ProjectTask1

Perform foot printing on micro soft website and gather information about
website by using online websites ( whois /net craft /shodan /dns dumpster ,) as
much as possible and a report on gathered information along with screenshot?
Basically foot printing is two types active and passive and here I was going to perform passive foot
printing i.e., collecting information of target without knowledge of target

TARGET : WWW.Microsoft.com

STEP1 : by using command prompt

>by using command nslookup – we can know name and IP address

>by using command tracert – we can get to know intermediate servers

STEP2: ONLINE RESOURCES

1. WHOIS
By using whois.domaintools.com [https://whois.domaintools.com]
REGISTER:

Registrar Mark Monitor, Inc. Mark Monitor Inc. IANA ID: 292
URL: http://www.markmonitor.com Whois Server: whois.markmonitor.com

Registrar Status
Client Delete Prohibited, client Transfer Prohibited, client Update Prohibited, server Delete Prohibited,
server Transfer Prohibited, server Update Prohibited

DATES:

12,097 days old Created on 1991-05-02

Expires on 2025-05-03 Updated on 2023-08-18

NAME SERVERS

NS1-39.AZURE-DNS.COM (has 507,798 domains) NS2-39.AZURE-DNS.NET (has 266

domains)

NS3-39.AZURE-DNS.ORG (has 162 domains) NS4-39.AZURE-DNS.INFO (has 59

domains)

IP Address -23.216.81.152 - 15 other sites hosted on this server

IP Location - Washington - Seattle - Akamai Technologies Inc.

ASN: AS16625 AKAMAI-AS, US (registered May 30, 2000

IP HISORY : 607 changes on 607 unique IP addresses over 20 years

Registrar History - 4 registrars with 2 drops

Hosting History - 3changes on 4 unique name servers over 4 years

Domain Name: microsoft.com

Registry Domain ID: 2724960_DOMAIN_COM-VRSN

Registrar WHOIS Server: whois.markmonitor.com

Registrar URL: http://www.markmonitor.com

Updated Date: 2023-08-18T16:15:54+0000 Creation Date: 1991-05-02T04:00:00+0000

Registrar Registration Expiration Date: 2025-05-03T00:00:00+0000

Registrar: Mark Monitor, Inc. Registrar IANA ID: 292

Registrar Abuse Contact Email:[email protected]

Registrar Abuse Contact Phone: +1.2086851750

Domain Status: client Update Prohibited (https://www.icann.org/epp#clientUpdateProhibited)

Domain Status: client Transfer Prohibited (https://www.icann.org/epp#clientTransferProhibited)

Domain Status: client Delete Prohibited (https://www.icann.org/epp#clientDeleteProhibited)

Domain Status: server Update Prohibited (https://www.icann.org/epp#serverUpdateProhibited)

Domain Status: server Transfer Prohibited (https://www.icann.org/epp#serverTransferProhibited)

Domain Status: server Delete Prohibited (https://www.icann.org/epp#serverDeleteProhibited)

Registry Registrant ID:

Registrant Name: Domain Administrator

Registrant Organization: Microsoft Corporation Registrant Street: One Microsoft Way,

Registrant City: Redmond Registrant State/Province: WA

Registrant Postal Code: 98052 Registrant Country: US

Registrant Phone: +1.4258828080 Registrant Fax: +1.4259367329

Registrant Email : [email protected]

Registry Tech ID:

Tech Name: MSN Host master Tech Email : [email protected]

Name Server: ns1-39.azure-dns.com Name Server: ns4-39.azure-dns.info

Name Server: ns3-39.azure-dns.org Name Server: ns2-39.azure-dns.net

2.NETCRAFT.COM

To get more information regarding target we use this site

Site title -Microsoft – Cloud, Computers, Apps & Gaming

Site rank - 86

Description - Explore Microsoft products and services for your home or business. Shop Surface,
Microsoft 365, Xbox, Windows, Azure, and more. Find downloads and get support.

Date first seen -August 1995

Primary language -English

Net block Owner -Akamai Technologies-Akamai Technologies

Hosting country -EU

IPv4 address -2.18.237.131 (Virus Total)

IPv4 (autonomous systems) -AS16625

IPv6 address -2a02:26f0:9d00:385:0:0:0:356e

IPv6( autonomous systems )-AS20940

Reverse DNS - a2-18-237-131.deploy.static.akamaitechnologies.com

Domain -microsoft.com

Name server- ns1-39.azure-dns.com

Domain registrar -markmonitor.com

Name server organisation -whois.markmonitor.com

Organisation -Microsoft Corporation, One Microsoft Way,, Redmond, 98052, United States

DNS admin [email protected]

Top Level Domain -Commercial entities (.com)

IPv4 address (2.18.237.131)

IP range Country Name Description
IANA-IPV4-MAPPED- Internet Assigned Numbers
::ffff:0.0.0.0/96 United States
ADDRESS Authority
RIPE Network Coordination
↳ 2.0.0.0-2.255.255.255 Netherlands 2-RIPE
Centre
European
↳ 2.16.0.0-2.23.255.255 NL-AKAMAI-20100910 Akamai International B.V.
Union
↳ 2.18.236.0- European
AKAMAI-PA Akamai Technologies
2.18.239.255 Union
European
↳ 2.18.237.131 AKAMAI-PA Akamai Technologies
Union
IPv6 address (2a02:26f0:9d00:385:0:0:0:356e)
IP range Country Name Description
::/0 N/A ROOT Root inet6num object
European
↳ 2a00::/11 EU-ZZ-2A00 RIPE NCC
Union
RIPE Network Coordination
↳ 2a00::/12 Netherlands EU-ZZ-2A00
Centre
European NL-AKAMAI-
↳ 2a02:26f0::/29 Akamai International B.V.
Union 20101022
European
↳ 2a02:26f0:9d00::/48 AKAMAI-PA Akamai Technologies
Union
European Akamai Technologies
↳ 2a02:26f0:9d00:385:0:0:0:356e AKAMAI-PA
Union

Site Technologies

Server-Side - Using ASP.NET , SSL

Client-Side - JavaScript ,Asynchronous Java script

Client-Side Scripting Frameworks - Angular JS

Content Delivery Network- Akamai

E-Commerce - General Domain Holding

Character Encoding - UTF8

HTTP Compression - Gzip Content Encoding

Web Browser Targeting - Document Compatibility Mode, X-Content-Type-Options , X-Frame-

Options Same Origin , Strict Transport Security

Doctype - HTML5

HTM L 5 - Viewport meta tag

CSS Usage - CSS Media Query , External

3.WAPALYZER

By using this we can get to know about advertisements used by target

Websites using Microsoft Advertising

1.godaddy.com 2 . gitlab.com

3 .rakuten.co.jp 4 .hostinger.com

5 .namecheap.com 6 .fiverr.com

7 .brevo.com 8 .envato.com

9. hubspot.com 10. booking.com

Alternatives to Microsoft Advertising

These are the most popular Microsoft Advertising alternatives in 2024.

1.Google Ads 2.Google Adsense

3.Twitter Ads 4.AdRoll

5.Google Publisher Tag

4.Shodan.io
By using this we will get to know about target servers information and ports information i.e how many
servers are there and how any ports are there in that how any are opened etc this type of info we will got.
By opening the IP address shown there we will get more info regarding target i.e open ports, servers, etc
By knowing the servers information we will get the 30% inforamation about target

5.dns dumpster:
By using this we get more insight information regarding DNS servers, MX Records, TXT records, HOST
records
Architecture of microsoft
CONCLUSION:
By using whois and netcraft we will get target domain information and along with that by using shodan
and dns dumpster we will get the target server and ports and architecture insight details. They are
actually more of online resources are available to perform footprinting .By using this details attacker used
to perform phishing attacks on victims , footprinting is not illegal but miusing it is illegal. By using these
online resources we will get 100% information regarding the website then the attacker will make into
document and sends to victim ,the victim will trust and fall in attacker trap.

So, here by using passive footprinting attacker will get information without knowledge of target and the
attacker sometimes perform phishing attacks

Finally,Footprinting was performed successfully on microsoft website through online resources( whois/
netcraft / wapalayzer/shodan /dnsdumpster) and gathered information and it presented above along with
screenshots.