JTSEC full recon #anontargets.org

1.  
2. [i] Scanning Site: https://anontargets.org
3.  
4.  
5.  
6. B A S I C I N F O
7. ====================
8.  
9.  
10. [+] Site Title:
11. [+] IP address: 217.160.0.131
12. [+] Web Server: Apache
13. [+] CMS: Could Not Detect
14. [+] Cloudflare: Not Detected
15. [+] Robots File: Could NOT Find robots.txt!
16.  
17.  
18.  
19.  
20. W H O I S L O O K U P
21. ========================
22.  
23. Domain Name: ANONTARGETS.ORG
24. Registry Domain ID: D402200000002887210-LROR
25. Registrar WHOIS Server:
26. Registrar URL: http://registrar.1und1.de
27. Updated Date: 2017-07-03T19:12:35Z
28. Creation Date: 2017-07-03T19:12:31Z
29. Registry Expiry Date: 2018-07-03T19:12:31Z
30. Registrar Registration Expiration Date:
31. Registrar: 1&1 Internet SE
32. Registrar IANA ID: 83
33. Registrar Abuse Contact Email: abuse@1and1.com
34. Registrar Abuse Contact Phone: +1.6105601459
35. Reseller:
36. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
37. Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
38. Registry Registrant ID: C171986110-LROR
39. Registrant Name: 1&1 Internet Limited
40. Registrant Organization: 1&1 Internet Limited
41. Registrant Street: Discovery House
42. Registrant Street: 154 Southgate Street
43. Registrant City: Gloucester
44. Registrant State/Province: GLS
45. Registrant Postal Code: GL1 2EX
46. Registrant Country: GB
47. Registrant Phone: +44.3333365691
48. Registrant Phone Ext:
49. Registrant Fax:
50. Registrant Fax Ext:
51. Registrant Email: privacy@1and1.co.uk
52. Registry Admin ID: C171986110-LROR
53. Admin Name: 1&1 Internet Limited
54. Admin Organization: 1&1 Internet Limited
55. Admin Street: Discovery House
56. Admin Street: 154 Southgate Street
57. Admin City: Gloucester
58. Admin State/Province: GLS
59. Admin Postal Code: GL1 2EX
60. Admin Country: GB
61. Admin Phone: +44.3333365691
62. Admin Phone Ext:
63. Admin Fax:
64. Admin Fax Ext:
65. Admin Email: privacy@1and1.co.uk
66. Registry Tech ID: C171986110-LROR
67. Tech Name: 1&1 Internet Limited
68. Tech Organization: 1&1 Internet Limited
69. Tech Street: Discovery House
70. Tech Street: 154 Southgate Street
71. Tech City: Gloucester
72. Tech State/Province: GLS
73. Tech Postal Code: GL1 2EX
74. Tech Country: GB
75. Tech Phone: +44.3333365691
76. Tech Phone Ext:
77. Tech Fax:
78. Tech Fax Ext:
79. Tech Email: privacy@1and1.co.uk
80. Name Server: NS1069.UI-DNS.COM
81. Name Server: NS1087.UI-DNS.DE
82. Name Server: NS1039.UI-DNS.BIZ
83. Name Server: NS1102.UI-DNS.ORG
84. DNSSEC: unsigned
85. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
86. >>> Last update of WHOIS database: 2017-08-25T01:27:23Z <<<
87.  
88. For more information on Whois status codes, please visit https://icann.org/epp
89.  
90.  
91.  
92.  
93.  
94. G E O I P L O O K U P
95. =========================
96.  
97. [i] IP Address: 217.160.0.131
98. [i] Country: DE
99. [i] State: N/A
100. [i] City: N/A
101. [i] Latitude: 51.299301
102. [i] Longitude: 9.491000
103.  
104.  
105.  
106.  
107. H T T P H E A D E R S
108. =======================
109.  
110.  
111. [i] HTTP/1.1 200 OK
112. [i] Content-Type: text/html; charset=UTF-8
113. [i] Connection: close
114. [i] Date: Fri, 25 Aug 2017 01:28:25 GMT
115. [i] Server: Apache
116. [i] X-Powered-By: PHP/7.0.22
117. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
118. [i] Cache-Control: no-store, no-cache, must-revalidate
119. [i] Pragma: no-cache
120. [i] Set-Cookie: PHPSESSID=7d01ea8a046d865630bf9671fffec07b; path=/
121.  
122.  
123.  
124.  
125. D N S L O O K U P
126. ===================
127.  
128. anontargets.org. 3579 IN A 217.160.0.131
129. anontargets.org. 7200 IN NS ns1069.ui-dns.com.
130. anontargets.org. 7200 IN NS ns1039.ui-dns.biz.
131. anontargets.org. 7200 IN NS ns1087.ui-dns.de.
132. anontargets.org. 7200 IN NS ns1102.ui-dns.org.
133. anontargets.org. 86400 IN SOA ns1069.ui-dns.com. hostmaster.1and1.com. 2017070300 28800 7200 604800 600
134. anontargets.org. 3600 IN MX 10 mx00.1and1.co.uk.
135. anontargets.org. 3600 IN MX 10 mx01.1and1.co.uk.
136. anontargets.org. 3579 IN AAAA 2001:8d8:100f:f000::2c2
137.  
138.  
139.  
140.  
141. S U B N E T C A L C U L A T I O N
142. ====================================
143.  
144. Address = 2001:8d8:100f:f000::2c2
145. Network = 2001:8d8:100f:f000::2c2 / 128
146. Netmask = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
147. Wildcard Mask = ::
148. Hosts Bits = 0
149. Max. Hosts = 0 (2^0 - 1)
150. Host Range = { 2001:8d8:100f:f000::2c3 - 2001:8d8:100f:f000::2c2 }
151.  
152.  
153.  
154. N M A P P O R T S C A N
155. ============================
156.  
157.  
158. Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-25 01:28 UTC
159. Nmap scan report for anontargets.org (217.160.0.131)
160. Host is up (0.091s latency).
161. Other addresses for anontargets.org (not scanned): 2001:8d8:100f:f000::2c2
162. rDNS record for 217.160.0.131: 217-160-0-131.elastic-ssl.ui-r.com
163. PORT STATE SERVICE VERSION
164. 21/tcp filtered ftp
165. 22/tcp filtered ssh
166. 23/tcp filtered telnet
167. 25/tcp filtered smtp
168. 80/tcp open http nginx
169. 110/tcp filtered pop3
170. 143/tcp filtered imap
171. 443/tcp open ssl/http nginx
172. 445/tcp filtered microsoft-ds
173. 3389/tcp filtered ms-wbt-server
174.  
175. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
176. Nmap done: 1 IP address (1 host up) scanned in 15.36 seconds
177.  
178.  
179.  
180. S U B - D O M A I N F I N D E R
181. ==================================
182.  
183.  
184. [i] Total Subdomains Found : 0
185.  
186.  
187.  
188.  
189.  
190. R E V E R S E I P L O O K U P
191. ==================================
192.  
193.  
194. [i] Total Sites Found On This Server : 24
195.  
196.  
197. [#] arabian-african.com
198. [-] CMS: WordPress
199.  
200. [#] askthetrades.co.uk
201. [-] CMS: Could Not Detect
202.  
203. [#] autumnleavesforsale.com
204. [-] CMS: Could Not Detect
205.  
206. [#] cocinasredondela.es
207. [-] CMS: Could Not Detect
208.  
209. [#] dry-f.eu
210. [-] CMS: Could Not Detect
211.  
212. [#] epicardesign.de
213. [-] CMS: WordPress
214.  
215. [#] explorandosinrumbofijo.com
216. [-] CMS: WordPress
217.  
218. [#] fedfag.com
219. [-] CMS: Could Not Detect
220.  
221. [#] georgehamelectrical.co.uk
222. [-] CMS: Could Not Detect
223.  
224. [#] martandkate.co.uk
225. [-] CMS: Could Not Detect
226.  
227. [#] spconsulting.fr
228. [-] CMS: Could Not Detect
229.  
230. [#] tarifando.es
231. [-] CMS: Could Not Detect
232.  
233. [#] theaparthenos.com
234. [-] CMS: Could Not Detect
235.  
236. [#] valdiviayarmijo.es
237. [-] CMS: WordPress
238.  
239. [#] vertederocero.es
240. [-] CMS: Could Not Detect
241.  
242. [#] www.anontargets.org
243. [-] CMS: Could Not Detect
244.  
245. [#] www.elparquerestaurante.com
246. [-] CMS: WordPress
247.  
248. [#] www.flonatur.com
249. [-] CMS: WordPress
250.  
251. [#] www.hjhomeinteriors.co.uk
252. [-] CMS: Could Not Detect
253.  
254. [#] www.madeintheshed.uk
255. [-] CMS: Could Not Detect
256.  
257. [#] www.rene-freitag.com
258. [-] CMS: WordPress
259.  
260. [#] www.smithdownfestival.com
261. [-] CMS: Could Not Detect
262.  
263. [#] www.tecny-stand.com
264. [-] CMS: WordPress
265.  
266. [#] www.voyancemagie.fr,
267. [-] CMS: Could Not Detect
268.  
269. [+] Emails found:
270. ------------------
271. pixel-1503626371912550-web-@anontargets.org
272. pixel-1503626373275055-web-@anontargets.org
273.  
274. [+] Hosts found in search engines:
275. ---------------------------------------------------------------------------------------------------------------------------------------
276. [-] Resolving hostnames IPs...
277. 217.160.0.131:www.anontargets.org
278. [+] Virtual hosts:
279. ==================
280. 217.160.0.131 lasaule.fr
281. 217.160.0.131 animalerie-paris.com
282. 217.160.0.131 maison-fleurie.fr
283. 217.160.0.131 www.parc-de-loisirs-nevers.fr
284. 217.160.0.131 vendremavoiture.com
285. 217.160.0.131 www.la-bouquetterie.fr
286. 217.160.0.131 terrasseduchastelas.fr
287. 217.160.0.131 dbz-online.net
288. 217.160.0.131 www.new-destock.net
289. 217.160.0.131 bridgeclub-dugrauduroi.fr
290. 217.160.0.131 hemossante.fr
291. 217.160.0.131 www.lechevalblancrestaurant.com
292. 217.160.0.131 www.quelle-est-cette-fleur.com
293. 217.160.0.131 lespetitesecuriesparis.com
294. 217.160.0.131 www.toutatrac.fr
295. 217.160.0.131 floredupaysbasque.com
296. 217.160.0.131 www.epm-productions.com
297. 217.160.0.131 www.pateslorrain.fr
298. 217.160.0.131 www.retrometalworks.fr
299. 217.160.0.131 www.mjcboileau.fr
300. 217.160.0.131 www.orrt.fr
301. 217.160.0.131 www.lareservecitoyenne.fr
302. 217.160.0.131 www.amiens-osteopathe.fr
303. 217.160.0.131 www.cie-yannlheureux.fr
304. 217.160.0.131 www.moveandcare.fr
305. 217.160.0.131 www.moongraffiti.com
306. 217.160.0.131 www.restaurantlefourneau.com
307. 217.160.0.131 www.cavedupresbytere.fr
308. 217.160.0.131 www.azalaibeachcottage.com
309. 217.160.0.131 www.betbailly.fr
310. 217.160.0.131 www.derly-parcsetjardins.fr
311. 217.160.0.131 ledahueditions.fr
312. 217.160.0.131 www.tendanceproduction.fr
313. 217.160.0.131 boutonsweb.fr
314. 217.160.0.131 deco-collection.fr
315. 217.160.0.131 www.ferme-legrandcordy.com
316. 217.160.0.131 www.quadevasion62.com
317. 217.160.0.131 ecolemontessori-couleursdavenir.com
318. 217.160.0.131 www.najat-vallaud-belkacem.com
319. 217.160.0.131 www.bordeauxswing.com
320. 217.160.0.131 cuveedautomne83.fr
321. 217.160.0.131 larochecourbon.fr
322. 217.160.0.131 lecoinjardin.fr
323. 217.160.0.131 www.laboiteadelices.creawebz.com
324. 217.160.0.131 nicolas-mialot.com
325. 217.160.0.131 www.animateur-nature.com
326. 217.160.0.131 genac-bignac.fr
327. 217.160.0.131 www.couppeypeintures.fr
328. 217.160.0.131 www.maison-fleurie.fr
329. 217.160.0.131 impcf.fr
330. 217.160.0.131 averis.fr
331. 217.160.0.131 www.achetermavoiture.com
332. 217.160.0.131 snsm-antibes.net
333. 217.160.0.131 plafondtendugrenoble.com
334. 217.160.0.131 www.mcmusic.fr
335. 217.160.0.131 www.katia-carshnev.fr
336. 217.160.0.131 www.creascol.com
337. 217.160.0.131 www.leberceaudesrois.com
338. 217.160.0.131 www.imagine-architectes.fr
339. 217.160.0.131 www.domainedelavallee.fr
340. 217.160.0.131 www.miss-paris
341. 217.160.0.131 www.marlophotographies.com
342. 217.160.0.131 sensefc.com
343. 217.160.0.131 migaud-peinture.fr
344. 217.160.0.131 dragon-sushi.fr
345. 217.160.0.131 qcdi.fr
346. 217.160.0.131 ifagp.fr
347. 217.160.0.131 www.tannerietarentaise.fr
348. 217.160.0.131 cap-locatif.com
349. 217.160.0.131 www.kreditconso.com
350. 217.160.0.131 quelle-est-cette-fleur.com
351. 217.160.0.131 japontraduction.com
352. 217.160.0.131 yvanrichard.com
353. 217.160.0.131 www.ilf-paris.fr
354. 217.160.0.131 www.jeantil.fr
355. 217.160.0.131 serec.info
356. 217.160.0.131 www.amandine-delord.fr
357. 217.160.0.131 www.osrent.fr
358. 217.160.0.131 www.marine-hypnotherapeute.com
359. 217.160.0.131 www.maxime-eteve-photographe.fr
360. 217.160.0.131 www.aetos.fr
361. 217.160.0.131 skiclubartouste.fr
362.  
363. inetnum: 217.160.0.0 - 217.160.1.255
364. netname: SCHLUND-CUSTOMERS
365. descr: 1&1 Internet AG
366. country: DE
367. admin-c: IPAD-RIPE
368. tech-c: IPOP-RIPE
369. remarks: INFRA-AW
370. remarks: in case of abuse or spam, please mailto: abuse@oneandone.net
371. status: ASSIGNED PA
372. mnt-by: AS8560-MNT
373. created: 2015-09-14T12:43:21Z
374. last-modified: 2015-09-14T12:43:21Z
375. source: RIPE # Filtered
376.  
377. role: IP Administration
378. address: 1&1 Internet SE
379. admin-c: RME9-RIPE
380. admin-c: JR2342-RIPE
381. admin-c: LTO3-RIPE
382. tech-c: RME9-RIPE
383. tech-c: JR2342-RIPE
384. tech-c: LTO3-RIPE
385. nic-hdl: IPAD-RIPE
386. abuse-mailbox: abuse@oneandone.net
387. mnt-by: AS8560-MNT
388. created: 2009-05-20T17:24:09Z
389. last-modified: 2016-03-17T10:00:27Z
390. source: RIPE # Filtered
391.  
392. role: IP Operations
393. address: 1&1 Internet AG
394. admin-c: RME9-RIPE
395. admin-c: JR2342-RIPE
396. admin-c: LTO3-RIPE
397. tech-c: RME9-RIPE
398. tech-c: JR2342-RIPE
399. tech-c: LTO3-RIPE
400. nic-hdl: IPOP-RIPE
401. abuse-mailbox: abuse@oneandone.net
402. mnt-by: AS8560-MNT
403. created: 2009-05-28T16:25:04Z
404. last-modified: 2015-05-06T12:02:53Z
405. source: RIPE # Filtered
406.  
407. % Information related to '217.160.0.0/16AS8560'
408.  
409. route: 217.160.0.0/16
410. descr: SCHLUND-PA-3
411. origin: AS8560
412. mnt-by: AS8560-MNT
413. created: 1970-01-01T00:00:00Z
414. last-modified: 2009-05-14T16:44:58Z
415. source: RIPE # Filtered
416.  
417. % This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)
418. [+] Emails found:
419. ------------------
420. pixel-1503626371912550-web-@anontargets.org
421. pixel-1503626373275055-web-@anontargets.org
422.  
423. [+] Hosts found in search engines:
424. ---------------------------------------------------------------------------------------------------------------------------------------
425. [-] Resolving hostnames IPs...
426. 217.160.0.131:www.anontargets.org
427. [+] Virtual hosts:
428. ==================
429. 217.160.0.131 lasaule.fr
430. 217.160.0.131 animalerie-paris.com
431. 217.160.0.131 maison-fleurie.fr
432. 217.160.0.131 www.parc-de-loisirs-nevers.fr
433. 217.160.0.131 vendremavoiture.com
434. 217.160.0.131 www.la-bouquetterie.fr
435. 217.160.0.131 terrasseduchastelas.fr
436. 217.160.0.131 dbz-online.net
437. 217.160.0.131 www.new-destock.net
438. 217.160.0.131 bridgeclub-dugrauduroi.fr
439. 217.160.0.131 hemossante.fr
440. 217.160.0.131 www.lechevalblancrestaurant.com
441. 217.160.0.131 www.quelle-est-cette-fleur.com
442. 217.160.0.131 lespetitesecuriesparis.com
443. 217.160.0.131 www.toutatrac.fr
444. 217.160.0.131 floredupaysbasque.com
445. 217.160.0.131 www.epm-productions.com
446. 217.160.0.131 www.pateslorrain.fr
447. 217.160.0.131 www.retrometalworks.fr
448. 217.160.0.131 www.mjcboileau.fr
449. 217.160.0.131 www.orrt.fr
450. 217.160.0.131 www.lareservecitoyenne.fr
451. 217.160.0.131 www.amiens-osteopathe.fr
452. 217.160.0.131 www.cie-yannlheureux.fr
453. 217.160.0.131 www.moveandcare.fr
454. 217.160.0.131 www.moongraffiti.com
455. 217.160.0.131 www.restaurantlefourneau.com
456. 217.160.0.131 www.cavedupresbytere.fr
457. 217.160.0.131 www.azalaibeachcottage.com
458. 217.160.0.131 www.betbailly.fr
459. 217.160.0.131 www.derly-parcsetjardins.fr
460. 217.160.0.131 ledahueditions.fr
461. 217.160.0.131 www.tendanceproduction.fr
462. 217.160.0.131 boutonsweb.fr
463. 217.160.0.131 deco-collection.fr
464. 217.160.0.131 www.ferme-legrandcordy.com
465. 217.160.0.131 www.quadevasion62.com
466. 217.160.0.131 ecolemontessori-couleursdavenir.com
467. 217.160.0.131 www.najat-vallaud-belkacem.com
468. 217.160.0.131 www.bordeauxswing.com
469. 217.160.0.131 cuveedautomne83.fr
470. 217.160.0.131 larochecourbon.fr
471. 217.160.0.131 lecoinjardin.fr
472. 217.160.0.131 www.laboiteadelices.creawebz.com
473. 217.160.0.131 nicolas-mialot.com
474. 217.160.0.131 www.animateur-nature.com
475. 217.160.0.131 genac-bignac.fr
476. 217.160.0.131 www.couppeypeintures.fr
477. 217.160.0.131 www.maison-fleurie.fr
478. 217.160.0.131 impcf.fr
479. 217.160.0.131 averis.fr
480. 217.160.0.131 www.achetermavoiture.com
481. 217.160.0.131 snsm-antibes.net
482. 217.160.0.131 plafondtendugrenoble.com
483. 217.160.0.131 www.mcmusic.fr
484. 217.160.0.131 www.katia-carshnev.fr
485. 217.160.0.131 www.creascol.com
486. 217.160.0.131 www.leberceaudesrois.com
487. 217.160.0.131 www.imagine-architectes.fr
488. 217.160.0.131 www.domainedelavallee.fr
489. 217.160.0.131 www.miss-paris
490. 217.160.0.131 www.marlophotographies.com
491. 217.160.0.131 sensefc.com
492. 217.160.0.131 migaud-peinture.fr
493. 217.160.0.131 dragon-sushi.fr
494. 217.160.0.131 qcdi.fr
495. 217.160.0.131 ifagp.fr
496. 217.160.0.131 www.tannerietarentaise.fr
497. 217.160.0.131 cap-locatif.com
498. 217.160.0.131 www.kreditconso.com
499. 217.160.0.131 quelle-est-cette-fleur.com
500. 217.160.0.131 japontraduction.com
501. 217.160.0.131 yvanrichard.com
502. 217.160.0.131 www.ilf-paris.fr
503. 217.160.0.131 www.jeantil.fr
504. 217.160.0.131 serec.info
505. 217.160.0.131 www.amandine-delord.fr
506. 217.160.0.131 www.osrent.fr
507. 217.160.0.131 www.marine-hypnotherapeute.com
508. 217.160.0.131 www.maxime-eteve-photographe.fr
509. 217.160.0.131 www.aetos.fr
510. 217.160.0.131 skiclubartouste.fr
511. --------------------------------------------------------------------------------------------------------------------------------------
512. + Target IP: 217.160.0.131
513. + Target Hostname: anontargets.org
514. + Target Port: 80
515. + Start Time: 2017-08-24 21:58:16 (GMT-4)
516. ---------------------------------------------------------------------------------------------------------------------------------------
517. + Server: Apache
518. + The anti-clickjacking X-Frame-Options header is not present.
519. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
520. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
521. + Root page / redirects to: https://anontargets.org/
522. + No CGI Directories found (use '-C all' to force check all possible dirs)
523. + Server banner has changed from 'Apache' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
524. + 7596 requests: 0 error(s) and 3 item(s) reported on remote host
525. + End Time: 2017-08-24 22:15:31 (GMT-4) (1035 seconds)
526. ---------------------------------------------------------------------------------------------------------------------------------------