Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Nom de l'hôte www.kuklosknights.com FAI Unified Layer
- Continent Amérique du Nord Drapeau
- US
- Pays Etats-Unis d'Amérique Code du pays US
- Région Texas Heure locale 26 Jan 2019 02:29 CST
- Ville Houston Code Postal 77092
- Adresse IP 108.167.137.202 Latitude 29.832
- Longitude -95.472
- #######################################################################################################################################
- > www.kuklosknights.com
- Server: 27.50.70.139
- Address: 27.50.70.139#53
- Non-authoritative answer:
- www.kuklosknights.com canonical name = kuklosknights.com.
- Name: kuklosknights.com
- Address: 108.167.137.202
- >
- #######################################################################################################################################
- HostIP:108.167.137.202
- HostName:www.kuklosknights.com
- Gathered Inet-whois information for 108.167.137.202
- ---------------------------------------------------------------------------------------------------------------------------------------
- inetnum: 107.181.160.0 - 108.255.255.255
- netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
- descr: IPv4 address block not managed by the RIPE NCC
- remarks: ------------------------------------------------------
- remarks:
- remarks: For registration information,
- remarks: you can consult the following sources:
- remarks:
- remarks: IANA
- remarks: http://www.iana.org/assignments/ipv4-address-space
- remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
- remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
- remarks:
- remarks: AFRINIC (Africa)
- remarks: http://www.afrinic.net/ whois.afrinic.net
- remarks:
- remarks: APNIC (Asia Pacific)
- remarks: http://www.apnic.net/ whois.apnic.net
- remarks:
- remarks: ARIN (Northern America)
- remarks: http://www.arin.net/ whois.arin.net
- remarks:
- remarks: LACNIC (Latin America and the Carribean)
- remarks: http://www.lacnic.net/ whois.lacnic.net
- remarks:
- remarks: ------------------------------------------------------
- country: EU # Country is really world wide
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- status: ALLOCATED UNSPECIFIED
- mnt-by: RIPE-NCC-HM-MNT
- created: 2019-01-07T10:45:12Z
- last-modified: 2019-01-07T10:45:12Z
- source: RIPE
- role: Internet Assigned Numbers Authority
- address: see http://www.iana.org.
- admin-c: IANA1-RIPE
- tech-c: IANA1-RIPE
- nic-hdl: IANA1-RIPE
- remarks: For more information on IANA services
- remarks: go to IANA web site at http://www.iana.org.
- mnt-by: RIPE-NCC-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2001-09-22T09:31:27Z
- source: RIPE # Filtered
- % This query was served by the RIPE Database Query Service version 1.92.6 (WAGYU)
- Gathered Inic-whois information for kuklosknights.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Domain Name: KUKLOSKNIGHTS.COM
- Registry Domain ID: 1660351287_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.launchpad.com
- Registrar URL: http://www.launchpad.com
- Updated Date: 2017-06-09T18:21:59Z
- Creation Date: 2011-06-07T16:21:02Z
- Registry Expiry Date: 2021-06-07T16:21:02Z
- Registrar: Launchpad.com Inc.
- Registrar IANA ID: 955
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS157.EHOSTS.COM
- Name Server: NS158.EHOSTS.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-01-26T08:37:00Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- NOTICE: The expiration date displayed in this record is the date the
- registrar's sponsorship of the domain name registration in the registry is
- currently set to expire. This date does not necessarily reflect the expiration
- date of the domain name registrant's agreement with the sponsoring
- registrar. Users may consult the sponsoring registrar's Whois database to
- view the registrar's reported date of expiration for this registration.
- TERMS OF USE: You are not authorized to access or query our Whois
- database through the use of electronic processes that are high-volume and
- automated except as reasonably necessary to register domain names or
- modify existing registrations; the Data in VeriSign Global Registry
- Services' ("VeriSign") Whois database is provided by VeriSign for
- information purposes only, and to assist persons in obtaining information
- about or related to a domain name registration record. VeriSign does not
- guarantee its accuracy. By submitting a Whois query, you agree to abide
- by the following terms of use: You agree that you may use this Data only
- for lawful purposes and that under no circumstances will you use this Data
- to: (1) allow, enable, or otherwise support the transmission of mass
- unsolicited, commercial advertising or solicitations via e-mail, telephone,
- or facsimile; or (2) enable high volume, automated, electronic processes
- that apply to VeriSign (or its computer systems). The compilation,
- repackaging, dissemination or other use of this Data is expressly
- prohibited without the prior written consent of VeriSign. You agree not to
- use electronic processes that are automated and high-volume to access or
- query the Whois database except as reasonably necessary to register
- domain names or modify existing registrations. VeriSign reserves the right
- to restrict your access to the Whois database in its sole discretion to ensure
- operational stability. VeriSign may restrict or terminate your access to the
- Whois database for failure to abide by these terms of use. VeriSign
- reserves the right to modify these terms at any time.
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- Gathered Netcraft information for www.kuklosknights.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Retrieving Netcraft.com information for www.kuklosknights.com
- Netcraft.com Information gathered
- Gathered Subdomain information for kuklosknights.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- HostName:www.kuklosknights.com
- HostIP:108.167.137.202
- Searching Altavista.com:80...
- Found 1 possible subdomain(s) for host kuklosknights.com, Searched 0 pages containing 0 results
- Gathered E-Mail information for kuklosknights.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- Searching Google.com:80...
- Searching Altavista.com:80...
- Found 0 E-Mail(s) for host kuklosknights.com, Searched 0 pages containing 0 results
- Gathered TCP Port information for 108.167.137.202
- ---------------------------------------------------------------------------------------------------------------------------------------
- Port State
- 26/tcp open
- 53/tcp open
- 80/tcp open
- 110/tcp open
- 143/tcp open
- Portscan Finished: Scanned 150 ports, 142 ports were in state closed
- #######################################################################################################################################
- [i] Scanning Site: http://www.kuklosknights.com
- B A S I C I N F O
- =======================================================================================================================================
- [+] Site Title:
- [+] IP address: 108.167.137.202
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- =======================================================================================================================================
- Domain Name: KUKLOSKNIGHTS.COM
- Registry Domain ID: 1660351287_DOMAIN_COM-VRSN
- Registrar WHOIS Server: whois.launchpad.com
- Registrar URL: http://www.launchpad.com
- Updated Date: 2017-06-09T18:21:59Z
- Creation Date: 2011-06-07T16:21:02Z
- Registry Expiry Date: 2021-06-07T16:21:02Z
- Registrar: Launchpad.com Inc.
- Registrar IANA ID: 955
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Name Server: NS157.EHOSTS.COM
- Name Server: NS158.EHOSTS.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of whois database: 2019-01-26T08:46:38Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- The Registry database contains ONLY .COM, .NET, .EDU domains and
- Registrars.
- G E O I P L O O K U P
- =======================================================================================================================================
- [i] IP Address: 108.167.137.202
- [i] Country: United States
- [i] State: Texas
- [i] City: Houston
- [i] Latitude: 29.8324
- [i] Longitude: -95.472
- D N S L O O K U P
- =======================================================================================================================================
- kuklosknights.com. 14399 IN TXT "v=spf1 +a +mx +ip4:108.167.137.45 +include:websitewelcome.com ~all"
- kuklosknights.com. 14399 IN MX 0 mail.kuklosknights.com.
- kuklosknights.com. 21599 IN SOA ns157.ehosts.com. dnsadmin.e29.ehosts.com. 2017120503 86400 7200 3600000 86400
- kuklosknights.com. 21599 IN NS ns157.ehosts.com.
- kuklosknights.com. 21599 IN NS ns158.ehosts.com.
- kuklosknights.com. 14399 IN A 108.167.137.202
- S U B N E T C A L C U L A T I O N
- =======================================================================================================================================
- Address = 108.167.137.202
- Network = 108.167.137.202 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 108.167.137.202 - 108.167.137.202 }
- N M A P P O R T S C A N
- ======================================================================================================================================
- Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-26 08:48 UTC
- Nmap scan report for kuklosknights.com (108.167.137.202)
- Host is up (0.056s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.46 seconds
- S U B - D O M A I N F I N D E R
- =======================================================================================================================================
- [i] Total Subdomains Found : 8
- [+] Subdomain: www.annes-south-carolina-attic.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: alt-right-tennessee.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: www.alt-right-tennessee.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: webdisk.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: mail.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: kuklosklan.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: www.kuklosklan.kuklosknights.com
- [-] IP: 108.167.137.202
- [+] Subdomain: autodiscover.kuklosknights.com
- [-] IP: 108.167.137.202
- #######################################################################################################################################
- [?] Enter the target: example( http://domain.com )
- http://www.kuklosknights.com/
- [!] IP Address : 108.167.137.202
- [!] www.kuklosknights.com doesn't seem to use a CMS
- [+] Honeypot Probabilty: 30%
- ---------------------------------------------------------------------------------------------------------------------------------------
- [~] Trying to gather whois information for www.kuklosknights.com
- [+] Whois information found
- [-] Unable to build response, visit https://who.is/whois/www.kuklosknights.com
- ---------------------------------------------------------------------------------------------------------------------------------------
- PORT STATE SERVICE
- 21/tcp open ftp
- 22/tcp filtered ssh
- 23/tcp closed telnet
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 3389/tcp closed ms-wbt-server
- Nmap done: 1 IP address (1 host up) scanned in 1.32 seconds
- ---------------------------------------------------------------------------------------------------------------------------------------
- [+] DNS Records
- ns157.ehosts.com. (108.167.137.196) AS20013 CyrusOne LLC United States
- ns158.ehosts.com. (108.167.137.199) AS20013 CyrusOne LLC United States
- [+] MX Records
- 0 (108.167.137.202) AS20013 CyrusOne LLC United States
- [+] Host Records (A)
- www.kuklosknights.comHTTP: (vps.httpdoispontos.com.br) (108.167.137.202) AS20013 CyrusOne LLC United States
- [+] TXT Records
- "v=spf1 +a +mx +ip4:108.167.137.45 +include:websitewelcome.com ~all"
- [+] DNS Map: https://dnsdumpster.com/static/map/kuklosknights.com.png
- [>] Initiating 3 intel modules
- [>] Loading Alpha module (1/3)
- [>] Beta module deployed (2/3)
- [>] Gamma module initiated (3/3)
- No emails found
- No hosts found
- [+] Virtual hosts:
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> kuklosknights.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39790
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;kuklosknights.com. IN A
- ;; ANSWER SECTION:
- kuklosknights.com. 6530 IN A 108.167.137.202
- ;; Query time: 56 msec
- ;; SERVER: 38.132.106.139#53(38.132.106.139)
- ;; WHEN: sam jan 26 05:48:45 EST 2019
- ;; MSG SIZE rcvd: 62
- #######################################################################################################################################
- ; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace kuklosknights.com
- ;; global options: +cmd
- . 80961 IN NS b.root-servers.net.
- . 80961 IN NS e.root-servers.net.
- . 80961 IN NS f.root-servers.net.
- . 80961 IN NS i.root-servers.net.
- . 80961 IN NS h.root-servers.net.
- . 80961 IN NS k.root-servers.net.
- . 80961 IN NS m.root-servers.net.
- . 80961 IN NS c.root-servers.net.
- . 80961 IN NS j.root-servers.net.
- . 80961 IN NS a.root-servers.net.
- . 80961 IN NS g.root-servers.net.
- . 80961 IN NS d.root-servers.net.
- . 80961 IN NS l.root-servers.net.
- . 80961 IN RRSIG NS 8 0 518400 20190208050000 20190126040000 16749 . q3rKVHRQb5EcsI86uppQah+11q0MrACf+KdZ1Qpcu7OkWgpa17mr6Glj 06BKGkKp7Fl1oRZ8Lmzgd/DsEXwb+/1zG/m2hIDsbNkrBBv0Mw1cNb8s vSetOM+aOpggSzRKeZFjMIpZAVXj3dYIA0jdMuUXT+/myvTc3rBTNv6j +YLIV2l7500Jl54ZLiZC5v0B8y/limYOuwLu3T4zW238vO+xQYMluRXL H8K4p057sjUrFDlL2GSFKDw/DfPdgWEmhci/GwVZnzPEgKR1EN2yXxLC kvuw2SBF+cbku/zJM+3YTV7TfCwx1TuZkIuNUx1OiTs0HtoOyruzKv+B /C+XjQ==
- ;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 58 ms
- com. 172800 IN NS a.gtld-servers.net.
- com. 172800 IN NS b.gtld-servers.net.
- com. 172800 IN NS c.gtld-servers.net.
- com. 172800 IN NS d.gtld-servers.net.
- com. 172800 IN NS e.gtld-servers.net.
- com. 172800 IN NS f.gtld-servers.net.
- com. 172800 IN NS g.gtld-servers.net.
- com. 172800 IN NS h.gtld-servers.net.
- com. 172800 IN NS i.gtld-servers.net.
- com. 172800 IN NS j.gtld-servers.net.
- com. 172800 IN NS k.gtld-servers.net.
- com. 172800 IN NS l.gtld-servers.net.
- com. 172800 IN NS m.gtld-servers.net.
- com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
- com. 86400 IN RRSIG DS 8 1 86400 20190208050000 20190126040000 16749 . ZeR2FbDpSLBwWOA4vLlGMLGdnK2cia5MyTI1XW4R6nx5Ue//c+/xanKi NtxEKMJZmMsEXfAH0x20a949IHTdKoAjesDj0tLAGTTCPnEp7WdI/5Zg tp5mnmvYJoIpvCA397vZqoA/oJNpbKJzJ7dZQkUT0udi9p9wQzPuK4gm 77kRluvcmPTfjdK+EKAp3XpH5TRjBZF7nK7RBjQylQrWt+vkhscPUiiP f9FHgFdU8Lki8sjcnhkQWMRsv+hcueR+p336Tgluonyk2+PZ68oL4cFu VZQo3dif2Ot2ruSVyQ+22FtZSeB/PY71gEkWQgocuxW/xUgOoBef6v3t eaAxlw==
- ;; Received 1177 bytes from 2001:500:9f::42#53(l.root-servers.net) in 39 ms
- kuklosknights.com. 172800 IN NS ns157.ehosts.com.
- kuklosknights.com. 172800 IN NS ns158.ehosts.com.
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
- CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20190131054530 20190124043530 16883 com. eg1n7WXtR3qpZdjJTrXm3VEqhRWwaMXbomHWLWO3+Mixz/f/h6DBNEre p2ua4BLyXKu6ZjFFeqpMWacSSLUULHt7U50ag5dJJm6EaSRunqsddPSX GLpVrikC+Xh4Y1de3bMzgz//7+/+GgNLHeGr+ko+KcS2D//B5sz+LmEb oqw=
- P2KQC2R406TPRRNVTJI8G7OHKAA16JNB.com. 86400 IN NSEC3 1 1 0 - P2KSACNK27EO08F0O3E1695N3ODBPFJE NS DS RRSIG
- P2KQC2R406TPRRNVTJI8G7OHKAA16JNB.com. 86400 IN RRSIG NSEC3 8 2 86400 20190201062126 20190125051126 16883 com. cfWHotgl922Q4doMETtT22aixeeog4K5PaDl6XPYVxC/R7thXZ05aQX0 Tlk6DoJt9imZzYG1kE2kka2XYJRl6UIZzW2bsHCTJ1E3LXFpiOK505z6 1c4zuCUdoRw+QxBPogubnx6i7/AvxkVxXHfEhsrZkxKoa2DBXBReh9pH Vl4=
- ;; Received 610 bytes from 192.43.172.30#53(i.gtld-servers.net) in 58 ms
- kuklosknights.com. 14400 IN A 108.167.137.202
- kuklosknights.com. 86400 IN NS ns158.ehosts.com.
- kuklosknights.com. 86400 IN NS ns157.ehosts.com.
- ;; Received 141 bytes from 108.167.137.199#53(ns158.ehosts.com) in 82 ms
- #######################################################################################################################################
- Traceroute 'www.kuklosknights.com '
- ---------------------------------------------------------------------------------------------------------------------------------------
- Start: 2019-01-26T10:50:24+0000
- HOST: web01 Loss% Snt Last Avg Best Wrst StDev
- 1.|-- 45.79.12.202 0.0% 3 0.9 0.9 0.8 1.0 0.1
- 2.|-- 45.79.12.6 0.0% 3 0.6 0.6 0.6 0.8 0.1
- 3.|-- 45.79.12.8 0.0% 3 0.8 0.8 0.5 1.0 0.2
- 4.|-- hu0-7-0-7.ccr41.dfw03.atlas.cogentco.com 0.0% 3 1.3 1.2 1.2 1.3 0.1
- 5.|-- be2764.ccr32.dfw01.atlas.cogentco.com 0.0% 3 1.9 1.7 1.5 1.9 0.2
- 6.|-- be2443.ccr42.iah01.atlas.cogentco.com 0.0% 3 8.7 7.4 6.7 8.7 1.1
- 7.|-- be3486.rcr22.iah02.atlas.cogentco.com 0.0% 3 8.1 7.7 7.3 8.1 0.4
- 8.|-- be3632.nr51.b023723-0.iah02.atlas.cogentco.com 0.0% 3 8.3 8.3 7.9 8.6 0.4
- 9.|-- 38.122.196.2 0.0% 3 7.8 15.2 7.7 30.1 12.9
- 10.|-- 216.117.50.150 0.0% 3 41.9 27.0 17.4 41.9 13.0
- 11.|-- po101.router2b.hou1.net.unifiedlayer.com 0.0% 3 8.3 7.9 7.6 8.3 0.4
- 12.|-- 108.167.150.105 0.0% 3 8.0 7.9 7.8 8.0 0.1
- 13.|-- 108.167.134.130 0.0% 3 7.7 7.9 7.7 8.3 0.3
- 14.|-- vps.httpdoispontos.com.br 0.0% 3 8.1 8.0 7.9 8.1 0.1
- #######################################################################################################################################
- [*] Performing General Enumeration of Domain: kuklosknights.com
- [-] DNSSEC is not configured for kuklosknights.com
- [*] SOA ns157.ehosts.com 108.167.137.196
- [*] NS ns157.ehosts.com 108.167.137.196
- [*] Bind Version for 108.167.137.196 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- [*] NS ns158.ehosts.com 108.167.137.199
- [*] Bind Version for 108.167.137.199 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- [*] MX mail.kuklosknights.com 108.167.137.202
- [*] A kuklosknights.com 108.167.137.202
- [*] TXT kuklosknights.com v=spf1 +a +mx +ip4:108.167.137.45 +include:websitewelcome.com ~all
- [*] Enumerating SRV Records
- [*] SRV _caldavs._tcp.kuklosknights.com e29.ehosts.com 108.167.137.45 2080 0
- [*] SRV _caldav._tcp.kuklosknights.com e29.ehosts.com 108.167.137.45 2079 0
- [*] SRV _carddav._tcp.kuklosknights.com e29.ehosts.com 108.167.137.45 2079 0
- [*] SRV _carddavs._tcp.kuklosknights.com e29.ehosts.com 108.167.137.45 2080 0
- [*] SRV _autodiscover._tcp.kuklosknights.com cpanelemaildiscovery.cpanel.net 208.74.123.37 443 0
- [*] SRV _autodiscover._tcp.kuklosknights.com cpanelemaildiscovery.cpanel.net 208.74.123.53 443 0
- [*] SRV _autodiscover._tcp.kuklosknights.com cpanelemaildiscovery.cpanel.net 208.74.120.196 443 0
- [*] SRV _autodiscover._tcp.kuklosknights.com cpanelemaildiscovery.cpanel.net 208.74.120.173 443 0
- [+] 8 Records Found
- #######################################################################################################################################
- [*] Processing domain kuklosknights.com
- [*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
- [+] Getting nameservers
- 108.167.137.196 - ns157.ehosts.com
- 108.167.137.199 - ns158.ehosts.com
- [-] Zone transfer failed
- [+] TXT records found
- "v=spf1 +a +mx +ip4:108.167.137.45 +include:websitewelcome.com ~all"
- [+] MX records found, added to target list
- 0 mail.kuklosknights.com.
- [*] Scanning kuklosknights.com for A records
- 108.167.137.202 - kuklosknights.com
- 108.167.137.202 - ftp.kuklosknights.com
- 127.0.0.1 - localhost.kuklosknights.com
- 108.167.137.202 - mail.kuklosknights.com
- 108.167.137.202 - webdisk.kuklosknights.com
- 108.167.137.202 - webmail.kuklosknights.com
- 108.167.137.202 - whm.kuklosknights.com
- 108.167.137.202 - www.kuklosknights.com
- #######################################################################################################################################
- Ip Address Status Type Domain Name Server
- ---------- ------ ---- ----------- ------
- 108.167.137.202 200 alias ftp.kuklosknights.com
- 108.167.137.202 200 host kuklosknights.com
- 127.0.0.1 host localhost.kuklosknights.com
- 108.167.137.202 200 host mail.kuklosknights.com
- 108.167.137.202 401 alias webmail.kuklosknights.com
- 108.167.137.202 401 host kuklosknights.com
- 108.167.137.202 200 alias www.kuklosknights.com
- 108.167.137.202 200 host kuklosknights.com
- #######################################################################################################################################
- [+] Testing domain
- www.kuklosknights.com 108.167.137.202
- [+] Dns resolving
- Domain name Ip address Name server
- kuklosknights.com 108.167.137.202 vps.httpdoispontos.com.br
- Found 1 host(s) for kuklosknights.com
- [+] Testing wildcard
- Ok, no wildcard found.
- [+] Scanning for subdomain on kuklosknights.com
- [!] Wordlist not specified. I scannig with my internal wordlist...
- Estimated time about 53.81 seconds
- Subdomain Ip address Name server
- ftp.kuklosknights.com 108.167.137.202 vps.httpdoispontos.com.br
- localhost.kuklosknights.com 127.0.0.1 localhost
- mail.kuklosknights.com 108.167.137.202 vps.httpdoispontos.com.br
- webmail.kuklosknights.com 108.167.137.202 vps.httpdoispontos.com.br
- www.kuklosknights.com 108.167.137.202 vps.httpdoispontos.com.br
- #######################################################################################################################################
- =======================================================================================================================================
- | External hosts:
- | [+] External Host Found: http://www.KuKlosKlan.com
- | [+] External Host Found: http://www.kkkstuff4sale.com
- | [+] External Host Found: http://kuklosknights.com
- =======================================================================================================================================
- | E-mails:
- | [+] E-mail Found: jesserego100@gmail.com
- | [+] E-mail Found: floydpepper100@gmail.com
- | [+] E-mail Found: paulpark311@gmail.com
- | [+] E-mail Found: barneyross2000@gmail.com
- | [+] E-mail Found: edbond100@gmail.com
- | [+] E-mail Found: wadekeegan100@gmail.com
- | [+] E-mail Found: leecrisomore101@gmail.com
- | [+] E-mail Found: deancornett100@gmail.com
- | [+] E-mail Found: racuff1@aol.com
- | [+] E-mail Found: thepad100@gmail.com
- | [+] E-mail Found: plamonica100@gmail.com
- | [+] E-mail Found: 100@gmail.com
- | [+] E-mail Found: justinschluter100@gmail.com
- | [+] E-mail Found: thomasmcmasterson100@gmail.com
- | [+] E-mail Found: josephberett100@gmail.com
- | [+] E-mail Found: darylsims100@gmail.com
- | [+] E-mail Found: allendement100@gmail.com
- | [+] E-mail Found: fredguysson100@gmail.com
- | [+] E-mail Found: stevemarkham100@gmail.com
- | [+] E-mail Found: racyff1@aol.com
- | [+] E-mail Found: lanebradshaw2@aol.com
- | [+] E-mail Found: philliplacey100@gmail.com
- | [+] E-mail Found: michaelsmith5005@gmail.com
- =======================================================================================================================================
- #######################################################################################################################################
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Target IP: 108.167.137.202
- + Target Hostname: www.kuklosknights.com
- + Target Port: 80
- + Start Time: 2019-01-26 04:24:43 (GMT-5)
- ---------------------------------------------------------------------------------------------------------------------------------------
- + Server: No banner retrieved
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + ERROR: Error limit (20) reached for host, giving up. Last error: error reading HTTP response
- + Scan terminated: 20 error(s) and 3 item(s) reported on remote host
- + End Time: 2019-01-26 04:32:40 (GMT-5) (477 seconds)
- ---------------------------------------------------------------------------------------------------------------------------------------
- #######################################################################################################################################
- dnsenum VERSION:1.2.4
- ----- www.kuklosknights.com -----
- Host's addresses:
- __________________
- kuklosknights.com. 6641 IN A 108.167.137.202
- Name Servers:
- ______________
- ns158.ehosts.com. 3600 IN A 108.167.137.199
- ns157.ehosts.com. 78641 IN A 108.167.137.196
- Mail (MX) Servers:
- ___________________
- mail.kuklosknights.com. 14400 IN A 108.167.137.202
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for www.kuklosknights.com on ns158.ehosts.com ...
- Trying Zone Transfer for www.kuklosknights.com on ns157.ehosts.com ...
- brute force file not specified, bay.
- #######################################################################################################################################
- Running Source: Ask
- Running Source: Archive.is
- Running Source: Baidu
- Running Source: Bing
- Running Source: CertDB
- Running Source: CertificateTransparency
- Running Source: Certspotter
- Running Source: Commoncrawl
- Running Source: Crt.sh
- Running Source: Dnsdb
- Running Source: DNSDumpster
- Running Source: DNSTable
- Running Source: Dogpile
- Running Source: Exalead
- Running Source: Findsubdomains
- Running Source: Googleter
- Running Source: Hackertarget
- Running Source: Ipv4Info
- Running Source: PTRArchive
- Running Source: Sitedossier
- Running Source: Threatcrowd
- Running Source: ThreatMiner
- Running Source: WaybackArchive
- Running Source: Yahoo
- Running enumeration on www.kuklosknights.com
- dnsdb: Unexpected return status 503
- ipv4info: <nil>
- crtsh: json: cannot unmarshal array into Go value of type crtsh.crtshObject
- waybackarchive: Get https://web.archive.org/cdx/search/cdx?url=*.www.kuklosknights.com/*&output=json&fl=original&collapse=urlkey&page=: net/http: invalid header field value "http://web.archive.org/cdx/search/cdx?url=*.www.kuklosknights.com/*&output=json&fl=original&collapse=urlkey&page=\x00" for key Referer
- Starting Bruteforcing of www.kuklosknights.com with 9985 words
- Total 1 Unique subdomains found for www.kuklosknights.com
- .www.kuklosknights.com
- #######################################################################################################################################
- [*] Found SPF record:
- [*] v=spf1 +a +mx +ip4:108.167.137.45 +include:websitewelcome.com ~all
- [*] SPF record contains an All item: ~all
- [*] No DMARC record found. Looking for organizational record
- [+] No organizational DMARC record
- [+] Spoofing possible for www.kuklosknights.com!
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:53 EST
- Nmap scan report for www.kuklosknights.com (108.167.137.202)
- Host is up (0.079s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- Not shown: 460 closed ports, 2 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2222/tcp open EtherNetIP-1
- 3306/tcp open mysql
- 5432/tcp open postgresql
- 8080/tcp open http-proxy
- 8443/tcp open https-alt
- ######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:53 EST
- Nmap scan report for www.kuklosknights.com (108.167.137.202)
- Host is up (0.069s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- Not shown: 10 closed ports, 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 162/udp open|filtered snmptrap
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:53 EST
- Nmap scan report for www.kuklosknights.com (108.167.137.202)
- Host is up (0.078s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- |_dns-fuzz: The server seems impervious to our assault.
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Tomato 1.27 - 1.28 (Linux 2.4.20) (94%), Linux 3.11 - 4.1 (94%), Linux 4.4 (94%), Linux 2.6.18 - 2.6.22 (94%), MikroTik RouterOS 6.15 (Linux 3.3.5) (94%), HP P2000 G3 NAS device (92%), Linux 3.10 - 4.11 (90%), Linux 3.16 - 4.6 (90%), Linux 3.18 (90%), Linux 3.2 - 4.9 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | mail.kuklosknights.com - 108.167.137.202
- | www.kuklosknights.com - 108.167.137.202
- |_ ftp.kuklosknights.com - 108.167.137.202
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 37.84 ms 10.244.200.1
- 2 37.87 ms 184.75.211.209
- 3 38.67 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
- 4 38.71 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
- 5 38.70 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
- 6 45.27 ms be2993.ccr21.cle04.atlas.cogentco.com (154.54.31.225)
- 7 52.88 ms be2718.ccr42.ord01.atlas.cogentco.com (154.54.7.129)
- 8 65.31 ms be2832.ccr22.mci01.atlas.cogentco.com (154.54.44.169)
- 9 71.63 ms be2433.ccr32.dfw01.atlas.cogentco.com (154.54.3.213)
- 10 76.78 ms be2443.ccr42.iah01.atlas.cogentco.com (154.54.44.229)
- 11 77.40 ms 154.54.30.174
- 12 78.16 ms be3631.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.30.38)
- 13 77.01 ms 38.122.196.34
- 14 78.39 ms 216.117.50.150
- 15 77.44 ms po101.router2a.hou1.net.unifiedlayer.com (162.241.0.7)
- 16 77.05 ms 108.167.150.105
- 17 77.01 ms 108.167.134.130
- 18 76.87 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://www.kuklosknights.com
- The site http://www.kuklosknights.com is behind a ModSecurity (OWASP CRS)
- Number of requests: 11
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://www.kuklosknights.com...
- _________________ SITE INFO __________________
- IP Title
- 108.167.137.202 Welcome to the Ku Klux Klan:
- __________________ VERSION ___________________
- Name Versions Type
- ______________________________________________
- Time: 89.2 sec Urls: 606 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 200 OK
- Date: Sat, 26 Jan 2019 11:06:00 GMT
- Content-Type: text/html
- Last-Modified: Thu, 02 Aug 2018 12:30:46 GMT
- Content-Encoding: gzip
- Connection: keep-alive
- HTTP/1.1 200 OK
- Date: Sat, 26 Jan 2019 11:06:00 GMT
- Content-Type: text/html
- Last-Modified: Thu, 02 Aug 2018 12:30:46 GMT
- Content-Encoding: gzip
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:06 EST
- Nmap scan report for www.kuklosknights.com (108.167.137.202)
- Host is up (0.044s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 225 guesses in 188 seconds, average tps: 1.1
- |_pop3-capabilities: UIDL STLS PIPELINING CAPA AUTH-RESP-CODE USER SASL(PLAIN LOGIN) RESP-CODES TOP
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Tomato 1.27 - 1.28 (Linux 2.4.20) (94%), Linux 3.11 - 4.1 (94%), Linux 4.4 (94%), Linux 2.6.18 - 2.6.22 (94%), MikroTik RouterOS 6.15 (Linux 3.3.5) (93%), HP P2000 G3 NAS device (92%), Android 4.1.1 (90%), Linux 3.10 - 3.12 (90%), Linux 3.10 - 4.11 (90%), Linux 3.16 - 4.6 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 35.91 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning https://www.kuklosknights.com...
- _________________ SITE INFO __________________
- IP Title
- 108.167.137.202 Welcome to the Ku Klux Klan:
- __________________ VERSION ___________________
- Name Versions Type
- nginx 1.14.1 Platform
- ______________________________________________
- Time: 97.2 sec Urls: 607 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/2 200
- server: nginx/1.14.1
- date: Sat, 26 Jan 2019 11:11:18 GMT
- content-type: text/html
- content-length: 6695
- last-modified: Thu, 02 Aug 2018 12:30:46 GMT
- accept-ranges: bytes
- HTTP/2 200
- server: nginx/1.14.1
- date: Sat, 26 Jan 2019 11:11:19 GMT
- content-type: text/html
- content-length: 6695
- last-modified: Thu, 02 Aug 2018 12:30:46 GMT
- accept-ranges: bytes
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 108.167.137.202
- Testing SSL server www.kuklosknights.com on port 443 using SNI name www.kuklosknights.com
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: kuklosknights.com
- Altnames: DNS:autodiscover.kuklosklan.com, DNS:autodiscover.kuklosknights.com, DNS:cpanel.kuklosklan.com, DNS:cpanel.kuklosknights.com, DNS:kuklosklan.com, DNS:kuklosklan.kuklosknights.com, DNS:kuklosknights.com, DNS:mail.kuklosklan.com, DNS:mail.kuklosknights.com, DNS:webdisk.kuklosklan.com, DNS:webdisk.kuklosknights.com, DNS:webmail.kuklosklan.com, DNS:webmail.kuklosknights.com, DNS:www.kuklosklan.com, DNS:www.kuklosklan.kuklosknights.com, DNS:www.kuklosknights.com
- Issuer: Let's Encrypt Authority X3
- Not valid before: Jan 11 10:55:44 2019 GMT
- Not valid after: Apr 11 10:55:44 2019 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:12 EST
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- Nmap scan report for www.kuklosknights.com (108.167.137.202)
- Host is up (0.078s latency).
- rDNS record for 108.167.137.202: vps.httpdoispontos.com.br
- PORT STATE SERVICE VERSION
- 5432/tcp open postgresql PostgreSQL DB
- | fingerprint-strings:
- | SMBProgNeg:
- | SFATAL
- | C0A000
- | Munsupported frontend protocol 65363.19778: server supports 1.0 to 3.0
- | Fpostmaster.c
- | L1624
- |_ RProcessStartupPacket
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port5432-TCP:V=7.70%I=7%D=1/26%Time=5C4C4098%P=x86_64-pc-linux-gnu%r(SM
- SF:BProgNeg,85,"E\0\0\0\x84SFATAL\0C0A000\0Munsupported\x20frontend\x20pro
- SF:tocol\x2065363\.19778:\x20server\x20supports\x201\.0\x20to\x203\.0\0Fpo
- SF:stmaster\.c\0L1624\0RProcessStartupPacket\0\0");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Motorola RFS 6000 wireless switch (97%), Konica Minolta 1600f printer (94%), Tomato 1.27 - 1.28 (Linux 2.4.20) (92%), Linux 3.2.0 (92%), MikroTik RouterOS 6.15 (Linux 3.3.5) (92%), DD-WRT (Linux 2.4.35s) (91%), Linux 2.6.18 - 2.6.22 (91%), Kyocera CopyStar CS-2560 printer (91%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%), OpenWrt White Russian 0.9 (Linux 2.4.30) (91%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 5432/tcp)
- HOP RTT ADDRESS
- 1 34.64 ms 10.244.200.1
- 2 34.81 ms 184.75.211.209
- 3 35.28 ms 38.104.156.9
- 4 35.29 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
- 5 35.27 ms 154.54.43.161
- 6 42.69 ms be2993.ccr21.cle04.atlas.cogentco.com (154.54.31.225)
- 7 49.48 ms be2717.ccr41.ord01.atlas.cogentco.com (154.54.6.221)
- 8 61.48 ms be2831.ccr21.mci01.atlas.cogentco.com (154.54.42.165)
- 9 73.62 ms be2432.ccr31.dfw01.atlas.cogentco.com (154.54.3.133)
- 10 78.06 ms be2441.ccr41.iah01.atlas.cogentco.com (154.54.41.65)
- 11 79.98 ms be3485.rcr21.iah02.atlas.cogentco.com (154.54.28.86)
- 12 80.00 ms be3631.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.30.38)
- 13 78.09 ms 38.122.196.2
- 14 79.82 ms 216.117.50.150
- 15 79.25 ms po101.router2a.hou1.net.unifiedlayer.com (162.241.0.7)
- 16 79.81 ms 108.167.150.101
- 17 78.84 ms 108.167.134.134
- 18 79.31 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:46 EST
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.078s latency).
- Not shown: 460 closed ports, 1 filtered port
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 21/tcp open ftp
- 53/tcp open domain
- 80/tcp open http
- 110/tcp open pop3
- 143/tcp open imap
- 443/tcp open https
- 465/tcp open smtps
- 587/tcp open submission
- 993/tcp open imaps
- 995/tcp open pop3s
- 2222/tcp open EtherNetIP-1
- 3306/tcp open mysql
- 5432/tcp open postgresql
- 8080/tcp open http-proxy
- 8443/tcp open https-alt
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:46 EST
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.068s latency).
- Not shown: 10 closed ports, 2 filtered ports
- PORT STATE SERVICE
- 53/udp open domain
- 389/udp open|filtered ldap
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:46 EST
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.078s latency).
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Pure-FTPd
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Device type: WAP
- Running: Linux 2.4.X|2.6.X
- OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22
- OS details: Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22)
- Network Distance: 18 hops
- TRACEROUTE (using port 21/tcp)
- HOP RTT ADDRESS
- 1 34.61 ms 10.244.200.1
- 2 34.83 ms 184.75.211.209
- 3 35.46 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
- 4 35.47 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
- 5 35.45 ms te0-9-1-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.169)
- 6 42.46 ms be2994.ccr22.cle04.atlas.cogentco.com (154.54.31.233)
- 7 51.25 ms be2718.ccr42.ord01.atlas.cogentco.com (154.54.7.129)
- 8 62.05 ms be2832.ccr22.mci01.atlas.cogentco.com (154.54.44.169)
- 9 73.10 ms be2433.ccr32.dfw01.atlas.cogentco.com (154.54.3.213)
- 10 78.50 ms be2443.ccr42.iah01.atlas.cogentco.com (154.54.44.229)
- 11 78.52 ms 154.54.30.174
- 12 79.89 ms be3631.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.30.38)
- 13 79.29 ms 38.122.196.34
- 14 80.45 ms 216.117.50.150
- 15 79.29 ms po101.router2a.hou1.net.unifiedlayer.com (162.241.0.7)
- 16 79.31 ms 108.167.150.97
- 17 79.93 ms 108.167.134.114
- 18 ... 30
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 05:57 EST
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.077s latency).
- PORT STATE SERVICE VERSION
- 53/tcp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- | dns-nsec-enum:
- |_ No NSEC records found
- | dns-nsec3-enum:
- |_ DNSSEC NSEC3 not supported
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Tomato 1.27 - 1.28 (Linux 2.4.20) (94%), Linux 3.11 - 4.1 (94%), Linux 4.4 (94%), Linux 2.6.18 - 2.6.22 (94%), MikroTik RouterOS 6.15 (Linux 3.3.5) (94%), HP P2000 G3 NAS device (92%), Android 4.1.1 (90%), Linux 3.10 - 4.11 (90%), Linux 3.16 - 4.6 (90%), Linux 3.18 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- Host script results:
- | dns-brute:
- | DNS Brute-force hostnames:
- | ns1.httpdoispontos.com.br - 177.70.99.214
- | ns2.httpdoispontos.com.br - 177.70.98.168
- | apps.httpdoispontos.com.br - 177.70.99.214
- | mail.httpdoispontos.com.br - 177.70.99.214
- | www.httpdoispontos.com.br - 177.70.99.214
- |_ ftp.httpdoispontos.com.br - 177.70.99.214
- TRACEROUTE (using port 53/tcp)
- HOP RTT ADDRESS
- 1 38.97 ms 10.244.200.1
- 2 39.13 ms 184.75.211.209
- 3 41.93 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
- 4 40.13 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
- 5 39.51 ms te0-9-0-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.153)
- 6 46.60 ms be2994.ccr22.cle04.atlas.cogentco.com (154.54.31.233)
- 7 54.83 ms be2717.ccr41.ord01.atlas.cogentco.com (154.54.6.221)
- 8 66.03 ms 154.54.42.165
- 9 72.84 ms be2432.ccr31.dfw01.atlas.cogentco.com (154.54.3.133)
- 10 77.65 ms be2441.ccr41.iah01.atlas.cogentco.com (154.54.41.65)
- 11 77.68 ms be3486.rcr22.iah02.atlas.cogentco.com (154.54.30.166)
- 12 79.27 ms be3632.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.45.58)
- 13 78.11 ms 38.122.196.34
- 14 79.30 ms 216.117.50.150
- 15 78.66 ms po101.router2b.hou1.net.unifiedlayer.com (162.241.0.9)
- 16 77.71 ms 108.167.150.97
- 17 78.08 ms 108.167.134.130
- 18 78.18 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- wig - WebApp Information Gatherer
- Scanning http://108.167.137.202...
- __________________ SITE INFO __________________
- IP Title
- 108.167.137.202 404 - PAGE NOT FOUND
- ___________________ VERSION ___________________
- Name Versions Type
- _______________________________________________
- Time: 259.1 sec Urls: 600 Fingerprints: 40401
- #######################################################################################################################################
- HTTP/1.1 302 Found
- Date: Sat, 26 Jan 2019 11:12:48 GMT
- Content-Type: text/html; charset=UTF-8
- Location: /404.html
- Cache-Control: no-cache
- Connection: keep-alive
- HTTP/1.1 302 Found
- Date: Sat, 26 Jan 2019 11:12:49 GMT
- Content-Type: text/html; charset=UTF-8
- Location: /404.html
- Cache-Control: no-cache
- Connection: keep-alive
- HTTP/1.1 200 OK
- Date: Sat, 26 Jan 2019 11:12:49 GMT
- Content-Type: text/html
- Last-Modified: Wed, 29 Nov 2017 21:41:38 GMT
- Cache-Control: no-cache
- Content-Encoding: gzip
- Connection: keep-alive
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:12 EST
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.045s latency).
- PORT STATE SERVICE VERSION
- 110/tcp open pop3 Dovecot pop3d
- | pop3-brute:
- | Accounts: No valid accounts found
- |_ Statistics: Performed 225 guesses in 188 seconds, average tps: 1.1
- |_pop3-capabilities: PIPELINING RESP-CODES CAPA AUTH-RESP-CODE UIDL TOP SASL(PLAIN LOGIN) USER STLS
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Tomato 1.27 - 1.28 (Linux 2.4.20) (94%), Linux 3.11 - 4.1 (94%), Linux 4.4 (94%), Linux 2.6.18 - 2.6.22 (94%), MikroTik RouterOS 6.15 (Linux 3.3.5) (93%), HP P2000 G3 NAS device (92%), Android 4.1.1 (90%), Linux 3.10 - 3.12 (90%), Linux 3.10 - 4.11 (90%), Linux 3.16 - 4.6 (90%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 1 hop
- TRACEROUTE (using port 80/tcp)
- HOP RTT ADDRESS
- 1 35.05 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- Version: 1.11.12-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Connected to 108.167.137.202
- Testing SSL server 108.167.137.202 on port 443 using SNI name 108.167.137.202
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA
- Accepted TLSv1.2 128 bits AES128-SHA
- Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits AES256-SHA
- Accepted TLSv1.1 128 bits AES128-SHA
- Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits AES256-SHA
- Accepted TLSv1.0 128 bits AES128-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.ehosts.com
- Altnames: DNS:*.ehosts.com, DNS:ehosts.com
- Issuer: COMODO RSA Domain Validation Secure Server CA
- Not valid before: Jun 29 00:00:00 2017 GMT
- Not valid after: Jun 28 23:59:59 2020 GMT
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:16 EST
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- WARNING: RST from 108.167.137.202 port 5432 -- is this port really open?
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.080s latency).
- PORT STATE SERVICE VERSION
- 5432/tcp open postgresql PostgreSQL DB
- | fingerprint-strings:
- | SMBProgNeg:
- | SFATAL
- | C0A000
- | Munsupported frontend protocol 65363.19778: server supports 1.0 to 3.0
- | Fpostmaster.c
- | L1624
- |_ RProcessStartupPacket
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port5432-TCP:V=7.70%I=7%D=1/26%Time=5C4C41A6%P=x86_64-pc-linux-gnu%r(SM
- SF:BProgNeg,85,"E\0\0\0\x84SFATAL\0C0A000\0Munsupported\x20frontend\x20pro
- SF:tocol\x2065363\.19778:\x20server\x20supports\x201\.0\x20to\x203\.0\0Fpo
- SF:stmaster\.c\0L1624\0RProcessStartupPacket\0\0");
- Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
- Aggressive OS guesses: Motorola RFS 6000 wireless switch (97%), Konica Minolta 1600f printer (94%), Tomato 1.27 - 1.28 (Linux 2.4.20) (92%), Linux 3.2.0 (92%), MikroTik RouterOS 6.15 (Linux 3.3.5) (92%), DD-WRT (Linux 2.4.35s) (91%), Linux 2.6.18 - 2.6.22 (91%), Kyocera CopyStar CS-2560 printer (91%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%), OpenWrt White Russian 0.9 (Linux 2.4.30) (91%)
- No exact OS matches for host (test conditions non-ideal).
- Network Distance: 18 hops
- TRACEROUTE (using port 5432/tcp)
- HOP RTT ADDRESS
- 1 39.86 ms 10.244.200.1
- 2 40.09 ms 184.75.211.209
- 3 40.55 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
- 4 41.11 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
- 5 40.53 ms te0-9-0-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.153)
- 6 47.53 ms be2994.ccr22.cle04.atlas.cogentco.com (154.54.31.233)
- 7 55.56 ms be2718.ccr42.ord01.atlas.cogentco.com (154.54.7.129)
- 8 61.20 ms 154.54.44.169
- 9 72.35 ms be2433.ccr32.dfw01.atlas.cogentco.com (154.54.3.213)
- 10 77.35 ms be2443.ccr42.iah01.atlas.cogentco.com (154.54.44.229)
- 11 78.79 ms be3486.rcr22.iah02.atlas.cogentco.com (154.54.30.166)
- 12 79.16 ms be3632.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.45.58)
- 13 77.79 ms 38.122.196.34
- 14 96.96 ms 216.117.50.150
- 15 78.41 ms po101.router2a.hou1.net.unifiedlayer.com (162.241.0.7)
- 16 78.88 ms 108.167.150.101
- 17 78.38 ms 108.167.134.118
- 18 79.28 ms vps.httpdoispontos.com.br (108.167.137.202)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:20 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 06:20
- Completed NSE at 06:20, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 06:20
- Completed NSE at 06:20, 0.00s elapsed
- Initiating Ping Scan at 06:20
- Scanning 108.167.137.202 [4 ports]
- Completed Ping Scan at 06:20, 0.07s elapsed (1 total hosts)
- Initiating Parallel DNS resolution of 1 host. at 06:20
- Completed Parallel DNS resolution of 1 host. at 06:20, 0.02s elapsed
- Initiating Connect Scan at 06:20
- Scanning vps.httpdoispontos.com.br (108.167.137.202) [1000 ports]
- Discovered open port 995/tcp on 108.167.137.202
- Discovered open port 587/tcp on 108.167.137.202
- Discovered open port 110/tcp on 108.167.137.202
- Discovered open port 143/tcp on 108.167.137.202
- Discovered open port 80/tcp on 108.167.137.202
- Discovered open port 993/tcp on 108.167.137.202
- Discovered open port 3306/tcp on 108.167.137.202
- Discovered open port 53/tcp on 108.167.137.202
- Discovered open port 21/tcp on 108.167.137.202
- Discovered open port 443/tcp on 108.167.137.202
- Discovered open port 8080/tcp on 108.167.137.202
- Discovered open port 5432/tcp on 108.167.137.202
- Discovered open port 465/tcp on 108.167.137.202
- Discovered open port 8443/tcp on 108.167.137.202
- Discovered open port 2222/tcp on 108.167.137.202
- Discovered open port 26/tcp on 108.167.137.202
- Completed Connect Scan at 06:20, 2.08s elapsed (1000 total ports)
- Initiating Service scan at 06:20
- Scanning 16 services on vps.httpdoispontos.com.br (108.167.137.202)
- Completed Service scan at 06:21, 32.62s elapsed (16 services on 1 host)
- Initiating OS detection (try #1) against vps.httpdoispontos.com.br (108.167.137.202)
- Retrying OS detection (try #2) against vps.httpdoispontos.com.br (108.167.137.202)
- WARNING: OS didn't match until try #2
- Initiating Traceroute at 06:21
- Completed Traceroute at 06:21, 0.15s elapsed
- Initiating Parallel DNS resolution of 18 hosts. at 06:21
- Completed Parallel DNS resolution of 18 hosts. at 06:21, 16.50s elapsed
- NSE: Script scanning 108.167.137.202.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 8.97s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.80s elapsed
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up, received reset ttl 64 (0.078s latency).
- Scanned at 2019-01-26 06:20:30 EST for 66s
- Not shown: 983 closed ports
- Reason: 983 conn-refused
- PORT STATE SERVICE REASON VERSION
- 21/tcp open ftp syn-ack Pure-FTPd
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:28+00:00; 0s from scanner time.
- 22/tcp filtered ssh no-response
- 26/tcp open rsftp? syn-ack
- | fingerprint-strings:
- | NULL:
- | 550-"[184.75.211.220]:51448 is in an RBL on bl.websitewelcome.com, see Blocked
- |_ many failed logins"
- 53/tcp open domain syn-ack ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- 80/tcp open http-proxy syn-ack Squid http proxy
- |_http-open-proxy: Proxy might be redirecting requests
- |_http-title: 404 Not Found
- 110/tcp open pop3 syn-ack Dovecot pop3d
- |_pop3-capabilities: UIDL PIPELINING USER TOP STLS SASL(PLAIN LOGIN) AUTH-RESP-CODE RESP-CODES CAPA
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:29+00:00; -1s from scanner time.
- 143/tcp open imap syn-ack Dovecot imapd
- |_imap-capabilities: post-login Pre-login OK ID IMAP4rev1 ENABLE SASL-IR more NAMESPACE AUTH=PLAIN LITERAL+ listed STARTTLS AUTH=LOGINA0001 capabilities have IDLE LOGIN-REFERRALS
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:29+00:00; 0s from scanner time.
- 443/tcp open ssl/http syn-ack nginx 1.14.1
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: nginx/1.14.1
- |_http-title: Site doesn't have a title (text/html).
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- | tls-alpn:
- | h2
- |_ http/1.1
- | tls-nextprotoneg:
- | h2
- |_ http/1.1
- 465/tcp open ssl/smtps? syn-ack
- |_smtp-commands: Couldn't establish connection on port 465
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:27+00:00; 0s from scanner time.
- 587/tcp open submission? syn-ack
- | fingerprint-strings:
- | NULL:
- | 550-"[184.75.211.220]:41390 is in an RBL on bl.websitewelcome.com, see Blocked
- |_ many failed logins"
- |_smtp-commands: SMTP EHLO vps.httpdoispontos.com.br: failed to receive data: connection closed
- 993/tcp open ssl/imap syn-ack Dovecot imapd
- |_imap-capabilities: post-login Pre-login OK ID IMAP4rev1 ENABLE SASL-IR IDLE more LITERAL+ NAMESPACE AUTH=LOGINA0001 listed capabilities have AUTH=PLAIN LOGIN-REFERRALS
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:27+00:00; 0s from scanner time.
- 995/tcp open ssl/pop3 syn-ack Dovecot pop3d
- |_pop3-capabilities: RESP-CODES SASL(PLAIN LOGIN) AUTH-RESP-CODE UIDL PIPELINING USER TOP CAPA
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: 2019-01-26T11:21:29+00:00; 0s from scanner time.
- 2222/tcp open ssh syn-ack OpenSSH 5.3 (protocol 2.0)
- | ssh-hostkey:
- | 1024 83:da:a6:46:5f:63:87:a2:21:d3:0a:cf:f6:df:4f:9e (DSA)
- | ssh-dss AAAAB3NzaC1kc3MAAACBAJgrRciw6d/KMhkjTWXmh3djSgSfBkYgLIriFte+P+1OIp0Mtd8d4L8oPjdW3P5j8WT++36rHixkP3m9NNYx3w1C5pztLvViTm24YQuxnTguyWjhkv9rFz1AVvB8OMSF2Qas0e8lLuRyZL16Rrf/9wTuSgXhXbotolnrRY2vgTblAAAAFQCcLo34TyEYtwCmg62/8Q0S2mSLIQAAAIBzDCCpqhSwcJd6PNR08eYYmyfbbYjJhqLzrj9zbQRZ/aFDmEtqFcy7NQOeE+gTWnDvugeIqzGEaX2YQlePaJ37R/iwWUTHkIA5XR+cph6Ax3KPFhQklfoIC7dHyBBwsy+QTYqyBIYdIrO0nR0YuM8zhhxX5guDp11SMOc98h9PigAAAIAJk3Y0uwg2TaizcmBECUHB+v6Ck3UIWIPr3fB+1xLlPZkczhAKW8nFULTnnHQzXaPxc21S62WL0wCkVsTr2plGXAw5aK72k8/EYVWwJoxAJqBmNOZkir3OCANoex38X26l4QJR8WV462o+x7pkIjd6pu42Gc9Y7z1iC8vEm93OMQ==
- | 2048 6f:cf:b6:9b:6e:bf:87:f6:f0:96:87:3a:86:a9:fd:58 (RSA)
- |_ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAo8V24YsBXDnYjssF9FgatdeyCyDTg76G+XqK+ufxJT1Jp1xC/BaYPI4TwFHAFT9xPYbL4NKMwPd6Rx9QQLqZAFdWAIyOE+kq9mrx5FNHgNk9j7N2J+544+DoFPnlHqOU+cMKSMHCY1WWzYUEJCtRn9oZr92l+QImQCfJ049Xw9wn+KPSYBQ+qvAMwzbJP9aSclYbF7MUM03ZMWYjQn2voVuraap8fso2YVbRVBUs2b1ya3vxC4B6NqRzqy6MZN4bCANurP1zzwCS5X7EAQ4lyuVP9kWT40kUkj1aOyrlXf7B3sLLTiW8HJeMOGcqXObxnym0lnu/t/uLpisDX2+T4Q==
- 3306/tcp open mysql syn-ack MySQL 5.6.41-84.1
- | mysql-info:
- | Protocol: 10
- | Version: 5.6.41-84.1
- | Thread ID: 53832518
- | Capabilities flags: 65535
- | Some Capabilities: Support41Auth, FoundRows, SupportsLoadDataLocal, IgnoreSpaceBeforeParenthesis, SupportsCompression, ConnectWithDatabase, SupportsTransactions, LongPassword, ODBCClient, LongColumnFlag, InteractiveClient, SwitchToSSLAfterHandshake, IgnoreSigpipes, DontAllowDatabaseTableColumn, Speaks41ProtocolNew, Speaks41ProtocolOld, SupportsMultipleResults, SupportsAuthPlugins, SupportsMultipleStatments
- | Status: Autocommit
- | Salt: nc'7|.jO+'$|hr%]*SHL
- |_ Auth Plugin Name: 84
- 5432/tcp open postgresql syn-ack PostgreSQL DB
- | fingerprint-strings:
- | SMBProgNeg:
- | SFATAL
- | C0A000
- | Munsupported frontend protocol 65363.19778: server supports 1.0 to 3.0
- | Fpostmaster.c
- | L1624
- |_ RProcessStartupPacket
- 8080/tcp open http syn-ack nginx 1.14.1
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: nginx/1.14.1
- |_http-title: Site doesn't have a title (text/html).
- 8443/tcp open ssl/http syn-ack nginx 1.14.1
- | http-methods:
- |_ Supported Methods: OPTIONS HEAD GET POST
- |_http-server-header: nginx/1.14.1
- |_http-title: Site doesn't have a title (text/html).
- | ssl-cert: Subject: commonName=*.ehosts.com/organizationalUnitName=PositiveSSL Wildcard
- | Subject Alternative Name: DNS:*.ehosts.com, DNS:ehosts.com
- | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB/localityName=Salford
- | Public Key type: rsa
- | Public Key bits: 2048
- | Signature Algorithm: sha256WithRSAEncryption
- | Not valid before: 2017-06-29T00:00:00
- | Not valid after: 2020-06-28T23:59:59
- | MD5: ee5e 04a9 31fd af5f d6d0 6255 18b8 9631
- | SHA-1: 3eca 971d 9fb1 7e09 af5e ec5e b502 0012 cba2 64b9
- | -----BEGIN CERTIFICATE-----
- | MIIFdTCCBF2gAwIBAgIRAJobvJVJTdRtgCAiGerxb3MwDQYJKoZIhvcNAQELBQAw
- | gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
- | BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
- | VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
- | Q0EwHhcNMTcwNjI5MDAwMDAwWhcNMjAwNjI4MjM1OTU5WjCBgTEhMB8GA1UECxMY
- | RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
- | dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
- | FTATBgNVBAMMDCouZWhvc3RzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
- | AQoCggEBAMkXPh4bJXhKIYpGo/P4yJoSQ00mR5YKjLekJBZT7c0wIsjwG0RG65O0
- | I4MVNhXi5jpRvG16exw0vQNCK+DYJdM6L0crPSCmNMaOlNORLraeEDQR3UJTsPbl
- | dPqM3eVTBxe2kQIhsFPYou+Q/bMUFDt/TpVd3F9zvOXWLsUEN8YM82uxByC/c8iF
- | zpyBwV8hoDM2y71ugktZmxsbd1p6VH6WcptgvPWeMiCmhOZxk8BfK2KMhM2t9KmS
- | FHIiKDIvsALqaHogdspj80406o4pC2LypGeDAqXByGV+iYjMW2S0+phBMf2RcfPb
- | 4EBeakDoVTEhmkii5vZ78zvpxtOfY5UCAwEAAaOCAdUwggHRMB8GA1UdIwQYMBaA
- | FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBRIgH+3IKJ6DNxLMEarV+A/
- | ewfYozAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
- | BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG
- | CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB
- | AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N
- | T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB
- | BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
- | T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG
- | AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wIwYDVR0RBBwwGoIMKi5l
- | aG9zdHMuY29tggplaG9zdHMuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAbu4Z3vE6t
- | JymvlWFkVNApLUclg8QLOS7DUk09SCoK8a4VeOc3ltwMfdzLgGNCNsHi279a3gug
- | C9cPDKGFAhLMQsp5OL8jgduBu6zyemLqHQgu6mf6anVOha7h6w2AwvJLJxFqgOKh
- | ujMkD7AX+o4bEEyQytsf0B4DcY3k8KTRH2LONkzOYy7nD/Ip/OkfpM6mI3sOTZbR
- | LTuTL0Nggsg8qq5LgOQEfky4rnNIdxGMbxSBRkBe7puHUd+YrV1cvN9XVVWi5Uvk
- | NvE0Qn5joUU+Uxbrz3E03fKE6cY3T7nnO9K0OJad1JdG9AmNDi0DNYHlTxYTEBfG
- | /JBDnli/dc+R
- |_-----END CERTIFICATE-----
- |_ssl-date: TLS randomness does not represent time
- | tls-alpn:
- | h2
- |_ http/1.1
- | tls-nextprotoneg:
- | h2
- |_ http/1.1
- 3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port26-TCP:V=7.70%I=7%D=1/26%Time=5C4C4281%P=x86_64-pc-linux-gnu%r(NULL
- SF:,6F,"550-\"\[184\.75\.211\.220\]:51448\x20is\x20in\x20an\x20RBL\x20on\x
- SF:20bl\.websitewelcome\.com,\x20see\x20Blocked\r\n550\x20-\x20Too\x20many
- SF:\x20failed\x20logins\"\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port587-TCP:V=7.70%I=7%D=1/26%Time=5C4C4281%P=x86_64-pc-linux-gnu%r(NUL
- SF:L,6F,"550-\"\[184\.75\.211\.220\]:41390\x20is\x20in\x20an\x20RBL\x20on\
- SF:x20bl\.websitewelcome\.com,\x20see\x20Blocked\r\n550\x20-\x20Too\x20man
- SF:y\x20failed\x20logins\"\r\n");
- ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
- SF-Port5432-TCP:V=7.70%I=7%D=1/26%Time=5C4C4287%P=x86_64-pc-linux-gnu%r(SM
- SF:BProgNeg,85,"E\0\0\0\x84SFATAL\0C0A000\0Munsupported\x20frontend\x20pro
- SF:tocol\x2065363\.19778:\x20server\x20supports\x201\.0\x20to\x203\.0\0Fpo
- SF:stmaster\.c\0L1624\0RProcessStartupPacket\0\0");
- Device type: WAP|router|storage-misc
- Running: Linux 2.4.X|2.6.X, MikroTik RouterOS 5.X, Netgear RAIDiator 4.X
- OS CPE: cpe:/o:linux:linux_kernel:2.4.36 cpe:/o:mikrotik:routeros:5.25 cpe:/o:linux:linux_kernel:2.6.35 cpe:/o:netgear:raidiator:4.1.4
- OS details: DD-WRT v23 (Linux 2.4.36), MikroTik RouterOS 5.25 (Linux 2.6.35), Netgear ReadyNAS Duo NAS device (RAIDiator 4.1.4)
- TCP/IP fingerprint:
- OS:SCAN(V=7.70%E=4%D=1/26%OT=21%CT=1%CU=33469%PV=N%DS=18%DC=T%G=N%TM=5C4C42
- OS:C0%P=x86_64-pc-linux-gnu)SEQ(SP=100%GCD=1%ISR=106%TI=Z%II=I%TS=7)SEQ(II=
- OS:I%TS=7)OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%
- OS:O5=M4B3ST11NW7%O6=M4B3ST11)WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W
- OS:6=7120)ECN(R=Y%DF=Y%T=41%W=7210%O=M4B3NNSNW7%CC=Y%Q=)ECN(R=N)T1(R=Y%DF=Y
- OS:%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=
- OS:Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=
- OS:G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)
- Uptime guess: 364.245 days (since Sat Jan 27 00:29:30 2018)
- Network Distance: 18 hops
- Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- Host script results:
- |_clock-skew: mean: 0s, deviation: 0s, median: 0s
- TRACEROUTE (using proto 1/icmp)
- HOP RTT ADDRESS
- 1 34.88 ms 10.244.200.1
- 2 35.23 ms 184.75.211.209
- 3 35.50 ms 38.104.156.9
- 4 35.83 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
- 5 35.49 ms te0-9-0-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.153)
- 6 42.70 ms be2994.ccr22.cle04.atlas.cogentco.com (154.54.31.233)
- 7 51.69 ms be2718.ccr42.ord01.atlas.cogentco.com (154.54.7.129)
- 8 62.14 ms be2832.ccr22.mci01.atlas.cogentco.com (154.54.44.169)
- 9 72.27 ms be2433.ccr32.dfw01.atlas.cogentco.com (154.54.3.213)
- 10 77.49 ms be2443.ccr42.iah01.atlas.cogentco.com (154.54.44.229)
- 11 78.08 ms 154.54.30.174
- 12 79.50 ms be3631.nr51.b023723-0.iah02.atlas.cogentco.com (154.24.30.38)
- 13 78.68 ms 38.122.196.2
- 14 80.10 ms 216.117.50.150
- 15 78.71 ms po101.router2b.hou1.net.unifiedlayer.com (162.241.0.9)
- 16 78.15 ms 108.167.150.109
- 17 78.68 ms 108.167.134.118
- 18 78.18 ms vps.httpdoispontos.com.br (108.167.137.202)
- NSE: Script Post-scanning.
- NSE: Starting runlevel 1 (of 2) scan.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- NSE: Starting runlevel 2 (of 2) scan.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 66.13 seconds
- Raw packets sent: 103 (6.376KB) | Rcvd: 36 (3.392KB)
- #######################################################################################################################################
- Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-26 06:21 EST
- NSE: Loaded 148 scripts for scanning.
- NSE: Script Pre-scanning.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Initiating Parallel DNS resolution of 1 host. at 06:21
- Completed Parallel DNS resolution of 1 host. at 06:21, 0.02s elapsed
- Initiating UDP Scan at 06:21
- Scanning vps.httpdoispontos.com.br (108.167.137.202) [14 ports]
- Discovered open port 53/udp on 108.167.137.202
- Increasing send delay for 108.167.137.202 from 0 to 50 due to max_successful_tryno increase to 5
- Completed UDP Scan at 06:21, 6.02s elapsed (14 total ports)
- Initiating Service scan at 06:21
- Scanning 1 service on vps.httpdoispontos.com.br (108.167.137.202)
- Completed Service scan at 06:21, 0.08s elapsed (1 service on 1 host)
- Initiating OS detection (try #1) against vps.httpdoispontos.com.br (108.167.137.202)
- Retrying OS detection (try #2) against vps.httpdoispontos.com.br (108.167.137.202)
- Initiating Traceroute at 06:21
- Completed Traceroute at 06:21, 7.10s elapsed
- Initiating Parallel DNS resolution of 1 host. at 06:21
- Completed Parallel DNS resolution of 1 host. at 06:21, 0.02s elapsed
- NSE: Script scanning 108.167.137.202.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.18s elapsed
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Nmap scan report for vps.httpdoispontos.com.br (108.167.137.202)
- Host is up (0.075s latency).
- PORT STATE SERVICE VERSION
- 53/udp open domain ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
- | dns-nsid:
- |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.3
- 67/udp closed dhcps
- 68/udp closed dhcpc
- 69/udp closed tftp
- 88/udp closed kerberos-sec
- 123/udp closed ntp
- 137/udp filtered netbios-ns
- 138/udp filtered netbios-dgm
- 139/udp closed netbios-ssn
- 161/udp closed snmp
- 162/udp closed snmptrap
- 389/udp closed ldap
- 520/udp closed route
- 2049/udp closed nfs
- Too many fingerprints match this host to give specific OS details
- Network Distance: 18 hops
- Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
- TRACEROUTE (using port 138/udp)
- HOP RTT ADDRESS
- 1 ... 8
- 9 34.94 ms 10.244.200.1
- 10 ... 11
- 12 35.29 ms 10.244.200.1
- 13 35.46 ms 10.244.200.1
- 14 35.45 ms 10.244.200.1
- 15 35.44 ms 10.244.200.1
- 16 35.43 ms 10.244.200.1
- 17 35.42 ms 10.244.200.1
- 18 35.43 ms 10.244.200.1
- 19 34.02 ms 10.244.200.1
- 20 35.93 ms 10.244.200.1
- 21 ... 28
- 29 37.56 ms 10.244.200.1
- 30 36.18 ms 10.244.200.1
- NSE: Script Post-scanning.
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Initiating NSE at 06:21
- Completed NSE at 06:21, 0.00s elapsed
- Read data files from: /usr/bin/../share/nmap
- OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 16.30 seconds
- Raw packets sent: 125 (5.712KB) | Rcvd: 42 (4.149KB)
- #######################################################################################################################################
- Anonymous JTSEC #OpDomesticTerrorism Full Recon #2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement