· 6 years ago · Mar 19, 2020, 12:12 AM
1###################################################################################################################################
2===================================================================================================================================
3Hostname www.nndoltop.com ISP IP Volume inc
4Continent Europe Flag
5NL
6Country Netherlands Country Code NL
7Region North Holland Local time 18 Mar 2020 23:23 CET
8City Amsterdam Postal Code 1091
9IP Address 94.102.51.111 Latitude 52.353
10 Longitude 4.909
11==================================================================================================================================
12###################################################################################################################################
13> www.nndoltop.com
14Server: 10.101.0.243
15Address: 10.101.0.243#53
16
17Non-authoritative answer:
18Name: www.nndoltop.com
19Address: 94.102.51.111
20>
21###################################################################################################################################
22 Domain Name: NNDOLTOP.COM
23 Registry Domain ID: 1708478083_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.namesilo.com
25 Registrar URL: http://www.namesilo.com
26 Updated Date: 2020-02-29T00:07:37Z
27 Creation Date: 2012-03-23T01:01:55Z
28 Registry Expiry Date: 2020-03-23T01:01:55Z
29 Registrar: NameSilo, LLC
30 Registrar IANA ID: 1479
31 Registrar Abuse Contact Email: abuse@namesilo.com
32 Registrar Abuse Contact Phone: +1.4805240066
33 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
34 Name Server: NS1.MONCHEKIN.COM
35 Name Server: NS2.MONCHEKIN.COM
36 DNSSEC: unsigned
37#################################################################################################################################
38Domain Name: nndoltop.com
39Registry Domain ID: 1708478083_DOMAIN_COM-VRSN
40Registrar WHOIS Server: whois.namesilo.com
41Registrar URL: https://www.namesilo.com/
42Updated Date: 2020-03-07T07:00:00Z
43Creation Date: 2012-03-22T07:00:00Z
44Registrar Registration Expiration Date: 2021-03-22T07:00:00Z
45Registrar: NameSilo, LLC
46Registrar IANA ID: 1479
47Registrar Abuse Contact Email: abuse@namesilo.com
48Registrar Abuse Contact Phone: +1.4805240066
49Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
50Registry Registrant ID:
51Registrant Name: Domain Administrator
52Registrant Organization: See PrivacyGuardian.org
53Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
54Registrant City: Phoenix
55Registrant State/Province: AZ
56Registrant Postal Code: 85016
57Registrant Country: US
58Registrant Phone: +1.3478717726
59Registrant Phone Ext:
60Registrant Fax:
61Registrant Fax Ext:
62Registrant Email: pw-3fbeb77f761f6491894f65c1ceb0f379@privacyguardian.org
63Registry Admin ID:
64Admin Name: Domain Administrator
65Admin Organization: See PrivacyGuardian.org
66Admin Street: 1928 E. Highland Ave. Ste F104 PMB# 255
67Admin City: Phoenix
68Admin State/Province: AZ
69Admin Postal Code: 85016
70Admin Country: US
71Admin Phone: +1.3478717726
72Admin Phone Ext:
73Admin Fax:
74Admin Fax Ext:
75Admin Email: pw-3fbeb77f761f6491894f65c1ceb0f379@privacyguardian.org
76Registry Tech ID:
77Tech Name: Domain Administrator
78Tech Organization: See PrivacyGuardian.org
79Tech Street: 1928 E. Highland Ave. Ste F104 PMB# 255
80Tech City: Phoenix
81Tech State/Province: AZ
82Tech Postal Code: 85016
83Tech Country: US
84Tech Phone: +1.3478717726
85Tech Phone Ext:
86Tech Fax:
87Tech Fax Ext:
88Tech Email: pw-3fbeb77f761f6491894f65c1ceb0f379@privacyguardian.org
89Name Server: ns1.monchekin.com
90Name Server: ns2.monchekin.com
91DNSSEC: unsigned
92##################################################################################################################################
93[+] Target : www.nndoltop.com
94
95[+] IP Address : 94.102.51.111
96
97[+] Headers :
98
99[+] Server : nginx
100[+] Date : Wed, 18 Mar 2020 22:30:08 GMT
101[+] Content-Type : text/html
102[+] Transfer-Encoding : chunked
103[+] Connection : keep-alive
104[+] Vary : Accept-Encoding
105[+] Content-Encoding : gzip
106
107[+] SSL Certificate Information :
108
109[-] SSL is not Present on Target URL...Skipping...
110
111[+] Whois Lookup :
112
113[+] NIR : None
114[+] ASN Registry : ripencc
115[+] ASN : 202425
116[+] ASN CIDR : 94.102.51.0/24
117[+] ASN Country Code : NL
118[+] ASN Date : 2008-08-29
119[+] ASN Description : INT-NETWORK, SC
120[+] cidr : 94.102.51.0/24
121[+] name : NET-4-51
122[+] handle : IVI24-RIPE
123[+] range : 94.102.51.0 - 94.102.51.255
124[+] description : IPV NETBLOCK
125[+] country : NL
126[+] state : None
127[+] city : None
128[+] address : Suite 9
129Victoria, Mahe
130Seychelles
131[+] postal_code : None
132[+] emails : None
133[+] created : 2019-02-04T13:25:18Z
134[+] updated : 2019-02-04T13:25:18Z
135
136[+] Crawling Target...
137
138[+] Looking for robots.txt........[ Not Found ]
139[+] Looking for sitemap.xml.......[ Not Found ]
140[+] Extracting CSS Links..........[ 0 ]
141[+] Extracting Javascript Links...[ 0 ]
142[+] Extracting Internal Links.....[ 78 ]
143[+] Extracting External Links.....[ 20 ]
144[+] Extracting Images.............[ 71 ]
145
146[+] Total Links Extracted : 169
147
148[+] Dumping Links in /opt/FinalRecon/dumps/www.nndoltop.com.dump
149[+] Completed!
150#################################################################################################################################
151[i] Scanning Site: http://www.nndoltop.com
152
153
154
155B A S I C I N F O
156====================
157
158
159[+] Site Title: Nonude Doll Top Best
160[+] IP address: 94.102.51.111
161[+] Web Server: nginx
162[+] CMS: Could Not Detect
163[+] Cloudflare: Not Detected
164[+] Robots File: Could NOT Find robots.txt!
165
166
167
168
169W H O I S L O O K U P
170========================
171
172 Domain Name: NNDOLTOP.COM
173 Registry Domain ID: 1708478083_DOMAIN_COM-VRSN
174 Registrar WHOIS Server: whois.namesilo.com
175 Registrar URL: http://www.namesilo.com
176 Updated Date: 2020-02-29T00:07:37Z
177 Creation Date: 2012-03-23T01:01:55Z
178 Registry Expiry Date: 2020-03-23T01:01:55Z
179 Registrar: NameSilo, LLC
180 Registrar IANA ID: 1479
181 Registrar Abuse Contact Email: abuse@namesilo.com
182 Registrar Abuse Contact Phone: +1.4805240066
183 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
184 Name Server: NS1.MONCHEKIN.COM
185 Name Server: NS2.MONCHEKIN.COM
186 DNSSEC: unsigned
187 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
188>>> Last update of whois database: 2020-03-18T22:30:09Z <<<
189
190For more information on Whois status codes, please visit https://icann.org/epp
191
192
193
194The Registry database contains ONLY .COM, .NET, .EDU domains and
195Registrars.
196
197
198
199
200G E O I P L O O K U P
201=========================
202
203[i] IP Address: 94.102.51.111
204[i] Country: Netherlands
205[i] State: North Holland
206[i] City: Amsterdam
207[i] Latitude: 52.35
208[i] Longitude: 4.9167
209
210
211
212
213H T T P H E A D E R S
214=======================
215
216
217[i] HTTP/1.1 200 OK
218[i] Server: nginx
219[i] Date: Wed, 18 Mar 2020 22:30:25 GMT
220[i] Content-Type: text/html
221[i] Connection: close
222[i] Vary: Accept-Encoding
223
224
225
226
227D N S L O O K U P
228===================
229
230nndoltop.com. 3599 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
231nndoltop.com. 3599 IN NS ns1.monchekin.com.
232nndoltop.com. 3599 IN NS ns2.monchekin.com.
233nndoltop.com. 3599 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
234nndoltop.com. 3599 IN MX 20 mail.nndoltop.com.
235nndoltop.com. 3599 IN MX 10 mail.nndoltop.com.
236nndoltop.com. 3599 IN A 94.102.51.111
237
238
239
240
241S U B N E T C A L C U L A T I O N
242====================================
243
244Address = 94.102.51.111
245Network = 94.102.51.111 / 32
246Netmask = 255.255.255.255
247Broadcast = not needed on Point-to-Point links
248Wildcard Mask = 0.0.0.0
249Hosts Bits = 0
250Max. Hosts = 1 (2^0 - 0)
251Host Range = { 94.102.51.111 - 94.102.51.111 }
252
253
254
255N M A P P O R T S C A N
256============================
257
258Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-18 22:30 UTC
259Nmap scan report for nndoltop.com (94.102.51.111)
260Host is up (0.080s latency).
261
262PORT STATE SERVICE
26321/tcp filtered ftp
26422/tcp open ssh
26580/tcp open http
266443/tcp closed https
267
268Nmap done: 1 IP address (1 host up) scanned in 1.84 seconds
269
270
271
272S U B - D O M A I N F I N D E R
273==================================
274
275
276[i] Total Subdomains Found : 1
277
278[+] Subdomain: www.nndoltop.com
279[-] IP: 94.102.51.111
280
281#################################################################################################################################
282[+] Starting At 2020-03-18 18:30:39.365015
283[+] Collecting Information On: http://www.nndoltop.com/models/
284[#] Status: 200
285--------------------------------------------------
286[#] Web Server Detected: nginx
287[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
288- Server: nginx
289- Date: Wed, 18 Mar 2020 22:30:33 GMT
290- Content-Type: text/html
291- Transfer-Encoding: chunked
292- Connection: keep-alive
293- Vary: Accept-Encoding
294- Content-Encoding: gzip
295--------------------------------------------------
296[#] Finding Location..!
297[#] status: success
298[#] country: Netherlands
299[#] countryCode: NL
300[#] region: NH
301[#] regionName: North Holland
302[#] city: Amsterdam
303[#] zip: 1091
304[#] lat: 52.3534
305[#] lon: 4.9087
306[#] timezone: Europe/Amsterdam
307[#] isp: IP Volume inc
308[#] org: IP Volume inc
309[#] as: AS202425 IP Volume inc
310[#] query: 94.102.51.111
311--------------------------------------------------
312[x] Didn't Detect WAF Presence on: http://www.nndoltop.com/models/
313--------------------------------------------------
314[#] Starting Reverse DNS
315[-] Failed ! Fail
316--------------------------------------------------
317[!] Scanning Open Port
318[#] 22/tcp open ssh
319[#] 25/tcp open smtp
320[#] 53/tcp open domain
321[#] 80/tcp open http
322[#] 110/tcp open pop3
323[#] 143/tcp open imap
324[#] 465/tcp open smtps
325[#] 993/tcp open imaps
326[#] 995/tcp open pop3s
327--------------------------------------------------
328[+] Getting SSL Info
329[Errno 111] Connection refused
330--------------------------------------------------
331[+] Collecting Information Disclosure!
332[#] Detecting sitemap.xml file
333[-] sitemap.xml file not Found!?
334[#] Detecting robots.txt file
335[-] robots.txt file not Found!?
336[#] Detecting GNU Mailman
337[-] GNU Mailman App Not Detected!?
338--------------------------------------------------
339[+] Crawling Url Parameter On: http://www.nndoltop.com/models/
340--------------------------------------------------
341[#] Searching Html Form !
342[-] No Html Form Found!?
343--------------------------------------------------
344[-] No DOM Paramter Found!?
345--------------------------------------------------
346[!] 1 Internal Dynamic Parameter Discovered
347[+] http://www.nndoltop.com/cgi-bin/rankem.cgi?id=svetlana
348--------------------------------------------------
349[!] 5 External Dynamic Parameter Discovered
350[#] http://www.andypioneer.com/cgi-bin/rankem.cgi?id=svetlana
351[#] http://www.coolnymph.com/cgi-bin/rankem.cgi?id=svetlana
352[#] http://www.models-top.com/cgi-bin/rankem.cgi?id=svetlana
353[#] http://www.young-models.info/cgi-bin/rankem.cgi?id=svetlana
354[#] http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=svetlana
355--------------------------------------------------
356[!] 2 Internal links Discovered
357[+] http://www.nndoltop.com
358[+] http://www.nndoltop.com
359--------------------------------------------------
360[!] 49 External links Discovered
361[#] http://www.cmamag.com
362[#] http://www.cmamag.com
363[#] http://www.goodtalens.com/secret/
364[#] http://www.goodtalens.com/diapers/
365[#] http://www.goodtalens.com/lsmodels/
366[#] http://www.goodtalens.com/kitty/
367[#] http://www.svetlanamodel.com
368[#] http://www.fineimages3d.com/
369[#] http://www.cma-video.com/
370[#] http://www.summmerdays.com/
371[#] http://www.hongirls.com/
372[#] http://www.honey-ultra.com/
373[#] http://www.tianamodel.com
374[#] http://www.goodtalens.com/talent/
375[#] http://www.talyoungart.com/
376[#] http://www.cma-starts.com
377[#] http://www.bestcma.com/
378[#] http://www.talyoungart.com/
379[#] http://www.aleseamodel.com
380[#] http://www.goodtalens.com/masha/
381[#] http://www.goodtalens.com/gala/
382[#] http://www.iramodel.com
383[#] http://www.fine-julia.com
384[#] http://www.alenamodel.com
385[#] http://www.katmod.com
386[#] http://www.linamodel.net
387[#] http://www.luisamodel.com
388[#] http://www.goodtalens.com/masha/
389[#] http://www.olyamodel.com
390[#] http://www.olamodel.com
391[#] http://www.playing-girl.com
392[#] http://www.olesyamodel.com
393[#] http://www.svetamodel.com
394[#] http://www.bestcma.com
395[#] http://www.vasilisamodel.com
396[#] http://www.vinkamodel.com
397[#] http://www.fteenimg.com
398[#] http://www.wonteens.com
399[#] http://www.wowmodels.info
400[#] http://www.honeymod.com
401[#] http://www.cma-starts.com
402[#] http://www.nndolmod.com
403[#] http://www.modlinka.com
404[#] http://www.goodtalens.com
405[#] http://www.nnmodsets.com
406[#] http://www.nnmodsets.com/nnlinks/
407[#] http://www.goodtalens.com/stars/
408[#] http://www.nnmodsets.com/nnblog/
409[#] http://www.cmamag.com
410--------------------------------------------------
411[#] Mapping Subdomain..
412[!] Found 2 Subdomain
413- mail.nndoltop.com
414- www.nndoltop.com
415--------------------------------------------------
416[!] Done At 2020-03-18 18:30:57.743460
417#################################################################################################################################
418[INFO] ------TARGET info------
419[*] TARGET: http://www.nndoltop.com/models/
420[*] TARGET IP: 94.102.51.111
421[INFO] NO load balancer detected for www.nndoltop.com...
422[*] DNS servers: a13s08.host.com.
423[*] TARGET server: nginx
424[*] CC: NL
425[*] Country: Netherlands
426[*] RegionCode: NH
427[*] RegionName: North Holland
428[*] City: Amsterdam
429[*] ASN: AS202425
430[*] BGP_PREFIX: 94.102.51.0/24
431[*] ISP: INT-NETWORK IP Volume inc, SC
432[INFO] DNS enumeration:
433[*] ftp.nndoltop.com 94.102.51.111
434[*] mail.nndoltop.com 94.102.51.111
435[INFO] Possible abuse mails are:
436[*] abuse@ipvolume.net
437[*] abuse@nndoltop.com
438[*] abuse@www.nndoltop.com
439[INFO] NO PAC (Proxy Auto Configuration) file FOUND
440[INFO] Starting FUZZing in http://www.nndoltop.com/FUzZzZzZzZz...
441[INFO] Status code Folders
442[ALERT] Look in the source code. It may contain passwords
443[INFO] Links found from http://www.nndoltop.com/models/ http://94.102.51.111/:
444[*] http://www.alenamodel.com/
445[*] http://www.aleseamodel.com/
446[*] http://www.andypioneer.com/cgi-bin/accounts.cgi
447[*] http://www.andypioneer.com/cgi-bin/accounts.cgi?login
448[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=1000mo&url=http://1000models.net/
449[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=100nn&url=http://100nonude.net
450[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alena&url=http://www.alenamodel.com
451[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http%3a%2f%2fwww.aleseamodel.com
452[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=alesea&url=http://www.aleseamodel.com
453[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http%3a%2f%2fart-models.info
454[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artblo&url=http://art-models.info
455[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=artcool&url=http://coolarts.net/cgi-bin/in.cgi?id=51
456[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http%3a%2f%2fnnbbs.net
457[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bbbs&url=http://nnbbs.net
458[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=bcma&url=http://www.bestcma.com/
459[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http%3a%2f%2fcandydoll-chan.com
460[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=candy&url=http://candydoll-chan.com
461[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmamag&url=http://www.cmamag.com
462[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmas&url=http://www.cma-starts.com/?ft=andypioneer.com
463[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cmavid&url=http://www.cma-video.com/
464[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=cool&url=http://www.coolnymph.com/cgi-bin/rankem.cgi?id=andy
465[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolltop&url=http://www.nndoltop.com/cgi-bin/rankem.cgi?id=andy
466[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http%3a%2f%2fdolce-models.com
467[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dolmod&url=http://dolce-models.com
468[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http%3a%2f%2fdream-models.net
469[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=dream&url=http://dream-models.net
470[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http%3a%2f%2fdream-video.com%2f
471[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=drvid&url=http://dream-video.com/
472[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=eros&url=http://www.modland.info/eros/
473[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=fashi&url=http://models-fashion.net
474[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http%3a%2f%2fwww.fine-julia.com%2f
475[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=finej&url=http://www.fine-julia.com/
476[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http%3a%2f%2fflash-top.net%2fcgi-bin%2fin.cgi%3fid%3d57
477[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=flash&url=http://flash-top.net/cgi-bin/in.cgi?id=57
478[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=forum&url=http://forum-nn.com
479[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http%3a%2f%2fwww.newnnmod.com%2f
480[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gadinebe&url=http://www.newnnmod.com/
481[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http%3a%2f%2fwww.newnnmod.com%2f
482[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gagavuz&url=http://www.newnnmod.com/
483[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=gala&url=http://www.goodtalens.com/gala/
484[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=goodtale&url=http://www.goodtalens.com
485[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=hchat&url=http://hello-chat.com/cgi-bin/rank/in.cgi?id=6
486[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http%3a%2f%2fsmallmodels.net%2fcgi-bin%2fin.cgi%3fid%3d104
487[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=heruqiru&url=http://smallmodels.net/cgi-bin/in.cgi?id=104
488[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=honeys&url=http://www.hongirls.com
489[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http%3a%2f%2fwww.fineimages3d.com%2f
490[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=img3d&url=http://www.fineimages3d.com/
491[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=iraa&url=http://www.iramodel.com
492[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=katmod&url=http://www.katmod.com/
493[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lina&url=http://www.linamodel.net/
494[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http%3a%2f%2fwww.newnnmod.com%2f
495[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=littlem0&url=http://www.newnnmod.com/
496[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http%3a%2f%2fwww.goodtalens.com%2flsmodels%2f
497[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=lsmodels&url=http://www.goodtalens.com/lsmodels/
498[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http%3a%2f%2fwww.luisamodel.com%2f
499[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=luisa&url=http://www.luisamodel.com/
500[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=masha&url=http://www.goodtalens.com/masha/
501[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http%3a%2f%2fnnmodelblog.com%2f
502[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=moblo&url=http://nnmodelblog.com/
503[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modart&url=http://ice-pie.com/cgi-bin/in.cgi?id=50
504[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mode&url=http://www.models-top.com/cgi-bin/rankem.cgi?id=andy
505[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http%3a%2f%2fwww.modland.info
506[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modland&url=http://www.modland.info
507[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http%3a%2f%2fwww.modlinka.com
508[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=modlinks&url=http://www.modlinka.com
509[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http%3a%2f%2fmy-models.net%2f
510[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=mymod&url=http://my-models.net/
511[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http%3a%2f%2fteenmodels.club%2flanding%2f
512[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nedphoto&url=http://teenmodels.club/landing/
513[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http%3a%2f%2fwww.goodtalens.com%2fnewadd%2f
514[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newadd&url=http://www.goodtalens.com/newadd/
515[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=newcma&url=http://newyear.modlinka.com
516[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http%3a%2f%2fnonubook.com
517[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnbook&url=http://nonubook.com
518[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http%3a%2f%2fnonuclub.com
519[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnclub&url=http://nonuclub.com
520[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nndol&url=http://www.nndolmod.com
521[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnmds&url=http://nonublog.com
522[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http%3a%2f%2fnn-top.com%2fcgi-bin%2fin.cgi%3fid%3d81
523[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nnntop&url=http://nn-top.com/cgi-bin/in.cgi?id=81
524[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http%3a%2f%2fnonu-chan.com
525[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=noncha&url=http://nonu-chan.com
526[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http%3a%2f%2fnonutop.com%2fcgi-bin%2fin.cgi%3fid%3d31
527[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonin&url=http://nonutop.com/cgi-bin/in.cgi?id=31
528[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonstop&url=http://www.nonstop-nn.net/cgi-bin/in.cgi?id=158
529[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http%3a%2f%2fnonude.re
530[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonudere&url=http://nonude.re
531[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonufo&url=http://nonuforum.com/
532[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad3&url=http://nonude-top.xyz/cgi-bin/in.cgi?id=52
533[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nonuwad4&url=http://nonude-top.info/cgi-bin/in.cgi?id=17
534[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http%3a%2f%2fnonustars.com%2fcgi-bin%2fin.cgi%3fid%3d80
535[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=nostar&url=http://nonustars.com/cgi-bin/in.cgi?id=80
536[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olam&url=http://www.olamodel.com/
537[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olesya&url=http://www.olesyamodel.com
538[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=olyam&url=http://www.olyamodel.com
539[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http%3a%2f%2fwww.honeymod.com%2f%3fft%3dandypioneer.com
540[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=onegirl&url=http://www.honeymod.com/?ft=andypioneer.com
541[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=picasa&url=http://nnville.net/
542[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http%3a%2f%2fwww.newnnmod.com%2f
543[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pisonahe&url=http://www.newnnmod.com/
544[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=play&url=http://www.playing-girl.com
545[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http%3a%2f%2fnn-magazine.com
546[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=prd4u&url=http://nn-magazine.com
547[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http%3a%2f%2fpre10mix.com%2fsite%2ftop-list%2f%3fide%3d674
548[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=pre10mix&url=http://pre10mix.com/site/top-list/?ide=674
549[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http%3a%2f%2fwww.newnnmod.com%2f
550[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=preteen2&url=http://www.newnnmod.com/
551[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http%3a%2f%2fwww.cinderella-dreams.org%2fcgi-bin%2fin.cgi%3fid%3d844
552[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=qoqupave&url=http://www.cinderella-dreams.org/cgi-bin/in.cgi?id=844
553[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http%3a%2f%2fshare-chan.com
554[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=share&url=http://share-chan.com
555[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http%3a%2f%2fnew.nnmodsets.com
556[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sotatuna&url=http://new.nnmodsets.com
557[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=stars&url=http://www.goodtalens.com/stars/
558[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http%3a%2f%2fcute-stars.net
559[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=star&url=http://cute-stars.net
560[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=summer&url=http://www.summmerdays.com/
561[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetam&url=http://www.svetamodel.com
562[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sveta&url=http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=andy
563[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=svetlana&url=http://www.svetlanamodel.com/
564[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=sweet&url=http://top.modlinka.com/cgi-bin/rankem.cgi?id=andy
565[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=talents&url=http://www.talyoungart.com
566[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tart&url=http://www.goodtalens.com/talent/
567[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http%3a%2f%2fteensblog.net%2f
568[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teenbl&url=http://teensblog.net/
569[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=teen&url=http://www.fteenimg.com/?ft=andypioneer.com
570[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http%3a%2f%2fnew.nnmodsets.com
571[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=they18&url=http://new.nnmodsets.com
572[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=thind&url=http://modlinka.com/thind/
573[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http%3a%2f%2fwww.tianamodel.com%2f
574[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=tiana&url=http://www.tianamodel.com/
575[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=ultra&url=http://www.honey-ultra.com/
576[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http%3a%2f%2fwww.vasilisamodel.com%2f
577[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vasia&url=http://www.vasilisamodel.com/
578[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=vinka&url=http://www.vinkamodel.com/
579[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wonder&url=http://www.wonteens.com/?ft=andypioneer.com
580[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=wowmod&url=http://www.wownm.com/?ft=andypioneer.com
581[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http%3a%2f%2fyour-model.com
582[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=yood&url=http://your-model.com
583[*] http://www.andypioneer.com/cgi-bin/out.cgi?id=young&url=http://www.young-models.info/cgi-bin/rankem.cgi?id=andy
584[*] http://www.andypioneer.com/cgi-bin/rankem.cgi?id=svetlana
585[*] http://www.bestcma.com/
586[*] http://www.cmamag.com/
587[*] http://www.cma-starts.com/
588[*] http://www.cma-video.com/
589[*] http://www.coolnymph.com/cgi-bin/rankem.cgi?id=svetlana
590[*] http://www.fineimages3d.com/
591[*] http://www.fine-julia.com/
592[*] http://www.fteenimg.com/
593[*] http://www.goodtalens.com/
594[*] http://www.goodtalens.com/diapers/
595[*] http://www.goodtalens.com/gala/
596[*] http://www.goodtalens.com/kitty/
597[*] http://www.goodtalens.com/lsmodels/
598[*] http://www.goodtalens.com/masha/
599[*] http://www.goodtalens.com/secret/
600[*] http://www.goodtalens.com/stars/
601[*] http://www.goodtalens.com/talent/
602[*] http://www.goodtalens.com/usenet/
603[*] http://www.honeymod.com/
604[*] http://www.honey-ultra.com/
605[*] http://www.hongirls.com/
606[*] http://www.iramodel.com/
607[*] http://www.katmod.com/
608[*] http://www.linamodel.net/
609[*] http://www.luisamodel.com/
610[*] http://www.models-top.com/cgi-bin/rankem.cgi?id=svetlana
611[*] http://www.modlinka.com/
612[*] http://www.newnnmod.com/
613[*] http://www.nndolmod.com/
614[*] http://www.nndoltop.com/
615[*] http://www.nndoltop.com/cgi-bin/rankem.cgi?id=svetlana
616[*] http://www.nndoltop.com/models/
617[*] http://www.nnmodsets.com/
618[*] http://www.nnmodsets.com/nnblog/
619[*] http://www.nnmodsets.com/nnlinks/
620[*] http://www.olamodel.com/
621[*] http://www.olesyamodel.com/
622[*] http://www.olyamodel.com/
623[*] http://www.playing-girl.com/
624[*] http://www.summmerdays.com/
625[*] http://www.svetamodel.com/
626[*] http://www.svetamodel.net/cgi-bin/top/rankem.cgi?id=svetlana
627[*] http://www.svetlanamodel.com/
628[*] http://www.talyoungart.com/
629[*] http://www.tianamodel.com/
630[*] http://www.vasilisamodel.com/
631[*] http://www.vinkamodel.com/
632[*] http://www.wonteens.com/
633[*] http://www.wowmodels.info/
634[*] http://www.young-models.info/cgi-bin/rankem.cgi?id=svetlana
635[INFO] GOOGLE has urlscan.io https://urlscan.io › result about http://www.nndoltop.com/
636[INFO] BING shows 94.102.51.111 is shared with 6,900 hosts/vhosts
637[INFO] Shodan detected the following opened ports on 94.102.51.111:
638[*] 1
639[*] 110
640[*] 143
641[*] 22
642[*] 25
643[*] 4
644[*] 465
645[*] 53
646[*] 80
647[*] 993
648[*] 995
649[INFO] ------VirusTotal SECTION------
650[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
651[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
652[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
653[INFO] ------Alexa Rank SECTION------
654[INFO] Percent of Visitors Rank in Country:
655[INFO] Percent of Search Traffic:
656[INFO] Percent of Unique Visits:
657[INFO] Total Sites Linking In:
658[*] Total Sites
659[INFO] Useful links related to www.nndoltop.com - 94.102.51.111:
660[*] https://www.virustotal.com/pt/ip-address/94.102.51.111/information/
661[*] https://www.hybrid-analysis.com/search?host=94.102.51.111
662[*] https://www.shodan.io/host/94.102.51.111
663[*] https://www.senderbase.org/lookup/?search_string=94.102.51.111
664[*] https://www.alienvault.com/open-threat-exchange/ip/94.102.51.111
665[*] http://pastebin.com/search?q=94.102.51.111
666[*] http://urlquery.net/search.php?q=94.102.51.111
667[*] http://www.alexa.com/siteinfo/www.nndoltop.com
668[*] http://www.google.com/safebrowsing/diagnostic?site=www.nndoltop.com
669[*] https://censys.io/ipv4/94.102.51.111
670[*] https://www.abuseipdb.com/check/94.102.51.111
671[*] https://urlscan.io/search/#94.102.51.111
672[*] https://github.com/search?q=94.102.51.111&type=Code
673[INFO] Useful links related to AS202425 - 94.102.51.0/24:
674[*] http://www.google.com/safebrowsing/diagnostic?site=AS:202425
675[*] https://www.senderbase.org/lookup/?search_string=94.102.51.0/24
676[*] http://bgp.he.net/AS202425
677[*] https://stat.ripe.net/AS202425
678[INFO] Date: 18/03/20 | Time: 18:31:35
679[INFO] Total time: 0 minute(s) and 54 second(s)
680##################################################################################################################################
681Trying "nndoltop.com"
682;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15969
683;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 2
684
685;; QUESTION SECTION:
686;nndoltop.com. IN ANY
687
688;; ANSWER SECTION:
689nndoltop.com. 3600 IN A 94.102.51.111
690nndoltop.com. 3600 IN MX 20 mail.nndoltop.com.
691nndoltop.com. 3600 IN MX 10 mail.nndoltop.com.
692nndoltop.com. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
693nndoltop.com. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
694nndoltop.com. 3600 IN NS ns2.monchekin.com.
695nndoltop.com. 3600 IN NS ns1.monchekin.com.
696
697;; ADDITIONAL SECTION:
698ns1.monchekin.com. 31815 IN A 94.102.51.111
699ns2.monchekin.com. 31815 IN A 94.102.51.112
700
701Received 268 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 127 ms
702#################################################################################################################################
703; <<>> DiG 9.11.16-2-Debian <<>> +trace nndoltop.com any
704;; global options: +cmd
705. 82544 IN NS a.root-servers.net.
706. 82544 IN NS b.root-servers.net.
707. 82544 IN NS c.root-servers.net.
708. 82544 IN NS d.root-servers.net.
709. 82544 IN NS e.root-servers.net.
710. 82544 IN NS f.root-servers.net.
711. 82544 IN NS g.root-servers.net.
712. 82544 IN NS h.root-servers.net.
713. 82544 IN NS i.root-servers.net.
714. 82544 IN NS j.root-servers.net.
715. 82544 IN NS k.root-servers.net.
716. 82544 IN NS l.root-servers.net.
717. 82544 IN NS m.root-servers.net.
718. 82544 IN RRSIG NS 8 0 518400 20200331170000 20200318160000 33853 . qgasYmvTaMw/ft2FJz7Ze3a8EYdfzDR3E/n9ffoT8zkgJZhW74Yf1Tdn yt7zJUoZjZSL0px3bOccsey7rwAAt7PG3PKsG50hINxFU/G65DdLn5Fe 0E3wqLh7J2oix+own3AHEUyntF3nuL/surpqvvZpLoS+DU4enbMfJlZf KSu2/73I+n6tx57gGWnekkFlgq7JVBS6MDry5UsFR4C3GwBInUqcFiQQ ATVi6s9+xcWmTWhUOLtZa9JyStBDWanch24001hD51VLFix7DOnA1+oG 9IcdQjqO4WTbzk2TgfRGNvax6IPeVWwLOTaDfpH/1UjfqI6OVNldnXSE xBsI6g==
719;; Received 525 bytes from 10.101.0.243#53(10.101.0.243) in 218 ms
720
721com. 172800 IN NS a.gtld-servers.net.
722com. 172800 IN NS b.gtld-servers.net.
723com. 172800 IN NS c.gtld-servers.net.
724com. 172800 IN NS d.gtld-servers.net.
725com. 172800 IN NS e.gtld-servers.net.
726com. 172800 IN NS f.gtld-servers.net.
727com. 172800 IN NS g.gtld-servers.net.
728com. 172800 IN NS h.gtld-servers.net.
729com. 172800 IN NS i.gtld-servers.net.
730com. 172800 IN NS j.gtld-servers.net.
731com. 172800 IN NS k.gtld-servers.net.
732com. 172800 IN NS l.gtld-servers.net.
733com. 172800 IN NS m.gtld-servers.net.
734com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
735com. 86400 IN RRSIG DS 8 1 86400 20200331170000 20200318160000 33853 . IqOJ6nE+fKiwc8jNJy+qBpMo2fMSJSYGRbfNO6sz4VejsuoYGDuEdrb4 g/bcwebIXaCWIn/d3pOQaf7f0jweWvykYr4uyKj6Q1fu+ppvzLHyvLxw +OmqOStuZXXgw/kiMEyEFaRGuFShZd74clSc/LJnOjtRXZ3vIb1LSXZZ cTT9nBKIgCe/yS/cbZwWLdkoK4q0vqEJgcdIhdrUsghfti+EVAieq/W/ lYuafNiOdh474NuPdJLM1FRdYey49TLVdyUoZ8n3M+JmRygPLEqH4RAk BFN5Z0DZsWEj7Ny/gAxnxApvM3w1Bog9X4Zl9DvI5DV53Ek4U2b7GCd3 ijCY4Q==
736;; Received 1172 bytes from 2001:503:ba3e::2:30#53(a.root-servers.net) in 124 ms
737
738nndoltop.com. 172800 IN NS ns1.monchekin.com.
739nndoltop.com. 172800 IN NS ns2.monchekin.com.
740CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
741CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200322044927 20200315033927 56311 com. pKi3j2T+MmOgxjdmTcZS3YYGSfTSSb0jX5woxUr9roiXvsiM6gxczhHa 43lZFia30VmrYsRNrA43ddnO03iC0bAU0QOfsMSZ0SasKx6fAb+Ynj0H Z/MlenueBOVWr11KlixRNF5hZgLIl+c/+nVM48BkKM6Xfoju4j8+Wedm Nm9phbpnEyd+awJ31vZJAvXDfwOT1SAqqKEq2F06iYoR4g==
742SKI1FUSAD7MEH3OBBU2PPN7DP7AF5GM0.com. 86400 IN NSEC3 1 1 0 - SKI3MA3PC67GPJLIBOCU444R61U5OL0M NS DS RRSIG
743SKI1FUSAD7MEH3OBBU2PPN7DP7AF5GM0.com. 86400 IN RRSIG NSEC3 8 2 86400 20200322042416 20200315031416 56311 com. u1Nd4KlipQo1CEN1DAv24Ex4dfpEuQcWZFIDmTlzT/vmKnV1VcCWTRkF vHDgtTVKJyFQYDO5oqR/dskrkQ8Rjw3LD8jZFhv+ek7kII2j2eve881X U6v8uYvJ4a1hmNr8WcVWKrHbVhN+C1ruwy8B6hGqQMx2AC/EtIscwgSD u3hjy24X4fJfDDAexoHzXZgfo5gyjI/i4+5Xlh98N4vWow==
744;; Received 668 bytes from 2001:500:d937::30#53(l.gtld-servers.net) in 116 ms
745
746nndoltop.com. 3600 IN SOA a13s08.host.com. root.example.com. 2018030600 3600 3600 604800 86400
747nndoltop.com. 3600 IN NS ns1.monchekin.com.
748nndoltop.com. 3600 IN NS ns2.monchekin.com.
749nndoltop.com. 3600 IN TXT "v=spf1 ip4:94.102.51.33 a mx ~all"
750nndoltop.com. 3600 IN MX 10 mail.nndoltop.com.
751nndoltop.com. 3600 IN MX 20 mail.nndoltop.com.
752nndoltop.com. 3600 IN A 94.102.51.111
753;; Received 295 bytes from 94.102.51.111#53(ns1.monchekin.com) in 169 ms
754
755#################################################################################################################################
756traceroute to www.nndoltop.com (94.102.51.111), 30 hops max, 60 byte packets
757 1 _gateway (10.203.13.1) 131.137 ms 131.118 ms 131.106 ms
758 2 * * *
759 3 te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49) 135.776 ms 136.062 ms 136.069 ms
760 4 be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249) 135.608 ms 136.161 ms 136.167 ms
761 5 be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194) 141.820 ms 141.835 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190) 141.785 ms
762 6 be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226) 141.785 ms 137.787 ms 137.764 ms
763 7 ae-10.edge4.Stockholm2.Level3.net (4.68.106.125) 137.691 ms 141.372 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129) 141.920 ms
764 8 * * *
765 9 195.122.181.130 (195.122.181.130) 167.934 ms 167.878 ms 167.927 ms
76610 ae5-2074.ams10.core-backbone.com (81.95.2.138) 173.026 ms 173.055 ms 168.003 ms
76711 * * *
76812 94.102.51.111 (94.102.51.111) 170.146 ms 169.684 ms 169.654 ms
769##################################################################################################################################
770Domains still to check: 1
771 Checking if the hostname nndoltop.com. given is in fact a domain...
772
773Analyzing domain: nndoltop.com.
774 Checking NameServers using system default resolver...
775 IP: 94.102.51.111 (Netherlands)
776 HostName: ns1.monchekin.com Type: NS
777 IP: 94.102.51.112 (Netherlands)
778 HostName: ns2.monchekin.com Type: NS
779 HostName: no-reverse-dns-configured.com Type: PTR
780
781 Checking MailServers using system default resolver...
782 IP: 94.102.51.111 (Netherlands)
783 HostName: ns1.monchekin.com Type: NS
784 HostName: mail.nndoltop.com Type: MX
785 IP: 94.102.51.111 (Netherlands)
786 HostName: ns1.monchekin.com Type: NS
787 HostName: mail.nndoltop.com Type: MX
788 HostName: mail.nndoltop.com Type: MX
789
790 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
791 No zone transfer found on nameserver 94.102.51.112
792 No zone transfer found on nameserver 94.102.51.111
793
794 Checking SPF record...
795 New IP found: 94.102.51.33
796
797 Checking 192 most common hostnames using system default resolver...
798 IP: 94.102.51.111 (Netherlands)
799 HostName: ns1.monchekin.com Type: NS
800 HostName: mail.nndoltop.com Type: MX
801 HostName: mail.nndoltop.com Type: MX
802 HostName: www.nndoltop.com. Type: A
803 IP: 94.102.51.111 (Netherlands)
804 HostName: ns1.monchekin.com Type: NS
805 HostName: mail.nndoltop.com Type: MX
806 HostName: mail.nndoltop.com Type: MX
807 HostName: www.nndoltop.com. Type: A
808 HostName: ftp.nndoltop.com. Type: A
809 IP: 94.102.51.111 (Netherlands)
810 HostName: ns1.monchekin.com Type: NS
811 HostName: mail.nndoltop.com Type: MX
812 HostName: mail.nndoltop.com Type: MX
813 HostName: www.nndoltop.com. Type: A
814 HostName: ftp.nndoltop.com. Type: A
815 HostName: mail.nndoltop.com. Type: A
816 IP: 94.102.51.111 (Netherlands)
817 HostName: ns1.monchekin.com Type: NS
818 HostName: mail.nndoltop.com Type: MX
819 HostName: mail.nndoltop.com Type: MX
820 HostName: www.nndoltop.com. Type: A
821 HostName: ftp.nndoltop.com. Type: A
822 HostName: mail.nndoltop.com. Type: A
823 HostName: smtp.nndoltop.com. Type: A
824 IP: 94.102.51.111 (Netherlands)
825 HostName: ns1.monchekin.com Type: NS
826 HostName: mail.nndoltop.com Type: MX
827 HostName: mail.nndoltop.com Type: MX
828 HostName: www.nndoltop.com. Type: A
829 HostName: ftp.nndoltop.com. Type: A
830 HostName: mail.nndoltop.com. Type: A
831 HostName: smtp.nndoltop.com. Type: A
832 HostName: pop.nndoltop.com. Type: A
833
834 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
835 Checking netblock 94.102.51.0
836
837 Searching for nndoltop.com. emails in Google
838
839 Checking 3 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
840 Host 94.102.51.33 is up (syn-ack ttl 52)
841 Host 94.102.51.112 is up (syn-ack ttl 52)
842 Host 94.102.51.111 is up (echo-reply ttl 52)
843
844 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
845 Scanning ip 94.102.51.33 ():
846 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
847 | ssh-hostkey:
848 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
849 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
850 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
851 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
852 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
853 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
854 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
855 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
856 | Public Key type: rsa
857 | Public Key bits: 1024
858 | Signature Algorithm: sha256WithRSAEncryption
859 | Not valid before: 2018-03-05T07:49:40
860 | Not valid after: 2028-03-02T07:49:40
861 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
862 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
863 |_ssl-date: TLS randomness does not represent time
864 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
865 | dns-nsid:
866 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
867 80/tcp open http syn-ack ttl 52 nginx
868 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
869 |_http-generator: Microsoft FrontPage 5.0
870 | http-methods:
871 | Supported Methods: POST OPTIONS GET HEAD TRACE
872 |_ Potentially risky methods: TRACE
873 |_http-title: Andy Pioneer Top Sites
874 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
875 |_pop3-capabilities: SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) STLS RESP-CODES UIDL USER TOP CAPA PIPELINING AUTH-RESP-CODE
876 |_ssl-date: TLS randomness does not represent time
877 143/tcp open imap syn-ack ttl 52 Dovecot imapd
878 |_imap-capabilities: capabilities Pre-login listed IDLE have ID LITERAL+ IMAP4rev1 OK more AUTH=LOGIN STARTTLS SASL-IR AUTH=CRAM-MD5A0001 LOGIN-REFERRALS post-login AUTH=DIGEST-MD5 AUTH=PLAIN ENABLE
879 |_ssl-date: TLS randomness does not represent time
880 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
881 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
882 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
883 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
884 | Public Key type: rsa
885 | Public Key bits: 1024
886 | Signature Algorithm: sha256WithRSAEncryption
887 | Not valid before: 2018-03-05T07:49:40
888 | Not valid after: 2028-03-02T07:49:40
889 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
890 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
891 |_ssl-date: TLS randomness does not represent time
892 993/tcp open ssl/imaps? syn-ack ttl 52
893 |_ssl-date: TLS randomness does not represent time
894 995/tcp open ssl/pop3s? syn-ack ttl 52
895 |_ssl-date: TLS randomness does not represent time
896 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
897 Scanning ip 94.102.51.112 (no-reverse-dns-configured.com (PTR)):
898 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
899 | ssh-hostkey:
900 | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
901 | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
902 |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
903 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
904 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
905 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
906 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
907 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
908 | Public Key type: rsa
909 | Public Key bits: 1024
910 | Signature Algorithm: sha256WithRSAEncryption
911 | Not valid before: 2018-03-05T07:49:40
912 | Not valid after: 2028-03-02T07:49:40
913 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
914 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
915 |_ssl-date: TLS randomness does not represent time
916 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
917 | dns-nsid:
918 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
919 80/tcp open http syn-ack ttl 52 nginx
920 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
921 |_http-generator: Microsoft FrontPage 5.0
922 | http-methods:
923 | Supported Methods: POST OPTIONS GET HEAD TRACE
924 |_ Potentially risky methods: TRACE
925 |_http-title: Andy Pioneer Top Sites
926 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
927 |_pop3-capabilities: PIPELINING AUTH-RESP-CODE CAPA UIDL STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER TOP RESP-CODES
928 |_ssl-date: TLS randomness does not represent time
929 143/tcp open imap syn-ack ttl 52 Dovecot imapd
930 |_imap-capabilities: AUTH=DIGEST-MD5 post-login have listed LITERAL+ capabilities more IDLE AUTH=PLAIN AUTH=CRAM-MD5A0001 Pre-login STARTTLS ENABLE OK AUTH=LOGIN LOGIN-REFERRALS SASL-IR IMAP4rev1 ID
931 |_ssl-date: TLS randomness does not represent time
932 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
933 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
934 |_ Commands supported:
935 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
936 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
937 | Public Key type: rsa
938 | Public Key bits: 1024
939 | Signature Algorithm: sha256WithRSAEncryption
940 | Not valid before: 2018-03-05T07:49:40
941 | Not valid after: 2028-03-02T07:49:40
942 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
943 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
944 |_ssl-date: TLS randomness does not represent time
945 993/tcp open ssl/imaps? syn-ack ttl 52
946 |_ssl-date: TLS randomness does not represent time
947 995/tcp open ssl/pop3s? syn-ack ttl 52
948 |_ssl-date: TLS randomness does not represent time
949 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
950 Scanning ip 94.102.51.111 (pop.nndoltop.com.):
951 22/tcp open ssh? syn-ack ttl 52
952 |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
953 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
954 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
955 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
956 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
957 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
958 | Public Key type: rsa
959 | Public Key bits: 1024
960 | Signature Algorithm: sha256WithRSAEncryption
961 | Not valid before: 2018-03-05T07:49:40
962 | Not valid after: 2028-03-02T07:49:40
963 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
964 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
965 |_ssl-date: TLS randomness does not represent time
966 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
967 | dns-nsid:
968 |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
969 80/tcp open http syn-ack ttl 52 nginx
970 |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
971 |_http-generator: Microsoft FrontPage 5.0
972 | http-methods:
973 | Supported Methods: POST OPTIONS GET HEAD TRACE
974 |_ Potentially risky methods: TRACE
975 |_http-title: Andy Pioneer Top Sites
976 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
977 |_pop3-capabilities: PIPELINING AUTH-RESP-CODE STLS TOP CAPA UIDL USER RESP-CODES SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5)
978 |_ssl-date: TLS randomness does not represent time
979 143/tcp open imap syn-ack ttl 52 Dovecot imapd
980 |_imap-capabilities: capabilities AUTH=DIGEST-MD5 OK IMAP4rev1 SASL-IR AUTH=CRAM-MD5A0001 ENABLE post-login more STARTTLS AUTH=PLAIN have listed LITERAL+ AUTH=LOGIN IDLE LOGIN-REFERRALS ID Pre-login
981 |_ssl-date: TLS randomness does not represent time
982 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
983 | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
984 |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
985 | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
986 | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
987 | Public Key type: rsa
988 | Public Key bits: 1024
989 | Signature Algorithm: sha256WithRSAEncryption
990 | Not valid before: 2018-03-05T07:49:40
991 | Not valid after: 2028-03-02T07:49:40
992 | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
993 |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
994 |_ssl-date: TLS randomness does not represent time
995 993/tcp open ssl/imaps? syn-ack ttl 52
996 |_ssl-date: TLS randomness does not represent time
997 995/tcp open ssl/pop3s? syn-ack ttl 52
998 |_ssl-date: TLS randomness does not represent time
999 OS Info: Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1000 WebCrawling domain's web servers... up to 50 max links.
1001
1002 + URL to crawl: http://ns2.monchekin.com
1003 + Date: 2020-03-18
1004
1005 + Crawling URL: http://ns2.monchekin.com:
1006 + Links:
1007 + Crawling http://ns2.monchekin.com
1008 + Searching for directories...
1009 + Searching open folders...
1010
1011
1012 + URL to crawl: http://smtp.nndoltop.com.
1013 + Date: 2020-03-18
1014
1015 + Crawling URL: http://smtp.nndoltop.com.:
1016 + Links:
1017 + Crawling http://smtp.nndoltop.com.
1018 + Searching for directories...
1019 + Searching open folders...
1020
1021
1022 + URL to crawl: http://mail.nndoltop.com.
1023 + Date: 2020-03-18
1024
1025 + Crawling URL: http://mail.nndoltop.com.:
1026 + Links:
1027 + Crawling http://mail.nndoltop.com.
1028 + Searching for directories...
1029 + Searching open folders...
1030
1031
1032 + URL to crawl: http://ns1.monchekin.com
1033 + Date: 2020-03-18
1034
1035 + Crawling URL: http://ns1.monchekin.com:
1036 + Links:
1037 + Crawling http://ns1.monchekin.com
1038 + Searching for directories...
1039 + Searching open folders...
1040
1041
1042 + URL to crawl: http://mail.nndoltop.com
1043 + Date: 2020-03-18
1044
1045 + Crawling URL: http://mail.nndoltop.com:
1046 + Links:
1047 + Crawling http://mail.nndoltop.com
1048 + Searching for directories...
1049 + Searching open folders...
1050
1051
1052 + URL to crawl: http://pop.nndoltop.com.
1053 + Date: 2020-03-18
1054
1055 + Crawling URL: http://pop.nndoltop.com.:
1056 + Links:
1057 + Crawling http://pop.nndoltop.com.
1058 + Searching for directories...
1059 + Searching open folders...
1060
1061
1062 + URL to crawl: http://www.nndoltop.com.
1063 + Date: 2020-03-18
1064
1065 + Crawling URL: http://www.nndoltop.com.:
1066 + Links:
1067 + Crawling http://www.nndoltop.com.
1068 + Searching for directories...
1069 + Searching open folders...
1070
1071
1072 + URL to crawl: http://ftp.nndoltop.com.
1073 + Date: 2020-03-18
1074
1075 + Crawling URL: http://ftp.nndoltop.com.:
1076 + Links:
1077 + Crawling http://ftp.nndoltop.com.
1078 + Searching for directories...
1079 + Searching open folders...
1080
1081--Finished--
1082Summary information for domain nndoltop.com.
1083-----------------------------------------
1084
1085 Domain Ips Information:
1086 IP: 94.102.51.33
1087 Type: SPF
1088 Is Active: True (syn-ack ttl 52)
1089 Port: 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
1090 Script Info: | ssh-hostkey:
1091 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1092 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1093 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
1094 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
1095 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1096 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1097 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1098 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1099 Script Info: | Public Key type: rsa
1100 Script Info: | Public Key bits: 1024
1101 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1102 Script Info: | Not valid before: 2018-03-05T07:49:40
1103 Script Info: | Not valid after: 2028-03-02T07:49:40
1104 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1105 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1106 Script Info: |_ssl-date: TLS randomness does not represent time
1107 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1108 Script Info: | dns-nsid:
1109 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1110 Port: 80/tcp open http syn-ack ttl 52 nginx
1111 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1112 Script Info: |_http-generator: Microsoft FrontPage 5.0
1113 Script Info: | http-methods:
1114 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
1115 Script Info: |_ Potentially risky methods: TRACE
1116 Script Info: |_http-title: Andy Pioneer Top Sites
1117 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1118 Script Info: |_pop3-capabilities: SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) STLS RESP-CODES UIDL USER TOP CAPA PIPELINING AUTH-RESP-CODE
1119 Script Info: |_ssl-date: TLS randomness does not represent time
1120 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1121 Script Info: |_imap-capabilities: capabilities Pre-login listed IDLE have ID LITERAL+ IMAP4rev1 OK more AUTH=LOGIN STARTTLS SASL-IR AUTH=CRAM-MD5A0001 LOGIN-REFERRALS post-login AUTH=DIGEST-MD5 AUTH=PLAIN ENABLE
1122 Script Info: |_ssl-date: TLS randomness does not represent time
1123 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1124 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
1125 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1126 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1127 Script Info: | Public Key type: rsa
1128 Script Info: | Public Key bits: 1024
1129 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1130 Script Info: | Not valid before: 2018-03-05T07:49:40
1131 Script Info: | Not valid after: 2028-03-02T07:49:40
1132 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1133 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1134 Script Info: |_ssl-date: TLS randomness does not represent time
1135 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1136 Script Info: |_ssl-date: TLS randomness does not represent time
1137 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1138 Script Info: |_ssl-date: TLS randomness does not represent time
1139 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1140 IP: 94.102.51.112
1141 HostName: ns2.monchekin.com Type: NS
1142 HostName: no-reverse-dns-configured.com Type: PTR
1143 Country: Netherlands
1144 Is Active: True (syn-ack ttl 52)
1145 Port: 22/tcp open ssh syn-ack ttl 52 OpenSSH 7.4 (protocol 2.0)
1146 Script Info: | ssh-hostkey:
1147 Script Info: | 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
1148 Script Info: | 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
1149 Script Info: |_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
1150 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
1151 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1152 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1153 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1154 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1155 Script Info: | Public Key type: rsa
1156 Script Info: | Public Key bits: 1024
1157 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1158 Script Info: | Not valid before: 2018-03-05T07:49:40
1159 Script Info: | Not valid after: 2028-03-02T07:49:40
1160 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1161 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1162 Script Info: |_ssl-date: TLS randomness does not represent time
1163 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1164 Script Info: | dns-nsid:
1165 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1166 Port: 80/tcp open http syn-ack ttl 52 nginx
1167 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1168 Script Info: |_http-generator: Microsoft FrontPage 5.0
1169 Script Info: | http-methods:
1170 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
1171 Script Info: |_ Potentially risky methods: TRACE
1172 Script Info: |_http-title: Andy Pioneer Top Sites
1173 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1174 Script Info: |_pop3-capabilities: PIPELINING AUTH-RESP-CODE CAPA UIDL STLS SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER TOP RESP-CODES
1175 Script Info: |_ssl-date: TLS randomness does not represent time
1176 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1177 Script Info: |_imap-capabilities: AUTH=DIGEST-MD5 post-login have listed LITERAL+ capabilities more IDLE AUTH=PLAIN AUTH=CRAM-MD5A0001 Pre-login STARTTLS ENABLE OK AUTH=LOGIN LOGIN-REFERRALS SASL-IR IMAP4rev1 ID
1178 Script Info: |_ssl-date: TLS randomness does not represent time
1179 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1180 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
1181 Script Info: |_ Commands supported:
1182 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1183 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1184 Script Info: | Public Key type: rsa
1185 Script Info: | Public Key bits: 1024
1186 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1187 Script Info: | Not valid before: 2018-03-05T07:49:40
1188 Script Info: | Not valid after: 2028-03-02T07:49:40
1189 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1190 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1191 Script Info: |_ssl-date: TLS randomness does not represent time
1192 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1193 Script Info: |_ssl-date: TLS randomness does not represent time
1194 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1195 Script Info: |_ssl-date: TLS randomness does not represent time
1196 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1197 IP: 94.102.51.111
1198 HostName: ns1.monchekin.com Type: NS
1199 HostName: mail.nndoltop.com Type: MX
1200 HostName: mail.nndoltop.com Type: MX
1201 HostName: www.nndoltop.com. Type: A
1202 HostName: ftp.nndoltop.com. Type: A
1203 HostName: mail.nndoltop.com. Type: A
1204 HostName: smtp.nndoltop.com. Type: A
1205 HostName: pop.nndoltop.com. Type: A
1206 Country: Netherlands
1207 Is Active: True (echo-reply ttl 52)
1208 Port: 22/tcp open ssh? syn-ack ttl 52
1209 Script Info: |_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1210 Port: 25/tcp open smtp syn-ack ttl 52 Exim smtpd 4.89
1211 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
1212 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1213 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1214 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1215 Script Info: | Public Key type: rsa
1216 Script Info: | Public Key bits: 1024
1217 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1218 Script Info: | Not valid before: 2018-03-05T07:49:40
1219 Script Info: | Not valid after: 2028-03-02T07:49:40
1220 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1221 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1222 Script Info: |_ssl-date: TLS randomness does not represent time
1223 Port: 53/tcp open domain syn-ack ttl 52 ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1224 Script Info: | dns-nsid:
1225 Script Info: |_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1226 Port: 80/tcp open http syn-ack ttl 52 nginx
1227 Script Info: |_http-favicon: Unknown favicon MD5: 1DD7E26D04237FA651903A0917D57955
1228 Script Info: |_http-generator: Microsoft FrontPage 5.0
1229 Script Info: | http-methods:
1230 Script Info: | Supported Methods: POST OPTIONS GET HEAD TRACE
1231 Script Info: |_ Potentially risky methods: TRACE
1232 Script Info: |_http-title: Andy Pioneer Top Sites
1233 Port: 110/tcp open pop3 syn-ack ttl 52 Dovecot pop3d
1234 Script Info: |_pop3-capabilities: PIPELINING AUTH-RESP-CODE STLS TOP CAPA UIDL USER RESP-CODES SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5)
1235 Script Info: |_ssl-date: TLS randomness does not represent time
1236 Port: 143/tcp open imap syn-ack ttl 52 Dovecot imapd
1237 Script Info: |_imap-capabilities: capabilities AUTH=DIGEST-MD5 OK IMAP4rev1 SASL-IR AUTH=CRAM-MD5A0001 ENABLE post-login more STARTTLS AUTH=PLAIN have listed LITERAL+ AUTH=LOGIN IDLE LOGIN-REFERRALS ID Pre-login
1238 Script Info: |_ssl-date: TLS randomness does not represent time
1239 Port: 465/tcp open ssl/smtp syn-ack ttl 52 Exim smtpd 4.89
1240 Script Info: | smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
1241 Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1242 Script Info: | ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1243 Script Info: | Issuer: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
1244 Script Info: | Public Key type: rsa
1245 Script Info: | Public Key bits: 1024
1246 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1247 Script Info: | Not valid before: 2018-03-05T07:49:40
1248 Script Info: | Not valid after: 2028-03-02T07:49:40
1249 Script Info: | MD5: 5725 8193 eba3 6655 85e8 03ba ac88 3a0d
1250 Script Info: |_SHA-1: b25e d398 61f7 f64d 48ec a833 2fc2 ec3d 818c 497b
1251 Script Info: |_ssl-date: TLS randomness does not represent time
1252 Port: 993/tcp open ssl/imaps? syn-ack ttl 52
1253 Script Info: |_ssl-date: TLS randomness does not represent time
1254 Port: 995/tcp open ssl/pop3s? syn-ack ttl 52
1255 Script Info: |_ssl-date: TLS randomness does not represent time
1256 Os Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1257
1258--------------End Summary --------------
1259-----------------------------------------
1260#################################################################################################################################
1261----- nndoltop.com -----
1262
1263
1264Host's addresses:
1265__________________
1266
1267nndoltop.com. 3049 IN A 94.102.51.111
1268
1269
1270Name Servers:
1271______________
1272
1273ns2.monchekin.com. 2558 IN A 94.102.51.112
1274ns1.monchekin.com. 2558 IN A 94.102.51.111
1275
1276
1277Mail (MX) Servers:
1278___________________
1279
1280mail.nndoltop.com. 3057 IN A 94.102.51.111
1281mail.nndoltop.com. 3057 IN A 94.102.51.111
1282
1283
1284
1285Brute forcing with /usr/share/dnsenum/dns.txt:
1286_______________________________________________
1287
1288ftp.nndoltop.com. 3031 IN A 94.102.51.111
1289mail.nndoltop.com. 3025 IN A 94.102.51.111
1290pop.nndoltop.com. 3491 IN A 94.102.51.111
1291smtp.nndoltop.com. 3484 IN A 94.102.51.111
1292www.nndoltop.com. 2506 IN A 94.102.51.111
1293
1294
1295Launching Whois Queries:
1296_________________________
1297
1298 whois ip result: 94.102.51.0 -> 94.102.51.0/24
1299
1300
1301nndoltop.com____________
1302
1303 94.102.51.0/24
1304#################################################################################################################################
1305URLCrazy Domain Report
1306Domain : www.nndoltop.com
1307Keyboard : qwerty
1308At : 2020-03-18 18:38:47 -0400
1309
1310# Please wait. 154 hostnames to process
1311
1312Typo Type Typo DNS-A CC-A DNS-MX Extn
1313-----------------------------------------------------------------------------------------------------------
1314Character Omission ww.nndoltop.com ? com
1315Character Omission www.ndoltop.com ? com
1316Character Omission www.nndltop.com ? com
1317Character Omission www.nndolop.com ? com
1318Character Omission www.nndolto.com ? com
1319Character Omission www.nndoltop.cm ? cm
1320Character Omission www.nndoltp.com ? com
1321Character Omission www.nndotop.com ? com
1322Character Omission www.nnoltop.com ? com
1323Character Omission wwwnndoltop.com ? com
1324Character Repeat www.nnddoltop.com ? com
1325Character Repeat www.nndolltop.com ? com
1326Character Repeat www.nndoltoop.com ? com
1327Character Repeat www.nndoltopp.com ? com
1328Character Repeat www.nndolttop.com ? com
1329Character Repeat www.nndooltop.com ? com
1330Character Repeat www.nnndoltop.com ? com
1331Character Repeat wwww.nndoltop.com ? com
1332Character Swap ww.wnndoltop.com ? com
1333Character Swap www.ndnoltop.com ? com
1334Character Swap www.nndlotop.com ? com
1335Character Swap www.nndolotp.com ? com
1336Character Swap www.nndoltpo.com ? com
1337Character Swap www.nndotlop.com ? com
1338Character Swap www.nnodltop.com ? com
1339Character Swap wwwn.ndoltop.com ? com
1340Character Replacement eww.nndoltop.com ? com
1341Character Replacement qww.nndoltop.com ? com
1342Character Replacement wew.nndoltop.com ? com
1343Character Replacement wqw.nndoltop.com ? com
1344Character Replacement wwe.nndoltop.com ? com
1345Character Replacement wwq.nndoltop.com ? com
1346Character Replacement www.bndoltop.com ? com
1347Character Replacement www.mndoltop.com ? com
1348Character Replacement www.nbdoltop.com ? com
1349Character Replacement www.nmdoltop.com ? com
1350Character Replacement www.nndiltop.com ? com
1351Character Replacement www.nndoktop.com ? com
1352Character Replacement www.nndolrop.com ? com
1353Character Replacement www.nndoltip.com ? com
1354Character Replacement www.nndoltoo.com ? com
1355Character Replacement www.nndoltpp.com ? com
1356Character Replacement www.nndolyop.com ? com
1357Character Replacement www.nndpltop.com ? com
1358Character Replacement www.nnfoltop.com ? com
1359Character Replacement www.nnsoltop.com ? com
1360Double Character Replacement eew.nndoltop.com ? com
1361Double Character Replacement qqw.nndoltop.com ? com
1362Double Character Replacement wee.nndoltop.com ? com
1363Double Character Replacement wqq.nndoltop.com ? com
1364Double Character Replacement www.bbdoltop.com ? com
1365Double Character Replacement www.mmdoltop.com ? com
1366Character Insertion weww.nndoltop.com ? com
1367Character Insertion wqww.nndoltop.com ? com
1368Character Insertion wwew.nndoltop.com ? com
1369Character Insertion wwqw.nndoltop.com ? com
1370Character Insertion www.nbndoltop.com ? com
1371Character Insertion www.nmndoltop.com ? com
1372Character Insertion www.nnbdoltop.com ? com
1373Character Insertion www.nndfoltop.com ? com
1374Character Insertion www.nndoiltop.com ? com
1375Character Insertion www.nndolktop.com ? com
1376Character Insertion www.nndoltoip.com ? com
1377Character Insertion www.nndoltopo.com ? com
1378Character Insertion www.nndoltrop.com ? com
1379Character Insertion www.nndoltyop.com ? com
1380Character Insertion www.nndopltop.com ? com
1381Character Insertion www.nndsoltop.com ? com
1382Character Insertion www.nnmdoltop.com ? com
1383Character Insertion wwwe.nndoltop.com ? com
1384Character Insertion wwwq.nndoltop.com ? com
1385Missing Dot wwwwww.nndoltop.com ? com
1386Singular or Pluralise nndoltop.com 94.102.51.111 NL,NETHERLANDS mail.nndoltop.com com
1387Singular or Pluralise nndoltops.com ? com
1388Homophones www.nndewltop.com ? com
1389Homophones www.nndoltwop.com ? com
1390Homophones www.nndueltop.com ? com
1391Bit Flipping 7ww.nndoltop.com ? com
1392Bit Flipping gww.nndoltop.com ? com
1393Bit Flipping sww.nndoltop.com ? com
1394Bit Flipping uww.nndoltop.com ? com
1395Bit Flipping vww.nndoltop.com ? com
1396Bit Flipping w7w.nndoltop.com ? com
1397Bit Flipping wgw.nndoltop.com ? com
1398Bit Flipping wsw.nndoltop.com ? com
1399Bit Flipping wuw.nndoltop.com ? com
1400Bit Flipping wvw.nndoltop.com ? com
1401Bit Flipping ww7.nndoltop.com ? com
1402Bit Flipping wwg.nndoltop.com ? com
1403Bit Flipping wws.nndoltop.com ? com
1404Bit Flipping wwu.nndoltop.com ? com
1405Bit Flipping wwv.nndoltop.com ? com
1406Bit Flipping www.fndoltop.com ? com
1407Bit Flipping www.jndoltop.com ? com
1408Bit Flipping www.lndoltop.com ? com
1409Bit Flipping www.n.doltop.com ? com
1410Bit Flipping www.nfdoltop.com ? com
1411Bit Flipping www.njdoltop.com ? com
1412Bit Flipping www.nldoltop.com ? com
1413Bit Flipping www.nndgltop.com ? com
1414Bit Flipping www.nndkltop.com ? com
1415Bit Flipping www.nndmltop.com ? com
1416Bit Flipping www.nndnltop.com ? com
1417Bit Flipping www.nndodtop.com ? com
1418Bit Flipping www.nndohtop.com ? com
1419Bit Flipping www.nndol4op.com ? com
1420Bit Flipping www.nndoldop.com ? com
1421Bit Flipping www.nndolpop.com ? com
1422Bit Flipping www.nndoltgp.com ? com
1423Bit Flipping www.nndoltkp.com ? com
1424Bit Flipping www.nndoltmp.com ? com
1425Bit Flipping www.nndoltnp.com ? com
1426Bit Flipping www.nndolto0.com ? com
1427Bit Flipping www.nndoltoq.com ? com
1428Bit Flipping www.nndoltor.com ? com
1429Bit Flipping www.nndoltot.com ? com
1430Bit Flipping www.nndoltox.com ? com
1431Bit Flipping www.nndoluop.com ? com
1432Bit Flipping www.nndolvop.com ? com
1433Bit Flipping www.nndomtop.com ? com
1434Bit Flipping www.nndontop.com ? com
1435Bit Flipping www.nneoltop.com ? com
1436Bit Flipping www.nnloltop.com ? com
1437Bit Flipping www.nntoltop.com ? com
1438Bit Flipping www.nodoltop.com ? com
1439Bit Flipping www.ondoltop.com ? com
1440Bit Flipping wwwnnndoltop.com ? com
1441Homoglyphs vvvvvv.nndoltop.com ? com
1442Homoglyphs vvvvw.nndoltop.com ? com
1443Homoglyphs vvwvv.nndoltop.com ? com
1444Homoglyphs vvww.nndoltop.com ? com
1445Homoglyphs wvvvv.nndoltop.com ? com
1446Homoglyphs wvvw.nndoltop.com ? com
1447Homoglyphs wwvv.nndoltop.com ? com
1448Homoglyphs www.nncloltop.com ? com
1449Homoglyphs www.nnd0lt0p.com ? com
1450Homoglyphs www.nnd0ltop.com ? com
1451Homoglyphs www.nndo1top.com ? com
1452Homoglyphs www.nndolt0p.com ? com
1453Wrong TLD nndoltop.ca ? ca
1454Wrong TLD nndoltop.ch ? ch
1455Wrong TLD nndoltop.de ? de
1456Wrong TLD nndoltop.edu ? edu
1457Wrong TLD nndoltop.es ? es
1458Wrong TLD nndoltop.fr ? fr
1459Wrong TLD nndoltop.it ? it
1460Wrong TLD nndoltop.jp ? jp
1461Wrong TLD nndoltop.net ? net
1462Wrong TLD nndoltop.nl ? nl
1463Wrong TLD nndoltop.no ? no
1464Wrong TLD nndoltop.org ? org
1465Wrong TLD nndoltop.ru ? ru
1466Wrong TLD nndoltop.se ? se
1467Wrong TLD nndoltop.us ? us
1468#################################################################################################################################
1469[+] www.nndoltop.com has no SPF record!
1470[*] No DMARC record found. Looking for organizational record
1471[+] No organizational DMARC record
1472[+] Spoofing possible for www.nndoltop.com!
1473#################################################################################################################################
1474WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1475Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:46 EDT
1476Nmap scan report for www.nndoltop.com (94.102.51.111)
1477Host is up (0.17s latency).
1478Not shown: 486 filtered ports, 1 closed port
1479Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1480PORT STATE SERVICE
148122/tcp open ssh
148225/tcp open smtp
148353/tcp open domain
148480/tcp open http
1485110/tcp open pop3
1486143/tcp open imap
1487465/tcp open smtps
1488993/tcp open imaps
1489995/tcp open pop3s
1490
1491Nmap done: 1 IP address (1 host up) scanned in 5.75 seconds
1492#################################################################################################################################
1493Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:46 EDT
1494Nmap scan report for www.nndoltop.com (94.102.51.111)
1495Host is up.
1496
1497PORT STATE SERVICE
149853/udp open|filtered domain
149967/udp open|filtered dhcps
150068/udp open|filtered dhcpc
150169/udp open|filtered tftp
150288/udp open|filtered kerberos-sec
1503123/udp open|filtered ntp
1504137/udp open|filtered netbios-ns
1505138/udp open|filtered netbios-dgm
1506139/udp open|filtered netbios-ssn
1507161/udp open|filtered snmp
1508162/udp open|filtered snmptrap
1509389/udp open|filtered ldap
1510500/udp open|filtered isakmp
1511520/udp open|filtered route
15122049/udp open|filtered nfs
1513
1514Nmap done: 1 IP address (1 host up) scanned in 5.27 seconds
1515#################################################################################################################################
1516Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:46 EDT
1517NSE: Loaded 51 scripts for scanning.
1518NSE: Script Pre-scanning.
1519Initiating NSE at 18:46
1520Completed NSE at 18:46, 0.00s elapsed
1521Initiating NSE at 18:46
1522Completed NSE at 18:46, 0.00s elapsed
1523Initiating Parallel DNS resolution of 1 host. at 18:46
1524Completed Parallel DNS resolution of 1 host. at 18:46, 0.02s elapsed
1525Initiating SYN Stealth Scan at 18:46
1526Scanning www.nndoltop.com (94.102.51.111) [1 port]
1527Discovered open port 22/tcp on 94.102.51.111
1528Completed SYN Stealth Scan at 18:46, 0.20s elapsed (1 total ports)
1529Initiating Service scan at 18:46
1530Scanning 1 service on www.nndoltop.com (94.102.51.111)
1531Completed Service scan at 18:49, 155.70s elapsed (1 service on 1 host)
1532Initiating OS detection (try #1) against www.nndoltop.com (94.102.51.111)
1533Retrying OS detection (try #2) against www.nndoltop.com (94.102.51.111)
1534Initiating Traceroute at 18:49
1535Completed Traceroute at 18:49, 3.01s elapsed
1536Initiating Parallel DNS resolution of 6 hosts. at 18:49
1537Completed Parallel DNS resolution of 6 hosts. at 18:49, 0.13s elapsed
1538NSE: Script scanning 94.102.51.111.
1539Initiating NSE at 18:49
1540Completed NSE at 18:49, 5.36s elapsed
1541Initiating NSE at 18:49
1542Completed NSE at 18:49, 1.17s elapsed
1543Nmap scan report for www.nndoltop.com (94.102.51.111)
1544Host is up (0.16s latency).
1545
1546PORT STATE SERVICE VERSION
154722/tcp open ssh?
1548|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
1549|_ssh-brute: ERROR: Script execution failed (use -d to debug)
1550|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
1551|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
1552|_ssh-run: ERROR: Script execution failed (use -d to debug)
1553Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1554Device type: WAP|general purpose|specialized|broadband router
1555Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1556OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1557Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1558No exact OS matches for host (test conditions non-ideal).
1559Network Distance: 7 hops
1560TCP Sequence Prediction: Difficulty=264 (Good luck!)
1561IP ID Sequence Generation: All zeros
1562
1563TRACEROUTE (using port 22/tcp)
1564HOP RTT ADDRESS
15651 133.60 ms 10.203.13.1
15662 ...
15673 134.64 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
15684 134.46 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
15695 140.15 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
15706 141.11 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
15717 126.31 ms 94.102.51.111
1572
1573NSE: Script Post-scanning.
1574Initiating NSE at 18:49
1575Completed NSE at 18:49, 0.00s elapsed
1576Initiating NSE at 18:49
1577Completed NSE at 18:49, 0.00s elapsed
1578#################################################################################################################################
1579Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:50 EDT
1580NSE: Loaded 55 scripts for scanning.
1581NSE: Script Pre-scanning.
1582Initiating NSE at 18:50
1583Completed NSE at 18:50, 0.00s elapsed
1584Initiating NSE at 18:50
1585Completed NSE at 18:50, 0.00s elapsed
1586Initiating Parallel DNS resolution of 1 host. at 18:50
1587Completed Parallel DNS resolution of 1 host. at 18:50, 0.02s elapsed
1588Initiating SYN Stealth Scan at 18:50
1589Scanning www.nndoltop.com (94.102.51.111) [1 port]
1590Discovered open port 25/tcp on 94.102.51.111
1591Completed SYN Stealth Scan at 18:50, 0.20s elapsed (1 total ports)
1592Initiating Service scan at 18:50
1593Scanning 1 service on www.nndoltop.com (94.102.51.111)
1594Completed Service scan at 18:50, 0.34s elapsed (1 service on 1 host)
1595Initiating OS detection (try #1) against www.nndoltop.com (94.102.51.111)
1596Retrying OS detection (try #2) against www.nndoltop.com (94.102.51.111)
1597Initiating Traceroute at 18:50
1598Completed Traceroute at 18:50, 3.15s elapsed
1599Initiating Parallel DNS resolution of 9 hosts. at 18:50
1600Completed Parallel DNS resolution of 9 hosts. at 18:50, 0.13s elapsed
1601NSE: Script scanning 94.102.51.111.
1602Initiating NSE at 18:50
1603Completed NSE at 18:50, 1.66s elapsed
1604Initiating NSE at 18:50
1605Completed NSE at 18:50, 0.00s elapsed
1606Nmap scan report for www.nndoltop.com (94.102.51.111)
1607Host is up (0.17s latency).
1608
1609PORT STATE SERVICE VERSION
161025/tcp open smtp Exim smtpd 4.89
1611|_smtp-commands: SMTP EHLO www.nndoltop.com: failed to receive data: connection closed
1612| smtp-enum-users:
1613|_ Method RCPT returned a unhandled status code.
1614|_smtp-open-relay: SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
1615| smtp-vuln-cve2010-4344:
1616| Exim version: 4.89
1617| Exim heap overflow vulnerability (CVE-2010-4344):
1618| Exim (CVE-2010-4344): NOT VULNERABLE
1619| Exim privileges escalation vulnerability (CVE-2010-4345):
1620| Exim (CVE-2010-4345): NOT VULNERABLE
1621|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
1622| vulners:
1623| cpe:/a:exim:exim:4.89:
1624| CVE-2019-15846 10.0 https://vulners.com/cve/CVE-2019-15846
1625| CVE-2019-13917 10.0 https://vulners.com/cve/CVE-2019-13917
1626| CVE-2019-10149 7.5 https://vulners.com/cve/CVE-2019-10149
1627| CVE-2018-6789 7.5 https://vulners.com/cve/CVE-2018-6789
1628| CVE-2017-16943 7.5 https://vulners.com/cve/CVE-2017-16943
1629| CVE-2017-16944 5.0 https://vulners.com/cve/CVE-2017-16944
1630|_ CVE-2017-1000369 2.1 https://vulners.com/cve/CVE-2017-1000369
1631Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1632Device type: WAP|specialized|general purpose|broadband router
1633Running (JUST GUESSING): Linux 2.4.X|2.6.X (96%), Philips embedded (94%), Crestron 2-Series (93%), Asus embedded (92%)
1634OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/o:linux:linux_kernel:2.4.18 cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1635Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), Philips Hue Bridge 2.0 (Linux) (94%), Crestron XPanel control system (93%), Linux 2.4.18 (92%), OpenWrt (Linux 2.4.32) (92%), Asus RT-AC66U router (Linux 2.6) (92%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (92%), Linux 2.6.18 (92%)
1636No exact OS matches for host (test conditions non-ideal).
1637Network Distance: 12 hops
1638TCP Sequence Prediction: Difficulty=261 (Good luck!)
1639IP ID Sequence Generation: All zeros
1640Service Info: Host: a13s08.host.com
1641
1642TRACEROUTE (using port 25/tcp)
1643HOP RTT ADDRESS
16441 135.72 ms 10.203.13.1
16452 ...
16463 136.21 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
16474 136.17 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
16485 141.73 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
16496 141.79 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
16507 161.98 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
16518 ...
16529 163.46 ms 195.122.181.130
165310 168.23 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
165411 ...
165512 170.65 ms 94.102.51.111
1656
1657NSE: Script Post-scanning.
1658Initiating NSE at 18:50
1659Completed NSE at 18:50, 0.00s elapsed
1660Initiating NSE at 18:50
1661Completed NSE at 18:50, 0.00s elapsed
1662#################################################################################################################################
1663Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:52 EDT
1664NSE: Loaded 64 scripts for scanning.
1665NSE: Script Pre-scanning.
1666Initiating NSE at 18:52
1667Completed NSE at 18:52, 0.00s elapsed
1668Initiating NSE at 18:52
1669Completed NSE at 18:52, 0.00s elapsed
1670Initiating Parallel DNS resolution of 1 host. at 18:52
1671Completed Parallel DNS resolution of 1 host. at 18:52, 0.02s elapsed
1672Initiating SYN Stealth Scan at 18:52
1673Scanning www.nndoltop.com (94.102.51.111) [1 port]
1674Discovered open port 53/tcp on 94.102.51.111
1675Completed SYN Stealth Scan at 18:52, 0.21s elapsed (1 total ports)
1676Initiating Service scan at 18:52
1677Scanning 1 service on www.nndoltop.com (94.102.51.111)
1678Completed Service scan at 18:52, 6.35s elapsed (1 service on 1 host)
1679Initiating OS detection (try #1) against www.nndoltop.com (94.102.51.111)
1680Retrying OS detection (try #2) against www.nndoltop.com (94.102.51.111)
1681Initiating Traceroute at 18:52
1682Completed Traceroute at 18:52, 3.14s elapsed
1683Initiating Parallel DNS resolution of 9 hosts. at 18:52
1684Completed Parallel DNS resolution of 9 hosts. at 18:52, 0.13s elapsed
1685NSE: Script scanning 94.102.51.111.
1686Initiating NSE at 18:52
1687Completed NSE at 18:52, 13.48s elapsed
1688Initiating NSE at 18:52
1689Completed NSE at 18:52, 0.00s elapsed
1690Nmap scan report for www.nndoltop.com (94.102.51.111)
1691Host is up (0.17s latency).
1692
1693PORT STATE SERVICE VERSION
169453/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1695|_dns-fuzz: Server didn't response to our probe, can't fuzz
1696| dns-nsec-enum:
1697|_ No NSEC records found
1698| dns-nsec3-enum:
1699|_ DNSSEC NSEC3 not supported
1700| dns-nsid:
1701|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
1702| vulners:
1703| cpe:/a:isc:bind:9.9.4:
1704| CVE-2015-4620 7.8 https://vulners.com/cve/CVE-2015-4620
1705| CVE-2014-8500 7.8 https://vulners.com/cve/CVE-2014-8500
1706| CVE-2017-3141 7.2 https://vulners.com/cve/CVE-2017-3141
1707| CVE-2015-8461 7.1 https://vulners.com/cve/CVE-2015-8461
1708| CVE-2015-1349 5.4 https://vulners.com/cve/CVE-2015-1349
1709| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
1710| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
1711| CVE-2016-9131 5.0 https://vulners.com/cve/CVE-2016-9131
1712| CVE-2016-8864 5.0 https://vulners.com/cve/CVE-2016-8864
1713| CVE-2016-1286 5.0 https://vulners.com/cve/CVE-2016-1286
1714| CVE-2015-8000 5.0 https://vulners.com/cve/CVE-2015-8000
1715| CVE-2019-6465 4.3 https://vulners.com/cve/CVE-2019-6465
1716| CVE-2018-5743 4.3 https://vulners.com/cve/CVE-2018-5743
1717| CVE-2018-5742 4.3 https://vulners.com/cve/CVE-2018-5742
1718| CVE-2017-3143 4.3 https://vulners.com/cve/CVE-2017-3143
1719| CVE-2017-3142 4.3 https://vulners.com/cve/CVE-2017-3142
1720| CVE-2017-3136 4.3 https://vulners.com/cve/CVE-2017-3136
1721| CVE-2016-2775 4.3 https://vulners.com/cve/CVE-2016-2775
1722| CVE-2016-1285 4.3 https://vulners.com/cve/CVE-2016-1285
1723| CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
1724| CVE-2016-6170 4.0 https://vulners.com/cve/CVE-2016-6170
1725|_ CVE-2018-5745 3.5 https://vulners.com/cve/CVE-2018-5745
1726Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1727Device type: WAP|general purpose|specialized|broadband router
1728Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1729OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1730Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1731No exact OS matches for host (test conditions non-ideal).
1732Network Distance: 12 hops
1733TCP Sequence Prediction: Difficulty=248 (Good luck!)
1734IP ID Sequence Generation: All zeros
1735Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1736
1737Host script results:
1738| dns-blacklist:
1739| SPAM
1740|_ l2.apews.org - SPAM
1741| dns-brute:
1742| DNS Brute-force hostnames:
1743| mail.nndoltop.com - 94.102.51.111
1744| www.nndoltop.com - 94.102.51.111
1745| ftp.nndoltop.com - 94.102.51.111
1746|_ smtp.nndoltop.com - 94.102.51.111
1747
1748TRACEROUTE (using port 53/tcp)
1749HOP RTT ADDRESS
17501 133.30 ms 10.203.13.1
17512 ...
17523 130.80 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
17534 131.20 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
17545 136.38 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
17556 136.42 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
17567 136.94 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
17578 ...
17589 161.99 ms 195.122.181.130
175910 168.03 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
176011 ...
176112 169.50 ms 94.102.51.111
1762
1763NSE: Script Post-scanning.
1764Initiating NSE at 18:52
1765Completed NSE at 18:52, 0.00s elapsed
1766Initiating NSE at 18:52
1767Completed NSE at 18:52, 0.00s elapsed
1768#################################################################################################################################
1769HTTP/1.1 200 OK
1770Server: nginx
1771Date: Wed, 18 Mar 2020 22:52:29 GMT
1772Content-Type: text/html
1773Connection: keep-alive
1774Vary: Accept-Encoding
1775
1776Allow: POST,OPTIONS,GET,HEAD,TRACE
1777#################################################################################################################################
1778http://www.honey-ultra.com/honeyultrasms.jpg
1779http://www.nndoltop.com/cgi-bin/accounts.cgi
1780http://www.nndoltop.com/cgi-bin/accounts.cgi?login
1781http://www.nndoltop.com/cgi-bin/out.cgi?id=1000mo&url=http%3a%2f%2f1000models.net%2f
1782http://www.nndoltop.com/cgi-bin/out.cgi?id=100nn&url=http%3a%2f%2f100nonude.net
1783http://www.nndoltop.com/cgi-bin/out.cgi?id=alena&url=http%3a%2f%2fwww.alenamodel.com
1784http://www.nndoltop.com/cgi-bin/out.cgi?id=alesea&url=http%3a%2f%2fwww.aleseamodel.com
1785http://www.nndoltop.com/cgi-bin/out.cgi?id=andy&url=http%3a%2f%2fwww.andypioneer.com%2fcgi-bin%2frankem.cgi%3fid%3ddolltop
1786http://www.nndoltop.com/cgi-bin/out.cgi?id=bcma&url=http%3a%2f%2fwww.bestcma.com%2f
1787http://www.nndoltop.com/cgi-bin/out.cgi?id=candy&url=http%3a%2f%2fcandydoll-chan.com
1788http://www.nndoltop.com/cgi-bin/out.cgi?id=cenobegu&url=http%3a%2f%2fwww.nnmodsets.com%2fallpaidsites%2f
1789http://www.nndoltop.com/cgi-bin/out.cgi?id=cmamag&url=http%3a%2f%2fwww.cmamag.com
1790http://www.nndoltop.com/cgi-bin/out.cgi?id=cmas&url=http%3a%2f%2fwww.cma-starts.com
1791http://www.nndoltop.com/cgi-bin/out.cgi?id=cmavid&url=http%3a%2f%2fwww.cma-video.com%2f
1792http://www.nndoltop.com/cgi-bin/out.cgi?id=cool&url=http%3a%2f%2fwww.coolnymph.com%2fcgi-bin%2frankem.cgi%3fid%3ddolltop
1793http://www.nndoltop.com/cgi-bin/out.cgi?id=dream&url=http%3a%2f%2fdream-models.net
1794http://www.nndoltop.com/cgi-bin/out.cgi?id=drvid&url=http%3a%2f%2fdream-video.com%2f
1795http://www.nndoltop.com/cgi-bin/out.cgi?id=dukalohe&url=http%3a%2f%2fpetite-teens.net%2fcgi-bin%2fin.cgi%3fid%3d136
1796http://www.nndoltop.com/cgi-bin/out.cgi?id=eros&url=http%3a%2f%2fwww.modland.info%2feros%2f
1797http://www.nndoltop.com/cgi-bin/out.cgi?id=fashi&url=http%3a%2f%2fmodels-fashion.net
1798http://www.nndoltop.com/cgi-bin/out.cgi?id=finej&url=http%3a%2f%2fwww.fine-julia.com%2f
1799http://www.nndoltop.com/cgi-bin/out.cgi?id=fine&url=http%3a%2f%2fwww.fteenimg.com
1800http://www.nndoltop.com/cgi-bin/out.cgi?id=gala&url=http%3a%2f%2fwww.goodtalens.com%2fgala%2f
1801http://www.nndoltop.com/cgi-bin/out.cgi?id=good&url=http%3a%2f%2fwww.goodtalens.com
1802http://www.nndoltop.com/cgi-bin/out.cgi?id=honeys&url=http%3a%2f%2fwww.hongirls.com%2f
1803http://www.nndoltop.com/cgi-bin/out.cgi?id=img3d&url=http%3a%2f%2fwww.fineimages3d.com%2f
1804http://www.nndoltop.com/cgi-bin/out.cgi?id=iraa&url=http%3a%2f%2fwww.iramodel.com
1805http://www.nndoltop.com/cgi-bin/out.cgi?id=jipaniki&url=http%3a%2f%2fwww.preteen-art.com%2f
1806http://www.nndoltop.com/cgi-bin/out.cgi?id=katmod&url=http%3a%2f%2fwww.katmod.com%2f
1807http://www.nndoltop.com/cgi-bin/out.cgi?id=lina&url=http%3a%2f%2fwww.linamodel.net%2f
1808http://www.nndoltop.com/cgi-bin/out.cgi?id=lolwo&url=http%3a%2f%2flol.world-collections.com%2fcgi-bin%2ftop%2fin.cgi%3fid%3d880
1809http://www.nndoltop.com/cgi-bin/out.cgi?id=luisa&url=http%3a%2f%2fwww.luisamodel.com%2f
1810http://www.nndoltop.com/cgi-bin/out.cgi?id=masha&url=http%3a%2f%2fwww.goodtalens.com%2fmasha%2f
1811http://www.nndoltop.com/cgi-bin/out.cgi?id=moblo&url=http%3a%2f%2fnnmodelblog.com%2f
1812http://www.nndoltop.com/cgi-bin/out.cgi?id=models&url=http%3a%2f%2fwww.models-top.com%2fcgi-bin%2frankem.cgi%3fid%3ddolltop
1813http://www.nndoltop.com/cgi-bin/out.cgi?id=modlin&url=http%3a%2f%2fwww.modlinka.com
1814http://www.nndoltop.com/cgi-bin/out.cgi?id=mymod&url=http%3a%2f%2fmy-models.net%2f
1815http://www.nndoltop.com/cgi-bin/out.cgi?id=newadd&url=http%3a%2f%2fwww.goodtalens.com%2fnewadd%2f
1816http://www.nndoltop.com/cgi-bin/out.cgi?id=newcma&url=http%3a%2f%2fnewyear.modlinka.com
1817http://www.nndoltop.com/cgi-bin/out.cgi?id=nnbook&url=http%3a%2f%2fnonubook.com
1818http://www.nndoltop.com/cgi-bin/out.cgi?id=nnchan&url=http%3a%2f%2fnonu-chan.com
1819http://www.nndoltop.com/cgi-bin/out.cgi?id=nnclub&url=http%3a%2f%2fnonuclub.com
1820http://www.nndoltop.com/cgi-bin/out.cgi?id=nndol&url=http%3a%2f%2fwww.nndolmod.com
1821http://www.nndoltop.com/cgi-bin/out.cgi?id=nnmagaz&url=http%3a%2f%2fnn-magazine.com
1822http://www.nndoltop.com/cgi-bin/out.cgi?id=nnmds&url=http%3a%2f%2fnonublog.com
1823http://www.nndoltop.com/cgi-bin/out.cgi?id=nonbbs&url=http%3a%2f%2fnnbbs.net
1824http://www.nndoltop.com/cgi-bin/out.cgi?id=nonudere&url=http%3a%2f%2fnonude.re
1825http://www.nndoltop.com/cgi-bin/out.cgi?id=nonufo&url=http%3a%2f%2fnonuforum.com%2f
1826http://www.nndoltop.com/cgi-bin/out.cgi?id=nonuwad3&url=http%3a%2f%2fnonude-top.xyz%2fcgi-bin%2fin.cgi%3fid%3d57
1827http://www.nndoltop.com/cgi-bin/out.cgi?id=nostar&url=http%3a%2f%2fnonustars.com%2fcgi-bin%2fin.cgi%3fid%3d84
1828http://www.nndoltop.com/cgi-bin/out.cgi?id=olam&url=http%3a%2f%2fwww.olamodel.com%2f
1829http://www.nndoltop.com/cgi-bin/out.cgi?id=olesya&url=http%3a%2f%2fwww.olesyamodel.com
1830http://www.nndoltop.com/cgi-bin/out.cgi?id=olyam&url=http%3a%2f%2fwww.olyamodel.com
1831http://www.nndoltop.com/cgi-bin/out.cgi?id=play&url=http%3a%2f%2fwww.playing-girl.com
1832http://www.nndoltop.com/cgi-bin/out.cgi?id=rejoxasa&url=http%3a%2f%2fwww.nnmodsets.com%2fallpaidsites%2f
1833http://www.nndoltop.com/cgi-bin/out.cgi?id=share&url=http%3a%2f%2fshare-chan.com
1834http://www.nndoltop.com/cgi-bin/out.cgi?id=stars&url=http%3a%2f%2fwww.goodtalens.com%2fstars%2f
1835http://www.nndoltop.com/cgi-bin/out.cgi?id=summer&url=http%3a%2f%2fwww.summmerdays.com%2f
1836http://www.nndoltop.com/cgi-bin/out.cgi?id=svetam&url=http%3a%2f%2fwww.svetamodel.com
1837http://www.nndoltop.com/cgi-bin/out.cgi?id=sveta&url=http%3a%2f%2fwww.svetamodel.net%2fcgi-bin%2ftop%2frankem.cgi%3fid%3ddolltop
1838http://www.nndoltop.com/cgi-bin/out.cgi?id=svetlana&url=http%3a%2f%2fwww.svetlanamodel.com%2f
1839http://www.nndoltop.com/cgi-bin/out.cgi?id=sweetm2&url=http%3a%2f%2fwww.goodtalens.com%2fusenet%2f
1840http://www.nndoltop.com/cgi-bin/out.cgi?id=sweetmod&url=http%3a%2f%2fsweetmodels.net%2ftop-list%2f%3fide%3d552
1841http://www.nndoltop.com/cgi-bin/out.cgi?id=sweet&url=http%3a%2f%2ftop.modlinka.com%2fcgi-bin%2frankem.cgi%3fid%3dnndol
1842http://www.nndoltop.com/cgi-bin/out.cgi?id=swmod&url=http%3a%2f%2ftop.models-list.org%2fcgi-bin%2fin.cgi%3fid%3d125
1843http://www.nndoltop.com/cgi-bin/out.cgi?id=talents&url=http%3a%2f%2fwww.talyoungart.com
1844http://www.nndoltop.com/cgi-bin/out.cgi?id=tart&url=http%3a%2f%2fwww.goodtalens.com%2ftalent%2f
1845http://www.nndoltop.com/cgi-bin/out.cgi?id=teenbl&url=http%3a%2f%2fteensblog.net%2f
1846http://www.nndoltop.com/cgi-bin/out.cgi?id=they18&url=http%3a%2f%2f18they.com%2fcgi-bin%2ftop100%2fin.cgi%3fid%3d30
1847http://www.nndoltop.com/cgi-bin/out.cgi?id=thin&url=http%3a%2f%2fmodlinka.com%2fthind%2f
1848http://www.nndoltop.com/cgi-bin/out.cgi?id=tiana&url=http%3a%2f%2fwww.tianamodel.com%2f
1849http://www.nndoltop.com/cgi-bin/out.cgi?id=ultra&url=http%3a%2f%2fwww.honey-ultra.com%2f
1850http://www.nndoltop.com/cgi-bin/out.cgi?id=vasia&url=http%3a%2f%2fwww.vasilisamodel.com%2f
1851http://www.nndoltop.com/cgi-bin/out.cgi?id=vinka&url=http%3a%2f%2fwww.vinkamodel.com%2f
1852http://www.nndoltop.com/cgi-bin/out.cgi?id=wont&url=http%3a%2f%2fwww.wonteens.com%2f
1853http://www.nndoltop.com/cgi-bin/out.cgi?id=wowmod&url=http%3a%2f%2fwww.wownm.com
1854http://www.nndoltop.com/cgi-bin/out.cgi?id=yood&url=http%3a%2f%2fyour-model.com
1855http://www.nndoltop.com/cgi-bin/out.cgi?id=young&url=http%3a%2f%2fwww.young-models.info%2fcgi-bin%2frankem.cgi%3fid%3ddolltop
1856http://www.talyoungart.com/talentyoungart.jpg
1857-//W3C//DTD HTML 4.0 Transitional//EN
1858#################################################################################################################################
1859
1860wig - WebApp Information Gatherer
1861
1862
1863Scanning http://www.nndoltop.com...
1864_________________________________________ SITE INFO _________________________________________
1865IP Title
186694.102.51.111 Nonude Doll Top Best
1867
1868__________________________________________ VERSION __________________________________________
1869Name Versions Type
1870phpMyAdmin 4_4_15_8 CMS
1871Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1872 2.4.9
1873PHP 5.4.45 Platform
1874nginx Platform
1875FreeBSD 10 | 11 OS
1876OpenBSD 5.9 OS
1877
1878_____________________________________________________________________________________________
1879Time: 45.1 sec Urls: 726 Fingerprints: 40401
1880#################################################################################################################################
1881Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:53 EDT
1882NSE: Loaded 161 scripts for scanning.
1883NSE: Script Pre-scanning.
1884Initiating NSE at 18:53
1885Completed NSE at 18:53, 0.00s elapsed
1886Initiating NSE at 18:53
1887Completed NSE at 18:53, 0.00s elapsed
1888Initiating Parallel DNS resolution of 1 host. at 18:53
1889Completed Parallel DNS resolution of 1 host. at 18:53, 0.02s elapsed
1890Initiating SYN Stealth Scan at 18:53
1891Scanning www.nndoltop.com (94.102.51.111) [1 port]
1892Discovered open port 80/tcp on 94.102.51.111
1893Completed SYN Stealth Scan at 18:53, 0.21s elapsed (1 total ports)
1894Initiating Service scan at 18:53
1895Scanning 1 service on www.nndoltop.com (94.102.51.111)
1896Completed Service scan at 18:53, 6.35s elapsed (1 service on 1 host)
1897Initiating OS detection (try #1) against www.nndoltop.com (94.102.51.111)
1898Retrying OS detection (try #2) against www.nndoltop.com (94.102.51.111)
1899Initiating Traceroute at 18:53
1900Completed Traceroute at 18:53, 3.15s elapsed
1901Initiating Parallel DNS resolution of 9 hosts. at 18:53
1902Completed Parallel DNS resolution of 9 hosts. at 18:53, 1.14s elapsed
1903NSE: Script scanning 94.102.51.111.
1904Initiating NSE at 18:53
1905Completed NSE at 18:54, 43.16s elapsed
1906Initiating NSE at 18:54
1907Completed NSE at 18:54, 0.69s elapsed
1908Nmap scan report for www.nndoltop.com (94.102.51.111)
1909Host is up (0.17s latency).
1910
1911PORT STATE SERVICE VERSION
191280/tcp open http nginx
1913| http-brute:
1914|_ Path "/" does not require authentication
1915|_http-chrono: Request times for /; avg: 1177.06ms; min: 1073.08ms; max: 1278.26ms
1916|_http-csrf: Couldn't find any CSRF vulnerabilities.
1917|_http-date: Wed, 18 Mar 2020 22:53:48 GMT; -7s from local time.
1918|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1919|_http-dombased-xss: Couldn't find any DOM based XSS.
1920|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1921|_http-errors: Couldn't find any error pages.
1922|_http-feed: Couldn't find any feeds.
1923|_http-fetch: Please enter the complete path of the directory to save data in.
1924|_http-generator: Microsoft FrontPage 5.0
1925| http-headers:
1926| Server: nginx
1927| Date: Wed, 18 Mar 2020 22:53:49 GMT
1928| Content-Type: text/html
1929| Connection: close
1930| Vary: Accept-Encoding
1931|
1932|_ (Request type: HEAD)
1933|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1934| http-methods:
1935| Supported Methods: POST OPTIONS GET HEAD TRACE
1936|_ Potentially risky methods: TRACE
1937|_http-mobileversion-checker: No mobile version detected.
1938| http-php-version: Logo query returned unknown hash 30ce5016b54e0fbd671ea638870b2e47
1939|_Credits query returned unknown hash 30ce5016b54e0fbd671ea638870b2e47
1940|_http-security-headers:
1941| http-sitemap-generator:
1942| Directory structure:
1943| /
1944| Other: 1; jpg: 3
1945| /models/
1946| Other: 1
1947| Longest directory structure:
1948| Depth: 1
1949| Dir: /models/
1950| Total files found (by extension):
1951|_ Other: 2; jpg: 3
1952|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1953|_http-title: Nonude Doll Top Best
1954| http-vhosts:
1955|_127 names had status 200
1956|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
1957|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1958|_http-xssed: No previously reported XSS vuln.
1959Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1960Device type: WAP|general purpose|specialized|broadband router
1961Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
1962OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
1963Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
1964No exact OS matches for host (test conditions non-ideal).
1965Network Distance: 12 hops
1966TCP Sequence Prediction: Difficulty=253 (Good luck!)
1967IP ID Sequence Generation: All zeros
1968
1969TRACEROUTE (using port 80/tcp)
1970HOP RTT ADDRESS
19711 134.47 ms 10.203.13.1
19722 ...
19733 134.99 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
19744 134.97 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
19755 140.22 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
19766 140.51 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
19777 152.86 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
19788 ...
19799 161.48 ms 195.122.181.130
198010 169.73 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
198111 ...
198212 165.60 ms 94.102.51.111
1983
1984NSE: Script Post-scanning.
1985Initiating NSE at 18:54
1986Completed NSE at 18:54, 0.00s elapsed
1987Initiating NSE at 18:54
1988Completed NSE at 18:54, 0.00s elapsed
1989##################################################################################################################################
1990Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:00 EDT
1991NSE: Loaded 49 scripts for scanning.
1992NSE: Script Pre-scanning.
1993Initiating NSE at 19:00
1994Completed NSE at 19:00, 0.00s elapsed
1995Initiating NSE at 19:00
1996Completed NSE at 19:00, 0.00s elapsed
1997Initiating Ping Scan at 19:00
1998Scanning www.nndoltop.com (94.102.51.111) [4 ports]
1999Completed Ping Scan at 19:00, 0.21s elapsed (1 total hosts)
2000Initiating Parallel DNS resolution of 1 host. at 19:00
2001Completed Parallel DNS resolution of 1 host. at 19:00, 0.02s elapsed
2002Initiating SYN Stealth Scan at 19:00
2003Scanning www.nndoltop.com (94.102.51.111) [1 port]
2004Discovered open port 110/tcp on 94.102.51.111
2005Completed SYN Stealth Scan at 19:00, 0.22s elapsed (1 total ports)
2006Initiating Service scan at 19:00
2007Scanning 1 service on www.nndoltop.com (94.102.51.111)
2008Completed Service scan at 19:00, 0.34s elapsed (1 service on 1 host)
2009Initiating OS detection (try #1) against www.nndoltop.com (94.102.51.111)
2010Retrying OS detection (try #2) against www.nndoltop.com (94.102.51.111)
2011Initiating Traceroute at 19:00
2012Completed Traceroute at 19:00, 3.16s elapsed
2013Initiating Parallel DNS resolution of 9 hosts. at 19:00
2014Completed Parallel DNS resolution of 9 hosts. at 19:00, 0.13s elapsed
2015NSE: Script scanning 94.102.51.111.
2016Initiating NSE at 19:00
2017NSE Timing: About 68.66% done; ETC: 19:01 (0:00:30 remaining)
2018Completed NSE at 19:01, 90.58s elapsed
2019Initiating NSE at 19:01
2020Completed NSE at 19:01, 0.05s elapsed
2021Nmap scan report for www.nndoltop.com (94.102.51.111)
2022Host is up (0.17s latency).
2023
2024PORT STATE SERVICE VERSION
2025110/tcp open pop3 Dovecot pop3d
2026|_pop3-capabilities: RESP-CODES UIDL CAPA AUTH-RESP-CODE USER TOP SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) STLS PIPELINING
2027Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2028Device type: WAP|general purpose|specialized
2029Running (JUST GUESSING): Linux 2.6.X|2.4.X (98%), Philips embedded (90%), Crestron 2-Series (90%)
2030OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series
2031Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (98%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%)
2032No exact OS matches for host (test conditions non-ideal).
2033Network Distance: 12 hops
2034TCP Sequence Prediction: Difficulty=256 (Good luck!)
2035IP ID Sequence Generation: All zeros
2036
2037TRACEROUTE (using port 443/tcp)
2038HOP RTT ADDRESS
20391 133.70 ms 10.203.13.1
20402 ...
20413 134.42 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
20424 134.38 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
20435 138.88 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
20446 135.69 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
20457 135.91 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
20468 ...
20479 160.70 ms 195.122.181.130
204810 167.78 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
204911 ...
205012 170.37 ms 94.102.51.111
2051
2052NSE: Script Post-scanning.
2053Initiating NSE at 19:01
2054Completed NSE at 19:01, 0.00s elapsed
2055Initiating NSE at 19:01
2056Completed NSE at 19:01, 0.00s elapsed
2057#################################################################################################################################
2058--------------------------------------------------------
2059<<<Yasuo discovered following vulnerable applications>>>
2060--------------------------------------------------------
2061+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2062| App Name | URL to Application | Potential Exploit | Username | Password |
2063+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2064| phpMyAdmin | http://94.102.51.111:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2065+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2066#################################################################################################################################
2067Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:36 EDT
2068Nmap scan report for 94.102.51.111
2069Host is up (0.17s latency).
2070Not shown: 466 filtered ports, 1 closed port
2071Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2072PORT STATE SERVICE VERSION
207322/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2074| ssh-hostkey:
2075| 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
2076| 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
2077|_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
207825/tcp open smtp Exim smtpd 4.89
2079| smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2080|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2081| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2082| Not valid before: 2018-03-05T07:49:40
2083|_Not valid after: 2028-03-02T07:49:40
2084|_ssl-date: TLS randomness does not represent time
208553/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2086| dns-nsid:
2087|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
208880/tcp open http nginx
2089|_http-generator: Microsoft FrontPage 5.0
2090| http-methods:
2091|_ Potentially risky methods: TRACE
2092|_http-title: Andy Pioneer Top Sites
2093110/tcp open pop3 Dovecot pop3d
2094|_pop3-capabilities: RESP-CODES CAPA STLS USER PIPELINING SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) UIDL AUTH-RESP-CODE TOP
2095|_ssl-date: TLS randomness does not represent time
2096143/tcp open imap Dovecot imapd
2097|_imap-capabilities: listed ID AUTH=CRAM-MD5A0001 IDLE OK LOGIN-REFERRALS LITERAL+ STARTTLS more have post-login AUTH=PLAIN AUTH=DIGEST-MD5 SASL-IR capabilities Pre-login IMAP4rev1 AUTH=LOGIN ENABLE
2098|_ssl-date: TLS randomness does not represent time
2099465/tcp open ssl/smtp Exim smtpd 4.89
2100| smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
2101|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2102| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2103| Not valid before: 2018-03-05T07:49:40
2104|_Not valid after: 2028-03-02T07:49:40
2105|_ssl-date: TLS randomness does not represent time
2106993/tcp open ssl/imaps?
2107|_ssl-date: TLS randomness does not represent time
2108995/tcp open ssl/pop3s?
2109|_ssl-date: TLS randomness does not represent time
2110Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (90%), Asus RT-AC66U router (Linux 2.6) (89%), Asus RT-N16 WAP (Linux 2.6) (89%), Asus RT-N66U WAP (Linux 2.6) (89%), Tomato 1.28 (Linux 2.6.22) (89%), Crestron XPanel control system (88%), OpenWrt (Linux 2.4.32) (88%)
2111No exact OS matches for host (test conditions non-ideal).
2112Network Distance: 12 hops
2113Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2114
2115TRACEROUTE (using port 993/tcp)
2116HOP RTT ADDRESS
21171 133.64 ms 10.203.13.1
21182 ...
21193 134.35 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
21204 133.98 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
21215 139.66 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
21226 136.05 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
21237 136.08 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
21248 ...
21259 161.89 ms 195.122.181.130
212610 166.55 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
212711 ...
212812 165.84 ms 94.102.51.111
2129#################################################################################################################################
2130Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:39 EDT
2131Nmap scan report for 94.102.51.111
2132Host is up (0.17s latency).
2133Not shown: 13 filtered ports
2134Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2135PORT STATE SERVICE VERSION
213653/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
213753/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2138| dns-nsid:
2139|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
214067/udp open|filtered dhcps
214168/udp open|filtered dhcpc
214269/udp open|filtered tftp
214388/udp open|filtered kerberos-sec
2144123/udp open|filtered ntp
2145137/udp open|filtered netbios-ns
2146138/udp open|filtered netbios-dgm
2147139/udp open|filtered netbios-ssn
2148161/udp open|filtered snmp
2149162/udp open|filtered snmptrap
2150389/udp open|filtered ldap
2151520/udp open|filtered route
21522049/udp open|filtered nfs
2153Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2154Device type: WAP|general purpose|specialized|broadband router
2155Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2156OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2157Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2158No exact OS matches for host (test conditions non-ideal).
2159Network Distance: 12 hops
2160Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2161
2162TRACEROUTE (using port 53/tcp)
2163HOP RTT ADDRESS
21641 133.45 ms 10.203.13.1
21652 ...
21663 134.09 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
21674 133.78 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
21685 139.40 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
21696 139.76 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
21707 142.60 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
21718 ...
21729 165.19 ms 195.122.181.130
217310 177.40 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
217411 ...
217512 166.40 ms 94.102.51.111
2176#################################################################################################################################
2177# general
2178(gen) banner: SSH-2.0-OpenSSH_7.4
2179(gen) software: OpenSSH 7.4
2180(gen) compatibility: OpenSSH 7.3+ (some functionality from 6.6), Dropbear SSH 2016.73+ (some functionality from 0.52)
2181(gen) compression: enabled (zlib@openssh.com)
2182
2183# key exchange algorithms
2184(kex) curve25519-sha256 -- [warn] unknown algorithm
2185(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.5, Dropbear SSH 2013.62
2186(kex) ecdh-sha2-nistp256 -- [fail] using weak elliptic curves
2187 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2188(kex) ecdh-sha2-nistp384 -- [fail] using weak elliptic curves
2189 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2190(kex) ecdh-sha2-nistp521 -- [fail] using weak elliptic curves
2191 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2192(kex) diffie-hellman-group-exchange-sha256 -- [warn] using custom size modulus (possibly weak)
2193 `- [info] available since OpenSSH 4.4
2194(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2195(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
2196(kex) diffie-hellman-group-exchange-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2197 `- [warn] using weak hashing algorithm
2198 `- [info] available since OpenSSH 2.3.0
2199(kex) diffie-hellman-group14-sha256 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
2200(kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm
2201 `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
2202(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2203 `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack
2204 `- [warn] using small 1024-bit modulus
2205 `- [warn] using weak hashing algorithm
2206 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2207
2208# host-key algorithms
2209(key) ssh-rsa -- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
2210(key) rsa-sha2-512 -- [info] available since OpenSSH 7.2
2211(key) rsa-sha2-256 -- [info] available since OpenSSH 7.2
2212(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves
2213 `- [warn] using weak random number generator could reveal the key
2214 `- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
2215(key) ssh-ed25519 -- [info] available since OpenSSH 6.5
2216
2217# encryption algorithms (ciphers)
2218(enc) chacha20-poly1305@openssh.com -- [info] available since OpenSSH 6.5
2219 `- [info] default cipher since OpenSSH 6.9.
2220(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2221(enc) aes192-ctr -- [info] available since OpenSSH 3.7
2222(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52
2223(enc) aes128-gcm@openssh.com -- [info] available since OpenSSH 6.2
2224(enc) aes256-gcm@openssh.com -- [info] available since OpenSSH 6.2
2225(enc) aes128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2226 `- [warn] using weak cipher mode
2227 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
2228(enc) aes192-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2229 `- [warn] using weak cipher mode
2230 `- [info] available since OpenSSH 2.3.0
2231(enc) aes256-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2232 `- [warn] using weak cipher mode
2233 `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
2234(enc) blowfish-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2235 `- [fail] disabled since Dropbear SSH 0.53
2236 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2237 `- [warn] using weak cipher mode
2238 `- [warn] using small 64-bit block size
2239 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2240(enc) cast128-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2241 `- [warn] disabled (in client) since OpenSSH 7.2, legacy algorithm
2242 `- [warn] using weak cipher mode
2243 `- [warn] using small 64-bit block size
2244 `- [info] available since OpenSSH 2.1.0
2245(enc) 3des-cbc -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm
2246 `- [warn] using weak cipher
2247 `- [warn] using weak cipher mode
2248 `- [warn] using small 64-bit block size
2249 `- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
2250
2251# message authentication code algorithms
2252(mac) umac-64-etm@openssh.com -- [warn] using small 64-bit tag size
2253 `- [info] available since OpenSSH 6.2
2254(mac) umac-128-etm@openssh.com -- [info] available since OpenSSH 6.2
2255(mac) hmac-sha2-256-etm@openssh.com -- [info] available since OpenSSH 6.2
2256(mac) hmac-sha2-512-etm@openssh.com -- [info] available since OpenSSH 6.2
2257(mac) hmac-sha1-etm@openssh.com -- [warn] using weak hashing algorithm
2258 `- [info] available since OpenSSH 6.2
2259(mac) umac-64@openssh.com -- [warn] using encrypt-and-MAC mode
2260 `- [warn] using small 64-bit tag size
2261 `- [info] available since OpenSSH 4.7
2262(mac) umac-128@openssh.com -- [warn] using encrypt-and-MAC mode
2263 `- [info] available since OpenSSH 6.2
2264(mac) hmac-sha2-256 -- [warn] using encrypt-and-MAC mode
2265 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2266(mac) hmac-sha2-512 -- [warn] using encrypt-and-MAC mode
2267 `- [info] available since OpenSSH 5.9, Dropbear SSH 2013.56
2268(mac) hmac-sha1 -- [warn] using encrypt-and-MAC mode
2269 `- [warn] using weak hashing algorithm
2270 `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
2271
2272# algorithm recommendations (for OpenSSH 7.4)
2273(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove
2274(rec) -ecdh-sha2-nistp256 -- kex algorithm to remove
2275(rec) -diffie-hellman-group-exchange-sha256 -- kex algorithm to remove
2276(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove
2277(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove
2278(rec) -ecdh-sha2-nistp521 -- kex algorithm to remove
2279(rec) -ecdh-sha2-nistp384 -- kex algorithm to remove
2280(rec) -ecdsa-sha2-nistp256 -- key algorithm to remove
2281(rec) -blowfish-cbc -- enc algorithm to remove
2282(rec) -3des-cbc -- enc algorithm to remove
2283(rec) -aes256-cbc -- enc algorithm to remove
2284(rec) -cast128-cbc -- enc algorithm to remove
2285(rec) -aes192-cbc -- enc algorithm to remove
2286(rec) -aes128-cbc -- enc algorithm to remove
2287(rec) -hmac-sha2-512 -- mac algorithm to remove
2288(rec) -umac-128@openssh.com -- mac algorithm to remove
2289(rec) -hmac-sha2-256 -- mac algorithm to remove
2290(rec) -umac-64@openssh.com -- mac algorithm to remove
2291(rec) -hmac-sha1 -- mac algorithm to remove
2292(rec) -hmac-sha1-etm@openssh.com -- mac algorithm to remove
2293(rec) -umac-64-etm@openssh.com -- mac algorithm to remove
2294#################################################################################################################################
2295Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:44 EDT
2296NSE: [ssh-run] Failed to specify credentials and command to run.
2297NSE: [ssh-brute] Trying username/password pair: root:root
2298NSE: [ssh-brute] Trying username/password pair: admin:admin
2299NSE: [ssh-brute] Trying username/password pair: administrator:administrator
2300NSE: [ssh-brute] Trying username/password pair: webadmin:webadmin
2301NSE: [ssh-brute] Trying username/password pair: sysadmin:sysadmin
2302NSE: [ssh-brute] Trying username/password pair: netadmin:netadmin
2303NSE: [ssh-brute] Trying username/password pair: guest:guest
2304NSE: [ssh-brute] Trying username/password pair: user:user
2305NSE: [ssh-brute] Trying username/password pair: web:web
2306NSE: [ssh-brute] Trying username/password pair: test:test
2307NSE: [ssh-brute] Trying username/password pair: root:
2308NSE: [ssh-brute] Trying username/password pair: admin:
2309NSE: [ssh-brute] Trying username/password pair: administrator:
2310NSE: [ssh-brute] Trying username/password pair: webadmin:
2311NSE: [ssh-brute] Trying username/password pair: sysadmin:
2312NSE: [ssh-brute] Trying username/password pair: netadmin:
2313NSE: [ssh-brute] Trying username/password pair: guest:
2314NSE: [ssh-brute] Trying username/password pair: user:
2315NSE: [ssh-brute] Trying username/password pair: web:
2316NSE: [ssh-brute] Trying username/password pair: test:
2317NSE: [ssh-brute] Trying username/password pair: root:123456
2318NSE: [ssh-brute] Trying username/password pair: admin:123456
2319NSE: [ssh-brute] Trying username/password pair: administrator:123456
2320NSE: [ssh-brute] Trying username/password pair: webadmin:123456
2321NSE: [ssh-brute] Trying username/password pair: sysadmin:123456
2322NSE: [ssh-brute] Trying username/password pair: netadmin:123456
2323NSE: [ssh-brute] Trying username/password pair: guest:123456
2324NSE: [ssh-brute] Trying username/password pair: user:123456
2325NSE: [ssh-brute] Trying username/password pair: web:123456
2326NSE: [ssh-brute] Trying username/password pair: test:123456
2327NSE: [ssh-brute] Trying username/password pair: root:12345
2328NSE: [ssh-brute] Trying username/password pair: admin:12345
2329NSE: [ssh-brute] Trying username/password pair: administrator:12345
2330NSE: [ssh-brute] Trying username/password pair: webadmin:12345
2331NSE: [ssh-brute] Trying username/password pair: sysadmin:12345
2332NSE: [ssh-brute] Trying username/password pair: netadmin:12345
2333NSE: [ssh-brute] Trying username/password pair: guest:12345
2334NSE: [ssh-brute] Trying username/password pair: user:12345
2335NSE: [ssh-brute] Trying username/password pair: web:12345
2336NSE: [ssh-brute] Trying username/password pair: test:12345
2337NSE: [ssh-brute] Trying username/password pair: root:123456789
2338NSE: [ssh-brute] Trying username/password pair: admin:123456789
2339NSE: [ssh-brute] Trying username/password pair: administrator:123456789
2340NSE: [ssh-brute] Trying username/password pair: webadmin:123456789
2341NSE: [ssh-brute] Trying username/password pair: sysadmin:123456789
2342NSE: [ssh-brute] Trying username/password pair: netadmin:123456789
2343NSE: [ssh-brute] Trying username/password pair: guest:123456789
2344NSE: [ssh-brute] Trying username/password pair: user:123456789
2345NSE: [ssh-brute] Trying username/password pair: web:123456789
2346NSE: [ssh-brute] Trying username/password pair: test:123456789
2347NSE: [ssh-brute] Trying username/password pair: root:password
2348NSE: [ssh-brute] Trying username/password pair: admin:password
2349NSE: [ssh-brute] Trying username/password pair: administrator:password
2350NSE: [ssh-brute] Trying username/password pair: webadmin:password
2351NSE: [ssh-brute] Trying username/password pair: sysadmin:password
2352NSE: [ssh-brute] Trying username/password pair: netadmin:password
2353NSE: [ssh-brute] Trying username/password pair: guest:password
2354NSE: [ssh-brute] Trying username/password pair: user:password
2355NSE: [ssh-brute] Trying username/password pair: web:password
2356NSE: [ssh-brute] Trying username/password pair: test:password
2357NSE: [ssh-brute] Trying username/password pair: root:iloveyou
2358NSE: [ssh-brute] Trying username/password pair: admin:iloveyou
2359NSE: [ssh-brute] Trying username/password pair: administrator:iloveyou
2360Nmap scan report for 94.102.51.111
2361Host is up (0.17s latency).
2362
2363PORT STATE SERVICE VERSION
236422/tcp open ssh OpenSSH 7.4 (protocol 2.0)
2365| ssh-auth-methods:
2366| Supported authentication methods:
2367| publickey
2368| gssapi-keyex
2369| gssapi-with-mic
2370|_ password
2371| ssh-hostkey:
2372| 2048 27:10:8b:2d:55:3f:93:10:9f:ba:60:48:15:2f:0d:a4 (RSA)
2373| 256 0d:61:df:64:d8:cf:76:01:c2:57:79:de:ef:12:b2:8a (ECDSA)
2374|_ 256 e8:da:20:c5:36:c1:5b:ec:a6:43:e9:8b:76:a9:43:96 (ED25519)
2375| ssh-publickey-acceptance:
2376|_ Accepted Public Keys: No public keys accepted
2377|_ssh-run: Failed to specify credentials and command to run.
2378Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2379Device type: WAP|general purpose|specialized|broadband router
2380Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
2381OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2382Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2383No exact OS matches for host (test conditions non-ideal).
2384Network Distance: 12 hops
2385
2386TRACEROUTE (using port 22/tcp)
2387HOP RTT ADDRESS
23881 134.09 ms 10.203.13.1
23892 ...
23903 135.20 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
23914 134.65 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
23925 140.24 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
23936 140.29 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
23947 140.70 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
23958 ...
23969 166.01 ms 195.122.181.130
239710 171.09 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
239811 ...
239912 168.51 ms 94.102.51.111
2400#################################################################################################################################
2401Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:55 EDT
2402Nmap scan report for 94.102.51.111
2403Host is up (0.17s latency).
2404
2405PORT STATE SERVICE VERSION
240625/tcp open smtp Exim smtpd 4.89
2407| smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2408|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2409| smtp-enum-users:
2410|_ SMTP EHLO nmap.scanme.org: failed to receive data: connection closed
2411|_smtp-open-relay: SMTP RSET: failed to receive data: connection closed
2412| smtp-vuln-cve2010-4344:
2413| Exim version: 4.89
2414| Exim heap overflow vulnerability (CVE-2010-4344):
2415| Exim (CVE-2010-4344): NOT VULNERABLE
2416| Exim privileges escalation vulnerability (CVE-2010-4345):
2417| Exim (CVE-2010-4345): NOT VULNERABLE
2418|_ To confirm and exploit the vulnerabilities, run with --script-args='smtp-vuln-cve2010-4344.exploit'
2419Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2420Device type: WAP|general purpose|specialized|broadband router
2421Running (JUST GUESSING): Linux 2.4.X|2.6.X (94%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2422OS CPE: cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2423Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2424No exact OS matches for host (test conditions non-ideal).
2425Network Distance: 12 hops
2426Service Info: Host: a13s08.host.com
2427
2428TRACEROUTE (using port 25/tcp)
2429HOP RTT ADDRESS
24301 135.68 ms 10.203.13.1
24312 ...
24323 131.95 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
24334 131.93 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
24345 137.48 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
24356 137.57 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
24367 137.53 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
24378 ...
24389 163.05 ms 195.122.181.130
243910 168.27 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
244011 ...
244112 169.23 ms 94.102.51.111
2442#################################################################################################################################
2443Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:56 EDT
2444Nmap scan report for 94.102.51.111
2445Host is up (0.17s latency).
2446
2447PORT STATE SERVICE VERSION
244853/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2449|_dns-fuzz: Server didn't response to our probe, can't fuzz
2450|_dns-nsec-enum: Can't determine domain for host 94.102.51.111; use dns-nsec-enum.domains script arg.
2451|_dns-nsec3-enum: Can't determine domain for host 94.102.51.111; use dns-nsec3-enum.domains script arg.
2452| dns-nsid:
2453|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
2454Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2455Device type: WAP|general purpose|specialized|broadband router
2456Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (92%), Crestron 2-Series (90%), Asus embedded (87%)
2457OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2458Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (92%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2459No exact OS matches for host (test conditions non-ideal).
2460Network Distance: 12 hops
2461Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2462
2463Host script results:
2464| dns-blacklist:
2465| SPAM
2466|_ l2.apews.org - SPAM
2467|_dns-brute: Can't guess domain of "94.102.51.111"; use dns-brute.domain script argument.
2468
2469TRACEROUTE (using port 53/tcp)
2470HOP RTT ADDRESS
24711 133.93 ms 10.203.13.1
24722 ...
24733 134.53 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
24744 134.52 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
24755 139.93 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
24766 139.96 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
24777 136.93 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
24788 ...
24799 162.41 ms 195.122.181.130
248010 167.06 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
248111 ...
248212 171.79 ms 94.102.51.111
2483#################################################################################################################################
2484Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:57 EDT
2485Nmap scan report for 94.102.51.111
2486Host is up (0.17s latency).
2487
2488PORT STATE SERVICE VERSION
248967/tcp filtered dhcps
249067/udp open|filtered dhcps
2491|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2492Too many fingerprints match this host to give specific OS details
2493Network Distance: 12 hops
2494
2495TRACEROUTE (using proto 1/icmp)
2496HOP RTT ADDRESS
24971 131.36 ms 10.203.13.1
24982 ...
24993 131.69 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25004 131.67 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25015 137.02 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25026 137.67 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25037 137.72 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
25048 162.69 ms ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90)
25059 163.12 ms 195.122.181.130
250610 168.36 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
250711 ...
250812 168.37 ms 94.102.51.111
2509#################################################################################################################################
2510Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:59 EDT
2511Nmap scan report for 94.102.51.111
2512Host is up (0.17s latency).
2513
2514PORT STATE SERVICE VERSION
251568/tcp filtered dhcpc
251668/udp open|filtered dhcpc
2517Too many fingerprints match this host to give specific OS details
2518Network Distance: 12 hops
2519
2520TRACEROUTE (using proto 1/icmp)
2521HOP RTT ADDRESS
25221 132.32 ms 10.203.13.1
25232 ...
25243 133.40 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25254 133.36 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25265 138.75 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25276 140.21 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25287 142.80 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
25298 164.07 ms ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90)
25309 164.13 ms 195.122.181.130
253110 169.46 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
253211 ...
253312 169.03 ms 94.102.51.111
2534#################################################################################################################################
2535Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:00 EDT
2536Nmap scan report for 94.102.51.111
2537Host is up (0.17s latency).
2538
2539PORT STATE SERVICE VERSION
254069/tcp filtered tftp
254169/udp open|filtered tftp
2542Too many fingerprints match this host to give specific OS details
2543Network Distance: 12 hops
2544
2545TRACEROUTE (using proto 1/icmp)
2546HOP RTT ADDRESS
25471 130.99 ms 10.203.13.1
25482 ...
25493 131.74 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
25504 131.68 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
25515 137.30 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
25526 137.49 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
25537 137.66 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
25548 161.59 ms ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90)
25559 163.31 ms 195.122.181.130
255610 169.55 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
255711 ...
255812 170.21 ms 94.102.51.111
2559#################################################################################################################################
2560
2561wig - WebApp Information Gatherer
2562
2563
2564Scanning http://94.102.51.111...
2565_________________________________________ SITE INFO _________________________________________
2566IP Title
256794.102.51.111 Andy Pioneer Top Sites
2568
2569__________________________________________ VERSION __________________________________________
2570Name Versions Type
2571phpMyAdmin 4_4_15_8 CMS
2572Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
2573 2.4.9
2574PHP 5.4.45 Platform
2575nginx Platform
2576FreeBSD 10 | 11 OS
2577OpenBSD 5.9 OS
2578
2579_____________________________________________________________________________________________
2580Time: 32.4 sec Urls: 714 Fingerprints: 40401
2581##################################################################################################################################
2582HTTP/1.1 200 OK
2583Server: nginx
2584Date: Wed, 18 Mar 2020 23:03:50 GMT
2585Content-Type: text/html
2586Connection: keep-alive
2587Vary: Accept-Encoding
2588
2589HTTP/1.1 200 OK
2590Server: nginx
2591Date: Wed, 18 Mar 2020 23:03:50 GMT
2592Content-Type: text/html
2593Connection: keep-alive
2594Vary: Accept-Encoding
2595#################################################################################################################################
2596Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:04 EDT
2597NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2598NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2599NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
2600Nmap scan report for 94.102.51.111
2601Host is up (0.17s latency).
2602
2603PORT STATE SERVICE VERSION
2604110/tcp open pop3 Dovecot pop3d
2605| pop3-brute:
2606| Accounts: No valid accounts found
2607|_ Statistics: Performed 232 guesses in 196 seconds, average tps: 1.2
2608|_pop3-capabilities: PIPELINING CAPA SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) USER STLS UIDL RESP-CODES TOP AUTH-RESP-CODE
2609Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2610Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Crestron XPanel control system (93%), OpenWrt (Linux 2.4.32) (92%), Philips Hue Bridge 2.0 (Linux) (91%), Linux 2.6.24 (91%), OpenWrt (Linux 2.4.30 - 2.4.34) (90%), Linux 2.4.18 (90%), Linux 3.12 - 4.10 (89%)
2611No exact OS matches for host (test conditions non-ideal).
2612Network Distance: 12 hops
2613
2614TRACEROUTE (using port 110/tcp)
2615HOP RTT ADDRESS
26161 134.99 ms 10.203.13.1
26172 ...
26183 135.35 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
26194 135.37 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
26205 140.68 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
26216 141.04 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
26227 137.82 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
26238 ...
26249 162.18 ms 195.122.181.130
262510 167.84 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
262611 ...
262712 166.12 ms 94.102.51.111
2628#################################################################################################################################
2629Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:07 EDT
2630Nmap scan report for 94.102.51.111
2631Host is up (0.17s latency).
2632
2633PORT STATE SERVICE VERSION
2634123/tcp filtered ntp
2635123/udp open|filtered ntp
2636Too many fingerprints match this host to give specific OS details
2637Network Distance: 12 hops
2638
2639TRACEROUTE (using proto 1/icmp)
2640HOP RTT ADDRESS
26411 134.14 ms 10.203.13.1
26422 ...
26433 135.50 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
26444 134.56 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
26455 140.17 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
26466 140.77 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
26477 137.66 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
26488 162.57 ms ae-2-3203.ear3.Frankfurt1.Level3.net (4.69.163.90)
26499 162.34 ms 195.122.181.130
265010 167.81 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
265111 ...
265212 169.52 ms 94.102.51.111
2653#################################################################################################################################
2654--------------------------------------------------------
2655<<<Yasuo discovered following vulnerable applications>>>
2656--------------------------------------------------------
2657+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2658| App Name | URL to Application | Potential Exploit | Username | Password |
2659+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2660| phpMyAdmin | http://94.102.51.111:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2661+------------+-------------------------------------+--------------------------------------------------+-----------+-----------+
2662#################################################################################################################################
2663Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:13 EDT
2664Nmap scan report for 94.102.51.111
2665Host is up (0.17s latency).
2666Not shown: 64514 filtered ports, 1012 closed ports
2667PORT STATE SERVICE VERSION
266822/tcp open ssh?
2669|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
267025/tcp open smtp Exim smtpd 4.89
2671| smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, STARTTLS, HELP,
2672|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
2673| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2674| Not valid before: 2018-03-05T07:49:40
2675|_Not valid after: 2028-03-02T07:49:40
2676|_ssl-date: TLS randomness does not represent time
267753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2678| dns-nsid:
2679|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
268080/tcp open http nginx
2681|_http-generator: Microsoft FrontPage 5.0
2682| http-methods:
2683|_ Potentially risky methods: TRACE
2684|_http-title: Andy Pioneer Top Sites
2685110/tcp open pop3 Dovecot pop3d
2686|_pop3-capabilities: STLS PIPELINING TOP AUTH-RESP-CODE SASL(PLAIN LOGIN DIGEST-MD5 CRAM-MD5) CAPA USER RESP-CODES UIDL
2687|_ssl-date: TLS randomness does not represent time
2688143/tcp open imap Dovecot imapd
2689|_imap-capabilities: IMAP4rev1 more AUTH=PLAIN SASL-IR LOGIN-REFERRALS ENABLE listed OK have AUTH=DIGEST-MD5 post-login LITERAL+ STARTTLS IDLE AUTH=CRAM-MD5A0001 capabilities Pre-login AUTH=LOGIN ID
2690|_ssl-date: TLS randomness does not represent time
2691465/tcp open ssl/smtp Exim smtpd 4.89
2692| smtp-commands: a13s08.host.com Hello nmap.scanme.org [45.132.192.63], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN CRAM-MD5, CHUNKING, HELP,
2693|_ Commands supported:
2694| ssl-cert: Subject: commonName=a13s08.host.com/organizationName=XX/stateOrProvinceName=XX/countryName=XX
2695| Not valid before: 2018-03-05T07:49:40
2696|_Not valid after: 2028-03-02T07:49:40
2697|_ssl-date: TLS randomness does not represent time
2698993/tcp open ssl/imaps?
2699|_ssl-date: TLS randomness does not represent time
2700995/tcp open ssl/pop3s?
2701|_ssl-date: TLS randomness does not represent time
2702Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (97%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.4.18 (90%), Asus RT-AC66U router (Linux 2.6) (89%), Asus RT-N16 WAP (Linux 2.6) (89%), Asus RT-N66U WAP (Linux 2.6) (89%), Tomato 1.28 (Linux 2.6.22) (89%), Crestron XPanel control system (89%), Philips Hue Bridge 2.0 (Linux) (89%)
2703No exact OS matches for host (test conditions non-ideal).
2704Network Distance: 12 hops
2705Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2706
2707TRACEROUTE (using port 443/tcp)
2708HOP RTT ADDRESS
27091 135.35 ms 10.203.13.1
27102 ...
27113 130.58 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
27124 130.57 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
27135 135.88 ms be3741.ccr22.sto03.atlas.cogentco.com (154.54.60.194)
27146 135.78 ms be3377.ccr21.sto01.atlas.cogentco.com (154.54.36.90)
27157 136.09 ms ae-10.edge4.Stockholm2.Level3.net (4.68.106.125)
27168 ...
27179 161.53 ms 195.122.181.130
271810 166.57 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
271911 ...
272012 165.14 ms 94.102.51.111
2721#################################################################################################################################
2722Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 19:21 EDT
2723Nmap scan report for 94.102.51.111
2724Host is up (0.17s latency).
2725
2726PORT STATE SERVICE VERSION
272753/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
272867/tcp filtered dhcps
272968/tcp filtered dhcpc
273069/tcp filtered tftp
273188/tcp filtered kerberos-sec
2732123/tcp filtered ntp
2733137/tcp filtered netbios-ns
2734138/tcp filtered netbios-dgm
2735139/tcp filtered netbios-ssn
2736161/tcp filtered snmp
2737162/tcp filtered snmptrap
2738389/tcp filtered ldap
2739520/tcp filtered efs
27402049/tcp filtered nfs
274153/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2742| dns-nsid:
2743|_ bind.version: 9.9.4-RedHat-9.9.4-51.el7_4.2
274467/udp open|filtered dhcps
274568/udp open|filtered dhcpc
274669/udp open|filtered tftp
274788/udp open|filtered kerberos-sec
2748123/udp open|filtered ntp
2749137/udp open|filtered netbios-ns
2750138/udp open|filtered netbios-dgm
2751139/udp open|filtered netbios-ssn
2752161/udp open|filtered snmp
2753162/udp open|filtered snmptrap
2754389/udp open|filtered ldap
2755520/udp open|filtered route
27562049/udp open|filtered nfs
2757Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2758Device type: WAP|general purpose|specialized|broadband router
2759Running (JUST GUESSING): Linux 2.6.X|2.4.X (96%), Philips embedded (90%), Crestron 2-Series (90%), Asus embedded (87%)
2760OS CPE: cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel cpe:/o:crestron:2_series cpe:/h:asus:rt-ac66u cpe:/o:linux:linux_kernel:2.6 cpe:/h:asus:rt-n10
2761Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.4.18 (92%), Philips Hue Bridge 2.0 (Linux) (90%), Crestron XPanel control system (90%), OpenWrt (Linux 2.4.30 - 2.4.34) (89%), OpenWrt (Linux 2.4.32) (89%), Asus RT-AC66U router (Linux 2.6) (87%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (87%)
2762No exact OS matches for host (test conditions non-ideal).
2763Network Distance: 12 hops
2764Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2765
2766TRACEROUTE (using port 53/tcp)
2767HOP RTT ADDRESS
27681 135.76 ms 10.203.13.1
27692 ...
27703 136.62 ms te0-0-2-1.nr11.b069785-0.tll01.atlas.cogentco.com (149.6.188.49)
27714 136.59 ms be2160.rcr51.tll01.atlas.cogentco.com (154.25.10.249)
27725 142.02 ms be3740.ccr21.sto03.atlas.cogentco.com (154.54.60.190)
27736 142.07 ms be3376.ccr21.sto01.atlas.cogentco.com (130.117.50.226)
27747 142.24 ms ae-11.edge4.Stockholm2.Level3.net (4.68.106.129)
27758 ...
27769 167.20 ms 195.122.181.130
277710 205.21 ms ae5-2074.ams10.core-backbone.com (81.95.2.138)
277811 ...
277912 168.26 ms 94.102.51.111
2780##################################################################################################################################
2781Hosts
2782=====
2783
2784address mac name os_name os_flavor os_sp purpose info comments
2785------- --- ---- ------- --------- ----- ------- ---- --------
27863.83.211.23 ec2-3-83-211-23.compute-1.amazonaws.com embedded device
27873.216.98.236 ec2-3-216-98-236.compute-1.amazonaws.com Linux 3.X server
278834.224.171.238 ec2-34-224-171-238.compute-1.amazonaws.com Linux server
278934.236.0.217 ec2-34-236-0-217.compute-1.amazonaws.com Linux 3.X server
279034.253.89.155 ec2-34-253-89-155.eu-west-1.compute.amazonaws.com Linux 4.X server
279137.1.207.121 teens-sins.net 2-Series 3.X device
279243.245.223.4 Linux 2.6.X server
279345.60.47.218 Linux 3.X server
279445.88.202.111 Linux 3.X server
279545.239.108.252 whale.ecohosting.cl Linux 3.X server
279652.1.2.24 ec2-52-1-2-24.compute-1.amazonaws.com Linux server
279752.1.174.10 ec2-52-1-174-10.compute-1.amazonaws.com Linux 3.X server
279852.30.54.73 ec2-52-30-54-73.eu-west-1.compute.amazonaws.com Linux 4.X server
279952.52.234.222 ec2-52-52-234-222.us-west-1.compute.amazonaws.com Unknown device
280054.72.57.25 ec2-54-72-57-25.eu-west-1.compute.amazonaws.com Linux 4.X server
280154.85.59.109 ec2-54-85-59-109.compute-1.amazonaws.com Linux 3.X server
280254.194.134.190 ec2-54-194-134-190.eu-west-1.compute.amazonaws.com Linux 4.X server
280364.69.94.253 Unknown device
280469.163.233.4 ps54052.dreamhostps.com Linux 14.04 server
280574.117.180.192 embedded device
280682.94.222.131 Unknown device
280792.123.250.35 a92-123-250-35.deploy.static.akamaitechnologies.com embedded device
280892.123.250.65 a92-123-250-65.deploy.static.akamaitechnologies.com Linux 3.X server
280994.102.51.111 Linux 2.4.X server
281094.102.51.112 no-reverse-dns-configured.com Linux 2.6.X server
2811104.244.73.40 Unknown device
2812104.244.76.231 Linux 3.X server
2813104.244.77.188 Linux 3.X server
2814104.244.79.89 Linux 3.X server
2815107.180.28.114 ip-107-180-28-114.ip.secureserver.net Unknown device
2816111.90.145.39 web16.support-emilid.com Linux 2.6.X server
2817143.95.110.248 ip-143-95-110-248.iplocal Linux 3.X server
2818149.126.72.220 149.126.72.220.ip.incapdns.net Linux 3.X server
2819151.106.38.107 ns3152160.ip-151-106-38.eu embedded device
2820158.69.13.254 ip254.ip-158-69-13.net 2-Series 2.6.X device
2821162.244.35.13 xnlog.com FreeBSD 7.X device
2822163.247.48.46 Unknown device
2823163.247.127.20 Unknown device
2824163.247.130.114 embedded device
2825163.247.175.176 Unknown device
2826165.22.143.229 Linux 2.6.X server
2827165.227.99.239 Linux 3.X server
2828169.239.218.20 cp10.domains.co.za Linux 2.6.X server
2829173.214.244.169 173.214.244.169.serverel.net Unknown device
2830174.142.53.51 mail.marineland.ca Linux 3.X server
2831186.64.118.40 mail.blue127.dnsmisitio.net embedded device
2832190.98.209.37 static.190.98.209.37.gtdinternet.com Unknown device
2833190.107.177.35 srv25.cpanelhost.cl Linux 2.6.X server
2834190.110.121.175 todofutbol.hn.cl Unknown device
2835190.153.209.187 static.190.153.209.187.gtdinternet.com Unknown device
2836190.153.219.254 mail.evopoli.cl Linux 3.X server
2837192.185.134.58 ns36.accountservergroup.com Linux 3.X server
2838200.2.249.28 Linux 3.X server
2839200.10.251.82 homer.sii.cl Unknown device
2840200.12.19.101 embedded device
2841200.29.0.33 cp33.puntoweb.cl Unknown device
2842200.54.92.108 Linux 9.0 server
2843200.54.230.247 plesk.tdata.cloud Linux 3.X server
2844200.55.198.228 Linux 2.4.X server
2845200.68.30.227 mail.gorecoquimbo.cl Unknown device
2846200.68.34.99 Unknown device
2847200.73.54.34 mail.maxtel.cl Linux 2.6.X server
2848200.91.40.252 200-91-40-252.avz.cl Unknown device
2849200.91.41.5 cruzblanca.cl Unknown device
2850200.126.100.83 toqui.gorearaucania.cl Unknown device
2851201.159.170.136 soloweb.sinc.cl Unknown device
2852204.93.193.141 suzuka.mochahost.com Unknown device
2853206.48.140.40 Unknown device
2854207.246.147.189 2-Series device
2855207.246.147.190 Linux 4.X server
2856207.246.147.247 Linux 4.X server
2857207.246.147.248 Linux 4.X server
2858211.13.196.135 sv3.isle.ne.jp Linux 2.6.X server
2859212.174.0.150 Windows 2012 server
2860216.172.184.117 Linux 3.X server
2861218.45.5.97 www.town.koya.wakayama.jp Linux 2.6.X server
2862##################################################################################################################################
2863Services
2864========
2865
2866host port proto name state info
2867---- ---- ----- ---- ----- ----
28683.83.211.23 53 tcp domain filtered
28693.83.211.23 53 udp domain unknown
28703.83.211.23 67 tcp dhcps filtered
28713.83.211.23 67 udp dhcps unknown
28723.83.211.23 68 tcp dhcpc filtered
28733.83.211.23 68 udp dhcpc unknown
28743.83.211.23 69 tcp tftp filtered
28753.83.211.23 69 udp tftp unknown
28763.83.211.23 80 tcp http open Microsoft IIS httpd 10.0
28773.83.211.23 88 tcp kerberos-sec filtered
28783.83.211.23 88 udp kerberos-sec unknown
28793.83.211.23 123 tcp ntp filtered
28803.83.211.23 123 udp ntp unknown
28813.83.211.23 137 tcp netbios-ns filtered
28823.83.211.23 137 udp netbios-ns unknown
28833.83.211.23 138 tcp netbios-dgm filtered
28843.83.211.23 138 udp netbios-dgm unknown
28853.83.211.23 139 tcp netbios-ssn filtered
28863.83.211.23 139 udp netbios-ssn unknown
28873.83.211.23 161 tcp snmp filtered
28883.83.211.23 161 udp snmp unknown
28893.83.211.23 162 tcp snmptrap filtered
28903.83.211.23 162 udp snmptrap unknown
28913.83.211.23 389 tcp ldap filtered
28923.83.211.23 389 udp ldap unknown
28933.83.211.23 443 tcp ssl/http open Microsoft IIS httpd 10.0
28943.83.211.23 520 tcp efs filtered
28953.83.211.23 520 udp route unknown
28963.83.211.23 2049 tcp nfs filtered
28973.83.211.23 2049 udp nfs unknown
28983.216.98.236 53 tcp domain filtered
28993.216.98.236 53 udp domain unknown
29003.216.98.236 67 tcp dhcps filtered
29013.216.98.236 67 udp dhcps unknown
29023.216.98.236 68 tcp dhcpc filtered
29033.216.98.236 68 udp dhcpc unknown
29043.216.98.236 69 tcp tftp filtered
29053.216.98.236 69 udp tftp unknown
29063.216.98.236 80 tcp http open Microsoft IIS httpd 10.0
29073.216.98.236 88 tcp kerberos-sec filtered
29083.216.98.236 88 udp kerberos-sec unknown
29093.216.98.236 123 tcp ntp filtered
29103.216.98.236 123 udp ntp unknown
29113.216.98.236 137 tcp netbios-ns filtered
29123.216.98.236 137 udp netbios-ns unknown
29133.216.98.236 138 tcp netbios-dgm filtered
29143.216.98.236 138 udp netbios-dgm unknown
29153.216.98.236 139 tcp netbios-ssn filtered
29163.216.98.236 139 udp netbios-ssn unknown
29173.216.98.236 161 tcp snmp filtered
29183.216.98.236 161 udp snmp unknown
29193.216.98.236 162 tcp snmptrap filtered
29203.216.98.236 162 udp snmptrap unknown
29213.216.98.236 389 tcp ldap filtered
29223.216.98.236 389 udp ldap unknown
29233.216.98.236 443 tcp ssl/http open Microsoft IIS httpd 10.0
29243.216.98.236 520 tcp efs filtered
29253.216.98.236 520 udp route unknown
29263.216.98.236 2049 tcp nfs filtered
29273.216.98.236 2049 udp nfs unknown
292834.224.171.238 53 tcp domain filtered
292934.224.171.238 53 udp domain unknown
293034.224.171.238 67 tcp dhcps filtered
293134.224.171.238 67 udp dhcps unknown
293234.224.171.238 68 tcp dhcpc filtered
293334.224.171.238 68 udp dhcpc unknown
293434.224.171.238 69 tcp tftp filtered
293534.224.171.238 69 udp tftp unknown
293634.224.171.238 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
293734.224.171.238 88 tcp kerberos-sec filtered
293834.224.171.238 88 udp kerberos-sec unknown
293934.224.171.238 123 tcp ntp filtered
294034.224.171.238 123 udp ntp unknown
294134.224.171.238 137 tcp netbios-ns filtered
294234.224.171.238 137 udp netbios-ns unknown
294334.224.171.238 138 tcp netbios-dgm filtered
294434.224.171.238 138 udp netbios-dgm unknown
294534.224.171.238 139 tcp netbios-ssn filtered
294634.224.171.238 139 udp netbios-ssn unknown
294734.224.171.238 161 tcp snmp filtered
294834.224.171.238 161 udp snmp unknown
294934.224.171.238 162 tcp snmptrap filtered
295034.224.171.238 162 udp snmptrap unknown
295134.224.171.238 389 tcp ldap filtered
295234.224.171.238 389 udp ldap unknown
295334.224.171.238 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
295434.224.171.238 520 tcp efs filtered
295534.224.171.238 520 udp route unknown
295634.224.171.238 2049 tcp nfs filtered
295734.224.171.238 2049 udp nfs unknown
295834.236.0.217 53 tcp domain filtered
295934.236.0.217 53 udp domain unknown
296034.236.0.217 67 tcp dhcps filtered
296134.236.0.217 67 udp dhcps unknown
296234.236.0.217 68 tcp dhcpc filtered
296334.236.0.217 68 udp dhcpc unknown
296434.236.0.217 69 tcp tftp filtered
296534.236.0.217 69 udp tftp unknown
296634.236.0.217 80 tcp http open nginx
296734.236.0.217 88 tcp kerberos-sec filtered
296834.236.0.217 88 udp kerberos-sec unknown
296934.236.0.217 123 tcp ntp filtered
297034.236.0.217 123 udp ntp unknown
297134.236.0.217 137 tcp netbios-ns filtered
297234.236.0.217 137 udp netbios-ns unknown
297334.236.0.217 138 tcp netbios-dgm filtered
297434.236.0.217 138 udp netbios-dgm unknown
297534.236.0.217 139 tcp netbios-ssn filtered
297634.236.0.217 139 udp netbios-ssn unknown
297734.236.0.217 161 tcp snmp filtered
297834.236.0.217 161 udp snmp unknown
297934.236.0.217 162 tcp snmptrap filtered
298034.236.0.217 162 udp snmptrap unknown
298134.236.0.217 389 tcp ldap filtered
298234.236.0.217 389 udp ldap unknown
298334.236.0.217 443 tcp ssl/http open nginx
298434.236.0.217 520 tcp efs filtered
298534.236.0.217 520 udp route unknown
298634.236.0.217 2049 tcp nfs filtered
298734.236.0.217 2049 udp nfs unknown
298834.253.89.155 53 tcp domain closed
298934.253.89.155 53 udp domain unknown
299034.253.89.155 67 tcp dhcps closed
299134.253.89.155 67 udp dhcps unknown
299234.253.89.155 68 tcp dhcpc closed
299334.253.89.155 68 udp dhcpc unknown
299434.253.89.155 69 tcp tftp closed
299534.253.89.155 69 udp tftp unknown
299634.253.89.155 80 tcp http open nginx
299734.253.89.155 88 tcp kerberos-sec closed
299834.253.89.155 88 udp kerberos-sec unknown
299934.253.89.155 123 tcp ntp closed
300034.253.89.155 123 udp ntp unknown
300134.253.89.155 137 tcp netbios-ns closed
300234.253.89.155 137 udp netbios-ns unknown
300334.253.89.155 138 tcp netbios-dgm closed
300434.253.89.155 138 udp netbios-dgm unknown
300534.253.89.155 139 tcp netbios-ssn closed
300634.253.89.155 139 udp netbios-ssn unknown
300734.253.89.155 161 tcp snmp closed
300834.253.89.155 161 udp snmp unknown
300934.253.89.155 162 tcp snmptrap closed
301034.253.89.155 162 udp snmptrap unknown
301134.253.89.155 389 tcp ldap closed
301234.253.89.155 389 udp ldap unknown
301334.253.89.155 443 tcp ssl/http open nginx
301434.253.89.155 520 tcp efs closed
301534.253.89.155 520 udp route unknown
301634.253.89.155 2049 tcp nfs closed
301734.253.89.155 2049 udp nfs unknown
301837.1.207.121 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
301937.1.207.121 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
302037.1.207.121 67 tcp dhcps filtered
302137.1.207.121 67 udp dhcps unknown
302237.1.207.121 68 tcp dhcpc filtered
302337.1.207.121 68 udp dhcpc filtered
302437.1.207.121 69 tcp tftp filtered
302537.1.207.121 69 udp tftp unknown
302637.1.207.121 88 tcp kerberos-sec filtered
302737.1.207.121 88 udp kerberos-sec filtered
302837.1.207.121 123 tcp ntp filtered
302937.1.207.121 123 udp ntp unknown
303037.1.207.121 137 tcp netbios-ns filtered
303137.1.207.121 137 udp netbios-ns unknown
303237.1.207.121 138 tcp netbios-dgm filtered
303337.1.207.121 138 udp netbios-dgm unknown
303437.1.207.121 139 tcp netbios-ssn filtered
303537.1.207.121 139 udp netbios-ssn unknown
303637.1.207.121 161 tcp snmp filtered
303737.1.207.121 161 udp snmp unknown
303837.1.207.121 162 tcp snmptrap filtered
303937.1.207.121 162 udp snmptrap unknown
304037.1.207.121 389 tcp ldap filtered
304137.1.207.121 389 udp ldap unknown
304237.1.207.121 520 tcp efs filtered
304337.1.207.121 520 udp route unknown
304437.1.207.121 2049 tcp nfs filtered
304537.1.207.121 2049 udp nfs filtered
304643.245.223.4 80 tcp http open nginx
304743.245.223.4 443 tcp ssl/http open nginx
304843.245.223.4 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
304945.60.47.218 25 tcp http open Incapsula CDN httpd
305045.60.47.218 53 tcp domain open
305145.60.47.218 53 udp domain open
305245.60.47.218 67 udp dhcps unknown
305345.60.47.218 68 udp dhcpc unknown
305445.60.47.218 69 udp tftp unknown
305545.60.47.218 80 tcp http open Incapsula CDN httpd
305645.60.47.218 81 tcp http open Incapsula CDN httpd
305745.60.47.218 85 tcp http open Incapsula CDN httpd
305845.60.47.218 88 tcp http open Incapsula CDN httpd
305945.60.47.218 88 udp kerberos-sec unknown
306045.60.47.218 123 udp ntp unknown
306145.60.47.218 137 udp netbios-ns unknown
306245.60.47.218 138 udp netbios-dgm unknown
306345.60.47.218 139 udp netbios-ssn unknown
306445.60.47.218 161 udp snmp unknown
306545.60.47.218 162 udp snmptrap unknown
306645.60.47.218 389 tcp ssl/http open Incapsula CDN httpd
306745.60.47.218 389 udp ldap unknown
306845.60.47.218 443 tcp ssl/http open Incapsula CDN httpd
306945.60.47.218 444 tcp ssl/http open Incapsula CDN httpd
307045.60.47.218 445 tcp ssl/http open Incapsula CDN httpd
307145.60.47.218 446 tcp http open Incapsula CDN httpd
307245.60.47.218 520 udp route unknown
307345.60.47.218 587 tcp http open Incapsula CDN httpd
307445.60.47.218 631 tcp http open Incapsula CDN httpd
307545.60.47.218 888 tcp http open Incapsula CDN httpd
307645.60.47.218 995 tcp ssl/http open Incapsula CDN httpd
307745.60.47.218 998 tcp ssl/http open Incapsula CDN httpd
307845.60.47.218 999 tcp http open Incapsula CDN httpd
307945.60.47.218 1000 tcp http open Incapsula CDN httpd
308045.60.47.218 1024 tcp http open Incapsula CDN httpd
308145.60.47.218 1103 tcp http open Incapsula CDN httpd
308245.60.47.218 1234 tcp http open Incapsula CDN httpd
308345.60.47.218 1433 tcp http open Incapsula CDN httpd
308445.60.47.218 1494 tcp http open Incapsula CDN httpd
308545.60.47.218 2000 tcp ssl/http open Incapsula CDN httpd
308645.60.47.218 2001 tcp http open Incapsula CDN httpd
308745.60.47.218 2049 tcp http open Incapsula CDN httpd
308845.60.47.218 2049 udp nfs unknown
308945.60.47.218 2067 tcp http open Incapsula CDN httpd
309045.60.47.218 2100 tcp ssl/http open Incapsula CDN httpd
309145.60.47.218 2222 tcp http open Incapsula CDN httpd
309245.60.47.218 2598 tcp http open Incapsula CDN httpd
309345.60.47.218 3000 tcp http open Incapsula CDN httpd
309445.60.47.218 3050 tcp http open Incapsula CDN httpd
309545.60.47.218 3057 tcp http open Incapsula CDN httpd
309645.60.47.218 3299 tcp http open Incapsula CDN httpd
309745.60.47.218 3306 tcp ssl/http open Incapsula CDN httpd
309845.60.47.218 3333 tcp http open Incapsula CDN httpd
309945.60.47.218 3389 tcp ssl/http open Incapsula CDN httpd
310045.60.47.218 3500 tcp http open Incapsula CDN httpd
310145.60.47.218 3790 tcp http open Incapsula CDN httpd
310245.60.47.218 4000 tcp http open Incapsula CDN httpd
310345.60.47.218 4444 tcp ssl/http open Incapsula CDN httpd
310445.60.47.218 4445 tcp ssl/http open Incapsula CDN httpd
310545.60.47.218 4848 tcp http open Incapsula CDN httpd
310645.60.47.218 5000 tcp http open Incapsula CDN httpd
310745.60.47.218 5009 tcp http open Incapsula CDN httpd
310845.60.47.218 5051 tcp ssl/http open Incapsula CDN httpd
310945.60.47.218 5060 tcp ssl/http open Incapsula CDN httpd
311045.60.47.218 5061 tcp ssl/http open Incapsula CDN httpd
311145.60.47.218 5227 tcp ssl/http open Incapsula CDN httpd
311245.60.47.218 5247 tcp ssl/http open Incapsula CDN httpd
311345.60.47.218 5250 tcp ssl/http open Incapsula CDN httpd
311445.60.47.218 5555 tcp http open Incapsula CDN httpd
311545.60.47.218 5900 tcp http open Incapsula CDN httpd
311645.60.47.218 5901 tcp ssl/http open Incapsula CDN httpd
311745.60.47.218 5902 tcp ssl/http open Incapsula CDN httpd
311845.60.47.218 5903 tcp ssl/http open Incapsula CDN httpd
311945.60.47.218 5904 tcp ssl/http open Incapsula CDN httpd
312045.60.47.218 5905 tcp ssl/http open Incapsula CDN httpd
312145.60.47.218 5906 tcp ssl/http open Incapsula CDN httpd
312245.60.47.218 5907 tcp ssl/http open Incapsula CDN httpd
312345.60.47.218 5908 tcp ssl/http open Incapsula CDN httpd
312445.60.47.218 5909 tcp ssl/http open Incapsula CDN httpd
312545.60.47.218 5910 tcp ssl/http open Incapsula CDN httpd
312645.60.47.218 5920 tcp ssl/http open Incapsula CDN httpd
312745.60.47.218 5984 tcp ssl/http open Incapsula CDN httpd
312845.60.47.218 5985 tcp http open Incapsula CDN httpd
312945.60.47.218 5986 tcp ssl/http open Incapsula CDN httpd
313045.60.47.218 5999 tcp ssl/http open Incapsula CDN httpd
313145.60.47.218 6000 tcp http open Incapsula CDN httpd
313245.60.47.218 6060 tcp http open Incapsula CDN httpd
313345.60.47.218 6161 tcp http open Incapsula CDN httpd
313445.60.47.218 6379 tcp http open Incapsula CDN httpd
313545.60.47.218 6661 tcp ssl/http open Incapsula CDN httpd
313645.60.47.218 6789 tcp http open Incapsula CDN httpd
313745.60.47.218 7000 tcp ssl/http open Incapsula CDN httpd
313845.60.47.218 7001 tcp http open Incapsula CDN httpd
313945.60.47.218 7021 tcp http open Incapsula CDN httpd
314045.60.47.218 7071 tcp ssl/http open Incapsula CDN httpd
314145.60.47.218 7080 tcp http open Incapsula CDN httpd
314245.60.47.218 7272 tcp ssl/http open Incapsula CDN httpd
314345.60.47.218 7443 tcp ssl/http open Incapsula CDN httpd
314445.60.47.218 7700 tcp http open Incapsula CDN httpd
314545.60.47.218 7777 tcp http open Incapsula CDN httpd
314645.60.47.218 7778 tcp http open Incapsula CDN httpd
314745.60.47.218 8000 tcp http open Incapsula CDN httpd
314845.60.47.218 8001 tcp http open Incapsula CDN httpd
314945.60.47.218 8008 tcp http open Incapsula CDN httpd
315045.60.47.218 8014 tcp http open Incapsula CDN httpd
315145.60.47.218 8020 tcp http open Incapsula CDN httpd
315245.60.47.218 8023 tcp http open Incapsula CDN httpd
315345.60.47.218 8028 tcp http open Incapsula CDN httpd
315445.60.47.218 8030 tcp http open Incapsula CDN httpd
315545.60.47.218 8050 tcp http open Incapsula CDN httpd
315645.60.47.218 8051 tcp http open Incapsula CDN httpd
315745.60.47.218 8080 tcp http open Incapsula CDN httpd
315845.60.47.218 8081 tcp http open Incapsula CDN httpd
315945.60.47.218 8082 tcp http open Incapsula CDN httpd
316045.60.47.218 8085 tcp http open Incapsula CDN httpd
316145.60.47.218 8086 tcp http open Incapsula CDN httpd
316245.60.47.218 8087 tcp http open Incapsula CDN httpd
316345.60.47.218 8088 tcp http open Incapsula CDN httpd
316445.60.47.218 8090 tcp http open Incapsula CDN httpd
316545.60.47.218 8091 tcp http open Incapsula CDN httpd
316645.60.47.218 8095 tcp http open Incapsula CDN httpd
316745.60.47.218 8101 tcp http open Incapsula CDN httpd
316845.60.47.218 8161 tcp http open Incapsula CDN httpd
316945.60.47.218 8180 tcp http open Incapsula CDN httpd
317045.60.47.218 8222 tcp http open Incapsula CDN httpd
317145.60.47.218 8333 tcp http open Incapsula CDN httpd
317245.60.47.218 8443 tcp ssl/http open Incapsula CDN httpd
317345.60.47.218 8444 tcp http open Incapsula CDN httpd
317445.60.47.218 8445 tcp http open Incapsula CDN httpd
317545.60.47.218 8503 tcp ssl/http open Incapsula CDN httpd
317645.60.47.218 8686 tcp http open Incapsula CDN httpd
317745.60.47.218 8701 tcp ssl/http open Incapsula CDN httpd
317845.60.47.218 8787 tcp http open Incapsula CDN httpd
317945.60.47.218 8800 tcp http open Incapsula CDN httpd
318045.60.47.218 8812 tcp http open Incapsula CDN httpd
318145.60.47.218 8834 tcp http open Incapsula CDN httpd
318245.60.47.218 8880 tcp http open Incapsula CDN httpd
318345.60.47.218 8888 tcp http open Incapsula CDN httpd
318445.60.47.218 8889 tcp http open Incapsula CDN httpd
318545.60.47.218 8890 tcp http open Incapsula CDN httpd
318645.60.47.218 8899 tcp http open Incapsula CDN httpd
318745.60.47.218 8901 tcp http open Incapsula CDN httpd
318845.60.47.218 8902 tcp http open Incapsula CDN httpd
318945.60.47.218 8999 tcp http open Incapsula CDN httpd
319045.60.47.218 9000 tcp http open Incapsula CDN httpd
319145.60.47.218 9001 tcp http open Incapsula CDN httpd
319245.60.47.218 9002 tcp http open Incapsula CDN httpd
319345.60.47.218 9003 tcp http open Incapsula CDN httpd
319445.60.47.218 9004 tcp http open Incapsula CDN httpd
319545.60.47.218 9005 tcp http open Incapsula CDN httpd
319645.60.47.218 9010 tcp http open Incapsula CDN httpd
319745.60.47.218 9050 tcp http open Incapsula CDN httpd
319845.60.47.218 9080 tcp http open Incapsula CDN httpd
319945.60.47.218 9081 tcp ssl/http open Incapsula CDN httpd
320045.60.47.218 9084 tcp http open Incapsula CDN httpd
320145.60.47.218 9090 tcp http open Incapsula CDN httpd
320245.60.47.218 9099 tcp http open Incapsula CDN httpd
320345.60.47.218 9100 tcp jetdirect open
320445.60.47.218 9111 tcp http open Incapsula CDN httpd
320545.60.47.218 9200 tcp http open Incapsula CDN httpd
320645.60.47.218 9300 tcp http open Incapsula CDN httpd
320745.60.47.218 9500 tcp http open Incapsula CDN httpd
320845.60.47.218 9711 tcp ssl/http open Incapsula CDN httpd
320945.60.47.218 9991 tcp http open Incapsula CDN httpd
321045.60.47.218 9999 tcp http open Incapsula CDN httpd
321145.60.47.218 10000 tcp http open Incapsula CDN httpd
321245.60.47.218 10001 tcp http open Incapsula CDN httpd
321345.60.47.218 10008 tcp http open Incapsula CDN httpd
321445.60.47.218 10443 tcp ssl/http open Incapsula CDN httpd
321545.60.47.218 11001 tcp ssl/http open Incapsula CDN httpd
321645.60.47.218 12174 tcp http open Incapsula CDN httpd
321745.60.47.218 12203 tcp http open Incapsula CDN httpd
321845.60.47.218 12221 tcp http open Incapsula CDN httpd
321945.60.47.218 12345 tcp http open Incapsula CDN httpd
322045.60.47.218 12397 tcp http open Incapsula CDN httpd
322145.60.47.218 12401 tcp http open Incapsula CDN httpd
322245.60.47.218 14330 tcp http open Incapsula CDN httpd
322345.60.47.218 16000 tcp http open Incapsula CDN httpd
322445.60.47.218 20000 tcp http open Incapsula CDN httpd
322545.60.47.218 20010 tcp ssl/http open Incapsula CDN httpd
322645.60.47.218 25000 tcp ssl/http open Incapsula CDN httpd
322745.60.47.218 30000 tcp http open Incapsula CDN httpd
322845.60.47.218 44334 tcp ssl/http open Incapsula CDN httpd
322945.60.47.218 50000 tcp http open Incapsula CDN httpd
323045.60.47.218 50001 tcp ssl/http open Incapsula CDN httpd
323145.60.47.218 50050 tcp ssl/http open Incapsula CDN httpd
323245.88.202.111 22 tcp ssh open OpenSSH 7.9p1 Debian 10+deb10u1 protocol 2.0
323345.88.202.111 53 tcp domain open PowerDNS Authoritative Server 4.2.0-rc3
323445.88.202.111 53 udp domain open PowerDNS Authoritative Server 4.2.0-rc3
323545.88.202.111 67 tcp dhcps closed
323645.88.202.111 67 udp dhcps unknown
323745.88.202.111 68 tcp dhcpc closed
323845.88.202.111 68 udp dhcpc unknown
323945.88.202.111 69 tcp tftp closed
324045.88.202.111 69 udp tftp closed
324145.88.202.111 80 tcp http open nginx
324245.88.202.111 88 tcp kerberos-sec closed
324345.88.202.111 88 udp kerberos-sec unknown
324445.88.202.111 123 tcp ntp closed
324545.88.202.111 123 udp ntp closed
324645.88.202.111 137 tcp netbios-ns closed
324745.88.202.111 137 udp netbios-ns filtered
324845.88.202.111 138 tcp netbios-dgm closed
324945.88.202.111 138 udp netbios-dgm filtered
325045.88.202.111 139 tcp netbios-ssn closed
325145.88.202.111 139 udp netbios-ssn closed
325245.88.202.111 161 tcp snmp closed
325345.88.202.111 161 udp snmp closed
325445.88.202.111 162 tcp snmptrap closed
325545.88.202.111 162 udp snmptrap closed
325645.88.202.111 179 tcp bgp filtered
325745.88.202.111 389 tcp ldap closed
325845.88.202.111 389 udp ldap unknown
325945.88.202.111 443 tcp ssl/http open nginx
326045.88.202.111 520 tcp efs closed
326145.88.202.111 520 udp route unknown
326245.88.202.111 2049 tcp nfs closed
326345.88.202.111 2049 udp nfs closed
326445.88.202.111 10050 tcp tcpwrapped open
326545.239.108.252 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
326645.239.108.252 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
326745.239.108.252 67 tcp dhcps filtered
326845.239.108.252 67 udp dhcps unknown
326945.239.108.252 68 tcp dhcpc filtered
327045.239.108.252 68 udp dhcpc unknown
327145.239.108.252 69 tcp tftp filtered
327245.239.108.252 69 udp tftp unknown
327345.239.108.252 88 tcp kerberos-sec filtered
327445.239.108.252 88 udp kerberos-sec unknown
327545.239.108.252 123 tcp ntp filtered
327645.239.108.252 123 udp ntp unknown
327745.239.108.252 137 tcp netbios-ns filtered
327845.239.108.252 137 udp netbios-ns unknown
327945.239.108.252 138 tcp netbios-dgm filtered
328045.239.108.252 138 udp netbios-dgm unknown
328145.239.108.252 139 tcp netbios-ssn filtered
328245.239.108.252 139 udp netbios-ssn unknown
328345.239.108.252 161 tcp snmp filtered
328445.239.108.252 161 udp snmp unknown
328545.239.108.252 162 tcp snmptrap filtered
328645.239.108.252 162 udp snmptrap unknown
328745.239.108.252 389 tcp ldap filtered
328845.239.108.252 389 udp ldap unknown
328945.239.108.252 520 tcp efs filtered
329045.239.108.252 520 udp route unknown
329145.239.108.252 2049 tcp nfs filtered
329245.239.108.252 2049 udp nfs unknown
329352.1.2.24 53 tcp domain filtered
329452.1.2.24 53 udp domain unknown
329552.1.2.24 67 tcp dhcps filtered
329652.1.2.24 67 udp dhcps unknown
329752.1.2.24 68 tcp dhcpc filtered
329852.1.2.24 68 udp dhcpc unknown
329952.1.2.24 69 tcp tftp filtered
330052.1.2.24 69 udp tftp unknown
330152.1.2.24 80 tcp http open Apache httpd 2.4.29 (Ubuntu)
330252.1.2.24 88 tcp kerberos-sec filtered
330352.1.2.24 88 udp kerberos-sec unknown
330452.1.2.24 123 tcp ntp filtered
330552.1.2.24 123 udp ntp unknown
330652.1.2.24 137 tcp netbios-ns filtered
330752.1.2.24 137 udp netbios-ns unknown
330852.1.2.24 138 tcp netbios-dgm filtered
330952.1.2.24 138 udp netbios-dgm unknown
331052.1.2.24 139 tcp netbios-ssn filtered
331152.1.2.24 139 udp netbios-ssn unknown
331252.1.2.24 161 tcp snmp filtered
331352.1.2.24 161 udp snmp unknown
331452.1.2.24 162 tcp snmptrap filtered
331552.1.2.24 162 udp snmptrap unknown
331652.1.2.24 389 tcp ldap filtered
331752.1.2.24 389 udp ldap unknown
331852.1.2.24 443 tcp ssl/http open Apache httpd 2.4.29 (Ubuntu)
331952.1.2.24 520 tcp efs filtered
332052.1.2.24 520 udp route unknown
332152.1.2.24 2049 tcp nfs filtered
332252.1.2.24 2049 udp nfs unknown
332352.1.174.10 53 tcp domain filtered
332452.1.174.10 53 udp domain unknown
332552.1.174.10 67 tcp dhcps filtered
332652.1.174.10 67 udp dhcps unknown
332752.1.174.10 68 tcp dhcpc filtered
332852.1.174.10 68 udp dhcpc unknown
332952.1.174.10 69 tcp tftp filtered
333052.1.174.10 69 udp tftp unknown
333152.1.174.10 80 tcp http open nginx
333252.1.174.10 88 tcp kerberos-sec filtered
333352.1.174.10 88 udp kerberos-sec unknown
333452.1.174.10 123 tcp ntp filtered
333552.1.174.10 123 udp ntp unknown
333652.1.174.10 137 tcp netbios-ns filtered
333752.1.174.10 137 udp netbios-ns unknown
333852.1.174.10 138 tcp netbios-dgm filtered
333952.1.174.10 138 udp netbios-dgm unknown
334052.1.174.10 139 tcp netbios-ssn filtered
334152.1.174.10 139 udp netbios-ssn unknown
334252.1.174.10 161 tcp snmp filtered
334352.1.174.10 161 udp snmp unknown
334452.1.174.10 162 tcp snmptrap filtered
334552.1.174.10 162 udp snmptrap unknown
334652.1.174.10 389 tcp ldap filtered
334752.1.174.10 389 udp ldap unknown
334852.1.174.10 443 tcp ssl/http open nginx
334952.1.174.10 520 tcp efs filtered
335052.1.174.10 520 udp route unknown
335152.1.174.10 2049 tcp nfs filtered
335252.1.174.10 2049 udp nfs unknown
335352.30.54.73 53 tcp domain closed
335452.30.54.73 53 udp domain unknown
335552.30.54.73 67 tcp dhcps closed
335652.30.54.73 67 udp dhcps unknown
335752.30.54.73 68 tcp dhcpc closed
335852.30.54.73 68 udp dhcpc unknown
335952.30.54.73 69 tcp tftp closed
336052.30.54.73 69 udp tftp unknown
336152.30.54.73 80 tcp http open nginx
336252.30.54.73 88 tcp kerberos-sec closed
336352.30.54.73 88 udp kerberos-sec unknown
336452.30.54.73 123 tcp ntp closed
336552.30.54.73 123 udp ntp unknown
336652.30.54.73 137 tcp netbios-ns closed
336752.30.54.73 137 udp netbios-ns unknown
336852.30.54.73 138 tcp netbios-dgm closed
336952.30.54.73 138 udp netbios-dgm unknown
337052.30.54.73 139 tcp netbios-ssn closed
337152.30.54.73 139 udp netbios-ssn unknown
337252.30.54.73 161 tcp snmp closed
337352.30.54.73 161 udp snmp unknown
337452.30.54.73 162 tcp snmptrap closed
337552.30.54.73 162 udp snmptrap unknown
337652.30.54.73 389 tcp ldap closed
337752.30.54.73 389 udp ldap unknown
337852.30.54.73 443 tcp ssl/http open nginx
337952.30.54.73 520 tcp efs closed
338052.30.54.73 520 udp route unknown
338152.30.54.73 2049 tcp nfs closed
338252.30.54.73 2049 udp nfs unknown
338352.52.234.222 53 tcp domain filtered
338452.52.234.222 53 udp domain unknown
338552.52.234.222 67 tcp dhcps filtered
338652.52.234.222 67 udp dhcps unknown
338752.52.234.222 68 tcp dhcpc filtered
338852.52.234.222 68 udp dhcpc unknown
338952.52.234.222 69 tcp tftp filtered
339052.52.234.222 69 udp tftp unknown
339152.52.234.222 88 tcp kerberos-sec filtered
339252.52.234.222 88 udp kerberos-sec unknown
339352.52.234.222 123 tcp ntp filtered
339452.52.234.222 123 udp ntp unknown
339552.52.234.222 137 tcp netbios-ns filtered
339652.52.234.222 137 udp netbios-ns unknown
339752.52.234.222 138 tcp netbios-dgm filtered
339852.52.234.222 138 udp netbios-dgm unknown
339952.52.234.222 139 tcp netbios-ssn filtered
340052.52.234.222 139 udp netbios-ssn unknown
340152.52.234.222 161 tcp snmp filtered
340252.52.234.222 161 udp snmp unknown
340352.52.234.222 162 tcp snmptrap filtered
340452.52.234.222 162 udp snmptrap unknown
340552.52.234.222 389 tcp ldap filtered
340652.52.234.222 389 udp ldap unknown
340752.52.234.222 520 tcp efs filtered
340852.52.234.222 520 udp route unknown
340952.52.234.222 2049 tcp nfs filtered
341052.52.234.222 2049 udp nfs unknown
341154.72.57.25 53 tcp domain closed
341254.72.57.25 53 udp domain unknown
341354.72.57.25 67 tcp dhcps closed
341454.72.57.25 67 udp dhcps unknown
341554.72.57.25 68 tcp dhcpc closed
341654.72.57.25 68 udp dhcpc unknown
341754.72.57.25 69 tcp tftp closed
341854.72.57.25 69 udp tftp unknown
341954.72.57.25 80 tcp http open nginx
342054.72.57.25 88 tcp kerberos-sec closed
342154.72.57.25 88 udp kerberos-sec unknown
342254.72.57.25 123 tcp ntp closed
342354.72.57.25 123 udp ntp unknown
342454.72.57.25 137 tcp netbios-ns closed
342554.72.57.25 137 udp netbios-ns unknown
342654.72.57.25 138 tcp netbios-dgm closed
342754.72.57.25 138 udp netbios-dgm unknown
342854.72.57.25 139 tcp netbios-ssn closed
342954.72.57.25 139 udp netbios-ssn unknown
343054.72.57.25 161 tcp snmp closed
343154.72.57.25 161 udp snmp unknown
343254.72.57.25 162 tcp snmptrap closed
343354.72.57.25 162 udp snmptrap unknown
343454.72.57.25 389 tcp ldap closed
343554.72.57.25 389 udp ldap unknown
343654.72.57.25 443 tcp ssl/http open nginx
343754.72.57.25 520 tcp efs closed
343854.72.57.25 520 udp route unknown
343954.72.57.25 2049 tcp nfs closed
344054.72.57.25 2049 udp nfs unknown
344154.85.59.109 53 tcp domain filtered
344254.85.59.109 53 udp domain unknown
344354.85.59.109 67 tcp dhcps filtered
344454.85.59.109 67 udp dhcps unknown
344554.85.59.109 68 tcp dhcpc filtered
344654.85.59.109 68 udp dhcpc unknown
344754.85.59.109 69 tcp tftp filtered
344854.85.59.109 69 udp tftp unknown
344954.85.59.109 80 tcp http open nginx
345054.85.59.109 88 tcp kerberos-sec filtered
345154.85.59.109 88 udp kerberos-sec unknown
345254.85.59.109 123 tcp ntp filtered
345354.85.59.109 123 udp ntp unknown
345454.85.59.109 137 tcp netbios-ns filtered
345554.85.59.109 137 udp netbios-ns unknown
345654.85.59.109 138 tcp netbios-dgm filtered
345754.85.59.109 138 udp netbios-dgm unknown
345854.85.59.109 139 tcp netbios-ssn filtered
345954.85.59.109 139 udp netbios-ssn unknown
346054.85.59.109 161 tcp snmp filtered
346154.85.59.109 161 udp snmp unknown
346254.85.59.109 162 tcp snmptrap filtered
346354.85.59.109 162 udp snmptrap unknown
346454.85.59.109 389 tcp ldap filtered
346554.85.59.109 389 udp ldap unknown
346654.85.59.109 443 tcp ssl/http open nginx
346754.85.59.109 520 tcp efs filtered
346854.85.59.109 520 udp route unknown
346954.85.59.109 2049 tcp nfs filtered
347054.85.59.109 2049 udp nfs unknown
347154.194.134.190 53 tcp domain closed
347254.194.134.190 53 udp domain unknown
347354.194.134.190 67 tcp dhcps closed
347454.194.134.190 67 udp dhcps unknown
347554.194.134.190 68 tcp dhcpc closed
347654.194.134.190 68 udp dhcpc unknown
347754.194.134.190 69 tcp tftp closed
347854.194.134.190 69 udp tftp unknown
347954.194.134.190 80 tcp http open nginx
348054.194.134.190 88 tcp kerberos-sec closed
348154.194.134.190 88 udp kerberos-sec unknown
348254.194.134.190 123 tcp ntp closed
348354.194.134.190 123 udp ntp unknown
348454.194.134.190 137 tcp netbios-ns closed
348554.194.134.190 137 udp netbios-ns unknown
348654.194.134.190 138 tcp netbios-dgm closed
348754.194.134.190 138 udp netbios-dgm unknown
348854.194.134.190 139 tcp netbios-ssn closed
348954.194.134.190 139 udp netbios-ssn unknown
349054.194.134.190 161 tcp snmp closed
349154.194.134.190 161 udp snmp unknown
349254.194.134.190 162 tcp snmptrap closed
349354.194.134.190 162 udp snmptrap unknown
349454.194.134.190 389 tcp ldap closed
349554.194.134.190 389 udp ldap unknown
349654.194.134.190 443 tcp ssl/http open nginx
349754.194.134.190 520 tcp efs closed
349854.194.134.190 520 udp route unknown
349954.194.134.190 2049 tcp nfs closed
350054.194.134.190 2049 udp nfs unknown
350164.69.94.253 53 tcp domain filtered
350264.69.94.253 53 udp domain unknown
350364.69.94.253 67 tcp dhcps filtered
350464.69.94.253 67 udp dhcps unknown
350564.69.94.253 68 tcp dhcpc filtered
350664.69.94.253 68 udp dhcpc unknown
350764.69.94.253 69 tcp tftp filtered
350864.69.94.253 69 udp tftp unknown
350964.69.94.253 88 tcp kerberos-sec filtered
351064.69.94.253 88 udp kerberos-sec unknown
351164.69.94.253 123 tcp ntp filtered
351264.69.94.253 123 udp ntp unknown
351364.69.94.253 137 tcp netbios-ns filtered
351464.69.94.253 137 udp netbios-ns unknown
351564.69.94.253 138 tcp netbios-dgm filtered
351664.69.94.253 138 udp netbios-dgm unknown
351764.69.94.253 139 tcp netbios-ssn filtered
351864.69.94.253 139 udp netbios-ssn unknown
351964.69.94.253 161 tcp snmp filtered
352064.69.94.253 161 udp snmp unknown
352164.69.94.253 162 tcp snmptrap filtered
352264.69.94.253 162 udp snmptrap unknown
352364.69.94.253 389 tcp ldap filtered
352464.69.94.253 389 udp ldap unknown
352564.69.94.253 520 tcp efs filtered
352664.69.94.253 520 udp route unknown
352764.69.94.253 2049 tcp nfs filtered
352864.69.94.253 2049 udp nfs unknown
352969.163.233.4 21 tcp ftp open 220 DreamHost FTP Server\x0d\x0a
353069.163.233.4 22 tcp ssh open SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
353169.163.233.4 25 tcp open
353269.163.233.4 53 tcp domain closed
353369.163.233.4 53 udp domain unknown
353469.163.233.4 67 tcp dhcps closed
353569.163.233.4 67 udp dhcps closed
353669.163.233.4 68 tcp dhcpc closed
353769.163.233.4 68 udp dhcpc unknown
353869.163.233.4 69 tcp tftp closed
353969.163.233.4 69 udp tftp closed
354069.163.233.4 88 tcp kerberos-sec closed
354169.163.233.4 88 udp kerberos-sec unknown
354269.163.233.4 123 tcp ntp closed
354369.163.233.4 123 udp ntp unknown
354469.163.233.4 137 tcp netbios-ns closed
354569.163.233.4 137 udp netbios-ns closed
354669.163.233.4 138 tcp netbios-dgm closed
354769.163.233.4 138 udp netbios-dgm closed
354869.163.233.4 139 tcp netbios-ssn closed
354969.163.233.4 139 udp netbios-ssn unknown
355069.163.233.4 161 tcp snmp closed
355169.163.233.4 161 udp snmp closed
355269.163.233.4 162 tcp snmptrap closed
355369.163.233.4 162 udp snmptrap closed
355469.163.233.4 389 tcp ldap closed
355569.163.233.4 389 udp ldap unknown
355669.163.233.4 520 tcp efs closed
355769.163.233.4 520 udp route closed
355869.163.233.4 2049 tcp nfs closed
355969.163.233.4 2049 udp nfs unknown
356074.117.180.192 21 tcp ftp filtered 220 Hello.\x0d\x0a
356174.117.180.192 22 tcp ssh filtered
356274.117.180.192 25 tcp smtp filtered
356374.117.180.192 53 tcp domain closed
356474.117.180.192 53 udp domain unknown
356574.117.180.192 67 tcp dhcps closed
356674.117.180.192 67 udp dhcps unknown
356774.117.180.192 68 tcp dhcpc closed
356874.117.180.192 68 udp dhcpc closed
356974.117.180.192 69 tcp tftp closed
357074.117.180.192 69 udp tftp closed
357174.117.180.192 80 tcp http filtered
357274.117.180.192 88 tcp kerberos-sec closed
357374.117.180.192 88 udp kerberos-sec closed
357474.117.180.192 110 tcp pop3 filtered
357574.117.180.192 111 tcp rpcbind filtered
357674.117.180.192 123 tcp ntp closed
357774.117.180.192 123 udp ntp unknown
357874.117.180.192 137 tcp netbios-ns closed
357974.117.180.192 137 udp netbios-ns closed
358074.117.180.192 138 tcp netbios-dgm closed
358174.117.180.192 138 udp netbios-dgm unknown
358274.117.180.192 139 tcp netbios-ssn closed
358374.117.180.192 139 udp netbios-ssn unknown
358474.117.180.192 143 tcp imap filtered
358574.117.180.192 161 tcp snmp closed
358674.117.180.192 161 udp snmp closed
358774.117.180.192 162 tcp snmptrap closed
358874.117.180.192 162 udp snmptrap unknown
358974.117.180.192 323 tcp rpki-rtr filtered
359074.117.180.192 389 tcp ldap closed
359174.117.180.192 389 udp ldap closed
359274.117.180.192 443 tcp https filtered
359374.117.180.192 465 tcp ssl/smtp open Exim smtpd 4.92.3
359474.117.180.192 520 tcp efs closed
359574.117.180.192 520 udp route unknown
359674.117.180.192 587 tcp submission filtered
359774.117.180.192 873 tcp rsync filtered
359874.117.180.192 993 tcp imaps filtered
359974.117.180.192 995 tcp pop3s filtered
360074.117.180.192 2049 tcp nfs closed
360174.117.180.192 2049 udp nfs closed
360274.117.180.192 2525 tcp smtp open Exim smtpd
360374.117.180.192 3306 tcp mysql filtered
360474.117.180.192 4949 tcp tcpwrapped open
360574.117.180.192 5666 tcp tcpwrapped open
360674.117.180.192 6380 tcp filtered
360774.117.180.192 9306 tcp sphinx-search open Sphinx Search daemon 2.1.5-id64-release
360874.117.180.192 11211 tcp memcache filtered
360982.94.222.131 53 udp domain unknown
361082.94.222.131 67 udp dhcps unknown
361182.94.222.131 68 udp dhcpc unknown
361282.94.222.131 69 udp tftp unknown
361382.94.222.131 88 udp kerberos-sec unknown
361482.94.222.131 123 udp ntp unknown
361582.94.222.131 137 udp netbios-ns unknown
361682.94.222.131 138 udp netbios-dgm unknown
361782.94.222.131 139 udp netbios-ssn unknown
361882.94.222.131 161 udp snmp unknown
361982.94.222.131 162 udp snmptrap unknown
362082.94.222.131 389 udp ldap unknown
362182.94.222.131 520 udp route unknown
362282.94.222.131 2049 udp nfs unknown
362392.123.250.35 53 tcp domain closed
362492.123.250.35 53 udp domain closed
362592.123.250.35 67 tcp dhcps filtered
362692.123.250.35 67 udp dhcps unknown
362792.123.250.35 68 tcp dhcpc filtered
362892.123.250.35 68 udp dhcpc unknown
362992.123.250.35 69 tcp tftp filtered
363092.123.250.35 69 udp tftp unknown
363192.123.250.35 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
363292.123.250.35 88 tcp kerberos-sec filtered
363392.123.250.35 88 udp kerberos-sec unknown
363492.123.250.35 123 tcp ntp filtered
363592.123.250.35 123 udp ntp unknown
363692.123.250.35 137 tcp netbios-ns filtered
363792.123.250.35 137 udp netbios-ns unknown
363892.123.250.35 138 tcp netbios-dgm filtered
363992.123.250.35 138 udp netbios-dgm unknown
364092.123.250.35 139 tcp netbios-ssn filtered
364192.123.250.35 139 udp netbios-ssn unknown
364292.123.250.35 161 tcp snmp filtered
364392.123.250.35 161 udp snmp unknown
364492.123.250.35 162 tcp snmptrap filtered
364592.123.250.35 162 udp snmptrap unknown
364692.123.250.35 389 tcp ldap filtered
364792.123.250.35 389 udp ldap unknown
364892.123.250.35 443 tcp ssl/https open
364992.123.250.35 520 tcp efs filtered
365092.123.250.35 520 udp route unknown
365192.123.250.35 2049 tcp nfs filtered
365292.123.250.35 2049 udp nfs unknown
365392.123.250.35 8883 tcp secure-mqtt open
365492.123.250.65 53 tcp domain filtered
365592.123.250.65 53 udp domain unknown
365692.123.250.65 67 tcp dhcps filtered
365792.123.250.65 67 udp dhcps unknown
365892.123.250.65 68 tcp dhcpc filtered
365992.123.250.65 68 udp dhcpc unknown
366092.123.250.65 69 tcp tftp filtered
366192.123.250.65 69 udp tftp unknown
366292.123.250.65 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
366392.123.250.65 88 tcp kerberos-sec filtered
366492.123.250.65 88 udp kerberos-sec unknown
366592.123.250.65 123 tcp ntp filtered
366692.123.250.65 123 udp ntp unknown
366792.123.250.65 137 tcp netbios-ns filtered
366892.123.250.65 137 udp netbios-ns unknown
366992.123.250.65 138 tcp netbios-dgm filtered
367092.123.250.65 138 udp netbios-dgm unknown
367192.123.250.65 139 tcp netbios-ssn filtered
367292.123.250.65 139 udp netbios-ssn unknown
367392.123.250.65 161 tcp snmp filtered
367492.123.250.65 161 udp snmp unknown
367592.123.250.65 162 tcp snmptrap filtered
367692.123.250.65 162 udp snmptrap unknown
367792.123.250.65 389 tcp ldap filtered
367892.123.250.65 389 udp ldap unknown
367992.123.250.65 443 tcp ssl/https open
368092.123.250.65 520 tcp efs filtered
368192.123.250.65 520 udp route unknown
368292.123.250.65 2049 tcp nfs filtered
368392.123.250.65 2049 udp nfs unknown
368492.123.250.65 8883 tcp secure-mqtt open
368594.102.51.111 22 tcp ssh open
368694.102.51.111 25 tcp smtp open Exim smtpd 4.89
368794.102.51.111 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
368894.102.51.111 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
368994.102.51.111 67 tcp dhcps filtered
369094.102.51.111 67 udp dhcps unknown
369194.102.51.111 68 tcp dhcpc filtered
369294.102.51.111 68 udp dhcpc unknown
369394.102.51.111 69 tcp tftp filtered
369494.102.51.111 69 udp tftp unknown
369594.102.51.111 80 tcp http open nginx
369694.102.51.111 88 tcp kerberos-sec filtered
369794.102.51.111 88 udp kerberos-sec unknown
369894.102.51.111 110 tcp pop3 open Dovecot pop3d
369994.102.51.111 123 tcp ntp filtered
370094.102.51.111 123 udp ntp unknown
370194.102.51.111 137 tcp netbios-ns filtered
370294.102.51.111 137 udp netbios-ns unknown
370394.102.51.111 138 tcp netbios-dgm filtered
370494.102.51.111 138 udp netbios-dgm unknown
370594.102.51.111 139 tcp netbios-ssn filtered
370694.102.51.111 139 udp netbios-ssn unknown
370794.102.51.111 143 tcp imap open Dovecot imapd
370894.102.51.111 161 tcp snmp filtered
370994.102.51.111 161 udp snmp unknown
371094.102.51.111 162 tcp snmptrap filtered
371194.102.51.111 162 udp snmptrap unknown
371294.102.51.111 389 tcp ldap filtered
371394.102.51.111 389 udp ldap unknown
371494.102.51.111 465 tcp ssl/smtp open Exim smtpd 4.89
371594.102.51.111 520 tcp efs filtered
371694.102.51.111 520 udp route unknown
371794.102.51.111 993 tcp ssl/imaps open
371894.102.51.111 995 tcp ssl/pop3s open
371994.102.51.111 2049 tcp nfs filtered
372094.102.51.111 2049 udp nfs unknown
372194.102.51.112 22 tcp ssh open
372294.102.51.112 25 tcp smtp open Exim smtpd 4.89
372394.102.51.112 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
372494.102.51.112 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
372594.102.51.112 67 tcp dhcps filtered
372694.102.51.112 67 udp dhcps unknown
372794.102.51.112 68 tcp dhcpc filtered
372894.102.51.112 68 udp dhcpc unknown
372994.102.51.112 69 tcp tftp filtered
373094.102.51.112 69 udp tftp unknown
373194.102.51.112 80 tcp http open nginx
373294.102.51.112 88 tcp kerberos-sec filtered
373394.102.51.112 88 udp kerberos-sec unknown
373494.102.51.112 110 tcp pop3 open Dovecot pop3d
373594.102.51.112 123 tcp ntp filtered
373694.102.51.112 123 udp ntp unknown
373794.102.51.112 137 tcp netbios-ns filtered
373894.102.51.112 137 udp netbios-ns unknown
373994.102.51.112 138 tcp netbios-dgm filtered
374094.102.51.112 138 udp netbios-dgm unknown
374194.102.51.112 139 tcp netbios-ssn filtered
374294.102.51.112 139 udp netbios-ssn unknown
374394.102.51.112 143 tcp imap open Dovecot imapd
374494.102.51.112 161 tcp snmp filtered
374594.102.51.112 161 udp snmp unknown
374694.102.51.112 162 tcp snmptrap filtered
374794.102.51.112 162 udp snmptrap unknown
374894.102.51.112 389 tcp ldap filtered
374994.102.51.112 389 udp ldap unknown
375094.102.51.112 465 tcp ssl/smtp open Exim smtpd 4.89
375194.102.51.112 520 tcp efs filtered
375294.102.51.112 520 udp route unknown
375394.102.51.112 993 tcp ssl/imaps open
375494.102.51.112 995 tcp ssl/pop3s open
375594.102.51.112 2049 tcp nfs filtered
375694.102.51.112 2049 udp nfs unknown
3757104.244.73.40 53 udp domain unknown
3758104.244.73.40 67 udp dhcps unknown
3759104.244.73.40 68 udp dhcpc unknown
3760104.244.73.40 69 udp tftp unknown
3761104.244.73.40 88 udp kerberos-sec unknown
3762104.244.73.40 123 udp ntp unknown
3763104.244.73.40 137 udp netbios-ns unknown
3764104.244.73.40 138 udp netbios-dgm unknown
3765104.244.73.40 139 udp netbios-ssn unknown
3766104.244.73.40 161 udp snmp unknown
3767104.244.73.40 162 udp snmptrap unknown
3768104.244.73.40 389 udp ldap unknown
3769104.244.73.40 520 udp route unknown
3770104.244.73.40 2049 udp nfs unknown
3771104.244.76.231 53 tcp domain filtered
3772104.244.76.231 53 udp domain unknown
3773104.244.76.231 67 tcp dhcps filtered
3774104.244.76.231 67 udp dhcps unknown
3775104.244.76.231 68 tcp dhcpc filtered
3776104.244.76.231 68 udp dhcpc unknown
3777104.244.76.231 69 tcp tftp filtered
3778104.244.76.231 69 udp tftp unknown
3779104.244.76.231 80 tcp http open nginx
3780104.244.76.231 88 tcp kerberos-sec filtered
3781104.244.76.231 88 udp kerberos-sec unknown
3782104.244.76.231 123 tcp ntp filtered
3783104.244.76.231 123 udp ntp unknown
3784104.244.76.231 137 tcp netbios-ns filtered
3785104.244.76.231 137 udp netbios-ns unknown
3786104.244.76.231 138 tcp netbios-dgm filtered
3787104.244.76.231 138 udp netbios-dgm unknown
3788104.244.76.231 139 tcp netbios-ssn filtered
3789104.244.76.231 139 udp netbios-ssn unknown
3790104.244.76.231 161 tcp snmp filtered
3791104.244.76.231 161 udp snmp unknown
3792104.244.76.231 162 tcp snmptrap filtered
3793104.244.76.231 162 udp snmptrap unknown
3794104.244.76.231 389 tcp ldap filtered
3795104.244.76.231 389 udp ldap unknown
3796104.244.76.231 443 tcp ssl/http open nginx
3797104.244.76.231 520 tcp efs filtered
3798104.244.76.231 520 udp route unknown
3799104.244.76.231 2049 tcp nfs filtered
3800104.244.76.231 2049 udp nfs unknown
3801104.244.76.231 5040 tcp unknown closed
3802104.244.76.231 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3803104.244.76.231 16221 tcp closed
3804104.244.76.231 23022 tcp closed
3805104.244.76.231 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3806104.244.77.188 53 tcp domain filtered
3807104.244.77.188 53 udp domain unknown
3808104.244.77.188 67 tcp dhcps filtered
3809104.244.77.188 67 udp dhcps unknown
3810104.244.77.188 68 tcp dhcpc filtered
3811104.244.77.188 68 udp dhcpc unknown
3812104.244.77.188 69 tcp tftp filtered
3813104.244.77.188 69 udp tftp unknown
3814104.244.77.188 80 tcp http open nginx
3815104.244.77.188 88 tcp kerberos-sec filtered
3816104.244.77.188 88 udp kerberos-sec unknown
3817104.244.77.188 123 tcp ntp filtered
3818104.244.77.188 123 udp ntp unknown
3819104.244.77.188 137 tcp netbios-ns filtered
3820104.244.77.188 137 udp netbios-ns unknown
3821104.244.77.188 138 tcp netbios-dgm filtered
3822104.244.77.188 138 udp netbios-dgm unknown
3823104.244.77.188 139 tcp netbios-ssn filtered
3824104.244.77.188 139 udp netbios-ssn unknown
3825104.244.77.188 161 tcp snmp filtered
3826104.244.77.188 161 udp snmp unknown
3827104.244.77.188 162 tcp snmptrap filtered
3828104.244.77.188 162 udp snmptrap unknown
3829104.244.77.188 389 tcp ldap filtered
3830104.244.77.188 389 udp ldap unknown
3831104.244.77.188 443 tcp ssl/http open nginx
3832104.244.77.188 520 tcp efs filtered
3833104.244.77.188 520 udp route unknown
3834104.244.77.188 2049 tcp nfs filtered
3835104.244.77.188 2049 udp nfs unknown
3836104.244.77.188 5040 tcp unknown closed
3837104.244.77.188 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3838104.244.77.188 16221 tcp closed
3839104.244.77.188 23022 tcp closed
3840104.244.77.188 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3841104.244.79.89 53 tcp domain filtered
3842104.244.79.89 53 udp domain unknown
3843104.244.79.89 67 tcp dhcps filtered
3844104.244.79.89 67 udp dhcps unknown
3845104.244.79.89 68 tcp dhcpc filtered
3846104.244.79.89 68 udp dhcpc unknown
3847104.244.79.89 69 tcp tftp filtered
3848104.244.79.89 69 udp tftp unknown
3849104.244.79.89 80 tcp http open nginx
3850104.244.79.89 88 tcp kerberos-sec filtered
3851104.244.79.89 88 udp kerberos-sec unknown
3852104.244.79.89 123 tcp ntp filtered
3853104.244.79.89 123 udp ntp unknown
3854104.244.79.89 137 tcp netbios-ns filtered
3855104.244.79.89 137 udp netbios-ns unknown
3856104.244.79.89 138 tcp netbios-dgm filtered
3857104.244.79.89 138 udp netbios-dgm unknown
3858104.244.79.89 139 tcp netbios-ssn filtered
3859104.244.79.89 139 udp netbios-ssn unknown
3860104.244.79.89 161 tcp snmp filtered
3861104.244.79.89 161 udp snmp unknown
3862104.244.79.89 162 tcp snmptrap filtered
3863104.244.79.89 162 udp snmptrap unknown
3864104.244.79.89 389 tcp ldap filtered
3865104.244.79.89 389 udp ldap unknown
3866104.244.79.89 443 tcp ssl/http open nginx
3867104.244.79.89 520 tcp efs filtered
3868104.244.79.89 520 udp route unknown
3869104.244.79.89 2049 tcp nfs filtered
3870104.244.79.89 2049 udp nfs unknown
3871104.244.79.89 7910 tcp ssl/http open nginx
3872104.244.79.89 7920 tcp unknown closed
3873104.244.79.89 7930 tcp closed
3874104.244.79.89 16001 tcp http open MiniServ 1.930 Webmin httpd
3875104.244.79.89 16010 tcp ssl/http open nginx
3876104.244.79.89 16221 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3877104.244.79.89 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3878107.180.28.114 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 3 of 500 allowed.\x0d\x0a220-Local time is now 05:54. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3879107.180.28.114 22 tcp ssh open SSH-2.0-OpenSSH_5.3
3880107.180.28.114 53 tcp domain filtered
3881107.180.28.114 53 udp domain unknown
3882107.180.28.114 67 tcp dhcps filtered
3883107.180.28.114 67 udp dhcps unknown
3884107.180.28.114 68 tcp dhcpc filtered
3885107.180.28.114 68 udp dhcpc unknown
3886107.180.28.114 69 tcp tftp filtered
3887107.180.28.114 69 udp tftp unknown
3888107.180.28.114 88 tcp kerberos-sec filtered
3889107.180.28.114 88 udp kerberos-sec unknown
3890107.180.28.114 123 tcp ntp filtered
3891107.180.28.114 123 udp ntp unknown
3892107.180.28.114 137 tcp netbios-ns filtered
3893107.180.28.114 137 udp netbios-ns unknown
3894107.180.28.114 138 tcp netbios-dgm filtered
3895107.180.28.114 138 udp netbios-dgm unknown
3896107.180.28.114 139 tcp netbios-ssn filtered
3897107.180.28.114 139 udp netbios-ssn unknown
3898107.180.28.114 161 tcp snmp filtered
3899107.180.28.114 161 udp snmp unknown
3900107.180.28.114 162 tcp snmptrap filtered
3901107.180.28.114 162 udp snmptrap unknown
3902107.180.28.114 389 tcp ldap filtered
3903107.180.28.114 389 udp ldap unknown
3904107.180.28.114 520 tcp efs filtered
3905107.180.28.114 520 udp route unknown
3906107.180.28.114 2049 tcp nfs filtered
3907107.180.28.114 2049 udp nfs unknown
3908111.90.145.39 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 15:04. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3909111.90.145.39 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3910111.90.145.39 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3911111.90.145.39 67 tcp dhcps closed
3912111.90.145.39 67 udp dhcps closed
3913111.90.145.39 68 tcp dhcpc closed
3914111.90.145.39 68 udp dhcpc unknown
3915111.90.145.39 69 tcp tftp closed
3916111.90.145.39 69 udp tftp unknown
3917111.90.145.39 88 tcp kerberos-sec closed
3918111.90.145.39 88 udp kerberos-sec unknown
3919111.90.145.39 123 tcp ntp closed
3920111.90.145.39 123 udp ntp closed
3921111.90.145.39 137 tcp netbios-ns closed
3922111.90.145.39 137 udp netbios-ns unknown
3923111.90.145.39 138 tcp netbios-dgm closed
3924111.90.145.39 138 udp netbios-dgm unknown
3925111.90.145.39 139 tcp netbios-ssn filtered
3926111.90.145.39 139 udp netbios-ssn closed
3927111.90.145.39 161 tcp snmp closed
3928111.90.145.39 161 udp snmp unknown
3929111.90.145.39 162 tcp snmptrap closed
3930111.90.145.39 162 udp snmptrap closed
3931111.90.145.39 389 tcp ldap closed
3932111.90.145.39 389 udp ldap unknown
3933111.90.145.39 520 tcp efs closed
3934111.90.145.39 520 udp route closed
3935111.90.145.39 2049 tcp nfs closed
3936111.90.145.39 2049 udp nfs closed
3937143.95.110.248 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 150 allowed.\x0d\x0a220-Local time is now 05:55. Server port: 21.\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
3938143.95.110.248 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3939143.95.110.248 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3940143.95.110.248 67 tcp dhcps closed
3941143.95.110.248 67 udp dhcps unknown
3942143.95.110.248 68 tcp dhcpc closed
3943143.95.110.248 68 udp dhcpc unknown
3944143.95.110.248 69 tcp tftp closed
3945143.95.110.248 69 udp tftp unknown
3946143.95.110.248 88 tcp kerberos-sec closed
3947143.95.110.248 88 udp kerberos-sec unknown
3948143.95.110.248 123 tcp ntp closed
3949143.95.110.248 123 udp ntp unknown
3950143.95.110.248 137 tcp netbios-ns closed
3951143.95.110.248 137 udp netbios-ns unknown
3952143.95.110.248 138 tcp netbios-dgm closed
3953143.95.110.248 138 udp netbios-dgm closed
3954143.95.110.248 139 tcp netbios-ssn closed
3955143.95.110.248 139 udp netbios-ssn unknown
3956143.95.110.248 161 tcp snmp closed
3957143.95.110.248 161 udp snmp closed
3958143.95.110.248 162 tcp snmptrap closed
3959143.95.110.248 162 udp snmptrap unknown
3960143.95.110.248 389 tcp ldap closed
3961143.95.110.248 389 udp ldap closed
3962143.95.110.248 520 tcp efs closed
3963143.95.110.248 520 udp route unknown
3964143.95.110.248 2049 tcp nfs closed
3965143.95.110.248 2049 udp nfs unknown
3966149.126.72.220 25 tcp smtp closed
3967149.126.72.220 51 tcp tcpwrapped open
3968149.126.72.220 53 tcp domain open
3969149.126.72.220 53 udp domain open
3970149.126.72.220 65 tcp tcpwrapped open
3971149.126.72.220 66 tcp tcpwrapped open
3972149.126.72.220 67 tcp dhcps filtered
3973149.126.72.220 67 udp dhcps unknown
3974149.126.72.220 68 tcp dhcpc filtered
3975149.126.72.220 68 udp dhcpc unknown
3976149.126.72.220 69 tcp tftp filtered
3977149.126.72.220 69 udp tftp unknown
3978149.126.72.220 80 tcp tcpwrapped open
3979149.126.72.220 81 tcp tcpwrapped open
3980149.126.72.220 82 tcp tcpwrapped open
3981149.126.72.220 83 tcp tcpwrapped open
3982149.126.72.220 84 tcp tcpwrapped open
3983149.126.72.220 85 tcp tcpwrapped open
3984149.126.72.220 86 tcp tcpwrapped open
3985149.126.72.220 88 tcp http open Incapsula CDN httpd
3986149.126.72.220 88 udp kerberos-sec unknown
3987149.126.72.220 89 tcp tcpwrapped open
3988149.126.72.220 90 tcp tcpwrapped open
3989149.126.72.220 91 tcp tcpwrapped open
3990149.126.72.220 92 tcp tcpwrapped open
3991149.126.72.220 98 tcp tcpwrapped open
3992149.126.72.220 99 tcp tcpwrapped open
3993149.126.72.220 123 tcp ntp filtered
3994149.126.72.220 123 udp ntp unknown
3995149.126.72.220 137 tcp netbios-ns filtered
3996149.126.72.220 137 udp netbios-ns filtered
3997149.126.72.220 138 tcp netbios-dgm filtered
3998149.126.72.220 138 udp netbios-dgm filtered
3999149.126.72.220 139 tcp netbios-ssn closed
4000149.126.72.220 139 udp netbios-ssn unknown
4001149.126.72.220 160 tcp sgmp-traps closed
4002149.126.72.220 161 tcp snmp filtered
4003149.126.72.220 161 udp snmp unknown
4004149.126.72.220 162 tcp snmptrap filtered
4005149.126.72.220 162 udp snmptrap unknown
4006149.126.72.220 189 tcp tcpwrapped open
4007149.126.72.220 190 tcp tcpwrapped open
4008149.126.72.220 192 tcp tcpwrapped open
4009149.126.72.220 243 tcp tcpwrapped open
4010149.126.72.220 285 tcp tcpwrapped open
4011149.126.72.220 314 tcp tcpwrapped open
4012149.126.72.220 343 tcp tcpwrapped open
4013149.126.72.220 347 tcp tcpwrapped open
4014149.126.72.220 385 tcp tcpwrapped open
4015149.126.72.220 389 tcp ssl/http open Incapsula CDN httpd
4016149.126.72.220 389 udp ldap unknown
4017149.126.72.220 400 tcp tcpwrapped open
4018149.126.72.220 440 tcp tcpwrapped open
4019149.126.72.220 441 tcp tcpwrapped open
4020149.126.72.220 442 tcp tcpwrapped open
4021149.126.72.220 443 tcp ssl/tcpwrapped open
4022149.126.72.220 444 tcp tcpwrapped open
4023149.126.72.220 445 tcp microsoft-ds closed
4024149.126.72.220 446 tcp tcpwrapped open
4025149.126.72.220 447 tcp tcpwrapped open
4026149.126.72.220 448 tcp tcpwrapped open
4027149.126.72.220 449 tcp tcpwrapped open
4028149.126.72.220 452 tcp tcpwrapped open
4029149.126.72.220 461 tcp tcpwrapped open
4030149.126.72.220 462 tcp tcpwrapped open
4031149.126.72.220 480 tcp tcpwrapped open
4032149.126.72.220 485 tcp tcpwrapped open
4033149.126.72.220 487 tcp tcpwrapped open
4034149.126.72.220 488 tcp tcpwrapped open
4035149.126.72.220 491 tcp tcpwrapped open
4036149.126.72.220 520 tcp efs filtered
4037149.126.72.220 520 udp route unknown
4038149.126.72.220 555 tcp tcpwrapped open
4039149.126.72.220 556 tcp tcpwrapped open
4040149.126.72.220 587 tcp tcpwrapped open
4041149.126.72.220 631 tcp tcpwrapped open
4042149.126.72.220 632 tcp tcpwrapped open
4043149.126.72.220 636 tcp tcpwrapped open
4044149.126.72.220 743 tcp tcpwrapped open
4045149.126.72.220 772 tcp tcpwrapped open
4046149.126.72.220 777 tcp tcpwrapped open
4047149.126.72.220 782 tcp tcpwrapped open
4048149.126.72.220 785 tcp tcpwrapped open
4049149.126.72.220 800 tcp tcpwrapped open
4050149.126.72.220 801 tcp tcpwrapped open
4051149.126.72.220 805 tcp tcpwrapped open
4052149.126.72.220 806 tcp tcpwrapped open
4053149.126.72.220 809 tcp tcpwrapped open
4054149.126.72.220 843 tcp tcpwrapped open
4055149.126.72.220 853 tcp tcpwrapped open
4056149.126.72.220 885 tcp tcpwrapped open
4057149.126.72.220 886 tcp tcpwrapped open
4058149.126.72.220 887 tcp tcpwrapped open
4059149.126.72.220 888 tcp tcpwrapped open
4060149.126.72.220 943 tcp tcpwrapped open
4061149.126.72.220 947 tcp tcpwrapped open
4062149.126.72.220 953 tcp tcpwrapped open
4063149.126.72.220 990 tcp tcpwrapped open
4064149.126.72.220 995 tcp tcpwrapped open
4065149.126.72.220 998 tcp tcpwrapped open
4066149.126.72.220 999 tcp tcpwrapped open
4067149.126.72.220 1000 tcp tcpwrapped open
4068149.126.72.220 1002 tcp tcpwrapped open
4069149.126.72.220 1024 tcp tcpwrapped open
4070149.126.72.220 1025 tcp tcpwrapped open
4071149.126.72.220 1028 tcp tcpwrapped open
4072149.126.72.220 1080 tcp tcpwrapped open
4073149.126.72.220 1103 tcp tcpwrapped open
4074149.126.72.220 1111 tcp tcpwrapped open
4075149.126.72.220 1180 tcp tcpwrapped open
4076149.126.72.220 1181 tcp tcpwrapped open
4077149.126.72.220 1207 tcp tcpwrapped open
4078149.126.72.220 1234 tcp tcpwrapped open
4079149.126.72.220 1250 tcp tcpwrapped open
4080149.126.72.220 1283 tcp tcpwrapped open
4081149.126.72.220 1291 tcp tcpwrapped open
4082149.126.72.220 1292 tcp tcpwrapped open
4083149.126.72.220 1293 tcp tcpwrapped open
4084149.126.72.220 1337 tcp tcpwrapped open
4085149.126.72.220 1344 tcp tcpwrapped open
4086149.126.72.220 1355 tcp tcpwrapped open
4087149.126.72.220 1364 tcp tcpwrapped open
4088149.126.72.220 1366 tcp tcpwrapped open
4089149.126.72.220 1377 tcp tcpwrapped open
4090149.126.72.220 1387 tcp tcpwrapped open
4091149.126.72.220 1388 tcp tcpwrapped open
4092149.126.72.220 1433 tcp tcpwrapped open
4093149.126.72.220 1443 tcp tcpwrapped open
4094149.126.72.220 1447 tcp tcpwrapped open
4095149.126.72.220 1450 tcp tcpwrapped open
4096149.126.72.220 1451 tcp tcpwrapped open
4097149.126.72.220 1452 tcp tcpwrapped open
4098149.126.72.220 1453 tcp tcpwrapped open
4099149.126.72.220 1454 tcp tcpwrapped open
4100149.126.72.220 1455 tcp tcpwrapped open
4101149.126.72.220 1456 tcp tcpwrapped open
4102149.126.72.220 1457 tcp tcpwrapped open
4103149.126.72.220 1458 tcp tcpwrapped open
4104149.126.72.220 1459 tcp tcpwrapped open
4105149.126.72.220 1460 tcp tcpwrapped open
4106149.126.72.220 1494 tcp tcpwrapped open
4107149.126.72.220 1935 tcp tcpwrapped open
4108149.126.72.220 1950 tcp tcpwrapped open
4109149.126.72.220 1951 tcp tcpwrapped open
4110149.126.72.220 1952 tcp tcpwrapped open
4111149.126.72.220 1953 tcp tcpwrapped open
4112149.126.72.220 1954 tcp tcpwrapped open
4113149.126.72.220 1955 tcp tcpwrapped open
4114149.126.72.220 1956 tcp tcpwrapped open
4115149.126.72.220 1957 tcp tcpwrapped open
4116149.126.72.220 1958 tcp tcpwrapped open
4117149.126.72.220 1959 tcp tcpwrapped open
4118149.126.72.220 1960 tcp tcpwrapped open
4119149.126.72.220 1964 tcp tcpwrapped open
4120149.126.72.220 1965 tcp tcpwrapped open
4121149.126.72.220 1966 tcp tcpwrapped open
4122149.126.72.220 1967 tcp tcpwrapped open
4123149.126.72.220 1968 tcp tcpwrapped open
4124149.126.72.220 1969 tcp tcpwrapped open
4125149.126.72.220 1970 tcp tcpwrapped open
4126149.126.72.220 1971 tcp tcpwrapped open
4127149.126.72.220 1972 tcp tcpwrapped open
4128149.126.72.220 1973 tcp tcpwrapped open
4129149.126.72.220 1974 tcp tcpwrapped open
4130149.126.72.220 1975 tcp tcpwrapped open
4131149.126.72.220 1976 tcp tcpwrapped open
4132149.126.72.220 1977 tcp tcpwrapped open
4133149.126.72.220 1978 tcp tcpwrapped open
4134149.126.72.220 1979 tcp tcpwrapped open
4135149.126.72.220 1980 tcp tcpwrapped open
4136149.126.72.220 1981 tcp tcpwrapped open
4137149.126.72.220 1982 tcp tcpwrapped open
4138149.126.72.220 1983 tcp tcpwrapped open
4139149.126.72.220 1984 tcp tcpwrapped open
4140149.126.72.220 1985 tcp tcpwrapped open
4141149.126.72.220 1986 tcp tcpwrapped open
4142149.126.72.220 1987 tcp tcpwrapped open
4143149.126.72.220 1988 tcp tcpwrapped open
4144149.126.72.220 1989 tcp tcpwrapped open
4145149.126.72.220 2000 tcp tcpwrapped open
4146149.126.72.220 2001 tcp tcpwrapped open
4147149.126.72.220 2006 tcp tcpwrapped open
4148149.126.72.220 2012 tcp tcpwrapped open
4149149.126.72.220 2020 tcp tcpwrapped open
4150149.126.72.220 2048 tcp tcpwrapped open
4151149.126.72.220 2049 tcp http open Incapsula CDN httpd
4152149.126.72.220 2049 udp nfs unknown
4153149.126.72.220 2050 tcp tcpwrapped open
4154149.126.72.220 2051 tcp tcpwrapped open
4155149.126.72.220 2052 tcp tcpwrapped open
4156149.126.72.220 2053 tcp tcpwrapped open
4157149.126.72.220 2054 tcp tcpwrapped open
4158149.126.72.220 2055 tcp tcpwrapped open
4159149.126.72.220 2056 tcp tcpwrapped open
4160149.126.72.220 2057 tcp tcpwrapped open
4161149.126.72.220 2058 tcp tcpwrapped open
4162149.126.72.220 2059 tcp tcpwrapped open
4163149.126.72.220 2060 tcp tcpwrapped open
4164149.126.72.220 2061 tcp tcpwrapped open
4165149.126.72.220 2062 tcp tcpwrapped open
4166149.126.72.220 2063 tcp tcpwrapped open
4167149.126.72.220 2064 tcp tcpwrapped open
4168149.126.72.220 2065 tcp tcpwrapped open
4169149.126.72.220 2066 tcp tcpwrapped open
4170149.126.72.220 2067 tcp tcpwrapped open
4171149.126.72.220 2068 tcp tcpwrapped open
4172149.126.72.220 2069 tcp tcpwrapped open
4173149.126.72.220 2070 tcp tcpwrapped open
4174149.126.72.220 2072 tcp tcpwrapped open
4175149.126.72.220 2082 tcp tcpwrapped open
4176149.126.72.220 2083 tcp tcpwrapped open
4177149.126.72.220 2087 tcp tcpwrapped open
4178149.126.72.220 2096 tcp tcpwrapped open
4179149.126.72.220 2100 tcp tcpwrapped open
4180149.126.72.220 2108 tcp tcpwrapped open
4181149.126.72.220 2200 tcp tcpwrapped open
4182149.126.72.220 2209 tcp tcpwrapped open
4183149.126.72.220 2222 tcp tcpwrapped open
4184149.126.72.220 2226 tcp tcpwrapped open
4185149.126.72.220 2248 tcp tcpwrapped open
4186149.126.72.220 2344 tcp tcpwrapped open
4187149.126.72.220 2345 tcp tcpwrapped open
4188149.126.72.220 2353 tcp tcpwrapped open
4189149.126.72.220 2363 tcp tcpwrapped open
4190149.126.72.220 2423 tcp tcpwrapped open
4191149.126.72.220 2433 tcp tcpwrapped open
4192149.126.72.220 2435 tcp tcpwrapped open
4193149.126.72.220 2443 tcp tcpwrapped open
4194149.126.72.220 2453 tcp tcpwrapped open
4195149.126.72.220 2480 tcp tcpwrapped open
4196149.126.72.220 2548 tcp tcpwrapped open
4197149.126.72.220 2549 tcp tcpwrapped open
4198149.126.72.220 2550 tcp tcpwrapped open
4199149.126.72.220 2551 tcp tcpwrapped open
4200149.126.72.220 2552 tcp tcpwrapped open
4201149.126.72.220 2553 tcp tcpwrapped open
4202149.126.72.220 2554 tcp tcpwrapped open
4203149.126.72.220 2555 tcp tcpwrapped open
4204149.126.72.220 2556 tcp tcpwrapped open
4205149.126.72.220 2557 tcp tcpwrapped open
4206149.126.72.220 2558 tcp tcpwrapped open
4207149.126.72.220 2559 tcp tcpwrapped open
4208149.126.72.220 2560 tcp tcpwrapped open
4209149.126.72.220 2561 tcp tcpwrapped open
4210149.126.72.220 2562 tcp tcpwrapped open
4211149.126.72.220 2563 tcp tcpwrapped open
4212149.126.72.220 2566 tcp tcpwrapped open
4213149.126.72.220 2567 tcp tcpwrapped open
4214149.126.72.220 2568 tcp tcpwrapped open
4215149.126.72.220 2569 tcp tcpwrapped open
4216149.126.72.220 2570 tcp tcpwrapped open
4217149.126.72.220 2572 tcp tcpwrapped open
4218149.126.72.220 2598 tcp tcpwrapped open
4219149.126.72.220 2599 tcp tcpwrapped open
4220149.126.72.220 2850 tcp tcpwrapped open
4221149.126.72.220 2985 tcp tcpwrapped open
4222149.126.72.220 2995 tcp tcpwrapped open
4223149.126.72.220 3000 tcp tcpwrapped open
4224149.126.72.220 3001 tcp tcpwrapped open
4225149.126.72.220 3002 tcp tcpwrapped open
4226149.126.72.220 3003 tcp tcpwrapped open
4227149.126.72.220 3004 tcp tcpwrapped open
4228149.126.72.220 3005 tcp tcpwrapped open
4229149.126.72.220 3006 tcp tcpwrapped open
4230149.126.72.220 3007 tcp tcpwrapped open
4231149.126.72.220 3008 tcp tcpwrapped open
4232149.126.72.220 3009 tcp tcpwrapped open
4233149.126.72.220 3010 tcp tcpwrapped open
4234149.126.72.220 3011 tcp tcpwrapped open
4235149.126.72.220 3012 tcp tcpwrapped open
4236149.126.72.220 3013 tcp tcpwrapped open
4237149.126.72.220 3014 tcp tcpwrapped open
4238149.126.72.220 3015 tcp tcpwrapped open
4239149.126.72.220 3016 tcp tcpwrapped open
4240149.126.72.220 3017 tcp tcpwrapped open
4241149.126.72.220 3018 tcp tcpwrapped open
4242149.126.72.220 3019 tcp tcpwrapped open
4243149.126.72.220 3020 tcp tcpwrapped open
4244149.126.72.220 3021 tcp tcpwrapped open
4245149.126.72.220 3022 tcp tcpwrapped open
4246149.126.72.220 3030 tcp tcpwrapped open
4247149.126.72.220 3047 tcp tcpwrapped open
4248149.126.72.220 3048 tcp tcpwrapped open
4249149.126.72.220 3049 tcp tcpwrapped open
4250149.126.72.220 3050 tcp tcpwrapped open
4251149.126.72.220 3051 tcp tcpwrapped open
4252149.126.72.220 3052 tcp tcpwrapped open
4253149.126.72.220 3053 tcp tcpwrapped open
4254149.126.72.220 3054 tcp tcpwrapped open
4255149.126.72.220 3055 tcp tcpwrapped open
4256149.126.72.220 3056 tcp tcpwrapped open
4257149.126.72.220 3057 tcp tcpwrapped open
4258149.126.72.220 3058 tcp tcpwrapped open
4259149.126.72.220 3059 tcp tcpwrapped open
4260149.126.72.220 3060 tcp tcpwrapped open
4261149.126.72.220 3061 tcp tcpwrapped open
4262149.126.72.220 3062 tcp tcpwrapped open
4263149.126.72.220 3063 tcp tcpwrapped open
4264149.126.72.220 3064 tcp tcpwrapped open
4265149.126.72.220 3065 tcp tcpwrapped open
4266149.126.72.220 3066 tcp tcpwrapped open
4267149.126.72.220 3067 tcp tcpwrapped open
4268149.126.72.220 3068 tcp tcpwrapped open
4269149.126.72.220 3069 tcp tcpwrapped open
4270149.126.72.220 3070 tcp tcpwrapped open
4271149.126.72.220 3071 tcp tcpwrapped open
4272149.126.72.220 3072 tcp tcpwrapped open
4273149.126.72.220 3073 tcp tcpwrapped open
4274149.126.72.220 3074 tcp tcpwrapped open
4275149.126.72.220 3075 tcp tcpwrapped open
4276149.126.72.220 3076 tcp tcpwrapped open
4277149.126.72.220 3077 tcp tcpwrapped open
4278149.126.72.220 3078 tcp tcpwrapped open
4279149.126.72.220 3079 tcp tcpwrapped open
4280149.126.72.220 3080 tcp tcpwrapped open
4281149.126.72.220 3081 tcp tcpwrapped open
4282149.126.72.220 3082 tcp tcpwrapped open
4283149.126.72.220 3083 tcp tcpwrapped open
4284149.126.72.220 3084 tcp tcpwrapped open
4285149.126.72.220 3085 tcp tcpwrapped open
4286149.126.72.220 3086 tcp tcpwrapped open
4287149.126.72.220 3087 tcp tcpwrapped open
4288149.126.72.220 3088 tcp tcpwrapped open
4289149.126.72.220 3089 tcp tcpwrapped open
4290149.126.72.220 3090 tcp tcpwrapped open
4291149.126.72.220 3091 tcp tcpwrapped open
4292149.126.72.220 3092 tcp tcpwrapped open
4293149.126.72.220 3093 tcp tcpwrapped open
4294149.126.72.220 3094 tcp tcpwrapped open
4295149.126.72.220 3095 tcp tcpwrapped open
4296149.126.72.220 3096 tcp tcpwrapped open
4297149.126.72.220 3097 tcp tcpwrapped open
4298149.126.72.220 3098 tcp tcpwrapped open
4299149.126.72.220 3099 tcp tcpwrapped open
4300149.126.72.220 3100 tcp tcpwrapped open
4301149.126.72.220 3101 tcp tcpwrapped open
4302149.126.72.220 3102 tcp tcpwrapped open
4303149.126.72.220 3103 tcp tcpwrapped open
4304149.126.72.220 3104 tcp tcpwrapped open
4305149.126.72.220 3105 tcp tcpwrapped open
4306149.126.72.220 3106 tcp tcpwrapped open
4307149.126.72.220 3107 tcp tcpwrapped open
4308149.126.72.220 3108 tcp tcpwrapped open
4309149.126.72.220 3109 tcp tcpwrapped open
4310149.126.72.220 3110 tcp tcpwrapped open
4311149.126.72.220 3111 tcp tcpwrapped open
4312149.126.72.220 3112 tcp tcpwrapped open
4313149.126.72.220 3113 tcp tcpwrapped open
4314149.126.72.220 3114 tcp tcpwrapped open
4315149.126.72.220 3115 tcp tcpwrapped open
4316149.126.72.220 3116 tcp tcpwrapped open
4317149.126.72.220 3117 tcp tcpwrapped open
4318149.126.72.220 3118 tcp tcpwrapped open
4319149.126.72.220 3119 tcp tcpwrapped open
4320149.126.72.220 3120 tcp tcpwrapped open
4321149.126.72.220 3121 tcp tcpwrapped open
4322149.126.72.220 3150 tcp tcpwrapped open
4323149.126.72.220 3155 tcp tcpwrapped open
4324149.126.72.220 3160 tcp tcpwrapped open
4325149.126.72.220 3165 tcp tcpwrapped open
4326149.126.72.220 3270 tcp tcpwrapped open
4327149.126.72.220 3299 tcp tcpwrapped open
4328149.126.72.220 3306 tcp tcpwrapped open
4329149.126.72.220 3333 tcp tcpwrapped open
4330149.126.72.220 3389 tcp tcpwrapped open
4331149.126.72.220 3391 tcp tcpwrapped open
4332149.126.72.220 3400 tcp tcpwrapped open
4333149.126.72.220 3401 tcp tcpwrapped open
4334149.126.72.220 3402 tcp tcpwrapped open
4335149.126.72.220 3403 tcp tcpwrapped open
4336149.126.72.220 3404 tcp tcpwrapped open
4337149.126.72.220 3405 tcp tcpwrapped open
4338149.126.72.220 3406 tcp tcpwrapped open
4339149.126.72.220 3407 tcp tcpwrapped open
4340149.126.72.220 3408 tcp tcpwrapped open
4341149.126.72.220 3409 tcp tcpwrapped open
4342149.126.72.220 3410 tcp tcpwrapped open
4343149.126.72.220 3412 tcp tcpwrapped open
4344149.126.72.220 3443 tcp tcpwrapped open
4345149.126.72.220 3500 tcp tcpwrapped open
4346149.126.72.220 3510 tcp tcpwrapped open
4347149.126.72.220 3521 tcp tcpwrapped open
4348149.126.72.220 3522 tcp tcpwrapped open
4349149.126.72.220 3523 tcp tcpwrapped open
4350149.126.72.220 3524 tcp tcpwrapped open
4351149.126.72.220 3530 tcp tcpwrapped open
4352149.126.72.220 3531 tcp tcpwrapped open
4353149.126.72.220 3540 tcp tcpwrapped open
4354149.126.72.220 3548 tcp tcpwrapped open
4355149.126.72.220 3549 tcp tcpwrapped open
4356149.126.72.220 3550 tcp tcpwrapped open
4357149.126.72.220 3551 tcp tcpwrapped open
4358149.126.72.220 3552 tcp tcpwrapped open
4359149.126.72.220 3553 tcp tcpwrapped open
4360149.126.72.220 3554 tcp tcpwrapped open
4361149.126.72.220 3555 tcp tcpwrapped open
4362149.126.72.220 3556 tcp tcpwrapped open
4363149.126.72.220 3557 tcp tcpwrapped open
4364149.126.72.220 3558 tcp tcpwrapped open
4365149.126.72.220 3559 tcp tcpwrapped open
4366149.126.72.220 3560 tcp tcpwrapped open
4367149.126.72.220 3561 tcp tcpwrapped open
4368149.126.72.220 3562 tcp tcpwrapped open
4369149.126.72.220 3563 tcp tcpwrapped open
4370149.126.72.220 3566 tcp tcpwrapped open
4371149.126.72.220 3567 tcp tcpwrapped open
4372149.126.72.220 3568 tcp tcpwrapped open
4373149.126.72.220 3569 tcp tcpwrapped open
4374149.126.72.220 3570 tcp tcpwrapped open
4375149.126.72.220 3572 tcp tcpwrapped open
4376149.126.72.220 3580 tcp tcpwrapped open
4377149.126.72.220 3590 tcp tcpwrapped open
4378149.126.72.220 3790 tcp tcpwrapped open
4379149.126.72.220 3791 tcp tcpwrapped open
4380149.126.72.220 3792 tcp tcpwrapped open
4381149.126.72.220 3793 tcp tcpwrapped open
4382149.126.72.220 3794 tcp tcpwrapped open
4383149.126.72.220 3838 tcp tcpwrapped open
4384149.126.72.220 3841 tcp tcpwrapped open
4385149.126.72.220 3842 tcp tcpwrapped open
4386149.126.72.220 3950 tcp tcpwrapped open
4387149.126.72.220 3951 tcp tcpwrapped open
4388149.126.72.220 3952 tcp tcpwrapped open
4389149.126.72.220 3953 tcp tcpwrapped open
4390149.126.72.220 3954 tcp adrep open
4391149.126.72.220 4000 tcp tcpwrapped open
4392149.126.72.220 4001 tcp newoak open
4393149.126.72.220 4002 tcp mlchat-proxy open
4394149.126.72.220 4021 tcp nexus-portal open
4395149.126.72.220 4022 tcp dnox open
4396149.126.72.220 4023 tcp esnm-zoning open
4397149.126.72.220 4043 tcp nirp open
4398149.126.72.220 4072 tcp zieto-sock open
4399149.126.72.220 4080 tcp lorica-in open
4400149.126.72.220 4085 tcp ezmessagesrv open
4401149.126.72.220 4120 tcp minirem open
4402149.126.72.220 4147 tcp vrxpservman open
4403149.126.72.220 4148 tcp hhb-handheld open
4404149.126.72.220 4150 tcp poweralert-nsa open
4405149.126.72.220 4155 tcp bzr open
4406149.126.72.220 4160 tcp jini-discovery open
4407149.126.72.220 4165 tcp altcp open
4408149.126.72.220 4172 tcp pcoip open
4409149.126.72.220 4243 tcp vrml-multi-use open
4410149.126.72.220 4244 tcp vrml-multi-use open
4411149.126.72.220 4250 tcp vrml-multi-use open
4412149.126.72.220 4300 tcp corelccam open
4413149.126.72.220 4333 tcp msql open
4414149.126.72.220 4343 tcp unicall open
4415149.126.72.220 4344 tcp vinainstall open
4416149.126.72.220 4400 tcp ds-srv open
4417149.126.72.220 4401 tcp tcpwrapped open
4418149.126.72.220 4402 tcp tcpwrapped open
4419149.126.72.220 4430 tcp tcpwrapped open
4420149.126.72.220 4431 tcp tcpwrapped open
4421149.126.72.220 4432 tcp tcpwrapped open
4422149.126.72.220 4434 tcp tcpwrapped open
4423149.126.72.220 4435 tcp tcpwrapped open
4424149.126.72.220 4436 tcp tcpwrapped open
4425149.126.72.220 4437 tcp tcpwrapped open
4426149.126.72.220 4439 tcp tcpwrapped open
4427149.126.72.220 4440 tcp tcpwrapped open
4428149.126.72.220 4443 tcp tcpwrapped open
4429149.126.72.220 4444 tcp tcpwrapped open
4430149.126.72.220 4445 tcp tcpwrapped open
4431149.126.72.220 4451 tcp tcpwrapped open
4432149.126.72.220 4455 tcp tcpwrapped open
4433149.126.72.220 4457 tcp tcpwrapped open
4434149.126.72.220 4459 tcp tcpwrapped open
4435149.126.72.220 4461 tcp tcpwrapped open
4436149.126.72.220 4463 tcp tcpwrapped open
4437149.126.72.220 4477 tcp tcpwrapped open
4438149.126.72.220 4482 tcp tcpwrapped open
4439149.126.72.220 4500 tcp tcpwrapped open
4440149.126.72.220 4502 tcp tcpwrapped open
4441149.126.72.220 4505 tcp tcpwrapped open
4442149.126.72.220 4572 tcp tcpwrapped open
4443149.126.72.220 4602 tcp tcpwrapped open
4444149.126.72.220 4620 tcp tcpwrapped open
4445149.126.72.220 4643 tcp tcpwrapped open
4446149.126.72.220 4848 tcp tcpwrapped open
4447149.126.72.220 4933 tcp tcpwrapped open
4448149.126.72.220 4993 tcp tcpwrapped open
4449149.126.72.220 5000 tcp tcpwrapped open
4450149.126.72.220 5001 tcp tcpwrapped open
4451149.126.72.220 5002 tcp tcpwrapped open
4452149.126.72.220 5003 tcp tcpwrapped open
4453149.126.72.220 5004 tcp tcpwrapped open
4454149.126.72.220 5005 tcp tcpwrapped open
4455149.126.72.220 5006 tcp tcpwrapped open
4456149.126.72.220 5007 tcp tcpwrapped open
4457149.126.72.220 5008 tcp tcpwrapped open
4458149.126.72.220 5009 tcp tcpwrapped open
4459149.126.72.220 5010 tcp tcpwrapped open
4460149.126.72.220 5011 tcp tcpwrapped open
4461149.126.72.220 5022 tcp tcpwrapped open
4462149.126.72.220 5050 tcp tcpwrapped open
4463149.126.72.220 5053 tcp tcpwrapped open
4464149.126.72.220 5060 tcp tcpwrapped open
4465149.126.72.220 5061 tcp tcpwrapped open
4466149.126.72.220 5080 tcp tcpwrapped open
4467149.126.72.220 5083 tcp tcpwrapped open
4468149.126.72.220 5089 tcp tcpwrapped open
4469149.126.72.220 5090 tcp tcpwrapped open
4470149.126.72.220 5100 tcp tcpwrapped open
4471149.126.72.220 5105 tcp tcpwrapped open
4472149.126.72.220 5119 tcp tcpwrapped open
4473149.126.72.220 5120 tcp tcpwrapped open
4474149.126.72.220 5130 tcp tcpwrapped open
4475149.126.72.220 5140 tcp tcpwrapped open
4476149.126.72.220 5150 tcp tcpwrapped open
4477149.126.72.220 5160 tcp tcpwrapped open
4478149.126.72.220 5180 tcp tcpwrapped open
4479149.126.72.220 5201 tcp tcpwrapped open
4480149.126.72.220 5222 tcp tcpwrapped open
4481149.126.72.220 5223 tcp tcpwrapped open
4482149.126.72.220 5224 tcp tcpwrapped open
4483149.126.72.220 5225 tcp tcpwrapped open
4484149.126.72.220 5226 tcp tcpwrapped open
4485149.126.72.220 5227 tcp tcpwrapped open
4486149.126.72.220 5228 tcp tcpwrapped open
4487149.126.72.220 5229 tcp tcpwrapped open
4488149.126.72.220 5230 tcp tcpwrapped open
4489149.126.72.220 5231 tcp tcpwrapped open
4490149.126.72.220 5232 tcp tcpwrapped open
4491149.126.72.220 5233 tcp tcpwrapped open
4492149.126.72.220 5234 tcp tcpwrapped open
4493149.126.72.220 5235 tcp tcpwrapped open
4494149.126.72.220 5236 tcp tcpwrapped open
4495149.126.72.220 5237 tcp tcpwrapped open
4496149.126.72.220 5238 tcp tcpwrapped open
4497149.126.72.220 5239 tcp tcpwrapped open
4498149.126.72.220 5240 tcp tcpwrapped open
4499149.126.72.220 5241 tcp tcpwrapped open
4500149.126.72.220 5242 tcp tcpwrapped open
4501149.126.72.220 5243 tcp tcpwrapped open
4502149.126.72.220 5244 tcp tcpwrapped open
4503149.126.72.220 5245 tcp tcpwrapped open
4504149.126.72.220 5246 tcp tcpwrapped open
4505149.126.72.220 5247 tcp tcpwrapped open
4506149.126.72.220 5248 tcp tcpwrapped open
4507149.126.72.220 5249 tcp tcpwrapped open
4508149.126.72.220 5250 tcp tcpwrapped open
4509149.126.72.220 5251 tcp tcpwrapped open
4510149.126.72.220 5252 tcp tcpwrapped open
4511149.126.72.220 5253 tcp tcpwrapped open
4512149.126.72.220 5254 tcp tcpwrapped open
4513149.126.72.220 5255 tcp tcpwrapped open
4514149.126.72.220 5256 tcp tcpwrapped open
4515149.126.72.220 5257 tcp tcpwrapped open
4516149.126.72.220 5258 tcp tcpwrapped open
4517149.126.72.220 5259 tcp tcpwrapped open
4518149.126.72.220 5260 tcp tcpwrapped open
4519149.126.72.220 5261 tcp tcpwrapped open
4520149.126.72.220 5262 tcp tcpwrapped open
4521149.126.72.220 5263 tcp tcpwrapped open
4522149.126.72.220 5264 tcp tcpwrapped open
4523149.126.72.220 5265 tcp tcpwrapped open
4524149.126.72.220 5266 tcp tcpwrapped open
4525149.126.72.220 5267 tcp tcpwrapped open
4526149.126.72.220 5268 tcp tcpwrapped open
4527149.126.72.220 5269 tcp tcpwrapped open
4528149.126.72.220 5270 tcp tcpwrapped open
4529149.126.72.220 5271 tcp tcpwrapped open
4530149.126.72.220 5272 tcp tcpwrapped open
4531149.126.72.220 5273 tcp tcpwrapped open
4532149.126.72.220 5274 tcp tcpwrapped open
4533149.126.72.220 5275 tcp tcpwrapped open
4534149.126.72.220 5276 tcp tcpwrapped open
4535149.126.72.220 5277 tcp tcpwrapped open
4536149.126.72.220 5278 tcp tcpwrapped open
4537149.126.72.220 5279 tcp tcpwrapped open
4538149.126.72.220 5280 tcp tcpwrapped open
4539149.126.72.220 5440 tcp tcpwrapped open
4540149.126.72.220 5443 tcp tcpwrapped open
4541149.126.72.220 5456 tcp tcpwrapped open
4542149.126.72.220 5494 tcp tcpwrapped open
4543149.126.72.220 5495 tcp tcpwrapped open
4544149.126.72.220 5500 tcp tcpwrapped open
4545149.126.72.220 5503 tcp tcpwrapped open
4546149.126.72.220 5552 tcp tcpwrapped open
4547149.126.72.220 5555 tcp tcpwrapped open
4548149.126.72.220 5556 tcp tcpwrapped open
4549149.126.72.220 5557 tcp tcpwrapped open
4550149.126.72.220 5567 tcp tcpwrapped open
4551149.126.72.220 5568 tcp tcpwrapped open
4552149.126.72.220 5569 tcp tcpwrapped open
4553149.126.72.220 5590 tcp tcpwrapped open
4554149.126.72.220 5591 tcp tcpwrapped open
4555149.126.72.220 5592 tcp tcpwrapped open
4556149.126.72.220 5593 tcp tcpwrapped open
4557149.126.72.220 5594 tcp tcpwrapped open
4558149.126.72.220 5595 tcp tcpwrapped open
4559149.126.72.220 5596 tcp tcpwrapped open
4560149.126.72.220 5597 tcp tcpwrapped open
4561149.126.72.220 5598 tcp tcpwrapped open
4562149.126.72.220 5599 tcp tcpwrapped open
4563149.126.72.220 5600 tcp tcpwrapped open
4564149.126.72.220 5601 tcp tcpwrapped open
4565149.126.72.220 5602 tcp tcpwrapped open
4566149.126.72.220 5603 tcp tcpwrapped open
4567149.126.72.220 5604 tcp tcpwrapped open
4568149.126.72.220 5605 tcp tcpwrapped open
4569149.126.72.220 5606 tcp tcpwrapped open
4570149.126.72.220 5607 tcp tcpwrapped open
4571149.126.72.220 5608 tcp tcpwrapped open
4572149.126.72.220 5609 tcp tcpwrapped open
4573149.126.72.220 5613 tcp tcpwrapped open
4574149.126.72.220 5614 tcp tcpwrapped open
4575149.126.72.220 5620 tcp tcpwrapped open
4576149.126.72.220 5630 tcp tcpwrapped open
4577149.126.72.220 5640 tcp tcpwrapped open
4578149.126.72.220 5650 tcp tcpwrapped open
4579149.126.72.220 5660 tcp tcpwrapped open
4580149.126.72.220 5671 tcp tcpwrapped open
4581149.126.72.220 5672 tcp tcpwrapped open
4582149.126.72.220 5673 tcp tcpwrapped open
4583149.126.72.220 5680 tcp tcpwrapped open
4584149.126.72.220 5696 tcp tcpwrapped open
4585149.126.72.220 5698 tcp tcpwrapped open
4586149.126.72.220 5701 tcp tcpwrapped open
4587149.126.72.220 5721 tcp tcpwrapped open
4588149.126.72.220 5900 tcp tcpwrapped open
4589149.126.72.220 5901 tcp tcpwrapped open
4590149.126.72.220 5902 tcp tcpwrapped open
4591149.126.72.220 5903 tcp tcpwrapped open
4592149.126.72.220 5904 tcp tcpwrapped open
4593149.126.72.220 5905 tcp tcpwrapped open
4594149.126.72.220 5906 tcp tcpwrapped open
4595149.126.72.220 5907 tcp tcpwrapped open
4596149.126.72.220 5908 tcp tcpwrapped open
4597149.126.72.220 5909 tcp tcpwrapped open
4598149.126.72.220 5910 tcp tcpwrapped open
4599149.126.72.220 5911 tcp tcpwrapped open
4600149.126.72.220 5912 tcp tcpwrapped open
4601149.126.72.220 5913 tcp tcpwrapped open
4602149.126.72.220 5914 tcp tcpwrapped open
4603149.126.72.220 5915 tcp tcpwrapped open
4604149.126.72.220 5916 tcp tcpwrapped open
4605149.126.72.220 5917 tcp tcpwrapped open
4606149.126.72.220 5918 tcp tcpwrapped open
4607149.126.72.220 5919 tcp tcpwrapped open
4608149.126.72.220 5920 tcp tcpwrapped open
4609149.126.72.220 5984 tcp tcpwrapped open
4610149.126.72.220 5985 tcp tcpwrapped open
4611149.126.72.220 5986 tcp tcpwrapped open
4612149.126.72.220 5987 tcp tcpwrapped open
4613149.126.72.220 5988 tcp tcpwrapped open
4614149.126.72.220 5989 tcp tcpwrapped open
4615149.126.72.220 5990 tcp tcpwrapped open
4616149.126.72.220 5991 tcp tcpwrapped open
4617149.126.72.220 5992 tcp tcpwrapped open
4618149.126.72.220 5993 tcp tcpwrapped open
4619149.126.72.220 5994 tcp tcpwrapped open
4620149.126.72.220 5995 tcp tcpwrapped open
4621149.126.72.220 5996 tcp tcpwrapped open
4622149.126.72.220 5997 tcp tcpwrapped open
4623149.126.72.220 5998 tcp tcpwrapped open
4624149.126.72.220 5999 tcp tcpwrapped open
4625149.126.72.220 6000 tcp tcpwrapped open
4626149.126.72.220 6001 tcp tcpwrapped open
4627149.126.72.220 6002 tcp tcpwrapped open
4628149.126.72.220 6003 tcp tcpwrapped open
4629149.126.72.220 6004 tcp tcpwrapped open
4630149.126.72.220 6005 tcp tcpwrapped open
4631149.126.72.220 6006 tcp tcpwrapped open
4632149.126.72.220 6007 tcp tcpwrapped open
4633149.126.72.220 6008 tcp tcpwrapped open
4634149.126.72.220 6009 tcp tcpwrapped open
4635149.126.72.220 6010 tcp tcpwrapped open
4636149.126.72.220 6011 tcp tcpwrapped open
4637149.126.72.220 6021 tcp tcpwrapped open
4638149.126.72.220 6060 tcp tcpwrapped open
4639149.126.72.220 6061 tcp tcpwrapped open
4640149.126.72.220 6081 tcp tcpwrapped open
4641149.126.72.220 6100 tcp tcpwrapped open
4642149.126.72.220 6102 tcp tcpwrapped open
4643149.126.72.220 6134 tcp tcpwrapped open
4644149.126.72.220 6161 tcp tcpwrapped open
4645149.126.72.220 6331 tcp tcpwrapped open
4646149.126.72.220 6348 tcp tcpwrapped open
4647149.126.72.220 6379 tcp tcpwrapped open
4648149.126.72.220 6380 tcp tcpwrapped open
4649149.126.72.220 6433 tcp tcpwrapped open
4650149.126.72.220 6440 tcp tcpwrapped open
4651149.126.72.220 6443 tcp tcpwrapped open
4652149.126.72.220 6488 tcp tcpwrapped open
4653149.126.72.220 6500 tcp tcpwrapped open
4654149.126.72.220 6505 tcp tcpwrapped open
4655149.126.72.220 6510 tcp tcpwrapped open
4656149.126.72.220 6511 tcp tcpwrapped open
4657149.126.72.220 6512 tcp tcpwrapped open
4658149.126.72.220 6514 tcp tcpwrapped open
4659149.126.72.220 6543 tcp tcpwrapped open
4660149.126.72.220 6544 tcp tcpwrapped open
4661149.126.72.220 6560 tcp tcpwrapped open
4662149.126.72.220 6561 tcp tcpwrapped open
4663149.126.72.220 6565 tcp tcpwrapped open
4664149.126.72.220 6580 tcp tcpwrapped open
4665149.126.72.220 6581 tcp tcpwrapped open
4666149.126.72.220 6590 tcp tcpwrapped open
4667149.126.72.220 6601 tcp tcpwrapped open
4668149.126.72.220 6603 tcp tcpwrapped open
4669149.126.72.220 6605 tcp tcpwrapped open
4670149.126.72.220 6661 tcp tcpwrapped open
4671149.126.72.220 6662 tcp tcpwrapped open
4672149.126.72.220 6666 tcp tcpwrapped open
4673149.126.72.220 6686 tcp tcpwrapped open
4674149.126.72.220 6688 tcp tcpwrapped open
4675149.126.72.220 6700 tcp tcpwrapped open
4676149.126.72.220 6755 tcp tcpwrapped open
4677149.126.72.220 6775 tcp tcpwrapped open
4678149.126.72.220 6779 tcp tcpwrapped open
4679149.126.72.220 6789 tcp tcpwrapped open
4680149.126.72.220 6799 tcp tcpwrapped open
4681149.126.72.220 7000 tcp tcpwrapped open
4682149.126.72.220 7001 tcp tcpwrapped open
4683149.126.72.220 7002 tcp tcpwrapped open
4684149.126.72.220 7003 tcp tcpwrapped open
4685149.126.72.220 7004 tcp tcpwrapped open
4686149.126.72.220 7005 tcp tcpwrapped open
4687149.126.72.220 7007 tcp tcpwrapped open
4688149.126.72.220 7010 tcp tcpwrapped open
4689149.126.72.220 7011 tcp tcpwrapped open
4690149.126.72.220 7021 tcp tcpwrapped open
4691149.126.72.220 7070 tcp tcpwrapped open
4692149.126.72.220 7071 tcp tcpwrapped open
4693149.126.72.220 7079 tcp tcpwrapped open
4694149.126.72.220 7080 tcp tcpwrapped open
4695149.126.72.220 7081 tcp tcpwrapped open
4696149.126.72.220 7082 tcp tcpwrapped open
4697149.126.72.220 7083 tcp tcpwrapped open
4698149.126.72.220 7084 tcp tcpwrapped open
4699149.126.72.220 7085 tcp tcpwrapped open
4700149.126.72.220 7086 tcp tcpwrapped open
4701149.126.72.220 7087 tcp tcpwrapped open
4702149.126.72.220 7088 tcp tcpwrapped open
4703149.126.72.220 7090 tcp tcpwrapped open
4704149.126.72.220 7171 tcp tcpwrapped open
4705149.126.72.220 7172 tcp tcpwrapped open
4706149.126.72.220 7272 tcp tcpwrapped open
4707149.126.72.220 7348 tcp tcpwrapped open
4708149.126.72.220 7403 tcp tcpwrapped open
4709149.126.72.220 7433 tcp tcpwrapped open
4710149.126.72.220 7441 tcp tcpwrapped open
4711149.126.72.220 7443 tcp tcpwrapped open
4712149.126.72.220 7444 tcp tcpwrapped open
4713149.126.72.220 7445 tcp tcpwrapped open
4714149.126.72.220 7473 tcp tcpwrapped open
4715149.126.72.220 7500 tcp tcpwrapped open
4716149.126.72.220 7537 tcp tcpwrapped open
4717149.126.72.220 7687 tcp tcpwrapped open
4718149.126.72.220 7700 tcp tcpwrapped open
4719149.126.72.220 7771 tcp tcpwrapped open
4720149.126.72.220 7773 tcp tcpwrapped open
4721149.126.72.220 7774 tcp tcpwrapped open
4722149.126.72.220 7775 tcp tcpwrapped open
4723149.126.72.220 7776 tcp tcpwrapped open
4724149.126.72.220 7777 tcp tcpwrapped open
4725149.126.72.220 7778 tcp tcpwrapped open
4726149.126.72.220 7779 tcp tcpwrapped open
4727149.126.72.220 7788 tcp tcpwrapped open
4728149.126.72.220 7799 tcp tcpwrapped open
4729149.126.72.220 7998 tcp tcpwrapped open
4730149.126.72.220 7999 tcp tcpwrapped open
4731149.126.72.220 8000 tcp tcpwrapped open
4732149.126.72.220 8001 tcp tcpwrapped open
4733149.126.72.220 8002 tcp tcpwrapped open
4734149.126.72.220 8003 tcp tcpwrapped open
4735149.126.72.220 8004 tcp tcpwrapped open
4736149.126.72.220 8005 tcp tcpwrapped open
4737149.126.72.220 8006 tcp tcpwrapped open
4738149.126.72.220 8007 tcp tcpwrapped open
4739149.126.72.220 8008 tcp tcpwrapped open
4740149.126.72.220 8009 tcp tcpwrapped open
4741149.126.72.220 8010 tcp tcpwrapped open
4742149.126.72.220 8011 tcp tcpwrapped open
4743149.126.72.220 8012 tcp tcpwrapped open
4744149.126.72.220 8013 tcp tcpwrapped open
4745149.126.72.220 8014 tcp tcpwrapped open
4746149.126.72.220 8015 tcp tcpwrapped open
4747149.126.72.220 8016 tcp tcpwrapped open
4748149.126.72.220 8017 tcp tcpwrapped open
4749149.126.72.220 8018 tcp tcpwrapped open
4750149.126.72.220 8019 tcp tcpwrapped open
4751149.126.72.220 8020 tcp tcpwrapped open
4752149.126.72.220 8021 tcp tcpwrapped open
4753149.126.72.220 8022 tcp tcpwrapped open
4754149.126.72.220 8023 tcp tcpwrapped open
4755149.126.72.220 8024 tcp tcpwrapped open
4756149.126.72.220 8025 tcp tcpwrapped open
4757149.126.72.220 8026 tcp tcpwrapped open
4758149.126.72.220 8027 tcp tcpwrapped open
4759149.126.72.220 8028 tcp tcpwrapped open
4760149.126.72.220 8029 tcp tcpwrapped open
4761149.126.72.220 8030 tcp tcpwrapped open
4762149.126.72.220 8031 tcp tcpwrapped open
4763149.126.72.220 8032 tcp tcpwrapped open
4764149.126.72.220 8033 tcp tcpwrapped open
4765149.126.72.220 8034 tcp tcpwrapped open
4766149.126.72.220 8035 tcp tcpwrapped open
4767149.126.72.220 8036 tcp tcpwrapped open
4768149.126.72.220 8037 tcp tcpwrapped open
4769149.126.72.220 8038 tcp tcpwrapped open
4770149.126.72.220 8039 tcp tcpwrapped open
4771149.126.72.220 8040 tcp tcpwrapped open
4772149.126.72.220 8041 tcp tcpwrapped open
4773149.126.72.220 8042 tcp tcpwrapped open
4774149.126.72.220 8043 tcp tcpwrapped open
4775149.126.72.220 8044 tcp tcpwrapped open
4776149.126.72.220 8045 tcp tcpwrapped open
4777149.126.72.220 8046 tcp tcpwrapped open
4778149.126.72.220 8047 tcp tcpwrapped open
4779149.126.72.220 8048 tcp tcpwrapped open
4780149.126.72.220 8049 tcp tcpwrapped open
4781149.126.72.220 8050 tcp tcpwrapped open
4782149.126.72.220 8051 tcp tcpwrapped open
4783149.126.72.220 8052 tcp tcpwrapped open
4784149.126.72.220 8053 tcp tcpwrapped open
4785149.126.72.220 8054 tcp tcpwrapped open
4786149.126.72.220 8055 tcp tcpwrapped open
4787149.126.72.220 8056 tcp tcpwrapped open
4788149.126.72.220 8057 tcp tcpwrapped open
4789149.126.72.220 8058 tcp tcpwrapped open
4790149.126.72.220 8060 tcp tcpwrapped open
4791149.126.72.220 8064 tcp tcpwrapped open
4792149.126.72.220 8065 tcp tcpwrapped open
4793149.126.72.220 8069 tcp tcpwrapped open
4794149.126.72.220 8070 tcp tcpwrapped open
4795149.126.72.220 8071 tcp tcpwrapped open
4796149.126.72.220 8072 tcp tcpwrapped open
4797149.126.72.220 8074 tcp tcpwrapped open
4798149.126.72.220 8079 tcp tcpwrapped open
4799149.126.72.220 8080 tcp tcpwrapped open
4800149.126.72.220 8081 tcp tcpwrapped open
4801149.126.72.220 8082 tcp tcpwrapped open
4802149.126.72.220 8083 tcp tcpwrapped open
4803149.126.72.220 8084 tcp tcpwrapped open
4804149.126.72.220 8085 tcp tcpwrapped open
4805149.126.72.220 8086 tcp tcpwrapped open
4806149.126.72.220 8087 tcp tcpwrapped open
4807149.126.72.220 8088 tcp tcpwrapped open
4808149.126.72.220 8089 tcp tcpwrapped open
4809149.126.72.220 8090 tcp tcpwrapped open
4810149.126.72.220 8091 tcp tcpwrapped open
4811149.126.72.220 8092 tcp tcpwrapped open
4812149.126.72.220 8093 tcp tcpwrapped open
4813149.126.72.220 8094 tcp tcpwrapped open
4814149.126.72.220 8095 tcp tcpwrapped open
4815149.126.72.220 8096 tcp tcpwrapped open
4816149.126.72.220 8097 tcp tcpwrapped open
4817149.126.72.220 8098 tcp tcpwrapped open
4818149.126.72.220 8099 tcp tcpwrapped open
4819149.126.72.220 8100 tcp tcpwrapped open
4820149.126.72.220 8101 tcp tcpwrapped open
4821149.126.72.220 8102 tcp tcpwrapped open
4822149.126.72.220 8103 tcp tcpwrapped open
4823149.126.72.220 8104 tcp tcpwrapped open
4824149.126.72.220 8105 tcp tcpwrapped open
4825149.126.72.220 8106 tcp tcpwrapped open
4826149.126.72.220 8107 tcp tcpwrapped open
4827149.126.72.220 8108 tcp tcpwrapped open
4828149.126.72.220 8109 tcp tcpwrapped open
4829149.126.72.220 8110 tcp tcpwrapped open
4830149.126.72.220 8113 tcp tcpwrapped open
4831149.126.72.220 8114 tcp tcpwrapped open
4832149.126.72.220 8115 tcp tcpwrapped open
4833149.126.72.220 8118 tcp tcpwrapped open
4834149.126.72.220 8119 tcp tcpwrapped open
4835149.126.72.220 8120 tcp tcpwrapped open
4836149.126.72.220 8121 tcp tcpwrapped open
4837149.126.72.220 8123 tcp tcpwrapped open
4838149.126.72.220 8125 tcp tcpwrapped open
4839149.126.72.220 8126 tcp tcpwrapped open
4840149.126.72.220 8128 tcp tcpwrapped open
4841149.126.72.220 8129 tcp tcpwrapped open
4842149.126.72.220 8130 tcp tcpwrapped open
4843149.126.72.220 8131 tcp tcpwrapped open
4844149.126.72.220 8132 tcp tcpwrapped open
4845149.126.72.220 8133 tcp tcpwrapped open
4846149.126.72.220 8136 tcp tcpwrapped open
4847149.126.72.220 8140 tcp tcpwrapped open
4848149.126.72.220 8142 tcp tcpwrapped open
4849149.126.72.220 8143 tcp tcpwrapped open
4850149.126.72.220 8144 tcp tcpwrapped open
4851149.126.72.220 8147 tcp tcpwrapped open
4852149.126.72.220 8148 tcp tcpwrapped open
4853149.126.72.220 8149 tcp tcpwrapped open
4854149.126.72.220 8150 tcp tcpwrapped open
4855149.126.72.220 8154 tcp tcpwrapped open
4856149.126.72.220 8156 tcp tcpwrapped open
4857149.126.72.220 8157 tcp tcpwrapped open
4858149.126.72.220 8158 tcp tcpwrapped open
4859149.126.72.220 8160 tcp tcpwrapped open
4860149.126.72.220 8161 tcp tcpwrapped open
4861149.126.72.220 8162 tcp tcpwrapped open
4862149.126.72.220 8163 tcp tcpwrapped open
4863149.126.72.220 8164 tcp tcpwrapped open
4864149.126.72.220 8165 tcp tcpwrapped open
4865149.126.72.220 8166 tcp tcpwrapped open
4866149.126.72.220 8167 tcp tcpwrapped open
4867149.126.72.220 8168 tcp tcpwrapped open
4868149.126.72.220 8169 tcp tcpwrapped open
4869149.126.72.220 8170 tcp tcpwrapped open
4870149.126.72.220 8171 tcp tcpwrapped open
4871149.126.72.220 8172 tcp tcpwrapped open
4872149.126.72.220 8173 tcp tcpwrapped open
4873149.126.72.220 8175 tcp tcpwrapped open
4874149.126.72.220 8176 tcp tcpwrapped open
4875149.126.72.220 8178 tcp tcpwrapped open
4876149.126.72.220 8179 tcp tcpwrapped open
4877149.126.72.220 8180 tcp tcpwrapped open
4878149.126.72.220 8181 tcp tcpwrapped open
4879149.126.72.220 8182 tcp tcpwrapped open
4880149.126.72.220 8183 tcp tcpwrapped open
4881149.126.72.220 8184 tcp tcpwrapped open
4882149.126.72.220 8185 tcp tcpwrapped open
4883149.126.72.220 8186 tcp tcpwrapped open
4884149.126.72.220 8187 tcp tcpwrapped open
4885149.126.72.220 8188 tcp tcpwrapped open
4886149.126.72.220 8189 tcp tcpwrapped open
4887149.126.72.220 8190 tcp tcpwrapped open
4888149.126.72.220 8191 tcp tcpwrapped open
4889149.126.72.220 8192 tcp tcpwrapped open
4890149.126.72.220 8193 tcp tcpwrapped open
4891149.126.72.220 8194 tcp tcpwrapped open
4892149.126.72.220 8195 tcp tcpwrapped open
4893149.126.72.220 8198 tcp tcpwrapped open
4894149.126.72.220 8199 tcp tcpwrapped open
4895149.126.72.220 8200 tcp tcpwrapped open
4896149.126.72.220 8203 tcp tcpwrapped open
4897149.126.72.220 8222 tcp tcpwrapped open
4898149.126.72.220 8230 tcp tcpwrapped open
4899149.126.72.220 8236 tcp tcpwrapped open
4900149.126.72.220 8237 tcp tcpwrapped open
4901149.126.72.220 8238 tcp tcpwrapped open
4902149.126.72.220 8239 tcp tcpwrapped open
4903149.126.72.220 8241 tcp tcpwrapped open
4904149.126.72.220 8243 tcp tcpwrapped open
4905149.126.72.220 8248 tcp tcpwrapped open
4906149.126.72.220 8249 tcp tcpwrapped open
4907149.126.72.220 8250 tcp tcpwrapped open
4908149.126.72.220 8251 tcp tcpwrapped open
4909149.126.72.220 8252 tcp tcpwrapped open
4910149.126.72.220 8280 tcp tcpwrapped open
4911149.126.72.220 8282 tcp tcpwrapped open
4912149.126.72.220 8333 tcp tcpwrapped open
4913149.126.72.220 8340 tcp tcpwrapped open
4914149.126.72.220 8343 tcp tcpwrapped open
4915149.126.72.220 8350 tcp tcpwrapped open
4916149.126.72.220 8381 tcp tcpwrapped open
4917149.126.72.220 8382 tcp tcpwrapped open
4918149.126.72.220 8383 tcp tcpwrapped open
4919149.126.72.220 8384 tcp tcpwrapped open
4920149.126.72.220 8385 tcp tcpwrapped open
4921149.126.72.220 8388 tcp tcpwrapped open
4922149.126.72.220 8393 tcp tcpwrapped open
4923149.126.72.220 8401 tcp tcpwrapped open
4924149.126.72.220 8402 tcp tcpwrapped open
4925149.126.72.220 8403 tcp tcpwrapped open
4926149.126.72.220 8404 tcp tcpwrapped open
4927149.126.72.220 8405 tcp tcpwrapped open
4928149.126.72.220 8406 tcp tcpwrapped open
4929149.126.72.220 8407 tcp tcpwrapped open
4930149.126.72.220 8408 tcp tcpwrapped open
4931149.126.72.220 8409 tcp tcpwrapped open
4932149.126.72.220 8410 tcp tcpwrapped open
4933149.126.72.220 8411 tcp tcpwrapped open
4934149.126.72.220 8412 tcp tcpwrapped open
4935149.126.72.220 8413 tcp tcpwrapped open
4936149.126.72.220 8414 tcp tcpwrapped open
4937149.126.72.220 8415 tcp tcpwrapped open
4938149.126.72.220 8416 tcp tcpwrapped open
4939149.126.72.220 8417 tcp tcpwrapped open
4940149.126.72.220 8418 tcp tcpwrapped open
4941149.126.72.220 8419 tcp tcpwrapped open
4942149.126.72.220 8420 tcp tcpwrapped open
4943149.126.72.220 8421 tcp tcpwrapped open
4944149.126.72.220 8422 tcp tcpwrapped open
4945149.126.72.220 8423 tcp tcpwrapped open
4946149.126.72.220 8424 tcp tcpwrapped open
4947149.126.72.220 8425 tcp tcpwrapped open
4948149.126.72.220 8426 tcp tcpwrapped open
4949149.126.72.220 8427 tcp tcpwrapped open
4950149.126.72.220 8428 tcp tcpwrapped open
4951149.126.72.220 8429 tcp tcpwrapped open
4952149.126.72.220 8430 tcp tcpwrapped open
4953149.126.72.220 8431 tcp tcpwrapped open
4954149.126.72.220 8432 tcp tcpwrapped open
4955149.126.72.220 8433 tcp tcpwrapped open
4956149.126.72.220 8435 tcp tcpwrapped open
4957149.126.72.220 8440 tcp tcpwrapped open
4958149.126.72.220 8441 tcp tcpwrapped open
4959149.126.72.220 8442 tcp tcpwrapped open
4960149.126.72.220 8443 tcp tcpwrapped open
4961149.126.72.220 8444 tcp tcpwrapped open
4962149.126.72.220 8445 tcp tcpwrapped open
4963149.126.72.220 8446 tcp tcpwrapped open
4964149.126.72.220 8447 tcp tcpwrapped open
4965149.126.72.220 8448 tcp tcpwrapped open
4966149.126.72.220 8449 tcp tcpwrapped open
4967149.126.72.220 8450 tcp tcpwrapped open
4968149.126.72.220 8451 tcp tcpwrapped open
4969149.126.72.220 8452 tcp tcpwrapped open
4970149.126.72.220 8453 tcp tcpwrapped open
4971149.126.72.220 8454 tcp tcpwrapped open
4972149.126.72.220 8455 tcp tcpwrapped open
4973149.126.72.220 8456 tcp tcpwrapped open
4974149.126.72.220 8457 tcp tcpwrapped open
4975149.126.72.220 8458 tcp tcpwrapped open
4976149.126.72.220 8459 tcp tcpwrapped open
4977149.126.72.220 8460 tcp tcpwrapped open
4978149.126.72.220 8461 tcp tcpwrapped open
4979149.126.72.220 8462 tcp tcpwrapped open
4980149.126.72.220 8463 tcp tcpwrapped open
4981149.126.72.220 8464 tcp tcpwrapped open
4982149.126.72.220 8465 tcp tcpwrapped open
4983149.126.72.220 8466 tcp tcpwrapped open
4984149.126.72.220 8467 tcp tcpwrapped open
4985149.126.72.220 8470 tcp tcpwrapped open
4986149.126.72.220 8472 tcp tcpwrapped open
4987149.126.72.220 8473 tcp tcpwrapped open
4988149.126.72.220 8475 tcp tcpwrapped open
4989149.126.72.220 8480 tcp tcpwrapped open
4990149.126.72.220 8481 tcp tcpwrapped open
4991149.126.72.220 8482 tcp tcpwrapped open
4992149.126.72.220 8484 tcp tcpwrapped open
4993149.126.72.220 8485 tcp tcpwrapped open
4994149.126.72.220 8488 tcp tcpwrapped open
4995149.126.72.220 8493 tcp tcpwrapped open
4996149.126.72.220 8494 tcp tcpwrapped open
4997149.126.72.220 8500 tcp tcpwrapped open
4998149.126.72.220 8502 tcp tcpwrapped open
4999149.126.72.220 8503 tcp tcpwrapped open
5000149.126.72.220 8504 tcp tcpwrapped open
5001149.126.72.220 8505 tcp tcpwrapped open
5002149.126.72.220 8506 tcp tcpwrapped open
5003149.126.72.220 8510 tcp tcpwrapped open
5004149.126.72.220 8513 tcp tcpwrapped open
5005149.126.72.220 8514 tcp tcpwrapped open
5006149.126.72.220 8515 tcp tcpwrapped open
5007149.126.72.220 8519 tcp tcpwrapped open
5008149.126.72.220 8520 tcp tcpwrapped open
5009149.126.72.220 8521 tcp tcpwrapped open
5010149.126.72.220 8523 tcp tcpwrapped open
5011149.126.72.220 8524 tcp tcpwrapped open
5012149.126.72.220 8525 tcp tcpwrapped open
5013149.126.72.220 8526 tcp tcpwrapped open
5014149.126.72.220 8528 tcp tcpwrapped open
5015149.126.72.220 8529 tcp tcpwrapped open
5016149.126.72.220 8530 tcp tcpwrapped open
5017149.126.72.220 8531 tcp tcpwrapped open
5018149.126.72.220 8532 tcp tcpwrapped open
5019149.126.72.220 8533 tcp tcpwrapped open
5020149.126.72.220 8536 tcp tcpwrapped open
5021149.126.72.220 8540 tcp tcpwrapped open
5022149.126.72.220 8543 tcp tcpwrapped open
5023149.126.72.220 8544 tcp tcpwrapped open
5024149.126.72.220 8548 tcp tcpwrapped open
5025149.126.72.220 8549 tcp tcpwrapped open
5026149.126.72.220 8550 tcp tcpwrapped open
5027149.126.72.220 8551 tcp tcpwrapped open
5028149.126.72.220 8553 tcp tcpwrapped open
5029149.126.72.220 8556 tcp tcpwrapped open
5030149.126.72.220 8557 tcp tcpwrapped open
5031149.126.72.220 8558 tcp tcpwrapped open
5032149.126.72.220 8560 tcp tcpwrapped open
5033149.126.72.220 8561 tcp tcpwrapped open
5034149.126.72.220 8562 tcp tcpwrapped open
5035149.126.72.220 8563 tcp tcpwrapped open
5036149.126.72.220 8564 tcp tcpwrapped open
5037149.126.72.220 8565 tcp tcpwrapped open
5038149.126.72.220 8566 tcp tcpwrapped open
5039149.126.72.220 8567 tcp tcpwrapped open
5040149.126.72.220 8568 tcp tcpwrapped open
5041149.126.72.220 8569 tcp tcpwrapped open
5042149.126.72.220 8570 tcp tcpwrapped open
5043149.126.72.220 8571 tcp tcpwrapped open
5044149.126.72.220 8573 tcp tcpwrapped open
5045149.126.72.220 8574 tcp tcpwrapped open
5046149.126.72.220 8575 tcp tcpwrapped open
5047149.126.72.220 8576 tcp tcpwrapped open
5048149.126.72.220 8577 tcp tcpwrapped open
5049149.126.72.220 8578 tcp tcpwrapped open
5050149.126.72.220 8579 tcp tcpwrapped open
5051149.126.72.220 8580 tcp tcpwrapped open
5052149.126.72.220 8581 tcp tcpwrapped open
5053149.126.72.220 8582 tcp tcpwrapped open
5054149.126.72.220 8583 tcp tcpwrapped open
5055149.126.72.220 8585 tcp tcpwrapped open
5056149.126.72.220 8586 tcp tcpwrapped open
5057149.126.72.220 8588 tcp tcpwrapped open
5058149.126.72.220 8589 tcp tcpwrapped open
5059149.126.72.220 8590 tcp tcpwrapped open
5060149.126.72.220 8591 tcp tcpwrapped open
5061149.126.72.220 8592 tcp tcpwrapped open
5062149.126.72.220 8593 tcp tcpwrapped open
5063149.126.72.220 8594 tcp tcpwrapped open
5064149.126.72.220 8595 tcp tcpwrapped open
5065149.126.72.220 8596 tcp tcpwrapped open
5066149.126.72.220 8597 tcp tcpwrapped open
5067149.126.72.220 8598 tcp tcpwrapped open
5068149.126.72.220 8599 tcp tcpwrapped open
5069149.126.72.220 8600 tcp tcpwrapped open
5070149.126.72.220 8601 tcp tcpwrapped open
5071149.126.72.220 8605 tcp tcpwrapped open
5072149.126.72.220 8606 tcp tcpwrapped open
5073149.126.72.220 8630 tcp tcpwrapped open
5074149.126.72.220 8640 tcp tcpwrapped open
5075149.126.72.220 8641 tcp tcpwrapped open
5076149.126.72.220 8643 tcp tcpwrapped open
5077149.126.72.220 8663 tcp tcpwrapped open
5078149.126.72.220 8666 tcp tcpwrapped open
5079149.126.72.220 8686 tcp tcpwrapped open
5080149.126.72.220 8688 tcp tcpwrapped open
5081149.126.72.220 8700 tcp tcpwrapped open
5082149.126.72.220 8701 tcp tcpwrapped open
5083149.126.72.220 8702 tcp tcpwrapped open
5084149.126.72.220 8703 tcp tcpwrapped open
5085149.126.72.220 8704 tcp tcpwrapped open
5086149.126.72.220 8705 tcp tcpwrapped open
5087149.126.72.220 8706 tcp tcpwrapped open
5088149.126.72.220 8707 tcp tcpwrapped open
5089149.126.72.220 8708 tcp tcpwrapped open
5090149.126.72.220 8709 tcp tcpwrapped open
5091149.126.72.220 8723 tcp tcpwrapped open
5092149.126.72.220 8724 tcp tcpwrapped open
5093149.126.72.220 8731 tcp tcpwrapped open
5094149.126.72.220 8732 tcp tcpwrapped open
5095149.126.72.220 8764 tcp tcpwrapped open
5096149.126.72.220 8765 tcp tcpwrapped open
5097149.126.72.220 8766 tcp tcpwrapped open
5098149.126.72.220 8767 tcp tcpwrapped open
5099149.126.72.220 8771 tcp tcpwrapped open
5100149.126.72.220 8787 tcp tcpwrapped open
5101149.126.72.220 8788 tcp tcpwrapped open
5102149.126.72.220 8789 tcp tcpwrapped open
5103149.126.72.220 8790 tcp tcpwrapped open
5104149.126.72.220 8791 tcp tcpwrapped open
5105149.126.72.220 8800 tcp tcpwrapped open
5106149.126.72.220 8801 tcp tcpwrapped open
5107149.126.72.220 8802 tcp tcpwrapped open
5108149.126.72.220 8803 tcp tcpwrapped open
5109149.126.72.220 8804 tcp tcpwrapped open
5110149.126.72.220 8805 tcp tcpwrapped open
5111149.126.72.220 8806 tcp tcpwrapped open
5112149.126.72.220 8807 tcp tcpwrapped open
5113149.126.72.220 8808 tcp tcpwrapped open
5114149.126.72.220 8809 tcp tcpwrapped open
5115149.126.72.220 8810 tcp tcpwrapped open
5116149.126.72.220 8811 tcp tcpwrapped open
5117149.126.72.220 8812 tcp tcpwrapped open
5118149.126.72.220 8813 tcp tcpwrapped open
5119149.126.72.220 8814 tcp tcpwrapped open
5120149.126.72.220 8815 tcp tcpwrapped open
5121149.126.72.220 8816 tcp tcpwrapped open
5122149.126.72.220 8817 tcp tcpwrapped open
5123149.126.72.220 8818 tcp tcpwrapped open
5124149.126.72.220 8819 tcp tcpwrapped open
5125149.126.72.220 8820 tcp tcpwrapped open
5126149.126.72.220 8821 tcp tcpwrapped open
5127149.126.72.220 8822 tcp tcpwrapped open
5128149.126.72.220 8823 tcp tcpwrapped open
5129149.126.72.220 8824 tcp tcpwrapped open
5130149.126.72.220 8825 tcp tcpwrapped open
5131149.126.72.220 8826 tcp tcpwrapped open
5132149.126.72.220 8827 tcp tcpwrapped open
5133149.126.72.220 8828 tcp tcpwrapped open
5134149.126.72.220 8829 tcp tcpwrapped open
5135149.126.72.220 8830 tcp tcpwrapped open
5136149.126.72.220 8831 tcp tcpwrapped open
5137149.126.72.220 8832 tcp tcpwrapped open
5138149.126.72.220 8833 tcp tcpwrapped open
5139149.126.72.220 8834 tcp tcpwrapped open
5140149.126.72.220 8835 tcp tcpwrapped open
5141149.126.72.220 8836 tcp tcpwrapped open
5142149.126.72.220 8837 tcp tcpwrapped open
5143149.126.72.220 8838 tcp tcpwrapped open
5144149.126.72.220 8839 tcp tcpwrapped open
5145149.126.72.220 8840 tcp tcpwrapped open
5146149.126.72.220 8841 tcp tcpwrapped open
5147149.126.72.220 8842 tcp tcpwrapped open
5148149.126.72.220 8843 tcp tcpwrapped open
5149149.126.72.220 8844 tcp tcpwrapped open
5150149.126.72.220 8845 tcp tcpwrapped open
5151149.126.72.220 8846 tcp tcpwrapped open
5152149.126.72.220 8847 tcp tcpwrapped open
5153149.126.72.220 8848 tcp tcpwrapped open
5154149.126.72.220 8849 tcp tcpwrapped open
5155149.126.72.220 8850 tcp tcpwrapped open
5156149.126.72.220 8851 tcp tcpwrapped open
5157149.126.72.220 8852 tcp tcpwrapped open
5158149.126.72.220 8853 tcp tcpwrapped open
5159149.126.72.220 8854 tcp tcpwrapped open
5160149.126.72.220 8855 tcp tcpwrapped open
5161149.126.72.220 8856 tcp tcpwrapped open
5162149.126.72.220 8857 tcp tcpwrapped open
5163149.126.72.220 8858 tcp tcpwrapped open
5164149.126.72.220 8859 tcp tcpwrapped open
5165149.126.72.220 8860 tcp tcpwrapped open
5166149.126.72.220 8861 tcp tcpwrapped open
5167149.126.72.220 8862 tcp tcpwrapped open
5168149.126.72.220 8863 tcp tcpwrapped open
5169149.126.72.220 8864 tcp tcpwrapped open
5170149.126.72.220 8865 tcp tcpwrapped open
5171149.126.72.220 8866 tcp tcpwrapped open
5172149.126.72.220 8867 tcp tcpwrapped open
5173149.126.72.220 8868 tcp tcpwrapped open
5174149.126.72.220 8869 tcp tcpwrapped open
5175149.126.72.220 8870 tcp tcpwrapped open
5176149.126.72.220 8871 tcp tcpwrapped open
5177149.126.72.220 8872 tcp tcpwrapped open
5178149.126.72.220 8873 tcp tcpwrapped open
5179149.126.72.220 8874 tcp tcpwrapped open
5180149.126.72.220 8875 tcp tcpwrapped open
5181149.126.72.220 8876 tcp tcpwrapped open
5182149.126.72.220 887
5183#################################################################################################################################
5184Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-18 18:36 EDT
5185Nmap scan report for 94.102.51.111
5186Host is up (0.17s latency).
5187Not shown: 989 filtered ports
5188PORT STATE SERVICE VERSION
518922/tcp open ssh OpenSSH 7.4 (protocol 2.0)
5190| vulscan: VulDB - https://vuldb.com:
5191| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
5192| [130371] OpenSSH 7.9 scp Man-in-the-Middle directory traversal
5193| [130370] OpenSSH 7.9 Man-in-the-Middle spoofing
5194| [130369] OpenSSH 7.9 Encoding progressmeter.c refresh_progress_meter() spoofing
5195| [129007] OpenSSH 7.9 scp Client scp.c Filename privilege escalation
5196| [123343] OpenSSH up to 7.8 GSS2 auth-gss2.c information disclosure
5197| [123011] OpenSSH up to 7.7 auth2-gss.c Request information disclosure
5198| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
5199| [108627] OpenSSH up to 7.5 Readonly Mode sftp-server.c process_open unknown vulnerability
5200| [94611] OpenSSH up to 7.3 Access Control privilege escalation
5201| [94610] OpenSSH up to 7.3 Shared Memory Manager privilege escalation
5202| [94608] OpenSSH up to 7.3 Unix-Domain Socket privilege escalation
5203| [94607] OpenSSH up to 7.3 Forwarded Agent Channel privilege escalation
5204| [90671] OpenSSH up to 7.2 auth-passwd.c auth_password denial of service
5205| [90405] OpenSSH up to 7.2p2 sshd information disclosure
5206| [90404] OpenSSH up to 7.2p2 sshd information disclosure
5207| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
5208| [89622] OpenSSH 7.2p2 Authentication Username information disclosure
5209| [81320] OpenSSH up to 7.2p1 X11 Authentication Credential xauth privilege escalation
5210| [80656] OpenBSD OpenSSH 7.1 X11 Forwarding privilege escalation
5211| [80330] OpenSSH up to 7.1p1 packet.c ssh_packet_read_poll2 memory corruption
5212|
5213| MITRE CVE - https://cve.mitre.org:
5214| [CVE-2010-4755] The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
5215| [CVE-1999-0661] A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
5216|
5217| SecurityFocus - https://www.securityfocus.com/bid/:
5218| [102780] OpenSSH CVE-2016-10708 Multiple Denial of Service Vulnerabilities
5219| [101552] OpenSSH 'sftp-server.c' Remote Security Bypass Vulnerability
5220| [94977] OpenSSH CVE-2016-10011 Local Information Disclosure Vulnerability
5221| [94975] OpenSSH CVE-2016-10012 Security Bypass Vulnerability
5222| [94972] OpenSSH CVE-2016-10010 Privilege Escalation Vulnerability
5223| [94968] OpenSSH CVE-2016-10009 Remote Code Execution Vulnerability
5224| [93776] OpenSSH 'ssh/kex.c' Denial of Service Vulnerability
5225| [92212] OpenSSH CVE-2016-6515 Denial of Service Vulnerability
5226| [92210] OpenSSH CBC Padding Weak Encryption Security Weakness
5227| [92209] OpenSSH MAC Verification Security Bypass Vulnerability
5228| [91812] OpenSSH CVE-2016-6210 User Enumeration Vulnerability
5229| [90440] OpenSSH CVE-2004-1653 Remote Security Vulnerability
5230| [90340] OpenSSH CVE-2004-2760 Remote Security Vulnerability
5231| [89385] OpenSSH CVE-2005-2666 Local Security Vulnerability
5232| [88655] OpenSSH CVE-2001-1382 Remote Security Vulnerability
5233| [88513] OpenSSH CVE-2000-0999 Remote Security Vulnerability
5234| [88367] OpenSSH CVE-1999-1010 Local Security Vulnerability
5235| [87789] OpenSSH CVE-2003-0682 Remote Security Vulnerability
5236| [86187] OpenSSH 'session.c' Local Security Bypass Vulnerability
5237| [86144] OpenSSH CVE-2007-2768 Remote Security Vulnerability
5238| [84427] OpenSSH CVE-2016-1908 Security Bypass Vulnerability
5239| [84314] OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
5240| [84185] OpenSSH CVE-2006-4925 Denial-Of-Service Vulnerability
5241| [81293] OpenSSH CVE-2016-1907 Denial of Service Vulnerability
5242| [80698] OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
5243| [80695] OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
5244| [76497] OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
5245| [76317] OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
5246| [75990] OpenSSH Login Handling Security Bypass Weakness
5247| [75525] OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
5248| [71420] Portable OpenSSH 'gss-serv-krb5.c' Security Bypass Vulnerability
5249| [68757] OpenSSH Multiple Remote Denial of Service Vulnerabilities
5250| [66459] OpenSSH Certificate Validation Security Bypass Vulnerability
5251| [66355] OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
5252| [65674] OpenSSH 'ssh-keysign.c' Local Information Disclosure Vulnerability
5253| [65230] OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
5254| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
5255| [61286] OpenSSH Remote Denial of Service Vulnerability
5256| [58894] GSI-OpenSSH PAM_USER Security Bypass Vulnerability
5257| [58162] OpenSSH CVE-2010-5107 Denial of Service Vulnerability
5258| [54114] OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
5259| [51702] Debian openssh-server Forced Command Handling Information Disclosure Vulnerability
5260| [50416] Linux Kernel 'kdump' and 'mkdumprd' OpenSSH Integration Remote Information Disclosure Vulnerability
5261| [49473] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5262| [48507] OpenSSH 'pam_thread()' Remote Buffer Overflow Vulnerability
5263| [47691] Portable OpenSSH 'ssh-keysign' Local Unauthorized Access Vulnerability
5264| [46155] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5265| [45304] OpenSSH J-PAKE Security Bypass Vulnerability
5266| [36552] Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
5267| [32319] OpenSSH CBC Mode Information Disclosure Vulnerability
5268| [30794] Red Hat OpenSSH Backdoor Vulnerability
5269| [30339] OpenSSH 'X11UseLocalhost' X11 Forwarding Session Hijacking Vulnerability
5270| [30276] Debian OpenSSH SELinux Privilege Escalation Vulnerability
5271| [28531] OpenSSH ForceCommand Command Execution Weakness
5272| [28444] OpenSSH X Connections Session Hijacking Vulnerability
5273| [26097] OpenSSH LINUX_AUDIT_RECORD_EVENT Remote Log Injection Weakness
5274| [25628] OpenSSH X11 Cookie Local Authentication Bypass Vulnerability
5275| [23601] OpenSSH S/Key Remote Information Disclosure Vulnerability
5276| [20956] OpenSSH Privilege Separation Key Signature Weakness
5277| [20418] OpenSSH-Portable Existing Password Remote Information Disclosure Weakness
5278| [20245] OpenSSH-Portable GSSAPI Authentication Abort Information Disclosure Weakness
5279| [20241] Portable OpenSSH GSSAPI Remote Code Execution Vulnerability
5280| [20216] OpenSSH Duplicated Block Remote Denial of Service Vulnerability
5281| [16892] OpenSSH Remote PAM Denial Of Service Vulnerability
5282| [14963] OpenSSH LoginGraceTime Remote Denial Of Service Vulnerability
5283| [14729] OpenSSH GSSAPI Credential Disclosure Vulnerability
5284| [14727] OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
5285| [11781] OpenSSH-portable PAM Authentication Remote Information Disclosure Vulnerability
5286| [9986] RCP, OpenSSH SCP Client File Corruption Vulnerability
5287| [9040] OpenSSH PAM Conversation Memory Scrubbing Weakness
5288| [8677] Multiple Portable OpenSSH PAM Vulnerabilities
5289| [8628] OpenSSH Buffer Mismanagement Vulnerabilities
5290| [7831] OpenSSH Reverse DNS Lookup Access Control Bypass Vulnerability
5291| [7482] OpenSSH Remote Root Authentication Timing Side-Channel Weakness
5292| [7467] OpenSSH-portable Enabled PAM Delay Information Disclosure Vulnerability
5293| [7343] OpenSSH Authentication Execution Path Timing Information Leakage Weakness
5294| [6168] OpenSSH Visible Password Vulnerability
5295| [5374] OpenSSH Trojan Horse Vulnerability
5296| [5093] OpenSSH Challenge-Response Buffer Overflow Vulnerabilities
5297| [4560] OpenSSH Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5298| [4241] OpenSSH Channel Code Off-By-One Vulnerability
5299| [3614] OpenSSH UseLogin Environment Variable Passing Vulnerability
5300| [3560] OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
5301| [3369] OpenSSH Key Based Source IP Access Control Bypass Vulnerability
5302| [3345] OpenSSH SFTP Command Restriction Bypassing Vulnerability
5303| [2917] OpenSSH PAM Session Evasion Vulnerability
5304| [2825] OpenSSH Client X11 Forwarding Cookie Removal File Symbolic Link Vulnerability
5305| [2356] OpenSSH Private Key Authentication Check Vulnerability
5306| [1949] OpenSSH Client Unauthorized Remote Forwarding Vulnerability
5307| [1334] OpenSSH UseLogin Vulnerability
5308|
5309| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5310| [83258] GSI-OpenSSH auth-pam.c security bypass
5311| [82781] OpenSSH time limit denial of service
5312| [82231] OpenSSH pam_ssh_agent_auth PAM code execution
5313| [74809] OpenSSH ssh_gssapi_parse_ename denial of service
5314| [72756] Debian openssh-server commands information disclosure
5315| [68339] OpenSSH pam_thread buffer overflow
5316| [67264] OpenSSH ssh-keysign unauthorized access
5317| [65910] OpenSSH remote_glob function denial of service
5318| [65163] OpenSSH certificate information disclosure
5319| [64387] OpenSSH J-PAKE security bypass
5320| [63337] Cisco Unified Videoconferencing OpenSSH weak security
5321| [46620] OpenSSH and multiple SSH Tectia products CBC mode information disclosure
5322| [45202] OpenSSH signal handler denial of service
5323| [44747] RHEL OpenSSH backdoor
5324| [44280] OpenSSH PermitRootLogin information disclosure
5325| [44279] OpenSSH sshd weak security
5326| [44037] OpenSSH sshd SELinux role unauthorized access
5327| [43940] OpenSSH X11 forwarding information disclosure
5328| [41549] OpenSSH ForceCommand directive security bypass
5329| [41438] OpenSSH sshd session hijacking
5330| [40897] OpenSSH known_hosts weak security
5331| [40587] OpenSSH username weak security
5332| [37371] OpenSSH username data manipulation
5333| [37118] RHSA update for OpenSSH privilege separation monitor authentication verification weakness not installed
5334| [37112] RHSA update for OpenSSH signal handler race condition not installed
5335| [37107] RHSA update for OpenSSH identical block denial of service not installed
5336| [36637] OpenSSH X11 cookie privilege escalation
5337| [35167] OpenSSH packet.c newkeys[mode] denial of service
5338| [34490] OpenSSH OPIE information disclosure
5339| [33794] OpenSSH ChallengeResponseAuthentication information disclosure
5340| [32975] Apple Mac OS X OpenSSH denial of service
5341| [32387] RHSA-2006:0738 updates for openssh not installed
5342| [32359] RHSA-2006:0697 updates for openssh not installed
5343| [32230] RHSA-2006:0298 updates for openssh not installed
5344| [32132] RHSA-2006:0044 updates for openssh not installed
5345| [30120] OpenSSH privilege separation monitor authentication verification weakness
5346| [29255] OpenSSH GSSAPI user enumeration
5347| [29254] OpenSSH signal handler race condition
5348| [29158] OpenSSH identical block denial of service
5349| [28147] Apple Mac OS X OpenSSH nonexistent user login denial of service
5350| [25116] OpenSSH OpenPAM denial of service
5351| [24305] OpenSSH SCP shell expansion command execution
5352| [22665] RHSA-2005:106 updates for openssh not installed
5353| [22117] OpenSSH GSSAPI allows elevated privileges
5354| [22115] OpenSSH GatewayPorts security bypass
5355| [20930] OpenSSH sshd.c LoginGraceTime denial of service
5356| [19441] Sun Solaris OpenSSH LDAP (1) client authentication denial of service
5357| [17213] OpenSSH allows port bouncing attacks
5358| [16323] OpenSSH scp file overwrite
5359| [13797] OpenSSH PAM information leak
5360| [13271] OpenSSH could allow an attacker to corrupt the PAM conversion stack
5361| [13264] OpenSSH PAM code could allow an attacker to gain access
5362| [13215] OpenSSH buffer management errors could allow an attacker to execute code
5363| [13214] OpenSSH memory vulnerabilities
5364| [13191] OpenSSH large packet buffer overflow
5365| [12196] OpenSSH could allow an attacker to bypass login restrictions
5366| [11970] OpenSSH could allow an attacker to obtain valid administrative account
5367| [11902] OpenSSH PAM support enabled information leak
5368| [9803] OpenSSH "
5369| [9763] OpenSSH downloaded from the OpenBSD FTP site or OpenBSD FTP mirror sites could contain a Trojan Horse
5370| [9307] OpenSSH is running on the system
5371| [9169] OpenSSH "
5372| [8896] OpenSSH Kerberos 4 TGT/AFS buffer overflow
5373| [8697] FreeBSD libutil in OpenSSH fails to drop privileges prior to using the login class capability database
5374| [8383] OpenSSH off-by-one error in channel code
5375| [7647] OpenSSH UseLogin option arbitrary code execution
5376| [7634] OpenSSH using sftp and restricted keypairs could allow an attacker to bypass restrictions
5377| [7598] OpenSSH with Kerberos allows attacker to gain elevated privileges
5378| [7179] OpenSSH source IP access control bypass
5379| [6757] OpenSSH "
5380| [6676] OpenSSH X11 forwarding symlink attack could allow deletion of arbitrary files
5381| [6084] OpenSSH 2.3.1 allows remote users to bypass authentication
5382| [5517] OpenSSH allows unauthorized access to resources
5383| [4646] OpenSSH UseLogin option allows remote users to execute commands as root
5384|
5385| Exploit-DB - https://www.exploit-db.com:
5386| [21579] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
5387| [21578] OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
5388| [21402] OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
5389| [21314] OpenSSH 2.x/3.0.1/3.0.2 Channel Code Off-By-One Vulnerability
5390| [20253] OpenSSH 1.2 scp File Create/Overwrite Vulnerability
5391| [17462] FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
5392| [14866] Novell Netware 6.5 - OpenSSH Remote Stack Overflow
5393| [6094] Debian OpenSSH Remote SELinux Privilege Elevation Exploit (auth)
5394| [3303] Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit
5395| [2444] OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit
5396| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
5397| [258] glibc-2.2 and openssh-2.3.0p1 exploits glibc => 2.1.9x
5398| [26] OpenSSH/PAM <= 3.6.1p1 Remote Users Ident (gossh.sh)
5399| [25] OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool
5400|
5401| OpenVAS (Nessus) - http://www.openvas.org:
5402| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
5403| [900179] OpenSSH CBC Mode Information Disclosure Vulnerability
5404| [881183] CentOS Update for openssh CESA-2012:0884 centos6
5405| [880802] CentOS Update for openssh CESA-2009:1287 centos5 i386
5406| [880746] CentOS Update for openssh CESA-2009:1470 centos5 i386
5407| [870763] RedHat Update for openssh RHSA-2012:0884-04
5408| [870129] RedHat Update for openssh RHSA-2008:0855-01
5409| [861813] Fedora Update for openssh FEDORA-2010-5429
5410| [861319] Fedora Update for openssh FEDORA-2007-395
5411| [861170] Fedora Update for openssh FEDORA-2007-394
5412| [861012] Fedora Update for openssh FEDORA-2007-715
5413| [840345] Ubuntu Update for openssh vulnerability USN-597-1
5414| [840300] Ubuntu Update for openssh update USN-612-5
5415| [840271] Ubuntu Update for openssh vulnerability USN-612-2
5416| [840268] Ubuntu Update for openssh update USN-612-7
5417| [840259] Ubuntu Update for openssh vulnerabilities USN-649-1
5418| [840214] Ubuntu Update for openssh vulnerability USN-566-1
5419| [831074] Mandriva Update for openssh MDVA-2010:162 (openssh)
5420| [830929] Mandriva Update for openssh MDVA-2010:090 (openssh)
5421| [830807] Mandriva Update for openssh MDVA-2010:026 (openssh)
5422| [830603] Mandriva Update for openssh MDVSA-2008:098 (openssh)
5423| [830523] Mandriva Update for openssh MDVSA-2008:078 (openssh)
5424| [830317] Mandriva Update for openssh-askpass-qt MDKA-2007:127 (openssh-askpass-qt)
5425| [830191] Mandriva Update for openssh MDKSA-2007:236 (openssh)
5426| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
5427| [103503] openssh-server Forced Command Handling Information Disclosure Vulnerability
5428| [103247] OpenSSH Ciphersuite Specification Information Disclosure Weakness
5429| [103064] OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability
5430| [100584] OpenSSH X Connections Session Hijacking Vulnerability
5431| [100153] OpenSSH CBC Mode Information Disclosure Vulnerability
5432| [66170] CentOS Security Advisory CESA-2009:1470 (openssh)
5433| [65987] SLES10: Security update for OpenSSH
5434| [65819] SLES10: Security update for OpenSSH
5435| [65514] SLES9: Security update for OpenSSH
5436| [65513] SLES9: Security update for OpenSSH
5437| [65334] SLES9: Security update for OpenSSH
5438| [65248] SLES9: Security update for OpenSSH
5439| [65218] SLES9: Security update for OpenSSH
5440| [65169] SLES9: Security update for openssh,openssh-askpass
5441| [65126] SLES9: Security update for OpenSSH
5442| [65019] SLES9: Security update for OpenSSH
5443| [65015] SLES9: Security update for OpenSSH
5444| [64931] CentOS Security Advisory CESA-2009:1287 (openssh)
5445| [61639] Debian Security Advisory DSA 1638-1 (openssh)
5446| [61030] Debian Security Advisory DSA 1576-2 (openssh)
5447| [61029] Debian Security Advisory DSA 1576-1 (openssh)
5448| [60840] FreeBSD Security Advisory (FreeBSD-SA-08:05.openssh.asc)
5449| [60803] Gentoo Security Advisory GLSA 200804-03 (openssh)
5450| [60667] Slackware Advisory SSA:2008-095-01 openssh
5451| [59014] Slackware Advisory SSA:2007-255-01 openssh
5452| [58741] Gentoo Security Advisory GLSA 200711-02 (openssh)
5453| [57919] Gentoo Security Advisory GLSA 200611-06 (openssh)
5454| [57895] Gentoo Security Advisory GLSA 200609-17 (openssh)
5455| [57585] Debian Security Advisory DSA 1212-1 (openssh (1:3.8.1p1-8.sarge.6))
5456| [57492] Slackware Advisory SSA:2006-272-02 openssh
5457| [57483] Debian Security Advisory DSA 1189-1 (openssh-krb5)
5458| [57476] FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)
5459| [57470] FreeBSD Ports: openssh
5460| [56352] FreeBSD Security Advisory (FreeBSD-SA-06:09.openssh.asc)
5461| [56330] Gentoo Security Advisory GLSA 200602-11 (OpenSSH)
5462| [56294] Slackware Advisory SSA:2006-045-06 openssh
5463| [53964] Slackware Advisory SSA:2003-266-01 New OpenSSH packages
5464| [53885] Slackware Advisory SSA:2003-259-01 OpenSSH Security Advisory
5465| [53884] Slackware Advisory SSA:2003-260-01 OpenSSH updated again
5466| [53788] Debian Security Advisory DSA 025-1 (openssh)
5467| [52638] FreeBSD Security Advisory (FreeBSD-SA-03:15.openssh.asc)
5468| [52635] FreeBSD Security Advisory (FreeBSD-SA-03:12.openssh.asc)
5469| [11343] OpenSSH Client Unauthorized Remote Forwarding
5470| [10954] OpenSSH AFS/Kerberos ticket/token passing
5471| [10883] OpenSSH Channel Code Off by 1
5472| [10823] OpenSSH UseLogin Environment Variables
5473|
5474| SecurityTracker - https://www.securitytracker.com:
5475| [1028187] OpenSSH pam_ssh_agent_auth Module on Red Hat Enterprise Linux Lets Remote Users Execute Arbitrary Code
5476| [1026593] OpenSSH Lets Remote Authenticated Users Obtain Potentially Sensitive Information
5477| [1025739] OpenSSH on FreeBSD Has Buffer Overflow in pam_thread() That Lets Remote Users Execute Arbitrary Code
5478| [1025482] OpenSSH ssh-keysign Utility Lets Local Users Gain Elevated Privileges
5479| [1025028] OpenSSH Legacy Certificates May Disclose Stack Contents to Remote Users
5480| [1022967] OpenSSH on Red Hat Enterprise Linux Lets Remote Authenticated Users Gain Elevated Privileges
5481| [1021235] OpenSSH CBC Mode Error Handling May Let Certain Remote Users Obtain Plain Text in Certain Cases
5482| [1020891] OpenSSH on Debian Lets Remote Users Prevent Logins
5483| [1020730] OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised
5484| [1020537] OpenSSH on HP-UX Lets Local Users Hijack X11 Sessions
5485| [1019733] OpenSSH Unsafe Default Configuration May Let Local Users Execute Arbitrary Commands
5486| [1019707] OpenSSH Lets Local Users Hijack Forwarded X Sessions in Certain Cases
5487| [1017756] Apple OpenSSH Key Generation Process Lets Remote Users Deny Service
5488| [1017183] OpenSSH Privilege Separation Monitor Validation Error May Cause the Monitor to Fail to Properly Control the Unprivileged Process
5489| [1016940] OpenSSH Race Condition in Signal Handler Lets Remote Users Deny Service and May Potentially Permit Code Execution
5490| [1016939] OpenSSH GSSAPI Authentication Abort Error Lets Remote Users Determine Valid Usernames
5491| [1016931] OpenSSH SSH v1 CRC Attack Detection Implementation Lets Remote Users Deny Service
5492| [1016672] OpenSSH on Mac OS X Lets Remote Users Deny Service
5493| [1015706] OpenSSH Interaction With OpenPAM Lets Remote Users Deny Service
5494| [1015540] OpenSSH scp Double Shell Character Expansion During Local-to-Local Copying May Let Local Users Gain Elevated Privileges in Certain Cases
5495| [1014845] OpenSSH May Unexpectedly Activate GatewayPorts and Also May Disclose GSSAPI Credentials in Certain Cases
5496| [1011193] OpenSSH scp Directory Traversal Flaw Lets Remote SSH Servers Overwrite Files in Certain Cases
5497| [1011143] OpenSSH Default Configuration May Be Unsafe When Used With Anonymous SSH Services
5498| [1007791] Portable OpenSSH PAM free() Bug May Let Remote Users Execute Root Code
5499| [1007716] OpenSSH buffer_append_space() and Other Buffer Management Errors May Let Remote Users Execute Arbitrary Code
5500| [1006926] OpenSSH Host Access Restrictions Can Be Bypassed By Remote Users
5501| [1006688] OpenSSH Timing Flaw With Pluggable Authentication Modules Can Disclose Valid User Account Names to Remote Users
5502| [1004818] OpenSSH's Secure Shell (SSH) Implementation Weakness May Disclose User Passwords to Remote Users During Man-in-the-Middle Attacks
5503| [1004616] OpenSSH Integer Overflow and Buffer Overflow May Allow Remote Users to Gain Root Access to the System
5504| [1004391] OpenSSH 'BSD_AUTH' Access Control Bug May Allow Unauthorized Remote Users to Authenticated to the System
5505| [1004115] OpenSSH Buffer Overflow in Kerberos Ticket and AFS Token Processing Lets Local Users Execute Arbitrary Code With Root Level Permissions
5506| [1003758] OpenSSH Off-by-one 'Channels' Bug May Let Authorized Remote Users Execute Arbitrary Code with Root Privileges
5507| [1002895] OpenSSH UseLogin Environment Variable Bug Lets Local Users Execute Commands and Gain Root Access
5508| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
5509| [1002734] OpenSSH's S/Key Implementation Information Disclosure Flaw Provides Remote Users With Information About Valid User Accounts
5510| [1002455] OpenSSH May Fail to Properly Restrict IP Addresses in Certain Configurations
5511| [1002432] OpenSSH's Sftp-server Subsystem Lets Authorized Remote Users with Restricted Keypairs Obtain Additional Access on the Server
5512| [1001683] OpenSSH Allows Authorized Users to Delete Other User Files Named Cookies
5513|
5514| OSVDB - http://www.osvdb.org:
5515| [92034] GSI-OpenSSH auth-pam.c Memory Management Authentication Bypass
5516| [90474] Red Hat / Fedora PAM Module for OpenSSH Incorrect error() Function Calling Local Privilege Escalation
5517| [90007] OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS
5518| [81500] OpenSSH gss-serv.c ssh_gssapi_parse_ename Function Field Length Value Parsing Remote DoS
5519| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
5520| [75753] OpenSSH PAM Module Aborted Conversation Local Information Disclosure
5521| [75249] OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
5522| [75248] OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
5523| [72183] Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure
5524| [70873] OpenSSH Legacy Certificates Stack Memory Disclosure
5525| [69658] OpenSSH J-PAKE Public Parameter Validation Shared Secret Authentication Bypass
5526| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
5527| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
5528| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
5529| [56921] OpenSSH Unspecified Remote Compromise
5530| [53021] OpenSSH on ftp.openbsd.org Trojaned Distribution
5531| [50036] OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure
5532| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
5533| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
5534| [47635] OpenSSH Packages on Red Hat Enterprise Linux Compromised Distribution
5535| [47227] OpenSSH X11UseLocalhost X11 Forwarding Port Hijacking
5536| [45873] Cisco WebNS SSHield w/ OpenSSH Crafted Large Packet Remote DoS
5537| [43911] OpenSSH ~/.ssh/rc ForceCommand Bypass Arbitrary Command Execution
5538| [43745] OpenSSH X11 Forwarding Local Session Hijacking
5539| [43371] OpenSSH Trusted X11 Cookie Connection Policy Bypass
5540| [39214] OpenSSH linux_audit_record_event Crafted Username Audit Log Injection
5541| [37315] pam_usb OpenSSH Authentication Unspecified Issue
5542| [34850] OpenSSH on Mac OS X Key Generation Remote Connection DoS
5543| [34601] OPIE w/ OpenSSH Account Enumeration
5544| [34600] OpenSSH S/KEY Authentication Account Enumeration
5545| [32721] OpenSSH Username Password Complexity Account Enumeration
5546| [30232] OpenSSH Privilege Separation Monitor Weakness
5547| [29494] OpenSSH packet.c Invalid Protocol Sequence Remote DoS
5548| [29266] OpenSSH GSSAPI Authentication Abort Username Enumeration
5549| [29264] OpenSSH Signal Handler Pre-authentication Race Condition Code Execution
5550| [29152] OpenSSH Identical Block Packet DoS
5551| [27745] Apple Mac OS X OpenSSH Nonexistent Account Login Enumeration DoS
5552| [23797] OpenSSH with OpenPAM Connection Saturation Forked Process Saturation DoS
5553| [22692] OpenSSH scp Command Line Filename Processing Command Injection
5554| [20216] OpenSSH with KerberosV Remote Authentication Bypass
5555| [19142] OpenSSH Multiple X11 Channel Forwarding Leaks
5556| [19141] OpenSSH GSSAPIAuthentication Credential Escalation
5557| [18236] OpenSSH no pty Command Execution Local PAM Restriction Bypass
5558| [16567] OpenSSH Privilege Separation LoginGraceTime DoS
5559| [16039] Solaris 108994 Series Patch OpenSSH LDAP Client Authentication DoS
5560| [9562] OpenSSH Default Configuration Anon SSH Service Port Bounce Weakness
5561| [9550] OpenSSH scp Traversal Arbitrary File Overwrite
5562| [6601] OpenSSH *realloc() Unspecified Memory Errors
5563| [6245] OpenSSH SKEY/BSD_AUTH Challenge-Response Remote Overflow
5564| [6073] OpenSSH on FreeBSD libutil Arbitrary File Read
5565| [6072] OpenSSH PAM Conversation Function Stack Modification
5566| [6071] OpenSSH SSHv1 PAM Challenge-Response Authentication Privilege Escalation
5567| [5536] OpenSSH sftp-server Restricted Keypair Restriction Bypass
5568| [5408] OpenSSH echo simulation Information Disclosure
5569| [5113] OpenSSH NIS YP Netgroups Authentication Bypass
5570| [4536] OpenSSH Portable AIX linker Privilege Escalation
5571| [3938] OpenSSL and OpenSSH /dev/random Check Failure
5572| [3456] OpenSSH buffer_append_space() Heap Corruption
5573| [2557] OpenSSH Multiple Buffer Management Multiple Overflows
5574| [2140] OpenSSH w/ PAM Username Validity Timing Attack
5575| [2112] OpenSSH Reverse DNS Lookup Bypass
5576| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
5577| [1853] OpenSSH Symbolic Link 'cookies' File Removal
5578| [839] OpenSSH PAMAuthenticationViaKbdInt Challenge-Response Remote Overflow
5579| [781] OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
5580| [730] OpenSSH Channel Code Off by One Remote Privilege Escalation
5581| [688] OpenSSH UseLogin Environment Variable Local Command Execution
5582| [642] OpenSSH Multiple Key Type ACL Bypass
5583| [504] OpenSSH SSHv2 Public Key Authentication Bypass
5584| [341] OpenSSH UseLogin Local Privilege Escalation
5585|_
558625/tcp open smtp Exim smtpd 4.89
5587| vulscan: VulDB - https://vuldb.com:
5588| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
5589| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
5590| [94599] Exim up to 4.87 information disclosure
5591| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
5592| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
5593| [141327] Exim up to 4.92.1 Backslash privilege escalation
5594| [138827] Exim up to 4.92 Expansion Code Execution
5595| [135932] Exim up to 4.92 privilege escalation
5596| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
5597| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
5598| [57462] Exim up to 4.75 Filesystem memory corruption
5599| [4280] Exim Server 4.x open_log race condition
5600|
5601| MITRE CVE - https://cve.mitre.org:
5602| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
5603| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
5604| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
5605| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
5606| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
5607| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
5608| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
5609| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
5610| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
5611| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
5612| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
5613| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
5614| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
5615| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
5616| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
5617| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
5618|
5619| SecurityFocus - https://www.securityfocus.com/bid/:
5620| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
5621| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
5622| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
5623| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
5624| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
5625| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
5626| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
5627| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
5628| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
5629| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
5630| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
5631| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
5632| [45308] Exim Crafted Header Remote Code Execution Vulnerability
5633| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
5634| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
5635| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
5636| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
5637| [17110] sa-exim Unauthorized File Access Vulnerability
5638| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
5639| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
5640| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
5641| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
5642| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
5643| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
5644| [6314] Exim Internet Mailer Format String Vulnerability
5645| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
5646| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
5647| [2828] Exim Format String Vulnerability
5648| [1859] Exim Buffer Overflow Vulnerability
5649|
5650| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5651| [84758] Exim sender_address parameter command execution
5652| [84015] Exim command execution
5653| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
5654| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
5655| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
5656| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
5657| [67455] Exim DKIM processing code execution
5658| [67299] Exim dkim_exim_verify_finish() format string
5659| [65028] Exim open_log privilege escalation
5660| [63967] Exim config file privilege escalation
5661| [63960] Exim header buffer overflow
5662| [59043] Exim mail directory privilege escalation
5663| [59042] Exim MBX symlink
5664| [52922] ikiwiki teximg plugin information disclosure
5665| [34265] Exim spamd buffer overflow
5666| [25286] Sa-exim greylistclean.cron file deletion
5667| [22687] RHSA-2005:025 updates for exim not installed
5668| [18901] Exim dns_build_reverse buffer overflow
5669| [18764] Exim spa_base64_to_bits function buffer overflow
5670| [18763] Exim host_aton buffer overflow
5671| [16079] Exim require_verify buffer overflow
5672| [16077] Exim header_check_syntax buffer overflow
5673| [16075] Exim sender_verify buffer overflow
5674| [13067] Exim HELO or EHLO command heap overflow
5675| [10761] Exim daemon.c format string
5676| [8194] Exim configuration file -c command-line argument buffer overflow
5677| [7738] Exim allows attacker to hide commands in localhost names using pipes
5678| [6671] Exim "
5679| [1893] Exim MTA allows local users to gain root privileges
5680|
5681| Exploit-DB - https://www.exploit-db.com:
5682| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
5683| [15725] Exim 4.63 Remote Root Exploit
5684| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
5685| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
5686| [796] Exim <= 4.42 Local Root Exploit
5687| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
5688|
5689| OpenVAS (Nessus) - http://www.openvas.org:
5690| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
5691|
5692| SecurityTracker - https://www.securitytracker.com:
5693| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
5694| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
5695| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
5696| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
5697| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
5698| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
5699| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
5700| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
5701| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
5702| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
5703| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
5704| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
5705|
5706| OSVDB - http://www.osvdb.org:
5707| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
5708| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
5709| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
5710| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
5711| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
5712| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
5713| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
5714| [70696] Exim log.c open_log() Function Local Privilege Escalation
5715| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
5716| [69685] Exim string_format Function Remote Overflow
5717| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
5718| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
5719| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
5720| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
5721| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
5722| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
5723| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
5724| [12726] Exim -be Command Line Option host_aton Function Local Overflow
5725| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
5726| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
5727| [10032] libXpm CreateXImage Function Integer Overflow
5728| [7160] Exim .forward :include: Option Privilege Escalation
5729| [6479] Vexim COOKIE Authentication Credential Disclosure
5730| [6478] Vexim Multiple Parameter SQL Injection
5731| [5930] Exim Parenthesis File Name Filter Bypass
5732| [5897] Exim header_syntax Function Remote Overflow
5733| [5896] Exim sender_verify Function Remote Overflow
5734| [5530] Exim Localhost Name Arbitrary Command Execution
5735| [5330] Exim Configuration File Variable Overflow
5736| [1855] Exim Batched SMTP Mail Header Format String
5737|_
573853/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
5739| vulscan: VulDB - https://vuldb.com:
5740| [11804] ISC BIND up to 9.9.4 DNS Query bin/named/query.c query_findclosestnsec3 denial of service
5741| [11104] ISC BIND up to 9.9.4 WSAloctl Winsock API Bypass privilege escalation
5742| [9764] ISC BIND up to 9.9.4 RDATA rdata.c denial of service
5743| [119548] ISC BIND 9.9.12/9.10.7/9.11.3/9.12.1-P2 Recursion information disclosure
5744| [95202] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DNSSEC denial of service
5745| [95201] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 DS Record Response denial of service
5746| [95200] ISC BIND up to 9.9.9-P4/9.10.4-P4/9.11.0-P1 ANY Query Response denial of service
5747| [89850] ISC BIND up to 9.9.9-P1/9.10.4-P1/9.11.0b1 Lightweight Resolution named.conf denial of service
5748| [81312] ISC BIND up to 9.9.8-P3/9.10.3-P3 named db.c/resolver.c Signature Record denial of service
5749| [81311] ISC BIND up to 9.9.8-P3/9.10.3-P3 named alist.c/sexpr.c denial of service
5750| [80787] ISC BIND up to 9.9.8-S4 Query rdataset.c denial of service
5751| [79802] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Socket Error resolver.c denial of service
5752| [79801] ISC BIND 9.9.0/9.10.0/9.10.1-P1 Response db.c denial of service
5753| [76834] ISC BIND up to 9.9.7-P1/9.10.2-P2 TKEY Query Packet Crash denial of service
5754| [8108] ISC BIND up to 9.9.3 on Unix/Linux Regular Expression denial of service
5755| [7079] ISC BIND up to 9.9.1 DNS64 IPv6 Transition Mechanism denial of service
5756| [6295] ISC BIND up to 9.9.1-P2 Assertion Error Resource Record Parser RDATA Query denial of service
5757| [5875] ISC BIND 9.9.0/9.9.1 denial of service
5758| [5874] ISC BIND up to 9.9.1-P1 denial of service
5759| [5483] ISC BIND up to 9.9.1 DNS Resource Record information disclosure
5760|
5761| MITRE CVE - https://cve.mitre.org:
5762| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
5763| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
5764| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
5765| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
5766| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
5767| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
5768| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
5769| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
5770| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
5771| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
5772| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
5773| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
5774|
5775| SecurityFocus - https://www.securityfocus.com/bid/:
5776| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
5777| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
5778| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
5779| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
5780| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
5781| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
5782| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
5783| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
5784| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
5785| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
5786| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
5787| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
5788| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
5789| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
5790| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
5791| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5792| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
5793| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5794| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5795| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5796| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5797| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5798| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
5799| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
5800| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
5801| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
5802| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
5803| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
5804| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
5805| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
5806| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
5807| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
5808| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
5809| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
5810| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
5811| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
5812| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
5813| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
5814| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
5815| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
5816| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
5817| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
5818| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
5819| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
5820| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
5821| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
5822| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
5823| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
5824| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
5825| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
5826| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
5827| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
5828| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
5829| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
5830| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
5831| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
5832| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
5833| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
5834| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
5835| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
5836| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
5837| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
5838| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
5839| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
5840| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
5841| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
5842| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
5843| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
5844| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
5845| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
5846| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
5847| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
5848| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
5849| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
5850|
5851| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5852| [85799] Cisco Unified IP Phones 9900 Series directory traversal
5853| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
5854| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
5855| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
5856| [9250] BIND 9 dns_message_findtype() denial of service
5857| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
5858| [539] Microsoft Windows 95 and Internet Explorer password disclosure
5859| [86004] ISC BIND RDATA denial of service
5860| [84767] ISC BIND denial of service
5861| [83066] ISC BIND denial of service
5862| [81504] ISC BIND AAAA denial of service
5863| [80510] ISC BIND DNS64 denial of service
5864| [79121] ISC BIND queries denial of service
5865| [78479] ISC BIND RDATA denial of service
5866| [77185] ISC BIND TCP queries denial of service
5867| [77184] ISC BIND bad cache denial of service
5868| [76034] ISC BIND rdata denial of service
5869| [73053] ISC BIND cache update policy security bypass
5870| [71332] ISC BIND recursive queries denial of service
5871| [68375] ISC BIND UPDATE denial of service
5872| [68374] ISC BIND Response Policy Zones denial of service
5873| [67665] ISC BIND RRSIG Rrsets denial of service
5874| [67297] ISC BIND RRSIG denial of service
5875| [65554] ISC BIND IXFR transfer denial of service
5876| [63602] ISC BIND allow-query security bypass
5877| [63596] ISC BIND zone data security bypass
5878| [63595] ISC BIND RRSIG denial of service
5879| [62072] ISC BIND DNSSEC query denial of service
5880| [62071] ISC BIND ACL security bypass
5881| [61871] ISC BIND anchors denial of service
5882| [60421] ISC BIND RRSIG denial of service
5883| [56049] ISC BIND out-of-bailiwick weak security
5884| [55937] ISC Bind unspecified cache poisoning
5885| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
5886| [54416] ISC BIND DNSSEC cache poisoning
5887| [52073] ISC BIND dns_db_findrdataset() denial of service
5888| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
5889| [45234] ISC BIND UDP denial of service
5890| [39670] ISC BIND inet_network buffer overflow
5891| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
5892| [37128] RHSA update for ISC BIND RRset denial of service not installed
5893| [37127] RHSA update for ISC BIND named service denial of service not installed
5894| [36275] ISC BIND DNS query spoofing
5895| [35575] ISC BIND query ID cache poisoning
5896| [35571] ISC BIND ACL security bypass
5897| [31838] ISC BIND RRset denial of service
5898| [31799] ISC BIND named service denial of service
5899| [29876] HP Tru64 ypbind core dump information disclosure
5900| [28745] ISC BIND DNSSEC RRset denial of service
5901| [28744] ISC BIND recursive INSIST denial of service
5902| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
5903| [18836] BIND hostname disclosure
5904| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
5905| [10333] ISC BIND SIG null pointer dereference denial of service
5906| [10332] ISC BIND OPT resource record (RR) denial of service
5907| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
5908| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
5909| [5814] ISC BIND "
5910| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
5911| [5462] ISC BIND AXFR host command remote buffer overflow
5912|
5913| Exploit-DB - https://www.exploit-db.com:
5914| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
5915| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
5916| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
5917|
5918| OpenVAS (Nessus) - http://www.openvas.org:
5919| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5920| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
5921| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5922| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5923| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5924| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5925| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5926| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
5927| [11226] Oracle 9iAS default error information disclosure
5928|
5929| SecurityTracker - https://www.securitytracker.com:
5930| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
5931| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
5932| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
5933| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
5934| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
5935| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5936| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5937| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5938| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5939| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5940| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5941| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5942| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5943| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5944| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
5945| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
5946| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
5947| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5948| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5949| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
5950| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
5951| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
5952| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
5953| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
5954| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
5955| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
5956|
5957| OSVDB - http://www.osvdb.org:
5958| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
5959| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
5960| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
5961| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
5962|_
596380/tcp open http nginx
5964| vulscan: VulDB - https://vuldb.com:
5965| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
5966| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
5967| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
5968| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
5969| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
5970| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
5971| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
5972| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
5973| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
5974| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
5975| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
5976| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
5977| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
5978| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
5979| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
5980| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
5981| [67677] nginx up to 1.7.3 SSL weak authentication
5982| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
5983| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
5984| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
5985| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
5986| [65364] nginx up to 1.1.13 Default Configuration information disclosure
5987| [8671] nginx up to 1.4 proxy_pass denial of service
5988| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
5989| [7247] nginx 1.2.6 Proxy Function spoofing
5990| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
5991| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
5992| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
5993| [59645] nginx up to 0.8.9 Heap-based memory corruption
5994| [53592] nginx 0.8.36 memory corruption
5995| [53590] nginx up to 0.8.9 unknown vulnerability
5996| [51533] nginx 0.7.64 Terminal privilege escalation
5997| [50905] nginx up to 0.8.9 directory traversal
5998| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
5999| [50043] nginx up to 0.8.10 memory corruption
6000|
6001| MITRE CVE - https://cve.mitre.org:
6002| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
6003| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
6004| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
6005| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
6006| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
6007| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
6008| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
6009| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
6010| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
6011| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
6012| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
6013| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
6014| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
6015|
6016| SecurityFocus - https://www.securityfocus.com/bid/:
6017| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
6018| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
6019| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
6020| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
6021| [82230] nginx Multiple Denial of Service Vulnerabilities
6022| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
6023| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
6024| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
6025| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
6026| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
6027| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
6028| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
6029| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
6030| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
6031| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
6032| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
6033| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
6034| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
6035| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
6036| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6037| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6038| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6039| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6040| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
6041| [40420] nginx Directory Traversal Vulnerability
6042| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6043| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6044| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6045| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6046| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
6047|
6048| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6049| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
6050| [84172] nginx denial of service
6051| [84048] nginx buffer overflow
6052| [83923] nginx ngx_http_close_connection() integer overflow
6053| [83688] nginx null byte code execution
6054| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
6055| [82319] nginx access.log information disclosure
6056| [80952] nginx SSL spoofing
6057| [77244] nginx and Microsoft Windows request security bypass
6058| [76778] Naxsi module for Nginx nx_extract.py directory traversal
6059| [74831] nginx ngx_http_mp4_module.c buffer overflow
6060| [74191] nginx ngx_cpystrn() information disclosure
6061| [74045] nginx header response information disclosure
6062| [71355] nginx ngx_resolver_copy() buffer overflow
6063| [59370] nginx characters denial of service
6064| [59369] nginx DATA source code disclosure
6065| [59047] nginx space source code disclosure
6066| [58966] nginx unspecified directory traversal
6067| [54025] nginx ngx_http_parse.c denial of service
6068| [53431] nginx WebDAV component directory traversal
6069| [53328] Nginx CRC-32 cached domain name spoofing
6070| [53250] Nginx ngx_http_parse_complex_uri() function code execution
6071|
6072| Exploit-DB - https://www.exploit-db.com:
6073| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
6074| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
6075| [25499] nginx 1.3.9-1.4.0 DoS PoC
6076| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
6077| [14830] nginx 0.6.38 - Heap Corruption Exploit
6078| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
6079| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
6080| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
6081| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
6082| [9829] nginx 0.7.61 WebDAV directory traversal
6083|
6084| OpenVAS (Nessus) - http://www.openvas.org:
6085| [864418] Fedora Update for nginx FEDORA-2012-3846
6086| [864310] Fedora Update for nginx FEDORA-2012-6238
6087| [864209] Fedora Update for nginx FEDORA-2012-6411
6088| [864204] Fedora Update for nginx FEDORA-2012-6371
6089| [864121] Fedora Update for nginx FEDORA-2012-4006
6090| [864115] Fedora Update for nginx FEDORA-2012-3991
6091| [864065] Fedora Update for nginx FEDORA-2011-16075
6092| [863654] Fedora Update for nginx FEDORA-2011-16110
6093| [861232] Fedora Update for nginx FEDORA-2007-1158
6094| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
6095| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
6096| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
6097| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
6098| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6099| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6100| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6101| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6102| [100659] nginx Directory Traversal Vulnerability
6103| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
6104| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6105| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6106| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6107| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
6108| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6109| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
6110| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
6111| [71297] FreeBSD Ports: nginx
6112| [71276] FreeBSD Ports: nginx
6113| [71239] Debian Security Advisory DSA 2434-1 (nginx)
6114| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
6115| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
6116| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
6117| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
6118| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
6119| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
6120| [64894] FreeBSD Ports: nginx
6121| [64869] Debian Security Advisory DSA 1884-1 (nginx)
6122|
6123| SecurityTracker - https://www.securitytracker.com:
6124| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
6125| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
6126| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
6127| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
6128|
6129| OSVDB - http://www.osvdb.org:
6130| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
6131| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
6132| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
6133| [92796] nginx ngx_http_close_connection Function Crafted r->
6134| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
6135| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
6136| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
6137| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
6138| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
6139| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
6140| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
6141| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
6142| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
6143| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
6144| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
6145| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
6146| [62617] nginx Internal DNS Cache Poisoning Weakness
6147| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
6148| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
6149| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
6150| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
6151| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
6152| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
6153| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
6154| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
6155| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
6156| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
6157|_
6158110/tcp open pop3 Dovecot pop3d
6159| vulscan: VulDB - https://vuldb.com:
6160| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6161| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6162| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6163| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6164| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6165| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6166| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6167| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6168| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6169| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6170| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6171| [69835] Dovecot 2.2.0/2.2.1 denial of service
6172| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6173| [65684] Dovecot up to 2.2.6 unknown vulnerability
6174| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6175| [63692] Dovecot up to 2.0.15 spoofing
6176| [7062] Dovecot 2.1.10 mail-search.c denial of service
6177| [57517] Dovecot up to 2.0.12 Login directory traversal
6178| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6179| [57515] Dovecot up to 2.0.12 Crash denial of service
6180| [54944] Dovecot up to 1.2.14 denial of service
6181| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6182| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6183| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6184| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6185| [53277] Dovecot up to 1.2.10 denial of service
6186| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6187| [45256] Dovecot up to 1.1.5 directory traversal
6188| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6189| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6190| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6191| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6192| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6193| [38222] Dovecot 1.0.2 directory traversal
6194| [36376] Dovecot up to 1.0.x directory traversal
6195| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6196|
6197| MITRE CVE - https://cve.mitre.org:
6198| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6199| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6200| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6201| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6202| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6203| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6204| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6205| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6206| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6207| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6208| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6209| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6210| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6211| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6212| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6213| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6214| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6215| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6216| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6217| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6218| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6219| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6220| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6221| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6222| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6223| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6224| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6225| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6226| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6227| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6228| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6229| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6230| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6231| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
6232| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
6233| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
6234| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6235|
6236| SecurityFocus - https://www.securityfocus.com/bid/:
6237| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6238| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6239| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6240| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6241| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6242| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6243| [67306] Dovecot Denial of Service Vulnerability
6244| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
6245| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6246| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6247| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6248| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6249| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6250| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6251| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6252| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6253| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6254| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6255| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6256| [39838] tpop3d Remote Denial of Service Vulnerability
6257| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6258| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6259| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6260| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6261| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6262| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6263| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6264| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6265| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6266| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6267| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6268| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6269| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6270| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6271| [17961] Dovecot Remote Information Disclosure Vulnerability
6272| [16672] Dovecot Double Free Denial of Service Vulnerability
6273| [8495] akpop3d User Name SQL Injection Vulnerability
6274| [8473] Vpop3d Remote Denial Of Service Vulnerability
6275| [3990] ZPop3D Bad Login Logging Failure Vulnerability
6276| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
6277|
6278| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6279| [86382] Dovecot POP3 Service denial of service
6280| [84396] Dovecot IMAP APPEND denial of service
6281| [80453] Dovecot mail-search.c denial of service
6282| [71354] Dovecot SSL Common Name (CN) weak security
6283| [67675] Dovecot script-login security bypass
6284| [67674] Dovecot script-login directory traversal
6285| [67589] Dovecot header name denial of service
6286| [63267] Apple Mac OS X Dovecot information disclosure
6287| [62340] Dovecot mailbox security bypass
6288| [62339] Dovecot IMAP or POP3 denial of service
6289| [62256] Dovecot mailbox security bypass
6290| [62255] Dovecot ACL entry security bypass
6291| [60639] Dovecot ACL plugin weak security
6292| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6293| [56763] Dovecot header denial of service
6294| [54363] Dovecot base_dir privilege escalation
6295| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6296| [46323] Dovecot dovecot.conf information disclosure
6297| [46227] Dovecot message parsing denial of service
6298| [45669] Dovecot ACL mailbox security bypass
6299| [45667] Dovecot ACL plugin rights security bypass
6300| [41085] Dovecot TAB characters authentication bypass
6301| [41009] Dovecot mail_extra_groups option unauthorized access
6302| [39342] Dovecot LDAP auth cache configuration security bypass
6303| [35767] Dovecot ACL plugin security bypass
6304| [34082] Dovecot mbox-storage.c directory traversal
6305| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6306| [26578] Cyrus IMAP pop3d buffer overflow
6307| [26536] Dovecot IMAP LIST information disclosure
6308| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6309| [24709] Dovecot APPEND command denial of service
6310| [13018] akpop3d authentication code SQL injection
6311| [7345] Slackware Linux imapd and ipop3d core dump
6312| [6269] imap, ipop2d and ipop3d buffer overflows
6313| [5923] Linuxconf vpop3d symbolic link
6314| [4918] IPOP3D, Buffer overflow attack
6315| [1560] IPOP3D, user login successful
6316| [1559] IPOP3D user login to remote host successful
6317| [1525] IPOP3D, user logout
6318| [1524] IPOP3D, user auto-logout
6319| [1523] IPOP3D, user login failure
6320| [1522] IPOP3D, brute force attack
6321| [1521] IPOP3D, user kiss of death logout
6322| [418] pop3d mktemp creates insecure temporary files
6323|
6324| Exploit-DB - https://www.exploit-db.com:
6325| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6326| [23053] Vpop3d Remote Denial of Service Vulnerability
6327| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6328| [11893] tPop3d 1.5.3 DoS
6329| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6330| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6331| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6332| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6333|
6334| OpenVAS (Nessus) - http://www.openvas.org:
6335| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6336| [901025] Dovecot Version Detection
6337| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6338| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6339| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6340| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6341| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6342| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6343| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6344| [863272] Fedora Update for dovecot FEDORA-2011-7612
6345| [863115] Fedora Update for dovecot FEDORA-2011-7258
6346| [861525] Fedora Update for dovecot FEDORA-2007-664
6347| [861394] Fedora Update for dovecot FEDORA-2007-493
6348| [861333] Fedora Update for dovecot FEDORA-2007-1485
6349| [860845] Fedora Update for dovecot FEDORA-2008-9202
6350| [860663] Fedora Update for dovecot FEDORA-2008-2475
6351| [860169] Fedora Update for dovecot FEDORA-2008-2464
6352| [860089] Fedora Update for dovecot FEDORA-2008-9232
6353| [840950] Ubuntu Update for dovecot USN-1295-1
6354| [840668] Ubuntu Update for dovecot USN-1143-1
6355| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6356| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6357| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6358| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6359| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6360| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6361| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6362| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6363| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6364| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6365| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6366| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6367| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6368| [70259] FreeBSD Ports: dovecot
6369| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6370| [66522] FreeBSD Ports: dovecot
6371| [65010] Ubuntu USN-838-1 (dovecot)
6372| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6373| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6374| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6375| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6376| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6377| [62854] FreeBSD Ports: dovecot-managesieve
6378| [61916] FreeBSD Ports: dovecot
6379| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6380| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6381| [60528] FreeBSD Ports: dovecot
6382| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6383| [60089] FreeBSD Ports: dovecot
6384| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6385| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6386|
6387| SecurityTracker - https://www.securitytracker.com:
6388| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6389| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6390| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6391|
6392| OSVDB - http://www.osvdb.org:
6393| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6394| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6395| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6396| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6397| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6398| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6399| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6400| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6401| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6402| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6403| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6404| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6405| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6406| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6407| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6408| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6409| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6410| [66110] Dovecot Multiple Unspecified Buffer Overflows
6411| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6412| [64783] Dovecot E-mail Message Header Unspecified DoS
6413| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6414| [62796] Dovecot mbox Format Email Header Handling DoS
6415| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6416| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6417| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6418| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6419| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6420| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6421| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6422| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6423| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6424| [39876] Dovecot LDAP Auth Cache Security Bypass
6425| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6426| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6427| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6428| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6429| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6430| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6431| [23280] Dovecot Malformed APPEND Command DoS
6432| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
6433| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6434| [5857] Linux pop3d Arbitrary Mail File Access
6435| [2471] akpop3d username SQL Injection
6436|_
6437143/tcp open imap Dovecot imapd
6438| vulscan: VulDB - https://vuldb.com:
6439| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6440| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6441| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6442| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6443| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6444| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6445| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6446| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6447| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6448| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6449| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6450| [69835] Dovecot 2.2.0/2.2.1 denial of service
6451| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6452| [65684] Dovecot up to 2.2.6 unknown vulnerability
6453| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6454| [63692] Dovecot up to 2.0.15 spoofing
6455| [7062] Dovecot 2.1.10 mail-search.c denial of service
6456| [59792] Cyrus IMAPd 2.4.11 weak authentication
6457| [57517] Dovecot up to 2.0.12 Login directory traversal
6458| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6459| [57515] Dovecot up to 2.0.12 Crash denial of service
6460| [54944] Dovecot up to 1.2.14 denial of service
6461| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6462| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6463| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6464| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6465| [53277] Dovecot up to 1.2.10 denial of service
6466| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6467| [45256] Dovecot up to 1.1.5 directory traversal
6468| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6469| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6470| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6471| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6472| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6473| [38222] Dovecot 1.0.2 directory traversal
6474| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
6475| [36376] Dovecot up to 1.0.x directory traversal
6476| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
6477| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6478|
6479| MITRE CVE - https://cve.mitre.org:
6480| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6481| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6482| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
6483| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
6484| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6485| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6486| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6487| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6488| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6489| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6490| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6491| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6492| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6493| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6494| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6495| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6496| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6497| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6498| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6499| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6500| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6501| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6502| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6503| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6504| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6505| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6506| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6507| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
6508| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
6509| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6510| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
6511| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6512| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6513| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
6514| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
6515| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6516| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
6517| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
6518| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
6519| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
6520| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6521| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6522| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6523| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6524| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
6525| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
6526| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
6527| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
6528| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
6529| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
6530| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
6531| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
6532| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
6533| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
6534| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
6535| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
6536| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
6537| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6538| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
6539|
6540| SecurityFocus - https://www.securityfocus.com/bid/:
6541| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6542| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6543| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6544| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6545| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6546| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
6547| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6548| [67306] Dovecot Denial of Service Vulnerability
6549| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
6550| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6551| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6552| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6553| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6554| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6555| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
6556| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6557| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
6558| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6559| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6560| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6561| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6562| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6563| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6564| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6565| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6566| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6567| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6568| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6569| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6570| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6571| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6572| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
6573| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
6574| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6575| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6576| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
6577| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6578| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6579| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6580| [17961] Dovecot Remote Information Disclosure Vulnerability
6581| [16672] Dovecot Double Free Denial of Service Vulnerability
6582| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
6583| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
6584| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
6585| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
6586| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
6587| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
6588| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
6589| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
6590| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
6591| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
6592| [130] imapd Buffer Overflow Vulnerability
6593|
6594| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6595| [86382] Dovecot POP3 Service denial of service
6596| [84396] Dovecot IMAP APPEND denial of service
6597| [80453] Dovecot mail-search.c denial of service
6598| [71354] Dovecot SSL Common Name (CN) weak security
6599| [70325] Cyrus IMAPd NNTP security bypass
6600| [67675] Dovecot script-login security bypass
6601| [67674] Dovecot script-login directory traversal
6602| [67589] Dovecot header name denial of service
6603| [63267] Apple Mac OS X Dovecot information disclosure
6604| [62340] Dovecot mailbox security bypass
6605| [62339] Dovecot IMAP or POP3 denial of service
6606| [62256] Dovecot mailbox security bypass
6607| [62255] Dovecot ACL entry security bypass
6608| [60639] Dovecot ACL plugin weak security
6609| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6610| [56763] Dovecot header denial of service
6611| [54363] Dovecot base_dir privilege escalation
6612| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6613| [47526] UW-imapd rfc822_output_char() denial of service
6614| [46323] Dovecot dovecot.conf information disclosure
6615| [46227] Dovecot message parsing denial of service
6616| [45669] Dovecot ACL mailbox security bypass
6617| [45667] Dovecot ACL plugin rights security bypass
6618| [41085] Dovecot TAB characters authentication bypass
6619| [41009] Dovecot mail_extra_groups option unauthorized access
6620| [39342] Dovecot LDAP auth cache configuration security bypass
6621| [35767] Dovecot ACL plugin security bypass
6622| [34082] Dovecot mbox-storage.c directory traversal
6623| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6624| [26536] Dovecot IMAP LIST information disclosure
6625| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6626| [24709] Dovecot APPEND command denial of service
6627| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
6628| [19460] Cyrus IMAP imapd buffer overflow
6629| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
6630| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
6631| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
6632| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
6633| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
6634| [7345] Slackware Linux imapd and ipop3d core dump
6635| [573] Imapd denial of service
6636|
6637| Exploit-DB - https://www.exploit-db.com:
6638| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
6639| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6640| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
6641| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
6642| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
6643| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
6644| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
6645| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
6646| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
6647| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
6648| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
6649| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6650| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
6651| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
6652| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
6653| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
6654| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
6655| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
6656| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6657| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
6658| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
6659| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
6660| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6661| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6662| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6663| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
6664| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
6665| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
6666| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
6667| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
6668| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
6669| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
6670| [340] Linux imapd Remote Overflow File Retrieve Exploit
6671|
6672| OpenVAS (Nessus) - http://www.openvas.org:
6673| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6674| [901025] Dovecot Version Detection
6675| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
6676| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
6677| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6678| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
6679| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
6680| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6681| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
6682| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
6683| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
6684| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
6685| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
6686| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6687| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
6688| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6689| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
6690| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
6691| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
6692| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
6693| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
6694| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6695| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
6696| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
6697| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6698| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
6699| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6700| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
6701| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
6702| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
6703| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
6704| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
6705| [863272] Fedora Update for dovecot FEDORA-2011-7612
6706| [863115] Fedora Update for dovecot FEDORA-2011-7258
6707| [861525] Fedora Update for dovecot FEDORA-2007-664
6708| [861394] Fedora Update for dovecot FEDORA-2007-493
6709| [861333] Fedora Update for dovecot FEDORA-2007-1485
6710| [860845] Fedora Update for dovecot FEDORA-2008-9202
6711| [860663] Fedora Update for dovecot FEDORA-2008-2475
6712| [860169] Fedora Update for dovecot FEDORA-2008-2464
6713| [860089] Fedora Update for dovecot FEDORA-2008-9232
6714| [840950] Ubuntu Update for dovecot USN-1295-1
6715| [840668] Ubuntu Update for dovecot USN-1143-1
6716| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6717| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6718| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6719| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6720| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6721| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
6722| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
6723| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
6724| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6725| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6726| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
6727| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6728| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6729| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6730| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6731| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
6732| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6733| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6734| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
6735| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
6736| [70259] FreeBSD Ports: dovecot
6737| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
6738| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6739| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
6740| [66522] FreeBSD Ports: dovecot
6741| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
6742| [66233] SLES10: Security update for Cyrus IMAPD
6743| [66226] SLES11: Security update for Cyrus IMAPD
6744| [66222] SLES9: Security update for Cyrus IMAPD
6745| [65938] SLES10: Security update for Cyrus IMAPD
6746| [65723] SLES11: Security update for Cyrus IMAPD
6747| [65523] SLES9: Security update for Cyrus IMAPD
6748| [65479] SLES9: Security update for cyrus-imapd
6749| [65094] SLES9: Security update for cyrus-imapd
6750| [65010] Ubuntu USN-838-1 (dovecot)
6751| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
6752| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6753| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
6754| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
6755| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
6756| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6757| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6758| [64898] FreeBSD Ports: cyrus-imapd
6759| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
6760| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6761| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
6762| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
6763| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
6764| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
6765| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6766| [62854] FreeBSD Ports: dovecot-managesieve
6767| [61916] FreeBSD Ports: dovecot
6768| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6769| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6770| [60528] FreeBSD Ports: dovecot
6771| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6772| [60089] FreeBSD Ports: dovecot
6773| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6774| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6775| [55807] Slackware Advisory SSA:2005-310-06 imapd
6776| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
6777| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
6778| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
6779| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
6780| [52297] FreeBSD Ports: cyrus-imapd
6781| [52296] FreeBSD Ports: cyrus-imapd
6782| [52295] FreeBSD Ports: cyrus-imapd
6783| [52294] FreeBSD Ports: cyrus-imapd
6784| [52172] FreeBSD Ports: cyrus-imapd
6785|
6786| SecurityTracker - https://www.securitytracker.com:
6787| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6788| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6789| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6790| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
6791|
6792| OSVDB - http://www.osvdb.org:
6793| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6794| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6795| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6796| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6797| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
6798| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6799| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
6800| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6801| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6802| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6803| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6804| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6805| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6806| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6807| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6808| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6809| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6810| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6811| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6812| [66110] Dovecot Multiple Unspecified Buffer Overflows
6813| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6814| [64783] Dovecot E-mail Message Header Unspecified DoS
6815| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6816| [62796] Dovecot mbox Format Email Header Handling DoS
6817| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6818| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6819| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
6820| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
6821| [52906] UW-imapd c-client Initial Request Remote Format String
6822| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
6823| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
6824| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6825| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6826| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
6827| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
6828| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6829| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6830| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6831| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6832| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6833| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
6834| [39876] Dovecot LDAP Auth Cache Security Bypass
6835| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
6836| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6837| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6838| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
6839| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
6840| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
6841| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6842| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6843| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6844| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6845| [23280] Dovecot Malformed APPEND Command DoS
6846| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
6847| [13242] UW-imapd CRAM-MD5 Authentication Bypass
6848| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
6849| [12042] UoW imapd Multiple Unspecified Overflows
6850| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
6851| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6852| [911] UoW imapd AUTHENTICATE Command Remote Overflow
6853| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
6854| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
6855|_
6856443/tcp closed https
6857465/tcp open ssl/smtp Exim smtpd 4.89
6858| vulscan: VulDB - https://vuldb.com:
6859| [109969] Exim 4.88/4.89 SMTP Daemon receive.c bdat_getc denial of service
6860| [109968] Exim 4.88/4.89 SMTP Daemon receive.c receive_msg memory corruption
6861| [94599] Exim up to 4.87 information disclosure
6862| [13422] Exim 4.82 Mail Header dmarc.c expand_string memory corruption
6863| [6817] Exim up to 4.80 src/dkim.c dkim_exim_query_dns_txt memory corruption
6864| [141327] Exim up to 4.92.1 Backslash privilege escalation
6865| [138827] Exim up to 4.92 Expansion Code Execution
6866| [135932] Exim up to 4.92 privilege escalation
6867| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
6868| [58841] exim up to 4.69 dkim_exim_verify_finish memory corruption
6869| [57462] Exim up to 4.75 Filesystem memory corruption
6870| [4280] Exim Server 4.x open_log race condition
6871|
6872| MITRE CVE - https://cve.mitre.org:
6873| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
6874| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
6875| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
6876| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
6877| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
6878| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
6879| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
6880| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
6881| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
6882| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
6883| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
6884| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
6885| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
6886| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
6887| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
6888| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
6889|
6890| SecurityFocus - https://www.securityfocus.com/bid/:
6891| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
6892| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
6893| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
6894| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
6895| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
6896| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
6897| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6898| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
6899| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
6900| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
6901| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
6902| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
6903| [45308] Exim Crafted Header Remote Code Execution Vulnerability
6904| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
6905| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
6906| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
6907| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
6908| [17110] sa-exim Unauthorized File Access Vulnerability
6909| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
6910| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
6911| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
6912| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
6913| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
6914| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
6915| [6314] Exim Internet Mailer Format String Vulnerability
6916| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
6917| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
6918| [2828] Exim Format String Vulnerability
6919| [1859] Exim Buffer Overflow Vulnerability
6920|
6921| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6922| [84758] Exim sender_address parameter command execution
6923| [84015] Exim command execution
6924| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
6925| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
6926| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
6927| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
6928| [67455] Exim DKIM processing code execution
6929| [67299] Exim dkim_exim_verify_finish() format string
6930| [65028] Exim open_log privilege escalation
6931| [63967] Exim config file privilege escalation
6932| [63960] Exim header buffer overflow
6933| [59043] Exim mail directory privilege escalation
6934| [59042] Exim MBX symlink
6935| [52922] ikiwiki teximg plugin information disclosure
6936| [34265] Exim spamd buffer overflow
6937| [25286] Sa-exim greylistclean.cron file deletion
6938| [22687] RHSA-2005:025 updates for exim not installed
6939| [18901] Exim dns_build_reverse buffer overflow
6940| [18764] Exim spa_base64_to_bits function buffer overflow
6941| [18763] Exim host_aton buffer overflow
6942| [16079] Exim require_verify buffer overflow
6943| [16077] Exim header_check_syntax buffer overflow
6944| [16075] Exim sender_verify buffer overflow
6945| [13067] Exim HELO or EHLO command heap overflow
6946| [10761] Exim daemon.c format string
6947| [8194] Exim configuration file -c command-line argument buffer overflow
6948| [7738] Exim allows attacker to hide commands in localhost names using pipes
6949| [6671] Exim "
6950| [1893] Exim MTA allows local users to gain root privileges
6951|
6952| Exploit-DB - https://www.exploit-db.com:
6953| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
6954| [15725] Exim 4.63 Remote Root Exploit
6955| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
6956| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
6957| [796] Exim <= 4.42 Local Root Exploit
6958| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
6959|
6960| OpenVAS (Nessus) - http://www.openvas.org:
6961| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
6962|
6963| SecurityTracker - https://www.securitytracker.com:
6964| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
6965| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
6966| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
6967| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
6968| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
6969| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
6970| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
6971| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
6972| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
6973| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
6974| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
6975| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
6976|
6977| OSVDB - http://www.osvdb.org:
6978| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6979| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
6980| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
6981| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
6982| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
6983| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
6984| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
6985| [70696] Exim log.c open_log() Function Local Privilege Escalation
6986| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
6987| [69685] Exim string_format Function Remote Overflow
6988| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
6989| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
6990| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
6991| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
6992| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
6993| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
6994| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
6995| [12726] Exim -be Command Line Option host_aton Function Local Overflow
6996| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
6997| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
6998| [10032] libXpm CreateXImage Function Integer Overflow
6999| [7160] Exim .forward :include: Option Privilege Escalation
7000| [6479] Vexim COOKIE Authentication Credential Disclosure
7001| [6478] Vexim Multiple Parameter SQL Injection
7002| [5930] Exim Parenthesis File Name Filter Bypass
7003| [5897] Exim header_syntax Function Remote Overflow
7004| [5896] Exim sender_verify Function Remote Overflow
7005| [5530] Exim Localhost Name Arbitrary Command Execution
7006| [5330] Exim Configuration File Variable Overflow
7007| [1855] Exim Batched SMTP Mail Header Format String
7008|_
7009993/tcp open ssl/imaps?
7010995/tcp open ssl/pop3s?
701135500/tcp closed unknown
7012Service Info: Host: a13s08.host.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
7013#################################################################################################################################
7014 Anonymous JTSEC #OpDeathEathers Full Recon #27