daily pastebin goal
62%
SHARE
TWEET

HunterUnit JTSEC pedo link for save child full recon #74

a guest May 23rd, 2018 508 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. Hostname    www.sandra-model.net        ISP     Cloudflare Inc
  3. Continent   North America       Flag    
  4. US
  5. Country     United States       Country Code    US
  6. Region  Unknown         Local time  23 May 2018 12:12 CDT
  7. City    Unknown         Postal Code     Unknown
  8. IP Address (IPv6)   2400:cb00:2048:1::681c:1561         Latitude    37.751
  9. #######################################################################################################################################
  10. DNS Status:
  11. A | 104.28.21.97
  12. A | 104.28.20.97
  13. NS | aida.ns.cloudflare.com
  14. NS | toby.ns.cloudflare.com
  15. MX | dc-dc2d7d8716c8.sandra-model.net
  16. Subdomain Bruteforce:
  17. www.sandra-model.net | 104.28.21.97
  18. mail.sandra-model.net | 173.254.239.2
  19. cpanel.sandra-model.net | 173.254.239.2
  20. ftp.sandra-model.net | 173.254.239.2
  21. webmail.sandra-model.net | 173.254.239.2
  22. VirusTotal Subdomains Lookup
  23. cpanel.sandra-model.net
  24. ww1.sandra-model.net
  25. No results found for SRV Bruteforce
  26. No results found for Crimeflare DB
  27. VirusTotal Reverse IP Lookup
  28. 104.28.20.97
  29. 104.28.21.97
  30. 208.87.149.250
  31. Domain History DB
  32. 208.87.150.50
  33. 208.87.149.250
  34. #######################################################################################################################################
  35. HostIP:104.28.20.97
  36. HostName:sandra-model.net
  37.  
  38. Gathered Inet-whois information for 104.28.20.97
  39. --------------------------------------------------------------------------------------------------------------------------------------
  40.  
  41.  
  42. inetnum:        104.0.0.0 - 104.243.215.255
  43. netname:        NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  44. descr:          IPv4 address block not managed by the RIPE NCC
  45. remarks:        ------------------------------------------------------
  46. remarks:
  47. remarks:        You can find the whois server to query, or the
  48. remarks:        IANA registry to query on this web page:
  49. remarks:        http://www.iana.org/assignments/ipv4-address-space
  50. remarks:
  51. remarks:        You can access databases of other RIRs at:
  52. remarks:
  53. remarks:        AFRINIC (Africa)
  54. remarks:        http://www.afrinic.net/ whois.afrinic.net
  55. remarks:
  56. remarks:        APNIC (Asia Pacific)
  57. remarks:        http://www.apnic.net/ whois.apnic.net
  58. remarks:
  59. remarks:        ARIN (Northern America)
  60. remarks:        http://www.arin.net/  whois.arin.net
  61. remarks:
  62. remarks:        LACNIC (Latin America and the Carribean)
  63. remarks:        http://www.lacnic.net/ whois.lacnic.net
  64. remarks:
  65. remarks:        IANA IPV4 Recovered Address Space
  66. remarks:        http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
  67. remarks:
  68. remarks:        ------------------------------------------------------
  69. country:        EU # Country is really world wide
  70. admin-c:        IANA1-RIPE
  71. tech-c:         IANA1-RIPE
  72. status:         ALLOCATED UNSPECIFIED
  73. mnt-by:         RIPE-NCC-HM-MNT
  74. mnt-lower:      RIPE-NCC-HM-MNT
  75. mnt-routes:     RIPE-NCC-RPSL-MNT
  76. created:        2016-10-17T14:26:07Z
  77. last-modified:  2016-10-17T14:26:07Z
  78. source:         RIPE
  79.  
  80. role:           Internet Assigned Numbers Authority
  81. address:        see http://www.iana.org.
  82. admin-c:        IANA1-RIPE
  83. tech-c:         IANA1-RIPE
  84. nic-hdl:        IANA1-RIPE
  85. remarks:        For more information on IANA services
  86. remarks:        go to IANA web site at http://www.iana.org.
  87. mnt-by:         RIPE-NCC-MNT
  88. created:        1970-01-01T00:00:00Z
  89. last-modified:  2001-09-22T09:31:27Z
  90. source:         RIPE # Filtered
  91.  
  92. % This query was served by the RIPE Database Query Service version 1.91.2 (WAGYU)
  93.  
  94.  
  95.  
  96. Gathered Inic-whois information for sandra-model.net
  97. ---------------------------------------------------------------------------------------------------------------------------------------
  98.    Domain Name: SANDRA-MODEL.NET
  99.    Registry Domain ID: 2266616376_DOMAIN_NET-VRSN
  100.    Registrar WHOIS Server: whois.namesilo.com
  101.    Registrar URL: http://www.namesilo.com
  102.    Updated Date: 2018-05-23T10:18:56Z
  103.    Creation Date: 2018-05-23T07:06:56Z
  104.    Registry Expiry Date: 2019-05-23T07:06:56Z
  105.    Registrar: NameSilo, LLC
  106.    Registrar IANA ID: 1479
  107.    Registrar Abuse Contact Email: abuse@namesilo.com
  108.    Registrar Abuse Contact Phone: +1.4805240066
  109.    Domain Status: clientTransferProhibited https�U@://ic�-��6an�n.org/I>�epU@p#cliI>�en�U@tTran�������sferPro�U@hibited
  110.    Name Server: AIDA.NS.CLOUDFLARE.COM
  111.    Name Server: TOBY.NS.CLOUDFLARE.COM
  112.    DNSSEC: unsigned
  113.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  114. >>> Last update of whois database: 2018-05-23T17:19:13Z <<<
  115.  
  116. For more information on Whois status codes, please visit https://icann.org/epp
  117.  
  118. NOTICE: The expiration date displayed in this record is the date the
  119. registrar's sponsorship of the domain name regisYV@ationF*��6 i�n the r�H>�egXV@istry�H>� igV@s
  120. currently set to expire. This date does not necessarily reflect the expiration
  121. date of the domain name registrant's agreement with the sponsoring
  122. registrar.  Users may consult the sponsoring registrar's Whois database to
  123. view the registrar's reported date of expiration for this registration.
  124.  
  125. TERMS OF USE: You are not authorized to access o�U@r que�-��6ry
  126.                                                                 our W�I>�hoU@is
  127. database through the use of electronic processes that are high-volume and
  128. automated except as reasonably necessary to register domain names or
  129. modify existing registrations; the Data in VeriSign Global Registry
  130. Services' ("VeriSign") Whois database is provided by VeriSign for
  131. information purposes only, and to assist persons in obtaining information
  132. about or related to a domain name registration record. VeriSign does not
  133. guarantee its accuracy. By submitting a Whois qu�U@ery, �-��6yoru agreGI>�e U@to abMI>�id�U@e
  134. by the following terms of use: You agree that you may use this Data only
  135. for lawful purposes and that under no circumstances will you use this Data
  136. to: (1) allow, enable, or otherwise support the transmission of mass
  137. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  138. or facsimile; or (2) enable high volume, automated, electronic processes
  139. that apply to VeriSign (or its computer systems). The compilation,
  140. repackaging, dissemination or other use of this �U@Data �-��6is� expre�H>�ssU@ly
  141. prohibited without the prior written consent of VeriSign. You agree not to
  142. use electronic processes that are automated and high-volume to access or
  143. query the Whois database except as reasonably necessary to register
  144. domain names or modify existing registrations. VeriSign reserves the right
  145. to restrict your access to the Whois database in its sole discretion to ensure
  146. operational stability.  VeriSign may restrict or�U@ acce�-��6ss to the�I>�
  147. Whois database for failure to abide by these terms of use. VeriSign
  148. reserves the right to modify these terms at any time.
  149.  
  150. The Registry database contains ONLY .COM, .NET, .EDU domains and
  151. Registrars.
  152.  
  153. Gathered Netcraft information for sandra-model.net
  154. ---------------------------------------------------------------------------------------------------------------------------------------
  155.  
  156. Retrieving Netcraft.com information for sandra-model.net
  157. Netcraft.com Information gathered
  158.  
  159. Gathered Subdomain information for sandra-model.net
  160. ---------------------------------------------------------------------------------------------------------------------------------------
  161. Searching Google.com:80...
  162. Searching Altavista.com:80...
  163. Found 0 possible subdomain(s) for host sandra-model.net, Searched 0 pages containing 0 results
  164.  
  165. Gathered E-Mail information for sandra-model.net
  166. ---------------------------------------------------------------------------------------------------------------------------------------
  167. Searching Google.com:80...
  168. Searching Altavista.com:80...
  169. Found 0 E-Mail(s) for host sandra-model.net, Searched 0 pages containing 0 results
  170.  
  171. Gathered TCP Port information for 104.28.20.97
  172. ---------------------------------------------------------------------------------------------------------------------------------------
  173.  
  174.  Port       State
  175.  
  176. 80/tcp      open
  177.  
  178. Portscan Finished: Scanned 150 ports, 0 ports were in state closed
  179. #######################################################################################################################################
  180. [i] Scanning Site: http://sandra-model.net
  181.  
  182.  
  183.  
  184. B A S I C   I N F O
  185. =======================================================================================================================================
  186.  
  187.  
  188. [+] Site Title: Sandra Teen Model
  189. [+] IP address: 104.28.20.97
  190. [+] Web Server: cloudflare
  191. [+] CMS: Could Not Detect
  192. [+] Cloudflare: Detected
  193. [+] Robots File: Could NOT Find robots.txt!
  194.  
  195.  
  196.  
  197.  
  198. W H O I S   L O O K U P
  199. =======================================================================================================================================
  200.  
  201.        Domain Name: SANDRA-MODEL.NET
  202.    Registry Domain ID: 2266616376_DOMAIN_NET-VRSN
  203.    Registrar WHOIS Server: whois.namesilo.com
  204.    Registrar URL: http://www.namesilo.com
  205.    Updated Date: 2018-05-23T10:18:56Z
  206.    Creation Date: 2018-05-23T07:06:56Z
  207.    Registry Expiry Date: 2019-05-23T07:06:56Z
  208.    Registrar: NameSilo, LLC
  209.    Registrar IANA ID: 1479
  210.    Registrar Abuse Contact Email: abuse@namesilo.com
  211.    Registrar Abuse Contact Phone: +1.4805240066
  212.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  213.    Name Server: AIDA.NS.CLOUDFLARE.COM
  214.    Name Server: TOBY.NS.CLOUDFLARE.COM
  215.    DNSSEC: unsigned
  216.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  217. >>> Last update of whois database: 2018-05-23T17:19:29Z <<<
  218.  
  219. For more information on Whois status codes, please visit https://icann.org/epp
  220.  
  221. NOTICE: The expiration date displayed in this record is the date the
  222. registrar's sponsorship of the domain name registration in the registry is
  223. currently set to expire. This date does not necessarily reflect the expiration
  224. date of the domain name registrant's agreement with the sponsoring
  225. registrar.  Users may consult the sponsoring registrar's Whois database to
  226. view the registrar's reported date of expiration for this registration.
  227.  
  228.  
  229. The Registry database contains ONLY .COM, .NET, .EDU domains and
  230. Registrars.
  231.  
  232.  
  233.  
  234.  
  235. G E O  I P  L O O K  U P
  236. =======================================================================================================================================
  237.  
  238. [i] IP Address: 104.28.21.97
  239. [i] Country: US
  240. [i] State: N/A
  241. [i] City: N/A
  242. [i] Latitude: 37.750999
  243. [i] Longitude: -97.821999
  244.  
  245.  
  246.  
  247.  
  248. H T T P   H E A D E R S
  249. =======================================================================================================================================
  250.  
  251.  
  252. [i]  HTTP/1.1 200 OK
  253. [i]  Date: Wed, 23 May 2018 17:19:52 GMT
  254. [i]  Content-Type: text/html
  255. [i]  Connection: close
  256. [i]  Set-Cookie: __cfduid=d132c37c46fefd09f55957860b25d48091527095988; expires=Thu, 23-May-19 17:19:48 GMT; path=/; domain=.sandra-model.net; HttpOnly
  257. [i]  Last-Modified: Wed, 23 May 2018 10:22:33 GMT
  258. [i]  Vary: Accept-Encoding
  259. [i]  X-Turbo-Charged-By: LiteSpeed
  260. [i]  Server: cloudflare
  261. [i]  CF-RAY: 41f93085e7283fcb-YUL
  262.  
  263.  
  264.  
  265.  
  266. D N S   L O O K U P
  267. =======================================================================================================================================
  268.  
  269. ;; Truncated, retrying in TCP mode.
  270. sandra-model.net.   3789    IN  HINFO   "ANY obsoleted" "See draft-ietf-dnsop-refuse-any"
  271.  
  272.  
  273.  
  274.  
  275. S U B N E T   C A L C U L A T I O N
  276. =======================================================================================================================================
  277.  
  278. Address       = 2400:cb00:2048:1::681c:1561
  279. Network       = 2400:cb00:2048:1::681c:1561 / 128
  280. Netmask       = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
  281. Wildcard Mask = ::
  282. Hosts Bits    = 0
  283. Max. Hosts    = 0   (2^0 - 1)
  284. Host Range    = { 2400:cb00:2048:1::681c:1562 - 2400:cb00:2048:1::681c:1561 }
  285.  
  286.  
  287.  
  288. N M A P   P O R T   S C A N
  289. =======================================================================================================================================
  290.  
  291.  
  292. Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-23 17:19 UTC
  293. Nmap scan report for sandra-model.net (104.28.21.97)
  294. Host is up (0.0081s latency).
  295. Other addresses for sandra-model.net (not scanned): 104.28.20.97 2400:cb00:2048:1::681c:1561 2400:cb00:2048:1::681c:1461
  296. PORT     STATE    SERVICE       VERSION
  297. 21/tcp   filtered ftp
  298. 22/tcp   filtered ssh
  299. 23/tcp   filtered telnet
  300. 25/tcp   filtered smtp
  301. 80/tcp   open     http          Cloudflare nginx
  302. 110/tcp  filtered pop3
  303. 143/tcp  filtered imap
  304. 443/tcp  open     ssl/https?
  305. 445/tcp  filtered microsoft-ds
  306. 3389/tcp filtered ms-wbt-server
  307. #######################################################################################################################################
  308. [!] IP Address : 104.28.20.97
  309. [-] Cloudflare detected
  310. [+] Real IP Address : 173.254.239.
  311. [+] Clickjacking protection is not in place.
  312. [!] www.sandra-model.net doesn't seem to use a CMS
  313. ---------------------------------------------------------------------------------------------------------------------------------------
  314. [~] Trying to gather whois information for www.sandra-model.net
  315. [+] Whois information found
  316. Updated Date : 2018-05-23 10:18:56, 2018-05-23 07:00:00
  317. Status : clientTransferProhibited https://icann.org/epp#clientTransferProhibited, clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
  318. Name : Chiu Vanhoi
  319. Dnssec : unsigned
  320. City : Tsuen Wan
  321. Expiration Date : 2019-05-23 07:06:56, 2019-05-23 07:00:00
  322. Address : 28 Kin Chuen St
  323. Zipcode : xxxx
  324. Domain Name : SANDRA-MODEL.NET, sandra-model.net
  325. Whois Server : whois.namesilo.com
  326. State : Tsuen Wan
  327. Registrar : NameSilo, LLC
  328. Referral Url : None
  329. Country : HK
  330. Name Servers : AIDA.NS.CLOUDFLARE.COM, TOBY.NS.CLOUDFLARE.COM
  331. Org : None
  332. Creation Date : 2018-05-23 07:06:56, 2018-05-23 07:00:00
  333. Emails : abuse@namesilo.com, neadiase@coolsite.net
  334. ---------------------------------------------------------------------------------------------------------------------------------------
  335. error IP address or host name only
  336. ---------------------------------------------------------------------------------------------------------------------------------------
  337.  
  338. [+] DNS Records
  339.  
  340. [+] Host Records (A)
  341. www.sandra-model.netHTTP: (104.28.20.97) AS13335 Cloudflare Inc United States
  342.  
  343. [+] TXT Records
  344.  
  345. [+] DNS Map: https://dnsdumpster.com/static/map/sandra-model.net.png
  346.  
  347. [>] Initiating 3 intel modules
  348. [>] Loading Alpha module (1/3)
  349. [>] Beta module deployed (2/3)
  350. [>] Gamma module initiated (3/3)
  351. No emails found
  352. No hosts found
  353. [+] Virtual hosts:
  354. ---------------------------------------------------------------------------------------------------------------------------------------
  355. [~] Crawling the target for fuzzable URLs
  356. #######################################################################################################################################
  357. Server:     10.211.254.254
  358. Address:    10.211.254.254#53
  359.  
  360. Non-authoritative answer:
  361. Name:   sandra-model.net
  362. Address: 104.28.21.97
  363. Name:   sandra-model.net
  364. Address: 104.28.20.97
  365. Name:   sandra-model.net
  366. Address: 2400:cb00:2048:1::681c:1461
  367. Name:   sandra-model.net
  368. Address: 2400:cb00:2048:1::681c:1561
  369.  
  370. sandra-model.net has address 104.28.20.97
  371. sandra-model.net has address 104.28.21.97
  372. sandra-model.net has IPv6 address 2400:cb00:2048:1::681c:1561
  373. sandra-model.net has IPv6 address 2400:cb00:2048:1::681c:1461
  374. sandra-model.net mail is handled by 0 dc-dc2d7d8716c8.sandra-model.net.
  375. #######################################################################################################################################
  376. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
  377.  
  378. [+] Target is sandra-model.net
  379. [+] Loading modules.
  380. [+] Following modules are loaded:
  381. [x] [1] ping:icmp_ping  -  ICMP echo discovery module
  382. [x] [2] ping:tcp_ping  -  TCP-based ping discovery module
  383. [x] [3] ping:udp_ping  -  UDP-based ping discovery module
  384. [x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
  385. [x] [5] infogather:portscan  -  TCP and UDP PortScanner
  386. [x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
  387. [x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
  388. [x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
  389. [x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
  390. [x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
  391. [x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
  392. [x] [12] fingerprint:smb  -  SMB fingerprinting module
  393. [x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
  394. [+] 13 modules registered
  395. [+] Initializing scan engine
  396. [+] Running scan engine
  397. [-] ping:tcp_ping module: no closed/open TCP ports known on 104.28.21.97. Module test failed
  398. [-] ping:udp_ping module: no closed/open UDP ports known on 104.28.21.97. Module test failed
  399. [-] No distance calculation. 104.28.21.97 appears to be dead or no ports known
  400. [+] Host: 104.28.21.97 is down (Guess probability: 0%)
  401. [+] Cleaning up scan engine
  402. [+] Modules deinitialized
  403. [+] Execution completed.
  404. #######################################################################################################################################
  405.    Domain Name: SANDRA-MODEL.NET
  406.    Registry Domain ID: 2266616376_DOMAIN_NET-VRSN
  407.    Registrar WHOIS Server: whois.namesilo.com
  408.    Registrar URL: http://www.namesilo.com
  409.    Updated Date: 2018-05-23T10:18:56Z
  410.    Creation Date: 2018-05-23T07:06:56Z
  411.    Registry Expiry Date: 2019-05-23T07:06:56Z
  412.    Registrar: NameSilo, LLC
  413.    Registrar IANA ID: 1479
  414.    Registrar Abuse Contact Email: abuse@namesilo.com
  415.    Registrar Abuse Contact Phone: +1.4805240066
  416.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  417.    Name Server: AIDA.NS.CLOUDFLARE.COM
  418.    Name Server: TOBY.NS.CLOUDFLARE.COM
  419.    DNSSEC: unsigned
  420.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  421. >>> Last update of whois database: 2018-05-23T17:19:13Z <<<
  422.  
  423. For more information on Whois status codes, please visit https://icann.org/epp
  424.  
  425. NOTICE: The expiration date displayed in this record is the date the
  426. registrar's sponsorship of the domain name registration in the registry is
  427. currently set to expire. This date does not necessarily reflect the expiration
  428. date of the domain name registrant's agreement with the sponsoring
  429. registrar.  Users may consult the sponsoring registrar's Whois database to
  430. view the registrar's reported date of expiration for this registration.
  431.  
  432. TERMS OF USE: You are not authorized to access or query our Whois
  433. database through the use of electronic processes that are high-volume and
  434. automated except as reasonably necessary to register domain names or
  435. modify existing registrations; the Data in VeriSign Global Registry
  436. Services' ("VeriSign") Whois database is provided by VeriSign for
  437. information purposes only, and to assist persons in obtaining information
  438. about or related to a domain name registration record. VeriSign does not
  439. guarantee its accuracy. By submitting a Whois query, you agree to abide
  440. by the following terms of use: You agree that you may use this Data only
  441. for lawful purposes and that under no circumstances will you use this Data
  442. to: (1) allow, enable, or otherwise support the transmission of mass
  443. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  444. or facsimile; or (2) enable high volume, automated, electronic processes
  445. that apply to VeriSign (or its computer systems). The compilation,
  446. repackaging, dissemination or other use of this Data is expressly
  447. prohibited without the prior written consent of VeriSign. You agree not to
  448. use electronic processes that are automated and high-volume to access or
  449. query the Whois database except as reasonably necessary to register
  450. domain names or modify existing registrations. VeriSign reserves the right
  451. to restrict your access to the Whois database in its sole discretion to ensure
  452. operational stability.  VeriSign may restrict or terminate your access to the
  453. Whois database for failure to abide by these terms of use. VeriSign
  454. reserves the right to modify these terms at any time.
  455.  
  456. The Registry database contains ONLY .COM, .NET, .EDU domains and
  457. Registrars.
  458. Domain Name: sandra-model.net
  459. Registrar WHOIS Server: whois.namesilo.com
  460. Registrar URL: https://www.namesilo.com/
  461. Updated Date: 2018-05-23T07:00:00Z
  462. Creation Date: 2018-05-23T07:00:00Z
  463. Registrar Registration Expiration Date: 2019-05-23T07:00:00Z
  464. Registrar: NameSilo, LLC
  465. Registrar IANA ID: 1479
  466. Registrar Abuse Contact Email: abuse@namesilo.com
  467. Registrar Abuse Contact Phone: +1.4805240066
  468. Reseller: QHOSTER.COM
  469. Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
  470. Registry Registrant ID:
  471. Registrant Name: Chiu Vanhoi
  472. Registrant Organization:
  473. Registrant Street: 28 Kin Chuen St
  474. Registrant City: Tsuen Wan
  475. Registrant State/Province: Tsuen Wan
  476. Registrant Postal Code: xxxx
  477. Registrant Country: HK
  478. Registrant Phone: +852.96554443
  479. Registrant Phone Ext:
  480. Registrant Fax:
  481. Registrant Fax Ext:
  482. Registrant Email: neadiase@coolsite.net
  483. Registry Admin ID:
  484. Admin Name: Chiu Vanhoi
  485. Admin Organization:
  486. Admin Street: 28 Kin Chuen St
  487. Admin City: Tsuen Wan
  488. Admin State/Province: Tsuen Wan
  489. Admin Postal Code: xxxx
  490. Admin Country: HK
  491. Admin Phone: +852.96554443
  492. Admin Phone Ext:
  493. Admin Fax:
  494. Admin Fax Ext:
  495. Admin Email: neadiase@coolsite.net
  496. Registry Tech ID:
  497. Tech Name: Chiu Vanhoi
  498. Tech Organization:
  499. Tech Street: 28 Kin Chuen St
  500. Tech City: Tsuen Wan
  501. Tech State/Province: Tsuen Wan
  502. Tech Postal Code: xxxx
  503. Tech Country: HK
  504. Tech Phone: +852.96554443
  505. Tech Phone Ext:
  506. Tech Fax:
  507. Tech Fax Ext:
  508. Tech Email: neadiase@coolsite.net
  509. Name Server: AIDA.NS.CLOUDFLARE.COM
  510. Name Server: TOBY.NS.CLOUDFLARE.COM
  511. DNSSEC: unsigned
  512. URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
  513. >>> Last update of WHOIS database: 2018-05-23T07:00:00Z <<<
  514.  
  515. For more information on Whois status codes, please visit https://icann.org/epp
  516.  
  517. NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS
  518. database through the use of high-volume, automated, electronic processes. The
  519. Data in our WHOIS database is provided for information purposes only, and to
  520. assist persons in obtaining information about or related to a domain name
  521. registration record. We do not guarantee its accuracy. By submitting a WHOIS
  522. query, you agree to abide by the following terms of use: You agree that you may
  523. use this Data only for lawful purposes and that under no circumstances will you
  524. use this Data to: (1) allow, enable, or otherwise support the transmission of
  525. mass unsolicited, commercial advertising or solicitations via e-mail, telephone,
  526. or facsimile; or (2) enable high volume, automated, electronic processes that
  527. apply to us (or our computer systems). The compilation, repackaging,
  528. dissemination or other use of this Data is expressly prohibited without our
  529. prior written consent. We reserve the right to terminate your access to the
  530. WHOIS database at our sole discretion, including without limitation, for
  531. excessive querying of the WHOIS database or for failure to otherwise abide by
  532. this policy. We reserve the right to modify these terms at any time.
  533. WWW.QHOSTER.COM - CHEAP DOMAINS/HOSTING, LINUX/WINDOWS RDP VPS IN 30 LOCATIONS, DEDICATED SERVERS - PAYPAL, BITCOIN, WEBMONEY, PERFECT MONEY, NETELLER, SKRILL, PAYSAFECARD, ALIPAY, PAYEER, CASHU ETC.
  534. #######################################################################################################################################
  535. ; <<>> DiG 9.11.3-1-Debian <<>> -x sandra-model.net
  536. ;; global options: +cmd
  537. ;; Got answer:
  538. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63172
  539. ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  540.  
  541. ;; OPT PSEUDOSECTION:
  542. ; EDNS: version: 0, flags:; udp: 512
  543. ;; QUESTION SECTION:
  544. ;net.sandra-model.in-addr.arpa. IN  PTR
  545.  
  546. ;; AUTHORITY SECTION:
  547. in-addr.arpa.       3600    IN  SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013379 1800 900 604800 3600
  548.  
  549. ;; Query time: 792 msec
  550. ;; SERVER: 10.211.254.254#53(10.211.254.254)
  551. ;; WHEN: Wed May 23 13:19:32 EDT 2018
  552. ;; MSG SIZE  rcvd: 126
  553.  
  554. dnsenum VERSION:1.2.4
  555.  
  556. -----   sandra-model.net   -----
  557.  
  558.  
  559. Host's addresses:
  560. __________________
  561.  
  562. sandra-model.net.                        283      IN    A        104.28.20.97
  563. sandra-model.net.                        283      IN    A        104.28.21.97
  564.  
  565.  
  566. Name Servers:
  567. ______________
  568.  
  569. aida.ns.cloudflare.com.                  66151    IN    A        173.245.58.58
  570. toby.ns.cloudflare.com.                  66782    IN    A        173.245.59.239
  571.  
  572.  
  573. Mail (MX) Servers:
  574. ___________________
  575.  
  576. dc-dc2d7d8716c8.sandra-model.net.        300      IN    A        173.254.239.2
  577.  
  578.  
  579. Trying Zone Transfers and getting Bind Versions:
  580. _________________________________________________
  581.  
  582.  
  583. Trying Zone Transfer for sandra-model.net on toby.ns.cloudflare.com ...
  584.  
  585. Trying Zone Transfer for sandra-model.net on aida.ns.cloudflare.com ...
  586.  
  587. brute force file not specified, bay.
  588. ######################################################################################################################################    
  589. [-] Enumerating subdomains now for sandra-model.net
  590. [-] verbosity is enabled, will show the subdomains results in realtime
  591. [-] Searching now in Baidu..
  592. [-] Searching now in Yahoo..
  593. [-] Searching now in Google..
  594. [-] Searching now in Bing..
  595. [-] Searching now in Ask..
  596. [-] Searching now in Netcraft..
  597. [-] Searching now in DNSdumpster..
  598. [-] Searching now in Virustotal..
  599. [-] Searching now in ThreatCrowd..
  600. [-] Searching now in SSL Certificates..
  601. [-] Searching now in PassiveDNS..
  602. SSL Certificates: cpanel.sandra-model.net
  603. SSL Certificates: mail.sandra-model.net
  604. SSL Certificates: webdisk.sandra-model.net
  605. SSL Certificates: webmail.sandra-model.net
  606. SSL Certificates: www.sandra-model.net
  607. Virustotal: cpanel.sandra-model.net
  608. Virustotal: ww1.sandra-model.net
  609. [-] Saving results to file: /usr/share/sniper/loot/sandra-model.net/domains/domains-sandra-model.net.txt
  610. [-] Total Unique Subdomains Found: 6
  611. www.sandra-model.net
  612. cpanel.sandra-model.net
  613. mail.sandra-model.net
  614. webdisk.sandra-model.net
  615. webmail.sandra-model.net
  616. ww1.sandra-model.net
  617. #######################################################################################################################################
  618. cpanel.sandra-model.net
  619. mail.sandra-model.net
  620. *.sandra-model.net
  621. webdisk.sandra-model.net
  622. webmail.sandra-model.net
  623. www.sandra-model.net
  624. #######################################################################################################################################
  625.                            __
  626.   ____ _____ ___  ______ _/ /_____  ____  ___
  627.  / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  628. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / /  __/
  629. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  630.         /_/  discover v0.5.0 - by @michenriksen
  631.  
  632. Identifying nameservers for sandra-model.net... Done
  633. Using nameservers:
  634.  
  635.  - 173.245.58.58
  636.  - 173.245.59.239
  637.  
  638. Checking for wildcard DNS... Done
  639.  
  640. Running collector: DNSDB... Done (2 hosts)
  641. Running collector: Netcraft... Done (0 hosts)
  642. Running collector: Wayback Machine... Done (5 hosts)
  643. Running collector: Dictionary... Done (26 hosts)
  644. Running collector: Shodan... Skipped
  645.  -> Key 'shodan' has not been set
  646. Running collector: VirusTotal... Skipped
  647.  -> Key 'virustotal' has not been set
  648. Running collector: PublicWWW... Done (0 hosts)
  649. Running collector: Censys... Skipped
  650.  -> Key 'censys_secret' has not been set
  651. Running collector: Threat Crowd... Done (0 hosts)
  652. Running collector: Certificate Search... Done (6 hosts)
  653. Running collector: PTRArchive... Error
  654.  -> PTRArchive returned unexpected response code: 502
  655. Running collector: Riddler... Skipped
  656.  -> Key 'riddler_username' has not been set
  657. Running collector: PassiveTotal... Skipped
  658.  -> Key 'passivetotal_key' has not been set
  659. Running collector: Google Transparency Report... Done (0 hosts)
  660. Running collector: HackerTarget... Done (1 host)
  661.  
  662. Resolving 37 unique hosts...
  663. 104.28.20.97    .sandra-model.net
  664. 173.254.239.2   cpanel.sandra-model.net
  665. 173.254.239.2   mail.sandra-model.net
  666. 104.28.21.97    sandra-model.net
  667. 173.254.239.2   webdisk.sandra-model.net
  668. 173.254.239.2   webmail.sandra-model.net
  669. 104.28.20.97    www.sandra-model.net
  670.  
  671. Found subnets:
  672.  
  673.  - 173.254.239.0-255 : 4 hosts
  674.  - 104.28.20.0-255   : 2 hosts
  675.  
  676. Wrote 7 hosts to:
  677.  
  678.  - file:///root/aquatone/sandra-model.net/hosts.txt
  679.  - file:///root/aquatone/sandra-model.net/hosts.json
  680.                            __
  681.   ____ _____ ___  ______ _/ /_____  ____  ___
  682.  / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  683. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / /  __/
  684. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  685.         /_/  takeover v0.5.0 - by @michenriksen
  686.  
  687. Loaded 7 hosts from /root/aquatone/sandra-model.net/hosts.json
  688. Loaded 25 domain takeover detectors
  689.  
  690. Identifying nameservers for sandra-model.net... Done
  691. Using nameservers:
  692.  
  693.  - 173.245.59.239
  694.  - 173.245.58.58
  695.  
  696. Checking hosts for domain takeover vulnerabilities...
  697.  
  698. Finished checking hosts:
  699.  
  700.  - Vulnerable     : 0
  701.  - Not Vulnerable : 7
  702.  
  703. Wrote 0 potential subdomain takeovers to:
  704.  
  705.  - file:///root/aquatone/sandra-model.net/takeovers.json
  706.  
  707.                            __
  708.   ____ _____ ___  ______ _/ /_____  ____  ___
  709.  / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  710. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / /  __/
  711. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  712.         /_/  scan v0.5.0 - by @michenriksen
  713.  
  714. Loaded 7 hosts from /root/aquatone/sandra-model.net/hosts.json
  715.  
  716. Probing 6 ports...
  717. 80/tcp    104.28.21.97    sandra-model.net
  718. 443/tcp   104.28.21.97    sandra-model.net
  719. 80/tcp    104.28.20.97    .sandra-model.net, www.sandra-model.net
  720. 443/tcp   104.28.20.97    .sandra-model.net, www.sandra-model.net
  721.  
  722. Wrote open ports to file:///root/aquatone/sandra-model.net/open_ports.txt
  723. Wrote URLs to file:///root/aquatone/sandra-model.net/urls.txt
  724.                            __
  725.   ____ _____ ___  ______ _/ /_____  ____  ___
  726.  / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  727. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / /  __/
  728. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  729.         /_/  gather v0.5.0 - by @michenriksen
  730.  
  731. Processing 6 pages...
  732. #######################################################################################################################################
  733. ---------------------------------------------------------------------------------------------------------------------------------------
  734.  
  735. Total hosts: 10
  736.  
  737. [-] Resolving hostnames IPs...
  738.  
  739. .sandra-model.net : empty
  740. cpanel.sandra-model.net : 173.254.239.2
  741. mail.sandra-model.net : 173.254.239.2
  742. webdisk.sandra-model.net : 173.254.239.2
  743. webmail.sandra-model.net : 173.254.239.2
  744. ww1.sandra-model.net : empty
  745. www.sandra-model.net : 104.28.20.97
  746.  
  747. [+] Virtual hosts:
  748. ------------------
  749. .sandra-model.net   net
  750. .sandra-model.net   www.machoviril.com.br
  751. webdisk.sandra-model.net    net
  752. webdisk.sandra-model.net    www.machoviril.com.br
  753. #######################################################################################################################################
  754. PING sandra-model.net(2400:cb00:2048:1::681c:1561 (2400:cb00:2048:1::681c:1561)) 56 data bytes
  755. 64 bytes from 2400:cb00:2048:1::681c:1561 (2400:cb00:2048:1::681c:1561): icmp_seq=1 ttl=57 time=27.7 ms
  756.  
  757. --- sandra-model.net ping statistics ---
  758. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  759. rtt min/avg/max/mdev = 27.703/27.703/27.703/0.000 ms
  760. #######################################################################################################################################
  761. Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 13:26 EDT
  762. Warning: 104.28.20.97 giving up on port because retransmission cap hit (2).
  763. Nmap scan report for sandra-model.net (104.28.20.97)
  764. Host is up (1.0s latency).
  765. Other addresses for sandra-model.net (not scanned): 2400:cb00:2048:1::681c:1461 2400:cb00:2048:1::681c:1561 104.28.21.97
  766. Not shown: 447 closed ports, 24 filtered ports
  767. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  768. PORT     STATE SERVICE
  769. 80/tcp   open  http
  770. 443/tcp  open  https
  771. 8080/tcp open  http-proxy
  772. 8443/tcp open  https-alt
  773. 8880/tcp open  cddbp-alt
  774.  
  775. Nmap done: 1 IP address (1 host up) scanned in 10.95 seconds
  776. #######################################################################################################################################
  777. Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 13:26 EDT
  778. Nmap scan report for sandra-model.net (104.28.21.97)
  779. Host is up.
  780. Other addresses for sandra-model.net (not scanned): 2400:cb00:2048:1::681c:1561 2400:cb00:2048:1::681c:1461 104.28.20.97
  781.  
  782. PORT     STATE         SERVICE
  783. 53/udp   open|filtered domain
  784. 67/udp   open|filtered dhcps
  785. 68/udp   open|filtered dhcpc
  786. 69/udp   open|filtered tftp
  787. 88/udp   open|filtered kerberos-sec
  788. 123/udp  open|filtered ntp
  789. 137/udp  open|filtered netbios-ns
  790. 138/udp  open|filtered netbios-dgm
  791. 139/udp  open|filtered netbios-ssn
  792. 161/udp  open|filtered snmp
  793. 162/udp  open|filtered snmptrap
  794. 389/udp  open|filtered ldap
  795. 520/udp  open|filtered route
  796. 2049/udp open|filtered nfs
  797.  
  798. Nmap done: 1 IP address (1 host up) scanned in 3.79 seconds
  799. #######################################################################################################################################
  800.  
  801.  
  802. + -- --=[Checking if X-Content options are enabled on sandra-model.net...
  803.  
  804. + -- --=[Checking if X-Frame options are enabled on sandra-model.net...
  805.  
  806. + -- --=[Checking if X-XSS-Protection header is enabled on sandra-model.net...
  807.  
  808. + -- --=[Checking HTTP methods on sandra-model.net...
  809.  
  810. + -- --=[Checking if TRACE method is enabled on sandra-model.net...
  811.  
  812. + -- --=[Checking for META tags on sandra-model.net...
  813. <META content="text/html; charset=windows-1251" http-equiv=Content-Type><LINK
  814. <META name=GENERATOR content="MSHTML 8.00.7600.21198"></HEAD>
  815.  
  816. + -- --=[Checking for open proxy on sandra-model.net...
  817.   </div><!-- /#cf-wrapper -->
  818.  
  819.   <script type="text/javascript">
  820.   window._cf_translation = {};
  821.  
  822.  
  823. </script>
  824.  
  825. </body>
  826. </html>
  827.  
  828. + -- --=[Enumerating software on sandra-model.net...
  829. Set-Cookie: __cfduid=dbd969a8ad7909a5cf7addb4719362aaf1527096397; expires=Thu, 23-May-19 17:26:37 GMT; path=/; domain=.sandra-model.net; HttpOnly
  830. Server: cloudflare
  831.  
  832. + -- --=[Checking if Strict-Transport-Security is enabled on sandra-model.net...
  833.  
  834. + -- --=[Checking for Flash cross-domain policy on sandra-model.net...
  835. <head><title> 404 Not Found
  836. </title></head>
  837. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  838. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  839.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  840. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  841. </h2>
  842. <p>The resource requested could not be found on this server!</p>
  843. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  844. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  845.  
  846. + -- --=[Checking for Silverlight cross-domain policy on sandra-model.net...
  847. <head><title> 404 Not Found
  848. </title></head>
  849. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  850. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  851.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  852. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  853. </h2>
  854. <p>The resource requested could not be found on this server!</p>
  855. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  856. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  857.  
  858. + -- --=[Checking for HTML5 cross-origin resource sharing on sandra-model.net...
  859.  
  860. + -- --=[Retrieving robots.txt on sandra-model.net...
  861. <head><title> 404 Not Found
  862. </title></head>
  863. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  864. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  865.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  866. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  867. </h2>
  868. <p>The resource requested could not be found on this server!</p>
  869. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  870. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  871.  
  872. + -- --=[Retrieving sitemap.xml on sandra-model.net...
  873. <head><title> 404 Not Found
  874. </title></head>
  875. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  876. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  877.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  878. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  879. </h2>
  880. <p>The resource requested could not be found on this server!</p>
  881. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  882. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  883.  
  884. + -- --=[Checking cookie attributes on sandra-model.net...
  885. Set-Cookie: __cfduid=da2b59da5ef0a0cb3147d761e6919bdf81527096432; expires=Thu, 23-May-19 17:27:12 GMT; path=/; domain=.sandra-model.net; HttpOnly
  886.  
  887. + -- --=[Checking for ASP.NET Detailed Errors on sandra-model.net...
  888. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  889. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  890. #######################################################################################################################################
  891. ---------------------------------------------------------------------------------------------------------------------------------------
  892.  
  893. [ ! ] Starting SCANNER INURLBR 2.1 at [23-05-2018 13:28:19]
  894. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
  895. It is the end user's responsibility to obey all applicable local, state and federal laws.
  896. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  897.  
  898. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-sandra-model.net.txt  ]
  899. [ INFO ][ DORK ]::[ site:sandra-model.net ]
  900. [ INFO ][ SEARCHING ]:: {
  901. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.ee ]
  902.  
  903. [ INFO ][ SEARCHING ]::
  904. -[:::]
  905. [ INFO ][ ENGINE ]::[ GOOGLE API ]
  906.  
  907. [ INFO ][ SEARCHING ]::
  908. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  909. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.bo ID: 012873187529719969291:yexdhbzntue ]
  910.  
  911. [ INFO ][ SEARCHING ]::
  912. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  913.  
  914. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
  915. [ INFO ] Not a satisfactory result was found!
  916.  
  917.  
  918. [ INFO ] [ Shutting down ]
  919. [ INFO ] [ End of process INURLBR at [23-05-2018 13:28:38]
  920. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
  921. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-sandra-model.net.txt  ]
  922. |_________________________________________________________________________________________
  923.  
  924. \_________________________________________________________________________________________/
  925. #######################################################################################################################################
  926. https://sandra-model.net [403 Forbidden] CloudFlare, Cookies[__cfduid], Country[UNITED STATES][US], HTML5, HTTPServer[cloudflare], HttpOnly[__cfduid], IP[104.28.20.97], Title[403 Forbidden][Title element contains newline(s)!], UncommonHeaders[alt-svc,x-turbo-charged-by,expect-ct,cf-ray]
  927.  
  928. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  929. + -- --=[Target: sandra-model.net:443
  930. + -- --=[Site not vulnerable to Cross-Site Tracing!
  931. + -- --=[Site not vulnerable to Host Header Injection!
  932. + -- --=[Site vulnerable to Cross-Frame Scripting!
  933. + -- --=[Site vulnerable to Clickjacking!
  934.  
  935. HTTP/1.1 405 Not Allowed
  936. Server: cloudflare
  937. Date: Wed, 23 May 2018 17:28:48 GMT
  938. Content-Type: text/html
  939. Content-Length: 171
  940. Connection: close
  941. CF-RAY: -
  942.  
  943. <html>
  944. <head><title>405 Not Allowed</title></head>
  945. <body bgcolor="white">
  946. <center><h1>405 Not Allowed</h1></center>
  947. <hr><center>cloudflare</center>
  948. </body>
  949. </html>
  950.  
  951. HTTP/1.1 400 Bad Request
  952. Server: cloudflare
  953. Date: Wed, 23 May 2018 17:28:53 GMT
  954. Content-Type: text/html
  955. Content-Length: 269
  956. Connection: close
  957. CF-RAY: -
  958.  
  959. <html>
  960. <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
  961. <body bgcolor="white">
  962. <center><h1>400 Bad Request</h1></center>
  963. <center>The plain HTTP request was sent to HTTPS port</center>
  964. <hr><center>cloudflare</center>
  965. </body>
  966. </html>
  967. #######################################################################################################################################
  968. + -- --=[Checking if X-Content options are enabled on sandra-model.net...
  969.  
  970. + -- --=[Checking if X-Frame options are enabled on sandra-model.net...
  971.  
  972. + -- --=[Checking if X-XSS-Protection header is enabled on sandra-model.net...
  973.  
  974. + -- --=[Checking HTTP methods on sandra-model.net...
  975.  
  976. + -- --=[Checking if TRACE method is enabled on sandra-model.net...
  977.  
  978. + -- --=[Checking for META tags on sandra-model.net...
  979. <META content="text/html; charset=windows-1251" http-equiv=Content-Type><LINK
  980. <META name=GENERATOR content="MSHTML 8.00.7600.21198"></HEAD>
  981.  
  982. + -- --=[Checking for open proxy on sandra-model.net...
  983.  
  984. + -- --=[Enumerating software on sandra-model.net...
  985. set-cookie: __cfduid=d3ddb99709b6fc9c9da25b0d92dbe64091527096546; expires=Thu, 23-May-19 17:29:06 GMT; path=/; domain=.sandra-model.net; HttpOnly
  986. server: cloudflare
  987.  
  988. + -- --=[Checking if Strict-Transport-Security is enabled on sandra-model.net...
  989.  
  990. + -- --=[Checking for Flash cross-domain policy on sandra-model.net...
  991. <head><title> 404 Not Found
  992. </title></head>
  993. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  994. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  995.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  996. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  997. </h2>
  998. <p>The resource requested could not be found on this server!</p>
  999. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  1000. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1001.  
  1002. + -- --=[Checking for Silverlight cross-domain policy on sandra-model.net...
  1003. <head><title> 404 Not Found
  1004. </title></head>
  1005. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  1006. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  1007.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  1008. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  1009. </h2>
  1010. <p>The resource requested could not be found on this server!</p>
  1011. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  1012. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1013.  
  1014. + -- --=[Checking for HTML5 cross-origin resource sharing on sandra-model.net...
  1015.  
  1016. + -- --=[Retrieving robots.txt on sandra-model.net...
  1017. <head><title> 404 Not Found
  1018. </title></head>
  1019. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  1020. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  1021.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  1022. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  1023. </h2>
  1024. <p>The resource requested could not be found on this server!</p>
  1025. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  1026. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1027.  
  1028. + -- --=[Retrieving sitemap.xml on sandra-model.net...
  1029. <head><title> 404 Not Found
  1030. </title></head>
  1031. <body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
  1032. <div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
  1033.         <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>
  1034. <h2 style="margin-top:20px;font-size: 30px;">Not Found
  1035. </h2>
  1036. <p>The resource requested could not be found on this server!</p>
  1037. </div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;">
  1038. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1039.  
  1040. + -- --=[Checking cookie attributes on sandra-model.net...
  1041. set-cookie: __cfduid=dcf9c38141e2b29722dc60e584b7b441f1527096555; expires=Thu, 23-May-19 17:29:15 GMT; path=/; domain=.sandra-model.net; HttpOnly
  1042.  
  1043. + -- --=[Checking for ASP.NET Detailed Errors on sandra-model.net...
  1044. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1045. <br>Proudly powered by  <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">LiteSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
  1046. #######################################################################################################################################
  1047.  AVAILABLE PLUGINS
  1048.  -----------------
  1049.  
  1050.   PluginSessionResumption
  1051.   PluginOpenSSLCipherSuites
  1052.   PluginCompression
  1053.   PluginChromeSha1Deprecation
  1054.   PluginHeartbleed
  1055.   PluginCertInfo
  1056.   PluginHSTS
  1057.   PluginSessionRenegotiation
  1058.  
  1059.  
  1060.  
  1061.  CHECKING HOST(S) AVAILABILITY
  1062.  -----------------------------
  1063.  
  1064.    sandra-model.net:443                => 2400:cb00:2048:1::681c:1461:443
  1065.  
  1066.  
  1067.  
  1068.  SCAN RESULTS FOR SANDRA-MODEL.NET:443 - 2400:CB00:2048:1::681C:1461:443
  1069.  -----------------------------------------------------------------------
  1070.  
  1071.   * Deflate Compression:
  1072.       OK - Compression disabled          
  1073.  
  1074.   * Session Renegotiation:
  1075.       Client-initiated Renegotiations:   OK - Rejected
  1076.       Secure Renegotiation:              OK - Supported
  1077.  
  1078.   * Certificate - Content:
  1079.       SHA1 Fingerprint:                  4b10bbb420a280cd110df90c6608db11f8aef73f
  1080.       Common Name:                       sni236478.cloudflaressl.com
  1081.       Issuer:                            COMODO ECC Domain Validation Secure Server CA 2
  1082.       Serial Number:                     2475432FCD44B3D8334204033DADC1FF
  1083.       Not Before:                        May 23 00:00:00 2018 GMT
  1084.       Not After:                         Nov 29 23:59:59 2018 GMT
  1085.       Signature Algorithm:               ecdsa-with-SHA256
  1086.       Public Key Algorithm:              id-ecPublicKey
  1087.       Key Size:                          256 bit
  1088.       X509v3 Subject Alternative Name:   {'DNS': ['sni236478.cloudflaressl.com', '*.alaela.online', '*.armorax.com', '*.bdembassyuae.org', '*.bizlibd.com', '*.booggage.altervista.org', '*.cloudhooks.io', '*.ctxjlwhmoon.ga', '*.damesaanmelding.date', '*.dateawiccan.com', '*.dusterbd.com', '*.formbdinterior.com', '*.gbb.com.bd', '*.givagoes.com.br', '*.gramearizar.tk', '*.guiapdf.tk', '*.helwi-marketing.com', '*.hfl.com.bd', '*.hydbumpricjeo.ga', '*.i2gether.com', '*.karinegoes.com.br', '*.mdfarhadrahman.com', '*.midasfinancing.com', '*.mirndas.tk', '*.mrworldtv.com', '*.nesithawest.gq', '*.parkviewbd.com', '*.pbil.com.bd', '*.pranrflgroup.com', '*.sandra-model.net', '*.speedtrack.com.bd', '*.tostaky.co', '*.tquyucbmoon.ga', '*.ucl.com.bd', '*.ungiospotec.ga', '*.wehrwe.com', 'alaela.online', 'armorax.com', 'bdembassyuae.org', 'bizlibd.com', 'booggage.altervista.org', 'cloudhooks.io', 'ctxjlwhmoon.ga', 'damesaanmelding.date', 'dateawiccan.com', 'dusterbd.com', 'formbdinterior.com', 'gbb.com.bd', 'givagoes.com.br', 'gramearizar.tk', 'guiapdf.tk', 'helwi-marketing.com', 'hfl.com.bd', 'hydbumpricjeo.ga', 'i2gether.com', 'karinegoes.com.br', 'mdfarhadrahman.com', 'midasfinancing.com', 'mirndas.tk', 'mrworldtv.com', 'nesithawest.gq', 'parkviewbd.com', 'pbil.com.bd', 'pranrflgroup.com', 'sandra-model.net', 'speedtrack.com.bd', 'tostaky.co', 'tquyucbmoon.ga', 'ucl.com.bd', 'ungiospotec.ga', 'wehrwe.com']}
  1089.  
  1090.   * Certificate - Trust:
  1091.       Hostname Validation:               OK - Subject Alternative Name matches
  1092.       Google CA Store (09/2015):         OK - Certificate is trusted
  1093.       Java 6 CA Store (Update 65):       OK - Certificate is trusted
  1094.       Microsoft CA Store (09/2015):      OK - Certificate is trusted
  1095.       Apple CA Store (OS X 10.10.5):     OK - Certificate is trusted
  1096.       Mozilla NSS CA Store (09/2015):    OK - Certificate is trusted
  1097.       Certificate Chain Received:        ['sni236478.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
  1098.  
  1099.   * Certificate - OCSP Stapling:
  1100.       OCSP Response Status:              successful
  1101.       Validation w/ Mozilla's CA Store:  OK - Response is trusted
  1102.       Responder Id:                      40096167F0BC83714FDE12082C6FD4D42B763D96
  1103.       Cert Status:                       good
  1104.       Cert Serial Number:                2475432FCD44B3D8334204033DADC1FF
  1105.       This Update:                       May 23 13:00:15 2018 GMT
  1106.       Next Update:                       May 30 13:00:15 2018 GMT
  1107.  
  1108.   * Session Resumption:
  1109.       With Session IDs:                  OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  1110.       With TLS Session Tickets:          OK - Supported
  1111.  
  1112.   * SSLV2 Cipher Suites:
  1113.       Server rejected all cipher suites.
  1114.  
  1115.   * SSLV3 Cipher Suites:
  1116.       Server rejected all cipher suites.
  1117.  
  1118.  
  1119.  
  1120.  SCAN COMPLETED IN 1.62 S
  1121.  ------------------------
  1122. Version: 1.11.11-static
  1123. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1124.  
  1125. Connected to 2400:cb00:2048:1::681c:1561
  1126.  
  1127. Testing SSL server sandra-model.net on port 443 using SNI name sandra-model.net
  1128.  
  1129.   TLS Fallback SCSV:
  1130. Server supports TLS Fallback SCSV
  1131.  
  1132.   TLS renegotiation:
  1133. Secure session renegotiation supported
  1134.  
  1135.   TLS Compression:
  1136. Compression disabled
  1137.  
  1138.   Heartbleed:
  1139. TLS 1.2 not vulnerable to heartbleed
  1140. TLS 1.1 not vulnerable to heartbleed
  1141. TLS 1.0 not vulnerable to heartbleed
  1142.  
  1143.   Supported Server Cipher(s):
  1144. Preferred TLSv1.2  256 bits  ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
  1145. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  1146. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1147. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-SHA256     Curve P-256 DHE 256
  1148. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  1149. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1150. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-SHA384     Curve P-256 DHE 256
  1151. Preferred TLSv1.1  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1152. Accepted  TLSv1.1  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1153. Preferred TLSv1.0  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1154. Accepted  TLSv1.0  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1155.  
  1156.   SSL Certificate:
  1157. Signature Algorithm: ecdsa-with-SHA256
  1158. Subject:  sni236478.cloudflaressl.com
  1159. Altnames: DNS:sni236478.cloudflaressl.com, DNS:*.alaela.online, DNS:*.armorax.com, DNS:*.bdembassyuae.org, DNS:*.bizlibd.com, DNS:*.booggage.altervista.org, DNS:*.cloudhooks.io, DNS:*.ctxjlwhmoon.ga, DNS:*.damesaanmelding.date, DNS:*.dateawiccan.com, DNS:*.dusterbd.com, DNS:*.formbdinterior.com, DNS:*.gbb.com.bd, DNS:*.givagoes.com.br, DNS:*.gramearizar.tk, DNS:*.guiapdf.tk, DNS:*.helwi-marketing.com, DNS:*.hfl.com.bd, DNS:*.hydbumpricjeo.ga, DNS:*.i2gether.com, DNS:*.karinegoes.com.br, DNS:*.mdfarhadrahman.com, DNS:*.midasfinancing.com, DNS:*.mirndas.tk, DNS:*.mrworldtv.com, DNS:*.nesithawest.gq, DNS:*.parkviewbd.com, DNS:*.pbil.com.bd, DNS:*.pranrflgroup.com, DNS:*.sandra-model.net, DNS:*.speedtrack.com.bd, DNS:*.tostaky.co, DNS:*.tquyucbmoon.ga, DNS:*.ucl.com.bd, DNS:*.ungiospotec.ga, DNS:*.wehrwe.com, DNS:alaela.online, DNS:armorax.com, DNS:bdembassyuae.org, DNS:bizlibd.com, DNS:booggage.altervista.org, DNS:cloudhooks.io, DNS:ctxjlwhmoon.ga, DNS:damesaanmelding.date, DNS:dateawiccan.com, DNS:dusterbd.com, DNS:formbdinterior.com, DNS:gbb.com.bd, DNS:givagoes.com.br, DNS:gramearizar.tk, DNS:guiapdf.tk, DNS:helwi-marketing.com, DNS:hfl.com.bd, DNS:hydbumpricjeo.ga, DNS:i2gether.com, DNS:karinegoes.com.br, DNS:mdfarhadrahman.com, DNS:midasfinancing.com, DNS:mirndas.tk, DNS:mrworldtv.com, DNS:nesithawest.gq, DNS:parkviewbd.com, DNS:pbil.com.bd, DNS:pranrflgroup.com, DNS:sandra-model.net, DNS:speedtrack.com.bd, DNS:tostaky.co, DNS:tquyucbmoon.ga, DNS:ucl.com.bd, DNS:ungiospotec.ga, DNS:wehrwe.com
  1160. Issuer:   COMODO ECC Domain Validation Secure Server CA 2
  1161.  
  1162. Not valid before: May 23 00:00:00 2018 GMT
  1163. Not valid after:  Nov 29 23:59:59 2018 GMT
  1164. #######################################################################################################################################
  1165. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  1166. + -- --=[Target: sandra-model.net:8080
  1167. + -- --=[Site not vulnerable to Cross-Site Tracing!
  1168. Version: 1.11.11-static
  1169. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1170.  
  1171. Connected to 2400:cb00:2048:1::681c:1461
  1172.  
  1173. Testing SSL server sandra-model.net on port 8080 using SNI name sandra-model.net
  1174.  
  1175.   TLS Fallback SCSV:
  1176. Server does not support TLS Fallback SCSV
  1177.  
  1178.   TLS renegotiation:
  1179. Session renegotiation not supported
  1180.  
  1181.   TLS Compression:
  1182. Compression disabled
  1183.  
  1184.   Heartbleed:
  1185. TLS 1.2 not vulnerable to heartbleed
  1186. TLS 1.1 not vulnerable to heartbleed
  1187. TLS 1.0 not vulnerable to heartbleed
  1188.  
  1189.   Supported Server Cipher(s):
  1190. Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 13:31 EDT
  1191. Nmap scan report for sandra-model.net (104.28.20.97)
  1192. Host is up (0.45s latency).
  1193. Other addresses for sandra-model.net (not scanned): 2400:cb00:2048:1::681c:1461 2400:cb00:2048:1::681c:1561 104.28.21.97
  1194.  
  1195. PORT     STATE SERVICE VERSION
  1196. 8080/tcp open  http    Cloudflare nginx
  1197. |_http-server-header: cloudflare-nginx
  1198. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1199. Aggressive OS guesses: D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (98%), Linksys BEFSR41 EtherFast router (96%), Linux 2.6.18 - 2.6.22 (95%), AVtech Room Alert 26W environmental monitor (92%), Blue Coat PacketShaper appliance (91%), Polycom MGC-25 videoconferencing system (pSOS 1.0.4) (91%), Wyse ThinOS 5.2 (91%), OneAccess 1641 router (91%)
  1200. No exact OS matches for host (test conditions non-ideal).
  1201. Network Distance: 1 hop
  1202.  
  1203. TRACEROUTE (using port 8080/tcp)
  1204. HOP RTT       ADDRESS
  1205. 1   576.46 ms 104.28.20.97
  1206.  
  1207. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1208. Nmap done: 1 IP address (1 host up) scanned in 44.12 seconds
  1209.  
  1210.   Metasploit Park, System Security Interface
  1211.   Version 4.0.5, Alpha E
  1212.   Ready...
  1213.   > access security
  1214.   access: PERMISSION DENIED.
  1215.   > access security grid
  1216.   access: PERMISSION DENIED.
  1217.   > access main security grid
  1218.   access: PERMISSION DENIED....and...
  1219.   YOU DIDN'T SAY THE MAGIC WORD!
  1220.   YOU DIDN'T SAY THE MAGIC WORD!
  1221.   YOU DIDN'T SAY THE MAGIC WORD!
  1222.   YOU DIDN'T SAY THE MAGIC WORD!
  1223.   YOU DIDN'T SAY THE MAGIC WORD!
  1224.   YOU DIDN'T SAY THE MAGIC WORD!
  1225.   YOU DIDN'T SAY THE MAGIC WORD!
  1226.  
  1227.  
  1228.        =[ metasploit v4.16.57-dev                         ]
  1229. + -- --=[ 1767 exploits - 1007 auxiliary - 307 post       ]
  1230. + -- --=[ 537 payloads - 41 encoders - 10 nops            ]
  1231. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
  1232.  
  1233. RHOST => sandra-model.net
  1234. [-] WAR file not found
  1235. [*] Auxiliary module execution completed
  1236. RHOSTS => sandra-model.net
  1237. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
  1238. RHOST => sandra-model.net
  1239. RPORT => 8080
  1240. [*] Scanned 1 of 4 hosts (25% complete)
  1241. [*] Scanned 2 of 4 hosts (50% complete)
  1242. [*] Scanned 3 of 4 hosts (75% complete)
  1243. [*] Scanned 4 of 4 hosts (100% complete)
  1244. [*] Auxiliary module execution completed
  1245. [*] Attempting to connect to 2400:cb00:2048:1::681c:1561:8080
  1246. [+] No File(s) found
  1247. [*] Scanned 1 of 4 hosts (25% complete)
  1248. [*] Attempting to connect to 2400:cb00:2048:1::681c:1461:8080
  1249. [+] No File(s) found
  1250. [*] Scanned 2 of 4 hosts (50% complete)
  1251. [*] Attempting to connect to 104.28.21.97:8080
  1252. [+] No File(s) found
  1253. [*] Scanned 3 of 4 hosts (75% complete)
  1254. [*] Attempting to connect to 104.28.20.97:8080
  1255. [+] No File(s) found
  1256. [*] Scanned 4 of 4 hosts (100% complete)
  1257. [*] Auxiliary module execution completed
  1258. [*] http://[2400:cb00:2048:1::681c:1461]:8080/admin/j_security_check - Checking j_security_check...
  1259. [*] http://[2400:cb00:2048:1::681c:1461]:8080/admin/j_security_check - Server returned: 403
  1260. [-] http://[2400:cb00:2048:1::681c:1461]:8080/admin/j_security_check - Unable to enumerate users with this URI
  1261. [*] Scanned 1 of 4 hosts (25% complete)
  1262. [*] http://[2400:cb00:2048:1::681c:1561]:8080/admin/j_security_check - Checking j_security_check...
  1263. [*] http://[2400:cb00:2048:1::681c:1561]:8080/admin/j_security_check - Server returned: 403
  1264. [-] http://[2400:cb00:2048:1::681c:1561]:8080/admin/j_security_check - Unable to enumerate users with this URI
  1265. [*] Scanned 2 of 4 hosts (50% complete)
  1266. [*] http://104.28.21.97:8080/admin/j_security_check - Checking j_security_check...
  1267. [*] http://104.28.21.97:8080/admin/j_security_check - Server returned: 403
  1268. [-] http://104.28.21.97:8080/admin/j_security_check - Unable to enumerate users with this URI
  1269. [*] Scanned 3 of 4 hosts (75% complete)
  1270. [*] http://104.28.20.97:8080/admin/j_security_check - Checking j_security_check...
  1271. [*] http://104.28.20.97:8080/admin/j_security_check - Server returned: 403
  1272. [-] http://104.28.20.97:8080/admin/j_security_check - Unable to enumerate users with this URI
  1273. [*] Scanned 4 of 4 hosts (100% complete)
  1274. [*] Auxiliary module execution completed
  1275. [-] http://2400:cb00:2048:1::681c:1461:8080 - Authorization not requested
  1276. [*] Scanned 1 of 4 hosts (25% complete)
  1277. [-] http://2400:cb00:2048:1::681c:1561:8080 - Authorization not requested
  1278. [*] Scanned 2 of 4 hosts (50% complete)
  1279. [-] http://104.28.21.97:8080 - Authorization not requested
  1280. [*] Scanned 3 of 4 hosts (75% complete)
  1281. [-] http://104.28.20.97:8080 - Authorization not requested
  1282. [*] Scanned 4 of 4 hosts (100% complete)
  1283. [*] Auxiliary module execution completed
  1284. [-] Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  1285. [*] Exploit completed, but no session was created.
  1286. USERNAME => tomcat
  1287. PASSWORD => tomcat
  1288. [-] Exploit aborted due to failure: not-found: The target server fingerprint "cloudflare-nginx ( 403-Forbidden )" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
  1289. [*] Exploit completed, but no session was created.
  1290. #######################################################################################################################################
  1291.  * --- JexBoss: Jboss verify and EXploitation Tool  --- *
  1292.  |  * And others Java Deserialization Vulnerabilities * |
  1293.  |                                                      |
  1294.  | @author:  João Filho Matos Figueiredo                |
  1295.  | @contact: joaomatosf@gmail.com                       |
  1296.  |                                                      |
  1297.  | @update: https://github.com/joaomatosf/jexboss       |
  1298.  #______________________________________________________#
  1299.  
  1300.  @version: 1.2.4
  1301.  
  1302.  * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
  1303.  
  1304.  
  1305.  ** Checking Host: http://sandra-model.net:8080 **
  1306.  
  1307.  [*] Checking admin-console:                
  1308.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: /admin-console/ (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1309.  
  1310.  [*] Checking Struts2:                      
  1311.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1312.  
  1313.  [*] Checking Servlet Deserialization:      
  1314.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1315.  
  1316.  [*] Checking Application Deserialization:  
  1317.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1318.  
  1319.  [*] Checking Jenkins:                      
  1320.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1321.  
  1322.  [*] Checking web-console:                  
  1323.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: /web-console/Invoker (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1324.  
  1325.  [*] Checking jmx-console:                  
  1326.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: /jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1327.  
  1328.  [*] Checking JMXInvokerServlet:            
  1329.  * An error occurred while connecting to the host http://sandra-model.net:8080 (HTTPConnectionPool(host='sandra-model.net', port=8080): Max retries exceeded with url: /invoker/JMXInvokerServlet (Caused by ReadTimeoutError("HTTPConnectionPool(host='sandra-model.net', port=8080): Read timed out. (read timeout=6.0)",)))
  1330.  
  1331.  
  1332.  
  1333.  * Results:
  1334.    The server is not vulnerable to bugs tested ... :D
  1335.  
  1336.  * Info: review, suggestions, updates, etc:
  1337.    https://github.com/joaomatosf/jexboss
  1338.  
  1339.  * DONATE: Please consider making a donation to help improve this tool,
  1340.  * Bitcoin Address:  14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
  1341.  
  1342.  + -- --=[Port 8180 closed... skipping.
  1343.  + -- --=[Port 8443 opened... running tests...
  1344.  
  1345.                                  ^     ^
  1346.         _   __  _   ____ _   __  _    _   ____
  1347.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  1348.       | V V // o // _/ | V V // 0 // 0 // _/
  1349.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
  1350.                                 <
  1351.                                  ...'
  1352.  
  1353.     WAFW00F - Web Application Firewall Detection Tool
  1354.  
  1355.     By Sandro Gauci && Wendel G. Henrique
  1356.  
  1357. Checking http://sandra-model.net:8443
  1358. Generic Detection results:
  1359. No WAF detected by the generic detection
  1360. Number of requests: 13
  1361.  
  1362.  
  1363.  
  1364.     __  ______ _____
  1365.     \ \/ / ___|_   _|
  1366.      \  /\___ \ | |  
  1367.      /  \ ___) || |  
  1368.     /_/\_|____/ |_|  
  1369.  
  1370. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  1371. + -- --=[Target: sandra-model.net:8443
  1372. Version: 1.11.11-static
  1373. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1374.  
  1375. Connected to 2400:cb00:2048:1::681c:1461
  1376.  
  1377. Testing SSL server sandra-model.net on port 8443 using SNI name sandra-model.net
  1378.  
  1379.   TLS Fallback SCSV:
  1380. Server supports TLS Fallback SCSV
  1381.  
  1382.   TLS renegotiation:
  1383. Secure session renegotiation supported
  1384.  
  1385.   TLS Compression:
  1386. Compression disabled
  1387.  
  1388.   Heartbleed:
  1389. TLS 1.2 not vulnerable to heartbleed
  1390. TLS 1.1 not vulnerable to heartbleed
  1391. TLS 1.0 not vulnerable to heartbleed
  1392.  
  1393.   Supported Server Cipher(s):
  1394. Preferred TLSv1.2  256 bits  ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
  1395. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  1396. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1397. Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-SHA256     Curve P-256 DHE 256
  1398. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  1399. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1400. Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-SHA384     Curve P-256 DHE 256
  1401. Preferred TLSv1.1  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1402. Accepted  TLSv1.1  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1403. Preferred TLSv1.0  128 bits  ECDHE-ECDSA-AES128-SHA        Curve P-256 DHE 256
  1404. Accepted  TLSv1.0  256 bits  ECDHE-ECDSA-AES256-SHA        Curve P-256 DHE 256
  1405.  
  1406.   SSL Certificate:
  1407. Signature Algorithm: ecdsa-with-SHA256
  1408. Subject:  sni236478.cloudflaressl.com
  1409. Altnames: DNS:sni236478.cloudflaressl.com, DNS:*.alaela.online, DNS:*.armorax.com, DNS:*.bdembassyuae.org, DNS:*.bizlibd.com, DNS:*.booggage.altervista.org, DNS:*.cloudhooks.io, DNS:*.ctxjlwhmoon.ga, DNS:*.damesaanmelding.date, DNS:*.dateawiccan.com, DNS:*.dusterbd.com, DNS:*.formbdinterior.com, DNS:*.gbb.com.bd, DNS:*.givagoes.com.br, DNS:*.gramearizar.tk, DNS:*.guiapdf.tk, DNS:*.helwi-marketing.com, DNS:*.hfl.com.bd, DNS:*.hydbumpricjeo.ga, DNS:*.i2gether.com, DNS:*.karinegoes.com.br, DNS:*.mdfarhadrahman.com, DNS:*.midasfinancing.com, DNS:*.mirndas.tk, DNS:*.mrworldtv.com, DNS:*.nesithawest.gq, DNS:*.parkviewbd.com, DNS:*.pbil.com.bd, DNS:*.pranrflgroup.com, DNS:*.sandra-model.net, DNS:*.speedtrack.com.bd, DNS:*.tostaky.co, DNS:*.tquyucbmoon.ga, DNS:*.ucl.com.bd, DNS:*.ungiospotec.ga, DNS:*.wehrwe.com, DNS:alaela.online, DNS:armorax.com, DNS:bdembassyuae.org, DNS:bizlibd.com, DNS:booggage.altervista.org, DNS:cloudhooks.io, DNS:ctxjlwhmoon.ga, DNS:damesaanmelding.date, DNS:dateawiccan.com, DNS:dusterbd.com, DNS:formbdinterior.com, DNS:gbb.com.bd, DNS:givagoes.com.br, DNS:gramearizar.tk, DNS:guiapdf.tk, DNS:helwi-marketing.com, DNS:hfl.com.bd, DNS:hydbumpricjeo.ga, DNS:i2gether.com, DNS:karinegoes.com.br, DNS:mdfarhadrahman.com, DNS:midasfinancing.com, DNS:mirndas.tk, DNS:mrworldtv.com, DNS:nesithawest.gq, DNS:parkviewbd.com, DNS:pbil.com.bd, DNS:pranrflgroup.com, DNS:sandra-model.net, DNS:speedtrack.com.bd, DNS:tostaky.co, DNS:tquyucbmoon.ga, DNS:ucl.com.bd, DNS:ungiospotec.ga, DNS:wehrwe.com
  1410. Issuer:   COMODO ECC Domain Validation Secure Server CA 2
  1411.  
  1412. Not valid before: May 23 00:00:00 2018 GMT
  1413. Not valid after:  Nov 29 23:59:59 2018 GMT
  1414.  
  1415.  
  1416.  
  1417.  AVAILABLE PLUGINS
  1418.  -----------------
  1419.  
  1420.   PluginSessionRenegotiation
  1421.   PluginCertInfo
  1422.   PluginHeartbleed
  1423.   PluginChromeSha1Deprecation
  1424.   PluginHSTS
  1425.   PluginSessionResumption
  1426.   PluginOpenSSLCipherSuites
  1427.   PluginCompression
  1428.  
  1429.  
  1430.  
  1431.  CHECKING HOST(S) AVAILABILITY
  1432.  -----------------------------
  1433.  
  1434.    sandra-model.net:8443               => 2400:cb00:2048:1::681c:1561:8443
  1435.  
  1436.  
  1437.  
  1438.  SCAN RESULTS FOR SANDRA-MODEL.NET:8443 - 2400:CB00:2048:1::681C:1561:8443
  1439.  -------------------------------------------------------------------------
  1440.  
  1441.   * Deflate Compression:
  1442.       OK - Compression disabled          
  1443.  
  1444.   * Session Renegotiation:
  1445.       Client-initiated Renegotiations:   OK - Rejected
  1446.       Secure Renegotiation:              OK - Supported
  1447.  
  1448.   * Certificate - Content:
  1449.       SHA1 Fingerprint:                  4b10bbb420a280cd110df90c6608db11f8aef73f
  1450.       Common Name:                       sni236478.cloudflaressl.com
  1451.       Issuer:                            COMODO ECC Domain Validation Secure Server CA 2
  1452.       Serial Number:                     2475432FCD44B3D8334204033DADC1FF
  1453.       Not Before:                        May 23 00:00:00 2018 GMT
  1454.       Not After:                         Nov 29 23:59:59 2018 GMT
  1455.       Signature Algorithm:               ecdsa-with-SHA256
  1456.       Public Key Algorithm:              id-ecPublicKey
  1457.       Key Size:                          256 bit
  1458.       X509v3 Subject Alternative Name:   {'DNS': ['sni236478.cloudflaressl.com', '*.alaela.online', '*.armorax.com', '*.bdembassyuae.org', '*.bizlibd.com', '*.booggage.altervista.org', '*.cloudhooks.io', '*.ctxjlwhmoon.ga', '*.damesaanmelding.date', '*.dateawiccan.com', '*.dusterbd.com', '*.formbdinterior.com', '*.gbb.com.bd', '*.givagoes.com.br', '*.gramearizar.tk', '*.guiapdf.tk', '*.helwi-marketing.com', '*.hfl.com.bd', '*.hydbumpricjeo.ga', '*.i2gether.com', '*.karinegoes.com.br', '*.mdfarhadrahman.com', '*.midasfinancing.com', '*.mirndas.tk', '*.mrworldtv.com', '*.nesithawest.gq', '*.parkviewbd.com', '*.pbil.com.bd', '*.pranrflgroup.com', '*.sandra-model.net', '*.speedtrack.com.bd', '*.tostaky.co', '*.tquyucbmoon.ga', '*.ucl.com.bd', '*.ungiospotec.ga', '*.wehrwe.com', 'alaela.online', 'armorax.com', 'bdembassyuae.org', 'bizlibd.com', 'booggage.altervista.org', 'cloudhooks.io', 'ctxjlwhmoon.ga', 'damesaanmelding.date', 'dateawiccan.com', 'dusterbd.com', 'formbdinterior.com', 'gbb.com.bd', 'givagoes.com.br', 'gramearizar.tk', 'guiapdf.tk', 'helwi-marketing.com', 'hfl.com.bd', 'hydbumpricjeo.ga', 'i2gether.com', 'karinegoes.com.br', 'mdfarhadrahman.com', 'midasfinancing.com', 'mirndas.tk', 'mrworldtv.com', 'nesithawest.gq', 'parkviewbd.com', 'pbil.com.bd', 'pranrflgroup.com', 'sandra-model.net', 'speedtrack.com.bd', 'tostaky.co', 'tquyucbmoon.ga', 'ucl.com.bd', 'ungiospotec.ga', 'wehrwe.com']}
  1459.  
  1460.   * Certificate - Trust:
  1461.       Hostname Validation:               OK - Subject Alternative Name matches
  1462.       Google CA Store (09/2015):         OK - Certificate is trusted
  1463.       Java 6 CA Store (Update 65):       OK - Certificate is trusted
  1464.       Microsoft CA Store (09/2015):      OK - Certificate is trusted
  1465.       Mozilla NSS CA Store (09/2015):    OK - Certificate is trusted
  1466.       Apple CA Store (OS X 10.10.5):     OK - Certificate is trusted
  1467.       Certificate Chain Received:        ['sni236478.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
  1468.  
  1469.   * Certificate - OCSP Stapling:
  1470.       OCSP Response Status:              successful
  1471.       Validation w/ Mozilla's CA Store:  OK - Response is trusted
  1472.       Responder Id:                      40096167F0BC83714FDE12082C6FD4D42B763D96
  1473.       Cert Status:                       good
  1474.       Cert Serial Number:                2475432FCD44B3D8334204033DADC1FF
  1475.       This Update:                       May 23 13:00:15 2018 GMT
  1476.       Next Update:                       May 30 13:00:15 2018 GMT
  1477.  
  1478.   * Session Resumption:
  1479.       With Session IDs:                  OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  1480.       With TLS Session Tickets:          OK - Supported
  1481.  
  1482.   * SSLV2 Cipher Suites:
  1483.       Server rejected all cipher suites.
  1484.  
  1485.   * SSLV3 Cipher Suites:
  1486.       Server rejected all cipher suites.
  1487.  
  1488.  
  1489.  
  1490.  SCAN COMPLETED IN 1.38 S
  1491.  ------------------------
  1492. Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-23 13:42 EDT
  1493. Nmap scan report for sandra-model.net (104.28.20.97)
  1494. Host is up (0.24s latency).
  1495. Other addresses for sandra-model.net (not scanned): 2400:cb00:2048:1::681c:1561 2400:cb00:2048:1::681c:1461 104.28.21.97
  1496.  
  1497. PORT     STATE    SERVICE   VERSION
  1498. 8443/tcp filtered https-alt
  1499. Too many fingerprints match this host to give specific OS details
  1500.  
  1501. TRACEROUTE (using proto 1/icmp)
  1502. HOP RTT    ADDRESS
  1503. 1   ... 30
  1504.  
  1505. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1506. Nmap done: 1 IP address (1 host up) scanned in 16.27 seconds
  1507. #######################################################################################################################################
  1508.  * --- JexBoss: Jboss verify and EXploitation Tool  --- *
  1509.  |  * And others Java Deserialization Vulnerabilities * |
  1510.  |                                                      |
  1511.  | @author:  João Filho Matos Figueiredo                |
  1512.  | @contact: joaomatosf@gmail.com                       |
  1513.  |                                                      |
  1514.  | @update: https://github.com/joaomatosf/jexboss       |
  1515.  #______________________________________________________#
  1516.  
  1517.  @version: 1.2.4
  1518.  
  1519.  * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
  1520.  
  1521.  
  1522.  ** Checking Host: https://sandra-model.net:8443 **
  1523.  
  1524.  [*] Checking admin-console:                
  1525.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: /admin-console/ (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1526.  
  1527.  [*] Checking Struts2:                      
  1528.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1529.  
  1530.  [*] Checking Servlet Deserialization:      
  1531.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1532.  
  1533.  [*] Checking Application Deserialization:  
  1534.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1535.  
  1536.  [*] Checking Jenkins:                      
  1537.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: / (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1538.  
  1539.  [*] Checking web-console:                  
  1540.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: /web-console/Invoker (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1541.  
  1542.  [*] Checking jmx-console:                  
  1543.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: /jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1544.  
  1545.  [*] Checking JMXInvokerServlet:            
  1546.  * An error occurred while connecting to the host https://sandra-model.net:8443 (HTTPSConnectionPool(host='sandra-model.net', port=8443): Max retries exceeded with url: /invoker/JMXInvokerServlet (Caused by ReadTimeoutError("HTTPSConnectionPool(host='sandra-model.net', port=8443): Read timed out. (read timeout=6.0)",)))
  1547.  
  1548.  
  1549.  
  1550.  * Results:
  1551.    The server is not vulnerable to bugs tested ... :D
  1552.  
  1553.  * Info: review, suggestions, updates, etc:
  1554.    https://github.com/joaomatosf/jexboss
  1555.  
  1556.  * DONATE: Please consider making a donation to help improve this tool,
  1557.  * Bitcoin Address:  14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
  1558. #######################################################################################################################################
  1559. [*] Performing General Enumeration of Domain: sandra-model.net
  1560. [-] DNSSEC is not configured for sandra-model.net
  1561. [*]      SOA aida.ns.cloudflare.com 173.245.58.58
  1562. [*]      NS toby.ns.cloudflare.com 173.245.59.239
  1563. [*]      Bind Version for 173.245.59.239 20171212
  1564. [*]      NS toby.ns.cloudflare.com 2400:cb00:2049:1::adf5:3bef
  1565. [*]      Bind Version for 2400:cb00:2049:1::adf5:3bef 20171212
  1566. [*]      NS aida.ns.cloudflare.com 173.245.58.58
  1567. [*]      Bind Version for 173.245.58.58 20171212
  1568. [*]      NS aida.ns.cloudflare.com 2400:cb00:2049:1::adf5:3a3a
  1569. [*]      Bind Version for 2400:cb00:2049:1::adf5:3a3a 20171212
  1570. [*]      MX dc-dc2d7d8716c8.sandra-model.net 173.254.239.2
  1571. [*]      A sandra-model.net 104.28.21.97
  1572. [*]      A sandra-model.net 104.28.20.97
  1573. [*]      AAAA sandra-model.net 2400:cb00:2048:1::681c:1461
  1574. [*]      AAAA sandra-model.net 2400:cb00:2048:1::681c:1561
  1575. [*]      TXT sandra-model.net v=spf1 +a +mx +ip4:173.254.239.2 +ip4:173.254.239.4 ~all
  1576. [*] Enumerating SRV Records
  1577. [-] No SRV Records Found for sandra-model.net
  1578. #######################################################################################################################################
  1579. [*] Processing domain sandra-model.net
  1580. [+] Getting nameservers
  1581. 173.245.59.239 - toby.ns.cloudflare.com
  1582. 173.245.58.58 - aida.ns.cloudflare.com
  1583. [-] Zone transfer failed
  1584.  
  1585. [+] IPv6 (AAAA) records found. Try running dnscan with the -6 option.
  1586. 2400:cb00:2048:1::681c:1461
  1587.  
  1588. 2400:cb00:2048:1::681c:1561
  1589.  
  1590. [+] TXT records found
  1591. "v=spf1 +a +mx +ip4:173.254.239.2 +ip4:173.254.239.4 ~all"
  1592.  
  1593. [+] MX records found, added to target list
  1594. 0 dc-dc2d7d8716c8.sandra-model.net.
  1595.  
  1596. [*] Scanning sandra-model.net for A records
  1597. 173.254.239.2 - dc-dc2d7d8716c8.sandra-model.net              
  1598. 104.28.20.97 - sandra-model.net
  1599. 104.28.21.97 - sandra-model.net
  1600. 173.254.239.2 - cpanel.sandra-model.net                            
  1601. 173.254.239.2 - ftp.sandra-model.net                                
  1602. 173.254.239.2 - mail.sandra-model.net                      
  1603. 173.254.239.2 - webdisk.sandra-model.net                    
  1604. 173.254.239.2 - webmail.sandra-model.net                  
  1605. 173.254.239.2 - whm.sandra-model.net                    
  1606. 104.28.20.97 - www.sandra-model.net                    
  1607. 104.28.21.97 - www.sandra-model.net
  1608. ######################################################################################################################################                                                  
  1609. Original*      sandra-model.net      104.28.20.97 2400:cb00:2048:1::681c:1461 NS:aida.ns.cloudflare.com MX:dc-dc2d7d8716c8.sandra-model.net
  1610. Omission       sandramodel.net       104.28.8.172 2400:cb00:2048:1::681c:8ac NS:ada.ns.cloudflare.com MX:dc-fad24270df83.sandramodel.net
  1611. Subdomain      sandra-m.odel.net     72.52.4.122 NS:ns1.sedoparking.com MX:localhost
  1612. #######################################################################################################################################
  1613. Ip Address  Status  Type    Domain Name         Server
  1614. ----------  ------  ----    -----------         ------
  1615. 173.254.239.2           host    ftp.sandra-model.net       
  1616. 173.254.239.2   200     host    mail.sandra-model.net       LiteSpeed
  1617. 173.254.239.2   301     host    webmail.sandra-model.net    LiteSpeed
  1618. 104.28.21.97    200     host    www.sandra-model.net        cloudflare
  1619. 104.28.20.97    200 host    www.sandra-model.net        cloudflare
  1620. #######################################################################################################################################
  1621.                                            HunterUnit JTSEC pedo link for save child full recon #74
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top