##### WHOIS KONTROLÜ #####
whois coines.com
Domain Name: COINES.COM
Registry Domain ID: 2020311147_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL:
http://www.godaddy.com Updated Date: 2017-12-27T18:39:51Z
Creation Date: 2016-04-09T18:34:15Z
Registry Expiry Date: 2027-04-09T18:34:15Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email:
[email protected] Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited
https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited
https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited
https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited
https://icann.org/epp#clientUpdateProhibited Name Server: CAROL.NS.CLOUDFLARE.COM
Name Server: JASON.NS.CLOUDFLARE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:
https://www.icann.org/wicf/The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: coines.com
Registry Domain ID: 2020311147_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL:
http://www.godaddy.comUpdated Date: 2017-12-21T21:35:23Z
Creation Date: 2016-04-09T18:34:15Z
Registrar Registration Expiration Date: 2027-04-09T18:34:15Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email:
[email protected]Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited
http://www.icann.org/epp#clientTransferProhibitedDomain Status: clientUpdateProhibited
http://www.icann.org/epp#clientUpdateProhibitedDomain Status: clientRenewProhibited
http://www.icann.org/epp#clientRenewProhibitedDomain Status: clientDeleteProhibited
http://www.icann.org/epp#clientDeleteProhibitedRegistry Registrant ID: Not Available From Registry
Registrant Name: ******** ******** (see Notes section below on how to view unmasked data)
Registrant Organization:
Registrant Street: Kucukbakkalkoy Mah. Dudullu Cad.
Registrant Street: Brandium Avm Rezidans R4 Blok / 75
Registrant City: ISTANBUL
Registrant State/Province: ATASEHIR
Registrant Postal Code: 34775
Registrant Country: TR
Registrant Phone: +**.***********
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: ********@*****.***
Registry Admin ID: Not Available From Registry
Admin Name: ******** ******** (see Notes section below on how to view unmasked data)
Admin Organization:
Admin Street: Kucukbakkalkoy Mah. Dudullu Cad.
Admin Street: Brandium Avm Rezidans R4 Blok / 75
Admin City: ISTANBUL
Admin State/Province: ATASEHIR
Admin Postal Code: 34775
Admin Country: TR
Admin Phone: +**.***********
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: ********@*****.***
Registry Tech ID: Not Available From Registry
Tech Name: ******** ******** (see Notes section below on how to view unmasked data)
Tech Organization:
Tech Street: Kucukbakkalkoy Mah. Dudullu Cad.
Tech Street: Brandium Avm Rezidans R4 Blok / 75
Tech City: ISTANBUL
Tech State/Province: ATASEHIR
Tech Postal Code: 34775
Tech Country: TR
Tech Phone: +**.***********
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: ********@*****.***
Name Server: CAROL.NS.CLOUDFLARE.COM
Name Server: JASON.NS.CLOUDFLARE.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System:
http://wdprs.internic.net/>>> Last update of WHOIS database: 2018-05-19T16:00:00Z <<<
whois coines.com.tr
** Registrant:
COINES YAZILIM VE TİCARET A.S.
Kucukbakkalkoy Mahallesi Dudullu Cad. Brandium AVM
Rezidans No:23 25 R4 Blok Daire: 75
İstanbul,
Türkiye
[email protected] + 90-850-3050346
+
** Registrar:
NIC Handle : ntb8-metu
Organization Name : Niobe Telekomomünikasyon Bil. Tek. Yaz. San. Tic. Ltd. Şti.
Address : Kazım Dirik Mh. Üniversite Cad.
No 166/75 Meva Plaza Bornova
İzmir,
Türkiye
Phone : + 90-232-4441566
Fax : +
** Domain Servers:
carol.ns.cloudflare.com
jason.ns.cloudflare.com
** Additional Info:
Created on..............: 2017-Dec-01.
Expires on..............: 2022-Nov-29.
##### SSL SERTİFİKASI KONTROLÜ #####Kullanılan sertifika :COMODO ECC Domain Validation Secure Server CA 2
Standart domain validation sertifikası, yeşilbar yok.##### HOSTING ALTYAPISI KONTROLÜ #####host -t mx coines.com
coines.com mail is handled by 0 mail.coines.com.
host mail.coines.com
mail.coines.com has address 185.22.187.149
whois 185.22.187.149
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See
http://www.ripe.net/db/support/db-terms-conditions.pdf% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '185.22.184.0 - 185.22.187.255'
% Abuse contact for '185.22.184.0 - 185.22.187.255' is '
[email protected]'
inetnum: 185.22.184.0 - 185.22.187.255
netname: TR-CIZGI-20130402
country: TR
org: ORG-CBSS1-RIPE
admin-c: CAC973-RIPE
tech-c: CTC973-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: CIZGI-MNT
mnt-domains: CIZGI-MNT
mnt-routes: CIZGI-MNT
created: 2013-04-02T15:37:44Z
last-modified: 2016-09-30T10:51:25Z
source: RIPE # Filtered
organisation: ORG-CBSS1-RIPE
org-name: CIZGI TELEKOMUNIKASYON ANONIM SIRKETI
org-type: LIR
address: Gulbahar Mah. Elif Sok. No:4 Kat:1 SISLI
address: 34394
address: ISTANBUL
address: TURKEY
phone: +902122131213
fax-no: +902123564407
admin-c: HC973-RIPE
admin-c: CTBG2-RIPE
admin-c: NTR976-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: CIZGI-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: CIZGI-MNT
abuse-c: CTA12-RIPE
created: 2005-02-23T10:03:43Z
last-modified: 2017-10-30T14:43:17Z
source: RIPE # Filtered
person: Administrative Contact
address: Cizgi Telekom A.S.
address: Esentepe Mah. Salihtozan Cad. Elif Sk. No4 K.2
address: 34390 Mecidiyekoy
address: Istanbul - Turkey
phone: +90 212 213 1214
fax-no: +90 212 356 4407
nic-hdl: CAC973-RIPE
mnt-by: CIZGI-MNT
created: 2010-05-05T09:03:01Z
last-modified: 2014-04-16T08:43:54Z
source: RIPE # Filtered
person: Technical Contact
address: Cizgi Telekomun A.S.
address: Esentepe Mah. Salihtozan Cad. Elif Sk. No4 K.3
address: 34390 Mecidiyekoy
address: Istanbul - Turkey
phone: +90 212 213 1213
fax-no: +90 212 356 4407
nic-hdl: CTC973-RIPE
mnt-by: CIZGI-MNT
created: 2010-05-05T09:03:40Z
last-modified: 2014-04-16T08:44:36Z
source: RIPE # Filtered
% Information related to '185.22.187.0/24AS34619'
route: 185.22.187.0/24
descr: Cizgi Telekom
origin: AS34619
mnt-by: CIZGI-MNT
created: 2013-04-03T13:38:15Z
last-modified: 2013-04-03T13:38:15Z
source: RIPE
posta sunucu hizmeti için Cizgi Telekom / Natro dan hizmet alınmış.telnet 185.22.187.149 110
Trying 185.22.187.149...
Connected to 185.22.187.149.
Escape character is '^]'.
+OK Dovecot ready.
quit
+OK Logging out
Connection closed by foreign host.
pop sunucu olarak dovecot kurulu imiş.telnet 185.22.187.149 587
Trying 185.22.187.149...
Connected to 185.22.187.149.
Escape character is '^]'.
220-server.coines.com ESMTP Exim 4.91 #1 Sat, 19 May 2018 20:48:37 +0300
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
quit
221 server.coines.com closing connection
Connection closed by foreign host.
MTA olarak exim kurulutelnet 185.22.187.149 22
Trying 185.22.187.149...
Connected to 185.22.187.149.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3
^]
telnet> q
Connection closed.
ahahaha SSH portu dışarı açık telnet 185.22.187.149 2083
Trying 185.22.187.149...
Connected to 185.22.187.149.
Escape character is '^]'.
^]
telnet> q
Connection closed.
bu bize sistemde cpanel olduğunu söylüyor.
https://www.coines.com:2083/ adresine bağlanıldığında cpanel login ekranı görülebilirtelnet 185.22.187.149 80
Trying 185.22.187.149...
Connected to 185.22.187.149.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 19 May 2018 17:49:42 GMT
Server: Apache
Last-Modified: Fri, 05 May 2017 15:02:06 GMT
Accept-Ranges: bytes
Content-Length: 111
Connection: close
Content-Type: text/html
Connection closed by foreign host.
web sunucu apache imiş.
netekim 185.22.187.149 IP sini /etc/hosts veya C:\windows\system32\drivers\etc\hosts a yazıp www.coines.com a bağlandığımızda sertifika mail.coines.com için olsada yayındaki sitenin www.coines.com olduğunu gördük. Bu şu demek. web sitesi aynı sunucu üzerinde ama cloudflare den dolaşıp gelinen aynı yer.
yani az bilgili bir saldırgan cloudflare i bypass ederek sunucuya erişebilir.
Açık olan servis portları
Açık olan servis portları :22 TCP SSH SSH servisi25 TCP SMTP Outgoing email
80 TCP HTTP Web server
110 TCP POP3 Incoming email
143 TCP IMAP4 Incoming email
443 TCP HTTPS Web server SSL
465 TCP SMTP Outgoing email SSL/TLS
993 TCP IMAP4 Incoming email SSL
995 TCP POP3 Incoming email SSL
2077 TCP WebDAV Distributed authoring
2078 TCP WebDAV Distributed authoring SSL
2083 TCP CPanel control panel SSL
2087 TCP WHM WHM control panel SSL
2095 TCP Webmail Web based email
2096 TCP Webmail Web based email SSL
Bir exchange servisinin hosting altyapısı bu kadar ulaşılabilir olmamalıdır.
hangi hosting sağlayıcıdan hizmet aldığınız kullandığınız servis yazılımları herşeyiniz ortada.
Misal DDOS yapmak isteyen bir saldıran gayet cloudflare i bypass edip direk sunucunuza saldırabilir. Her ne kadar Türkiyenin sayılı veri merkezlerinden birinden hizmet alıyorsunuz hemen gerekli tedbirleri alırlar ama ne gerek var bu kadar ortada olmaya.#### WEB PERFORMANS KONTROLÜ #####gzip sıkıştırma aktif.##### ELEKTRONİK POSTA ALTYAPISI KONTROLÜ #####tek bir IP adresinden yayın yapıyorsunuz. Sizin müşterileriniz ile e-posta iletişimizi sabote etmek isteyen her hangi biri,
185.22.187.149 IP adresini spam kaynağı olarak bir kaç kara listeye bildirse. günlerce o kara listelerden çıkmak için uğraşırsınız, gönderdiğiniz mailler spam'a düşer hatta kafadan reddedilir.
bir diğer durumda sunucunun ters DNS kaydı yanlış.host 185.22.187.149
149.187.22.185.in-addr.arpa domain name pointer 185-22-187-149.cizgi.net.tr.187.22.185.in-addr.arpa.
Sunucu adı ters dns (PTR) kaydı örtüşmediği için gönderilen mailler spam a düşebilir.##### TİCARET SİCİL KONTROLLERİ #####Klasik tek ortaklı A.Ş.
Şirket kurucusu tek ortağı mesul müdürü herşeysi : Dinayet Akdaş##### ADRES KONTROLÜ #####google siteview dataları eski olduğu için adres kontrolü yapılmamıştır.##### ŞİRKET ORTAKLARI HAKKINDA BULUNAN BİLGİLER #####Dinayet Akdaş ile ilgili olarak internet de pek birşey yok.
ama bulduğumuz bir ilan baya bir kafa karıştırıcı oldu. Sanırız ki şirketi satıyorlar.
Sahibinden ilan linki :
https://www.sahibinden.com/ilan/ikinci-el-ve-sifir-alisveris-diger-her-sey-satilik-sirket-satilik-2017-kuruslu-anonim-sirketi-568093293/detay
Satılık 2017 Kuruşlu Anonim Şirketi
Açıklama
Bilişim şirketidir. Beraberinde şirkete özel yazılmış yazılımda verilecektir. Hali hazırda 4000 den fazla kayıtlı potansiyel müşterisi vardır. Biraz reklam verilerek kazancı çok iyi durumlara gelebilir.