SHARE
TWEET

Anonymous JTSEC #‎OpIcarus Full Recon #1

a guest Jan 26th, 2019 1,375 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #######################################################################################################################################
  2. Hostname    www.citigroup.com       ISP     Akamai Technologies, Inc.
  3. Continent   North America       Flag    
  4. US
  5. Country     United States       Country Code    US
  6. Region  Unknown         Local time  26 Jan 2019 06:34 CST
  7. City    Unknown         Postal Code     Unknown
  8. IP Address  104.98.33.172       Latitude    37.751
  9.             Longitude   -97.822
  10. #######################################################################################################################################
  11. > www.citigroup.com
  12. Server:     27.50.70.139
  13. Address:    27.50.70.139#53
  14.  
  15. Non-authoritative answer:
  16. www.citigroup.com   canonical name = san.www.citi.com.edgekey.net.
  17. san.www.citi.com.edgekey.net    canonical name = e16976.x.akamaiedge.net.
  18. Name:   e16976.x.akamaiedge.net
  19. Address: 104.98.33.172
  20. >
  21. #######################################################################################################################################
  22.  
  23. HostIP:104.98.33.172
  24. HostName:www.citigroup.com
  25.  
  26. Gathered Inet-whois information for 104.98.33.172
  27. ---------------------------------------------------------------------------------------------------------------------------------------
  28.  
  29.  
  30. inetnum:        103.252.92.0 - 104.153.83.255
  31. netname:        NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
  32. descr:          IPv4 address block not managed by the RIPE NCC
  33. remarks:        ------------------------------------------------------
  34. remarks:
  35. remarks:        For registration information,
  36. remarks:        you can consult the following sources:
  37. remarks:
  38. remarks:        IANA
  39. remarks:        http://www.iana.org/assignments/ipv4-address-space
  40. remarks:        http://www.iana.org/assignments/iana-ipv4-special-registry
  41. remarks:        http://www.iana.org/assignments/ipv4-recovered-address-space
  42. remarks:
  43. remarks:        AFRINIC (Africa)
  44. remarks:        http://www.afrinic.net/ whois.afrinic.net
  45. remarks:
  46. remarks:        APNIC (Asia Pacific)
  47. remarks:        http://www.apnic.net/ whois.apnic.net
  48. remarks:
  49. remarks:        ARIN (Northern America)
  50. remarks:        http://www.arin.net/ whois.arin.net
  51. remarks:
  52. remarks:        LACNIC (Latin America and the Carribean)
  53. remarks:        http://www.lacnic.net/ whois.lacnic.net
  54. remarks:
  55. remarks:        ------------------------------------------------------
  56. country:        EU # Country is really world wide
  57. admin-c:        IANA1-RIPE
  58. tech-c:         IANA1-RIPE
  59. status:         ALLOCATED UNSPECIFIED
  60. mnt-by:         RIPE-NCC-HM-MNT
  61. created:        2019-01-07T10:50:18Z
  62. last-modified:  2019-01-07T10:50:18Z
  63. source:         RIPE
  64.  
  65. role:           Internet Assigned Numbers Authority
  66. address:        see http://www.iana.org.
  67. admin-c:        IANA1-RIPE
  68. tech-c:         IANA1-RIPE
  69. nic-hdl:        IANA1-RIPE
  70. remarks:        For more information on IANA services
  71. remarks:        go to IANA web site at http://www.iana.org.
  72. mnt-by:         RIPE-NCC-MNT
  73. created:        1970-01-01T00:00:00Z
  74. last-modified:  2001-09-22T09:31:27Z
  75. source:         RIPE # Filtered
  76.  
  77. % Information related to '104.98.32.0/20AS20940'
  78.  
  79. route:          104.98.32.0/20
  80. descr:          Akamai Technologies
  81. origin:         AS20940
  82. mnt-by:         AKAM1-RIPE-MNT
  83. created:        2015-06-08T16:55:05Z
  84. last-modified:  2018-09-04T18:11:35Z
  85. source:         RIPE-NONAUTH
  86.  
  87. % This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
  88.  
  89.  
  90.  
  91. Gathered Inic-whois information for citigroup.com
  92. ---------------------------------------------------------------------------------------------------------------------------------------
  93.    Domain Name: CITIGROUP.COM
  94.    Registry Domain ID: 1106356_DOMAIN_COM-VRSN
  95.    Registrar WHOIS Server: whois.corporatedomains.com
  96.    Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
  97.    Updated Date: 2018-12-05T21:58:43Z
  98.    Creation Date: 1998-04-06T04:00:00Z
  99.    Registry Expiry Date: 2020-04-05T04:00:00Z
  100.    Registrar: CSC Corporate Domains, Inc.
  101.    Registrar IANA ID: 299
  102.    Registrar Abuse Contact Email: domainabuse@cscglobal.com
  103.    Registrar Abuse Contact Phone: 8887802723
  104.    Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  105.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  106.    Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  107.    Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
  108.    Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
  109.    Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
  110.    Name Server: NS1.NSROOT1.COM
  111.    Name Server: NS2.NSROOT2.COM
  112.    DNSSEC: unsigned
  113.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  114. >>> Last update of whois database: 2019-01-26T12:40:15Z <<<
  115.  
  116. For more information on Whois status codes, please visit https://icann.org/epp
  117.  
  118. NOTICE: The expiration date displayed in this record is the date the
  119. registrar's sponsorship of the domain name registration in the registry is
  120. currently set to expire. This date does not necessarily reflect the expiration
  121. date of the domain name registrant's agreement with the sponsoring
  122. registrar.  Users may consult the sponsoring registrar's Whois database to
  123. view the registrar's reported date of expiration for this registration.
  124.  
  125. TERMS OF USE: You are not authorized to access or query our Whois
  126. database through the use of electronic processes that are high-volume and
  127. automated except as reasonably necessary to register domain names or
  128. modify existing registrations; the Data in VeriSign Global Registry
  129. Services' ("VeriSign") Whois database is provided by VeriSign for
  130. information purposes only, and to assist persons in obtaining information
  131. about or related to a domain name registration record. VeriSign does not
  132. guarantee its accuracy. By submitting a Whois query, you agree to abide
  133. by the following terms of use: You agree that you may use this Data only
  134. for lawful purposes and that under no circumstances will you use this Data
  135. to: (1) allow, enable, or otherwise support the transmission of mass
  136. unsolicited, commercial advertising or solicitations via e-mail, telephone,
  137. or facsimile; or (2) enable high volume, automated, electronic processes
  138. that apply to VeriSign (or its computer systems). The compilation,
  139. repackaging, dissemination or other use of this Data is expressly
  140. prohibited without the prior written consent of VeriSign. You agree not to
  141. use electronic processes that are automated and high-volume to access or
  142. query the Whois database except as reasonably necessary to register
  143. domain names or modify existing registrations. VeriSign reserves the right
  144. to restrict your access to the Whois database in its sole discretion to ensure
  145. operational stability.  VeriSign may restrict or terminate your access to the
  146. Whois database for failure to abide by these terms of use. VeriSign
  147. reserves the right to modify these terms at any time.
  148.  
  149. The Registry database contains ONLY .COM, .NET, .EDU domains and
  150. Registrars.
  151.  
  152. Gathered Netcraft information for www.citigroup.com
  153. ---------------------------------------------------------------------------------------------------------------------------------------
  154.  
  155. Retrieving Netcraft.com information for www.citigroup.com
  156. Netcraft.com Information gathered
  157.  
  158. Gathered Subdomain information for citigroup.com
  159. ---------------------------------------------------------------------------------------------------------------------------------------
  160. Searching Google.com:80...
  161. HostName:www.citigroup.com
  162. HostIP:104.98.33.172
  163. HostName:careers.citigroup.com
  164. HostIP:116.255.21.208
  165. HostName:debtxportal.issuerservices.citigroup.com
  166. HostIP:192.193.56.78
  167. HostName:careermobility.citigroup.com
  168. HostIP:192.193.183.119
  169. HostName:businessaccess.citibank.citigroup.com
  170. HostIP:104.98.27.154
  171. HostName:blog.citigroup.com
  172. HostIP:146.20.81.168
  173. HostName:remoteoffice.citigroup.com
  174. HostIP:192.193.3.103
  175. HostName:volunteers.citigroup.com
  176. HostIP:192.193.218.28
  177. HostName:Volunteers.citigroup.com
  178. HostIP:192.193.218.28
  179. HostName:news.citigroup.com
  180. HostIP:173.231.190.151
  181. HostName:procurementsourcing.citigroup.com
  182. HostIP:192.193.183.188
  183. Searching Altavista.com:80...
  184. Found 11 possible subdomain(s) for host citigroup.com, Searched 0 pages containing 0 results
  185.  
  186. Gathered E-Mail information for citigroup.com
  187. ---------------------------------------------------------------------------------------------------------------------------------------
  188. Searching Google.com:80...
  189. Searching Altavista.com:80...
  190. Found 0 E-Mail(s) for host citigroup.com, Searched 0 pages containing 0 results
  191.  
  192. Gathered TCP Port information for 104.98.33.172
  193. ---------------------------------------------------------------------------------------------------------------------------------------
  194.  
  195.  Port       State
  196.  
  197. 80/tcp      open
  198.  
  199. Portscan Finished: Scanned 150 ports, 2 ports were in state closed
  200. #######################################################################################################################################
  201. [i] Scanning Site: https://www.citigroup.com
  202.  
  203.  
  204.  
  205. B A S I C   I N F O
  206. ======================================================================================================================================
  207.  
  208.  
  209. [+] Site Title: Citi | Responsible Finance - Financial Ingenuity - Global Bank
  210. [+] IP address: 104.98.33.172
  211. [+] Web Server: Could Not Detect
  212. [+] CMS: Could Not Detect
  213. [+] Cloudflare: Not Detected
  214. [+] Robots File: Could NOT Find robots.txt!
  215.  
  216.  
  217.  
  218.  
  219. W H O I S   L O O K U P
  220. =======================================================================================================================================
  221.  
  222.        Domain Name: CITIGROUP.COM
  223.    Registry Domain ID: 1106356_DOMAIN_COM-VRSN
  224.    Registrar WHOIS Server: whois.corporatedomains.com
  225.    Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
  226.    Updated Date: 2018-12-05T21:58:43Z
  227.    Creation Date: 1998-04-06T04:00:00Z
  228.    Registry Expiry Date: 2020-04-05T04:00:00Z
  229.    Registrar: CSC Corporate Domains, Inc.
  230.    Registrar IANA ID: 299
  231.    Registrar Abuse Contact Email: domainabuse@cscglobal.com
  232.    Registrar Abuse Contact Phone: 8887802723
  233.    Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
  234.    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  235.    Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
  236.    Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
  237.    Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
  238.    Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
  239.    Name Server: NS1.NSROOT1.COM
  240.    Name Server: NS2.NSROOT2.COM
  241.    DNSSEC: unsigned
  242.    URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
  243. >>> Last update of whois database: 2019-01-26T12:40:45Z <<<
  244.  
  245. For more information on Whois status codes, please visit https://icann.org/epp
  246.  
  247.  
  248.  
  249. The Registry database contains ONLY .COM, .NET, .EDU domains and
  250. Registrars.
  251.  
  252.  
  253.  
  254.  
  255. G E O  I P  L O O K  U P
  256. =======================================================================================================================================
  257.  
  258. [i] IP Address: 192.193.218.130
  259. [i] Country: United States
  260. [i] State:  
  261. [i] City:  
  262. [i] Latitude: 37.751
  263. [i] Longitude: -97.822
  264.  
  265.  
  266.  
  267.  
  268. H T T P   H E A D E R S
  269. =======================================================================================================================================
  270.  
  271.  
  272. [i]  HTTP/1.0 301 Moved Permanently
  273. [i]  Location: http://www.citigroup.com/citi/
  274. [i]  Vary: Accept-Encoding
  275. [i]  Content-Encoding: gzip
  276. [i]  Content-Length: 20
  277. [i]  Content-Type: text/plain
  278. [i]  Date: Sat, 26 Jan 2019 12:41:03 GMT
  279. [i]  Connection: close
  280. [i]  HTTP/1.1 302 Found
  281. [i]  Date: Sat, 26 Jan 2019 12:41:04 GMT
  282. [i]  Content-Length: 0
  283. [i]  Location: https://www.citigroup.com/citi/
  284. [i]  Connection: close
  285. [i]  HTTP/1.0 200 OK
  286. [i]  Last-Modified: Thu, 17 Jan 2019 18:21:27 GMT
  287. [i]  ETag: "124a19-31d4-57fab7673f7c0"
  288. [i]  Content-Type: text/html
  289. [i]  Date: Sat, 26 Jan 2019 12:41:06 GMT
  290. [i]  Content-Length: 12756
  291. [i]  Connection: close
  292.  
  293.  
  294.  
  295.  
  296. D N S   L O O K U P
  297. =======================================================================================================================================
  298.  
  299. citigroup.com.      3599    IN  SOA ns1.nsroot1.com. hostmaster.citi.com. 2019010801 3600 300 2419200 3600
  300. citigroup.com.      3599    IN  NS  ns1.nsroot1.com.
  301. citigroup.com.      3599    IN  NS  ns2.nsroot2.com.
  302. citigroup.com.      3599    IN  A   192.193.102.175
  303. citigroup.com.      3599    IN  A   192.193.218.130
  304. citigroup.com.      1799    IN  MX  5 mx-a.mail.citi.com.
  305. citigroup.com.      1799    IN  MX  5 mx-b.mail.citi.com.
  306. citigroup.com.      3599    IN  TXT "facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn"
  307. citigroup.com.      3599    IN  TXT "v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com"
  308.  
  309.  
  310.  
  311.  
  312. S U B N E T   C A L C U L A T I O N
  313. =======================================================================================================================================
  314.  
  315. Address       = 192.193.102.175
  316. Network       = 192.193.102.175 / 32
  317. Netmask       = 255.255.255.255
  318. Broadcast     = not needed on Point-to-Point links
  319. Wildcard Mask = 0.0.0.0
  320. Hosts Bits    = 0
  321. Max. Hosts    = 1   (2^0 - 0)
  322. Host Range    = { 192.193.102.175 - 192.193.102.175 }
  323.  
  324.  
  325.  
  326. N M A P   P O R T   S C A N
  327. =======================================================================================================================================
  328.  
  329.  
  330. Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-26 12:41 UTC
  331. Nmap scan report for citigroup.com (192.193.102.175)
  332. Host is up (0.045s latency).
  333. Other addresses for citigroup.com (not scanned): 192.193.218.130
  334. rDNS record for 192.193.102.175: citicorp.com.au
  335. PORT     STATE    SERVICE
  336. 21/tcp   filtered ftp
  337. 22/tcp   filtered ssh
  338. 23/tcp   filtered telnet
  339. 80/tcp   open     http
  340. 110/tcp  filtered pop3
  341. 143/tcp  filtered imap
  342. 443/tcp  open     https
  343. 3389/tcp filtered ms-wbt-server
  344.  
  345. Nmap done: 1 IP address (1 host up) scanned in 1.55 seconds
  346.  
  347.  
  348.  
  349. S U B - D O M A I N   F I N D E R
  350. =======================================================================================================================================
  351.  
  352.  
  353. [i] Total Subdomains Found : 329
  354.  
  355. [+] Subdomain: fidirectstream10.citigroup.com
  356. [-] IP: 199.67.182.226
  357.  
  358. [+] Subdomain: smtp10.citigroup.com
  359. [-] IP: 192.193.96.35
  360.  
  361. [+] Subdomain: electronicbillingtest10.citigroup.com
  362. [-] IP: 192.193.218.167
  363.  
  364. [+] Subdomain: smtpinbound-mpod-1.citigroup.com
  365. [-] IP: 199.67.137.143
  366.  
  367. [+] Subdomain: smtpinbound-mx-1.citigroup.com
  368. [-] IP: 192.193.158.11
  369.  
  370. [+] Subdomain: fidirectstream01.citigroup.com
  371. [-] IP: 199.67.184.138
  372.  
  373. [+] Subdomain: smtprelayu-gt01.citigroup.com
  374. [-] IP: 192.193.222.12
  375.  
  376. [+] Subdomain: smtpinbound-g11.citigroup.com
  377. [-] IP: 192.193.222.15
  378.  
  379. [+] Subdomain: smtpinbound-m11.citigroup.com
  380. [-] IP: 192.193.193.13
  381.  
  382. [+] Subdomain: smtp11.citigroup.com
  383. [-] IP: 192.193.96.36
  384.  
  385. [+] Subdomain: smtpinbound-s11.citigroup.com
  386. [-] IP: 192.193.220.24
  387.  
  388. [+] Subdomain: citigroupsoa1.citigroup.com
  389. [-] IP: 192.193.183.110
  390.  
  391. [+] Subdomain: customer360view.uat1.citigroup.com
  392. [-] IP: 192.193.174.107
  393.  
  394. [+] Subdomain: citigroupsoauat1.citigroup.com
  395. [-] IP: 192.193.173.115
  396.  
  397. [+] Subdomain: citigroupsoasit1.citigroup.com
  398. [-] IP: 192.193.173.114
  399.  
  400. [+] Subdomain: remoteprint1.citigroup.com
  401. [-] IP: 199.67.137.39
  402.  
  403. [+] Subdomain: smtpinbound-mpod-2.citigroup.com
  404. [-] IP: 199.67.137.143
  405.  
  406. [+] Subdomain: fidirectstream02.citigroup.com
  407. [-] IP: 199.67.185.135
  408.  
  409. [+] Subdomain: smtprelay-gt02.citigroup.com
  410. [-] IP: 192.193.222.13
  411.  
  412. [+] Subdomain: imbdmzu-mw02.citigroup.com
  413. [-] IP: 192.193.193.78
  414.  
  415. [+] Subdomain: smtprelay-mw02.citigroup.com
  416. [-] IP: 192.193.193.12
  417.  
  418. [+] Subdomain: smtpinbound-g12.citigroup.com
  419. [-] IP: 192.193.222.16
  420.  
  421. [+] Subdomain: smtpinbound-m12.citigroup.com
  422. [-] IP: 192.193.193.14
  423.  
  424. [+] Subdomain: fidirectstream12.citigroup.com
  425. [-] IP: 199.67.183.136
  426.  
  427. [+] Subdomain: smtpinbound-r12.citigroup.com
  428. [-] IP: 192.193.158.15
  429.  
  430. [+] Subdomain: smtpinbound-s12.citigroup.com
  431. [-] IP: 192.193.220.22
  432.  
  433. [+] Subdomain: customer360view.uat2.citigroup.com
  434. [-] IP: 192.193.174.108
  435.  
  436. [+] Subdomain: securefiletransferuat2.citigroup.com
  437. [-] IP: 192.193.219.34
  438.  
  439. [+] Subdomain: smtpinbound-mpod-3.citigroup.com
  440. [-] IP: 199.67.137.143
  441.  
  442. [+] Subdomain: smtprelay-gt03.citigroup.com
  443. [-] IP: 192.193.222.87
  444.  
  445. [+] Subdomain: smtprelay-mw03.citigroup.com
  446. [-] IP: 192.193.193.91
  447.  
  448. [+] Subdomain: securefiletransfer3.citigroup.com
  449. [-] IP: 192.193.173.116
  450.  
  451. [+] Subdomain: securefiletransferuat3.citigroup.com
  452. [-] IP: 192.193.183.250
  453.  
  454. [+] Subdomain: smtp4.citigroup.com
  455. [-] IP: 192.193.71.3
  456.  
  457. [+] Subdomain: smtp5.citigroup.com
  458. [-] IP: 192.193.71.4
  459.  
  460. [+] Subdomain: digitalcertificate7.citigroup.com
  461. [-] IP: 192.193.218.24
  462.  
  463. [+] Subdomain: smtp8.citigroup.com
  464. [-] IP: 192.193.96.33
  465.  
  466. [+] Subdomain: wealthplannerondevices8.citigroup.com
  467. [-] IP: 192.193.157.64
  468.  
  469. [+] Subdomain: smtp9.citigroup.com
  470. [-] IP: 192.193.96.34
  471.  
  472. [+] Subdomain: wealthplanneronline.emea.citigroup.com
  473. [-] IP: 199.67.204.109
  474.  
  475. [+] Subdomain: uatwealthplanneronline.emea.citigroup.com
  476. [-] IP: 199.67.207.220
  477.  
  478. [+] Subdomain: uatwealthplannerondevices.emea.citigroup.com
  479. [-] IP: 199.67.207.210
  480.  
  481. [+] Subdomain: wealthplanneradvisory.emea.citigroup.com
  482. [-] IP: 199.67.207.221
  483.  
  484. [+] Subdomain: uatwealthplanneradvisory.emea.citigroup.com
  485. [-] IP: 199.67.207.215
  486.  
  487. [+] Subdomain: digitalonboarding.india.citigroup.com
  488. [-] IP: 192.193.157.242
  489.  
  490. [+] Subdomain: rmapp.india.citigroup.com
  491. [-] IP: 192.193.128.62
  492.  
  493. [+] Subdomain: uatwealthplanneradvisory.india.citigroup.com
  494. [-] IP: 192.193.128.225
  495.  
  496. [+] Subdomain: site10.remoteoffice.australia.citigroup.com
  497. [-] IP: 192.193.3.98
  498.  
  499. [+] Subdomain: site09.remoteoffice.australia.citigroup.com
  500. [-] IP: 192.193.0.98
  501.  
  502. [+] Subdomain: site07.remoteoffice.asia.citigroup.com
  503. [-] IP: 192.193.160.162
  504.  
  505. [+] Subdomain: site08.remoteoffice.asia.citigroup.com
  506. [-] IP: 192.193.132.130
  507.  
  508. [+] Subdomain: vpnphone.asia.citigroup.com
  509. [-] IP: 192.193.160.167
  510.  
  511. [+] Subdomain: responsivesalesautomationrussia.citigroup.com
  512. [-] IP: 192.193.246.26
  513.  
  514. [+] Subdomain: wealthplanneradvisory.china.citigroup.com
  515. [-] IP: 192.193.128.190
  516.  
  517. [+] Subdomain: citigroupsoa.citigroup.com
  518. [-] IP: 192.193.183.98
  519.  
  520. [+] Subdomain: banksearch.cib.citigroup.com
  521. [-] IP: 192.193.56.36
  522.  
  523. [+] Subdomain: banksearchuat.cib.citigroup.com
  524. [-] IP: 192.193.182.127
  525.  
  526. [+] Subdomain: efet.cmb.citigroup.com
  527. [-] IP: 199.67.184.212
  528.  
  529. [+] Subdomain: modelmanagementportal-cob.citigroup.com
  530. [-] IP: 192.193.219.172
  531.  
  532. [+] Subdomain: saml-cob.citigroup.com
  533. [-] IP: 199.67.137.41
  534.  
  535. [+] Subdomain: volunteersmanagementsystemcob.citigroup.com
  536. [-] IP: 192.193.173.165
  537.  
  538. [+] Subdomain: cardsmarketingcentercob.citigroup.com
  539. [-] IP: 199.67.131.113
  540.  
  541. [+] Subdomain: customerservice.aspac.citigroup.com
  542. [-] IP: 192.193.157.185
  543.  
  544. [+] Subdomain: citigroupsoaaspac.citigroup.com
  545. [-] IP: 192.193.157.24
  546.  
  547. [+] Subdomain: citigroupsoauataspac.citigroup.com
  548. [-] IP: 192.193.133.223
  549.  
  550. [+] Subdomain: smtpinbound.citigroup.com
  551. [-] IP: 192.193.158.82
  552.  
  553. [+] Subdomain: smtp-edelivery-outbound.citigroup.com
  554. [-] IP: 192.193.158.69
  555.  
  556. [+] Subdomain: smtpoutbound.citigroup.com
  557. [-] IP: 192.193.158.79
  558.  
  559. [+] Subdomain: procurementsourcing.preprod.citigroup.com
  560. [-] IP: 192.193.183.188
  561.  
  562. [+] Subdomain: login.preprod.citigroup.com
  563. [-] IP: 192.193.183.206
  564.  
  565. [+] Subdomain: careermobilityprod.citigroup.com
  566. [-] IP: 192.193.183.119
  567.  
  568. [+] Subdomain: responsivesalesautomationprd.citigroup.com
  569. [-] IP: 199.67.207.167
  570.  
  571. [+] Subdomain: remoteoffice.citigroup.com
  572. [-] IP: 199.67.131.65
  573.  
  574. [+] Subdomain: site00.remoteoffice.citigroup.com
  575. [-] IP: 199.67.131.66
  576.  
  577. [+] Subdomain: site01.remoteoffice.citigroup.com
  578. [-] IP: 199.67.136.8
  579.  
  580. [+] Subdomain: site11.remoteoffice.citigroup.com
  581. [-] IP: 199.67.136.15
  582.  
  583. [+] Subdomain: uat1.remoteoffice.citigroup.com
  584. [-] IP: 199.67.136.27
  585.  
  586. [+] Subdomain: dev1.remoteoffice.citigroup.com
  587. [-] IP: 65.196.75.1
  588.  
  589. [+] Subdomain: site02.remoteoffice.citigroup.com
  590. [-] IP: 192.193.216.9
  591.  
  592. [+] Subdomain: site12.remoteoffice.citigroup.com
  593. [-] IP: 192.193.181.20
  594.  
  595. [+] Subdomain: dev2.remoteoffice.citigroup.com
  596. [-] IP: 65.196.75.2
  597.  
  598. [+] Subdomain: site03.remoteoffice.citigroup.com
  599. [-] IP: 199.67.138.66
  600.  
  601. [+] Subdomain: uat3.remoteoffice.citigroup.com
  602. [-] IP: 199.67.203.89
  603.  
  604. [+] Subdomain: dev3.remoteoffice.citigroup.com
  605. [-] IP: 65.196.75.3
  606.  
  607. [+] Subdomain: site14.remoteoffice.citigroup.com
  608. [-] IP: 199.67.131.71
  609.  
  610. [+] Subdomain: uat4.remoteoffice.citigroup.com
  611. [-] IP: 192.193.160.166
  612.  
  613. [+] Subdomain: dev4.remoteoffice.citigroup.com
  614. [-] IP: 65.196.75.4
  615.  
  616. [+] Subdomain: uat5.remoteoffice.citigroup.com
  617. [-] IP: 192.193.216.11
  618.  
  619. [+] Subdomain: dev5.remoteoffice.citigroup.com
  620. [-] IP: 65.196.75.13
  621.  
  622. [+] Subdomain: uat.remoteoffice.citigroup.com
  623. [-] IP: 192.193.216.12
  624.  
  625. [+] Subdomain: dev.remoteoffice.citigroup.com
  626. [-] IP: 65.196.75.38
  627.  
  628. [+] Subdomain: uat.salesstationdevice.citigroup.com
  629. [-] IP: 199.67.207.224
  630.  
  631. [+] Subdomain: bondexchange.citigroup.com
  632. [-] IP: 199.67.141.209
  633.  
  634. [+] Subdomain: uat.salesautomationonline.citigroup.com
  635. [-] IP: 192.193.174.104
  636.  
  637. [+] Subdomain: uat.salesstationonline.citigroup.com
  638. [-] IP: 199.67.207.223
  639.  
  640. [+] Subdomain: logintotalcomponline.citigroup.com
  641. [-] IP: 192.193.218.158
  642.  
  643. [+] Subdomain: vpnphone.citigroup.com
  644. [-] IP: 199.67.138.87
  645.  
  646. [+] Subdomain: site04.remoteoffice.europe.citigroup.com
  647. [-] IP: 199.67.203.80
  648.  
  649. [+] Subdomain: site05.remoteoffice.europe.citigroup.com
  650. [-] IP: 192.193.116.66
  651.  
  652. [+] Subdomain: vpnphone.europe.citigroup.com
  653. [-] IP: 192.193.116.84
  654.  
  655. [+] Subdomain: centerforculture.citigroup.com
  656. [-] IP: 64.90.172.118
  657.  
  658. [+] Subdomain: uat.centerforculture.citigroup.com
  659. [-] IP: 64.90.172.117
  660.  
  661. [+] Subdomain: www.centerforculture.citigroup.com
  662. [-] IP: 64.90.172.118
  663.  
  664. [+] Subdomain: 2._spf.citigroup.com
  665. [-] IP: 177.136.58.178
  666.  
  667. [+] Subdomain: site01.icg.citigroup.com
  668. [-] IP: 204.13.186.188
  669.  
  670. [+] Subdomain: site02.icg.citigroup.com
  671. [-] IP: 204.13.188.232
  672.  
  673. [+] Subdomain: go2.icg.citigroup.com
  674. [-] IP: 204.130.247.249
  675.  
  676. [+] Subdomain: site03.icg.citigroup.com
  677. [-] IP: 204.130.247.249
  678.  
  679. [+] Subdomain: site04.icg.citigroup.com
  680. [-] IP: 209.99.240.197
  681.  
  682. [+] Subdomain: go.icg.citigroup.com
  683. [-] IP: 204.13.186.188
  684.  
  685. [+] Subdomain: issuerservices.icg.citigroup.com
  686. [-] IP: 192.193.56.146
  687.  
  688. [+] Subdomain: issuerservicesuat.icg.citigroup.com
  689. [-] IP: 192.193.86.251
  690.  
  691. [+] Subdomain: smtpinboundlg.citigroup.com
  692. [-] IP: 192.193.158.77
  693.  
  694. [+] Subdomain: procurementsourcing.citigroup.com
  695. [-] IP: 192.193.183.188
  696.  
  697. [+] Subdomain: uattest.tradeimaging.citigroup.com
  698. [-] IP: 192.193.200.190
  699.  
  700. [+] Subdomain: www.tradeimaging.citigroup.com
  701. [-] IP: 192.193.174.154
  702.  
  703. [+] Subdomain: commercialbanking.citigroup.com
  704. [-] IP: 199.67.184.149
  705.  
  706. [+] Subdomain: cargotest10.billing.citigroup.com
  707. [-] IP: 192.193.218.139
  708.  
  709. [+] Subdomain: training.citigroup.com
  710. [-] IP: 192.193.173.102
  711.  
  712. [+] Subdomain: scheduleplanning.citigroup.com
  713. [-] IP: 192.193.102.36
  714.  
  715. [+] Subdomain: financelearning.citigroup.com
  716. [-] IP: 192.193.219.167
  717.  
  718. [+] Subdomain: uattest.tradeprocessing.citigroup.com
  719. [-] IP: 192.193.200.192
  720.  
  721. [+] Subdomain: www.tradeprocessing.citigroup.com
  722. [-] IP: 192.193.174.159
  723.  
  724. [+] Subdomain: openprime.testing.citigroup.com
  725. [-] IP: 199.67.184.150
  726.  
  727. [+] Subdomain: login.employeegiving.citigroup.com
  728. [-] IP: 192.193.219.106
  729.  
  730. [+] Subdomain: disasterrecovery.login.employeegiving.citigroup.com
  731. [-] IP: 199.67.137.44
  732.  
  733. [+] Subdomain: blog.citigroup.com
  734. [-] IP: 146.20.81.168
  735.  
  736. [+] Subdomain: uat.blog.citigroup.com
  737. [-] IP: 146.20.81.168
  738.  
  739. [+] Subdomain: trainingstg.citigroup.com
  740. [-] IP: 192.193.173.103
  741.  
  742. [+] Subdomain: travelplannerstg.citigroup.com
  743. [-] IP: 192.193.218.163
  744.  
  745. [+] Subdomain: businessaccessqa.citibank.citigroup.com
  746. [-] IP: 192.193.173.42
  747.  
  748. [+] Subdomain: webcashmanagercitibusinessuat.citibank.citigroup.com
  749. [-] IP: 192.193.86.23
  750.  
  751. [+] Subdomain: webcashmanagercitidirectuat.citibank.citigroup.com
  752. [-] IP: 192.193.86.24
  753.  
  754. [+] Subdomain: businessaccesssit.citibank.citigroup.com
  755. [-] IP: 192.193.173.46
  756.  
  757. [+] Subdomain: poc.portal.citigroup.com
  758. [-] IP: 192.193.182.174
  759.  
  760. [+] Subdomain: openwealthsolutionsportal.citigroup.com
  761. [-] IP: 192.193.86.73
  762.  
  763. [+] Subdomain: modelmanagementportal.citigroup.com
  764. [-] IP: 199.67.137.55
  765.  
  766. [+] Subdomain: mail.citigroup.com
  767. [-] IP: 199.67.141.124
  768.  
  769. [+] Subdomain: assinaturadigital.brazil.citigroup.com
  770. [-] IP: 192.193.173.22
  771.  
  772. [+] Subdomain: uat.assinaturadigital.brazil.citigroup.com
  773. [-] IP: 192.193.200.99
  774.  
  775. [+] Subdomain: ebillpayer.brazil.citigroup.com
  776. [-] IP: 192.193.35.123
  777.  
  778. [+] Subdomain: ebillpayer.uat.brazil.citigroup.com
  779. [-] IP: 192.193.200.81
  780.  
  781. [+] Subdomain: secureaccessweb.nam.citigroup.com
  782. [-] IP: 199.67.137.28
  783.  
  784. [+] Subdomain: secureaccess.nam.citigroup.com
  785. [-] IP: 192.193.8.23
  786.  
  787. [+] Subdomain: secureaccessweb.uat.nam.citigroup.com
  788. [-] IP: 192.193.104.115
  789.  
  790. [+] Subdomain: secureaccess.uat.nam.citigroup.com
  791. [-] IP: 192.193.173.11
  792.  
  793. [+] Subdomain: secureaccessweb.sit.nam.citigroup.com
  794. [-] IP: 199.67.141.105
  795.  
  796. [+] Subdomain: secureaccess.sit.nam.citigroup.com
  797. [-] IP: 199.67.141.104
  798.  
  799. [+] Subdomain: www.hotelprogram.citigroup.com
  800. [-] IP: 199.67.139.146
  801.  
  802. [+] Subdomain: volunteersmanagementsystem.citigroup.com
  803. [-] IP: 192.193.219.141
  804.  
  805. [+] Subdomain: wealthplanneronline.taiwan.citigroup.com
  806. [-] IP: 192.193.157.229
  807.  
  808. [+] Subdomain: uatwealthplanneronline.taiwan.citigroup.com
  809. [-] IP: 192.193.128.250
  810.  
  811. [+] Subdomain: wealthplanneradvisory.taiwan.citigroup.com
  812. [-] IP: 192.193.128.232
  813.  
  814. [+] Subdomain: uatwealthplanneradvisory.taiwan.citigroup.com
  815. [-] IP: 192.193.128.207
  816.  
  817. [+] Subdomain: login.citigroup.com
  818. [-] IP: 192.193.183.206
  819.  
  820. [+] Subdomain: citigroupsoa.authentication.citigroup.com
  821. [-] IP: 192.193.219.6
  822.  
  823. [+] Subdomain: site00.wifiauthentication.citigroup.com
  824. [-] IP: 192.0.2.1
  825.  
  826. [+] Subdomain: site01.wifiauthentication.citigroup.com
  827. [-] IP: 192.0.2.1
  828.  
  829. [+] Subdomain: site11.wifiauthentication.citigroup.com
  830. [-] IP: 192.0.2.1
  831.  
  832. [+] Subdomain: site02.wifiauthentication.citigroup.com
  833. [-] IP: 192.0.2.1
  834.  
  835. [+] Subdomain: site03.wifiauthentication.citigroup.com
  836. [-] IP: 192.0.2.1
  837.  
  838. [+] Subdomain: site04.wifiauthentication.citigroup.com
  839. [-] IP: 192.0.2.1
  840.  
  841. [+] Subdomain: site14.wifiauthentication.citigroup.com
  842. [-] IP: 192.0.2.1
  843.  
  844. [+] Subdomain: site05.wifiauthentication.citigroup.com
  845. [-] IP: 192.0.2.1
  846.  
  847. [+] Subdomain: site15.wifiauthentication.citigroup.com
  848. [-] IP: 192.0.2.1
  849.  
  850. [+] Subdomain: site06.wifiauthentication.citigroup.com
  851. [-] IP: 192.0.2.1
  852.  
  853. [+] Subdomain: site07.wifiauthentication.citigroup.com
  854. [-] IP: 192.0.2.1
  855.  
  856. [+] Subdomain: site08.wifiauthentication.citigroup.com
  857. [-] IP: 192.0.2.1
  858.  
  859. [+] Subdomain: www.foundation.citigroup.com
  860. [-] IP: 199.67.141.187
  861.  
  862. [+] Subdomain: www.disasterrecovery.foundation.citigroup.com
  863. [-] IP: 199.67.139.14
  864.  
  865. [+] Subdomain: uat.emeasalesautomation.citigroup.com
  866. [-] IP: 192.193.173.204
  867.  
  868. [+] Subdomain: uat.ru.emeasalesautomation.citigroup.com
  869. [-] IP: 192.193.174.32
  870.  
  871. [+] Subdomain: onlinesalesautomation.citigroup.com
  872. [-] IP: 199.67.204.53
  873.  
  874. [+] Subdomain: uat.responsivesalesautomation.citigroup.com
  875. [-] IP: 192.193.174.101
  876.  
  877. [+] Subdomain: globalcommonsalesautomation.citigroup.com
  878. [-] IP: 192.193.157.234
  879.  
  880. [+] Subdomain: uat1.directsalesautomation.citigroup.com
  881. [-] IP: 192.193.174.77
  882.  
  883. [+] Subdomain: uat2.directsalesautomation.citigroup.com
  884. [-] IP: 192.193.173.251
  885.  
  886. [+] Subdomain: instantsalesautomation.citigroup.com
  887. [-] IP: 192.193.245.30
  888.  
  889. [+] Subdomain: emaildelivery.mexico.citigroup.com
  890. [-] IP: 192.193.179.146
  891.  
  892. [+] Subdomain: www.morningstar.citigroup.com
  893. [-] IP: 199.67.137.45
  894.  
  895. [+] Subdomain: commercialbankingdr.citigroup.com
  896. [-] IP: 199.67.182.170
  897.  
  898. [+] Subdomain: trainingdr.citigroup.com
  899. [-] IP: 199.67.137.14
  900.  
  901. [+] Subdomain: financelearningdr.citigroup.com
  902. [-] IP: 199.67.137.68
  903.  
  904. [+] Subdomain: logindr.citigroup.com
  905. [-] IP: 192.193.173.88
  906.  
  907. [+] Subdomain: taxseriesdr.citigroup.com
  908. [-] IP: 192.193.173.91
  909.  
  910. [+] Subdomain: careersdr.citigroup.com
  911. [-] IP: 199.67.137.75
  912.  
  913. [+] Subdomain: newhireprocessdr.citigroup.com
  914. [-] IP: 199.67.137.53
  915.  
  916. [+] Subdomain: ecommercelawsdr.citigroup.com
  917. [-] IP: 199.67.182.169
  918.  
  919. [+] Subdomain: fitrader.citigroup.com
  920. [-] IP: 199.67.184.177
  921.  
  922. [+] Subdomain: securefiletransfer.citigroup.com
  923. [-] IP: 199.67.137.221
  924.  
  925. [+] Subdomain: primefinance.securefiletransfer.citigroup.com
  926. [-] IP: 192.193.218.30
  927.  
  928. [+] Subdomain: m.cashmanager.citigroup.com
  929. [-] IP: 192.193.56.34
  930.  
  931. [+] Subdomain: uat.cashmanager.citigroup.com
  932. [-] IP: 192.193.182.17
  933.  
  934. [+] Subdomain: m.uat.cashmanager.citigroup.com
  935. [-] IP: 192.193.182.42
  936.  
  937. [+] Subdomain: citidirectwebcashmanageruat.cashmanager.citigroup.com
  938. [-] IP: 192.193.182.142
  939.  
  940. [+] Subdomain: uat1.emailtracker.citigroup.com
  941. [-] IP: 192.193.174.103
  942.  
  943. [+] Subdomain: uat2.emailtracker.citigroup.com
  944. [-] IP: 199.67.137.38
  945.  
  946. [+] Subdomain: pat.emailtracker.citigroup.com
  947. [-] IP: 192.193.157.180
  948.  
  949. [+] Subdomain: uat.emailtracker.citigroup.com
  950. [-] IP: 192.193.173.139
  951.  
  952. [+] Subdomain: primebroker.citigroup.com
  953. [-] IP: 199.67.185.243
  954.  
  955. [+] Subdomain: www.travelplanner.citigroup.com
  956. [-] IP: 199.67.141.247
  957.  
  958. [+] Subdomain: cardsmarketingcenter.citigroup.com
  959. [-] IP: 192.193.216.82
  960.  
  961. [+] Subdomain: securemailcenter.citigroup.com
  962. [-] IP: 192.193.154.4
  963.  
  964. [+] Subdomain: securecredentialserver.citigroup.com
  965. [-] IP: 192.193.154.5
  966.  
  967. [+] Subdomain: rewardsdr.consumerhr.citigroup.com
  968. [-] IP: 199.67.137.191
  969.  
  970. [+] Subdomain: rewards.consumerhr.citigroup.com
  971. [-] IP: 192.193.219.150
  972.  
  973. [+] Subdomain: jobs.citigroup.com
  974. [-] IP: 63.131.135.125
  975.  
  976. [+] Subdomain: uat2.wealthplannerondevices.citigroup.com
  977. [-] IP: 192.193.173.245
  978.  
  979. [+] Subdomain: sit2.wealthplannerondevices.citigroup.com
  980. [-] IP: 192.193.173.244
  981.  
  982. [+] Subdomain: uatwealthplannerondevices.citigroup.com
  983. [-] IP: 192.193.173.182
  984.  
  985. [+] Subdomain: uat1.citiplannerondevices.citigroup.com
  986. [-] IP: 199.67.137.238
  987.  
  988. [+] Subdomain: globalremittanceuat1.transactionservices.citigroup.com
  989. [-] IP: 192.193.200.84
  990.  
  991. [+] Subdomain: testmarketing2.transactionservices.citigroup.com
  992. [-] IP: 192.193.182.20
  993.  
  994. [+] Subdomain: globalremittanceuat2.transactionservices.citigroup.com
  995. [-] IP: 192.193.200.49
  996.  
  997. [+] Subdomain: globalremittancepreprod.transactionservices.citigroup.com
  998. [-] IP: 192.193.200.244
  999.  
  1000. [+] Subdomain: globalremittance.transactionservices.citigroup.com
  1001. [-] IP: 192.193.200.244
  1002.  
  1003. [+] Subdomain: citiconnectcob.trade.transactionservices.citigroup.com
  1004. [-] IP: 192.193.133.103
  1005.  
  1006. [+] Subdomain: citiconnect.trade.transactionservices.citigroup.com
  1007. [-] IP: 192.193.165.236
  1008.  
  1009. [+] Subdomain: uat.citiconnect.trade.transactionservices.citigroup.com
  1010. [-] IP: 192.193.128.108
  1011.  
  1012. [+] Subdomain: www.uat.citidirectunitmatching.transactionservices.citigroup.com
  1013. [-] IP: 199.67.207.120
  1014.  
  1015. [+] Subdomain: email.transactionservices.citigroup.com
  1016. [-] IP: 63.149.195.18
  1017.  
  1018. [+] Subdomain: mta934.email.transactionservices.citigroup.com
  1019. [-] IP: 8.7.43.214
  1020.  
  1021. [+] Subdomain: mta935.email.transactionservices.citigroup.com
  1022. [-] IP: 8.7.43.215
  1023.  
  1024. [+] Subdomain: a.ns.email.transactionservices.citigroup.com
  1025. [-] IP: 65.125.54.133
  1026.  
  1027. [+] Subdomain: b.ns.email.transactionservices.citigroup.com
  1028. [-] IP: 65.125.54.134
  1029.  
  1030. [+] Subdomain: c.ns.email.transactionservices.citigroup.com
  1031. [-] IP: 216.15.189.57
  1032.  
  1033. [+] Subdomain: d.ns.email.transactionservices.citigroup.com
  1034. [-] IP: 216.15.189.58
  1035.  
  1036. [+] Subdomain: e.ns.email.transactionservices.citigroup.com
  1037. [-] IP: 207.251.96.133
  1038.  
  1039. [+] Subdomain: f.ns.email.transactionservices.citigroup.com
  1040. [-] IP: 207.251.96.134
  1041.  
  1042. [+] Subdomain: d.mx.email.transactionservices.citigroup.com
  1043. [-] IP: 63.148.46.97
  1044.  
  1045. [+] Subdomain: fundsecurefiletransfer.transactionservices.citigroup.com
  1046. [-] IP: 199.67.137.83
  1047.  
  1048. [+] Subdomain: portfolioanalytics.transactionservices.citigroup.com
  1049. [-] IP: 192.193.86.54
  1050.  
  1051. [+] Subdomain: digitalcertificates.transactionservices.citigroup.com
  1052. [-] IP: 199.67.184.186
  1053.  
  1054. [+] Subdomain: globalremittanceuat.transactionservices.citigroup.com
  1055. [-] IP: 192.193.183.34
  1056.  
  1057. [+] Subdomain: identitygatewayuat.transactionservices.citigroup.com
  1058. [-] IP: 192.193.183.103
  1059.  
  1060. [+] Subdomain: reply.transactionservices.citigroup.com
  1061. [-] IP: 192.193.56.103
  1062.  
  1063. [+] Subdomain: debtxportal.issuerservices.citigroup.com
  1064. [-] IP: 192.193.56.78
  1065.  
  1066. [+] Subdomain: debtxportaluat.issuerservices.citigroup.com
  1067. [-] IP: 192.193.35.36
  1068.  
  1069. [+] Subdomain: cob.in.onlinecollectionsservices.citigroup.com
  1070. [-] IP: 192.193.128.202
  1071.  
  1072. [+] Subdomain: uat.in.onlinecollectionsservices.citigroup.com
  1073. [-] IP: 192.193.128.125
  1074.  
  1075. [+] Subdomain: taxseries.citigroup.com
  1076. [-] IP: 192.193.183.218
  1077.  
  1078. [+] Subdomain: uat.cititaxseries.citigroup.com
  1079. [-] IP: 192.193.183.220
  1080.  
  1081. [+] Subdomain: irams.citigroup.com
  1082. [-] IP: 199.67.141.239
  1083.  
  1084. [+] Subdomain: loansoperations.citigroup.com
  1085. [-] IP: 199.67.184.160
  1086.  
  1087. [+] Subdomain: openwealthsolutions.citigroup.com
  1088. [-] IP: 192.193.173.97
  1089.  
  1090. [+] Subdomain: stg.openwealthsolutions.citigroup.com
  1091. [-] IP: 192.193.183.41
  1092.  
  1093. [+] Subdomain: hsbc.stg.openwealthsolutions.citigroup.com
  1094. [-] IP: 192.193.183.42
  1095.  
  1096. [+] Subdomain: tempstg.openwealthsolutions.citigroup.com
  1097. [-] IP: 192.193.219.113
  1098.  
  1099. [+] Subdomain: stgportal.openwealthsolutions.citigroup.com
  1100. [-] IP: 192.193.86.75
  1101.  
  1102. [+] Subdomain: tiaacref.preproduction.openwealthsolutions.citigroup.com
  1103. [-] IP: 192.193.173.97
  1104.  
  1105. [+] Subdomain: tempopenwealthsolutions.citigroup.com
  1106. [-] IP: 192.193.173.139
  1107.  
  1108. [+] Subdomain: login.volunteers.citigroup.com
  1109. [-] IP: 199.67.184.210
  1110.  
  1111. [+] Subdomain: disasterrecovery.login.volunteers.citigroup.com
  1112. [-] IP: 199.67.182.210
  1113.  
  1114. [+] Subdomain: www.volunteers.citigroup.com
  1115. [-] IP: 192.193.218.28
  1116.  
  1117. [+] Subdomain: www.approvedsuppliers.citigroup.com
  1118. [-] IP: 199.67.139.149
  1119.  
  1120. [+] Subdomain: tempworkers.citigroup.com
  1121. [-] IP: 192.193.218.181
  1122.  
  1123. [+] Subdomain: boardofdirectors.citigroup.com
  1124. [-] IP: 192.193.183.104
  1125.  
  1126. [+] Subdomain: dr.boardofdirectors.citigroup.com
  1127. [-] IP: 199.67.137.251
  1128.  
  1129. [+] Subdomain: uat.boardofdirectors.citigroup.com
  1130. [-] IP: 199.67.137.250
  1131.  
  1132. [+] Subdomain: secureaccess.citigroup.com
  1133. [-] IP: 199.67.137.24
  1134.  
  1135. [+] Subdomain: www.newhireprocess.citigroup.com
  1136. [-] IP: 192.193.218.3
  1137.  
  1138. [+] Subdomain: www.angelpoints.citigroup.com
  1139. [-] IP: 69.20.24.4
  1140.  
  1141. [+] Subdomain: ecommercelaws.citigroup.com
  1142. [-] IP: 199.67.184.191
  1143.  
  1144. [+] Subdomain: news.citigroup.com
  1145. [-] IP: 173.231.190.151
  1146.  
  1147. [+] Subdomain: mail.news.citigroup.com
  1148. [-] IP: 173.231.190.148
  1149.  
  1150. [+] Subdomain: smtpinbound-uat.citigroup.com
  1151. [-] IP: 192.193.193.79
  1152.  
  1153. [+] Subdomain: citidirectportal4.uat.citigroup.com
  1154. [-] IP: 192.193.183.146
  1155.  
  1156. [+] Subdomain: asia.citidirectportal4.uat.citigroup.com
  1157. [-] IP: 192.193.162.143
  1158.  
  1159. [+] Subdomain: citidirect4.uat.citigroup.com
  1160. [-] IP: 192.193.182.175
  1161.  
  1162. [+] Subdomain: procurementsourcing.uat.citigroup.com
  1163. [-] IP: 192.193.173.72
  1164.  
  1165. [+] Subdomain: login.uat.citigroup.com
  1166. [-] IP: 192.193.174.127
  1167.  
  1168. [+] Subdomain: totalcomp.uat.citigroup.com
  1169. [-] IP: 192.193.174.195
  1170.  
  1171. [+] Subdomain: secureaccess.uat.citigroup.com
  1172. [-] IP: 192.193.104.113
  1173.  
  1174. [+] Subdomain: fidirectstream10uat.citigroup.com
  1175. [-] IP: 199.67.182.227
  1176.  
  1177. [+] Subdomain: fidirectstream01uat.citigroup.com
  1178. [-] IP: 199.67.184.139
  1179.  
  1180. [+] Subdomain: fidirectstream02uat.citigroup.com
  1181. [-] IP: 199.67.185.133
  1182.  
  1183. [+] Subdomain: fidirectstream12uat.citigroup.com
  1184. [-] IP: 199.67.183.132
  1185.  
  1186. [+] Subdomain: digitalcertificate7uat.citigroup.com
  1187. [-] IP: 192.193.218.25
  1188.  
  1189. [+] Subdomain: citigroupsoauat.citigroup.com
  1190. [-] IP: 199.67.137.240
  1191.  
  1192. [+] Subdomain: securefiletransferftpuat.citigroup.com
  1193. [-] IP: 192.193.218.127
  1194.  
  1195. [+] Subdomain: securefiletransferuat.citigroup.com
  1196. [-] IP: 192.193.173.119
  1197.  
  1198. [+] Subdomain: cardsmarketingcenteruat.citigroup.com
  1199. [-] IP: 192.193.216.81
  1200.  
  1201. [+] Subdomain: directsalesagentuat.citigroup.com
  1202. [-] IP: 192.193.133.225
  1203.  
  1204. [+] Subdomain: api.citiconnect.citigroup.com
  1205. [-] IP: 192.193.104.58
  1206.  
  1207. [+] Subdomain: uat.api.citiconnect.citigroup.com
  1208. [-] IP: 192.193.104.57
  1209.  
  1210. [+] Subdomain: uat11.citidirect.citigroup.com
  1211. [-] IP: 192.193.182.209
  1212.  
  1213. [+] Subdomain: citidirectonlineuat11.citidirect.citigroup.com
  1214. [-] IP: 192.193.182.206
  1215.  
  1216. [+] Subdomain: qc21.citidirect.citigroup.com
  1217. [-] IP: 192.193.182.220
  1218.  
  1219. [+] Subdomain: highassuranceidentityqc21.citidirect.citigroup.com
  1220. [-] IP: 192.193.218.131
  1221.  
  1222. [+] Subdomain: uat21.citidirect.citigroup.com
  1223. [-] IP: 192.193.182.217
  1224.  
  1225. [+] Subdomain: testqc31.citidirect.citigroup.com
  1226. [-] IP: 192.193.182.71
  1227.  
  1228. [+] Subdomain: highassuranceidentityqc31.citidirect.citigroup.com
  1229. [-] IP: 192.193.182.74
  1230.  
  1231. [+] Subdomain: citidirectonline31.citidirect.citigroup.com
  1232. [-] IP: 192.193.182.73
  1233.  
  1234. [+] Subdomain: uat31.citidirect.citigroup.com
  1235. [-] IP: 192.193.182.230
  1236.  
  1237. [+] Subdomain: citidirectonlineuat31.citidirect.citigroup.com
  1238. [-] IP: 192.193.182.243
  1239.  
  1240. [+] Subdomain: qc41.citidirect.citigroup.com
  1241. [-] IP: 192.193.182.194
  1242.  
  1243. [+] Subdomain: citidirectonlineqc41.citidirect.citigroup.com
  1244. [-] IP: 192.193.182.189
  1245.  
  1246. [+] Subdomain: uat1.citidirect.citigroup.com
  1247. [-] IP: 192.193.182.113
  1248.  
  1249. [+] Subdomain: uat2.citidirect.citigroup.com
  1250. [-] IP: 192.193.182.111
  1251.  
  1252. [+] Subdomain: pte.citidirect.citigroup.com
  1253. [-] IP: 192.193.183.20
  1254.  
  1255. [+] Subdomain: customertest.citidirect.citigroup.com
  1256. [-] IP: 192.193.182.227
  1257.  
  1258. [+] Subdomain: koreacitidirect.citigroup.com
  1259. [-] IP: 192.193.81.179
  1260.  
  1261. [+] Subdomain: secureaccess.sit.citigroup.com
  1262. [-] IP: 199.67.183.221
  1263.  
  1264. [+] Subdomain: uat2.directsalesagent.citigroup.com
  1265. [-] IP: 192.193.173.164
  1266.  
  1267. [+] Subdomain: uatdirectsalesagent.citigroup.com
  1268. [-] IP: 192.193.174.78
  1269.  
  1270. [+] Subdomain: thirdpartyassessment.citigroup.com
  1271. [-] IP: 192.193.183.132
  1272.  
  1273. [+] Subdomain: remoteprint.citigroup.com
  1274. [-] IP: 199.67.139.99
  1275.  
  1276. [+] Subdomain: www.electronicbillingtest.citigroup.com
  1277. [-] IP: 199.67.139.56
  1278.  
  1279. [+] Subdomain: cookieutilitytest.citigroup.com
  1280. [-] IP: 199.67.141.182
  1281.  
  1282. [+] Subdomain: smtpinbound-mpod-ru.citigroup.com
  1283. [-] IP: 192.193.158.11
  1284.  
  1285. [+] Subdomain: uat2.customer360view.citigroup.com
  1286. [-] IP: 192.193.174.80
  1287.  
  1288. [+] Subdomain: smtpinbound-new.citigroup.com
  1289. [-] IP: 199.67.141.127
  1290.  
  1291. [+] Subdomain: cookieutility4x.citigroup.com
  1292. [-] IP: 199.67.139.210
  1293.  
  1294. [+] Subdomain: cookieutility5x.citigroup.com
  1295. [-] IP: 199.67.141.249
  1296.  
  1297. [+] Subdomain: www.equityindex.citigroup.com
  1298. [-] IP: 199.67.139.151
  1299.  
  1300. [+] Subdomain: loansoperationscontingency.citigroup.com
  1301. [-] IP: 199.67.183.157
  1302.  
  1303. [+] Subdomain: uat1.emailsurvey.citigroup.com
  1304. [-] IP: 192.193.173.153
  1305.  
  1306. [+] Subdomain: pat.emailsurvey.citigroup.com
  1307. [-] IP: 192.193.157.181
  1308.  
  1309. [+] Subdomain: uat.emailsurvey.citigroup.com
  1310. [-] IP: 192.193.173.91
  1311.  
  1312. [+] Subdomain: filetransferuat.italy.citigroup.com
  1313. [-] IP: 199.67.207.98
  1314.  
  1315. [+] Subdomain: bondexchange.disasterrecovery.citigroup.com
  1316. [-] IP: 199.67.139.212
  1317.  
  1318. [+] Subdomain: dali.disasterrecovery.citigroup.com
  1319. [-] IP: 192.193.218.106
  1320.  
  1321. [+] Subdomain: www.morningstar.disasterrecovery.citigroup.com
  1322. [-] IP: 199.67.182.198
  1323.  
  1324. [+] Subdomain: www.travelplanner.disasterrecovery.citigroup.com
  1325. [-] IP: 199.67.139.254
  1326.  
  1327. [+] Subdomain: tempworkers.disasterrecovery.citigroup.com
  1328. [-] IP: 199.67.137.54
  1329.  
  1330. [+] Subdomain: ssbstatements.disasterrecovery.citigroup.com
  1331. [-] IP: 199.67.139.38
  1332.  
  1333. [+] Subdomain: wealthplanneradvisory.citigroup.com
  1334. [-] IP: 192.193.157.179
  1335.  
  1336. [+] Subdomain: uat2.wealthplanneradvisory.citigroup.com
  1337. [-] IP: 199.67.137.44
  1338.  
  1339. [+] Subdomain: cookieutility.citigroup.com
  1340. [-] IP: 199.67.137.43
  1341. #######################################################################################################################################
  1342. [?] Enter the target: example( http://domain.com )
  1343. https://www.citigroup.com/citi/
  1344. [!] IP Address : 104.98.33.172
  1345. [!] www.citigroup.com doesn't seem to use a CMS
  1346. [+] Honeypot Probabilty: 0%
  1347. ---------------------------------------------------------------------------------------------------------------------------------------
  1348. [~] Trying to gather whois information for www.citigroup.com
  1349. [+] Whois information found
  1350. [-] Unable to build response, visit https://who.is/whois/www.citigroup.com
  1351. ---------------------------------------------------------------------------------------------------------------------------------------
  1352. PORT     STATE    SERVICE
  1353. 21/tcp   filtered ftp
  1354. 22/tcp   filtered ssh
  1355. 23/tcp   filtered telnet
  1356. 80/tcp   open     http
  1357. 110/tcp  filtered pop3
  1358. 143/tcp  filtered imap
  1359. 443/tcp  open     https
  1360. 3389/tcp filtered ms-wbt-server
  1361. Nmap done: 1 IP address (1 host up) scanned in 3.20 seconds
  1362. ---------------------------------------------------------------------------------------------------------------------------------------
  1363. There was an error getting results
  1364.  
  1365. [-] DNS Records
  1366. [>] Initiating 3 intel modules
  1367. [>] Loading Alpha module (1/3)
  1368. [>] Beta module deployed (2/3)
  1369. [>] Gamma module initiated (3/3)
  1370. No emails found
  1371.  
  1372. [+] Hosts found in search engines:
  1373. ---------------------------------------------------------------------------------------------------------------------------------------
  1374. [-] Resolving hostnames IPs...
  1375. [+] Virtual hosts:
  1376. ---------------------------------------------------------------------------------------------------------------------------------------
  1377. #######################################################################################################################################
  1378. ======================================================================================================================================
  1379. | External hosts:
  1380. | [+] External Host Found: https://news.citigroup.com
  1381. | [+] External Host Found: http://online.wsj.com
  1382. | [+] External Host Found: http://www.nyc.gov
  1383. | [+] External Host Found: https://citigroup.com
  1384. | [+] External Host Found: http://www.crainsnewyork.com
  1385. | [+] External Host Found: https://cdns.gigya.com
  1386. | [+] External Host Found: http://edge.media-server.com
  1387. | [+] External Host Found: https://ajax.googleapis.com
  1388. | [+] External Host Found: https://play.google.com
  1389. | [+] External Host Found: http://www.iadb.org
  1390. | [+] External Host Found: http://blog.citigroup.com
  1391. | [+] External Host Found: https://www.linkedin.com
  1392. | [+] External Host Found: https://plus.google.com
  1393. | [+] External Host Found: http://citigroup.com
  1394. | [+] External Host Found: http://www.citi.com
  1395. | [+] External Host Found: http://www.surveyofmayors.com
  1396. | [+] External Host Found: https://event.webcasts.com
  1397. | [+] External Host Found: http://www.veracast.com
  1398. | [+] External Host Found: http://instagram.com
  1399. | [+] External Host Found: https://cc.talkpoint.com
  1400. | [+] External Host Found: https://www.citivelocity.com
  1401. | [+] External Host Found: https://www.facebook.com
  1402. | [+] External Host Found: https://cdnjs.cloudflare.com
  1403. | [+] External Host Found: http://www.huffingtonpost.com
  1404. | [+] External Host Found: http://careers.citigroup.com
  1405. | [+] External Host Found: https://twitter.com
  1406. | [+] External Host Found: https://blog.citigroup.com
  1407. | [+] External Host Found: http://cdn.gigya.com
  1408. | [+] External Host Found: https://edge.media-server.com
  1409. | [+] External Host Found: https://itunes.apple.com
  1410. | [+] External Host Found: https://www.webcaster4.com
  1411. | [+] External Host Found: http://www.homemattersamerica.com
  1412. | [+] External Host Found: https://www.youtube.com
  1413. | [+] External Host Found: https://www.veracast.com
  1414. =======================================================================================================================================
  1415. | E-mails:
  1416. | [+] E-mail Found: infringementnotice@citi.com
  1417. | [+] E-mail Found: msaleson@worldbank.org
  1418. | [+] E-mail Found: navicon@2.png
  1419. | [+] E-mail Found: anthony.ingham@citi.com,
  1420. | [+] E-mail Found: ryann.gastwirth@ft.com
  1421. | [+] E-mail Found: citiforcities@citi.com
  1422. | [+] E-mail Found: kristina.eriksson@ft.com
  1423. | [+] E-mail Found: csantospianesi@worldbank.org
  1424. | [+] E-mail Found: rpost@worldbank.org
  1425. =======================================================================================================================================
  1426. #######################################################################################################################################
  1427.  
  1428. ; <<>> DiG 9.11.5-P1-1-Debian <<>> citigroup.com
  1429. ;; global options: +cmd
  1430. ;; Got answer:
  1431. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35732
  1432. ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
  1433.  
  1434. ;; OPT PSEUDOSECTION:
  1435. ; EDNS: version: 0, flags:; udp: 4096
  1436. ;; QUESTION SECTION:
  1437. ;citigroup.com.         IN  A
  1438.  
  1439. ;; ANSWER SECTION:
  1440. citigroup.com.      3600    IN  A   192.193.102.175
  1441. citigroup.com.      3600    IN  A   192.193.218.130
  1442.  
  1443. ;; Query time: 503 msec
  1444. ;; SERVER: 27.50.70.139#53(27.50.70.139)
  1445. ;; WHEN: sam jan 26 07:52:17 EST 2019
  1446. ;; MSG SIZE  rcvd: 74
  1447. #######################################################################################################################################
  1448. ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace citigroup.com
  1449. ;; global options: +cmd
  1450. .           85379   IN  NS  b.root-servers.net.
  1451. .           85379   IN  NS  k.root-servers.net.
  1452. .           85379   IN  NS  e.root-servers.net.
  1453. .           85379   IN  NS  j.root-servers.net.
  1454. .           85379   IN  NS  g.root-servers.net.
  1455. .           85379   IN  NS  m.root-servers.net.
  1456. .           85379   IN  NS  i.root-servers.net.
  1457. .           85379   IN  NS  a.root-servers.net.
  1458. .           85379   IN  NS  l.root-servers.net.
  1459. .           85379   IN  NS  f.root-servers.net.
  1460. .           85379   IN  NS  d.root-servers.net.
  1461. .           85379   IN  NS  c.root-servers.net.
  1462. .           85379   IN  NS  h.root-servers.net.
  1463. .           85379   IN  RRSIG   NS 8 0 518400 20190208050000 20190126040000 16749 . q3rKVHRQb5EcsI86uppQah+11q0MrACf+KdZ1Qpcu7OkWgpa17mr6Glj 06BKGkKp7Fl1oRZ8Lmzgd/DsEXwb+/1zG/m2hIDsbNkrBBv0Mw1cNb8s vSetOM+aOpggSzRKeZFjMIpZAVXj3dYIA0jdMuUXT+/myvTc3rBTNv6j +YLIV2l7500Jl54ZLiZC5v0B8y/limYOuwLu3T4zW238vO+xQYMluRXL H8K4p057sjUrFDlL2GSFKDw/DfPdgWEmhci/GwVZnzPEgKR1EN2yXxLC kvuw2SBF+cbku/zJM+3YTV7TfCwx1TuZkIuNUx1OiTs0HtoOyruzKv+B /C+XjQ==
  1464. ;; Received 525 bytes from 27.50.70.139#53(27.50.70.139) in 354 ms
  1465.  
  1466. com.            172800  IN  NS  a.gtld-servers.net.
  1467. com.            172800  IN  NS  b.gtld-servers.net.
  1468. com.            172800  IN  NS  c.gtld-servers.net.
  1469. com.            172800  IN  NS  d.gtld-servers.net.
  1470. com.            172800  IN  NS  e.gtld-servers.net.
  1471. com.            172800  IN  NS  f.gtld-servers.net.
  1472. com.            172800  IN  NS  g.gtld-servers.net.
  1473. com.            172800  IN  NS  h.gtld-servers.net.
  1474. com.            172800  IN  NS  i.gtld-servers.net.
  1475. com.            172800  IN  NS  j.gtld-servers.net.
  1476. com.            172800  IN  NS  k.gtld-servers.net.
  1477. com.            172800  IN  NS  l.gtld-servers.net.
  1478. com.            172800  IN  NS  m.gtld-servers.net.
  1479. com.            86400   IN  DS  30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
  1480. com.            86400   IN  RRSIG   DS 8 1 86400 20190208050000 20190126040000 16749 . ZeR2FbDpSLBwWOA4vLlGMLGdnK2cia5MyTI1XW4R6nx5Ue//c+/xanKi NtxEKMJZmMsEXfAH0x20a949IHTdKoAjesDj0tLAGTTCPnEp7WdI/5Zg tp5mnmvYJoIpvCA397vZqoA/oJNpbKJzJ7dZQkUT0udi9p9wQzPuK4gm 77kRluvcmPTfjdK+EKAp3XpH5TRjBZF7nK7RBjQylQrWt+vkhscPUiiP f9FHgFdU8Lki8sjcnhkQWMRsv+hcueR+p336Tgluonyk2+PZ68oL4cFu VZQo3dif2Ot2ruSVyQ+22FtZSeB/PY71gEkWQgocuxW/xUgOoBef6v3t eaAxlw==
  1481. ;; Received 1173 bytes from 2001:7fd::1#53(k.root-servers.net) in 66 ms
  1482.  
  1483. citigroup.com.      172800  IN  NS  ns2.nsroot2.com.
  1484. citigroup.com.      172800  IN  NS  ns1.nsroot1.com.
  1485. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
  1486. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190131054530 20190124043530 16883 com. eg1n7WXtR3qpZdjJTrXm3VEqhRWwaMXbomHWLWO3+Mixz/f/h6DBNEre p2ua4BLyXKu6ZjFFeqpMWacSSLUULHt7U50ag5dJJm6EaSRunqsddPSX GLpVrikC+Xh4Y1de3bMzgz//7+/+GgNLHeGr+ko+KcS2D//B5sz+LmEb oqw=
  1487. I718T8Q0KPNQV4G44E96D1TH3156K9OD.com. 86400 IN NSEC3 1 1 0 - I719C2LSHBNNKNSOI65BC91CL3VMBESV NS DS RRSIG
  1488. I718T8Q0KPNQV4G44E96D1TH3156K9OD.com. 86400 IN RRSIG NSEC3 8 2 86400 20190131053555 20190124042555 16883 com. PacJXoQ1qpEYb8VplZ2RUnREIPl8gRAv1/Y6C3/6rqdEUiyCh5Bgk25y QulEL44B/fd4rnrZt2/9i8hMXatCJNlrBOZbj0jMJhi18eFMPC8rDR// ihJYuQz3JSYFPV7kGR3tyTeT3zk3zxGhHG1fLF+SXybZIc/3Q2H7k4z7 4DQ=
  1489. ;; Received 611 bytes from 192.48.79.30#53(j.gtld-servers.net) in 479 ms
  1490.  
  1491. citigroup.com.      3600    IN  A   192.193.102.175
  1492. citigroup.com.      3600    IN  A   192.193.218.130
  1493. citigroup.com.      3600    IN  NS  ns1.nsroot1.com.
  1494. citigroup.com.      3600    IN  NS  ns2.nsroot2.com.
  1495. ;; Received 126 bytes from 69.36.145.33#53(ns2.nsroot2.com) in 423 ms
  1496. #######################################################################################################################################
  1497. Traceroute 'www.citigroup.com '
  1498. ---------------------------------------------------------------------------------------------------------------------------------------
  1499.  
  1500. Start: 2019-01-26T12:54:20+0000
  1501. HOST: web01                                               Loss%   Snt   Last   Avg  Best  Wrst StDev
  1502.   1.|-- 45.79.12.201                                         0.0%     3    1.2   0.9   0.6   1.2   0.3
  1503.   2.|-- 45.79.12.4                                           0.0%     3    0.7   0.7   0.7   0.7   0.0
  1504.   3.|-- dls-b22-link.telia.net                               0.0%     3    1.3   1.0   0.8   1.3   0.2
  1505.   4.|-- dls-b21-link.telia.net                               0.0%     3    2.2   2.0   1.4   2.5   0.6
  1506.   5.|-- dls-b23-link.telia.net                               0.0%     3    1.4   1.5   1.4   1.5   0.1
  1507.   6.|-- akamai-ic-341035-dls-b21.c.telia.net                 0.0%     3   37.9  38.0  37.7  38.2   0.3
  1508.   7.|-- ae16.cyrusone-dfw.netarch.akamai.com                 0.0%     3    2.6   8.6   2.6  19.5   9.4
  1509.   8.|-- a23-193-81-104.deploy.static.akamaitechnologies.com  0.0%     3    2.1   2.0   1.7   2.3   0.3
  1510. #######################################################################################################################################
  1511. [*] Performing General Enumeration of Domain: citigroup.com
  1512. [-] DNSSEC is not configured for citigroup.com
  1513. [*]      SOA ns1.nsroot1.com 209.112.114.33
  1514. [*]      NS ns1.nsroot1.com 209.112.114.33
  1515. [*]      NS ns2.nsroot2.com 69.36.145.33
  1516. [*]      MX mx-a.mail.citi.com 67.231.145.106
  1517. [*]      MX mx-b.mail.citi.com 67.231.153.94
  1518. [*]      A citigroup.com 192.193.102.175
  1519. [*]      A citigroup.com 192.193.218.130
  1520. [*]      TXT citigroup.com facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn
  1521. [*]      TXT citigroup.com v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com
  1522. [*] Enumerating SRV Records
  1523. [-] No SRV Records Found for citigroup.com
  1524. [+] 0 Records Found
  1525. #######################################################################################################################################
  1526. [*] Processing domain citigroup.com
  1527. [*] Using system resolvers ['27.50.70.139', '38.132.106.139', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
  1528. [+] Getting nameservers
  1529. 209.112.114.33 - ns1.nsroot1.com
  1530. 69.36.145.33 - ns2.nsroot2.com
  1531. [-] Zone transfer failed
  1532.  
  1533. [+] TXT records found
  1534. "facebook-domain-verification=2amqbctg7cv6hq0dxq4tf107b3y0zn"
  1535. "v=spf1 a:1._spf.citigroup.com a:2._spf.citigroup.com include:spf-00123c01.pphosted.com redirect=ext1._spf.citigroup.com"
  1536.  
  1537. [+] MX records found, added to target list
  1538. 5 mx-a.mail.citi.com.
  1539. 5 mx-b.mail.citi.com.
  1540.  
  1541. [*] Scanning citigroup.com for A records
  1542. 192.193.102.175 - citigroup.com                      
  1543. 192.193.218.130 - citigroup.com
  1544. 146.20.81.168 - blog.citigroup.com                      
  1545. 116.255.21.208 - careers.citigroup.com                  
  1546. 116.255.21.202 - careers.citigroup.com
  1547. 63.131.135.125 - jobs.citigroup.com                              
  1548. 192.193.183.206 - login.citigroup.com                  
  1549. 116.255.21.202 - m.citigroup.com                        
  1550. 116.255.21.208 - m.citigroup.com
  1551. 192.193.71.4 - mail.citigroup.com                
  1552. 199.67.141.124 - mail.citigroup.com
  1553. 192.193.96.36 - mail.citigroup.com
  1554. 199.67.141.127 - mail.citigroup.com
  1555. 192.193.193.95 - mail.citigroup.com
  1556. 199.67.141.25 - mail.citigroup.com
  1557. 192.193.96.33 - mail.citigroup.com
  1558. 192.193.96.35 - mail.citigroup.com
  1559. 192.193.222.93 - mail.citigroup.com
  1560. 192.193.96.34 - mail.citigroup.com
  1561. 192.193.219.201 - mail.citigroup.com
  1562. 192.193.71.3 - mail.citigroup.com
  1563. 192.193.219.200 - mail.citigroup.com
  1564. 173.231.190.151 - news.citigroup.com                  
  1565. 192.193.173.102 - training.citigroup.com                  
  1566. 104.98.33.172 - www.citigroup.com                      
  1567. 12.184.233.165 - www2.citigroup.com                
  1568.                                                #######################################################################################################################################
  1569. Ip Address  Status  Type    Domain Name         Server
  1570. ----------  ------  ----    -----------         ------
  1571. 146.20.81.168   301     host    blog.citigroup.com     
  1572. 116.255.21.208  403     alias   careers.citigroup.com      
  1573. 116.255.21.208  403 alias   www2.citi.com          
  1574. 116.255.21.208  403 alias   citi.mdc.edgesuite.net     
  1575. 116.255.21.208  403 host    a1168.b.akamai.net     
  1576. 116.255.21.202  403 host    a1168.b.akamai.net     
  1577. 63.131.135.125  301     host    jobs.citigroup.com     
  1578. 192.193.183.206 503     host    login.citigroup.com    
  1579. 116.255.21.202  403     alias   m.citigroup.com        
  1580. 116.255.21.202  403 alias   www2.citi.com          
  1581. 116.255.21.202  403 alias   citi.mdc.edgesuite.net     
  1582. 116.255.21.202  403 host    a1168.b.akamai.net     
  1583. 116.255.21.208  403 host    a1168.b.akamai.net     
  1584. 192.193.71.4            host    mail.citigroup.com     
  1585. 199.67.141.124      host    mail.citigroup.com     
  1586. 192.193.96.36       host    mail.citigroup.com     
  1587. 199.67.141.127      host    mail.citigroup.com     
  1588. 192.193.193.95      host    mail.citigroup.com     
  1589. 199.67.141.25       host    mail.citigroup.com     
  1590. 192.193.96.33       host    mail.citigroup.com     
  1591. 192.193.96.35       host    mail.citigroup.com     
  1592. 192.193.222.93      host    mail.citigroup.com     
  1593. 192.193.96.34       host    mail.citigroup.com     
  1594. 192.193.219.201     host    mail.citigroup.com     
  1595. 192.193.71.3        host    mail.citigroup.com     
  1596. 192.193.219.200     host    mail.citigroup.com     
  1597. 173.231.190.151 200     host    news.citigroup.com     
  1598. 192.193.173.102 302     host    training.citigroup.com     
  1599. 104.98.33.172   302     alias   www.citigroup.com      
  1600. 104.98.33.172   302 alias   san.www.citi.com.edgekey.net   
  1601. 104.98.33.172   302 host    e16976.x.akamaiedge.net    
  1602. 12.184.233.165  503     host    www2.citigroup.com     
  1603. #######################################################################################################################################
  1604. ====================================================================================
  1605.  GATHERING DNS INFO
  1606. ====================================================================================
  1607. dnsenum VERSION:1.2.4
  1608.  
  1609. -----   www.citigroup.com   -----
  1610.  
  1611.  
  1612. Host's addresses:
  1613. __________________
  1614.  
  1615. e16976.x.akamaiedge.net.                 4        IN    A        104.98.33.172
  1616.  
  1617.  
  1618. Name Servers:
  1619. ______________
  1620. #######################################################################################################################################
  1621. ---------------------------------------------------------------------------------------------------------------------------------------
  1622.  
  1623.  
  1624.      [x] Error downloading /webhp?hl=en-CA
  1625. [2/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedule_lon_plc.pdf
  1626. [3/25] http://www.citigroup.com/ipb/europe/pdfs/keyfact_adv_lon_plc.pdf
  1627. [4/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_lon.pdf
  1628.      [x] Error in PDF metadata Software
  1629.      [x] Error in PDF metadata Creator
  1630. [5/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_plc_0113.pdf
  1631. [6/25] http://www.citigroup.com/ipb/europe/pdfs/transferfund_lon_plc.pdf
  1632.      [x] Error in PDF metadata Software
  1633.      [x] Error in PDF metadata Creator
  1634. [7/25] https://www.citigroup.com/citi/about/data/ukr_finq033118_interim.pdf
  1635.      [x] Error in the parsing process
  1636. [8/25] http://www.citigroup.com/privatebank/lawassociates/pdfs/mort.pdf
  1637.      [x] Error in the parsing process
  1638. [9/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedulelondon_aug.pdf
  1639. [10/25] https://www.citigroup.com/citi/crs/newsroom/2016_0223a.pdf
  1640.      [x] Error in the parsing process
  1641. [11/25] http://www.citigroup.com/ipb/europe/pdfs/feeschedule_1102.pdf
  1642. [12/25] https://www.citigroup.com/australia/awards/entry-form.pdf
  1643.      [x] Error in the parsing process
  1644. [13/25] http://www.citigroup.com/ipb/europe/pdfs/keyfacts_combined.pdf
  1645. [14/25] http://www.citigroup.com/ipb/europe/pdfs/saver_tc.pdf
  1646. [15/25] https://www.citigroup.com/citi/crs/newsroom/2014_1201a.pdf
  1647.      [x] Error in the parsing process
  1648. [16/25] http://www.citigroup.com/uae/consumer/info/pdf/insurance_2.pdf
  1649.      [x] Error in the parsing process
  1650. [17/25] http://www.citigroup.com/slovakia/homepage/slovak/docs/tvorba_ks.pdf
  1651.      [x] Error in the parsing process
  1652. [18/25] http://www.citigroup.com/uae/consumer/info/pdf/insurance_1.pdf
  1653.      [x] Error in the parsing process
  1654. [19/25] https://www.citigroup.com/citi/investor/data/ar10cp.pdf%3FieNocache%3D165
  1655.      [x] Error in the parsing process
  1656. [20/25] https://www.citigroup.com/citi/foundation/pdf/2008_CitizenshipReport.pdf%3FieNocache%3D155
  1657.      [x] Error in the parsing process
  1658. [21/25] https://www.citigroup.com/citi/citizen/community/data/2013/citi_ca.pdf
  1659.      [x] Error in the parsing process
  1660. [22/25] https://www.citigroup.com/citi/citizen/community/data/2013/citi_md_es.pdf
  1661.      [x] Error in the parsing process
  1662. [23/25] https://www.citigroup.com/icg/sa/citicommunitycapital/docs/affordable_housing-042516.pdf
  1663.      [x] Error in the parsing process
  1664. [24/25] https://www.citigroup.com/citi/foundation/pdf/2007_CitizenshipReport.pdf%3FieNocache%3D155
  1665.      [x] Error in the parsing process
  1666. [25/25] https://www.citigroup.com/icg/docs/Opportunity_Zone_Client_Update20180912.pdf
  1667. ---------------------------------------------------------------------------------------------------------------------------------------
  1668.  
  1669. [+] List of users found:
  1670. ---------------------------------------------------------------------------------------------------------------------------------------
  1671. Nolte, Clifford [ICG]
  1672. Majid, Irfan [CCC-OT_IT]
  1673. sunnyjuttla
  1674. Unknown User
  1675. Zlotoff, Jacob [ICG-MKTS]
  1676. Leo Bazil
  1677. Dan O'Connor
  1678. Leo Bazil
  1679. Dan O'Connor
  1680. Leo Bazil
  1681. Dan O'Connor
  1682. Leo Bazil
  1683. Dan O'Connor
  1684. Leo Bazil
  1685. Dan O'Connor
  1686. Leo Bazil
  1687. Dan O'Connor
  1688. Leo Bazil
  1689. Dan O'Connor
  1690. Leo Bazil
  1691. Dan O'Connor
  1692. Leo Bazil
  1693. Dan O'Connor
  1694.  
  1695. [+] List of software found:
  1696. --------------------------------------------------------------------------------------------------------------------------------------
  1697. Microsoft Office Word
  1698. FullPress 16.02 RIP 8.54 43664
  1699. Adobe InDesign CS3 (5.0.1)
  1700. Adobe PDF Library 10.0.1
  1701. Adobe InDesign CS6 (Macintosh)
  1702. Adobe InDesign CS4 (6.0)
  1703. Adobe PDF Library 15.0
  1704. Acrobat PDFMaker 15 for Word
  1705. Microsoft Excel
  1706. Microsoft Excel
  1707. Microsoft Excel
  1708. Microsoft Excel
  1709. Microsoft Excel
  1710. Microsoft Excel
  1711. Microsoft Excel
  1712. Microsoft Excel
  1713. Microsoft Excel
  1714. #######################################################################################################################################
  1715.  
  1716. Running Source: Ask
  1717. Running Source: Archive.is
  1718. Running Source: Baidu
  1719. Running Source: Bing
  1720. Running Source: CertDB
  1721. Running Source: CertificateTransparency
  1722. Running Source: Certspotter
  1723. Running Source: Commoncrawl
  1724. Running Source: Crt.sh
  1725. Running Source: Dnsdb
  1726. Running Source: DNSDumpster
  1727. Running Source: DNSTable
  1728. Running Source: Dogpile
  1729. Running Source: Exalead
  1730. Running Source: Findsubdomains
  1731. Running Source: Googleter
  1732. Running Source: Hackertarget
  1733. Running Source: Ipv4Info
  1734. Running Source: PTRArchive
  1735. Running Source: Sitedossier
  1736. Running Source: Threatcrowd
  1737. Running Source: ThreatMiner
  1738. Running Source: WaybackArchive
  1739. Running Source: Yahoo
  1740.  
  1741. Running enumeration on www.citigroup.com
  1742.  
  1743. dnsdb: Unexpected return status 503
  1744.  
  1745. crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
  1746.  
  1747. waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.citigroup.com/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.citigroup.com/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
  1748.  
  1749.  
  1750. Starting Bruteforcing of www.citigroup.com with 9985 words
  1751.  
  1752. Total 1 Unique subdomains found for www.citigroup.com
  1753.  
  1754. .www.citigroup.com
  1755. #######################################################################################################################################
  1756. [+] www.citigroup.com has no SPF record!
  1757. [*] No DMARC record found. Looking for organizational record
  1758. [*] Found organizational DMARC record:
  1759. [*] v=DMARC1; p=reject; rua=mailto:citi@rua.agari.com,mailto:dmarc.reports.rua@citi.com
  1760. [*] No explicit organizational subdomain policy. Defaulting to organizational policy
  1761. [-] DMARC policy set to reject
  1762. [-] Spoofing not possible for www.citigroup.com
  1763. #######################################################################################################################################
  1764. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:56 EST
  1765. Nmap scan report for www.citigroup.com (104.98.33.172)
  1766. Host is up (0.24s latency).
  1767. rDNS record for 104.98.33.172: a104-98-33-172.deploy.static.akamaitechnologies.com
  1768. Not shown: 471 filtered ports, 3 closed ports
  1769. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  1770. PORT    STATE SERVICE
  1771. 80/tcp  open  http
  1772. 443/tcp open  https
  1773. #######################################################################################################################################
  1774. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:56 EST
  1775. Nmap scan report for www.citigroup.com (104.98.33.172)
  1776. Host is up (0.23s latency).
  1777. rDNS record for 104.98.33.172: a104-98-33-172.deploy.static.akamaitechnologies.com
  1778. Not shown: 2 filtered ports
  1779. PORT     STATE         SERVICE
  1780. 53/udp   open|filtered domain
  1781. 67/udp   open|filtered dhcps
  1782. 68/udp   open|filtered dhcpc
  1783. 69/udp   open|filtered tftp
  1784. 88/udp   open|filtered kerberos-sec
  1785. 123/udp  open|filtered ntp
  1786. 139/udp  open|filtered netbios-ssn
  1787. 161/udp  open|filtered snmp
  1788. 162/udp  open|filtered snmptrap
  1789. 389/udp  open|filtered ldap
  1790. 520/udp  open|filtered route
  1791. 2049/udp open|filtered nfs
  1792. #######################################################################################################################################
  1793. http://www.citigroup.com [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/]
  1794. https://www.citigroup.com/ [301 Moved Permanently] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[http://www.citigroup.com/citi/]
  1795. http://www.citigroup.com/citi/ [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/citi/]
  1796. https://www.citigroup.com/citi/ [200 OK] Country[UNITED STATES][US], HTML5, IP[104.98.33.172], Meta-Refresh-Redirect[/citi/noscript.html], Script, Title[Citi | Responsible Finance - Financial Ingenuity - Global Bank], X-UA-Compatible[IE=edge]
  1797. https://www.citigroup.com/citi/noscript.html [200 OK] Country[UNITED STATES][US], IP[104.98.33.172], Title[Citibank Online]
  1798. #######################################################################################################################################
  1799. wig - WebApp Information Gatherer
  1800.  
  1801.  
  1802. Scanning https://www.citigroup.com...
  1803. ______________________ SITE INFO ______________________
  1804. IP               Title                                
  1805. 104.98.33.172    Citi | Responsible Finance - Financi
  1806.                                                        
  1807. _______________________ VERSION _______________________
  1808. Name             Versions           Type              
  1809. akamaighost                         Platform          
  1810.                                                        
  1811. _____________________ INTERESTING _____________________
  1812. URL              Note               Type              
  1813. /readme.html     Readme file        Interesting        
  1814. /install.php     Installation file  Interesting        
  1815. /test.php        Test file          Interesting        
  1816.                                                        
  1817. _______________________________________________________
  1818. Time: 118.3 sec  Urls: 618          Fingerprints: 40401
  1819. #######################################################################################################################################
  1820. HTTP/1.1 302 Found
  1821. Date: Sat, 26 Jan 2019 12:59:00 GMT
  1822. Content-Length: 0
  1823. Location: https://www.citigroup.com/
  1824. Connection: keep-alive
  1825.  
  1826. HTTP/1.1 302 Found
  1827. Date: Sat, 26 Jan 2019 12:59:01 GMT
  1828. Content-Length: 0
  1829. Location: https://www.citigroup.com/
  1830. Connection: keep-alive
  1831.  
  1832. HTTP/1.1 403 Forbidden
  1833. Server: AkamaiGHost
  1834. Mime-Version: 1.0
  1835. Content-Type: text/html
  1836. Content-Length: 266
  1837. Expires: Sat, 26 Jan 2019 12:59:03 GMT
  1838. Date: Sat, 26 Jan 2019 12:59:03 GMT
  1839. Connection: close
  1840. ######################################################################################################################################
  1841. Could not open input file: 1
  1842.  + -- --=[Port 110 closed... skipping.
  1843.  + -- --=[Port 111 closed... skipping.
  1844.  + -- --=[Port 123 closed... skipping.
  1845.  + -- --=[Port 135 closed... skipping.
  1846.  + -- --=[Port 137 closed... skipping.
  1847.  + -- --=[Port 139 closed... skipping.
  1848.  + -- --=[Port 161 closed... skipping.
  1849.  + -- --=[Port 162 closed... skipping.
  1850.  + -- --=[Port 389 closed... skipping.
  1851.  + -- --=[Port 443 opened... running tests...
  1852. ====================================================================================
  1853.  CHECKING FOR WAF
  1854. ====================================================================================
  1855.  
  1856.                                  ^     ^
  1857.         _   __  _   ____ _   __  _    _   ____
  1858.        ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
  1859.       | V V // o // _/ | V V // 0 // 0 // _/
  1860.       |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
  1861.                                 <
  1862.                                 ...'
  1863.  
  1864.     WAFW00F - Web Application Firewall Detection Tool
  1865.  
  1866.     By Sandro Gauci && Wendel G. Henrique
  1867.  
  1868. Checking https://www.citigroup.com
  1869. Generic Detection results:
  1870. No WAF detected by the generic detection
  1871. Number of requests: 14
  1872. #######################################################################################################################################
  1873. https://www.citigroup.com [301 Moved Permanently] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[http://www.citigroup.com/citi/]
  1874. http://www.citigroup.com/citi/ [302 Found] Country[UNITED STATES][US], IP[104.98.33.172], RedirectLocation[https://www.citigroup.com/citi/]
  1875. https://www.citigroup.com/citi/ [200 OK] Country[UNITED STATES][US], HTML5, IP[104.98.33.172], Meta-Refresh-Redirect[/citi/noscript.html], Script, Title[Citi | Responsible Finance - Financial Ingenuity - Global Bank], X-UA-Compatible[IE=edge]
  1876. https://www.citigroup.com/citi/noscript.html [200 OK] Country[UNITED STATES][US], IP[104.98.33.172], Title[Citibank Online]
  1877. #######################################################################################################################################
  1878.  
  1879. wig - WebApp Information Gatherer
  1880.  
  1881.  
  1882. Scanning https://www.citigroup.com...
  1883. _________________ SITE INFO _________________
  1884. IP             Title                        
  1885. 104.98.33.172  Citi | Responsible Finance -
  1886.                                              
  1887. __________________ VERSION __________________
  1888. Name           Versions   Type              
  1889. akamaighost               Platform          
  1890.                                              
  1891. _____________________________________________
  1892. Time: 1.6 sec  Urls: 618  Fingerprints: 40401
  1893. #######################################################################################################################################
  1894. HTTP/1.1 403 Forbidden
  1895. Server: AkamaiGHost
  1896. Mime-Version: 1.0
  1897. Content-Type: text/html
  1898. Content-Length: 266
  1899. Expires: Sat, 26 Jan 2019 13:00:20 GMT
  1900. Date: Sat, 26 Jan 2019 13:00:20 GMT
  1901. Connection: close
  1902.  
  1903. HTTP/1.1 403 Forbidden
  1904. Server: AkamaiGHost
  1905. Mime-Version: 1.0
  1906. Content-Type: text/html
  1907. Content-Length: 266
  1908. Expires: Sat, 26 Jan 2019 13:00:21 GMT
  1909. Date: Sat, 26 Jan 2019 13:00:21 GMT
  1910. Connection: close
  1911. #######################################################################################################################################
  1912. Version: 1.11.12-static
  1913. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  1914.  
  1915. Connected to 104.98.33.172
  1916.  
  1917. Testing SSL server www.citigroup.com on port 443 using SNI name www.citigroup.com
  1918.  
  1919.   TLS Fallback SCSV:
  1920. Server supports TLS Fallback SCSV
  1921.  
  1922.   TLS renegotiation:
  1923. Session renegotiation not supported
  1924.  
  1925.   TLS Compression:
  1926. Compression disabled
  1927.  
  1928.   Heartbleed:
  1929. TLS 1.2 not vulnerable to heartbleed
  1930. TLS 1.1 not vulnerable to heartbleed
  1931. TLS 1.0 not vulnerable to heartbleed
  1932.  
  1933.   Supported Server Cipher(s):
  1934. Preferred TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
  1935. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
  1936. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
  1937. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  1938. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
  1939. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
  1940. Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384            
  1941. Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256            
  1942. Accepted  TLSv1.2  256 bits  AES256-SHA256                
  1943. Accepted  TLSv1.2  256 bits  AES256-SHA                  
  1944. Accepted  TLSv1.2  128 bits  AES128-SHA256                
  1945. Accepted  TLSv1.2  128 bits  AES128-SHA                  
  1946.  
  1947.   SSL Certificate:
  1948. Signature Algorithm: sha256WithRSAEncryption
  1949. RSA Key Strength:    2048
  1950.  
  1951. Subject:  www.citi.com
  1952. Altnames: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
  1953. Issuer:   DigiCert SHA2 Extended Validation Server CA
  1954.  
  1955. Not valid before: Sep  4 00:00:00 2018 GMT
  1956. Not valid after:  Jan  2 12:00:00 2020 GMT
  1957. #######################################################################################################################################
  1958. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
  1959. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  1960. Host is up (0.24s latency).
  1961. Not shown: 471 filtered ports, 3 closed ports
  1962. Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
  1963. PORT    STATE SERVICE
  1964. 80/tcp  open  http
  1965. 443/tcp open  https
  1966. #######################################################################################################################################
  1967. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
  1968. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  1969. Host is up (0.23s latency).
  1970. Not shown: 2 filtered ports
  1971. PORT     STATE         SERVICE
  1972. 53/udp   open|filtered domain
  1973. 67/udp   open|filtered dhcps
  1974. 68/udp   open|filtered dhcpc
  1975. 69/udp   open|filtered tftp
  1976. 88/udp   open|filtered kerberos-sec
  1977. 123/udp  open|filtered ntp
  1978. 139/udp  open|filtered netbios-ssn
  1979. 161/udp  open|filtered snmp
  1980. 162/udp  open|filtered snmptrap
  1981. 389/udp  open|filtered ldap
  1982. 520/udp  open|filtered route
  1983. 2049/udp open|filtered nfs
  1984. #######################################################################################################################################
  1985. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:40 EST
  1986. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  1987. Host is up (0.12s latency).
  1988.  
  1989. PORT   STATE         SERVICE VERSION
  1990. 67/udp open|filtered dhcps
  1991. |_dhcp-discover: ERROR: Script execution failed (use -d to debug)
  1992. Too many fingerprints match this host to give specific OS details
  1993. Network Distance: 10 hops
  1994.  
  1995. TRACEROUTE (using proto 1/icmp)
  1996. HOP RTT       ADDRESS
  1997. 1   230.70 ms 10.248.200.1
  1998. 2   230.72 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  1999. 3   231.50 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2000. 4   231.52 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2001. 5   244.87 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2002. 6   370.53 ms 4826.hkg.equinix.com (119.27.63.115)
  2003. 7   346.60 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2004. 8   346.63 ms 114.31.192.39
  2005. 9   353.57 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2006. 10  345.69 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2007. #######################################################################################################################################
  2008. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:42 EST
  2009. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2010. Host is up (0.12s latency).
  2011.  
  2012. PORT   STATE         SERVICE VERSION
  2013. 68/udp open|filtered dhcpc
  2014. Too many fingerprints match this host to give specific OS details
  2015. Network Distance: 10 hops
  2016.  
  2017. TRACEROUTE (using proto 1/icmp)
  2018. HOP RTT       ADDRESS
  2019. 1   228.58 ms 10.248.200.1
  2020. 2   228.62 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  2021. 3   229.34 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2022. 4   229.95 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2023. 5   229.38 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2024. 6   368.19 ms 4826.hkg.equinix.com (119.27.63.115)
  2025. 7   344.24 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2026. 8   344.26 ms 114.31.192.39
  2027. 9   483.46 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2028. 10  343.48 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2029. #######################################################################################################################################
  2030. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:44 EST
  2031. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2032. Host is up (0.13s latency).
  2033.  
  2034. PORT   STATE         SERVICE VERSION
  2035. 69/udp open|filtered tftp
  2036. Too many fingerprints match this host to give specific OS details
  2037. Network Distance: 10 hops
  2038.  
  2039. TRACEROUTE (using proto 1/icmp)
  2040. HOP RTT       ADDRESS
  2041. 1   229.32 ms 10.248.200.1
  2042. 2   229.37 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  2043. 3   230.15 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2044. 4   230.75 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2045. 5   230.21 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2046. 6   369.10 ms 4826.hkg.equinix.com (119.27.63.115)
  2047. 7   345.57 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2048. 8   345.18 ms 114.31.192.39
  2049. 9   346.96 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2050. 10  344.41 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2051. #######################################################################################################################################
  2052. wig - WebApp Information Gatherer
  2053.  
  2054.  
  2055. Scanning http://104.98.33.172...
  2056. ______________________ SITE INFO ______________________
  2057. IP               Title                                
  2058. 104.98.33.172                                        
  2059.                                                        
  2060. _______________________ VERSION _______________________
  2061. Name             Versions           Type              
  2062.                                                        
  2063. _____________________ INTERESTING _____________________
  2064. URL              Note               Type              
  2065. /readme.html     Readme file        Interesting        
  2066. /install.php     Installation file  Interesting        
  2067. /test.php        Test file          Interesting        
  2068. /test.htm        Test file          Interesting        
  2069.                                                        
  2070. _______________________________________________________
  2071. Time: 113.0 sec  Urls: 598          Fingerprints: 40401
  2072. #######################################################################################################################################
  2073. HTTP/1.1 400 Bad Request
  2074. Mime-Version: 1.0
  2075. Content-Type: text/html
  2076. Content-Length: 208
  2077. Expires: Sat, 26 Jan 2019 12:49:24 GMT
  2078. Date: Sat, 26 Jan 2019 12:49:24 GMT
  2079. Connection: keep-alive
  2080.  
  2081. HTTP/1.1 400 Bad Request
  2082. Mime-Version: 1.0
  2083. Content-Type: text/html
  2084. Content-Length: 208
  2085. Expires: Sat, 26 Jan 2019 12:49:24 GMT
  2086. Date: Sat, 26 Jan 2019 12:49:24 GMT
  2087. Connection: keep-alive
  2088. #######################################################################################################################################
  2089. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:49 EST
  2090. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2091. Host is up (0.12s latency).
  2092.  
  2093. PORT    STATE         SERVICE VERSION
  2094. 123/udp open|filtered ntp
  2095. Too many fingerprints match this host to give specific OS details
  2096. Network Distance: 10 hops
  2097.  
  2098. TRACEROUTE (using proto 1/icmp)
  2099. HOP RTT       ADDRESS
  2100. 1   229.69 ms 10.248.200.1
  2101. 2   229.72 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  2102. 3   230.27 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2103. 4   232.64 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2104. 5   230.63 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2105. 6   369.34 ms 4826.hkg.equinix.com (119.27.63.115)
  2106. 7   345.56 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2107. 8   355.62 ms 114.31.192.39
  2108. 9   348.33 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2109. 10  344.59 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2110. #######################################################################################################################################
  2111. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 07:51 EST
  2112. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2113. Host is up (0.28s latency).
  2114.  
  2115. PORT    STATE         SERVICE VERSION
  2116. 161/tcp filtered      snmp
  2117. 161/udp open|filtered snmp
  2118. Too many fingerprints match this host to give specific OS details
  2119. Network Distance: 10 hops
  2120.  
  2121. TRACEROUTE (using proto 1/icmp)
  2122. HOP RTT       ADDRESS
  2123. 1   229.47 ms 10.248.200.1
  2124. 2   229.50 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  2125. 3   229.51 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2126. 4   230.51 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2127. 5   229.54 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2128. 6   368.30 ms 4826.hkg.equinix.com (119.27.63.115)
  2129. 7   344.32 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2130. 8   344.36 ms 114.31.192.39
  2131. 9   346.73 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2132. 10  343.58 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2133. #######################################################################################################################################
  2134. Version: 1.11.12-static
  2135. OpenSSL 1.0.2-chacha (1.0.2g-dev)
  2136.  
  2137. Connected to 104.98.33.172
  2138.  
  2139. Testing SSL server 104.98.33.172 on port 443 using SNI name 104.98.33.172
  2140.  
  2141.   TLS Fallback SCSV:
  2142. Server supports TLS Fallback SCSV
  2143.  
  2144.   TLS renegotiation:
  2145. Session renegotiation not supported
  2146.  
  2147.   TLS Compression:
  2148. Compression disabled
  2149.  
  2150.   Heartbleed:
  2151. TLS 1.2 not vulnerable to heartbleed
  2152. TLS 1.1 not vulnerable to heartbleed
  2153. TLS 1.0 not vulnerable to heartbleed
  2154.  
  2155.   Supported Server Cipher(s):
  2156. Preferred TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
  2157. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
  2158. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
  2159. Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
  2160. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
  2161. Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
  2162. Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384            
  2163. Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256            
  2164. Accepted  TLSv1.2  256 bits  AES256-SHA256                
  2165. Accepted  TLSv1.2  256 bits  AES256-SHA                  
  2166. Accepted  TLSv1.2  128 bits  AES128-SHA256                
  2167. Accepted  TLSv1.2  128 bits  AES128-SHA                  
  2168.  
  2169.   SSL Certificate:
  2170. Signature Algorithm: sha256WithRSAEncryption
  2171. RSA Key Strength:    2048
  2172.  
  2173. Subject:  www.citi.com
  2174. Altnames: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
  2175. Issuer:   DigiCert SHA2 Extended Validation Server CA
  2176.  
  2177. Not valid before: Sep  4 00:00:00 2018 GMT
  2178. Not valid after:  Jan  2 12:00:00 2020 GMT
  2179. #######################################################################################################################################
  2180. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 08:00 EST
  2181. NSE: Loaded 148 scripts for scanning.
  2182. NSE: Script Pre-scanning.
  2183. NSE: Starting runlevel 1 (of 2) scan.
  2184. Initiating NSE at 08:00
  2185. Completed NSE at 08:00, 0.00s elapsed
  2186. NSE: Starting runlevel 2 (of 2) scan.
  2187. Initiating NSE at 08:00
  2188. Completed NSE at 08:00, 0.00s elapsed
  2189. Initiating Ping Scan at 08:00
  2190. Scanning 104.98.33.172 [4 ports]
  2191. Completed Ping Scan at 08:00, 0.28s elapsed (1 total hosts)
  2192. Initiating Parallel DNS resolution of 1 host. at 08:00
  2193. Completed Parallel DNS resolution of 1 host. at 08:00, 0.02s elapsed
  2194. Initiating Connect Scan at 08:00
  2195. Scanning a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172) [1000 ports]
  2196. Discovered open port 443/tcp on 104.98.33.172
  2197. Discovered open port 80/tcp on 104.98.33.172
  2198. Completed Connect Scan at 08:01, 18.47s elapsed (1000 total ports)
  2199. Initiating Service scan at 08:01
  2200. Scanning 2 services on a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2201. Completed Service scan at 08:01, 36.12s elapsed (2 services on 1 host)
  2202. Initiating OS detection (try #1) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2203. Retrying OS detection (try #2) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2204. Initiating Traceroute at 08:01
  2205. Completed Traceroute at 08:01, 0.38s elapsed
  2206. Initiating Parallel DNS resolution of 10 hosts. at 08:01
  2207. Completed Parallel DNS resolution of 10 hosts. at 08:02, 16.50s elapsed
  2208. NSE: Script scanning 104.98.33.172.
  2209. NSE: Starting runlevel 1 (of 2) scan.
  2210. Initiating NSE at 08:02
  2211. Completed NSE at 08:02, 16.19s elapsed
  2212. NSE: Starting runlevel 2 (of 2) scan.
  2213. Initiating NSE at 08:02
  2214. Completed NSE at 08:02, 0.00s elapsed
  2215. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2216. Host is up, received reset ttl 64 (0.25s latency).
  2217. Scanned at 2019-01-26 08:00:41 EST for 95s
  2218. Not shown: 995 filtered ports
  2219. Reason: 995 no-responses
  2220. PORT    STATE  SERVICE      REASON       VERSION
  2221. 25/tcp  closed smtp         conn-refused
  2222. 80/tcp  open   http-proxy   syn-ack      Squid http proxy
  2223. |_http-open-proxy: Proxy might be redirecting requests
  2224. |_http-title: Invalid URL
  2225. 139/tcp closed netbios-ssn  conn-refused
  2226. 443/tcp open   ssl/http     syn-ack      AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
  2227. | ssl-cert: Subject: commonName=www.citi.com/organizationName=Citigroup Inc./stateOrProvinceName=New York/countryName=US/serialNumber=2154254/jurisdictionStateOrProvinceName=Delaware/localityName=New York/organizationalUnitName=Web Hosting Group/businessCategory=Private Organization/jurisdictionCountryName=US
  2228. | Subject Alternative Name: DNS:www.citi.com, DNS:icg.citi.com, DNS:www.citibank.com, DNS:www.citigroup.com, DNS:www.citiretailservices.com, DNS:www.finance.com, DNS:creditcards.citi.com, DNS:www.creditcards.citi.com, DNS:www1.citibank.com, DNS:www2.citibank.com, DNS:oncampus.citi.com, DNS:www.citibank.co.uk, DNS:ccsi.citi.com, DNS:prod.report.nacustomerexperience.citi.com
  2229. | Issuer: commonName=DigiCert SHA2 Extended Validation Server CA/organizationName=DigiCert Inc/countryName=US/organizationalUnitName=www.digicert.com
  2230. | Public Key type: rsa
  2231. | Public Key bits: 2048
  2232. | Signature Algorithm: sha256WithRSAEncryption
  2233. | Not valid before: 2018-09-04T00:00:00
  2234. | Not valid after:  2020-01-02T12:00:00
  2235. | MD5:   3aaa c3e6 5f76 e7ad 4d38 52d4 a712 8111
  2236. | SHA-1: 4c4d 3bd9 d6eb 2def c285 ba37 c719 cd31 bd2b 656b
  2237. | -----BEGIN CERTIFICATE-----
  2238. | MIIIaTCCB1GgAwIBAgIQCeeCLklJ+ryYwp8BfBicTDANBgkqhkiG9w0BAQsFADB1
  2239. | MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
  2240. | d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
  2241. | IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDkwNDAwMDAwMFoXDTIwMDEwMjEy
  2242. | MDAwMFowgeAxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
  2243. | BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
  2244. | EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV
  2245. | BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEaMBgGA1UECxMR
  2246. | V2ViIEhvc3RpbmcgR3JvdXAxFTATBgNVBAMTDHd3dy5jaXRpLmNvbTCCASIwDQYJ
  2247. | KoZIhvcNAQEBBQADggEPADCCAQoCggEBAPofaM5OmefncTXRvfrMhxiwCszeJzGZ
  2248. | 05xchdzCnIlqrMHqkj4Czh6x1obQccDnCVQN3iKNWkBe5rGYSnX3nBG+x2lZYfyq
  2249. | haLhEg3RZLtBYaW2VBXqxPD9BMEMv7oMikl/nRsR0L6ez6JhR85EByDCtIPHLIC/
  2250. | SxnHxZ2YamA5ORwWXUzsQQ9WEILn0WeHMt2cqB8UjHdQCXzwspuOB19b8iqMnvFN
  2251. | IF5G69xFb/rY2V50yekrDUNXdNos0FfecmVEMHMp0IMmCpPcoKJDfEuj9ib7EOPi
  2252. | 6zZe7s8L/HaBqVFFnilfSsp+6qMLToxg4/AAmoqtKfCTXqY0oixJMEMCAwEAAaOC
  2253. | BIcwggSDMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQW
  2254. | BBQ7c2NHTBqC+Usxooq0ppbSXTZpczCCATIGA1UdEQSCASkwggElggx3d3cuY2l0
  2255. | aS5jb22CDGljZy5jaXRpLmNvbYIQd3d3LmNpdGliYW5rLmNvbYIRd3d3LmNpdGln
  2256. | cm91cC5jb22CGnd3dy5jaXRpcmV0YWlsc2VydmljZXMuY29tgg93d3cuZmluYW5j
  2257. | ZS5jb22CFGNyZWRpdGNhcmRzLmNpdGkuY29tghh3d3cuY3JlZGl0Y2FyZHMuY2l0
  2258. | aS5jb22CEXd3dzEuY2l0aWJhbmsuY29tghF3d3cyLmNpdGliYW5rLmNvbYIRb25j
  2259. | YW1wdXMuY2l0aS5jb22CEnd3dy5jaXRpYmFuay5jby51a4INY2NzaS5jaXRpLmNv
  2260. | bYIpcHJvZC5yZXBvcnQubmFjdXN0b21lcmV4cGVyaWVuY2UuY2l0aS5jb20wDgYD
  2261. | VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNV
  2262. | HR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1z
  2263. | ZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hh
  2264. | Mi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYI
  2265. | KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEw
  2266. | gYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
  2267. | cnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
  2268. | RGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1Ud
  2269. | EwQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AKS5CZC0GFgUh7sTosxn
  2270. | cAo8NZgE+RvfuON3zQ7IDdwQAAABZaU2eOYAAAQDAEcwRQIgZ6iWZndvSt7UnkkR
  2271. | DX8YzEZjDnOYjI2pNyAM/aLqf5MCIQDnVsR5JYt3nQEgzKJ0RNq7brWitoKvSrmO
  2272. | PceTSv+g0gB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZaU2
  2273. | eVQAAAQDAEgwRgIhAJgwOI5eXLE4OMKDuVoQcObBGmHg+D1V5G5bWCf93wMBAiEA
  2274. | 8MFjEzOc8WAXckOjE+bfSTQJhb1IVgQrQZMA0k+EsNsAdwC72d+8H4pxtZOUI5eq
  2275. | kntHOFeVCqtS6BqQlmQ2jh7RhQAAAWWlNnncAAAEAwBIMEYCIQCQRv0QrL8Wv7qM
  2276. | PqFY3HDDzJo9gUVCTpLUJtXeUjbZagIhAMPDS1ZkS+5/ILUZBjf2pFXQ9L7J3jtd
  2277. | BkDlpzux5lNsMA0GCSqGSIb3DQEBCwUAA4IBAQCbmXpLDZWjCO/jHQqsGSTWS2ej
  2278. | KKRw0GoZ4MzS+LH8OUgz8xrYPR6PNgriep6Yj7bLcbducjrwkqfji+F70quRR/0B
  2279. | a90i5ory1o+w+8Moboj+xSQDrgn6RY3GZny2jkJMNG/wsXFe4R8JUrMjItGrqwZQ
  2280. | b+bn/sW+tBqlaLdFD4y9FWRqFtuRLoDxzOp0MVKzG4BI28S/TkUnd3eNPVI4WLpZ
  2281. | 1kRwZYujQZoxBhM53ylN90LPwaEOOfpWzWUw3rMVsk6o3ox4+vXhnGo0eB1p1C1/
  2282. | FmWZBOPLjqSNL6NMdq3RMJ97RF+LpjK7PcQ/U4tpaD5uKtZBNtbYbtA6c6LG
  2283. |_-----END CERTIFICATE-----
  2284. |_ssl-date: TLS randomness does not represent time
  2285. 445/tcp closed microsoft-ds conn-refused
  2286. Device type: general purpose|storage-misc|broadband router|WAP
  2287. Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), HP embedded (91%), Asus embedded (88%)
  2288. OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6.22
  2289. OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
  2290. Aggressive OS guesses: Linux 3.16 - 4.6 (94%), Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.18 (91%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (91%), Linux 3.16 (90%)
  2291. No exact OS matches for host (test conditions non-ideal).
  2292. TCP/IP fingerprint:
  2293. SCAN(V=7.70%E=4%D=1/26%OT=80%CT=25%CU=%PV=N%DS=10%DC=T%G=N%TM=5C4C5A58%P=x86_64-pc-linux-gnu)
  2294. SEQ(SP=103%GCD=1%ISR=108%TI=Z%CI=Z%II=I%TS=8)
  2295. SEQ(SP=103%GCD=1%ISR=108%TI=Z%CI=Z%TS=8)
  2296. OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
  2297. WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120)
  2298. ECN(R=Y%DF=Y%TG=40%W=7210%O=M4B3NNSNW7%CC=Y%Q=)
  2299. T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
  2300. T2(R=N)
  2301. T3(R=N)
  2302. T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  2303. T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
  2304. T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
  2305. T7(R=N)
  2306. U1(R=N)
  2307. IE(R=Y%DFI=N%TG=40%CD=S)
  2308.  
  2309. Uptime guess: 42.874 days (since Fri Dec 14 11:03:55 2018)
  2310. Network Distance: 10 hops
  2311. TCP Sequence Prediction: Difficulty=259 (Good luck!)
  2312. IP ID Sequence Generation: All zeros
  2313.  
  2314. TRACEROUTE (using proto 1/icmp)
  2315. HOP RTT       ADDRESS
  2316. 1   235.24 ms 10.248.200.1
  2317. 2   235.26 ms v106.ce02.hkg-10.hk.leaseweb.net (43.249.36.189)
  2318. 3   235.85 ms te-0-0-2-3.br02.hkg-10.hk.leaseweb.net (43.249.36.12)
  2319. 4   236.46 ms xe-5-1-0.br01.hkg-12.hk.leaseweb.net (64.120.119.226)
  2320. 5   235.88 ms ae-101.bb10.hkg-12.leaseweb.net (31.31.38.192)
  2321. 6   374.89 ms 4826.hkg.equinix.com (119.27.63.115)
  2322. 7   350.82 ms Te-0-0-0-2-8.cor01.syd11.nsw.VOCUS.net.au (119.161.84.31)
  2323. 8   350.84 ms 114.31.192.39
  2324. 9   354.19 ms as20940.bdr02.syd03.nsw.VOCUS.net.au (175.45.124.226)
  2325. 10  350.20 ms a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2326.  
  2327. NSE: Script Post-scanning.
  2328. NSE: Starting runlevel 1 (of 2) scan.
  2329. Initiating NSE at 08:02
  2330. Completed NSE at 08:02, 0.00s elapsed
  2331. NSE: Starting runlevel 2 (of 2) scan.
  2332. Initiating NSE at 08:02
  2333. Completed NSE at 08:02, 0.00s elapsed
  2334. Read data files from: /usr/bin/../share/nmap
  2335. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2336. Nmap done: 1 IP address (1 host up) scanned in 95.31 seconds
  2337.            Raw packets sent: 76 (6.604KB) | Rcvd: 112 (27.153KB)
  2338. #######################################################################################################################################
  2339. Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 08:02 EST
  2340. NSE: Loaded 148 scripts for scanning.
  2341. NSE: Script Pre-scanning.
  2342. Initiating NSE at 08:02
  2343. Completed NSE at 08:02, 0.00s elapsed
  2344. Initiating NSE at 08:02
  2345. Completed NSE at 08:02, 0.00s elapsed
  2346. Initiating Parallel DNS resolution of 1 host. at 08:02
  2347. Completed Parallel DNS resolution of 1 host. at 08:02, 0.02s elapsed
  2348. Initiating UDP Scan at 08:02
  2349. Scanning a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172) [14 ports]
  2350. Completed UDP Scan at 08:02, 3.15s elapsed (14 total ports)
  2351. Initiating Service scan at 08:02
  2352. Scanning 12 services on a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2353. Service scan Timing: About 8.33% done; ETC: 08:21 (0:17:47 remaining)
  2354. Completed Service scan at 08:04, 102.57s elapsed (12 services on 1 host)
  2355. Initiating OS detection (try #1) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2356. Retrying OS detection (try #2) against a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2357. Initiating Traceroute at 08:04
  2358. Completed Traceroute at 08:04, 7.31s elapsed
  2359. Initiating Parallel DNS resolution of 1 host. at 08:04
  2360. Completed Parallel DNS resolution of 1 host. at 08:04, 0.02s elapsed
  2361. NSE: Script scanning 104.98.33.172.
  2362. Initiating NSE at 08:04
  2363. Completed NSE at 08:04, 20.32s elapsed
  2364. Initiating NSE at 08:04
  2365. Completed NSE at 08:04, 1.65s elapsed
  2366. Nmap scan report for a104-98-33-172.deploy.static.akamaitechnologies.com (104.98.33.172)
  2367. Host is up (0.28s latency).
  2368.  
  2369. PORT     STATE         SERVICE      VERSION
  2370. 53/udp   open|filtered domain
  2371. 67/udp   open|filtered dhcps
  2372. 68/udp   open|filtered dhcpc
  2373. 69/udp   open|filtered tftp
  2374. 88/udp   open|filtered kerberos-sec
  2375. 123/udp  open|filtered ntp
  2376. 137/udp  filtered      netbios-ns
  2377. 138/udp  filtered      netbios-dgm
  2378. 139/udp  open|filtered netbios-ssn
  2379. 161/udp  open|filtered snmp
  2380. 162/udp  open|filtered snmptrap
  2381. 389/udp  open|filtered ldap
  2382. 520/udp  open|filtered route
  2383. 2049/udp open|filtered nfs
  2384. Too many fingerprints match this host to give specific OS details
  2385.  
  2386. TRACEROUTE (using port 138/udp)
  2387. HOP RTT       ADDRESS
  2388. 1   234.50 ms 10.248.200.1
  2389. 2   ... 3
  2390. 4   234.66 ms 10.248.200.1
  2391. 5   235.17 ms 10.248.200.1
  2392. 6   235.16 ms 10.248.200.1
  2393. 7   235.16 ms 10.248.200.1
  2394. 8   235.15 ms 10.248.200.1
  2395. 9   235.15 ms 10.248.200.1
  2396. 10  235.17 ms 10.248.200.1
  2397. 11  ... 18
  2398. 19  234.70 ms 10.248.200.1
  2399. 20  238.42 ms 10.248.200.1
  2400. 21  ... 28
  2401. 29  235.04 ms 10.248.200.1
  2402. 30  235.28 ms 10.248.200.1
  2403.  
  2404. NSE: Script Post-scanning.
  2405. Initiating NSE at 08:04
  2406. Completed NSE at 08:04, 0.00s elapsed
  2407. Initiating NSE at 08:04
  2408. Completed NSE at 08:04, 0.00s elapsed
  2409. Read data files from: /usr/bin/../share/nmap
  2410. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
  2411. Nmap done: 1 IP address (1 host up) scanned in 142.98 seconds
  2412.            Raw packets sent: 135 (8.008KB) | Rcvd: 397 (83.950KB)
  2413. #######################################################################################################################################
  2414.                                             Anonymous JTSEC  #‎OpIcarus Full Recon #1
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top