How to find port IP website !!

[Misteriozi]

how do i find the ip port of the website, i have the IP of the server but i can not find the IP port !!
Is there a quick way to find it ??

[anode]

Maybe?

ping -c 1 webstite.com

If you want all the open ports

nmap -p- webstie.com

(will only do TCP ports  I think -sU does the UDP)

Do keep in mind that many websites may 'share' the same IP address on shared hosting. 

Edited February 25, 2019 by anode

[icarus255]

If you go into your browser's developer options (F12 on firefox) and hit the network tab then you will see what IP addresses the different pages and components are being requested from.

You can also append -sV to your nmap scans get some info on the open ports/services.i.e.

nmap -p 1-65535 -sV -sS -T4 website.com

If you want to be anonymous you should be port scanning through tor and proxy chains:

https://www.shellhacks.com/anonymous-port-scanning-nmap-tor-proxychains/

 

[Misteriozi]

13 hours ago, anode said:

Maybe?

ping -c 1 webstite.com

If you want all the open ports

nmap -p- webstie.com

(will only do TCP ports  I think -sU does the UDP)

Do keep in mind that many websites may 'share' the same IP address on shared hosting. 

can you find the port of this IP, please !!

IP  website : 192.99.0.33

5 hours ago, icarus255 said:

If you go into your browser's developer options (F12 on firefox) and hit the network tab then you will see what IP addresses the different pages and components are being requested from.

You can also append -sV to your nmap scans get some info on the open ports/services.i.e.

nmap -p 1-65535 -sV -sS -T4 website.com

If you want to be anonymous you should be port scanning through tor and proxy chains:

https://www.shellhacks.com/anonymous-port-scanning-nmap-tor-proxychains/

 

can you find the port of this IP, please !!

IP  website : 192.99.0.33

[icarus255]

You can literally copy and paste this into terminal and you will get what you're after:

sudo nmap -Pn -v -p 1-65535 -sV -sS -T4 192.99.0.33

[Misteriozi]

8 hours ago, icarus255 said:

You can literally copy and paste this into terminal and you will get what you're after:

sudo nmap -Pn -v -p 1-65535 -sV -sS -T4 192.99.0.33

Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-26 17:13 Mitteleuropäische Zeit
NSE: Loaded 43 scripts for scanning.
Read data files from: C:\Program Files (x86)\Nmap
Nmap done: 0 IP addresses (0 hosts up) scanned in 3.42 seconds
           Raw packets sent: 0 (0B) | Rcvd: 0 (0B)
Failed to resolve "nmap".
Failed to resolve "192.99.0.33".
WARNING: No targets were specified, so 0 hosts scanned

[icarus255]

Ah you're using Windows nmap. I've never used it so I can't comment but look it looks like you're using it incorrectly. It shouldn't be trying to resolve "nmap" or "192.99.0.33". It should just be trying to resolve "192.99.0.33"

Anyway you can do a port scan online:

https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap

Just use the "light" scan because it's free and paste the ip address into the text box. That gave me similar results to doing a full scan with my nmap anyway. I would post the results here but I'm sure that would be against some sort of policy.

What's so important about this server anyway? There's not even a webpage on there. Is this some CTF or personal challenge?

[Misteriozi]

6 hours ago, icarus255 said:

Ah you're using Windows nmap. I've never used it so I can't comment but look it looks like you're using it incorrectly. It shouldn't be trying to resolve "nmap" or "192.99.0.33". It should just be trying to resolve "192.99.0.33"

Anyway you can do a port scan online:

https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap

Just use the "light" scan because it's free and paste the ip address into the text box. That gave me similar results to doing a full scan with my nmap anyway. I would post the results here but I'm sure that would be against some sort of policy.

What's so important about this server anyway? There's not even a webpage on there. Is this some CTF or personal challenge?

This web site with these IPs is copying my website, and as a result of this I'm losing my income .. 

 

[Dice]

2 hours ago, Misteriozi said:

This web site with these IPs is copying my website, and as a result of this I'm losing my income .. 

Would be easier if you have stated that in the first place other than asking how to scan a server

 

[anode]

Since just a basic browse shows a blank page, how are you losing income?

Looks pretty standard: web, mail, and dns

Not shown: 65525 filtered ports
PORT     STATE  SERVICE
53/tcp   open   domain
80/tcp   open   http
110/tcp  open   pop3
143/tcp  open   imap
443/tcp  closed https
465/tcp  open   smtps
587/tcp  open   submission
993/tcp  open   imaps
995/tcp  open   pop3s
8000/tcp closed http-alt

[icarus255]

And:

5222/tcp open xmpp-client?

But I am not sure what you are going to be doing with these open ports. Just because they are open doesn't mean they vulnerable but anyway keep us posted with this journey. I hope you get your income back, bro 😉

[anode]

7 minutes ago, icarus255 said:

And:

5222/tcp open xmpp-client?

But I am not sure what you are going to be doing with these open ports. Just because they are open doesn't mean they vulnerable but anyway keep us posted with this journey. I hope you get your income back, bro 😉

I think xmpp recently had a long running vuln discovered.  (If that is what is actually running on 5222)

Edited February 27, 2019 by anode

[Dice]

[icarus255]

10 minutes ago, anode said:

I think xmpp recently had a long running vuln discovered.

And port 21 is open as well.

You can connect to a lot of these ports but the server won't accept input so I'm not really sure if it's configured like that or if this all just some bs...

[icarus255]

Just now, Dice said:

Yep, my thoughts exactly 😂

[Dice]

5 minutes ago, icarus255 said:

Yep, my thoughts exactly 😂

Or something who wants to see who is gullible enough to scan his puter from their homes / offices

[icarus255]

4 minutes ago, Dice said:

Or something who wants to see who is gullible enough to scan his puter from their homes / offices

Ah please, I scan from my home all day, every day. If he can hack my computer from a scan, I'll give him 10 points. I'll even leave the pc running a little while longer. It's no different to him just picking a random IP address and giving it a go.

[Dice]

3 minutes ago, icarus255 said:

Ah please, I scan from my home all day, every day. If he can hack my computer from a scan, I'll give him 10 points. I'll even leave the pc running a little while longer. It's no different to him just picking a random IP address and giving it a go.

 

[anode]

5 minutes ago, icarus255 said:

Ah please, I scan from my home all day, every day. If he can hack my computer from a scan, I'll give him 10 points. I'll even leave the pc running a little while longer. It's no different to him just picking a random IP address and giving it a go.

And asking security focused people.

[Misteriozi]

2 hours ago, icarus255 said:

And:

5222/tcp open xmpp-client?

But I am not sure what you are going to be doing with these open ports. Just because they are open doesn't mean they vulnerable but anyway keep us posted with this journey. I hope you get your income back, bro 😉

It is not even this port, I once broke the server, had another IP its 5000 was the gate, but now it has passed these IPs and the main port I can not find.

[anode]

Either English is far from your first language or you are totally clueless on basic networking/TCP stack.

 

(I'm thinking a little from column A ,a little from column b......)

[Dice]

Still want to know which income to generate with an empty server ... Would start some easily

 

[Misteriozi]

Any other help please?

[Bigbiz]

IP Address: 192.99.0.33

Name: OVH-ARIN-7

Handle: NET-192-99-0-0-1

Registration Date: 6/17/13

Range: 192.99.0.0-192.99.255.255

Org: OVH Hosting, Inc.

Org Handle: HO-2

Address: 800-1801 McGill College

City: Montreal

State/Province: QC

Postal Code: H3A 2N4

Country: Canada

 

Does this sound right to you @Misteriozi

 

Sounds like a government website. You gonna go to jail if you fool around. Srry all the help you get from me.

 

 

[Misteriozi]

On 3/3/2019 at 12:13 PM, Bigbiz said:

IP Address: 192.99.0.33

Name: OVH-ARIN-7

Handle: NET-192-99-0-0-1

Registration Date: 6/17/13

Range: 192.99.0.0-192.99.255.255

Org: OVH Hosting, Inc.

Org Handle: HO-2

Address: 800-1801 McGill College

City: Montreal

State/Province: QC

Postal Code: H3A 2N4

Country: Canada

 

Does this sound right to you @Misteriozi

 

Sounds like a government website. You gonna go to jail if you fool around. Srry all the help you get from me.

 

 

It's not a governmental website, but this site https://filma247.com is copying everything from my website, it's losing my income.