API tools faq
paste
Advertisement
JTSEC1333

Anonymous JTSEC #OpSudan Full Recon #48

JTSEC1333
Mar 24th, 2019
734
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 54.77 KB | None | 0 0
raw download clone embed print report
  1. #######################################################################################################################################
  2. =======================================================================================================================================
  3. Hostname www.trafficpolice.gov.sd ISP NICDC
  4. Continent Africa Flag
  5. SD
  6. Country Sudan Country Code SD
  7. Region Unknown Local time 24 Mar 2019 01:41 CAT
  8. City Unknown Postal Code Unknown
  9. IP Address 62.12.105.3 Latitude 15
  10. Longitude 30
  11. =======================================================================================================================================
  12. #######################################################################################################################################
  13. > trafficpolice.gov.sd
  14. Server: 38.132.106.139
  15. Address: 38.132.106.139#53
  16.  
  17. Non-authoritative answer:
  18. Name: trafficpolice.gov.sd
  19. Address: 62.12.105.3
  20. >
  21. #######################################################################################################################################
  22. HostIP:62.12.105.3
  23. HostName:www.trafficpolice.gov.sd
  24.  
  25. Gathered Inet-whois information for 62.12.105.3
  26. ---------------------------------------------------------------------------------------------------------------------------------------
  27.  
  28.  
  29. inetnum: 62.12.96.0 - 62.12.127.255
  30. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  31. descr: IPv4 address block not managed by the RIPE NCC
  32. remarks: ------------------------------------------------------
  33. remarks:
  34. remarks: For registration information,
  35. remarks: you can consult the following sources:
  36. remarks:
  37. remarks: IANA
  38. remarks: http://www.iana.org/assignments/ipv4-address-space
  39. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
  40. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
  41. remarks:
  42. remarks: AFRINIC (Africa)
  43. remarks: http://www.afrinic.net/ whois.afrinic.net
  44. remarks:
  45. remarks: APNIC (Asia Pacific)
  46. remarks: http://www.apnic.net/ whois.apnic.net
  47. remarks:
  48. remarks: ARIN (Northern America)
  49. remarks: http://www.arin.net/ whois.arin.net
  50. remarks:
  51. remarks: LACNIC (Latin America and the Carribean)
  52. remarks: http://www.lacnic.net/ whois.lacnic.net
  53. remarks:
  54. remarks: ------------------------------------------------------
  55. country: EU # Country is really world wide
  56. admin-c: IANA1-RIPE
  57. tech-c: IANA1-RIPE
  58. status: ALLOCATED UNSPECIFIED
  59. mnt-by: RIPE-NCC-HM-MNT
  60. created: 2019-01-07T10:46:54Z
  61. last-modified: 2019-01-07T10:46:54Z
  62. source: RIPE
  63.  
  64. role: Internet Assigned Numbers Authority
  65. address: see http://www.iana.org.
  66. admin-c: IANA1-RIPE
  67. tech-c: IANA1-RIPE
  68. nic-hdl: IANA1-RIPE
  69. remarks: For more information on IANA services
  70. remarks: go to IANA web site at http://www.iana.org.
  71. mnt-by: RIPE-NCC-MNT
  72. created: 1970-01-01T00:00:00Z
  73. last-modified: 2001-09-22T09:31:27Z
  74. source: RIPE # Filtered
  75.  
  76. % This query was served by the RIPE Database Query Service version 1.93.2 (WAGYU)
  77.  
  78.  
  79.  
  80. Gathered Inic-whois information for trafficpolice.gov.sd
  81. ---------------------------------------------------------------------------------------------------------------------------------------
  82. Error: Unable to connect - Invalid Host
  83. ERROR: Connection to InicWhois Server sd.whois-servers.net failed
  84. close error
  85.  
  86. Gathered Netcraft information for www.trafficpolice.gov.sd
  87. ---------------------------------------------------------------------------------------------------------------------------------------
  88.  
  89. Retrieving Netcraft.com information for www.trafficpolice.gov.sd
  90. Netcraft.com Information gathered
  91.  
  92. Gathered Subdomain information for trafficpolice.gov.sd
  93. ---------------------------------------------------------------------------------------------------------------------------------------
  94. Searching Google.com:80...
  95. Searching Altavista.com:80...
  96. Found 0 possible subdomain(s) for host trafficpolice.gov.sd, Searched 0 pages containing 0 results
  97.  
  98. Gathered E-Mail information for trafficpolice.gov.sd
  99. --------------------------------------------------------------------------------------------------------------------------------------
  100. Searching Google.com:80...
  101. Searching Altavista.com:80...
  102. Found 0 E-Mail(s) for host trafficpolice.gov.sd, Searched 0 pages containing 0 results
  103.  
  104. Gathered TCP Port information for 62.12.105.3
  105. ---------------------------------------------------------------------------------------------------------------------------------------
  106.  
  107. Port State
  108.  
  109. 21/tcp open
  110. 80/tcp open
  111. 110/tcp open
  112. 143/tcp open
  113.  
  114. Portscan Finished: Scanned 150 ports, 5 ports were in state closed
  115. #######################################################################################################################################
  116. [i] Scanning Site: http://www.trafficpolice.gov.sd
  117.  
  118.  
  119.  
  120. B A S I C I N F O
  121. =======================================================================================================================================
  122.  
  123.  
  124. [+] Site Title:
  125. الإدارة العامة للمرور
  126.  
  127. [+] IP address: 62.12.105.3
  128. [+] Web Server: Could Not Detect
  129. [+] CMS: Could Not Detect
  130. [+] Cloudflare: Not Detected
  131. [+] Robots File: Could NOT Find robots.txt!
  132.  
  133.  
  134.  
  135.  
  136.  
  137.  
  138. G E O I P L O O K U P
  139. =======================================================================================================================================
  140.  
  141. [i] IP Address: 62.12.105.3
  142. [i] Country: Sudan
  143. [i] State:
  144. [i] City:
  145. [i] Latitude: 15.0
  146. [i] Longitude: 30.0
  147.  
  148.  
  149.  
  150.  
  151. H T T P H E A D E R S
  152. =======================================================================================================================================
  153.  
  154.  
  155. [i] HTTP/1.1 200 OK
  156. [i] Cache-Control: private
  157. [i] Content-Type: text/html; charset=utf-8
  158. [i] Vary: Accept-Encoding
  159. [i] Set-Cookie: ASP.NET_SessionId=lx4fne1j2dqlhaphjasfq1jc; path=/; HttpOnly
  160. [i] X-AspNet-Version: 4.0.30319
  161. [i] X-Powered-By: ASP.NET
  162. [i] X-Powered-By-Plesk: PleskWin
  163. [i] Date: Sat, 23 Mar 2019 23:53:32 GMT
  164. [i] Connection: close
  165.  
  166.  
  167.  
  168.  
  169. D N S L O O K U P
  170. =======================================================================================================================================
  171.  
  172. trafficpolice.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018111500 10800 900 604800 86400
  173. trafficpolice.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
  174. trafficpolice.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
  175. trafficpolice.gov.sd. 21599 IN A 62.12.105.3
  176. trafficpolice.gov.sd. 21599 IN MX 10 f03-web01.nic.gov.sd.
  177. trafficpolice.gov.sd. 21599 IN TXT "v=spf1 mx -all"
  178.  
  179.  
  180.  
  181.  
  182. S U B N E T C A L C U L A T I O N
  183. =======================================================================================================================================
  184.  
  185. Address = 62.12.105.3
  186. Network = 62.12.105.3 / 32
  187. Netmask = 255.255.255.255
  188. Broadcast = not needed on Point-to-Point links
  189. Wildcard Mask = 0.0.0.0
  190. Hosts Bits = 0
  191. Max. Hosts = 1 (2^0 - 0)
  192. Host Range = { 62.12.105.3 - 62.12.105.3 }
  193.  
  194.  
  195.  
  196. N M A P P O R T S C A N
  197. =======================================================================================================================================
  198.  
  199. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 23:53 UTC
  200. Nmap scan report for trafficpolice.gov.sd (62.12.105.3)
  201. Host is up (0.20s latency).
  202. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  203.  
  204. PORT STATE SERVICE
  205. 21/tcp open ftp
  206. 22/tcp filtered ssh
  207. 23/tcp filtered telnet
  208. 80/tcp open http
  209. 110/tcp open pop3
  210. 143/tcp open imap
  211. 443/tcp open https
  212. 3389/tcp filtered ms-wbt-server
  213.  
  214. Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds
  215.  
  216. #######################################################################################################################################
  217. [?] Enter the target: example( http://domain.com )
  218. http://www.trafficpolice.gov.sd/
  219. [!] IP Address : 62.12.105.3
  220. [!] www.trafficpolice.gov.sd doesn't seem to use a CMS
  221. [+] Honeypot Probabilty: 0%
  222. ---------------------------------------------------------------------------------------------------------------------------------------
  223. [~] Trying to gather whois information for www.trafficpolice.gov.sd
  224. [+] Whois information found
  225. [-] Unable to build response, visit https://who.is/whois/www.trafficpolice.gov.sd
  226. --------------------------------------------------------------------------------------------------------------------------------------
  227. PORT STATE SERVICE
  228. 21/tcp open ftp
  229. 22/tcp filtered ssh
  230. 23/tcp filtered telnet
  231. 80/tcp open http
  232. 110/tcp open pop3
  233. 143/tcp open imap
  234. 443/tcp open https
  235. 3389/tcp filtered ms-wbt-server
  236. Nmap done: 1 IP address (1 host up) scanned in 3.05 seconds
  237. ---------------------------------------------------------------------------------------------------------------------------------------
  238. There was an error getting results
  239.  
  240. [-] DNS Records
  241. [>] Initiating 3 intel modules
  242. [>] Loading Alpha module (1/3)
  243. [>] Beta module deployed (2/3)
  244. [>] Gamma module initiated (3/3)
  245.  
  246.  
  247. [+] Emails found:
  248. ---------------------------------------------------------------------------------------------------------------------------------------
  249. pixel-1553385215146070-web-@www.trafficpolice.gov.sd
  250. pixel-1553385215765529-web-@www.trafficpolice.gov.sd
  251. No hosts found
  252. [+] Virtual hosts:
  253. --------------------------------------------------------------------------------------------------------------------------------------
  254. #######################################################################################################################################
  255. Enter Address Website = trafficpolice.gov.sd
  256.  
  257. Reverse IP With YouGetSignal 'trafficpolice.gov.sd'
  258. ---------------------------------------------------------------------------------------------------------------------------------------
  259.  
  260. [*] IP: 62.12.105.3
  261. [*] Domain: trafficpolice.gov.sd
  262. [*] Total Domains: 2
  263.  
  264. [+] trafficpolice.gov.sd
  265. [+] whitenilestate.gov.sd
  266. #######################################################################################################################################
  267.  
  268. Geo IP Lookup 'trafficpolice.gov.sd'
  269. ---------------------------------------------------------------------------------------------------------------------------------------
  270.  
  271. [+] IP Address: 62.12.105.3
  272. [+] Country: Sudan
  273. [+] State:
  274. [+] City:
  275. [+] Latitude: 15.0
  276. [+] Longitude: 30.0
  277. #######################################################################################################################################
  278.  
  279. Bypass Cloudflare 'trafficpolice.gov.sd'
  280. ---------------------------------------------------------------------------------------------------------------------------------------
  281.  
  282. [!] CloudFlare Bypass 62.12.105.3 | webmail.trafficpolice.gov.sd
  283. [!] CloudFlare Bypass 62.12.105.3 | mail.trafficpolice.gov.sd
  284. [!] CloudFlare Bypass 62.12.105.3 | www.trafficpolice.gov.sd
  285. #######################################################################################################################################
  286.  
  287. DNS Lookup 'trafficpolice.gov.sd'
  288. ---------------------------------------------------------------------------------------------------------------------------------------
  289.  
  290. [+] trafficpolice.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018111500 10800 900 604800 86400
  291. [+] trafficpolice.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
  292. [+] trafficpolice.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
  293. [+] trafficpolice.gov.sd. 21599 IN A 62.12.105.3
  294. [+] trafficpolice.gov.sd. 21599 IN MX 10 f03-web01.nic.gov.sd.
  295. [+] trafficpolice.gov.sd. 21599 IN TXT "v=spf1 mx -all"
  296. #######################################################################################################################################
  297.  
  298. Show HTTP Header 'trafficpolice.gov.sd'
  299. ---------------------------------------------------------------------------------------------------------------------------------------
  300.  
  301. [+] HTTP/1.1 200 OK
  302. [+] Cache-Control: private
  303. [+] Content-Length: 37831
  304. [+] Content-Type: text/html; charset=utf-8
  305. [+] Server: Microsoft-IIS/8.5
  306. [+] Set-Cookie: ASP.NET_SessionId=enqoslx1guukzpcbypmhaxj2; path=/; HttpOnly
  307. [+] X-AspNet-Version: 4.0.30319
  308. [+] X-Powered-By: ASP.NET
  309. [+] X-Powered-By-Plesk: PleskWin
  310. [+] Date: Sat, 23 Mar 2019 23:53:25 GMT
  311. #######################################################################################################################################
  312.  
  313. Port Scan 'trafficpolice.gov.sd'
  314. ---------------------------------------------------------------------------------------------------------------------------------------
  315.  
  316. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 23:53 UTC
  317. Nmap scan report for trafficpolice.gov.sd (62.12.105.3)
  318. Host is up (0.20s latency).
  319. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  320.  
  321. PORT STATE SERVICE
  322. 21/tcp open ftp
  323. 22/tcp filtered ssh
  324. 23/tcp filtered telnet
  325. 80/tcp open http
  326. 110/tcp open pop3
  327. 143/tcp open imap
  328. 443/tcp open https
  329. 3389/tcp filtered ms-wbt-server
  330.  
  331. Nmap done: 1 IP address (1 host up) scanned in 3.34 seconds
  332. #######################################################################################################################################
  333.  
  334. Traceroute 'trafficpolice.gov.sd'
  335. ---------------------------------------------------------------------------------------------------------------------------------------
  336.  
  337. Start: 2019-03-23T23:53:37+0000
  338. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
  339. 1.|-- 45.79.12.202 0.0% 3 1.6 1.0 0.7 1.6 0.5
  340. 2.|-- 45.79.12.6 0.0% 3 0.5 0.6 0.5 0.7 0.1
  341. 3.|-- dls-b22-link.telia.net 0.0% 3 1.0 2.5 1.0 5.2 2.3
  342. 4.|-- atl-b22-link.telia.net 0.0% 3 18.6 19.8 18.6 22.3 2.2
  343. 5.|-- ash-bb4-link.telia.net 0.0% 3 35.3 35.5 35.3 35.6 0.2
  344. 6.|-- prs-bb3-link.telia.net 0.0% 3 133.9 133.7 133.4 133.9 0.3
  345. 7.|-- mei-b2-link.telia.net 0.0% 3 132.9 132.9 131.8 134.0 1.1
  346. 8.|-- flagtelecom-ic-324599-mei-b2.c.telia.net 0.0% 3 171.7 171.4 171.0 171.7 0.4
  347. 9.|-- ae0.0.cjr01.mrs002.flagtel.com 0.0% 3 270.8 275.0 270.8 281.5 5.7
  348. 10.|-- ae3.0.cjr02.prs001.flagtel.com 0.0% 3 156.6 156.7 155.6 157.7 1.0
  349. 11.|-- xe-11-1-1.0.pjr04.dxb001.flagtel.com 0.0% 3 270.2 270.3 270.2 270.4 0.1
  350. 12.|-- 80.77.2.42 0.0% 3 255.5 256.0 255.5 256.5 0.5
  351. 13.|-- 196.29.177.113 0.0% 3 249.1 249.4 249.0 250.2 0.7
  352. 14.|-- 197.254.196.62 0.0% 3 265.5 265.2 264.9 265.5 0.3
  353. 15.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
  354. #######################################################################################################################################
  355.  
  356. Ping 'trafficpolice.gov.sd'
  357. ---------------------------------------------------------------------------------------------------------------------------------------
  358.  
  359.  
  360. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-03-23 23:54 UTC
  361. SENT (0.0042s) ICMP [104.237.144.6 > 62.12.105.3 Echo request (type=8/code=0) id=24980 seq=1] IP [ttl=64 id=4153 iplen=28 ]
  362. SENT (1.0047s) ICMP [104.237.144.6 > 62.12.105.3 Echo request (type=8/code=0) id=24980 seq=2] IP [ttl=64 id=4153 iplen=28 ]
  363. SENT (2.0061s) ICMP [104.237.144.6 > 62.12.105.3 Echo request (type=8/code=0) id=24980 seq=3] IP [ttl=64 id=4153 iplen=28 ]
  364. SENT (3.0078s) ICMP [104.237.144.6 > 62.12.105.3 Echo request (type=8/code=0) id=24980 seq=4] IP [ttl=64 id=4153 iplen=28 ]
  365.  
  366. Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
  367. Raw packets sent: 4 (112B) | Rcvd: 0 (0B) | Lost: 4 (100.00%)
  368. Nping done: 1 IP address pinged in 4.01 seconds
  369. #######################################################################################################################################
  370. =======================================================================================================================================
  371. | External hosts:
  372. | [+] External Host Found: http://s7.addthis.com
  373. | [+] External Host Found: https://www.addtoany.com
  374. | [+] External Host Found: http://eservices.trafficpolice.gov.sd
  375. | [+] External Host Found: https://static.addtoany.com
  376. | [+] External Host Found: https://maps.googleapis.com
  377. =======================================================================================================================================
  378. | E-mails:
  379. | [+] E-mail Found: _@ly.e
  380. | [+] E-mail Found: s@4.qe
  381. =======================================================================================================================================
  382. #######################################################################################################################################
  383. dnsenum VERSION:1.2.4
  384.  
  385. ----- www.trafficpolice.gov.sd -----
  386.  
  387.  
  388. Host's addresses:
  389. __________________
  390.  
  391. www.trafficpolice.gov.sd. 84135 IN A 62.12.105.3
  392.  
  393.  
  394. Name Servers:
  395. ______________
  396. #######################################################################################################################################
  397. ===============================================
  398. -=Subfinder v1.1.3 github.com/subfinder/subfinder
  399. ===============================================
  400.  
  401.  
  402. Running Source: Ask
  403. Running Source: Archive.is
  404. Running Source: Baidu
  405. Running Source: Bing
  406. Running Source: CertDB
  407. Running Source: CertificateTransparency
  408. Running Source: Certspotter
  409. Running Source: Commoncrawl
  410. Running Source: Crt.sh
  411. Running Source: Dnsdb
  412. Running Source: DNSDumpster
  413. Running Source: DNSTable
  414. Running Source: Dogpile
  415. Running Source: Exalead
  416. Running Source: Findsubdomains
  417. Running Source: Googleter
  418. Running Source: Hackertarget
  419. Running Source: Ipv4Info
  420. Running Source: PTRArchive
  421. Running Source: Sitedossier
  422. Running Source: Threatcrowd
  423. Running Source: ThreatMiner
  424. Running Source: WaybackArchive
  425. Running Source: Yahoo
  426.  
  427. Running enumeration on www.trafficpolice.gov.sd
  428.  
  429. dnsdb: Unexpected return status 503
  430.  
  431. ipv4info: <nil>
  432.  
  433. waybackarchive: strconv.Atoi: parsing "<html>": invalid syntax
  434.  
  435.  
  436. Starting Bruteforcing of www.trafficpolice.gov.sd with 9985 words
  437.  
  438. Total 1 Unique subdomains found for www.trafficpolice.gov.sd
  439.  
  440. .www.trafficpolice.gov.sd
  441. #######################################################################################################################################
  442. [*] Processing domain www.trafficpolice.gov.sd
  443. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
  444. [+] Getting nameservers
  445. [-] Getting nameservers failed
  446. [-] Zone transfer failed
  447.  
  448. [*] Scanning www.trafficpolice.gov.sd for A records
  449. 62.12.105.3 - www.trafficpolice.gov.sd
  450. #######################################################################################################################################
  451. [+] www.trafficpolice.gov.sd has no SPF record!
  452. [*] No DMARC record found. Looking for organizational record
  453. [+] No organizational DMARC record
  454. [+] Spoofing possible for www.trafficpolice.gov.sd!
  455. #######################################################################################################################################
  456. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 20:24 EDT
  457. Nmap scan report for www.trafficpolice.gov.sd (62.12.105.3)
  458. Host is up (0.21s latency).
  459. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  460. Not shown: 464 filtered ports, 6 closed ports
  461. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  462. PORT STATE SERVICE
  463. 21/tcp open ftp
  464. 80/tcp open http
  465. 110/tcp open pop3
  466. 143/tcp open imap
  467. 443/tcp open https
  468. 8443/tcp open https-alt
  469. #######################################################################################################################################
  470. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 20:24 EDT
  471. Nmap scan report for www.trafficpolice.gov.sd (62.12.105.3)
  472. Host is up (0.026s latency).
  473. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  474. Not shown: 2 filtered ports
  475. PORT STATE SERVICE
  476. 53/udp open|filtered domain
  477. 67/udp open|filtered dhcps
  478. 68/udp open|filtered dhcpc
  479. 69/udp open|filtered tftp
  480. 88/udp open|filtered kerberos-sec
  481. 123/udp open|filtered ntp
  482. 139/udp open|filtered netbios-ssn
  483. 161/udp open|filtered snmp
  484. 162/udp open|filtered snmptrap
  485. 389/udp open|filtered ldap
  486. 520/udp open|filtered route
  487. 2049/udp open|filtered nfs
  488. #######################################################################################################################################
  489. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 20:24 EDT
  490. Nmap scan report for www.trafficpolice.gov.sd (62.12.105.3)
  491. Host is up (0.25s latency).
  492. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  493.  
  494. PORT STATE SERVICE VERSION
  495. 21/tcp open ftp Microsoft ftpd
  496. | ftp-brute:
  497. | Accounts: No valid accounts found
  498. |_ Statistics: Performed 3066 guesses in 180 seconds, average tps: 16.8
  499. | ftp-syst:
  500. |_ SYST: Windows_NT
  501. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  502. Device type: phone
  503. Running: Nokia Symbian OS
  504. OS CPE: cpe:/o:nokia:symbian_os
  505. OS details: Nokia E70 or N86 mobile phone (Symbian OS)
  506. Network Distance: 17 hops
  507. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
  508.  
  509. TRACEROUTE (using port 21/tcp)
  510. HOP RTT ADDRESS
  511. 1 28.97 ms 10.252.200.1
  512. 2 29.38 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  513. 3 33.76 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  514. 4 29.01 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
  515. 5 29.38 ms motl-b1-link.telia.net (62.115.162.41)
  516. 6 45.38 ms nyk-bb3-link.telia.net (62.115.137.142)
  517. 7 137.00 ms prs-bb3-link.telia.net (213.155.135.4)
  518. 8 148.11 ms mei-b2-link.telia.net (62.115.133.175)
  519. 9 181.08 ms flagtelecom-ic-324599-mei-b2.c.telia.net (213.248.72.190)
  520. 10 312.64 ms ae0.0.cjr01.prs001.flagtel.com (62.216.128.213)
  521. 11 304.65 ms ae1.0.cjr01.mrs002.flagtel.com (62.216.131.149)
  522. 12 303.41 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
  523. 13 351.40 ms 80.77.2.42
  524. 14 244.60 ms 196.29.177.113
  525. 15 246.87 ms 197.254.196.62
  526. 16 ...
  527. 17 245.49 ms f03-web01.nic.gov.sd (62.12.105.3)
  528.  
  529. OS and Service
  530. #######################################################################################################################################
  531. http://www.trafficpolice.gov.sd [200 OK] ASP_NET[4.0.30319], Cookies[ASP.NET_SessionId], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[ASP.NET_SessionId], IP[62.12.105.3], JQuery[1.11.0], Lightbox, Microsoft-IIS[8.5], PasswordField, Prototype, Script[text/javascript], Scriptaculous, Title[الإدارة العامة للمرور][Title element contains newline(s)!], UncommonHeaders[x-powered-by-plesk], X-Powered-By[ASP.NET]
  532. #######################################################################################################################################
  533. wig - WebApp Information Gatherer
  534.  
  535.  
  536. Scanning http://www.trafficpolice.gov.sd...
  537. ______________________ SITE INFO _______________________
  538. IP Title
  539. 62.12.105.3 الإدارة العامة للمرور
  540.  
  541. _______________________ VERSION ________________________
  542. Name Versions Type
  543. ASP.NET 4.0.30319 Platform
  544. IIS 8.5 Platform
  545. jQuery 1.8.1 JavaScript
  546. Microsoft Windows Server 2012 R2 OS
  547.  
  548. ________________________________________________________
  549. Time: 57.1 sec Urls: 681 Fingerprints: 40401
  550. #######################################################################################################################################
  551. HTTP/1.1 200 OK
  552. Cache-Control: private
  553. Content-Length: 35997
  554. Content-Type: text/html; charset=utf-8
  555. Server: Microsoft-IIS/8.5
  556. Set-Cookie: ASP.NET_SessionId=0vdalwruqxbwauczupeadsvt; path=/; HttpOnly
  557. X-AspNet-Version: 4.0.30319
  558. X-Powered-By: ASP.NET
  559. X-Powered-By-Plesk: PleskWin
  560. Date: Sun, 24 Mar 2019 00:30:00 GMT
  561.  
  562. HTTP/1.1 200 OK
  563. Cache-Control: private
  564. Content-Length: 35997
  565. Content-Type: text/html; charset=utf-8
  566. Server: Microsoft-IIS/8.5
  567. Set-Cookie: ASP.NET_SessionId=4hndg0kevq4rrsltpt0cnqk5; path=/; HttpOnly
  568. X-AspNet-Version: 4.0.30319
  569. X-Powered-By: ASP.NET
  570. X-Powered-By-Plesk: PleskWin
  571. Date: Sun, 24 Mar 2019 00:30:00 GMT
  572. #######################################################################################################################################
  573. OWL Carousel
  574. IIS 8.5
  575. Plesk
  576. Bootstrap
  577. Google Font API
  578. ZURB Foundation
  579. jQuery
  580. Prototype
  581. Lightbox
  582. Microsoft ASP.NET
  583. #######################################################################################################################################
  584. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 20:30 EDT
  585. Nmap scan report for www.trafficpolice.gov.sd (62.12.105.3)
  586. Host is up (0.25s latency).
  587. rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
  588.  
  589. PORT STATE SERVICE VERSION
  590. 110/tcp open pop3 MailEnable POP3 Server
  591. | pop3-brute:
  592. | Accounts: No valid accounts found
  593. | Statistics: Performed 35 guesses in 3 seconds, average tps: 11.7
  594. |_ ERROR: Failed to make a pop-connection.
  595. |_pop3-capabilities: UIDL USER TOP
  596. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  597. Device type: phone
  598. Running: Nokia Symbian OS
  599. OS CPE: cpe:/o:nokia:symbian_os
  600. OS details: Nokia E70 or N86 mobile phone (Symbian OS)
  601. Network Distance: 17 hops
  602. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
  603.  
  604. TRACEROUTE (using port 443/tcp)
  605. HOP RTT ADDRESS
  606. 1 26.21 ms 10.252.200.1
  607. 2 26.85 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
  608. 3 67.20 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
  609. 4 26.26 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
  610. 5 26.21 ms motl-b1-link.telia.net (62.115.162.41)
  611. 6 34.61 ms nyk-bb4-link.telia.net (62.115.134.52)
  612. 7 134.13 ms prs-bb3-link.telia.net (213.155.135.4)
  613. 8 144.87 ms bcn-b2-link.telia.net (62.115.114.123)
  614. 9 197.43 ms flagtelecom-ic-324599-mei-b2.c.telia.net (213.248.72.190)
  615. 10 306.96 ms ae0.0.cjr01.mrs002.flagtel.com (62.216.131.145)
  616. 11 134.99 ms ae3.0.cjr02.prs001.flagtel.com (62.216.128.209)
  617. 12 288.22 ms xe-11-1-1.0.pjr04.dxb001.flagtel.com (85.95.25.162)
  618. 13 350.79 ms 80.77.2.42
  619. 14 229.43 ms 196.29.177.113
  620. 15 248.12 ms 197.254.196.62
  621. 16 ...
  622. 17 246.77 ms f03-web01.nic.gov.sd (62.12.105.3)
  623. #######################################################################################################################################
  624. https://www.trafficpolice.gov.sd [200 OK] ASP_NET[4.0.30319], Cookies[ASP.NET_SessionId], HTML5, HTTPServer[Microsoft-IIS/8.5], HttpOnly[ASP.NET_SessionId], IP[62.12.105.3], JQuery[1.11.0], Lightbox, Microsoft-IIS[8.5], PasswordField, Prototype, Script[text/javascript], Scriptaculous, Title[الإدارة العامة للمرور][Title element contains newline(s)!], UncommonHeaders[x-powered-by-plesk], X-Powered-By[ASP.NET]
  625. #######################################################################################################################################
  626. OWL Carousel
  627. IIS 8.5
  628. Plesk
  629. Bootstrap
  630. Google Font API
  631. ZURB Foundation
  632. jQuery
  633. Prototype
  634. Lightbox
  635. Microsoft ASP.NET
  636. #######################################################################################################################################
  637. Version: 1.11.12-static
  638. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  639.  
  640. Connected to 62.12.105.3
  641.  
  642. Testing SSL server www.trafficpolice.gov.sd on port 443 using SNI name www.trafficpolice.gov.sd
  643.  
  644. TLS Fallback SCSV:
  645. Server does not support TLS Fallback SCSV
  646.  
  647. TLS renegotiation:
  648. Secure session renegotiation supported
  649.  
  650. TLS Compression:
  651. Compression disabled
  652.  
  653. Heartbleed:
  654. TLS 1.2 not vulnerable to heartbleed
  655. TLS 1.1 not vulnerable to heartbleed
  656. TLS 1.0 not vulnerable to heartbleed
  657.  
  658. Supported Server Cipher(s):
  659. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
  660. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
  661. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  662. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  663. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 1024 bits
  664. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 1024 bits
  665. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
  666. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
  667. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
  668. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
  669. Accepted TLSv1.2 256 bits AES256-SHA256
  670. Accepted TLSv1.2 128 bits AES128-SHA256
  671. Accepted TLSv1.2 256 bits AES256-SHA
  672. Accepted TLSv1.2 128 bits AES128-SHA
  673. Accepted TLSv1.2 112 bits DES-CBC3-SHA
  674. Accepted TLSv1.2 128 bits RC4-SHA
  675. Accepted TLSv1.2 128 bits RC4-MD5
  676. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  677. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  678. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
  679. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
  680. Accepted TLSv1.1 256 bits AES256-SHA
  681. Accepted TLSv1.1 128 bits AES128-SHA
  682. Accepted TLSv1.1 112 bits DES-CBC3-SHA
  683. Accepted TLSv1.1 128 bits RC4-SHA
  684. Accepted TLSv1.1 128 bits RC4-MD5
  685. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
  686. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
  687. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits
  688. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 1024 bits
  689. Accepted TLSv1.0 256 bits AES256-SHA
  690. Accepted TLSv1.0 128 bits AES128-SHA
  691. Accepted TLSv1.0 112 bits DES-CBC3-SHA
  692. Accepted TLSv1.0 128 bits RC4-SHA
  693. Accepted TLSv1.0 128 bits RC4-MD5
  694.  
  695. SSL Certificate:
  696. Signature Algorithm: sha256WithRSAEncryption
  697. RSA Key Strength: 2048
  698.  
  699. Subject: Plesk
  700. Issuer: Plesk
  701.  
  702. Not valid before: Apr 19 09:30:36 2016 GMT
  703. Not valid after: Apr 19 09:30:36 2017 GMT
  704. #######################################################################################################################################
  705. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:36 EDT
  706. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  707. Host is up (0.27s latency).
  708. Not shown: 464 filtered ports, 6 closed ports
  709. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  710. PORT STATE SERVICE
  711. 21/tcp open ftp
  712. 80/tcp open http
  713. 110/tcp open pop3
  714. 143/tcp open imap
  715. 443/tcp open https
  716. 8443/tcp open https-alt
  717. #######################################################################################################################################
  718. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:36 EDT
  719. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  720. Host is up (0.12s latency).
  721. Not shown: 2 filtered ports
  722. PORT STATE SERVICE
  723. 53/udp open|filtered domain
  724. 67/udp open|filtered dhcps
  725. 68/udp open|filtered dhcpc
  726. 69/udp open|filtered tftp
  727. 88/udp open|filtered kerberos-sec
  728. 123/udp open|filtered ntp
  729. 139/udp open|filtered netbios-ssn
  730. 161/udp open|filtered snmp
  731. 162/udp open|filtered snmptrap
  732. 389/udp open|filtered ldap
  733. 520/udp open|filtered route
  734. 2049/udp open|filtered nfs
  735. #######################################################################################################################################
  736. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:36 EDT
  737. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  738. Host is up (0.23s latency).
  739.  
  740. PORT STATE SERVICE VERSION
  741. 21/tcp open ftp Microsoft ftpd
  742. | ftp-brute:
  743. | Accounts: No valid accounts found
  744. |_ Statistics: Performed 3192 guesses in 182 seconds, average tps: 17.4
  745. | ftp-syst:
  746. |_ SYST: Windows_NT
  747. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  748. Device type: media device|general purpose|phone
  749. Running: Microsoft embedded, Microsoft Windows Vista, Nokia Symbian OS
  750. OS CPE: cpe:/o:microsoft:windows_vista::sp1:home_premium cpe:/o:nokia:symbian_os
  751. OS details: Microsoft Zune audio player (firmware 3.1), Microsoft Windows Vista Home Premium SP1, Nokia E70 or N86 mobile phone (Symbian OS)
  752. Network Distance: 20 hops
  753. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
  754.  
  755. TRACEROUTE (using port 21/tcp)
  756. HOP RTT ADDRESS
  757. 1 124.73 ms 10.249.200.1
  758. 2 136.73 ms gw-104.datasource.ch (176.10.104.3)
  759. 3 120.20 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  760. 4 121.59 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  761. 5 121.61 ms be3592.ccr52.zrh02.atlas.cogentco.com (154.54.37.150)
  762. 6 126.98 ms be3073.ccr22.muc03.atlas.cogentco.com (130.117.0.62)
  763. 7 132.20 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  764. 8 139.20 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  765. 9 146.60 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  766. 10 146.68 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  767. 11 146.49 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  768. 12 225.20 ms 185.153.20.70
  769. 13 226.00 ms 185.153.20.82
  770. 14 225.97 ms 185.153.20.94
  771. 15 219.95 ms 185.153.20.153
  772. 16 ... 17
  773. 18 229.28 ms 196.202.145.94
  774. 19 ...
  775. 20 229.96 ms f03-web01.nic.gov.sd (62.12.105.3)
  776. #######################################################################################################################################
  777. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:41 EDT
  778. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  779. Host is up.
  780.  
  781. PORT STATE SERVICE VERSION
  782. 67/udp open|filtered dhcps
  783. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  784. Too many fingerprints match this host to give specific OS details
  785.  
  786. TRACEROUTE (using proto 1/icmp)
  787. HOP RTT ADDRESS
  788. 1 125.65 ms 10.249.200.1
  789. 2 125.69 ms gw-104.datasource.ch (176.10.104.3)
  790. 3 127.50 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  791. 4 127.06 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  792. 5 127.50 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  793. 6 132.71 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  794. 7 138.10 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  795. 8 145.41 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  796. 9 146.34 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  797. 10 146.38 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  798. 11 145.13 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  799. 12 223.87 ms 185.153.20.70
  800. 13 223.87 ms 185.153.20.82
  801. 14 223.84 ms 185.153.20.94
  802. 15 223.23 ms 185.153.20.153
  803. 16 231.49 ms 212.0.131.109
  804. 17 233.76 ms 196.202.137.249
  805. 18 229.32 ms 196.202.145.94
  806. 19 ... 30
  807. #######################################################################################################################################
  808. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:43 EDT
  809. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  810. Host is up.
  811.  
  812. PORT STATE SERVICE VERSION
  813. 68/udp open|filtered dhcpc
  814. Too many fingerprints match this host to give specific OS details
  815.  
  816. TRACEROUTE (using proto 1/icmp)
  817. HOP RTT ADDRESS
  818. 1 120.81 ms 10.249.200.1
  819. 2 126.58 ms gw-104.datasource.ch (176.10.104.3)
  820. 3 121.01 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  821. 4 123.18 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  822. 5 124.98 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  823. 6 127.97 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  824. 7 131.12 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  825. 8 137.68 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  826. 9 145.47 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  827. 10 145.47 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  828. 11 145.62 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  829. 12 224.59 ms 185.153.20.70
  830. 13 225.14 ms 185.153.20.82
  831. 14 224.41 ms 185.153.20.94
  832. 15 218.51 ms 185.153.20.153
  833. 16 233.40 ms 212.0.131.109
  834. 17 231.31 ms 196.202.137.249
  835. 18 230.20 ms 196.202.145.94
  836. 19 ... 30
  837. #######################################################################################################################################
  838. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:45 EDT
  839. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  840. Host is up.
  841.  
  842. PORT STATE SERVICE VERSION
  843. 69/udp open|filtered tftp
  844. Too many fingerprints match this host to give specific OS details
  845.  
  846. TRACEROUTE (using proto 1/icmp)
  847. HOP RTT ADDRESS
  848. 1 119.16 ms 10.249.200.1
  849. 2 119.56 ms gw-104.datasource.ch (176.10.104.3)
  850. 3 119.59 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  851. 4 120.61 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  852. 5 120.97 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  853. 6 126.16 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  854. 7 132.19 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  855. 8 138.53 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  856. 9 145.91 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  857. 10 146.17 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  858. 11 146.44 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  859. 12 225.45 ms 185.153.20.70
  860. 13 225.47 ms 185.153.20.82
  861. 14 225.40 ms 185.153.20.94
  862. 15 219.57 ms 185.153.20.153
  863. 16 241.09 ms 212.0.131.109
  864. 17 230.99 ms 196.202.137.249
  865. 18 228.33 ms 196.202.145.94
  866. 19 ... 30
  867. #######################################################################################################################################
  868.  
  869. wig - WebApp Information Gatherer
  870.  
  871.  
  872. Scanning http://62.12.105.3...
  873. _________________ SITE INFO __________________
  874. IP Title
  875. 62.12.105.3 Domain Default page
  876.  
  877. __________________ VERSION ___________________
  878. Name Versions Type
  879. ASP.NET 4.0.30319 Platform
  880.  
  881. ______________________________________________
  882. Time: 45.6 sec Urls: 600 Fingerprints: 40401
  883. #######################################################################################################################################
  884. HTTP/1.1 200 OK
  885. Content-Length: 1223
  886. Content-Type: text/html
  887. Content-Encoding: gzip
  888. Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
  889. Accept-Ranges: bytes
  890. ETag: "80805d87719ed11:0"
  891. Vary: Accept-Encoding
  892. X-Powered-By: ASP.NET
  893. Date: Sun, 24 Mar 2019 01:48:24 GMT
  894. Connection: keep-alive
  895.  
  896. HTTP/1.1 200 OK
  897. Content-Length: 1223
  898. Content-Type: text/html
  899. Content-Encoding: gzip
  900. Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
  901. Accept-Ranges: bytes
  902. ETag: "80805d87719ed11:0"
  903. Vary: Accept-Encoding
  904. X-Powered-By: ASP.NET
  905. Date: Sun, 24 Mar 2019 01:48:25 GMT
  906. Connection: keep-alive
  907. #######################################################################################################################################
  908. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:48 EDT
  909. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  910. Host is up (0.15s latency).
  911.  
  912. PORT STATE SERVICE VERSION
  913. 110/tcp open pop3 MailEnable POP3 Server
  914. | pop3-brute:
  915. | Accounts: No valid accounts found
  916. | Statistics: Performed 113 guesses in 7 seconds, average tps: 16.1
  917. |_ ERROR: Failed to make a pop-connection.
  918. |_pop3-capabilities: TOP UIDL USER
  919. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  920. Device type: phone
  921. Running: Nokia Symbian OS
  922. OS CPE: cpe:/o:nokia:symbian_os
  923. OS details: Nokia E70 or N86 mobile phone (Symbian OS)
  924. Network Distance: 1 hop
  925. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
  926.  
  927. TRACEROUTE (using port 80/tcp)
  928. HOP RTT ADDRESS
  929. 1 125.14 ms f03-web01.nic.gov.sd (62.12.105.3)
  930. #######################################################################################################################################
  931. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:48 EDT
  932. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  933. Host is up.
  934.  
  935. PORT STATE SERVICE VERSION
  936. 123/udp open|filtered ntp
  937. Too many fingerprints match this host to give specific OS details
  938.  
  939. TRACEROUTE (using proto 1/icmp)
  940. HOP RTT ADDRESS
  941. 1 127.23 ms 10.249.200.1
  942. 2 222.29 ms gw-104.datasource.ch (176.10.104.3)
  943. 3 127.29 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  944. 4 127.32 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  945. 5 128.14 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  946. 6 132.90 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  947. 7 138.71 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  948. 8 145.73 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  949. 9 145.56 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  950. 10 147.52 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  951. 11 146.27 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  952. 12 225.41 ms 185.153.20.70
  953. 13 225.46 ms 185.153.20.82
  954. 14 225.42 ms 185.153.20.94
  955. 15 218.40 ms 185.153.20.153
  956. 16 232.13 ms 212.0.131.109
  957. 17 231.65 ms 196.202.137.249
  958. 18 228.96 ms 196.202.145.94
  959. 19 ... 30
  960. #######################################################################################################################################
  961. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:50 EDT
  962. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  963. Host is up (0.12s latency).
  964.  
  965. PORT STATE SERVICE VERSION
  966. 161/tcp filtered snmp
  967. 161/udp open|filtered snmp
  968. Too many fingerprints match this host to give specific OS details
  969.  
  970. TRACEROUTE (using proto 1/icmp)
  971. HOP RTT ADDRESS
  972. 1 125.35 ms 10.249.200.1
  973. 2 125.66 ms gw-104.datasource.ch (176.10.104.3)
  974. 3 125.69 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  975. 4 126.77 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  976. 5 122.84 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  977. 6 127.74 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  978. 7 133.20 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  979. 8 140.03 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  980. 9 147.24 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  981. 10 147.12 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  982. 11 145.09 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  983. 12 224.00 ms 185.153.20.70
  984. 13 224.01 ms 185.153.20.82
  985. 14 223.95 ms 185.153.20.94
  986. 15 218.98 ms 185.153.20.153
  987. 16 231.76 ms 212.0.131.109
  988. 17 230.63 ms 196.202.137.249
  989. 18 227.77 ms 196.202.145.94
  990. 19 ... 30
  991. ######################################################################################################################################
  992. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 21:55 EDT
  993. NSE: Loaded 148 scripts for scanning.
  994. NSE: Script Pre-scanning.
  995. NSE: Starting runlevel 1 (of 2) scan.
  996. Initiating NSE at 21:55
  997. Completed NSE at 21:55, 0.00s elapsed
  998. NSE: Starting runlevel 2 (of 2) scan.
  999. Initiating NSE at 21:55
  1000. Completed NSE at 21:55, 0.00s elapsed
  1001. Initiating Ping Scan at 21:55
  1002. Scanning 62.12.105.3 [4 ports]
  1003. Completed Ping Scan at 21:55, 0.17s elapsed (1 total hosts)
  1004. Initiating Parallel DNS resolution of 1 host. at 21:55
  1005. Completed Parallel DNS resolution of 1 host. at 21:55, 0.03s elapsed
  1006. Initiating Connect Scan at 21:55
  1007. Scanning f03-web01.nic.gov.sd (62.12.105.3) [65535 ports]
  1008. Discovered open port 443/tcp on 62.12.105.3
  1009. Discovered open port 143/tcp on 62.12.105.3
  1010. Discovered open port 80/tcp on 62.12.105.3
  1011. Discovered open port 110/tcp on 62.12.105.3
  1012. Discovered open port 21/tcp on 62.12.105.3
  1013. Connect Scan Timing: About 8.92% done; ETC: 22:01 (0:05:17 remaining)
  1014. Connect Scan Timing: About 34.75% done; ETC: 21:58 (0:01:55 remaining)
  1015. Connect Scan Timing: About 67.74% done; ETC: 21:57 (0:00:43 remaining)
  1016. Completed Connect Scan at 21:57, 118.81s elapsed (65535 total ports)
  1017. Initiating Service scan at 21:57
  1018. Scanning 5 services on f03-web01.nic.gov.sd (62.12.105.3)
  1019. Completed Service scan at 21:58, 34.21s elapsed (5 services on 1 host)
  1020. Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
  1021. Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
  1022. Initiating Traceroute at 21:58
  1023. Completed Traceroute at 21:58, 6.19s elapsed
  1024. Initiating Parallel DNS resolution of 18 hosts. at 21:58
  1025. Completed Parallel DNS resolution of 18 hosts. at 21:58, 2.53s elapsed
  1026. NSE: Script scanning 62.12.105.3.
  1027. NSE: Starting runlevel 1 (of 2) scan.
  1028. Initiating NSE at 21:58
  1029. NSE Timing: About 99.12% done; ETC: 21:59 (0:00:00 remaining)
  1030. NSE Timing: About 99.42% done; ETC: 21:59 (0:00:00 remaining)
  1031. NSE Timing: About 99.56% done; ETC: 22:00 (0:00:00 remaining)
  1032. Completed NSE at 22:00, 92.69s elapsed
  1033. NSE: Starting runlevel 2 (of 2) scan.
  1034. Initiating NSE at 22:00
  1035. Completed NSE at 22:00, 0.48s elapsed
  1036. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  1037. Host is up, received reset ttl 64 (0.12s latency).
  1038. Scanned at 2019-03-23 21:55:45 EDT for 261s
  1039. Not shown: 65523 filtered ports
  1040. Reason: 65522 no-responses and 1 host-unreach
  1041. PORT STATE SERVICE REASON VERSION
  1042. 21/tcp open ftp syn-ack Microsoft ftpd
  1043. | ftp-syst:
  1044. |_ SYST: Windows_NT
  1045. | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/organizationalUnitName=Plesk/localityName=Seattle
  1046. | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/emailAddress=info@plesk.com/organizationalUnitName=Plesk/localityName=Seattle
  1047. | Public Key type: rsa
  1048. | Public Key bits: 2048
  1049. | Signature Algorithm: sha256WithRSAEncryption
  1050. | Not valid before: 2016-04-19T09:30:36
  1051. | Not valid after: 2017-04-19T09:30:36
  1052. | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
  1053. | SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
  1054. | -----BEGIN CERTIFICATE-----
  1055. | MIIEajCCA1KgAwIBAgIEBNin+DANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
  1056. | VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxDTALBgNV
  1057. | BAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4wDAYDVQQDEwVQbGVzazEdMBsGCSqG
  1058. | SIb3DQEJARYOaW5mb0BwbGVzay5jb20wHhcNMTYwNDE5MDkzMDM2WhcNMTcwNDE5
  1059. | MDkzMDM2WjCBgjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO
  1060. | BgNVBAcTB1NlYXR0bGUxDTALBgNVBAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4w
  1061. | DAYDVQQDEwVQbGVzazEdMBsGCSqGSIb3DQEJARYOaW5mb0BwbGVzay5jb20wggEi
  1062. | MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSBgk7uIcz0ea9fN1QDp3Pl19b
  1063. | rjqqnl3b7UIxbZaPhoraBvBknLJ0hEzOitQmKsxIsGKPLjxSb6WMmiE+YRH0kvOU
  1064. | oXWa/yjRx3rG6Z+Wd6U7r7IIbWdBMGgbTQ2OdzmrKXVqoaXM2crH9cPDhWJgkVu9
  1065. | Q6zuUiMjo7cwFR1X/vAVPW1C4l5HQcW3oGC14ll5jC15IbB04YusglQVfD/8u246
  1066. | nMRgToyj+gxMvsifYG9h53OT0qJz/MFk4PvtG2MAy8ipR10VMtOUrMqzaZ1ntjex
  1067. | sqog2cNgT6LLRMi870OCRaT/cVYCjNlhcQIE2Tpyf9MYKK0myMokTBXs+WNHAgMB
  1068. | AAGjgeUwgeIwHQYDVR0OBBYEFKXkfR1gs1JC6WRjoLsdij8g/DVYMIGyBgNVHSME
  1069. | gaowgaeAFKXkfR1gs1JC6WRjoLsdij8g/DVYoYGIpIGFMIGCMQswCQYDVQQGEwJV
  1070. | UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTENMAsGA1UE
  1071. | ChMET2RpbjEOMAwGA1UECxMFUGxlc2sxDjAMBgNVBAMTBVBsZXNrMR0wGwYJKoZI
  1072. | hvcNAQkBFg5pbmZvQHBsZXNrLmNvbYIEBNin+DAMBgNVHRMEBTADAQH/MA0GCSqG
  1073. | SIb3DQEBCwUAA4IBAQARU5/ZcbkEx+CNZjqAY2r5h5m2Bq5kt0CY+j6uH05oreL9
  1074. | 5gKbBctsDTehfCw5+VpFpv4lCogQ9QJlQ8A3VQXV4kjueRIMvrShPbh7vZ1LcQNR
  1075. | PXDUyNZpbItE29/rJe4qvgFWMd73yw18H871kwLtddx0XfOv2tgO5fzLr9BT5hzq
  1076. | E9upUN40ATHb/bDcAVLsUTOmYM9idZ4AS/oj0oCeBR9eqcw3IHNneIO3Qk2EA2UO
  1077. | U93iDngn3tuYqUFlLZSjcVfWIWvY7cDMfqGEdanpz42V5nFqUQ76sWvYb8iF73uy
  1078. | uxIFo3Edw+sf2D1fyEpbDQZNsNiNSyUUHUq3qagk
  1079. |_-----END CERTIFICATE-----
  1080. 25/tcp closed smtp conn-refused
  1081. 80/tcp open http-proxy syn-ack Squid http proxy
  1082. |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
  1083. | http-methods:
  1084. | Supported Methods: OPTIONS TRACE GET HEAD POST
  1085. |_ Potentially risky methods: TRACE
  1086. |_http-open-proxy: Proxy might be redirecting requests
  1087. |_http-title: Domain Default page
  1088. 110/tcp open pop3 syn-ack MailEnable POP3 Server
  1089. |_pop3-capabilities: UIDL USER TOP
  1090. 113/tcp closed ident conn-refused
  1091. 139/tcp closed netbios-ssn conn-refused
  1092. 143/tcp open imap syn-ack MailEnable imapd
  1093. |_imap-capabilities: CHILDREN completed IMAP4 CAPABILITY IMAP4rev1 OK AUTH=LOGIN AUTH=CRAM-MD5 IDLE UIDPLUSA0001
  1094. 443/tcp open https? syn-ack
  1095. 445/tcp closed microsoft-ds conn-refused
  1096. 993/tcp closed imaps conn-refused
  1097. 995/tcp closed pop3s conn-refused
  1098. 1025/tcp closed NFS-or-IIS conn-refused
  1099. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  1100. Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (98%), Tomato 1.27 - 1.28 (Linux 2.4.20) (92%), Linux 3.2.0 (92%), MikroTik RouterOS 6.15 (Linux 3.3.5) (92%), Tomato firmware (Linux 2.6.22) (91%), D-Link DIR-835 WAP (91%), Linux 2.4.21 - 2.4.25 (embedded) (91%), Linux 2.6.11 (91%), Netgear WNR834Bv2 WAP (91%), HP ProCurve MSM422 WAP (90%)
  1101. No exact OS matches for host (test conditions non-ideal).
  1102. TCP/IP fingerprint:
  1103. SCAN(V=7.70%E=4%D=3/23%OT=21%CT=25%CU=%PV=N%G=N%TM=5C96E4A6%P=x86_64-pc-linux-gnu)
  1104. SEQ(SP=FD%GCD=1%ISR=107%TI=I%CI=Z%TS=U)
  1105. SEQ(CI=Z)
  1106. OPS(O1=M4B3W8N%O2=M4B3W8N%O3=M4B3W8N%O4=M4B3W8N%O5=M4B3W8N%O6=M4B3)
  1107. WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
  1108. ECN(R=Y%DF=Y%TG=80%W=2000%O=M4B3W8N%CC=Y%Q=)
  1109. ECN(R=N)
  1110. T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
  1111. T2(R=N)
  1112. T3(R=N)
  1113. T4(R=N)
  1114. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  1115. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  1116. T7(R=N)
  1117. U1(R=N)
  1118. IE(R=N)
  1119.  
  1120. Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
  1121.  
  1122. TRACEROUTE (using proto 1/icmp)
  1123. HOP RTT ADDRESS
  1124. 1 124.04 ms 10.249.200.1
  1125. 2 124.53 ms gw-104.datasource.ch (176.10.104.3)
  1126. 3 124.58 ms hu-b69-10gigabit-slx9540.datasource.ch (91.201.56.132)
  1127. 4 125.80 ms te0-2-1-3.rcr51.b021037-0.zrh02.atlas.cogentco.com (149.14.212.145)
  1128. 5 126.06 ms be3591.ccr51.zrh02.atlas.cogentco.com (130.117.50.182)
  1129. 6 131.46 ms be3072.ccr21.muc03.atlas.cogentco.com (130.117.0.18)
  1130. 7 131.43 ms be2959.ccr41.fra03.atlas.cogentco.com (154.54.36.53)
  1131. 8 137.43 ms be2813.ccr41.ams03.atlas.cogentco.com (130.117.0.121)
  1132. 9 145.31 ms be12194.ccr41.lon13.atlas.cogentco.com (154.54.56.93)
  1133. 10 145.31 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
  1134. 11 146.12 ms expressotelecom.demarc.cogentco.com (149.14.248.202)
  1135. 12 225.49 ms 185.153.20.70
  1136. 13 236.68 ms 185.153.20.82
  1137. 14 224.65 ms 185.153.20.94
  1138. 15 221.85 ms 185.153.20.153
  1139. 16 232.23 ms 212.0.131.109
  1140. 17 236.24 ms 196.202.137.249
  1141. 18 230.30 ms 196.202.145.94
  1142. 19 ... 30
  1143.  
  1144. NSE: Script Post-scanning.
  1145. NSE: Starting runlevel 1 (of 2) scan.
  1146. Initiating NSE at 22:00
  1147. Completed NSE at 22:00, 0.00s elapsed
  1148. NSE: Starting runlevel 2 (of 2) scan.
  1149. Initiating NSE at 22:00
  1150. Completed NSE at 22:00, 0.00s elapsed
  1151. Read data files from: /usr/bin/../share/nmap
  1152. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1153. Nmap done: 1 IP address (1 host up) scanned in 260.96 seconds
  1154. Raw packets sent: 170 (12.048KB) | Rcvd: 47 (3.456KB)
  1155. #######################################################################################################################################
  1156. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-23 22:00 EDT
  1157. NSE: Loaded 148 scripts for scanning.
  1158. NSE: Script Pre-scanning.
  1159. Initiating NSE at 22:00
  1160. Completed NSE at 22:00, 0.00s elapsed
  1161. Initiating NSE at 22:00
  1162. Completed NSE at 22:00, 0.00s elapsed
  1163. Initiating Parallel DNS resolution of 1 host. at 22:00
  1164. Completed Parallel DNS resolution of 1 host. at 22:00, 0.03s elapsed
  1165. Initiating UDP Scan at 22:00
  1166. Scanning f03-web01.nic.gov.sd (62.12.105.3) [14 ports]
  1167. Completed UDP Scan at 22:00, 2.18s elapsed (14 total ports)
  1168. Initiating Service scan at 22:00
  1169. Scanning 12 services on f03-web01.nic.gov.sd (62.12.105.3)
  1170. Service scan Timing: About 8.33% done; ETC: 22:19 (0:17:58 remaining)
  1171. Completed Service scan at 22:01, 102.58s elapsed (12 services on 1 host)
  1172. Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
  1173. Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
  1174. Initiating Traceroute at 22:01
  1175. Completed Traceroute at 22:02, 7.15s elapsed
  1176. Initiating Parallel DNS resolution of 1 host. at 22:02
  1177. Completed Parallel DNS resolution of 1 host. at 22:02, 0.00s elapsed
  1178. NSE: Script scanning 62.12.105.3.
  1179. Initiating NSE at 22:02
  1180. Completed NSE at 22:02, 20.32s elapsed
  1181. Initiating NSE at 22:02
  1182. Completed NSE at 22:02, 1.03s elapsed
  1183. Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
  1184. Host is up (0.13s latency).
  1185.  
  1186. PORT STATE SERVICE VERSION
  1187. 53/udp open|filtered domain
  1188. 67/udp open|filtered dhcps
  1189. 68/udp open|filtered dhcpc
  1190. 69/udp open|filtered tftp
  1191. 88/udp open|filtered kerberos-sec
  1192. 123/udp open|filtered ntp
  1193. 137/udp filtered netbios-ns
  1194. 138/udp filtered netbios-dgm
  1195. 139/udp open|filtered netbios-ssn
  1196. 161/udp open|filtered snmp
  1197. 162/udp open|filtered snmptrap
  1198. 389/udp open|filtered ldap
  1199. 520/udp open|filtered route
  1200. 2049/udp open|filtered nfs
  1201. Too many fingerprints match this host to give specific OS details
  1202.  
  1203. TRACEROUTE (using port 138/udp)
  1204. HOP RTT ADDRESS
  1205. 1 119.76 ms 10.249.200.1
  1206. 2 ... 3
  1207. 4 119.71 ms 10.249.200.1
  1208. 5 119.94 ms 10.249.200.1
  1209. 6 119.93 ms 10.249.200.1
  1210. 7 119.91 ms 10.249.200.1
  1211. 8 119.90 ms 10.249.200.1
  1212. 9 119.89 ms 10.249.200.1
  1213. 10 119.90 ms 10.249.200.1
  1214. 11 ... 18
  1215. 19 121.02 ms 10.249.200.1
  1216. 20 118.23 ms 10.249.200.1
  1217. 21 ... 27
  1218. 28 119.18 ms 10.249.200.1
  1219. 29 ...
  1220. 30 118.75 ms 10.249.200.1
  1221.  
  1222. NSE: Script Post-scanning.
  1223. Initiating NSE at 22:02
  1224. Completed NSE at 22:02, 0.00s elapsed
  1225. Initiating NSE at 22:02
  1226. Completed NSE at 22:02, 0.00s elapsed
  1227. Read data files from: /usr/bin/../share/nmap
  1228. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  1229. Nmap done: 1 IP address (1 host up) scanned in 138.66 seconds
  1230. Raw packets sent: 147 (9.964KB) | Rcvd: 33 (2.834KB)
  1231. #######################################################################################################################################
  1232. Anonymous JTSEC #OpSudan Full Recon #48
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!