Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ######################################################################################################################################
- ======================================================================================================================================
- Hostname sadat.com.tr ISP Aerotek Bilisim Sanayi ve Ticaret AS
- Continent Asia Flag
- TR
- Country Turkey Country Code TR
- Region Istanbul Local time 12 Oct 2019 01:41 +03
- City Istanbul Postal Code 34349
- IP Address 109.232.216.55 Latitude 41.065
- Longitude 29.005
- ======================================================================================================================================
- ######################################################################################################################################
- > sadat.com.tr
- Server: 185.93.180.131
- Address: 185.93.180.131#53
- Non-authoritative answer:
- Name: sadat.com.tr
- Address: 109.232.216.55
- >
- ######################################################################################################################################
- ** Domain Name: sadat.com.tr
- ** Registrant:
- Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Adnan Kahveci Mah. Caner Sok. No:3
- İstanbul,
- Türkiye
- okocdemir@gmail.com
- + 90-212-5261131-
- +
- ** Administrative Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Technical Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Billing Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Domain Servers:
- cpns1.turhost.com
- cpns1.turhost.com
- ** Additional Info:
- Created on..............: 2012-Mar-08.
- Expires on..............: 2023-Mar-07.
- ######################################################################################################################################
- [+] Target : sadat.com.tr
- [+] IP Address : 109.232.216.55
- [+] Headers :
- [+] Connection : close
- [+] X-Powered-By : PHP/5.6.40
- [+] Set-Cookie : 39edc5e562bae2bee28aee62011d903a=ef47155212788d73dd5b8306fa1e7d29; path=/
- [+] P3P : CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
- [+] Content-Type : text/html; charset=utf-8
- [+] Cache-Control : no-cache
- [+] Pragma : no-cache
- [+] Transfer-Encoding : chunked
- [+] Content-Encoding : gzip
- [+] Vary : Accept-Encoding
- [+] Date : Fri, 11 Oct 2019 23:01:10 GMT
- [+] SSL Certificate Information :
- [+] organizationalUnitName : Domain Control Validated
- [+] commonName : *.turhost.com
- [+] countryName : BE
- [+] organizationName : GlobalSign nv-sa
- [+] commonName : AlphaSSL CA - SHA256 - G2
- [+] Version : 3
- [+] Serial Number : 4BAAA2AAB0451CA64E3F82AC
- [+] Not Before : Mar 26 11:31:37 2019 GMT
- [+] Not After : May 16 09:25:22 2021 GMT
- [+] OCSP : ('http://ocsp2.globalsign.com/gsalphasha2g2',)
- [+] subject Alt Name : (('DNS', '*.turhost.com'), ('DNS', 'turhost.com'))
- [+] CA Issuers : ('http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt',)
- [+] CRL Distribution Points : ('http://crl2.alphassl.com/gs/gsalphasha2g2.crl',)
- [+] Whois Lookup :
- [+] NIR : None
- [+] ASN Registry : ripencc
- [+] ASN : 42807
- [+] ASN CIDR : 109.232.216.0/21
- [+] ASN Country Code : TR
- [+] ASN Date : 2009-12-09
- [+] ASN Description : AEROTEK-AS, TR
- [+] cidr : 109.232.216.0/24
- [+] name : TURHOST-NET
- [+] handle : DEY101-RIPE
- [+] range : 109.232.216.0 - 109.232.216.255
- [+] description : Aerotek Bilisim Taahhut Sanayi ve Ticaret Limited Sirketi
- [+] country : TR
- [+] state : None
- [+] city : None
- [+] address : Carsi Yapi F Blok No.6 Sanayi Mh. Pk.41040 Izmit/Kocaeli
- [+] postal_code : None
- [+] emails : None
- [+] created : 2010-01-12T19:49:06Z
- [+] updated : 2012-12-27T17:13:04Z
- [+] Crawling Target...
- [+] Looking for robots.txt........[ Not Found ]
- [+] Looking for sitemap.xml.......[ Not Found ]
- [+] Extracting CSS Links..........[ 5 ]
- [+] Extracting Javascript Links...[ 10 ]
- [+] Extracting Internal Links.....[ 4 ]
- [+] Extracting External Links.....[ 5 ]
- [+] Extracting Images.............[ 16 ]
- [+] Total Links Extracted : 40
- [+] Dumping Links in /opt/FinalRecon/dumps/sadat.com.tr.dump
- [+] Completed!
- ######################################################################################################################################
- [+] Starting At 2019-10-11 19:03:16.740081
- [+] Collecting Information On: http://sadat.com.tr/
- [#] Status: 200
- --------------------------------------------------
- [#] X-Powered-By: PHP/5.6.40
- [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
- - Connection: close
- - X-Powered-By: PHP/5.6.40
- - Set-Cookie: 39edc5e562bae2bee28aee62011d903a=c4558891ce24af66b910b7ae5cabc0ca; path=/
- - P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
- - Content-Type: text/html; charset=utf-8
- - Cache-Control: no-cache
- - Pragma: no-cache
- - Transfer-Encoding: chunked
- - Content-Encoding: gzip
- - Vary: Accept-Encoding
- - Date: Fri, 11 Oct 2019 23:03:17 GMT
- --------------------------------------------------
- [#] Finding Location..!
- [#] as: AS42807 Aerotek Bilisim Sanayi ve Ticaret AS
- [#] city: Kosekoy
- [#] country: Turkey
- [#] countryCode: TR
- [#] isp: Aerotek LTD Network 2
- [#] lat: 40.7488
- [#] lon: 29.948
- [#] org: Aerotek Bilisim Taahhut Sanayi ve Ticaret Limited
- [#] query: 109.232.216.55
- [#] region: 41
- [#] regionName: Kocaeli
- [#] status: success
- [#] timezone: Europe/Istanbul
- [#] zip: 41250
- --------------------------------------------------
- [x] Didn't Detect WAF Presence on: http://sadat.com.tr/
- --------------------------------------------------
- [#] Starting Reverse DNS
- [!] Found 26 any Domain
- - atechdoor.com.tr
- - aylinozturk.net
- - hulyagurdamar.com
- - istanbulikincielesya.org
- - mobil.ruzgarist.com
- - odulklise.com
- - ozdilinsaat.com.tr
- - penspinning-tr.com
- - ruzgarist.com
- - sadat.com.tr
- - sapdersleri.net
- - sapogren.com
- - saprehberi.com
- - ulutas-insaat.com
- - www.amazon.com
- - www.atechdoor.com.tr
- - www.cagritemellisesi.com
- - www.findikyapim.com
- - www.istanbulikincielesya.org
- - www.ozdilinsaat.com.tr
- - www.penspinning-tr.com
- - www.ruzgarist.com
- - www.sadat.com.tr
- - www.sosyalmedyadatakip.com
- - www.turkuazelsanatlari.com
- - www.tysd-fatih.org
- --------------------------------------------------
- [!] Scanning Open Port
- [#] 21/tcp open ftp
- [#] 53/tcp open domain
- [#] 80/tcp open http
- [#] 110/tcp open pop3
- [#] 143/tcp open imap
- [#] 443/tcp open https
- [#] 465/tcp open smtps
- [#] 587/tcp open submission
- [#] 993/tcp open imaps
- [#] 995/tcp open pop3s
- --------------------------------------------------
- [+] Collecting Information Disclosure!
- [#] Detecting sitemap.xml file
- [-] sitemap.xml file not Found!?
- [#] Detecting robots.txt file
- [-] robots.txt file not Found!?
- [#] Detecting GNU Mailman
- [!] GNU Mailman App Detected: http://sadat.com.tr//mailman/admin
- [!] version: 2.1.27
- --------------------------------------------------
- [+] Crawling Url Parameter On: http://sadat.com.tr/
- --------------------------------------------------
- [#] Searching Html Form !
- [+] Html Form Discovered
- [#] action: /
- [#] class: None
- [#] id: searchbox
- [#] method: post
- --------------------------------------------------
- [!] Found 1 dom parameter
- [#] http://sadat.com.tr//#page
- --------------------------------------------------
- [!] 6 Internal Dynamic Parameter Discovered
- [+] http://sadat.com.tr///?format=feed&type=rss
- [+] http://sadat.com.tr///?format=feed&type=atom
- [+] http://sadat.com.tr/component/search/?format=opensearch
- [+] http://sadat.com.tr///cache/template/gzip.php?widgetkit-110aee79-daa17075.css
- [+] http://sadat.com.tr///cache/template/gzip.php?bar-e17a44f3.css
- [+] http://sadat.com.tr///cache/template/gzip.php?template-87a3be7a.css
- --------------------------------------------------
- [!] 1 External Dynamic Parameter Discovered
- [#] http://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:regular,light
- --------------------------------------------------
- [!] 56 Internal links Discovered
- [+] http://sadat.com.tr/
- [+] http://sadat.com.tr/tr/
- [+] http://sadat.com.tr/ar/
- [+] http://sadat.com.tr///templates/tk_office_free/favicon.ico
- [+] http://sadat.com.tr///media/mod_languages/css/template.css
- [+] http://sadat.com.tr///modules/mod_stalker/assets/css/stalker.css
- [+] http://sadat.com.tr///templates/tk_office_free/apple_touch_icon.png
- [+] http://sadat.com.tr///tr/
- [+] http://sadat.com.tr///ar/
- [+] http://sadat.com.tr///
- [+] http://sadat.com.tr
- [+] http://sadat.com.tr///
- [+] http://sadat.com.tr///our-services.html
- [+] http://sadat.com.tr///our-services/consultancy/consultancy-military.html
- [+] http://sadat.com.tr///our-services/consultancy/consultancy-security.html
- [+] http://sadat.com.tr///our-services/training/training-military.html
- [+] http://sadat.com.tr///our-services/training/training-security.html
- [+] http://sadat.com.tr///our-services/ordnance/ordnance-military.html
- [+] http://sadat.com.tr///our-services/ordnance/ordnance-security.html
- [+] http://sadat.com.tr///our-services/ordnance/maintenance-repair.html
- [+] http://sadat.com.tr///our-services/our-training-modules.html
- [+] http://sadat.com.tr///our-services/general-training-modules/individual-combat-trainings-the-small-unit-tactics.html
- [+] http://sadat.com.tr///our-services/general-training-modules/basic-course-for-special-forces.html
- [+] http://sadat.com.tr///our-services/general-training-modules/advanced-course-for-special-forces.html
- [+] http://sadat.com.tr///our-services/general-training-modules/aviation-courses.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/land-operation-training-module.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/sniper-training-module.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/protection-courses-training-module.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/demolition-training-courses.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/unconventional-warfare-gnh-course-training-module.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/advanced-individual-combat-training-course.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/artillery-and-mortar-forward-observation-training-corse.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/tank-hunting-destruction-of-armored-vehicle-non-damaged-seizure-course-training-module.html
- [+] http://sadat.com.tr///our-services/alternative-specialization-modules/sniper-training-programmes.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-sea-forces/naval-operation-training-module.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-sea-forces/frogman-basic-training-programmes.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-air-forces/air-operation-training-module.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-air-forces/helicopter-pilots-training-programmes.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-police-forces/border-security-stations-training-programmes.html
- [+] http://sadat.com.tr///our-services/moduler-training-programmes-for-police-forces/basic-police-special-operations-training-programmes.html
- [+] http://sadat.com.tr///about-us/our-mission.html
- [+] http://sadat.com.tr///about-us/our-vision.html
- [+] http://sadat.com.tr///about-us/why-sadat-inc-international-defense-consulting.html
- [+] http://sadat.com.tr///about-us/organization-chart.html
- [+] http://sadat.com.tr///about-us/qualification-of-personnel.html
- [+] http://sadat.com.tr///about-us/our-certificates.html
- [+] http://sadat.com.tr///about-us/our-publications.html
- [+] http://sadat.com.tr///about-us/news.html
- [+] http://sadat.com.tr///join-us/job-application.html
- [+] http://sadat.com.tr///contact-us.html
- [+] http://www.sadat.com.tr/news/news/345-visit-sadat-as-at-idef-17.html
- [+] http://www.sadat.com.tr/en/about-us/our-publications/308-training-modules-booklets.html
- [+] http://www.sadat.com.tr/en/about-us/our-publications/309-military-maintenance-system-brochure.html
- [+] http://sadat.com.tr///homepage-en/84-en/85-sadat-inc-international-defense-consulting.html
- [+] http://sadat.com.tr///about-us/our-publications.html
- [+] http://sadat.com.tr///about-us/our-publications.html
- --------------------------------------------------
- [!] 5 External links Discovered
- [#] http://youtu.be/KQ3jVmVDPBI
- [#] http://www.facebook.com/SadatInternationalDefenseConsultancy
- [#] http://www.linkedin.com/companies/2845254
- [#] http://twitter.com/SADATcomTR
- [#] http://youtube.com/SADATcom
- --------------------------------------------------
- [#] Mapping Subdomain..
- [!] Found 1 Subdomain
- - sadat.com.tr
- --------------------------------------------------
- [!] Done At 2019-10-11 19:03:40.588653
- ######################################################################################################################################
- [i] Scanning Site: http://sadat.com.tr
- B A S I C I N F O
- ====================
- [+] Site Title: Home
- [+] IP address: 109.232.216.55
- [+] Web Server: Could Not Detect
- [+] CMS: Joomla
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- ========================
- ** Domain Name: sadat.com.tr
- ** Registrant:
- Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Adnan Kahveci Mah. Caner Sok. No:3
- İstanbul,
- Türkiye
- okocdemir@gmail.com
- + 90-212-5261131-
- +
- ** Administrative Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Technical Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Billing Contact:
- NIC Handle : sus13-metu
- Organization Name : Sadat Uluslararası Savunma Dan. İnş. San. ve Tic. A.Ş.
- Address : Yakuplu Mah Hürriyet Bulvarı Newport Sitesi No:155
- 1. Blok Kat:7 Daire:54
- İstanbul,34524
- Türkiye
- Phone : + 90-212-8551972-
- Fax : + 90-212-8551975-
- ** Domain Servers:
- cpns1.turhost.com
- cpns1.turhost.com
- ** Additional Info:
- Created on..............: 2012-Mar-08.
- Expires on..............: 2023-Mar-07.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 109.232.216.55
- [i] Country: Turkey
- [i] State: Istanbul
- [i] City: Istanbul
- [i] Latitude: 41.0649
- [i] Longitude: 29.0053
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.0 200 OK
- [i] Connection: close
- [i] X-Powered-By: PHP/5.6.40
- [i] Set-Cookie: 39edc5e562bae2bee28aee62011d903a=0975155bc9c3bc7a908678fc17065a42; path=/
- [i] P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
- [i] Content-Type: text/html; charset=utf-8
- [i] Cache-Control: no-cache
- [i] Pragma: no-cache
- [i] Date: Fri, 11 Oct 2019 23:05:31 GMT
- D N S L O O K U P
- ===================
- no records found
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 109.232.216.55
- Network = 109.232.216.55 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 109.232.216.55 - 109.232.216.55 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-11 23:05 UTC
- Nmap scan report for sadat.com.tr (109.232.216.55)
- Host is up (0.13s latency).
- rDNS record for 109.232.216.55: srvc54.turhost.com
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp closed ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 4.47 seconds
- ######################################################################################################################################
- Enter Address Website = 109.232.216.55
- Reversing IP With HackTarget '109.232.216.55'
- ------------------------------------------------
- [+] ahsapciz.com
- [+] akkocapeyzaj.com
- [+] atechdoor.com.tr
- [+] autodiscover.dijilopedi.com
- [+] autodiscover.istanbulikincielesya.org
- [+] autodiscover.yazkizyurdu.com
- [+] cpanel.dijilopedi.com
- [+] cpanel.istanbulikincielesya.org
- [+] cpanel.yazkizyurdu.com
- [+] csdistanbul.com
- [+] dc-c5da7f503d38.soturkish.com
- [+] dijilopedi.com
- [+] ejcvsmed.org
- [+] felixyapim.com
- [+] gulmobilya.com
- [+] hulyagurdamar.com
- [+] istanbulikincielesya.org
- [+] konusmasesterapisi.com
- [+] novamall.com.tr
- [+] otoanahtari.web.tr
- [+] sadat.com.tr
- [+] sosyalicerme.org
- [+] srvc54.turhost.com
- [+] step-yapi.com
- [+] tecrubesigorta.com
- [+] webdisk.dijilopedi.com
- [+] webdisk.istanbulikincielesya.org
- [+] webdisk.yazkizyurdu.com
- [+] webmail.dijilopedi.com
- [+] webmail.istanbulikincielesya.org
- [+] webmail.yazkizyurdu.com
- [+] www.yazkizyurdu.com.yazkizyurdu.com
- [+] yazkizyurdu.com
- [+] yazkizyurdu.com.yazkizyurdu.com
- [+] yazogrenciyurdu.com
- Reverse IP With YouGetSignal '109.232.216.55'
- ------------------------------------------------
- [*] IP: 109.232.216.55
- [*] Domain: 109.232.216.55
- [*] Total Domains: 26
- [+] atechdoor.com.tr
- [+] aylinozturk.net
- [+] hulyagurdamar.com
- [+] istanbulikincielesya.org
- [+] mobil.ruzgarist.com
- [+] odulklise.com
- [+] ozdilinsaat.com.tr
- [+] penspinning-tr.com
- [+] ruzgarist.com
- [+] sadat.com.tr
- [+] sapdersleri.net
- [+] sapogren.com
- [+] saprehberi.com
- [+] ulutas-insaat.com
- [+] www.amazon.com
- [+] www.atechdoor.com.tr
- [+] www.cagritemellisesi.com
- [+] www.findikyapim.com
- [+] www.istanbulikincielesya.org
- [+] www.ozdilinsaat.com.tr
- [+] www.penspinning-tr.com
- [+] www.ruzgarist.com
- [+] www.sadat.com.tr
- [+] www.sosyalmedyadatakip.com
- [+] www.turkuazelsanatlari.com
- [+] www.tysd-fatih.org
- Geo IP Lookup '109.232.216.55'
- ---------------------------------
- [+] IP Address: 109.232.216.55
- [+] Country: Turkey
- [+] State: Istanbul
- [+] City: Istanbul
- [+] Latitude: 41.0649
- [+] Longitude: 29.0053
- Show HTTP Header '109.232.216.55'
- ------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Connection: close
- [+] Content-Type: text/html
- [+] Last-Modified: Tue, 23 Jun 2015 09:48:32 GMT
- [+] Etag: "6f-55892b70-bf8b5e61f9782831;;;"
- [+] Accept-Ranges: bytes
- [+] Content-Length: 111
- [+] Date: Fri, 11 Oct 2019 23:40:30 GMT
- [+]
- Port Scan '109.232.216.55'
- -----------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-11 23:40 UTC
- Nmap scan report for srvc54.turhost.com (109.232.216.55)
- Host is up (0.13s latency).
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp closed ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.68 seconds
- Traceroute '109.232.216.55'
- ------------------------------
- Start: 2019-10-11T23:44:57+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.6 0.7 0.6 0.8 0.1
- 2.|-- 45.79.12.2 0.0% 3 0.5 1.3 0.5 2.7 1.2
- 3.|-- 45.79.12.9 0.0% 3 0.8 2.2 0.8 4.7 2.2
- 4.|-- 199.245.16.65 0.0% 3 1.7 1.7 1.6 1.7 0.1
- 5.|-- ae-14.r22.dllstx09.us.bb.gin.ntt.net 0.0% 3 1.3 3.7 1.3 8.4 4.1
- 6.|-- ae-1.r22.asbnva02.us.bb.gin.ntt.net 0.0% 3 39.9 40.3 39.0 42.0 1.5
- 7.|-- ae-6.r25.frnkge08.de.bb.gin.ntt.net 0.0% 3 134.6 133.8 128.4 138.5 5.1
- 8.|-- ae-5.r00.frnkge07.de.bb.gin.ntt.net 0.0% 3 128.3 128.2 128.1 128.3 0.1
- 9.|-- 213.198.83.198 0.0% 3 128.1 128.1 128.1 128.2 0.0
- 10.|-- 212.156.101.213.static.turktelekom.com.tr 0.0% 3 163.6 163.6 163.5 163.6 0.0
- 11.|-- 212.156.120.184.static.turktelekom.com.tr 0.0% 3 165.2 165.3 165.2 165.4 0.1
- 12.|-- sogutlu-ess1-t4-1-adapazari-t3-2.turktelekom.com.tr 0.0% 3 165.3 165.4 165.3 165.5 0.1
- 13.|-- 00-gayrettepe-t3-5---00-gayrettepe-xrs-t2-2.statik.turktelekom.com.tr 0.0% 3 170.3 170.3 170.1 170.4 0.2
- 14.|-- 212.156.132.134.static.turktelekom.com.tr 0.0% 3 170.0 170.0 169.9 170.0 0.0
- 15.|-- 85.111.69.66.dynamic.ttnet.com.tr 0.0% 3 170.4 170.4 170.4 170.4 0.0
- 16.|-- 85.111.26.196.dynamic.ttnet.com.tr 33.3% 3 173.0 171.7 170.5 173.0 1.8
- 17.|-- 85.111.26.205.dynamic.ttnet.com.tr 0.0% 3 171.0 171.2 171.0 171.2 0.1
- 18.|-- srvc54.turhost.com 0.0% 3 171.8 171.5 171.1 171.8 0.3
- ######################################################################################################################################
- Trying "sadat.com.tr"
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8966
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL: 1
- ;; QUESTION SECTION:
- ;sadat.com.tr. IN ANY
- ;; ANSWER SECTION:
- sadat.com.tr. 14400 IN MX 0 sadat.com.tr.
- sadat.com.tr. 14400 IN A 109.232.216.55
- sadat.com.tr. 43200 IN SOA cpns1.turhost.com. csf.ofis.net. 2019050900 3600 7200 1209600 86400
- sadat.com.tr. 14400 IN TXT "v=spf1 ip4:109.232.216.54 ip4:109.232.216.55 +a +mx ~all"
- sadat.com.tr. 43199 IN NS cpns2.turhost.com.
- sadat.com.tr. 43199 IN NS cpns1.turhost.com.
- ;; AUTHORITY SECTION:
- sadat.com.tr. 43199 IN NS cpns2.turhost.com.
- sadat.com.tr. 43199 IN NS cpns1.turhost.com.
- ;; ADDITIONAL SECTION:
- sadat.com.tr. 14400 IN A 109.232.216.55
- Received 274 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 166 ms
- ######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace sadat.com.tr
- ;; global options: +cmd
- . 82904 IN NS l.root-servers.net.
- . 82904 IN NS m.root-servers.net.
- . 82904 IN NS d.root-servers.net.
- . 82904 IN NS a.root-servers.net.
- . 82904 IN NS j.root-servers.net.
- . 82904 IN NS b.root-servers.net.
- . 82904 IN NS c.root-servers.net.
- . 82904 IN NS h.root-servers.net.
- . 82904 IN NS g.root-servers.net.
- . 82904 IN NS f.root-servers.net.
- . 82904 IN NS k.root-servers.net.
- . 82904 IN NS i.root-servers.net.
- . 82904 IN NS e.root-servers.net.
- . 82904 IN RRSIG NS 8 0 518400 20191024170000 20191011160000 22545 . H3x2s+SvDITnRW6oA+xKZQtZo5I9BgTdImmO67rSOPN5KHNI+fOYfUTl /YhB489khlN0JmP/rrONAXshejO4xq8nHJTGBG3lnOWw4LQpHBsCFSDH Plwo8dRhxvEv+2R0MVtFo55P+BdugfD4q3iM3EmETRf9y1BOVapKG5EG CrwPWII7FRh55eTrQgjangPZW3PtUrsHn79+hc3ahz5QuECrVsunPab9 kZ0Q/0WNHmpHCqT50NO0ot4lVDIweGvERCfJ8ijZA9YR3J/SJl88szI8 0E/JkciIiBIIEUnm8oxhBOgV99eXk54euGKL9XU8wdqPSGrWUDVIIS0l wuWriA==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 198 ms
- tr. 172800 IN NS ns41.nic.tr.
- tr. 172800 IN NS ns91.nic.tr.
- tr. 172800 IN NS ns21.nic.tr.
- tr. 172800 IN NS ns22.nic.tr.
- tr. 172800 IN NS ns31.nic.tr.
- tr. 172800 IN NS ns42.nic.tr.
- tr. 172800 IN NS ns92.nic.tr.
- tr. 86400 IN NSEC trade. NS RRSIG NSEC
- tr. 86400 IN RRSIG NSEC 8 1 86400 20191024170000 20191011160000 22545 . hfJNq5N9xhx7hkeLXcmhxz3RE1KvSECFQJjVFH4Hi8FzRPkH5II6sk9/ eS8jFTxgzysiOBMOCK0QQGqhJJWpFpYYxdksJdijJtxqa6M5901bdWoo BYYu+F2sCGkaMaYs8dhAT+pw2FQ+AbmDUVptMEVSaqs0Ka2ThzCqfxzY 5LXqGMALaFv51fFBpp7SzshKtlxRFkJ3yokRb7jUYPl39tZQkll8GO5m H8D4p5wMvtpfo7WcbB//Frk7IRHvZEYftVKEEK9ZXobe/p7IcPo8be3o 6d97vpuugimnGpPhLA618Hyv1lkpKnhTtHH0e7QJP36X2UkFXFnEVJDW vBgWog==
- ;; Received 744 bytes from 192.112.36.4#53(g.root-servers.net) in 205 ms
- sadat.com.tr. 43200 IN NS cpns1.turhost.com.
- ;; Received 72 bytes from 213.14.246.2#53(ns21.nic.tr) in 353 ms
- sadat.com.tr. 14400 IN A 109.232.216.55
- sadat.com.tr. 86400 IN NS cpns1.turhost.com.
- sadat.com.tr. 86400 IN NS cpns2.turhost.com.
- ;; Received 124 bytes from 37.230.110.110#53(cpns1.turhost.com) in 147 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: sadat.com.tr
- [-] DNSSEC is not configured for sadat.com.tr
- [*] SOA cpns1.turhost.com 37.230.110.110
- [*] NS cpns1.turhost.com 37.230.110.110
- [*] Bind Version for 37.230.110.110 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- [*] NS cpns2.turhost.com 37.230.111.111
- [*] Bind Version for 37.230.111.111 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- [*] MX sadat.com.tr 109.232.216.55
- [*] A sadat.com.tr 109.232.216.55
- [*] TXT sadat.com.tr v=spf1 ip4:109.232.216.54 ip4:109.232.216.55 +a +mx ~all
- [*] Enumerating SRV Records
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.54 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.54 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.57 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.55 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.57 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.58 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.55 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.56 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.56 2079 0
- [*] SRV _caldav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.58 2079 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.55 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.54 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.56 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.57 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.58 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.57 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.54 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.56 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.55 2080 0
- [*] SRV _carddavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.58 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.58 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.54 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.57 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.56 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.56 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.54 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.55 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.55 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.57 2080 0
- [*] SRV _caldavs._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.58 2080 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.54 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.57 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.56 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.56 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.55 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.58 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.54 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.55 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.58 2079 0
- [*] SRV _carddav._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.57 2079 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.58 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.58 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.55 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.56 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.54 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.57 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.55 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.216.57 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.56 443 0
- [*] SRV _autodiscover._tcp.sadat.com.tr srvc54.turhost.com 109.232.217.54 443 0
- [+] 50 Records Found
- ######################################################################################################################################
- [*] Processing domain sadat.com.tr
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 37.230.110.110 - cpns1.turhost.com
- 37.230.111.111 - cpns2.turhost.com
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 ip4:109.232.216.54 ip4:109.232.216.55 +a +mx ~all"
- [+] MX records found, added to target list
- 0 sadat.com.tr.
- [*] Scanning sadat.com.tr for A records
- 109.232.216.55 - sadat.com.tr
- 109.232.216.55 - autodiscover.sadat.com.tr
- 109.232.216.55 - autoconfig.sadat.com.tr
- 109.232.216.55 - cpanel.sadat.com.tr
- 109.232.216.55 - ftp.sadat.com.tr
- 88.248.108.80 - pm.sadat.com.tr
- 109.232.216.55 - webdisk.sadat.com.tr
- 109.232.216.55 - webmail.sadat.com.tr
- 109.232.216.55 - whm.sadat.com.tr
- 109.232.216.55 - www.sadat.com.tr
- ######################################################################################################################################
- AVAILABLE PLUGINS
- -----------------
- EarlyDataPlugin
- CertificateInfoPlugin
- OpenSslCipherSuitesPlugin
- HttpHeadersPlugin
- HeartbleedPlugin
- SessionResumptionPlugin
- RobotPlugin
- SessionRenegotiationPlugin
- OpenSslCcsInjectionPlugin
- CompressionPlugin
- FallbackScsvPlugin
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 109.232.216.55:443 => 109.232.216.55
- SCAN RESULTS FOR 109.232.216.55:443 - 109.232.216.55
- ----------------------------------------------------
- * Downgrade Attacks:
- TLS_FALLBACK_SCSV: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiation: OK - Rejected
- Secure Renegotiation: OK - Supported
- * TLS 1.2 Session Resumption Support:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Tickets: OK - Supported
- * TLSV1_3 Cipher Suites:
- Forward Secrecy OK - Supported
- RC4 OK - Not Supported
- Preferred:
- TLS_AES_256_GCM_SHA384 256 bits HTTP 200 OK
- Accepted:
- TLS_CHACHA20_POLY1305_SHA256 256 bits HTTP 200 OK
- TLS_AES_256_GCM_SHA384 256 bits HTTP 200 OK
- TLS_AES_128_GCM_SHA256 128 bits HTTP 200 OK
- * TLSV1_1 Cipher Suites:
- Forward Secrecy OK - Supported
- RC4 OK - Not Supported
- Preferred:
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- Accepted:
- TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- * OpenSSL Heartbleed:
- OK - Not vulnerable to Heartbleed
- * TLSV1_2 Cipher Suites:
- Forward Secrecy OK - Supported
- RC4 OK - Not Supported
- Preferred:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
- Accepted:
- TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
- TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
- TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- * Certificate Information:
- Content
- SHA1 Fingerprint: 0b6cf036e537ad1f1735b5e69975637c6399b380
- Common Name: *.turhost.com
- Issuer: AlphaSSL CA - SHA256 - G2
- Serial Number: 23417661297953674351878308524
- Not Before: 2019-03-26 11:31:37
- Not After: 2021-05-16 09:25:22
- Signature Algorithm: sha256
- Public Key Algorithm: RSA
- Key Size: 2048
- Exponent: 65537 (0x10001)
- DNS Subject Alternative Names: ['*.turhost.com', 'turhost.com']
- Trust
- Hostname Validation: FAILED - Certificate does NOT match 109.232.216.55
- Android CA Store (9.0.0_r9): OK - Certificate is trusted
- Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
- Java CA Store (jdk-12.0.1): OK - Certificate is trusted
- Mozilla CA Store (2019-03-14): OK - Certificate is trusted
- Windows CA Store (2019-05-27): OK - Certificate is trusted
- Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
- Received Chain: *.turhost.com --> AlphaSSL CA - SHA256 - G2
- Verified Chain: *.turhost.com --> AlphaSSL CA - SHA256 - G2 --> GlobalSign Root CA
- Received Chain Contains Anchor: OK - Anchor certificate not sent
- Received Chain Order: OK - Order is valid
- Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
- Extensions
- OCSP Must-Staple: NOT SUPPORTED - Extension not found
- Certificate Transparency: OK - 3 SCTs included
- OCSP Stapling
- OCSP Response Status: successful
- Validation w/ Mozilla Store: OK - Response is trusted
- Responder Id: EE5EFFFE85DB26C626FBD3698410AD1D0DD3EF58
- Cert Status: good
- Cert Serial Number: 4BAAA2AAB0451CA64E3F82AC
- This Update: Oct 11 20:38:21 2019 GMT
- Next Update: Oct 15 20:38:21 2019 GMT
- * TLSV1 Cipher Suites:
- Forward Secrecy OK - Supported
- RC4 OK - Not Supported
- Preferred:
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- Accepted:
- TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
- * OpenSSL CCS Injection:
- OK - Not vulnerable to OpenSSL CCS injection
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- * ROBOT Attack:
- OK - Not vulnerable
- SCAN COMPLETED IN 22.74 S
- -------------------------
- #####################################################################################################################################
- Domains still to check: 1
- Checking if the hostname sadat.com.tr. given is in fact a domain...
- Analyzing domain: sadat.com.tr.
- Checking NameServers using system default resolver...
- IP: 37.230.110.110 (Turkey)
- HostName: cpns1.turhost.com Type: NS
- HostName: cpns1.turhost.com Type: PTR
- IP: 37.230.111.111 (Turkey)
- HostName: cpns2.turhost.com Type: NS
- HostName: cpns2.turhost.com Type: PTR
- Checking MailServers using system default resolver...
- IP: 109.232.216.55 (Turkey)
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
- No zone transfer found on nameserver 37.230.110.110
- No zone transfer found on nameserver 37.230.111.111
- Checking SPF record...
- New IP found: 109.232.216.54
- Checking 192 most common hostnames using system default resolver...
- IP: 109.232.216.55 (Turkey)
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Type: SPF
- HostName: www.sadat.com.tr. Type: A
- IP: 109.232.216.55 (Turkey)
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Type: SPF
- HostName: www.sadat.com.tr. Type: A
- HostName: ftp.sadat.com.tr. Type: A
- IP: 109.232.216.55 (Turkey)
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Type: SPF
- HostName: www.sadat.com.tr. Type: A
- HostName: ftp.sadat.com.tr. Type: A
- HostName: mail.sadat.com.tr. Type: A
- IP: 109.232.216.55 (Turkey)
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Type: SPF
- HostName: www.sadat.com.tr. Type: A
- HostName: ftp.sadat.com.tr. Type: A
- HostName: mail.sadat.com.tr. Type: A
- HostName: webmail.sadat.com.tr. Type: A
- Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
- Checking netblock 109.232.216.0
- Checking netblock 37.230.110.0
- Checking netblock 37.230.111.0
- Searching for sadat.com.tr. emails in Google
- atanr...@sadat.com.trh
- Checking 4 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
- Host 109.232.216.54 is up (reset ttl 64)
- Host 109.232.216.55 is up (reset ttl 64)
- Host 37.230.110.110 is up (reset ttl 64)
- Host 37.230.111.111 is up (reset ttl 64)
- Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
- Scanning ip 109.232.216.54 ():
- Scanning ip 109.232.216.55 (webmail.sadat.com.tr.):
- Scanning ip 37.230.110.110 (cpns1.turhost.com (PTR)):
- 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- 465/tcp open ssl/smtp syn-ack ttl 51 Exim smtpd 4.92
- | smtp-commands: cpns1.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.turhost.com
- | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-03-26T11:31:37
- | Not valid after: 2021-05-16T09:25:22
- | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- |_ssl-date: 2019-10-11T23:22:24+00:00; 0s from scanner time.
- 587/tcp open smtp syn-ack ttl 51 Exim smtpd 4.92
- | smtp-commands: cpns1.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.turhost.com
- | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-03-26T11:31:37
- | Not valid after: 2021-05-16T09:25:22
- | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- |_ssl-date: 2019-10-11T23:22:25+00:00; 0s from scanner time.
- OS Info: Service Info: Host: cpns1.turhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- Scanning ip 37.230.111.111 (cpns2.turhost.com (PTR)):
- 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- 465/tcp open ssl/smtp syn-ack ttl 51 Exim smtpd 4.92
- | smtp-commands: cpns2.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.turhost.com
- | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-03-26T11:31:37
- | Not valid after: 2021-05-16T09:25:22
- | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- |_ssl-date: 2019-10-11T23:23:02+00:00; +2s from scanner time.
- 587/tcp open smtp syn-ack ttl 51 Exim smtpd 4.92
- | smtp-commands: cpns2.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- | ssl-cert: Subject: commonName=*.turhost.com
- | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-03-26T11:31:37
- | Not valid after: 2021-05-16T09:25:22
- | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- |_ssl-date: 2019-10-11T23:23:03+00:00; +3s from scanner time.
- 3306/tcp open mysql syn-ack ttl 51 MySQL (unauthorized)
- OS Info: Service Info: Host: cpns2.turhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- |_clock-skew: mean: 2s, deviation: 0s, median: 1s
- WebCrawling domain's web servers... up to 50 max links.
- --Finished--
- Summary information for domain sadat.com.tr.
- -----------------------------------------
- Domain Specific Information:
- Email: atanr...@sadat.com.trh
- Domain Ips Information:
- IP: 109.232.216.54
- Type: SPF
- Is Active: True (reset ttl 64)
- IP: 109.232.216.55
- HostName: sadat.com.tr Type: MX
- HostName: srvc54.turhost.com Type: PTR
- Type: SPF
- HostName: www.sadat.com.tr. Type: A
- HostName: ftp.sadat.com.tr. Type: A
- HostName: mail.sadat.com.tr. Type: A
- HostName: webmail.sadat.com.tr. Type: A
- Country: Turkey
- Is Active: True (reset ttl 64)
- IP: 37.230.110.110
- HostName: cpns1.turhost.com Type: NS
- HostName: cpns1.turhost.com Type: PTR
- Country: Turkey
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- Port: 465/tcp open ssl/smtp syn-ack ttl 51 Exim smtpd 4.92
- Script Info: | smtp-commands: cpns1.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=*.turhost.com
- Script Info: | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-03-26T11:31:37
- Script Info: | Not valid after: 2021-05-16T09:25:22
- Script Info: | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- Script Info: |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- Script Info: |_ssl-date: 2019-10-11T23:22:24+00:00; 0s from scanner time.
- Port: 587/tcp open smtp syn-ack ttl 51 Exim smtpd 4.92
- Script Info: | smtp-commands: cpns1.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=*.turhost.com
- Script Info: | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-03-26T11:31:37
- Script Info: | Not valid after: 2021-05-16T09:25:22
- Script Info: | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- Script Info: |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- Script Info: |_ssl-date: 2019-10-11T23:22:25+00:00; 0s from scanner time.
- Os Info: Host: cpns1.turhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- IP: 37.230.111.111
- HostName: cpns2.turhost.com Type: NS
- HostName: cpns2.turhost.com Type: PTR
- Country: Turkey
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3
- Port: 465/tcp open ssl/smtp syn-ack ttl 51 Exim smtpd 4.92
- Script Info: | smtp-commands: cpns2.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
- Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=*.turhost.com
- Script Info: | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-03-26T11:31:37
- Script Info: | Not valid after: 2021-05-16T09:25:22
- Script Info: | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- Script Info: |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- Script Info: |_ssl-date: 2019-10-11T23:23:02+00:00; +2s from scanner time.
- Port: 587/tcp open smtp syn-ack ttl 51 Exim smtpd 4.92
- Script Info: | smtp-commands: cpns2.turhost.com Hello nmap.scanme.org [45.131.4.21], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
- Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
- Script Info: | ssl-cert: Subject: commonName=*.turhost.com
- Script Info: | Subject Alternative Name: DNS:*.turhost.com, DNS:turhost.com
- Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-03-26T11:31:37
- Script Info: | Not valid after: 2021-05-16T09:25:22
- Script Info: | MD5: 1524 5d3e 121f 2164 e948 ee69 771d ad7f
- Script Info: |_SHA-1: 0b6c f036 e537 ad1f 1735 b5e6 9975 637c 6399 b380
- Script Info: |_ssl-date: 2019-10-11T23:23:03+00:00; +3s from scanner time.
- Port: 3306/tcp open mysql syn-ack ttl 51 MySQL (unauthorized)
- Os Info: Host: cpns2.turhost.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- Script Info: |_clock-skew: mean: 2s, deviation: 0s, median: 1s
- --------------End Summary --------------
- -----------------------------------------
- ######################################################################################################################################
- [INFO] ------TARGET info------
- [*] TARGET: http://sadat.com.tr/
- Usage: grep [OPTION]... PATTERNS [FILE]...
- Exécutez « grep --help » pour obtenir des renseignements complémentaires.
- [ALERT] Problem with IP-API detected... trying to reconnect with 15 seconds timeout. Number of tries: 1/6
- [*] TARGET IP: 109.232.216.55
- [INFO] NO load balancer detected for sadat.com.tr...
- [*] DNS servers: cpns1.turhost.com.
- [*] TARGET server:
- [*] CC: TR
- [*] Country: Turkey
- [*] RegionCode: 41
- [*] RegionName: Kocaeli
- [*] City: Kosekoy
- [*] ASN: AS42807
- [*] BGP_PREFIX: 109.232.216.0/21
- [*] ISP: AEROTEK-AS Aerotek Bilisim Sanayi ve Ticaret AS, TR
- [INFO] DNS enumeration:
- [*] ftp.sadat.com.tr 109.232.216.55
- [*] mail.sadat.com.tr sadat.com.tr. 109.232.216.55
- [*] webmail.sadat.com.tr 109.232.216.55
- [INFO] Possible abuse mails are:
- [*] abuse@sadat.com.tr
- [INFO] NO PAC (Proxy Auto Configuration) file FOUND
- [INFO] Starting FUZZing in http://sadat.com.tr/FUzZzZzZzZz...
- [INFO] Status code Folders
- [*] 200 http://sadat.com.tr/images
- [*] 200 http://sadat.com.tr/download
- [ALERT] Look in the source code. It may contain passwords
- [ALERT] Content in http://sadat.com.tr/ AND http://www.sadat.com.tr/ is different
- [INFO] MD5 for http://sadat.com.tr/ is: c718c155a2090ae501c599d9855caa15
- [INFO] MD5 for http://www.sadat.com.tr/ is: 703241fecc2108a82864c708a59d2d7e
- [INFO] http://sadat.com.tr/ redirects to http://sadat.com.tr/
- [INFO] http://www.sadat.com.tr/ redirects to http://www.sadat.com.tr/
- [INFO] Links found from http://sadat.com.tr/ http://109.232.216.55/:
- [*] http://109.232.216.55/cgi-sys/defaultwebpage.cgi
- [*] http://sadat.com.tr/
- [*] http://sadat.com.tr/about-us/news.html
- [*] http://sadat.com.tr/about-us/organization-chart.html
- [*] http://sadat.com.tr/about-us/our-certificates.html
- [*] http://sadat.com.tr/about-us/our-mission.html
- [*] http://sadat.com.tr/about-us/our-publications.html
- [*] http://sadat.com.tr/about-us/our-vision.html
- [*] http://sadat.com.tr/about-us/qualification-of-personnel.html
- [*] http://sadat.com.tr/about-us/why-sadat-inc-international-defense-consulting.html
- [*] http://sadat.com.tr/ar/
- [*] http://sadat.com.tr/component/search/?format=opensearch
- [*] http://sadat.com.tr/contact-us.html
- [*] http://sadat.com.tr/?format=feed&type=atom
- [*] http://sadat.com.tr/?format=feed&type=rss
- [*] http://sadat.com.tr/homepage-en/84-en/85-sadat-inc-international-defense-consulting.html
- [*] http://sadat.com.tr/join-us/job-application.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/advanced-individual-combat-training-course.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/artillery-and-mortar-forward-observation-training-corse.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/demolition-training-courses.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/land-operation-training-module.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/protection-courses-training-module.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/sniper-training-module.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/sniper-training-programmes.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/tank-hunting-destruction-of-armored-vehicle-non-damaged-seizure-course-training-module.html
- [*] http://sadat.com.tr/our-services/alternative-specialization-modules/unconventional-warfare-gnh-course-training-module.html
- [*] http://sadat.com.tr/our-services/consultancy/consultancy-military.html
- [*] http://sadat.com.tr/our-services/consultancy/consultancy-security.html
- [*] http://sadat.com.tr/our-services/general-training-modules/advanced-course-for-special-forces.html
- [*] http://sadat.com.tr/our-services/general-training-modules/aviation-courses.html
- [*] http://sadat.com.tr/our-services/general-training-modules/basic-course-for-special-forces.html
- [*] http://sadat.com.tr/our-services/general-training-modules/individual-combat-trainings-the-small-unit-tactics.html
- [*] http://sadat.com.tr/our-services.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-air-forces/air-operation-training-module.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-air-forces/helicopter-pilots-training-programmes.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-police-forces/basic-police-special-operations-training-programmes.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-police-forces/border-security-stations-training-programmes.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-sea-forces/frogman-basic-training-programmes.html
- [*] http://sadat.com.tr/our-services/moduler-training-programmes-for-sea-forces/naval-operation-training-module.html
- [*] http://sadat.com.tr/our-services/ordnance/maintenance-repair.html
- [*] http://sadat.com.tr/our-services/ordnance/ordnance-military.html
- [*] http://sadat.com.tr/our-services/ordnance/ordnance-security.html
- [*] http://sadat.com.tr/our-services/our-training-modules.html
- [*] http://sadat.com.tr/our-services/training/training-military.html
- [*] http://sadat.com.tr/our-services/training/training-security.html
- [*] http://sadat.com.tr/#page
- [*] http://sadat.com.tr/tr/
- [*] http://twitter.com/SADATcomTR
- [*] http://www.facebook.com/SadatInternationalDefenseConsultancy
- [*] http://www.linkedin.com/companies/2845254
- [*] http://www.sadat.com.tr/en/about-us/our-publications/308-training-modules-booklets.html
- [*] http://www.sadat.com.tr/en/about-us/our-publications/309-military-maintenance-system-brochure.html
- [*] http://www.sadat.com.tr/news/news/345-visit-sadat-as-at-idef-17.html
- [*] http://youtube.com/SADATcom
- [*] http://youtu.be/KQ3jVmVDPBI
- [INFO] GOOGLE has 791,000 results (0.21 seconds) about http://sadat.com.tr/
- [INFO] Shodan detected the following opened ports on 109.232.216.55:
- [*] 0
- [*] 1
- [*] 110
- [*] 19
- [*] 2077
- [*] 2082
- [*] 2083
- [*] 2086
- [*] 2087
- [*] 2096
- [*] 21
- [*] 4
- [*] 443
- [*] 465
- [*] 53
- [*] 587
- [*] 6
- [*] 80
- [*] 9
- [*] 993
- [*] 995
- [INFO] ------VirusTotal SECTION------
- [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
- [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
- [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
- [INFO] ------Alexa Rank SECTION------
- [INFO] Percent of Visitors Rank in Country:
- [INFO] Percent of Search Traffic:
- [INFO] Percent of Unique Visits:
- [INFO] Total Sites Linking In:
- [*] Total Sites
- [INFO] Useful links related to sadat.com.tr - 109.232.216.55:
- [*] https://www.virustotal.com/pt/ip-address/109.232.216.55/information/
- [*] https://www.hybrid-analysis.com/search?host=109.232.216.55
- [*] https://www.shodan.io/host/109.232.216.55
- [*] https://www.senderbase.org/lookup/?search_string=109.232.216.55
- [*] https://www.alienvault.com/open-threat-exchange/ip/109.232.216.55
- [*] http://pastebin.com/search?q=109.232.216.55
- [*] http://urlquery.net/search.php?q=109.232.216.55
- [*] http://www.alexa.com/siteinfo/sadat.com.tr
- [*] http://www.google.com/safebrowsing/diagnostic?site=sadat.com.tr
- [*] https://censys.io/ipv4/109.232.216.55
- [*] https://www.abuseipdb.com/check/109.232.216.55
- [*] https://urlscan.io/search/#109.232.216.55
- [*] https://github.com/search?q=109.232.216.55&type=Code
- [INFO] Useful links related to AS42807 - 109.232.216.0/21:
- [*] http://www.google.com/safebrowsing/diagnostic?site=AS:42807
- [*] https://www.senderbase.org/lookup/?search_string=109.232.216.0/21
- [*] http://bgp.he.net/AS42807
- [*] https://stat.ripe.net/AS42807
- [INFO] Date: 11/10/19 | Time: 18:49:48
- [INFO] Total time: 1 minute(s) and 22 second(s)
- #####################################################################################################################################
- [*] Load target domain: sadat.com.tr
- - starting scanning @ 2019-10-11 18:59:31
- [+] Running & Checking source to be used
- ---------------------------------------------
- ⍥ Shodan [ ✕ ]
- ⍥ Webarchive [ ✔ ]
- ⍥ Certspotter [ ✔ ]
- ⍥ Dnsdumpster [ ✔ ]
- ⍥ Bufferover [ ✔ ]
- ⍥ Securitytrails [ ✕ ]
- ⍥ Threatminer [ ✔ ]
- ⍥ Certsh [ ✔ ]
- ⍥ Censys [ ✕ ]
- ⍥ Threatcrowd [ ✔ ]
- ⍥ Hackertarget [ ✔ ]
- ⍥ Entrust [ ✔ ]
- ⍥ Virustotal [ ✕ ]
- ⍥ Binaryedge [ ✕ ]
- ⍥ Riddler [ ✔ ]
- ⍥ Findsubdomain [ ✔ ]
- [+] Get & Count subdomain total From source
- ---------------------------------------------
- ⍥ Hackertarget: Total Subdomain (1)
- ⍥ Findsubdomain: Total Subdomain (0)
- ⍥ Certspotter: Total Subdomain (0)
- ⍥ Threatminer: Total Subdomain (1)
- ⍥ Certsh: Total Subdomain (0)
- ⍥ BufferOver: Total Subdomain (1)
- ⍥ Entrust: Total Subdomain (0)
- ⍥ Threatcrowd: Total Subdomain (0)
- ⍥ Dnsdumpster: Total Subdomain (4)
- ⍥ Riddler: Total Subdomain (1)
- ⍥ Webarchive: Total Subdomain (1)
- [+] Parsing & Sorting list Domain
- ---------------------------------------------
- ⍥ Total [3]
- - 0 sadat.com.tr.
- - sadat.com.tr
- - www.sadat.com.tr
- ⍥ Total [3]
- [+] Probe subdomain for working on http/https
- ---------------------------------------------
- - https://sadat.com.tr
- - https://www.sadat.com.tr
- - http://www.sadat.com.tr
- - http://sadat.com.tr
- ⍥ Total [4]
- [+] Check Live Host: Ping Sweep - ICMP PING
- ---------------------------------------------
- ⍥ [LIVE] 0
- ⍥ [LIVE] sadat.com.tr.
- ⍥ [LIVE] sadat.com.tr
- ⍥ [LIVE] www.sadat.com.tr
- [+] Check Resolving: Subdomains & Domains
- ---------------------------------------------
- ⍥ Resolving domains to: RESOLVE ERROR
- ⍥ Resolving domains to: 109.232.216.55
- ⍥ Resolving domains to: 109.232.216.55
- ⍥ Resolving domains to: 109.232.216.55
- [+] Subdomain TakeOver - Check Possible Vulns
- ---------------------------------------------
- ⍥ [FAILS] En: Unknown https://www.sadat.com.tr
- ⍥ [FAILS] En: Unknown https://sadat.com.tr
- ⍥ [FAILS] En: Unknown http://sadat.com.tr
- ⍥ [FAILS] En: Unknown http://www.sadat.com.tr
- [+] Checks status code on port 80 and 443
- ---------------------------------------------
- ⍥ [000] https://www.sadat.com.tr
- ⍥ [000] https://sadat.com.tr
- ⍥ [200] http://sadat.com.tr
- ⍥ [200] http://www.sadat.com.tr
- [+] Web Screenshots: from domain list
- ---------------------------------------------
- [+] 4 URLs to be screenshot
- [+] 4 actual URLs screenshot
- [+] 0 error(s)
- [+] Generate Reports: Make report into HTML
- ---------------------------------------------
- ⍥ Make template for reports
- - output/10-11-2019/sadat.com.tr/reports
- ⍥ Successful Created ..
- [+] Sud⍥my has been sucessfully completed
- ---------------------------------------------
- ⍥ Location output:
- - output/10-11-2019/sadat.com.tr
- - output/10-11-2019/sadat.com.tr/report
- - output/10-11-2019/sadat.com.tr/screenshots
- ######################################################################################################################################
- [I] Threads: 5
- [-] Target: http://sadat.com.tr (109.232.216.55)
- [M] Website Not in HTTPS: http://sadat.com.tr
- [I] X-Powered-By: PHP/5.6.40
- [L] X-Frame-Options: Not Enforced
- [I] Strict-Transport-Security: Not Enforced
- [I] X-Content-Security-Policy: Not Enforced
- [I] X-Content-Type-Options: Not Enforced
- [L] No Robots.txt Found
- [I] CMS Detection: Joomla
- [I] Joomla Version: 2.5.28
- [M] EDB-ID: 46710 "Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion"
- [M] EDB-ID: 46200 "Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings"
- [M] EDB-ID: 42033 "Joomla! 3.7.0 - 'com_fields' SQL Injection"
- [M] EDB-ID: 40637 "Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation"
- [M] EDB-ID: 41157 "Joomla! < 3.6.4 - Admin Takeover"
- [M] EDB-ID: 47465 "Joomla 3.4.6 - 'configuration.php' Remote Code Execution"
- [M] EDB-ID: 38977 "Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution"
- [M] EDB-ID: 39033 "Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution"
- [M] EDB-ID: 38534 "Joomla! 3.2.x < 3.4.4 - SQL Injection"
- [M] EDB-ID: 31459 "Joomla! 3.2.1 - SQL Injection"
- [M] EDB-ID: 25087 "Joomla! 3.0.3 - 'remember.php' PHP Object Injection"
- [M] EDB-ID: 24551 "Joomla! 3.0.2 - 'highlight.php' PHP Object Injection"
- [M] EDB-ID: 44227 "Joomla! 3.7 - SQL Injection"
- [I] Joomla Website Template: tk_office_free
- [I] Joomla Administrator Template: bluestork
- [-] Enumerating Joomla Usernames via "Feed" ...
- [I] Super User: akmtanriverdi@gmail.com
- [I] Autocomplete Off Not Found: http://sadat.com.tr/administrator/index.php
- [-] Joomla Default Files:
- [-] Joomla is likely to have a large number of default files
- [-] Would you like to list them all?
- [y/N]: y
- [I] http://sadat.com.tr/LICENSE.txt
- [I] http://sadat.com.tr/README.txt
- [I] http://sadat.com.tr/administrator/cache/index.html
- [I] http://sadat.com.tr/administrator/language/overrides/index.html
- [I] http://sadat.com.tr/administrator/manifests/packages/index.html
- [I] http://sadat.com.tr/cache/index.html
- [I] http://sadat.com.tr/cli/index.html
- [I] http://sadat.com.tr/components/index.html
- [I] http://sadat.com.tr/htaccess.txt
- [I] http://sadat.com.tr/images/index.html
- [I] http://sadat.com.tr/includes/index.html
- [I] http://sadat.com.tr/language/index.html
- [I] http://sadat.com.tr/language/overrides/index.html
- [I] http://sadat.com.tr/libraries/index.html
- [I] http://sadat.com.tr/media/editors/tinymce/templates/layout1.html
- [I] http://sadat.com.tr/media/editors/tinymce/templates/snippet1.html
- [I] http://sadat.com.tr/media/index.html
- [I] http://sadat.com.tr/modules/index.html
- [I] http://sadat.com.tr/plugins/index.html
- [I] http://sadat.com.tr/templates/index.html
- [I] http://sadat.com.tr/tmp/index.html
- [I] http://sadat.com.tr/web.config.txt
- [-] Searching Joomla Components ...
- [I] mod_s5_newsticker
- [I] mod_stalker
- [I] Checking for Directory Listing Enabled ...
- [-] Date & Time: 11/10/2019 19:00:05
- [-] Completed in: 0:11:42
- #######################################################################################################################################
- Anonymous JTSEC #OpTurkey Full Recon #5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement