Nmap log

1. Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-24 14:20 MSK
2.  
3. NSE: Loaded 285 scripts for scanning.
4. NSE: Script Pre-scanning.
5.  
6. Initiating NSE at 14:20
7.  
8. NSE: [mtrace] A source IP must be provided through fromip argument.
9. NSE: [shodan-api] Error: Please specify your ShodanAPI key with the shodan-api.apikey argument
10.  
11. Completed NSE at 14:21, 10.47s elapsed
12. Initiating NSE at 14:21
13. Completed NSE at 14:21, 0.00s elapsed
14. Initiating NSE at 14:21
15. Completed NSE at 14:21, 0.00s elapsed
16.  
17. Pre-scan script results:
18. | targets-asn:
19. |_  targets-asn.asn is a mandatory parameter
20.  
21. Initiating Ping Scan at 14:21
22. Scanning 109.120.155.16 [7 ports]
23. Completed Ping Scan at 14:21, 0.01s elapsed (1 total hosts)
24. Initiating Parallel DNS resolution of 1 host. at 14:21
25. Completed Parallel DNS resolution of 1 host. at 14:21, 0.02s elapsed
26. Initiating SYN Stealth Scan at 14:21
27. Scanning 1535104041.nbrz.ru (109.120.155.16) [1000 ports]
28.  
29. Discovered open port 80/tcp on 109.120.155.16
30. Discovered open port 25/tcp on 109.120.155.16
31. Discovered open port 22/tcp on 109.120.155.16
32. Discovered open port 111/tcp on 109.120.155.16
33.  
34. Completed SYN Stealth Scan at 14:21, 1.59s elapsed (1000 total ports)
35. Initiating UDP Scan at 14:21
36. Scanning 1535104041.nbrz.ru (109.120.155.16) [1000 ports]
37. Increasing send delay for 109.120.155.16 from 0 to 50 due to max_successful_tryno increase to 5
38. Increasing send delay for 109.120.155.16 from 50 to 100 due to max_successful_tryno increase to 6
39. Warning: 109.120.155.16 giving up on port because retransmission cap hit (6).
40. Discovered open port 111/udp on 109.120.155.16
41. Increasing send delay for 109.120.155.16 from 100 to 200 due to 11 out of 20 dropped probes since last increase.
42. UDP Scan Timing: About 9.91% done; ETC: 14:26 (0:04:42 remaining)
43. Increasing send delay for 109.120.155.16 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
44. Increasing send delay for 109.120.155.16 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
45.  
46. UDP Scan Timing: About 94.81% done; ETC: 14:36 (0:00:47 remaining)
47. Completed UDP Scan at 14:36, 938.62s elapsed (1000 total ports)
48. Initiating Service scan at 14:36
49. Scanning 55 services on 1535104041.nbrz.ru (109.120.155.16)
50. Completed Service scan at 14:39, 165.22s elapsed (55 services on 1 host)
51.  
52. Initiating OS detection (try #1) against 1535104041.nbrz.ru (109.120.155.16)
53. Retrying OS detection (try #2) against 1535104041.nbrz.ru (109.120.155.16)
54. Retrying OS detection (try #3) against 1535104041.nbrz.ru (109.120.155.16)
55. Retrying OS detection (try #4) against 1535104041.nbrz.ru (109.120.155.16)
56. Retrying OS detection (try #5) against 1535104041.nbrz.ru (109.120.155.16)
57.  
58. Initiating Traceroute at 14:39
59. Completed Traceroute at 14:39, 0.02s elapsed
60. Initiating Parallel DNS resolution of 5 hosts. at 14:39
61. Completed Parallel DNS resolution of 5 hosts. at 14:39, 0.06s elapsed
62. NSE: Script scanning 109.120.155.16.
63. Initiating NSE at 14:39
64. NSE: [ip-geolocation-maxmind] You must specify a Maxmind database file with the maxmind_db argument.
65. NSE: [ip-geolocation-maxmind] Download the database from http://dev.maxmind.com/geoip/legacy/geolite/
66. sendto in send_ip_packet_sd: sendto(44, packet, 44, 0, 109.120.155.16, 16) => Network is down
67. Offending packet: TCP local > 109.120.155.16:111 S ttl=128 id=21969 iplen=11264  seq=298625210 win=3072 <mss 1460>
68. Completed NSE at 14:53, 804.14s elapsed
69. Initiating NSE at 14:53
70. Completed NSE at 14:53, 0.14s elapsed
71. Initiating NSE at 14:53
72. Completed NSE at 14:53, 0.10s elapsed
73. Nmap scan report for 1535104041.nbrz.ru (109.120.155.16)
74. Host is up (0.010s latency).
75.  
76. Not shown: 1944 closed ports, 50 open|filtered ports
77.  
78. PORT     STATE    SERVICE VERSION
79. 22/tcp   open     ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
80. |_banner: SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
81. | ssh-hostkey:
82. |   2048 db:a5:f2:f0:75:b7:3f:6a:f8:f2:53:c6:d6:da:67:cc (RSA)
83. |   256 4e:05:92:11:3e:34:a3:39:6b:31:50:bc:4c:86:f0:a5 (ECDSA)
84. |_  256 93:f1:37:9a:5d:bf:dc:96:48:48:24:86:c2:c7:8b:9c (ED25519)
85. | ssh2-enum-algos:
86. |   kex_algorithms: (6)
87. |       curve25519-sha256@libssh.org
88. |       ecdh-sha2-nistp256
89. |       ecdh-sha2-nistp384
90. |       ecdh-sha2-nistp521
91. |       diffie-hellman-group-exchange-sha256
92. |       diffie-hellman-group14-sha1
93. |   server_host_key_algorithms: (5)
94. |       ssh-rsa
95. |       rsa-sha2-512
96. |       rsa-sha2-256
97. |       ecdsa-sha2-nistp256
98. |       ssh-ed25519
99. |   encryption_algorithms: (6)
100. |       chacha20-poly1305@openssh.com
101. |       aes128-ctr
102. |       aes192-ctr
103. |       aes256-ctr
104. |       aes128-gcm@openssh.com
105. |       aes256-gcm@openssh.com
106. |   mac_algorithms: (10)
107. |       umac-64-etm@openssh.com
108. |       umac-128-etm@openssh.com
109. |       hmac-sha2-256-etm@openssh.com
110. |       hmac-sha2-512-etm@openssh.com
111. |       hmac-sha1-etm@openssh.com
112. |       umac-64@openssh.com
113. |       umac-128@openssh.com
114. |       hmac-sha2-256
115. |       hmac-sha2-512
116. |       hmac-sha1
117. |   compression_algorithms: (2)
118. |       none
119. |_      zlib@openssh.com
120. 25/tcp   open     smtp    Postfix smtpd
121. |_banner: 220 localhost.localdomain ESMTP Postfix (Ubuntu)
122. |_smtp-commands: localhost.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
123. | ssl-cert: Subject: commonName=localhost.localdomain
124. | Issuer: commonName=localhost.localdomain
125. | Public Key type: rsa
126. | Public Key bits: 2048
127. | Signature Algorithm: sha256WithRSAEncryption
128. | Not valid before: 2017-08-08T09:09:46
129. | Not valid after:  2027-08-06T09:09:46
130. | MD5:   525b 0518 d49c ef49 493d fe5b 3bf1 dbbe
131. |_SHA-1: b4ed ebd3 c990 15b7 29e3 dea4 4e79 fd1e 9aad 5aed
132. |_ssl-date: ERROR: Script execution failed (use -d to debug)
133. 80/tcp   open     http    Apache httpd 2.4.18 ((Ubuntu))
134. | http-backup-finder:
135. | Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=1535104041.nbrz.ru
136. |   http://1535104041.nbrz.ru:80/js/px copy.js
137. |   http://1535104041.nbrz.ru:80/js/Copy of px.js
138. |   http://1535104041.nbrz.ru:80/js/Copy (2) of px.js
139. |   http://1535104041.nbrz.ru:80/js/px copy.js
140. |   http://1535104041.nbrz.ru:80/js/Copy of px.js
141. |   http://1535104041.nbrz.ru:80/js/Copy (2) of px.js
142. |   http://1535104041.nbrz.ru:80/js/caf copy.js
143. |   http://1535104041.nbrz.ru:80/js/Copy of caf.js
144. |   http://1535104041.nbrz.ru:80/js/Copy (2) of caf.js
145. |   http://1535104041.nbrz.ru:80/js/adframe copy.js
146. |   http://1535104041.nbrz.ru:80/js/Copy of adframe.js
147. |_  http://1535104041.nbrz.ru:80/js/Copy (2) of adframe.js
148. |_http-comments-displayer: Couldn't find any comments.
149. |_http-date: Sun, 24 Mar 2019 11:39:50 GMT; 0s from local time.
150. | http-headers:
151. |   Date: Sun, 24 Mar 2019 11:39:51 GMT
152. |   Server: Apache/2.4.18 (Ubuntu)
153. |   Last-Modified: Sat, 23 Mar 2019 11:30:31 GMT
154. |   ETag: "13b-584c14c908b7e"
155. |   Accept-Ranges: bytes
156. |   Content-Length: 315
157. |   Vary: Accept-Encoding
158. |   Connection: close
159. |   Content-Type: text/html
160. |  
161. |_  (Request type: HEAD)
162. | http-methods:
163. |_  Supported Methods: GET HEAD POST OPTIONS
164. |_http-mobileversion-checker: No mobile version detected.
165. |_http-referer-checker: Couldn't find any cross-domain scripts.
166. |_http-security-headers:
167. |_http-server-header: Apache/2.4.18 (Ubuntu)
168. |_http-title: Site doesn't have a title (text/html).
169. | http-traceroute:
170. |_  Possible reverse proxy detected.
171. | http-useragent-tester:
172. |   Status for browser useragent: 200
173. |   Allowed User Agents:
174. |     Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
175. |     libwww
176. |     lwp-trivial
177. |     libcurl-agent/1.0
178. |     PHP/
179. |     Python-urllib/2.5
180. |     GT::WWW
181. |     Snoopy
182. |     MFC_Tear_Sample
183. |     HTTP::Lite
184. |     PHPCrawl
185. |     URI::Fetch
186. |     Zend_Http_Client
187. |     http client
188. |     PECL::HTTP
189. |     Wget/1.13.4 (linux-gnu)
190. |_    WWW-Mechanize/1.34
191. |_http-xssed: No previously reported XSS vuln.
192. 111/tcp  open     rpcbind 2-4 (RPC #100000)
193. | rpcinfo:
194. |   program version   port/proto  service
195. |   100000  2,3,4        111/tcp  rpcbind
196. |_  100000  2,3,4        111/udp  rpcbind
197. 4899/tcp filtered radmin
198. 111/udp  open     rpcbind 2-4 (RPC #100000)
199. | rpcinfo:
200. |   program version   port/proto  service
201. |   100000  2,3,4        111/tcp  rpcbind
202. |_  100000  2,3,4        111/udp  rpcbind
203. No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ).
204. TCP/IP fingerprint:
205. OS:SCAN(V=7.70%E=4%D=3/24%OT=22%CT=1%CU=2%PV=N%DS=5%DC=T%G=Y%TM=5C976FA8%P=
206. OS:x86_64-apple-darwin13.4.0)SEQ(SP=101%GCD=1%ISR=10C%TI=Z%II=I%TS=A)OPS(O1
207. OS:=M4ECST11NW7%O2=M4ECST11NW7%O3=M4ECNNT11NW7%O4=M4ECST11NW7%O5=M4ECST11NW
208. OS:7%O6=M4ECST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)ECN(R=
209. OS:Y%DF=Y%T=3F%W=3908%O=M4ECNNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=3F%S=O%A=S+%F=AS%R
210. OS:D=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=3F%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q
211. OS:=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=3F%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=
212. OS:G%RUD=G)IE(R=Y%DFI=N%T=3F%CD=S)
213.  
214. Uptime guess: 41.984 days (since Sun Feb 10 15:15:33 2019)
215. Network Distance: 5 hops
216. TCP Sequence Prediction: Difficulty=256 (Good luck!)
217. IP ID Sequence Generation: All zeros
218. Service Info: Host:  localhost.localdomain; OS: Linux; CPE: cpe:/o:linux:linux_kernel
219.  
220. Host script results:
221. | asn-query:
222. | BGP: 109.120.128.0/18 | Country: RU
223. |   Origin AS: 30968 - INFOBOX-AS Infobox.ru Autonomous System, RU
224. |_    Peer AS: 9002 20764 29076
225. | fcrdns:
226. |   1498632086.nbrz.ru:
227. |     status: fail
228. |     reason: FCRDNS mismatch
229. |     addresses:
230. |       192.64.147.152
231. |   1507907844.nbrz.ru:
232. |     status: fail
233. |     reason: FCRDNS mismatch
234. |     addresses:
235. |       192.64.147.152
236. |   1535104041.nbrz.ru:
237. |     status: fail
238. |     reason: FCRDNS mismatch
239. |     addresses:
240. |       192.64.147.152
241. |   1538494413.nbrz.ru:
242. |     status: fail
243. |     reason: FCRDNS mismatch
244. |     addresses:
245. |       192.64.147.152
246. |   1552073781.nbrz.ru:
247. |     status: fail
248. |     reason: FCRDNS mismatch
249. |     addresses:
250. |       192.64.147.152
251. |   at5.com:
252. |     status: fail
253. |     reason: FCRDNS mismatch
254. |     addresses:
255. |       54.76.127.67
256. |   freecc.xyz:
257. |     status: fail
258. |     reason: No A record
259. |   ftp-229618:
260. |     status: fail
261. |     reason: No A record
262. |   i.nbrz.ru:
263. |     status: fail
264. |     reason: FCRDNS mismatch
265. |     addresses:
266. |       192.64.147.152
267. |   karaev1006.nbrz.ru:
268. |     status: fail
269. |     reason: FCRDNS mismatch
270. |     addresses:
271. |       192.64.147.152
272. |   newsendfresh.ru:
273. |     status: fail
274. |     reason: No A record
275. |   nikita.surnachev03.nbrz.ru:
276. |     status: fail
277. |     reason: FCRDNS mismatch
278. |     addresses:
279. |       192.64.147.152
280. |   senior20932.nbrz.ru:
281. |     status: fail
282. |     reason: FCRDNS mismatch
283. |     addresses:
284. |       192.64.147.152
285. |   spichakovda.nbrz.ru:
286. |     status: fail
287. |     reason: FCRDNS mismatch
288. |     addresses:
289. |_      192.64.147.152
290. | firewalk:
291. | HOP  HOST          PROTOCOL  BLOCKED PORTS
292. | 0    local         udp       67
293. | 4    .*            tcp       4899
294. |_                   udp       3,23,199,512,814,998,1012,1020,1041
295. |_hostmap-robtex: ERROR: Script execution failed (use -d to debug)
296. | ip-geolocation-geoplugin:
297. |_109.120.155.16
298. |_ipidseq: All zeros
299. |_path-mtu: PMTU == 1300
300. | traceroute-geolocation:
301. |   HOP  RTT   ADDRESS                                           GEOLOCATION
302. |   1    0.39  10.***.0.1                                        localhost
303. |   2    0.90  h **********                                      private info
304. |   3    1.98  h **********                                      private info
305. |   4    1.51  unspecified.mtw.ru (37.228.89.2)                  55.752,37.616 Russia (Moscow)
306. |_  5    9.17  1535104041.nbrz.ru (109.120.155.16)               55.739,37.607 Russia ()
307. |_whois-domain: You should provide a domain name.
308. | whois-ip: Record found at whois.ripe.net
309. | inetnum: 109.120.155.0 - 109.120.157.255
310. | netname: INFOBOX-HYPER-V
311. | descr: Net for VPS servers.
312. | country: RU
313. | role: Infobox.ru contact data
314. |_email: noc@infobox.ru
315.  
316. TRACEROUTE (using port 995/tcp)
317. HOP RTT     ADDRESS
318. 1   0.39 ms local
319. 2   0.90 ms private
320. 3   1.98 ms private
321. 4   1.51 ms unspecified.mtw.ru (37.228.89.2)
322. 5   9.17 ms 1535104041.nbrz.ru (109.120.155.16)
323.  
324. NSE: Script Post-scanning.
325. Initiating NSE at 14:53
326. Completed NSE at 14:53, 0.00s elapsed
327. Initiating NSE at 14:53
328. Completed NSE at 14:53, 0.00s elapsed
329. Initiating NSE at 14:53
330. Completed NSE at 14:53, 0.00s elapsed
331. Read data files from: /usr/local/bin/../share/nmap
332. OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
333. Nmap done: 1 IP address (1 host up) scanned in 1938.90 seconds
334.           Raw packets sent: 2931 (123.005KB) | Rcvd: 2093 (103.997KB)