Anonymous JTSEC #OpIsis Full Recon #10

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.islahhaber.net ISP Choopa, LLC
4. Continent Europe Flag
5. NL
6. Country Netherlands Country Code NL
7. Region North Holland Local time 31 Jan 2019 23:47 CET
8. City Amsterdam Postal Code 1091
9. IP Address 45.32.187.95 Latitude 52.356
10. =======================================================================================================================================
11. #######################################################################################################################################
12. > www.islahhaber.net
13. Server: 38.132.106.139
14. Address: 38.132.106.139#53
15.  
16. Non-authoritative answer:
17. www.islahhaber.net canonical name = islahhaber.net.
18. Name: islahhaber.net
19. Address: 45.32.187.95
20. >
21. #######################################################################################################################################
22. HostIP:45.32.187.95
23. HostName:www.islahhaber.net
24.  
25. Gathered Inet-whois information for 45.32.187.95
26. ---------------------------------------------------------------------------------------------------------------------------------------
27.  
28.  
29. inetnum: 45.16.0.0 - 45.43.63.255
30. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
31. descr: IPv4 address block not managed by the RIPE NCC
32. remarks: ------------------------------------------------------
33. remarks:
34. remarks: For registration information,
35. remarks: you can consult the following sources:
36. remarks:
37. remarks: IANA
38. remarks: http://www.iana.org/assignments/ipv4-address-space
39. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
40. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
41. remarks:
42. remarks: AFRINIC (Africa)
43. remarks: http://www.afrinic.net/ whois.afrinic.net
44. remarks:
45. remarks: APNIC (Asia Pacific)
46. remarks: http://www.apnic.net/ whois.apnic.net
47. remarks:
48. remarks: ARIN (Northern America)
49. remarks: http://www.arin.net/ whois.arin.net
50. remarks:
51. remarks: LACNIC (Latin America and the Carribean)
52. remarks: http://www.lacnic.net/ whois.lacnic.net
53. remarks:
54. remarks: ------------------------------------------------------
55. country: EU # Country is really world wide
56. admin-c: IANA1-RIPE
57. tech-c: IANA1-RIPE
58. status: ALLOCATED UNSPECIFIED
59. mnt-by: RIPE-NCC-HM-MNT
60. created: 2019-01-07T10:46:39Z
61. last-modified: 2019-01-07T10:46:39Z
62. source: RIPE
63.  
64. role: Internet Assigned Numbers Authority
65. address: see http://www.iana.org.
66. admin-c: IANA1-RIPE
67. tech-c: IANA1-RIPE
68. nic-hdl: IANA1-RIPE
69. remarks: For more information on IANA services
70. remarks: go to IANA web site at http://www.iana.org.
71. mnt-by: RIPE-NCC-MNT
72. created: 1970-01-01T00:00:00Z
73. last-modified: 2001-09-22T09:31:27Z
74. source: RIPE # Filtered
75.  
76. % This query was served by the RIPE Database Query Service version 1.92.6 (WAGYU)
77.  
78.  
79.  
80. Gathered Inic-whois information for islahhaber.net
81. ---------------------------------------------------------------------------------------------------------------------------------------
82. Domain Name: ISLAHHABER.NET
83. Registry Domain ID: 1741971176_DOMAIN_NET-VRSN
84. Registrar WHOIS Server: whois.isimtescil.net
85. Registrar URL: http://www.isimtescil.net
86. Updated Date: 2017-09-27T21:40:57Z
87. Creation Date: 2012-09-01T14:54:55Z
88. Registry Expiry Date: 2019-09-01T14:54:55Z
89. Registrar: FBS Inc.
90. Registrar IANA ID: 1110
91. Registrar Abuse Contact Email: abuse@domaintime.biz
92. Registrar Abuse Contact Phone: +90.8502000444
93. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
94. Name Server: PDNS07.DOMAINCONTROL.COM
95. Name Server: PDNS08.DOMAINCONTROL.COM
96. DNSSEC: unsigned
97. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
98. >>> Last update of whois database: 2019-01-31T22:55:16Z <<<
99.  
100. For more information on Whois status codes, please visit https://icann.org/epp
101.  
102. NOTICE: The expiration date displayed in this record is the date the
103. registrar's sponsorship of the domain name registration in the registry is
104. currently set to expire. This date does not necessarily reflect the expiration
105. date of the domain name registrant's agreement with the sponsoring
106. registrar. Users may consult the sponsoring registrar's Whois database to
107. view the registrar's reported date of expiration for this registration.
108.  
109. TERMS OF USE: You are not authorized to access or query our Whois
110. database through the use of electronic processes that are high-volume and
111. automated except as reasonably necessary to register domain names or
112. modify existing registrations; the Data in VeriSign Global Registry
113. Services' ("VeriSign") Whois database is provided by VeriSign for
114. information purposes only, and to assist persons in obtaining information
115. about or related to a domain name registration record. VeriSign does not
116. guarantee its accuracy. By submitting a Whois query, you agree to abide
117. by the following terms of use: You agree that you may use this Data only
118. for lawful purposes and that under no circumstances will you use this Data
119. to: (1) allow, enable, or otherwise support the transmission of mass
120. unsolicited, commercial advertising or solicitations via e-mail, telephone,
121. or facsimile; or (2) enable high volume, automated, electronic processes
122. that apply to VeriSign (or its computer systems). The compilation,
123. repackaging, dissemination or other use of this Data is expressly
124. prohibited without the prior written consent of VeriSign. You agree not to
125. use electronic processes that are automated and high-volume to access or
126. query the Whois database except as reasonably necessary to register
127. domain names or modify existing registrations. VeriSign reserves the right
128. to restrict your access to the Whois database in its sole discretion to ensure
129. operational stability. VeriSign may restrict or terminate your access to the
130. Whois database for failure to abide by these terms of use. VeriSign
131. reserves the right to modify these terms at any time.
132.  
133. The Registry database contains ONLY .COM, .NET, .EDU domains and
134. Registrars.
135.  
136. Gathered Netcraft information for www.islahhaber.net
137. ---------------------------------------------------------------------------------------------------------------------------------------
138.  
139. Retrieving Netcraft.com information for www.islahhaber.net
140. Netcraft.com Information gathered
141.  
142. Gathered Subdomain information for islahhaber.net
143. ---------------------------------------------------------------------------------------------------------------------------------------
144. Searching Google.com:80...
145. HostName:www.islahhaber.net
146. HostIP:45.32.187.95
147. Searching Altavista.com:80...
148. Found 1 possible subdomain(s) for host islahhaber.net, Searched 0 pages containing 0 results
149.  
150. Gathered E-Mail information for islahhaber.net
151. ---------------------------------------------------------------------------------------------------------------------------------------
152. Searching Google.com:80...
153. Searching Altavista.com:80...
154. Found 0 E-Mail(s) for host islahhaber.net, Searched 0 pages containing 0 results
155.  
156. Gathered TCP Port information for 45.32.187.95
157. ---------------------------------------------------------------------------------------------------------------------------------------
158.  
159. Port State
160.  
161. 21/tcp open
162. 53/tcp open
163. 80/tcp open
164. 88/tcp open
165. 135/tcp open
166.  
167. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
168. #######################################################################################################################################
169. [+] Scanning Begins ...
170. [i] Scanning Site: https://www.islahhaber.net
171.  
172.  
173.  
174. B A S I C I N F O
175. =======================================================================================================================================
176.  
177.  
178. [+] Site Title: ISLAH HABER | Haber var islah eder, haber var ifsad eder
179. [+] IP address: 45.32.187.95
180. [+] Web Server: Microsoft-IIS/8.5
181. [+] CMS: Could Not Detect
182. [+] Cloudflare: Not Detected
183. [+] Robots File: Found
184.  
185. -------------[ contents ]----------------
186. User-agent: *
187. Disallow: /Admin/
188. Disallow: /Bin/
189. Disallow: /Services/
190. Disallow: /ckeditor/
191. Disallow: /ckfinder/
192. Disallow: /bloklar/yorum/
193. Disallow: /bloklar/anket/
194. Disallow: /bloklarmobil/yorum/
195. User-agent: Googlebot
196. Allow: /
197. User-agent: Googlebot-News
198. Allow: /
199. User-agent: Googlebot-Image
200. Allow: /
201. User-agent: Googlebot-Video
202. Allow: /
203. User-agent: Googlebot-Mobile
204. Allow: /
205. User-agent: Mediapartners-Google
206. Allow: /
207. User-agent: Adsbot-Google
208. Allow: /
209. User-agent: ia_archiver-web.archive.org
210. Allow: /
211. User-agent: Yandex
212. Allow: /
213. Sitemap:http://www.islahhaber.net/sitemap.xml
214. -----------[end of contents]-------------
215.  
216.  
217.  
218. W H O I S L O O K U P
219. =======================================================================================================================================
220.  
221. Domain Name: ISLAHHABER.NET
222. Registry Domain ID: 1741971176_DOMAIN_NET-VRSN
223. Registrar WHOIS Server: whois.isimtescil.net
224. Registrar URL: http://www.isimtescil.net
225. Updated Date: 2017-09-27T21:40:57Z
226. Creation Date: 2012-09-01T14:54:55Z
227. Registry Expiry Date: 2019-09-01T14:54:55Z
228. Registrar: FBS Inc.
229. Registrar IANA ID: 1110
230. Registrar Abuse Contact Email: abuse@domaintime.biz
231. Registrar Abuse Contact Phone: +90.8502000444
232. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
233. Name Server: PDNS07.DOMAINCONTROL.COM
234. Name Server: PDNS08.DOMAINCONTROL.COM
235. DNSSEC: unsigned
236. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
237. >>> Last update of whois database: 2019-01-31T22:55:31Z <<<
238.  
239. For more information on Whois status codes, please visit https://icann.org/epp
240.  
241.  
242.  
243. The Registry database contains ONLY .COM, .NET, .EDU domains and
244. Registrars.
245.  
246.  
247.  
248.  
249. G E O I P L O O K U P
250. =======================================================================================================================================
251.  
252. [i] IP Address: 45.32.187.95
253. [i] Country: Netherlands
254. [i] State: North Holland
255. [i] City: Amsterdam
256. [i] Latitude: 52.3556
257. [i] Longitude: 4.9135
258.  
259.  
260.  
261.  
262. H T T P H E A D E R S
263. =======================================================================================================================================
264.  
265.  
266. [i] HTTP/1.1 200 OK
267. [i] Cache-Control: private
268. [i] Content-Type: text/html; charset=utf-8
269. [i] Server: Microsoft-IIS/8.5
270. [i] X-AspNetMvc-Version: 4.0
271. [i] X-AspNet-Version: 4.0.30319
272. [i] Date: Thu, 31 Jan 2019 22:55:36 GMT
273. [i] Connection: close
274. [i] Content-Length: 90473
275.  
276.  
277.  
278.  
279. D N S L O O K U P
280. =======================================================================================================================================
281.  
282. islahhaber.net. 1799 IN A 45.32.187.95
283. islahhaber.net. 3599 IN NS pdns07.domaincontrol.com.
284. islahhaber.net. 3599 IN NS pdns08.domaincontrol.com.
285. islahhaber.net. 599 IN SOA pdns07.domaincontrol.com. dns.jomax.net. 2017102701 28800 7200 604800 600
286. islahhaber.net. 3599 IN MX 10 mailstore1.secureserver.net.
287. islahhaber.net. 3599 IN MX 0 smtp.secureserver.net.
288.  
289.  
290.  
291.  
292. S U B N E T C A L C U L A T I O N
293. =======================================================================================================================================
294.  
295. Address = 45.32.187.95
296. Network = 45.32.187.95 / 32
297. Netmask = 255.255.255.255
298. Broadcast = not needed on Point-to-Point links
299. Wildcard Mask = 0.0.0.0
300. Hosts Bits = 0
301. Max. Hosts = 1 (2^0 - 0)
302. Host Range = { 45.32.187.95 - 45.32.187.95 }
303.  
304.  
305.  
306. N M A P P O R T S C A N
307. =======================================================================================================================================
308.  
309.  
310. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-31 22:55 UTC
311. Nmap scan report for islahhaber.net (45.32.187.95)
312. Host is up (0.084s latency).
313. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
314. PORT STATE SERVICE
315. 21/tcp open ftp
316. 22/tcp filtered ssh
317. 23/tcp filtered telnet
318. 80/tcp open http
319. 110/tcp filtered pop3
320. 143/tcp filtered imap
321. 443/tcp open https
322. 3389/tcp open ms-wbt-server
323.  
324. Nmap done: 1 IP address (1 host up) scanned in 1.72 seconds
325. #######################################################################################################################################
326. [?] Enter the target: example( http://domain.com )
327. https://www.islahhaber.net/
328. [!] IP Address : 45.32.187.95
329. [+] Operating System : Windows
330. [!] www.islahhaber.net doesn't seem to use a CMS
331. [+] Honeypot Probabilty: 30%
332. ---------------------------------------------------------------------------------------------------------------------------------------
333. [~] Trying to gather whois information for www.islahhaber.net
334. [+] Whois information found
335. [-] Unable to build response, visit https://who.is/whois/www.islahhaber.net
336. ---------------------------------------------------------------------------------------------------------------------------------------
337. PORT STATE SERVICE
338. 21/tcp open ftp
339. 22/tcp filtered ssh
340. 23/tcp filtered telnet
341. 80/tcp open http
342. 110/tcp filtered pop3
343. 143/tcp filtered imap
344. 443/tcp open https
345. 3389/tcp open ms-wbt-server
346. Nmap done: 1 IP address (1 host up) scanned in 1.64 seconds
347. ---------------------------------------------------------------------------------------------------------------------------------------
348.  
349. [+] DNS Records
350. pdns08.domaincontrol.com. (173.201.79.53) AS26496 GoDaddy.com, LLC United States
351. pdns07.domaincontrol.com. (97.74.111.53) AS26496 GoDaddy.com, LLC United States
352.  
353. [+] MX Records
354. 10 (68.178.213.244) AS26496 GoDaddy.com, LLC United States
355.  
356. [+] MX Records
357. 0 (68.178.213.203) AS26496 GoDaddy.com, LLC United States
358.  
359. [+] Host Records (A)
360. www.islahhaber.netHTTP: (45.32.187.95.vultr.com) (45.32.187.954) AS20473 Choopa, LLC Netherlands
361.  
362. [+] TXT Records
363.  
364. [+] DNS Map: https://dnsdumpster.com/static/map/islahhaber.net.png
365.  
366. [>] Initiating 3 intel modules
367. [>] Loading Alpha module (1/3)
368. [>] Beta module deployed (2/3)
369. [>] Gamma module initiated (3/3)
370.  
371.  
372. [+] Emails found:
373. ---------------------------------------------------------------------------------------------------------------------------------------
374. pixel-154897533620817-web-@www.islahhaber.net
375. pixel-1548975336643336-web-@www.islahhaber.net
376.  
377. [+] Hosts found in search engines:
378. ---------------------------------------------------------------------------------------------------------------------------------------
379. [-] Resolving hostnames IPs...
380. [+] Virtual hosts:
381. ---------------------------------------------------------------------------------------------------------------------------------------
382. #######################################################################################################################################
383. =======================================================================================================================================
384. | External hosts:
385. | [+] External Host Found: https://pbs.twimg.com
386. | [+] External Host Found: https://cdn.ampproject.org
387. | [+] External Host Found: http://img3.mynet.com
388. | [+] External Host Found: http://tuik.gov.tr
389. | [+] External Host Found: http://www.turizmgazetesi.com
390. | [+] External Host Found: http://www.rfa.org
391. | [+] External Host Found: https://questraworld.es
392. | [+] External Host Found: https://www.fbm.com.tr
393. | [+] External Host Found: https://dod.defense.gov
394. | [+] External Host Found: https://scontent-ams.xx.fbcdn.net
395. | [+] External Host Found: http://cdn.yeniakit.com.tr
396. | [+] External Host Found: http://www.haber10.com
397. | [+] External Host Found: http://bit.ly
398. | [+] External Host Found: http://www.derindusunce.org
399. | [+] External Host Found: http://www.maripak.com
400. | [+] External Host Found: https://ia801504.us.archive.org
401. | [+] External Host Found: https://www.timeturk.com
402. | [+] External Host Found: http://constitutions.ru
403. | [+] External Host Found: http://www.alemarahvideo.com
404. | [+] External Host Found: http://www.suriyedebayramlasma.com
405. | [+] External Host Found: https://fbcdn-sphotos-e-a.akamaihd.net
406. | [+] External Host Found: https://t.co
407. | [+] External Host Found: http://s9.postimg.org
408. | [+] External Host Found: http://www.incanews.com
409. | [+] External Host Found: http://img.haberler.com
410. | [+] External Host Found: https://s03.justpaste.it
411. | [+] External Host Found: http://www.milligazete.com.tr
412. | [+] External Host Found: https://www.hrw.org
413. | [+] External Host Found: http://www.centcom.mil
414. | [+] External Host Found: http://www.avax.com.tr
415. | [+] External Host Found: http://i.sabah.com.tr
416. | [+] External Host Found: http://cdn1.cnnturk.com
417. | [+] External Host Found: http://www.kahvekitap.com
418. | [+] External Host Found: http://www.milliyet.com.tr
419. | [+] External Host Found: https://www.youtube.com
420. | [+] External Host Found: http://www.sahimerdansari.com
421. | [+] External Host Found: http://www.turnike.com.tr
422. | [+] External Host Found: https://uyghuristaninfo.files.wordpress.com
423. | [+] External Host Found: http://www.dailymail.co.uk
424. | [+] External Host Found: https://fbcdn-sphotos-h-a.akamaihd.net
425. | [+] External Host Found: https://s04.justpaste.it
426. | [+] External Host Found: https://twitter.com
427. | [+] External Host Found: http://asal.msb.gov.tr
428. | [+] External Host Found: http://image.yenisafak.com
429. | [+] External Host Found: https://www.ubeybi.com
430. | [+] External Host Found: https://s01.justpaste.it
431. | [+] External Host Found: http://www.ddizi1.com
432. | [+] External Host Found: http://i.hizliresim.com
433. | [+] External Host Found: http://cdn.yenisafak.net
434. | [+] External Host Found: https://encrypted-tbn0.gstatic.com
435. | [+] External Host Found: http://image.cdn.haber7.com
436. | [+] External Host Found: https://cocuk.tbmm.gov.tr
437. | [+] External Host Found: http://islahhaber.net
438. | [+] External Host Found: https://scontent-ams3-1.xx.fbcdn.net
439. | [+] External Host Found: https://scontent-cdg2-1.xx.fbcdn.net
440. | [+] External Host Found: https://cdnjs.cloudflare.com
441. | [+] External Host Found: https://cdn.yeniakit.com.tr
442. | [+] External Host Found: http://www.rohingya.org.tr
443. | [+] External Host Found: http://www.rna-press.com
444. | [+] External Host Found: http://www.aydinlikgazete.com
445. | [+] External Host Found: http://www.timeturk.com
446. | [+] External Host Found: http://im.haberturk.com
447. | [+] External Host Found: http://cdn.ar.com
448. | [+] External Host Found: https://www.modalarda.com
449. | [+] External Host Found: http://appsaljazeera.com
450. | [+] External Host Found: http://siyasetkulubu.blogspot.com.tr
451. | [+] External Host Found: http://i.hurimg.com
452. | [+] External Host Found: https://play.google.com
453. | [+] External Host Found: http://www.damladanismanlik.com
454. | [+] External Host Found: https://tr.euronews.com
455. | [+] External Host Found: http://www.pressmedya.com
456. | [+] External Host Found: https://www.dw.com
457. | [+] External Host Found: http://www.f5haber.com
458. | [+] External Host Found: https://fbcdn-sphotos-f-a.akamaihd.net
459. | [+] External Host Found: http://xslt.alexa.com
460. | [+] External Host Found: https://www.facebook.com
461. | [+] External Host Found: https://scontent-amt2-1.xx.fbcdn.net
462. | [+] External Host Found: https://itunes.apple.com
463. | [+] External Host Found: http://www.medyatimes.com
464. | [+] External Host Found: https://scontent-frt3-1.xx.fbcdn.net
465. | [+] External Host Found: http://tuketici.gtb.gov.tr
466. | [+] External Host Found: http://www.turnikesistemi.com.tr
467. | [+] External Host Found: http://2.bp.blogspot.com
468. | [+] External Host Found: http://www.engelligecisturnikesi.com
469. | [+] External Host Found: http://ajanskafkas.com
470. | [+] External Host Found: https://fbcdn-sphotos-c-a.akamaihd.net
471. | [+] External Host Found: https://www.dunyabulteni.net
472. | [+] External Host Found: http://tupbebek1.com
473. | [+] External Host Found: http://www.turkishny.com
474. | [+] External Host Found: http://www.youtube.com
475. | [+] External Host Found: https://scontent-lhr3-1.xx.fbcdn.net
476. =======================================================================================================================================
477. | E-mails:
478. | [+] E-mail Found: mfe@mfe.name
479. | [+] E-mail Found: yilmaz544954@gmail.com
480. | [+] E-mail Found: islahhabermerkezi@gmail.com
481. | [+] E-mail Found: seyfullahhakyemez@gmail.com
482. | [+] E-mail Found: huseyinkursun.27@hotmail.com
483. | [+] E-mail Found: gokhan.arslan@hotmail.com
484. | [+] E-mail Found: sabihaatesalpat@hotmail.com
485. | [+] E-mail Found: uzeyfecetin@islahhaber.net
486. | [+] E-mail Found: yok@yokki.com
487. | [+] E-mail Found: my0097234@gmail.com
488. | [+] E-mail Found: sumeyyesancak@islahhaber.net
489. | [+] E-mail Found: wanyujiao1205@gmail.com
490. | [+] E-mail Found: hayrunnisa@islahhaber.net
491. | [+] E-mail Found: ercan.burhan2014@gmail.com
492. | [+] E-mail Found: hasanerkam5449@hotmail.com
493. | [+] E-mail Found: talhabil@islahhaber.net
494. | [+] E-mail Found: info@islahhaber.net
495. | [+] E-mail Found: suhedademir@islahhaber.net
496. | [+] E-mail Found: hakim@islahhaber.net
497. | [+] E-mail Found: hacikar_az@hotmail.com
498. | [+] E-mail Found: sahimerdansari@islahhaber.net
499. | [+] E-mail Found: hikmetsever@islahhaber.net
500. | [+] E-mail Found: islammedya@hotmail.com
501. | [+] E-mail Found: ebuenes@hotmail.com
502. | [+] E-mail Found: mustafa.soylu@islahhaber.net
503. | [+] E-mail Found: kubrayildiz@islahhaber.net
504. | [+] E-mail Found: musa.yildiz@islahhaber.net
505. | [+] E-mail Found: mumdernegi@hotmail.com
506. | [+] E-mail Found: said@islahhaber.net
507. | [+] E-mail Found: info@oncunesil.org.tr
508. | [+] E-mail Found: murside.yolcu@islahhaber.net
509. =======================================================================================================================================
510. #######################################################################################################################################
511. ; <<>> DiG 9.11.5-P1-1-Debian <<>> islahhaber.net
512. ;; global options: +cmd
513. ;; Got answer:
514. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15260
515. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
516.  
517. ;; OPT PSEUDOSECTION:
518. ; EDNS: version: 0, flags:; udp: 4096
519. ;; QUESTION SECTION:
520. ;islahhaber.net. IN A
521.  
522. ;; ANSWER SECTION:
523. islahhaber.net. 511 IN A 45.32.187.95
524.  
525. ;; Query time: 35 msec
526. ;; SERVER: 38.132.106.139#53(38.132.106.139)
527. ;; WHEN: jeu jan 31 18:41:16 EST 2019
528. ;; MSG SIZE rcvd: 59
529. #######################################################################################################################################
530. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace islahhaber.net
531. ;; global options: +cmd
532. . 85080 IN NS g.root-servers.net.
533. . 85080 IN NS i.root-servers.net.
534. . 85080 IN NS a.root-servers.net.
535. . 85080 IN NS h.root-servers.net.
536. . 85080 IN NS j.root-servers.net.
537. . 85080 IN NS f.root-servers.net.
538. . 85080 IN NS m.root-servers.net.
539. . 85080 IN NS b.root-servers.net.
540. . 85080 IN NS e.root-servers.net.
541. . 85080 IN NS l.root-servers.net.
542. . 85080 IN NS k.root-servers.net.
543. . 85080 IN NS c.root-servers.net.
544. . 85080 IN NS d.root-servers.net.
545. . 85080 IN RRSIG NS 8 0 518400 20190213170000 20190131160000 16749 . QWsKOKRZvf2yfhwJXwpsDpj27UIdPnNupSNH5zq7bdHb8RGEUGDC2db7 YIRhVH9RfLnaRqLdCeSdlP7zOZaLQ7Qrx99u9ePlJBhjFp9drTJOpDFh Z0T8/EouIpLWV3gL68/wlMYrlvC4H3bv+VibhWCXQs8UNRYHXb9A28ZL YyFtD0CMHmQK3nvDHr8QhFu8MuurkPatMaloEHY/fFIKNu8+Bl9rhLNI FgYeAj/pItqw2emrvxOVDoZKAZlJTBqRKoOnRT33zXitVaWW65ZZp1hX oL0IeVU2fRAN67cmHLYTUGCfgzhdPOizMYlwFQ210ftJQJs6D38e9xqH ckMysQ==
546. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 36 ms
547.  
548. net. 172800 IN NS l.gtld-servers.net.
549. net. 172800 IN NS b.gtld-servers.net.
550. net. 172800 IN NS c.gtld-servers.net.
551. net. 172800 IN NS d.gtld-servers.net.
552. net. 172800 IN NS e.gtld-servers.net.
553. net. 172800 IN NS f.gtld-servers.net.
554. net. 172800 IN NS g.gtld-servers.net.
555. net. 172800 IN NS a.gtld-servers.net.
556. net. 172800 IN NS h.gtld-servers.net.
557. net. 172800 IN NS i.gtld-servers.net.
558. net. 172800 IN NS j.gtld-servers.net.
559. net. 172800 IN NS k.gtld-servers.net.
560. net. 172800 IN NS m.gtld-servers.net.
561. net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
562. net. 86400 IN RRSIG DS 8 1 86400 20190213170000 20190131160000 16749 . egovExQlbWVYH5EfDhzTDJbaObSKqL7HZoK2N1tCECKVsS4tA4qid5JY cib+npUVoD00/rDvY9nmdE9Mwu90Yjcn/3I6YY2jCrqD68uCLqRgDDC3 DSEgLQh3IuMMceQbnN5oVEs3q2Z7e/92WNUFaT6r8Cysq96HaVZO/G51 PLYoKyQjEZ+Wk82sj03y1CqdEHtIZu1XEiTDNlGfOV4r/4KHWr7ym41b miRIsUpTqvHygJTMN2f0fAIzbu7r4KgsFGnw8UhMdXpy4BaCFwerGOui FHKE7YtX8v4z2LwHx4mZxX0ckgetpHhz8a5vODzNzAxsCY/fNenjUHku iGeelQ==
563. ;; Received 1171 bytes from 192.5.5.241#53(f.root-servers.net) in 22 ms
564.  
565. islahhaber.net. 172800 IN NS pdns07.domaincontrol.com.
566. islahhaber.net. 172800 IN NS pdns08.domaincontrol.com.
567. A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
568. A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20190204063546 20190128052546 51638 net. PjGXbob7PjgLCtvp5sALlA4p72/D6vG7Bt70/uXnhax1aHe09GSMo8qU wiNBlt6AA1bl1k63VxAczTpL866lBvs5/gHtlOiyQ/egNhGHK3W9gjxL Bnpr6vODCkndFjfEd1afNjM8bi6MtD8R+n7Nz6ebk6lUsCMTYByxfXb8 JhE=
569. 8H8NQ4G8UEM4UBJAGMFUF1NV9OKBTNVL.net. 86400 IN NSEC3 1 1 0 - 8H9DILVHJGV3N4V433CSSEB2J0VH351O NS DS RRSIG
570. 8H8NQ4G8UEM4UBJAGMFUF1NV9OKBTNVL.net. 86400 IN RRSIG NSEC3 8 2 86400 20190204062722 20190128051722 51638 net. DJVylXjU/sGfibUIcjRKZkqE9TVhU/hE4jDscT3u9A7Sa+5pAojXWh0S VmYTAb7LC1FgZFQY5yfFZVsb6/b09+75w0wVQaKcqQnZPpR2JaqfxM0c 1UAbdtHLRkdCDEIWJaMZrieMsCK3C8E8nZF/gMvwD4c5zuILu5v88rTX kX0=
571. ;; Received 675 bytes from 2001:503:39c1::30#53(i.gtld-servers.net) in 85 ms
572.  
573. islahhaber.net. 1800 IN A 45.32.187.95
574. islahhaber.net. 3600 IN NS pdns07.domaincontrol.com.
575. islahhaber.net. 3600 IN NS pdns08.domaincontrol.com.
576. ;; Received 118 bytes from 97.74.111.53#53(pdns07.domaincontrol.com) in 30 ms
577. #######################################################################################################################################
578. Saut Nom d'hôte Adresse IP Temps 1
579. 1 10.246.200.1 10.246.200.1 23.711
580. 1 10.246.200.1 10.246.200.1 23.014
581. 2 vlan102.as02.qc1.ca.m247.com 176.113.74.17 23.672
582. 3 37.120.128.168 37.120.128.168 38.362
583. 4 te-1-5-2-0.bb1.fra2.de.m247.com 82.102.29.44 23.184
584. 5 motl-b1-link.telia.net 62.115.162.41 23.113
585. 6 nyk-bb3-link.telia.net 62.115.137.142 107.178
586. 7 ldn-bb4-link.telia.net 62.115.112.245 110.269
587. 8 adm-bb4-link.telia.net 62.115.134.26 111.348
588. #######################################################################################################################################
589. Port État Service
590. 21/tcp open ftp
591. 25/tcp closed smtp
592. 53/tcp open domain
593. 80/tcp open http
594. 88/tcp open kerberos-sec
595. 135/tcp open msrpc
596. 139/tcp closed netbios-ssn
597. 389/tcp open ldap
598. 443/tcp open https
599. 445/tcp closed microsoft-ds
600. 464/tcp open kpasswd5
601. 515/tcp open printer
602. 593/tcp open http-rpc-epmap
603. 636/tcp open ldapssl
604. 3268/tcp open globalcatLDAP
605. 3269/tcp open globalcatLDAPssl
606. 3389/tcp open ms-wbt-server
607. 9415/tcp open unknown
608. 9418/tcp open git
609. 9595/tcp open pds
610. 49154/tcp open unknown
611. 49155/tcp open unknown
612. 49157/tcp open unknown
613. 49158/tcp open unknown
614. 49163/tcp open unknown
615. #######################################################################################################################################
616. [*] Performing General Enumeration of Domain: islahhaber.net
617. [-] DNSSEC is not configured for islahhaber.net
618. [*] SOA pdns07.domaincontrol.com 97.74.111.53
619. [*] NS pdns07.domaincontrol.com 97.74.111.53
620. [*] NS pdns07.domaincontrol.com 2603:5:21f1::35
621. [*] NS pdns08.domaincontrol.com 173.201.79.53
622. [*] NS pdns08.domaincontrol.com 2603:5:22f1::35
623. [*] MX smtp.secureserver.net 68.178.213.203
624. [*] MX smtp.secureserver.net 68.178.213.37
625. [*] MX smtp.secureserver.net 72.167.238.29
626. [*] MX mailstore1.secureserver.net 68.178.213.244
627. [*] MX mailstore1.secureserver.net 72.167.238.32
628. [*] MX mailstore1.secureserver.net 68.178.213.243
629. [*] A islahhaber.net 45.32.187.95
630. [*] Enumerating SRV Records
631. [*] SRV _autodiscover._tcp.islahhaber.net autodiscover.int.secureserver.net 172.19.66.223 443 0
632. [+] 1 Records Found
633. #######################################################################################################################################
634. [+] Testing domain
635. www.islahhaber.net 45.32.187.95
636. [+] Dns resolving
637. Domain name Ip address Name server
638. islahhaber.net 45.32.187.95 45.32.187.95.vultr.com
639. Found 1 host(s) for islahhaber.net
640. [+] Testing wildcard
641. Ok, no wildcard found.
642.  
643. [+] Scanning for subdomain on islahhaber.net
644. [!] Wordlist not specified. I scannig with my internal wordlist...
645. Estimated time about 16.65 seconds
646.  
647. Subdomain Ip address Name server
648.  
649. email.islahhaber.net 45.40.140.6 p3plgemwbe27-v05.prod.phx3.secureserver.net
650. ftp.islahhaber.net 45.32.187.95 45.32.187.95.vultr.com
651. imap.islahhaber.net 68.178.252.117 p3plprx11-v01.prod.phx3.secureserver.net
652. pop.islahhaber.net 173.201.192.158 p3plprx07-v01.prod.phx3.secureserver.net
653. smtp.islahhaber.net 72.167.238.29 p3plibsmtp01-v01.prod.phx3.secureserver.net
654. www.islahhaber.net 45.32.187.95 45.32.187.95.vultr.com
655. #######################################################################################################################################
656. [*] Processing domain islahhaber.net
657. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
658. [+] Getting nameservers
659. 173.201.79.53 - pdns08.domaincontrol.com
660. 97.74.111.53 - pdns07.domaincontrol.com
661. [-] Zone transfer failed
662.  
663. [+] MX records found, added to target list
664. 0 smtp.secureserver.net.
665. 10 mailstore1.secureserver.net.
666.  
667. [*] Scanning islahhaber.net for A records
668. 45.32.187.95 - islahhaber.net
669. 173.201.192.148 - email.islahhaber.net
670. 97.74.135.133 - email.islahhaber.net
671. 45.40.130.40 - email.islahhaber.net
672. 173.201.193.148 - email.islahhaber.net
673. 97.74.135.55 - email.islahhaber.net
674. 173.201.192.20 - email.islahhaber.net
675. 173.201.193.133 - email.islahhaber.net
676. 173.201.192.133 - email.islahhaber.net
677. 68.178.252.148 - email.islahhaber.net
678. 173.201.192.5 - email.islahhaber.net
679. 97.74.135.148 - email.islahhaber.net
680. 72.167.218.183 - email.islahhaber.net
681. 72.167.218.173 - email.islahhaber.net
682. 72.167.218.55 - email.islahhaber.net
683. 173.201.193.20 - email.islahhaber.net
684. 72.167.218.45 - email.islahhaber.net
685. 173.201.193.5 - email.islahhaber.net
686. 68.178.252.5 - email.islahhaber.net
687. 68.178.252.20 - email.islahhaber.net
688. 45.40.130.41 - email.islahhaber.net
689. 68.178.252.133 - email.islahhaber.net
690. 97.74.135.45 - email.islahhaber.net
691. 45.40.140.6 - email.islahhaber.net
692. 45.32.187.95 - ftp.islahhaber.net
693. 97.74.135.10 - imap.islahhaber.net
694. 173.201.193.129 - imap.islahhaber.net
695. 97.74.135.143 - imap.islahhaber.net
696. 173.201.193.97 - imap.islahhaber.net
697. 72.167.218.138 - imap.islahhaber.net
698. 173.201.192.129 - imap.islahhaber.net
699. 173.201.192.158 - imap.islahhaber.net
700. 68.178.252.117 - imap.islahhaber.net
701. 97.74.135.143 - pop.islahhaber.net
702. 173.201.193.97 - pop.islahhaber.net
703. 72.167.218.138 - pop.islahhaber.net
704. 68.178.252.117 - pop.islahhaber.net
705. 97.74.135.10 - pop.islahhaber.net
706. 173.201.192.158 - pop.islahhaber.net
707. 173.201.192.129 - pop.islahhaber.net
708. 173.201.193.129 - pop.islahhaber.net
709. 68.178.213.37 - smtp.islahhaber.net
710. 68.178.213.203 - smtp.islahhaber.net
711. 72.167.238.29 - smtp.islahhaber.net
712. 45.32.187.95 - www.islahhaber.net
713. #######################################################################################################################################
714. Ip Address Status Type Domain Name Server
715. ---------- ------ ---- ----------- ------
716. 45.40.140.6 301 alias email.islahhaber.net Apache
717. 45.40.140.6 301 host email.secureserver.net Apache
718. 72.167.218.45 301 host email.secureserver.net Apache
719. 68.178.252.20 301 host email.secureserver.net Apache
720. 97.74.135.45 301 host email.secureserver.net Apache
721. 173.201.192.5 301 host email.secureserver.net Apache
722. 72.167.218.183 301 host email.secureserver.net Apache
723. 68.178.252.5 301 host email.secureserver.net Apache
724. 173.201.192.133 301 host email.secureserver.net Apache
725. 72.167.218.173 301 host email.secureserver.net Apache
726. 97.74.135.133 301 host email.secureserver.net Apache
727. 45.40.130.40 301 host email.secureserver.net Apache
728. 97.74.135.148 301 host email.secureserver.net Apache
729. 173.201.193.133 301 host email.secureserver.net Apache
730. 68.178.252.148 301 host email.secureserver.net Apache
731. 72.167.218.55 301 host email.secureserver.net Apache
732. 97.74.135.55 301 host email.secureserver.net Apache
733. 68.178.252.133 301 host email.secureserver.net Apache
734. 173.201.193.20 301 host email.secureserver.net Apache
735. 173.201.193.148 301 host email.secureserver.net Apache
736. 173.201.193.5 301 host email.secureserver.net Apache
737. 45.40.130.41 301 host email.secureserver.net Apache
738. 173.201.192.20 301 host email.secureserver.net Apache
739. 173.201.192.148 301 host email.secureserver.net Apache
740. 45.32.187.95 404 alias ftp.islahhaber.net Microsoft-IIS/8.5
741. 45.32.187.95 404 host islahhaber.net Microsoft-IIS/8.5
742. 173.201.192.129 alias imap.islahhaber.net
743. 173.201.192.129 host imap.secureserver.net
744. 97.74.135.143 host imap.secureserver.net
745. 72.167.218.138 host imap.secureserver.net
746. 173.201.192.158 host imap.secureserver.net
747. 173.201.193.97 host imap.secureserver.net
748. 173.201.193.129 host imap.secureserver.net
749. 68.178.252.117 host imap.secureserver.net
750. 97.74.135.10 host imap.secureserver.net
751. 173.201.193.129 alias pop.islahhaber.net
752. 173.201.193.129 host pop.secureserver.net
753. 72.167.218.138 host pop.secureserver.net
754. 97.74.135.10 host pop.secureserver.net
755. 97.74.135.143 host pop.secureserver.net
756. 173.201.193.97 host pop.secureserver.net
757. 173.201.192.129 host pop.secureserver.net
758. 68.178.252.117 host pop.secureserver.net
759. 173.201.192.158 host pop.secureserver.net
760. 68.178.213.37 alias smtp.islahhaber.net
761. 68.178.213.37 host smtp.secureserver.net
762. 68.178.213.203 host smtp.secureserver.net
763. 72.167.238.29 host smtp.secureserver.net
764. 45.32.187.95 404 alias www.islahhaber.net Microsoft-IIS/8.5
765. 45.32.187.95 404 host islahhaber.net Microsoft-IIS/8.5
766. #######################################################################################################################################
767. dnsenum VERSION:1.2.4
768.  
769. ----- www.islahhaber.net -----
770.  
771.  
772. Host's addresses:
773. __________________
774.  
775. islahhaber.net. 1214 IN A 45.32.187.95
776.  
777.  
778. Name Servers:
779. ______________
780.  
781. pdns08.domaincontrol.com. 86341 IN A 173.201.79.53
782. pdns07.domaincontrol.com. 83281 IN A 97.74.111.53
783.  
784.  
785. Mail (MX) Servers:
786. ___________________
787.  
788. mailstore1.secureserver.net. 60 IN A 68.178.213.243
789. mailstore1.secureserver.net. 60 IN A 72.167.238.32
790. mailstore1.secureserver.net. 60 IN A 68.178.213.244
791. smtp.secureserver.net. 60 IN A 68.178.213.203
792. smtp.secureserver.net. 60 IN A 72.167.238.29
793. smtp.secureserver.net. 60 IN A 68.178.213.37
794.  
795.  
796. Trying Zone Transfers and getting Bind Versions:
797. _________________________________________________
798.  
799.  
800. Trying Zone Transfer for www.islahhaber.net on pdns08.domaincontrol.com ...
801.  
802. Trying Zone Transfer for www.islahhaber.net on pdns07.domaincontrol.com ...
803.  
804. brute force file not specified, bay.
805. #######################################################################################################################################
806.  
807.  
808. Running Source: Ask
809. Running Source: Archive.is
810. Running Source: Baidu
811. Running Source: Bing
812. Running Source: CertDB
813. Running Source: CertificateTransparency
814. Running Source: Certspotter
815. Running Source: Commoncrawl
816. Running Source: Crt.sh
817. Running Source: Dnsdb
818. Running Source: DNSDumpster
819. Running Source: DNSTable
820. Running Source: Dogpile
821. Running Source: Exalead
822. Running Source: Findsubdomains
823. Running Source: Googleter
824. Running Source: Hackertarget
825. Running Source: Ipv4Info
826. Running Source: PTRArchive
827. Running Source: Sitedossier
828. Running Source: Threatcrowd
829. Running Source: ThreatMiner
830. Running Source: WaybackArchive
831. Running Source: Yahoo
832.  
833. Running enumeration on www.islahhaber.net
834.  
835. dnsdb: Unexpected return status 503
836.  
837. crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
838.  
839. waybackarchive: Get http://web.archive.org/cdx/search/cdx?url=*.www.islahhaber.net/*&output=json&fl=original&collapse=urlkey&page=
840. : net/http: HTTP/1.x transport connection broken: malformed HTTP response "<html>"
841.  
842.  
843. Starting Bruteforcing of www.islahhaber.net with 9985 words
844.  
845. Total 1 Unique subdomains found for www.islahhaber.net
846.  
847. .www.islahhaber.net
848. #######################################################################################################################################
849. [+] www.islahhaber.net has no SPF record!
850. [*] No DMARC record found. Looking for organizational record
851. [+] No organizational DMARC record
852. [+] Spoofing possible for www.islahhaber.net!
853. ######################################################################################################################################
854. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:59 EST
855. Nmap scan report for www.islahhaber.net (45.32.187.95)
856. Host is up (0.088s latency).
857. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
858. Not shown: 463 filtered ports, 3 closed ports
859. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
860. PORT STATE SERVICE
861. 21/tcp open ftp
862. 53/tcp open domain
863. 80/tcp open http
864. 88/tcp open kerberos-sec
865. 135/tcp open msrpc
866. 389/tcp open ldap
867. 443/tcp open https
868. 515/tcp open printer
869. 3389/tcp open ms-wbt-server
870. 5985/tcp open wsman
871. #######################################################################################################################################
872. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:59 EST
873. Nmap scan report for www.islahhaber.net (45.32.187.95)
874. Host is up (0.043s latency).
875. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
876. Not shown: 2 filtered ports
877. PORT STATE SERVICE
878. 53/udp open domain
879. 67/udp open|filtered dhcps
880. 68/udp open|filtered dhcpc
881. 69/udp open|filtered tftp
882. 88/udp open|filtered kerberos-sec
883. 123/udp open ntp
884. 139/udp open|filtered netbios-ssn
885. 161/udp open|filtered snmp
886. 162/udp open|filtered snmptrap
887. 389/udp open|filtered ldap
888. 520/udp open|filtered route
889. 2049/udp open|filtered nfs
890. #######################################################################################################################################
891. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:59 EST
892. Nmap scan report for www.islahhaber.net (45.32.187.95)
893. Host is up (0.11s latency).
894. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
895.  
896. PORT STATE SERVICE VERSION
897. 21/tcp open tcpwrapped
898. | ftp-brute:
899. | Accounts: No valid accounts found
900. |_ Statistics: Performed 5500 guesses in 360 seconds, average tps: 15.0
901. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
902. Device type: general purpose
903. Running (JUST GUESSING): Microsoft Windows 2012 (88%)
904. OS CPE: cpe:/o:microsoft:windows_server_2012:r2
905. Aggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 (86%)
906. No exact OS matches for host (test conditions non-ideal).
907. Network Distance: 10 hops
908.  
909. TRACEROUTE (using port 21/tcp)
910. HOP RTT ADDRESS
911. 1 25.19 ms 10.246.200.1
912. 2 25.22 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
913. 3 29.96 ms 37.120.128.168
914. 4 25.23 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
915. 5 25.24 ms 62.115.162.41
916. 6 ...
917. 7 139.39 ms ldn-bb4-link.telia.net (62.115.136.184)
918. 8 135.09 ms adm-bb4-link.telia.net (62.115.134.26)
919. 9 ...
920. 10 109.27 ms 45.32.187.95.vultr.com (45.32.187.95)
921. #######################################################################################################################################
922. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:07 EST
923. Nmap scan report for www.islahhaber.net (45.32.187.95)
924. Host is up (0.11s latency).
925. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
926.  
927. PORT STATE SERVICE VERSION
928. 53/tcp open domain?
929. |_dns-fuzz: Server didn't response to our probe, can't fuzz
930. | dns-nsec-enum:
931. |_ No NSEC records found
932. | dns-nsec3-enum:
933. |_ DNSSEC NSEC3 not supported
934. | fingerprint-strings:
935. | DNSVersionBindReqTCP:
936. | version
937. |_ bind
938. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
939. SF-Port53-TCP:V=7.70%I=7%D=1/31%Time=5C537FB3%P=x86_64-pc-linux-gnu%r(DNSV
940. SF:ersionBindReqTCP,20,"\0\x1e\0\x06\x81\x04\0\x01\0\0\0\0\0\0\x07version\
941. SF:x04bind\0\0\x10\0\x03");
942. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
943. Device type: general purpose
944. Running (JUST GUESSING): Microsoft Windows 2012 (88%)
945. OS CPE: cpe:/o:microsoft:windows_server_2012:r2
946. Aggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 (86%)
947. No exact OS matches for host (test conditions non-ideal).
948. Network Distance: 10 hops
949.  
950. Host script results:
951. | dns-brute:
952. | DNS Brute-force hostnames:
953. | www.islahhaber.net - 45.32.187.95
954. | ftp.islahhaber.net - 45.32.187.95
955. | smtp.islahhaber.net - 68.178.213.203
956. | smtp.islahhaber.net - 68.178.213.37
957. |_ smtp.islahhaber.net - 72.167.238.29
958.  
959. TRACEROUTE (using port 53/tcp)
960. HOP RTT ADDRESS
961. 1 28.13 ms 10.246.200.1
962. 2 28.69 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
963. 3 37.15 ms 37.120.128.168
964. 4 28.70 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
965. 5 28.68 ms 62.115.162.41
966. 6 111.55 ms nyk-bb4-link.telia.net (62.115.134.52)
967. 7 111.15 ms ldn-bb4-link.telia.net (62.115.136.184)
968. 8 113.02 ms adm-bb4-link.telia.net (62.115.134.26)
969. 9 ...
970. 10 110.24 ms 45.32.187.95.vultr.com (45.32.187.95)
971.  
972. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
973. Nmap done: 1 IP address (1 host up) scanned in 174.67 seconds
974. + -- --=[Port 67 closed... skipping.
975. + -- --=[Port 68 closed... skipping.
976. + -- --=[Port 69 closed... skipping.
977. + -- --=[Port 79 closed... skipping.
978. + -- --=[Port 80 opened... running tests...
979. ######################################################################################################################################
980.  
981. ^ ^
982. _ __ _ ____ _ __ _ _ ____
983. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
984. | V V // o // _/ | V V // 0 // 0 // _/
985. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
986. <
987. ...'
988.  
989. WAFW00F - Web Application Firewall Detection Tool
990.  
991. By Sandro Gauci && Wendel G. Henrique
992.  
993. Checking http://www.islahhaber.net
994. Generic Detection results:
995. The site http://www.islahhaber.net seems to be behind a WAF or some sort of security solution
996. Reason: The server header is different when an attack is detected.
997. The server header for a normal response is "Microsoft-IIS/8.5", while the server header a response to an attack is "Microsoft-HTTPAPI/2.0.",
998. Number of requests: 14
999. #######################################################################################################################################
1000. http://www.islahhaber.net [301 Moved Permanently] Country[RESERVED][ZZ], HTTPServer[Microsoft-IIS/8.5], IP[45.32.187.95], Microsoft-IIS[8.5], RedirectLocation[https://www.islahhaber.net/], Title[Document Moved]
1001. https://www.islahhaber.net/ [200 OK] ASP_NET[4.0.30319][MVC4.0], Country[RESERVED][ZZ], Frame, Google-Analytics[Universal][UA-35363848-1,UA-4313077-25], HTTPServer[Microsoft-IIS/8.5], IP[45.32.187.95], JQuery[1.7.1], Microsoft-IIS[8.5], PasswordField[Sifre], Script[application/json,text/javascript], Title[ISLAH HABER | Haber var islah eder, haber var ifsad eder], UncommonHeaders[x-aspnetmvc-version]
1002. #######################################################################################################################################
1003. wig - WebApp Information Gatherer
1004.  
1005.  
1006. Scanning https://www.islahhaber.net...
1007. _____________________________ SITE INFO _____________________________
1008. IP Title
1009. 45.32.187.95 ISLAH HABER | Haber var islah eder, haber
1010.  
1011. ______________________________ VERSION ______________________________
1012. Name Versions Type
1013. ASP.NET 4.7.2558.0 Platform
1014. IIS 8.5 Platform
1015. Microsoft Windows Server 2012 R2 OS
1016.  
1017. ____________________________ INTERESTING ____________________________
1018. URL Note Type
1019. /test.htm Test file Interesting
1020. /_layouts/create.aspx ASP.NET detailed error Interesting
1021.  
1022. _______________________ PLATFORM OBSERVATIONS _______________________
1023. Platform URL Type
1024. ASP.NET 4.0.30319 / Observation
1025. ASP.NET 4.7.2558.0 /_layouts/create.aspx Observation
1026.  
1027. _____________________________________________________________________
1028. Time: 47.6 sec Urls: 669 Fingerprints: 40401
1029. #######################################################################################################################################
1030. HTTP/1.1 404 Not Found
1031. Cache-Control: private
1032. Content-Length: 4806
1033. Content-Type: text/html; charset=utf-8
1034. Server: Microsoft-IIS/8.5
1035. Date: Thu, 31 Jan 2019 23:11:11 GMT
1036. Connection: close
1037.  
1038. HTTP/1.1 404 Not Found
1039. Cache-Control: private
1040. Content-Length: 4806
1041. Content-Type: text/html; charset=utf-8
1042. Server: Microsoft-IIS/8.5
1043. Date: Thu, 31 Jan 2019 23:11:12 GMT
1044. Connection: close
1045. #######################################################################################################################################
1046. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:13 EST
1047. Nmap scan report for www.islahhaber.net (45.32.187.95)
1048. Host is up (0.11s latency).
1049. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
1050.  
1051. PORT STATE SERVICE VERSION
1052. 135/tcp open msrpc Microsoft Windows RPC
1053. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1054. Device type: general purpose
1055. Running (JUST GUESSING): Microsoft Windows 2012 (88%)
1056. OS CPE: cpe:/o:microsoft:windows_server_2012
1057. Aggressive OS guesses: Microsoft Windows Server 2012 (88%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 R2 (88%)
1058. No exact OS matches for host (test conditions non-ideal).
1059. Network Distance: 10 hops
1060. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1061.  
1062. TRACEROUTE (using port 443/tcp)
1063. HOP RTT ADDRESS
1064. 1 24.43 ms 10.246.200.1
1065. 2 24.86 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1066. 3 80.02 ms 37.120.128.168
1067. 4 24.84 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1068. 5 24.87 ms 62.115.162.41
1069. 6 110.00 ms nyk-bb3-link.telia.net (62.115.137.142)
1070. 7 107.45 ms ldn-bb4-link.telia.net (62.115.136.184)
1071. 8 107.27 ms adm-bb4-link.telia.net (62.115.134.26)
1072. 9 ...
1073. 10 107.02 ms 45.32.187.95.vultr.com (45.32.187.95)
1074. ######################################################################################################################################
1075. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:14 EST
1076. Nmap scan report for www.islahhaber.net (45.32.187.95)
1077. Host is up (0.11s latency).
1078. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
1079.  
1080. PORT STATE SERVICE VERSION
1081. 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: sube.toygur.com, Site: Default-First-Site-Name)
1082. | ldap-rootdse:
1083. | LDAP Results
1084. | <ROOT>
1085. | currentTime: 20190131231802.0Z
1086. | subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1087. | dsServiceName: CN=NTDS Settings,CN=WINDOWS-VULTR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sube,DC=toygur,DC=com
1088. | namingContexts: DC=sube,DC=toygur,DC=com
1089. | namingContexts: CN=Configuration,DC=sube,DC=toygur,DC=com
1090. | namingContexts: CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1091. | namingContexts: DC=DomainDnsZones,DC=sube,DC=toygur,DC=com
1092. | namingContexts: DC=ForestDnsZones,DC=sube,DC=toygur,DC=com
1093. | defaultNamingContext: DC=sube,DC=toygur,DC=com
1094. | schemaNamingContext: CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1095. | configurationNamingContext: CN=Configuration,DC=sube,DC=toygur,DC=com
1096. | rootDomainNamingContext: DC=sube,DC=toygur,DC=com
1097. | supportedControl: 1.2.840.113556.1.4.319
1098. | supportedControl: 1.2.840.113556.1.4.801
1099. | supportedControl: 1.2.840.113556.1.4.473
1100. | supportedControl: 1.2.840.113556.1.4.528
1101. | supportedControl: 1.2.840.113556.1.4.417
1102. | supportedControl: 1.2.840.113556.1.4.619
1103. | supportedControl: 1.2.840.113556.1.4.841
1104. | supportedControl: 1.2.840.113556.1.4.529
1105. | supportedControl: 1.2.840.113556.1.4.805
1106. | supportedControl: 1.2.840.113556.1.4.521
1107. | supportedControl: 1.2.840.113556.1.4.970
1108. | supportedControl: 1.2.840.113556.1.4.1338
1109. | supportedControl: 1.2.840.113556.1.4.474
1110. | supportedControl: 1.2.840.113556.1.4.1339
1111. | supportedControl: 1.2.840.113556.1.4.1340
1112. | supportedControl: 1.2.840.113556.1.4.1413
1113. | supportedControl: 2.16.840.1.113730.3.4.9
1114. | supportedControl: 2.16.840.1.113730.3.4.10
1115. | supportedControl: 1.2.840.113556.1.4.1504
1116. | supportedControl: 1.2.840.113556.1.4.1852
1117. | supportedControl: 1.2.840.113556.1.4.802
1118. | supportedControl: 1.2.840.113556.1.4.1907
1119. | supportedControl: 1.2.840.113556.1.4.1948
1120. | supportedControl: 1.2.840.113556.1.4.1974
1121. | supportedControl: 1.2.840.113556.1.4.1341
1122. | supportedControl: 1.2.840.113556.1.4.2026
1123. | supportedControl: 1.2.840.113556.1.4.2064
1124. | supportedControl: 1.2.840.113556.1.4.2065
1125. | supportedControl: 1.2.840.113556.1.4.2066
1126. | supportedControl: 1.2.840.113556.1.4.2090
1127. | supportedControl: 1.2.840.113556.1.4.2205
1128. | supportedControl: 1.2.840.113556.1.4.2204
1129. | supportedControl: 1.2.840.113556.1.4.2206
1130. | supportedControl: 1.2.840.113556.1.4.2211
1131. | supportedControl: 1.2.840.113556.1.4.2239
1132. | supportedControl: 1.2.840.113556.1.4.2255
1133. | supportedControl: 1.2.840.113556.1.4.2256
1134. | supportedLDAPVersion: 3
1135. | supportedLDAPVersion: 2
1136. | supportedLDAPPolicies: MaxPoolThreads
1137. | supportedLDAPPolicies: MaxPercentDirSyncRequests
1138. | supportedLDAPPolicies: MaxDatagramRecv
1139. | supportedLDAPPolicies: MaxReceiveBuffer
1140. | supportedLDAPPolicies: InitRecvTimeout
1141. | supportedLDAPPolicies: MaxConnections
1142. | supportedLDAPPolicies: MaxConnIdleTime
1143. | supportedLDAPPolicies: MaxPageSize
1144. | supportedLDAPPolicies: MaxBatchReturnMessages
1145. | supportedLDAPPolicies: MaxQueryDuration
1146. | supportedLDAPPolicies: MaxTempTableSize
1147. | supportedLDAPPolicies: MaxResultSetSize
1148. | supportedLDAPPolicies: MinResultSets
1149. | supportedLDAPPolicies: MaxResultSetsPerConn
1150. | supportedLDAPPolicies: MaxNotificationPerConn
1151. | supportedLDAPPolicies: MaxValRange
1152. | supportedLDAPPolicies: MaxValRangeTransitive
1153. | supportedLDAPPolicies: ThreadMemoryLimit
1154. | supportedLDAPPolicies: SystemMemoryLimitPercent
1155. | highestCommittedUSN: 12830934
1156. | supportedSASLMechanisms: GSSAPI
1157. | supportedSASLMechanisms: GSS-SPNEGO
1158. | supportedSASLMechanisms: EXTERNAL
1159. | supportedSASLMechanisms: DIGEST-MD5
1160. | dnsHostName: windows-vultr.sube.toygur.com
1161. | ldapServiceName: sube.toygur.com:windows-vultr$@SUBE.TOYGUR.COM
1162. | serverName: CN=WINDOWS-VULTR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sube,DC=toygur,DC=com
1163. | supportedCapabilities: 1.2.840.113556.1.4.800
1164. | supportedCapabilities: 1.2.840.113556.1.4.1670
1165. | supportedCapabilities: 1.2.840.113556.1.4.1791
1166. | supportedCapabilities: 1.2.840.113556.1.4.1935
1167. | supportedCapabilities: 1.2.840.113556.1.4.2080
1168. | supportedCapabilities: 1.2.840.113556.1.4.2237
1169. | isSynchronized: TRUE
1170. | isGlobalCatalogReady: TRUE
1171. | domainFunctionality: 6
1172. | forestFunctionality: 6
1173. |_ domainControllerFunctionality: 6
1174. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1175. Device type: general purpose
1176. Running (JUST GUESSING): Microsoft Windows 2012 (88%)
1177. OS CPE: cpe:/o:microsoft:windows_server_2012
1178. Aggressive OS guesses: Microsoft Windows Server 2012 (88%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 R2 (88%)
1179. No exact OS matches for host (test conditions non-ideal).
1180. Network Distance: 10 hops
1181. Service Info: Host: WINDOWS-VULTR; OS: Windows 2012 R2; CPE: cpe:/o:microsoft:windows
1182.  
1183. TRACEROUTE (using port 389/tcp)
1184. HOP RTT ADDRESS
1185. 1 27.92 ms 10.246.200.1
1186. 2 56.15 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1187. 3 38.58 ms 37.120.128.168
1188. 4 27.99 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1189. 5 28.01 ms 62.115.162.41
1190. 6 110.99 ms nyk-bb4-link.telia.net (62.115.134.52)
1191. 7 106.86 ms ldn-bb4-link.telia.net (62.115.136.184)
1192. 8 104.16 ms adm-bb4-link.telia.net (62.115.134.26)
1193. 9 ...
1194. 10 105.38 ms 45.32.187.95.vultr.com (45.32.187.95)
1195. #######################################################################################################################################
1196. https://www.islahhaber.net [200 OK] ASP_NET[4.0.30319][MVC4.0], Country[RESERVED][ZZ], Frame, Google-Analytics[Universal][UA-35363848-1,UA-4313077-25], HTTPServer[Microsoft-IIS/8.5], IP[45.32.187.95], JQuery[1.7.1], Microsoft-IIS[8.5], PasswordField[Sifre], Script[application/json,text/javascript], Title[ISLAH HABER | Haber var islah eder, haber var ifsad eder], UncommonHeaders[x-aspnetmvc-version]
1197. #######################################################################################################################################
1198.  
1199. wig - WebApp Information Gatherer
1200.  
1201.  
1202. Scanning https://www.islahhaber.net...
1203. _____________________________ SITE INFO _____________________________
1204. IP Title
1205. 45.32.187.95 ISLAH HABER | Haber var islah eder, haber
1206.  
1207. ______________________________ VERSION ______________________________
1208. Name Versions Type
1209. ASP.NET 4.7.2558.0 Platform
1210. IIS 8.5 Platform
1211. Microsoft Windows Server 2012 R2 OS
1212.  
1213. ____________________________ INTERESTING ____________________________
1214. URL Note Type
1215. /test.htm Test file Interesting
1216. /_layouts/create.aspx ASP.NET detailed error Interesting
1217.  
1218. _______________________ PLATFORM OBSERVATIONS _______________________
1219. Platform URL Type
1220. ASP.NET 4.0.30319 / Observation
1221. ASP.NET 4.7.2558.0 /_layouts/create.aspx Observation
1222.  
1223. _____________________________________________________________________
1224. Time: 1.8 sec Urls: 669 Fingerprints: 40401
1225. #######################################################################################################################################
1226. HTTP/1.1 404 Not Found
1227. Cache-Control: private
1228. Content-Length: 4808
1229. Content-Type: text/html; charset=utf-8
1230. Server: Microsoft-IIS/8.5
1231. Date: Thu, 31 Jan 2019 23:18:19 GMT
1232. Connection: close
1233.  
1234. HTTP/1.1 404 Not Found
1235. Cache-Control: private
1236. Content-Length: 4808
1237. Content-Type: text/html; charset=utf-8
1238. Server: Microsoft-IIS/8.5
1239. Date: Thu, 31 Jan 2019 23:18:20 GMT
1240. Connection: close
1241. #######################################################################################################################################
1242. Version: 1.11.12-static
1243. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1244.  
1245. Connected to 45.32.187.95
1246.  
1247. Testing SSL server www.islahhaber.net on port 443 using SNI name www.islahhaber.net
1248.  
1249. TLS Fallback SCSV:
1250. Server does not support TLS Fallback SCSV
1251.  
1252. TLS renegotiation:
1253. Secure session renegotiation supported
1254.  
1255. TLS Compression:
1256. Compression disabled
1257.  
1258. Heartbleed:
1259. TLS 1.2 not vulnerable to heartbleed
1260. TLS 1.1 not vulnerable to heartbleed
1261. TLS 1.0 not vulnerable to heartbleed
1262.  
1263. Supported Server Cipher(s):
1264. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-521 DHE 521
1265. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
1266. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-521 DHE 521
1267. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
1268. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1269. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1270. Accepted TLSv1.2 256 bits AES256-SHA256
1271. Accepted TLSv1.2 256 bits AES256-SHA
1272. Accepted TLSv1.2 128 bits AES128-SHA256
1273. Accepted TLSv1.2 128 bits AES128-SHA
1274. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1275. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
1276. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
1277. Accepted TLSv1.1 256 bits AES256-SHA
1278. Accepted TLSv1.1 128 bits AES128-SHA
1279. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1280. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-521 DHE 521
1281. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-521 DHE 521
1282. Accepted TLSv1.0 256 bits AES256-SHA
1283. Accepted TLSv1.0 128 bits AES128-SHA
1284. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1285.  
1286. SSL Certificate:
1287. Signature Algorithm: sha256WithRSAEncryption
1288. RSA Key Strength: 2048
1289.  
1290. Subject: www.islahhaber.net
1291. Altnames: DNS:www.islahhaber.net, DNS:islahhaber.net
1292. Issuer: SignSec Certification Authority
1293.  
1294. Not valid before: Sep 22 00:00:00 2018 GMT
1295. Not valid after: Sep 22 23:59:59 2019 GMT
1296. #######################################################################################################################################
1297. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:18 EST
1298. Nmap scan report for www.islahhaber.net (45.32.187.95)
1299. Host is up (0.11s latency).
1300. rDNS record for 45.32.187.95: 45.32.187.95.vultr.com
1301.  
1302. PORT STATE SERVICE VERSION
1303. 3389/tcp open ms-wbt-server Microsoft Terminal Service
1304. | rdp-enum-encryption:
1305. | Security layer
1306. | CredSSP: SUCCESS
1307. | Native RDP: SUCCESS
1308. | SSL: SUCCESS
1309. | RDP Encryption level: Unknown
1310. |_ 128-bit RC4: SUCCESS
1311. |_rdp-vuln-ms12-020: ERROR: Script execution failed (use -d to debug)
1312. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1313. OS fingerprint not ideal because: Timing level 5 (Insane) used
1314. No OS matches for host
1315. Network Distance: 10 hops
1316. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1317.  
1318. TRACEROUTE (using port 3389/tcp)
1319. HOP RTT ADDRESS
1320. 1 23.14 ms 10.246.200.1
1321. 2 23.77 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1322. 3 27.59 ms 37.120.128.168
1323. 4 23.58 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1324. 5 23.57 ms 62.115.162.41
1325. 6 108.00 ms nyk-bb3-link.telia.net (62.115.137.142)
1326. 7 113.43 ms ldn-bb4-link.telia.net (62.115.112.245)
1327. 8 107.82 ms adm-bb4-link.telia.net (62.115.134.26)
1328. 9 ...
1329. 10 105.72 ms 45.32.187.95.vultr.com (45.32.187.95)
1330.  
1331. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1332. Nmap done: 1 IP address (1 host up) scanned in 44.89 seconds
1333. #######################################################################################################################################
1334. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:55 EST
1335. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1336. Host is up (0.087s latency).
1337. Not shown: 463 filtered ports, 3 closed ports
1338. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1339. PORT STATE SERVICE
1340. 21/tcp open ftp
1341. 53/tcp open domain
1342. 80/tcp open http
1343. 88/tcp open kerberos-sec
1344. 135/tcp open msrpc
1345. 389/tcp open ldap
1346. 443/tcp open https
1347. 515/tcp open printer
1348. 3389/tcp open ms-wbt-server
1349. 5985/tcp open wsman
1350. #######################################################################################################################################
1351. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:55 EST
1352. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1353. Host is up (0.039s latency).
1354. Not shown: 2 filtered ports
1355. PORT STATE SERVICE
1356. 53/udp open domain
1357. 67/udp open|filtered dhcps
1358. 68/udp open|filtered dhcpc
1359. 69/udp open|filtered tftp
1360. 88/udp open|filtered kerberos-sec
1361. 123/udp open ntp
1362. 139/udp open|filtered netbios-ssn
1363. 161/udp open|filtered snmp
1364. 162/udp open|filtered snmptrap
1365. 389/udp open|filtered ldap
1366. 520/udp open|filtered route
1367. 2049/udp open|filtered nfs
1368. #######################################################################################################################################
1369. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 17:55 EST
1370. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1371. Host is up (0.11s latency).
1372.  
1373. PORT STATE SERVICE VERSION
1374. 21/tcp open ftp Microsoft ftpd
1375. | ftp-brute:
1376. | Accounts: No valid accounts found
1377. |_ Statistics: Performed 4088 guesses in 274 seconds, average tps: 14.5
1378. | ftp-syst:
1379. |_ SYST: Windows_NT
1380. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1381. Device type: general purpose
1382. Running (JUST GUESSING): Microsoft Windows 2012 (89%)
1383. OS CPE: cpe:/o:microsoft:windows_server_2012
1384. Aggressive OS guesses: Microsoft Windows Server 2012 (89%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (89%), Microsoft Windows Server 2012 R2 (89%)
1385. No exact OS matches for host (test conditions non-ideal).
1386. Network Distance: 10 hops
1387. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1388.  
1389. TRACEROUTE (using port 21/tcp)
1390. HOP RTT ADDRESS
1391. 1 24.57 ms 10.246.200.1
1392. 2 25.19 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1393. 3 32.63 ms 37.120.128.168
1394. 4 24.99 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1395. 5 25.02 ms 62.115.162.41
1396. 6 107.70 ms nyk-bb4-link.telia.net (62.115.134.52)
1397. 7 108.74 ms ldn-bb4-link.telia.net (62.115.136.184)
1398. 8 108.22 ms adm-bb4-link.telia.net (62.115.134.26)
1399. 9 ...
1400. 10 109.05 ms 45.32.187.95.vultr.com (45.32.187.95)
1401. #######################################################################################################################################
1402. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:01 EST
1403. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1404. Host is up (0.11s latency).
1405.  
1406. PORT STATE SERVICE VERSION
1407. 53/tcp open domain?
1408. |_dns-fuzz: Server didn't response to our probe, can't fuzz
1409. | dns-nsec-enum:
1410. |_ No NSEC records found
1411. | dns-nsec3-enum:
1412. |_ DNSSEC NSEC3 not supported
1413. | fingerprint-strings:
1414. | DNSVersionBindReqTCP:
1415. | version
1416. |_ bind
1417. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1418. SF-Port53-TCP:V=7.70%I=7%D=1/31%Time=5C537E53%P=x86_64-pc-linux-gnu%r(DNSV
1419. SF:ersionBindReqTCP,20,"\0\x1e\0\x06\x81\x04\0\x01\0\0\0\0\0\0\x07version\
1420. SF:x04bind\0\0\x10\0\x03");
1421. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1422. Aggressive OS guesses: Tomato 1.27 - 1.28 (Linux 2.4.20) (97%), Linux 2.6.18 - 2.6.22 (97%), D-Link DWL-624+ or DWL-2000AP, or TRENDnet TEW-432BRP WAP (96%), Fortinet FortiGate-50B or 310B firewall (95%), Fortinet FortiGate 1500D firewall (95%), Microsoft Windows Vista Home Premium SP1 (93%), Fortinet FortiGate 100D firewall (92%), Fortinet FortiGate-60B or -100A firewall (92%), Vonage V-Portal VoIP adapter (92%), Lexmark Z2400 printer (92%)
1423. No exact OS matches for host (test conditions non-ideal).
1424. Network Distance: 10 hops
1425.  
1426. Host script results:
1427. | dns-brute:
1428. |_ DNS Brute-force hostnames: No results.
1429.  
1430. TRACEROUTE (using port 53/tcp)
1431. HOP RTT ADDRESS
1432. 1 24.55 ms 10.246.200.1
1433. 2 24.91 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1434. 3 34.10 ms 37.120.128.168
1435. 4 24.59 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1436. 5 24.58 ms 62.115.162.41
1437. 6 109.30 ms nyk-bb3-link.telia.net (62.115.137.142)
1438. 7 107.01 ms ldn-bb4-link.telia.net (62.115.136.184)
1439. 8 109.27 ms adm-bb4-link.telia.net (62.115.134.26)
1440. 9 ...
1441. 10 109.36 ms 45.32.187.95.vultr.com (45.32.187.95)
1442. #######################################################################################################################################
1443. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:04 EST
1444. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1445. Host is up (0.11s latency).
1446.  
1447. PORT STATE SERVICE VERSION
1448. 67/udp open|filtered dhcps
1449. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1450. Too many fingerprints match this host to give specific OS details
1451. Network Distance: 10 hops
1452.  
1453. TRACEROUTE (using proto 1/icmp)
1454. HOP RTT ADDRESS
1455. 1 22.96 ms 10.246.200.1
1456. 2 23.34 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1457. 3 41.64 ms 37.120.128.168
1458. 4 23.17 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1459. 5 23.16 ms 62.115.162.41
1460. 6 ...
1461. 7 107.64 ms ldn-bb4-link.telia.net (62.115.112.245)
1462. 8 107.62 ms adm-bb4-link.telia.net (62.115.134.26)
1463. 9 ...
1464. 10 107.30 ms 45.32.187.95.vultr.com (45.32.187.95)
1465. #######################################################################################################################################
1466. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:06 EST
1467. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1468. Host is up (0.11s latency).
1469.  
1470. PORT STATE SERVICE VERSION
1471. 68/udp open|filtered dhcpc
1472. Too many fingerprints match this host to give specific OS details
1473. Network Distance: 10 hops
1474.  
1475. TRACEROUTE (using proto 1/icmp)
1476. HOP RTT ADDRESS
1477. 1 23.12 ms 10.246.200.1
1478. 2 45.24 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1479. 3 37.98 ms 37.120.128.168
1480. 4 23.35 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1481. 5 23.35 ms 62.115.162.41
1482. 6 106.08 ms nyk-bb3-link.telia.net (62.115.137.142)
1483. 7 107.92 ms ldn-bb4-link.telia.net (62.115.112.245)
1484. 8 108.07 ms adm-bb4-link.telia.net (62.115.134.26)
1485. 9 ...
1486. 10 107.92 ms 45.32.187.95.vultr.com (45.32.187.95)
1487. #######################################################################################################################################
1488. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:08 EST
1489. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1490. Host is up (0.11s latency).
1491.  
1492. PORT STATE SERVICE VERSION
1493. 69/udp open|filtered tftp
1494. Too many fingerprints match this host to give specific OS details
1495. Network Distance: 10 hops
1496.  
1497. TRACEROUTE (using proto 1/icmp)
1498. HOP RTT ADDRESS
1499. 1 26.45 ms 10.246.200.1
1500. 2 26.85 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1501. 3 43.25 ms 37.120.128.168
1502. 4 26.66 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1503. 5 26.67 ms 62.115.162.41
1504. 6 ...
1505. 7 113.73 ms ldn-bb4-link.telia.net (62.115.112.245)
1506. 8 110.95 ms adm-bb4-link.telia.net (62.115.134.26)
1507. 9 ...
1508. 10 110.76 ms 45.32.187.95.vultr.com (45.32.187.95)
1509. #######################################################################################################################################
1510.  
1511. wig - WebApp Information Gatherer
1512.  
1513.  
1514. Scanning http://45.32.187.95...
1515. ____________________________________________ SITE INFO _____________________________________________
1516. IP Title
1517. 45.32.187.95
1518.  
1519. _____________________________________________ VERSION ______________________________________________
1520. Name Versions Type
1521. microsoft-httpapi 2.0 Platform
1522. Microsoft Windows 7 OS
1523. Microsoft Windows Server 2003 SP2 | 2003 SP3 | 2008 | 2008 R2 | 2012 | 2012 R2 OS
1524.  
1525. ____________________________________________________________________________________________________
1526. Time: 17.6 sec Urls: 599 Fingerprints: 40401
1527. ######################################################################################################################################
1528. HTTP/1.1 404 Not Found
1529. Content-Length: 315
1530. Content-Type: text/html; charset=us-ascii
1531. Server: Microsoft-HTTPAPI/2.0
1532. Date: Thu, 31 Jan 2019 23:11:41 GMT
1533. Connection: close
1534.  
1535. HTTP/1.1 404 Not Found
1536. Content-Length: 315
1537. Content-Type: text/html; charset=us-ascii
1538. Server: Microsoft-HTTPAPI/2.0
1539. Date: Thu, 31 Jan 2019 23:11:42 GMT
1540. Connection: close
1541. #######################################################################################################################################
1542. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:11 EST
1543. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1544. Host is up (0.12s latency).
1545.  
1546. PORT STATE SERVICE VERSION
1547. 123/udp open ntp NTP v3
1548. | ntp-info:
1549. |_ receive time stamp: 2019-01-31T23:12:21
1550. Too many fingerprints match this host to give specific OS details
1551. Network Distance: 10 hops
1552.  
1553. TRACEROUTE (using port 123/udp)
1554. HOP RTT ADDRESS
1555. 1 23.99 ms 10.246.200.1
1556. 2 24.28 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1557. 3 45.03 ms 37.120.128.168
1558. 4 24.27 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1559. 5 24.97 ms 62.115.162.41
1560. 6 106.98 ms nyk-bb4-link.telia.net (62.115.134.52)
1561. 7 107.06 ms ldn-bb4-link.telia.net (62.115.136.184)
1562. 8 108.93 ms adm-bb4-link.telia.net (62.115.134.26)
1563. 9 ...
1564. 10 107.06 ms 45.32.187.95.vultr.com (45.32.187.95)
1565. #######################################################################################################################################
1566. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:14 EST
1567. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1568. Host is up (0.11s latency).
1569.  
1570. PORT STATE SERVICE VERSION
1571. 135/tcp open msrpc Microsoft Windows RPC
1572. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1573. Device type: general purpose
1574. Running (JUST GUESSING): Microsoft Windows 2012 (88%)
1575. OS CPE: cpe:/o:microsoft:windows_server_2012:r2
1576. Aggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 R2 (88%), Microsoft Windows Server 2012 (86%)
1577. No exact OS matches for host (test conditions non-ideal).
1578. Network Distance: 10 hops
1579. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1580.  
1581. TRACEROUTE (using port 443/tcp)
1582. HOP RTT ADDRESS
1583. 1 22.57 ms 10.246.200.1
1584. 2 23.76 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1585. 3 24.01 ms 37.120.128.168
1586. 4 22.97 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1587. 5 22.96 ms 62.115.162.41
1588. 6 105.28 ms nyk-bb4-link.telia.net (62.115.134.52)
1589. 7 107.83 ms ldn-bb4-link.telia.net (62.115.112.245)
1590. 8 107.87 ms adm-bb4-link.telia.net (62.115.134.26)
1591. 9 ...
1592. 10 106.65 ms 45.32.187.95.vultr.com (45.32.187.95)
1593. #######################################################################################################################################
1594. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:15 EST
1595. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1596. Host is up (0.11s latency).
1597.  
1598. PORT STATE SERVICE VERSION
1599. 161/tcp filtered snmp
1600. 161/udp open|filtered snmp
1601. Too many fingerprints match this host to give specific OS details
1602. Network Distance: 10 hops
1603.  
1604. TRACEROUTE (using proto 1/icmp)
1605. HOP RTT ADDRESS
1606. 1 21.41 ms 10.246.200.1
1607. 2 45.12 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1608. 3 41.12 ms 37.120.128.168
1609. 4 21.74 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1610. 5 21.77 ms 62.115.162.41
1611. 6 ...
1612. 7 112.77 ms ldn-bb4-link.telia.net (62.115.112.245)
1613. 8 106.42 ms adm-bb4-link.telia.net (62.115.134.26)
1614. 9 ...
1615. 10 105.65 ms 45.32.187.95.vultr.com (45.32.187.95)
1616. #######################################################################################################################################
1617. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:17 EST
1618. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1619. Host is up (0.11s latency).
1620.  
1621. PORT STATE SERVICE VERSION
1622. 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: sube.toygur.com, Site: Default-First-Site-Name)
1623. | ldap-rootdse:
1624. | LDAP Results
1625. | <ROOT>
1626. | currentTime: 20190131232112.0Z
1627. | subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1628. | dsServiceName: CN=NTDS Settings,CN=WINDOWS-VULTR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sube,DC=toygur,DC=com
1629. | namingContexts: DC=sube,DC=toygur,DC=com
1630. | namingContexts: CN=Configuration,DC=sube,DC=toygur,DC=com
1631. | namingContexts: CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1632. | namingContexts: DC=DomainDnsZones,DC=sube,DC=toygur,DC=com
1633. | namingContexts: DC=ForestDnsZones,DC=sube,DC=toygur,DC=com
1634. | defaultNamingContext: DC=sube,DC=toygur,DC=com
1635. | schemaNamingContext: CN=Schema,CN=Configuration,DC=sube,DC=toygur,DC=com
1636. | configurationNamingContext: CN=Configuration,DC=sube,DC=toygur,DC=com
1637. | rootDomainNamingContext: DC=sube,DC=toygur,DC=com
1638. | supportedControl: 1.2.840.113556.1.4.319
1639. | supportedControl: 1.2.840.113556.1.4.801
1640. | supportedControl: 1.2.840.113556.1.4.473
1641. | supportedControl: 1.2.840.113556.1.4.528
1642. | supportedControl: 1.2.840.113556.1.4.417
1643. | supportedControl: 1.2.840.113556.1.4.619
1644. | supportedControl: 1.2.840.113556.1.4.841
1645. | supportedControl: 1.2.840.113556.1.4.529
1646. | supportedControl: 1.2.840.113556.1.4.805
1647. | supportedControl: 1.2.840.113556.1.4.521
1648. | supportedControl: 1.2.840.113556.1.4.970
1649. | supportedControl: 1.2.840.113556.1.4.1338
1650. | supportedControl: 1.2.840.113556.1.4.474
1651. | supportedControl: 1.2.840.113556.1.4.1339
1652. | supportedControl: 1.2.840.113556.1.4.1340
1653. | supportedControl: 1.2.840.113556.1.4.1413
1654. | supportedControl: 2.16.840.1.113730.3.4.9
1655. | supportedControl: 2.16.840.1.113730.3.4.10
1656. | supportedControl: 1.2.840.113556.1.4.1504
1657. | supportedControl: 1.2.840.113556.1.4.1852
1658. | supportedControl: 1.2.840.113556.1.4.802
1659. | supportedControl: 1.2.840.113556.1.4.1907
1660. | supportedControl: 1.2.840.113556.1.4.1948
1661. | supportedControl: 1.2.840.113556.1.4.1974
1662. | supportedControl: 1.2.840.113556.1.4.1341
1663. | supportedControl: 1.2.840.113556.1.4.2026
1664. | supportedControl: 1.2.840.113556.1.4.2064
1665. | supportedControl: 1.2.840.113556.1.4.2065
1666. | supportedControl: 1.2.840.113556.1.4.2066
1667. | supportedControl: 1.2.840.113556.1.4.2090
1668. | supportedControl: 1.2.840.113556.1.4.2205
1669. | supportedControl: 1.2.840.113556.1.4.2204
1670. | supportedControl: 1.2.840.113556.1.4.2206
1671. | supportedControl: 1.2.840.113556.1.4.2211
1672. | supportedControl: 1.2.840.113556.1.4.2239
1673. | supportedControl: 1.2.840.113556.1.4.2255
1674. | supportedControl: 1.2.840.113556.1.4.2256
1675. | supportedLDAPVersion: 3
1676. | supportedLDAPVersion: 2
1677. | supportedLDAPPolicies: MaxPoolThreads
1678. | supportedLDAPPolicies: MaxPercentDirSyncRequests
1679. | supportedLDAPPolicies: MaxDatagramRecv
1680. | supportedLDAPPolicies: MaxReceiveBuffer
1681. | supportedLDAPPolicies: InitRecvTimeout
1682. | supportedLDAPPolicies: MaxConnections
1683. | supportedLDAPPolicies: MaxConnIdleTime
1684. | supportedLDAPPolicies: MaxPageSize
1685. | supportedLDAPPolicies: MaxBatchReturnMessages
1686. | supportedLDAPPolicies: MaxQueryDuration
1687. | supportedLDAPPolicies: MaxTempTableSize
1688. | supportedLDAPPolicies: MaxResultSetSize
1689. | supportedLDAPPolicies: MinResultSets
1690. | supportedLDAPPolicies: MaxResultSetsPerConn
1691. | supportedLDAPPolicies: MaxNotificationPerConn
1692. | supportedLDAPPolicies: MaxValRange
1693. | supportedLDAPPolicies: MaxValRangeTransitive
1694. | supportedLDAPPolicies: ThreadMemoryLimit
1695. | supportedLDAPPolicies: SystemMemoryLimitPercent
1696. | highestCommittedUSN: 12831025
1697. | supportedSASLMechanisms: GSSAPI
1698. | supportedSASLMechanisms: GSS-SPNEGO
1699. | supportedSASLMechanisms: EXTERNAL
1700. | supportedSASLMechanisms: DIGEST-MD5
1701. | dnsHostName: windows-vultr.sube.toygur.com
1702. | ldapServiceName: sube.toygur.com:windows-vultr$@SUBE.TOYGUR.COM
1703. | serverName: CN=WINDOWS-VULTR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sube,DC=toygur,DC=com
1704. | supportedCapabilities: 1.2.840.113556.1.4.800
1705. | supportedCapabilities: 1.2.840.113556.1.4.1670
1706. | supportedCapabilities: 1.2.840.113556.1.4.1791
1707. | supportedCapabilities: 1.2.840.113556.1.4.1935
1708. | supportedCapabilities: 1.2.840.113556.1.4.2080
1709. | supportedCapabilities: 1.2.840.113556.1.4.2237
1710. | isSynchronized: TRUE
1711. | isGlobalCatalogReady: TRUE
1712. | domainFunctionality: 6
1713. | forestFunctionality: 6
1714. |_ domainControllerFunctionality: 6
1715. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1716. Device type: general purpose
1717. Running (JUST GUESSING): Microsoft Windows 2012 (89%)
1718. OS CPE: cpe:/o:microsoft:windows_server_2012:r2
1719. Aggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (89%), Microsoft Windows Server 2012 R2 (89%), Microsoft Windows Server 2012 (87%)
1720. No exact OS matches for host (test conditions non-ideal).
1721. Network Distance: 10 hops
1722. Service Info: Host: WINDOWS-VULTR; OS: Windows 2012 R2; CPE: cpe:/o:microsoft:windows
1723.  
1724. TRACEROUTE (using port 389/tcp)
1725. HOP RTT ADDRESS
1726. 1 22.75 ms 10.246.200.1
1727. 2 23.98 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1728. 3 29.97 ms 37.120.128.168
1729. 4 23.97 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1730. 5 24.00 ms 62.115.162.41
1731. 6 106.04 ms nyk-bb4-link.telia.net (62.115.134.52)
1732. 7 105.63 ms ldn-bb4-link.telia.net (62.115.136.184)
1733. 8 106.07 ms adm-bb4-link.telia.net (62.115.134.26)
1734. 9 ...
1735. 10 114.12 ms 45.32.187.95.vultr.com (45.32.187.95)
1736. #######################################################################################################################################
1737. Version: 1.11.12-static
1738. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1739.  
1740. Connected to 45.32.187.95
1741.  
1742. Testing SSL server 45.32.187.95 on port 443 using SNI name 45.32.187.95
1743.  
1744. TLS Fallback SCSV:
1745. Server does not support TLS Fallback SCSV
1746.  
1747. TLS renegotiation:
1748. Session renegotiation not supported
1749.  
1750. TLS Compression:
1751. Compression disabled
1752.  
1753. Heartbleed:
1754. TLS 1.2 not vulnerable to heartbleed
1755. TLS 1.1 not vulnerable to heartbleed
1756. TLS 1.0 not vulnerable to heartbleed
1757.  
1758. Supported Server Cipher(s):
1759. #######################################################################################################################################
1760. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:21 EST
1761. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1762. Host is up (0.11s latency).
1763.  
1764. PORT STATE SERVICE VERSION
1765. 3389/tcp open ms-wbt-server Microsoft Terminal Service
1766. | rdp-enum-encryption:
1767. | Security layer
1768. | CredSSP: SUCCESS
1769. | Native RDP: SUCCESS
1770. | SSL: SUCCESS
1771. | RDP Encryption level: Unknown
1772. |_ 128-bit RC4: SUCCESS
1773. |_rdp-vuln-ms12-020: ERROR: Script execution failed (use -d to debug)
1774. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1775. OS fingerprint not ideal because: Timing level 5 (Insane) used
1776. No OS matches for host
1777. Network Distance: 10 hops
1778. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1779.  
1780. TRACEROUTE (using port 3389/tcp)
1781. HOP RTT ADDRESS
1782. 1 27.40 ms 10.246.200.1
1783. 2 52.96 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1784. 3 29.16 ms 37.120.128.168
1785. 4 27.42 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1786. 5 27.43 ms 62.115.162.41
1787. 6 112.43 ms nyk-bb3-link.telia.net (62.115.137.142)
1788. 7 110.11 ms ldn-bb4-link.telia.net (62.115.136.184)
1789. 8 110.12 ms adm-bb4-link.telia.net (62.115.134.26)
1790. 9 ...
1791. 10 110.11 ms 45.32.187.95.vultr.com (45.32.187.95)
1792. #######################################################################################################################################
1793. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:27 EST
1794. NSE: Loaded 148 scripts for scanning.
1795. NSE: Script Pre-scanning.
1796. NSE: Starting runlevel 1 (of 2) scan.
1797. Initiating NSE at 18:27
1798. Completed NSE at 18:27, 0.00s elapsed
1799. NSE: Starting runlevel 2 (of 2) scan.
1800. Initiating NSE at 18:27
1801. Completed NSE at 18:27, 0.00s elapsed
1802. Initiating Ping Scan at 18:27
1803. Scanning 45.32.187.95 [4 ports]
1804. Completed Ping Scan at 18:27, 0.15s elapsed (1 total hosts)
1805. Initiating Parallel DNS resolution of 1 host. at 18:27
1806. Completed Parallel DNS resolution of 1 host. at 18:27, 0.03s elapsed
1807. Initiating Connect Scan at 18:27
1808. Scanning 45.32.187.95.vultr.com (45.32.187.95) [1000 ports]
1809. Discovered open port 80/tcp on 45.32.187.95
1810. Discovered open port 443/tcp on 45.32.187.95
1811. Discovered open port 135/tcp on 45.32.187.95
1812. Discovered open port 53/tcp on 45.32.187.95
1813. Discovered open port 21/tcp on 45.32.187.95
1814. Discovered open port 3389/tcp on 45.32.187.95
1815. Discovered open port 389/tcp on 45.32.187.95
1816. Discovered open port 49163/tcp on 45.32.187.95
1817. Discovered open port 9418/tcp on 45.32.187.95
1818. Discovered open port 9595/tcp on 45.32.187.95
1819. Discovered open port 49155/tcp on 45.32.187.95
1820. Discovered open port 515/tcp on 45.32.187.95
1821. Discovered open port 49158/tcp on 45.32.187.95
1822. Discovered open port 464/tcp on 45.32.187.95
1823. Discovered open port 49154/tcp on 45.32.187.95
1824. Discovered open port 593/tcp on 45.32.187.95
1825. Discovered open port 636/tcp on 45.32.187.95
1826. Discovered open port 49157/tcp on 45.32.187.95
1827. Discovered open port 88/tcp on 45.32.187.95
1828. Discovered open port 3268/tcp on 45.32.187.95
1829. Discovered open port 3269/tcp on 45.32.187.95
1830. Discovered open port 9415/tcp on 45.32.187.95
1831. Completed Connect Scan at 18:27, 7.23s elapsed (1000 total ports)
1832. Initiating Service scan at 18:27
1833. Scanning 22 services on 45.32.187.95.vultr.com (45.32.187.95)
1834. Completed Service scan at 18:29, 139.47s elapsed (22 services on 1 host)
1835. Initiating OS detection (try #1) against 45.32.187.95.vultr.com (45.32.187.95)
1836. adjust_timeouts2: packet supposedly had rtt of -952749 microseconds. Ignoring time.
1837. adjust_timeouts2: packet supposedly had rtt of -952749 microseconds. Ignoring time.
1838. adjust_timeouts2: packet supposedly had rtt of -626776 microseconds. Ignoring time.
1839. adjust_timeouts2: packet supposedly had rtt of -626776 microseconds. Ignoring time.
1840. Retrying OS detection (try #2) against 45.32.187.95.vultr.com (45.32.187.95)
1841. adjust_timeouts2: packet supposedly had rtt of -65013 microseconds. Ignoring time.
1842. adjust_timeouts2: packet supposedly had rtt of -65013 microseconds. Ignoring time.
1843. Initiating Traceroute at 18:29
1844. Completed Traceroute at 18:29, 3.03s elapsed
1845. Initiating Parallel DNS resolution of 9 hosts. at 18:29
1846. Completed Parallel DNS resolution of 9 hosts. at 18:30, 16.50s elapsed
1847. NSE: Script scanning 45.32.187.95.
1848. NSE: Starting runlevel 1 (of 2) scan.
1849. Initiating NSE at 18:30
1850. NSE Timing: About 99.77% done; ETC: 18:30 (0:00:00 remaining)
1851. NSE Timing: About 99.80% done; ETC: 18:31 (0:00:00 remaining)
1852. NSE Timing: About 99.83% done; ETC: 18:31 (0:00:00 remaining)
1853. NSE Timing: About 99.87% done; ETC: 18:32 (0:00:00 remaining)
1854. NSE Timing: About 99.90% done; ETC: 18:32 (0:00:00 remaining)
1855. NSE Timing: About 99.93% done; ETC: 18:33 (0:00:00 remaining)
1856. NSE Timing: About 99.97% done; ETC: 18:33 (0:00:00 remaining)
1857. Completed NSE at 18:33, 222.32s elapsed
1858. NSE: Starting runlevel 2 (of 2) scan.
1859. Initiating NSE at 18:33
1860. Completed NSE at 18:33, 1.13s elapsed
1861. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
1862. Host is up, received syn-ack ttl 116 (0.11s latency).
1863. Scanned at 2019-01-31 18:27:15 EST for 395s
1864. Not shown: 975 filtered ports
1865. Reason: 975 no-responses
1866. PORT STATE SERVICE REASON VERSION
1867. 21/tcp open ftp syn-ack Microsoft ftpd
1868. | ftp-syst:
1869. |_ SYST: Windows_NT
1870. |_ssl-date: 2019-01-31T23:30:12+00:00; 0s from scanner time.
1871. 25/tcp closed smtp conn-refused
1872. 53/tcp open domain? syn-ack
1873. | fingerprint-strings:
1874. | DNSVersionBindReqTCP:
1875. | version
1876. |_ bind
1877. 80/tcp open http syn-ack Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1878. |_http-server-header: Microsoft-HTTPAPI/2.0
1879. |_http-title: Not Found
1880. 88/tcp open kerberos-sec syn-ack Microsoft Windows Kerberos (server time: 2019-01-31 23:27:29Z)
1881. 135/tcp open msrpc syn-ack Microsoft Windows RPC
1882. 139/tcp closed netbios-ssn conn-refused
1883. 389/tcp open ldap syn-ack Microsoft Windows Active Directory LDAP (Domain: sube.toygur.com, Site: Default-First-Site-Name)
1884. 443/tcp open ssl/https? syn-ack
1885. |_ssl-date: 2019-01-31T23:30:11+00:00; 0s from scanner time.
1886. 445/tcp closed microsoft-ds conn-refused
1887. 464/tcp open kpasswd5? syn-ack
1888. 515/tcp open printer syn-ack Microsoft lpd
1889. 593/tcp open ncacn_http syn-ack Microsoft Windows RPC over HTTP 1.0
1890. 636/tcp open tcpwrapped syn-ack
1891. 3268/tcp open ldap syn-ack Microsoft Windows Active Directory LDAP (Domain: sube.toygur.com, Site: Default-First-Site-Name)
1892. 3269/tcp open tcpwrapped syn-ack
1893. 3389/tcp open ms-wbt-server syn-ack Microsoft Terminal Service
1894. | ssl-cert: Subject: commonName=windows-vultr.sube.toygur.com
1895. | Issuer: commonName=windows-vultr.sube.toygur.com
1896. | Public Key type: rsa
1897. | Public Key bits: 2048
1898. | Signature Algorithm: sha256WithRSAEncryption
1899. | Not valid before: 2018-12-01T21:11:42
1900. | Not valid after: 2019-06-02T21:11:42
1901. | MD5: da67 6313 5569 dc13 8227 11c0 b651 7432
1902. | SHA-1: 5130 7168 1367 9a89 6460 4d9d 5769 76e0 8208 4104
1903. | -----BEGIN CERTIFICATE-----
1904. | MIIC/jCCAeagAwIBAgIQYLFKlc1asohPjm0X28NJdDANBgkqhkiG9w0BAQsFADAo
1905. | MSYwJAYDVQQDEx13aW5kb3dzLXZ1bHRyLnN1YmUudG95Z3VyLmNvbTAeFw0xODEy
1906. | MDEyMTExNDJaFw0xOTA2MDIyMTExNDJaMCgxJjAkBgNVBAMTHXdpbmRvd3MtdnVs
1907. | dHIuc3ViZS50b3lndXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
1908. | AQEAsdxiq8qSO1fLnZxH+05bS6jn2bjiS3e1N99tW20d6T8YVe7a/qtBxJFCCkAo
1909. | oo9FRGFcS4rXxeFmb1iH23McmA+6Vthn7x5DXoxp3POBexXbv3mGQ52EvCswRvbg
1910. | iS2P1V6RWfOJLkqrYRz1RZd+F7HH3MQizDG9m9iJf1dzHSouxanX6Rku1cIYjccW
1911. | jcvLzs2WdFp1qvVp9H8R8XNaP9BjUiZNKkacaLzXVXsRdF/EaMsSWWBypevN8qqK
1912. | Wr/NOeTfoMPEGOFCkwta3xMUMpE1nq51L7Hc/4+JNKJ9AHWt7MWRU1pgkUbXrUgl
1913. | AY0CclrNAZoUDbc1SlBetUOQmQIDAQABoyQwIjATBgNVHSUEDDAKBggrBgEFBQcD
1914. | ATALBgNVHQ8EBAMCBDAwDQYJKoZIhvcNAQELBQADggEBADenv40725hwljEZffv4
1915. | IL8+7e+kTe2MRSAjfaOgGi16LFFu72g8kHLVsc2eOQ4lnZfPTuXWVSuBlmQeFUyv
1916. | YCYrHWY/fC4HsaYQXepMTDStr7YPA6uw5e166vVgeX4UHa9A1QFeLercoTHj75cS
1917. | pj5jtpvmIA+suILO/UruvhjiC+pjyq4w8c2M+yXU9p4sYgqGXeYDS72n6ew0xl0i
1918. | q57I9Nqdnxa5H7aQIvVK3TicIiZRc8HGYSsmAKHqZL9HktN/lvOI1iNcpO1SBTI4
1919. | AJU9wrdQZGb0XEx0pShZgOKiWTdPn0vrR6hXhkEuSPWy4WYcKvPkamsd98p2bNVZ
1920. | wdk=
1921. |_-----END CERTIFICATE-----
1922. 9415/tcp open http syn-ack Microsoft IIS httpd 8.5
1923. |_http-favicon: Unknown favicon MD5: 4859E39AE6C0F1F428F2126A6BB32BD9
1924. | http-methods:
1925. |_ Supported Methods: GET HEAD POST OPTIONS
1926. |_http-server-header: Microsoft-IIS/8.5
1927. |_http-title: Home Page
1928. 9418/tcp open http syn-ack Microsoft IIS httpd 8.5
1929. |_http-favicon: Unknown favicon MD5: 4859E39AE6C0F1F428F2126A6BB32BD9
1930. | http-methods:
1931. |_ Supported Methods: GET HEAD POST OPTIONS
1932. |_http-server-header: Microsoft-IIS/8.5
1933. |_http-title: Home Page
1934. 9595/tcp open http syn-ack Microsoft IIS httpd 8.5
1935. |_http-favicon: Unknown favicon MD5: 4859E39AE6C0F1F428F2126A6BB32BD9
1936. | http-methods:
1937. |_ Supported Methods: GET HEAD POST OPTIONS
1938. |_http-server-header: Microsoft-IIS/8.5
1939. |_http-title: Home Page - My ASP.NET Application
1940. 49154/tcp open msrpc syn-ack Microsoft Windows RPC
1941. 49155/tcp open msrpc syn-ack Microsoft Windows RPC
1942. 49157/tcp open ncacn_http syn-ack Microsoft Windows RPC over HTTP 1.0
1943. 49158/tcp open msrpc syn-ack Microsoft Windows RPC
1944. 49163/tcp open msrpc syn-ack Microsoft Windows RPC
1945. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
1946. SF-Port53-TCP:V=7.70%I=7%D=1/31%Time=5C538466%P=x86_64-pc-linux-gnu%r(DNSV
1947. SF:ersionBindReqTCP,20,"\0\x1e\0\x06\x81\x04\0\x01\0\0\0\0\0\0\x07version\
1948. SF:x04bind\0\0\x10\0\x03");
1949. Device type: general purpose|storage-misc|WAP|router
1950. Running (JUST GUESSING): Linux 2.6.X|2.4.X (90%), HP embedded (89%), MikroTik RouterOS 6.X (86%)
1951. OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:mikrotik:routeros:6.15
1952. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
1953. Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (90%), HP P2000 G3 NAS device (89%), Tomato 1.27 - 1.28 (Linux 2.4.20) (86%), MikroTik RouterOS 6.15 (Linux 3.3.5) (86%)
1954. No exact OS matches for host (test conditions non-ideal).
1955. TCP/IP fingerprint:
1956. SCAN(V=7.70%E=4%D=1/31%OT=21%CT=25%CU=%PV=N%DS=10%DC=T%G=N%TM=5C5385DE%P=x86_64-pc-linux-gnu)
1957. SEQ(CI=Z%TS=7)
1958. SEQ(SP=107%GCD=1%ISR=10E%CI=RI%TS=7)
1959. OPS(O1=M4B3NW8ST11%O2=M4B3NW8ST11%O3=M4B3NW8NNT11%O4=M4B3NW8ST11%O5=M4B3NW8ST11%O6=M4B3ST11)
1960. WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
1961. ECN(R=Y%DF=Y%TG=80%W=2000%O=M4B3NW8NNS%CC=Y%Q=)
1962. T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
1963. T2(R=N)
1964. T2(R=Y%DF=Y%TG=80%W=2000%S=O%A=O%F=AS%O=M4B3NW8ST11%RD=0%Q=)
1965. T3(R=N)
1966. T4(R=N)
1967. T4(R=Y%DF=Y%TG=80%W=2000%S=O%A=O%F=AS%O=M4B3NW8ST11%RD=0%Q=)
1968. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
1969. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
1970. T7(R=N)
1971. U1(R=N)
1972. IE(R=N)
1973.  
1974. Uptime guess: 58.274 days (since Tue Dec 4 11:58:39 2018)
1975. Network Distance: 10 hops
1976. TCP Sequence Prediction: Difficulty=263 (Good luck!)
1977. IP ID Sequence Generation: Busy server or unknown class
1978. Service Info: Host: WINDOWS-VULTR; OS: Windows; CPE: cpe:/o:microsoft:windows
1979.  
1980. Host script results:
1981. |_clock-skew: mean: 0s, deviation: 0s, median: 0s
1982.  
1983. TRACEROUTE (using proto 1/icmp)
1984. HOP RTT ADDRESS
1985. 1 23.26 ms 10.246.200.1
1986. 2 23.68 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1987. 3 42.56 ms 37.120.128.168
1988. 4 23.69 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1989. 5 23.69 ms 62.115.162.41
1990. 6 113.51 ms nyk-bb3-link.telia.net (62.115.137.142)
1991. 7 108.67 ms ldn-bb4-link.telia.net (62.115.112.245)
1992. 8 108.65 ms adm-bb4-link.telia.net (62.115.134.26)
1993. 9 ...
1994. 10 107.67 ms 45.32.187.95.vultr.com (45.32.187.95)
1995.  
1996. NSE: Script Post-scanning.
1997. NSE: Starting runlevel 1 (of 2) scan.
1998. Initiating NSE at 18:33
1999. Completed NSE at 18:33, 0.00s elapsed
2000. NSE: Starting runlevel 2 (of 2) scan.
2001. Initiating NSE at 18:33
2002. Completed NSE at 18:33, 0.00s elapsed
2003. Read data files from: /usr/bin/../share/nmap
2004. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2005. Nmap done: 1 IP address (1 host up) scanned in 395.54 seconds
2006. Raw packets sent: 107 (9.280KB) | Rcvd: 3048 (1.829MB)
2007. #######################################################################################################################################
2008. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-31 18:33 EST
2009. NSE: Loaded 148 scripts for scanning.
2010. NSE: Script Pre-scanning.
2011. Initiating NSE at 18:33
2012. Completed NSE at 18:33, 0.00s elapsed
2013. Initiating NSE at 18:33
2014. Completed NSE at 18:33, 0.00s elapsed
2015. Initiating Parallel DNS resolution of 1 host. at 18:33
2016. Completed Parallel DNS resolution of 1 host. at 18:33, 0.02s elapsed
2017. Initiating UDP Scan at 18:33
2018. Scanning 45.32.187.95.vultr.com (45.32.187.95) [14 ports]
2019. Discovered open port 123/udp on 45.32.187.95
2020. Discovered open port 53/udp on 45.32.187.95
2021. Completed UDP Scan at 18:33, 1.38s elapsed (14 total ports)
2022. Initiating Service scan at 18:33
2023. Scanning 12 services on 45.32.187.95.vultr.com (45.32.187.95)
2024. Discovered open port 88/udp on 45.32.187.95
2025. Discovered open|filtered port 88/udp on 45.32.187.95.vultr.com (45.32.187.95) is actually open
2026. Service scan Timing: About 25.00% done; ETC: 18:40 (0:04:54 remaining)
2027. Completed Service scan at 18:35, 102.58s elapsed (12 services on 1 host)
2028. Initiating OS detection (try #1) against 45.32.187.95.vultr.com (45.32.187.95)
2029. Retrying OS detection (try #2) against 45.32.187.95.vultr.com (45.32.187.95)
2030. Initiating Traceroute at 18:35
2031. Completed Traceroute at 18:35, 7.09s elapsed
2032. Initiating Parallel DNS resolution of 1 host. at 18:35
2033. Completed Parallel DNS resolution of 1 host. at 18:35, 0.02s elapsed
2034. NSE: Script scanning 45.32.187.95.
2035. Initiating NSE at 18:35
2036. Completed NSE at 18:36, 16.42s elapsed
2037. Initiating NSE at 18:36
2038. Completed NSE at 18:36, 1.02s elapsed
2039. Nmap scan report for 45.32.187.95.vultr.com (45.32.187.95)
2040. Host is up (0.058s latency).
2041.  
2042. PORT STATE SERVICE VERSION
2043. 53/udp open domain?
2044. | fingerprint-strings:
2045. | DNS-SD:
2046. | _services
2047. | _dns-sd
2048. | _udp
2049. | local
2050. | root-servers
2051. | root-servers
2052. | root-servers
2053. | root-servers
2054. | root-servers
2055. | root-servers
2056. | root-servers
2057. | root-servers
2058. | root-servers
2059. | root-servers
2060. | root-servers
2061. | root-servers
2062. | root-servers
2063. | NBTStat:
2064. | CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
2065. | root-servers
2066. | root-servers
2067. | root-servers
2068. | root-servers
2069. | root-servers
2070. | root-servers
2071. | root-servers
2072. | root-servers
2073. | root-servers
2074. | root-servers
2075. | root-servers
2076. | root-servers
2077. |_ root-servers
2078. 67/udp open|filtered dhcps
2079. 68/udp open|filtered dhcpc
2080. 69/udp open|filtered tftp
2081. 88/udp open kerberos-sec Microsoft Windows Kerberos (server time: 2019-01-31 23:33:57Z)
2082. 123/udp open ntp NTP v3
2083. | ntp-info:
2084. |_ receive time stamp: 2019-01-31T23:36:00
2085. 137/udp filtered netbios-ns
2086. 138/udp filtered netbios-dgm
2087. 139/udp open|filtered netbios-ssn
2088. 161/udp open|filtered snmp
2089. 162/udp open|filtered snmptrap
2090. 389/udp open|filtered ldap
2091. 520/udp open|filtered route
2092. 2049/udp open|filtered nfs
2093. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
2094. SF-Port53-UDP:V=7.70%I=7%D=1/31%Time=5C5385F4%P=x86_64-pc-linux-gnu%r(NBTS
2095. SF:tat,1ED,"\x80\xf0\x80\0\0\x01\0\0\0\r\0\x01\x20CKAAAAAAAAAAAAAAAAAAAAAA
2096. SF:AAAAAAAA\0\0!\0\x01\0\0\x02\0\x01\0\0\x0e\x10\0\x14\x01i\x0croot-server
2097. SF:s\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01k\x0croot-servers\x03n
2098. SF:et\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01c\x0croot-servers\x03net\0\x
2099. SF:c02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01b\x0croot-servers\x03net\0\xc02\0\
2100. SF:x02\0\x01\0\0\x0e\x10\0\x14\x01m\x0croot-servers\x03net\0\xc02\0\x02\0\
2101. SF:x01\0\0\x0e\x10\0\x14\x01a\x0croot-servers\x03net\0\xc02\0\x02\0\x01\0\
2102. SF:0\x0e\x10\0\x14\x01d\x0croot-servers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\
2103. SF:x10\0\x14\x01h\x0croot-servers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\
2104. SF:x14\x01f\x0croot-servers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x0
2105. SF:1j\x0croot-servers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01l\x0c
2106. SF:root-servers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01e\x0croot-s
2107. SF:ervers\x03net\0\xc02\0\x02\0\x01\0\0\x0e\x10\0\x14\x01g\x0croot-servers
2108. SF:\x03net\0\xc0=\0\x1c\0\x01\0\0\x0e\x10\0\x10\x20\x01\x07\xfe\0\0\0\0\0\
2109. SF:0\0\0\0\0\0S")%r(DNS-SD,1E9,"\0\0\x80\0\0\x01\0\0\0\r\0\x01\t_services\
2110. SF:x07_dns-sd\x04_udp\x05local\0\0\x0c\0\x01\0\0\x02\0\x01\0\0\x0e\x10\0\x
2111. SF:14\x01k\x0croot-servers\x03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x0
2112. SF:1c\x0croot-servers\x03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01b\x0
2113. SF:croot-servers\x03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01m\x0croot
2114. SF:-servers\x03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01a\x0croot-serv
2115. SF:ers\x03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01d\x0croot-servers\x
2116. SF:03net\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01h\x0croot-servers\x03net
2117. SF:\0\xc0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01f\x0croot-servers\x03net\0\xc
2118. SF:0\.\0\x02\0\x01\0\0\x0e\x10\0\x14\x01j\x0croot-servers\x03net\0\xc0\.\0
2119. SF:\x02\0\x01\0\0\x0e\x10\0\x14\x01l\x0croot-servers\x03net\0\xc0\.\0\x02\
2120. SF:0\x01\0\0\x0e\x10\0\x14\x01e\x0croot-servers\x03net\0\xc0\.\0\x02\0\x01
2121. SF:\0\0\x0e\x10\0\x14\x01g\x0croot-servers\x03net\0\xc0\.\0\x02\0\x01\0\0\
2122. SF:x0e\x10\0\x14\x01i\x0croot-servers\x03net\0\xc09\0\x1c\0\x01\0\0\x0e\x1
2123. SF:0\0\x10\x20\x01\x07\xfd\0\0\0\0\0\0\0\0\0\0\0\x01");
2124. Too many fingerprints match this host to give specific OS details
2125. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2126.  
2127. Host script results:
2128. |_clock-skew: mean: 13s, deviation: 0s, median: 13s
2129.  
2130. TRACEROUTE (using port 137/udp)
2131. HOP RTT ADDRESS
2132. 1 26.89 ms 10.246.200.1
2133. 2 ... 3
2134. 4 23.46 ms 10.246.200.1
2135. 5 27.23 ms 10.246.200.1
2136. 6 27.11 ms 10.246.200.1
2137. 7 27.11 ms 10.246.200.1
2138. 8 27.11 ms 10.246.200.1
2139. 9 27.12 ms 10.246.200.1
2140. 10 27.13 ms 10.246.200.1
2141. 11 ... 18
2142. 19 25.62 ms 10.246.200.1
2143. 20 27.06 ms 10.246.200.1
2144. 21 ... 28
2145. 29 24.32 ms 10.246.200.1
2146. 30 22.51 ms 10.246.200.1
2147.  
2148. NSE: Script Post-scanning.
2149. Initiating NSE at 18:36
2150. Completed NSE at 18:36, 0.00s elapsed
2151. Initiating NSE at 18:36
2152. Completed NSE at 18:36, 0.00s elapsed
2153. Read data files from: /usr/bin/../share/nmap
2154. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2155. Nmap done: 1 IP address (1 host up) scanned in 132.66 seconds
2156. Raw packets sent: 138 (12.352KB) | Rcvd: 2808 (334.023KB)
2157. #######################################################################################################################################
2158. ---------------------------------------------------------------------------------------------------------------------------------------
2159. + Target IP: 45.32.187.95
2160. + Target Hostname: 45.32.187.95
2161. + Target Port: 80
2162. + Start Time: 2019-01-31 17:55:54 (GMT-5)
2163. ---------------------------------------------------------------------------------------------------------------------------------------
2164. + Server: No banner retrieved
2165. + The anti-clickjacking X-Frame-Options header is not present.
2166. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2167. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2168. + No CGI Directories found (use '-C all' to force check all possible dirs)
2169. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_REQ 0
2170. + 7534 requests: 0 error(s) and 4 item(s) reported on remote host
2171. + End Time: 2019-01-31 18:24:25 (GMT-5) (1711 seconds)
2172. ---------------------------------------------------------------------------------------------------------------------------------------
2173. #######################################################################################################################################
2174. ---------------------------------------------------------------------------------------------------------------------------------------
2175. + Target IP: 45.32.187.95
2176. + Target Hostname: www.islahhaber.net
2177. + Target Port: 443
2178. ---------------------------------------------------------------------------------------------------------------------------------------
2179. + SSL Info: Subject: /OU=Domain Control Validated/OU=Provided by ISIMTESCIL BILISIM ANONIM SIRKETI/OU=TrustSafe PRO - DV/CN=www.islahhaber.net
2180. Ciphers: ECDHE-RSA-AES256-SHA384
2181. Issuer: /C=US/ST=CA/L=Irvine/O=FBS Inc/OU=SSL Department/CN=SignSec Certification Authority
2182. + Start Time: 2019-01-31 17:55:39 (GMT-5)
2183. ---------------------------------------------------------------------------------------------------------------------------------------
2184. + Server: Microsoft-IIS/8.5
2185. + Retrieved x-aspnet-version header: 4.0.30319
2186. + The anti-clickjacking X-Frame-Options header is not present.
2187. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
2188. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
2189. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
2190. + Entry '/bloklar/yorum/' in robots.txt returned a non-forbidden or redirect HTTP code (500)
2191. + Entry '/bloklar/anket/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
2192. + Entry '/bloklarmobil/yorum/' in robots.txt returned a non-forbidden or redirect HTTP code (500)
2193. + "robots.txt" contains 17 entries which should be manually viewed.
2194. + ERROR: Error limit (20) reached for host, giving up. Last error: opening stream: can't connect: SSL negotiation failed: at /var/lib/nikto/plugins/LW2.pm line 5157.
2195. at /var/lib/nikto/plugins/LW2.pm line 5157.
2196. ; Connection reset by peer at /var/lib/nikto/plugins/LW2.pm line 5157.
2197. : Connection reset by peer
2198. + Scan terminated: 20 error(s) and 9 item(s) reported on remote host
2199. + End Time: 2019-01-31 17:59:38 (GMT-5) (239 seconds)
2200. ---------------------------------------------------------------------------------------------------------------------------------------
2201. #######################################################################################################################################
2202. Anonymous JTSEC #OpIsis Full Recon #10