API tools faq
paste
Advertisement
Guest User

Anonymous JTSEC #OPkilluminatie full recon #4

a guest
Feb 7th, 2018
552
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.86 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname www.droithumain-france.org ISP OVH S (AS16276)
  3. Continent Europe Flag
  4.  
  5. FR
  6. Country France Country Code FR (FRA)
  7. Region Unknown Local time 28 Jan 2018 06:08 CET
  8. City Unknown Latitude 48.858
  9. IP Address 213.186.33.18 Longitude 2.339
  10. #####################################################################################################################################
  11. [i] Scanning Site: http://droithumain-france.org
  12.  
  13. B A S I C I N F O
  14. ====================
  15.  
  16.  
  17. [+] Site Title: Franc-maçonnerie Mixte et Internationale LE DROIT HUMAIN Fédération française – L'expérience maçonnique en mixité
  18. [+] IP address: 217.70.184.38
  19. [+] Web Server: Varnish
  20. [+] CMS: WordPress
  21. [+] Cloudflare: Not Detected
  22. [+] Robots File: Could NOT Find robots.txt!
  23.  
  24.  
  25. W H O I S L O O K U P
  26. ========================
  27.  
  28. Domain Name: DROITHUMAIN-FRANCE.ORG
  29. Registry Domain ID: D10156890-LROR
  30. Registrar WHOIS Server: whois.gandi.net
  31. Registrar URL: http://www.gandi.net
  32. Updated Date: 2017-11-09T09:28:41Z
  33. Creation Date: 1999-09-14T12:06:17Z
  34. Registry Expiry Date: 2020-09-14T12:06:17Z
  35. Registrar Registration Expiration Date:
  36. Registrar: Gandi SAS
  37. Registrar IANA ID: 81
  38. Registrar Abuse Contact Email: abuse@support.gandi.net
  39. Registrar Abuse Contact Phone: +33.170377661
  40. Reseller:
  41. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  42. Registry Registrant ID: C26996729-LROR
  43. Registrant Name: Alain MICHON
  44. Registrant Organization: APFDH
  45. Registrant Street: 9, rue Pinel
  46. Registrant City: Paris
  47. Registrant State/Province:
  48. Registrant Postal Code: 75013
  49. Registrant Country: FR
  50. Registrant Phone: +33.144086262
  51. Registrant Phone Ext:
  52. Registrant Fax:
  53. Registrant Fax Ext:
  54. Registrant Email: f6b2a9f9a79386235c6cdeaec40f940d-698361@contact.gandi.net
  55. Registry Admin ID: C26935375-LROR
  56. Admin Name: Alain MICHON
  57. Admin Organization: A.P.F.D.H.
  58. Admin Street: 9, rue Pinel
  59. Admin City: PARIS
  60. Admin State/Province: 11
  61. Admin Postal Code: 75013
  62. Admin Country: FR
  63. Admin Phone: +33.144086262
  64. Admin Phone Ext:
  65. Admin Fax: +33.144086260
  66. Admin Fax Ext:
  67. Admin Email: d0b71e3f690f3673f7d12e1372f5e69b-698108@contact.gandi.net
  68. Registry Tech ID: C26935375-LROR
  69. Tech Name: Alain MICHON
  70. Tech Organization: A.P.F.D.H.
  71. Tech Street: 9, rue Pinel
  72. Tech City: PARIS
  73. Tech State/Province: 11
  74. Tech Postal Code: 75013
  75. Tech Country: FR
  76. Tech Phone: +33.144086262
  77. Tech Phone Ext:
  78. Tech Fax: +33.144086260
  79. Tech Fax Ext:
  80. Tech Email: d0b71e3f690f3673f7d12e1372f5e69b-698108@contact.gandi.net
  81. Name Server: NS-144-C.GANDI.NET
  82. Name Server: NS-213-B.GANDI.NET
  83. Name Server: NS-142-A.GANDI.NET
  84. DNSSEC: unsigned
  85. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  86. >>> Last update of WHOIS database: 2018-02-07T07:34:51Z <<<
  87.  
  88. G E O I P L O O K U P
  89. =========================
  90.  
  91. [i] IP Address: 217.70.184.38
  92. [i] Country: FR
  93. [i] State: N/A
  94. [i] City: N/A
  95. [i] Latitude: 48.858200
  96. [i] Longitude: 2.338700
  97.  
  98. H T T P H E A D E R S
  99. =======================
  100.  
  101. [i] HTTP/1.1 301 Moved Permanently
  102. [i] Server: Varnish
  103. [i] Location: https://www.droithumain-france.org
  104. [i] Content-Type: text/html; charset=utf-8
  105. [i] Cache-Control: max-age=10800
  106. [i] Content-Length: 315
  107. [i] Accept-Ranges: bytes
  108. [i] Date: Wed, 07 Feb 2018 07:35:52 GMT
  109. [i] Via: 1.1 varnish
  110. [i] Connection: close
  111. [i] Age: 10
  112. [i] HTTP/1.1 200 OK
  113. [i] Set-Cookie: xxlplanBAK=R3174115850; path=/; expires=Wed, 07-Feb-2018 08:46:49 GMT
  114. [i] Date: Wed, 07 Feb 2018 07:35:52 GMT
  115. [i] Content-Type: text/html; charset=UTF-8
  116. [i] Connection: close
  117. [i] Set-Cookie: xxlplan=R1719559642; path=/; expires=Wed, 07-Feb-2018 08:47:00 GMT
  118. [i] Server: Apache
  119. [i] X-Powered-By: PHP/7.0.25
  120. [i] Last-Modified: Tue, 06 Feb 2018 22:03:07 GMT
  121. [i] X-Frame-Options: SAMEORIGIN, SAMEORIGIN
  122. [i] Vary: Accept-Encoding,User-Agent
  123. [i] Cache-Control: max-age=0
  124. [i] Expires: Wed, 07 Feb 2018 07:35:52 GMT
  125. [i] X-XSS-Protection: 1; mode=block
  126. [i] X-Content-Type-Options: nosniff
  127. [i] Set-Cookie: HttpOnly;Secure
  128. [i] X-IPLB-Instance: 523
  129.  
  130. D N S L O O K U P
  131. ===================
  132.  
  133. droithumain-france.org. 10799 IN A 217.70.184.38
  134. droithumain-france.org. 10799 IN NS ns-142-a.gandi.net.
  135. droithumain-france.org. 10799 IN NS ns-213-b.gandi.net.
  136. droithumain-france.org. 10799 IN NS ns-144-c.gandi.net.
  137. droithumain-france.org. 10799 IN SOA ns1.gandi.net. hostmaster.gandi.net. 1510684245 10800 3600 604800 10800
  138. droithumain-france.org. 10799 IN MX 10 spool.mail.gandi.net.
  139. droithumain-france.org. 10799 IN MX 50 fb.mail.gandi.net.
  140. droithumain-france.org. 10799 IN TXT "v=spf1 include:_mailcust.gandi.net ?all"
  141. droithumain-france.org. 10799 IN TXT "google-site-verification=QxckG3K2OhpTUknwpVXCXglTazTqpwjJ1tRVk_qmuhU"
  142. droithumain-france.org. 299 IN SPF "v=spf1 a mx include:mx.ovh.com ~all"
  143.  
  144. S U B N E T C A L C U L A T I O N
  145. ====================================
  146.  
  147. Address = 217.70.184.38
  148. Network = 217.70.184.38 / 32
  149. Netmask = 255.255.255.255
  150. Broadcast = not needed on Point-to-Point links
  151. Wildcard Mask = 0.0.0.0
  152. Hosts Bits = 0
  153. Max. Hosts = 1 (2^0 - 0)
  154. Host Range = { 217.70.184.38 - 217.70.184.38 }
  155.  
  156.  
  157.  
  158. N M A P P O R T S C A N
  159. ============================
  160.  
  161.  
  162. Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-07 07:35 UTC
  163. Nmap scan report for droithumain-france.org (217.70.184.38)
  164. Host is up (0.081s latency).
  165. rDNS record for 217.70.184.38: webredir.vip.gandi.net
  166. PORT STATE SERVICE VERSION
  167. 21/tcp filtered ftp
  168. 22/tcp filtered ssh
  169. 23/tcp filtered telnet
  170. 25/tcp filtered smtp
  171. 80/tcp open http-proxy Varnish
  172. 110/tcp filtered pop3
  173. 143/tcp filtered imap
  174. 443/tcp filtered https
  175. 445/tcp filtered microsoft-ds
  176. 3389/tcp filtered ms-wbt-server
  177.  
  178. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  179. Nmap done: 1 IP address (1 host up) scanned in 8.67 seconds
  180.  
  181. S U B - D O M A I N F I N D E R
  182. ==================================
  183.  
  184.  
  185. [i] Total Subdomains Found : 1
  186.  
  187. [+] Subdomain: www.droithumainfrance.org
  188. [-] IP: 213.186.33.18
  189. #######################################################################################################################################
  190. [!] IP Address : 217.70.184.38
  191. [!] Server: Apache
  192. [!] Powered By: PHP/7.0.25
  193. [!] droithumain-france.org doesn't seem to use a CMS
  194. [+] Honeypot Probabilty: 0%
  195. ----------------------------------------
  196. [~] Trying to gather whois information for droithumain-france.org
  197. Socket Error: timed out
  198. [+] Whois information found
  199. Updated Date : None
  200. Status : None
  201. Name : None
  202. Dnssec : None
  203. City : None
  204. Expiration Date : None
  205. Address : None
  206. Zipcode : None
  207. Domain Name : None
  208. Whois Server : None
  209. State : None
  210. Registrar : None
  211. Referral Url : None
  212. Country : None
  213. Name Servers : None
  214. Org : None
  215. Creation Date : None
  216. Emails : None
  217. ----------------------------------------
  218. PORT STATE SERVICE VERSION
  219. 21/tcp filtered ftp
  220. 22/tcp filtered ssh
  221. 23/tcp filtered telnet
  222. 25/tcp filtered smtp
  223. 80/tcp open http-proxy Varnish
  224. 110/tcp filtered pop3
  225. 143/tcp filtered imap
  226. 443/tcp filtered https
  227. 445/tcp filtered microsoft-ds
  228. 3389/tcp filtered ms-wbt-server
  229. ----------------------------------------
  230.  
  231. [+] DNS Records
  232. ns-213-b.gandi.net. (213.167.229.2) AS29169 GANDI SAS France
  233. ns-144-c.gandi.net. (217.70.179.2) AS29169 GANDI SAS France
  234. ns-142-a.gandi.net. (173.246.98.2) AS29169 GANDI SAS United States
  235.  
  236. [+] MX Records
  237. 50 (217.70.184.162) AS29169 GANDI SAS France
  238.  
  239. [+] MX Records
  240. 10 (217.70.184.6) AS29169 GANDI SAS France
  241.  
  242. [+] Host Records (A)
  243. www.droithumainfrance.orgHTTP: (cluster007.ovh.net) (213.186.33.18) AS16276 OVH SAS France
  244. droithumain-france.orgHTTP: (webredir.vip.gandi.net) (217.70.184.38) AS29169 GANDI SAS France
  245.  
  246. [+] TXT Records
  247. "google-site-verification=QxckG3K2OhpTUknwpVXCXglTazTqpwjJ1tRVk_qmuhU"
  248. "v=spf1 include:_mailcust.gandi.net ?all"
  249.  
  250. [+] DNS Map: https://dnsdumpster.com/static/map/droithumain-france.org.png
  251.  
  252. [>] Initiating 3 intel modules
  253. [>] Loading Alpha module (1/3)
  254. [>] Beta module deployed (2/3)
  255. [>] Gamma module initiated (3/3)
  256.  
  257.  
  258. [+] Emails found:
  259. ------------------
  260. pixel-151798924860585-web-@droithumain-france.org
  261.  
  262. [+] Hosts found in search engines:
  263. ------------------------------------
  264. [-] Resolving hostnames IPs...
  265. 213.186.33.18:Www.droithumain-france.org
  266. 213.186.33.18:www.droithumain-france.org
  267. [+] Virtual hosts:
  268. -----------------
  269. 213.186.33.18 www.firstsurface.de
  270. 213.186.33.18 marokkotogo.com
  271. 213.186.33.18 ringana-sport-blog.com
  272. 213.186.33.18 www.lelavandou.eu
  273. 213.186.33.18 www.elite-moebel.at
  274. 213.186.33.18 www.regatron.ch
  275. 213.186.33.18 www.lecampoloro.com
  276. 213.186.33.18 www.leproscenium.com
  277. 213.186.33.18 www.agricultureannonces.com
  278. 213.186.33.18 www.photos-de-mode.com
  279. 213.186.33.18 www.coloriez.com
  280. 213.186.33.18 www.frogpubs
  281. 213.186.33.18 videosx.org
  282. 213.186.33.18 www.europalestine.com
  283. 213.186.33.18 www.hotel-argenson.com
  284. 213.186.33.18 www.planete-astronomie.com
  285. 213.186.33.18 www.jeuxvideo-flash.com
  286. 213.186.33.18 www.reseau-idelis.com
  287. 213.186.33.18 www.henricartierbresson.org
  288. 213.186.33.18 www.ginkgo-advisor.com
  289. 213.186.33.18 legouessant.com
  290. 213.186.33.18 www.indemnite-de-licenciement.fr
  291. 213.186.33.18 legazier.com
  292. 213.186.33.18 blog.zanorg.com
  293. 213.186.33.18 www.rencontre-moche.com
  294. 213.186.33.18 www.partir-en-omra.com
  295. [~] Crawling the target for fuzzable URLs
  296. [-] No fuzzable URLs found
  297. #######################################################################################################################################
  298. Server: 192.168.1.254
  299. Address: 192.168.1.254#53
  300.  
  301. Non-authoritative answer:
  302. Name: droithumain-france.org
  303. Address: 217.70.184.38
  304.  
  305. droithumain-france.org has address 217.70.184.38
  306. droithumain-france.org mail is handled by 10 spool.mail.gandi.net.
  307. droithumain-france.org mail is handled by 50 fb.mail.gandi.net.
  308. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
  309.  
  310. [+] Target is droithumain-france.org
  311. [+] Loading modules.
  312. [+] Following modules are loaded:
  313. [x] [1] ping:icmp_ping - ICMP echo discovery module
  314. [x] [2] ping:tcp_ping - TCP-based ping discovery module
  315. [x] [3] ping:udp_ping - UDP-based ping discovery module
  316. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
  317. [x] [5] infogather:portscan - TCP and UDP PortScanner
  318. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
  319. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
  320. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
  321. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
  322. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
  323. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
  324. [x] [12] fingerprint:smb - SMB fingerprinting module
  325. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
  326. [+] 13 modules registered
  327. [+] Initializing scan engine
  328. [+] Running scan engine
  329. [-] ping:tcp_ping module: no closed/open TCP ports known on 217.70.184.38. Module test failed
  330. [-] ping:udp_ping module: no closed/open UDP ports known on 217.70.184.38. Module test failed
  331. [-] No distance calculation. 217.70.184.38 appears to be dead or no ports known
  332. [+] Host: 217.70.184.38 is down (Guess probability: 0%)
  333. [+] Cleaning up scan engine
  334. [+] Modules deinitialized
  335. [+] Execution completed.
  336. #######################################################################################################################################
  337. Domain Name: DROITHUMAIN-FRANCE.ORG
  338. Registry Domain ID: D10156890-LROR
  339. Registrar WHOIS Server: whois.gandi.net
  340. Registrar URL: http://www.gandi.net
  341. Updated Date: 2017-11-09T09:28:41Z
  342. Creation Date: 1999-09-14T12:06:17Z
  343. Registry Expiry Date: 2020-09-14T12:06:17Z
  344. Registrar Registration Expiration Date:
  345. Registrar: Gandi SAS
  346. Registrar IANA ID: 81
  347. Registrar Abuse Contact Email: abuse@support.gandi.net
  348. Registrar Abuse Contact Phone: +33.170377661
  349. Reseller:
  350. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  351. Registry Registrant ID: C26996729-LROR
  352. Registrant Name: Alain MICHON
  353. Registrant Organization: APFDH
  354. Registrant Street: 9, rue Pinel
  355. Registrant City: Paris
  356. Registrant State/Province:
  357. Registrant Postal Code: 75013
  358. Registrant Country: FR
  359. Registrant Phone: +33.144086262
  360. Registrant Phone Ext:
  361. Registrant Fax:
  362. Registrant Fax Ext:
  363. Registrant Email: f6b2a9f9a79386235c6cdeaec40f940d-698361@contact.gandi.net
  364. Registry Admin ID: C26935375-LROR
  365. Admin Name: Alain MICHON
  366. Admin Organization: A.P.F.D.H.
  367. Admin Street: 9, rue Pinel
  368. Admin City: PARIS
  369. Admin State/Province: 11
  370. Admin Postal Code: 75013
  371. Admin Country: FR
  372. Admin Phone: +33.144086262
  373. Admin Phone Ext:
  374. Admin Fax: +33.144086260
  375. Admin Fax Ext:
  376. Admin Email: d0b71e3f690f3673f7d12e1372f5e69b-698108@contact.gandi.net
  377. Registry Tech ID: C26935375-LROR
  378. Tech Name: Alain MICHON
  379. Tech Organization: A.P.F.D.H.
  380. Tech Street: 9, rue Pinel
  381. Tech City: PARIS
  382. Tech State/Province: 11
  383. Tech Postal Code: 75013
  384. Tech Country: FR
  385. Tech Phone: +33.144086262
  386. Tech Phone Ext:
  387. Tech Fax: +33.144086260
  388. Tech Fax Ext:
  389. Tech Email: d0b71e3f690f3673f7d12e1372f5e69b-698108@contact.gandi.net
  390. Name Server: NS-144-C.GANDI.NET
  391. Name Server: NS-213-B.GANDI.NET
  392. Name Server: NS-142-A.GANDI.NET
  393. DNSSEC: unsigned
  394. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  395. [+] Emails found:
  396. ------------------
  397. pixel-1517994572674773-web-@droithumain-france.org
  398.  
  399. [+] Hosts found in search engines:
  400. ------------------------------------
  401. [-] Resolving hostnames IPs...
  402. 213.186.33.18:Www.droithumain-france.org
  403. 213.186.33.18:www.droithumain-france.org
  404. [+] Virtual hosts:
  405. ==================
  406. 213.186.33.18 www.edinburghschoolofenglish
  407. 213.186.33.18 www.fashion-pictures
  408. 213.186.33.18 www.frogpubs
  409. 213.186.33.18 www.vintage-paris
  410. 213.186.33.18 www.edencharms.com
  411. 213.186.33.18 cfia
  412. 213.186.33.18 www.edenstockings
  413. 213.186.33.18 www.sortmusic
  414. 213.186.33.18 www.technogenia
  415. 213.186.33.18 www.hodacodex
  416. 213.186.33.18 www.chateaulabrede.com
  417. 213.186.33.18 vinci.aero
  418. 213.186.33.18 www.florentpagny
  419. 213.186.33.18 www.xpflightplanner
  420. 213.186.33.18 www.horloger.net
  421. 213.186.33.18 www.thestandingmarch
  422. 213.186.33.18 rstlss
  423. 213.186.33.18 textingstory
  424. 213.186.33.18 chouconut
  425. 213.186.33.18 buf
  426. 213.186.33.18 www.leproscenium.com
  427. 213.186.33.18 www.agricultureannonces.com
  428. 213.186.33.18 www.photos-de-mode.com
  429. 213.186.33.18 www.coloriez.com
  430. 213.186.33.18 videosx.org
  431. 213.186.33.18 www.europalestine.com
  432. 213.186.33.18 www.hotel-argenson.com
  433. 213.186.33.18 www.jeuxvideo-flash.com
  434. 213.186.33.18 www.reseau-idelis.com
  435. #######################################################################################################################################
  436. ; <<>> DiG 9.11.2-P1-1-Debian <<>> -x droithumain-france.org
  437. ;; global options: +cmd
  438. ;; Got answer:
  439. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26081
  440. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  441.  
  442. ;; OPT PSEUDOSECTION:
  443. ; EDNS: version: 0, flags:; udp: 4096
  444. ;; QUESTION SECTION:
  445. ;org.droithumain-france.in-addr.arpa. IN PTR
  446.  
  447. ;; AUTHORITY SECTION:
  448. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013046 1800 900 604800 3600
  449.  
  450. ;; Query time: 608 msec
  451. ;; SERVER: 192.168.1.254#53(192.168.1.254)
  452. ;; WHEN: Wed Feb 07 04:09:40 EST 2018
  453. ;; MSG SIZE rcvd: 132
  454.  
  455. dnsenum VERSION:1.2.4
  456. 
  457. ----- droithumain-france.org -----
  458. 
  459.  
  460. Host's addresses:
  461. __________________
  462.  
  463. droithumain-france.org. 6037 IN A 217.70.184.38
  464. 
  465.  
  466. Wildcard detection using: fvgzgdfbkbvl
  467. _______________________________________
  468.  
  469. fvgzgdfbkbvl.droithumain-france.org. 10800 IN CNAME webredir.vip.gandi.net.
  470. webredir.vip.gandi.net. 30 IN A 213.167.231.2
  471. 
  472.  
  473. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
  474.  
  475. Wildcards detected, all subdomains will point to the same IP address
  476. Omitting results containing 213.167.231.2.
  477. Maybe you are using OpenDNS servers.
  478.  
  479. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
  480. 
  481.  
  482. Name Servers:
  483. ______________
  484.  
  485. ns-144-c.gandi.net. 81603 IN A 217.70.179.2
  486. ns-142-a.gandi.net. 81603 IN A 173.246.98.2
  487. ns-213-b.gandi.net. 81603 IN A 213.167.229.2
  488. 
  489.  
  490. Mail (MX) Servers:
  491. ___________________
  492.  
  493. fb.mail.gandi.net. 3600 IN A 217.70.184.162
  494. fb.mail.gandi.net. 3600 IN A 217.70.184.161
  495. fb.mail.gandi.net. 3600 IN A 217.70.184.163
  496. spool.mail.gandi.net. 73135 IN A 217.70.184.6
  497. 
  498.  
  499. Trying Zone Transfers and getting Bind Versions:
  500. _________________________________________________
  501.  
  502. 
  503. Trying Zone Transfer for droithumain-france.org on ns-144-c.gandi.net ...
  504.  
  505. Trying Zone Transfer for droithumain-france.org on ns-142-a.gandi.net ...
  506.  
  507. Trying Zone Transfer for droithumain-france.org on ns-213-b.gandi.net ...
  508.  
  509. SSL Certificates: www.droithumain-france.org
  510. Virustotal: www.droithumain-france.org
  511. Yahoo: www.droithumain-france.org
  512. Netcraft: www.droithumain-france.org
  513. Bing: www.droithumain-france.org
  514. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-droithumain-france.org.txt
  515. [-] Total Unique Subdomains Found: 1
  516. www.droithumain-france.org
  517.  
  518. Identifying nameservers for droithumain-france.org... Done
  519. Using nameservers:
  520.  
  521. - 217.70.179.2
  522. - 173.246.98.2
  523. - 213.167.229.2
  524.  
  525. Checking for wildcard DNS... Wildcard detected!
  526. Identifying wildcard IPs... Done
  527. Filtering out hosts resolving to wildcard IPs
  528.  
  529. Running collector: PTRArchive... Done (0 hosts)
  530. Running collector: Wayback Machine... Done (2 hosts)
  531. Running collector: PublicWWW... Done (0 hosts)
  532. Running collector: Google Transparency Report... Done (1 host)
  533. Running collector: HackerTarget... Done (2 hosts)
  534. Running collector: PassiveTotal... Skipped
  535.  -> Key 'passivetotal_key' has not been set
  536. Running collector: VirusTotal... Skipped
  537.  -> Key 'virustotal' has not been set
  538. Running collector: Riddler... Skipped
  539.  -> Key 'riddler_username' has not been set
  540. Running collector: Certificate Search... Done (1 host)
  541. Running collector: Dictionary... Done (27 hosts)
  542. Running collector: DNSDB... Done (1 host)
  543. Running collector: Threat Crowd... Done (0 hosts)
  544. Running collector: Censys... Skipped
  545.  -> Key 'censys_secret' has not been set
  546. Running collector: Netcraft... Done (1 host)
  547. Running collector: Shodan... Skipped
  548.  -> Key 'shodan' has not been set
  549. 
  550. Resolving 30 unique hosts...
  551. 217.70.184.38 .droithumain-france.org
  552. 217.70.184.38 droithumain-france.org
  553. 213.186.33.18 www.droithumain-france.org
  554.  
  555. 
  556. Found subnets:
  557.  
  558. - 217.70.184.0-255 : 2 hosts
  559.  
  560. Wrote 3 hosts to:
  561.  
  562. - file:///root/aquatone/droithumain-france.org/hosts.txt
  563. - file:///root/aquatone/droithumain-france.org/hosts.json
  564. __
  565. ____ _____ ___ ______ _/ /_____ ____ ___
  566. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  567. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  568. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  569. /_/ takeover v0.5.0 - by @michenriksen
  570.  
  571. Loaded 3 hosts from /root/aquatone/droithumain-france.org/hosts.json
  572. Loaded 25 domain takeover detectors
  573.  
  574. Identifying nameservers for droithumain-france.org... Done
  575. Using nameservers:
  576.  
  577. - 173.246.98.2
  578. - 213.167.229.2
  579. - 217.70.179.2
  580.  
  581. Checking hosts for domain takeover vulnerabilities...
  582.  
  583. Finished checking hosts:
  584.  
  585. - Vulnerable : 0
  586. - Not Vulnerable : 3
  587.  
  588. Wrote 0 potential subdomain takeovers to:
  589.  
  590. - file:///root/aquatone/droithumain-france.org/takeovers.json
  591.  
  592. __
  593. ____ _____ ___ ______ _/ /_____ ____ ___
  594. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  595. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  596. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  597. /_/ scan v0.5.0 - by @michenriksen
  598.  
  599. Loaded 3 hosts from /root/aquatone/droithumain-france.org/hosts.json
  600.  
  601. Probing 4 ports...
  602. 80/tcp  217.70.184.38 .droithumain-france.org, droithumain-france.org
  603. 443/tcp  213.186.33.18 www.droithumain-france.org
  604. 80/tcp  213.186.33.18 www.droithumain-france.org
  605.  
  606. Wrote open ports to file:///root/aquatone/droithumain-france.org/open_ports.txt
  607. Wrote URLs to file:///root/aquatone/droithumain-france.org/urls.txt
  608. __
  609. ____ _____ ___ ______ _/ /_____ ____ ___
  610. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
  611. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
  612. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
  613. /_/ gather v0.5.0 - by @michenriksen
  614.  
  615. Processing 4 pages...
  616. #######################################################################################################################################
  617. Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-07 04:11 EST
  618. Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 0 undergoing Host Discovery
  619. Parallel DNS resolution of 1 host. Timing: About 0.00% done
  620. Nmap scan report for droithumain-france.org (217.70.184.38)
  621. Host is up (0.27s latency).
  622. rDNS record for 217.70.184.38: webredir.vip.gandi.net
  623. Not shown: 472 filtered ports
  624. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  625. PORT STATE SERVICE
  626. 80/tcp open http
  627.  
  628. Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
  629.  
  630. ^ ^
  631. _ __ _ ____ _ __ _ _ ____
  632. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  633. | V V // o // _/ | V V // 0 // 0 // _/
  634. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
  635. <
  636. ...'
  637.  
  638. WAFW00F - Web Application Firewall Detection Tool
  639.  
  640. By Sandro Gauci && Wendel G. Henrique
  641.  
  642. Checking http://droithumain-france.org
  643. Generic Detection results:
  644. No WAF detected by the generic detection
  645. Number of requests: 13
  646.  
  647. ====================================================================================
  648.  GATHERING HTTP INFO 
  649. ====================================================================================
  650. http://droithumain-france.org [301 Moved Permanently] Country[FRANCE][FR], HTTPServer[Varnish], IP[217.70.184.38], RedirectLocation[https://www.droithumain-france.org], Title[301 Moved Permanently], Varnish, Via-Proxy[1.1 varnish]
  651. https://www.droithumain-france.org [200 OK] Apache, Cookies[xxlplan,xxlplanBAK], Country[FRANCE][FR], Frame, Google-Analytics[Universal][UA-22560480-1], HTML5, HTTPServer[Apache], IP[213.186.33.18], JQuery[1.12.4], MetaGenerator[Powered by WPBakery Page Builder - drag and drop page builder for WordPress.], Modernizr, PHP[7.0.25], PasswordField[pwd], PoweredBy[WPBakery], Script[text/javascript], Title[Franc-maçonnerie Mixte et Internationale LE DROIT HUMAIN Fédération française &#8211; L&#039;expérience maçonnique en mixité], UncommonHeaders[x-content-type-options,x-iplb-instance], Vimeo, WordPress, X-Frame-Options[SAMEORIGIN, SAMEORIGIN], X-Powered-By[PHP/7.0.25], X-UA-Compatible[IE=9], X-XSS-Protection[1; mode=block]
  652.  
  653.  __ ______ _____ 
  654.  \ \/ / ___|_ _|
  655.  \ /\___ \ | | 
  656.  / \ ___) || | 
  657.  /_/\_|____/ |_| 
  658.  
  659. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  660. + -- --=[Target: droithumain-france.org:80
  661. + -- --=[Site not vulnerable to Cross-Site Tracing!
  662. + -- --=[Site not vulnerable to Host Header Injection!
  663. + -- --=[Site vulnerable to Cross-Frame Scripting!
  664. + -- --=[Site vulnerable to Clickjacking!
  665.  
  666. HTTP/1.1 301 Moved Permanently
  667. Server: Varnish
  668. Location: https://www.droithumain-france.org
  669. Content-Type: text/html; charset=utf-8
  670. Cache-Control: max-age=10800
  671. Content-Length: 315
  672. Accept-Ranges: bytes
  673. Date: Wed, 07 Feb 2018 09:11:42 GMT
  674. Via: 1.1 varnish
  675. Connection: close
  676. Age: 9
  677.  
  678.  
  679. <?xml version="1.0" encoding="utf-8"?>
  680. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  681. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  682. <html>
  683. <head>
  684. <title>301 Moved Permanently</title>
  685. </head>
  686. <body>
  687. <h1>Error 301 Moved Permanently</h1>
  688. <p>Moved Permanently</p>
  689. </body>
  690. </html>
  691. 
  692. HTTP/1.1 301 Moved Permanently
  693. Server: Varnish
  694. Location: https://www.droithumain-france.org
  695. Content-Type: text/html; charset=utf-8
  696. Cache-Control: max-age=10800
  697. Content-Length: 315
  698. Accept-Ranges: bytes
  699. Date: Wed, 07 Feb 2018 09:11:43 GMT
  700. Via: 1.1 varnish
  701. Connection: close
  702. Age: 7
  703.  
  704.  
  705. <?xml version="1.0" encoding="utf-8"?>
  706. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  707. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  708. <html>
  709. <head>
  710. <title>301 Moved Permanently</title>
  711. </head>
  712. <body>
  713. <h1>Error 301 Moved Permanently</h1>
  714. <p>Moved Permanently</p>
  715. </body>
  716. </html>
  717. 
  718.  
  719.  
  720.  
  721. ====================================================================================
  722.  CHECKING HTTP HEADERS 
  723. ====================================================================================
  724. + -- --=[Checking if X-Content options are enabled on droithumain-france.org... 
  725.  
  726. + -- --=[Checking if X-Frame options are enabled on droithumain-france.org... 
  727.  
  728. + -- --=[Checking if X-XSS-Protection header is enabled on droithumain-france.org... 
  729.  
  730. + -- --=[Checking HTTP methods on droithumain-france.org... 
  731.  
  732. + -- --=[Checking if TRACE method is enabled on droithumain-france.org... 
  733.  
  734. + -- --=[Checking for META tags on droithumain-france.org... 
  735.  
  736. + -- --=[Checking for open proxy on droithumain-france.org... 
  737. <head>
  738. <meta http-equiv="Content-Type" content="text/HTML; charset=iso-8859-15" />
  739. <title>404 Not Found</title>
  740. </head>
  741. <body>
  742. <h1>Not Found</h1>
  743. <p>Nothing matches the given URI</p>
  744. </body>
  745. </html>
  746.  
  747.  
  748. + -- --=[Enumerating software on droithumain-france.org... 
  749. Server: Varnish
  750.  
  751. + -- --=[Checking if Strict-Transport-Security is enabled on droithumain-france.org... 
  752.  
  753. + -- --=[Checking for Flash cross-domain policy on droithumain-france.org... 
  754. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  755. <html>
  756. <head>
  757. <title>301 Moved Permanently</title>
  758. </head>
  759. <body>
  760. <h1>Error 301 Moved Permanently</h1>
  761. <p>Moved Permanently</p>
  762. </body>
  763. </html>
  764.  
  765. + -- --=[Checking for Silverlight cross-domain policy on droithumain-france.org... 
  766. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  767. <html>
  768. <head>
  769. <title>301 Moved Permanently</title>
  770. </head>
  771. <body>
  772. <h1>Error 301 Moved Permanently</h1>
  773. <p>Moved Permanently</p>
  774. </body>
  775. </html>
  776.  
  777. + -- --=[Checking for HTML5 cross-origin resource sharing on droithumain-france.org... 
  778.  
  779. + -- --=[Retrieving robots.txt on droithumain-france.org... 
  780. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  781. <html>
  782. <head>
  783. <title>301 Moved Permanently</title>
  784. </head>
  785. <body>
  786. <h1>Error 301 Moved Permanently</h1>
  787. <p>Moved Permanently</p>
  788. </body>
  789. </html>
  790.  
  791. + -- --=[Retrieving sitemap.xml on droithumain-france.org... 
  792. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  793. <html>
  794. <head>
  795. <title>301 Moved Permanently</title>
  796. </head>
  797. <body>
  798. <h1>Error 301 Moved Permanently</h1>
  799. <p>Moved Permanently</p>
  800. </body>
  801. </html>
  802.  
  803. + -- --=[Checking cookie attributes on droithumain-france.org... 
  804.  
  805. + -- --=[Checking for ASP.NET Detailed Errors on droithumain-france.org... 
  806. <h1>Error 301 Moved Permanently</h1>
  807. <body data-rsssl=1 class="error404 kleo-navbar-fixed navbar-resize disable-all-animations wpb-js-composer js-comp-ver-5.4.5 vc_responsive" itemscope itemtype="http://schema.org/WebPage">
  808. var spuvar = {"is_admin":"","l18n":{"wait":"Please wait","seconds":"seconds ","name_error":"Please enter a valid name","email_error":"Please enter a valid email"},"disable_style":"","safe_mode":"","ajax_mode":"1","site_url":"https:\/\/www.droithumain-france.org\/","ajax_mode_url":"https:\/\/www.droithumain-france.org\/?spu_action=spu_load&lang=","ajax_url":"https:\/\/www.droithumain-france.org\/wp-admin\/admin-ajax.php","pid":"0","is_front_page":"","is_category":"","is_archive":"","is_search":"","is_preview":"","seconds_confirmation_close":"5","dsampling":"","dsamplingrate":"100","disable_stats":""};
  809. ######################################################################################################################################
  810.  
  811.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
  812.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
  813.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
  814.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
  815.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
  816.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
  817.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
  818.  
  819. __[ ! ] Neither war between hackers, nor peace for the system.
  820. __[ ! ] http://blog.inurl.com.br
  821. __[ ! ] http://fb.com/InurlBrasil
  822. __[ ! ] http://twitter.com/@googleinurl
  823. __[ ! ] http://github.com/googleinurl
  824. __[ ! ] Current PHP version::[ 7.2.1-1 ]
  825. __[ ! ] Current script owner::[ root ]
  826. __[ ! ] Current uname::[ Linux Kali 4.14.0-kali3-amd64 #1 SMP Debian 4.14.13-1kali1 (2018-01-25) x86_64 ]
  827. __[ ! ] Current pwd::[ /usr/share/sniper ]
  828. __[ ! ] Help: php inurlbr.php --help
  829. ------------------------------------------------------------------------------------------------------------------------
  830.  
  831. [ ! ] Starting SCANNER INURLBR 2.1 at [07-02-2018 04:12:37]
  832. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
  833. It is the end user's responsibility to obey all applicable local, state and federal laws.
  834. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  835.  
  836. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-droithumain-france.org.txt ]
  837. [ INFO ][ DORK ]::[ site:droithumain-france.org ]
  838. [ INFO ][ SEARCHING ]:: {
  839. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.io ]
  840.  
  841. [ INFO ][ SEARCHING ]:: 
  842. -[:::]
  843. [ INFO ][ ENGINE ]::[ GOOGLE API ]
  844.  
  845. [ INFO ][ SEARCHING ]:: 
  846. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  847. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.sg ID: 003917828085772992913:gmoeray5sa8 ]
  848.  
  849. [ INFO ][ SEARCHING ]:: 
  850. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  851.  
  852. [ INFO ][ TOTAL FOUND VALUES ]:: [ 0 ]
  853. [ INFO ] Not a satisfactory result was found!
  854.  
  855.  
  856. [ INFO ] [ Shutting down ]
  857. [ INFO ] [ End of process INURLBR at [07-02-2018 04:12:49]
  858. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
  859. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-droithumain-france.org.txt ]
  860. |_
  861. ######################################################################################################################################
  862. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
  863. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
  864. `888. .8' .88888. Y88bo. 888 8 888 888
  865. `888.8' .8' `888. `ZY8888o. 888 8 888 888
  866. `888' .88ooo8888. `0Y88b 888 8 888 888
  867. 888 .8' `888. oo .d8P `88. .8' `88b d88'
  868. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
  869. Welcome to Yasuo v2.3
  870. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
  871. #######################################################################################################################################
  872.  
  873. I, [2018-02-07T04:12:53.238621 #16167] INFO -- : Initiating port scan
  874. I, [2018-02-07T04:13:12.955657 #16167] INFO -- : Using nmap scan output file logs/nmap_output_2018-02-07_04-12-53.xml
  875. I, [2018-02-07T04:13:12.979198 #16167] INFO -- : Discovered open port: 217.70.184.38:80
  876. I, [2018-02-07T04:13:13.505755 #16167] INFO -- : <<<Enumerating vulnerable applications>>>
  877.  
  878.  
  879. ################################### Running Port Scan ##############################
  880.  
  881. Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-07 04:14 EST
  882. Nmap scan report for droithumain-france.org (217.70.184.38)
  883. Host is up (0.12s latency).
  884. rDNS record for 217.70.184.38: webredir.vip.gandi.net
  885. Not shown: 25 filtered ports
  886. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  887. PORT STATE SERVICE
  888. 80/tcp open http
  889.  
  890. Nmap done: 1 IP address (1 host up) scanned in 3.23 seconds
  891. ######################################################################################################################################
  892. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  893. Subdomain droithumain-fr.ance.org 69.64.147.28
  894. Subdomain droithumain-fran.ce.org 216.83.206.108
  895. Subdomain droithumain-franc.e.org 217.194.213.243
  896. ######################################################################################################################################
  897. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  898. Subdomain droithumain-fr.ance.org 69.64.147.28
  899. Subdomain droithumain-fran.ce.org 216.83.206.108
  900. Subdomain droithumain-franc.e.org 217.194.213.243
  901. ######################################################################################################################################
  902. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net SSDEEP:100%
  903. Subdomain droithumain-fr.ance.org 69.64.147.28
  904. Subdomain droithumain-fran.ce.org 216.83.206.108
  905. Subdomain droithumain-franc.e.org 217.194.213.243
  906. ######################################################################################################################################
  907. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  908. Subdomain droithumain-fr.ance.org 69.64.147.28
  909. Subdomain droithumain-fran.ce.org 216.83.206.108
  910. Subdomain droithumain-franc.e.org 217.194.213.243
  911. ######################################################################################################################################
  912. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  913. Subdomain droithumain-fr.ance.org 69.64.147.28
  914. Subdomain droithumain-fra.nce.org -
  915. Subdomain droithumain-fran.ce.org 216.83.206.108
  916. Subdomain droithumain-franc.e.org 217.194.213.243
  917. ######################################################################################################################################
  918. Original* droithumain-france.org 217.70.184.38 NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  919. Subdomain droithumain-fr.ance.org 69.64.147.28
  920. Subdomain droithumain-fra.nce.org -
  921. Subdomain droithumain-fran.ce.org 216.83.206.108
  922. Subdomain droithumain-franc.e.org 217.194.213.243
  923. #####################################################################################################################################
  924. Original* droithumain-france.org 217.70.184.38/France NS:ns-142-a.gandi.net MX:fb.mail.gandi.net
  925. Subdomain droithumain-fr.ance.org 69.64.147.28/United States
  926. Subdomain droithumain-fra.nce.org -
  927. Subdomain droithumain-fran.ce.org 216.83.206.108/United States
  928. Subdomain droithumain-franc.e.org 217.194.213.243/United Kingdom
  929. ######################################################################################################################################
  930. Anonymous JTSEC #OPkilluminatie
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!