp
1244 - http://www.oregonir.org/
1245 - http://www.securedbordersusa.com/
1246 - http://www.sos.wa.gov/elections/initiatives/Initiatives.aspx?y=2014&t=p
1247 - http://www.soundpolitics.com/
1248 - http://www.soundpolitics.com/voterlookup.html
1249 - http://www.thesocialcontract.com/
1250 - http://www.thesocialcontract.com/artman2/publish/tsc_18_2/index.shtml
1251 - http://www.thesocialcontract.com/events/press_conf_2009apr14.html
1252 - http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
1253 - http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
1254 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
1255 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
1256 - http://www.wfir.org/
1257 - http://www.wsp.wa.gov/crime/wanted.php
1258 - http://zip4.usps.com/zip4/welcome.jsp
1259 - https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
1260 Total external links: 43
1261
1262+ Email addresses found:
1263 Total email address found: 0
1264
1265+ Directories found:
1266 - http://www.respectwashington.us./legal-documents/ (403 Forbidden)
1267 - http://www.respectwashington.us./rw-images/ (403 Forbidden)
1268 - http://www.respectwashington.us./studies-and-reports/ (403 Forbidden)
1269 Total directories: 3
1270
1271+ Directory indexing found:
1272 Total directories with indexing: 0
1273
1274----------------------------------------------------------------------
1275
1276
1277 + URL to crawl: http://mail.respectwashington.us.
1278 + Date: 2019-10-22
1279
1280 + Crawling URL: http://mail.respectwashington.us.:
1281 + Links:
1282 + Crawling http://mail.respectwashington.us.
1283 + Crawling http://mail.respectwashington.us./rwhome.html
1284 + Crawling http://mail.respectwashington.us./whyweneed.html
1285 + Crawling http://mail.respectwashington.us./petition.html
1286 + Crawling http://mail.respectwashington.us./support.html
1287 + Crawling http://mail.respectwashington.us./donate.html
1288 + Crawling http://mail.respectwashington.us./testimonials.html
1289 + Crawling http://mail.respectwashington.us./legal-action.html
1290 + Crawling http://mail.respectwashington.us./volunteer.html
1291 + Crawling http://mail.respectwashington.us./contact.html
1292 + Crawling http://mail.respectwashington.us./MarchPetition (404 Not Found)
1293 + Crawling http://mail.respectwashington.us./
1294 + Searching for directories...
1295 - Found: http://mail.respectwashington.us./rw-images/
1296 - Found: http://mail.respectwashington.us./studies-and-reports/
1297 - Found: http://mail.respectwashington.us./legal-documents/
1298 + Searching open folders...
1299 - http://mail.respectwashington.us./rw-images/ (403 Forbidden)
1300 - http://mail.respectwashington.us./studies-and-reports/ (403 Forbidden)
1301 - http://mail.respectwashington.us./legal-documents/ (403 Forbidden)
1302 + Crawl finished successfully.
1303----------------------------------------------------------------------
1304Summary of http://http://mail.respectwashington.us.
1305----------------------------------------------------------------------
1306+ Links crawled:
1307 - http://mail.respectwashington.us.
1308 - http://mail.respectwashington.us./
1309 - http://mail.respectwashington.us./MarchPetition (404 Not Found)
1310 - http://mail.respectwashington.us./contact.html
1311 - http://mail.respectwashington.us./donate.html
1312 - http://mail.respectwashington.us./legal-action.html
1313 - http://mail.respectwashington.us./petition.html
1314 - http://mail.respectwashington.us./rwhome.html
1315 - http://mail.respectwashington.us./support.html
1316 - http://mail.respectwashington.us./testimonials.html
1317 - http://mail.respectwashington.us./volunteer.html
1318 - http://mail.respectwashington.us./whyweneed.html
1319 Total links crawled: 12
1320
1321+ Links to files found:
1322 - http://mail.respectwashington.us./001 Diaz-Garcia Child Molest INFORMATION.pdf
1323 - http://mail.respectwashington.us./001 Diaz-Garcia Rape INFORMATION.pdf
1324 - http://mail.respectwashington.us./001 Gomez v Spokane Complaint.pdf
1325 - http://mail.respectwashington.us./022 Gomez v Spokane Status Report.pdf
1326 - http://mail.respectwashington.us./BurienPolice2016Data.pdf
1327 - http://mail.respectwashington.us./CheckBackInMarch.pdf
1328 - http://mail.respectwashington.us./DoC2014CrimeIllegals.jpg
1329 - http://mail.respectwashington.us./DoC2014CrimeIllegals.pdf
1330 - http://mail.respectwashington.us./DoJ Incarcerated Aliens 2017.pdf
1331 - http://mail.respectwashington.us./FAIRWA2012.pdf
1332 - http://mail.respectwashington.us./GomezSettlement SR 2018.pdf
1333 - http://mail.respectwashington.us./Oregoneo0722.pdf
1334 - http://mail.respectwashington.us./Spokane Appellant Opening Brief.pdf
1335 - http://mail.respectwashington.us./how-to-ArmstrongV2.ppt
1336 - http://mail.respectwashington.us./legal-documents/DECLARSTEPHENSAG4-18-11424.pdf
1337 - http://mail.respectwashington.us./legal-documents/GAO2005-478.pdf
1338 - http://mail.respectwashington.us./legal-documents/KingBRIEFOPToMSJApr18.pdf
1339 - http://mail.respectwashington.us./legal-documents/KingDefenseFeb2011.pdf
1340 - http://mail.respectwashington.us./legal-documents/KingDismissMSJMar2011.pdf
1341 - http://mail.respectwashington.us./legal-documents/KingMSJDismissDeclMar2011.pdf
1342 - http://mail.respectwashington.us./legal-documents/KingReplySupportDismissMSJApr25.pdf
1343 - http://mail.respectwashington.us./legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf
1344 - http://mail.respectwashington.us./legal-documents/RingDeclareMar2011.pdf
1345 - http://mail.respectwashington.us./legal-documents/RingMSJMar2011.pdf
1346 - http://mail.respectwashington.us./legal-documents/RingOPToKingMSJDisApr18.pdf
1347 - http://mail.respectwashington.us./legal-documents/RingPetitionNov2010.pdf
1348 - http://mail.respectwashington.us./legal-documents/RingReplySupportMSjApr25.pdf
1349 - http://mail.respectwashington.us./legal-documents/RingVRidgeMOTIONHEARING5-10-11.pdf
1350 - http://mail.respectwashington.us./legal-documents/RingVRidgeOralArgs4-29-11.PDF
1351 - http://mail.respectwashington.us./legal-documents/RingVRidgeOralDecTrans5-10-11.PDF
1352 - http://mail.respectwashington.us./legal-documents/Ringhofer v Ridge 679708.wma
1353 - http://mail.respectwashington.us./legal-documents/RinghoferPetitionReview2013.pdf
1354 - http://mail.respectwashington.us./legal-documents/SpakovskyHeritage28.pdf
1355 - http://mail.respectwashington.us./legal-documents/TexasHarrisCountyVoteID.pdf
1356 - http://mail.respectwashington.us./legal-documents/USHouseAdmin2006Bettencourt.pdf
1357 - http://mail.respectwashington.us./legal-documents/WSCADwyerOpinon12-10-12.pdf
1358 - http://mail.respectwashington.us./legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf
1359 - http://mail.respectwashington.us./legal-documents/WSSCAppellantReplyBrief11-14-11.pdf
1360 - http://mail.respectwashington.us./legal-documents/WSSCDirectReviewGrounds6-24-11.pdf
1361 - http://mail.respectwashington.us./legal-documents/WSSCOrder88293-5RinghoferVRidge.pdf
1362 - http://mail.respectwashington.us./legal-documents/WSSCRespondentBrief10-5-11.pdf
1363 - http://mail.respectwashington.us./legal-documents/WSSCTransfer11-21-11.pdf
1364 - http://mail.respectwashington.us./rw-images/header-blue-new.jpg
1365 - http://mail.respectwashington.us./rw-images/keepLegal.gif
1366 - http://mail.respectwashington.us./rw-style.css
1367 - http://mail.respectwashington.us./studies-and-reports/11 03 08 FINAL whitepaper.pdf
1368 - http://mail.respectwashington.us./studies-and-reports/2005DHSHAudit6534.pdf
1369 - http://mail.respectwashington.us./studies-and-reports/BearStearnsUnderground.pdf
1370 - http://mail.respectwashington.us./studies-and-reports/FAIRCostStudyWA2012.pdf
1371 - http://mail.respectwashington.us./studies-and-reports/REAL ID Not National ID Card.pdf
1372 Total links to files: 50
1373
1374+ Externals links found:
1375 - http://community.seattletimes.nwsource.com/archive/?date=20060718&slug=prisonbill18m
1376 - http://irli.org/
1377 - http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
1378 - http://seattletimes.nwsource.com/html/localnews/2014429238_apwaxgrillegalimmigrantslicenses3rdldwritethru.html
1379 - http://seattletimes.nwsource.com/html/localnews/2014643197_wagetheft31m.html
1380 - http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
1381 - http://www.alipac.us/
1382 - http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
1383 - http://www.cis.org
1384 - http://www.fairus.org/site/PageServer
1385 - http://www.familysecuritymatters.org/
1386 - http://www.familysecuritymatters.org/publications/id.9984/pub_detail.asp
1387 - http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
1388 - http://www.heritage.org/
1389 - http://www.heritage.org/Research/HealthCare/wm1714.cfm
1390 - http://www.heritage.org/Research/Immigration/bg1936.cfm
1391 - http://www.heritage.org/Research/Immigration/lm25.cfm
1392 - http://www.heritage.org/Research/Immigration/tst052107a.cfm
1393 - http://www.ice.gov/worksite/
1394 - http://www.irli.org/
1395 - http://www.judicialwatch.org/wp-content/uploads/2014/02/Judicial-Watch-Special-Illegal-Immigration-Report.pdf
1396 - http://www.kingcounty.gov/tools/inmate-lookup
1397 - http://www.legion.org/documents/legion/pdf/illegalimmigration.pdf
1398 - http://www.manhattaninstitute.org/tools/topical_index.php?topic=49
1399 - http://www.minutemanhq.com/
1400 - http://www.numbersusa.org/
1401 - http://www.ojjpac.org/sanctuary.asp
1402 - http://www.oregonir.org/
1403 - http://www.securedbordersusa.com/
1404 - http://www.sos.wa.gov/elections/initiatives/Initiatives.aspx?y=2014&t=p
1405 - http://www.soundpolitics.com/
1406 - http://www.soundpolitics.com/voterlookup.html
1407 - http://www.thesocialcontract.com/
1408 - http://www.thesocialcontract.com/artman2/publish/tsc_18_2/index.shtml
1409 - http://www.thesocialcontract.com/events/press_conf_2009apr14.html
1410 - http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
1411 - http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
1412 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
1413 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
1414 - http://www.wfir.org/
1415 - http://www.wsp.wa.gov/crime/wanted.php
1416 - http://zip4.usps.com/zip4/welcome.jsp
1417 - https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
1418 Total external links: 43
1419
1420+ Email addresses found:
1421 Total email address found: 0
1422
1423+ Directories found:
1424 - http://mail.respectwashington.us./legal-documents/ (403 Forbidden)
1425 - http://mail.respectwashington.us./rw-images/ (403 Forbidden)
1426 - http://mail.respectwashington.us./studies-and-reports/ (403 Forbidden)
1427 Total directories: 3
1428
1429+ Directory indexing found:
1430 Total directories with indexing: 0
1431
1432----------------------------------------------------------------------
1433
1434
1435 + URL to crawl: http://respectwashington.us
1436 + Date: 2019-10-22
1437
1438 + Crawling URL: http://respectwashington.us:
1439 + Links:
1440 + Crawling http://respectwashington.us
1441 + Crawling http://respectwashington.us/rwhome.html
1442 + Crawling http://respectwashington.us/whyweneed.html
1443 + Crawling http://respectwashington.us/petition.html
1444 + Crawling http://respectwashington.us/support.html
1445 + Crawling http://respectwashington.us/donate.html
1446 + Crawling http://respectwashington.us/testimonials.html
1447 + Crawling http://respectwashington.us/legal-action.html
1448 + Crawling http://respectwashington.us/volunteer.html
1449 + Crawling http://respectwashington.us/contact.html
1450 + Crawling http://respectwashington.us/MarchPetition (404 Not Found)
1451 + Crawling http://respectwashington.us/
1452 + Searching for directories...
1453 - Found: http://respectwashington.us/rw-images/
1454 - Found: http://respectwashington.us/studies-and-reports/
1455 - Found: http://respectwashington.us/legal-documents/
1456 + Searching open folders...
1457 - http://respectwashington.us/rw-images/ (403 Forbidden)
1458 - http://respectwashington.us/studies-and-reports/ (403 Forbidden)
1459 - http://respectwashington.us/legal-documents/ (403 Forbidden)
1460 + Crawl finished successfully.
1461----------------------------------------------------------------------
1462Summary of http://http://respectwashington.us
1463----------------------------------------------------------------------
1464+ Links crawled:
1465 - http://respectwashington.us
1466 - http://respectwashington.us/
1467 - http://respectwashington.us/MarchPetition (404 Not Found)
1468 - http://respectwashington.us/contact.html
1469 - http://respectwashington.us/donate.html
1470 - http://respectwashington.us/legal-action.html
1471 - http://respectwashington.us/petition.html
1472 - http://respectwashington.us/rwhome.html
1473 - http://respectwashington.us/support.html
1474 - http://respectwashington.us/testimonials.html
1475 - http://respectwashington.us/volunteer.html
1476 - http://respectwashington.us/whyweneed.html
1477 Total links crawled: 12
1478
1479+ Links to files found:
1480 - http://respectwashington.us/001 Diaz-Garcia Child Molest INFORMATION.pdf
1481 - http://respectwashington.us/001 Diaz-Garcia Rape INFORMATION.pdf
1482 - http://respectwashington.us/001 Gomez v Spokane Complaint.pdf
1483 - http://respectwashington.us/022 Gomez v Spokane Status Report.pdf
1484 - http://respectwashington.us/BurienPolice2016Data.pdf
1485 - http://respectwashington.us/CheckBackInMarch.pdf
1486 - http://respectwashington.us/DoC2014CrimeIllegals.jpg
1487 - http://respectwashington.us/DoC2014CrimeIllegals.pdf
1488 - http://respectwashington.us/DoJ Incarcerated Aliens 2017.pdf
1489 - http://respectwashington.us/FAIRWA2012.pdf
1490 - http://respectwashington.us/GomezSettlement SR 2018.pdf
1491 - http://respectwashington.us/Oregoneo0722.pdf
1492 - http://respectwashington.us/Spokane Appellant Opening Brief.pdf
1493 - http://respectwashington.us/how-to-ArmstrongV2.ppt
1494 - http://respectwashington.us/legal-documents/DECLARSTEPHENSAG4-18-11424.pdf
1495 - http://respectwashington.us/legal-documents/GAO2005-478.pdf
1496 - http://respectwashington.us/legal-documents/KingBRIEFOPToMSJApr18.pdf
1497 - http://respectwashington.us/legal-documents/KingDefenseFeb2011.pdf
1498 - http://respectwashington.us/legal-documents/KingDismissMSJMar2011.pdf
1499 - http://respectwashington.us/legal-documents/KingMSJDismissDeclMar2011.pdf
1500 - http://respectwashington.us/legal-documents/KingReplySupportDismissMSJApr25.pdf
1501 - http://respectwashington.us/legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf
1502 - http://respectwashington.us/legal-documents/RingDeclareMar2011.pdf
1503 - http://respectwashington.us/legal-documents/RingMSJMar2011.pdf
1504 - http://respectwashington.us/legal-documents/RingOPToKingMSJDisApr18.pdf
1505 - http://respectwashington.us/legal-documents/RingPetitionNov2010.pdf
1506 - http://respectwashington.us/legal-documents/RingReplySupportMSjApr25.pdf
1507 - http://respectwashington.us/legal-documents/RingVRidgeMOTIONHEARING5-10-11.pdf
1508 - http://respectwashington.us/legal-documents/RingVRidgeOralArgs4-29-11.PDF
1509 - http://respectwashington.us/legal-documents/RingVRidgeOralDecTrans5-10-11.PDF
1510 - http://respectwashington.us/legal-documents/Ringhofer v Ridge 679708.wma
1511 - http://respectwashington.us/legal-documents/RinghoferPetitionReview2013.pdf
1512 - http://respectwashington.us/legal-documents/SpakovskyHeritage28.pdf
1513 - http://respectwashington.us/legal-documents/TexasHarrisCountyVoteID.pdf
1514 - http://respectwashington.us/legal-documents/USHouseAdmin2006Bettencourt.pdf
1515 - http://respectwashington.us/legal-documents/WSCADwyerOpinon12-10-12.pdf
1516 - http://respectwashington.us/legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf
1517 - http://respectwashington.us/legal-documents/WSSCAppellantReplyBrief11-14-11.pdf
1518 - http://respectwashington.us/legal-documents/WSSCDirectReviewGrounds6-24-11.pdf
1519 - http://respectwashington.us/legal-documents/WSSCOrder88293-5RinghoferVRidge.pdf
1520 - http://respectwashington.us/legal-documents/WSSCRespondentBrief10-5-11.pdf
1521 - http://respectwashington.us/legal-documents/WSSCTransfer11-21-11.pdf
1522 - http://respectwashington.us/rw-images/header-blue-new.jpg
1523 - http://respectwashington.us/rw-images/keepLegal.gif
1524 - http://respectwashington.us/rw-style.css
1525 - http://respectwashington.us/studies-and-reports/11 03 08 FINAL whitepaper.pdf
1526 - http://respectwashington.us/studies-and-reports/2005DHSHAudit6534.pdf
1527 - http://respectwashington.us/studies-and-reports/BearStearnsUnderground.pdf
1528 - http://respectwashington.us/studies-and-reports/FAIRCostStudyWA2012.pdf
1529 - http://respectwashington.us/studies-and-reports/REAL ID Not National ID Card.pdf
1530 Total links to files: 50
1531
1532+ Externals links found:
1533 - http://community.seattletimes.nwsource.com/archive/?date=20060718&slug=prisonbill18m
1534 - http://irli.org/
1535 - http://komonews.com/news/local/charges-woman-bludgeoned-raped-at-burien-apartment-complex
1536 - http://seattletimes.nwsource.com/html/localnews/2014429238_apwaxgrillegalimmigrantslicenses3rdldwritethru.html
1537 - http://seattletimes.nwsource.com/html/localnews/2014643197_wagetheft31m.html
1538 - http://wei.secstate.wa.gov/osos/en/voterinformation/Pages/RegistertoVote.aspx
1539 - http://www.alipac.us/
1540 - http://www.burienwa.gov/AgendaCenter/ViewFile/Agenda/_04242017-336
1541 - http://www.cis.org
1542 - http://www.fairus.org/site/PageServer
1543 - http://www.familysecuritymatters.org/
1544 - http://www.familysecuritymatters.org/publications/id.9984/pub_detail.asp
1545 - http://www.foxnews.com/us/2017/08/02/dreamer-accused-brutally-raping-woman-in-washington.html
1546 - http://www.heritage.org/
1547 - http://www.heritage.org/Research/HealthCare/wm1714.cfm
1548 - http://www.heritage.org/Research/Immigration/bg1936.cfm
1549 - http://www.heritage.org/Research/Immigration/lm25.cfm
1550 - http://www.heritage.org/Research/Immigration/tst052107a.cfm
1551 - http://www.ice.gov/worksite/
1552 - http://www.irli.org/
1553 - http://www.judicialwatch.org/wp-content/uploads/2014/02/Judicial-Watch-Special-Illegal-Immigration-Report.pdf
1554 - http://www.kingcounty.gov/tools/inmate-lookup
1555 - http://www.legion.org/documents/legion/pdf/illegalimmigration.pdf
1556 - http://www.manhattaninstitute.org/tools/topical_index.php?topic=49
1557 - http://www.minutemanhq.com/
1558 - http://www.numbersusa.org/
1559 - http://www.ojjpac.org/sanctuary.asp
1560 - http://www.oregonir.org/
1561 - http://www.securedbordersusa.com/
1562 - http://www.sos.wa.gov/elections/initiatives/Initiatives.aspx?y=2014&t=p
1563 - http://www.soundpolitics.com/
1564 - http://www.soundpolitics.com/voterlookup.html
1565 - http://www.thesocialcontract.com/
1566 - http://www.thesocialcontract.com/artman2/publish/tsc_18_2/index.shtml
1567 - http://www.thesocialcontract.com/events/press_conf_2009apr14.html
1568 - http://www.thesocialcontract.com/reports/eitc_2011apr/earned-income-tax-credit-2011apr.html
1569 - http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=31b3ab0a43b5d010VgnVCM10000048f3d6a1RCRD&vgnextchannel=db029c7755cb9010VgnVCM10000045f3d6a1RCRD
1570 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=1721c2ec0c7c8110VgnVCM1000004718190aRCRD&vgnextchannel=1721c2ec0c7c8110VgnVCM1000004718190aRCRD
1571 - http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=75bce2e261405110VgnVCM1000004718190aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD
1572 - http://www.wfir.org/
1573 - http://www.wsp.wa.gov/crime/wanted.php
1574 - http://zip4.usps.com/zip4/welcome.jsp
1575 - https://cis.org/Jessica-Vaughan-Discusses-Illegal-Aliens-Prisons
1576 Total external links: 43
1577
1578+ Email addresses found:
1579 - info@respectwashington.us
1580 Total email address found: 1
1581
1582+ Directories found:
1583 - http://respectwashington.us/legal-documents/ (403 Forbidden)
1584 - http://respectwashington.us/rw-images/ (403 Forbidden)
1585 - http://respectwashington.us/studies-and-reports/ (403 Forbidden)
1586 Total directories: 3
1587
1588+ Directory indexing found:
1589 Total directories with indexing: 0
1590
1591----------------------------------------------------------------------
1592
1593
1594 + URL to crawl: https://ftp.respectwashington.us.
1595 + Date: 2019-10-22
1596
1597 + Crawling URL: https://ftp.respectwashington.us.:
1598 + Links:
1599 + Crawling https://ftp.respectwashington.us.
1600 + Searching for directories...
1601 + Searching open folders...
1602
1603
1604 + URL to crawl: https://www.respectwashington.us.
1605 + Date: 2019-10-22
1606
1607 + Crawling URL: https://www.respectwashington.us.:
1608 + Links:
1609 + Crawling https://www.respectwashington.us.
1610 + Searching for directories...
1611 + Searching open folders...
1612
1613
1614 + URL to crawl: https://mail.respectwashington.us.
1615 + Date: 2019-10-22
1616
1617 + Crawling URL: https://mail.respectwashington.us.:
1618 + Links:
1619 + Crawling https://mail.respectwashington.us.
1620 + Searching for directories...
1621 + Searching open folders...
1622
1623
1624 + URL to crawl: https://respectwashington.us
1625 + Date: 2019-10-22
1626
1627 + Crawling URL: https://respectwashington.us:
1628 + Links:
1629 + Crawling https://respectwashington.us (403 Forbidden)
1630 + Searching for directories...
1631 + Searching open folders...
1632
1633--Finished--
1634Summary information for domain respectwashington.us.
1635-----------------------------------------
1636 Domain Specific Information:
1637 Email: craig@respectwashington.us]
1638
1639 Domain Ips Information:
1640 IP: 216.218.131.2
1641 HostName: ns2.he.net Type: NS
1642 HostName: ns2.he.net Type: PTR
1643 Country: United States
1644 Is Active: True (echo-reply ttl 57)
1645 Port: 53/tcp open domain syn-ack ttl 57 PowerDNS 3.3 or later
1646 Script Info: | dns-nsid:
1647 Script Info: | NSID: ns2.he.net (6e73322e68652e6e6574)
1648 Script Info: | id.server: ns2.he.net
1649 Script Info: |_ bind.version: Served by PowerDNS - https://www.powerdns.com/
1650 IP: 65.49.16.26
1651 HostName: respectwashington.us Type: MX
1652 HostName: respectwashington.us Type: PTR
1653 HostName: www.respectwashington.us. Type: A
1654 HostName: ftp.respectwashington.us. Type: A
1655 HostName: mail.respectwashington.us. Type: A
1656 Country: United States
1657 Is Active: True (reset ttl 64)
1658 Port: 80/tcp open http syn-ack ttl 53 Apache httpd 2.4.18 ((Ubuntu))
1659 Script Info: | http-methods:
1660 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1661 Script Info: |_http-server-header: Apache/2.4.18 (Ubuntu)
1662 Script Info: |_http-title: RespectWashington
1663 Port: 110/tcp open pop3 syn-ack ttl 53 Dovecot pop3d
1664 Script Info: |_pop3-capabilities: TOP CAPA UIDL USER PIPELINING SASL(PLAIN LOGIN) RESP-CODES STLS AUTH-RESP-CODE
1665 Script Info: |_ssl-date: TLS randomness does not represent time
1666 Port: 143/tcp open imap syn-ack ttl 53 Dovecot imapd
1667 Script Info: |_imap-capabilities: STARTTLS AUTH=PLAIN capabilities more listed IMAP4rev1 Pre-login LOGIN-REFERRALS SASL-IR OK post-login AUTH=LOGINA0001 IDLE have ENABLE ID LITERAL+
1668 Script Info: |_ssl-date: TLS randomness does not represent time
1669 Port: 443/tcp open ssl/http syn-ack ttl 53 Apache httpd 2.4.18
1670 Script Info: | http-methods:
1671 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1672 Script Info: |_http-server-header: Apache/2.4.18 (Ubuntu)
1673 Script Info: |_http-title: 400 Bad Request
1674 Script Info: | ssl-cert: Subject: commonName=respectwashington.us
1675 Script Info: | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
1676 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1677 Script Info: | Public Key type: rsa
1678 Script Info: | Public Key bits: 2048
1679 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1680 Script Info: | Not valid before: 2019-09-23T10:50:34
1681 Script Info: | Not valid after: 2019-12-22T10:50:34
1682 Script Info: | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
1683 Script Info: |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
1684 Script Info: |_ssl-date: TLS randomness does not represent time
1685 Script Info: | tls-alpn:
1686 Script Info: |_ http/1.1
1687 Port: 465/tcp open ssl/smtp syn-ack ttl 53 Postfix smtpd
1688 Script Info: |_smtp-commands: Couldn't establish connection on port 465
1689 Script Info: | ssl-cert: Subject: commonName=respectwashington.us
1690 Script Info: | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
1691 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1692 Script Info: | Public Key type: rsa
1693 Script Info: | Public Key bits: 2048
1694 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1695 Script Info: | Not valid before: 2019-09-23T10:50:34
1696 Script Info: | Not valid after: 2019-12-22T10:50:34
1697 Script Info: | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
1698 Script Info: |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
1699 Script Info: |_ssl-date: TLS randomness does not represent time
1700 Port: 587/tcp open smtp syn-ack ttl 53 Postfix smtpd
1701 Script Info: |_smtp-commands: respectwashington.us Hello nmap.scanme.org, STARTTLS, HELP,
1702 Script Info: | ssl-cert: Subject: commonName=respectwashington.us
1703 Script Info: | Subject Alternative Name: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
1704 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1705 Script Info: | Public Key type: rsa
1706 Script Info: | Public Key bits: 2048
1707 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1708 Script Info: | Not valid before: 2019-09-23T10:50:34
1709 Script Info: | Not valid after: 2019-12-22T10:50:34
1710 Script Info: | MD5: 9c61 f3dc 6487 544c de9e 4197 e08a 5fa7
1711 Script Info: |_SHA-1: f98a 5fd3 ac38 2278 6c2f 81cf 471a e5b9 4540 febf
1712 Script Info: |_ssl-date: TLS randomness does not represent time
1713 Port: 993/tcp open ssl/imaps? syn-ack ttl 53
1714 Script Info: |_ssl-date: TLS randomness does not represent time
1715 Port: 995/tcp open ssl/pop3s? syn-ack ttl 53
1716 Script Info: |_ssl-date: TLS randomness does not represent time
1717 Os Info: Hosts: www.respectwashington.us, respectwashington.us
1718 IP: 216.218.130.2
1719 HostName: ns1.he.net Type: NS
1720 HostName: ns1.he.net Type: PTR
1721 Country: United States
1722 Is Active: True (reset ttl 64)
1723 Port: 53/tcp open domain syn-ack ttl 57 PowerDNS 3.3 or later
1724 Script Info: | dns-nsid:
1725 Script Info: | NSID: ns1.he.net (6e73312e68652e6e6574)
1726 Script Info: | id.server: ns1.he.net
1727 Script Info: |_ bind.version: Served by PowerDNS - https://www.powerdns.com/
1728#######################################################################################################################################
1729dnsenum VERSION:1.2.6
1730
1731----- www.respectwashington.us -----
1732
1733
1734Host's addresses:
1735__________________
1736
1737respectwashington.us. 84126 IN A 65.49.16.26
1738
1739
1740Name Servers:
1741______________
1742
1743ns2.he.net. 85380 IN A 216.218.131.2
1744ns1.he.net. 84853 IN A 216.218.130.2
1745
1746
1747Mail (MX) Servers:
1748___________________
1749
1750respectwashington.us. 84125 IN A 65.49.16.26
1751
1752
1753Trying Zone Transfers and getting Bind Versions:
1754_________________________________________________
1755
1756
1757Trying Zone Transfer for www.respectwashington.us on ns2.he.net ...
1758
1759Trying Zone Transfer for www.respectwashington.us on ns1.he.net ...
1760
1761
1762Brute forcing with /usr/share/dnsenum/dns.txt:
1763_______________________________________________
1764
1765
1766
1767www.respectwashington.us class C netranges:
1768____________________________________________
1769
1770
1771
1772Performing reverse lookup on 0 ip addresses:
1773_____________________________________________
1774
1775
17760 results out of 0 IP addresses.
1777
1778
1779www.respectwashington.us ip blocks:
1780____________________________________
1781######################################################################################################################################
1782[3/100] http://www.respectwashington.us/BurienPolice2016Data.pdf
1783[4/100] http://www.respectwashington.us/BurienPetition.pdf
1784[5/100] http://www.respectwashington.us/FAIRWA2012.pdf
1785[6/100] http://www.respectwashington.us/legal-documents/TexasHarrisCountyVoteID.pdf
1786 [x] Error in the parsing process
1787[7/100] http://www.respectwashington.us/Oregoneo0722.pdf
1788[8/100] http://www.respectwashington.us/legal-documents/RingMSJMar2011.pdf
1789 [x] Error in PDF metadata Creator
1790[9/100] http://www.respectwashington.us/legal-documents/KingDismissMSJMar2011.pdf
1791 [x] Error in PDF metadata Creator
1792[10/100] http://www.respectwashington.us/legal-documents/RingDeclareMar2011.pdf
1793 [x] Error in PDF metadata Creator
1794[11/100] http://www.respectwashington.us/legal-documents/KingDefenseFeb2011.pdf
1795 [x] Error in PDF metadata Creator
1796[12/100] http://www.respectwashington.us/legal-documents/SpakovskyHeritage28.pdf
1797[13/100] http://www.respectwashington.us/legal-documents/USHouseAdmin2006Bettencourt.pdf
1798[14/100] http://www.respectwashington.us/legal-documents/KingMSJDismissDeclMar2011.pdf
1799 [x] Error in PDF metadata Creator
1800[15/100] http://www.respectwashington.us/legal-documents/RingPetitionNov2010.pdf
1801 [x] Error in PDF metadata Creator
1802[16/100] http://www.respectwashington.us/legal-documents/GAO2005-478.pdf
1803[17/100] http://www.respectwashington.us/legal-documents/KingReplySupportDismissMSJApr25.pdf
1804 [x] Error in PDF metadata Creator
1805[18/100] http://www.respectwashington.us/studies-and-reports/BearStearnsUnderground.pdf
1806[19/100] http://www.respectwashington.us/studies-and-reports/2005DHSHAudit6534.pdf
1807[20/100] http://www.respectwashington.us/legal-documents/WSCADwyerOpinon12-10-12.pdf
1808[21/100] http://www.respectwashington.us/legal-documents/WSSCDirectReviewGrounds6-24-11.pdf
1809[22/100] http://www.respectwashington.us/GomezSettlement%2520SR%25202018.pdf
1810 [x] Error in the parsing process
1811[23/100] http://www.respectwashington.us/legal-documents/WSSCTransfer11-21-11.pdf
1812 [x] Error in the parsing process
1813[24/100] http://www.respectwashington.us/legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf
1814 [x] Error in PDF metadata Creator
1815[25/100] http://www.respectwashington.us/legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf
1816[26/100] http://www.respectwashington.us/legal-documents/DECLARSTEPHENSAG4-18-11424.pdf
1817 [x] Error in PDF metadata Creator
1818[27/100] http://www.respectwashington.us/Spokane%2520Appellant%2520Opening%2520Brief.pdf
1819 [x] Error in the parsing process
1820[28/100] http://www.respectwashington.us/DoJ%2520Incarcerated%2520Aliens%25202017.pdf
1821 [x] Error in the parsing process
1822[29/100] http://www.respectwashington.us/001%2520Diaz-Garcia%2520Rape%2520INFORMATION.pdf
1823 [x] Error in the parsing process
1824[30/100] http://www.respectwashington.us/DoC2014CrimeIllegals.pdf
1825[31/100] http://www.respectwashington.us/001%2520Gomez%2520v%2520Spokane%2520Complaint.pdf
1826-------------------------------------------------------------------------------------------------
1827
1828[+] List of users found:
1829-------------------------------------------------------------------------------------------------
1830Scott Greenberg
1831buglassr
1832Tax Office
1833U.S. Government Accountability Office, http://www.gao.gov
1834nlederer
1835wallera
1836
1837[+] List of software found:
1838-------------------------------------------------------------------------------------------------
1839Adobe PDF Library 15.0
1840Acrobat PDFMaker 15 for Word
1841Adobe PDF Library 9.9
1842Adobe InDesign CS5 (7.0)
1843QuarkXPress(R) 8.16
1844Adobe Acrobat 7.05 Paper Capture Plug-in
1845Adobe Acrobat 7.05
1846Acrobat Distiller 5.0 (Windows)
1847FrameMaker 7.0
1848Acrobat Distiller 6.0 (Windows)
1849Acrobat PDFMaker 6.0 for Word
1850Acrobat Distiller 5.0.5 (Windows)
1851Acrobat PDFMaker 5.0 for Word
1852activePDF Toolkit (www.activepdf.com)
1853PScript5.dll Version 5.2
1854Adobe PDF Scan Library 3.1
1855ScandAll PRO V2.0.1
1856Canon iR3245 PDF
1857
1858[+] List of paths and servers found:
1859-------------------------------------------------------------------------------------------------
1860
1861[+] List of e-mails found:
1862-------------------------------------------------------------------------------------------------
1863merer@ki
1864JenkinsWO@gao.gov.
1865jenkinswo@gao.gov.
1866fraudnet@gao.gov
1867JarmonG@gao.gov
1868AndersonP1@gao.gov
1869s@g
1870l@k
1871######################################################################################################################################
1872[*] Processing domain www.respectwashington.us
1873[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1874[+] Getting nameservers
1875216.218.131.2 - ns2.he.net
1876216.218.130.2 - ns1.he.net
1877[-] Zone transfer failed
1878
1879[+] MX records found, added to target list
18801 respectwashington.us.
1881
1882[*] Scanning www.respectwashington.us for A records
188365.49.16.26 - www.respectwashington.us
1884######################################################################################################################################
1885Privileges have been dropped to "nobody:nogroup" for security reasons.
1886
1887Processed queries: 0
1888Received packets: 0
1889Progress: 0.00% (00 h 00 min 00 sec / 00 h 00 min 00 sec)
1890Current incoming rate: 0 pps, average: 0 pps
1891Current success rate: 0 pps, average: 0 pps
1892Finished total: 0, success: 0 (0.00%)
1893Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
1894Failures: 0: 0.00%, 1: 0.00%, 2: 0.00%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1895Response: | Success: | Total:
1896OK: | 0 ( 0.00%) | 0 ( 0.00%)
1897NXDOMAIN: | 0 ( 0.00%) | 0 ( 0.00%)
1898SERVFAIL: | 0 ( 0.00%) | 0 ( 0.00%)
1899REFUSED: | 0 ( 0.00%) | 0 ( 0.00%)
1900FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1901
1902
1903
1904Processed queries: 1919
1905Received packets: 318
1906Progress: 100.00% (00 h 00 min 01 sec / 00 h 00 min 01 sec)
1907Current incoming rate: 317 pps, average: 317 pps
1908Current success rate: 233 pps, average: 233 pps
1909Finished total: 234, success: 234 (100.00%)
1910Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
1911Failures: 0: 35.04%, 1: 750.43%, 2: 34.62%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1912Response: | Success: | Total:
1913OK: | 23 ( 9.83%) | 23 ( 7.30%)
1914NXDOMAIN: | 202 ( 86.32%) | 202 ( 64.13%)
1915SERVFAIL: | 9 ( 3.85%) | 9 ( 2.86%)
1916REFUSED: | 0 ( 0.00%) | 81 ( 25.71%)
1917FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1918
1919
1920
1921Processed queries: 1919
1922Received packets: 702
1923Progress: 100.00% (00 h 00 min 02 sec / 00 h 00 min 02 sec)
1924Current incoming rate: 383 pps, average: 350 pps
1925Current success rate: 279 pps, average: 256 pps
1926Finished total: 514, success: 514 (100.00%)
1927Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
1928Failures: 0: 15.95%, 1: 29.57%, 2: 26.46%, 3: 265.56%, 4: 35.80%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1929Response: | Success: | Total:
1930OK: | 46 ( 8.95%) | 46 ( 6.59%)
1931NXDOMAIN: | 449 ( 87.35%) | 449 ( 64.33%)
1932SERVFAIL: | 19 ( 3.70%) | 19 ( 2.72%)
1933REFUSED: | 0 ( 0.00%) | 184 ( 26.36%)
1934FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1935
1936
1937
1938Processed queries: 1919
1939Received packets: 1083
1940Progress: 100.00% (00 h 00 min 03 sec / 00 h 00 min 03 sec)
1941Current incoming rate: 380 pps, average: 360 pps
1942Current success rate: 264 pps, average: 259 pps
1943Finished total: 779, success: 779 (100.00%)
1944Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
1945Failures: 0: 10.53%, 1: 19.51%, 2: 17.46%, 3: 18.49%, 4: 18.23%, 5: 124.52%, 6: 37.61%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1946Response: | Success: | Total:
1947OK: | 63 ( 8.09%) | 63 ( 5.86%)
1948NXDOMAIN: | 687 ( 88.19%) | 687 ( 63.91%)
1949SERVFAIL: | 29 ( 3.72%) | 29 ( 2.70%)
1950REFUSED: | 0 ( 0.00%) | 296 ( 27.53%)
1951FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1952
1953
1954
1955Processed queries: 1919
1956Received packets: 1477
1957Progress: 100.00% (00 h 00 min 04 sec / 00 h 00 min 04 sec)
1958Current incoming rate: 393 pps, average: 368 pps
1959Current success rate: 227 pps, average: 251 pps
1960Finished total: 1007, success: 1007 (100.00%)
1961Mismatched domains: 77 (5.25%), IDs: 0 (0.00%)
1962Failures: 0: 8.14%, 1: 15.09%, 2: 13.51%, 3: 14.30%, 4: 14.10%, 5: 12.71%, 6: 13.41%, 7: 65.34%, 8: 32.97%, 9: 0.99%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1963Response: | Success: | Total:
1964OK: | 85 ( 8.44%) | 93 ( 6.34%)
1965NXDOMAIN: | 888 ( 88.18%) | 936 ( 63.85%)
1966SERVFAIL: | 34 ( 3.38%) | 35 ( 2.39%)
1967REFUSED: | 0 ( 0.00%) | 402 ( 27.42%)
1968FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1969
1970
1971
1972Processed queries: 1919
1973Received packets: 1862
1974Progress: 100.00% (00 h 00 min 05 sec / 00 h 00 min 05 sec)
1975Current incoming rate: 384 pps, average: 371 pps
1976Current success rate: 152 pps, average: 231 pps
1977Finished total: 1160, success: 1160 (100.00%)
1978Mismatched domains: 269 (14.53%), IDs: 0 (0.00%)
1979Failures: 0: 7.07%, 1: 13.10%, 2: 11.72%, 3: 12.41%, 4: 12.24%, 5: 11.03%, 6: 11.64%, 7: 6.47%, 8: 5.86%, 9: 45.95%, 10: 26.64%, 11: 1.29%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1980Response: | Success: | Total:
1981OK: | 101 ( 8.71%) | 124 ( 6.70%)
1982NXDOMAIN: | 1021 ( 88.02%) | 1201 ( 64.88%)
1983SERVFAIL: | 38 ( 3.28%) | 43 ( 2.32%)
1984REFUSED: | 0 ( 0.00%) | 483 ( 26.09%)
1985FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
1986
1987
1988
1989Processed queries: 1919
1990Received packets: 2267
1991Progress: 100.00% (00 h 00 min 06 sec / 00 h 00 min 06 sec)
1992Current incoming rate: 404 pps, average: 377 pps
1993Current success rate: 141 pps, average: 216 pps
1994Finished total: 1302, success: 1302 (100.00%)
1995Mismatched domains: 464 (20.59%), IDs: 0 (0.00%)
1996Failures: 0: 6.30%, 1: 11.67%, 2: 10.45%, 3: 11.06%, 4: 10.91%, 5: 9.83%, 6: 10.37%, 7: 5.76%, 8: 5.22%, 9: 6.30%, 10: 5.38%, 11: 30.49%, 12: 21.66%, 13: 2.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
1997Response: | Success: | Total:
1998OK: | 111 ( 8.53%) | 148 ( 6.57%)
1999NXDOMAIN: | 1149 ( 88.25%) | 1449 ( 64.29%)
2000SERVFAIL: | 42 ( 3.23%) | 54 ( 2.40%)
2001REFUSED: | 0 ( 0.00%) | 603 ( 26.75%)
2002FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2003
2004
2005
2006Processed queries: 1919
2007Received packets: 2686
2008Progress: 100.00% (00 h 00 min 07 sec / 00 h 00 min 07 sec)
2009Current incoming rate: 418 pps, average: 383 pps
2010Current success rate: 168 pps, average: 209 pps
2011Finished total: 1471, success: 1471 (100.00%)
2012Mismatched domains: 678 (25.38%), IDs: 0 (0.00%)
2013Failures: 0: 5.57%, 1: 10.33%, 2: 9.25%, 3: 9.79%, 4: 9.65%, 5: 8.70%, 6: 9.18%, 7: 5.10%, 8: 4.62%, 9: 5.57%, 10: 4.76%, 11: 5.37%, 12: 4.55%, 13: 20.46%, 14: 15.43%, 15: 2.11%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2014Response: | Success: | Total:
2015OK: | 125 ( 8.50%) | 174 ( 6.51%)
2016NXDOMAIN: | 1296 ( 88.10%) | 1735 ( 64.96%)
2017SERVFAIL: | 50 ( 3.40%) | 70 ( 2.62%)
2018REFUSED: | 0 ( 0.00%) | 692 ( 25.91%)
2019FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2020
2021
2022
2023Processed queries: 1919
2024Received packets: 3091
2025Progress: 100.00% (00 h 00 min 08 sec / 00 h 00 min 08 sec)
2026Current incoming rate: 404 pps, average: 385 pps
2027Current success rate: 76 pps, average: 193 pps
2028Finished total: 1548, success: 1548 (100.00%)
2029Mismatched domains: 971 (31.63%), IDs: 0 (0.00%)
2030Failures: 0: 5.30%, 1: 9.82%, 2: 8.79%, 3: 9.30%, 4: 9.17%, 5: 8.27%, 6: 8.72%, 7: 4.84%, 8: 4.39%, 9: 5.30%, 10: 4.52%, 11: 5.10%, 12: 4.33%, 13: 5.75%, 14: 3.29%, 15: 12.14%, 16: 12.40%, 17: 2.52%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2031Response: | Success: | Total:
2032OK: | 129 ( 8.33%) | 189 ( 6.16%)
2033NXDOMAIN: | 1368 ( 88.37%) | 1999 ( 65.11%)
2034SERVFAIL: | 51 ( 3.29%) | 79 ( 2.57%)
2035REFUSED: | 0 ( 0.00%) | 803 ( 26.16%)
2036FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2037
2038
2039
2040Processed queries: 1919
2041Received packets: 3499
2042Progress: 100.00% (00 h 00 min 09 sec / 00 h 00 min 09 sec)
2043Current incoming rate: 407 pps, average: 388 pps
2044Current success rate: 95 pps, average: 182 pps
2045Finished total: 1644, success: 1644 (100.00%)
2046Mismatched domains: 1251 (36.03%), IDs: 0 (0.00%)
2047Failures: 0: 4.99%, 1: 9.25%, 2: 8.27%, 3: 8.76%, 4: 8.64%, 5: 7.79%, 6: 8.21%, 7: 4.56%, 8: 4.14%, 9: 4.99%, 10: 4.26%, 11: 4.81%, 12: 4.08%, 13: 5.41%, 14: 3.10%, 15: 2.31%, 16: 2.74%, 17: 8.21%, 18: 10.10%, 19: 2.13%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2048Response: | Success: | Total:
2049OK: | 141 ( 8.58%) | 225 ( 6.48%)
2050NXDOMAIN: | 1450 ( 88.20%) | 2256 ( 64.98%)
2051SERVFAIL: | 53 ( 3.22%) | 89 ( 2.56%)
2052REFUSED: | 0 ( 0.00%) | 902 ( 25.98%)
2053FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2054
2055
2056
2057Processed queries: 1919
2058Received packets: 3874
2059Progress: 100.00% (00 h 00 min 10 sec / 00 h 00 min 10 sec)
2060Current incoming rate: 374 pps, average: 386 pps
2061Current success rate: 71 pps, average: 171 pps
2062Finished total: 1716, success: 1716 (100.00%)
2063Mismatched domains: 1535 (39.92%), IDs: 0 (0.00%)
2064Failures: 0: 4.78%, 1: 8.86%, 2: 7.93%, 3: 8.39%, 4: 8.28%, 5: 7.46%, 6: 7.87%, 7: 4.37%, 8: 3.96%, 9: 4.78%, 10: 4.08%, 11: 4.60%, 12: 3.90%, 13: 5.19%, 14: 2.97%, 15: 2.21%, 16: 2.62%, 17: 2.56%, 18: 2.33%, 19: 6.06%, 20: 6.70%, 21: 1.86%, 22: 0.06%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2065Response: | Success: | Total:
2066OK: | 147 ( 8.57%) | 249 ( 6.48%)
2067NXDOMAIN: | 1514 ( 88.23%) | 2512 ( 65.33%)
2068SERVFAIL: | 55 ( 3.21%) | 97 ( 2.52%)
2069REFUSED: | 0 ( 0.00%) | 987 ( 25.67%)
2070FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2071
2072
2073
2074Processed queries: 1919
2075Received packets: 4284
2076Progress: 100.00% (00 h 00 min 11 sec / 00 h 00 min 11 sec)
2077Current incoming rate: 409 pps, average: 388 pps
2078Current success rate: 38 pps, average: 159 pps
2079Finished total: 1755, success: 1755 (100.00%)
2080Mismatched domains: 1890 (44.44%), IDs: 0 (0.00%)
2081Failures: 0: 4.67%, 1: 8.66%, 2: 7.75%, 3: 8.21%, 4: 8.09%, 5: 7.29%, 6: 7.69%, 7: 4.27%, 8: 3.87%, 9: 4.67%, 10: 3.99%, 11: 4.50%, 12: 3.82%, 13: 5.07%, 14: 2.91%, 15: 2.17%, 16: 2.56%, 17: 2.51%, 18: 2.28%, 19: 1.94%, 20: 1.08%, 21: 5.07%, 22: 5.01%, 23: 0.97%, 24: 0.28%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2082Response: | Success: | Total:
2083OK: | 150 ( 8.55%) | 277 ( 6.51%)
2084NXDOMAIN: | 1550 ( 88.32%) | 2773 ( 65.20%)
2085SERVFAIL: | 55 ( 3.13%) | 109 ( 2.56%)
2086REFUSED: | 0 ( 0.00%) | 1094 ( 25.72%)
2087FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2088
2089
2090
2091Processed queries: 1919
2092Received packets: 4689
2093Progress: 100.00% (00 h 00 min 12 sec / 00 h 00 min 12 sec)
2094Current incoming rate: 404 pps, average: 390 pps
2095Current success rate: 18 pps, average: 147 pps
2096Finished total: 1774, success: 1774 (100.00%)
2097Mismatched domains: 2264 (48.64%), IDs: 0 (0.00%)
2098Failures: 0: 4.62%, 1: 8.57%, 2: 7.67%, 3: 8.12%, 4: 8.00%, 5: 7.22%, 6: 7.61%, 7: 4.23%, 8: 3.83%, 9: 4.62%, 10: 3.95%, 11: 4.45%, 12: 3.78%, 13: 5.02%, 14: 2.87%, 15: 2.14%, 16: 2.54%, 17: 2.48%, 18: 2.25%, 19: 1.92%, 20: 1.07%, 21: 1.18%, 22: 0.90%, 23: 4.17%, 24: 4.11%, 25: 0.73%, 26: 0.11%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2099Response: | Success: | Total:
2100OK: | 150 ( 8.46%) | 296 ( 6.36%)
2101NXDOMAIN: | 1568 ( 88.39%) | 3036 ( 65.22%)
2102SERVFAIL: | 56 ( 3.16%) | 118 ( 2.53%)
2103REFUSED: | 0 ( 0.00%) | 1205 ( 25.89%)
2104FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2105
2106
2107
2108Processed queries: 1919
2109Received packets: 5068
2110Progress: 100.00% (00 h 00 min 13 sec / 00 h 00 min 13 sec)
2111Current incoming rate: 378 pps, average: 389 pps
2112Current success rate: 12 pps, average: 137 pps
2113Finished total: 1787, success: 1787 (100.00%)
2114Mismatched domains: 2622 (52.14%), IDs: 0 (0.00%)
2115Failures: 0: 4.59%, 1: 8.51%, 2: 7.61%, 3: 8.06%, 4: 7.95%, 5: 7.16%, 6: 7.55%, 7: 4.20%, 8: 3.81%, 9: 4.59%, 10: 3.92%, 11: 4.42%, 12: 3.75%, 13: 4.98%, 14: 2.85%, 15: 2.13%, 16: 2.52%, 17: 2.46%, 18: 2.24%, 19: 1.90%, 20: 1.06%, 21: 1.18%, 22: 0.90%, 23: 0.45%, 24: 0.56%, 25: 4.09%, 26: 3.30%, 27: 0.56%, 28: 0.11%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2116Response: | Success: | Total:
2117OK: | 150 ( 8.39%) | 317 ( 6.30%)
2118NXDOMAIN: | 1580 ( 88.42%) | 3286 ( 65.34%)
2119SERVFAIL: | 57 ( 3.19%) | 128 ( 2.55%)
2120REFUSED: | 0 ( 0.00%) | 1298 ( 25.81%)
2121FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2122
2123
2124
2125Processed queries: 1919
2126Received packets: 5481
2127Progress: 100.00% (00 h 00 min 14 sec / 00 h 00 min 14 sec)
2128Current incoming rate: 412 pps, average: 390 pps
2129Current success rate: 20 pps, average: 128 pps
2130Finished total: 1808, success: 1808 (100.00%)
2131Mismatched domains: 3006 (55.27%), IDs: 0 (0.00%)
2132Failures: 0: 4.54%, 1: 8.41%, 2: 7.52%, 3: 7.96%, 4: 7.85%, 5: 7.08%, 6: 7.47%, 7: 4.15%, 8: 3.76%, 9: 4.54%, 10: 3.87%, 11: 4.37%, 12: 3.71%, 13: 4.92%, 14: 2.82%, 15: 2.10%, 16: 2.49%, 17: 2.43%, 18: 2.21%, 19: 1.88%, 20: 1.05%, 21: 1.16%, 22: 0.88%, 23: 0.44%, 24: 0.55%, 25: 0.44%, 26: 0.50%, 27: 4.31%, 28: 2.10%, 29: 0.50%, 30: 0.11%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2133Response: | Success: | Total:
2134OK: | 151 ( 8.35%) | 347 ( 6.38%)
2135NXDOMAIN: | 1600 ( 88.50%) | 3545 ( 65.18%)
2136SERVFAIL: | 57 ( 3.15%) | 135 ( 2.48%)
2137REFUSED: | 0 ( 0.00%) | 1412 ( 25.96%)
2138FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2139
2140
2141
2142Processed queries: 1919
2143Received packets: 5885
2144Progress: 100.00% (00 h 00 min 15 sec / 00 h 00 min 15 sec)
2145Current incoming rate: 403 pps, average: 391 pps
2146Current success rate: 26 pps, average: 122 pps
2147Finished total: 1835, success: 1835 (100.00%)
2148Mismatched domains: 3365 (57.62%), IDs: 0 (0.00%)
2149Failures: 0: 4.47%, 1: 8.28%, 2: 7.41%, 3: 7.85%, 4: 7.74%, 5: 6.98%, 6: 7.36%, 7: 4.09%, 8: 3.71%, 9: 4.47%, 10: 3.81%, 11: 4.31%, 12: 3.65%, 13: 4.85%, 14: 2.78%, 15: 2.07%, 16: 2.45%, 17: 2.40%, 18: 2.18%, 19: 1.85%, 20: 1.04%, 21: 1.14%, 22: 0.87%, 23: 0.44%, 24: 0.54%, 25: 0.44%, 26: 0.49%, 27: 0.71%, 28: 0.60%, 29: 3.38%, 30: 1.69%, 31: 0.44%, 32: 0.11%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2150Response: | Success: | Total:
2151OK: | 153 ( 8.34%) | 368 ( 6.30%)
2152NXDOMAIN: | 1625 ( 88.56%) | 3800 ( 65.07%)
2153SERVFAIL: | 57 ( 3.11%) | 147 ( 2.52%)
2154REFUSED: | 0 ( 0.00%) | 1525 ( 26.11%)
2155FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2156
2157
2158
2159Processed queries: 1919
2160Received packets: 6277
2161Progress: 100.00% (00 h 00 min 16 sec / 00 h 00 min 16 sec)
2162Current incoming rate: 391 pps, average: 391 pps
2163Current success rate: 24 pps, average: 116 pps
2164Finished total: 1860, success: 1860 (100.00%)
2165Mismatched domains: 3716 (59.65%), IDs: 0 (0.00%)
2166Failures: 0: 4.41%, 1: 8.17%, 2: 7.31%, 3: 7.74%, 4: 7.63%, 5: 6.88%, 6: 7.26%, 7: 4.03%, 8: 3.66%, 9: 4.41%, 10: 3.76%, 11: 4.25%, 12: 3.60%, 13: 4.78%, 14: 2.74%, 15: 2.04%, 16: 2.42%, 17: 2.37%, 18: 2.15%, 19: 1.83%, 20: 1.02%, 21: 1.13%, 22: 0.86%, 23: 0.43%, 24: 0.54%, 25: 0.43%, 26: 0.48%, 27: 0.70%, 28: 0.59%, 29: 0.59%, 30: 0.70%, 31: 2.53%, 32: 1.29%, 33: 0.38%, 34: 0.05%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2167Response: | Success: | Total:
2168OK: | 153 ( 8.23%) | 391 ( 6.28%)
2169NXDOMAIN: | 1648 ( 88.60%) | 4046 ( 64.94%)
2170SERVFAIL: | 59 ( 3.17%) | 158 ( 2.54%)
2171REFUSED: | 0 ( 0.00%) | 1635 ( 26.24%)
2172FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2173
2174
2175
2176Processed queries: 1919
2177Received packets: 6681
2178Progress: 100.00% (00 h 00 min 17 sec / 00 h 00 min 17 sec)
2179Current incoming rate: 403 pps, average: 392 pps
2180Current success rate: 37 pps, average: 111 pps
2181Finished total: 1898, success: 1898 (100.00%)
2182Mismatched domains: 4058 (61.17%), IDs: 0 (0.00%)
2183Failures: 0: 4.32%, 1: 8.01%, 2: 7.17%, 3: 7.59%, 4: 7.48%, 5: 6.74%, 6: 7.11%, 7: 3.95%, 8: 3.58%, 9: 4.32%, 10: 3.69%, 11: 4.16%, 12: 3.53%, 13: 4.69%, 14: 2.69%, 15: 2.00%, 16: 2.37%, 17: 2.32%, 18: 2.11%, 19: 1.79%, 20: 1.00%, 21: 1.11%, 22: 0.84%, 23: 0.42%, 24: 0.53%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.58%, 29: 0.58%, 30: 0.68%, 31: 0.53%, 32: 1.21%, 33: 1.37%, 34: 0.68%, 35: 0.32%, 36: 0.05%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2184Response: | Success: | Total:
2185OK: | 157 ( 8.27%) | 409 ( 6.17%)
2186NXDOMAIN: | 1682 ( 88.62%) | 4295 ( 64.74%)
2187SERVFAIL: | 59 ( 3.11%) | 165 ( 2.49%)
2188REFUSED: | 0 ( 0.00%) | 1765 ( 26.61%)
2189FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2190
2191
2192
2193Processed queries: 1919
2194Received packets: 7075
2195Progress: 100.00% (00 h 00 min 18 sec / 00 h 00 min 18 sec)
2196Current incoming rate: 393 pps, average: 392 pps
2197Current success rate: 15 pps, average: 106 pps
2198Finished total: 1914, success: 1914 (100.00%)
2199Mismatched domains: 4430 (63.05%), IDs: 0 (0.00%)
2200Failures: 0: 4.28%, 1: 7.94%, 2: 7.11%, 3: 7.52%, 4: 7.42%, 5: 6.69%, 6: 7.05%, 7: 3.92%, 8: 3.55%, 9: 4.28%, 10: 3.66%, 11: 4.13%, 12: 3.50%, 13: 4.65%, 14: 2.66%, 15: 1.99%, 16: 2.35%, 17: 2.30%, 18: 2.09%, 19: 1.78%, 20: 0.99%, 21: 1.10%, 22: 0.84%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.10%, 34: 0.68%, 35: 0.26%, 36: 0.16%, 37: 0.10%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2201Response: | Success: | Total:
2202OK: | 157 ( 8.20%) | 432 ( 6.15%)
2203NXDOMAIN: | 1697 ( 88.66%) | 4556 ( 64.84%)
2204SERVFAIL: | 60 ( 3.13%) | 173 ( 2.46%)
2205REFUSED: | 0 ( 0.00%) | 1865 ( 26.54%)
2206FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2207
2208
2209
2210Processed queries: 1919
2211Received packets: 7474
2212Progress: 100.00% (00 h 00 min 19 sec / 00 h 00 min 19 sec)
2213Current incoming rate: 398 pps, average: 392 pps
2214Current success rate: 2 pps, average: 100 pps
2215Finished total: 1917, success: 1917 (100.00%)
2216Mismatched domains: 4819 (64.95%), IDs: 0 (0.00%)
2217Failures: 0: 4.28%, 1: 7.93%, 2: 7.09%, 3: 7.51%, 4: 7.41%, 5: 6.68%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.50%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.30%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.10%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.10%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.10%, 38: 0.10%, 39: 0.00%, 40: 0.05%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2218Response: | Success: | Total:
2219OK: | 158 ( 8.24%) | 453 ( 6.11%)
2220NXDOMAIN: | 1699 ( 88.63%) | 4799 ( 64.69%)
2221SERVFAIL: | 60 ( 3.13%) | 185 ( 2.49%)
2222REFUSED: | 0 ( 0.00%) | 1982 ( 26.72%)
2223FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2224
2225
2226
2227Processed queries: 1919
2228Received packets: 7863
2229Progress: 100.00% (00 h 00 min 20 sec / 00 h 00 min 20 sec)
2230Current incoming rate: 388 pps, average: 392 pps
2231Current success rate: 0 pps, average: 95 pps
2232Finished total: 1918, success: 1918 (100.00%)
2233Mismatched domains: 5206 (66.68%), IDs: 0 (0.00%)
2234Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.05%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2235Response: | Success: | Total:
2236OK: | 158 ( 8.24%) | 477 ( 6.11%)
2237NXDOMAIN: | 1700 ( 88.63%) | 5061 ( 64.83%)
2238SERVFAIL: | 60 ( 3.13%) | 195 ( 2.50%)
2239REFUSED: | 0 ( 0.00%) | 2074 ( 26.57%)
2240FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2241
2242
2243
2244Processed queries: 1919
2245Received packets: 8056
2246Progress: 100.00% (00 h 00 min 21 sec / 00 h 00 min 21 sec)
2247Current incoming rate: 192 pps, average: 382 pps
2248Current success rate: 0 pps, average: 91 pps
2249Finished total: 1918, success: 1918 (100.00%)
2250Mismatched domains: 5399 (67.49%), IDs: 0 (0.00%)
2251Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.10%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2252Response: | Success: | Total:
2253OK: | 158 ( 8.24%) | 486 ( 6.07%)
2254NXDOMAIN: | 1700 ( 88.63%) | 5202 ( 65.03%)
2255SERVFAIL: | 60 ( 3.13%) | 201 ( 2.51%)
2256REFUSED: | 0 ( 0.00%) | 2111 ( 26.39%)
2257FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2258
2259
2260
2261Processed queries: 1919
2262Received packets: 8071
2263Progress: 100.00% (00 h 00 min 22 sec / 00 h 00 min 22 sec)
2264Current incoming rate: 14 pps, average: 366 pps
2265Current success rate: 0 pps, average: 87 pps
2266Finished total: 1918, success: 1918 (100.00%)
2267Mismatched domains: 5414 (67.55%), IDs: 0 (0.00%)
2268Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.05%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2269Response: | Success: | Total:
2270OK: | 158 ( 8.24%) | 486 ( 6.06%)
2271NXDOMAIN: | 1700 ( 88.63%) | 5212 ( 65.03%)
2272SERVFAIL: | 60 ( 3.13%) | 203 ( 2.53%)
2273REFUSED: | 0 ( 0.00%) | 2114 ( 26.38%)
2274FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2275
2276
2277
2278Processed queries: 1919
2279Received packets: 8077
2280Progress: 100.00% (00 h 00 min 23 sec / 00 h 00 min 23 sec)
2281Current incoming rate: 5 pps, average: 350 pps
2282Current success rate: 0 pps, average: 83 pps
2283Finished total: 1918, success: 1918 (100.00%)
2284Mismatched domains: 5420 (67.57%), IDs: 0 (0.00%)
2285Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.05%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2286Response: | Success: | Total:
2287OK: | 158 ( 8.24%) | 486 ( 6.06%)
2288NXDOMAIN: | 1700 ( 88.63%) | 5214 ( 65.00%)
2289SERVFAIL: | 60 ( 3.13%) | 204 ( 2.54%)
2290REFUSED: | 0 ( 0.00%) | 2117 ( 26.39%)
2291FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2292
2293
2294
2295Processed queries: 1919
2296Received packets: 8088
2297Progress: 100.00% (00 h 00 min 24 sec / 00 h 00 min 24 sec)
2298Current incoming rate: 10 pps, average: 336 pps
2299Current success rate: 0 pps, average: 79 pps
2300Finished total: 1918, success: 1918 (100.00%)
2301Mismatched domains: 5431 (67.62%), IDs: 0 (0.00%)
2302Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.05%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2303Response: | Success: | Total:
2304OK: | 158 ( 8.24%) | 486 ( 6.05%)
2305NXDOMAIN: | 1700 ( 88.63%) | 5220 ( 64.99%)
2306SERVFAIL: | 60 ( 3.13%) | 208 ( 2.59%)
2307REFUSED: | 0 ( 0.00%) | 2118 ( 26.37%)
2308FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2309
2310
2311
2312Processed queries: 1919
2313Received packets: 8095
2314Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
2315Current incoming rate: 6 pps, average: 323 pps
2316Current success rate: 0 pps, average: 76 pps
2317Finished total: 1918, success: 1918 (100.00%)
2318Mismatched domains: 5438 (67.65%), IDs: 0 (0.00%)
2319Failures: 0: 4.28%, 1: 7.92%, 2: 7.09%, 3: 7.51%, 4: 7.40%, 5: 6.67%, 6: 7.04%, 7: 3.91%, 8: 3.55%, 9: 4.28%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.35%, 17: 2.29%, 18: 2.09%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.05%, 50: 0.00%,
2320Response: | Success: | Total:
2321OK: | 158 ( 8.24%) | 486 ( 6.05%)
2322NXDOMAIN: | 1700 ( 88.63%) | 5226 ( 65.01%)
2323SERVFAIL: | 60 ( 3.13%) | 209 ( 2.60%)
2324REFUSED: | 0 ( 0.00%) | 2118 ( 26.35%)
2325FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2326
2327
2328
2329Processed queries: 1919
2330Received packets: 8096
2331Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
2332Current incoming rate: 17 pps, average: 322 pps
2333Current success rate: 0 pps, average: 76 pps
2334Finished total: 1919, success: 1918 (99.95%)
2335Mismatched domains: 5439 (67.65%), IDs: 0 (0.00%)
2336Failures: 0: 4.27%, 1: 7.92%, 2: 7.09%, 3: 7.50%, 4: 7.40%, 5: 6.67%, 6: 7.03%, 7: 3.91%, 8: 3.54%, 9: 4.27%, 10: 3.65%, 11: 4.12%, 12: 3.49%, 13: 4.64%, 14: 2.66%, 15: 1.98%, 16: 2.34%, 17: 2.29%, 18: 2.08%, 19: 1.77%, 20: 0.99%, 21: 1.09%, 22: 0.83%, 23: 0.42%, 24: 0.52%, 25: 0.42%, 26: 0.47%, 27: 0.68%, 28: 0.57%, 29: 0.57%, 30: 0.68%, 31: 0.52%, 32: 1.20%, 33: 1.09%, 34: 0.68%, 35: 0.21%, 36: 0.16%, 37: 0.05%, 38: 0.10%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.05%,
2337Response: | Success: | Total:
2338OK: | 158 ( 8.24%) | 486 ( 6.04%)
2339NXDOMAIN: | 1700 ( 88.63%) | 5226 ( 65.00%)
2340SERVFAIL: | 60 ( 3.13%) | 210 ( 2.61%)
2341REFUSED: | 0 ( 0.00%) | 2118 ( 26.34%)
2342FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2343www.respectwashington.us
2344respectwashington.us.
2345######################################################################################################################################
2346[+] www.respectwashington.us has no SPF record!
2347[*] No DMARC record found. Looking for organizational record
2348[+] No organizational DMARC record
2349[+] Spoofing possible for www.respectwashington.us!
2350######################################################################################################################################
2351Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:57 EDT
2352Nmap scan report for www.respectwashington.us (65.49.16.26)
2353Host is up (0.79s latency).
2354rDNS record for 65.49.16.26: respectwashington.us
2355Not shown: 992 closed ports
2356PORT STATE SERVICE
235780/tcp open http
2358110/tcp open pop3
2359143/tcp open imap
2360443/tcp open https
2361465/tcp open smtps
2362587/tcp open submission
2363993/tcp open imaps
2364995/tcp open pop3s
2365
2366Nmap done: 1 IP address (1 host up) scanned in 3.83 seconds
2367######################################################################################################################################
2368Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:57 EDT
2369Nmap scan report for www.respectwashington.us (65.49.16.26)
2370Host is up (0.28s latency).
2371rDNS record for 65.49.16.26: respectwashington.us
2372Not shown: 12 closed ports, 2 filtered ports
2373PORT STATE SERVICE
23742049/udp open|filtered nfs
2375
2376Nmap done: 1 IP address (1 host up) scanned in 7.48 seconds
2377######################################################################################################################################
2378HTTP/1.1 200 OK
2379Date: Tue, 22 Oct 2019 13:57:25 GMT
2380Server: Apache/2.4.18 (Ubuntu)
2381Last-Modified: Fri, 23 Feb 2018 15:15:28 GMT
2382ETag: "8956-565e2a1613be1"
2383Accept-Ranges: bytes
2384Content-Length: 35158
2385Vary: Accept-Encoding
2386Content-Type: text/html
2387
2388Allow: GET,HEAD,POST,OPTIONS
2389######################################################################################################################################
2390<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Top Nav XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
2391<!--Second row-->
2392<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX End Top Nav XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
2393<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX About the legislation XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -->
2394<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Cost of the legislation XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -->
2395<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXX Quote from WA Sate Constitution XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
2396 <!-- XXXXXXXXXXXXXXXXXXXX "Keep it Legal" logo XXXXXXXXXXXXXXXXX-->
2397<!-- XXXXXXXXXXXXXXXXXX End "Keep it Legal" logo XXXXXXXXXXXXXXXXX-->
2398######################################################################################################################################
2399http://www.w3.org/1999/xhtml
2400text/css
2401-//W3C//DTD XHTML 1.0 Transitional//EN
2402#######################################################################################################################################
2403http://www.respectwashington.us [200 OK] Apache[2.4.18], Country[UNITED STATES][US], Email[info@RespectWashington.us], HTTPServer[Ubuntu Linux][Apache/2.4.18 (Ubuntu)], IP[65.49.16.26], Title[RespectWashington]
2404#######################################################################################################################################
2405
2406wig - WebApp Information Gatherer
2407
2408
2409Scanning http://www.respectwashington.us...
2410_________________ SITE INFO __________________
2411IP Title
241265.49.16.26 RespectWashington
2413
2414__________________ VERSION ___________________
2415Name Versions Type
2416Apache 2.4.18 Platform
2417Ubuntu 16.04 OS
2418
2419______________________________________________
2420Time: 90.4 sec Urls: 813 Fingerprints: 40401
2421#######################################################################################################################################
2422Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:59 EDT
2423NSE: Loaded 163 scripts for scanning.
2424NSE: Script Pre-scanning.
2425Initiating NSE at 09:59
2426Completed NSE at 09:59, 0.00s elapsed
2427Initiating NSE at 09:59
2428Completed NSE at 09:59, 0.00s elapsed
2429Initiating Parallel DNS resolution of 1 host. at 09:59
2430Completed Parallel DNS resolution of 1 host. at 09:59, 0.03s elapsed
2431Initiating SYN Stealth Scan at 09:59
2432Scanning www.respectwashington.us (65.49.16.26) [1 port]
2433Discovered open port 80/tcp on 65.49.16.26
2434Completed SYN Stealth Scan at 09:59, 0.27s elapsed (1 total ports)
2435Initiating Service scan at 09:59
2436Scanning 1 service on www.respectwashington.us (65.49.16.26)
2437Completed Service scan at 09:59, 6.49s elapsed (1 service on 1 host)
2438Initiating OS detection (try #1) against www.respectwashington.us (65.49.16.26)
2439Retrying OS detection (try #2) against www.respectwashington.us (65.49.16.26)
2440Initiating Traceroute at 09:59
2441Completed Traceroute at 09:59, 1.32s elapsed
2442Initiating Parallel DNS resolution of 11 hosts. at 09:59
2443Completed Parallel DNS resolution of 11 hosts. at 09:59, 0.24s elapsed
2444NSE: Script scanning 65.49.16.26.
2445Initiating NSE at 09:59
2446Completed NSE at 10:01, 95.87s elapsed
2447Initiating NSE at 10:01
2448Completed NSE at 10:01, 1.45s elapsed
2449Nmap scan report for www.respectwashington.us (65.49.16.26)
2450Host is up (0.30s latency).
2451rDNS record for 65.49.16.26: respectwashington.us
2452
2453PORT STATE SERVICE VERSION
245480/tcp open http Apache httpd 2.4.18 ((Ubuntu))
2455| http-brute:
2456|_ Path "/" does not require authentication
2457|_http-chrono: Request times for /; avg: 1578.32ms; min: 1423.87ms; max: 1782.78ms
2458| http-csrf:
2459| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.respectwashington.us
2460| Found the following possible CSRF vulnerabilities:
2461|
2462| Path: http://www.respectwashington.us:80/donate.html
2463| Form id:
2464|_ Form action: https://www.paypal.com/cgi-bin/webscr
2465|_http-date: Tue, 22 Oct 2019 13:59:46 GMT; -1s from local time.
2466|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
2467|_http-dombased-xss: Couldn't find any DOM based XSS.
2468|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
2469| http-errors:
2470| Spidering limited to: maxpagecount=40; withinhost=www.respectwashington.us
2471| Found the following error pages:
2472|
2473| Error Code: 404
2474|_ http://www.respectwashington.us:80/MarchPetition
2475|_http-exif-spider: ERROR: Script execution failed (use -d to debug)
2476|_http-feed: Couldn't find any feeds.
2477|_http-fetch: Please enter the complete path of the directory to save data in.
2478| http-fileupload-exploiter:
2479|
2480| Couldn't find a file-type field.
2481|
2482|_ Couldn't find a file-type field.
2483| http-grep:
2484| (1) http://www.respectwashington.us:80/:
2485| (1) email:
2486| + info@RespectWashington.us
2487| (1) http://www.respectwashington.us:80/volunteer.html:
2488| (1) email:
2489| + info@respectwashington.us
2490| (1) http://www.respectwashington.us:80/donate.html:
2491| (1) email:
2492| + Ron@RespectWashington.us
2493| (1) http://www.respectwashington.us:80/petition.html:
2494| (1) email:
2495| + info@RespectWashinton.us
2496| (356) http://www.respectwashington.us:80/support.html:
2497| (356) email:
2498| + vince@vincedemiero.com
2499| + jeffguinn@verizon.net
2500| + dlrichter@rainierwebsites.com
2501| + dlapinski2@hotmail.com
2502| + griffinforwashington@gmail.com
2503| + lucho4@comcast.net
2504| + heidi@munson2010.com
2505| + electmccune@gmail.com
2506| + marilyn@rainierconnect.com
2507| + thomasjcampbell@qwestoffice.net
2508| + jt@wilcox.org
2509| + cometapple@msn.com
2510| + Boxersborzois@aol.com
2511| + vote@andybillig.com
2512| + votelouise@comcast.net
2513| + vote.Ormsby@gmail.com
2514| + RedDogMedia87@yahoo.com
2515| + voteoyler@gmail.com
2516| + crouse588@comcast.net
2517| + matt@voteshea2010.com
2518| + hoover@votehoover.com
2519| + jrodne@comcast.net
2520| + action@deanwillard.com
2521| + glenn.anderson@att.net
2522| + springforhouse@aol.com
2523| + michael@baumgartnerforsenate.com
2524| + chris@votechrismarr.com
2525| + info@votekevinparker.com
2526| + votedriscoll@comcast.net
2527| + voteahern@gmail.com
2528| + shelly@voteshellyoquinn.com
2529| + bobmorton@wildblue.net
2530| + helovsu@hotmail.com
2531| + shelly@vote4shelly.com
2532| + joelandsarakretz@wildblue.net
2533| + brad@bradklippert.com
2534| + carol@carolmoser.com
2535| + le.haler@gmail.com
2536| + jerome@owt.com
2537| + susan@susanfagan.com
2538| + StockwellStocky@aol.com
2539| + people4schmick@colfax.com
2540| + mschoesler@yahoo.com
2541| + office@votenormasmith.com
2542| + electbarbarabailey@gmail.com
2543| + tom4wa@gmail.com
2544| + marymargaret@marymargarethaugen.com
2545| + zack@zackhudgins.com
2546| + sarahm57@yahoo.com
2547| + potterosa1@msn.com
2548| + bob@bobhasegawa.com
2549| + jm135711@yahoo.com
2550| + info@juanforsenate.com
2551| + mlprentice@juno.com
2552| + ccrc12@yahoo.com
2553| + armstrhome@msn.com
2554| + cliff4liberty@gmail.com
2555| + mrhenkle@cs.com
2556| + billhinkle@mac.com
2557| + novackin2010@gmail.com
2558| + cbc@atnet.net
2559| + ja@yahoo.com
2560| + yakimanorm@gmail.com
2561| + michelestrobel@votemichelestrobel.com
2562| + scottb@hbbinjurylaw.com
2563| + charlesnaches@aol.com
2564| + curtisk@kbwood.com
2565| + spencerintehgorge@yahoo.com
2566| + chandbq@bentonrea.com
2567| + taylor.15thdistrict@gmail.com
2568| + tsilva@live.com
2569| + honeyford.jim@leg.wa.gov
2570| + brenda@jaredstory.com
2571| + maureen@walshforstaterep.com
2572| + tnealey@nealey-marinella.com
2573| + Senator16@charter.net
2574| + Tim@ElectTimProbst.com
2575| + bpeck17@yahoo.com
2576| + martin@hash.com
2577| + plharris@comcast.net
2578| + monica.stonier@gmail.com
2579| + benton@pacifier.com
2580| + jon@electjonrussell.com
2581| + vickforrep@comcast.net
2582| + info@anthonybittner.com
2583| + denniskampe@live.com
2584| + jon@haugen18.com
2585| + richcarson@q.com
2586| + annrivers@tds.net
2587| + mr-ed@kalama.com
2588| + joe@jpzarelli.com
2589| + dtakko@comcast.net
2590| + ElectSwanseon@gmail.com
2591| + repbrianblake@msn.com
2592| + tim@sutinen.com
2593| + bhatfield@willapabay.org
2594| + arnydvs@gmail.com
2595| + ctobeck@comcast.net
2596| + alexandergary@comcast.net
2597| + Dan@danswecker.com
2598| + maryhelenr@verizon.net
2599| + ed@edborey.com
2600| + marko@markoliias.com
2601| + votealantagle@hotmail.com
2602| + elizabeth@elizabeth4state.com
2603| + mikehuisman@myseniorside.com
2604| + shin.paull@leg.wa.gov
2605| + Sayes4Senate@gmail.com
2606| + david@insuranceresourceince.com
2607| + Water4fish@comcast.net
2608| + miller4peace@gmail.com
2609| + friendsofjudihoefling@comcast.net
2610| + jason@jasonhearn.com
2611| + stew@stewfor22.com
2612| + Chris4rep@gmail.com
2613| + repsamhunt@comcast.net
2614| + justinkover@hotmail.com
2615| + electchrisward22@yahoo.com
2616| + pete@petedeboer.com
2617| + jeanne@sherryappleton.com
2618| + voteolsen23@gmail.com
2619| + info@electchristine.com
2620| + realwinters@hotmail.com
2621| + rockberry@seanet.com
2622| + dan@votedangase.com
2623| + kevinvandewege@hotmail.com
2624| + durgan@lympus.net
2625| + jackdwyerdc@yahoo.com
2626| + steve@stevetharinger.com
2627| + lwc@cablespeed.com
2628| + votejmmcentire@gmail.com
2629| + HARGROVEFAM@OLYNET.COM
2630| + JohnT@ElectJohnThompson.com
2631| + tellbruce@comcast.net
2632| + dawnmrn25@earthlink.net
2633| + ronmorehouse@comcast.net
2634| + hans@hanszeiger.com
2635| + steve@stevevermillion.com
2636| + reonmorehouse@comcast.net
2637| + info@bryanshaner.com
2638| + jkastama@hotmail.com
2639| + schoenike@gmail.com
2640| + janangle4u@wavecable.com
2641| + larrysequist@comcast.net
2642| + dougrichards2010@comcast.net
2643| + derekforsenato@aol.com
2644| + martyforsenate@yahoo.com
2645| + votedanielson@aol.com
2646| + electjanisgbalah@yahoo.com
2647| + jessica@smeall.org
2648| + info@lauriejinkins.com
2649| + jakefey@harbornet.com
2650| + ken@nicholsfor27th.com
2651| + jon@higleyforhouse.com
2652| + Vote4Jeannie@aol.com
2653| + jon@joncronk.com
2654| + regs141@comcast.net
2655| + steve@steveoban.com
2656| + troy@troykelley.com
2657| + wagemanp@stolz.com
2658| + tami.green@comcast.net
2659| + bwurts21@hotmail.com
2660| + mcarrell@hotmail.com
2661| + stcook@stcookcampaign.org
2662| + electjonwa@gmail.com
2663| + connie@landenburg.org
2664| + parks429thstaterep@yahoo.com
2665| + therealmsjsy@gmail.com
2666| + stevekirby@harbornet.com
2667| + kenpaulson@reachone.com
2668| + terryharder@comcast.net
2669| + steveconway@harbornet.com
2670| + shawn@voteshawnsullivan.com
2671| + miloscia@comcast.net
2672| + alexandria.al@gmail.com
2673| + info@votealchik.com
2674| + edbarney@gmail.com
2675| + Katrina@voteKatrinaAsay.com
2676| + jerry@GallandStateRepresentative.com
2677| + re-elect-eide@hotmail.com
2678| + info@electtonymoore.com
2679| + cathydahlquist@comcast.net
2680| + peggyllevesque@comcast.net
2681| + shawnbunney@comcast.net
2682| + chrishurst2010@q.com
2683| + deg81@comcast.net
2684| + patrick@electpatrickreed.com
2685| + pamroach@aol.com
2686| + mhrichardson@hotmail.com
2687| + ron4senate@comcast.net
2688| + raymondbunk@yahoo.com
2689| + info@artcoday.com
2690| + FriendsForCindyRyu@yahoo.com
2691| + dorismccon@comcast.net
2692| + kagi@seanet.com
2693| + stan.lippmann@gmail.com
2694| + garyg@votegaryg.com
2695| + maralyn@maralynchase.com
2696| + pjbb17@msn.com
2697| + info@BakerInTheSenate.com
2698| + tina.orwell@gmail.com
2699| + daveup@comcast.net
2700| + karenkeisder@comcast.net
2701| + jack.michalek@comcast.net
2702| + eileenlcody@comcast.net
2703| + info@joefitzgibbon.com
2704| + info@mikeheavey.com
2705| + vote4mac2010@gmail.com
2706| + info@marceefor34th.com
2707| + sharonknelson49@yahoo.com
2708| + danielgriffey@gmail.com
2709| + kathaigh@aol.com
2710| + fredfinnforstaterep@hotmail.com
2711| + ggaither4house@gmail.com
2712| + lindasimpsonwantsyourvote@hotmail.com
2713| + Senatortimsheldon@gmail.com
2714| + grandmsgottarun4senate@live.com
2715| + mail@reuvencarlyle.com
2716| + electJILLEngland@comcast.net
2717| + maryloudikerson@comcast.net
2718| + jkohl-welles@comcast.net
2719| + electleslie2010@earhtlink.net
2720| + friendsofsts@aol.com
2721| + jestaff@msn.com
2722| + e.pettigrew@comcast.net
2723| + adam37th@comcast.net
2724| + Smilanin37@gmail.com
2725| + hughfleet@gmail.com
2726| + johnmccoy1@me.com
2727| + mikesells@aol.com
2728| + Iris@irislilly4staterep.com
2729| + jeanberkey@comcast.net
2730| + nick@nickharper.org
2731| + rodr2010@rodrieger.com
2732| + dk39@clearwire.net
2733| + eleanor@eleanorwalters.com
2734| + kirk@kirkpearson.com
2735| + stevens.val@leg.wa.gov
2736| + mike@mikenewman.com
2737| + dusty@votedusty.com
2738| + ChuckCarrell@gmail.com
2739| + yosherevelle@yahoo.com
2740| + mrlytton@fidalgo.net
2741| + Tom@tompasma.com
2742| + thomas@electboucher.com
2743| + JustinVanDyk@gmail.com
2744| + mountainsnow08@gmail.com
2745| + jeff@morriscampaign.com
2746| + john@jetpoint.com
2747| + cpellett@cablerocket.com
2748| + info@kevinranker.com
2749| + peter@votedunbar.com
2750| + marcie@marciemaxwell.org
2751| + jclibborn@comcast.net
2752| + stephen@votestrader.cm
2753| + WEBSTER.2020@YAHOO.COM
2754| + randy@FriendsofRandyGordon.org
2755| + info@stevelitzow.com
2756| + jason@voteoverstreet.com
2757| + asjen@comcast.net
2758| + Michael@SmithfoWashington.com
2759| + richardmay42@aol.com
2760| + ckmayberry@clearwire.net
2761| + wroehl@comcast.net
2762| + vincent@vincentbuys.com
2763| + Doug@DougEricksen.com
2764| + patjerns@gmail.com
2765| + jamie@peopleforpedersen.org
2766| + chopp.frank@leg.wa.gov
2767| + voteforverde@gmail.com
2768| + ed@EdMurrayforSenate.com
2769| + s.hadian@hadian2010.com
2770| + hansdunshee@comcast.net
2771| + info@VoteBob44th.org
2772| + hopems@comcast.net
2773| + john4wa@gmail.com
2774| + info@electhobbs.com
2775| + ryan@ryanferrie.com
2776| + dave@daveschmidt.org
2777| + lilliankaufer@gmail.com
2778| + roger@rogergoodman.org
2779| + Kevin@kevinhaistings.com
2780| + larry@larryspringer.org
2781| + info@votemarkisaacs.com
2782| + Senator@oemig.com
2783| + andy@andyhillforsenate.com
2784| + frocktforhouse@gmail.com
2785| + beau@beaugunderson.com
2786| + kenneylp@aol.com
2787| + scott.white46@comcast.net
2788| + Mark@MarkHargrove.org
2789| + geoff@votesimpson.com
2790| + pat@votepatsullivan.com
2791| + ryanez@vote4yanez.com
2792| + claudia@claudiaforsenate.com
2793| + contact@votefain.com
2794| + Sas@SasforSenate.com
2795| + info@diane2010.org
2796| + ross@rosshunter.net
2797| + philiplwilson@gmail.com
2798| + deb@debeddy.net
2799| + rodney@rodneytom.com
2800| + gregg@bennettforsenate.org
2801| + rgfuller@rgfuler.org
2802| + info@jimjacks.com
2803| + wcismar@comcast.net
2804| + electjim@jimmoeller.org
2805| + craig@electcraigriley.com
2806| + craig@craigpridemore.com
2807| + matthew@matthewburkeforcongress.com
2808| + James@WatkinsForCongress.com
2809| + doc@1stchoicewa.com
2810| + info@jayinslee.com
2811| + info@kosterforcongress.com
2812| + rick@ricklarsen.org
2813| + lkalb@openaccess.org
2814| + info@carmackcongress.org
2815| + diana@dianaforcongress.com
2816| + info@castilloforcongress.cm
2817| + normajeanforcongress@msn.com
2818| + info@jaimeherrera.com
2819| + cristforcongress@gmail.com
2820| + denny@denyheckforcongress.com
2821| + david@davidwhedrick.com
2822| + shane15@charterinternet.com
2823| + rexbrocki@gmail.com
2824| + info@dochastings.com
2825| + leland4congress@gmail.com
2826| + edwardsforcongress@gmail.com
2827| + info@yearoutforcongress.com
2828| + cathy@cathyforcongress.com
2829| + romeynforcongress@yahoo.com
2830| + lawtalkinguy4u@yahoo.com
2831| + clydecordero@gmail.com
2832| + doug@dougcloud.com
2833| + Jesse@JesseYoungForCongress.com
2834| + norm@normdicks.com
2835| + info@donovanrivers.org
2836| + info@berenforcongress.com
2837| + mcdermott@mcdermottforcongress.com
2838| + bobjefshr@comcast.net
2839| + votesizemore@gmail.com
2840| + sutherep7@live.cm
2841| + ernesthuberforcongress@gmail.com
2842| + dave@davereichertforcongress.com
2843| + tomcramer3229@yahoo.com
2844| + orlinksi@comcast.net
2845| + karnold@votekeitharnold.com
2846| + suzan@delbeneforcongress.com
2847| + tim@dillonforcongress.com
2848| + caleb@calebmardini.com
2849| + robinadair102@mac.com
2850| + Dick@DickMuri.com
2851| + jim@postma.com
2852| + info@electadamsmith.com
2853|_ + olson4us@thurston.com
2854| http-headers:
2855| Date: Tue, 22 Oct 2019 13:59:43 GMT
2856| Server: Apache/2.4.18 (Ubuntu)
2857| Last-Modified: Fri, 23 Feb 2018 15:15:28 GMT
2858| ETag: "8956-565e2a1613be1"
2859| Accept-Ranges: bytes
2860| Content-Length: 35158
2861| Vary: Accept-Encoding
2862| Connection: close
2863| Content-Type: text/html
2864|
2865|_ (Request type: HEAD)
2866|_http-jsonp-detection: Couldn't find any JSONP endpoints.
2867| http-methods:
2868|_ Supported Methods: GET HEAD POST OPTIONS
2869|_http-mobileversion-checker: No mobile version detected.
2870| http-php-version: Logo query returned unknown hash 70292b41bac2f29a9009dbd6b677a696
2871|_Credits query returned unknown hash 70292b41bac2f29a9009dbd6b677a696
2872|_http-security-headers:
2873|_http-server-header: Apache/2.4.18 (Ubuntu)
2874| http-sitemap-generator:
2875| Directory structure:
2876| /
2877| Other: 1; css: 1; html: 9; jpg: 1; pdf: 6
2878| /rw-images/
2879| jpg: 1
2880| Longest directory structure:
2881| Depth: 1
2882| Dir: /rw-images/
2883| Total files found (by extension):
2884|_ Other: 1; css: 1; html: 9; jpg: 2; pdf: 6
2885|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
2886|_http-title: RespectWashington
2887| http-vhosts:
2888|_127 names had status 200
2889|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
2890|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
2891|_http-xssed: No previously reported XSS vuln.
2892| vulners:
2893| cpe:/a:apache:http_server:2.4.18:
2894| CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
2895| CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
2896| CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
2897| CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
2898| CVE-2019-0211 7.2 https://vulners.com/cve/CVE-2019-0211
2899| CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
2900| CVE-2017-15715 6.8 https://vulners.com/cve/CVE-2017-15715
2901| CVE-2019-10082 6.4 https://vulners.com/cve/CVE-2019-10082
2902| CVE-2017-9788 6.4 https://vulners.com/cve/CVE-2017-9788
2903| CVE-2019-10098 5.8 https://vulners.com/cve/CVE-2019-10098
2904| CVE-2019-0220 5.0 https://vulners.com/cve/CVE-2019-0220
2905| CVE-2019-0196 5.0 https://vulners.com/cve/CVE-2019-0196
2906| CVE-2018-17199 5.0 https://vulners.com/cve/CVE-2018-17199
2907| CVE-2018-1333 5.0 https://vulners.com/cve/CVE-2018-1333
2908| CVE-2017-9798 5.0 https://vulners.com/cve/CVE-2017-9798
2909| CVE-2017-15710 5.0 https://vulners.com/cve/CVE-2017-15710
2910| CVE-2016-8743 5.0 https://vulners.com/cve/CVE-2016-8743
2911| CVE-2016-8740 5.0 https://vulners.com/cve/CVE-2016-8740
2912| CVE-2016-4979 5.0 https://vulners.com/cve/CVE-2016-4979
2913| CVE-2019-0197 4.9 https://vulners.com/cve/CVE-2019-0197
2914| CVE-2019-10092 4.3 https://vulners.com/cve/CVE-2019-10092
2915| CVE-2018-11763 4.3 https://vulners.com/cve/CVE-2018-11763
2916| CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
2917| CVE-2016-1546 4.3 https://vulners.com/cve/CVE-2016-1546
2918| CVE-2018-1283 3.5 https://vulners.com/cve/CVE-2018-1283
2919|_ CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
2920| vulscan: VulDB - https://vuldb.com:
2921| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
2922| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
2923| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
2924| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
2925| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
2926| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
2927| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
2928| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
2929| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
2930| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
2931| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
2932| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
2933| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
2934| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
2935| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
2936| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
2937| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
2938| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
2939| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
2940| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
2941| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
2942| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
2943| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
2944| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
2945| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
2946| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
2947| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
2948| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
2949| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
2950| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
2951| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
2952| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
2953| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
2954| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
2955| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
2956| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
2957| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
2958| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
2959| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
2960| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
2961| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
2962| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
2963| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
2964| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
2965| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
2966| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
2967| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
2968| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
2969| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
2970| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
2971|
2972| MITRE CVE - https://cve.mitre.org:
2973| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
2974| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
2975| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
2976| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
2977| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
2978| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
2979| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
2980| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
2981| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
2982| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
2983|
2984| SecurityFocus - https://www.securityfocus.com/bid/:
2985| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
2986| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
2987| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
2988| [15177] PHP Apache 2 Local Denial of Service Vulnerability
2989| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
2990| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
2991| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
2992| [5485] Apache 2.0 Path Disclosure Vulnerability
2993| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
2994| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
2995| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
2996| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
2997|
2998| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2999| [75211] Debian GNU/Linux apache 2 cross-site scripting
3000|
3001| Exploit-DB - https://www.exploit-db.com:
3002| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
3003| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
3004| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
3005| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
3006| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
3007| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
3008| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
3009| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
3010| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
3011| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
3012| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
3013| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
3014| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
3015| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
3016| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
3017| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
3018| [21719] Apache 2.0 Path Disclosure Vulnerability
3019| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
3020| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
3021| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
3022| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
3023| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
3024| [17691] Apache Struts < 2.2.0 - Remote Command Execution
3025| [15319] Apache 2.2 (Windows) Local Denial of Service
3026| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
3027| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
3028| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
3029| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
3030| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
3031| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
3032| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
3033| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
3034| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
3035| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
3036| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
3037| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
3038| [9] Apache HTTP Server 2.x Memory Leak Exploit
3039|
3040| OpenVAS (Nessus) - http://www.openvas.org:
3041| [855524] Solaris Update for Apache 2 120544-14
3042| [855077] Solaris Update for Apache 2 120543-14
3043| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
3044| [72626] Debian Security Advisory DSA 2579-1 (apache2)
3045| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
3046| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
3047| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
3048| [71256] Debian Security Advisory DSA 2452-1 (apache2)
3049| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
3050| [70724] Debian Security Advisory DSA 2405-1 (apache2)
3051| [70235] Debian Security Advisory DSA 2298-2 (apache2)
3052| [70233] Debian Security Advisory DSA 2298-1 (apache2)
3053| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
3054| [69338] Debian Security Advisory DSA 2202-1 (apache2)
3055| [65131] SLES9: Security update for Apache 2 oes/CORE
3056| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
3057| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
3058| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
3059| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
3060| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
3061| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
3062| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
3063| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
3064| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
3065| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
3066| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
3067| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
3068| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
3069| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
3070| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
3071| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
3072| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
3073| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
3074| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
3075| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
3076| [11092] Apache 2.0.39 Win32 directory traversal
3077| [66081] SLES11: Security update for Apache 2
3078| [66074] SLES10: Security update for Apache 2
3079| [66070] SLES9: Security update for Apache 2
3080| [65893] SLES10: Security update for Apache 2
3081| [65888] SLES10: Security update for Apache 2
3082| [65510] SLES9: Security update for Apache 2
3083| [65249] SLES9: Security update for Apache 2
3084| [65230] SLES9: Security update for Apache 2
3085| [65228] SLES9: Security update for Apache 2
3086| [65207] SLES9: Security update for Apache 2
3087| [65136] SLES9: Security update for Apache 2
3088| [65017] SLES9: Security update for Apache 2
3089|
3090| SecurityTracker - https://www.securitytracker.com:
3091| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
3092| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
3093| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
3094| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
3095| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
3096|
3097| OSVDB - http://www.osvdb.org:
3098| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
3099|_
3100Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3101Aggressive OS guesses: Linux 3.18 (99%), Linux 2.6.35 (98%), Tandberg VCS video conferencing system (98%), Synology DiskStation Manager 5.1 (98%), Linux 3.10 - 3.12 (98%), Linux 4.4 (98%), Linux 2.6.32 (97%), Linux 2.6.32 or 3.10 (97%), Linux 2.6.39 (97%), Linux 3.10 (97%)
3102No exact OS matches for host (test conditions non-ideal).
3103Uptime guess: 40.651 days (since Wed Sep 11 18:23:43 2019)
3104Network Distance: 11 hops
3105TCP Sequence Prediction: Difficulty=262 (Good luck!)
3106IP ID Sequence Generation: All zeros
3107
3108TRACEROUTE (using port 80/tcp)
3109HOP RTT ADDRESS
31101 193.79 ms 10.252.204.1
31112 336.66 ms 45.131.4.3
31123 336.62 ms 109.236.95.228
31134 336.70 ms 109.236.95.167
31145 336.72 ms amsix-200gbps.core1.ams1.he.net (80.249.209.150)
31156 336.75 ms 100ge16-1.core1.lon2.he.net (72.52.92.213)
31167 336.79 ms 100ge13-2.core1.nyc4.he.net (72.52.92.166)
31178 436.58 ms 100ge8-1.core1.sjc2.he.net (184.105.81.218)
31189 308.61 ms 100ge13-2.core1.sjc1.he.net (184.105.65.113)
311910 436.64 ms e0-50.core4.fmt1.he.net (184.105.65.214)
312011 236.08 ms respectwashington.us (65.49.16.26)
3121
3122NSE: Script Post-scanning.
3123Initiating NSE at 10:01
3124Completed NSE at 10:01, 0.00s elapsed
3125Initiating NSE at 10:01
3126Completed NSE at 10:01, 0.00s elapsed
3127######################################################################################################################################
3128------------------------------------------------------------------------------------------------------------------------
3129
3130[ ! ] Starting SCANNER INURLBR 2.1 at [22-10-2019 10:01:37]
3131[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
3132It is the end user's responsibility to obey all applicable local, state and federal laws.
3133Developers assume no liability and are not responsible for any misuse or damage caused by this program
3134
3135[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.respectwashington.us/output/inurlbr-www.respectwashington.us ]
3136[ INFO ][ DORK ]::[ site:www.respectwashington.us ]
3137[ INFO ][ SEARCHING ]:: {
3138[ INFO ][ ENGINE ]::[ GOOGLE - www.google.dm ]
3139
3140[ INFO ][ SEARCHING ]::
3141-[:::]
3142[ INFO ][ ENGINE ]::[ GOOGLE API ]
3143
3144[ INFO ][ SEARCHING ]::
3145-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3146[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.dz ID: 006748068166572874491:55ez0c3j3ey ]
3147
3148[ INFO ][ SEARCHING ]::
3149-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
3150
3151[ INFO ][ TOTAL FOUND VALUES ]:: [ 42 ]
3152
3153
3154 _[ - ]::--------------------------------------------------------------------------------------------------------------
3155|_[ + ] [ 0 / 42 ]-[10:01:57] [ - ]
3156|_[ + ] Target:: [ http://www.respectwashington.us/ ]
3157|_[ + ] Exploit::
3158|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3159|_[ + ] More details:: / - / , ISP:
3160|_[ + ] Found:: UNIDENTIFIED
3161
3162 _[ - ]::--------------------------------------------------------------------------------------------------------------
3163|_[ + ] [ 1 / 42 ]-[10:02:00] [ - ]
3164|_[ + ] Target:: [ http://www.respectwashington.us/petition.html ]
3165|_[ + ] Exploit::
3166|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3167|_[ + ] More details:: / - / , ISP:
3168|_[ + ] Found:: UNIDENTIFIED
3169
3170 _[ - ]::--------------------------------------------------------------------------------------------------------------
3171|_[ + ] [ 2 / 42 ]-[10:02:02] [ - ]
3172|_[ + ] Target:: [ http://www.respectwashington.us/support.html ]
3173|_[ + ] Exploit::
3174|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3175|_[ + ] More details:: / - / , ISP:
3176|_[ + ] Found:: UNIDENTIFIED
3177
3178 _[ - ]::--------------------------------------------------------------------------------------------------------------
3179|_[ + ] [ 3 / 42 ]-[10:02:04] [ - ]
3180|_[ + ] Target:: [ http://www.respectwashington.us/testimonials.html ]
3181|_[ + ] Exploit::
3182|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3183|_[ + ] More details:: / - / , ISP:
3184|_[ + ] Found:: UNIDENTIFIED
3185
3186 _[ - ]::--------------------------------------------------------------------------------------------------------------
3187|_[ + ] [ 4 / 42 ]-[10:02:06] [ - ]
3188|_[ + ] Target:: [ http://www.respectwashington.us/whyweneed.html ]
3189|_[ + ] Exploit::
3190|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3191|_[ + ] More details:: / - / , ISP:
3192|_[ + ] Found:: UNIDENTIFIED
3193
3194 _[ - ]::--------------------------------------------------------------------------------------------------------------
3195|_[ + ] [ 5 / 42 ]-[10:02:08] [ - ]
3196|_[ + ] Target:: [ http://www.respectwashington.us/volunteer.html ]
3197|_[ + ] Exploit::
3198|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3199|_[ + ] More details:: / - / , ISP:
3200|_[ + ] Found:: UNIDENTIFIED
3201
3202 _[ - ]::--------------------------------------------------------------------------------------------------------------
3203|_[ + ] [ 6 / 42 ]-[10:02:10] [ - ]
3204|_[ + ] Target:: [ http://www.respectwashington.us/donate.html ]
3205|_[ + ] Exploit::
3206|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3207|_[ + ] More details:: / - / , ISP:
3208|_[ + ] Found:: UNIDENTIFIED
3209
3210 _[ - ]::--------------------------------------------------------------------------------------------------------------
3211|_[ + ] [ 7 / 42 ]-[10:02:11] [ - ]
3212|_[ + ] Target:: [ http://www.respectwashington.us/contact.html ]
3213|_[ + ] Exploit::
3214|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3215|_[ + ] More details:: / - / , ISP:
3216|_[ + ] Found:: UNIDENTIFIED
3217
3218 _[ - ]::--------------------------------------------------------------------------------------------------------------
3219|_[ + ] [ 8 / 42 ]-[10:02:14] [ - ]
3220|_[ + ] Target:: [ http://www.respectwashington.us/legal-action.html ]
3221|_[ + ] Exploit::
3222|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3223|_[ + ] More details:: / - / , ISP:
3224|_[ + ] Found:: UNIDENTIFIED
3225
3226 _[ - ]::--------------------------------------------------------------------------------------------------------------
3227|_[ + ] [ 9 / 42 ]-[10:02:19] [ - ]
3228|_[ + ] Target:: [ http://www.respectwashington.us/BurienPolice2016Data.pdf ]
3229|_[ + ] Exploit::
3230|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3231|_[ + ] More details:: / - / , ISP:
3232|_[ + ] Found:: UNIDENTIFIED
3233
3234 _[ - ]::--------------------------------------------------------------------------------------------------------------
3235|_[ + ] [ 10 / 42 ]-[10:02:23] [ - ]
3236|_[ + ] Target:: [ http://www.respectwashington.us/BurienPetition.pdf ]
3237|_[ + ] Exploit::
3238|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3239|_[ + ] More details:: / - / , ISP:
3240|_[ + ] Found:: UNIDENTIFIED
3241
3242 _[ - ]::--------------------------------------------------------------------------------------------------------------
3243|_[ + ] [ 11 / 42 ]-[10:02:28] [ - ]
3244|_[ + ] Target:: [ http://www.respectwashington.us/FAIRWA2012.pdf ]
3245|_[ + ] Exploit::
3246|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3247|_[ + ] More details:: / - / , ISP:
3248|_[ + ] Found:: UNIDENTIFIED
3249
3250 _[ - ]::--------------------------------------------------------------------------------------------------------------
3251|_[ + ] [ 12 / 42 ]-[10:02:31] [ - ]
3252|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/TexasHarrisCountyVoteID.pdf ]
3253|_[ + ] Exploit::
3254|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3255|_[ + ] More details:: / - / , ISP:
3256|_[ + ] Found:: UNIDENTIFIED
3257
3258 _[ - ]::--------------------------------------------------------------------------------------------------------------
3259|_[ + ] [ 13 / 42 ]-[10:02:34] [ - ]
3260|_[ + ] Target:: [ http://www.respectwashington.us/Oregoneo0722.pdf ]
3261|_[ + ] Exploit::
3262|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3263|_[ + ] More details:: / - / , ISP:
3264|_[ + ] Found:: UNIDENTIFIED
3265
3266 _[ - ]::--------------------------------------------------------------------------------------------------------------
3267|_[ + ] [ 14 / 42 ]-[10:02:40] [ - ]
3268|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/RingMSJMar2011.pdf ]
3269|_[ + ] Exploit::
3270|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3271|_[ + ] More details:: / - / , ISP:
3272|_[ + ] Found:: UNIDENTIFIED
3273
3274 _[ - ]::--------------------------------------------------------------------------------------------------------------
3275|_[ + ] [ 15 / 42 ]-[10:02:46] [ - ]
3276|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/KingDismissMSJMar2011.pdf ]
3277|_[ + ] Exploit::
3278|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3279|_[ + ] More details:: / - / , ISP:
3280|_[ + ] Found:: UNIDENTIFIED
3281
3282 _[ - ]::--------------------------------------------------------------------------------------------------------------
3283|_[ + ] [ 16 / 42 ]-[10:02:51] [ - ]
3284|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/RingDeclareMar2011.pdf ]
3285|_[ + ] Exploit::
3286|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3287|_[ + ] More details:: / - / , ISP:
3288|_[ + ] Found:: UNIDENTIFIED
3289
3290 _[ - ]::--------------------------------------------------------------------------------------------------------------
3291|_[ + ] [ 17 / 42 ]-[10:02:57] [ - ]
3292|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/KingDefenseFeb2011.pdf ]
3293|_[ + ] Exploit::
3294|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3295|_[ + ] More details:: / - / , ISP:
3296|_[ + ] Found:: UNIDENTIFIED
3297
3298 _[ - ]::--------------------------------------------------------------------------------------------------------------
3299|_[ + ] [ 18 / 42 ]-[10:03:03] [ - ]
3300|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/SpakovskyHeritage28.pdf ]
3301|_[ + ] Exploit::
3302|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3303|_[ + ] More details:: / - / , ISP:
3304|_[ + ] Found:: UNIDENTIFIED
3305
3306 _[ - ]::--------------------------------------------------------------------------------------------------------------
3307|_[ + ] [ 19 / 42 ]-[10:03:05] [ - ]
3308|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/USHouseAdmin2006Bettencourt.pdf ]
3309|_[ + ] Exploit::
3310|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3311|_[ + ] More details:: / - / , ISP:
3312|_[ + ] Found:: UNIDENTIFIED
3313
3314 _[ - ]::--------------------------------------------------------------------------------------------------------------
3315|_[ + ] [ 20 / 42 ]-[10:03:11] [ - ]
3316|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/KingMSJDismissDeclMar2011.pdf ]
3317|_[ + ] Exploit::
3318|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3319|_[ + ] More details:: / - / , ISP:
3320|_[ + ] Found:: UNIDENTIFIED
3321
3322 _[ - ]::--------------------------------------------------------------------------------------------------------------
3323|_[ + ] [ 21 / 42 ]-[10:03:17] [ - ]
3324|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/RingPetitionNov2010.pdf ]
3325|_[ + ] Exploit::
3326|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3327|_[ + ] More details:: / - / , ISP:
3328|_[ + ] Found:: UNIDENTIFIED
3329
3330 _[ - ]::--------------------------------------------------------------------------------------------------------------
3331|_[ + ] [ 22 / 42 ]-[10:03:23] [ - ]
3332|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/GAO2005-478.pdf ]
3333|_[ + ] Exploit::
3334|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3335|_[ + ] More details:: / - / , ISP:
3336|_[ + ] Found:: UNIDENTIFIED
3337
3338 _[ - ]::--------------------------------------------------------------------------------------------------------------
3339|_[ + ] [ 23 / 42 ]-[10:03:28] [ - ]
3340|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/KingReplySupportDismissMSJApr25.pdf ]
3341|_[ + ] Exploit::
3342|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3343|_[ + ] More details:: / - / , ISP:
3344|_[ + ] Found:: UNIDENTIFIED
3345
3346 _[ - ]::--------------------------------------------------------------------------------------------------------------
3347|_[ + ] [ 24 / 42 ]-[10:03:32] [ - ]
3348|_[ + ] Target:: [ http://www.respectwashington.us/studies-and-reports/BearStearnsUnderground.pdf ]
3349|_[ + ] Exploit::
3350|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3351|_[ + ] More details:: / - / , ISP:
3352|_[ + ] Found:: UNIDENTIFIED
3353
3354 _[ - ]::--------------------------------------------------------------------------------------------------------------
3355|_[ + ] [ 25 / 42 ]-[10:03:37] [ - ]
3356|_[ + ] Target:: [ http://www.respectwashington.us/studies-and-reports/2005DHSHAudit6534.pdf ]
3357|_[ + ] Exploit::
3358|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3359|_[ + ] More details:: / - / , ISP:
3360|_[ + ] Found:: UNIDENTIFIED
3361
3362 _[ - ]::--------------------------------------------------------------------------------------------------------------
3363|_[ + ] [ 26 / 42 ]-[10:03:42] [ - ]
3364|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/WSCADwyerOpinon12-10-12.pdf ]
3365|_[ + ] Exploit::
3366|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3367|_[ + ] More details:: / - / , ISP:
3368|_[ + ] Found:: UNIDENTIFIED
3369
3370 _[ - ]::--------------------------------------------------------------------------------------------------------------
3371|_[ + ] [ 27 / 42 ]-[10:03:47] [ - ]
3372|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/WSSCDirectReviewGrounds6-24-11.pdf ]
3373|_[ + ] Exploit::
3374|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3375|_[ + ] More details:: / - / , ISP:
3376|_[ + ] Found:: UNIDENTIFIED
3377
3378 _[ - ]::--------------------------------------------------------------------------------------------------------------
3379|_[ + ] [ 28 / 42 ]-[10:03:49] [ - ]
3380|_[ + ] Target:: [ http://www.respectwashington.us/GomezSettlement SR 2018.pdf ]
3381|_[ + ] Exploit::
3382|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3383|_[ + ] More details:: / - / , ISP:
3384|_[ + ] Found:: UNIDENTIFIED
3385
3386 _[ - ]::--------------------------------------------------------------------------------------------------------------
3387|_[ + ] [ 29 / 42 ]-[10:03:52] [ - ]
3388|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/WSSCTransfer11-21-11.pdf ]
3389|_[ + ] Exploit::
3390|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3391|_[ + ] More details:: / - / , ISP:
3392|_[ + ] Found:: UNIDENTIFIED
3393
3394 _[ - ]::--------------------------------------------------------------------------------------------------------------
3395|_[ + ] [ 30 / 42 ]-[10:03:54] [ - ]
3396|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/ORDERGRANTINGKingMSJDis5-10-11.pdf ]
3397|_[ + ] Exploit::
3398|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3399|_[ + ] More details:: / - / , ISP:
3400|_[ + ] Found:: UNIDENTIFIED
3401
3402 _[ - ]::--------------------------------------------------------------------------------------------------------------
3403|_[ + ] [ 31 / 42 ]-[10:04:00] [ - ]
3404|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/WSSCAppealOpenBrief-Amended9-6-11.pdf ]
3405|_[ + ] Exploit::
3406|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3407|_[ + ] More details:: / - / , ISP:
3408|_[ + ] Found:: UNIDENTIFIED
3409
3410 _[ - ]::--------------------------------------------------------------------------------------------------------------
3411|_[ + ] [ 32 / 42 ]-[10:04:04] [ - ]
3412|_[ + ] Target:: [ http://www.respectwashington.us/legal-documents/DECLARSTEPHENSAG4-18-11424.pdf ]
3413|_[ + ] Exploit::
3414|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3415|_[ + ] More details:: / - / , ISP:
3416|_[ + ] Found:: UNIDENTIFIED
3417
3418 _[ - ]::--------------------------------------------------------------------------------------------------------------
3419|_[ + ] [ 33 / 42 ]-[10:04:06] [ - ]
3420|_[ + ] Target:: [ http://www.respectwashington.us/Spokane Appellant Opening Brief.pdf ]
3421|_[ + ] Exploit::
3422|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3423|_[ + ] More details:: / - / , ISP:
3424|_[ + ] Found:: UNIDENTIFIED
3425
3426 _[ - ]::--------------------------------------------------------------------------------------------------------------
3427|_[ + ] [ 34 / 42 ]-[10:04:08] [ - ]
3428|_[ + ] Target:: [ http://www.respectwashington.us/DoJ Incarcerated Aliens 2017.pdf ]
3429|_[ + ] Exploit::
3430|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3431|_[ + ] More details:: / - / , ISP:
3432|_[ + ] Found:: UNIDENTIFIED
3433
3434 _[ - ]::--------------------------------------------------------------------------------------------------------------
3435|_[ + ] [ 35 / 42 ]-[10:04:09] [ - ]
3436|_[ + ] Target:: [ http://www.respectwashington.us/001 Diaz-Garcia Rape INFORMATION.pdf ]
3437|_[ + ] Exploit::
3438|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3439|_[ + ] More details:: / - / , ISP:
3440|_[ + ] Found:: UNIDENTIFIED
3441
3442 _[ - ]::--------------------------------------------------------------------------------------------------------------
3443|_[ + ] [ 36 / 42 ]-[10:04:12] [ - ]
3444|_[ + ] Target:: [ http://www.respectwashington.us/DoC2014CrimeIllegals.pdf ]
3445|_[ + ] Exploit::
3446|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3447|_[ + ] More details:: / - / , ISP:
3448|_[ + ] Found:: UNIDENTIFIED
3449
3450 _[ - ]::--------------------------------------------------------------------------------------------------------------
3451|_[ + ] [ 37 / 42 ]-[10:04:14] [ - ]
3452|_[ + ] Target:: [ http://www.respectwashington.us/001 Gomez v Spokane Complaint.pdf ]
3453|_[ + ] Exploit::
3454|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3455|_[ + ] More details:: / - / , ISP:
3456|_[ + ] Found:: UNIDENTIFIED
3457
3458 _[ - ]::--------------------------------------------------------------------------------------------------------------
3459|_[ + ] [ 38 / 42 ]-[10:04:15] [ - ]
3460|_[ + ] Target:: [ http://www.respectwashington.us/001 Diaz-Garcia Child Molest INFORMATION.pdf ]
3461|_[ + ] Exploit::
3462|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3463|_[ + ] More details:: / - / , ISP:
3464|_[ + ] Found:: UNIDENTIFIED
3465
3466 _[ - ]::--------------------------------------------------------------------------------------------------------------
3467|_[ + ] [ 39 / 42 ]-[10:04:17] [ - ]
3468|_[ + ] Target:: [ http://www.respectwashington.us/022 Gomez v Spokane Status Report.pdf ]
3469|_[ + ] Exploit::
3470|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3471|_[ + ] More details:: / - / , ISP:
3472|_[ + ] Found:: UNIDENTIFIED
3473
3474 _[ - ]::--------------------------------------------------------------------------------------------------------------
3475|_[ + ] [ 40 / 42 ]-[10:04:19] [ - ]
3476|_[ + ] Target:: [ http://www.respectwashington.us/studies-and-reports/11 03 08 FINAL whitepaper.pdf ]
3477|_[ + ] Exploit::
3478|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3479|_[ + ] More details:: / - / , ISP:
3480|_[ + ] Found:: UNIDENTIFIED
3481
3482 _[ - ]::--------------------------------------------------------------------------------------------------------------
3483|_[ + ] [ 41 / 42 ]-[10:04:21] [ - ]
3484|_[ + ] Target:: [ http://www.respectwashington.us/studies-and-reports/REAL ID Not National ID Card.pdf ]
3485|_[ + ] Exploit::
3486|_[ + ] Information Server:: HTTP/1.1 400 Bad Request, Server: Apache/2.4.18 (Ubuntu) , IP:65.49.16.26:80
3487|_[ + ] More details:: / - / , ISP:
3488|_[ + ] Found:: UNIDENTIFIED
3489
3490[ INFO ] [ Shutting down ]
3491[ INFO ] [ End of process INURLBR at [22-10-2019 10:04:21]
3492[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
3493[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.respectwashington.us/output/inurlbr-www.respectwashington.us ]
3494|_________________________________________________________________________________________
3495
3496\_________________________________________________________________________________________/
3497######################################################################################################################################
3498Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 10:04 EDT
3499Nmap scan report for www.respectwashington.us (65.49.16.26)
3500Host is up (0.32s latency).
3501rDNS record for 65.49.16.26: respectwashington.us
3502
3503PORT STATE SERVICE VERSION
3504110/tcp open pop3 Dovecot pop3d
3505| pop3-brute:
3506| Accounts: No valid accounts found
3507| Statistics: Performed 45 guesses in 35 seconds, average tps: 1.3
3508|_ ERROR: Failed to connect.
3509|_pop3-capabilities: STLS AUTH-RESP-CODE SASL(PLAIN LOGIN) TOP CAPA UIDL RESP-CODES USER PIPELINING
3510| vulscan: VulDB - https://vuldb.com:
3511| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
3512| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
3513| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
3514| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
3515| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
3516| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
3517| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
3518| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
3519| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
3520| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
3521| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
3522| [69835] Dovecot 2.2.0/2.2.1 denial of service
3523| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
3524| [65684] Dovecot up to 2.2.6 unknown vulnerability
3525| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
3526| [63692] Dovecot up to 2.0.15 spoofing
3527| [7062] Dovecot 2.1.10 mail-search.c denial of service
3528| [57517] Dovecot up to 2.0.12 Login directory traversal
3529| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
3530| [57515] Dovecot up to 2.0.12 Crash denial of service
3531| [54944] Dovecot up to 1.2.14 denial of service
3532| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
3533| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
3534| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
3535| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
3536| [53277] Dovecot up to 1.2.10 denial of service
3537| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
3538| [45256] Dovecot up to 1.1.5 directory traversal
3539| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
3540| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
3541| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
3542| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
3543| [40356] Dovecot 1.0.9 Cache unknown vulnerability
3544| [38222] Dovecot 1.0.2 directory traversal
3545| [36376] Dovecot up to 1.0.x directory traversal
3546| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
3547|
3548| MITRE CVE - https://cve.mitre.org:
3549| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
3550| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
3551| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
3552| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
3553| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
3554| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
3555| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
3556| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
3557| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
3558| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
3559| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
3560| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
3561| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
3562| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
3563| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
3564| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
3565| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
3566| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
3567| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
3568| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
3569| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
3570| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
3571| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
3572| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
3573| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
3574| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
3575| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
3576| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
3577| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
3578| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
3579| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
3580| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
3581| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
3582| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
3583| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
3584| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
3585| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
3586|
3587| SecurityFocus - https://www.securityfocus.com/bid/:
3588| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
3589| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
3590| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
3591| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
3592| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
3593| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
3594| [67306] Dovecot Denial of Service Vulnerability
3595| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
3596| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
3597| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
3598| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
3599| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
3600| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
3601| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
3602| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
3603| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
3604| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
3605| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
3606| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
3607| [39838] tpop3d Remote Denial of Service Vulnerability
3608| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
3609| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
3610| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
3611| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
3612| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
3613| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
3614| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
3615| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
3616| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
3617| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
3618| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
3619| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
3620| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
3621| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
3622| [17961] Dovecot Remote Information Disclosure Vulnerability
3623| [16672] Dovecot Double Free Denial of Service Vulnerability
3624| [8495] akpop3d User Name SQL Injection Vulnerability
3625| [8473] Vpop3d Remote Denial Of Service Vulnerability
3626| [3990] ZPop3D Bad Login Logging Failure Vulnerability
3627| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
3628|
3629| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3630| [86382] Dovecot POP3 Service denial of service
3631| [84396] Dovecot IMAP APPEND denial of service
3632| [80453] Dovecot mail-search.c denial of service
3633| [71354] Dovecot SSL Common Name (CN) weak security
3634| [67675] Dovecot script-login security bypass
3635| [67674] Dovecot script-login directory traversal
3636| [67589] Dovecot header name denial of service
3637| [63267] Apple Mac OS X Dovecot information disclosure
3638| [62340] Dovecot mailbox security bypass
3639| [62339] Dovecot IMAP or POP3 denial of service
3640| [62256] Dovecot mailbox security bypass
3641| [62255] Dovecot ACL entry security bypass
3642| [60639] Dovecot ACL plugin weak security
3643| [57267] Apple Mac OS X Dovecot Kerberos security bypass
3644| [56763] Dovecot header denial of service
3645| [54363] Dovecot base_dir privilege escalation
3646| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
3647| [46323] Dovecot dovecot.conf information disclosure
3648| [46227] Dovecot message parsing denial of service
3649| [45669] Dovecot ACL mailbox security bypass
3650| [45667] Dovecot ACL plugin rights security bypass
3651| [41085] Dovecot TAB characters authentication bypass
3652| [41009] Dovecot mail_extra_groups option unauthorized access
3653| [39342] Dovecot LDAP auth cache configuration security bypass
3654| [35767] Dovecot ACL plugin security bypass
3655| [34082] Dovecot mbox-storage.c directory traversal
3656| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
3657| [26578] Cyrus IMAP pop3d buffer overflow
3658| [26536] Dovecot IMAP LIST information disclosure
3659| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
3660| [24709] Dovecot APPEND command denial of service
3661| [13018] akpop3d authentication code SQL injection
3662| [7345] Slackware Linux imapd and ipop3d core dump
3663| [6269] imap, ipop2d and ipop3d buffer overflows
3664| [5923] Linuxconf vpop3d symbolic link
3665| [4918] IPOP3D, Buffer overflow attack
3666| [1560] IPOP3D, user login successful
3667| [1559] IPOP3D user login to remote host successful
3668| [1525] IPOP3D, user logout
3669| [1524] IPOP3D, user auto-logout
3670| [1523] IPOP3D, user login failure
3671| [1522] IPOP3D, brute force attack
3672| [1521] IPOP3D, user kiss of death logout
3673| [418] pop3d mktemp creates insecure temporary files
3674|
3675| Exploit-DB - https://www.exploit-db.com:
3676| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
3677| [23053] Vpop3d Remote Denial of Service Vulnerability
3678| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
3679| [11893] tPop3d 1.5.3 DoS
3680| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
3681| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
3682| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
3683| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
3684|
3685| OpenVAS (Nessus) - http://www.openvas.org:
3686| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
3687| [901025] Dovecot Version Detection
3688| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
3689| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
3690| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
3691| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
3692| [870607] RedHat Update for dovecot RHSA-2011:0600-01
3693| [870471] RedHat Update for dovecot RHSA-2011:1187-01
3694| [870153] RedHat Update for dovecot RHSA-2008:0297-02
3695| [863272] Fedora Update for dovecot FEDORA-2011-7612
3696| [863115] Fedora Update for dovecot FEDORA-2011-7258
3697| [861525] Fedora Update for dovecot FEDORA-2007-664
3698| [861394] Fedora Update for dovecot FEDORA-2007-493
3699| [861333] Fedora Update for dovecot FEDORA-2007-1485
3700| [860845] Fedora Update for dovecot FEDORA-2008-9202
3701| [860663] Fedora Update for dovecot FEDORA-2008-2475
3702| [860169] Fedora Update for dovecot FEDORA-2008-2464
3703| [860089] Fedora Update for dovecot FEDORA-2008-9232
3704| [840950] Ubuntu Update for dovecot USN-1295-1
3705| [840668] Ubuntu Update for dovecot USN-1143-1
3706| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
3707| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
3708| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
3709| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
3710| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
3711| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
3712| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
3713| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
3714| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
3715| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
3716| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
3717| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
3718| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
3719| [70259] FreeBSD Ports: dovecot
3720| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
3721| [66522] FreeBSD Ports: dovecot
3722| [65010] Ubuntu USN-838-1 (dovecot)
3723| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
3724| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
3725| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
3726| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
3727| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
3728| [62854] FreeBSD Ports: dovecot-managesieve
3729| [61916] FreeBSD Ports: dovecot
3730| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
3731| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
3732| [60528] FreeBSD Ports: dovecot
3733| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
3734| [60089] FreeBSD Ports: dovecot
3735| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
3736| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
3737|
3738| SecurityTracker - https://www.securitytracker.com:
3739| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
3740| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
3741| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
3742|
3743| OSVDB - http://www.osvdb.org:
3744| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
3745| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
3746| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
3747| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
3748| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
3749| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
3750| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
3751| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
3752| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
3753| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
3754| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
3755| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
3756| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
3757| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
3758| [66113] Dovecot Mail Root Directory Creation Permission Weakness
3759| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
3760| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
3761| [66110] Dovecot Multiple Unspecified Buffer Overflows
3762| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
3763| [64783] Dovecot E-mail Message Header Unspecified DoS
3764| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
3765| [62796] Dovecot mbox Format Email Header Handling DoS
3766| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
3767| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
3768| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
3769| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
3770| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
3771| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
3772| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
3773| [43137] Dovecot mail_extra_groups Symlink File Manipulation
3774| [42979] Dovecot passdbs Argument Injection Authentication Bypass
3775| [39876] Dovecot LDAP Auth Cache Security Bypass
3776| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
3777| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
3778| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
3779| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
3780| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
3781| [23281] Dovecot imap/pop3-login dovecot-auth DoS
3782| [23280] Dovecot Malformed APPEND Command DoS
3783| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
3784| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
3785| [5857] Linux pop3d Arbitrary Mail File Access
3786| [2471] akpop3d username SQL Injection
3787|_
3788Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3789Aggressive OS guesses: Linux 4.4 (99%), Linux 3.18 (99%), Linux 2.6.32 (98%), Linux 2.6.32 or 3.10 (98%), Linux 2.6.35 (98%), Linux 3.10 (98%), Linux 3.4 (98%), Linux 3.5 (98%), Linux 3.7 (98%), Linux 4.2 (98%)
3790No exact OS matches for host (test conditions non-ideal).
3791Network Distance: 11 hops
3792
3793TRACEROUTE (using port 110/tcp)
3794HOP RTT ADDRESS
37951 292.61 ms 10.252.204.1
37962 244.39 ms 45.131.4.2
37973 145.10 ms 109.236.95.224
37984 244.45 ms 109.236.95.173
37995 244.48 ms amsix-200gbps.core1.ams1.he.net (80.249.209.150)
38006 244.51 ms 100ge16-1.core1.lon2.he.net (72.52.92.213)
38017 244.54 ms 100ge13-2.core1.nyc4.he.net (72.52.92.166)
38028 344.30 ms 100ge8-1.core1.sjc2.he.net (184.105.81.218)
38039 344.33 ms 100ge13-2.core1.sjc1.he.net (184.105.65.113)
380410 344.30 ms e0-50.core4.fmt1.he.net (184.105.65.214)
380511 344.32 ms respectwashington.us (65.49.16.26)
3806#######################################################################################################################################
3807https://www.respectwashington.us [403 Forbidden] Apache[2.4.18], Country[UNITED STATES][US], HTTPServer[Ubuntu Linux][Apache/2.4.18 (Ubuntu)], IP[65.49.16.26], Title[403 Forbidden]
3808######################################################################################################################################
3809Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:05 EDT
3810Nmap scan report for respectwashington.us (65.49.16.26)
3811Host is up (0.65s latency).
3812Not shown: 992 closed ports
3813PORT STATE SERVICE
381480/tcp open http
3815110/tcp open pop3
3816143/tcp open imap
3817443/tcp open https
3818465/tcp open smtps
3819587/tcp open submission
3820993/tcp open imaps
3821995/tcp open pop3s
3822
3823Nmap done: 1 IP address (1 host up) scanned in 3.63 seconds
3824#######################################################################################################################################
3825Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:05 EDT
3826Nmap scan report for respectwashington.us (65.49.16.26)
3827Host is up (0.33s latency).
3828Not shown: 12 closed ports, 2 filtered ports
3829PORT STATE SERVICE
38302049/udp open|filtered nfs
3831
3832Nmap done: 1 IP address (1 host up) scanned in 8.51 seconds
3833#######################################################################################################################################
3834HTTP/1.1 200 OK
3835Date: Tue, 22 Oct 2019 13:05:33 GMT
3836Server: Apache/2.4.18 (Ubuntu)
3837Vary: Host,Accept-Encoding
3838Last-Modified: Fri, 23 Feb 2018 15:15:28 GMT
3839ETag: "8956-565e2a1613be1"
3840Accept-Ranges: bytes
3841Content-Length: 35158
3842Content-Type: text/html
3843
3844Allow: GET,HEAD,POST,OPTIONS
3845#######################################################################################################################################
3846<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Top Nav XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
3847<!--Second row-->
3848<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX End Top Nav XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
3849<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX About the legislation XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -->
3850<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Cost of the legislation XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -->
3851<!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXX Quote from WA Sate Constitution XXXXXXXXXXXXXXXXXXXXXXXXXXX -->
3852 <!-- XXXXXXXXXXXXXXXXXXXX "Keep it Legal" logo XXXXXXXXXXXXXXXXX-->
3853<!-- XXXXXXXXXXXXXXXXXX End "Keep it Legal" logo XXXXXXXXXXXXXXXXX-->
3854#######################################################################################################################################
3855http://www.w3.org/1999/xhtml
3856text/css
3857-//W3C//DTD XHTML 1.0 Transitional//EN
3858######################################################################################################################################
3859http://65.49.16.26 [200 OK] Apache[2.4.18], Country[UNITED STATES][US], Email[info@RespectWashington.us], HTTPServer[Ubuntu Linux][Apache/2.4.18 (Ubuntu)], IP[65.49.16.26], Title[RespectWashington]
3860######################################################################################################################################
3861
3862wig - WebApp Information Gatherer
3863
3864
3865Scanning http://65.49.16.26...
3866_________________ SITE INFO __________________
3867IP Title
386865.49.16.26 RespectWashington
3869
3870__________________ VERSION ___________________
3871Name Versions Type
3872Apache 2.4.18 Platform
3873Ubuntu 16.04 OS
3874
3875______________________________________________
3876Time: 53.8 sec Urls: 603 Fingerprints: 40401
3877#######################################################################################################################################
3878Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:07 EDT
3879Nmap scan report for respectwashington.us (65.49.16.26)
3880Host is up (0.34s latency).
3881
3882PORT STATE SERVICE VERSION
3883110/tcp open pop3 Dovecot pop3d
3884| pop3-brute:
3885| Accounts: No valid accounts found
3886| Statistics: Performed 55 guesses in 49 seconds, average tps: 1.0
3887|_ ERROR: Failed to connect.
3888|_pop3-capabilities: TOP CAPA PIPELINING RESP-CODES STLS SASL(PLAIN LOGIN) AUTH-RESP-CODE UIDL USER
3889| vulscan: VulDB - https://vuldb.com:
3890| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
3891| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
3892| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
3893| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
3894| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
3895| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
3896| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
3897| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
3898| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
3899| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
3900| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
3901| [69835] Dovecot 2.2.0/2.2.1 denial of service
3902| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
3903| [65684] Dovecot up to 2.2.6 unknown vulnerability
3904| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
3905| [63692] Dovecot up to 2.0.15 spoofing
3906| [7062] Dovecot 2.1.10 mail-search.c denial of service
3907| [57517] Dovecot up to 2.0.12 Login directory traversal
3908| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
3909| [57515] Dovecot up to 2.0.12 Crash denial of service
3910| [54944] Dovecot up to 1.2.14 denial of service
3911| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
3912| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
3913| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
3914| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
3915| [53277] Dovecot up to 1.2.10 denial of service
3916| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
3917| [45256] Dovecot up to 1.1.5 directory traversal
3918| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
3919| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
3920| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
3921| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
3922| [40356] Dovecot 1.0.9 Cache unknown vulnerability
3923| [38222] Dovecot 1.0.2 directory traversal
3924| [36376] Dovecot up to 1.0.x directory traversal
3925| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
3926|
3927| MITRE CVE - https://cve.mitre.org:
3928| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
3929| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
3930| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
3931| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
3932| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
3933| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
3934| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
3935| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
3936| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
3937| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
3938| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
3939| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
3940| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
3941| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
3942| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
3943| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
3944| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
3945| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
3946| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
3947| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
3948| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
3949| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
3950| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
3951| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
3952| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
3953| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
3954| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
3955| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
3956| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
3957| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
3958| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
3959| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
3960| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
3961| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
3962| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
3963| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
3964| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
3965|
3966| SecurityFocus - https://www.securityfocus.com/bid/:
3967| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
3968| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
3969| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
3970| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
3971| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
3972| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
3973| [67306] Dovecot Denial of Service Vulnerability
3974| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
3975| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
3976| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
3977| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
3978| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
3979| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
3980| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
3981| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
3982| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
3983| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
3984| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
3985| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
3986| [39838] tpop3d Remote Denial of Service Vulnerability
3987| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
3988| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
3989| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
3990| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
3991| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
3992| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
3993| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
3994| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
3995| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
3996| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
3997| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
3998| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
3999| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
4000| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
4001| [17961] Dovecot Remote Information Disclosure Vulnerability
4002| [16672] Dovecot Double Free Denial of Service Vulnerability
4003| [8495] akpop3d User Name SQL Injection Vulnerability
4004| [8473] Vpop3d Remote Denial Of Service Vulnerability
4005| [3990] ZPop3D Bad Login Logging Failure Vulnerability
4006| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
4007|
4008| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4009| [86382] Dovecot POP3 Service denial of service
4010| [84396] Dovecot IMAP APPEND denial of service
4011| [80453] Dovecot mail-search.c denial of service
4012| [71354] Dovecot SSL Common Name (CN) weak security
4013| [67675] Dovecot script-login security bypass
4014| [67674] Dovecot script-login directory traversal
4015| [67589] Dovecot header name denial of service
4016| [63267] Apple Mac OS X Dovecot information disclosure
4017| [62340] Dovecot mailbox security bypass
4018| [62339] Dovecot IMAP or POP3 denial of service
4019| [62256] Dovecot mailbox security bypass
4020| [62255] Dovecot ACL entry security bypass
4021| [60639] Dovecot ACL plugin weak security
4022| [57267] Apple Mac OS X Dovecot Kerberos security bypass
4023| [56763] Dovecot header denial of service
4024| [54363] Dovecot base_dir privilege escalation
4025| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
4026| [46323] Dovecot dovecot.conf information disclosure
4027| [46227] Dovecot message parsing denial of service
4028| [45669] Dovecot ACL mailbox security bypass
4029| [45667] Dovecot ACL plugin rights security bypass
4030| [41085] Dovecot TAB characters authentication bypass
4031| [41009] Dovecot mail_extra_groups option unauthorized access
4032| [39342] Dovecot LDAP auth cache configuration security bypass
4033| [35767] Dovecot ACL plugin security bypass
4034| [34082] Dovecot mbox-storage.c directory traversal
4035| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
4036| [26578] Cyrus IMAP pop3d buffer overflow
4037| [26536] Dovecot IMAP LIST information disclosure
4038| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
4039| [24709] Dovecot APPEND command denial of service
4040| [13018] akpop3d authentication code SQL injection
4041| [7345] Slackware Linux imapd and ipop3d core dump
4042| [6269] imap, ipop2d and ipop3d buffer overflows
4043| [5923] Linuxconf vpop3d symbolic link
4044| [4918] IPOP3D, Buffer overflow attack
4045| [1560] IPOP3D, user login successful
4046| [1559] IPOP3D user login to remote host successful
4047| [1525] IPOP3D, user logout
4048| [1524] IPOP3D, user auto-logout
4049| [1523] IPOP3D, user login failure
4050| [1522] IPOP3D, brute force attack
4051| [1521] IPOP3D, user kiss of death logout
4052| [418] pop3d mktemp creates insecure temporary files
4053|
4054| Exploit-DB - https://www.exploit-db.com:
4055| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
4056| [23053] Vpop3d Remote Denial of Service Vulnerability
4057| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
4058| [11893] tPop3d 1.5.3 DoS
4059| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
4060| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
4061| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
4062| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
4063|
4064| OpenVAS (Nessus) - http://www.openvas.org:
4065| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
4066| [901025] Dovecot Version Detection
4067| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
4068| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
4069| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
4070| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
4071| [870607] RedHat Update for dovecot RHSA-2011:0600-01
4072| [870471] RedHat Update for dovecot RHSA-2011:1187-01
4073| [870153] RedHat Update for dovecot RHSA-2008:0297-02
4074| [863272] Fedora Update for dovecot FEDORA-2011-7612
4075| [863115] Fedora Update for dovecot FEDORA-2011-7258
4076| [861525] Fedora Update for dovecot FEDORA-2007-664
4077| [861394] Fedora Update for dovecot FEDORA-2007-493
4078| [861333] Fedora Update for dovecot FEDORA-2007-1485
4079| [860845] Fedora Update for dovecot FEDORA-2008-9202
4080| [860663] Fedora Update for dovecot FEDORA-2008-2475
4081| [860169] Fedora Update for dovecot FEDORA-2008-2464
4082| [860089] Fedora Update for dovecot FEDORA-2008-9232
4083| [840950] Ubuntu Update for dovecot USN-1295-1
4084| [840668] Ubuntu Update for dovecot USN-1143-1
4085| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
4086| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
4087| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
4088| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
4089| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
4090| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
4091| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
4092| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
4093| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
4094| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
4095| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
4096| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
4097| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
4098| [70259] FreeBSD Ports: dovecot
4099| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
4100| [66522] FreeBSD Ports: dovecot
4101| [65010] Ubuntu USN-838-1 (dovecot)
4102| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
4103| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
4104| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
4105| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
4106| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
4107| [62854] FreeBSD Ports: dovecot-managesieve
4108| [61916] FreeBSD Ports: dovecot
4109| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
4110| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
4111| [60528] FreeBSD Ports: dovecot
4112| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
4113| [60089] FreeBSD Ports: dovecot
4114| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
4115| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
4116|
4117| SecurityTracker - https://www.securitytracker.com:
4118| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
4119| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
4120| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
4121|
4122| OSVDB - http://www.osvdb.org:
4123| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
4124| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
4125| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
4126| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
4127| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
4128| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
4129| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
4130| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
4131| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
4132| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
4133| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
4134| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
4135| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
4136| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
4137| [66113] Dovecot Mail Root Directory Creation Permission Weakness
4138| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
4139| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
4140| [66110] Dovecot Multiple Unspecified Buffer Overflows
4141| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
4142| [64783] Dovecot E-mail Message Header Unspecified DoS
4143| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
4144| [62796] Dovecot mbox Format Email Header Handling DoS
4145| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
4146| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
4147| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
4148| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
4149| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
4150| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
4151| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
4152| [43137] Dovecot mail_extra_groups Symlink File Manipulation
4153| [42979] Dovecot passdbs Argument Injection Authentication Bypass
4154| [39876] Dovecot LDAP Auth Cache Security Bypass
4155| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
4156| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
4157| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
4158| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
4159| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
4160| [23281] Dovecot imap/pop3-login dovecot-auth DoS
4161| [23280] Dovecot Malformed APPEND Command DoS
4162| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
4163| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
4164| [5857] Linux pop3d Arbitrary Mail File Access
4165| [2471] akpop3d username SQL Injection
4166|_
4167Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4168Aggressive OS guesses: Linux 3.10 - 3.12 (99%), Linux 4.4 (99%), Linux 3.18 (99%), Linux 2.6.32 (98%), Linux 2.6.35 (98%), Linux 2.6.39 (98%), Linux 3.10 (98%), Linux 3.4 (98%), Linux 3.5 (98%), Linux 3.7 (98%)
4169No exact OS matches for host (test conditions non-ideal).
4170Network Distance: 11 hops
4171
4172TRACEROUTE (using port 110/tcp)
4173HOP RTT ADDRESS
41741 240.15 ms 10.252.204.1
41752 716.83 ms 45.131.4.2
41763 201.33 ms 109.236.95.226
41774 300.79 ms 109.236.95.106
41785 300.84 ms amsix-200gbps.core1.ams1.he.net (80.249.209.150)
41796 300.87 ms 100ge16-1.core1.lon2.he.net (72.52.92.213)
41807 300.94 ms 100ge13-2.core1.nyc4.he.net (72.52.92.166)
41818 442.90 ms 100ge8-1.core1.sjc2.he.net (184.105.81.218)
41829 442.94 ms 100ge13-2.core1.sjc1.he.net (184.105.65.113)
418310 442.94 ms e0-50.core4.fmt1.he.net (184.105.65.214)
418411 300.99 ms respectwashington.us (65.49.16.26)
4185#######################################################################################################################################
4186https://65.49.16.26 [200 OK] Apache[2.4.18], Country[UNITED STATES][US], Email[info@RespectWashington.us], HTTPServer[Ubuntu Linux][Apache/2.4.18 (Ubuntu)], IP[65.49.16.26], Title[RespectWashington]
4187######################################################################################################################################
4188Version: 1.11.13-static
4189OpenSSL 1.0.2-chacha (1.0.2g-dev)
4190
4191Connected to 65.49.16.26
4192
4193Testing SSL server 65.49.16.26 on port 443 using SNI name 65.49.16.26
4194
4195 TLS Fallback SCSV:
4196Server supports TLS Fallback SCSV
4197
4198 TLS renegotiation:
4199Secure session renegotiation supported
4200
4201 TLS Compression:
4202Compression disabled
4203
4204 Heartbleed:
4205TLS 1.2 not vulnerable to heartbleed
4206TLS 1.1 not vulnerable to heartbleed
4207TLS 1.0 not vulnerable to heartbleed
4208
4209 Supported Server Cipher(s):
4210Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
4211Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
4212Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4213Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
4214Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
4215Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4216Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4217Accepted TLSv1.2 256 bits AES256-GCM-SHA384
4218Accepted TLSv1.2 256 bits AES256-SHA256
4219Accepted TLSv1.2 256 bits AES256-SHA
4220Accepted TLSv1.2 256 bits CAMELLIA256-SHA
4221Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
4222Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
4223Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4224Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
4225Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
4226Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4227Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4228Accepted TLSv1.2 128 bits AES128-GCM-SHA256
4229Accepted TLSv1.2 128 bits AES128-SHA256
4230Accepted TLSv1.2 128 bits AES128-SHA
4231Accepted TLSv1.2 128 bits CAMELLIA128-SHA
4232Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4233Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4234Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4235Accepted TLSv1.1 256 bits AES256-SHA
4236Accepted TLSv1.1 256 bits CAMELLIA256-SHA
4237Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4238Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4239Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4240Accepted TLSv1.1 128 bits AES128-SHA
4241Accepted TLSv1.1 128 bits CAMELLIA128-SHA
4242Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4243Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4244Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
4245Accepted TLSv1.0 256 bits AES256-SHA
4246Accepted TLSv1.0 256 bits CAMELLIA256-SHA
4247Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4248Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4249Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
4250Accepted TLSv1.0 128 bits AES128-SHA
4251Accepted TLSv1.0 128 bits CAMELLIA128-SHA
4252
4253 SSL Certificate:
4254Signature Algorithm: sha256WithRSAEncryption
4255RSA Key Strength: 2048
4256
4257Subject: respectwashington.us
4258Altnames: DNS:keller4america.us, DNS:mail.respectwashington.us, DNS:respectwashington.us, DNS:www.keller4america.us, DNS:www.respectwashington.us
4259Issuer: Let's Encrypt Authority X3
4260
4261Not valid before: Sep 23 10:50:34 2019 GMT
4262Not valid after: Dec 22 10:50:34 2019 GMT
4263#######################################################################################################################################
4264--------------------------------------------------------
4265<<<Yasuo discovered following vulnerable applications>>>
4266--------------------------------------------------------
4267+-----------------+-----------------------------------+--------------------------------------------------+-----------+-----------+
4268| App Name | URL to Application | Potential Exploit | Username | Password |
4269+-----------------+-----------------------------------+--------------------------------------------------+-----------+-----------+
4270| phpMyAdmin | http://65.49.16.26:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
4271| Linksys WRT54GL | https://65.49.16.26:443/apply.cgi | ./auxiliary/admin/http/linksys_wrt54gl_exec.rb | Not Found | Not Found |
4272+-----------------+-----------------------------------+--------------------------------------------------+-----------+-----------+
4273######################################################################################################################################
4274Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:15 EDT
4275NSE: Loaded 47 scripts for scanning.
4276NSE: Script Pre-scanning.
4277Initiating NSE at 09:15
4278Completed NSE at 09:15, 0.00s elapsed
4279Initiating NSE at 09:15
4280Completed NSE at 09:15, 0.00s elapsed
4281Initiating Ping Scan at 09:15
4282Scanning 65.49.16.26 [4 ports]
4283Completed Ping Scan at 09:15, 0.28s elapsed (1 total hosts)
4284Initiating Parallel DNS resolution of 1 host. at 09:15
4285Completed Parallel DNS resolution of 1 host. at 09:15, 0.02s elapsed
4286Initiating SYN Stealth Scan at 09:15
4287Scanning respectwashington.us (65.49.16.26) [65535 ports]
4288Discovered open port 587/tcp on 65.49.16.26
4289Discovered open port 80/tcp on 65.49.16.26
4290Discovered open port 443/tcp on 65.49.16.26
4291SYN Stealth Scan Timing: About 1.26% done; ETC: 09:56 (0:40:25 remaining)
4292SYN Stealth Scan Timing: About 2.12% done; ETC: 10:03 (0:47:00 remaining)
4293SYN Stealth Scan Timing: About 4.01% done; ETC: 09:53 (0:36:18 remaining)
4294SYN Stealth Scan Timing: About 12.48% done; ETC: 09:31 (0:14:09 remaining)
4295SYN Stealth Scan Timing: About 30.58% done; ETC: 09:34 (0:13:19 remaining)
4296Discovered open port 47025/tcp on 65.49.16.26
4297SYN Stealth Scan Timing: About 39.08% done; ETC: 09:36 (0:12:20 remaining)
4298SYN Stealth Scan Timing: About 45.45% done; ETC: 09:36 (0:11:18 remaining)
4299Discovered open port 465/tcp on 65.49.16.26
4300Discovered open port 36095/tcp on 65.49.16.26
4301SYN Stealth Scan Timing: About 51.03% done; ETC: 09:36 (0:10:14 remaining)
4302SYN Stealth Scan Timing: About 56.26% done; ETC: 09:36 (0:09:09 remaining)
4303Discovered open port 34816/tcp on 65.49.16.26
4304SYN Stealth Scan Timing: About 61.93% done; ETC: 09:37 (0:08:06 remaining)
4305SYN Stealth Scan Timing: About 67.62% done; ETC: 09:37 (0:07:00 remaining)
4306SYN Stealth Scan Timing: About 72.45% done; ETC: 09:37 (0:05:54 remaining)
4307SYN Stealth Scan Timing: About 78.10% done; ETC: 09:37 (0:04:47 remaining)
4308Discovered open port 35643/tcp on 65.49.16.26
4309SYN Stealth Scan Timing: About 83.63% done; ETC: 09:37 (0:03:37 remaining)
4310SYN Stealth Scan Timing: About 88.83% done; ETC: 09:38 (0:02:31 remaining)
4311SYN Stealth Scan Timing: About 93.91% done; ETC: 09:38 (0:01:23 remaining)
4312Completed SYN Stealth Scan at 09:38, 1391.51s elapsed (65535 total ports)
4313Initiating Service scan at 09:38
4314Scanning 8 services on respectwashington.us (65.49.16.26)
4315Completed Service scan at 09:39, 22.62s elapsed (8 services on 1 host)
4316Initiating OS detection (try #1) against respectwashington.us (65.49.16.26)
4317Retrying OS detection (try #2) against respectwashington.us (65.49.16.26)
4318Initiating Traceroute at 09:39
4319Completed Traceroute at 09:39, 0.45s elapsed
4320Initiating Parallel DNS resolution of 11 hosts. at 09:39
4321Completed Parallel DNS resolution of 11 hosts. at 09:39, 0.30s elapsed
4322NSE: Script scanning 65.49.16.26.
4323Initiating NSE at 09:39
4324Completed NSE at 09:39, 14.11s elapsed
4325Initiating NSE at 09:39
4326Completed NSE at 09:39, 2.73s elapsed
4327Nmap scan report for respectwashington.us (65.49.16.26)
4328Host is up (0.34s latency).
4329Not shown: 65522 closed ports
4330PORT STATE SERVICE VERSION
433180/tcp open http Apache httpd 2.4.18 ((Ubuntu))
4332|_http-server-header: Apache/2.4.18 (Ubuntu)
4333| vulners:
4334| cpe:/a:apache:http_server:2.4.18:
4335| CVE-2017-7679 7.5 https://vulners.com/cve/CVE-2017-7679
4336| CVE-2017-7668 7.5 https://vulners.com/cve/CVE-2017-7668
4337| CVE-2017-3169 7.5 https://vulners.com/cve/CVE-2017-3169
4338| CVE-2017-3167 7.5 https://vulners.com/cve/CVE-2017-3167
4339| CVE-2019-0211 7.2 https://vulners.com/cve/CVE-2019-0211
4340| CVE-2018-1312 6.8 https://vulners.com/cve/CVE-2018-1312
4341| CVE-2017-15715 6.8 https://vulners.com/cve/CVE-2017-15715
4342| CVE-2019-10082 6.4 https://vulners.com/cve/CVE-2019-10082
4343| CVE-2017-9788 6.4 https://vulners.com/cve/CVE-2017-9788
4344| CVE-2019-10098 5.8 https://vulners.com/cve/CVE-2019-10098
4345| CVE-2019-0220 5.0 https://vulners.com/cve/CVE-2019-0220
4346| CVE-2019-0196 5.0 https://vulners.com/cve/CVE-2019-0196
4347| CVE-2018-17199 5.0 https://vulners.com/cve/CVE-2018-17199
4348| CVE-2018-1333 5.0 https://vulners.com/cve/CVE-2018-1333
4349| CVE-2017-9798 5.0 https://vulners.com/cve/CVE-2017-9798
4350| CVE-2017-15710 5.0 https://vulners.com/cve/CVE-2017-15710
4351| CVE-2016-8743 5.0 https://vulners.com/cve/CVE-2016-8743
4352| CVE-2016-8740 5.0 https://vulners.com/cve/CVE-2016-8740
4353| CVE-2016-4979 5.0 https://vulners.com/cve/CVE-2016-4979
4354| CVE-2019-0197 4.9 https://vulners.com/cve/CVE-2019-0197
4355| CVE-2019-10092 4.3 https://vulners.com/cve/CVE-2019-10092
4356| CVE-2018-11763 4.3 https://vulners.com/cve/CVE-2018-11763
4357| CVE-2016-4975 4.3 https://vulners.com/cve/CVE-2016-4975
4358| CVE-2016-1546 4.3 https://vulners.com/cve/CVE-2016-1546
4359| CVE-2018-1283 3.5 https://vulners.com/cve/CVE-2018-1283
4360|_ CVE-2016-8612 3.3 https://vulners.com/cve/CVE-2016-8612
4361| vulscan: VulDB - https://vuldb.com:
4362| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
4363| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
4364| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
4365| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
4366| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
4367| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
4368| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
4369| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
4370| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
4371| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
4372| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
4373| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
4374| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
4375| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
4376| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
4377| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
4378| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
4379| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
4380| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
4381| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
4382| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
4383| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
4384| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
4385| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
4386| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
4387| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
4388| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
4389| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
4390| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
4391| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
4392| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
4393| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
4394| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
4395| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
4396| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
4397| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
4398| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
4399| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
4400| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
4401| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
4402| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
4403| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
4404| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
4405| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
4406| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
4407| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
4408| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
4409| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
4410| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
4411| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
4412|
4413| MITRE CVE - https://cve.mitre.org:
4414| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
4415| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
4416| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
4417| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
4418| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
4419| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
4420| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
4421| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
4422| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
4423| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
4424|
4425| SecurityFocus - https://www.securityfocus.com/bid/:
4426| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4427| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
4428| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
4429| [15177] PHP Apache 2 Local Denial of Service Vulnerability
4430| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
4431| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
4432| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
4433| [5485] Apache 2.0 Path Disclosure Vulnerability
4434| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
4435| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
4436| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
4437| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
4438|
4439| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4440| [75211] Debian GNU/Linux apache 2 cross-site scripting
4441|
4442| Exploit-DB - https://www.exploit-db.com:
4443| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
4444| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
4445| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
4446| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
4447| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
4448| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
4449| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
4450| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
4451| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
4452| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
4453| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
4454| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
4455| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
4456| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
4457| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
4458| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
4459| [21719] Apache 2.0 Path Disclosure Vulnerability
4460| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
4461| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
4462| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
4463| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
4464| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
4465| [17691] Apache Struts < 2.2.0 - Remote Command Execution
4466| [15319] Apache 2.2 (Windows) Local Denial of Service
4467| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
4468| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
4469| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
4470| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
4471| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
4472| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
4473| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
4474| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
4475| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
4476| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
4477| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
4478| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
4479| [9] Apache HTTP Server 2.x Memory Leak Exploit
4480|
4481| OpenVAS (Nessus) - http://www.openvas.org:
4482| [855524] Solaris Update for Apache 2 120544-14
4483| [855077] Solaris Update for Apache 2 120543-14
4484| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4485| [72626] Debian Security Advisory DSA 2579-1 (apache2)
4486| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
4487| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
4488| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
4489| [71256] Debian Security Advisory DSA 2452-1 (apache2)
4490| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
4491| [70724] Debian Security Advisory DSA 2405-1 (apache2)
4492| [70235] Debian Security Advisory DSA 2298-2 (apache2)
4493| [70233] Debian Security Advisory DSA 2298-1 (apache2)
4494| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
4495| [69338] Debian Security Advisory DSA 2202-1 (apache2)
4496| [65131] SLES9: Security update for Apache 2 oes/CORE
4497| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
4498| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
4499| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
4500| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
4501| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
4502| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
4503| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
4504| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
4505| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
4506| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
4507| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
4508| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
4509| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
4510| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
4511| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
4512| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
4513| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
4514| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
4515| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
4516| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
4517| [11092] Apache 2.0.39 Win32 directory traversal
4518| [66081] SLES11: Security update for Apache 2
4519| [66074] SLES10: Security update for Apache 2
4520| [66070] SLES9: Security update for Apache 2
4521| [65893] SLES10: Security update for Apache 2
4522| [65888] SLES10: Security update for Apache 2
4523| [65510] SLES9: Security update for Apache 2
4524| [65249] SLES9: Security update for Apache 2
4525| [65230] SLES9: Security update for Apache 2
4526| [65228] SLES9: Security update for Apache 2
4527| [65207] SLES9: Security update for Apache 2
4528| [65136] SLES9: Security update for Apache 2
4529| [65017] SLES9: Security update for Apache 2
4530|
4531| SecurityTracker - https://www.securitytracker.com:
4532| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
4533| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
4534| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
4535| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
4536| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
4537|
4538| OSVDB - http://www.osvdb.org:
4539| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
4540|_
4541110/tcp filtered pop3
4542143/tcp filtered imap
4543443/tcp open ssl/http Apache httpd 2.4.18
4544|_http-server-header: Apache/2.4.18 (Ubuntu)
4545| vulners:
4546| Apache httpd 2.4.18:
4547| HTTPD:F564BBA32AA088833DA032B7EB77CA29 7.5 https://vulners.com/httpd/HTTPD:F564BBA32AA088833DA032B7EB77CA29
4548| HTTPD:E74D6161229FA3D00A1783E6C3426C5D 7.5 https://vulners.com/httpd/HTTPD:E74D6161229FA3D00A1783E6C3426C5D
4549| HTTPD:C7D2DA1ACB016A5220CA8E74647BED26 7.5 https://vulners.com/httpd/HTTPD:C7D2DA1ACB016A5220CA8E74647BED26
4550| HTTPD:8F00FB1DD7567228376803FEDB0EC3B6 7.5 https://vulners.com/httpd/HTTPD:8F00FB1DD7567228376803FEDB0EC3B6
4551| HTTPD:7EEE138FD834328B3FC98E4B7FCAD266 7.5 https://vulners.com/httpd/HTTPD:7EEE138FD834328B3FC98E4B7FCAD266
4552| HTTPD:24E96D438275A8177C289509C796525C 7.5 https://vulners.com/httpd/HTTPD:24E96D438275A8177C289509C796525C
4553| HTTPD:237FAB5DE739A612077A245192137A48 7.5 https://vulners.com/httpd/HTTPD:237FAB5DE739A612077A245192137A48
4554| HTTPD:143F3A43D871E3AFFF956DB1049A6A2A 7.5 https://vulners.com/httpd/HTTPD:143F3A43D871E3AFFF956DB1049A6A2A
4555| HTTPD:0C6EE30D77005EBF2B39E351B1F3E2C4 7.5 https://vulners.com/httpd/HTTPD:0C6EE30D77005EBF2B39E351B1F3E2C4
4556| HTTPD:FC354B921BA807DFCACD7CD3C1D02FF9 7.2 https://vulners.com/httpd/HTTPD:FC354B921BA807DFCACD7CD3C1D02FF9
4557| HTTPD:9CDB89FBD1162B1E462FDF5BEA375759 6.8 https://vulners.com/httpd/HTTPD:9CDB89FBD1162B1E462FDF5BEA375759
4558| HTTPD:13B5FCC9676077F8FD08063C83511140 6.8 https://vulners.com/httpd/HTTPD:13B5FCC9676077F8FD08063C83511140
4559| HTTPD:B057D0A07B0AC97248CE6210E08ACAF7 6.4 https://vulners.com/httpd/HTTPD:B057D0A07B0AC97248CE6210E08ACAF7
4560| HTTPD:99188FFDCAF9C4932D00C218A2E58EC7 6.4 https://vulners.com/httpd/HTTPD:99188FFDCAF9C4932D00C218A2E58EC7
4561| HTTPD:531CF2A74E1A5A02A1D6AE2505AD586F 6.4 https://vulners.com/httpd/HTTPD:531CF2A74E1A5A02A1D6AE2505AD586F
4562| HTTPD:1696C4DDCBC58CE20005FCB002958C09 6.0 https://vulners.com/httpd/HTTPD:1696C4DDCBC58CE20005FCB002958C09
4563| HTTPD:01BB9C701A4D4302EF59FA7EA89D9115 5.8 https://vulners.com/httpd/HTTPD:01BB9C701A4D4302EF59FA7EA89D9115
4564| HTTPD:F292DF1CEE1729E4240D1D62A10F5D32 5.1 https://vulners.com/httpd/HTTPD:F292DF1CEE1729E4240D1D62A10F5D32
4565| HTTPD:CE14FA5A5B1A2BE3A35EA809C9D8CFF7 5.1 https://vulners.com/httpd/HTTPD:CE14FA5A5B1A2BE3A35EA809C9D8CFF7
4566| HTTPD:79096CA36FAE041205EFAB66A6D4EF4B 5.1 https://vulners.com/httpd/HTTPD:79096CA36FAE041205EFAB66A6D4EF4B
4567| HTTPD:E91F31FD116386F2922B3EDA4BE3899B 5.0 https://vulners.com/httpd/HTTPD:E91F31FD116386F2922B3EDA4BE3899B
4568| HTTPD:E05CACB9D575871BA1E3088D02930266 5.0 https://vulners.com/httpd/HTTPD:E05CACB9D575871BA1E3088D02930266
4569| HTTPD:D7BF4648C333C0F770A30DEB0A23601C 5.0 https://vulners.com/httpd/HTTPD:D7BF4648C333C0F770A30DEB0A23601C
4570| HTTPD:D5609C15618DCADFDAD5AD396F2B83D7 5.0 https://vulners.com/httpd/HTTPD:D5609C15618DCADFDAD5AD396F2B83D7
4571| HTTPD:D5091608B1DC5DB5CABE405261B7658E 5.0 https://vulners.com/httpd/HTTPD:D5091608B1DC5DB5CABE405261B7658E
4572| HTTPD:D26626D944F16D90B877FB157E4A128F 5.0 https://vulners.com/httpd/HTTPD:D26626D944F16D90B877FB157E4A128F
4573| HTTPD:D0D55654F7429E8A4965CBBE30779CD6 5.0 https://vulners.com/httpd/HTTPD:D0D55654F7429E8A4965CBBE30779CD6
4574| HTTPD:C191D6FAD0C97D0A2E0A2A9F7BFE6B38 5.0 https://vulners.com/httpd/HTTPD:C191D6FAD0C97D0A2E0A2A9F7BFE6B38
4575| HTTPD:BD5F2FE0FF24D28F3450C11422A68AC8 5.0 https://vulners.com/httpd/HTTPD:BD5F2FE0FF24D28F3450C11422A68AC8
4576| HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6 5.0 https://vulners.com/httpd/HTTPD:B2B68FFCE0FB45D09BE91EE9ECBA07F6
4577| HTTPD:A5459AF02C9EC35CE80EA173C36C3F47 5.0 https://vulners.com/httpd/HTTPD:A5459AF02C9EC35CE80EA173C36C3F47
4578| HTTPD:824D39D8A30F1234C966CBDA41E1C446 5.0 https://vulners.com/httpd/HTTPD:824D39D8A30F1234C966CBDA41E1C446
4579| HTTPD:73656ED41609146303D488C86337BC2D 5.0 https://vulners.com/httpd/HTTPD:73656ED41609146303D488C86337BC2D
4580| HTTPD:6CAC4F8B58BB2BE168795A6BA0CA26A1 5.0 https://vulners.com/httpd/HTTPD:6CAC4F8B58BB2BE168795A6BA0CA26A1
4581| HTTPD:5D6E315A1B98558C0DF8CBE51264FBA5 5.0 https://vulners.com/httpd/HTTPD:5D6E315A1B98558C0DF8CBE51264FBA5
4582| HTTPD:4EC9662496A151DDE6D030D9127572E7 5.0 https://vulners.com/httpd/HTTPD:4EC9662496A151DDE6D030D9127572E7
4583| HTTPD:42FA2547862AB3B3F5E7F776E2D90614 5.0 https://vulners.com/httpd/HTTPD:42FA2547862AB3B3F5E7F776E2D90614
4584| HTTPD:3647863A8E4AE972669D5EE60974E777 5.0 https://vulners.com/httpd/HTTPD:3647863A8E4AE972669D5EE60974E777
4585| HTTPD:18105DABC6D0ADE97D12B90F63EAE025 5.0 https://vulners.com/httpd/HTTPD:18105DABC6D0ADE97D12B90F63EAE025
4586| HTTPD:174A0D44882BCA7E2F229BC91D6D5A09 5.0 https://vulners.com/httpd/HTTPD:174A0D44882BCA7E2F229BC91D6D5A09
4587| HTTPD:04C30566E99EFB3C0D60F08EE2524591 5.0 https://vulners.com/httpd/HTTPD:04C30566E99EFB3C0D60F08EE2524591
4588| HTTPD:F4FBBB7467F08F96828B98E753E5FE7D 4.3 https://vulners.com/httpd/HTTPD:F4FBBB7467F08F96828B98E753E5FE7D
4589| HTTPD:D94ACD37B5627A621B2D592BD44873F2 4.3 https://vulners.com/httpd/HTTPD:D94ACD37B5627A621B2D592BD44873F2
4590| HTTPD:D26FFC4C8AA598C5F130A0223836644E 4.3 https://vulners.com/httpd/HTTPD:D26FFC4C8AA598C5F130A0223836644E
4591| HTTPD:A5773ECB3CB67826707B252F21BB80BB 4.3 https://vulners.com/httpd/HTTPD:A5773ECB3CB67826707B252F21BB80BB
4592| HTTPD:86C509FC37A85DC3C01E3CE10402C6DC 4.3 https://vulners.com/httpd/HTTPD:86C509FC37A85DC3C01E3CE10402C6DC
4593| HTTPD:714A18409AEB3B8362DC4FA2B923CA7A 4.3 https://vulners.com/httpd/HTTPD:714A18409AEB3B8362DC4FA2B923CA7A
4594| HTTPD:43E63F90DCA6F418ACF2327C4F88C3D8 4.3 https://vulners.com/httpd/HTTPD:43E63F90DCA6F418ACF2327C4F88C3D8
4595| HTTPD:2E568217BC35E0AA91DF49E7CE65CA67 3.5 https://vulners.com/httpd/HTTPD:2E568217BC35E0AA91DF49E7CE65CA67
4596| HTTPD:B6CF5630624F83951A477D36DC8FD634 0.0 https://vulners.com/httpd/HTTPD:B6CF5630624F83951A477D36DC8FD634
4597| HTTPD:94C27BCF50CA81A222019B9F06735AA1 0.0 https://vulners.com/httpd/HTTPD:94C27BCF50CA81A222019B9F06735AA1
4598| HTTPD:914D0BB6DF64CDA58BDF1461563DCBC2 0.0 https://vulners.com/httpd/HTTPD:914D0BB6DF64CDA58BDF1461563DCBC2
4599| HTTPD:7ED2E94FC8175AF57B0B84C966E78986 0.0 https://vulners.com/httpd/HTTPD:7ED2E94FC8175AF57B0B84C966E78986
4600| HTTPD:55F8C86BB4FE80544B301C6F772E1F21 0.0 https://vulners.com/httpd/HTTPD:55F8C86BB4FE80544B301C6F772E1F21
4601| HTTPD:53F7D531D201D0209EE31F3FA8829F5B 0.0 https://vulners.com/httpd/HTTPD:53F7D531D201D0209EE31F3FA8829F5B
4602|_ HTTPD:21A860C56B7B6A55960FB17E72B7E4B4 0.0 https://vulners.com/httpd/HTTPD:21A860C56B7B6A55960FB17E72B7E4B4
4603| vulscan: VulDB - https://vuldb.com:
4604| [88747] Apache HTTP Server 2.4.17/2.4.18 mod_http2 denial of service
4605| [76731] Apache HTTP Server 2.4.12 ErrorDocument 400 Crash denial of service
4606| [74367] Apache HTTP Server up to 2.4.12 mod_lua lua_request.c wsupgrade denial of service
4607| [68575] Apache HTTP Server up to 2.4.10 LuaAuthzProvider mod_lua.c privilege escalation
4608| [68435] Apache HTTP Server 2.4.10 mod_proxy_fcgi.c handle_headers denial of service
4609| [13300] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi setuid privilege escalation
4610| [13299] Apache HTTP Server 2.4.1/2.4.2 mod_wsgi Content-Type Header information disclosure
4611| [136374] Apache HTTP Server up to 2.4.38 Slash Regular Expression unknown vulnerability
4612| [136373] Apache HTTP Server 2.4.34/2.4.35/2.4.36/2.4.37/2.4.38 HTTP2 Request Crash denial of service
4613| [136372] Apache HTTP Server up to 2.4.38 HTTP2 Request unknown vulnerability
4614| [133112] Apache HTTP Server up to 2.4.38 mod_auth_digest race condition privilege escalation
4615| [133111] Apache HTTP Server 2.4.37/2.4.38 mod_ssl Bypass privilege escalation
4616| [130341] Apache HTTP Server 2.4.37 mod_ssl Loop denial of service
4617| [130330] Apache HTTP Server up to 2.4.37 mod_session Expired privilege escalation
4618| [130329] Apache HTTP Server 2.4.37 mod_http2 Slowloris denial of service
4619| [124447] Apache HTTP Server up to 2.4.34 SETTINGS Frame denial of service
4620| [121910] Apache HTTP Server 2.4.33 mod_md HTTP Requests denial of service
4621| [122569] Apache HTTP Server up to 2.4.33 HTTP2 Request denial of service
4622| [115061] Apache HTTP Server up to 2.4.29 HTTP Digest Authentication Challenge HTTP Requests Replay privilege escalation
4623| [115060] Apache HTTP Server up to 2.4.29 mod_cache_socache Request Header Crash denial of service
4624| [115059] Apache HTTP Server up to 2.4.29 HTTP2 NULL Pointer Dereference denial of service
4625| [115058] Apache HTTP Server up to 2.4.29 HTTP Header Crash denial of service
4626| [115057] Apache HTTP Server up to 2.4.29 mod_session Variable Name Cache privilege escalation
4627| [115039] Apache HTTP Server up to 2.4.29 FilesMatch File Upload privilege escalation
4628| [114258] Apache HTTP Server up to 2.4.22 mod_cluster Segmentation Fault denial of service
4629| [104986] Apache CXF 2.4.5/2.5.1 WS-SP UsernameToken Policy SOAP Request weak authentication
4630| [103521] Apache HTTP Server 2.4.26 HTTP2 Free memory corruption
4631| [94627] Apache HTTP Server up to 2.4.24 mod_auth_digest Crash denial of service
4632| [94626] Apache HTTP Server up to 2.4.24 mod_session_crypto Padding weak encryption
4633| [94625] Apache HTTP Server up to 2.4.24 Response Split privilege escalation
4634| [93958] Apache HTTP Server up to 2.4.23 mod_http2 h2_stream.c denial of service
4635| [89669] Apache HTTP Server up to 2.4.23 RFC 3875 Namespace Conflict Environment Variable Open Redirect
4636| [88667] Apache HTTP Server up to 2.4.20 mod_http2 Certificate weak authentication
4637| [77083] Apache Groovy up to 2.4.3 MethodClosure.java MethodClosure memory corruption
4638| [76733] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 ap_some_auth_required unknown vulnerability
4639| [76732] Apache HTTP Server 2.4.7/2.4.8/2.4.9/2.4.10/2.4.12 Request apr_brigade_flatten privilege escalation
4640| [73106] Apache Hadoop up to 2.4.0 Symlink privilege escalation
4641| [67183] Apache HTTP Server up to 2.4.9 mod_proxy denial of service
4642| [67180] Apache HTTP Server up to 2.4.9 WinNT MPM Memory Leak denial of service
4643| [67185] Apache HTTP Server up to 2.4.9 mod_status Heap-Based memory corruption
4644| [67184] Apache HTTP Server 2.4.5/2.4.6 mod_cache NULL Pointer Dereference denial of service
4645| [67182] Apache HTTP Server up to 2.4.9 mod_deflate Memory Consumption denial of service
4646| [67181] Apache HTTP Server up to 2.4.9 mod_cgid denial of service
4647| [12667] Apache HTTP Server 2.4.7 mod_log_config.c log_cookie denial of service
4648| [9683] Apache HTTP Server 2.4.5 mod_session_dbd denial of service
4649| [7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting
4650| [62417] Apache CXF 2.4.7/2.4.8/2.5.3/2.5.4/2.6.1 spoofing
4651| [6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure
4652| [6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure
4653| [9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service
4654|
4655| MITRE CVE - https://cve.mitre.org:
4656| [CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
4657| [CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.
4658| [CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.
4659| [CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.
4660| [CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.
4661| [CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.
4662| [CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.
4663| [CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.
4664| [CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
4665| [CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
4666|
4667| SecurityFocus - https://www.securityfocus.com/bid/:
4668| [42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4669| [27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
4670| [15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
4671| [15177] PHP Apache 2 Local Denial of Service Vulnerability
4672| [6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability
4673| [5816] Apache 2 mod_dav Denial Of Service Vulnerability
4674| [5486] Apache 2.0 CGI Path Disclosure Vulnerability
4675| [5485] Apache 2.0 Path Disclosure Vulnerability
4676| [5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
4677| [5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability
4678| [4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
4679| [4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability
4680|
4681| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4682| [75211] Debian GNU/Linux apache 2 cross-site scripting
4683|
4684| Exploit-DB - https://www.exploit-db.com:
4685| [31052] Apache <= 2.2.6 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
4686| [30901] Apache HTTP Server 2.2.6 Windows Share PHP File Extension Mapping Information Disclosure Vulnerability
4687| [30835] Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
4688| [28424] Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
4689| [28365] Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
4690| [27915] Apache James 2.2 SMTP Denial of Service Vulnerability
4691| [27135] Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
4692| [26710] Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 - Denial of Service
4693| [24590] Apache 2.0.x mod_ssl Remote Denial of Service Vulnerability
4694| [23581] Apache 2.0.4x mod_perl Module File Descriptor Leakage Vulnerability
4695| [23482] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)
4696| [23481] Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (1)
4697| [23296] Red Hat Apache 2.0.40 Directory Index Default Configuration Error
4698| [23282] apache cocoon 2.14/2.2 - Directory Traversal vulnerability
4699| [22191] Apache Web Server 2.0.x MS-DOS Device Name Denial of Service Vulnerability
4700| [21854] Apache 2.0.39/40 Oversized STDERR Buffer Denial of Service Vulnerability
4701| [21719] Apache 2.0 Path Disclosure Vulnerability
4702| [21697] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability
4703| [20272] Apache 1.2.5/1.3.1,UnityMail 2.0 MIME Header DoS Vulnerability
4704| [19828] Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
4705| [18984] Apache Struts <= 2.2.1.1 - Remote Command Execution
4706| [18329] Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities
4707| [17691] Apache Struts < 2.2.0 - Remote Command Execution
4708| [15319] Apache 2.2 (Windows) Local Denial of Service
4709| [14617] Apache JackRabbit 2.0.0 webapp XPath Injection
4710| [11650] Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
4711| [8458] Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities
4712| [5330] Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)
4713| [3996] Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)
4714| [2237] Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC
4715| [1056] Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service
4716| [855] Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
4717| [132] Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit
4718| [38] Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl
4719| [34] Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
4720| [11] Apache <= 2.0.44 Linux Remote Denial of Service Exploit
4721| [9] Apache HTTP Server 2.x Memory Leak Exploit
4722|
4723| OpenVAS (Nessus) - http://www.openvas.org:
4724| [855524] Solaris Update for Apache 2 120544-14
4725| [855077] Solaris Update for Apache 2 120543-14
4726| [100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
4727| [72626] Debian Security Advisory DSA 2579-1 (apache2)
4728| [71551] Gentoo Security Advisory GLSA 201206-25 (apache)
4729| [71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
4730| [71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)
4731| [71256] Debian Security Advisory DSA 2452-1 (apache2)
4732| [71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)
4733| [70724] Debian Security Advisory DSA 2405-1 (apache2)
4734| [70235] Debian Security Advisory DSA 2298-2 (apache2)
4735| [70233] Debian Security Advisory DSA 2298-1 (apache2)
4736| [69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)
4737| [69338] Debian Security Advisory DSA 2202-1 (apache2)
4738| [65131] SLES9: Security update for Apache 2 oes/CORE
4739| [64426] Gentoo Security Advisory GLSA 200907-04 (apache)
4740| [61381] Gentoo Security Advisory GLSA 200807-06 (apache)
4741| [60582] Gentoo Security Advisory GLSA 200803-19 (apache)
4742| [58745] Gentoo Security Advisory GLSA 200711-06 (apache)
4743| [57851] Gentoo Security Advisory GLSA 200608-01 (apache)
4744| [56246] Gentoo Security Advisory GLSA 200602-03 (Apache)
4745| [55392] Gentoo Security Advisory GLSA 200509-12 (Apache)
4746| [55129] Gentoo Security Advisory GLSA 200508-15 (apache)
4747| [54739] Gentoo Security Advisory GLSA 200411-18 (apache)
4748| [54724] Gentoo Security Advisory GLSA 200411-03 (apache)
4749| [54712] Gentoo Security Advisory GLSA 200410-21 (apache)
4750| [54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)
4751| [54677] Gentoo Security Advisory GLSA 200409-21 (apache)
4752| [54610] Gentoo Security Advisory GLSA 200407-03 (Apache)
4753| [54601] Gentoo Security Advisory GLSA 200406-16 (Apache)
4754| [54590] Gentoo Security Advisory GLSA 200406-05 (Apache)
4755| [54582] Gentoo Security Advisory GLSA 200405-22 (Apache)
4756| [54529] Gentoo Security Advisory GLSA 200403-04 (Apache)
4757| [54499] Gentoo Security Advisory GLSA 200310-04 (Apache)
4758| [54498] Gentoo Security Advisory GLSA 200310-03 (Apache)
4759| [11092] Apache 2.0.39 Win32 directory traversal
4760| [66081] SLES11: Security update for Apache 2
4761| [66074] SLES10: Security update for Apache 2
4762| [66070] SLES9: Security update for Apache 2
4763| [65893] SLES10: Security update for Apache 2
4764| [65888] SLES10: Security update for Apache 2
4765| [65510] SLES9: Security update for Apache 2
4766| [65249] SLES9: Security update for Apache 2
4767| [65230] SLES9: Security update for Apache 2
4768| [65228] SLES9: Security update for Apache 2
4769| [65207] SLES9: Security update for Apache 2
4770| [65136] SLES9: Security update for Apache 2
4771| [65017] SLES9: Security update for Apache 2
4772|
4773| SecurityTracker - https://www.securitytracker.com:
4774| [1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters
4775| [1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases
4776| [1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service
4777| [1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code
4778| [1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users
4779|
4780| OSVDB - http://www.osvdb.org:
4781| [20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure
4782|_
4783465/tcp open ssl/smtp Postfix smtpd
4784| vulscan: VulDB - https://vuldb.com:
4785| [108975] Apple macOS up to 10.13.1 Postfix unknown vulnerability
4786| [98314] PostfixAdmin up to 3.0.1 AliasHandler delete.php gen_show_status denial of service
4787| [71720] Postfix up to 2.3.0 backup.php pacrypt sql injection
4788| [12746] Postfix Admin 2.3.6 functions.inc.php sql injection
4789| [57422] Postfix memory corruption
4790| [56843] Postfix up to 2.7.2 Cleartext weak encryption
4791|
4792| MITRE CVE - https://cve.mitre.org:
4793| [CVE-2013-2852] Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
4794| [CVE-2011-1720] The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
4795| [CVE-2011-0411] The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
4796| [CVE-2010-0230] SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.
4797| [CVE-2009-2939] The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
4798| [CVE-2008-4977] ** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
4799| [CVE-2008-3889] Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
4800| [CVE-2008-3646] The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users.
4801| [CVE-2008-2937] Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
4802| [CVE-2008-2936] Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.
4803| [CVE-2007-3791] Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd before 1.81 for Postfix allows remote attackers to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained from third party information.
4804| [CVE-2006-0213] Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
4805| [CVE-2005-1127] Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey.
4806| [CVE-2005-0337] Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
4807| [CVE-2004-1113] SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
4808| [CVE-2004-1088] Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.
4809| [CVE-2004-0925] Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.
4810| [CVE-2003-0540] The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
4811| [CVE-2003-0468] Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
4812| [CVE-2001-0894] Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large.
4813|
4814| SecurityFocus - https://www.securityfocus.com/bid/:
4815| [96142] PostfixAdmin CVE-2017-5930 Session Management Security Bypass Vulnerability
4816| [90814] Postfix Admin Multiple Cross Site Request Forgery Vulnerabilities
4817| [67250] Postfix Arbitrary Content Security Bypass Vulnerability
4818| [66455] Postfix Admin 'functions.inc.php' SQL Injection Vulnerability
4819| [65184] Fail2ban Postfix Filter Remote Denial of Service Vulnerability
4820| [51680] Postfix Admin Multiple SQL Injection and Cross Site Scripting Vulnerabilities
4821| [47778] Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
4822| [36469] Debian and Ubuntu Postfix Insecure Temporary File Creation Vulnerability
4823| [31721] Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability
4824| [30977] Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
4825| [30691] Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities
4826| [13133] Salim Gasmi GLD Postfix Greylisting Daemon Format String Vulnerability
4827| [13129] Salim Gasmi GLD Postfix Greylisting Daemon Buffer Overflow Vulnerability
4828| [12445] Postfix IPv6 Unauthorized Mail Relay Vulnerability
4829| [11898] SQLgrey Postfix Greylisting Service Unspecified SQL Injection Vulnerability
4830| [11633] SQLgrey Postfix Greylisting Service SQL Injection Vulnerability
4831| [11323] Apple Mac OS X Postfix Release SMTPD AUTH Username Denial Of Service Vulnerability
4832| [8362] Postfix SMTP Malformed E-mail Envelope Address Denial of Service Vulnerability
4833| [8361] Postfix Connection Proxying Vulnerability
4834| [8333] Multiple Postfix Denial of Service Vulnerabilities
4835| [3638] SuSEConfig.postfix chroot Local DoS Attack Vulnerability
4836| [3637] SuSEConfig.postfix chroot File Ownership Vulnerability
4837| [3544] Postfix SMTP Log Denial Of Service Vulnerability
4838| [1428] cyrus With postfix and Procmail Remote Shell Expansion Vulnerabilities
4839|
4840| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4841| [72752] Postfix Admin multiple parameters SQL injection
4842| [72751] PostfixAdmin multiple parameters cross-site scripting
4843| [67359] Postfix Cyrus SASL library in the SMTP server code execution
4844| [55970] SUSE Linux Enterprise postfix security bypass
4845| [53425] Postfix in Debian and Ubuntu pid symlink
4846| [45876] Apple Mac OS X Postfix configuration file weak security
4847| [44865] Postfix file descriptor denial of service
4848| [44461] Postfix email information disclosure
4849| [44460] Postfix symlink code execution
4850| [22655] RHSA-2005:152 updates for postfix not installed
4851| [19218] Postfix IPv6 mail relay
4852| [18435] SQLgrey Postfix greylisting service SQL injection
4853| [18353] Postfix CRAM-MD5 authentication replay attack
4854| [17998] SQLgrey Postfix greylisting service SQL injection
4855| [17595] Apple Mac OS postfix SMTPD AUTH denial of service
4856| [12816] Postfix MAIL FROM or RCPT TO denial of service
4857| [12815] Postfix could be used as a distributed denial of service tool
4858| [7568] Postfix SMTP log denial of service
4859| [4905] Cyrus with postfix and procmail integration could allow remote command execution
4860|
4861| Exploit-DB - https://www.exploit-db.com:
4862| [25392] Salim Gasmi GLD 1.x Postfix Greylisting Daemon Buffer Overflow Vulnerability
4863| [22982] Postfix 1.1.x Denial of Service Vulnerabilities (2)
4864| [22981] Postfix 1.1.x Denial of Service Vulnerabilities (1)
4865| [16841] GLD (Greylisting Daemon) Postfix Buffer Overflow
4866| [10023] Salim Gasmi GLD 1.0 - 1.4 Postfix Greylisting Buffer Overflow
4867| [6472] Postfix < 2.4.9, 2.5.5, 2.6-20080902 - (.forward) Local DoS Exploit
4868| [6337] Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit
4869| [934] gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit
4870|
4871| OpenVAS (Nessus) - http://www.openvas.org:
4872| [902517] Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
4873| [881389] CentOS Update for postfix CESA-2011:0422 centos5 x86_64
4874| [881293] CentOS Update for postfix CESA-2011:0843 centos4 x86_64
4875| [881278] CentOS Update for postfix CESA-2011:0422 centos4 x86_64
4876| [881267] CentOS Update for postfix CESA-2011:0843 centos5 x86_64
4877| [880520] CentOS Update for postfix CESA-2011:0422 centos5 i386
4878| [880509] CentOS Update for postfix CESA-2011:0843 centos5 i386
4879| [880488] CentOS Update for postfix CESA-2011:0843 centos4 i386
4880| [880485] CentOS Update for postfix CESA-2011:0422 centos4 i386
4881| [880268] CentOS Update for postfix CESA-2008:0839 centos3 i386
4882| [880023] CentOS Update for postfix CESA-2008:0839 centos3 x86_64
4883| [870658] RedHat Update for postfix RHSA-2011:0423-01
4884| [870440] RedHat Update for postfix RHSA-2011:0843-01
4885| [870418] RedHat Update for postfix RHSA-2011:0422-01
4886| [870021] RedHat Update for postfix RHSA-2008:0839-01
4887| [863100] Fedora Update for postfix FEDORA-2011-6777
4888| [863097] Fedora Update for postfix FEDORA-2011-6771
4889| [862950] Fedora Update for postfix FEDORA-2011-3394
4890| [862938] Fedora Update for postfix FEDORA-2011-3355
4891| [860510] Fedora Update for postfix FEDORA-2008-8593
4892| [860419] Fedora Update for postfix FEDORA-2008-8595
4893| [850126] SuSE Update for postfix SUSE-SA:2010:011
4894| [850031] SuSE Update for postfix SUSE-SA:2008:040
4895| [840658] Ubuntu Update for postfix USN-1131-1
4896| [840648] Ubuntu Update for postfix USN-1113-1
4897| [840227] Ubuntu Update for postfix vulnerabilities USN-642-1
4898| [840190] Ubuntu Update for postfix vulnerability USN-636-1
4899| [831400] Mandriva Update for postfix MDVSA-2011:090 (postfix)
4900| [830713] Mandriva Update for postfix MDVSA-2008:171 (postfix)
4901| [830635] Mandriva Update for postfix MDVSA-2008:190 (postfix)
4902| [830075] Mandriva Update for postfix MDKA-2007:079 (postfix)
4903| [72452] Gentoo Security Advisory GLSA 201209-18 (postfixadmin)
4904| [71559] Gentoo Security Advisory GLSA 201206-33 (Postfix)
4905| [70744] FreeBSD Ports: postfixadmin
4906| [69770] FreeBSD Ports: postfix, postfix-base
4907| [69733] Debian Security Advisory DSA 2233-1 (postfix)
4908| [69363] FreeBSD Ports: postfix, postfix-base
4909| [66394] Mandriva Security Advisory MDVSA-2009:224-1 (postfix)
4910| [65957] SLES10: Security update for Postfix
4911| [65911] SLES10: Security update for Postfix
4912| [65353] SLES9: Security update for Postfix
4913| [65350] SLES9: Security update for postfix
4914| [64696] Mandrake Security Advisory MDVSA-2009:224 (postfix)
4915| [61646] Gentoo Security Advisory GLSA 200809-09 (postfix)
4916| [61445] Gentoo Security Advisory GLSA 200808-12 (postfix)
4917| [61435] Debian Security Advisory DSA 1629-2 (postfix)
4918| [61434] Debian Security Advisory DSA 1629-1 (postfix)
4919| [60836] FreeBSD Ports: postfix-policyd-weight
4920| [58580] Debian Security Advisory DSA 1361-1 (postfix-policyd)
4921| [53833] Debian Security Advisory DSA 093-1 (postfix)
4922| [53652] Debian Security Advisory DSA 363-1 (postfix)
4923|
4924| SecurityTracker - https://www.securitytracker.com:
4925| [1025521] Postfix SASL Authentication Heap Overflow Lets Remote Users Deny Service
4926| [1025179] Postfix Plaintext to TLS Switching Error Lets Remote Users Inject Plaintext Commands
4927| [1020800] Postfix Linux epoll File Descriptor Leak Lets Local Users Deny Service
4928| [1020700] Postfix Symlink Dereference Bug Lets Local Users Gain Elevated Privileges
4929| [1012395] Postfix CRAM-MD5 Replay Attack May Let Remote Users Send Mail
4930| [1011532] Postfix Buffer Error May Prevent Remote Users from Being Able to Authenticate Using SMTPD AUTH
4931| [1007382] Postfix Bounce Messages Let Remote Users Scan for Open Ports on Other Hosts
4932| [1007381] Postfix Address Resolver Parsing Bug Lets Remote Users Hang the System
4933| [1002756] Postfix Mail Server Can Be Crashed By Remote Users Initiating Unsuccessful Sessions
4934|
4935| OSVDB - http://www.osvdb.org:
4936| [94034] Linux Kernel Broadcom B43 Wireless Driver b43_request_firmware Function fwpostfix modprobe Parameter Format String Local Privilege Escalation
4937| [78567] Postfix Admin backup.php Unspecified SQL Injection
4938| [78566] Postfix Admin functions.inc.php pacrypt() Function Unspecified SQL Injection
4939| [78565] Postfix Admin create-domain.php Unspecified SQL Injection
4940| [78564] Postfix Admin Unspecified XSS
4941| [78563] Postfix Admin edit-alias.php Unspecified XSS
4942| [78562] Postfix Admin create-alias.php Unspecified XSS
4943| [78561] Postfix Admin create-domain.php Unspecified XSS
4944| [78560] Postfix Admin templates/edit-vacation.php domain Parameter XSS
4945| [78559] Postfix Admin templates/menu.php domain Parameter XSS
4946| [72259] Postfix SMTP Cyrus SASL Authentication Context Data Reuse Memory Corruption
4947| [71021] Postfix STARTTLS Arbitrary Plaintext Command Injection
4948| [68340] Artica postfix.events.php Unrestricted Access Information Disclosure
4949| [61983] SUSE Linux postfix Network Interface Remote Access Restriction Bypass
4950| [58325] Debian GNU/Linux postfix postfix.postinst Symlink Arbitrary File Overwrite
4951| [49634] Postfix postfix_groups.pl Multiple Temporary File Symlink Arbitrary File Overwrite
4952| [48973] Apple Mac OS X Postfix Network Access Configuration Weakness
4953| [48108] Postfix epoll File Descriptor Leak Local DoS
4954| [47659] Postfix Cross-user Filename Local Mail Interception
4955| [47658] Postfix Hardlink to Symlink Mailspool Arbitrary Content Append
4956| [43888] policyd-weight for Postfix Socket Handling Unspecified Arbitrary File Manipulation
4957| [38091] policyd for Postfix sockets.c read_w() Function SMTP Command Remote Overflow
4958| [22381] Kolab Server Secure SMTP postfix.log Authentication Credential Disclosure
4959| [13470] Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay
4960| [12339] SQLgrey Postfix greylisting service Unspecified SQL Injection
4961| [12200] Apple Mac OS X Postfix CRAM-MD5 Replay Credentials
4962| [11571] SQLgrey Postfix greylisting Email Address SQL Injection
4963| [10545] Postfix Multiple Mail Header SMTP listener DoS
4964| [10544] Postfix Malformed Envelope Address nqmgr DoS
4965| [10500] Apple Mac OS X Postfix SMTPD AUTH Username Overflow DoS
4966| [6551] Postfix Bounce Scan / Packet Amplification DDoS
4967| [1991] Postfix SMTP Log DoS
4968|_
4969587/tcp open smtp Postfix smtpd
4970| vulscan: VulDB - https://vuldb.com:
4971| [108975] Apple macOS up to 10.13.1 Postfix unknown vulnerability
4972| [98314] PostfixAdmin up to 3.0.1 AliasHandler delete.php gen_show_status denial of service
4973| [71720] Postfix up to 2.3.0 backup.php pacrypt sql injection
4974| [12746] Postfix Admin 2.3.6 functions.inc.php sql injection
4975| [57422] Postfix memory corruption
4976| [56843] Postfix up to 2.7.2 Cleartext weak encryption
4977|
4978| MITRE CVE - https://cve.mitre.org:
4979| [CVE-2013-2852] Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
4980| [CVE-2011-1720] The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
4981| [CVE-2011-0411] The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
4982| [CVE-2010-0230] SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.
4983| [CVE-2009-2939] The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
4984| [CVE-2008-4977] ** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it."
4985| [CVE-2008-3889] Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
4986| [CVE-2008-3646] The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users.
4987| [CVE-2008-2937] Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
4988| [CVE-2008-2936] Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.
4989| [CVE-2007-3791] Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd before 1.81 for Postfix allows remote attackers to cause a denial of service and possibly execute arbitrary code via long SMTP commands. NOTE: some of these details are obtained from third party information.
4990| [CVE-2006-0213] Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
4991| [CVE-2005-1127] Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey.
4992| [CVE-2005-0337] Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
4993| [CVE-2004-1113] SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
4994| [CVE-2004-1088] Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.
4995| [CVE-2004-0925] Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate.
4996| [CVE-2003-0540] The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
4997| [CVE-2003-0468] Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
4998| [CVE-2001-0894] Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large.
4999|
5000| SecurityFocus - https://www.securityfocus.com/bid/:
5001| [96142] PostfixAdmin CVE-2017-5930 Session Management Security Bypass Vulnerability
5002| [90814] Postfix Admin Multiple Cross Site Request Forgery Vulnerabilities
5003| [67250] Postfix Arbitrary Content Security Bypass Vulnerability
5004| [66455] Postfix Admin 'functions.inc.php' SQL Injection Vulnerability
5005| [65184] Fail2ban Postfix Filter Remote Denial of Service Vulnerability
5006| [51680] Postfix Admin Multiple SQL Injection and Cross Site Scripting Vulnerabilities
5007| [47778] Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
5008| [36469] Debian and Ubuntu Postfix Insecure Temporary File Creation Vulnerability
5009| [31721] Apple Mac OS X 10.5 Postfix Security Bypass Vulnerability
5010| [30977] Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
5011| [30691] Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities
5012| [13133] Salim Gasmi GLD Postfix Greylisting Daemon Format String Vulnerability
5013| [13129] Salim Gasmi GLD Postfix Greylisting Daemon Buffer Overflow Vulnerability
5014| [12445] Postfix IPv6 Unauthorized Mail Relay Vulnerability
5015| [11898] SQLgrey Postfix Greylisting Service Unspecified SQL Injection Vulnerability
5016| [11633] SQLgrey Postfix Greylisting Service SQL Injection Vulnerability
5017| [11323] Apple Mac OS X Postfix Release SMTPD AUTH Username Denial Of Service Vulnerability
5018| [8362] Postfix SMTP Malformed E-mail Envelope Address Denial of Service Vulnerability
5019| [8361] Postfix Connection Proxying Vulnerability
5020| [8333] Multiple Postfix Denial of Service Vulnerabilities
5021| [3638] SuSEConfig.postfix chroot Local DoS Attack Vulnerability
5022| [3637] SuSEConfig.postfix chroot File Ownership Vulnerability
5023| [3544] Postfix SMTP Log Denial Of Service Vulnerability
5024| [1428] cyrus With postfix and Procmail Remote Shell Expansion Vulnerabilities
5025|
5026| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5027| [72752] Postfix Admin multiple parameters SQL injection
5028| [72751] PostfixAdmin multiple parameters cross-site scripting
5029| [67359] Postfix Cyrus SASL library in the SMTP server code execution
5030| [55970] SUSE Linux Enterprise postfix security bypass
5031| [53425] Postfix in Debian and Ubuntu pid symlink
5032| [45876] Apple Mac OS X Postfix configuration file weak security
5033| [44865] Postfix file descriptor denial of service
5034| [44461] Postfix email information disclosure
5035| [44460] Postfix symlink code execution
5036| [22655] RHSA-2005:152 updates for postfix not installed
5037| [19218] Postfix IPv6 mail relay
5038| [18435] SQLgrey Postfix greylisting service SQL injection
5039| [18353] Postfix CRAM-MD5 authentication replay attack
5040| [17998] SQLgrey Postfix greylisting service SQL injection
5041| [17595] Apple Mac OS postfix SMTPD AUTH denial of service
5042| [12816] Postfix MAIL FROM or RCPT TO denial of service
5043| [12815] Postfix could be used as a distributed denial of service tool
5044| [7568] Postfix SMTP log denial of service
5045| [4905] Cyrus with postfix and procmail integration could allow remote command execution
5046|
5047| Exploit-DB - https://www.exploit-db.com:
5048| [25392] Salim Gasmi GLD 1.x Postfix Greylisting Daemon Buffer Overflow Vulnerability
5049| [22982] Postfix 1.1.x Denial of Service Vulnerabilities (2)
5050| [22981] Postfix 1.1.x Denial of Service Vulnerabilities (1)
5051| [16841] GLD (Greylisting Daemon) Postfix Buffer Overflow
5052| [10023] Salim Gasmi GLD 1.0 - 1.4 Postfix Greylisting Buffer Overflow
5053| [6472] Postfix < 2.4.9, 2.5.5, 2.6-20080902 - (.forward) Local DoS Exploit
5054| [6337] Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit
5055| [934] gld 1.4 (Postfix Greylisting Daemon) Remote Format String Exploit
5056|
5057| OpenVAS (Nessus) - http://www.openvas.org:
5058| [902517] Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
5059| [881389] CentOS Update for postfix CESA-2011:0422 centos5 x86_64
5060| [881293] CentOS Update for postfix CESA-2011:0843 centos4 x86_64
5061| [881278] CentOS Update for postfix CESA-2011:0422 centos4 x86_64
5062| [881267] CentOS Update for postfix CESA-2011:0843 centos5 x86_64
5063| [880520] CentOS Update for postfix CESA-2011:0422 centos5 i386
5064| [880509] CentOS Update for postfix CESA-2011:0843 centos5 i386
5065| [880488] CentOS Update for postfix CESA-2011:0843 centos4 i386
5066| [880485] CentOS Update for postfix CESA-2011:0422 centos4 i386
5067| [880268] CentOS Update for postfix CESA-2008:0839 centos3 i386
5068| [880023] CentOS Update for postfix CESA-2008:0839 centos3 x86_64
5069| [870658] RedHat Update for postfix RHSA-2011:0423-01
5070| [870440] RedHat Update for postfix RHSA-2011:0843-01
5071| [870418] RedHat Update for postfix RHSA-2011:0422-01
5072| [870021] RedHat Update for postfix RHSA-2008:0839-01
5073| [863100] Fedora Update for postfix FEDORA-2011-6777
5074| [863097] Fedora Update for postfix FEDORA-2011-6771
5075| [862950] Fedora Update for postfix FEDORA-2011-3394
5076| [862938] Fedora Update for postfix FEDORA-2011-3355
5077| [860510] Fedora Update for postfix FEDORA-2008-8593
5078| [860419] Fedora Update for postfix FEDORA-2008-8595
5079| [850126] SuSE Update for postfix SUSE-SA:2010:011
5080| [850031] SuSE Update for postfix SUSE-SA:2008:040
5081| [840658] Ubuntu Update for postfix USN-1131-1
5082| [840648] Ubuntu Update for postfix USN-1113-1
5083| [840227] Ubuntu Update for postfix vulnerabilities USN-642-1
5084| [840190] Ubuntu Update for postfix vulnerability USN-636-1
5085| [831400] Mandriva Update for postfix MDVSA-2011:090 (postfix)
5086| [830713] Mandriva Update for postfix MDVSA-2008:171 (postfix)
5087| [830635] Mandriva Update for postfix MDVSA-2008:190 (postfix)
5088| [830075] Mandriva Update for postfix MDKA-2007:079 (postfix)
5089| [72452] Gentoo Security Advisory GLSA 201209-18 (postfixadmin)
5090| [71559] Gentoo Security Advisory GLSA 201206-33 (Postfix)
5091| [70744] FreeBSD Ports: postfixadmin
5092| [69770] FreeBSD Ports: postfix, postfix-base
5093| [69733] Debian Security Advisory DSA 2233-1 (postfix)
5094| [69363] FreeBSD Ports: postfix, postfix-base
5095| [66394] Mandriva Security Advisory MDVSA-2009:224-1 (postfix)
5096| [65957] SLES10: Security update for Postfix
5097| [65911] SLES10: Security update for Postfix
5098| [65353] SLES9: Security update for Postfix
5099| [65350] SLES9: Security update for postfix
5100| [64696] Mandrake Security Advisory MDVSA-2009:224 (postfix)
5101| [61646] Gentoo Security Advisory GLSA 200809-09 (postfix)
5102| [61445] Gentoo Security Advisory GLSA 200808-12 (postfix)
5103| [61435] Debian Security Advisory DSA 1629-2 (postfix)
5104| [61434] Debian Security Advisory DSA 1629-1 (postfix)
5105| [60836] FreeBSD Ports: postfix-policyd-weight
5106| [58580] Debian Security Advisory DSA 1361-1 (postfix-policyd)
5107| [53833] Debian Security Advisory DSA 093-1 (postfix)
5108| [53652] Debian Security Advisory DSA 363-1 (postfix)
5109|
5110| SecurityTracker - https://www.securitytracker.com:
5111| [1025521] Postfix SASL Authentication Heap Overflow Lets Remote Users Deny Service
5112| [1025179] Postfix Plaintext to TLS Switching Error Lets Remote Users Inject Plaintext Commands
5113| [1020800] Postfix Linux epoll File Descriptor Leak Lets Local Users Deny Service
5114| [1020700] Postfix Symlink Dereference Bug Lets Local Users Gain Elevated Privileges
5115| [1012395] Postfix CRAM-MD5 Replay Attack May Let Remote Users Send Mail
5116| [1011532] Postfix Buffer Error May Prevent Remote Users from Being Able to Authenticate Using SMTPD AUTH
5117| [1007382] Postfix Bounce Messages Let Remote Users Scan for Open Ports on Other Hosts
5118| [1007381] Postfix Address Resolver Parsing Bug Lets Remote Users Hang the System
5119| [1002756] Postfix Mail Server Can Be Crashed By Remote Users Initiating Unsuccessful Sessions
5120|
5121| OSVDB - http://www.osvdb.org:
5122| [94034] Linux Kernel Broadcom B43 Wireless Driver b43_request_firmware Function fwpostfix modprobe Parameter Format String Local Privilege Escalation
5123| [78567] Postfix Admin backup.php Unspecified SQL Injection
5124| [78566] Postfix Admin functions.inc.php pacrypt() Function Unspecified SQL Injection
5125| [78565] Postfix Admin create-domain.php Unspecified SQL Injection
5126| [78564] Postfix Admin Unspecified XSS
5127| [78563] Postfix Admin edit-alias.php Unspecified XSS
5128| [78562] Postfix Admin create-alias.php Unspecified XSS
5129| [78561] Postfix Admin create-domain.php Unspecified XSS
5130| [78560] Postfix Admin templates/edit-vacation.php domain Parameter XSS
5131| [78559] Postfix Admin templates/menu.php domain Parameter XSS
5132| [72259] Postfix SMTP Cyrus SASL Authentication Context Data Reuse Memory Corruption
5133| [71021] Postfix STARTTLS Arbitrary Plaintext Command Injection
5134| [68340] Artica postfix.events.php Unrestricted Access Information Disclosure
5135| [61983] SUSE Linux postfix Network Interface Remote Access Restriction Bypass
5136| [58325] Debian GNU/Linux postfix postfix.postinst Symlink Arbitrary File Overwrite
5137| [49634] Postfix postfix_groups.pl Multiple Temporary File Symlink Arbitrary File Overwrite
5138| [48973] Apple Mac OS X Postfix Network Access Configuration Weakness
5139| [48108] Postfix epoll File Descriptor Leak Local DoS
5140| [47659] Postfix Cross-user Filename Local Mail Interception
5141| [47658] Postfix Hardlink to Symlink Mailspool Arbitrary Content Append
5142| [43888] policyd-weight for Postfix Socket Handling Unspecified Arbitrary File Manipulation
5143| [38091] policyd for Postfix sockets.c read_w() Function SMTP Command Remote Overflow
5144| [22381] Kolab Server Secure SMTP postfix.log Authentication Credential Disclosure
5145| [13470] Postfix IPv6 Patch if_inet6 Failure Arbitrary Mail Relay
5146| [12339] SQLgrey Postfix greylisting service Unspecified SQL Injection
5147| [12200] Apple Mac OS X Postfix CRAM-MD5 Replay Credentials
5148| [11571] SQLgrey Postfix greylisting Email Address SQL Injection
5149| [10545] Postfix Multiple Mail Header SMTP listener DoS
5150| [10544] Postfix Malformed Envelope Address nqmgr DoS
5151| [10500] Apple Mac OS X Postfix SMTPD AUTH Username Overflow DoS
5152| [6551] Postfix Bounce Scan / Packet Amplification DDoS
5153| [1991] Postfix SMTP Log DoS
5154|_
5155993/tcp filtered imaps
5156995/tcp filtered pop3s
51575355/tcp filtered llmnr
515834816/tcp open mountd 1-3 (RPC #100005)
515935643/tcp open nlockmgr 1-4 (RPC #100021)
516036095/tcp open mountd 1-3 (RPC #100005)
516147025/tcp open mountd 1-3 (RPC #100005)
5162Aggressive OS guesses: Linux 4.4 (95%), Android 5.0.1 (94%), Linux 2.6.32 (94%), Linux 2.6.35 (94%), Linux 3.10 (94%), Linux 3.4 (94%), Linux 3.5 (94%), Linux 4.2 (94%), Synology DiskStation Manager 5.1 (94%), WatchGuard Fireware 11.8 (94%)
5163No exact OS matches for host (test conditions non-ideal).
5164Uptime guess: 40.636 days (since Wed Sep 11 18:23:44 2019)
5165Network Distance: 11 hops
5166TCP Sequence Prediction: Difficulty=261 (Good luck!)
5167IP ID Sequence Generation: All zeros
5168Service Info: Host: www.respectwashington.us
5169
5170TRACEROUTE (using port 554/tcp)
5171HOP RTT ADDRESS
51721 199.21 ms 10.252.204.1
51732 341.72 ms 45.131.4.3
51743 341.68 ms 109.236.95.226
51754 341.76 ms 109.236.95.167
51765 341.79 ms amsix-200gbps.core1.ams1.he.net (80.249.209.150)
51776 341.82 ms 100ge16-1.core1.lon2.he.net (72.52.92.213)
51787 341.86 ms 100ge13-2.core1.nyc4.he.net (72.52.92.166)
51798 442.40 ms 100ge8-1.core1.sjc2.he.net (184.105.81.218)
51809 442.44 ms 10ge4-4.core1.sjc1.he.net (72.52.92.117)
518110 442.47 ms e0-50.core4.fmt1.he.net (184.105.65.214)
518211 238.68 ms respectwashington.us (65.49.16.26)
5183
5184NSE: Script Post-scanning.
5185Initiating NSE at 09:39
5186Completed NSE at 09:39, 0.00s elapsed
5187Initiating NSE at 09:39
5188Completed NSE at 09:39, 0.00s elapsed
5189######################################################################################################################################
5190Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-22 09:39 EDT
5191NSE: Loaded 47 scripts for scanning.
5192NSE: Script Pre-scanning.
5193Initiating NSE at 09:39
5194Completed NSE at 09:39, 0.00s elapsed
5195Initiating NSE at 09:39
5196Completed NSE at 09:39, 0.00s elapsed
5197Initiating Parallel DNS resolution of 1 host. at 09:39
5198Completed Parallel DNS resolution of 1 host. at 09:39, 0.02s elapsed
5199Initiating UDP Scan at 09:39
5200Scanning respectwashington.us (65.49.16.26) [15 ports]
5201Completed UDP Scan at 09:39, 7.92s elapsed (15 total ports)
5202Initiating Service scan at 09:39
5203Scanning 1 service on respectwashington.us (65.49.16.26)
5204Completed Service scan at 09:41, 97.59s elapsed (1 service on 1 host)
5205Initiating OS detection (try #1) against respectwashington.us (65.49.16.26)
5206Retrying OS detection (try #2) against respectwashington.us (65.49.16.26)
5207Initiating Traceroute at 09:41
5208Completed Traceroute at 09:41, 7.37s elapsed
5209Initiating Parallel DNS resolution of 1 host. at 09:41
5210Completed Parallel DNS resolution of 1 host. at 09:41, 0.00s elapsed
5211NSE: Script scanning 65.49.16.26.
5212Initiating NSE at 09:41
5213Completed NSE at 09:41, 0.01s elapsed
5214Initiating NSE at 09:41
5215Completed NSE at 09:41, 1.64s elapsed
5216Nmap scan report for respectwashington.us (65.49.16.26)
5217Host is up (0.36s latency).
5218
5219PORT STATE SERVICE VERSION
522053/udp closed domain
522167/udp closed dhcps
522268/udp closed dhcpc
522369/udp closed tftp
522488/udp closed kerberos-sec
5225123/udp closed ntp
5226137/udp filtered netbios-ns
5227138/udp filtered netbios-dgm
5228139/udp closed netbios-ssn
5229161/udp closed snmp
5230162/udp closed snmptrap
5231389/udp closed ldap
5232500/udp closed isakmp
5233520/udp closed route
52342049/udp open|filtered nfs
5235Too many fingerprints match this host to give specific OS details
5236Network Distance: 11 hops
5237
5238TRACEROUTE (using port 137/udp)
5239HOP RTT ADDRESS
52401 ...
52412 140.84 ms 10.252.204.1
52423 ... 4
52435 206.21 ms 10.252.204.1
52446 221.54 ms 10.252.204.1
52457 221.54 ms 10.252.204.1
52468 221.53 ms 10.252.204.1
52479 221.53 ms 10.252.204.1
524810 221.50 ms 10.252.204.1
524911 121.94 ms 10.252.204.1
525012 ... 18
525119 199.13 ms 10.252.204.1
525220 141.69 ms 10.252.204.1
525321 130.79 ms 10.252.204.1
525422 ... 27
525528 163.61 ms 10.252.204.1
525629 ...
525730 127.01 ms 10.252.204.1
5258
5259NSE: Script Post-scanning.
5260Initiating NSE at 09:41
5261Completed NSE at 09:41, 0.00s elapsed
5262Initiating NSE at 09:41
5263Completed NSE at 09:41, 0.00s elapsed
5264######################################################################################################################################
5265Hosts
5266=====
5267
5268address mac name os_name os_flavor os_sp purpose info comments
5269------- --- ---- ------- --------- ----- ------- ---- --------
527065.49.16.26 respectwashington.us Linux 4.X server
5271
5272Services
5273========
5274
5275host port proto name state info
5276---- ---- ----- ---- ----- ----
527765.49.16.26 53 udp domain closed
527865.49.16.26 67 udp dhcps closed
527965.49.16.26 68 udp dhcpc closed
528065.49.16.26 69 udp tftp closed
528165.49.16.26 80 tcp http open Apache httpd 2.4.18 (Ubuntu)
528265.49.16.26 88 udp kerberos-sec closed
528365.49.16.26 110 tcp pop3 filtered
528465.49.16.26 123 udp ntp closed
528565.49.16.26 137 udp netbios-ns filtered
528665.49.16.26 138 udp netbios-dgm filtered
528765.49.16.26 139 udp netbios-ssn closed
528865.49.16.26 143 tcp imap filtered
528965.49.16.26 161 udp snmp closed
529065.49.16.26 162 udp snmptrap closed
529165.49.16.26 389 udp ldap closed
529265.49.16.26 443 tcp ssl/http open Apache httpd 2.4.18
529365.49.16.26 465 tcp ssl/smtp open Postfix smtpd
529465.49.16.26 500 udp isakmp closed
529565.49.16.26 520 udp route closed
529665.49.16.26 587 tcp smtp open Postfix smtpd
529765.49.16.26 993 tcp imaps filtered
529865.49.16.26 995 tcp pop3s filtered
529965.49.16.26 2049 udp nfs unknown
530065.49.16.26 5355 tcp llmnr filtered
530165.49.16.26 34816 tcp mountd open 1-3 RPC #100005
530265.49.16.26 35643 tcp nlockmgr open 1-4 RPC #100021
530365.49.16.26 36095 tcp mountd open 1-3 RPC #100005
530465.49.16.26 47025 tcp mountd open 1-3 RPC #100005
5305#######################################################################################################################################
5306 Anonymous JTSEC #OpDomesticTerrorism Full Recon #6