Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ######################################################################################################################################
- Hostname anonvicieux.wordpress.com ISP Automattic, Inc (AS2635)
- Continent North America Flag
- US
- Country United States Country Code US (USA)
- Region CA Local time 27 Oct 2017 21:22 PDT
- Metropolis* San Francisco-Oakland-San Jose Postal Code 94110
- City San Francisco Latitude 37.748
- IP Address 192.0.78.12 Longitude -122.416
- #######################################################################################################################################
- IP information 192.0.78.12
- IP address 192.0.78.12
- Location San Francisco, California, United States (US) flag
- Registry arin
- Network information
- IP address 192.0.78.12
- Reverse DNS (PTR record) not available
- DNS server (NS record) ns2.automattic.com (198.181.117.5)
- ns3.automattic.com (192.0.74.5)
- ns1.automattic.com (198.181.116.5)
- ASN number 2635
- ASN name (ISP) Automattic, Inc
- IP-range/subnet 192.0.78.0/24
- 192.0.78.0 - 192.0.78.255
- Network tools
- Ping 192.0.78.12
- Tracert 192.0.78.12
- Hosting information
- Summary of domains, mail servers and name servers currently hosted on this IP address.
- Number of domains hosted 1,757
- Number of mail servers hosted 74
- Number of name servers hosted 103
- Hosting history
- Summary of domains, mail servers and name servers hosted in the past on this IP address.
- Number of domains hosted 1,695
- Number of mail servers hosted 174
- Number of name servers hosted 136
- SPAM database lookup
- DROP/EDROP list Spamhaus not listed good
- dnsbl-1.uceprotect.net not listed good
- Number of SPAM hosts on 192.0.78.0/24 0
- SPAM tools
- DNSBL 192.0.78.12
- Blocklist lookup
- Adult hosting
- At least one domain hosted on this IP address is marked as containing adult content. more info listed error
- Hackers, Spyware, Botnets etc. listed error
- Open proxy not listed good
- Open TCP/UDP ports
- Status well known TCP and UDP ports. Note: we do not perform any port scan but use data of the ZMap project.
- Description Protocol/Port Status
- HTTP tcp80 Closed closed port
- HTTPS tcp443 Closed closed port
- DNS udp53 Closed closed port
- Network Time Protocol (NTP) udp123 Closed closed port
- NetBIOS Name Service udp137 Closed closed port
- Session Initiation Protocol (SIP) udp5060 Closed closed port
- Advertisements
- HideMyAss.com
- Domains on 192.0.78.12
- Domain Tools
- pricingidiot.com
- Whois+
- acruw.com
- Whois+
- atscaleconference.com
- Whois+
- edspencer.net
- Whois+
- wmfa.org
- Whois+
- kdtriglav.com
- Whois+
- alphion.com
- Whois+
- feathercast.org
- Whois+
- golfweek.com
- Whois+
- columbia-adaircounty.com
- Whois+
- Reverse IP for 192.0.78.12
- Domains around 192.0.78.12
- IP address #domains
- 192.0.78.2 2
- 192.0.78.8 1
- 192.0.78.9 54
- 192.0.78.12 1757
- 192.0.78.13 1633
- 192.0.78.14 3
- 192.0.78.16 6
- 192.0.78.17 56
- 192.0.78.22 1
- 192.0.78.24 1133156
- external websiteSee more items
- Mail servers on 192.0.78.12
- Overview of mail servers hosted on this IP address. You can use the Reverse MX tool to find domains using a mail server. Use the MX History tool to find domains using a mail server in the past.
- Mail server Tools
- advancetrain.net
- Reverse MX
- MX History
- viktoriajean.wordpress.com
- Reverse MX
- MX History
- mail.gouriekablo.de
- Reverse MX
- MX History
- adamchatman.wordpress.com
- Reverse MX
- MX History
- ceppug.wordpress.com
- Reverse MX
- MX History
- mail.wordpress.com
- Reverse MX
- MX History
- mx01.wordpress.com
- Reverse MX
- MX History
- mxns1.wordpress.com
- Reverse MX
- MX History
- mxns2.wordpress.com
- Reverse MX
- MX History
- grethebyrise.wordpress.com
- Reverse MX
- MX History
- Note: maximum of 10 mail servers are shown.
- Tip: You can use the MX Neighbors tool with IP input to view all domains using this IP address as mail server.
- Reverse MX for 192.0.78.12
- Name servers on 192.0.78.12
- Overview of name servers hosted on this IP address. You can use the NS Neighbors tool to find domains using a name server.
- Name server Tools
- ns2.icemanmedia.com
- Reverse NS
- ns.1.wordpress.com
- Reverse NS
- ns1.icemanmedia.com
- Reverse NS
- ns.dns3.wordpress.com
- Reverse NS
- peka.borlangeroddklubb.wordpress.com
- Reverse NS
- traveltechnews.wordpress.com
- Reverse NS
- abdya.wordpress.com
- Reverse NS
- julietrell.wordpress.com
- Reverse NS
- dinudey.wordpress.com
- Reverse NS
- janitaskapsalon.wordpress.com
- Reverse NS
- Note: maximum of 10 name servers are shown.
- Tip: You can use the NS Neighbors tool with IP input to view all domains using this IP address as name server.
- Reverse NS for 192.0.78.12
- Whois information
- #
- # ARIN WHOIS data and services are subject to the Terms of Use
- # available at: https://www.arin.net/whois_tou.html
- #
- # If you see inaccuracies in the results, please report at
- # https://www.arin.net/public/whoisinaccuracy/index.xhtml
- #
- #
- # The following results may also be obtained via:
- # https://whois.arin.net/rest/nets;q=192.0.76.3?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
- #
- NetRange: 192.0.64.0 - 192.0.127.255
- CIDR: 192.0.64.0/18
- NetName: AUTOMATTIC
- NetHandle: NET-192-0-64-0-1
- Parent: NET192 (NET-192-0-0-0-0)
- NetType: Direct Assignment
- OriginAS: AS2635
- Organization: Automattic, Inc (AUTOM-93)
- RegDate: 2012-11-20
- Updated: 2012-11-20
- Ref: https://whois.arin.net/rest/net/NET-192-0-64-0-1
- OrgName: Automattic, Inc
- OrgId: AUTOM-93
- Address: 60 29th Street #343
- City: San Francisco
- StateProv: CA
- PostalCode: 94110
- Country: US
- RegDate: 2011-10-05
- Updated: 2013-11-01
- Ref: https://whois.arin.net/rest/org/AUTOM-93
- OrgTechHandle: NOC12276-ARIN
- OrgTechName: NOC
- OrgTechPhone: +1-877-273-8550
- OrgTechEmail: ipadmin@automattic.com
- OrgTechRef: https://whois.arin.net/rest/poc/NOC12276-ARIN
- OrgNOCHandle: NOC12276-ARIN
- OrgNOCName: NOC
- OrgNOCPhone: +1-877-273-8550
- OrgNOCEmail: ipadmin@automattic.com
- OrgNOCRef: https://whois.arin.net/rest/poc/NOC12276-ARIN
- OrgAbuseHandle: ABUSE3970-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-877-273-8550
- OrgAbuseEmail: abuse@automattic.com
- OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3970-ARIN
- #
- # ARIN WHOIS data and services are subject to the Terms of Use
- # available at: https://www.arin.net/whois_tou.html
- #
- # If you see inaccuracies in the results, please report at
- # https://www.arin.net/public/whoisinaccuracy/index.xhtml
- #
- Geo information
- Location San Francisco, California, United States (US) flag
- Latitude and Longitude 37.75, -122.42
- Geo location of IP address
- Country information (United States)
- Capital Washington
- Continent NA
- Population 310,232,863
- Area 9,629,091 km²
- Currency USD
- Top Level Domain .us
- Geo location of IP address
- Update information
- The information on this page is collected from many different sources on the internet. Below is the last update date given from each source.
- AS number information 2017-10-22
- Port scan data Cached, max 2 weeks old
- PTR record and DNS servers Cached, max 1 week old
- SPAM and blocklist databases 2017-10-28
- Whois information 2017-10-06
- https://anonvicieux.wordpress.com/
- [i] Scanning Site: https://anonvicieux.wordpress.com
- B A S I C I N F O
- ====================
- [+] Site Title: Vicieux – Les abus de la $cientologie c'est mal m'voyez ?
- [+] IP address: 192.0.78.12
- [+] Web Server: nginx
- [+] CMS: WordPress
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- # If you are regularly crawling WordPress.com sites, please use our firehose to receive real-time push updates instead.
- # Please see https://developer.wordpress.com/docs/firehose/ for more details.
- Sitemap: https://anonvicieux.wordpress.com/sitemap.xml
- Sitemap: https://anonvicieux.wordpress.com/news-sitemap.xml
- User-agent: *
- Disallow: /wp-admin/
- Allow: /wp-admin/admin-ajax.php
- Disallow: /wp-login.php
- Disallow: /activate/ # har har
- Disallow: /cgi-bin/ # MT refugees
- Disallow: /mshots/v1/
- Disallow: /next/
- Disallow: /public.api/
- User-agent: IRLbot
- Crawl-delay: 3600
- # This file was generated on Tue, 17 Oct 2017 08:00:30 +0000
- -----------[end of contents]-------------
- W H O I S L O O K U P
- ========================
- No match for "ANONVICIEUX.WORDPRESS.COM".
- >>> Last update of whois database: 2017-10-28T02:36:57Z <<<
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 192.0.78.12
- [i] Country: US
- [i] State: California
- [i] City: San Francisco
- [i] Latitude: 37.748402
- [i] Longitude: -122.415604
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Server: nginx
- [i] Date: Sat, 28 Oct 2017 02:37:19 GMT
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- [i] Vary: Accept-Encoding
- [i] Last-Modified: Sat, 28 Oct 2017 02:36:45 GMT
- [i] Cache-Control: max-age=266, must-revalidate
- [i] X-nananana: Batcache
- [i] Vary: Cookie
- [i] X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
- [i] Link: <https://wp.me/3KkAN>; rel=shortlink
- [i] X-ac: 1.ams _dfw
- [i] Strict-Transport-Security: max-age=15552000
- D N S L O O K U P
- ===================
- anonvicieux.wordpress.com. 14387 IN CNAME lb.wordpress.com.
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 192.0.78.13
- Network = 192.0.78.13 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 192.0.78.13 - 192.0.78.13 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2017-10-28 02:37 UTC
- Nmap scan report for anonvicieux.wordpress.com (192.0.78.13)
- Host is up (0.0020s latency).
- Other addresses for anonvicieux.wordpress.com (not scanned): 192.0.78.12
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http nginx
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/http nginx
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 11.91 seconds
- [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
- Server: 192.168.1.254
- Address: 192.168.1.254#53
- Non-authoritative answer:
- anonvicieux.wordpress.com canonical name = lb.wordpress.com.
- Name: lb.wordpress.com
- Address: 192.0.78.13
- Name: lb.wordpress.com
- Address: 192.0.78.12
- anonvicieux.wordpress.com is an alias for lb.wordpress.com.
- lb.wordpress.com has address 192.0.78.12
- lb.wordpress.com has address 192.0.78.13
- [92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is anonvicieux.wordpress.com
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 192.0.78.13. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 192.0.78.13. Module test failed
- [-] No distance calculation. 192.0.78.13 appears to be dead or no ports known
- [+] Host: 192.0.78.13 is up (Guess probability: 50%)
- [+] Target: 192.0.78.13 is alive. Round-Trip Time: 0.51114 sec
- [+] Selected safe Round-Trip Time value is: 1.02228 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [+] Primary guess:
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Host 192.0.78.13 Running OS: pÎxuV (Guess probability: 100%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- [92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m
- No match for "ANONVICIEUX.WORDPRESS.COM".
- >>> Last update of whois database: 2017-10-28T02:38:13Z <<<
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- [92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- No hosts found
- [92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x anonvicieux.wordpress.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65371
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;com.wordpress.anonvicieux.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102403 1800 900 604800 3600
- ;; Query time: 37 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Fri Oct 27 22:38:50 EDT 2017
- ;; MSG SIZE rcvd: 135
- dnsenum VERSION:1.2.4
- [1;34m
- ----- anonvicieux.wordpress.com -----
- [0m[1;31m
- Host's addresses:
- __________________
- [0mlb.wordpress.com. 166 IN A 192.0.78.13
- lb.wordpress.com. 166 IN A 192.0.78.12
- [1;31m
- Wildcard detection using: gjhrxeyuzvdg
- _______________________________________
- [0mgjhrxeyuzvdg.anonvicieux.wordpress.com. 14400 IN CNAME lb.wordpress.com.
- lb.wordpress.com. 166 IN A 192.0.78.12
- lb.wordpress.com. 166 IN A 192.0.78.13
- [1;31m
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- Wildcards detected, all subdomains will point to the same IP address
- Omitting results containing 192.0.78.12, 192.0.78.13.
- Maybe you are using OpenDNS servers.
- !!!!!!!!!!!!!!!!!!!!!!!!!!!!
- [0m[1;31m
- Name Servers:
- ______________
- [0m[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
- [91m
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [94m[-] Enumerating subdomains now for anonvicieux.wordpress.com[0m
- [93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
- [92m[-] Searching now in Baidu..[0m
- [92m[-] Searching now in Yahoo..[0m
- [92m[-] Searching now in Google..[0m
- [92m[-] Searching now in Bing..[0m
- [92m[-] Searching now in Ask..[0m
- [92m[-] Searching now in Netcraft..[0m
- [92m[-] Searching now in DNSdumpster..[0m
- [92m[-] Searching now in Virustotal..[0m
- [92m[-] Searching now in ThreatCrowd..[0m
- [92m[-] Searching now in SSL Certificates..[0m
- [92m[-] Searching now in PassiveDNS..[0m
- [91m ââââŠââââŠââââ⊠âŠ[0m
- [91m â â âŠâ â ââââ ââ£[0m
- [91m ââââ©ââ â©oââââ© â©[0m
- [91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
- [94m
- [91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-anonvicieux.wordpress.com-full.txt
- [0m
- [92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
- [92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m
- [92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
- PING lb.wordpress.com (192.0.78.13) 56(84) bytes of data.
- 64 bytes from 192.0.78.13 (192.0.78.13): icmp_seq=1 ttl=58 time=117 ms
- --- lb.wordpress.com ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 117.865/117.865/117.865/0.000 ms
- [92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-27 22:39 EDT
- Nmap scan report for anonvicieux.wordpress.com (192.0.78.12)
- Host is up (0.12s latency).
- Other addresses for anonvicieux.wordpress.com (not scanned): 192.0.78.13
- Not shown: 47 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 4.64 seconds
- [92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
- [91m + -- --=[Port 21 closed... skipping.[0m
- [91m + -- --=[Port 22 closed... skipping.[0m
- [91m + -- --=[Port 23 closed... skipping.[0m
- [91m + -- --=[Port 25 closed... skipping.[0m
- [91m + -- --=[Port 53 closed... skipping.[0m
- [91m + -- --=[Port 79 closed... skipping.[0m
- [93m + -- --=[Port 80 opened... running tests...[0m
- [92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://anonvicieux.wordpress.com
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- [92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
- [1m[34mhttp://anonvicieux.wordpress.com[0m [301 Moved Permanently] [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mHTTPServer[0m[[1m[36mnginx[0m], [1m[37mIP[0m[[37m192.0.78.12[0m], [1m[37mRedirectLocation[0m[[37mhttps://anonvicieux.wordpress.com/[0m], [1m[37mTitle[0m[[1m[33m301 Moved Permanently[0m], [1m[37mUncommonHeaders[0m[[37mx-ac[0m], [1m[37mnginx[0m
- [1m[34mhttps://anonvicieux.wordpress.com/[0m [200 OK] [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mFrame[0m, [1m[37mGoogle-Analytics[0m[[1m[36mUA-52447-2[0m], [1m[37mHTML5[0m, [1m[37mHTTPServer[0m[[1m[36mnginx[0m], [1m[37mIP[0m[[37m192.0.78.12[0m], [1m[37mJQuery[0m, [1m[37mMetaGenerator[0m[[37mWordPress.com[0m], [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m][[1m[31m249643311490[0m], [1m[37mOpenID[0m, [1m[37mOpenSearch[0m[[37mhttps://anonvicieux.wordpress.com/osd.xml,https://s1.wp.com/opensearch.xml[0m], [1m[37mScript[0m[[37mtext/javascript[0m], [1m[37mStrict-Transport-Security[0m[[37mmax-age=15552000[0m], [1m[37mTitle[0m[[1m[33mVicieux – Les abus de la $cientologie c'est mal m'voyez ?[0m], [1m[37mUncommonHeaders[0m[[37mx-nananana,x-hacker,link,x-ac[0m], [1m[37mWordPress[0m, [1m[37mYouTube[0m, [1m[37mnginx[0m, [1m[37mx-hacker[0m[[37mIf you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.[0m]
- [94m __ ______ _____ [0m
- [94m \ \/ / ___|_ _|[0m
- [94m \ /\___ \ | | [0m
- [94m / \ ___) || | [0m
- [94m /_/\_|____/ |_| [0m
- [94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
- [94m+ -- --=[Target: anonvicieux.wordpress.com:80[0m
- [92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
- [92m+ -- --=[Site not vulnerable to Host Header Injection![0m
- [91m+ -- --=[Site vulnerable to Cross-Frame Scripting![0m
- [91m+ -- --=[Site vulnerable to Clickjacking![0m
- [93mHTTP/1.1 405 Not Allowed
- Server: nginx
- Date: Sat, 28 Oct 2017 02:39:35 GMT
- Content-Type: text/html
- Content-Length: 166
- Connection: close
- X-ac: 1.ams
- <html>
- <head><title>405 Not Allowed</title></head>
- <body bgcolor="white">
- <center><h1>405 Not Allowed</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [0m
- [93mHTTP/1.1 301 Moved Permanently
- Server: nginx
- Date: Sat, 28 Oct 2017 02:39:36 GMT
- Content-Type: text/html
- Content-Length: 178
- Connection: keep-alive
- Location: https://anonvicieux.wordpress.com/
- X-ac: 1.ams _dfw
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [0m
- [92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
- [94m+ -- --=[Checking if X-Content options are enabled on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking if X-Frame options are enabled on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking if X-XSS-Protection header is enabled on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking HTTP methods on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking if TRACE method is enabled on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking for META tags on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking for open proxy on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Enumerating software on anonvicieux.wordpress.com...[0m [93m
- Server: nginx
- [94m+ -- --=[Checking if Strict-Transport-Security is enabled on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking for Flash cross-domain policy on anonvicieux.wordpress.com...[0m [93m
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [94m+ -- --=[Checking for Silverlight cross-domain policy on anonvicieux.wordpress.com...[0m [93m
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [94m+ -- --=[Checking for HTML5 cross-origin resource sharing on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Retrieving robots.txt on anonvicieux.wordpress.com...[0m [93m
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [94m+ -- --=[Retrieving sitemap.xml on anonvicieux.wordpress.com...[0m [93m
- <html>
- <head><title>301 Moved Permanently</title></head>
- <body bgcolor="white">
- <center><h1>301 Moved Permanently</h1></center>
- <hr><center>nginx</center>
- </body>
- </html>
- [94m+ -- --=[Checking cookie attributes on anonvicieux.wordpress.com...[0m [93m
- [94m+ -- --=[Checking for ASP.NET Detailed Errors on anonvicieux.wordpress.com...[0m [93m
- <body class="error404 custom-background mp6 customizer-styles-applied highlander-enabled highlander-light">
- <article id="post-0" class="post error404 not-found">
- </article><!-- #post-0 .post .error404 .not-found -->
- [0m
- [92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 192.0.78.13
- + Target Hostname: anonvicieux.wordpress.com
- + Target Port: 80
- + Start Time: 2017-10-27 22:39:48 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: nginx
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'x-ac' found, with contents: 1.ams _dfw
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Root page / redirects to: https://anonvicieux.wordpress.com/
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Server leaks inodes via ETags, header found with file /, fields: 0x57d0c722 0x4d1
- + 7499 requests: 0 error(s) and 5 item(s) reported on remote host
- + End Time: 2017-10-27 23:14:26 (GMT-4) (2078 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- [92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
- [91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/anonvicieux.wordpress.com-port80.jpg
- [92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
- [92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m
- [1;310m _____ [1;37m .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. [0;31m.1BR'''Yp, .8BR'''Cq.
- [1;310m (_____)[1;37m 01 01N. C 01 C 01 .01. 01 [1;31m 01 Yb 01 .01.
- [1;310m (() ())[1;37m 01 C YCb C 01 C 01 ,C9 01 [0;31m 01 dP 01 ,C9
- [1;310m \ / [1;37m 01 C .CN. C 01 C 0101dC9 01 [1;31m 01'''bg. 0101dC9
- [1;310m \ / [1;37m 01 C .01.C 01 C 01 YC. 01 , [0;31m 01 .Y 01 YC.
- [1;310m /=\ [1;37m 01 C Y01 YC. ,C 01 .Cb. 01 ,C [1;31m 01 ,9 01 .Cb.
- [1;310m [___] [1;37m .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C [0;31m.J0101Cd9 .J01L. .J01./ [1;37m2.1
- [1;37m__[ ! ] Neither war between hackers, nor peace for the system.
- [1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
- [1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
- [1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
- [1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
- [1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.22-3 [02;31m][0m
- [1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
- [1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.4-2kali1 (2017-10-16) x86_64 [02;31m][0m
- [1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
- [1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
- [1;37m------------------------------------------------------------------------------------------------------------------------[0m
- [1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [27-10-2017 23:16:34][0;37m
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m
- [1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-anonvicieux.wordpress.com.txt ][0m
- [1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:anonvicieux.wordpress.com ]
- [1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
- [1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.cc ][0m
- [1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
- [1;37m-[02;31m[[0;31m:::[02;31m][0m
- [1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m
- [1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
- [1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
- [1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.com.et ID: 006748068166572874491:55ez0c3j3ey ][0m
- [1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
- [1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
- [1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 0 ][0m
- [1;37m[ INFO ][1;33m Not a satisfactory result was found![0m
- [1;37m[ INFO ] [ Shutting down ][0m
- [1;37m[ INFO ] [ End of process INURLBR at [27-10-2017 23:16:44][0m
- [1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
- [1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-anonvicieux.wordpress.com.txt ][0m
- [1;37m|_________________________________________________________________________________________[0m
- [1;37m\_________________________________________________________________________________________/[0m
- [91m + -- --=[Port 110 closed... skipping.[0m
- [91m + -- --=[Port 111 closed... skipping.[0m
- [91m + -- --=[Port 135 closed... skipping.[0m
- [91m + -- --=[Port 139 closed... skipping.[0m
- [91m + -- --=[Port 161 closed... skipping.[0m
- [91m + -- --=[Port 162 closed... skipping.[0m
- [91m + -- --=[Port 389 closed... skipping.[0m
- [93m + -- --=[Port 443 opened... running tests...[0m
- [92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://anonvicieux.wordpress.com
- [92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
- ____ _ _ _____ _ _
- / ___| | ___ _ _ __| | ___|_ _(_) |
- | | | |/ _ \| | | |/ _` | |_ / _` | | |
- | |___| | (_) | |_| | (_| | _| (_| | | |
- \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
- v1.0.1 by m0rtem
- [23:16:59] Initializing CloudFail - the date is: 27/10/2017
- [23:16:59] Fetching initial information from: anonvicieux.wordpress.com...
- [23:16:59] Server IP: 192.0.78.12
- [23:16:59] Testing if anonvicieux.wordpress.com is on the Cloudflare network...
- [23:16:59] anonvicieux.wordpress.com is not part of the Cloudflare network, quitting...
- [92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
- [1m[34mhttps://anonvicieux.wordpress.com[0m [200 OK] [1m[37mCountry[0m[[37mUNITED STATES[0m][[1m[31mUS[0m], [1m[37mFrame[0m, [1m[37mGoogle-Analytics[0m[[1m[36mUA-52447-2[0m], [1m[37mHTML5[0m, [1m[37mHTTPServer[0m[[1m[36mnginx[0m], [1m[37mIP[0m[[37m192.0.78.13[0m], [1m[37mJQuery[0m, [1m[37mMetaGenerator[0m[[37mWordPress.com[0m], [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m][[1m[31m249643311490[0m], [1m[37mOpenID[0m, [1m[37mOpenSearch[0m[[37mhttps://anonvicieux.wordpress.com/osd.xml,https://s1.wp.com/opensearch.xml[0m], [1m[37mScript[0m[[37mtext/javascript[0m], [1m[37mStrict-Transport-Security[0m[[37mmax-age=15552000[0m], [1m[37mTitle[0m[[1m[33mVicieux – Les abus de la $cientologie c'est mal m'voyez ?[0m], [1m[37mUncommonHeaders[0m[[37mx-nananana,x-hacker,link,x-ac[0m], [1m[37mWordPress[0m, [1m[37mYouTube[0m, [1m[37mnginx[0m, [1m[37mx-hacker[0m[[37mIf you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.[0m]
- [92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m
- AVAILABLE PLUGINS
- -----------------
- PluginChromeSha1Deprecation
- PluginOpenSSLCipherSuites
- PluginSessionRenegotiation
- PluginHSTS
- PluginHeartbleed
- PluginCompression
- PluginCertInfo
- PluginSessionResumption
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- anonvicieux.wordpress.com => WARNING: Could not connect (timeout); discarding corresponding tasks.
- SCAN COMPLETED IN 10.06 S
- -------------------------
- Version: [32m1.11.10-static[0m
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- [0m
- Testing SSL server [32manonvicieux.wordpress.com[0m on port [32m443[0m using SNI name [32manonvicieux.wordpress.com[0m
- [1;34mTLS Fallback SCSV:[0m
- Server [31mdoes not[0m support TLS Fallback SCSV
- [1;34mTLS renegotiation:[0m
- Session renegotiation [32mnot supported[0m
- [1;34mTLS Compression:[0m
- Compression [32mdisabled[0m
- [1;34mHeartbleed:[0m
- TLS 1.2 [32mnot vulnerable[0m to heartbleed
- TLS 1.1 [32mnot vulnerable[0m to heartbleed
- TLS 1.0 [32mnot vulnerable[0m to heartbleed
- [1;34mSupported Server Cipher(s):[0m
- [32mPreferred[0m TLSv1.2 [32m128[0m bits [32mECDHE-RSA-AES128-GCM-SHA256 [0m Curve P-256 DHE 256
- Accepted TLSv1.2 [32m256[0m bits [32mECDHE-RSA-AES256-GCM-SHA384 [0m Curve P-256 DHE 256
- Accepted TLSv1.2 [32m128[0m bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 [32m128[0m bits AES128-GCM-SHA256
- Accepted TLSv1.2 [32m256[0m bits AES256-GCM-SHA384
- Accepted TLSv1.2 [32m128[0m bits AES128-SHA256
- Accepted TLSv1.2 [32m128[0m bits AES128-SHA
- Accepted TLSv1.2 [32m256[0m bits AES256-SHA256
- Accepted TLSv1.2 [32m256[0m bits AES256-SHA
- Accepted TLSv1.2 [32m112[0m bits [33mDES-CBC3-SHA [0m
- Accepted TLSv1.2 [32m256[0m bits CAMELLIA256-SHA
- Accepted TLSv1.2 [32m128[0m bits CAMELLIA128-SHA
- [32mPreferred[0m TLSv1.1 [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 [32m128[0m bits AES128-SHA
- Accepted TLSv1.1 [32m256[0m bits AES256-SHA
- Accepted TLSv1.1 [32m112[0m bits [33mDES-CBC3-SHA [0m
- Accepted TLSv1.1 [32m256[0m bits CAMELLIA256-SHA
- Accepted TLSv1.1 [32m128[0m bits CAMELLIA128-SHA
- [32mPreferred[0m [33mTLSv1.0[0m [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted [33mTLSv1.0[0m [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted [33mTLSv1.0[0m [32m128[0m bits AES128-SHA
- Accepted [33mTLSv1.0[0m [32m256[0m bits AES256-SHA
- Accepted [33mTLSv1.0[0m [32m112[0m bits [33mDES-CBC3-SHA [0m
- Accepted [33mTLSv1.0[0m [32m256[0m bits CAMELLIA256-SHA
- Accepted [33mTLSv1.0[0m [32m128[0m bits CAMELLIA128-SHA
- [1;34mSSL Certificate:[0m
- Signature Algorithm: [32msha256WithRSAEncryption[0m
- RSA Key Strength: 2048
- Subject: *.wordpress.com
- Altnames: DNS:*.wordpress.com, DNS:wordpress.com
- Issuer: Go Daddy Secure Certificate Authority - G2
- Not valid before: [32mSep 6 16:52:41 2015 GMT[0m
- Not valid after: [32mOct 14 11:29:26 2018 GMT[0m
- [1m
- ###########################################################
- testssl 2.9dev from [m[1mhttps://testssl.sh/dev/[m
- [1m
- This program is free software. Distribution and
- modification under GPLv2 permitted.
- USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
- Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
- [1m
- ###########################################################[m
- Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
- on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
- (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
- [1mTesting all IPv4 addresses (port 443): [m192.0.78.13 192.0.78.12
- -----------------------------------------------------
- [7m Start 2017-10-27 23:18:54 -->> 192.0.78.13:443 (anonvicieux.wordpress.com) <<--[m
- further IP addresses: 192.0.78.12
- rDNS (192.0.78.13): --
- Service detected: HTTP
- [1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
- [1m SSLv2 [m[1;32mnot offered (OK)[m
- [1m SSLv3 [m[1;32mnot offered (OK)[m
- [1m TLS 1 [moffered
- [1m TLS 1.1 [moffered
- [1m TLS 1.2 [m[1;32moffered (OK)[m
- [1m SPDY/NPN [mh2, http/1.1 (advertised)
- [1m HTTP2/ALPN [mh2, http/1.1 (offered)
- [1m[4m Testing ~standard cipher categories [m
- [1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
- [1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
- [1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
- [1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
- [1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
- [1m Triple DES Ciphers (Medium) [m[0;33moffered[m
- [1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
- [1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
- [1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
- [0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- [1m Elliptic curves offered: [m[0;32msect283k1[m [0;32msect283r1[m [0;32msect409k1[m [0;32msect409r1[m [0;32msect571k1[m
- [0;32msect571r1[m [0;32msecp256k1[m [0;32mprime256v1[m [0;32msecp384r1[m
- [0;32msecp521r1[m [0;32mbrainpoolP256r1[m [0;32mbrainpoolP384r1[m
- [0;32mbrainpoolP512r1[m
- [1m[4m Testing server preferences [m
- [1m Has server cipher order? [m[1;32myes (OK)[m
- [1m Negotiated protocol [m[1;32mTLSv1.2[m
- [1m Negotiated cipher [m[1;32mECDHE-RSA-AES128-GCM-SHA256[m, [0;32m256 bit ECDH (P-256)[m
- [1m Cipher order[m
- TLSv1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- TLSv1.1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES128-GCM-SHA256
- AES256-GCM-SHA384 AES128-SHA256 AES128-SHA AES256-SHA256
- AES256-SHA DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- [1m[4m Testing server defaults (Server Hello) [m
- [1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
- "EC point formats/#11" "session ticket/#35"
- "status request/#5" "heartbeat/#15"
- "next protocol/#13172"
- "application layer protocol negotiation/#16"
- [1m Session Ticket RFC 5077 hint [m21600 seconds, session tickets keys seems to be rotated < daily
- [1m SSL Session ID support [myes
- [1m Session Resumption [mTickets: yes, ID: yes
- [1m TLS clock skew[m Random values, no fingerprinting possible
- [1m Signature Algorithm [m[0;32mSHA256 with RSA[m
- [1m Server key size [mRSA 2048 bits
- [1m Fingerprint / Serial [mSHA1 54E089DF28538300105DD43764FDE7D0F5ED5BC0 / 01FBBD00172D9F64
- SHA256 E52189F9148266E011534D0392D8050D6D9317F089699C10FB59EB62278A8199
- [1m Common Name (CN) [m[3m*.wordpress.com[m
- [1m subjectAltName (SAN) [m[3m*.wordpress.com wordpress.com [m
- [1m Issuer [m[3mGo Daddy Secure Certificate Authority - G2[m ([3mGoDaddy.com, Inc.[m from [3mUS[m)
- [1m Trust (hostname) [m[0;32mOk via SAN wildcard and CN wildcard[m (same w/o SNI)
- [1m Chain of trust[m [0;32mOk [m[0;35m[m
- [1m EV cert[m (experimental) no
- [1m Certificate Expiration [m[0;32m351 >= 60 days[m (2015-09-06 12:52 --> 2018-10-14 07:29 -0400)
- [1m # of certificates provided[m 3
- [1m Certificate Revocation List [mhttp://crl.godaddy.com/gdig2s1-119.crl
- [1m OCSP URI [mhttp://ocsp.godaddy.com/
- [1m OCSP stapling [m[0;32moffered[m
- [1m OCSP must staple [mno
- [1m DNS CAA RR[m (experimental) [1;33m--[m
- [1m Certificate Transparency [mno
- [1m[4m Testing HTTP header response @ "/" [m
- [1m HTTP Status Code [m 200 OK
- [1m HTTP clock skew [m+1 (± 1.5) sec from localtime
- [1m Strict Transport Security [m[0;32m180 days[m=15552000 s[0;36m, just this domain[m
- [1m Public Key Pinning [m--
- [1m Server banner [mnginx
- [1m Application banner [m--
- [1m Cookie(s) [m(none issued at "/")
- [1m Security headers [m[0;33m--[m
- [1m Reverse Proxy banner [m--
- [1m[4m Testing vulnerabilities [m
- [1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
- [1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
- [1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
- [1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
- [1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
- [1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
- [1m BREACH[m (CVE-2013-3587) [0;31mpotentially NOT ok, uses gzip HTTP compression.[m - only supplied "/" tested
- Can be ignored for static pages or if no secrets in the page
- [1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
- [1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
- [1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;33mVULNERABLE[m, uses 64 bit block ciphers
- [1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
- [1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
- make sure you don't use this certificate elsewhere with SSLv2 enabled services
- https://censys.io/ipv4?q=E52189F9148266E011534D0392D8050D6D9317F089699C10FB59EB62278A8199 could help you to find out
- [1m LOGJAM[m (CVE-2015-4000), experimental [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected
- [1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA
- AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA
- CAMELLIA128-SHA [m
- [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- [1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
- [1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
- [1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
- x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
- x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
- x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- xc027 ECDHE-RSA-AES128-SHA256 ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- xc013 ECDHE-RSA-AES128-SHA ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
- x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
- x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
- x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
- [1m[4m Running client simulations via sockets [m
- Android 2.3.7 TLSv1.0 AES128-SHA
- Android 4.1.1 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Android 4.3 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Android 4.4.2 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- IE 8 XP TLSv1.0 DES-CBC3-SHA
- IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Java 6u45 TLSv1.0 AES128-SHA
- Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- [7m Done 2017-10-27 23:23:22 [ 270s] -->> 192.0.78.13:443 (anonvicieux.wordpress.com) <<--[m
- -----------------------------------------------------
- [7m Start 2017-10-27 23:23:22 -->> 192.0.78.12:443 (anonvicieux.wordpress.com) <<--[m
- further IP addresses: 192.0.78.13
- rDNS (192.0.78.12): --
- Service detected: HTTP
- [1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
- [1m SSLv2 [m[1;32mnot offered (OK)[m
- [1m SSLv3 [m[1;32mnot offered (OK)[m
- [1m TLS 1 [moffered
- [1m TLS 1.1 [moffered
- [1m TLS 1.2 [m[1;32moffered (OK)[m
- [1m SPDY/NPN [mh2, http/1.1 (advertised)
- [1m HTTP2/ALPN [mh2, http/1.1 (offered)
- [1m[4m Testing ~standard cipher categories [m
- [1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
- [1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
- [1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
- [1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
- [1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
- [1m Triple DES Ciphers (Medium) [m[0;33moffered[m
- [1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
- [1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
- [1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
- [0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- [1m Elliptic curves offered: [m[0;32msect283k1[m [0;32msect283r1[m [0;32msect409k1[m [0;32msect409r1[m [0;32msect571k1[m
- [0;32msect571r1[m [0;32msecp256k1[m [0;32mprime256v1[m [0;32msecp384r1[m
- [0;32msecp521r1[m [0;32mbrainpoolP256r1[m [0;32mbrainpoolP384r1[m
- [0;32mbrainpoolP512r1[m
- [1m[4m Testing server preferences [m
- [1m Has server cipher order? [m[1;32myes (OK)[m
- [1m Negotiated protocol [m[1;32mTLSv1.2[m
- [1m Negotiated cipher [m[1;32mECDHE-RSA-AES128-GCM-SHA256[m, [0;32m256 bit ECDH (P-256)[m
- [1m Cipher order[m
- TLSv1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- TLSv1.1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES128-GCM-SHA256
- AES256-GCM-SHA384 AES128-SHA256 AES128-SHA AES256-SHA256
- AES256-SHA DES-CBC3-SHA CAMELLIA256-SHA CAMELLIA128-SHA
- [1m[4m Testing server defaults (Server Hello) [m
- [1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
- "EC point formats/#11" "session ticket/#35"
- "status request/#5" "heartbeat/#15"
- "next protocol/#13172"
- "application layer protocol negotiation/#16"
- [1m Session Ticket RFC 5077 hint [m21600 seconds, session tickets keys seems to be rotated < daily
- [1m SSL Session ID support [myes
- [1m Session Resumption [mTickets: yes, ID: yes
- [1m TLS clock skew[m Random values, no fingerprinting possible
- [1m Signature Algorithm [m[0;32mSHA256 with RSA[m
- [1m Server key size [mRSA 2048 bits
- [1m Fingerprint / Serial [mSHA1 54E089DF28538300105DD43764FDE7D0F5ED5BC0 / 01FBBD00172D9F64
- SHA256 E52189F9148266E011534D0392D8050D6D9317F089699C10FB59EB62278A8199
- [1m Common Name (CN) [m[3m*.wordpress.com[m
- [1m subjectAltName (SAN) [m[3m*.wordpress.com wordpress.com [m
- [1m Issuer [m[3mGo Daddy Secure Certificate Authority - G2[m ([3mGoDaddy.com, Inc.[m from [3mUS[m)
- [1m Trust (hostname) [m[0;32mOk via SAN wildcard and CN wildcard[m (same w/o SNI)
- [1m Chain of trust[m [0;32mOk [m[0;35m[m
- [1m EV cert[m (experimental) no
- [1m Certificate Expiration [m[0;32m351 >= 60 days[m (2015-09-06 12:52 --> 2018-10-14 07:29 -0400)
- [1m # of certificates provided[m 3
- [1m Certificate Revocation List [mhttp://crl.godaddy.com/gdig2s1-119.crl
- [1m OCSP URI [mhttp://ocsp.godaddy.com/
- [1m OCSP stapling [m[0;32moffered[m
- [1m OCSP must staple [mno
- [1m DNS CAA RR[m (experimental) [1;33m--[m
- [1m Certificate Transparency [mno
- [1m[4m Testing HTTP header response @ "/" [m
- [1m HTTP Status Code [m 200 OK
- [1m HTTP clock skew [m+1 (± 1.5) sec from localtime
- [1m Strict Transport Security [m[0;32m180 days[m=15552000 s[0;36m, just this domain[m
- [1m Public Key Pinning [m--
- [1m Server banner [mnginx
- [1m Application banner [m--
- [1m Cookie(s) [m(none issued at "/")
- [1m Security headers [m[0;33m--[m
- [1m Reverse Proxy banner [m--
- [1m[4m Testing vulnerabilities [m
- [1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
- [1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
- [1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
- [1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
- [1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
- [1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
- [1m BREACH[m (CVE-2013-3587) [0;31mpotentially NOT ok, uses gzip HTTP compression.[m - only supplied "/" tested
- Can be ignored for static pages or if no secrets in the page
- [1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
- [1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
- [1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;33mVULNERABLE[m, uses 64 bit block ciphers
- [1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
- [1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
- make sure you don't use this certificate elsewhere with SSLv2 enabled services
- https://censys.io/ipv4?q=E52189F9148266E011534D0392D8050D6D9317F089699C10FB59EB62278A8199 could help you to find out
- [1m LOGJAM[m (CVE-2015-4000), experimental [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected
- [1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA
- AES128-SHA AES256-SHA
- DES-CBC3-SHA CAMELLIA256-SHA
- CAMELLIA128-SHA [m
- [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- [1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
- [1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
- [1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
- x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
- x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
- x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- xc027 ECDHE-RSA-AES128-SHA256 ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- xc013 ECDHE-RSA-AES128-SHA ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
- x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
- x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
- x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
- [1m[4m Running client simulations via sockets [m
- Android 2.3.7 TLSv1.0 AES128-SHA
- Android 4.1.1 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Android 4.3 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Android 4.4.2 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- IE 8 XP TLSv1.0 DES-CBC3-SHA
- IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Java 6u45 TLSv1.0 AES128-SHA
- Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
- Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
- [7m Done 2017-10-27 23:27:47 [ 535s] -->> 192.0.78.12:443 (anonvicieux.wordpress.com) <<--[m
- -----------------------------------------------------
- [1mDone testing now all IP addresses (on port 443): [m192.0.78.13 192.0.78.12
- #######################################################################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement