API tools faq
paste
Advertisement
Guest User

Anonymous Operation Izsrael USA JTSEC full recon 2018 #3

a guest
Mar 21st, 2018
2,211
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.55 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. Hostname thunderbolttattoo.com ISP Sucuri (AS30148)
  3. Continent North America Flag
  4. US
  5. Country United States Country Code US (USA)
  6. Region Unknown Local time 21 Mar 2018 03:04 CDT
  7. Metropolis Unknown Postal Code Unknown
  8. City Unknown Latitude 37.751
  9. IP Address 192.124.249.7 Longitude -97.822
  10. #######################################################################################################################################
  11. [i] Scanning Site: http://thunderbolttattoo.com
  12.  
  13.  
  14.  
  15. B A S I C I N F O
  16. ======================================================================================================================================
  17.  
  18.  
  19. [+] Site Title:
  20. [+] IP address: 192.124.249.7
  21. [+] Web Server: nginx
  22. [+] CMS: Could Not Detect
  23. [+] Cloudflare: Not Detected
  24. [+] Robots File: Could NOT Find robots.txt!
  25.  
  26.  
  27.  
  28.  
  29. W H O I S L O O K U P
  30. ======================================================================================================================================
  31.  
  32. Domain Name: THUNDERBOLTTATTOO.COM
  33. Registry Domain ID: 1725128364_DOMAIN_COM-VRSN
  34. Registrar WHOIS Server: whois.godaddy.com
  35. Registrar URL: http://www.godaddy.com
  36. Updated Date: 2017-03-27T21:05:44Z
  37. Creation Date: 2012-06-04T22:14:52Z
  38. Registry Expiry Date: 2022-06-04T22:14:52Z
  39. Registrar: GoDaddy.com, LLC
  40. Registrar IANA ID: 146
  41. Registrar Abuse Contact Email: abuse@godaddy.com
  42. Registrar Abuse Contact Phone: 480-624-2505
  43. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  44. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
  45. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  46. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  47. Name Server: NS07.DOMAINCONTROL.COM
  48. Name Server: NS08.DOMAINCONTROL.COM
  49. DNSSEC: unsigned
  50. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  51. >>> Last update of whois database: 2018-03-21T08:06:08Z <<<
  52.  
  53. For more information on Whois status codes, please visit https://icann.org/epp
  54.  
  55. NOTICE: The expiration date displayed in this record is the date the
  56. registrar's sponsorship of the domain name registration in the registry is
  57. currently set to expire. This date does not necessarily reflect the expiration
  58. date of the domain name registrant's agreement with the sponsoring
  59. registrar. Users may consult the sponsoring registrar's Whois database to
  60. view the registrar's reported date of expiration for this registration.
  61.  
  62.  
  63. The Registry database contains ONLY .COM, .NET, .EDU domains and
  64. Registrars.
  65.  
  66.  
  67.  
  68.  
  69. G E O I P L O O K U P
  70. ======================================================================================================================================
  71.  
  72. [i] IP Address: 192.124.249.7
  73. [i] Country: US
  74. [i] State: N/A
  75. [i] City: N/A
  76. [i] Latitude: 37.750999
  77. [i] Longitude: -97.821999
  78.  
  79.  
  80.  
  81.  
  82. H T T P H E A D E R S
  83. =======================================================================================================================================
  84.  
  85.  
  86. [i] HTTP/1.1 403 Forbidden
  87. [i] Server: nginx
  88. [i] Date: Wed, 21 Mar 2018 08:06:28 GMT
  89. [i] Content-Type: text/html
  90. [i] Content-Length: 2467
  91. [i] Connection: close
  92. [i] X-XSS-Protection: 1; mode=block
  93. [i] X-Frame-Options: SAMEORIGIN
  94. [i] X-Content-Type-Options: nosniff
  95. [i] X-Sucuri-ID: 16007
  96.  
  97.  
  98.  
  99.  
  100. D N S L O O K U P
  101. =======================================================================================================================================
  102.  
  103. ;; Truncated, retrying in TCP mode.
  104. thunderbolttattoo.com. 600 IN A 192.124.249.7
  105. thunderbolttattoo.com. 3600 IN NS ns07.domaincontrol.com.
  106. thunderbolttattoo.com. 3600 IN NS ns08.domaincontrol.com.
  107. thunderbolttattoo.com. 3600 IN SOA ns07.domaincontrol.com. dns.jomax.net. 2017051802 28800 7200 604800 3600
  108. thunderbolttattoo.com. 3600 IN MX 0 smtp.secureserver.net.
  109. thunderbolttattoo.com. 3600 IN MX 10 mailstore1.secureserver.net.
  110.  
  111.  
  112.  
  113.  
  114. S U B N E T C A L C U L A T I O N
  115. =======================================================================================================================================
  116.  
  117. Address = 192.124.249.7
  118. Network = 192.124.249.7 / 32
  119. Netmask = 255.255.255.255
  120. Broadcast = not needed on Point-to-Point links
  121. Wildcard Mask = 0.0.0.0
  122. Hosts Bits = 0
  123. Max. Hosts = 1 (2^0 - 0)
  124. Host Range = { 192.124.249.7 - 192.124.249.7 }
  125.  
  126.  
  127.  
  128. N M A P P O R T S C A N
  129. =======================================================================================================================================
  130.  
  131.  
  132. Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-21 08:06 UTC
  133. Nmap scan report for thunderbolttattoo.com (192.124.249.7)
  134. Host is up (0.0023s latency).
  135. rDNS record for 192.124.249.7: cloudproxy10007.sucuri.net
  136. PORT STATE SERVICE VERSION
  137. 21/tcp filtered ftp
  138. 22/tcp filtered ssh
  139. 23/tcp filtered telnet
  140. 25/tcp filtered smtp
  141. 80/tcp open http nginx
  142. 110/tcp filtered pop3
  143. 143/tcp filtered imap
  144. 443/tcp open ssl/http nginx
  145. 445/tcp filtered microsoft-ds
  146. 3389/tcp filtered ms-wbt-server
  147.  
  148. Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  149. Nmap done: 1 IP address (1 host up) scanned in 13.93 seconds
  150.  
  151. ######################################################################################################################################
  152. [!] IP Address : 192.124.249.7
  153. [!] 192.124.249.7 doesn't seem to use a CMS
  154. [+] Honeypot Probabilty: 0%
  155. --------------------------------------------------------------------------------------------------------------------------------------
  156. [~] Trying to gather whois information for 192.124.249.7
  157. [+] Whois information found
  158. [-] Unable to build response, visit https://who.is/whois/192.124.249.7
  159. ---------------------------------------------------------------------------------------------------------------------------------------
  160. PORT STATE SERVICE VERSION
  161. 21/tcp filtered ftp
  162. 22/tcp filtered ssh
  163. 23/tcp filtered telnet
  164. 25/tcp filtered smtp
  165. 80/tcp open http nginx
  166. 110/tcp filtered pop3
  167. 143/tcp filtered imap
  168. 443/tcp open ssl/http nginx
  169. 445/tcp filtered microsoft-ds
  170. 3389/tcp filtered ms-wbt-server
  171. ---------------------------------------------------------------------------------------------------------------------------------------
  172. #######################################################################################################################################
  173.  
  174. HostIP:192.124.249.7
  175. HostName:thunderbolttattoo.com
  176.  
  177. Gathered Inet-whois information for 192.124.249.7
  178. ---------------------------------
  179.  
  180.  
  181. inetnum: 192.124.249.0 - 192.124.249.255
  182. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  183. descr: IPv4 address block not managed by the RIPE NCC
  184. remarks: ------------------------------------------------------
  185. remarks:
  186. remarks: You can find the whois server to query, or the
  187. remarks: IANA registry to query on this web page:
  188. remarks: http://www.iana.org/assignments/ipv4-address-space
  189. remarks:
  190. remarks: You can access databases of other RIRs at:
  191. remarks:
  192. remarks: AFRINIC (Africa)
  193. remarks: http://www.afrinic.net/ whois.afrinic.net
  194. remarks:
  195. remarks: APNIC (Asia Pacific)
  196. remarks: http://www.apnic.net/ whois.apnic.net
  197. remarks:
  198. remarks: ARIN (Northern America)
  199. remarks: http://www.arin.net/ whois.arin.net
  200. remarks:
  201. remarks: LACNIC (Latin America and the Carribean)
  202. remarks: http://www.lacnic.net/ whois.lacnic.net
  203. remarks:
  204. remarks: IANA IPV4 Recovered Address Space
  205. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
  206. remarks:
  207. remarks: ------------------------------------------------------
  208. country: EU # Country is really world wide
  209. admin-c: IANA1-RIPE
  210. tech-c: IANA1-RIPE
  211. status: ALLOCATED UNSPECIFIED
  212. mnt-by: RIPE-NCC-HM-MNT
  213. mnt-lower: RIPE-NCC-HM-MNT
  214. mnt-routes: RIPE-NCC-RPSL-MNT
  215. created: 2011-07-11T12:36:36Z
  216. last-modified: 2015-10-29T15:16:54Z
  217. source: RIPE
  218.  
  219. role: Internet Assigned Numbers Authority
  220. address: see http://www.iana.org.
  221. admin-c: IANA1-RIPE
  222. tech-c: IANA1-RIPE
  223. nic-hdl: IANA1-RIPE
  224. remarks: For more information on IANA services
  225. remarks: go to IANA web site at http://www.iana.org.
  226. mnt-by: RIPE-NCC-MNT
  227. created: 1970-01-01T00:00:00Z
  228. last-modified: 2001-09-22T09:31:27Z
  229. source: RIPE # Filtered
  230.  
  231. % This query was served by the RIPE Database Query Service version 1.91.1 (BLAARKOP)
  232.  
  233.  
  234.  
  235. Gathered Inic-whois information for thunderbolttattoo.com
  236. ---------------------------------
  237. Domain Name: THUNDERBOLTTATTOO.COM
  238. Registry Domain ID: 1725128364_DOMAIN_COM-VRSN
  239. Registrar WHOIS Server: whois.godaddy.com
  240. Registrar URL: http://www.godaddy.com
  241. Updated Date: 2017-03-27T21:05:44Z
  242. Creation Date: 2012-06-04T22:14:52Z
  243. Registry Expiry Date: 2022-06-04T22:14:52Z
  244. Registrar: GoDaddy.com, LLC
  245. Registrar IANA ID: 146
  246. Registrar Abuse Contact Email: abuse@godaddy.com
  247. Registrar Abuse Contact Phone: 480-624-2505
  248. Domain Status: clientDeleteProhibited https:/�U@/ican�},q�n.�org/ep�'X��p#U@clien�'X��tD�U@elete�������Prohibi�U@ted
  249. Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
  250. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  251. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  252. Name Server: NS07.DOMAINCONTROL.COM
  253. Name Server: NS08.DOMAINCONTROL.COM
  254.  
  255. Gathered Netcraft information for thunderbolttattoo.com
  256. ---------------------------------
  257.  
  258. Retrieving Netcraft.com information for thunderbolttattoo.com
  259. Netcraft.com Information gathered
  260.  
  261. Gathered Subdomain information for thunderbolttattoo.com
  262. ---------------------------------
  263. Searching Google.com:80...
  264. Searching Altavista.com:80...
  265. Found 0 possible subdomain(s) for host thunderbolttattoo.com, Searched 0 pages containing 0 results
  266.  
  267. Gathered E-Mail information for thunderbolttattoo.com
  268. ---------------------------------
  269. Searching Google.com:80...
  270. Searching Altavista.com:80...
  271. Found 0 E-Mail(s) for host thunderbolttattoo.com, Searched 0 pages containing 0 results
  272.  
  273. Gathered TCP Port information for 192.124.249.7
  274. ---------------------------------
  275.  
  276. Port State
  277.  
  278. 80/tcp open
  279.  
  280. Portscan Finished: Scanned 150 ports, 0 ports were in state closed
  281. #######################################################################################################################################
  282. Server: 10.211.254.254
  283. Address: 10.211.254.254#53
  284.  
  285. Non-authoritative answer:
  286. Name: thunderbolttattoo.com
  287. Address: 192.124.249.7
  288.  
  289. thunderbolttattoo.com has address 192.124.249.7
  290. thunderbolttattoo.com mail is handled by 10 mailstore1.secureserver.net.
  291. thunderbolttattoo.com mail is handled by 0 smtp.secureserver.net.
  292. ======================================================================================================================================
  293. CHECKING OS FINGERPRINT
  294. ======================================================================================================================================
  295.  
  296. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
  297.  
  298. [+] Target is thunderbolttattoo.com
  299. [+] Loading modules.
  300. [+] Following modules are loaded:
  301. [x] [1] ping:icmp_ping - ICMP echo discovery module
  302. [x] [2] ping:tcp_ping - TCP-based ping discovery module
  303. [x] [3] ping:udp_ping - UDP-based ping discovery module
  304. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
  305. [x] [5] infogather:portscan - TCP and UDP PortScanner
  306. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
  307. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
  308. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
  309. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
  310. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
  311. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
  312. [x] [12] fingerprint:smb - SMB fingerprinting module
  313. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
  314. [+] 13 modules registered
  315. [+] Initializing scan engine
  316. [+] Running scan engine
  317. [-] ping:tcp_ping module: no closed/open TCP ports known on 192.124.249.7. Module test failed
  318. [-] ping:udp_ping module: no closed/open UDP ports known on 192.124.249.7. Module test failed
  319. [-] No distance calculation. 192.124.249.7 appears to be dead or no ports known
  320. [+] Host: 192.124.249.7 is up (Guess probability: 50%)
  321. [+] Target: 192.124.249.7 is alive. Round-Trip Time: 0.50293 sec
  322. [+] Selected safe Round-Trip Time value is: 1.00585 sec
  323. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
  324. [-] fingerprint:smb need either TCP port 139 or 445 to run
  325. [+] Primary guess:
  326. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  327. [+] Other guesses:
  328. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  329. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  330. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  331. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  332. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  333. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  334. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  335. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  336. [+] Host 192.124.249.7 Running OS: (Guess probability: 91%)
  337. [+] Cleaning up scan engine
  338. [+] Modules deinitialized
  339. [+] Execution completed.
  340. #######################################################################################################################################
  341. ; <<>> DiG 9.11.2-P1-1-Debian <<>> -x thunderbolttattoo.com
  342. ;; global options: +cmd
  343. ;; Got answer:
  344. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61361
  345. ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  346.  
  347. ;; OPT PSEUDOSECTION:
  348. ; EDNS: version: 0, flags:; udp: 4096
  349. ;; QUESTION SECTION:
  350. ;com.thunderbolttattoo.in-addr.arpa. IN PTR
  351.  
  352. ;; AUTHORITY SECTION:
  353. in-addr.arpa. 1219 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2018013239 1800 900 604800 3600
  354.  
  355. ;; Query time: 179 msec
  356. ;; SERVER: 10.211.254.254#53(10.211.254.254)
  357. ;; WHEN: Wed Mar 21 04:07:35 EDT 2018
  358. ;; MSG SIZE rcvd: 131
  359.  
  360. dnsenum VERSION:1.2.4
  361.  
  362. ----- thunderbolttattoo.com -----
  363.  
  364.  
  365. Host's addresses:
  366. __________________
  367.  
  368. thunderbolttattoo.com. 409 IN A 192.124.249.7
  369.  
  370.  
  371. Name Servers:
  372. ______________
  373.  
  374. ns08.domaincontrol.com. 133870 IN A 208.109.255.4
  375. ns07.domaincontrol.com. 133870 IN A 216.69.185.4
  376.  
  377.  
  378. Mail (MX) Servers:
  379. ___________________
  380.  
  381. mailstore1.secureserver.net. 60 IN A 68.178.213.244
  382. mailstore1.secureserver.net. 60 IN A 68.178.213.243
  383. mailstore1.secureserver.net. 60 IN A 72.167.238.32
  384. smtp.secureserver.net. 60 IN A 68.178.213.37
  385. smtp.secureserver.net. 60 IN A 68.178.213.203
  386. smtp.secureserver.net. 60 IN A 72.167.238.29
  387.  
  388.  
  389. Trying Zone Transfers and getting Bind Versions:
  390. _________________________________________________
  391.  
  392.  
  393. Trying Zone Transfer for thunderbolttattoo.com on ns08.domaincontrol.com ...
  394.  
  395. Trying Zone Transfer for thunderbolttattoo.com on ns07.domaincontrol.com ...
  396.  
  397. brute force file not specified, bay.
  398. #######################################################################################################################################
  399. [-] Enumerating subdomains now for thunderbolttattoo.com
  400. [-] verbosity is enabled, will show the subdomains results in realtime
  401. [-] Searching now in Baidu..
  402. [-] Searching now in Yahoo..
  403. [-] Searching now in Google..
  404. [-] Searching now in Bing..
  405. [-] Searching now in Ask..
  406. [-] Searching now in Netcraft..
  407. [-] Searching now in DNSdumpster..
  408. [-] Searching now in Virustotal..
  409. [-] Searching now in ThreatCrowd..
  410. [-] Searching now in SSL Certificates..
  411. [-] Searching now in PassiveDNS..
  412. SSL Certificates: www.thunderbolttattoo.com
  413. Virustotal: www.thunderbolttattoo.com
  414. [-] Saving results to file: /usr/share/sniper/loot/thunderbolttattoo.com/domains/domains-thunderbolttattoo.com.txt
  415. [-] Total Unique Subdomains Found: 1
  416. www.thunderbolttattoo.com
  417. #######################################################################################################################################
  418.  
  419. [+] Emails found:
  420. ------------------
  421. joshmay@thunderbolttattoo.com
  422. lauren@thunderbolttattoo.com
  423. pixel-1521619709678446-web-@thunderbolttattoo.com
  424.  
  425. [+] Hosts found in search engines:
  426. ------------------------------------
  427. [-] Resolving hostnames IPs...
  428. 192.124.249.7:www.thunderbolttattoo.com
  429. [+] Virtual hosts:
  430. =======================================================================================================================================
  431. 192.124.249.7 www.filmtools
  432. 192.124.249.7 www.thyroidmanager.org
  433. 192.124.249.7 www.heyitsfree.net
  434. 192.124.249.7 falconbank.com
  435. 192.124.249.7 www.adventurouskate
  436. 192.124.249.7 redlineathletics
  437. 192.124.249.7 sitecheck.sucuri.net
  438. 192.124.249.7 www.northyorks.gov.uk
  439. 192.124.249.7 dh-web.org
  440. 192.124.249.7 www.thepublicdiscourse.com
  441. 192.124.249.7 www.greenpeace
  442. 192.124.249.7 brulosophy.com
  443. 192.124.249.7 clevercloset.co.uk
  444. 192.124.249.7 thecottagemarket
  445. #######################################################################################################################################
  446. ======================================================================================================================================
  447. PINGING HOST
  448. ======================================================================================================================================
  449. PING thunderbolttattoo.com (192.124.249.7) 56(84) bytes of data.
  450. 64 bytes from cloudproxy10007.sucuri.net (192.124.249.7): icmp_seq=1 ttl=43 time=307 ms
  451.  
  452. --- thunderbolttattoo.com ping statistics ---
  453. 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  454. rtt min/avg/max/mdev = 307.676/307.676/307.676/0.000 ms
  455.  
  456. ======================================================================================================================================
  457. RUNNING TCP PORT SCAN
  458. ======================================================================================================================================
  459.  
  460. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-21 04:08 EDT
  461. Nmap scan report for thunderbolttattoo.com (192.124.249.7)
  462. Host is up (0.44s latency).
  463. rDNS record for 192.124.249.7: cloudproxy10007.sucuri.net
  464. Not shown: 468 closed ports, 6 filtered ports
  465. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  466. PORT STATE SERVICE
  467. 80/tcp open http
  468. 443/tcp open https
  469.  
  470. Nmap done: 1 IP address (1 host up) scanned in 9.55 seconds
  471. =======================================================================================================================================
  472. RUNNING UDP PORT SCAN
  473. =======================================================================================================================================
  474. =
  475. Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-21 04:08 EDT
  476. Nmap scan report for thunderbolttattoo.com (192.124.249.7)
  477. Host is up.
  478. rDNS record for 192.124.249.7: cloudproxy10007.sucuri.net
  479.  
  480. PORT STATE SERVICE
  481. 53/udp open|filtered domain
  482. 67/udp open|filtered dhcps
  483. 68/udp open|filtered dhcpc
  484. 69/udp open|filtered tftp
  485. 88/udp open|filtered kerberos-sec
  486. 123/udp open|filtered ntp
  487. 137/udp open|filtered netbios-ns
  488. 138/udp open|filtered netbios-dgm
  489. 139/udp open|filtered netbios-ssn
  490. 161/udp open|filtered snmp
  491. 162/udp open|filtered snmptrap
  492. 389/udp open|filtered ldap
  493. 520/udp open|filtered route
  494. 2049/udp open|filtered nfs
  495.  
  496. Nmap done: 1 IP address (1 host up) scanned in 2.22 seconds
  497. #######################################################################################################################################
  498. =====================================================================================================================================
  499. GATHERING HTTP INFO
  500. ======================================================================================================================================
  501.  
  502. __ ______ _____
  503. \ \/ / ___|_ _|
  504. \ /\___ \ | |
  505. / \ ___) || |
  506. /_/\_|____/ |_|
  507.  
  508. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  509. + -- --=[Target: thunderbolttattoo.com:80
  510. + -- --=[Site not vulnerable to Cross-Site Tracing!
  511. + -- --=[Site not vulnerable to Host Header Injection!
  512. + -- --=[Site not vulnerable to Cross-Frame Scripting!
  513. + -- --=[Site not vulnerable to Clickjacking!
  514.  
  515. HTTP/1.1 403 Forbidden
  516. Server: nginx
  517. Date: Wed, 21 Mar 2018 08:09:18 GMT
  518. Content-Type: text/html
  519. Content-Length: 162
  520. Connection: close
  521. X-XSS-Protection: 1; mode=block
  522. X-Frame-Options: SAMEORIGIN
  523. X-Content-Type-Options: nosniff
  524. X-Sucuri-ID: 16007
  525.  
  526. <html>
  527. <head><title>403 Forbidden</title></head>
  528. <body bgcolor="white">
  529. <center><h1>403 Forbidden</h1></center>
  530. <hr><center>nginx</center>
  531. </body>
  532. </html>
  533.  
  534. HTTP/1.1 403 Forbidden
  535. Server: nginx
  536. Date: Wed, 21 Mar 2018 08:09:19 GMT
  537. Content-Type: text/html
  538. Transfer-Encoding: chunked
  539. Connection: keep-alive
  540. X-XSS-Protection: 1; mode=block
  541. X-Frame-Options: SAMEORIGIN
  542. X-Content-Type-Options: nosniff
  543. X-Sucuri-ID: 16007
  544.  
  545. 3b1
  546. <!DOCTYPE html>
  547. <html lang="en" xmlns="http://www.w3.org/1999/xhtml">
  548. <head>
  549. <link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/typography.css?611e1e2" />
  550. <link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel.css?611e1e2" />
  551. <link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/buttons.css?611e1e2" />
  552. <link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/footer.css?611e1e2" />
  553. <link rel="stylesheet" href="https://cdn.sucuri.net/css/whitelabel/header.css?611e1e2" />
  554. <link rel="stylesheet" href="https://cdn.sucuri.net/css/fonts.css" />
  555. <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  556. <title>GoDaddy Security - Access Denied</title>
  557. </head>
  558. <body>
  559. <header class="app
  560.  
  561.  
  562.  
  563. ======================================================================================================================================
  564. CHECKING HTTP HEADERS
  565. ======================================================================================================================================
  566. + -- --=[Checking if X-Content options are enabled on thunderbolttattoo.com...
  567. X-Content-Type-Options: nosniff
  568.  
  569. + -- --=[Checking if X-Frame options are enabled on thunderbolttattoo.com...
  570. X-Frame-Options: SAMEORIGIN
  571.  
  572. + -- --=[Checking if X-XSS-Protection header is enabled on thunderbolttattoo.com...
  573. X-XSS-Protection: 1; mode=block
  574.  
  575. + -- --=[Checking HTTP methods on thunderbolttattoo.com...
  576.  
  577. + -- --=[Checking if TRACE method is enabled on thunderbolttattoo.com...
  578.  
  579. + -- --=[Checking for META tags on thunderbolttattoo.com...
  580. <div class="meta clearfix">
  581. <p>We are happy to have our friend Nico in the studio shooting more videos. Here&#8217;s the latest with our piercer, Chad in action. Watch the color of the metal change. Nice.</p>
  582. <div class="meta clearfix">
  583. <div class="meta clearfix">
  584. <div class="meta clearfix">
  585. <div class="meta clearfix">
  586. <div class="meta clearfix">
  587. <div class="meta clearfix">
  588. <div class="meta clearfix">
  589. <div class="meta clearfix">
  590.  
  591. + -- --=[Checking if Strict-Transport-Security is enabled on thunderbolttattoo.com...
  592.  
  593. + -- --=[Checking for Flash cross-domain policy on thunderbolttattoo.com...
  594.  
  595. + -- --=[Checking for Silverlight cross-domain policy on thunderbolttattoo.com...
  596.  
  597. + -- --=[Checking for HTML5 cross-origin resource sharing on thunderbolttattoo.com...
  598.  
  599. + -- --=[Retrieving robots.txt on thunderbolttattoo.com...
  600.  
  601. + -- --=[Retrieving sitemap.xml on thunderbolttattoo.com...
  602.  
  603. + -- --=[Checking cookie attributes on thunderbolttattoo.com...
  604. Set-Cookie: PHPSESSID=d5tvba28b2bos1l01uv8p2gol0; path=/
  605.  
  606. + -- --=[Checking for ASP.NET Detailed Errors on thunderbolttattoo.com...
  607. <title>404 (Page Not Found) Error - Ever feel like you're in the wrong place?</title>
  608. #######################################################################################################################################
  609. __[ ! ] Neither war between hackers, nor peace for the system.
  610. __[ ! ] http://blog.inurl.com.br
  611. __[ ! ] http://fb.com/InurlBrasil
  612. __[ ! ] http://twitter.com/@googleinurl
  613. __[ ! ] http://github.com/googleinurl
  614. __[ ! ] Current PHP version::[ 7.2.3-1 ]
  615. __[ ! ] Current script owner::[ root ]
  616. __[ ! ] Current uname::[ Linux JTSEC 4.14.0-kali3-amd64 #1 SMP Debian 4.14.17-1kali1 (2018-02-16) x86_64 ]
  617. __[ ! ] Current pwd::[ /usr/share/sniper ]
  618. __[ ! ] Help: php inurlbr.php --help
  619. ------------------------------------------------------------------------------------------------------------------------
  620.  
  621. [ ! ] Starting SCANNER INURLBR 2.1 at [21-03-2018 04:10:25]
  622. [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
  623. It is the end user's responsibility to obey all applicable local, state and federal laws.
  624. Developers assume no liability and are not responsible for any misuse or damage caused by this program
  625.  
  626. [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-thunderbolttattoo.com.txt ]
  627. [ INFO ][ DORK ]::[ site:thunderbolttattoo.com ]
  628. [ INFO ][ SEARCHING ]:: {
  629. [ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.mx ]
  630.  
  631. [ INFO ][ SEARCHING ]::
  632. -[:::]
  633. [ INFO ][ ENGINE ]::[ GOOGLE API ]
  634.  
  635. [ INFO ][ SEARCHING ]::
  636. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  637. [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.je ID: 005911257635119896548:iiolgmwf2se ]
  638.  
  639. [ INFO ][ SEARCHING ]::
  640. -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
  641.  
  642. [ INFO ][ TOTAL FOUND VALUES ]:: [ 40 ]
  643.  
  644.  
  645. _[ - ]::--------------------------------------------------------------------------------------------------------------
  646. |_[ + ] [ 0 / 40 ]-[04:10:38] [ - ]
  647. |_[ + ] Target:: [ http://thunderbolttattoo.com/ ]
  648. |_[ + ] Exploit::
  649. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  650. |_[ + ] More details:: / - / , ISP:
  651. |_[ + ] Found:: UNIDENTIFIED
  652.  
  653. _[ - ]::--------------------------------------------------------------------------------------------------------------
  654. |_[ + ] [ 1 / 40 ]-[04:10:40] [ - ]
  655. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=1004 ]
  656. |_[ + ] Exploit::
  657. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  658. |_[ + ] More details:: / - / , ISP:
  659. |_[ + ] Found:: UNIDENTIFIED
  660.  
  661. _[ - ]::--------------------------------------------------------------------------------------------------------------
  662. |_[ + ] [ 2 / 40 ]-[04:10:43] [ - ]
  663. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=1118 ]
  664. |_[ + ] Exploit::
  665. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  666. |_[ + ] More details:: / - / , ISP:
  667. |_[ + ] Found:: UNIDENTIFIED
  668.  
  669. _[ - ]::--------------------------------------------------------------------------------------------------------------
  670. |_[ + ] [ 3 / 40 ]-[04:10:45] [ - ]
  671. |_[ + ] Target:: [ http://thunderbolttattoo.com/?paged=2 ]
  672. |_[ + ] Exploit::
  673. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  674. |_[ + ] More details:: / - / , ISP:
  675. |_[ + ] Found:: UNIDENTIFIED
  676.  
  677. _[ - ]::--------------------------------------------------------------------------------------------------------------
  678. |_[ + ] [ 4 / 40 ]-[04:10:47] [ - ]
  679. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=200 ]
  680. |_[ + ] Exploit::
  681. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  682. |_[ + ] More details:: / - / , ISP:
  683. |_[ + ] Found:: UNIDENTIFIED
  684.  
  685. _[ - ]::--------------------------------------------------------------------------------------------------------------
  686. |_[ + ] [ 5 / 40 ]-[04:10:49] [ - ]
  687. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=851 ]
  688. |_[ + ] Exploit::
  689. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  690. |_[ + ] More details:: / - / , ISP:
  691. |_[ + ] Found:: UNIDENTIFIED
  692.  
  693. _[ - ]::--------------------------------------------------------------------------------------------------------------
  694. |_[ + ] [ 6 / 40 ]-[04:10:51] [ - ]
  695. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=278 ]
  696. |_[ + ] Exploit::
  697. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  698. |_[ + ] More details:: / - / , ISP:
  699. |_[ + ] Found:: UNIDENTIFIED
  700.  
  701. _[ - ]::--------------------------------------------------------------------------------------------------------------
  702. |_[ + ] [ 7 / 40 ]-[04:10:54] [ - ]
  703. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=1052 ]
  704. |_[ + ] Exploit::
  705. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  706. |_[ + ] More details:: / - / , ISP:
  707. |_[ + ] Found:: UNIDENTIFIED
  708.  
  709. _[ - ]::--------------------------------------------------------------------------------------------------------------
  710. |_[ + ] [ 8 / 40 ]-[04:10:56] [ - ]
  711. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=1129 ]
  712. |_[ + ] Exploit::
  713. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  714. |_[ + ] More details:: / - / , ISP:
  715. |_[ + ] Found:: UNIDENTIFIED
  716.  
  717. _[ - ]::--------------------------------------------------------------------------------------------------------------
  718. |_[ + ] [ 9 / 40 ]-[04:10:58] [ - ]
  719. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=646 ]
  720. |_[ + ] Exploit::
  721. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  722. |_[ + ] More details:: / - / , ISP:
  723. |_[ + ] Found:: UNIDENTIFIED
  724.  
  725. _[ - ]::--------------------------------------------------------------------------------------------------------------
  726. |_[ + ] [ 10 / 40 ]-[04:11:00] [ - ]
  727. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=643 ]
  728. |_[ + ] Exploit::
  729. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  730. |_[ + ] More details:: / - / , ISP:
  731. |_[ + ] Found:: UNIDENTIFIED
  732.  
  733. _[ - ]::--------------------------------------------------------------------------------------------------------------
  734. |_[ + ] [ 11 / 40 ]-[04:11:02] [ - ]
  735. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=818 ]
  736. |_[ + ] Exploit::
  737. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  738. |_[ + ] More details:: / - / , ISP:
  739. |_[ + ] Found:: UNIDENTIFIED
  740.  
  741. _[ - ]::--------------------------------------------------------------------------------------------------------------
  742. |_[ + ] [ 12 / 40 ]-[04:11:04] [ - ]
  743. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=641 ]
  744. |_[ + ] Exploit::
  745. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  746. |_[ + ] More details:: / - / , ISP:
  747. |_[ + ] Found:: UNIDENTIFIED
  748.  
  749. _[ - ]::--------------------------------------------------------------------------------------------------------------
  750. |_[ + ] [ 13 / 40 ]-[04:11:07] [ - ]
  751. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=954 ]
  752. |_[ + ] Exploit::
  753. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  754. |_[ + ] More details:: / - / , ISP:
  755. |_[ + ] Found:: UNIDENTIFIED
  756.  
  757. _[ - ]::--------------------------------------------------------------------------------------------------------------
  758. |_[ + ] [ 14 / 40 ]-[04:11:09] [ - ]
  759. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=774 ]
  760. |_[ + ] Exploit::
  761. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  762. |_[ + ] More details:: / - / , ISP:
  763. |_[ + ] Found:: UNIDENTIFIED
  764.  
  765. _[ - ]::--------------------------------------------------------------------------------------------------------------
  766. |_[ + ] [ 15 / 40 ]-[04:11:11] [ - ]
  767. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=732 ]
  768. |_[ + ] Exploit::
  769. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  770. |_[ + ] More details:: / - / , ISP:
  771. |_[ + ] Found:: UNIDENTIFIED
  772.  
  773. _[ - ]::--------------------------------------------------------------------------------------------------------------
  774. |_[ + ] [ 16 / 40 ]-[04:11:13] [ - ]
  775. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=744 ]
  776. |_[ + ] Exploit::
  777. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  778. |_[ + ] More details:: / - / , ISP:
  779. |_[ + ] Found:: UNIDENTIFIED
  780.  
  781. _[ - ]::--------------------------------------------------------------------------------------------------------------
  782. |_[ + ] [ 17 / 40 ]-[04:11:15] [ - ]
  783. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=639 ]
  784. |_[ + ] Exploit::
  785. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  786. |_[ + ] More details:: / - / , ISP:
  787. |_[ + ] Found:: UNIDENTIFIED
  788.  
  789. _[ - ]::--------------------------------------------------------------------------------------------------------------
  790. |_[ + ] [ 18 / 40 ]-[04:11:17] [ - ]
  791. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=963 ]
  792. |_[ + ] Exploit::
  793. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  794. |_[ + ] More details:: / - / , ISP:
  795. |_[ + ] Found:: UNIDENTIFIED
  796.  
  797. _[ - ]::--------------------------------------------------------------------------------------------------------------
  798. |_[ + ] [ 19 / 40 ]-[04:11:19] [ - ]
  799. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=748 ]
  800. |_[ + ] Exploit::
  801. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  802. |_[ + ] More details:: / - / , ISP:
  803. |_[ + ] Found:: UNIDENTIFIED
  804.  
  805. _[ - ]::--------------------------------------------------------------------------------------------------------------
  806. |_[ + ] [ 20 / 40 ]-[04:11:21] [ - ]
  807. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=585 ]
  808. |_[ + ] Exploit::
  809. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  810. |_[ + ] More details:: / - / , ISP:
  811. |_[ + ] Found:: UNIDENTIFIED
  812.  
  813. _[ - ]::--------------------------------------------------------------------------------------------------------------
  814. |_[ + ] [ 21 / 40 ]-[04:11:24] [ - ]
  815. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=411 ]
  816. |_[ + ] Exploit::
  817. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  818. |_[ + ] More details:: / - / , ISP:
  819. |_[ + ] Found:: UNIDENTIFIED
  820.  
  821. _[ - ]::--------------------------------------------------------------------------------------------------------------
  822. |_[ + ] [ 22 / 40 ]-[04:11:25] [ - ]
  823. |_[ + ] Target:: [ http://thunderbolttattoo.com/?page_id=398 ]
  824. |_[ + ] Exploit::
  825. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  826. |_[ + ] More details:: / - / , ISP:
  827. |_[ + ] Found:: UNIDENTIFIED
  828.  
  829. _[ - ]::--------------------------------------------------------------------------------------------------------------
  830. |_[ + ] [ 23 / 40 ]-[04:11:27] [ - ]
  831. |_[ + ] Target:: [ http://thunderbolttattoo.com/?paged=3 ]
  832. |_[ + ] Exploit::
  833. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  834. |_[ + ] More details:: / - / , ISP:
  835. |_[ + ] Found:: UNIDENTIFIED
  836.  
  837. _[ - ]::--------------------------------------------------------------------------------------------------------------
  838. |_[ + ] [ 24 / 40 ]-[04:11:29] [ - ]
  839. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=638 ]
  840. |_[ + ] Exploit::
  841. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  842. |_[ + ] More details:: / - / , ISP:
  843. |_[ + ] Found:: UNIDENTIFIED
  844.  
  845. _[ - ]::--------------------------------------------------------------------------------------------------------------
  846. |_[ + ] [ 25 / 40 ]-[04:11:31] [ - ]
  847. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=189 ]
  848. |_[ + ] Exploit::
  849. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  850. |_[ + ] More details:: / - / , ISP:
  851. |_[ + ] Found:: UNIDENTIFIED
  852.  
  853. _[ - ]::--------------------------------------------------------------------------------------------------------------
  854. |_[ + ] [ 26 / 40 ]-[04:11:34] [ - ]
  855. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=731 ]
  856. |_[ + ] Exploit::
  857. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  858. |_[ + ] More details:: / - / , ISP:
  859. |_[ + ] Found:: UNIDENTIFIED
  860.  
  861. _[ - ]::--------------------------------------------------------------------------------------------------------------
  862. |_[ + ] [ 27 / 40 ]-[04:11:36] [ - ]
  863. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=640 ]
  864. |_[ + ] Exploit::
  865. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  866. |_[ + ] More details:: / - / , ISP:
  867. |_[ + ] Found:: UNIDENTIFIED
  868.  
  869. _[ - ]::--------------------------------------------------------------------------------------------------------------
  870. |_[ + ] [ 28 / 40 ]-[04:11:38] [ - ]
  871. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=745 ]
  872. |_[ + ] Exploit::
  873. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  874. |_[ + ] More details:: / - / , ISP:
  875. |_[ + ] Found:: UNIDENTIFIED
  876.  
  877. _[ - ]::--------------------------------------------------------------------------------------------------------------
  878. |_[ + ] [ 29 / 40 ]-[04:11:41] [ - ]
  879. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=730 ]
  880. |_[ + ] Exploit::
  881. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  882. |_[ + ] More details:: / - / , ISP:
  883. |_[ + ] Found:: UNIDENTIFIED
  884.  
  885. _[ - ]::--------------------------------------------------------------------------------------------------------------
  886. |_[ + ] [ 30 / 40 ]-[04:11:43] [ - ]
  887. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=746 ]
  888. |_[ + ] Exploit::
  889. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  890. |_[ + ] More details:: / - / , ISP:
  891. |_[ + ] Found:: UNIDENTIFIED
  892.  
  893. _[ - ]::--------------------------------------------------------------------------------------------------------------
  894. |_[ + ] [ 31 / 40 ]-[04:11:45] [ - ]
  895. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=610 ]
  896. |_[ + ] Exploit::
  897. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  898. |_[ + ] More details:: / - / , ISP:
  899. |_[ + ] Found:: UNIDENTIFIED
  900.  
  901. _[ - ]::--------------------------------------------------------------------------------------------------------------
  902. |_[ + ] [ 32 / 40 ]-[04:11:47] [ - ]
  903. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=629 ]
  904. |_[ + ] Exploit::
  905. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  906. |_[ + ] More details:: / - / , ISP:
  907. |_[ + ] Found:: UNIDENTIFIED
  908.  
  909. _[ - ]::--------------------------------------------------------------------------------------------------------------
  910. |_[ + ] [ 33 / 40 ]-[04:11:49] [ - ]
  911. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=637 ]
  912. |_[ + ] Exploit::
  913. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  914. |_[ + ] More details:: / - / , ISP:
  915. |_[ + ] Found:: UNIDENTIFIED
  916.  
  917. _[ - ]::--------------------------------------------------------------------------------------------------------------
  918. |_[ + ] [ 34 / 40 ]-[04:11:51] [ - ]
  919. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=747 ]
  920. |_[ + ] Exploit::
  921. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  922. |_[ + ] More details:: / - / , ISP:
  923. |_[ + ] Found:: UNIDENTIFIED
  924.  
  925. _[ - ]::--------------------------------------------------------------------------------------------------------------
  926. |_[ + ] [ 35 / 40 ]-[04:11:53] [ - ]
  927. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=406 ]
  928. |_[ + ] Exploit::
  929. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  930. |_[ + ] More details:: / - / , ISP:
  931. |_[ + ] Found:: UNIDENTIFIED
  932.  
  933. _[ - ]::--------------------------------------------------------------------------------------------------------------
  934. |_[ + ] [ 36 / 40 ]-[04:11:55] [ - ]
  935. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=626 ]
  936. |_[ + ] Exploit::
  937. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  938. |_[ + ] More details:: / - / , ISP:
  939. |_[ + ] Found:: UNIDENTIFIED
  940.  
  941. _[ - ]::--------------------------------------------------------------------------------------------------------------
  942. |_[ + ] [ 37 / 40 ]-[04:11:58] [ - ]
  943. |_[ + ] Target:: [ http://thunderbolttattoo.com/?p=633 ]
  944. |_[ + ] Exploit::
  945. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  946. |_[ + ] More details:: / - / , ISP:
  947. |_[ + ] Found:: UNIDENTIFIED
  948.  
  949. _[ - ]::--------------------------------------------------------------------------------------------------------------
  950. |_[ + ] [ 38 / 40 ]-[04:12:00] [ - ]
  951. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=597 ]
  952. |_[ + ] Exploit::
  953. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  954. |_[ + ] More details:: / - / , ISP:
  955. |_[ + ] Found:: UNIDENTIFIED
  956.  
  957. _[ - ]::--------------------------------------------------------------------------------------------------------------
  958. |_[ + ] [ 39 / 40 ]-[04:12:02] [ - ]
  959. |_[ + ] Target:: [ http://thunderbolttattoo.com/?attachment_id=625 ]
  960. |_[ + ] Exploit::
  961. |_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:192.124.249.7:80
  962. |_[ + ] More details:: / - / , ISP:
  963. |_[ + ] Found:: UNIDENTIFIED
  964.  
  965. [ INFO ] [ Shutting down ]
  966. [ INFO ] [ End of process INURLBR at [21-03-2018 04:12:02]
  967. [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
  968. [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-thunderbolttattoo.com.txt ]
  969. #######################################################################################################################################
  970. + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
  971. + -- --=[Target: thunderbolttattoo.com:443
  972. + -- --=[Site not vulnerable to Cross-Site Tracing!
  973. + -- --=[Site not vulnerable to Host Header Injection!
  974. + -- --=[Site not vulnerable to Cross-Frame Scripting!
  975. + -- --=[Site not vulnerable to Clickjacking!
  976.  
  977. HTTP/1.1 403 Forbidden
  978. Server: nginx
  979. Date: Wed, 21 Mar 2018 08:12:26 GMT
  980. Content-Type: text/html
  981. Content-Length: 162
  982. Connection: close
  983. X-XSS-Protection: 1; mode=block
  984. X-Frame-Options: SAMEORIGIN
  985. X-Content-Type-Options: nosniff
  986. X-Sucuri-ID: 16007
  987.  
  988. <html>
  989. <head><title>403 Forbidden</title></head>
  990. <body bgcolor="white">
  991. <center><h1>403 Forbidden</h1></center>
  992. <hr><center>nginx</center>
  993. </body>
  994. </html>
  995.  
  996. HTTP/1.1 400 Bad Request
  997. Server: nginx
  998. Date: Wed, 21 Mar 2018 08:12:29 GMT
  999. Content-Type: text/html
  1000. Content-Length: 264
  1001. Connection: close
  1002. X-XSS-Protection: 1; mode=block
  1003. X-Frame-Options: SAMEORIGIN
  1004. X-Content-Type-Options: nosniff
  1005. X-Sucuri-ID: 16007
  1006.  
  1007. <html>
  1008. <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
  1009. <body bgcolor="white">
  1010. <center><h1>400 Bad Request</h1></center>
  1011. <center>The plain HTTP request was sent to HTTPS port</center>
  1012. <hr><center>nginx</center>
  1013. </body>
  1014. </html>
  1015.  
  1016.  
  1017.  
  1018. ======================================================================================================================================
  1019. CHECKING HTTP HEADERS
  1020. ======================================================================================================================================
  1021. + -- --=[Checking if X-Content options are enabled on thunderbolttattoo.com...
  1022. x-content-type-options: nosniff
  1023.  
  1024. + -- --=[Checking if X-Frame options are enabled on thunderbolttattoo.com...
  1025. x-frame-options: SAMEORIGIN
  1026.  
  1027. + -- --=[Checking if X-XSS-Protection header is enabled on thunderbolttattoo.com...
  1028. x-xss-protection: 1; mode=block
  1029.  
  1030. + -- --=[Checking HTTP methods on thunderbolttattoo.com...
  1031.  
  1032. + -- --=[Checking if TRACE method is enabled on thunderbolttattoo.com...
  1033.  
  1034. + -- --=[Checking for META tags on thunderbolttattoo.com...
  1035. <div class="meta clearfix">
  1036. <p>We are happy to have our friend Nico in the studio shooting more videos. Here&#8217;s the latest with our piercer, Chad in action. Watch the color of the metal change. Nice.</p>
  1037. <div class="meta clearfix">
  1038. <div class="meta clearfix">
  1039. <div class="meta clearfix">
  1040. <div class="meta clearfix">
  1041. <div class="meta clearfix">
  1042. <div class="meta clearfix">
  1043. <div class="meta clearfix">
  1044. <div class="meta clearfix">
  1045.  
  1046. + -- --=[Checking for open proxy on thunderbolttattoo.com...
  1047.  
  1048. + -- --=[Enumerating software on thunderbolttattoo.com...
  1049. server: nginx
  1050. set-cookie: PHPSESSID=eud1cc2j0ku9sm7q6psa5mpd75; path=/
  1051.  
  1052. + -- --=[Checking if Strict-Transport-Security is enabled on thunderbolttattoo.com...
  1053.  
  1054. + -- --=[Checking for Flash cross-domain policy on thunderbolttattoo.com...
  1055.  
  1056. + -- --=[Checking for Silverlight cross-domain policy on thunderbolttattoo.com...
  1057.  
  1058. + -- --=[Checking for HTML5 cross-origin resource sharing on thunderbolttattoo.com...
  1059.  
  1060. + -- --=[Retrieving robots.txt on thunderbolttattoo.com...
  1061.  
  1062. + -- --=[Retrieving sitemap.xml on thunderbolttattoo.com...
  1063.  
  1064. + -- --=[Checking cookie attributes on thunderbolttattoo.com...
  1065. set-cookie: PHPSESSID=eud1cc2j0ku9sm7q6psa5mpd75; path=/
  1066.  
  1067. + -- --=[Checking for ASP.NET Detailed Errors on thunderbolttattoo.com...
  1068. <title>404 (Page Not Found) Error - Ever feel like you're in the wrong place?</title>
  1069. 404 (Page Not Found) Error
  1070. errorCallback: function() {
  1071.  
  1072.  
  1073. =======================================================================================================================================
  1074. GATHERING SSL/TLS INFO
  1075. =======================================================================================================================================
  1076.  
  1077.  
  1078.  
  1079. AVAILABLE PLUGINS
  1080. -------------------------------------------------------------------------------------------------------------------------------------
  1081.  
  1082. PluginSessionResumption
  1083. PluginCertInfo
  1084. PluginChromeSha1Deprecation
  1085. PluginOpenSSLCipherSuites
  1086. PluginHeartbleed
  1087. PluginHSTS
  1088. PluginCompression
  1089. PluginSessionRenegotiation
  1090.  
  1091.  
  1092.  
  1093. CHECKING HOST(S) AVAILABILITY
  1094. --------------------------------------------------------------------------------------------------------------------------------------
  1095.  
  1096. thunderbolttattoo.com:443 => 192.124.249.7:443
  1097.  
  1098.  
  1099.  
  1100. SCAN RESULTS FOR THUNDERBOLTTATTOO.COM:443 - 192.124.249.7:443
  1101. --------------------------------------------------------------------------------------------------------------------------------------
  1102.  
  1103. * Deflate Compression:
  1104. OK - Compression disabled
  1105.  
  1106. * Session Renegotiation:
  1107. Client-initiated Renegotiations: OK - Rejected
  1108. Secure Renegotiation: OK - Supported
  1109.  
  1110. * Certificate - Content:
  1111. SHA1 Fingerprint: 0c859519348e84c5d34fdcc1a9d230f5c944cb2c
  1112. Common Name: thunderbolttattoo.com
  1113. Issuer: Let's Encrypt Authority X3
  1114. Serial Number: 034FFD9DAE2371C10FE71BF945A90E50A290
  1115. Not Before: Jan 4 05:15:52 2018 GMT
  1116. Not After: Apr 4 05:15:52 2018 GMT
  1117. Signature Algorithm: sha256WithRSAEncryption
  1118. Public Key Algorithm: rsaEncryption
  1119. Key Size: 2048 bit
  1120. Exponent: 65537 (0x10001)
  1121. X509v3 Subject Alternative Name: {'DNS': ['thunderbolttattoo.com', 'www.thunderbolttattoo.com']}
  1122.  
  1123. * Certificate - Trust:
  1124. Hostname Validation: OK - Subject Alternative Name matches
  1125. Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
  1126. Java 6 CA Store (Update 65): OK - Certificate is trusted
  1127. Microsoft CA Store (09/2015): OK - Certificate is trusted
  1128. Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
  1129. Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
  1130. Certificate Chain Received: ['thunderbolttattoo.com', "Let's Encrypt Authority X3"]
  1131.  
  1132. * Certificate - OCSP Stapling:
  1133. NOT SUPPORTED - Server did not send back an OCSP response.
  1134.  
  1135. * Session Resumption:
  1136. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
  1137. With TLS Session Tickets: OK - Supported
  1138.  
  1139. * SSLV2 Cipher Suites:
  1140. Server rejected all cipher suites.
  1141.  
  1142. * SSLV3 Cipher Suites:
  1143. Server rejected all cipher suites.
  1144.  
  1145.  
  1146.  
  1147. SCAN COMPLETED IN 6.53 S
  1148. --------------------------------------------------------------------------------------------------------------------------------------
  1149. Version: 1.11.11-static
  1150. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1151.  
  1152. Connected to 192.124.249.7
  1153.  
  1154. Testing SSL server thunderbolttattoo.com on port 443 using SNI name thunderbolttattoo.com
  1155.  
  1156. TLS Fallback SCSV:
  1157. Server supports TLS Fallback SCSV
  1158.  
  1159. TLS renegotiation:
  1160. Secure session renegotiation supported
  1161.  
  1162. TLS Compression:
  1163. Compression disabled
  1164.  
  1165. Heartbleed:
  1166. TLS 1.2 not vulnerable to heartbleed
  1167. TLS 1.1 not vulnerable to heartbleed
  1168. TLS 1.0 not vulnerable to heartbleed
  1169.  
  1170. Supported Server Cipher(s):
  1171. Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
  1172. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  1173. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1174. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
  1175. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  1176. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1177. Accepted TLSv1.2 128 bits AES128-SHA
  1178. Accepted TLSv1.2 256 bits AES256-SHA
  1179. Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1180. Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1181. Accepted TLSv1.1 128 bits AES128-SHA
  1182. Accepted TLSv1.1 256 bits AES256-SHA
  1183. Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  1184. Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  1185. Accepted TLSv1.0 128 bits AES128-SHA
  1186. Accepted TLSv1.0 256 bits AES256-SHA
  1187.  
  1188. SSL Certificate:
  1189. Signature Algorithm: sha256WithRSAEncryption
  1190. RSA Key Strength: 2048
  1191.  
  1192. Subject: thunderbolttattoo.com
  1193. Altnames: DNS:thunderbolttattoo.com, DNS:www.thunderbolttattoo.com
  1194. Issuer: Let's Encrypt Authority X3
  1195.  
  1196. Not valid before: Jan 4 05:15:52 2018 GMT
  1197. Not valid after: Apr 4 05:15:52 2018 GMT
  1198. #######################################################################################################################################
  1199. Ip Address Status Type Domain Name Server
  1200. ---------- ------ ---- ----------- ------
  1201. 184.168.130.194 302 alias calendar.thunderbolttattoo.com Apache/2.2.15 (CentOS)
  1202. 184.168.130.194 302 host calendar.secureserver.net Apache/2.2.15 (CentOS)
  1203. 72.167.218.173 301 alias email.thunderbolttattoo.com Apache
  1204. 72.167.218.173 301 host email.secureserver.net Apache
  1205. 173.201.193.5 301 host email.secureserver.net Apache
  1206. 173.201.193.133 301 host email.secureserver.net Apache
  1207. 173.201.193.20 301 host email.secureserver.net Apache
  1208. 72.167.218.45 301 host email.secureserver.net Apache
  1209. 173.201.192.148 301 host email.secureserver.net Apache
  1210. 97.74.135.45 301 host email.secureserver.net Apache
  1211. 97.74.135.55 301 host email.secureserver.net Apache
  1212. 173.201.192.133 301 host email.secureserver.net Apache
  1213. 173.201.193.148 301 host email.secureserver.net Apache
  1214. 173.201.192.5 301 host email.secureserver.net Apache
  1215. 97.74.135.133 301 host email.secureserver.net Apache
  1216. 97.74.135.148 301 host email.secureserver.net Apache
  1217. 173.201.192.20 301 host email.secureserver.net Apache
  1218. 72.167.218.183 301 host email.secureserver.net Apache
  1219. 72.167.218.55 301 host email.secureserver.net Apache
  1220. 72.167.238.209 302 alias fax.thunderbolttattoo.com Apache/2.2.3 (CentOS)
  1221. 72.167.238.209 302 alias fax.secureserver.net Apache/2.2.3 (CentOS)
  1222. 72.167.238.209 302 host p3plfteweb-v04.prod.phx3.secureserver.net Apache/2.2.3 (CentOS)
  1223. 184.168.130.131 200 alias files.thunderbolttattoo.com Apache
  1224. 184.168.130.131 200 host files.secureserver.net Apache
  1225. 50.63.40.1 200 alias ftp.thunderbolttattoo.com Apache
  1226. 50.63.40.1 200 host sucuriip.thunderbolttattoo.com Apache
  1227. 45.40.130.32 alias imap.thunderbolttattoo.com
  1228. 45.40.130.32 host imap.secureserver.net
  1229. 173.201.192.71 host imap.secureserver.net
  1230. 72.167.218.138 host imap.secureserver.net
  1231. 173.201.192.158 host imap.secureserver.net
  1232. 68.178.252.71 host imap.secureserver.net
  1233. 173.201.193.97 host imap.secureserver.net
  1234. 97.74.135.10 host imap.secureserver.net
  1235. 173.201.192.129 host imap.secureserver.net
  1236. 173.201.193.129 host imap.secureserver.net
  1237. 173.201.193.226 host imap.secureserver.net
  1238. 97.74.135.143 host imap.secureserver.net
  1239. 68.178.252.221 host imap.secureserver.net
  1240. 68.178.252.117 host imap.secureserver.net
  1241. 68.178.252.222 host imap.secureserver.net
  1242. 173.201.193.71 host imap.secureserver.net
  1243. 173.201.192.158 alias mail.thunderbolttattoo.com
  1244. 173.201.192.158 host pop.secureserver.net
  1245. 173.201.193.97 host pop.secureserver.net
  1246. 173.201.193.129 host pop.secureserver.net
  1247. 72.167.218.138 host pop.secureserver.net
  1248. 97.74.135.10 host pop.secureserver.net
  1249. 97.74.135.143 host pop.secureserver.net
  1250. 68.178.252.117 host pop.secureserver.net
  1251. 173.201.192.129 host pop.secureserver.net
  1252. 97.74.135.10 alias pop.thunderbolttattoo.com
  1253. 97.74.135.10 host pop.secureserver.net
  1254. 97.74.135.143 host pop.secureserver.net
  1255. 173.201.193.129 host pop.secureserver.net
  1256. 173.201.192.129 host pop.secureserver.net
  1257. 72.167.218.138 host pop.secureserver.net
  1258. 68.178.252.117 host pop.secureserver.net
  1259. 173.201.192.158 host pop.secureserver.net
  1260. 173.201.193.97 host pop.secureserver.net
  1261. 68.178.213.203 alias smtp.thunderbolttattoo.com
  1262. 68.178.213.203 host smtp.secureserver.net
  1263. 68.178.213.37 host smtp.secureserver.net
  1264. 72.167.238.29 host smtp.secureserver.net
  1265. 192.124.249.7 301 alias www.thunderbolttattoo.com nginx
  1266. 192.124.249.7 301 host thunderbolttattoo.com nginx
  1267. #######################################################################################################################################
  1268. Original* thunderbolttattoo.com 192.124.249.7 NS:ns07.domaincontrol.com MX:mailstore1.secureserver.net
  1269. Subdomain thunderbol.ttattoo.com 52.72.167.138 NS:ns1.namebrightdns.com
  1270. Subdomain thunderbolt.tattoo.com -
  1271. Subdomain thunderboltt.attoo.com 104.171.24.25
  1272. Subdomain thunderboltta.ttoo.com 72.52.4.119 NS:ns1.sedoparking.com MX:localhost
  1273. #######################################################################################################################################
  1274. Anonymous Operation Izsrael USA JTSEC full recon 2018 #3
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!