· 6 years ago · Sep 28, 2019, 08:00 AM
1######################################################################################################################################
2======================================================================================================================================
3Hostname gltmf.eu ISP O2switch Sarl
4Continent Europe Flag
5FR
6Country France Country Code FR
7Region Unknown Local time 28 Sep 2019 08:33 CEST
8City Unknown Postal Code Unknown
9IP Address 109.234.162.45 Latitude 48.858
10 Longitude 2.339
11=======================================================================================================================================
12######################################################################################################################################
13> gltmf.eu
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: gltmf.eu
19Address: 109.234.162.45
20>
21######################################################################################################################################
22% WHOIS gltmf.eu
23Domain: gltmf.eu
24Script: LATIN
25
26Registrant:
27 NOT DISCLOSED!
28 Visit www.eurid.eu for webbased WHOIS.
29
30Technical:
31 Organisation: Online SAS
32 Language: fr
33 Email: eurid-whois@bookmyname.com
34
35Registrar:
36 Name: online sas
37 Website: https://www.bookmyname.com
38
39Name servers:
40 ns1.o2switch.net
41 ns2.o2switch.net
42
43Please visit www.eurid.eu for more info.
44######################################################################################################################################
45
46[+] Target : gltmf.eu
47
48[+] IP Address : 109.234.162.45
49
50[+] Headers :
51
52[+] Server : o2switch PowerBoost
53[+] Date : Sat, 28 Sep 2019 07:07:04 GMT
54[+] Content-Type : text/html; charset=UTF-8
55[+] Transfer-Encoding : chunked
56[+] Connection : keep-alive
57[+] Vary : Accept-Encoding
58[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
59[+] Cache-Control : no-store, no-cache, must-revalidate
60[+] Pragma : no-cache
61[+] Link : <http://gltmf.eu/wp-json/>; rel="https://api.w.org/", <http://gltmf.eu/>; rel=shortlink
62[+] Set-Cookie : PHPSESSID=edb2aaf5bcb346f06784b4047ff534ef; path=/
63[+] Content-Encoding : gzip
64
65[+] SSL Certificate Information :
66
67[+] commonName : gltmf.eu
68[+] countryName : US
69[+] organizationName : Let's Encrypt
70[+] commonName : Let's Encrypt Authority X3
71[+] Version : 3
72[+] Serial Number : 0393F2F237A6CE4543D86FEB8A43C4F94CE7
73[+] Not Before : Aug 31 09:35:11 2019 GMT
74[+] Not After : Nov 29 09:35:11 2019 GMT
75[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
76[+] subject Alt Name : (('DNS', 'gltmf.eu'), ('DNS', 'mail.gltmf.eu'), ('DNS', 'www.gltmf.eu'))
77[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
78
79[+] Whois Lookup :
80
81[+] NIR : None
82[+] ASN Registry : ripencc
83[+] ASN : 50474
84[+] ASN CIDR : 109.234.162.0/24
85[+] ASN Country Code : FR
86[+] ASN Date : 2010-01-18
87[+] ASN Description : O2SWITCH, FR
88[+] cidr : 109.234.162.0/24
89[+] name : O2SWITCH
90[+] handle : YA460-RIPE
91[+] range : 109.234.162.0 - 109.234.162.255
92[+] description : o2switch Datacenter Ip-Range-3
93-- Location Datacenter 1 - O2S-PA01 --
94------ o2switch Datacenter ------
95Abuse : abuse@o2switch.fr
96Support : support@o2switch.fr
97------ www.o2switch.net ------
98[+] country : FR
99[+] state : None
100[+] city : None
101[+] address : O2SWITCH
102222-224 Boulevard Gustave Flaubert
10363000 Clermont-Ferrand
104FRANCE
105[+] postal_code : None
106[+] emails : ['abuse@o2switch.fr', 'support@o2switch.fr']
107[+] created : 2013-11-04T10:42:03Z
108[+] updated : 2016-05-30T11:55:56Z
109
110[+] Crawling Target...
111
112[+] Looking for robots.txt........[ Found ]
113[+] Extracting robots Links.......[ 2 ]
114[+] Looking for sitemap.xml.......[ Found ]
115[+] Extracting sitemap Links......[ 6 ]
116[+] Extracting CSS Links..........[ 14 ]
117[+] Extracting Javascript Links...[ 13 ]
118[+] Extracting Internal Links.....[ 28 ]
119[+] Extracting External Links.....[ 2 ]
120[+] Extracting Images.............[ 15 ]
121
122[+] Total Links Extracted : 76
123
124[+] Dumping Links in /opt/FinalRecon/dumps/gltmf.eu.dump
125[+] Completed!
126######################################################################################################################################
127[+] Starting At 2019-09-28 03:07:05.664110
128[+] Collecting Information On: http://gltmf.eu/
129[#] Status: 200
130--------------------------------------------------
131[#] Web Server Detected: o2switch PowerBoost
132[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
133- Server: o2switch PowerBoost
134- Date: Sat, 28 Sep 2019 07:07:02 GMT
135- Content-Type: text/html; charset=UTF-8
136- Transfer-Encoding: chunked
137- Connection: keep-alive
138- Vary: Accept-Encoding
139- Expires: Thu, 19 Nov 1981 08:52:00 GMT
140- Cache-Control: no-store, no-cache, must-revalidate
141- Pragma: no-cache
142- Link: <http://gltmf.eu/wp-json/>; rel="https://api.w.org/", <http://gltmf.eu/>; rel=shortlink
143- Set-Cookie: PHPSESSID=e26714101df0ae09f19a8ae0a704df52; path=/
144- Content-Encoding: gzip
145--------------------------------------------------
146[#] Finding Location..!
147[#] as: AS50474 o2switch SARL
148[#] city: Clermont-Ferrand
149[#] country: France
150[#] countryCode: FR
151[#] isp: o2switch Internet
152[#] lat: 45.758
153[#] lon: 3.12719
154[#] org:
155[#] query: 109.234.162.45
156[#] region: ARA
157[#] regionName: Auvergne-Rhone-Alpes
158[#] status: success
159[#] timezone: Europe/Paris
160[#] zip: 63000
161--------------------------------------------------
162[x] Didn't Detect WAF Presence on: http://gltmf.eu/
163--------------------------------------------------
164[#] Starting Reverse DNS
165[-] Failed ! Fail
166--------------------------------------------------
167[!] Scanning Open Port
168[#] 21/tcp open ftp
169[#] 26/tcp open rsftp
170[#] 80/tcp open http
171[#] 110/tcp open pop3
172[#] 143/tcp open imap
173[#] 443/tcp open https
174[#] 465/tcp open smtps
175[#] 587/tcp open submission
176[#] 993/tcp open imaps
177[#] 995/tcp open pop3s
178[#] 3306/tcp open mysql
179--------------------------------------------------
180[+] Collecting Information Disclosure!
181[#] Detecting sitemap.xml file
182[!] sitemap.xml File Found: http://gltmf.eu/sitemap_index.xml
183[#] Detecting robots.txt file
184[!] robots.txt File Found: http://gltmf.eu//robots.txt
185[#] Detecting GNU Mailman
186[!] GNU Mailman App Detected: http://gltmf.eu//mailman/admin
187[!] version: 2.1.27
188--------------------------------------------------
189[+] Crawling Url Parameter On: http://gltmf.eu/
190--------------------------------------------------
191[#] Searching Html Form !
192[-] No Html Form Found!?
193--------------------------------------------------
194[!] Found 8 dom parameter
195[#] http://gltmf.eu/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fgltmf.eu%2F&format=xml
196[#] http://gltmf.eu//#
197[#] http://gltmf.eu//#
198[#] http://gltmf.eu//#
199[#] http://gltmf.eu//#
200[#] http://gltmf.eu//#
201[#] http://gltmf.eu//#
202[#] http://gltmf.eu//#
203--------------------------------------------------
204[!] 3 Internal Dynamic Parameter Discovered
205[+] http://gltmf.eu/xmlrpc.php?rsd
206[+] http://gltmf.eu/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fgltmf.eu%2F
207[+] http://gltmf.eu/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fgltmf.eu%2F&format=xml
208--------------------------------------------------
209[-] No external Dynamic Paramter Found!?
210--------------------------------------------------
211[!] 32 Internal links Discovered
212[+] http://gltmf.eu/
213[+] http://gltmf.eu/feed/
214[+] http://gltmf.eu/comments/feed/
215[+] http://gltmf.eu/wp-includes/wlwmanifest.xml
216[+] http://gltmf.eu/feed/
217[+] http://gltmf.eu/xmlrpc.php
218[+] http://gltmf.eu/wp-content/uploads/2016/08/favicon-16x16.png
219[+] http://gltmf.eu/
220[+] http://gltmf.eu/quest-ce-que-la-franc-maconnerie/
221[+] http://gltmf.eu/devenir-franc-macon/
222[+] http://gltmf.eu/etre-franc-macon/
223[+] http://gltmf.eu/la-regle-en-12-points/
224[+] http://gltmf.eu/le-secret-maconnique/
225[+] http://gltmf.eu/g-l-t-m-f-histoire-dune-naissance/
226[+] http://gltmf.eu/constitution-historique/
227[+] http://gltmf.eu/tradition-modernite/
228[+] http://gltmf.eu/nos-grands-maitres/
229[+] http://gltmf.eu/les-rites-pratiques/
230[+] http://gltmf.eu/nos-statuts-reglements/
231[+] http://gltmf.eu/la-confederation-mediterraneenne/
232[+] http://gltmf.eu/lumiere-assassinee/
233[+] http://gltmf.eu/presentation-grandes-loges/
234[+] http://gltmf.eu/gltmf-thailande/
235[+] http://gltmf.eu/gltmf-thailande-organisation/
236[+] http://gltmf.eu/gltmf-thailande-phuket/
237[+] http://gltmf.eu/gltmf-thailande-bangkok/
238[+] http://gltmf.eu/gltmf-thailande-udonthani/
239[+] http://gltmf.eu/gltmf-thailande-contact/
240[+] http://gltmf.eu/telechargements/
241[+] http://gltmf.eu/contact/
242[+] http://gltmf.eu/category/actualites/
243[+] http://gltmf.eu/contact/
244--------------------------------------------------
245[!] 3 External links Discovered
246[#] http://gmpg.org/xfn/11
247[#] http://jeanbaptistekleber.com/loge-jean-baptiste-kleber/
248[#] http://www.gltmf.oxatis.com/
249--------------------------------------------------
250[#] Mapping Subdomain..
251[!] Found 1 Subdomain
252- gltmf.eu
253--------------------------------------------------
254[!] Done At 2019-09-28 03:07:31.616414
255######################################################################################################################################
256[i] Scanning Site: http://gltmf.eu
257
258
259
260B A S I C I N F O
261====================
262
263
264[+] Site Title: GLTMF - Grande Loge Traditionnelle et Moderne de France
265[+] IP address: 109.234.162.45
266[+] Web Server: o2switch PowerBoost
267[+] CMS: WordPress
268[+] Cloudflare: Not Detected
269[+] Robots File: Found
270
271-------------[ contents ]----------------
272User-agent: *
273Disallow: /wp-admin/
274Allow: /wp-admin/admin-ajax.php
275
276-----------[end of contents]-------------
277
278
279
280W H O I S L O O K U P
281========================
282
283 %
284% The EURid WHOIS service on port 43 (textual whois) never
285% discloses any information concerning the registrant.
286% Registrant and onsite contact information can be obtained through use of the
287% webbased WHOIS service available from the EURid website www.eurid.eu
288%
289% WHOIS gltmf.eu
290Domain: gltmf.eu
291Script: LATIN
292
293Registrant:
294 NOT DISCLOSED!
295 Visit www.eurid.eu for webbased WHOIS.
296
297Technical:
298 Organisation: Online SAS
299 Language: fr
300 Email: eurid-whois@bookmyname.com
301
302Registrar:
303 Name: online sas
304 Website: https://www.bookmyname.com
305
306Name servers:
307 ns1.o2switch.net
308 ns2.o2switch.net
309
310Please visit www.eurid.eu for more info.
311
312
313
314
315G E O I P L O O K U P
316=========================
317
318[i] IP Address: 109.234.162.45
319[i] Country: France
320[i] State:
321[i] City:
322[i] Latitude: 48.8582
323[i] Longitude: 2.3387000000000002
324
325
326
327
328H T T P H E A D E R S
329=======================
330
331
332[i] HTTP/1.1 200 OK
333[i] Server: o2switch PowerBoost
334[i] Date: Sat, 28 Sep 2019 07:07:25 GMT
335[i] Content-Type: text/html; charset=UTF-8
336[i] Connection: close
337[i] Vary: Accept-Encoding
338[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
339[i] Cache-Control: no-store, no-cache, must-revalidate
340[i] Pragma: no-cache
341[i] Link: <http://gltmf.eu/wp-json/>; rel="https://api.w.org/", <http://gltmf.eu/>; rel=shortlink
342[i] Set-Cookie: PHPSESSID=581e4432accd0a5aef6f79d3e17b603c; path=/
343
344
345
346
347D N S L O O K U P
348===================
349
350gltmf.eu. 21599 IN SOA ns1.o2switch.net. support.o2switch.fr. 2017012000 3600 7200 1209600 86400
351gltmf.eu. 21599 IN NS ns1.o2switch.net.
352gltmf.eu. 21599 IN NS ns2.o2switch.net.
353gltmf.eu. 14399 IN A 109.234.162.45
354gltmf.eu. 14399 IN MX 0 gltmf.eu.
355
356
357
358
359S U B N E T C A L C U L A T I O N
360====================================
361
362Address = 109.234.162.45
363Network = 109.234.162.45 / 32
364Netmask = 255.255.255.255
365Broadcast = not needed on Point-to-Point links
366Wildcard Mask = 0.0.0.0
367Hosts Bits = 0
368Max. Hosts = 1 (2^0 - 0)
369Host Range = { 109.234.162.45 - 109.234.162.45 }
370
371
372
373N M A P P O R T S C A N
374============================
375
376Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-28 07:07 UTC
377Nmap scan report for gltmf.eu (109.234.162.45)
378Host is up (0.088s latency).
379rDNS record for 109.234.162.45: kilo.o2switch.net
380
381PORT STATE SERVICE
38221/tcp open ftp
38322/tcp filtered ssh
38423/tcp filtered telnet
38580/tcp open http
386110/tcp open pop3
387143/tcp open imap
388443/tcp open https
3893389/tcp filtered ms-wbt-server
390
391Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
392######################################################################################################################################
393; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace gltmf.eu
394;; global options: +cmd
395. 82628 IN NS k.root-servers.net.
396. 82628 IN NS f.root-servers.net.
397. 82628 IN NS d.root-servers.net.
398. 82628 IN NS j.root-servers.net.
399. 82628 IN NS m.root-servers.net.
400. 82628 IN NS g.root-servers.net.
401. 82628 IN NS b.root-servers.net.
402. 82628 IN NS l.root-servers.net.
403. 82628 IN NS i.root-servers.net.
404. 82628 IN NS h.root-servers.net.
405. 82628 IN NS c.root-servers.net.
406. 82628 IN NS a.root-servers.net.
407. 82628 IN NS e.root-servers.net.
408. 82628 IN RRSIG NS 8 0 518400 20191011050000 20190928040000 59944 . M2/pztQA5M3yKsxBHFunkxHu99aDaPjvo/OdBj24SIpGnsF32zMxTCD0 GaK2OztD+2eaqf3eENHJCQuwb2cFtsiLCbyx0d6kSmmIiJPw3mEZ+W1t tplJwghGtAmj0Fqtb2f7DtlcVUraowz2s6vfPuDlrLla0Nabij9WikwL TQGtdJ83LtV30Sl/cxglkKX892KyiVRIL463prTUdcP5VFk1836iPLYW HnPimmCcGxsEYkP+5+VCvZzKyCqkADZVrpBAirud20z7gdcL6MXZqzEX 4Kkv6sUi7jomDYbgHwlV+CFVLzDdTzsWbQBRVYrd0klVJC5gRtV6jf6M TQnMOQ==
409;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 190 ms
410
411eu. 172800 IN NS w.dns.eu.
412eu. 172800 IN NS x.dns.eu.
413eu. 172800 IN NS y.dns.eu.
414eu. 172800 IN NS nl.dns.eu.
415eu. 172800 IN NS si.dns.eu.
416eu. 172800 IN NS uk.dns.eu.
417eu. 86400 IN DS 59479 8 2 5DBAA81BC0BEFE921886D8DA28498D9FD441B457FB0E3642A0B2F981 1C8E15E0
418eu. 86400 IN RRSIG DS 8 1 86400 20191011050000 20190928040000 59944 . gj88kinkfLF/S9VwzWZ5OfaJHxOESlAp1b62Fh8L1rNfXwcnXKXiVSrO MMcx6YaODLN9RNmb3pf9VMlbMvyvCte/wAu60uS3O8qp+G5mR7hFP+HW hfZlg06r4QgEGlFUIWv3plVgCtQon5qFWtORfN2pI5aCtp6VYCR7zIMY hoSiISqV1FyA4gMVg9a1jQXvp1089GV/aJ7WfDXMgbHPI00MejC9AEyu n7ClaK2uEGe0d1blge5xAZcg+Q2xByL5pJFXpDwvVZfwCtm8qg1dKna1 BV/Tpltil9xxUtSyRzaIGU2IDXFGCAKlxuSXNUWBA3HHDvt9dQKNSJ/Z XPMKnw==
419;; Received 683 bytes from 2001:500:2f::f#53(f.root-servers.net) in 24 ms
420
421gltmf.eu. 86400 IN NS ns1.o2switch.net.
422gltmf.eu. 86400 IN NS ns2.o2switch.net.
423QBQ65Q6097OCPPR0EUCQNSC1FHE073UA.eu. 600 IN NSEC3 1 1 1 5CA1AB1E QBQ81BBEI8DS73APBVFC3RDIDPVNGI4I NS SOA RRSIG DNSKEY NSEC3PARAM
424QBQ65Q6097OCPPR0EUCQNSC1FHE073UA.eu. 600 IN RRSIG NSEC3 8 2 600 20191003103044 20190926100802 42204 eu. HFqu8GjBkxJtIKl9P5rnYctL58jF7zZhAen3hrETntiteEOqFZyATL7H aj+Svh1PiSVXRg6r+ZDiMarhqSmG1wiRYquMSmMb1KE7zMtCXWBdnmsU Vy8fLdz88lkbyYgX5z0N1hbCbKqSq/PI/0bieXZ7XeDMCq810t3SHwSl alg=
425TFKIITKQQIQRIDKHKRKEINNG1H97NFFN.eu. 600 IN NSEC3 1 1 1 5CA1AB1E TFKNC8BBVLH4QHFBDB2PSVO9JDQ9UAF1 NS DS RRSIG
426TFKIITKQQIQRIDKHKRKEINNG1H97NFFN.eu. 600 IN RRSIG NSEC3 8 2 600 20191004161601 20190927152839 42204 eu. DAi7qFSLd9eTzvyVk4obx9XtSUIdyfWS2GeIKYjmw2sbFwqRkZ4ZBlZo 10E61sXOf2LWwZWVPzz6zTJ52cZ8Dk5QZsDTW5zCOItm4PkPE2bqivqF ZoA6eowQDM+ympqOxTBqxYbRSuzETL2slSO8cuYKCze+kTnSqohvg10H 9EQ=
427;; Received 576 bytes from 195.66.241.178#53(uk.dns.eu) in 205 ms
428
429gltmf.eu. 14400 IN A 109.234.162.45
430gltmf.eu. 86400 IN NS ns2.o2switch.net.
431gltmf.eu. 86400 IN NS ns1.o2switch.net.
432;; Received 161 bytes from 109.234.161.5#53(ns2.o2switch.net) in 311 ms
433######################################################################################################################################
434Trying "gltmf.eu"
435;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38801
436;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3
437
438;; QUESTION SECTION:
439;gltmf.eu. IN ANY
440
441;; ANSWER SECTION:
442gltmf.eu. 14400 IN MX 0 gltmf.eu.
443gltmf.eu. 14400 IN A 109.234.162.45
444gltmf.eu. 43200 IN SOA ns1.o2switch.net. support.o2switch.fr. 2017012000 3600 7200 1209600 86400
445gltmf.eu. 43200 IN NS ns2.o2switch.net.
446gltmf.eu. 43200 IN NS ns1.o2switch.net.
447
448;; AUTHORITY SECTION:
449gltmf.eu. 43200 IN NS ns1.o2switch.net.
450gltmf.eu. 43200 IN NS ns2.o2switch.net.
451
452;; ADDITIONAL SECTION:
453gltmf.eu. 14400 IN A 109.234.162.45
454ns1.o2switch.net. 1155 IN A 109.234.160.5
455ns2.o2switch.net. 15498 IN A 109.234.161.5
456
457Received 237 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 150 ms
458######################################################################################################################################
459[*] Performing General Enumeration of Domain: gltmf.eu
460[-] DNSSEC is not configured for gltmf.eu
461[*] SOA ns1.o2switch.net 109.234.160.5
462[*] NS ns1.o2switch.net 109.234.160.5
463[*] Bind Version for 109.234.160.5 unknown
464[*] NS ns2.o2switch.net 109.234.161.5
465[*] Bind Version for 109.234.161.5 unknown
466[*] MX gltmf.eu 109.234.162.45
467[*] A gltmf.eu 109.234.162.45
468[*] Enumerating SRV Records
469[*] SRV _caldav._tcp.gltmf.eu kilo.o2switch.net 109.234.162.45 2079 0
470[*] SRV _caldavs._tcp.gltmf.eu kilo.o2switch.net 109.234.162.45 2080 0
471[*] SRV _carddav._tcp.gltmf.eu kilo.o2switch.net 109.234.162.45 2079 0
472[*] SRV _carddavs._tcp.gltmf.eu kilo.o2switch.net 109.234.162.45 2080 0
473[*] SRV _autodiscover._tcp.gltmf.eu kilo.o2switch.net 109.234.162.45 443 0
474[+] 5 Records Found
475######################################################################################################################################
476[*] Processing domain gltmf.eu
477[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
478[+] Getting nameservers
479109.234.160.5 - ns1.o2switch.net
480109.234.161.5 - ns2.o2switch.net
481[-] Zone transfer failed
482
483[+] MX records found, added to target list
4840 gltmf.eu.
485
486[*] Scanning gltmf.eu for A records
487109.234.162.45 - gltmf.eu
488109.234.162.45 - autoconfig.gltmf.eu
489109.234.162.45 - autodiscover.gltmf.eu
490109.234.162.45 - cpanel.gltmf.eu
491109.234.162.45 - ftp.gltmf.eu
492109.234.162.45 - mail.gltmf.eu
493109.234.162.45 - webdisk.gltmf.eu
494109.234.162.45 - webmail.gltmf.eu
495109.234.162.45 - whm.gltmf.eu
496109.234.162.45 - www.gltmf.eu
497######################################################################################################################################
498
499 AVAILABLE PLUGINS
500 -----------------
501
502 SessionRenegotiationPlugin
503 OpenSslCcsInjectionPlugin
504 SessionResumptionPlugin
505 HttpHeadersPlugin
506 EarlyDataPlugin
507 CompressionPlugin
508 CertificateInfoPlugin
509 RobotPlugin
510 OpenSslCipherSuitesPlugin
511 HeartbleedPlugin
512 FallbackScsvPlugin
513
514
515
516 CHECKING HOST(S) AVAILABILITY
517 -----------------------------
518
519 109.234.162.45:443 => 109.234.162.45
520
521
522
523
524 SCAN RESULTS FOR 109.234.162.45:443 - 109.234.162.45
525 ----------------------------------------------------
526
527 * Downgrade Attacks:
528 TLS_FALLBACK_SCSV: OK - Supported
529
530 * Certificate Information:
531 Content
532 SHA1 Fingerprint: bfbd772b87721378f9c28450737ca910cab86427
533 Common Name: kilo.o2switch.net
534 Issuer: cPanel, Inc. Certification Authority
535 Serial Number: 31604639723453486961044164317852422996
536 Not Before: 2017-07-16 00:00:00
537 Not After: 2018-07-16 23:59:59
538 Signature Algorithm: sha256
539 Public Key Algorithm: RSA
540 Key Size: 2048
541 Exponent: 65537 (0x10001)
542 DNS Subject Alternative Names: ['kilo.o2switch.net', 'www.kilo.o2switch.net']
543
544 Trust
545 Hostname Validation: FAILED - Certificate does NOT match 109.234.162.45
546 Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: certificate has expired
547 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: certificate has expired
548 Java CA Store (jdk-12.0.1): FAILED - Certificate is NOT Trusted: certificate has expired
549 Mozilla CA Store (2019-03-14): FAILED - Certificate is NOT Trusted: certificate has expired
550 Windows CA Store (2019-05-27): FAILED - Certificate is NOT Trusted: certificate has expired
551 Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
552 Received Chain: kilo.o2switch.net --> cPanel, Inc. Certification Authority --> COMODO RSA Certification Authority
553 Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
554 Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
555 Received Chain Order: OK - Order is valid
556 Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
557
558 Extensions
559 OCSP Must-Staple: NOT SUPPORTED - Extension not found
560 Certificate Transparency: NOT SUPPORTED - Extension not found
561
562 OCSP Stapling
563 NOT SUPPORTED - Server did not send back an OCSP response
564
565 * TLS 1.2 Session Resumption Support:
566 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
567 With TLS Tickets: NOT SUPPORTED - TLS ticket not assigned.
568
569 * OpenSSL CCS Injection:
570 OK - Not vulnerable to OpenSSL CCS injection
571
572 * Session Renegotiation:
573 Client-initiated Renegotiation: OK - Rejected
574 Secure Renegotiation: OK - Supported
575
576 * SSLV2 Cipher Suites:
577 Server rejected all cipher suites.
578
579 * TLSV1_3 Cipher Suites:
580 Server rejected all cipher suites.
581
582 * Deflate Compression:
583 OK - Compression disabled
584
585 * SSLV3 Cipher Suites:
586 Server rejected all cipher suites.
587
588 * TLSV1_1 Cipher Suites:
589 Server rejected all cipher suites.
590
591 * OpenSSL Heartbleed:
592 OK - Not vulnerable to Heartbleed
593
594 * TLSV1 Cipher Suites:
595 Server rejected all cipher suites.
596
597 * TLSV1_2 Cipher Suites:
598 Forward Secrecy OK - Supported
599 RC4 OK - Not Supported
600
601 Preferred:
602 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
603 Accepted:
604 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 256 bits HTTP 200 OK
605 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
606 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
607 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
608 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
609 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
610 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
611 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
612 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
613 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
614 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 256 bits HTTP 200 OK
615 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
616 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
617 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
618 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
619 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
620 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
621 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
622 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 256 bits HTTP 200 OK
623 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
624 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
625 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
626 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
627 TLS_DHE_RSA_WITH_AES_256_CCM 256 bits HTTP 200 OK
628 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
629 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
630 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
631 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
632 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
633 RSA_WITH_AES_256_CCM_8 256 bits HTTP 200 OK
634 RSA_WITH_AES_256_CCM 256 bits HTTP 200 OK
635 RSA_WITH_AES_128_CCM_8 128 bits HTTP 200 OK
636 RSA_WITH_AES_128_CCM 128 bits HTTP 200 OK
637 DHE_RSA_WITH_AES_256_CCM_8 256 bits HTTP 200 OK
638 DHE_RSA_WITH_AES_128_CCM_8 128 bits HTTP 200 OK
639 DHE_RSA_WITH_AES_128_CCM 128 bits HTTP 200 OK
640
641 * ROBOT Attack:
642 OK - Not vulnerable
643
644
645 SCAN COMPLETED IN 25.25 S
646 -------------------------
647######################################################################################################################################
648
649
650Domains still to check: 1
651 Checking if the hostname gltmf.eu. given is in fact a domain...
652
653Analyzing domain: gltmf.eu.
654 Checking NameServers using system default resolver...
655 IP: 109.234.160.5 (France)
656 HostName: ns1.o2switch.net Type: NS
657 HostName: ns1.o2switch.net Type: PTR
658 IP: 109.234.161.5 (France)
659 HostName: ns2.o2switch.net Type: NS
660 HostName: ns2.o2switch.net Type: PTR
661
662 Checking MailServers using system default resolver...
663 IP: 109.234.162.45 (France)
664 HostName: gltmf.eu Type: MX
665 HostName: kilo.o2switch.net Type: PTR
666
667 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
668 No zone transfer found on nameserver 109.234.160.5
669 No zone transfer found on nameserver 109.234.161.5
670
671 Checking SPF record...
672 No SPF record
673
674 Checking 192 most common hostnames using system default resolver...
675 IP: 109.234.162.45 (France)
676 HostName: gltmf.eu Type: MX
677 HostName: kilo.o2switch.net Type: PTR
678 HostName: www.gltmf.eu. Type: A
679 IP: 109.234.162.45 (France)
680 HostName: gltmf.eu Type: MX
681 HostName: kilo.o2switch.net Type: PTR
682 HostName: www.gltmf.eu. Type: A
683 HostName: ftp.gltmf.eu. Type: A
684 IP: 109.234.162.45 (France)
685 HostName: gltmf.eu Type: MX
686 HostName: kilo.o2switch.net Type: PTR
687 HostName: www.gltmf.eu. Type: A
688 HostName: ftp.gltmf.eu. Type: A
689 HostName: mail.gltmf.eu. Type: A
690 IP: 109.234.162.45 (France)
691 HostName: gltmf.eu Type: MX
692 HostName: kilo.o2switch.net Type: PTR
693 HostName: www.gltmf.eu. Type: A
694 HostName: ftp.gltmf.eu. Type: A
695 HostName: mail.gltmf.eu. Type: A
696 HostName: webmail.gltmf.eu. Type: A
697
698 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
699 Checking netblock 109.234.160.0
700 Checking netblock 109.234.162.0
701 Checking netblock 109.234.161.0
702
703 Searching for gltmf.eu. emails in Google
704
705 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
706 Host 109.234.160.5 is up (reset ttl 64)
707 Host 109.234.162.45 is up (reset ttl 64)
708 Host 109.234.161.5 is up (reset ttl 64)
709
710 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
711 Scanning ip 109.234.160.5 (ns1.o2switch.net (PTR)):
712 53/tcp open tcpwrapped syn-ack ttl 57
713 | dns-nsid:
714 |_ bind.version: unknown
715 Scanning ip 109.234.162.45 (webmail.gltmf.eu.):
716 Scanning ip 109.234.161.5 (ns2.o2switch.net (PTR)):
717 53/tcp open tcpwrapped syn-ack ttl 57
718 | dns-nsid:
719 |_ bind.version: unknown
720 WebCrawling domain's web servers... up to 50 max links.
721--Finished--
722Summary information for domain gltmf.eu.
723-----------------------------------------
724
725 Domain Ips Information:
726 IP: 109.234.160.5
727 HostName: ns1.o2switch.net Type: NS
728 HostName: ns1.o2switch.net Type: PTR
729 Country: France
730 Is Active: True (reset ttl 64)
731 Port: 53/tcp open tcpwrapped syn-ack ttl 57
732 Script Info: | dns-nsid:
733 Script Info: |_ bind.version: unknown
734 IP: 109.234.162.45
735 HostName: gltmf.eu Type: MX
736 HostName: kilo.o2switch.net Type: PTR
737 HostName: www.gltmf.eu. Type: A
738 HostName: ftp.gltmf.eu. Type: A
739 HostName: mail.gltmf.eu. Type: A
740 HostName: webmail.gltmf.eu. Type: A
741 Country: France
742 Is Active: True (reset ttl 64)
743 IP: 109.234.161.5
744 HostName: ns2.o2switch.net Type: NS
745 HostName: ns2.o2switch.net Type: PTR
746 Country: France
747 Is Active: True (reset ttl 64)
748 Port: 53/tcp open tcpwrapped syn-ack ttl 57
749 Script Info: | dns-nsid:
750 Script Info: |_ bind.version: unknown
751#######################################################################################################################################
752dnsenum VERSION:1.2.4
753
754----- gltmf.eu -----
755
756
757Host's addresses:
758__________________
759
760gltmf.eu. 12245 IN A 109.234.162.45
761
762
763Name Servers:
764______________
765
766ns2.o2switch.net. 11722 IN A 109.234.161.5
767ns1.o2switch.net. 11722 IN A 109.234.160.5
768
769
770Mail (MX) Servers:
771___________________
772
773gltmf.eu. 12243 IN A 109.234.162.45
774
775
776Trying Zone Transfers and getting Bind Versions:
777_________________________________________________
778
779
780Trying Zone Transfer for gltmf.eu on ns2.o2switch.net ...
781
782Trying Zone Transfer for gltmf.eu on ns1.o2switch.net ...
783
784brute force file not specified, bay.
785#######################################################################################################################################
786% WHOIS gltmf.eu
787Domain: gltmf.eu
788Script: LATIN
789
790Registrant:
791 NOT DISCLOSED!
792 Visit www.eurid.eu for webbased WHOIS.
793
794Technical:
795 Organisation: Online SAS
796 Language: fr
797 Email: eurid-whois@bookmyname.com
798
799Registrar:
800 Name: online sas
801 Website: https://www.bookmyname.com
802
803Name servers:
804 ns1.o2switch.net
805 ns2.o2switch.net
806
807Please visit www.eurid.eu for more info.
808#######################################################################################################################################
809[-] Enumerating subdomains now for gltmf.eu
810[-] verbosity is enabled, will show the subdomains results in realtime
811[-] Searching now in Baidu..
812[-] Searching now in Yahoo..
813[-] Searching now in Google..
814[-] Searching now in Bing..
815[-] Searching now in Ask..
816[-] Searching now in Netcraft..
817[-] Searching now in DNSdumpster..
818[-] Searching now in Virustotal..
819[-] Searching now in ThreatCrowd..
820[-] Searching now in SSL Certificates..
821[-] Searching now in PassiveDNS..
822SSL Certificates: mail.gltmf.eu
823SSL Certificates: www.gltmf.eu
824Yahoo: www.gltmf.eu
825[-] Saving results to file: /usr/share/sniper/loot/workspace/gltmf.eu/domains/domains-gltmf.eu.txt
826[-] Total Unique Subdomains Found: 2
827www.gltmf.eu
828mail.gltmf.eu
829#######################################################################################################################################
830===============================================
831-=Subfinder v1.1.3 github.com/subfinder/subfinder
832===============================================
833
834
835Running Source: Ask
836Running Source: Archive.is
837Running Source: Baidu
838Running Source: Bing
839Running Source: CertDB
840Running Source: CertificateTransparency
841Running Source: Certspotter
842Running Source: Commoncrawl
843Running Source: Crt.sh
844Running Source: Dnsdb
845Running Source: DNSDumpster
846Running Source: DNSTable
847Running Source: Dogpile
848Running Source: Exalead
849Running Source: Findsubdomains
850Running Source: Googleter
851Running Source: Hackertarget
852Running Source: Ipv4Info
853Running Source: PTRArchive
854Running Source: Sitedossier
855Running Source: Threatcrowd
856Running Source: ThreatMiner
857Running Source: WaybackArchive
858Running Source: Yahoo
859
860Running enumeration on gltmf.eu
861
862ipv4info: <nil>
863
864waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.gltmf.eu/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
865
866dnsdb: Unexpected return status 404
867
868
869Starting Bruteforcing of gltmf.eu with 9985 words
870
871Total 12 Unique subdomains found for gltmf.eu
872
873.gltmf.eu
874autoconfig.gltmf.eu
875autodiscover.gltmf.eu
876cpanel.gltmf.eu
877ftp.gltmf.eu
878mail.gltmf.eu
879mail.gltmf.eu
880webdisk.gltmf.eu
881webmail.gltmf.eu
882whm.gltmf.eu
883www.gltmf.eu
884www.gltmf.eu
885#######################################################################################################################################
886[*] Processing domain gltmf.eu
887[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
888[+] Getting nameservers
889109.234.160.5 - ns1.o2switch.net
890109.234.161.5 - ns2.o2switch.net
891[-] Zone transfer failed
892
893[+] MX records found, added to target list
8940 gltmf.eu.
895
896[*] Scanning gltmf.eu for A records
897109.234.162.45 - gltmf.eu
898109.234.162.45 - autodiscover.gltmf.eu
899109.234.162.45 - ftp.gltmf.eu
900109.234.162.45 - mail.gltmf.eu
901109.234.162.45 - webmail.gltmf.eu
902109.234.162.45 - www.gltmf.eu
903######################################################################################################################################
904[+] gltmf.eu has no SPF record!
905[*] No DMARC record found. Looking for organizational record
906[+] No organizational DMARC record
907[+] Spoofing possible for gltmf.eu!
908#######################################################################################################################################
909Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:25 EDT
910Nmap scan report for gltmf.eu (109.234.162.45)
911Host is up (0.13s latency).
912rDNS record for 109.234.162.45: kilo.o2switch.net
913Not shown: 2 filtered ports
914PORT STATE SERVICE
91553/udp open|filtered domain
91667/udp open|filtered dhcps
91768/udp open|filtered dhcpc
91869/udp open|filtered tftp
91988/udp open|filtered kerberos-sec
920123/udp open|filtered ntp
921139/udp open|filtered netbios-ssn
922161/udp open|filtered snmp
923162/udp open|filtered snmptrap
924389/udp open|filtered ldap
925500/udp open|filtered isakmp
926520/udp open|filtered route
9272049/udp open|filtered nfs
928
929Nmap done: 1 IP address (1 host up) scanned in 3.38 seconds
930#######################################################################################################################################
931Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:12 EDT
932Nmap scan report for kilo.o2switch.net (109.234.162.45)
933Host is up (0.23s latency).
934Not shown: 449 filtered ports, 24 closed ports
935Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
936PORT STATE SERVICE
93721/tcp open ftp
93880/tcp open http
939110/tcp open pop3
940143/tcp open imap
941443/tcp open https
942465/tcp open smtps
943587/tcp open submission
944993/tcp open imaps
945995/tcp open pop3s
9463306/tcp open mysql
947
948Nmap done: 1 IP address (1 host up) scanned in 6.45 seconds
949#######################################################################################################################################
950Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:13 EDT
951Nmap scan report for kilo.o2switch.net (109.234.162.45)
952Host is up (0.12s latency).
953Not shown: 2 filtered ports
954PORT STATE SERVICE
95553/udp open|filtered domain
95667/udp open|filtered dhcps
95768/udp open|filtered dhcpc
95869/udp open|filtered tftp
95988/udp open|filtered kerberos-sec
960123/udp open|filtered ntp
961139/udp open|filtered netbios-ssn
962161/udp open|filtered snmp
963162/udp open|filtered snmptrap
964389/udp open|filtered ldap
965500/udp open|filtered isakmp
966520/udp open|filtered route
9672049/udp open|filtered nfs
968
969Nmap done: 1 IP address (1 host up) scanned in 3.20 seconds
970#######################################################################################################################################
971Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:13 EDT
972NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
973NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
974NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
975Nmap scan report for kilo.o2switch.net (109.234.162.45)
976Host is up (0.20s latency).
977
978PORT STATE SERVICE VERSION
97921/tcp open ftp Pure-FTPd
980| ftp-brute:
981| Accounts: No valid accounts found
982|_ Statistics: Performed 3065 guesses in 287 seconds, average tps: 9.2
983|_vulscan: ERROR: Script execution failed (use -d to debug)
984Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
985OS fingerprint not ideal because: Timing level 5 (Insane) used
986No OS matches for host
987Network Distance: 8 hops
988
989TRACEROUTE (using port 21/tcp)
990HOP RTT ADDRESS
9911 239.11 ms 10.230.204.1
9922 239.18 ms 45.131.4.2
9933 239.17 ms 109.236.95.226
9944 239.21 ms 109.236.95.173
9955 239.25 ms amsix1.tc2.ams.as8218.eu (80.249.209.53)
9966 239.23 ms et-2-0-0.tcr1.rb.par.core.as8218.eu (83.167.55.148)
9977 342.80 ms 172.17.100.55
9988 342.78 ms kilo.o2switch.net (109.234.162.45)
999#######################################################################################################################################
1000Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:18 EDT
1001NSE: Loaded 164 scripts for scanning.
1002NSE: Script Pre-scanning.
1003Initiating NSE at 03:18
1004Completed NSE at 03:18, 0.00s elapsed
1005Initiating NSE at 03:18
1006Completed NSE at 03:18, 0.00s elapsed
1007Initiating Parallel DNS resolution of 1 host. at 03:18
1008Completed Parallel DNS resolution of 1 host. at 03:18, 0.02s elapsed
1009Initiating SYN Stealth Scan at 03:18
1010Scanning kilo.o2switch.net (109.234.162.45) [1 port]
1011Discovered open port 80/tcp on 109.234.162.45
1012Completed SYN Stealth Scan at 03:18, 0.18s elapsed (1 total ports)
1013Initiating Service scan at 03:18
1014Scanning 1 service on kilo.o2switch.net (109.234.162.45)
1015Completed Service scan at 03:19, 17.52s elapsed (1 service on 1 host)
1016Initiating OS detection (try #1) against kilo.o2switch.net (109.234.162.45)
1017Initiating Traceroute at 03:19
1018Completed Traceroute at 03:19, 9.03s elapsed
1019Initiating Parallel DNS resolution of 6 hosts. at 03:19
1020Completed Parallel DNS resolution of 6 hosts. at 03:19, 1.74s elapsed
1021NSE: Script scanning 109.234.162.45.
1022Initiating NSE at 03:19
1023NSE: [http-wordpress-enum 109.234.162.45:80] got no answers from pipelined queries
1024Completed NSE at 03:28, 583.25s elapsed
1025Initiating NSE at 03:28
1026Completed NSE at 03:29, 2.01s elapsed
1027Nmap scan report for kilo.o2switch.net (109.234.162.45)
1028Host is up (0.14s latency).
1029
1030PORT STATE SERVICE VERSION
103180/tcp open http o2switch PowerBoost
1032| fingerprint-strings:
1033| GetRequest:
1034| HTTP/1.1 500 Internal Server Error
1035| Server: o2switch PowerBoost
1036| Date: Sat, 28 Sep 2019 07:18:45 GMT
1037| Content-Type: text/html
1038| Content-Length: 170
1039| Connection: close
1040| <html>
1041| <head><title>500 Internal Server Error</title></head>
1042| <body>
1043| <center><h1>500 Internal Server Error</h1></center>
1044| <hr><center>nginx</center>
1045| </body>
1046| </html>
1047| HTTPOptions:
1048| HTTP/1.1 500 Internal Server Error
1049| Server: o2switch PowerBoost
1050| Date: Sat, 28 Sep 2019 07:18:46 GMT
1051| Content-Type: text/html
1052| Content-Length: 170
1053| Connection: close
1054| <html>
1055| <head><title>500 Internal Server Error</title></head>
1056| <body>
1057| <center><h1>500 Internal Server Error</h1></center>
1058| <hr><center>nginx</center>
1059| </body>
1060|_ </html>
1061|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
1062| http-brute:
1063|_ Path "/" does not require authentication
1064|_http-chrono: Request times for /; avg: 16535.12ms; min: 16328.14ms; max: 16627.24ms
1065|_http-csrf: Couldn't find any CSRF vulnerabilities.
1066|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1067|_http-dombased-xss: Couldn't find any DOM based XSS.
1068|_http-errors: ERROR: Script execution failed (use -d to debug)
1069|_http-feed: Couldn't find any feeds.
1070|_http-fetch: Please enter the complete path of the directory to save data in.
1071|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1072|_http-mobileversion-checker: No mobile version detected.
1073|_http-security-headers:
1074|_http-server-header: o2switch PowerBoost
1075| http-sitemap-generator:
1076| Directory structure:
1077| Longest directory structure:
1078| Depth: 0
1079| Dir: /
1080| Total files found (by extension):
1081|_
1082|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1083|_http-traceroute: ERROR: Script execution failed (use -d to debug)
1084| http-vhosts:
1085|_127 names had status ERROR
1086|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
1087|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1088|_http-xssed: No previously reported XSS vuln.
10891 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1090SF-Port80-TCP:V=7.80%I=7%D=9/28%Time=5D8F095A%P=x86_64-pc-linux-gnu%r(GetR
1091SF:equest,153,"HTTP/1\.1\x20500\x20Internal\x20Server\x20Error\r\nServer:\
1092SF:x20o2switch\x20PowerBoost\r\nDate:\x20Sat,\x2028\x20Sep\x202019\x2007:1
1093SF:8:45\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20170\r\n
1094SF:Connection:\x20close\r\n\r\n<html>\r\n<head><title>500\x20Internal\x20S
1095SF:erver\x20Error</title></head>\r\n<body>\r\n<center><h1>500\x20Internal\
1096SF:x20Server\x20Error</h1></center>\r\n<hr><center>nginx</center>\r\n</bod
1097SF:y>\r\n</html>\r\n")%r(HTTPOptions,153,"HTTP/1\.1\x20500\x20Internal\x20
1098SF:Server\x20Error\r\nServer:\x20o2switch\x20PowerBoost\r\nDate:\x20Sat,\x
1099SF:2028\x20Sep\x202019\x2007:18:46\x20GMT\r\nContent-Type:\x20text/html\r\
1100SF:nContent-Length:\x20170\r\nConnection:\x20close\r\n\r\n<html>\r\n<head>
1101SF:<title>500\x20Internal\x20Server\x20Error</title></head>\r\n<body>\r\n<
1102SF:center><h1>500\x20Internal\x20Server\x20Error</h1></center>\r\n<hr><cen
1103SF:ter>nginx</center>\r\n</body>\r\n</html>\r\n");
1104Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1105Device type: specialized|WAP|phone
1106Running: iPXE 1.X, Linux 2.4.X|2.6.X, Sony Ericsson embedded
1107OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:sonyericsson:u8i_vivaz
1108OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
1109
1110TRACEROUTE (using port 80/tcp)
1111HOP RTT ADDRESS
11121 184.16 ms 10.230.204.1
11132 287.39 ms 45.131.4.3
11143 287.35 ms 109.236.95.230
11154 287.41 ms 109.236.95.167
11165 287.46 ms amsix1.tc2.ams.as8218.eu (80.249.209.53)
11176 287.45 ms et-2-0-0.tcr1.rb.par.core.as8218.eu (83.167.55.148)
11187 ... 30
1119
1120NSE: Script Post-scanning.
1121Initiating NSE at 03:29
1122Completed NSE at 03:29, 0.00s elapsed
1123Initiating NSE at 03:29
1124Completed NSE at 03:29, 0.00s elapsed
1125Read data files from: /usr/bin/../share/nmap
1126OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1127Nmap done: 1 IP address (1 host up) scanned in 617.87 seconds
1128 Raw packets sent: 153 (9.740KB) | Rcvd: 54 (4.078KB)
1129#######################################################################################################################################
1130HTTP/1.1 200 OK
1131Server: o2switch PowerBoost
1132Date: Sat, 28 Sep 2019 07:31:03 GMT
1133Content-Type: text/html
1134Content-Length: 166
1135Connection: keep-alive
1136Vary: Accept-Encoding
1137Last-Modified: Thu, 21 Feb 2019 07:46:17 GMT
1138Accept-Ranges: bytes
1139
1140HTTP/1.1 200 OK
1141Server: o2switch PowerBoost
1142Date: Sat, 28 Sep 2019 07:31:04 GMT
1143Content-Type: text/html
1144Content-Length: 166
1145Connection: keep-alive
1146Vary: Accept-Encoding
1147Last-Modified: Thu, 21 Feb 2019 07:46:17 GMT
1148Accept-Ranges: bytes
1149
1150Allow: POST,OPTIONS,HEAD,GET
1151#######################################################################################################################################
1152Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:31 EDT
1153NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
1154NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
1155NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
1156Nmap scan report for kilo.o2switch.net (109.234.162.45)
1157Host is up (0.23s latency).
1158
1159PORT STATE SERVICE VERSION
1160110/tcp open pop3 Dovecot pop3d
1161| pop3-brute:
1162| Accounts: No valid accounts found
1163|_ Statistics: Performed 215 guesses in 184 seconds, average tps: 1.1
1164|_pop3-capabilities: RESP-CODES STLS CAPA PIPELINING USER AUTH-RESP-CODE UIDL SASL(PLAIN LOGIN) TOP
1165|_vulscan: ERROR: Script execution failed (use -d to debug)
1166Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1167OS fingerprint not ideal because: Timing level 5 (Insane) used
1168No OS matches for host
1169Network Distance: 8 hops
1170
1171TRACEROUTE (using port 443/tcp)
1172HOP RTT ADDRESS
11731 238.62 ms 10.230.204.1
11742 238.70 ms 45.131.4.2
11753 238.68 ms 109.236.95.230
11764 238.72 ms 109.236.95.167
11775 238.80 ms amsix1.tc2.ams.as8218.eu (80.249.209.53)
11786 238.79 ms et-2-0-0.tcr1.rb.par.core.as8218.eu (83.167.55.148)
11797 340.66 ms 172.17.100.55
11808 340.57 ms kilo.o2switch.net (109.234.162.45)
1181#######################################################################################################################################
1182Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:34 EDT
1183NSE: Loaded 164 scripts for scanning.
1184NSE: Script Pre-scanning.
1185Initiating NSE at 03:34
1186Completed NSE at 03:34, 0.00s elapsed
1187Initiating NSE at 03:34
1188Completed NSE at 03:34, 0.00s elapsed
1189Initiating Parallel DNS resolution of 1 host. at 03:34
1190Completed Parallel DNS resolution of 1 host. at 03:34, 0.02s elapsed
1191Initiating SYN Stealth Scan at 03:34
1192Scanning kilo.o2switch.net (109.234.162.45) [1 port]
1193Discovered open port 443/tcp on 109.234.162.45
1194Completed SYN Stealth Scan at 03:34, 0.18s elapsed (1 total ports)
1195Initiating Service scan at 03:34
1196Scanning 1 service on kilo.o2switch.net (109.234.162.45)
1197Completed Service scan at 03:35, 53.62s elapsed (1 service on 1 host)
1198Initiating OS detection (try #1) against kilo.o2switch.net (109.234.162.45)
1199Retrying OS detection (try #2) against kilo.o2switch.net (109.234.162.45)
1200Initiating Traceroute at 03:35
1201Completed Traceroute at 03:35, 0.35s elapsed
1202Initiating Parallel DNS resolution of 8 hosts. at 03:35
1203Completed Parallel DNS resolution of 8 hosts. at 03:35, 0.36s elapsed
1204NSE: Script scanning 109.234.162.45.
1205Initiating NSE at 03:35
1206#######################################################################################################################################
1207https://109.234.162.45 [200 OK] Country[FRANCE][FR], HTTPServer[o2switch PowerBoost], IP[109.234.162.45], Meta-Refresh-Redirect[https://kilo.o2switch.net:2083]
1208https://kilo.o2switch.net:2083 [200 OK] Cookies[Horde,PPA_ID,cprelogin,cpsession,horde_secret_key,imp_key,roundcube_sessauth,roundcube_sessid], Country[FRANCE][FR], HTML5, HttpOnly[Horde,PPA_ID,cprelogin,cpsession,horde_secret_key,imp_key,roundcube_sessauth,roundcube_sessid], IP[109.234.162.45], PasswordField[pass], RoundCube, Script, Title[Identifiant cPanel], phpPgAdmin
1209#######################################################################################################################################
1210Version: 1.11.13-static
1211OpenSSL 1.0.2-chacha (1.0.2g-dev)
1212
1213Connected to 109.234.162.45
1214
1215Testing SSL server 109.234.162.45 on port 443 using SNI name 109.234.162.45
1216
1217 TLS Fallback SCSV:
1218Server supports TLS Fallback SCSV
1219
1220 TLS renegotiation:
1221Session renegotiation not supported
1222
1223 TLS Compression:
1224Compression disabled
1225
1226 Heartbleed:
1227TLS 1.2 not vulnerable to heartbleed
1228TLS 1.1 not vulnerable to heartbleed
1229TLS 1.0 not vulnerable to heartbleed
1230
1231 Supported Server Cipher(s):
1232Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
1233Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
1234Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1235Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1236Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
1237Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
1238Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
1239Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
1240Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1241Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1242Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1243Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1244Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1245Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1246Accepted TLSv1.2 128 bits AES128-SHA256
1247Accepted TLSv1.2 256 bits AES256-SHA256
1248Accepted TLSv1.2 128 bits AES128-SHA
1249Accepted TLSv1.2 256 bits AES256-SHA
1250Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
1251Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
1252Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
1253Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
1254Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
1255Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
1256Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
1257Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
1258Accepted TLSv1.2 256 bits CAMELLIA256-SHA
1259Accepted TLSv1.2 128 bits CAMELLIA128-SHA
1260
1261 SSL Certificate:
1262Signature Algorithm: sha256WithRSAEncryption
1263RSA Key Strength: 2048
1264
1265Subject: kilo.o2switch.net
1266Altnames: DNS:kilo.o2switch.net, DNS:www.kilo.o2switch.net
1267Issuer: cPanel, Inc. Certification Authority
1268
1269Not valid before: Jul 16 00:00:00 2017 GMT
1270Not valid after: Jul 16 23:59:59 2018 GMT
1271#######################################################################################################################################
1272Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:38 EDT
1273NSE: Loaded 47 scripts for scanning.
1274NSE: Script Pre-scanning.
1275Initiating NSE at 03:38
1276Completed NSE at 03:38, 0.00s elapsed
1277Initiating NSE at 03:38
1278Completed NSE at 03:38, 0.00s elapsed
1279Initiating Ping Scan at 03:38
1280Scanning 109.234.162.45 [4 ports]
1281Completed Ping Scan at 03:38, 3.05s elapsed (1 total hosts)
1282Nmap scan report for 109.234.162.45 [host down]
1283NSE: Script Post-scanning.
1284Initiating NSE at 03:38
1285Completed NSE at 03:38, 0.00s elapsed
1286Initiating NSE at 03:38
1287Completed NSE at 03:38, 0.00s elapsed
1288Read data files from: /usr/bin/../share/nmap
1289Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
1290Nmap done: 1 IP address (0 hosts up) scanned in 3.49 seconds
1291 Raw packets sent: 8 (304B) | Rcvd: 0 (0B)
1292#######################################################################################################################################
1293Starting Nmap 7.80 ( https://nmap.org ) at 2019-09-28 03:38 EDT
1294NSE: Loaded 47 scripts for scanning.
1295NSE: Script Pre-scanning.
1296Initiating NSE at 03:38
1297Completed NSE at 03:38, 0.00s elapsed
1298Initiating NSE at 03:38
1299Completed NSE at 03:38, 0.00s elapsed
1300Initiating Parallel DNS resolution of 1 host. at 03:38
1301Completed Parallel DNS resolution of 1 host. at 03:38, 0.02s elapsed
1302Initiating UDP Scan at 03:38
1303Scanning kilo.o2switch.net (109.234.162.45) [15 ports]
1304Completed UDP Scan at 03:38, 2.98s elapsed (15 total ports)
1305Initiating Service scan at 03:38
1306Scanning 13 services on kilo.o2switch.net (109.234.162.45)
1307Service scan Timing: About 7.69% done; ETC: 04:00 (0:19:36 remaining)
1308Completed Service scan at 03:40, 102.58s elapsed (13 services on 1 host)
1309Initiating OS detection (try #1) against kilo.o2switch.net (109.234.162.45)
1310Retrying OS detection (try #2) against kilo.o2switch.net (109.234.162.45)
1311Initiating Traceroute at 03:40
1312Completed Traceroute at 03:40, 7.14s elapsed
1313Initiating Parallel DNS resolution of 1 host. at 03:40
1314Completed Parallel DNS resolution of 1 host. at 03:40, 0.00s elapsed
1315NSE: Script scanning 109.234.162.45.
1316Initiating NSE at 03:40
1317Completed NSE at 03:40, 7.12s elapsed
1318Initiating NSE at 03:40
1319Completed NSE at 03:40, 1.01s elapsed
1320Nmap scan report for kilo.o2switch.net (109.234.162.45)
1321Host is up (0.12s latency).
1322
1323PORT STATE SERVICE VERSION
132453/udp open|filtered domain
132567/udp open|filtered dhcps
132668/udp open|filtered dhcpc
132769/udp open|filtered tftp
132888/udp open|filtered kerberos-sec
1329123/udp open|filtered ntp
1330137/udp filtered netbios-ns
1331138/udp filtered netbios-dgm
1332139/udp open|filtered netbios-ssn
1333161/udp open|filtered snmp
1334162/udp open|filtered snmptrap
1335389/udp open|filtered ldap
1336500/udp open|filtered isakmp
1337|_ike-version: ERROR: Script execution failed (use -d to debug)
1338520/udp open|filtered route
13392049/udp open|filtered nfs
1340Too many fingerprints match this host to give specific OS details
1341
1342TRACEROUTE (using port 138/udp)
1343HOP RTT ADDRESS
13441 107.07 ms 10.230.204.1
13452 ... 3
13464 102.42 ms 10.230.204.1
13475 248.80 ms 10.230.204.1
13486 248.79 ms 10.230.204.1
13497 248.79 ms 10.230.204.1
13508 248.78 ms 10.230.204.1
13519 248.74 ms 10.230.204.1
135210 106.61 ms 10.230.204.1
135311 ... 18
135419 102.72 ms 10.230.204.1
135520 101.93 ms 10.230.204.1
135621 ... 28
135729 179.35 ms 10.230.204.1
135830 102.47 ms 10.230.204.1
1359
1360NSE: Script Post-scanning.
1361Initiating NSE at 03:40
1362Completed NSE at 03:40, 0.00s elapsed
1363Initiating NSE at 03:40
1364Completed NSE at 03:40, 0.00s elapsed
1365Read data files from: /usr/bin/../share/nmap
1366OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1367Nmap done: 1 IP address (1 host up) scanned in 126.38 seconds
1368 Raw packets sent: 149 (10.404KB) | Rcvd: 24 (2.000KB)
1369######################################################################################################################################
1370Hosts
1371=====
1372
1373address mac name os_name os_flavor os_sp purpose info comments
1374------- --- ---- ------- --------- ----- ------- ---- --------
1375109.234.162.45 kilo.o2switch.net Unknown device
1376
1377Services
1378========
1379
1380host port proto name state info
1381---- ---- ----- ---- ----- ----
1382109.234.162.45 53 udp domain unknown
1383109.234.162.45 67 udp dhcps unknown
1384109.234.162.45 68 udp dhcpc unknown
1385109.234.162.45 69 udp tftp unknown
1386109.234.162.45 88 udp kerberos-sec unknown
1387109.234.162.45 123 udp ntp unknown
1388109.234.162.45 137 udp netbios-ns filtered
1389109.234.162.45 138 udp netbios-dgm filtered
1390109.234.162.45 139 udp netbios-ssn unknown
1391109.234.162.45 161 udp snmp unknown
1392109.234.162.45 162 udp snmptrap unknown
1393109.234.162.45 389 udp ldap unknown
1394109.234.162.45 500 udp isakmp unknown
1395109.234.162.45 520 udp route unknown
1396109.234.162.45 2049 udp nfs unknown
1397######################################################################################################################################
1398[+] URL: http://gltmf.eu/
1399[+] Started: Sat Sep 28 02:39:00 2019
1400
1401Interesting Finding(s):
1402
1403[+] http://gltmf.eu/
1404 | Interesting Entry: Server: o2switch PowerBoost
1405 | Found By: Headers (Passive Detection)
1406 | Confidence: 100%
1407
1408[+] http://gltmf.eu/robots.txt
1409 | Interesting Entries:
1410 | - /wp-admin/
1411 | - /wp-admin/admin-ajax.php
1412 | Found By: Robots Txt (Aggressive Detection)
1413 | Confidence: 100%
1414
1415[+] http://gltmf.eu/xmlrpc.php
1416 | Found By: Link Tag (Passive Detection)
1417 | Confidence: 100%
1418 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
1419 | References:
1420 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1421 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1422 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1423 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1424 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1425
1426[+] Upload directory has listing enabled: http://gltmf.eu/wp-content/uploads/
1427 | Found By: Direct Access (Aggressive Detection)
1428 | Confidence: 100%
1429
1430[+] http://gltmf.eu/wp-cron.php
1431 | Found By: Direct Access (Aggressive Detection)
1432 | Confidence: 60%
1433 | References:
1434 | - https://www.iplocation.net/defend-wordpress-from-ddos
1435 | - https://github.com/wpscanteam/wpscan/issues/1299
1436
1437[+] WordPress version 5.2.3 identified (Latest, released on 2019-09-05).
1438 | Detected By: Query Parameter In Install Page (Aggressive Detection)
1439 | - http://gltmf.eu/wp-includes/css/dashicons.min.css?ver=5.2.3
1440 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1441 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1442 | Confirmed By: Query Parameter In Upgrade Page (Aggressive Detection)
1443 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1444 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1445
1446[+] WordPress theme in use: enfold
1447 | Location: http://gltmf.eu/wp-content/themes/enfold/
1448 | Style URL: http://gltmf.eu/wp-content/themes/enfold/style.css
1449 | Style Name: Enfold
1450 | Style URI: www.kriesi.at/themes/enfold/
1451 | Description: <strong>A superflexible and responsive Business Theme by Kriesi</strong> - <br/> Update notification...
1452 | Author: Kriesi
1453 | Author URI: http://www.kriesi.at
1454 |
1455 | Detected By: Urls In Homepage (Passive Detection)
1456 |
1457 | Version: 3.7.1 (80% confidence)
1458 | Detected By: Style (Passive Detection)
1459 | - http://gltmf.eu/wp-content/themes/enfold/style.css, Match: 'Version: 3.7.1'
1460
1461[+] Enumerating All Plugins (via Passive Methods)
1462[+] Checking Plugin Versions (via Passive and Aggressive Methods)
1463
1464[i] Plugin(s) Identified:
1465
1466[+] wordfence
1467 | Location: http://gltmf.eu/wp-content/plugins/wordfence/
1468 | Latest Version: 7.4.0 (up to date)
1469 | Last Updated: 2019-08-22T15:25:00.000Z
1470 |
1471 | Detected By: Javascript Var (Passive Detection)
1472 |
1473 | Version: 7.4.0 (80% confidence)
1474 | Detected By: Readme - Stable Tag (Aggressive Detection)
1475 | - http://gltmf.eu/wp-content/plugins/wordfence/readme.txt
1476
1477[+] wordpress-seo
1478 | Location: http://gltmf.eu/wp-content/plugins/wordpress-seo/
1479 | Last Updated: 2019-09-17T09:09:00.000Z
1480 | [!] The version is out of date, the latest version is 12.1
1481 |
1482 | Detected By: Comment (Passive Detection)
1483 |
1484 | Version: 11.8 (100% confidence)
1485 | Detected By: Comment (Passive Detection)
1486 | - http://gltmf.eu/, Match: 'optimized with the Yoast SEO plugin v11.8 -'
1487 | Confirmed By:
1488 | Readme - Stable Tag (Aggressive Detection)
1489 | - http://gltmf.eu/wp-content/plugins/wordpress-seo/readme.txt
1490 | Readme - ChangeLog Section (Aggressive Detection)
1491 | - http://gltmf.eu/wp-content/plugins/wordpress-seo/readme.txt
1492
1493[+] youtube-video-player
1494 | Location: http://gltmf.eu/wp-content/plugins/youtube-video-player/
1495 | Latest Version: 2.1.3 (up to date)
1496 | Last Updated: 2019-07-08T17:52:00.000Z
1497 |
1498 | Detected By: Urls In Homepage (Passive Detection)
1499 |
1500 | Version: 2.1.3 (80% confidence)
1501 | Detected By: Readme - Stable Tag (Aggressive Detection)
1502 | - http://gltmf.eu/wp-content/plugins/youtube-video-player/readme.txt
1503
1504[+] Enumerating Config Backups (via Passive and Aggressive Methods)
1505 Checking Config Backups - Time: 00:00:02 <=============> (21 / 21) 100.00% Time: 00:00:02
1506
1507[i] No Config Backups Found.
1508
1509[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1510[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1511
1512[+] Finished: Sat Sep 28 02:39:25 2019
1513[+] Requests Done: 53
1514[+] Cached Requests: 22
1515[+] Data Sent: 15.113 KB
1516[+] Data Received: 387.745 KB
1517[+] Memory used: 163.344 MB
1518[+] Elapsed time: 00:00:24
1519######################################################################################################################################
1520
1521[+] URL: http://gltmf.eu/
1522[+] Started: Sat Sep 28 02:38:55 2019
1523
1524Interesting Finding(s):
1525
1526[+] http://gltmf.eu/
1527 | Interesting Entry: Server: o2switch PowerBoost
1528 | Found By: Headers (Passive Detection)
1529 | Confidence: 100%
1530
1531[+] http://gltmf.eu/robots.txt
1532 | Interesting Entries:
1533 | - /wp-admin/
1534 | - /wp-admin/admin-ajax.php
1535 | Found By: Robots Txt (Aggressive Detection)
1536 | Confidence: 100%
1537
1538[+] http://gltmf.eu/xmlrpc.php
1539 | Found By: Link Tag (Passive Detection)
1540 | Confidence: 100%
1541 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
1542 | References:
1543 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1544 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1545 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1546 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1547 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1548
1549[+] Upload directory has listing enabled: http://gltmf.eu/wp-content/uploads/
1550 | Found By: Direct Access (Aggressive Detection)
1551 | Confidence: 100%
1552
1553[+] http://gltmf.eu/wp-cron.php
1554 | Found By: Direct Access (Aggressive Detection)
1555 | Confidence: 60%
1556 | References:
1557 | - https://www.iplocation.net/defend-wordpress-from-ddos
1558 | - https://github.com/wpscanteam/wpscan/issues/1299
1559
1560[+] WordPress version 5.2.3 identified (Latest, released on 2019-09-05).
1561 | Detected By: Query Parameter In Install Page (Aggressive Detection)
1562 | - http://gltmf.eu/wp-includes/css/dashicons.min.css?ver=5.2.3
1563 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1564 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1565 | Confirmed By: Query Parameter In Upgrade Page (Aggressive Detection)
1566 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1567 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1568
1569[+] WordPress theme in use: enfold
1570 | Location: http://gltmf.eu/wp-content/themes/enfold/
1571 | Style URL: http://gltmf.eu/wp-content/themes/enfold/style.css
1572 | Style Name: Enfold
1573 | Style URI: www.kriesi.at/themes/enfold/
1574 | Description: <strong>A superflexible and responsive Business Theme by Kriesi</strong> - <br/> Update notification...
1575 | Author: Kriesi
1576 | Author URI: http://www.kriesi.at
1577 |
1578 | Detected By: Urls In Homepage (Passive Detection)
1579 |
1580 | Version: 3.7.1 (80% confidence)
1581 | Detected By: Style (Passive Detection)
1582 | - http://gltmf.eu/wp-content/themes/enfold/style.css, Match: 'Version: 3.7.1'
1583
1584[+] Enumerating Users (via Passive and Aggressive Methods)
1585 Brute Forcing Author IDs - Time: 00:00:02 <==> (10 / 10) 100.00% Time: 00:00:02
1586
1587[i] User(s) Identified:
1588
1589[+] Xanades
1590 | Detected By: Rss Generator (Passive Detection)
1591 | Confirmed By: Rss Generator (Aggressive Detection)
1592
1593[+] 74aszz0oo0bl0bgad7u9
1594 | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
1595 | - http://gltmf.eu/author-sitemap.xml
1596
1597[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1598[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1599
1600[+] Finished: Sat Sep 28 02:39:27 2019
1601[+] Requests Done: 58
1602[+] Cached Requests: 8
1603[+] Data Sent: 15.627 KB
1604[+] Data Received: 402.834 KB
1605[+] Memory used: 138.422 MB
1606[+] Elapsed time: 00:00:31
1607#######################################################################################################################################
1608[+] URL: http://gltmf.eu/
1609[+] Started: Sat Sep 28 02:41:22 2019
1610
1611Interesting Finding(s):
1612
1613[+] http://gltmf.eu/
1614 | Interesting Entry: Server: o2switch PowerBoost
1615 | Found By: Headers (Passive Detection)
1616 | Confidence: 100%
1617
1618[+] http://gltmf.eu/robots.txt
1619 | Interesting Entries:
1620 | - /wp-admin/
1621 | - /wp-admin/admin-ajax.php
1622 | Found By: Robots Txt (Aggressive Detection)
1623 | Confidence: 100%
1624
1625[+] http://gltmf.eu/xmlrpc.php
1626 | Found By: Link Tag (Passive Detection)
1627 | Confidence: 100%
1628 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
1629 | References:
1630 | - http://codex.wordpress.org/XML-RPC_Pingback_API
1631 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
1632 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
1633 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
1634 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
1635
1636[+] Upload directory has listing enabled: http://gltmf.eu/wp-content/uploads/
1637 | Found By: Direct Access (Aggressive Detection)
1638 | Confidence: 100%
1639
1640[+] http://gltmf.eu/wp-cron.php
1641 | Found By: Direct Access (Aggressive Detection)
1642 | Confidence: 60%
1643 | References:
1644 | - https://www.iplocation.net/defend-wordpress-from-ddos
1645 | - https://github.com/wpscanteam/wpscan/issues/1299
1646
1647[+] WordPress version 5.2.3 identified (Latest, released on 2019-09-05).
1648 | Detected By: Query Parameter In Install Page (Aggressive Detection)
1649 | - http://gltmf.eu/wp-includes/css/dashicons.min.css?ver=5.2.3
1650 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1651 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1652 | Confirmed By: Query Parameter In Upgrade Page (Aggressive Detection)
1653 | - http://gltmf.eu/wp-includes/css/buttons.min.css?ver=5.2.3
1654 | - http://gltmf.eu/wp-admin/css/install.min.css?ver=5.2.3
1655
1656[+] WordPress theme in use: enfold
1657 | Location: http://gltmf.eu/wp-content/themes/enfold/
1658 | Style URL: http://gltmf.eu/wp-content/themes/enfold/style.css
1659 | Style Name: Enfold
1660 | Style URI: www.kriesi.at/themes/enfold/
1661 | Description: <strong>A superflexible and responsive Business Theme by Kriesi</strong> - <br/> Update notification...
1662 | Author: Kriesi
1663 | Author URI: http://www.kriesi.at
1664 |
1665 | Detected By: Urls In Homepage (Passive Detection)
1666 |
1667 | Version: 3.7.1 (80% confidence)
1668 | Detected By: Style (Passive Detection)
1669 | - http://gltmf.eu/wp-content/themes/enfold/style.css, Match: 'Version: 3.7.1'
1670
1671[+] Enumerating Users (via Passive and Aggressive Methods)
1672 Brute Forcing Author IDs - Time: 00:00:01 <============> (10 / 10) 100.00% Time: 00:00:01
1673
1674[i] User(s) Identified:
1675
1676[+] Xanades
1677 | Detected By: Rss Generator (Passive Detection)
1678 | Confirmed By: Rss Generator (Aggressive Detection)
1679
1680[+] 74aszz0oo0bl0bgad7u9
1681 | Detected By: Yoast Seo Author Sitemap (Aggressive Detection)
1682 | - http://gltmf.eu/author-sitemap.xml
1683
1684[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
1685[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
1686
1687[+] Finished: Sat Sep 28 02:41:30 2019
1688[+] Requests Done: 13
1689[+] Cached Requests: 52
1690[+] Data Sent: 3.339 KB
1691[+] Data Received: 23.764 KB
1692[+] Memory used: 139.508 MB
1693[+] Elapsed time: 00:00:08
1694#######################################################################################################################################
1695[INFO] ------TARGET info------
1696[*] TARGET: http://gltmf.eu/
1697[*] TARGET IP: 109.234.162.45
1698[INFO] NO load balancer detected for gltmf.eu...
1699[*] DNS servers: ns1.o2switch.net.
1700[*] TARGET server: o2switch PowerBoost
1701[*] CC: FR
1702[*] Country: France
1703[*] RegionCode: ARA
1704[*] RegionName: Auvergne-Rhone-Alpes
1705[*] City: Clermont-Ferrand
1706[*] ASN: AS50474
1707[*] BGP_PREFIX: 109.234.162.0/24
1708[*] ISP: O2SWITCH O2SWITCH SARL, FR
1709[INFO] DNS enumeration:
1710[*] ftp.gltmf.eu 109.234.162.45
1711[*] mail.gltmf.eu gltmf.eu. 109.234.162.45
1712[*] webmail.gltmf.eu 109.234.162.45
1713[INFO] Possible abuse mails are:
1714[*] abuse@gltmf.eu
1715[*] postmaster@o2switch.fr
1716[INFO] NO PAC (Proxy Auto Configuration) file FOUND
1717[ALERT] robots.txt file FOUND in http://gltmf.eu/robots.txt
1718[INFO] Checking for HTTP status codes recursively from http://gltmf.eu/robots.txt
1719[INFO] Status code Folders
1720[INFO] Starting FUZZing in http://gltmf.eu/FUzZzZzZzZz...
1721[INFO] Status code Folders
1722[ALERT] Look in the source code. It may contain passwords
1723[ALERT] Content in http://gltmf.eu/ AND http://www.gltmf.eu/ is different
1724[INFO] MD5 for http://gltmf.eu/ is: d7598cc5917a59449e8a18794668b3de
1725[INFO] MD5 for http://www.gltmf.eu/ is: e24782f9edbb67fd8f8e38d4a9deaf5e
1726[INFO] http://gltmf.eu/ redirects to http://gltmf.eu/
1727[INFO] http://www.gltmf.eu/ redirects to http://gltmf.eu/
1728[INFO] Links found from http://gltmf.eu/ http://109.234.162.45/:
1729[*] http://gltmf.eu/
1730[*] http://gltmf.eu/category/actualites/
1731[*] http://gltmf.eu/comments/feed/
1732[*] http://gltmf.eu/constitution-historique/
1733[*] http://gltmf.eu/contact/
1734[*] http://gltmf.eu/devenir-franc-macon/
1735[*] http://gltmf.eu/etre-franc-macon/
1736[*] http://gltmf.eu/feed/
1737[*] http://gltmf.eu/g-l-t-m-f-histoire-dune-naissance/
1738[*] http://gltmf.eu/gltmf-thailande/
1739[*] http://gltmf.eu/gltmf-thailande-bangkok/
1740[*] http://gltmf.eu/gltmf-thailande-contact/
1741[*] http://gltmf.eu/gltmf-thailande-organisation/
1742[*] http://gltmf.eu/gltmf-thailande-phuket/
1743[*] http://gltmf.eu/gltmf-thailande-udonthani/
1744[*] http://gltmf.eu/la-confederation-mediterraneenne/
1745[*] http://gltmf.eu/la-regle-en-12-points/
1746[*] http://gltmf.eu/le-secret-maconnique/
1747[*] http://gltmf.eu/les-rites-pratiques/
1748[*] http://gltmf.eu/lumiere-assassinee/
1749[*] http://gltmf.eu/nos-grands-maitres/
1750[*] http://gltmf.eu/nos-statuts-reglements/
1751[*] http://gltmf.eu/presentation-grandes-loges/
1752[*] http://gltmf.eu/quest-ce-que-la-franc-maconnerie/
1753[*] http://gltmf.eu/telechargements/
1754[*] http://gltmf.eu/#top
1755[*] http://gltmf.eu/tradition-modernite/
1756[*] http://gltmf.eu/wp-content/uploads/2016/08/01.jpg
1757[*] http://gltmf.eu/wp-content/uploads/2016/08/02.jpg
1758[*] http://gltmf.eu/wp-content/uploads/2016/08/03.jpg
1759[*] http://gltmf.eu/wp-content/uploads/2016/08/04.jpg
1760[*] http://gltmf.eu/wp-json/oembed/1.0/embed?url=http://gltmf.eu/
1761[*] http://gltmf.eu/wp-json/oembed/1.0/embed?url=http://gltmf.eu/&format=xml
1762[*] http://jeanbaptistekleber.com/loge-jean-baptiste-kleber/
1763[*] https://kilo.o2switch.net:2083/
1764[*] http://www.gltmf.oxatis.com/
1765[INFO] GOOGLE has 3,050 results (0.20 seconds) about http://gltmf.eu/
1766[INFO] Shodan detected the following opened ports on 109.234.162.45:
1767[*] 1
1768[*] 110
1769[*] 143
1770[*] 2082
1771[*] 2083
1772[*] 21
1773[*] 25
1774[*] 26
1775[*] 3306
1776[*] 4
1777[*] 443
1778[*] 465
1779[*] 587
1780[*] 80
1781[*] 995
1782[INFO] ------VirusTotal SECTION------
1783[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
1784[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
1785[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
1786[INFO] ------Alexa Rank SECTION------
1787[INFO] Percent of Visitors Rank in Country:
1788[INFO] Percent of Search Traffic:
1789[INFO] Percent of Unique Visits:
1790[INFO] Total Sites Linking In:
1791[*] Total Sites
1792[INFO] Useful links related to gltmf.eu - 109.234.162.45:
1793[*] https://www.virustotal.com/pt/ip-address/109.234.162.45/information/
1794[*] https://www.hybrid-analysis.com/search?host=109.234.162.45
1795[*] https://www.shodan.io/host/109.234.162.45
1796[*] https://www.senderbase.org/lookup/?search_string=109.234.162.45
1797[*] https://www.alienvault.com/open-threat-exchange/ip/109.234.162.45
1798[*] http://pastebin.com/search?q=109.234.162.45
1799[*] http://urlquery.net/search.php?q=109.234.162.45
1800[*] http://www.alexa.com/siteinfo/gltmf.eu
1801[*] http://www.google.com/safebrowsing/diagnostic?site=gltmf.eu
1802[*] https://censys.io/ipv4/109.234.162.45
1803[*] https://www.abuseipdb.com/check/109.234.162.45
1804[*] https://urlscan.io/search/#109.234.162.45
1805[*] https://github.com/search?q=109.234.162.45&type=Code
1806[INFO] Useful links related to AS50474 - 109.234.162.0/24:
1807[*] http://www.google.com/safebrowsing/diagnostic?site=AS:50474
1808[*] https://www.senderbase.org/lookup/?search_string=109.234.162.0/24
1809[*] http://bgp.he.net/AS50474
1810[*] https://stat.ripe.net/AS50474
1811[INFO] Date: 28/09/19 | Time: 02:43:26
1812[INFO] Total time: 1 minute(s) and 24 second(s)
1813#####################################################################################################################################
1814[*] Load target domain: gltmf.eu
1815 - starting scanning @ 2019-09-28 02:43:47
1816
1817[+] Running & Checking source to be used
1818---------------------------------------------
1819
1820 ⍥ Shodan [ ✕ ]
1821 ⍥ Webarchive [ ✔ ]
1822 ⍥ Certspotter [ ✔ ]
1823 ⍥ Bufferover [ ✔ ]
1824 ⍥ Riddler [ ✔ ]
1825 ⍥ Censys [ ✕ ]
1826 ⍥ Entrust [ ✔ ]
1827 ⍥ Threatminer [ ✔ ]
1828 ⍥ Securitytrails [ ✕ ]
1829 ⍥ Threatcrowd [ ✔ ]
1830 ⍥ Certsh [ ✔ ]
1831 ⍥ Hackertarget [ ✔ ]
1832 ⍥ Binaryedge [ ✕ ]
1833 ⍥ Dnsdumpster [ ✔ ]
1834 ⍥ Virustotal [ ✕ ]
1835jq: error (at <stdin>:0): Cannot iterate over null (null)
1836 ⍥ Findsubdomain [ ✔ ]
1837
1838[+] Get & Count subdomain total From source
1839---------------------------------------------
1840
1841 ⍥ Hackertarget: Total Subdomain (1)
1842 ⍥ Findsubdomain: Total Subdomain (1)
1843 ⍥ Certspotter: Total Subdomain (3)
1844 ⍥ Threatminer: Total Subdomain (0)
1845 ⍥ Certsh: Total Subdomain (2)
1846 ⍥ BufferOver: Total Subdomain (2)
1847 ⍥ Entrust: Total Subdomain (1)
1848 ⍥ Threatcrowd: Total Subdomain (0)
1849 ⍥ Dnsdumpster: Total Subdomain (4)
1850 ⍥ Riddler: Total Subdomain (0)
1851 ⍥ Webarchive: Total Subdomain (1)
1852
1853[+] Parsing & Sorting list Domain
1854---------------------------------------------
1855
1856 ⍥ Total [4]
1857
1858 - 0 gltmf.eu.
1859 - gltmf.eu
1860 - mail.gltmf.eu
1861 - www.gltmf.eu
1862
1863 ⍥ Total [4]
1864
1865[+] Probe subdomain for working on http/https
1866---------------------------------------------
1867
1868 - https://www.gltmf.eu
1869 - http://gltmf.eu
1870 - http://mail.gltmf.eu
1871 - https://gltmf.eu
1872 - http://www.gltmf.eu
1873 - https://mail.gltmf.eu
1874
1875 ⍥ Total [6]
1876
1877
1878[+] Check Live Host: Ping Sweep - ICMP PING
1879---------------------------------------------
1880
1881 ⍥ [LIVE] 0
1882 ⍥ [DEAD] gltmf.eu.
1883 ⍥ [DEAD] gltmf.eu
1884 ⍥ [DEAD] mail.gltmf.eu
1885 ⍥ [DEAD] www.gltmf.eu
1886
1887[+] Check Resolving: Subdomains & Domains
1888---------------------------------------------
1889
1890 ⍥ Resolving domains to: RESOLVE ERROR
1891 ⍥ Resolving domains to: 109.234.162.45
1892 ⍥ Resolving domains to: 109.234.162.45
1893 ⍥ Resolving domains to: 109.234.162.45
1894 ⍥ Resolving domains to: 109.234.162.45
1895
1896[+] Subdomain TakeOver - Check Possible Vulns
1897---------------------------------------------
1898
1899 ⍥ [FAILS] En: Unknown http://gltmf.eu
1900 ⍥ [FAILS] En: Unknown http://www.gltmf.eu
1901 ⍥ [FAILS] En: Unknown https://mail.gltmf.eu
1902 ⍥ [FAILS] En: Unknown http://mail.gltmf.eu
1903 ⍥ [FAILS] En: Unknown https://www.gltmf.eu
1904 ⍥ [FAILS] En: Unknown https://gltmf.eu
1905
1906[+] Checks status code on port 80 and 443
1907---------------------------------------------
1908
1909 ⍥ [200] http://gltmf.eu
1910 ⍥ [301] http://www.gltmf.eu
1911 ⍥ [301] https://mail.gltmf.eu
1912 ⍥ [301] http://mail.gltmf.eu
1913 ⍥ [301] https://www.gltmf.eu
1914 ⍥ [200] https://gltmf.eu
1915
1916[+] Web Screenshots: from domain list
1917---------------------------------------------
1918
1919[+] 6 URLs to be screenshot
1920
1921[+] 6 actual URLs screenshot
1922[+] 0 error(s)
1923
1924[+] Generate Reports: Make report into HTML
1925---------------------------------------------
1926
1927 ⍥ Make template for reports
1928 - output/09-28-2019/gltmf.eu/reports
1929
1930 ⍥ Successful Created ..
1931
1932[+] Sud⍥my has been sucessfully completed
1933---------------------------------------------
1934
1935 ⍥ Location output:
1936 - output/09-28-2019/gltmf.eu
1937 - output/09-28-2019/gltmf.eu/report
1938 - output/09-28-2019/gltmf.eu/screenshots
1939######################################################################################################################################
1940[I] Threads: 5
1941[-] Target: http://gltmf.eu (109.234.162.45)
1942[M] Website Not in HTTPS: http://gltmf.eu
1943[I] Server: o2switch PowerBoost
1944[L] X-Frame-Options: Not Enforced
1945[I] Strict-Transport-Security: Not Enforced
1946[I] X-Content-Security-Policy: Not Enforced
1947[I] X-Content-Type-Options: Not Enforced
1948[L] Robots.txt Found: http://gltmf.eu/robots.txt
1949[I] CMS Detection: WordPress
1950[I] Wordpress Theme: enfold
1951[-] WordPress usernames identified:
1952[M] Xanades
1953[M] XML-RPC services are enabled
1954[I] Autocomplete Off Not Found: http://gltmf.eu/wp-login.php
1955[-] Default WordPress Files:
1956[I] http://gltmf.eu/license.txt
1957[I] http://gltmf.eu/wp-includes/ID3/license.commercial.txt
1958[I] http://gltmf.eu/wp-includes/ID3/license.txt
1959[I] http://gltmf.eu/wp-includes/ID3/readme.txt
1960[I] http://gltmf.eu/wp-includes/images/crystal/license.txt
1961[I] http://gltmf.eu/wp-includes/js/plupload/license.txt
1962[I] http://gltmf.eu/wp-includes/js/swfupload/license.txt
1963[I] http://gltmf.eu/wp-includes/js/tinymce/license.txt
1964[-] Searching Wordpress Plugins ...
1965[I] youtube-video-player v2.1.3
1966[I] Checking for Directory Listing Enabled ...
1967[L] http://gltmf.eu/wp-admin/css
1968[L] http://gltmf.eu/wp-admin/images
1969[L] http://gltmf.eu/wp-admin/includes
1970[L] http://gltmf.eu/wp-admin/js
1971[L] http://gltmf.eu/wp-admin/maint
1972[L] http://gltmf.eu/wp-includes
1973[L] http://gltmf.eu/wp-includes/ID3
1974[L] http://gltmf.eu/wp-includes/IXR
1975[L] http://gltmf.eu/wp-includes/Requests
1976[L] http://gltmf.eu/wp-includes/SimplePie
1977[L] http://gltmf.eu/wp-includes/Text
1978[L] http://gltmf.eu/wp-includes/blocks
1979[L] http://gltmf.eu/wp-includes/certificates
1980[L] http://gltmf.eu/wp-includes/css
1981[L] http://gltmf.eu/wp-includes/customize
1982[L] http://gltmf.eu/wp-includes/fonts
1983[L] http://gltmf.eu/wp-includes/images
1984[L] http://gltmf.eu/wp-includes/js
1985[L] http://gltmf.eu/wp-includes/pomo
1986[L] http://gltmf.eu/wp-includes/random_compat
1987[L] http://gltmf.eu/wp-includes/rest-api
1988[L] http://gltmf.eu/wp-includes/sodium_compat
1989[L] http://gltmf.eu/wp-includes/theme-compat
1990[L] http://gltmf.eu/wp-includes/widgets
1991[L] http://gltmf.eu/wp-content/plugins/youtube-video-player
1992[-] Date & Time: 28/09/2019 02:45:25
1993[-] Completed in: 0:06:14
1994#######################################################################################################################################
1995 Anonymous #OpKilluminati JTSEC Full Recon #12