Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- =======================================================================================================================================
- Hostname www.nmsf.gov.sd ISP Paragon Internet Group Limited
- Continent Europe Flag
- GB
- Country United Kingdom Country Code GB
- Region Unknown Local time 29 Apr 2019 20:45 BST
- City Unknown Postal Code Unknown
- IP Address 87.247.241.39 Latitude 51.496
- Longitude -0.122
- =======================================================================================================================================
- #######################################################################################################################################
- > www.nmsf.gov.sd
- Server: 38.132.106.139
- Address: 38.132.106.139#53
- Non-authoritative answer:
- www.nmsf.gov.sd canonical name = nmsf.gov.sd.
- Name: nmsf.gov.sd
- Address: 87.247.241.39
- >
- #######################################################################################################################################
- HostIP:87.247.241.39
- HostName:www.nmsf.gov.sd
- Gathered Inet-whois information for 87.247.241.39
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 87.247.240.0 - 87.247.247.255
- netname: UK-PARAGON-20060203
- country: GB
- org: ORG-PIGL2-RIPE
- admin-c: PAR487-RIPE
- tech-c: PAR487-RIPE
- status: ALLOCATED PA
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: PARAGON-MNT
- mnt-lower: PARAGON-MNT
- mnt-routes: PARAGON-MNT
- created: 2006-02-03T12:53:28Z
- last-modified: 2017-07-06T09:37:09Z
- source: RIPE
- organisation: ORG-PIGL2-RIPE
- org-name: Paragon Internet Group Limited
- org-type: LIR
- address: 113 - 114 Buckingham Avenue
- address: SL1 4PF
- address: Slough
- address: UNITED KINGDOM
- phone: +441628200161
- mnt-ref: RIPE-NCC-HM-MNT
- mnt-ref: PARAGON-MNT
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: PARAGON-MNT
- admin-c: PAR487-RIPE
- abuse-c: PA7585-RIPE
- created: 2014-03-26T09:42:08Z
- last-modified: 2018-06-13T10:27:57Z
- source: RIPE # Filtered
- person: Paragon NOC
- address: 113-114 Buckingham Avenue
- address: Slough
- address: SL1 4PF
- phone: +44(0)1628 200 161
- nic-hdl: PAR487-RIPE
- mnt-by: PARAGON-MNT
- created: 2017-07-06T09:33:58Z
- last-modified: 2017-07-06T09:33:58Z
- source: RIPE
- % Information related to '87.247.240.0/21AS198047'
- route: 87.247.240.0/21
- origin: AS198047
- mnt-by: PARAGON-MNT
- created: 2017-07-05T11:24:46Z
- last-modified: 2017-07-05T11:24:46Z
- source: RIPE
- % This query was served by the RIPE Database Query Service version 1.93.2 (ANGUS)
- Gathered Inic-whois information for nmsf.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- Error: Unable to connect - Invalid Host
- ERROR: Connection to InicWhois Server sd.whois-servers.net failed
- close error
- Gathered Netcraft information for www.nmsf.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for www.nmsf.gov.sd
- Netcraft.com Information gathered
- Gathered Subdomain information for nmsf.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.nmsf.gov.sd
- HostIP:87.247.241.39
- HostName:aitc.nmsf.gov.sd
- HostIP:87.247.241.39
- Searching Altavista.com:80...
- Found 2 possible subdomain(s) for host nmsf.gov.sd, Searched 0 pages containing 0 results
- Gathered E-Mail information for nmsf.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host nmsf.gov.sd, Searched 0 pages containing 0 results
- Gathered TCP Port information for 87.247.241.39
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 21/tcp open
- 22/tcp open
- 53/tcp open
- 80/tcp open
- 110/tcp open
- 143/tcp open
- Portscan Finished: Scanned 150 ports, 3 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://www.nmsf.gov.sd
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title:
- الصندوق القومي للإمدادات الطبية
- [+] IP address: 87.247.241.39
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Found
- -------------[ contents ]----------------
- User-agent: *
- Disallow:
- -----------[end of contents]-------------
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 87.247.241.39
- [i] Country: United Kingdom
- [i] State:
- [i] City:
- [i] Latitude: 51.4964
- [i] Longitude: -0.1224
- H T T P H E A D E R S
- =======================================================================================================================================
- [i] HTTP/1.1 200 OK
- [i] Date: Mon, 29 Apr 2019 19:51:02 GMT
- [i] Cache-Control: no-cache
- [i] Set-Cookie: laravel_session=eyJpdiI6IndMaGxGUE9URVdUclY5aEVrYUFWWWc9PSIsInZhbHVlIjoid3pWanRrUlNRS0ttZEd3V2VhejdRNkk5VEk4QkNOSFVDUnFRSUtwcjQ0dUNpY1wvNnlJaHFXSDd0MFI5VFdJclBmQnFcL3RhWncwcTJzVFlkTHRWa0thdz09IiwibWFjIjoiMTFmYmQzY2FkZjJjYzkyYzY3MmU1ZGE5OTM3NDdkNjhkYmM1MTY5NDk2MDM1NjVmZDNmNmM5MDFkZjU3Y2M0NSJ9; expires=Mon, 29-Apr-2019 21:51:02 GMT; Max-Age=7200; path=/; HttpOnly
- [i] Content-Type: text/html; charset=UTF-8
- [i] Connection: close
- D N S L O O K U P
- =======================================================================================================================================
- nmsf.gov.sd. 14399 IN TXT "v=spf1 +a +mx +ip4:87.247.241.39 ~all"
- nmsf.gov.sd. 21599 IN NS ns2.servers.prgn.misp.co.uk.
- nmsf.gov.sd. 14399 IN A 87.247.241.39
- nmsf.gov.sd. 21599 IN NS ns1.servers.prgn.misp.co.uk.
- nmsf.gov.sd. 14399 IN MX 0 mail2.nmsf.gov.sd.
- nmsf.gov.sd. 21599 IN SOA ns1.servers.prgn.misp.co.uk. it.alhost.ae. 2019020601 3600 7200 1209600 86400
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 87.247.241.39
- Network = 87.247.241.39 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 87.247.241.39 - 87.247.241.39 }
- N M A P P O R T S C A N
- =======================================================================================================================================
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 19:51 UTC
- Nmap scan report for nmsf.gov.sd (87.247.241.39)
- Host is up (0.073s latency).
- rDNS record for 87.247.241.39: alhost.servers.prgn.misp.co.uk
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.34 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 1
- [+] Subdomain: mail2.nmsf.gov.sd
- [-] IP: 212.0.140.244
- #######################################################################################################################################
- [?] Enter the target: example( http://domain.com )
- http://www.nmsf.gov.sd/
- [!] IP Address : 87.247.241.39
- [!] www.nmsf.gov.sd doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for www.nmsf.gov.sd
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.nmsf.gov.sd
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.34 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns2.servers.prgn.misp.co.uk. (95.142.155.4) AS198047 UK Webhosting Ltd United Kingdom
- ns1.servers.prgn.misp.co.uk. (195.62.28.14) AS198047 UK Webhosting Ltd United Kingdom
- [+] Host Records (A)
- www.nmsf.gov.sdHTTP: (alhost.servers.prgn.misp.co.uk) (87.247.241.39) United Kingdom United Kingdom
- [+] TXT Records
- [+] DNS Map: https://dnsdumpster.com/static/map/nmsf.gov.sd.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- [+] Emails found:
- ---------------------------------------------------------------------------------------------------------------------------------------
- pixel-1556567466108081-web-@www.nmsf.gov.sd
- No hosts found
- [+] Virtual hosts:
- #######################################################################################################################################
- Enter Address Website = nmsf.gov.sd
- Reversing IP With HackTarget 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] 5ive.x.nespocash.sd
- [+] a7dental.com
- [+] ainainternational.com
- [+] alabwa-sd.com
- [+] albagair.net
- [+] albayaninvestments.com
- [+] alhost.ae
- [+] alhost.servers.prgn.misp.co.uk
- [+] alhostis.com
- [+] almalaeib.com
- [+] almoftah.net
- [+] alnilhost.com
- [+] alrahma-sd.org
- [+] anghamtv.net
- [+] ansar-alsunna.net
- [+] arefais.com
- [+] asawer-ae.com
- [+] aspltra.com
- [+] berbercement.com
- [+] bioheal-sd.com
- [+] career.com.sd
- [+] comix-me.com
- [+] cpanel.a7dental.com
- [+] cpanel.ainainternational.com
- [+] cpanel.albagair.net
- [+] cpanel.albayaninvestments.com
- [+] cpanel.alhostis.com
- [+] cpanel.aspltra.com
- [+] cpanel.berbercement.com
- [+] cpanel.career.com.sd
- [+] cpanel.dinarsd.com
- [+] cpanel.elhusseingroup.com
- [+] cpanel.fibsudan.com
- [+] cpanel.ganaltrade.com
- [+] cpanel.globalischool.com
- [+] cpanel.grundsit.com
- [+] cpanel.intercontinentalkrt.com
- [+] cpanel.islaher.com
- [+] cpanel.jaguaree.com
- [+] cpanel.jalelaco.com
- [+] cpanel.jasmar.net
- [+] cpanel.kanipharma.com
- [+] cpanel.katiasd.com
- [+] cpanel.kfourigroup.com
- [+] cpanel.kiow.net
- [+] cpanel.mowafag.com
- [+] cpanel.name4.net
- [+] cpanel.nilestatequran.net
- [+] cpanel.niletechna.com
- [+] cpanel.niletechna.net
- [+] cpanel.psrefinery.com
- [+] cpanel.shakakpharma.com
- [+] cpanel.sheikhco.com
- [+] cpanel.shihabfinance.com
- [+] cpanel.sokarab.com
- [+] cpanel.umatia.org
- [+] cpanel.alabwa-sd.com
- [+] cpanel.alrahma-sd.org
- [+] cpanel.ansar-alsunna.net
- [+] cpanel.asawer-ae.com
- [+] cpanel.comix-me.com
- [+] cpanel.devicetech-sd.com
- [+] cpanel.firstlink-sd.com
- [+] cpanel.gtc-et.com
- [+] cpanel.kosc-center.com
- [+] cpanel.poly-sudan.com
- [+] cpanel.raminternational-fze.com
- [+] cpanel.redsea-sd.com
- [+] cpanel.tadamonbank-sd.com
- [+] dawa-sd.com
- [+] dc-02405f90e459.magicinfo.live
- [+] devicetech-sd.com
- [+] dinarsd.com
- [+] elhusseingroup.com
- [+] eltayebsalih.sd
- [+] firstlink-sd.com
- [+] galooan.org
- [+] ganaltrade.com
- [+] giadaluminum.com
- [+] globalischool.com
- [+] grundsit.com
- [+] gsg-co.com
- [+] gtc-et.com
- [+] hassidat.com
- [+] hotnet.sd
- [+] ikhwan.sd
- [+] intercontinentalkrt.com
- [+] islaher.com
- [+] jaguaree.com
- [+] jalelaco.com
- [+] jasmar.net
- [+] kanipharma.com
- [+] katiasd.com
- [+] kfourigroup.com
- [+] kiow.net
- [+] kosc-center.com
- [+] live.sd
- [+] lycos-sd.com
- [+] m.islaher.com
- [+] mm.tadamonbank-sd.com
- [+] mowafag.com
- [+] name4.net
- [+] neptapetro.com
- [+] nespocash.sd
- [+] nilestatequran.net
- [+] niletechna.com
- [+] niletechna.net
- [+] nmsf.gov.sd
- [+] pacc19sudan.com
- [+] parliament.gov.sd
- [+] poly-sudan.com
- [+] psrefinery.com
- [+] raminternational-fze.com
- [+] redsea-sd.com
- [+] reflections.sd
- [+] rspship.com
- [+] salihat.org
- [+] shakakpharma.com
- [+] sheikhco.com
- [+] shihabfinance.com
- [+] sj.gov.sd
- [+] sokarab.com
- [+] studentwelfare.sd
- [+] sudansport.net
- [+] taseti.net
- [+] umatia.org
- [+] wain-pay.com
- [+] webdisk.a7dental.com
- [+] webdisk.ainainternational.com
- [+] webdisk.albagair.net
- [+] webdisk.albayaninvestments.com
- [+] webdisk.alhostis.com
- [+] webdisk.aspltra.com
- [+] webdisk.berbercement.com
- [+] webdisk.career.com.sd
- [+] webdisk.dinarsd.com
- [+] webdisk.elhusseingroup.com
- [+] webdisk.fibsudan.com
- [+] webdisk.ganaltrade.com
- [+] webdisk.globalischool.com
- [+] webdisk.grundsit.com
- [+] webdisk.intercontinentalkrt.com
- [+] webdisk.islaher.com
- [+] webdisk.jaguaree.com
- [+] webdisk.jalelaco.com
- [+] webdisk.jasmar.net
- [+] webdisk.kanipharma.com
- [+] webdisk.katiasd.com
- [+] webdisk.kfourigroup.com
- [+] webdisk.kiow.net
- [+] webdisk.mowafag.com
- [+] webdisk.name4.net
- [+] webdisk.nilestatequran.net
- [+] webdisk.niletechna.com
- [+] webdisk.niletechna.net
- [+] webdisk.psrefinery.com
- [+] webdisk.shakakpharma.com
- [+] webdisk.sheikhco.com
- [+] webdisk.shihabfinance.com
- [+] webdisk.sokarab.com
- [+] webdisk.umatia.org
- [+] webdisk.alabwa-sd.com
- [+] webdisk.alrahma-sd.org
- [+] webdisk.ansar-alsunna.net
- [+] webdisk.asawer-ae.com
- [+] webdisk.comix-me.com
- [+] webdisk.dawa-sd.com
- [+] webdisk.devicetech-sd.com
- [+] webdisk.firstlink-sd.com
- [+] webdisk.gtc-et.com
- [+] webdisk.kosc-center.com
- [+] webdisk.poly-sudan.com
- [+] webdisk.raminternational-fze.com
- [+] webdisk.redsea-sd.com
- [+] webdisk.tadamonbank-sd.com
- [+] webmail.a7dental.com
- [+] webmail.ainainternational.com
- [+] webmail.albagair.net
- [+] webmail.albayaninvestments.com
- [+] webmail.alhostis.com
- [+] webmail.aspltra.com
- [+] webmail.berbercement.com
- [+] webmail.career.com.sd
- [+] webmail.dinarsd.com
- [+] webmail.elhusseingroup.com
- [+] webmail.fibsudan.com
- [+] webmail.ganaltrade.com
- [+] webmail.globalischool.com
- [+] webmail.grundsit.com
- [+] webmail.intercontinentalkrt.com
- [+] webmail.islaher.com
- [+] webmail.jaguaree.com
- [+] webmail.jalelaco.com
- [+] webmail.jasmar.net
- [+] webmail.kanipharma.com
- [+] webmail.katiasd.com
- [+] webmail.kfourigroup.com
- [+] webmail.kiow.net
- [+] webmail.mowafag.com
- [+] webmail.name4.net
- [+] webmail.nilestatequran.net
- [+] webmail.niletechna.com
- [+] webmail.niletechna.net
- [+] webmail.psrefinery.com
- [+] webmail.shakakpharma.com
- [+] webmail.sheikhco.com
- [+] webmail.shihabfinance.com
- [+] webmail.sj.gov.sd
- [+] webmail.sokarab.com
- [+] webmail.umatia.org
- [+] webmail.alabwa-sd.com
- [+] webmail.alrahma-sd.org
- [+] webmail.ansar-alsunna.net
- [+] webmail.asawer-ae.com
- [+] webmail.comix-me.com
- [+] webmail.dawa-sd.com
- [+] webmail.devicetech-sd.com
- [+] webmail.firstlink-sd.com
- [+] webmail.gtc-et.com
- [+] webmail.kosc-center.com
- [+] webmail.poly-sudan.com
- [+] webmail.raminternational-fze.com
- [+] webmail.redsea-sd.com
- [+] webmail.tadamonbank-sd.com
- [+] whm.fibsudan.com
- [+] wwm-sudan.com
- [+] www.m.islaher.com
- [+] zain.eltayebsalih.sd
- #######################################################################################################################################
- Reverse IP With YouGetSignal 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [*] IP: 87.247.241.39
- [*] Domain: nmsf.gov.sd
- [*] Total Domains: 18
- [+] alhost.servers.prgn.misp.co.uk
- [+] autohouse.sd
- [+] bluejet.sd
- [+] bpi.sd
- [+] eltayebsalih.sd
- [+] ikhwan.sd
- [+] inmaa.sd
- [+] islaher.com
- [+] katiasd.com
- [+] kosc-center.com
- [+] nmsf.gov.sd
- [+] parliament.gov.sd
- [+] rspship.com
- [+] salihat.org
- [+] sj.gov.sd
- [+] www.bpi.sd
- [+] www.zain.eltayebsalih.sd
- [+] zain.eltayebsalih.sd
- #######################################################################################################################################
- Geo IP Lookup 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] IP Address: 87.247.241.39
- [+] Country: United Kingdom
- [+] State:
- [+] City:
- [+] Latitude: 51.4964
- [+] Longitude: -0.1224
- #######################################################################################################################################
- Bypass Cloudflare 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [!] CloudFlare Bypass 87.247.241.39 | ftp.nmsf.gov.sd
- [!] CloudFlare Bypass 87.247.241.39 | cpanel.nmsf.gov.sd
- [!] CloudFlare Bypass 87.247.241.39 | webmail.nmsf.gov.sd
- [!] CloudFlare Bypass 87.247.241.39 | mail.nmsf.gov.sd
- [!] CloudFlare Bypass 87.247.241.39 | www.nmsf.gov.sd
- [!] CloudFlare Bypass 212.0.140.244 | mail2.nmsf.gov.sd
- #######################################################################################################################################
- DNS Lookup 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] nmsf.gov.sd. 21599 IN NS ns2.servers.prgn.misp.co.uk.
- [+] nmsf.gov.sd. 14399 IN TXT "v=spf1 +a +mx +ip4:87.247.241.39 ~all"
- [+] nmsf.gov.sd. 14399 IN A 87.247.241.39
- [+] nmsf.gov.sd. 14399 IN MX 0 mail2.nmsf.gov.sd.
- [+] nmsf.gov.sd. 21599 IN SOA ns1.servers.prgn.misp.co.uk. it.alhost.ae. 2019020601 3600 7200 1209600 86400
- [+] nmsf.gov.sd. 21599 IN NS ns1.servers.prgn.misp.co.uk.
- #######################################################################################################################################
- Show HTTP Header 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] HTTP/1.1 200 OK
- [+] Date: Mon, 29 Apr 2019 19:50:35 GMT
- [+] Server: Apache
- [+] Cache-Control: no-cache
- [+] Set-Cookie: laravel_session=eyJpdiI6IkJQTnVtN1RYSmV1V3c2SVZjc3BuYXc9PSIsInZhbHVlIjoiTGU3RVVKa3U0cHlpRjk3THNkWHBQRXhzSVRnZ3VMTlwvd3BpcTdyRGduRTU1VGE1YUdLQXE0OTBNQXBtcGdCWUh3RzRBZmF3U3hjU25aODlHeE9wR0FBPT0iLCJtYWMiOiIxYWNhNTc2NTMwMGNhY2E4NGU4ZmYwOTA0YTFhNDQ4NTRkM2MyNzUyOTdmMDhkMTdjMzg0MjY1MjEwMTBiOTZhIn03D; expires=Mon, 29-Apr-2019 21:50:35 GMT; Max-Age=7200; path=/; HttpOnly
- [+] Content-Type: text/html; charset=UTF-8
- ######################################################################################################################################
- Port Scan 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 19:50 UTC
- Nmap scan report for nmsf.gov.sd (87.247.241.39)
- Host is up (0.075s latency).
- rDNS record for 87.247.241.39: alhost.servers.prgn.misp.co.uk
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 23/tcp filtered telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp filtered ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 2.66 seconds
- #######################################################################################################################################
- Robot.txt 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- User-agent: *
- Disallow:
- #######################################################################################################################################
- Traceroute 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-04-29T19:50:44+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.8 1.5 0.8 2.9 1.2
- 2.|-- 45.79.12.6 0.0% 3 1.6 1.1 0.6 1.6 0.5
- 3.|-- dls-b22-link.telia.net 0.0% 3 4.8 3.7 1.5 4.8 1.9
- 4.|-- atl-b22-link.telia.net 0.0% 3 20.5 19.7 19.3 20.5 0.7
- 5.|-- ash-bb3-link.telia.net 33.3% 3 112.9 111.8 110.7 112.9 1.6
- 6.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
- 7.|-- ldn-bb4-link.telia.net 33.3% 3 105.8 105.8 105.8 105.8 0.0
- 8.|-- ldn-b5-link.telia.net 0.0% 3 106.3 106.2 106.0 106.4 0.2
- 9.|-- ae0.cr-sargas.lon1.core.heg.com 0.0% 3 110.0 110.1 110.0 110.2 0.1
- 10.|-- 87.230.114.206 0.0% 3 111.3 111.2 111.1 111.4 0.1
- 11.|-- 185.24.99.67 0.0% 3 133.2 132.9 130.8 134.8 2.0
- 12.|-- alhost.servers.prgn.misp.co.uk 0.0% 3 107.0 106.9 106.6 107.3 0.3
- #######################################################################################################################################
- Ping 'nmsf.gov.sd'
- ---------------------------------------------------------------------------------------------------------------------------------------
- Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-04-29 19:51 UTC
- SENT (0.4218s) ICMP [104.237.144.6 > 87.247.241.39 Echo request (type=8/code=0) id=23164 seq=1] IP [ttl=64 id=36445 iplen=28 ]
- RCVD (0.6230s) ICMP [87.247.241.39 > 104.237.144.6 Echo reply (type=0/code=0) id=23164 seq=1] IP [ttl=55 id=28314 iplen=28 ]
- SENT (1.4225s) ICMP [104.237.144.6 > 87.247.241.39 Echo request (type=8/code=0) id=23164 seq=3] IP [ttl=64 id=36445 iplen=28 ]
- RCVD (1.6437s) ICMP [87.247.241.39 > 104.237.144.6 Echo reply (type=0/code=0) id=23164 seq=3] IP [ttl=55 id=28840 iplen=28 ]
- SENT (2.4238s) ICMP [104.237.144.6 > 87.247.241.39 Echo request (type=8/code=0) id=23164 seq=3] IP [ttl=64 id=36445 iplen=28 ]
- RCVD (2.6632s) ICMP [87.247.241.39 > 104.237.144.6 Echo reply (type=0/code=0) id=23164 seq=3] IP [ttl=55 id=29310 iplen=28 ]
- SENT (3.4261s) ICMP [104.237.144.6 > 87.247.241.39 Echo request (type=8/code=0) id=23164 seq=4] IP [ttl=64 id=36445 iplen=28 ]
- RCVD (3.6832s) ICMP [87.247.241.39 > 104.237.144.6 Echo reply (type=0/code=0) id=23164 seq=4] IP [ttl=55 id=29587 iplen=28 ]
- Max rtt: 257.031ms | Min rtt: 201.211ms | Avg rtt: 229.653ms
- Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
- Nping done: 1 IP address pinged in 3.68 seconds
- #######################################################################################################################################
- =======================================================================================================================================
- | E-mails:
- | [+] E-mail Found: shihab.ali@nmsf.gov.sd
- | [+] E-mail Found: medical.equ@nmsf.gov.sd
- | [+] E-mail Found: waleed.albager@nmsf.gov.sd
- | [+] E-mail Found: nawal.eltahir@nmsf.gov.sd
- | [+] E-mail Found: abd.algali@nmsf.gov.sd
- | [+] E-mail Found: tenderqueries.cardio@nmsf.gov.sd
- | [+] E-mail Found: 20tender@nmsf.gov.sd
- | [+] E-mail Found: ohamed@nmsf.gov.sd
- | [+] E-mail Found: mailman@www.nmsf.gov.sd
- | [+] E-mail Found: osman.awad@nmsf.gov.sd
- | [+] E-mail Found: sudanpharm.cpd@nmsf.gov.sd
- | [+] E-mail Found: abdoulla.aref@gmail.com
- | [+] E-mail Found: font@zakdesign.net
- | [+] E-mail Found: nawal.elhadi@nmsf.gov.sd
- | [+] E-mail Found: quality@nmsf.gov.sd
- | [+] E-mail Found: cust-info@nmsf.gov.sd
- | [+] E-mail Found: tender@nmsf.gov.sd
- | [+] E-mail Found: tenderqueries@nmsf.gov.sd
- | [+] E-mail Found: elrashidm@nmsf.gov,sd
- | [+] E-mail Found: bashir.jabbar@nmsf.gov.sd
- | [+] E-mail Found: tenderqueries.eqp@nmsf.gov.sd
- | [+] E-mail Found: tenderqueries@cms.gov.sd
- | [+] E-mail Found: info@nmsf.gov.sd
- | [+] E-mail Found: ikhlas.abdelrahman@nmsf.gov.sd
- | [+] E-mail Found: national_tender@nmsf.gov.sd
- | [+] E-mail Found: sheikh.elddin@nmsf.gov.sd
- | [+] E-mail Found: ammar.osman@nmsf.gov.sd
- | [+] E-mail Found: queries@nmsf.gov.sd
- | [+] E-mail Found: hiba.elhadi@nmsf.gov.sd
- | [+] E-mail Found: medical.equ@cms.gov.sd
- =======================================================================================================================================
- | External hosts:
- | [+] External Host Found: http://www.google.ca?iframe=true&width=1000&height=500
- | [+] External Host Found: http://nmsf.gov.sd
- | [+] External Host Found: http://www.gnu.org
- | [+] External Host Found: http://www.sjrum.sd
- | [+] External Host Found: http://www.no-margin-for-errors.com
- | [+] External Host Found: http://maps.google.com
- | [+] External Host Found: http://www.who.int
- | [+] External Host Found: http://www.smcreg.gov.sd
- | [+] External Host Found: http://www.fmoh.gov.sd
- | [+] External Host Found: http://www.khpharmacy.gov.sd
- | [+] External Host Found: https://maps.google.com
- | [+] External Host Found: http://www.nmpb.gov.sd
- =======================================================================================================================================
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-3-Debian <<>> nmsf.gov.sd
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37526
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;nmsf.gov.sd. IN A
- ;; ANSWER SECTION:
- nmsf.gov.sd. 14400 IN A 87.247.241.39
- ;; Query time: 323 msec
- ;; SERVER: 185.93.180.131#53(185.93.180.131)
- ;; WHEN: lun avr 29 18:22:40 EDT 2019
- ;; MSG SIZE rcvd: 56
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P4-3-Debian <<>> +trace nmsf.gov.sd
- ;; global options: +cmd
- . 83787 IN NS d.root-servers.net.
- . 83787 IN NS g.root-servers.net.
- . 83787 IN NS k.root-servers.net.
- . 83787 IN NS j.root-servers.net.
- . 83787 IN NS l.root-servers.net.
- . 83787 IN NS h.root-servers.net.
- . 83787 IN NS m.root-servers.net.
- . 83787 IN NS a.root-servers.net.
- . 83787 IN NS c.root-servers.net.
- . 83787 IN NS b.root-servers.net.
- . 83787 IN NS f.root-servers.net.
- . 83787 IN NS e.root-servers.net.
- . 83787 IN NS i.root-servers.net.
- . 83787 IN RRSIG NS 8 0 518400 20190512170000 20190429160000 25266 . y0YDAK25lovphaX52TQexBmA67CnqvhTlSS8QOV3Rb8BNBaub+jlyD3K rVdfuG+vM3acpcGq8db1jZ5L3FcYGZWyNX3wngka/JiosHkPTdygq9+P YzQYpAlqMtcMUDt3IQnxraSStO+3DtkbW2zw79lsrsEwsjHIop8vWF29 Qgls3IbhcOqauEjP3MU+Mcrmmw9KMjIekdQf1geg71noATpmLkYyeVKr zL+TDL0HVElFetoGQUlEz5zyibzdPtpHeiZchEsxp0rZEoZiyyW9NgAx cdijqLB/+ccP7w/SgTzPXiGdkQicTckFOpmkDorO+TQadSAqQ+5wYNBa VMfRVg==
- ;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 222 ms
- sd. 172800 IN NS ans1.sis.sd.
- sd. 172800 IN NS sd.cctld.authdns.ripe.net.
- sd. 172800 IN NS ns1.uaenic.ae.
- sd. 172800 IN NS ans2.canar.sd.
- sd. 172800 IN NS ns-sd.afrinic.net.
- sd. 172800 IN NS ns2.uaenic.ae.
- sd. 172800 IN NS ans1.canar.sd.
- sd. 86400 IN NSEC se. NS RRSIG NSEC
- sd. 86400 IN RRSIG NSEC 8 1 86400 20190512170000 20190429160000 25266 . de8bUIfgGggYP5tEhwkEWuiE7GurL+Seuhejtz37CzW1+f4xf8DET2xy LBpW6TsLS3cmPUFsTQOL5PvLGEZFuYjiRQkkz0xI2Yzh43roorjNsBLj GrEDM4uCJbb5Br3ADATASDJWb/hzdUdbpBS3rDbrMA7FZPcNedsXanvu 0ks5T/7fYaUu6WUt3HL5LxkUTALUCvAI/FtDt5qADlkFoTwMRfZh98S1 WYweewjxJ4Vcj5BRVlFgg8FrZ5zuIHz/Rc5qOGelB+HTnBKy7bGnHZIK F5BFzNhQU3KMpZcY8Fz67AaTBD5PKuQE83RYliejwqrsgiMbut3aBh+u TozfJg==
- ;; Received 698 bytes from 2001:dc3::35#53(m.root-servers.net) in 88 ms
- nmsf.gov.sd. 14400 IN NS ns1.vidahost.com.
- nmsf.gov.sd. 14400 IN NS ns2.vidahost.com.
- ;; Received 88 bytes from 196.29.180.14#53(ans1.canar.sd) in 338 ms
- nmsf.gov.sd. 14400 IN A 87.247.241.39
- ;; Received 56 bytes from 91.198.165.131#53(ns1.vidahost.com) in 240 ms
- #######################################################################################################################################
- [*] Processing domain nmsf.gov.sd
- [*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
- [+] Getting nameservers
- 91.146.110.188 - ns2.vidahost.com
- 91.198.165.131 - ns1.vidahost.com
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx +ip4:87.247.241.39 ~all"
- [+] MX records found, added to target list
- 0 mail2.nmsf.gov.sd.
- [*] Scanning nmsf.gov.sd for A records
- 87.247.241.39 - nmsf.gov.sd
- 87.247.241.39 - cpanel.nmsf.gov.sd
- 87.247.241.39 - ftp.nmsf.gov.sd
- 87.247.241.39 - mail.nmsf.gov.sd
- 212.0.140.244 - mail2.nmsf.gov.sd
- 87.247.241.39 - webdisk.nmsf.gov.sd
- 87.247.241.39 - webmail.nmsf.gov.sd
- 87.247.241.39 - whm.nmsf.gov.sd
- 87.247.241.39 - www.nmsf.gov.sd
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 87.247.241.39 host ftp.nmsf.gov.sd
- 87.247.241.39 alias mail.nmsf.gov.sd
- 87.247.241.39 host nmsf.gov.sd
- 212.0.140.244 host mail2.nmsf.gov.sd
- 87.247.241.39 host webmail.nmsf.gov.sd
- 87.247.241.39 alias www.nmsf.gov.sd
- 87.247.241.39 host nmsf.gov.sd
- #######################################################################################################################################
- [+] Testing domain
- www.nmsf.gov.sd 87.247.241.39
- [+] Dns resolving
- Domain name Ip address Name server
- nmsf.gov.sd 87.247.241.39 alhost.servers.prgn.misp.co.uk
- Found 1 host(s) for nmsf.gov.sd
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on nmsf.gov.sd
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 260.02 seconds
- Subdomain Ip address Name server
- ftp.nmsf.gov.sd 87.247.241.39 alhost.servers.prgn.misp.co.uk
- mail.nmsf.gov.sd 87.247.241.39 alhost.servers.prgn.misp.co.uk
- webmail.nmsf.gov.sd 87.247.241.39 alhost.servers.prgn.misp.co.uk
- www.nmsf.gov.sd 87.247.241.39 alhost.servers.prgn.misp.co.uk
- #######################################################################################################################################
- % This is the RIPE Database query service.
- % The objects are in RPSL format.
- %
- % The RIPE Database is subject to Terms and Conditions.
- % See http://www.ripe.net/db/support/db-terms-conditions.pdf
- % Note: this output has been filtered.
- % To receive output for a database update, use the "-B" flag.
- % Information related to '87.247.240.0 - 87.247.247.255'
- % Abuse contact for '87.247.240.0 - 87.247.247.255' is 'abuse@paragon.net.uk'
- inetnum: 87.247.240.0 - 87.247.247.255
- netname: UK-PARAGON-20060203
- country: GB
- org: ORG-PIGL2-RIPE
- admin-c: PAR487-RIPE
- tech-c: PAR487-RIPE
- status: ALLOCATED PA
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: PARAGON-MNT
- mnt-lower: PARAGON-MNT
- mnt-routes: PARAGON-MNT
- created: 2006-02-03T12:53:28Z
- last-modified: 2017-07-06T09:37:09Z
- source: RIPE
- organisation: ORG-PIGL2-RIPE
- org-name: Paragon Internet Group Limited
- org-type: LIR
- address: 113 - 114 Buckingham Avenue
- address: SL1 4PF
- address: Slough
- address: UNITED KINGDOM
- phone: +441628200161
- mnt-ref: RIPE-NCC-HM-MNT
- mnt-ref: PARAGON-MNT
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: PARAGON-MNT
- admin-c: PAR487-RIPE
- abuse-c: PA7585-RIPE
- created: 2014-03-26T09:42:08Z
- last-modified: 2018-06-13T10:27:57Z
- source: RIPE # Filtered
- person: Paragon NOC
- address: 113-114 Buckingham Avenue
- address: Slough
- address: SL1 4PF
- phone: +44(0)1628 200 161
- nic-hdl: PAR487-RIPE
- mnt-by: PARAGON-MNT
- created: 2017-07-06T09:33:58Z
- last-modified: 2017-07-06T09:33:58Z
- source: RIPE
- % Information related to '87.247.240.0/21AS198047'
- route: 87.247.240.0/21
- origin: AS198047
- mnt-by: PARAGON-MNT
- created: 2017-07-05T11:24:46Z
- last-modified: 2017-07-05T11:24:46Z
- source: RIPE
- #######################################################################################################################################
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on 87.247.241.39
- dnsdb: Unexpected return status 503
- certspotter: json: cannot unmarshal object into Go value of type []certspotter.certspotterObject
- ipv4info: <nil>
- waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.87.247.241.39/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
- dogpile: Get https://www.dogpile.com/search/web?q=87.247.241.39&qsi=1: EOF
- Starting Bruteforcing of 87.247.241.39 with 9985 words
- Total 1 Unique subdomains found for 87.247.241.39
- .87.247.241.39
- #######################################################################################################################################
- [+] 87.247.241.39 has no SPF record!
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for 87.247.241.39!
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 17:27 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up (0.22s latency).
- Not shown: 462 filtered ports, 3 closed ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp open ssh
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 17:27 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up (0.18s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 17:28 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up (0.23s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: general purpose
- Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
- OS CPE: cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6
- Aggressive OS guesses: Linux 4.4 (91%), Linux 3.10 - 3.12 (89%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 4.0 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.18 (85%), Linux 3.2 - 4.9 (85%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 10 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 170.06 ms 10.244.200.1
- 2 171.45 ms 213.184.122.97
- 3 170.09 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
- 4 170.48 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
- 5 170.72 ms bzq-114-65-2.cust.bezeqint.net (192.114.65.2)
- 6 234.76 ms bzq-179-124-78.cust.bezeqint.net (212.179.124.78)
- 7 ...
- 8 237.92 ms 87.230.114.206
- 9 232.33 ms 87.230.114.206
- 10 233.60 ms alhost.servers.prgn.misp.co.uk (87.247.241.39)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 17:39 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 22/tcp filtered ssh
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 174.18 ms 10.244.200.1
- 2 170.18 ms 213.184.122.97
- 3 169.25 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
- 4 169.65 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
- 5 230.47 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
- 6 227.74 ms bzq-219-189-2.cablep.bezeqint.net (62.219.189.2)
- 7 227.71 ms bzq-219-189-57.cablep.bezeqint.net (62.219.189.57)
- 8 230.29 ms bzq-179-72-242.cust.bezeqint.net (212.179.72.242)
- 9 ...
- 10 232.38 ms 87.230.114.206
- 11 260.31 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
- RHOSTS => 87.247.241.39
- RHOST => 87.247.241.39
- [*] 87.247.241.39:22 - SSH - Using malformed packet technique
- [*] 87.247.241.39:22 - SSH - Starting scan
- [-] 87.247.241.39:22 - SSH - User 'admin' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'administrator' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'anonymous' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'backup' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'bee' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'ftp' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'guest' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'GUEST' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'info' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'mail' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'mailadmin' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'msfadmin' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'mysql' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'nobody' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'oracle' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'owaspbwa' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'postfix' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'postgres' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'private' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'proftpd' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'public' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'root' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'superadmin' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'support' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'sys' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'system' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'systemadmin' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'systemadministrator' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'test' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'tomcat' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'user' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'webmaster' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'www-data' on could not connect
- [-] 87.247.241.39:22 - SSH - User 'Fortimanager_Access' on could not connect
- [*] Scanned 1 of 1 hosts (100% complete)
- [*] Auxiliary module execution completed
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 17:59 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 53/tcp filtered domain
- Too many fingerprints match this host to give specific OS details
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | dmz.servers.prgn.misp.co.uk - 185.52.24.121
- | cms.servers.prgn.misp.co.uk - 185.52.27.219
- | ns1.servers.prgn.misp.co.uk - 195.62.28.14
- | cvs.servers.prgn.misp.co.uk - 91.222.9.120
- | ns2.servers.prgn.misp.co.uk - 95.142.155.4
- | pbx.servers.prgn.misp.co.uk - 185.24.99.53
- |_ ssl.servers.prgn.misp.co.uk - 185.119.174.5
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 174.25 ms 10.244.200.1
- 2 177.80 ms 213.184.122.97
- 3 175.98 ms bzq-82-80-246-9.cablep.bezeqint.net (82.80.246.9)
- 4 178.97 ms bzq-179-124-185.cust.bezeqint.net (212.179.124.185)
- 5 228.65 ms bzq-114-65-1.cust.bezeqint.net (192.114.65.1)
- 6 227.15 ms bzq-219-189-2.cablep.bezeqint.net (62.219.189.2)
- 7 227.20 ms bzq-219-189-57.dsl.bezeqint.net (62.219.189.57)
- 8 228.64 ms bzq-179-72-242.cust.bezeqint.net (212.179.72.242)
- 9 ...
- 10 230.84 ms 87.230.114.206
- 11 250.30 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:31 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up (0.022s latency).
- Not shown: 2 filtered ports
- PORT STATE SERVICE
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:31 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 67/udp open|filtered dhcps
- |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 26.37 ms 10.245.200.1
- 2 34.76 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 36.77 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 28.34 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 28.30 ms motl-b1-link.telia.net (62.115.162.41)
- 6 108.23 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 109.66 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 109.72 ms ldn-b5-link.telia.net (213.155.132.195)
- 9 109.06 ms ae0.cr-sargas.lon1.core.heg.com (213.248.96.78)
- 10 109.82 ms 87.230.114.206
- 11 129.67 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:33 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 68/udp open|filtered dhcpc
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 26.42 ms 10.245.200.1
- 2 26.88 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 41.19 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 26.86 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 26.50 ms motl-b1-link.telia.net (62.115.162.41)
- 6 102.11 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 102.73 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 102.76 ms ldn-b5-link.telia.net (213.155.132.195)
- 9 102.72 ms ae0.cr-sargas.lon1.core.heg.com (213.248.96.78)
- 10 103.59 ms 87.230.114.206
- 11 120.27 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:34 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 69/udp open|filtered tftp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 26.21 ms 10.245.200.1
- 2 29.96 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 38.90 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 27.70 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 29.74 ms motl-b1-link.telia.net (62.115.162.41)
- 6 106.17 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 106.94 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 106.98 ms ldn-b5-link.telia.net (213.155.132.195)
- 9 106.52 ms ae0.cr-sargas.lon1.core.heg.com (213.248.96.78)
- 10 107.60 ms 87.230.114.206
- 11 125.40 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:37 EDT
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up.
- PORT STATE SERVICE VERSION
- 123/udp open|filtered ntp
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 27.58 ms 10.245.200.1
- 2 27.92 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
- 3 95.15 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
- 4 27.69 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
- 5 27.67 ms motl-b1-link.telia.net (62.115.162.41)
- 6 109.47 ms nyk-bb4-link.telia.net (62.115.134.52)
- 7 110.39 ms ldn-bb3-link.telia.net (62.115.113.21)
- 8 110.06 ms ldn-b5-link.telia.net (213.155.132.195)
- 9 110.03 ms ae0.cr-sargas.lon1.core.heg.com (213.248.96.78)
- 10 104.27 ms 87.230.114.206
- 11 123.75 ms 185.24.99.67
- 12 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:39 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- Initiating Ping Scan at 16:39
- Scanning 87.247.241.39 [4 ports]
- Completed Ping Scan at 16:39, 2.05s elapsed (1 total hosts)
- Nmap scan report for 87.247.241.39 [host down, received no-response]
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
- Nmap done: 1 IP address (0 hosts up) scanned in 2.53 seconds
- Raw packets sent: 8 (304B) | Rcvd: 0 (0B)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-29 16:39 EDT
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- Initiating NSE at 16:39
- Completed NSE at 16:39, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 16:39
- Completed Parallel DNS resolution of 1 host. at 16:39, 0.03s elapsed
- Initiating UDP Scan at 16:39
- Scanning alhost.servers.prgn.misp.co.uk (87.247.241.39) [14 ports]
- Completed UDP Scan at 16:39, 1.28s elapsed (14 total ports)
- Initiating Service scan at 16:39
- Scanning 12 services on alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Service scan Timing: About 8.33% done; ETC: 16:59 (0:17:47 remaining)
- Completed Service scan at 16:41, 102.58s elapsed (12 services on 1 host)
- Initiating OS detection (try #1) against alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Retrying OS detection (try #2) against alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Initiating Traceroute at 16:41
- Completed Traceroute at 16:41, 7.10s elapsed
- Initiating Parallel DNS resolution of 1 host. at 16:41
- Completed Parallel DNS resolution of 1 host. at 16:41, 0.01s elapsed
- NSE: Script scanning 87.247.241.39.
- Initiating NSE at 16:41
- Completed NSE at 16:42, 20.30s elapsed
- Initiating NSE at 16:42
- Completed NSE at 16:42, 1.03s elapsed
- Nmap scan report for alhost.servers.prgn.misp.co.uk (87.247.241.39)
- Host is up (0.029s latency).
- PORT STATE SERVICE VERSION
- 53/udp open|filtered domain
- 67/udp open|filtered dhcps
- 68/udp open|filtered dhcpc
- 69/udp open|filtered tftp
- 88/udp open|filtered kerberos-sec
- 123/udp open|filtered ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp open|filtered netbios-ssn
- 161/udp open|filtered snmp
- 162/udp open|filtered snmptrap
- 389/udp open|filtered ldap
- 520/udp open|filtered route
- 2049/udp open|filtered nfs
- Too many fingerprints match this host to give specific OS details
- TRACEROUTE (using port 138/udp)
- HOP RTT ADDRESS
- 1 ... 2
- 3 24.87 ms 10.245.200.1
- 4 24.89 ms 10.245.200.1
- 5 27.71 ms 10.245.200.1
- 6 27.69 ms 10.245.200.1
- 7 21.81 ms 10.245.200.1
- 8 21.80 ms 10.245.200.1
- 9 21.79 ms 10.245.200.1
- 10 21.80 ms 10.245.200.1
- 11 ... 18
- 19 20.99 ms 10.245.200.1
- 20 20.16 ms 10.245.200.1
- 21 ... 27
- 28 21.24 ms 10.245.200.1
- 29 20.68 ms 10.245.200.1
- 30 19.66 ms 10.245.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 16:42
- Completed NSE at 16:42, 0.00s elapsed
- Initiating NSE at 16:42
- Completed NSE at 16:42, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 135.51 seconds
- Raw packets sent: 147 (9.964KB) | Rcvd: 21 (1.634KB)
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 87.247.241.39
- + Target Hostname: www.nmsf.gov.sd
- + Target Port: 80
- + Start Time: 2019-04-29 16:02:47 (GMT-4)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Server banner has changed from '' to 'Apache' which may suggest a WAF, load balancer or proxy is in place
- + /nmsf.gov.sd.tar.gz: Potentially interesting archive/cert file found.
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 21 error(s) and 4 item(s) reported on remote host
- + End Time: 2019-04-29 16:13:01 (GMT-4) (614 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- Anonymous JTSEC #OpSudan Full Recon #61
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement