JTSEC1333

Anonymous JTSEC #OpSudan Full Recon #20

Feb 23rd, 2019
1,458
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. =======================================================================================================================================
  3. Nom de l'hôte scaa.gov.sd FAI SingleHop LLC
  4. Continent Europe Drapeau
  5. BG
  6. Pays Bulgarie Code du pays BG
  7. Région Inconnu Heure locale 22 Feb 2019 05:21 EET
  8. Ville Inconnu Code Postal Inconnu
  9. Adresse IP 77.104.148.191 Latitude 42.7
  10. Longitude 23.333
  11. =======================================================================================================================================
  12. #######################################################################################################################################
  13. > scaa.gov.sd
  14. Server: 38.132.106.139
  15. Address: 38.132.106.139#53
  16.  
  17. Non-authoritative answer:
  18. Name: scaa.gov.sd
  19. Address: 77.104.148.191
  20. >
  21. ######################################################################################################################################
  22. HostIP:77.104.148.191
  23. HostName:scaa.gov.sd
  24.  
  25. Gathered Inet-whois information for 77.104.148.191
  26. ---------------------------------------------------------------------------------------------------------------------------------------
  27.  
  28.  
  29. inetnum: 77.104.148.0 - 77.104.148.255
  30. netname: SG-GETCLOUDER-AMS1
  31. descr: SiteGround Amsterdam
  32. country: NL
  33. geoloc: 52.373091 4.894666
  34. admin-c: MDM-SG
  35. tech-c: MDM-SG
  36. status: ASSIGNED PA
  37. language: EN
  38. mnt-by: YANI-SG
  39. mnt-by: MDM-SG
  40. created: 2016-02-08T08:45:30Z
  41. last-modified: 2016-05-16T15:27:32Z
  42. source: RIPE
  43. mnt-domains: MDM-SG
  44. mnt-domains: YANI-SG
  45.  
  46. person: Marian Marinov
  47. address: Racho Petkov Kazandjiata 8, Floor 3, SiteGround
  48. phone: +442071839093
  49. nic-hdl: MDM-SG
  50. mnt-by: MDM-SG
  51. created: 2014-04-29T15:50:14Z
  52. last-modified: 2017-10-30T22:34:57Z
  53. source: RIPE # Filtered
  54.  
  55. % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
  56.  
  57.  
  58.  
  59. Gathered Inic-whois information for scaa.gov.sd
  60. ---------------------------------------------------------------------------------------------------------------------------------------
  61. Error: Unable to connect - Invalid Host
  62. ERROR: Connection to InicWhois Server sd.whois-servers.net failed
  63. close error
  64.  
  65. Gathered Netcraft information for scaa.gov.sd
  66. ---------------------------------------------------------------------------------------------------------------------------------------
  67.  
  68. Retrieving Netcraft.com information for scaa.gov.sd
  69. Netcraft.com Information gathered
  70.  
  71. Gathered Subdomain information for scaa.gov.sd
  72. ---------------------------------------------------------------------------------------------------------------------------------------
  73. Searching Google.com:80...
  74. HostName:www.scaa.gov.sd
  75. HostIP:77.104.148.191
  76. Searching Altavista.com:80...
  77. Found 1 possible subdomain(s) for host scaa.gov.sd, Searched 0 pages containing 0 results
  78.  
  79. Gathered E-Mail information for scaa.gov.sd
  80. ---------------------------------------------------------------------------------------------------------------------------------------
  81. Searching Google.com:80...
  82. Searching Altavista.com:80...
  83. Found 0 E-Mail(s) for host scaa.gov.sd, Searched 0 pages containing 0 results
  84.  
  85. Gathered TCP Port information for 77.104.148.191
  86. ---------------------------------------------------------------------------------------------------------------------------------------
  87.  
  88. Port State
  89.  
  90. 21/tcp open
  91. 53/tcp open
  92. 80/tcp open
  93. 110/tcp open
  94. 143/tcp open
  95.  
  96. Portscan Finished: Scanned 150 ports, 3 ports were in state closed
  97. #######################################################################################################################################
  98. [i] Scanning Site: http://scaa.gov.sd
  99.  
  100.  
  101.  
  102. B A S I C I N F O
  103. =======================================================================================================================================
  104.  
  105.  
  106. [+] Site Title: سلطة الطيران المدني السوداني
  107. [+] IP address: 77.104.148.191
  108. [+] Web Server: Could Not Detect
  109. [+] CMS: Could Not Detect
  110. [+] Cloudflare: Not Detected
  111. [+] Robots File: Could NOT Find robots.txt!
  112.  
  113.  
  114.  
  115.  
  116.  
  117.  
  118. G E O I P L O O K U P
  119. =======================================================================================================================================
  120.  
  121. [i] IP Address: 77.104.148.191
  122. [i] Country: Bulgaria
  123. [i] State:
  124. [i] City:
  125. [i] Latitude: 42.7
  126. [i] Longitude: 23.3333
  127.  
  128.  
  129.  
  130.  
  131. H T T P H E A D E R S
  132. =======================================================================================================================================
  133.  
  134.  
  135. [i] HTTP/1.1 301 Moved Permanently
  136. [i] Date: Fri, 22 Feb 2019 03:57:08 GMT
  137. [i] Content-Type: text/html; charset=iso-8859-1
  138. [i] Content-Length: 247
  139. [i] Location: http://scaa.gov.sd/ar/index.php?lang=ar
  140. [i] X-Proxy-Cache: MISS
  141. [i] Connection: close
  142. [i] HTTP/1.1 200 OK
  143. [i] Date: Fri, 22 Feb 2019 03:57:09 GMT
  144. [i] Content-Type: text/html; charset=utf-8
  145. [i] X-Logged-In: False
  146. [i] P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
  147. [i] Expires: Mon, 1 Jan 2001 00:00:00 GMT
  148. [i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
  149. [i] Pragma: no-cache
  150. [i] Set-Cookie: 937a8f567f756e71298afb0f19cf45b1=d0b648uitui2rore2a2nn7q375; path=/; HttpOnly
  151. [i] Set-Cookie: 5e81dc5b543146e75bc6d01f3f6ed972=ar-AA; path=/
  152. [i] Set-Cookie: 5e81dc5b543146e75bc6d01f3f6ed972=ar-AA
  153. [i] Set-Cookie: sj_lifemag_tpl=sj_lifemag; expires=Wed, 12-Feb-2020 03:57:09 GMT; Max-Age=30672000; path=/
  154. [i] Last-Modified: Fri, 22 Feb 2019 03:57:09 GMT
  155. [i] Host-Header: 192fc2e7e50945beb8231a492d6a8024
  156. [i] X-Proxy-Cache: MISS
  157. [i] Connection: close
  158.  
  159.  
  160.  
  161.  
  162. D N S L O O K U P
  163. =======================================================================================================================================
  164.  
  165. scaa.gov.sd. 3599 IN MX 30 mx30.mailspamprotection.com.
  166. scaa.gov.sd. 3599 IN MX 10 mx10.mailspamprotection.com.
  167. scaa.gov.sd. 3599 IN MX 20 mx20.mailspamprotection.com.
  168. scaa.gov.sd. 21599 IN SOA ns1.esm11.siteground.biz. dnsadmin.esm11.siteground.biz. 2017061910 3600 7200 1209600 86400
  169. scaa.gov.sd. 21599 IN NS ns1.esm11.siteground.biz.
  170. scaa.gov.sd. 21599 IN NS ns2.esm11.siteground.biz.
  171. scaa.gov.sd. 14399 IN A 77.104.148.191
  172.  
  173.  
  174.  
  175.  
  176. S U B N E T C A L C U L A T I O N
  177. =======================================================================================================================================
  178.  
  179. Address = 77.104.148.191
  180. Network = 77.104.148.191 / 32
  181. Netmask = 255.255.255.255
  182. Broadcast = not needed on Point-to-Point links
  183. Wildcard Mask = 0.0.0.0
  184. Hosts Bits = 0
  185. Max. Hosts = 1 (2^0 - 0)
  186. Host Range = { 77.104.148.191 - 77.104.148.191 }
  187.  
  188.  
  189.  
  190. N M A P P O R T S C A N
  191. =======================================================================================================================================
  192.  
  193.  
  194. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-22 03:57 UTC
  195. Nmap scan report for scaa.gov.sd (77.104.148.191)
  196. Host is up (0.075s latency).
  197. rDNS record for 77.104.148.191: ip-77-104-148-191.siteground.com
  198. PORT STATE SERVICE
  199. 21/tcp open ftp
  200. 22/tcp filtered ssh
  201. 23/tcp filtered telnet
  202. 80/tcp open http
  203. 110/tcp open pop3
  204. 143/tcp open imap
  205. 443/tcp open https
  206. 3389/tcp filtered ms-wbt-server
  207.  
  208. Nmap done: 1 IP address (1 host up) scanned in 1.47 seconds
  209. #######################################################################################################################################
  210. [?] Enter the target: example( http://domain.com )
  211. http://scaa.gov.sd/ar/index.php?lang=ar
  212. [!] IP Address : 77.104.148.191
  213. [!] scaa.gov.sd doesn't seem to use a CMS
  214. [+] Honeypot Probabilty: 30%
  215. ---------------------------------------------------------------------------------------------------------------------------------------
  216. [~] Trying to gather whois information for scaa.gov.sd
  217. [+] Whois information found
  218. [-] Unable to build response, visit https://who.is/whois/scaa.gov.sd
  219. ---------------------------------------------------------------------------------------------------------------------------------------
  220. PORT STATE SERVICE
  221. 21/tcp open ftp
  222. 22/tcp filtered ssh
  223. 23/tcp filtered telnet
  224. 80/tcp open http
  225. 110/tcp open pop3
  226. 143/tcp open imap
  227. 443/tcp open https
  228. 3389/tcp filtered ms-wbt-server
  229. Nmap done: 1 IP address (1 host up) scanned in 1.46 seconds
  230. ---------------------------------------------------------------------------------------------------------------------------------------
  231.  
  232. [+] DNS Records
  233. ns1.esm11.siteground.biz. (77.104.148.204) AS32475 SingleHop, Inc. Bulgaria
  234. ns2.esm11.siteground.biz. (109.199.123.195) AS32475 SingleHop, Inc. United States
  235.  
  236. [+] MX Records
  237. 20 (107.6.149.11) AS32475 SingleHop, Inc. United States
  238.  
  239. [+] MX Records
  240. 30 (184.154.58.228) AS32475 SingleHop, Inc. United States
  241.  
  242. [+] MX Records
  243. 10 (108.163.220.50) AS32475 SingleHop, Inc. United States
  244.  
  245. [+] Host Records (A)
  246. scaa.gov.sdHTTP: (ip-77-104-148-191.siteground.com) (77.104.148.191) AS32475 SingleHop, Inc. Bulgaria
  247.  
  248. [+] TXT Records
  249.  
  250. [+] DNS Map: https://dnsdumpster.com/static/map/scaa.gov.sd.png
  251.  
  252. [>] Initiating 3 intel modules
  253. [>] Loading Alpha module (1/3)
  254. [>] Beta module deployed (2/3)
  255. [>] Gamma module initiated (3/3)
  256.  
  257.  
  258. [+] Emails found:
  259. ---------------------------------------------------------------------------------------------------------------------------------------
  260. abas@scaa.gov.sd
  261. aishayder@scaa.gov.sd
  262. aishaydir@scaa.gov.sd
  263. aiw@scaa.gov.sd
  264. ashraf@scaa.gov.sd
  265. avsecinspection@scaa.gov.sd
  266. emahgoub@scaa.gov.sd
  267. info@scaa.gov.sd
  268. ops@scaa.gov.sd
  269. pixel-1550807831755068-web-@scaa.gov.sd
  270. pixel-1550807835813295-web-@scaa.gov.sd
  271. pr@scaa.gov.sd
  272. sami@scaa-gov.sd
  273. yahia@scaa.gov.sd
  274.  
  275. [+] Hosts found in search engines:
  276. ---------------------------------------------------------------------------------------------------------------------------------------
  277. [-] Resolving hostnames IPs...
  278. 77.104.148.191:www.scaa.gov.sd
  279. [+] Virtual hosts:
  280. ---------------------------------------------------------------------------------------------------------------------------------------
  281. #######################################################################################################################################
  282. Enter Address Website = scaa.gov.sd
  283.  
  284.  
  285.  
  286. Reversing IP With HackTarget 'scaa.gov.sd'
  287. ---------------------------------------------------------------------------------------------------------------------------------------
  288.  
  289. [+] 1973.gr
  290. [+] 22410.gr
  291. [+] adriaticchristianacademy.org
  292. [+] alberione.org
  293. [+] allcam.be
  294. [+] allcambe.lukasdashcam.com
  295. [+] allcam.lukasdashcam.com
  296. [+] allcam.nl
  297. [+] altrememorie.it
  298. [+] amritnam.nl
  299. [+] apply.zeroidee.com
  300. [+] aquarianconsultant.com
  301. [+] associazionemodo.it
  302. [+] awakenedman.nl
  303. [+] bdk-enterprises.com
  304. [+] beautybymissl.com
  305. [+] blogg.trollmatcha.no
  306. [+] boardcamera.lukasdashcam.com
  307. [+] boardcamera.nl
  308. [+] bookagree.com
  309. [+] christmaseat.nl
  310. [+] ciglio.no
  311. [+] creditcentral.startpad.hu
  312. [+] dadamachines.com
  313. [+] digitalhverdag.media
  314. [+] digitalt.digitalhverdag.media
  315. [+] en.lagoon.fi
  316. [+] evergreensystem.de-web.biz
  317. [+] experts.optime-media.fr
  318. [+] famigliapaolina.net
  319. [+] fantasticallyfitfemale.com
  320. [+] fastique.de
  321. [+] gurudeva.nl
  322. [+] heartfirstyoga2.kundalini.rocks
  323. [+] heartfirstyoga.com
  324. [+] heartfirstyoga.de
  325. [+] heartfirstyoga.nl
  326. [+] horvathkerttervezes.startpad.hu
  327. [+] ingatlan.startpad.hu
  328. [+] internirossi.it
  329. [+] jelacicsailing.com
  330. [+] jelmarmanuel.com
  331. [+] kazi.lisensfri.no
  332. [+] kazi.no
  333. [+] kundalini.rocks
  334. [+] kundaliniyoga.rocks
  335. [+] lagooncharter.fi
  336. [+] lagooncharter.yachtsagent.com
  337. [+] lagoon.fi
  338. [+] lagoon.yachtsagent.com
  339. [+] leggermente.it
  340. [+] lemartinet.org
  341. [+] lhtravel.startpad.hu
  342. [+] lisensfri.no
  343. [+] lukasdashcam.com
  344. [+] mannenyoga.nl
  345. [+] mantrawheel.com
  346. [+] mantrawiel.nl
  347. [+] mathijskruit.nl
  348. [+] mbv-versicherungen.de
  349. [+] mled.no
  350. [+] mta-sts.lisensfri.no
  351. [+] net-inside.fr
  352. [+] nidplatform.it
  353. [+] optime-media.fr
  354. [+] pirogimbal.com
  355. [+] relubo.com
  356. [+] relubo.lukasdashcam.com
  357. [+] risonanzefestival.com
  358. [+] roamingcamelsmorocco.com
  359. [+] sadakofficial.com
  360. [+] sailboatrc.com
  361. [+] scaa.gov.sd
  362. [+] seo.startpad.hu
  363. [+] sinapis.no
  364. [+] solarlab.se
  365. [+] soluzionilab.it
  366. [+] staging2.lemartinet.org
  367. [+] staging3.lemartinet.org
  368. [+] staging3.nidplatform.it
  369. [+] staging6.szicsekpalinka.co.uk
  370. [+] sunseurope.com
  371. [+] supermercatikanguro.it
  372. [+] szicsekpalinka.startpad.hu
  373. [+] tawirisahara.com
  374. [+] teentoteen.it
  375. [+] teknologiq.no
  376. [+] teknologiq.se
  377. [+] terminal-festival.com
  378. [+] terminal-festival.it
  379. [+] themultigroup.com
  380. [+] tito-expressbv.nl
  381. [+] tlccrowd.com
  382. [+] trollmatcha.no
  383. [+] trollmatcha.se
  384. [+] tuseiqui.eu
  385. [+] waspmedia.org
  386. [+] www.allcambe.lukasdashcam.com
  387. [+] www.allcam.lukasdashcam.com
  388. [+] www.apply.zeroidee.com
  389. [+] www.aventio.de
  390. [+] www.blogg.trollmatcha.no
  391. [+] www.boardcamera.lukasdashcam.com
  392. [+] www.creditcentral.startpad.hu
  393. [+] www.digitalt.digitalhverdag.media
  394. [+] www.heartfirstyoga2.kundalini.rocks
  395. [+] www.horvathkerttervezes.startpad.hu
  396. [+] www.ingatlan.startpad.hu
  397. [+] www.kazi.lisensfri.no
  398. [+] www.kertepito.startpad.hu
  399. [+] www.kundalini.rocks
  400. [+] www.lagooncharter.yachtsagent.com
  401. [+] www.lagoon.yachtsagent.com
  402. [+] www.lemartinet.org
  403. [+] www.lhtravel.startpad.hu
  404. [+] www.lisensfri.no
  405. [+] www.mantrawiel.nl
  406. [+] www.mbv-versicherungen.de
  407. [+] www.muhely1.startpad.hu
  408. [+] www.relubo.lukasdashcam.com
  409. [+] www.seo.startpad.hu
  410. [+] www.staging2.lemartinet.org
  411. [+] www.staging3.lemartinet.org
  412. [+] www.staging3.nidplatform.it
  413. [+] www.szicsekpalinka.startpad.hu
  414. [+] www.yogalocal.net
  415. [+] yachtsagent.com
  416. [+] yogalocal.net
  417. [+] zeroidee.com
  418. #######################################################################################################################################
  419.  
  420. Reverse IP With YouGetSignal 'scaa.gov.sd'
  421. ---------------------------------------------------------------------------------------------------------------------------------------
  422.  
  423. [*] IP: 77.104.148.191
  424. [*] Domain: scaa.gov.sd
  425. [*] Total Domains: 1
  426.  
  427. [+] scaa.gov.sd
  428. #######################################################################################################################################
  429.  
  430. Geo IP Lookup 'scaa.gov.sd'
  431. ---------------------------------------------------------------------------------------------------------------------------------------
  432.  
  433. [+] IP Address: 77.104.148.191
  434. [+] Country: Bulgaria
  435. [+] State:
  436. [+] City:
  437. [+] Latitude: 42.7
  438. [+] Longitude: 23.3333
  439. #######################################################################################################################################
  440.  
  441. Bypass Cloudflare 'scaa.gov.sd'
  442. ---------------------------------------------------------------------------------------------------------------------------------------
  443.  
  444. [!] CloudFlare Bypass 77.104.148.204 | ftp.scaa.gov.sd
  445. [!] CloudFlare Bypass 77.104.148.191 | cpanel.scaa.gov.sd
  446. [!] CloudFlare Bypass 77.104.148.191 | webmail.scaa.gov.sd
  447. [!] CloudFlare Bypass 77.104.148.191 | mail.scaa.gov.sd
  448. [!] CloudFlare Bypass 77.104.148.191 | www.scaa.gov.sd
  449. #######################################################################################################################################
  450.  
  451. DNS Lookup 'scaa.gov.sd'
  452. ---------------------------------------------------------------------------------------------------------------------------------------
  453.  
  454. [+] scaa.gov.sd. 3599 IN MX 30 mx30.mailspamprotection.com.
  455. [+] scaa.gov.sd. 3599 IN MX 10 mx10.mailspamprotection.com.
  456. [+] scaa.gov.sd. 3599 IN MX 20 mx20.mailspamprotection.com.
  457. [+] scaa.gov.sd. 21599 IN SOA ns1.esm11.siteground.biz. dnsadmin.esm11.siteground.biz. 2017061910 3600 7200 1209600 86400
  458. [+] scaa.gov.sd. 21599 IN NS ns2.esm11.siteground.biz.
  459. [+] scaa.gov.sd. 21599 IN NS ns1.esm11.siteground.biz.
  460. [+] scaa.gov.sd. 14399 IN A 77.104.148.191
  461. #######################################################################################################################################
  462.  
  463. Show HTTP Header 'scaa.gov.sd'
  464. ---------------------------------------------------------------------------------------------------------------------------------------
  465.  
  466. [+] HTTP/1.1 301 Moved Permanently
  467. [+] Server: nginx
  468. [+] Date: Fri, 22 Feb 2019 03:56:54 GMT
  469. [+] Content-Type: text/html; charset=iso-8859-1
  470. [+] Connection: keep-alive
  471. [+] Location: http://scaa.gov.sd/ar/index.php?lang=ar
  472. #######################################################################################################################################
  473.  
  474. Port Scan 'scaa.gov.sd'
  475. ---------------------------------------------------------------------------------------------------------------------------------------
  476.  
  477.  
  478. Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-22 03:56 UTC
  479. Nmap scan report for scaa.gov.sd (77.104.148.191)
  480. Host is up (0.075s latency).
  481. rDNS record for 77.104.148.191: ip-77-104-148-191.siteground.com
  482. PORT STATE SERVICE
  483. 21/tcp open ftp
  484. 22/tcp filtered ssh
  485. 23/tcp filtered telnet
  486. 80/tcp open http
  487. 110/tcp open pop3
  488. 143/tcp open imap
  489. 443/tcp open https
  490. 3389/tcp filtered ms-wbt-server
  491.  
  492. Nmap done: 1 IP address (1 host up) scanned in 1.83 seconds
  493. #######################################################################################################################################
  494.  
  495. Traceroute 'scaa.gov.sd'
  496. ---------------------------------------------------------------------------------------------------------------------------------------
  497.  
  498. Start: 2019-02-22T03:57:01+0000
  499. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  500. 1.|-- 45.79.12.201 0.0% 3 0.6 0.8 0.6 1.2 0.3
  501. 2.|-- 45.79.12.4 0.0% 3 0.9 0.7 0.5 0.9 0.2
  502. 3.|-- dls-b22-link.telia.net 0.0% 3 1.2 1.0 0.9 1.2 0.2
  503. 4.|-- dls-b21-link.telia.net 0.0% 3 10.1 4.6 1.3 10.1 4.8
  504. 5.|-- abovenet-ic-311233-dls-b21.c.telia.net 0.0% 3 3.5 2.0 1.1 3.5 1.4
  505. 6.|-- ae28.cs1.dfw2.us.zip.zayo.com 0.0% 3 111.6 111.7 111.6 111.9 0.2
  506. 7.|-- ae5.cs1.iah1.us.eth.zayo.com 0.0% 3 126.0 126.3 126.0 126.6 0.3
  507. 8.|-- ae3.cs1.dca2.us.eth.zayo.com 0.0% 3 126.0 126.0 126.0 126.1 0.1
  508. 9.|-- ae4.cs1.lga5.us.eth.zayo.com 0.0% 3 135.5 134.7 118.2 150.5 16.2
  509. 10.|-- ae5.cs1.lhr11.uk.eth.zayo.com 0.0% 3 129.5 127.0 125.8 129.5 2.1
  510. 11.|-- ae0.cs1.lhr15.uk.eth.zayo.com 0.0% 3 119.2 126.4 119.2 140.6 12.3
  511. 12.|-- ae2.cs1.ams10.nl.eth.zayo.com 0.0% 3 119.7 119.8 119.7 119.9 0.1
  512. 13.|-- ae1.mcs1.ams10.nl.eth.zayo.com 0.0% 3 115.3 115.0 114.9 115.3 0.3
  513. 14.|-- ae5.mpr1.ams13.nl.zip.zayo.com 0.0% 3 114.8 115.0 114.8 115.4 0.3
  514. 15.|-- 94.31.42.122.IPYX-073272-001-ZYO.above.net 0.0% 3 125.7 125.8 125.7 126.1 0.2
  515. 16.|-- ip-77-104-148-191.siteground.com 0.0% 3 112.5 112.6 112.5 112.8 0.2
  516. #######################################################################################################################################
  517.  
  518. Ping 'scaa.gov.sd'
  519. ---------------------------------------------------------------------------------------------------------------------------------------
  520.  
  521.  
  522. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-02-22 03:57 UTC
  523. SENT (0.1480s) ICMP [104.237.144.6 > 77.104.148.191 Echo request (type=8/code=0) id=20764 seq=1] IP [ttl=64 id=32487 iplen=28 ]
  524. RCVD (0.3507s) ICMP [77.104.148.191 > 104.237.144.6 Echo reply (type=0/code=0) id=20764 seq=1] IP [ttl=52 id=13783 iplen=28 ]
  525. SENT (1.1482s) ICMP [104.237.144.6 > 77.104.148.191 Echo request (type=8/code=0) id=20764 seq=3] IP [ttl=64 id=32487 iplen=28 ]
  526. RCVD (1.3707s) ICMP [77.104.148.191 > 104.237.144.6 Echo reply (type=0/code=0) id=20764 seq=3] IP [ttl=52 id=14416 iplen=28 ]
  527. SENT (2.1499s) ICMP [104.237.144.6 > 77.104.148.191 Echo request (type=8/code=0) id=20764 seq=3] IP [ttl=64 id=32487 iplen=28 ]
  528. RCVD (2.3907s) ICMP [77.104.148.191 > 104.237.144.6 Echo reply (type=0/code=0) id=20764 seq=3] IP [ttl=52 id=15249 iplen=28 ]
  529. SENT (3.1519s) ICMP [104.237.144.6 > 77.104.148.191 Echo request (type=8/code=0) id=20764 seq=4] IP [ttl=64 id=32487 iplen=28 ]
  530. RCVD (3.4107s) ICMP [77.104.148.191 > 104.237.144.6 Echo reply (type=0/code=0) id=20764 seq=4] IP [ttl=52 id=15942 iplen=28 ]
  531.  
  532. Max rtt: 259.058ms | Min rtt: 203.014ms | Avg rtt: 231.421ms
  533. Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
  534. Nping done: 1 IP address pinged in 3.41 seconds
  535. #######################################################################################################################################
  536. ; <<>> DiG 9.11.5-P1-2-Debian <<>> scaa.gov.sd
  537. ;; global options: +cmd
  538. ;; Got answer:
  539. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12550
  540. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  541.  
  542. ;; OPT PSEUDOSECTION:
  543. ; EDNS: version: 0, flags:; udp: 4096
  544. ;; QUESTION SECTION:
  545. ;scaa.gov.sd. IN A
  546.  
  547. ;; ANSWER SECTION:
  548. scaa.gov.sd. 13249 IN A 77.104.148.191
  549.  
  550. ;; Query time: 35 msec
  551. ;; SERVER: 38.132.106.139#53(38.132.106.139)
  552. ;; WHEN: sam fév 23 03:38:59 EST 2019
  553. ;; MSG SIZE rcvd: 56
  554. #######################################################################################################################################
  555. ; <<>> DiG 9.11.5-P1-2-Debian <<>> +trace scaa.gov.sd
  556. ;; global options: +cmd
  557. . 81861 IN NS b.root-servers.net.
  558. . 81861 IN NS m.root-servers.net.
  559. . 81861 IN NS k.root-servers.net.
  560. . 81861 IN NS j.root-servers.net.
  561. . 81861 IN NS i.root-servers.net.
  562. . 81861 IN NS g.root-servers.net.
  563. . 81861 IN NS l.root-servers.net.
  564. . 81861 IN NS a.root-servers.net.
  565. . 81861 IN NS f.root-servers.net.
  566. . 81861 IN NS d.root-servers.net.
  567. . 81861 IN NS e.root-servers.net.
  568. . 81861 IN NS h.root-servers.net.
  569. . 81861 IN NS c.root-servers.net.
  570. . 81861 IN RRSIG NS 8 0 518400 20190308050000 20190223040000 16749 . JQeMGgmm0+LV3FW5wHpe975hhAP4/zE9iLeXH/YcrsuZAgpk5gTYdZ6e SR/JC5tJOOsU9CPqO2WhNf5bcjAbYmkt/sioFOR3xQpjvHIfBGqRiWBZ YaBGcAylp8JxqK5Y+CzZAaCKq8hRAmD0YSTL8Yd6/6RQEitkLQ2u+38R qK4T+kfuCd62q7eC34/+q14Ckrh4kIO4A2H/VkfQcwBbknyQtfyiJmMM jDlaujc2oHONbfbbKTaG77i3mNBxRkuaFx6vJ/UQjstxtK4k/pS0jUK3 MO7TPYRWP9LG3VCHyQLUVLMWE/Fe3l2LxyfoQ5BXSrolsnkTfvDQgVI6 h1d8XA==
  571. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 32 ms
  572.  
  573. sd. 172800 IN NS sd.cctld.authdns.ripe.net.
  574. sd. 172800 IN NS ns1.uaenic.ae.
  575. sd. 172800 IN NS ns2.uaenic.ae.
  576. sd. 172800 IN NS ans1.sis.sd.
  577. sd. 172800 IN NS ans1.canar.sd.
  578. sd. 172800 IN NS ans2.canar.sd.
  579. sd. 172800 IN NS ns-sd.afrinic.net.
  580. sd. 86400 IN NSEC se. NS RRSIG NSEC
  581. sd. 86400 IN RRSIG NSEC 8 1 86400 20190308050000 20190223040000 16749 . Otzo1k4hYXEQuqSyxCH0ju6ESXmE8lnmmfbQGZbhRD2LfB1sfKpftrPP S/fOpZB8EIaR+RYL7JUPpEG01aaKeoPTbLdzHx5/wIEFTl82+WXJ+10H DAxS8V0z+AtmJZQZyuCJyBFohx7CH1AB/vDYExd0iuq5U5ACXS/RpsgI TLt3OjPxvsuQzS3JI/T19nW17HQ1WE45EJRFmI3pv44wy2dpnzkyn67d Yq9ov/Ng+RoyKXl1O0LD48h1EGv5SWV93q8l4JMHV74GwkRRjPs3hJfo jWPcn1UWTG8lbeLKuWsgahFwK7/3JdlJUUFuWCEzwt+2fF5NqwRoXgVA Ed+mNw==
  582. ;; Received 698 bytes from 2001:500:9f::42#53(l.root-servers.net) in 39 ms
  583.  
  584. scaa.gov.sd. 14400 IN NS ns1.esm11.siteground.biz.
  585. scaa.gov.sd. 14400 IN NS ns2.esm11.siteground.biz.
  586. ;; Received 96 bytes from 196.29.166.134#53(ans1.sis.sd) in 204 ms
  587.  
  588. scaa.gov.sd. 14400 IN A 77.104.148.191
  589. scaa.gov.sd. 86400 IN NS ns1.esm11.siteground.biz.
  590. scaa.gov.sd. 86400 IN NS ns2.esm11.siteground.biz.
  591. ;; Received 144 bytes from 77.104.148.204#53(ns1.esm11.siteground.biz) in 102 ms
  592. #######################################################################################################################################
  593. [*] Performing General Enumeration of Domain: scaa.gov.sd
  594. [-] DNSSEC is not configured for scaa.gov.sd
  595. [*] SOA ns1.esm11.siteground.biz 77.104.148.204
  596. [*] NS ns1.esm11.siteground.biz 77.104.148.204
  597. [*] Bind Version for 77.104.148.204 donuts
  598. [*] NS ns2.esm11.siteground.biz 109.199.123.195
  599. [*] Bind Version for 109.199.123.195 donuts
  600. [*] MX mx20.mailspamprotection.com 108.163.228.171
  601. [*] MX mx20.mailspamprotection.com 184.154.177.51
  602. [*] MX mx20.mailspamprotection.com 108.178.14.82
  603. [*] MX mx20.mailspamprotection.com 96.127.190.3
  604. [*] MX mx20.mailspamprotection.com 108.163.201.227
  605. [*] MX mx20.mailspamprotection.com 108.163.220.51
  606. [*] MX mx20.mailspamprotection.com 184.154.48.171
  607. [*] MX mx20.mailspamprotection.com 184.154.208.35
  608. [*] MX mx20.mailspamprotection.com 96.127.176.251
  609. [*] MX mx20.mailspamprotection.com 69.175.69.91
  610. [*] MX mx20.mailspamprotection.com 184.154.136.82
  611. [*] MX mx20.mailspamprotection.com 108.178.13.115
  612. [*] MX mx20.mailspamprotection.com 184.154.58.227
  613. [*] MX mx20.mailspamprotection.com 107.6.149.11
  614. [*] MX mx10.mailspamprotection.com 108.163.201.226
  615. [*] MX mx10.mailspamprotection.com 108.163.228.170
  616. [*] MX mx10.mailspamprotection.com 99.198.97.42
  617. [*] MX mx10.mailspamprotection.com 107.6.129.66
  618. [*] MX mx10.mailspamprotection.com 184.154.177.50
  619. [*] MX mx10.mailspamprotection.com 69.175.69.90
  620. [*] MX mx10.mailspamprotection.com 108.163.220.50
  621. [*] MX mx10.mailspamprotection.com 96.127.176.250
  622. [*] MX mx10.mailspamprotection.com 107.6.149.10
  623. [*] MX mx10.mailspamprotection.com 96.127.190.2
  624. [*] MX mx10.mailspamprotection.com 184.154.48.170
  625. [*] MX mx10.mailspamprotection.com 108.178.13.114
  626. [*] MX mx10.mailspamprotection.com 184.154.58.226
  627. [*] MX mx10.mailspamprotection.com 184.154.208.34
  628. [*] MX mx30.mailspamprotection.com 108.178.14.83
  629. [*] MX mx30.mailspamprotection.com 69.175.69.92
  630. [*] MX mx30.mailspamprotection.com 107.6.149.12
  631. [*] MX mx30.mailspamprotection.com 96.127.190.4
  632. [*] MX mx30.mailspamprotection.com 184.154.58.228
  633. [*] MX mx30.mailspamprotection.com 108.163.228.172
  634. [*] MX mx30.mailspamprotection.com 108.163.201.228
  635. [*] MX mx30.mailspamprotection.com 96.127.176.252
  636. [*] MX mx30.mailspamprotection.com 184.154.136.83
  637. [*] MX mx30.mailspamprotection.com 184.154.208.36
  638. [*] MX mx30.mailspamprotection.com 108.178.13.116
  639. [*] MX mx30.mailspamprotection.com 184.154.177.52
  640. [*] MX mx30.mailspamprotection.com 108.163.220.52
  641. [*] MX mx30.mailspamprotection.com 184.154.48.172
  642. [*] A scaa.gov.sd 77.104.148.191
  643. [*] TXT _domainkey.scaa.gov.sd v=DKIM1; o=~
  644. [*] Enumerating SRV Records
  645. [-] No SRV Records Found for scaa.gov.sd
  646. [+] 0 Records Found
  647. #######################################################################################################################################
  648. [*] Processing domain scaa.gov.sd
  649. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2', '205.151.67.6', '205.151.67.34', '205.151.67.2']
  650. [+] Getting nameservers
  651. 77.104.148.204 - ns1.esm11.siteground.biz
  652. 109.199.123.195 - ns2.esm11.siteground.biz
  653. [-] Zone transfer failed
  654.  
  655. [+] MX records found, added to target list
  656. 20 mx20.mailspamprotection.com.
  657. 10 mx10.mailspamprotection.com.
  658. 30 mx30.mailspamprotection.com.
  659.  
  660. [*] Scanning scaa.gov.sd for A records
  661. 77.104.148.191 - scaa.gov.sd
  662. 77.104.148.191 - cpanel.scaa.gov.sd
  663. 77.104.148.204 - ftp.scaa.gov.sd
  664. 77.104.148.191 - mail.scaa.gov.sd
  665. 77.104.148.191 - webmail.scaa.gov.sd
  666. 77.104.148.191 - webdisk.scaa.gov.sd
  667. 77.104.148.191 - whm.scaa.gov.sd
  668. 77.104.148.191 - www.scaa.gov.sd
  669. #######################################################################################################################################
  670. dnsenum VERSION:1.2.4
  671.  
  672. ----- scaa.gov.sd -----
  673.  
  674.  
  675. Host's addresses:
  676. __________________
  677.  
  678. scaa.gov.sd. 14399 IN A 77.104.148.191
  679.  
  680.  
  681. Name Servers:
  682. ______________
  683.  
  684. ns1.esm11.siteground.biz. 14399 IN A 77.104.148.204
  685. ns2.esm11.siteground.biz. 14399 IN A 109.199.123.195
  686.  
  687.  
  688. Mail (MX) Servers:
  689. ___________________
  690.  
  691. mx20.mailspamprotection.com. 30 IN A 96.127.176.251
  692. mx20.mailspamprotection.com. 30 IN A 107.6.149.11
  693. mx20.mailspamprotection.com. 30 IN A 108.163.228.171
  694. mx20.mailspamprotection.com. 30 IN A 184.154.177.51
  695. mx20.mailspamprotection.com. 30 IN A 108.163.201.227
  696. mx20.mailspamprotection.com. 30 IN A 96.127.190.3
  697. mx20.mailspamprotection.com. 30 IN A 184.154.58.227
  698. mx20.mailspamprotection.com. 30 IN A 184.154.208.35
  699. mx20.mailspamprotection.com. 30 IN A 108.178.13.115
  700. mx20.mailspamprotection.com. 30 IN A 69.175.69.91
  701. mx20.mailspamprotection.com. 30 IN A 184.154.136.82
  702. mx20.mailspamprotection.com. 30 IN A 108.163.220.51
  703. mx20.mailspamprotection.com. 30 IN A 184.154.48.171
  704. mx20.mailspamprotection.com. 30 IN A 108.178.14.82
  705. mx10.mailspamprotection.com. 30 IN A 184.154.208.34
  706. mx10.mailspamprotection.com. 30 IN A 107.6.129.66
  707. mx10.mailspamprotection.com. 30 IN A 184.154.177.50
  708. mx10.mailspamprotection.com. 30 IN A 108.163.201.226
  709. mx10.mailspamprotection.com. 30 IN A 108.163.228.170
  710. mx10.mailspamprotection.com. 30 IN A 184.154.48.170
  711. mx10.mailspamprotection.com. 30 IN A 184.154.58.226
  712. mx10.mailspamprotection.com. 30 IN A 96.127.176.250
  713. mx10.mailspamprotection.com. 30 IN A 107.6.149.10
  714. mx10.mailspamprotection.com. 30 IN A 69.175.69.90
  715. mx10.mailspamprotection.com. 30 IN A 96.127.190.2
  716. mx10.mailspamprotection.com. 30 IN A 99.198.97.42
  717. mx10.mailspamprotection.com. 30 IN A 108.178.13.114
  718. mx10.mailspamprotection.com. 30 IN A 108.163.220.50
  719. mx30.mailspamprotection.com. 30 IN A 184.154.48.172
  720. mx30.mailspamprotection.com. 30 IN A 108.163.228.172
  721. mx30.mailspamprotection.com. 30 IN A 184.154.208.36
  722. mx30.mailspamprotection.com. 30 IN A 69.175.69.92
  723. mx30.mailspamprotection.com. 30 IN A 108.163.201.228
  724. mx30.mailspamprotection.com. 30 IN A 184.154.136.83
  725. mx30.mailspamprotection.com. 30 IN A 96.127.176.252
  726. mx30.mailspamprotection.com. 30 IN A 108.178.14.83
  727. mx30.mailspamprotection.com. 30 IN A 107.6.149.12
  728. mx30.mailspamprotection.com. 30 IN A 184.154.58.228
  729. mx30.mailspamprotection.com. 30 IN A 96.127.190.4
  730. mx30.mailspamprotection.com. 30 IN A 108.178.13.116
  731. mx30.mailspamprotection.com. 30 IN A 108.163.220.52
  732. mx30.mailspamprotection.com. 30 IN A 184.154.177.52
  733.  
  734.  
  735. Trying Zone Transfers and getting Bind Versions:
  736. _________________________________________________
  737.  
  738.  
  739. Trying Zone Transfer for scaa.gov.sd on ns1.esm11.siteground.biz ...
  740.  
  741. Trying Zone Transfer for scaa.gov.sd on ns2.esm11.siteground.biz ...
  742.  
  743. brute force file not specified, bay.
  744. #######################################################################################################################################
  745. ---------------------------------------------------------------------------------------------------------------------------------------
  746.  
  747. [1/25] /webhp?hl=en-CA
  748. [x] Error downloading /webhp?hl=en-CA
  749. [2/25] http://scaa.gov.sd/ar/images/application/TRI_and_TRE_Circular_.pdf
  750. [3/25] http://www.scaa.gov.sd/ar/images/pdf/scan0006.pdf
  751. [x] Error in PDF metadata Creator
  752. [4/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice1.pdf
  753. [x] Error in the parsing process
  754. [5/25] http://www.scaa.gov.sd/ar/images/format/Airworthiness/APPLICATION_FOR_REGISTRATION_OF_AIRCRAFT__CHANGE_OF_OWNERSHIP_-APRL_15_docx.pdf
  755. [6/25] http://www.scaa.gov.sd/ar/images/Seminar/2011/Information/SeminarOfInformationCenters5.pdf
  756. [7/25] http://www.scaa.gov.sd/ar/images/Seminar/2011/Information/SeminarOfInformationCenters3.pdf
  757. [x] Error in PDF metadata Creator
  758. [8/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice26.pdf
  759. [x] Error in the parsing process
  760. [9/25] http://www.scaa.gov.sd/ar/images/Seminar/2012/security/AviationSecuritySeparationWorkshopP1.pdf
  761. [x] Error in PDF metadata Creator
  762. [10/25] http://scaa.gov.sd/ar/images/Licenses/SUCAR6,%2520Subpart1.pdf
  763. [x] Error in the parsing process
  764. [11/25] http://www.scaa.gov.sd/ar/images/Seminar/2011/Information/SeminarOfInformationCenters4.pdf
  765. [x] Error in PDF metadata Creator
  766. [12/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice20.pdf
  767. [x] Error in the parsing process
  768. [13/25] http://www.scaa.gov.sd/ar/images/Licenses/aoc%2520Pamphlet.pdf
  769. [x] Error in the parsing process
  770. [14/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice2.pdf
  771. [x] Error in the parsing process
  772. [15/25] http://www.scaa.gov.sd/ar/images/Seminar/2011/Information/SeminarOfInformationCenters1.pdf
  773. [x] Error in PDF metadata Creator
  774. [16/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice17.pdf
  775. [x] Error in the parsing process
  776. [17/25] http://scaa.gov.sd/ar/images/Notices%2520PDF/notice6.pdf
  777. [x] Error in the parsing process
  778. [18/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice19.pdf
  779. [x] Error in the parsing process
  780. [19/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice13.pdf
  781. [x] Error in the parsing process
  782. [20/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice11.pdf
  783. [x] Error in the parsing process
  784. [21/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice14.pdf
  785. [x] Error in the parsing process
  786. [22/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice25.pdf
  787. [x] Error in the parsing process
  788. [23/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice23.pdf
  789. [x] Error in the parsing process
  790. [24/25] http://www.scaa.gov.sd/ar/images/Notices%2520PDF/notice4.pdf
  791. [x] Error in the parsing process
  792. [25/25] http://www.scaa.gov.sd/ar/images/application/staff%2520instruction%2520.pdf
  793. [x] Error in the parsing process
  794. ---------------------------------------------------------------------------------------------------------------------------------------
  795. [+] List of users found:
  796. ---------------------------------------------------------------------------------------------------------------------------------------
  797. Albert Bryson
  798. MRT
  799. A. Tebeje
  800.  
  801. [+] List of software found:
  802. ---------------------------------------------------------------------------------------------------------------------------------------
  803. ��Microsoft� Word 2010
  804.  
  805. ��Microsoft� Office Word 2007
  806. ��Microsoft� Office PowerPoint� 2007
  807. ��doPDF Ver 7.3 Build 387 (Windows 7 Home Premium Edition (SP 1) - Version: 6.1.7601 (x64))
  808.  
  809. [+] List of paths and servers found:
  810. ---------------------------------------------------------------------------------------------------------------------------------------
  811.  
  812. [+] List of e-mails found:
  813. ---------------------------------------------------------------------------------------------------------------------------------------
  814. atbelai@yahoo.com
  815. atbelai@yahoo.com
  816. atbelai@yahoo.com
  817. #######################################################################################################################################
  818.  
  819. ____ _ _ _ _ _____
  820. / ___| _ _| |__ | (_)___| |_|___ / _ __
  821. \___ \| | | | '_ \| | / __| __| |_ \| '__|
  822. ___) | |_| | |_) | | \__ \ |_ ___) | |
  823. |____/ \__,_|_.__/|_|_|___/\__|____/|_|
  824.  
  825. # Coded By Ahmed Aboul-Ela - @aboul3la
  826.  
  827. [-] Enumerating subdomains now for scaa.gov.sd
  828. [-] verbosity is enabled, will show the subdomains results in realtime
  829. [-] Searching now in Baidu..
  830. [-] Searching now in Yahoo..
  831. [-] Searching now in Google..
  832. [-] Searching now in Bing..
  833. [-] Searching now in Ask..
  834. [-] Searching now in Netcraft..
  835. [-] Searching now in DNSdumpster..
  836. [-] Searching now in Virustotal..
  837. [-] Searching now in ThreatCrowd..
  838. [-] Searching now in SSL Certificates..
  839. [-] Searching now in PassiveDNS..
  840. ThreatCrowd: www.scaa.gov.sd
  841. Virustotal: www.scaa.gov.sd
  842. SSL Certificates: www.scaa.gov.sd
  843. Bing: www.scaa.gov.sd
  844. Yahoo: www.scaa.gov.sd
  845. [-] Saving results to file: /usr/share/sniper/loot//domains/domains-scaa.gov.sd.txt
  846. [-] Total Unique Subdomains Found: 1
  847. www.scaa.gov.sd
  848. #######################################################################################################################################
  849. scaa.gov.sd,77.104.148.191
  850. www.scaa.gov.sd,77.104.148.191
  851. ftp.scaa.gov.sd,77.104.148.204
  852. #######################################################################################################################################
  853. ===============================================
  854. -=Subfinder v1.1.3 github.com/subfinder/subfinder
  855. ===============================================
  856.  
  857.  
  858. Running Source: Ask
  859. Running Source: Archive.is
  860. Running Source: Baidu
  861. Running Source: Bing
  862. Running Source: CertDB
  863. Running Source: CertificateTransparency
  864. Running Source: Certspotter
  865. Running Source: Commoncrawl
  866. Running Source: Crt.sh
  867. Running Source: Dnsdb
  868. Running Source: DNSDumpster
  869. Running Source: DNSTable
  870. Running Source: Dogpile
  871. Running Source: Exalead
  872. Running Source: Findsubdomains
  873. Running Source: Googleter
  874. Running Source: Hackertarget
  875. Running Source: Ipv4Info
  876. Running Source: PTRArchive
  877. Running Source: Sitedossier
  878. Running Source: Threatcrowd
  879. Running Source: ThreatMiner
  880. Running Source: WaybackArchive
  881. Running Source: Yahoo
  882.  
  883. Running enumeration on scaa.gov.sd
  884.  
  885. dnsdb: Unexpected return status 503
  886.  
  887. archiveis: Get http://archive.is/*.scaa.gov.sd: dial tcp 213.183.51.24:80: connect: connection timed out
  888.  
  889.  
  890. Starting Bruteforcing of scaa.gov.sd with 9985 words
  891.  
  892. Total 9 Unique subdomains found for scaa.gov.sd
  893.  
  894. .scaa.gov.sd
  895. cpanel.scaa.gov.sd
  896. ftp.scaa.gov.sd
  897. mail.scaa.gov.sd
  898. webdisk.scaa.gov.sd
  899. webmail.scaa.gov.sd
  900. whm.scaa.gov.sd
  901. www.scaa.gov.sd
  902. www.scaa.gov.sd
  903. #######################################################################################################################################
  904. [*] Processing domain scaa.gov.sd
  905. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2', '205.151.67.6', '205.151.67.34', '205.151.67.2']
  906. [+] Getting nameservers
  907. 77.104.148.204 - ns1.esm11.siteground.biz
  908. 109.199.123.195 - ns2.esm11.siteground.biz
  909. [-] Zone transfer failed
  910.  
  911. [+] MX records found, added to target list
  912. 20 mx20.mailspamprotection.com.
  913. 10 mx10.mailspamprotection.com.
  914. 30 mx30.mailspamprotection.com.
  915.  
  916. [*] Scanning scaa.gov.sd for A records
  917. 77.104.148.191 - scaa.gov.sd
  918. 77.104.148.204 - ftp.scaa.gov.sd
  919. 77.104.148.191 - mail.scaa.gov.sd
  920. 77.104.148.191 - webmail.scaa.gov.sd
  921. 77.104.148.191 - www.scaa.gov.sd
  922. #######################################################################################################################################
  923. [+] scaa.gov.sd has no SPF record!
  924. [*] No DMARC record found. Looking for organizational record
  925. [+] No organizational DMARC record
  926. [+] Spoofing possible for scaa.gov.sd!
  927. #######################################################################################################################################
  928. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:24 EST
  929. Nmap scan report for scaa.gov.sd (77.104.148.191)
  930. Host is up (0.100s latency).
  931. Not shown: 460 filtered ports, 5 closed ports
  932. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  933. PORT STATE SERVICE
  934. 21/tcp open ftp
  935. 53/tcp open domain
  936. 80/tcp open http
  937. 110/tcp open pop3
  938. 143/tcp open imap
  939. 443/tcp open https
  940. 465/tcp open smtps
  941. 587/tcp open submission
  942. 993/tcp open imaps
  943. 995/tcp open pop3s
  944. 2525/tcp open ms-v-worlds
  945. #######################################################################################################################################
  946. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:24 EST
  947. Nmap scan report for scaa.gov.sd (77.104.148.191)
  948. Host is up (0.036s latency).
  949. Not shown: 2 filtered ports
  950. PORT STATE SERVICE
  951. 53/udp open domain
  952. 67/udp open|filtered dhcps
  953. 68/udp open|filtered dhcpc
  954. 69/udp open|filtered tftp
  955. 88/udp open|filtered kerberos-sec
  956. 123/udp open|filtered ntp
  957. 139/udp open|filtered netbios-ssn
  958. 161/udp open|filtered snmp
  959. 162/udp open|filtered snmptrap
  960. 389/udp open|filtered ldap
  961. 520/udp open|filtered route
  962. 2049/udp open|filtered nfs
  963. #######################################################################################################################################
  964. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:25 EST
  965. Nmap scan report for scaa.gov.sd (77.104.148.191)
  966. Host is up (0.11s latency).
  967.  
  968. PORT STATE SERVICE VERSION
  969. 21/tcp open ftp Pure-FTPd
  970. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  971. Device type: general purpose
  972. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
  973. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
  974. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), OpenWrt Chaos Calmer (Linux 3.18) (85%)
  975. No exact OS matches for host (test conditions non-ideal).
  976. Network Distance: 9 hops
  977.  
  978. TRACEROUTE (using port 21/tcp)
  979. HOP RTT ADDRESS
  980. 1 26.56 ms 10.246.200.1
  981. 2 26.58 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  982. 3 30.11 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  983. 4 26.57 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  984. 5 26.55 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  985. 6 27.29 ms 4.68.127.229
  986. 7 107.33 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  987. 8 107.13 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.54)
  988. 9 107.16 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  989. #######################################################################################################################################
  990. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:37 EST
  991. Nmap scan report for scaa.gov.sd (77.104.148.191)
  992. Host is up (0.10s latency).
  993.  
  994. PORT STATE SERVICE VERSION
  995. 53/tcp open domain (unknown banner: donuts)
  996. |_dns-fuzz: Server didn't response to our probe, can't fuzz
  997. | dns-nsec-enum:
  998. |_ No NSEC records found
  999. | dns-nsec3-enum:
  1000. |_ DNSSEC NSEC3 not supported
  1001. | dns-nsid:
  1002. |_ bind.version: donuts
  1003. | fingerprint-strings:
  1004. | DNSVersionBindReqTCP:
  1005. | version
  1006. | bind
  1007. |_ donuts
  1008. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
  1009. SF-Port53-TCP:V=7.70%I=7%D=2/23%Time=5C71065C%P=x86_64-pc-linux-gnu%r(DNSV
  1010. SF:ersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\
  1011. SF:x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\x
  1012. SF:0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
  1013. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1014. Device type: general purpose
  1015. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
  1016. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
  1017. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), OpenWrt Chaos Calmer (Linux 3.18) (85%)
  1018. No exact OS matches for host (test conditions non-ideal).
  1019. Network Distance: 9 hops
  1020.  
  1021. Host script results:
  1022. | dns-blacklist:
  1023. | SPAM
  1024. |_ l2.apews.org - SPAM
  1025. | dns-brute:
  1026. |_ DNS Brute-force hostnames: No results.
  1027.  
  1028. TRACEROUTE (using port 53/tcp)
  1029. HOP RTT ADDRESS
  1030. 1 21.52 ms 10.246.200.1
  1031. 2 21.58 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1032. 3 31.96 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1033. 4 21.57 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1034. 5 21.59 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1035. 6 22.02 ms 4.68.127.229
  1036. 7 ...
  1037. 8 102.48 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.54)
  1038. 9 102.45 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1039. #######################################################################################################################################
  1040. wig - WebApp Information Gatherer
  1041.  
  1042.  
  1043. Scanning http://scaa.gov.sd...
  1044. _________________ SITE INFO __________________
  1045. IP Title
  1046. 77.104.148.191
  1047.  
  1048. __________________ VERSION ___________________
  1049. Name Versions Type
  1050. nginx Platform
  1051.  
  1052. ______________________________________________
  1053. Time: 34.1 sec Urls: 599 Fingerprints: 40401
  1054. #######################################################################################################################################
  1055. HTTP/1.1 200 OK
  1056. Server: nginx
  1057. Date: Sat, 23 Feb 2019 08:46:02 GMT
  1058. Content-Type: text/html
  1059. Content-Length: 88
  1060. Connection: keep-alive
  1061. Expires: Thu, 01 Jan 1970 00:00:01 GMT
  1062. Cache-Control: no-cache
  1063.  
  1064. HTTP/1.1 200 OK
  1065. Server: nginx
  1066. Date: Sat, 23 Feb 2019 08:46:02 GMT
  1067. Content-Type: text/html
  1068. Content-Length: 88
  1069. Connection: keep-alive
  1070. Expires: Thu, 01 Jan 1970 00:00:01 GMT
  1071. Cache-Control: no-cache
  1072. #######################################################################################################################################
  1073. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:46 EST
  1074. Nmap scan report for scaa.gov.sd (77.104.148.191)
  1075. Host is up (0.10s latency).
  1076.  
  1077. PORT STATE SERVICE VERSION
  1078. 110/tcp open pop3 Dovecot pop3d
  1079. | pop3-brute:
  1080. | Accounts: No valid accounts found
  1081. |_ Statistics: Performed 225 guesses in 189 seconds, average tps: 1.1
  1082. |_pop3-capabilities: PIPELINING TOP RESP-CODES AUTH-RESP-CODE UIDL USER SASL(PLAIN LOGIN) STLS CAPA
  1083. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1084. Device type: general purpose
  1085. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (89%)
  1086. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
  1087. Aggressive OS guesses: Linux 4.9 (89%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%)
  1088. No exact OS matches for host (test conditions non-ideal).
  1089. Network Distance: 9 hops
  1090.  
  1091. TRACEROUTE (using port 110/tcp)
  1092. HOP RTT ADDRESS
  1093. 1 22.72 ms 10.246.200.1
  1094. 2 23.13 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1095. 3 32.52 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1096. 4 22.95 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1097. 5 22.98 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1098. 6 23.18 ms 4.68.127.229
  1099. 7 102.53 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  1100. 8 103.83 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1101. 9 103.69 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1102. #######################################################################################################################################
  1103. wig - WebApp Information Gatherer
  1104.  
  1105.  
  1106. Scanning https://scaa.gov.sd...
  1107. _________________ SITE INFO __________________
  1108. IP Title
  1109. 77.104.148.191
  1110.  
  1111. __________________ VERSION ___________________
  1112. Name Versions Type
  1113. nginx Platform
  1114.  
  1115. ______________________________________________
  1116. Time: 61.7 sec Urls: 599 Fingerprints: 40401
  1117. #######################################################################################################################################
  1118. HTTP/2 200
  1119. server: nginx
  1120. date: Sat, 23 Feb 2019 08:51:21 GMT
  1121. content-type: text/html
  1122. content-length: 88
  1123. expires: Thu, 01 Jan 1970 00:00:01 GMT
  1124. cache-control: no-cache
  1125.  
  1126. HTTP/2 200
  1127. server: nginx
  1128. date: Sat, 23 Feb 2019 08:51:22 GMT
  1129. content-type: text/html
  1130. content-length: 88
  1131. expires: Thu, 01 Jan 1970 00:00:01 GMT
  1132. cache-control: no-cache
  1133. #######################################################################################################################################
  1134. Version: 1.11.12-static
  1135. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1136.  
  1137. Connected to 77.104.148.191
  1138.  
  1139. Testing SSL server scaa.gov.sd on port 443 using SNI name scaa.gov.sd
  1140.  
  1141. TLS Fallback SCSV:
  1142. Server supports TLS Fallback SCSV
  1143.  
  1144. TLS renegotiation:
  1145. Session renegotiation not supported
  1146.  
  1147. TLS Compression:
  1148. Compression disabled
  1149.  
  1150. Heartbleed:
  1151. TLS 1.2 not vulnerable to heartbleed
  1152. TLS 1.1 not vulnerable to heartbleed
  1153. TLS 1.0 not vulnerable to heartbleed
  1154.  
  1155. Supported Server Cipher(s):
  1156. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
  1157. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
  1158. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
  1159. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
  1160. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
  1161. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
  1162. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  1163. Accepted TLSv1.2 128 bits AES128-SHA
  1164. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
  1165. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
  1166. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
  1167. Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
  1168. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
  1169. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
  1170. Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
  1171. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
  1172. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  1173. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  1174. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  1175. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  1176. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  1177. Accepted TLSv1.2 256 bits AES256-SHA256
  1178. Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
  1179. Accepted TLSv1.2 128 bits AES128-SHA256
  1180. Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
  1181. Accepted TLSv1.2 256 bits AES256-SHA
  1182. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  1183. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  1184. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
  1185. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
  1186. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  1187. Accepted TLSv1.1 128 bits AES128-SHA
  1188. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  1189. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  1190. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  1191. Accepted TLSv1.1 256 bits AES256-SHA
  1192. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  1193. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  1194.  
  1195. SSL Certificate:
  1196. Signature Algorithm: sha256WithRSAEncryption
  1197. RSA Key Strength: 2048
  1198.  
  1199. Subject: scaa.gov.sd
  1200. Altnames: DNS:scaa.gov.sd, DNS:www.scaa.gov.sd
  1201. Issuer: Let's Encrypt Authority X3
  1202.  
  1203. Not valid before: Feb 21 16:25:51 2019 GMT
  1204. Not valid after: May 22 16:25:51 2019 GMT
  1205. #######################################################################################################################################
  1206. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:37 EST
  1207. Nmap scan report for 77.104.148.191
  1208. Host is up (0.088s latency).
  1209. Not shown: 461 filtered ports, 5 closed ports
  1210. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  1211. PORT STATE SERVICE
  1212. 53/tcp open domain
  1213. 80/tcp open http
  1214. 110/tcp open pop3
  1215. 143/tcp open imap
  1216. 443/tcp open https
  1217. 465/tcp open smtps
  1218. 587/tcp open submission
  1219. 993/tcp open imaps
  1220. 995/tcp open pop3s
  1221. 2525/tcp open ms-v-worlds
  1222. #######################################################################################################################################
  1223. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:38 EST
  1224. Nmap scan report for 77.104.148.191
  1225. Host is up (0.033s latency).
  1226. Not shown: 2 filtered ports
  1227. PORT STATE SERVICE
  1228. 53/udp open domain
  1229. 67/udp open|filtered dhcps
  1230. 68/udp open|filtered dhcpc
  1231. 69/udp open|filtered tftp
  1232. 88/udp open|filtered kerberos-sec
  1233. 123/udp open|filtered ntp
  1234. 139/udp open|filtered netbios-ssn
  1235. 161/udp open|filtered snmp
  1236. 162/udp open|filtered snmptrap
  1237. 389/udp open|filtered ldap
  1238. 520/udp open|filtered route
  1239. 2049/udp open|filtered nfs
  1240. #######################################################################################################################################
  1241. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:38 EST
  1242. Nmap scan report for 77.104.148.191
  1243. Host is up (0.10s latency).
  1244.  
  1245. PORT STATE SERVICE VERSION
  1246. 53/tcp open domain (unknown banner: donuts)
  1247. |_dns-fuzz: Server didn't response to our probe, can't fuzz
  1248. |_dns-nsec-enum: Can't determine domain for host 77.104.148.191; use dns-nsec-enum.domains script arg.
  1249. |_dns-nsec3-enum: Can't determine domain for host 77.104.148.191; use dns-nsec3-enum.domains script arg.
  1250. | dns-nsid:
  1251. |_ bind.version: donuts
  1252. | fingerprint-strings:
  1253. | DNSVersionBindReqTCP:
  1254. | version
  1255. | bind
  1256. |_ donuts
  1257. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
  1258. SF-Port53-TCP:V=7.70%I=7%D=2/23%Time=5C7106AB%P=x86_64-pc-linux-gnu%r(DNSV
  1259. SF:ersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\
  1260. SF:x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\x
  1261. SF:0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
  1262. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1263. Device type: general purpose
  1264. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (88%)
  1265. OS CPE: cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:2.6
  1266. Aggressive OS guesses: Linux 3.18 (88%), Linux 4.9 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
  1267. No exact OS matches for host (test conditions non-ideal).
  1268. Network Distance: 9 hops
  1269.  
  1270. Host script results:
  1271. | dns-blacklist:
  1272. | SPAM
  1273. |_ l2.apews.org - SPAM
  1274. |_dns-brute: Can't guess domain of "77.104.148.191"; use dns-brute.domain script argument.
  1275.  
  1276. TRACEROUTE (using port 53/tcp)
  1277. HOP RTT ADDRESS
  1278. 1 22.14 ms 10.246.200.1
  1279. 2 41.84 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1280. 3 25.36 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1281. 4 22.19 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1282. 5 22.95 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1283. 6 22.56 ms 4.68.127.229
  1284. 7 ...
  1285. 8 112.46 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.54)
  1286. 9 103.77 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1287. #######################################################################################################################################
  1288. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:40 EST
  1289. Nmap scan report for 77.104.148.191
  1290. Host is up (0.11s latency).
  1291.  
  1292. PORT STATE SERVICE VERSION
  1293. 67/udp open|filtered dhcps
  1294. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  1295. Too many fingerprints match this host to give specific OS details
  1296. Network Distance: 9 hops
  1297.  
  1298. TRACEROUTE (using proto 1/icmp)
  1299. HOP RTT ADDRESS
  1300. 1 30.67 ms 10.246.200.1
  1301. 2 31.00 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1302. 3 39.65 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1303. 4 30.69 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1304. 5 30.69 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1305. 6 31.02 ms 4.68.127.229
  1306. 7 ...
  1307. 8 112.36 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1308. 9 112.39 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1309. #######################################################################################################################################
  1310. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:42 EST
  1311. Nmap scan report for 77.104.148.191
  1312. Host is up (0.10s latency).
  1313.  
  1314. PORT STATE SERVICE VERSION
  1315. 68/udp open|filtered dhcpc
  1316. Too many fingerprints match this host to give specific OS details
  1317. Network Distance: 9 hops
  1318.  
  1319. TRACEROUTE (using proto 1/icmp)
  1320. HOP RTT ADDRESS
  1321. 1 22.31 ms 10.246.200.1
  1322. 2 22.40 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1323. 3 36.16 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1324. 4 22.38 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1325. 5 22.41 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1326. 6 22.68 ms 4.68.127.229
  1327. 7 ...
  1328. 8 103.75 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1329. 9 103.42 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1330. #######################################################################################################################################
  1331. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:44 EST
  1332. Nmap scan report for 77.104.148.191
  1333. Host is up (0.10s latency).
  1334.  
  1335. PORT STATE SERVICE VERSION
  1336. 69/udp open|filtered tftp
  1337. Too many fingerprints match this host to give specific OS details
  1338. Network Distance: 9 hops
  1339.  
  1340. TRACEROUTE (using proto 1/icmp)
  1341. HOP RTT ADDRESS
  1342. 1 23.18 ms 10.246.200.1
  1343. 2 23.56 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1344. 3 38.33 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1345. 4 23.23 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1346. 5 23.61 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1347. 6 23.63 ms 4.68.127.229
  1348. 7 ...
  1349. 8 104.59 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1350. 9 104.29 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1351. #######################################################################################################################################
  1352. wig - WebApp Information Gatherer
  1353.  
  1354.  
  1355. Scanning http://77.104.148.191...
  1356. _________________ SITE INFO __________________
  1357. IP Title
  1358. 77.104.148.191
  1359.  
  1360. __________________ VERSION ___________________
  1361. Name Versions Type
  1362. nginx Platform
  1363.  
  1364. ______________________________________________
  1365. Time: 29.8 sec Urls: 599 Fingerprints: 40401
  1366. #######################################################################################################################################
  1367. HTTP/1.1 200 OK
  1368. Server: nginx
  1369. Date: Sat, 23 Feb 2019 08:48:13 GMT
  1370. Content-Type: text/html
  1371. Content-Length: 88
  1372. Connection: keep-alive
  1373. Expires: Thu, 01 Jan 1970 00:00:01 GMT
  1374. Cache-Control: no-cache
  1375.  
  1376. HTTP/1.1 200 OK
  1377. Server: nginx
  1378. Date: Sat, 23 Feb 2019 08:48:13 GMT
  1379. Content-Type: text/html
  1380. Content-Length: 88
  1381. Connection: keep-alive
  1382. Expires: Thu, 01 Jan 1970 00:00:01 GMT
  1383. Cache-Control: no-cache
  1384. #######################################################################################################################################
  1385. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:48 EST
  1386. Nmap scan report for 77.104.148.191
  1387. Host is up (0.10s latency).
  1388.  
  1389. PORT STATE SERVICE VERSION
  1390. 110/tcp open pop3 Dovecot pop3d
  1391. | pop3-brute:
  1392. | Accounts: No valid accounts found
  1393. | Statistics: Performed 105 guesses in 124 seconds, average tps: 0.6
  1394. |_ ERROR: Failed to connect.
  1395. |_pop3-capabilities: RESP-CODES UIDL PIPELINING SASL(PLAIN LOGIN) AUTH-RESP-CODE TOP CAPA USER STLS
  1396. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  1397. Device type: general purpose
  1398. Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
  1399. OS CPE: cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.6
  1400. Aggressive OS guesses: Linux 4.9 (91%), Linux 3.18 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.12 - 4.10 (85%), Linux 3.16 (85%)
  1401. No exact OS matches for host (test conditions non-ideal).
  1402. Network Distance: 9 hops
  1403.  
  1404. TRACEROUTE (using port 443/tcp)
  1405. HOP RTT ADDRESS
  1406. 1 22.09 ms 10.246.200.1
  1407. 2 22.19 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1408. 3 27.34 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1409. 4 22.19 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1410. 5 22.19 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1411. 6 22.57 ms 4.68.127.229
  1412. 7 102.97 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  1413. 8 103.28 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.54)
  1414. 9 104.00 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1415. #######################################################################################################################################
  1416. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:50 EST
  1417. Nmap scan report for 77.104.148.191
  1418. Host is up (0.11s latency).
  1419.  
  1420. PORT STATE SERVICE VERSION
  1421. 123/udp open|filtered ntp
  1422. Too many fingerprints match this host to give specific OS details
  1423. Network Distance: 9 hops
  1424.  
  1425. TRACEROUTE (using proto 1/icmp)
  1426. HOP RTT ADDRESS
  1427. 1 23.06 ms 10.246.200.1
  1428. 2 45.85 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1429. 3 44.69 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1430. 4 23.54 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1431. 5 23.51 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1432. 6 23.58 ms 4.68.127.229
  1433. 7 104.25 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  1434. 8 108.60 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1435. 9 106.06 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1436. #######################################################################################################################################
  1437. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:53 EST
  1438. Nmap scan report for 77.104.148.191
  1439. Host is up (0.10s latency).
  1440.  
  1441. PORT STATE SERVICE VERSION
  1442. 161/tcp filtered snmp
  1443. 161/udp open|filtered snmp
  1444. Too many fingerprints match this host to give specific OS details
  1445. Network Distance: 9 hops
  1446.  
  1447. TRACEROUTE (using proto 1/icmp)
  1448. HOP RTT ADDRESS
  1449. 1 24.69 ms 10.246.200.1
  1450. 2 25.08 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  1451. 3 42.50 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  1452. 4 25.62 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  1453. 5 24.77 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  1454. 6 25.15 ms 4.68.127.229
  1455. 7 102.74 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  1456. 8 106.00 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  1457. 9 106.00 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  1458. #######################################################################################################################################
  1459. Version: 1.11.12-static
  1460. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1461.  
  1462. Connected to 77.104.148.191
  1463.  
  1464. Testing SSL server 77.104.148.191 on port 443 using SNI name 77.104.148.191
  1465.  
  1466. TLS Fallback SCSV:
  1467. Server supports TLS Fallback SCSV
  1468.  
  1469. TLS renegotiation:
  1470. Session renegotiation not supported
  1471.  
  1472. TLS Compression:
  1473. Compression disabled
  1474.  
  1475. Heartbleed:
  1476. TLS 1.2 not vulnerable to heartbleed
  1477. TLS 1.1 not vulnerable to heartbleed
  1478. TLS 1.0 not vulnerable to heartbleed
  1479.  
  1480. Supported Server Cipher(s):
  1481. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
  1482. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
  1483. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
  1484. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
  1485. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
  1486. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
  1487. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  1488. Accepted TLSv1.2 128 bits AES128-SHA
  1489. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
  1490. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
  1491. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
  1492. Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
  1493. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
  1494. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
  1495. Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
  1496. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
  1497. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  1498. Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  1499. Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  1500. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  1501. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  1502. Accepted TLSv1.2 256 bits AES256-SHA256
  1503. Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
  1504. Accepted TLSv1.2 128 bits AES128-SHA256
  1505. Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
  1506. Accepted TLSv1.2 256 bits AES256-SHA
  1507. Accepted TLSv1.2 256 bits CAMELLIA256-SHA
  1508. Accepted TLSv1.2 128 bits CAMELLIA128-SHA
  1509. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
  1510. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
  1511. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
  1512. Accepted TLSv1.1 128 bits AES128-SHA
  1513. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
  1514. Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
  1515. Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
  1516. Accepted TLSv1.1 256 bits AES256-SHA
  1517. Accepted TLSv1.1 256 bits CAMELLIA256-SHA
  1518. Accepted TLSv1.1 128 bits CAMELLIA128-SHA
  1519.  
  1520. SSL Certificate:
  1521. Signature Algorithm: sha256WithRSAEncryption
  1522. RSA Key Strength: 2048
  1523.  
  1524. Subject: 22410.gr
  1525. Altnames: DNS:22410.gr, DNS:www.22410.gr
  1526. Issuer: Let's Encrypt Authority X3
  1527.  
  1528. Not valid before: Feb 22 06:11:05 2019 GMT
  1529. Not valid after: May 23 06:11:05 2019 GMT
  1530. #######################################################################################################################################
  1531. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:57 EST
  1532. NSE: Loaded 148 scripts for scanning.
  1533. NSE: Script Pre-scanning.
  1534. NSE: Starting runlevel 1 (of 2) scan.
  1535. Initiating NSE at 03:57
  1536. Completed NSE at 03:57, 0.00s elapsed
  1537. NSE: Starting runlevel 2 (of 2) scan.
  1538. Initiating NSE at 03:57
  1539. Completed NSE at 03:57, 0.00s elapsed
  1540. Initiating Ping Scan at 03:57
  1541. Scanning 77.104.148.191 [4 ports]
  1542. Completed Ping Scan at 03:57, 0.13s elapsed (1 total hosts)
  1543. Initiating Parallel DNS resolution of 1 host. at 03:57
  1544. Completed Parallel DNS resolution of 1 host. at 03:58, 16.50s elapsed
  1545. Initiating Connect Scan at 03:58
  1546. Scanning 77.104.148.191 [1000 ports]
  1547. Discovered open port 443/tcp on 77.104.148.191
  1548. Discovered open port 993/tcp on 77.104.148.191
  1549. Discovered open port 80/tcp on 77.104.148.191
  1550. Discovered open port 53/tcp on 77.104.148.191
  1551. Discovered open port 143/tcp on 77.104.148.191
  1552. Discovered open port 587/tcp on 77.104.148.191
  1553. Discovered open port 465/tcp on 77.104.148.191
  1554. Discovered open port 2525/tcp on 77.104.148.191
  1555. Completed Connect Scan at 03:58, 8.14s elapsed (1000 total ports)
  1556. Initiating Service scan at 03:58
  1557. Scanning 8 services on 77.104.148.191
  1558. Completed Service scan at 03:58, 38.51s elapsed (8 services on 1 host)
  1559. Initiating OS detection (try #1) against 77.104.148.191
  1560. Retrying OS detection (try #2) against 77.104.148.191
  1561. Initiating Traceroute at 03:59
  1562. Completed Traceroute at 03:59, 2.13s elapsed
  1563. Initiating Parallel DNS resolution of 9 hosts. at 03:59
  1564. Completed Parallel DNS resolution of 9 hosts. at 03:59, 16.50s elapsed
  1565. NSE: Script scanning 77.104.148.191.
  1566. NSE: Starting runlevel 1 (of 2) scan.
  1567. Initiating NSE at 03:59
  1568. Completed NSE at 03:59, 21.52s elapsed
  1569. NSE: Starting runlevel 2 (of 2) scan.
  1570. Initiating NSE at 03:59
  1571. Completed NSE at 03:59, 0.00s elapsed
  1572. Nmap scan report for 77.104.148.191
  1573. Host is up, received syn-ack ttl 53 (0.085s latency).
  1574. Scanned at 2019-02-23 03:57:54 EST for 109s
  1575. Not shown: 983 filtered ports
  1576. Reason: 983 no-responses
  1577. PORT STATE SERVICE REASON VERSION
  1578. 25/tcp closed smtp conn-refused
  1579. 53/tcp open domain syn-ack (unknown banner: donuts)
  1580. | dns-nsid:
  1581. |_ bind.version: donuts
  1582. | fingerprint-strings:
  1583. | DNSVersionBindReqTCP:
  1584. | version
  1585. | bind
  1586. |_ donuts
  1587. 80/tcp open http syn-ack nginx
  1588. |_http-server-header: nginx
  1589. 111/tcp closed rpcbind conn-refused
  1590. 139/tcp closed netbios-ssn conn-refused
  1591. 143/tcp open imap syn-ack Dovecot imapd
  1592. |_imap-capabilities: ID OK IMAP4rev1 Pre-login LITERAL+ IDLE AUTH=LOGINA0001 AUTH=PLAIN ENABLE SASL-IR LOGIN-REFERRALS more have post-login NAMESPACE STARTTLS listed capabilities
  1593. | ssl-cert: Subject: commonName=*.siteground.biz/organizationalUnitName=Domain Control Validated
  1594. | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
  1595. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
  1596. | Public Key type: rsa
  1597. | Public Key bits: 2048
  1598. | Signature Algorithm: sha256WithRSAEncryption
  1599. | Not valid before: 2018-04-16T06:31:57
  1600. | Not valid after: 2019-06-14T08:30:37
  1601. | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
  1602. | SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
  1603. | -----BEGIN CERTIFICATE-----
  1604. | MIIF6jCCBNKgAwIBAgIMTbprr2lUvBK97vuHMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
  1605. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
  1606. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDQxNjA2MzE1N1oXDTE5MDYx
  1607. | NDA4MzAzN1owPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkw
  1608. | FwYDVQQDDBAqLnNpdGVncm91bmQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  1609. | MIIBCgKCAQEAzEoZ5JRBYkQEZtJLdpddPdn7AL5OSM4lB7RLfZTCqq4KeYqsC573
  1610. | Z+20HCexeorFf1sEhsRvJ/BZxPtUbkdoLTf1M6UVtKM6Jr/FqeEqxgr/Dy0sKnUq
  1611. | tAwmdw0ug/Mx8kb4rIafFtGi+pI7aeySCc7J8hjEseBaV5cNG/TiJne7SHoHZKuE
  1612. | Exnfh7KqAK8dZ01ExtoXV8x5RnNc/Ey4xzxItO8pPOBBctCRIaOp1mfo8Re/z1N7
  1613. | zRA65TSQn39VBu+cLWVt2SG0Y/a//GI18nwlv2mtRkTkZKJXI9yMNjw5TIVmKwZA
  1614. | rDwGSLocm6xIIYu7FPpjsy43Wm72gbPMNQIDAQABo4IC2DCCAtQwDgYDVR0PAQH/
  1615. | BAQDAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1
  1616. | cmUyLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1Bggr
  1617. | BgEFBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEy
  1618. | ZzIwVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBz
  1619. | Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNV
  1620. | HRMEAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNv
  1621. | bS9ncy9nc2FscGhhc2hhMmcyLmNybDArBgNVHREEJDAighAqLnNpdGVncm91bmQu
  1622. | Yml6gg5zaXRlZ3JvdW5kLmJpejAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
  1623. | AwIwHQYDVR0OBBYEFMKLp0z+2EfA3Zx0dYzaxVrX4cKSMB8GA1UdIwQYMBaAFPXN
  1624. | 1TwIUPlqTzq3l9pWg+Zp0mj3MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAh3W/
  1625. | 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFizScsbwAABAMASDBGAiEA
  1626. | ypzsZLygMQA1zXxMIC9fOPKkpzEkgJjn1r6jCgrHkxMCIQCNahsFqLCl1BZIKKfE
  1627. | UD8MxgVRsNb1xXHIs5V2lTQlVQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
  1628. | ZDaOHtGFAAABYs0nLckAAAQDAEYwRAIgYajfZEFbTIJrgQb4diVQ3RSTVrzWVDvp
  1629. | Kjz7md2aEj4CIDkJ3a+YDXES0wxjkg8s5d2tejrLvRKHwXe9aWceVdfHMA0GCSqG
  1630. | SIb3DQEBCwUAA4IBAQALdY+e2UZ3s4encxq6FfN1s7wtcZQ4108vQT/a5IeuWmU5
  1631. | UwJKjwKANHPmZHt9Il5NglW4Vjc3cVVL01mTKq4F8v9keG9+zaTKHDgAwSRp2i+j
  1632. | 1mls+nO8Vg7LecI4pCGikuJp8n6BVVB7vEiezeKv7YvHPKIEg2ykFzfuVsUINX5n
  1633. | 9a2GT9RWLLtkqEoYnw/Z1vFnVpgXmKCxBDckKXRybKXurCxCCk5e6cQMLXyjXMdC
  1634. | kCkwfUSokbD0/SmiO1k9o1IN+k13rCuZ5Ar5NdUDnSLgxt/Ba1NiWNBF0ZIN7NCL
  1635. | /4xuY+T1wYePT0pwiAH74QI4zC7XuR9hSqEpcAH8
  1636. |_-----END CERTIFICATE-----
  1637. |_ssl-date: 2019-02-23T08:59:25+00:00; 0s from scanner time.
  1638. 443/tcp open ssl/http syn-ack nginx
  1639. |_http-server-header: nginx
  1640. |_http-title: 400 The plain HTTP request was sent to HTTPS port
  1641. | ssl-cert: Subject: commonName=22410.gr
  1642. | Subject Alternative Name: DNS:22410.gr, DNS:www.22410.gr
  1643. | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
  1644. | Public Key type: rsa
  1645. | Public Key bits: 2048
  1646. | Signature Algorithm: sha256WithRSAEncryption
  1647. | Not valid before: 2019-02-22T06:11:05
  1648. | Not valid after: 2019-05-23T06:11:05
  1649. | MD5: 1346 472e 00cd 5ab0 cc37 8e23 5490 4e4e
  1650. | SHA-1: 8048 5dbf ace0 c513 4ecc 5bab e81d 036f 6375 2f13
  1651. | -----BEGIN CERTIFICATE-----
  1652. | MIIFVzCCBD+gAwIBAgISAzge6OWaOaXQkwwAHtjBlgHIMA0GCSqGSIb3DQEBCwUA
  1653. | MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
  1654. | ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjIwNjExMDVaFw0x
  1655. | OTA1MjMwNjExMDVaMBMxETAPBgNVBAMTCDIyNDEwLmdyMIIBIjANBgkqhkiG9w0B
  1656. | AQEFAAOCAQ8AMIIBCgKCAQEAwpsQDo5BV0CZ/4fy1zMensWa9HfwClDzeH7u0yaS
  1657. | pIGTJoXwK+0cGqCruX999XcxjlJSM6twmw5eLFGaLHg29wgUefC0Srky5Mfwipa5
  1658. | BwdNXM7U1d9IEtVMUbr7P11DMD876e/gzhGzVst3Yiw/HKJO42PRK/C/vtYcHkEs
  1659. | VAlKI3XThoM2OoCXNuzE4gmzS21zUEzkFxNU0CsePg4e8SQ4RAfqcaIiTEJnK2FE
  1660. | y5T4qQlv+j5VgFvqIsOJ6i5PXGIFZr0gOWJF5Kzsoq3XLybO1bs3i/yUe6x1mvsV
  1661. | 5NkNNSX9HX8SwTpMG8rKMhBJsQmexXT4Otw6G+gJvCjegQIDAQABo4ICbDCCAmgw
  1662. | DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
  1663. | BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQzWTU61+MA4tLqifAZdoetb3OYUTAfBgNV
  1664. | HSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYI
  1665. | KwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYI
  1666. | KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCEG
  1667. | A1UdEQQaMBiCCDIyNDEwLmdyggx3d3cuMjI0MTAuZ3IwTAYDVR0gBEUwQzAIBgZn
  1668. | gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
  1669. | ZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwB0ftqDMa0z
  1670. | EJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWkUCxoRAAAEAwBIMEYCIQCJLnf4
  1671. | /79Y6xTYKAEtwpgzfvbDGfBTG3WZPUugYWOdiQIhAK6LFHxYm33aY3Vzq1f9aZVB
  1672. | 5vqymUo6p49FDyEYUXRnAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH
  1673. | 9HgAAAFpFAsaTAAABAMARzBFAiEA/Bo8g2n/5+6JvaC4D3xjRzWW3XclLcUw/myM
  1674. | O6Xt2EECIFKfLjf6rhCQKeJlxERfeVe+ZRN/I2KLOuDHta5PcaUVMA0GCSqGSIb3
  1675. | DQEBCwUAA4IBAQAtlbmAbgS4pkxJrlfe6h5k/RMqHt4WyePxaErYuwRkDLjMkvQz
  1676. | sn+oVqyDNny3ouomyYoGvOmuDU1acKBx4E3H7PlYn7IMgbTgA/q/Y0KkX0SvnfZ7
  1677. | tGzNbBTXnp3ofko2sbrMtltOi4cJ55L5hCE4ZxmmJJE5cKbedoNa10xKKfpQ16BG
  1678. | F2DQbRuV5ww5HJd6WCtUTtedaq+qnkX/zJ0tL3bCPXWR4HgjNBzzVOyLtH4CndVL
  1679. | GB807m7JPuF6uFPw9frfxGSaMRw0L3Wrci9ko06ktsYLCtB5crxznSJ/C7BktQD8
  1680. | PiuEVfP/2kk7EPK3EH30qmmoFkc/hB8io4rP
  1681. |_-----END CERTIFICATE-----
  1682. |_ssl-date: TLS randomness does not represent time
  1683. | tls-alpn:
  1684. | h2
  1685. |_ http/1.1
  1686. | tls-nextprotoneg:
  1687. | h2
  1688. |_ http/1.1
  1689. 445/tcp closed microsoft-ds conn-refused
  1690. 465/tcp open ssl/smtp syn-ack
  1691. | fingerprint-strings:
  1692. | GenericLines:
  1693. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:47 +0100
  1694. | 220-We do not authorize the use of this system to transport unsolicited,
  1695. | and/or bulk e-mail.
  1696. | unrecognized command
  1697. | unrecognized command
  1698. | GetRequest:
  1699. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:53 +0100
  1700. | 220-We do not authorize the use of this system to transport unsolicited,
  1701. | and/or bulk e-mail.
  1702. | unrecognized command
  1703. | unrecognized command
  1704. | Hello, NULL:
  1705. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:26 +0100
  1706. | 220-We do not authorize the use of this system to transport unsolicited,
  1707. | and/or bulk e-mail.
  1708. | Help:
  1709. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:40 +0100
  1710. | 220-We do not authorize the use of this system to transport unsolicited,
  1711. | and/or bulk e-mail.
  1712. | 214-Commands supported:
  1713. |_ AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
  1714. |_smtp-commands: Couldn't establish connection on port 465
  1715. | ssl-cert: Subject: commonName=*.siteground.biz/organizationalUnitName=Domain Control Validated
  1716. | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
  1717. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
  1718. | Public Key type: rsa
  1719. | Public Key bits: 2048
  1720. | Signature Algorithm: sha256WithRSAEncryption
  1721. | Not valid before: 2018-04-16T06:31:57
  1722. | Not valid after: 2019-06-14T08:30:37
  1723. | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
  1724. | SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
  1725. | -----BEGIN CERTIFICATE-----
  1726. | MIIF6jCCBNKgAwIBAgIMTbprr2lUvBK97vuHMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
  1727. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
  1728. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDQxNjA2MzE1N1oXDTE5MDYx
  1729. | NDA4MzAzN1owPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkw
  1730. | FwYDVQQDDBAqLnNpdGVncm91bmQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  1731. | MIIBCgKCAQEAzEoZ5JRBYkQEZtJLdpddPdn7AL5OSM4lB7RLfZTCqq4KeYqsC573
  1732. | Z+20HCexeorFf1sEhsRvJ/BZxPtUbkdoLTf1M6UVtKM6Jr/FqeEqxgr/Dy0sKnUq
  1733. | tAwmdw0ug/Mx8kb4rIafFtGi+pI7aeySCc7J8hjEseBaV5cNG/TiJne7SHoHZKuE
  1734. | Exnfh7KqAK8dZ01ExtoXV8x5RnNc/Ey4xzxItO8pPOBBctCRIaOp1mfo8Re/z1N7
  1735. | zRA65TSQn39VBu+cLWVt2SG0Y/a//GI18nwlv2mtRkTkZKJXI9yMNjw5TIVmKwZA
  1736. | rDwGSLocm6xIIYu7FPpjsy43Wm72gbPMNQIDAQABo4IC2DCCAtQwDgYDVR0PAQH/
  1737. | BAQDAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1
  1738. | cmUyLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1Bggr
  1739. | BgEFBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEy
  1740. | ZzIwVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBz
  1741. | Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNV
  1742. | HRMEAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNv
  1743. | bS9ncy9nc2FscGhhc2hhMmcyLmNybDArBgNVHREEJDAighAqLnNpdGVncm91bmQu
  1744. | Yml6gg5zaXRlZ3JvdW5kLmJpejAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
  1745. | AwIwHQYDVR0OBBYEFMKLp0z+2EfA3Zx0dYzaxVrX4cKSMB8GA1UdIwQYMBaAFPXN
  1746. | 1TwIUPlqTzq3l9pWg+Zp0mj3MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAh3W/
  1747. | 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFizScsbwAABAMASDBGAiEA
  1748. | ypzsZLygMQA1zXxMIC9fOPKkpzEkgJjn1r6jCgrHkxMCIQCNahsFqLCl1BZIKKfE
  1749. | UD8MxgVRsNb1xXHIs5V2lTQlVQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
  1750. | ZDaOHtGFAAABYs0nLckAAAQDAEYwRAIgYajfZEFbTIJrgQb4diVQ3RSTVrzWVDvp
  1751. | Kjz7md2aEj4CIDkJ3a+YDXES0wxjkg8s5d2tejrLvRKHwXe9aWceVdfHMA0GCSqG
  1752. | SIb3DQEBCwUAA4IBAQALdY+e2UZ3s4encxq6FfN1s7wtcZQ4108vQT/a5IeuWmU5
  1753. | UwJKjwKANHPmZHt9Il5NglW4Vjc3cVVL01mTKq4F8v9keG9+zaTKHDgAwSRp2i+j
  1754. | 1mls+nO8Vg7LecI4pCGikuJp8n6BVVB7vEiezeKv7YvHPKIEg2ykFzfuVsUINX5n
  1755. | 9a2GT9RWLLtkqEoYnw/Z1vFnVpgXmKCxBDckKXRybKXurCxCCk5e6cQMLXyjXMdC
  1756. | kCkwfUSokbD0/SmiO1k9o1IN+k13rCuZ5Ar5NdUDnSLgxt/Ba1NiWNBF0ZIN7NCL
  1757. | /4xuY+T1wYePT0pwiAH74QI4zC7XuR9hSqEpcAH8
  1758. |_-----END CERTIFICATE-----
  1759. 587/tcp open smtp syn-ack
  1760. | fingerprint-strings:
  1761. | GenericLines:
  1762. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:19 +0100
  1763. | 220-We do not authorize the use of this system to transport unsolicited,
  1764. | and/or bulk e-mail.
  1765. | unrecognized command
  1766. | unrecognized command
  1767. | GetRequest:
  1768. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:46 +0100
  1769. | 220-We do not authorize the use of this system to transport unsolicited,
  1770. | and/or bulk e-mail.
  1771. | unrecognized command
  1772. | unrecognized command
  1773. | Hello:
  1774. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:30 +0100
  1775. | 220-We do not authorize the use of this system to transport unsolicited,
  1776. | and/or bulk e-mail.
  1777. | Help:
  1778. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:38 +0100
  1779. | 220-We do not authorize the use of this system to transport unsolicited,
  1780. | and/or bulk e-mail.
  1781. | 214-Commands supported:
  1782. | AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
  1783. | NULL:
  1784. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:19 +0100
  1785. | 220-We do not authorize the use of this system to transport unsolicited,
  1786. |_ and/or bulk e-mail.
  1787. | smtp-commands: esm11.siteground.biz Hello nmap.scanme.org [176.113.74.42], SIZE 52428800, 8BITMIME, DSN, VRFY, AUTH LOGIN PLAIN, STARTTLS, HELP,
  1788. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
  1789. | ssl-cert: Subject: commonName=*.siteground.biz/organizationalUnitName=Domain Control Validated
  1790. | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
  1791. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
  1792. | Public Key type: rsa
  1793. | Public Key bits: 2048
  1794. | Signature Algorithm: sha256WithRSAEncryption
  1795. | Not valid before: 2018-04-16T06:31:57
  1796. | Not valid after: 2019-06-14T08:30:37
  1797. | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
  1798. | SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
  1799. | -----BEGIN CERTIFICATE-----
  1800. | MIIF6jCCBNKgAwIBAgIMTbprr2lUvBK97vuHMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
  1801. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
  1802. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDQxNjA2MzE1N1oXDTE5MDYx
  1803. | NDA4MzAzN1owPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkw
  1804. | FwYDVQQDDBAqLnNpdGVncm91bmQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  1805. | MIIBCgKCAQEAzEoZ5JRBYkQEZtJLdpddPdn7AL5OSM4lB7RLfZTCqq4KeYqsC573
  1806. | Z+20HCexeorFf1sEhsRvJ/BZxPtUbkdoLTf1M6UVtKM6Jr/FqeEqxgr/Dy0sKnUq
  1807. | tAwmdw0ug/Mx8kb4rIafFtGi+pI7aeySCc7J8hjEseBaV5cNG/TiJne7SHoHZKuE
  1808. | Exnfh7KqAK8dZ01ExtoXV8x5RnNc/Ey4xzxItO8pPOBBctCRIaOp1mfo8Re/z1N7
  1809. | zRA65TSQn39VBu+cLWVt2SG0Y/a//GI18nwlv2mtRkTkZKJXI9yMNjw5TIVmKwZA
  1810. | rDwGSLocm6xIIYu7FPpjsy43Wm72gbPMNQIDAQABo4IC2DCCAtQwDgYDVR0PAQH/
  1811. | BAQDAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1
  1812. | cmUyLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1Bggr
  1813. | BgEFBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEy
  1814. | ZzIwVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBz
  1815. | Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNV
  1816. | HRMEAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNv
  1817. | bS9ncy9nc2FscGhhc2hhMmcyLmNybDArBgNVHREEJDAighAqLnNpdGVncm91bmQu
  1818. | Yml6gg5zaXRlZ3JvdW5kLmJpejAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
  1819. | AwIwHQYDVR0OBBYEFMKLp0z+2EfA3Zx0dYzaxVrX4cKSMB8GA1UdIwQYMBaAFPXN
  1820. | 1TwIUPlqTzq3l9pWg+Zp0mj3MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAh3W/
  1821. | 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFizScsbwAABAMASDBGAiEA
  1822. | ypzsZLygMQA1zXxMIC9fOPKkpzEkgJjn1r6jCgrHkxMCIQCNahsFqLCl1BZIKKfE
  1823. | UD8MxgVRsNb1xXHIs5V2lTQlVQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
  1824. | ZDaOHtGFAAABYs0nLckAAAQDAEYwRAIgYajfZEFbTIJrgQb4diVQ3RSTVrzWVDvp
  1825. | Kjz7md2aEj4CIDkJ3a+YDXES0wxjkg8s5d2tejrLvRKHwXe9aWceVdfHMA0GCSqG
  1826. | SIb3DQEBCwUAA4IBAQALdY+e2UZ3s4encxq6FfN1s7wtcZQ4108vQT/a5IeuWmU5
  1827. | UwJKjwKANHPmZHt9Il5NglW4Vjc3cVVL01mTKq4F8v9keG9+zaTKHDgAwSRp2i+j
  1828. | 1mls+nO8Vg7LecI4pCGikuJp8n6BVVB7vEiezeKv7YvHPKIEg2ykFzfuVsUINX5n
  1829. | 9a2GT9RWLLtkqEoYnw/Z1vFnVpgXmKCxBDckKXRybKXurCxCCk5e6cQMLXyjXMdC
  1830. | kCkwfUSokbD0/SmiO1k9o1IN+k13rCuZ5Ar5NdUDnSLgxt/Ba1NiWNBF0ZIN7NCL
  1831. | /4xuY+T1wYePT0pwiAH74QI4zC7XuR9hSqEpcAH8
  1832. |_-----END CERTIFICATE-----
  1833. 993/tcp open ssl/imap syn-ack Dovecot imapd
  1834. |_imap-capabilities: ID capabilities IMAP4rev1 Pre-login LITERAL+ IDLE AUTH=LOGINA0001 AUTH=PLAIN ENABLE SASL-IR LOGIN-REFERRALS more post-login NAMESPACE OK have listed
  1835. | ssl-cert: Subject: commonName=*.siteground.biz/organizationalUnitName=Domain Control Validated
  1836. | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
  1837. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
  1838. | Public Key type: rsa
  1839. | Public Key bits: 2048
  1840. | Signature Algorithm: sha256WithRSAEncryption
  1841. | Not valid before: 2018-04-16T06:31:57
  1842. | Not valid after: 2019-06-14T08:30:37
  1843. | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
  1844. | SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
  1845. | -----BEGIN CERTIFICATE-----
  1846. | MIIF6jCCBNKgAwIBAgIMTbprr2lUvBK97vuHMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
  1847. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
  1848. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDQxNjA2MzE1N1oXDTE5MDYx
  1849. | NDA4MzAzN1owPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkw
  1850. | FwYDVQQDDBAqLnNpdGVncm91bmQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  1851. | MIIBCgKCAQEAzEoZ5JRBYkQEZtJLdpddPdn7AL5OSM4lB7RLfZTCqq4KeYqsC573
  1852. | Z+20HCexeorFf1sEhsRvJ/BZxPtUbkdoLTf1M6UVtKM6Jr/FqeEqxgr/Dy0sKnUq
  1853. | tAwmdw0ug/Mx8kb4rIafFtGi+pI7aeySCc7J8hjEseBaV5cNG/TiJne7SHoHZKuE
  1854. | Exnfh7KqAK8dZ01ExtoXV8x5RnNc/Ey4xzxItO8pPOBBctCRIaOp1mfo8Re/z1N7
  1855. | zRA65TSQn39VBu+cLWVt2SG0Y/a//GI18nwlv2mtRkTkZKJXI9yMNjw5TIVmKwZA
  1856. | rDwGSLocm6xIIYu7FPpjsy43Wm72gbPMNQIDAQABo4IC2DCCAtQwDgYDVR0PAQH/
  1857. | BAQDAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1
  1858. | cmUyLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1Bggr
  1859. | BgEFBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEy
  1860. | ZzIwVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBz
  1861. | Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNV
  1862. | HRMEAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNv
  1863. | bS9ncy9nc2FscGhhc2hhMmcyLmNybDArBgNVHREEJDAighAqLnNpdGVncm91bmQu
  1864. | Yml6gg5zaXRlZ3JvdW5kLmJpejAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
  1865. | AwIwHQYDVR0OBBYEFMKLp0z+2EfA3Zx0dYzaxVrX4cKSMB8GA1UdIwQYMBaAFPXN
  1866. | 1TwIUPlqTzq3l9pWg+Zp0mj3MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAh3W/
  1867. | 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFizScsbwAABAMASDBGAiEA
  1868. | ypzsZLygMQA1zXxMIC9fOPKkpzEkgJjn1r6jCgrHkxMCIQCNahsFqLCl1BZIKKfE
  1869. | UD8MxgVRsNb1xXHIs5V2lTQlVQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
  1870. | ZDaOHtGFAAABYs0nLckAAAQDAEYwRAIgYajfZEFbTIJrgQb4diVQ3RSTVrzWVDvp
  1871. | Kjz7md2aEj4CIDkJ3a+YDXES0wxjkg8s5d2tejrLvRKHwXe9aWceVdfHMA0GCSqG
  1872. | SIb3DQEBCwUAA4IBAQALdY+e2UZ3s4encxq6FfN1s7wtcZQ4108vQT/a5IeuWmU5
  1873. | UwJKjwKANHPmZHt9Il5NglW4Vjc3cVVL01mTKq4F8v9keG9+zaTKHDgAwSRp2i+j
  1874. | 1mls+nO8Vg7LecI4pCGikuJp8n6BVVB7vEiezeKv7YvHPKIEg2ykFzfuVsUINX5n
  1875. | 9a2GT9RWLLtkqEoYnw/Z1vFnVpgXmKCxBDckKXRybKXurCxCCk5e6cQMLXyjXMdC
  1876. | kCkwfUSokbD0/SmiO1k9o1IN+k13rCuZ5Ar5NdUDnSLgxt/Ba1NiWNBF0ZIN7NCL
  1877. | /4xuY+T1wYePT0pwiAH74QI4zC7XuR9hSqEpcAH8
  1878. |_-----END CERTIFICATE-----
  1879. |_ssl-date: 2019-02-23T08:59:22+00:00; 0s from scanner time.
  1880. 2525/tcp open smtp syn-ack
  1881. | fingerprint-strings:
  1882. | GenericLines:
  1883. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:30 +0100
  1884. | 220-We do not authorize the use of this system to transport unsolicited,
  1885. | and/or bulk e-mail.
  1886. | unrecognized command
  1887. | unrecognized command
  1888. | GetRequest:
  1889. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:19 +0100
  1890. | 220-We do not authorize the use of this system to transport unsolicited,
  1891. | and/or bulk e-mail.
  1892. | unrecognized command
  1893. | unrecognized command
  1894. | Hello:
  1895. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:36 +0100
  1896. | 220-We do not authorize the use of this system to transport unsolicited,
  1897. | and/or bulk e-mail.
  1898. | Help:
  1899. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:43 +0100
  1900. | 220-We do not authorize the use of this system to transport unsolicited,
  1901. | and/or bulk e-mail.
  1902. | 214-Commands supported:
  1903. | AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
  1904. | NULL:
  1905. | 220-esm11.siteground.biz ESMTP #148 Sat, 23 Feb 2019 09:58:19 +0100
  1906. | 220-We do not authorize the use of this system to transport unsolicited,
  1907. |_ and/or bulk e-mail.
  1908. | smtp-commands: esm11.siteground.biz Hello nmap.scanme.org [176.113.74.42], SIZE 52428800, 8BITMIME, DSN, VRFY, AUTH LOGIN PLAIN, STARTTLS, HELP,
  1909. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP VRFY
  1910. | ssl-cert: Subject: commonName=*.siteground.biz/organizationalUnitName=Domain Control Validated
  1911. | Subject Alternative Name: DNS:*.siteground.biz, DNS:siteground.biz
  1912. | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
  1913. | Public Key type: rsa
  1914. | Public Key bits: 2048
  1915. | Signature Algorithm: sha256WithRSAEncryption
  1916. | Not valid before: 2018-04-16T06:31:57
  1917. | Not valid after: 2019-06-14T08:30:37
  1918. | MD5: 2393 d064 27a6 fb25 28e5 4c07 d6db c90b
  1919. | SHA-1: 6813 0f8c c3ba 91ec 0bb3 66d9 09d8 5e59 bc55 7c7b
  1920. | -----BEGIN CERTIFICATE-----
  1921. | MIIF6jCCBNKgAwIBAgIMTbprr2lUvBK97vuHMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
  1922. | BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
  1923. | bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDQxNjA2MzE1N1oXDTE5MDYx
  1924. | NDA4MzAzN1owPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkw
  1925. | FwYDVQQDDBAqLnNpdGVncm91bmQuYml6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  1926. | MIIBCgKCAQEAzEoZ5JRBYkQEZtJLdpddPdn7AL5OSM4lB7RLfZTCqq4KeYqsC573
  1927. | Z+20HCexeorFf1sEhsRvJ/BZxPtUbkdoLTf1M6UVtKM6Jr/FqeEqxgr/Dy0sKnUq
  1928. | tAwmdw0ug/Mx8kb4rIafFtGi+pI7aeySCc7J8hjEseBaV5cNG/TiJne7SHoHZKuE
  1929. | Exnfh7KqAK8dZ01ExtoXV8x5RnNc/Ey4xzxItO8pPOBBctCRIaOp1mfo8Re/z1N7
  1930. | zRA65TSQn39VBu+cLWVt2SG0Y/a//GI18nwlv2mtRkTkZKJXI9yMNjw5TIVmKwZA
  1931. | rDwGSLocm6xIIYu7FPpjsy43Wm72gbPMNQIDAQABo4IC2DCCAtQwDgYDVR0PAQH/
  1932. | BAQDAgWgMIGJBggrBgEFBQcBAQR9MHswQgYIKwYBBQUHMAKGNmh0dHA6Ly9zZWN1
  1933. | cmUyLmFscGhhc3NsLmNvbS9jYWNlcnQvZ3NhbHBoYXNoYTJnMnIxLmNydDA1Bggr
  1934. | BgEFBQcwAYYpaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzYWxwaGFzaGEy
  1935. | ZzIwVwYDVR0gBFAwTjBCBgorBgEEAaAyAQoKMDQwMgYIKwYBBQUHAgEWJmh0dHBz
  1936. | Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNV
  1937. | HRMEAjAAMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwyLmFscGhhc3NsLmNv
  1938. | bS9ncy9nc2FscGhhc2hhMmcyLmNybDArBgNVHREEJDAighAqLnNpdGVncm91bmQu
  1939. | Yml6gg5zaXRlZ3JvdW5kLmJpejAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
  1940. | AwIwHQYDVR0OBBYEFMKLp0z+2EfA3Zx0dYzaxVrX4cKSMB8GA1UdIwQYMBaAFPXN
  1941. | 1TwIUPlqTzq3l9pWg+Zp0mj3MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAh3W/
  1942. | 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFizScsbwAABAMASDBGAiEA
  1943. | ypzsZLygMQA1zXxMIC9fOPKkpzEkgJjn1r6jCgrHkxMCIQCNahsFqLCl1BZIKKfE
  1944. | UD8MxgVRsNb1xXHIs5V2lTQlVQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
  1945. | ZDaOHtGFAAABYs0nLckAAAQDAEYwRAIgYajfZEFbTIJrgQb4diVQ3RSTVrzWVDvp
  1946. | Kjz7md2aEj4CIDkJ3a+YDXES0wxjkg8s5d2tejrLvRKHwXe9aWceVdfHMA0GCSqG
  1947. | SIb3DQEBCwUAA4IBAQALdY+e2UZ3s4encxq6FfN1s7wtcZQ4108vQT/a5IeuWmU5
  1948. | UwJKjwKANHPmZHt9Il5NglW4Vjc3cVVL01mTKq4F8v9keG9+zaTKHDgAwSRp2i+j
  1949. | 1mls+nO8Vg7LecI4pCGikuJp8n6BVVB7vEiezeKv7YvHPKIEg2ykFzfuVsUINX5n
  1950. | 9a2GT9RWLLtkqEoYnw/Z1vFnVpgXmKCxBDckKXRybKXurCxCCk5e6cQMLXyjXMdC
  1951. | kCkwfUSokbD0/SmiO1k9o1IN+k13rCuZ5Ar5NdUDnSLgxt/Ba1NiWNBF0ZIN7NCL
  1952. | /4xuY+T1wYePT0pwiAH74QI4zC7XuR9hSqEpcAH8
  1953. |_-----END CERTIFICATE-----
  1954. 4001/tcp closed newoak conn-refused
  1955. 5432/tcp closed postgresql conn-refused
  1956. 34571/tcp closed unknown conn-refused
  1957. 34572/tcp closed unknown conn-refused
  1958. 34573/tcp closed unknown conn-refused
  1959. 4 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
  1960. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  1961. SF-Port53-TCP:V=7.70%I=7%D=2/23%Time=5C710B36%P=x86_64-pc-linux-gnu%r(DNSV
  1962. SF:ersionBindReqTCP,41,"\0\?\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\
  1963. SF:x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\x
  1964. SF:0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c");
  1965. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  1966. SF-Port465-TCP:V=7.70%T=SSL%I=7%D=2/23%Time=5C710B38%P=x86_64-pc-linux-gnu
  1967. SF:%r(NULL,AA,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x
  1968. SF:20Feb\x202019\x2009:58:26\x20\+0100\x20\r\n220-We\x20do\x20not\x20autho
  1969. SF:rize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsoli
  1970. SF:cited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(Hello,AA,"220-e
  1971. SF:sm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x20
  1972. SF:09:58:26\x20\+0100\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20us
  1973. SF:e\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220
  1974. SF:\x20and/or\x20bulk\x20e-mail\.\r\n")%r(Help,104,"220-esm11\.siteground\
  1975. SF:.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x2009:58:40\x20\+010
  1976. SF:0\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x
  1977. SF:20system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bul
  1978. SF:k\x20e-mail\.\r\n214-Commands\x20supported:\r\n214\x20AUTH\x20HELO\x20E
  1979. SF:HLO\x20MAIL\x20RCPT\x20DATA\x20BDAT\x20NOOP\x20QUIT\x20RSET\x20HELP\x20
  1980. SF:VRFY\r\n")%r(GenericLines,DE,"220-esm11\.siteground\.biz\x20ESMTP\x20#1
  1981. SF:48\x20Sat,\x2023\x20Feb\x202019\x2009:58:47\x20\+0100\x20\r\n220-We\x20
  1982. SF:do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20t
  1983. SF:ransport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n50
  1984. SF:0\x20unrecognized\x20command\r\n500\x20unrecognized\x20command\r\n")%r(
  1985. SF:GetRequest,DE,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x202
  1986. SF:3\x20Feb\x202019\x2009:58:53\x20\+0100\x20\r\n220-We\x20do\x20not\x20au
  1987. SF:thorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20uns
  1988. SF:olicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unrecogniz
  1989. SF:ed\x20command\r\n500\x20unrecognized\x20command\r\n");
  1990. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  1991. SF-Port587-TCP:V=7.70%I=7%D=2/23%Time=5C710B31%P=x86_64-pc-linux-gnu%r(NUL
  1992. SF:L,AA,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\
  1993. SF:x202019\x2009:58:19\x20\+0100\x20\r\n220-We\x20do\x20not\x20authorize\x
  1994. SF:20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,
  1995. SF:\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(GenericLines,DE,"220-
  1996. SF:esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x2
  1997. SF:009:58:19\x20\+0100\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20u
  1998. SF:se\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n22
  1999. SF:0\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\r\n50
  2000. SF:0\x20unrecognized\x20command\r\n")%r(Hello,AA,"220-esm11\.siteground\.b
  2001. SF:iz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x2009:58:30\x20\+0100\
  2002. SF:x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20
  2003. SF:system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\
  2004. SF:x20e-mail\.\r\n")%r(Help,10D,"220-esm11\.siteground\.biz\x20ESMTP\x20#1
  2005. SF:48\x20Sat,\x2023\x20Feb\x202019\x2009:58:38\x20\+0100\x20\r\n220-We\x20
  2006. SF:do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20t
  2007. SF:ransport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n21
  2008. SF:4-Commands\x20supported:\r\n214\x20AUTH\x20STARTTLS\x20HELO\x20EHLO\x20
  2009. SF:MAIL\x20RCPT\x20DATA\x20BDAT\x20NOOP\x20QUIT\x20RSET\x20HELP\x20VRFY\r\
  2010. SF:n")%r(GetRequest,DE,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat
  2011. SF:,\x2023\x20Feb\x202019\x2009:58:46\x20\+0100\x20\r\n220-We\x20do\x20not
  2012. SF:\x20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\
  2013. SF:x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unre
  2014. SF:cognized\x20command\r\n500\x20unrecognized\x20command\r\n");
  2015. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  2016. SF-Port2525-TCP:V=7.70%I=7%D=2/23%Time=5C710B31%P=x86_64-pc-linux-gnu%r(NU
  2017. SF:LL,AA,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb
  2018. SF:\x202019\x2009:58:19\x20\+0100\x20\r\n220-We\x20do\x20not\x20authorize\
  2019. SF:x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20unsolicited
  2020. SF:,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n")%r(GetRequest,DE,"220-e
  2021. SF:sm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x20
  2022. SF:09:58:19\x20\+0100\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20us
  2023. SF:e\x20of\x20this\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220
  2024. SF:\x20and/or\x20bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\r\n500
  2025. SF:\x20unrecognized\x20command\r\n")%r(GenericLines,DE,"220-esm11\.sitegro
  2026. SF:und\.biz\x20ESMTP\x20#148\x20Sat,\x2023\x20Feb\x202019\x2009:58:30\x20\
  2027. SF:+0100\x20\r\n220-We\x20do\x20not\x20authorize\x20the\x20use\x20of\x20th
  2028. SF:is\x20system\x20to\x20transport\x20unsolicited,\x20\r\n220\x20and/or\x2
  2029. SF:0bulk\x20e-mail\.\r\n500\x20unrecognized\x20command\r\n500\x20unrecogni
  2030. SF:zed\x20command\r\n")%r(Hello,AA,"220-esm11\.siteground\.biz\x20ESMTP\x2
  2031. SF:0#148\x20Sat,\x2023\x20Feb\x202019\x2009:58:36\x20\+0100\x20\r\n220-We\
  2032. SF:x20do\x20not\x20authorize\x20the\x20use\x20of\x20this\x20system\x20to\x
  2033. SF:20transport\x20unsolicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\
  2034. SF:n")%r(Help,10D,"220-esm11\.siteground\.biz\x20ESMTP\x20#148\x20Sat,\x20
  2035. SF:23\x20Feb\x202019\x2009:58:43\x20\+0100\x20\r\n220-We\x20do\x20not\x20a
  2036. SF:uthorize\x20the\x20use\x20of\x20this\x20system\x20to\x20transport\x20un
  2037. SF:solicited,\x20\r\n220\x20and/or\x20bulk\x20e-mail\.\r\n214-Commands\x20
  2038. SF:supported:\r\n214\x20AUTH\x20STARTTLS\x20HELO\x20EHLO\x20MAIL\x20RCPT\x
  2039. SF:20DATA\x20BDAT\x20NOOP\x20QUIT\x20RSET\x20HELP\x20VRFY\r\n");
  2040. Device type: general purpose|WAP
  2041. Running (JUST GUESSING): Linux 2.6.X|4.X|3.X|2.4.X (92%)
  2042. OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:3.18 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22
  2043. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  2044. Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 4.9 (86%), Linux 3.18 (86%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (85%), OpenWrt White Russian 0.9 (Linux 2.4.30) (85%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (85%)
  2045. No exact OS matches for host (test conditions non-ideal).
  2046. TCP/IP fingerprint:
  2047. SCAN(V=7.70%E=4%D=2/23%OT=53%CT=25%CU=%PV=N%DS=9%DC=T%G=N%TM=5C710B7F%P=x86_64-pc-linux-gnu)
  2048. SEQ(SP=106%GCD=1%ISR=10A%TI=Z%CI=Z%TS=U)
  2049. SEQ(SP=106%GCD=1%ISR=10A%TI=Z%CI=Z%II=I%TS=U)
  2050. OPS(O1=M4B3NNSNW8%O2=M4B3NNSNW8%O3=M4B3NW8%O4=M4B3NNSNW8%O5=M4B3NNSNW8%O6=M4B3NNS)
  2051. WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)
  2052. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW8%CC=Y%Q=)
  2053. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  2054. T2(R=N)
  2055. T3(R=N)
  2056. T4(R=N)
  2057. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  2058. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  2059. T7(R=N)
  2060. U1(R=N)
  2061. IE(R=Y%DFI=N%TG=40%CD=S)
  2062.  
  2063. Network Distance: 9 hops
  2064. TCP Sequence Prediction: Difficulty=262 (Good luck!)
  2065. IP ID Sequence Generation: All zeros
  2066.  
  2067. Host script results:
  2068. |_clock-skew: mean: 0s, deviation: 0s, median: 0s
  2069.  
  2070. TRACEROUTE (using proto 1/icmp)
  2071. HOP RTT ADDRESS
  2072. 1 21.71 ms 10.246.200.1
  2073. 2 22.20 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  2074. 3 39.04 ms irb-0.agg1.qc1.ca.m247.com (37.120.128.168)
  2075. 4 22.81 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
  2076. 5 22.03 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
  2077. 6 22.24 ms 4.68.127.229
  2078. 7 105.95 ms ae-2-6.ear1.Amsterdam1.Level3.net (4.69.153.190)
  2079. 8 108.67 ms GIGLINX-INC.ear1.Amsterdam1.Level3.net (213.19.196.74)
  2080. 9 102.97 ms ip-77-104-148-191.siteground.com (77.104.148.191)
  2081.  
  2082. NSE: Script Post-scanning.
  2083. NSE: Starting runlevel 1 (of 2) scan.
  2084. Initiating NSE at 03:59
  2085. Completed NSE at 03:59, 0.00s elapsed
  2086. NSE: Starting runlevel 2 (of 2) scan.
  2087. Initiating NSE at 03:59
  2088. Completed NSE at 03:59, 0.00s elapsed
  2089. Read data files from: /usr/bin/../share/nmap
  2090. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2091. Nmap done: 1 IP address (1 host up) scanned in 108.93 seconds
  2092. Raw packets sent: 84 (6.900KB) | Rcvd: 44 (2.740KB)
  2093. #######################################################################################################################################
  2094. Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-23 03:59 EST
  2095. NSE: Loaded 148 scripts for scanning.
  2096. NSE: Script Pre-scanning.
  2097. Initiating NSE at 03:59
  2098. Completed NSE at 03:59, 0.00s elapsed
  2099. Initiating NSE at 03:59
  2100. Completed NSE at 03:59, 0.00s elapsed
  2101. Initiating Parallel DNS resolution of 1 host. at 03:59
  2102. Completed Parallel DNS resolution of 1 host. at 04:00, 16.50s elapsed
  2103. Initiating UDP Scan at 04:00
  2104. Scanning 77.104.148.191 [14 ports]
  2105. Discovered open port 53/udp on 77.104.148.191
  2106. Completed UDP Scan at 04:00, 1.53s elapsed (14 total ports)
  2107. Initiating Service scan at 04:00
  2108. Scanning 12 services on 77.104.148.191
  2109. Service scan Timing: About 16.67% done; ETC: 04:09 (0:08:10 remaining)
  2110. Completed Service scan at 04:01, 102.59s elapsed (12 services on 1 host)
  2111. Initiating OS detection (try #1) against 77.104.148.191
  2112. Retrying OS detection (try #2) against 77.104.148.191
  2113. Initiating Traceroute at 04:01
  2114. Completed Traceroute at 04:01, 7.10s elapsed
  2115. Initiating Parallel DNS resolution of 1 host. at 04:01
  2116. Completed Parallel DNS resolution of 1 host. at 04:02, 16.50s elapsed
  2117. NSE: Script scanning 77.104.148.191.
  2118. Initiating NSE at 04:02
  2119. Completed NSE at 04:02, 20.23s elapsed
  2120. Initiating NSE at 04:02
  2121. Completed NSE at 04:02, 1.02s elapsed
  2122. Nmap scan report for 77.104.148.191
  2123. Host is up (0.062s latency).
  2124.  
  2125. PORT STATE SERVICE VERSION
  2126. 53/udp open domain (unknown banner: donuts)
  2127. | dns-nsid:
  2128. |_ bind.version: donuts
  2129. | fingerprint-strings:
  2130. | DNSVersionBindReq:
  2131. | version
  2132. | bind
  2133. | donuts
  2134. | NBTStat:
  2135. |_ CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
  2136. 67/udp open|filtered dhcps
  2137. 68/udp open|filtered dhcpc
  2138. 69/udp open|filtered tftp
  2139. 88/udp open|filtered kerberos-sec
  2140. 123/udp open|filtered ntp
  2141. 137/udp filtered netbios-ns
  2142. 138/udp filtered netbios-dgm
  2143. 139/udp open|filtered netbios-ssn
  2144. 161/udp open|filtered snmp
  2145. 162/udp open|filtered snmptrap
  2146. 389/udp open|filtered ldap
  2147. 520/udp open|filtered route
  2148. 2049/udp open|filtered nfs
  2149. 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
  2150. SF-Port53-UDP:V=7.70%I=7%D=2/23%Time=5C710B96%P=x86_64-pc-linux-gnu%r(DNSV
  2151. SF:ersionBindReq,3F,"\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07version\x04bind
  2152. SF:\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x07\x06donuts\xc0\x0c\0\x0
  2153. SF:2\0\x03\0\0\0\0\0\x02\xc0\x0c")%r(DNSStatusRequest,C,"\0\0\x90\x04\0\0\
  2154. SF:0\0\0\0\0\0")%r(NBTStat,32,"\x80\xf0\x80\x15\0\x01\0\0\0\0\0\0\x20CKAAA
  2155. SF:AAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01");
  2156. Too many fingerprints match this host to give specific OS details
  2157.  
  2158. TRACEROUTE (using port 137/udp)
  2159. HOP RTT ADDRESS
  2160. 1 21.21 ms 10.246.200.1
  2161. 2 ... 3
  2162. 4 21.43 ms 10.246.200.1
  2163. 5 22.66 ms 10.246.200.1
  2164. 6 22.65 ms 10.246.200.1
  2165. 7 22.63 ms 10.246.200.1
  2166. 8 22.62 ms 10.246.200.1
  2167. 9 22.63 ms 10.246.200.1
  2168. 10 22.64 ms 10.246.200.1
  2169. 11 ... 18
  2170. 19 20.84 ms 10.246.200.1
  2171. 20 21.70 ms 10.246.200.1
  2172. 21 ... 28
  2173. 29 23.01 ms 10.246.200.1
  2174. 30 22.54 ms 10.246.200.1
  2175.  
  2176. NSE: Script Post-scanning.
  2177. Initiating NSE at 04:02
  2178. Completed NSE at 04:02, 0.00s elapsed
  2179. Initiating NSE at 04:02
  2180. Completed NSE at 04:02, 0.00s elapsed
  2181. Read data files from: /usr/bin/../share/nmap
  2182. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2183. Nmap done: 1 IP address (1 host up) scanned in 169.51 seconds
  2184. Raw packets sent: 134 (11.580KB) | Rcvd: 31 (3.614KB)
  2185. #######################################################################################################################################
  2186. ---------------------------------------------------------------------------------------------------------------------------------------
  2187. + Target IP: 77.104.148.191
  2188. + Target Hostname: 77.104.148.191
  2189. + Target Port: 443
  2190. + Start Time: 2019-02-23 03:19:02 (GMT-5)
  2191. ---------------------------------------------------------------------------------------------------------------------------------------
  2192. + Server: nginx
  2193. + The anti-clickjacking X-Frame-Options header is not present.
  2194. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  2195. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  2196. + No CGI Directories found (use '-C all' to force check all possible dirs)
  2197. + 7536 requests: 0 error(s) and 3 item(s) reported on remote host
  2198. + End Time: 2019-02-23 03:45:59 (GMT-5) (1617 seconds)
  2199. ---------------------------------------------------------------------------------------------------------------------------------------
  2200. #######################################################################################################################################
  2201. [-] Date & Time: 21/02/2019 22:26:13
  2202. [I] Threads: 5
  2203. [-] Target: http://scaa.gov.sd/ar (77.104.148.191)
  2204. [M] Website Not in HTTPS: http://scaa.gov.sd/ar
  2205. [L] X-Frame-Options: Not Enforced
  2206. [I] Strict-Transport-Security: Not Enforced
  2207. [I] X-Content-Security-Policy: Not Enforced
  2208. [I] X-Content-Type-Options: Not Enforced
  2209. [L] Robots.txt Found: http://scaa.gov.sd/ar/robots.txt
  2210. [I] CMS Detection: Joomla
  2211. [I] Joomla Version: 3.3.6
  2212. [M] EDB-ID: 46200 "Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings"
  2213. [M] EDB-ID: 42033 "Joomla! 3.7.0 - 'com_fields' SQL Injection"
  2214. [M] EDB-ID: 40637 "Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation"
  2215. [M] EDB-ID: 41157 "Joomla! < 3.6.4 - Admin Takeover"
  2216. [M] EDB-ID: 38977 "Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution"
  2217. [M] EDB-ID: 39033 "Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution"
  2218. [M] EDB-ID: 38534 "Joomla! 3.2.x < 3.4.4 - SQL Injection"
  2219. [I] Joomla Website Template: sj_lifemag
  2220. [I] Joomla Administrator Template: isis
  2221. [-] Enumerating Joomla Usernames via "Feed" ...
  2222. [I] Super User: info@airline
  2223. [I] Autocomplete Off Not Found: http://scaa.gov.sd/ar/administrator/index.php
  2224. [-] Joomla Default Files:
  2225. [-] Joomla is likely to have a large number of default files
  2226. [-] Would you like to list them all?
  2227. [y/N]: y
  2228. [I] http://scaa.gov.sd/ar/LICENSE.txt
  2229. [I] http://scaa.gov.sd/ar/README.txt
  2230. [I] http://scaa.gov.sd/ar/administrator/cache/index.html
  2231. [I] http://scaa.gov.sd/ar/administrator/components/com_banners/sql/install.mysql.utf8.sql
  2232. [I] http://scaa.gov.sd/ar/administrator/components/com_banners/sql/uninstall.mysql.utf8.sql
  2233. [I] http://scaa.gov.sd/ar/administrator/components/com_contact/sql/install.mysql.utf8.sql
  2234. [I] http://scaa.gov.sd/ar/administrator/components/com_contact/sql/uninstall.mysql.utf8.sql
  2235. [I] http://scaa.gov.sd/ar/administrator/components/com_newsfeeds/sql/install.mysql.utf8.sql
  2236. [I] http://scaa.gov.sd/ar/administrator/components/com_newsfeeds/sql/uninstall.mysql.utf8.sql
  2237. [I] http://scaa.gov.sd/ar/administrator/language/overrides/index.html
  2238. [I] http://scaa.gov.sd/ar/administrator/manifests/packages/index.html
  2239. [I] http://scaa.gov.sd/ar/administrator/templates/hathor/LICENSE.txt
  2240. [I] http://scaa.gov.sd/ar/bin/index.html
  2241. [I] http://scaa.gov.sd/ar/cli/index.html
  2242. [I] http://scaa.gov.sd/ar/components/index.html
  2243. [I] http://scaa.gov.sd/ar/htaccess.txt
  2244. [I] http://scaa.gov.sd/ar/images/index.html
  2245. [I] http://scaa.gov.sd/ar/includes/index.html
  2246. [I] http://scaa.gov.sd/ar/language/index.html
  2247. [I] http://scaa.gov.sd/ar/language/overrides/index.html
  2248. [I] http://scaa.gov.sd/ar/layouts/index.html
  2249. [I] http://scaa.gov.sd/ar/libraries/fof/LICENSE.txt
  2250. [I] http://scaa.gov.sd/ar/libraries/fof/version.txt
  2251. [I] http://scaa.gov.sd/ar/libraries/idna_convert/ReadMe.txt
  2252. [I] http://scaa.gov.sd/ar/libraries/index.html
  2253. [I] http://scaa.gov.sd/ar/media/editors/tinymce/changelog.txt
  2254. [I] http://scaa.gov.sd/ar/media/editors/tinymce/license.txt
  2255. [I] http://scaa.gov.sd/ar/media/editors/tinymce/plugins/example/dialog.html
  2256. [I] http://scaa.gov.sd/ar/media/editors/tinymce/templates/layout1.html
  2257. [I] http://scaa.gov.sd/ar/media/editors/tinymce/templates/snippet1.html
  2258. [I] http://scaa.gov.sd/ar/media/index.html
  2259. [I] http://scaa.gov.sd/ar/media/jui/fonts/icomoon-license.txt
  2260. [I] http://scaa.gov.sd/ar/modules/index.html
  2261. [I] http://scaa.gov.sd/ar/plugins/index.html
  2262. [I] http://scaa.gov.sd/ar/templates/index.html
  2263. [I] http://scaa.gov.sd/ar/web.config.txt
  2264. [-] Searching Joomla Components ...
  2265. [I] mod_bm_slider_for_k2
  2266. [I] mod_maximenuck
  2267. [I] mod_news_show_sp2
  2268. [I] mod_sp_news_highlighter
  2269. [I] mod_xperttabs
  2270. [I] Checking for Directory Listing Enabled ...
  2271. [-] Date & Time: 21/02/2019 22:30:40
  2272. [-] Completed in: 0:04:26
  2273. #######################################################################################################################################
  2274. Anonymous JTSEC #OpSudan Full Recon #20
RAW Paste Data