· 6 years ago · Jan 17, 2020, 04:54 PM
1#######################################################################################################################################
2======================================================================================================================================
3Hostname shahamat1.net ISP Ch-net S.r.l.
4Continent Europe Flag
5RO
6Country Romania Country Code RO
7Region Unknown Local time 17 Jan 2020 17:26 EET
8City Unknown Postal Code Unknown
9IP Address 93.113.36.186 Latitude 45.997
10 Longitude 24.997
11======================================================================================================================================
12#######################################################################################################################################
13> shahamat1.net
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: shahamat1.net
19Address: 93.113.36.186
20>
21#######################################################################################################################################
22 Domain Name: SHAHAMAT1.NET
23 Registry Domain ID: 2352783678_DOMAIN_NET-VRSN
24 Registrar WHOIS Server: whois.tucows.com
25 Registrar URL: http://www.tucows.com
26 Updated Date: 2020-01-17T14:05:38Z
27 Creation Date: 2019-01-16T13:34:48Z
28 Registry Expiry Date: 2021-01-16T13:34:48Z
29 Registrar: Tucows Domains Inc.
30 Registrar IANA ID: 69
31 Registrar Abuse Contact Email:
32 Registrar Abuse Contact Phone:
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
35 Name Server: NS1.AFRAID.ORG
36 Name Server: NS2.AFRAID.ORG
37 DNSSEC: unsigned
38#######################################################################################################################################
39Domain Name: SHAHAMAT1.NET
40Registry Domain ID: 2352783678_DOMAIN_NET-VRSN
41Registrar WHOIS Server: whois.tucows.com
42Registrar URL: http://tucowsdomains.com
43Updated Date: 2020-01-17T14:05:38
44Creation Date: 2019-01-16T13:34:48
45Registrar Registration Expiration Date: 2021-01-16T13:34:48
46Registrar: TUCOWS, INC.
47Registrar IANA ID: 69
48Reseller: Hover
49Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
50Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
51Registry Registrant ID:
52Registrant Name: Contact Privacy Inc. Customer 0153692356
53Registrant Organization: Contact Privacy Inc. Customer 0153692356
54Registrant Street: 96 Mowat Ave
55Registrant City: Toronto
56Registrant State/Province: ON
57Registrant Postal Code: M6K 3M1
58Registrant Country: CA
59Registrant Phone: +1.4165385457
60Registrant Phone Ext:
61Registrant Fax:
62Registrant Fax Ext:
63Registrant Email: shahamat1.net@contactprivacy.com
64Registry Admin ID:
65Admin Name: Contact Privacy Inc. Customer 0153692356
66Admin Organization: Contact Privacy Inc. Customer 0153692356
67Admin Street: 96 Mowat Ave
68Admin City: Toronto
69Admin State/Province: ON
70Admin Postal Code: M6K 3M1
71Admin Country: CA
72Admin Phone: +1.4165385457
73Admin Phone Ext:
74Admin Fax:
75Admin Fax Ext:
76Admin Email: shahamat1.net@contactprivacy.com
77Registry Tech ID:
78Tech Name: Contact Privacy Inc. Customer 0153692356
79Tech Organization: Contact Privacy Inc. Customer 0153692356
80Tech Street: 96 Mowat Ave
81Tech City: Toronto
82Tech State/Province: ON
83Tech Postal Code: M6K 3M1
84Tech Country: CA
85Tech Phone: +1.4165385457
86Tech Phone Ext:
87Tech Fax:
88Tech Fax Ext:
89Tech Email: shahamat1.net@contactprivacy.com
90Name Server: ns1.afraid.org
91Name Server: ns2.afraid.org
92DNSSEC: unsigned
93Registrar Abuse Contact Email: domainabuse@tucows.com
94Registrar Abuse Contact Phone: +1.4165350123
95#######################################################################################################################################
96[+] Target : shahamat1.net
97
98[+] IP Address : 93.113.36.186
99
100[+] Headers :
101
102[+] Date : Fri, 17 Jan 2020 15:50:32 GMT
103[+] Server : Apache
104[+] Link : <http://shahamat1.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://wp.me/Pbz4v6-1u>; rel=shortlink
105[+] Vary : Accept-Encoding,User-Agent
106[+] Content-Encoding : gzip
107[+] Content-Length : 28582
108[+] Keep-Alive : timeout=5, max=100
109[+] Connection : Keep-Alive
110[+] Content-Type : text/html; charset=UTF-8
111
112[+] SSL Certificate Information :
113
114[+] commonName : shahamat1.net
115[+] countryName : US
116[+] stateOrProvinceName : TX
117[+] localityName : Houston
118[+] organizationName : cPanel, Inc.
119[+] commonName : cPanel, Inc. Certification Authority
120[+] Version : 3
121[+] Serial Number : 670F98674BCD7D07E1A48BDC1EBBD6A3
122[+] Not Before : Dec 27 00:00:00 2019 GMT
123[+] Not After : Mar 26 23:59:59 2020 GMT
124[+] OCSP : ('http://ocsp.comodoca.com',)
125[+] subject Alt Name : (('DNS', 'shahamat1.net'), ('DNS', 'cpanel.shahamat1.net'), ('DNS', 'mail.shahamat1.net'), ('DNS', 'webdisk.shahamat1.net'), ('DNS', 'webmail.shahamat1.net'), ('DNS', 'www.shahamat1.net'))
126[+] CA Issuers : ('http://crt.comodoca.com/cPanelIncCertificationAuthority.crt',)
127[+] CRL Distribution Points : ('http://crl.comodoca.com/cPanelIncCertificationAuthority.crl',)
128
129[+] Whois Lookup :
130
131[+] NIR : None
132[+] ASN Registry : ripencc
133[+] ASN : 41011
134[+] ASN CIDR : 93.113.36.0/24
135[+] ASN Country Code : RO
136[+] ASN Date : 2007-12-21
137[+] ASN Description : CH-NET-AS, RO
138[+] cidr : 93.113.36.0/24
139[+] name : RO-SCCH-CENTER-93-113-36-0-24
140[+] handle : PCV20-RIPE
141[+] range : 93.113.36.0 - 93.113.36.255
142[+] description : CH-NET S.R.L.
143[+] country : RO
144[+] state : None
145[+] city : None
146[+] address : Str.Pacii Nr 36
147077040
148Com Chiajna
149ROMANIA
150[+] postal_code : None
151[+] emails : None
152[+] created : 2017-11-11T09:05:30Z
153[+] updated : 2017-11-11T09:05:30Z
154
155[+] Crawling Target...
156
157[+] Looking for robots.txt........[ Not Found ]
158[+] Looking for sitemap.xml.......[ Not Found ]
159[+] Extracting CSS Links..........[ 17 ]
160[+] Extracting Javascript Links...[ 15 ]
161[+] Extracting Internal Links.....[ 67 ]
162[+] Extracting External Links.....[ 133 ]
163[+] Extracting Images.............[ 77 ]
164
165[+] Total Links Extracted : 309
166
167[+] Dumping Links in /opt/FinalRecon/dumps/shahamat1.net.dump
168[+] Completed!
169#######################################################################################################################################
170[i] Scanning Site: http://93.113.36.186
171
172
173
174B A S I C I N F O
175====================
176
177
178[+] Site Title:
179[+] IP address: 93.113.36.186
180[+] Web Server: Apache
181[+] CMS: Could Not Detect
182[+] Cloudflare: Not Detected
183[+] Robots File: Could NOT Find robots.txt!
184
185
186
187
188W H O I S L O O K U P
189========================
190
191 % This is the RIPE Database query service.
192% The objects are in RPSL format.
193%
194% The RIPE Database is subject to Terms and Conditions.
195% See http://www.ripe.net/db/support/db-terms-conditions.pdf
196
197% Note: this output has been filtered.
198% To receive output for a database update, use the "-B" flag.
199
200% Information related to '93.113.36.0 - 93.113.36.255'
201
202% Abuse contact for '93.113.36.0 - 93.113.36.255' is 'abuse@ch-center.com'
203
204inetnum: 93.113.36.0 - 93.113.36.255
205netname: RO-SCCH-CENTER-93-113-36-0-24
206descr: CH-NET S.R.L.
207country: RO
208admin-c: PCV20-RIPE
209tech-c: PCV20-RIPE
210status: ASSIGNED PA
211mnt-by: ro-scch-center-1-mnt
212created: 2017-11-11T09:05:30Z
213last-modified: 2017-11-11T09:05:30Z
214source: RIPE
215
216% Information related to '93.113.36.0/24AS41011'
217
218route: 93.113.36.0/24
219descr: SC CH-NET SRL
220origin: AS41011
221mnt-by: ro-scch-center-1-mnt
222created: 2017-11-11T09:16:22Z
223last-modified: 2017-11-11T09:16:22Z
224source: RIPE
225
226% This query was served by the RIPE Database Query Service version 1.96 (ANGUS)
227
228
229
230
231
232
233G E O I P L O O K U P
234=========================
235
236[i] IP Address: 93.113.36.186
237[i] Country: Romania
238[i] State:
239[i] City:
240[i] Latitude: 46.0
241[i] Longitude: 25.0
242
243
244
245
246H T T P H E A D E R S
247=======================
248
249
250[i] HTTP/1.1 200 OK
251[i] Date: Fri, 17 Jan 2020 15:52:10 GMT
252[i] Server: Apache
253[i] Last-Modified: Wed, 30 Jan 2019 02:06:03 GMT
254[i] Accept-Ranges: bytes
255[i] Content-Length: 163
256[i] Connection: close
257[i] Content-Type: text/html
258
259
260
261
262D N S L O O K U P
263===================
264
265no records found
266
267
268
269S U B N E T C A L C U L A T I O N
270====================================
271
272Address = 93.113.36.186
273Network = 93.113.36.186 / 32
274Netmask = 255.255.255.255
275Broadcast = not needed on Point-to-Point links
276Wildcard Mask = 0.0.0.0
277Hosts Bits = 0
278Max. Hosts = 1 (2^0 - 0)
279Host Range = { 93.113.36.186 - 93.113.36.186 }
280
281
282
283N M A P P O R T S C A N
284============================
285
286Starting Nmap 7.70 ( https://nmap.org ) at 2020-01-17 15:52 UTC
287Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
288Host is up (0.10s latency).
289
290PORT STATE SERVICE
29121/tcp open ftp
29222/tcp closed ssh
29323/tcp filtered telnet
29480/tcp open http
295110/tcp open pop3
296143/tcp open imap
297443/tcp open https
2983389/tcp filtered ms-wbt-server
299
300Nmap done: 1 IP address (1 host up) scanned in 1.67 seconds
301#######################################################################################################################################
302[+] Starting At 2020-01-17 10:51:08.368457
303[+] Collecting Information On: http://shahamat1.net/
304[#] Status: 200
305--------------------------------------------------
306[#] Web Server Detected: Apache
307[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
308- Date: Fri, 17 Jan 2020 15:51:03 GMT
309- Server: Apache
310- Link: <http://shahamat1.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://wp.me/Pbz4v6-1u>; rel=shortlink
311- Vary: Accept-Encoding,User-Agent
312- Content-Encoding: gzip
313- Content-Length: 28580
314- Keep-Alive: timeout=5, max=100
315- Connection: Keep-Alive
316- Content-Type: text/html; charset=UTF-8
317--------------------------------------------------
318[#] Finding Location..!
319[#] status: success
320[#] country: Romania
321[#] countryCode: RO
322[#] region: IF
323[#] regionName: Ilfov
324[#] city: Chiajna
325[#] zip: 077040
326[#] lat: 44.4597
327[#] lon: 25.9805
328[#] timezone: Europe/Bucharest
329[#] isp: SC CH-NET SRL
330[#] org: Ch-net S.R.L.
331[#] as: AS41011 CH-NET S.R.L.
332[#] query: 93.113.36.186
333--------------------------------------------------
334[x] Didn't Detect WAF Presence on: http://shahamat1.net/
335--------------------------------------------------
336[#] Starting Reverse DNS
337[-] Failed ! Fail
338--------------------------------------------------
339[!] Scanning Open Port
340[#] 21/tcp open ftp
341[#] 53/tcp open domain
342[#] 80/tcp open http
343[#] 110/tcp open pop3
344[#] 143/tcp open imap
345[#] 443/tcp open https
346[#] 465/tcp open smtps
347[#] 587/tcp open submission
348[#] 993/tcp open imaps
349[#] 995/tcp open pop3s
350--------------------------------------------------
351[+] Getting SSL Info
352{'OCSP': ('http://ocsp.comodoca.com',),
353 'caIssuers': ('http://crt.comodoca.com/cPanelIncCertificationAuthority.crt',),
354 'crlDistributionPoints': ('http://crl.comodoca.com/cPanelIncCertificationAuthority.crl',),
355 'issuer': ((('countryName', 'US'),),
356 (('stateOrProvinceName', 'TX'),),
357 (('localityName', 'Houston'),),
358 (('organizationName', 'cPanel, Inc.'),),
359 (('commonName', 'cPanel, Inc. Certification Authority'),)),
360 'notAfter': 'Mar 26 23:59:59 2020 GMT',
361 'notBefore': 'Dec 27 00:00:00 2019 GMT',
362 'serialNumber': '670F98674BCD7D07E1A48BDC1EBBD6A3',
363 'subject': ((('commonName', 'shahamat1.net'),),),
364 'subjectAltName': (('DNS', 'shahamat1.net'),
365 ('DNS', 'cpanel.shahamat1.net'),
366 ('DNS', 'mail.shahamat1.net'),
367 ('DNS', 'webdisk.shahamat1.net'),
368 ('DNS', 'webmail.shahamat1.net'),
369 ('DNS', 'www.shahamat1.net')),
370 'version': 3}
371-----BEGIN CERTIFICATE-----
372MIIGPDCCBSSgAwIBAgIQZw+YZ0vNfQfhpIvcHrvWozANBgkqhkiG9w0BAQsFADBy
373MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
374BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
375ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MTIyNzAwMDAwMFoXDTIwMDMyNjIzNTk1
376OVowGDEWMBQGA1UEAxMNc2hhaGFtYXQxLm5ldDCCASIwDQYJKoZIhvcNAQEBBQAD
377ggEPADCCAQoCggEBAM8OLY6iXaeylWTcHNr9qTMbda0PROgw2kJpBO9Oal+fiM0u
378izPxRjaRJ1DgfmnxzskM7ErEXCuRXATatKELi/b7xInRTSFyudByQtGazBjS6rHe
379X3w9oryZau1iAHTSVgkvbUMOEpve+suOy1s7W+T1vW6ZwAoUIqo+9D5YywQM6rFo
380vPPy4cfDo0+IvR6cLTdd2nhQMKiU9CJ1HXA2O7nQM4Et8tRm5luH1HuoPfiHM79g
381AXORup7/cI4Tw7zKhNBUyCDXH1yD2r/wZExOMwFZtTr1EOs/AXeRepYXCl5us1Ow
382XiLrws/8+gd0EIVI2oYh927+wsDAZJPpVTILoDkCAwEAAaOCAyYwggMiMB8GA1Ud
383IwQYMBaAFH4DWmVBa6d+CuG4nQjqHY4dasdlMB0GA1UdDgQWBBTCRVD+TDEPEYR5
3841SxNuIhUcprJczAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
385FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQIC
386NDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwB
387AgEwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vY1Bh
388bmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwfQYIKwYBBQUHAQEEcTBv
389MEcGCCsGAQUFBzAChjtodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9jUGFuZWxJbmND
390ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29j
391c3AuY29tb2RvY2EuY29tMIGDBgNVHREEfDB6gg1zaGFoYW1hdDEubmV0ghRjcGFu
392ZWwuc2hhaGFtYXQxLm5ldIISbWFpbC5zaGFoYW1hdDEubmV0ghV3ZWJkaXNrLnNo
393YWhhbWF0MS5uZXSCFXdlYm1haWwuc2hhaGFtYXQxLm5ldIIRd3d3LnNoYWhhbWF0
394MS5uZXQwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgAHt1wb5X1o//Gwxh0jFce6
3955ld8V5S3au68YToaadOiHAAAAW9IM33AAAAEAwBHMEUCIHShESgJHNVprJUJygG/
396WJVrimjQMaL3fMOTEXCg/b1lAiEAuoX53qXhU2hUcclHqVcDLPPYkS7b7rPLiJyx
397iqah5x8AdQBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAW9IM32o
398AAAEAwBGMEQCIFJcqZwUfylZDfTochNaV1EGpLjl8dskbIFlXN8NDjB9AiAZTTbF
399+zY/A8ikPerlGn0YLhoyxxCo9JxNPDQOn14hiTANBgkqhkiG9w0BAQsFAAOCAQEA
400Fg/1PYCUXrWL5tIqmB9PjlTVxIn1GQ4lspp9VhIFW8C0pVbIU/D0RLXDkw1U4VU6
401QoK+7pOV8Gpn4nFcF23rcjPvpgv4hlJATZDZJK4lU1o0Likv2OX3P8tSeRWNVoVM
40283r4bE4jVG7aLSB9oq8kvAWokXhwGXWipNJ+5+cmpvg3qTqMtSfpUBqq3JSuTa+i
403SKvPutgR7IsV6f3HkrHcDFQ06pKsbm2yWF+cB2ZIicgnqTaYWWkweLILuFmGVVox
404oDjN0+xK2FU4uRWjkF64cbfuS8YIO10s7L2T0eoqtgSyC0FPkqzCAHLw5ZOLmHjT
405JMIGw/Xyj5ZUQxRQbBhJXg==
406-----END CERTIFICATE-----
407
408--------------------------------------------------
409[+] Collecting Information Disclosure!
410[#] Detecting sitemap.xml file
411[-] sitemap.xml file not Found!?
412[#] Detecting robots.txt file
413[-] robots.txt file not Found!?
414[#] Detecting GNU Mailman
415[!] GNU Mailman App Detected: http://shahamat1.net//mailman/admin
416[!] version: 2.1.29
417--------------------------------------------------
418[+] Crawling Url Parameter On: http://shahamat1.net/
419--------------------------------------------------
420[#] Searching Html Form !
421[+] Html Form Discovered
422[#] action: http://shahamat1.com/wp-login.php
423[#] class: None
424[#] id: None
425[#] method: post
426--------------------------------------------------
427[!] Found 10 dom parameter
428[#] http://shahamat1.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fshahamat1.com%2F
429[#] http://shahamat1.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fshahamat1.com%2F&format=xml
430[#] http://shahamat1.net//#
431[#] http://shahamat1.net//#1502711443561-0482d6cb-1478
432[#] http://shahamat1.net//#1502605930628-693ae6e3-39ab
433[#] http://shahamat1.net//#1502606044792-0c7e6e97-9e8d
434[#] http://shahamat1.net//#1502711443561-0482d6cb-1478
435[#] http://shahamat1.net//#1502605930628-693ae6e3-39ab
436[#] http://shahamat1.net//#1502606044792-0c7e6e97-9e8d
437[#] http://shahamat1.net//#
438--------------------------------------------------
439[!] 94 Internal Dynamic Parameter Discovered
440[+] http://shahamat1.net/?page_id=159743
441[+] http://shahamat1.net/?page_id=105098
442[+] http://shahamat1.net/?cat=931
443[+] http://shahamat1.net/?cat=752
444[+] http://shahamat1.net/?cat=509
445[+] http://shahamat1.net/?cat=443
446[+] http://shahamat1.net/?cat=397
447[+] http://shahamat1.net/?cat=933
448[+] http://shahamat1.net/?cat=751
449[+] http://shahamat1.net/?cat=935
450[+] http://shahamat1.net/?cat=753
451[+] http://shahamat1.net/?cat=511
452[+] http://shahamat1.net/?cat=757
453[+] http://shahamat1.net/?cat=378
454[+] http://shahamat1.net/?cat=618
455[+] http://shahamat1.net/?cat=616
456[+] http://shahamat1.net/?p=15887
457[+] http://shahamat1.net/?p=72641
458[+] http://shahamat1.net/?p=133624
459[+] http://shahamat1.net/?page_id=159743
460[+] http://shahamat1.net/?page_id=105098
461[+] http://shahamat1.net/?cat=931
462[+] http://shahamat1.net/?cat=752
463[+] http://shahamat1.net/?cat=509
464[+] http://shahamat1.net/?cat=443
465[+] http://shahamat1.net/?cat=397
466[+] http://shahamat1.net/?cat=933
467[+] http://shahamat1.net/?cat=751
468[+] http://shahamat1.net/?cat=935
469[+] http://shahamat1.net/?cat=753
470[+] http://shahamat1.net/?cat=511
471[+] http://shahamat1.net/?cat=757
472[+] http://shahamat1.net/?cat=378
473[+] http://shahamat1.net/?cat=618
474[+] http://shahamat1.net/?cat=616
475[+] http://shahamat1.net/?p=15887
476[+] http://shahamat1.net/?p=72641
477[+] http://shahamat1.net/?p=133624
478[+] http://shahamat1.net/?cat=937
479[+] http://shahamat1.net/?cat=348
480[+] http://shahamat1.net/?cat=935
481[+] http://shahamat1.net/?cat=174
482[+] http://shahamat1.net/?cat=936
483[+] http://shahamat1.net/?cat=170
484[+] http://shahamat1.net/?cat=176
485[+] http://shahamat1.net/?cat=327
486[+] http://shahamat1.net/?cat=1
487[+] http://shahamat1.net/?cat=173
488[+] http://shahamat1.net/?p=160423
489[+] http://shahamat1.net/?p=157744
490[+] http://shahamat1.net/?p=157165
491[+] http://shahamat1.net/?cat=620
492[+] http://shahamat1.net/?cat=621
493[+] http://shahamat1.net/?cat=622
494[+] http://shahamat1.net/?cat=619
495[+] http://shahamat1.net/?cat=623
496[+] http://shahamat1.net/?cat=624
497[+] http://shahamat1.net/?cat=625
498[+] http://shahamat1.net/?cat=626
499[+] http://shahamat1.net/?cat=627
500[+] http://shahamat1.net/?cat=628
501[+] http://shahamat1.net/?cat=629
502[+] http://shahamat1.net/?cat=630
503[+] http://shahamat1.net/?cat=631
504[+] http://shahamat1.net/?cat=632
505[+] http://shahamat1.net/?cat=633
506[+] http://shahamat1.net/?cat=634
507[+] http://shahamat1.net/?cat=635
508[+] http://shahamat1.net/?cat=636
509[+] http://shahamat1.net/?cat=637
510[+] http://shahamat1.net/?cat=638
511[+] http://shahamat1.net/?cat=639
512[+] http://shahamat1.net/?cat=640
513[+] http://shahamat1.net/?cat=641
514[+] http://shahamat1.net/?cat=642
515[+] http://shahamat1.net/?cat=643
516[+] http://shahamat1.net/?cat=644
517[+] http://shahamat1.net/?cat=645
518[+] http://shahamat1.net/?cat=646
519[+] http://shahamat1.net/?cat=647
520[+] http://shahamat1.net/?cat=648
521[+] http://shahamat1.net/?cat=649
522[+] http://shahamat1.net/?cat=650
523[+] http://shahamat1.net/?cat=651
524[+] http://shahamat1.net/?cat=652
525[+] http://shahamat1.net/?p=105228
526[+] http://shahamat1.net/?page_id=105098
527[+] http://shahamat1.net/?p=133624
528[+] http://shahamat1.net/?cat=757
529[+] http://shahamat1.net/?cat=378
530[+] http://shahamat1.net/?cat=616
531[+] http://shahamat1.net/?p=72641
532[+] http://shahamat1.net/?cat=618
533[+] http://shahamat1.net/?p=15887
534--------------------------------------------------
535[!] 253 External Dynamic Parameter Discovered
536[#] http://shahamat1.com/?feed=rss2
537[#] http://shahamat1.com/?feed=comments-rss2
538[#] http://shahamat1.com/xmlrpc.php?rsd
539[#] http://shahamat1.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fshahamat1.com%2F
540[#] http://shahamat1.com/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fshahamat1.com%2F&format=xml
541[#] https://i0.wp.com/shahamat1.com/wp-content/uploads/2017/06/cropped-talib_figher_weapon-620x330.jpg?fit=32%2C32
542[#] https://i0.wp.com/shahamat1.com/wp-content/uploads/2017/06/cropped-talib_figher_weapon-620x330.jpg?fit=192%2C192
543[#] https://i0.wp.com/shahamat1.com/wp-content/uploads/2017/06/cropped-talib_figher_weapon-620x330.jpg?fit=180%2C180
544[#] http://shahamat1.com/?cat=171
545[#] http://shahamat1.com/?cat=171
546[#] http://shahamat1.com/?cat=348
547[#] http://shahamat1.com/?cat=326
548[#] http://shahamat1.com/?cat=406
549[#] http://shahamat1.com/?cat=326
550[#] http://shahamat1.com/?cat=173
551[#] http://shahamat1.com/?cat=1
552[#] http://shahamat1.com/?cat=327
553[#] http://shahamat1.com/?cat=170
554[#] http://shahamat1.com/?cat=174
555[#] http://shahamat1.com/?cat=176
556[#] http://shahamat1.com/?cat=175
557[#] http://shahamat1.com/?cat=937
558[#] http://shahamat1.com/?cat=880
559[#] http://shahamat1.com/?cat=738
560[#] http://shahamat1.com/?cat=455
561[#] http://shahamat1.com/?cat=761
562[#] http://shahamat1.com/?cat=445
563[#] http://shahamat1.com/?cat=756
564[#] http://shahamat1.com/?cat=171
565[#] http://shahamat1.com/?cat=171
566[#] http://shahamat1.com/?cat=348
567[#] http://shahamat1.com/?cat=326
568[#] http://shahamat1.com/?cat=406
569[#] http://shahamat1.com/?cat=326
570[#] http://shahamat1.com/?cat=173
571[#] http://shahamat1.com/?cat=1
572[#] http://shahamat1.com/?cat=327
573[#] http://shahamat1.com/?cat=170
574[#] http://shahamat1.com/?cat=174
575[#] http://shahamat1.com/?cat=176
576[#] http://shahamat1.com/?cat=175
577[#] http://shahamat1.com/?cat=937
578[#] http://shahamat1.com/?cat=880
579[#] http://shahamat1.com/?cat=738
580[#] http://shahamat1.com/?cat=455
581[#] http://shahamat1.com/?cat=761
582[#] http://shahamat1.com/?cat=445
583[#] http://shahamat1.com/?cat=756
584[#] http://shahamat1.com/?p=160473
585[#] http://shahamat1.com/?p=160472
586[#] http://shahamat1.com/?p=160470
587[#] http://shahamat1.com/?p=160467
588[#] http://shahamat1.com/?p=160466
589[#] http://shahamat1.com/?p=160463
590[#] http://shahamat1.com/?p=160462
591[#] http://shahamat1.com/?p=160439
592[#] http://shahamat1.com/?p=160437
593[#] http://shahamat1.com/?p=160435
594[#] http://shahamat1.com/?p=160436
595[#] http://shahamat1.com/?p=160434
596[#] http://shahamat1.com/?p=160433
597[#] http://shahamat1.com/wp-login.php?action=lostpassword
598[#] http://shahamat1.com/?p=160423
599[#] http://shahamat1.com/?p=160423
600[#] http://shahamat1.com/?p=160389
601[#] http://shahamat1.com/?p=160389
602[#] http://shahamat1.com/?p=160393
603[#] http://shahamat1.com/?p=160393
604[#] http://shahamat1.com/?p=160367
605[#] http://shahamat1.com/?p=160367
606[#] http://shahamat1.com/?p=160356
607[#] http://shahamat1.com/?p=160356
608[#] http://shahamat1.com/?cat=348
609[#] http://shahamat1.com/?p=160389
610[#] http://shahamat1.com/?p=160389
611[#] http://shahamat1.com/?p=160393
612[#] http://shahamat1.com/?p=160393
613[#] http://shahamat1.com/?p=160380
614[#] http://shahamat1.com/?p=160380
615[#] http://shahamat1.com/?p=160332
616[#] http://shahamat1.com/?p=160332
617[#] http://shahamat1.com/?p=160323
618[#] http://shahamat1.com/?p=160323
619[#] http://shahamat1.com/?p=160318
620[#] http://shahamat1.com/?p=160318
621[#] http://shahamat1.com/?p=160313
622[#] http://shahamat1.com/?p=160313
623[#] http://shahamat1.com/?p=160281
624[#] http://shahamat1.com/?p=160281
625[#] http://shahamat1.com/?cat=348
626[#] http://shahamat1.com/?cat=935
627[#] http://shahamat1.com/?p=160052
628[#] http://shahamat1.com/?p=160052
629[#] http://shahamat1.com/?p=159505
630[#] http://shahamat1.com/?p=159505
631[#] http://shahamat1.com/?p=159053
632[#] http://shahamat1.com/?p=159053
633[#] http://shahamat1.com/?cat=935
634[#] http://shahamat1.com/?cat=174
635[#] http://shahamat1.com/?p=160172
636[#] http://shahamat1.com/?p=160172
637[#] http://shahamat1.com/?p=160156
638[#] http://shahamat1.com/?p=160156
639[#] http://shahamat1.com/?p=159521
640[#] http://shahamat1.com/?p=159521
641[#] http://shahamat1.com/?p=158885
642[#] http://shahamat1.com/?p=158885
643[#] http://shahamat1.com/?cat=174
644[#] http://shahamat1.com/?cat=936
645[#] http://shahamat1.com/?p=158819
646[#] http://shahamat1.com/?p=158819
647[#] http://shahamat1.com/?p=158884
648[#] http://shahamat1.com/?p=158884
649[#] http://shahamat1.com/?p=158897
650[#] http://shahamat1.com/?p=158897
651[#] http://shahamat1.com/?p=159048
652[#] http://shahamat1.com/?p=159048
653[#] http://shahamat1.com/?cat=936
654[#] http://shahamat1.com/?cat=170
655[#] http://shahamat1.com/?p=160367
656[#] http://shahamat1.com/?p=160367
657[#] http://shahamat1.com/?p=159701
658[#] http://shahamat1.com/?p=159701
659[#] http://shahamat1.com/?p=159093
660[#] http://shahamat1.com/?p=159093
661[#] http://shahamat1.com/?p=158776
662[#] http://shahamat1.com/?p=158776
663[#] http://shahamat1.com/?cat=170
664[#] http://shahamat1.com/?cat=176
665[#] http://shahamat1.com/?p=159785
666[#] http://shahamat1.com/?p=159785
667[#] http://shahamat1.com/?p=159466
668[#] http://shahamat1.com/?p=159466
669[#] http://shahamat1.com/?p=159329
670[#] http://shahamat1.com/?p=159329
671[#] http://shahamat1.com/?cat=176
672[#] http://shahamat1.com/?cat=327
673[#] http://shahamat1.com/?p=158664
674[#] http://shahamat1.com/?p=158664
675[#] http://shahamat1.com/?p=157798
676[#] http://shahamat1.com/?p=157798
677[#] http://shahamat1.com/?p=157736
678[#] http://shahamat1.com/?p=157736
679[#] http://shahamat1.com/?p=157365
680[#] http://shahamat1.com/?p=157365
681[#] http://shahamat1.com/?cat=327
682[#] http://shahamat1.com/?cat=1
683[#] http://shahamat1.com/?p=158989
684[#] http://shahamat1.com/?p=158989
685[#] http://shahamat1.com/?p=158662
686[#] http://shahamat1.com/?p=158662
687[#] http://shahamat1.com/?p=157707
688[#] http://shahamat1.com/?p=157707
689[#] http://shahamat1.com/?cat=1
690[#] http://shahamat1.com/?cat=173
691[#] http://shahamat1.com/?p=159164
692[#] http://shahamat1.com/?p=159164
693[#] http://shahamat1.com/?p=157081
694[#] http://shahamat1.com/?p=157081
695[#] http://shahamat1.com/?p=153501
696[#] http://shahamat1.com/?p=153501
697[#] http://shahamat1.com/?cat=173
698[#] http://shahamat1.com/?p=160367
699[#] http://shahamat1.com/?p=160172
700[#] http://shahamat1.com/?p=160156
701[#] http://shahamat1.com/?p=159701
702[#] http://shahamat1.com/?p=159521
703[#] http://shahamat1.com/?p=159329
704[#] http://shahamat1.com/?p=160473
705[#] http://shahamat1.com/?p=160472
706[#] http://shahamat1.com/?p=160470
707[#] http://shahamat1.com/?p=160467
708[#] http://shahamat1.com/?p=160466
709[#] http://shahamat1.com/?p=160463
710[#] http://shahamat1.com/?p=160462
711[#] http://shahamat1.com/?p=160439
712[#] http://shahamat1.com/?p=160437
713[#] http://shahamat1.com/?p=160435
714[#] http://shahamat1.com/?p=160436
715[#] http://shahamat1.com/?p=160434
716[#] http://shahamat1.com/?p=160433
717[#] http://shahamat1.com/?p=160432
718[#] http://shahamat1.com/?p=160430
719[#] http://shahamat1.com/?p=160438
720[#] http://shahamat1.com/?p=160431
721[#] http://shahamat1.com/?p=160429
722[#] http://shahamat1.com/?p=160428
723[#] http://shahamat1.com/?p=160427
724[#] http://shahamat1.com/?p=160419
725[#] http://shahamat1.com/?p=160420
726[#] http://shahamat1.com/?p=160417
727[#] http://shahamat1.com/?p=160414
728[#] http://shahamat1.com/?p=160412
729[#] http://shahamat1.com/?p=160411
730[#] http://shahamat1.com/?p=160408
731[#] http://shahamat1.com/?p=160405
732[#] http://shahamat1.com/?p=160401
733[#] http://shahamat1.com/?p=160403
734[#] http://shahamat1.com/?cat=749
735[#] http://shahamat1.com/?p=157744
736[#] http://shahamat1.com/?p=157744
737[#] http://shahamat1.com/?p=157165
738[#] http://shahamat1.com/?p=157165
739[#] http://shahamat1.com/?p=156271
740[#] http://shahamat1.com/?p=156271
741[#] http://shahamat1.com/?p=155625
742[#] http://shahamat1.com/?p=155625
743[#] http://shahamat1.com/?p=160423
744[#] http://shahamat1.com/?p=160423
745[#] http://shahamat1.com/?p=160356
746[#] http://shahamat1.com/?p=160356
747[#] http://shahamat1.com/?p=160340
748[#] http://shahamat1.com/?p=160340
749[#] http://shahamat1.com/?p=160329
750[#] http://shahamat1.com/?p=160329
751[#] http://shahamat1.com/?p=160274
752[#] http://shahamat1.com/?p=160274
753[#] http://shahamat1.com/?p=160271
754[#] http://shahamat1.com/?p=160271
755[#] http://shahamat1.com/?p=160246
756[#] http://shahamat1.com/?p=160246
757[#] http://shahamat1.com/?p=160127
758[#] http://shahamat1.com/?p=160127
759[#] http://shahamat1.com/?p=159964
760[#] http://shahamat1.com/?p=159964
761[#] http://shahamat1.com/?p=160369
762[#] http://shahamat1.com/?p=160369
763[#] http://shahamat1.com/?p=160369
764[#] http://shahamat1.com/?p=159566
765[#] http://shahamat1.com/?p=159566
766[#] http://shahamat1.com/?p=159566
767[#] http://shahamat1.com/?p=156468
768[#] http://shahamat1.com/?p=156468
769[#] http://shahamat1.com/?p=156468
770[#] http://shahamat1.com/?p=156088
771[#] http://shahamat1.com/?p=156088
772[#] http://shahamat1.com/?p=156088
773[#] http://shahamat1.com/?p=154753
774[#] http://shahamat1.com/?p=154753
775[#] http://shahamat1.com/?p=154753
776[#] http://shahamat1.com/?p=154594
777[#] http://shahamat1.com/?p=154594
778[#] http://shahamat1.com/?p=154594
779[#] http://www.mujali.com/?p=934
780[#] http://www.mujali.com/?p=878
781[#] http://www.mujali.com/?p=225
782[#] http://www.mujali.com/?p=220
783[#] http://www.mujali.com/?cat=5
784[#] http://www.mujali.com/?cat=4
785[#] http://www.mujali.com/?cat=3
786[#] http://www.mujali.com/?cat=6
787[#] http://www.mujali.com/?cat=8
788[#] http://www.mujali.com/?cat=7
789--------------------------------------------------
790[!] 4 Internal links Discovered
791[+] http://shahamat1.net//"><button class=
792[+] http://shahamat1.net
793[+] http://shahamat1.net
794[+] http://shahamat1.net///http://www.taraani.com/
795--------------------------------------------------
796[!] 56 External links Discovered
797[#] http://gmpg.org/xfn/11
798[#] http://shahamat1.com/xmlrpc.php
799[#] http://shahamat1.com/wp-content/themes/multinews/css/print.css
800[#] http://shahamat1.com/wp-content/themes/multinews/apple-touch-icon-precomposed.png
801[#] http://shahamat1.com/wp-includes/wlwmanifest.xml
802[#] http://shahamat1.com/wp-content/themes/multinews/rtl.css
803[#] http://shahamat1.com/
804[#] http://shahamat1.com/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css
805[#] http://browsehappy.com/
806[#] http://alemarahdari.com/
807[#] http://alemaraharabi.com
808[#] http://alemarahurdu.net/
809[#] http://alemarahenglish.com/
810[#] http://shahamat1.com
811[#] http://alemarahislam.com/
812[#] http://mujali.net/
813[#] http://www.taraani.com/
814[#] http://www.alemarahvideo.org/
815[#] http://aa
816[#] http://aa
817[#] http://aa
818[#] http://aa
819[#] http://aa
820[#] http://aa
821[#] http://aa
822[#] http://aa
823[#] http://aa
824[#] http://aa
825[#] http://aa
826[#] http://11
827[#] http://22
828[#] http://11
829[#] http://alemarahislam.com/
830[#] http://mujali.net/
831[#] http://www.taraani.com/
832[#] http://www.alemarahvideo.org/
833[#] http://aa
834[#] http://aa
835[#] http://aa
836[#] http://aa
837[#] http://aa
838[#] http://aa
839[#] http://aa
840[#] http://aa
841[#] http://aa
842[#] http://aa
843[#] http://aa
844[#] http://11
845[#] http://22
846[#] http://11
847[#] http://alemarahislam.com/
848[#] http://www.alemarahvideo.org/
849[#] http://mujali.net/
850[#] https://twitter.com/Zabehulah_M33
851[#] https://twitter.com/
852[#] https://twitter.com/suhailshaheen1
853--------------------------------------------------
854[#] Mapping Subdomain..
855[!] Found 2 Subdomain
856- shahamat1.net
857- www.shahamat1.net
858--------------------------------------------------
859[!] Done At 2020-01-17 10:51:57.327719
860#######################################################################################################################################
861Trying "shahamat1.net"
862;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28013
863;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 5
864
865;; QUESTION SECTION:
866;shahamat1.net. IN ANY
867
868;; ANSWER SECTION:
869shahamat1.net. 3600 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1906160001 86400 7200 2419200 3600
870shahamat1.net. 3600 IN A 93.113.36.186
871shahamat1.net. 3600 IN NS ns1.afraid.org.
872shahamat1.net. 3600 IN NS ns3.afraid.org.
873shahamat1.net. 3600 IN NS ns4.afraid.org.
874shahamat1.net. 3600 IN NS ns2.afraid.org.
875
876;; ADDITIONAL SECTION:
877ns1.afraid.org. 39073 IN A 50.23.197.94
878ns4.afraid.org. 39073 IN A 174.128.246.102
879ns3.afraid.org. 39073 IN A 69.197.18.161
880ns2.afraid.org. 23034 IN A 69.65.50.192
881ns1.afraid.org. 39073 IN AAAA 2607:f0d0:1102:d5::2
882
883Received 266 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 195 ms
884
885######################################################################################################################################
886
887; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace shahamat1.net any
888;; global options: +cmd
889. 81424 IN NS i.root-servers.net.
890. 81424 IN NS e.root-servers.net.
891. 81424 IN NS h.root-servers.net.
892. 81424 IN NS k.root-servers.net.
893. 81424 IN NS a.root-servers.net.
894. 81424 IN NS b.root-servers.net.
895. 81424 IN NS l.root-servers.net.
896. 81424 IN NS c.root-servers.net.
897. 81424 IN NS d.root-servers.net.
898. 81424 IN NS f.root-servers.net.
899. 81424 IN NS j.root-servers.net.
900. 81424 IN NS g.root-servers.net.
901. 81424 IN NS m.root-servers.net.
902. 81424 IN RRSIG NS 8 0 518400 20200130050000 20200117040000 33853 . qwZcf2cO7GkK+Jx8udlpbc7sHqNBGynhqcmqdzvqMk2g+2wVJOs/pT1Z WSv6BkIoBLXyZpoNK5QSNr/HtaoBsxLw65iZhq+rhhu4P+aA+net9TUQ IUal+BULSnkRUO8U/1l9PrW+AC3lOJ0T6iVanYDspk8FUnMDZMhuIiB+ XmAdCoGe43g2L0Hynw882tynqGPcXVmRv99R5NCGEGhds2cRCFPrSTWO 42ycnCjwWuuS3GRzfao4n+/hAAriztCx6Ftq3r510824lvJGzt0jHbRM 6Z/GNIM6Y67IzON/Rn9akC8zBD7axRrMTDq60XR32T6lZ/YGqhklil/0 g1ybOA==
903;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 671 ms
904
905net. 172800 IN NS l.gtld-servers.net.
906net. 172800 IN NS b.gtld-servers.net.
907net. 172800 IN NS c.gtld-servers.net.
908net. 172800 IN NS d.gtld-servers.net.
909net. 172800 IN NS e.gtld-servers.net.
910net. 172800 IN NS f.gtld-servers.net.
911net. 172800 IN NS g.gtld-servers.net.
912net. 172800 IN NS a.gtld-servers.net.
913net. 172800 IN NS h.gtld-servers.net.
914net. 172800 IN NS i.gtld-servers.net.
915net. 172800 IN NS j.gtld-servers.net.
916net. 172800 IN NS k.gtld-servers.net.
917net. 172800 IN NS m.gtld-servers.net.
918net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
919net. 86400 IN RRSIG DS 8 1 86400 20200130050000 20200117040000 33853 . zoYxJMoTtZPhnSZx/ss0VDX7PochiKC+LJoSAtI95Ti+Ir9SOqzjX4th dsh18PLoheixJTycxIi4ql0rTEbWMO6qgOYxCJstuPG7gMKs3lgaK5aE tjVyWJ5bzEXdgR3uDjs3A0bFBsTMekAlkfeJ/eGHEzFo+fJK+yFbRZhs RVjwBjF9abI+FlcidxZJXGFacST+tSeHaJXQ4+uhpTeW2JYPgr5nbxt0 IFET3RJtL9LUrouGQWIzLRHPUuLSabQ93Gnt4HTNSEKxp9ki/4MK76aL 6M56B9EoV2qmlXOVAZHPhRUZ2OKg93nBTUBOJTuPQ/ID/V6iCyyr9G2I 2xWYpw==
920;; Received 1170 bytes from 192.203.230.10#53(e.root-servers.net) in 314 ms
921
922shahamat1.net. 172800 IN NS ns1.afraid.org.
923shahamat1.net. 172800 IN NS ns2.afraid.org.
924A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
925A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20200122073151 20200115062151 36407 net. Zlms5tDbgekuFwHPRdTje8tlIj8qTvAdguXfRDZzkpxqn/WfTujPLTXo UHTK/YLKoCTG+4J1ZZ/s/jWb+UJTWZ0M1EJLt4J/Vqf+cUdIty51HvcH wIJKH8ReFrNa355kmeofXukBTayGgPRH3V6wgzxSocBqTG4l05TfIIko t3UhFy57Xpyr+66/XFNnj+EhGQB6d80njFKWMUysvno1ew==
9269DCAM6SPNUUORALGRNS17CJET7COO6TF.net. 86400 IN NSEC3 1 1 0 - 9DCBEODP4NG1515D9DEHIJ862UGUMJV1 NS DS RRSIG
9279DCAM6SPNUUORALGRNS17CJET7COO6TF.net. 86400 IN RRSIG NSEC3 8 2 86400 20200122072346 20200115061346 36407 net. T0ZOtWDIg6pXfOLrHmlJczMFp8s47UIyx2ryiWSZRJnwfG9mRFTxPdql qxErLIiYOPbRrR8D5nYnDsSB4MB27Tm0NzLtjePDg/STk+LWXlWOXj9i 4Vg5Hex1IWmhK+EfI/0Ms0E5ZT/OPUU5OmcnFRY66Dndgijxw7bvzBej HfAK0nR2bIxt+G9bEbVi+lsv5VRyWKrp/ski41aN1ImInQ==
928;; Received 637 bytes from 2001:501:b1f9::30#53(m.gtld-servers.net) in 69 ms
929
930shahamat1.net. 3600 IN A 93.113.36.186
931shahamat1.net. 3600 IN SOA ns1.afraid.org. dnsadmin.afraid.org. 1906160001 86400 7200 2419200 3600
932shahamat1.net. 3600 IN NS ns3.afraid.org.
933shahamat1.net. 3600 IN NS ns2.afraid.org.
934shahamat1.net. 3600 IN NS ns1.afraid.org.
935shahamat1.net. 3600 IN NS ns4.afraid.org.
936;; Received 333 bytes from 2607:f0d0:1102:d5::2#53(ns1.afraid.org) in 101 ms
937######################################################################################################################################
938[*] Performing General Enumeration of Domain: shahamat1.net
939[-] DNSSEC is not configured for shahamat1.net
940[*] SOA ns1.afraid.org 50.23.197.94
941[*] NS ns4.afraid.org 174.128.246.102
942[*] Bind Version for 174.128.246.102 unknown
943[*] NS ns4.afraid.org 2610:150:bddb:d271::2
944[*] Bind Version for 2610:150:bddb:d271::2 unknown
945[*] NS ns3.afraid.org 69.197.18.161
946[*] NS ns1.afraid.org 50.23.197.94
947[*] NS ns1.afraid.org 2607:f0d0:1102:d5::2
948[*] Bind Version for 2607:f0d0:1102:d5::2 unknown
949[*] NS ns2.afraid.org 69.65.50.192
950[*] Bind Version for 69.65.50.192 unknown
951[*] NS ns2.afraid.org 2001:1850:1:5:800::6b
952[*] Bind Version for 2001:1850:1:5:800::6b unknown
953[-] Could not Resolve MX Records for shahamat1.net
954[*] A shahamat1.net 93.113.36.186
955[*] Enumerating SRV Records
956[-] No SRV Records Found for shahamat1.net
957[+] 0 Records Found
958######################################################################################################################################
959[*] Processing domain shahamat1.net
960[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
961[+] Getting nameservers
962174.128.246.102 - ns4.afraid.org
96369.197.18.161 - ns3.afraid.org
96450.23.197.94 - ns1.afraid.org
96569.65.50.192 - ns2.afraid.org
966[-] Zone transfer failed
967
968[*] Scanning shahamat1.net for A records
96993.113.36.186 - shahamat1.net
970127.0.0.1 - localhost.shahamat1.net
97193.113.36.186 - www.shahamat1.net
972######################################################################################################################################
973 AVAILABLE PLUGINS
974 -----------------
975
976 CompressionPlugin
977 OpenSslCipherSuitesPlugin
978 FallbackScsvPlugin
979 HttpHeadersPlugin
980 RobotPlugin
981 EarlyDataPlugin
982 OpenSslCcsInjectionPlugin
983 SessionResumptionPlugin
984 CertificateInfoPlugin
985 SessionRenegotiationPlugin
986 HeartbleedPlugin
987
988
989
990 CHECKING HOST(S) AVAILABILITY
991 -----------------------------
992
993 93.113.36.186:443 => 93.113.36.186
994
995
996
997
998 SCAN RESULTS FOR 93.113.36.186:443 - 93.113.36.186
999 --------------------------------------------------
1000
1001 * ROBOT Attack:
1002 OK - Not vulnerable, RSA cipher suites not supported
1003
1004 * TLSV1_3 Cipher Suites:
1005 Server rejected all cipher suites.
1006
1007 * Session Renegotiation:
1008 Client-initiated Renegotiation: OK - Rejected
1009 Secure Renegotiation: OK - Supported
1010
1011 * Certificate Information:
1012 Content
1013 SHA1 Fingerprint: 879411b5088ae3eca5c7776a490a55d4d94d5292
1014 Common Name: shahamat1.net
1015 Issuer: cPanel, Inc. Certification Authority
1016 Serial Number: 136991459128944647317470017460067096227
1017 Not Before: 2019-12-27 00:00:00
1018 Not After: 2020-03-26 23:59:59
1019 Signature Algorithm: sha256
1020 Public Key Algorithm: RSA
1021 Key Size: 2048
1022 Exponent: 65537 (0x10001)
1023 DNS Subject Alternative Names: ['shahamat1.net', 'cpanel.shahamat1.net', 'mail.shahamat1.net', 'webdisk.shahamat1.net', 'webmail.shahamat1.net', 'www.shahamat1.net']
1024
1025 Trust
1026 Hostname Validation: FAILED - Certificate does NOT match 93.113.36.186
1027 Android CA Store (9.0.0_r9): OK - Certificate is trusted
1028 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
1029 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
1030 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
1031 Windows CA Store (2019-05-27): OK - Certificate is trusted
1032 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
1033 Received Chain: shahamat1.net --> cPanel, Inc. Certification Authority --> COMODO RSA Certification Authority
1034 Verified Chain: shahamat1.net --> cPanel, Inc. Certification Authority --> COMODO RSA Certification Authority
1035 Received Chain Contains Anchor: OK - Anchor certificate not sent
1036 Received Chain Order: OK - Order is valid
1037 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
1038
1039 Extensions
1040 OCSP Must-Staple: NOT SUPPORTED - Extension not found
1041 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
1042
1043 OCSP Stapling
1044 OCSP Response Status: successful
1045 Validation w/ Mozilla Store: OK - Response is trusted
1046 Responder Id: 7E035A65416BA77E0AE1B89D08EA1D8E1D6AC765
1047 Cert Status: good
1048 Cert Serial Number: 670F98674BCD7D07E1A48BDC1EBBD6A3
1049 This Update: Jan 17 10:05:05 2020 GMT
1050 Next Update: Jan 24 10:05:05 2020 GMT
1051
1052 * OpenSSL Heartbleed:
1053 OK - Not vulnerable to Heartbleed
1054
1055 * TLSV1_1 Cipher Suites:
1056 Server rejected all cipher suites.
1057
1058 * Deflate Compression:
1059 OK - Compression disabled
1060
1061 * Downgrade Attacks:
1062 TLS_FALLBACK_SCSV: OK - Supported
1063
1064 * TLS 1.2 Session Resumption Support:
1065 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1066 With TLS Tickets: OK - Supported
1067
1068 * TLSV1 Cipher Suites:
1069 Server rejected all cipher suites.
1070
1071 * OpenSSL CCS Injection:
1072 OK - Not vulnerable to OpenSSL CCS injection
1073
1074 * SSLV2 Cipher Suites:
1075 Server rejected all cipher suites.
1076
1077 * TLSV1_2 Cipher Suites:
1078 Forward Secrecy OK - Supported
1079 RC4 OK - Not Supported
1080
1081 Preferred:
1082 None - Server followed client cipher suite preference.
1083 Accepted:
1084 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1085 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1086 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1087 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1088
1089 * SSLV3 Cipher Suites:
1090 Server rejected all cipher suites.
1091
1092
1093 SCAN COMPLETED IN 14.48 S
1094 -------------------------
1095######################################################################################################################################
1096Domains still to check: 1
1097 Checking if the hostname shahamat1.net. given is in fact a domain...
1098
1099Analyzing domain: shahamat1.net.
1100 Checking NameServers using system default resolver...
1101 IP: 50.23.197.94 (United States)
1102 HostName: ns1.afraid.org Type: NS
1103 HostName: ns1.afraid.org Type: PTR
1104 IP: 174.128.246.102 (United States)
1105 HostName: ns4.afraid.org Type: NS
1106 IP: 69.65.50.192 (United States)
1107 HostName: ns2.afraid.org Type: NS
1108 HostName: ns2.afraid.org Type: PTR
1109 IP: 69.197.18.161 (United States)
1110 HostName: ns3.afraid.org Type: NS
1111 HostName: ns3.afraid.org Type: PTR
1112
1113 Checking MailServers using system default resolver...
1114 WARNING!! There are no MX records for this domain
1115
1116 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1117 No zone transfer found on nameserver 69.197.18.161
1118 No zone transfer found on nameserver 50.23.197.94
1119 No zone transfer found on nameserver 174.128.246.102
1120 No zone transfer found on nameserver 69.65.50.192
1121
1122 Checking SPF record...
1123 No SPF record
1124
1125 Checking 192 most common hostnames using system default resolver...
1126 IP: 93.113.36.186 (Romania)
1127 HostName: www.shahamat1.net. Type: A
1128
1129 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1130 Checking netblock 69.197.18.0
1131 Checking netblock 50.23.197.0
1132 Checking netblock 93.113.36.0
1133 Checking netblock 174.128.246.0
1134 Checking netblock 69.65.50.0
1135
1136 Searching for shahamat1.net. emails in Google
1137
1138 Checking 5 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1139 Host 69.197.18.161 is up (reset ttl 64)
1140 Host 50.23.197.94 is up (reset ttl 64)
1141 Host 93.113.36.186 is up (reset ttl 64)
1142 Host 174.128.246.102 is up (reset ttl 64)
1143 Host 69.65.50.192 is up (reset ttl 64)
1144
1145 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1146 Scanning ip 69.197.18.161 (ns3.afraid.org (PTR)):
1147 Scanning ip 50.23.197.94 (ns1.afraid.org (PTR)):
1148 53/tcp open domain syn-ack ttl 51 (unknown banner: unknown)
1149 | dns-nsid:
1150 |_ bind.version: unknown
1151 | fingerprint-strings:
1152 | DNSVersionBindReqTCP:
1153 | version
1154 | bind
1155 |_ unknown
1156 80/tcp open http syn-ack ttl 51 nginx
1157 | http-methods:
1158 |_ Supported Methods: GET HEAD
1159 |_http-title: Welcome to nginx!
1160 443/tcp open ssl/http syn-ack ttl 51 nginx
1161 | http-methods:
1162 |_ Supported Methods: GET HEAD POST
1163 | http-robots.txt: 4 disallowed entries
1164 | /zc.php /tools/contact.php /subdomain/edit.php
1165 |_/password/
1166 |_http-title: FreeDNS - Free DNS - Dynamic DNS - Static DNS subdomain and do...
1167 | ssl-cert: Subject: commonName=freedns.afraid.org
1168 | Subject Alternative Name: DNS:freedns.afraid.org, DNS:www.freedns.afraid.org
1169 | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1170 | Public Key type: rsa
1171 | Public Key bits: 2048
1172 | Signature Algorithm: sha256WithRSAEncryption
1173 | Not valid before: 2018-07-20T00:00:00
1174 | Not valid after: 2020-08-18T23:59:59
1175 | MD5: 6c30 0f04 fd5b 93b5 2c91 c1c5 28b8 4524
1176 |_SHA-1: 116b 5c31 91af 28c9 a5a2 caf1 e19a 4cc0 ef5d 1351
1177 |_ssl-date: TLS randomness does not represent time
1178 | tls-alpn:
1179 |_ http/1.1
1180 | tls-nextprotoneg:
1181 |_ http/1.1
1182 8080/tcp open http syn-ack ttl 51 nginx
1183 Scanning ip 93.113.36.186 (www.shahamat1.net.):
1184 Scanning ip 174.128.246.102 (ns4.afraid.org):
1185 53/tcp open domain syn-ack ttl 54 (unknown banner: unknown)
1186 | dns-nsid:
1187 |_ bind.version: unknown
1188 | fingerprint-strings:
1189 | DNSVersionBindReqTCP:
1190 | version
1191 | bind
1192 |_ unknown
1193 Scanning ip 69.65.50.192 (ns2.afraid.org (PTR)):
1194 WebCrawling domain's web servers... up to 50 max links.
1195
1196 + URL to crawl: http://ns1.afraid.org
1197 + Date: 2020-01-17
1198
1199 + Crawling URL: http://ns1.afraid.org:
1200 + Links:
1201 + Crawling http://ns1.afraid.org
1202 + Searching for directories...
1203 + Searching open folders...
1204
1205
1206 + URL to crawl: https://ns1.afraid.org
1207 + Date: 2020-01-17
1208
1209 + Crawling URL: https://ns1.afraid.org:
1210 + Links:
1211 + Crawling https://ns1.afraid.org
1212 + Searching for directories...
1213 + Searching open folders...
1214
1215
1216 + URL to crawl: http://ns1.afraid.org:8080
1217 + Date: 2020-01-17
1218
1219 + Crawling URL: http://ns1.afraid.org:8080:
1220 + Links:
1221 + Crawling http://ns1.afraid.org:8080
1222 + Searching for directories...
1223 + Searching open folders...
1224
1225--Finished--
1226Summary information for domain shahamat1.net.
1227-----------------------------------------
1228
1229 Domain Ips Information:
1230 IP: 69.197.18.161
1231 HostName: ns3.afraid.org Type: NS
1232 HostName: ns3.afraid.org Type: PTR
1233 Country: United States
1234 Is Active: True (reset ttl 64)
1235 IP: 50.23.197.94
1236 HostName: ns1.afraid.org Type: NS
1237 HostName: ns1.afraid.org Type: PTR
1238 Country: United States
1239 Is Active: True (reset ttl 64)
1240 Port: 53/tcp open domain syn-ack ttl 51 (unknown banner: unknown)
1241 Script Info: | dns-nsid:
1242 Script Info: |_ bind.version: unknown
1243 Script Info: | fingerprint-strings:
1244 Script Info: | DNSVersionBindReqTCP:
1245 Script Info: | version
1246 Script Info: | bind
1247 Script Info: |_ unknown
1248 Port: 80/tcp open http syn-ack ttl 51 nginx
1249 Script Info: | http-methods:
1250 Script Info: |_ Supported Methods: GET HEAD
1251 Script Info: |_http-title: Welcome to nginx!
1252 Port: 443/tcp open ssl/http syn-ack ttl 51 nginx
1253 Script Info: | http-methods:
1254 Script Info: |_ Supported Methods: GET HEAD POST
1255 Script Info: | http-robots.txt: 4 disallowed entries
1256 Script Info: | /zc.php /tools/contact.php /subdomain/edit.php
1257 Script Info: |_/password/
1258 Script Info: |_http-title: FreeDNS - Free DNS - Dynamic DNS - Static DNS subdomain and do...
1259 Script Info: | ssl-cert: Subject: commonName=freedns.afraid.org
1260 Script Info: | Subject Alternative Name: DNS:freedns.afraid.org, DNS:www.freedns.afraid.org
1261 Script Info: | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
1262 Script Info: | Public Key type: rsa
1263 Script Info: | Public Key bits: 2048
1264 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1265 Script Info: | Not valid before: 2018-07-20T00:00:00
1266 Script Info: | Not valid after: 2020-08-18T23:59:59
1267 Script Info: | MD5: 6c30 0f04 fd5b 93b5 2c91 c1c5 28b8 4524
1268 Script Info: |_SHA-1: 116b 5c31 91af 28c9 a5a2 caf1 e19a 4cc0 ef5d 1351
1269 Script Info: |_ssl-date: TLS randomness does not represent time
1270 Script Info: | tls-alpn:
1271 Script Info: |_ http/1.1
1272 Script Info: | tls-nextprotoneg:
1273 Script Info: |_ http/1.1
1274 Port: 8080/tcp open http syn-ack ttl 51 nginx
1275 IP: 93.113.36.186
1276 HostName: www.shahamat1.net. Type: A
1277 Country: Romania
1278 Is Active: True (reset ttl 64)
1279 IP: 174.128.246.102
1280 HostName: ns4.afraid.org Type: NS
1281 Country: United States
1282 Is Active: True (reset ttl 64)
1283 Port: 53/tcp open domain syn-ack ttl 54 (unknown banner: unknown)
1284 Script Info: | dns-nsid:
1285 Script Info: |_ bind.version: unknown
1286 Script Info: | fingerprint-strings:
1287 Script Info: | DNSVersionBindReqTCP:
1288 Script Info: | version
1289 Script Info: | bind
1290 Script Info: |_ unknown
1291 IP: 69.65.50.192
1292 HostName: ns2.afraid.org Type: NS
1293 HostName: ns2.afraid.org Type: PTR
1294 Country: United States
1295 Is Active: True (reset ttl 64)
1296
1297--------------End Summary --------------
1298-----------------------------------------
1299######################################################################################################################################
1300traceroute to shahamat1.net (93.113.36.186), 30 hops max, 60 byte packets
1301 1 10.247.204.1 (10.247.204.1) 33.673 ms 67.429 ms 97.812 ms
1302 2 104.245.145.177 (104.245.145.177) 97.802 ms 97.778 ms 97.753 ms
1303 3 104.245.147.41 (104.245.147.41) 97.715 ms 97.686 ms 97.661 ms
1304 4 * * *
1305 5 100ge14-2.core1.nyc4.he.net (184.105.80.9) 97.514 ms 97.502 ms 97.448 ms
1306 6 100ge4-1.core1.par2.he.net (184.105.81.78) 169.162 ms 118.599 ms 119.122 ms
1307 7 100ge5-2.core1.vie1.he.net (184.105.65.6) 211.189 ms 241.257 ms 241.253 ms
1308 8 100ge6-1.core1.bud1.he.net (184.105.213.250) 241.232 ms 241.210 ms 241.185 ms
1309 9 100ge10-1.core1.buh1.he.net (184.105.65.46) 241.157 ms 241.131 ms 241.104 ms
131010 10.10.21.6 (10.10.21.6) 241.079 ms 241.052 ms 240.986 ms
131111 ospf6509.ch-center.com (93.113.37.210) 152.118 ms 149.508 ms 161.601 ms
1312######################################################################################################################################
1313----- shahamat1.net -----
1314
1315
1316Host's addresses:
1317__________________
1318
1319shahamat1.net. 3523 IN A 93.113.36.186
1320
1321
1322Name Servers:
1323______________
1324
1325ns1.afraid.org. 76780 IN A 50.23.197.94
1326ns2.afraid.org. 76780 IN A 69.65.50.192
1327ns4.afraid.org. 83522 IN A 174.128.246.102
1328ns3.afraid.org. 76780 IN A 69.197.18.161
1329
1330
1331
1332Brute forcing with /usr/share/dnsenum/dns.txt:
1333_______________________________________________
1334
1335www.shahamat1.net. 3574 IN A 93.113.36.186
1336
1337
1338Launching Whois Queries:
1339_________________________
1340
1341 whois ip result: 93.113.36.0 -> 93.113.36.0/24
1342
1343
1344shahamat1.net_____________
1345
1346 93.113.36.0/24
1347######################################################################################################################################
1348WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1349Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:11 EST
1350Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1351Host is up (0.17s latency).
1352Not shown: 481 filtered ports, 5 closed ports
1353Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1354PORT STATE SERVICE
135521/tcp open ftp
135653/tcp open domain
135780/tcp open http
1358110/tcp open pop3
1359143/tcp open imap
1360443/tcp open https
1361465/tcp open smtps
1362587/tcp open submission
1363993/tcp open imaps
1364995/tcp open pop3s
1365
1366Nmap done: 1 IP address (1 host up) scanned in 7.15 seconds
1367######################################################################################################################################
1368Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:11 EST
1369Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1370Host is up (0.073s latency).
1371Not shown: 2 filtered ports
1372PORT STATE SERVICE
137353/udp open|filtered domain
137467/udp open|filtered dhcps
137568/udp open|filtered dhcpc
137669/udp open|filtered tftp
137788/udp open|filtered kerberos-sec
1378123/udp open|filtered ntp
1379139/udp open|filtered netbios-ssn
1380161/udp open|filtered snmp
1381162/udp open|filtered snmptrap
1382389/udp open|filtered ldap
1383500/udp open|filtered isakmp
1384520/udp open|filtered route
13852049/udp open|filtered nfs
1386
1387Nmap done: 1 IP address (1 host up) scanned in 2.39 seconds
1388######################################################################################################################################
1389Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:11 EST
1390NSE: Loaded 55 scripts for scanning.
1391NSE: Script Pre-scanning.
1392Initiating NSE at 11:11
1393Completed NSE at 11:11, 0.00s elapsed
1394Initiating NSE at 11:11
1395Completed NSE at 11:11, 0.00s elapsed
1396Initiating Parallel DNS resolution of 1 host. at 11:11
1397Completed Parallel DNS resolution of 1 host. at 11:11, 0.02s elapsed
1398Initiating SYN Stealth Scan at 11:11
1399Scanning curs-audio-de-engleza.com (93.113.36.186) [1 port]
1400Discovered open port 21/tcp on 93.113.36.186
1401Completed SYN Stealth Scan at 11:11, 0.21s elapsed (1 total ports)
1402Initiating Service scan at 11:11
1403Scanning 1 service on curs-audio-de-engleza.com (93.113.36.186)
1404Completed Service scan at 11:11, 0.38s elapsed (1 service on 1 host)
1405Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1406Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1407Initiating Traceroute at 11:11
1408Completed Traceroute at 11:11, 3.01s elapsed
1409Initiating Parallel DNS resolution of 11 hosts. at 11:11
1410Completed Parallel DNS resolution of 11 hosts. at 11:11, 0.26s elapsed
1411NSE: Script scanning 93.113.36.186.
1412Initiating NSE at 11:11
1413NSE Timing: About 73.42% done; ETC: 11:13 (0:00:30 remaining)
1414Completed NSE at 11:13, 90.24s elapsed
1415Initiating NSE at 11:13
1416Completed NSE at 11:13, 0.05s elapsed
1417Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1418Host is up (0.18s latency).
1419
1420PORT STATE SERVICE VERSION
142121/tcp open ftp Pure-FTPd
1422| vulscan: VulDB - https://vuldb.com:
1423| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
1424| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
1425| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
1426|
1427| MITRE CVE - https://cve.mitre.org:
1428| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
1429|
1430| SecurityFocus - https://www.securityfocus.com/bid/:
1431| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
1432|
1433| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1434| No findings
1435|
1436| Exploit-DB - https://www.exploit-db.com:
1437| No findings
1438|
1439| OpenVAS (Nessus) - http://www.openvas.org:
1440| No findings
1441|
1442| SecurityTracker - https://www.securitytracker.com:
1443| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
1444| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
1445| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
1446| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
1447|
1448| OSVDB - http://www.osvdb.org:
1449| No findings
1450|_
1451Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1452Device type: general purpose|storage-misc|firewall
1453Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%)
1454OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8
1455Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.39 (89%), Linux 3.10 (89%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.1 - 3.2 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
1456No exact OS matches for host (test conditions non-ideal).
1457Uptime guess: 1.361 days (since Thu Jan 16 02:32:49 2020)
1458Network Distance: 12 hops
1459TCP Sequence Prediction: Difficulty=247 (Good luck!)
1460IP ID Sequence Generation: All zeros
1461
1462TRACEROUTE (using port 21/tcp)
1463HOP RTT ADDRESS
14641 46.91 ms 10.247.204.1
14652 46.94 ms 104.245.145.177
14663 46.96 ms 104.245.147.41
14674 ...
14685 96.41 ms 100ge14-2.core1.nyc4.he.net (184.105.80.9)
14696 126.58 ms 100ge4-1.core1.par2.he.net (184.105.81.78)
14707 156.42 ms 100ge5-2.core1.vie1.he.net (184.105.65.6)
14718 156.48 ms 100ge6-1.core1.bud1.he.net (184.105.213.250)
14729 156.50 ms 100ge10-1.core1.buh1.he.net (184.105.65.46)
147310 185.14 ms 10.10.21.6
147411 166.42 ms ospf6509.ch-center.com (93.113.37.210)
147512 166.17 ms curs-audio-de-engleza.com (93.113.36.186)
1476
1477NSE: Script Post-scanning.
1478Initiating NSE at 11:13
1479Completed NSE at 11:13, 0.00s elapsed
1480Initiating NSE at 11:13
1481Completed NSE at 11:13, 0.00s elapsed
1482######################################################################################################################################
1483Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:14 EST
1484NSE: Loaded 65 scripts for scanning.
1485NSE: Script Pre-scanning.
1486Initiating NSE at 11:14
1487Completed NSE at 11:14, 0.00s elapsed
1488Initiating NSE at 11:14
1489Completed NSE at 11:14, 0.00s elapsed
1490Initiating Parallel DNS resolution of 1 host. at 11:14
1491Completed Parallel DNS resolution of 1 host. at 11:14, 0.02s elapsed
1492Initiating SYN Stealth Scan at 11:14
1493Scanning curs-audio-de-engleza.com (93.113.36.186) [1 port]
1494Completed SYN Stealth Scan at 11:14, 2.05s elapsed (1 total ports)
1495Initiating Service scan at 11:14
1496Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1497Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1498Initiating Traceroute at 11:14
1499Completed Traceroute at 11:14, 6.30s elapsed
1500Initiating Parallel DNS resolution of 10 hosts. at 11:14
1501Completed Parallel DNS resolution of 10 hosts. at 11:14, 0.20s elapsed
1502NSE: Script scanning 93.113.36.186.
1503Initiating NSE at 11:14
1504Completed NSE at 11:14, 15.50s elapsed
1505Initiating NSE at 11:14
1506Completed NSE at 11:14, 0.00s elapsed
1507Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1508Host is up.
1509
1510PORT STATE SERVICE VERSION
151153/tcp filtered domain
1512Too many fingerprints match this host to give specific OS details
1513
1514Host script results:
1515| dns-blacklist:
1516| SPAM
1517|_ l2.apews.org - SPAM
1518| dns-brute:
1519|_ DNS Brute-force hostnames: No results.
1520
1521TRACEROUTE (using proto 1/icmp)
1522HOP RTT ADDRESS
15231 110.09 ms 10.247.204.1
15242 110.14 ms 104.245.145.177
15253 110.17 ms 104.245.147.41
15264 ...
15275 110.21 ms 100ge14-2.core1.nyc4.he.net (184.105.80.9)
15286 140.27 ms 100ge4-1.core1.par2.he.net (184.105.81.78)
15297 170.18 ms 100ge5-2.core1.vie1.he.net (184.105.65.6)
15308 170.21 ms 100ge6-1.core1.bud1.he.net (184.105.213.250)
15319 170.25 ms 100ge10-1.core1.buh1.he.net (184.105.65.46)
153210 200.42 ms 10.10.21.6
153311 159.50 ms ospf6509.ch-center.com (93.113.37.210)
153412 ... 30
1535
1536NSE: Script Post-scanning.
1537Initiating NSE at 11:14
1538Completed NSE at 11:14, 0.00s elapsed
1539Initiating NSE at 11:14
1540Completed NSE at 11:14, 0.00s elapsed
1541######################################################################################################################################
1542Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:18 EST
1543NSE: Loaded 162 scripts for scanning.
1544NSE: Script Pre-scanning.
1545Initiating NSE at 11:18
1546Completed NSE at 11:18, 0.00s elapsed
1547Initiating NSE at 11:18
1548Completed NSE at 11:18, 0.00s elapsed
1549Initiating Parallel DNS resolution of 1 host. at 11:18
1550Completed Parallel DNS resolution of 1 host. at 11:18, 0.02s elapsed
1551Initiating SYN Stealth Scan at 11:18
1552Scanning curs-audio-de-engleza.com (93.113.36.186) [1 port]
1553Completed SYN Stealth Scan at 11:18, 2.03s elapsed (1 total ports)
1554Initiating Service scan at 11:18
1555Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1556Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1557Initiating Traceroute at 11:18
1558Completed Traceroute at 11:18, 6.30s elapsed
1559Initiating Parallel DNS resolution of 10 hosts. at 11:18
1560Completed Parallel DNS resolution of 10 hosts. at 11:18, 0.23s elapsed
1561NSE: Script scanning 93.113.36.186.
1562Initiating NSE at 11:18
1563Completed NSE at 11:18, 0.01s elapsed
1564Initiating NSE at 11:18
1565Completed NSE at 11:18, 0.00s elapsed
1566Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1567Host is up.
1568
1569PORT STATE SERVICE VERSION
157080/tcp filtered http
1571Too many fingerprints match this host to give specific OS details
1572
1573TRACEROUTE (using proto 1/icmp)
1574HOP RTT ADDRESS
15751 53.39 ms 10.247.204.1
15762 129.22 ms 104.245.145.177
15773 129.25 ms 104.245.147.41
15784 ...
15795 129.26 ms 100ge14-2.core1.nyc4.he.net (184.105.80.9)
15806 161.66 ms 100ge4-1.core1.par2.he.net (184.105.81.78)
15817 161.68 ms 100ge5-2.core1.vie1.he.net (184.105.65.6)
15828 161.70 ms 100ge6-1.core1.bud1.he.net (184.105.213.250)
15839 191.11 ms 100ge10-1.core1.buh1.he.net (184.105.65.46)
158410 191.17 ms 10.10.21.6
158511 215.82 ms ospf6509.ch-center.com (93.113.37.210)
158612 ... 30
1587
1588NSE: Script Post-scanning.
1589Initiating NSE at 11:18
1590Completed NSE at 11:18, 0.00s elapsed
1591Initiating NSE at 11:18
1592Completed NSE at 11:18, 0.00s elapsed
1593######################################################################################################################################
1594Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:22 EST
1595NSE: Loaded 162 scripts for scanning.
1596NSE: Script Pre-scanning.
1597Initiating NSE at 11:22
1598Completed NSE at 11:22, 0.00s elapsed
1599Initiating NSE at 11:22
1600Completed NSE at 11:22, 0.00s elapsed
1601Initiating Parallel DNS resolution of 1 host. at 11:22
1602Completed Parallel DNS resolution of 1 host. at 11:22, 0.02s elapsed
1603Initiating SYN Stealth Scan at 11:22
1604Scanning curs-audio-de-engleza.com (93.113.36.186) [1 port]
1605Completed SYN Stealth Scan at 11:22, 2.04s elapsed (1 total ports)
1606Initiating Service scan at 11:22
1607Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1608Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1609Initiating Traceroute at 11:22
1610Completed Traceroute at 11:22, 6.29s elapsed
1611Initiating Parallel DNS resolution of 10 hosts. at 11:22
1612Completed Parallel DNS resolution of 10 hosts. at 11:22, 0.22s elapsed
1613NSE: Script scanning 93.113.36.186.
1614Initiating NSE at 11:22
1615Completed NSE at 11:22, 0.01s elapsed
1616Initiating NSE at 11:22
1617Completed NSE at 11:22, 0.00s elapsed
1618Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1619Host is up.
1620
1621PORT STATE SERVICE VERSION
1622443/tcp filtered https
1623Too many fingerprints match this host to give specific OS details
1624
1625TRACEROUTE (using proto 1/icmp)
1626HOP RTT ADDRESS
16271 109.41 ms 10.247.204.1
16282 109.49 ms 104.245.145.177
16293 109.47 ms 104.245.147.41
16304 ...
16315 109.50 ms 100ge14-2.core1.nyc4.he.net (184.105.80.9)
16326 181.64 ms 100ge4-1.core1.par2.he.net (184.105.81.78)
16337 152.81 ms 100ge5-2.core1.vie1.he.net (184.105.65.6)
16348 181.70 ms 100ge6-1.core1.bud1.he.net (184.105.213.250)
16359 181.73 ms 100ge10-1.core1.buh1.he.net (184.105.65.46)
163610 181.78 ms 10.10.21.6
163711 157.40 ms ospf6509.ch-center.com (93.113.37.210)
163812 ... 30
1639
1640NSE: Script Post-scanning.
1641Initiating NSE at 11:22
1642Completed NSE at 11:22, 0.00s elapsed
1643Initiating NSE at 11:22
1644Completed NSE at 11:22, 0.00s elapsed
1645#######################################################################################################################################
1646Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:25 EST
1647NSE: Loaded 47 scripts for scanning.
1648NSE: Script Pre-scanning.
1649Initiating NSE at 11:25
1650Completed NSE at 11:25, 0.00s elapsed
1651Initiating NSE at 11:25
1652Completed NSE at 11:25, 0.00s elapsed
1653Initiating Parallel DNS resolution of 1 host. at 11:25
1654Completed Parallel DNS resolution of 1 host. at 11:25, 0.02s elapsed
1655Initiating SYN Stealth Scan at 11:25
1656Scanning curs-audio-de-engleza.com (93.113.36.186) [65535 ports]
1657SYN Stealth Scan Timing: About 12.63% done; ETC: 11:29 (0:03:35 remaining)
1658SYN Stealth Scan Timing: About 40.25% done; ETC: 11:28 (0:01:31 remaining)
1659SYN Stealth Scan Timing: About 73.86% done; ETC: 11:27 (0:00:32 remaining)
1660Completed SYN Stealth Scan at 11:27, 111.33s elapsed (65535 total ports)
1661Initiating Service scan at 11:27
1662Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1663Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1664Initiating Traceroute at 11:27
1665Completed Traceroute at 11:27, 0.13s elapsed
1666Initiating Parallel DNS resolution of 2 hosts. at 11:27
1667Completed Parallel DNS resolution of 2 hosts. at 11:27, 0.00s elapsed
1668NSE: Script scanning 93.113.36.186.
1669Initiating NSE at 11:27
1670Completed NSE at 11:27, 0.00s elapsed
1671Initiating NSE at 11:27
1672Completed NSE at 11:27, 0.00s elapsed
1673Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1674Host is up (0.10s latency).
1675Not shown: 65532 filtered ports
1676PORT STATE SERVICE VERSION
167725/tcp closed smtp
1678139/tcp closed netbios-ssn
1679445/tcp closed microsoft-ds
1680Too many fingerprints match this host to give specific OS details
1681Network Distance: 2 hops
1682
1683TRACEROUTE (using port 139/tcp)
1684HOP RTT ADDRESS
16851 129.76 ms 10.247.204.1
16862 129.75 ms curs-audio-de-engleza.com (93.113.36.186)
1687
1688NSE: Script Post-scanning.
1689Initiating NSE at 11:27
1690Completed NSE at 11:27, 0.00s elapsed
1691Initiating NSE at 11:27
1692Completed NSE at 11:27, 0.00s elapsed
1693#######################################################################################################################################
1694Starting Nmap 7.80 ( https://nmap.org ) at 2020-01-17 11:27 EST
1695NSE: Loaded 47 scripts for scanning.
1696NSE: Script Pre-scanning.
1697Initiating NSE at 11:27
1698Completed NSE at 11:27, 0.00s elapsed
1699Initiating NSE at 11:27
1700Completed NSE at 11:27, 0.00s elapsed
1701Initiating Parallel DNS resolution of 1 host. at 11:27
1702Completed Parallel DNS resolution of 1 host. at 11:27, 0.02s elapsed
1703Initiating UDP Scan at 11:27
1704Scanning curs-audio-de-engleza.com (93.113.36.186) [15 ports]
1705Completed UDP Scan at 11:27, 2.05s elapsed (15 total ports)
1706Initiating Service scan at 11:27
1707Scanning 13 services on curs-audio-de-engleza.com (93.113.36.186)
1708Service scan Timing: About 7.69% done; ETC: 11:48 (0:19:24 remaining)
1709Completed Service scan at 11:29, 102.60s elapsed (13 services on 1 host)
1710Initiating OS detection (try #1) against curs-audio-de-engleza.com (93.113.36.186)
1711Retrying OS detection (try #2) against curs-audio-de-engleza.com (93.113.36.186)
1712Initiating Traceroute at 11:29
1713Completed Traceroute at 11:29, 7.06s elapsed
1714Initiating Parallel DNS resolution of 1 host. at 11:29
1715Completed Parallel DNS resolution of 1 host. at 11:29, 0.00s elapsed
1716NSE: Script scanning 93.113.36.186.
1717Initiating NSE at 11:29
1718Completed NSE at 11:29, 7.12s elapsed
1719Initiating NSE at 11:29
1720Completed NSE at 11:29, 1.01s elapsed
1721Nmap scan report for curs-audio-de-engleza.com (93.113.36.186)
1722Host is up (0.059s latency).
1723
1724PORT STATE SERVICE VERSION
172553/udp open|filtered domain
172667/udp open|filtered dhcps
172768/udp open|filtered dhcpc
172869/udp open|filtered tftp
172988/udp open|filtered kerberos-sec
1730123/udp open|filtered ntp
1731137/udp filtered netbios-ns
1732138/udp filtered netbios-dgm
1733139/udp open|filtered netbios-ssn
1734161/udp open|filtered snmp
1735162/udp open|filtered snmptrap
1736389/udp open|filtered ldap
1737500/udp open|filtered isakmp
1738|_ike-version: ERROR: Script execution failed (use -d to debug)
1739520/udp open|filtered route
17402049/udp open|filtered nfs
1741Too many fingerprints match this host to give specific OS details
1742
1743TRACEROUTE (using port 138/udp)
1744HOP RTT ADDRESS
17451 30.95 ms 10.247.204.1
17462 ... 3
17474 30.14 ms 10.247.204.1
17485 102.77 ms 10.247.204.1
17496 102.77 ms 10.247.204.1
17507 102.76 ms 10.247.204.1
17518 102.76 ms 10.247.204.1
17529 102.73 ms 10.247.204.1
175310 30.67 ms 10.247.204.1
175411 ... 18
175519 33.73 ms 10.247.204.1
175620 30.08 ms 10.247.204.1
175721 ... 27
175828 30.59 ms 10.247.204.1
175929 ...
176030 29.81 ms 10.247.204.1
1761
1762NSE: Script Post-scanning.
1763Initiating NSE at 11:29
1764Completed NSE at 11:29, 0.00s elapsed
1765Initiating NSE at 11:29
1766Completed NSE at 11:29, 0.00s elapsed
1767#######################################################################################################################################
1768[+] URL: http://shahamat1.net/
1769[+] Started: Fri Jan 17 10:30:38 2020
1770
1771Interesting Finding(s):
1772
1773[+] http://shahamat1.net/
1774 | Interesting Entry: Server: Apache
1775 | Found By: Headers (Passive Detection)
1776 | Confidence: 100%
1777
1778[+] http://shahamat1.net/xmlrpc.php
1779 | Found By: Direct Access (Aggressive Detection)
1780 | Confidence: 100%
1781 | References:
1782 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1783 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1784 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1785 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1786 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1787
1788[+] http://shahamat1.net/readme.html
1789 | Found By: Direct Access (Aggressive Detection)
1790 | Confidence: 100%
1791
1792[+] Upload directory has listing enabled: http://shahamat1.net/wp-content/uploads/
1793 | Found By: Direct Access (Aggressive Detection)
1794 | Confidence: 100%
1795
1796[+] http://shahamat1.net/wp-cron.php
1797 | Found By: Direct Access (Aggressive Detection)
1798 | Confidence: 60%
1799 | References:
1800 | - https://www.iplocation.net/defend-wordpress-from-ddos
1801 | - https://github.com/wpscanteam/wpscan/issues/1299
1802
1803[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
1804 | Found By: Emoji Settings (Passive Detection)
1805 | - http://shahamat1.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
1806 | Confirmed By: Meta Generator (Passive Detection)
1807 | - http://shahamat1.net/, Match: 'WordPress 5.3.2'
1808
1809[i] The main theme could not be detected.
1810
1811[+] Enumerating All Plugins (via Passive Methods)
1812[+] Checking Plugin Versions (via Passive and Aggressive Methods)
1813
1814[i] Plugin(s) Identified:
1815
1816[+] js_composer
1817 | Location: http://shahamat1.net/wp-content/plugins/js_composer/
1818 |
1819 | Found By: Body Tag (Passive Detection)
1820 |
1821 | Version: 5.6 (60% confidence)
1822 | Found By: Body Tag (Passive Detection)
1823 | - http://shahamat1.net/, Match: 'js-comp-ver-5.6'
1824
1825[+] recents-post-widget-extended
1826 | Location: http://shahamat1.net/wp-content/plugins/recents-post-widget-extended/
1827 |
1828 | Found By: Comment (Passive Detection)
1829 |
1830 | The version could not be determined.
1831
1832[+] Enumerating Config Backups (via Passive and Aggressive Methods)
1833 Checking Config Backups - Time: 00:00:02 <=============> (21 / 21) 100.00% Time: 00:00:02
1834
1835[i] No Config Backups Found.
1836
1837[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1838[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
1839
1840[+] Finished: Fri Jan 17 10:31:28 2020
1841[+] Requests Done: 53
1842[+] Cached Requests: 5
1843[+] Data Sent: 11.642 KB
1844[+] Data Received: 484.67 KB
1845[+] Memory used: 151.379 MB
1846[+] Elapsed time: 00:00:49
1847#######################################################################################################################################
1848[+] URL: http://shahamat1.net/
1849[+] Started: Fri Jan 17 10:30:48 2020
1850
1851Interesting Finding(s):
1852
1853[+] http://shahamat1.net/
1854 | Interesting Entry: Server: Apache
1855 | Found By: Headers (Passive Detection)
1856 | Confidence: 100%
1857
1858[+] http://shahamat1.net/xmlrpc.php
1859 | Found By: Direct Access (Aggressive Detection)
1860 | Confidence: 100%
1861 | References:
1862 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1863 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1864 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1865 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1866 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1867
1868[+] http://shahamat1.net/readme.html
1869 | Found By: Direct Access (Aggressive Detection)
1870 | Confidence: 100%
1871
1872[+] Upload directory has listing enabled: http://shahamat1.net/wp-content/uploads/
1873 | Found By: Direct Access (Aggressive Detection)
1874 | Confidence: 100%
1875
1876[+] http://shahamat1.net/wp-cron.php
1877 | Found By: Direct Access (Aggressive Detection)
1878 | Confidence: 60%
1879 | References:
1880 | - https://www.iplocation.net/defend-wordpress-from-ddos
1881 | - https://github.com/wpscanteam/wpscan/issues/1299
1882
1883[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
1884 | Found By: Emoji Settings (Passive Detection)
1885 | - http://shahamat1.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
1886 | Confirmed By: Meta Generator (Passive Detection)
1887 | - http://shahamat1.net/, Match: 'WordPress 5.3.2'
1888
1889[i] The main theme could not be detected.
1890
1891[+] Enumerating Users (via Passive and Aggressive Methods)
1892 Brute Forcing Author IDs - Time: 00:00:37 <==> (10 / 10) 100.00% Time: 00:00:37
1893
1894[i] No Users Found.
1895
1896[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1897[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
1898
1899[+] Finished: Fri Jan 17 10:32:01 2020
1900[+] Requests Done: 35
1901[+] Cached Requests: 19
1902[+] Data Sent: 7.81 KB
1903[+] Data Received: 962.403 KB
1904[+] Memory used: 94.02 MB
1905[+] Elapsed time: 00:01:13
1906#######################################################################################################################################
1907[+] URL: http://shahamat1.net/
1908[+] Started: Fri Jan 17 10:34:35 2020
1909
1910Interesting Finding(s):
1911
1912[+] http://shahamat1.net/
1913 | Interesting Entry: Server: Apache
1914 | Found By: Headers (Passive Detection)
1915 | Confidence: 100%
1916
1917[+] http://shahamat1.net/xmlrpc.php
1918 | Found By: Direct Access (Aggressive Detection)
1919 | Confidence: 100%
1920 | References:
1921 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1922 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1923 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1924 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1925 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1926
1927[+] http://shahamat1.net/readme.html
1928 | Found By: Direct Access (Aggressive Detection)
1929 | Confidence: 100%
1930
1931[+] Upload directory has listing enabled: http://shahamat1.net/wp-content/uploads/
1932 | Found By: Direct Access (Aggressive Detection)
1933 | Confidence: 100%
1934
1935[+] http://shahamat1.net/wp-cron.php
1936 | Found By: Direct Access (Aggressive Detection)
1937 | Confidence: 60%
1938 | References:
1939 | - https://www.iplocation.net/defend-wordpress-from-ddos
1940 | - https://github.com/wpscanteam/wpscan/issues/1299
1941
1942[+] WordPress version 5.3.2 identified (Latest, released on 2019-12-18).
1943 | Found By: Emoji Settings (Passive Detection)
1944 | - http://shahamat1.net/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.3.2'
1945 | Confirmed By: Meta Generator (Passive Detection)
1946 | - http://shahamat1.net/, Match: 'WordPress 5.3.2'
1947
1948[i] The main theme could not be detected.
1949
1950[+] Enumerating Users (via Passive and Aggressive Methods)
1951 Brute Forcing Author IDs - Time: 00:00:07 <============> (10 / 10) 100.00% Time: 00:00:07
1952
1953[i] No Users Found.
1954
1955[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1956[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
1957
1958[+] Finished: Fri Jan 17 10:35:00 2020
1959[+] Requests Done: 13
1960[+] Cached Requests: 41
1961[+] Data Sent: 2.854 KB
1962[+] Data Received: 3.637 KB
1963[+] Memory used: 93.449 MB
1964[+] Elapsed time: 00:00:25
1965#######################################################################################################################################
1966[INFO] ------TARGET info------
1967[*] TARGET: http://shahamat1.net/
1968[*] TARGET IP: 93.113.36.186
1969[INFO] NO load balancer detected for shahamat1.net...
1970[*] DNS servers: ns1.afraid.org.
1971[*] TARGET server: Apache
1972[*] CC: RO
1973[*] Country: Romania
1974[*] RegionCode: IF
1975[*] RegionName: Ilfov
1976[*] City: Chiajna
1977[*] ASN: AS41011
1978[*] BGP_PREFIX: 93.113.36.0/24
1979[*] ISP: CH-NET-AS CH-NET S.R.L., RO
1980[INFO] DNS enumeration:
1981[INFO] Possible abuse mails are:
1982[*] abuse@ch-center.com
1983[*] abuse@shahamat1.net
1984[INFO] NO PAC (Proxy Auto Configuration) file FOUND
1985[INFO] Starting FUZZing in http://shahamat1.net/FUzZzZzZzZz...
1986[INFO] Status code Folders
1987[ALERT] Look in the source code. It may contain passwords
1988[ALERT] Content in http://shahamat1.net/ AND http://www.shahamat1.net/ is different
1989[INFO] MD5 for http://shahamat1.net/ is: bc355290cef2496a9193820bb5d3111f
1990[INFO] MD5 for http://www.shahamat1.net/ is: 1bd3ae0cbb1dcb3305bc3103a3e25718
1991[INFO] http://shahamat1.net/ redirects to http://shahamat1.net/
1992[INFO] http://www.shahamat1.net/ redirects to http://www.shahamat1.net/
1993[INFO] Links found from http://shahamat1.net/ http://93.113.36.186/:
1994[*] http://11/
1995[*] http://22/
1996[*] http://93.113.36.186/cgi-sys/defaultwebpage.cgi
1997[*] http://aa/
1998[*] http://alemaraharabi.com/
1999[*] http://alemarahdari.com/
2000[*] http://alemarahenglish.com/
2001[*] http://alemarahislam.com/
2002[*] http://alemarahurdu.net/
2003[*] http://mujali.net/
2004[*] http://shahamat1.com/
2005[*] http://shahamat1.com/?cat=1
2006[*] http://shahamat1.com/?cat=170
2007[*] http://shahamat1.com/?cat=171
2008[*] http://shahamat1.com/?cat=173
2009[*] http://shahamat1.com/?cat=174
2010[*] http://shahamat1.com/?cat=175
2011[*] http://shahamat1.com/?cat=176
2012[*] http://shahamat1.com/?cat=326
2013[*] http://shahamat1.com/?cat=327
2014[*] http://shahamat1.com/?cat=348
2015[*] http://shahamat1.com/?cat=406
2016[*] http://shahamat1.com/?cat=445
2017[*] http://shahamat1.com/?cat=455
2018[*] http://shahamat1.com/?cat=738
2019[*] http://shahamat1.com/?cat=749
2020[*] http://shahamat1.com/?cat=756
2021[*] http://shahamat1.com/?cat=761
2022[*] http://shahamat1.com/?cat=880
2023[*] http://shahamat1.com/?cat=935
2024[*] http://shahamat1.com/?cat=936
2025[*] http://shahamat1.com/?cat=937
2026[*] http://shahamat1.com/?feed=comments-rss2
2027[*] http://shahamat1.com/?feed=rss2
2028[*] http://shahamat1.com/index.php?rest_route=/oembed/1.0/embed&url=http://shahamat1.com/
2029[*] http://shahamat1.com/index.php?rest_route=/oembed/1.0/embed&url=http://shahamat1.com/&format=xml
2030[*] http://shahamat1.com/?p=153501
2031[*] http://shahamat1.com/?p=154594
2032[*] http://shahamat1.com/?p=154753
2033[*] http://shahamat1.com/?p=155625
2034[*] http://shahamat1.com/?p=156088
2035[*] http://shahamat1.com/?p=156271
2036[*] http://shahamat1.com/?p=156468
2037[*] http://shahamat1.com/?p=157081
2038[*] http://shahamat1.com/?p=157165
2039[*] http://shahamat1.com/?p=157365
2040[*] http://shahamat1.com/?p=157707
2041[*] http://shahamat1.com/?p=157736
2042[*] http://shahamat1.com/?p=157744
2043[*] http://shahamat1.com/?p=157798
2044[*] http://shahamat1.com/?p=158662
2045[*] http://shahamat1.com/?p=158664
2046[*] http://shahamat1.com/?p=158776
2047[*] http://shahamat1.com/?p=158819
2048[*] http://shahamat1.com/?p=158884
2049[*] http://shahamat1.com/?p=158885
2050[*] http://shahamat1.com/?p=158897
2051[*] http://shahamat1.com/?p=158989
2052[*] http://shahamat1.com/?p=159048
2053[*] http://shahamat1.com/?p=159053
2054[*] http://shahamat1.com/?p=159093
2055[*] http://shahamat1.com/?p=159164
2056[*] http://shahamat1.com/?p=159329
2057[*] http://shahamat1.com/?p=159466
2058[*] http://shahamat1.com/?p=159505
2059[*] http://shahamat1.com/?p=159521
2060[*] http://shahamat1.com/?p=159566
2061[*] http://shahamat1.com/?p=159701
2062[*] http://shahamat1.com/?p=159785
2063[*] http://shahamat1.com/?p=159964
2064[*] http://shahamat1.com/?p=160052
2065[*] http://shahamat1.com/?p=160127
2066[*] http://shahamat1.com/?p=160156
2067[*] http://shahamat1.com/?p=160172
2068[*] http://shahamat1.com/?p=160246
2069[*] http://shahamat1.com/?p=160271
2070[*] http://shahamat1.com/?p=160274
2071[*] http://shahamat1.com/?p=160281
2072[*] http://shahamat1.com/?p=160313
2073[*] http://shahamat1.com/?p=160318
2074[*] http://shahamat1.com/?p=160323
2075[*] http://shahamat1.com/?p=160329
2076[*] http://shahamat1.com/?p=160332
2077[*] http://shahamat1.com/?p=160340
2078[*] http://shahamat1.com/?p=160356
2079[*] http://shahamat1.com/?p=160367
2080[*] http://shahamat1.com/?p=160369
2081[*] http://shahamat1.com/?p=160380
2082[*] http://shahamat1.com/?p=160389
2083[*] http://shahamat1.com/?p=160393
2084[*] http://shahamat1.com/?p=160401
2085[*] http://shahamat1.com/?p=160403
2086[*] http://shahamat1.com/?p=160405
2087[*] http://shahamat1.com/?p=160408
2088[*] http://shahamat1.com/?p=160411
2089[*] http://shahamat1.com/?p=160412
2090[*] http://shahamat1.com/?p=160414
2091[*] http://shahamat1.com/?p=160417
2092[*] http://shahamat1.com/?p=160419
2093[*] http://shahamat1.com/?p=160420
2094[*] http://shahamat1.com/?p=160423
2095[*] http://shahamat1.com/?p=160427
2096[*] http://shahamat1.com/?p=160428
2097[*] http://shahamat1.com/?p=160429
2098[*] http://shahamat1.com/?p=160430
2099[*] http://shahamat1.com/?p=160431
2100[*] http://shahamat1.com/?p=160432
2101[*] http://shahamat1.com/?p=160433
2102[*] http://shahamat1.com/?p=160434
2103[*] http://shahamat1.com/?p=160435
2104[*] http://shahamat1.com/?p=160436
2105[*] http://shahamat1.com/?p=160437
2106[*] http://shahamat1.com/?p=160438
2107[*] http://shahamat1.com/?p=160439
2108[*] http://shahamat1.com/?p=160462
2109[*] http://shahamat1.com/?p=160463
2110[*] http://shahamat1.com/?p=160466
2111[*] http://shahamat1.com/?p=160467
2112[*] http://shahamat1.com/?p=160470
2113[*] http://shahamat1.com/?p=160472
2114[*] http://shahamat1.com/?p=160473
2115[*] http://shahamat1.com/wp-login.php?action=lostpassword
2116[*] http://shahamat1.net/
2117[*] http://shahamat1.net/#1502605930628-693ae6e3-39ab
2118[*] http://shahamat1.net/#1502606044792-0c7e6e97-9e8d
2119[*] http://shahamat1.net/#1502711443561-0482d6cb-1478
2120[*] http://shahamat1.net/?cat=1
2121[*] http://shahamat1.net/?cat=170
2122[*] http://shahamat1.net/?cat=173
2123[*] http://shahamat1.net/?cat=174
2124[*] http://shahamat1.net/?cat=176
2125[*] http://shahamat1.net/?cat=327
2126[*] http://shahamat1.net/?cat=348
2127[*] http://shahamat1.net/?cat=378
2128[*] http://shahamat1.net/?cat=397
2129[*] http://shahamat1.net/?cat=443
2130[*] http://shahamat1.net/?cat=509
2131[*] http://shahamat1.net/?cat=511
2132[*] http://shahamat1.net/?cat=616
2133[*] http://shahamat1.net/?cat=618
2134[*] http://shahamat1.net/?cat=619
2135[*] http://shahamat1.net/?cat=620
2136[*] http://shahamat1.net/?cat=621
2137[*] http://shahamat1.net/?cat=622
2138[*] http://shahamat1.net/?cat=623
2139[*] http://shahamat1.net/?cat=624
2140[*] http://shahamat1.net/?cat=625
2141[*] http://shahamat1.net/?cat=626
2142[*] http://shahamat1.net/?cat=627
2143[*] http://shahamat1.net/?cat=628
2144[*] http://shahamat1.net/?cat=629
2145[*] http://shahamat1.net/?cat=630
2146[*] http://shahamat1.net/?cat=631
2147[*] http://shahamat1.net/?cat=632
2148[*] http://shahamat1.net/?cat=633
2149[*] http://shahamat1.net/?cat=634
2150[*] http://shahamat1.net/?cat=635
2151[*] http://shahamat1.net/?cat=636
2152[*] http://shahamat1.net/?cat=637
2153[*] http://shahamat1.net/?cat=638
2154[*] http://shahamat1.net/?cat=639
2155[*] http://shahamat1.net/?cat=640
2156[*] http://shahamat1.net/?cat=641
2157[*] http://shahamat1.net/?cat=642
2158[*] http://shahamat1.net/?cat=643
2159[*] http://shahamat1.net/?cat=644
2160[*] http://shahamat1.net/?cat=645
2161[*] http://shahamat1.net/?cat=646
2162[*] http://shahamat1.net/?cat=647
2163[*] http://shahamat1.net/?cat=648
2164[*] http://shahamat1.net/?cat=649
2165[*] http://shahamat1.net/?cat=650
2166[*] http://shahamat1.net/?cat=651
2167[*] http://shahamat1.net/?cat=652
2168[*] http://shahamat1.net/?cat=751
2169[*] http://shahamat1.net/?cat=752
2170[*] http://shahamat1.net/?cat=753
2171[*] http://shahamat1.net/?cat=757
2172[*] http://shahamat1.net/?cat=931
2173[*] http://shahamat1.net/?cat=933
2174[*] http://shahamat1.net/?cat=935
2175[*] http://shahamat1.net/?cat=936
2176[*] http://shahamat1.net/?cat=937
2177[*] http://shahamat1.net/http://www.taraani.com/
2178[*] http://shahamat1.net/?p=105228
2179[*] http://shahamat1.net/?p=133624
2180[*] http://shahamat1.net/?p=157165
2181[*] http://shahamat1.net/?p=157744
2182[*] http://shahamat1.net/?p=15887
2183[*] http://shahamat1.net/?p=160423
2184[*] http://shahamat1.net/?p=72641
2185[*] http://shahamat1.net/?page_id=105098
2186[*] http://shahamat1.net/?page_id=159743
2187[*] https://twitter.com/
2188[*] https://twitter.com/suhailshaheen1
2189[*] https://twitter.com/Zabehulah_M33
2190[*] http://www.alemarahvideo.org/
2191[*] http://www.mujali.com/?cat=3
2192[*] http://www.mujali.com/?cat=4
2193[*] http://www.mujali.com/?cat=5
2194[*] http://www.mujali.com/?cat=6
2195[*] http://www.mujali.com/?cat=7
2196[*] http://www.mujali.com/?cat=8
2197[*] http://www.mujali.com/?p=220
2198[*] http://www.mujali.com/?p=225
2199[*] http://www.mujali.com/?p=878
2200[*] http://www.mujali.com/?p=934
2201[*] http://www.taraani.com/
2202cut: intervalle de champ incorrecte
2203Saisissez « cut --help » pour plus d'informations.
2204[INFO] Shodan detected the following opened ports on 93.113.36.186:
2205[*] 1
2206[*] 110
2207[*] 143
2208[*] 2082
2209[*] 2083
2210[*] 2086
2211[*] 2087
2212[*] 21
2213[*] 3306
2214[*] 4
2215[*] 443
2216[*] 465
2217[*] 53
2218[*] 587
2219[*] 80
2220[*] 993
2221[*] 995
2222[INFO] ------VirusTotal SECTION------
2223[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
2224[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
2225[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
2226[INFO] ------Alexa Rank SECTION------
2227[INFO] Percent of Visitors Rank in Country:
2228[INFO] Percent of Search Traffic:
2229[INFO] Percent of Unique Visits:
2230[INFO] Total Sites Linking In:
2231[*] Total Sites
2232[INFO] Useful links related to shahamat1.net - 93.113.36.186:
2233[*] https://www.virustotal.com/pt/ip-address/93.113.36.186/information/
2234[*] https://www.hybrid-analysis.com/search?host=93.113.36.186
2235[*] https://www.shodan.io/host/93.113.36.186
2236[*] https://www.senderbase.org/lookup/?search_string=93.113.36.186
2237[*] https://www.alienvault.com/open-threat-exchange/ip/93.113.36.186
2238[*] http://pastebin.com/search?q=93.113.36.186
2239[*] http://urlquery.net/search.php?q=93.113.36.186
2240[*] http://www.alexa.com/siteinfo/shahamat1.net
2241[*] http://www.google.com/safebrowsing/diagnostic?site=shahamat1.net
2242[*] https://censys.io/ipv4/93.113.36.186
2243[*] https://www.abuseipdb.com/check/93.113.36.186
2244[*] https://urlscan.io/search/#93.113.36.186
2245[*] https://github.com/search?q=93.113.36.186&type=Code
2246[INFO] Useful links related to AS41011 - 93.113.36.0/24:
2247[*] http://www.google.com/safebrowsing/diagnostic?site=AS:41011
2248[*] https://www.senderbase.org/lookup/?search_string=93.113.36.0/24
2249[*] http://bgp.he.net/AS41011
2250[*] https://stat.ripe.net/AS41011
2251[INFO] Date: 17/01/20 | Time: 10:37:17
2252[INFO] Total time: 2 minute(s) and 46 second(s)
2253######################################################################################################################################
2254[-] Target: http://shahamat1.net (93.113.36.186)
2255[M] Website Not in HTTPS: http://shahamat1.net
2256[I] Server: Apache
2257[L] X-Frame-Options: Not Enforced
2258[I] Strict-Transport-Security: Not Enforced
2259[I] X-Content-Security-Policy: Not Enforced
2260[I] X-Content-Type-Options: Not Enforced
2261[L] No Robots.txt Found
2262[I] CMS Detection: WordPress
2263[I] Wordpress Version: 5.3.2
2264[I] Wordpress Theme: multinews
2265[-] WordPress usernames identified:
2266[M] admin
2267[M] ahmadaabid
2268[M] asadullah
2269[M] asim
2270[M] bassam
2271[M] fazeer
2272[M] hilal
2273[M] rashid
2274[M] tayyeb
2275[M] wahdat
2276[M] zareef
2277[M] zeerak
2278[M] zubair
2279[M] احمد بسام
2280[M] قاري یوسف احمدي
2281[M] XML-RPC services are enabled
2282[M] Website vulnerable to XML-RPC Brute Force Vulnerability
2283[I] Autocomplete Off Not Found: http://shahamat1.net/wp-login.php
2284[-] Default WordPress Files:
2285[I] http://shahamat1.net/license.txt
2286[I] http://shahamat1.net/readme.html
2287[I] http://shahamat1.net/wp-includes/ID3/license.commercial.txt
2288[I] http://shahamat1.net/wp-includes/ID3/license.txt
2289[I] http://shahamat1.net/wp-includes/ID3/readme.txt
2290[I] http://shahamat1.net/wp-includes/images/crystal/license.txt
2291[I] http://shahamat1.net/wp-includes/js/plupload/license.txt
2292[I] http://shahamat1.net/wp-includes/js/swfupload/license.txt
2293[I] http://shahamat1.net/wp-includes/js/tinymce/license.txt
2294[-] Searching Wordpress Plugins ...
2295[I] captcha v4.4.5
2296[I] contact-form-7 v5.1.6
2297[I] jetpack v8.0
2298[M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
2299[I] js_composer
2300[I] recent-posts-widget-with-thumbnails
2301[I] Checking for Directory Listing Enabled ...
2302[L] http://shahamat1.net/wp-admin/css
2303[L] http://shahamat1.net/wp-admin/images
2304[L] http://shahamat1.net/wp-admin/includes
2305[L] http://shahamat1.net/wp-admin/js
2306[L] http://shahamat1.net/wp-admin/maint
2307[L] http://shahamat1.net/wp-content/themes
2308[L] http://shahamat1.net/wp-includes
2309[L] http://shahamat1.net/wp-includes/ID3
2310[L] http://shahamat1.net/wp-includes/IXR
2311[L] http://shahamat1.net/wp-includes/Requests
2312[L] http://shahamat1.net/wp-includes/SimplePie
2313[L] http://shahamat1.net/wp-includes/Text
2314[L] http://shahamat1.net/wp-includes/blocks
2315[L] http://shahamat1.net/wp-includes/certificates
2316[L] http://shahamat1.net/wp-includes/css
2317[L] http://shahamat1.net/wp-includes/customize
2318[L] http://shahamat1.net/wp-includes/fonts
2319[L] http://shahamat1.net/wp-includes/images
2320[L] http://shahamat1.net/wp-includes/js
2321[L] http://shahamat1.net/wp-includes/pomo
2322[L] http://shahamat1.net/wp-includes/random_compat
2323[L] http://shahamat1.net/wp-includes/rest-api
2324[L] http://shahamat1.net/wp-includes/sodium_compat
2325[L] http://shahamat1.net/wp-includes/theme-compat
2326[L] http://shahamat1.net/wp-includes/widgets
2327[L] http://shahamat1.net/wp-content/plugins/captcha
2328[L] http://shahamat1.net/wp-content/plugins/contact-form-7
2329[L] http://shahamat1.net/wp-content/plugins/jetpack
2330[-] Date & Time: 17/01/2020 10:47:32
2331[-] Completed in: 0:16:46
2332######################################################################################################################################
2333 Anonymous JTSEC #OpISIS Full Recon #45