Anonymous JTSEC #OpSudan Full Recon #97

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname www.audit.gov.sd ISP HostDime.com, Inc.
4. Continent North America Flag
5. US
6. Country United States Country Code US
7. Region Florida Local time 30 Jun 2019 15:11 EDT
8. City Orlando Postal Code 32826
9. IP Address 138.128.160.2 Latitude 28.581
10. Longitude -81.189
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > www.audit.gov.sd
14. Server: 185.93.180.131
15. Address: 185.93.180.131#53
16.  
17. Non-authoritative answer:
18. www.audit.gov.sd canonical name = audit.gov.sd.
19. Name: audit.gov.sd
20. Address: 138.128.160.2
21. >
22. #######################################################################################################################################
23. [+] Target : www.audit.gov.sd
24.  
25. [+] IP Address : 138.128.160.2
26.  
27. [+] Headers :
28.  
29. [+] Date : Sun, 30 Jun 2019 21:03:00 GMT
30. [+] Server : Apache
31. [+] X-Powered-By : PHP/5.6.40
32. [+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
33. [+] Cache-Control : no-store, no-cache, must-revalidate, post-check=0, pre-check=0
34. [+] Pragma : no-cache
35. [+] Referrer-Policy : unsafe-url
36. [+] x-frame-options : SAMEORIGIN
37. [+] X-XSS-Protection : 1; mode=block
38. [+] X-Content-Type-Options : nosniff
39. [+] Link : <http://www.audit.gov.sd?lang=ar%2Findex.php&rest_route=/>; rel="https://api.w.org/"
40. [+] Set-Cookie : mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:03:01 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
41. [+] Content-Length : 109971
42. [+] Connection : close
43. [+] Content-Type : text/html; charset=UTF-8
44.  
45. [+] SSL Certificate Information :
46.  
47. [+] commonName : abaad.sd
48. [+] commonName : abaad.sd
49. [+] Version : 3
50. [+] Serial Number : EC7F604A
51. [+] Not Before : Aug 12 11:26:16 2017 GMT
52. [+] Not After : Aug 12 11:26:16 2018 GMT
53.  
54. [+] Whois Lookup :
55.  
56. [+] NIR : None
57. [+] ASN Registry : arin
58. [+] ASN : 33182
59. [+] ASN CIDR : 138.128.160.0/19
60. [+] ASN Country Code : US
61. [+] ASN Date : 2014-05-16
62. [+] ASN Description : DIMENOC - HostDime.com, Inc., US
63. [+] cidr : 138.128.160.0/19
64. [+] name : DIMENOC
65. [+] handle : NET-138-128-160-0-1
66. [+] range : 138.128.160.0 - 138.128.191.255
67. [+] description : HostDime.com, Inc.
68. [+] country : US
69. [+] state : FL
70. [+] city : Orlando
71. [+] address : 2603 Challenger Tech CT
72. Suite 140
73. [+] postal_code : 32826
74. [+] emails : ['network@dimenoc.com', 'abuse@dimenoc.com']
75. [+] created : 2014-05-16
76. [+] updated : 2014-05-16
77.  
78. [+] Crawling Target...
79.  
80. [+] Looking for robots.txt........[ Found ]
81. [+] Extracting robots Links.......[ 24 ]
82. [+] Looking for sitemap.xml.......[ Not Found ]
83. [+] Extracting CSS Links..........[ 25 ]
84. [+] Extracting Javascript Links...[ 19 ]
85. [+] Extracting Internal Links.....[ 73 ]
86. [+] Extracting External Links.....[ 9 ]
87. [+] Extracting Images.............[ 34 ]
88.  
89. [+] Total Links Extracted : 184
90.  
91. [+] Dumping Links in /opt/FinalRecon/dumps/www.audit.gov.sd.dump
92. [+] Completed!
93. #######################################################################################################################################
94. [+] Starting At 2019-06-30 17:02:59.701311
95. [+] Collecting Information On: www.audit.gov.sd
96. [#] Status: 200
97. ---------------------------------------------------------------------------------------------------------------------------------------
98. [#] Web Server Detected: Apache
99. [#] X-Powered-By: PHP/5.6.40
100. [+] Xss Protection Detected !
101. - Date: Sun, 30 Jun 2019 21:02:58 GMT
102. - Server: Apache
103. - X-Powered-By: PHP/5.6.40
104. - Expires: Thu, 19 Nov 1981 08:52:00 GMT
105. - Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
106. - Pragma: no-cache
107. - Referrer-Policy: unsafe-url
108. - x-frame-options: SAMEORIGIN
109. - X-XSS-Protection: 1; mode=block
110. - X-Content-Type-Options: nosniff
111. - Link: <https://www.audit.gov.sd?lang=ar%2Findex.php&rest_route=/>; rel="https://api.w.org/"
112. - Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:02:58 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd; secure
113. - Content-Length: 110295
114. - Connection: close
115. - Content-Type: text/html; charset=UTF-8
116. ---------------------------------------------------------------------------------------------------------------------------------------
117. [#] Finding Location..!
118. [#] as: AS33182 HostDime.com, Inc.
119. [#] city: Orlando
120. [#] country: United States
121. [#] countryCode: US
122. [#] isp: HostDime.com
123. [#] lat: 28.5383
124. [#] lon: -81.3792
125. [#] org: microsyslabs.com
126. [#] query: 138.128.160.2
127. [#] region: FL
128. [#] regionName: Florida
129. [#] status: success
130. [#] timezone: America/New_York
131. [#] zip: 32810
132. ---------------------------------------------------------------------------------------------------------------------------------------
133. [x] Didn't Detect WAF Presence on: https://www.audit.gov.sd/?lang=ar
134. ---------------------------------------------------------------------------------------------------------------------------------------
135. [#] Starting Reverse DNS
136. [!] Found 51 any Domain
137. - aayan.com.qa
138. - adding-sd.com
139. - alfala.com
140. - aljazeerabank.com.sd
141. - aloaloa.com
142. - aou.edu.sd
143. - apg-sd.com
144. - audit.gov.sd
145. - bajafar.sd
146. - benzcenter.net
147. - click.sd
148. - cm.sd
149. - cpd.gov.sd
150. - eims.ae
151. - engcouncil.sd
152. - giadservices.com
153. - gpo-sd.com
154. - iec.gov.sd
155. - indonileexport.com
156. - khairport.gov.sd
157. - khmedical.edu.sd
158. - mofdgoia.gov.sd
159. - mohe.gov.sd
160. - mssmanal.com
161. - nileuniversity-edu.com
162. - oau.edu.sd
163. - petroall.net
164. - sahl.gov.sd
165. - sdac.gov.sd
166. - sidcotel.sd
167. - ssia.sd
168. - sudafast.edu.sd
169. - sudan.gov.sd
170. - sudanap.org
171. - sudanconsumers.org
172. - sudanports.gov.sd
173. - sudapet.sd
174. - sudapost.sd
175. - tpsudan.gov.sd
176. - wre.gov.sd
177. - www.aljazeerabank.com.sd
178. - www.cpd.gov.sd
179. - www.dandaradentalcenter.com
180. - www.goldenarrow.sd
181. - www.iec.gov.sd
182. - www.khmedical.edu.sd
183. - www.mohe.gov.sd
184. - www.studentwelfare.sd
185. - www.sudan.gov.sd
186. - www.sudapet.sd
187. - www.tararealestate.sd
188. ---------------------------------------------------------------------------------------------------------------------------------------
189. [!] Scanning Open Port
190. [#] 21/tcp open ftp
191. [#] 53/tcp open domain
192. [#] 80/tcp open http
193. [#] 110/tcp open pop3
194. [#] 143/tcp open imap
195. [#] 443/tcp open https
196. [#] 465/tcp open smtps
197. [#] 587/tcp open submission
198. [#] 993/tcp open imaps
199. [#] 995/tcp open pop3s
200. ---------------------------------------------------------------------------------------------------------------------------------------
201. [+] Collecting Information Disclosure!
202. #######################################################################################################################################
203. [i] Scanning Site: http://www.audit.gov.sd
204.  
205.  
206.  
207. B A S I C I N F O
208. ====================
209.  
210.  
211. [+] Site Title: National Audit Chamber
212. [+] IP address: 138.128.160.2
213. [+] Web Server: Apache
214. [+] CMS: WordPress
215. [+] Cloudflare: Not Detected
216. [+] Robots File: Found
217.  
218. -------------[ contents ]----------------
219. User-agent: *
220. Disallow: /calendar/action~posterboard/
221. Disallow: /calendar/action~agenda/
222. Disallow: /calendar/action~oneday/
223. Disallow: /calendar/action~month/
224. Disallow: /calendar/action~week/
225. Disallow: /calendar/action~stream/
226. Disallow: /calendar/action~undefined/
227. Disallow: /calendar/action~http:/
228. Disallow: /calendar/action~default/
229. Disallow: /calendar/action~poster/
230. Disallow: /calendar/action~*/
231. Disallow: /*controller=ai1ec_exporter_controller*
232. Disallow: /*/action~*/
233. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~posterboard/
234. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~agenda/
235. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~oneday/
236. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~month/
237. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~week/
238. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~stream/
239. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~undefined/
240. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~http:/
241. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~default/
242. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~poster/
243. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~*/
244. -----------[end of contents]-------------
245. #######################################################################################################################################
246.  
247.  
248.  
249.  
250.  
251. G E O I P L O O K U P
252. =========================
253.  
254. [i] IP Address: 138.128.160.2
255. [i] Country: United States
256. [i] State: Florida
257. [i] City: Orlando
258. [i] Latitude: 28.5807
259. [i] Longitude: -81.1893
260. #######################################################################################################################################
261.  
262.  
263.  
264. H T T P H E A D E R S
265. =======================
266.  
267.  
268. [i] HTTP/1.1 302 Moved Temporarily
269. [i] Date: Sun, 30 Jun 2019 21:03:44 GMT
270. [i] Server: Apache
271. [i] X-Powered-By: PHP/5.6.40
272. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
273. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
274. [i] Pragma: no-cache
275. [i] X-Redirect-By: WordPress
276. [i] Set-Cookie: PHPSESSID=80mirgqtt5dq0enbnp39qsmic2; path=/
277. [i] Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:03:44 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
278. [i] Location: http://www.audit.gov.sd/?lang=ar
279. [i] Content-Length: 0
280. [i] Connection: close
281. [i] Content-Type: text/html; charset=UTF-8
282. [i] HTTP/1.1 200 OK
283. [i] Date: Sun, 30 Jun 2019 21:03:45 GMT
284. [i] Server: Apache
285. [i] X-Powered-By: PHP/5.6.40
286. [i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
287. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
288. [i] Pragma: no-cache
289. [i] Referrer-Policy: unsafe-url
290. [i] x-frame-options: SAMEORIGIN
291. [i] X-XSS-Protection: 1; mode=block
292. [i] X-Content-Type-Options: nosniff
293. [i] Link: <http://www.audit.gov.sd?lang=ar%2Findex.php&rest_route=/>; rel="https://api.w.org/"
294. [i] Set-Cookie: PHPSESSID=ebelkvihv6iss0br5d4losc8e0; path=/
295. [i] Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:03:46 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
296. [i] Content-Length: 109503
297. [i] Connection: close
298. [i] Content-Type: text/html; charset=UTF-8
299. #######################################################################################################################################
300.  
301.  
302.  
303. D N S L O O K U P
304. ===================
305.  
306. audit.gov.sd. 14360 IN MX 0 mail.audit.gov.sd.
307. audit.gov.sd. 21560 IN SOA ns1.click-grafix.com. karouri.gmail.com. 2019032105 3600 7200 1209600 86400
308. audit.gov.sd. 21560 IN NS ns1.click-grafix.com.
309. audit.gov.sd. 21560 IN NS ns2.click-grafix.com.
310. audit.gov.sd. 14360 IN A 138.128.160.2
311. #######################################################################################################################################
312.  
313.  
314.  
315. S U B N E T C A L C U L A T I O N
316. ====================================
317.  
318. Address = 138.128.160.2
319. Network = 138.128.160.2 / 32
320. Netmask = 255.255.255.255
321. Broadcast = not needed on Point-to-Point links
322. Wildcard Mask = 0.0.0.0
323. Hosts Bits = 0
324. Max. Hosts = 1 (2^0 - 0)
325. Host Range = { 138.128.160.2 - 138.128.160.2 }
326. #######################################################################################################################################
327.  
328.  
329. N M A P P O R T S C A N
330. ============================
331.  
332. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 21:03 UTC
333. Nmap scan report for audit.gov.sd (138.128.160.2)
334. Host is up (0.046s latency).
335. rDNS record for 138.128.160.2: server.click-grafix.com
336.  
337. PORT STATE SERVICE
338. 21/tcp open ftp
339. 22/tcp closed ssh
340. 23/tcp filtered telnet
341. 80/tcp open http
342. 110/tcp open pop3
343. 143/tcp open imap
344. 443/tcp open https
345. 3389/tcp filtered ms-wbt-server
346.  
347. Nmap done: 1 IP address (1 host up) scanned in 1.33 seconds
348. #######################################################################################################################################
349.  
350.  
351. S U B - D O M A I N F I N D E R
352. ==================================
353.  
354.  
355. [i] Total Subdomains Found : 1
356.  
357. [+] Subdomain: mail.audit.gov.sd
358. [-] IP: 212.0.136.50
359. #######################################################################################################################################
360. Enter Address Website = audit.gov.sd
361.  
362.  
363.  
364. Reversing IP With HackTarget 'audit.gov.sd'
365. ----------------------------------------------
366.  
367. [+] 138.128.160.2
368. [+] aacpd.org
369. [+] aayan.com.qa
370. [+] abanos.net
371. [+] abdeenandco.com
372. [+] adding-sd.com
373. [+] advocatemakki.com
374. [+] adyagroup.net
375. [+] agrogate-holdings.com
376. [+] ahqsudan.com
377. [+] alanfalgroup.com
378. [+] alanfaljabra.com
379. [+] albadaael.com
380. [+] albarakafinancial.com
381. [+] alfala.com
382. [+] alitimadgroup.com
383. [+] aljazeerabank.com.sd
384. [+] almadadgroup.com
385. [+] almamoonoil.com
386. [+] aloaloa.com
387. [+] alomergroup.com
388. [+] alrawabi.yassirkambalgroup.com
389. [+] alsundusiamedical.com
390. [+] alwatanyia.com
391. [+] alwathbagroup.com
392. [+] alzawaya-medical.com
393. [+] anpm.co
394. [+] aou.edu.sd
395. [+] apg-sd.com
396. [+] app.advocatemakki.com
397. [+] apple-login.org.rakhie.net
398. [+] arabiawork.com
399. [+] arech.apg-sd.com
400. [+] arenboutique.com
401. [+] ariabmining.net
402. [+] ar.nileuniversity-edu.com
403. [+] aseel.yassirkambalgroup.com
404. [+] aseelcomplex.yassirkambalgroup.com
405. [+] ashrafelsharif.com
406. [+] audit.gov.sd
407. [+] badawi.alzawaya-medical.com
408. [+] bajrawiafab.com
409. [+] bargos.apg-sd.com
410. [+] basma-ocf.org
411. [+] beautyconceptlounge.com
412. [+] benzcenter.net
413. [+] berigdar.berigdargroup.com
414. [+] berigdar.com
415. [+] berigdargroup.com
416. [+] berimalegal.com
417. [+] bivetsud.com
418. [+] bmcproject.net
419. [+] brandavenue.net
420. [+] casiexpress.net
421. [+] cctctraining.com
422. [+] citi.online.yam-cdc.com
423. [+] clarionlaserclinic.ie
424. [+] click.sd
425. [+] clickgrafix.co
426. [+] clicksd.info
427. [+] click-grafix.com
428. [+] codon-med.com
429. [+] conference.sudanesephysicians.org
430. [+] cpanel.aacpd.org
431. [+] cpanel.aayan.com.qa
432. [+] cpanel.abanos.net
433. [+] cpanel.abdeenandco.com
434. [+] cpanel.adyagroup.net
435. [+] cpanel.ahqsudan.com
436. [+] cpanel.alanfalgroup.com
437. [+] cpanel.alanfaljabra.com
438. [+] cpanel.albadaael.com
439. [+] cpanel.albarakafinancial.com
440. [+] cpanel.alfala.com
441. [+] cpanel.alitimadgroup.com
442. [+] cpanel.almadadgroup.com
443. [+] cpanel.almamoonoil.com
444. [+] cpanel.aloaloa.com
445. [+] cpanel.alomergroup.com
446. [+] cpanel.alsundusiamedical.com
447. [+] cpanel.alwatanyia.com
448. [+] cpanel.alwathbagroup.com
449. [+] cpanel.anpm.co
450. [+] cpanel.ariabmining.net
451. [+] cpanel.ashrafelsharif.com
452. [+] cpanel.bajrawiafab.com
453. [+] cpanel.beautyconceptlounge.com
454. [+] cpanel.benzcenter.net
455. [+] cpanel.berigdargroup.com
456. [+] cpanel.berigdar.com
457. [+] cpanel.berimalegal.com
458. [+] cpanel.bivetsud.com
459. [+] cpanel.bmcproject.net
460. [+] cpanel.brandavenue.net
461. [+] cpanel.casiexpress.net
462. [+] cpanel.cctctraining.com
463. [+] cpanel.clarionlaserclinic.ie
464. [+] cpanel.clickgrafix.co
465. [+] cpanel.clicksd.info
466. [+] cpanel.dallahpharma.net
467. [+] cpanel.dandaradentalcenter.com
468. [+] cpanel.difafvillage.com
469. [+] cpanel.dirnour.com
470. [+] cpanel.ecogroupsd.com
471. [+] cpanel.eims.ae
472. [+] cpanel.elgadal.com
473. [+] cpanel.elitihadlogistics.com
474. [+] cpanel.elprincesudan.com
475. [+] cpanel.eltagtrading.com
476. [+] cpanel.emitradingco.com
477. [+] cpanel.fasrc.org
478. [+] cpanel.forwomenbywomen.org
479. [+] cpanel.gdsudan.com
480. [+] cpanel.giadservices.com
481. [+] cpanel.higleig.com
482. [+] cpanel.hishamkarouri.com
483. [+] cpanel.hopemedicalsd.com
484. [+] cpanel.ideagp.com
485. [+] cpanel.indonileexport.com
486. [+] cpanel.indonile.com
487. [+] cpanel.ingawetrading.com
488. [+] cpanel.jubaauto.com
489. [+] cpanel.ktcesudan.com
490. [+] cpanel.ladconsult.com
491. [+] cpanel.lanjico.com
492. [+] cpanel.lowcosttravelcenter.com
493. [+] cpanel.lulamab.com
494. [+] cpanel.lunatusmed.com
495. [+] cpanel.mahgoubsons.com
496. [+] cpanel.mamedmedical.com
497. [+] cpanel.marwacoenterprises.com
498. [+] cpanel.medanico.com
499. [+] cpanel.mieragspace.com
500. [+] cpanel.moontrade.net
501. [+] cpanel.mssmanal.com
502. [+] cpanel.mudalala.qa
503. [+] cpanel.musanadaholding.com
504. [+] cpanel.nagi.photo
505. [+] cpanel.nilecement.org
506. [+] cpanel.nisosd.com
507. [+] cpanel.niss.tech
508. [+] cpanel.nlicfinance.com
509. [+] cpanel.npetroleum.com
510. [+] cpanel.nuspetro.com
511. [+] cpanel.olgaecs.com
512. [+] cpanel.osamaalgadee.com
513. [+] cpanel.pawfreight.com
514. [+] cpanel.petroall.net
515. [+] cpanel.radmedco.com
516. [+] cpanel.raheeg.com
517. [+] cpanel.rakhie.net
518. [+] cpanel.rcctsd.com
519. [+] cpanel.rocketeng.net
520. [+] cpanel.sabintod.com
521. [+] cpanel.sangsl.com
522. [+] cpanel.scmsltd.com
523. [+] cpanel.senahypermarket.com
524. [+] cpanel.shakak.org
525. [+] cpanel.shirouqpaints.net
526. [+] cpanel.shoyum.com
527. [+] cpanel.sinnarshipping.com
528. [+] cpanel.skhcsudan.com
529. [+] cpanel.smacosd.com
530. [+] cpanel.srptechnology.com
531. [+] cpanel.stiltgroup.org
532. [+] cpanel.sudanbcisd.net
533. [+] cpanel.sudanesephysicians.org
534. [+] cpanel.sudanpile.com
535. [+] cpanel.sudanwork.com
536. [+] cpanel.tawakolmedical.com
537. [+] cpanel.tawseelsudan.com
538. [+] cpanel.tbmlawfirm.com
539. [+] cpanel.tharjatheng.com
540. [+] cpanel.transways.ae
541. [+] cpanel.tstmatjar.com
542. [+] cpanel.vittoriopierino.com
543. [+] cpanel.wgarasud.com
544. [+] cpanel.yasminycl.com
545. [+] cpanel.yassirkambalgroup.com
546. [+] cpanel.yathribyp.com
547. [+] cpanel.zawayabricks.com
548. [+] cpanel.adding-sd.com
549. [+] cpanel.agrogate-holdings.com
550. [+] cpanel.alzawaya-medical.com
551. [+] cpanel.apg-sd.com
552. [+] cpanel.basma-ocf.org
553. [+] cpanel.click-grafix.com
554. [+] cpanel.codon-med.com
555. [+] cpanel.crimsonlights-sd.com
556. [+] cpanel.das-diesel.com
557. [+] cpanel.elmohandis-paints.com
558. [+] cpanel.etegahat-ap.com
559. [+] cpanel.extra-pharma.com
560. [+] cpanel.farha-sd.com
561. [+] cpanel.flynas-sudan.com
562. [+] cpanel.focusschool-sd.com
563. [+] cpanel.geocad-sd.com
564. [+] cpanel.gladiator-bdc.com
565. [+] cpanel.gpo-sd.com
566. [+] cpanel.hamza-farm.com
567. [+] cpanel.hcs-sd.com
568. [+] cpanel.ideal-sdn.com
569. [+] cpanel.khartoum-int.net
570. [+] cpanel.kmc-sd.com
571. [+] cpanel.maak-sd.com
572. [+] cpanel.manar-group.com
573. [+] cpanel.mechatronic-sd.com
574. [+] cpanel.medicare-sd.com
575. [+] cpanel.medpharma-sd.com
576. [+] cpanel.nileuniversity-edu.com
577. [+] cpanel.numberone-sd.com
578. [+] cpanel.oit-sd.com
579. [+] cpanel.osool-sd.com
580. [+] cpanel.paradisehotels-sd.com
581. [+] cpanel.pts-sd.com
582. [+] cpanel.rittal-sd.com
583. [+] cpanel.skyart-sd.com
584. [+] cpanel.soed-sd.org
585. [+] cpanel.summit-schools.com
586. [+] cpanel.supergeneral-sd.com
587. [+] cpanel.tanglewood-sd.com
588. [+] cpanel.whitewaters-sd.com
589. [+] cpanel.yam-cdc.com
590. [+] crimsonlights-sd.com
591. [+] dallahpharma.alwathbagroup.com
592. [+] dallahpharma.net
593. [+] dandaradentalcenter.com
594. [+] das-diesel.com
595. [+] design.alwatanyia.com
596. [+] difafvillage.com
597. [+] digitalmarketingafrica.net
598. [+] dindir.higleig.com
599. [+] dirnour.com
600. [+] dps.com.sd
601. [+] easyhotel.advocatemakki.com
602. [+] ecogroupsd.com
603. [+] edge.ideagp.com
604. [+] eims.ae
605. [+] elgadal.com
606. [+] elitihadlogistics.com
607. [+] elmohandis-paints.com
608. [+] elprincesudan.com
609. [+] eltagtrading.com
610. [+] emitradingco.com
611. [+] engcouncil.sd
612. [+] etegahat-ap.com
613. [+] exams.nileuniversity-edu.com
614. [+] extra-pharma.com
615. [+] farha-sd.com
616. [+] farha-sd.tanglewood-sd.com
617. [+] fasrc.org
618. [+] flynas-sudan.com
619. [+] focusschool-sd.com
620. [+] forwomenbywomen.org
621. [+] fresh.yassirkambalgroup.com
622. [+] gadc01.goldenarrow.sd
623. [+] gdsudan.com
624. [+] geocad-sd.com
625. [+] giadservices.com
626. [+] gladiator-bdc.com
627. [+] goldenarrow.sd
628. [+] gpo-sd.com
629. [+] green.yassirkambalgroup.com
630. [+] hamza-farm.com
631. [+] hcs-sd.com
632. [+] higleig.com
633. [+] hopemedicalsd.com
634. [+] ideagp.com
635. [+] ideal-sdn.com
636. [+] iec.gov.sd
637. [+] indonile.com
638. [+] indonileexport.com
639. [+] ingawetrading.com
640. [+] it.alanfalgroup.com
641. [+] jubaauto.com
642. [+] kambalexport.com
643. [+] khartoum-int.net
644. [+] khmedical.edu.sd
645. [+] kmc-sd.com
646. [+] ktcesudan.com
647. [+] ladconsult.com
648. [+] lanjico.com
649. [+] lowcosttravelcenter.com
650. [+] lulamab.com
651. [+] lunatusmed.com
652. [+] mahgoubsons.com
653. [+] mail.pawfreight.com
654. [+] mamedmedical.com
655. [+] manar-group.com
656. [+] marwacoenterprises.com
657. [+] mdisam.paradisehotels-sd.com
658. [+] mechatronic-sd.com
659. [+] med.gov.sd
660. [+] medanico.com
661. [+] medicare-sd.com
662. [+] medpharma-sd.com
663. [+] mieragspace.com
664. [+] milestonesd.com
665. [+] mohe.gov.sd
666. [+] moodle.nileuniversity-edu.com
667. [+] moontrade.net
668. [+] mssmanal.com
669. [+] mudalala.qa
670. [+] musanadaholding.com
671. [+] nagi.photo
672. [+] nilecement.org
673. [+] nileuniversity-edu.com
674. [+] nisosd.com
675. [+] niss.tech
676. [+] nlicfinance.com
677. [+] npetroleum.com
678. [+] numberone-sd.com
679. [+] nuspetro.com
680. [+] oau.edu.sd
681. [+] oit-sd.com
682. [+] olgaecs.com
683. [+] omiga.yassirkambalgroup.com
684. [+] openskies247.com
685. [+] osamaalgadee.com
686. [+] osool-sd.com
687. [+] owner.advocatemakki.com
688. [+] paradisehotels-sd.com
689. [+] pawfreight.com
690. [+] petroall.net
691. [+] portal.iec.gov.sd
692. [+] powerblue.yassirkambalgroup.com
693. [+] pts-sd.com
694. [+] radmedco.com
695. [+] raheeg.com
696. [+] rakhie.net
697. [+] rcctsd.com
698. [+] reports.lowcosttravelcenter.com
699. [+] rikaz.sd
700. [+] rittal-sd.com
701. [+] rocketeng.net
702. [+] rotana.mechatronic-sd.com
703. [+] sabintod.com
704. [+] saliglobal.org
705. [+] sangsl.com
706. [+] saria.sd
707. [+] sarrealways.com
708. [+] saudisb.sd
709. [+] scmsltd.com
710. [+] secure-paypal.org.rakhie.net
711. [+] senahypermarket.com
712. [+] server2.click-grafix.com
713. [+] server.click-grafix.com
714. [+] sgsuae.com
715. [+] shakak.org
716. [+] shirouqpaints.net
717. [+] shoyum.com
718. [+] sidcotel.sd
719. [+] sinnarshipping.com
720. [+] skhcsudan.com
721. [+] skyart-sd.com
722. [+] smacosd.com
723. [+] soed-sd.org
724. [+] sonic.yassirkambalgroup.com
725. [+] srptechnology.com
726. [+] ssia.sd
727. [+] stiltgroup.org
728. [+] students.nileuniversity-edu.com
729. [+] sudanbcisd.net
730. [+] sudanesephysicians.org
731. [+] sudanpile.com
732. [+] sudanports.gov.sd
733. [+] sudanwork.com
734. [+] sudapet.sd
735. [+] sudapost.sd
736. [+] summit-schools.com
737. [+] supergeneral-sd.com
738. [+] tadamonbank-sd.com
739. [+] talawiet.org.sd
740. [+] tanglewood-sd.com
741. [+] tawakolmedical.com
742. [+] tbmlawfirm.com
743. [+] test.almamoonoil.com
744. [+] test.mechatronic-sd.com
745. [+] tharjatheng.com
746. [+] tpsudan.gov.sd
747. [+] transways.ae
748. [+] tstmatjar.com
749. [+] vittoriopierino.com
750. [+] webdisk.aacpd.org
751. [+] webdisk.aayan.com.qa
752. [+] webdisk.abanos.net
753. [+] webdisk.abdeenandco.com
754. [+] webdisk.advocatemakki.com
755. [+] webdisk.adyagroup.net
756. [+] webdisk.ahqsudan.com
757. [+] webdisk.alanfalgroup.com
758. [+] webdisk.alanfaljabra.com
759. [+] webdisk.albadaael.com
760. [+] webdisk.albarakafinancial.com
761. [+] webdisk.alfala.com
762. [+] webdisk.alitimadgroup.com
763. [+] webdisk.almadadgroup.com
764. [+] webdisk.almamoonoil.com
765. [+] webdisk.aloaloa.com
766. [+] webdisk.alomergroup.com
767. [+] webdisk.alsundusiamedical.com
768. [+] webdisk.alwatanyia.com
769. [+] webdisk.alwathbagroup.com
770. [+] webdisk.anpm.co
771. [+] webdisk.arenboutique.com
772. [+] webdisk.ariabmining.net
773. [+] webdisk.ashrafelsharif.com
774. [+] webdisk.bajrawiafab.com
775. [+] webdisk.beautyconceptlounge.com
776. [+] webdisk.benzcenter.net
777. [+] webdisk.berigdargroup.com
778. [+] webdisk.berigdar.com
779. [+] webdisk.berimalegal.com
780. [+] webdisk.bivetsud.com
781. [+] webdisk.bmcproject.net
782. [+] webdisk.brandavenue.net
783. [+] webdisk.casiexpress.net
784. [+] webdisk.cctctraining.com
785. [+] webdisk.clarionlaserclinic.ie
786. [+] webdisk.clickgrafix.co
787. [+] webdisk.clicksd.info
788. [+] webdisk.dallahpharma.net
789. [+] webdisk.dandaradentalcenter.com
790. [+] webdisk.difafvillage.com
791. [+] webdisk.dirnour.com
792. [+] webdisk.ecogroupsd.com
793. [+] webdisk.eims.ae
794. [+] webdisk.elgadal.com
795. [+] webdisk.elitihadlogistics.com
796. [+] webdisk.elprincesudan.com
797. [+] webdisk.eltagtrading.com
798. [+] webdisk.emitradingco.com
799. [+] webdisk.fasrc.org
800. [+] webdisk.forwomenbywomen.org
801. [+] webdisk.gdsudan.com
802. [+] webdisk.giadservices.com
803. [+] webdisk.higleig.com
804. [+] webdisk.hishamkarouri.com
805. [+] webdisk.hopemedicalsd.com
806. [+] webdisk.ideagp.com
807. [+] webdisk.indonileexport.com
808. [+] webdisk.indonile.com
809. [+] webdisk.ingawetrading.com
810. [+] webdisk.jubaauto.com
811. [+] webdisk.ktcesudan.com
812. [+] webdisk.ladconsult.com
813. [+] webdisk.lanjico.com
814. [+] webdisk.lowcosttravelcenter.com
815. [+] webdisk.lulamab.com
816. [+] webdisk.lunatusmed.com
817. [+] webdisk.mahgoubsons.com
818. [+] webdisk.mamedmedical.com
819. [+] webdisk.marwacoenterprises.com
820. [+] webdisk.medanico.com
821. [+] webdisk.mieragspace.com
822. [+] webdisk.moontrade.net
823. [+] webdisk.mssmanal.com
824. [+] webdisk.mudalala.qa
825. [+] webdisk.musanadaholding.com
826. [+] webdisk.nagi.photo
827. [+] webdisk.nilecement.org
828. [+] webdisk.nisosd.com
829. [+] webdisk.niss.tech
830. [+] webdisk.nlicfinance.com
831. [+] webdisk.npetroleum.com
832. [+] webdisk.nuspetro.com
833. [+] webdisk.olgaecs.com
834. [+] webdisk.osamaalgadee.com
835. [+] webdisk.pawfreight.com
836. [+] webdisk.petroall.net
837. [+] webdisk.radmedco.com
838. [+] webdisk.raheeg.com
839. [+] webdisk.rakhie.net
840. [+] webdisk.rcctsd.com
841. [+] webdisk.rocketeng.net
842. [+] webdisk.sabintod.com
843. [+] webdisk.sangsl.com
844. [+] webdisk.scmsltd.com
845. [+] webdisk.senahypermarket.com
846. [+] webdisk.shakak.org
847. [+] webdisk.shirouqpaints.net
848. [+] webdisk.shoyum.com
849. [+] webdisk.sinnarshipping.com
850. [+] webdisk.skhcsudan.com
851. [+] webdisk.smacosd.com
852. [+] webdisk.srptechnology.com
853. [+] webdisk.stiltgroup.org
854. [+] webdisk.sudanbcisd.net
855. [+] webdisk.sudanesephysicians.org
856. [+] webdisk.sudanpile.com
857. [+] webdisk.sudanwork.com
858. [+] webdisk.tawakolmedical.com
859. [+] webdisk.tawseelsudan.com
860. [+] webdisk.tbmlawfirm.com
861. [+] webdisk.tharjatheng.com
862. [+] webdisk.transways.ae
863. [+] webdisk.tstmatjar.com
864. [+] webdisk.vittoriopierino.com
865. [+] webdisk.wgarasud.com
866. [+] webdisk.yasminycl.com
867. [+] webdisk.yassirkambalgroup.com
868. [+] webdisk.yathribyp.com
869. [+] webdisk.zawayabricks.com
870. [+] webdisk.adding-sd.com
871. [+] webdisk.agrogate-holdings.com
872. [+] webdisk.alzawaya-medical.com
873. [+] webdisk.apg-sd.com
874. [+] webdisk.basma-ocf.org
875. [+] webdisk.click-grafix.com
876. [+] webdisk.codon-med.com
877. [+] webdisk.crimsonlights-sd.com
878. [+] webdisk.das-diesel.com
879. [+] webdisk.elmohandis-paints.com
880. [+] webdisk.etegahat-ap.com
881. [+] webdisk.extra-pharma.com
882. [+] webdisk.farha-sd.com
883. [+] webdisk.flynas-sudan.com
884. [+] webdisk.focusschool-sd.com
885. [+] webdisk.geocad-sd.com
886. [+] webdisk.gladiator-bdc.com
887. [+] webdisk.gpo-sd.com
888. [+] webdisk.hamza-farm.com
889. [+] webdisk.hcs-sd.com
890. [+] webdisk.ideal-sdn.com
891. [+] webdisk.khartoum-int.net
892. [+] webdisk.kmc-sd.com
893. [+] webdisk.maak-sd.com
894. [+] webdisk.manar-group.com
895. [+] webdisk.mechatronic-sd.com
896. [+] webdisk.medicare-sd.com
897. [+] webdisk.medpharma-sd.com
898. [+] webdisk.nileuniversity-edu.com
899. [+] webdisk.numberone-sd.com
900. [+] webdisk.oit-sd.com
901. [+] webdisk.osool-sd.com
902. [+] webdisk.paradisehotels-sd.com
903. [+] webdisk.pts-sd.com
904. [+] webdisk.rittal-sd.com
905. [+] webdisk.skyart-sd.com
906. [+] webdisk.soed-sd.org
907. [+] webdisk.summit-schools.com
908. [+] webdisk.supergeneral-sd.com
909. [+] webdisk.tanglewood-sd.com
910. [+] webdisk.whitewaters-sd.com
911. [+] webdisk.yam-cdc.com
912. [+] webmail.aacpd.org
913. [+] webmail.aayan.com.qa
914. [+] webmail.abanos.net
915. [+] webmail.abdeenandco.com
916. [+] webmail.advocatemakki.com
917. [+] webmail.adyagroup.net
918. [+] webmail.ahqsudan.com
919. [+] webmail.alanfalgroup.com
920. [+] webmail.alanfaljabra.com
921. [+] webmail.albadaael.com
922. [+] webmail.albarakafinancial.com
923. [+] webmail.alfala.com
924. [+] webmail.alitimadgroup.com
925. [+] webmail.almadadgroup.com
926. [+] webmail.almamoonoil.com
927. [+] webmail.aloaloa.com
928. [+] webmail.alomergroup.com
929. [+] webmail.alsundusiamedical.com
930. [+] webmail.alwatanyia.com
931. [+] webmail.alwathbagroup.com
932. [+] webmail.anpm.co
933. [+] webmail.arenboutique.com
934. [+] webmail.ariabmining.net
935. [+] webmail.ashrafelsharif.com
936. [+] webmail.bajrawiafab.com
937. [+] webmail.beautyconceptlounge.com
938. [+] webmail.benzcenter.net
939. [+] webmail.berigdargroup.com
940. [+] webmail.berigdar.com
941. [+] webmail.berimalegal.com
942. [+] webmail.bivetsud.com
943. [+] webmail.bmcproject.net
944. [+] webmail.brandavenue.net
945. [+] webmail.casiexpress.net
946. [+] webmail.cctctraining.com
947. [+] webmail.clarionlaserclinic.ie
948. [+] webmail.clickgrafix.co
949. [+] webmail.clicksd.info
950. [+] webmail.dallahpharma.net
951. [+] webmail.dandaradentalcenter.com
952. [+] webmail.difafvillage.com
953. [+] webmail.ecogroupsd.com
954. [+] webmail.eims.ae
955. [+] webmail.elgadal.com
956. [+] webmail.elitihadlogistics.com
957. [+] webmail.elprincesudan.com
958. [+] webmail.eltagtrading.com
959. [+] webmail.emitradingco.com
960. [+] webmail.fasrc.org
961. [+] webmail.forwomenbywomen.org
962. [+] webmail.gdsudan.com
963. [+] webmail.giadservices.com
964. [+] webmail.higleig.com
965. [+] webmail.hishamkarouri.com
966. [+] webmail.hopemedicalsd.com
967. [+] webmail.ideagp.com
968. [+] webmail.indonileexport.com
969. [+] webmail.indonile.com
970. [+] webmail.ingawetrading.com
971. [+] webmail.jubaauto.com
972. [+] webmail.ktcesudan.com
973. [+] webmail.ladconsult.com
974. [+] webmail.lanjico.com
975. [+] webmail.lowcosttravelcenter.com
976. [+] webmail.lulamab.com
977. [+] webmail.lunatusmed.com
978. [+] webmail.mahgoubsons.com
979. [+] webmail.mamedmedical.com
980. [+] webmail.marwacoenterprises.com
981. [+] webmail.medanico.com
982. [+] webmail.mieragspace.com
983. [+] webmail.moontrade.net
984. [+] webmail.mssmanal.com
985. [+] webmail.mudalala.qa
986. [+] webmail.musanadaholding.com
987. [+] webmail.nagi.photo
988. [+] webmail.nilecement.org
989. [+] webmail.nisosd.com
990. [+] webmail.niss.tech
991. [+] webmail.nlicfinance.com
992. [+] webmail.npetroleum.com
993. [+] webmail.nuspetro.com
994. [+] webmail.olgaecs.com
995. [+] webmail.osamaalgadee.com
996. [+] webmail.pawfreight.com
997. [+] webmail.petroall.net
998. [+] webmail.radmedco.com
999. [+] webmail.raheeg.com
1000. [+] webmail.rakhie.net
1001. [+] webmail.rcctsd.com
1002. [+] webmail.rocketeng.net
1003. [+] webmail.sabintod.com
1004. [+] webmail.sangsl.com
1005. [+] webmail.scmsltd.com
1006. [+] webmail.senahypermarket.com
1007. [+] webmail.shakak.org
1008. [+] webmail.shirouqpaints.net
1009. [+] webmail.shoyum.com
1010. [+] webmail.sinnarshipping.com
1011. [+] webmail.skhcsudan.com
1012. [+] webmail.smacosd.com
1013. [+] webmail.srptechnology.com
1014. [+] webmail.stiltgroup.org
1015. [+] webmail.sudanbcisd.net
1016. [+] webmail.sudanesephysicians.org
1017. [+] webmail.sudanpile.com
1018. [+] webmail.sudanwork.com
1019. [+] webmail.tawakolmedical.com
1020. [+] webmail.tawseelsudan.com
1021. [+] webmail.tbmlawfirm.com
1022. [+] webmail.tharjatheng.com
1023. [+] webmail.transways.ae
1024. [+] webmail.tstmatjar.com
1025. [+] webmail.vittoriopierino.com
1026. [+] webmail.wgarasud.com
1027. [+] webmail.yasminycl.com
1028. [+] webmail.yassirkambalgroup.com
1029. [+] webmail.yathribyp.com
1030. [+] webmail.zawayabricks.com
1031. [+] webmail.adding-sd.com
1032. [+] webmail.agrogate-holdings.com
1033. [+] webmail.alzawaya-medical.com
1034. [+] webmail.apg-sd.com
1035. [+] webmail.basma-ocf.org
1036. [+] webmail.click-grafix.com
1037. [+] webmail.codon-med.com
1038. [+] webmail.crimsonlights-sd.com
1039. [+] webmail.das-diesel.com
1040. [+] webmail.elmohandis-paints.com
1041. [+] webmail.etegahat-ap.com
1042. [+] webmail.extra-pharma.com
1043. [+] webmail.farha-sd.com
1044. [+] webmail.flynas-sudan.com
1045. [+] webmail.focusschool-sd.com
1046. [+] webmail.geocad-sd.com
1047. [+] webmail.gladiator-bdc.com
1048. [+] webmail.gpo-sd.com
1049. [+] webmail.hamza-farm.com
1050. [+] webmail.hcs-sd.com
1051. [+] webmail.ideal-sdn.com
1052. [+] webmail.khartoum-int.net
1053. [+] webmail.kmc-sd.com
1054. [+] webmail.maak-sd.com
1055. [+] webmail.manar-group.com
1056. [+] webmail.mechatronic-sd.com
1057. [+] webmail.medicare-sd.com
1058. [+] webmail.medpharma-sd.com
1059. [+] webmail.nileuniversity-edu.com
1060. [+] webmail.numberone-sd.com
1061. [+] webmail.oit-sd.com
1062. [+] webmail.osool-sd.com
1063. [+] webmail.paradisehotels-sd.com
1064. [+] webmail.pts-sd.com
1065. [+] webmail.rittal-sd.com
1066. [+] webmail.skyart-sd.com
1067. [+] webmail.soed-sd.org
1068. [+] webmail.summit-schools.com
1069. [+] webmail.supergeneral-sd.com
1070. [+] webmail.tanglewood-sd.com
1071. [+] webmail.whitewaters-sd.com
1072. [+] webmail.yam-cdc.com
1073. [+] westvilledevelopers.co.za
1074. [+] wgarasud.com
1075. [+] whitewaters-sd.com
1076. [+] whm.click-grafix.com
1077. [+] wre.gov.sd
1078. [+] www.alrawabi.yassirkambalgroup.com
1079. [+] www.app.advocatemakki.com
1080. [+] www.aseelcomplex.yassirkambalgroup.com
1081. [+] www.aseel.yassirkambalgroup.com
1082. [+] www.berigdar.berigdargroup.com
1083. [+] www.conference.sudanesephysicians.org
1084. [+] www.dallahpharma.alwathbagroup.com
1085. [+] www.design.alwatanyia.com
1086. [+] www.dindir.higleig.com
1087. [+] www.easyhotel.advocatemakki.com
1088. [+] www.edge.ideagp.com
1089. [+] www.fresh.yassirkambalgroup.com
1090. [+] www.green.yassirkambalgroup.com
1091. [+] www.it.alanfalgroup.com
1092. [+] www.mahgoubsons.com
1093. [+] www.mail.pawfreight.com
1094. [+] www.omiga.yassirkambalgroup.com
1095. [+] www.owner.advocatemakki.com
1096. [+] www.powerblue.yassirkambalgroup.com
1097. [+] www.reports.lowcosttravelcenter.com
1098. [+] www.sonic.yassirkambalgroup.com
1099. [+] www.test.almamoonoil.com
1100. [+] www.apple-login.org.rakhie.net
1101. [+] www.arech.apg-sd.com
1102. [+] www.ar.nileuniversity-edu.com
1103. [+] www.badawi.alzawaya-medical.com
1104. [+] www.bargos.apg-sd.com
1105. [+] www.citi.online.yam-cdc.com
1106. [+] www.exams.nileuniversity-edu.com
1107. [+] www.farha-sd.tanglewood-sd.com
1108. [+] www.mdisam.paradisehotels-sd.com
1109. [+] www.moodle.nileuniversity-edu.com
1110. [+] www.rotana.mechatronic-sd.com
1111. [+] www.secure-paypal.org.rakhie.net
1112. [+] www.students.nileuniversity-edu.com
1113. [+] www.test.mechatronic-sd.com
1114. [+] yam-cdc.com
1115. [+] yasminycl.com
1116. [+] yassirkambalgroup.com
1117. [+] yathribyp.com
1118. [+] zawayabricks.com
1119. #######################################################################################################################################
1120.  
1121.  
1122. Reverse IP With YouGetSignal 'audit.gov.sd'
1123. ----------------------------------------------
1124.  
1125. [*] IP: 138.128.160.2
1126. [*] Domain: audit.gov.sd
1127. [*] Total Domains: 51
1128.  
1129. [+] aayan.com.qa
1130. [+] adding-sd.com
1131. [+] alfala.com
1132. [+] aljazeerabank.com.sd
1133. [+] aloaloa.com
1134. [+] aou.edu.sd
1135. [+] apg-sd.com
1136. [+] audit.gov.sd
1137. [+] bajafar.sd
1138. [+] benzcenter.net
1139. [+] click.sd
1140. [+] cm.sd
1141. [+] cpd.gov.sd
1142. [+] eims.ae
1143. [+] engcouncil.sd
1144. [+] giadservices.com
1145. [+] gpo-sd.com
1146. [+] iec.gov.sd
1147. [+] indonileexport.com
1148. [+] khairport.gov.sd
1149. [+] khmedical.edu.sd
1150. [+] mofdgoia.gov.sd
1151. [+] mohe.gov.sd
1152. [+] mssmanal.com
1153. [+] nileuniversity-edu.com
1154. [+] oau.edu.sd
1155. [+] petroall.net
1156. [+] sahl.gov.sd
1157. [+] sdac.gov.sd
1158. [+] sidcotel.sd
1159. [+] ssia.sd
1160. [+] sudafast.edu.sd
1161. [+] sudan.gov.sd
1162. [+] sudanap.org
1163. [+] sudanconsumers.org
1164. [+] sudanports.gov.sd
1165. [+] sudapet.sd
1166. [+] sudapost.sd
1167. [+] tpsudan.gov.sd
1168. [+] wre.gov.sd
1169. [+] www.aljazeerabank.com.sd
1170. [+] www.cpd.gov.sd
1171. [+] www.dandaradentalcenter.com
1172. [+] www.goldenarrow.sd
1173. [+] www.iec.gov.sd
1174. [+] www.khmedical.edu.sd
1175. [+] www.mohe.gov.sd
1176. [+] www.studentwelfare.sd
1177. [+] www.sudan.gov.sd
1178. [+] www.sudapet.sd
1179. [+] www.tararealestate.sd
1180. #######################################################################################################################################
1181.  
1182.  
1183. Geo IP Lookup 'audit.gov.sd'
1184. -------------------------------
1185.  
1186. [+] IP Address: 138.128.160.2
1187. [+] Country: United States
1188. [+] State: Florida
1189. [+] City: Orlando
1190. [+] Latitude: 28.5807
1191. [+] Longitude: -81.1893
1192. #######################################################################################################################################
1193.  
1194.  
1195.  
1196.  
1197. Bypass Cloudflare 'audit.gov.sd'
1198. -----------------------------------
1199.  
1200. [!] CloudFlare Bypass 138.128.160.2 | ftp.audit.gov.sd
1201. [!] CloudFlare Bypass 138.128.160.2 | cpanel.audit.gov.sd
1202. [!] CloudFlare Bypass 138.128.160.2 | webmail.audit.gov.sd
1203. [!] CloudFlare Bypass 127.0.0.1 | localhost.audit.gov.sd
1204. [!] CloudFlare Bypass 212.0.136.50 | mail.audit.gov.sd
1205. [!] CloudFlare Bypass 138.128.160.2 | www.audit.gov.sd
1206. #######################################################################################################################################
1207.  
1208.  
1209.  
1210. DNS Lookup 'audit.gov.sd'
1211. ----------------------------
1212.  
1213. [+] audit.gov.sd. 14399 IN MX 0 mail.audit.gov.sd.
1214. [+] audit.gov.sd. 21599 IN SOA ns1.click-grafix.com. karouri.gmail.com. 2019032105 3600 7200 1209600 86400
1215. [+] audit.gov.sd. 21599 IN NS ns1.click-grafix.com.
1216. [+] audit.gov.sd. 21599 IN NS ns2.click-grafix.com.
1217. [+] audit.gov.sd. 14399 IN A 138.128.160.2
1218. #######################################################################################################################################
1219.  
1220.  
1221.  
1222.  
1223.  
1224. Show HTTP Header 'audit.gov.sd'
1225. ----------------------------------
1226.  
1227. [+] HTTP/1.1 302 Moved Temporarily
1228. [+] Date: Sun, 30 Jun 2019 21:03:11 GMT
1229. [+] Server: Apache
1230. [+] X-Powered-By: PHP/5.6.40
1231. [+] Expires: Thu, 19 Nov 1981 08:52:00 GMT
1232. [+] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
1233. [+] Pragma: no-cache
1234. [+] X-Redirect-By: WordPress
1235. [+] Set-Cookie: PHPSESSID=pnh7e278e14s21t6vd87dtb8p4; path=/
1236. [+] Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:03:12 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
1237. [+] Location: http://audit.gov.sd/?lang=ar
1238. [+] Connection: close
1239. [+] Content-Type: text/html; charset=UTF-8
1240. #######################################################################################################################################
1241.  
1242.  
1243.  
1244. Port Scan 'audit.gov.sd'
1245. ---------------------------
1246.  
1247. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 21:03 UTC
1248. Nmap scan report for audit.gov.sd (138.128.160.2)
1249. Host is up (0.033s latency).
1250. rDNS record for 138.128.160.2: server.click-grafix.com
1251.  
1252. PORT STATE SERVICE
1253. 21/tcp open ftp
1254. 22/tcp closed ssh
1255. 23/tcp filtered telnet
1256. 80/tcp open http
1257. 110/tcp open pop3
1258. 143/tcp open imap
1259. 443/tcp open https
1260. 3389/tcp filtered ms-wbt-server
1261.  
1262. Nmap done: 1 IP address (1 host up) scanned in 1.92 seconds
1263. #######################################################################################################################################
1264.  
1265.  
1266.  
1267. Cms Scan 'audit.gov.sd'
1268. --------------------------
1269.  
1270. [+] Cms : WordPress
1271. [+] Web Servers : Apache
1272. [+] Programming Languages : PHP
1273. #######################################################################################################################################
1274.  
1275.  
1276.  
1277.  
1278. Robot.txt 'audit.gov.sd'
1279. ---------------------------
1280.  
1281. User-agent: *
1282. Disallow: /calendar/action~posterboard/
1283. Disallow: /calendar/action~agenda/
1284. Disallow: /calendar/action~oneday/
1285. Disallow: /calendar/action~month/
1286. Disallow: /calendar/action~week/
1287. Disallow: /calendar/action~stream/
1288. Disallow: /calendar/action~undefined/
1289. Disallow: /calendar/action~http:/
1290. Disallow: /calendar/action~default/
1291. Disallow: /calendar/action~poster/
1292. Disallow: /calendar/action~*/
1293. Disallow: /*controller=ai1ec_exporter_controller*
1294. Disallow: /*/action~*/
1295. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~posterboard/
1296. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~agenda/
1297. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~oneday/
1298. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~month/
1299. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~week/
1300. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~stream/
1301. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~undefined/
1302. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~http:/
1303. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~default/
1304. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~poster/
1305. Disallow: /%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~*/
1306. #######################################################################################################################################
1307.  
1308.  
1309. Traceroute 'audit.gov.sd'
1310. ----------------------------
1311.  
1312. Start: 2019-06-30T21:03:31+0000
1313. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
1314. 1.|-- 45.79.12.201 0.0% 3 0.7 0.8 0.7 1.0 0.2
1315. 2.|-- 45.79.12.0 0.0% 3 0.5 0.6 0.5 0.7 0.1
1316. 3.|-- 45.79.12.9 0.0% 3 8.2 3.2 0.6 8.2 4.3
1317. 4.|-- 199.245.16.65 0.0% 3 1.6 1.6 1.5 1.7 0.1
1318. 5.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
1319. 6.|-- ae-1-8.bar1.Orlando1.Level3.net 0.0% 3 33.9 34.0 33.9 34.0 0.0
1320. 7.|-- HOSTDIME.bar1.Orlando1.Level3.net 0.0% 3 35.4 35.5 35.4 35.5 0.1
1321. 8.|-- ae2.core2.mco.hostdime.com 0.0% 3 34.3 34.1 34.0 34.3 0.1
1322. 9.|-- server.click-grafix.com 0.0% 3 33.8 33.9 33.8 33.9 0.0
1323. #######################################################################################################################################
1324.  
1325.  
1326.  
1327.  
1328. Page Admin Finder 'audit.gov.sd'
1329. ---------------------------------------------------------------------------------------------------------------------------------------
1330.  
1331.  
1332.  
1333. Avilable Links :
1334.  
1335. Find Page >> http://audit.gov.sd/wp-login.php
1336. #######################################################################################################################################
1337. Trying "audit.gov.sd"
1338. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29276
1339. ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 2
1340.  
1341. ;; QUESTION SECTION:
1342. ;audit.gov.sd. IN ANY
1343.  
1344. ;; ANSWER SECTION:
1345. audit.gov.sd. 14400 IN A 138.128.160.2
1346. audit.gov.sd. 86400 IN SOA ns1.click-grafix.com. karouri.gmail.com. 2019032105 3600 7200 1209600 86400
1347. audit.gov.sd. 14400 IN MX 0 mail.audit.gov.sd.
1348. audit.gov.sd. 14400 IN NS ns2.click-grafix.com.
1349. audit.gov.sd. 14400 IN NS ns1.click-grafix.com.
1350.  
1351. ;; AUTHORITY SECTION:
1352. audit.gov.sd. 14400 IN NS ns2.click-grafix.com.
1353. audit.gov.sd. 14400 IN NS ns1.click-grafix.com.
1354.  
1355. ;; ADDITIONAL SECTION:
1356. ns2.click-grafix.com. 172800 IN A 138.128.160.4
1357. ns1.click-grafix.com. 172800 IN A 138.128.160.3
1358.  
1359. Received 229 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 398 ms
1360. #######################################################################################################################################
1361. ; <<>> DiG 9.11.5-P4-5.1-Debian <<>> +trace audit.gov.sd
1362. ;; global options: +cmd
1363. . 81436 IN NS d.root-servers.net.
1364. . 81436 IN NS m.root-servers.net.
1365. . 81436 IN NS k.root-servers.net.
1366. . 81436 IN NS a.root-servers.net.
1367. . 81436 IN NS j.root-servers.net.
1368. . 81436 IN NS b.root-servers.net.
1369. . 81436 IN NS g.root-servers.net.
1370. . 81436 IN NS h.root-servers.net.
1371. . 81436 IN NS e.root-servers.net.
1372. . 81436 IN NS c.root-servers.net.
1373. . 81436 IN NS i.root-servers.net.
1374. . 81436 IN NS f.root-servers.net.
1375. . 81436 IN NS l.root-servers.net.
1376. . 81436 IN RRSIG NS 8 0 518400 20190713170000 20190630160000 25266 . VB7S+BDIpeFGPW9gut9lRFVkC+X4VQ8vl43hXcRdqccS/ltPurUWh952 8ntwlNGfJiY5bTLA0+1WvP2GnMDZjZ7FVHm7BT6jAinXMzXr8f9Wds3n nCnTFfsNWc4pLjas46Pepcr39fg58mxmC8BRHADvkVLwK+CUj6ep+HW5 YXzyX8y06uiZSqO7R33g+3pBuIs8MbB6u2ws4AxtQLkFF7GMEO2A/mcp R7ZxAi0sGlRAQhU8rIs92I3YLC8DLbE0YbEcwJse6No6rArg3rkG4fnw /72IAKJ/v0W62Rwbub7/ybfZCN8BjI1OoRtkkTp5ZL4X1Sccqh8RTGT9 8h8N6Q==
1377. ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 115 ms
1378.  
1379. sd. 172800 IN NS ans1.canar.sd.
1380. sd. 172800 IN NS ns-sd.afrinic.net.
1381. sd. 172800 IN NS ans1.sis.sd.
1382. sd. 172800 IN NS sd.cctld.authdns.ripe.net.
1383. sd. 172800 IN NS ns2.uaenic.ae.
1384. sd. 172800 IN NS ans2.canar.sd.
1385. sd. 172800 IN NS ns1.uaenic.ae.
1386. sd. 86400 IN NSEC se. NS RRSIG NSEC
1387. sd. 86400 IN RRSIG NSEC 8 1 86400 20190713170000 20190630160000 25266 . Q3p9pjhj66y7GRqwdC28oPN79LInn/LIiWU5vRv937hjryvWWKB7l8EO QPkCi9sOGmAK9koYsa9wZG7djVy43mGdQe5slk2awPcjf6Y965ej/gNi k0A+qBv8tmRshksknN7S0n8b5tnc9yENP+es93CGTMFge0fU7bTZsaC+ WfBtc46L88kHBYFx5X76u5mKHqzmmbIXN2Vs/18InZu3pjLH3m95KZZo 1fTpZbIa2raKxdVX3+2A71NFNkXdfUeUQAjNny3BbhpQU21WYolUNumI Cyx+JOefMpzh31XyYvvV5L/B+soJfHDrq54942DyAvAQh0xn5lEfRqDj uy/KgA==
1388. ;; Received 699 bytes from 192.36.148.17#53(i.root-servers.net) in 118 ms
1389.  
1390. audit.gov.sd. 14400 IN NS ns1.click-grafix.com.
1391. audit.gov.sd. 14400 IN NS ns2.click-grafix.com.
1392. ;; Received 93 bytes from 196.29.180.14#53(ans1.canar.sd) in 248 ms
1393.  
1394. audit.gov.sd. 14400 IN A 138.128.160.2
1395. audit.gov.sd. 86400 IN NS ns1.click-grafix.com.
1396. audit.gov.sd. 86400 IN NS ns2.click-grafix.com.
1397. ;; Received 141 bytes from 138.128.160.3#53(ns1.click-grafix.com) in 225 ms
1398. #######################################################################################################################################
1399. [*] Performing General Enumeration of Domain: audit.gov.sd
1400. [-] DNSSEC is not configured for audit.gov.sd
1401. [*] SOA ns1.click-grafix.com 138.128.160.3
1402. [*] NS ns1.click-grafix.com 138.128.160.3
1403. [*] Bind Version for 138.128.160.3 9.9.4-RedHat-9.9.4-74.el7_6.1
1404. [*] NS ns2.click-grafix.com 138.128.160.4
1405. [*] Bind Version for 138.128.160.4 9.9.4-RedHat-9.9.4-74.el7_6.1
1406. [*] MX mail.audit.gov.sd 212.0.136.50
1407. [*] A audit.gov.sd 138.128.160.2
1408. [*] Enumerating SRV Records
1409. [-] No SRV Records Found for audit.gov.sd
1410. [+] 0 Records Found
1411. #######################################################################################################################################
1412. [*] Processing domain audit.gov.sd
1413. [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
1414. [+] Getting nameservers
1415. 138.128.160.3 - ns1.click-grafix.com
1416. 138.128.160.4 - ns2.click-grafix.com
1417. [-] Zone transfer failed
1418.  
1419. [+] MX records found, added to target list
1420. 0 mail.audit.gov.sd.
1421.  
1422. [*] Scanning audit.gov.sd for A records
1423. 138.128.160.2 - audit.gov.sd
1424. 138.128.160.2 - cpanel.audit.gov.sd
1425. 138.128.160.2 - ftp.audit.gov.sd
1426. 127.0.0.1 - localhost.audit.gov.sd
1427. 212.0.136.50 - mail.audit.gov.sd
1428. 138.128.160.2 - webmail.audit.gov.sd
1429. 138.128.160.2 - webdisk.audit.gov.sd
1430. 138.128.160.2 - whm.audit.gov.sd
1431. 138.128.160.2 - www.audit.gov.sd
1432. #######################################################################################################################################
1433. Ip Address Status Type Domain Name Server
1434. ---------- ------ ---- ----------- ------
1435. 138.128.160.2 200 host ftp.audit.gov.sd Apache
1436. 127.0.0.1 host localhost.audit.gov.sd
1437. 212.0.136.50 403 host mail.audit.gov.sd Microsoft-IIS/8.0
1438. 138.128.160.2 301 host webmail.audit.gov.sd Apache
1439. 138.128.160.2 302 alias www.audit.gov.sd Apache
1440. 138.128.160.2 302 host audit.gov.sd Apache
1441. #######################################################################################################################################
1442. [+] Testing domain
1443. www.audit.gov.sd 138.128.160.2
1444. [+] Dns resolving
1445. Domain name Ip address Name server
1446. audit.gov.sd 138.128.160.2 server.click-grafix.com
1447. Found 1 host(s) for audit.gov.sd
1448. [+] Testing wildcard
1449. Ok, no wildcard found.
1450.  
1451. [+] Scanning for subdomain on audit.gov.sd
1452. [!] Wordlist not specified. I scannig with my internal wordlist...
1453. Estimated time about 212.08 seconds
1454.  
1455. Subdomain Ip address Name server
1456.  
1457. ftp.audit.gov.sd 138.128.160.2 server.click-grafix.com
1458. localhost.audit.gov.sd 127.0.0.1 localhost
1459. mail.audit.gov.sd 212.0.136.50 mail.audit.gov.sd
1460. webmail.audit.gov.sd 138.128.160.2 server.click-grafix.com
1461. www.audit.gov.sd 138.128.160.2 server.click-grafix.com
1462.  
1463. #######################################################################################################################################
1464.  
1465.  
1466.  
1467. AVAILABLE PLUGINS
1468. -----------------
1469.  
1470. FallbackScsvPlugin
1471. HeartbleedPlugin
1472. RobotPlugin
1473. EarlyDataPlugin
1474. CertificateInfoPlugin
1475. SessionResumptionPlugin
1476. HttpHeadersPlugin
1477. OpenSslCipherSuitesPlugin
1478. CompressionPlugin
1479. SessionRenegotiationPlugin
1480. OpenSslCcsInjectionPlugin
1481.  
1482.  
1483.  
1484. CHECKING HOST(S) AVAILABILITY
1485. --------------------------------------------------------------------------------------------------------------------------------------
1486.  
1487. 138.128.160.2:443 => 138.128.160.2
1488.  
1489.  
1490.  
1491.  
1492. SCAN RESULTS FOR 138.128.160.2:443 - 138.128.160.2
1493. ---------------------------------------------------------------------------------------------------------------------------------------
1494.  
1495. * Downgrade Attacks:
1496. TLS_FALLBACK_SCSV: OK - Supported
1497.  
1498. * SSLV2 Cipher Suites:
1499. Server rejected all cipher suites.
1500.  
1501. * Session Renegotiation:
1502. Client-initiated Renegotiation: OK - Rejected
1503. Secure Renegotiation: OK - Supported
1504.  
1505. * Certificate Information:
1506. Content
1507. SHA1 Fingerprint: 416a957b5935e3d64c9c2ee76f20b970269e26a3
1508. Common Name: abaad.sd
1509. Issuer: abaad.sd
1510. Serial Number: 3967770698
1511. Not Before: 2017-08-12 11:26:16
1512. Not After: 2018-08-12 11:26:16
1513. Signature Algorithm: sha256
1514. Public Key Algorithm: RSA
1515. Key Size: 2048
1516. Exponent: 65537 (0x10001)
1517. DNS Subject Alternative Names: ['abaad.sd', 'mail.abaad.sd', 'www.abaad.sd']
1518.  
1519. Trust
1520. Hostname Validation: FAILED - Certificate does NOT match 138.128.160.2
1521. Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate
1522. iOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
1523. Java CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
1524. macOS CA Store (12, macOS 10.14, watchOS 5, and tvOS 12):FAILED - Certificate is NOT Trusted: self signed certificate
1525. Mozilla CA Store (2018-11-22): FAILED - Certificate is NOT Trusted: self signed certificate
1526. OPENJDK CA Store (jdk-11.0.2): FAILED - Certificate is NOT Trusted: self signed certificate
1527. Windows CA Store (2018-12-08): FAILED - Certificate is NOT Trusted: self signed certificate
1528. Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
1529. Received Chain: abaad.sd
1530. Verified Chain: ERROR - Could not build verified chain (certificate untrusted?)
1531. Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?)
1532. Received Chain Order: OK - Order is valid
1533. Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?)
1534.  
1535. Extensions
1536. OCSP Must-Staple: NOT SUPPORTED - Extension not found
1537. Certificate Transparency: NOT SUPPORTED - Extension not found
1538.  
1539. OCSP Stapling
1540. NOT SUPPORTED - Server did not send back an OCSP response
1541.  
1542. * OpenSSL CCS Injection:
1543. OK - Not vulnerable to OpenSSL CCS injection
1544.  
1545. * TLSV1_3 Cipher Suites:
1546. Server rejected all cipher suites.
1547.  
1548. * SSLV3 Cipher Suites:
1549. Server rejected all cipher suites.
1550.  
1551. * TLS 1.2 Session Resumption Support:
1552. With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
1553. With TLS Tickets: OK - Supported
1554.  
1555. * OpenSSL Heartbleed:
1556. OK - Not vulnerable to Heartbleed
1557.  
1558. * Deflate Compression:
1559. OK - Compression disabled
1560.  
1561. * TLSV1_1 Cipher Suites:
1562. Forward Secrecy OK - Supported
1563. RC4 OK - Not Supported
1564.  
1565. Preferred:
1566. None - Server followed client cipher suite preference.
1567. Accepted:
1568. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1569. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1570. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1571. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1572. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1573. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1574. TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1575. TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1576. TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1577.  
1578. * ROBOT Attack:
1579. OK - Not vulnerable
1580.  
1581. * TLSV1_2 Cipher Suites:
1582. Forward Secrecy OK - Supported
1583. RC4 OK - Not Supported
1584.  
1585. Preferred:
1586. None - Server followed client cipher suite preference.
1587. Accepted:
1588. TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1589. TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
1590. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1591. TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1592. TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1593. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1594. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1595. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1596. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
1597. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1598. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1599. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1600. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1601. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1602. TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
1603. TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
1604. TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1605. TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
1606. TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
1607. TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1608. TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1609. TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1610.  
1611. * TLSV1 Cipher Suites:
1612. Forward Secrecy OK - Supported
1613. RC4 OK - Not Supported
1614.  
1615. Preferred:
1616. None - Server followed client cipher suite preference.
1617. Accepted:
1618. TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1619. TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1620. TLS_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1621. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1622. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1623. TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1624. TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
1625. TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
1626. TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 112 bits HTTP 200 OK
1627.  
1628.  
1629. SCAN COMPLETED IN 24.65 S
1630. -------------------------
1631. #######################################################################################################################################
1632. Parsero scan report for www.audit.gov.sd
1633. http://www.audit.gov.sd/calendar/action~posterboard/ 404 Not Found
1634. http://www.audit.gov.sd/calendar/action~month/ 404 Not Found
1635. http://www.audit.gov.sd/calendar/action~stream/ 404 Not Found
1636. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~*/ 404 Not Found
1637. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~week/ 404 Not Found
1638. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~http:/ 404 Not Found
1639. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~oneday/ 404 Not Found
1640. http://www.audit.gov.sd/calendar/action~week/ 404 Not Found
1641. http://www.audit.gov.sd/*/action~*/ 404 Not Found
1642. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~agenda/ 404 Not Found
1643. http://www.audit.gov.sd/calendar/action~oneday/ 404 Not Found
1644. http://www.audit.gov.sd/calendar/action~http:/ 404 Not Found
1645. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~posterboard/ 404 Not Found
1646. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~undefined/ 404 Not Found
1647. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~default/ 404 Not Found
1648. http://www.audit.gov.sd/calendar/action~agenda/ 404 Not Found
1649. http://www.audit.gov.sd/*controller=ai1ec_exporter_controller* 404 Not Found
1650. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~month/ 404 Not Found
1651. http://www.audit.gov.sd/calendar/action~default/ 404 Not Found
1652. http://www.audit.gov.sd/calendar/action~poster/ 404 Not Found
1653. http://www.audit.gov.sd/calendar/action~*/ 404 Not Found
1654. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~stream/ 404 Not Found
1655. http://www.audit.gov.sd/%d8%a7%d9%84%d9%88%d8%b3%d8%a7%d8%a6%d8%b7/events/action~poster/ 404 Not Found
1656. http://www.audit.gov.sd/calendar/action~undefined/ 404 Not Found
1657.  
1658. [+] 24 links have been analyzed but any them are available...
1659.  
1660. Finished in 14.196236610412598 seconds
1661. #######################################################################################################################################
1662. WhatWeb report for http://audit.gov.sd
1663. Status : 302 Found
1664. Title : <None>
1665. IP : 138.128.160.2
1666. Country : UNITED STATES, US
1667.  
1668. Summary : PHP[5.6.40], Apache, HTTPServer[Apache], RedirectLocation[http://audit.gov.sd/?lang=ar], UncommonHeaders[x-redirect-by], Cookies[PHPSESSID,mltlngg_language], X-Powered-By[PHP/5.6.40]
1669.  
1670. Detected Plugins:
1671. [ Apache ]
1672. The Apache HTTP Server Project is an effort to develop and
1673. maintain an open-source HTTP server for modern operating
1674. systems including UNIX and Windows NT. The goal of this
1675. project is to provide a secure, efficient and extensible
1676. server that provides HTTP services in sync with the current
1677. HTTP standards.
1678.  
1679. Google Dorks: (3)
1680. Website : http://httpd.apache.org/
1681.  
1682. [ Cookies ]
1683. Display the names of cookies in the HTTP headers. The
1684. values are not returned to save on space.
1685.  
1686. String : PHPSESSID
1687. String : mltlngg_language
1688.  
1689. [ HTTPServer ]
1690. HTTP server header string. This plugin also attempts to
1691. identify the operating system from the server header.
1692.  
1693. String : Apache (from server string)
1694.  
1695. [ PHP ]
1696. PHP is a widely-used general-purpose scripting language
1697. that is especially suited for Web development and can be
1698. embedded into HTML. This plugin identifies PHP errors,
1699. modules and versions and extracts the local file path and
1700. username if present.
1701.  
1702. Version : 5.6.40
1703. Google Dorks: (2)
1704. Website : http://www.php.net/
1705.  
1706. [ RedirectLocation ]
1707. HTTP Server string location. used with http-status 301 and
1708. 302
1709.  
1710. String : http://audit.gov.sd/?lang=ar (from location)
1711.  
1712. [ UncommonHeaders ]
1713. Uncommon HTTP server headers. The blacklist includes all
1714. the standard headers and many non standard but common ones.
1715. Interesting but fairly common headers should have their own
1716. plugins, eg. x-powered-by, server and x-aspnet-version.
1717. Info about headers can be found at www.http-stats.com
1718.  
1719. String : x-redirect-by (from headers)
1720.  
1721. [ X-Powered-By ]
1722. X-Powered-By HTTP header
1723.  
1724. String : PHP/5.6.40 (from x-powered-by string)
1725.  
1726. HTTP Headers:
1727. HTTP/1.1 302 Moved Temporarily
1728. Date: Sun, 30 Jun 2019 21:52:03 GMT
1729. Server: Apache
1730. X-Powered-By: PHP/5.6.40
1731. Expires: Thu, 19 Nov 1981 08:52:00 GMT
1732. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
1733. Pragma: no-cache
1734. X-Redirect-By: WordPress
1735. Set-Cookie: PHPSESSID=69sg62qlrkdsjthm5unpl7hak3; path=/
1736. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:52:03 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
1737. Location: http://audit.gov.sd/?lang=ar
1738. Content-Length: 0
1739. Connection: close
1740. Content-Type: text/html; charset=UTF-8
1741.  
1742. WhatWeb report for http://audit.gov.sd/?lang=ar
1743. Status : 301 Moved Permanently
1744. Title : <None>
1745. IP : 138.128.160.2
1746. Country : UNITED STATES, US
1747.  
1748. Summary : PHP[5.6.40], X-Frame-Options[SAMEORIGIN], Apache, HTTPServer[Apache], RedirectLocation[http://www.audit.gov.sd/?lang=ar], UncommonHeaders[referrer-policy,x-content-type-options,x-redirect-by], Cookies[PHPSESSID,icwp-wpsf,mltlngg_language], X-Powered-By[PHP/5.6.40], X-XSS-Protection[1; mode=block]
1749.  
1750. Detected Plugins:
1751. [ Apache ]
1752. The Apache HTTP Server Project is an effort to develop and
1753. maintain an open-source HTTP server for modern operating
1754. systems including UNIX and Windows NT. The goal of this
1755. project is to provide a secure, efficient and extensible
1756. server that provides HTTP services in sync with the current
1757. HTTP standards.
1758.  
1759. Google Dorks: (3)
1760. Website : http://httpd.apache.org/
1761.  
1762. [ Cookies ]
1763. Display the names of cookies in the HTTP headers. The
1764. values are not returned to save on space.
1765.  
1766. String : PHPSESSID
1767. String : mltlngg_language
1768. String : icwp-wpsf
1769.  
1770. [ HTTPServer ]
1771. HTTP server header string. This plugin also attempts to
1772. identify the operating system from the server header.
1773.  
1774. String : Apache (from server string)
1775.  
1776. [ PHP ]
1777. PHP is a widely-used general-purpose scripting language
1778. that is especially suited for Web development and can be
1779. embedded into HTML. This plugin identifies PHP errors,
1780. modules and versions and extracts the local file path and
1781. username if present.
1782.  
1783. Version : 5.6.40
1784. Google Dorks: (2)
1785. Website : http://www.php.net/
1786.  
1787. [ RedirectLocation ]
1788. HTTP Server string location. used with http-status 301 and
1789. 302
1790.  
1791. String : http://www.audit.gov.sd/?lang=ar (from location)
1792.  
1793. [ UncommonHeaders ]
1794. Uncommon HTTP server headers. The blacklist includes all
1795. the standard headers and many non standard but common ones.
1796. Interesting but fairly common headers should have their own
1797. plugins, eg. x-powered-by, server and x-aspnet-version.
1798. Info about headers can be found at www.http-stats.com
1799.  
1800. String : referrer-policy,x-content-type-options,x-redirect-by (from headers)
1801.  
1802. [ X-Frame-Options ]
1803. This plugin retrieves the X-Frame-Options value from the
1804. HTTP header. - More Info:
1805. http://msdn.microsoft.com/en-us/library/cc288472%28VS.85%29.
1806. aspx
1807.  
1808. String : SAMEORIGIN
1809.  
1810. [ X-Powered-By ]
1811. X-Powered-By HTTP header
1812.  
1813. String : PHP/5.6.40 (from x-powered-by string)
1814.  
1815. [ X-XSS-Protection ]
1816. This plugin retrieves the X-XSS-Protection value from the
1817. HTTP header. - More Info:
1818. http://msdn.microsoft.com/en-us/library/cc288472%28VS.85%29.
1819. aspx
1820.  
1821. String : 1; mode=block
1822.  
1823. HTTP Headers:
1824. HTTP/1.1 301 Moved Permanently
1825. Date: Sun, 30 Jun 2019 21:52:04 GMT
1826. Server: Apache
1827. X-Powered-By: PHP/5.6.40
1828. Expires: Thu, 19 Nov 1981 08:52:00 GMT
1829. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
1830. Pragma: no-cache
1831. Referrer-Policy: unsafe-url
1832. x-frame-options: SAMEORIGIN
1833. X-XSS-Protection: 1; mode=block
1834. X-Content-Type-Options: nosniff
1835. X-Redirect-By: WordPress
1836. Set-Cookie: PHPSESSID=3ch499rua1qrgbi9rist5lnhm4; path=/
1837. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:52:05 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
1838. Set-Cookie: icwp-wpsf=c62eada5976e1a7d03aaba17c0c8fb28; expires=Sat, 26-Jan-2069 19:44:10 GMT; Max-Age=1564523523; path=/
1839. Location: http://www.audit.gov.sd/?lang=ar
1840. Content-Length: 0
1841. Connection: close
1842. Content-Type: text/html; charset=UTF-8
1843.  
1844. WhatWeb report for http://www.audit.gov.sd/?lang=ar
1845. Status : 200 OK
1846. Title : National Audit Chamber
1847. IP : 138.128.160.2
1848. Country : UNITED STATES, US
1849.  
1850. Summary : PHP[5.6.40], X-Frame-Options[SAMEORIGIN], JQuery[1.12.4], Apache, HTTPServer[Apache], WordPress[5.1.1], Script[text/javascript], Email[info@audit.gov.sd], HTML5, UncommonHeaders[referrer-policy,x-content-type-options,link], MetaGenerator[Everest Forms 1.4.8,WordPress 5.1.1], Cookies[PHPSESSID,mltlngg_language], X-Powered-By[PHP/5.6.40], X-XSS-Protection[1; mode=block]
1851.  
1852. Detected Plugins:
1853. [ Apache ]
1854. The Apache HTTP Server Project is an effort to develop and
1855. maintain an open-source HTTP server for modern operating
1856. systems including UNIX and Windows NT. The goal of this
1857. project is to provide a secure, efficient and extensible
1858. server that provides HTTP services in sync with the current
1859. HTTP standards.
1860.  
1861. Google Dorks: (3)
1862. Website : http://httpd.apache.org/
1863.  
1864. [ Cookies ]
1865. Display the names of cookies in the HTTP headers. The
1866. values are not returned to save on space.
1867.  
1868. String : PHPSESSID
1869. String : mltlngg_language
1870.  
1871. [ Email ]
1872. Extract email addresses. Find valid email address and
1873. syntactically invalid email addresses from mailto: link
1874. tags. We match syntactically invalid links containing
1875. mailto: to catch anti-spam email addresses, eg. bob at
1876. gmail.com. This uses the simplified email regular
1877. expression from
1878. http://www.regular-expressions.info/email.html for valid
1879. email address matching.
1880.  
1881. String : info@audit.gov.sd
1882. String : info@audit.gov.sd
1883.  
1884. [ HTML5 ]
1885. HTML version 5, detected by the doctype declaration
1886.  
1887.  
1888. [ HTTPServer ]
1889. HTTP server header string. This plugin also attempts to
1890. identify the operating system from the server header.
1891.  
1892. String : Apache (from server string)
1893.  
1894. [ JQuery ]
1895. A fast, concise, JavaScript that simplifies how to traverse
1896. HTML documents, handle events, perform animations, and add
1897. AJAX.
1898.  
1899. Version : 1.12.4
1900. Website : http://jquery.com/
1901.  
1902. [ MetaGenerator ]
1903. This plugin identifies meta generator tags and extracts its
1904. value.
1905.  
1906. String : Everest Forms 1.4.8,WordPress 5.1.1
1907.  
1908. [ PHP ]
1909. PHP is a widely-used general-purpose scripting language
1910. that is especially suited for Web development and can be
1911. embedded into HTML. This plugin identifies PHP errors,
1912. modules and versions and extracts the local file path and
1913. username if present.
1914.  
1915. Version : 5.6.40
1916. Google Dorks: (2)
1917. Website : http://www.php.net/
1918.  
1919. [ Script ]
1920. This plugin detects instances of script HTML elements and
1921. returns the script language/type.
1922.  
1923. String : text/javascript
1924.  
1925. [ UncommonHeaders ]
1926. Uncommon HTTP server headers. The blacklist includes all
1927. the standard headers and many non standard but common ones.
1928. Interesting but fairly common headers should have their own
1929. plugins, eg. x-powered-by, server and x-aspnet-version.
1930. Info about headers can be found at www.http-stats.com
1931.  
1932. String : referrer-policy,x-content-type-options,link (from headers)
1933.  
1934. [ WordPress ]
1935. WordPress is an opensource blogging system commonly used as
1936. a CMS.
1937.  
1938. Version : 5.1.1
1939. Aggressive function available (check plugin file or details).
1940. Google Dorks: (1)
1941. Website : http://www.wordpress.org/
1942.  
1943. [ X-Frame-Options ]
1944. This plugin retrieves the X-Frame-Options value from the
1945. HTTP header. - More Info:
1946. http://msdn.microsoft.com/en-us/library/cc288472%28VS.85%29.
1947. aspx
1948.  
1949. String : SAMEORIGIN
1950.  
1951. [ X-Powered-By ]
1952. X-Powered-By HTTP header
1953.  
1954. String : PHP/5.6.40 (from x-powered-by string)
1955.  
1956. [ X-XSS-Protection ]
1957. This plugin retrieves the X-XSS-Protection value from the
1958. HTTP header. - More Info:
1959. http://msdn.microsoft.com/en-us/library/cc288472%28VS.85%29.
1960. aspx
1961.  
1962. String : 1; mode=block
1963.  
1964. HTTP Headers:
1965. HTTP/1.1 200 OK
1966. Date: Sun, 30 Jun 2019 21:52:07 GMT
1967. Server: Apache
1968. X-Powered-By: PHP/5.6.40
1969. Expires: Thu, 19 Nov 1981 08:52:00 GMT
1970. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
1971. Pragma: no-cache
1972. Referrer-Policy: unsafe-url
1973. x-frame-options: SAMEORIGIN
1974. X-XSS-Protection: 1; mode=block
1975. X-Content-Type-Options: nosniff
1976. Link: <http://www.audit.gov.sd?lang=ar%2Findex.php&rest_route=/>; rel="https://api.w.org/"
1977. Set-Cookie: PHPSESSID=r13b1jrhooe4u4cbpqduottls1; path=/
1978. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:52:08 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
1979. Content-Length: 109839
1980. Connection: close
1981. Content-Type: text/html; charset=UTF-8
1982. #######################################################################################################################################
1983. DNS Servers for audit.gov.sd:
1984. ns2.click-grafix.com
1985. ns1.click-grafix.com
1986.  
1987. Trying zone transfer first...
1988. Testing ns2.click-grafix.com
1989. Request timed out or transfer not allowed.
1990. Testing ns1.click-grafix.com
1991. Request timed out or transfer not allowed.
1992.  
1993. Unsuccessful in zone transfer (it was worth a shot)
1994. Okay, trying the good old fashioned way... brute force
1995.  
1996. Checking for wildcard DNS...
1997. Nope. Good.
1998. Now performing 2280 test(s)...
1999. 138.128.160.2 ftp.audit.gov.sd
2000. 127.0.0.1 localhost.audit.gov.sd
2001. 212.0.136.50 mail.audit.gov.sd
2002. 138.128.160.2 webmail.audit.gov.sd
2003. 138.128.160.2 www.audit.gov.sd
2004.  
2005. Subnets found (may want to probe here using nmap or unicornscan):
2006. 127.0.0.0-255 : 1 hostnames found.
2007. 138.128.160.0-255 : 3 hostnames found.
2008. 212.0.136.0-255 : 1 hostnames found.
2009.  
2010. Done with Fierce scan: http://ha.ckers.org/fierce/
2011. Found 5 entries.
2012.  
2013. Have a nice day.
2014. #######################################################################################################################################
2015.  
2016. Domains still to check: 1
2017. Checking if the hostname audit.gov.sd. given is in fact a domain...
2018.  
2019. Analyzing domain: audit.gov.sd.
2020. Checking NameServers using system default resolver...
2021. IP: 138.128.160.4 (United States)
2022. HostName: ns2.click-grafix.com Type: NS
2023. HostName: ns2.click-grafix.com Type: PTR
2024. IP: 138.128.160.3 (United States)
2025. HostName: ns1.click-grafix.com Type: NS
2026. HostName: ns1.click-grafix.com Type: PTR
2027.  
2028. Checking MailServers using system default resolver...
2029. IP: 212.0.136.50 (Sudan)
2030. HostName: mail.audit.gov.sd Type: MX
2031. HostName: mail.audit.gov.sd Type: PTR
2032.  
2033. Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
2034. No zone transfer found on nameserver 138.128.160.3
2035. No zone transfer found on nameserver 138.128.160.4
2036.  
2037. Checking SPF record...
2038. No SPF record
2039.  
2040. Checking 192 most common hostnames using system default resolver...
2041. IP: 138.128.160.2 (United States)
2042. HostName: www.audit.gov.sd. Type: A
2043. IP: 138.128.160.2 (United States)
2044. HostName: www.audit.gov.sd. Type: A
2045. HostName: ftp.audit.gov.sd. Type: A
2046. HostName: server.click-grafix.com Type: PTR
2047. IP: 212.0.136.50 (Sudan)
2048. HostName: mail.audit.gov.sd Type: MX
2049. HostName: mail.audit.gov.sd Type: PTR
2050. HostName: mail.audit.gov.sd. Type: A
2051. IP: 138.128.160.2 (United States)
2052. HostName: www.audit.gov.sd. Type: A
2053. HostName: ftp.audit.gov.sd. Type: A
2054. HostName: server.click-grafix.com Type: PTR
2055. HostName: webmail.audit.gov.sd. Type: A
2056.  
2057. Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
2058. Checking netblock 138.128.160.0
2059. Checking netblock 212.0.136.0
2060.  
2061. Searching for audit.gov.sd. emails in Google
2062. eltahir@audit.gov.sd.
2063. info@audit.gov.sd
2064. eltahir@audit.gov.sd&
2065. info@audit.gov.sd&
2066. ahamid@audit.gov.sd,
2067. ahamid@audit.gov.sd.
2068.  
2069. Checking 4 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
2070. Host 138.128.160.3 is up (reset ttl 64)
2071. Host 138.128.160.2 is up (reset ttl 64)
2072. Host 212.0.136.50 is up (reset ttl 64)
2073. Host 138.128.160.4 is up (reset ttl 64)
2074.  
2075. Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
2076. Scanning ip 138.128.160.3 (ns1.click-grafix.com (PTR)):
2077. 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2078. | dns-nsid:
2079. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2080. 80/tcp open http syn-ack ttl 54 Apache httpd
2081. | http-methods:
2082. | Supported Methods: POST OPTIONS HEAD GET TRACE
2083. |_ Potentially risky methods: TRACE
2084. |_http-server-header: Apache
2085. |_http-title: Site doesn't have a title (text/html).
2086. 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2087. |_imap-capabilities: AUTH=PLAIN LOGIN-REFERRALS have IMAP4rev1 ENABLE OK more NAMESPACE Pre-login capabilities IDLE post-login listed STARTTLS AUTH=LOGINA0001 LITERAL+ ID SASL-IR
2088. |_ssl-date: TLS randomness does not represent time
2089. 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2090. | http-methods:
2091. |_ Supported Methods: GET HEAD POST OPTIONS
2092. |_http-server-header: Apache
2093. |_http-title: Site doesn't have a title (text/html).
2094. | ssl-cert: Subject: commonName=server.click-grafix.com
2095. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2096. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2097. | Public Key type: rsa
2098. | Public Key bits: 2048
2099. | Signature Algorithm: sha256WithRSAEncryption
2100. | Not valid before: 2019-06-30T00:00:00
2101. | Not valid after: 2020-06-29T23:59:59
2102. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2103. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2104. |_ssl-date: TLS randomness does not represent time
2105. | tls-alpn:
2106.  
2107. 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2108. | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2109. |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2110. | ssl-cert: Subject: commonName=server.click-grafix.com
2111. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2112. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2113. | Public Key type: rsa
2114. | Public Key bits: 2048
2115. | Signature Algorithm: sha256WithRSAEncryption
2116. | Not valid before: 2019-06-30T00:00:00
2117. | Not valid after: 2020-06-29T23:59:59
2118. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2119. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2120. |_ssl-date: TLS randomness does not represent time
2121. 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2122. | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2123. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2124. | ssl-cert: Subject: commonName=server.click-grafix.com
2125. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2126. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2127. | Public Key type: rsa
2128. | Public Key bits: 2048
2129. | Signature Algorithm: sha256WithRSAEncryption
2130. | Not valid before: 2019-06-30T00:00:00
2131. | Not valid after: 2020-06-29T23:59:59
2132. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2133. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2134. |_ssl-date: TLS randomness does not represent time
2135. 993/tcp open ssl/imaps? syn-ack ttl 54
2136. |_ssl-date: TLS randomness does not represent time
2137. OS Info: Service Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2138. Scanning ip 138.128.160.2 (webmail.audit.gov.sd.):
2139. 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2140. | dns-nsid:
2141. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2142. 80/tcp open http syn-ack ttl 54 Apache httpd
2143. | http-methods:
2144. | Supported Methods: POST OPTIONS HEAD GET TRACE
2145. |_ Potentially risky methods: TRACE
2146. |_http-server-header: Apache
2147. |_http-title: Site doesn't have a title (text/html).
2148. 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2149. |_imap-capabilities: IMAP4rev1 NAMESPACE AUTH=PLAIN Pre-login OK LITERAL+ IDLE capabilities more have post-login STARTTLS ENABLE SASL-IR listed ID LOGIN-REFERRALS AUTH=LOGINA0001
2150. |_ssl-date: TLS randomness does not represent time
2151. 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2152. | http-methods:
2153. |_ Supported Methods: GET HEAD
2154. |_http-server-header: Apache
2155. |_http-title: 400 Bad Request
2156. | ssl-cert: Subject: commonName=abaad.sd
2157. | Subject Alternative Name: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
2158. | Issuer: commonName=abaad.sd
2159. | Public Key type: rsa
2160. | Public Key bits: 2048
2161. | Signature Algorithm: sha256WithRSAEncryption
2162. | Not valid before: 2017-08-12T11:26:16
2163. | Not valid after: 2018-08-12T11:26:16
2164. | MD5: 78ae d5d8 edd0 888b fec7 66d8 0056 3b28
2165. |_SHA-1: 416a 957b 5935 e3d6 4c9c 2ee7 6f20 b970 269e 26a3
2166. |_ssl-date: TLS randomness does not represent time
2167. | tls-alpn:
2168.  
2169. 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2170. | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2171. |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2172. | ssl-cert: Subject: commonName=server.click-grafix.com
2173. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2174. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2175. | Public Key type: rsa
2176. | Public Key bits: 2048
2177. | Signature Algorithm: sha256WithRSAEncryption
2178. | Not valid before: 2019-06-30T00:00:00
2179. | Not valid after: 2020-06-29T23:59:59
2180. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2181. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2182. |_ssl-date: TLS randomness does not represent time
2183. 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2184. | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2185. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2186. | ssl-cert: Subject: commonName=server.click-grafix.com
2187. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2188. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2189. | Public Key type: rsa
2190. | Public Key bits: 2048
2191. | Signature Algorithm: sha256WithRSAEncryption
2192. | Not valid before: 2019-06-30T00:00:00
2193. | Not valid after: 2020-06-29T23:59:59
2194. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2195. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2196. |_ssl-date: TLS randomness does not represent time
2197. 993/tcp open ssl/imaps? syn-ack ttl 54
2198. |_ssl-date: TLS randomness does not represent time
2199. OS Info: Service Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2200. Scanning ip 212.0.136.50 (mail.audit.gov.sd.):
2201. 80/tcp open http syn-ack ttl 119 Microsoft IIS httpd 8.0
2202. |_http-server-header: Microsoft-IIS/8.0
2203. |_http-title: 403 - Forbidden: Access is denied.
2204. 443/tcp open ssl/http syn-ack ttl 119 Microsoft IIS httpd 8.0
2205. | http-methods:
2206. |_ Supported Methods: GET HEAD POST OPTIONS
2207. |_http-server-header: Microsoft-IIS/8.0
2208. |_http-title: Site doesn't have a title (text/html; charset=utf-8).
2209. | ssl-cert: Subject: commonName=audit-sd.com/organizationName=Al Hawafiz Computer Devices LLC/countryName=AE
2210. | Subject Alternative Name: DNS:audit-sd.com, DNS:www.audit-sd.com
2211. | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
2212. | Public Key type: rsa
2213. | Public Key bits: 2048
2214. | Signature Algorithm: sha256WithRSAEncryption
2215. | Not valid before: 2018-11-06T00:00:00
2216. | Not valid after: 2019-11-14T12:00:00
2217. | MD5: 7900 0f9a 42b1 5545 7365 e29d 12a5 df9e
2218. |_SHA-1: 4411 685f 2b95 1e63 9741 2ad0 e021 83c1 2daa aeb4
2219. Device type: general purpose|WAP
2220. Running (JUST GUESSING): Linux 2.6.X|2.4.X (90%), Microsoft Windows 2012 (85%)
2221. OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2222. Scanning ip 138.128.160.4 (ns2.click-grafix.com (PTR)):
2223. 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2224. | dns-nsid:
2225. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2226. 80/tcp open http syn-ack ttl 54 Apache httpd
2227. | http-methods:
2228. | Supported Methods: POST OPTIONS HEAD GET TRACE
2229. |_ Potentially risky methods: TRACE
2230. |_http-server-header: Apache
2231. |_http-title: Site doesn't have a title (text/html).
2232. 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2233. |_imap-capabilities: capabilities SASL-IR LOGIN-REFERRALS LITERAL+ listed AUTH=LOGINA0001 ID STARTTLS IMAP4rev1 NAMESPACE ENABLE OK IDLE more post-login AUTH=PLAIN have Pre-login
2234. |_ssl-date: TLS randomness does not represent time
2235. 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2236. | http-methods:
2237. | Supported Methods: POST OPTIONS HEAD GET TRACE
2238. |_ Potentially risky methods: TRACE
2239. |_http-server-header: Apache
2240. |_http-title: Site doesn't have a title (text/html).
2241. | ssl-cert: Subject: commonName=server.click-grafix.com
2242. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2243. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2244. | Public Key type: rsa
2245. | Public Key bits: 2048
2246. | Signature Algorithm: sha256WithRSAEncryption
2247. | Not valid before: 2019-06-30T00:00:00
2248. | Not valid after: 2020-06-29T23:59:59
2249. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2250. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2251. |_ssl-date: TLS randomness does not represent time
2252. | tls-alpn:
2253.  
2254. 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2255. |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
2256. | ssl-cert: Subject: commonName=server.click-grafix.com
2257. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2258. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2259. | Public Key type: rsa
2260. | Public Key bits: 2048
2261. | Signature Algorithm: sha256WithRSAEncryption
2262. | Not valid before: 2019-06-30T00:00:00
2263. | Not valid after: 2020-06-29T23:59:59
2264. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2265. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2266. |_ssl-date: TLS randomness does not represent time
2267. 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2268. | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2269. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2270. | ssl-cert: Subject: commonName=server.click-grafix.com
2271. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2272. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2273. | Public Key type: rsa
2274. | Public Key bits: 2048
2275. | Signature Algorithm: sha256WithRSAEncryption
2276. | Not valid before: 2019-06-30T00:00:00
2277. | Not valid after: 2020-06-29T23:59:59
2278. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2279. |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2280. |_ssl-date: TLS randomness does not represent time
2281. 993/tcp open ssl/imaps? syn-ack ttl 54
2282. |_ssl-date: TLS randomness does not represent time
2283. OS Info: Service Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2284. WebCrawling domain's web servers... up to 50 max links.
2285.  
2286. + URL to crawl: http://ns1.click-grafix.com
2287. + Date: 2019-06-30
2288.  
2289. + Crawling URL: http://ns1.click-grafix.com:
2290. + Links:
2291. + Crawling http://ns1.click-grafix.com (REDIRECTING TO: /cgi-sys/defaultwebpage.cgi)
2292. + Searching for directories...
2293. + Searching open folders...
2294.  
2295.  
2296. + URL to crawl: https://ns1.click-grafix.com
2297. + Date: 2019-06-30
2298.  
2299. + Crawling URL: https://ns1.click-grafix.com:
2300. + Links:
2301. + Crawling https://ns1.click-grafix.com
2302. + Searching for directories...
2303. + Searching open folders...
2304.  
2305.  
2306. + URL to crawl: http://ftp.audit.gov.sd.
2307. + Date: 2019-06-30
2308.  
2309. + Crawling URL: http://ftp.audit.gov.sd.:
2310. + Links:
2311. + Crawling http://ftp.audit.gov.sd. (REDIRECTING TO: /cgi-sys/defaultwebpage.cgi)
2312. + Searching for directories...
2313. + Searching open folders...
2314.  
2315.  
2316. + URL to crawl: http://www.audit.gov.sd.
2317. + Date: 2019-06-30
2318.  
2319. + Crawling URL: http://www.audit.gov.sd.:
2320. + Links:
2321. + Crawling http://www.audit.gov.sd.
2322. + Crawling http://www.audit.gov.sd./maps.googleapis.com (404 Not Found)
2323. + Crawling http://www.audit.gov.sd./fonts.googleapis.com (404 Not Found)
2324. + Crawling http://www.audit.gov.sd./s.w.org (404 Not Found)
2325. + Crawling http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.5.41 (404 Not Found)
2326. + Crawling http://www.audit.gov.sd./fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700& (404 Not Found)
2327. + Crawling http://www.audit.gov.sd./fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C300& (404 Not Found)
2328. + Crawling http://www.audit.gov.sd./fonts.googleapis.com/css?family=Open+Sans%3A400%2C600& (404 Not Found)
2329. + Crawling http://www.audit.gov.sd./
2330. + Searching for directories...
2331. - Found: http://www.audit.gov.sd./www.audit.gov.sd/
2332. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/
2333. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/
2334. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/
2335. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/
2336. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/
2337. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/
2338. - Found: http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/
2339. - Found: http://www.audit.gov.sd./fonts.googleapis.com/
2340. + Searching open folders...
2341. - http://www.audit.gov.sd./www.audit.gov.sd/ (404 Not Found)
2342. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/ (404 Not Found)
2343. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/ (404 Not Found)
2344. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/ (404 Not Found)
2345. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/ (404 Not Found)
2346. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/ (404 Not Found)
2347. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/ (404 Not Found)
2348. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ (404 Not Found)
2349. - http://www.audit.gov.sd./fonts.googleapis.com/ (404 Not Found)
2350. + Crawl finished successfully.
2351. ---------------------------------------------------------------------------------------------------------------------------------------
2352. Summary of http://http://www.audit.gov.sd.
2353. ---------------------------------------------------------------------------------------------------------------------------------------
2354. + Links crawled:
2355. - http://www.audit.gov.sd.
2356. - http://www.audit.gov.sd./
2357. - http://www.audit.gov.sd./fonts.googleapis.com (404 Not Found)
2358. - http://www.audit.gov.sd./fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700& (404 Not Found)
2359. - http://www.audit.gov.sd./fonts.googleapis.com/css?family=Open+Sans%3A400%2C600& (404 Not Found)
2360. - http://www.audit.gov.sd./fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C300& (404 Not Found)
2361. - http://www.audit.gov.sd./maps.googleapis.com (404 Not Found)
2362. - http://www.audit.gov.sd./s.w.org (404 Not Found)
2363. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.5.41 (404 Not Found)
2364. Total links crawled: 9
2365.  
2366. + Links to files found:
2367. Total links to files: 0
2368.  
2369. + Externals links found:
2370. - data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD//gA7Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcgSlBFRyB2NjIpLCBxdWFsaXR5ID0gOTAK/9sAQwADAgIDAgIDAwMDBAMDBAUIBQUEBAUKBwcGCAwKDAwLCgsLDQ4SEA0OEQ4LCxAWEBETFBUVFQwPFxgWFBgSFBUU/9sAQwEDBAQFBAUJBQUJFA0LDRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAPgFeAwEiAAIRAQMRAf/EAB8AAAEFAQEBAQEBAAAAAAAAAAABAgMEBQYHCAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkKC//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8A+HLS1vdX1O8hgvIrSK3WM/NB5hYtu/2h/dq//wAIxqf/AEF4f/AL/wCzo8L/APIa1j/dg/k9dLj/ADigDmv+EY1P/oLw/wDgF/8AZ0f8Ixqf/QXh/wDAL/7Oulx/nFGP84oA5r/hGNT/AOgvD/4Bf/Z0+DwvqLXEIfVYmRpFVgLTGQSAed9dFj/OKkt+LmD/AK6p2/2hQBw1wLi51Cws7edbc3DPukZN+AqFumR6Vof8IvqP/QYX/wAAx/8AFVTg/wCRj0b/AHpf/RTV2OP84oA5r/hF9R/6DC/+AY/+KruvAv7NHxG+JWlTal4cT+0LGKYwPMY4YhvABIG+UE8MOnrXQ/Cr4R6/8XdfTTtHtytuhH2q/kU+TbKe7HufRRyfzI/SHwB4H034ceEdO8PaUmLSzj273+/K5OWdvdiSf0HAr8x4w4xjw9GNDCcs67eqd2ox7uzTu+iv5+vt5dlzxjcql1H82fk/4y+EXir4f67Lo2vXi2OpRIrvD5EcmAwypyshHT3rD/4RbUT/AMxhf/AQf/FV9K/tlf8AJdtT/wCvS1/9FCvEAOR/hX22T4ypmGXYfF1UlKpCMnba7V9N/wAzzMRTVGtOnHZNo4zxAJtG0+YrKsk8cKN5hXALFQc4/Gr3/CK34/5jJ/8AAVf8areO/wDjzvP+veL/ANASuuI5P+Fewc5X8MfBnxj41FydBXUNYFttExstO8zy92du7HTO0/ka3f8Ahl/4pf8AQD17/wAE5r7Q/YV0P7F8M9Y1Nlw99qZQEjqkcagf+PM9fQd74h0rTZjDd6lZ2swAPlzTojYPfBNfhWd+IWMy7M62BwtCM4wdru99lfbzuj6nC5RTrUI1Zzab9D8rP+GX/il/0A9e/wDBOa5jxF8LfEvhHUPsGt3F3pV6UEnkXdgI32nOGwT04P5V+uX/AAmGhf8AQa03/wAC4/8AGvhX9s7ULXU/jIktncw3UP8AZcC+ZA4dc7pOMivW4W4zx+e5h9UxGHUI8rd1zdLd/U58fltLC0faQnd38j5kk0mXTbZDNd/a3eRgG8sJgBVPQf7xqjo2lajrOnpef2kkAkZwIhbBtoDlRzu56V0Ou/8AHvb/APXWT/0GOqvgv/kW7X/el/8ARr1+vnzxXj8J6nLIqJqwd2IVVWzBJJ6ADdXpOjfsh/FzXrVbi10q6SJhlTdW0VuxH+7JIp/Svq/9i/4OWFl4ZTx1qVslxqd7I6aeZVyLeJWKF1HZ2YMM9gBjqa9j+JPx38G/Cm7gs9f1Jkv5l8xbS2iaWQJ/eYD7o4OMnnHFfi+dcdYynmMsryTD+1nBtNtN6rdKMbOy2bb/AM39Jhsrpuiq+Jnyp/11PzV8X/s4/EfwHbG512zu7K0X71yLFZIV+ro5Ufia4z/hF9R/6DC/+Ag/+Kr9efBfjrw78UfDp1HQ7yLU9OkJhlVkIKnHKOjDIOCOCOQfSvhn9q/4QWnwu8dwXOkRCDRNZjaeCBfuwSKQJI1/2fmVh6bsdq9LhjjSrm2MllmY0fZV1e1rpO26aeqaWu70vt1xx2Wxw9NV6MuaJ83JoF3ZpNNPqC3KJHuCCAJzuUddx/vVn2dneaxqd7DFfC0it0jIAhDli27PJPtXWX//AB4XX/XIf+jI6wfC3/IZ1j/dg/k9fqx4If8ACK33/QZb/wABV/xrvvCH7LnxM8dWSXmjWd5PZuMpcTW0UEbj1VpGUMPcZr3j9j/4HWfjzU7rxTr1st1o+mSiG2tZRlLi4wGJYd1QFTjoSw7Ag/XfxA+KXhf4V6fb3PiLUksI5iUghVGkkkx12ooJIGRk9BketfkXEfG9bAY7+yspo+1rLfRtXteyUdW7b66ffb6DB5ZGrS9viJcsf67n5neL/wBln4neBrJ7zWLK8hs4xl7iC3iuI0HqxjZto9zivP8A/hFb7/oMt/4Cr/jX68eBPiN4d+JukNqHh3UY9RtlbZKoUq8bejowBH4jmvkX9sD4E2fgq7g8X+H7ZbXSr6byby0iXCQTkEq6gdFbByOgI4+8AI4b45q4/Hf2Xm1H2VZ6K10r/wArUrtPtrrt2u8blcaVL2+HlzR/rXQ+RbfwpeG5hD6uXVpFVl+zKMgkA85rLuBcXGoWFnbzrbm4Z90jR78BULcDI9K7m3/4+YP+uqf+hCuLh/5GPRv96X/0U1fsB88W/wDhFtRH/MYX/wABB/8AFV0HhH4LeNfHlw8Ph9brVmQ4drfT8on+8+7av4kV2Xwo8By/Ez4haL4cjkaJLyb99Ko5jiUF5GHvtU498V+l2maXoPw08JLb2sdtouhabCXYkhUjQDLOxPU9yTyTX5txbxguHZU8Nh6ftK01dJ7JXsm7au70SXbfv7OX5d9cTnN2ij81Ln9jP4xWluZn0uVlAztiS3dv++VmJP5V5tq3w+1/Qb+Wx1K7l0+9iOJLe608xyL9VLA1+nPhn9qT4deLPEcOi2OsOl3PJ5UD3Ns8UUzk4CqzDgk9M4zU/wC0D8G9P+LXgm8QW6DX7OJpdOulADhwM+UT3VuhHYkHtXyeD4/zHCYynhs+wvsoz6pSi0n1tJu672tb8D0KmU0alNzwtTma9H+R+Wf/AAi+on/mML/4Bj/4qqXiATaNp8xWVZJ44UbzCuAWKg5x+NdmBzz/ACrkPHX/AB53f/XvF/6Alfup8sWv+EVvx/zGT/4Cr/jWjoHwy8R+KtSj0/R7m71O9flYLWwEj49cDoPfpXQ6No914h1my0uxi869vZ0t4Yx/E7sFUfma/TH4R/CbRvg/4Uh0zT443u2QPfX7Lh7mTHLE9lHOF6Ae+Sfg+K+KqXDVGNo89Wd+WOy03b8vz+9nq4DASxsnraK3Z+ew/Yo+MJtfP/s+TbjOwta7/wDvnzc15v4g+GHiTwnqT6frNxd6XepyYLqwEbY9QCeR7jiv06tP2mfhvfeJxoUPiOE3jSeSspicW7PnGBKRtPPfOD61t/Fj4UaN8XPC02lapCq3AUtZ3yr+8tpOzKfTplehH4Efn2G8Q8zwWJhDPMJ7OnPZqMotLvaTfMl5W/Q9eeUUKsG8LUu15p/lsfkv/wAIrff9Blv/AAFX/Glk0mXTbZDNdm7d5GAbywmAAp6D/eNdt4j8P3nhXX9Q0bUY/KvrGd7eZeo3KcEg9weoPcGuc13/AI97f/rrJ/6DHX71CcakVODunqn5HyjTTszK8Lf8hnWP9yD+T103FZXhqC2tdF8TarcMsZhv9NtVYg5xJDeMR/5CH5VJ/wAJHpv/AD9j/vk/4VYjR4o4rO/4SPTf+fsf98n/AAo/4SPTf+fsf98n/CgDR4qS3/4+YP8Arqn/AKEKyv8AhI9N/wCfsf8AfJ/wroPCDWOvnVzFKssllZpdKMHg/arePPPtIfzoA8/g/wCRj0b/AHpf/RTV658J9CsvE/xM8L6TqMXn2F7qMEE8QYrvRnAIyORx6V5z4U0+LUfF9kkwBSKw1O55GcGKwnkB+uUFb3hn4gJ4S8Q6drVhNi9sJ0uITLA7KHU5GRjkZrkxcKlTD1IUXaTi0ntZtaa+ppTaU05bXP1Lu7rwn8GvB7SOLLw7oVoOEjUICfQAcu5/Empvhz42t/iP4N0/xHZ2721rfGUxRTEbwqyugJx0JC5x2zjmvy98a/GHVPiLqX27xDrd1qUwzsWSNxHGPREChVH0FfaH7Ovx/wDAHhv4L+GdN1PxFHa31vHMJYXtpiVJnkI6IR0Ir+ZuIOCa2UZZDEylKtiJzXNyptJcsm/N3dryf3d/tcJmccRXcElGCWn3r+rHhv7ZX/JdtT/69LX/ANFCvEBjIr0z9qj4ieHvFnxi1DUdJ1D7bZPbW6rNHDIASIwD1UHrXnHhC7sNc8X6FppdnW81C3tyrRNgh5VXByPev6B4bhKnk2EhNWapxunutEfJY1qWJqNd2cX47/49Lv8A694v/QErrzjJrk/H0YWC9TsIYh/44ldt41ltND8a+IdLjWYCz1K5tkWO3kKgJKygDC4xx2r6M4z9Hf2Y9D/sD4F+E4Su157Zrxj6+bI0gP8A3yy18xfHf4V+Ofip8aPE+o6L4avb3T4pUtYrhlEcbCONUbazkA/MG6V9GeHP2gfhr4f8O6XpcevSiOxtIrZcaZd4wiBR/wAsvaqd9+2b8JbK7jgPiK4n34zLDpd06L9T5dfyhleNzrAZtisyweClUnU5t4TslKXN0t27n3telhquHp0alVJK3VdFY+GfF/wy8UeAWQeINBvNLRzhZZo/3bH0DjKk/jXNYAr9GNT/AGhfhL4q0eeyvtXXU9MukKSRSaVdPG4/79f/AKjXwX8WrLw54V8a3lv4cv7nUtBl/fWkzWc6sqnrG25ASVPGe4we9ftfDHE+JziUsNj8NKjVWu0lF991o12uz5nHYGGGSnSmpRfpc4rXf+Pe3/66yf8AoMdVfBf/ACLdr/vS/wDo163vH9hHp/8AZIiUKk1lbXONu3mS0t3OR65as6z+x6F4Q8JvIxjkvrCa5bbGxyft93Hk4HXEYH4V+iHkH6afswapbar8CvCrW7KfIga3kUdVdJGDA/Xr9CK+OP2sdO1Cw+OviGS/Rwl0YZraRgdrxeUijb7AqV+oNSfsufH66+H3iJ9N+0wt4ZvJPMu1vVlRIGAAMiMqMd2MDbg7sDpjI+r/ABD8bPgt4tiij1rU9L1ZIjmMXmnSy7D7boziv515cXwdxJiMXGg61OqpP3dWlKSl2dmmrWe61PsL08xwUKblyyjbfyVjzH9gbTNQhsPF9+6OmlzyW0UTMDteVBIXx9A65+oqD9vvU7Yr4N04MrXam6uGUdVQ+WoP4kN/3ya9Zf8AaN+GWg6DJb6DrOnI8ERFrYrbT28O7suViO0Z7gV8C/FH4p3vj/xpfavr9wTeudipHDJ5UUakhUj4+6Oee+SepNdnDuFxWe8UVM9r0nRjHaLum/c5FulfTVvvoZYypTwuBWFjLmb6/O5zl/8A8eF1/wBch/6MjrB8Lf8AIa1j/dg/k9dddwW118PhqkJ3NJeXFqWKlThBaMByP+mh/OsPwxbQQaJ4o1OVTvhv9NtlKRl2AeG9YjgE4/dD8hX78fKH6W/sm6fFYfATw0YwA1x9omkP95jPIM/kAPwr5c/bS1afUPjbc2krkw2FlbwxL2AZfMJ/EufyFep/ssftG+DtF+Etnomt6nPZX2mzzRrGbC5ctG7mRWysZ4y7L/wGvJ/2s9a8PeMvHFp4j8MXlxqqXNssF1DFp1yrxyJkK3zRjIKkDjuvuK/n3h/DVsFxli6uLptKTqcsmnbWV077axvb7j63FzjUy2nGm1dWuvl/mSfsZeI7nR/jVZ6dFIwtdWtp7eePPynZG0qtj1BTGfRj619ifHzw6nij4N+LrJ0DMunyXMY/24h5q/qg/Oviv9lXVNC8K/Ef/hJPE13c6TBp9vItukun3LNLLIpTgLGeApfOe5HvX1l4i/aN+HF/4f1O1GuSsZrWWLb/AGZd85QjH+q9687jWFaXElHF4GlKXIoNuMW1zKTe6XRcv5G+WOKwUqdWSV77vpb/AIc/Ou2/4+YP+uqf+hCuLh/5GPRv96X/ANFNXoPg9bbWxq7BXL2dmlyvmQuuD9rt04LAc4kP61yfhWwi1HxfZpMAY4dP1O55GcGKwnkB/AoK/pM+LPoX9j7VLbTPjppC3DKv2qC4t4mbpvMZIH47SPqa+sf2r9N1DVPgX4hi05HleMwzTRxZJaJJUZ/wAG4+wNfm5p3i2LTNQtryyu5oLyCVZYZYo3DI4OVI46ggV9//AAp/at8P6x4MtZvG2q2Ol6yRteOGKdvMXH3nUR4QnuoJ/DoPwzjnLcVhs0wufYWHtORxTj1vGXMnbez2dttz6jK60J0KmFm7Xvr6qx8KaPp15rGq2dlpsck2oXEqxW8cQO5nJwuMe9frJLdJpenPc3syJHbRGSeZuAAoyzH24JrxjSvi38C9B1N9R0660awv3zm5ttKkSTnr8wizzXkn7VX7S0Gs+HRonhLU7e50S9Xbf3Vuk32gjqYypjG1DjkgnPQ4HX57O6+M45x+FwscNKhCN7ymn1tfololourOvDRp5XSqTc1Jvoj5YvZ0ur6eZF2JJIzqvoCcgVxXjr/jzu/+veL/ANASu08IXdhrni7QtNLs63moW9sVaJsEPKq4OR71x3j6MLBep2EMS/8Aji1/SaVlZHxm59FfsnafFqHx88NCYBlhNxOAf7ywSFT+Bwfwr7U/aI1efRPgl4wurZzHN9iMIdTggSMsZIP0c18KfD7xzpXwi/aOS5umlg0/TNZu7KZktpGWOIvJCW+VTkKGzx6V9efEj41fDfx74C13w/8A8JFJE2oWjwxyNpd5hHxlGP7roGCn8K/AOOcJiHxHgsU6Up0oqF7JtaTbktE+jR9bldSH1OrT5kpO/Xy0Pz74Nfpl+zr4kufFnwV8K6jeyNNdG2aB5HOWfypGiDE9yQgJPrX5nvDcJO0X2G/bDbdy2M2089QdnSvvj4R/GL4dfDn4baB4dk8QyST2VviZ00y82mVmLyY/ddNzNj2r2fEqCxmX0KeHi5z57+6m7R5Xfa9rvl9fkc2Sv2daTm7K3XTW/wDw54F+2v4cj0b4yC+jUKuq6fDcuQOrqWiP6Rr+dfOOu/8AHtb/APXWT/0GOvo39s34neF/G3iHwzdaHez3ohtZYpmFjcJt+cFR80Yz1PSvBvH9hHp50kRKFSaztrnG3HMlpbucj1y1fc8JSqyyLCqumpKNrPR+62lv5JHl5go/WqnK7q/5m7+z5LN/afiuALmBnsZWOejKlwBx/wBtDXtWB6CvGf2eT/xMvFn/AG5/ylr2fP1r6488TA9BRgegpc/WjP1oATA9BWH40llh8PXQhXKymKOQ5AwvnRt/NRW7n61i+Mjnw5d/WL/0alAHgPw2lmh+J3h0wDLsl5GecfK9rIh/RjX0x+Jr5q+GH/JUfDf/AG8/+k719K5+tAB+Jr63+C3/ACTDQuv3JP8A0a9fJGfrX1v8Fsf8Kx0L/ck/9GvX434pf8iij/19X/pMz6PIv94l/h/VHh/7QH/JSrzr/qIf/QBXnHmy27JNAN00TrIgzjJUgj+Vej/tAH/i5V5/1wh/9AFecqfmFffcMf8AIjwf/XuH/pKPJx3+9VPV/mfJPj5WMd6p+/5UQP12LX1t581xJLPP8s8sjyuAc4LMW/rXyb4+/wBZe/7kX/oK19h+H/sLeIdPXUl36e1yi3A3Ff3ZYBjkc9M19DVn7KnKdm7Juy3dui8zkiuZpCweKNYtreSCLVb2OCRSjRLcMFYHggjNZua+tT8GfCC2U0MOjwo8kbIsrFpGQkYDDcTyOtfL/iDwvqfhnV5dOvrWSO4Rtq4UlZBnhlPcGvh+HOKcsz6pVhhIezlGzakopyXfRu9uva6PTxmBr4VRdR3T7X0Pc/2Z9UmuNA1exd2aK2nSSME/d3g5A9spn8TUX7TlqjaNod0f9Ylw8QPsygn/ANAFb3wH8G3fhXwrNPfxNb3eoSiXynGGSMDChh2PLHHuK4z9pnXo5r3SNHjcM8CtczAdi2Ag+uAx/EV+U4KUMbx9KrgneCk22ttIWk/nK+vW571VOnlKjV3t+un4Hwx8YZJpfEZM4AZSEXBz8qwwqP0Fd38DZZpfhhoglGEiSeOPnOV+1Tv/ADc1w/xm/wCRkP8Avf8AtOKu7+CHPwt0Uf8AXf8A9KJK/pM+MPv/AOGfhuLwt4K0u0jQLK8KzztjlpHALZ+nT6AV4L8XPiXq+q+L7+ytL+ez0+xma3SKCQpuZThmbHXJBx7Yr6N8J6lFrHhjSb2JtyT2sb8djtGR+ByPwr5g+MHhC98NeM9Rnkhf7DezvcQThfkO87iufUEkY+h71/NXAqoYviHFTzFJ1nzNc383N71r9V+Vz7TNOanhKao/Dpt2toej/s//ABD1HWry60LU7mS88uHz7eaVtzgAgMpPcfMCM+hq/wDtH+HIbzwxbayqAXVnMsTP3aN+MH6Ntx9T61z/AOzf4SvI9UvNfuIXhtPINvAzjHmMzAkj1AC4z7+xrr/2idTjs/h+bViPMvLmNFXvhfnJ/wDHQPxqsYqOG47orLLK8oqSjtdr39tNt/O/UVPmnlUvb9na/wCH4nwv8apZjpNvER/o6iSRWz/EzQA8fRBXP/s9yzjVfFcSj/R2aykc5/iVLgDj/gZro/jZ/wAgW3+j/wDocVc/+zycal4s/wC3P+Utf0mfGH0T4H8b3/gTW01CyO9SNk1ux+WVPQ+h9D2r6J0X48eE9UtVkuL59Nmx80NzG2QfYqCDXlvwi+FGi+P9Fub29vbuOeC4MTQQFQNu0EHkE85I/Cq/xf8AhMvgySyutGguZ9NePbM7HzCkgJ5OBwCCMfQ1+M57R4a4izdZdiXKGJWnMvdvZXSbaaem2l+lz6TCyxuDw/toJOD6bnqg+Nem614o0rRNB3Xz3U4WW6dCqIgyzbQcEnAPsPeu38SXQsvDmq3DEgQ2kshP0QmvCP2fPAt7J4g/4SC7t3gs7aNlgaRSPMkYbcjPUBS3PqR716T8cvEKaF8Pr6IPie/xaxr3IPL/APjob8xX5jnGS4Cjn2GyfKvetyqTvduTlrdrTSNr2Str1ue3hsTVlhJ4ivpvb0t+rPjTxpJPH4cuRFgq5iSTJxhfOjb+aivBPhtLND8TvDptxudkvIiM4+V7WVD+jGvfvGX/ACLl3/vRf+jFrwT4Y/8AJUfDn/bz/wCk71/Wh8Afcf7PvhuLW/GrXdwgki06Hz1UjI8wkBfy+Y/UCvaPjD4zuPBXgyW5szsvriVbaGQjOwkElsewU498V5V+zTqMdv4o1Ozdgr3NqGTPco3I/Jifwr0343eFLrxZ4JeOxjaa7tJlukiUZaQAMrAe+GJx3xiv5u4nlTq8aUKeY/wVyJX2s9dfLmvfy3Ps8CnHLZSo/Fr/AF9x866V8RvEekaml/FrF3LMG3Ms8zOj+zKTgivrfR7+DxP4ds7xog1vf2yyNC4yNrrkqfXrivjHTdGv9X1KPT7S1lnvHbYIVU7gff09yelfZ3hnSP7A8O6Zppbe1pbRwFh0JVQCfzFdnifRwNCOFlRUY1bvayfLpa9vPb52MsjlVk5qV3Hz7nx/420h/CXjDU7K1BY2V1ugBPVQQyc+uMV8YePlcxXoP3/JiGPfYtfbnxM1OPV/iFrl1CQ0bXRRWHQhMJkfXbXxN4+/1l7/ALkX/oK1+55ZOrUwNCdf43CLl68qv+J8vWUVVko7XdvvPrIzzXLyzTjE00jyuAc4LMSf517d8Mvj5HpdhDpXiPzWjhASG+QbyF7Bx1OPUfl3ryHQrO21LX7Czu5mt7a4uEiklXGUVmAJ59M17/N+zhoEWnXKw3N7NemJhC00qhRJg7SQFHGcV8Pxni8hVOngs6Uve1i4rVdG09l5rXzR6mW08VzOrhrab3Oivvjj4Os7UzLq32lsZEMETlz7cgAfia1fh54um8b6A+rvB9liluJFgizkiNcKMnuchq+Tk8KazJq/9lrptydQ37PI8o7gc/y9+lfXXgbw5/wifhLTNKJDSW8WJCvQuSWbHtuJr8k4u4eybh7Awjg6jqVqkk0207QSd2kklq7a9enU+gy/GYnGVW6itGK7dTxT9pq6D+I9Ht8/NHaM+P8Aecj/ANkr4i+MUs0viImcAMpCLg5+VYYVH6Cvq/4zeIU8R/EHUZYX329tttY2HQhPvY/4EWr5T+M3/IyH/e/9pxV+9cK4SWCyTC0JqzUU2u3N71vxPlMfUVXE1JLa/wCWhe/Z551LxZ/25/ylr2fFfM3g3xVc+C7nUZrTexvRGHXKgDZux1U/3jXUf8Ln1X/nm3/faf8AxuvqzgPccUYrw7/hc+q/882/77T/AON0f8Ln1X/nm3/faf8AxugD3HFYvjL/AJFy7+sX/o1K8o/4XPqv/PNv++0/+N1DefFy+v7Z4LiAyRNglPMQAkHIziMHGQOhFAGD8MP+So+G/wDt5/8ASd6+lcV8qaLqEmia9Y6rAzLcWm8ptI53IUOcg9j6V2//AAubWPf/AMh//G6APdMV9O/CXxt4f0v4eaNa3mtWFrcxpIHhmuFVlzK5GQT6EV+d3/C5tY9//If/AMbo/wCFzax7/wDkP/43XynEfD1HiTCwwtabgoy5rq3Zrr6nfg8XLB1HUir3Vj6x+Nuq2Ws/EC6urC6ivLdoYgJYHDqSFGRkVwa/eFeFf8Lm1j3/APIf/wAbo/4XNrH+0Pxj/wDjde1l2Cjl2DpYODuqcVFN9bKxzVqjrVJVH1dzg/H3+svf9yL/ANBWvrFhlj9a+VNWhHiea6YJ9njkCjYHJKgAAckcn5etd/8A8LQ8Q/8APVT/AN8f/G69ExPuf4U/HKzi06DSPEcxt5IFEcN8wJV1HQPjoR0z0PfHf1+HxFo15Es0Wp2M0fUOlwhA/HNflz/wtDxB/wA9U/8AHP8A43R/wtDxB/z1T/xz/wCN1+RZv4b5fmGJlicPVdJyd2kk1frZaWv2vbskfQ4fOa1GChOPNb7z9GPGvxp8P+FrSRbS6i1bUcER29s4ZQfV3HAHt19q+X9b1i78Qarc6jfSma6uHLux/kPQAYAHoK8H/wCFoeIP+eqf+Of/ABuj/haHiD/nqn/jn/xuvquHeFcDw3CX1e8qkt5Pe3Zdl+fVuyODGY+rjGufRLoVvjN/yMh/3v8A2nFXd/A//kluif8Abf8A9KJK8l8Wavd+IZEurpYxImS7g5Lk7R0AAGAqjgetWfCnxD1DwnoNtpVqztbwFypYx5+Zyx6oe7HvX2Z5p9w/B/4wp4Oj/sjVw76SzFopkG5rcnrx3UnnjkHPXNfQGn+JtE163ElpqVneRHnCyqcfUdR+Nflp/wALm1j3/wDIf/xuj/hcuse/5x//ABuvy3PvD/A5ziXjKVR0qktXZXTfe2mvez13tc93CZtVw0PZyXMlsfqBr/j/AMPeF7VpL7VLZCo4hicPI3sEHP8ASvmL4mfEG4+IWuC5ZDBYwApa25OSqnqx/wBo4GfoB2r5c/4XNrHv/wCQ/wD43R/wubWPf/yH/wDG67uHOCcDw9VeJUnUq7KTVkr72Wtm+ru9NNNb5YzM6uMjyWtHsdb8bP8AkC2/0f8A9Dirn/2eedS8Wf8Abn/KWuc8S/EG78TWJt7uPcw4Ryy/IMgnAVRydq9c96i8I6pqPg24v57GUBr0RiQZXHybsdUP941+iHjn2J8K/iG/w+11ppEabTroCO5iT72B9119xk/UE19O6P430DX7ZZrLVrSZWGSplCuPqpwR+Ir8wv8AhaHiD/nqn/jn/wAbo/4Wh4g/56J/45/8br834j4HwXENf61zunV2bSunba601W177fI9nB5nVwkfZ2vE/TLxF8SvDfhi3eS71S3eRRxb27iSVvYKOn44HvXzJ8RviBd/EHWvtUyGCzhBS2ts52L3J9WOBk/T0r5o/wCFoeIP+eqf+Of/ABuj/haHiD/nqn/jn/xutuHOCsBw9UeIjJ1Ku3M9LLrZdL9Xdvp3JxmZ1cYuRq0e3+Z6j4y/5Fy7/wB6L/0YleC/DH/kqPhv/t5/9J3rpLr4i61fQNDc+XPE2CUYgAkHIztQHggHgjpXD6VdS+HPEVlqMTMLmz3lNhGDvQqc5U9mPav0I8g+t9D1q78Oava6lYyeVdWz70bt7g+oIyD7GvqDwX8Z/D/iu0jWe6i0rUMAPbXLhQT/ALDHgj9favzc/wCFzax7/nH/APG6P+Fzax7/AJx//G6+L4j4UwPEkIuveNSO0lvbs+6/Lo1dnpYPH1cE3yap9D9U31TTbdDO95aRKeTK0qgfnmvLPih8crDT9Pn03w7creahKpRruI5jgB6lW/ib0xwOue1fn/8A8Ll1f3/8h/8Axuj/AIXNrHv/AOQ//jdfIZX4aYHBYiNfFVnV5dVGyS+eruvLTz00PQr51VqwcKceW/Xc91X7w+tfJ3j7/WXv+5F/6Ctd5/wubWPcf9+//jdcTqsQ8TzXRCfZ43CjYHJKgAAc45Py9a/Yz50+rG++T719K/DH42aZrWmW9jrl3HYarEoQzTnbHOBwG3HgN6g456eg/P3/AIWh4h/56qf++P8A43R/wtDxB/z1T/xz/wCN18txBw7g+I8OqGJunHWMlun19U+qO7CYypg580Ou6P1Il8RaTBCZpNTskixnzGnQLj65ryf4n/Hezt7GbTPDc/2m7lUo98nCRDvsP8Te44HvXwf/AMLQ8Qf89E/8c/8AjdH/AAtDxB/z1T/xz/43XxGVeGuX4HERxGJqury6qLSUfmru/pdLvdaHqV86rVYOEI8t+vU9rPNeF/Gb/kZD/vf+04qs/wDC0PEH/PVP/HP/AI3XN+JtSvPFFxHPcLGsy5LPuyXJAHYADAUDgV+wHzp//9k=
2371. - http://gmpg.org/xfn/11
2372. - http://www.afrosai-e.org.za
2373. - http://www.afrosai.org
2374. - http://www.arabosai.org
2375. - http://www.audit.gov.sd/?
2376. - http://www.audit.gov.sd/?cat=27&lang=ar
2377. - http://www.audit.gov.sd/?cat=28&lang=ar
2378. - http://www.audit.gov.sd/?cat=33&lang=ar
2379. - http://www.audit.gov.sd/?cat=35&lang=ar
2380. - http://www.audit.gov.sd/?cat=5&lang=ar
2381. - http://www.audit.gov.sd/?cat=56&lang=ar
2382. - http://www.audit.gov.sd/?cat=57&lang=ar
2383. - http://www.audit.gov.sd/?cat=59&lang=ar
2384. - http://www.audit.gov.sd/?cat=6&lang=ar
2385. - http://www.audit.gov.sd/?lang=ar
2386. - http://www.audit.gov.sd/?lang=ar&
2387. - http://www.audit.gov.sd/?p=2197&
2388. - http://www.audit.gov.sd/?p=2197&lang=ar
2389. - http://www.audit.gov.sd/?p=2260&
2390. - http://www.audit.gov.sd/?p=2260&lang=ar
2391. - http://www.audit.gov.sd/?p=2482&
2392. - http://www.audit.gov.sd/?p=2482&lang=ar
2393. - http://www.audit.gov.sd/?p=2737&
2394. - http://www.audit.gov.sd/?p=2737&lang=ar
2395. - http://www.audit.gov.sd/?p=3027&
2396. - http://www.audit.gov.sd/?p=3076&
2397. - http://www.audit.gov.sd/?p=3076&lang=ar
2398. - http://www.audit.gov.sd/?p=3096&
2399. - http://www.audit.gov.sd/?p=3096&lang=ar
2400. - http://www.audit.gov.sd/?p=3098&
2401. - http://www.audit.gov.sd/?p=3098&lang=ar
2402. - http://www.audit.gov.sd/?p=3105&
2403. - http://www.audit.gov.sd/?p=3105&lang=ar
2404. - http://www.audit.gov.sd/?p=3123&
2405. - http://www.audit.gov.sd/?p=3123&lang=ar
2406. - http://www.audit.gov.sd/?p=3133&
2407. - http://www.audit.gov.sd/?p=3133&lang=ar
2408. - http://www.audit.gov.sd/?p=3145&
2409. - http://www.audit.gov.sd/?p=3145&lang=ar
2410. - http://www.audit.gov.sd/?p=3159&
2411. - http://www.audit.gov.sd/?p=3159&lang=ar
2412. - http://www.audit.gov.sd/?p=3169&
2413. - http://www.audit.gov.sd/?p=3169&lang=ar
2414. - http://www.audit.gov.sd/?p=3186&
2415. - http://www.audit.gov.sd/?p=3186&lang=ar
2416. - http://www.audit.gov.sd/?p=3195&
2417. - http://www.audit.gov.sd/?p=3195&lang=ar
2418. - http://www.audit.gov.sd/?p=3206&
2419. - http://www.audit.gov.sd/?p=3206&lang=ar
2420. - http://www.audit.gov.sd/?p=3483&
2421. - http://www.audit.gov.sd/?p=3489&
2422. - http://www.audit.gov.sd/?p=3500&
2423. - http://www.audit.gov.sd/?p=3506&
2424. - http://www.audit.gov.sd/?p=3512&
2425. - http://www.audit.gov.sd/?p=3524&
2426. - http://www.audit.gov.sd/?p=3529&
2427. - http://www.audit.gov.sd/?p=3533&
2428. - http://www.audit.gov.sd/?p=3538&
2429. - http://www.audit.gov.sd/?p=3542&
2430. - http://www.audit.gov.sd/?p=3544&
2431. - http://www.audit.gov.sd/?p=3551&
2432. - http://www.audit.gov.sd/?p=3558&
2433. - http://www.audit.gov.sd/?p=3559&
2434. - http://www.audit.gov.sd/?p=3564&
2435. - http://www.audit.gov.sd/?p=3642&
2436. - http://www.audit.gov.sd/?p=3642&lang=ar
2437. - http://www.audit.gov.sd/?p=3657&
2438. - http://www.audit.gov.sd/?p=3657&lang=ar
2439. - http://www.audit.gov.sd/?p=3686&
2440. - http://www.audit.gov.sd/?p=3686&lang=ar
2441. - http://www.audit.gov.sd/?p=3702&
2442. - http://www.audit.gov.sd/?p=3702&lang=ar
2443. - http://www.audit.gov.sd/?page_id=212&amp;lang=ar
2444. - http://www.audit.gov.sd/?page_id=215&amp;lang=ar
2445. - http://www.audit.gov.sd/?page_id=227&amp;lang=ar
2446. - http://www.audit.gov.sd/?page_id=232&amp;lang=ar
2447. - http://www.audit.gov.sd/?page_id=236&amp;lang=ar
2448. - http://www.audit.gov.sd/?page_id=2612&amp;lang=ar
2449. - http://www.audit.gov.sd/?page_id=3057&amp;lang=ar
2450. - http://www.audit.gov.sd/?page_id=3230&amp;lang=ar
2451. - http://www.audit.gov.sd/?page_id=3253&amp;lang=ar
2452. - http://www.audit.gov.sd/?page_id=3290&amp;lang=ar
2453. - http://www.audit.gov.sd/?page_id=3299&amp;lang=ar
2454. - http://www.audit.gov.sd/?page_id=3301&amp;lang=ar
2455. - http://www.audit.gov.sd/?page_id=3306&amp;lang=ar
2456. - http://www.audit.gov.sd/?page_id=3310&amp;lang=ar
2457. - http://www.audit.gov.sd/?page_id=3314&amp;lang=ar
2458. - http://www.audit.gov.sd/?page_id=3318&amp;lang=ar
2459. - http://www.audit.gov.sd/?page_id=3330&amp;lang=ar
2460. - http://www.audit.gov.sd/?page_id=3338&amp;lang=ar
2461. - http://www.audit.gov.sd/?page_id=3349&amp;lang=ar
2462. - http://www.audit.gov.sd/?page_id=3356&amp;lang=ar
2463. - http://www.audit.gov.sd/?page_id=3362&amp;lang=ar
2464. - http://www.audit.gov.sd/?page_id=3388&amp;lang=ar
2465. - http://www.audit.gov.sd/?page_id=3393&amp;lang=ar
2466. - http://www.audit.gov.sd/?page_id=3409&amp;lang=ar
2467. - http://www.audit.gov.sd/?page_id=3627&amp;lang=ar
2468. - http://www.audit.gov.sd/?page_id=562&amp;lang=ar
2469. - http://www.audit.gov.sd/wp-content/plugins/ads-wp-site-count/css/styles.css?ver=5.1.1
2470. - http://www.audit.gov.sd/wp-content/plugins/awesome-weather/awesome-weather.css?ver=5.1.1
2471. - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.1.3
2472. - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
2473. - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
2474. - http://www.audit.gov.sd/wp-content/plugins/easy-weather-widget/css/style.min.css?ver=5.1.1
2475. - http://www.audit.gov.sd/wp-content/plugins/everest-forms/assets/css/everest-forms-rtl.css?ver=1.4.8
2476. - http://www.audit.gov.sd/wp-content/plugins/jm-breaking-news//css/breaking-news-style.css?ver=5.1.1
2477. - http://www.audit.gov.sd/wp-content/plugins/job-manager/css/display.css?ver=0.7.25
2478. - http://www.audit.gov.sd/wp-content/plugins/job-manager/js/display.js?ver=0.7.25
2479. - http://www.audit.gov.sd/wp-content/plugins/multilanguage/css/style.css?ver=1.3.3
2480. - http://www.audit.gov.sd/wp-content/plugins/page-visit-counter/public/css/counter-style.css?ver=5.1.1
2481. - http://www.audit.gov.sd/wp-content/plugins/page-visit-counter/public/js/custom.js?ver=1.0.0
2482. - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.2.24
2483. - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.2.24
2484. - http://www.audit.gov.sd/wp-content/plugins/shortcodes-ultimate/assets/css/rtl-shortcodes.css?ver=5.3.0
2485. - http://www.audit.gov.sd/wp-content/plugins/wp-advanced-pdf/asset/css/front_end.css?ver=1.1.5
2486. - http://www.audit.gov.sd/wp-content/plugins/wp-advanced-pdf/asset/js/ajaxsave.js?ver=1.1.5
2487. - http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/SpryAssets/SpryMenuBar.js?ver=1.5.2
2488. - http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/SpryAssets/global.css?ver=1.5.2
2489. - http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/themes/silver/style.css?ver=1.5.2
2490. - http://www.audit.gov.sd/wp-content/plugins/wp-symposium-toolbar/css/wp-symposium-toolbar_admin.css?ver=3223
2491. - http://www.audit.gov.sd/wp-content/themes/colormag/fontawesome/css/font-awesome.css?ver=4.2.1
2492. - http://www.audit.gov.sd/wp-content/themes/colormag/js/colormag-custom.js?ver=5.1.1
2493. - http://www.audit.gov.sd/wp-content/themes/colormag/js/fitvids/jquery.fitvids.js?ver=20150311
2494. - http://www.audit.gov.sd/wp-content/themes/colormag/js/html5shiv.min.js?ver=5.1.1
2495. - http://www.audit.gov.sd/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=4.2.10
2496. - http://www.audit.gov.sd/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=20150310
2497. - http://www.audit.gov.sd/wp-content/themes/colormag/js/magnific-popup/magnific-popup.css?ver=20150310
2498. - http://www.audit.gov.sd/wp-content/themes/colormag/js/navigation.js?ver=5.1.1
2499. - http://www.audit.gov.sd/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=1.0.0
2500. - http://www.audit.gov.sd/wp-content/themes/colormag/js/sticky/jquery.sticky.js?ver=20150309
2501. - http://www.audit.gov.sd/wp-content/themes/colormag/rtl.css
2502. - http://www.audit.gov.sd/wp-content/themes/colormag/style.css?ver=5.1.1
2503. - http://www.audit.gov.sd/wp-content/uploads/2018/03/AfroSAI.png
2504. - http://www.audit.gov.sd/wp-content/uploads/2018/03/INTOSAI.png
2505. - http://www.audit.gov.sd/wp-content/uploads/2018/03/arabosai-logo-1.png
2506. - http://www.audit.gov.sd/wp-content/uploads/2018/03/cropped-nac-1-180x180.png
2507. - http://www.audit.gov.sd/wp-content/uploads/2018/03/cropped-nac-1-192x192.png
2508. - http://www.audit.gov.sd/wp-content/uploads/2018/03/cropped-nac-1-32x32.png
2509. - http://www.audit.gov.sd/wp-content/uploads/2018/03/information-technology-related-services-500x500-130x90.png
2510. - http://www.audit.gov.sd/wp-content/uploads/2018/04/IT-Audit-Risk-Assessment1-130x90.jpeg
2511. - http://www.audit.gov.sd/wp-content/uploads/2018/06/workshop3-130x90.jpg
2512. - http://www.audit.gov.sd/wp-content/uploads/2018/07/afrosai.png
2513. - http://www.audit.gov.sd/wp-content/uploads/2018/08/WhatsApp-Image-2018-08-14-at-2.32.09-PM-392x272.jpeg
2514. - http://www.audit.gov.sd/wp-content/uploads/2018/11/sharaka_815-792x445.jpg
2515. - http://www.audit.gov.sd/wp-content/uploads/2018/11/the_hague.png
2516. - http://www.audit.gov.sd/wp-content/uploads/2018/12/2480-392x272.jpg
2517. - http://www.audit.gov.sd/wp-content/uploads/2019/01/4897-800x445.png
2518. - http://www.audit.gov.sd/wp-content/uploads/2019/01/Saudi-Audit-Berue-large-800x445.jpg
2519. - http://www.audit.gov.sd/wp-content/uploads/2019/01/Sudan_Saudia-130x90.png
2520. - http://www.audit.gov.sd/wp-content/uploads/2019/01/Sudan_Saudia-800x445.png
2521. - http://www.audit.gov.sd/wp-content/uploads/2019/01/arabosai-390x205.png
2522. - http://www.audit.gov.sd/wp-content/uploads/2019/01/signing-780x445.png
2523. - http://www.audit.gov.sd/wp-content/uploads/2019/02/1-392x272.png
2524. - http://www.audit.gov.sd/wp-content/uploads/2019/02/ICBF-regional-workshop-800x445.png
2525. - http://www.audit.gov.sd/wp-content/uploads/2019/02/Qatar_sudan-130x90.png
2526. - http://www.audit.gov.sd/wp-content/uploads/2019/02/Qatar_sudan-800x445.png
2527. - http://www.audit.gov.sd/wp-content/uploads/2019/03/Audit_BG-1.png
2528. - http://www.audit.gov.sd/wp-content/uploads/2019/03/DAG_MNoor-1-392x272.png
2529. - http://www.audit.gov.sd/wp-content/uploads/2019/03/Dag_aa-800x445.png
2530. - http://www.audit.gov.sd/wp-content/uploads/2019/03/IDI-130x90.png
2531. - http://www.audit.gov.sd/wp-content/uploads/2019/03/IDI-800x445.png
2532. - http://www.audit.gov.sd/wp-content/uploads/2019/03/Parliament-800x445.png
2533. - http://www.audit.gov.sd/wp-content/uploads/2019/03/ads_1.png
2534. - http://www.audit.gov.sd/wp-content/uploads/2019/03/cropped-logoNAC.png
2535. - http://www.audit.gov.sd/wp-content/uploads/2019/03/integrity_unit-390x205.png
2536. - http://www.audit.gov.sd/wp-content/uploads/2019/03/integrity_unit-800x445.png
2537. - http://www.audit.gov.sd/wp-content/uploads/multilanguage/ar.png
2538. - http://www.audit.gov.sd/wp-content/uploads/multilanguage/en_US.png
2539. - http://www.audit.gov.sd/wp-content/uploads/useanyfont/uaf.css?ver=1556005162
2540. - http://www.audit.gov.sd/wp-includes/css/dashicons.min.css?ver=5.1.1
2541. - http://www.audit.gov.sd/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.1.1
2542. - http://www.audit.gov.sd/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
2543. - http://www.audit.gov.sd/wp-includes/js/jquery/jquery.js?ver=1.12.4
2544. - http://www.audit.gov.sd/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
2545. - http://www.audit.gov.sd/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
2546. - http://www.audit.gov.sd/wp-includes/js/thickbox/thickbox.css?ver=5.1.1
2547. - http://www.audit.gov.sd/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
2548. - http://www.audit.gov.sd/wp-includes/js/wp-embed.min.js?ver=5.1.1
2549. - http://www.audit.gov.sd/wp-includes/wlwmanifest.xml
2550. - http://www.audit.gov.sd/xmlrpc.php?rsd
2551. - http://www.audit.gov.sd?lang=ar%2Findex.php&
2552. - http://www.intosai.org
2553. - https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300&
2554. - https://maps.googleapis.com/maps/api/js?key=AIzaSyD0xqmUYoR-r3Hqmb2TKqd74F6Q2CEBrRk&
2555. - https://plus.google.com/112988279842067073128
2556. - https://themegrill.com/themes/colormag
2557. - https://web.facebook.com/SudanAuditChamber/?ref=aymt_homepage_panel
2558. - https://wordpress.org
2559. - https://www.youtube.com/channel/UCl5Q-D82P_4bXy87aoqdNvg
2560. Total external links: 190
2561.  
2562. + Email addresses found:
2563. Total email address found: 0
2564.  
2565. + Directories found:
2566. - http://www.audit.gov.sd./fonts.googleapis.com/ (404 Not Found)
2567. - http://www.audit.gov.sd./www.audit.gov.sd/ (404 Not Found)
2568. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/ (404 Not Found)
2569. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/ (404 Not Found)
2570. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/ (404 Not Found)
2571. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/ (404 Not Found)
2572. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/ (404 Not Found)
2573. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/ (404 Not Found)
2574. - http://www.audit.gov.sd./www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ (404 Not Found)
2575. Total directories: 9
2576.  
2577. + Directory indexing found:
2578. Total directories with indexing: 0
2579.  
2580. ---------------------------------------------------------------------------------------------------------------------------------------
2581.  
2582.  
2583. + URL to crawl: http://webmail.audit.gov.sd.
2584. + Date: 2019-06-30
2585.  
2586. + Crawling URL: http://webmail.audit.gov.sd.:
2587. + Links:
2588. + Crawling http://webmail.audit.gov.sd.
2589. + Searching for directories...
2590. + Searching open folders...
2591.  
2592.  
2593. + URL to crawl: https://ftp.audit.gov.sd.
2594. + Date: 2019-06-30
2595.  
2596. + Crawling URL: https://ftp.audit.gov.sd.:
2597. + Links:
2598. + Crawling https://ftp.audit.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
2599. + Searching for directories...
2600. + Searching open folders...
2601.  
2602.  
2603. + URL to crawl: https://www.audit.gov.sd.
2604. + Date: 2019-06-30
2605.  
2606. + Crawling URL: https://www.audit.gov.sd.:
2607. + Links:
2608. + Crawling https://www.audit.gov.sd. ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727))
2609. + Searching for directories...
2610. + Searching open folders...
2611.  
2612.  
2613. + URL to crawl: https://webmail.audit.gov.sd.
2614. + Date: 2019-06-30
2615.  
2616. + Crawling URL: https://webmail.audit.gov.sd.:
2617. + Links:
2618. + Crawling https://webmail.audit.gov.sd.
2619. + Searching for directories...
2620. + Searching open folders...
2621.  
2622.  
2623. + URL to crawl: http://mail.audit.gov.sd
2624. + Date: 2019-06-30
2625.  
2626. + Crawling URL: http://mail.audit.gov.sd:
2627. + Links:
2628. + Crawling http://mail.audit.gov.sd (403 Forbidden)
2629. + Searching for directories...
2630. + Searching open folders...
2631.  
2632.  
2633. + URL to crawl: http://mail.audit.gov.sd.
2634. + Date: 2019-06-30
2635.  
2636. + Crawling URL: http://mail.audit.gov.sd.:
2637. + Links:
2638. + Crawling http://mail.audit.gov.sd. (400 Bad Request)
2639. + Searching for directories...
2640. + Searching open folders...
2641.  
2642.  
2643. + URL to crawl: https://mail.audit.gov.sd
2644. + Date: 2019-06-30
2645.  
2646. + Crawling URL: https://mail.audit.gov.sd:
2647. + Links:
2648. + Crawling https://mail.audit.gov.sd
2649. + Searching for directories...
2650. + Searching open folders...
2651.  
2652.  
2653. + URL to crawl: https://mail.audit.gov.sd.
2654. + Date: 2019-06-30
2655.  
2656. + Crawling URL: https://mail.audit.gov.sd.:
2657. + Links:
2658. + Crawling https://mail.audit.gov.sd.
2659. + Searching for directories...
2660. + Searching open folders...
2661.  
2662.  
2663. + URL to crawl: http://ns2.click-grafix.com
2664. + Date: 2019-06-30
2665.  
2666. + Crawling URL: http://ns2.click-grafix.com:
2667. + Links:
2668. + Crawling http://ns2.click-grafix.com (REDIRECTING TO: /cgi-sys/defaultwebpage.cgi)
2669. + Searching for directories...
2670. + Searching open folders...
2671.  
2672.  
2673. + URL to crawl: https://ns2.click-grafix.com
2674. + Date: 2019-06-30
2675.  
2676. + Crawling URL: https://ns2.click-grafix.com:
2677. + Links:
2678. + Crawling https://ns2.click-grafix.com
2679. + Searching for directories...
2680. + Searching open folders...
2681.  
2682. --Finished--
2683. Summary information for domain audit.gov.sd.
2684. ---------------------------------------------------------------------------------------------------------------------------------------
2685. Domain Specific Information:
2686. Email: eltahir@audit.gov.sd.
2687. Email: info@audit.gov.sd
2688. Email: eltahir@audit.gov.sd&
2689. Email: info@audit.gov.sd&
2690. Email: ahamid@audit.gov.sd,
2691. Email: ahamid@audit.gov.sd.
2692.  
2693. Domain Ips Information:
2694. IP: 138.128.160.3
2695. HostName: ns1.click-grafix.com Type: NS
2696. HostName: ns1.click-grafix.com Type: PTR
2697. Country: United States
2698. Is Active: True (reset ttl 64)
2699. Port: 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2700. Script Info: | dns-nsid:
2701. Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2702. Port: 80/tcp open http syn-ack ttl 54 Apache httpd
2703. Script Info: | http-methods:
2704. Script Info: | Supported Methods: POST OPTIONS HEAD GET TRACE
2705. Script Info: |_ Potentially risky methods: TRACE
2706. Script Info: |_http-server-header: Apache
2707. Script Info: |_http-title: Site doesn't have a title (text/html).
2708. Port: 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2709. Script Info: |_imap-capabilities: AUTH=PLAIN LOGIN-REFERRALS have IMAP4rev1 ENABLE OK more NAMESPACE Pre-login capabilities IDLE post-login listed STARTTLS AUTH=LOGINA0001 LITERAL+ ID SASL-IR
2710. Script Info: |_ssl-date: TLS randomness does not represent time
2711. Port: 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2712. Script Info: | http-methods:
2713. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
2714. Script Info: |_http-server-header: Apache
2715. Script Info: |_http-title: Site doesn't have a title (text/html).
2716. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2717. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2718. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2719. Script Info: | Public Key type: rsa
2720. Script Info: | Public Key bits: 2048
2721. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2722. Script Info: | Not valid before: 2019-06-30T00:00:00
2723. Script Info: | Not valid after: 2020-06-29T23:59:59
2724. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2725. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2726. Script Info: |_ssl-date: TLS randomness does not represent time
2727.  
2728. Port: 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2729. Script Info: | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2730. Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2731. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2732. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2733. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2734. Script Info: | Public Key type: rsa
2735. Script Info: | Public Key bits: 2048
2736. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2737. Script Info: | Not valid before: 2019-06-30T00:00:00
2738. Script Info: | Not valid after: 2020-06-29T23:59:59
2739. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2740. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2741. Script Info: |_ssl-date: TLS randomness does not represent time
2742. Port: 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2743. Script Info: | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2744. Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2745. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2746. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2747. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2748. Script Info: | Public Key type: rsa
2749. Script Info: | Public Key bits: 2048
2750. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2751. Script Info: | Not valid before: 2019-06-30T00:00:00
2752. Script Info: | Not valid after: 2020-06-29T23:59:59
2753. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2754. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2755. Script Info: |_ssl-date: TLS randomness does not represent time
2756. Port: 993/tcp open ssl/imaps? syn-ack ttl 54
2757. Script Info: |_ssl-date: TLS randomness does not represent time
2758. Os Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2759. IP: 138.128.160.2
2760. HostName: www.audit.gov.sd. Type: A
2761. HostName: ftp.audit.gov.sd. Type: A
2762. HostName: server.click-grafix.com Type: PTR
2763. HostName: webmail.audit.gov.sd. Type: A
2764. Country: United States
2765. Is Active: True (reset ttl 64)
2766. Port: 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2767. Script Info: | dns-nsid:
2768. Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2769. Port: 80/tcp open http syn-ack ttl 54 Apache httpd
2770. Script Info: | http-methods:
2771. Script Info: | Supported Methods: POST OPTIONS HEAD GET TRACE
2772. Script Info: |_ Potentially risky methods: TRACE
2773. Script Info: |_http-server-header: Apache
2774. Script Info: |_http-title: Site doesn't have a title (text/html).
2775. Port: 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2776. Script Info: |_imap-capabilities: IMAP4rev1 NAMESPACE AUTH=PLAIN Pre-login OK LITERAL+ IDLE capabilities more have post-login STARTTLS ENABLE SASL-IR listed ID LOGIN-REFERRALS AUTH=LOGINA0001
2777. Script Info: |_ssl-date: TLS randomness does not represent time
2778. Port: 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2779. Script Info: | http-methods:
2780. Script Info: |_ Supported Methods: GET HEAD
2781. Script Info: |_http-server-header: Apache
2782. Script Info: |_http-title: 400 Bad Request
2783. Script Info: | ssl-cert: Subject: commonName=abaad.sd
2784. Script Info: | Subject Alternative Name: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
2785. Script Info: | Issuer: commonName=abaad.sd
2786. Script Info: | Public Key type: rsa
2787. Script Info: | Public Key bits: 2048
2788. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2789. Script Info: | Not valid before: 2017-08-12T11:26:16
2790. Script Info: | Not valid after: 2018-08-12T11:26:16
2791. Script Info: | MD5: 78ae d5d8 edd0 888b fec7 66d8 0056 3b28
2792. Script Info: |_SHA-1: 416a 957b 5935 e3d6 4c9c 2ee7 6f20 b970 269e 26a3
2793. Script Info: |_ssl-date: TLS randomness does not represent time
2794. Script Info: | tls-alpn:
2795.  
2796. Port: 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2797. Script Info: | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2798. Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2799. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2800. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2801. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2802. Script Info: | Public Key type: rsa
2803. Script Info: | Public Key bits: 2048
2804. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2805. Script Info: | Not valid before: 2019-06-30T00:00:00
2806. Script Info: | Not valid after: 2020-06-29T23:59:59
2807. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2808. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2809. Script Info: |_ssl-date: TLS randomness does not represent time
2810. Port: 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2811. Script Info: | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2812. Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2813. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2814. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2815. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2816. Script Info: | Public Key type: rsa
2817. Script Info: | Public Key bits: 2048
2818. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2819. Script Info: | Not valid before: 2019-06-30T00:00:00
2820. Script Info: | Not valid after: 2020-06-29T23:59:59
2821. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2822. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2823. Script Info: |_ssl-date: TLS randomness does not represent time
2824. Port: 993/tcp open ssl/imaps? syn-ack ttl 54
2825. Script Info: |_ssl-date: TLS randomness does not represent time
2826. Os Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2827. IP: 212.0.136.50
2828. HostName: mail.audit.gov.sd Type: MX
2829. HostName: mail.audit.gov.sd Type: PTR
2830. HostName: mail.audit.gov.sd. Type: A
2831. Country: Sudan
2832. Is Active: True (reset ttl 64)
2833. Port: 80/tcp open http syn-ack ttl 119 Microsoft IIS httpd 8.0
2834. Script Info: |_http-server-header: Microsoft-IIS/8.0
2835. Script Info: |_http-title: 403 - Forbidden: Access is denied.
2836. Port: 443/tcp open ssl/http syn-ack ttl 119 Microsoft IIS httpd 8.0
2837. Script Info: | http-methods:
2838. Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
2839. Script Info: |_http-server-header: Microsoft-IIS/8.0
2840. Script Info: |_http-title: Site doesn't have a title (text/html; charset=utf-8).
2841. Script Info: | ssl-cert: Subject: commonName=audit-sd.com/organizationName=Al Hawafiz Computer Devices LLC/countryName=AE
2842. Script Info: | Subject Alternative Name: DNS:audit-sd.com, DNS:www.audit-sd.com
2843. Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
2844. Script Info: | Public Key type: rsa
2845. Script Info: | Public Key bits: 2048
2846. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2847. Script Info: | Not valid before: 2018-11-06T00:00:00
2848. Script Info: | Not valid after: 2019-11-14T12:00:00
2849. Script Info: | MD5: 7900 0f9a 42b1 5545 7365 e29d 12a5 df9e
2850. Script Info: |_SHA-1: 4411 685f 2b95 1e63 9741 2ad0 e021 83c1 2daa aeb4
2851. Script Info: Device type: general purpose|WAP
2852. Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X (90%), Microsoft Windows 2012 (85%)
2853. Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2854. IP: 138.128.160.4
2855. HostName: ns2.click-grafix.com Type: NS
2856. HostName: ns2.click-grafix.com Type: PTR
2857. Country: United States
2858. Is Active: True (reset ttl 64)
2859. Port: 53/tcp open domain syn-ack ttl 54 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2860. Script Info: | dns-nsid:
2861. Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
2862. Port: 80/tcp open http syn-ack ttl 54 Apache httpd
2863. Script Info: | http-methods:
2864. Script Info: | Supported Methods: POST OPTIONS HEAD GET TRACE
2865. Script Info: |_ Potentially risky methods: TRACE
2866. Script Info: |_http-server-header: Apache
2867. Script Info: |_http-title: Site doesn't have a title (text/html).
2868. Port: 143/tcp open imap syn-ack ttl 54 Dovecot imapd
2869. Script Info: |_imap-capabilities: capabilities SASL-IR LOGIN-REFERRALS LITERAL+ listed AUTH=LOGINA0001 ID STARTTLS IMAP4rev1 NAMESPACE ENABLE OK IDLE more post-login AUTH=PLAIN have Pre-login
2870. Script Info: |_ssl-date: TLS randomness does not represent time
2871. Port: 443/tcp open ssl/http syn-ack ttl 54 Apache httpd
2872. Script Info: | http-methods:
2873. Script Info: | Supported Methods: POST OPTIONS HEAD GET TRACE
2874. Script Info: |_ Potentially risky methods: TRACE
2875. Script Info: |_http-server-header: Apache
2876. Script Info: |_http-title: Site doesn't have a title (text/html).
2877. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2878. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2879. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2880. Script Info: | Public Key type: rsa
2881. Script Info: | Public Key bits: 2048
2882. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2883. Script Info: | Not valid before: 2019-06-30T00:00:00
2884. Script Info: | Not valid after: 2020-06-29T23:59:59
2885. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2886. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2887. Script Info: |_ssl-date: TLS randomness does not represent time
2888. Script Info: | tls-alpn:
2889.  
2890. Port: 465/tcp open ssl/smtp syn-ack ttl 54 Exim smtpd 4.92
2891. Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
2892. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2893. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2894. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2895. Script Info: | Public Key type: rsa
2896. Script Info: | Public Key bits: 2048
2897. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2898. Script Info: | Not valid before: 2019-06-30T00:00:00
2899. Script Info: | Not valid after: 2020-06-29T23:59:59
2900. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2901. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2902. Script Info: |_ssl-date: TLS randomness does not represent time
2903. Port: 587/tcp open smtp syn-ack ttl 54 Exim smtpd 4.92
2904. Script Info: | smtp-commands: server.click-grafix.com Hello nmap.scanme.org [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2905. Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2906. Script Info: | ssl-cert: Subject: commonName=server.click-grafix.com
2907. Script Info: | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2908. Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2909. Script Info: | Public Key type: rsa
2910. Script Info: | Public Key bits: 2048
2911. Script Info: | Signature Algorithm: sha256WithRSAEncryption
2912. Script Info: | Not valid before: 2019-06-30T00:00:00
2913. Script Info: | Not valid after: 2020-06-29T23:59:59
2914. Script Info: | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
2915. Script Info: |_SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
2916. Script Info: |_ssl-date: TLS randomness does not represent time
2917. Port: 993/tcp open ssl/imaps? syn-ack ttl 54
2918. Script Info: |_ssl-date: TLS randomness does not represent time
2919. Os Info: Host: server.click-grafix.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2920.  
2921. #######################################################################################################################################
2922. dnsenum VERSION:1.2.4
2923.  
2924. ----- www.audit.gov.sd -----
2925.  
2926.  
2927. Host's addresses:
2928. __________________
2929.  
2930. audit.gov.sd. 10625 IN A 138.128.160.2
2931.  
2932.  
2933. Name Servers:
2934. ______________
2935.  
2936. ns1.click-grafix.com. 11908 IN A 138.128.160.3
2937. ns2.click-grafix.com. 11908 IN A 138.128.160.4
2938.  
2939.  
2940. Mail (MX) Servers:
2941. ___________________
2942.  
2943. mail.audit.gov.sd. 11903 IN A 212.0.136.50
2944.  
2945.  
2946. Trying Zone Transfers and getting Bind Versions:
2947. _________________________________________________
2948.  
2949.  
2950. Trying Zone Transfer for www.audit.gov.sd on ns1.click-grafix.com ...
2951.  
2952. Trying Zone Transfer for www.audit.gov.sd on ns2.click-grafix.com ...
2953.  
2954. brute force file not specified, bay.
2955. #######################################################################################################################################
2956. ===============================================
2957. -=Subfinder v1.1.3 github.com/subfinder/subfinder
2958. ===============================================
2959.  
2960.  
2961. Running Source: Ask
2962. Running Source: Archive.is
2963. Running Source: Baidu
2964. Running Source: Bing
2965. Running Source: CertDB
2966. Running Source: CertificateTransparency
2967. Running Source: Certspotter
2968. Running Source: Commoncrawl
2969. Running Source: Crt.sh
2970. Running Source: Dnsdb
2971. Running Source: DNSDumpster
2972. Running Source: DNSTable
2973. Running Source: Dogpile
2974. Running Source: Exalead
2975. Running Source: Findsubdomains
2976. Running Source: Googleter
2977. Running Source: Hackertarget
2978. Running Source: Ipv4Info
2979. Running Source: PTRArchive
2980. Running Source: Sitedossier
2981. Running Source: Threatcrowd
2982. Running Source: ThreatMiner
2983. Running Source: WaybackArchive
2984. Running Source: Yahoo
2985.  
2986. Running enumeration on www.audit.gov.sd
2987.  
2988. dnsdb: Unexpected return status 503
2989.  
2990. ipv4info: <nil>
2991.  
2992. waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.www.audit.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
2993.  
2994. dogpile: Get https://www.dogpile.com/search/web?q=www.audit.gov.sd&qsi=1: EOF
2995.  
2996.  
2997. Starting Bruteforcing of www.audit.gov.sd with 9985 words
2998.  
2999. Total 1 Unique subdomains found for www.audit.gov.sd
3000.  
3001. .www.audit.gov.sd
3002. #######################################################################################################################################
3003. [*] Processing domain www.audit.gov.sd
3004. [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
3005. [+] Getting nameservers
3006. 138.128.160.4 - ns2.click-grafix.com
3007. 138.128.160.3 - ns1.click-grafix.com
3008. [-] Zone transfer failed
3009.  
3010. [+] MX records found, added to target list
3011. 0 mail.audit.gov.sd.
3012.  
3013. [*] Scanning www.audit.gov.sd for A records
3014. 138.128.160.2 - www.audit.gov.sd
3015. #######################################################################################################################################
3016. [+] www.audit.gov.sd has no SPF record!
3017. [*] No DMARC record found. Looking for organizational record
3018. [*] Found organizational DMARC record:
3019. [*] v=DMARC1;p=none;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400
3020. [+] Organizational subdomain policy set to none
3021. [+] Spoofing possible for www.audit.gov.sd!
3022. #######################################################################################################################################
3023. dig: '.www.audit.gov.sd' is not a legal name (empty label)
3024.  
3025. SubOver v.1.2 Nizamul Rana (@Ice3man)
3026. ==================================================
3027.  
3028.  
3029. [~] Enjoy your hunt !
3030. [Not Vulnerable] .www.audit.gov.sd
3031. [Not Vulnerable] 128.65.195.96
3032. [Not Vulnerable] 141.105.65.111
3033. [Not Vulnerable] 107.154.85.17
3034. [Not Vulnerable] 77.104.162.243
3035. [Not Vulnerable] 67.225.171.176
3036. [Not Vulnerable] domain
3037. [Not Vulnerable] www.albetaqa.site
3038. [Not Vulnerable] www.sudan-tourism.gov.sd
3039. [Not Vulnerable] www.chechensinsyria.com
3040. [Not Vulnerable] www.banque-comores.km
3041. [Not Vulnerable] www.audit.gov.sd
3042. [Not Vulnerable] islam-iea.com
3043. #######################################################################################################################################
3044. INFO[0000] Starting to process queue....
3045. INFO[0000] Starting to process permutations....
3046. INFO[0000] FORBIDDEN http://ldap-audit.s3.amazonaws.com (http://audit.gov.sd)
3047. INFO[0000] FORBIDDEN http://oracle-audit.s3.amazonaws.com (http://audit.gov.sd)
3048. INFO[0000] FORBIDDEN http://cf-audit.s3.amazonaws.com (http://audit.gov.sd)
3049. INFO[0000] FORBIDDEN http://audit.s3.amazonaws.com (http://audit.gov.sd)
3050. INFO[0000] FORBIDDEN http://mysql-audit.s3.amazonaws.com (http://audit.gov.sd)
3051. INFO[0000] FORBIDDEN http://sec-audit.s3.amazonaws.com (http://audit.gov.sd)
3052. INFO[0000] FORBIDDEN http://dns-audit.s3.amazonaws.com (http://audit.gov.sd)
3053. INFO[0000] FORBIDDEN http://audit-backup.s3.amazonaws.com (http://audit.gov.sd)
3054. INFO[0000] FORBIDDEN http://ios-audit.s3.amazonaws.com (http://audit.gov.sd)
3055. INFO[0000] FORBIDDEN http://audit-s3.s3.amazonaws.com (http://audit.gov.sd)
3056. INFO[0000] FORBIDDEN http://audit-reports.s3.amazonaws.com (http://audit.gov.sd)
3057. INFO[0000] FORBIDDEN http://dynamo-audit.s3.amazonaws.com (http://audit.gov.sd)
3058. INFO[0000] FORBIDDEN http://ec2-audit.s3.amazonaws.com (http://audit.gov.sd)
3059. INFO[0000] FORBIDDEN http://audit-staging.s3.amazonaws.com (http://audit.gov.sd)
3060. INFO[0000] FORBIDDEN http://backup-audit.s3.amazonaws.com (http://audit.gov.sd)
3061. INFO[0000] FORBIDDEN http://audit-elb.s3.amazonaws.com (http://audit.gov.sd)
3062. INFO[0000] FORBIDDEN http://audit-testing.s3.amazonaws.com (http://audit.gov.sd)
3063. INFO[0000] FORBIDDEN http://audit-logs.s3.amazonaws.com (http://audit.gov.sd)
3064. INFO[0001] FORBIDDEN http://aws-audit.s3.amazonaws.com (http://audit.gov.sd)
3065. INFO[0001] FORBIDDEN http://audit-data.s3.amazonaws.com (http://audit.gov.sd)
3066. INFO[0001] FORBIDDEN http://audit-scripts.s3.amazonaws.com (http://audit.gov.sd)
3067. INFO[0001] FORBIDDEN http://devops-audit.s3.amazonaws.com (http://audit.gov.sd)
3068. INFO[0001] FORBIDDEN http://internal-audit.s3.amazonaws.com (http://audit.gov.sd)
3069. INFO[0001] FORBIDDEN http://ops-audit.s3.amazonaws.com (http://audit.gov.sd)
3070. INFO[0001] FORBIDDEN http://audit-test.s3.amazonaws.com (http://audit.gov.sd)
3071. INFO[0001] FORBIDDEN http://stage-audit.s3.amazonaws.com (http://audit.gov.sd)
3072. INFO[0001] FORBIDDEN http://elb-audit.s3.amazonaws.com (http://audit.gov.sd)
3073. INFO[0001] FORBIDDEN http://iam-audit.s3.amazonaws.com (http://audit.gov.sd)
3074. INFO[0001] FORBIDDEN http://security-audit.s3.amazonaws.com (http://audit.gov.sd)
3075. INFO[0001] FORBIDDEN http://media-audit.s3.amazonaws.com (http://audit.gov.sd)
3076. INFO[0001] FORBIDDEN http://dev-audit.s3.amazonaws.com (http://audit.gov.sd)
3077. INFO[0001] FORBIDDEN http://audit-lambda.s3.amazonaws.com (http://audit.gov.sd)
3078. INFO[0001] FORBIDDEN http://audit-iam.s3.amazonaws.com (http://audit.gov.sd)
3079. INFO[0001] FORBIDDEN http://billing-audit.s3.amazonaws.com (http://audit.gov.sd)
3080. INFO[0001] FORBIDDEN http://rds-audit.s3.amazonaws.com (http://audit.gov.sd)
3081. INFO[0001] FORBIDDEN http://audit-oracle.s3.amazonaws.com (http://audit.gov.sd)
3082. INFO[0001] FORBIDDEN http://audit-aws.s3.amazonaws.com (http://audit.gov.sd)
3083. INFO[0001] FORBIDDEN http://admin-audit.s3.amazonaws.com (http://audit.gov.sd)
3084. INFO[0001] FORBIDDEN http://bucket-audit.s3.amazonaws.com (http://audit.gov.sd)
3085. INFO[0001] FORBIDDEN http://audit-bucket.s3.amazonaws.com (http://audit.gov.sd)
3086. INFO[0001] FORBIDDEN http://audit-billing.s3.amazonaws.com (http://audit.gov.sd)
3087. INFO[0001] FORBIDDEN http://syslog-audit.s3.amazonaws.com (http://audit.gov.sd)
3088. INFO[0001] FORBIDDEN http://audit-temp.s3.amazonaws.com (http://audit.gov.sd)
3089. INFO[0001] FORBIDDEN http://audit-docker.s3.amazonaws.com (http://audit.gov.sd)
3090. INFO[0001] FORBIDDEN http://audit-tmp.s3.amazonaws.com (http://audit.gov.sd)
3091. INFO[0001] FORBIDDEN http://cluster-audit.s3.amazonaws.com (http://audit.gov.sd)
3092. #######################################################################################################################################
3093. 5.226.173.0/24
3094. 8.10.120.0/24
3095. 8.19.188.0/22
3096. 8.33.160.0/20
3097. 23.92.60.0/23
3098. 23.239.129.0/24
3099. 23.239.130.0/24
3100. 23.239.132.0/24
3101. 23.239.134.0/24
3102. 23.239.135.0/24
3103. 23.239.140.0/24
3104. 23.239.145.0/24
3105. 23.239.146.0/24
3106. 23.239.150.0/24
3107. 23.239.151.0/24
3108. 23.239.157.0/24
3109. 23.239.159.0/24
3110. 23.249.224.0/23
3111. 45.59.16.0/24
3112. 45.59.31.0/24
3113. 63.142.244.0/23
3114. 63.142.246.0/23
3115. 64.37.48.0/20
3116. 64.132.144.0/24
3117. 65.248.144.0/24
3118. 66.7.192.0/19
3119. 66.193.174.0/23
3120. 66.193.230.0/23
3121. 66.194.40.0/23
3122. 66.194.152.0/23
3123. 66.194.238.0/23
3124. 66.195.16.0/22
3125. 66.195.16.0/24
3126. 66.195.17.0/24
3127. 66.195.18.0/24
3128. 66.195.19.0/24
3129. 66.195.124.0/22
3130. 66.195.124.0/24
3131. 66.195.125.0/24
3132. 66.195.126.0/24
3133. 66.195.127.0/24
3134. 66.195.240.0/22
3135. 66.195.240.0/24
3136. 66.195.241.0/24
3137. 66.195.242.0/24
3138. 66.195.243.0/24
3139. 66.195.252.0/24
3140. 67.23.224.0/19
3141. 67.23.224.0/20
3142. 67.23.224.0/21
3143. 67.23.232.0/22
3144. 67.23.236.0/23
3145. 67.23.238.0/24
3146. 67.23.239.0/24
3147. 69.80.224.0/20
3148. 72.29.64.0/19
3149. 72.29.76.0/24
3150. 72.53.192.0/24
3151. 72.53.194.0/24
3152. 72.53.200.0/24
3153. 72.53.201.0/24
3154. 72.53.202.0/24
3155. 86.111.176.0/20
3156. 86.111.176.0/22
3157. 86.111.180.0/23
3158. 86.111.182.0/23
3159. 86.111.184.0/21
3160. 103.13.240.0/22
3161. 103.13.240.0/24
3162. 103.13.241.0/24
3163. 103.13.242.0/24
3164. 103.13.243.0/24
3165. 104.37.58.0/24
3166. 104.200.141.0/24
3167. 104.200.144.0/24
3168. 104.200.232.0/22
3169. 104.237.10.0/24
3170. 104.237.12.0/24
3171. 104.237.15.0/24
3172. 104.251.80.0/24
3173. 104.251.89.0/24
3174. 104.251.212.0/23
3175. 104.251.220.0/24
3176. 104.251.221.0/24
3177. 107.161.176.0/20
3178. 107.161.176.0/21
3179. 107.161.184.0/24
3180. 107.161.185.0/24
3181. 107.161.186.0/23
3182. 107.161.188.0/22
3183. 107.190.128.0/20
3184. 107.190.128.0/22
3185. 107.190.132.0/24
3186. 107.190.133.0/24
3187. 107.190.134.0/24
3188. 107.190.135.0/24
3189. 107.190.136.0/21
3190. 109.73.160.0/24
3191. 109.73.162.0/24
3192. 109.73.163.0/24
3193. 109.73.165.0/24
3194. 109.73.167.0/24
3195. 109.73.171.0/24
3196. 109.73.174.0/24
3197. 129.75.0.0/18
3198. 129.75.64.0/24
3199. 129.75.67.0/24
3200. 129.75.72.0/21
3201. 129.75.80.0/21
3202. 129.75.88.0/21
3203. 129.75.96.0/21
3204. 129.75.96.0/20
3205. 129.75.104.0/21
3206. 129.75.120.0/21
3207. 129.75.128.0/21
3208. 129.75.140.0/22
3209. 129.75.152.0/21
3210. 129.75.168.0/21
3211. 129.75.192.0/18
3212. 129.134.32.0/21
3213. 129.134.40.0/21
3214. 129.134.48.0/21
3215. 129.134.56.0/21
3216. 129.134.64.0/19
3217. 129.134.96.0/19
3218. 129.134.128.0/20
3219. 129.134.144.0/20
3220. 129.134.160.0/20
3221. 129.134.208.0/21
3222. 129.134.224.0/19
3223. 138.121.200.0/22
3224. 138.121.200.0/23
3225. 138.121.202.0/24
3226. 138.121.203.0/24
3227. 138.128.160.0/19
3228. 138.128.160.0/21
3229. 138.128.168.0/24
3230. 138.128.169.0/24
3231. 138.128.170.0/23
3232. 138.128.172.0/24
3233. 138.128.173.0/24
3234. 138.128.174.0/23
3235. 138.128.176.0/24
3236. 138.128.177.0/24
3237. 138.128.178.0/23
3238. 138.128.180.0/24
3239. 138.128.181.0/24
3240. 138.128.182.0/24
3241. 138.128.183.0/24
3242. 138.128.184.0/24
3243. 138.128.185.0/24
3244. 138.128.186.0/23
3245. 138.128.188.0/22
3246. 143.255.56.0/23
3247. 143.255.58.0/24
3248. 143.255.59.0/24
3249. 156.236.26.0/24
3250. 156.236.27.0/24
3251. 162.221.184.0/21
3252. 162.221.184.0/22
3253. 162.221.188.0/24
3254. 162.221.189.0/24
3255. 162.221.190.0/23
3256. 172.111.134.0/24
3257. 177.234.144.0/24
3258. 177.234.144.0/21
3259. 177.234.145.0/24
3260. 177.234.146.0/24
3261. 177.234.147.0/24
3262. 177.234.148.0/24
3263. 177.234.149.0/24
3264. 177.234.150.0/24
3265. 177.234.151.0/24
3266. 177.234.152.0/24
3267. 177.234.153.0/24
3268. 177.234.154.0/24
3269. 177.234.155.0/24
3270. 177.234.156.0/24
3271. 177.234.156.0/22
3272. 177.234.157.0/24
3273. 177.234.158.0/24
3274. 177.234.159.0/24
3275. 179.48.64.0/19
3276. 179.61.252.0/24
3277. 179.191.176.0/24
3278. 181.41.195.0/24
3279. 184.171.240.0/20
3280. 185.7.80.0/22
3281. 185.34.40.0/24
3282. 185.38.44.0/22
3283. 185.183.182.0/24
3284. 185.185.126.0/24
3285. 185.185.127.0/24
3286. 185.189.27.0/24
3287. 186.224.107.0/24
3288. 186.227.192.0/24
3289. 186.227.193.0/24
3290. 186.227.194.0/24
3291. 186.227.194.0/23
3292. 186.227.195.0/24
3293. 186.227.196.0/24
3294. 186.227.196.0/22
3295. 186.227.197.0/24
3296. 186.227.198.0/24
3297. 186.227.199.0/24
3298. 186.227.200.0/24
3299. 186.227.200.0/21
3300. 186.227.201.0/24
3301. 186.227.202.0/24
3302. 186.227.203.0/24
3303. 186.227.204.0/24
3304. 186.227.205.0/24
3305. 186.227.206.0/24
3306. 186.227.207.0/24
3307. 187.45.176.0/21
3308. 187.45.176.0/23
3309. 187.45.176.0/24
3310. 187.45.176.0/22
3311. 187.45.177.0/24
3312. 187.45.178.0/23
3313. 187.45.178.0/24
3314. 187.45.179.0/24
3315. 187.45.180.0/23
3316. 187.45.180.0/24
3317. 187.45.181.0/24
3318. 187.45.182.0/23
3319. 187.45.182.0/24
3320. 187.45.183.0/24
3321. 187.45.184.0/24
3322. 187.45.184.0/22
3323. 187.45.185.0/24
3324. 187.45.186.0/24
3325. 187.45.187.0/24
3326. 187.45.188.0/24
3327. 187.45.188.0/23
3328. 187.45.189.0/24
3329. 187.45.190.0/24
3330. 187.45.191.0/24
3331. 191.96.106.0/24
3332. 196.55.2.0/24
3333. 198.49.64.0/20
3334. 198.49.64.0/22
3335. 198.49.68.0/23
3336. 198.49.70.0/24
3337. 198.49.71.0/24
3338. 198.49.72.0/22
3339. 198.49.76.0/23
3340. 198.49.78.0/24
3341. 198.49.79.0/24
3342. 198.136.48.0/20
3343. 198.136.48.0/22
3344. 198.136.52.0/23
3345. 198.136.54.0/24
3346. 198.136.55.0/24
3347. 198.136.56.0/24
3348. 198.136.57.0/24
3349. 198.136.58.0/24
3350. 198.136.58.0/23
3351. 198.136.60.0/24
3352. 198.136.61.0/24
3353. 198.136.62.0/23
3354. 199.166.30.0/23
3355. 199.168.184.0/21
3356. 201.131.124.0/22
3357. 201.131.125.0/24
3358. 201.131.126.0/24
3359. 201.131.127.0/24
3360. 208.184.146.0/23
3361. 209.148.93.0/24
3362. 212.18.224.0/20
3363. 212.18.224.0/22
3364. 212.18.228.0/23
3365. 212.18.230.0/24
3366. 212.18.231.0/24
3367. 212.18.232.0/24
3368. 212.18.233.0/24
3369. 212.18.234.0/23
3370. 212.18.234.0/24
3371. 212.18.235.0/24
3372. 212.18.236.0/24
3373. 212.18.237.0/24
3374. 212.18.238.0/23
3375. 240.50.64.0/23
3376. #######################################################################################################################################
3377. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:20 EDT
3378. Nmap scan report for www.audit.gov.sd (138.128.160.2)
3379. Host is up (0.23s latency).
3380. rDNS record for 138.128.160.2: server.click-grafix.com
3381. Not shown: 457 filtered ports, 9 closed ports
3382. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3383. PORT STATE SERVICE
3384. 21/tcp open ftp
3385. 53/tcp open domain
3386. 80/tcp open http
3387. 110/tcp open pop3
3388. 143/tcp open imap
3389. 443/tcp open https
3390. 465/tcp open smtps
3391. 587/tcp open submission
3392. 993/tcp open imaps
3393. 995/tcp open pop3s
3394.  
3395. Nmap done: 1 IP address (1 host up) scanned in 5.78 seconds
3396. #######################################################################################################################################
3397. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:20 EDT
3398. Nmap scan report for www.audit.gov.sd (138.128.160.2)
3399. Host is up (0.12s latency).
3400. rDNS record for 138.128.160.2: server.click-grafix.com
3401. Not shown: 2 filtered ports
3402. PORT STATE SERVICE
3403. 53/udp open domain
3404. 67/udp open|filtered dhcps
3405. 68/udp open|filtered dhcpc
3406. 69/udp open|filtered tftp
3407. 88/udp open|filtered kerberos-sec
3408. 123/udp open|filtered ntp
3409. 139/udp open|filtered netbios-ssn
3410. 161/udp open|filtered snmp
3411. 162/udp open|filtered snmptrap
3412. 389/udp open|filtered ldap
3413. 520/udp open|filtered route
3414. 2049/udp open|filtered nfs
3415.  
3416. Nmap done: 1 IP address (1 host up) scanned in 2.36 seconds
3417. #######################################################################################################################################
3418. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:20 EDT
3419. Nmap scan report for www.audit.gov.sd (138.128.160.2)
3420. Host is up (0.22s latency).
3421. rDNS record for 138.128.160.2: server.click-grafix.com
3422.  
3423. PORT STATE SERVICE VERSION
3424. 21/tcp open ftp Pure-FTPd
3425. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3426. Aggressive OS guesses: Linux 3.18 (98%), Linux 2.6.32 (97%), Linux 2.6.32 or 3.10 (97%), Linux 2.6.35 (97%), Tandberg VCS video conferencing system (97%), Linux 4.8 (97%), Synology DiskStation Manager 5.1 (97%), Linux 3.10 - 3.12 (97%), Linux 4.4 (97%), Linux 4.9 (97%)
3427. No exact OS matches for host (test conditions non-ideal).
3428. Network Distance: 13 hops
3429.  
3430. TRACEROUTE (using port 21/tcp)
3431. HOP RTT ADDRESS
3432. 1 109.54 ms 10.249.200.1
3433. 2 120.16 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3434. 3 110.18 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3435. 4 115.76 ms be3674.ccr41.par01.atlas.cogentco.com (130.117.48.233)
3436. 5 188.71 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
3437. 6 192.77 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
3438. 7 204.18 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3439. 8 212.21 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3440. 9 215.39 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3441. 10 216.43 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3442. 11 219.21 ms 38.104.89.26
3443. 12 220.21 ms ae2.core1.mco.hostdime.com (67.23.229.201)
3444. 13 222.27 ms server.click-grafix.com (138.128.160.2)
3445. #######################################################################################################################################
3446. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:31 EDT
3447. Nmap scan report for www.audit.gov.sd (138.128.160.2)
3448. Host is up (0.22s latency).
3449. rDNS record for 138.128.160.2: server.click-grafix.com
3450.  
3451. PORT STATE SERVICE VERSION
3452. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3453. |_dns-fuzz: Server didn't response to our probe, can't fuzz
3454. | dns-nsec-enum:
3455. |_ No NSEC records found
3456. | dns-nsec3-enum:
3457. |_ DNSSEC NSEC3 not supported
3458. | dns-nsid:
3459. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
3460. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3461. Aggressive OS guesses: Linux 3.18 (98%), Linux 2.6.32 (97%), Linux 3.10 (97%), Linux 3.5 (97%), Linux 4.2 (97%), Synology DiskStation Manager 5.1 (97%), Linux 2.6.32 or 3.10 (95%), Linux 2.6.35 (95%), Linux 3.4 (95%), Linux 3.7 (95%)
3462. No exact OS matches for host (test conditions non-ideal).
3463. Network Distance: 13 hops
3464. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3465.  
3466. Host script results:
3467. | dns-blacklist:
3468. | SPAM
3469. | spam.dnsbl.sorbs.net - SPAM
3470. | dnsbl.inps.de - SPAM
3471. |_ Spam Received See: http://www.sorbs.net/lookup.shtml?138.128.160.2
3472. | dns-brute:
3473. | DNS Brute-force hostnames:
3474. | mail.audit.gov.sd - 212.0.136.50
3475. | www.audit.gov.sd - 138.128.160.2
3476. |_ ftp.audit.gov.sd - 138.128.160.2
3477.  
3478. TRACEROUTE (using port 53/tcp)
3479. HOP RTT ADDRESS
3480. 1 110.04 ms 10.249.200.1
3481. 2 110.08 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3482. 3 110.20 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3483. 4 116.18 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
3484. 5 188.70 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
3485. 6 192.90 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
3486. 7 203.68 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
3487. 8 212.09 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
3488. 9 215.20 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3489. 10 215.25 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3490. 11 216.08 ms 38.104.89.26
3491. 12 222.61 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3492. 13 223.43 ms server.click-grafix.com (138.128.160.2)
3493. #######################################################################################################################################
3494. http://www.audit.gov.sd [302 Found] Apache, Cookies[PHPSESSID,mltlngg_language], Country[UNITED STATES][US], HTTPServer[Apache], IP[138.128.160.2], PHP[5.6.40], RedirectLocation[http://www.audit.gov.sd/?lang=ar], UncommonHeaders[x-redirect-by], X-Powered-By[PHP/5.6.40]
3495. http://www.audit.gov.sd/?lang=ar [200 OK] Apache, Cookies[PHPSESSID,mltlngg_language], Country[UNITED STATES][US], Email[info@audit.gov.sd], HTML5, HTTPServer[Apache], IP[138.128.160.2], JQuery[1.12.4], MetaGenerator[Everest Forms 1.4.8,WordPress 5.1.1], PHP[5.6.40], Script[text/javascript], Title[National Audit Chamber], UncommonHeaders[referrer-policy,x-content-type-options,link], WordPress[5.1.1], X-Frame-Options[SAMEORIGIN], X-Powered-By[PHP/5.6.40], X-XSS-Protection[1; mode=block]
3496. #######################################################################################################################################
3497.  
3498. wig - WebApp Information Gatherer
3499.  
3500.  
3501. Scanning http://www.audit.gov.sd...
3502. ___________________________________________________ SITE INFO ____________________________________________________
3503. IP Title
3504. 138.128.160.2 National Audit Chamber
3505.  
3506. ____________________________________________________ VERSION _____________________________________________________
3507. Name Versions Type
3508. WordPress 3.8 | 3.8.1 | 3.8.2 | 3.8.3 | 3.8.4 | 3.8.5 | 3.8.6 | 3.8.7 CMS
3509. 3.8.8 | 3.9 | 3.9.1 | 3.9.2 | 3.9.3 | 3.9.4 | 3.9.5 | 3.9.6
3510. 4.0 | 4.0.1 | 4.0.2 | 4.0.3 | 4.0.4 | 4.0.5 | 4.1 | 4.1.1
3511. 4.1.2 | 4.1.3 | 4.1.4 | 4.1.5 | 4.2 | 4.2.1 | 4.2.2
3512. Apache Platform
3513. PHP 5.6.40 Platform
3514.  
3515. __________________________________________________ INTERESTING ___________________________________________________
3516. URL Note Type
3517. /readme.html Readme file Interesting
3518. /robots.txt robots.txt index Interesting
3519.  
3520. _____________________________________________________ TOOLS ______________________________________________________
3521. Name Link Software
3522. wpscan https://github.com/wpscanteam/wpscan WordPress
3523. CMSmap https://github.com/Dionach/CMSmap WordPress
3524.  
3525. ________________________________________________ VULNERABILITIES _________________________________________________
3526. Affected #Vulns Link
3527. WordPress 3.8 12 http://cvedetails.com/version/162922
3528. WordPress 3.8.1 12 http://cvedetails.com/version/162923
3529. WordPress 3.8.2 7 http://cvedetails.com/version/176067
3530. WordPress 3.8.3 7 http://cvedetails.com/version/176068
3531. WordPress 3.8.4 8 http://cvedetails.com/version/176069
3532. WordPress 3.9 8 http://cvedetails.com/version/176070
3533. WordPress 3.9.1 15 http://cvedetails.com/version/169908
3534. WordPress 3.9.2 10 http://cvedetails.com/version/176071
3535. WordPress 3.9.3 1 http://cvedetails.com/version/185080
3536. WordPress 4.0 9 http://cvedetails.com/version/176072
3537. WordPress 4.0.1 1 http://cvedetails.com/version/185081
3538. WordPress 4.1 1 http://cvedetails.com/version/185082
3539. WordPress 4.1.1 2 http://cvedetails.com/version/185079
3540. WordPress 4.2 1 http://cvedetails.com/version/185048
3541. WordPress 4.2.1 1 http://cvedetails.com/version/184019
3542. WordPress 4.2.2 2 http://cvedetails.com/version/185073
3543.  
3544. __________________________________________________________________________________________________________________
3545. Time: 73.2 sec Urls: 394 Fingerprints: 40401
3546. #######################################################################################################################################
3547. HTTP/1.1 302 Moved Temporarily
3548. Date: Sun, 30 Jun 2019 21:34:39 GMT
3549. Server: Apache
3550. X-Powered-By: PHP/5.6.40
3551. Expires: Thu, 19 Nov 1981 08:52:00 GMT
3552. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
3553. Pragma: no-cache
3554. X-Redirect-By: WordPress
3555. Set-Cookie: PHPSESSID=3eh7jcbe5tqc7g80slumrfvek2; path=/
3556. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:34:40 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
3557. Location: http://www.audit.gov.sd/?lang=ar
3558. Connection: close
3559. Content-Type: text/html; charset=UTF-8
3560.  
3561. HTTP/1.1 302 Moved Temporarily
3562. Date: Sun, 30 Jun 2019 21:34:41 GMT
3563. Server: Apache
3564. X-Powered-By: PHP/5.6.40
3565. Expires: Thu, 19 Nov 1981 08:52:00 GMT
3566. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
3567. Pragma: no-cache
3568. X-Redirect-By: WordPress
3569. Set-Cookie: PHPSESSID=tku76253l4bsf279q65s2d51m0; path=/
3570. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:34:42 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
3571. Location: http://www.audit.gov.sd/?lang=ar
3572. Connection: close
3573. Content-Type: text/html; charset=UTF-8
3574.  
3575. HTTP/1.1 200 OK
3576. Date: Sun, 30 Jun 2019 21:34:42 GMT
3577. Server: Apache
3578. X-Powered-By: PHP/5.6.40
3579. Expires: Thu, 19 Nov 1981 08:52:00 GMT
3580. Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
3581. Pragma: no-cache
3582. Referrer-Policy: unsafe-url
3583. x-frame-options: SAMEORIGIN
3584. X-XSS-Protection: 1; mode=block
3585. X-Content-Type-Options: nosniff
3586. Link: <http://www.audit.gov.sd?lang=ar%2Findex.php&rest_route=/>; rel="https://api.w.org/"
3587. Set-Cookie: PHPSESSID=dhaegl8oleo92o8v35lhp170j7; path=/
3588. Set-Cookie: mltlngg_language=ar; expires=Tue, 30-Jul-2019 21:34:43 GMT; Max-Age=2592000; path=/; domain=.audit.gov.sd
3589. Set-Cookie: icwp-wpsf=3130d31f418e9d73fbbf040c81b86f17; expires=Sat, 26-Jan-2069 19:09:26 GMT; Max-Age=1564522483; path=/
3590. Connection: close
3591. Content-Type: text/html; charset=UTF-8
3592. #######################################################################################################################################
3593. jQuery Migrate
3594. Apache
3595. PHP 5.6.40
3596. WordPress
3597. Google Font API
3598. Google Maps
3599. jQuery 1.12.4
3600. #######################################################################################################################################
3601. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:35 EDT
3602. Nmap scan report for www.audit.gov.sd (138.128.160.2)
3603. Host is up (0.22s latency).
3604. rDNS record for 138.128.160.2: server.click-grafix.com
3605.  
3606. PORT STATE SERVICE VERSION
3607. 110/tcp open pop3 Dovecot pop3d
3608. | pop3-brute:
3609. | Accounts: No valid accounts found
3610. | Statistics: Performed 72 guesses in 58 seconds, average tps: 1.2
3611. |_ ERROR: Failed to connect.
3612. |_pop3-capabilities: AUTH-RESP-CODE UIDL STLS TOP PIPELINING RESP-CODES CAPA USER SASL(PLAIN LOGIN)
3613. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3614. Aggressive OS guesses: Linux 4.4 (98%), Linux 3.18 (98%), Linux 2.6.32 (97%), Linux 2.6.35 (97%), Linux 3.10 (97%), Linux 3.4 (97%), Linux 3.5 (97%), Linux 3.7 (97%), Linux 4.2 (97%), Synology DiskStation Manager 5.1 (97%)
3615. No exact OS matches for host (test conditions non-ideal).
3616. Network Distance: 13 hops
3617.  
3618. TRACEROUTE (using port 443/tcp)
3619. HOP RTT ADDRESS
3620. 1 110.35 ms 10.249.200.1
3621. 2 110.93 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3622. 3 110.95 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3623. 4 116.42 ms be3674.ccr41.par01.atlas.cogentco.com (130.117.48.233)
3624. 5 188.09 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
3625. 6 195.13 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
3626. 7 205.15 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3627. 8 213.12 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3628. 9 215.52 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3629. 10 217.84 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3630. 11 217.88 ms 38.104.89.26
3631. 12 219.96 ms ae2.core1.mco.hostdime.com (67.23.229.201)
3632. 13 223.61 ms server.click-grafix.com (138.128.160.2)
3633. #######################################################################################################################################
3634. https://www.audit.gov.sd [302 Found] Apache, Cookies[PHPSESSID,mltlngg_language], Country[UNITED STATES][US], HTTPServer[Apache], IP[138.128.160.2], PHP[5.6.40], RedirectLocation[https://www.audit.gov.sd/?lang=ar], UncommonHeaders[x-redirect-by], X-Powered-By[PHP/5.6.40]
3635. https://www.audit.gov.sd/?lang=ar [200 OK] Apache, Cookies[PHPSESSID,mltlngg_language], Country[UNITED STATES][US], Email[info@audit.gov.sd], HTML5, HTTPServer[Apache], IP[138.128.160.2], JQuery[1.12.4], MetaGenerator[Everest Forms 1.4.8,WordPress 5.1.1], PHP[5.6.40], Script[text/javascript], Title[National Audit Chamber], UncommonHeaders[referrer-policy,x-content-type-options,link], WordPress[5.1.1], X-Frame-Options[SAMEORIGIN], X-Powered-By[PHP/5.6.40], X-XSS-Protection[1; mode=block]
3636. #######################################################################################################################################
3637. Google Maps
3638. Apache
3639. Google Font API
3640. PHP 5.6.40
3641. WordPress
3642. jQuery 1.12.4
3643. jQuery Migrate
3644. #######################################################################################################################################
3645. Version: 1.11.13-static
3646. OpenSSL 1.0.2-chacha (1.0.2g-dev)
3647.  
3648. Connected to 138.128.160.2
3649.  
3650. Testing SSL server www.audit.gov.sd on port 443 using SNI name www.audit.gov.sd
3651.  
3652. TLS Fallback SCSV:
3653. Server supports TLS Fallback SCSV
3654.  
3655. TLS renegotiation:
3656. Secure session renegotiation supported
3657.  
3658. TLS Compression:
3659. Compression disabled
3660.  
3661. Heartbleed:
3662. TLS 1.2 not vulnerable to heartbleed
3663. TLS 1.1 not vulnerable to heartbleed
3664. TLS 1.0 not vulnerable to heartbleed
3665.  
3666. Supported Server Cipher(s):
3667. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3668. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3669. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3670. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3671. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3672. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3673. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
3674. Accepted TLSv1.2 256 bits AES256-SHA256
3675. Accepted TLSv1.2 256 bits AES256-SHA
3676. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3677. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3678. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3679. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3680. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3681. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3682. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
3683. Accepted TLSv1.2 128 bits AES128-SHA256
3684. Accepted TLSv1.2 128 bits AES128-SHA
3685. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3686. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
3687. Accepted TLSv1.2 112 bits DES-CBC3-SHA
3688. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3689. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3690. Accepted TLSv1.1 256 bits AES256-SHA
3691. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3692. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3693. Accepted TLSv1.1 128 bits AES128-SHA
3694. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3695. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
3696. Accepted TLSv1.1 112 bits DES-CBC3-SHA
3697. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3698. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3699. Accepted TLSv1.0 256 bits AES256-SHA
3700. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3701. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3702. Accepted TLSv1.0 128 bits AES128-SHA
3703. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3704. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
3705. Accepted TLSv1.0 112 bits DES-CBC3-SHA
3706.  
3707. SSL Certificate:
3708. Signature Algorithm: sha256WithRSAEncryption
3709. RSA Key Strength: 2048
3710.  
3711. Subject: audit.gov.sd
3712. Altnames: DNS:audit.gov.sd, DNS:mail.audit.gov.sd, DNS:www.audit.gov.sd
3713. Issuer: audit.gov.sd
3714.  
3715. Not valid before: Aug 12 13:17:45 2017 GMT
3716. Not valid after: Aug 12 13:17:45 2018 GMT
3717. #######################################################################################################################################
3718. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:50 EDT
3719. Nmap scan report for server.click-grafix.com (138.128.160.2)
3720. Host is up (0.21s latency).
3721. Not shown: 460 filtered ports, 9 closed ports
3722. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3723. PORT STATE SERVICE
3724. 53/tcp open domain
3725. 80/tcp open http
3726. 143/tcp open imap
3727. 443/tcp open https
3728. 465/tcp open smtps
3729. 587/tcp open submission
3730. 993/tcp open imaps
3731.  
3732. Nmap done: 1 IP address (1 host up) scanned in 6.71 seconds
3733. #######################################################################################################################################
3734. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:50 EDT
3735. Nmap scan report for server.click-grafix.com (138.128.160.2)
3736. Host is up (0.13s latency).
3737. Not shown: 2 filtered ports
3738. PORT STATE SERVICE
3739. 53/udp open domain
3740. 67/udp open|filtered dhcps
3741. 68/udp open|filtered dhcpc
3742. 69/udp open|filtered tftp
3743. 88/udp open|filtered kerberos-sec
3744. 123/udp open|filtered ntp
3745. 139/udp open|filtered netbios-ssn
3746. 161/udp open|filtered snmp
3747. 162/udp open|filtered snmptrap
3748. 389/udp open|filtered ldap
3749. 520/udp open|filtered route
3750. 2049/udp open|filtered nfs
3751.  
3752. Nmap done: 1 IP address (1 host up) scanned in 2.32 seconds
3753. #######################################################################################################################################
3754. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:50 EDT
3755. Nmap scan report for server.click-grafix.com (138.128.160.2)
3756. Host is up (0.22s latency).
3757.  
3758. PORT STATE SERVICE VERSION
3759. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3760. |_dns-fuzz: Server didn't response to our probe, can't fuzz
3761. | dns-nsec-enum:
3762. |_ No NSEC records found
3763. | dns-nsec3-enum:
3764. |_ DNSSEC NSEC3 not supported
3765. | dns-nsid:
3766. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
3767. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3768. Aggressive OS guesses: Linux 3.18 (98%), Linux 2.6.32 (97%), Linux 3.4 (97%), Linux 3.7 (97%), Synology DiskStation Manager 5.1 (97%), Linux 3.1 - 3.2 (97%), Linux 3.10 - 3.12 (97%), Linux 4.4 (97%), Linux 4.9 (97%), Linux 2.6.32 or 3.10 (95%)
3769. No exact OS matches for host (test conditions non-ideal).
3770. Network Distance: 13 hops
3771. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3772.  
3773. Host script results:
3774. | dns-blacklist:
3775. | SPAM
3776. | dnsbl.inps.de - SPAM
3777. | Spam Received See: http://www.sorbs.net/lookup.shtml?138.128.160.2
3778. |_ spam.dnsbl.sorbs.net - SPAM
3779. | dns-brute:
3780. | DNS Brute-force hostnames:
3781. | ns1.click-grafix.com - 138.128.160.3
3782. | ns2.click-grafix.com - 138.128.160.4
3783. | mail.click-grafix.com - 138.128.160.2
3784. | server.click-grafix.com - 138.128.160.2
3785. | www.click-grafix.com - 138.128.160.2
3786. |_ ftp.click-grafix.com - 138.128.160.2
3787.  
3788. TRACEROUTE (using port 53/tcp)
3789. HOP RTT ADDRESS
3790. 1 113.17 ms 10.249.200.1
3791. 2 151.20 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3792. 3 114.00 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3793. 4 113.85 ms be3674.ccr41.par01.atlas.cogentco.com (130.117.48.233)
3794. 5 186.83 ms be3627.ccr41.jfk02.atlas.cogentco.com (66.28.4.197)
3795. 6 192.45 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
3796. 7 202.05 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3797. 8 210.47 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3798. 9 213.50 ms be3641.rcr52.mco01.atlas.cogentco.com (154.24.22.125)
3799. 10 213.34 ms te0-0-1-3.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.25.30)
3800. 11 218.40 ms 38.104.89.26
3801. 12 223.66 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3802. 13 218.03 ms server.click-grafix.com (138.128.160.2)
3803. #######################################################################################################################################
3804. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:51 EDT
3805. Nmap scan report for server.click-grafix.com (138.128.160.2)
3806. Host is up (0.22s latency).
3807.  
3808. PORT STATE SERVICE VERSION
3809. 67/udp open|filtered dhcps
3810. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
3811. Too many fingerprints match this host to give specific OS details
3812. Network Distance: 13 hops
3813.  
3814. TRACEROUTE (using proto 1/icmp)
3815. HOP RTT ADDRESS
3816. 1 109.77 ms 10.249.200.1
3817. 2 109.80 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3818. 3 110.38 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3819. 4 116.09 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
3820. 5 187.78 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
3821. 6 193.55 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
3822. 7 204.36 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3823. 8 211.58 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3824. 9 214.61 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3825. 10 216.23 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3826. 11 217.13 ms 38.104.89.26
3827. 12 222.89 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3828. 13 222.90 ms server.click-grafix.com (138.128.160.2)
3829. #######################################################################################################################################
3830. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:53 EDT
3831. Nmap scan report for server.click-grafix.com (138.128.160.2)
3832. Host is up (0.22s latency).
3833.  
3834. PORT STATE SERVICE VERSION
3835. 68/udp open|filtered dhcpc
3836. Too many fingerprints match this host to give specific OS details
3837. Network Distance: 13 hops
3838.  
3839. TRACEROUTE (using proto 1/icmp)
3840. HOP RTT ADDRESS
3841. 1 114.35 ms 10.249.200.1
3842. 2 117.93 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3843. 3 115.12 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3844. 4 120.56 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
3845. 5 191.56 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
3846. 6 197.38 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
3847. 7 202.57 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3848. 8 209.60 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3849. 9 212.49 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3850. 10 213.88 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3851. 11 218.44 ms 38.104.89.26
3852. 12 223.35 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3853. 13 223.36 ms server.click-grafix.com (138.128.160.2)
3854. #######################################################################################################################################
3855. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:54 EDT
3856. Nmap scan report for server.click-grafix.com (138.128.160.2)
3857. Host is up (0.22s latency).
3858.  
3859. PORT STATE SERVICE VERSION
3860. 69/udp open|filtered tftp
3861. Too many fingerprints match this host to give specific OS details
3862. Network Distance: 13 hops
3863.  
3864. TRACEROUTE (using proto 1/icmp)
3865. HOP RTT ADDRESS
3866. 1 115.11 ms 10.249.200.1
3867. 2 153.28 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3868. 3 115.73 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3869. 4 121.19 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
3870. 5 193.95 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
3871. 6 199.54 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
3872. 7 209.59 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3873. 8 217.81 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3874. 9 220.23 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3875. 10 215.07 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3876. 11 218.56 ms 38.104.89.26
3877. 12 223.87 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3878. 13 223.90 ms server.click-grafix.com (138.128.160.2)
3879. #######################################################################################################################################
3880. http://138.128.160.2 [200 OK] Apache, Country[UNITED STATES][US], HTTPServer[Apache], IP[138.128.160.2], Meta-Refresh-Redirect[/cgi-sys/defaultwebpage.cgi]
3881. http://138.128.160.2/cgi-sys/defaultwebpage.cgi [200 OK] Apache, Country[UNITED STATES][US], Email[webmaster@138.128.160.2], HTML5, HTTPServer[Apache], IP[138.128.160.2], Title[Default Web Site Page]
3882. #######################################################################################################################################
3883.  
3884. wig - WebApp Information Gatherer
3885.  
3886.  
3887. Scanning http://138.128.160.2...
3888. _________________ SITE INFO __________________
3889. IP Title
3890. 138.128.160.2
3891.  
3892. __________________ VERSION ___________________
3893. Name Versions Type
3894. Apache Platform
3895.  
3896. ______________________________________________
3897. Time: 37.8 sec Urls: 601 Fingerprints: 40401
3898. #######################################################################################################################################
3899. HTTP/1.1 200 OK
3900. Date: Sun, 30 Jun 2019 21:57:44 GMT
3901. Server: Apache
3902. Last-Modified: Wed, 30 Jan 2019 02:03:25 GMT
3903. ETag: "70a0253-a3-580a350ab9540"
3904. Accept-Ranges: bytes
3905. Content-Length: 163
3906. Connection: close
3907. Content-Type: text/html
3908.  
3909. HTTP/1.1 200 OK
3910. Date: Sun, 30 Jun 2019 21:57:45 GMT
3911. Server: Apache
3912. Last-Modified: Wed, 30 Jan 2019 02:03:25 GMT
3913. ETag: "70a0253-a3-580a350ab9540"
3914. Accept-Ranges: bytes
3915. Content-Length: 163
3916. Connection: close
3917. Content-Type: text/html
3918.  
3919. Allow: POST,OPTIONS,HEAD,GET,TRACE
3920. #######################################################################################################################################
3921. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 17:57 EDT
3922. Nmap scan report for server.click-grafix.com (138.128.160.2)
3923. Host is up (0.22s latency).
3924.  
3925. PORT STATE SERVICE VERSION
3926. 123/udp open|filtered ntp
3927. Too many fingerprints match this host to give specific OS details
3928. Network Distance: 13 hops
3929.  
3930. TRACEROUTE (using proto 1/icmp)
3931. HOP RTT ADDRESS
3932. 1 117.09 ms 10.249.200.1
3933. 2 117.15 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
3934. 3 117.19 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
3935. 4 122.91 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
3936. 5 193.96 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
3937. 6 199.55 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
3938. 7 210.36 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
3939. 8 217.78 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
3940. 9 220.60 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
3941. 10 213.68 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
3942. 11 217.10 ms 38.104.89.26
3943. 12 222.41 ms ae2.core2.mco.hostdime.com (67.23.229.205)
3944. 13 222.61 ms server.click-grafix.com (138.128.160.2)
3945. #######################################################################################################################################
3946. prettyPhoto
3947. Apache
3948. jQuery 3.3.1
3949. OWL Carousel
3950. Bootstrap
3951. #######################################################################################################################################
3952. Version: 1.11.13-static
3953. OpenSSL 1.0.2-chacha (1.0.2g-dev)
3954.  
3955. Connected to 138.128.160.2
3956.  
3957. Testing SSL server 138.128.160.2 on port 443 using SNI name 138.128.160.2
3958.  
3959. TLS Fallback SCSV:
3960. Server supports TLS Fallback SCSV
3961.  
3962. TLS renegotiation:
3963. Secure session renegotiation supported
3964.  
3965. TLS Compression:
3966. Compression disabled
3967.  
3968. Heartbleed:
3969. TLS 1.2 not vulnerable to heartbleed
3970. TLS 1.1 not vulnerable to heartbleed
3971. TLS 1.0 not vulnerable to heartbleed
3972.  
3973. Supported Server Cipher(s):
3974. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3975. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3976. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3977. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3978. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3979. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3980. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
3981. Accepted TLSv1.2 256 bits AES256-SHA256
3982. Accepted TLSv1.2 256 bits AES256-SHA
3983. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3984. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3985. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3986. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3987. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3988. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3989. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
3990. Accepted TLSv1.2 128 bits AES128-SHA256
3991. Accepted TLSv1.2 128 bits AES128-SHA
3992. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3993. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
3994. Accepted TLSv1.2 112 bits DES-CBC3-SHA
3995. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3996. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3997. Accepted TLSv1.1 256 bits AES256-SHA
3998. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3999. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4000. Accepted TLSv1.1 128 bits AES128-SHA
4001. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
4002. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
4003. Accepted TLSv1.1 112 bits DES-CBC3-SHA
4004. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
4005. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
4006. Accepted TLSv1.0 256 bits AES256-SHA
4007. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
4008. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
4009. Accepted TLSv1.0 128 bits AES128-SHA
4010. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
4011. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
4012. Accepted TLSv1.0 112 bits DES-CBC3-SHA
4013.  
4014. SSL Certificate:
4015. Signature Algorithm: sha256WithRSAEncryption
4016. RSA Key Strength: 2048
4017.  
4018. Subject: abaad.sd
4019. Altnames: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
4020. Issuer: abaad.sd
4021.  
4022. Not valid before: Aug 12 11:26:16 2017 GMT
4023. Not valid after: Aug 12 11:26:16 2018 GMT
4024. #######################################################################################################################################
4025. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 18:05 EDT
4026. NSE: Loaded 148 scripts for scanning.
4027. NSE: Script Pre-scanning.
4028. NSE: Starting runlevel 1 (of 2) scan.
4029. Initiating NSE at 18:05
4030. Completed NSE at 18:05, 0.00s elapsed
4031. NSE: Starting runlevel 2 (of 2) scan.
4032. Initiating NSE at 18:05
4033. Completed NSE at 18:05, 0.00s elapsed
4034. Initiating Ping Scan at 18:05
4035. Scanning 138.128.160.2 [4 ports]
4036. Completed Ping Scan at 18:05, 0.26s elapsed (1 total hosts)
4037. Initiating Parallel DNS resolution of 1 host. at 18:05
4038. Completed Parallel DNS resolution of 1 host. at 18:05, 0.07s elapsed
4039. Initiating Connect Scan at 18:05
4040. Scanning server.click-grafix.com (138.128.160.2) [65535 ports]
4041. Discovered open port 53/tcp on 138.128.160.2
4042. Discovered open port 143/tcp on 138.128.160.2
4043. Discovered open port 443/tcp on 138.128.160.2
4044. Discovered open port 80/tcp on 138.128.160.2
4045. Discovered open port 587/tcp on 138.128.160.2
4046. Discovered open port 993/tcp on 138.128.160.2
4047. Connect Scan Timing: About 5.06% done; ETC: 18:15 (0:09:41 remaining)
4048. Discovered open port 2087/tcp on 138.128.160.2
4049. Discovered open port 2095/tcp on 138.128.160.2
4050. Connect Scan Timing: About 12.78% done; ETC: 18:13 (0:06:56 remaining)
4051. Connect Scan Timing: About 14.65% done; ETC: 18:15 (0:08:50 remaining)
4052. Connect Scan Timing: About 27.63% done; ETC: 18:12 (0:05:17 remaining)
4053. Connect Scan Timing: About 47.00% done; ETC: 18:10 (0:02:50 remaining)
4054. Connect Scan Timing: About 68.90% done; ETC: 18:09 (0:01:22 remaining)
4055. Completed Connect Scan at 18:08, 218.50s elapsed (65535 total ports)
4056. Initiating Service scan at 18:08
4057. Scanning 8 services on server.click-grafix.com (138.128.160.2)
4058. Completed Service scan at 18:11, 158.50s elapsed (8 services on 1 host)
4059. Initiating OS detection (try #1) against server.click-grafix.com (138.128.160.2)
4060. Retrying OS detection (try #2) against server.click-grafix.com (138.128.160.2)
4061. Initiating Traceroute at 18:11
4062. Completed Traceroute at 18:11, 0.35s elapsed
4063. Initiating Parallel DNS resolution of 13 hosts. at 18:11
4064. Completed Parallel DNS resolution of 13 hosts. at 18:11, 0.19s elapsed
4065. NSE: Script scanning 138.128.160.2.
4066. NSE: Starting runlevel 1 (of 2) scan.
4067. Initiating NSE at 18:11
4068. NSE Timing: About 99.27% done; ETC: 18:12 (0:00:00 remaining)
4069. NSE Timing: About 99.36% done; ETC: 18:12 (0:00:00 remaining)
4070. Completed NSE at 18:12, 71.47s elapsed
4071. NSE: Starting runlevel 2 (of 2) scan.
4072. Initiating NSE at 18:12
4073. Completed NSE at 18:12, 1.24s elapsed
4074. Nmap scan report for server.click-grafix.com (138.128.160.2)
4075. Host is up, received syn-ack ttl 54 (0.13s latency).
4076. Scanned at 2019-06-30 18:05:12 EDT for 456s
4077. Not shown: 65137 filtered ports, 390 closed ports
4078. Reason: 65137 no-responses and 390 conn-refused
4079. PORT STATE SERVICE REASON VERSION
4080. 53/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
4081. | dns-nsid:
4082. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
4083. 80/tcp open http syn-ack Apache httpd
4084. | http-methods:
4085. | Supported Methods: POST OPTIONS HEAD GET TRACE
4086. |_ Potentially risky methods: TRACE
4087. |_http-server-header: Apache
4088. |_http-title: Site doesn't have a title (text/html).
4089. 143/tcp open imap syn-ack Dovecot imapd
4090. |_imap-capabilities: SASL-IR ENABLE AUTH=PLAIN IMAP4rev1 post-login Pre-login NAMESPACE IDLE LOGIN-REFERRALS capabilities AUTH=LOGINA0001 ID more OK have LITERAL+ listed STARTTLS
4091. |_ssl-date: TLS randomness does not represent time
4092. 443/tcp open ssl/http syn-ack Apache httpd
4093. | http-methods:
4094. | Supported Methods: POST OPTIONS HEAD GET TRACE
4095. |_ Potentially risky methods: TRACE
4096. |_http-server-header: Apache
4097. |_http-title: Site doesn't have a title (text/html).
4098. | ssl-cert: Subject: commonName=abaad.sd
4099. | Subject Alternative Name: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
4100. | Issuer: commonName=abaad.sd
4101. | Public Key type: rsa
4102. | Public Key bits: 2048
4103. | Signature Algorithm: sha256WithRSAEncryption
4104. | Not valid before: 2017-08-12T11:26:16
4105. | Not valid after: 2018-08-12T11:26:16
4106. | MD5: 78ae d5d8 edd0 888b fec7 66d8 0056 3b28
4107. | SHA-1: 416a 957b 5935 e3d6 4c9c 2ee7 6f20 b970 269e 26a3
4108. | -----BEGIN CERTIFICATE-----
4109. | MIIDJDCCAgygAwIBAgIFAOx/YEowDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwI
4110. | YWJhYWQuc2QwHhcNMTcwODEyMTEyNjE2WhcNMTgwODEyMTEyNjE2WjATMREwDwYD
4111. | VQQDDAhhYmFhZC5zZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDM
4112. | hJz/G2HEm8jAf+I1DAmSdfiiNOZSNE31cQc/32KppLnMEoZE2rflf8pwF/MHZi4V
4113. | rWmtYNCeKLIH50bEL5eeLZBNa2xJf7lbAjvLSzVFus+nzH8B9MAjAuiLu4DuJSkX
4114. | Ld6sS0CACCeicThyxqhQJtjdJJLTMcd6BPJMdJXRznQNC5zEZQoOfRSzoLojIckl
4115. | 4FIrYhSSTm2MGy0FbpvV61kpb2a9pOi3+Zw4ZcUslbAZ00xtHTaG9fr/IS+d56rd
4116. | 9VuuThACMcTb/K5W5PutioiqoTPE8eh8q9OPu8A1IlcAffpKGuUqze5iSAtbU7Aa
4117. | TUenAQFoiPQPuhxsbDECAwEAAaN/MH0wHQYDVR0OBBYEFNreitXDTP70QyKQDCQj
4118. | Z8IWfFM7MB8GA1UdIwQYMBaAFNreitXDTP70QyKQDCQjZ8IWfFM7MAkGA1UdEwQC
4119. | MAAwMAYDVR0RBCkwJ4IIYWJhYWQuc2SCDW1haWwuYWJhYWQuc2SCDHd3dy5hYmFh
4120. | ZC5zZDANBgkqhkiG9w0BAQsFAAOCAQEAJdFK5DKTRSfkSTWe+E9oqV5+dwesfRdA
4121. | yyEDSv0zHn8ByPjC5ZfCOadmuZ7f2Z7tQVxvhfQS20NPXjzLut7/zuzH2GlXItwT
4122. | EZX/bZWueBB8crmtfTwFdnHDfk/lYs6vXwPy+xYpReuUGUqeDAuWpuxYgmTnzSsV
4123. | isZxoWqxXPOmpLao1wSf+SAmBZogUKiB/FmCLdcpmekX+HSQuQzYvouSfbKX1wbd
4124. | CfWHi5/Qe66YXFHIIyQJKaEdaNyFgwaJsyRhXTMiMvwVX27SYQJFdnuVdxBM/NwL
4125. | IYruPIROB+wvh4JDEW1dr/JnlYr1+czZad2ZGGm1H2xU7wIcWiSK3Q==
4126. |_-----END CERTIFICATE-----
4127. |_ssl-date: TLS randomness does not represent time
4128. | tls-alpn:
4129.  
4130. 587/tcp open smtp syn-ack Exim smtpd 4.92
4131. | smtp-commands: server.click-grafix.com Hello server.click-grafix.com [185.232.21.119], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
4132. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
4133. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
4134. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
4135. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
4136. | Public Key type: rsa
4137. | Public Key bits: 2048
4138. | Signature Algorithm: sha256WithRSAEncryption
4139. | Not valid before: 2019-06-30T00:00:00
4140. | Not valid after: 2020-06-29T23:59:59
4141. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
4142. | SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
4143. | -----BEGIN CERTIFICATE-----
4144. | MIIGQTCCBSmgAwIBAgIQeMLOS6PSm10OezKHQxdOCjANBgkqhkiG9w0BAQsFADBy
4145. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
4146. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
4147. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDYzMDAwMDAwMFoXDTIwMDYyOTIzNTk1
4148. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
4149. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
4150. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeRXmK/NoairHM+sUA7/Sx
4151. | +4aUaFLpK9HGQDDTqwBkeanyeUQhf4NauYUuLAkCxZS7pqHXudxgye5iYgk3vYJh
4152. | 2s7LpJWypfi6xhYH14Amh0qpJv6dyGS++DZpMJiiZx7TC3eYS1js3qGm2H+eZK9Y
4153. | xMsFfI6lYtxDhMAazgqMegNW2xfeV3CFSQ5pfk0z8sYmWBhWefwo96lcZ9C4Vd5r
4154. | uOQrm2AlsWdot6QhDAiwI/6WA9fikQWdjZsf1/zn0nQrFmKeB/erhQPvf4gRR32Y
4155. | f9dubTs8T3lL6ZGE0yU66Xz8C0U3fxNmiAui4pTztgHqYgKWrUmB6u0P1AKJJ6RF
4156. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
4157. | BgNVHQ4EFgQUrg2QPaQsijhp05yerU7uthYmvUIwDgYDVR0PAQH/BAQDAgWgMAwG
4158. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
4159. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
4160. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
4161. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
4162. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
4163. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
4164. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
4165. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
4166. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAu9nfvB+KcbWTlCOX
4167. | qpJ7RzhXlQqrUugakJZkNo4e0YUAAAFrpk9VtQAABAMARzBFAiEAm634uvAjGD67
4168. | 7PUtH69ktb8uURVHlibgBDzGih0N7X4CIDrLLzhcTaL9rbBJMUkFkXaQVCWZTnZQ
4169. | 3ndWBgpVKg+8AHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFr
4170. | pk9V1QAABAMARzBFAiEAx4UX/K60pkIIx37lzgsABfdJu1/f7KVeOqKqot/DilMC
4171. | IEcuPthZqjlq1et0g7IDkCNPd1x9FyvafjLE8+BmVGoNMA0GCSqGSIb3DQEBCwUA
4172. | A4IBAQArz6ZYgc8JaamYpSau5kFH8kkvFFPjJqPZ5k4/IotNg52gKwP6vTbkPO2w
4173. | Ym8OUeZ+wJk0lH37GB/LcixSSf4yFV7buKblzFfAIrS4GP4gbWNGiP92qx5q2c+Z
4174. | k4LXB+fh6y0kkKGuK9+lxmr+ew8s09SnUCHTPsCCJU3YKaLqhA9V0rrYrjdZRHNw
4175. | Tfuik0C6WIOEG1i7huARRakxp+WmgFCzvIRL1bkl4v4Hr854Zq8dH2uh7zaf8r83
4176. | WfrI1euVTpu2UKv5ghpq7TpIsl+NRPqT3gPpyeGp03r2aYK9jEMelUsg615Rx8fc
4177. | 9T049gfynHptRSQ5jQB3hcg0LjbS
4178. |_-----END CERTIFICATE-----
4179. |_ssl-date: TLS randomness does not represent time
4180. 993/tcp open ssl/imaps? syn-ack
4181. |_ssl-date: TLS randomness does not represent time
4182. 2087/tcp open ssl/eli? syn-ack
4183. | fingerprint-strings:
4184. | GetRequest:
4185. | HTTP/1.0 200 OK
4186. | Connection: close
4187. | Content-Type: text/html; charset="utf-8"
4188. | Date: Sun, 30 Jun 2019 22:09:17 GMT
4189. | Cache-Control: no-cache, no-store, must-revalidate, private
4190. | Pragma: no-cache
4191. | Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4192. | Set-Cookie: whostmgrsession=%3axNSTgLD9Y903Rs9l%2cf03edfd7984a9e52cfd56ece40c2fce5; HttpOnly; path=/; port=2087; secure
4193. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4194. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4195. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4196. | Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.server.click-grafix.com
4197. | HTTPOptions:
4198. | HTTP/1.0 200 OK
4199. | Connection: close
4200. | Content-Type: text/html; charset="utf-8"
4201. | Date: Sun, 30 Jun 2019 22:09:18 GMT
4202. | Cache-Control: no-cache, no-store, must-revalidate, private
4203. | Pragma: no-cache
4204. | Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4205. | Set-Cookie: whostmgrsession=%3a4hxhVEF_d3s6W2t0%2c83c0232717bef5f9adc3181efa38916f; HttpOnly; path=/; port=2087; secure
4206. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4207. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4208. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
4209. |_ Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.server.click-grafix.com
4210. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
4211. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
4212. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
4213. | Public Key type: rsa
4214. | Public Key bits: 2048
4215. | Signature Algorithm: sha256WithRSAEncryption
4216. | Not valid before: 2019-06-30T00:00:00
4217. | Not valid after: 2020-06-29T23:59:59
4218. | MD5: b29c 3abc b460 f262 6860 f153 9e6c e929
4219. | SHA-1: f7d4 5179 b4b5 afcc 4734 6db2 0f71 4dea 5eee 26d2
4220. | -----BEGIN CERTIFICATE-----
4221. | MIIGQTCCBSmgAwIBAgIQeMLOS6PSm10OezKHQxdOCjANBgkqhkiG9w0BAQsFADBy
4222. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
4223. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
4224. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDYzMDAwMDAwMFoXDTIwMDYyOTIzNTk1
4225. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
4226. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
4227. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeRXmK/NoairHM+sUA7/Sx
4228. | +4aUaFLpK9HGQDDTqwBkeanyeUQhf4NauYUuLAkCxZS7pqHXudxgye5iYgk3vYJh
4229. | 2s7LpJWypfi6xhYH14Amh0qpJv6dyGS++DZpMJiiZx7TC3eYS1js3qGm2H+eZK9Y
4230. | xMsFfI6lYtxDhMAazgqMegNW2xfeV3CFSQ5pfk0z8sYmWBhWefwo96lcZ9C4Vd5r
4231. | uOQrm2AlsWdot6QhDAiwI/6WA9fikQWdjZsf1/zn0nQrFmKeB/erhQPvf4gRR32Y
4232. | f9dubTs8T3lL6ZGE0yU66Xz8C0U3fxNmiAui4pTztgHqYgKWrUmB6u0P1AKJJ6RF
4233. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
4234. | BgNVHQ4EFgQUrg2QPaQsijhp05yerU7uthYmvUIwDgYDVR0PAQH/BAQDAgWgMAwG
4235. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
4236. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
4237. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
4238. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
4239. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
4240. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
4241. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
4242. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
4243. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAu9nfvB+KcbWTlCOX
4244. | qpJ7RzhXlQqrUugakJZkNo4e0YUAAAFrpk9VtQAABAMARzBFAiEAm634uvAjGD67
4245. | 7PUtH69ktb8uURVHlibgBDzGih0N7X4CIDrLLzhcTaL9rbBJMUkFkXaQVCWZTnZQ
4246. | 3ndWBgpVKg+8AHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFr
4247. | pk9V1QAABAMARzBFAiEAx4UX/K60pkIIx37lzgsABfdJu1/f7KVeOqKqot/DilMC
4248. | IEcuPthZqjlq1et0g7IDkCNPd1x9FyvafjLE8+BmVGoNMA0GCSqGSIb3DQEBCwUA
4249. | A4IBAQArz6ZYgc8JaamYpSau5kFH8kkvFFPjJqPZ5k4/IotNg52gKwP6vTbkPO2w
4250. | Ym8OUeZ+wJk0lH37GB/LcixSSf4yFV7buKblzFfAIrS4GP4gbWNGiP92qx5q2c+Z
4251. | k4LXB+fh6y0kkKGuK9+lxmr+ew8s09SnUCHTPsCCJU3YKaLqhA9V0rrYrjdZRHNw
4252. | Tfuik0C6WIOEG1i7huARRakxp+WmgFCzvIRL1bkl4v4Hr854Zq8dH2uh7zaf8r83
4253. | WfrI1euVTpu2UKv5ghpq7TpIsl+NRPqT3gPpyeGp03r2aYK9jEMelUsg615Rx8fc
4254. | 9T049gfynHptRSQ5jQB3hcg0LjbS
4255. |_-----END CERTIFICATE-----
4256. |_ssl-date: TLS randomness does not represent time
4257. 2095/tcp open nbx-ser? syn-ack
4258. | fingerprint-strings:
4259. | SIPOptions:
4260. | HTTP/1.1 301 Moved
4261. | Content-length: 129
4262. | Location: https://server.click-grafix.com:2096/sip%3anm
4263. | Content-type: text/html; charset="utf-8"
4264. | Cache-Control: no-cache, no-store, must-revalidate, private
4265. |_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://server.click-grafix.com:2096/sip%3anm"></head><body></body></html>
4266. 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
4267. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
4268. SF-Port2087-TCP:V=7.70%T=SSL%I=7%D=6/30%Time=5D193312%P=x86_64-pc-linux-gn
4269. SF:u%r(GetRequest,4000,"HTTP/1\.0\x20200\x20OK\r\nConnection:\x20close\r\n
4270. SF:Content-Type:\x20text/html;\x20charset=\"utf-8\"\r\nDate:\x20Sun,\x2030
4271. SF:\x20Jun\x202019\x2022:09:17\x20GMT\r\nCache-Control:\x20no-cache,\x20no
4272. SF:-store,\x20must-revalidate,\x20private\r\nPragma:\x20no-cache\r\nSet-Co
4273. SF:okie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-197
4274. SF:0\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:
4275. SF:\x20whostmgrsession=%3axNSTgLD9Y903Rs9l%2cf03edfd7984a9e52cfd56ece40c2f
4276. SF:ce5;\x20HttpOnly;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x20
4277. SF:roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x
4278. SF:2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x2
4279. SF:0roundcube_sessauth=expired;\x20HttpOnly;\x20domain=server\.click-grafi
4280. SF:x\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x
4281. SF:20port=2087;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;\x2
4282. SF:0domain=\.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x20
4283. SF:00:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x20h
4284. SF:orde_secret_key=expired;\x20HttpOnly;\x20domain=\.server\.click-grafix\
4285. SF:.com")%r(HTTPOptions,4000,"HTTP/1\.0\x20200\x20OK\r\nConnection:\x20clo
4286. SF:se\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nDate:\x20Sun,
4287. SF:\x2030\x20Jun\x202019\x2022:09:18\x20GMT\r\nCache-Control:\x20no-cache,
4288. SF:\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20no-cache\r\n
4289. SF:Set-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-J
4290. SF:an-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-C
4291. SF:ookie:\x20whostmgrsession=%3a4hxhVEF_d3s6W2t0%2c83c0232717bef5f9adc3181
4292. SF:efa38916f;\x20HttpOnly;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cooki
4293. SF:e:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-
4294. SF:1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cook
4295. SF:ie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=server\.click
4296. SF:-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20pat
4297. SF:h=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOn
4298. SF:ly;\x20domain=\.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-19
4299. SF:70\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie
4300. SF::\x20horde_secret_key=expired;\x20HttpOnly;\x20domain=\.server\.click-g
4301. SF:rafix\.com");
4302. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
4303. SF-Port2095-TCP:V=7.70%I=7%D=6/30%Time=5D193355%P=x86_64-pc-linux-gnu%r(SI
4304. SF:POptions,14C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20129\r\nLo
4305. SF:cation:\x20https://server\.click-grafix\.com:2096/sip%3anm\r\nContent-t
4306. SF:ype:\x20text/html;\x20charset=\"utf-8\"\r\nCache-Control:\x20no-cache,\
4307. SF:x20no-store,\x20must-revalidate,\x20private\r\n\r\n<html><head><META\x2
4308. SF:0HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https://server\.click-grafix
4309. SF:\.com:2096/sip%3anm\"></head><body></body></html>\n");
4310. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
4311. Aggressive OS guesses: Linux 3.10 - 3.12 (92%), Linux 4.4 (92%), Linux 4.9 (92%), Android 5.0.1 (91%), Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.35 (91%), Linux 2.6.39 (91%), Synology DiskStation Manager 5.1 (91%), WatchGuard Fireware 11.8 (91%)
4312. No exact OS matches for host (test conditions non-ideal).
4313. TCP/IP fingerprint:
4314. SCAN(V=7.70%E=4%D=6/30%OT=53%CT=22%CU=%PV=N%DS=13%DC=T%G=N%TM=5D1933E0%P=x86_64-pc-linux-gnu)
4315. SEQ(SP=101%GCD=1%ISR=10E%TI=Z%TS=A)
4316. ECN(R=Y%DF=Y%TG=40%W=7210%O=M44FNW7%CC=Y%Q=)
4317. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
4318. T2(R=N)
4319. T3(R=N)
4320. T4(R=N)
4321. T5(R=N)
4322. T6(R=N)
4323. T7(R=N)
4324. U1(R=N)
4325. IE(R=Y%DFI=N%TG=40%CD=S)
4326.  
4327. Uptime guess: 38.646 days (since Thu May 23 02:42:21 2019)
4328. Network Distance: 13 hops
4329. TCP Sequence Prediction: Difficulty=257 (Good luck!)
4330. IP ID Sequence Generation: All zeros
4331. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
4332.  
4333. TRACEROUTE (using proto 1/icmp)
4334. HOP RTT ADDRESS
4335. 1 115.43 ms 10.249.200.1
4336. 2 138.72 ms vlan500.bb1.bru1.be.m247.com (185.210.217.241)
4337. 3 115.91 ms te0-3-0-2.250.rcr21.bru01.atlas.cogentco.com (149.11.170.113)
4338. 4 121.19 ms be3675.ccr42.par01.atlas.cogentco.com (154.54.57.165)
4339. 5 192.64 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
4340. 6 198.45 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
4341. 7 203.49 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
4342. 8 210.51 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
4343. 9 213.43 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
4344. 10 215.00 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
4345. 11 218.39 ms 38.104.89.26
4346. 12 224.65 ms ae2.core2.mco.hostdime.com (67.23.229.205)
4347. 13 224.60 ms server.click-grafix.com (138.128.160.2)
4348.  
4349. NSE: Script Post-scanning.
4350. NSE: Starting runlevel 1 (of 2) scan.
4351. Initiating NSE at 18:12
4352. Completed NSE at 18:12, 0.00s elapsed
4353. NSE: Starting runlevel 2 (of 2) scan.
4354. Initiating NSE at 18:12
4355. Completed NSE at 18:12, 0.00s elapsed
4356. Read data files from: /usr/bin/../share/nmap
4357. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4358. Nmap done: 1 IP address (1 host up) scanned in 456.21 seconds
4359. Raw packets sent: 129 (10.660KB) | Rcvd: 59 (10.719KB)
4360. #######################################################################################################################################
4361. Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 18:12 EDT
4362. NSE: Loaded 148 scripts for scanning.
4363. NSE: Script Pre-scanning.
4364. Initiating NSE at 18:12
4365. Completed NSE at 18:12, 0.00s elapsed
4366. Initiating NSE at 18:12
4367. Completed NSE at 18:12, 0.00s elapsed
4368. Initiating Parallel DNS resolution of 1 host. at 18:12
4369. Completed Parallel DNS resolution of 1 host. at 18:12, 0.03s elapsed
4370. Initiating UDP Scan at 18:12
4371. Scanning server.click-grafix.com (138.128.160.2) [14 ports]
4372. Discovered open port 53/udp on 138.128.160.2
4373. Completed UDP Scan at 18:12, 2.17s elapsed (14 total ports)
4374. Initiating Service scan at 18:12
4375. Scanning 12 services on server.click-grafix.com (138.128.160.2)
4376. Service scan Timing: About 16.67% done; ETC: 18:22 (0:08:10 remaining)
4377. Completed Service scan at 18:14, 102.59s elapsed (12 services on 1 host)
4378. Initiating OS detection (try #1) against server.click-grafix.com (138.128.160.2)
4379. Retrying OS detection (try #2) against server.click-grafix.com (138.128.160.2)
4380. Initiating Traceroute at 18:14
4381. Completed Traceroute at 18:14, 7.26s elapsed
4382. Initiating Parallel DNS resolution of 1 host. at 18:14
4383. Completed Parallel DNS resolution of 1 host. at 18:14, 0.00s elapsed
4384. NSE: Script scanning 138.128.160.2.
4385. Initiating NSE at 18:14
4386. Completed NSE at 18:15, 20.27s elapsed
4387. Initiating NSE at 18:15
4388. Completed NSE at 18:15, 1.10s elapsed
4389. Nmap scan report for server.click-grafix.com (138.128.160.2)
4390. Host is up (0.17s latency).
4391.  
4392. PORT STATE SERVICE VERSION
4393. 53/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
4394. | dns-nsid:
4395. |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1
4396. 67/udp open|filtered dhcps
4397. 68/udp open|filtered dhcpc
4398. 69/udp open|filtered tftp
4399. 88/udp open|filtered kerberos-sec
4400. 123/udp open|filtered ntp
4401. 137/udp filtered netbios-ns
4402. 138/udp filtered netbios-dgm
4403. 139/udp open|filtered netbios-ssn
4404. 161/udp open|filtered snmp
4405. 162/udp open|filtered snmptrap
4406. 389/udp open|filtered ldap
4407. 520/udp open|filtered route
4408. 2049/udp open|filtered nfs
4409. Too many fingerprints match this host to give specific OS details
4410. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
4411.  
4412. TRACEROUTE (using port 137/udp)
4413. HOP RTT ADDRESS
4414. 1 112.25 ms 10.249.200.1
4415. 2 ... 3
4416. 4 109.26 ms 10.249.200.1
4417. 5 109.22 ms 10.249.200.1
4418. 6 109.22 ms 10.249.200.1
4419. 7 109.21 ms 10.249.200.1
4420. 8 109.21 ms 10.249.200.1
4421. 9 109.21 ms 10.249.200.1
4422. 10 109.22 ms 10.249.200.1
4423. 11 ... 18
4424. 19 109.52 ms 10.249.200.1
4425. 20 108.54 ms 10.249.200.1
4426. 21 ... 27
4427. 28 108.11 ms 10.249.200.1
4428. 29 108.70 ms 10.249.200.1
4429. 30 107.58 ms 10.249.200.1
4430.  
4431. NSE: Script Post-scanning.
4432. Initiating NSE at 18:15
4433. Completed NSE at 18:15, 0.00s elapsed
4434. Initiating NSE at 18:15
4435. Completed NSE at 18:15, 0.00s elapsed
4436. Read data files from: /usr/bin/../share/nmap
4437. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4438. Nmap done: 1 IP address (1 host up) scanned in 139.28 seconds
4439. Raw packets sent: 135 (11.696KB) | Rcvd: 36 (4.054KB)
4440. #######################################################################################################################################
4441.  
4442. Hosts
4443. =====
4444.  
4445. address mac name os_name os_flavor os_sp purpose info comments
4446. ------- --- ---- ------- --------- ----- ------- ---- --------
4447. 67.225.171.176 host1.albetaqa.site Unknown device
4448. 77.104.162.243 ip-77-104-162-243.siteground.com Unknown device
4449. 107.154.85.17 107.154.85.17.ip.incapdns.net Unknown device
4450. 128.65.195.96 h2web50.infomaniak.ch Unknown device
4451. 138.128.160.2 server.click-grafix.com Linux 3.X server
4452. 141.105.65.111 Unknown device
4453.  
4454. Services
4455. ========
4456.  
4457. host port proto name state info
4458. ---- ---- ----- ---- ----- ----
4459. 67.225.171.176 21 tcp ftp open
4460. 67.225.171.176 22 tcp ssh open
4461. 67.225.171.176 53 tcp domain open
4462. 67.225.171.176 53 udp domain open
4463. 67.225.171.176 67 udp dhcps unknown
4464. 67.225.171.176 68 udp dhcpc unknown
4465. 67.225.171.176 69 udp tftp unknown
4466. 67.225.171.176 80 tcp http open
4467. 67.225.171.176 88 udp kerberos-sec unknown
4468. 67.225.171.176 110 tcp pop3 open
4469. 67.225.171.176 123 udp ntp unknown
4470. 67.225.171.176 137 udp netbios-ns filtered
4471. 67.225.171.176 138 udp netbios-dgm filtered
4472. 67.225.171.176 139 udp netbios-ssn unknown
4473. 67.225.171.176 143 tcp imap open
4474. 67.225.171.176 161 udp snmp unknown
4475. 67.225.171.176 162 udp snmptrap unknown
4476. 67.225.171.176 389 udp ldap unknown
4477. 67.225.171.176 443 tcp https open
4478. 67.225.171.176 465 tcp smtps open
4479. 67.225.171.176 520 udp route unknown
4480. 67.225.171.176 587 tcp submission open
4481. 67.225.171.176 993 tcp imaps open
4482. 67.225.171.176 995 tcp pop3s open
4483. 67.225.171.176 2049 udp nfs unknown
4484. 77.104.162.243 21 tcp ftp open 220-#########################################################\x0d\x0a220-Please upload your web files to the public_html directory.\x0d\x0a220-Note that letters are case sensitive.\x0d\x0a220-#########################################################\x0d\x0a220 This is a private system - No anonymous login\x0d\x0a
4485. 77.104.162.243 53 tcp domain open
4486. 77.104.162.243 53 udp domain open
4487. 77.104.162.243 67 udp dhcps unknown
4488. 77.104.162.243 68 udp dhcpc unknown
4489. 77.104.162.243 69 udp tftp unknown
4490. 77.104.162.243 80 tcp http open
4491. 77.104.162.243 88 udp kerberos-sec unknown
4492. 77.104.162.243 110 tcp pop3 open
4493. 77.104.162.243 123 udp ntp unknown
4494. 77.104.162.243 139 udp netbios-ssn unknown
4495. 77.104.162.243 143 tcp imap open
4496. 77.104.162.243 161 udp snmp unknown
4497. 77.104.162.243 162 udp snmptrap unknown
4498. 77.104.162.243 389 udp ldap unknown
4499. 77.104.162.243 443 tcp https open
4500. 77.104.162.243 465 tcp smtps open
4501. 77.104.162.243 520 udp route unknown
4502. 77.104.162.243 587 tcp submission open
4503. 77.104.162.243 993 tcp imaps open
4504. 77.104.162.243 995 tcp pop3s open
4505. 77.104.162.243 2049 udp nfs unknown
4506. 77.104.162.243 2525 tcp ms-v-worlds open
4507. 77.104.162.243 3306 tcp mysql open
4508. 107.154.85.17 53 tcp domain open
4509. 107.154.85.17 53 udp domain unknown
4510. 107.154.85.17 67 udp dhcps unknown
4511. 107.154.85.17 68 udp dhcpc unknown
4512. 107.154.85.17 69 udp tftp unknown
4513. 107.154.85.17 80 tcp http open
4514. 107.154.85.17 81 tcp hosts2-ns open
4515. 107.154.85.17 85 tcp mit-ml-dev open
4516. 107.154.85.17 88 tcp kerberos-sec open
4517. 107.154.85.17 88 udp kerberos-sec unknown
4518. 107.154.85.17 123 udp ntp unknown
4519. 107.154.85.17 139 udp netbios-ssn unknown
4520. 107.154.85.17 161 udp snmp unknown
4521. 107.154.85.17 162 udp snmptrap unknown
4522. 107.154.85.17 389 tcp ldap open
4523. 107.154.85.17 389 udp ldap unknown
4524. 107.154.85.17 443 tcp https open
4525. 107.154.85.17 444 tcp snpp open
4526. 107.154.85.17 446 tcp ddm-rdb open
4527. 107.154.85.17 520 udp route unknown
4528. 107.154.85.17 587 tcp submission open
4529. 107.154.85.17 631 tcp ipp open
4530. 107.154.85.17 888 tcp accessbuilder open
4531. 107.154.85.17 995 tcp pop3s open
4532. 107.154.85.17 998 tcp busboy open
4533. 107.154.85.17 999 tcp garcon open
4534. 107.154.85.17 1000 tcp cadlock open
4535. 107.154.85.17 1024 tcp kdm open
4536. 107.154.85.17 1234 tcp hotline open
4537. 107.154.85.17 1433 tcp ms-sql-s open
4538. 107.154.85.17 1494 tcp citrix-ica open
4539. 107.154.85.17 2000 tcp cisco-sccp open
4540. 107.154.85.17 2001 tcp dc open
4541. 107.154.85.17 2049 tcp nfs open
4542. 107.154.85.17 2049 udp nfs unknown
4543. 107.154.85.17 2067 tcp dlswpn open
4544. 107.154.85.17 2100 tcp amiganetfs open
4545. 107.154.85.17 2222 tcp ethernetip-1 open
4546. 107.154.85.17 2598 tcp citriximaclient open
4547. 107.154.85.17 3000 tcp ppp open
4548. 107.154.85.17 3050 tcp gds_db open
4549. 107.154.85.17 3057 tcp goahead-fldup open
4550. 107.154.85.17 3299 tcp saprouter open
4551. 107.154.85.17 3306 tcp mysql open
4552. 107.154.85.17 3333 tcp dec-notes open
4553. 107.154.85.17 3389 tcp ms-wbt-server open
4554. 107.154.85.17 3500 tcp rtmp-port open
4555. 107.154.85.17 3790 tcp quickbooksrds open
4556. 107.154.85.17 4000 tcp remoteanything open
4557. 107.154.85.17 4444 tcp krb524 open
4558. 107.154.85.17 4445 tcp upnotifyp open
4559. 107.154.85.17 5000 tcp upnp open
4560. 107.154.85.17 5009 tcp airport-admin open
4561. 107.154.85.17 5060 tcp sip open
4562. 107.154.85.17 5227 tcp perfd open
4563. 107.154.85.17 5247 tcp capwap-data open
4564. 107.154.85.17 5250 tcp soagateway open
4565. 107.154.85.17 5555 tcp freeciv open
4566. 107.154.85.17 5900 tcp vnc open
4567. 107.154.85.17 5901 tcp vnc-1 open
4568. 107.154.85.17 5902 tcp vnc-2 open
4569. 107.154.85.17 5903 tcp vnc-3 open
4570. 107.154.85.17 5904 tcp unknown open
4571. 107.154.85.17 5905 tcp unknown open
4572. 107.154.85.17 5906 tcp unknown open
4573. 107.154.85.17 5907 tcp unknown open
4574. 107.154.85.17 5908 tcp unknown open
4575. 107.154.85.17 5909 tcp unknown open
4576. 107.154.85.17 5910 tcp cm open
4577. 107.154.85.17 5920 tcp unknown open
4578. 107.154.85.17 5984 tcp couchdb open
4579. 107.154.85.17 5985 tcp wsman open
4580. 107.154.85.17 5986 tcp wsmans open
4581. 107.154.85.17 5999 tcp ncd-conf open
4582. 107.154.85.17 6000 tcp x11 open
4583. 107.154.85.17 6060 tcp x11 open
4584. 107.154.85.17 6161 tcp patrol-ism open
4585. 107.154.85.17 6379 tcp redis open
4586. 107.154.85.17 6661 tcp open
4587. 107.154.85.17 6789 tcp ibm-db2-admin open
4588. 107.154.85.17 7000 tcp afs3-fileserver open
4589. 107.154.85.17 7001 tcp afs3-callback open
4590. 107.154.85.17 7021 tcp dpserveadmin open
4591. 107.154.85.17 7071 tcp iwg1 open
4592. 107.154.85.17 7080 tcp empowerid open
4593. 107.154.85.17 7272 tcp watchme-7272 open
4594. 107.154.85.17 7443 tcp oracleas-https open
4595. 107.154.85.17 7777 tcp cbt open
4596. 107.154.85.17 7778 tcp interwise open
4597. 107.154.85.17 8000 tcp http-alt open
4598. 107.154.85.17 8001 tcp vcom-tunnel open
4599. 107.154.85.17 8008 tcp http open
4600. 107.154.85.17 8014 tcp unknown open
4601. 107.154.85.17 8020 tcp intu-ec-svcdisc open
4602. 107.154.85.17 8023 tcp unknown open
4603. 107.154.85.17 8028 tcp open
4604. 107.154.85.17 8030 tcp open
4605. 107.154.85.17 8050 tcp unknown open
4606. 107.154.85.17 8051 tcp rocrail open
4607. 107.154.85.17 8080 tcp http-proxy open
4608. 107.154.85.17 8081 tcp blackice-icecap open
4609. 107.154.85.17 8082 tcp blackice-alerts open
4610. 107.154.85.17 8085 tcp unknown open
4611. 107.154.85.17 8086 tcp d-s-n open
4612. 107.154.85.17 8087 tcp simplifymedia open
4613. 107.154.85.17 8088 tcp radan-http open
4614. 107.154.85.17 8090 tcp opsmessaging open
4615. 107.154.85.17 8091 tcp jamlink open
4616. 107.154.85.17 8095 tcp unknown open
4617. 107.154.85.17 8101 tcp ldoms-migr open
4618. 107.154.85.17 8222 tcp unknown open
4619. 107.154.85.17 8333 tcp bitcoin open
4620. 107.154.85.17 8443 tcp https-alt open
4621. 107.154.85.17 8444 tcp pcsync-http open
4622. 107.154.85.17 8445 tcp copy open
4623. 107.154.85.17 8503 tcp lsp-self-ping open
4624. 107.154.85.17 8686 tcp sun-as-jmxrmi open
4625. 107.154.85.17 8787 tcp msgsrvr open
4626. 107.154.85.17 8800 tcp sunwebadmin open
4627. 107.154.85.17 8812 tcp open
4628. 107.154.85.17 8834 tcp nessus-xmlrpc open
4629. 107.154.85.17 8880 tcp cddbp-alt open
4630. 107.154.85.17 8888 tcp sun-answerbook open
4631. 107.154.85.17 8889 tcp ddi-tcp-2 open
4632. 107.154.85.17 8890 tcp ddi-tcp-3 open
4633. 107.154.85.17 8899 tcp ospf-lite open
4634. 107.154.85.17 9000 tcp cslistener open
4635. 107.154.85.17 9001 tcp tor-orport open
4636. 107.154.85.17 9002 tcp dynamid open
4637. 107.154.85.17 9003 tcp unknown open
4638. 107.154.85.17 9004 tcp unknown open
4639. 107.154.85.17 9005 tcp golem open
4640. 107.154.85.17 9010 tcp sdr open
4641. 107.154.85.17 9050 tcp tor-socks open
4642. 107.154.85.17 9080 tcp glrpc open
4643. 107.154.85.17 9081 tcp cisco-aqos open
4644. 107.154.85.17 9084 tcp aurora open
4645. 107.154.85.17 9090 tcp zeus-admin open
4646. 107.154.85.17 9099 tcp unknown open
4647. 107.154.85.17 9100 tcp jetdirect open
4648. 107.154.85.17 9111 tcp dragonidsconsole open
4649. 107.154.85.17 9200 tcp wap-wsp open
4650. 107.154.85.17 9300 tcp vrace open
4651. 107.154.85.17 9500 tcp ismserver open
4652. 107.154.85.17 9711 tcp open
4653. 107.154.85.17 9991 tcp issa open
4654. 107.154.85.17 9999 tcp abyss open
4655. 107.154.85.17 10000 tcp snet-sensor-mgmt open
4656. 107.154.85.17 10001 tcp scp-config open
4657. 107.154.85.17 10008 tcp octopus open
4658. 107.154.85.17 10443 tcp unknown open
4659. 107.154.85.17 12174 tcp unknown open
4660. 107.154.85.17 12203 tcp open
4661. 107.154.85.17 12221 tcp open
4662. 107.154.85.17 12345 tcp netbus open
4663. 107.154.85.17 12397 tcp open
4664. 107.154.85.17 12401 tcp open
4665. 107.154.85.17 14330 tcp open
4666. 107.154.85.17 16000 tcp fmsas open
4667. 107.154.85.17 20000 tcp dnp open
4668. 107.154.85.17 25000 tcp icl-twobase1 open
4669. 107.154.85.17 30000 tcp ndmps open
4670. 107.154.85.17 44334 tcp tinyfw open
4671. 107.154.85.17 50000 tcp ibm-db2 open
4672. 107.154.85.17 50001 tcp unknown open
4673. 107.154.85.17 50050 tcp unknown open
4674. 128.65.195.96 21 tcp ftp open
4675. 128.65.195.96 22 tcp ssh open
4676. 128.65.195.96 53 udp domain unknown
4677. 128.65.195.96 67 udp dhcps unknown
4678. 128.65.195.96 68 udp dhcpc unknown
4679. 128.65.195.96 69 udp tftp unknown
4680. 128.65.195.96 80 tcp http open
4681. 128.65.195.96 88 udp kerberos-sec unknown
4682. 128.65.195.96 123 udp ntp unknown
4683. 128.65.195.96 137 udp netbios-ns filtered
4684. 128.65.195.96 138 udp netbios-dgm filtered
4685. 128.65.195.96 139 udp netbios-ssn unknown
4686. 128.65.195.96 161 udp snmp unknown
4687. 128.65.195.96 162 udp snmptrap unknown
4688. 128.65.195.96 389 udp ldap unknown
4689. 128.65.195.96 443 tcp https open
4690. 128.65.195.96 520 udp route unknown
4691. 128.65.195.96 2049 udp nfs unknown
4692. 128.65.195.96 2222 tcp ethernetip-1 open
4693. 138.128.160.2 21 tcp ftp open
4694. 138.128.160.2 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
4695. 138.128.160.2 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
4696. 138.128.160.2 67 udp dhcps unknown
4697. 138.128.160.2 68 udp dhcpc unknown
4698. 138.128.160.2 69 udp tftp unknown
4699. 138.128.160.2 80 tcp http open Apache httpd
4700. 138.128.160.2 88 udp kerberos-sec unknown
4701. 138.128.160.2 110 tcp pop3 open
4702. 138.128.160.2 123 udp ntp unknown
4703. 138.128.160.2 137 udp netbios-ns filtered
4704. 138.128.160.2 138 udp netbios-dgm filtered
4705. 138.128.160.2 139 udp netbios-ssn unknown
4706. 138.128.160.2 143 tcp imap open Dovecot imapd
4707. 138.128.160.2 161 udp snmp unknown
4708. 138.128.160.2 162 udp snmptrap unknown
4709. 138.128.160.2 389 udp ldap unknown
4710. 138.128.160.2 443 tcp ssl/http open Apache httpd
4711. 138.128.160.2 465 tcp smtps open
4712. 138.128.160.2 520 udp route unknown
4713. 138.128.160.2 587 tcp smtp open Exim smtpd 4.92
4714. 138.128.160.2 993 tcp ssl/imaps open
4715. 138.128.160.2 995 tcp pop3s open
4716. 138.128.160.2 2049 udp nfs unknown
4717. 138.128.160.2 2087 tcp ssl/eli open
4718. 138.128.160.2 2095 tcp nbx-ser open
4719. 141.105.65.111 21 tcp ftp open
4720. 141.105.65.111 53 tcp domain open
4721. 141.105.65.111 53 udp domain open
4722. 141.105.65.111 67 udp dhcps unknown
4723. 141.105.65.111 68 udp dhcpc unknown
4724. 141.105.65.111 69 udp tftp unknown
4725. 141.105.65.111 80 tcp http open
4726. 141.105.65.111 88 udp kerberos-sec unknown
4727. 141.105.65.111 110 tcp pop3 open
4728. 141.105.65.111 123 udp ntp unknown
4729. 141.105.65.111 137 udp netbios-ns filtered
4730. 141.105.65.111 138 udp netbios-dgm filtered
4731. 141.105.65.111 139 udp netbios-ssn unknown
4732. 141.105.65.111 143 tcp imap open
4733. 141.105.65.111 161 udp snmp unknown
4734. 141.105.65.111 162 udp snmptrap unknown
4735. 141.105.65.111 389 udp ldap unknown
4736. 141.105.65.111 443 tcp https open
4737. 141.105.65.111 465 tcp smtps open
4738. 141.105.65.111 520 udp route unknown
4739. 141.105.65.111 587 tcp submission open
4740. 141.105.65.111 993 tcp imaps open
4741. 141.105.65.111 995 tcp pop3s open
4742. 141.105.65.111 2049 udp nfs unknown
4743. #######################################################################################################################################
4744. [+] URL: http://www.audit.gov.sd/?lang=ar/
4745. [+] Started: Sun Jun 30 15:16:29 2019
4746.  
4747. Interesting Finding(s):
4748.  
4749. [+] http://www.audit.gov.sd/?lang=ar/
4750. | Interesting Entries:
4751. | - Server: Apache
4752. | - X-Powered-By: PHP/5.6.40
4753. | - Referrer-Policy: unsafe-url
4754. | Found By: Headers (Passive Detection)
4755. | Confidence: 100%
4756.  
4757. [+] http://www.audit.gov.sd/robots.txt
4758. | Found By: Robots Txt (Aggressive Detection)
4759. | Confidence: 100%
4760.  
4761. [+] http://www.audit.gov.sd/xmlrpc.php
4762. | Found By: Direct Access (Aggressive Detection)
4763. | Confidence: 100%
4764. | References:
4765. | - http://codex.wordpress.org/XML-RPC_Pingback_API
4766. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
4767. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
4768. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
4769. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
4770.  
4771. [+] http://www.audit.gov.sd/readme.html
4772. | Found By: Direct Access (Aggressive Detection)
4773. | Confidence: 100%
4774.  
4775. [+] http://www.audit.gov.sd/wp-cron.php
4776. | Found By: Direct Access (Aggressive Detection)
4777. | Confidence: 60%
4778. | References:
4779. | - https://www.iplocation.net/defend-wordpress-from-ddos
4780. | - https://github.com/wpscanteam/wpscan/issues/1299
4781.  
4782. [+] WordPress version 5.1.1 identified (Latest, released on 2019-03-13).
4783. | Detected By: Rss Generator (Passive Detection)
4784. | - http://www.audit.gov.sd/?feed=rss2&lang=ar, <generator>https://wordpress.org/?v=5.1.1</generator>
4785. | Confirmed By: Emoji Settings (Passive Detection)
4786. | - http://www.audit.gov.sd/?lang=ar/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.1.1'
4787.  
4788. [+] WordPress theme in use: silver
4789. | Location: http://www.audit.gov.sd/wp-content/themes/silver/
4790. | Style URL: http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/themes/silver/style.css?ver=1.5.2
4791. |
4792. | Detected By: Css Style (Passive Detection)
4793. |
4794. | The version could not be determined.
4795.  
4796. [+] Enumerating All Plugins (via Passive Methods)
4797. [+] Checking Plugin Versions (via Passive and Aggressive Methods)
4798.  
4799. [i] Plugin(s) Identified:
4800.  
4801. [+] ads-wp-site-count
4802. | Location: http://www.audit.gov.sd/wp-content/plugins/ads-wp-site-count/
4803. | Latest Version: 2.5 (up to date)
4804. | Last Updated: 2019-06-18T21:40:00.000Z
4805. |
4806. | Detected By: Urls In Homepage (Passive Detection)
4807. |
4808. | Version: 2.5 (100% confidence)
4809. | Detected By: Readme - Stable Tag (Aggressive Detection)
4810. | - http://www.audit.gov.sd/wp-content/plugins/ads-wp-site-count/readme.txt
4811. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4812. | - http://www.audit.gov.sd/wp-content/plugins/ads-wp-site-count/readme.txt
4813.  
4814. [+] all-in-one-event-calendar
4815. | Location: http://www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/
4816. | Latest Version: 2.5.41 (up to date)
4817. | Last Updated: 2019-05-23T20:25:00.000Z
4818. |
4819. | Detected By: Urls In Homepage (Passive Detection)
4820. |
4821. | Version: 2.5.41 (100% confidence)
4822. | Detected By: Query Parameter (Passive Detection)
4823. | - http://www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.5.41
4824. | Confirmed By:
4825. | Readme - Stable Tag (Aggressive Detection)
4826. | - http://www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/readme.txt
4827. | Translation File (Aggressive Detection)
4828. | - http://www.audit.gov.sd/wp-content/plugins/all-in-one-event-calendar/language/all-in-one-event-calendar.po, Match: 'n: All-in-One Event Calendar by Time.ly 2.5.41'
4829.  
4830. [+] awesome-weather
4831. | Location: http://www.audit.gov.sd/wp-content/plugins/awesome-weather/
4832. | Latest Version: 2.0 (up to date)
4833. | Last Updated: 2019-05-06T12:58:00.000Z
4834. |
4835. | Detected By: Urls In Homepage (Passive Detection)
4836. |
4837. | Version: 2.0 (50% confidence)
4838. | Detected By: Readme - ChangeLog Section (Aggressive Detection)
4839. | - http://www.audit.gov.sd/wp-content/plugins/awesome-weather/readme.txt
4840.  
4841. [+] contact-form-7
4842. | Location: http://www.audit.gov.sd/wp-content/plugins/contact-form-7/
4843. | Latest Version: 5.1.3 (up to date)
4844. | Last Updated: 2019-05-19T16:15:00.000Z
4845. |
4846. | Detected By: Urls In Homepage (Passive Detection)
4847. |
4848. | Version: 5.1.3 (100% confidence)
4849. | Detected By: Query Parameter (Passive Detection)
4850. | - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
4851. | - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
4852. | Confirmed By:
4853. | Readme - Stable Tag (Aggressive Detection)
4854. | - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/readme.txt
4855. | Readme - ChangeLog Section (Aggressive Detection)
4856. | - http://www.audit.gov.sd/wp-content/plugins/contact-form-7/readme.txt
4857.  
4858. [+] easy-weather-widget
4859. | Location: http://www.audit.gov.sd/wp-content/plugins/easy-weather-widget/
4860. | Latest Version: 3.2.5 (up to date)
4861. | Last Updated: 2017-12-30T02:11:00.000Z
4862. |
4863. | Detected By: Urls In Homepage (Passive Detection)
4864. |
4865. | Version: 3.2.5 (100% confidence)
4866. | Detected By: Readme - Stable Tag (Aggressive Detection)
4867. | - http://www.audit.gov.sd/wp-content/plugins/easy-weather-widget/readme.txt
4868. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4869. | - http://www.audit.gov.sd/wp-content/plugins/easy-weather-widget/readme.txt
4870.  
4871. [+] everest-forms
4872. | Location: http://www.audit.gov.sd/wp-content/plugins/everest-forms/
4873. | Last Updated: 2019-05-28T12:02:00.000Z
4874. | [!] The version is out of date, the latest version is 1.4.9
4875. |
4876. | Detected By: Urls In Homepage (Passive Detection)
4877. |
4878. | Version: 1.4.8 (100% confidence)
4879. | Detected By: Readme - Stable Tag (Aggressive Detection)
4880. | - http://www.audit.gov.sd/wp-content/plugins/everest-forms/readme.txt
4881. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4882. | - http://www.audit.gov.sd/wp-content/plugins/everest-forms/readme.txt
4883.  
4884. [+] jm-breaking-news
4885. | Location: http://www.audit.gov.sd/wp-content/plugins/jm-breaking-news/
4886. | Latest Version: 1.8.1 (up to date)
4887. | Last Updated: 2017-11-14T00:24:00.000Z
4888. |
4889. | Detected By: Urls In Homepage (Passive Detection)
4890. |
4891. | Version: 1.8.1 (100% confidence)
4892. | Detected By: Readme - Stable Tag (Aggressive Detection)
4893. | - http://www.audit.gov.sd/wp-content/plugins/jm-breaking-news/readme.txt
4894. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4895. | - http://www.audit.gov.sd/wp-content/plugins/jm-breaking-news/readme.txt
4896.  
4897. [+] job-manager
4898. | Location: http://www.audit.gov.sd/wp-content/plugins/job-manager/
4899. | Latest Version: 0.7.25 (up to date)
4900. | Last Updated: 2015-08-25T22:44:00.000Z
4901. |
4902. | Detected By: Urls In Homepage (Passive Detection)
4903. |
4904. | [!] 1 vulnerability identified:
4905. |
4906. | [!] Title: Job Manager <= 0.7.25 - Insecure Direct Object Reference
4907. | References:
4908. | - https://wpvulndb.com/vulnerabilities/8167
4909. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6668
4910. | - https://vagmour.eu/cve-2015-6668-cv-filename-disclosure-on-job-manager-wordpress-plugin/
4911. |
4912. | Version: 7.2.5 (80% confidence)
4913. | Detected By: Readme - Stable Tag (Aggressive Detection)
4914. | - http://www.audit.gov.sd/wp-content/plugins/job-manager/readme.txt
4915.  
4916. [+] multilanguage
4917. | Location: http://www.audit.gov.sd/wp-content/plugins/multilanguage/
4918. | Latest Version: 1.3.3 (up to date)
4919. | Last Updated: 2019-05-02T11:09:00.000Z
4920. |
4921. | Detected By: Urls In Homepage (Passive Detection)
4922. |
4923. | Version: 1.3.3 (100% confidence)
4924. | Detected By: Query Parameter (Passive Detection)
4925. | - http://www.audit.gov.sd/wp-content/plugins/multilanguage/css/style.css?ver=1.3.3
4926. | Confirmed By:
4927. | Readme - Stable Tag (Aggressive Detection)
4928. | - http://www.audit.gov.sd/wp-content/plugins/multilanguage/readme.txt
4929. | Readme - ChangeLog Section (Aggressive Detection)
4930. | - http://www.audit.gov.sd/wp-content/plugins/multilanguage/readme.txt
4931.  
4932. [+] page-visit-counter
4933. | Location: http://www.audit.gov.sd/wp-content/plugins/page-visit-counter/
4934. | Last Updated: 2019-06-25T11:56:00.000Z
4935. | [!] The version is out of date, the latest version is 5.3
4936. |
4937. | Detected By: Urls In Homepage (Passive Detection)
4938. |
4939. | Version: 5.2 (100% confidence)
4940. | Detected By: Readme - Stable Tag (Aggressive Detection)
4941. | - http://www.audit.gov.sd/wp-content/plugins/page-visit-counter/README.txt
4942. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4943. | - http://www.audit.gov.sd/wp-content/plugins/page-visit-counter/README.txt
4944.  
4945. [+] sassy-social-share
4946. | Location: http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/
4947. | Last Updated: 2019-06-19T04:10:00.000Z
4948. | [!] The version is out of date, the latest version is 3.2.26
4949. |
4950. | Detected By: Urls In Homepage (Passive Detection)
4951. |
4952. | Version: 3.2.24 (100% confidence)
4953. | Detected By: Query Parameter (Passive Detection)
4954. | - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.2.24
4955. | - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.2.24
4956. | Confirmed By:
4957. | Readme - Stable Tag (Aggressive Detection)
4958. | - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/readme.txt
4959. | Readme - ChangeLog Section (Aggressive Detection)
4960. | - http://www.audit.gov.sd/wp-content/plugins/sassy-social-share/readme.txt
4961.  
4962. [+] shortcodes-ultimate
4963. | Location: http://www.audit.gov.sd/wp-content/plugins/shortcodes-ultimate/
4964. | Latest Version: 5.3.0 (up to date)
4965. | Last Updated: 2019-05-07T21:05:00.000Z
4966. |
4967. | Detected By: Urls In Homepage (Passive Detection)
4968. |
4969. | Version: 5.3.0 (50% confidence)
4970. | Detected By: Readme - ChangeLog Section (Aggressive Detection)
4971. | - http://www.audit.gov.sd/wp-content/plugins/shortcodes-ultimate/readme.txt
4972.  
4973. [+] wp-advanced-pdf
4974. | Location: http://www.audit.gov.sd/wp-content/plugins/wp-advanced-pdf/
4975. | Latest Version: 1.1.6 (up to date)
4976. | Last Updated: 2018-09-07T10:42:00.000Z
4977. |
4978. | Detected By: Urls In Homepage (Passive Detection)
4979. |
4980. | Version: 1.1.6 (100% confidence)
4981. | Detected By: Readme - Stable Tag (Aggressive Detection)
4982. | - http://www.audit.gov.sd/wp-content/plugins/wp-advanced-pdf/readme.txt
4983. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4984. | - http://www.audit.gov.sd/wp-content/plugins/wp-advanced-pdf/readme.txt
4985.  
4986. [+] wp-spry-menu
4987. | Location: http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/
4988. | Latest Version: 1.5.2 (up to date)
4989. | Last Updated: 2014-08-10T19:04:00.000Z
4990. |
4991. | Detected By: Urls In Homepage (Passive Detection)
4992. |
4993. | Version: 1.5.2 (100% confidence)
4994. | Detected By: Readme - Stable Tag (Aggressive Detection)
4995. | - http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/readme.txt
4996. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
4997. | - http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/readme.txt
4998.  
4999. [+] wp-symposium-toolbar
5000. | Location: http://www.audit.gov.sd/wp-content/plugins/wp-symposium-toolbar/
5001. | Latest Version: 0.33.0 (up to date)
5002. | Last Updated: 2015-09-21T17:11:00.000Z
5003. |
5004. | Detected By: Urls In Homepage (Passive Detection)
5005. |
5006. | Version: 0.33.0 (80% confidence)
5007. | Detected By: Readme - Stable Tag (Aggressive Detection)
5008. | - http://www.audit.gov.sd/wp-content/plugins/wp-symposium-toolbar/readme.txt
5009.  
5010. [+] Enumerating Config Backups (via Passive and Aggressive Methods)
5011. Checking Config Backups - Time: 00:00:02 <=============> (21 / 21) 100.00% Time: 00:00:02
5012.  
5013. [i] No Config Backups Found.
5014.  
5015.  
5016. [+] Finished: Sun Jun 30 15:18:02 2019
5017. [+] Requests Done: 86
5018. [+] Cached Requests: 6
5019. [+] Data Sent: 26.702 KB
5020. [+] Data Received: 740.899 KB
5021. [+] Memory used: 193.613 MB
5022. [+] Elapsed time: 00:01:33
5023. #######################################################################################################################################
5024. [+] URL: http://www.audit.gov.sd/
5025. [+] Effective URL: http://www.audit.gov.sd/?lang=ar
5026. [+] Started: Sun Jun 30 15:16:13 2019
5027.  
5028. Interesting Finding(s):
5029.  
5030. [+] http://www.audit.gov.sd/?lang=ar
5031. | Interesting Entries:
5032. | - Server: Apache
5033. | - X-Powered-By: PHP/5.6.40
5034. | - Referrer-Policy: unsafe-url
5035. | Found By: Headers (Passive Detection)
5036. | Confidence: 100%
5037.  
5038. [+] http://www.audit.gov.sd/robots.txt
5039. | Found By: Robots Txt (Aggressive Detection)
5040. | Confidence: 100%
5041.  
5042. [+] http://www.audit.gov.sd/xmlrpc.php
5043. | Found By: Direct Access (Aggressive Detection)
5044. | Confidence: 100%
5045. | References:
5046. | - http://codex.wordpress.org/XML-RPC_Pingback_API
5047. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
5048. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
5049. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
5050. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
5051.  
5052. [+] http://www.audit.gov.sd/readme.html
5053. | Found By: Direct Access (Aggressive Detection)
5054. | Confidence: 100%
5055.  
5056. [+] http://www.audit.gov.sd/wp-cron.php
5057. | Found By: Direct Access (Aggressive Detection)
5058. | Confidence: 60%
5059. | References:
5060. | - https://www.iplocation.net/defend-wordpress-from-ddos
5061. | - https://github.com/wpscanteam/wpscan/issues/1299
5062.  
5063. [+] WordPress version 5.1.1 identified (Latest, released on 2019-03-13).
5064. | Detected By: Rss Generator (Passive Detection)
5065. | - http://www.audit.gov.sd/?feed=rss2&lang=ar, <generator>https://wordpress.org/?v=5.1.1</generator>
5066. | Confirmed By: Emoji Settings (Passive Detection)
5067. | - http://www.audit.gov.sd/?lang=ar, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.1.1'
5068.  
5069. [+] WordPress theme in use: silver
5070. | Location: http://www.audit.gov.sd/wp-content/themes/silver/
5071. | Style URL: http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/themes/silver/style.css?ver=1.5.2
5072. |
5073. | Detected By: Css Style (Passive Detection)
5074. |
5075. | The version could not be determined.
5076.  
5077. [+] Enumerating Users (via Passive and Aggressive Methods)
5078. Brute Forcing Author IDs - Time: 00:00:34 <==> (10 / 10) 100.00% Time: 00:00:34
5079.  
5080. [i] User(s) Identified:
5081.  
5082. [+] audit
5083. | Detected By: Author Posts - Display Name (Passive Detection)
5084. | Confirmed By: Rss Generator (Passive Detection)
5085.  
5086.  
5087. [+] Finished: Sun Jun 30 15:17:58 2019
5088. [+] Requests Done: 66
5089. [+] Cached Requests: 5
5090. [+] Data Sent: 22.656 KB
5091. [+] Data Received: 496.464 KB
5092. [+] Memory used: 92.117 MB
5093. [+] Elapsed time: 00:01:44
5094. #######################################################################################################################################
5095. [+] URL: http://www.audit.gov.sd/?lang=ar/
5096. [+] Started: Sun Jun 30 16:12:08 2019
5097.  
5098. Interesting Finding(s):
5099.  
5100. [+] http://www.audit.gov.sd/?lang=ar/
5101. | Interesting Entries:
5102. | - Server: Apache
5103. | - X-Powered-By: PHP/5.6.40
5104. | - Referrer-Policy: unsafe-url
5105. | Found By: Headers (Passive Detection)
5106. | Confidence: 100%
5107.  
5108. [+] http://www.audit.gov.sd/robots.txt
5109. | Found By: Robots Txt (Aggressive Detection)
5110. | Confidence: 100%
5111.  
5112. [+] http://www.audit.gov.sd/xmlrpc.php
5113. | Found By: Direct Access (Aggressive Detection)
5114. | Confidence: 100%
5115. | References:
5116. | - http://codex.wordpress.org/XML-RPC_Pingback_API
5117. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
5118. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
5119. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
5120. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
5121.  
5122. [+] http://www.audit.gov.sd/readme.html
5123. | Found By: Direct Access (Aggressive Detection)
5124. | Confidence: 100%
5125.  
5126. [+] http://www.audit.gov.sd/wp-cron.php
5127. | Found By: Direct Access (Aggressive Detection)
5128. | Confidence: 60%
5129. | References:
5130. | - https://www.iplocation.net/defend-wordpress-from-ddos
5131. | - https://github.com/wpscanteam/wpscan/issues/1299
5132.  
5133. [+] WordPress version 5.1.1 identified (Latest, released on 2019-03-13).
5134. | Detected By: Rss Generator (Passive Detection)
5135. | - http://www.audit.gov.sd/?feed=rss2&lang=ar, <generator>https://wordpress.org/?v=5.1.1</generator>
5136. | Confirmed By: Emoji Settings (Passive Detection)
5137. | - http://www.audit.gov.sd/?lang=ar/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.1.1'
5138.  
5139. [+] WordPress theme in use: silver
5140. | Location: http://www.audit.gov.sd/wp-content/themes/silver/
5141. | Style URL: http://www.audit.gov.sd/wp-content/plugins/wp-spry-menu/themes/silver/style.css?ver=1.5.2
5142. |
5143. | Detected By: Css Style (Passive Detection)
5144. |
5145. | The version could not be determined.
5146.  
5147. [+] Enumerating Users (via Passive and Aggressive Methods)
5148. Brute Forcing Author IDs - Time: 00:00:33 <============> (10 / 10) 100.00% Time: 00:00:33
5149.  
5150. [i] User(s) Identified:
5151.  
5152. [+] audit
5153. | Detected By: Author Posts - Display Name (Passive Detection)
5154. | Confirmed By: Rss Generator (Passive Detection)
5155.  
5156.  
5157. [+] Finished: Sun Jun 30 16:13:44 2019
5158. [+] Requests Done: 64
5159. [+] Cached Requests: 7
5160. [+] Data Sent: 22.679 KB
5161. [+] Data Received: 494.064 KB
5162. [+] Memory used: 92.25 MB
5163. #######################################################################################################################################
5164. [-] Date & Time: 30/06/2019 15:16:19
5165. [I] Threads: 5
5166. [-] Target: http://www.audit.gov.sd/?lang=ar (138.128.160.2)
5167. [M] Website Not in HTTPS: http://www.audit.gov.sd/?lang=ar
5168. [I] Server: Apache
5169. [I] X-Powered-By: PHP/5.6.40
5170. [L] X-Frame-Options: Not Enforced
5171. [I] Strict-Transport-Security: Not Enforced
5172. [I] X-Content-Security-Policy: Not Enforced
5173. [L] No Robots.txt Found
5174. [I] CMS Detection: WordPress
5175. [I] Wordpress Version: 5.1.1
5176. [I] Wordpress Theme: colormag
5177. [H] Configuration File Found: http://www.audit.gov.sd/?lang=ar/wp-config
5178. [H] Configuration File Found: http://www.audit.gov.sd/?lang=ar/wp-config.php-old
5179. [H] Configuration File Found: http://www.audit.gov.sd/?lang=ar/wp-config.php.old
5180. [H] Configuration File Found: http://www.audit.gov.sd/?lang=ar/wp-config.original
5181. [M] XML-RPC services are enabled
5182. [I] Autocomplete Off Not Found: http://www.audit.gov.sd/?lang=ar/wp-login.php
5183. [-] Default WordPress Files:
5184. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentyfourteen/genericons/README.txt
5185. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentynineteen/readme.txt
5186. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentyseventeen/README.txt
5187. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentyten/license.txt
5188. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentyten/readme.txt
5189. [I] http://www.audit.gov.sd/?lang=ar/wp-content/themes/twentytwelve/readme.txt
5190. [I] http://www.audit.gov.sd/?lang=ar/wp-includes/ID3/license.commercial.txt
5191. [-] Searching Wordpress Plugins ...
5192. [I] 1-flash-gallery
5193. [M] EDB-ID: 17801 "WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)"
5194. [I] 1-jquery-photo-gallery-slideshow-flash
5195. [M] EDB-ID: 36382 "WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting"
5196. [I] 2-click-socialmedia-buttons
5197. [M] EDB-ID: 37178 "WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities"
5198. [I] Calendar
5199. [M] EDB-ID: 21715 "WordPress Plugin spider Calendar - Multiple Vulnerabilities"
5200. [I] Calendar-Script
5201. [M] EDB-ID: 38018 "WordPress Plugin PHP Event Calendar - 'cid' SQL Injection"
5202. [I] Lead-Octopus-Power
5203. [M] EDB-ID: 39269 "WordPress Plugin Lead Octopus Power - 'id' SQL Injection"
5204. [I] Premium_Gallery_Manager
5205. [M] EDB-ID: 34538 "WordPress Plugin Premium Gallery Manager - Configuration Access"
5206. [M] EDB-ID: 39111 "WordPress Plugin Premium Gallery Manager - Arbitrary File Upload"
5207. [I] Tevolution
5208. [M] EDB-ID: 40976 "WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload"
5209. [I] a-gallery
5210. [M] EDB-ID: 17872 "Multiple WordPress Plugins - 'timthumb.php' File Upload"
5211. [I] a-to-z-category-listing
5212. [M] EDB-ID: 17809 "WordPress Plugin A to Z Category Listing 1.3 - SQL Injection"
5213. [I] acf-frontend-display
5214. [I] ad-wizz
5215. [M] EDB-ID: 35561 "WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting"
5216. [I] adminimize
5217. [M] EDB-ID: 36325 "WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting"
5218. [I] ads-box
5219. [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
5220. [I] ads-wp-site-count
5221. [I] advanced-dewplayer
5222. [M] EDB-ID: 38936 "WordPress Plugin Advanced Dewplayer - 'download-file.php' Script Directory Traversal"
5223. [I] advanced-text-widget
5224. [M] EDB-ID: 36324 "WordPress Plugin Advanced Text Widget 2.0 - 'page' Cross-Site Scripting"
5225. [I] advanced-uploader
5226. [M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
5227. [I] advertizer
5228. [M] EDB-ID: 17750 "WordPress Plugin Advertizer 1.0 - SQL Injection"
5229. [I] age-verification
5230. [M] EDB-ID: 18350 "WordPress Plugin Age Verification 0.4 - Open Redirect"
5231. [M] EDB-ID: 36540 "WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection"
5232. [I] ajax-store-locator-wordpress_0
5233. [M] EDB-ID: 35493 "WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download"
5234. [I] ajaxgallery
5235. [M] EDB-ID: 17686 "WordPress Plugin Ajax Gallery 3.0 - SQL Injection"
5236. [I] all-in-one-event-calendar
5237. [M] EDB-ID: 37075 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting"
5238. [M] EDB-ID: 37076 "WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting"
5239. [M] EDB-ID: 37077 "WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting"
5240. [M] EDB-ID: 37078 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities"
5241. [I] all-in-one-wp-security-and-firewall
5242. [M] EDB-ID: 34854 "WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting"
5243. [I] all-video-gallery
5244. [M] EDB-ID: 22427 "WordPress Plugin All Video Gallery 1.1 - SQL Injection"
5245. [I] allow-php-in-posts-and-pages
5246. [M] EDB-ID: 17688 "WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection"
5247. [I] allwebmenus-wordpress-menu-plugin
5248. [M] EDB-ID: 17861 "WordPress Plugin AllWebMenus 1.1.3 - Remote File Inclusion"
5249. [M] EDB-ID: 18407 "WordPress Plugin AllWebMenus < 1.1.9 Menu Plugin - Arbitrary File Upload"
5250. [I] alo-easymail
5251. [I] annonces
5252. [M] EDB-ID: 17863 "WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion"
5253. [I] answer-my-question
5254. [M] EDB-ID: 40771 "WordPress Plugin Answer My Question 1.3 - SQL Injection"
5255. [I] appointment-booking-calendar
5256. [M] EDB-ID: 39309 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection"
5257. [M] EDB-ID: 39319 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection"
5258. [M] EDB-ID: 39341 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities"
5259. [M] EDB-ID: 39342 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection"
5260. [I] asset-manager
5261. [M] EDB-ID: 18993 "WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload"
5262. [I] audio
5263. [M] EDB-ID: 35258 "WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting"
5264. [I] audio-player
5265. [M] EDB-ID: 38300 "WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting"
5266. [I] auto-attachments
5267. [I] aviary-image-editor-add-on-for-gravity-forms
5268. [M] EDB-ID: 37275 "WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload"
5269. [I] awesome-weather
5270. [I] backwpup
5271. [M] EDB-ID: 35400 "WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities"
5272. [I] baggage-freight
5273. [M] EDB-ID: 46061 "WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload"
5274. [I] baggage_shipping
5275. [I] bbpress
5276. [M] EDB-ID: 22396 "WordPress Plugin bbPress - Multiple Vulnerabilities"
5277. [I] bezahlcode-generator
5278. [M] EDB-ID: 35286 "WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting"
5279. [I] booking
5280. [M] EDB-ID: 27399 "WordPress Plugin Booking Calendar 4.1.4 - Cross-Site Request Forgery"
5281. [I] booking-calendar-contact-form
5282. [M] EDB-ID: 37003 "WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities"
5283. [I] bookx
5284. [M] EDB-ID: 39251 "WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion"
5285. [I] brandfolder
5286. [M] EDB-ID: 39591 "WordPress Plugin Brandfolder 3.0 - Local/Remote File Inclusion"
5287. [I] catalog
5288. [M] EDB-ID: 25724 "WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities"
5289. [M] EDB-ID: 38639 "WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities"
5290. [I] category-list-portfolio-page
5291. [I] cevhershare
5292. [M] EDB-ID: 17891 "WordPress Plugin CevherShare 2.0 - SQL Injection"
5293. [I] cforms
5294. [M] EDB-ID: 34946 "WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities"
5295. [I] chenpress
5296. [M] EDB-ID: 37522 "WordPress Plugin chenpress - Arbitrary File Upload"
5297. [I] church-admin
5298. [M] EDB-ID: 37483 "WordPress Plugin church_admin - 'id' Cross-Site Scripting"
5299. [I] cimy-counter
5300. [M] EDB-ID: 14057 "WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting"
5301. [M] EDB-ID: 34195 "WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting"
5302. [I] clickdesk-live-support-chat
5303. [M] EDB-ID: 36338 "WordPress Plugin ClickDesk Live Support 2.0 - 'cdwidget' Cross-Site Scripting"
5304. [I] cloudsafe365-for-wp
5305. [M] EDB-ID: 37681 "WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure"
5306. [I] cm-download-manager
5307. [M] EDB-ID: 35324 "WordPress Plugin CM Download Manager 2.0.0 - Code Injection"
5308. [I] cms-pack
5309. [I] cnhk-slideshow
5310. [M] EDB-ID: 39190 "WordPress Plugin cnhk-Slideshow - Arbitrary File Upload"
5311. [I] comment-rating
5312. [M] EDB-ID: 16221 "WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities"
5313. [M] EDB-ID: 24552 "WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities"
5314. [M] EDB-ID: 36487 "WordPress Plugin Comment Rating 2.9.20 - 'path' Cross-Site Scripting"
5315. [I] contact-form-7
5316. [I] contact-form-wordpress
5317. [M] EDB-ID: 17980 "WordPress Plugin Contact Form 2.7.5 - SQL Injection"
5318. [I] contus-hd-flv-player
5319. [M] EDB-ID: 17678 "WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection"
5320. [M] EDB-ID: 37377 "WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload"
5321. [I] contus-video-gallery
5322. [M] EDB-ID: 34161 "WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities"
5323. [I] contus-video-galleryversion-10
5324. [M] EDB-ID: 37373 "WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload"
5325. [I] copyright-licensing-tools
5326. [M] EDB-ID: 17749 "WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection"
5327. [I] count-per-day
5328. [M] EDB-ID: 17857 "WordPress Plugin Count per Day 2.17 - SQL Injection"
5329. [M] EDB-ID: 18355 "WordPress Plugin Count Per Day - Multiple Vulnerabilities"
5330. [M] EDB-ID: 20862 "WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting"
5331. [I] couponer
5332. [M] EDB-ID: 17759 "WordPress Plugin Couponer 1.2 - SQL Injection"
5333. [I] cp-polls
5334. [M] EDB-ID: 39513 "WordPress Plugin CP Polls 1.0.8 - Multiple Vulnerabilities"
5335. [I] cp-reservation-calendar
5336. [M] EDB-ID: 38187 "WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection"
5337. [I] cpl
5338. [M] EDB-ID: 11458 "WordPress Plugin Copperleaf Photolog 0.16 - SQL Injection"
5339. [I] crawlrate-tracker
5340. [M] EDB-ID: 17755 "WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection"
5341. [I] crayon-syntax-highlighter
5342. [M] EDB-ID: 37946 "WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion"
5343. [I] custom-content-type-manager
5344. [M] EDB-ID: 19058 "WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload"
5345. [I] custom-tables
5346. [M] EDB-ID: 37482 "WordPress Plugin custom tables - 'key' Cross-Site Scripting"
5347. [I] cysteme-finder
5348. [M] EDB-ID: 40295 "WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload"
5349. [I] db-backup
5350. [M] EDB-ID: 35378 "WordPress Plugin DB Backup - Arbitrary File Download"
5351. [I] disclosure-policy-plugin
5352. [M] EDB-ID: 17865 "WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion"
5353. [I] dm-albums
5354. [M] EDB-ID: 9043 "Adobe Flash Selection.SetSelection - Use-After-Free"
5355. [M] EDB-ID: 9048 "Adobe Flash TextField.replaceText - Use-After-Free"
5356. [I] downloads-manager
5357. [M] EDB-ID: 6127 "Pixel Studio 2.17 - Denial of Service (PoC)"
5358. [I] dp-thumbnail
5359. [I] drag-drop-file-uploader
5360. [M] EDB-ID: 19057 "WordPress Plugin drag and drop file upload 0.1 - Arbitrary File Upload"
5361. [I] dukapress
5362. [M] EDB-ID: 35346 "WordPress Plugin DukaPress 2.5.2 - Directory Traversal"
5363. [I] dzs-zoomsounds
5364. [M] EDB-ID: 37166 "WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload"
5365. [I] easy-contact-form-lite
5366. [M] EDB-ID: 17680 "WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection"
5367. [I] easy-weather-widget
5368. [I] ebook-download
5369. [M] EDB-ID: 39575 "WordPress Plugin eBook Download 1.1 - Directory Traversal"
5370. [I] editormonkey
5371. [M] EDB-ID: 17284 "WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload"
5372. [I] email-newsletter
5373. [M] EDB-ID: 37356 "WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure"
5374. [I] evarisk
5375. [M] EDB-ID: 17738 "WordPress Plugin Evarisk 5.1.3.6 - SQL Injection"
5376. [M] EDB-ID: 37399 "WordPress Plugin Evarisk - 'uploadPhotoApres.php' Arbitrary File Upload"
5377. [I] event-registration
5378. [M] EDB-ID: 17751 "WordPress Plugin Event Registration 5.4.3 - SQL Injection"
5379. [I] eventify
5380. [M] EDB-ID: 17794 "WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection"
5381. [I] everest-forms
5382. [I] extend-wordpress
5383. [I] fbgorilla
5384. [M] EDB-ID: 39283 "WordPress Plugin FB Gorilla - 'game_play.php' SQL Injection"
5385. [I] fbpromotions
5386. [M] EDB-ID: 17737 "WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection"
5387. [I] feature-slideshow
5388. [M] EDB-ID: 35285 "WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting"
5389. [I] featurific-for-wordpress
5390. [M] EDB-ID: 36339 "WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Cross-Site Scripting"
5391. [I] feedlist
5392. [M] EDB-ID: 34973 "WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting"
5393. [I] feedweb
5394. [M] EDB-ID: 38414 "WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting"
5395. [I] fgallery
5396. [M] EDB-ID: 4993 "GitList 0.6.0 - Argument Injection (Metasploit)"
5397. [I] file-groups
5398. [M] EDB-ID: 17677 "WordPress Plugin File Groups 1.1.2 - SQL Injection"
5399. [I] finder
5400. [M] EDB-ID: 37677 "WordPress Plugin Finder - 'order' Cross-Site Scripting"
5401. [I] firestats
5402. [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
5403. [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
5404. [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
5405. [I] flash-album-gallery
5406. [M] EDB-ID: 16947 "WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities"
5407. [M] EDB-ID: 36383 "WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting"
5408. [M] EDB-ID: 36434 "WordPress Plugin GRAND FlAGallery 1.57 - 'flagshow.php' Cross-Site Scripting"
5409. [M] EDB-ID: 36444 "WordPress Plugin flash-album-gallery - 'flagshow.php' Cross-Site Scripting"
5410. [I] flexible-custom-post-type
5411. [M] EDB-ID: 36317 "WordPress Plugin Flexible Custom Post Type - 'id' Cross-Site Scripting"
5412. [I] flipbook
5413. [M] EDB-ID: 37452 "WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload"
5414. [I] font-uploader
5415. [M] EDB-ID: 18994 "WordPress Plugin Font Uploader 1.2.4 - Arbitrary File Upload"
5416. [I] forum-server
5417. [M] EDB-ID: 16235 "WordPress Plugin Forum Server 1.6.5 - SQL Injection"
5418. [M] EDB-ID: 17828 "WordPress Plugin Forum Server 1.7 - SQL Injection"
5419. [I] foxypress
5420. [M] EDB-ID: 18991 "WordPress Plugin Foxypress 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload"
5421. [M] EDB-ID: 22374 "WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities"
5422. [I] front-end-upload
5423. [M] EDB-ID: 19008 "WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload"
5424. [I] front-file-manager
5425. [M] EDB-ID: 19012 "WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload"
5426. [I] fs-real-estate-plugin
5427. [M] EDB-ID: 22071 "WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection"
5428. [I] gallery-images
5429. [M] EDB-ID: 34524 "WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection"
5430. [M] EDB-ID: 39807 "WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities"
5431. [I] gd-star-rating
5432. [M] EDB-ID: 17973 "WordPress Plugin GD Star Rating 1.9.10 - SQL Injection"
5433. [M] EDB-ID: 35373 "WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting"
5434. [M] EDB-ID: 35835 "WordPress Plugin GD Star Rating - 'votes' SQL Injection"
5435. [I] global-flash-galleries
5436. [M] EDB-ID: 39059 "WordPress Plugin Global Flash Gallery - 'swfupload.php' Arbitrary File Upload"
5437. [I] google-mp3-audio-player
5438. [M] EDB-ID: 35460 "WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download"
5439. [I] grapefile
5440. [M] EDB-ID: 17760 "WordPress Plugin grapefile 1.1 - Arbitrary File Upload"
5441. [I] gwolle-gb
5442. [M] EDB-ID: 38861 "WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion"
5443. [I] hb-audio-gallery-lite
5444. [M] EDB-ID: 39589 "WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download"
5445. [I] hd-webplayer
5446. [M] EDB-ID: 20918 "WordPress Plugin HD Webplayer 1.1 - SQL Injection"
5447. [I] hitasoft_player
5448. [M] EDB-ID: 38012 "WordPress Plugin FLV Player - 'id' SQL Injection"
5449. [I] html5avmanager
5450. [M] EDB-ID: 18990 "WordPress Plugin HTML5 AV Manager 0.2.7 - Arbitrary File Upload"
5451. [I] igit-posts-slider-widget
5452. [M] EDB-ID: 35392 "WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting"
5453. [I] image-gallery-with-slideshow
5454. [M] EDB-ID: 17761 "WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities"
5455. [I] imdb-widget
5456. [M] EDB-ID: 39621 "WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion"
5457. [I] inboundio-marketing
5458. [M] EDB-ID: 36478 "WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload"
5459. [I] inline-gallery
5460. [M] EDB-ID: 35418 "WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting"
5461. [I] invit0r
5462. [M] EDB-ID: 37403 "WordPress Plugin Invit0r - 'ofc_upload_image.php' Arbitrary File Upload"
5463. [I] ip-logger
5464. [M] EDB-ID: 17673 "WordPress Plugin IP-Logger 3.0 - SQL Injection"
5465. [I] is-human
5466. [M] EDB-ID: 17299 "WordPress Plugin Is-human 1.4.2 - Remote Command Execution"
5467. [I] iwant-one-ihave-one
5468. [M] EDB-ID: 16236 "WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities"
5469. [I] jetpack
5470. [M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
5471. [I] jm-breaking-news
5472. [I] job-manager
5473. [I] joliprint
5474. [M] EDB-ID: 37176 "WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities"
5475. [I] jquery-mega-menu
5476. [M] EDB-ID: 16250 "WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion"
5477. [I] jrss-widget
5478. [M] EDB-ID: 34977 "WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure"
5479. [I] js-appointment
5480. [M] EDB-ID: 17724 "WordPress Plugin Js-appointment 1.5 - SQL Injection"
5481. [I] jtrt-responsive-tables
5482. [M] EDB-ID: 43110 "WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection"
5483. [I] kino-gallery
5484. [I] kish-guest-posting
5485. [I] kittycatfish
5486. [M] EDB-ID: 41919 "WordPress Plugin KittyCatfish 2.2 - SQL Injection"
5487. [I] knews
5488. [M] EDB-ID: 37484 "WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting"
5489. [I] knr-author-list-widget
5490. [M] EDB-ID: 17791 "WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection"
5491. [I] lanoba-social-plugin
5492. [M] EDB-ID: 36326 "WordPress Plugin Lanoba Social 1.0 - 'action' Cross-Site Scripting"
5493. [I] lazy-content-slider
5494. [M] EDB-ID: 40070 "WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)"
5495. [I] lazy-seo
5496. [M] EDB-ID: 28452 "WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload"
5497. [I] lazyest-gallery
5498. [M] EDB-ID: 35435 "WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting"
5499. [I] lb-mixed-slideshow
5500. [M] EDB-ID: 37418 "WordPress Plugin LB Mixed Slideshow - 'upload.php' Arbitrary File Upload"
5501. [I] leaguemanager
5502. [M] EDB-ID: 24789 "WordPress Plugin LeagueManager 3.8 - SQL Injection"
5503. [I] leenkme
5504. [I] levelfourstorefront
5505. [M] EDB-ID: 38158 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection"
5506. [M] EDB-ID: 38159 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID' SQL Injection"
5507. [M] EDB-ID: 38160 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection"
5508. [I] like-dislike-counter-for-posts-pages-and-comments
5509. [M] EDB-ID: 34553 "WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection"
5510. [I] link-library
5511. [M] EDB-ID: 17887 "WordPress Plugin Link Library 5.2.1 - SQL Injection"
5512. [I] lisl-last-image-slider
5513. [I] livesig
5514. [M] EDB-ID: 17864 "WordPress Plugin Livesig 0.4 - Remote File Inclusion"
5515. [I] localize-my-post
5516. [M] EDB-ID: 45439 "WordPress Plugin Localize My Post 1.0 - Local File Inclusion"
5517. [I] mac-dock-gallery
5518. [M] EDB-ID: 19056 "WordPress Plugin Mac Photo Gallery 2.7 - Arbitrary File Upload"
5519. [I] madebymilk
5520. [M] EDB-ID: 38041 "WordPress Theme Madebymilk - 'id' SQL Injection"
5521. [I] mail-masta
5522. [M] EDB-ID: 40290 "WordPress Plugin Mail Masta 1.0 - Local File Inclusion"
5523. [M] EDB-ID: 41438 "WordPress Plugin Mail Masta 1.0 - SQL Injection"
5524. [I] mailz
5525. [M] EDB-ID: 17866 "WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion"
5526. [M] EDB-ID: 18276 "WordPress Plugin Mailing List - Arbitrary File Download"
5527. [I] media-library-categories
5528. [M] EDB-ID: 17628 "WordPress Plugin Media Library Categories 1.0.6 - SQL Injection"
5529. [I] meenews
5530. [M] EDB-ID: 36340 "WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Cross-Site Scripting"
5531. [I] membership-simplified-for-oap-members-only
5532. [M] EDB-ID: 41622 "Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download"
5533. [I] mingle-forum
5534. [M] EDB-ID: 15943 "WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities"
5535. [M] EDB-ID: 17894 "WordPress Plugin Mingle Forum 1.0.31 - SQL Injection"
5536. [I] mm-forms-community
5537. [M] EDB-ID: 17725 "WordPress Plugin MM Forms Community 1.2.3 - SQL Injection"
5538. [M] EDB-ID: 18997 "WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload"
5539. [I] monsters-editor-10-for-wp-super-edit
5540. [M] EDB-ID: 37654 "WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload"
5541. [I] mukioplayer-for-wordpress
5542. [M] EDB-ID: 38755 "WordPress Plugin mukioplayer4wp - 'cid' SQL Injection"
5543. [I] multilanguage
5544. [I] myflash
5545. [M] EDB-ID: 3828 "Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)"
5546. [I] mystat
5547. [M] EDB-ID: 17740 "WordPress Plugin mySTAT 2.6 - SQL Injection"
5548. [I] nextgen-gallery
5549. [M] EDB-ID: 12098 "WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting"
5550. [M] EDB-ID: 38178 "WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting"
5551. [M] EDB-ID: 39100 "WordPress Plugin NextGEN Gallery - 'jqueryFileTree.php' Directory Traversal"
5552. [I] nextgen-smooth-gallery
5553. [M] EDB-ID: 14541 "WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection"
5554. [I] ocim-mp3
5555. [M] EDB-ID: 39498 "WordPress Plugin Ocim MP3 - SQL Injection"
5556. [I] odihost-newsletter-plugin
5557. [M] EDB-ID: 17681 "WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection"
5558. [I] old-post-spinner
5559. [M] EDB-ID: 16251 "WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion"
5560. [I] olimometer
5561. [M] EDB-ID: 40804 "WordPress Plugin Olimometer 2.56 - SQL Injection"
5562. [I] omni-secure-files
5563. [M] EDB-ID: 19009 "WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload"
5564. [I] oqey-gallery
5565. [M] EDB-ID: 17779 "WordPress Plugin oQey Gallery 0.4.8 - SQL Injection"
5566. [M] EDB-ID: 35288 "WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting"
5567. [I] oqey-headers
5568. [M] EDB-ID: 17730 "WordPress Plugin oQey Headers 0.3 - SQL Injection"
5569. [I] page-flip-image-gallery
5570. [M] EDB-ID: 30084 "WordPress Plugin page-flip-image-gallery - Arbitrary File Upload"
5571. [M] EDB-ID: 7543 "Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure"
5572. [I] page-visit-counter
5573. [I] paid-downloads
5574. [M] EDB-ID: 17797 "WordPress Plugin Paid Downloads 2.01 - SQL Injection"
5575. [M] EDB-ID: 36135 "WordPress Plugin Auctions 1.8.8 - 'wpa_id' SQL Injection"
5576. [I] participants-database
5577. [I] pay-with-tweet.php
5578. [M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
5579. [I] paypal-currency-converter-basic-for-woocommerce
5580. [M] EDB-ID: 37253 "WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read"
5581. [I] peugeot-music-plugin
5582. [M] EDB-ID: 44737 "WordPress Plugin Peugeot Music - Arbitrary File Upload"
5583. [I] photocart-link
5584. [M] EDB-ID: 39623 "WordPress Plugin Photocart Link 1.6 - Local File Inclusion"
5585. [I] photoracer
5586. [M] EDB-ID: 17720 "WordPress Plugin Photoracer 1.0 - SQL Injection"
5587. [M] EDB-ID: 17731 "WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities"
5588. [M] EDB-ID: 8961 "WordPress Plugin Photoracer 1.0 - 'id' SQL Injection"
5589. [I] photosmash-galleries
5590. [M] EDB-ID: 35429 "WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting"
5591. [M] EDB-ID: 38872 "WordPress Plugin PhotoSmash Galleries - 'bwbps-uploader.php' Arbitrary File Upload"
5592. [I] php_speedy_wp
5593. [I] phpfreechat
5594. [M] EDB-ID: 37485 "WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting"
5595. [I] pica-photo-gallery
5596. [M] EDB-ID: 19016 "WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure"
5597. [M] EDB-ID: 19055 "WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload"
5598. [I] pictpress
5599. [M] EDB-ID: 4695 "Karaoke Video Creator 2.2.8 - Denial of Service"
5600. [I] picturesurf-gallery
5601. [M] EDB-ID: 37371 "WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload"
5602. [I] placester
5603. [M] EDB-ID: 35562 "WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting"
5604. [I] player
5605. [M] EDB-ID: 38458 "WordPress Plugin Spider Video Player - 'theme' SQL Injection"
5606. [I] plg_novana
5607. [I] plugin-dir
5608. [M] EDB-ID: 22853 "WordPress Plugin Facebook Survey 1.0 - SQL Injection"
5609. [I] plugin-newsletter
5610. [M] EDB-ID: 19018 "WordPress Plugin NewsLetter 1.5 - Remote File Disclosure"
5611. [I] podpress
5612. [M] EDB-ID: 38376 "WordPress Plugin podPress - 'playerID' Cross-Site Scripting"
5613. [I] portable-phpmyadmin
5614. [M] EDB-ID: 23356 "WordPress Plugin Portable phpMyAdmin - Authentication Bypass"
5615. [I] post-highlights
5616. [M] EDB-ID: 17790 "WordPress Plugin post highlights 2.2 - SQL Injection"
5617. [I] post-recommendations-for-wordpress
5618. [M] EDB-ID: 37506 "WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion"
5619. [I] powerhouse-museum-collection-image-grid
5620. [M] EDB-ID: 35287 "WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Scripting"
5621. [I] premium_gallery_manager
5622. [I] pretty-link
5623. [M] EDB-ID: 36233 "WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities"
5624. [M] EDB-ID: 36408 "WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting"
5625. [M] EDB-ID: 37196 "WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting"
5626. [M] EDB-ID: 38324 "WordPress Plugin Pretty Link - Cross-Site Scripting"
5627. [I] profiles
5628. [M] EDB-ID: 17739 "WordPress Plugin Profiles 2.0 RC1 - SQL Injection"
5629. [I] proplayer
5630. [M] EDB-ID: 17616 "WordPress Plugin ProPlayer 4.7.7 - SQL Injection"
5631. [M] EDB-ID: 25605 "WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection"
5632. [I] pure-html
5633. [M] EDB-ID: 17758 "WordPress Plugin PureHTML 1.0.0 - SQL Injection"
5634. [I] q-and-a-focus-plus-faq
5635. [M] EDB-ID: 39806 "WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities"
5636. [I] radykal-fancy-gallery
5637. [M] EDB-ID: 19398 "WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload"
5638. [I] rating-widget
5639. [I] rb-agency
5640. [M] EDB-ID: 40333 "WordPress Plugin RB Agency 2.4.7 - Local File Disclosure"
5641. [I] rbxgallery
5642. [M] EDB-ID: 19019 "WordPress Plugin RBX Gallery 2.1 - Arbitrary File Upload"
5643. [I] real3d-flipbook
5644. [M] EDB-ID: 40055 "WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities"
5645. [I] really-easy-slider
5646. [I] really-simple-guest-post
5647. [M] EDB-ID: 37209 "WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion"
5648. [I] recent-backups
5649. [M] EDB-ID: 37752 "WordPress Plugin Recent Backups 0.7 - Arbitrary File Download"
5650. [I] recipe
5651. [M] EDB-ID: 31228 "WordPress Plugin Recipes Blog - 'id' SQL Injection"
5652. [I] reciply
5653. [M] EDB-ID: 35265 "WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload"
5654. [I] reflex-gallery
5655. [M] EDB-ID: 36374 "WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload"
5656. [I] rekt-slideshow
5657. [I] related-sites
5658. [M] EDB-ID: 9054 "Adobe Flash TextField.tabIndex Setter - Use-After-Free"
5659. [I] relocate-upload
5660. [M] EDB-ID: 17869 "WordPress Plugin Relocate Upload 0.14 - Remote File Inclusion"
5661. [I] rent-a-car
5662. [I] resume-submissions-job-postings
5663. [M] EDB-ID: 19791 "WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload"
5664. [I] rich-widget
5665. [M] EDB-ID: 37653 "WordPress Plugin Rich Widget - Arbitrary File Upload"
5666. [I] ripe-hd-player
5667. [M] EDB-ID: 24229 "WordPress Plugin Ripe HD FLV Player - SQL Injection"
5668. [I] robotcpa
5669. [M] EDB-ID: 37252 "WordPress Plugin RobotCPA V5 - Local File Inclusion"
5670. [I] rss-feed-reader
5671. [M] EDB-ID: 35261 "WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting"
5672. [I] s3bubble-amazon-s3-html-5-video-with-adverts
5673. [M] EDB-ID: 37494 "WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download"
5674. [I] sassy-social-share
5675. [I] scormcloud
5676. [M] EDB-ID: 17793 "WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection"
5677. [I] se-html5-album-audio-player
5678. [M] EDB-ID: 37274 "WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal"
5679. [I] search-autocomplete
5680. [M] EDB-ID: 17767 "WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection"
5681. [I] securimage-wp
5682. [M] EDB-ID: 38510 "WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting"
5683. [I] sell-downloads
5684. [M] EDB-ID: 38868 "WordPress Plugin Sell Download 1.0.16 - Local File Disclosure"
5685. [I] sendit
5686. [M] EDB-ID: 17716 "WordPress Plugin SendIt 1.5.9 - Blind SQL Injection"
5687. [I] seo-automatic-seo-tools
5688. [M] EDB-ID: 34975 "WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal"
5689. [I] seo-watcher
5690. [M] EDB-ID: 38782 "WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
5691. [I] sermon-browser
5692. [M] EDB-ID: 17214 "WordPress Plugin SermonBrowser 0.43 - SQL Injection"
5693. [M] EDB-ID: 35657 "WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection"
5694. [I] sexy-contact-form
5695. [M] EDB-ID: 34922 "WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload"
5696. [M] EDB-ID: 35057 "WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload"
5697. [I] sf-booking
5698. [M] EDB-ID: 43475 "WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure"
5699. [I] sfbrowser
5700. [M] EDB-ID: 19054 "WordPress Plugin SfBrowser 1.4.5 - Arbitrary File Upload"
5701. [I] sfwd-lms
5702. [I] sh-slideshow
5703. [M] EDB-ID: 17748 "WordPress Plugin SH Slideshow 3.1.4 - SQL Injection"
5704. [I] sharebar
5705. [M] EDB-ID: 37201 "WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting"
5706. [I] shortcodes-ultimate
5707. [I] si-contact-form
5708. [M] EDB-ID: 36050 "WordPress Plugin Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting"
5709. [I] simple-ads-manager
5710. [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
5711. [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
5712. [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
5713. [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
5714. [I] simple-download-button-shortcode
5715. [M] EDB-ID: 19020 "WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure"
5716. [I] simple-fields
5717. [M] EDB-ID: 44425 "WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution"
5718. [I] simple-forum
5719. [I] site-editor
5720. [M] EDB-ID: 44340 "Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion"
5721. [I] site-import
5722. [M] EDB-ID: 39558 "WordPress Plugin Site Import 1.0.1 - Local/Remote File Inclusion"
5723. [I] skysa-official
5724. [M] EDB-ID: 36363 "WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting"
5725. [I] slider-image
5726. [M] EDB-ID: 37361 "WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities"
5727. [I] slideshow-gallery-2
5728. [M] EDB-ID: 36631 "WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting"
5729. [I] slideshow-jquery-image-gallery
5730. [M] EDB-ID: 37948 "WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities"
5731. [I] smart-flv
5732. [M] EDB-ID: 38331 "WordPress Plugin Smart Flv - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities"
5733. [I] smart-google-code-inserter
5734. [I] sniplets
5735. [M] EDB-ID: 5194 "Wansview 1.0.2 - Denial of Service (PoC)"
5736. [I] social-discussions
5737. [M] EDB-ID: 22158 "WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities"
5738. [I] social-slider-2
5739. [M] EDB-ID: 17617 "WordPress Plugin Social Slider 5.6.5 - SQL Injection"
5740. [I] socialfit
5741. [M] EDB-ID: 37481 "WordPress Plugin SocialFit - 'msg' Cross-Site Scripting"
5742. [I] sodahead-polls
5743. [I] sp-client-document-manager
5744. [M] EDB-ID: 35313 "WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection"
5745. [M] EDB-ID: 36576 "WordPress Plugin SP Project & Document Manager 2.5.3 - Blind SQL Injection"
5746. [I] spicy-blogroll
5747. [M] EDB-ID: 26804 "WordPress Plugin Spicy Blogroll - Local File Inclusion"
5748. [I] spider-event-calendar
5749. [M] EDB-ID: 25723 "WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities"
5750. [I] spiffy
5751. [M] EDB-ID: 38441 "WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection"
5752. [I] st_newsletter
5753. [M] EDB-ID: 31096 "WordPress Plugin ShiftThis NewsLetter - SQL Injection"
5754. [M] EDB-ID: 6777 "Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)"
5755. [I] store-locator-le
5756. [M] EDB-ID: 18989 "WordPress Plugin Google Maps via Store Locator 2.7.1 < 3.0.1 - Multiple Vulnerabilities"
5757. [I] taggator
5758. [I] taggedalbums
5759. [M] EDB-ID: 38023 "WordPress Plugin Tagged Albums - 'id' SQL Injection"
5760. [I] tagninja
5761. [M] EDB-ID: 35300 "WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting"
5762. [I] tera-charts
5763. [M] EDB-ID: 39256 "WordPress Plugin Tera Charts (tera-charts) - '/charts/treemap.php?fn' Directory Traversal"
5764. [M] EDB-ID: 39257 "WordPress Plugin Tera Charts (tera-charts) - '/charts/zoomabletreemap.php?fn' Directory Traversal"
5765. [I] the-welcomizer
5766. [M] EDB-ID: 36445 "WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting"
5767. [I] thecartpress
5768. [M] EDB-ID: 17860 "WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion"
5769. [M] EDB-ID: 36481 "WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting"
5770. [M] EDB-ID: 38869 "WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities"
5771. [I] thinkun-remind
5772. [M] EDB-ID: 19021 "WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure"
5773. [I] tinymce-thumbnail-gallery
5774. [M] EDB-ID: 19022 "WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure"
5775. [I] topquark
5776. [M] EDB-ID: 19053 "WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload"
5777. [I] track-that-stat
5778. [M] EDB-ID: 37204 "WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting"
5779. [I] trafficanalyzer
5780. [M] EDB-ID: 38439 "WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting"
5781. [I] tune-library
5782. [M] EDB-ID: 17816 "WordPress Plugin Tune Library 2.17 - SQL Injection"
5783. [I] ucan-post
5784. [M] EDB-ID: 18390 "WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting"
5785. [I] ultimate-product-catalogue
5786. [M] EDB-ID: 36823 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)"
5787. [M] EDB-ID: 36824 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)"
5788. [M] EDB-ID: 36907 "WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities"
5789. [M] EDB-ID: 39974 "WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation"
5790. [M] EDB-ID: 40012 "WordPress Plugin Ultimate Product Catalog 3.8.6 - Arbitrary File Upload"
5791. [M] EDB-ID: 40174 "WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection"
5792. [I] ungallery
5793. [M] EDB-ID: 17704 "WordPress Plugin UnGallery 1.5.8 - Local File Disclosure"
5794. [I] uploader
5795. [M] EDB-ID: 35255 "WordPress Plugin Uploader 1.0 - 'num' Cross-Site Scripting"
5796. [M] EDB-ID: 38163 "WordPress Plugin Uploader - Arbitrary File Upload"
5797. [M] EDB-ID: 38355 "WordPress Plugin Uploader - 'blog' Cross-Site Scripting"
5798. [I] uploadify-integration
5799. [M] EDB-ID: 37070 "WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities"
5800. [I] uploads
5801. [I] upm-polls
5802. [M] EDB-ID: 17627 "WordPress Plugin UPM Polls 1.0.3 - SQL Injection"
5803. [I] user-avatar
5804. [I] user-meta
5805. [M] EDB-ID: 19052 "WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload"
5806. [I] userpro
5807. [M] EDB-ID: 46083 "Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation"
5808. [I] users-ultra
5809. [I] verve-meta-boxes
5810. [I] videowhisper-live-streaming-integration
5811. [M] EDB-ID: 31986 "WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities"
5812. [I] videowhisper-video-conference-integration
5813. [M] EDB-ID: 36617 "WordPress Plugin VideoWhisper Video Presentation 3.31.17 - Arbitrary File Upload"
5814. [M] EDB-ID: 36618 "WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload"
5815. [I] videowhisper-video-presentation
5816. [M] EDB-ID: 17771 "WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection"
5817. [M] EDB-ID: 37357 "WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload"
5818. [I] vk-gallery
5819. [I] vodpod-video-gallery
5820. [M] EDB-ID: 34976 "WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting"
5821. [I] wassup
5822. [I] webinar_plugin
5823. [M] EDB-ID: 22300 "WordPress Plugin Easy Webinar - Blind SQL Injection"
5824. [I] webplayer
5825. [I] website-contact-form-with-file-upload
5826. [M] EDB-ID: 36952 "WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion"
5827. [I] website-faq
5828. [M] EDB-ID: 19400 "WordPress Plugin Website FAQ 1.0 - SQL Injection"
5829. [I] wechat-broadcast
5830. [M] EDB-ID: 45438 "WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion"
5831. [I] woocommerce
5832. [M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
5833. [I] woopra
5834. [M] EDB-ID: 38783 "WordPress Plugin Woopra Analytics - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
5835. [I] wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg
5836. [M] EDB-ID: 17763 "Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference"
5837. [I] wordpress-member-private-conversation
5838. [M] EDB-ID: 37353 "WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload"
5839. [I] wordpress-processing-embed
5840. [M] EDB-ID: 35066 "WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting"
5841. [I] wordtube
5842. [M] EDB-ID: 3825 "GoodiWare GoodReader iPhone - '.XLS' Denial of Service"
5843. [I] work-the-flow-file-upload
5844. [M] EDB-ID: 36640 "WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload"
5845. [I] wp-adserve
5846. [I] wp-advanced-pdf
5847. [I] wp-audio-gallery-playlist
5848. [M] EDB-ID: 17756 "WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection"
5849. [I] wp-automatic
5850. [M] EDB-ID: 19187 "WordPress Plugin Automatic 2.0.3 - SQL Injection"
5851. [I] wp-autosuggest
5852. [M] EDB-ID: 45977 "WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection"
5853. [I] wp-autoyoutube
5854. [M] EDB-ID: 18353 "WordPress Plugin wp-autoyoutube - Blind SQL Injection"
5855. [I] wp-bannerize
5856. [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
5857. [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
5858. [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
5859. [I] wp-banners-lite
5860. [M] EDB-ID: 38410 "WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection"
5861. [I] wp-booking-calendar
5862. [M] EDB-ID: 44769 "Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting"
5863. [I] wp-business-intelligence
5864. [M] EDB-ID: 36600 "WordPress Plugin Business Intelligence - SQL Injection (Metasploit)"
5865. [I] wp-business-intelligence-lite
5866. [I] wp-cal
5867. [M] EDB-ID: 4992 "Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)"
5868. [I] wp-comment-remix
5869. [I] wp-content
5870. [M] EDB-ID: 37123 "WordPress Plugin WPsc MijnPress - 'rwflush' Cross-Site Scripting"
5871. [I] wp-copysafe-pdf
5872. [M] EDB-ID: 39254 "WordPress Plugin CopySafe PDF Protection - Arbitrary File Upload"
5873. [I] wp-cumulus
5874. [M] EDB-ID: 10228 "WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting"
5875. [M] EDB-ID: 33371 "WordPress Plugin WP-Cumulus 1.x - 'tagcloud.swf' Cross-Site Scripting"
5876. [I] wp-custom-pages
5877. [M] EDB-ID: 17119 "WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion"
5878. [I] wp-ds-faq
5879. [M] EDB-ID: 17683 "WordPress Plugin DS FAQ 1.3.2 - SQL Injection"
5880. [I] wp-e-commerce
5881. [M] EDB-ID: 36018 "WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting"
5882. [I] wp-easycart
5883. [M] EDB-ID: 35730 "WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload"
5884. [I] wp-ecommerce-shop-styling
5885. [M] EDB-ID: 37530 "WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download"
5886. [I] wp-events-calendar
5887. [M] EDB-ID: 44785 "WordPress Plugin Events Calendar - SQL Injection"
5888. [I] wp-featured-post-with-thumbnail
5889. [M] EDB-ID: 35262 "WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting"
5890. [I] wp-filebase
5891. [M] EDB-ID: 17808 "WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection"
5892. [I] wp-filemanager
5893. [M] EDB-ID: 25440 "WordPress Plugin wp-FileManager - Arbitrary File Download"
5894. [M] EDB-ID: 38515 "WordPress Plugin wp-FileManager - 'path' Arbitrary File Download"
5895. [M] EDB-ID: 4844 "STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution"
5896. [I] wp-footnotes
5897. [M] EDB-ID: 31092 "WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities"
5898. [I] wp-forum
5899. [M] EDB-ID: 7738 "WordPress Plugin WP-Forum 1.7.8 - SQL Injection"
5900. [I] wp-glossary
5901. [M] EDB-ID: 18055 "WordPress Plugin Glossary - SQL Injection"
5902. [I] wp-google-drive
5903. [M] EDB-ID: 44435 "WordPress Plugin Google Drive 2.2 - Remote Code Execution"
5904. [I] wp-gpx-maps
5905. [M] EDB-ID: 19050 "WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload"
5906. [I] wp-imagezoom
5907. [M] EDB-ID: 37243 "WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities"
5908. [M] EDB-ID: 37419 "WordPress Plugin Wp-ImageZoom - 'file' Remote File Disclosure"
5909. [M] EDB-ID: 38063 "WordPress Theme Wp-ImageZoom - 'id' SQL Injection"
5910. [I] wp-livephp
5911. [M] EDB-ID: 36483 "WordPress Plugin WP Live.php 1.2.1 - 's' Cross-Site Scripting"
5912. [I] wp-lytebox
5913. [I] wp-marketplace
5914. [I] wp-menu-creator
5915. [M] EDB-ID: 17689 "WordPress Plugin Menu Creator 1.1.7 - SQL Injection"
5916. [I] wp-mobile-detector
5917. [M] EDB-ID: 39891 "WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload"
5918. [I] wp-people
5919. [M] EDB-ID: 31230 "WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection"
5920. [I] wp-polls
5921. [M] EDB-ID: 10256 "WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter"
5922. [I] wp-property
5923. [M] EDB-ID: 18987 "WordPress Plugin WP-Property 1.35.0 - Arbitrary File Upload"
5924. [I] wp-publication-archive
5925. [M] EDB-ID: 35263 "WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure"
5926. [I] wp-realty
5927. [M] EDB-ID: 29021 "WordPress Plugin Realty - Blind SQL Injection"
5928. [M] EDB-ID: 38808 "WordPress Plugin WP-Realty - 'listing_id' SQL Injection"
5929. [M] EDB-ID: 39109 "WordPress Plugin Relevanssi - 'category_name' SQL Injection"
5930. [I] wp-responsive-thumbnail-slider
5931. [M] EDB-ID: 45099 "WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)"
5932. [I] wp-safe-search
5933. [M] EDB-ID: 35067 "WordPress Plugin Safe Search - 'v1' Cross-Site Scripting"
5934. [I] wp-shopping-cart
5935. [M] EDB-ID: 6867 "Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow"
5936. [I] wp-source-control
5937. [M] EDB-ID: 39287 "WordPress Plugin WP Content Source Control - 'download.php' Directory Traversal"
5938. [I] wp-spamfree
5939. [M] EDB-ID: 17970 "WordPress Plugin WP-SpamFree Spam Plugin - SQL Injection"
5940. [I] wp-spry-menu
5941. [I] wp-starsratebox
5942. [M] EDB-ID: 35634 "WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection"
5943. [I] wp-stats-dashboard
5944. [I] wp-support-plus-responsive-ticket-system
5945. [M] EDB-ID: 34589 "SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation"
5946. [I] wp-survey-and-quiz-tool
5947. [M] EDB-ID: 34974 "WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting"
5948. [I] wp-swimteam
5949. [M] EDB-ID: 37601 "WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download"
5950. [I] wp-symposium
5951. [M] EDB-ID: 17679 "WordPress Plugin Symposium 0.64 - SQL Injection"
5952. [M] EDB-ID: 35505 "WordPress Plugin Symposium 14.10 - SQL Injection"
5953. [M] EDB-ID: 35543 "WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload"
5954. [M] EDB-ID: 37822 "WordPress Plugin WP Symposium 15.1 - Blind SQL Injection"
5955. [M] EDB-ID: 37824 "WordPress Plugin WP Symposium 15.1 - 'get_album_item.php' SQL Injection"
5956. [I] wp-symposium-toolbar
5957. [I] wp-syntax
5958. [M] EDB-ID: 9431 "Adobe Photoshop CC / Bridge CC - '.iff' Parsing Memory Corruption"
5959. [I] wp-table
5960. [M] EDB-ID: 3824 "Office^2 iPhone - '.XLS' Denial of Service"
5961. [I] wp-table-reloaded
5962. [M] EDB-ID: 38251 "WordPress Plugin WP-Table Reloaded - 'id' Cross-Site Scripting"
5963. [I] wp-twitter-feed
5964. [M] EDB-ID: 35084 "WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting"
5965. [I] wp-whois
5966. [M] EDB-ID: 36488 "WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting"
5967. [I] wp-with-spritz
5968. [M] EDB-ID: 44544 "WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion"
5969. [I] wpSS
5970. [M] EDB-ID: 39279 "WordPress Plugin wpSS - 'ss_handler.php' SQL Injection"
5971. [M] EDB-ID: 5486 "PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Plaintext Data Memory Leak Denial of Service"
5972. [I] wp_rokintroscroller
5973. [M] EDB-ID: 38767 "WordPress Plugin RokIntroScroller - 'thumb.php' Multiple Vulnerabilities"
5974. [I] wp_rokmicronews
5975. [M] EDB-ID: 38768 "WordPress Plugin RokMicroNews - 'thumb.php' Multiple Vulnerabilities"
5976. [I] wp_roknewspager
5977. [M] EDB-ID: 38756 "WordPress Plugin RokNewsPager - 'thumb.php' Multiple Vulnerabilities"
5978. [I] wp_rokstories
5979. [M] EDB-ID: 38757 "WordPress Plugin RokStories - 'thumb.php' Multiple Vulnerabilities"
5980. [I] wpeasystats
5981. [M] EDB-ID: 17862 "WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion"
5982. [I] wpforum
5983. [M] EDB-ID: 17684 "WordPress Plugin Forum 1.7.8 - SQL Injection"
5984. [I] wpmarketplace
5985. [M] EDB-ID: 18988 "WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload"
5986. [I] wpsite-background-takeover
5987. [M] EDB-ID: 44417 "WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal"
5988. [I] wpstorecart
5989. [M] EDB-ID: 19023 "ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions"
5990. [I] wptf-image-gallery
5991. [M] EDB-ID: 37751 "WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download"
5992. [I] wptouch
5993. [M] EDB-ID: 18039 "WordPress Plugin wptouch - SQL Injection"
5994. [I] x7host-videox7-ugc-plugin
5995. [M] EDB-ID: 35257 "WordPress Plugin Videox7 UGC 2.5.3.2 - 'listid' Cross-Site Scripting"
5996. [M] EDB-ID: 35264 "WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting"
5997. [I] xcloner-backup-and-restore
5998. [M] EDB-ID: 16246 "Joomla! Component com_xcloner-backupandrestore - Remote Command Execution"
5999. [I] xerte-online
6000. [M] EDB-ID: 38157 "WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload"
6001. [I] xml-and-csv-import-in-article-content
6002. [M] EDB-ID: 39576 "WordPress Plugin Import CSV 1.0 - Directory Traversal"
6003. [I] xorbin-analog-flash-clock
6004. [M] EDB-ID: 38608 "WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Cross-Site Scripting"
6005. [I] xorbin-digital-flash-clock
6006. [M] EDB-ID: 38621 "WordPress Plugin Xorbin Digital Flash Clock - 'widgetUrl' Cross-Site Scripting"
6007. [I] yolink-search
6008. [M] EDB-ID: 17757 "WordPress Plugin yolink Search 1.1.4 - SQL Injection"
6009. [I] yousaytoo-auto-publishing-plugin
6010. [M] EDB-ID: 36620 "WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting"
6011. [I] yt-audio-streaming-audio-from-youtube
6012. [M] EDB-ID: 35394 "WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting"
6013. [I] zarzadzanie_kontem
6014. [M] EDB-ID: 38050 "WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload"
6015. [I] zingiri-forum
6016. [M] EDB-ID: 38101 "WordPress Plugin Zingiri Forums - 'language' Local File Inclusion"
6017. [I] zingiri-web-shop
6018. [M] EDB-ID: 17867 "WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion"
6019. [M] EDB-ID: 37406 "WordPress Plugin Zingiri Web Shop 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload"
6020. [M] EDB-ID: 38046 "WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload"
6021. [I] zotpress
6022. [M] EDB-ID: 17778 "WordPress Plugin Zotpress 4.4 - SQL Injection"
6023. [I] Checking for Directory Listing Enabled ...
6024. [-] Date & Time: 30/06/2019 16:48:49
6025. [-] Completed in: 1:32:29
6026. #######################################################################################################################################
6027. [INFO] Date: 30/06/19 | Time: 16:32:47
6028. [INFO] ------TARGET info------
6029. [*] TARGET: http://www.audit.gov.sd/?lang=ar
6030. [*] TARGET IP: 138.128.160.2
6031. [INFO] NO load balancer detected for www.audit.gov.sd...
6032. [*] DNS servers: audit.gov.sd.
6033. [*] TARGET server: Apache
6034. [*] CC: US
6035. [*] Country: United States
6036. [*] RegionCode: FL
6037. [*] RegionName: Florida
6038. [*] City: Orlando
6039. [*] ASN: AS33182
6040. [*] BGP_PREFIX: 138.128.160.0/19
6041. [*] ISP: DIMENOC - HostDime.com, Inc., US
6042. [INFO] DNS enumeration:
6043. [*] ftp.audit.gov.sd 138.128.160.2
6044. [*] mail.audit.gov.sd 212.0.136.50
6045. [*] webmail.audit.gov.sd 138.128.160.2
6046. [INFO] Possible abuse mails are:
6047. [*] abuse@audit.gov.sd
6048. [*] abuse@www.audit.gov.sd
6049. [*] spamcop@dimenoc.com
6050. [INFO] NO PAC (Proxy Auto Configuration) file FOUND
6051. [ALERT] robots.txt file FOUND in http://www.audit.gov.sd/robots.txt
6052. [INFO] Checking for HTTP status codes recursively from http://www.audit.gov.sd/robots.txt
6053. [INFO] Status code Folders
6054. [INFO] Starting FUZZing in http://www.audit.gov.sd/FUzZzZzZzZz...
6055. [INFO] Status code Folders
6056. [ALERT] Look in the source code. It may contain passwords
6057. [INFO] Links found from http://www.audit.gov.sd/?lang=ar http://138.128.160.2/:
6058. [*] http://138.128.160.2/cgi-sys/defaultwebpage.cgi
6059. [*] https://plus.google.com/112988279842067073128
6060. [*] https://themegrill.com/themes/colormag
6061. [*] https://web.facebook.com/SudanAuditChamber/?ref=aymt_homepage_panel
6062. [*] https://wordpress.org/
6063. [*] https://www.youtube.com/channel/UCl5Q-D82P_4bXy87aoqdNvg
6064. [*] http://www.afrosai-e.org.za/
6065. [*] http://www.afrosai.org/
6066. [*] http://www.arabosai.org/
6067. [*] http://www.audit.gov.sd/?cat=27&lang=ar
6068. [*] http://www.audit.gov.sd/?cat=28&lang=ar
6069. [*] http://www.audit.gov.sd/?cat=33&lang=ar
6070. [*] http://www.audit.gov.sd/?cat=35&lang=ar
6071. [*] http://www.audit.gov.sd/?cat=56&lang=ar
6072. [*] http://www.audit.gov.sd/?cat=57&lang=ar
6073. [*] http://www.audit.gov.sd/?cat=59&lang=ar
6074. [*] http://www.audit.gov.sd/?cat=5&lang=ar
6075. [*] http://www.audit.gov.sd/?cat=6&lang=ar
6076. [*] http://www.audit.gov.sd/?feed=rss2&lang=ar
6077. [*] http://www.audit.gov.sd/?feed=rss2&lang=ar?post_type=jm_breaking_news
6078. [*] http://www.audit.gov.sd/?lang=ar
6079. [*] http://www.audit.gov.sd/?lang=ar&author=1
6080. [*] http://www.audit.gov.sd/?lang=ar#masthead
6081. [*] http://www.audit.gov.sd/?p=2197&lang=ar
6082. [*] http://www.audit.gov.sd/?p=2260&lang=ar
6083. [*] http://www.audit.gov.sd/?p=2482&lang=ar
6084. [*] http://www.audit.gov.sd/?p=2737&lang=ar
6085. [*] http://www.audit.gov.sd/?p=3076&lang=ar
6086. [*] http://www.audit.gov.sd/?p=3096&lang=ar
6087. [*] http://www.audit.gov.sd/?p=3098&lang=ar
6088. [*] http://www.audit.gov.sd/?p=3105&lang=ar
6089. [*] http://www.audit.gov.sd/?p=3123&lang=ar
6090. [*] http://www.audit.gov.sd/?p=3133&lang=ar
6091. [*] http://www.audit.gov.sd/?p=3145&lang=ar
6092. [*] http://www.audit.gov.sd/?p=3159&lang=ar
6093. [*] http://www.audit.gov.sd/?p=3169&lang=ar
6094. [*] http://www.audit.gov.sd/?p=3186&lang=ar
6095. [*] http://www.audit.gov.sd/?p=3195&lang=ar
6096. [*] http://www.audit.gov.sd/?p=3206&lang=ar
6097. [*] http://www.audit.gov.sd/?p=3483&lang=ar
6098. [*] http://www.audit.gov.sd/?p=3489&lang=ar
6099. [*] http://www.audit.gov.sd/?p=3500&lang=ar
6100. [*] http://www.audit.gov.sd/?p=3506&lang=ar
6101. [*] http://www.audit.gov.sd/?p=3512&lang=ar
6102. [*] http://www.audit.gov.sd/?p=3524&lang=ar
6103. [*] http://www.audit.gov.sd/?p=3529&lang=ar
6104. [*] http://www.audit.gov.sd/?p=3533&lang=ar
6105. [*] http://www.audit.gov.sd/?p=3538&lang=ar
6106. [*] http://www.audit.gov.sd/?p=3542&lang=ar
6107. [*] http://www.audit.gov.sd/?p=3544&lang=ar
6108. [*] http://www.audit.gov.sd/?p=3551&lang=ar
6109. [*] http://www.audit.gov.sd/?p=3558&lang=ar
6110. [*] http://www.audit.gov.sd/?p=3559&lang=ar
6111. [*] http://www.audit.gov.sd/?p=3564&lang=ar
6112. [*] http://www.audit.gov.sd/?p=3642&lang=ar
6113. [*] http://www.audit.gov.sd/?p=3657&lang=ar
6114. [*] http://www.audit.gov.sd/?p=3686&lang=ar
6115. [*] http://www.audit.gov.sd/?p=3702&lang=ar
6116. [*] http://www.audit.gov.sd/?page_id=212&lang=ar
6117. [*] http://www.audit.gov.sd/?page_id=215&lang=ar
6118. [*] http://www.audit.gov.sd/?page_id=227&lang=ar
6119. [*] http://www.audit.gov.sd/?page_id=232&lang=ar
6120. [*] http://www.audit.gov.sd/?page_id=236&lang=ar
6121. [*] http://www.audit.gov.sd/?page_id=2612&lang=ar
6122. [*] http://www.audit.gov.sd/?page_id=3057&lang=ar
6123. [*] http://www.audit.gov.sd/?page_id=3230&lang=ar
6124. [*] http://www.audit.gov.sd/?page_id=3253&lang=ar
6125. [*] http://www.audit.gov.sd/?page_id=3290&lang=ar
6126. [*] http://www.audit.gov.sd/?page_id=3299&lang=ar
6127. [*] http://www.audit.gov.sd/?page_id=3301&lang=ar
6128. [*] http://www.audit.gov.sd/?page_id=3306&lang=ar
6129. [*] http://www.audit.gov.sd/?page_id=3310&lang=ar
6130. [*] http://www.audit.gov.sd/?page_id=3314&lang=ar
6131. [*] http://www.audit.gov.sd/?page_id=3318&lang=ar
6132. [*] http://www.audit.gov.sd/?page_id=3330&lang=ar
6133. [*] http://www.audit.gov.sd/?page_id=3338&lang=ar
6134. [*] http://www.audit.gov.sd/?page_id=3349&lang=ar
6135. [*] http://www.audit.gov.sd/?page_id=3356&lang=ar
6136. [*] http://www.audit.gov.sd/?page_id=3362&lang=ar
6137. [*] http://www.audit.gov.sd/?page_id=3388&lang=ar
6138. [*] http://www.audit.gov.sd/?page_id=3393&lang=ar
6139. [*] http://www.audit.gov.sd/?page_id=3409&lang=ar
6140. [*] http://www.audit.gov.sd/?page_id=3627&lang=ar
6141. [*] http://www.audit.gov.sd/?page_id=562&lang=ar
6142. [*] http://www.intosai.org/
6143. [INFO] GOOGLE has 47,400,000 results (0.31 seconds) for www.audit.gov.sd about http://www.audit.gov.sd/
6144. [INFO] Shodan detected the following opened ports on 138.128.160.2:
6145. [*] 110
6146. [*] 2082
6147. [*] 2083
6148. [*] 2086
6149. [*] 2087
6150. [*] 21
6151. [*] 443
6152. [*] 465
6153. [*] 53
6154. [*] 587
6155. [*] 80
6156. [*] 995
6157. [INFO] ------VirusTotal SECTION------
6158. [INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
6159. [INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
6160. [INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
6161. [INFO] ------Alexa Rank SECTION------
6162. [INFO] Percent of Visitors Rank in Country:
6163. [INFO] Percent of Search Traffic:
6164. [INFO] Percent of Unique Visits:
6165. [INFO] Total Sites Linking In:
6166. [*] Total Sites
6167. [INFO] Useful links related to www.audit.gov.sd - 138.128.160.2:
6168. [*] https://www.virustotal.com/pt/ip-address/138.128.160.2/information/
6169. [*] https://www.hybrid-analysis.com/search?host=138.128.160.2
6170. [*] https://www.shodan.io/host/138.128.160.2
6171. [*] https://www.senderbase.org/lookup/?search_string=138.128.160.2
6172. [*] https://www.alienvault.com/open-threat-exchange/ip/138.128.160.2
6173. [*] http://pastebin.com/search?q=138.128.160.2
6174. [*] http://urlquery.net/search.php?q=138.128.160.2
6175. [*] http://www.alexa.com/siteinfo/www.audit.gov.sd
6176. [*] http://www.google.com/safebrowsing/diagnostic?site=www.audit.gov.sd
6177. [*] https://censys.io/ipv4/138.128.160.2
6178. [*] https://www.abuseipdb.com/check/138.128.160.2
6179. [*] https://urlscan.io/search/#138.128.160.2
6180. [*] https://github.com/search?q=138.128.160.2&type=Code
6181. [INFO] Useful links related to AS33182 - 138.128.160.0/19:
6182. [*] http://www.google.com/safebrowsing/diagnostic?site=AS:33182
6183. [*] https://www.senderbase.org/lookup/?search_string=138.128.160.0/19
6184. [*] http://bgp.he.net/AS33182
6185. [*] https://stat.ripe.net/AS33182
6186. [INFO] Date: 30/06/19 | Time: 16:34:33
6187. [INFO] Total time: 1 minute(s) and 46 second(s)
6188. #######################################################################################################################################
6189. Anonymous JTSEC #OpSudan Full Recon #97