Anonymous JTSEC #‎OpIcarus Full Recon #1

1. #######################################################################################################################################
2. Hostname www.citigroup.com ISP Akamai Technologies, Inc.
3. Continent North America Flag
4. US
5. Country United States Country Code US
6. Region Unknown Local time 26 Jan 2019 06:34 CST
7. City Unknown Postal Code Unknown
8. IP Address 104.98.33.172 Latitude 37.751
9. Longitude -97.822
10. #######################################################################################################################################
11. > www.citigroup.com
12. Server: 27.50.70.139
13. Address: 27.50.70.139#53
14.  
15. Non-authoritative answer:
16. www.citigroup.com canonical name = san.www.citi.com.edgekey.net.
17. san.www.citi.com.edgekey.net canonical name = e16976.x.akamaiedge.net.
18. Name: e16976.x.akamaiedge.net
19. Address: 104.98.33.172
20. >
21. #######################################################################################################################################
22.  
23. HostIP:104.98.33.172
24. HostName:www.citigroup.com
25.  
26. Gathered Inet-whois information for 104.98.33.172
27. ---------------------------------------------------------------------------------------------------------------------------------------
28.  
29.  
30. inetnum: 103.252.92.0 - 104.153.83.255
31. netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
32. descr: IPv4 address block not managed by the RIPE NCC
33. remarks: ------------------------------------------------------
34. remarks:
35. remarks: For registration information,
36. remarks: you can consult the following sources:
37. remarks:
38. remarks: IANA
39. remarks: http://www.iana.org/assignments/ipv4-address-space
40. remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
41. remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
42. remarks:
43. remarks: AFRINIC (Africa)
44. remarks: http://www.afrinic.net/ whois.afrinic.net
45. remarks:
46. remarks: APNIC (Asia Pacific)
47. remarks: http://www.apnic.net/ whois.apnic.net
48. remarks:
49. remarks: ARIN (Northern America)
50. remarks: http://www.arin.net/ whois.arin.net
51. remarks:
52. remarks: LACNIC (Latin America and the Carribean)
53. remarks: http://www.lacnic.net/ whois.lacnic.net
54. remarks:
55. remarks: ------------------------------------------------------
56. country: EU # Country is really world wide
57. admin-c: IANA1-RIPE
58. tech-c: IANA1-RIPE
59. status: ALLOCATED UNSPECIFIED
60. mnt-by: RIPE-NCC-HM-MNT
61. created: 2019-01-07T10:50:18Z
62. last-modified: 2019-01-07T10:50:18Z
63. source: RIPE
64.  
65. role: Internet Assigned Numbers Authority
66. address: see http://www.iana.org.
67. admin-c: IANA1-RIPE
68. tech-c: IANA1-RIPE
69. nic-hdl: IANA1-RIPE
70. remarks: For more information on IANA services
71. remarks: go to IANA web site at http://www.iana.org.
72. mnt-by: RIPE-NCC-MNT
73. created: 1970-01-01T00:00:00Z
74. last-modified: 2001-09-22T09:31:27Z
75. source: RIPE # Filtered
76.  
77. % Information related to '104.98.32.0/20AS20940'
78.  
79. route: 104.98.32.0/20
80. descr: Akamai Technologies
81. origin: AS20940
82. mnt-by: AKAM1-RIPE-MNT
83. created: 2015-06-08T16:55:05Z
84. last-modified: 2018-09-04T18:11:35Z
85. source: RIPE-NONAUTH
86.  
87. % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
88.  
89.  
90.  
91. Gathered Inic-whois information for citigroup.com
92. ---------------------------------------------------------------------------------------------------------------------------------------
93. Domain Name: CITIGROUP.COM
94. Registry Domain ID: 1106356_DOMAIN_COM-VRSN
95. Registrar WHOIS Server: whois.corporatedomains.com
96. Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
97. Updated Date: 2018-12-05T21:58:43Z
98. Creation Date: 1998-04-06T04:00:00Z
99. Registry Expiry Date: 2020-04-05T04:00:00Z
100. Registrar: CSC Corporate Domains, Inc.
101. Registrar IANA ID: 299
102. Registrar Abuse Contact Email: domainabuse@cscglobal.com
103. Registrar Abuse Contact Phone: 8887802723
104. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
105. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
106. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
107. Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
108. Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
109. Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
110. Name Server: NS1.NSROOT1.COM
111. Name Server: NS2.NSROOT2.COM
112. DNSSEC: unsigned
113. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
114. >>> Last update of whois database: 2019-01-26T12:40:15Z <<<
115.  
116. For more information on Whois status codes, please visit https://icann.org/epp
117.  
118. NOTICE: The expiration date displayed in this record is the date the
119. registrar's sponsorship of the domain name registration in the registry is
120. currently set to expire. This date does not necessarily reflect the expiration
121. date of the domain name registrant's agreement with the sponsoring
122. registrar. Users may consult the sponsoring registrar's Whois database to
123. view the registrar's reported date of expiration for this registration.
124.  
125. TERMS OF USE: You are not authorized to access or query our Whois
126. database through the use of electronic processes that are high-volume and
127. automated except as reasonably necessary to register domain names or
128. modify existing registrations; the Data in VeriSign Global Registry
129. Services' ("VeriSign") Whois database is provided by VeriSign for
130. information purposes only, and to assist persons in obtaining information
131. about or related to a domain name registration record. VeriSign does not
132. guarantee its accuracy. By submitting a Whois query, you agree to abide
133. by the following terms of use: You agree that you may use this Data only
134. for lawful purposes and that under no circumstances will you use this Data
135. to: (1) allow, enable, or otherwise support the transmission of mass
136. unsolicited, commercial advertising or solicitations via e-mail, telephone,
137. or facsimile; or (2) enable high volume, automated, electronic processes
138. that apply to VeriSign (or its computer systems). The compilation,
139. repackaging, dissemination or other use of this Data is expressly
140. prohibited without the prior written consent of VeriSign. You agree not to
141. use electronic processes that are automated and high-volume to access or
142. query the Whois database except as reasonably necessary to register
143. domain names or modify existing registrations. VeriSign reserves the right
144. to restrict your access to the Whois database in its sole discretion to ensure
145. operational stability. VeriSign may restrict or terminate your access to the
146. Whois database for failure to abide by these terms of use. VeriSign
147. reserves the right to modify these terms at any time.
148.  
149. The Registry database contains ONLY .COM, .NET, .EDU domains and
150. Registrars.
151.  
152. Gathered Netcraft information for www.citigroup.com
153. ---------------------------------------------------------------------------------------------------------------------------------------
154.  
155. Retrieving Netcraft.com information for www.citigroup.com
156. Netcraft.com Information gathered
157.  
158. Gathered Subdomain information for citigroup.com
159. ---------------------------------------------------------------------------------------------------------------------------------------
160. Searching Google.com:80...
161. HostName:www.citigroup.com
162. HostIP:104.98.33.172
163. HostName:careers.citigroup.com
164. HostIP:116.255.21.208
165. HostName:debtxportal.issuerservices.citigroup.com
166. HostIP:192.193.56.78
167. HostName:careermobility.citigroup.com
168. HostIP:192.193.183.119
169. HostName:businessaccess.citibank.citigroup.com
170. HostIP:104.98.27.154
171. HostName:blog.citigroup.com
172. HostIP:146.20.81.168
173. HostName:remoteoffice.citigroup.com
174. HostIP:192.193.3.103
175. HostName:volunteers.citigroup.com
176. HostIP:192.193.218.28
177. HostName:Volunteers.citigroup.com
178. HostIP:192.193.218.28
179. HostName:news.citigroup.com
180. HostIP:173.231.190.151
181. HostName:procurementsourcing.citigroup.com
182. HostIP:192.193.183.188
183. Searching Altavista.com:80...
184. Found 11 possible subdomain(s) for host citigroup.com, Searched 0 pages containing 0 results
185.  
186. Gathered E-Mail information for citigroup.com
187. ---------------------------------------------------------------------------------------------------------------------------------------
188. Searching Google.com:80...
189. Searching Altavista.com:80...
190. Found 0 E-Mail(s) for host citigroup.com, Searched 0 pages containing 0 results
191.  
192. Gathered TCP Port information for 104.98.33.172
193. ---------------------------------------------------------------------------------------------------------------------------------------
194.  
195. Port State
196.  
197. 80/tcp open
198.  
199. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
200. #######################################################################################################################################
201. [i] Scanning Site: https://www.citigroup.com
202.  
203.  
204.  
205. B A S I C I N F O
206. ======================================================================================================================================
207.  
208.  
209. [+] Site Title: Citi | Responsible Finance - Financial Ingenuity - Global Bank
210. [+] IP address: 104.98.33.172
211. [+] Web Server: Could Not Detect
212. [+] CMS: Could Not Detect
213. [+] Cloudflare: Not Detected
214. [+] Robots File: Could NOT Find robots.txt!
215.  
216.  
217.  
218.  
219. W H O I S L O O K U P
220. =======================================================================================================================================
221.  
222. Domain Name: CITIGROUP.COM
223. Registry Domain ID: 1106356_DOMAIN_COM-VRSN
224. Registrar WHOIS Server: whois.corporatedomains.com
225. Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
226. Updated Date: 2018-12-05T21:58:43Z
227. Creation Date: 1998-04-06T04:00:00Z
228. Registry Expiry Date: 2020-04-05T04:00:00Z
229. Registrar: CSC Corporate Domains, Inc.
230. Registrar IANA ID: 299
231. Registrar Abuse Contact Email: domainabuse@cscglobal.com
232. Registrar Abuse Contact Phone: 8887802723
233. Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
234. Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
235. Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
236. Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
237. Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
238. Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
239. Name Server: NS1.NSROOT1.COM
240. Name Server: NS2.NSROOT2.COM
241. DNSSEC: unsigned
242. URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
243. >>> Last update of whois database: 2019-01-26T12:40:45Z <<<
244.  
245. For more information on Whois status codes, please visit https://icann.org/epp
246.  
247.  
248.  
249. The Registry database contains ONLY .COM, .NET, .EDU domains and
250. Registrars.
251.  
252.  
253.  
254.  
255. G E O I P L O O K U P
256. =======================================================================================================================================
257.  
258. [i] IP Address: 192.193.218.130
259. [i] Country: United States
260. [i] State:
261. [i] City:
262. [i] Latitude: 37.751
263. [i] Longitude: -97.822
264.  
265.  
266.  
267.  
268. H T T P H E A D E R S
269. =======================================================================================================================================
270.  
271.  
272. [i] HTTP/1.0 301 Moved Permanently
273. [i] Location: http://www.citigroup.com/citi/
274. [i] Vary: Accept-Encoding
275. [i] Content-Encoding: gzip
276. [i] Content-Length: 20
277. [i] Content-Type: text/plain
278. [i] Date: Sat, 26 Jan 2019 12:41:03 GMT
279. [i] Connection: close
280. [i] HTTP/1.1 302 Found
281. [i] Date: Sat, 26 Jan 2019 12:41:04 GMT
282. [i] Content-Length: 0
283. [i] Location: https://www.citigroup.com/citi/
284. [i] Connection: close
285. [i] HTTP/1.0 200 OK
286. [i] Last-Modified: Thu, 17 Jan 2019 18:21:27 GMT
287. [i] ETag: "124a19-31d4-57fab7673f7c0"
288. [i] Content-Type: text/html
289. [i] Date: Sat, 26 Jan 2019 12:41:06 GMT
290. [i] Content-Length: 12756
291. [i] Connection: close
292.  
293.  
294.  
295.  
296. D N S L O O K U P
297. =======================================================================================================================================
298.  
299. citigroup.com. 3599 IN SOA ns1.nsroot1.com. hostmaster.citi.com. 2019010801 3600 300 2419200 3600
300. citigroup.com. 3599 IN NS ns1.nsroot1.com.
301. citigroup.com. 3599 IN NS ns2.nsroot2.com.
302. citigroup.com. 3599 IN A 192.193.102.175
303. citigroup.com. 3599 IN A 192.193.218.130
304. citigroup.com. 1799 IN MX 5 mx-a.mail.citi.com.
305. citigroup.com. 1799 IN MX 5 mx-b.mail.citi.com.
306. citigroup.com. 3599 IN TXT "facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn"
307. citigroup.com. 3599 IN TXT "v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com"
308.  
309.  
310.  
311.  
312. S U B N E T C A L C U L A T I O N
313. =======================================================================================================================================
314.  
315. Address = 192.193.102.175
316. Network = 192.193.102.175 / 32
317. Netmask = 255.255.255.255
318. Broadcast = not needed on Point-to-Point links
319. Wildcard Mask = 0.0.0.0
320. Hosts Bits = 0
321. Max. Hosts = 1 (2^0 - 0)
322. Host Range = { 192.193.102.175 - 192.193.102.175 }
323.  
324.  
325.  
326. N M A P P O R T S C A N
327. =======================================================================================================================================
328.  
329.  
330. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-26 12:41 UTC
331. Nmap scan report for citigroup.com (192.193.102.175)
332. Host is up (0.045s latency).
333. Other addresses for citigroup.com (not scanned): 192.193.218.130
334. rDNS record for 192.193.102.175: citicorp.com.au
335. PORT STATE SERVICE
336. 21/tcp filtered ftp
337. 22/tcp filtered ssh
338. 23/tcp filtered telnet
339. 80/tcp open http
340. 110/tcp filtered pop3
341. 143/tcp filtered imap
342. 443/tcp open https
343. 3389/tcp filtered ms-wbt-server
344.  
345. Nmap done: 1 IP address (1 host up) scanned in 1.55 seconds
346.  
347.  
348.  
349. S U B - D O M A I N F I N D E R
350. =======================================================================================================================================
351.  
352.  
353. [i] Total Subdomains Found : 329
354.  
355. [+] Subdomain: fidirectstream10.citigroup.com
356. [-] IP: 199.67.182.226
357.  
358. [+] Subdomain: smtp10.citigroup.com
359. [-] IP: 192.193.96.35
360.  
361. [+] Subdomain: electronicbillingtest10.citigroup.com
362. [-] IP: 192.193.218.167
363.  
364. [+] Subdomain: smtpinbound-mpod-1.citigroup.com
365. [-] IP: 199.67.137.143
366.  
367. [+] Subdomain: smtpinbound-mx-1.citigroup.com
368. [-] IP: 192.193.158.11
369.  
370. [+] Subdomain: fidirectstream01.citigroup.com
371. [-] IP: 199.67.184.138
372.  
373. [+] Subdomain: smtprelayu-gt01.citigroup.com
374. [-] IP: 192.193.222.12
375.  
376. [+] Subdomain: smtpinbound-g11.citigroup.com
377. [-] IP: 192.193.222.15
378.  
379. [+] Subdomain: smtpinbound-m11.citigroup.com
380. [-] IP: 192.193.193.13
381.  
382. [+] Subdomain: smtp11.citigroup.com
383. [-] IP: 192.193.96.36
384.  
385. [+] Subdomain: smtpinbound-s11.citigroup.com
386. [-] IP: 192.193.220.24
387.  
388. [+] Subdomain: citigroupsoa1.citigroup.com
389. [-] IP: 192.193.183.110
390.  
391. [+] Subdomain: customer360view.uat1.citigroup.com
392. [-] IP: 192.193.174.107
393.  
394. [+] Subdomain: citigroupsoauat1.citigroup.com
395. [-] IP: 192.193.173.115
396.  
397. [+] Subdomain: citigroupsoasit1.citigroup.com
398. [-] IP: 192.193.173.114
399.  
400. [+] Subdomain: remoteprint1.citigroup.com
401. [-] IP: 199.67.137.39
402.  
403. [+] Subdomain: smtpinbound-mpod-2.citigroup.com
404. [-] IP: 199.67.137.143
405.  
406. [+] Subdomain: fidirectstream02.citigroup.com
407. [-] IP: 199.67.185.135
408.  
409. [+] Subdomain: smtprelay-gt02.citigroup.com
410. [-] IP: 192.193.222.13
411.  
412. [+] Subdomain: imbdmzu-mw02.citigroup.com
413. [-] IP: 192.193.193.78
414.  
415. [+] Subdomain: smtprelay-mw02.citigroup.com
416. [-] IP: 192.193.193.12
417.  
418. [+] Subdomain: smtpinbound-g12.citigroup.com
419. [-] IP: 192.193.222.16
420.  
421. [+] Subdomain: smtpinbound-m12.citigroup.com
422. [-] IP: 192.193.193.14
423.  
424. [+] Subdomain: fidirectstream12.citigroup.com
425. [-] IP: 199.67.183.136
426.  
427. [+] Subdomain: smtpinbound-r12.citigroup.com
428. [-] IP: 192.193.158.15
429.  
430. [+] Subdomain: smtpinbound-s12.citigroup.com
431. [-] IP: 192.193.220.22
432.  
433. [+] Subdomain: customer360view.uat2.citigroup.com
434. [-] IP: 192.193.174.108
435.  
436. [+] Subdomain: securefiletransferuat2.citigroup.com
437. [-] IP: 192.193.219.34
438.  
439. [+] Subdomain: smtpinbound-mpod-3.citigroup.com
440. [-] IP: 199.67.137.143
441.  
442. [+] Subdomain: smtprelay-gt03.citigroup.com
443. [-] IP: 192.193.222.87
444.  
445. [+] Subdomain: smtprelay-mw03.citigroup.com
446. [-] IP: 192.193.193.91
447.  
448. [+] Subdomain: securefiletransfer3.citigroup.com
449. [-] IP: 192.193.173.116
450.  
451. [+] Subdomain: securefiletransferuat3.citigroup.com
452. [-] IP: 192.193.183.250
453.  
454. [+] Subdomain: smtp4.citigroup.com
455. [-] IP: 192.193.71.3
456.  
457. [+] Subdomain: smtp5.citigroup.com
458. [-] IP: 192.193.71.4
459.  
460. [+] Subdomain: digitalcertificate7.citigroup.com
461. [-] IP: 192.193.218.24
462.  
463. [+] Subdomain: smtp8.citigroup.com
464. [-] IP: 192.193.96.33
465.  
466. [+] Subdomain: wealthplannerondevices8.citigroup.com
467. [-] IP: 192.193.157.64
468.  
469. [+] Subdomain: smtp9.citigroup.com
470. [-] IP: 192.193.96.34
471.  
472. [+] Subdomain: wealthplanneronline.emea.citigroup.com
473. [-] IP: 199.67.204.109
474.  
475. [+] Subdomain: uatwealthplanneronline.emea.citigroup.com
476. [-] IP: 199.67.207.220
477.  
478. [+] Subdomain: uatwealthplannerondevices.emea.citigroup.com
479. [-] IP: 199.67.207.210
480.  
481. [+] Subdomain: wealthplanneradvisory.emea.citigroup.com
482. [-] IP: 199.67.207.221
483.  
484. [+] Subdomain: uatwealthplanneradvisory.emea.citigroup.com
485. [-] IP: 199.67.207.215
486.  
487. [+] Subdomain: digitalonboarding.india.citigroup.com
488. [-] IP: 192.193.157.242
489.  
490. [+] Subdomain: rmapp.india.citigroup.com
491. [-] IP: 192.193.128.62
492.  
493. [+] Subdomain: uatwealthplanneradvisory.india.citigroup.com
494. [-] IP: 192.193.128.225
495.  
496. [+] Subdomain: site10.remoteoffice.australia.citigroup.com
497. [-] IP: 192.193.3.98
498.  
499. [+] Subdomain: site09.remoteoffice.australia.citigroup.com
500. [-] IP: 192.193.0.98
501.  
502. [+] Subdomain: site07.remoteoffice.asia.citigroup.com
503. [-] IP: 192.193.160.162
504.  
505. [+] Subdomain: site08.remoteoffice.asia.citigroup.com
506. [-] IP: 192.193.132.130
507.  
508. [+] Subdomain: vpnphone.asia.citigroup.com
509. [-] IP: 192.193.160.167
510.  
511. [+] Subdomain: responsivesalesautomationrussia.citigroup.com
512. [-] IP: 192.193.246.26
513.  
514. [+] Subdomain: wealthplanneradvisory.china.citigroup.com
515. [-] IP: 192.193.128.190
516.  
517. [+] Subdomain: citigroupsoa.citigroup.com
518. [-] IP: 192.193.183.98
519.  
520. [+] Subdomain: banksearch.cib.citigroup.com
521. [-] IP: 192.193.56.36
522.  
523. [+] Subdomain: banksearchuat.cib.citigroup.com
524. [-] IP: 192.193.182.127
525.  
526. [+] Subdomain: efet.cmb.citigroup.com
527. [-] IP: 199.67.184.212
528.  
529. [+] Subdomain: modelmanagementportal-cob.citigroup.com
530. [-] IP: 192.193.219.172
531.  
532. [+] Subdomain: saml-cob.citigroup.com
533. [-] IP: 199.67.137.41
534.  
535. [+] Subdomain: volunteersmanagementsystemcob.citigroup.com
536. [-] IP: 192.193.173.165
537.  
538. [+] Subdomain: cardsmarketingcentercob.citigroup.com
539. [-] IP: 199.67.131.113
540.  
541. [+] Subdomain: customerservice.aspac.citigroup.com
542. [-] IP: 192.193.157.185
543.  
544. [+] Subdomain: citigroupsoaaspac.citigroup.com
545. [-] IP: 192.193.157.24
546.  
547. [+] Subdomain: citigroupsoauataspac.citigroup.com
548. [-] IP: 192.193.133.223
549.  
550. [+] Subdomain: smtpinbound.citigroup.com
551. [-] IP: 192.193.158.82
552.  
553. [+] Subdomain: smtp-edelivery-outbound.citigroup.com
554. [-] IP: 192.193.158.69
555.  
556. [+] Subdomain: smtpoutbound.citigroup.com
557. [-] IP: 192.193.158.79
558.  
559. [+] Subdomain: procurementsourcing.preprod.citigroup.com
560. [-] IP: 192.193.183.188
561.  
562. [+] Subdomain: login.preprod.citigroup.com
563. [-] IP: 192.193.183.206
564.  
565. [+] Subdomain: careermobilityprod.citigroup.com
566. [-] IP: 192.193.183.119
567.  
568. [+] Subdomain: responsivesalesautomationprd.citigroup.com
569. [-] IP: 199.67.207.167
570.  
571. [+] Subdomain: remoteoffice.citigroup.com
572. [-] IP: 199.67.131.65
573.  
574. [+] Subdomain: site00.remoteoffice.citigroup.com
575. [-] IP: 199.67.131.66
576.  
577. [+] Subdomain: site01.remoteoffice.citigroup.com
578. [-] IP: 199.67.136.8
579.  
580. [+] Subdomain: site11.remoteoffice.citigroup.com
581. [-] IP: 199.67.136.15
582.  
583. [+] Subdomain: uat1.remoteoffice.citigroup.com
584. [-] IP: 199.67.136.27
585.  
586. [+] Subdomain: dev1.remoteoffice.citigroup.com
587. [-] IP: 65.196.75.1
588.  
589. [+] Subdomain: site02.remoteoffice.citigroup.com
590. [-] IP: 192.193.216.9
591.  
592. [+] Subdomain: site12.remoteoffice.citigroup.com
593. [-] IP: 192.193.181.20
594.  
595. [+] Subdomain: dev2.remoteoffice.citigroup.com
596. [-] IP: 65.196.75.2
597.  
598. [+] Subdomain: site03.remoteoffice.citigroup.com
599. [-] IP: 199.67.138.66
600.  
601. [+] Subdomain: uat3.remoteoffice.citigroup.com
602. [-] IP: 199.67.203.89
603.  
604. [+] Subdomain: dev3.remoteoffice.citigroup.com
605. [-] IP: 65.196.75.3
606.  
607. [+] Subdomain: site14.remoteoffice.citigroup.com
608. [-] IP: 199.67.131.71
609.  
610. [+] Subdomain: uat4.remoteoffice.citigroup.com
611. [-] IP: 192.193.160.166
612.  
613. [+] Subdomain: dev4.remoteoffice.citigroup.com
614. [-] IP: 65.196.75.4
615.  
616. [+] Subdomain: uat5.remoteoffice.citigroup.com
617. [-] IP: 192.193.216.11
618.  
619. [+] Subdomain: dev5.remoteoffice.citigroup.com
620. [-] IP: 65.196.75.13
621.  
622. [+] Subdomain: uat.remoteoffice.citigroup.com
623. [-] IP: 192.193.216.12
624.  
625. [+] Subdomain: dev.remoteoffice.citigroup.com
626. [-] IP: 65.196.75.38
627.  
628. [+] Subdomain: uat.salesstationdevice.citigroup.com
629. [-] IP: 199.67.207.224
630.  
631. [+] Subdomain: bondexchange.citigroup.com
632. [-] IP: 199.67.141.209
633.  
634. [+] Subdomain: uat.salesautomationonline.citigroup.com
635. [-] IP: 192.193.174.104
636.  
637. [+] Subdomain: uat.salesstationonline.citigroup.com
638. [-] IP: 199.67.207.223
639.  
640. [+] Subdomain: logintotalcomponline.citigroup.com
641. [-] IP: 192.193.218.158
642.  
643. [+] Subdomain: vpnphone.citigroup.com
644. [-] IP: 199.67.138.87
645.  
646. [+] Subdomain: site04.remoteoffice.europe.citigroup.com
647. [-] IP: 199.67.203.80
648.  
649. [+] Subdomain: site05.remoteoffice.europe.citigroup.com
650. [-] IP: 192.193.116.66
651.  
652. [+] Subdomain: vpnphone.europe.citigroup.com
653. [-] IP: 192.193.116.84
654.  
655. [+] Subdomain: centerforculture.citigroup.com
656. [-] IP: 64.90.172.118
657.  
658. [+] Subdomain: uat.centerforculture.citigroup.com
659. [-] IP: 64.90.172.117
660.  
661. [+] Subdomain: www.centerforculture.citigroup.com
662. [-] IP: 64.90.172.118
663.  
664. [+] Subdomain: 2._spf.citigroup.com
665. [-] IP: 177.136.58.178
666.  
667. [+] Subdomain: site01.icg.citigroup.com
668. [-] IP: 204.13.186.188
669.  
670. [+] Subdomain: site02.icg.citigroup.com
671. [-] IP: 204.13.188.232
672.  
673. [+] Subdomain: go2.icg.citigroup.com
674. [-] IP: 204.130.247.249
675.  
676. [+] Subdomain: site03.icg.citigroup.com
677. [-] IP: 204.130.247.249
678.  
679. [+] Subdomain: site04.icg.citigroup.com
680. [-] IP: 209.99.240.197
681.  
682. [+] Subdomain: go.icg.citigroup.com
683. [-] IP: 204.13.186.188
684.  
685. [+] Subdomain: issuerservices.icg.citigroup.com
686. [-] IP: 192.193.56.146
687.  
688. [+] Subdomain: issuerservicesuat.icg.citigroup.com
689. [-] IP: 192.193.86.251
690.  
691. [+] Subdomain: smtpinboundlg.citigroup.com
692. [-] IP: 192.193.158.77
693.  
694. [+] Subdomain: procurementsourcing.citigroup.com
695. [-] IP: 192.193.183.188
696.  
697. [+] Subdomain: uattest.tradeimaging.citigroup.com
698. [-] IP: 192.193.200.190
699.  
700. [+] Subdomain: www.tradeimaging.citigroup.com
701. [-] IP: 192.193.174.154
702.  
703. [+] Subdomain: commercialbanking.citigroup.com
704. [-] IP: 199.67.184.149
705.  
706. [+] Subdomain: cargotest10.billing.citigroup.com
707. [-] IP: 192.193.218.139
708.  
709. [+] Subdomain: training.citigroup.com
710. [-] IP: 192.193.173.102
711.  
712. [+] Subdomain: scheduleplanning.citigroup.com
713. [-] IP: 192.193.102.36
714.  
715. [+] Subdomain: financelearning.citigroup.com
716. [-] IP: 192.193.219.167
717.  
718. [+] Subdomain: uattest.tradeprocessing.citigroup.com
719. [-] IP: 192.193.200.192
720.  
721. [+] Subdomain: www.tradeprocessing.citigroup.com
722. [-] IP: 192.193.174.159
723.  
724. [+] Subdomain: openprime.testing.citigroup.com
725. [-] IP: 199.67.184.150
726.  
727. [+] Subdomain: login.employeegiving.citigroup.com
728. [-] IP: 192.193.219.106
729.  
730. [+] Subdomain: disasterrecovery.login.employeegiving.citigroup.com
731. [-] IP: 199.67.137.44
732.  
733. [+] Subdomain: blog.citigroup.com
734. [-] IP: 146.20.81.168
735.  
736. [+] Subdomain: uat.blog.citigroup.com
737. [-] IP: 146.20.81.168
738.  
739. [+] Subdomain: trainingstg.citigroup.com
740. [-] IP: 192.193.173.103
741.  
742. [+] Subdomain: travelplannerstg.citigroup.com
743. [-] IP: 192.193.218.163
744.  
745. [+] Subdomain: businessaccessqa.citibank.citigroup.com
746. [-] IP: 192.193.173.42
747.  
748. [+] Subdomain: webcashmanagercitibusinessuat.citibank.citigroup.com
749. [-] IP: 192.193.86.23
750.  
751. [+] Subdomain: webcashmanagercitidirectuat.citibank.citigroup.com
752. [-] IP: 192.193.86.24
753.  
754. [+] Subdomain: businessaccesssit.citibank.citigroup.com
755. [-] IP: 192.193.173.46
756.  
757. [+] Subdomain: poc.portal.citigroup.com
758. [-] IP: 192.193.182.174
759.  
760. [+] Subdomain: openwealthsolutionsportal.citigroup.com
761. [-] IP: 192.193.86.73
762.  
763. [+] Subdomain: modelmanagementportal.citigroup.com
764. [-] IP: 199.67.137.55
765.  
766. [+] Subdomain: mail.citigroup.com
767. [-] IP: 199.67.141.124
768.  
769. [+] Subdomain: assinaturadigital.brazil.citigroup.com
770. [-] IP: 192.193.173.22
771.  
772. [+] Subdomain: uat.assinaturadigital.brazil.citigroup.com
773. [-] IP: 192.193.200.99
774.  
775. [+] Subdomain: ebillpayer.brazil.citigroup.com
776. [-] IP: 192.193.35.123
777.  
778. [+] Subdomain: ebillpayer.uat.brazil.citigroup.com
779. [-] IP: 192.193.200.81
780.  
781. [+] Subdomain: secureaccessweb.nam.citigroup.com
782. [-] IP: 199.67.137.28
783.  
784. [+] Subdomain: secureaccess.nam.citigroup.com
785. [-] IP: 192.193.8.23
786.  
787. [+] Subdomain: secureaccessweb.uat.nam.citigroup.com
788. [-] IP: 192.193.104.115
789.  
790. [+] Subdomain: secureaccess.uat.nam.citigroup.com
791. [-] IP: 192.193.173.11
792.  
793. [+] Subdomain: secureaccessweb.sit.nam.citigroup.com
794. [-] IP: 199.67.141.105
795.  
796. [+] Subdomain: secureaccess.sit.nam.citigroup.com
797. [-] IP: 199.67.141.104
798.  
799. [+] Subdomain: www.hotelprogram.citigroup.com
800. [-] IP: 199.67.139.146
801.  
802. [+] Subdomain: volunteersmanagementsystem.citigroup.com
803. [-] IP: 192.193.219.141
804.  
805. [+] Subdomain: wealthplanneronline.taiwan.citigroup.com
806. [-] IP: 192.193.157.229
807.  
808. [+] Subdomain: uatwealthplanneronline.taiwan.citigroup.com
809. [-] IP: 192.193.128.250
810.  
811. [+] Subdomain: wealthplanneradvisory.taiwan.citigroup.com
812. [-] IP: 192.193.128.232
813.  
814. [+] Subdomain: uatwealthplanneradvisory.taiwan.citigroup.com
815. [-] IP: 192.193.128.207
816.  
817. [+] Subdomain: login.citigroup.com
818. [-] IP: 192.193.183.206
819.  
820. [+] Subdomain: citigroupsoa.authentication.citigroup.com
821. [-] IP: 192.193.219.6
822.  
823. [+] Subdomain: site00.wifiauthentication.citigroup.com
824. [-] IP: 192.0.2.1
825.  
826. [+] Subdomain: site01.wifiauthentication.citigroup.com
827. [-] IP: 192.0.2.1
828.  
829. [+] Subdomain: site11.wifiauthentication.citigroup.com
830. [-] IP: 192.0.2.1
831.  
832. [+] Subdomain: site02.wifiauthentication.citigroup.com
833. [-] IP: 192.0.2.1
834.  
835. [+] Subdomain: site03.wifiauthentication.citigroup.com
836. [-] IP: 192.0.2.1
837.  
838. [+] Subdomain: site04.wifiauthentication.citigroup.com
839. [-] IP: 192.0.2.1
840.  
841. [+] Subdomain: site14.wifiauthentication.citigroup.com
842. [-] IP: 192.0.2.1
843.  
844. [+] Subdomain: site05.wifiauthentication.citigroup.com
845. [-] IP: 192.0.2.1
846.  
847. [+] Subdomain: site15.wifiauthentication.citigroup.com
848. [-] IP: 192.0.2.1
849.  
850. [+] Subdomain: site06.wifiauthentication.citigroup.com
851. [-] IP: 192.0.2.1
852.  
853. [+] Subdomain: site07.wifiauthentication.citigroup.com
854. [-] IP: 192.0.2.1
855.  
856. [+] Subdomain: site08.wifiauthentication.citigroup.com
857. [-] IP: 192.0.2.1
858.  
859. [+] Subdomain: www.foundation.citigroup.com
860. [-] IP: 199.67.141.187
861.  
862. [+] Subdomain: www.disasterrecovery.foundation.citigroup.com
863. [-] IP: 199.67.139.14
864.  
865. [+] Subdomain: uat.emeasalesautomation.citigroup.com
866. [-] IP: 192.193.173.204
867.  
868. [+] Subdomain: uat.ru.emeasalesautomation.citigroup.com
869. [-] IP: 192.193.174.32
870.  
871. [+] Subdomain: onlinesalesautomation.citigroup.com
872. [-] IP: 199.67.204.53
873.  
874. [+] Subdomain: uat.responsivesalesautomation.citigroup.com
875. [-] IP: 192.193.174.101
876.  
877. [+] Subdomain: globalcommonsalesautomation.citigroup.com
878. [-] IP: 192.193.157.234
879.  
880. [+] Subdomain: uat1.directsalesautomation.citigroup.com
881. [-] IP: 192.193.174.77
882.  
883. [+] Subdomain: uat2.directsalesautomation.citigroup.com
884. [-] IP: 192.193.173.251
885.  
886. [+] Subdomain: instantsalesautomation.citigroup.com
887. [-] IP: 192.193.245.30
888.  
889. [+] Subdomain: emaildelivery.mexico.citigroup.com
890. [-] IP: 192.193.179.146
891.  
892. [+] Subdomain: www.morningstar.citigroup.com
893. [-] IP: 199.67.137.45
894.  
895. [+] Subdomain: commercialbankingdr.citigroup.com
896. [-] IP: 199.67.182.170
897.  
898. [+] Subdomain: trainingdr.citigroup.com
899. [-] IP: 199.67.137.14
900.  
901. [+] Subdomain: financelearningdr.citigroup.com
902. [-] IP: 199.67.137.68
903.  
904. [+] Subdomain: logindr.citigroup.com
905. [-] IP: 192.193.173.88
906.  
907. [+] Subdomain: taxseriesdr.citigroup.com
908. [-] IP: 192.193.173.91
909.  
910. [+] Subdomain: careersdr.citigroup.com
911. [-] IP: 199.67.137.75
912.  
913. [+] Subdomain: newhireprocessdr.citigroup.com
914. [-] IP: 199.67.137.53
915.  
916. [+] Subdomain: ecommercelawsdr.citigroup.com
917. [-] IP: 199.67.182.169
918.  
919. [+] Subdomain: fitrader.citigroup.com
920. [-] IP: 199.67.184.177
921.  
922. [+] Subdomain: securefiletransfer.citigroup.com
923. [-] IP: 199.67.137.221
924.  
925. [+] Subdomain: primefinance.securefiletransfer.citigroup.com
926. [-] IP: 192.193.218.30
927.  
928. [+] Subdomain: m.cashmanager.citigroup.com
929. [-] IP: 192.193.56.34
930.  
931. [+] Subdomain: uat.cashmanager.citigroup.com
932. [-] IP: 192.193.182.17
933.  
934. [+] Subdomain: m.uat.cashmanager.citigroup.com
935. [-] IP: 192.193.182.42
936.  
937. [+] Subdomain: citidirectwebcashmanageruat.cashmanager.citigroup.com
938. [-] IP: 192.193.182.142
939.  
940. [+] Subdomain: uat1.emailtracker.citigroup.com
941. [-] IP: 192.193.174.103
942.  
943. [+] Subdomain: uat2.emailtracker.citigroup.com
944. [-] IP: 199.67.137.38
945.  
946. [+] Subdomain: pat.emailtracker.citigroup.com
947. [-] IP: 192.193.157.180
948.  
949. [+] Subdomain: uat.emailtracker.citigroup.com
950. [-] IP: 192.193.173.139
951.  
952. [+] Subdomain: primebroker.citigroup.com
953. [-] IP: 199.67.185.243
954.  
955. [+] Subdomain: www.travelplanner.citigroup.com
956. [-] IP: 199.67.141.247
957.  
958. [+] Subdomain: cardsmarketingcenter.citigroup.com
959. [-] IP: 192.193.216.82
960.  
961. [+] Subdomain: securemailcenter.citigroup.com
962. [-] IP: 192.193.154.4
963.  
964. [+] Subdomain: securecredentialserver.citigroup.com
965. [-] IP: 192.193.154.5
966.  
967. [+] Subdomain: rewardsdr.consumerhr.citigroup.com
968. [-] IP: 199.67.137.191
969.  
970. [+] Subdomain: rewards.consumerhr.citigroup.com
971. [-] IP: 192.193.219.150
972.  
973. [+] Subdomain: jobs.citigroup.com
974. [-] IP: 63.131.135.125
975.  
976. [+] Subdomain: uat2.wealthplannerondevices.citigroup.com
977. [-] IP: 192.193.173.245
978.  
979. [+] Subdomain: sit2.wealthplannerondevices.citigroup.com
980. [-] IP: 192.193.173.244
981.  
982. [+] Subdomain: uatwealthplannerondevices.citigroup.com
983. [-] IP: 192.193.173.182
984.  
985. [+] Subdomain: uat1.citiplannerondevices.citigroup.com
986. [-] IP: 199.67.137.238
987.  
988. [+] Subdomain: globalremittanceuat1.transactionservices.citigroup.com
989. [-] IP: 192.193.200.84
990.  
991. [+] Subdomain: testmarketing2.transactionservices.citigroup.com
992. [-] IP: 192.193.182.20
993.  
994. [+] Subdomain: globalremittanceuat2.transactionservices.citigroup.com
995. [-] IP: 192.193.200.49
996.  
997. [+] Subdomain: globalremittancepreprod.transactionservices.citigroup.com
998. [-] IP: 192.193.200.244
999.  
1000. [+] Subdomain: globalremittance.transactionservices.citigroup.com
1001. [-] IP: 192.193.200.244
1002.  
1003. [+] Subdomain: citiconnectcob.trade.transactionservices.citigroup.com
1004. [-] IP: 192.193.133.103
1005.  
1006. [+] Subdomain: citiconnect.trade.transactionservices.citigroup.com
1007. [-] IP: 192.193.165.236
1008.  
1009. [+] Subdomain: uat.citiconnect.trade.transactionservices.citigroup.com
1010. [-] IP: 192.193.128.108
1011.  
1012. [+] Subdomain: www.uat.citidirectunitmatching.transactionservices.citigroup.com
1013. [-] IP: 199.67.207.120
1014.  
1015. [+] Subdomain: email.transactionservices.citigroup.com
1016. [-] IP: 63.149.195.18
1017.  
1018. [+] Subdomain: mta934.email.transactionservices.citigroup.com
1019. [-] IP: 8.7.43.214
1020.  
1021. [+] Subdomain: mta935.email.transactionservices.citigroup.com
1022. [-] IP: 8.7.43.215
1023.  
1024. [+] Subdomain: a.ns.email.transactionservices.citigroup.com
1025. [-] IP: 65.125.54.133
1026.  
1027. [+] Subdomain: b.ns.email.transactionservices.citigroup.com
1028. [-] IP: 65.125.54.134
1029.  
1030. [+] Subdomain: c.ns.email.transactionservices.citigroup.com
1031. [-] IP: 216.15.189.57
1032.  
1033. [+] Subdomain: d.ns.email.transactionservices.citigroup.com
1034. [-] IP: 216.15.189.58
1035.  
1036. [+] Subdomain: e.ns.email.transactionservices.citigroup.com
1037. [-] IP: 207.251.96.133
1038.  
1039. [+] Subdomain: f.ns.email.transactionservices.citigroup.com
1040. [-] IP: 207.251.96.134
1041.  
1042. [+] Subdomain: d.mx.email.transactionservices.citigroup.com
1043. [-] IP: 63.148.46.97
1044.  
1045. [+] Subdomain: fundsecurefiletransfer.transactionservices.citigroup.com
1046. [-] IP: 199.67.137.83
1047.  
1048. [+] Subdomain: portfolioanalytics.transactionservices.citigroup.com
1049. [-] IP: 192.193.86.54
1050.  
1051. [+] Subdomain: digitalcertificates.transactionservices.citigroup.com
1052. [-] IP: 199.67.184.186
1053.  
1054. [+] Subdomain: globalremittanceuat.transactionservices.citigroup.com
1055. [-] IP: 192.193.183.34
1056.  
1057. [+] Subdomain: identitygatewayuat.transactionservices.citigroup.com
1058. [-] IP: 192.193.183.103
1059.  
1060. [+] Subdomain: reply.transactionservices.citigroup.com
1061. [-] IP: 192.193.56.103
1062.  
1063. [+] Subdomain: debtxportal.issuerservices.citigroup.com
1064. [-] IP: 192.193.56.78
1065.  
1066. [+] Subdomain: debtxportaluat.issuerservices.citigroup.com
1067. [-] IP: 192.193.35.36
1068.  
1069. [+] Subdomain: cob.in.onlinecollectionsservices.citigroup.com
1070. [-] IP: 192.193.128.202
1071.  
1072. [+] Subdomain: uat.in.onlinecollectionsservices.citigroup.com
1073. [-] IP: 192.193.128.125
1074.  
1075. [+] Subdomain: taxseries.citigroup.com
1076. [-] IP: 192.193.183.218
1077.  
1078. [+] Subdomain: uat.cititaxseries.citigroup.com
1079. [-] IP: 192.193.183.220
1080.  
1081. [+] Subdomain: irams.citigroup.com
1082. [-] IP: 199.67.141.239
1083.  
1084. [+] Subdomain: loansoperations.citigroup.com
1085. [-] IP: 199.67.184.160
1086.  
1087. [+] Subdomain: openwealthsolutions.citigroup.com
1088. [-] IP: 192.193.173.97
1089.  
1090. [+] Subdomain: stg.openwealthsolutions.citigroup.com
1091. [-] IP: 192.193.183.41
1092.  
1093. [+] Subdomain: hsbc.stg.openwealthsolutions.citigroup.com
1094. [-] IP: 192.193.183.42
1095.  
1096. [+] Subdomain: tempstg.openwealthsolutions.citigroup.com
1097. [-] IP: 192.193.219.113
1098.  
1099. [+] Subdomain: stgportal.openwealthsolutions.citigroup.com
1100. [-] IP: 192.193.86.75
1101.  
1102. [+] Subdomain: tiaacref.preproduction.openwealthsolutions.citigroup.com
1103. [-] IP: 192.193.173.97
1104.  
1105. [+] Subdomain: tempopenwealthsolutions.citigroup.com
1106. [-] IP: 192.193.173.139
1107.  
1108. [+] Subdomain: login.volunteers.citigroup.com
1109. [-] IP: 199.67.184.210
1110.  
1111. [+] Subdomain: disasterrecovery.login.volunteers.citigroup.com
1112. [-] IP: 199.67.182.210
1113.  
1114. [+] Subdomain: www.volunteers.citigroup.com
1115. [-] IP: 192.193.218.28
1116.  
1117. [+] Subdomain: www.approvedsuppliers.citigroup.com
1118. [-] IP: 199.67.139.149
1119.  
1120. [+] Subdomain: tempworkers.citigroup.com
1121. [-] IP: 192.193.218.181
1122.  
1123. [+] Subdomain: boardofdirectors.citigroup.com
1124. [-] IP: 192.193.183.104
1125.  
1126. [+] Subdomain: dr.boardofdirectors.citigroup.com
1127. [-] IP: 199.67.137.251
1128.  
1129. [+] Subdomain: uat.boardofdirectors.citigroup.com
1130. [-] IP: 199.67.137.250
1131.  
1132. [+] Subdomain: secureaccess.citigroup.com
1133. [-] IP: 199.67.137.24
1134.  
1135. [+] Subdomain: www.newhireprocess.citigroup.com
1136. [-] IP: 192.193.218.3
1137.  
1138. [+] Subdomain: www.angelpoints.citigroup.com
1139. [-] IP: 69.20.24.4
1140.  
1141. [+] Subdomain: ecommercelaws.citigroup.com
1142. [-] IP: 199.67.184.191
1143.  
1144. [+] Subdomain: news.citigroup.com
1145. [-] IP: 173.231.190.151
1146.  
1147. [+] Subdomain: mail.news.citigroup.com
1148. [-] IP: 173.231.190.148
1149.  
1150. [+] Subdomain: smtpinbound-uat.citigroup.com
1151. [-] IP: 192.193.193.79
1152.  
1153. [+] Subdomain: citidirectportal4.uat.citigroup.com
1154. [-] IP: 192.193.183.146
1155.  
1156. [+] Subdomain: asia.citidirectportal4.uat.citigroup.com
1157. [-] IP: 192.193.162.143
1158.  
1159. [+] Subdomain: citidirect4.uat.citigroup.com
1160. [-] IP: 192.193.182.175
1161.  
1162. [+] Subdomain: procurementsourcing.uat.citigroup.com
1163. [-] IP: 192.193.173.72
1164.  
1165. [+] Subdomain: login.uat.citigroup.com
1166. [-] IP: 192.193.174.127
1167.  
1168. [+] Subdomain: totalcomp.uat.citigroup.com
1169. [-] IP: 192.193.174.195
1170.  
1171. [+] Subdomain: secureaccess.uat.citigroup.com
1172. [-] IP: 192.193.104.113
1173.  
1174. [+] Subdomain: fidirectstream10uat.citigroup.com
1175. [-] IP: 199.67.182.227
1176.  
1177. [+] Subdomain: fidirectstream01uat.citigroup.com
1178. [-] IP: 199.67.184.139
1179.  
1180. [+] Subdomain: fidirectstream02uat.citigroup.com
1181. [-] IP: 199.67.185.133
1182.  
1183. [+] Subdomain: fidirectstream12uat.citigroup.com
1184. [-] IP: 199.67.183.132
1185.  
1186. [+] Subdomain: digitalcertificate7uat.citigroup.com
1187. [-] IP: 192.193.218.25
1188.  
1189. [+] Subdomain: citigroupsoauat.citigroup.com
1190. [-] IP: 199.67.137.240
1191.  
1192. [+] Subdomain: securefiletransferftpuat.citigroup.com
1193. [-] IP: 192.193.218.127
1194.  
1195. [+] Subdomain: securefiletransferuat.citigroup.com
1196. [-] IP: 192.193.173.119
1197.  
1198. [+] Subdomain: cardsmarketingcenteruat.citigroup.com
1199. [-] IP: 192.193.216.81
1200.  
1201. [+] Subdomain: directsalesagentuat.citigroup.com
1202. [-] IP: 192.193.133.225
1203.  
1204. [+] Subdomain: api.citiconnect.citigroup.com
1205. [-] IP: 192.193.104.58
1206.  
1207. [+] Subdomain: uat.api.citiconnect.citigroup.com
1208. [-] IP: 192.193.104.57
1209.  
1210. [+] Subdomain: uat11.citidirect.citigroup.com
1211. [-] IP: 192.193.182.209
1212.  
1213. [+] Subdomain: citidirectonlineuat11.citidirect.citigroup.com
1214. [-] IP: 192.193.182.206
1215.  
1216. [+] Subdomain: qc21.citidirect.citigroup.com
1217. [-] IP: 192.193.182.220
1218.  
1219. [+] Subdomain: highassuranceidentityqc21.citidirect.citigroup.com
1220. [-] IP: 192.193.218.131
1221.  
1222. [+] Subdomain: uat21.citidirect.citigroup.com
1223. [-] IP: 192.193.182.217
1224.  
1225. [+] Subdomain: testqc31.citidirect.citigroup.com
1226. [-] IP: 192.193.182.71
1227.  
1228. [+] Subdomain: highassuranceidentityqc31.citidirect.citigroup.com
1229. [-] IP: 192.193.182.74
1230.  
1231. [+] Subdomain: citidirectonline31.citidirect.citigroup.com
1232. [-] IP: 192.193.182.73
1233.  
1234. [+] Subdomain: uat31.citidirect.citigroup.com
1235. [-] IP: 192.193.182.230
1236.  
1237. [+] Subdomain: citidirectonlineuat31.citidirect.citigroup.com
1238. [-] IP: 192.193.182.243
1239.  
1240. [+] Subdomain: qc41.citidirect.citigroup.com
1241. [-] IP: 192.193.182.194
1242.  
1243. [+] Subdomain: citidirectonlineqc41.citidirect.citigroup.com
1244. [-] IP: 192.193.182.189
1245.  
1246. [+] Subdomain: uat1.citidirect.citigroup.com
1247. [-] IP: 192.193.182.113
1248.  
1249. [+] Subdomain: uat2.citidirect.citigroup.com
1250. [-] IP: 192.193.182.111
1251.  
1252. [+] Subdomain: pte.citidirect.citigroup.com
1253. [-] IP: 192.193.183.20
1254.  
1255. [+] Subdomain: customertest.citidirect.citigroup.com
1256. [-] IP: 192.193.182.227
1257.  
1258. [+] Subdomain: koreacitidirect.citigroup.com
1259. [-] IP: 192.193.81.179
1260.  
1261. [+] Subdomain: secureaccess.sit.citigroup.com
1262. [-] IP: 199.67.183.221
1263.  
1264. [+] Subdomain: uat2.directsalesagent.citigroup.com
1265. [-] IP: 192.193.173.164
1266.  
1267. [+] Subdomain: uatdirectsalesagent.citigroup.com
1268. [-] IP: 192.193.174.78
1269.  
1270. [+] Subdomain: thirdpartyassessment.citigroup.com
1271. [-] IP: 192.193.183.132
1272.  
1273. [+] Subdomain: remoteprint.citigroup.com
1274. [-] IP: 199.67.139.99
1275.  
1276. [+] Subdomain: www.electronicbillingtest.citigroup.com
1277. [-] IP: 199.67.139.56
1278.  
1279. [+] Subdomain: cookieutilitytest.citigroup.com
1280. [-] IP: 199.67.141.182
1281.  
1282. [+] Subdomain: smtpinbound-mpod-ru.citigroup.com
1283. [-] IP: 192.193.158.11
1284.  
1285. [+] Subdomain: uat2.customer360view.citigroup.com
1286. [-] IP: 192.193.174.80
1287.  
1288. [+] Subdomain: smtpinbound-new.citigroup.com
1289. [-] IP: 199.67.141.127
1290.  
1291. [+] Subdomain: cookieutility4x.citigroup.com
1292. [-] IP: 199.67.139.210
1293.  
1294. [+] Subdomain: cookieutility5x.citigroup.com
1295. [-] IP: 199.67.141.249
1296.  
1297. [+] Subdomain: www.equityindex.citigroup.com
1298. [-] IP: 199.67.139.151
1299.  
1300. [+] Subdomain: loansoperationscontingency.citigroup.com
1301. [-] IP: 199.67.183.157
1302.  
1303. [+] Subdomain: uat1.emailsurvey.citigroup.com
1304. [-] IP: 192.193.173.153
1305.  
1306. [+] Subdomain: pat.emailsurvey.citigroup.com
1307. [-] IP: 192.193.157.181
1308.  
1309. [+] Subdomain: uat.emailsurvey.citigroup.com
1310. [-] IP: 192.193.173.91
1311.  
1312. [+] Subdomain: filetransferuat.italy.citigroup.com
1313. [-] IP: 199.67.207.98
1314.  
1315. [+] Subdomain: bondexchange.disasterrecovery.citigroup.com
1316. [-] IP: 199.67.139.212
1317.  
1318. [+] Subdomain: dali.disasterrecovery.citigroup.com
1319. [-] IP: 192.193.218.106
1320.  
1321. [+] Subdomain: www.morningstar.disasterrecovery.citigroup.com
1322. [-] IP: 199.67.182.198
1323.  
1324. [+] Subdomain: www.travelplanner.disasterrecovery.citigroup.com
1325. [-] IP: 199.67.139.254
1326.  
1327. [+] Subdomain: tempworkers.disasterrecovery.citigroup.com
1328. [-] IP: 199.67.137.54
1329.  
1330. [+] Subdomain: ssbstatements.disasterrecovery.citigroup.com
1331. [-] IP: 199.67.139.38
1332.  
1333. [+] Subdomain: wealthplanneradvisory.citigroup.com
1334. [-] IP: 192.193.157.179
1335.  
1336. [+] Subdomain: uat2.wealthplanneradvisory.citigroup.com
1337. [-] IP: 199.67.137.44
1338.  
1339. [+] Subdomain: cookieutility.citigroup.com
1340. [-] IP: 199.67.137.43
1341. #######################################################################################################################################
1342. [?] Enter the target: example( http://domain.com )
1343. https://www.citigroup.com/citi/
1344. [!] IP Address : 104.98.33.172
1345. [!] www.citigroup.com doesn't seem to use a CMS
1346. [+] Honeypot Probabilty: 0%
1347. ---------------------------------------------------------------------------------------------------------------------------------------
1348. [~] Trying to gather whois information for www.citigroup.com
1349. [+] Whois information found
1350. [-] Unable to build response, visit https://who.is/whois/www.citigroup.com
1351. ---------------------------------------------------------------------------------------------------------------------------------------
1352. PORT STATE SERVICE
1353. 21/tcp filtered ftp
1354. 22/tcp filtered ssh
1355. 23/tcp filtered telnet
1356. 80/tcp open http
1357. 110/tcp filtered pop3
1358. 143/tcp filtered imap
1359. 443/tcp open https
1360. 3389/tcp filtered ms-wbt-server
1361. Nmap done: 1 IP address (1 host up) scanned in 3.20 seconds
1362. ---------------------------------------------------------------------------------------------------------------------------------------
1363. There was an error getting results
1364.  
1365. [-] DNS Records
1366. [>] Initiating 3 intel modules
1367. [>] Loading Alpha module (1/3)
1368. [>] Beta module deployed (2/3)
1369. [>] Gamma module initiated (3/3)
1370. No emails found
1371.  
1372. [+] Hosts found in search engines:
1373. ---------------------------------------------------------------------------------------------------------------------------------------
1374. [-] Resolving hostnames IPs...
1375. [+] Virtual hosts:
1376. ---------------------------------------------------------------------------------------------------------------------------------------
1377. #######################################################################################################################################
1378. ======================================================================================================================================
1379. | External hosts:
1380. | [+] External Host Found: https://news.citigroup.com
1381. | [+] External Host Found: http://online.wsj.com
1382. | [+] External Host Found: http://www.nyc.gov
1383. | [+] External Host Found: https://citigroup.com
1384. | [+] External Host Found: http://www.crainsnewyork.com
1385. | [+] External Host Found: https://cdns.gigya.com
1386. | [+] External Host Found: http://edge.media-server.com
1387. | [+] External Host Found: https://ajax.googleapis.com
1388. | [+] External Host Found: https://play.google.com
1389. | [+] External Host Found: http://www.iadb.org
1390. | [+] External Host Found: http://blog.citigroup.com
1391. | [+] External Host Found: https://www.linkedin.com
1392. | [+] External Host Found: https://plus.google.com
1393. | [+] External Host Found: http://citigroup.com
1394. | [+] External Host Found: http://www.citi.com
1395. | [+] External Host Found: http://www.surveyofmayors.com
1396. | [+] External Host Found: https://event.webcasts.com
1397. | [+] External Host Found: http://www.veracast.com
1398. | [+] External Host Found: http://instagram.com
1399. | [+] External Host Found: https://cc.talkpoint.com
1400. | [+] External Host Found: https://www.citivelocity.com
1401. | [+] External Host Found: https://www.facebook.com
1402. | [+] External Host Found: https://cdnjs.cloudflare.com
1403. | [+] External Host Found: http://www.huffingtonpost.com
1404. | [+] External Host Found: http://careers.citigroup.com
1405. | [+] External Host Found: https://twitter.com
1406. | [+] External Host Found: https://blog.citigroup.com
1407. | [+] External Host Found: http://cdn.gigya.com
1408. | [+] External Host Found: https://edge.media-server.com
1409. | [+] External Host Found: https://itunes.apple.com
1410. | [+] External Host Found: https://www.webcaster4.com
1411. | [+] External Host Found: http://www.homemattersamerica.com
1412. | [+] External Host Found: https://www.youtube.com
1413. | [+] External Host Found: https://www.veracast.com
1414. =======================================================================================================================================
1415. | E-mails:
1416. | [+] E-mail Found: infringementnotice@citi.com
1417. | [+] E-mail Found: msaleson@worldbank.org
1418. | [+] E-mail Found: navicon@2.png
1419. | [+] E-mail Found: anthony.ingham@citi.com,
1420. | [+] E-mail Found: ryann.gastwirth@ft.com
1421. | [+] E-mail Found: citiforcities@citi.com
1422. | [+] E-mail Found: kristina.eriksson@ft.com
1423. | [+] E-mail Found: csantospianesi@worldbank.org
1424. | [+] E-mail Found: rpost@worldbank.org
1425. =======================================================================================================================================
1426. #######################################################################################################################################
1427.  
1428. ; <<>> DiG 9.11.5-P1-1-Debian <<>> citigroup.com
1429. ;; global options: +cmd
1430. ;; Got answer:
1431. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35732
1432. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
1433.  
1434. ;; OPT PSEUDOSECTION:
1435. ; EDNS: version: 0, flags:; udp: 4096
1436. ;; QUESTION SECTION:
1437. ;citigroup.com. IN A
1438.  
1439. ;; ANSWER SECTION:
1440. citigroup.com. 3600 IN A 192.193.102.175
1441. citigroup.com. 3600 IN A 192.193.218.130
1442.  
1443. ;; Query time: 503 msec
1444. ;; SERVER: 27.50.70.139#53(27.50.70.139)
1445. ;; WHEN: sam jan 26 07:52:17 EST 2019
1446. ;; MSG SIZE rcvd: 74
1447. #######################################################################################################################################
1448. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace citigroup.com
1449. ;; global options: +cmd
1450. . 85379 IN NS b.root-servers.net.
1451. . 85379 IN NS k.root-servers.net.
1452. . 85379 IN NS e.root-servers.net.
1453. . 85379 IN NS j.root-servers.net.
1454. . 85379 IN NS g.root-servers.net.
1455. . 85379 IN NS m.root-servers.net.
1456. . 85379 IN NS i.root-servers.net.
1457. . 85379 IN NS a.root-servers.net.
1458. . 85379 IN NS l.root-servers.net.
1459. . 85379 IN NS f.root-servers.net.
1460. . 85379 IN NS d.root-servers.net.
1461. . 85379 IN NS c.root-servers.net.
1462. . 85379 IN NS h.root-servers.net.
1463. . 85379 IN RRSIG NS 8 0 518400 20190208050000 20190126040000 16749 . q3rKVHRQb5EcsI86uppQah+11q0MrACf+KdZ1Qpcu7OkWgpa17mr6Glj 06BKGkKp7Fl1oRZ8Lmzgd/DsEXwb+/1zG/m2hIDsbNkrBBv0Mw1cNb8s vSetOM+aOpggSzRKeZFjMIpZAVXj3dYIA0jdMuUXT+/myvTc3rBTNv6j +YLIV2l7500Jl54ZLiZC5v0B8y/limYOuwLu3T4zW238vO+xQYMluRXL H8K4p057sjUrFDlL2GSFKDw/DfPdgWEmhci/GwVZnzPEgKR1EN2yXxLC kvuw2SBF+cbku/zJM+3YTV7TfCwx1TuZkIuNUx1OiTs0HtoOyruzKv+B /C+XjQ==
1464. ;; Received 525 bytes from 27.50.70.139#53(27.50.70.139) in 354 ms
1465.  
1466. com. 172800 IN NS a.gtld-servers.net.
1467. com. 172800 IN NS b.gtld-servers.net.
1468. com. 172800 IN NS c.gtld-servers.net.
1469. com. 172800 IN NS d.gtld-servers.net.
1470. com. 172800 IN NS e.gtld-servers.net.
1471. com. 172800 IN NS f.gtld-servers.net.
1472. com. 172800 IN NS g.gtld-servers.net.
1473. com. 172800 IN NS h.gtld-servers.net.
1474. com. 172800 IN NS i.gtld-servers.net.
1475. com. 172800 IN NS j.gtld-servers.net.
1476. com. 172800 IN NS k.gtld-servers.net.
1477. com. 172800 IN NS l.gtld-servers.net.
1478. com. 172800 IN NS m.gtld-servers.net.
1479. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
1480. com. 86400 IN RRSIG DS 8 1 86400 20190208050000 20190126040000 16749 . ZeR2FbDpSLBwWOA4vLlGMLGdnK2cia5MyTI1XW4R6nx5Ue//c+/xanKi NtxEKMJZmMsEXfAH0x20a949IHTdKoAjesDj0tLAGTTCPnEp7WdI/5Zg tp5mnmvYJoIpvCA397vZqoA/oJNpbKJzJ7dZQkUT0udi9p9wQzPuK4gm 77kRluvcmPTfjdK+EKAp3XpH5TRjBZF7nK7RBjQylQrWt+vkhscPUiiP f9FHgFdU8Lki8sjcnhkQWMRsv+hcueR+p336Tgluonyk2+PZ68oL4cFu VZQo3dif2Ot2ruSVyQ+22FtZSeB/PY71gEkWQgocuxW/xUgOoBef6v3t eaAxlw==
1481. ;; Received 1173 bytes from 2001:7fd::1#53(k.root-servers.net) in 66 ms
1482.  
1483. citigroup.com. 172800 IN NS ns2.nsroot2.com.
1484. citigroup.com. 172800 IN NS ns1.nsroot1.com.
1485. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
1486. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190131054530 20190124043530 16883 com. eg1n7WXtR3qpZdjJTrXm3VEqhRWwaMXbomHWLWO3+Mixz/f/h6DBNEre p2ua4BLyXKu6ZjFFeqpMWacSSLUULHt7U50ag5dJJm6EaSRunqsddPSX GLpVrikC+Xh4Y1de3bMzgz//7+/+GgNLHeGr+ko+KcS2D//B5sz+LmEb oqw=
1487. I718T8Q0KPNQV4G44E96D1TH3156K9OD.com. 86400 IN NSEC3 1 1 0 - I719C2LSHBNNKNSOI65BC91CL3VMBESV NS DS RRSIG
1488. I718T8Q0KPNQV4G44E96D1TH3156K9OD.com. 86400 IN RRSIG NSEC3 8 2 86400 20190131053555 20190124042555 16883 com. PacJXoQ1qpEYb8VplZ2RUnREIPl8gRAv1/Y6C3/6rqdEUiyCh5Bgk25y QulEL44B/fd4rnrZt2/9i8hMXatCJNlrBOZbj0jMJhi18eFMPC8rDR// ihJYuQz3JSYFPV7kGR3tyTeT3zk3zxGhHG1fLF+SXybZIc/3Q2H7k4z7 4DQ=
1489. ;; Received 611 bytes from 192.48.79.30#53(j.gtld-servers.net) in 479 ms
1490.  
1491. citigroup.com. 3600 IN A 192.193.102.175
1492. citigroup.com. 3600 IN A 192.193.218.130
1493. citigroup.com. 3600 IN NS ns1.nsroot1.com.
1494. citigroup.com. 3600 IN NS ns2.nsroot2.com.
1495. ;; Received 126 bytes from 69.36.145.33#53(ns2.nsroot2.com) in 423 ms
1496. #######################################################################################################################################
1497. Traceroute 'www.citigroup.com '
1498. ---------------------------------------------------------------------------------------------------------------------------------------
1499.  
1500. Start: 2019-01-26T12:54:20+0000
1501. HOST: web01 Loss% Snt Last Avg Best Wrst StDev
1502. 1.|-- 45.79.12.201 0.0% 3 1.2 0.9 0.6 1.2 0.3
1503. 2.|-- 45.79.12.4 0.0% 3 0.7 0.7 0.7 0.7 0.0
1504. 3.|-- dls-b22-link.telia.net 0.0% 3 1.3 1.0 0.8 1.3 0.2
1505. 4.|-- dls-b21-link.telia.net 0.0% 3 2.2 2.0 1.4 2.5 0.6
1506. 5.|-- dls-b23-link.telia.net 0.0% 3 1.4 1.5 1.4 1.5 0.1
1507. 6.|-- akamai-ic-341035-dls-b21.c.telia.net 0.0% 3 37.9 38.0 37.7 38.2 0.3
1508. 7.|-- ae16.cyrusone-dfw.netarch.akamai.com 0.0% 3 2.6 8.6 2.6 19.5 9.4
1509. 8.|-- a23-193-81-104.deploy.static.akamaitechnologies.com 0.0% 3 2.1 2.0 1.7 2.3 0.3
1510. #######################################################################################################################################
1511. [*] Performing General Enumeration of Domain: citigroup.com
1512. [-] DNSSEC is not configured for citigroup.com
1513. [*] SOA ns1.nsroot1.com 209.112.114.33
1514. [*] NS ns1.nsroot1.com 209.112.114.33
1515. [*] NS ns2.nsroot2.com 69.36.145.33
1516. [*] MX mx-a.mail.citi.com 67.231.145.106
1517. [*] MX mx-b.mail.citi.com 67.231.153.94
1518. [*] A citigroup.com 192.193.102.175
1519. [*] A citigroup.com 192.193.218.130
1520. [*] TXT citigroup.com facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn
1521. [*] TXT citigroup.com v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com
1522. [*] Enumerating SRV Records
1523. [-] No SRV Records Found for citigroup.com
1524. [+] 0 Records Found
1525. #######################################################################################################################################
1526. [*] Processing domain citigroup.com
1527. [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
1528. [+] Getting nameservers
1529. 209.112.114.33 - ns1.nsroot1.com
1530. 69.36.145.33 - ns2.nsroot2.com
1531. [-] Zone transfer failed
1532.  
1533. [+] TXT records found
1534. "facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn"
1535. "v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com"
1536.  
1537. [+] MX records found, added to target list
1538. 5 mx-a.mail.citi.com.
1539. 5 mx-b.mail.citi.com.
1540.  
1541. [*] Scanning citigroup.com for A records
1542. 192.193.102.175 - citigroup.com
1543. 192.193.218.130 - citigroup.com
1544. 146.20.81.168 - blog.citigroup.com
1545. 116.255.21.208 - careers.citigroup.com
1546. 116.255.21.202 - careers.citigroup.com
1547. 63.131.135.125 - jobs.citigroup.com
1548. 192.193.183.206 - login.citigroup.com
1549. 116.255.21.202 - m.citigroup.com
1550. 116.255.21.208 - m.citigroup.com
1551. 192.193.71.4 - mail.citigroup.com
1552. 199.67.141.124 - mail.citigroup.com
1553. 192.193.96.36 - mail.citigroup.com
1554. 199.67.141.127 - mail.citigroup.com
1555. 192.193.193.95 - mail.citigroup.com
1556. 199.67.141.25 - mail.citigroup.com
1557. 192.193.96.33 - mail.citigroup.com
1558. 192.193.96.35 - mail.citigroup.com
1559. 192.193.222.93 - mail.citigroup.com
1560. 192.193.96.34 - mail.citigroup.com
1561. 192.193.219.201 - mail.citigroup.com
1562. 192.193.71.3 - mail.citigroup.com
1563. 192.193.219.200 - mail.citigroup.com
1564. 173.231.190.151 - news.citigroup.com
1565. 192.193.173.102 - training.citigroup.com
1566. 104.98.33.172 - www.citigroup.com
1567. 12.184.233.165 - www2.citigroup.com
1568. #######################################################################################################################################
1569. Ip Address Status Type Domain Name Server
1570. ---------- ------ ---- ----------- ------
1571. 146.20.81.168 301 host blog.citigroup.com
1572. 116.255.21.208 403 alias careers.citigroup.com
1573. 116.255.21.208 403 alias www2.citi.com
1574. 116.255.21.208 403 alias citi.mdc.edgesuite.net
1575. 116.255.21.208 403 host a1168.b.akamai.net
1576. 116.255.21.202 403 host a1168.b.akamai.net
1577. 63.131.135.125 301 host jobs.citigroup.com
1578. 192.193.183.206 503 host login.citigroup.com
1579. 116.255.21.202 403 alias m.citigroup.com
1580. 116.255.21.202 403 alias www2.citi.com
1581. 116.255.21.202 403 alias citi.mdc.edgesuite.net
1582. 116.255.21.202 403 host a1168.b.akamai.net
1583. 116.255.21.208 403 host a1168.b.akamai.net
1584. 192.193.71.4 host mail.citigroup.com
1585. 199.67.141.124 host mail.citigroup.com
1586. 192.193.96.36 host mail.citigroup.com
1587. 199.67.141.127 host mail.citigroup.com
1588. 192.193.193.95 host mail.citigroup.com
1589. 199.67.141.25 host mail.citigroup.com
1590. 192.193.96.33 host mail.citigroup.com
1591. 192.193.96.35 host mail.citigroup.com
1592. 192.193.222.93 host mail.citigroup.com
1593. 192.193.96.34 host mail.citigroup.com
1594. 192.193.219.201 host mail.citigroup.com
1595. 192.193.71.3 host mail.citigroup.com
1596. 192.193.219.200 host mail.citigroup.com
1597. 173.231.190.151 200 host news.citigroup.com
1598. 192.193.173.102 302 host training.citigroup.com
1599. 104.98.33.172 302 alias www.citigroup.com
1600. 104.98.33.172 302 alias san.www.citi.com.edgekey.net
1601. 104.98.33.172 302 host e16976.x.akamaiedge.net
1602. 12.184.233.165 503 host www2.citigroup.com
1603. #######################################################################################################################################
1604. ====================================================================================
1605. GATHERING DNS INFO
1606. ====================================================================================
1607. dnsenum VERSION:1.2.4
1608.  
1609. ----- www.citigroup.com -----
1610.  
1611.  
1612. Host's addresses:
1613. __________________
1614.  
1615. e16976.x.akamaiedge.net. 4 IN A 104.98.33.172
1616.  
1617.  
1618. Name Servers:
1619. ______________
1620. #######################################################################################################################################
1621. ---------------------------------------------------------------------------------------------------------------------------------------
1622.  
1623.  
1624. [x] Error downloading /webhp?hl=en-CA
1625. [2/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedule_lon_plc.pdf
1626. [3/25] http://www.citigroup.com/ipb/europe/pdfs/keyfact_adv_lon_plc.pdf
1627. [4/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_lon.pdf
1628. [x] Error in PDF metadata Software
1629. [x] Error in PDF metadata Creator
1630. [5/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_plc_0113.pdf
1631. [6/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_lon_plc.pdf
1632. [x] Error in PDF metadata Software
1633. [x] Error in PDF metadata Creator
1634. [7/25] https://www.citigroup.com/citi/about/data/ukr_finq033118_interim.pdf
1635. [x] Error in the parsing process
1636. [8/25] http://www.citigroup.com/privatebank/lawassociates/pdfs/mort.pdf
1637. [x] Error in the parsing process
1638. [9/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedulelondon_aug.pdf
1639. [10/25] https://www.citigroup.com/citi/crs/newsroom/2016_0223a.pdf
1640. [x] Error in the parsing process
1641. [11/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedule_1102.pdf
1642. [12/25] https://www.citigroup.com/australia/awards/entry-form.pdf
1643. [x] Error in the parsing process
1644. [13/25] http://www.citigroup.com/ipb/europe/pdfs/keyfacts_combined.pdf
1645. [14/25] http://www.citigroup.com/ipb/europe/pdfs/saver_tc.pdf
1646. [15/25] https://www.citigroup.com/citi/crs/newsroom/2014_1201a.pdf
1647. [x] Error in the parsing process
1648. [16/25] http://www.citigroup.com/uae/consumer/info/pdf/insurance_2.pdf
1649. [x] Error in the parsing process
1650. [17/25] http://www.citigroup.com/slovakia/homepage/slovak/docs/tvorba_ks.pdf
1651. [x] Error in the parsing process
1652. [18/25] http://www.citigroup.com/uae/consumer/info/pdf/insurance_1.pdf
1653. [x] Error in the parsing process
1654. [19/25] https://www.citigroup.com/citi/investor/data/ar10cp.pdf%3FieNocache%3D165
1655. [x] Error in the parsing process
1656. [20/25] https://www.citigroup.com/citi/foundation/pdf/2008_CitizenshipReport.pdf%3FieNocache%3D155
1657. [x] Error in the parsing process
1658. [21/25] https://www.citigroup.com/citi/citizen/community/data/2013/citi_ca.pdf
1659. [x] Error in the parsing process
1660. [22/25] https://www.citigroup.com/citi/citizen/community/data/2013/citi_md_es.pdf
1661. [x] Error in the parsing process
1662. [23/25] https://www.citigroup.com/icg/sa/citicommunitycapital/docs/affordable_housing-042516.pdf
1663. [x] Error in the parsing process
1664. [24/25] https://www.citigroup.com/citi/foundation/pdf/2007_CitizenshipReport.pdf%3FieNocache%3D155
1665. [x] Error in the parsing process
1666. [25/25] https://www.citigroup.com/icg/docs/Opportunity_Zone_Client_Update20180912.pdf
1667. ---------------------------------------------------------------------------------------------------------------------------------------
1668.  
1669. [+] List of users found:
1670. ---------------------------------------------------------------------------------------------------------------------------------------
1671. Nolte, Clifford [ICG]
1672. Majid, Irfan [CCC-OT_IT]
1673. sunnyjuttla
1674. Unknown User
1675. Zlotoff, Jacob [ICG-MKTS]
1676. Leo Bazil
1677. Dan O'Connor
1678. Leo Bazil
1679. Dan O'Connor
1680. Leo Bazil
1681. Dan O'Connor
1682. Leo Bazil
1683. Dan O'Connor
1684. Leo Bazil
1685. Dan O'Connor
1686. Leo Bazil
1687. Dan O'Connor
1688. Leo Bazil
1689. Dan O'Connor
1690. Leo Bazil
1691. Dan O'Connor
1692. Leo Bazil
1693. Dan O'Connor
1694.  
1695. [+] List of software found:
1696. --------------------------------------------------------------------------------------------------------------------------------------
1697. Microsoft Office Word
1698. FullPress 16.02 RIP 8.54 43664
1699. Adobe InDesign CS3 (5.0.1)
1700. Adobe PDF Library 10.0.1
1701. Adobe InDesign CS6 (Macintosh)
1702. Adobe InDesign CS4 (6.0)
1703. Adobe PDF Library 15.0
1704. Acrobat PDFMaker 15 for Word
1705. Microsoft Excel
1706. Microsoft Excel
1707. Microsoft Excel
1708. Microsoft Excel
1709. Microsoft Excel
1710. Microsoft Excel
1711. Microsoft Excel
1712. Microsoft Excel
1713. Microsoft Excel
1714. #######################################################################################################################################
1715.  
1716. Running Source: Ask
1717. Running Source: Archive.is
1718. Running Source: Baidu
1719. Running Source: Bing
1720. Running Source: CertDB
1721. Running Source: CertificateTransparency
1722. Running Source: Certspotter
1723. Running Source: Commoncrawl
1724. Running Source: Crt.sh
1725. Running Source: Dnsdb
1726. Running Source: DNSDumpster
1727. Running Source: DNSTable
1728. Running Source: Dogpile
1729. Running Source: Exalead
1730. Running Source: Findsubdomains
1731. Running Source: Googleter
1732. Running Source: Hackertarget
1733. Running Source: Ipv4Info
1734. Running Source: PTRArchive
1735. Running Source: Sitedossier
1736. Running Source: Threatcrowd
1737. Running Source: ThreatMiner
1738. Running Source: WaybackArchive
1739. Running Source: Yahoo
1740.  
1741. Running enumeration on www.citigroup.com
1742.  
1743. dnsdb: Unexpected return status 503
1744.  
1745. crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
1746.  
1747. waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.citigroup.com/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.citigroup.com/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
1748.  
1749.  
1750. Starting Bruteforcing of www.citigroup.com with 9985 words
1751.  
1752. Total 1 Unique subdomains found for www.citigroup.com
1753.  
1754. .www.citigroup.com
1755. #######################################################################################################################################
1756. [+] www.citigroup.com has no SPF record!
1757. [*] No DMARC record found. Looking for organizational record
1758. [*] Found organizational DMARC record:
1759. [*] v=DMARC1; p=reject; rua=mailto:citi@rua.agari.com,mailto:dmarc.reports.rua@citi.com
1760. [*] No explicit organizational subdomain policy. Defaulting to organizational policy
1761. [-] DMARC policy set to reject
1762. [-] Spoofing not possible for www.citigroup.com
1763. #######################################################################################################################################
1764. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:56 EST
1765. Nmap scan report for www.citigroup.com (104.98.33.172)
1766. Host is up (0.24s latency).
1767. rDNS record for 104.98.33.172: a104-98-33-172.deploy.static.akamaitechnologies.com
1768. Not shown: 471 filtered ports, 3 closed ports
1769. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1770. PORT STATE SERVICE
1771. 80/tcp open http
1772. 443/tcp open https
1773. #######################################################################################################################################
1774. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:56 EST
1775. Nmap scan report for www.citigroup.com (104.98.33.172)
1776. Host is up (0.23s latency).
1777. rDNS record for 104.98.33.172: a104-98-33-172.deploy.static.akamaitechnologies.com
1778. Not shown: 2 filtered ports
1779. PORT STATE SERVICE
1780. 53/udp open|filtered domain
1781. 67/udp open|filtered dhcps
1782. 68/udp open|filtered dhcpc
1783. 69/udp open|filtered tftp
1784. 88/udp open|filtered kerberos-sec
1785. 123/udp open|filtered ntp
1786. 139/udp open|filtered netbios-ssn
1787. 161/udp open|filtered snmp
1788. 162/udp open|filtered snmptrap
1789. 389/udp open|filtered ldap
1790. 520/udp open|filtered route
1791. 2049/udp open|filtered nfs
1792. #######################################################################################################################################
1793. http://www.citigroup.com [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/]
1794. https://www.citigroup.com/ [301 Moved Permanently] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[http://www.citigroup.com/citi/]
1795. http://www.citigroup.com/citi/ [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/citi/]
1796. https://www.citigroup.com/citi/ [200 OK] Country[UNITED STATES][US], HTML5, IP[104.98.33.172], Meta-Refresh-Redirect[/citi/noscript.html], Script, Title[Citi | Responsible Finance - Financial Ingenuity - Global Bank], X-UA-Compatible[IE=edge]
1797. https://www.citigroup.com/citi/noscript.html [200 OK] Country[UNITED STATES][US], IP[104.98.33.172], Title[Citibank Online]
1798. #######################################################################################################################################
1799. wig - WebApp Information Gatherer
1800.  
1801.  
1802. Scanning https://www.citigroup.com...
1803. ______________________ SITE INFO ______________________
1804. IP Title
1805. 104.98.33.172 Citi | Responsible Finance - Financi
1806.  
1807. _______________________ VERSION _______________________
1808. Name Versions Type
1809. akamaighost Platform
1810.  
1811. _____________________ INTERESTING _____________________
1812. URL Note Type
1813. /readme.html Readme file Interesting
1814. /install.php Installation file Interesting
1815. /test.php Test file Interesting
1816.  
1817. _______________________________________________________
1818. Time: 118.3 sec Urls: 618 Fingerprints: 40401
1819. #######################################################################################################################################
1820. HTTP/1.1 302 Found
1821. Date: Sat, 26 Jan 2019 12:59:00 GMT
1822. Content-Length: 0
1823. Location: https://www.citigroup.com/
1824. Connection: keep-alive
1825.  
1826. HTTP/1.1 302 Found
1827. Date: Sat, 26 Jan 2019 12:59:01 GMT
1828. Content-Length: 0
1829. Location: https://www.citigroup.com/
1830. Connection: keep-alive
1831.  
1832. HTTP/1.1 403 Forbidden
1833. Server: AkamaiGHost
1834. Mime-Version: 1.0
1835. Content-Type: text/html
1836. Content-Length: 266
1837. Expires: Sat, 26 Jan 2019 12:59:03 GMT
1838. Date: Sat, 26 Jan 2019 12:59:03 GMT
1839. Connection: close
1840. ######################################################################################################################################
1841. Could not open input file: 1
1842. + -- --=[Port 110 closed... skipping.
1843. + -- --=[Port 111 closed... skipping.
1844. + -- --=[Port 123 closed... skipping.
1845. + -- --=[Port 135 closed... skipping.
1846. + -- --=[Port 137 closed... skipping.
1847. + -- --=[Port 139 closed... skipping.
1848. + -- --=[Port 161 closed... skipping.
1849. + -- --=[Port 162 closed... skipping.
1850. + -- --=[Port 389 closed... skipping.
1851. + -- --=[Port 443 opened... running tests...
1852. ====================================================================================
1853. CHECKING FOR WAF
1854. ====================================================================================
1855.  
1856. ^ ^
1857. _ __ _ ____ _ __ _ _ ____
1858. ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1859. | V V // o // _/ | V V // 0 // 0 // _/
1860. |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1861. <
1862. ...'
1863.  
1864. WAFW00F - Web Application Firewall Detection Tool
1865.  
1866. By Sandro Gauci && Wendel G. Henrique
1867.  
1868. Checking https://www.citigroup.com
1869. Generic Detection results:
1870. No WAF detected by the generic detection
1871. Number of requests: 14
1872. #######################################################################################################################################
1873. https://www.citigroup.com [301 Moved Permanently] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[http://www.citigroup.com/citi/]
1874. http://www.citigroup.com/citi/ [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/citi/]
1875. https://www.citigroup.com/citi/ [200 OK] Country[UNITED STATES][US], HTML5, IP[104.98.33.172], Meta-Refresh-Redirect[/citi/noscript.html], Script, Title[Citi | Responsible Finance - Financial Ingenuity - Global Bank], X-UA-Compatible[IE=edge]
1876. https://www.citigroup.com/citi/noscript.html [200 OK] Country[UNITED STATES][US], IP[104.98.33.172], Title[Citibank Online]
1877. #######################################################################################################################################
1878.  
1879. wig - WebApp Information Gatherer
1880.  
1881.  
1882. Scanning https://www.citigroup.com...
1883. _________________ SITE INFO _________________
1884. IP Title
1885. 104.98.33.172 Citi | Responsible Finance -
1886.  
1887. __________________ VERSION __________________
1888. Name Versions Type
1889. akamaighost Platform
1890.  
1891. _____________________________________________
1892. Time: 1.6 sec Urls: 618 Fingerprints: 40401
1893. #######################################################################################################################################
1894. HTTP/1.1 403 Forbidden
1895. Server: AkamaiGHost
1896. Mime-Version: 1.0
1897. Content-Type: text/html
1898. Content-Length: 266
1899. Expires: Sat, 26 Jan 2019 13:00:20 GMT
1900. Date: Sat, 26 Jan 2019 13:00:20 GMT
1901. Connection: close
1902.  
1903. HTTP/1.1 403 Forbidden
1904. Server: AkamaiGHost
1905. Mime-Version: 1.0
1906. Content-Type: text/html
1907. Content-Length: 266
1908. Expires: Sat, 26 Jan 2019 13:00:21 GMT
1909. Date: Sat, 26 Jan 2019 13:00:21 GMT
1910. Connection: close
1911. #######################################################################################################################################
1912. Version: 1.11.12-static
1913. OpenSSL 1.0.2-chacha (1.0.2g-dev)
1914.  
1915. Connected to 104.98.33.172
1916.  
1917. Testing SSL server www.citigroup.com on port 443 using SNI name www.citigroup.com
1918.  
1919. TLS Fallback SCSV:
1920. Server supports TLS Fallback SCSV
1921.  
1922. TLS renegotiation:
1923. Session renegotiation not supported
1924.  
1925. TLS Compression:
1926. Compression disabled
1927.  
1928. Heartbleed:
1929. TLS 1.2 not vulnerable to heartbleed
1930. TLS 1.1 not vulnerable to heartbleed
1931. TLS 1.0 not vulnerable to heartbleed
1932.  
1933. Supported Server Cipher(s):
1934. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1935. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1936. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1937. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1938. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
1939. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
1940. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
1941. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
1942. Accepted TLSv1.2 256 bits AES256-SHA256
1943. Accepted TLSv1.2 256 bits AES256-SHA
1944. Accepted TLSv1.2 128 bits AES128-SHA256
1945. Accepted TLSv1.2 128 bits AES128-SHA
1946.  
1947. SSL Certificate:
1948. Signature Algorithm: sha256WithRSAEncryption
1949. RSA Key Strength: 2048
1950.  
1951. Subject: www.citi.com
1952. Altnames: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
1953. Issuer: DigiCert SHA2 Extended Validation Server CA
1954.  
1955. Not valid before: Sep 4 00:00:00 2018 GMT
1956. Not valid after: Jan 2 12:00:00 2020 GMT
1957. #######################################################################################################################################
1958. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
1959. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
1960. Host is up (0.24s latency).
1961. Not shown: 471 filtered ports, 3 closed ports
1962. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1963. PORT STATE SERVICE
1964. 80/tcp open http
1965. 443/tcp open https
1966. #######################################################################################################################################
1967. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
1968. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
1969. Host is up (0.23s latency).
1970. Not shown: 2 filtered ports
1971. PORT STATE SERVICE
1972. 53/udp open|filtered domain
1973. 67/udp open|filtered dhcps
1974. 68/udp open|filtered dhcpc
1975. 69/udp open|filtered tftp
1976. 88/udp open|filtered kerberos-sec
1977. 123/udp open|filtered ntp
1978. 139/udp open|filtered netbios-ssn
1979. 161/udp open|filtered snmp
1980. 162/udp open|filtered snmptrap
1981. 389/udp open|filtered ldap
1982. 520/udp open|filtered route
1983. 2049/udp open|filtered nfs
1984. #######################################################################################################################################
1985. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
1986. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
1987. Host is up (0.12s latency).
1988.  
1989. PORT STATE SERVICE VERSION
1990. 67/udp open|filtered dhcps
1991. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
1992. Too many fingerprints match this host to give specific OS details
1993. Network Distance: 10 hops
1994.  
1995. TRACEROUTE (using proto 1/icmp)
1996. HOP RTT ADDRESS
1997. 1 230.70 ms 10.248.200.1
1998. 2 230.72 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
1999. 3 231.50 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2000. 4 231.52 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2001. 5 244.87 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2002. 6 370.53 ms 4826.hkg.equinix.com (119.27.63.115)
2003. 7 346.60 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2004. 8 346.63 ms 114.31.192.39
2005. 9 353.57 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2006. 10 345.69 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2007. #######################################################################################################################################
2008. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:42 EST
2009. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2010. Host is up (0.12s latency).
2011.  
2012. PORT STATE SERVICE VERSION
2013. 68/udp open|filtered dhcpc
2014. Too many fingerprints match this host to give specific OS details
2015. Network Distance: 10 hops
2016.  
2017. TRACEROUTE (using proto 1/icmp)
2018. HOP RTT ADDRESS
2019. 1 228.58 ms 10.248.200.1
2020. 2 228.62 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
2021. 3 229.34 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2022. 4 229.95 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2023. 5 229.38 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2024. 6 368.19 ms 4826.hkg.equinix.com (119.27.63.115)
2025. 7 344.24 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2026. 8 344.26 ms 114.31.192.39
2027. 9 483.46 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2028. 10 343.48 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2029. #######################################################################################################################################
2030. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:44 EST
2031. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2032. Host is up (0.13s latency).
2033.  
2034. PORT STATE SERVICE VERSION
2035. 69/udp open|filtered tftp
2036. Too many fingerprints match this host to give specific OS details
2037. Network Distance: 10 hops
2038.  
2039. TRACEROUTE (using proto 1/icmp)
2040. HOP RTT ADDRESS
2041. 1 229.32 ms 10.248.200.1
2042. 2 229.37 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
2043. 3 230.15 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2044. 4 230.75 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2045. 5 230.21 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2046. 6 369.10 ms 4826.hkg.equinix.com (119.27.63.115)
2047. 7 345.57 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2048. 8 345.18 ms 114.31.192.39
2049. 9 346.96 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2050. 10 344.41 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2051. #######################################################################################################################################
2052. wig - WebApp Information Gatherer
2053.  
2054.  
2055. Scanning http://104.98.33.172...
2056. ______________________ SITE INFO ______________________
2057. IP Title
2058. 104.98.33.172
2059.  
2060. _______________________ VERSION _______________________
2061. Name Versions Type
2062.  
2063. _____________________ INTERESTING _____________________
2064. URL Note Type
2065. /readme.html Readme file Interesting
2066. /install.php Installation file Interesting
2067. /test.php Test file Interesting
2068. /test.htm Test file Interesting
2069.  
2070. _______________________________________________________
2071. Time: 113.0 sec Urls: 598 Fingerprints: 40401
2072. #######################################################################################################################################
2073. HTTP/1.1 400 Bad Request
2074. Mime-Version: 1.0
2075. Content-Type: text/html
2076. Content-Length: 208
2077. Expires: Sat, 26 Jan 2019 12:49:24 GMT
2078. Date: Sat, 26 Jan 2019 12:49:24 GMT
2079. Connection: keep-alive
2080.  
2081. HTTP/1.1 400 Bad Request
2082. Mime-Version: 1.0
2083. Content-Type: text/html
2084. Content-Length: 208
2085. Expires: Sat, 26 Jan 2019 12:49:24 GMT
2086. Date: Sat, 26 Jan 2019 12:49:24 GMT
2087. Connection: keep-alive
2088. #######################################################################################################################################
2089. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:49 EST
2090. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2091. Host is up (0.12s latency).
2092.  
2093. PORT STATE SERVICE VERSION
2094. 123/udp open|filtered ntp
2095. Too many fingerprints match this host to give specific OS details
2096. Network Distance: 10 hops
2097.  
2098. TRACEROUTE (using proto 1/icmp)
2099. HOP RTT ADDRESS
2100. 1 229.69 ms 10.248.200.1
2101. 2 229.72 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
2102. 3 230.27 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2103. 4 232.64 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2104. 5 230.63 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2105. 6 369.34 ms 4826.hkg.equinix.com (119.27.63.115)
2106. 7 345.56 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2107. 8 355.62 ms 114.31.192.39
2108. 9 348.33 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2109. 10 344.59 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2110. #######################################################################################################################################
2111. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:51 EST
2112. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2113. Host is up (0.28s latency).
2114.  
2115. PORT STATE SERVICE VERSION
2116. 161/tcp filtered snmp
2117. 161/udp open|filtered snmp
2118. Too many fingerprints match this host to give specific OS details
2119. Network Distance: 10 hops
2120.  
2121. TRACEROUTE (using proto 1/icmp)
2122. HOP RTT ADDRESS
2123. 1 229.47 ms 10.248.200.1
2124. 2 229.50 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
2125. 3 229.51 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2126. 4 230.51 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2127. 5 229.54 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2128. 6 368.30 ms 4826.hkg.equinix.com (119.27.63.115)
2129. 7 344.32 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2130. 8 344.36 ms 114.31.192.39
2131. 9 346.73 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2132. 10 343.58 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2133. #######################################################################################################################################
2134. Version: 1.11.12-static
2135. OpenSSL 1.0.2-chacha (1.0.2g-dev)
2136.  
2137. Connected to 104.98.33.172
2138.  
2139. Testing SSL server 104.98.33.172 on port 443 using SNI name 104.98.33.172
2140.  
2141. TLS Fallback SCSV:
2142. Server supports TLS Fallback SCSV
2143.  
2144. TLS renegotiation:
2145. Session renegotiation not supported
2146.  
2147. TLS Compression:
2148. Compression disabled
2149.  
2150. Heartbleed:
2151. TLS 1.2 not vulnerable to heartbleed
2152. TLS 1.1 not vulnerable to heartbleed
2153. TLS 1.0 not vulnerable to heartbleed
2154.  
2155. Supported Server Cipher(s):
2156. Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2157. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2158. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2159. Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2160. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2161. Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2162. Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2163. Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2164. Accepted TLSv1.2 256 bits AES256-SHA256
2165. Accepted TLSv1.2 256 bits AES256-SHA
2166. Accepted TLSv1.2 128 bits AES128-SHA256
2167. Accepted TLSv1.2 128 bits AES128-SHA
2168.  
2169. SSL Certificate:
2170. Signature Algorithm: sha256WithRSAEncryption
2171. RSA Key Strength: 2048
2172.  
2173. Subject: www.citi.com
2174. Altnames: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
2175. Issuer: DigiCert SHA2 Extended Validation Server CA
2176.  
2177. Not valid before: Sep 4 00:00:00 2018 GMT
2178. Not valid after: Jan 2 12:00:00 2020 GMT
2179. #######################################################################################################################################
2180. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 08:00 EST
2181. NSE: Loaded 148 scripts for scanning.
2182. NSE: Script Pre-scanning.
2183. NSE: Starting runlevel 1 (of 2) scan.
2184. Initiating NSE at 08:00
2185. Completed NSE at 08:00, 0.00s elapsed
2186. NSE: Starting runlevel 2 (of 2) scan.
2187. Initiating NSE at 08:00
2188. Completed NSE at 08:00, 0.00s elapsed
2189. Initiating Ping Scan at 08:00
2190. Scanning 104.98.33.172 [4 ports]
2191. Completed Ping Scan at 08:00, 0.28s elapsed (1 total hosts)
2192. Initiating Parallel DNS resolution of 1 host. at 08:00
2193. Completed Parallel DNS resolution of 1 host. at 08:00, 0.02s elapsed
2194. Initiating Connect Scan at 08:00
2195. Scanning a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172) [1000 ports]
2196. Discovered open port 443/tcp on 104.98.33.172
2197. Discovered open port 80/tcp on 104.98.33.172
2198. Completed Connect Scan at 08:01, 18.47s elapsed (1000 total ports)
2199. Initiating Service scan at 08:01
2200. Scanning 2 services on a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2201. Completed Service scan at 08:01, 36.12s elapsed (2 services on 1 host)
2202. Initiating OS detection (try #1) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2203. Retrying OS detection (try #2) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2204. Initiating Traceroute at 08:01
2205. Completed Traceroute at 08:01, 0.38s elapsed
2206. Initiating Parallel DNS resolution of 10 hosts. at 08:01
2207. Completed Parallel DNS resolution of 10 hosts. at 08:02, 16.50s elapsed
2208. NSE: Script scanning 104.98.33.172.
2209. NSE: Starting runlevel 1 (of 2) scan.
2210. Initiating NSE at 08:02
2211. Completed NSE at 08:02, 16.19s elapsed
2212. NSE: Starting runlevel 2 (of 2) scan.
2213. Initiating NSE at 08:02
2214. Completed NSE at 08:02, 0.00s elapsed
2215. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2216. Host is up, received reset ttl 64 (0.25s latency).
2217. Scanned at 2019-01-26 08:00:41 EST for 95s
2218. Not shown: 995 filtered ports
2219. Reason: 995 no-responses
2220. PORT STATE SERVICE REASON VERSION
2221. 25/tcp closed smtp conn-refused
2222. 80/tcp open http-proxy syn-ack Squid http proxy
2223. |_http-open-proxy: Proxy might be redirecting requests
2224. |_http-title: Invalid URL
2225. 139/tcp closed netbios-ssn conn-refused
2226. 443/tcp open ssl/http syn-ack AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
2227. | ssl-cert: Subject: commonName=www.citi.com/organizationName=Citigroup Inc./stateOrProvinceName=New York/countryName=US/serialNumber=2154254/jurisdictionStateOrProvinceName=Delaware/localityName=New York/organizationalUnitName=Web Hosting Group/businessCategory=Private Organization/jurisdictionCountryName=US
2228. | Subject Alternative Name: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
2229. | Issuer: commonName=DigiCert SHA2 Extended Validation Server CA/organizationName=DigiCert Inc/countryName=US/organizationalUnitName=www.digicert.com
2230. | Public Key type: rsa
2231. | Public Key bits: 2048
2232. | Signature Algorithm: sha256WithRSAEncryption
2233. | Not valid before: 2018-09-04T00:00:00
2234. | Not valid after: 2020-01-02T12:00:00
2235. | MD5: 3aaa c3e6 5f76 e7ad 4d38 52d4 a712 8111
2236. | SHA-1: 4c4d 3bd9 d6eb 2def c285 ba37 c719 cd31 bd2b 656b
2237. | -----BEGIN CERTIFICATE-----
2238. | MIIIaTCCB1GgAwIBAgIQCeeCLklJ+ryYwp8BfBicTDANBgkqhkiG9w0BAQsFADB1
2239. | MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
2240. | d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
2241. | IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDkwNDAwMDAwMFoXDTIwMDEwMjEy
2242. | MDAwMFowgeAxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
2243. | BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
2244. | EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV
2245. | BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEaMBgGA1UECxMR
2246. | V2ViIEhvc3RpbmcgR3JvdXAxFTATBgNVBAMTDHd3dy5jaXRpLmNvbTCCASIwDQYJ
2247. | KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPofaM5OmefncTXRvfrMhxiwCszeJzGZ
2248. | 05xchdzCnIlqrMHqkj4Czh6x1obQccDnCVQN3iKNWkBe5rGYSnX3nBG+x2lZYfyq
2249. | haLhEg3RZLtBYaW2VBXqxPD9BMEMv7oMikl/nRsR0L6ez6JhR85EByDCtIPHLIC/
2250. | SxnHxZ2YamA5ORwWXUzsQQ9WEILn0WeHMt2cqB8UjHdQCXzwspuOB19b8iqMnvFN
2251. | IF5G69xFb/rY2V50yekrDUNXdNos0FfecmVEMHMp0IMmCpPcoKJDfEuj9ib7EOPi
2252. | 6zZe7s8L/HaBqVFFnilfSsp+6qMLToxg4/AAmoqtKfCTXqY0oixJMEMCAwEAAaOC
2253. | BIcwggSDMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQW
2254. | BBQ7c2NHTBqC+Usxooq0ppbSXTZpczCCATIGA1UdEQSCASkwggElggx3d3cuY2l0
2255. | aS5jb22CDGljZy5jaXRpLmNvbYIQd3d3LmNpdGliYW5rLmNvbYIRd3d3LmNpdGln
2256. | cm91cC5jb22CGnd3dy5jaXRpcmV0YWlsc2VydmljZXMuY29tgg93d3cuZmluYW5j
2257. | ZS5jb22CFGNyZWRpdGNhcmRzLmNpdGkuY29tghh3d3cuY3JlZGl0Y2FyZHMuY2l0
2258. | aS5jb22CEXd3dzEuY2l0aWJhbmsuY29tghF3d3cyLmNpdGliYW5rLmNvbYIRb25j
2259. | YW1wdXMuY2l0aS5jb22CEnd3dy5jaXRpYmFuay5jby51a4INY2NzaS5jaXRpLmNv
2260. | bYIpcHJvZC5yZXBvcnQubmFjdXN0b21lcmV4cGVyaWVuY2UuY2l0aS5jb20wDgYD
2261. | VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNV
2262. | HR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1z
2263. | ZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hh
2264. | Mi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYI
2265. | KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEw
2266. | gYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
2267. | cnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
2268. | RGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1Ud
2269. | EwQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AKS5CZC0GFgUh7sTosxn
2270. | cAo8NZgE+RvfuON3zQ7IDdwQAAABZaU2eOYAAAQDAEcwRQIgZ6iWZndvSt7UnkkR
2271. | DX8YzEZjDnOYjI2pNyAM/aLqf5MCIQDnVsR5JYt3nQEgzKJ0RNq7brWitoKvSrmO
2272. | PceTSv+g0gB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZaU2
2273. | eVQAAAQDAEgwRgIhAJgwOI5eXLE4OMKDuVoQcObBGmHg+D1V5G5bWCf93wMBAiEA
2274. | 8MFjEzOc8WAXckOjE+bfSTQJhb1IVgQrQZMA0k+EsNsAdwC72d+8H4pxtZOUI5eq
2275. | kntHOFeVCqtS6BqQlmQ2jh7RhQAAAWWlNnncAAAEAwBIMEYCIQCQRv0QrL8Wv7qM
2276. | PqFY3HDDzJo9gUVCTpLUJtXeUjbZagIhAMPDS1ZkS+5/ILUZBjf2pFXQ9L7J3jtd
2277. | BkDlpzux5lNsMA0GCSqGSIb3DQEBCwUAA4IBAQCbmXpLDZWjCO/jHQqsGSTWS2ej
2278. | KKRw0GoZ4MzS+LH8OUgz8xrYPR6PNgriep6Yj7bLcbducjrwkqfji+F70quRR/0B
2279. | a90i5ory1o+w+8Moboj+xSQDrgn6RY3GZny2jkJMNG/wsXFe4R8JUrMjItGrqwZQ
2280. | b+bn/sW+tBqlaLdFD4y9FWRqFtuRLoDxzOp0MVKzG4BI28S/TkUnd3eNPVI4WLpZ
2281. | 1kRwZYujQZoxBhM53ylN90LPwaEOOfpWzWUw3rMVsk6o3ox4+vXhnGo0eB1p1C1/
2282. | FmWZBOPLjqSNL6NMdq3RMJ97RF+LpjK7PcQ/U4tpaD5uKtZBNtbYbtA6c6LG
2283. |_-----END CERTIFICATE-----
2284. |_ssl-date: TLS randomness does not represent time
2285. 445/tcp closed microsoft-ds conn-refused
2286. Device type: general purpose|storage-misc|broadband router|WAP
2287. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (88%)
2288. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22
2289. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
2290. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (91%), Linux 3.16 (90%)
2291. No exact OS matches for host (test conditions non-ideal).
2292. TCP/IP fingerprint:
2293. SCAN(V=7.70%E=4%D=1/26%OT=80%CT=25%CU=%PV=N%DS=10%DC=T%G=N%TM=5C4C5A58%P=x86_64-pc-linux-gnu)
2294. SEQ(SP=103%GCD=1%ISR=108%TI=Z%CI=Z%II=I%TS=8)
2295. SEQ(SP=103%GCD=1%ISR=108%TI=Z%CI=Z%TS=8)
2296. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
2297. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
2298. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
2299. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
2300. T2(R=N)
2301. T3(R=N)
2302. T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
2303. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
2304. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
2305. T7(R=N)
2306. U1(R=N)
2307. IE(R=Y%DFI=N%TG=40%CD=S)
2308.  
2309. Uptime guess: 42.874 days (since Fri Dec 14 11:03:55 2018)
2310. Network Distance: 10 hops
2311. TCP Sequence Prediction: Difficulty=259 (Good luck!)
2312. IP ID Sequence Generation: All zeros
2313.  
2314. TRACEROUTE (using proto 1/icmp)
2315. HOP RTT ADDRESS
2316. 1 235.24 ms 10.248.200.1
2317. 2 235.26 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
2318. 3 235.85 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
2319. 4 236.46 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
2320. 5 235.88 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
2321. 6 374.89 ms 4826.hkg.equinix.com (119.27.63.115)
2322. 7 350.82 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
2323. 8 350.84 ms 114.31.192.39
2324. 9 354.19 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
2325. 10 350.20 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2326.  
2327. NSE: Script Post-scanning.
2328. NSE: Starting runlevel 1 (of 2) scan.
2329. Initiating NSE at 08:02
2330. Completed NSE at 08:02, 0.00s elapsed
2331. NSE: Starting runlevel 2 (of 2) scan.
2332. Initiating NSE at 08:02
2333. Completed NSE at 08:02, 0.00s elapsed
2334. Read data files from: /usr/bin/../share/nmap
2335. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2336. Nmap done: 1 IP address (1 host up) scanned in 95.31 seconds
2337. Raw packets sent: 76 (6.604KB) | Rcvd: 112 (27.153KB)
2338. #######################################################################################################################################
2339. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 08:02 EST
2340. NSE: Loaded 148 scripts for scanning.
2341. NSE: Script Pre-scanning.
2342. Initiating NSE at 08:02
2343. Completed NSE at 08:02, 0.00s elapsed
2344. Initiating NSE at 08:02
2345. Completed NSE at 08:02, 0.00s elapsed
2346. Initiating Parallel DNS resolution of 1 host. at 08:02
2347. Completed Parallel DNS resolution of 1 host. at 08:02, 0.02s elapsed
2348. Initiating UDP Scan at 08:02
2349. Scanning a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172) [14 ports]
2350. Completed UDP Scan at 08:02, 3.15s elapsed (14 total ports)
2351. Initiating Service scan at 08:02
2352. Scanning 12 services on a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2353. Service scan Timing: About 8.33% done; ETC: 08:21 (0:17:47 remaining)
2354. Completed Service scan at 08:04, 102.57s elapsed (12 services on 1 host)
2355. Initiating OS detection (try #1) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2356. Retrying OS detection (try #2) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2357. Initiating Traceroute at 08:04
2358. Completed Traceroute at 08:04, 7.31s elapsed
2359. Initiating Parallel DNS resolution of 1 host. at 08:04
2360. Completed Parallel DNS resolution of 1 host. at 08:04, 0.02s elapsed
2361. NSE: Script scanning 104.98.33.172.
2362. Initiating NSE at 08:04
2363. Completed NSE at 08:04, 20.32s elapsed
2364. Initiating NSE at 08:04
2365. Completed NSE at 08:04, 1.65s elapsed
2366. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
2367. Host is up (0.28s latency).
2368.  
2369. PORT STATE SERVICE VERSION
2370. 53/udp open|filtered domain
2371. 67/udp open|filtered dhcps
2372. 68/udp open|filtered dhcpc
2373. 69/udp open|filtered tftp
2374. 88/udp open|filtered kerberos-sec
2375. 123/udp open|filtered ntp
2376. 137/udp filtered netbios-ns
2377. 138/udp filtered netbios-dgm
2378. 139/udp open|filtered netbios-ssn
2379. 161/udp open|filtered snmp
2380. 162/udp open|filtered snmptrap
2381. 389/udp open|filtered ldap
2382. 520/udp open|filtered route
2383. 2049/udp open|filtered nfs
2384. Too many fingerprints match this host to give specific OS details
2385.  
2386. TRACEROUTE (using port 138/udp)
2387. HOP RTT ADDRESS
2388. 1 234.50 ms 10.248.200.1
2389. 2 ... 3
2390. 4 234.66 ms 10.248.200.1
2391. 5 235.17 ms 10.248.200.1
2392. 6 235.16 ms 10.248.200.1
2393. 7 235.16 ms 10.248.200.1
2394. 8 235.15 ms 10.248.200.1
2395. 9 235.15 ms 10.248.200.1
2396. 10 235.17 ms 10.248.200.1
2397. 11 ... 18
2398. 19 234.70 ms 10.248.200.1
2399. 20 238.42 ms 10.248.200.1
2400. 21 ... 28
2401. 29 235.04 ms 10.248.200.1
2402. 30 235.28 ms 10.248.200.1
2403.  
2404. NSE: Script Post-scanning.
2405. Initiating NSE at 08:04
2406. Completed NSE at 08:04, 0.00s elapsed
2407. Initiating NSE at 08:04
2408. Completed NSE at 08:04, 0.00s elapsed
2409. Read data files from: /usr/bin/../share/nmap
2410. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2411. Nmap done: 1 IP address (1 host up) scanned in 142.98 seconds
2412. Raw packets sent: 135 (8.008KB) | Rcvd: 397 (83.950KB)
2413. #######################################################################################################################################
2414. Anonymous JTSEC #‎OpIcarus Full Recon #1