· 6 years ago · Jan 05, 2020, 04:02 PM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname bpunion.org ISP Google LLC
4Continent North America Flag
5US
6Country United States Country Code US
7Region Virginia Local time 05 Jan 2020 10:10 EST
8City Unknown Postal Code Unknown
9IP Address 104.154.60.12 Latitude 38.658
10 Longitude -77.248
11=======================================================================================================================================
12#######################################################################################################################################
13> bpunion.org
14Server: 38.132.106.139
15Address: 38.132.106.139#53
16
17Non-authoritative answer:
18Name: bpunion.org
19Address: 104.154.60.12
20>
21#######################################################################################################################################
22Domain Name: BPUNION.ORG
23Registry Domain ID: D164669182-LROR
24Registrar WHOIS Server: whois.godaddy.com
25Registrar URL: http://www.whois.godaddy.com
26Updated Date: 2019-03-12T00:08:07Z
27Creation Date: 2012-02-10T01:24:22Z
28Registry Expiry Date: 2024-02-10T01:24:22Z
29Registrar Registration Expiration Date:
30Registrar: GoDaddy.com, LLC
31Registrar IANA ID: 146
32Registrar Abuse Contact Email: abuse@godaddy.com
33Registrar Abuse Contact Phone: +1.4806242505
34Reseller:
35Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
36Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
37Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
38Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
39Registrant Organization: Domains By Proxy, LLC
40Registrant State/Province: Arizona
41Registrant Country: US
42Name Server: NS05.DOMAINCONTROL.COM
43Name Server: NS06.DOMAINCONTROL.COM
44DNSSEC: unsigned
45#######################################################################################################################################
46[+] Target : bpunion.org
47
48[+] IP Address : 104.154.60.12
49
50[+] Headers :
51
52[+] Server : nginx
53[+] Date : Sun, 05 Jan 2020 15:21:12 GMT
54[+] Content-Type : text/html
55[+] Content-Length : 146
56[+] Connection : keep-alive
57[+] Keep-Alive : timeout=20
58
59[+] SSL Certificate Information :
60
61[+] commonName : bpunion.org
62[+] countryName : US
63[+] organizationName : Let's Encrypt
64[+] commonName : Let's Encrypt Authority X3
65[+] Version : 3
66[+] Serial Number : 0389FEE37777F024B70B625718795851824B
67[+] Not Before : Nov 18 16:25:41 2019 GMT
68[+] Not After : Feb 16 16:25:41 2020 GMT
69[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
70[+] subject Alt Name : (('DNS', 'bpunion.org'),)
71[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
72
73[+] Whois Lookup :
74
75[+] NIR : None
76[+] ASN Registry : arin
77[+] ASN : 15169
78[+] ASN CIDR : 104.154.32.0/19
79[+] ASN Country Code : US
80[+] ASN Date : 2014-07-09
81[+] ASN Description : GOOGLE - Google LLC, US
82[+] cidr : 104.154.0.0/15
83[+] name : GOOGLE-CLOUD
84[+] handle : NET-104-154-0-0-1
85[+] range : 104.154.0.0 - 104.155.255.255
86[+] description : Google LLC
87[+] country : US
88[+] state : CA
89[+] city : Mountain View
90[+] address : 1600 Amphitheatre Parkway
91[+] postal_code : 94043
92[+] emails : ['arin-contact@google.com', 'google-cloud-compliance@google.com']
93[+] created : 2014-07-09
94[+] updated : 2015-09-21
95
96[+] Crawling Target...
97
98[+] Looking for robots.txt........[ Found ]
99[+] Extracting robots Links.......[ 2 ]
100[+] Looking for sitemap.xml.......[ Not Found ]
101[+] Extracting CSS Links..........[ 4 ]
102[+] Extracting Javascript Links...[ 10 ]
103[+] Extracting Internal Links.....[ 74 ]
104[+] Extracting External Links.....[ 21 ]
105[+] Extracting Images.............[ 34 ]
106
107[+] Total Links Extracted : 145
108
109[+] Dumping Links in /opt/FinalRecon/dumps/bpunion.org.dump
110[+] Completed!
111#######################################################################################################################################
112[i] Scanning Site: https://bpunion.org
113
114
115
116B A S I C I N F O
117====================
118
119
120[+] Site Title:
121National Border Patrol Council | Protecting Those Who Protect Our Borders
122[+] IP address: 104.154.60.12
123[+] Web Server: nginx
124[+] CMS: WordPress
125[+] Cloudflare: Not Detected
126[+] Robots File: Found
127
128-------------[ contents ]----------------
129User-agent: *
130Disallow: /wp-admin/
131Allow: /wp-admin/admin-ajax.php
132
133-----------[end of contents]-------------
134
135
136
137W H O I S L O O K U P
138========================
139
140 Domain Name: BPUNION.ORG
141Registry Domain ID: D164669182-LROR
142Registrar WHOIS Server: whois.godaddy.com
143Registrar URL: http://www.whois.godaddy.com
144Updated Date: 2019-03-12T00:08:07Z
145Creation Date: 2012-02-10T01:24:22Z
146Registry Expiry Date: 2024-02-10T01:24:22Z
147Registrar Registration Expiration Date:
148Registrar: GoDaddy.com, LLC
149Registrar IANA ID: 146
150Registrar Abuse Contact Email: abuse@godaddy.com
151Registrar Abuse Contact Phone: +1.4806242505
152Reseller:
153Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
154Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
155Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
156Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
157Registrant Organization: Domains By Proxy, LLC
158Registrant State/Province: Arizona
159Registrant Country: US
160Name Server: NS05.DOMAINCONTROL.COM
161Name Server: NS06.DOMAINCONTROL.COM
162DNSSEC: unsigned
163URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
164>>> Last update of WHOIS database: 2020-01-05T15:20:24Z <<<
165
166For more information on Whois status codes, please visit https://icann.org/epp
167
168
169
170
171
172G E O I P L O O K U P
173=========================
174
175[i] IP Address: 104.154.60.12
176[i] Country: United States
177[i] State: Virginia
178[i] City:
179[i] Latitude: 38.6583
180[i] Longitude: -77.2481
181
182
183
184
185H T T P H E A D E R S
186=======================
187
188
189[i] HTTP/1.1 200 OK
190[i] Server: nginx
191[i] Date: Sun, 05 Jan 2020 15:21:25 GMT
192[i] Content-Type: text/html; charset=UTF-8
193[i] Content-Length: 66607
194[i] Connection: close
195[i] Vary: Accept-Encoding
196[i] Vary: Accept-Encoding
197[i] Link: <https://bpunion.org/wp-json/>; rel="https://api.w.org/"
198[i] Link: <https://bpunion.org/>; rel=shortlink
199[i] X-Powered-By: WP Engine
200[i] X-Cacheable: SHORT
201[i] Vary: Accept-Encoding,Cookie
202[i] Cache-Control: max-age=600, must-revalidate
203[i] X-Cache: HIT: 6
204[i] X-Pass-Why:
205[i] X-Cache-Group: normal
206[i] Accept-Ranges: bytes
207
208
209
210
211D N S L O O K U P
212===================
213
214bpunion.org. 599 IN A 104.154.60.12
215bpunion.org. 3599 IN NS ns05.domaincontrol.com.
216bpunion.org. 3599 IN NS ns06.domaincontrol.com.
217bpunion.org. 3599 IN SOA ns05.domaincontrol.com. dns.jomax.net. 2019031107 28800 7200 604800 600
218bpunion.org. 3599 IN MX 10 alt3.aspmx.l.google.com.
219bpunion.org. 3599 IN MX 1 aspmx.l.google.com.
220bpunion.org. 3599 IN MX 10 alt4.aspmx.l.google.com.
221bpunion.org. 3599 IN MX 5 alt2.aspmx.l.google.com.
222bpunion.org. 3599 IN MX 5 alt1.aspmx.l.google.com.
223
224
225
226
227S U B N E T C A L C U L A T I O N
228====================================
229
230Address = 104.154.60.12
231Network = 104.154.60.12 / 32
232Netmask = 255.255.255.255
233Broadcast = not needed on Point-to-Point links
234Wildcard Mask = 0.0.0.0
235Hosts Bits = 0
236Max. Hosts = 1 (2^0 - 0)
237Host Range = { 104.154.60.12 - 104.154.60.12 }
238
239
240
241N M A P P O R T S C A N
242============================
243
244Starting Nmap 7.70 ( https://nmap.org ) at 2020-01-05 15:21 UTC
245Nmap scan report for bpunion.org (104.154.60.12)
246Host is up (0.027s latency).
247rDNS record for 104.154.60.12: 12.60.154.104.bc.googleusercontent.com
248
249PORT STATE SERVICE
25021/tcp filtered ftp
25122/tcp filtered ssh
25223/tcp filtered telnet
25380/tcp open http
254110/tcp filtered pop3
255143/tcp filtered imap
256443/tcp open https
2573389/tcp filtered ms-wbt-server
258
259Nmap done: 1 IP address (1 host up) scanned in 1.32 seconds
260#######################################################################################################################################
261[+] Starting At 2020-01-05 10:21:29.399820
262[+] Collecting Information On: https://bpunion.org/
263[#] Status: 200
264--------------------------------------------------
265[#] Web Server Detected: nginx
266[#] X-Powered-By: WP Engine
267[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
268- Server: nginx
269- Date: Sun, 05 Jan 2020 15:21:28 GMT
270- Content-Type: text/html; charset=UTF-8
271- Transfer-Encoding: chunked
272- Connection: keep-alive
273- Keep-Alive: timeout=20
274- Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
275- Link: <https://bpunion.org/wp-json/>; rel="https://api.w.org/", <https://bpunion.org/>; rel=shortlink
276- X-Powered-By: WP Engine
277- X-Cacheable: SHORT
278- Cache-Control: max-age=600, must-revalidate
279- X-Cache: HIT: 7
280- X-Pass-Why:
281- X-Cache-Group: normal
282- Content-Encoding: gzip
283--------------------------------------------------
284[#] Finding Location..!
285[#] status: success
286[#] country: United States
287[#] countryCode: US
288[#] region: NJ
289[#] regionName: New Jersey
290[#] city: Newark
291[#] zip: 07175
292[#] lat: 40.7357
293[#] lon: -74.1724
294[#] timezone: America/New_York
295[#] isp: Google LLC
296[#] org: Google LLC
297[#] as: AS15169 Google LLC
298[#] query: 104.154.60.12
299--------------------------------------------------
300[x] Didn't Detect WAF Presence on: https://bpunion.org/
301--------------------------------------------------
302[#] Starting Reverse DNS
303[-] Failed ! Fail
304--------------------------------------------------
305[!] Scanning Open Port
306[#] 80/tcp open http
307[#] 443/tcp open https
308[#] 2222/tcp open EtherNetIP-1
309--------------------------------------------------
310[+] Getting SSL Info
311{'OCSP': ('http://ocsp.int-x3.letsencrypt.org',),
312 'caIssuers': ('http://cert.int-x3.letsencrypt.org/',),
313 'issuer': ((('countryName', 'US'),),
314 (('organizationName', "Let's Encrypt"),),
315 (('commonName', "Let's Encrypt Authority X3"),)),
316 'notAfter': 'Feb 16 16:25:41 2020 GMT',
317 'notBefore': 'Nov 18 16:25:41 2019 GMT',
318 'serialNumber': '0389FEE37777F024B70B625718795851824B',
319 'subject': ((('commonName', 'bpunion.org'),),),
320 'subjectAltName': (('DNS', 'bpunion.org'),),
321 'version': 3}
322-----BEGIN CERTIFICATE-----
323MIIGMjCCBRqgAwIBAgIQBSeGxVVzoXpt+j4nJ67dDjANBgkqhkiG9w0BAQsFADBe
324MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
325d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe
326Fw0xOTA3MDEwMDAwMDBaFw0yMTA4MjkxMjAwMDBaMBkxFzAVBgNVBAMMDioud3Bl
327bmdpbmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb0kGxPp
328UpPxdOXyE/C7weU6s89VQqwQ4VsaWtbgQQrJ8EKS5HsQtlNXLdRTeb7WViHV2zTF
329XHdvVKL6f06deJEW8AYu92vYfrDv3fwoKXW+9p1c+ZqWVVMmbLGo5ZXC5Q0nINfh
330CLOStnp2lpncvY9MqJXfr4WiOIhBdyylk0fRyHZcTycIM76/5kdHCLy5b895VJ0r
331tYpEsp4LOa5Mrt6Ml3iO0+6c6GKEzM/K2v9ncxsXFE62cFFAV21C7gwrqHsTzLy7
332sSfOYRo0uSWgXs4o0SQdbcOnrqoxDcOiNWUtYHXqO8IcuCRkO5TwbJzWKn5TdeNU
3335A+3Qy3ZHU+uzQIDAQABo4IDLzCCAyswHwYDVR0jBBgwFoAUU8oXWfxrwAMhLxqu
3345KqoHIJW2nUwHQYDVR0OBBYEFEqEbplDu1H7MSjVFeCw55WKZQu1MCcGA1UdEQQg
335MB6CDioud3BlbmdpbmUuY29tggx3cGVuZ2luZS5jb20wDgYDVR0PAQH/BAQDAgWg
336MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAv
337hi1odHRwOi8vY2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmww
338TAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
339d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYG
340CCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcw
341AoYxaHR0cDovL2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4
342LmNydDAJBgNVHRMEAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgCkuQmQ
343tBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuvDs2LAAAEAwBHMEUCID17
344cd2Ait5fNBtSl2/VZzURb8bNwf2ZtdY/PNwGeiW4AiEA+rsS03WISPzYgKheQkRW
345CDY1+EPOFZrowVdlQ06mn0MAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/
346XqCDDwAAAWuvDs3OAAAEAwBHMEUCIGRjdk04CQnVxYIXUyRsyhJp9b13EKYS7Joy
347SgI1sOMGAiEAmwCkC7YBSkAxXga+gVPleUs3hFfNDohycJM8yUd/JVQAdwBElGUu
348sO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWuvDszZAAAEAwBIMEYCIQCX
349cwKEFKETqu2VK1LEjqCF/N/GaNpXzeeiEhjMf/oGzgIhAPqlCxD4Gs8izeqG/7VN
35091Rzk115/4Cr0skZ3Xg8mEEWMA0GCSqGSIb3DQEBCwUAA4IBAQCLKyCM4xaH36KO
351azJSsYBG3lw8NWO1mEV0SQm/2yg3Fb9JfiIB76DUeoOtyWT5w39G/C+6tl9s0GJy
352Bt3S093WE3aF5gG7QiS3r6J8hSTeerabF3ogcVGWLojAUUtY1IXnIZ1OgRKe3J2R
353wTkWNxTddma+d2CR2CAHFRhaiDcNgsRjAYD/bcdP3I5Y6/86jniBtsBHMvP6S8qu
354j4WcU0tOvMFNJdfy7BCn7GE36J4qupSE6Bp7eTEUGLrGsFJWKxYXaBxhx38DtKcb
355XvG8kFW2UNflzg+up5QFiJR/j4L3qmK+VF+HajbKDJaM3wwpeVC2WRCqEudmf1dY
356hCSh1NNb
357-----END CERTIFICATE-----
358
359--------------------------------------------------
360[+] Collecting Information Disclosure!
361[#] Detecting sitemap.xml file
362[-] sitemap.xml file not Found!?
363[#] Detecting robots.txt file
364[!] robots.txt File Found: https://bpunion.org//robots.txt
365[#] Detecting GNU Mailman
366[-] GNU Mailman App Not Detected!?
367--------------------------------------------------
368[+] Crawling Url Parameter On: https://bpunion.org/
369--------------------------------------------------
370[#] Searching Html Form !
371[+] Html Form Discovered
372[#] action: /#gf_1
373[#] class: ['gplaceholder']
374[#] id: gform_1
375[#] method: post
376--------------------------------------------------
377[!] Found 4 dom parameter
378[#] https://bpunion.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fbpunion.org%2F&format=xml
379[#] https://bpunion.org//#
380[#] https://bpunion.org//#
381[#] https://bpunion.org//#
382--------------------------------------------------
383[!] 3 Internal Dynamic Parameter Discovered
384[+] https://bpunion.org/xmlrpc.php?rsd
385[+] https://bpunion.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fbpunion.org%2F
386[+] https://bpunion.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fbpunion.org%2F&format=xml
387--------------------------------------------------
388[!] 4 External Dynamic Parameter Discovered
389[#] https://fonts.googleapis.com/css?family=Libre+Franklin:300,300i,400,400i,500,500i,700,700i
390[#] https://fonts.googleapis.com/css?family=Fira+Mono:400,500,700
391[#] http://www.afge.org/?Page=AboutUS
392[#] https://www.afge.org/?Page=AboutUS
393--------------------------------------------------
394[!] 207 Internal links Discovered
395[+] https://bpunion.org/wp-content/themes/nbpc/favicon.ico
396[+] https://bpunion.org/wp-content/themes/nbpc/style.css
397[+] https://bpunion.org/xmlrpc.php
398[+] https://bpunion.org/feed/
399[+] https://bpunion.org/comments/feed/
400[+] https://bpunion.org/wp-includes/wlwmanifest.xml
401[+] https://bpunion.org/
402[+] https://bpunion.org
403[+] https://bpunion.org//javascript:void(0)
404[+] https://bpunion.org/about-npbc/
405[+] https://bpunion.org/about-nbpc/the-nbpc-mission/
406[+] https://bpunion.org/about-nbpc/join-nbpc/
407[+] https://bpunion.org/category/legislative-affairs/
408[+] https://bpunion.org/category/legislative-affairs/legislative-advisories/
409[+] https://bpunion.org/category/legislative-affairs/congressional-testimony/
410[+] https://bpunion.org/category/litigation-news/
411[+] https://bpunion.org/category/member-resources/
412[+] https://bpunion.org/category/member-resources/eeo/
413[+] https://bpunion.org/category/member-resources/health-safety/
414[+] https://bpunion.org/category/member-resources/litigation/
415[+] https://bpunion.org/category/member-resources/member-advisories/
416[+] https://bpunion.org/member-resources/owcp/owcp/
417[+] https://bpunion.org/about-nbpc/union-faq/
418[+] https://bpunion.org/member-resources/member-advisories/union-member-rights/
419[+] https://bpunion.org/news/
420[+] https://bpunion.org/category/press-releases/
421[+] https://bpunion.org/category/special-reports/
422[+] https://bpunion.org/featured/u-s-house-of-representatives-approves-1-4-trillion-spending-package-includes-3-1-increase-for-federal-employees/
423[+] https://bpunion.org/featured/u-s-house-of-representatives-approves-1-4-trillion-spending-package-includes-3-1-increase-for-federal-employees/
424[+] https://bpunion.org/featured/u-s-house-and-senate-pass-fy-2020-national-defense-authorization-act-ndaa-includes-paid-parental-leave/
425[+] https://bpunion.org/category/featured/
426[+] https://bpunion.org/featured/u-s-house-and-senate-pass-fy-2020-national-defense-authorization-act-ndaa-includes-paid-parental-leave/
427[+] https://bpunion.org/featured/collective-bargaining-agreement-effective-nov-1-2019/
428[+] https://bpunion.org/category/featured/
429[+] https://bpunion.org/featured/collective-bargaining-agreement-effective-nov-1-2019/
430[+] https://bpunion.org/category/featured/
431[+] https://bpunion.org/featured/border-patrol-agents-have-been-unfairly-scrutinized-criticized-and-attacked-by-radical-groups/
432[+] https://bpunion.org/featured/national-border-patrol-council-nbpc-issues-statement-on-pro-publica-news-article-regarding-facebook-group-im-10-15/
433[+] https://bpunion.org/category/featured/
434[+] https://bpunion.org/featured/national-border-patrol-council-nbpc-issues-statement-on-pro-publica-news-article-regarding-facebook-group-im-10-15/
435[+] https://bpunion.org/featured/border-patrol-agents-arrest-ms-13/
436[+] https://bpunion.org/category/featured/
437[+] https://bpunion.org/featured/border-patrol-agents-arrest-ms-13/
438[+] https://bpunion.org/featured/laredo-sector-border-patrol-agents-stop-human-smuggling-event-involving-120-illegal-aliens-from-5-different-countries/
439[+] https://bpunion.org/category/featured/
440[+] https://bpunion.org/featured/laredo-sector-border-patrol-agents-stop-human-smuggling-event-involving-120-illegal-aliens-from-5-different-countries/
441[+] https://bpunion.org/featured/the-biggest-loophole-drawing-illegal-aliens-to-our-borders-is-the-use-of-fraudulent-and-meritless-asylum-claims-to-gain-entry-into-our-great-country-president-donald-j-trump/
442[+] https://bpunion.org/category/featured/
443[+] https://bpunion.org/featured/the-biggest-loophole-drawing-illegal-aliens-to-our-borders-is-the-use-of-fraudulent-and-meritless-asylum-claims-to-gain-entry-into-our-great-country-president-donald-j-trump/
444[+] https://bpunion.org/featured/op-ed-the-aiding-and-abetting-of-migrant-caravans-by-hector-garza/
445[+] https://bpunion.org/category/featured/
446[+] https://bpunion.org/featured/op-ed-the-aiding-and-abetting-of-migrant-caravans-by-hector-garza/
447[+] https://bpunion.org/featured/national-border-patrol-council-vp-mcaleenan-has-a-tough-job-ahead/
448[+] https://bpunion.org/category/featured/
449[+] https://bpunion.org/featured/national-border-patrol-council-vp-mcaleenan-has-a-tough-job-ahead/
450[+] https://bpunion.org/featured/cbp-southwest-border-total-apprehensions/
451[+] https://bpunion.org/category/featured/
452[+] https://bpunion.org/featured/cbp-southwest-border-total-apprehensions/
453[+] https://bpunion.org/featured/op-ed-by-brandon-judd-cross-designate-and-train-border-patrol-agents-as-asylum-officers-with-limited-authority-to-conduct-credible-fear-interviews/
454[+] https://bpunion.org/category/featured/
455[+] https://bpunion.org/featured/op-ed-by-brandon-judd-cross-designate-and-train-border-patrol-agents-as-asylum-officers-with-limited-authority-to-conduct-credible-fear-interviews/
456[+] https://bpunion.org/featured/national-border-patrol-council-president-there-is-a-national-emergency-on-our-border-heres-proof/
457[+] https://bpunion.org/category/featured/
458[+] https://bpunion.org/featured/national-border-patrol-council-president-there-is-a-national-emergency-on-our-border-heres-proof/
459[+] https://bpunion.org/featured/the-us-border-patrol-remains-the-largest-humanitarian-organization-on-the-us-mexico-border/
460[+] https://bpunion.org/category/featured/
461[+] https://bpunion.org/featured/the-us-border-patrol-remains-the-largest-humanitarian-organization-on-the-us-mexico-border/
462[+] https://bpunion.org/featured/fox-news-todd-starnes-show-and-nbpc-vp-art-del-cueto/
463[+] https://bpunion.org/category/featured/
464[+] https://bpunion.org/featured/fox-news-todd-starnes-show-and-nbpc-vp-art-del-cueto/
465[+] https://bpunion.org/featured/brandon-judd-border-wall-only-humanitarian-way-to-prevent-deaths-like-migrant-girl/
466[+] https://bpunion.org/category/featured/
467[+] https://bpunion.org/featured/brandon-judd-border-wall-only-humanitarian-way-to-prevent-deaths-like-migrant-girl/
468[+] https://bpunion.org/featured/national-border-patrol-council-puts-support-behind-trump/
469[+] https://bpunion.org/category/featured/
470[+] https://bpunion.org/featured/national-border-patrol-council-puts-support-behind-trump/
471[+] https://bpunion.org/featured/955/
472[+] https://bpunion.org/category/featured/
473[+] https://bpunion.org/featured/955/
474[+] https://bpunion.org/featured/go-fund-me-border-patrol-agent-jeff-miranda-diagnosed-with-als-lou-gehrigs-disease/
475[+] https://bpunion.org/category/featured/
476[+] https://bpunion.org/featured/go-fund-me-border-patrol-agent-jeff-miranda-diagnosed-with-als-lou-gehrigs-disease/
477[+] https://bpunion.org/featured/why-congress-should-fund-trumps-border-wall/
478[+] https://bpunion.org/category/featured/
479[+] https://bpunion.org/featured/why-congress-should-fund-trumps-border-wall/
480[+] https://bpunion.org/featured/op-ed-by-nbpc-president-brandon-judd-trumps-wall-is-the-best-way-to-end-the-humanitarian-crisis-on-our-southern-border/
481[+] https://bpunion.org/category/featured/
482[+] https://bpunion.org/featured/op-ed-by-nbpc-president-brandon-judd-trumps-wall-is-the-best-way-to-end-the-humanitarian-crisis-on-our-southern-border/
483[+] https://bpunion.org/featured/us-border-patrol-what-is-a-hero/
484[+] https://bpunion.org/category/featured/
485[+] https://bpunion.org/featured/us-border-patrol-what-is-a-hero/
486[+] https://bpunion.org/category/featured/
487[+] https://bpunion.org/featured/forgotten-actor-peter-fonda-is-a-domestic-terrorist/
488[+] https://bpunion.org/category/featured/
489[+] https://bpunion.org/featured/is-a-compromise-on-immigration-reform-possible/
490[+] https://bpunion.org/featured/912/
491[+] https://bpunion.org/category/featured/
492[+] https://bpunion.org/featured/912/
493[+] https://bpunion.org/featured/nbpc-president-brandon-judd-talks-tech-that-could-help-secure-the-border/
494[+] https://bpunion.org/category/featured/
495[+] https://bpunion.org/featured/nbpc-president-brandon-judd-talks-tech-that-could-help-secure-the-border/
496[+] https://bpunion.org/featured/fox-news-immigrants-arrested-crossing-us-mexican-border-tops-50k-in-march-april/
497[+] https://bpunion.org/category/featured/
498[+] https://bpunion.org/featured/fox-news-immigrants-arrested-crossing-us-mexican-border-tops-50k-in-march-april/
499[+] https://bpunion.org/featured/theyre-worse-than-animals-in-my-opinion-animals-do-not-treat-other-animals-the-way-ms-13-treats-other-human-beings-brandon-judd-nbpc-president/
500[+] https://bpunion.org/category/featured/
501[+] https://bpunion.org/featured/theyre-worse-than-animals-in-my-opinion-animals-do-not-treat-other-animals-the-way-ms-13-treats-other-human-beings-brandon-judd-nbpc-president/
502[+] https://bpunion.org/featured/the-caravan-is-here-what-will-happen-next/
503[+] https://bpunion.org/category/featured/
504[+] https://bpunion.org/featured/the-caravan-is-here-what-will-happen-next/
505[+] https://bpunion.org/category/featured/
506[+] https://bpunion.org/featured/nbpc-vp-art-del-cueto-weighs-in-on-fox-and-friends/
507[+] https://bpunion.org/featured/nbpc-president-brandon-judd-shares-his-thoughts-on-asylum-seekers/
508[+] https://bpunion.org/category/featured/
509[+] https://bpunion.org/featured/nbpc-president-brandon-judd-shares-his-thoughts-on-asylum-seekers/
510[+] https://bpunion.org/featured/we-need-to-build-that-wall-so-that-we-can-save-american-lives-vp-national-border-patrol-council/
511[+] https://bpunion.org/category/featured/
512[+] https://bpunion.org/featured/we-need-to-build-that-wall-so-that-we-can-save-american-lives-vp-national-border-patrol-council/
513[+] https://bpunion.org/category/featured/
514[+] https://bpunion.org/featured/2018-operational-mobility-announcement/
515[+] https://bpunion.org/category/featured/
516[+] https://bpunion.org/uncategorized/nbpc-statement-on-president-trumps-plan-to-deploy-the-national-guard-to-the-border/
517[+] https://bpunion.org/category/featured/
518[+] https://bpunion.org/uncategorized/president-trump-talks-tough-urges-mexico-to-cooperate-reaction-from-brandon-judd-president-of-the-national-border-patrol-council/
519[+] https://bpunion.org/category/featured/
520[+] https://bpunion.org/featured/nbpc-president-brandon-judd-on-president-trumps-plans-to-send-the-national-guard-to-the-border-with-mexico/
521[+] https://bpunion.org/category/featured/
522[+] https://bpunion.org/featured/how-bad-is-the-situation-at-americas-southern-border/
523[+] https://bpunion.org/uncategorized/nbpc-endorses-senator-ted-cruz-for-re-election/
524[+] https://bpunion.org/category/featured/
525[+] https://bpunion.org/uncategorized/nbpc-endorses-senator-ted-cruz-for-re-election/
526[+] https://bpunion.org/featured/president-trump-responds-via-twitter-to-national-border-patrol-council-president-brandon-judds-interview-regarding-a-caravan-of-immigrants-headed-to-the-u-s-border/
527[+] https://bpunion.org/category/featured/
528[+] https://bpunion.org/featured/president-trump-responds-via-twitter-to-national-border-patrol-council-president-brandon-judds-interview-regarding-a-caravan-of-immigrants-headed-to-the-u-s-border/
529[+] https://bpunion.org/featured/nbpc-leaders-weighs-in-after-congress-fails-to-properly-fund-border-wall/
530[+] https://bpunion.org/category/featured/
531[+] https://bpunion.org/featured/nbpc-leaders-weighs-in-after-congress-fails-to-properly-fund-border-wall/
532[+] https://bpunion.org/category/featured/
533[+] https://bpunion.org/featured/nbpc-president-were-finally-getting-a-wall-in-strategic-locations/
534[+] https://bpunion.org/category/featured/
535[+] https://bpunion.org/featured/the-secure-and-succeed-act-introduced/
536[+] https://bpunion.org/featured/making-america-confident-again/
537[+] https://bpunion.org/category/featured/
538[+] https://bpunion.org/featured/making-america-confident-again/
539[+] https://bpunion.org/category/featured/
540[+] https://bpunion.org/featured/president-trump-signed-the-cr-to-end-the-shutdown/
541[+] https://bpunion.org/category/featured/
542[+] https://bpunion.org/featured/border-patrol-agents-mentioned-in-white-house-press-briefing-on-government-shutdown/
543[+] https://bpunion.org/category/featured/
544[+] https://bpunion.org/featured/border-patrol-agents-thankful-for-president-trumps-support/
545[+] https://bpunion.org/category/featured/
546[+] https://bpunion.org/featured/ammo-inc-benefit-for-nbpc-members/
547[+] https://bpunion.org/featured/nbpc-responds-to-ridiculous-allegations-promoted-by-some-news-outlets/
548[+] https://bpunion.org/category/featured/
549[+] https://bpunion.org/featured/nbpc-responds-to-ridiculous-allegations-promoted-by-some-news-outlets/
550[+] https://bpunion.org/category/featured/
551[+] https://bpunion.org/featured/border-patrol-agent-killed-and-another-agent-hospitalized-in-big-bend-sector/
552[+] https://bpunion.org/category/featured/
553[+] https://bpunion.org/featured/pbr-shows-why-the-sport-always-stands-for-the-american-flag/
554[+] https://bpunion.org/category/featured/
555[+] https://bpunion.org/featured/border-patrol-agent-and-his-family-displaced-after-fire-destroys-home/
556[+] https://bpunion.org/category/featured/
557[+] https://bpunion.org/featured/nbpc-updated-advisory-on-backscattervacis/
558[+] https://bpunion.org/news/
559[+] https://bpunion.org/category/featured/
560[+] https://bpunion.org/featured/national-border-patrol-council-nbpc-issues-statement-on-pro-publica-news-article-regarding-facebook-group-im-10-15/
561[+] https://bpunion.org/category/featured/
562[+] https://bpunion.org/featured/president-trump-responds-via-twitter-to-national-border-patrol-council-president-brandon-judds-interview-regarding-a-caravan-of-immigrants-headed-to-the-u-s-border/
563[+] https://bpunion.org/category/featured/
564[+] https://bpunion.org/featured/u-s-house-and-senate-pass-fy-2020-national-defense-authorization-act-ndaa-includes-paid-parental-leave/
565[+] https://bpunion.org/category/featured/
566[+] https://bpunion.org/featured/u-s-house-of-representatives-approves-1-4-trillion-spending-package-includes-3-1-increase-for-federal-employees/
567[+] https://bpunion.org/category/featured/
568[+] https://bpunion.org/featured/collective-bargaining-agreement-effective-nov-1-2019/
569[+] https://bpunion.org/category/featured/
570[+] https://bpunion.org/featured/border-patrol-agents-have-been-unfairly-scrutinized-criticized-and-attacked-by-radical-groups/
571[+] https://bpunion.org/category/featured/
572[+] https://bpunion.org/featured/border-patrol-agents-arrest-ms-13/
573[+] https://bpunion.org/category/featured/
574[+] https://bpunion.org/featured/laredo-sector-border-patrol-agents-stop-human-smuggling-event-involving-120-illegal-aliens-from-5-different-countries/
575[+] https://bpunion.org/category/featured/
576[+] https://bpunion.org/featured/the-biggest-loophole-drawing-illegal-aliens-to-our-borders-is-the-use-of-fraudulent-and-meritless-asylum-claims-to-gain-entry-into-our-great-country-president-donald-j-trump/
577[+] https://bpunion.org/category/featured/
578[+] https://bpunion.org/featured/op-ed-the-aiding-and-abetting-of-migrant-caravans-by-hector-garza/
579[+] https://bpunion.org/category/featured/
580[+] https://bpunion.org/featured/national-border-patrol-council-vp-mcaleenan-has-a-tough-job-ahead/
581[+] https://bpunion.org/category/featured/
582[+] https://bpunion.org/featured/cbp-southwest-border-total-apprehensions/
583[+] https://bpunion.org/category/featured/
584[+] https://bpunion.org/featured/op-ed-by-brandon-judd-cross-designate-and-train-border-patrol-agents-as-asylum-officers-with-limited-authority-to-conduct-credible-fear-interviews/
585[+] https://bpunion.org/news/
586[+] https://bpunion.org/featured/border-patrol-agents-have-been-unfairly-scrutinized-criticized-and-attacked-by-radical-groups/
587[+] https://bpunion.org/featured/op-ed-by-brandon-judd-cross-designate-and-train-border-patrol-agents-as-asylum-officers-with-limited-authority-to-conduct-credible-fear-interviews/
588[+] https://bpunion.org/featured/us-border-patrol-what-is-a-hero/
589[+] https://bpunion.org
590[+] https://bpunion.org/about-nbpc/the-nbpc-mission/
591[+] https://bpunion.org/about-nbpc/join-nbpc/
592[+] https://bpunion.org/contact-us/
593[+] https://bpunion.org/category/member-resources/eeo/
594[+] https://bpunion.org/category/member-resources/health-safety/
595[+] https://bpunion.org/category/member-resources/litigation/
596[+] https://bpunion.org/category/member-resources/member-advisories/
597[+] https://bpunion.org/category/member-resources/owcp/
598[+] https://bpunion.org/about-nbpc/union-faq/
599[+] https://bpunion.org/member-resources/member-advisories/union-member-rights/
600[+] https://bpunion.org/category/press-releases/
601[+] https://bpunion.org/category/special-reports/
602--------------------------------------------------
603[!] 25 External links Discovered
604[#] http://gmpg.org/xfn/11
605[#] https://use.typekit.net/hya7lnz.css
606[#] https://www.facebook.com/bpunion/
607[#] https://twitter.com/bpunion
608[#] http://bpunion1613.org/
609[#] http://nbpc1929.org/
610[#] http://local2266.com/
611[#] http://www.nbpc2349.org/
612[#] http://www.nbpc2366.org/
613[#] http://local2455.com/
614[#] http://www.bpunion2499.org/
615[#] http://local2509.org/
616[#] http://www.local2544.org/
617[#] http://www.nbpc2554.org/
618[#] http://local2595.org/index.php
619[#] http://www.local2724.org/
620[#] http://www.bpunion2789.org
621[#] http://www.local-2913.org/
622[#] http://www.rgv3307.org/
623[#] http://poracldf.org/
624[#] http://nbpc.wpengine.com/wp-content/uploads/2017/11/CBA.pdf
625[#] https://www.facebook.com/bpunion/
626[#] https://twitter.com/bpunion
627[#] http://poracldf.org/
628[#] http://nbpc.wpengine.com/wp-content/uploads/2017/11/CBA.pdf
629--------------------------------------------------
630[#] Mapping Subdomain..
631[!] Found 1 Subdomain
632- bpunion.org
633--------------------------------------------------
634[!] Done At 2020-01-05 10:21:52.844620
635#######################################################################################################################################
636Trying "bpunion.org"
637;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9330
638;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 11
639
640;; QUESTION SECTION:
641;bpunion.org. IN ANY
642
643;; ANSWER SECTION:
644bpunion.org. 3600 IN MX 1 aspmx.l.google.com.
645bpunion.org. 3600 IN MX 5 alt1.aspmx.l.google.com.
646bpunion.org. 3600 IN MX 10 alt3.aspmx.l.google.com.
647bpunion.org. 3600 IN MX 5 alt2.aspmx.l.google.com.
648bpunion.org. 3600 IN MX 10 alt4.aspmx.l.google.com.
649bpunion.org. 3600 IN SOA ns05.domaincontrol.com. dns.jomax.net. 2019031107 28800 7200 604800 600
650bpunion.org. 600 IN A 104.154.60.12
651bpunion.org. 3600 IN NS ns06.domaincontrol.com.
652bpunion.org. 3600 IN NS ns05.domaincontrol.com.
653
654;; ADDITIONAL SECTION:
655alt3.aspmx.l.google.com. 254 IN A 172.253.120.27
656aspmx.l.google.com. 254 IN A 74.125.192.27
657alt2.aspmx.l.google.com. 254 IN A 209.85.202.27
658alt1.aspmx.l.google.com. 254 IN A 64.233.186.27
659ns05.domaincontrol.com. 6253 IN A 97.74.102.3
660ns06.domaincontrol.com. 555 IN A 173.201.70.3
661alt3.aspmx.l.google.com. 254 IN AAAA 2a00:1450:400c:c01::1b
662aspmx.l.google.com. 254 IN AAAA 2607:f8b0:400d:c08::1a
663alt2.aspmx.l.google.com. 254 IN AAAA 2a00:1450:400b:c00::1a
664alt1.aspmx.l.google.com. 254 IN AAAA 2800:3f0:4003:c00::1a
665ns05.domaincontrol.com. 15853 IN AAAA 2603:5:2160::3
666
667Received 500 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 84 ms
668#######################################################################################################################################
669; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace bpunion.org any
670;; global options: +cmd
671. 85744 IN NS k.root-servers.net.
672. 85744 IN NS h.root-servers.net.
673. 85744 IN NS l.root-servers.net.
674. 85744 IN NS d.root-servers.net.
675. 85744 IN NS m.root-servers.net.
676. 85744 IN NS f.root-servers.net.
677. 85744 IN NS c.root-servers.net.
678. 85744 IN NS j.root-servers.net.
679. 85744 IN NS g.root-servers.net.
680. 85744 IN NS a.root-servers.net.
681. 85744 IN NS e.root-servers.net.
682. 85744 IN NS b.root-servers.net.
683. 85744 IN NS i.root-servers.net.
684. 85744 IN RRSIG NS 8 0 518400 20200118050000 20200105040000 33853 . Nn0bwlOg0mqVWK/VSoy621bvZslLQvCC999BxdDmeM0lgXq4Vpg72SEs GhiyhZE1EoqmN3x39VoFanZf2TS4wMHLzBopbMysKU0yeHGE0taA4gAP j0Fuk6cWtU7vSzW+AfpSCPd80mw3tHLE6oFVAKz9Ta0DUa0bOL0nU80j pWB8OJy9ULi+lbN6JdvB4+yf/V9LagMnrjNz2UwkQkpq4dqE0hohA4Pk 54MXrBMJDf0zm7EPe9FDpuN+Y8vFzcb+nPAfyjI/Qw0Jp65fpOI2v07b JK6EytckXC0svQ5toNx9xL2c/YgvAgsyEzml2QmzFSOia2IIXvjIaVjg qM6ChQ==
685;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 197 ms
686
687org. 172800 IN NS a0.org.afilias-nst.info.
688org. 172800 IN NS a2.org.afilias-nst.info.
689org. 172800 IN NS b0.org.afilias-nst.org.
690org. 172800 IN NS b2.org.afilias-nst.org.
691org. 172800 IN NS c0.org.afilias-nst.info.
692org. 172800 IN NS d0.org.afilias-nst.org.
693org. 86400 IN DS 9795 7 1 364DFAB3DAF254CAB477B5675B10766DDAA24982
694org. 86400 IN DS 9795 7 2 3922B31B6F3A4EA92B19EB7B52120F031FD8E05FF0B03BAFCF9F891B FE7FF8E5
695org. 86400 IN RRSIG DS 8 1 86400 20200118050000 20200105040000 33853 . p8UdHfYzqfOxQhyUcLTvvrgIJnNvK22B/KsjCoubzPi2YAurzHfp6+gD ETYZWm2HH/2s48PRABvUpKH12htnoRgGwxk+tEizb4VGf6Fu002ifCdx GgxVDFytN5mK/Z9RMz0dtg1e/8zGqTQnsAXHlohU+Rv6S95hmlSuAOyM 7mYU1ZkJtpm9CMBsUx1xxQcKKYegyi+npbmhjAkHmyu1Hh06RQLDIp6A kMQLYstaJL6QBXvQL3uMTl5S/8Q/PJhoc14OpFb+akTZIcjVSlVY9pTS EtZ5wh7XMmMFv/SF4sW5PDkUAIK0e4bZtsRXuqbtZWUsMuCmiX+5HZMG 43/LgQ==
696;; Received 813 bytes from 199.7.91.13#53(d.root-servers.net) in 90 ms
697
698bpunion.org. 86400 IN NS ns05.domaincontrol.com.
699bpunion.org. 86400 IN NS ns06.domaincontrol.com.
700h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN NSEC3 1 1 1 D399EAAB H9PARR669T6U8O1GSG9E1LMITK4DEM0T NS SOA RRSIG DNSKEY NSEC3PARAM
701h9p7u7tr2u91d0v0ljs9l1gidnp90u3h.org. 86400 IN RRSIG NSEC3 7 2 86400 20200126152453 20200105142453 9278 org. HHHpGgFEolDd7iazdRHXW5Xdq5ZJ2oOuti8mPTpAd2Q6+jVRyHCHKu34 IbwZqGhoCAlsxMXrwQPy9ObUBm3O5X+Be5o6pjzOAjFqsIU81wzDYpkF 5WFzjoMbtxDZ1bxbVXurrgAi3UfQjhdv/Od3GPv5n0+VmoA+WVz8LSr1 CyI=
702fpoo4779rqa5j0644e3vm3qvl31miubr.org. 86400 IN NSEC3 1 1 1 D399EAAB FPP8I4JMRI8KAN2EDS63TPP3LPET6JSG NS DS RRSIG
703fpoo4779rqa5j0644e3vm3qvl31miubr.org. 86400 IN RRSIG NSEC3 7 2 86400 20200122152812 20200101142812 9278 org. rjzWJnHcITWvlVJ8fYt1cQzwATvStBWfDupUd13BXKFb/vl31NZmVznu /kaxs/8kBBEgo8l+0iv8XMx1RViXyGO7JKgtaKMHtaFmw8QEqu+aXSDR cQP0JdU923Cf7zaogevsE0TxYW8KPIYL9earMSblEWo1lXdTUH7C9aBZ nAE=
704;; Received 588 bytes from 2001:500:48::1#53(b2.org.afilias-nst.org) in 41 ms
705
706bpunion.org. 600 IN A 104.154.60.12
707bpunion.org. 3600 IN NS ns05.domaincontrol.com.
708bpunion.org. 3600 IN NS ns06.domaincontrol.com.
709bpunion.org. 3600 IN SOA ns05.domaincontrol.com. dns.jomax.net. 2019031107 28800 7200 604800 600
710bpunion.org. 3600 IN MX 10 alt3.aspmx.l.google.com.
711bpunion.org. 3600 IN MX 1 aspmx.l.google.com.
712bpunion.org. 3600 IN MX 10 alt4.aspmx.l.google.com.
713bpunion.org. 3600 IN MX 5 alt2.aspmx.l.google.com.
714bpunion.org. 3600 IN MX 5 alt1.aspmx.l.google.com.
715;; Received 275 bytes from 2603:5:2260::3#53(ns06.domaincontrol.com) in 35 ms
716
717#######################################################################################################################################
718[*] Performing General Enumeration of Domain: bpunion.org
719[-] DNSSEC is not configured for bpunion.org
720[*] SOA ns05.domaincontrol.com 97.74.102.3
721[*] NS ns06.domaincontrol.com 173.201.70.3
722[*] NS ns06.domaincontrol.com 2603:5:2260::3
723[*] NS ns05.domaincontrol.com 97.74.102.3
724[*] NS ns05.domaincontrol.com 2603:5:2160::3
725[*] MX alt1.aspmx.l.google.com 64.233.186.27
726[*] MX aspmx.l.google.com 172.217.197.27
727[*] MX alt4.aspmx.l.google.com 172.217.218.27
728[*] MX alt2.aspmx.l.google.com 209.85.202.27
729[*] MX alt3.aspmx.l.google.com 172.253.120.27
730[*] MX alt1.aspmx.l.google.com 2800:3f0:4003:c00::1b
731[*] MX aspmx.l.google.com 2607:f8b0:400d:c0f::1a
732[*] MX alt4.aspmx.l.google.com 2a00:1450:4013:c08::1b
733[*] MX alt2.aspmx.l.google.com 2a00:1450:400b:c00::1a
734[*] MX alt3.aspmx.l.google.com 2a00:1450:400c:c01::1a
735[*] A bpunion.org 104.154.60.12
736[*] Enumerating SRV Records
737[-] No SRV Records Found for bpunion.org
738[+] 0 Records Found
739#######################################################################################################################################
740[*] Processing domain bpunion.org
741[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
742[+] Getting nameservers
743173.201.70.3 - ns06.domaincontrol.com
74497.74.102.3 - ns05.domaincontrol.com
745[-] Zone transfer failed
746
747[+] MX records found, added to target list
7485 alt1.aspmx.l.google.com.
7491 aspmx.l.google.com.
75010 alt4.aspmx.l.google.com.
7515 alt2.aspmx.l.google.com.
75210 alt3.aspmx.l.google.com.
753
754[*] Scanning bpunion.org for A records
755104.154.60.12 - bpunion.org
756104.154.60.12 - www.bpunion.org
757#######################################################################################################################################
758
759 AVAILABLE PLUGINS
760 -----------------
761
762 HeartbleedPlugin
763 CompressionPlugin
764 FallbackScsvPlugin
765 OpenSslCipherSuitesPlugin
766 HttpHeadersPlugin
767 RobotPlugin
768 EarlyDataPlugin
769 CertificateInfoPlugin
770 OpenSslCcsInjectionPlugin
771 SessionResumptionPlugin
772 SessionRenegotiationPlugin
773
774
775
776 CHECKING HOST(S) AVAILABILITY
777 -----------------------------
778
779 104.154.60.12:443 => 104.154.60.12
780
781
782
783
784 SCAN RESULTS FOR 104.154.60.12:443 - 104.154.60.12
785 --------------------------------------------------
786
787 * SSLV2 Cipher Suites:
788 Server rejected all cipher suites.
789
790 * Certificate Information:
791 Content
792 SHA1 Fingerprint: c6a00220562bb921d359e1cb2f74e579da6eddd0
793 Common Name: *.wpengine.com
794 Issuer: RapidSSL RSA CA 2018
795 Serial Number: 6851373033688357139444286552416378126
796 Not Before: 2019-07-01 00:00:00
797 Not After: 2021-08-29 12:00:00
798 Signature Algorithm: sha256
799 Public Key Algorithm: RSA
800 Key Size: 2048
801 Exponent: 65537 (0x10001)
802 DNS Subject Alternative Names: ['*.wpengine.com', 'wpengine.com']
803
804 Trust
805 Hostname Validation: FAILED - Certificate does NOT match 104.154.60.12
806 Android CA Store (9.0.0_r9): OK - Certificate is trusted
807 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
808 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
809 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
810 Windows CA Store (2019-05-27): OK - Certificate is trusted
811 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
812 Received Chain: *.wpengine.com --> RapidSSL RSA CA 2018 --> DigiCert Global Root CA
813 Verified Chain: *.wpengine.com --> RapidSSL RSA CA 2018 --> DigiCert Global Root CA
814 Received Chain Contains Anchor: WARNING - Received certificate chain contains the anchor certificate
815 Received Chain Order: OK - Order is valid
816 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
817
818 Extensions
819 OCSP Must-Staple: NOT SUPPORTED - Extension not found
820 Certificate Transparency: OK - 3 SCTs included
821
822 OCSP Stapling
823 NOT SUPPORTED - Server did not send back an OCSP response
824
825 * Session Renegotiation:
826 Client-initiated Renegotiation: OK - Rejected
827 Secure Renegotiation: OK - Supported
828
829 * OpenSSL Heartbleed:
830 OK - Not vulnerable to Heartbleed
831
832 * TLSV1_3 Cipher Suites:
833 Server rejected all cipher suites.
834
835 * TLS 1.2 Session Resumption Support:
836 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
837 With TLS Tickets: OK - Supported
838
839 * Deflate Compression:
840 OK - Compression disabled
841
842 * Downgrade Attacks:
843 TLS_FALLBACK_SCSV: OK - Supported
844
845 * TLSV1_1 Cipher Suites:
846 Forward Secrecy OK - Supported
847 RC4 OK - Not Supported
848
849 Preferred:
850 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
851 Accepted:
852 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
853 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
854 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
855 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
856 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
857 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
858
859 * TLSV1_2 Cipher Suites:
860 Forward Secrecy OK - Supported
861 RC4 OK - Not Supported
862
863 Preferred:
864 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 404 Not Found
865 Accepted:
866 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 404 Not Found
867 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 404 Not Found
868 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
869 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 404 Not Found
870 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 404 Not Found
871 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
872 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 404 Not Found
873 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 404 Not Found
874 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
875 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 404 Not Found
876 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 404 Not Found
877 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
878 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 404 Not Found
879 TLS_DHE_RSA_WITH_AES_256_CCM 256 bits HTTP 404 Not Found
880 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 404 Not Found
881 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 404 Not Found
882 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 404 Not Found
883 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 404 Not Found
884 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 404 Not Found
885 RSA_WITH_AES_256_CCM_8 256 bits HTTP 404 Not Found
886 RSA_WITH_AES_256_CCM 256 bits HTTP 404 Not Found
887 RSA_WITH_AES_128_CCM_8 128 bits HTTP 404 Not Found
888 RSA_WITH_AES_128_CCM 128 bits HTTP 404 Not Found
889 DHE_RSA_WITH_AES_256_CCM_8 256 bits HTTP 404 Not Found
890 DHE_RSA_WITH_AES_128_CCM_8 128 bits HTTP 404 Not Found
891 DHE_RSA_WITH_AES_128_CCM 128 bits HTTP 404 Not Found
892
893 * TLSV1 Cipher Suites:
894 Server rejected all cipher suites.
895
896 * OpenSSL CCS Injection:
897 OK - Not vulnerable to OpenSSL CCS injection
898
899 * SSLV3 Cipher Suites:
900 Server rejected all cipher suites.
901
902 * ROBOT Attack:
903 OK - Not vulnerable
904
905
906 SCAN COMPLETED IN 19.51 S
907 -------------------------
908#######################################################################################################################################
909
910Domains still to check: 1
911 Checking if the hostname bpunion.org. given is in fact a domain...
912
913Analyzing domain: bpunion.org.
914 Checking NameServers using system default resolver...
915 IP: 173.201.70.3 (United States)
916 HostName: ns06.domaincontrol.com Type: NS
917 HostName: ns06.domaincontrol.com Type: PTR
918 IP: 97.74.102.3 (United States)
919 HostName: ns05.domaincontrol.com Type: NS
920 HostName: ns05.domaincontrol.com Type: PTR
921
922 Checking MailServers using system default resolver...
923 IP: 64.233.186.27 (United States)
924 HostName: alt1.aspmx.l.google.com Type: MX
925 HostName: cb-in-f27.1e100.net Type: PTR
926 IP: 172.217.197.27 (United States)
927 HostName: aspmx.l.google.com Type: MX
928 IP: 172.217.218.27 (United States)
929 HostName: alt4.aspmx.l.google.com Type: MX
930 IP: 209.85.202.27 (United States)
931 HostName: alt2.aspmx.l.google.com Type: MX
932 HostName: dg-in-f27.1e100.net Type: PTR
933 IP: 172.253.120.27 (United States)
934 HostName: alt3.aspmx.l.google.com Type: MX
935
936 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
937 No zone transfer found on nameserver 97.74.102.3
938 No zone transfer found on nameserver 173.201.70.3
939
940 Checking SPF record...
941 No SPF record
942
943 Checking 192 most common hostnames using system default resolver...
944 IP: 104.154.60.12 (United States)
945 HostName: www.bpunion.org. Type: A
946
947 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
948 Checking netblock 64.233.186.0
949 Checking netblock 209.85.202.0
950 Checking netblock 97.74.102.0
951 Checking netblock 173.201.70.0
952 Checking netblock 172.217.218.0
953 Checking netblock 104.154.60.0
954 Checking netblock 172.253.120.0
955 Checking netblock 172.217.197.0
956
957 Searching for bpunion.org. emails in Google
958 thegreenline@bpunion.org
959 ccabrera@bpunion.org
960 atrevino@bpunion.org.
961 bjudd@bpunion.org.
962 jledesma@bpunion.org.
963
964 Checking 8 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
965 Host 64.233.186.27 is up (reset ttl 64)
966 Host 209.85.202.27 is up (reset ttl 64)
967 Host 97.74.102.3 is up (echo-reply ttl 54)
968 Host 173.201.70.3 is up (echo-reply ttl 247)
969 Host 172.217.218.27 is up (reset ttl 64)
970 Host 104.154.60.12 is up (echo-reply ttl 57)
971 Host 172.253.120.27 is up (reset ttl 64)
972 Host 172.217.197.27 is up (echo-reply ttl 49)
973
974 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
975 Scanning ip 64.233.186.27 (cb-in-f27.1e100.net (PTR)):
976 Scanning ip 209.85.202.27 (dg-in-f27.1e100.net (PTR)):
977 Scanning ip 97.74.102.3 (ns05.domaincontrol.com (PTR)):
978 53/tcp open tcpwrapped syn-ack ttl 54
979 Scanning ip 173.201.70.3 (ns06.domaincontrol.com (PTR)):
980 53/tcp open tcpwrapped syn-ack ttl 247
981 Scanning ip 172.217.218.27 (alt4.aspmx.l.google.com):
982 Scanning ip 104.154.60.12 (www.bpunion.org.):
983 80/tcp open http syn-ack ttl 57 nginx
984 | http-methods:
985 |_ Supported Methods: GET HEAD
986 |_http-title: Site Not Configured | 404 Not Found
987 443/tcp open ssl/http syn-ack ttl 57 nginx
988 | http-methods:
989 |_ Supported Methods: GET HEAD
990 |_http-title: Site Not Configured | 404 Not Found
991 | ssl-cert: Subject: commonName=*.wpengine.com
992 | Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
993 | Issuer: commonName=RapidSSL RSA CA 2018/organizationName=DigiCert Inc/countryName=US
994 | Public Key type: rsa
995 | Public Key bits: 2048
996 | Signature Algorithm: sha256WithRSAEncryption
997 | Not valid before: 2019-07-01T00:00:00
998 | Not valid after: 2021-08-29T12:00:00
999 | MD5: 9fff bbab 2815 9b3f f457 3795 1c89 ee05
1000 |_SHA-1: c6a0 0220 562b b921 d359 e1cb 2f74 e579 da6e ddd0
1001 |_ssl-date: TLS randomness does not represent time
1002 | tls-alpn:
1003 | h2
1004 |_ http/1.1
1005 | tls-nextprotoneg:
1006 | h2
1007 |_ http/1.1
1008 Scanning ip 172.253.120.27 (alt3.aspmx.l.google.com):
1009 Scanning ip 172.217.197.27 (aspmx.l.google.com):
1010 WebCrawling domain's web servers... up to 50 max links.
1011
1012 + URL to crawl: http://www.bpunion.org.
1013 + Date: 2020-01-05
1014
1015 + Crawling URL: http://www.bpunion.org.:
1016 + Links:
1017 + Crawling http://www.bpunion.org.
1018 + Crawling http://www.bpunion.org./s.w.org (404 Not Found)
1019 + Searching for directories...
1020 + Searching open folders...
1021 + Crawl finished successfully.
1022----------------------------------------------------------------------
1023Summary of http://http://www.bpunion.org.
1024----------------------------------------------------------------------
1025+ Links crawled:
1026 - http://www.bpunion.org.
1027 - http://www.bpunion.org./s.w.org (404 Not Found)
1028 Total links crawled: 2
1029
1030+ Links to files found:
1031 Total links to files: 0
1032
1033+ Externals links found:
1034 - about:blank
1035 - http://bpunion1613.org/
1036 - http://gmpg.org/xfn/11
1037 - http://local2266.com/
1038 - http://local2455.com/
1039 - http://local2509.org/
1040 - http://local2595.org/index.php
1041 - http://nbpc.wpengine.com/wp-content/uploads/2017/11/CBA.pdf
1042 - http://nbpc1929.org/
1043 - http://poracldf.org/
1044 - http://www.afge.org/?Page=AboutUS
1045 - http://www.bpunion2499.org/
1046 - http://www.bpunion2789.org
1047 - http://www.local-2913.org/
1048 - http://www.local2544.org/
1049 - http://www.local2724.org/
1050 - http://www.nbpc2349.org/
1051 - http://www.nbpc2366.org/
1052 - http://www.nbpc2554.org/
1053 - http://www.rgv3307.org/
1054 - https://bpunion.org
1055 - https://bpunion.org/
1056 - https://bpunion.org/about-nbpc/join-nbpc/
1057 - https://bpunion.org/about-nbpc/the-nbpc-mission/
1058 - https://bpunion.org/about-nbpc/union-faq/
1059 - https://bpunion.org/about-npbc/
1060 - https://bpunion.org/category/featured/
1061 - https://bpunion.org/category/legislative-affairs/
1062 - https://bpunion.org/category/legislative-affairs/congressional-testimony/
1063 - https://bpunion.org/category/legislative-affairs/legislative-advisories/
1064 - https://bpunion.org/category/litigation-news/
1065 - https://bpunion.org/category/member-resources/
1066 - https://bpunion.org/category/member-resources/eeo/
1067 - https://bpunion.org/category/member-resources/health-safety/
1068 - https://bpunion.org/category/member-resources/litigation/
1069 - https://bpunion.org/category/member-resources/member-advisories/
1070 - https://bpunion.org/category/member-resources/owcp/
1071 - https://bpunion.org/category/press-releases/
1072 - https://bpunion.org/category/special-reports/
1073 - https://bpunion.org/comments/feed/
1074 - https://bpunion.org/contact-us/
1075 - https://bpunion.org/featured/2018-operational-mobility-announcement/
1076 - https://bpunion.org/featured/912/
1077 - https://bpunion.org/featured/955/
1078 - https://bpunion.org/featured/ammo-inc-benefit-for-nbpc-members/
1079 - https://bpunion.org/featured/border-patrol-agent-and-his-family-displaced-after-fire-destroys-home/
1080 - https://bpunion.org/featured/border-patrol-agent-killed-and-another-agent-hospitalized-in-big-bend-sector/
1081 - https://bpunion.org/featured/border-patrol-agents-arrest-ms-13/
1082 - https://bpunion.org/featured/border-patrol-agents-have-been-unfairly-scrutinized-criticized-and-attacked-by-radical-groups/
1083 - https://bpunion.org/featured/border-patrol-agents-mentioned-in-white-house-press-briefing-on-government-shutdown/
1084 - https://bpunion.org/featured/border-patrol-agents-thankful-for-president-trumps-support/
1085 - https://bpunion.org/featured/brandon-judd-border-wall-only-humanitarian-way-to-prevent-deaths-like-migrant-girl/
1086 - https://bpunion.org/featured/cbp-southwest-border-total-apprehensions/
1087 - https://bpunion.org/featured/collective-bargaining-agreement-effective-nov-1-2019/
1088 - https://bpunion.org/featured/forgotten-actor-peter-fonda-is-a-domestic-terrorist/
1089 - https://bpunion.org/featured/fox-news-immigrants-arrested-crossing-us-mexican-border-tops-50k-in-march-april/
1090 - https://bpunion.org/featured/fox-news-todd-starnes-show-and-nbpc-vp-art-del-cueto/
1091 - https://bpunion.org/featured/go-fund-me-border-patrol-agent-jeff-miranda-diagnosed-with-als-lou-gehrigs-disease/
1092 - https://bpunion.org/featured/how-bad-is-the-situation-at-americas-southern-border/
1093 - https://bpunion.org/featured/is-a-compromise-on-immigration-reform-possible/
1094 - https://bpunion.org/featured/laredo-sector-border-patrol-agents-stop-human-smuggling-event-involving-120-illegal-aliens-from-5-different-countries/
1095 - https://bpunion.org/featured/making-america-confident-again/
1096 - https://bpunion.org/featured/national-border-patrol-council-nbpc-issues-statement-on-pro-publica-news-article-regarding-facebook-group-im-10-15/
1097 - https://bpunion.org/featured/national-border-patrol-council-president-there-is-a-national-emergency-on-our-border-heres-proof/
1098 - https://bpunion.org/featured/national-border-patrol-council-puts-support-behind-trump/
1099 - https://bpunion.org/featured/national-border-patrol-council-vp-mcaleenan-has-a-tough-job-ahead/
1100 - https://bpunion.org/featured/nbpc-leaders-weighs-in-after-congress-fails-to-properly-fund-border-wall/
1101 - https://bpunion.org/featured/nbpc-president-brandon-judd-on-president-trumps-plans-to-send-the-national-guard-to-the-border-with-mexico/
1102 - https://bpunion.org/featured/nbpc-president-brandon-judd-shares-his-thoughts-on-asylum-seekers/
1103 - https://bpunion.org/featured/nbpc-president-brandon-judd-talks-tech-that-could-help-secure-the-border/
1104 - https://bpunion.org/featured/nbpc-president-were-finally-getting-a-wall-in-strategic-locations/
1105 - https://bpunion.org/featured/nbpc-responds-to-ridiculous-allegations-promoted-by-some-news-outlets/
1106 - https://bpunion.org/featured/nbpc-updated-advisory-on-backscattervacis/
1107 - https://bpunion.org/featured/nbpc-vp-art-del-cueto-weighs-in-on-fox-and-friends/
1108 - https://bpunion.org/featured/op-ed-by-brandon-judd-cross-designate-and-train-border-patrol-agents-as-asylum-officers-with-limited-authority-to-conduct-credible-fear-interviews/
1109 - https://bpunion.org/featured/op-ed-by-nbpc-president-brandon-judd-trumps-wall-is-the-best-way-to-end-the-humanitarian-crisis-on-our-southern-border/
1110 - https://bpunion.org/featured/op-ed-the-aiding-and-abetting-of-migrant-caravans-by-hector-garza/
1111 - https://bpunion.org/featured/pbr-shows-why-the-sport-always-stands-for-the-american-flag/
1112 - https://bpunion.org/featured/president-trump-responds-via-twitter-to-national-border-patrol-council-president-brandon-judds-interview-regarding-a-caravan-of-immigrants-headed-to-the-u-s-border/
1113 - https://bpunion.org/featured/president-trump-signed-the-cr-to-end-the-shutdown/
1114 - https://bpunion.org/featured/the-biggest-loophole-drawing-illegal-aliens-to-our-borders-is-the-use-of-fraudulent-and-meritless-asylum-claims-to-gain-entry-into-our-great-country-president-donald-j-trump/
1115 - https://bpunion.org/featured/the-caravan-is-here-what-will-happen-next/
1116 - https://bpunion.org/featured/the-secure-and-succeed-act-introduced/
1117 - https://bpunion.org/featured/the-us-border-patrol-remains-the-largest-humanitarian-organization-on-the-us-mexico-border/
1118 - https://bpunion.org/featured/theyre-worse-than-animals-in-my-opinion-animals-do-not-treat-other-animals-the-way-ms-13-treats-other-human-beings-brandon-judd-nbpc-president/
1119 - https://bpunion.org/featured/u-s-house-and-senate-pass-fy-2020-national-defense-authorization-act-ndaa-includes-paid-parental-leave/
1120 - https://bpunion.org/featured/u-s-house-of-representatives-approves-1-4-trillion-spending-package-includes-3-1-increase-for-federal-employees/
1121 - https://bpunion.org/featured/us-border-patrol-what-is-a-hero/
1122 - https://bpunion.org/featured/we-need-to-build-that-wall-so-that-we-can-save-american-lives-vp-national-border-patrol-council/
1123 - https://bpunion.org/featured/why-congress-should-fund-trumps-border-wall/
1124 - https://bpunion.org/feed/
1125 - https://bpunion.org/member-resources/member-advisories/union-member-rights/
1126 - https://bpunion.org/member-resources/owcp/owcp/
1127 - https://bpunion.org/news/
1128 - https://bpunion.org/uncategorized/nbpc-endorses-senator-ted-cruz-for-re-election/
1129 - https://bpunion.org/uncategorized/nbpc-statement-on-president-trumps-plan-to-deploy-the-national-guard-to-the-border/
1130 - https://bpunion.org/uncategorized/president-trump-talks-tough-urges-mexico-to-cooperate-reaction-from-brandon-judd-president-of-the-national-border-patrol-council/
1131 - https://bpunion.org/wp-content/plugins/gravity-forms-placeholders/gf.placeholders.js?ver=1.0
1132 - https://bpunion.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.5
1133 - https://bpunion.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.5
1134 - https://bpunion.org/wp-content/themes/nbpc/css/responsive.css?ver=5.2.5
1135 - https://bpunion.org/wp-content/themes/nbpc/favicon.ico
1136 - https://bpunion.org/wp-content/themes/nbpc/images/logo.png
1137 - https://bpunion.org/wp-content/themes/nbpc/js/jquery.fitvids.js?ver=5.2.5
1138 - https://bpunion.org/wp-content/themes/nbpc/js/jquery.isotope.min.js?ver=5.2.5
1139 - https://bpunion.org/wp-content/themes/nbpc/js/scripts.js?ver=5.2.5
1140 - https://bpunion.org/wp-content/themes/nbpc/style.css
1141 - https://bpunion.org/wp-content/uploads/2017/10/post-img.png
1142 - https://bpunion.org/wp-content/uploads/2018/01/Screenshot-2018-04-07-02.54.27.png
1143 - https://bpunion.org/wp-content/uploads/2018/03/IMG_3025.jpg
1144 - https://bpunion.org/wp-content/uploads/2018/04/NBPC-Ted-Cruz.jpeg
1145 - https://bpunion.org/wp-content/uploads/2018/04/Screenshot-2018-04-01-11.41.02.png
1146 - https://bpunion.org/wp-content/uploads/2018/04/Screenshot-2018-04-30-11.35.00.png
1147 - https://bpunion.org/wp-content/uploads/2018/04/Screenshot-2018-04-30-11.39.20.png
1148 - https://bpunion.org/wp-content/uploads/2018/04/Screenshot-2018-04-30-21.00.07.png
1149 - https://bpunion.org/wp-content/uploads/2018/05/Animals.jpg
1150 - https://bpunion.org/wp-content/uploads/2018/06/Screen-Shot-2018-06-25-at-12.53.36-PM.png
1151 - https://bpunion.org/wp-content/uploads/2018/06/Screenshot-2018-06-08-08.41.27.png
1152 - https://bpunion.org/wp-content/uploads/2018/06/Screenshot-2018-06-08-09.27.58.png
1153 - https://bpunion.org/wp-content/uploads/2018/06/Screenshot-2018-06-08-09.28.34.png
1154 - https://bpunion.org/wp-content/uploads/2018/07/Screenshot-2018-07-12-08.57.59.png
1155 - https://bpunion.org/wp-content/uploads/2018/08/Trump-Border-Wall.jpg
1156 - https://bpunion.org/wp-content/uploads/2018/09/Screenshot-2018-09-27-22.06.12.png
1157 - https://bpunion.org/wp-content/uploads/2018/12/Bollard-Fence-640x480.jpg
1158 - https://bpunion.org/wp-content/uploads/2018/12/IMG_7908.jpg
1159 - https://bpunion.org/wp-content/uploads/2018/12/Screenshot-2018-12-18-08.27.32.png
1160 - https://bpunion.org/wp-content/uploads/2018/12/Screenshot-2018-12-29-18.49.18.png
1161 - https://bpunion.org/wp-content/uploads/2018/12/Screenshot-2018-12-29-18.56.43.png
1162 - https://bpunion.org/wp-content/uploads/2019/03/Screenshot-2019-03-09-23.42.21.png
1163 - https://bpunion.org/wp-content/uploads/2019/04/CNR.jpg
1164 - https://bpunion.org/wp-content/uploads/2019/04/Screenshot-2019-04-15-22.54.50.png
1165 - https://bpunion.org/wp-content/uploads/2019/04/gggg.jpg
1166 - https://bpunion.org/wp-content/uploads/2019/04/ttttt.jpg
1167 - https://bpunion.org/wp-content/uploads/2019/05/IMG_1828.jpg
1168 - https://bpunion.org/wp-content/uploads/2019/05/Screenshot-2019-05-18-21.30.02.png
1169 - https://bpunion.org/wp-content/uploads/2019/05/loophole.jpg
1170 - https://bpunion.org/wp-content/uploads/2019/07/Screenshot-2019-07-01-14.18.28.png
1171 - https://bpunion.org/wp-content/uploads/2019/09/Screenshot-2019-09-24-16.42.34.png
1172 - https://bpunion.org/wp-content/uploads/2019/12/IMG_8259.jpg
1173 - https://bpunion.org/wp-content/uploads/2019/12/NDAA.jpg
1174 - https://bpunion.org/wp-includes/css/dist/block-library/style.min.css?ver=5.2.5
1175 - https://bpunion.org/wp-includes/js/comment-reply.min.js?ver=5.2.5
1176 - https://bpunion.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
1177 - https://bpunion.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
1178 - https://bpunion.org/wp-includes/js/wp-embed.min.js?ver=5.2.5
1179 - https://bpunion.org/wp-includes/wlwmanifest.xml
1180 - https://bpunion.org/wp-json/
1181 - https://bpunion.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fbpunion.org%2F
1182 - https://bpunion.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fbpunion.org%2F&
1183 - https://bpunion.org/xmlrpc.php
1184 - https://bpunion.org/xmlrpc.php?rsd
1185 - https://fonts.googleapis.com/css?family=Fira+Mono:400,500,700
1186 - https://fonts.googleapis.com/css?family=Libre+Franklin:300,300i,400,400i,500,500i,700,700i
1187 - https://twitter.com/bpunion
1188 - https://use.typekit.net/hya7lnz.css
1189 - https://www.afge.org/?Page=AboutUS
1190 - https://www.facebook.com/bpunion/
1191 - https://www.googletagmanager.com/gtag/js?id=UA-99306212-20
1192 Total external links: 158
1193
1194+ Email addresses found:
1195 Total email address found: 0
1196
1197+ Directories found:
1198 Total directories: 0
1199
1200+ Directory indexing found:
1201 Total directories with indexing: 0
1202
1203----------------------------------------------------------------------
1204
1205
1206 + URL to crawl: https://www.bpunion.org.
1207 + Date: 2020-01-05
1208
1209 + Crawling URL: https://www.bpunion.org.:
1210 + Links:
1211 + Crawling https://www.bpunion.org.
1212 + Searching for directories...
1213 + Searching open folders...
1214
1215--Finished--
1216Summary information for domain bpunion.org.
1217-----------------------------------------
1218 Domain Specific Information:
1219 Email: thegreenline@bpunion.org
1220 Email: ccabrera@bpunion.org
1221 Email: atrevino@bpunion.org.
1222 Email: bjudd@bpunion.org.
1223 Email: jledesma@bpunion.org.
1224
1225 Domain Ips Information:
1226 IP: 64.233.186.27
1227 HostName: alt1.aspmx.l.google.com Type: MX
1228 HostName: cb-in-f27.1e100.net Type: PTR
1229 Country: United States
1230 Is Active: True (reset ttl 64)
1231 IP: 209.85.202.27
1232 HostName: alt2.aspmx.l.google.com Type: MX
1233 HostName: dg-in-f27.1e100.net Type: PTR
1234 Country: United States
1235 Is Active: True (reset ttl 64)
1236 IP: 97.74.102.3
1237 HostName: ns05.domaincontrol.com Type: NS
1238 HostName: ns05.domaincontrol.com Type: PTR
1239 Country: United States
1240 Is Active: True (echo-reply ttl 54)
1241 Port: 53/tcp open tcpwrapped syn-ack ttl 54
1242 IP: 173.201.70.3
1243 HostName: ns06.domaincontrol.com Type: NS
1244 HostName: ns06.domaincontrol.com Type: PTR
1245 Country: United States
1246 Is Active: True (echo-reply ttl 247)
1247 Port: 53/tcp open tcpwrapped syn-ack ttl 247
1248 IP: 172.217.218.27
1249 HostName: alt4.aspmx.l.google.com Type: MX
1250 Country: United States
1251 Is Active: True (reset ttl 64)
1252 IP: 104.154.60.12
1253 HostName: www.bpunion.org. Type: A
1254 Country: United States
1255 Is Active: True (echo-reply ttl 57)
1256 Port: 80/tcp open http syn-ack ttl 57 nginx
1257 Script Info: | http-methods:
1258 Script Info: |_ Supported Methods: GET HEAD
1259 Script Info: |_http-title: Site Not Configured | 404 Not Found
1260 Port: 443/tcp open ssl/http syn-ack ttl 57 nginx
1261 Script Info: | http-methods:
1262 Script Info: |_ Supported Methods: GET HEAD
1263 Script Info: |_http-title: Site Not Configured | 404 Not Found
1264 Script Info: | ssl-cert: Subject: commonName=*.wpengine.com
1265 Script Info: | Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
1266 Script Info: | Issuer: commonName=RapidSSL RSA CA 2018/organizationName=DigiCert Inc/countryName=US
1267 Script Info: | Public Key type: rsa
1268 Script Info: | Public Key bits: 2048
1269 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1270 Script Info: | Not valid before: 2019-07-01T00:00:00
1271 Script Info: | Not valid after: 2021-08-29T12:00:00
1272 Script Info: | MD5: 9fff bbab 2815 9b3f f457 3795 1c89 ee05
1273 Script Info: |_SHA-1: c6a0 0220 562b b921 d359 e1cb 2f74 e579 da6e ddd0
1274 Script Info: |_ssl-date: TLS randomness does not represent time
1275 Script Info: | tls-alpn:
1276 Script Info: | h2
1277 Script Info: |_ http/1.1
1278 Script Info: | tls-nextprotoneg:
1279 Script Info: | h2
1280 Script Info: |_ http/1.1
1281 IP: 172.253.120.27
1282 HostName: alt3.aspmx.l.google.com Type: MX
1283 Country: United States
1284 Is Active: True (reset ttl 64)
1285 IP: 172.217.197.27
1286 HostName: aspmx.l.google.com Type: MX
1287 Country: United States
1288 Is Active: True (echo-reply ttl 49)
1289
1290--------------End Summary --------------
1291-----------------------------------------
1292#######################################################################################################################################
1293traceroute to bpunion.org (104.154.60.12), 30 hops max, 60 byte packets
1294 1 10.242.204.1 (10.242.204.1) 65.674 ms 65.652 ms 65.640 ms
1295 2 104.245.145.177 (104.245.145.177) 65.628 ms 65.617 ms 65.606 ms
1296 3 104.245.147.41 (104.245.147.41) 97.849 ms 97.792 ms 97.816 ms
1297 4 google.ip4.torontointernetxchange.net (206.108.34.6) 97.807 ms 97.797 ms 97.786 ms
1298 5 108.170.250.227 (108.170.250.227) 97.785 ms 74.125.244.147 (74.125.244.147) 97.746 ms 108.170.250.231 (108.170.250.231) 97.747 ms
1299 6 172.253.76.220 (172.253.76.220) 97.739 ms 172.253.64.254 (172.253.64.254) 42.731 ms 172.253.67.238 (172.253.67.238) 86.707 ms
1300 7 72.14.234.9 (72.14.234.9) 165.103 ms 72.14.232.70 (72.14.232.70) 165.086 ms 209.85.143.103 (209.85.143.103) 165.010 ms
1301 8 216.239.48.243 (216.239.48.243) 165.031 ms 53.286 ms 172.253.66.55 (172.253.66.55) 136.579 ms
1302 9 72.14.239.199 (72.14.239.199) 136.584 ms 209.85.250.65 (209.85.250.65) 136.570 ms 216.239.58.59 (216.239.58.59) 136.554 ms
1303#######################################################################################################################################
1304----- bpunion.org -----
1305
1306
1307Host's addresses:
1308__________________
1309
1310bpunion.org. 85 IN A 104.154.60.12
1311
1312
1313Name Servers:
1314______________
1315
1316ns06.domaincontrol.com. 86097 IN A 173.201.70.3
1317ns05.domaincontrol.com. 86013 IN A 97.74.102.3
1318
1319
1320Mail (MX) Servers:
1321___________________
1322
1323alt1.aspmx.l.google.com. 33 IN A 64.233.186.27
1324aspmx.l.google.com. 33 IN A 172.217.197.27
1325alt4.aspmx.l.google.com. 33 IN A 172.217.218.27
1326alt2.aspmx.l.google.com. 33 IN A 209.85.202.27
1327alt3.aspmx.l.google.com. 33 IN A 172.253.120.27
1328
1329
1330 ---- Google search page: 1 ----
1331
1332 bpunion1613
1333 bpunion1613
1334
1335 ---- Google search page: 2 ----
1336
1337 bpunion1613
1338 bpunion1613
1339 bpunion1613
1340 bpunion1613
1341
1342 ---- Google search page: 3 ----
1343
1344
1345 ---- Google search page: 4 ----
1346
1347 bpunion1613
1348
1349 ---- Google search page: 5 ----
1350
1351
1352
1353Google Results:
1354________________
1355
1356
1357
1358Brute forcing with /usr/share/dnsenum/dns.txt:
1359_______________________________________________
1360
1361www.bpunion.org. 2841 IN CNAME nbpc.wpengine.com.
1362nbpc.wpengine.com. 120 IN A 104.154.60.12
1363
1364
1365Launching Whois Queries:
1366_________________________
1367
1368 whois ip result: 104.154.60.0 -> 104.154.0.0/15
1369
1370
1371bpunion.org___________
1372
1373 104.154.0.0/15
1374#######################################################################################################################################
1375Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:23 EST
1376Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1377Host is up (0.099s latency).
1378Not shown: 470 filtered ports, 3 closed ports
1379Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1380PORT STATE SERVICE VERSION
138180/tcp open http nginx
1382|_http-title: Site Not Configured | 404 Not Found
1383443/tcp open ssl/http nginx
1384|_http-title: Site Not Configured | 404 Not Found
1385| ssl-cert: Subject: commonName=*.wpengine.com
1386| Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
1387| Not valid before: 2019-07-01T00:00:00
1388|_Not valid after: 2021-08-29T12:00:00
1389|_ssl-date: TLS randomness does not represent time
1390| tls-alpn:
1391| h2
1392|_ http/1.1
1393| tls-nextprotoneg:
1394| h2
1395|_ http/1.1
13962222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
1397Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (92%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%), OpenWrt White Russian 0.9 (Linux 2.4.30) (91%), HP P2000 G3 NAS device (91%), Linux 3.0 (89%), Linux 2.6.32 (89%), ProVision-ISR security DVR (89%), Linux 2.4.18 (88%), OpenWrt Kamikaze 8.09 (Linux 2.4.35.4) (88%), OpenWrt Kamikaze 8.09 (Linux 2.6.25 - 2.6.26) (88%)
1398No exact OS matches for host (test conditions non-ideal).
1399Network Distance: 18 hops
1400
1401TRACEROUTE (using port 443/tcp)
1402HOP RTT ADDRESS
14031 104.92 ms 10.242.204.1
14042 134.03 ms 104.245.145.177
14053 134.07 ms 104.245.147.41
14064 134.06 ms google.ip4.torontointernetxchange.net (206.108.34.6)
14075 134.09 ms 74.125.244.162
14086 134.10 ms 172.253.76.220
14097 134.11 ms 209.85.247.5
14108 134.13 ms 108.170.230.83
14119 134.15 ms 72.14.236.9
141210 ... 17
141318 130.73 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1414#######################################################################################################################################
1415Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:23 EST
1416Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1417Host is up (0.075s latency).
1418Not shown: 15 filtered ports, 1 closed port
1419Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1420PORT STATE SERVICE VERSION
142153/udp open|filtered domain
142267/udp open|filtered dhcps
142368/udp open|filtered dhcpc
142469/udp open|filtered tftp
142588/udp open|filtered kerberos-sec
1426123/udp open|filtered ntp
1427139/udp open|filtered netbios-ssn
1428161/udp open|filtered snmp
1429162/udp open|filtered snmptrap
1430389/udp open|filtered ldap
1431520/udp open|filtered route
14322049/udp open|filtered nfs
1433Too many fingerprints match this host to give specific OS details
1434
1435TRACEROUTE (using port 138/udp)
1436HOP RTT ADDRESS
14371 83.88 ms 10.242.204.1
14382 ... 3
14394 84.23 ms 10.242.204.1
14405 84.02 ms 10.242.204.1
14416 84.00 ms 10.242.204.1
14427 83.99 ms 10.242.204.1
14438 83.98 ms 10.242.204.1
14449 83.98 ms 10.242.204.1
144510 83.97 ms 10.242.204.1
144611 ... 18
144719 75.24 ms 10.242.204.1
144820 66.06 ms 10.242.204.1
144921 ... 27
145028 76.86 ms 10.242.204.1
145129 ...
145230 286.72 ms 10.242.204.1
1453#######################################################################################################################################
1454Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:28 EST
1455Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1456Host is up (0.083s latency).
1457
1458PORT STATE SERVICE VERSION
145967/tcp filtered dhcps
146067/udp open|filtered dhcps
1461|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1462Too many fingerprints match this host to give specific OS details
1463Network Distance: 16 hops
1464
1465TRACEROUTE (using proto 1/icmp)
1466HOP RTT ADDRESS
14671 71.40 ms 10.242.204.1
14682 71.45 ms 104.245.145.177
14693 71.48 ms 104.245.147.41
14704 71.51 ms google.ip4.torontointernetxchange.net (206.108.34.6)
14715 71.53 ms 108.170.250.242
14726 71.56 ms 172.253.76.220
14737 71.68 ms 209.85.247.5
14748 71.67 ms 216.239.48.205
14759 71.72 ms 209.85.245.51
147610 ... 15
147716 82.94 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1478#######################################################################################################################################
1479Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:30 EST
1480Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1481Host is up (0.082s latency).
1482
1483PORT STATE SERVICE VERSION
148468/tcp filtered dhcpc
148568/udp open|filtered dhcpc
1486Too many fingerprints match this host to give specific OS details
1487Network Distance: 16 hops
1488
1489TRACEROUTE (using proto 1/icmp)
1490HOP RTT ADDRESS
14911 60.32 ms 10.242.204.1
14922 90.39 ms 104.245.145.177
14933 90.43 ms 104.245.147.41
14944 90.45 ms google.ip4.torontointernetxchange.net (206.108.34.6)
14955 90.47 ms 108.170.250.242
14966 90.49 ms 172.253.76.220
14977 90.51 ms 209.85.247.5
14988 90.54 ms 216.239.48.205
14999 90.56 ms 209.85.245.51
150010 ... 15
150116 196.16 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1502#######################################################################################################################################
1503Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:32 EST
1504Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1505Host is up (0.067s latency).
1506
1507PORT STATE SERVICE VERSION
150869/tcp filtered tftp
150969/udp open|filtered tftp
1510Too many fingerprints match this host to give specific OS details
1511Network Distance: 16 hops
1512
1513TRACEROUTE (using proto 1/icmp)
1514HOP RTT ADDRESS
15151 60.00 ms 10.242.204.1
15162 91.94 ms 104.245.145.177
15173 91.98 ms 104.245.147.41
15184 91.99 ms google.ip4.torontointernetxchange.net (206.108.34.6)
15195 92.01 ms 108.170.250.242
15206 92.02 ms 172.253.76.220
15217 92.04 ms 209.85.247.5
15228 92.06 ms 216.239.48.205
15239 92.07 ms 209.85.245.51
152410 ... 15
152516 125.30 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1526#######################################################################################################################################
1527HTTP/1.1 404 Not Found
1528Server: nginx
1529Date: Sun, 05 Jan 2020 15:35:19 GMT
1530Content-Type: text/html
1531Content-Length: 2054
1532Connection: keep-alive
1533Keep-Alive: timeout=20
1534Vary: Accept-Encoding
1535ETag: "5dd83596-806"
1536
1537HTTP/1.1 404 Not Found
1538Server: nginx
1539Date: Sun, 05 Jan 2020 15:35:20 GMT
1540Content-Type: text/html
1541Content-Length: 2054
1542Connection: keep-alive
1543Keep-Alive: timeout=20
1544Vary: Accept-Encoding
1545ETag: "5dd83596-806"
1546#######################################################################################################################################
1547Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:35 EST
1548Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1549Host is up (0.081s latency).
1550
1551PORT STATE SERVICE VERSION
1552123/tcp filtered ntp
1553123/udp open|filtered ntp
1554Too many fingerprints match this host to give specific OS details
1555Network Distance: 16 hops
1556
1557TRACEROUTE (using proto 1/icmp)
1558HOP RTT ADDRESS
15591 60.54 ms 10.242.204.1
15602 90.21 ms 104.245.145.177
15613 90.22 ms 104.245.147.41
15624 90.20 ms google.ip4.torontointernetxchange.net (206.108.34.6)
15635 90.25 ms 108.170.250.242
15646 90.26 ms 172.253.76.220
15657 90.28 ms 209.85.247.5
15668 90.29 ms 216.239.48.205
15679 90.31 ms 209.85.245.51
156810 ... 15
156916 126.74 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1570#######################################################################################################################################
1571Version: 1.11.13-static
1572OpenSSL 1.0.2-chacha (1.0.2g-dev)
1573
1574Connected to 104.154.60.12
1575
1576Testing SSL server 104.154.60.12 on port 443 using SNI name 104.154.60.12
1577
1578 TLS Fallback SCSV:
1579Server supports TLS Fallback SCSV
1580
1581 TLS renegotiation:
1582Session renegotiation not supported
1583
1584 TLS Compression:
1585Compression disabled
1586
1587 Heartbleed:
1588TLS 1.2 not vulnerable to heartbleed
1589TLS 1.1 not vulnerable to heartbleed
1590TLS 1.0 not vulnerable to heartbleed
1591
1592 Supported Server Cipher(s):
1593Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1594Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1595Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1596Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1597Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1598Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1599Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1600Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1601Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1602Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1603Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1604Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1605Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1606Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1607Accepted TLSv1.2 256 bits AES256-SHA256
1608Accepted TLSv1.2 128 bits AES128-SHA256
1609Accepted TLSv1.2 256 bits AES256-SHA
1610Accepted TLSv1.2 128 bits AES128-SHA
1611Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1612Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1613Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1614Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1615Accepted TLSv1.1 256 bits AES256-SHA
1616Accepted TLSv1.1 128 bits AES128-SHA
1617
1618 SSL Certificate:
1619Signature Algorithm: sha256WithRSAEncryption
1620RSA Key Strength: 2048
1621
1622Subject: *.wpengine.com
1623Altnames: DNS:*.wpengine.com, DNS:wpengine.com
1624Issuer: RapidSSL RSA CA 2018
1625
1626Not valid before: Jul 1 00:00:00 2019 GMT
1627Not valid after: Aug 29 12:00:00 2021 GMT
1628#######################################################################################################################################
1629Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:41 EST
1630Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1631Host is up (0.24s latency).
1632Not shown: 65529 filtered ports
1633PORT STATE SERVICE VERSION
163425/tcp closed smtp
163580/tcp open http nginx
1636|_http-title: Site Not Configured | 404 Not Found
1637139/tcp closed netbios-ssn
1638443/tcp open ssl/http nginx
1639|_http-title: Site Not Configured | 404 Not Found
1640| ssl-cert: Subject: commonName=*.wpengine.com
1641| Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
1642| Not valid before: 2019-07-01T00:00:00
1643|_Not valid after: 2021-08-29T12:00:00
1644|_ssl-date: TLS randomness does not represent time
1645| tls-alpn:
1646| h2
1647|_ http/1.1
1648| tls-nextprotoneg:
1649| h2
1650|_ http/1.1
1651445/tcp closed microsoft-ds
16522222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
1653Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (92%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%), OpenWrt White Russian 0.9 (Linux 2.4.30) (91%), HP P2000 G3 NAS device (91%), Linux 3.0 (89%), Linux 2.6.32 (89%), Linux 2.4.18 (88%), OpenWrt Kamikaze 8.09 (Linux 2.4.35.4) (88%), OpenWrt Kamikaze 8.09 (Linux 2.6.25 - 2.6.26) (88%), ProVision-ISR security DVR (88%)
1654No exact OS matches for host (test conditions non-ideal).
1655Network Distance: 2 hops
1656
1657TRACEROUTE (using port 25/tcp)
1658HOP RTT ADDRESS
16591 327.09 ms 10.242.204.1
16602 327.08 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1661#######################################################################################################################################
1662Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:43 EST
1663Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1664Host is up (0.089s latency).
1665
1666PORT STATE SERVICE VERSION
166753/tcp filtered domain
166867/tcp filtered dhcps
166968/tcp filtered dhcpc
167069/tcp filtered tftp
167188/tcp filtered kerberos-sec
1672123/tcp filtered ntp
1673137/tcp filtered netbios-ns
1674138/tcp filtered netbios-dgm
1675139/tcp closed netbios-ssn
1676161/tcp filtered snmp
1677162/tcp filtered snmptrap
1678389/tcp filtered ldap
1679520/tcp filtered efs
16802049/tcp filtered nfs
168153/udp open|filtered domain
168267/udp open|filtered dhcps
168368/udp open|filtered dhcpc
168469/udp open|filtered tftp
168588/udp open|filtered kerberos-sec
1686123/udp open|filtered ntp
1687137/udp filtered netbios-ns
1688138/udp filtered netbios-dgm
1689139/udp open|filtered netbios-ssn
1690161/udp open|filtered snmp
1691162/udp open|filtered snmptrap
1692389/udp open|filtered ldap
1693520/udp open|filtered route
16942049/udp open|filtered nfs
1695Too many fingerprints match this host to give specific OS details
1696Network Distance: 2 hops
1697
1698TRACEROUTE (using port 139/tcp)
1699HOP RTT ADDRESS
17001 101.79 ms 10.242.204.1
17012 101.78 ms 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
1702#######################################################################################################################################
1703Hosts
1704=====
1705
1706address mac name os_name os_flavor os_sp purpose info comments
1707------- --- ---- ------- --------- ----- ------- ---- --------
170834.66.191.217 217.191.66.34.bc.googleusercontent.com Linux 2.4.X server
170980.82.79.116 no-reverse-dns-configured.com Linux 7.0 server
171087.247.240.207 crayford.servers.prgn.misp.co.uk Android 5.X device
171193.174.93.84 Linux 3.X server
1712104.154.60.12 12.60.154.104.bc.googleusercontent.com Linux 2.6.X server
1713151.139.243.11 Linux 4.X server
1714163.247.52.17 www.mtt.cl Linux 2.6.X server
1715163.247.96.10 Linux 2.6.X server
1716170.246.172.178 host-170-246-172-178.anacondaweb.com Linux 2.6.X server
1717185.68.93.22 verbatim1981.example.com Unknown device
1718185.119.173.237 Linux 2.6.X server
1719186.67.91.110 ipj10-110.poderjudicial.cl Linux 2.6.X server
1720194.18.73.2 www.sakerhetspolisen.se Linux 2.6.X server
1721194.39.164.140 194.39.164.140.srvlist.ukfast.net Linux 3.X server
1722200.35.157.77 srv77.talcaguia.cl Unknown device
1723201.131.38.40 Linux 2.6.X server
1724217.160.131.142 s18161039.onlinehome-server.info Linux 2.6.X server
1725#######################################################################################################################################
1726Services
1727========
1728
1729host port proto name state info
1730---- ---- ----- ---- ----- ----
173134.66.191.217 25 tcp smtp closed
173234.66.191.217 53 tcp domain filtered
173334.66.191.217 53 udp domain unknown
173434.66.191.217 67 tcp dhcps filtered
173534.66.191.217 67 udp dhcps unknown
173634.66.191.217 68 tcp dhcpc filtered
173734.66.191.217 68 udp dhcpc unknown
173834.66.191.217 69 tcp tftp filtered
173934.66.191.217 69 udp tftp unknown
174034.66.191.217 80 tcp http open nginx
174134.66.191.217 88 tcp kerberos-sec filtered
174234.66.191.217 88 udp kerberos-sec unknown
174334.66.191.217 123 tcp ntp filtered
174434.66.191.217 123 udp ntp unknown
174534.66.191.217 137 tcp netbios-ns filtered
174634.66.191.217 137 udp netbios-ns filtered
174734.66.191.217 138 tcp netbios-dgm filtered
174834.66.191.217 138 udp netbios-dgm filtered
174934.66.191.217 139 tcp netbios-ssn closed
175034.66.191.217 139 udp netbios-ssn unknown
175134.66.191.217 161 tcp snmp filtered
175234.66.191.217 161 udp snmp unknown
175334.66.191.217 162 tcp snmptrap filtered
175434.66.191.217 162 udp snmptrap unknown
175534.66.191.217 389 tcp ldap filtered
175634.66.191.217 389 udp ldap unknown
175734.66.191.217 443 tcp ssl/http open nginx
175834.66.191.217 445 tcp microsoft-ds closed
175934.66.191.217 520 tcp efs filtered
176034.66.191.217 520 udp route unknown
176134.66.191.217 2049 tcp nfs filtered
176234.66.191.217 2049 udp nfs unknown
176334.66.191.217 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
176480.82.79.116 21 tcp ftp open 220 (vsFTPd 3.0.2)\x0d\x0a
176580.82.79.116 22 tcp ssh open SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
176680.82.79.116 53 tcp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
176780.82.79.116 53 udp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
176880.82.79.116 67 tcp dhcps closed
176980.82.79.116 67 udp dhcps closed
177080.82.79.116 68 tcp dhcpc closed
177180.82.79.116 68 udp dhcpc closed
177280.82.79.116 69 tcp tftp closed
177380.82.79.116 69 udp tftp unknown
177480.82.79.116 88 tcp kerberos-sec closed
177580.82.79.116 88 udp kerberos-sec unknown
177680.82.79.116 123 tcp ntp closed
177780.82.79.116 123 udp ntp unknown
177880.82.79.116 137 tcp netbios-ns closed
177980.82.79.116 137 udp netbios-ns filtered
178080.82.79.116 138 tcp netbios-dgm closed
178180.82.79.116 138 udp netbios-dgm filtered
178280.82.79.116 139 tcp netbios-ssn closed
178380.82.79.116 139 udp netbios-ssn unknown
178480.82.79.116 161 tcp snmp closed
178580.82.79.116 161 udp snmp closed
178680.82.79.116 162 tcp snmptrap closed
178780.82.79.116 162 udp snmptrap closed
178880.82.79.116 389 tcp ldap closed
178980.82.79.116 389 udp ldap closed
179080.82.79.116 520 tcp efs closed
179180.82.79.116 520 udp route closed
179280.82.79.116 2049 tcp nfs closed
179380.82.79.116 2049 udp nfs unknown
179487.247.240.207 21 tcp ftp open ProFTPD
179587.247.240.207 22 tcp ssh open OpenSSH 7.4 protocol 2.0
179687.247.240.207 67 udp dhcps unknown
179787.247.240.207 68 udp dhcpc unknown
179887.247.240.207 69 udp tftp unknown
179987.247.240.207 80 tcp http open Apache httpd
180087.247.240.207 88 udp kerberos-sec unknown
180187.247.240.207 110 tcp pop3 open Dovecot pop3d
180287.247.240.207 123 udp ntp unknown
180387.247.240.207 139 udp netbios-ssn unknown
180487.247.240.207 143 tcp imap open Dovecot imapd
180587.247.240.207 161 udp snmp unknown
180687.247.240.207 162 udp snmptrap unknown
180787.247.240.207 389 udp ldap unknown
180887.247.240.207 443 tcp ssl/http open Apache httpd
180987.247.240.207 465 tcp ssl/smtp open Exim smtpd 4.92
181087.247.240.207 520 udp route unknown
181187.247.240.207 587 tcp smtp open Exim smtpd 4.92
181287.247.240.207 993 tcp ssl/imaps open
181387.247.240.207 995 tcp ssl/pop3s open
181487.247.240.207 2049 udp nfs unknown
181593.174.93.84 21 tcp ftp open vsftpd 3.0.2
181693.174.93.84 25 tcp smtp closed
181793.174.93.84 53 tcp domain filtered
181893.174.93.84 53 udp domain filtered
181993.174.93.84 67 tcp dhcps filtered
182093.174.93.84 67 udp dhcps filtered
182193.174.93.84 68 tcp dhcpc filtered
182293.174.93.84 68 udp dhcpc unknown
182393.174.93.84 69 tcp tftp filtered
182493.174.93.84 69 udp tftp unknown
182593.174.93.84 80 tcp http open Apache httpd 2.4.6 (CentOS) PHP/5.4.16
182693.174.93.84 88 tcp kerberos-sec filtered
182793.174.93.84 88 udp kerberos-sec unknown
182893.174.93.84 123 tcp ntp filtered
182993.174.93.84 123 udp ntp filtered
183093.174.93.84 137 tcp netbios-ns filtered
183193.174.93.84 137 udp netbios-ns filtered
183293.174.93.84 138 tcp netbios-dgm filtered
183393.174.93.84 138 udp netbios-dgm filtered
183493.174.93.84 139 tcp netbios-ssn closed
183593.174.93.84 139 udp netbios-ssn unknown
183693.174.93.84 161 tcp snmp filtered
183793.174.93.84 161 udp snmp unknown
183893.174.93.84 162 tcp snmptrap filtered
183993.174.93.84 162 udp snmptrap unknown
184093.174.93.84 389 tcp ldap filtered
184193.174.93.84 389 udp ldap filtered
184293.174.93.84 445 tcp microsoft-ds closed
184393.174.93.84 520 tcp efs filtered
184493.174.93.84 520 udp route unknown
184593.174.93.84 2049 tcp nfs filtered
184693.174.93.84 2049 udp nfs unknown
1847104.154.60.12 25 tcp smtp closed
1848104.154.60.12 53 tcp domain filtered
1849104.154.60.12 53 udp domain unknown
1850104.154.60.12 67 tcp dhcps filtered
1851104.154.60.12 67 udp dhcps unknown
1852104.154.60.12 68 tcp dhcpc filtered
1853104.154.60.12 68 udp dhcpc unknown
1854104.154.60.12 69 tcp tftp filtered
1855104.154.60.12 69 udp tftp unknown
1856104.154.60.12 80 tcp http open nginx
1857104.154.60.12 88 tcp kerberos-sec filtered
1858104.154.60.12 88 udp kerberos-sec unknown
1859104.154.60.12 123 tcp ntp filtered
1860104.154.60.12 123 udp ntp unknown
1861104.154.60.12 137 tcp netbios-ns filtered
1862104.154.60.12 137 udp netbios-ns filtered
1863104.154.60.12 138 tcp netbios-dgm filtered
1864104.154.60.12 138 udp netbios-dgm filtered
1865104.154.60.12 139 tcp netbios-ssn closed
1866104.154.60.12 139 udp netbios-ssn unknown
1867104.154.60.12 161 tcp snmp filtered
1868104.154.60.12 161 udp snmp unknown
1869104.154.60.12 162 tcp snmptrap filtered
1870104.154.60.12 162 udp snmptrap unknown
1871104.154.60.12 389 tcp ldap filtered
1872104.154.60.12 389 udp ldap unknown
1873104.154.60.12 443 tcp ssl/http open nginx
1874104.154.60.12 445 tcp microsoft-ds closed
1875104.154.60.12 520 tcp efs filtered
1876104.154.60.12 520 udp route unknown
1877104.154.60.12 2049 tcp nfs filtered
1878104.154.60.12 2049 udp nfs unknown
1879104.154.60.12 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
1880151.139.243.11 25 tcp smtp closed
1881151.139.243.11 53 tcp domain filtered
1882151.139.243.11 53 udp domain unknown
1883151.139.243.11 67 tcp dhcps filtered
1884151.139.243.11 67 udp dhcps unknown
1885151.139.243.11 68 tcp dhcpc filtered
1886151.139.243.11 68 udp dhcpc unknown
1887151.139.243.11 69 tcp tftp filtered
1888151.139.243.11 69 udp tftp unknown
1889151.139.243.11 80 tcp http open Varnish
1890151.139.243.11 88 tcp kerberos-sec filtered
1891151.139.243.11 88 udp kerberos-sec unknown
1892151.139.243.11 123 tcp ntp filtered
1893151.139.243.11 123 udp ntp unknown
1894151.139.243.11 137 tcp netbios-ns filtered
1895151.139.243.11 137 udp netbios-ns filtered
1896151.139.243.11 138 tcp netbios-dgm filtered
1897151.139.243.11 138 udp netbios-dgm filtered
1898151.139.243.11 139 tcp netbios-ssn closed
1899151.139.243.11 139 udp netbios-ssn unknown
1900151.139.243.11 161 tcp snmp filtered
1901151.139.243.11 161 udp snmp unknown
1902151.139.243.11 162 tcp snmptrap filtered
1903151.139.243.11 162 udp snmptrap unknown
1904151.139.243.11 389 tcp ldap filtered
1905151.139.243.11 389 udp ldap unknown
1906151.139.243.11 443 tcp ssl/http open nginx
1907151.139.243.11 445 tcp microsoft-ds closed
1908151.139.243.11 520 tcp efs filtered
1909151.139.243.11 520 udp route unknown
1910151.139.243.11 2049 tcp nfs filtered
1911151.139.243.11 2049 udp nfs unknown
1912163.247.52.17 25 tcp smtp closed
1913163.247.52.17 53 tcp domain filtered
1914163.247.52.17 53 udp domain unknown
1915163.247.52.17 67 tcp dhcps filtered
1916163.247.52.17 67 udp dhcps unknown
1917163.247.52.17 68 tcp dhcpc filtered
1918163.247.52.17 68 udp dhcpc unknown
1919163.247.52.17 69 tcp tftp filtered
1920163.247.52.17 69 udp tftp unknown
1921163.247.52.17 80 tcp http open Apache httpd
1922163.247.52.17 88 tcp kerberos-sec filtered
1923163.247.52.17 88 udp kerberos-sec unknown
1924163.247.52.17 113 tcp ident closed
1925163.247.52.17 123 tcp ntp filtered
1926163.247.52.17 123 udp ntp unknown
1927163.247.52.17 137 tcp netbios-ns filtered
1928163.247.52.17 137 udp netbios-ns filtered
1929163.247.52.17 138 tcp netbios-dgm filtered
1930163.247.52.17 138 udp netbios-dgm filtered
1931163.247.52.17 139 tcp netbios-ssn closed
1932163.247.52.17 139 udp netbios-ssn unknown
1933163.247.52.17 161 tcp snmp filtered
1934163.247.52.17 161 udp snmp unknown
1935163.247.52.17 162 tcp snmptrap filtered
1936163.247.52.17 162 udp snmptrap unknown
1937163.247.52.17 389 tcp ldap filtered
1938163.247.52.17 389 udp ldap unknown
1939163.247.52.17 443 tcp ssl/https open
1940163.247.52.17 445 tcp microsoft-ds closed
1941163.247.52.17 520 tcp efs filtered
1942163.247.52.17 520 udp route unknown
1943163.247.52.17 2049 tcp nfs filtered
1944163.247.52.17 2049 udp nfs unknown
1945163.247.96.10 25 tcp smtp closed
1946163.247.96.10 53 tcp domain filtered
1947163.247.96.10 53 udp domain unknown
1948163.247.96.10 67 tcp dhcps filtered
1949163.247.96.10 67 udp dhcps unknown
1950163.247.96.10 68 tcp dhcpc filtered
1951163.247.96.10 68 udp dhcpc unknown
1952163.247.96.10 69 tcp tftp filtered
1953163.247.96.10 69 udp tftp unknown
1954163.247.96.10 80 tcp http open Apache httpd 2.2.22
1955163.247.96.10 88 tcp kerberos-sec filtered
1956163.247.96.10 88 udp kerberos-sec unknown
1957163.247.96.10 113 tcp ident closed
1958163.247.96.10 123 tcp ntp filtered
1959163.247.96.10 123 udp ntp unknown
1960163.247.96.10 137 tcp netbios-ns filtered
1961163.247.96.10 137 udp netbios-ns filtered
1962163.247.96.10 138 tcp netbios-dgm filtered
1963163.247.96.10 138 udp netbios-dgm filtered
1964163.247.96.10 139 tcp netbios-ssn closed
1965163.247.96.10 139 udp netbios-ssn unknown
1966163.247.96.10 161 tcp snmp filtered
1967163.247.96.10 161 udp snmp unknown
1968163.247.96.10 162 tcp snmptrap filtered
1969163.247.96.10 162 udp snmptrap unknown
1970163.247.96.10 389 tcp ldap filtered
1971163.247.96.10 389 udp ldap unknown
1972163.247.96.10 445 tcp microsoft-ds closed
1973163.247.96.10 465 tcp ssl/smtp open Exim smtpd 4.X
1974163.247.96.10 520 tcp efs filtered
1975163.247.96.10 520 udp route unknown
1976163.247.96.10 587 tcp smtp open Exim smtpd
1977163.247.96.10 2000 tcp cisco-sccp open
1978163.247.96.10 2049 tcp nfs filtered
1979163.247.96.10 2049 udp nfs unknown
1980163.247.96.10 4443 tcp http open Apache httpd
1981163.247.96.10 5060 tcp sip open
1982170.246.172.178 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:38. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
1983170.246.172.178 25 tcp smtp closed
1984170.246.172.178 53 tcp domain open PowerDNS Authoritative Server 4.1.10
1985170.246.172.178 53 udp domain open PowerDNS Authoritative Server 4.1.10
1986170.246.172.178 67 tcp dhcps filtered
1987170.246.172.178 67 udp dhcps unknown
1988170.246.172.178 68 tcp dhcpc filtered
1989170.246.172.178 68 udp dhcpc unknown
1990170.246.172.178 69 tcp tftp filtered
1991170.246.172.178 69 udp tftp unknown
1992170.246.172.178 88 tcp kerberos-sec filtered
1993170.246.172.178 88 udp kerberos-sec unknown
1994170.246.172.178 123 tcp ntp filtered
1995170.246.172.178 123 udp ntp unknown
1996170.246.172.178 137 tcp netbios-ns filtered
1997170.246.172.178 137 udp netbios-ns filtered
1998170.246.172.178 138 tcp netbios-dgm filtered
1999170.246.172.178 138 udp netbios-dgm filtered
2000170.246.172.178 139 tcp netbios-ssn closed
2001170.246.172.178 139 udp netbios-ssn unknown
2002170.246.172.178 161 tcp snmp filtered
2003170.246.172.178 161 udp snmp unknown
2004170.246.172.178 162 tcp snmptrap filtered
2005170.246.172.178 162 udp snmptrap unknown
2006170.246.172.178 389 tcp ldap filtered
2007170.246.172.178 389 udp ldap unknown
2008170.246.172.178 445 tcp microsoft-ds closed
2009170.246.172.178 520 tcp efs filtered
2010170.246.172.178 520 udp route unknown
2011170.246.172.178 2049 tcp nfs filtered
2012170.246.172.178 2049 udp nfs unknown
2013185.68.93.22 22 tcp ssh open SSH-2.0-OpenSSH_5.3
2014185.68.93.22 53 tcp domain closed
2015185.68.93.22 53 udp domain unknown
2016185.68.93.22 67 tcp dhcps closed
2017185.68.93.22 67 udp dhcps closed
2018185.68.93.22 68 tcp dhcpc closed
2019185.68.93.22 68 udp dhcpc closed
2020185.68.93.22 69 tcp tftp closed
2021185.68.93.22 69 udp tftp unknown
2022185.68.93.22 88 tcp kerberos-sec closed
2023185.68.93.22 88 udp kerberos-sec unknown
2024185.68.93.22 123 tcp ntp closed
2025185.68.93.22 123 udp ntp closed
2026185.68.93.22 137 tcp netbios-ns closed
2027185.68.93.22 137 udp netbios-ns filtered
2028185.68.93.22 138 tcp netbios-dgm closed
2029185.68.93.22 138 udp netbios-dgm filtered
2030185.68.93.22 139 tcp netbios-ssn closed
2031185.68.93.22 139 udp netbios-ssn closed
2032185.68.93.22 161 tcp snmp closed
2033185.68.93.22 161 udp snmp unknown
2034185.68.93.22 162 tcp snmptrap closed
2035185.68.93.22 162 udp snmptrap closed
2036185.68.93.22 389 tcp ldap closed
2037185.68.93.22 389 udp ldap unknown
2038185.68.93.22 520 tcp efs closed
2039185.68.93.22 520 udp route unknown
2040185.68.93.22 2049 tcp nfs closed
2041185.68.93.22 2049 udp nfs closed
2042185.119.173.237 25 tcp smtp closed
2043185.119.173.237 53 tcp domain filtered
2044185.119.173.237 53 udp domain unknown
2045185.119.173.237 67 tcp dhcps filtered
2046185.119.173.237 67 udp dhcps unknown
2047185.119.173.237 68 tcp dhcpc filtered
2048185.119.173.237 68 udp dhcpc unknown
2049185.119.173.237 69 tcp tftp filtered
2050185.119.173.237 69 udp tftp unknown
2051185.119.173.237 80 tcp http open Apache httpd
2052185.119.173.237 88 tcp kerberos-sec filtered
2053185.119.173.237 88 udp kerberos-sec unknown
2054185.119.173.237 123 tcp ntp filtered
2055185.119.173.237 123 udp ntp unknown
2056185.119.173.237 137 tcp netbios-ns filtered
2057185.119.173.237 137 udp netbios-ns filtered
2058185.119.173.237 138 tcp netbios-dgm filtered
2059185.119.173.237 138 udp netbios-dgm filtered
2060185.119.173.237 139 tcp netbios-ssn closed
2061185.119.173.237 139 udp netbios-ssn unknown
2062185.119.173.237 161 tcp snmp filtered
2063185.119.173.237 161 udp snmp unknown
2064185.119.173.237 162 tcp snmptrap filtered
2065185.119.173.237 162 udp snmptrap unknown
2066185.119.173.237 389 tcp ldap filtered
2067185.119.173.237 389 udp ldap unknown
2068185.119.173.237 443 tcp ssl/http open Apache httpd
2069185.119.173.237 445 tcp microsoft-ds closed
2070185.119.173.237 520 tcp efs filtered
2071185.119.173.237 520 udp route unknown
2072185.119.173.237 2049 tcp nfs filtered
2073185.119.173.237 2049 udp nfs unknown
2074186.67.91.110 25 tcp smtp closed
2075186.67.91.110 53 tcp domain filtered
2076186.67.91.110 53 udp domain unknown
2077186.67.91.110 67 tcp dhcps filtered
2078186.67.91.110 67 udp dhcps unknown
2079186.67.91.110 68 tcp dhcpc filtered
2080186.67.91.110 68 udp dhcpc unknown
2081186.67.91.110 69 tcp tftp filtered
2082186.67.91.110 69 udp tftp unknown
2083186.67.91.110 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
2084186.67.91.110 88 tcp kerberos-sec filtered
2085186.67.91.110 88 udp kerberos-sec unknown
2086186.67.91.110 123 tcp ntp filtered
2087186.67.91.110 123 udp ntp unknown
2088186.67.91.110 137 tcp netbios-ns filtered
2089186.67.91.110 137 udp netbios-ns filtered
2090186.67.91.110 138 tcp netbios-dgm filtered
2091186.67.91.110 138 udp netbios-dgm filtered
2092186.67.91.110 139 tcp netbios-ssn closed
2093186.67.91.110 139 udp netbios-ssn unknown
2094186.67.91.110 161 tcp snmp filtered
2095186.67.91.110 161 udp snmp unknown
2096186.67.91.110 162 tcp snmptrap filtered
2097186.67.91.110 162 udp snmptrap unknown
2098186.67.91.110 389 tcp ldap filtered
2099186.67.91.110 389 udp ldap unknown
2100186.67.91.110 443 tcp ssl/https open
2101186.67.91.110 445 tcp microsoft-ds closed
2102186.67.91.110 520 tcp efs filtered
2103186.67.91.110 520 udp route unknown
2104186.67.91.110 2049 tcp nfs filtered
2105186.67.91.110 2049 udp nfs unknown
2106194.18.73.2 25 tcp smtp closed
2107194.18.73.2 53 tcp domain filtered
2108194.18.73.2 53 udp domain unknown
2109194.18.73.2 67 tcp dhcps filtered
2110194.18.73.2 67 udp dhcps unknown
2111194.18.73.2 68 tcp dhcpc filtered
2112194.18.73.2 68 udp dhcpc unknown
2113194.18.73.2 69 tcp tftp filtered
2114194.18.73.2 69 udp tftp unknown
2115194.18.73.2 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
2116194.18.73.2 88 tcp kerberos-sec filtered
2117194.18.73.2 88 udp kerberos-sec unknown
2118194.18.73.2 113 tcp ident closed
2119194.18.73.2 123 tcp ntp filtered
2120194.18.73.2 123 udp ntp unknown
2121194.18.73.2 137 tcp netbios-ns filtered
2122194.18.73.2 137 udp netbios-ns filtered
2123194.18.73.2 138 tcp netbios-dgm filtered
2124194.18.73.2 138 udp netbios-dgm filtered
2125194.18.73.2 139 tcp netbios-ssn closed
2126194.18.73.2 139 udp netbios-ssn unknown
2127194.18.73.2 161 tcp snmp filtered
2128194.18.73.2 161 udp snmp unknown
2129194.18.73.2 162 tcp snmptrap filtered
2130194.18.73.2 162 udp snmptrap unknown
2131194.18.73.2 389 tcp ldap filtered
2132194.18.73.2 389 udp ldap unknown
2133194.18.73.2 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
2134194.18.73.2 445 tcp microsoft-ds closed
2135194.18.73.2 520 tcp efs filtered
2136194.18.73.2 520 udp route closed
2137194.18.73.2 2049 tcp nfs filtered
2138194.18.73.2 2049 udp nfs unknown
2139194.39.164.140 21 tcp ftp open ProFTPD
2140194.39.164.140 53 tcp domain filtered
2141194.39.164.140 53 udp domain unknown
2142194.39.164.140 67 tcp dhcps filtered
2143194.39.164.140 67 udp dhcps unknown
2144194.39.164.140 68 tcp dhcpc filtered
2145194.39.164.140 68 udp dhcpc unknown
2146194.39.164.140 69 tcp tftp filtered
2147194.39.164.140 69 udp tftp unknown
2148194.39.164.140 80 tcp http open nginx
2149194.39.164.140 88 tcp kerberos-sec filtered
2150194.39.164.140 88 udp kerberos-sec unknown
2151194.39.164.140 110 tcp pop3 open Courier pop3d
2152194.39.164.140 123 tcp ntp filtered
2153194.39.164.140 123 udp ntp unknown
2154194.39.164.140 137 tcp netbios-ns filtered
2155194.39.164.140 137 udp netbios-ns filtered
2156194.39.164.140 138 tcp netbios-dgm filtered
2157194.39.164.140 138 udp netbios-dgm filtered
2158194.39.164.140 139 tcp netbios-ssn closed
2159194.39.164.140 139 udp netbios-ssn unknown
2160194.39.164.140 161 tcp snmp filtered
2161194.39.164.140 161 udp snmp unknown
2162194.39.164.140 162 tcp snmptrap filtered
2163194.39.164.140 162 udp snmptrap unknown
2164194.39.164.140 389 tcp ldap filtered
2165194.39.164.140 389 udp ldap unknown
2166194.39.164.140 443 tcp ssl/http open nginx
2167194.39.164.140 465 tcp ssl/smtps open
2168194.39.164.140 520 tcp efs filtered
2169194.39.164.140 520 udp route unknown
2170194.39.164.140 587 tcp smtp open Postfix smtpd
2171194.39.164.140 993 tcp ssl/imaps open
2172194.39.164.140 2020 tcp ssh open OpenSSH 7.4 protocol 2.0
2173194.39.164.140 2049 tcp nfs filtered
2174194.39.164.140 2049 udp nfs unknown
2175194.39.164.140 8443 tcp ssl/https-alt open sw-cp-server
2176194.39.164.140 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
2177200.35.157.77 53 tcp domain filtered
2178200.35.157.77 53 udp domain unknown
2179200.35.157.77 67 tcp dhcps filtered
2180200.35.157.77 67 udp dhcps unknown
2181200.35.157.77 68 tcp dhcpc filtered
2182200.35.157.77 68 udp dhcpc unknown
2183200.35.157.77 69 tcp tftp filtered
2184200.35.157.77 69 udp tftp unknown
2185200.35.157.77 88 tcp kerberos-sec filtered
2186200.35.157.77 88 udp kerberos-sec unknown
2187200.35.157.77 123 tcp ntp filtered
2188200.35.157.77 123 udp ntp unknown
2189200.35.157.77 137 tcp netbios-ns filtered
2190200.35.157.77 137 udp netbios-ns filtered
2191200.35.157.77 138 tcp netbios-dgm filtered
2192200.35.157.77 138 udp netbios-dgm filtered
2193200.35.157.77 139 tcp netbios-ssn closed
2194200.35.157.77 139 udp netbios-ssn unknown
2195200.35.157.77 161 tcp snmp filtered
2196200.35.157.77 161 udp snmp unknown
2197200.35.157.77 162 tcp snmptrap filtered
2198200.35.157.77 162 udp snmptrap unknown
2199200.35.157.77 389 tcp ldap filtered
2200200.35.157.77 389 udp ldap unknown
2201200.35.157.77 520 tcp efs filtered
2202200.35.157.77 520 udp route unknown
2203200.35.157.77 2049 tcp nfs filtered
2204200.35.157.77 2049 udp nfs unknown
2205201.131.38.40 25 tcp smtp closed
2206201.131.38.40 53 tcp domain filtered
2207201.131.38.40 53 udp domain unknown
2208201.131.38.40 67 tcp dhcps filtered
2209201.131.38.40 67 udp dhcps unknown
2210201.131.38.40 68 tcp dhcpc filtered
2211201.131.38.40 68 udp dhcpc unknown
2212201.131.38.40 69 tcp tftp filtered
2213201.131.38.40 69 udp tftp unknown
2214201.131.38.40 80 tcp http open Apache httpd
2215201.131.38.40 88 tcp kerberos-sec filtered
2216201.131.38.40 88 udp kerberos-sec unknown
2217201.131.38.40 123 tcp ntp filtered
2218201.131.38.40 123 udp ntp unknown
2219201.131.38.40 137 tcp netbios-ns filtered
2220201.131.38.40 137 udp netbios-ns filtered
2221201.131.38.40 138 tcp netbios-dgm filtered
2222201.131.38.40 138 udp netbios-dgm filtered
2223201.131.38.40 139 tcp netbios-ssn closed
2224201.131.38.40 139 udp netbios-ssn unknown
2225201.131.38.40 161 tcp snmp filtered
2226201.131.38.40 161 udp snmp unknown
2227201.131.38.40 162 tcp snmptrap filtered
2228201.131.38.40 162 udp snmptrap unknown
2229201.131.38.40 389 tcp ldap filtered
2230201.131.38.40 389 udp ldap unknown
2231201.131.38.40 443 tcp ssl/http open Apache httpd
2232201.131.38.40 445 tcp microsoft-ds closed
2233201.131.38.40 520 tcp efs filtered
2234201.131.38.40 520 udp route unknown
2235201.131.38.40 2049 tcp nfs filtered
2236201.131.38.40 2049 udp nfs unknown
2237217.160.131.142 21 tcp ftp open ProFTPD
2238217.160.131.142 22 tcp ssh open OpenSSH 5.3 protocol 2.0
2239217.160.131.142 53 tcp domain closed
2240217.160.131.142 53 udp domain unknown
2241217.160.131.142 67 tcp dhcps closed
2242217.160.131.142 67 udp dhcps unknown
2243217.160.131.142 68 tcp dhcpc closed
2244217.160.131.142 68 udp dhcpc closed
2245217.160.131.142 69 tcp tftp closed
2246217.160.131.142 69 udp tftp unknown
2247217.160.131.142 80 tcp http open Apache httpd PleskLin
2248217.160.131.142 88 tcp kerberos-sec closed
2249217.160.131.142 88 udp kerberos-sec unknown
2250217.160.131.142 123 tcp ntp closed
2251217.160.131.142 123 udp ntp unknown
2252217.160.131.142 137 tcp netbios-ns closed
2253217.160.131.142 137 udp netbios-ns filtered
2254217.160.131.142 138 tcp netbios-dgm closed
2255217.160.131.142 138 udp netbios-dgm filtered
2256217.160.131.142 139 tcp netbios-ssn closed
2257217.160.131.142 139 udp netbios-ssn closed
2258217.160.131.142 161 tcp snmp closed
2259217.160.131.142 161 udp snmp unknown
2260217.160.131.142 162 tcp snmptrap closed
2261217.160.131.142 162 udp snmptrap closed
2262217.160.131.142 389 tcp ldap closed
2263217.160.131.142 389 udp ldap closed
2264217.160.131.142 443 tcp ssl/http open Apache httpd PleskLin
2265217.160.131.142 520 tcp efs closed
2266217.160.131.142 520 udp route unknown
2267217.160.131.142 2049 tcp nfs closed
2268217.160.131.142 2049 udp nfs closed
2269217.160.131.142 3306 tcp mysql open MySQL 5.1.73
2270217.160.131.142 4643 tcp ssl/http open Apache httpd
2271217.160.131.142 8443 tcp ssl/http open sw-cp-server httpd Plesk Onyx 17.8.11
2272217.160.131.142 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
2273#######################################################################################################################################
2274Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-05 10:32 EST
2275Nmap scan report for 12.60.154.104.bc.googleusercontent.com (104.154.60.12)
2276Host is up (0.067s latency).
2277Not shown: 994 filtered ports
2278PORT STATE SERVICE VERSION
227925/tcp closed smtp
228080/tcp open http nginx
2281| vulscan: VulDB - https://vuldb.com:
2282| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
2283| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
2284| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
2285| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
2286| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
2287| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
2288| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
2289| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
2290| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
2291| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
2292| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
2293| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
2294| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
2295| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
2296| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
2297| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
2298| [67677] nginx up to 1.7.3 SSL weak authentication
2299| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
2300| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
2301| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
2302| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
2303| [65364] nginx up to 1.1.13 Default Configuration information disclosure
2304| [8671] nginx up to 1.4 proxy_pass denial of service
2305| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
2306| [7247] nginx 1.2.6 Proxy Function spoofing
2307| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
2308| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
2309| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
2310| [59645] nginx up to 0.8.9 Heap-based memory corruption
2311| [53592] nginx 0.8.36 memory corruption
2312| [53590] nginx up to 0.8.9 unknown vulnerability
2313| [51533] nginx 0.7.64 Terminal privilege escalation
2314| [50905] nginx up to 0.8.9 directory traversal
2315| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
2316| [50043] nginx up to 0.8.10 memory corruption
2317|
2318| MITRE CVE - https://cve.mitre.org:
2319| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
2320| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
2321| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
2322| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
2323| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
2324| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
2325| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
2326| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
2327| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
2328| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
2329| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
2330| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
2331| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
2332|
2333| SecurityFocus - https://www.securityfocus.com/bid/:
2334| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2335| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2336| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
2337| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
2338| [82230] nginx Multiple Denial of Service Vulnerabilities
2339| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
2340| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2341| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
2342| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
2343| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2344| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
2345| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
2346| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2347| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
2348| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
2349| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
2350| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
2351| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
2352| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
2353| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2354| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2355| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2356| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2357| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
2358| [40420] nginx Directory Traversal Vulnerability
2359| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2360| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2361| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2362| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2363| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
2364|
2365| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2366| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
2367| [84172] nginx denial of service
2368| [84048] nginx buffer overflow
2369| [83923] nginx ngx_http_close_connection() integer overflow
2370| [83688] nginx null byte code execution
2371| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
2372| [82319] nginx access.log information disclosure
2373| [80952] nginx SSL spoofing
2374| [77244] nginx and Microsoft Windows request security bypass
2375| [76778] Naxsi module for Nginx nx_extract.py directory traversal
2376| [74831] nginx ngx_http_mp4_module.c buffer overflow
2377| [74191] nginx ngx_cpystrn() information disclosure
2378| [74045] nginx header response information disclosure
2379| [71355] nginx ngx_resolver_copy() buffer overflow
2380| [59370] nginx characters denial of service
2381| [59369] nginx DATA source code disclosure
2382| [59047] nginx space source code disclosure
2383| [58966] nginx unspecified directory traversal
2384| [54025] nginx ngx_http_parse.c denial of service
2385| [53431] nginx WebDAV component directory traversal
2386| [53328] Nginx CRC-32 cached domain name spoofing
2387| [53250] Nginx ngx_http_parse_complex_uri() function code execution
2388|
2389| Exploit-DB - https://www.exploit-db.com:
2390| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
2391| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
2392| [25499] nginx 1.3.9-1.4.0 DoS PoC
2393| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
2394| [14830] nginx 0.6.38 - Heap Corruption Exploit
2395| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
2396| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
2397| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
2398| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
2399| [9829] nginx 0.7.61 WebDAV directory traversal
2400|
2401| OpenVAS (Nessus) - http://www.openvas.org:
2402| [864418] Fedora Update for nginx FEDORA-2012-3846
2403| [864310] Fedora Update for nginx FEDORA-2012-6238
2404| [864209] Fedora Update for nginx FEDORA-2012-6411
2405| [864204] Fedora Update for nginx FEDORA-2012-6371
2406| [864121] Fedora Update for nginx FEDORA-2012-4006
2407| [864115] Fedora Update for nginx FEDORA-2012-3991
2408| [864065] Fedora Update for nginx FEDORA-2011-16075
2409| [863654] Fedora Update for nginx FEDORA-2011-16110
2410| [861232] Fedora Update for nginx FEDORA-2007-1158
2411| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
2412| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
2413| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
2414| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
2415| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2416| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2417| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2418| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2419| [100659] nginx Directory Traversal Vulnerability
2420| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
2421| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2422| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2423| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2424| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
2425| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2426| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
2427| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
2428| [71297] FreeBSD Ports: nginx
2429| [71276] FreeBSD Ports: nginx
2430| [71239] Debian Security Advisory DSA 2434-1 (nginx)
2431| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
2432| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
2433| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
2434| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
2435| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
2436| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
2437| [64894] FreeBSD Ports: nginx
2438| [64869] Debian Security Advisory DSA 1884-1 (nginx)
2439|
2440| SecurityTracker - https://www.securitytracker.com:
2441| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
2442| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
2443| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
2444| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
2445|
2446| OSVDB - http://www.osvdb.org:
2447| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
2448| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
2449| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
2450| [92796] nginx ngx_http_close_connection Function Crafted r->
2451| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
2452| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
2453| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
2454| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
2455| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
2456| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
2457| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
2458| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
2459| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
2460| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
2461| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
2462| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2463| [62617] nginx Internal DNS Cache Poisoning Weakness
2464| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
2465| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
2466| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
2467| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
2468| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
2469| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
2470| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
2471| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
2472| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
2473| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
2474|_
2475139/tcp closed netbios-ssn
2476443/tcp open ssl/http nginx
2477| vulscan: VulDB - https://vuldb.com:
2478| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
2479| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
2480| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
2481| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
2482| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
2483| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
2484| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
2485| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
2486| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
2487| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
2488| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
2489| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
2490| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
2491| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
2492| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
2493| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
2494| [67677] nginx up to 1.7.3 SSL weak authentication
2495| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
2496| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
2497| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
2498| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
2499| [65364] nginx up to 1.1.13 Default Configuration information disclosure
2500| [8671] nginx up to 1.4 proxy_pass denial of service
2501| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
2502| [7247] nginx 1.2.6 Proxy Function spoofing
2503| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
2504| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
2505| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
2506| [59645] nginx up to 0.8.9 Heap-based memory corruption
2507| [53592] nginx 0.8.36 memory corruption
2508| [53590] nginx up to 0.8.9 unknown vulnerability
2509| [51533] nginx 0.7.64 Terminal privilege escalation
2510| [50905] nginx up to 0.8.9 directory traversal
2511| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
2512| [50043] nginx up to 0.8.10 memory corruption
2513|
2514| MITRE CVE - https://cve.mitre.org:
2515| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
2516| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
2517| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
2518| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
2519| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
2520| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
2521| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
2522| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
2523| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
2524| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
2525| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
2526| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
2527| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
2528|
2529| SecurityFocus - https://www.securityfocus.com/bid/:
2530| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2531| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2532| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
2533| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
2534| [82230] nginx Multiple Denial of Service Vulnerabilities
2535| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
2536| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2537| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
2538| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
2539| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2540| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
2541| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
2542| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2543| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
2544| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
2545| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
2546| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
2547| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
2548| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
2549| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2550| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2551| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2552| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2553| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
2554| [40420] nginx Directory Traversal Vulnerability
2555| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2556| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2557| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2558| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2559| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
2560|
2561| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2562| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
2563| [84172] nginx denial of service
2564| [84048] nginx buffer overflow
2565| [83923] nginx ngx_http_close_connection() integer overflow
2566| [83688] nginx null byte code execution
2567| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
2568| [82319] nginx access.log information disclosure
2569| [80952] nginx SSL spoofing
2570| [77244] nginx and Microsoft Windows request security bypass
2571| [76778] Naxsi module for Nginx nx_extract.py directory traversal
2572| [74831] nginx ngx_http_mp4_module.c buffer overflow
2573| [74191] nginx ngx_cpystrn() information disclosure
2574| [74045] nginx header response information disclosure
2575| [71355] nginx ngx_resolver_copy() buffer overflow
2576| [59370] nginx characters denial of service
2577| [59369] nginx DATA source code disclosure
2578| [59047] nginx space source code disclosure
2579| [58966] nginx unspecified directory traversal
2580| [54025] nginx ngx_http_parse.c denial of service
2581| [53431] nginx WebDAV component directory traversal
2582| [53328] Nginx CRC-32 cached domain name spoofing
2583| [53250] Nginx ngx_http_parse_complex_uri() function code execution
2584|
2585| Exploit-DB - https://www.exploit-db.com:
2586| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
2587| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
2588| [25499] nginx 1.3.9-1.4.0 DoS PoC
2589| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
2590| [14830] nginx 0.6.38 - Heap Corruption Exploit
2591| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
2592| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
2593| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
2594| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
2595| [9829] nginx 0.7.61 WebDAV directory traversal
2596|
2597| OpenVAS (Nessus) - http://www.openvas.org:
2598| [864418] Fedora Update for nginx FEDORA-2012-3846
2599| [864310] Fedora Update for nginx FEDORA-2012-6238
2600| [864209] Fedora Update for nginx FEDORA-2012-6411
2601| [864204] Fedora Update for nginx FEDORA-2012-6371
2602| [864121] Fedora Update for nginx FEDORA-2012-4006
2603| [864115] Fedora Update for nginx FEDORA-2012-3991
2604| [864065] Fedora Update for nginx FEDORA-2011-16075
2605| [863654] Fedora Update for nginx FEDORA-2011-16110
2606| [861232] Fedora Update for nginx FEDORA-2007-1158
2607| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
2608| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
2609| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
2610| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
2611| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2612| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2613| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2614| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2615| [100659] nginx Directory Traversal Vulnerability
2616| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
2617| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2618| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2619| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2620| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
2621| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2622| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
2623| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
2624| [71297] FreeBSD Ports: nginx
2625| [71276] FreeBSD Ports: nginx
2626| [71239] Debian Security Advisory DSA 2434-1 (nginx)
2627| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
2628| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
2629| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
2630| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
2631| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
2632| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
2633| [64894] FreeBSD Ports: nginx
2634| [64869] Debian Security Advisory DSA 1884-1 (nginx)
2635|
2636| SecurityTracker - https://www.securitytracker.com:
2637| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
2638| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
2639| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
2640| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
2641|
2642| OSVDB - http://www.osvdb.org:
2643| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
2644| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
2645| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
2646| [92796] nginx ngx_http_close_connection Function Crafted r->
2647| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
2648| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
2649| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
2650| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
2651| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
2652| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
2653| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
2654| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
2655| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
2656| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
2657| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
2658| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2659| [62617] nginx Internal DNS Cache Poisoning Weakness
2660| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
2661| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
2662| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
2663| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
2664| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
2665| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
2666| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
2667| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
2668| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
2669| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
2670|_
2671445/tcp closed microsoft-ds
26722222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
2673| vulscan: VulDB - https://vuldb.com:
2674| [10259] ProFTPD 1.3.4/1.3.5 mod_sftp/mod_sftp_pam kbdint.c resp_count denial of service
2675| [4290] ProFTPD up to 1.3.3 mod_sftpd Big Payload denial of service
2676| [138380] ProFTPD 1.3.5b mod_copy Code Execution
2677| [81624] ProFTPD up to 1.3.5a/1.3.6rc1 mod_tls mod_tls.c weak encryption
2678| [75436] ProFTPD 1.3.4e/1.3.5 mod_copy File privilege escalation
2679| [7244] ProFTPD up to 1.3.4 MKD/XMKD Command race condition
2680| [59589] ProFTPD up to 1.3.3 Use-After-Free memory corruption
2681| [56304] ProFTPD up to 1.3.3 contrib/mod_sql.c) sql_prepare_where memory corruption
2682| [56042] GNU C Library up to 2.12.2 proftpd.gnu.c denial of service
2683| [56041] GNU C Library up to 2.12.2 proftpd.gnu.c denial of service
2684| [55410] ProFTPD 1.3.2/1.3.3 Telnet netio.c pr_netio_telnet_gets memory corruption
2685| [55403] ProFTPD 1.2.10/1.3.0/1.3.1/1.3.2/1.3.3 mod_site_misc Symlink directory traversal
2686| [55392] ProFTPD up to 1.3.2 pr_data_xfer denial of service
2687| [50631] ProFTPD 1.3.1/1.3.2/1.3.3 mod_tls unknown vulnerability
2688| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
2689| [46499] ProFTPD 1.3.1/1.3.2/1.3.2 Rc2 mod_sql sql injection
2690| [44191] ProFTPD 1.3.1 FTP Command cross site request forgery
2691| [36309] ProFTPD 1.3.0 Rc1 mod_sql Plaintext unknown vulnerability
2692| [2747] ProFTPD 1.3.0/1.3.0a mod_ctrls pr_ctrls_recv_request memory corruption
2693| [33495] ProFTPD 1.3.0a Configuration File affected denial of service
2694| [2711] ProFTPD 1.3.0a mod_tls tls_x509_name_oneline memory corruption
2695| [2705] ProFTPD 1.3.0 main.c CommandBufferSize denial of service
2696|
2697| MITRE CVE - https://cve.mitre.org:
2698| [CVE-2011-1137] Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
2699| [CVE-2012-6095] ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
2700| [CVE-2011-4130] Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
2701| [CVE-2010-4652] Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.
2702| [CVE-2010-4562] Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652.
2703| [CVE-2010-4221] Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
2704| [CVE-2010-4052] Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.
2705| [CVE-2010-4051] The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."
2706| [CVE-2010-3867] Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
2707| [CVE-2009-3639] The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended client-hostname restrictions via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
2708| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
2709| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
2710| [CVE-2009-0542] SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.
2711| [CVE-2008-7265] The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
2712| [CVE-2008-4242] ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
2713| [CVE-2007-2165] The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.
2714| [CVE-2006-6563] Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
2715| [CVE-2006-6171] ** DISPUTED ** ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability.
2716| [CVE-2006-6170] Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.
2717| [CVE-2006-5815] Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
2718| [CVE-2005-4816] Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
2719| [CVE-2005-2390] Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.
2720| [CVE-2005-0484] Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log.
2721| [CVE-2004-1602] ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
2722| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
2723| [CVE-2004-0432] ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
2724| [CVE-2004-0346] Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.
2725| [CVE-2003-0831] ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
2726| [CVE-2003-0500] SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
2727| [CVE-2001-1501] The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument.
2728| [CVE-2001-1500] ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
2729| [CVE-2001-0456] postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
2730| [CVE-2001-0318] Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
2731| [CVE-2001-0136] Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
2732| [CVE-2001-0027] mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users.
2733| [CVE-2000-0574] FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
2734| [CVE-1999-1475] ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
2735| [CVE-1999-0911] Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
2736| [CVE-1999-0368] Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
2737|
2738| SecurityFocus - https://www.securityfocus.com/bid/:
2739| [62328] ProFTPD 'mod_sftp_pam' Remote Denial of Service Vulnerability
2740| [46183] ProFTPD 'mod_sftp' Module Integer Overflow Vulnerability
2741| [97409] ProFTPD CVE-2017-7418 Local Security Bypass Vulnerability
2742| [89750] ProFTPD CVE-2001-1501 Denial-Of-Service Vulnerability
2743| [88575] ProFTPD CVE-2001-0027 Denial-Of-Service Vulnerability
2744| [84378] Proftpd CVE-2008-7265 Denial-Of-Service Vulnerability
2745| [84329] ProFTPD Out Of Bounds Multiple Memory Corruption Vulnerabilities
2746| [84327] ProFTPD CVE-2016-3125 Diffie Hellman Key Exchange Security Bypass Vulnerability
2747| [82756] ProFTPD CVE-2003-0500 SQL-Injection Vulnerability
2748| [82433] GProFTPD CVE-2005-0484 Remote Security Vulnerability
2749| [77684] ProFTPD Heap Buffer Overflow and Denial of Service Vulnerabilities
2750| [74238] ProFTPD CVE-2015-3306 Information Disclosure Vulnerabilities
2751| [57172] ProFTPD Race Condition Local Privilege Escalation Vulnerability
2752| [50631] ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability
2753| [45150] ProFTPD Backdoor Unauthorized Access Vulnerability
2754| [44933] ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
2755| [44562] ProFTPD Multiple Remote Vulnerabilities
2756| [36804] ProFTPD mod_tls Module NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2757| [33722] ProFTPD 'mod_sql' Username SQL Injection Vulnerability
2758| [33650] ProFTPD Character Encoding SQL Injection Vulnerability
2759| [23546] ProFTPD AUTH Multiple Authentication Module Security Bypass Vulnerability
2760| [21587] ProFTPD Controls Module Local Buffer Overflow Vulnerability
2761| [21326] ProFTPD MOD_TLS Remote Buffer Overflow Vulnerability
2762| [20992] ProFTPD SReplace Remote Buffer Overflow Vulnerability
2763| [16535] ProFTPD Mod_Radius Buffer Overflow Vulnerability
2764| [14381] ProFTPD Shutdown Message Format String Vulnerability
2765| [14380] ProFTPD SQLShowInfo SQL Output Format String Vulnerability
2766| [12588] GProFTPD GProstats Remote Format String Vulnerability
2767| [11430] ProFTPD Authentication Delay Username Enumeration Vulnerability
2768| [10252] ProFTPD CIDR Access Control Rule Bypass Vulnerability
2769| [9782] ProFTPD _xlate_ascii_write() Buffer Overrun Vulnerability
2770| [8679] ProFTPD ASCII File Transfer Buffer Overrun Vulnerability
2771| [7974] ProFTPD SQL Injection mod_sql Vulnerability
2772| [6781] ProFTPD 1.2.0rc2 log_pri() Format String Vulnerability
2773| [6341] ProFTPD STAT Command Denial Of Service Vulnerability
2774| [3310] ProFTPD Client Hostname Resolving Vulnerability
2775| [2366] ProFTPD USER Remote Denial of Service Vulnerability
2776| [2185] ProFTPD SIZE Remote Denial of Service Vulnerability
2777| [812] ProFTPD mod_sqlpw Vulnerability
2778| [650] ProFTPD snprintf Vulnerability
2779| [612] ProFTPD Remote Buffer Overflow
2780|
2781| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2782| [65207] ProFTPD mod_sftp module denial of service
2783| [80980] ProFTPD FTP commands symlink
2784| [71226] ProFTPD pool code execution
2785| [64495] ProFTPD sql_prepare_where() buffer overflow
2786| [63658] ProFTPD FTP server backdoor
2787| [63407] mod_sql module for ProFTPD buffer overflow
2788| [63155] ProFTPD pr_data_xfer denial of service
2789| [62909] ProFTPD mod_site_misc directory traversal
2790| [62908] ProFTPD pr_netio_telnet_gets() buffer overflow
2791| [53936] ProFTPD mod_tls SSL certificate security bypass
2792| [48951] ProFTPD mod_sql username percent SQL injection
2793| [48558] ProFTPD NLS support SQL injection protection bypass
2794| [45274] ProFTPD URL cross-site request forgery
2795| [33733] ProFTPD Auth API security bypass
2796| [31461] ProFTPD mod_radius buffer overflow
2797| [30906] ProFTPD Controls (mod_ctrls) module buffer overflow
2798| [30554] ProFTPD mod_tls module tls_x509_name_oneline() buffer overflow
2799| [30147] ProFTPD sreplace() buffer overflow
2800| [21530] ProFTPD mod_sql format string attack
2801| [21528] ProFTPD shutdown message format string attack
2802| [19410] GProFTPD file name format string attack
2803| [18453] ProFTPD SITE CHGRP command allows group ownership modification
2804| [17724] ProFTPD could allow an attacker to obtain valid accounts
2805| [16038] ProFTPD CIDR entry ACL bypass
2806| [15387] ProFTPD off-by-one _xlate_ascii_write function buffer overflow
2807| [12369] ProFTPD mod_sql SQL injection
2808| [12200] ProFTPD ASCII file newline buffer overflow
2809| [10932] ProFTPD long PASS command buffer overflow
2810| [8332] ProFTPD mod_sqlpw stores passwords in the wtmp log file
2811| [7818] ProFTPD ls "
2812| [7816] ProFTPD file globbing denial of service
2813| [7126] ProFTPD fails to resolve hostnames
2814| [6433] ProFTPD format string
2815| [6209] proFTPD /var symlink
2816| [6208] ProFTPD contains configuration error in postinst script when running as root
2817| [5801] proftpd memory leak when using SIZE or USER commands
2818| [5737] ProFTPD system using mod_sqlpw unauthorized access
2819|
2820| Exploit-DB - https://www.exploit-db.com:
2821| [16129] ProFTPD mod_sftp Integer Overflow DoS PoC
2822| [23170] ProFTPD 1.2.7/1.2.8 ASCII File Transfer Buffer Overrun Vulnerability
2823| [22079] ProFTPD 1.2.x STAT Command Denial of Service Vulnerability
2824| [20690] wu-ftpd 2.4/2.5/2.6,Trolltech ftpd 1.2,ProFTPD 1.2,BeroFTPD 1.3.4 FTP glob Expansion Vulnerability
2825| [20536] ProFTPD 1.2 SIZE Remote Denial of Service Vulnerability
2826| [19503] ProFTPD 1.2 pre6 snprintf Vulnerability
2827| [19476] ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 Remote Buffer Overflow (2)
2828| [19475] ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 Remote Buffer Overflow (1)
2829| [19087] wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (2)
2830| [19086] wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (1)
2831| [18181] FreeBSD ftpd and ProFTPd on FreeBSD Remote r00t Exploit
2832| [16921] ProFTPD-1.3.3c Backdoor Command Execution
2833| [16878] ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)
2834| [16852] ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)
2835| [16851] ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)
2836| [15662] ProFTPD 1.3.3c compromised source remote root Trojan
2837| [15449] ProFTPD IAC Remote Root Exploit
2838| [10044] ProFTPd 1.3.0 mod_ctrls Local Stack Overflow (opensuse)
2839| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
2840| [4312] ProFTPD 1.x (module mod_tls) Remote Buffer Overflow Exploit
2841| [3730] ProFTPD 1.3.0/1.3.0a (mod_ctrls) Local Overflow Exploit (exec-shield)
2842| [3333] ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit 2
2843| [3330] ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit
2844| [3021] ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit
2845| [2928] ProFTPD <= 1.3.0a (mod_ctrls support) Local Buffer Overflow PoC
2846| [2856] ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)
2847| [581] ProFTPD <= 1.2.10 Remote Users Enumeration Exploit
2848| [394] ProFTPd Local pr_ctrls_connect Vulnerability - ftpdctl
2849| [244] ProFTPD <= 1.2.0pre10 Remote Denial of Service Exploit
2850| [241] ProFTPD 1.2.0 (rc2) - memory leakage example Exploit
2851| [110] ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit
2852| [107] ProFTPD 1.2.9rc2 ASCII File Remote Root Exploit
2853| [43] ProFTPD 1.2.9RC1 (mod_sql) Remote SQL Injection Exploit
2854|
2855| OpenVAS (Nessus) - http://www.openvas.org:
2856| [53791] Debian Security Advisory DSA 029-1 (proftpd)
2857|
2858| SecurityTracker - https://www.securitytracker.com:
2859| [1028040] ProFTPD MKD/XMKD Race Condition Lets Local Users Gain Elevated Privileges
2860| [1026321] ProFTPD Use-After-Free Memory Error Lets Remote Authenticated Users Execute Arbitrary Code
2861| [1020945] ProFTPD Request Processing Bug Permits Cross-Site Request Forgery Attacks
2862| [1017931] ProFTPD Auth API State Error May Let Remote Users Access the System in Certain Cases
2863| [1017167] ProFTPD sreplace() Off-by-one Bug Lets Remote Users Execute Arbitrary Code
2864| [1012488] ProFTPD SITE CHGRP Command Lets Remote Authenticated Users Modify File/Directory Group Ownership
2865| [1011687] ProFTPd Login Timing Differences Disclose Valid User Account Names to Remote Users
2866| [1009997] ProFTPD Access Control Bug With CIDR Addresses May Let Remote Authenticated Users Access Files
2867| [1009297] ProFTPD _xlate_ascii_write() Off-By-One Buffer Overflows Let Remote Users Execute Arbitrary Code With Root Privileges
2868| [1007794] ProFTPD ASCII Mode File Upload Buffer Overflow Lets Certain Remote Users Execute Arbitrary Code
2869| [1007020] ProFTPD Input Validation Flaw When Authenticating Against Postgresql Using 'mod_sql' Lets Remote Users Gain Access
2870| [1003019] ProFTPD FTP Server May Allow Local Users to Execute Code on the Server
2871| [1002354] ProFTPD Reverse DNS Feature Fails to Check Forward-to-Reverse DNS Mappings
2872| [1002148] ProFTPD Site and Quote Commands May Allow Remote Users to Execute Arbitrary Commands on the Server
2873|
2874| OSVDB - http://www.osvdb.org:
2875| [70868] ProFTPD mod_sftp Component SSH Payload DoS
2876| [89051] ProFTPD Multiple FTP Command Handling Symlink Arbitrary File Overwrite
2877| [77004] ProFTPD Use-After-Free Response Pool Allocation List Parsing Remote Memory Corruption
2878| [70782] ProFTPD contrib/mod_sql.c sql_prepare_where Function Crafted Username Handling Remote Overflow
2879| [69562] ProFTPD on ftp.proftpd.org Compromised Source Packages Trojaned Distribution
2880| [69200] ProFTPD pr_data_xfer Function ABOR Command Remote DoS
2881| [68988] ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipulation
2882| [68985] ProFTPD netio.c pr_netio_telnet_gets Function TELNET_IAC Escape Sequence Remote Overflow
2883| [59292] ProFTPD mod_tls Module Certificate Authority (CA) subjectAltName Field Null Byte Handling SSL MiTM Weakness
2884| [57311] ProFTPD contrib/mod_ratio.c Multiple Unspecified Buffer Handling Issues
2885| [57310] ProFTPD Multiple Unspecified Overflows
2886| [57309] ProFTPD src/support.c Unspecified Buffer Handling Issue
2887| [57308] ProFTPD modules/mod_core.c Multiple Unspecified Overflows
2888| [57307] ProFTPD Multiple Modules Unspecified Overflows
2889| [57306] ProFTPD contrib/mod_pam.c Multiple Unspecified Buffer Handling Issues
2890| [57305] ProFTPD src/main.c Unspecified Overflow
2891| [57304] ProFTPD src/log.c Logfile Handling Unspecified Race Condition
2892| [57303] ProFTPD modules/mod_auth.c Unspecified Issue
2893| [51954] ProFTPD Server NLS Support mod_sql_* Encoded Multibyte Character SQL Injection Protection Bypass
2894| [51953] ProFTPD Server mod_sql username % Character Handling SQL Injection
2895| [51849] ProFTPD Character Encoding SQL Injection
2896| [51720] ProFTPD NLST Command Argument Handling Remote Overflow
2897| [51719] ProFTPD MKDIR Command Directory Name Handling Remote Overflow
2898| [48411] ProFTPD FTP Command Truncation CSRF
2899| [34602] ProFTPD Auth API Multiple Auth Module Authentication Bypass
2900| [31509] ProFTPD mod_ctrls Module pr_ctrls_recv_request Function Local Overflow
2901| [30719] mod_tls Module for ProFTPD tls_x509_name_oneline Function Remote Overflow
2902| [30660] ProFTPD CommandBufferSize Option cmd_loop() Function DoS
2903| [30267] ProFTPD src/support.c sreplace() Function Remote Overflow
2904| [23063] ProFTPD mod_radius Password Overflow DoS
2905| [20212] ProFTPD Host Reverse Resolution Failure ACL Bypass
2906| [18271] ProFTPD mod_sql SQLShowInfo Directive Format String
2907| [18270] ProFTPD ftpshut Shutdown Message Format String
2908| [14012] GProftpd gprostats Utility Log Parser Remote Format String
2909| [10769] ProFTPD File Transfer Newline Character Overflow
2910| [10768] ProFTPD STAT Command Remote DoS
2911| [10758] ProFTPD Login Timing Account Name Enumeration
2912| [10173] ProFTPD mod_sqlpw wtmp Authentication Credential Disclosure
2913| [9507] PostgreSQL Authentication Module (mod_sql) for ProFTPD USER Name Parameter SQL Injection
2914| [9163] ProFTPD MKDIR Directory Creation / Change Remote Overflow (palmetto)
2915| [7166] ProFTPD SIZE Command Memory Leak Remote DoS
2916| [7165] ProFTPD USER Command Memory Leak DoS
2917| [5744] ProFTPD CIDR IP Subnet ACL Bypass
2918| [5705] ProFTPD Malformed cwd Command Format String
2919| [5638] ProFTPD on Debian Linux postinst Installation Privilege Escalation
2920| [4134] ProFTPD in_xlate_ascii_write() Function RETR Command Remote Overflow
2921| [144] ProFTPD src/log.c log_xfer() Function Remote Overflow
2922#######################################################################################################################################
2923[+] URL: https://bpunion.org/
2924[+] Started: Sun Jan 5 10:14:45 2020
2925
2926Interesting Finding(s):
2927
2928[+] https://bpunion.org/
2929 | Interesting Entries:
2930 | - server: nginx
2931 | - x-powered-by: WP Engine
2932 | - x-cacheable: bot
2933 | - x-pass-why:
2934 | - x-cache-group: bot
2935 | Found By: Headers (Passive Detection)
2936 | Confidence: 100%
2937
2938[+] https://bpunion.org/robots.txt
2939 | Interesting Entries:
2940 | - /wp-admin/
2941 | - /wp-admin/admin-ajax.php
2942 | Found By: Robots Txt (Aggressive Detection)
2943 | Confidence: 100%
2944
2945[+] https://bpunion.org/xmlrpc.php
2946 | Found By: Link Tag (Passive Detection)
2947 | Confidence: 100%
2948 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
2949 | References:
2950 | - http://codex.wordpress.org/XML-RPC_Pingback_API
2951 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
2952 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
2953 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
2954 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
2955
2956[+] This site has 'Must Use Plugins': https://bpunion.org/wp-content/mu-plugins/
2957 | Found By: Direct Access (Aggressive Detection)
2958 | Confidence: 80%
2959 | Reference: http://codex.wordpress.org/Must_Use_Plugins
2960
2961[+] https://bpunion.org/wp-cron.php
2962 | Found By: Direct Access (Aggressive Detection)
2963 | Confidence: 60%
2964 | References:
2965 | - https://www.iplocation.net/defend-wordpress-from-ddos
2966 | - https://github.com/wpscanteam/wpscan/issues/1299
2967
2968[+] WordPress version 5.2.5 identified (Latest, released on 2019-12-12).
2969 | Found By: Rss Generator (Passive Detection)
2970 | - https://bpunion.org/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
2971 | - https://bpunion.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
2972
2973[+] WordPress theme in use: nbpc
2974 | Location: https://bpunion.org/wp-content/themes/nbpc/
2975 | [!] An error log file has been found: https://bpunion.org/wp-content/themes/nbpc/error_log
2976 | Style URL: https://bpunion.org/wp-content/themes/nbpc/style.css
2977 | Style Name: NBPC
2978 | Description: Wordpress Theme Designed for NBPC....
2979 | Author: Drogin Group
2980 |
2981 | Found By: Css Style In Homepage (Passive Detection)
2982 | Confirmed By: Urls In Homepage (Passive Detection)
2983 |
2984 | Version: 1.0 (80% confidence)
2985 | Found By: Style (Passive Detection)
2986 | - https://bpunion.org/wp-content/themes/nbpc/style.css, Match: 'Version: 1.0'
2987
2988[+] Enumerating All Plugins (via Passive Methods)
2989[+] Checking Plugin Versions (via Passive and Aggressive Methods)
2990
2991[i] Plugin(s) Identified:
2992
2993[+] gravity-forms-placeholders
2994 | Location: https://bpunion.org/wp-content/plugins/gravity-forms-placeholders/
2995 | Latest Version: 1.2.1 (up to date)
2996 | Last Updated: 2012-07-02T13:31:00.000Z
2997 |
2998 | Found By: Urls In Homepage (Passive Detection)
2999 |
3000 | Version: 1.2.1 (100% confidence)
3001 | Found By: Readme - Stable Tag (Aggressive Detection)
3002 | - https://bpunion.org/wp-content/plugins/gravity-forms-placeholders/readme.txt
3003 | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3004 | - https://bpunion.org/wp-content/plugins/gravity-forms-placeholders/readme.txt
3005
3006[+] gravityforms
3007 | Location: https://bpunion.org/wp-content/plugins/gravityforms/
3008 |
3009 | Found By: Urls In Homepage (Passive Detection)
3010 |
3011 | Version: 2.4.5 (80% confidence)
3012 | Found By: Query Parameter (Passive Detection)
3013 | - https://bpunion.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.5
3014 | - https://bpunion.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.5
3015 | Confirmed By: Change Log (Aggressive Detection)
3016 | - https://bpunion.org/wp-content/plugins/gravityforms/change_log.txt, Match: 'Version 2.4.5'
3017
3018[+] Enumerating Config Backups (via Passive and Aggressive Methods)
3019 Checking Config Backups - Time: 00:00:01 <=============> (21 / 21) 100.00% Time: 00:00:01
3020
3021[i] No Config Backups Found.
3022
3023[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
3024[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
3025
3026[+] Finished: Sun Jan 5 10:14:58 2020
3027[+] Requests Done: 66
3028[+] Cached Requests: 7
3029[+] Data Sent: 12.012 KB
3030[+] Data Received: 682.484 KB
3031[+] Memory used: 167.708 MB
3032[+] Elapsed time: 00:00:12
3033#####################################################################################################################################
3034[+] URL: https://bpunion.org/
3035[+] Started: Sun Jan 5 10:14:50 2020
3036
3037Interesting Finding(s):
3038
3039[+] https://bpunion.org/
3040 | Interesting Entries:
3041 | - server: nginx
3042 | - x-powered-by: WP Engine
3043 | - x-cacheable: bot
3044 | - x-pass-why:
3045 | - x-cache-group: bot
3046 | Found By: Headers (Passive Detection)
3047 | Confidence: 100%
3048
3049[+] https://bpunion.org/robots.txt
3050 | Interesting Entries:
3051 | - /wp-admin/
3052 | - /wp-admin/admin-ajax.php
3053 | Found By: Robots Txt (Aggressive Detection)
3054 | Confidence: 100%
3055
3056[+] https://bpunion.org/xmlrpc.php
3057 | Found By: Link Tag (Passive Detection)
3058 | Confidence: 100%
3059 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3060 | References:
3061 | - http://codex.wordpress.org/XML-RPC_Pingback_API
3062 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3063 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3064 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3065 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3066
3067[+] This site has 'Must Use Plugins': https://bpunion.org/wp-content/mu-plugins/
3068 | Found By: Direct Access (Aggressive Detection)
3069 | Confidence: 80%
3070 | Reference: http://codex.wordpress.org/Must_Use_Plugins
3071
3072[+] https://bpunion.org/wp-cron.php
3073 | Found By: Direct Access (Aggressive Detection)
3074 | Confidence: 60%
3075 | References:
3076 | - https://www.iplocation.net/defend-wordpress-from-ddos
3077 | - https://github.com/wpscanteam/wpscan/issues/1299
3078
3079[+] WordPress version 5.2.5 identified (Latest, released on 2019-12-12).
3080 | Found By: Rss Generator (Passive Detection)
3081 | - https://bpunion.org/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
3082 | - https://bpunion.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
3083
3084[+] WordPress theme in use: nbpc
3085 | Location: https://bpunion.org/wp-content/themes/nbpc/
3086 | [!] An error log file has been found: https://bpunion.org/wp-content/themes/nbpc/error_log
3087 | Style URL: https://bpunion.org/wp-content/themes/nbpc/style.css
3088 | Style Name: NBPC
3089 | Description: Wordpress Theme Designed for NBPC....
3090 | Author: Drogin Group
3091 |
3092 | Found By: Css Style In Homepage (Passive Detection)
3093 | Confirmed By: Urls In Homepage (Passive Detection)
3094 |
3095 | Version: 1.0 (80% confidence)
3096 | Found By: Style (Passive Detection)
3097 | - https://bpunion.org/wp-content/themes/nbpc/style.css, Match: 'Version: 1.0'
3098
3099[+] Enumerating Users (via Passive and Aggressive Methods)
3100 Brute Forcing Author IDs - Time: 00:00:00 <==> (10 / 10) 100.00% Time: 00:00:00
3101
3102[i] User(s) Identified:
3103
3104[+] NBPC
3105 | Found By: Rss Generator (Passive Detection)
3106 | Confirmed By: Rss Generator (Aggressive Detection)
3107
3108[+] stagwp
3109 | Found By: Oembed API - Author URL (Aggressive Detection)
3110 | - https://bpunion.org/wp-json/oembed/1.0/embed?url=https://bpunion.org/&format=json
3111
3112[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
3113[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
3114
3115[+] Finished: Sun Jan 5 10:14:57 2020
3116[+] Requests Done: 19
3117[+] Cached Requests: 42
3118[+] Data Sent: 3.506 KB
3119[+] Data Received: 47.914 KB
3120[+] Memory used: 133.044 MB
3121[+] Elapsed time: 00:00:07
3122#######################################################################################################################################
3123[+] URL: https://bpunion.org/
3124[+] Started: Sun Jan 5 10:17:07 2020
3125
3126Interesting Finding(s):
3127
3128[+] https://bpunion.org/
3129 | Interesting Entries:
3130 | - server: nginx
3131 | - x-powered-by: WP Engine
3132 | - x-cacheable: bot
3133 | - x-pass-why:
3134 | - x-cache-group: bot
3135 | Found By: Headers (Passive Detection)
3136 | Confidence: 100%
3137
3138[+] https://bpunion.org/robots.txt
3139 | Interesting Entries:
3140 | - /wp-admin/
3141 | - /wp-admin/admin-ajax.php
3142 | Found By: Robots Txt (Aggressive Detection)
3143 | Confidence: 100%
3144
3145[+] https://bpunion.org/xmlrpc.php
3146 | Found By: Link Tag (Passive Detection)
3147 | Confidence: 100%
3148 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3149 | References:
3150 | - http://codex.wordpress.org/XML-RPC_Pingback_API
3151 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3152 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3153 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3154 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3155
3156[+] This site has 'Must Use Plugins': https://bpunion.org/wp-content/mu-plugins/
3157 | Found By: Direct Access (Aggressive Detection)
3158 | Confidence: 80%
3159 | Reference: http://codex.wordpress.org/Must_Use_Plugins
3160
3161[+] https://bpunion.org/wp-cron.php
3162 | Found By: Direct Access (Aggressive Detection)
3163 | Confidence: 60%
3164 | References:
3165 | - https://www.iplocation.net/defend-wordpress-from-ddos
3166 | - https://github.com/wpscanteam/wpscan/issues/1299
3167
3168[+] WordPress version 5.2.5 identified (Latest, released on 2019-12-12).
3169 | Found By: Rss Generator (Passive Detection)
3170 | - https://bpunion.org/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
3171 | - https://bpunion.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.5</generator>
3172
3173[+] WordPress theme in use: nbpc
3174 | Location: https://bpunion.org/wp-content/themes/nbpc/
3175 | [!] An error log file has been found: https://bpunion.org/wp-content/themes/nbpc/error_log
3176 | Style URL: https://bpunion.org/wp-content/themes/nbpc/style.css
3177 | Style Name: NBPC
3178 | Description: Wordpress Theme Designed for NBPC....
3179 | Author: Drogin Group
3180 |
3181 | Found By: Css Style In Homepage (Passive Detection)
3182 | Confirmed By: Urls In Homepage (Passive Detection)
3183 |
3184 | Version: 1.0 (80% confidence)
3185 | Found By: Style (Passive Detection)
3186 | - https://bpunion.org/wp-content/themes/nbpc/style.css, Match: 'Version: 1.0'
3187
3188[+] Enumerating Users (via Passive and Aggressive Methods)
3189 Brute Forcing Author IDs - Time: 00:00:00 <============> (10 / 10) 100.00% Time: 00:00:00
3190
3191[i] User(s) Identified:
3192
3193[+] NBPC
3194 | Found By: Rss Generator (Passive Detection)
3195 | Confirmed By: Rss Generator (Aggressive Detection)
3196
3197[+] stagwp
3198 | Found By: Oembed API - Author URL (Aggressive Detection)
3199 | - https://bpunion.org/wp-json/oembed/1.0/embed?url=https://bpunion.org/&format=json
3200
3201[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
3202[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
3203
3204[+] Finished: Sun Jan 5 10:17:13 2020
3205[+] Requests Done: 15
3206[+] Cached Requests: 46
3207[+] Data Sent: 2.622 KB
3208[+] Data Received: 3.927 KB
3209[+] Memory used: 132.845 MB
3210[+] Elapsed time: 00:00:05
3211#####################################################################################################################################
3212[INFO] ------TARGET info------
3213[*] TARGET: https://bpunion.org/
3214[*] TARGET IP: 104.154.60.12
3215[INFO] NO load balancer detected for bpunion.org...
3216[*] DNS servers: ns05.domaincontrol.com.
3217[*] TARGET server: nginx
3218[*] CC: US
3219[*] Country: United States
3220[*] RegionCode: NJ
3221[*] RegionName: New Jersey
3222[*] City: Newark
3223[*] ASN: AS15169
3224[*] BGP_PREFIX: 104.154.0.0/15
3225[*] ISP: GOOGLE - Google LLC, US
3226[INFO] SSL/HTTPS certificate detected
3227[*] Issuer: issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
3228[*] Subject: subject=CN = bpunion.org
3229[ALERT] Let's Encrypt is commonly used for Phishing
3230[INFO] DNS enumeration:
3231[INFO] Possible abuse mails are:
3232[*] abuse@bpunion.org
3233[*] google-cloud-compliance@google.com
3234[INFO] NO PAC (Proxy Auto Configuration) file FOUND
3235[ALERT] robots.txt file FOUND in http://bpunion.org/robots.txt
3236[INFO] Checking for HTTP status codes recursively from http://bpunion.org/robots.txt
3237[INFO] Status code Folders
3238[*] 200 http://bpunion.org/wp-admin/
3239[INFO] Starting FUZZing in http://bpunion.org/FUzZzZzZzZz...
3240[INFO] Status code Folders
3241[*] 200 http://bpunion.org/news
3242[ALERT] Look in the source code. It may contain passwords
3243[INFO] Links found from https://bpunion.org/ http://104.154.60.12/:
3244[*] https://my.wpengine.com/support
3245[*] http://wpengine.com/support/add-domain-in-user-portal/
3246[*] http://wpengine.com/support/cname/
3247[*] http://wpengine.com/support/find-ip/
3248[*] http://www.wpengine.com/
3249cut: intervalle de champ incorrecte
3250Saisissez « cut --help » pour plus d'informations.
3251[INFO] Shodan detected the following opened ports on 104.154.60.12:
3252[*] 443
3253[*] 80
3254[INFO] ------VirusTotal SECTION------
3255[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
3256[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
3257[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
3258[INFO] ------Alexa Rank SECTION------
3259[INFO] Percent of Visitors Rank in Country:
3260[INFO] Percent of Search Traffic:
3261[INFO] Percent of Unique Visits:
3262[INFO] Total Sites Linking In:
3263[*] Total Sites
3264[INFO] Useful links related to bpunion.org - 104.154.60.12:
3265[*] https://www.virustotal.com/pt/ip-address/104.154.60.12/information/
3266[*] https://www.hybrid-analysis.com/search?host=104.154.60.12
3267[*] https://www.shodan.io/host/104.154.60.12
3268[*] https://www.senderbase.org/lookup/?search_string=104.154.60.12
3269[*] https://www.alienvault.com/open-threat-exchange/ip/104.154.60.12
3270[*] http://pastebin.com/search?q=104.154.60.12
3271[*] http://urlquery.net/search.php?q=104.154.60.12
3272[*] http://www.alexa.com/siteinfo/bpunion.org
3273[*] http://www.google.com/safebrowsing/diagnostic?site=bpunion.org
3274[*] https://censys.io/ipv4/104.154.60.12
3275[*] https://www.abuseipdb.com/check/104.154.60.12
3276[*] https://urlscan.io/search/#104.154.60.12
3277[*] https://github.com/search?q=104.154.60.12&type=Code
3278[INFO] Useful links related to AS15169 - 104.154.0.0/15:
3279[*] http://www.google.com/safebrowsing/diagnostic?site=AS:15169
3280[*] https://www.senderbase.org/lookup/?search_string=104.154.0.0/15
3281[*] http://bgp.he.net/AS15169
3282[*] https://stat.ripe.net/AS15169
3283[INFO] Date: 05/01/20 | Time: 10:18:00
3284[INFO] Total time: 0 minute(s) and 53 second(s)
3285######################################################################################################################################
3286 Anonymous JTSEC #OpTrump Full Recon #6