Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname ombudsman.gov.sd ISP NICDC
- Continent Africa Flag
- SD
- Country Sudan Country Code SD
- Region Unknown Local time 15 Jun 2019 01:28 CAT
- City Unknown Postal Code Unknown
- IP Address 62.12.105.3 Latitude 15
- Longitude 30
- =======================================================================================================================================
- #######################################################################################################################################
- > ombudsman.gov.sd
- Server: 185.93.180.131
- Address: 185.93.180.131#53
- Non-authoritative answer:
- Name: ombudsman.gov.sd
- Address: 62.12.105.3
- >
- #######################################################################################################################################
- [+] Target : ombudsman.gov.sd
- [+] IP Address : 62.12.105.3
- [+] Headers :
- [+] Cache-Control : private
- [+] Content-Type : text/html; charset=utf-8
- [+] Content-Encoding : gzip
- [+] Vary : Accept-Encoding
- [+] Server : Microsoft-IIS/8.5
- [+] Set-Cookie : ASP.NET_SessionId=m35c3mwldcx51illtkoz3a1z; path=/; HttpOnly, ASP.NET_SessionId=m35c3mwldcx51illtkoz3a1z; path=/; HttpOnly, __RequestVerificationToken=B6bQtxy8TuKscRN8AoBj9C2Mo8Dd09-97YW2vKjT21Jqs1JkyNJ4GaWSgd7mje4ni0xhHaCWpU_hXQHvd56RFnIPE6cZ1HXmAnKmhc4bwWU1; path=/; HttpOnly
- [+] X-AspNetMvc-Version : 5.2
- [+] X-Frame-Options : SAMEORIGIN
- [+] X-AspNet-Version : 4.0.30319
- [+] X-Powered-By : ASP.NET
- [+] X-Powered-By-Plesk : PleskWin
- [+] Date : Fri, 14 Jun 2019 23:32:49 GMT
- [+] Content-Length : 15099
- [+] SSL Certificate Information :
- [-] SSL is not Present on Target URL...Skipping...
- [+] Whois Lookup :
- [+] NIR : None
- [+] ASN Registry : afrinic
- [+] ASN : 327881
- [+] ASN CIDR : 62.12.105.0/24
- [+] ASN Country Code : SD
- [+] ASN Date : 2015-05-11
- [+] ASN Description : NICDC, SD
- [+] cidr : 62.12.105.0/24
- [+] name : ORG-MoTa1-AFRINIC
- [+] handle : IAEI1-AFRINIC
- [+] range : 62.12.105.0 - 62.12.105.255
- [+] description : National Information Center (NIC)
- [+] country : SD
- [+] state : None
- [+] city : None
- [+] address : National Information Center (NIC)
- [+] postal_code : None
- [+] emails : None
- [+] created : None
- [+] updated : None
- [+] Crawling Target...
- [+] Looking for robots.txt........[ Not Found ]
- [+] Looking for sitemap.xml.......[ Not Found ]
- [+] Extracting CSS Links..........[ 9 ]
- [+] Extracting Javascript Links...[ 11 ]
- [+] Extracting Internal Links.....[ 0 ]
- [+] Extracting External Links.....[ 5 ]
- [+] Extracting Images.............[ 11 ]
- [+] Total Links Extracted : 36
- [+] Dumping Links in /opt/FinalRecon/dumps/ombudsman.gov.sd.dump
- [+] Completed!
- #######################################################################################################################################
- [+] Starting At 2019-06-14 19:32:49.293363
- [+] Collecting Information On: ombudsman.gov.sd
- [#] Status: 200
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Web Server Detected: Microsoft-IIS/8.5
- [#] X-Powered-By: ASP.NET
- - Cache-Control: private
- - Content-Type: text/html; charset=utf-8
- - Content-Encoding: gzip
- - Vary: Accept-Encoding
- - Server: Microsoft-IIS/8.5
- - Set-Cookie: ASP.NET_SessionId=mbqdsntfm2yalv3krsps4bfd; path=/; HttpOnly, ASP.NET_SessionId=mbqdsntfm2yalv3krsps4bfd; path=/; HttpOnly, __RequestVerificationToken=xXsHAGFBPMenM7f5KaF_y_uMHslurbG4K2_pwIwepkcRS-Hd1NhP1CXoN8qKUZgdcaDS2J4jRkw4WykI0e-JYhUHiTnTvkhL0KAIMXFOOOk1; path=/; HttpOnly
- - X-AspNetMvc-Version: 5.2
- - X-Frame-Options: SAMEORIGIN
- - X-AspNet-Version: 4.0.30319
- - X-Powered-By: ASP.NET
- - X-Powered-By-Plesk: PleskWin
- - Date: Fri, 14 Jun 2019 23:32:44 GMT
- - Content-Length: 15103
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Finding Location..!
- [#] as: AS327881 National Information Center (NIC)
- [#] city: Khartoum
- [#] country: Sudan
- [#] countryCode: SD
- [#] isp: National Information Center
- [#] lat: 15.5007
- [#] lon: 32.5599
- [#] org: ORG MoTa1 AFRINIC
- [#] query: 62.12.105.3
- [#] region: KH
- [#] regionName: Khartoum
- [#] status: success
- [#] timezone: Africa/Khartoum
- [#] zip:
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Detected WAF Presence in web application: ASP.NET Generic Web Application Protection
- ---------------------------------------------------------------------------------------------------------------------------------------
- [#] Starting Reverse DNS-
- [!] Found 4 any Domain
- - moiat.gov.sd
- - ombudsman.gov.sd
- - trafficpolice.gov.sd
- - whitenilestate.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- [!] Scanning Open Port
- [#] 21/tcp open ftp
- [#] 80/tcp open http
- [#] 110/tcp open pop3
- [#] 143/tcp open imap
- [#] 443/tcp open https
- [#] 8443/tcp open https-alt
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] Collecting Information Disclosure!
- ######################################################################################################################################
- [i] Scanning Site: http://ombudsman.gov.sd
- B A S I C I N F O
- ====================
- [+] Site Title: ديوان المظالم و الحسبة-الرئيسية
- [+] IP address: 62.12.105.3
- [+] Web Server: Microsoft-IIS/8.5
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- #######################################################################################################################################
- G E O I P L O O K U P
- =========================
- [i] IP Address: 62.12.105.3
- [i] Country: Sudan
- [i] State:
- [i] City:
- [i] Latitude: 15.0
- [i] Longitude: 30.0
- #######################################################################################################################################
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.1 200 OK
- [i] Cache-Control: private
- [i] Content-Type: text/html; charset=utf-8
- [i] Server: Microsoft-IIS/8.5
- [i] Set-Cookie: ASP.NET_SessionId=pxywivvzjgeks25aibykfyfz; path=/; HttpOnly
- [i] X-AspNetMvc-Version: 5.2
- [i] X-Frame-Options: SAMEORIGIN
- [i] X-AspNet-Version: 4.0.30319
- [i] Set-Cookie: ASP.NET_SessionId=pxywivvzjgeks25aibykfyfz; path=/; HttpOnly
- [i] Set-Cookie: __RequestVerificationToken=iUe4A3LVzXh36CYebc4ZGJk6sxmPt34hjz7ct6shi2LmJbD9oWuISPHPSw5J0E0CZp84GxHefBYrOqtrT-izISkeyx9JWfIuMdH-2QnDHrQ1; path=/; HttpOnly
- [i] X-Powered-By: ASP.NET
- [i] X-Powered-By-Plesk: PleskWin
- [i] Date: Fri, 14 Jun 2019 23:32:36 GMT
- [i] Connection: close
- [i] Content-Length: 56574
- #######################################################################################################################################
- D N S L O O K U P
- ===================
- ombudsman.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018071900 10800 900 604800 86400
- ombudsman.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 21599 IN A 62.12.105.3
- ombudsman.gov.sd. 21599 IN MX 10 mail.obudsman.gov.sd.
- ombudsman.gov.sd. 21599 IN TXT "v=spf1 mx -all"
- #######################################################################################################################################
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 62.12.105.3
- Network = 62.12.105.3 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 62.12.105.3 - 62.12.105.3 }
- #######################################################################################################################################
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 23:32 UTC
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.20s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 3.37 seconds
- #######################################################################################################################################
- Enter Address Website = ombudsman.gov.sd
- Reversing IP With HackTarget 'ombudsman.gov.sd'
- --------------------------------------------------
- [+] eservices.motrb.gov.sd
- [+] mail.nashattolabi.sd
- [+] mail.saec.gov.sd
- [+] mail.test.net.sd
- [+] moiat.gov.sd
- [+] ncsp.gov.sd
- [+] penfund.gov.sd
- [+] saec.gov.sd
- [+] sudanpolice.gov.sd
- [+] test.net.sd
- [+] whitenilestate.gov.sd
- [+] www.sudanpolice.gov.sd
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'ombudsman.gov.sd'
- --------------------------------------------------
- [*] IP: 62.12.105.3
- [*] Domain: ombudsman.gov.sd
- [*] Total Domains: 4
- [+] moiat.gov.sd
- [+] ombudsman.gov.sd
- [+] trafficpolice.gov.sd
- [+] whitenilestate.gov.sd
- #######################################################################################################################################
- Geo IP Lookup 'ombudsman.gov.sd'
- -----------------------------------
- [+] IP Address: 62.12.105.3
- [+] Country: Sudan
- [+] State:
- [+] City:
- [+] Latitude: 15.0
- [+] Longitude: 30.0
- #######################################################################################################################################
- Bypass Cloudflare 'ombudsman.gov.sd'
- ---------------------------------------
- [!] CloudFlare Bypass 62.12.105.3 | webmail.ombudsman.gov.sd
- [!] CloudFlare Bypass 62.12.105.3 | mail.ombudsman.gov.sd
- [!] CloudFlare Bypass 62.12.105.3 | www.ombudsman.gov.sd
- #######################################################################################################################################
- DNS Lookup 'ombudsman.gov.sd'
- --------------------------------
- [+] ombudsman.gov.sd. 21599 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018071900 10800 900 604800 86400
- [+] ombudsman.gov.sd. 21599 IN NS ns1.ndc.gov.sd.
- [+] ombudsman.gov.sd. 21599 IN NS ns0.ndc.gov.sd.
- [+] ombudsman.gov.sd. 21599 IN A 62.12.105.3
- [+] ombudsman.gov.sd. 21599 IN MX 10 mail.obudsman.gov.sd.
- [+] ombudsman.gov.sd. 21599 IN TXT "v=spf1 mx -all"
- #######################################################################################################################################
- Show HTTP Header 'ombudsman.gov.sd'
- --------------------------------------
- [+] HTTP/1.1 302 Found
- [+] Cache-Control: private
- [+] Content-Length: 144
- [+] Content-Type: text/html; charset=utf-8
- [+] Location: /Home/Index?aspxerrorpath=/
- [+] Server: Microsoft-IIS/8.5
- [+] X-AspNetMvc-Version: 5.2
- [+] X-AspNet-Version: 4.0.30319
- [+] X-Powered-By: ASP.NET
- [+] X-Powered-By-Plesk: PleskWin
- [+] Date: Fri, 14 Jun 2019 23:32:43 GMT
- #######################################################################################################################################
- Port Scan 'ombudsman.gov.sd'
- -------------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 23:32 UTC
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.20s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds
- #######################################################################################################################################
- Traceroute 'ombudsman.gov.sd'
- --------------------------------
- Start: 2019-06-14T23:32:56+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 1.0 0.9 0.8 1.0 0.1
- 2.|-- 45.79.12.6 0.0% 3 1.9 3.2 0.8 6.9 3.3
- 3.|-- dls-b22-link.telia.net 0.0% 3 0.9 1.5 0.9 2.8 1.1
- 4.|-- atl-b22-link.telia.net 0.0% 3 21.9 19.9 18.8 21.9 1.7
- 5.|-- ash-bb3-link.telia.net 0.0% 3 29.9 31.7 29.9 35.0 2.9
- 6.|-- prs-bb4-link.telia.net 33.3% 3 106.7 106.8 106.7 106.8 0.1
- 7.|-- mei-b2-link.telia.net 0.0% 3 117.3 117.2 117.2 117.3 0.1
- 8.|-- flagtelecom-ic-324599-mei-b2.c.telia.net 0.0% 3 136.4 124.0 117.6 136.4 10.8
- 9.|-- ae0.0.cjr01.mrs002.flagtel.com 0.0% 3 325.1 314.7 306.1 325.1 9.7
- 10.|-- ae3.0.cjr04.prs001.flagtel.com 0.0% 3 128.8 128.7 128.5 128.8 0.2
- 11.|-- xe-0-0-1.0.pjr04.dxb001.flagtel.com 0.0% 3 256.2 256.2 255.8 256.7 0.5
- 12.|-- 80.77.2.42 0.0% 3 231.4 231.3 231.3 231.4 0.0
- 13.|-- 196.29.177.113 0.0% 3 234.9 234.9 234.8 235.0 0.1
- 14.|-- 197.254.196.62 0.0% 3 238.4 238.5 238.3 238.8 0.2
- 15.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
- #######################################################################################################################################
- Page Admin Finder 'ombudsman.gov.sd'
- ---------------------------------------
- Avilable Links :
- Find Page >> http://ombudsman.gov.sd/admin/
- Find Page >> http://ombudsman.gov.sd/administrator/
- Find Page >> http://ombudsman.gov.sd/admin1/
- Find Page >> http://ombudsman.gov.sd/admin2/
- Find Page >> http://ombudsman.gov.sd/admin3/
- Find Page >> http://ombudsman.gov.sd/admin4/
- Find Page >> http://ombudsman.gov.sd/admin5/
- Find Page >> http://ombudsman.gov.sd/usuarios/
- Find Page >> http://ombudsman.gov.sd/usuario/
- Find Page >> http://ombudsman.gov.sd/moderator/
- Find Page >> http://ombudsman.gov.sd/webadmin/
- Find Page >> http://ombudsman.gov.sd/adminarea/
- Find Page >> http://ombudsman.gov.sd/bb-admin/
- Find Page >> http://ombudsman.gov.sd/adminLogin/
- Find Page >> http://ombudsman.gov.sd/admin_area/
- Find Page >> http://ombudsman.gov.sd/panel-administracion/
- Find Page >> http://ombudsman.gov.sd/instadmin/
- Find Page >> http://ombudsman.gov.sd/memberadmin/
- Find Page >> http://ombudsman.gov.sd/administratorlogin/
- Find Page >> http://ombudsman.gov.sd/adm/
- Find Page >> http://ombudsman.gov.sd/admin_panel/
- Find Page >> http://ombudsman.gov.sd/adm_cp/
- #######################################################################################################################################
- ----- ombudsman.gov.sd -----
- Host's addresses:
- __________________
- ombudsman.gov.sd. 85483 IN A 62.12.105.3
- ----------------
- Wildcards test:
- ----------------
- good
- Name Servers:
- ______________
- ns0.ndc.gov.sd. 13823 IN A 62.12.109.2
- ns1.ndc.gov.sd. 13817 IN A 62.12.109.3
- Mail (MX) Servers:
- ___________________
- mail.obudsman.gov.sd A record query failed: NXDOMAIN
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for ombudsman.gov.sd on ns0.ndc.gov.sd ...
- ombudsman.gov.sd. 86400 IN SOA (
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10
- ombudsman.gov.sd. 86400 IN TXT "v=spf1
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- Trying Zone Transfer for ombudsman.gov.sd on ns1.ndc.gov.sd ...
- ombudsman.gov.sd. 86400 IN SOA (
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10
- ombudsman.gov.sd. 86400 IN TXT "v=spf1
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- #######################################################################################################################################
- Trying "ombudsman.gov.sd"
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53576
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;ombudsman.gov.sd. IN ANY
- ;; ANSWER SECTION:
- ombudsman.gov.sd. 85363 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86281 IN MX 10 mail.obudsman.gov.sd.
- ombudsman.gov.sd. 85363 IN A 62.12.105.3
- ombudsman.gov.sd. 85363 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 85720 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018071900 10800 900 604800 86400
- Received 161 bytes from 185.93.180.131#53 in 113 ms
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5-Debian <<>> ombudsman.gov.sd +dnssec
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38088
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags: do; udp: 4096
- ;; QUESTION SECTION:
- ;ombudsman.gov.sd. IN A
- ;; ANSWER SECTION:
- ombudsman.gov.sd. 85296 IN A 62.12.105.3
- ;; Query time: 112 msec
- ;; SERVER: 185.93.180.131#53(185.93.180.131)
- ;; WHEN: ven jun 14 19:45:11 EDT 2019
- ;; MSG SIZE rcvd: 61
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-5-Debian <<>> +trace ombudsman.gov.sd
- ;; global options: +cmd
- . 79394 IN NS g.root-servers.net.
- . 79394 IN NS d.root-servers.net.
- . 79394 IN NS c.root-servers.net.
- . 79394 IN NS j.root-servers.net.
- . 79394 IN NS m.root-servers.net.
- . 79394 IN NS l.root-servers.net.
- . 79394 IN NS f.root-servers.net.
- . 79394 IN NS b.root-servers.net.
- . 79394 IN NS a.root-servers.net.
- . 79394 IN NS e.root-servers.net.
- . 79394 IN NS k.root-servers.net.
- . 79394 IN NS i.root-servers.net.
- . 79394 IN NS h.root-servers.net.
- . 79394 IN RRSIG NS 8 0 518400 20190627170000 20190614160000 25266 . 21CJJEpZ30ZdfNAfEpN6Y8fJ2PN6Y+xtLSWLqeZVbiS8faVrKFmC3zsL EPgetyceuwXArZtOZb8POQU9VOxf3Sr3E0O6X2zPykBd/QnD2mn9u8vh 03tfCQi9ir8M8cHrLEhCyoLCXYmlWHpYZFuxwBLSYk3lNGn6Cn+DAVWa 6JeoLUSX/AJvOIcfq3NfIbh7jrqB8HU1Go+EkmQXe/iMLx1i2C8p+Cgi xpa7LYwEL3x9N22nKpwyWhUAAFFOmIRhkw5b5ijOzVd2u3BBaAbbrnQ0 belHPmKsx+x9b1zjmdOSW8RjI7/GQv+QuobcDELc6D0iEjYeFXozuXiH ys1Qrg==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 112 ms
- sd. 172800 IN NS sd.cctld.authdns.ripe.net.
- sd. 172800 IN NS ns1.uaenic.ae.
- sd. 172800 IN NS ns2.uaenic.ae.
- sd. 172800 IN NS ans1.sis.sd.
- sd. 172800 IN NS ans1.canar.sd.
- sd. 172800 IN NS ans2.canar.sd.
- sd. 172800 IN NS ns-sd.afrinic.net.
- sd. 86400 IN NSEC se. NS RRSIG NSEC
- sd. 86400 IN RRSIG NSEC 8 1 86400 20190627170000 20190614160000 25266 . MjKCNtsNQnEJVz5cPYtkXVbByrRTMlQ1myLs8Pi2+FkFic00RpnZnk5w Pg1lbNn4MQZdx9L090dGjNO3WyleHv1t7HznzWMJ8qCENSIcE1uoRe6r Ak9F/wMKEKvQjra906vPpUlLMG3QcnbyhkP/eoRm2qeN7Ig5/Zsx0J6M gE154HbBf0Lehuk+gd6T/pMkxDs4Idb7z0btkGbQtXo2rrj4jSfRpg1R U7xPKgKJfjqp9ns1z+7dxCE9GWRg9El3ssDyi2Nw4YbRs/qPDh/upUFN /4IY0aeTOsumRH/3FBZ7xs0BaVcNU9RG0YcmEXuNyCnvaPQOkdw315my dR7WMQ==
- ;; Received 703 bytes from 199.7.91.13#53(d.root-servers.net) in 190 ms
- gov.sd. 14400 IN NS sd.cctld.authdns.ripe.net.
- gov.sd. 14400 IN NS ns1.uaenic.ae.
- gov.sd. 14400 IN NS ns2.uaenic.ae.
- gov.sd. 14400 IN NS ans1.sis.sd.
- gov.sd. 14400 IN NS ans1.canar.sd.
- gov.sd. 14400 IN NS ans2.canar.sd.
- gov.sd. 14400 IN NS ns-sd.afrinic.net.
- ;; Received 272 bytes from 196.216.168.26#53(ns-sd.afrinic.net) in 289 ms
- ;; Received 73 bytes from 213.42.0.226#53(ns1.uaenic.ae) in 229 ms
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: ombudsman.gov.sd
- [-] DNSSEC is not configured for ombudsman.gov.sd
- [*] SOA ns0.ndc.gov.sd 62.12.109.2
- [*] NS ns0.ndc.gov.sd 62.12.109.2
- [*] Bind Version for 62.12.109.2 you guess!
- [*] NS ns1.ndc.gov.sd 62.12.109.3
- [*] Bind Version for 62.12.109.3 you guess!
- [*] A ombudsman.gov.sd 62.12.105.3
- [*] TXT ombudsman.gov.sd v=spf1 mx -all
- [*] Enumerating SRV Records
- [-] No SRV Records Found for ombudsman.gov.sd
- [+] 0 Records Found
- #######################################################################################################################################
- [*] Processing domain ombudsman.gov.sd
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
- [+] Getting nameservers
- 62.12.109.2 - ns0.ndc.gov.sd
- [+] Zone transfer sucessful using nameserver ns0.ndc.gov.sd
- ombudsman.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018071900 10800 900 604800 86400
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10 mail.obudsman.gov.sd.
- ombudsman.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10 mail.ombudsman.gov.sd.
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 62.12.105.3 200 host mail.ombudsman.gov.sd Microsoft-IIS/8.5
- 62.12.105.3 200 host mssql.ombudsman.gov.sd Microsoft-IIS/8.5
- 62.12.105.3 302 alias webmail.ombudsman.gov.sd Microsoft-IIS/8.5
- 62.12.105.3 302 host mail.ombudsman.gov.sd Microsoft-IIS/8.5
- 62.12.105.3 302 host www.ombudsman.gov.sd Microsoft-IIS/8.5
- #######################################################################################################################################
- [+] Testing domain
- www.ombudsman.gov.sd 62.12.105.3
- [+] Dns resolving
- Domain name Ip address Name server
- ombudsman.gov.sd 62.12.105.3 f03-web01.nic.gov.sd
- Found 1 host(s) for ombudsman.gov.sd
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on ombudsman.gov.sd
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 223.69 seconds
- Subdomain Ip address Name server
- mail.ombudsman.gov.sd 62.12.105.3 f03-web01.nic.gov.sd
- mssql.ombudsman.gov.sd 62.12.105.3 f03-web01.nic.gov.sd
- webmail.ombudsman.gov.sd 62.12.105.3 f03-web01.nic.gov.sd
- www.ombudsman.gov.sd 62.12.105.3 f03-web01.nic.gov.sd
- #######################################################################################################################################
- WhatWeb report for http://ombudsman.gov.sd
- Status : 200 OK
- Title : ديوان المظالم و الحسبة-الرئيسية
- IP : <Unknown>
- Country : <Unknown>
- Summary : Script, ASP_NET[4.0.30319][MVC5.2], Email[info@mazalem.com], Microsoft-IIS[8.5], Modernizr[2.6.2-respond-1.1.0.min], JQuery[1.10.2,1.9.1,3.3.1], HTML5, Frame, X-Frame-Options[SAMEORIGIN], UncommonHeaders[x-aspnetmvc-version,x-powered-by-plesk], HttpOnly[ASP.NET_SessionId,__RequestVerificationToken], Cookies[ASP.NET_SessionId,__RequestVerificationToken], X-Powered-By[ASP.NET], HTTPServer[Microsoft-IIS/8.5]
- Detected Plugins:
- [ ASP_NET ]
- ASP.NET is a free web framework that enables great Web
- applications. Used by millions of developers, it runs some
- of the biggest sites in the world.
- Version : 4.0.30319 (from X-AspNet-Version HTTP header)
- String : MVC5.2
- Google Dorks: (2)
- Website : http://www.asp.net/
- [ Cookies ]
- Display the names of cookies in the HTTP headers. The
- values are not returned to save on space.
- String : __RequestVerificationToken
- String : ASP.NET_SessionId
- [ Email ]
- Extract email addresses. Find valid email address and
- syntactically invalid email addresses from mailto: link
- tags. We match syntactically invalid links containing
- mailto: to catch anti-spam email addresses, eg. bob at
- gmail.com. This uses the simplified email regular
- expression from
- http://www.regular-expressions.info/email.html for valid
- email address matching.
- String : info@mazalem.com
- String : info@mazalem.com
- [ Frame ]
- This plugin detects instances of frame and iframe HTML
- elements.
- [ HTML5 ]
- HTML version 5, detected by the doctype declaration
- [ HTTPServer ]
- HTTP server header string. This plugin also attempts to
- identify the operating system from the server header.
- String : Microsoft-IIS/8.5 (from server string)
- [ HttpOnly ]
- If the HttpOnly flag is included in the HTTP set-cookie
- response header and the browser supports it then the cookie
- cannot be accessed through client side script - More Info:
- http://en.wikipedia.org/wiki/HTTP_cookie
- String : ASP.NET_SessionId,__RequestVerificationToken
- [ JQuery ]
- A fast, concise, JavaScript that simplifies how to traverse
- HTML documents, handle events, perform animations, and add
- AJAX.
- Version : 1.10.2,1.9.1,3.3.1
- Website : http://jquery.com/
- [ Microsoft-IIS ]
- Microsoft Internet Information Services (IIS) for Windows
- Server is a flexible, secure and easy-to-manage Web server
- for hosting anything on the Web. From media streaming to
- web application hosting, IIS's scalable and open
- architecture is ready to handle the most demanding tasks.
- Version : 8.5
- Website : http://www.iis.net/
- [ Modernizr ]
- Modernizr adds classes to the <html> element which allow
- you to target specific browser functionality in your
- stylesheet. You don't actually need to write any Javascript
- to use it. [JavaScript]
- Version : 2.6.2-respond-1.1.0.min
- Website : http://www.modernizr.com/
- [ Script ]
- This plugin detects instances of script HTML elements and
- returns the script language/type.
- [ UncommonHeaders ]
- Uncommon HTTP server headers. The blacklist includes all
- the standard headers and many non standard but common ones.
- Interesting but fairly common headers should have their own
- plugins, eg. x-powered-by, server and x-aspnet-version.
- Info about headers can be found at www.http-stats.com
- String : x-aspnetmvc-version,x-powered-by-plesk (from headers)
- [ X-Frame-Options ]
- This plugin retrieves the X-Frame-Options value from the
- HTTP header. - More Info:
- http://msdn.microsoft.com/en-us/library/cc288472%28VS.85%29.
- aspx
- String : SAMEORIGIN
- [ X-Powered-By ]
- X-Powered-By HTTP header
- String : ASP.NET (from x-powered-by string)
- HTTP Headers:
- HTTP/1.1 200 OK
- Cache-Control: private
- Content-Type: text/html; charset=utf-8
- Content-Encoding: gzip
- Vary: Accept-Encoding
- Server: Microsoft-IIS/8.5
- X-AspNetMvc-Version: 5.2
- X-Frame-Options: SAMEORIGIN
- X-AspNet-Version: 4.0.30319
- Set-Cookie: __RequestVerificationToken=kusRRJtmx-BG465A1DEM_PDys7rab1VIWkuXKojpTYjnE9B4zp3FTxflYxEO_xBRhqnycMg3fTfe0tBnVxkfMoO3o6vGIacGPKacpUKsDsM1; path=/; HttpOnly
- Set-Cookie: ASP.NET_SessionId=m415ntwpdyovqakg455nrsco; path=/; HttpOnly
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Fri, 14 Jun 2019 23:55:03 GMT
- Connection: close
- Content-Length: 15100
- #######################################################################################################################################
- DNS Servers for ombudsman.gov.sd:
- ns0.ndc.gov.sd
- ns1.ndc.gov.sd
- Trying zone transfer first...
- Testing ns0.ndc.gov.sd
- Whoah, it worked - misconfigured DNS server found:
- ombudsman.gov.sd. 86400 IN SOA ( ns0.ndc.gov.sd. root.ndc.gov.sd.
- 2018071900 ;serial
- 10800 ;refresh
- 900 ;retry
- 604800 ;expire
- 86400 ;minimum
- )
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10 mail.obudsman.gov.sd.
- ombudsman.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10 mail.ombudsman.gov.sd.
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- There isn't much point continuing, you have everything.
- Have a nice day.
- Exiting...
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- ombudsman.gov.sd -----
- Host's addresses:
- __________________
- ombudsman.gov.sd. 84037 IN A 62.12.105.3
- Name Servers:
- ______________
- ns0.ndc.gov.sd. 12377 IN A 62.12.109.2
- ns1.ndc.gov.sd. 12371 IN A 62.12.109.3
- Mail (MX) Servers:
- ___________________
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for ombudsman.gov.sd on ns0.ndc.gov.sd ...
- ombudsman.gov.sd. 86400 IN SOA (
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10
- ombudsman.gov.sd. 86400 IN TXT "v=spf1
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- Trying Zone Transfer for ombudsman.gov.sd on ns1.ndc.gov.sd ...
- ombudsman.gov.sd. 86400 IN SOA (
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10
- ombudsman.gov.sd. 86400 IN TXT "v=spf1
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- brute force file not specified, bay.
- #######################################################################################################################################
- [-] Enumerating subdomains now for ombudsman.gov.sd
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- Yahoo: www.ombudsman.gov.sd
- [-] Saving results to file: /usr/share/sniper/loot//domains/domains-ombudsman.gov.sd.txt
- [-] Total Unique Subdomains Found: 1
- www.ombudsman.gov.sd
- #######################################################################################################################################
- ===============================================
- -=Subfinder v1.1.3 github.com/subfinder/subfinder
- ===============================================
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on ombudsman.gov.sd
- dnsdb: Unexpected return status 503
- waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.ombudsman.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
- dogpile: Get https://www.dogpile.com/search/web?q=ombudsman.gov.sd&qsi=1: EOF
- ipv4info: <nil>
- Starting Bruteforcing of ombudsman.gov.sd with 9985 words
- Total 6 Unique subdomains found for ombudsman.gov.sd
- .ombudsman.gov.sd
- mail.ombudsman.gov.sd
- mssql.ombudsman.gov.sd
- webmail.ombudsman.gov.sd
- www.ombudsman.gov.sd
- www.ombudsman.gov.sd
- #######################################################################################################################################
- [*] Processing domain ombudsman.gov.sd
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
- [+] Getting nameservers
- 62.12.109.2 - ns0.ndc.gov.sd
- [+] Zone transfer sucessful using nameserver ns0.ndc.gov.sd
- ombudsman.gov.sd. 86400 IN SOA ns0.ndc.gov.sd. root.ndc.gov.sd. 2018071900 10800 900 604800 86400
- ombudsman.gov.sd. 86400 IN NS ns0.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN NS ns1.ndc.gov.sd.
- ombudsman.gov.sd. 86400 IN A 62.12.105.3
- ombudsman.gov.sd. 86400 IN MX 10 mail.obudsman.gov.sd.
- ombudsman.gov.sd. 86400 IN TXT "v=spf1 mx -all"
- mail.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- mail.ombudsman.gov.sd. 86400 IN MX 10 mail.ombudsman.gov.sd.
- mssql.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- webmail.ombudsman.gov.sd. 86400 IN CNAME mail.ombudsman.gov.sd.
- www.ombudsman.gov.sd. 86400 IN A 62.12.105.3
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 mx -all
- [*] SPF record contains an All item: -all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for ombudsman.gov.sd!
- #######################################################################################################################################
- dig: '.ombudsman.gov.sd' is not a legal name (empty label)
- SubOver v.1.2 Nizamul Rana (@Ice3man)
- ==================================================
- [~] Enjoy your hunt !
- [Not Vulnerable] .ombudsman.gov.sd
- [Not Vulnerable] 77.72.0.146
- [Not Vulnerable] 147.237.77.18
- [Not Vulnerable] 52.64.99.208
- [Not Vulnerable] IN
- [Not Vulnerable] domain
- [Not Vulnerable] 62.12.105.3
- [Not Vulnerable] mail.ombudsman.gov.sd
- [Not Vulnerable] www.cbs.gov.ws
- [Not Vulnerable] www.sviva.gov.il
- [Not Vulnerable] ombudsman.gov.sd
- [Not Vulnerable] www.ombudsman.gov.sd
- [Not Vulnerable] webmail.ombudsman.gov.sd
- [Not Vulnerable] mssql.ombudsman.gov.sd
- #######################################################################################################################################
- 62.12.96.0/20
- 62.12.96.0/24
- 62.12.97.0/24
- 62.12.98.0/24
- 62.12.99.0/24
- 62.12.100.0/24
- 62.12.101.0/24
- 62.12.102.0/23
- 62.12.104.0/24
- 62.12.105.0/24
- 62.12.106.0/24
- 62.12.107.0/24
- 62.12.108.0/24
- 62.12.109.0/24
- 62.12.110.0/24
- 62.12.111.0/24
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:09 EDT
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.23s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- Not shown: 464 filtered ports, 6 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 8443/tcp open https-alt
- Nmap done: 1 IP address (1 host up) scanned in 6.71 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:09 EDT
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 3.13 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:09 EDT
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Microsoft ftpd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3083 guesses in 180 seconds, average tps: 16.8
- | ftp-syst:
- |_ SYST: Windows_NT
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 114.81 ms 10.249.200.1
- 2 115.15 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 106.78 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 117.57 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 120.43 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 116.20 ms 80.77.2.193
- 7 307.59 ms xe-8-1-3.0.pjr03.ldn001.flagtel.com (85.95.26.242)
- 8 126.01 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 280.22 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 326.88 ms 80.77.2.42
- 11 237.46 ms 196.29.177.113
- 12 250.42 ms 197.254.196.62
- 13 ...
- 14 251.79 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://ombudsman.gov.sd...
- _________________________ SITE INFO _________________________
- IP Title
- 62.12.105.3 ديوان المظالم و الحسبة-الرئيسية
- __________________________ VERSION __________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- jQuery 1.10.2 | 3.3.1 JavaScript
- Microsoft Windows Server 2012 R2 OS
- _____________________________________________________________
- Time: 229.8 sec Urls: 629 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 302 Found
- Cache-Control: private
- Content-Length: 144
- Content-Type: text/html; charset=utf-8
- Location: /Home/Index?aspxerrorpath=/
- Server: Microsoft-IIS/8.5
- X-AspNetMvc-Version: 5.2
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 00:17:35 GMT
- HTTP/1.1 302 Found
- Cache-Control: private
- Content-Length: 144
- Content-Type: text/html; charset=utf-8
- Location: /Home/Index?aspxerrorpath=/
- Server: Microsoft-IIS/8.5
- X-AspNetMvc-Version: 5.2
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 00:17:35 GMT
- HTTP/1.1 500 Internal Server Error
- Cache-Control: private
- Content-Length: 1763
- Content-Type: text/html; charset=utf-8
- Server: Microsoft-IIS/8.5
- X-AspNet-Version: 4.0.30319
- X-Powered-By: ASP.NET
- X-Powered-By-Plesk: PleskWin
- Date: Sat, 15 Jun 2019 00:17:35 GMT
- Allow: OPTIONS, TRACE, GET, HEAD, POST
- #######################################################################################################################################
- Bootstrap
- Font Awesome
- jQuery 3.3.1
- Plesk
- IIS 8.5
- Modernizr
- Microsoft ASP.NET 4.0.30319
- Microsoft ASP.NET
- X-AspNetMvc-Version: 5.2
- #######################################################################################################################################
- tee: /usr/share/sniper/loot//output/nmap-ombudsman.gov.sd-port110.txt: Aucun fichier ou dossier de ce type
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:18 EDT
- Nmap scan report for ombudsman.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- rDNS record for 62.12.105.3: f03-web01.nic.gov.sd
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 MailEnable POP3 Server
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 95 guesses in 7 seconds, average tps: 13.6
- |_ ERROR: Failed to make a pop-connection.
- |_pop3-capabilities: USER UIDL TOP
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 108.18 ms 10.249.200.1
- 2 108.41 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 108.24 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 119.27 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 114.07 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 120.70 ms 80.77.2.193
- 7 286.18 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 134.34 ms xe-8-2-1.0.cjr04.prs001.flagtel.com (85.95.25.170)
- 9 280.76 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 328.52 ms 80.77.2.42
- 11 234.29 ms 196.29.177.113
- 12 244.41 ms 197.254.196.62
- 13 ...
- 14 245.35 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:47 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.22s latency).
- Not shown: 464 filtered ports, 6 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 8443/tcp open https-alt
- Nmap done: 1 IP address (1 host up) scanned in 6.80 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:47 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Nmap done: 1 IP address (1 host up) scanned in 2.15 seconds
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:47 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Microsoft ftpd
- | ftp-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 3086 guesses in 180 seconds, average tps: 16.8
- | ftp-syst:
- |_ SYST: Windows_NT
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 108.27 ms 10.249.200.1
- 2 108.32 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 108.30 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 124.41 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 114.62 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 117.47 ms 80.77.2.193
- 7 303.91 ms xe-8-1-3.0.pjr03.ldn001.flagtel.com (85.95.26.242)
- 8 127.46 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 280.65 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 328.06 ms 80.77.2.42
- 11 234.33 ms 196.29.177.113
- 12 244.30 ms 197.254.196.62
- 13 ...
- 14 245.07 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:51 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 107.99 ms 10.249.200.1
- 2 108.92 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 108.04 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 115.01 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 114.44 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 117.22 ms 80.77.2.193
- 7 284.27 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 127.63 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 281.29 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 351.01 ms 80.77.2.42
- 11 235.72 ms 196.29.177.113
- 12 245.18 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:53 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 113.23 ms 10.249.200.1
- 2 113.79 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 113.82 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 116.20 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 119.44 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 122.43 ms 80.77.2.193
- 7 291.09 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 127.47 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 279.87 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 327.09 ms 80.77.2.42
- 11 244.13 ms 196.29.177.113
- 12 253.82 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:55 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 109.98 ms 10.249.200.1
- 2 110.54 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 110.06 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 110.09 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 116.36 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 119.03 ms 80.77.2.193
- 7 288.67 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 129.43 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 282.66 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 330.12 ms 80.77.2.42
- 11 235.57 ms 196.29.177.113
- 12 245.06 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://62.12.105.3...
- ______________________ SITE INFO _______________________
- IP Title
- 62.12.105.3 Domain Default page
- _______________________ VERSION ________________________
- Name Versions Type
- ASP.NET 4.0.30319 Platform
- IIS 8.5 Platform
- Microsoft Windows Server 2012 R2 OS
- ________________________________________________________
- Time: 36.8 sec Urls: 601 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Content-Length: 3815
- Content-Type: text/html
- Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
- Accept-Ranges: bytes
- ETag: "f1eb6487719ed11:0"
- Server: Microsoft-IIS/8.5
- X-Powered-By: ASP.NET
- Date: Fri, 14 Jun 2019 23:58:38 GMT
- HTTP/1.1 200 OK
- Content-Length: 3815
- Content-Type: text/html
- Last-Modified: Sun, 24 Apr 2016 21:37:41 GMT
- Accept-Ranges: bytes
- ETag: "f1eb6487719ed11:0"
- Server: Microsoft-IIS/8.5
- X-Powered-By: ASP.NET
- Date: Fri, 14 Jun 2019 23:58:39 GMT
- Allow: OPTIONS, TRACE, GET, HEAD, POST
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:58 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.25s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 MailEnable POP3 Server
- | pop3-brute:
- | Accounts: No valid accounts found
- | Statistics: Performed 85 guesses in 7 seconds, average tps: 12.1
- |_ ERROR: Failed to make a pop-connection.
- |_pop3-capabilities: TOP USER UIDL
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: phone
- Running: Nokia Symbian OS
- OS CPE: cpe:/o:nokia:symbian_os
- OS details: Nokia E70 or N86 mobile phone (Symbian OS)
- Network Distance: 14 hops
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using port 443/tcp)
- HOP RTT ADDRESS
- 1 107.51 ms 10.249.200.1
- 2 107.93 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 107.65 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 117.95 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 150.84 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 116.52 ms 80.77.2.193
- 7 306.04 ms xe-8-1-3.0.pjr03.ldn001.flagtel.com (85.95.26.242)
- 8 126.86 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 280.43 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 327.66 ms 80.77.2.42
- 11 235.45 ms 196.29.177.113
- 12 244.96 ms 197.254.196.62
- 13 ...
- 14 262.43 ms f03-web01.nic.gov.sd (62.12.105.3)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 19:59 EDT
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up.
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 111.37 ms 10.249.200.1
- 2 111.94 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 111.73 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 111.59 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 117.61 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 120.42 ms 80.77.2.193
- 7 285.12 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 132.51 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 284.28 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 332.36 ms 80.77.2.42
- 11 235.19 ms 196.29.177.113
- 12 249.02 ms 197.254.196.62
- 13 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:03 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 20:03
- Completed NSE at 20:03, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 20:03
- Completed NSE at 20:03, 0.00s elapsed
- Initiating Ping Scan at 20:03
- Scanning 62.12.105.3 [4 ports]
- Completed Ping Scan at 20:03, 0.28s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 20:03
- Completed Parallel DNS resolution of 1 host. at 20:03, 0.02s elapsed
- Initiating Connect Scan at 20:03
- Scanning f03-web01.nic.gov.sd (62.12.105.3) [65535 ports]
- Discovered open port 80/tcp on 62.12.105.3
- Discovered open port 110/tcp on 62.12.105.3
- Discovered open port 443/tcp on 62.12.105.3
- Discovered open port 21/tcp on 62.12.105.3
- Discovered open port 143/tcp on 62.12.105.3
- Connect Scan Timing: About 6.92% done; ETC: 20:10 (0:06:57 remaining)
- Connect Scan Timing: About 17.02% done; ETC: 20:09 (0:04:57 remaining)
- Connect Scan Timing: About 25.73% done; ETC: 20:09 (0:04:23 remaining)
- Connect Scan Timing: About 44.65% done; ETC: 20:10 (0:03:59 remaining)
- Connect Scan Timing: About 52.02% done; ETC: 20:11 (0:03:37 remaining)
- Connect Scan Timing: About 60.82% done; ETC: 20:11 (0:03:12 remaining)
- Connect Scan Timing: About 71.01% done; ETC: 20:11 (0:02:14 remaining)
- Connect Scan Timing: About 84.00% done; ETC: 20:10 (0:01:08 remaining)
- Connect Scan Timing: About 92.34% done; ETC: 20:10 (0:00:32 remaining)
- Completed Connect Scan at 20:10, 413.88s elapsed (65535 total ports)
- Initiating Service scan at 20:10
- Scanning 5 services on f03-web01.nic.gov.sd (62.12.105.3)
- Completed Service scan at 20:10, 25.60s elapsed (5 services on 1 host)
- Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
- Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
- adjust_timeouts2: packet supposedly had rtt of -226841 microseconds. Ignoring time.
- adjust_timeouts2: packet supposedly had rtt of -226841 microseconds. Ignoring time.
- Initiating Traceroute at 20:11
- Completed Traceroute at 20:11, 6.34s elapsed
- Initiating Parallel DNS resolution of 12 hosts. at 20:11
- Completed Parallel DNS resolution of 12 hosts. at 20:11, 0.20s elapsed
- NSE: Script scanning 62.12.105.3.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 20:11
- NSE Timing: About 99.12% done; ETC: 20:11 (0:00:00 remaining)
- NSE Timing: About 99.27% done; ETC: 20:12 (0:00:00 remaining)
- NSE Timing: About 99.71% done; ETC: 20:12 (0:00:00 remaining)
- Completed NSE at 20:12, 92.84s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 20:12
- Completed NSE at 20:12, 0.50s elapsed
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up, received syn-ack ttl 112 (0.19s latency).
- Scanned at 2019-06-14 20:03:29 EDT for 551s
- Not shown: 65523 filtered ports
- Reason: 65522 no-responses and 1 host-unreach
- PORT STATE SERVICE REASON VERSION
- 21/tcp open ftp syn-ack Microsoft ftpd
- | ftp-syst:
- |_ SYST: Windows_NT
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/localityName=Seattle/emailAddress=info@plesk.com
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US/organizationalUnitName=Plesk/localityName=Seattle/emailAddress=info@plesk.com
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2016-04-19T09:30:36
- | Not valid after: 2017-04-19T09:30:36
- | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- | SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- | -----BEGIN CERTIFICATE-----
- | MIIEajCCA1KgAwIBAgIEBNin+DANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
- | VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxDTALBgNV
- | BAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4wDAYDVQQDEwVQbGVzazEdMBsGCSqG
- | SIb3DQEJARYOaW5mb0BwbGVzay5jb20wHhcNMTYwNDE5MDkzMDM2WhcNMTcwNDE5
- | MDkzMDM2WjCBgjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO
- | BgNVBAcTB1NlYXR0bGUxDTALBgNVBAoTBE9kaW4xDjAMBgNVBAsTBVBsZXNrMQ4w
- | DAYDVQQDEwVQbGVzazEdMBsGCSqGSIb3DQEJARYOaW5mb0BwbGVzay5jb20wggEi
- | MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSBgk7uIcz0ea9fN1QDp3Pl19b
- | rjqqnl3b7UIxbZaPhoraBvBknLJ0hEzOitQmKsxIsGKPLjxSb6WMmiE+YRH0kvOU
- | oXWa/yjRx3rG6Z+Wd6U7r7IIbWdBMGgbTQ2OdzmrKXVqoaXM2crH9cPDhWJgkVu9
- | Q6zuUiMjo7cwFR1X/vAVPW1C4l5HQcW3oGC14ll5jC15IbB04YusglQVfD/8u246
- | nMRgToyj+gxMvsifYG9h53OT0qJz/MFk4PvtG2MAy8ipR10VMtOUrMqzaZ1ntjex
- | sqog2cNgT6LLRMi870OCRaT/cVYCjNlhcQIE2Tpyf9MYKK0myMokTBXs+WNHAgMB
- | AAGjgeUwgeIwHQYDVR0OBBYEFKXkfR1gs1JC6WRjoLsdij8g/DVYMIGyBgNVHSME
- | gaowgaeAFKXkfR1gs1JC6WRjoLsdij8g/DVYoYGIpIGFMIGCMQswCQYDVQQGEwJV
- | UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTENMAsGA1UE
- | ChMET2RpbjEOMAwGA1UECxMFUGxlc2sxDjAMBgNVBAMTBVBsZXNrMR0wGwYJKoZI
- | hvcNAQkBFg5pbmZvQHBsZXNrLmNvbYIEBNin+DAMBgNVHRMEBTADAQH/MA0GCSqG
- | SIb3DQEBCwUAA4IBAQARU5/ZcbkEx+CNZjqAY2r5h5m2Bq5kt0CY+j6uH05oreL9
- | 5gKbBctsDTehfCw5+VpFpv4lCogQ9QJlQ8A3VQXV4kjueRIMvrShPbh7vZ1LcQNR
- | PXDUyNZpbItE29/rJe4qvgFWMd73yw18H871kwLtddx0XfOv2tgO5fzLr9BT5hzq
- | E9upUN40ATHb/bDcAVLsUTOmYM9idZ4AS/oj0oCeBR9eqcw3IHNneIO3Qk2EA2UO
- | U93iDngn3tuYqUFlLZSjcVfWIWvY7cDMfqGEdanpz42V5nFqUQ76sWvYb8iF73uy
- | uxIFo3Edw+sf2D1fyEpbDQZNsNiNSyUUHUq3qagk
- |_-----END CERTIFICATE-----
- 25/tcp closed smtp conn-refused
- 80/tcp open http syn-ack Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- | Supported Methods: OPTIONS TRACE GET HEAD POST
- |_ Potentially risky methods: TRACE
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Domain Default page
- 110/tcp open pop3 syn-ack MailEnable POP3 Server
- |_pop3-capabilities: USER UIDL TOP
- 113/tcp closed ident conn-refused
- 139/tcp closed netbios-ssn conn-refused
- 143/tcp open imap syn-ack MailEnable imapd
- |_imap-capabilities: IMAP4 IMAP4rev1 AUTH=LOGIN OK completed CHILDREN AUTH=CRAM-MD5 CAPABILITY IDLE UIDPLUSA0001
- 443/tcp open https? syn-ack
- 445/tcp closed microsoft-ds conn-refused
- 993/tcp closed imaps conn-refused
- 995/tcp closed pop3s conn-refused
- 1025/tcp closed NFS-or-IIS conn-refused
- Device type: general purpose|WAP|router
- Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (98%), MikroTik RouterOS 6.X (92%)
- OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:3.2.0 cpe:/o:mikrotik:routeros:6.15 cpe:/o:linux:linux_kernel:2.6.22
- OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
- Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (98%), Tomato 1.27 - 1.28 (Linux 2.4.20) (92%), Linux 3.2.0 (92%), MikroTik RouterOS 6.15 (Linux 3.3.5) (92%), Tomato firmware (Linux 2.6.22) (91%)
- No exact OS matches for host (test conditions non-ideal).
- TCP/IP fingerprint:
- SCAN(V=7.70%E=4%D=6/14%OT=21%CT=25%CU=%PV=N%G=N%TM=5D0437F8%P=x86_64-pc-linux-gnu)
- SEQ(SP=FF%GCD=1%ISR=103%CI=Z%TS=U)
- SEQ(CI=Z)
- OPS(O1=M44FW8N%O2=M44FW8N%O3=M44FW8N%O4=M44FW8N%O5=M44FW8N%O6=M44F)
- WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)
- ECN(R=Y%DF=Y%TG=80%W=2000%O=M44FW8N%CC=Y%Q=)
- ECN(R=N)
- T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
- T2(R=N)
- T3(R=N)
- T4(R=N)
- T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
- T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
- T7(R=N)
- U1(R=N)
- IE(R=N)
- Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 112.96 ms 10.249.200.1
- 2 113.16 ms vlan500.as03.bru1.be.m247.com (185.210.217.49)
- 3 113.00 ms vlan299.agg1.bru1.be.m247.com (176.10.82.60)
- 4 122.99 ms vlan2901.bb1.bru1.be.m247.com (176.10.82.30)
- 5 151.61 ms te-7-7-0.bb1.lon1.uk.m247.com (176.10.83.147)
- 6 148.57 ms 80.77.2.193
- 7 287.17 ms xe-9-0-1.0.pjr04.ldn001.flagtel.com (85.95.27.193)
- 8 132.28 ms xe-8-2-0.0.cjr04.prs001.flagtel.com (85.95.27.234)
- 9 285.74 ms xe-0-0-1.0.pjr04.dxb001.flagtel.com (85.95.25.94)
- 10 333.26 ms 80.77.2.42
- 11 235.30 ms 196.29.177.113
- 12 245.09 ms 197.254.196.62
- 13 ... 30
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 20:12
- Completed NSE at 20:12, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 20:12
- Completed NSE at 20:12, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 550.98 seconds
- Raw packets sent: 173 (11.884KB) | Rcvd: 2132 (119.118KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-14 20:12 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 20:12
- Completed NSE at 20:12, 0.00s elapsed
- Initiating NSE at 20:12
- Completed NSE at 20:12, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 20:12
- Completed Parallel DNS resolution of 1 host. at 20:12, 0.03s elapsed
- Initiating UDP Scan at 20:12
- Scanning f03-web01.nic.gov.sd (62.12.105.3) [14 ports]
- Completed UDP Scan at 20:12, 2.00s elapsed (14 total ports)
- Initiating Service scan at 20:12
- Scanning 12 services on f03-web01.nic.gov.sd (62.12.105.3)
- Service scan Timing: About 8.33% done; ETC: 20:32 (0:17:58 remaining)
- Completed Service scan at 20:14, 102.58s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against f03-web01.nic.gov.sd (62.12.105.3)
- Retrying OS detection (try #2) against f03-web01.nic.gov.sd (62.12.105.3)
- Initiating Traceroute at 20:14
- Completed Traceroute at 20:14, 7.13s elapsed
- Initiating Parallel DNS resolution of 1 host. at 20:14
- Completed Parallel DNS resolution of 1 host. at 20:14, 0.00s elapsed
- NSE: Script scanning 62.12.105.3.
- Initiating NSE at 20:14
- Completed NSE at 20:14, 20.32s elapsed
- Initiating NSE at 20:14
- Completed NSE at 20:14, 1.02s elapsed
- Nmap scan report for f03-web01.nic.gov.sd (62.12.105.3)
- Host is up (0.11s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 137/udp)
- HOP RTT ADDRESS
- 1 109.29 ms 10.249.200.1
- 2 ... 3
- 4 106.89 ms 10.249.200.1
- 5 114.41 ms 10.249.200.1
- 6 108.04 ms 10.249.200.1
- 7 108.05 ms 10.249.200.1
- 8 108.06 ms 10.249.200.1
- 9 108.07 ms 10.249.200.1
- 10 108.11 ms 10.249.200.1
- 11 ... 18
- 19 106.49 ms 10.249.200.1
- 20 106.21 ms 10.249.200.1
- 21 ... 27
- 28 107.49 ms 10.249.200.1
- 29 ...
- 30 112.61 ms 10.249.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 20:14
- Completed NSE at 20:14, 0.00s elapsed
- Initiating NSE at 20:14
- Completed NSE at 20:14, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 137.94 seconds
- Raw packets sent: 147 (13.614KB) | Rcvd: 981 (407.074KB)
- #######################################################################################################################################
- Hosts
- =====
- address mac name os_name os_flavor os_sp purpose info comments
- ------- --- ---- ------- --------- ----- ------- ---- --------
- 52.64.99.208 cbs.gov.ws Linux 3.X server
- 62.12.105.3 f03-web01.nic.gov.sd Linux 2.6.X server
- 77.72.0.146 argon.cloudhosting.co.uk Unknown device
- 147.237.77.18 Unknown device
- Services
- ========
- host port proto name state info
- ---- ---- ----- ---- ----- ----
- 52.64.99.208 20 tcp ftp-data closed
- 52.64.99.208 21 tcp ftp open vsftpd 3.0.2
- 52.64.99.208 25 tcp smtp closed
- 52.64.99.208 53 udp domain unknown
- 52.64.99.208 67 udp dhcps unknown
- 52.64.99.208 68 udp dhcpc unknown
- 52.64.99.208 69 udp tftp unknown
- 52.64.99.208 80 tcp http open Apache httpd
- 52.64.99.208 88 udp kerberos-sec unknown
- 52.64.99.208 123 udp ntp unknown
- 52.64.99.208 137 udp netbios-ns filtered
- 52.64.99.208 138 udp netbios-dgm filtered
- 52.64.99.208 139 tcp netbios-ssn closed
- 52.64.99.208 139 udp netbios-ssn unknown
- 52.64.99.208 161 udp snmp unknown
- 52.64.99.208 162 udp snmptrap unknown
- 52.64.99.208 389 udp ldap unknown
- 52.64.99.208 443 tcp ssl/http open Apache httpd
- 52.64.99.208 445 tcp microsoft-ds closed
- 52.64.99.208 520 udp route unknown
- 52.64.99.208 1024 tcp kdm closed
- 52.64.99.208 1025 tcp nfs-or-iis closed
- 52.64.99.208 1026 tcp lsa-or-nterm closed
- 52.64.99.208 1027 tcp iis closed
- 52.64.99.208 1028 tcp unknown closed
- 52.64.99.208 1029 tcp ms-lsa closed
- 52.64.99.208 1030 tcp iad1 closed
- 52.64.99.208 1031 tcp iad2 closed
- 52.64.99.208 1032 tcp iad3 closed
- 52.64.99.208 1033 tcp netinfo closed
- 52.64.99.208 1034 tcp zincite-a closed
- 52.64.99.208 1035 tcp multidropper closed
- 52.64.99.208 1036 tcp nsstp closed
- 52.64.99.208 1037 tcp ams closed
- 52.64.99.208 1038 tcp mtqp closed
- 52.64.99.208 1039 tcp sbl closed
- 52.64.99.208 1040 tcp netsaint closed
- 52.64.99.208 1041 tcp danf-ak2 closed
- 52.64.99.208 1042 tcp afrog closed
- 52.64.99.208 1043 tcp boinc closed
- 52.64.99.208 1044 tcp dcutility closed
- 52.64.99.208 1045 tcp fpitp closed
- 52.64.99.208 1046 tcp wfremotertm closed
- 52.64.99.208 1047 tcp neod1 closed
- 52.64.99.208 1048 tcp neod2 closed
- 52.64.99.208 2049 udp nfs unknown
- 62.12.105.3 21 tcp ftp open Microsoft ftpd
- 62.12.105.3 25 tcp smtp closed
- 62.12.105.3 53 udp domain unknown
- 62.12.105.3 67 udp dhcps unknown
- 62.12.105.3 68 udp dhcpc unknown
- 62.12.105.3 69 udp tftp unknown
- 62.12.105.3 80 tcp http open Microsoft IIS httpd 8.5
- 62.12.105.3 88 udp kerberos-sec unknown
- 62.12.105.3 110 tcp pop3 open MailEnable POP3 Server
- 62.12.105.3 113 tcp ident closed
- 62.12.105.3 123 udp ntp unknown
- 62.12.105.3 137 udp netbios-ns filtered
- 62.12.105.3 138 udp netbios-dgm filtered
- 62.12.105.3 139 tcp netbios-ssn closed
- 62.12.105.3 139 udp netbios-ssn unknown
- 62.12.105.3 143 tcp imap open MailEnable imapd
- 62.12.105.3 161 udp snmp unknown
- 62.12.105.3 162 udp snmptrap unknown
- 62.12.105.3 389 udp ldap unknown
- 62.12.105.3 443 tcp https open
- 62.12.105.3 445 tcp microsoft-ds closed
- 62.12.105.3 520 udp route unknown
- 62.12.105.3 993 tcp imaps closed
- 62.12.105.3 995 tcp pop3s closed
- 62.12.105.3 1025 tcp nfs-or-iis closed
- 62.12.105.3 2049 udp nfs unknown
- 62.12.105.3 8443 tcp https-alt open
- 77.72.0.146 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:05. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
- 77.72.0.146 67 udp dhcps unknown
- 77.72.0.146 68 udp dhcpc unknown
- 77.72.0.146 69 udp tftp unknown
- 77.72.0.146 80 tcp http open
- 77.72.0.146 88 udp kerberos-sec unknown
- 77.72.0.146 110 tcp pop3 open
- 77.72.0.146 123 udp ntp unknown
- 77.72.0.146 139 udp netbios-ssn unknown
- 77.72.0.146 143 tcp imap open
- 77.72.0.146 389 udp ldap unknown
- 77.72.0.146 443 tcp https open
- 77.72.0.146 465 tcp smtps open
- 77.72.0.146 520 udp route unknown
- 77.72.0.146 587 tcp submission open
- 77.72.0.146 993 tcp imaps open
- 77.72.0.146 995 tcp pop3s open
- 77.72.0.146 2049 udp nfs unknown
- 147.237.77.18 53 udp domain unknown
- 147.237.77.18 67 udp dhcps unknown
- 147.237.77.18 68 udp dhcpc unknown
- 147.237.77.18 69 udp tftp unknown
- 147.237.77.18 80 tcp http open
- 147.237.77.18 88 udp kerberos-sec unknown
- 147.237.77.18 123 udp ntp unknown
- 147.237.77.18 139 udp netbios-ssn unknown
- 147.237.77.18 161 udp snmp unknown
- 147.237.77.18 162 udp snmptrap unknown
- 147.237.77.18 389 udp ldap unknown
- 147.237.77.18 520 udp route unknown
- 147.237.77.18 2049 udp nfs unknown
- #######################################################################################################################################
- Domains still to check: 1
- Checking if the hostname ombudsman.gov.sd. given is in fact a domain...
- Analyzing domain: ombudsman.gov.sd.
- Checking NameServers using system default resolver...
- IP: 62.12.109.2 (Sudan)
- HostName: ns0.ndc.gov.sd Type: NS
- IP: 62.12.109.3 (Sudan)
- HostName: ns1.ndc.gov.sd Type: NS
- Checking MailServers using system default resolver...
- WARNING!! There are no MX records for this domain
- Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
- Zone transfer successful on name server 62.12.109.2 (5 hosts)
- Zone transfer successful on name server 62.12.109.3 (5 hosts)
- Checking SPF record...
- Checking 5 most common hostnames using system default resolver...
- IP: 62.12.105.3 (Sudan)
- HostName: mssql.ombudsman.gov.sd. Type: A
- IP: 62.12.105.3 (Sudan)
- HostName: mssql.ombudsman.gov.sd. Type: A
- HostName: mail.ombudsman.gov.sd. Type: A
- HostName: f03-web01.nic.gov.sd Type: PTR
- IP: 62.12.105.3 (Sudan)
- HostName: mssql.ombudsman.gov.sd. Type: A
- HostName: mail.ombudsman.gov.sd. Type: A
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: www.ombudsman.gov.sd. Type: A
- IP: 62.12.105.3 (Sudan)
- HostName: mssql.ombudsman.gov.sd. Type: A
- HostName: mail.ombudsman.gov.sd. Type: A
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: www.ombudsman.gov.sd. Type: A
- HostName: webmail.ombudsman.gov.sd. Type: A
- Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
- Checking netblock 62.12.109.0
- Checking netblock 62.12.105.0
- Searching for ombudsman.gov.sd. emails in Google
- Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
- Host 62.12.109.2 is up (reset ttl 64)
- Host 62.12.109.3 is up (reset ttl 64)
- Host 62.12.105.3 is up (reset ttl 64)
- Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
- Scanning ip 62.12.109.2 (ns0.ndc.gov.sd):
- 53/tcp open domain syn-ack ttl 48 (unknown banner: you guess!)
- | dns-nsid:
- |_ bind.version: you guess!
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ guess!
- Scanning ip 62.12.109.3 (ns1.ndc.gov.sd):
- 53/tcp open domain syn-ack ttl 48 (unknown banner: you guess!)
- | dns-nsid:
- |_ bind.version: you guess!
- | fingerprint-strings:
- | DNSVersionBindReqTCP:
- | version
- | bind
- |_ guess!
- Scanning ip 62.12.105.3 (webmail.ombudsman.gov.sd.):
- 21/tcp open ftp syn-ack ttl 112 Microsoft ftpd
- | ftp-syst:
- |_ SYST: Windows_NT
- | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2016-04-19T09:30:36
- | Not valid after: 2017-04-19T09:30:36
- | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- |_SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- 80/tcp open http syn-ack ttl 112 Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- | Supported Methods: OPTIONS TRACE GET HEAD POST
- |_ Potentially risky methods: TRACE
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Domain Default page
- 110/tcp open pop3 syn-ack ttl 112 MailEnable POP3 Server
- |_pop3-capabilities: USER TOP UIDL
- 143/tcp open imap syn-ack ttl 112 MailEnable imapd
- |_imap-capabilities: IMAP4 OK completed AUTH=LOGIN IDLE UIDPLUSA0001 AUTH=CRAM-MD5 IMAP4rev1 CAPABILITY CHILDREN
- 443/tcp open https? syn-ack ttl 112
- 8443/tcp open ssl/http syn-ack ttl 112 Microsoft IIS httpd 8.5
- |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- | http-methods:
- |_ Supported Methods: GET HEAD POST OPTIONS
- | http-robots.txt: 1 disallowed entry
- |_/
- |_http-server-header: Microsoft-IIS/8.5
- |_http-title: Plesk Onyx 17.8.11
- | ssl-cert: Subject: commonName=f03-web01.nic.gov.sd
- | Subject Alternative Name: DNS:f03-web01.nic.gov.sd
- | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2019-05-16T00:30:46
- | Not valid after: 2019-08-14T00:30:46
- | MD5: 8a76 d806 383f 0437 1e28 3297 e8bc 357a
- |_SHA-1: 2d8f b6fa 2b1d d78f 9c4f 7916 a2b0 d7c3 e5c9 5305
- Device type: general purpose|WAP|router
- Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (98%), MikroTik RouterOS 6.X (92%)
- OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- WebCrawling domain's web servers... up to 50 max links.
- + URL to crawl: http://mail.ombudsman.gov.sd.
- + Date: 2019-06-14
- + Crawling URL: http://mail.ombudsman.gov.sd.:
- + Links:
- + Crawling http://mail.ombudsman.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://webmail.ombudsman.gov.sd.
- + Date: 2019-06-14
- + Crawling URL: http://webmail.ombudsman.gov.sd.:
- + Links:
- + Crawling http://webmail.ombudsman.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://mssql.ombudsman.gov.sd.
- + Date: 2019-06-14
- + Crawling URL: http://mssql.ombudsman.gov.sd.:
- + Links:
- + Crawling http://mssql.ombudsman.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: http://www.ombudsman.gov.sd.
- + Date: 2019-06-14
- + Crawling URL: http://www.ombudsman.gov.sd.:
- + Links:
- + Crawling http://www.ombudsman.gov.sd. (400 Bad Request)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mail.ombudsman.gov.sd.:8443
- + Date: 2019-06-14
- + Crawling URL: https://mail.ombudsman.gov.sd.:8443:
- + Links:
- + Crawling https://mail.ombudsman.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://webmail.ombudsman.gov.sd.:8443
- + Date: 2019-06-14
- + Crawling URL: https://webmail.ombudsman.gov.sd.:8443:
- + Links:
- + Crawling https://webmail.ombudsman.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://mssql.ombudsman.gov.sd.:8443
- + Date: 2019-06-14
- + Crawling URL: https://mssql.ombudsman.gov.sd.:8443:
- + Links:
- + Crawling https://mssql.ombudsman.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- + URL to crawl: https://www.ombudsman.gov.sd.:8443
- + Date: 2019-06-14
- + Crawling URL: https://www.ombudsman.gov.sd.:8443:
- + Links:
- + Crawling https://www.ombudsman.gov.sd.:8443 ([Errno 104] Connection reset by peer)
- + Searching for directories...
- + Searching open folders...
- --Finished--
- Summary information for domain ombudsman.gov.sd.
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Ips Information:
- IP: 62.12.109.2
- HostName: ns0.ndc.gov.sd Type: NS
- Country: Sudan
- Zone Transfer: 5
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 48 (unknown banner: you guess!)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: you guess!
- Script Info: | fingerprint-strings:
- Script Info: | DNSVersionBindReqTCP:
- Script Info: | version
- Script Info: | bind
- Script Info: |_ guess!
- IP: 62.12.109.3
- HostName: ns1.ndc.gov.sd Type: NS
- Country: Sudan
- Zone Transfer: 5
- Is Active: True (reset ttl 64)
- Port: 53/tcp open domain syn-ack ttl 48 (unknown banner: you guess!)
- Script Info: | dns-nsid:
- Script Info: |_ bind.version: you guess!
- Script Info: | fingerprint-strings:
- Script Info: | DNSVersionBindReqTCP:
- Script Info: | version
- Script Info: | bind
- Script Info: |_ guess!
- IP: 62.12.105.3
- HostName: mssql.ombudsman.gov.sd. Type: A
- HostName: mail.ombudsman.gov.sd. Type: A
- HostName: f03-web01.nic.gov.sd Type: PTR
- HostName: www.ombudsman.gov.sd. Type: A
- HostName: webmail.ombudsman.gov.sd. Type: A
- Country: Sudan
- Is Active: True (reset ttl 64)
- Port: 21/tcp open ftp syn-ack ttl 112 Microsoft ftpd
- Script Info: | ftp-syst:
- Script Info: |_ SYST: Windows_NT
- Script Info: | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- Script Info: | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2016-04-19T09:30:36
- Script Info: | Not valid after: 2017-04-19T09:30:36
- Script Info: | MD5: 8d45 138f 8b9f f882 90d9 90be 195a f4d0
- Script Info: |_SHA-1: 69d9 baa7 b23e 96ac 6090 cc93 d352 5c78 acba 9790
- Port: 80/tcp open http syn-ack ttl 112 Microsoft IIS httpd 8.5
- Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- Script Info: | http-methods:
- Script Info: | Supported Methods: OPTIONS TRACE GET HEAD POST
- Script Info: |_ Potentially risky methods: TRACE
- Script Info: |_http-server-header: Microsoft-IIS/8.5
- Script Info: |_http-title: Domain Default page
- Port: 110/tcp open pop3 syn-ack ttl 112 MailEnable POP3 Server
- Script Info: |_pop3-capabilities: USER TOP UIDL
- Port: 143/tcp open imap syn-ack ttl 112 MailEnable imapd
- Script Info: |_imap-capabilities: IMAP4 OK completed AUTH=LOGIN IDLE UIDPLUSA0001 AUTH=CRAM-MD5 IMAP4rev1 CAPABILITY CHILDREN
- Port: 443/tcp open https? syn-ack ttl 112
- Port: 8443/tcp open ssl/http syn-ack ttl 112 Microsoft IIS httpd 8.5
- Script Info: |_http-favicon: Unknown favicon MD5: 1DB747255C64A30F9236E9D929E986CA
- Script Info: | http-methods:
- Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
- Script Info: | http-robots.txt: 1 disallowed entry
- Script Info: |_/
- Script Info: |_http-server-header: Microsoft-IIS/8.5
- Script Info: |_http-title: Plesk Onyx 17.8.11
- Script Info: | ssl-cert: Subject: commonName=f03-web01.nic.gov.sd
- Script Info: | Subject Alternative Name: DNS:f03-web01.nic.gov.sd
- Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
- Script Info: | Public Key type: rsa
- Script Info: | Public Key bits: 2048
- Script Info: | Signature Algorithm: sha256WithRSAEncryption
- Script Info: | Not valid before: 2019-05-16T00:30:46
- Script Info: | Not valid after: 2019-08-14T00:30:46
- Script Info: | MD5: 8a76 d806 383f 0437 1e28 3297 e8bc 357a
- Script Info: |_SHA-1: 2d8f b6fa 2b1d d78f 9c4f 7916 a2b0 d7c3 e5c9 5305
- Script Info: Device type: general purpose|WAP|router
- Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (98%), MikroTik RouterOS 6.X (92%)
- Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
- #######################################################################################################################################
- Anonymous JTSEC #OpSudan Full Recon #90
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement