Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname www.kantei.go.jp ISP Unknown
- Continent Unknown Flag
- JP
- Country Japan Country Code JP
- Region Unknown Local time 08 Jan 2018 23:59 JST
- City Unknown Latitude 36
- IP Address (IPv6) 2001:240:1e00:1021::10 Longitude 138
- #######################################################################################################################################
- [i] Scanning Site: http://kantei.go.jp
- B A S I C I N F O
- ====================
- [+] Site Title: 首相官邸ホームページ
- [+] IP address: 202.214.194.138
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- ========================
- [ JPRS database provides information on network administration. Its use is ]
- [ restricted to network administration purposes. For further information, ]
- [ use 'whois -h whois.jprs.jp help'. To suppress Japanese output, add'/e' ]
- [ at the end of command, e.g. 'whois -h whois.jprs.jp xxx/e'. ]
- Domain Information:
- a. [Domain Name] KANTEI.GO.JP
- g. [Organization] The Prime Minister's Official Residence
- l. [Organization Type] Government
- m. [Administrative Contact] MK072JP
- n. [Technical Contact] KW15930JP
- p. [Name Server] ns7.kantei.go.jp
- p. [Name Server] ns8.kantei.go.jp
- s. [Signing Key]
- [State] Connected (2018/06/30)
- [Registered Date] 1994/06/24
- [Connected Date] 1994/06/27
- [Last Update] 2017/09/22 14:02:03 (JST)
- G E O I P L O O K U P
- =========================
- [i] IP Address: 202.214.216.10
- [i] Country: JP
- [i] State: Hyogo
- [i] City: Kobe
- [i] Latitude: 34.691299
- [i] Longitude: 135.182999
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 302 Found
- [i] Date: Mon, 08 Jan 2018 15:03:34 GMT
- [i] X-Frame-Options: SAMEORIGIN
- [i] Location: http://www.kantei.go.jp/
- [i] Content-Length: 208
- [i] Connection: close
- [i] Content-Type: text/html; charset=iso-8859-1
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 08 Jan 2018 15:03:35 GMT
- [i] X-Frame-Options: SAMEORIGIN
- [i] Last-Modified: Fri, 05 Jan 2018 11:56:43 GMT
- [i] ETag: "6eda-562062461913e"
- [i] Accept-Ranges: bytes
- [i] Content-Length: 29175
- [i] Cache-Control: no-cache
- [i] Expires: Mon, 08 Jan 2018 15:03:35 GMT
- [i] Pragma: no-cache
- [i] Connection: close
- [i] Content-Type: text/html
- D N S L O O K U P
- ===================
- kantei.go.jp. 3599 IN SOA ns7.kantei.go.jp. kantei-postmaster.iij-pj.jp. 2017121304 3600 1200 604800 3600
- kantei.go.jp. 299 IN NS ns7.kantei.go.jp.
- kantei.go.jp. 299 IN NS ns8.kantei.go.jp.
- kantei.go.jp. 29 IN A 202.214.194.138
- kantei.go.jp. 299 IN MX 10 mx.securemx.jp.
- kantei.go.jp. 299 IN MX 60 mx6.securemx.jp.
- kantei.go.jp. 299 IN TXT "v=spf1 include:spf.securemx.jp +ip4:202.214.194.178 +ip4:202.214.216.50 +ip6:2001:0240:1e00:0f21::178 +ip6:2001:0240:1e00:1021::50 -all"
- kantei.go.jp. 29 IN AAAA 2001:240:1e00:f21::138
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 2001:240:1e00:f21::138
- Network = 2001:240:1e00:f21::138 / 128
- Netmask = ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
- Wildcard Mask = ::
- Hosts Bits = 0
- Max. Hosts = 0 (2^0 - 1)
- Host Range = { 2001:240:1e00:f21::139 - 2001:240:1e00:f21::138 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-08 15:03 UTC
- Nmap scan report for kantei.go.jp (202.214.216.10)
- Host is up (0.18s latency).
- Other addresses for kantei.go.jp (not scanned): 2001:240:1e00:f21::138
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http?
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/https?
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- 2 services unrecognized despite returning data. If you know the service/version, please submit
- [!] IP Address : 202.214.216.10
- [!] www.kantei.go.jp doesn't seem to use a CMS
- [+] Honeypot Probabilty: 0%
- ----------------------------------------
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http?
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/https?
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- [+] DNS Records
- [+] Host Records (A)
- www.kantei.go.jp (202.214.194.138) AS2497 Internet Initiative Inc. Japan
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/kantei.go.jp.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- No hosts found
- [+] Virtual hosts:
- -----------------
- [>] Crawling the target for fuzzable URLs
- [+] Found 1 fuzzable URLs
- http://www.kantei.go.jp////nettv.gov-online.go.jp/channel.php?c=01
- [>] Using SQLMap api to check for SQL injection vulnerabilities. Don't
- worry we are using an online service and it doesn't depend on your internet connection.
- This scan will take 2-3 minutes.
- [-] None of parameters is vulnerable to SQL injection
- [+] These are the URLs having parameters:
- http://www.kantei.go.jp////nettv.gov-online.go.jp/channel.php?c=01
- ====================================================================================
- RUNNING NSLOOKUP
- ====================================================================================
- ** server can't find 138.194.214.202.in-addr.arpa: NXDOMAIN
- Host 138.194.214.202.in-addr.arpa. not found: 3(NXDOMAIN)
- ====================================================================================
- CHECKING OS FINGERPRINT
- ====================================================================================
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is 202.214.194.138
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 202.214.194.138. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 202.214.194.138. Module test failed
- [-] No distance calculation. 202.214.194.138 appears to be dead or no ports known
- [+] Host: 202.214.194.138 is down (Guess probability: 0%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- ====================================================================================
- PINGING HOST
- ====================================================================================
- PING 202.214.194.138 (202.214.194.138) 56(84) bytes of data.
- --- 202.214.194.138 ping statistics ---
- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
- ====================================================================================
- RUNNING TCP PORT SCAN
- ====================================================================================
- Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-08 10:22 EST
- Nmap scan report for 202.214.194.138
- Host is up (0.40s latency).
- Not shown: 471 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 164.02 seconds
- ====================================================================================
- RUNNING INTRUSIVE SCANS
- ====================================================================================
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- ====================================================================================
- CHECKING FOR WAF
- ====================================================================================
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://202.214.194.138
- Generic Detection results:
- The site http://202.214.194.138 seems to be behind a WAF or some sort of security solution
- Reason: Blocking is being done at connection/packet level.
- Number of requests: 9
- ====================================================================================
- GATHERING HTTP INFO
- ====================================================================================
- http://202.214.194.138 [200 OK] Cookies[RAFP_UID,TS01791bf6], Country[JAPAN][JP], IP[202.214.194.138], JQuery[1.8.3], Script[text/javascript], Title[首相官邸ホームページ], X-Frame-Options[SAMEORIGIN]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: 202.214.194.138:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 200 OK
- Cache-Control: no-cache
- Connection: close
- Content-Type: text/html; charset=utf-8
- Pragma: no-cache
- Content-Length: 80
- <html><head><title>Request Error</title></head><body>Request Error</body></html>
- ====================================================================================
- CHECKING HTTP HEADERS
- ====================================================================================
- + -- --=[Checking if X-Content options are enabled on 202.214.194.138...
- + -- --=[Checking if X-Frame options are enabled on 202.214.194.138...
- X-Frame-Options: SAMEORIGIN
- + -- --=[Checking if X-XSS-Protection header is enabled on 202.214.194.138...
- + -- --=[Checking HTTP methods on 202.214.194.138...
- HTTP/1.1 405 Method Not Allowed
- Allow:
- + -- --=[Checking if TRACE method is enabled on 202.214.194.138...
- + -- --=[Checking for META tags on 202.214.194.138...
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <meta http-equiv="Content-Style-Type" content="text/css" />
- <meta http-equiv="Content-Script-Type" content="text/javascript" />
- <meta name="description" content="首相官邸のホームページです。内閣や総理大臣に関する情報をご覧になれます。" />
- <meta name="keywords" content="首相官邸,政府,内閣,総理,内閣官房" />
- <meta name="viewport" content="width=device-width, user-scalable=yes, initial-scale=1.0,target-densitydpi=device-dpi" />
- <meta name="format-detection" content="telephone=no" />
- + -- --=[Checking for open proxy on 202.214.194.138...
- /* WITH FIRST PARTY COOKIE */
- (function() {
- var bi = document.createElement('script');bi.type = 'text/javascript'; bi.async = true;
- bi.src = '//cs.nakanohito.jp/b3/bi.js';
- var s = document.getElementsByTagName('script')[0];s.parentNode.insertBefore(bi, s);
- })();
- </script>
- <!-- User Insight PCDF Code End : kantei.go.jp -->
- </body>
- </html>
- + -- --=[Enumerating software on 202.214.194.138...
- + -- --=[Checking if Strict-Transport-Security is enabled on 202.214.194.138...
- + -- --=[Checking for Flash cross-domain policy on 202.214.194.138...
- Please try again from the top page. Thank you for your understanding. <br />
- <br />
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- <br />
- </td>
- </tr>
- </table>
- <!-- /�R���e���c-->
- </BODY>
- </HTML>
- + -- --=[Checking for Silverlight cross-domain policy on 202.214.194.138...
- Please try again from the top page. Thank you for your understanding. <br />
- <br />
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- <br />
- </td>
- </tr>
- </table>
- <!-- /�R���e���c-->
- </BODY>
- </HTML>
- + -- --=[Checking for HTML5 cross-origin resource sharing on 202.214.194.138...
- + -- --=[Retrieving robots.txt on 202.214.194.138...
- Please try again from the top page. Thank you for your understanding. <br />
- <br />
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- <br />
- </td>
- </tr>
- </table>
- <!-- /�R���e���c-->
- </BODY>
- </HTML>
- + -- --=[Retrieving sitemap.xml on 202.214.194.138...
- Please try again from the top page. Thank you for your understanding. <br />
- <br />
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- <br />
- </td>
- </tr>
- </table>
- <!-- /�R���e���c-->
- </BODY>
- </HTML>
- + -- --=[Checking cookie attributes on 202.214.194.138...
- + -- --=[Checking for ASP.NET Detailed Errors on 202.214.194.138...
- <td><img src="/error/line_b.gif" alt="" width="100%" height="8"></td></tr>
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- Fichier binaire (entrée standard) correspondant
- <td><img src="/error/line_b.gif" alt="" width="100%" height="8"></td></tr>
- <img src="/error/contents_rmark.gif" alt="" width="7" height="6" border="0"> <a href="/foreign/index-e.html">Prime Minister of Japan and His Cabinet Top Page (PC site only)</a>
- Fichier binaire (entrée standard) correspondant
- ====================================================================================
- SAVING SCREENSHOTS
- ====================================================================================
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/202.214.194.138-port80.jpg
- libpng warning: iCCP: known incorrect sRGB profile
- libpng warning: iCCP: known incorrect sRGB profile
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- ====================================================================================
- CHECKING FOR WAF
- ====================================================================================
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://202.214.194.138
- ERROR:root:Site https://202.214.194.138 appears to be down
- ====================================================================================
- GATHERING HTTP INFO
- ====================================================================================
- https://202.214.194.138 [200 OK] Cookies[RAFP_UID,TS01791bf6], Country[JAPAN][JP], IP[202.214.194.138], JQuery[1.8.3], Script[text/javascript], Title[首相官邸ホームページ], X-Frame-Options[SAMEORIGIN]
- ====================================================================================
- GATHERING SSL/TLS INFO
- ====================================================================================
- AVAILABLE PLUGINS
- -----------------
- PluginHSTS
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginSessionRenegotiation
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionResumption
- PluginHeartbleed
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 202.214.194.138:443 => 202.214.194.138:443
- SCAN RESULTS FOR 202.214.194.138:443 - 202.214.194.138:443
- ----------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: VULNERABLE - Server honors client-initiated renegotiations
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 41ec0365b4607d31f4f7776ada93bd2f2002ed43
- Common Name: *.kantei.go.jp
- Issuer: GlobalSign Organization Validation CA - SHA256 - G2
- Serial Number: 4664B1F3CCB0E3E36A0606E6
- Not Before: Aug 30 06:47:00 2017 GMT
- Not After: Aug 31 06:47:00 2019 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['*.kantei.go.jp', 'kantei.go.jp']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match 202.214.194.138
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: certificate has expired
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['*.kantei.go.jp', 'GlobalSign Organization Validation CA - SHA256 - G2']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: NOT SUPPORTED - TLS ticket not assigned.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 10.18 S
- -------------------------
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server 202.214.194.138 on port 443 using SNI name 202.214.194.138
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 1024 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 1024 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 1024 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Preferred TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Preferred TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.kantei.go.jp
- Altnames: DNS:*.kantei.go.jp, DNS:kantei.go.jp
- Issuer: GlobalSign Organization Validation CA - SHA256 - G2
- Not valid before: Aug 30 06:47:00 2017 GMT
- Not valid after: Aug 31 06:47:00 2019 GMT
- #######################################################################################################################################
- Hostname www.jnto.go.jp ISP J-Stream Inc. (AS24253)
- Continent Asia Flag
- JP
- Country Japan Country Code JP (JPN)
- Region 19 Local time 09 Jan 2018 00:39 JST
- Metropolis Unknown Postal Code 210-0835
- City Kawasaki Latitude 35.521
- IP Address 202.79.244.228 Longitude 139.717
- #######################################################################################################################################
- [i] Scanning Site: http://202.79.244.228 #
- B A S I C I N F O
- ====================
- [+] Site Title: Japan National Tourism Organization Web Site
- [+] IP address: 202.79.244.228
- [+] Web Server: Apache
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: bingbot
- Crawl-Delay: 5
- User-agent: AhrefsBot
- Disallow: /
- User-agent: BLEXBot
- Disallow: /
- -----------[end of contents]-------------
- W H O I S L O O K U P
- ========================
- % [whois.apnic.net]
- % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
- % Information related to '202.79.240.0 - 202.79.247.255'
- % Abuse contact for '202.79.240.0 - 202.79.247.255' is 'hostmaster@nic.ad.jp'
- inetnum: 202.79.240.0 - 202.79.247.255
- netname: J-Stream
- descr: J-Stream Inc.
- descr: Shiba 256 Square Bldg. 6F, 2-5-6 Shiba,
- descr: Minato-ku, Tokyo, 105-0014 JAPAN
- country: JP
- admin-c: JNIC1-AP
- tech-c: JNIC1-AP
- status: ALLOCATED PORTABLE
- remarks: Email address for spam or abuse complaints : abuse@stream.co.jp
- mnt-by: MAINT-JPNIC
- mnt-irt: IRT-JPNIC-JP
- mnt-lower: MAINT-JPNIC
- last-modified: 2015-12-01T22:30:08Z
- source: APNIC
- irt: IRT-JPNIC-JP
- address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda
- address: Chiyoda-ku, Tokyo 101-0047, Japan
- e-mail: hostmaster@nic.ad.jp
- abuse-mailbox: hostmaster@nic.ad.jp
- admin-c: JNIC1-AP
- tech-c: JNIC1-AP
- auth: # Filtered
- mnt-by: MAINT-JPNIC
- last-modified: 2017-10-18T10:21:54Z
- source: APNIC
- role: Japan Network Information Center
- address: Urbannet-Kanda Bldg 4F
- address: 3-6-2 Uchi-Kanda
- address: Chiyoda-ku, Tokyo 101-0047,Japan
- country: JP
- phone: +81-3-5297-2311
- fax-no: +81-3-5297-2312
- e-mail: hostmaster@nic.ad.jp
- admin-c: JI13-AP
- tech-c: JE53-AP
- nic-hdl: JNIC1-AP
- mnt-by: MAINT-JPNIC
- last-modified: 2012-08-28T07:58:02Z
- source: APNIC
- % Information related to '202.79.240.0 - 202.79.247.255'
- inetnum: 202.79.240.0 - 202.79.247.255
- netname: J-Stream-CIDR-BLK-JP
- descr: J-Stream Inc.
- remarks: Email address for spam or abuse complaints : abuse@stream.co.jp
- country: JP
- admin-c: SM3560JP
- tech-c: SM3560JP
- remarks: This information has been partially mirrored by APNIC from
- remarks: JPNIC. To obtain more specific information, please use the
- remarks: JPNIC WHOIS Gateway at
- remarks: http://www.nic.ad.jp/en/db/whois/en-gateway.html or
- remarks: whois.nic.ad.jp for WHOIS client. (The WHOIS client
- remarks: defaults to Japanese output, use the /e switch for English
- remarks: output)
- changed: apnic-ftp@nic.ad.jp 20050124
- changed: apnic-ftp@nic.ad.jp 20101019
- source: JPNIC
- % This query was served by the APNIC Whois Service version 1.88.15-43 (WHOIS-US3)
- G E O I P L O O K U P
- =========================
- [i] IP Address: 202.79.244.228
- [i] Country: JP
- [i] State: Tokyo
- [i] City: Tokyo
- [i] Latitude: 35.685001
- [i] Longitude: 139.751404
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 08 Jan 2018 15:42:47 GMT
- [i] Server: Apache
- [i] Last-Modified: Tue, 06 Jun 2017 07:28:20 GMT
- [i] ETag: "1e2e-55145905a8d00"
- [i] Accept-Ranges: bytes
- [i] Content-Length: 7726
- [i] Connection: close
- [i] Content-Type: text/html
- D N S L O O K U P
- ===================
- no records found
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 202.79.244.228
- Network = 202.79.244.228 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 202.79.244.228 - 202.79.244.228 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-08 15:42 UTC
- Nmap scan report for bbt244-jnto-web01-228.jnto.go.jp (202.79.244.228)
- Host is up (0.16s latency).
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http Apache httpd
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/http Apache httpd
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 16.45 seconds
- [?] Enter the target: http://202.79.244.228
- [!] IP Address : 202.79.244.228
- [!] Server: Apache
- [-] Clickjacking protection is not in place.
- [!] 202.79.244.228 doesn't seem to use a CMS
- [+] Honeypot Probabilty: 0%
- ----------------------------------------
- [+] Robots.txt retrieved
- User-agent: bingbot
- Crawl-Delay: 5
- User-agent: AhrefsBot
- Disallow: /
- User-agent: BLEXBot
- Disallow: /
- ----------------------------------------
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open http Apache httpd
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/http Apache httpd
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- ----------------------------------------
- Traceback (most recent call last):
- Target: http://202.79.244.228
- Server: Apache
- ## NOTE: The Administrator URL was renamed. Bruteforce it. ##
- ## None of /administrator, /admin, /manage ##
- ## Checking if the target has deployed an Anti-Scanner measure
- [!] Scanning Passed ..... OK
- ## Detecting Joomla! based Firewall ...
- [!] .htaccess shipped with Joomla! is being deployed for SEO purpose
- [!] It contains some defensive mod_rewrite rules
- [!] Payloads that contain strings (mosConfig,base64_encode,<script>
- GLOBALS,_REQUEST) wil be responsed with 403.
- ## Fingerprinting in progress ...
- ~Unable to detect the version. Is it sure a Joomla?
- ## Fingerprinting done.
- ====================================================================================
- RUNNING NSLOOKUP
- ====================================================================================
- 228.244.79.202.in-addr.arpa name = bbt244-jnto-web01-228.jnto.go.jp.
- Authoritative answers can be found from:
- 228.244.79.202.in-addr.arpa domain name pointer bbt244-jnto-web01-228.jnto.go.jp.
- ====================================================================================
- CHECKING OS FINGERPRINT
- ====================================================================================
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is 202.79.244.228
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 202.79.244.228. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 202.79.244.228. Module test failed
- [-] No distance calculation. 202.79.244.228 appears to be dead or no ports known
- [+] Host: 202.79.244.228 is down (Guess probability: 0%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- ====================================================================================
- PINGING HOST
- ====================================================================================
- PING 202.79.244.228 (202.79.244.228) 56(84) bytes of data.
- --- 202.79.244.228 ping statistics ---
- 1 packets transmitted, 0 received, 100% packet loss, time 0ms
- ====================================================================================
- RUNNING TCP PORT SCAN
- ====================================================================================
- Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-08 10:51 EST
- Nmap scan report for bbt244-jnto-web01-228.jnto.go.jp (202.79.244.228)
- Host is up (0.21s latency).
- Not shown: 470 filtered ports, 1 closed port
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 6.32 seconds
- ====================================================================================
- RUNNING INTRUSIVE SCANS
- ====================================================================================
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- ====================================================================================
- CHECKING FOR WAF
- ====================================================================================
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://202.79.244.228
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- ====================================================================================
- GATHERING HTTP INFO
- ====================================================================================
- http://202.79.244.228 [200 OK] Apache, Country[JAPAN][JP], Google-Analytics[UA-761127-3], HTTPServer[Apache], IP[202.79.244.228], JQuery[1.11.0], Script[text/javascript], Title[Japan National Tourism Organization Web Site], X-UA-Compatible[IE=EmulateIE7]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: 202.79.244.228:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 400 Bad Request
- Date: Mon, 08 Jan 2018 15:51:59 GMT
- Server: Apache
- Content-Length: 226
- Connection: close
- Content-Type: text/html; charset=iso-8859-1
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>400 Bad Request</title>
- </head><body>
- <h1>Bad Request</h1>
- <p>Your browser sent a request that this server could not understand.<br />
- </p>
- </body></html>
- HTTP/1.1 400 Bad Request
- Date: Mon, 08 Jan 2018 15:52:00 GMT
- Server: Apache
- Content-Length: 226
- Connection: close
- Content-Type: text/html; charset=iso-8859-1
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>400 Bad Request</title>
- </head><body>
- <h1>Bad Request</h1>
- <p>Your browser sent a request that this server could not understand.<br />
- </p>
- </body></html>
- ====================================================================================
- CHECKING HTTP HEADERS
- ====================================================================================
- + -- --=[Checking if X-Content options are enabled on 202.79.244.228...
- + -- --=[Checking if X-Frame options are enabled on 202.79.244.228...
- + -- --=[Checking if X-XSS-Protection header is enabled on 202.79.244.228...
- + -- --=[Checking HTTP methods on 202.79.244.228...
- Allow: HEAD,HEAD,GET,HEAD,POST,OPTIONS
- + -- --=[Checking if TRACE method is enabled on 202.79.244.228...
- + -- --=[Checking for META tags on 202.79.244.228...
- <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
- <meta http-equiv="content-style-type" content="text/css" />
- <meta http-equiv="content-script-type" content="text/javascript" />
- <meta http-equiv="imagetoolbar" content="no" />
- <meta name="MSSmartTagsPreventParsing" content="true" />
- <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" >
- <meta name="description" content="JNTO is involved in a broad range of activities promoting travel to Japan through various activities overseas as well as tourism-promoting activities in Japan." />
- <meta name="keywords" content="Japan National Tourism Organization, Japan Travel" />
- + -- --=[Checking for open proxy on 202.79.244.228...
- </div>
- <!--/contents-->
- <!--==========CONTENTS end==========-->
- </div>
- <!--/wrapperinner-->
- </div>
- <!--/wrapper-->
- </body>
- </html>
- + -- --=[Enumerating software on 202.79.244.228...
- Server: Apache
- + -- --=[Checking if Strict-Transport-Security is enabled on 202.79.244.228...
- + -- --=[Checking for Flash cross-domain policy on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on 202.79.244.228...
- + -- --=[Retrieving robots.txt on 202.79.244.228...
- User-agent: bingbot
- Crawl-Delay: 5
- User-agent: AhrefsBot
- Disallow: /
- User-agent: BLEXBot
- Disallow: /
- + -- --=[Retrieving sitemap.xml on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking cookie attributes on 202.79.244.228...
- + -- --=[Checking for ASP.NET Detailed Errors on 202.79.244.228...
- ====================================================================================
- SAVING SCREENSHOTS
- ====================================================================================
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/202.79.244.228-port80.jpg
- libpng warning: iCCP: known incorrect sRGB profile
- libpng warning: iCCP: known incorrect sRGB profile
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- ====================================================================================
- CHECKING FOR WAF
- ====================================================================================
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://202.79.244.228
- Traceback (most recent call last):
- File "/usr/bin/wafw00f", line 8, in <module>
- main()
- File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 808, in main
- if attacker.normalrequest() is None:
- File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 96, in normalrequest
- return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
- File "/usr/lib/python2.7/dist-packages/wafw00f/lib/evillib.py", line 323, in request
- h.request(method, path, headers=headers)
- File "/usr/lib/python2.7/httplib.py", line 1042, in request
- self._send_request(method, url, body, headers)
- File "/usr/lib/python2.7/httplib.py", line 1082, in _send_request
- self.endheaders(body)
- File "/usr/lib/python2.7/httplib.py", line 1038, in endheaders
- self._send_output(message_body)
- File "/usr/lib/python2.7/httplib.py", line 882, in _send_output
- self.send(msg)
- File "/usr/lib/python2.7/httplib.py", line 844, in send
- self.connect()
- File "/usr/lib/python2.7/httplib.py", line 1263, in connect
- server_hostname=server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 369, in wrap_socket
- _context=self)
- File "/usr/lib/python2.7/ssl.py", line 617, in __init__
- self.do_handshake()
- File "/usr/lib/python2.7/ssl.py", line 854, in do_handshake
- match_hostname(self.getpeercert(), self.server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 288, in match_hostname
- % (hostname, ', '.join(map(repr, dnsnames))))
- ssl.CertificateError: hostname '202.79.244.228' doesn't match either of 'action.jnto.go.jp', 'cms-eng.jnto.go.jp', 'fileserver.jnto.go.jp', 'japan-magazine.jnto.go.jp', 'japan-photo.jnto.go.jp', 'japan-tours.jnto.go.jp', 'japanfreewifi.jnto.go.jp', 'jnto-cms01.jnto.go.jp', 'magazine.jnto.go.jp', 'mice.jnto.go.jp', 'recruit.jnto.go.jp', 'shorttrips.jnto.go.jp', 'tax-freeshop.jnto.go.jp', 'tic.jnto.go.jp', 'visit-japan.jp', 'weblog-analytics.jnto.go.jp', 'welcome2japan.hk', 'www.camnhannhatban.vn', 'www.japanmeetings.org', 'www.jnto.go.jp', 'www.welcome2japan.hk'
- ====================================================================================
- GATHERING HTTP INFO
- ====================================================================================
- https://202.79.244.228 [200 OK] Apache, Country[JAPAN][JP], Google-Analytics[UA-761127-3], HTTPServer[Apache], IP[202.79.244.228], JQuery[1.11.0], Script[text/javascript], Title[Japan National Tourism Organization Web Site], X-UA-Compatible[IE=EmulateIE7]
- ====================================================================================
- GATHERING SSL/TLS INFO
- ====================================================================================
- AVAILABLE PLUGINS
- -----------------
- PluginHSTS
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginSessionRenegotiation
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionResumption
- PluginHeartbleed
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- 202.79.244.228:443 => 202.79.244.228:443
- SCAN RESULTS FOR 202.79.244.228:443 - 202.79.244.228:443
- --------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: 7dd7d4791b10d074943f91787c53e9cce000f94f
- Common Name: None
- Issuer: COMODO RSA Domain Validation Secure Server CA
- Serial Number: 99CF75306B58D457D0A07E7C9E04BAE2
- Not Before: Sep 6 00:00:00 2017 GMT
- Not After: Mar 14 23:59:59 2018 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['action.jnto.go.jp', 'cms-eng.jnto.go.jp', 'fileserver.jnto.go.jp', 'japan-magazine.jnto.go.jp', 'japan-photo.jnto.go.jp', 'japan-tours.jnto.go.jp', 'japanfreewifi.jnto.go.jp', 'jnto-cms01.jnto.go.jp', 'magazine.jnto.go.jp', 'mice.jnto.go.jp', 'recruit.jnto.go.jp', 'shorttrips.jnto.go.jp', 'tax-freeshop.jnto.go.jp', 'tic.jnto.go.jp', 'visit-japan.jp', 'weblog-analytics.jnto.go.jp', 'welcome2japan.hk', 'www.camnhannhatban.vn', 'www.japanmeetings.org', 'www.jnto.go.jp', 'www.welcome2japan.hk']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match 202.79.244.228
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['PositiveSSL Multi-Domain', 'COMODO RSA Domain Validation Secure Server CA', 'COMODO RSA Certification Authority']
- * Certificate - OCSP Stapling:
- NOT SUPPORTED - Server did not send back an OCSP response.
- * Session Resumption:
- With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: OK - Supported
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- SCAN COMPLETED IN 4.13 S
- ------------------------
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server 202.79.244.228 on port 443 using SNI name 202.79.244.228
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 256 bits CAMELLIA256-SHA
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 128 bits SEED-SHA
- Accepted TLSv1.2 128 bits CAMELLIA128-SHA
- Accepted TLSv1.2 128 bits IDEA-CBC-SHA
- Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 112 bits DES-CBC3-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 256 bits CAMELLIA256-SHA
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 128 bits SEED-SHA
- Accepted TLSv1.1 128 bits CAMELLIA128-SHA
- Accepted TLSv1.1 128 bits IDEA-CBC-SHA
- Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 112 bits DES-CBC3-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 256 bits CAMELLIA256-SHA
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 128 bits SEED-SHA
- Accepted TLSv1.0 128 bits CAMELLIA128-SHA
- Accepted TLSv1.0 128 bits IDEA-CBC-SHA
- Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 112 bits DES-CBC3-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: /OU=Domain Control Validated/OU=Hosted by Comodo Japan Inc/OU=PositiveSSL Multi-Domain
- Altnames: DNS:action.jnto.go.jp, DNS:cms-eng.jnto.go.jp, DNS:fileserver.jnto.go.jp, DNS:japan-magazine.jnto.go.jp, DNS:japan-photo.jnto.go.jp, DNS:japan-tours.jnto.go.jp, DNS:japanfreewifi.jnto.go.jp, DNS:jnto-cms01.jnto.go.jp, DNS:magazine.jnto.go.jp, DNS:mice.jnto.go.jp, DNS:recruit.jnto.go.jp, DNS:shorttrips.jnto.go.jp, DNS:tax-freeshop.jnto.go.jp, DNS:tic.jnto.go.jp, DNS:visit-japan.jp, DNS:weblog-analytics.jnto.go.jp, DNS:welcome2japan.hk, DNS:www.camnhannhatban.vn, DNS:www.japanmeetings.org, DNS:www.jnto.go.jp, DNS:www.welcome2japan.hk
- Issuer: COMODO RSA Domain Validation Secure Server CA
- + -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
- + -- --=[Checking for DROWN (SSLv2): 202.79.244.228:443
- + -- --=[Checking for HeartBleed: 202.79.244.228:443
- + -- --=[Checking for OpenSSL CCS: 202.79.244.228:443
- + -- --=[Checking for Poodle (SSLv3): 202.79.244.228:443
- + -- --=[Checking for WinShock (MS14-066): 202.79.244.228:443
- Testing if OpenSSL supports the ciphers we are checking for: YES
- Testing 202.79.244.228:443 for availability of SSL ciphers added in MS14-066...
- Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
- Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
- Testing cipher AES256-GCM-SHA384: SUPPORTED
- Testing cipher AES128-GCM-SHA256: SUPPORTED
- Testing if IIS is running on port 443: NO
- Checking if target system is running Windows Server 2012 or later...
- Testing cipher ECDHE-RSA-AES256-SHA384: SUPPORTED
- 202.79.244.228:443 is patched: UNKNOWN: Windows Server 2012 or later detected.
- + -- --=[Scan Complete!
- ====================================================================================
- CHECKING HTTP HEADERS
- ====================================================================================
- + -- --=[Checking if X-Content options are enabled on 202.79.244.228...
- + -- --=[Checking if X-Frame options are enabled on 202.79.244.228...
- + -- --=[Checking if X-XSS-Protection header is enabled on 202.79.244.228...
- + -- --=[Checking HTTP methods on 202.79.244.228...
- Allow: HEAD,HEAD,GET,HEAD,POST,OPTIONS
- + -- --=[Checking if TRACE method is enabled on 202.79.244.228...
- + -- --=[Checking for META tags on 202.79.244.228...
- <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
- <meta http-equiv="content-style-type" content="text/css" />
- <meta http-equiv="content-script-type" content="text/javascript" />
- <meta http-equiv="imagetoolbar" content="no" />
- <meta name="MSSmartTagsPreventParsing" content="true" />
- <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" >
- <meta name="description" content="JNTO is involved in a broad range of activities promoting travel to Japan through various activities overseas as well as tourism-promoting activities in Japan." />
- <meta name="keywords" content="Japan National Tourism Organization, Japan Travel" />
- + -- --=[Checking for open proxy on 202.79.244.228...
- + -- --=[Enumerating software on 202.79.244.228...
- Server: Apache
- + -- --=[Checking if Strict-Transport-Security is enabled on 202.79.244.228...
- + -- --=[Checking for Flash cross-domain policy on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /crossdomain.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking for Silverlight cross-domain policy on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /clientaccesspolicy.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on 202.79.244.228...
- + -- --=[Retrieving robots.txt on 202.79.244.228...
- User-agent: bingbot
- Crawl-Delay: 5
- User-agent: AhrefsBot
- Disallow: /
- User-agent: BLEXBot
- Disallow: /
- + -- --=[Retrieving sitemap.xml on 202.79.244.228...
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
- <html><head>
- <title>404 Not Found</title>
- </head><body>
- <h1>Not Found</h1>
- <p>The requested URL /sitemap.xml was not found on this server.</p>
- </body></html>
- + -- --=[Checking cookie attributes on 202.79.244.228...
- + -- --=[Checking for ASP.NET Detailed Errors on 202.79.244.228...
- __________ __ ____ ___
- \______ \_______ __ ___/ |_ ____ \ \/ /
- | | _/\_ __ \ | \ __\/ __ \ \ /
- | | \ | | \/ | /| | \ ___/ / \
- |______ / |__| |____/ |__| \___ >___/\ \
- \/ \/ \_/
- + -- --=[BruteX v1.7 by 1N3
- + -- --=[http://crowdshield.com
- ################################### Running Port Scan ##############################
- Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-08 10:55 EST
- Nmap scan report for bbt244-jnto-web01-228.jnto.go.jp (202.79.244.228)
- Host is up (0.21s latency).
- Not shown: 24 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 4.55 seconds
- ################################### Running Brute Force ############################
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-08 10:55:13
- [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
- [DATA] attacking http-get://202.79.244.228:80//
- [80][http-get] host: 202.79.244.228 login: admin password: admin
- [STATUS] attack finished for 202.79.244.228 (valid pair found)
- 1 of 1 target successfully completed, 1 valid password found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-08 10:55:15
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
- Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-08 10:55:15
- [DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
- [DATA] attacking http-gets://202.79.244.228:443//
- [443][http-get] host: 202.79.244.228 login: admin password: admin
- [STATUS] attack finished for 202.79.244.228 (valid pair found)
- 1 of 1 target successfully completed, 1 valid password found
- Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-08 10:55:17
- #######################################################################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement