____ _ _ | _ \ _____ _| |__ (_)_ __ | | | |/ _ \ \/ / '_ \| | '_ \ | |_| | (_) > <| |_) | | | | | |____/ \___/_/\_\_.__/|_|_| |_|
Title:Priory School Birmington UK WEBOsint
Created:Apr 23rd, 2023
Created by: EmpathyDev
Views: 391
Comments: 1
Edited at: Apr 23rd, 2023
Username: Anonymous - (Login)
Please note that all posted information is publicly available and must follow our TOS.
▒█▀▀█ ▒█▀▀▀ ▒█░▄▀ ▀▀█▀▀ ▒█▀▀█ ▒█░░▒█ ▒█▄▄▀ ▒█▀▀▀ ▒█▀▄░ ░▒█░░ ▒█▀▀▄ ▒█▄▄▄█ ▒█░▒█ ▒█▄▄▄ ▒█░▒█ ░▒█░░ ▒█▄▄█ ░░▒█░░ ▀▀█▀▀ ▒█▀▀█ ▒█▀▀█ ░▒█░░ ▒█▄▄▀ ▒█░░░ ░▒█░░ ▒█░▒█ ▒█▄▄█ ▒█░░░ ▒█▀▀▀ ░█▀▀█ ▒█▀▀▄ ▒█▀▀▀ ▒█▀▀█ ▒█░░░ ▒█▀▀▀ ▒█▄▄█ ▒█░▒█ ▒█▀▀▀ ▒█▄▄▀ ▒█▄▄█ ▒█▄▄▄ ▒█░▒█ ▒█▄▄▀ ▒█▄▄▄ ▒█░▒█ ▒█▀▀▀ ▒█▀▄▀█ ▒█▀▀█ ░█▀▀█ ▀▀█▀▀ ▒█░▒█ ▒█░░▒█ ▒█▀▀▀ ▒█▒█▒█ ▒█▄▄█ ▒█▄▄█ ░▒█░░ ▒█▀▀█ ▒█▄▄▄█ ▒█▄▄▄ ▒█░░▒█ ▒█░░░ ▒█░▒█ ░▒█░░ ▒█░▒█ ░░▒█░░ ———————————————————————————————————————————————— ———————————————————————————————————————————————— ———————————————————————————————————————————————— ———————————————————————————————————————————————— STAFF/ADMINISTRATORS: Mr.Cramb MS.GUIVER MRS.MULLIN MR.GRIFFIN MRS.FLOOD MISS ZOLNA MRS.UPPAL MISS SILVER ———————————————————————————————————————————————— https://www.prioryschool.net/ view-source:https://www.prioryschool.net/ https://www.prioryschool.net/admin https://www.prioryschool.net/controlpanel ———————————————————————————————————————————————— Scools Contact: 39 Sir Harry’s Road Edgbaston Birmingham B15 2UR 0121 440 4103 enquiries@prioryschool.net https://www.facebook.com/prioryschooledgbaston/ https://twitter.com/prioryedgbaston https://www.instagram.com/prioryschooledgbaston/ https://www.prioryschool.net/contact/ ———————————————————————————————————————————————— Administrators Faces: https://www.prioryschool.net/leadership-team/ STAFF: https://www.prioryschool.net/staff/ ———————————————————————————————————————————————— Schools Website IP: 185.108.94.81 PORT Service Status 21 FTP open 22 SSH closed 23 Telnet closed 25 SMTP open 53 DNS closed 80 HTTP closed 110 POP3 closed 139 NETBIOS closed 143 IMAP closed 443 HTTPS open 445 SMB closed 1433 MSSQL closed 1521 ORACLE closed 3306 MySQL closed 3389 Remote Desktop closed 185.108.94.81 Kingswinford - United Kingdom Intercity Technology Complex Hosting Customer 2023-04-22 185.137.220.47 United Kingdom Monkey Tree Hosting LTD 2021-05-20 69.172.201.157 Canada Dosarrest Internet Security LTD 2019-06-03 79.170.44.121 Leeds - United Kingdom Heart Internet Ltd 2016-10-31 ———————————————————————————————————————————————— gobuster -w common.txt -u https://www.prioryschool.net/ ===================================================== Gobuster v2.0.1 OJ Reeves (@TheColonial) ===================================================== [+] Mode : dir [+] Url/Domain : https://www.prioryschool.net/ [+] Threads : 10 [+] Wordlist : common.txt [+] Status codes : 200,204,301,302,307,403 [+] Timeout : 10s ===================================================== 2023/04/22 23:18:51 Starting gobuster ===================================================== /.well-known/acme-challenge (Status: 301) /.well-known/pki-validation (Status: 301) /0 (Status: 301) /2 (Status: 301) /20 (Status: 301) /ADM (Status: 301) /A (Status: 301) /About (Status: 301) /B (Status: 301) /Blog (Status: 301) /C (Status: 301) /Contact (Status: 301) /D (Status: 301) /E (Status: 301) /Events (Status: 301) /F (Status: 301) /G (Status: 301) /H (Status: 301) /Health (Status: 301) /I (Status: 301) /Home (Status: 301) /J (Status: 301) /L (Status: 301) /M (Status: 301) /Main (Status: 301) /N (Status: 301) /News (Status: 301) /P (Status: 301) /Privacy (Status: 301) /R (Status: 301) /S (Status: 301) /Search (Status: 301) /Sports (Status: 301) /T (Status: 301) /TEMP (Status: 301) /U (Status: 301) /V (Status: 301) /W (Status: 301) /a (Status: 301) /about (Status: 301) /ac (Status: 301) /acc (Status: 301) /access (Status: 301) /ad (Status: 301) /adm (Status: 301) /admin (Status: 302) /admissions (Status: 301) /all (Status: 301) /ap (Status: 301) /app (Status: 301) /ar (Status: 301) /art (Status: 301) /assets (Status: 301) /atom (Status: 301) /au (Status: 301) /b (Status: 301) /ban (Status: 301) /bank (Status: 301) /black (Status: 301) /bl (Status: 301) /blog (Status: 301) /bo (Status: 301) /board (Status: 301) /book (Status: 301) /c (Status: 301) /ca (Status: 301) /car (Status: 301) /career (Status: 301) /careers (Status: 301) /cat (Status: 301) /categories (Status: 301) /cgi-bin (Status: 301) /cgi-sys (Status: 301) /ch (Status: 301) /children (Status: 301) /child (Status: 301) /chris (Status: 301) /co (Status: 301) /comment-page-1 (Status: 301) /con (Status: 301) /cont (Status: 301) /contact (Status: 301) /controlpanel (Status: 200) /cpanel (Status: 200) /d (Status: 301) /dashboard (Status: 302) /de (Status: 301) /di (Status: 301) /do (Status: 301) /e (Status: 301) /ear (Status: 301) /ec (Status: 301) /embed (Status: 301) /en (Status: 301) /event (Status: 301) /events (Status: 301) /ex (Status: 301) /ext (Status: 301) /extra (Status: 301) /f (Status: 301) /fa (Status: 301) /favicon.ico (Status: 302) /feed (Status: 301) /fi (Status: 301) /finance (Status: 301) /first (Status: 301) /for (Status: 301) /fr (Status: 301) /friends (Status: 301) /friend (Status: 301) /g (Status: 301) /gr (Status: 301) /green (Status: 301) /grid (Status: 301) /h (Status: 301) /health (Status: 301) /holiday (Status: 301) /home (Status: 301) /holidays (Status: 301) /hp (Status: 301) /i (Status: 301) /in (Status: 301) /index.php (Status: 301) /inf (Status: 301) /info (Status: 301) /information (Status: 301) /int (Status: 301) /inter (Status: 301) /interim (Status: 301) /is (Status: 301) /j (Status: 301) /job (Status: 301) /join (Status: 301) /k (Status: 301) /key (Status: 301) /l (Status: 301) /la (Status: 301) /launch (Status: 301) /leader (Status: 301) /leaders (Status: 301) /lo (Status: 301) /loc (Status: 301) /locations (Status: 301) /location (Status: 301) /login (Status: 302) /m (Status: 301) /ma (Status: 301) /mailman (Status: 301) /main (Status: 301) /mark (Status: 301) /market (Status: 301) /marketing (Status: 301) /me (Status: 301) /min (Status: 301) /mini (Status: 301) /my (Status: 301) /n (Status: 301) /ne (Status: 301) /new (Status: 301) /news (Status: 301) /ns (Status: 301) /p (Status: 301) /pa (Status: 301) /page1 (Status: 301) /page2 (Status: 301) /past (Status: 301) /pg (Status: 301) /pipermail (Status: 301) /pop (Status: 301) /pr (Status: 301) /pre (Status: 301) /privacy (Status: 301) /priv (Status: 301) /privacy-policy (Status: 301) /r (Status: 301) /rdf (Status: 301) /recommend (Status: 301) /reg (Status: 301) /registration (Status: 301) /render/https://www.google.com (Status: 301) /ro (Status: 301) /robots.txt (Status: 200) /rss (Status: 301) /rss2 (Status: 301) /s (Status: 301) /sa (Status: 301) /safe (Status: 301) /sc (Status: 301) /school (Status: 301) /science (Status: 301) /se (Status: 301) /search-results (Status: 301) /search (Status: 301) /si (Status: 301) /sitemap.xml (Status: 301) /sl (Status: 301) /sp (Status: 301) /sport (Status: 301) /sports (Status: 301) /st (Status: 301) /staff (Status: 301) /t (Status: 301) /table (Status: 301) /tag (Status: 301) /tags (Status: 301) /te (Status: 301) /temp (Status: 301) /term (Status: 301) /trac (Status: 301) /tr (Status: 301) /track (Status: 301) /tracking (Status: 301) /trans (Status: 301) /transparent (Status: 301) /u (Status: 301) /uc (Status: 301) /uk (Status: 301) /up (Status: 301) /upd (Status: 301) /updated (Status: 301) /update (Status: 301) /uploads (Status: 301) /v (Status: 301) /w (Status: 301) /webmail (Status: 200) /who (Status: 301) /win (Status: 301) /wp-admin (Status: 301) /world (Status: 301) /wp-content (Status: 301) /wp-includes (Status: 301) /y (Status: 301) /year (Status: 301) /~adm (Status: 301) ===================================================== 2023/04/22 23:48:09 Finished ===================================================== ———————————————————————————————————————————————— JARM Fingerprint 15d3fd16d29d29d00042d43d0000001ae0802418786940cae38f1d9eed5b9b Last HTTPS Certificate Data: Version: V3 Serial Number: 033a6b0df83e3dfc1694a8430d606e11e724 Thumbprint: 351027af1357c0cc431d11b624735380e44ab395 Signature Algorithm: sha256RSA Issuer: C=US CN=R3 O=Let's Encrypt Validity Not Before: 2022-12-02 20:59:24 Not After: 2023-03-02 20:59:23 Subject: CN=www.prioryschool.net Subject Public Key Info: Public Key Algorithm : RSA Public-Key: (2048 bit) Modulus: 00:bc:19:83:fd:ad:64:81:80:45:6e:ac:fd:f4:e9: 70:ce:af:0f:b1:72:88:9e:dc:5a:a9:6d:d2:6e:2f: 7d:bd:dc:58:e7:f3:49:af:53:74:ea:a7:ad:ca:09: d3:ca:3d:2d:43:92:1e:0a:27:2b:55:06:72:3b:bd: 60:3f:dc:99:00:bf:15:f8:04:1b:6e:c9:b4:30:c7: 62:67:22:c6:4a:29:88:7b:d1:55:0f:f9:5c:19:2c: d6:f0:ae:46:7f:07:f9:a4:2d:7b:48:fc:65:75:63: 68:62:2a:82:0b:23:aa:3a:57:fa:10:99:8f:02:0d: 28:a4:f5:47:d9:f4:88:48:4b:83:66:e8:51:ba:1b: 89:ee:cb:97:ad:84:a0:d4:26:7b:2d:de:0b:fa:b8: b2:3b:f2:ff:45:53:94:c1:82:aa:85:10:25:cf:9e: ec:e6:ec:95:48:6b:d5:99:a5:03:8e:47:82:b5:47: eb:86:26:50:5b:01:87:a8:6d:97:25:31:3e:d9:6e: 30:0a:52:49:35:86:34:06:8e:85:74:0f:2e:a7:5f: 6c:0d:07:3f:9b:bd:3b:96:95:b3:b2:40:a2:44:1e: 12:10:b2:f9:de:b8:57:75:c3:15:0f:e7:55:dc:bb: d1:3e:f5:db:65:89:6b:b4:44:e6:16:2b:1b:eb:43: 38:43 Exponent: 010001 X509v3 extensions: X509v3 Authority Key Identifier: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af: 9d:8b:14:c2:c6X509v3 Subject Key Identifier: 56:75:47:60:f6:ee:d1:9e:43:a7:0b:fd:22:b7:23: ae:af:3f:61:0aX509v3 Subject Alternative Name: DNS:prioryschool.net, DNS:www.prioryschool.net X509v3 Key Usage: ff X509v3 Extended Key Usage: serverAuth, clientAuth X509v3 CRL Distribution Points: X509v3 Certification Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1Authority Information Access: CA Issuers - http://r3.i.lencr.org/ OCSP - http://r3.o.lencr.orgX509v3 Basic Constraints: CA:TRUE 1.3.6.1.4.1.11129.2.4.2: 0481f100ef007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c4 Signature Algorithm: sha256RSA 19:34:b8:d3:0d:b5:36:8b:13:d7:49:b9:e4:c3:7b: a7:a9:57:7d:82:9c:ea:3a:5b:bf:69:0c:58:f7:c5: d8:5c:5c:43:6e:78:ab:36:5e:26:bd:d7:c4:c1:5d: 4b:67:fa:50:c3:86:59:12:73:a9:65:e9:80:f2:08: ed:09:84:91:1d:ef:31:c2:f2:5d:5f:5f:26:bc:eb: e7:a2:0a:4b:b5:28:78:ae:76:c9:96:26:c0:96:7e: c6:a6:cf:4c:64:d2:0f:20:8f:9d:83:69:bf:7f:c9: 77:99:09:e4:78:74:2b:a0:3a:56:b3:c7:45:fc:a6: 2e:47:44:70:0b:19:56:1b:5c:8c:5a:09:f8:78:2b: 0d:a6:d6:81:d2:47:e0:f6:62:97:2c:0e:f7:42:89: f5:9d:ed:8f:fd:ec:c5:ad:3c:81:5e:77:dc:87:70: 19:d1:68:64:47:9c:d7:dd:71:db:e9:7b:94:8f:21: 90:ef:01:cf:84:cd:7a:4f:95:5a:04:39:ab:87:2f: 90:9f:c5:db:b2:8f:11:34:0f:49:06:1e:53:2c:a1: 54:f3:7c:73:fd:03:8a:80:22:e8:db:9d:ff:0a:ac: 11:e5:0d:e9:76:b4:7c:6d:b2:00:85:d2:44:f5:8f: 8c:95:1e:ba:e0:ba:4c:70:83:54:76:2d:e4:52:7b: 76 ———————————————————————————————————————————————— Admin City: GDPR Masked Admin Country: GDPR Masked Admin Email: 1e9f9886a6da0a83s@gdpr-masked.com Admin Organization: GDPR Masked Admin Postal Code: GDPR Masked Admin State/Province: GDPR Masked Creation Date: 2001-08-30T09:12:47Z DNSSEC: Unsigned DNSSEC: unsigned Domain Name: PRIORYSCHOOL.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: PIPER.NS.CLOUDFLARE.COM Name Server: THEO.NS.CLOUDFLARE.COM Name Server: piper.ns.cloudflare.com Name Server: theo.ns.cloudflare.com Registrant City: 7bc26f5a5e70d417 Registrant Country: GB Registrant Email: 1e9f9886a6da0a83s@gdpr-masked.com Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 7bc26f5a5e70d417 Registrant Name: 7bc26f5a5e70d417 Registrant Organization: 7bc26f5a5e70d417 Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 7bc26f5a5e70d417 Registrant Postal Code: 7bc26f5a5e70d417 Registrant State/Province: b77b2d261a643de7 Registrant Street: 7bc26f5a5e70d417 Registrar Abuse Contact Email: abuse-contact@publicdomainregistry.com Registrar Abuse Contact Phone: +1.2013775952 Registrar IANA ID: 303 Registrar Registration Expiration Date: 2023-08-30T09:12:47Z Registrar URL: http://www.publicdomainregistry.com Registrar URL: www.publicdomainregistry.com Registrar WHOIS Server: whois.PublicDomainRegistry.com Registrar WHOIS Server: whois.publicdomainregistry.com Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Registry Admin ID: GDPR Masked Registry Domain ID: 76614629_DOMAIN_NET-VRSN Registry Expiry Date: 2023-08-30T09:12:47Z Registry Registrant ID: GDPR Masked Registry Tech ID: GDPR Masked Tech City: GDPR Masked Tech Country: GDPR Masked Tech Email: 1e9f9886a6da0a83s@gdpr-masked.com Tech Organization: GDPR Masked Tech Postal Code: GDPR Masked Tech State/Province: GDPR Masked Updated Date: 2022-12-01T14:57:24Z Updated Date: 2022-12-01T14:57:25Z ———————————————————————————————————————————————— Status Test Case Information INFO NS records listed at parent servers Nameserver records returned by the parent servers are: theo.ns.cloudflare.com. [NO GLUE] [TTL=172800] piper.ns.cloudflare.com. [NO GLUE] [TTL=172800] This information was kindly provided by a.gtld-servers.net. PASSED Domain listed at parent servers Good! The parent servers have information on your domain. Some other domains (like .co.us) do not have a DNS zone at the parent servers. PASSED NS records listed at parent servers Good! The parent servers have your NS records listed. If they didn't, people wouldn't be able to find your domain! INFO Parent servers return glue OK. The TLD of your domain (net) differs from that of your nameservers (com). As such, the parent servers are not required to send glue. INFO A record for each NS at parent OK. The parent servers don't need to have A records for your nameservers since the TLD of your domain (net) differs from that of your nameservers (com). Local Nameserver Tests Status Test Case Information INFO NS records at your local servers NS records retrieved from your local nameservers were: piper.ns.cloudflare.com. [NO GLUE] [TTL=86400] theo.ns.cloudflare.com. [NO GLUE] [TTL=86400] WARNING Glue at local nameservers Oops! Your local nameservers don't return IP addresses (glue) along with your NS records! This isn't a fatal error but means an extra lookup needs to be performed increasing the load time to your site. You can fix this by adding A records for each of the nameservers listed above. INFO Same glue at local and parent servers OK. Since the GTLD for your domain (net) differs from that of your nameservers (com), the result of this test are irrelevant since the parent servers aren't even required to hold the A records for your nameservers. PASSED Same NS records at each local nameserver Good! All your local nameservers have identical NS records for your domain. PASSED Check that all nameservers respond Good! All of your nameservers listed at the parent servers responded. PASSED Check all nameservers are valid Good! All of your nameservers appear to be valid (e.g. are not IP addresses or partial domain names) PASSED Number of nameservers Good! You have at least 2 nameservers. Whilst RFC218 section 2.5 specifies a minimum of 3, as long as you have 2 or more, you should be ok! PASSED Local nameservers answer authoritatively Good! All your nameservers answer authoritatively for your domain. PASSED Missing NS records at parent servers Good! The parent servers have all the nameservers listed for your domain as your local nameservers! PASSED Missing NS records at local servers Good! Your local servers have all the nameservers listed for your domain that are listed at the parent servers! PASSED No CNAME records for domain Good! No CNAME records are present for 'prioryschool.net'. RFC1912 section 2.4 and RFC2181 section 10.3 state that there should be no CNAME records if any other records are present for a given domain. PASSED No CNAME records for nameservers Good! No CNAME records are present for your nameservers. RFC1912 section 2.4 and RFC2181 section 10.3 state that there should be no CNAME records if any other records (e.g. an A record) are present for a nameserver. PASSED Nameservers are on different IP subnets Good! All your nameservers are in separate class C (/24) subnets. PASSED Nameservers have public IP's Good! All your NS records have public IP addresses. PASSED Nameservers allow TCP connections Good! We can establish a TCP connection with each of your nameservers on port 53. Whilst UDP is most commonly used for the DNS protocol, TCP connections are occasionally used. Status Test Case Information INFO SOA Record Your Start of Authority (SOA) record is: Primary nameserver: piper.ns.cloudflare.com. Hostmaster E-mail address: dns.cloudflare.com. Serial number: 2305668531 Refresh: 10000 Retry: 2400 Expire: 604800 Minimum TTL: 3600 PASSED All nameservers have same SOA serial number Good! All your nameservers agree that your SOA serial number is 2305668531 PASSED SOA primary nameserver listed at parent Good! The primary nameserver listed in your SOA record (piper.ns.cloudflare.com.) is listed at the parent servers! WARNING SOA serial number format Oops! Your SOA serial number (2305668531) doesn't seem to be in the recommended format (YYYYMMDDnn - where nn is the revision number). This is still OK, however as long as you are keeping track of your SOA version details. PASSED SOA Refresh value Good! Your SOA Refresh value (10000) is within the recommended range of 1 hour (3600) to 1 day (86400). PASSED SOA Retry value Good! Your SOA Retry value (2400) is within the recommended range of 5 minutes (300) to 4 hours (14400). PASSED SOA Expire value Good! Your SOA Expire value (604800) is within the recommended range of 1 week (604800) to 4 weeks (2419200). PASSED SOA Minimum TTL value Good! Your SOA Minimum TTL value (3600) is within the recommended range of less than 3 days (259200). Mail eXchanger (MX) Tests Status Test Case Information INFO MX Records Your Mail eXchanger (MX) records are: 0 prioryschool-net.mail.protection.outlook.com. [TTL=300] PASSED All nameservers have same MX records Good! All of your nameservers have the same MX records. PASSED All MX records contain valid hostnames Good! All of your MX entries have valid hostnames (e.g. are not IP's or invalid domain names). PASSED All MX records use public IP addresses Good! All of your MX entries have public IP addresses. PASSED MX record is not a CNAME/alias Good! When querying for your MX records we did not receive a CNAME record as a result. PASSED MX A records are not CNAME's Good! No CNAME records are present for your MX A records. WARNING Number of MX records Oops! You only have one MX record! In the event that this mail server is down, you could potentially lose mail! It is recommended to have two or more MX records (and hence mail servers) if you want uninterrupted mail functionality. PASSED Duplicate MX A records Good! No two MX records resolve to the same IP address. PASSED Differing MX A records Good! You have no different IP's for your MX A records than the DNS server that is authoritive for that hostname. PASSED MX records have reverse DNS entries Good! All your MX IP addresses have reverse DNS entries. The reverse entries returned were: 138.51.47.104.in-addr.arpa <--> mail-dbaeur030138.inbound.protection.outlook.com. WWW Record Tests Status Test Case Information INFO WWW record www.prioryschool.net A records are: www.prioryschool.net. A 185.108.94.81 [TTL=300] PASSED WWW A record has public IP Good! The IP address(es) of the A records returned for your WWW record have public IP addresses. PASSED WWW CNAME lookup OK! You don't have a CNAME entry for your WWW record! This is ok though because you have an A record for your WWW record. When people visit www.prioryschool.net they will go to the IP address in the A record above. Name TTL Class Type Priority Data prioryschool.net. 3600 IN SOA piper.ns.cloudflare.com. dns.cloudflare.com. 2305668531 10000 2400 604800 3600 prioryschool.net. 21600 IN NS piper.ns.cloudflare.com. prioryschool.net. 21600 IN NS theo.ns.cloudflare.com. prioryschool.net. 300 IN A 185.108.94.81 prioryschool.net. 300 IN TXT "MS=ms51510385" prioryschool.net. 300 IN TXT "apple-domain-verification=kZ1UB7zili8aBj0m" prioryschool.net. 300 IN TXT "google-site-verification=r5xlpJGZtpeunZw6ftLZZxM15SXrJpNrxpqbJXYMuaU" prioryschool.net. 300 IN TXT "v=spf1 include:spf.protection.outlook.com -all" prioryschool.net. 300 IN MX 0 prioryschool-net.mail.protection.outlook.com.
1 year ago