Anonymous V.S BlackHat #OpWhales JTSEC full Recon #3

#######################################################################################################################################
Hostname 	www.jpf.go.jp 	  	ISP 	Incapsula Inc (AS19551)
Continent 	North America 	  	Flag
US
Country 	United States 	  	Country Code 	US (USA)
Region 	CA 	  	Local time 	08 Jan 2018 08:36 PST
Metropolis* 	San Francisco-Oakland-San Jose		  	Postal Code 	94065
City 	Redwood City 	  	Latitude 	37.533
IP Address 	192.230.124.46 	  	Longitude 	-122.247
######################################################################################################################################
[i] Scanning Site: http://192.230.124.46


B A S I C   I N F O
====================


[+] Site Title:
[+] IP address: 192.230.124.46
[+] Web Server: Could Not Detect
[+] CMS: Could Not Detect
[+] Cloudflare: Not Detected
[+] Robots File: Could NOT Find robots.txt!


W H O I S   L O O K U P
========================


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=192.230.124.46?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange:       192.230.64.0 - 192.230.127.255
CIDR:           192.230.64.0/18
NetName:        INCAPSULA-NETWORK
NetHandle:      NET-192-230-64-0-1
Parent:         NET192 (NET-192-0-0-0-0)
NetType:        Direct Assignment
OriginAS:       AS19551
Organization:   Incapsula Inc (INCAP-5)
RegDate:        2013-05-08
Updated:        2013-05-08
Ref:            https://whois.arin.net/rest/net/NET-192-230-64-0-1


OrgName:        Incapsula Inc
OrgId:          INCAP-5
Address:        3400 Bridge Parkway, Suite 200
City:           Redwood Shores
StateProv:      CA
PostalCode:     94065
Country:        US
RegDate:        2010-09-14
Updated:        2016-03-15
Ref:            https://whois.arin.net/rest/org/INCAP-5


OrgNOCHandle: INCAP2-ARIN
OrgNOCName:   Incapsula Operations
OrgNOCPhone:  +1-866-250-7659
OrgNOCEmail:  ip@incapsula.com
OrgNOCRef:    https://whois.arin.net/rest/poc/INCAP2-ARIN

OrgTechHandle: BRONS9-ARIN
OrgTechName:   Bronstein, Tomer
OrgTechPhone:  +1-866-250-7659
OrgTechEmail:  tomer@incapsula.com
OrgTechRef:    https://whois.arin.net/rest/poc/BRONS9-ARIN

OrgAbuseHandle: INCAP1-ARIN
OrgAbuseName:   Incapsula AbuseDesk
OrgAbusePhone:  +1-866-250-7659
OrgAbuseEmail:  abuse@incapsula.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/INCAP1-ARIN

OrgTechHandle: INCAP2-ARIN
OrgTechName:   Incapsula Operations
OrgTechPhone:  +1-866-250-7659
OrgTechEmail:  ip@incapsula.com
OrgTechRef:    https://whois.arin.net/rest/poc/INCAP2-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


G E O  I P  L O O K  U P
=========================

[i] IP Address: 192.230.124.46
[i] Country: US
[i] State: California
[i] City: Redwood City
[i] Latitude: 37.533100
[i] Longitude: -122.247101


H T T P   H E A D E R S
=======================


[i]  HTTP/1.1 503 Service Unavailable
[i]  Content-Type: text/html
[i]  Cache-Control: no-cache
[i]  Connection: close
[i]  Content-Length: 654
[i]  X-Iinfo: 9-161509514-0 0NNN RT(1515429635780 0) q(1 -1 -1 -1) r(1 -1)


D N S   L O O K U P
===================

no records found


S U B N E T   C A L C U L A T I O N
====================================

Address       = 192.230.124.46
Network       = 192.230.124.46 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 192.230.124.46 - 192.230.124.46 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-08 16:40 UTC
Nmap scan report for 192.230.124.46.ip.incapdns.net (192.230.124.46)
Host is up (0.076s latency).
PORT     STATE    SERVICE            VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   open     smtp?
80/tcp   open     http               Incapsula CDN httpd
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http           Incapsula CDN httpd
445/tcp  open     microsoft-ds?
3389/tcp open     ssl/ms-wbt-server?
1 service unrecognized despite returning data. If you know the service/version, please submit t
[!] IP Address : 192.230.124.46
[!] 192.230.124.46 doesn't seem to use a CMS
[+] Honeypot Probabilty: 30%
----------------------------------------
PORT     STATE    SERVICE            VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   open     smtp?
80/tcp   open     http               Incapsula CDN httpd
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http           Incapsula CDN httpd
445/tcp  open     microsoft-ds?
3389/tcp open     ssl/ms-wbt-server?
[92m====================================================================================[0m
[91m RUNNING NSLOOKUP [0m
[92m====================================================================================[0m
Server:		192.168.1.254
Address:	192.168.1.254#53

Non-authoritative answer:
*** Can't find jpf.go.jp: No answer

jpf.go.jp mail is handled by 20 cluster4a.us.messagelabs.com.
jpf.go.jp mail is handled by 10 cluster4.us.messagelabs.com.
[92m====================================================================================[0m
[91m CHECKING OS FINGERPRINT [0m
[92m====================================================================================[0m

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is jpf.go.jp
[92m====================================================================================[0m
[91m GATHERING WHOIS INFO [0m
[92m====================================================================================[0m
[ JPRS database provides information on network administration. Its use is    ]
[ restricted to network administration purposes. For further information,     ]
[ use 'whois -h whois.jprs.jp help'. To suppress Japanese output, add'/e'     ]
[ at the end of command, e.g. 'whois -h whois.jprs.jp xxx/e'.                 ]

Domain Information:
a. [Domain Name]                JPF.GO.JP
g. [Organization]               The Japan Foundation
l. [Organization Type]          Independent Administrative Institution
m. [Administrative Contact]     SS32126JP
n. [Technical Contact]          SS32126JP
p. [Name Server]                nsk0.secure.ne.jp
p. [Name Server]                nsk1.secure.ne.jp
s. [Signing Key]
[State]                         Connected (2018/06/30)
[Registered Date]               1996/06/12
[Connected Date]                1996/11/25
[Last Update]                   2017/07/01 01:21:07 (JST)

[92m====================================================================================[0m
[91m GATHERING OSINT INFO [0m
[92m====================================================================================[0m

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


Full harvest..
[-] Searching in Google..
	Searching 0 results...
[-] Searching in PGP Key server..
[-] Searching in Bing..
	Searching 50 results...
[-] Searching in Exalead..
	Searching 50 results...


[+] Emails found:
------------------
app-kc@jpf.go.jp
arts@jpf.go.jp
film_tv_and_publication_division@jpf.go.jp
mcjp@jpf.go.jp
oca@jpf.go.jp
pixel-1515439246909107-web-@jpf.go.jp
summer_institute@jpf.go.jp
webmaster@jpf.go.jp

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
111.87.28.180:Momo.jpf.go.jp
153.150.68.139:jli-opac.jpf.go.jp
111.87.28.180:momo.jpf.go.jp
192.230.124.46:www.jpf.go.jp
[+] Virtual hosts:
==================

******************************************************
*     /\/\   ___| |_ __ _  __ _  ___   ___  / _(_) | *
*    /    \ / _ \ __/ _` |/ _` |/ _ \ / _ \| |_| | | *
*   / /\/\ \  __/ || (_| | (_| | (_) | (_) |  _| | | *
*   \/    \/\___|\__\__,_|\__, |\___/ \___/|_| |_|_| *
*                         |___/                      *
* Metagoofil Ver 2.2                                 *
* Christian Martorella                               *
* Edge-Security.com                                  *
* cmartorella_at_edge-security.com                   *
******************************************************

[-] Starting online search...

[-] Searching for doc files, with a limit of 25
	Searching 100 results...
Results: 0 files found
Starting to download 25 of them:
----------------------------------------


[-] Searching for pdf files, with a limit of 25
	Searching 100 results...
Results: 0 files found
Starting to download 25 of them:
----------------------------------------


[-] Searching for xls files, with a limit of 25
	Searching 100 results...
Results: 0 files found
Starting to download 25 of them:
----------------------------------------


[-] Searching for csv files, with a limit of 25
	Searching 100 results...
Results: 0 files found
Starting to download 25 of them:
----------------------------------------


[-] Searching for txt files, with a limit of 25
	Searching 100 results...
Results: 0 files found
Starting to download 25 of them:
----------------------------------------

processing
user
email

[+] List of users found:
--------------------------

[+] List of software found:
-----------------------------

[+] List of paths and servers found:
---------------------------------------

[+] List of e-mails found:
----------------------------
[92m====================================================================================[0m
[91m GATHERING DNS INFO [0m
[92m====================================================================================[0m

; <<>> DiG 9.11.2-5-Debian <<>> -x jpf.go.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3476
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;jp.go.jpf.in-addr.arpa.		IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3599	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017102553 1800 900 604800 3600

;; Query time: 152 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Jan 08 14:20:59 EST 2018
;; MSG SIZE  rcvd: 119

dnsenum VERSION:1.2.4
[1;34m
-----   jpf.go.jp   -----
[0m[1;31m

Host's addresses:
__________________

[0m[1;31m

Name Servers:
______________

[0mnsk0.secure.ne.jp.                       599      IN    A        122.200.212.137
nsk1.secure.ne.jp.                       299      IN    A        122.200.253.229
[1;31m

Mail (MX) Servers:
___________________

[0mcluster4a.us.messagelabs.com.            300      IN    A        216.82.251.230
cluster4.us.messagelabs.com.             900      IN    A        216.82.251.33
cluster4.us.messagelabs.com.             900      IN    A        216.82.242.33
cluster4.us.messagelabs.com.             900      IN    A        216.82.251.34
cluster4.us.messagelabs.com.             900      IN    A        216.82.242.179
[1;31m

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

[0m
Trying Zone Transfer for jpf.go.jp on nsk0.secure.ne.jp ...

Trying Zone Transfer for jpf.go.jp on nsk1.secure.ne.jp ...

brute force file not specified, bay.
[92m====================================================================================[0m
[91m GATHERING DNS SUBDOMAINS [0m
[92m====================================================================================[0m
[91m
                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|[0m[93m

                # Coded By Ahmed Aboul-Ela - @aboul3la

[94m[-] Enumerating subdomains now for jpf.go.jp[0m
[93m[-] verbosity is enabled, will show the subdomains results in realtime[0m
[92m[-] Searching now in Baidu..[0m
[92m[-] Searching now in Yahoo..[0m
[92m[-] Searching now in Google..[0m
[92m[-] Searching now in Bing..[0m
[92m[-] Searching now in Ask..[0m
[92m[-] Searching now in Netcraft..[0m
[92m[-] Searching now in DNSdumpster..[0m
[92m[-] Searching now in Virustotal..[0m
[92m[-] Searching now in ThreatCrowd..[0m
[92m[-] Searching now in SSL Certificates..[0m
[92m[-] Searching now in PassiveDNS..[0m
[91mVirustotal: [0mjlik-opac.jpf.go.jp
[91mVirustotal: [0msoba.jpf.go.jp
[91mVirustotal: [0mjli-opac.jpf.go.jp
[91mVirustotal: [0mlib-opac.jpf.go.jp
[91mVirustotal: [0mmomo.jpf.go.jp
[91mVirustotal: [0mwww.jpf.go.jp
[91mNetcraft: [0mwww.jpf.go.jp
[91mSSL Certificates: [0mjlik-opac.jpf.go.jp
[91mSSL Certificates: [0mjli-opac.jpf.go.jp
[91mSSL Certificates: [0mlib-opac.jpf.go.jp
[91mSSL Certificates: [0mmomo.jpf.go.jp
[91mSSL Certificates: [0mmedaka.jpf.go.jp
[91mSSL Certificates: [0mwww.jpf.go.jp
[91mSSL Certificates: [0mmomiji.jpf.go.jp
[91mSSL Certificates: [0msoba.jpf.go.jp
[91mSSL Certificates: [0mkamasu.jpf.go.jp
[91mThreatCrowd: [0msoba.jpf.go.jp
[91mThreatCrowd: [0mlib-opac.jpf.go.jp
[91mThreatCrowd: [0mjli-opac.jpf.go.jp
[91mThreatCrowd: [0mjlik-opac.jpf.go.jp
[91mThreatCrowd: [0mmomo.jpf.go.jp
[91mThreatCrowd: [0mwww.jpf.go.jp
[91mBing: [0mwww.jpf.go.jp
[91mBing: [0msoba.jpf.go.jp
[91mBing: [0mjli-opac.jpf.go.jp
[91mBing: [0mjlik-opac.jpf.go.jp
[91mYahoo: [0mwww.jpf.go.jp
[91mYahoo: [0mlib-opac.jpf.go.jp
[91mYahoo: [0mjli-opac.jpf.go.jp
[91mYahoo: [0msoba.jpf.go.jp
[91mYahoo: [0mjlik-opac.jpf.go.jp
[91mGoogle: [0mlib-opac.jpf.go.jp
[91mGoogle: [0mjlik-opac.jpf.go.jp
[91mGoogle: [0msoba.jpf.go.jp
[91mGoogle: [0mjli-opac.jpf.go.jp
[93m[-] Saving results to file: [0m[91m/usr/share/sniper/loot/domains/domains-jpf.go.jp.txt[0m
[93m[-] Total Unique Subdomains Found: 9[0m
[92mwww.jpf.go.jp[0m
[92mjli-opac.jpf.go.jp[0m
[92mjlik-opac.jpf.go.jp[0m
[92mkamasu.jpf.go.jp[0m
[92mlib-opac.jpf.go.jp[0m
[92mmedaka.jpf.go.jp[0m
[92mmomiji.jpf.go.jp[0m
[92mmomo.jpf.go.jp[0m
[92msoba.jpf.go.jp[0m

[91m ╔═╗╦═╗╔╦╗╔═╗╦ ╦[0m
[91m ║  ╠╦╝ ║ ╚═╗╠═╣[0m
[91m ╚═╝╩╚═ ╩o╚═╝╩ ╩[0m
[92m====================================================================================[0m
[91m GATHERING CERTIFICATE SUBDOMAINS [0m
[92m====================================================================================[0m
[94m
jlik-opac.jpf.go.jp
jli-opac.jpf.go.jp
*.jpf.go.jp
kamasu.jpf.go.jp
lib-opac.jpf.go.jp
medaka.jpf.go.jp
momiji.jpf.go.jp
momo.jpf.go.jp
soba.jpf.go.jp
www.jpf.go.jp

[91m \______   \_______ __ ___/  |_  ____ \   \/  /[0m
[91m  |    |  _/\_  __ \  |  \   __\/ __ \ \     / [0m
[91m  |    |   \ |  | \/  |  /|  | \  ___/ /     \ [0m
[91m  |______  / |__|  |____/ |__|  \___  >___/\  \ [0m
[91m         \/                         \/      \_/[0m

[91m + -- --=[BruteX v1.7 by 1N3[0m
[91m + -- --=[http://crowdshield.com[0m


######################################################################################################################################
Hostname 	www.mofa.go.jp 	  	ISP 	Unknown
Continent 	Unknown 	  	Flag
CA
Country 	Canada 	  	Country Code 	CA
Region 	Unknown 	  	Local time 	08 Jan 2018 11:03 CST
City 	Unknown 	  	Latitude 	60
IP Address (IPv6) 	2001:56a:2:9::cfe4:533a 	  	Longitude 	-95
#####################################################################################################################################
i] Scanning Site: http://2.16.186.97


B A S I C   I N F O
====================


[+] Site Title:
[+] IP address: 2.16.186.97
[+] Web Server: AkamaiGHost
[+] CMS: Could Not Detect
[+] Cloudflare: Not Detected
[+] Robots File: Could NOT Find robots.txt!


W H O I S   L O O K U P
========================

	% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '2.16.186.0 - 2.16.187.255'

% Abuse contact for '2.16.186.0 - 2.16.187.255' is 'abuse@akamai.com'

inetnum:        2.16.186.0 - 2.16.187.255
netname:        AKAMAI-PA
descr:          Akamai Technologies
country:        EU
admin-c:        NARA1-RIPE
tech-c:         NARA1-RIPE
status:         ASSIGNED PA
mnt-by:         AKAM1-RIPE-MNT
mnt-routes:     AKAM1-RIPE-MNT
created:        2011-07-14T21:43:33Z
last-modified:  2011-08-24T19:31:48Z
source:         RIPE

role:           Network Architecture Role Account
address:        Akamai Technologies
address:        8 Cambridge Center
address:        Cambridge, MA 02142
phone:          +1-617-938-3130
abuse-mailbox:  abuse@akamai.com
admin-c:        NF1714-RIPE
admin-c:        CKAK-RIPE
tech-c:         NF1714-RIPE
tech-c:         JP1944-RIPE
tech-c:         APB15-RIPE
tech-c:         CKAK-RIPE
tech-c:         TBAK-RIPE
tech-c:         NB782-RIPE
tech-c:         RM4844-RIPE
tech-c:         JZ2012-RIPE
nic-hdl:        NARA1-RIPE
mnt-by:         AKAM1-RIPE-MNT
created:        2002-03-06T09:02:17Z
last-modified:  2017-07-12T16:18:37Z
source:         RIPE # Filtered

% Information related to '2.16.186.0/23AS16625'

route:          2.16.186.0/23
descr:          Akamai Technologies
origin:         AS16625
mnt-by:         AKAM1-RIPE-MNT
created:        2017-04-04T16:30:16Z
last-modified:  2017-04-04T16:30:16Z
source:         RIPE

% Information related to '2.16.186.0/23AS20940'

route:          2.16.186.0/23
descr:          Akamai Technologies
origin:         AS20940
mnt-by:         AKAM1-RIPE-MNT
created:        2017-04-04T16:30:16Z
last-modified:  2017-04-04T16:30:16Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.90 (ANGUS)


G E O  I P  L O O K  U P
=========================

[i] IP Address: 2.16.186.97
[i] Country: EU
[i] State: N/A
[i] City: N/A
[i] Latitude: 47.000000
[i] Longitude: 8.000000


H T T P   H E A D E R S
=======================


[i]  HTTP/1.0 400 Bad Request
[i]  Server: AkamaiGHost
[i]  Mime-Version: 1.0
[i]  Content-Type: text/html
[i]  Content-Length: 208
[i]  Expires: Mon, 08 Jan 2018 17:09:25 GMT
[i]  Date: Mon, 08 Jan 2018 17:09:25 GMT
[i]  Connection: close


D N S   L O O K U P
===================

no records found


S U B N E T   C A L C U L A T I O N
====================================

Address       = 2.16.186.97
Network       = 2.16.186.97 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 2.16.186.97 - 2.16.186.97 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2018-01-08 17:09 UTC
Nmap scan report for a2-16-186-97.deploy.akamaitechnologies.com (2.16.186.97)
Host is up (0.094s latency).
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http      AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 14.98 seconds
[!] IP Address : 2.16.186.97
[+] Honeypot Probabilty: 0%
----------------------------------------
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     http          AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/http      AkamaiGHost (Akamais HTTP Acceleration/Mirror service)
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
----------------------------------------
There was an error getting results
RUNNING NSLOOKUP
====================================================================================
97.186.16.2.in-addr.arpa	name = a2-16-186-97.deploy.akamaitechnologies.com.

Authoritative answers can be found from:

97.186.16.2.in-addr.arpa domain name pointer a2-16-186-97.deploy.akamaitechnologies.com.
====================================================================================
 CHECKING OS FINGERPRINT
====================================================================================

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is 2.16.186.97
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 2.16.186.97. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 2.16.186.97. Module test failed
[-] No distance calculation. 2.16.186.97 appears to be dead or no ports known
[+] Host: 2.16.186.97 is up (Guess probability: 50%)
[+] Target: 2.16.186.97 is alive. Round-Trip Time: 0.50357 sec
[+] Selected safe Round-Trip Time value is: 1.00714 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[-] fingerprint:snmp: need UDP port 161 open
[+] Primary guess:
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Other guesses:
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Host 2.16.186.97 Running OS:  (Guess probability: 100%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.

====================================================================================
 PINGING HOST
====================================================================================
PING 2.16.186.97 (2.16.186.97) 56(84) bytes of data.
64 bytes from 2.16.186.97: icmp_seq=1 ttl=50 time=124 ms

--- 2.16.186.97 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 124.696/124.696/124.696/0.000 ms

====================================================================================
 RUNNING TCP PORT SCAN
====================================================================================

Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-08 12:16 EST
Nmap scan report for a2-16-186-97.deploy.akamaitechnologies.com (2.16.186.97)
Host is up (0.12s latency).
Not shown: 470 filtered ports, 1 closed port
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 5.91 seconds

====================================================================================
 RUNNING INTRUSIVE SCANS
====================================================================================
 + -- --=[Port 21 closed... skipping.
 + -- --=[Port 22 closed... skipping.
 + -- --=[Port 23 closed... skipping.
 + -- --=[Port 25 closed... skipping.
 + -- --=[Port 53 closed... skipping.
 + -- --=[Port 79 closed... skipping.
 + -- --=[Port 80 opened... running tests...
====================================================================================
 CHECKING FOR WAF
====================================================================================

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://2.16.186.97
The site http://2.16.186.97 is behind a Imperva SecureSphere
Number of requests: 9

====================================================================================
 GATHERING HTTP INFO
====================================================================================
http://2.16.186.97 [400 Bad Request] Akamai-Global-Host, Country[EUROPEAN UNION][EU], HTTPServer[AkamaiGHost], IP[2.16.186.97], Title[Invalid URL]

	__  ______ _____
	\ \/ / ___|_   _|
	 \  /\___ \ | |
	 /  \ ___) || |
	/_/\_|____/ |_|

+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
+ -- --=[Target: 2.16.186.97:80
+ -- --=[Site not vulnerable to Cross-Site Tracing!
+ -- --=[Site not vulnerable to Host Header Injection!
+ -- --=[Site vulnerable to Cross-Frame Scripting!
+ -- --=[Site vulnerable to Clickjacking!

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Mon, 08 Jan 2018 17:16:19 GMT
Date: Mon, 08 Jan 2018 17:16:19 GMT
Connection: close

<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431779&#46;abd0faa
</BODY></HTML>

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 208
Expires: Mon, 08 Jan 2018 17:16:20 GMT
Date: Mon, 08 Jan 2018 17:16:20 GMT
Connection: close

<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431780&#46;abd1040
</BODY></HTML>


====================================================================================
 CHECKING HTTP HEADERS
====================================================================================
+ -- --=[Checking if X-Content options are enabled on 2.16.186.97...

+ -- --=[Checking if X-Frame options are enabled on 2.16.186.97...

+ -- --=[Checking if X-XSS-Protection header is enabled on 2.16.186.97...

+ -- --=[Checking HTTP methods on 2.16.186.97...

+ -- --=[Checking if TRACE method is enabled on 2.16.186.97...

+ -- --=[Checking for META tags on 2.16.186.97...

+ -- --=[Checking for open proxy on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431782&#46;abd11e4
</BODY></HTML>

+ -- --=[Enumerating software on 2.16.186.97...
Server: AkamaiGHost

+ -- --=[Checking if Strict-Transport-Security is enabled on 2.16.186.97...

+ -- --=[Checking for Flash cross-domain policy on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431782&#46;abd1287
</BODY></HTML>

+ -- --=[Checking for Silverlight cross-domain policy on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431783&#46;abd12d1
</BODY></HTML>

+ -- --=[Checking for HTML5 cross-origin resource sharing on 2.16.186.97...

+ -- --=[Retrieving robots.txt on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;robots&#46;txt", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431783&#46;abd1347
</BODY></HTML>

+ -- --=[Retrieving sitemap.xml on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431783&#46;abd138b
</BODY></HTML>

+ -- --=[Checking cookie attributes on 2.16.186.97...

+ -- --=[Checking for ASP.NET Detailed Errors on 2.16.186.97...


====================================================================================
 SAVING SCREENSHOTS
====================================================================================
[+] Screenshot saved to /usr/share/sniper/loot/screenshots/2.16.186.97-port80.jpg
libpng warning: iCCP: known incorrect sRGB profile
libpng warning: iCCP: known incorrect sRGB profile
 + -- --=[Port 110 closed... skipping.
 + -- --=[Port 111 closed... skipping.
 + -- --=[Port 135 closed... skipping.
 + -- --=[Port 139 closed... skipping.
 + -- --=[Port 161 closed... skipping.
 + -- --=[Port 162 closed... skipping.
 + -- --=[Port 389 closed... skipping.
 + -- --=[Port 443 opened... running tests...
====================================================================================
 CHECKING FOR WAF
====================================================================================

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://2.16.186.97
Traceback (most recent call last):
  File "/usr/bin/wafw00f", line 8, in <module>
    main()
  File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 808, in main
    if attacker.normalrequest() is None:
  File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 96, in normalrequest
    return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
  File "/usr/lib/python2.7/dist-packages/wafw00f/lib/evillib.py", line 323, in request
    h.request(method, path, headers=headers)
  File "/usr/lib/python2.7/httplib.py", line 1042, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1082, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1038, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 882, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 844, in send
    self.connect()
  File "/usr/lib/python2.7/httplib.py", line 1263, in connect
    server_hostname=server_hostname)
  File "/usr/lib/python2.7/ssl.py", line 369, in wrap_socket
    _context=self)
  File "/usr/lib/python2.7/ssl.py", line 617, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 854, in do_handshake
    match_hostname(self.getpeercert(), self.server_hostname)
  File "/usr/lib/python2.7/ssl.py", line 288, in match_hostname
    % (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname '2.16.186.97' doesn't match either of '*.akamaihd-staging.net', '*.akamaihd.net', '*.akamaized.net', '*.akamaized-staging.net', 'a248.e.akamai.net'

====================================================================================
 GATHERING HTTP INFO
====================================================================================
https://2.16.186.97 [400 Bad Request] Akamai-Global-Host, Country[EUROPEAN UNION][EU], HTTPServer[AkamaiGHost], IP[2.16.186.97], Title[Invalid URL]

====================================================================================
 GATHERING SSL/TLS INFO
====================================================================================


 AVAILABLE PLUGINS
 -----------------

  PluginHSTS
  PluginOpenSSLCipherSuites
  PluginCertInfo
  PluginSessionRenegotiation
  PluginCompression
  PluginChromeSha1Deprecation
  PluginSessionResumption
  PluginHeartbleed


 CHECKING HOST(S) AVAILABILITY
 -----------------------------

   2.16.186.97:443                     => 2.16.186.97:443


 SCAN RESULTS FOR 2.16.186.97:443 - 2.16.186.97:443
 --------------------------------------------------

  * Deflate Compression:
      OK - Compression disabled

  * Session Renegotiation:
      Client-initiated Renegotiations:   OK - Rejected
      Secure Renegotiation:              VULNERABLE - Secure renegotiation not supported

  * Certificate - Content:
      SHA1 Fingerprint:                  0e0dc04bd87b542328a9d6d3fe3d31fde4e4c76e
      Common Name:                       a248.e.akamai.net
      Issuer:                            Symantec Class 3 Secure Server CA - G4
      Serial Number:                     21C0AE35B8240503E5A5894F40D5BFEB
      Not Before:                        Mar  7 00:00:00 2017 GMT
      Not After:                         May  6 23:59:59 2018 GMT
      Signature Algorithm:               sha256WithRSAEncryption
      Public Key Algorithm:              rsaEncryption
      Key Size:                          2048 bit
      Exponent:                          65537 (0x10001)
      X509v3 Subject Alternative Name:   {'DNS': ['*.akamaihd.net', '*.akamaized.net', '*.akamaized-staging.net', '*.akamaihd-staging.net', 'a248.e.akamai.net']}

  * Certificate - Trust:
      Hostname Validation:               FAILED - Certificate does NOT match 2.16.186.97
      Google CA Store (09/2015):         OK - Certificate is trusted
      Java 6 CA Store (Update 65):       OK - Certificate is trusted
      Microsoft CA Store (09/2015):      OK - Certificate is trusted
      Mozilla NSS CA Store (09/2015):    OK - Certificate is trusted
      Apple CA Store (OS X 10.10.5):     OK - Certificate is trusted
      Certificate Chain Received:        ['a248.e.akamai.net', 'Symantec Class 3 Secure Server CA - G4', 'VeriSign Class 3 Public Primary Certification Authority - G5']

  * Certificate - OCSP Stapling:
      OCSP Response Status:              successful
      Validation w/ Mozilla's CA Store:  OK - Response is trusted
      Responder Id:                      0B5E5A4B922211161BFF0E087EC9F5D1A36D4DBC
      Cert Status:                       good
      Cert Serial Number:                21C0AE35B8240503E5A5894F40D5BFEB
      This Update:                       Jan  5 02:40:02 2018 GMT
      Next Update:                       Jan 12 02:40:02 2018 GMT

  * Session Resumption:
      With Session IDs:                  OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
      With TLS Session Tickets:          OK - Supported

  * SSLV2 Cipher Suites:
      Server rejected all cipher suites.

  * SSLV3 Cipher Suites:
      Server rejected all cipher suites.


 SCAN COMPLETED IN 2.33 S
 ------------------------
Version: 1.11.10-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)

Testing SSL server 2.16.186.97 on port 443 using SNI name 2.16.186.97

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-ECDSA-AES256-SHA384     Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-ECDSA-AES128-SHA256     Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384
Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256
Accepted  TLSv1.2  256 bits  AES256-SHA256
Accepted  TLSv1.2  128 bits  AES128-SHA256
Accepted  TLSv1.2  128 bits  AES128-SHA
Accepted  TLSv1.2  112 bits  DES-CBC3-SHA
Preferred TLSv1.1  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  128 bits  AES128-SHA
Accepted  TLSv1.1  112 bits  DES-CBC3-SHA
Preferred TLSv1.0  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.0  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.0  128 bits  AES128-SHA
Accepted  TLSv1.0  112 bits  DES-CBC3-SHA

  SSL Certificate:
Signature Algorithm: ecdsa-with-SHA256
Subject:  a248.e.akamai.net
Altnames: DNS:*.akamaihd-staging.net, DNS:*.akamaihd.net, DNS:*.akamaized.net, DNS:*.akamaized-staging.net, DNS:a248.e.akamai.net
Issuer:   Symantec Class 3 ECC 256 bit SSL CA - G2

+ -- --=[MÄŚŚBĻËËĐ V20160303 BŸ 1Ņ3 @ ĊŖÖŴĐŚȞÏËĻĐ - https://crowdshield.com
+ -- --=[Checking for DROWN (SSLv2): 2.16.186.97:443
+ -- --=[Checking for HeartBleed: 2.16.186.97:443
+ -- --=[Checking for OpenSSL CCS: 2.16.186.97:443
+ -- --=[Checking for Poodle (SSLv3): 2.16.186.97:443
+ -- --=[Checking for WinShock (MS14-066): 2.16.186.97:443
Testing if OpenSSL supports the ciphers we are checking for: YES

Testing 2.16.186.97:443 for availability of SSL ciphers added in MS14-066...
Testing cipher DHE-RSA-AES256-GCM-SHA384: UNSUPPORTED
Testing cipher DHE-RSA-AES128-GCM-SHA256: UNSUPPORTED
Testing cipher AES256-GCM-SHA384: SUPPORTED
Testing cipher AES128-GCM-SHA256: SUPPORTED
Testing if IIS is running on port 443: NO
Checking if target system is running Windows Server 2012 or later...
Testing cipher ECDHE-RSA-AES256-SHA384: SUPPORTED
2.16.186.97:443 is patched: UNKNOWN: Windows Server 2012 or later detected.
+ -- --=[Scan Complete!
====================================================================================
 CHECKING HTTP HEADERS
====================================================================================
+ -- --=[Checking if X-Content options are enabled on 2.16.186.97...

+ -- --=[Checking if X-Frame options are enabled on 2.16.186.97...

+ -- --=[Checking if X-XSS-Protection header is enabled on 2.16.186.97...

+ -- --=[Checking HTTP methods on 2.16.186.97...

+ -- --=[Checking if TRACE method is enabled on 2.16.186.97...

+ -- --=[Checking for META tags on 2.16.186.97...

+ -- --=[Checking for open proxy on 2.16.186.97...

+ -- --=[Enumerating software on 2.16.186.97...
Server: AkamaiGHost

+ -- --=[Checking if Strict-Transport-Security is enabled on 2.16.186.97...

+ -- --=[Checking for Flash cross-domain policy on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431819&#46;abd37b2
</BODY></HTML>

+ -- --=[Checking for Silverlight cross-domain policy on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431820&#46;abd383b
</BODY></HTML>

+ -- --=[Checking for HTML5 cross-origin resource sharing on 2.16.186.97...

+ -- --=[Retrieving robots.txt on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;robots&#46;txt", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431821&#46;abd3995
</BODY></HTML>

+ -- --=[Retrieving sitemap.xml on 2.16.186.97...
<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;5dba1002&#46;1515431821&#46;abd3a31
</BODY></HTML>

+ -- --=[Checking cookie attributes on 2.16.186.97...

+ -- --=[Checking for ASP.NET Detailed Errors on 2.16.186.97...
 RUNNING BRUTE FORCE
====================================================================================
 __________                __         ____  ___
 \______   \_______ __ ___/  |_  ____ \   \/  /
  |    |  _/\_  __ \  |  \   __\/ __ \ \     /
  |    |   \ |  | \/  |  /|  | \  ___/ /     \
  |______  / |__|  |____/ |__|  \___  >___/\  \
         \/                         \/      \_/

 + -- --=[BruteX v1.7 by 1N3
 + -- --=[http://crowdshield.com


################################### Running Port Scan ##############################

Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-08 12:18 EST
Nmap scan report for a2-16-186-97.deploy.akamaitechnologies.com (2.16.186.97)
Host is up (0.12s latency).
Not shown: 23 filtered ports, 1 closed port
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 2.61 seconds

################################### Running Brute Force ############################

 + -- --=[Port 21 closed... skipping.
 + -- --=[Port 22 closed... skipping.
 + -- --=[Port 23 closed... skipping.
 + -- --=[Port 25 closed... skipping.
 + -- --=[Port 80 opened... running tests...
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-08 12:18:36
[DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
[DATA] attacking http-get://2.16.186.97:80//
[STATUS] 136.00 tries/min, 136 tries in 00:01h, 1360 to do in 00:11h, 1 active
[STATUS] 137.33 tries/min, 412 tries in 00:03h, 1084 to do in 00:08h, 1 active
[STATUS] 137.00 tries/min, 959 tries in 00:07h, 537 to do in 00:04h, 1 active
1 of 1 target completed, 0 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-08 12:29:32
 + -- --=[Port 110 closed... skipping.
 + -- --=[Port 139 closed... skipping.
 + -- --=[Port 162 closed... skipping.
 + -- --=[Port 389 closed... skipping.
 + -- --=[Port 443 opened... running tests...
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2018-01-08 12:29:32
[DATA] max 1 task per 1 server, overall 1 task, 1496 login tries (l:34/p:44), ~1496 tries per task
[DATA] attacking http-gets://2.16.186.97:443//
[STATUS] 88.00 tries/min, 88 tries in 00:01h, 1408 to do in 00:17h, 1 active
[STATUS] 89.00 tries/min, 267 tries in 00:03h, 1229 to do in 00:14h, 1 active
[STATUS] 88.43 tries/min, 619 tries in 00:07h, 877 to do in 00:10h, 1 active
[STATUS] 88.50 tries/min, 1062 tries in 00:12h, 434 to do in 00:05h, 1 active
1 of 1 target completed, 0 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2018-01-08 12:46:27
#######################################################################################################################################
no records found