Anonymous JTSEC #OpSudan Full Recon #66

1. #######################################################################################################################################
2. =======================================================================================================================================
3. Hostname wre.gov.sd ISP HostDime.com, Inc.
4. Continent North America Flag
5. US
6. Country United States Country Code US
7. Region Florida Local time 01 May 2019 23:52 EDT
8. City Orlando Postal Code 32826
9. IP Address 138.128.160.2 Latitude 28.581
10. Longitude -81.189
11. =======================================================================================================================================
12. #######################################################################################################################################
13. > wre.gov.sd
14. Server: 38.132.106.139
15. Address: 38.132.106.139#53
16.  
17. Non-authoritative answer:
18. Name: wre.gov.sd
19. Address: 138.128.160.2
20. >
21. #######################################################################################################################################
22.  
23. HostIP:138.128.160.2
24. HostName:wre.gov.sd
25.  
26. Gathered Inet-whois information for 138.128.160.2
27. ---------------------------------------------------------------------------------------------------------------------------------------
28.  
29.  
30. inetnum: 138.128.144.0 - 138.130.255.255
31. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
32. descr: IPv4 address block not managed by the RIPE NCC
33. remarks: ------------------------------------------------------
34. remarks:
35. remarks: For registration information,
36. remarks: you can consult the following sources:
37. remarks:
38. remarks: IANA
39. remarks: http://www.iana.org/assignments/ipv4-address-space
40. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
41. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
42. remarks:
43. remarks: AFRINIC (Africa)
44. remarks: http://www.afrinic.net/ whois.afrinic.net
45. remarks:
46. remarks: APNIC (Asia Pacific)
47. remarks: http://www.apnic.net/ whois.apnic.net
48. remarks:
49. remarks: ARIN (Northern America)
50. remarks: http://www.arin.net/ whois.arin.net
51. remarks:
52. remarks: LACNIC (Latin America and the Carribean)
53. remarks: http://www.lacnic.net/ whois.lacnic.net
54. remarks:
55. remarks: ------------------------------------------------------
56. country: EU # Country is really world wide
57. admin-c: IANA1-RIPE
58. tech-c: IANA1-RIPE
59. status: ALLOCATED UNSPECIFIED
60. mnt-by: RIPE-NCC-HM-MNT
61. created: 2019-01-07T10:49:49Z
62. last-modified: 2019-01-07T10:49:49Z
63. source: RIPE
64.  
65. role: Internet Assigned Numbers Authority
66. address: see http://www.iana.org.
67. admin-c: IANA1-RIPE
68. tech-c: IANA1-RIPE
69. nic-hdl: IANA1-RIPE
70. remarks: For more information on IANA services
71. remarks: go to IANA web site at http://www.iana.org.
72. mnt-by: RIPE-NCC-MNT
73. created: 1970-01-01T00:00:00Z
74. last-modified: 2001-09-22T09:31:27Z
75. source: RIPE # Filtered
76.  
77. % This query was served by the RIPE Database Query Service version 1.93.2 (BLAARKOP)
78.  
79.  
80.  
81. Gathered Inic-whois information for wre.gov.sd
82. ---------------------------------------------------------------------------------------------------------------------------------------
83. Error: Unable to connect - Invalid Host
84. ERROR: Connection to InicWhois Server sd.whois-servers.net failed
85. close error
86.  
87. Gathered Netcraft information for wre.gov.sd
88. ---------------------------------------------------------------------------------------------------------------------------------------
89.  
90. Retrieving Netcraft.com information for wre.gov.sd
91. Netcraft.com Information gathered
92.  
93. Gathered Subdomain information for wre.gov.sd
94. ---------------------------------------------------------------------------------------------------------------------------------------
95. Searching Google.com:80...
96. Searching Altavista.com:80...
97. Found 0 possible subdomain(s) for host wre.gov.sd, Searched 0 pages containing 0 results
98.  
99. Gathered E-Mail information for wre.gov.sd
100. ---------------------------------------------------------------------------------------------------------------------------------------
101. Searching Google.com:80...
102. Searching Altavista.com:80...
103. Found 0 E-Mail(s) for host wre.gov.sd, Searched 0 pages containing 0 results
104.  
105. Gathered TCP Port information for 138.128.160.2
106. ---------------------------------------------------------------------------------------------------------------------------------------
107.  
108. Port State
109.  
110. 21/tcp open
111. 53/tcp open
112. 80/tcp open
113. 110/tcp open
114. 143/tcp open
115.  
116. Portscan Finished: Scanned 150 ports, 4 ports were in state closed
117. #######################################################################################################################################
118. [i] Scanning Site: http://wre.gov.sd
119.  
120.  
121.  
122. B A S I C I N F O
123. =======================================================================================================================================
124.  
125.  
126. [+] Site Title: وزارة الموارد المائية والري والكهرباء |
127. [+] IP address: 138.128.160.2
128. [+] Web Server: Could Not Detect
129. [+] CMS: WordPress
130. [+] Cloudflare: Not Detected
131. [+] Robots File: Found
132.  
133. -------------[ contents ]----------------
134. User-agent: *
135. Disallow: /wp-admin/
136. Allow: /wp-admin/admin-ajax.php
137.  
138. -----------[end of contents]-------------
139.  
140.  
141.  
142.  
143. G E O I P L O O K U P
144. =======================================================================================================================================
145.  
146. [i] IP Address: 138.128.160.2
147. [i] Country: United States
148. [i] State: Florida
149. [i] City: Orlando
150. [i] Latitude: 28.5807
151. [i] Longitude: -81.1893
152.  
153.  
154.  
155.  
156. H T T P H E A D E R S
157. =======================================================================================================================================
158.  
159.  
160. [i] HTTP/1.1 200 OK
161. [i] Date: Thu, 02 May 2019 04:19:06 GMT
162. [i] X-Powered-By: PHP/5.6.40
163. [i] Link: <http://wre.gov.sd/wp-json/>; rel="https://api.w.org/"
164. [i] Set-Cookie: qtrans_front_language=ar; expires=Fri, 01-May-2020 04:19:06 GMT; Max-Age=31536000; path=/
165. [i] Vary: Accept-Encoding
166. [i] Referrer-Policy: no-referrer-when-downgrade
167. [i] Content-Type: text/html; charset=UTF-8
168. [i] Connection: close
169.  
170.  
171.  
172.  
173. D N S L O O K U P
174. =======================================================================================================================================
175.  
176. wre.gov.sd. 14399 IN TXT "v=spf1 +a +mx +ip4:66.7.212.159 ?all"
177. wre.gov.sd. 14399 IN MX 0 wre.gov.sd.
178. wre.gov.sd. 21599 IN SOA ns1.click-grafix.com. karouri.gmail.com. 2019031803 3600 7200 1209600 86400
179. wre.gov.sd. 21599 IN NS ns1.click-grafix.com.
180. wre.gov.sd. 21599 IN NS ns2.click-grafix.com.
181. wre.gov.sd. 14399 IN A 138.128.160.2
182.  
183.  
184.  
185.  
186. S U B N E T C A L C U L A T I O N
187. =======================================================================================================================================
188.  
189. Address = 138.128.160.2
190. Network = 138.128.160.2 / 32
191. Netmask = 255.255.255.255
192. Broadcast = not needed on Point-to-Point links
193. Wildcard Mask = 0.0.0.0
194. Hosts Bits = 0
195. Max. Hosts = 1 (2^0 - 0)
196. Host Range = { 138.128.160.2 - 138.128.160.2 }
197.  
198.  
199.  
200. N M A P P O R T S C A N
201. =======================================================================================================================================
202.  
203. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 04:19 UTC
204. Nmap scan report for wre.gov.sd (138.128.160.2)
205. Host is up (0.034s latency).
206. rDNS record for 138.128.160.2: server.click-grafix.com
207.  
208. PORT STATE SERVICE
209. 21/tcp open ftp
210. 22/tcp closed ssh
211. 23/tcp filtered telnet
212. 80/tcp open http
213. 110/tcp open pop3
214. 143/tcp open imap
215. 443/tcp open https
216. 3389/tcp filtered ms-wbt-server
217.  
218. Nmap done: 1 IP address (1 host up) scanned in 1.25 seconds
219. #######################################################################################################################################
220. [?] Enter the target: example( http://domain.com )
221. http://wre.gov.sd/
222. [!] IP Address : 138.128.160.2
223. [!] wre.gov.sd doesn't seem to use a CMS
224. [+] Honeypot Probabilty: 30%
225. ---------------------------------------------------------------------------------------------------------------------------------------
226. [~] Trying to gather whois information for wre.gov.sd
227. [+] Whois information found
228. [-] Unable to build response, visit https://who.is/whois/wre.gov.sd
229. ---------------------------------------------------------------------------------------------------------------------------------------
230. PORT STATE SERVICE
231. 21/tcp open ftp
232. 22/tcp closed ssh
233. 23/tcp filtered telnet
234. 80/tcp open http
235. 110/tcp open pop3
236. 143/tcp open imap
237. 443/tcp open https
238. 3389/tcp filtered ms-wbt-server
239. Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds
240. ---------------------------------------------------------------------------------------------------------------------------------------
241.  
242. [+] DNS Records
243. ns1.click-grafix.com. (138.128.160.3) AS33182 HostDime.com, Inc. United States
244. ns2.click-grafix.com. (138.128.160.4) AS33182 HostDime.com, Inc. United States
245.  
246. [+] MX Records
247. 0 (138.128.160.2) AS33182 HostDime.com, Inc. United States
248.  
249. [+] Host Records (A)
250. wre.gov.sdHTTP: (server.click-grafix.com) (138.128.160.2) AS33182 HostDime.com, Inc. United States
251.  
252. [+] TXT Records
253. "v=spf1 +a +mx +ip4:66.7.212.159 ?all"
254.  
255. [+] DNS Map: https://dnsdumpster.com/static/map/re.gov.sd.png
256.  
257. [>] Initiating 3 intel modules
258. [>] Loading Alpha module (1/3)
259. [>] Beta module deployed (2/3)
260. [>] Gamma module initiated (3/3)
261.  
262.  
263. [+] Emails found:
264. ---------------------------------------------------------------------------------------------------------------------------------------
265. info@wre.gov.sd
266. musa@wre.gov.sd
267. tabita.shokai@wre.gov.sd
268.  
269. [+] Hosts found in search engines:
270. ---------------------------------------------------------------------------------------------------------------------------------------
271. [-] Resolving hostnames IPs...
272. 138.128.160.2:www.wre.gov.sd
273. [+] Virtual hosts:
274. ---------------------------------------------------------------------------------------------------------------------------------------
275. 138.128.160.2 click.sd
276. 138.128.160.2 paradisehotel
277. 138.128.160.2 mahgoubsons
278. 138.128.160.2 sudanports.gov.sd
279. 138.128.160.2 www.apg-sd.com
280. 138.128.160.2 www.radmed
281. 138.128.160.2 sudapet
282. 138.128.160.2 bashayerpl.com
283. 138.128.160.2 raheeg
284. 138.128.160.2 saria
285. 138.128.160.2 www.ariab
286. 138.128.160.2 www.sudanpile.com
287. 138.128.160.2 fasrc.org
288. 138.128.160.2 mohe.gov.sd
289. 138.128.160.2 aou.edu.sd
290. 138.128.160.2 wre.gov.sd
291. 138.128.160.2 iec.gov.sd
292. 138.128.160.2 www.tpsudan.gov.sd
293. 138.128.160.2 saudisb.sd
294. 138.128.160.2 sudapost.sd
295. 138.128.160.2 www.mofdgoia.gov.sd
296. 138.128.160.2 www.ssia.sd
297. #######################################################################################################################################
298. Enter Address Website = wre.gov.sd
299.  
300. Reversing IP With HackTarget 'wre.gov.sd'
301. ---------------------------------------------------------------------------------------------------------------------------------------
302.  
303. [+] 138.128.160.2
304. [+] aacpd.org
305. [+] aayan.com.qa
306. [+] abanos.net
307. [+] abdeenandco.com
308. [+] adding-sd.com
309. [+] advocatemakki.com
310. [+] adyagroup.net
311. [+] agrogate-holdings.com
312. [+] ahqsudan.com
313. [+] alanfalgroup.com
314. [+] alanfaljabra.com
315. [+] albadaael.com
316. [+] albarakafinancial.com
317. [+] alfala.com
318. [+] alitimadgroup.com
319. [+] aljazeerabank.com.sd
320. [+] almadadgroup.com
321. [+] almamoonoil.com
322. [+] aloaloa.com
323. [+] alomergroup.com
324. [+] alrawabi.yassirkambalgroup.com
325. [+] alsundusiamedical.com
326. [+] alwatanyia.com
327. [+] alwathbagroup.com
328. [+] alzawaya-medical.com
329. [+] anpm.co
330. [+] aou.edu.sd
331. [+] apg-sd.com
332. [+] app.advocatemakki.com
333. [+] apple-login.org.rakhie.net
334. [+] arabiawork.com
335. [+] arech.apg-sd.com
336. [+] arenboutique.com
337. [+] ariabmining.net
338. [+] ar.nileuniversity-edu.com
339. [+] aseel.yassirkambalgroup.com
340. [+] aseelcomplex.yassirkambalgroup.com
341. [+] ashrafelsharif.com
342. [+] audit.gov.sd
343. [+] badawi.alzawaya-medical.com
344. [+] bajrawiafab.com
345. [+] bargos.apg-sd.com
346. [+] basma-ocf.org
347. [+] beautyconceptlounge.com
348. [+] benzcenter.net
349. [+] berigdar.berigdargroup.com
350. [+] berigdar.com
351. [+] berigdargroup.com
352. [+] berimalegal.com
353. [+] bivetsud.com
354. [+] bmcproject.net
355. [+] brandavenue.net
356. [+] casiexpress.net
357. [+] cctctraining.com
358. [+] citi.online.yam-cdc.com
359. [+] clarionlaserclinic.ie
360. [+] click.sd
361. [+] clickgrafix.co
362. [+] clicksd.info
363. [+] click-grafix.com
364. [+] codon-med.com
365. [+] conference.sudanesephysicians.org
366. [+] cpanel.aacpd.org
367. [+] cpanel.aayan.com.qa
368. [+] cpanel.abanos.net
369. [+] cpanel.abdeenandco.com
370. [+] cpanel.adyagroup.net
371. [+] cpanel.ahqsudan.com
372. [+] cpanel.alanfalgroup.com
373. [+] cpanel.alanfaljabra.com
374. [+] cpanel.albadaael.com
375. [+] cpanel.albarakafinancial.com
376. [+] cpanel.alfala.com
377. [+] cpanel.alitimadgroup.com
378. [+] cpanel.almadadgroup.com
379. [+] cpanel.almamoonoil.com
380. [+] cpanel.aloaloa.com
381. [+] cpanel.alomergroup.com
382. [+] cpanel.alsundusiamedical.com
383. [+] cpanel.alwatanyia.com
384. [+] cpanel.alwathbagroup.com
385. [+] cpanel.anpm.co
386. [+] cpanel.ariabmining.net
387. [+] cpanel.ashrafelsharif.com
388. [+] cpanel.bajrawiafab.com
389. [+] cpanel.beautyconceptlounge.com
390. [+] cpanel.benzcenter.net
391. [+] cpanel.berigdargroup.com
392. [+] cpanel.berigdar.com
393. [+] cpanel.berimalegal.com
394. [+] cpanel.bivetsud.com
395. [+] cpanel.bmcproject.net
396. [+] cpanel.brandavenue.net
397. [+] cpanel.casiexpress.net
398. [+] cpanel.cctctraining.com
399. [+] cpanel.clarionlaserclinic.ie
400. [+] cpanel.clickgrafix.co
401. [+] cpanel.clicksd.info
402. [+] cpanel.dallahpharma.net
403. [+] cpanel.dandaradentalcenter.com
404. [+] cpanel.difafvillage.com
405. [+] cpanel.dirnour.com
406. [+] cpanel.ecogroupsd.com
407. [+] cpanel.eims.ae
408. [+] cpanel.elgadal.com
409. [+] cpanel.elitihadlogistics.com
410. [+] cpanel.elprincesudan.com
411. [+] cpanel.eltagtrading.com
412. [+] cpanel.emitradingco.com
413. [+] cpanel.fasrc.org
414. [+] cpanel.forwomenbywomen.org
415. [+] cpanel.gdsudan.com
416. [+] cpanel.giadservices.com
417. [+] cpanel.higleig.com
418. [+] cpanel.hishamkarouri.com
419. [+] cpanel.hopemedicalsd.com
420. [+] cpanel.ideagp.com
421. [+] cpanel.indonileexport.com
422. [+] cpanel.indonile.com
423. [+] cpanel.ingawetrading.com
424. [+] cpanel.jubaauto.com
425. [+] cpanel.ktcesudan.com
426. [+] cpanel.ladconsult.com
427. [+] cpanel.lanjico.com
428. [+] cpanel.lowcosttravelcenter.com
429. [+] cpanel.lulamab.com
430. [+] cpanel.lunatusmed.com
431. [+] cpanel.mahgoubsons.com
432. [+] cpanel.mamedmedical.com
433. [+] cpanel.marwacoenterprises.com
434. [+] cpanel.medanico.com
435. [+] cpanel.mieragspace.com
436. [+] cpanel.moontrade.net
437. [+] cpanel.mssmanal.com
438. [+] cpanel.mudalala.qa
439. [+] cpanel.musanadaholding.com
440. [+] cpanel.nagi.photo
441. [+] cpanel.nilecement.org
442. [+] cpanel.nisosd.com
443. [+] cpanel.niss.tech
444. [+] cpanel.nlicfinance.com
445. [+] cpanel.npetroleum.com
446. [+] cpanel.nuspetro.com
447. [+] cpanel.olgaecs.com
448. [+] cpanel.osamaalgadee.com
449. [+] cpanel.pawfreight.com
450. [+] cpanel.petroall.net
451. [+] cpanel.radmedco.com
452. [+] cpanel.raheeg.com
453. [+] cpanel.rakhie.net
454. [+] cpanel.rcctsd.com
455. [+] cpanel.rocketeng.net
456. [+] cpanel.sabintod.com
457. [+] cpanel.sangsl.com
458. [+] cpanel.scmsltd.com
459. [+] cpanel.senahypermarket.com
460. [+] cpanel.shakak.org
461. [+] cpanel.shirouqpaints.net
462. [+] cpanel.shoyum.com
463. [+] cpanel.sinnarshipping.com
464. [+] cpanel.skhcsudan.com
465. [+] cpanel.smacosd.com
466. [+] cpanel.srptechnology.com
467. [+] cpanel.stiltgroup.org
468. [+] cpanel.sudanbcisd.net
469. [+] cpanel.sudanesephysicians.org
470. [+] cpanel.sudanpile.com
471. [+] cpanel.sudanwork.com
472. [+] cpanel.tawakolmedical.com
473. [+] cpanel.tawseelsudan.com
474. [+] cpanel.tbmlawfirm.com
475. [+] cpanel.tharjatheng.com
476. [+] cpanel.transways.ae
477. [+] cpanel.tstmatjar.com
478. [+] cpanel.vittoriopierino.com
479. [+] cpanel.wgarasud.com
480. [+] cpanel.yasminycl.com
481. [+] cpanel.yassirkambalgroup.com
482. [+] cpanel.yathribyp.com
483. [+] cpanel.zawayabricks.com
484. [+] cpanel.adding-sd.com
485. [+] cpanel.agrogate-holdings.com
486. [+] cpanel.alzawaya-medical.com
487. [+] cpanel.apg-sd.com
488. [+] cpanel.basma-ocf.org
489. [+] cpanel.click-grafix.com
490. [+] cpanel.codon-med.com
491. [+] cpanel.crimsonlights-sd.com
492. [+] cpanel.das-diesel.com
493. [+] cpanel.elmohandis-paints.com
494. [+] cpanel.etegahat-ap.com
495. [+] cpanel.extra-pharma.com
496. [+] cpanel.farha-sd.com
497. [+] cpanel.flynas-sudan.com
498. [+] cpanel.focusschool-sd.com
499. [+] cpanel.geocad-sd.com
500. [+] cpanel.gladiator-bdc.com
501. [+] cpanel.gpo-sd.com
502. [+] cpanel.hamza-farm.com
503. [+] cpanel.hcs-sd.com
504. [+] cpanel.ideal-sdn.com
505. [+] cpanel.khartoum-int.net
506. [+] cpanel.kmc-sd.com
507. [+] cpanel.maak-sd.com
508. [+] cpanel.manar-group.com
509. [+] cpanel.mechatronic-sd.com
510. [+] cpanel.medicare-sd.com
511. [+] cpanel.medpharma-sd.com
512. [+] cpanel.nileuniversity-edu.com
513. [+] cpanel.numberone-sd.com
514. [+] cpanel.oit-sd.com
515. [+] cpanel.osool-sd.com
516. [+] cpanel.paradisehotels-sd.com
517. [+] cpanel.pts-sd.com
518. [+] cpanel.rittal-sd.com
519. [+] cpanel.skyart-sd.com
520. [+] cpanel.soed-sd.org
521. [+] cpanel.summit-schools.com
522. [+] cpanel.supergeneral-sd.com
523. [+] cpanel.tanglewood-sd.com
524. [+] cpanel.whitewaters-sd.com
525. [+] cpanel.yam-cdc.com
526. [+] crimsonlights-sd.com
527. [+] dallahpharma.alwathbagroup.com
528. [+] dallahpharma.net
529. [+] dandaradentalcenter.com
530. [+] das-diesel.com
531. [+] design.alwatanyia.com
532. [+] difafvillage.com
533. [+] digitalmarketingafrica.net
534. [+] dindir.higleig.com
535. [+] dirnour.com
536. [+] dps.com.sd
537. [+] easyhotel.advocatemakki.com
538. [+] ecogroupsd.com
539. [+] edge.ideagp.com
540. [+] eims.ae
541. [+] elgadal.com
542. [+] elitihadlogistics.com
543. [+] elmohandis-paints.com
544. [+] elprincesudan.com
545. [+] eltagtrading.com
546. [+] emitradingco.com
547. [+] engcouncil.sd
548. [+] etegahat-ap.com
549. [+] exams.nileuniversity-edu.com
550. [+] extra-pharma.com
551. [+] farha-sd.com
552. [+] farha-sd.tanglewood-sd.com
553. [+] fasrc.org
554. [+] flynas-sudan.com
555. [+] focusschool-sd.com
556. [+] forwomenbywomen.org
557. [+] fresh.yassirkambalgroup.com
558. [+] gadc01.goldenarrow.sd
559. [+] gdsudan.com
560. [+] geocad-sd.com
561. [+] giadservices.com
562. [+] gladiator-bdc.com
563. [+] goldenarrow.sd
564. [+] gpo-sd.com
565. [+] green.yassirkambalgroup.com
566. [+] hamza-farm.com
567. [+] hcs-sd.com
568. [+] higleig.com
569. [+] hopemedicalsd.com
570. [+] ideagp.com
571. [+] ideal-sdn.com
572. [+] iec.gov.sd
573. [+] indonile.com
574. [+] indonileexport.com
575. [+] ingawetrading.com
576. [+] it.alanfalgroup.com
577. [+] jubaauto.com
578. [+] kambalexport.com
579. [+] khartoum-int.net
580. [+] khmedical.edu.sd
581. [+] kmc-sd.com
582. [+] ktcesudan.com
583. [+] ladconsult.com
584. [+] lanjico.com
585. [+] lowcosttravelcenter.com
586. [+] lulamab.com
587. [+] lunatusmed.com
588. [+] mahgoubsons.com
589. [+] mail.pawfreight.com
590. [+] mamedmedical.com
591. [+] manar-group.com
592. [+] marwacoenterprises.com
593. [+] mdisam.paradisehotels-sd.com
594. [+] mechatronic-sd.com
595. [+] med.gov.sd
596. [+] medanico.com
597. [+] medicare-sd.com
598. [+] medpharma-sd.com
599. [+] mieragspace.com
600. [+] milestonesd.com
601. [+] mohe.gov.sd
602. [+] moodle.nileuniversity-edu.com
603. [+] moontrade.net
604. [+] mssmanal.com
605. [+] mudalala.qa
606. [+] musanadaholding.com
607. [+] nagi.photo
608. [+] nilecement.org
609. [+] nileuniversity-edu.com
610. [+] nisosd.com
611. [+] niss.tech
612. [+] nlicfinance.com
613. [+] npetroleum.com
614. [+] numberone-sd.com
615. [+] nuspetro.com
616. [+] oau.edu.sd
617. [+] oit-sd.com
618. [+] olgaecs.com
619. [+] omiga.yassirkambalgroup.com
620. [+] openskies247.com
621. [+] osamaalgadee.com
622. [+] osool-sd.com
623. [+] owner.advocatemakki.com
624. [+] paradisehotels-sd.com
625. [+] pawfreight.com
626. [+] petroall.net
627. [+] portal.iec.gov.sd
628. [+] powerblue.yassirkambalgroup.com
629. [+] pts-sd.com
630. [+] radmedco.com
631. [+] raheeg.com
632. [+] rakhie.net
633. [+] rcctsd.com
634. [+] reports.lowcosttravelcenter.com
635. [+] rikaz.sd
636. [+] rittal-sd.com
637. [+] rocketeng.net
638. [+] rotana.mechatronic-sd.com
639. [+] sabintod.com
640. [+] saliglobal.org
641. [+] sangsl.com
642. [+] saria.sd
643. [+] sarrealways.com
644. [+] saudisb.sd
645. [+] scmsltd.com
646. [+] secure-paypal.org.rakhie.net
647. [+] senahypermarket.com
648. [+] server2.click-grafix.com
649. [+] server.click-grafix.com
650. [+] sgsuae.com
651. [+] shakak.org
652. [+] shirouqpaints.net
653. [+] shoyum.com
654. [+] sidcotel.sd
655. [+] sinnarshipping.com
656. [+] skhcsudan.com
657. [+] skyart-sd.com
658. [+] smacosd.com
659. [+] soed-sd.org
660. [+] sonic.yassirkambalgroup.com
661. [+] srptechnology.com
662. [+] ssia.sd
663. [+] stiltgroup.org
664. [+] students.nileuniversity-edu.com
665. [+] sudanbcisd.net
666. [+] sudanesephysicians.org
667. [+] sudanpile.com
668. [+] sudanports.gov.sd
669. [+] sudanwork.com
670. [+] sudapet.sd
671. [+] sudapost.sd
672. [+] summit-schools.com
673. [+] supergeneral-sd.com
674. [+] tadamonbank-sd.com
675. [+] talawiet.org.sd
676. [+] tanglewood-sd.com
677. [+] tawakolmedical.com
678. [+] tbmlawfirm.com
679. [+] test.almamoonoil.com
680. [+] test.mechatronic-sd.com
681. [+] tharjatheng.com
682. [+] tpsudan.gov.sd
683. [+] transways.ae
684. [+] tstmatjar.com
685. [+] vittoriopierino.com
686. [+] webdisk.aacpd.org
687. [+] webdisk.aayan.com.qa
688. [+] webdisk.abanos.net
689. [+] webdisk.abdeenandco.com
690. [+] webdisk.advocatemakki.com
691. [+] webdisk.adyagroup.net
692. [+] webdisk.ahqsudan.com
693. [+] webdisk.alanfalgroup.com
694. [+] webdisk.alanfaljabra.com
695. [+] webdisk.albadaael.com
696. [+] webdisk.albarakafinancial.com
697. [+] webdisk.alfala.com
698. [+] webdisk.alitimadgroup.com
699. [+] webdisk.almadadgroup.com
700. [+] webdisk.almamoonoil.com
701. [+] webdisk.aloaloa.com
702. [+] webdisk.alomergroup.com
703. [+] webdisk.alsundusiamedical.com
704. [+] webdisk.alwatanyia.com
705. [+] webdisk.alwathbagroup.com
706. [+] webdisk.anpm.co
707. [+] webdisk.arenboutique.com
708. [+] webdisk.ariabmining.net
709. [+] webdisk.ashrafelsharif.com
710. [+] webdisk.bajrawiafab.com
711. [+] webdisk.beautyconceptlounge.com
712. [+] webdisk.benzcenter.net
713. [+] webdisk.berigdargroup.com
714. [+] webdisk.berigdar.com
715. [+] webdisk.berimalegal.com
716. [+] webdisk.bivetsud.com
717. [+] webdisk.bmcproject.net
718. [+] webdisk.brandavenue.net
719. [+] webdisk.casiexpress.net
720. [+] webdisk.cctctraining.com
721. [+] webdisk.clarionlaserclinic.ie
722. [+] webdisk.clickgrafix.co
723. [+] webdisk.clicksd.info
724. [+] webdisk.dallahpharma.net
725. [+] webdisk.dandaradentalcenter.com
726. [+] webdisk.difafvillage.com
727. [+] webdisk.dirnour.com
728. [+] webdisk.ecogroupsd.com
729. [+] webdisk.eims.ae
730. [+] webdisk.elgadal.com
731. [+] webdisk.elitihadlogistics.com
732. [+] webdisk.elprincesudan.com
733. [+] webdisk.eltagtrading.com
734. [+] webdisk.emitradingco.com
735. [+] webdisk.fasrc.org
736. [+] webdisk.forwomenbywomen.org
737. [+] webdisk.gdsudan.com
738. [+] webdisk.giadservices.com
739. [+] webdisk.higleig.com
740. [+] webdisk.hishamkarouri.com
741. [+] webdisk.hopemedicalsd.com
742. [+] webdisk.ideagp.com
743. [+] webdisk.indonileexport.com
744. [+] webdisk.indonile.com
745. [+] webdisk.ingawetrading.com
746. [+] webdisk.jubaauto.com
747. [+] webdisk.ktcesudan.com
748. [+] webdisk.ladconsult.com
749. [+] webdisk.lanjico.com
750. [+] webdisk.lowcosttravelcenter.com
751. [+] webdisk.lulamab.com
752. [+] webdisk.lunatusmed.com
753. [+] webdisk.mahgoubsons.com
754. [+] webdisk.mamedmedical.com
755. [+] webdisk.marwacoenterprises.com
756. [+] webdisk.medanico.com
757. [+] webdisk.mieragspace.com
758. [+] webdisk.moontrade.net
759. [+] webdisk.mssmanal.com
760. [+] webdisk.mudalala.qa
761. [+] webdisk.musanadaholding.com
762. [+] webdisk.nagi.photo
763. [+] webdisk.nilecement.org
764. [+] webdisk.nisosd.com
765. [+] webdisk.niss.tech
766. [+] webdisk.nlicfinance.com
767. [+] webdisk.npetroleum.com
768. [+] webdisk.nuspetro.com
769. [+] webdisk.olgaecs.com
770. [+] webdisk.osamaalgadee.com
771. [+] webdisk.pawfreight.com
772. [+] webdisk.petroall.net
773. [+] webdisk.radmedco.com
774. [+] webdisk.raheeg.com
775. [+] webdisk.rakhie.net
776. [+] webdisk.rcctsd.com
777. [+] webdisk.rocketeng.net
778. [+] webdisk.sabintod.com
779. [+] webdisk.sangsl.com
780. [+] webdisk.scmsltd.com
781. [+] webdisk.senahypermarket.com
782. [+] webdisk.shakak.org
783. [+] webdisk.shirouqpaints.net
784. [+] webdisk.shoyum.com
785. [+] webdisk.sinnarshipping.com
786. [+] webdisk.skhcsudan.com
787. [+] webdisk.smacosd.com
788. [+] webdisk.srptechnology.com
789. [+] webdisk.stiltgroup.org
790. [+] webdisk.sudanbcisd.net
791. [+] webdisk.sudanesephysicians.org
792. [+] webdisk.sudanpile.com
793. [+] webdisk.sudanwork.com
794. [+] webdisk.tawakolmedical.com
795. [+] webdisk.tawseelsudan.com
796. [+] webdisk.tbmlawfirm.com
797. [+] webdisk.tharjatheng.com
798. [+] webdisk.transways.ae
799. [+] webdisk.tstmatjar.com
800. [+] webdisk.vittoriopierino.com
801. [+] webdisk.wgarasud.com
802. [+] webdisk.yasminycl.com
803. [+] webdisk.yassirkambalgroup.com
804. [+] webdisk.yathribyp.com
805. [+] webdisk.zawayabricks.com
806. [+] webdisk.adding-sd.com
807. [+] webdisk.agrogate-holdings.com
808. [+] webdisk.alzawaya-medical.com
809. [+] webdisk.apg-sd.com
810. [+] webdisk.basma-ocf.org
811. [+] webdisk.click-grafix.com
812. [+] webdisk.codon-med.com
813. [+] webdisk.crimsonlights-sd.com
814. [+] webdisk.das-diesel.com
815. [+] webdisk.elmohandis-paints.com
816. [+] webdisk.etegahat-ap.com
817. [+] webdisk.extra-pharma.com
818. [+] webdisk.farha-sd.com
819. [+] webdisk.flynas-sudan.com
820. [+] webdisk.focusschool-sd.com
821. [+] webdisk.geocad-sd.com
822. [+] webdisk.gladiator-bdc.com
823. [+] webdisk.gpo-sd.com
824. [+] webdisk.hamza-farm.com
825. [+] webdisk.hcs-sd.com
826. [+] webdisk.ideal-sdn.com
827. [+] webdisk.khartoum-int.net
828. [+] webdisk.kmc-sd.com
829. [+] webdisk.maak-sd.com
830. [+] webdisk.manar-group.com
831. [+] webdisk.mechatronic-sd.com
832. [+] webdisk.medicare-sd.com
833. [+] webdisk.medpharma-sd.com
834. [+] webdisk.nileuniversity-edu.com
835. [+] webdisk.numberone-sd.com
836. [+] webdisk.oit-sd.com
837. [+] webdisk.osool-sd.com
838. [+] webdisk.paradisehotels-sd.com
839. [+] webdisk.pts-sd.com
840. [+] webdisk.rittal-sd.com
841. [+] webdisk.skyart-sd.com
842. [+] webdisk.soed-sd.org
843. [+] webdisk.summit-schools.com
844. [+] webdisk.supergeneral-sd.com
845. [+] webdisk.tanglewood-sd.com
846. [+] webdisk.whitewaters-sd.com
847. [+] webdisk.yam-cdc.com
848. [+] webmail.aacpd.org
849. [+] webmail.aayan.com.qa
850. [+] webmail.abanos.net
851. [+] webmail.abdeenandco.com
852. [+] webmail.advocatemakki.com
853. [+] webmail.adyagroup.net
854. [+] webmail.ahqsudan.com
855. [+] webmail.alanfalgroup.com
856. [+] webmail.alanfaljabra.com
857. [+] webmail.albadaael.com
858. [+] webmail.albarakafinancial.com
859. [+] webmail.alfala.com
860. [+] webmail.alitimadgroup.com
861. [+] webmail.almadadgroup.com
862. [+] webmail.almamoonoil.com
863. [+] webmail.aloaloa.com
864. [+] webmail.alomergroup.com
865. [+] webmail.alsundusiamedical.com
866. [+] webmail.alwatanyia.com
867. [+] webmail.alwathbagroup.com
868. [+] webmail.anpm.co
869. [+] webmail.arenboutique.com
870. [+] webmail.ariabmining.net
871. [+] webmail.ashrafelsharif.com
872. [+] webmail.bajrawiafab.com
873. [+] webmail.beautyconceptlounge.com
874. [+] webmail.benzcenter.net
875. [+] webmail.berigdargroup.com
876. [+] webmail.berigdar.com
877. [+] webmail.berimalegal.com
878. [+] webmail.bivetsud.com
879. [+] webmail.bmcproject.net
880. [+] webmail.brandavenue.net
881. [+] webmail.casiexpress.net
882. [+] webmail.cctctraining.com
883. [+] webmail.clarionlaserclinic.ie
884. [+] webmail.clickgrafix.co
885. [+] webmail.clicksd.info
886. [+] webmail.dallahpharma.net
887. [+] webmail.dandaradentalcenter.com
888. [+] webmail.difafvillage.com
889. [+] webmail.ecogroupsd.com
890. [+] webmail.eims.ae
891. [+] webmail.elgadal.com
892. [+] webmail.elitihadlogistics.com
893. [+] webmail.elprincesudan.com
894. [+] webmail.eltagtrading.com
895. [+] webmail.emitradingco.com
896. [+] webmail.fasrc.org
897. [+] webmail.forwomenbywomen.org
898. [+] webmail.gdsudan.com
899. [+] webmail.giadservices.com
900. [+] webmail.higleig.com
901. [+] webmail.hishamkarouri.com
902. [+] webmail.hopemedicalsd.com
903. [+] webmail.ideagp.com
904. [+] webmail.indonileexport.com
905. [+] webmail.indonile.com
906. [+] webmail.ingawetrading.com
907. [+] webmail.jubaauto.com
908. [+] webmail.ktcesudan.com
909. [+] webmail.ladconsult.com
910. [+] webmail.lanjico.com
911. [+] webmail.lowcosttravelcenter.com
912. [+] webmail.lulamab.com
913. [+] webmail.lunatusmed.com
914. [+] webmail.mahgoubsons.com
915. [+] webmail.mamedmedical.com
916. [+] webmail.marwacoenterprises.com
917. [+] webmail.medanico.com
918. [+] webmail.mieragspace.com
919. [+] webmail.moontrade.net
920. [+] webmail.mssmanal.com
921. [+] webmail.mudalala.qa
922. [+] webmail.musanadaholding.com
923. [+] webmail.nagi.photo
924. [+] webmail.nilecement.org
925. [+] webmail.nisosd.com
926. [+] webmail.niss.tech
927. [+] webmail.nlicfinance.com
928. [+] webmail.npetroleum.com
929. [+] webmail.nuspetro.com
930. [+] webmail.olgaecs.com
931. [+] webmail.osamaalgadee.com
932. [+] webmail.pawfreight.com
933. [+] webmail.petroall.net
934. [+] webmail.radmedco.com
935. [+] webmail.raheeg.com
936. [+] webmail.rakhie.net
937. [+] webmail.rcctsd.com
938. [+] webmail.rocketeng.net
939. [+] webmail.sabintod.com
940. [+] webmail.sangsl.com
941. [+] webmail.scmsltd.com
942. [+] webmail.senahypermarket.com
943. [+] webmail.shakak.org
944. [+] webmail.shirouqpaints.net
945. [+] webmail.shoyum.com
946. [+] webmail.sinnarshipping.com
947. [+] webmail.skhcsudan.com
948. [+] webmail.smacosd.com
949. [+] webmail.srptechnology.com
950. [+] webmail.stiltgroup.org
951. [+] webmail.sudanbcisd.net
952. [+] webmail.sudanesephysicians.org
953. [+] webmail.sudanpile.com
954. [+] webmail.sudanwork.com
955. [+] webmail.tawakolmedical.com
956. [+] webmail.tawseelsudan.com
957. [+] webmail.tbmlawfirm.com
958. [+] webmail.tharjatheng.com
959. [+] webmail.transways.ae
960. [+] webmail.tstmatjar.com
961. [+] webmail.vittoriopierino.com
962. [+] webmail.wgarasud.com
963. [+] webmail.yasminycl.com
964. [+] webmail.yassirkambalgroup.com
965. [+] webmail.yathribyp.com
966. [+] webmail.zawayabricks.com
967. [+] webmail.adding-sd.com
968. [+] webmail.agrogate-holdings.com
969. [+] webmail.alzawaya-medical.com
970. [+] webmail.apg-sd.com
971. [+] webmail.basma-ocf.org
972. [+] webmail.click-grafix.com
973. [+] webmail.codon-med.com
974. [+] webmail.crimsonlights-sd.com
975. [+] webmail.das-diesel.com
976. [+] webmail.elmohandis-paints.com
977. [+] webmail.etegahat-ap.com
978. [+] webmail.extra-pharma.com
979. [+] webmail.farha-sd.com
980. [+] webmail.flynas-sudan.com
981. [+] webmail.focusschool-sd.com
982. [+] webmail.geocad-sd.com
983. [+] webmail.gladiator-bdc.com
984. [+] webmail.gpo-sd.com
985. [+] webmail.hamza-farm.com
986. [+] webmail.hcs-sd.com
987. [+] webmail.ideal-sdn.com
988. [+] webmail.khartoum-int.net
989. [+] webmail.kmc-sd.com
990. [+] webmail.maak-sd.com
991. [+] webmail.manar-group.com
992. [+] webmail.mechatronic-sd.com
993. [+] webmail.medicare-sd.com
994. [+] webmail.medpharma-sd.com
995. [+] webmail.nileuniversity-edu.com
996. [+] webmail.numberone-sd.com
997. [+] webmail.oit-sd.com
998. [+] webmail.osool-sd.com
999. [+] webmail.paradisehotels-sd.com
1000. [+] webmail.pts-sd.com
1001. [+] webmail.rittal-sd.com
1002. [+] webmail.skyart-sd.com
1003. [+] webmail.soed-sd.org
1004. [+] webmail.summit-schools.com
1005. [+] webmail.supergeneral-sd.com
1006. [+] webmail.tanglewood-sd.com
1007. [+] webmail.whitewaters-sd.com
1008. [+] webmail.yam-cdc.com
1009. [+] westvilledevelopers.co.za
1010. [+] wgarasud.com
1011. [+] whitewaters-sd.com
1012. [+] whm.click-grafix.com
1013. [+] wre.gov.sd
1014. [+] www.alrawabi.yassirkambalgroup.com
1015. [+] www.app.advocatemakki.com
1016. [+] www.aseelcomplex.yassirkambalgroup.com
1017. [+] www.aseel.yassirkambalgroup.com
1018. [+] www.berigdar.berigdargroup.com
1019. [+] www.conference.sudanesephysicians.org
1020. [+] www.dallahpharma.alwathbagroup.com
1021. [+] www.design.alwatanyia.com
1022. [+] www.dindir.higleig.com
1023. [+] www.easyhotel.advocatemakki.com
1024. [+] www.edge.ideagp.com
1025. [+] www.fresh.yassirkambalgroup.com
1026. [+] www.green.yassirkambalgroup.com
1027. [+] www.it.alanfalgroup.com
1028. [+] www.mahgoubsons.com
1029. [+] www.mail.pawfreight.com
1030. [+] www.omiga.yassirkambalgroup.com
1031. [+] www.owner.advocatemakki.com
1032. [+] www.powerblue.yassirkambalgroup.com
1033. [+] www.reports.lowcosttravelcenter.com
1034. [+] www.sonic.yassirkambalgroup.com
1035. [+] www.test.almamoonoil.com
1036. [+] www.apple-login.org.rakhie.net
1037. [+] www.arech.apg-sd.com
1038. [+] www.ar.nileuniversity-edu.com
1039. [+] www.badawi.alzawaya-medical.com
1040. [+] www.bargos.apg-sd.com
1041. [+] www.citi.online.yam-cdc.com
1042. [+] www.exams.nileuniversity-edu.com
1043. [+] www.farha-sd.tanglewood-sd.com
1044. [+] www.mdisam.paradisehotels-sd.com
1045. [+] www.moodle.nileuniversity-edu.com
1046. [+] www.rotana.mechatronic-sd.com
1047. [+] www.secure-paypal.org.rakhie.net
1048. [+] www.students.nileuniversity-edu.com
1049. [+] www.test.mechatronic-sd.com
1050. [+] yam-cdc.com
1051. [+] yasminycl.com
1052. [+] yassirkambalgroup.com
1053. [+] yathribyp.com
1054. [+] zawayabricks.com
1055. #######################################################################################################################################
1056.  
1057. Reverse IP With YouGetSignal 'wre.gov.sd'
1058. ---------------------------------------------------------------------------------------------------------------------------------------
1059.  
1060. [*] IP: 138.128.160.2
1061. [*] Domain: wre.gov.sd
1062. [*] Total Domains: 49
1063.  
1064. [+] adding-sd.com
1065. [+] alfala.com
1066. [+] aljazeerabank.com.sd
1067. [+] aloaloa.com
1068. [+] aou.edu.sd
1069. [+] apg-sd.com
1070. [+] audit.gov.sd
1071. [+] bajafar.sd
1072. [+] benzcenter.net
1073. [+] click.sd
1074. [+] cm.sd
1075. [+] cpd.gov.sd
1076. [+] eims.ae
1077. [+] engcouncil.sd
1078. [+] giadservices.com
1079. [+] gpo-sd.com
1080. [+] iec.gov.sd
1081. [+] indonileexport.com
1082. [+] khairport.gov.sd
1083. [+] khmedical.edu.sd
1084. [+] mofdgoia.gov.sd
1085. [+] mohe.gov.sd
1086. [+] mssmanal.com
1087. [+] nileuniversity-edu.com
1088. [+] petroall.net
1089. [+] sahl.gov.sd
1090. [+] sdac.gov.sd
1091. [+] sidcotel.sd
1092. [+] ssia.sd
1093. [+] sudafast.edu.sd
1094. [+] sudan.gov.sd
1095. [+] sudanap.org
1096. [+] sudanconsumers.org
1097. [+] sudanports.gov.sd
1098. [+] sudapet.sd
1099. [+] sudapost.sd
1100. [+] tpsudan.gov.sd
1101. [+] wre.gov.sd
1102. [+] www.aljazeerabank.com.sd
1103. [+] www.cpd.gov.sd
1104. [+] www.dandaradentalcenter.com
1105. [+] www.goldenarrow.sd
1106. [+] www.iec.gov.sd
1107. [+] www.khmedical.edu.sd
1108. [+] www.mohe.gov.sd
1109. [+] www.studentwelfare.sd
1110. [+] www.sudan.gov.sd
1111. [+] www.sudapet.sd
1112. [+] www.tararealestate.sd
1113. #######################################################################################################################################
1114.  
1115. Geo IP Lookup 'wre.gov.sd'
1116. ---------------------------------------------------------------------------------------------------------------------------------------
1117.  
1118. [+] IP Address: 138.128.160.2
1119. [+] Country: United States
1120. [+] State: Florida
1121. [+] City: Orlando
1122. [+] Latitude: 28.5807
1123. [+] Longitude: -81.1893
1124. #######################################################################################################################################
1125.  
1126. Bypass Cloudflare 'wre.gov.sd'
1127. ---------------------------------------------------------------------------------------------------------------------------------------
1128.  
1129. [!] CloudFlare Bypass 138.128.160.2 | ftp.wre.gov.sd
1130. [!] CloudFlare Bypass 138.128.160.2 | cpanel.wre.gov.sd
1131. [!] CloudFlare Bypass 138.128.160.2 | webmail.wre.gov.sd
1132. [!] CloudFlare Bypass 127.0.0.1 | localhost.wre.gov.sd
1133. [!] CloudFlare Bypass 138.128.160.2 | mail.wre.gov.sd
1134. [!] CloudFlare Bypass 138.128.160.2 | www.wre.gov.sd
1135. [!] CloudFlare Bypass 138.128.160.2 | test.wre.gov.sd
1136. #######################################################################################################################################
1137.  
1138. DNS Lookup 'wre.gov.sd'
1139. ---------------------------------------------------------------------------------------------------------------------------------------
1140.  
1141. [+] wre.gov.sd. 14399 IN TXT "v=spf1 +a +mx +ip4:66.7.212.159 ?all"
1142. [+] wre.gov.sd. 14399 IN MX 0 wre.gov.sd.
1143. [+] wre.gov.sd. 21599 IN SOA ns1.click-grafix.com. karouri.gmail.com. 2019031803 3600 7200 1209600 86400
1144. [+] wre.gov.sd. 21599 IN NS ns1.click-grafix.com.
1145. [+] wre.gov.sd. 21599 IN NS ns2.click-grafix.com.
1146. [+] wre.gov.sd. 14399 IN A 138.128.160.2
1147. #######################################################################################################################################
1148.  
1149. Show HTTP Header 'wre.gov.sd'
1150. ---------------------------------------------------------------------------------------------------------------------------------------
1151.  
1152. [+] HTTP/1.1 200 OK
1153. [+] Date: Thu, 02 May 2019 04:18:51 GMT
1154. [+] Server: Apache
1155. [+] X-Powered-By: PHP/5.6.40
1156. [+] Link: ; rel="https://api.w.org/"
1157. [+] Set-Cookie: qtrans_front_language=ar; expires=Fri, 01-May-2020 04:18:51 GMT; Max-Age=31536000; path=/
1158. [+] Referrer-Policy: no-referrer-when-downgrade
1159. [+] Connection: close
1160. [+] Content-Type: text/html; charset=UTF-8
1161. #######################################################################################################################################
1162.  
1163. Port Scan 'wre.gov.sd'
1164. ---------------------------------------------------------------------------------------------------------------------------------------
1165.  
1166. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 04:18 UTC
1167. Nmap scan report for wre.gov.sd (138.128.160.2)
1168. Host is up (0.058s latency).
1169. rDNS record for 138.128.160.2: server.click-grafix.com
1170.  
1171. PORT STATE SERVICE
1172. 21/tcp open ftp
1173. 22/tcp closed ssh
1174. 23/tcp filtered telnet
1175. 80/tcp open http
1176. 110/tcp open pop3
1177. 143/tcp open imap
1178. 443/tcp open https
1179. 3389/tcp filtered ms-wbt-server
1180.  
1181. Nmap done: 1 IP address (1 host up) scanned in 2.12 seconds
1182. #######################################################################################################################################
1183.  
1184. Robot.txt 'wre.gov.sd'
1185. ---------------------------------------------------------------------------------------------------------------------------------------
1186.  
1187. User-agent: *
1188. Disallow: /wp-admin/
1189. Allow: /wp-admin/admin-ajax.php
1190. #######################################################################################################################################
1191.  
1192. Traceroute 'wre.gov.sd'
1193. ---------------------------------------------------------------------------------------------------------------------------------------
1194.  
1195. Start: 2019-05-02T04:19:20+0000
1196. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
1197. 1.|-- 45.79.12.201 0.0% 3 0.8 3.1 0.8 6.1 2.7
1198. 2.|-- 45.79.12.0 0.0% 3 5.2 2.5 0.9 5.2 2.3
1199. 3.|-- ae-37.a01.dllstx04.us.bb.gin.ntt.net 0.0% 3 2.8 2.0 1.6 2.8 0.7
1200. 4.|-- ae-9.r10.dllstx09.us.bb.gin.ntt.net 0.0% 3 1.2 1.4 1.2 1.5 0.2
1201. 5.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
1202. 6.|-- ae-1-8.bar1.Orlando1.Level3.net 33.3% 3 38.4 38.5 38.4 38.6 0.2
1203. 7.|-- HOSTDIME.bar1.Orlando1.Level3.net 0.0% 3 42.7 41.8 40.5 42.7 1.2
1204. 8.|-- xe-1-3-core2.orl.hostdime.com 0.0% 3 40.5 51.6 40.5 58.4 9.6
1205. 9.|-- server.click-grafix.com 33.3% 3 38.6 38.6 38.6 38.6 0.0
1206. #######################################################################################################################################
1207.  
1208. Ping 'wre.gov.sd'
1209. ---------------------------------------------------------------------------------------------------------------------------------------
1210.  
1211.  
1212. Starting Nping 0.7.70 ( https://nmap.org/nping ) at 2019-05-02 04:19 UTC
1213. SENT (0.1110s) ICMP [104.237.144.6 > 138.128.160.2 Echo request (type=8/code=0) id=4251 seq=1] IP [ttl=64 id=5032 iplen=28 ]
1214. RCVD (0.3098s) ICMP [138.128.160.2 > 104.237.144.6 Echo reply (type=0/code=0) id=4251 seq=1] IP [ttl=54 id=28490 iplen=28 ]
1215. SENT (1.1119s) ICMP [104.237.144.6 > 138.128.160.2 Echo request (type=8/code=0) id=4251 seq=2] IP [ttl=64 id=5032 iplen=28 ]
1216. RCVD (1.3296s) ICMP [138.128.160.2 > 104.237.144.6 Echo reply (type=0/code=0) id=4251 seq=2] IP [ttl=54 id=28663 iplen=28 ]
1217. SENT (2.1137s) ICMP [104.237.144.6 > 138.128.160.2 Echo request (type=8/code=0) id=4251 seq=3] IP [ttl=64 id=5032 iplen=28 ]
1218. RCVD (2.3496s) ICMP [138.128.160.2 > 104.237.144.6 Echo reply (type=0/code=0) id=4251 seq=3] IP [ttl=54 id=29631 iplen=28 ]
1219. SENT (3.1155s) ICMP [104.237.144.6 > 138.128.160.2 Echo request (type=8/code=0) id=4251 seq=4] IP [ttl=64 id=5032 iplen=28 ]
1220. RCVD (3.1657s) ICMP [138.128.160.2 > 104.237.144.6 Echo reply (type=0/code=0) id=4251 seq=4] IP [ttl=54 id=30374 iplen=28 ]
1221.  
1222. Max rtt: 235.657ms | Min rtt: 50.201ms | Avg rtt: 175.547ms
1223. Raw packets sent: 4 (112B) | Rcvd: 4 (184B) | Lost: 0 (0.00%)
1224. Nping done: 1 IP address pinged in 3.17 seconds
1225. #######################################################################################################################################
1226.  
1227. Page Admin Finder 'wre.gov.sd'
1228. ---------------------------------------------------------------------------------------------------------------------------------------
1229.  
1230.  
1231.  
1232. Avilable Links :
1233.  
1234. Find Page >> http://wre.gov.sd/admin/
1235.  
1236. Find Page >> http://wre.gov.sd/admin/index.php
1237.  
1238. Find Page >> http://wre.gov.sd/wp-login.php
1239. #######################################################################################################################################
1240. ; <<>> DiG 9.11.5-P4-3-Debian <<>> wre.gov.sd
1241. ;; global options: +cmd
1242. ;; Got answer:
1243. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13103
1244. ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
1245.  
1246. ;; OPT PSEUDOSECTION:
1247. ; EDNS: version: 0, flags:; udp: 4096
1248. ;; QUESTION SECTION:
1249. ;wre.gov.sd. IN A
1250.  
1251. ;; ANSWER SECTION:
1252. wre.gov.sd. 13679 IN A 138.128.160.2
1253.  
1254. ;; Query time: 36 msec
1255. ;; SERVER: 38.132.106.139#53(38.132.106.139)
1256. ;; WHEN: jeu mai 02 00:42:56 EDT 2019
1257. ;; MSG SIZE rcvd: 55
1258. #######################################################################################################################################
1259. ; <<>> DiG 9.11.5-P4-3-Debian <<>> +trace wre.gov.sd
1260. ;; global options: +cmd
1261. . 82515 IN NS m.root-servers.net.
1262. . 82515 IN NS e.root-servers.net.
1263. . 82515 IN NS k.root-servers.net.
1264. . 82515 IN NS b.root-servers.net.
1265. . 82515 IN NS c.root-servers.net.
1266. . 82515 IN NS l.root-servers.net.
1267. . 82515 IN NS h.root-servers.net.
1268. . 82515 IN NS d.root-servers.net.
1269. . 82515 IN NS j.root-servers.net.
1270. . 82515 IN NS f.root-servers.net.
1271. . 82515 IN NS g.root-servers.net.
1272. . 82515 IN NS a.root-servers.net.
1273. . 82515 IN NS i.root-servers.net.
1274. . 82515 IN RRSIG NS 8 0 518400 20190514170000 20190501160000 25266 . w4ssTvTC9iBkFkqxTfOYUUzNPGYa6X8OafW9aSqZemGH5DXIrB7qHOf2 5wje3SBrkIEEbDa6EfNdcwIzMOf5XhhuwfM5dnO8tKSfnKpasFHMrBHG S3ugP+fPEGuIWtol0nyjdVqcbbDtlWWLBSX6KJs/no3vGbzlAbLZJap4 0XaRFnoWJLz0kDceA8QXeuuh//zpeHCHyzv/OJ8lmPSdBeRUmMLm/Kab Lm4zG+UJSYH3HCLkUNAvDylul5uUoue3jiZTKjwK+MxjdqUQa/FyPXow gN8goiu8cUKc6OAUnWn0dV6T/cDZC5Lj0O/Oaj+9rV7nGNTETqNwhcQt JWHhqw==
1275. ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 31 ms
1276.  
1277. sd. 172800 IN NS ans2.canar.sd.
1278. sd. 172800 IN NS ans1.sis.sd.
1279. sd. 172800 IN NS ns-sd.afrinic.net.
1280. sd. 172800 IN NS ns1.uaenic.ae.
1281. sd. 172800 IN NS ans1.canar.sd.
1282. sd. 172800 IN NS sd.cctld.authdns.ripe.net.
1283. sd. 172800 IN NS ns2.uaenic.ae.
1284. sd. 86400 IN NSEC se. NS RRSIG NSEC
1285. sd. 86400 IN RRSIG NSEC 8 1 86400 20190514170000 20190501160000 25266 . RvWMl899QG/w8chpHW82ngDehj9ubgmK53QxZzcDub+gqGYHTtZSY67i Cv7IAvZb3XIHN+lbYe3c+nl3mIEzL1iSlDhtYmJtI6Z3abJBSu6S6ILk RHn3xyixJO9YMgXwGCn/TehgPbCqBE+NlI5GC9saGA5sa2UPvyMqLMTB reU28UtE5UzyyyNHGmuB0Ft6eONuuHrFfFuAAOFGyKTS9smX3kmyu78q P2Ys7Xxp2pnPefEQa54S8ZJ9tVFjoQw+VPvPQDF5IbmWUoGm6mcJj6pW CRm0JuA/UjZ2JS9HGwL64HzuZpy+M4LbCclsYG0uE9ugv0D9YPLkExN1 IpuUUg==
1286. ;; Received 725 bytes from 192.112.36.4#53(g.root-servers.net) in 57 ms
1287.  
1288. ;; Received 67 bytes from 195.229.0.186#53(ns2.uaenic.ae) in 220 ms
1289. #######################################################################################################################################
1290. [*] Performing General Enumeration of Domain: wre.gov.sd
1291. [-] DNSSEC is not configured for wre.gov.sd
1292. [*] SOA ns1.click-grafix.com 138.128.160.3
1293. [*] NS ns1.click-grafix.com 138.128.160.3
1294. [*] Bind Version for 138.128.160.3 9.9.4-RedHat-9.9.4-73.el7_6
1295. [*] NS ns2.click-grafix.com 138.128.160.4
1296. [*] Bind Version for 138.128.160.4 9.9.4-RedHat-9.9.4-73.el7_6
1297. [*] MX wre.gov.sd 138.128.160.2
1298. [*] A wre.gov.sd 138.128.160.2
1299. [*] TXT wre.gov.sd v=spf1 +a +mx +ip4:66.7.212.159 ?all
1300. [*] Enumerating SRV Records
1301. [-] No SRV Records Found for wre.gov.sd
1302. [+] 0 Records Found
1303. #######################################################################################################################################
1304. [*] Processing domain wre.gov.sd
1305. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1306. [+] Getting nameservers
1307. 138.128.160.3 - ns1.click-grafix.com
1308. 138.128.160.4 - ns2.click-grafix.com
1309. [-] Zone transfer failed
1310.  
1311. [+] TXT records found
1312. "v=spf1 +a +mx +ip4:66.7.212.159 ?all"
1313.  
1314. [+] MX records found, added to target list
1315. 0 wre.gov.sd.
1316.  
1317. [*] Scanning wre.gov.sd for A records
1318. 138.128.160.2 - wre.gov.sd
1319. 138.128.160.2 - cpanel.wre.gov.sd
1320. 138.128.160.2 - ftp.wre.gov.sd
1321. 127.0.0.1 - localhost.wre.gov.sd
1322. 138.128.160.2 - mail.wre.gov.sd
1323. 138.128.160.2 - test.wre.gov.sd
1324. 138.128.160.2 - webdisk.wre.gov.sd
1325. 138.128.160.2 - webmail.wre.gov.sd
1326. 138.128.160.2 - whm.wre.gov.sd
1327. 138.128.160.2 - www.wre.gov.sd
1328. #######################################################################################################################################
1329. Ip Address Status Type Domain Name Server
1330. ---------- ------ ---- ----------- ------
1331. 138.128.160.2 200 alias ftp.wre.gov.sd
1332. 138.128.160.2 200 host wre.gov.sd
1333. 127.0.0.1 host localhost.wre.gov.sd
1334. 138.128.160.2 200 alias mail.wre.gov.sd
1335. 138.128.160.2 200 host wre.gov.sd
1336. 138.128.160.2 200 host test.wre.gov.sd
1337. 138.128.160.2 301 host webmail.wre.gov.sd
1338. 138.128.160.2 alias www.wre.gov.sd
1339. 138.128.160.2 host wre.gov.sd
1340. #######################################################################################################################################
1341. [+] Testing domain
1342. www.wre.gov.sd 138.128.160.2
1343. [+] Dns resolving
1344. Domain name Ip address Name server
1345. wre.gov.sd 138.128.160.2 server.click-grafix.com
1346. Found 1 host(s) for wre.gov.sd
1347. [+] Testing wildcard
1348. Ok, no wildcard found.
1349.  
1350. [+] Scanning for subdomain on wre.gov.sd
1351. [!] Wordlist not specified. I scannig with my internal wordlist...
1352. Estimated time about 59.59 seconds
1353.  
1354. Subdomain Ip address Name server
1355.  
1356. ftp.wre.gov.sd 138.128.160.2 server.click-grafix.com
1357. localhost.wre.gov.sd 127.0.0.1 localhost
1358. mail.wre.gov.sd 138.128.160.2 server.click-grafix.com
1359. test.wre.gov.sd 138.128.160.2 server.click-grafix.com
1360. webmail.wre.gov.sd 138.128.160.2 server.click-grafix.com
1361. www.wre.gov.sd 138.128.160.2 server.click-grafix.com
1362. #######################################################################################################################################
1363. =======================================================================================================================================
1364. | E-mails:
1365. | [+] E-mail Found: m@tidakada.com
1366. | [+] E-mail Found: sarvita@outshinesolutions.com
1367. | [+] E-mail Found: mailman@wre.gov.sd
1368. | [+] E-mail Found: info@sedc.com.sd
1369. | [+] E-mail Found: farisalradi@gmail.com
1370. | [+] E-mail Found: ray.s@letsbefamous.com
1371. | [+] E-mail Found: typetalk@boutrosfonts.com
1372. | [+] E-mail Found: mail@yoursite.com
1373. | [+] E-mail Found: mathewhendry@hotmail.com
1374. | [+] E-mail Found: webmaster@romeolab.com
1375. | [+] E-mail Found: info@getid3.org
1376. | [+] E-mail Found: by.marcis@gmail.com
1377. | [+] E-mail Found: info@wre.gov.sd
1378. | [+] E-mail Found: pat@example.com
1379. | [+] E-mail Found: info@wpwebshop.com
1380. | [+] E-mail Found: david@shellcreeper.com
1381. | [+] E-mail Found: pri@wre.gov.sd
1382. | [+] E-mail Found: david.warna@gmail.com
1383. | [+] E-mail Found: yaser@englize.com
1384. | [+] E-mail Found: lordamar@gmail.com
1385. | [+] E-mail Found: wordpress@blogos.dk
1386. | [+] E-mail Found: robert.buj@gmail.com
1387. | [+] E-mail Found: no@no.com
1388. | [+] E-mail Found: kopasof@gmail.com
1389. | [+] E-mail Found: kpdecker@gmail.com
1390. | [+] E-mail Found: jncs12@gmail.com
1391. =======================================================================================================================================
1392. | External hosts:
1393. | [+] External Host Found: http://www.redseastate.gov.sd
1394. | [+] External Host Found: http://www.nilebasin.org
1395. | [+] External Host Found: https://planet.wordpress.org
1396. | [+] External Host Found: https://developer.wordpress.org
1397. | [+] External Host Found: https://httpd.apache.org
1398. | [+] External Host Found: https://www.mysql.com
1399. | [+] External Host Found: https://make.wordpress.org
1400. | [+] External Host Found: http://matiasventura.com
1401. | [+] External Host Found: https://codex.wordpress.org
1402. | [+] External Host Found: http://html5shim.googlecode.com
1403. | [+] External Host Found: https://gravatar.com
1404. | [+] External Host Found: http://esudan.gov.sd
1405. | [+] External Host Found: https://&quot;gravatar.com&quot;&gt;Gravatar&lt;
1406. | [+] External Host Found: http://www.gnu.org
1407. | [+] External Host Found: http://#
1408. | [+] External Host Found: https://github.com
1409. | [+] External Host Found: http://ajax.googleapis.com
1410. | [+] External Host Found: https://cdnjs.cloudflare.com
1411. | [+] External Host Found: https://wordpress.org
1412. | [+] External Host Found: http://www.sedc.com.sd
1413. | [+] External Host Found: http://www.ersad.gov.sd
1414. | [+] External Host Found: http://www.egezira.gov.sd
1415. | [+] External Host Found: http://www.nic.gov.sd
1416. | [+] External Host Found: http://www.sudan.gov.sd
1417. | [+] External Host Found: http://css3-mediaqueries-js.googlecode.com
1418. | [+] External Host Found: http://tools.wmflabs.org
1419. | [+] External Host Found: https://secure.php.net
1420. | [+] External Host Found: http://moc.co
1421. | [+] External Host Found: http://mcit.gov.sd
1422. | [+] External Host Found: http://ar.wikipedia.org
1423. | [+] External Host Found: http://www.fjajpress.com
1424. | [+] External Host Found: https://popup-builder.com
1425. | [+] External Host Found: http://www.kibfsudan.gov.sd
1426. | [+] External Host Found: http://erasudan.com
1427. | [+] External Host Found: https://maxcdn.bootstrapcdn.com
1428. =======================================================================================================================================
1429. #######################################################################################################################################
1430. dnsenum VERSION:1.2.4
1431.  
1432. ----- wre.gov.sd -----
1433.  
1434.  
1435. Host's addresses:
1436. __________________
1437.  
1438. wre.gov.sd. 12007 IN A 138.128.160.2
1439.  
1440.  
1441. Name Servers:
1442. ______________
1443.  
1444. ns2.click-grafix.com. 81755 IN A 138.128.160.4
1445. ns1.click-grafix.com. 13670 IN A 138.128.160.3
1446.  
1447.  
1448. Mail (MX) Servers:
1449. ___________________
1450.  
1451. wre.gov.sd. 12007 IN A 138.128.160.2
1452.  
1453.  
1454. Trying Zone Transfers and getting Bind Versions:
1455. _________________________________________________
1456.  
1457.  
1458. Trying Zone Transfer for wre.gov.sd on ns2.click-grafix.com ...
1459.  
1460. Trying Zone Transfer for wre.gov.sd on ns1.click-grafix.com ...
1461.  
1462. brute force file not specified, bay.
1463. #######################################################################################################################################
1464. ===============================================
1465. -=Subfinder v1.1.3 github.com/subfinder/subfinder
1466. ===============================================
1467.  
1468.  
1469. Running Source: Ask
1470. Running Source: Archive.is
1471. Running Source: Baidu
1472. Running Source: Bing
1473. Running Source: CertDB
1474. Running Source: CertificateTransparency
1475. Running Source: Certspotter
1476. Running Source: Commoncrawl
1477. Running Source: Crt.sh
1478. Running Source: Dnsdb
1479. Running Source: DNSDumpster
1480. Running Source: DNSTable
1481. Running Source: Dogpile
1482. Running Source: Exalead
1483. Running Source: Findsubdomains
1484. Running Source: Googleter
1485. Running Source: Hackertarget
1486. Running Source: Ipv4Info
1487. Running Source: PTRArchive
1488. Running Source: Sitedossier
1489. Running Source: Threatcrowd
1490. Running Source: ThreatMiner
1491. Running Source: WaybackArchive
1492. Running Source: Yahoo
1493.  
1494. Running enumeration on wre.gov.sd
1495.  
1496. dnsdb: Unexpected return status 503
1497.  
1498. dogpile: Get https://www.dogpile.com/search/web?q=wre.gov.sd&qsi=1: EOF
1499.  
1500. waybackarchive: parse http://web.archive.org/cdx/search/cdx?url=*.wre.gov.sd/*&output=json&fl=original&collapse=urlkey&page=: net/url: invalid control character in URL
1501.  
1502.  
1503. Starting Bruteforcing of wre.gov.sd with 9985 words
1504.  
1505. Total 11 Unique subdomains found for wre.gov.sd
1506.  
1507. .wre.gov.sd
1508. cpanel.wre.gov.sd
1509. ftp.wre.gov.sd
1510. localhost.wre.gov.sd
1511. mail.wre.gov.sd
1512. test.wre.gov.sd
1513. webdisk.wre.gov.sd
1514. webmail.wre.gov.sd
1515. whm.wre.gov.sd
1516. www.wre.gov.sd
1517. www.wre.gov.sd
1518. #######################################################################################################################################
1519. [*] Processing domain wre.gov.sd
1520. [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1521. [+] Getting nameservers
1522. 138.128.160.3 - ns1.click-grafix.com
1523. 138.128.160.4 - ns2.click-grafix.com
1524. [-] Zone transfer failed
1525.  
1526. [+] TXT records found
1527. "v=spf1 +a +mx +ip4:66.7.212.159 ?all"
1528.  
1529. [+] MX records found, added to target list
1530. 0 wre.gov.sd.
1531.  
1532. [*] Scanning wre.gov.sd for A records
1533. 138.128.160.2 - wre.gov.sd
1534. 138.128.160.2 - ftp.wre.gov.sd
1535. 127.0.0.1 - localhost.wre.gov.sd
1536. 138.128.160.2 - mail.wre.gov.sd
1537. 138.128.160.2 - test.wre.gov.sd
1538. 138.128.160.2 - webmail.wre.gov.sd
1539. 138.128.160.2 - www.wre.gov.sd
1540. #######################################################################################################################################
1541. [*] Found SPF record:
1542. [*] v=spf1 +a +mx +ip4:66.7.212.159 ?all
1543. [+] SPF record has no All string
1544. [*] Checking SPF include mechanisms
1545. [*] Include mechanisms are not strong
1546. [*] No DMARC record found. Looking for organizational record
1547. [+] No organizational DMARC record
1548. [+] Spoofing possible for wre.gov.sd!
1549. #######################################################################################################################################
1550. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 00:33 EDT
1551. Nmap scan report for wre.gov.sd (138.128.160.2)
1552. Host is up (0.064s latency).
1553. rDNS record for 138.128.160.2: server.click-grafix.com
1554. Not shown: 457 filtered ports, 9 closed ports
1555. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1556. PORT STATE SERVICE
1557. 21/tcp open ftp
1558. 53/tcp open domain
1559. 80/tcp open http
1560. 110/tcp open pop3
1561. 143/tcp open imap
1562. 443/tcp open https
1563. 465/tcp open smtps
1564. 587/tcp open submission
1565. 993/tcp open imaps
1566. 995/tcp open pop3s
1567. #######################################################################################################################################
1568. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 00:33 EDT
1569. Nmap scan report for wre.gov.sd (138.128.160.2)
1570. Host is up (0.030s latency).
1571. rDNS record for 138.128.160.2: server.click-grafix.com
1572. Not shown: 2 filtered ports
1573. PORT STATE SERVICE
1574. 53/udp open domain
1575. 67/udp open|filtered dhcps
1576. 68/udp open|filtered dhcpc
1577. 69/udp open|filtered tftp
1578. 88/udp open|filtered kerberos-sec
1579. 123/udp open|filtered ntp
1580. 139/udp open|filtered netbios-ssn
1581. 161/udp open|filtered snmp
1582. 162/udp open|filtered snmptrap
1583. 389/udp open|filtered ldap
1584. 520/udp open|filtered route
1585. 2049/udp open|filtered nfs
1586. #######################################################################################################################################
1587. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 00:33 EDT
1588. Nmap scan report for wre.gov.sd (138.128.160.2)
1589. Host is up (0.066s latency).
1590. rDNS record for 138.128.160.2: server.click-grafix.com
1591.  
1592. PORT STATE SERVICE VERSION
1593. 21/tcp open ftp Pure-FTPd
1594. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1595. Device type: general purpose
1596. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
1597. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
1598. Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (91%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 (86%), Linux 3.10 - 3.16 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
1599. No exact OS matches for host (test conditions non-ideal).
1600. Network Distance: 16 hops
1601.  
1602. TRACEROUTE (using port 21/tcp)
1603. HOP RTT ADDRESS
1604. 1 27.22 ms 10.248.200.1
1605. 2 27.48 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1606. 3 36.56 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1607. 4 27.27 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1608. 5 28.38 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1609. 6 28.00 ms be2090.ccr22.ymq01.atlas.cogentco.com (154.54.45.117)
1610. 7 32.80 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1611. 8 35.78 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
1612. 9 44.02 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
1613. 10 55.48 ms be2113.ccr42.atl01.atlas.cogentco.com (154.54.24.222)
1614. 11 57.03 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
1615. 12 60.93 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
1616. 13 62.74 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1617. 14 64.71 ms 38.104.89.26
1618. 15 63.94 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1619. 16 67.43 ms server.click-grafix.com (138.128.160.2)
1620. #######################################################################################################################################
1621. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 00:45 EDT
1622. Nmap scan report for wre.gov.sd (138.128.160.2)
1623. Host is up (0.063s latency).
1624. rDNS record for 138.128.160.2: server.click-grafix.com
1625.  
1626. PORT STATE SERVICE VERSION
1627. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1628. |_dns-fuzz: Server didn't response to our probe, can't fuzz
1629. | dns-nsec-enum:
1630. |_ No NSEC records found
1631. | dns-nsec3-enum:
1632. |_ DNSSEC NSEC3 not supported
1633. | dns-nsid:
1634. |_ bind.version: 9.9.4-RedHat-9.9.4-73.el7_6
1635. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1636. Device type: general purpose|storage-misc|firewall
1637. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (92%), Synology DiskStation Manager 5.X (87%), WatchGuard Fireware 11.X (85%), FreeBSD 6.X (85%)
1638. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/o:freebsd:freebsd:6.2
1639. Aggressive OS guesses: Linux 3.10 - 3.12 (92%), Linux 4.4 (92%), Linux 2.6.18 - 2.6.22 (90%), Linux 4.9 (90%), Linux 2.6.18 (87%), Linux 3.10 - 3.16 (87%), Linux 3.10 - 4.11 (87%), Linux 3.11 - 4.1 (87%), Linux 3.2 - 4.9 (87%), Linux 4.0 (87%)
1640. No exact OS matches for host (test conditions non-ideal).
1641. Network Distance: 16 hops
1642. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1643.  
1644. Host script results:
1645. | dns-brute:
1646. |_ DNS Brute-force hostnames: No results.
1647.  
1648. TRACEROUTE (using port 53/tcp)
1649. HOP RTT ADDRESS
1650. 1 30.35 ms 10.248.200.1
1651. 2 44.71 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1652. 3 34.56 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1653. 4 30.40 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1654. 5 30.74 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1655. 6 30.72 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
1656. 7 36.56 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1657. 8 38.76 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
1658. 9 47.11 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
1659. 10 57.43 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
1660. 11 57.00 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
1661. 12 59.97 ms be3641.rcr52.mco01.atlas.cogentco.com (154.24.22.125)
1662. 13 61.14 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1663. 14 63.78 ms 38.104.89.26
1664. 15 68.92 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1665. 16 63.79 ms server.click-grafix.com (138.128.160.2)
1666. #######################################################################################################################################
1667. wig - WebApp Information Gatherer
1668.  
1669.  
1670. Scanning http://wre.gov.sd...
1671. _______________________________ SITE INFO ________________________________
1672. IP Title
1673. 138.128.160.2 وزارة الموارد المائية والري والكهرباء |
1674.  
1675. ________________________________ VERSION _________________________________
1676. Name Versions Type
1677. WordPress 4.9.10 CMS
1678. PHP 5.6.40 Platform
1679.  
1680. ______________________________ INTERESTING _______________________________
1681. URL Note Type
1682. /readme.html Readme file Interesting
1683. /robots.txt robots.txt index Interesting
1684. /login/ Login Page Interesting
1685.  
1686. _________________________________ TOOLS __________________________________
1687. Name Link Software
1688. wpscan https://github.com/wpscanteam/wpscan WordPress
1689. CMSmap https://github.com/Dionach/CMSmap WordPress
1690.  
1691. __________________________________________________________________________
1692. Time: 213.6 sec Urls: 293 Fingerprints: 40401
1693. #######################################################################################################################################
1694. HTTP/1.1 200 OK
1695. Date: Thu, 02 May 2019 04:51:24 GMT
1696. X-Powered-By: PHP/5.6.40
1697. Link: <http://wre.gov.sd/wp-json/>; rel="https://api.w.org/"
1698. Set-Cookie: qtrans_front_language=ar; expires=Fri, 01-May-2020 04:51:26 GMT; Max-Age=31536000; path=/
1699. Referrer-Policy: no-referrer-when-downgrade
1700. Content-Type: text/html; charset=UTF-8
1701. Connection: keep-alive
1702.  
1703. HTTP/1.1 200 OK
1704. Date: Thu, 02 May 2019 04:51:28 GMT
1705. X-Powered-By: PHP/5.6.40
1706. Link: <http://wre.gov.sd/wp-json/>; rel="https://api.w.org/"
1707. Set-Cookie: qtrans_front_language=ar; expires=Fri, 01-May-2020 04:51:30 GMT; Max-Age=31536000; path=/
1708. Referrer-Policy: no-referrer-when-downgrade
1709. Content-Type: text/html; charset=UTF-8
1710. Connection: keep-alive
1711. #######################################################################################################################################
1712. jQuery 1.4.1
1713. jQuery Migrate
1714. Google Font API
1715. W3 Total Cache
1716. PHP 5.6.40
1717. jQuery UI
1718. WordPress
1719. #######################################################################################################################################
1720. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 00:52 EDT
1721. Nmap scan report for wre.gov.sd (138.128.160.2)
1722. Host is up (0.034s latency).
1723. rDNS record for 138.128.160.2: server.click-grafix.com
1724.  
1725. PORT STATE SERVICE VERSION
1726. 110/tcp open pop3 Dovecot pop3d
1727. | pop3-brute:
1728. | Accounts: No valid accounts found
1729. | Statistics: Performed 71 guesses in 55 seconds, average tps: 1.2
1730. |_ ERROR: Failed to connect.
1731. |_pop3-capabilities: TOP STLS CAPA SASL(PLAIN LOGIN) UIDL PIPELINING AUTH-RESP-CODE USER RESP-CODES
1732. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1733. Device type: general purpose|storage-misc|firewall
1734. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (92%), Synology DiskStation Manager 5.X (86%), WatchGuard Fireware 11.X (86%), FreeBSD 6.X (85%)
1735. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/o:freebsd:freebsd:6.2
1736. Aggressive OS guesses: Linux 3.10 - 3.12 (92%), Linux 4.4 (92%), Linux 4.9 (91%), Linux 2.6.18 - 2.6.22 (90%), Linux 3.10 (87%), Linux 3.10 - 3.16 (87%), Linux 4.0 (87%), Linux 2.6.18 (86%), Linux 3.10 - 4.11 (86%), Linux 3.11 - 4.1 (86%)
1737. No exact OS matches for host (test conditions non-ideal).
1738. Network Distance: 1 hop
1739.  
1740. TRACEROUTE (using port 80/tcp)
1741. HOP RTT ADDRESS
1742. 1 27.03 ms server.click-grafix.com (138.128.160.2)
1743. #######################################################################################################################################
1744. https://wre.gov.sd [200 OK] All-in-one-SEO-Pack[2.12], Apache, Cookies[qtrans_front_language], Country[UNITED STATES][US], Email[info@wre.gov.sd], Google-API[ajax/libs/jquery/1.4.1/jquery.min.js], HTML5, HTTPServer[Apache], IP[138.128.160.2], JQuery[1.12.4], MetaGenerator[WordPress 4.9.10,qTranslate-X 3.4.6.8], PHP[5.6.40], PoweredBy[:], Script[text/javascript], Title[وزارة الموارد المائية والري والكهرباء |], UncommonHeaders[link,referrer-policy], WordPress[4.9.10], X-Powered-By[PHP/5.6.40]
1745. #######################################################################################################################################
1746. jQuery 1.4.1
1747. jQuery Migrate
1748. Google Font API
1749. Apache
1750. PHP 5.6.40
1751. W3 Total Cache
1752. jQuery UI
1753. WordPress
1754. #######################################################################################################################################
1755. Version: 1.11.13-static
1756. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1757.  
1758. Connected to 138.128.160.2
1759.  
1760. Testing SSL server wre.gov.sd on port 443 using SNI name wre.gov.sd
1761.  
1762. TLS Fallback SCSV:
1763. Server supports TLS Fallback SCSV
1764.  
1765. TLS renegotiation:
1766. Secure session renegotiation supported
1767.  
1768. TLS Compression:
1769. Compression disabled
1770.  
1771. Heartbleed:
1772. TLS 1.2 not vulnerable to heartbleed
1773. TLS 1.1 not vulnerable to heartbleed
1774. TLS 1.0 not vulnerable to heartbleed
1775.  
1776. Supported Server Cipher(s):
1777. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1778. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1779. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1780. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
1781. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
1782. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1783. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1784. Accepted TLSv1.2 256 bits AES256-SHA256
1785. Accepted TLSv1.2 256 bits AES256-SHA
1786. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1787. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1788. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1789. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
1790. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
1791. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1792. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1793. Accepted TLSv1.2 128 bits AES128-SHA256
1794. Accepted TLSv1.2 128 bits AES128-SHA
1795. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1796. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1797. Accepted TLSv1.2 112 bits DES-CBC3-SHA
1798. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1799. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1800. Accepted TLSv1.1 256 bits AES256-SHA
1801. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1802. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1803. Accepted TLSv1.1 128 bits AES128-SHA
1804. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1805. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1806. Accepted TLSv1.1 112 bits DES-CBC3-SHA
1807. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1808. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
1809. Accepted TLSv1.0 256 bits AES256-SHA
1810. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1811. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
1812. Accepted TLSv1.0 128 bits AES128-SHA
1813. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
1814. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
1815. Accepted TLSv1.0 112 bits DES-CBC3-SHA
1816.  
1817. SSL Certificate:
1818. Signature Algorithm: sha256WithRSAEncryption
1819. RSA Key Strength: 2048
1820.  
1821. Subject: med.gov.sd
1822. Altnames: DNS:med.gov.sd, DNS:mail.med.gov.sd, DNS:mail.wre.gov.sd, DNS:wre.gov.sd, DNS:www.med.gov.sd, DNS:www.wre.gov.sd
1823. Issuer: med.gov.sd
1824.  
1825. Not valid before: Aug 12 18:01:00 2017 GMT
1826. Not valid after: Aug 12 18:01:00 2018 GMT
1827. #######################################################################################################################################
1828. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:05 EDT
1829. Nmap scan report for server.click-grafix.com (138.128.160.2)
1830. Host is up (0.067s latency).
1831. Not shown: 460 filtered ports, 9 closed ports
1832. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1833. PORT STATE SERVICE
1834. 53/tcp open domain
1835. 80/tcp open http
1836. 143/tcp open imap
1837. 443/tcp open https
1838. 465/tcp open smtps
1839. 587/tcp open submission
1840. 993/tcp open imaps
1841. #######################################################################################################################################
1842. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:05 EDT
1843. Nmap scan report for server.click-grafix.com (138.128.160.2)
1844. Host is up (0.028s latency).
1845. Not shown: 2 filtered ports
1846. PORT STATE SERVICE
1847. 53/udp open domain
1848. 67/udp open|filtered dhcps
1849. 68/udp open|filtered dhcpc
1850. 69/udp open|filtered tftp
1851. 88/udp open|filtered kerberos-sec
1852. 123/udp open|filtered ntp
1853. 139/udp open|filtered netbios-ssn
1854. 161/udp open|filtered snmp
1855. 162/udp open|filtered snmptrap
1856. 389/udp open|filtered ldap
1857. 520/udp open|filtered route
1858. 2049/udp open|filtered nfs
1859. #######################################################################################################################################
1860. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:05 EDT
1861. Nmap scan report for server.click-grafix.com (138.128.160.2)
1862. Host is up (0.066s latency).
1863.  
1864. PORT STATE SERVICE VERSION
1865. 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1866. |_dns-fuzz: Server didn't response to our probe, can't fuzz
1867. | dns-nsec-enum:
1868. |_ No NSEC records found
1869. | dns-nsec3-enum:
1870. |_ DNSSEC NSEC3 not supported
1871. | dns-nsid:
1872. |_ bind.version: 9.9.4-RedHat-9.9.4-73.el7_6
1873. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1874. Device type: general purpose
1875. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (89%)
1876. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.9 cpe:/o:linux:linux_kernel:2.6
1877. Aggressive OS guesses: Linux 3.10 - 3.12 (89%), Linux 4.9 (89%), Linux 4.4 (88%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
1878. No exact OS matches for host (test conditions non-ideal).
1879. Network Distance: 16 hops
1880. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1881.  
1882. Host script results:
1883. | dns-brute:
1884. | DNS Brute-force hostnames:
1885. | www.click-grafix.com - 138.128.160.2
1886. | ftp.click-grafix.com - 138.128.160.2
1887. | ns1.click-grafix.com - 138.128.160.3
1888. | ns2.click-grafix.com - 138.128.160.4
1889. | server.click-grafix.com - 138.128.160.2
1890. |_ mail.click-grafix.com - 138.128.160.2
1891.  
1892. TRACEROUTE (using port 53/tcp)
1893. HOP RTT ADDRESS
1894. 1 21.82 ms 10.248.200.1
1895. 2 22.17 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1896. 3 29.31 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1897. 4 21.89 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1898. 5 22.63 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1899. 6 22.67 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
1900. 7 27.63 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1901. 8 30.64 ms be2916.ccr42.jfk02.atlas.cogentco.com (154.54.41.62)
1902. 9 38.44 ms be2807.ccr42.dca01.atlas.cogentco.com (154.54.40.110)
1903. 10 48.74 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
1904. 11 59.48 ms be2785.rcr21.jax01.atlas.cogentco.com (154.54.28.110)
1905. 12 64.78 ms be3641.rcr52.mco01.atlas.cogentco.com (154.24.22.125)
1906. 13 65.53 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1907. 14 67.49 ms 38.104.89.26
1908. 15 77.50 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1909. 16 67.76 ms server.click-grafix.com (138.128.160.2)
1910. #######################################################################################################################################
1911. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:06 EDT
1912. Nmap scan report for server.click-grafix.com (138.128.160.2)
1913. Host is up (0.063s latency).
1914.  
1915. PORT STATE SERVICE VERSION
1916. 67/udp open|filtered dhcps
1917. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1918. Too many fingerprints match this host to give specific OS details
1919. Network Distance: 16 hops
1920.  
1921. TRACEROUTE (using proto 1/icmp)
1922. HOP RTT ADDRESS
1923. 1 27.29 ms 10.248.200.1
1924. 2 53.89 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1925. 3 46.09 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1926. 4 27.71 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1927. 5 27.97 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1928. 6 27.95 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
1929. 7 33.33 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1930. 8 35.92 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
1931. 9 37.19 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
1932. 10 47.97 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
1933. 11 56.04 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
1934. 12 59.96 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
1935. 13 60.17 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1936. 14 62.00 ms 38.104.89.26
1937. 15 158.80 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1938. 16 63.95 ms server.click-grafix.com (138.128.160.2)
1939. #######################################################################################################################################
1940. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:08 EDT
1941. Nmap scan report for server.click-grafix.com (138.128.160.2)
1942. Host is up (0.064s latency).
1943.  
1944. PORT STATE SERVICE VERSION
1945. 68/udp open|filtered dhcpc
1946. Too many fingerprints match this host to give specific OS details
1947. Network Distance: 16 hops
1948.  
1949. TRACEROUTE (using proto 1/icmp)
1950. HOP RTT ADDRESS
1951. 1 22.21 ms 10.248.200.1
1952. 2 22.57 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1953. 3 35.42 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1954. 4 22.27 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1955. 5 22.91 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1956. 6 22.88 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
1957. 7 27.87 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1958. 8 30.81 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
1959. 9 38.47 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
1960. 10 55.97 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
1961. 11 56.42 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
1962. 12 59.59 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
1963. 13 60.79 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1964. 14 62.73 ms 38.104.89.26
1965. 15 157.76 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1966. 16 62.45 ms server.click-grafix.com (138.128.160.2)
1967. #######################################################################################################################################
1968. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:10 EDT
1969. Nmap scan report for server.click-grafix.com (138.128.160.2)
1970. Host is up (0.063s latency).
1971.  
1972. PORT STATE SERVICE VERSION
1973. 69/udp open|filtered tftp
1974. Too many fingerprints match this host to give specific OS details
1975. Network Distance: 16 hops
1976.  
1977. TRACEROUTE (using proto 1/icmp)
1978. HOP RTT ADDRESS
1979. 1 26.82 ms 10.248.200.1
1980. 2 27.36 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
1981. 3 70.79 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
1982. 4 27.21 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
1983. 5 27.59 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
1984. 6 27.80 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
1985. 7 26.69 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
1986. 8 29.66 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
1987. 9 36.66 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
1988. 10 47.37 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
1989. 11 59.26 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
1990. 12 65.83 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
1991. 13 65.82 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
1992. 14 67.43 ms 38.104.89.26
1993. 15 120.39 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
1994. 16 65.93 ms server.click-grafix.com (138.128.160.2)
1995. #######################################################################################################################################
1996. HTTP/1.1 200 OK
1997. Date: Thu, 02 May 2019 05:12:44 GMT
1998. Last-Modified: Wed, 30 Jan 2019 02:03:25 GMT
1999. ETag: "70a0253-a3-580a350ab9540"
2000. Accept-Ranges: bytes
2001. Content-Length: 163
2002. Content-Type: text/html
2003. Connection: keep-alive
2004.  
2005. HTTP/1.1 200 OK
2006. Date: Thu, 02 May 2019 05:12:45 GMT
2007. Last-Modified: Wed, 30 Jan 2019 02:03:25 GMT
2008. ETag: "70a0253-a3-580a350ab9540"
2009. Accept-Ranges: bytes
2010. Content-Length: 163
2011. Content-Type: text/html
2012. Connection: keep-alive
2013. #######################################################################################################################################
2014. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:12 EDT
2015. Nmap scan report for server.click-grafix.com (138.128.160.2)
2016. Host is up (0.063s latency).
2017.  
2018. PORT STATE SERVICE VERSION
2019. 123/udp open|filtered ntp
2020. Too many fingerprints match this host to give specific OS details
2021. Network Distance: 16 hops
2022.  
2023. TRACEROUTE (using proto 1/icmp)
2024. HOP RTT ADDRESS
2025. 1 23.36 ms 10.248.200.1
2026. 2 23.81 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2027. 3 38.11 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2028. 4 23.65 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2029. 5 24.27 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2030. 6 24.24 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2031. 7 29.12 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
2032. 8 31.95 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
2033. 9 39.37 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
2034. 10 50.60 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
2035. 11 58.37 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
2036. 12 60.40 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
2037. 13 61.60 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
2038. 14 63.44 ms 38.104.89.26
2039. 15 207.80 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
2040. 16 63.44 ms server.click-grafix.com (138.128.160.2)
2041. #######################################################################################################################################
2042. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:14 EDT
2043. Nmap scan report for server.click-grafix.com (138.128.160.2)
2044. Host is up (0.042s latency).
2045.  
2046. PORT STATE SERVICE VERSION
2047. 161/tcp filtered snmp
2048. 161/udp open|filtered snmp
2049. Too many fingerprints match this host to give specific OS details
2050. Network Distance: 16 hops
2051.  
2052. TRACEROUTE (using proto 1/icmp)
2053. HOP RTT ADDRESS
2054. 1 26.07 ms 10.248.200.1
2055. 2 26.13 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2056. 3 42.24 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2057. 4 26.55 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2058. 5 26.53 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2059. 6 26.18 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2060. 7 31.69 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
2061. 8 34.48 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
2062. 9 41.73 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
2063. 10 54.19 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
2064. 11 61.75 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
2065. 12 67.04 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
2066. 13 67.04 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
2067. 14 76.93 ms 38.104.89.26
2068. 15 194.16 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
2069. 16 64.13 ms server.click-grafix.com (138.128.160.2)
2070. #######################################################################################################################################
2071. OWL Carousel
2072. Bootstrap
2073. prettyPhoto
2074. Apache
2075. PHP 5.6.40
2076. jQuery 3.3.1
2077. #######################################################################################################################################
2078. Version: 1.11.13-static
2079. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2080.  
2081. Connected to 138.128.160.2
2082.  
2083. Testing SSL server 138.128.160.2 on port 443 using SNI name 138.128.160.2
2084.  
2085. TLS Fallback SCSV:
2086. Server supports TLS Fallback SCSV
2087.  
2088. TLS renegotiation:
2089. Secure session renegotiation supported
2090.  
2091. TLS Compression:
2092. Compression disabled
2093.  
2094. Heartbleed:
2095. TLS 1.2 not vulnerable to heartbleed
2096. TLS 1.1 not vulnerable to heartbleed
2097. TLS 1.0 not vulnerable to heartbleed
2098.  
2099. Supported Server Cipher(s):
2100. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2101. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2102. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2103. Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2104. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2105. Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2106. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2107. Accepted TLSv1.2 256 bits AES256-SHA256
2108. Accepted TLSv1.2 256 bits AES256-SHA
2109. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2110. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2111. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2112. Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2113. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2114. Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2115. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2116. Accepted TLSv1.2 128 bits AES128-SHA256
2117. Accepted TLSv1.2 128 bits AES128-SHA
2118. Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2119. Accepted TLSv1.2 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2120. Accepted TLSv1.2 112 bits DES-CBC3-SHA
2121. Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2122. Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2123. Accepted TLSv1.1 256 bits AES256-SHA
2124. Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2125. Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2126. Accepted TLSv1.1 128 bits AES128-SHA
2127. Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2128. Accepted TLSv1.1 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2129. Accepted TLSv1.1 112 bits DES-CBC3-SHA
2130. Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2131. Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2132. Accepted TLSv1.0 256 bits AES256-SHA
2133. Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2134. Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2135. Accepted TLSv1.0 128 bits AES128-SHA
2136. Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2137. Accepted TLSv1.0 112 bits EDH-RSA-DES-CBC3-SHA DHE 2048 bits
2138. Accepted TLSv1.0 112 bits DES-CBC3-SHA
2139.  
2140. SSL Certificate:
2141. Signature Algorithm: sha256WithRSAEncryption
2142. RSA Key Strength: 2048
2143.  
2144. Subject: abaad.sd
2145. Altnames: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
2146. Issuer: abaad.sd
2147.  
2148. Not valid before: Aug 12 11:26:16 2017 GMT
2149. Not valid after: Aug 12 11:26:16 2018 GMT
2150. #######################################################################################################################################
2151. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:19 EDT
2152. NSE: Loaded 148 scripts for scanning.
2153. NSE: Script Pre-scanning.
2154. NSE: Starting runlevel 1 (of 2) scan.
2155. Initiating NSE at 01:19
2156. Completed NSE at 01:19, 0.00s elapsed
2157. NSE: Starting runlevel 2 (of 2) scan.
2158. Initiating NSE at 01:19
2159. Completed NSE at 01:19, 0.00s elapsed
2160. Initiating Ping Scan at 01:19
2161. Scanning 138.128.160.2 [4 ports]
2162. Completed Ping Scan at 01:19, 0.06s elapsed (1 total hosts)
2163. Initiating Parallel DNS resolution of 1 host. at 01:19
2164. Completed Parallel DNS resolution of 1 host. at 01:19, 0.03s elapsed
2165. Initiating Connect Scan at 01:19
2166. Scanning server.click-grafix.com (138.128.160.2) [65535 ports]
2167. Discovered open port 80/tcp on 138.128.160.2
2168. Discovered open port 53/tcp on 138.128.160.2
2169. Discovered open port 443/tcp on 138.128.160.2
2170. Discovered open port 143/tcp on 138.128.160.2
2171. Discovered open port 993/tcp on 138.128.160.2
2172. Discovered open port 587/tcp on 138.128.160.2
2173. Discovered open port 2083/tcp on 138.128.160.2
2174. Discovered open port 2095/tcp on 138.128.160.2
2175. Discovered open port 2077/tcp on 138.128.160.2
2176. Discovered open port 2082/tcp on 138.128.160.2
2177. Discovered open port 2079/tcp on 138.128.160.2
2178. Discovered open port 2087/tcp on 138.128.160.2
2179. Discovered open port 2080/tcp on 138.128.160.2
2180. Connect Scan Timing: About 51.88% done; ETC: 01:20 (0:00:37 remaining)
2181. Connect Scan Timing: About 42.34% done; ETC: 01:22 (0:01:35 remaining)
2182. Connect Scan Timing: About 59.11% done; ETC: 01:22 (0:01:09 remaining)
2183. Discovered open port 2078/tcp on 138.128.160.2
2184. Discovered open port 2096/tcp on 138.128.160.2
2185. Discovered open port 465/tcp on 138.128.160.2
2186. Discovered open port 1157/tcp on 138.128.160.2
2187. Connect Scan Timing: About 78.23% done; ETC: 01:22 (0:00:40 remaining)
2188. Connect Scan Timing: About 84.02% done; ETC: 01:22 (0:00:36 remaining)
2189. Discovered open port 2086/tcp on 138.128.160.2
2190. Completed Connect Scan at 01:22, 214.51s elapsed (65535 total ports)
2191. Initiating Service scan at 01:22
2192. Scanning 18 services on server.click-grafix.com (138.128.160.2)
2193. Service scan Timing: About 61.11% done; ETC: 01:26 (0:01:32 remaining)
2194. Completed Service scan at 01:25, 145.88s elapsed (18 services on 1 host)
2195. Initiating OS detection (try #1) against server.click-grafix.com (138.128.160.2)
2196. adjust_timeouts2: packet supposedly had rtt of -685565 microseconds. Ignoring time.
2197. adjust_timeouts2: packet supposedly had rtt of -685565 microseconds. Ignoring time.
2198. Retrying OS detection (try #2) against server.click-grafix.com (138.128.160.2)
2199. adjust_timeouts2: packet supposedly had rtt of -688589 microseconds. Ignoring time.
2200. adjust_timeouts2: packet supposedly had rtt of -688589 microseconds. Ignoring time.
2201. Initiating Traceroute at 01:25
2202. Completed Traceroute at 01:25, 0.30s elapsed
2203. Initiating Parallel DNS resolution of 16 hosts. at 01:25
2204. Completed Parallel DNS resolution of 16 hosts. at 01:25, 2.53s elapsed
2205. NSE: Script scanning 138.128.160.2.
2206. NSE: Starting runlevel 1 (of 2) scan.
2207. Initiating NSE at 01:25
2208. NSE Timing: About 99.22% done; ETC: 01:25 (0:00:00 remaining)
2209. NSE Timing: About 99.47% done; ETC: 01:26 (0:00:00 remaining)
2210. Completed NSE at 01:26, 70.27s elapsed
2211. NSE: Starting runlevel 2 (of 2) scan.
2212. Initiating NSE at 01:26
2213. Completed NSE at 01:26, 1.08s elapsed
2214. Nmap scan report for server.click-grafix.com (138.128.160.2)
2215. Host is up, received reset ttl 64 (0.067s latency).
2216. Scanned at 2019-05-02 01:19:16 EDT for 439s
2217. Not shown: 63511 filtered ports, 2006 closed ports
2218. Reason: 63511 no-responses and 2006 conn-refused
2219. PORT STATE SERVICE REASON VERSION
2220. 53/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2221. | dns-nsid:
2222. |_ bind.version: 9.9.4-RedHat-9.9.4-73.el7_6
2223. 80/tcp open http syn-ack Fortinet FortiGate 50B or FortiWifi 60C or 80C firewall http config
2224. | http-methods:
2225. | Supported Methods: OPTIONS HEAD GET POST TRACE
2226. |_ Potentially risky methods: TRACE
2227. |_http-title: Site doesn't have a title (text/html).
2228. 143/tcp open imap syn-ack Dovecot imapd
2229. |_imap-capabilities: NAMESPACE STARTTLS AUTH=LOGINA0001 capabilities listed ENABLE LITERAL+ Pre-login post-login IMAP4rev1 AUTH=PLAIN IDLE SASL-IR have ID LOGIN-REFERRALS more OK
2230. |_ssl-date: TLS randomness does not represent time
2231. 443/tcp open ssl/http syn-ack Apache httpd (PHP 5.6.40)
2232. | http-methods:
2233. | Supported Methods: OPTIONS HEAD GET POST TRACE
2234. |_ Potentially risky methods: TRACE
2235. |_http-server-header: Apache
2236. |_http-title: Site doesn't have a title (text/html).
2237. | ssl-cert: Subject: commonName=abaad.sd
2238. | Subject Alternative Name: DNS:abaad.sd, DNS:mail.abaad.sd, DNS:www.abaad.sd
2239. | Issuer: commonName=abaad.sd
2240. | Public Key type: rsa
2241. | Public Key bits: 2048
2242. | Signature Algorithm: sha256WithRSAEncryption
2243. | Not valid before: 2017-08-12T11:26:16
2244. | Not valid after: 2018-08-12T11:26:16
2245. | MD5: 78ae d5d8 edd0 888b fec7 66d8 0056 3b28
2246. | SHA-1: 416a 957b 5935 e3d6 4c9c 2ee7 6f20 b970 269e 26a3
2247. | -----BEGIN CERTIFICATE-----
2248. | MIIDJDCCAgygAwIBAgIFAOx/YEowDQYJKoZIhvcNAQELBQAwEzERMA8GA1UEAwwI
2249. | YWJhYWQuc2QwHhcNMTcwODEyMTEyNjE2WhcNMTgwODEyMTEyNjE2WjATMREwDwYD
2250. | VQQDDAhhYmFhZC5zZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDM
2251. | hJz/G2HEm8jAf+I1DAmSdfiiNOZSNE31cQc/32KppLnMEoZE2rflf8pwF/MHZi4V
2252. | rWmtYNCeKLIH50bEL5eeLZBNa2xJf7lbAjvLSzVFus+nzH8B9MAjAuiLu4DuJSkX
2253. | Ld6sS0CACCeicThyxqhQJtjdJJLTMcd6BPJMdJXRznQNC5zEZQoOfRSzoLojIckl
2254. | 4FIrYhSSTm2MGy0FbpvV61kpb2a9pOi3+Zw4ZcUslbAZ00xtHTaG9fr/IS+d56rd
2255. | 9VuuThACMcTb/K5W5PutioiqoTPE8eh8q9OPu8A1IlcAffpKGuUqze5iSAtbU7Aa
2256. | TUenAQFoiPQPuhxsbDECAwEAAaN/MH0wHQYDVR0OBBYEFNreitXDTP70QyKQDCQj
2257. | Z8IWfFM7MB8GA1UdIwQYMBaAFNreitXDTP70QyKQDCQjZ8IWfFM7MAkGA1UdEwQC
2258. | MAAwMAYDVR0RBCkwJ4IIYWJhYWQuc2SCDW1haWwuYWJhYWQuc2SCDHd3dy5hYmFh
2259. | ZC5zZDANBgkqhkiG9w0BAQsFAAOCAQEAJdFK5DKTRSfkSTWe+E9oqV5+dwesfRdA
2260. | yyEDSv0zHn8ByPjC5ZfCOadmuZ7f2Z7tQVxvhfQS20NPXjzLut7/zuzH2GlXItwT
2261. | EZX/bZWueBB8crmtfTwFdnHDfk/lYs6vXwPy+xYpReuUGUqeDAuWpuxYgmTnzSsV
2262. | isZxoWqxXPOmpLao1wSf+SAmBZogUKiB/FmCLdcpmekX+HSQuQzYvouSfbKX1wbd
2263. | CfWHi5/Qe66YXFHIIyQJKaEdaNyFgwaJsyRhXTMiMvwVX27SYQJFdnuVdxBM/NwL
2264. | IYruPIROB+wvh4JDEW1dr/JnlYr1+czZad2ZGGm1H2xU7wIcWiSK3Q==
2265. |_-----END CERTIFICATE-----
2266. |_ssl-date: TLS randomness does not represent time
2267.  
2268. 465/tcp open ssl/smtp syn-ack Exim smtpd 4.91
2269. | smtp-commands: server.click-grafix.com Hello server.click-grafix.com [176.113.74.56], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
2270. |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2271. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2272. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2273. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2274. | Public Key type: rsa
2275. | Public Key bits: 2048
2276. | Signature Algorithm: sha256WithRSAEncryption
2277. | Not valid before: 2018-07-24T00:00:00
2278. | Not valid after: 2019-07-24T23:59:59
2279. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2280. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2281. | -----BEGIN CERTIFICATE-----
2282. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2283. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2284. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2285. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2286. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2287. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2288. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2289. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2290. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2291. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2292. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2293. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2294. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2295. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2296. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2297. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2298. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2299. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2300. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2301. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2302. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2303. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2304. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2305. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2306. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2307. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2308. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2309. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2310. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2311. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2312. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2313. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2314. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2315. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2316. |_-----END CERTIFICATE-----
2317. |_ssl-date: TLS randomness does not represent time
2318. 587/tcp open smtp syn-ack Exim smtpd 4.91
2319. | smtp-commands: server.click-grafix.com Hello server.click-grafix.com [176.113.74.56], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
2320. |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2321. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2322. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2323. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2324. | Public Key type: rsa
2325. | Public Key bits: 2048
2326. | Signature Algorithm: sha256WithRSAEncryption
2327. | Not valid before: 2018-07-24T00:00:00
2328. | Not valid after: 2019-07-24T23:59:59
2329. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2330. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2331. | -----BEGIN CERTIFICATE-----
2332. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2333. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2334. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2335. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2336. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2337. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2338. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2339. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2340. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2341. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2342. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2343. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2344. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2345. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2346. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2347. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2348. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2349. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2350. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2351. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2352. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2353. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2354. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2355. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2356. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2357. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2358. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2359. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2360. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2361. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2362. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2363. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2364. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2365. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2366. |_-----END CERTIFICATE-----
2367. |_ssl-date: TLS randomness does not represent time
2368. 993/tcp open ssl/imaps? syn-ack
2369. |_ssl-date: TLS randomness does not represent time
2370. 1157/tcp open ssh syn-ack OpenSSH 7.4 (protocol 2.0)
2371. | ssh-hostkey:
2372. | 2048 dd:76:ae:9c:27:5b:3b:d5:21:05:1d:ab:8e:b8:be:83 (RSA)
2373. | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDNqsLBZAzq1TYBDQwN5chzIXMlb0AR8a1C3j0xC4xUaiPlF8i0YueuVFPMPuPOgCnMIzVUB0Zss4wqCrRpeedsr4M5e8kpde40sTAKbrKb5NfmhBSWkb3VjSyOOreeQFgVriqHyHAI778yrMYxtc6psP3ZQ82ObeBjWC3sW6rf1G4cLx2puAaVSqz0QMBWKvv9uaASxHu0RDL5lAIYL7YJsS5oLQQNtDni2mNP2XMd8ju5VTYinKhLtDudLvDjGb/eMt9DnhPrIVlXHsagBkCte2m6D7NSoyNSsYXQf6JZ5PjwO+nADsH3neet4vVvJZnMqzwIvEfCUBXRT23gK2N
2374. | 256 33:45:20:dc:87:90:71:23:82:e3:6b:eb:2c:66:4d:d1 (ECDSA)
2375. | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGNnq9X7ZxT0LAgexbPzLU6vXgiBNKIoHWeeeKISFgMFnLcE/hjlQQfFRrV79mKZKz9N7020HLkBhohs1o52y00=
2376. | 256 fa:d4:58:a1:a3:bf:61:c2:40:eb:f4:ca:81:9d:c0:7d (ED25519)
2377. |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAWVvCbUj6matw15tFBYoctI3NTFjQXWshA+rHCQR88u
2378. 2077/tcp open tsrmagt? syn-ack
2379. | fingerprint-strings:
2380. | SIPOptions:
2381. | HTTP/1.1 302 Moved
2382. | Date: Thu, 02 May 2019 05:24:23 GMT
2383. | Server: cPanel
2384. | Persistent-Auth: false
2385. | Host: server.click-grafix.com:2077
2386. | Cache-Control: no-cache, no-store, must-revalidate, private
2387. | Connection: close
2388. | Location: https://server.click-grafix.com:2078sip:nm
2389. | Vary: Accept-Encoding
2390. | Expires: Fri, 01 Jan 1990 00:00:00 GMT
2391. |_ X-Redirect-Reason: requiressl
2392. 2078/tcp open ssl/http syn-ack cPanel httpd (unauthorized)
2393. | http-auth:
2394. | HTTP/1.1 401 Unauthorized\x0D
2395. |_ Basic realm=Restricted Area
2396. | http-methods:
2397. | Supported Methods: PROPPATCH DELETE MOVE PUT HEAD UNLOCK POST OPTIONS PROPFIND GET COPY MKCOL LOCK
2398. |_ Potentially risky methods: PROPPATCH DELETE MOVE PUT UNLOCK PROPFIND COPY MKCOL LOCK
2399. |_http-server-header: cPanel
2400. |_http-title: Site doesn't have a title (text/html; charset="utf-8").
2401. | http-webdav-scan:
2402. | Server Type: cPanel
2403. | WebDAV type: Unkown
2404. | Server Date: Thu, 02 May 2019 05:25:24 GMT
2405. |_ Allowed Methods: PROPPATCH, DELETE, MOVE, PUT, HEAD, UNLOCK, POST, OPTIONS, PROPFIND, GET, COPY, MKCOL, LOCK
2406. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2407. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2408. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2409. | Public Key type: rsa
2410. | Public Key bits: 2048
2411. | Signature Algorithm: sha256WithRSAEncryption
2412. | Not valid before: 2018-07-24T00:00:00
2413. | Not valid after: 2019-07-24T23:59:59
2414. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2415. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2416. | -----BEGIN CERTIFICATE-----
2417. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2418. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2419. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2420. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2421. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2422. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2423. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2424. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2425. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2426. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2427. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2428. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2429. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2430. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2431. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2432. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2433. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2434. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2435. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2436. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2437. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2438. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2439. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2440. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2441. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2442. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2443. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2444. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2445. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2446. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2447. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2448. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2449. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2450. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2451. |_-----END CERTIFICATE-----
2452. |_ssl-date: TLS randomness does not represent time
2453. 2079/tcp open idware-router? syn-ack
2454. | fingerprint-strings:
2455. | SIPOptions:
2456. | HTTP/1.1 302 Moved
2457. | Date: Thu, 02 May 2019 05:24:23 GMT
2458. | Server: cPanel
2459. | Persistent-Auth: false
2460. | Host: server.click-grafix.com:2079
2461. | Cache-Control: no-cache, no-store, must-revalidate, private
2462. | Connection: close
2463. | Location: https://server.click-grafix.com:2080sip:nm
2464. | Vary: Accept-Encoding
2465. | Expires: Fri, 01 Jan 1990 00:00:00 GMT
2466. |_ X-Redirect-Reason: requiressl
2467. 2080/tcp open ssl/http syn-ack cPanel httpd (unauthorized)
2468. | http-auth:
2469. | HTTP/1.1 401 Unauthorized\x0D
2470. |_ Basic realm=Restricted Area
2471. |_http-server-header: cPanel
2472. |_http-title: Site doesn't have a title (text/html; charset="utf-8").
2473. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2474. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2475. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2476. | Public Key type: rsa
2477. | Public Key bits: 2048
2478. | Signature Algorithm: sha256WithRSAEncryption
2479. | Not valid before: 2018-07-24T00:00:00
2480. | Not valid after: 2019-07-24T23:59:59
2481. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2482. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2483. | -----BEGIN CERTIFICATE-----
2484. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2485. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2486. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2487. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2488. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2489. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2490. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2491. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2492. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2493. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2494. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2495. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2496. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2497. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2498. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2499. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2500. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2501. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2502. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2503. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2504. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2505. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2506. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2507. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2508. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2509. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2510. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2511. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2512. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2513. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2514. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2515. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2516. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2517. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2518. |_-----END CERTIFICATE-----
2519. |_ssl-date: TLS randomness does not represent time
2520. 2082/tcp open infowave? syn-ack
2521. | fingerprint-strings:
2522. | SIPOptions:
2523. | HTTP/1.1 301 Moved
2524. | Content-length: 129
2525. | Location: https://server.click-grafix.com:2083/sip%3anm
2526. | Content-type: text/html; charset="utf-8"
2527. | Cache-Control: no-cache, no-store, must-revalidate, private
2528. |_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://server.click-grafix.com:2083/sip%3anm"></head><body></body></html>
2529. 2083/tcp open ssl/radsec? syn-ack
2530. | fingerprint-strings:
2531. | GetRequest:
2532. | HTTP/1.0 401 Access Denied
2533. | Connection: close
2534. | Content-Type: text/html; charset="utf-8"
2535. | Date: Thu, 02 May 2019 05:23:15 GMT
2536. | Cache-Control: no-cache, no-store, must-revalidate, private
2537. | Pragma: no-cache
2538. | WWW-Authenticate: Basic realm="cPanel"
2539. | Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2540. | Set-Cookie: cpsession=%3ap305Jnn7gJKFwOGS%2c5f62cfb5635924f8424bd10a3cb4abd4; HttpOnly; path=/; port=2083; secure
2541. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2542. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2543. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2544. | Set-Cookie: horde_secret_key=expired; Ht
2545. | HTTPOptions:
2546. | HTTP/1.0 401 Access Denied
2547. | Connection: close
2548. | Content-Type: text/html; charset="utf-8"
2549. | Date: Thu, 02 May 2019 05:23:15 GMT
2550. | Cache-Control: no-cache, no-store, must-revalidate, private
2551. | Pragma: no-cache
2552. | WWW-Authenticate: Basic realm="cPanel"
2553. | Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2554. | Set-Cookie: cpsession=%3adEOErmUfX5ZDH3Yj%2c89614a85004a4bc8d57aa24a1fe23b5b; HttpOnly; path=/; port=2083; secure
2555. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2556. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2557. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
2558. |_ Set-Cookie: horde_secret_key=expired; Ht
2559. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2560. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2561. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2562. | Public Key type: rsa
2563. | Public Key bits: 2048
2564. | Signature Algorithm: sha256WithRSAEncryption
2565. | Not valid before: 2018-07-24T00:00:00
2566. | Not valid after: 2019-07-24T23:59:59
2567. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2568. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2569. | -----BEGIN CERTIFICATE-----
2570. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2571. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2572. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2573. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2574. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2575. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2576. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2577. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2578. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2579. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2580. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2581. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2582. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2583. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2584. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2585. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2586. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2587. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2588. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2589. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2590. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2591. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2592. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2593. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2594. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2595. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2596. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2597. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2598. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2599. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2600. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2601. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2602. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2603. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2604. |_-----END CERTIFICATE-----
2605. |_ssl-date: TLS randomness does not represent time
2606. 2086/tcp open gnunet? syn-ack
2607. | fingerprint-strings:
2608. | SIPOptions:
2609. | HTTP/1.1 301 Moved
2610. | Content-length: 129
2611. | Location: https://server.click-grafix.com:2087/sip%3anm
2612. | Content-type: text/html; charset="utf-8"
2613. | Cache-Control: no-cache, no-store, must-revalidate, private
2614. |_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://server.click-grafix.com:2087/sip%3anm"></head><body></body></html>
2615. 2087/tcp open ssl/eli? syn-ack
2616. | fingerprint-strings:
2617. | GetRequest:
2618. | HTTP/1.0 401 Access Denied
2619. | Connection: close
2620. | Content-Type: text/html; charset="utf-8"
2621. | Date: Thu, 02 May 2019 05:23:15 GMT
2622. | Cache-Control: no-cache, no-store, must-revalidate, private
2623. | Pragma: no-cache
2624. | WWW-Authenticate: Basic realm="Web Host Manager"
2625. | Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2626. | Set-Cookie: whostmgrsession=%3aIG6j26ZH_AJ70mcz%2c4bc7424834c047dd78ca6334fe3103ef; HttpOnly; path=/; port=2087; secure
2627. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2628. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2629. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2630. | Set-Cookie: horde_
2631. | HTTPOptions:
2632. | HTTP/1.0 401 Access Denied
2633. | Connection: close
2634. | Content-Type: text/html; charset="utf-8"
2635. | Date: Thu, 02 May 2019 05:23:15 GMT
2636. | Cache-Control: no-cache, no-store, must-revalidate, private
2637. | Pragma: no-cache
2638. | WWW-Authenticate: Basic realm="Web Host Manager"
2639. | Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2640. | Set-Cookie: whostmgrsession=%3aScs_IGvflCRCT_9P%2cd4b23069ca392f10ffc04198a7764005; HttpOnly; path=/; port=2087; secure
2641. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2642. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2643. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
2644. |_ Set-Cookie: horde_
2645. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2646. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2647. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2648. | Public Key type: rsa
2649. | Public Key bits: 2048
2650. | Signature Algorithm: sha256WithRSAEncryption
2651. | Not valid before: 2018-07-24T00:00:00
2652. | Not valid after: 2019-07-24T23:59:59
2653. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2654. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2655. | -----BEGIN CERTIFICATE-----
2656. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2657. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2658. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2659. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2660. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2661. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2662. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2663. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2664. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2665. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2666. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2667. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2668. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2669. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2670. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2671. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2672. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2673. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2674. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2675. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2676. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2677. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2678. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2679. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2680. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2681. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2682. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2683. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2684. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2685. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2686. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2687. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2688. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2689. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2690. |_-----END CERTIFICATE-----
2691. |_ssl-date: TLS randomness does not represent time
2692. 2095/tcp open nbx-ser? syn-ack
2693. | fingerprint-strings:
2694. | SIPOptions:
2695. | HTTP/1.1 301 Moved
2696. | Content-length: 129
2697. | Location: https://server.click-grafix.com:2096/sip%3anm
2698. | Content-type: text/html; charset="utf-8"
2699. | Cache-Control: no-cache, no-store, must-revalidate, private
2700. |_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://server.click-grafix.com:2096/sip%3anm"></head><body></body></html>
2701. 2096/tcp open ssl/nbx-dir? syn-ack
2702. | fingerprint-strings:
2703. | GetRequest:
2704. | HTTP/1.0 401 Access Denied
2705. | Connection: close
2706. | Content-Type: text/html; charset="utf-8"
2707. | Date: Thu, 02 May 2019 05:23:15 GMT
2708. | Cache-Control: no-cache, no-store, must-revalidate, private
2709. | Pragma: no-cache
2710. | WWW-Authenticate: Basic realm="WebMail"
2711. | Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2712. | Set-Cookie: webmailsession=%3a8R8FrB2to39cWEy4%2cecc8de0824cdeea5fb53f07f9777e8bb; HttpOnly; path=/; port=2096; secure
2713. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2714. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2715. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2716. | Set-Cookie: horde_secret_key=
2717. | HTTPOptions:
2718. | HTTP/1.0 401 Access Denied
2719. | Connection: close
2720. | Content-Type: text/html; charset="utf-8"
2721. | Date: Thu, 02 May 2019 05:23:15 GMT
2722. | Cache-Control: no-cache, no-store, must-revalidate, private
2723. | Pragma: no-cache
2724. | WWW-Authenticate: Basic realm="WebMail"
2725. | Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2726. | Set-Cookie: webmailsession=%3aMQCwmKFs9NrgDUNm%2c1ac580b80b3341580deeffb8444cfe8a; HttpOnly; path=/; port=2096; secure
2727. | Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2728. | Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2729. | Set-Cookie: Horde=expired; HttpOnly; domain=.server.click-grafix.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
2730. |_ Set-Cookie: horde_secret_key=
2731. | ssl-cert: Subject: commonName=server.click-grafix.com/organizationalUnitName=PositiveSSL
2732. | Subject Alternative Name: DNS:server.click-grafix.com, DNS:www.server.click-grafix.com
2733. | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US/localityName=Houston
2734. | Public Key type: rsa
2735. | Public Key bits: 2048
2736. | Signature Algorithm: sha256WithRSAEncryption
2737. | Not valid before: 2018-07-24T00:00:00
2738. | Not valid after: 2019-07-24T23:59:59
2739. | MD5: ef36 53dc cdf1 d27c e2d0 51c4 6362 d6d4
2740. | SHA-1: 5187 e008 54ad a324 08d4 0e7b d84f e8f2 393e f965
2741. | -----BEGIN CERTIFICATE-----
2742. | MIIGQTCCBSmgAwIBAgIQT8KCl+8zC7CQ9uYDxKIzzTANBgkqhkiG9w0BAQsFADBy
2743. | MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTAT
2744. | BgNVBAoTDGNQYW5lbCwgSW5jLjEtMCsGA1UEAxMkY1BhbmVsLCBJbmMuIENlcnRp
2745. | ZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcyNDAwMDAwMFoXDTE5MDcyNDIzNTk1
2746. | OVowWzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQwEgYDVQQL
2747. | EwtQb3NpdGl2ZVNTTDEgMB4GA1UEAxMXc2VydmVyLmNsaWNrLWdyYWZpeC5jb20w
2748. | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/fYpGJ02yX0eUG2ihh+im
2749. | 4DFiPfcFjX9vXOEAW93ToJNROXhCyRpd23JSO86fgQEiP4TKKMbnFYMnruTrOBKQ
2750. | OGpFXjvFItBqjYBSdePxNcvCpU6inBzN3ZUpqw3WHCi+qoHUzkqE27gkaoygdtuL
2751. | jl1EihNp0s/wBRt63AE+eU3re1KxOy1eBi3PEvP7+AIhWEqd2iyfHjfNRu3tlRgj
2752. | O3W/y3CnhuEOyyX4LOwxPvkQHDGSSxqiiqoH0zEnHGbIQYA2c2AnRQ3yOnjn13ZC
2753. | r48pR3b52/mpW8s6aJDmjdHUnbemv0k9Ijj8JpS5UBvzcKD0alLY3rrKi8B7vvg9
2754. | AgMBAAGjggLoMIIC5DAfBgNVHSMEGDAWgBR+A1plQWunfgrhuJ0I6h2OHWrHZTAd
2755. | BgNVHQ4EFgQU2Y+20s8w+YOm4cOKR3iXmedjQtYwDgYDVR0PAQH/BAQDAgWgMAwG
2756. | A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1Ud
2757. | IARIMEYwOgYLKwYBBAGyMQECAjQwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1
2758. | cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMEwGA1UdHwRFMEMwQaA/oD2GO2h0
2759. | dHA6Ly9jcmwuY29tb2RvY2EuY29tL2NQYW5lbEluY0NlcnRpZmljYXRpb25BdXRo
2760. | b3JpdHkuY3JsMH0GCCsGAQUFBwEBBHEwbzBHBggrBgEFBQcwAoY7aHR0cDovL2Ny
2761. | dC5jb21vZG9jYS5jb20vY1BhbmVsSW5jQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
2762. | cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA/BgNVHREE
2763. | ODA2ghdzZXJ2ZXIuY2xpY2stZ3JhZml4LmNvbYIbd3d3LnNlcnZlci5jbGljay1n
2764. | cmFmaXguY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkf
2765. | q+GeZqMPfl+wctiDAMR7iXqo/csAAAFkyjfecAAABAMASDBGAiEA1gkICLUOquHw
2766. | AbNuhRP932fABvQx/+D0Qtu7lAgKv0oCIQDMLECO0bYVBaBlw4p77z18sp6AZJpR
2767. | ahZtv+puBgXVqQB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAAB
2768. | ZMo33q0AAAQDAEYwRAIgTfm2myATuvcT4nGzpxhuDgAZn2e+aBu22mYZZwgMB3IC
2769. | IAjo+/G1DzbhaInmiI27aPg5Srwh7CcoPJhywc3He6EzMA0GCSqGSIb3DQEBCwUA
2770. | A4IBAQA0wnmt9+d7pK/TtY+V+WeqpJ/v0EOAJYRQiP5ThRfjifn4SP+vVi7kc6dr
2771. | gmkG35Ti9xlNI9H6Hmwc1zDHJuwyom3YaaKm01tq4i3stIZVsAQUxQO4gXoK3PUX
2772. | ChLIa88YomTA6ZXJTftzbmZ1bwNAtwfWgzdQmhSZD7uP8x93qoB+KkLzBTV716cV
2773. | pBcac3fq6sVIfnGlxNtQwFHClfuR/kWu1s/Efsj0ftRSNi9Yu1jjWny4OZ6Pfmli
2774. | RzZ3EDSRfGtYYxaGIU9JRJClVUC8Ax335PlsodeibkYSMIrYAdXVLhbM0dPrZGje
2775. | BOfeO+nIKr9fTlkEPMP6DkTuTxC1
2776. |_-----END CERTIFICATE-----
2777. |_ssl-date: TLS randomness does not represent time
2778. 8 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
2779. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2780. SF-Port2077-TCP:V=7.70%I=7%D=5/2%Time=5CCA7F0A%P=x86_64-pc-linux-gnu%r(SIP
2781. SF:Options,16B,"HTTP/1\.1\x20302\x20Moved\r\nDate:\x20Thu,\x2002\x20May\x2
2782. SF:02019\x2005:24:23\x20GMT\r\nServer:\x20cPanel\r\nPersistent-Auth:\x20fa
2783. SF:lse\r\nHost:\x20server\.click-grafix\.com:2077\r\nCache-Control:\x20no-
2784. SF:cache,\x20no-store,\x20must-revalidate,\x20private\r\nConnection:\x20cl
2785. SF:ose\r\nLocation:\x20https://server\.click-grafix\.com:2078sip:nm\r\nVar
2786. SF:y:\x20Accept-Encoding\r\nExpires:\x20Fri,\x2001\x20Jan\x201990\x2000:00
2787. SF::00\x20GMT\r\nX-Redirect-Reason:\x20requiressl\r\n\r\n");
2788. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2789. SF-Port2079-TCP:V=7.70%I=7%D=5/2%Time=5CCA7F0A%P=x86_64-pc-linux-gnu%r(SIP
2790. SF:Options,16B,"HTTP/1\.1\x20302\x20Moved\r\nDate:\x20Thu,\x2002\x20May\x2
2791. SF:02019\x2005:24:23\x20GMT\r\nServer:\x20cPanel\r\nPersistent-Auth:\x20fa
2792. SF:lse\r\nHost:\x20server\.click-grafix\.com:2079\r\nCache-Control:\x20no-
2793. SF:cache,\x20no-store,\x20must-revalidate,\x20private\r\nConnection:\x20cl
2794. SF:ose\r\nLocation:\x20https://server\.click-grafix\.com:2080sip:nm\r\nVar
2795. SF:y:\x20Accept-Encoding\r\nExpires:\x20Fri,\x2001\x20Jan\x201990\x2000:00
2796. SF::00\x20GMT\r\nX-Redirect-Reason:\x20requiressl\r\n\r\n");
2797. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2798. SF-Port2082-TCP:V=7.70%I=7%D=5/2%Time=5CCA7F0A%P=x86_64-pc-linux-gnu%r(SIP
2799. SF:Options,14C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20129\r\nLoc
2800. SF:ation:\x20https://server\.click-grafix\.com:2083/sip%3anm\r\nContent-ty
2801. SF:pe:\x20text/html;\x20charset=\"utf-8\"\r\nCache-Control:\x20no-cache,\x
2802. SF:20no-store,\x20must-revalidate,\x20private\r\n\r\n<html><head><META\x20
2803. SF:HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https://server\.click-grafix\
2804. SF:.com:2083/sip%3anm\"></head><body></body></html>\n");
2805. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2806. SF-Port2083-TCP:V=7.70%T=SSL%I=7%D=5/2%Time=5CCA7EC6%P=x86_64-pc-linux-gnu
2807. SF:%r(GetRequest,95C3,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnection:
2808. SF:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nDate:\
2809. SF:x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCache-Control:\x20no
2810. SF:-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20no-ca
2811. SF:che\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r\nSet-Cookie:\x2
2812. SF:0cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\
2813. SF:x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20cpsession=
2814. SF:%3ap305Jnn7gJKFwOGS%2c5f62cfb5635924f8424bd10a3cb4abd4;\x20HttpOnly;\x2
2815. SF:0path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sessid=exp
2816. SF:ired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x
2817. SF:20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sessauth=
2818. SF:expired;\x20HttpOnly;\x20domain=server\.click-grafix\.com;\x20expires=T
2819. SF:hu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secu
2820. SF:re\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;\x20domain=\.server\.cl
2821. SF:ick-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20
2822. SF:path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20horde_secret_key=expi
2823. SF:red;\x20Ht")%r(HTTPOptions,95C3,"HTTP/1\.0\x20401\x20Access\x20Denied\r
2824. SF:\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-
2825. SF:8\"\r\nDate:\x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCache-C
2826. SF:ontrol:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPra
2827. SF:gma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r\nS
2828. SF:et-Cookie:\x20cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970
2829. SF:\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\
2830. SF:x20cpsession=%3adEOErmUfX5ZDH3Yj%2c89614a85004a4bc8d57aa24a1fe23b5b;\x2
2831. SF:0HttpOnly;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcu
2832. SF:be_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00
2833. SF::01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundc
2834. SF:ube_sessauth=expired;\x20HttpOnly;\x20domain=server\.click-grafix\.com;
2835. SF:\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=
2836. SF:2083;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;\x20domain
2837. SF:=\.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:0
2838. SF:1\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20horde_se
2839. SF:cret_key=expired;\x20Ht");
2840. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2841. SF-Port2086-TCP:V=7.70%I=7%D=5/2%Time=5CCA7F0A%P=x86_64-pc-linux-gnu%r(SIP
2842. SF:Options,14C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20129\r\nLoc
2843. SF:ation:\x20https://server\.click-grafix\.com:2087/sip%3anm\r\nContent-ty
2844. SF:pe:\x20text/html;\x20charset=\"utf-8\"\r\nCache-Control:\x20no-cache,\x
2845. SF:20no-store,\x20must-revalidate,\x20private\r\n\r\n<html><head><META\x20
2846. SF:HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https://server\.click-grafix\
2847. SF:.com:2087/sip%3anm\"></head><body></body></html>\n");
2848. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2849. SF-Port2087-TCP:V=7.70%T=SSL%I=7%D=5/2%Time=5CCA7EC6%P=x86_64-pc-linux-gnu
2850. SF:%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnection:
2851. SF:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nDate:\
2852. SF:x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCache-Control:\x20no
2853. SF:-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20no-ca
2854. SF:che\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Host\x20Manager\"\r
2855. SF:\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001
2856. SF:-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet
2857. SF:-Cookie:\x20whostmgrsession=%3aIG6j26ZH_AJ70mcz%2c4bc7424834c047dd78ca6
2858. SF:334fe3103ef;\x20HttpOnly;\x20path=/;\x20port=2087;\x20secure\r\nSet-Coo
2859. SF:kie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Ja
2860. SF:n-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Co
2861. SF:okie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=server\.cli
2862. SF:ck-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20p
2863. SF:ath=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20Http
2864. SF:Only;\x20domain=\.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-
2865. SF:1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cook
2866. SF:ie:\x20horde_")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Denie
2867. SF:d\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"u
2868. SF:tf-8\"\r\nDate:\x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCach
2869. SF:e-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n
2870. SF:Pragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Hos
2871. SF:t\x20Manager\"\r\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20ex
2872. SF:pires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\
2873. SF:x20secure\r\nSet-Cookie:\x20whostmgrsession=%3aScs_IGvflCRCT_9P%2cd4b23
2874. SF:069ca392f10ffc04198a7764005;\x20HttpOnly;\x20path=/;\x20port=2087;\x20s
2875. SF:ecure\r\nSet-Cookie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expir
2876. SF:es=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20
2877. SF:secure\r\nSet-Cookie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20do
2878. SF:main=server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00
2879. SF::01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x20Horde=
2880. SF:expired;\x20HttpOnly;\x20domain=\.server\.click-grafix\.com;\x20expires
2881. SF:=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20se
2882. SF:cure\r\nSet-Cookie:\x20horde_");
2883. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2884. SF-Port2095-TCP:V=7.70%I=7%D=5/2%Time=5CCA7F0A%P=x86_64-pc-linux-gnu%r(SIP
2885. SF:Options,14C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20129\r\nLoc
2886. SF:ation:\x20https://server\.click-grafix\.com:2096/sip%3anm\r\nContent-ty
2887. SF:pe:\x20text/html;\x20charset=\"utf-8\"\r\nCache-Control:\x20no-cache,\x
2888. SF:20no-store,\x20must-revalidate,\x20private\r\n\r\n<html><head><META\x20
2889. SF:HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https://server\.click-grafix\
2890. SF:.com:2096/sip%3anm\"></head><body></body></html>\n");
2891. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
2892. SF-Port2096-TCP:V=7.70%T=SSL%I=7%D=5/2%Time=5CCA7EC5%P=x86_64-pc-linux-gnu
2893. SF:%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnection:
2894. SF:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nDate:\
2895. SF:x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCache-Control:\x20no
2896. SF:-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20no-ca
2897. SF:che\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\nSet-Cookie:\x
2898. SF:20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:
2899. SF:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20webm
2900. SF:ailsession=%3a8R8FrB2to39cWEy4%2cecc8de0824cdeea5fb53f07f9777e8bb;\x20H
2901. SF:ttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20roundcube
2902. SF:_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00:0
2903. SF:1\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20roundcub
2904. SF:e_sessauth=expired;\x20HttpOnly;\x20domain=server\.click-grafix\.com;\x
2905. SF:20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=20
2906. SF:96;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;\x20domain=\
2907. SF:.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\
2908. SF:x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20horde_secr
2909. SF:et_key=")%r(HTTPOptions,964D,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nC
2910. SF:onnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"
2911. SF:\r\nDate:\x20Thu,\x2002\x20May\x202019\x2005:23:15\x20GMT\r\nCache-Cont
2912. SF:rol:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma
2913. SF::\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\nSet
2914. SF:-Cookie:\x20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1
2915. SF:970\x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cooki
2916. SF:e:\x20webmailsession=%3aMQCwmKFs9NrgDUNm%2c1ac580b80b3341580deeffb8444c
2917. SF:fe8a;\x20HttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x2
2918. SF:0roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\
2919. SF:x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x
2920. SF:20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=server\.click-graf
2921. SF:ix\.com;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\
2922. SF:x20port=2096;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;\x
2923. SF:20domain=\.server\.click-grafix\.com;\x20expires=Thu,\x2001-Jan-1970\x2
2924. SF:000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20
2925. SF:horde_secret_key=");
2926. Device type: general purpose|storage-misc|firewall
2927. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), Synology DiskStation Manager 5.X (87%), WatchGuard Fireware 11.X (87%), FreeBSD 6.X (86%)
2928. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/o:freebsd:freebsd:6.2
2929. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
2930. Aggressive OS guesses: Linux 3.10 - 3.12 (93%), Linux 4.4 (93%), Linux 4.9 (90%), Linux 3.10 - 3.16 (88%), Linux 4.0 (88%), Linux 3.11 - 4.1 (87%), Linux 2.6.32 (87%), Linux 2.6.39 (87%), Linux 3.4 (87%), Linux 3.5 (87%)
2931. No exact OS matches for host (test conditions non-ideal).
2932. TCP/IP fingerprint:
2933. SCAN(V=7.70%E=4%D=5/2%OT=53%CT=22%CU=%PV=N%DS=16%DC=T%G=N%TM=5CCA7F8B%P=x86_64-pc-linux-gnu)
2934. SEQ(SP=106%GCD=1%ISR=10C%TI=Z%TS=A)
2935. OPS(O1=M44FST11NW7%O2=M44FST11NW7%O3=M44FNNT11NW7%O4=M44FST11NW7%O5=M44FST11NW7%O6=M44FST11)
2936. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
2937. ECN(R=Y%DF=Y%TG=40%W=7210%O=M44FNNSNW7%CC=Y%Q=)
2938. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
2939. T2(R=N)
2940. T3(R=N)
2941. T4(R=N)
2942. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
2943. T6(R=N)
2944. T7(R=N)
2945. U1(R=N)
2946. IE(R=Y%DFI=N%TG=40%CD=S)
2947.  
2948. Uptime guess: 28.659 days (since Wed Apr 3 09:37:16 2019)
2949. Network Distance: 16 hops
2950. TCP Sequence Prediction: Difficulty=262 (Good luck!)
2951. IP ID Sequence Generation: All zeros
2952. Service Info: OSs: Linux, FortiOS; Device: firewall; CPE: cpe:/o:redhat:enterprise_linux:7, cpe:/h:fortinet:fortiwifi:80c
2953.  
2954. TRACEROUTE (using proto 1/icmp)
2955. HOP RTT ADDRESS
2956. 1 22.02 ms 10.248.200.1
2957. 2 22.43 ms vlan102.as02.qc1.ca.m247.com (176.113.74.17)
2958. 3 42.39 ms xe-0-0-1-0.agg2.qc1.ca.m247.com (37.120.128.166)
2959. 4 22.41 ms vlan304.as032.buc.ro.m247.com (77.243.185.226)
2960. 5 22.48 ms te0-7-0-2.rcr21.ymq02.atlas.cogentco.com (38.122.42.161)
2961. 6 22.85 ms be2089.ccr21.ymq01.atlas.cogentco.com (154.54.45.113)
2962. 7 27.65 ms be2088.ccr21.alb02.atlas.cogentco.com (154.54.43.18)
2963. 8 30.86 ms be2915.ccr41.jfk02.atlas.cogentco.com (154.54.40.62)
2964. 9 38.08 ms be2806.ccr41.dca01.atlas.cogentco.com (154.54.40.106)
2965. 10 48.93 ms be2112.ccr41.atl01.atlas.cogentco.com (154.54.7.158)
2966. 11 56.15 ms be2784.rcr21.jax01.atlas.cogentco.com (154.54.28.106)
2967. 12 59.15 ms be3639.rcr51.mco01.atlas.cogentco.com (154.24.19.133)
2968. 13 60.08 ms te0-0-1-0.nr11.b006655-1.mco01.atlas.cogentco.com (154.24.23.202)
2969. 14 62.24 ms 38.104.89.26
2970. 15 270.18 ms xe-1-3-core2.orl.hostdime.com (72.29.88.46)
2971. 16 68.48 ms server.click-grafix.com (138.128.160.2)
2972.  
2973. NSE: Script Post-scanning.
2974. NSE: Starting runlevel 1 (of 2) scan.
2975. Initiating NSE at 01:26
2976. Completed NSE at 01:26, 0.00s elapsed
2977. NSE: Starting runlevel 2 (of 2) scan.
2978. Initiating NSE at 01:26
2979. Completed NSE at 01:26, 0.00s elapsed
2980. Read data files from: /usr/bin/../share/nmap
2981. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2982. Nmap done: 1 IP address (1 host up) scanned in 439.85 seconds
2983. Raw packets sent: 119 (10.028KB) | Rcvd: 1595 (1.312MB)
2984. #######################################################################################################################################
2985. Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-02 01:26 EDT
2986. NSE: Loaded 148 scripts for scanning.
2987. NSE: Script Pre-scanning.
2988. Initiating NSE at 01:26
2989. Completed NSE at 01:26, 0.00s elapsed
2990. Initiating NSE at 01:26
2991. Completed NSE at 01:26, 0.00s elapsed
2992. Initiating Parallel DNS resolution of 1 host. at 01:26
2993. Completed Parallel DNS resolution of 1 host. at 01:26, 0.03s elapsed
2994. Initiating UDP Scan at 01:26
2995. Scanning server.click-grafix.com (138.128.160.2) [14 ports]
2996. Discovered open port 53/udp on 138.128.160.2
2997. Completed UDP Scan at 01:26, 1.30s elapsed (14 total ports)
2998. Initiating Service scan at 01:26
2999. Scanning 12 services on server.click-grafix.com (138.128.160.2)
3000. Service scan Timing: About 16.67% done; ETC: 01:36 (0:08:10 remaining)
3001. Completed Service scan at 01:28, 102.58s elapsed (12 services on 1 host)
3002. Initiating OS detection (try #1) against server.click-grafix.com (138.128.160.2)
3003. adjust_timeouts2: packet supposedly had rtt of -87476 microseconds. Ignoring time.
3004. adjust_timeouts2: packet supposedly had rtt of -672141 microseconds. Ignoring time.
3005. adjust_timeouts2: packet supposedly had rtt of -672141 microseconds. Ignoring time.
3006. Retrying OS detection (try #2) against server.click-grafix.com (138.128.160.2)
3007. Initiating Traceroute at 01:28
3008. Completed Traceroute at 01:28, 7.09s elapsed
3009. Initiating Parallel DNS resolution of 1 host. at 01:28
3010. Completed Parallel DNS resolution of 1 host. at 01:28, 0.01s elapsed
3011. NSE: Script scanning 138.128.160.2.
3012. Initiating NSE at 01:28
3013. Completed NSE at 01:28, 20.24s elapsed
3014. Initiating NSE at 01:28
3015. Completed NSE at 01:28, 1.02s elapsed
3016. Nmap scan report for server.click-grafix.com (138.128.160.2)
3017. Host is up (0.032s latency).
3018.  
3019. PORT STATE SERVICE VERSION
3020. 53/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3021. | dns-nsid:
3022. |_ bind.version: 9.9.4-RedHat-9.9.4-73.el7_6
3023. 67/udp open|filtered dhcps
3024. 68/udp open|filtered dhcpc
3025. 69/udp open|filtered tftp
3026. 88/udp open|filtered kerberos-sec
3027. 123/udp open|filtered ntp
3028. 137/udp filtered netbios-ns
3029. 138/udp filtered netbios-dgm
3030. 139/udp open|filtered netbios-ssn
3031. 161/udp open|filtered snmp
3032. 162/udp open|filtered snmptrap
3033. 389/udp open|filtered ldap
3034. 520/udp open|filtered route
3035. 2049/udp open|filtered nfs
3036. Too many fingerprints match this host to give specific OS details
3037. Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3038.  
3039. TRACEROUTE (using port 137/udp)
3040. HOP RTT ADDRESS
3041. 1 21.67 ms 10.248.200.1
3042. 2 ... 3
3043. 4 21.83 ms 10.248.200.1
3044. 5 21.06 ms 10.248.200.1
3045. 6 21.05 ms 10.248.200.1
3046. 7 21.05 ms 10.248.200.1
3047. 8 21.04 ms 10.248.200.1
3048. 9 21.03 ms 10.248.200.1
3049. 10 21.04 ms 10.248.200.1
3050. 11 ... 18
3051. 19 21.34 ms 10.248.200.1
3052. 20 22.75 ms 10.248.200.1
3053. 21 ... 28
3054. 29 22.21 ms 10.248.200.1
3055. 30 22.28 ms 10.248.200.1
3056.  
3057. NSE: Script Post-scanning.
3058. Initiating NSE at 01:28
3059. Completed NSE at 01:28, 0.00s elapsed
3060. Initiating NSE at 01:28
3061. Completed NSE at 01:28, 0.00s elapsed
3062. Read data files from: /usr/bin/../share/nmap
3063. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3064. Nmap done: 1 IP address (1 host up) scanned in 136.85 seconds
3065. Raw packets sent: 143 (13.200KB) | Rcvd: 4228 (1.564MB)
3066. #######################################################################################################################################
3067. [+] URL: http://wre.gov.sd/
3068. [+] Started: Wed May 1 23:55:49 2019
3069.  
3070. Interesting Finding(s):
3071.  
3072. [+] http://wre.gov.sd/
3073. | Interesting Entries:
3074. | - X-Powered-By: PHP/5.6.40
3075. | - Referrer-Policy: no-referrer-when-downgrade
3076. | Found By: Headers (Passive Detection)
3077. | Confidence: 100%
3078.  
3079. [+] http://wre.gov.sd/robots.txt
3080. | Interesting Entries:
3081. | - /wp-admin/
3082. | - /wp-admin/admin-ajax.php
3083. | Found By: Robots Txt (Aggressive Detection)
3084. | Confidence: 100%
3085.  
3086. [+] http://wre.gov.sd/xmlrpc.php
3087. | Found By: Direct Access (Aggressive Detection)
3088. | Confidence: 100%
3089. | References:
3090. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3091. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3092. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3093. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3094. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3095.  
3096. [+] http://wre.gov.sd/readme.html
3097. | Found By: Direct Access (Aggressive Detection)
3098. | Confidence: 100%
3099.  
3100. [+] Upload directory has listing enabled: http://wre.gov.sd/wp-content/uploads/
3101. | Found By: Direct Access (Aggressive Detection)
3102. | Confidence: 100%
3103.  
3104. [+] http://wre.gov.sd/wp-cron.php
3105. | Found By: Direct Access (Aggressive Detection)
3106. | Confidence: 60%
3107. | References:
3108. | - https://www.iplocation.net/defend-wordpress-from-ddos
3109. | - https://github.com/wpscanteam/wpscan/issues/1299
3110.  
3111. [+] WordPress version 4.9.10 identified (Latest, released on 2019-03-13).
3112. | Detected By: Emoji Settings (Passive Detection)
3113. | - http://wre.gov.sd/, Match: '-release.min.js?ver=4.9.10'
3114. | Confirmed By: Meta Generator (Passive Detection)
3115. | - http://wre.gov.sd/, Match: 'WordPress 4.9.10'
3116.  
3117. [+] WordPress theme in use: nilogy
3118. | Location: http://wre.gov.sd/wp-content/themes/nilogy/
3119. | Style URL: http://wre.gov.sd/wp-content/themes/nilogy/style.css
3120. | Style Name: Nilogy
3121. |
3122. | Detected By: Urls In Homepage (Passive Detection)
3123. |
3124. | The version could not be determined.
3125.  
3126. [+] Enumerating All Plugins (via Passive Methods)
3127. [+] Checking Plugin Versions (via Passive and Aggressive Methods)
3128.  
3129. [i] Plugin(s) Identified:
3130.  
3131. [+] add-to-any
3132. | Location: http://wre.gov.sd/wp-content/plugins/add-to-any/
3133. | Last Updated: 2019-04-02T00:25:00.000Z
3134. | [!] The version is out of date, the latest version is 1.7.35
3135. |
3136. | Detected By: Urls In Homepage (Passive Detection)
3137. |
3138. | Version: 1.7.34 (100% confidence)
3139. | Detected By: Readme - Stable Tag (Aggressive Detection)
3140. | - http://wre.gov.sd/wp-content/plugins/add-to-any/README.txt
3141. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3142. | - http://wre.gov.sd/wp-content/plugins/add-to-any/README.txt
3143.  
3144. [+] all-in-one-seo-pack
3145. | Location: http://wre.gov.sd/wp-content/plugins/all-in-one-seo-pack/
3146. | Latest Version: 2.12 (up to date)
3147. | Last Updated: 2019-02-20T19:20:00.000Z
3148. |
3149. | Detected By: Comment (Passive Detection)
3150. |
3151. | Version: 2.12 (100% confidence)
3152. | Detected By: Comment (Passive Detection)
3153. | - http://wre.gov.sd/, Match: 'All in One SEO Pack 2.12 by'
3154. | Confirmed By: Readme - Stable Tag (Aggressive Detection)
3155. | - http://wre.gov.sd/wp-content/plugins/all-in-one-seo-pack/readme.txt
3156.  
3157. [+] fx-editor
3158. | Location: http://wre.gov.sd/wp-content/plugins/fx-editor/
3159. | Latest Version: 1.4.0 (up to date)
3160. | Last Updated: 2016-12-09T06:43:00.000Z
3161. |
3162. | Detected By: Urls In Homepage (Passive Detection)
3163. |
3164. | Version: 1.4.0 (100% confidence)
3165. | Detected By: Readme - Stable Tag (Aggressive Detection)
3166. | - http://wre.gov.sd/wp-content/plugins/fx-editor/readme.txt
3167. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3168. | - http://wre.gov.sd/wp-content/plugins/fx-editor/readme.txt
3169.  
3170. [+] gutenberg
3171. | Location: http://wre.gov.sd/wp-content/plugins/gutenberg/
3172. | Last Updated: 2019-04-19T02:13:00.000Z
3173. | [!] The version is out of date, the latest version is 5.5.0
3174. |
3175. | Detected By: Urls In Homepage (Passive Detection)
3176. |
3177. | Version: 4.9.0 (90% confidence)
3178. | Detected By: Change Log (Aggressive Detection)
3179. | - http://wre.gov.sd/wp-content/plugins/gutenberg/changelog.txt, Match: '= 4.9.0'
3180.  
3181. [+] popup-builder
3182. | Location: http://wre.gov.sd/wp-content/plugins/popup-builder/
3183. | Last Updated: 2019-04-03T15:34:00.000Z
3184. | [!] The version is out of date, the latest version is 3.1.9
3185. |
3186. | Detected By: Urls In Homepage (Passive Detection)
3187. |
3188. | Version: 3.1.7.1 (100% confidence)
3189. | Detected By: Readme - Stable Tag (Aggressive Detection)
3190. | - http://wre.gov.sd/wp-content/plugins/popup-builder/readme.txt
3191. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3192. | - http://wre.gov.sd/wp-content/plugins/popup-builder/readme.txt
3193.  
3194. [+] qtranslate-x
3195. | Location: http://wre.gov.sd/wp-content/plugins/qtranslate-x/
3196. | Latest Version: 3.4.6.8 (up to date)
3197. | Last Updated: 2016-07-13T17:36:00.000Z
3198. |
3199. | Detected By: Urls In Homepage (Passive Detection)
3200. |
3201. | Version: 3.4.6.8 (80% confidence)
3202. | Detected By: Readme - Stable Tag (Aggressive Detection)
3203. | - http://wre.gov.sd/wp-content/plugins/qtranslate-x/readme.txt
3204.  
3205. [+] w3-total-cache
3206. | Location: http://wre.gov.sd/wp-content/plugins/w3-total-cache/
3207. | Last Updated: 2019-03-26T15:19:00.000Z
3208. | [!] The version is out of date, the latest version is 0.9.7.3
3209. |
3210. | Detected By: Comment Debug Info (Passive Detection)
3211. |
3212. | Version: 0.9.7.2 (100% confidence)
3213. | Detected By: Readme - Stable Tag (Aggressive Detection)
3214. | - http://wre.gov.sd/wp-content/plugins/w3-total-cache/readme.txt
3215. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
3216. | - http://wre.gov.sd/wp-content/plugins/w3-total-cache/readme.txt
3217.  
3218. [+] Enumerating Config Backups (via Passive and Aggressive Methods)
3219. Checking Config Backups - Time: 00:00:05 <=============> (21 / 21) 100.00% Time: 00:00:05
3220.  
3221. [i] No Config Backups Found.
3222.  
3223.  
3224. [+] Finished: Wed May 1 23:56:58 2019
3225. [+] Requests Done: 67
3226. [+] Cached Requests: 6
3227. [+] Data Sent: 14.581 KB
3228. [+] Data Received: 896.498 KB
3229. [+] Memory used: 190.945 MB
3230. [+] Elapsed time: 00:01:08
3231. #######################################################################################################################################
3232. [+] URL: http://wre.gov.sd/
3233. [+] Started: Wed May 1 23:55:51 2019
3234.  
3235. Interesting Finding(s):
3236.  
3237. [+] http://wre.gov.sd/
3238. | Interesting Entries:
3239. | - X-Powered-By: PHP/5.6.40
3240. | - Referrer-Policy: no-referrer-when-downgrade
3241. | Found By: Headers (Passive Detection)
3242. | Confidence: 100%
3243.  
3244. [+] http://wre.gov.sd/robots.txt
3245. | Interesting Entries:
3246. | - /wp-admin/
3247. | - /wp-admin/admin-ajax.php
3248. | Found By: Robots Txt (Aggressive Detection)
3249. | Confidence: 100%
3250.  
3251. [+] http://wre.gov.sd/readme.html
3252. | Found By: Direct Access (Aggressive Detection)
3253. | Confidence: 100%
3254.  
3255. [+] Upload directory has listing enabled: http://wre.gov.sd/wp-content/uploads/
3256. | Found By: Direct Access (Aggressive Detection)
3257. | Confidence: 100%
3258.  
3259. [+] http://wre.gov.sd/wp-cron.php
3260. | Found By: Direct Access (Aggressive Detection)
3261. | Confidence: 60%
3262. | References:
3263. | - https://www.iplocation.net/defend-wordpress-from-ddos
3264. | - https://github.com/wpscanteam/wpscan/issues/1299
3265.  
3266. [+] WordPress version 4.9.10 identified (Latest, released on 2019-03-13).
3267. | Detected By: Emoji Settings (Passive Detection)
3268. | - http://wre.gov.sd/, Match: '-release.min.js?ver=4.9.10'
3269. | Confirmed By: Meta Generator (Passive Detection)
3270. | - http://wre.gov.sd/, Match: 'WordPress 4.9.10'
3271.  
3272. [+] WordPress theme in use: nilogy
3273. | Location: http://wre.gov.sd/wp-content/themes/nilogy/
3274. | Style URL: http://wre.gov.sd/wp-content/themes/nilogy/style.css
3275. | Style Name: Nilogy
3276. |
3277. | Detected By: Urls In Homepage (Passive Detection)
3278. |
3279. | The version could not be determined.
3280.  
3281. [+] Enumerating Users (via Passive and Aggressive Methods)
3282. Brute Forcing Author IDs - Time: 00:00:08 <==> (10 / 10) 100.00% Time: 00:00:08
3283.  
3284. [i] User(s) Identified:
3285.  
3286. [+] admin
3287. | Detected By: Wp Json Api (Aggressive Detection)
3288. | - http://wre.gov.sd/wp-json/wp/v2/users/?per_page=100&page=1
3289. | Confirmed By:
3290. | Rss Generator (Aggressive Detection)
3291. | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3292.  
3293. [+] prmu
3294. | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3295.  
3296.  
3297. [+] Finished: Wed May 1 23:56:48 2019
3298. [+] Requests Done: 44
3299. [+] Cached Requests: 12
3300. [+] Data Sent: 9.741 KB
3301. [+] Data Received: 1.042 MB
3302. [+] Memory used: 94.625 MB
3303. [+] Elapsed time: 00:00:57
3304. #######################################################################################################################################
3305. [+] URL: http://wre.gov.sd/
3306. [+] Started: Thu May 2 00:07:45 2019
3307.  
3308. Interesting Finding(s):
3309.  
3310. [+] http://wre.gov.sd/
3311. | Interesting Entries:
3312. | - X-Powered-By: PHP/5.6.40
3313. | - Referrer-Policy: no-referrer-when-downgrade
3314. | Found By: Headers (Passive Detection)
3315. | Confidence: 100%
3316.  
3317. [+] http://wre.gov.sd/robots.txt
3318. | Interesting Entries:
3319. | - /wp-admin/
3320. | - /wp-admin/admin-ajax.php
3321. | Found By: Robots Txt (Aggressive Detection)
3322. | Confidence: 100%
3323.  
3324. [+] http://wre.gov.sd/xmlrpc.php
3325. | Found By: Direct Access (Aggressive Detection)
3326. | Confidence: 100%
3327. | References:
3328. | - http://codex.wordpress.org/XML-RPC_Pingback_API
3329. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
3330. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
3331. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
3332. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
3333.  
3334. [+] http://wre.gov.sd/readme.html
3335. | Found By: Direct Access (Aggressive Detection)
3336. | Confidence: 100%
3337.  
3338. [+] Upload directory has listing enabled: http://wre.gov.sd/wp-content/uploads/
3339. | Found By: Direct Access (Aggressive Detection)
3340. | Confidence: 100%
3341.  
3342. [+] http://wre.gov.sd/wp-cron.php
3343. | Found By: Direct Access (Aggressive Detection)
3344. | Confidence: 60%
3345. | References:
3346. | - https://www.iplocation.net/defend-wordpress-from-ddos
3347. | - https://github.com/wpscanteam/wpscan/issues/1299
3348.  
3349. [+] WordPress version 4.9.10 identified (Latest, released on 2019-03-13).
3350. | Detected By: Emoji Settings (Passive Detection)
3351. | - http://wre.gov.sd/, Match: '-release.min.js?ver=4.9.10'
3352. | Confirmed By: Meta Generator (Passive Detection)
3353. | - http://wre.gov.sd/, Match: 'WordPress 4.9.10'
3354.  
3355. [+] WordPress theme in use: nilogy
3356. | Location: http://wre.gov.sd/wp-content/themes/nilogy/
3357. | Style URL: http://wre.gov.sd/wp-content/themes/nilogy/style.css
3358. | Style Name: Nilogy
3359. |
3360. | Detected By: Urls In Homepage (Passive Detection)
3361. |
3362. | The version could not be determined.
3363.  
3364. [+] Enumerating Users (via Passive and Aggressive Methods)
3365. Brute Forcing Author IDs - Time: 00:00:07 <============> (10 / 10) 100.00% Time: 00:00:07
3366.  
3367. [i] User(s) Identified:
3368.  
3369. [+] admin
3370. | Detected By: Wp Json Api (Aggressive Detection)
3371. | - http://wre.gov.sd/wp-json/wp/v2/users/?per_page=100&page=1
3372. | Confirmed By:
3373. | Rss Generator (Aggressive Detection)
3374. | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3375.  
3376. [+] prmu
3377. | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
3378.  
3379.  
3380. [+] Finished: Thu May 2 00:08:43 2019
3381. [+] Requests Done: 48
3382. [+] Cached Requests: 8
3383. [+] Data Sent: 10.987 KB
3384. [+] Data Received: 936.592 KB
3385. [+] Memory used: 94.527 MB
3386. [+] Elapsed time: 00:00:57
3387. #######################################################################################################################################
3388. [-] Date & Time: 01/05/2019 23:55:39
3389. [I] Threads: 5
3390. [-] Target: http://wre.gov.sd (138.128.160.2)
3391. [M] Website Not in HTTPS: http://wre.gov.sd
3392. [I] X-Powered-By: PHP/5.6.40
3393. [L] X-Frame-Options: Not Enforced
3394. [I] Strict-Transport-Security: Not Enforced
3395. [I] X-Content-Security-Policy: Not Enforced
3396. [I] X-Content-Type-Options: Not Enforced
3397. [L] Robots.txt Found: http://wre.gov.sd/robots.txt
3398. [I] CMS Detection: WordPress
3399. [I] Wordpress Version: 4.9.10
3400. [M] EDB-ID: 46511 "WordPress Core 5.0 - Remote Code Execution"
3401. [M] EDB-ID: 46662 "WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)"
3402. [I] Wordpress Theme: nilogy
3403. [L] Wordpress Hello Plugin Full Path Disclosure: /home/med/public_html/wp-content/plugins/hello.php
3404. [-] WordPress usernames identified:
3405. [M] admin
3406. [M] prmu
3407. [M] XML-RPC services are enabled
3408. [I] Autocomplete Off Not Found: http://wre.gov.sd/wp-login.php
3409. [-] Default WordPress Files:
3410. [I] http://wre.gov.sd/license.txt
3411. [I] http://wre.gov.sd/readme.html
3412. [I] http://wre.gov.sd/wp-includes/ID3/license.commercial.txt
3413. [I] http://wre.gov.sd/wp-includes/ID3/license.txt
3414. [I] http://wre.gov.sd/wp-includes/ID3/readme.txt
3415. [I] http://wre.gov.sd/wp-includes/images/crystal/license.txt
3416. [I] http://wre.gov.sd/wp-includes/js/plupload/license.txt
3417. [I] http://wre.gov.sd/wp-includes/js/swfupload/license.txt
3418. [I] http://wre.gov.sd/wp-includes/js/tinymce/license.txt
3419. [-] Searching Wordpress Plugins ...
3420. [I] add-to-any
3421. [I] adrotate
3422. [M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
3423. [M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
3424. [M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
3425. [I] ads-box
3426. [M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
3427. [I] feed
3428. [M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
3429. [I] firestats
3430. [M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
3431. [M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
3432. [M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
3433. [I] fx-editor v1.4.0
3434. [I] gutenberg v4.8.0
3435. [I] jetpack v7.1.1
3436. [M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
3437. [I] popup-builder v3.1.7.1
3438. [I] qtranslate-x v3.4.6.8
3439. [I] simple-ads-manager
3440. [M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
3441. [M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
3442. [M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
3443. [M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
3444. [I] wp-bannerize
3445. [M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
3446. [M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
3447. [M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
3448. [I] Checking for Directory Listing Enabled ...
3449. [L] http://wre.gov.sd/wp-admin/css
3450. [L] http://wre.gov.sd/wp-admin/images
3451. [L] http://wre.gov.sd/wp-admin/includes
3452. [L] http://wre.gov.sd/wp-admin/js
3453. [L] http://wre.gov.sd/wp-admin/maint
3454. [L] http://wre.gov.sd/wp-includes
3455. [L] http://wre.gov.sd/wp-includes/ID3
3456. [L] http://wre.gov.sd/wp-includes/IXR
3457. [L] http://wre.gov.sd/wp-includes/Requests
3458. [L] http://wre.gov.sd/wp-includes/SimplePie
3459. [L] http://wre.gov.sd/wp-includes/Text
3460. [L] http://wre.gov.sd/wp-includes/certificates
3461. [L] http://wre.gov.sd/wp-includes/css
3462. [L] http://wre.gov.sd/wp-includes/customize
3463. [L] http://wre.gov.sd/wp-includes/fonts
3464. [L] http://wre.gov.sd/wp-includes/images
3465. [L] http://wre.gov.sd/wp-includes/js
3466. [L] http://wre.gov.sd/wp-includes/pomo
3467. [L] http://wre.gov.sd/wp-includes/random_compat
3468. [L] http://wre.gov.sd/wp-includes/rest-api
3469. [L] http://wre.gov.sd/wp-includes/theme-compat
3470. [L] http://wre.gov.sd/wp-includes/widgets
3471. [L] http://wre.gov.sd/wp-content/plugins/add-to-any
3472. [L] http://wre.gov.sd/wp-content/plugins/fx-editor
3473. [L] http://wre.gov.sd/wp-content/plugins/gutenberg
3474. [L] http://wre.gov.sd/wp-content/plugins/jetpack
3475. [L] http://wre.gov.sd/wp-content/plugins/qtranslate-x
3476. [-] Date & Time: 02/05/2019 00:01:40
3477. [-] Completed in: 0:06:01
3478. #######################################################################################################################################
3479. ---------------------------------------------------------------------------------------------------------------------------------------
3480. + Target IP: 138.128.160.2
3481. + Target Hostname: 138.128.160.2
3482. + Target Port: 443
3483. ---------------------------------------------------------------------------------------------------------------------------------------
3484. + SSL Info: Subject: /CN=abaad.sd
3485. Ciphers: ECDHE-RSA-AES256-GCM-SHA384
3486. Issuer: /CN=abaad.sd
3487. + Start Time: 2019-05-02 01:51:11 (GMT-4)
3488. ---------------------------------------------------------------------------------------------------------------------------------------
3489. + Server: Apache
3490. + Retrieved x-powered-by header: PHP/5.6.40
3491. + The anti-clickjacking X-Frame-Options header is not present.
3492. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3493. + The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
3494. + The site uses SSL and Expect-CT header is not present.
3495. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3496. + No CGI Directories found (use '-C all' to force check all possible dirs)
3497. + Hostname '138.128.160.2' does not match certificate's names: abaad.sd
3498. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
3499. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
3500. + /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
3501. + /securecontrolpanel/: Web Server Control Panel
3502. + /webmail/: Web based mail package installed.
3503. + OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
3504. + OSVDB-2117: /cpanel/: Web-based control panel
3505. + OSVDB-3268: /css/: Directory indexing found.
3506. + OSVDB-3092: /css/: This might be interesting...
3507. + OSVDB-3092: /demo/: This might be interesting...
3508. + Server may leak inodes via ETags, header found with file /img-sys/, inode: 66588330, size: 0, mtime: Tue Jan 19 21:08:44 2016
3509. + OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
3510. + OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
3511. + OSVDB-3268: /images/: Directory indexing found.
3512. + OSVDB-3268: /style/: Directory indexing found.
3513. + /controlpanel/: Admin login page/section found.
3514. + 7915 requests: 0 error(s) and 23 item(s) reported on remote host
3515. + End Time: 2019-05-02 02:30:53 (GMT-4) (2382 seconds)
3516. ---------------------------------------------------------------------------------------------------------------------------------------
3517. #######################################################################################################################################
3518. --------------------------------------------------------------------------------------------------------------------------------------
3519. + Target IP: 138.128.160.2
3520. + Target Hostname: wre.gov.sd
3521. + Target Port: 80
3522. + Start Time: 2019-05-02 00:31:46 (GMT-4)
3523. ---------------------------------------------------------------------------------------------------------------------------------------
3524. + Server: No banner retrieved
3525. + Retrieved x-powered-by header: PHP/5.6.40
3526. + The anti-clickjacking X-Frame-Options header is not present.
3527. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
3528. + Uncommon header 'link' found, with contents: <http://wre.gov.sd/wp-json/>; rel="https://api.w.org/"
3529. + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
3530. + Cookie qtrans_front_language created without the httponly flag
3531. + Cookie qtrans_admin_language created without the httponly flag
3532. + Entry '/wp-admin/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
3533. + "robots.txt" contains 2 entries which should be manually viewed.
3534. + Server may leak inodes via ETags, header found with file /, inode: 118096467, size: 163, mtime: Tue Jan 29 21:03:25 2019
3535. + Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_URL 0
3536. + Web Server returns a valid response with junk HTTP methods, this may cause false positives.
3537. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
3538. ---------------------------------------------------------------------------------------------------------------------------------------
3539. #######################################################################################################################################
3540. Anonymous JTSEC #OpSudan Full Recon #66