Anonymous JTSEC #OpWhales Full Recon #34

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.maruzenshowa.co.jp ISP Internet Initiative Japan Inc.
4. Continent Asia Flag
5. JP
6. Country Japan Country Code JP
7. Region Tokyo Local time 16 Aug 2019 20:01 JST
8. City Narimasu Postal Code 175-0094
9. IP Address 210.130.168.131 Latitude 35.784
10. Longitude 139.632
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > www.maruzenshowa.co.jp
14. Server: 38.132.106.139
15. Address: 38.132.106.139#53
16.  
17. Non-authoritative answer:
18. www.maruzenshowa.co.jp canonical name = 131.168.130.210.wh.2iij.net.
19. Name: 131.168.130.210.wh.2iij.net
20. Address: 210.130.168.131
21. >
22. #######################################################################################################################################
23. [ JPRS database provides information on network administration. Its use is ]
24. [ restricted to network administration purposes. For further information, ]
25. [ use 'whois -h whois.jprs.jp help'. To suppress Japanese output, add'/e' ]
26. [ at the end of command, e.g. 'whois -h whois.jprs.jp xxx/e'. ]
27.  
28. Domain Information:
29. a. [Domain Name] MARUZENSHOWA.CO.JP
30. g. [Organization] MARUZEN SHOWA UNYU CO., LTD.
31. l. [Organization Type] CO.,LTD
32. m. [Administrative Contact] TM30647JP
33. n. [Technical Contact] TM30647JP
34. p. [Name Server] dns.maruzenshowa.co.jp
35. p. [Name Server] ns.center.web.ad.jp
36. s. [Signing Key]
37. [State] Connected (2019/10/31)
38. [Registered Date] 1997/10/17
39. [Connected Date] 1997/10/23
40. [Last Update] 2018/11/01 01:04:27 (JST)
41. #######################################################################################################################################
42. [+] Target : www.maruzenshowa.co.jp
43.  
44. [+] IP Address : 210.130.168.131
45.  
46. [+] Headers :
47.  
48. [+] Date : Fri, 16 Aug 2019 11:07:46 GMT
49. [+] Server : Apache
50. [+] Last-Modified : Tue, 13 Aug 2019 00:21:03 GMT
51. [+] ETag : "85f046-67c5-58ff49da34355"
52. [+] Accept-Ranges : bytes
53. [+] Content-Length : 26565
54. [+] Keep-Alive : timeout=5, max=100
55. [+] Connection : Keep-Alive
56. [+] Content-Type : text/html
57.  
58. [+] SSL Certificate Information :
59.  
60. [+] countryName : JP
61. [+] organizationalUnitName : Domain Control Validated
62. [+] commonName : www.maruzenshowa.co.jp
63. [+] countryName : BE
64. [+] organizationName : GlobalSign nv-sa
65. [+] commonName : GlobalSign RSA DV SSL CA 2018
66. [+] Version : 3
67. [+] Serial Number : 63C047CEDFB381C92B12C115
68. [+] Not Before : Aug 8 00:25:39 2019 GMT
69. [+] Not After : Aug 15 04:03:49 2021 GMT
70. [+] OCSP : ('http://ocsp.globalsign.com/gsrsadvsslca2018',)
71. [+] subject Alt Name : (('DNS', 'www.maruzenshowa.co.jp'), ('DNS', 'maruzenshowa.co.jp'))
72. [+] CA Issuers : ('http://secure.globalsign.com/cacert/gsrsadvsslca2018.crt',)
73. [+] CRL Distribution Points : ('http://crl.globalsign.com/gsrsadvsslca2018.crl',)
74.  
75. [+] Whois Lookup :
76.  
77. [+] NIR : {'query': '210.130.168.131', 'raw': None, 'nets': [{'cidr': '210.130.168.0/24', 'name': 'IIJ Internet', 'handle': 'IIJNET', 'range': '210.130.168.1 - 210.130.168.255', 'country': 'JP', 'address': None, 'postal_code': None, 'nameservers': ['ns-e.secureweb.jp', 'ns-w.secureweb.jp'], 'created': None, 'updated': '2015-09-07T01:32:03', 'contacts': {'admin': {'email': 'nic-sec@iij.ad.jp', 'organization': 'Internet Initiative Japan Inc.', 'division': '', 'phone': '03-5205-6500', 'fax': '', 'updated': '2014-07-22T03:02:04'}, 'tech': {'email': 'nic-sec@iij.ad.jp', 'organization': 'Internet Initiative Japan Inc.', 'division': '', 'phone': '03-5205-6500', 'fax': '', 'updated': '2014-07-22T03:02:04'}}}]}
78. [+] ASN Registry : apnic
79. [+] ASN : 2497
80. [+] ASN CIDR : 210.130.0.0/16
81. [+] ASN Country Code : JP
82. [+] ASN Date : 1996-08-16
83. [+] ASN Description : IIJ Internet Initiative Japan Inc., JP
84. [+] cidr : 210.128.0.0/13
85. [+] name : JPNIC-NET-JP
86. [+] handle : JNIC1-AP
87. [+] range : 210.128.0.0 - 210.135.255.255
88. [+] description : Japan Network Information Center
89. [+] country : JP
90. [+] state : None
91. [+] city : None
92. [+] address : Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda
93. Chiyoda-ku, Tokyo 101-0047, Japan
94. [+] postal_code : None
95. [+] emails : ['hostmaster@nic.ad.jp']
96. [+] created : None
97. [+] updated : None
98.  
99. [+] Crawling Target...
100.  
101. [+] Looking for robots.txt........[ Found ]
102. [+] Extracting robots Links.......[ 0 ]
103. [+] Looking for sitemap.xml.......[ Found ]
104. [+] Extracting sitemap Links......[ 716 ]
105. [+] Extracting CSS Links..........[ 6 ]
106. [+] Extracting Javascript Links...[ 9 ]
107. [+] Extracting Internal Links.....[ 1 ]
108. [+] Extracting External Links.....[ 4 ]
109. [+] Extracting Images.............[ 51 ]
110.  
111. [+] Total Links Extracted : 787
112.  
113. [+] Dumping Links in /opt/FinalRecon/dumps/www.maruzenshowa.co.jp.dump
114. [+] Completed!
115. #######################################################################################################################################
116. [+] Starting At 2019-08-16 07:08:56.134865
117. [+] Collecting Information On: https://www.maruzenshowa.co.jp/
118. [#] Status: 200
119. --------------------------------------------------
120. [#] Web Server Detected: Apache
121. [!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
122. - Date: Fri, 16 Aug 2019 11:09:00 GMT
123. - Server: Apache
124. - Last-Modified: Tue, 13 Aug 2019 00:21:03 GMT
125. - ETag: "85f046-67c5-58ff49da34355"
126. - Accept-Ranges: bytes
127. - Content-Length: 26565
128. - Keep-Alive: timeout=5, max=100
129. - Connection: Keep-Alive
130. - Content-Type: text/html
131. --------------------------------------------------
132. [#] Finding Location..!
133. [#] message: invalid query
134. [#] query: maruzenshowa.co.jp
135. [#] status: fail
136. --------------------------------------------------
137. [x] Didn't Detect WAF Presence on: https://www.maruzenshowa.co.jp/
138. --------------------------------------------------
139. [#] Starting Reverse DNS
140. [-] Failed ! Fail
141. --------------------------------------------------
142. [!] Scanning Open Port
143. --------------------------------------------------
144. [+] Collecting Information Disclosure!
145. [#] Detecting sitemap.xml file
146. [!] sitemap.xml File Found: https://www.maruzenshowa.co.jp//sitemap.xml
147. [#] Detecting robots.txt file
148. [!] robots.txt File Found: https://www.maruzenshowa.co.jp/not_found.html
149. [#] Detecting GNU Mailman
150. [-] GNU Mailman App Not Detected!?
151. --------------------------------------------------
152. [+] Crawling Url Parameter On: https://www.maruzenshowa.co.jp/
153. --------------------------------------------------
154. [#] Searching Html Form !
155. [+] Html Form Discovered
156. [#] action: https://search.yahoo.co.jp/search
157. [#] class: ['pc_only']
158. [#] id: None
159. [#] method: get
160. --------------------------------------------------
161. [!] Found 8 dom parameter
162. [#] https://www.maruzenshowa.co.jp//#globalNav
163. [#] https://www.maruzenshowa.co.jp//#mainContents
164. [#] https://www.maruzenshowa.co.jp//#footContainer
165. [#] https://www.maruzenshowa.co.jp//ir/library.html#anchor02
166. [#] https://www.maruzenshowa.co.jp//ir/library.html#anchor01
167. [#] https://www.maruzenshowa.co.jp//ir/library.html#anchor02
168. [#] https://www.maruzenshowa.co.jp//ir/library.html#anchor03
169. [#] https://www.maruzenshowa.co.jp//service/function/3pl/about.html#anchor01
170. --------------------------------------------------
171. [!] 1 Internal Dynamic Parameter Discovered
172. [+] https://www.maruzenshowa.co.jp/contact/index.php/form/input?item=8
173. --------------------------------------------------
174. [-] No external Dynamic Paramter Found!?
175. --------------------------------------------------
176. [!] 114 Internal links Discovered
177. [+] https://www.maruzenshowa.co.jp/favicon.ico
178. [+] https://www.maruzenshowa.co.jp/favicon.ico
179. [+] https://www.maruzenshowa.co.jp/apple-touch-icon.png
180. [+] https://www.maruzenshowa.co.jp//common/css/import.css
181. [+] https://www.maruzenshowa.co.jp//common/css/print.css
182. [+] https://www.maruzenshowa.co.jp//common/css/fontsize_medium.css
183. [+] https://www.maruzenshowa.co.jp//common/css/fontsize_large.css
184. [+] https://www.maruzenshowa.co.jp//common/css/category/sitetop.css
185. [+] https://www.maruzenshowa.co.jp//common/css/smart.css
186. [+] https://www.maruzenshowa.co.jp//index.html
187. [+] https://www.maruzenshowa.co.jp//ch/index.html
188. [+] https://www.maruzenshowa.co.jp//en/index.html
189. [+] https://www.maruzenshowa.co.jp//csr/index.html
190. [+] https://www.maruzenshowa.co.jp//ir/index.html
191. [+] https://www.maruzenshowa.co.jp//recruit/index.html
192. [+] https://www.maruzenshowa.co.jp//faq/index.html
193. [+] https://www.maruzenshowa.co.jp//sitemap/index.html
194. [+] https://www.maruzenshowa.co.jp//service/index.html
195. [+] https://www.maruzenshowa.co.jp//strength/index.html
196. [+] https://www.maruzenshowa.co.jp//case/index.html
197. [+] https://www.maruzenshowa.co.jp//base/index.html
198. [+] https://www.maruzenshowa.co.jp//corporate/index.html
199. [+] https://www.maruzenshowa.co.jp//contact/index.html
200. [+] https://www.maruzenshowa.co.jp//service/function/3pl/about.html
201. [+] https://www.maruzenshowa.co.jp//service/function/storage.html
202. [+] https://www.maruzenshowa.co.jp//service/function/global/index.html
203. [+] https://www.maruzenshowa.co.jp//service/function/yard_operation.html
204. [+] https://www.maruzenshowa.co.jp//service/function/harbor/index.html
205. [+] https://www.maruzenshowa.co.jp//service/function/machine/engineering.html
206. [+] https://www.maruzenshowa.co.jp//service/function/truck/index.html
207. [+] https://www.maruzenshowa.co.jp//service/function/office_relocation.html
208. [+] https://www.maruzenshowa.co.jp//service/function/railroad.html
209. [+] https://www.maruzenshowa.co.jp//service/function/moving/domestic.html
210. [+] https://www.maruzenshowa.co.jp//service/industry/petrochemistry.html
211. [+] https://www.maruzenshowa.co.jp//service/industry/construction_equipment.html
212. [+] https://www.maruzenshowa.co.jp//service/industry/steel.html
213. [+] https://www.maruzenshowa.co.jp//service/industry/building_material.html
214. [+] https://www.maruzenshowa.co.jp//service/function/truck/precision.html
215. [+] https://www.maruzenshowa.co.jp//service/industry/apparel.html
216. [+] https://www.maruzenshowa.co.jp//service/industry/household_goods.html
217. [+] https://www.maruzenshowa.co.jp//service/function/truck/precision.html
218. [+] https://www.maruzenshowa.co.jp//service/function/global/overseas_plant.html
219. [+] https://www.maruzenshowa.co.jp//service/function/truck/heavy_load.html
220. [+] https://www.maruzenshowa.co.jp//csr/eco/eco.html
221. [+] https://www.maruzenshowa.co.jp//service/function/truck/hazardous_materials.html
222. [+] https://www.maruzenshowa.co.jp//service/purpose/efficiency.html
223. [+] https://www.maruzenshowa.co.jp//service/function/office_relocation.html
224. [+] https://www.maruzenshowa.co.jp//service/purpose/outsourcing.html
225. [+] https://www.maruzenshowa.co.jp//service/function/machine/engineering.html
226. [+] https://www.maruzenshowa.co.jp//info/release20190709_01.html
227. [+] https://www.maruzenshowa.co.jp//info/index.html
228. [+] https://www2.maruzenshowa.co.jp/mz3pl_open/
229. [+] https://www2.maruzenshowa.co.jp/mz3pl_open/index2_JP.html
230. [+] https://www2.maruzenshowa.co.jp/global/
231. [+] https://www.maruzenshowa.co.jp//corporate/introduction.html
232. [+] https://www.maruzenshowa.co.jp//service/attention.html
233. [+] https://www.maruzenshowa.co.jp//base/domestic/hokkaido_tohoku/index.html
234. [+] https://www.maruzenshowa.co.jp//base/domestic/kanto/index.html
235. [+] https://www.maruzenshowa.co.jp//base/domestic/chubu/index.html
236. [+] https://www.maruzenshowa.co.jp//base/domestic/kansai/index.html
237. [+] https://www.maruzenshowa.co.jp//base/domestic/chugoku_shikoku/index.html
238. [+] https://www.maruzenshowa.co.jp//base/domestic/kyushu/index.html
239. [+] https://www.maruzenshowa.co.jp//base/global/east_asia/index.html
240. [+] https://www.maruzenshowa.co.jp//base/global/americas/index.html
241. [+] https://www.maruzenshowa.co.jp//base/global/southeast_asia/index.html
242. [+] https://www.maruzenshowa.co.jp//base/global/europe/index.html
243. [+] https://www.maruzenshowa.co.jp//service/warehouse.html
244. [+] https://www.maruzenshowa.co.jp//solution/index.html
245. [+] https://www.maruzenshowa.co.jp//service/function/harbor/customs_clearance/aeo.html
246. [+] https://www.maruzenshowa.co.jp//csr/isms/iso27001.html
247. [+] https://www.maruzenshowa.co.jp//service/index.html
248. [+] https://www.maruzenshowa.co.jp//service/function/3pl/about.html
249. [+] https://www.maruzenshowa.co.jp//service/function/global/index.html
250. [+] https://www.maruzenshowa.co.jp//service/function/harbor/index.html
251. [+] https://www.maruzenshowa.co.jp//service/function/truck/index.html
252. [+] https://www.maruzenshowa.co.jp//service/function/railroad.html
253. [+] https://www.maruzenshowa.co.jp//service/function/storage.html
254. [+] https://www.maruzenshowa.co.jp//service/function/yard_operation.html
255. [+] https://www.maruzenshowa.co.jp//service/function/machine/engineering.html
256. [+] https://www.maruzenshowa.co.jp//service/function/office_relocation.html
257. [+] https://www.maruzenshowa.co.jp//service/function/moving/domestic.html
258. [+] https://www.maruzenshowa.co.jp//strength/index.html
259. [+] https://www.maruzenshowa.co.jp//strength/solution.html
260. [+] https://www.maruzenshowa.co.jp//strength/operation.html
261. [+] https://www.maruzenshowa.co.jp//strength/network.html
262. [+] https://www.maruzenshowa.co.jp//strength/it.html
263. [+] https://www.maruzenshowa.co.jp//base/index.html
264. [+] https://www.maruzenshowa.co.jp//case/index.html
265. [+] https://www.maruzenshowa.co.jp//case/case01.html
266. [+] https://www.maruzenshowa.co.jp//case/case02.html
267. [+] https://www.maruzenshowa.co.jp//case/case03.html
268. [+] https://www.maruzenshowa.co.jp//corporate/index.html
269. [+] https://www.maruzenshowa.co.jp//corporate/message.html
270. [+] https://www.maruzenshowa.co.jp//corporate/profile.html
271. [+] https://www.maruzenshowa.co.jp//corporate/history.html
272. [+] https://www.maruzenshowa.co.jp//corporate/business.html
273. [+] https://www.maruzenshowa.co.jp//corporate/organization.html
274. [+] https://www.maruzenshowa.co.jp//corporate/philosophy.html
275. [+] https://www.maruzenshowa.co.jp//corporate/yakkan.html
276. [+] https://www.maruzenshowa.co.jp//corporate/internal_control.html
277. [+] https://www.maruzenshowa.co.jp//corporate/network/index.html
278. [+] https://www.maruzenshowa.co.jp//corporate/group.html
279. [+] https://www.maruzenshowa.co.jp//corporate/introduction.html
280. [+] https://www.maruzenshowa.co.jp//csr/index.html
281. [+] https://www.maruzenshowa.co.jp//ir/index.html
282. [+] https://www.maruzenshowa.co.jp//recruit/index.html
283. [+] https://www.maruzenshowa.co.jp//faq/index.html
284. [+] https://www.maruzenshowa.co.jp//contact/index.html
285. [+] https://www.maruzenshowa.co.jp//terms/index.html
286. [+] https://www.maruzenshowa.co.jp//privacy/index.html
287. [+] https://www.maruzenshowa.co.jp//privacy/specific.html
288. [+] https://www.maruzenshowa.co.jp//csr/safety/gmark.html
289. [+] https://www.maruzenshowa.co.jp//csr/quality/iso9001.html
290. [+] https://www.maruzenshowa.co.jp//csr/eco/iso14001.html
291. --------------------------------------------------
292. [!] 2 External links Discovered
293. [#] https://www.yahoo.co.jp/
294. [#] https://get.adobe.com/jp/flashplayer
295. --------------------------------------------------
296. [#] Mapping Subdomain..
297. [-] No Any Subdomain Found
298. [!] Found 0 Subdomain
299. --------------------------------------------------
300. [!] Done At 2019-08-16 07:09:06.605548
301. #######################################################################################################################################
302. [i] Scanning Site: https://210.130.168.131
303.  
304.  
305.  
306. B A S I C I N F O
307. ====================
308.  
309.  
310. [+] Site Title: 丸全昭和運輸株式会社
311. [+] IP address: 210.130.168.131
312. [+] Web Server: Apache
313. [+] CMS: Could Not Detect
314. [+] Cloudflare: Not Detected
315. [+] Robots File: Could NOT Find robots.txt!
316.  
317.  
318.  
319.  
320. W H O I S L O O K U P
321. ========================
322.  
323. [ JPNIC database provides information regarding IP address and ASN. Its use ]
324. [ is restricted to network administration purposes. For further information, ]
325. [ use 'whois -h whois.nic.ad.jp help'. To only display English output, ]
326. [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ]
327.  
328. Network Information:
329. a. [Network Number] 210.130.168.0/24
330. b. [Network Name] IIJNET
331. g. [Organization] IIJ Internet
332. m. [Administrative Contact] JP00010080
333. n. [Technical Contact] JP00010080
334. p. [Nameserver] ns-e.secureweb.jp
335. p. [Nameserver] ns-w.secureweb.jp
336. [Assigned Date] 2015/09/07
337. [Return Date]
338. [Last Update] 2015/09/07 10:32:03(JST)
339.  
340. Less Specific Info.
341. ----------
342. Internet Initiative Japan Inc.
343. [Allocation] 210.130.0.0/16
344.  
345. More Specific Info.
346. ----------
347. No match!!
348.  
349.  
350.  
351.  
352. G E O I P L O O K U P
353. =========================
354.  
355. [i] IP Address: 210.130.168.131
356. [i] Country: Japan
357. [i] State: Tokyo
358. [i] City: Nishiwaseda
359. [i] Latitude: 35.705
360. [i] Longitude: 139.6974
361.  
362.  
363.  
364.  
365. H T T P H E A D E R S
366. =======================
367.  
368.  
369. [i] HTTP/1.1 200 OK
370. [i] Date: Fri, 16 Aug 2019 11:08:47 GMT
371. [i] Server: Apache
372. [i] Last-Modified: Tue, 13 Aug 2019 00:21:03 GMT
373. [i] ETag: "85f046-67c5-58ff49da34355"
374. [i] Accept-Ranges: bytes
375. [i] Content-Length: 26565
376. [i] Connection: close
377. [i] Content-Type: text/html
378.  
379.  
380.  
381.  
382. D N S L O O K U P
383. ===================
384.  
385. no records found
386.  
387.  
388.  
389. S U B N E T C A L C U L A T I O N
390. ====================================
391.  
392. Address = 210.130.168.131
393. Network = 210.130.168.131 / 32
394. Netmask = 255.255.255.255
395. Broadcast = not needed on Point-to-Point links
396. Wildcard Mask = 0.0.0.0
397. Hosts Bits = 0
398. Max. Hosts = 1 (2^0 - 0)
399. Host Range = { 210.130.168.131 - 210.130.168.131 }
400.  
401.  
402.  
403. N M A P P O R T S C A N
404. ============================
405.  
406. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 11:08 UTC
407. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
408. Host is up (0.17s latency).
409.  
410. PORT STATE SERVICE
411. 21/tcp filtered ftp
412. 22/tcp filtered ssh
413. 23/tcp filtered telnet
414. 80/tcp open http
415. 110/tcp filtered pop3
416. 143/tcp filtered imap
417. 443/tcp open https
418. 3389/tcp filtered ms-wbt-server
419.  
420. Nmap done: 1 IP address (1 host up) scanned in 2.86 seconds
421.  
422. #######################################################################################################################################
423. [INFO] ------TARGET info------
424. [*] TARGET: https://www.maruzenshowa.co.jp/
425. [*] Same target https://www.maruzenshowa.co.jp/ was previously analyzed 1 time(s)
426. [*] TARGET IP: 210.130.168.131
427. [INFO] NO load balancer detected for www.maruzenshowa.co.jp...
428. [*] DNS servers: 131.168.130.210.wh.2iij.net. ns-e.secureweb.jp.
429. [*] TARGET server: Apache
430. [*] CC: JP
431. [*] Country: Japan
432. [*] RegionCode: 13
433. [*] RegionName: Tokyo
434. [*] City: Shinjuku
435. [*] ASN: AS2497
436. [*] BGP_PREFIX: 210.130.0.0/16
437. [*] ISP: IIJ Internet Initiative Japan Inc., JP
438. [INFO] SSL/HTTPS certificate detected
439. [*] Issuer: issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign RSA DV SSL CA 2018
440. [*] Subject: subject=C = JP, OU = Domain Control Validated, CN = www.maruzenshowa.co.jp
441. [INFO] DNS enumeration:
442. [*] www2.maruzenshowa.co.jp 133.163.8.37
443. [*] www3.maruzenshowa.co.jp 133.163.8.44
444. [INFO] Possible abuse mails are:
445. [*] abuse@maruzenshowa.co.jp
446. [*] abuse@www.maruzenshowa.co.jp
447. [*] jiro-y@iij.ad.jp
448. [*] nic-sec@iij.ad.jp
449. [INFO] NO PAC (Proxy Auto Configuration) file FOUND
450. [ALERT] robots.txt file FOUND in http://www.maruzenshowa.co.jp/robots.txt
451. [INFO] Checking for HTTP status codes recursively from http://www.maruzenshowa.co.jp/robots.txt
452. [INFO] Status code Folders
453. [INFO] Starting FUZZing in http://www.maruzenshowa.co.jp/FUzZzZzZzZz...
454. [INFO] Status code Folders
455. [*] 200 http://www.maruzenshowa.co.jp/index
456. [*] 200 http://www.maruzenshowa.co.jp/images
457. [*] 200 http://www.maruzenshowa.co.jp/download
458. [*] 200 http://www.maruzenshowa.co.jp/2006
459. [*] 200 http://www.maruzenshowa.co.jp/news
460. [*] 200 http://www.maruzenshowa.co.jp/crack
461. [*] 200 http://www.maruzenshowa.co.jp/serial
462. [*] 200 http://www.maruzenshowa.co.jp/warez
463. [*] 200 http://www.maruzenshowa.co.jp/full
464. [*] 200 http://www.maruzenshowa.co.jp/12
465. [ALERT] Look in the source code. It may contain passwords
466.  
467. Recherche 210.130.168.131
468. Connexion HTTP à 210.130.168.131
469. Envoi de la requête HTTP.
470. Requête HTTP envoyée. Attente de réponse.
471. HTTP/1.1 301 Moved Permanently
472. Transfert de données terminé
473. HTTP/1.1 301 Moved Permanently
474. Utilisation de https://210.130.168.131/
475. Recherche 210.130.168.131
476. Connexion HTTPS à 210.130.168.131
477.  
478. lynx : accès impossible au fichier de départ http://210.130.168.131/
479. [INFO] Links found from https://www.maruzenshowa.co.jp/ http://210.130.168.131/:
480. [*] https://www2.maruzenshowa.co.jp/global/
481. [*] https://www2.maruzenshowa.co.jp/mz3pl_open/
482. [*] https://www2.maruzenshowa.co.jp/mz3pl_open/index2_JP.html
483. [*] https://www.maruzenshowa.co.jp/base/domestic/chubu/index.html
484. [*] https://www.maruzenshowa.co.jp/base/domestic/chugoku_shikoku/index.html
485. [*] https://www.maruzenshowa.co.jp/base/domestic/hokkaido_tohoku/index.html
486. [*] https://www.maruzenshowa.co.jp/base/domestic/kansai/index.html
487. [*] https://www.maruzenshowa.co.jp/base/domestic/kanto/index.html
488. [*] https://www.maruzenshowa.co.jp/base/domestic/kyushu/index.html
489. [*] https://www.maruzenshowa.co.jp/base/global/americas/index.html
490. [*] https://www.maruzenshowa.co.jp/base/global/east_asia/index.html
491. [*] https://www.maruzenshowa.co.jp/base/global/europe/index.html
492. [*] https://www.maruzenshowa.co.jp/base/global/southeast_asia/index.html
493. [*] https://www.maruzenshowa.co.jp/base/index.html
494. [*] https://www.maruzenshowa.co.jp/case/case01.html
495. [*] https://www.maruzenshowa.co.jp/case/case02.html
496. [*] https://www.maruzenshowa.co.jp/case/case03.html
497. [*] https://www.maruzenshowa.co.jp/case/index.html
498. [*] https://www.maruzenshowa.co.jp/ch/index.html
499. [*] https://www.maruzenshowa.co.jp/contact/index.html
500. [*] https://www.maruzenshowa.co.jp/contact/index.php/form/input?item=8
501. [*] https://www.maruzenshowa.co.jp/corporate/business.html
502. [*] https://www.maruzenshowa.co.jp/corporate/group.html
503. [*] https://www.maruzenshowa.co.jp/corporate/history.html
504. [*] https://www.maruzenshowa.co.jp/corporate/index.html
505. [*] https://www.maruzenshowa.co.jp/corporate/internal_control.html
506. [*] https://www.maruzenshowa.co.jp/corporate/introduction.html
507. [*] https://www.maruzenshowa.co.jp/corporate/message.html
508. [*] https://www.maruzenshowa.co.jp/corporate/network/index.html
509. [*] https://www.maruzenshowa.co.jp/corporate/organization.html
510. [*] https://www.maruzenshowa.co.jp/corporate/philosophy.html
511. [*] https://www.maruzenshowa.co.jp/corporate/profile.html
512. [*] https://www.maruzenshowa.co.jp/corporate/yakkan.html
513. [*] https://www.maruzenshowa.co.jp/csr/eco/eco.html
514. [*] https://www.maruzenshowa.co.jp/csr/index.html
515. [*] https://www.maruzenshowa.co.jp/csr/isms/iso27001.html
516. [*] https://www.maruzenshowa.co.jp/csr/safety/gmark.html
517. [*] https://www.maruzenshowa.co.jp/en/index.html
518. [*] https://www.maruzenshowa.co.jp/faq/index.html
519. [*] https://www.maruzenshowa.co.jp/#footContainer
520. [*] https://www.maruzenshowa.co.jp/#globalNav
521. [*] https://www.maruzenshowa.co.jp/index.html
522. [*] https://www.maruzenshowa.co.jp/info/index.html
523. [*] https://www.maruzenshowa.co.jp/info/release20190709_01.html
524. [*] https://www.maruzenshowa.co.jp/ir/index.html
525. [*] https://www.maruzenshowa.co.jp/ir/library.html#anchor01
526. [*] https://www.maruzenshowa.co.jp/ir/library.html#anchor02
527. [*] https://www.maruzenshowa.co.jp/ir/library.html#anchor03
528. [*] https://www.maruzenshowa.co.jp/#mainContents
529. [*] https://www.maruzenshowa.co.jp/#Map
530. [*] https://www.maruzenshowa.co.jp/#Map2
531. [*] https://www.maruzenshowa.co.jp/#Map3
532. [*] https://www.maruzenshowa.co.jp/privacy/index.html
533. [*] https://www.maruzenshowa.co.jp/privacy/specific.html
534. [*] https://www.maruzenshowa.co.jp/recruit/index.html
535. [*] https://www.maruzenshowa.co.jp/service/attention.html
536. [*] https://www.maruzenshowa.co.jp/service/function/3pl/about.html
537. [*] https://www.maruzenshowa.co.jp/service/function/3pl/about.html#anchor01
538. [*] https://www.maruzenshowa.co.jp/service/function/global/index.html
539. [*] https://www.maruzenshowa.co.jp/service/function/global/overseas_plant.html
540. [*] https://www.maruzenshowa.co.jp/service/function/harbor/customs_clearance/aeo.html
541. [*] https://www.maruzenshowa.co.jp/service/function/harbor/index.html
542. [*] https://www.maruzenshowa.co.jp/service/function/machine/engineering.html
543. [*] https://www.maruzenshowa.co.jp/service/function/moving/domestic.html
544. [*] https://www.maruzenshowa.co.jp/service/function/office_relocation.html
545. [*] https://www.maruzenshowa.co.jp/service/function/railroad.html
546. [*] https://www.maruzenshowa.co.jp/service/function/storage.html
547. [*] https://www.maruzenshowa.co.jp/service/function/truck/hazardous_materials.html
548. [*] https://www.maruzenshowa.co.jp/service/function/truck/heavy_load.html
549. [*] https://www.maruzenshowa.co.jp/service/function/truck/index.html
550. [*] https://www.maruzenshowa.co.jp/service/function/truck/precision.html
551. [*] https://www.maruzenshowa.co.jp/service/function/yard_operation.html
552. [*] https://www.maruzenshowa.co.jp/service/index.html
553. [*] https://www.maruzenshowa.co.jp/service/industry/apparel.html
554. [*] https://www.maruzenshowa.co.jp/service/industry/building_material.html
555. [*] https://www.maruzenshowa.co.jp/service/industry/construction_equipment.html
556. [*] https://www.maruzenshowa.co.jp/service/industry/household_goods.html
557. [*] https://www.maruzenshowa.co.jp/service/industry/petrochemistry.html
558. [*] https://www.maruzenshowa.co.jp/service/industry/steel.html
559. [*] https://www.maruzenshowa.co.jp/service/purpose/efficiency.html
560. [*] https://www.maruzenshowa.co.jp/service/purpose/outsourcing.html
561. [*] https://www.maruzenshowa.co.jp/service/warehouse.html
562. [*] https://www.maruzenshowa.co.jp/sitemap/index.html
563. [*] https://www.maruzenshowa.co.jp/solution/index.html
564. [*] https://www.maruzenshowa.co.jp/strength/index.html
565. [*] https://www.maruzenshowa.co.jp/strength/it.html
566. [*] https://www.maruzenshowa.co.jp/strength/network.html
567. [*] https://www.maruzenshowa.co.jp/strength/operation.html
568. [*] https://www.maruzenshowa.co.jp/strength/solution.html
569. [*] https://www.maruzenshowa.co.jp/terms/index.html
570. [*] https://www.yahoo.co.jp/
571. [INFO] GOOGLE has 1,520 results (0.24 seconds) about http://www.maruzenshowa.co.jp/
572. [INFO] BING shows 210.130.168.131 is shared with 14 hosts/vhosts
573. [INFO] Shodan detected the following opened ports on 210.130.168.131:
574. [*] 443
575. [*] 80
576. [INFO] ------VirusTotal SECTION------
577. [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
578. [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
579. [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
580. [INFO] ------Alexa Rank SECTION------
581. [INFO] Percent of Visitors Rank in Country:
582. [INFO] Percent of Search Traffic:
583. [INFO] Percent of Unique Visits:
584. [INFO] Total Sites Linking In:
585. [*] Total Sites
586. [INFO] Useful links related to www.maruzenshowa.co.jp - 210.130.168.131:
587. [*] https://www.virustotal.com/pt/ip-address/210.130.168.131/information/
588. [*] https://www.hybrid-analysis.com/search?host=210.130.168.131
589. [*] https://www.shodan.io/host/210.130.168.131
590. [*] https://www.senderbase.org/lookup/?search_string=210.130.168.131
591. [*] https://www.alienvault.com/open-threat-exchange/ip/210.130.168.131
592. [*] http://pastebin.com/search?q=210.130.168.131
593. [*] http://urlquery.net/search.php?q=210.130.168.131
594. [*] http://www.alexa.com/siteinfo/www.maruzenshowa.co.jp
595. [*] http://www.google.com/safebrowsing/diagnostic?site=www.maruzenshowa.co.jp
596. [*] https://censys.io/ipv4/210.130.168.131
597. [*] https://www.abuseipdb.com/check/210.130.168.131
598. [*] https://urlscan.io/search/#210.130.168.131
599. [*] https://github.com/search?q=210.130.168.131&type=Code
600. [INFO] Useful links related to AS2497 - 210.130.0.0/16:
601. [*] http://www.google.com/safebrowsing/diagnostic?site=AS:2497
602. [*] https://www.senderbase.org/lookup/?search_string=210.130.0.0/16
603. [*] http://bgp.he.net/AS2497
604. [*] https://stat.ripe.net/AS2497
605. [INFO] Date: 16/08/19 | Time: 07:10:02
606. [INFO] Total time: 1 minute(s) and 3 second(s)
607. #######################################################################################################################################
608. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16182
609. ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 1
610.  
611. ;; QUESTION SECTION:
612. ;maruzenshowa.co.jp. IN ANY
613.  
614. ;; ANSWER SECTION:
615. maruzenshowa.co.jp. 3600 IN MX 10 mx.securemx.jp.
616. maruzenshowa.co.jp. 3600 IN SOA dns.maruzenshowa.co.jp. admin.maruzenshowa.co.jp. 286018204 900 600 86400 3600
617. maruzenshowa.co.jp. 3600 IN NS dns.maruzenshowa.co.jp.
618. maruzenshowa.co.jp. 3600 IN NS ns.center.web.ad.jp.
619.  
620. ;; AUTHORITY SECTION:
621. maruzenshowa.co.jp. 3600 IN NS dns.maruzenshowa.co.jp.
622. maruzenshowa.co.jp. 3600 IN NS ns.center.web.ad.jp.
623.  
624. ;; ADDITIONAL SECTION:
625. dns.maruzenshowa.co.jp. 43200 IN A 133.163.8.35
626.  
627. Received 199 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 240 ms
628. #######################################################################################################################################
629.  
630. ; <<>> DiG 9.11.5-P4-5.1-Debian <<>> +trace maruzenshowa.co.jp
631. ;; global options: +cmd
632. . 82047 IN NS j.root-servers.net.
633. . 82047 IN NS d.root-servers.net.
634. . 82047 IN NS k.root-servers.net.
635. . 82047 IN NS m.root-servers.net.
636. . 82047 IN NS g.root-servers.net.
637. . 82047 IN NS e.root-servers.net.
638. . 82047 IN NS l.root-servers.net.
639. . 82047 IN NS f.root-servers.net.
640. . 82047 IN NS a.root-servers.net.
641. . 82047 IN NS h.root-servers.net.
642. . 82047 IN NS c.root-servers.net.
643. . 82047 IN NS i.root-servers.net.
644. . 82047 IN NS b.root-servers.net.
645. . 82047 IN RRSIG NS 8 0 518400 20190829050000 20190816040000 59944 . kV7y2yGYXS6fL1G1naDnxwTN1rM3R79H6rkZlcLPJYoxk/VBkDsQsuPd Uk8uisoTbb8s1gcs1E/6BvkAbfp8NBAdrBLVjx4Xw6htJgZPZrZp4ieZ HejBaiTbXGpqtNOPF/kBUK3GhN+JAQ2g2BL5BheBVtSazTbsjINRqBPz oi5pOV5ekJQVqJrq+BQn5IqwIy+l441gTNVeXVSD+zayfbjldwvexLqN 9WWxJL/CUsHEDVLRAUIexceaPp3/hj1+H18Bicu+wXdiyfo6ePfRizRD vlPYDg2H207Vc6Y0pWxz+wZ+8BWZgTwoBVs3SJnwCDLjiuvkA2tADQD2 xQ75OQ==
646. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 44 ms
647.  
648. jp. 172800 IN NS c.dns.jp.
649. jp. 172800 IN NS h.dns.jp.
650. jp. 172800 IN NS a.dns.jp.
651. jp. 172800 IN NS f.dns.jp.
652. jp. 172800 IN NS g.dns.jp.
653. jp. 172800 IN NS d.dns.jp.
654. jp. 172800 IN NS e.dns.jp.
655. jp. 172800 IN NS b.dns.jp.
656. jp. 86400 IN DS 54004 8 1 0EC348CC7E6D3213CC89E5867088043FC7D5C111
657. jp. 86400 IN DS 54004 8 2 5F4B24F667BC70880720D10DF317DC8FF80C63E586D504E6BBFE53F0 B9ECC040
658. jp. 86400 IN RRSIG DS 8 1 86400 20190829050000 20190816040000 59944 . gZOXiPyymgNbZW49tQDAqtyaz2sH6d3kCC8f6LcklkH04GDLj8vclcUo YLgbby/fX6z3B/tMyGSuSuWQNOIU6MfTohsg7Qj5tA04BQrsynolmnAC 8kIocRZnZuFPbHMacvFp4uAmX9VSLnuPAAFfOymXdYLvCdTNxKwEWn47 G+iTQZWLcBSW+Lz4+dBTKz2L52Uulbg53tJId+LGIn8b3TItO5z4bkWX vIa8Y4rroukF/Ir8THFgvOaVVuPjA6tJQ2T93Yyd1rTyGlNFCHyCi8cl ug+EwTwfWQ8FKiKqTky5o7viqepvyRQ85hI4DJ/kmqozQJf5Cu81Zzxh kJunww==
659. ;; Received 878 bytes from 193.0.14.129#53(k.root-servers.net) in 65 ms
660.  
661. maruzenshowa.co.jp. 86400 IN NS ns.center.web.ad.jp.
662. maruzenshowa.co.jp. 86400 IN NS dns.maruzenshowa.co.jp.
663. 164JL7ORRH9OM5ON9FAG2RJU9P2JEN2C.jp. 900 IN NSEC3 1 1 8 55EA52037A 16PQ91RI7IEQEKSCLD29L9RGGO987Q23 TXT RRSIG
664. 164JL7ORRH9OM5ON9FAG2RJU9P2JEN2C.jp. 900 IN RRSIG NSEC3 8 2 900 20190909174502 20190810174502 41763 jp. upgfeGrO/MVDRlOfwHm+m0ZNZV5wyebpIO6DXJq9P7l7tf4IjnvdG9yc H8TqfkiO6Ty9vqvh0b17rzkVPaaLgUg+Qm4JXuWuun4GFGn++pDpges3 TnSrcoqxYjRp037Qtfcx7ev8gjXlTH2pIlEs5/MaU4jTVAJmaQUzK5da xiw=
665. FFPRGDG3RLC2FVEC10KHLJ611RRD214V.jp. 900 IN NSEC3 1 1 8 55EA52037A FGHTGTLOGJNNC2IKFD52IQPGLS2D7459 TXT RRSIG
666. FFPRGDG3RLC2FVEC10KHLJ611RRD214V.jp. 900 IN RRSIG NSEC3 8 2 900 20190909174502 20190810174502 41763 jp. 180R4XfhiSzquztbiZXsbiQ17L4dCWhXp5vG2uKc39Z8tD59RoMGO4PV Lsn2jECr0MfeEn+ZoLgSztkeE/LKApIOGStBM7jvTa8g6pbi/tcMFTr2 0Y1wVcyurkF/eP+jDkKMo+Icude68ZISyIoQQ+SzIIXFng1teZS5l43g 8VU=
667. ;; Received 632 bytes from 203.119.1.1#53(a.dns.jp) in 243 ms
668.  
669. ;; Received 75 bytes from 133.163.8.35#53(dns.maruzenshowa.co.jp) in 248 ms
670.  
671. #######################################################################################################################################
672. [*] Performing General Enumeration of Domain: maruzenshowa.co.jp
673. [-] DNSSEC is not configured for maruzenshowa.co.jp
674. [*] SOA dns.maruzenshowa.co.jp 133.163.8.35
675. [*] NS dns.maruzenshowa.co.jp 133.163.8.35
676. [*] NS ns.center.web.ad.jp 202.248.0.34
677. [*] Bind Version for 202.248.0.34
678. [*] MX mx.securemx.jp 210.130.202.98
679. [*] MX mx.securemx.jp 210.130.202.97
680. [*] MX mx.securemx.jp 210.130.202.122
681. [*] MX mx.securemx.jp 210.130.202.123
682. [*] Enumerating SRV Records
683. [-] No SRV Records Found for maruzenshowa.co.jp
684. [+] 0 Records Found
685. #######################################################################################################################################
686. [*] Processing domain maruzenshowa.co.jp
687. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
688. [+] Getting nameservers
689. 133.163.8.35 - dns.maruzenshowa.co.jp
690. 202.248.0.34 - ns.center.web.ad.jp
691. [-] Zone transfer failed
692.  
693. [+] MX records found, added to target list
694. 10 mx.securemx.jp.
695.  
696. [*] Scanning maruzenshowa.co.jp for A records
697. 133.163.8.35 - dns.maruzenshowa.co.jp
698. 133.163.8.34 - fw.maruzenshowa.co.jp
699. 203.180.184.176 - proxy.maruzenshowa.co.jp
700. 202.7.99.225 - smtp.maruzenshowa.co.jp
701. 210.130.168.131 - www.maruzenshowa.co.jp
702. 133.163.8.37 - www2.maruzenshowa.co.jp
703. 133.163.8.44 - www3.maruzenshowa.co.jp
704. 133.163.8.35 - www1.maruzenshowa.co.jp
705. #######################################################################################################################################
706.  
707.  
708.  
709. AVAILABLE PLUGINS
710. -----------------
711.  
712. RobotPlugin
713. EarlyDataPlugin
714. OpenSslCipherSuitesPlugin
715. CertificateInfoPlugin
716. HeartbleedPlugin
717. SessionResumptionPlugin
718. SessionRenegotiationPlugin
719. CompressionPlugin
720. HttpHeadersPlugin
721. OpenSslCcsInjectionPlugin
722. FallbackScsvPlugin
723.  
724.  
725.  
726. CHECKING HOST(S) AVAILABILITY
727. -----------------------------
728.  
729. 210.130.168.131:443 => 210.130.168.131
730.  
731.  
732.  
733.  
734. SCAN RESULTS FOR 210.130.168.131:443 - 210.130.168.131
735. ------------------------------------------------------
736.  
737. * Downgrade Attacks:
738. TLS_FALLBACK_SCSV: OK - Supported
739.  
740. * TLSV1_3 Cipher Suites:
741. Server rejected all cipher suites.
742.  
743. * OpenSSL CCS Injection:
744. OK - Not vulnerable to OpenSSL CCS injection
745.  
746. * TLS 1.2 Session Resumption Support:
747. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
748. With TLS Tickets: OK - Supported
749.  
750. * ROBOT Attack:
751. OK - Not vulnerable
752.  
753. * OpenSSL Heartbleed:
754. OK - Not vulnerable to Heartbleed
755.  
756. * TLSV1_1 Cipher Suites:
757. Forward Secrecy OK - Supported
758. RC4 INSECURE - Supported
759.  
760. Preferred:
761. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
762. Accepted:
763. TLS_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
764. TLS_RSA_WITH_RC4_128_MD5 128 bits HTTP 200 OK
765. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
766. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
767. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
768. TLS_ECDHE_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
769. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
770. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
771. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
772.  
773. * TLSV1_2 Cipher Suites:
774. Forward Secrecy OK - Supported
775. RC4 INSECURE - Supported
776.  
777. Preferred:
778. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
779. Accepted:
780. TLS_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
781. TLS_RSA_WITH_RC4_128_MD5 128 bits HTTP 200 OK
782. TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
783. TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
784. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
785. TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
786. TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
787. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
788. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
789. TLS_ECDHE_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
790. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
791. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
792. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
793. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
794. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
795. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
796. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
797.  
798. * Certificate Information:
799. Content
800. SHA1 Fingerprint: a42616c4805b5996c74f6084d5e693f8caa9d9b5
801. Common Name: www.maruzenshowa.co.jp
802. Issuer: GlobalSign RSA DV SSL CA 2018
803. Serial Number: 30871468833848103726574911765
804. Not Before: 2019-08-08 00:25:39
805. Not After: 2021-08-15 04:03:49
806. Signature Algorithm: sha256
807. Public Key Algorithm: RSA
808. Key Size: 2048
809. Exponent: 65537 (0x10001)
810. DNS Subject Alternative Names: ['www.maruzenshowa.co.jp', 'maruzenshowa.co.jp']
811.  
812. Trust
813. Hostname Validation: FAILED - Certificate does NOT match 210.130.168.131
814. Android CA Store (9.0.0_r9): OK - Certificate is trusted
815. iOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
816. Java CA Store (jdk-11.0.2): OK - Certificate is trusted
817. macOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
818. Mozilla CA Store (2018-11-22): OK - Certificate is trusted
819. OPENJDK CA Store (jdk-11.0.2): OK - Certificate is trusted
820. Windows CA Store (2018-12-08): OK - Certificate is trusted
821. Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
822. Received Chain: www.maruzenshowa.co.jp --> GlobalSign RSA DV SSL CA 2018
823. Verified Chain: www.maruzenshowa.co.jp --> GlobalSign RSA DV SSL CA 2018 --> GlobalSign
824. Received Chain Contains Anchor: OK - Anchor certificate not sent
825. Received Chain Order: OK - Order is valid
826. Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
827.  
828. Extensions
829. OCSP Must-Staple: NOT SUPPORTED - Extension not found
830. Certificate Transparency: OK - 3 SCTs included
831.  
832. OCSP Stapling
833. NOT SUPPORTED - Server did not send back an OCSP response
834.  
835. * TLSV1 Cipher Suites:
836. Forward Secrecy OK - Supported
837. RC4 INSECURE - Supported
838.  
839. Preferred:
840. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
841. Accepted:
842. TLS_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
843. TLS_RSA_WITH_RC4_128_MD5 128 bits HTTP 200 OK
844. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
845. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
846. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
847. TLS_ECDHE_RSA_WITH_RC4_128_SHA 128 bits HTTP 200 OK
848. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
849. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
850. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
851.  
852. * Session Renegotiation:
853. Client-initiated Renegotiation: OK - Rejected
854. Secure Renegotiation: OK - Supported
855.  
856. * Deflate Compression:
857. OK - Compression disabled
858.  
859. * SSLV2 Cipher Suites:
860. Server rejected all cipher suites.
861.  
862. * SSLV3 Cipher Suites:
863. Server rejected all cipher suites.
864.  
865.  
866. SCAN COMPLETED IN 17.44 S
867. -------------------------
868. #######################################################################################################################################
869.  
870. Domains still to check: 1
871. Checking if the hostname maruzenshowa.co.jp. given is in fact a domain...
872.  
873. Analyzing domain: maruzenshowa.co.jp.
874. Checking NameServers using system default resolver...
875. IP: 133.163.8.35 (Japan)
876. HostName: dns.maruzenshowa.co.jp Type: NS
877. HostName: www1.maruzenshowa.co.jp Type: PTR
878. IP: 202.248.0.34 (Japan)
879. HostName: ns.center.web.ad.jp Type: NS
880. HostName: ns.center.web.ad.jp Type: PTR
881.  
882. Checking MailServers using system default resolver...
883. IP: 210.130.202.98 (Japan)
884. HostName: mx.securemx.jp Type: MX
885. HostName: mx31.securemx.jp Type: PTR
886. IP: 210.130.202.97 (Japan)
887. HostName: mx.securemx.jp Type: MX
888. HostName: mx30.securemx.jp Type: PTR
889. IP: 210.130.202.122 (Japan)
890. HostName: mx.securemx.jp Type: MX
891. HostName: mx10.securemx.jp Type: PTR
892. IP: 210.130.202.123 (Japan)
893. HostName: mx.securemx.jp Type: MX
894. HostName: mx11.securemx.jp Type: PTR
895.  
896. Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
897. No zone transfer found on nameserver 202.248.0.34
898. No zone transfer found on nameserver 133.163.8.35
899.  
900. Checking SPF record...
901. No SPF record
902.  
903. Checking 192 most common hostnames using system default resolver...
904. IP: 210.130.168.131 (Japan)
905. HostName: www.maruzenshowa.co.jp. Type: A
906. IP: 133.163.8.34 (Japan)
907. HostName: fw.maruzenshowa.co.jp. Type: A
908. IP: 133.163.8.35 (Japan)
909. HostName: dns.maruzenshowa.co.jp Type: NS
910. HostName: www1.maruzenshowa.co.jp Type: PTR
911. HostName: dns.maruzenshowa.co.jp. Type: A
912. IP: 202.7.99.225 (Japan)
913. HostName: smtp.maruzenshowa.co.jp. Type: A
914. IP: 203.180.184.176 (Japan)
915. Sub Domain: proxy.maruzenshowa.co.jp. <- New Subdomain!
916. HostName: proxy.maruzenshowa.co.jp. Type: A
917. HostName: proxy.maruzenshowa.co.jp Type: PTR
918. IP: 133.163.8.35 (Japan)
919. HostName: dns.maruzenshowa.co.jp Type: NS
920. HostName: www1.maruzenshowa.co.jp Type: PTR
921. HostName: dns.maruzenshowa.co.jp. Type: A
922. HostName: www1.maruzenshowa.co.jp. Type: A
923. IP: 133.163.8.37 (Japan)
924. HostName: www2.maruzenshowa.co.jp. Type: A
925. IP: 133.163.8.44 (Japan)
926. HostName: www3.maruzenshowa.co.jp. Type: A
927.  
928. Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
929. Checking netblock 210.130.202.0
930. Checking netblock 202.248.0.0
931. Checking netblock 133.163.8.0
932. Checking netblock 203.180.184.0
933. Checking netblock 202.7.99.0
934. Checking netblock 210.130.168.0
935.  
936. Searching for maruzenshowa.co.jp. emails in Google
937. taro-maruzen@maruzenshowa.co.jp
938. sales-abroad@maruzenshowa.co.jp.
939. s-kabushiki@maruzenshowa.co.jp&
940.  
941. Checking 12 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
942. Host 210.130.202.97 is up (reset ttl 64)
943. Host 202.248.0.34 is up (reset ttl 64)
944. Host 210.130.202.98 is up (reset ttl 64)
945. Host 133.163.8.34 is up (reset ttl 64)
946. Host 133.163.8.35 is up (reset ttl 64)
947. Host 210.130.202.123 is up (reset ttl 64)
948. Host 210.130.202.122 is up (reset ttl 64)
949. Host 203.180.184.176 is up (reset ttl 64)
950. Host 202.7.99.225 is up (reset ttl 64)
951. Host 210.130.168.131 is up (reset ttl 64)
952. Host 133.163.8.37 is up (reset ttl 64)
953. Host 133.163.8.44 is up (reset ttl 64)
954.  
955. Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
956. Scanning ip 210.130.202.97 (mx30.securemx.jp (PTR)):
957. Device type: storage-misc|general purpose
958. Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
959. Scanning ip 202.248.0.34 (ns.center.web.ad.jp (PTR)):
960. 53/tcp open domain syn-ack ttl 43 (unknown banner:)
961. | dns-nsid:
962. |_ bind.version:
963. | fingerprint-strings:
964. | DNSVersionBindReqTCP:
965. | version
966. |_ bind
967. Scanning ip 210.130.202.98 (mx31.securemx.jp (PTR)):
968. Device type: storage-misc|general purpose
969. Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
970. Scanning ip 133.163.8.34 (fw.maruzenshowa.co.jp.):
971. Scanning ip 133.163.8.35 (www1.maruzenshowa.co.jp.):
972. 53/tcp open domain? syn-ack ttl 105
973. | fingerprint-strings:
974. | DNSVersionBindReqTCP:
975. | version
976. |_ bind
977. Scanning ip 210.130.202.123 (mx11.securemx.jp (PTR)):
978. Running: Sun Solaris 10|8
979. Scanning ip 210.130.202.122 (mx10.securemx.jp (PTR)):
980. Device type: storage-misc|general purpose
981. Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
982. Scanning ip 203.180.184.176 (proxy.maruzenshowa.co.jp (PTR)):
983. Scanning ip 202.7.99.225 (smtp.maruzenshowa.co.jp.):
984. Scanning ip 210.130.168.131 (www.maruzenshowa.co.jp.):
985. 80/tcp open tcpwrapped syn-ack ttl 237
986. | http-methods:
987. |_ Supported Methods: GET HEAD POST OPTIONS
988. |_http-server-header: Apache
989. |_http-title: Did not follow redirect to https://210.130.168.131/
990. 443/tcp open tcpwrapped syn-ack ttl 237
991. | http-methods:
992. |_ Supported Methods: GET HEAD POST OPTIONS
993. | ssl-cert: Subject: commonName=www.maruzenshowa.co.jp/countryName=JP
994. | Subject Alternative Name: DNS:www.maruzenshowa.co.jp, DNS:maruzenshowa.co.jp
995. | Issuer: commonName=GlobalSign RSA DV SSL CA 2018/organizationName=GlobalSign nv-sa/countryName=BE
996. | Public Key type: rsa
997. | Public Key bits: 2048
998. | Signature Algorithm: sha256WithRSAEncryption
999. | Not valid before: 2019-08-08T00:25:39
1000. | Not valid after: 2021-08-15T04:03:49
1001. | MD5: 08e6 ff79 1102 3006 f5aa 7a6a 7d4c 8c14
1002. |_SHA-1: a426 16c4 805b 5996 c74f 6084 d5e6 93f8 caa9 d9b5
1003. |_ssl-date: 2019-08-16T11:22:17+00:00; +4s from scanner time.
1004. Device type: general purpose|load balancer
1005. |_clock-skew: mean: 3s, deviation: 0s, median: 3s
1006. Scanning ip 133.163.8.37 (www2.maruzenshowa.co.jp.):
1007. 443/tcp open ssl/https syn-ack ttl 233
1008. | fingerprint-strings:
1009. | FourOhFourRequest:
1010. | HTTP/1.1 404 Not Found
1011. | Set-Cookie: FJNADDSPID=0tuUrV; expires=Fri, 16-Aug-2019 14:27:51 GMT; path=/
1012. | Date: Fri, 16 Aug 2019 11:22:51 GMT
1013. | Content-Length: 225
1014. | Connection: close
1015. | Content-Type: text/html; charset=iso-8859-1
1016. | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1017. | <html><head>
1018. | <title>404 Not Found</title>
1019. | </head><body>
1020. | <h1>Not Found</h1>
1021. | <p>The requested URL /nice ports,/Trinity.txt.bak was not found on this server.</p>
1022. | </body></html>
1023. | GetRequest:
1024. | HTTP/1.1 200 OK
1025. | Set-Cookie: FJNADDSPID=0tuUrT; expires=Fri, 16-Aug-2019 14:27:49 GMT; path=/
1026. | Date: Fri, 16 Aug 2019 11:22:49 GMT
1027. | Last-Modified: Fri, 11 Jun 2004 11:34:58 GMT
1028. | ETag: "1bedd-8f-210e7c80"
1029. | Accept-Ranges: bytes
1030. | Content-Length: 143
1031. | Connection: close
1032. | Content-Type: text/html
1033. | <html>
1034. | <head>
1035. | <meta http-equiv="Pragma" content="no-cache" />
1036. | <meta http-equiv="Refresh" content="0;URL=/mz3pl_open/" />
1037. | </head>
1038. | </html>
1039. | HTTPOptions:
1040. | HTTP/1.1 200 OK
1041. | Set-Cookie: FJNADDSPID=0tuUrU; expires=Fri, 16-Aug-2019 14:27:50 GMT; path=/
1042. | Date: Fri, 16 Aug 2019 11:22:50 GMT
1043. | Allow: GET,HEAD,POST,OPTIONS
1044. | Content-Length: 0
1045. | Connection: close
1046. | Content-Type: text/html
1047. | RTSPRequest:
1048. | HTTP/1.1 200 OK
1049. | Set-Cookie: FJNADDSPID=0tuUrX; expires=Fri, 16-Aug-2019 14:28:03 GMT; path=/
1050. | Date: Fri, 16 Aug 2019 11:23:03 GMT
1051. | Allow: GET,HEAD,POST,OPTIONS
1052. | Content-Length: 0
1053. | Connection: close
1054. | Content-Type: text/html
1055. | SSLSessionReq:
1056. | HTTP/1.1 400 Bad Request
1057. | Set-Cookie: FJNADDSPID=0tuUra; expires=Fri, 16-Aug-2019 14:28:28 GMT; path=/
1058. | Date: Fri, 16 Aug 2019 11:23:28 GMT
1059. | Content-Length: 226
1060. | Connection: close
1061. | Content-Type: text/html; charset=iso-8859-1
1062. | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1063. | <html><head>
1064. | <title>400 Bad Request</title>
1065. | </head><body>
1066. | <h1>Bad Request</h1>
1067. | <p>Your browser sent a request that this server could not understand.<br />
1068. | </p>
1069. |_ </body></html>
1070. | http-methods:
1071. |_ Supported Methods: POST OPTIONS
1072. |_http-title: Site doesn't have a title (text/html).
1073. | ssl-cert: Subject: commonName=www2.maruzenshowa.co.jp/organizationName=Maruzen Showa Unyu co.,ltd/stateOrProvinceName=KANAGAWA/countryName=JP
1074. | Subject Alternative Name: DNS:www2.maruzenshowa.co.jp
1075. | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1076. | Public Key type: rsa
1077. | Public Key bits: 2048
1078. | Signature Algorithm: sha256WithRSAEncryption
1079. | Not valid before: 2018-08-13T00:00:00
1080. | Not valid after: 2020-10-01T12:00:00
1081. | MD5: e017 8723 3604 af3d 5eee c7c2 77bb c838
1082. |_SHA-1: 14ac d6ff b4e0 b7f9 be8d ce0d f6d0 8f7d 9fea 6e97
1083. |_ssl-date: 2019-08-16T11:24:54+00:00; +4s from scanner time.
1084. Scanning ip 133.163.8.44 (www3.maruzenshowa.co.jp.):
1085. WebCrawling domain's web servers... up to 50 max links.
1086.  
1087. + URL to crawl: http://www2.maruzenshowa.co.jp.:443
1088. + Date: 2019-08-16
1089.  
1090. + Crawling URL: http://www2.maruzenshowa.co.jp.:443:
1091. + Links:
1092. + Crawling http://www2.maruzenshowa.co.jp.:443
1093. + Searching for directories...
1094. + Searching open folders...
1095.  
1096. --Finished--
1097. Summary information for domain maruzenshowa.co.jp.
1098. -----------------------------------------
1099. Domain Specific Information:
1100. Email: taro-maruzen@maruzenshowa.co.jp
1101. Email: sales-abroad@maruzenshowa.co.jp.
1102. Email: s-kabushiki@maruzenshowa.co.jp&
1103.  
1104. Domain Ips Information:
1105. IP: 210.130.202.97
1106. HostName: mx.securemx.jp Type: MX
1107. HostName: mx30.securemx.jp Type: PTR
1108. Country: Japan
1109. Is Active: True (reset ttl 64)
1110. Script Info: Device type: storage-misc|general purpose
1111. Script Info: Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
1112. IP: 202.248.0.34
1113. HostName: ns.center.web.ad.jp Type: NS
1114. HostName: ns.center.web.ad.jp Type: PTR
1115. Country: Japan
1116. Is Active: True (reset ttl 64)
1117. Port: 53/tcp open domain syn-ack ttl 43 (unknown banner:)
1118. Script Info: | dns-nsid:
1119. Script Info: |_ bind.version:
1120. Script Info: | fingerprint-strings:
1121. Script Info: | DNSVersionBindReqTCP:
1122. Script Info: | version
1123. Script Info: |_ bind
1124. IP: 210.130.202.98
1125. HostName: mx.securemx.jp Type: MX
1126. HostName: mx31.securemx.jp Type: PTR
1127. Country: Japan
1128. Is Active: True (reset ttl 64)
1129. Script Info: Device type: storage-misc|general purpose
1130. Script Info: Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
1131. IP: 133.163.8.34
1132. HostName: fw.maruzenshowa.co.jp. Type: A
1133. Country: Japan
1134. Is Active: True (reset ttl 64)
1135. IP: 133.163.8.35
1136. HostName: dns.maruzenshowa.co.jp Type: NS
1137. HostName: www1.maruzenshowa.co.jp Type: PTR
1138. HostName: dns.maruzenshowa.co.jp. Type: A
1139. HostName: www1.maruzenshowa.co.jp. Type: A
1140. Country: Japan
1141. Is Active: True (reset ttl 64)
1142. Port: 53/tcp open domain? syn-ack ttl 105
1143. Script Info: | fingerprint-strings:
1144. Script Info: | DNSVersionBindReqTCP:
1145. Script Info: | version
1146. Script Info: |_ bind
1147. IP: 210.130.202.123
1148. HostName: mx.securemx.jp Type: MX
1149. HostName: mx11.securemx.jp Type: PTR
1150. Country: Japan
1151. Is Active: True (reset ttl 64)
1152. Script Info: Running: Sun Solaris 10|8
1153. IP: 210.130.202.122
1154. HostName: mx.securemx.jp Type: MX
1155. HostName: mx10.securemx.jp Type: PTR
1156. Country: Japan
1157. Is Active: True (reset ttl 64)
1158. Script Info: Device type: storage-misc|general purpose
1159. Script Info: Running: Sun embedded, Sun OpenSolaris, Sun Solaris 10|8|9
1160. IP: 203.180.184.176
1161. Sub Domain: proxy.maruzenshowa.co.jp.
1162. HostName: proxy.maruzenshowa.co.jp. Type: A
1163. HostName: proxy.maruzenshowa.co.jp Type: PTR
1164. Country: Japan
1165. Is Active: True (reset ttl 64)
1166. IP: 202.7.99.225
1167. HostName: smtp.maruzenshowa.co.jp. Type: A
1168. Country: Japan
1169. Is Active: True (reset ttl 64)
1170. IP: 210.130.168.131
1171. HostName: www.maruzenshowa.co.jp. Type: A
1172. Country: Japan
1173. Is Active: True (reset ttl 64)
1174. Port: 80/tcp open tcpwrapped syn-ack ttl 237
1175. Script Info: | http-methods:
1176. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1177. Script Info: |_http-server-header: Apache
1178. Script Info: |_http-title: Did not follow redirect to https://210.130.168.131/
1179. Port: 443/tcp open tcpwrapped syn-ack ttl 237
1180. Script Info: | http-methods:
1181. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1182. Script Info: | ssl-cert: Subject: commonName=www.maruzenshowa.co.jp/countryName=JP
1183. Script Info: | Subject Alternative Name: DNS:www.maruzenshowa.co.jp, DNS:maruzenshowa.co.jp
1184. Script Info: | Issuer: commonName=GlobalSign RSA DV SSL CA 2018/organizationName=GlobalSign nv-sa/countryName=BE
1185. Script Info: | Public Key type: rsa
1186. Script Info: | Public Key bits: 2048
1187. Script Info: | Signature Algorithm: sha256WithRSAEncryption
1188. Script Info: | Not valid before: 2019-08-08T00:25:39
1189. Script Info: | Not valid after: 2021-08-15T04:03:49
1190. Script Info: | MD5: 08e6 ff79 1102 3006 f5aa 7a6a 7d4c 8c14
1191. Script Info: |_SHA-1: a426 16c4 805b 5996 c74f 6084 d5e6 93f8 caa9 d9b5
1192. Script Info: |_ssl-date: 2019-08-16T11:22:17+00:00; +4s from scanner time.
1193. Script Info: Device type: general purpose|load balancer
1194. Script Info: |_clock-skew: mean: 3s, deviation: 0s, median: 3s
1195. IP: 133.163.8.37
1196. HostName: www2.maruzenshowa.co.jp. Type: A
1197. Country: Japan
1198. Is Active: True (reset ttl 64)
1199. Port: 443/tcp open ssl/https syn-ack ttl 233
1200. Script Info: | fingerprint-strings:
1201. Script Info: | FourOhFourRequest:
1202. Script Info: | HTTP/1.1 404 Not Found
1203. Script Info: | Set-Cookie: FJNADDSPID=0tuUrV; expires=Fri, 16-Aug-2019 14:27:51 GMT; path=/
1204. Script Info: | Date: Fri, 16 Aug 2019 11:22:51 GMT
1205. Script Info: | Content-Length: 225
1206. Script Info: | Connection: close
1207. Script Info: | Content-Type: text/html; charset=iso-8859-1
1208. Script Info: | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1209. Script Info: | <html><head>
1210. Script Info: | <title>404 Not Found</title>
1211. Script Info: | </head><body>
1212. Script Info: | <h1>Not Found</h1>
1213. Script Info: | <p>The requested URL /nice ports,/Trinity.txt.bak was not found on this server.</p>
1214. Script Info: | </body></html>
1215. Script Info: | GetRequest:
1216. Script Info: | HTTP/1.1 200 OK
1217. Script Info: | Set-Cookie: FJNADDSPID=0tuUrT; expires=Fri, 16-Aug-2019 14:27:49 GMT; path=/
1218. Script Info: | Date: Fri, 16 Aug 2019 11:22:49 GMT
1219. Script Info: | Last-Modified: Fri, 11 Jun 2004 11:34:58 GMT
1220. Script Info: | ETag: "1bedd-8f-210e7c80"
1221. Script Info: | Accept-Ranges: bytes
1222. Script Info: | Content-Length: 143
1223. Script Info: | Connection: close
1224. Script Info: | Content-Type: text/html
1225. Script Info: | <html>
1226. Script Info: | <head>
1227. Script Info: | <meta http-equiv="Pragma" content="no-cache" />
1228. Script Info: | <meta http-equiv="Refresh" content="0;URL=/mz3pl_open/" />
1229. Script Info: | </head>
1230. Script Info: | </html>
1231. Script Info: | HTTPOptions:
1232. Script Info: | HTTP/1.1 200 OK
1233. Script Info: | Set-Cookie: FJNADDSPID=0tuUrU; expires=Fri, 16-Aug-2019 14:27:50 GMT; path=/
1234. Script Info: | Date: Fri, 16 Aug 2019 11:22:50 GMT
1235. Script Info: | Allow: GET,HEAD,POST,OPTIONS
1236. Script Info: | Content-Length: 0
1237. Script Info: | Connection: close
1238. Script Info: | Content-Type: text/html
1239. Script Info: | RTSPRequest:
1240. Script Info: | HTTP/1.1 200 OK
1241. Script Info: | Set-Cookie: FJNADDSPID=0tuUrX; expires=Fri, 16-Aug-2019 14:28:03 GMT; path=/
1242. Script Info: | Date: Fri, 16 Aug 2019 11:23:03 GMT
1243. Script Info: | Allow: GET,HEAD,POST,OPTIONS
1244. Script Info: | Content-Length: 0
1245. Script Info: | Connection: close
1246. Script Info: | Content-Type: text/html
1247. Script Info: | SSLSessionReq:
1248. Script Info: | HTTP/1.1 400 Bad Request
1249. Script Info: | Set-Cookie: FJNADDSPID=0tuUra; expires=Fri, 16-Aug-2019 14:28:28 GMT; path=/
1250. Script Info: | Date: Fri, 16 Aug 2019 11:23:28 GMT
1251. Script Info: | Content-Length: 226
1252. Script Info: | Connection: close
1253. Script Info: | Content-Type: text/html; charset=iso-8859-1
1254. Script Info: | <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
1255. Script Info: | <html><head>
1256. Script Info: | <title>400 Bad Request</title>
1257. Script Info: | </head><body>
1258. Script Info: | <h1>Bad Request</h1>
1259. Script Info: | <p>Your browser sent a request that this server could not understand.<br />
1260. Script Info: | </p>
1261. Script Info: |_ </body></html>
1262. Script Info: | http-methods:
1263. Script Info: |_ Supported Methods: POST OPTIONS
1264. Script Info: |_http-title: Site doesn't have a title (text/html).
1265. Script Info: | ssl-cert: Subject: commonName=www2.maruzenshowa.co.jp/organizationName=Maruzen Showa Unyu co.,ltd/stateOrProvinceName=KANAGAWA/countryName=JP
1266. Script Info: | Subject Alternative Name: DNS:www2.maruzenshowa.co.jp
1267. Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1268. Script Info: | Public Key type: rsa
1269. Script Info: | Public Key bits: 2048
1270. Script Info: | Signature Algorithm: sha256WithRSAEncryption
1271. Script Info: | Not valid before: 2018-08-13T00:00:00
1272. Script Info: | Not valid after: 2020-10-01T12:00:00
1273. Script Info: | MD5: e017 8723 3604 af3d 5eee c7c2 77bb c838
1274. Script Info: |_SHA-1: 14ac d6ff b4e0 b7f9 be8d ce0d f6d0 8f7d 9fea 6e97
1275. Script Info: |_ssl-date: 2019-08-16T11:24:54+00:00; +4s from scanner time.
1276. IP: 133.163.8.44
1277. HostName: www3.maruzenshowa.co.jp. Type: A
1278. Country: Japan
1279. Is Active: True (reset ttl 64)
1280.  
1281. --------------End Summary --------------
1282. -----------------------------------------
1283.  
1284.  
1285.  
1286. Checking if the hostname proxy.maruzenshowa.co.jp. given is in fact a domain...
1287.  
1288. Analyzing domain: proxy.maruzenshowa.co.jp.
1289. Checking NameServers using system default resolver...
1290. IP: 210.130.1.15 (Japan)
1291. HostName: dns-c.iij.ad.jp Type: NS
1292. HostName: sys-c.do.2iij.net Type: PTR
1293. IP: 202.232.2.14 (Japan)
1294. HostName: dns-b.iij.ad.jp Type: NS
1295. HostName: sys-b.do.2iij.net Type: PTR
1296.  
1297. Checking MailServers using system default resolver...
1298. IP: 203.180.38.156 (Japan)
1299. HostName: bh0.iij.ad.jp Type: MX
1300. HostName: bh1516.svc.2iij.net Type: PTR
1301.  
1302. Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1303. No zone transfer found on nameserver 210.130.1.15
1304. No zone transfer found on nameserver 202.232.2.14
1305.  
1306. Checking SPF record...
1307. No SPF record
1308.  
1309. Checking 192 most common hostnames using system default resolver...
1310.  
1311. Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1312. Checking netblock 210.130.1.0
1313. Checking netblock 202.232.2.0
1314. Checking netblock 203.180.38.0
1315.  
1316. Searching for proxy.maruzenshowa.co.jp. emails in Google
1317.  
1318. Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1319. Host 210.130.1.15 is up (reset ttl 64)
1320. Host 202.232.2.14 is up (reset ttl 64)
1321. Host 203.180.38.156 is up (reset ttl 64)
1322.  
1323. Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1324. Scanning ip 210.130.1.15 (sys-c.do.2iij.net (PTR)):
1325. 53/tcp open tcpwrapped syn-ack ttl 53
1326. | dns-nsid:
1327. | id.server: dns-bc1710
1328. |_ bind.version: IIJ-DNS-SERVICE
1329. Scanning ip 202.232.2.14 (sys-b.do.2iij.net (PTR)):
1330. 53/tcp open domain syn-ack ttl 47 (unknown banner: IIJ-DNS-SERVICE)
1331. | dns-nsid:
1332. |_ bind.version: IIJ-DNS-SERVICE
1333. | fingerprint-strings:
1334. | DNSVersionBindReqTCP:
1335. | version
1336. | bind
1337. |_ IIJ-DNS-SERVICE
1338. Scanning ip 203.180.38.156 (bh1516.svc.2iij.net (PTR)):
1339. WebCrawling domain's web servers... up to 50 max links.
1340. --Finished--
1341. Summary information for domain proxy.maruzenshowa.co.jp.
1342. -----------------------------------------
1343.  
1344. Domain Ips Information:
1345. IP: 210.130.1.15
1346. HostName: dns-c.iij.ad.jp Type: NS
1347. HostName: sys-c.do.2iij.net Type: PTR
1348. Country: Japan
1349. Is Active: True (reset ttl 64)
1350. Port: 53/tcp open tcpwrapped syn-ack ttl 53
1351. Script Info: | dns-nsid:
1352. Script Info: | id.server: dns-bc1710
1353. Script Info: |_ bind.version: IIJ-DNS-SERVICE
1354. IP: 202.232.2.14
1355. HostName: dns-b.iij.ad.jp Type: NS
1356. HostName: sys-b.do.2iij.net Type: PTR
1357. Country: Japan
1358. Is Active: True (reset ttl 64)
1359. Port: 53/tcp open domain syn-ack ttl 47 (unknown banner: IIJ-DNS-SERVICE)
1360. Script Info: | dns-nsid:
1361. Script Info: |_ bind.version: IIJ-DNS-SERVICE
1362. Script Info: | fingerprint-strings:
1363. Script Info: | DNSVersionBindReqTCP:
1364. Script Info: | version
1365. Script Info: | bind
1366. Script Info: |_ IIJ-DNS-SERVICE
1367. IP: 203.180.38.156
1368. HostName: bh0.iij.ad.jp Type: MX
1369. HostName: bh1516.svc.2iij.net Type: PTR
1370. Country: Japan
1371. Is Active: True (reset ttl 64)
1372. #######################################################################################################################################
1373. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:11 EDT
1374. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1375. Host is up (0.12s latency).
1376. Not shown: 477 filtered ports, 4 closed ports
1377. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1378. PORT STATE SERVICE
1379. 80/tcp open http
1380. 443/tcp open https
1381. #######################################################################################################################################
1382. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:11 EDT
1383. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1384. Host is up (0.042s latency).
1385. Not shown: 2 filtered ports, 1 closed port
1386. PORT STATE SERVICE
1387. 67/udp open|filtered dhcps
1388. 68/udp open|filtered dhcpc
1389. 69/udp open|filtered tftp
1390. 88/udp open|filtered kerberos-sec
1391. 123/udp open|filtered ntp
1392. 139/udp open|filtered netbios-ssn
1393. 161/udp open|filtered snmp
1394. 162/udp open|filtered snmptrap
1395. 389/udp open|filtered ldap
1396. 500/udp open|filtered isakmp
1397. 520/udp open|filtered route
1398. 2049/udp open|filtered nfs
1399. #######################################################################################################################################
1400. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:11 EDT
1401. NSE: Loaded 162 scripts for scanning.
1402. NSE: Script Pre-scanning.
1403. Initiating NSE at 07:11
1404. Completed NSE at 07:11, 0.00s elapsed
1405. Initiating NSE at 07:11
1406. Completed NSE at 07:11, 0.00s elapsed
1407. Initiating Parallel DNS resolution of 1 host. at 07:11
1408. Completed Parallel DNS resolution of 1 host. at 07:11, 0.03s elapsed
1409. Initiating SYN Stealth Scan at 07:11
1410. Scanning www.maruzenshowa.co.jp (210.130.168.131) [1 port]
1411. Discovered open port 80/tcp on 210.130.168.131
1412. Completed SYN Stealth Scan at 07:11, 0.25s elapsed (1 total ports)
1413. Initiating Service scan at 07:11
1414. Scanning 1 service on www.maruzenshowa.co.jp (210.130.168.131)
1415. Completed Service scan at 07:11, 2.81s elapsed (1 service on 1 host)
1416. Initiating OS detection (try #1) against www.maruzenshowa.co.jp (210.130.168.131)
1417. Retrying OS detection (try #2) against www.maruzenshowa.co.jp (210.130.168.131)
1418. Initiating Traceroute at 07:11
1419. Completed Traceroute at 07:11, 0.23s elapsed
1420. Initiating Parallel DNS resolution of 14 hosts. at 07:11
1421. Completed Parallel DNS resolution of 14 hosts. at 07:11, 0.62s elapsed
1422. NSE: Script scanning 210.130.168.131.
1423. Initiating NSE at 07:11
1424. Completed NSE at 07:12, 44.44s elapsed
1425. Initiating NSE at 07:12
1426. Completed NSE at 07:12, 0.42s elapsed
1427. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1428. Host is up (0.20s latency).
1429.  
1430. PORT STATE SERVICE VERSION
1431. 80/tcp open tcpwrapped
1432. | http-brute:
1433. |_ Path "/" does not require authentication
1434. |_http-chrono: Request times for /; avg: 513.42ms; min: 503.70ms; max: 524.03ms
1435. |_http-csrf: Couldn't find any CSRF vulnerabilities.
1436. |_http-date: Fri, 16 Aug 2019 11:11:58 GMT; +4s from local time.
1437. |_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1438. |_http-dombased-xss: Couldn't find any DOM based XSS.
1439. |_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1440. |_http-errors: Couldn't find any error pages.
1441. |_http-feed: Couldn't find any feeds.
1442. |_http-fetch: Please enter the complete path of the directory to save data in.
1443. | http-headers:
1444. | Date: Fri, 16 Aug 2019 11:12:04 GMT
1445. | Server: Apache
1446. | Location: https://www.maruzenshowa.co.jp/
1447. | Content-Length: 239
1448. | Connection: close
1449. | Content-Type: text/html; charset=iso-8859-1
1450. |
1451. |_ (Request type: GET)
1452. |_http-jsonp-detection: Couldn't find any JSONP endpoints.
1453. | http-methods:
1454. |_ Supported Methods: GET HEAD POST OPTIONS
1455. |_http-mobileversion-checker: No mobile version detected.
1456. |_http-passwd: ERROR: Script execution failed (use -d to debug)
1457. |_http-security-headers:
1458. |_http-server-header: Apache
1459. | http-sitemap-generator:
1460. | Directory structure:
1461. | Longest directory structure:
1462. | Depth: 0
1463. | Dir: /
1464. | Total files found (by extension):
1465. |_
1466. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1467. |_http-title: Did not follow redirect to https://www.maruzenshowa.co.jp/
1468. | http-vhosts:
1469. |_127 names had status 301
1470. |_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
1471. |_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1472. |_http-xssed: No previously reported XSS vuln.
1473. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1474. Device type: load balancer
1475. Running (JUST GUESSING): F5 Networks TMOS 11.6.X (89%)
1476. OS CPE: cpe:/o:f5:tmos:11.6
1477. Aggressive OS guesses: F5 BIG-IP Local Traffic Manager load balancer (TMOS 11.6) (89%)
1478. No exact OS matches for host (test conditions non-ideal).
1479. Uptime guess: 29.929 days (since Wed Jul 17 08:54:52 2019)
1480. Network Distance: 14 hops
1481. TCP Sequence Prediction: Difficulty=259 (Good luck!)
1482. IP ID Sequence Generation: Randomized
1483.  
1484. TRACEROUTE (using port 80/tcp)
1485. HOP RTT ADDRESS
1486. 1 21.56 ms 10.243.200.1
1487. 2 21.90 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1488. 3 23.77 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
1489. 4 21.73 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1490. 5 21.77 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
1491. 6 57.13 ms if-ae-7-2.tcore1.tnk-toronto.as6453.net (66.198.96.62)
1492. 7 56.66 ms if-ae-25-2.tcore1.ttt-toronto.as6453.net (64.86.33.103)
1493. 8 56.88 ms if-ae-10-2.tcore2.ttt-toronto.as6453.net (64.86.32.34)
1494. 9 57.22 ms if-ae-5-3.tcore1.aeq-ashburn.as6453.net (64.86.85.2)
1495. 10 55.52 ms 216.98.100.249
1496. 11 102.24 ms sjc002bb13.IIJ.Net (206.132.168.102)
1497. 12 202.21 ms tky009bb00.IIJ.Net (58.138.88.241)
1498. 13 199.19 ms tky009agr00.IIJ.Net (58.138.114.42)
1499. 14 198.66 ms www.maruzenshowa.co.jp (210.130.168.131)
1500.  
1501. NSE: Script Post-scanning.
1502. Initiating NSE at 07:12
1503. Completed NSE at 07:12, 0.00s elapsed
1504. Initiating NSE at 07:12
1505. Completed NSE at 07:12, 0.00s elapsed
1506. Read data files from: /usr/bin/../share/nmap
1507. #######################################################################################################################################
1508. http://210.130.168.131 [301 Moved Permanently] Apache, Country[JAPAN][JP], HTTPServer[Apache], IP[210.130.168.131], RedirectLocation[https://210.130.168.131/], Title[301 Moved Permanently]
1509. https://210.130.168.131/ [200 OK] Adobe-Flash, Apache, Country[JAPAN][JP], HTTPServer[Apache], IP[210.130.168.131], JQuery, Script[text/javascript], Title[丸全昭和運輸株式会社], X-UA-Compatible[IE=EmulateIE7]
1510. #######################################################################################################################################
1511. HTTP/1.1 301 Moved Permanently
1512. Date: Fri, 16 Aug 2019 11:12:50 GMT
1513. Server: Apache
1514. Location: https://210.130.168.131/
1515. Content-Type: text/html; charset=iso-8859-1
1516.  
1517. HTTP/1.1 301 Moved Permanently
1518. Date: Fri, 16 Aug 2019 11:12:51 GMT
1519. Server: Apache
1520. Location: https://210.130.168.131/
1521. Content-Type: text/html; charset=iso-8859-1
1522. #######################################################################################################################################
1523. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:12 EDT
1524. NSE: Loaded 162 scripts for scanning.
1525. NSE: Script Pre-scanning.
1526. Initiating NSE at 07:12
1527. Completed NSE at 07:12, 0.00s elapsed
1528. Initiating NSE at 07:12
1529. Completed NSE at 07:12, 0.00s elapsed
1530. Initiating Parallel DNS resolution of 1 host. at 07:12
1531. Completed Parallel DNS resolution of 1 host. at 07:12, 0.02s elapsed
1532. Initiating SYN Stealth Scan at 07:12
1533. Scanning www.maruzenshowa.co.jp (210.130.168.131) [1 port]
1534. Discovered open port 443/tcp on 210.130.168.131
1535. Completed SYN Stealth Scan at 07:12, 0.24s elapsed (1 total ports)
1536. Initiating Service scan at 07:12
1537. Scanning 1 service on www.maruzenshowa.co.jp (210.130.168.131)
1538. Completed Service scan at 07:13, 2.60s elapsed (1 service on 1 host)
1539. Initiating OS detection (try #1) against www.maruzenshowa.co.jp (210.130.168.131)
1540. Retrying OS detection (try #2) against www.maruzenshowa.co.jp (210.130.168.131)
1541. Initiating Traceroute at 07:13
1542. Completed Traceroute at 07:13, 0.24s elapsed
1543. Initiating Parallel DNS resolution of 14 hosts. at 07:13
1544. Completed Parallel DNS resolution of 14 hosts. at 07:13, 0.22s elapsed
1545. NSE: Script scanning 210.130.168.131.
1546. Initiating NSE at 07:13
1547. NSE: [http-wordpress-enum 210.130.168.131:443] got no answers from pipelined queries
1548. Completed NSE at 07:15, 171.47s elapsed
1549. Initiating NSE at 07:15
1550. Completed NSE at 07:15, 0.42s elapsed
1551. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1552. Host is up (0.20s latency).
1553.  
1554. PORT STATE SERVICE VERSION
1555. 443/tcp open tcpwrapped
1556. |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
1557. | http-brute:
1558. |_ Path "/" does not require authentication
1559. |_http-chrono: Request times for /; avg: 1322.66ms; min: 1112.05ms; max: 1524.93ms
1560. | http-csrf:
1561. | Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.maruzenshowa.co.jp
1562. | Found the following possible CSRF vulnerabilities:
1563. |
1564. | Path: http://www.maruzenshowa.co.jp:443/
1565. | Form id:
1566. | Form action: https://search.yahoo.co.jp/search
1567. |
1568. | Path: http://www.maruzenshowa.co.jp:443/service/purpose/efficiency.html
1569. | Form id:
1570. | Form action: https://search.yahoo.co.jp/search
1571. |
1572. | Path: http://www.maruzenshowa.co.jp:443/base/domestic/chubu/index.html
1573. | Form id:
1574. | Form action: https://search.yahoo.co.jp/search
1575. |
1576. | Path: http://www.maruzenshowa.co.jp:443/corporate/message.html
1577. | Form id:
1578. | Form action: https://search.yahoo.co.jp/search
1579. |
1580. | Path: http://www.maruzenshowa.co.jp:443/strength/solution.html
1581. | Form id:
1582. | Form action: https://search.yahoo.co.jp/search
1583. |
1584. | Path: http://www.maruzenshowa.co.jp:443/service/function/office_relocation.html
1585. | Form id:
1586. | Form action: https://search.yahoo.co.jp/search
1587. |
1588. | Path: http://www.maruzenshowa.co.jp:443/base/domestic/chugoku_shikoku/index.html
1589. | Form id:
1590. | Form action: https://search.yahoo.co.jp/search
1591. |
1592. | Path: http://www.maruzenshowa.co.jp:443/ir/library.html
1593. | Form id:
1594. | Form action: https://search.yahoo.co.jp/search
1595. |
1596. | Path: http://www.maruzenshowa.co.jp:443/base/domestic/kyushu/index.html
1597. | Form id:
1598. | Form action: https://search.yahoo.co.jp/search
1599. |
1600. | Path: http://www.maruzenshowa.co.jp:443/service/industry/building_material.html
1601. | Form id:
1602. | Form action: https://search.yahoo.co.jp/search
1603. |
1604. | Path: http://www.maruzenshowa.co.jp:443/case/index.html
1605. | Form id:
1606. | Form action: https://search.yahoo.co.jp/search
1607. |
1608. | Path: http://www.maruzenshowa.co.jp:443/base/domestic/kansai/index.html
1609. | Form id:
1610. | Form action: https://search.yahoo.co.jp/search
1611. |
1612. | Path: http://www.maruzenshowa.co.jp:443/corporate/index.html
1613. | Form id:
1614. | Form action: https://search.yahoo.co.jp/search
1615. |
1616. | Path: http://www.maruzenshowa.co.jp:443/service/function/yard_operation.html
1617. | Form id:
1618. | Form action: https://search.yahoo.co.jp/search
1619. |
1620. | Path: http://www.maruzenshowa.co.jp:443/strength/it.html
1621. | Form id:
1622. | Form action: https://search.yahoo.co.jp/search
1623. |
1624. | Path: http://www.maruzenshowa.co.jp:443/index.html
1625. | Form id:
1626. | Form action: https://search.yahoo.co.jp/search
1627. |
1628. | Path: http://www.maruzenshowa.co.jp:443/corporate/internal_control.html
1629. | Form id:
1630. | Form action: https://search.yahoo.co.jp/search
1631. |
1632. | Path: http://www.maruzenshowa.co.jp:443/corporate/business.html
1633. | Form id:
1634. |_ Form action: https://search.yahoo.co.jp/search
1635. |_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1636. |_http-dombased-xss: Couldn't find any DOM based XSS.
1637. |_http-errors: Couldn't find any error pages.
1638. |_http-feed: Couldn't find any feeds.
1639. |_http-fetch: Please enter the complete path of the directory to save data in.
1640. | http-headers:
1641. | Date: Fri, 16 Aug 2019 11:13:19 GMT
1642. | Server: Apache
1643. | Last-Modified: Tue, 13 Aug 2019 00:21:03 GMT
1644. | ETag: "85f046-67c5-58ff49da34355"
1645. | Accept-Ranges: bytes
1646. | Content-Length: 26565
1647. | Connection: close
1648. | Content-Type: text/html
1649. |
1650. |_ (Request type: HEAD)
1651. |_http-jsonp-detection: Couldn't find any JSONP endpoints.
1652. | http-methods:
1653. |_ Supported Methods: OPTIONS
1654. |_http-mobileversion-checker: No mobile version detected.
1655. | http-security-headers:
1656. | Strict_Transport_Security:
1657. |_ HSTS not configured in HTTPS Server
1658. | http-sitemap-generator:
1659. | Directory structure:
1660. | /
1661. | Other: 1
1662. | /base/domestic/chubu/
1663. | html: 1
1664. | /base/domestic/chugoku_shikoku/
1665. | html: 1
1666. | /base/domestic/hokkaido_tohoku/
1667. | html: 1
1668. | /base/global/southeast_asia/
1669. | html: 1
1670. | /common/css/
1671. | css: 1
1672. | /common/js/
1673. | js: 2
1674. | /contact/
1675. | html: 1
1676. | /corporate/
1677. | html: 1
1678. | /csr/isms/
1679. | html: 1
1680. | /faq/
1681. | html: 1
1682. | /images/
1683. | gif: 5
1684. | /privacy/
1685. | html: 1
1686. | /strength/
1687. | html: 2
1688. | Longest directory structure:
1689. | Depth: 3
1690. | Dir: /base/domestic/chubu/
1691. | Total files found (by extension):
1692. |_ Other: 1; css: 1; gif: 5; html: 11; js: 2
1693. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1694. | http-vhosts:
1695. | intra.maruzenshowa.co.jp : 200
1696. | alerts.maruzenshowa.co.jp : 200
1697. | server.maruzenshowa.co.jp : 200
1698. |_124 names had status ERROR
1699. |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
1700. |_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1701. |_http-xssed: No previously reported XSS vuln.
1702. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1703. Device type: load balancer
1704. Running (JUST GUESSING): F5 Networks TMOS 11.6.X (89%)
1705. OS CPE: cpe:/o:f5:tmos:11.6
1706. Aggressive OS guesses: F5 BIG-IP Local Traffic Manager load balancer (TMOS 11.6) (89%)
1707. No exact OS matches for host (test conditions non-ideal).
1708. Uptime guess: 29.931 days (since Wed Jul 17 08:54:52 2019)
1709. Network Distance: 14 hops
1710. TCP Sequence Prediction: Difficulty=262 (Good luck!)
1711. IP ID Sequence Generation: Randomized
1712.  
1713. TRACEROUTE (using port 443/tcp)
1714. HOP RTT ADDRESS
1715. 1 22.18 ms 10.243.200.1
1716. 2 22.31 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1717. 3 77.87 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
1718. 4 22.22 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
1719. 5 22.24 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
1720. 6 58.70 ms if-ae-7-2.tcore1.tnk-toronto.as6453.net (66.198.96.62)
1721. 7 57.35 ms if-ae-25-2.tcore1.ttt-toronto.as6453.net (64.86.33.103)
1722. 8 57.32 ms if-ae-10-2.tcore2.ttt-toronto.as6453.net (64.86.32.34)
1723. 9 57.45 ms if-ae-5-3.tcore1.aeq-ashburn.as6453.net (64.86.85.2)
1724. 10 55.91 ms 216.98.100.249
1725. 11 103.05 ms sjc002bb13.IIJ.Net (58.138.80.130)
1726. 12 203.21 ms tky009bb00.IIJ.Net (58.138.88.241)
1727. 13 200.81 ms tky009agr00.IIJ.Net (58.138.114.42)
1728. 14 201.09 ms www.maruzenshowa.co.jp (210.130.168.131)
1729.  
1730. NSE: Script Post-scanning.
1731. Initiating NSE at 07:15
1732. Completed NSE at 07:15, 0.00s elapsed
1733. Initiating NSE at 07:15
1734. Completed NSE at 07:15, 0.00s elapsed
1735. Read data files from: /usr/bin/../share/nmap
1736. #######################################################################################################################################
1737. Version: 1.11.13-static
1738. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1739.  
1740. Connected to 210.130.168.131
1741.  
1742. Testing SSL server 210.130.168.131 on port 443 using SNI name 210.130.168.131
1743.  
1744. TLS Fallback SCSV:
1745. Server supports TLS Fallback SCSV
1746.  
1747. TLS renegotiation:
1748. Secure session renegotiation supported
1749.  
1750. TLS Compression:
1751. Compression disabled
1752.  
1753. Heartbleed:
1754. TLS 1.2 not vulnerable to heartbleed
1755. TLS 1.1 not vulnerable to heartbleed
1756. TLS 1.0 not vulnerable to heartbleed
1757.  
1758. Supported Server Cipher(s):
1759. Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1760. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1761. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1762. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1763. Accepted TLSv1.2 128 bits AES128-SHA256
1764. Accepted TLSv1.2 128 bits AES128-SHA
1765. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1766. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1767. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1768. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1769. Accepted TLSv1.2 256 bits AES256-SHA256
1770. Accepted TLSv1.2 256 bits AES256-SHA
1771. Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1772. Accepted TLSv1.2 128 bits RC4-SHA
1773. Accepted TLSv1.2 128 bits RC4-MD5
1774. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1775. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1776. Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1777. Accepted TLSv1.1 128 bits AES128-SHA
1778. Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1779. Accepted TLSv1.1 256 bits AES256-SHA
1780. Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1781. Accepted TLSv1.1 128 bits RC4-SHA
1782. Accepted TLSv1.1 128 bits RC4-MD5
1783. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1784. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1785. Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1786. Accepted TLSv1.0 128 bits AES128-SHA
1787. Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1788. Accepted TLSv1.0 256 bits AES256-SHA
1789. Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Curve P-256 DHE 256
1790. Accepted TLSv1.0 128 bits RC4-SHA
1791. Accepted TLSv1.0 128 bits RC4-MD5
1792. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1793. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1794.  
1795. SSL Certificate:
1796. Signature Algorithm: sha256WithRSAEncryption
1797. RSA Key Strength: 2048
1798.  
1799. Subject: www.maruzenshowa.co.jp
1800. Altnames: DNS:www.maruzenshowa.co.jp, DNS:maruzenshowa.co.jp
1801. Issuer: GlobalSign RSA DV SSL CA 2018
1802.  
1803. Not valid before: Aug 8 00:25:39 2019 GMT
1804. Not valid after: Aug 15 04:03:49 2021 GMT
1805. #######################################################################################################################################
1806. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:21 EDT
1807. NSE: Loaded 45 scripts for scanning.
1808. NSE: Script Pre-scanning.
1809. Initiating NSE at 07:21
1810. Completed NSE at 07:21, 0.00s elapsed
1811. Initiating NSE at 07:21
1812. Completed NSE at 07:21, 0.00s elapsed
1813. Initiating Ping Scan at 07:21
1814. Scanning 210.130.168.131 [4 ports]
1815. Completed Ping Scan at 07:21, 0.24s elapsed (1 total hosts)
1816. Initiating Parallel DNS resolution of 1 host. at 07:21
1817. Completed Parallel DNS resolution of 1 host. at 07:21, 0.02s elapsed
1818. Initiating SYN Stealth Scan at 07:21
1819. Scanning www.maruzenshowa.co.jp (210.130.168.131) [65535 ports]
1820. Discovered open port 443/tcp on 210.130.168.131
1821. Discovered open port 80/tcp on 210.130.168.131
1822. SYN Stealth Scan Timing: About 8.19% done; ETC: 07:27 (0:05:48 remaining)
1823. SYN Stealth Scan Timing: About 35.43% done; ETC: 07:24 (0:01:51 remaining)
1824. SYN Stealth Scan Timing: About 68.66% done; ETC: 07:23 (0:00:42 remaining)
1825. Completed SYN Stealth Scan at 07:23, 115.37s elapsed (65535 total ports)
1826. Initiating Service scan at 07:23
1827. Scanning 2 services on www.maruzenshowa.co.jp (210.130.168.131)
1828. Completed Service scan at 07:23, 2.80s elapsed (2 services on 1 host)
1829. Initiating OS detection (try #1) against www.maruzenshowa.co.jp (210.130.168.131)
1830. Retrying OS detection (try #2) against www.maruzenshowa.co.jp (210.130.168.131)
1831. Initiating Traceroute at 07:23
1832. Completed Traceroute at 07:23, 0.04s elapsed
1833. Initiating Parallel DNS resolution of 2 hosts. at 07:23
1834. Completed Parallel DNS resolution of 2 hosts. at 07:23, 0.00s elapsed
1835. NSE: Script scanning 210.130.168.131.
1836. Initiating NSE at 07:23
1837. Completed NSE at 07:23, 1.57s elapsed
1838. Initiating NSE at 07:23
1839. Completed NSE at 07:23, 0.00s elapsed
1840. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1841. Host is up (0.022s latency).
1842. Not shown: 65529 filtered ports
1843. PORT STATE SERVICE VERSION
1844. 25/tcp closed smtp
1845. 53/tcp closed domain
1846. 80/tcp open tcpwrapped
1847. |_http-server-header: Apache
1848. 139/tcp closed netbios-ssn
1849. 443/tcp open tcpwrapped
1850. 445/tcp closed microsoft-ds
1851. Device type: general purpose|load balancer
1852. Running (JUST GUESSING): OpenBSD 4.X (87%), F5 Networks TMOS 11.6.X (86%)
1853. OS CPE: cpe:/o:openbsd:openbsd:4.3 cpe:/o:f5:tmos:11.6
1854. Aggressive OS guesses: OpenBSD 4.3 (87%), F5 BIG-IP Local Traffic Manager load balancer (TMOS 11.6) (86%)
1855. No exact OS matches for host (test conditions non-ideal).
1856. Uptime guess: 29.937 days (since Wed Jul 17 08:54:51 2019)
1857. Network Distance: 2 hops
1858. TCP Sequence Prediction: Difficulty=262 (Good luck!)
1859. IP ID Sequence Generation: Randomized
1860.  
1861. TRACEROUTE (using port 139/tcp)
1862. HOP RTT ADDRESS
1863. 1 21.50 ms 10.243.200.1
1864. 2 21.50 ms www.maruzenshowa.co.jp (210.130.168.131)
1865.  
1866. NSE: Script Post-scanning.
1867. Initiating NSE at 07:23
1868. Completed NSE at 07:23, 0.00s elapsed
1869. Initiating NSE at 07:23
1870. Completed NSE at 07:23, 0.00s elapsed
1871. Read data files from: /usr/bin/../share/nmap
1872. #######################################################################################################################################
1873. Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-16 07:23 EDT
1874. NSE: Loaded 45 scripts for scanning.
1875. NSE: Script Pre-scanning.
1876. Initiating NSE at 07:23
1877. Completed NSE at 07:23, 0.00s elapsed
1878. Initiating NSE at 07:23
1879. Completed NSE at 07:23, 0.00s elapsed
1880. Initiating Parallel DNS resolution of 1 host. at 07:23
1881. Completed Parallel DNS resolution of 1 host. at 07:23, 0.11s elapsed
1882. Initiating UDP Scan at 07:23
1883. Scanning www.maruzenshowa.co.jp (210.130.168.131) [15 ports]
1884. Completed UDP Scan at 07:23, 1.65s elapsed (15 total ports)
1885. Initiating Service scan at 07:23
1886. Scanning 12 services on www.maruzenshowa.co.jp (210.130.168.131)
1887. Service scan Timing: About 8.33% done; ETC: 07:43 (0:17:47 remaining)
1888. Completed Service scan at 07:25, 102.58s elapsed (12 services on 1 host)
1889. Initiating OS detection (try #1) against www.maruzenshowa.co.jp (210.130.168.131)
1890. Initiating Traceroute at 07:25
1891. Completed Traceroute at 07:25, 7.04s elapsed
1892. Initiating Parallel DNS resolution of 1 host. at 07:25
1893. Completed Parallel DNS resolution of 1 host. at 07:25, 0.00s elapsed
1894. NSE: Script scanning 210.130.168.131.
1895. Initiating NSE at 07:25
1896. Completed NSE at 07:25, 7.13s elapsed
1897. Initiating NSE at 07:25
1898. Completed NSE at 07:25, 1.15s elapsed
1899. Nmap scan report for www.maruzenshowa.co.jp (210.130.168.131)
1900. Host is up (0.094s latency).
1901.  
1902. PORT STATE SERVICE VERSION
1903. 53/udp closed domain
1904. 67/udp open|filtered dhcps
1905. 68/udp open|filtered dhcpc
1906. 69/udp open|filtered tftp
1907. 88/udp open|filtered kerberos-sec
1908. 123/udp open|filtered ntp
1909. 137/udp filtered netbios-ns
1910. 138/udp filtered netbios-dgm
1911. 139/udp open|filtered netbios-ssn
1912. 161/udp open|filtered snmp
1913. 162/udp open|filtered snmptrap
1914. 389/udp open|filtered ldap
1915. 500/udp open|filtered isakmp
1916. 520/udp open|filtered route
1917. 2049/udp open|filtered nfs
1918. Device type: firewall|load balancer
1919. Running: F5 Networks embedded, F5 Networks TMOS 11.1.X|11.4.X|11.6.X|9.1.X
1920. OS CPE: cpe:/o:f5:tmos:11.1 cpe:/o:f5:tmos:11.4 cpe:/o:f5:tmos:11.6 cpe:/o:f5:tmos:9.1
1921. Too many fingerprints match this host to give specific OS details
1922. Network Distance: 14 hops
1923.  
1924. TRACEROUTE (using port 137/udp)
1925. HOP RTT ADDRESS
1926. 1 ... 4
1927. 5 20.29 ms 10.243.200.1
1928. 6 ... 7
1929. 8 20.70 ms 10.243.200.1
1930. 9 21.44 ms 10.243.200.1
1931. 10 21.43 ms 10.243.200.1
1932. 11 21.42 ms 10.243.200.1
1933. 12 21.41 ms 10.243.200.1
1934. 13 21.40 ms 10.243.200.1
1935. 14 21.40 ms 10.243.200.1
1936. 15 ... 18
1937. 19 20.34 ms 10.243.200.1
1938. 20 24.08 ms 10.243.200.1
1939. 21 ... 28
1940. 29 20.87 ms 10.243.200.1
1941. 30 21.12 ms 10.243.200.1
1942.  
1943. NSE: Script Post-scanning.
1944. Initiating NSE at 07:25
1945. Completed NSE at 07:25, 0.00s elapsed
1946. Initiating NSE at 07:25
1947. Completed NSE at 07:25, 0.00s elapsed
1948. Read data files from: /usr/bin/../share/nmap
1949. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1950. Nmap done: 1 IP address (1 host up) scanned in 122.53 seconds
1951. Raw packets sent: 115 (8.716KB) | Rcvd: 218 (25.164KB)
1952. #######################################################################################################################################
1953. ---------------------------------------------------------------------------------------------------------------------------------------
1954. + Target IP: 210.130.168.131
1955. + Target Hostname: 210.130.168.131
1956. + Target Port: 80
1957. + Start Time: 2019-08-16 08:04:16 (GMT-4)
1958. ---------------------------------------------------------------------------------------------------------------------------------------
1959. + Server: Apache
1960. + The anti-clickjacking X-Frame-Options header is not present.
1961. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1962. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1963. + Root page / redirects to: https://210.130.168.131/
1964. + Server may leak inodes via ETags, header found with file /cgi/admin.cgi, inode: 158234, size: 599, mtime: Wed Feb 13 09:28:47 2008
1965. + 26522 requests: 0 error(s) and 4 item(s) reported on remote host
1966. + End Time: 2019-08-16 09:39:47 (GMT-4) (5731 seconds)
1967. ---------------------------------------------------------------------------------------------------------------------------------------
1968. #######################################################################################################################################
1969. ---------------------------------------------------------------------------------------------------------------------------------------
1970. + Target IP: 210.130.168.131
1971. + Target Hostname: 210.130.168.131
1972. + Target Port: 443
1973. ---------------------------------------------------------------------------------------------------------------------------------------
1974. + SSL Info: Subject: /C=JP/OU=Domain Control Validated/CN=www.maruzenshowa.co.jp
1975. Ciphers: ECDHE-RSA-AES128-GCM-SHA256
1976. Issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA DV SSL CA 2018
1977. + Start Time: 2019-08-16 08:04:37 (GMT-4)
1978. ---------------------------------------------------------------------------------------------------------------------------------------
1979. + Server: Apache
1980. + Server may leak inodes via ETags, header found with file /, inode: 8777798, size: 26565, mtime: Mon Aug 12 20:21:03 2019
1981. + The anti-clickjacking X-Frame-Options header is not present.
1982. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
1983. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
1984. + The site uses SSL and Expect-CT header is not present.
1985. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
1986. + Hostname '210.130.168.131' does not match certificate's names: www.maruzenshowa.co.jp
1987. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
1988. + OSVDB-3092: /sitemap.xml: This gives a nice listing of the site content.
1989. + OSVDB-3092: /info/: This might be interesting...
1990. + OSVDB-3092: /service/: This might be interesting...
1991. + OSVDB-3092: /ir/: This might be interesting... potential country code (Islamic Republic Of Iran)
1992. + OSVDB-3092: /ch/: This might be interesting... potential country code (Switzerland)
1993. + 9539 requests: 0 error(s) and 13 item(s) reported on remote host
1994. + End Time: 2019-08-16 10:22:03 (GMT-4) (8246 seconds)
1995. ---------------------------------------------------------------------------------------------------------------------------------------
1996. #######################################################################################################################################
1997. Anonymous JTSEC #OpWhales Full Recon #34