· 6 years ago · Feb 10, 2020, 03:08 PM
1######################################################################################################################################
2=======================================================================================================================================
3Hostname www.boymoment.com ISP FranTech Solutions
4Continent North America Flag
5US
6Country United States Country Code US
7Region Arizona Local time 10 Feb 2020 07:03 MST
8City Phoenix Postal Code 85001
9IP Address 104.244.74.54 Latitude 33.453
10 Longitude -112.075
11======================================================================================================================================
12######################################################################################################################################
13> www.boymoment.com
14Server: 38.132.106.139
15Address: 38.132.106.139#53
16
17Non-authoritative answer:
18Name: www.boymoment.com
19Address: 104.244.74.54
20>
21######################################################################################################################################
22 Domain Name: BOYMOMENT.COM
23 Registry Domain ID: 103488346_DOMAIN_COM-VRSN
24 Registrar WHOIS Server: whois.enom.com
25 Registrar URL: http://www.enom.com
26 Updated Date: 2019-08-14T08:46:02Z
27 Creation Date: 2003-09-12T23:07:04Z
28 Registry Expiry Date: 2020-09-12T23:07:04Z
29 Registrar: eNom, LLC
30 Registrar IANA ID: 48
31 Registrar Abuse Contact Email:
32 Registrar Abuse Contact Phone:
33 Domain Status: ok https://icann.org/epp#ok
34 Name Server: NS1.ALDNS.ORG
35 Name Server: NS2.ALDNS.ORG
36 Name Server: NS3.ALDNS.ORG
37 DNSSEC: unsigned
38######################################################################################################################################
39[+] Target : www.boymoment.com
40
41[+] IP Address : 104.244.74.54
42
43[+] Headers :
44
45[+] Server : nginx
46[+] Date : Mon, 10 Feb 2020 14:11:43 GMT
47[+] Content-Type : text/html
48[+] Transfer-Encoding : chunked
49[+] Connection : keep-alive
50[+] Content-Encoding : gzip
51
52[+] SSL Certificate Information :
53
54[+] commonName : boymoment.com
55[+] countryName : US
56[+] organizationName : Let's Encrypt
57[+] commonName : Let's Encrypt Authority X3
58[+] Version : 3
59[+] Serial Number : 03E93A7E1F62AD73CBCFAECD76BDFE39C4E2
60[+] Not Before : Jan 10 09:36:52 2020 GMT
61[+] Not After : Apr 9 09:36:52 2020 GMT
62[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
63[+] subject Alt Name : (('DNS', 'boymoment.com'), ('DNS', 'www.boymoment.com'))
64[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
65
66[+] Whois Lookup :
67
68[+] NIR : None
69[+] ASN Registry : arin
70[+] ASN : 53667
71[+] ASN CIDR : 104.244.74.0/24
72[+] ASN Country Code : US
73[+] ASN Date : 2014-11-10
74[+] ASN Description : PONYNET, US
75[+] cidr : 104.244.72.0/21
76[+] name : PONYNET-14
77[+] handle : NET-104-244-72-0-1
78[+] range : 104.244.72.0 - 104.244.79.255
79[+] description : FranTech Solutions
80[+] country : US
81[+] state : WY
82[+] city : Cheyenne
83[+] address : 1621 Central Ave
84[+] postal_code : 82001
85[+] emails : ['fdias@frantech.ca']
86[+] created : 2014-11-10
87[+] updated : 2014-11-10
88
89[+] Crawling Target...
90
91[+] Looking for robots.txt........[ Not Found ]
92[+] Looking for sitemap.xml.......[ Not Found ]
93[+] Extracting CSS Links..........[ 1 ]
94[+] Extracting Javascript Links...[ 0 ]
95[+] Extracting Internal Links.....[ 7 ]
96[+] Extracting External Links.....[ 0 ]
97[+] Extracting Images.............[ 3 ]
98
99[+] Total Links Extracted : 11
100
101[+] Dumping Links in /opt/FinalRecon/dumps/www.boymoment.com.dump
102[+] Completed!
103#####################################################################################################################################
104[i] Scanning Site: https://www.boymoment.com
105
106
107
108B A S I C I N F O
109====================
110
111
112[+] Site Title: Welcome To BoyMoment.com
113[+] IP address: 104.244.74.54
114[+] Web Server: nginx
115[+] CMS: Could Not Detect
116[+] Cloudflare: Not Detected
117[+] Robots File: Could NOT Find robots.txt!
118
119
120
121
122W H O I S L O O K U P
123========================
124
125 Domain Name: BOYMOMENT.COM
126 Registry Domain ID: 103488346_DOMAIN_COM-VRSN
127 Registrar WHOIS Server: whois.enom.com
128 Registrar URL: http://www.enom.com
129 Updated Date: 2019-08-14T08:46:02Z
130 Creation Date: 2003-09-12T23:07:04Z
131 Registry Expiry Date: 2020-09-12T23:07:04Z
132 Registrar: eNom, LLC
133 Registrar IANA ID: 48
134 Registrar Abuse Contact Email:
135 Registrar Abuse Contact Phone:
136 Domain Status: ok https://icann.org/epp#ok
137 Name Server: NS1.ALDNS.ORG
138 Name Server: NS2.ALDNS.ORG
139 Name Server: NS3.ALDNS.ORG
140 DNSSEC: unsigned
141 URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
142>>> Last update of whois database: 2020-02-10T14:09:19Z <<<
143
144For more information on Whois status codes, please visit https://icann.org/epp
145
146
147
148The Registry database contains ONLY .COM, .NET, .EDU domains and
149Registrars.
150
151
152
153
154G E O I P L O O K U P
155=========================
156
157[i] IP Address: 104.244.74.54
158[i] Country: United States
159[i] State: Arizona
160[i] City: Phoenix
161[i] Latitude: 33.4532
162[i] Longitude: -112.0749
163
164
165
166
167H T T P H E A D E R S
168=======================
169
170
171[i] HTTP/1.1 200 OK
172[i] Server: nginx
173[i] Date: Mon, 10 Feb 2020 14:12:02 GMT
174[i] Content-Type: text/html
175[i] Content-Length: 1929
176[i] Connection: close
177[i] Last-Modified: Wed, 22 Jan 2020 14:19:04 GMT
178[i] Vary: Accept-Encoding
179[i] ETag: "5e2859d8-789"
180[i] Accept-Ranges: bytes
181
182
183
184
185D N S L O O K U P
186===================
187
188boymoment.com. 3599 IN A 104.244.74.54
189boymoment.com. 3599 IN NS ns1.aldns.org.
190boymoment.com. 3599 IN NS ns2.aldns.org.
191boymoment.com. 3599 IN NS ns3.aldns.org.
192boymoment.com. 3599 IN SOA ns1.aldns.org. dns.aldns.org. 2019031520 3600 3600 604800 86400
193boymoment.com. 3599 IN MX 10 box.isp-email.net.
194boymoment.com. 3599 IN TXT "v=spf1 mx -all"
195
196
197
198
199S U B N E T C A L C U L A T I O N
200====================================
201
202Address = 104.244.74.54
203Network = 104.244.74.54 / 32
204Netmask = 255.255.255.255
205Broadcast = not needed on Point-to-Point links
206Wildcard Mask = 0.0.0.0
207Hosts Bits = 0
208Max. Hosts = 1 (2^0 - 0)
209Host Range = { 104.244.74.54 - 104.244.74.54 }
210
211
212
213N M A P P O R T S C A N
214============================
215
216Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-10 14:09 UTC
217Nmap scan report for boymoment.com (104.244.74.54)
218Host is up (0.082s latency).
219
220PORT STATE SERVICE
22121/tcp filtered ftp
22222/tcp filtered ssh
22323/tcp filtered telnet
22480/tcp open http
225110/tcp filtered pop3
226143/tcp filtered imap
227443/tcp open https
2283389/tcp filtered ms-wbt-server
229
230Nmap done: 1 IP address (1 host up) scanned in 2.09 seconds
231
232
233
234S U B - D O M A I N F I N D E R
235==================================
236
237
238[i] Total Subdomains Found : 2
239
240[+] Subdomain: mail.boymoment.com
241[-] IP: 79.124.7.219
242
243[+] Subdomain: www.boymoment.com
244[-] IP: 104.244.74.54
245######################################################################################################################################
246[+] Starting At 2020-02-10 09:10:35.390568
247[+] Collecting Information On: https://www.boymoment.com/
248[#] Status: 200
249--------------------------------------------------
250[#] Web Server Detected: nginx
251[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
252- Server: nginx
253- Date: Mon, 10 Feb 2020 14:13:01 GMT
254- Content-Type: text/html
255- Transfer-Encoding: chunked
256- Connection: keep-alive
257- Last-Modified: Wed, 22 Jan 2020 14:19:04 GMT
258- Vary: Accept-Encoding
259- ETag: W/"5e2859d8-789"
260- Content-Encoding: gzip
261--------------------------------------------------
262[#] Finding Location..!
263[#] status: success
264[#] country: Luxembourg
265[#] countryCode: LU
266[#] region: LU
267[#] regionName: Luxembourg
268[#] city: Luxembourg
269[#] zip: L-1661
270[#] lat: 49.6116
271[#] lon: 6.13193
272[#] timezone: Europe/Luxembourg
273[#] isp: FranTech Solutions
274[#] org: BuyVM
275[#] as: AS53667 FranTech Solutions
276[#] query: 104.244.74.54
277--------------------------------------------------
278[x] Didn't Detect WAF Presence on: https://www.boymoment.com/
279--------------------------------------------------
280[#] Starting Reverse DNS
281[-] Failed ! Fail
282--------------------------------------------------
283[!] Scanning Open Port
284[#] 80/tcp open http
285[#] 443/tcp open https
286[#] 16001/tcp open fmsascon
287--------------------------------------------------
288[+] Getting SSL Info
289{'OCSP': ('http://ocsp.int-x3.letsencrypt.org',),
290 'caIssuers': ('http://cert.int-x3.letsencrypt.org/',),
291 'issuer': ((('countryName', 'US'),),
292 (('organizationName', "Let's Encrypt"),),
293 (('commonName', "Let's Encrypt Authority X3"),)),
294 'notAfter': 'Apr 9 09:36:52 2020 GMT',
295 'notBefore': 'Jan 10 09:36:52 2020 GMT',
296 'serialNumber': '03E93A7E1F62AD73CBCFAECD76BDFE39C4E2',
297 'subject': ((('commonName', 'boymoment.com'),),),
298 'subjectAltName': (('DNS', 'boymoment.com'), ('DNS', 'www.boymoment.com')),
299 'version': 3}
300-----BEGIN CERTIFICATE-----
301MIIFZjCCBE6gAwIBAgISA+k6fh9irXPLz67Ndr3+OcTiMA0GCSqGSIb3DQEBCwUA
302MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
303ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMTAwOTM2NTJaFw0y
304MDA0MDkwOTM2NTJaMBgxFjAUBgNVBAMTDWJveW1vbWVudC5jb20wggEiMA0GCSqG
305SIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7BVAqNgCvhCJgFtjyRTflK/z8eCZACPv2
306SwsHghakhPxiJlAQYzByHvCy3mUHsPOiCaox6VdYzjfgcOd7ezPnvkelYxbjglUW
307CX1OLoPmTgZUEPfiTT+4fzlsJAG//yq5vtZcFaLlmVGx8Tcdc46EVdP5Ks5g9TMn
308k0ECfsu9H2wGo2qlI3tb7Aje9VH021JukEGoyB9zDPdohwSHhWsbwjSL3cERMol8
309+xSsv7byODSYVVnAXwVtwqEGevKAGPYLsym1625SUugz1OcNLbrNwie5VB/ZPg8/
310U+kyl/djotSPi8zazOnPyEukSUULPGq3RTUP7tkwGMRulY74FfAHAgMBAAGjggJ2
311MIICcjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
312BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMRtyZDoKUWCqkAjC3CTonyHvkhW
313MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw
314YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y
315ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
316Zy8wKwYDVR0RBCQwIoINYm95bW9tZW50LmNvbYIRd3d3LmJveW1vbWVudC5jb20w
317TAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcC
318ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2
319BIHzAPEAdwBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAW+PBzX1
320AAAEAwBIMEYCIQDxR5X/IUFwCavPD92TyXBTl1ime08lum7Fvmzk4IWFYgIhAN/D
321mKz3/U2QFnvgHgAlsqTtJxUFHQOo1qmtfTa4nzOHAHYAB7dcG+V9aP/xsMYdIxXH
322uuZXfFeUt2ruvGE6GmnTohwAAAFvjwc2XgAABAMARzBFAiEA5UvMz9iW0zLbI+Xi
323QMNx6jV4swM0Fcg22DzPB5ltMlgCIDiBB7EOl8PDdDA3biFku/aL5HaCLB569WIx
3240oXVm39kMA0GCSqGSIb3DQEBCwUAA4IBAQA8sGrhi0gjGm3fM+A9hAudJ1ssLXN+
325GhP4Z2svzrgv+F/rbRU9/SEtwcKkBC/6FuTekS/HhuZRBEWFYp4MkQwBNAgDKbs5
3264nNP02k7ysEl8BgNPbEu3mKRU/g1RGjaRD4dzbxeL4kHwtob6i6XLXFUnNO/UBqX
327MQUh4qPJIPNJmVaBm1/0DT9AuxZUrGCaj/xUkcU2cSSg4OnVLvqRtlK/Fjdan3Fl
328iJrPYbEjjhMF/F0j3y4u0WmAieWAGV0VJM+77yFvjESzv1SW68hvBa/oVIj3wfjO
329F8AS3Gcu2C0N20aueAsW4L7oRvNUhcTr7+CUVmB6oyS4vkQvOsJtMD3Z
330-----END CERTIFICATE-----
331
332--------------------------------------------------
333[+] Collecting Information Disclosure!
334[#] Detecting sitemap.xml file
335[-] sitemap.xml file not Found!?
336[#] Detecting robots.txt file
337[-] robots.txt file not Found!?
338[#] Detecting GNU Mailman
339[-] GNU Mailman App Not Detected!?
340--------------------------------------------------
341[+] Crawling Url Parameter On: https://www.boymoment.com/
342--------------------------------------------------
343[#] Searching Html Form !
344[-] No Html Form Found!?
345--------------------------------------------------
346[-] No DOM Paramter Found!?
347--------------------------------------------------
348[-] No internal Dynamic Parameter Found!?
349--------------------------------------------------
350[-] No external Dynamic Paramter Found!?
351--------------------------------------------------
352[-] No Internal Link Found!?
353--------------------------------------------------
354[-] No External Link Found!?
355--------------------------------------------------
356[#] Mapping Subdomain..
357[!] Found 3 Subdomain
358- boymoment.com
359- mail.boymoment.com
360- www.boymoment.com
361--------------------------------------------------
362[!] Done At 2020-02-10 09:10:57.669282
363######################################################################################################################################
364[INFO] ------TARGET info------
365[*] TARGET: https://www.boymoment.com/
366[*] TARGET IP: 104.244.74.54
367[INFO] NO load balancer detected for www.boymoment.com...
368[*] DNS servers: ns1.aldns.org.
369[*] TARGET server: nginx
370[*] CC: LU
371[*] Country: Luxembourg
372[*] RegionCode: LU
373[*] RegionName: Luxembourg
374[*] City: Luxembourg
375[*] ASN: AS53667
376[*] BGP_PREFIX: 104.244.72.0/21
377[*] ISP: PONYNET, US
378[INFO] SSL/HTTPS certificate detected
379[*] Issuer: issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
380[*] Subject: subject=CN = boymoment.com
381[ALERT] Let's Encrypt is commonly used for Phishing
382[INFO] DNS enumeration:
383[*] mail.boymoment.com 185.250.106.93
384[INFO] Possible abuse mails are:
385[*] abuse@boymoment.com
386[*] abuse@www.boymoment.com
387[*] fdias@frantech.ca
388[INFO] NO PAC (Proxy Auto Configuration) file FOUND
389[INFO] Starting FUZZing in http://www.boymoment.com/FUzZzZzZzZz...
390[INFO] Status code Folders
391[*] 301 http://www.boymoment.com/images
392[ALERT] Look in the source code. It may contain passwords
393[INFO] SAME content in http://www.boymoment.com/ AND http://104.244.74.54/
394[INFO] Links found from https://www.boymoment.com/:
395[*] https://www.boymoment.com/IPB/
396[*] https://www.boymoment.com/IPB/contact/
397[*] https://www.boymoment.com/IPB/index.php?/lostpassword/
398[*] https://www.boymoment.com/IPB/login/
399[*] https://www.boymoment.com/IPB/register/
400[*] https://www.boymoment.com/IPB/topic/12754-bms-history/
401[*] https://www.boymoment.com/IPB/topic/6-frequently-asked-questions/
402[*] https://www.boymoment.com/rules.html
403cut: intervalle de champ incorrecte
404Saisissez « cut --help » pour plus d'informations.
405[INFO] Shodan detected the following opened ports on 104.244.74.54:
406[*] 443
407[*] 80
408[INFO] ------VirusTotal SECTION------
409[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
410[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
411[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
412[INFO] ------Alexa Rank SECTION------
413[INFO] Percent of Visitors Rank in Country:
414[INFO] Percent of Search Traffic:
415[INFO] Percent of Unique Visits:
416[INFO] Total Sites Linking In:
417[*] Total Sites
418[INFO] Useful links related to www.boymoment.com - 104.244.74.54:
419[*] https://www.virustotal.com/pt/ip-address/104.244.74.54/information/
420[*] https://www.hybrid-analysis.com/search?host=104.244.74.54
421[*] https://www.shodan.io/host/104.244.74.54
422[*] https://www.senderbase.org/lookup/?search_string=104.244.74.54
423[*] https://www.alienvault.com/open-threat-exchange/ip/104.244.74.54
424[*] http://pastebin.com/search?q=104.244.74.54
425[*] http://urlquery.net/search.php?q=104.244.74.54
426[*] http://www.alexa.com/siteinfo/www.boymoment.com
427[*] http://www.google.com/safebrowsing/diagnostic?site=www.boymoment.com
428[*] https://censys.io/ipv4/104.244.74.54
429[*] https://www.abuseipdb.com/check/104.244.74.54
430[*] https://urlscan.io/search/#104.244.74.54
431[*] https://github.com/search?q=104.244.74.54&type=Code
432[INFO] Useful links related to AS53667 - 104.244.72.0/21:
433[*] http://www.google.com/safebrowsing/diagnostic?site=AS:53667
434[*] https://www.senderbase.org/lookup/?search_string=104.244.72.0/21
435[*] http://bgp.he.net/AS53667
436[*] https://stat.ripe.net/AS53667
437[INFO] Date: 10/02/20 | Time: 09:11:44
438[INFO] Total time: 1 minute(s) and 16 second(s)
439######################################################################################################################################
440Trying "boymoment.com"
441;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35166
442;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 5
443
444;; QUESTION SECTION:
445;boymoment.com. IN ANY
446
447;; ANSWER SECTION:
448boymoment.com. 3600 IN TXT "v=spf1 mx -all"
449boymoment.com. 3600 IN MX 10 box.isp-email.net.
450boymoment.com. 3600 IN A 104.244.74.54
451boymoment.com. 3600 IN SOA ns1.aldns.org. dns.aldns.org. 2019031520 3600 3600 604800 86400
452boymoment.com. 3600 IN NS ns1.aldns.org.
453boymoment.com. 3600 IN NS ns3.aldns.org.
454boymoment.com. 3600 IN NS ns2.aldns.org.
455
456;; ADDITIONAL SECTION:
457ns3.aldns.org. 43200 IN A 107.174.48.114
458ns2.aldns.org. 43200 IN A 89.33.192.109
459ns1.aldns.org. 43200 IN A 176.126.78.37
460ns2.aldns.org. 43200 IN AAAA 2001:550:1d05:30::5103:6e85
461ns1.aldns.org. 43200 IN AAAA 2a04:92c7:2:328::4a5e
462
463Received 314 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 429 ms
464#####################################################################################################################################
465; <<>> DiG 9.11.14-3-Debian <<>> +trace boymoment.com any
466;; global options: +cmd
467. 83249 IN NS i.root-servers.net.
468. 83249 IN NS d.root-servers.net.
469. 83249 IN NS a.root-servers.net.
470. 83249 IN NS k.root-servers.net.
471. 83249 IN NS g.root-servers.net.
472. 83249 IN NS f.root-servers.net.
473. 83249 IN NS c.root-servers.net.
474. 83249 IN NS b.root-servers.net.
475. 83249 IN NS j.root-servers.net.
476. 83249 IN NS e.root-servers.net.
477. 83249 IN NS l.root-servers.net.
478. 83249 IN NS m.root-servers.net.
479. 83249 IN NS h.root-servers.net.
480. 83249 IN RRSIG NS 8 0 518400 20200223050000 20200210040000 33853 . LDnGgytv29nOJaOWGopWy6q6hnWchi7accJo2qXT3T93X/xjRUDYeCcD Rib+1lE4oWTM3x7CqjI2vsvo4qnae0uWXM+ldGmCHGQJTO58Vd7/vcI3 UMPMtx7VsXEuwr0nJHnSRCn0kOoVbtXyqcsjiG3SQtJn7EGGD6gYcuEw Z424Taav8rHT5LaTNuRSPQkrFd7W5D5rVxl7HNV5VzbKIF03M5n1Nen0 BVw6QNq5QT/3uXGY/vpDDmPLGxVs9bVpoMPRPLHgxpyXu8q0U7yTMmGl cfNoBaCKzhV1HBEtBiC+tz4mnZFvpWKAthCyl+1U0HYf+cC5GQY6axFp +LHcJg==
481;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 155 ms
482
483com. 172800 IN NS k.gtld-servers.net.
484com. 172800 IN NS j.gtld-servers.net.
485com. 172800 IN NS b.gtld-servers.net.
486com. 172800 IN NS a.gtld-servers.net.
487com. 172800 IN NS e.gtld-servers.net.
488com. 172800 IN NS l.gtld-servers.net.
489com. 172800 IN NS m.gtld-servers.net.
490com. 172800 IN NS f.gtld-servers.net.
491com. 172800 IN NS g.gtld-servers.net.
492com. 172800 IN NS i.gtld-servers.net.
493com. 172800 IN NS c.gtld-servers.net.
494com. 172800 IN NS d.gtld-servers.net.
495com. 172800 IN NS h.gtld-servers.net.
496com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
497com. 86400 IN RRSIG DS 8 1 86400 20200223050000 20200210040000 33853 . WVX4I4dqYXz2FScEAU/rapQV58X5U7mOePw4wYxN7jU8UU1m9J3jCv+o J+5khERZg1axZnYWSVbvFh/t+q1AIzBXOlpUappilqAU6PErXQRlsVVQ Khg6MkhsogdkVEJ63zRnUATUxAS87xu0SAc76TYZTNc1fLqXu0CMoccX x/594CUFTVlM3Rocx5zFSOeo7LQW8RSS2kjaxI7UFBD2jyrQJWJgR0v1 G8DhmmwfdtWTktf8+ihGghlZ7fOnd+zzj8kbiRBDnulVtrzXxOtocZP7 rCvZ+03rZxZBl4P8CfTeFUz4iyvZFNmSaGMbTMg1rigNoVXrARgKJDEL w5S6Qw==
498;; Received 1201 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 67 ms
499
500boymoment.com. 172800 IN NS ns1.aldns.org.
501boymoment.com. 172800 IN NS ns2.aldns.org.
502boymoment.com. 172800 IN NS ns3.aldns.org.
503CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
504CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200215054817 20200208043817 56311 com. xe9g9xpfm5me3nPoh8UBmt50pWF9oGbO2ZGDV7k/6yp108FaBkHd52n8 w1SIPKwBAjVKH1GzsDRWhgMaV1bq97LkdJWYdSrAE+H3eJR376HBGe6L u8swByJn2uvtfCd8eK6XNvqD9ckKuMvb9Xt4epzQ++dR5VEHBNGMW4Gd aP3PYtlvoAhaPaXyKs0jzJx4kbMonLY67d9IyGyxlGj0jw==
505CPE66RIB2C0T7CBSORMT1B99HE04HNH0.com. 86400 IN NSEC3 1 1 0 - CPE6RGH1FTFMQNNFB1UL2GJB8E32T6V6 NS DS RRSIG
506CPE66RIB2C0T7CBSORMT1B99HE04HNH0.com. 86400 IN RRSIG NSEC3 8 2 86400 20200215064854 20200208053854 56311 com. JIFDS9Sme8zx+gHXFusdfA7DclRuv6EZTM8i/+xQ1gm2Dbl+cVvQv5P9 35jZENnLnc6F9c2R0nrA1fYF3gANMGhGHDxpP27Q5TP2m0NvoFmFidn0 Ei8F2C/ucdEFTu8khObvzyuQ4IqHnvb0O+f0y/jWs+zDfPXLru/UFxSp lEoJ4XrEZ0i7mE3x/LmhuHGS3nbyXPsis1c6JMjSoST3Gw==
507;; Received 654 bytes from 192.41.162.30#53(l.gtld-servers.net) in 220 ms
508
509;; Received 70 bytes from 2a04:92c7:2:328::4a5e#53(ns1.aldns.org) in 107 ms
510#####################################################################################################################################
511[*] Performing General Enumeration of Domain: boymoment.com
512[-] DNSSEC is not configured for boymoment.com
513[*] SOA ns1.aldns.org 176.126.78.37
514[*] NS ns2.aldns.org 89.33.192.109
515[*] Bind Version for 89.33.192.109 PowerDNS Authoritative Server 4.1.11
516[*] NS ns2.aldns.org 2001:550:1d05:30::5103:6e85
517[*] NS ns3.aldns.org 107.174.48.114
518[*] Bind Version for 107.174.48.114 9.11.4-P2-RedHat-9.11.4-9.P2.el7
519[*] NS ns1.aldns.org 176.126.78.37
520[*] Bind Version for 176.126.78.37 9.11.4-P2-RedHat-9.11.4-9.P2.el7
521[*] NS ns1.aldns.org 2a04:92c7:2:328::4a5e
522[*] Bind Version for 2a04:92c7:2:328::4a5e 9.11.4-P2-RedHat-9.11.4-9.P2.el7
523[*] MX box.isp-email.net 185.250.106.93
524[*] MX box.isp-email.net 2a06:cd40:400:1::3f1
525[*] A boymoment.com 104.244.74.54
526[*] TXT boymoment.com v=spf1 mx -all
527[*] Enumerating SRV Records
528[-] No SRV Records Found for boymoment.com
529[+] 0 Records Found
530#####################################################################################################################################
531[*] Processing domain boymoment.com
532[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
533[+] Getting nameservers
53489.33.192.109 - ns2.aldns.org
535107.174.48.114 - ns3.aldns.org
536176.126.78.37 - ns1.aldns.org
537[-] Zone transfer failed
538
539[+] TXT records found
540"v=spf1 mx -all"
541
542[+] MX records found, added to target list
54310 box.isp-email.net.
544
545[*] Scanning boymoment.com for A records
546104.244.74.54 - boymoment.com
547185.250.106.93 - mail.boymoment.com
548104.244.74.54 - www.boymoment.com
549#####################################################################################################################################
550 AVAILABLE PLUGINS
551 -----------------
552
553 SessionResumptionPlugin
554 FallbackScsvPlugin
555 SessionRenegotiationPlugin
556 HeartbleedPlugin
557 CertificateInfoPlugin
558 EarlyDataPlugin
559 HttpHeadersPlugin
560 CompressionPlugin
561 OpenSslCcsInjectionPlugin
562 RobotPlugin
563 OpenSslCipherSuitesPlugin
564
565
566
567 CHECKING HOST(S) AVAILABILITY
568 -----------------------------
569
570 104.244.74.54:443 => 104.244.74.54
571
572
573
574
575 SCAN RESULTS FOR 104.244.74.54:443 - 104.244.74.54
576 --------------------------------------------------
577
578 * OpenSSL CCS Injection:
579 OK - Not vulnerable to OpenSSL CCS injection
580
581 * TLS 1.2 Session Resumption Support:
582 With Session IDs: NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
583 With TLS Tickets: OK - Supported
584
585 * ROBOT Attack:
586 OK - Not vulnerable, RSA cipher suites not supported
587
588 * Downgrade Attacks:
589 TLS_FALLBACK_SCSV: OK - Supported
590
591 * TLSV1_1 Cipher Suites:
592 Forward Secrecy OK - Supported
593 RC4 OK - Not Supported
594
595 Preferred:
596 None - Server followed client cipher suite preference.
597 Accepted:
598 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
599
600 * TLSV1 Cipher Suites:
601 Forward Secrecy OK - Supported
602 RC4 OK - Not Supported
603
604 Preferred:
605 None - Server followed client cipher suite preference.
606 Accepted:
607 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
608
609 * OpenSSL Heartbleed:
610 OK - Not vulnerable to Heartbleed
611
612 * SSLV2 Cipher Suites:
613 Server rejected all cipher suites.
614
615 * Session Renegotiation:
616 Client-initiated Renegotiation: OK - Rejected
617 Secure Renegotiation: OK - Supported
618
619 * Deflate Compression:
620 OK - Compression disabled
621
622 * TLSV1_3 Cipher Suites:
623 Server rejected all cipher suites.
624
625 * Certificate Information:
626 Content
627 SHA1 Fingerprint: 1ffe69805c600fc62491767d600b9c177adb6351
628 Common Name: boymoment.com
629 Issuer: Let's Encrypt Authority X3
630 Serial Number: 340700399377591840970987102197097363522786
631 Not Before: 2020-01-10 09:36:52
632 Not After: 2020-04-09 09:36:52
633 Signature Algorithm: sha256
634 Public Key Algorithm: RSA
635 Key Size: 2048
636 Exponent: 65537 (0x10001)
637 DNS Subject Alternative Names: ['boymoment.com', 'www.boymoment.com']
638
639 Trust
640 Hostname Validation: FAILED - Certificate does NOT match 104.244.74.54
641 Android CA Store (9.0.0_r9): OK - Certificate is trusted
642 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
643 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
644 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
645 Windows CA Store (2019-05-27): OK - Certificate is trusted
646 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
647 Received Chain: boymoment.com --> Let's Encrypt Authority X3
648 Verified Chain: boymoment.com --> Let's Encrypt Authority X3 --> DST Root CA X3
649 Received Chain Contains Anchor: OK - Anchor certificate not sent
650 Received Chain Order: OK - Order is valid
651 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
652
653 Extensions
654 OCSP Must-Staple: NOT SUPPORTED - Extension not found
655 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
656
657 OCSP Stapling
658 NOT SUPPORTED - Server did not send back an OCSP response
659
660 * SSLV3 Cipher Suites:
661 Server rejected all cipher suites.
662
663 * TLSV1_2 Cipher Suites:
664 Forward Secrecy OK - Supported
665 RC4 OK - Not Supported
666
667 Preferred:
668 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
669 Accepted:
670 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
671 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
672 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
673 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
674
675
676 SCAN COMPLETED IN 15.25 S
677 -------------------------
678#####################################################################################################################################
679Domains still to check: 1
680 Checking if the hostname boymoment.com. given is in fact a domain...
681
682Analyzing domain: boymoment.com.
683 Checking NameServers using system default resolver...
684 IP: 89.33.192.109 (United States)
685 HostName: ns2.aldns.org Type: NS
686 IP: 107.174.48.114 (United States)
687 HostName: ns3.aldns.org Type: NS
688 HostName: 107-174-48-114-host.colocrossing.com Type: PTR
689 IP: 176.126.78.37 (United Kingdom)
690 HostName: ns1.aldns.org Type: NS
691
692 Checking MailServers using system default resolver...
693 IP: 185.250.106.93 (Romania)
694 HostName: box.isp-email.net Type: MX
695 HostName: box.isp-email.net Type: PTR
696
697 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
698 No zone transfer found on nameserver 107.174.48.114
699 No zone transfer found on nameserver 89.33.192.109
700 No zone transfer found on nameserver 176.126.78.37
701
702 Checking SPF record...
703
704 Checking 192 most common hostnames using system default resolver...
705 IP: 104.244.74.54 (United States)
706 HostName: www.boymoment.com. Type: A
707 IP: 185.250.106.93 (Romania)
708 HostName: box.isp-email.net Type: MX
709 HostName: box.isp-email.net Type: PTR
710 HostName: mail.boymoment.com. Type: A
711
712 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
713 Checking netblock 107.174.48.0
714 Checking netblock 104.244.74.0
715 Checking netblock 89.33.192.0
716 Checking netblock 176.126.78.0
717 Checking netblock 185.250.106.0
718
719 Searching for boymoment.com. emails in Google
720
721 Checking 5 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
722 Host 107.174.48.114 is up (reset ttl 64)
723 Host 104.244.74.54 is up (reset ttl 64)
724 Host 89.33.192.109 is up (echo-reply ttl 52)
725 Host 176.126.78.37 is up (reset ttl 64)
726 Host 185.250.106.93 is up (reset ttl 64)
727
728 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
729 Scanning ip 107.174.48.114 (107-174-48-114-host.colocrossing.com (PTR)):
730 53/tcp open domain syn-ack ttl 51 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
731 | dns-nsid:
732 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
733 111/tcp open rpcbind syn-ack ttl 51 2-4 (RPC #100000)
734 | rpcinfo:
735 | program version port/proto service
736 | 100000 2,3,4 111/tcp rpcbind
737 | 100000 2,3,4 111/udp rpcbind
738 | 100000 3,4 111/tcp6 rpcbind
739 |_ 100000 3,4 111/udp6 rpcbind
740 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
741 Scanning ip 104.244.74.54 (www.boymoment.com.):
742 80/tcp open http syn-ack ttl 54 nginx
743 | http-methods:
744 |_ Supported Methods: GET HEAD POST OPTIONS
745 |_http-title: Did not follow redirect to https://www.boymoment.com/
746 443/tcp open ssl/http syn-ack ttl 54 nginx
747 | http-methods:
748 |_ Supported Methods: GET HEAD
749 |_http-title: Welcome To BoyMoment.com
750 | ssl-cert: Subject: commonName=boymoment.com
751 | Subject Alternative Name: DNS:boymoment.com, DNS:www.boymoment.com
752 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
753 | Public Key type: rsa
754 | Public Key bits: 2048
755 | Signature Algorithm: sha256WithRSAEncryption
756 | Not valid before: 2020-01-10T09:36:52
757 | Not valid after: 2020-04-09T09:36:52
758 | MD5: f572 e640 db41 2ef5 d173 8aef 3f67 e346
759 |_SHA-1: 1ffe 6980 5c60 0fc6 2491 767d 600b 9c17 7adb 6351
760 Scanning ip 89.33.192.109 (ns2.aldns.org):
761 53/tcp open domain syn-ack ttl 52 PowerDNS Authoritative Server 4.1.11
762 | dns-nsid:
763 | NSID: usmi.isp-cx-miami.net (75736d692e6973702d63782d6d69616d692e6e6574)
764 | id.server: usmi.isp-cx-miami.net
765 |_ bind.version: PowerDNS Authoritative Server 4.1.11
766 3306/tcp open mysql syn-ack ttl 52 MariaDB (unauthorized)
767 Scanning ip 176.126.78.37 (ns1.aldns.org):
768 53/tcp open domain syn-ack ttl 50 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
769 | dns-nsid:
770 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
771 111/tcp open rpcbind syn-ack ttl 50 2-4 (RPC #100000)
772 | rpcinfo:
773 | program version port/proto service
774 | 100000 2,3,4 111/tcp rpcbind
775 | 100000 2,3,4 111/udp rpcbind
776 | 100000 3,4 111/tcp6 rpcbind
777 |_ 100000 3,4 111/udp6 rpcbind
778 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
779 Scanning ip 185.250.106.93 (mail.boymoment.com.):
780 WebCrawling domain's web servers... up to 50 max links.
781
782 + URL to crawl: http://www.boymoment.com.
783 + Date: 2020-02-10
784
785 + Crawling URL: http://www.boymoment.com.:
786 + Links:
787 + Crawling http://www.boymoment.com.
788 + Crawling http://www.boymoment.com./rules.html
789 + Searching for directories...
790 - Found: http://www.boymoment.com./images/
791 + Searching open folders...
792 - http://www.boymoment.com./images/ (403 Forbidden)
793 + Crawl finished successfully.
794----------------------------------------------------------------------
795Summary of http://http://www.boymoment.com.
796----------------------------------------------------------------------
797+ Links crawled:
798 - http://www.boymoment.com.
799 - http://www.boymoment.com./rules.html
800 Total links crawled: 2
801
802+ Links to files found:
803 - http://www.boymoment.com./bm.css
804 - http://www.boymoment.com./images/bmain20.jpg
805 - http://www.boymoment.com./images/bmdot.gif
806 - http://www.boymoment.com./images/go.gif
807 Total links to files: 4
808
809+ Externals links found:
810 - https://www.boymoment.com/IPB/
811 - https://www.boymoment.com/IPB/contact/
812 - https://www.boymoment.com/IPB/index.php?/forum/5-the-auditorium
813 - https://www.boymoment.com/IPB/index.php?/lostpassword/
814 - https://www.boymoment.com/IPB/login/
815 - https://www.boymoment.com/IPB/register/
816 - https://www.boymoment.com/IPB/topic/12754-bms-history/
817 - https://www.boymoment.com/IPB/topic/6-frequently-asked-questions/
818 - https://www.boymoment.com/IPB/topic/9-image-forumgallery-rules
819 Total external links: 9
820
821+ Email addresses found:
822 Total email address found: 0
823
824+ Directories found:
825 - http://www.boymoment.com./images/ (403 Forbidden)
826 Total directories: 1
827
828+ Directory indexing found:
829 Total directories with indexing: 0
830
831----------------------------------------------------------------------
832
833
834 + URL to crawl: https://www.boymoment.com.
835 + Date: 2020-02-10
836
837 + Crawling URL: https://www.boymoment.com.:
838 + Links:
839 + Crawling https://www.boymoment.com.
840 + Searching for directories...
841 + Searching open folders...
842
843--Finished--
844Summary information for domain boymoment.com.
845-----------------------------------------
846
847 Domain Ips Information:
848 IP: 107.174.48.114
849 HostName: ns3.aldns.org Type: NS
850 HostName: 107-174-48-114-host.colocrossing.com Type: PTR
851 Country: United States
852 Is Active: True (reset ttl 64)
853 Port: 53/tcp open domain syn-ack ttl 51 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
854 Script Info: | dns-nsid:
855 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
856 Port: 111/tcp open rpcbind syn-ack ttl 51 2-4 (RPC #100000)
857 Script Info: | rpcinfo:
858 Script Info: | program version port/proto service
859 Script Info: | 100000 2,3,4 111/tcp rpcbind
860 Script Info: | 100000 2,3,4 111/udp rpcbind
861 Script Info: | 100000 3,4 111/tcp6 rpcbind
862 Script Info: |_ 100000 3,4 111/udp6 rpcbind
863 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
864 IP: 104.244.74.54
865 HostName: www.boymoment.com. Type: A
866 Country: United States
867 Is Active: True (reset ttl 64)
868 Port: 80/tcp open http syn-ack ttl 54 nginx
869 Script Info: | http-methods:
870 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
871 Script Info: |_http-title: Did not follow redirect to https://www.boymoment.com/
872 Port: 443/tcp open ssl/http syn-ack ttl 54 nginx
873 Script Info: | http-methods:
874 Script Info: |_ Supported Methods: GET HEAD
875 Script Info: |_http-title: Welcome To BoyMoment.com
876 Script Info: | ssl-cert: Subject: commonName=boymoment.com
877 Script Info: | Subject Alternative Name: DNS:boymoment.com, DNS:www.boymoment.com
878 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
879 Script Info: | Public Key type: rsa
880 Script Info: | Public Key bits: 2048
881 Script Info: | Signature Algorithm: sha256WithRSAEncryption
882 Script Info: | Not valid before: 2020-01-10T09:36:52
883 Script Info: | Not valid after: 2020-04-09T09:36:52
884 Script Info: | MD5: f572 e640 db41 2ef5 d173 8aef 3f67 e346
885 Script Info: |_SHA-1: 1ffe 6980 5c60 0fc6 2491 767d 600b 9c17 7adb 6351
886 IP: 89.33.192.109
887 HostName: ns2.aldns.org Type: NS
888 Country: United States
889 Is Active: True (echo-reply ttl 52)
890 Port: 53/tcp open domain syn-ack ttl 52 PowerDNS Authoritative Server 4.1.11
891 Script Info: | dns-nsid:
892 Script Info: | NSID: usmi.isp-cx-miami.net (75736d692e6973702d63782d6d69616d692e6e6574)
893 Script Info: | id.server: usmi.isp-cx-miami.net
894 Script Info: |_ bind.version: PowerDNS Authoritative Server 4.1.11
895 Port: 3306/tcp open mysql syn-ack ttl 52 MariaDB (unauthorized)
896 IP: 176.126.78.37
897 HostName: ns1.aldns.org Type: NS
898 Country: United Kingdom
899 Is Active: True (reset ttl 64)
900 Port: 53/tcp open domain syn-ack ttl 50 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
901 Script Info: | dns-nsid:
902 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
903 Port: 111/tcp open rpcbind syn-ack ttl 50 2-4 (RPC #100000)
904 Script Info: | rpcinfo:
905 Script Info: | program version port/proto service
906 Script Info: | 100000 2,3,4 111/tcp rpcbind
907 Script Info: | 100000 2,3,4 111/udp rpcbind
908 Script Info: | 100000 3,4 111/tcp6 rpcbind
909 Script Info: |_ 100000 3,4 111/udp6 rpcbind
910 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
911 IP: 185.250.106.93
912 HostName: box.isp-email.net Type: MX
913 HostName: box.isp-email.net Type: PTR
914 HostName: mail.boymoment.com. Type: A
915 Country: Romania
916 Is Active: True (reset ttl 64)
917
918--------------End Summary --------------
919-----------------------------------------
920#####################################################################################################################################
921traceroute to www.boymoment.com (104.244.74.54), 30 hops max, 60 byte packets
922 1 10.252.204.1 (10.252.204.1) 29.192 ms 62.072 ms 91.478 ms
923 2 R43.static.amanah.com (104.245.144.129) 91.473 ms 91.439 ms 91.418 ms
924 3 te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9) 91.405 ms 91.403 ms 91.377 ms
925 4 te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41) 91.317 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90) 91.323 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41) 91.263 ms
926 5 te0-9-0-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.153) 91.204 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165) 154.954 ms 154.940 ms
927 6 be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70) 154.965 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90) 62.148 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70) 125.511 ms
928 7 be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165) 166.868 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161) 166.842 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165) 166.766 ms
929 8 be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146) 166.852 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70) 166.745 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245) 166.718 ms
930 9 be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70) 195.381 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122) 166.673 ms 166.644 ms
93110 204.68.252.129 (204.68.252.129) 166.643 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146) 166.594 ms 204.68.252.129 (204.68.252.129) 132.072 ms
93211 be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70) 191.609 ms * 191.497 ms
93312 204.68.252.129 (204.68.252.129) 151.830 ms 237.888 ms *
934#####################################################################################################################################
935----- boymoment.com -----
936
937
938Host's addresses:
939__________________
940
941boymoment.com. 3071 IN A 104.244.74.54
942
943
944Name Servers:
945______________
946
947ns3.aldns.org. 2639 IN A 107.174.48.114
948ns1.aldns.org. 2639 IN A 176.126.78.37
949ns2.aldns.org. 85869 IN A 89.33.192.109
950
951
952Mail (MX) Servers:
953___________________
954
955box.isp-email.net. 3326 IN A 185.250.106.93
956
957
958Brute forcing with /usr/share/dnsenum/dns.txt:
959_______________________________________________
960
961mail.boymoment.com. 3050 IN A 185.250.106.93
962www.boymoment.com. 2601 IN A 104.244.74.54
963
964
965Launching Whois Queries:
966_________________________
967
968 whois ip result: 104.244.74.0 -> 104.244.72.0/21
969 whois ip result: 185.250.106.0 -> 185.250.106.0/24
970
971
972boymoment.com_____________
973
974 104.244.72.0/21
975 185.250.106.0/24
976#####################################################################################################################################
977Source:
978whois.arin.net
979IP Address:
980104.244.74.54
981Name:
982BUYVM-LUXEMBOURG-01
983Handle:
984NET-104-244-72-0-2
985Registration Date:
98610/1/17
987Range:
988104.244.72.0-104.244.79.255
989Org:
990BuyVM
991Org Handle:
992BUYVM
993Address:
9943, op der Poukewiss
995City:
996Roost
997State/Province:
998
999Postal Code:
10007795
1001Country:
1002Luxembourg
1003Name Servers:
1004######################################################################################################################################
1005URLCrazy Domain Report
1006Domain : www.boymoment.com
1007Keyboard : qwerty
1008At : 2020-02-10 09:15:52 -0500
1009
1010# Please wait. 171 hostnames to process
1011
1012Typo Type Typo DNS-A CC-A DNS-MX Extn
1013-------------------------------------------------------------------------------------------------------------------
1014Character Omission ww.boymoment.com ? com
1015Character Omission www.bomoment.com ? com
1016Character Omission www.boymment.com ? com
1017Character Omission www.boymoent.com ? com
1018Character Omission www.boymomen.com ? com
1019Character Omission www.boymoment.cm ? cm
1020Character Omission www.boymomet.com ? com
1021Character Omission www.boymomnt.com ? com
1022Character Omission www.boyoment.com ? com
1023Character Omission www.bymoment.com 97.74.42.79 US,UNITED STATES smtp.secureserver.net com
1024Character Omission www.oymoment.com ? com
1025Character Omission wwwboymoment.com ? com
1026Character Repeat www.bboymoment.com ? com
1027Character Repeat www.booymoment.com ? com
1028Character Repeat www.boymmoment.com ? com
1029Character Repeat www.boymomeent.com ? com
1030Character Repeat www.boymomennt.com ? com
1031Character Repeat www.boymomentt.com ? com
1032Character Repeat www.boymomment.com ? com
1033Character Repeat www.boymooment.com ? com
1034Character Repeat www.boyymoment.com ? com
1035Character Repeat wwww.boymoment.com ? com
1036Character Swap ww.wboymoment.com ? com
1037Character Swap www.bomyoment.com ? com
1038Character Swap www.boymmoent.com ? com
1039Character Swap www.boymoemnt.com ? com
1040Character Swap www.boymometn.com ? com
1041Character Swap www.boymomnet.com ? com
1042Character Swap www.boyomment.com ? com
1043Character Swap www.byomoment.com ? com
1044Character Swap www.obymoment.com ? com
1045Character Swap wwwb.oymoment.com ? com
1046Character Replacement eww.boymoment.com ? com
1047Character Replacement qww.boymoment.com ? com
1048Character Replacement wew.boymoment.com ? com
1049Character Replacement wqw.boymoment.com ? com
1050Character Replacement wwe.boymoment.com ? com
1051Character Replacement wwq.boymoment.com ? com
1052Character Replacement www.biymoment.com ? com
1053Character Replacement www.botmoment.com ? com
1054Character Replacement www.boumoment.com ? com
1055Character Replacement www.boymiment.com ? com
1056Character Replacement www.boymomebt.com ? com
1057Character Replacement www.boymomemt.com ? com
1058Character Replacement www.boymomenr.com ? com
1059Character Replacement www.boymomeny.com ? com
1060Character Replacement www.boymomrnt.com ? com
1061Character Replacement www.boymomwnt.com ? com
1062Character Replacement www.boymonent.com ? com
1063Character Replacement www.boympment.com ? com
1064Character Replacement www.boynoment.com ? com
1065Character Replacement www.bpymoment.com ? com
1066Character Replacement www.noymoment.com ? com
1067Character Replacement www.voymoment.com ? com
1068Double Character Replacement eew.boymoment.com ? com
1069Double Character Replacement qqw.boymoment.com ? com
1070Double Character Replacement wee.boymoment.com ? com
1071Double Character Replacement wqq.boymoment.com ? com
1072Character Insertion weww.boymoment.com ? com
1073Character Insertion wqww.boymoment.com ? com
1074Character Insertion wwew.boymoment.com ? com
1075Character Insertion wwqw.boymoment.com ? com
1076Character Insertion www.bnoymoment.com ? com
1077Character Insertion www.boiymoment.com ? com
1078Character Insertion www.bopymoment.com ? com
1079Character Insertion www.boymnoment.com ? com
1080Character Insertion www.boymoiment.com ? com
1081Character Insertion www.boymomenbt.com ? com
1082Character Insertion www.boymomenmt.com ? com
1083Character Insertion www.boymomentr.com ? com
1084Character Insertion www.boymomenty.com ? com
1085Character Insertion www.boymomernt.com ? com
1086Character Insertion www.boymomewnt.com ? com
1087Character Insertion www.boymomnent.com ? com
1088Character Insertion www.boymopment.com ? com
1089Character Insertion www.boytmoment.com ? com
1090Character Insertion www.boyumoment.com ? com
1091Character Insertion www.bvoymoment.com ? com
1092Character Insertion wwwe.boymoment.com ? com
1093Character Insertion wwwq.boymoment.com ? com
1094Missing Dot wwwwww.boymoment.com ? com
1095Singular or Pluralise boymoment.com 104.244.74.54 box.isp-email.net com
1096Singular or Pluralise boymoments.com 69.172.201.153 US,UNITED STATES mx247.in-mx.net com
1097Vowel Swap www.boymomant.com ? com
1098Vowel Swap www.boymomint.com ? com
1099Vowel Swap www.boymomont.com ? com
1100Vowel Swap www.boymomunt.com ? com
1101Homophones www.buoymoment.com ? com
1102Bit Flipping 7ww.boymoment.com ? com
1103Bit Flipping gww.boymoment.com ? com
1104Bit Flipping sww.boymoment.com ? com
1105Bit Flipping uww.boymoment.com ? com
1106Bit Flipping vww.boymoment.com ? com
1107Bit Flipping w7w.boymoment.com ? com
1108Bit Flipping wgw.boymoment.com ? com
1109Bit Flipping wsw.boymoment.com ? com
1110Bit Flipping wuw.boymoment.com ? com
1111Bit Flipping wvw.boymoment.com ? com
1112Bit Flipping ww7.boymoment.com ? com
1113Bit Flipping wwg.boymoment.com ? com
1114Bit Flipping wws.boymoment.com ? com
1115Bit Flipping wwu.boymoment.com ? com
1116Bit Flipping wwv.boymoment.com ? com
1117Bit Flipping www.bgymoment.com ? com
1118Bit Flipping www.bkymoment.com ? com
1119Bit Flipping www.bmymoment.com ? com
1120Bit Flipping www.bnymoment.com ? com
1121Bit Flipping www.bo9moment.com ? com
1122Bit Flipping www.boimoment.com ? com
1123Bit Flipping www.boqmoment.com ? com
1124Bit Flipping www.boxmoment.com 23.20.239.12 US,UNITED STATES com
1125Bit Flipping www.boy-oment.com ? com
1126Bit Flipping www.boyeoment.com ? com
1127Bit Flipping www.boyioment.com ? com
1128Bit Flipping www.boyloment.com ? com
1129Bit Flipping www.boymgment.com ? com
1130Bit Flipping www.boymkment.com ? com
1131Bit Flipping www.boymmment.com ? com
1132Bit Flipping www.boymnment.com ? com
1133Bit Flipping www.boymo-ent.com ? com
1134Bit Flipping www.boymoeent.com ? com
1135Bit Flipping www.boymoient.com ? com
1136Bit Flipping www.boymolent.com ? com
1137Bit Flipping www.boymomdnt.com ? com
1138Bit Flipping www.boymome.t.com ? com
1139Bit Flipping www.boymomeft.com ? com
1140Bit Flipping www.boymomejt.com ? com
1141Bit Flipping www.boymomelt.com ? com
1142Bit Flipping www.boymomen4.com ? com
1143Bit Flipping www.boymomend.com ? com
1144Bit Flipping www.boymomenp.com ? com
1145Bit Flipping www.boymomenu.com ? com
1146Bit Flipping www.boymomenv.com ? com
1147Bit Flipping www.boymomeot.com ? com
1148Bit Flipping www.boymomgnt.com ? com
1149Bit Flipping www.boymommnt.com ? com
1150Bit Flipping www.boymooent.com ? com
1151Bit Flipping www.boyooment.com ? com
1152Bit Flipping www.coymoment.com ? com
1153Bit Flipping www.foymoment.com ? com
1154Bit Flipping www.joymoment.com 184.168.221.59 US,UNITED STATES ASPMX3.GOOGLEMAIL.com com
1155Bit Flipping www.roymoment.com ? com
1156Bit Flipping wwwnboymoment.com ? com
1157Homoglyphs vvvvvv.boymoment.com ? com
1158Homoglyphs vvvvw.boymoment.com ? com
1159Homoglyphs vvwvv.boymoment.com ? com
1160Homoglyphs vvww.boymoment.com ? com
1161Homoglyphs wvvvv.boymoment.com ? com
1162Homoglyphs wvvw.boymoment.com ? com
1163Homoglyphs wwvv.boymoment.com ? com
1164Homoglyphs www.b0ym0ment.com ? com
1165Homoglyphs www.b0ymoment.com ? com
1166Homoglyphs www.boym0ment.com ? com
1167Homoglyphs www.boymornent.com ? com
1168Homoglyphs www.boyrnoment.com ? com
1169Homoglyphs www.boyrnornent.com ? com
1170Wrong TLD boymoment.ca ? ca
1171Wrong TLD boymoment.ch ? ch
1172Wrong TLD boymoment.de ? de
1173Wrong TLD boymoment.edu ? edu
1174Wrong TLD boymoment.es ? es
1175Wrong TLD boymoment.fr ? fr
1176Wrong TLD boymoment.it ? it
1177Wrong TLD boymoment.jp ? jp
1178Wrong TLD boymoment.net ? box.isp-email.net net
1179Wrong TLD boymoment.nl ? nl
1180Wrong TLD boymoment.no ? no
1181Wrong TLD boymoment.org 107.161.23.204 org
1182Wrong TLD boymoment.ru ? ru
1183Wrong TLD boymoment.se ? se
1184Wrong TLD boymoment.us ? us
1185######################################################################################################################################
1186[*] Processing domain www.boymoment.com
1187[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1188[+] Getting nameservers
1189[-] Getting nameservers failed
1190[-] Zone transfer failed
1191
1192[+] TXT records found
1193"v=spf1 -all"
1194
1195[+] DMARC records found
1196"v=DMARC1; p=reject"
1197
1198[*] Scanning www.boymoment.com for A records
1199104.244.74.54 - www.boymoment.com
1200
1201#####################################################################################################################################
1202[*] Found SPF record:
1203[*] v=spf1 -all
1204[*] SPF record contains an All item: -all
1205[*] Found DMARC record:
1206[*] v=DMARC1; p=reject
1207[-] DMARC policy set to reject
1208[-] Spoofing not possible for www.boymoment.com
1209#####################################################################################################################################
1210WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1211Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:20 EST
1212Nmap scan report for www.boymoment.com (104.244.74.54)
1213Host is up (0.13s latency).
1214Not shown: 489 filtered ports, 4 closed ports
1215Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1216PORT STATE SERVICE
121780/tcp open http
1218443/tcp open https
121932022/tcp open unknown
1220
1221Nmap done: 1 IP address (1 host up) scanned in 7.87 seconds
1222#####################################################################################################################################
1223Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:20 EST
1224Nmap scan report for www.boymoment.com (104.244.74.54)
1225Host is up (0.083s latency).
1226Not shown: 2 filtered ports
1227PORT STATE SERVICE
122853/udp open|filtered domain
122967/udp open|filtered dhcps
123068/udp open|filtered dhcpc
123169/udp open|filtered tftp
123288/udp open|filtered kerberos-sec
1233123/udp open|filtered ntp
1234139/udp open|filtered netbios-ssn
1235161/udp open|filtered snmp
1236162/udp open|filtered snmptrap
1237389/udp open|filtered ldap
1238500/udp open|filtered isakmp
1239520/udp open|filtered route
12402049/udp open|filtered nfs
1241
1242Nmap done: 1 IP address (1 host up) scanned in 2.62 seconds
1243######################################################################################################################################
1244HTTP/1.1 301 Moved Permanently
1245Server: nginx
1246Date: Mon, 10 Feb 2020 14:22:51 GMT
1247Content-Type: text/html
1248Content-Length: 178
1249Connection: keep-alive
1250Location: https://www.boymoment.com/
1251#####################################################################################################################################
1252http://www.boymoment.com [301 Moved Permanently] Country[RESERVED][ZZ], HTTPServer[nginx], IP[104.244.74.54], RedirectLocation[https://www.boymoment.com/], Title[301 Moved Permanently], nginx
1253https://www.boymoment.com/ [200 OK] Country[RESERVED][ZZ], HTML5, HTTPServer[nginx], IP[104.244.74.54], Title[Welcome To BoyMoment.com], nginx
1254######################################################################################################################################
1255Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:22 EST
1256NSE: Loaded 161 scripts for scanning.
1257NSE: Script Pre-scanning.
1258Initiating NSE at 09:22
1259Completed NSE at 09:22, 0.00s elapsed
1260Initiating NSE at 09:22
1261Completed NSE at 09:22, 0.00s elapsed
1262Initiating Parallel DNS resolution of 1 host. at 09:22
1263Completed Parallel DNS resolution of 1 host. at 09:22, 0.02s elapsed
1264Initiating SYN Stealth Scan at 09:22
1265Scanning www.boymoment.com (104.244.74.54) [1 port]
1266Discovered open port 80/tcp on 104.244.74.54
1267Completed SYN Stealth Scan at 09:22, 0.19s elapsed (1 total ports)
1268Initiating Service scan at 09:22
1269Scanning 1 service on www.boymoment.com (104.244.74.54)
1270Completed Service scan at 09:22, 6.29s elapsed (1 service on 1 host)
1271Initiating OS detection (try #1) against www.boymoment.com (104.244.74.54)
1272Retrying OS detection (try #2) against www.boymoment.com (104.244.74.54)
1273Initiating Traceroute at 09:22
1274Completed Traceroute at 09:22, 0.22s elapsed
1275Initiating Parallel DNS resolution of 11 hosts. at 09:22
1276Completed Parallel DNS resolution of 11 hosts. at 09:22, 0.30s elapsed
1277NSE: Script scanning 104.244.74.54.
1278Initiating NSE at 09:22
1279Completed NSE at 09:22, 36.91s elapsed
1280Initiating NSE at 09:22
1281Completed NSE at 09:22, 0.90s elapsed
1282Nmap scan report for www.boymoment.com (104.244.74.54)
1283Host is up (0.16s latency).
1284
1285PORT STATE SERVICE VERSION
128680/tcp open http nginx
1287| http-brute:
1288|_ Path "/" does not require authentication
1289|_http-chrono: Request times for /; avg: 495.65ms; min: 416.94ms; max: 610.71ms
1290|_http-csrf: Couldn't find any CSRF vulnerabilities.
1291|_http-date: Mon, 10 Feb 2020 14:24:48 GMT; +2m25s from local time.
1292|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1293|_http-dombased-xss: Couldn't find any DOM based XSS.
1294|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1295|_http-errors: Couldn't find any error pages.
1296|_http-feed: Couldn't find any feeds.
1297|_http-fetch: Please enter the complete path of the directory to save data in.
1298| http-headers:
1299| Server: nginx
1300| Date: Mon, 10 Feb 2020 14:24:55 GMT
1301| Content-Type: text/html
1302| Content-Length: 178
1303| Connection: close
1304| Location: https://www.boymoment.com/
1305|
1306|_ (Request type: GET)
1307|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1308| http-methods:
1309|_ Supported Methods: GET HEAD OPTIONS
1310|_http-mobileversion-checker: No mobile version detected.
1311|_http-passwd: ERROR: Script execution failed (use -d to debug)
1312|_http-security-headers:
1313| http-sitemap-generator:
1314| Directory structure:
1315| Longest directory structure:
1316| Depth: 0
1317| Dir: /
1318| Total files found (by extension):
1319|_
1320|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1321|_http-title: Did not follow redirect to https://www.boymoment.com/
1322| http-vhosts:
1323|_127 names had status 301
1324|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
1325|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1326|_http-xssed: No previously reported XSS vuln.
1327Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1328Aggressive OS guesses: Linux 3.10 - 4.11 (92%), Linux 3.18 (92%), Linux 3.2 - 4.9 (92%), Crestron XPanel control system (90%), Linux 3.16 (89%), ASUS RT-N56U WAP (Linux 3.4) (87%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%)
1329No exact OS matches for host (test conditions non-ideal).
1330Uptime guess: 4.065 days (since Thu Feb 6 07:49:05 2020)
1331Network Distance: 11 hops
1332TCP Sequence Prediction: Difficulty=257 (Good luck!)
1333IP ID Sequence Generation: All zeros
1334
1335TRACEROUTE (using port 80/tcp)
1336HOP RTT ADDRESS
13371 59.91 ms 10.252.204.1
13382 90.61 ms R43.static.amanah.com (104.245.144.129)
13393 90.67 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
13404 90.69 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
13415 90.68 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
13426 157.76 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
13437 157.71 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
13448 187.71 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
13459 157.83 ms be2813.ccr41.fra03.atlas.cogentco.com (130.117.0.122)
134610 127.78 ms be2376.rcr21.lux01.atlas.cogentco.com (130.117.50.70)
134711 156.87 ms 104.244.74.54
1348
1349NSE: Script Post-scanning.
1350Initiating NSE at 09:22
1351Completed NSE at 09:22, 0.00s elapsed
1352Initiating NSE at 09:22
1353Completed NSE at 09:22, 0.00s elapsed
1354#####################################################################################################################################
1355------------------------------------------------------------------------------------------------------------------------
1356
1357[ ! ] Starting SCANNER INURLBR 2.1 at [10-02-2020 09:23:18]
1358[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1359It is the end user's responsibility to obey all applicable local, state and federal laws.
1360Developers assume no liability and are not responsible for any misuse or damage caused by this program
1361
1362[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.boymoment.com/output/inurlbr-www.boymoment.com ]
1363[ INFO ][ DORK ]::[ site:www.boymoment.com ]
1364[ INFO ][ SEARCHING ]:: {
1365[ INFO ][ ENGINE ]::[ GOOGLE - www.google.ca ]
1366
1367[ INFO ][ SEARCHING ]::
1368-[:::]
1369[ INFO ][ ENGINE ]::[ GOOGLE API ]
1370
1371[ INFO ][ SEARCHING ]::
1372-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1373[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.au ID: 006748068166572874491:55ez0c3j3ey ]
1374
1375[ INFO ][ SEARCHING ]::
1376-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1377
1378[ INFO ][ TOTAL FOUND VALUES ]:: [ 20 ]
1379
1380
1381 _[ - ]::--------------------------------------------------------------------------------------------------------------
1382|_[ + ] [ 0 / 20 ]-[09:23:32] [ - ]
1383|_[ + ] Target:: [ https://www.boymoment.com/ ]
1384|_[ + ] Exploit::
1385|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1386|_[ + ] More details:: / - / , ISP:
1387|_[ + ] Found:: UNIDENTIFIED
1388
1389 _[ - ]::--------------------------------------------------------------------------------------------------------------
1390|_[ + ] [ 1 / 20 ]-[09:23:34] [ - ]
1391|_[ + ] Target:: [ https://www.boymoment.com/rules.html ]
1392|_[ + ] Exploit::
1393|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1394|_[ + ] More details:: / - / , ISP:
1395|_[ + ] Found:: UNIDENTIFIED
1396
1397 _[ - ]::--------------------------------------------------------------------------------------------------------------
1398|_[ + ] [ 2 / 20 ]-[09:23:35] [ - ]
1399|_[ + ] Target:: [ https://www.boymoment.com/IPB/register/ ]
1400|_[ + ] Exploit::
1401|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1402|_[ + ] More details:: / - / , ISP:
1403|_[ + ] Found:: UNIDENTIFIED
1404
1405 _[ - ]::--------------------------------------------------------------------------------------------------------------
1406|_[ + ] [ 3 / 20 ]-[09:23:37] [ - ]
1407|_[ + ] Target:: [ https://www.boymoment.com/IPB/terms/ ]
1408|_[ + ] Exploit::
1409|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1410|_[ + ] More details:: / - / , ISP:
1411|_[ + ] Found:: UNIDENTIFIED
1412
1413 _[ - ]::--------------------------------------------------------------------------------------------------------------
1414|_[ + ] [ 4 / 20 ]-[09:23:38] [ - ]
1415|_[ + ] Target:: [ https://www.boymoment.com/IPB/login/ ]
1416|_[ + ] Exploit::
1417|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1418|_[ + ] More details:: / - / , ISP:
1419|_[ + ] Found:: UNIDENTIFIED
1420
1421 _[ - ]::--------------------------------------------------------------------------------------------------------------
1422|_[ + ] [ 5 / 20 ]-[09:23:40] [ - ]
1423|_[ + ] Target:: [ https://www.boymoment.com/IPB/lostpassword/ ]
1424|_[ + ] Exploit::
1425|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1426|_[ + ] More details:: / - / , ISP:
1427|_[ + ] Found:: UNIDENTIFIED
1428
1429 _[ - ]::--------------------------------------------------------------------------------------------------------------
1430|_[ + ] [ 6 / 20 ]-[09:23:41] [ - ]
1431|_[ + ] Target:: [ https://www.boymoment.com/IPB/area51/ ]
1432|_[ + ] Exploit::
1433|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: nginx , IP:104.244.74.54:443
1434|_[ + ] More details:: / - / , ISP:
1435|_[ + ] Found:: UNIDENTIFIED
1436
1437 _[ - ]::--------------------------------------------------------------------------------------------------------------
1438|_[ + ] [ 7 / 20 ]-[09:23:43] [ - ]
1439|_[ + ] Target:: [ https://www.boymoment.com/IPB/announcement/30-possible-board-access-problems/ ]
1440|_[ + ] Exploit::
1441|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1442|_[ + ] More details:: / - / , ISP:
1443|_[ + ] Found:: UNIDENTIFIED
1444
1445 _[ - ]::--------------------------------------------------------------------------------------------------------------
1446|_[ + ] [ 8 / 20 ]-[09:23:45] [ - ]
1447|_[ + ] Target:: [ https://www.boymoment.com/IPB/announcement/24-update-to-image-and-video-rule/ ]
1448|_[ + ] Exploit::
1449|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1450|_[ + ] More details:: / - / , ISP:
1451|_[ + ] Found:: UNIDENTIFIED
1452
1453 _[ - ]::--------------------------------------------------------------------------------------------------------------
1454|_[ + ] [ 9 / 20 ]-[09:23:46] [ - ]
1455|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?/staff/ ]
1456|_[ + ] Exploit::
1457|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1458|_[ + ] More details:: / - / , ISP:
1459|_[ + ] Found:: UNIDENTIFIED
1460
1461 _[ - ]::--------------------------------------------------------------------------------------------------------------
1462|_[ + ] [ 10 / 20 ]-[09:23:48] [ - ]
1463|_[ + ] Target:: [ https://www.boymoment.com/IPB/announcement/15-please-be-advised-of-image-rule-change/ ]
1464|_[ + ] Exploit::
1465|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1466|_[ + ] More details:: / - / , ISP:
1467|_[ + ] Found:: UNIDENTIFIED
1468
1469 _[ - ]::--------------------------------------------------------------------------------------------------------------
1470|_[ + ] [ 11 / 20 ]-[09:23:50] [ - ]
1471|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=forums&module=forums&controller=index ]
1472|_[ + ] Exploit::
1473|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1474|_[ + ] More details:: / - / , ISP:
1475|_[ + ] Found:: UNIDENTIFIED
1476
1477 _[ - ]::--------------------------------------------------------------------------------------------------------------
1478|_[ + ] [ 12 / 20 ]-[09:23:52] [ - ]
1479|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=core&module=system&controller=terms ]
1480|_[ + ] Exploit::
1481|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1482|_[ + ] More details:: / - / , ISP:
1483|_[ + ] Found:: UNIDENTIFIED
1484
1485 _[ - ]::--------------------------------------------------------------------------------------------------------------
1486|_[ + ] [ 13 / 20 ]-[09:23:55] [ - ]
1487|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=gallery&module=gallery&controller=submit&_new=1 ]
1488|_[ + ] Exploit::
1489|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1490|_[ + ] More details:: / - / , ISP:
1491|_[ + ] Found:: UNIDENTIFIED
1492
1493 _[ - ]::--------------------------------------------------------------------------------------------------------------
1494|_[ + ] [ 14 / 20 ]-[09:23:57] [ - ]
1495|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=core&module=system&controller=lostpass ]
1496|_[ + ] Exploit::
1497|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1498|_[ + ] More details:: / - / , ISP:
1499|_[ + ] Found:: UNIDENTIFIED
1500
1501 _[ - ]::--------------------------------------------------------------------------------------------------------------
1502|_[ + ] [ 15 / 20 ]-[09:23:58] [ - ]
1503|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=calendar&module=calendar&controller=submit&_nodeSelectName=calendar&_noJs=1 ]
1504|_[ + ] Exploit::
1505|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1506|_[ + ] More details:: / - / , ISP:
1507|_[ + ] Found:: UNIDENTIFIED
1508
1509 _[ - ]::--------------------------------------------------------------------------------------------------------------
1510|_[ + ] [ 16 / 20 ]-[09:24:01] [ - ]
1511|_[ + ] Target:: [ https://www.boymoment.com/bmtest/index.php?app=forums&module=forums&controller=forums&do=createMenu&_nodeSelectName=forum&_noJs=1 ]
1512|_[ + ] Exploit::
1513|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1514|_[ + ] More details:: / - / , ISP:
1515|_[ + ] Found:: UNIDENTIFIED
1516
1517 _[ - ]::--------------------------------------------------------------------------------------------------------------
1518|_[ + ] [ 17 / 20 ]-[09:24:02] [ - ]
1519|_[ + ] Target:: [ https://www.boymoment.com/IPB/area51/?adsess=1lkf8v6s1psv6htbah5j4hk3s5&app=core&module=system&controller=login&error=&ref= ]
1520|_[ + ] Exploit::
1521|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1522|_[ + ] More details:: / - / , ISP:
1523|_[ + ] Found:: UNIDENTIFIED
1524
1525 _[ - ]::--------------------------------------------------------------------------------------------------------------
1526|_[ + ] [ 18 / 20 ]-[09:24:03] [ - ]
1527|_[ + ] Target:: [ https://www.boymoment.com/IPB/area51/?adsess=se486httbmprl641p1mqr27ad3&app=core&module=system&controller=login&error=&ref= ]
1528|_[ + ] Exploit::
1529|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1530|_[ + ] More details:: / - / , ISP:
1531|_[ + ] Found:: UNIDENTIFIED
1532
1533 _[ - ]::--------------------------------------------------------------------------------------------------------------
1534|_[ + ] [ 19 / 20 ]-[09:24:04] [ - ]
1535|_[ + ] Target:: [ https://www.boymoment.com/IPB/area51/?adsess=jjn67fanea23qmdanq68ruen46&app=core&module=system&controller=login&error=&ref= ]
1536|_[ + ] Exploit::
1537|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:104.244.74.54:443
1538|_[ + ] More details:: / - / , ISP:
1539|_[ + ] Found:: UNIDENTIFIED
1540
1541[ INFO ] [ Shutting down ]
1542[ INFO ] [ End of process INURLBR at [10-02-2020 09:24:04]
1543[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
1544[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.boymoment.com/output/inurlbr-www.boymoment.com ]
1545|_________________________________________________________________________________________
1546
1547\_________________________________________________________________________________________/
1548#####################################################################################################################################
1549HTTP/1.1 403 Forbidden
1550Server: nginx
1551Date: Mon, 10 Feb 2020 14:26:33 GMT
1552Content-Type: text/html
1553Content-Length: 162
1554Connection: keep-alive
1555#####################################################################################################################################
1556tee: /usr/share/sniper/loot/workspace/www.boymoment.com/output/nmap-www.boymoment.com-port443: Aucun fichier ou dossier de ce type
1557Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:24 EST
1558NSE: Loaded 161 scripts for scanning.
1559NSE: Script Pre-scanning.
1560Initiating NSE at 09:24
1561Completed NSE at 09:24, 0.00s elapsed
1562Initiating NSE at 09:24
1563Completed NSE at 09:24, 0.00s elapsed
1564Initiating Parallel DNS resolution of 1 host. at 09:24
1565Completed Parallel DNS resolution of 1 host. at 09:24, 0.02s elapsed
1566Initiating SYN Stealth Scan at 09:24
1567Scanning www.boymoment.com (104.244.74.54) [1 port]
1568Discovered open port 443/tcp on 104.244.74.54
1569Completed SYN Stealth Scan at 09:24, 0.17s elapsed (1 total ports)
1570Initiating Service scan at 09:24
1571Scanning 1 service on www.boymoment.com (104.244.74.54)
1572Completed Service scan at 09:24, 13.23s elapsed (1 service on 1 host)
1573Initiating OS detection (try #1) against www.boymoment.com (104.244.74.54)
1574Retrying OS detection (try #2) against www.boymoment.com (104.244.74.54)
1575Initiating Traceroute at 09:24
1576Completed Traceroute at 09:24, 0.33s elapsed
1577Initiating Parallel DNS resolution of 11 hosts. at 09:24
1578Completed Parallel DNS resolution of 11 hosts. at 09:24, 0.32s elapsed
1579NSE: Script scanning 104.244.74.54.
1580Initiating NSE at 09:24
1581Completed NSE at 09:26, 90.77s elapsed
1582Initiating NSE at 09:26
1583Completed NSE at 09:26, 1.51s elapsed
1584Nmap scan report for www.boymoment.com (104.244.74.54)
1585Host is up (0.15s latency).
1586
1587PORT STATE SERVICE VERSION
1588443/tcp open ssl/http nginx
1589| http-brute:
1590|_ Path "/" does not require authentication
1591|_http-chrono: Request times for /; avg: 1053.64ms; min: 938.35ms; max: 1209.22ms
1592| http-csrf:
1593| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.boymoment.com
1594| Found the following possible CSRF vulnerabilities:
1595|
1596| Path: https://www.boymoment.com:443/IPB/register/
1597| Form id:
1598| Form action: //www.boymoment.com/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1599|
1600| Path: https://www.boymoment.com:443/IPB/register/
1601| Form id:
1602| Form action: //www.boymoment.com/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1603|
1604| Path: https://www.boymoment.com:443/IPB/register/
1605| Form id:
1606| Form action: //www.boymoment.com/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1607|
1608| Path: https://www.boymoment.com:443/IPB/register/
1609| Form id:
1610| Form action: //www.boymoment.com/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1611|
1612| Path: https://www.boymoment.com:443/IPB/index.php?/lostpassword/
1613| Form id:
1614| Form action: //www.boymoment.com/IPB/language/?csrfKey=d34587032be78ad707f55ebaec1ed6b9
1615|
1616| Path: https://www.boymoment.com:443/IPB/index.php?/lostpassword/
1617| Form id:
1618| Form action: //www.boymoment.com/IPB/language/?csrfKey=d34587032be78ad707f55ebaec1ed6b9
1619|
1620| Path: https://www.boymoment.com:443/IPB/index.php?/lostpassword/
1621| Form id:
1622| Form action: //www.boymoment.com/IPB/language/?csrfKey=d34587032be78ad707f55ebaec1ed6b9
1623|
1624| Path: https://www.boymoment.com:443/IPB/index.php?/lostpassword/
1625| Form id:
1626| Form action: //www.boymoment.com/IPB/language/?csrfKey=d34587032be78ad707f55ebaec1ed6b9
1627|
1628| Path: https://www.boymoment.com:443/IPB/topic/12754-bms-history/
1629| Form id:
1630| Form action: //www.boymoment.com/IPB/language/?csrfKey=2bce905cfab3e846420a3593eee3885a
1631|
1632| Path: https://www.boymoment.com:443/IPB/topic/12754-bms-history/
1633| Form id:
1634| Form action: //www.boymoment.com/IPB/language/?csrfKey=2bce905cfab3e846420a3593eee3885a
1635|
1636| Path: https://www.boymoment.com:443/IPB/topic/12754-bms-history/
1637| Form id:
1638| Form action: //www.boymoment.com/IPB/language/?csrfKey=2bce905cfab3e846420a3593eee3885a
1639|
1640| Path: https://www.boymoment.com:443/IPB/topic/12754-bms-history/
1641| Form id:
1642| Form action: //www.boymoment.com/IPB/language/?csrfKey=2bce905cfab3e846420a3593eee3885a
1643|
1644| Path: https://www.boymoment.com:443/IPB/login/
1645| Form id:
1646| Form action: //www.boymoment.com/IPB/language/?csrfKey=76e3b7626d033447e50e98bb0759fc1d
1647|
1648| Path: https://www.boymoment.com:443/IPB/login/
1649| Form id:
1650| Form action: //www.boymoment.com/IPB/language/?csrfKey=76e3b7626d033447e50e98bb0759fc1d
1651|
1652| Path: https://www.boymoment.com:443/IPB/login/
1653| Form id:
1654| Form action: //www.boymoment.com/IPB/language/?csrfKey=76e3b7626d033447e50e98bb0759fc1d
1655|
1656| Path: https://www.boymoment.com:443/IPB/login/
1657| Form id:
1658| Form action: //www.boymoment.com/IPB/language/?csrfKey=76e3b7626d033447e50e98bb0759fc1d
1659|
1660| Path: https://www.boymoment.com:443/IPB/
1661| Form id:
1662| Form action: //www.boymoment.com/IPB/language/?csrfKey=13345206d7557a102ff145b0cc0d195a
1663|
1664| Path: https://www.boymoment.com:443/IPB/
1665| Form id:
1666| Form action: //www.boymoment.com/IPB/language/?csrfKey=13345206d7557a102ff145b0cc0d195a
1667|
1668| Path: https://www.boymoment.com:443/IPB/
1669| Form id:
1670| Form action: //www.boymoment.com/IPB/language/?csrfKey=13345206d7557a102ff145b0cc0d195a
1671|
1672| Path: https://www.boymoment.com:443/IPB/
1673| Form id:
1674| Form action: //www.boymoment.com/IPB/language/?csrfKey=13345206d7557a102ff145b0cc0d195a
1675|
1676| Path: https://www.boymoment.com:443/IPB/topic/6-frequently-asked-questions/
1677| Form id:
1678| Form action: //www.boymoment.com/IPB/language/?csrfKey=41a3c99a346c005a99afb73ed82a620c
1679|
1680| Path: https://www.boymoment.com:443/IPB/topic/6-frequently-asked-questions/
1681| Form id:
1682| Form action: //www.boymoment.com/IPB/language/?csrfKey=41a3c99a346c005a99afb73ed82a620c
1683|
1684| Path: https://www.boymoment.com:443/IPB/topic/6-frequently-asked-questions/
1685| Form id:
1686| Form action: //www.boymoment.com/IPB/language/?csrfKey=41a3c99a346c005a99afb73ed82a620c
1687|
1688| Path: https://www.boymoment.com:443/IPB/topic/6-frequently-asked-questions/
1689| Form id:
1690| Form action: //www.boymoment.com/IPB/language/?csrfKey=41a3c99a346c005a99afb73ed82a620c
1691|
1692| Path: https://www.boymoment.com:443/IPB/contact/
1693| Form id:
1694| Form action: //www.boymoment.com/IPB/language/?csrfKey=b1fc4961068756b56b0445f90075e5c2
1695|
1696| Path: https://www.boymoment.com:443/IPB/contact/
1697| Form id:
1698| Form action: //www.boymoment.com/IPB/language/?csrfKey=b1fc4961068756b56b0445f90075e5c2
1699|
1700| Path: https://www.boymoment.com:443/IPB/contact/
1701| Form id:
1702| Form action: //www.boymoment.com/IPB/language/?csrfKey=b1fc4961068756b56b0445f90075e5c2
1703|
1704| Path: https://www.boymoment.com:443/IPB/contact/
1705| Form id:
1706| Form action: //www.boymoment.com/IPB/language/?csrfKey=b1fc4961068756b56b0445f90075e5c2
1707|
1708| Path: https://www.boymoment.com:443/IPB/discover/
1709| Form id:
1710| Form action: //www.boymoment.com/IPB/language/?csrfKey=03b65a04cf98d3e08c806e46b0380e0a
1711|
1712| Path: https://www.boymoment.com:443/IPB/discover/
1713| Form id:
1714| Form action: //www.boymoment.com/IPB/language/?csrfKey=03b65a04cf98d3e08c806e46b0380e0a
1715|
1716| Path: https://www.boymoment.com:443/IPB/discover/
1717| Form id:
1718| Form action: //www.boymoment.com/IPB/language/?csrfKey=03b65a04cf98d3e08c806e46b0380e0a
1719|
1720| Path: https://www.boymoment.com:443/IPB/discover/
1721| Form id:
1722| Form action: //www.boymoment.com/IPB/language/?csrfKey=03b65a04cf98d3e08c806e46b0380e0a
1723|
1724| Path: https://www.boymoment.com:443/IPB/manifest.webmanifest/
1725| Form id:
1726| Form action: //www.boymoment.com/IPB/language/?csrfKey=30be15bf44f43e003671b67871a2d0e6
1727|
1728| Path: https://www.boymoment.com:443/IPB/manifest.webmanifest/
1729| Form id:
1730| Form action: //www.boymoment.com/IPB/language/?csrfKey=30be15bf44f43e003671b67871a2d0e6
1731|
1732| Path: https://www.boymoment.com:443/IPB/manifest.webmanifest/
1733| Form id:
1734| Form action: //www.boymoment.com/IPB/language/?csrfKey=30be15bf44f43e003671b67871a2d0e6
1735|
1736| Path: https://www.boymoment.com:443/IPB/manifest.webmanifest/
1737| Form id:
1738| Form action: //www.boymoment.com/IPB/language/?csrfKey=30be15bf44f43e003671b67871a2d0e6
1739|
1740| Path: https://www.boymoment.com:443/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1741| Form id:
1742| Form action: //www.boymoment.com/IPB/language/?csrfKey=caec1cb365a8473db22edbac49bf9410
1743|
1744| Path: https://www.boymoment.com:443/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1745| Form id:
1746| Form action: //www.boymoment.com/IPB/language/?csrfKey=caec1cb365a8473db22edbac49bf9410
1747|
1748| Path: https://www.boymoment.com:443/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1749| Form id:
1750| Form action: //www.boymoment.com/IPB/language/?csrfKey=caec1cb365a8473db22edbac49bf9410
1751|
1752| Path: https://www.boymoment.com:443/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1753| Form id:
1754|_ Form action: //www.boymoment.com/IPB/language/?csrfKey=caec1cb365a8473db22edbac49bf9410
1755|_http-date: Mon, 10 Feb 2020 14:27:12 GMT; +2m25s from local time.
1756|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1757|_http-dombased-xss: Couldn't find any DOM based XSS.
1758|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1759| http-errors:
1760| Spidering limited to: maxpagecount=40; withinhost=www.boymoment.com
1761| Found the following error pages:
1762|
1763| Error Code: 404
1764| https://www.boymoment.com:443/IPB/register/
1765|
1766| Error Code: 404
1767| https://www.boymoment.com:443/IPB/contact/
1768|
1769| Error Code: 404
1770| https://www.boymoment.com:443/IPB/manifest.webmanifest/
1771|
1772| Error Code: 404
1773| https://www.boymoment.com:443/IPB/register/defaultStream
1774|
1775| Error Code: 404
1776| https://www.boymoment.com:443/IPB/language/?csrfKey=da3c08423f1650e5d2368c653aebb37d
1777|
1778| Error Code: 404
1779| https://www.boymoment.com:443/IPB/topic/6-frequently-asked-questions/
1780|
1781| Error Code: 404
1782| https://www.boymoment.com:443/IPB/login/
1783|
1784| Error Code: 404
1785| https://www.boymoment.com:443/IPB/
1786|
1787| Error Code: 404
1788| https://www.boymoment.com:443/IPB/index.php?/lostpassword/
1789|
1790| Error Code: 404
1791| https://www.boymoment.com:443/IPB/topic/12754-bms-history/
1792|
1793| Error Code: 404
1794|_ https://www.boymoment.com:443/IPB/discover/
1795|_http-feed: Couldn't find any feeds.
1796|_http-fetch: Please enter the complete path of the directory to save data in.
1797| http-grep:
1798| (5) https://www.boymoment.com:443/IPB/uploads/css_built_34/341e4a57816af3ba440d891ca87450ff_framework.css.5c92f5869fa759891f553d402c21ae91.css?v=022e534d93:
1799| (5) email:
1800| + loading@2x.gif
1801| + large@2x.png
1802| + rtl@2x.png
1803| + extra@2x.png
1804|_ + stem@2x.png
1805| http-headers:
1806| Server: nginx
1807| Date: Mon, 10 Feb 2020 14:27:14 GMT
1808| Content-Type: text/html
1809| Content-Length: 1929
1810| Connection: close
1811| Last-Modified: Wed, 22 Jan 2020 14:19:04 GMT
1812| Vary: Accept-Encoding
1813| ETag: "5e2859d8-789"
1814| Accept-Ranges: bytes
1815|
1816|_ (Request type: HEAD)
1817| http-jsonp-detection:
1818| The following JSONP endpoints were detected:
1819|_/IPB/uploads/javascript_global/root_js_lang_1.js.14e9667b31dd5e3299bf01a5fc015047.js
1820| http-methods:
1821|_ Supported Methods: GET HEAD
1822|_http-mobileversion-checker: No mobile version detected.
1823| http-php-version: Logo query returned unknown hash 1942c9f4b65cccbce9163a96fe960e26
1824|_Credits query returned unknown hash 1942c9f4b65cccbce9163a96fe960e26
1825| http-security-headers:
1826| Strict_Transport_Security:
1827|_ HSTS not configured in HTTPS Server
1828| http-sitemap-generator:
1829| Directory structure:
1830| /
1831| Other: 1; css: 1; html: 1
1832| /IPB/uploads/css_built_34/
1833| css: 2
1834| /IPB/uploads/javascript_core/
1835| js: 1
1836| /IPB/uploads/javascript_forumcover/
1837| js: 1
1838| /images/
1839| gif: 2; jpg: 1
1840| Longest directory structure:
1841| Depth: 3
1842| Dir: /IPB/uploads/css_built_34/
1843| Total files found (by extension):
1844|_ Other: 1; css: 3; gif: 2; html: 1; jpg: 1; js: 2
1845|_http-title: Welcome To BoyMoment.com
1846| http-vhosts:
1847|_127 names had status 200
1848| http-vuln-cve2011-3192:
1849| VULNERABLE:
1850| Apache byterange filter DoS
1851| State: VULNERABLE
1852| IDs: CVE:CVE-2011-3192 BID:49303
1853| The Apache web server is vulnerable to a denial of service attack when numerous
1854| overlapping byte ranges are requested.
1855| Disclosure date: 2011-08-19
1856| References:
1857| https://www.tenable.com/plugins/nessus/55976
1858| https://www.securityfocus.com/bid/49303
1859| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
1860|_ https://seclists.org/fulldisclosure/2011/Aug/175
1861|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
1862|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1863|_http-xssed: No previously reported XSS vuln.
1864Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1865Aggressive OS guesses: Linux 3.10 - 4.11 (92%), Linux 3.2 - 4.9 (92%), Linux 3.18 (90%), Crestron XPanel control system (90%), Linux 3.16 (89%), ASUS RT-N56U WAP (Linux 3.4) (87%), Linux 3.1 (87%), Linux 3.2 (87%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%)
1866No exact OS matches for host (test conditions non-ideal).
1867Uptime guess: 4.067 days (since Thu Feb 6 07:49:05 2020)
1868Network Distance: 13 hops
1869TCP Sequence Prediction: Difficulty=264 (Good luck!)
1870IP ID Sequence Generation: All zeros
1871
1872TRACEROUTE (using port 443/tcp)
1873HOP RTT ADDRESS
18741 105.95 ms 10.252.204.1
18752 135.67 ms R43.static.amanah.com (104.245.144.129)
18763 135.70 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
18774 135.73 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
18785 199.61 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
18796 229.69 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
18807 199.64 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
18818 199.65 ms be2182.ccr41.ams03.atlas.cogentco.com (154.54.77.245)
18829 229.71 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
188310 169.36 ms 204.68.252.129
188411 148.31 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
188512 186.27 ms 204.68.252.129
188613 156.11 ms 104.244.74.54
1887
1888NSE: Script Post-scanning.
1889Initiating NSE at 09:26
1890Completed NSE at 09:26, 0.00s elapsed
1891Initiating NSE at 09:26
1892Completed NSE at 09:26, 0.00s elapsed
1893######################################################################################################################################
1894Version: 1.11.13-static
1895OpenSSL 1.0.2-chacha (1.0.2g-dev)
1896
1897Connected to 104.244.74.54
1898
1899Testing SSL server www.boymoment.com on port 443 using SNI name www.boymoment.com
1900
1901 TLS Fallback SCSV:
1902Server supports TLS Fallback SCSV
1903
1904 TLS renegotiation:
1905Secure session renegotiation supported
1906
1907 TLS Compression:
1908Compression disabled
1909
1910 Heartbleed:
1911TLS 1.2 not vulnerable to heartbleed
1912TLS 1.1 not vulnerable to heartbleed
1913TLS 1.0 not vulnerable to heartbleed
1914
1915 Supported Server Cipher(s):
1916Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
1917Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
1918Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
1919Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1920Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1921Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
1922
1923 SSL Certificate:
1924Signature Algorithm: sha256WithRSAEncryption
1925RSA Key Strength: 2048
1926
1927Subject: boymoment.com
1928Altnames: DNS:boymoment.com, DNS:www.boymoment.com
1929Issuer: Let's Encrypt Authority X3
1930
1931Not valid before: Jan 10 09:36:52 2020 GMT
1932Not valid after: Apr 9 09:36:52 2020 GMT
1933#####################################################################################################################################
1934+----------+---------------------------------+----------------------------------------------+----------+----------+
1935| App Name | URL to Application | Potential Exploit | Username | Password |
1936+----------+---------------------------------+----------------------------------------------+----------+----------+
1937| SVN | https://104.244.74.54:443/.svn/ | ./auxiliary/scanner/http/svn_wcdb_scanner.rb | | |
1938+----------+---------------------------------+----------------------------------------------+----------+----------+
1939######################################################################################################################################
1940Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:41 EST
1941Nmap scan report for 104.244.74.54
1942Host is up (0.076s latency).
1943Not shown: 994 filtered ports
1944PORT STATE SERVICE VERSION
194525/tcp closed smtp
194680/tcp open http nginx
1947| vulscan: VulDB - https://vuldb.com:
1948| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
1949| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
1950| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
1951| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
1952| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
1953| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
1954| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
1955| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
1956| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
1957| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
1958| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
1959| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
1960| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
1961| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
1962| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
1963| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
1964| [67677] nginx up to 1.7.3 SSL weak authentication
1965| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
1966| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
1967| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
1968| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
1969| [65364] nginx up to 1.1.13 Default Configuration information disclosure
1970| [8671] nginx up to 1.4 proxy_pass denial of service
1971| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
1972| [7247] nginx 1.2.6 Proxy Function spoofing
1973| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
1974| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
1975| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
1976| [59645] nginx up to 0.8.9 Heap-based memory corruption
1977| [53592] nginx 0.8.36 memory corruption
1978| [53590] nginx up to 0.8.9 unknown vulnerability
1979| [51533] nginx 0.7.64 Terminal privilege escalation
1980| [50905] nginx up to 0.8.9 directory traversal
1981| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
1982| [50043] nginx up to 0.8.10 memory corruption
1983|
1984| MITRE CVE - https://cve.mitre.org:
1985| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
1986| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
1987| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
1988| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
1989| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
1990| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
1991| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
1992| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
1993| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
1994| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
1995| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
1996| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
1997| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
1998|
1999| SecurityFocus - https://www.securityfocus.com/bid/:
2000| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2001| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2002| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
2003| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
2004| [82230] nginx Multiple Denial of Service Vulnerabilities
2005| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
2006| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2007| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
2008| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
2009| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2010| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
2011| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
2012| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2013| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
2014| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
2015| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
2016| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
2017| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
2018| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
2019| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2020| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2021| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2022| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2023| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
2024| [40420] nginx Directory Traversal Vulnerability
2025| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2026| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2027| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2028| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2029| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
2030|
2031| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2032| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
2033| [84172] nginx denial of service
2034| [84048] nginx buffer overflow
2035| [83923] nginx ngx_http_close_connection() integer overflow
2036| [83688] nginx null byte code execution
2037| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
2038| [82319] nginx access.log information disclosure
2039| [80952] nginx SSL spoofing
2040| [77244] nginx and Microsoft Windows request security bypass
2041| [76778] Naxsi module for Nginx nx_extract.py directory traversal
2042| [74831] nginx ngx_http_mp4_module.c buffer overflow
2043| [74191] nginx ngx_cpystrn() information disclosure
2044| [74045] nginx header response information disclosure
2045| [71355] nginx ngx_resolver_copy() buffer overflow
2046| [59370] nginx characters denial of service
2047| [59369] nginx DATA source code disclosure
2048| [59047] nginx space source code disclosure
2049| [58966] nginx unspecified directory traversal
2050| [54025] nginx ngx_http_parse.c denial of service
2051| [53431] nginx WebDAV component directory traversal
2052| [53328] Nginx CRC-32 cached domain name spoofing
2053| [53250] Nginx ngx_http_parse_complex_uri() function code execution
2054|
2055| Exploit-DB - https://www.exploit-db.com:
2056| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
2057| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
2058| [25499] nginx 1.3.9-1.4.0 DoS PoC
2059| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
2060| [14830] nginx 0.6.38 - Heap Corruption Exploit
2061| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
2062| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
2063| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
2064| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
2065| [9829] nginx 0.7.61 WebDAV directory traversal
2066|
2067| OpenVAS (Nessus) - http://www.openvas.org:
2068| [864418] Fedora Update for nginx FEDORA-2012-3846
2069| [864310] Fedora Update for nginx FEDORA-2012-6238
2070| [864209] Fedora Update for nginx FEDORA-2012-6411
2071| [864204] Fedora Update for nginx FEDORA-2012-6371
2072| [864121] Fedora Update for nginx FEDORA-2012-4006
2073| [864115] Fedora Update for nginx FEDORA-2012-3991
2074| [864065] Fedora Update for nginx FEDORA-2011-16075
2075| [863654] Fedora Update for nginx FEDORA-2011-16110
2076| [861232] Fedora Update for nginx FEDORA-2007-1158
2077| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
2078| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
2079| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
2080| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
2081| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2082| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2083| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2084| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2085| [100659] nginx Directory Traversal Vulnerability
2086| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
2087| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2088| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2089| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2090| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
2091| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2092| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
2093| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
2094| [71297] FreeBSD Ports: nginx
2095| [71276] FreeBSD Ports: nginx
2096| [71239] Debian Security Advisory DSA 2434-1 (nginx)
2097| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
2098| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
2099| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
2100| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
2101| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
2102| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
2103| [64894] FreeBSD Ports: nginx
2104| [64869] Debian Security Advisory DSA 1884-1 (nginx)
2105|
2106| SecurityTracker - https://www.securitytracker.com:
2107| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
2108| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
2109| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
2110| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
2111|
2112| OSVDB - http://www.osvdb.org:
2113| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
2114| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
2115| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
2116| [92796] nginx ngx_http_close_connection Function Crafted r->
2117| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
2118| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
2119| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
2120| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
2121| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
2122| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
2123| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
2124| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
2125| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
2126| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
2127| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
2128| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2129| [62617] nginx Internal DNS Cache Poisoning Weakness
2130| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
2131| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
2132| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
2133| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
2134| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
2135| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
2136| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
2137| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
2138| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
2139| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
2140|_
2141139/tcp closed netbios-ssn
2142443/tcp open ssl/http nginx
2143| vulscan: VulDB - https://vuldb.com:
2144| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
2145| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
2146| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
2147| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
2148| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
2149| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
2150| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
2151| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
2152| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
2153| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
2154| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
2155| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
2156| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
2157| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
2158| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
2159| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
2160| [67677] nginx up to 1.7.3 SSL weak authentication
2161| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
2162| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
2163| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
2164| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
2165| [65364] nginx up to 1.1.13 Default Configuration information disclosure
2166| [8671] nginx up to 1.4 proxy_pass denial of service
2167| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
2168| [7247] nginx 1.2.6 Proxy Function spoofing
2169| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
2170| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
2171| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
2172| [59645] nginx up to 0.8.9 Heap-based memory corruption
2173| [53592] nginx 0.8.36 memory corruption
2174| [53590] nginx up to 0.8.9 unknown vulnerability
2175| [51533] nginx 0.7.64 Terminal privilege escalation
2176| [50905] nginx up to 0.8.9 directory traversal
2177| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
2178| [50043] nginx up to 0.8.10 memory corruption
2179|
2180| MITRE CVE - https://cve.mitre.org:
2181| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
2182| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
2183| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
2184| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
2185| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
2186| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
2187| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
2188| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
2189| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
2190| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
2191| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
2192| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
2193| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
2194|
2195| SecurityFocus - https://www.securityfocus.com/bid/:
2196| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2197| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2198| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
2199| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
2200| [82230] nginx Multiple Denial of Service Vulnerabilities
2201| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
2202| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2203| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
2204| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
2205| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2206| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
2207| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
2208| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2209| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
2210| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
2211| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
2212| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
2213| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
2214| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
2215| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2216| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2217| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2218| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2219| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
2220| [40420] nginx Directory Traversal Vulnerability
2221| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2222| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2223| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2224| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2225| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
2226|
2227| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2228| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
2229| [84172] nginx denial of service
2230| [84048] nginx buffer overflow
2231| [83923] nginx ngx_http_close_connection() integer overflow
2232| [83688] nginx null byte code execution
2233| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
2234| [82319] nginx access.log information disclosure
2235| [80952] nginx SSL spoofing
2236| [77244] nginx and Microsoft Windows request security bypass
2237| [76778] Naxsi module for Nginx nx_extract.py directory traversal
2238| [74831] nginx ngx_http_mp4_module.c buffer overflow
2239| [74191] nginx ngx_cpystrn() information disclosure
2240| [74045] nginx header response information disclosure
2241| [71355] nginx ngx_resolver_copy() buffer overflow
2242| [59370] nginx characters denial of service
2243| [59369] nginx DATA source code disclosure
2244| [59047] nginx space source code disclosure
2245| [58966] nginx unspecified directory traversal
2246| [54025] nginx ngx_http_parse.c denial of service
2247| [53431] nginx WebDAV component directory traversal
2248| [53328] Nginx CRC-32 cached domain name spoofing
2249| [53250] Nginx ngx_http_parse_complex_uri() function code execution
2250|
2251| Exploit-DB - https://www.exploit-db.com:
2252| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
2253| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
2254| [25499] nginx 1.3.9-1.4.0 DoS PoC
2255| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
2256| [14830] nginx 0.6.38 - Heap Corruption Exploit
2257| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
2258| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
2259| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
2260| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
2261| [9829] nginx 0.7.61 WebDAV directory traversal
2262|
2263| OpenVAS (Nessus) - http://www.openvas.org:
2264| [864418] Fedora Update for nginx FEDORA-2012-3846
2265| [864310] Fedora Update for nginx FEDORA-2012-6238
2266| [864209] Fedora Update for nginx FEDORA-2012-6411
2267| [864204] Fedora Update for nginx FEDORA-2012-6371
2268| [864121] Fedora Update for nginx FEDORA-2012-4006
2269| [864115] Fedora Update for nginx FEDORA-2012-3991
2270| [864065] Fedora Update for nginx FEDORA-2011-16075
2271| [863654] Fedora Update for nginx FEDORA-2011-16110
2272| [861232] Fedora Update for nginx FEDORA-2007-1158
2273| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
2274| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
2275| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
2276| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
2277| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2278| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2279| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2280| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2281| [100659] nginx Directory Traversal Vulnerability
2282| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
2283| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2284| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2285| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2286| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
2287| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2288| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
2289| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
2290| [71297] FreeBSD Ports: nginx
2291| [71276] FreeBSD Ports: nginx
2292| [71239] Debian Security Advisory DSA 2434-1 (nginx)
2293| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
2294| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
2295| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
2296| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
2297| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
2298| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
2299| [64894] FreeBSD Ports: nginx
2300| [64869] Debian Security Advisory DSA 1884-1 (nginx)
2301|
2302| SecurityTracker - https://www.securitytracker.com:
2303| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
2304| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
2305| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
2306| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
2307|
2308| OSVDB - http://www.osvdb.org:
2309| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
2310| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
2311| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
2312| [92796] nginx ngx_http_close_connection Function Crafted r->
2313| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
2314| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
2315| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
2316| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
2317| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
2318| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
2319| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
2320| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
2321| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
2322| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
2323| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
2324| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2325| [62617] nginx Internal DNS Cache Poisoning Weakness
2326| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
2327| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
2328| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
2329| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
2330| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
2331| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
2332| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
2333| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
2334| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
2335| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
2336|_
2337445/tcp closed microsoft-ds
233816001/tcp open ssl/http MiniServ 1.910 (Webmin httpd)
2339| vulscan: VulDB - https://vuldb.com:
2340| No findings
2341|
2342| MITRE CVE - https://cve.mitre.org:
2343| [CVE-2005-3912] Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. NOTE: the code execution might be associated with an issue in Perl.
2344| [CVE-2005-3042] miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
2345| [CVE-2005-0427] The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password.
2346| [CVE-2003-0101] miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
2347|
2348| SecurityFocus - https://www.securityfocus.com/bid/:
2349| No findings
2350|
2351| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2352| [23277] Webmin miniserv.pl Web server component username format string
2353|
2354| Exploit-DB - https://www.exploit-db.com:
2355| No findings
2356|
2357| OpenVAS (Nessus) - http://www.openvas.org:
2358| No findings
2359|
2360| SecurityTracker - https://www.securitytracker.com:
2361| [1006161] Usermin Input Validation Flaw in 'miniserv.pl' May Let Remote Users Gain User or Root Access
2362| [1006160] Webmin Input Validation Flaw in 'miniserv.pl' May Let Remote Users Spoof Session IDs and Gain Root Access
2363|
2364| OSVDB - http://www.osvdb.org:
2365| [79044] Webmin miniserv.pl Unspecified Local Password Disclosure
2366| [21222] Webmin/Usermin miniserv.pl Format String Remote Code Execution
2367| [19575] Webmin/Usermin miniserv.pl Metacharacter PAM Authentication Bypass
2368| [13772] Gentoo Webmin miniserv.users Encrypted Root Password Remote Disclosure
2369| [10803] Webmin/Usermin miniserv.pl Base-64 String Metacharacter Handling Session Spoofing
2370| [1844] Webmin miniserv.pl Environment Variable Cleartext Password Local Disclosure
2371######################################################################################################################################
2372Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:19 EST
2373Nmap scan report for 104.244.74.54
2374Host is up (0.15s latency).
2375Not shown: 469 filtered ports, 4 closed ports
2376Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2377PORT STATE SERVICE VERSION
237880/tcp open http nginx
2379|_http-title: Did not follow redirect to https://www.boymoment.com/
2380443/tcp open ssl/http nginx
2381|_http-title: Welcome To BoyMoment.com
2382| ssl-cert: Subject: commonName=boymoment.com
2383| Subject Alternative Name: DNS:boymoment.com, DNS:www.boymoment.com
2384| Not valid before: 2020-01-10T09:36:52
2385|_Not valid after: 2020-04-09T09:36:52
238632022/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
2387| ssh-hostkey:
2388| 2048 f4:60:31:3e:9e:7c:b1:c3:71:aa:43:8d:95:e6:a1:68 (RSA)
2389|_ 256 e8:a1:2f:d2:c7:3d:fe:af:d2:d5:8c:ea:aa:9c:3c:cd (ECDSA)
2390Aggressive OS guesses: Linux 3.10 - 4.11 (92%), HP P2000 G3 NAS device (91%), Linux 3.2 - 4.9 (91%), Linux 3.16 - 4.6 (90%), Linux 2.6.32 (90%), Infomir MAG-250 set-top box (90%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (90%), Linux 3.7 (90%), Ubiquiti AirOS 5.5.9 (90%), Linux 4.4 (90%)
2391No exact OS matches for host (test conditions non-ideal).
2392Network Distance: 11 hops
2393Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
2394
2395TRACEROUTE (using port 80/tcp)
2396HOP RTT ADDRESS
23971 92.04 ms 10.252.204.1
23982 122.16 ms R43.static.amanah.com (104.245.144.129)
23993 122.21 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
24004 122.25 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
24015 122.24 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
24026 122.29 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
24037 185.72 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
24048 216.76 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
24059 216.82 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
240610 152.36 ms 204.68.252.129
240711 149.53 ms 104.244.74.54
2408######################################################################################################################################
2409Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:20 EST
2410Nmap scan report for 104.244.74.54
2411Host is up (0.090s latency).
2412Not shown: 15 filtered ports, 1 closed port
2413Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
2414PORT STATE SERVICE VERSION
241553/udp open|filtered domain
241667/udp open|filtered dhcps
241768/udp open|filtered dhcpc
241869/udp open|filtered tftp
241988/udp open|filtered kerberos-sec
2420123/udp open|filtered ntp
2421139/udp open|filtered netbios-ssn
2422161/udp open|filtered snmp
2423162/udp open|filtered snmptrap
2424389/udp open|filtered ldap
2425520/udp open|filtered route
24262049/udp open|filtered nfs
2427Too many fingerprints match this host to give specific OS details
2428
2429TRACEROUTE (using port 138/udp)
2430HOP RTT ADDRESS
24311 ... 3
24324 51.74 ms 10.252.204.1
24335 67.65 ms 10.252.204.1
24346 67.66 ms 10.252.204.1
24357 67.66 ms 10.252.204.1
24368 67.67 ms 10.252.204.1
24379 67.68 ms 10.252.204.1
243810 67.72 ms 10.252.204.1
243911 ... 15
244016 54.01 ms 10.252.204.1
244117 ... 18
244219 60.12 ms 10.252.204.1
244320 85.68 ms 10.252.204.1
244421 33.98 ms 10.252.204.1
244522 ... 29
244630 42.53 ms 10.252.204.1
2447######################################################################################################################################
2448Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:25 EST
2449Nmap scan report for 104.244.74.54
2450Host is up (0.15s latency).
2451
2452PORT STATE SERVICE VERSION
245367/tcp filtered dhcps
245467/udp open|filtered dhcps
2455|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
2456Too many fingerprints match this host to give specific OS details
2457Network Distance: 11 hops
2458
2459TRACEROUTE (using proto 1/icmp)
2460HOP RTT ADDRESS
24611 75.57 ms 10.252.204.1
24622 75.61 ms R43.static.amanah.com (104.245.144.129)
24633 75.64 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
24644 92.77 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
24655 149.28 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
24666 160.75 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
24677 168.60 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
24688 169.41 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
24699 172.41 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
247010 130.07 ms 204.68.252.129
247111 157.92 ms 104.244.74.54
2472######################################################################################################################################
2473Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:27 EST
2474Nmap scan report for 104.244.74.54
2475Host is up (0.16s latency).
2476
2477PORT STATE SERVICE VERSION
247868/tcp filtered dhcpc
247968/udp open|filtered dhcpc
2480Too many fingerprints match this host to give specific OS details
2481Network Distance: 11 hops
2482
2483TRACEROUTE (using proto 1/icmp)
2484HOP RTT ADDRESS
24851 35.30 ms 10.252.204.1
24862 69.29 ms R43.static.amanah.com (104.245.144.129)
24873 69.32 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
24884 69.33 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
24895 137.40 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
24906 137.45 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
24917 137.48 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
24928 137.50 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
24939 137.56 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
249410 137.57 ms 204.68.252.129
249511 127.53 ms 104.244.74.54
2496#####################################################################################################################################
2497Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:28 EST
2498Nmap scan report for 104.244.74.54
2499Host is up (0.15s latency).
2500
2501PORT STATE SERVICE VERSION
250269/tcp filtered tftp
250369/udp open|filtered tftp
2504Too many fingerprints match this host to give specific OS details
2505Network Distance: 11 hops
2506
2507TRACEROUTE (using proto 1/icmp)
2508HOP RTT ADDRESS
25091 99.98 ms 10.252.204.1
25102 134.27 ms R43.static.amanah.com (104.245.144.129)
25113 134.33 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
25124 134.35 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
25135 177.22 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
25146 205.84 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
25157 205.86 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
25168 205.88 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
25179 205.91 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
251810 205.90 ms 204.68.252.129
251911 166.53 ms 104.244.74.54
2520######################################################################################################################################
2521http://104.244.74.54 [301 Moved Permanently] Country[RESERVED][ZZ], HTTPServer[nginx], IP[104.244.74.54], RedirectLocation[https://www.boymoment.com/], Title[301 Moved Permanently], nginx
2522https://www.boymoment.com/ [200 OK] Country[RESERVED][ZZ], HTML5, HTTPServer[nginx], IP[104.244.74.54], Title[Welcome To BoyMoment.com], nginx
2523#####################################################################################################################################
2524HTTP/1.1 403 Forbidden
2525Server: nginx
2526Date: Mon, 10 Feb 2020 14:33:40 GMT
2527Content-Type: text/html
2528Content-Length: 162
2529Connection: keep-alive
2530
2531HTTP/1.1 403 Forbidden
2532Server: nginx
2533Date: Mon, 10 Feb 2020 14:33:40 GMT
2534Content-Type: text/html
2535Content-Length: 162
2536Connection: keep-alive
2537######################################################################################################################################
2538Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:31 EST
2539Nmap scan report for 104.244.74.54
2540Host is up (0.16s latency).
2541
2542PORT STATE SERVICE VERSION
2543123/tcp filtered ntp
2544123/udp open|filtered ntp
2545Too many fingerprints match this host to give specific OS details
2546Network Distance: 11 hops
2547
2548TRACEROUTE (using proto 1/icmp)
2549HOP RTT ADDRESS
25501 60.15 ms 10.252.204.1
25512 90.51 ms R43.static.amanah.com (104.245.144.129)
25523 90.53 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
25534 90.54 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
25545 157.61 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
25556 157.64 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
25567 157.65 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
25578 157.66 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
25589 187.59 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
255910 127.75 ms 204.68.252.129
256011 156.93 ms 104.244.74.54
2561######################################################################################################################################
2562Version: 1.11.13-static
2563OpenSSL 1.0.2-chacha (1.0.2g-dev)
2564
2565Connected to 104.244.74.54
2566
2567Testing SSL server 104.244.74.54 on port 443 using SNI name 104.244.74.54
2568
2569 TLS Fallback SCSV:
2570Server supports TLS Fallback SCSV
2571
2572 TLS renegotiation:
2573Secure session renegotiation supported
2574
2575 TLS Compression:
2576Compression disabled
2577
2578 Heartbleed:
2579TLS 1.2 not vulnerable to heartbleed
2580TLS 1.1 not vulnerable to heartbleed
2581TLS 1.0 not vulnerable to heartbleed
2582
2583 Supported Server Cipher(s):
2584Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2585Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2586Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2587Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2588Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2589Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2590
2591 SSL Certificate:
2592Signature Algorithm: sha256WithRSAEncryption
2593RSA Key Strength: 2048
2594
2595Subject: boymoment.com
2596Altnames: DNS:boymoment.com, DNS:www.boymoment.com
2597Issuer: Let's Encrypt Authority X3
2598
2599Not valid before: Jan 10 09:36:52 2020 GMT
2600Not valid after: Apr 9 09:36:52 2020 GMT
2601#####################################################################################################################################
2602+----------+---------------------------------+----------------------------------------------+----------+----------+
2603| App Name | URL to Application | Potential Exploit | Username | Password |
2604+----------+---------------------------------+----------------------------------------------+----------+----------+
2605| SVN | https://104.244.74.54:443/.svn/ | ./auxiliary/scanner/http/svn_wcdb_scanner.rb | | |
2606+----------+---------------------------------+----------------------------------------------+----------+----------+
2607#####################################################################################################################################
2608Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:39 EST
2609Nmap scan report for 104.244.74.54
2610Host is up (0.16s latency).
2611Not shown: 65525 filtered ports
2612PORT STATE SERVICE VERSION
261325/tcp closed smtp
261480/tcp open http nginx
2615|_http-title: Did not follow redirect to https://www.boymoment.com/
2616139/tcp closed netbios-ssn
2617443/tcp open ssl/http nginx
2618|_http-title: Welcome To BoyMoment.com
2619| ssl-cert: Subject: commonName=boymoment.com
2620| Subject Alternative Name: DNS:boymoment.com, DNS:www.boymoment.com
2621| Not valid before: 2020-01-10T09:36:52
2622|_Not valid after: 2020-04-09T09:36:52
2623445/tcp closed microsoft-ds
26245040/tcp closed unknown
262516001/tcp open ssl/http MiniServ 1.910 (Webmin httpd)
2626| http-robots.txt: 1 disallowed entry
2627|_/
2628|_http-title: Login to Webmin
2629| ssl-cert: Subject: commonName=lux.isp-cx-miami.net
2630| Subject Alternative Name: DNS:lux.isp-cx-miami.net
2631| Not valid before: 2019-11-11T02:09:30
2632|_Not valid after: 2020-02-09T02:09:30
2633|_ssl-date: TLS randomness does not represent time
263416221/tcp closed unknown
263523022/tcp closed unknown
263632022/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
2637| ssh-hostkey:
2638| 2048 f4:60:31:3e:9e:7c:b1:c3:71:aa:43:8d:95:e6:a1:68 (RSA)
2639|_ 256 e8:a1:2f:d2:c7:3d:fe:af:d2:d5:8c:ea:aa:9c:3c:cd (ECDSA)
2640Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 3.10 - 4.11 (91%), Linux 3.2 - 4.9 (91%), Linux 2.6.32 (90%), Netgear RAIDiator 4.2.21 (Linux 2.6.37) (90%), Linux 4.4 (90%), Linux 2.6.32 - 3.13 (89%), Linux 3.16 - 4.6 (89%), Linux 2.6.32 - 3.1 (89%), Infomir MAG-250 set-top box (89%)
2641No exact OS matches for host (test conditions non-ideal).
2642Network Distance: 13 hops
2643Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
2644
2645TRACEROUTE (using port 5040/tcp)
2646HOP RTT ADDRESS
26471 109.68 ms 10.252.204.1
26482 109.71 ms R43.static.amanah.com (104.245.144.129)
26493 109.72 ms te0-1-1-9.219.ccr32.yyz02.atlas.cogentco.com (38.104.158.113)
26504 109.73 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
26515 139.86 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
26526 139.92 ms be2183.ccr42.ams03.atlas.cogentco.com (154.54.58.70)
26537 139.91 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
26548 169.84 ms be2377.rcr21.lux01.atlas.cogentco.com (154.54.38.146)
26559 169.81 ms be2814.ccr42.fra03.atlas.cogentco.com (130.117.0.142)
265610 169.89 ms 204.68.252.129
265711 135.50 ms be3456.nr51.b038844-0.lux01.atlas.cogentco.com (154.25.12.70)
265812 242.69 ms 204.68.252.129
265913 242.73 ms 104.244.74.54
2660#####################################################################################################################################
2661Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-10 09:44 EST
2662Nmap scan report for 104.244.74.54
2663Host is up (0.088s latency).
2664
2665PORT STATE SERVICE VERSION
266653/tcp filtered domain
266767/tcp filtered dhcps
266868/tcp filtered dhcpc
266969/tcp filtered tftp
267088/tcp filtered kerberos-sec
2671123/tcp filtered ntp
2672137/tcp filtered netbios-ns
2673138/tcp filtered netbios-dgm
2674139/tcp closed netbios-ssn
2675161/tcp filtered snmp
2676162/tcp filtered snmptrap
2677389/tcp filtered ldap
2678520/tcp filtered efs
26792049/tcp filtered nfs
268053/udp open|filtered domain
268167/udp open|filtered dhcps
268268/udp open|filtered dhcpc
268369/udp open|filtered tftp
268488/udp open|filtered kerberos-sec
2685123/udp open|filtered ntp
2686137/udp filtered netbios-ns
2687138/udp filtered netbios-dgm
2688139/udp open|filtered netbios-ssn
2689161/udp open|filtered snmp
2690162/udp open|filtered snmptrap
2691389/udp open|filtered ldap
2692520/udp open|filtered route
26932049/udp open|filtered nfs
2694Too many fingerprints match this host to give specific OS details
2695Network Distance: 2 hops
2696
2697TRACEROUTE (using port 139/tcp)
2698HOP RTT ADDRESS
26991 91.28 ms 10.252.204.1
27002 91.28 ms 104.244.74.54
2701#####################################################################################################################################
2702Hosts
2703=====
2704
2705address mac name os_name os_flavor os_sp purpose info comments
2706------- --- ---- ------- --------- ----- ------- ---- --------
27078.113.216.185 Unknown device
270823.194.8.156 a23-194-8-156.deploy.static.akamaitechnologies.com Unknown device
270923.201.103.9 a23-201-103-9.deploy.static.akamaitechnologies.com embedded 6.X device
271034.66.191.217 217.191.66.34.bc.googleusercontent.com Linux 2.4.X server
271134.210.57.231 ec2-34-210-57-231.us-west-2.compute.amazonaws.com Linux 3.X server
271245.60.80.235 Linux 3.X server
271352.11.234.150 ec2-52-11-234-150.us-west-2.compute.amazonaws.com Linux 3.X server
271452.35.54.14 ec2-52-35-54-14.us-west-2.compute.amazonaws.com Unknown device
271552.198.183.13 ec2-52-198-183-13.ap-northeast-1.compute.amazonaws.co embedded device
271654.73.84.17 ec2-54-73-84-17.eu-west-1.compute.amazonaws.com Unknown device
271772.47.224.85 agaacqmame.c03.gridserver.com embedded device
271880.82.79.116 no-reverse-dns-configured.com Linux 7.0 server
271980.209.242.81 muhajeer.com Linux 3.X server
272082.221.136.4 hekla.orangewebsite.com Unknown device
272182.221.139.217 Unknown device
272284.235.91.252 84-235-91-252.saudi.net.sa Unknown device
272385.25.208.92 mail.suh-ev.de Linux 9.0 server
272487.247.240.207 crayford.servers.prgn.misp.co.uk Android 5.X device
272589.221.213.22 hc1-wd12.wedos.net Linux 2.6.X server
272689.248.172.200 89-248-172-200.constellationservers.net Linux 8.0 server
272793.89.20.20 Unknown device
272893.95.228.158 vps-93-95-228-158.1984.is Linux 18.04 server
272993.113.37.250 adsla250.ch-clienti.ro Linux 2.6.X server
273093.174.93.84 Linux 3.X server
273193.191.156.197 Unknown device
273294.102.51.33 full-dark.net Linux 2.6.X server
2733104.154.60.12 12.60.154.104.bc.googleusercontent.com Linux 2.6.X server
2734104.218.232.66 Linux 3.X server
2735104.244.74.54 embedded device
2736107.154.130.27 107.154.130.27.ip.incapdns.net Linux 3.X server
2737107.154.248.27 107.154.248.27.ip.incapdns.net Linux 3.X server
2738141.105.65.111 Linux 2.6.X server
2739147.237.0.206 embedded device
2740150.95.250.133 embedded device
2741151.139.243.11 Linux 4.X server
2742154.73.84.17 Unknown device
2743157.7.107.254 157-7-107-254.virt.lolipop.jp embedded device
2744159.89.0.72 Linux 16.04 server
2745160.153.72.166 ip-160-153-72-166.ip.secureserver.net Linux 3.X server
2746163.247.52.17 www.mtt.cl Linux 2.6.X server
2747163.247.96.10 Linux 2.6.X server
2748170.246.172.178 host-170-246-172-178.anacondaweb.com Linux 2.6.X server
2749180.222.81.193 bvdeuy193.secure.ne.jp Linux 2.6.X server
2750184.72.111.210 ec2-184-72-111-210.compute-1.amazonaws.com Linux 2.6.X server
2751185.2.4.98 lhcp1098.webapps.net embedded device
2752185.68.93.22 verbatim1981.example.com Unknown device
2753185.119.173.237 Linux 2.6.X server
2754186.67.91.110 ipj10-110.poderjudicial.cl Linux 2.6.X server
2755192.0.78.12 Linux 2.4.X server
2756192.0.78.13 Linux 2.6.X server
2757194.18.73.2 www.sakerhetspolisen.se Linux 2.6.X server
2758194.39.164.140 194.39.164.140.srvlist.ukfast.net Linux 3.X server
2759200.14.67.43 senado.cl Linux 2.6.X server
2760200.14.67.65 Linux 2.6.X server
2761200.35.157.77 srv77.talcaguia.cl Unknown device
2762201.131.38.40 Linux 2.6.X server
2763201.238.246.43 Unknown device
2764202.214.194.138 Linux 2.6.X server
2765202.238.130.103 Linux 2.6.X server
2766203.137.110.66 Unknown device
2767203.180.216.224 embedded device
2768203.183.218.244 Unknown device
2769208.113.216.185 apache2-rank.thomas-mckean.dreamhost.com Unknown device
2770208.113.220.218 apache2-xenon.accomack.dreamhost.com Unknown device
2771209.59.165.178 rabbit.ceilingsky.com Linux 2.6.X server
2772210.149.141.34 Unknown device
2773210.152.243.182 Unknown device
2774210.160.220.105 h105.sk3.estore.co.jp embedded device
2775210.160.220.113 h113.sk3.estore.co.jp embedded device
2776210.226.36.2 210-226-36-2.df.nttcomcloud.com Linux 2.6.X server
2777217.160.131.142 s18161039.onlinehome-server.info Linux 2.6.X server
2778######################################################################################################################################
2779Services
2780========
2781
2782host port proto name state info
2783---- ---- ----- ---- ----- ----
27848.113.216.185 25 tcp smtp closed
27858.113.216.185 53 tcp domain filtered
27868.113.216.185 53 udp domain unknown
27878.113.216.185 67 tcp dhcps filtered
27888.113.216.185 67 udp dhcps unknown
27898.113.216.185 68 tcp dhcpc filtered
27908.113.216.185 68 udp dhcpc unknown
27918.113.216.185 69 tcp tftp filtered
27928.113.216.185 69 udp tftp unknown
27938.113.216.185 88 tcp kerberos-sec filtered
27948.113.216.185 88 udp kerberos-sec unknown
27958.113.216.185 123 tcp ntp filtered
27968.113.216.185 123 udp ntp unknown
27978.113.216.185 137 tcp netbios-ns filtered
27988.113.216.185 137 udp netbios-ns filtered
27998.113.216.185 138 tcp netbios-dgm filtered
28008.113.216.185 138 udp netbios-dgm filtered
28018.113.216.185 139 tcp netbios-ssn closed
28028.113.216.185 139 udp netbios-ssn unknown
28038.113.216.185 161 tcp snmp filtered
28048.113.216.185 161 udp snmp unknown
28058.113.216.185 162 tcp snmptrap filtered
28068.113.216.185 162 udp snmptrap unknown
28078.113.216.185 389 tcp ldap filtered
28088.113.216.185 389 udp ldap unknown
28098.113.216.185 445 tcp microsoft-ds closed
28108.113.216.185 520 tcp efs filtered
28118.113.216.185 520 udp route unknown
28128.113.216.185 2049 tcp nfs filtered
28138.113.216.185 2049 udp nfs unknown
281423.194.8.156 53 tcp domain filtered
281523.194.8.156 53 udp domain unknown
281623.194.8.156 67 tcp dhcps filtered
281723.194.8.156 67 udp dhcps unknown
281823.194.8.156 68 tcp dhcpc filtered
281923.194.8.156 68 udp dhcpc unknown
282023.194.8.156 69 tcp tftp filtered
282123.194.8.156 69 udp tftp unknown
282223.194.8.156 88 tcp kerberos-sec filtered
282323.194.8.156 88 udp kerberos-sec unknown
282423.194.8.156 123 tcp ntp filtered
282523.194.8.156 123 udp ntp unknown
282623.194.8.156 137 tcp netbios-ns filtered
282723.194.8.156 137 udp netbios-ns filtered
282823.194.8.156 138 tcp netbios-dgm filtered
282923.194.8.156 138 udp netbios-dgm filtered
283023.194.8.156 139 tcp netbios-ssn closed
283123.194.8.156 139 udp netbios-ssn unknown
283223.194.8.156 161 tcp snmp filtered
283323.194.8.156 161 udp snmp unknown
283423.194.8.156 162 tcp snmptrap filtered
283523.194.8.156 162 udp snmptrap unknown
283623.194.8.156 389 tcp ldap filtered
283723.194.8.156 389 udp ldap unknown
283823.194.8.156 520 tcp efs filtered
283923.194.8.156 520 udp route unknown
284023.194.8.156 2049 tcp nfs filtered
284123.194.8.156 2049 udp nfs unknown
284223.201.103.9 25 tcp smtp closed
284323.201.103.9 53 tcp domain filtered
284423.201.103.9 53 udp domain unknown
284523.201.103.9 67 tcp dhcps filtered
284623.201.103.9 67 udp dhcps unknown
284723.201.103.9 68 tcp dhcpc filtered
284823.201.103.9 68 udp dhcpc unknown
284923.201.103.9 69 tcp tftp filtered
285023.201.103.9 69 udp tftp unknown
285123.201.103.9 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
285223.201.103.9 88 tcp kerberos-sec filtered
285323.201.103.9 88 udp kerberos-sec unknown
285423.201.103.9 123 tcp ntp filtered
285523.201.103.9 123 udp ntp unknown
285623.201.103.9 137 tcp netbios-ns filtered
285723.201.103.9 137 udp netbios-ns filtered
285823.201.103.9 138 tcp netbios-dgm filtered
285923.201.103.9 138 udp netbios-dgm filtered
286023.201.103.9 139 tcp netbios-ssn closed
286123.201.103.9 139 udp netbios-ssn unknown
286223.201.103.9 161 tcp snmp filtered
286323.201.103.9 161 udp snmp unknown
286423.201.103.9 162 tcp snmptrap filtered
286523.201.103.9 162 udp snmptrap unknown
286623.201.103.9 389 tcp ldap filtered
286723.201.103.9 389 udp ldap unknown
286823.201.103.9 443 tcp ssl/http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
286923.201.103.9 445 tcp microsoft-ds closed
287023.201.103.9 520 tcp efs filtered
287123.201.103.9 520 udp route unknown
287223.201.103.9 2049 tcp nfs filtered
287323.201.103.9 2049 udp nfs unknown
287423.201.103.9 8883 tcp secure-mqtt open
287534.66.191.217 25 tcp smtp closed
287634.66.191.217 53 tcp domain filtered
287734.66.191.217 53 udp domain unknown
287834.66.191.217 67 tcp dhcps filtered
287934.66.191.217 67 udp dhcps unknown
288034.66.191.217 68 tcp dhcpc filtered
288134.66.191.217 68 udp dhcpc unknown
288234.66.191.217 69 tcp tftp filtered
288334.66.191.217 69 udp tftp unknown
288434.66.191.217 80 tcp http open nginx
288534.66.191.217 88 tcp kerberos-sec filtered
288634.66.191.217 88 udp kerberos-sec unknown
288734.66.191.217 123 tcp ntp filtered
288834.66.191.217 123 udp ntp unknown
288934.66.191.217 137 tcp netbios-ns filtered
289034.66.191.217 137 udp netbios-ns filtered
289134.66.191.217 138 tcp netbios-dgm filtered
289234.66.191.217 138 udp netbios-dgm filtered
289334.66.191.217 139 tcp netbios-ssn closed
289434.66.191.217 139 udp netbios-ssn unknown
289534.66.191.217 161 tcp snmp filtered
289634.66.191.217 161 udp snmp unknown
289734.66.191.217 162 tcp snmptrap filtered
289834.66.191.217 162 udp snmptrap unknown
289934.66.191.217 389 tcp ldap filtered
290034.66.191.217 389 udp ldap unknown
290134.66.191.217 443 tcp ssl/http open nginx
290234.66.191.217 445 tcp microsoft-ds closed
290334.66.191.217 520 tcp efs filtered
290434.66.191.217 520 udp route unknown
290534.66.191.217 2049 tcp nfs filtered
290634.66.191.217 2049 udp nfs unknown
290734.66.191.217 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
290834.210.57.231 25 tcp smtp closed
290934.210.57.231 53 tcp domain filtered
291034.210.57.231 53 udp domain unknown
291134.210.57.231 67 tcp dhcps filtered
291234.210.57.231 67 udp dhcps unknown
291334.210.57.231 68 tcp dhcpc filtered
291434.210.57.231 68 udp dhcpc unknown
291534.210.57.231 69 tcp tftp filtered
291634.210.57.231 69 udp tftp unknown
291734.210.57.231 80 tcp http open awselb/2.0
291834.210.57.231 88 tcp kerberos-sec filtered
291934.210.57.231 88 udp kerberos-sec unknown
292034.210.57.231 123 tcp ntp filtered
292134.210.57.231 123 udp ntp unknown
292234.210.57.231 137 tcp netbios-ns filtered
292334.210.57.231 137 udp netbios-ns filtered
292434.210.57.231 138 tcp netbios-dgm filtered
292534.210.57.231 138 udp netbios-dgm filtered
292634.210.57.231 139 tcp netbios-ssn closed
292734.210.57.231 139 udp netbios-ssn unknown
292834.210.57.231 161 tcp snmp filtered
292934.210.57.231 161 udp snmp unknown
293034.210.57.231 162 tcp snmptrap filtered
293134.210.57.231 162 udp snmptrap unknown
293234.210.57.231 389 tcp ldap filtered
293334.210.57.231 389 udp ldap unknown
293434.210.57.231 443 tcp ssl/http open nginx 1.10.3
293534.210.57.231 445 tcp microsoft-ds closed
293634.210.57.231 520 tcp efs filtered
293734.210.57.231 520 udp route unknown
293834.210.57.231 2049 tcp nfs filtered
293934.210.57.231 2049 udp nfs unknown
294045.60.80.235 53 tcp domain open
294145.60.80.235 53 udp domain open
294245.60.80.235 67 udp dhcps unknown
294345.60.80.235 68 udp dhcpc unknown
294445.60.80.235 69 udp tftp unknown
294545.60.80.235 80 tcp http open Incapsula CDN httpd
294645.60.80.235 81 tcp http open Incapsula CDN httpd
294745.60.80.235 85 tcp http open Incapsula CDN httpd
294845.60.80.235 88 tcp http open Incapsula CDN httpd
294945.60.80.235 88 udp kerberos-sec unknown
295045.60.80.235 123 udp ntp unknown
295145.60.80.235 139 udp netbios-ssn unknown
295245.60.80.235 161 udp snmp unknown
295345.60.80.235 162 udp snmptrap unknown
295445.60.80.235 389 tcp ssl/http open Incapsula CDN httpd
295545.60.80.235 389 udp ldap unknown
295645.60.80.235 443 tcp ssl/http open Incapsula CDN httpd
295745.60.80.235 444 tcp ssl/http open Incapsula CDN httpd
295845.60.80.235 446 tcp http open Incapsula CDN httpd
295945.60.80.235 520 udp route unknown
296045.60.80.235 587 tcp http open Incapsula CDN httpd
296145.60.80.235 631 tcp http open Incapsula CDN httpd
296245.60.80.235 888 tcp http open Incapsula CDN httpd
296345.60.80.235 995 tcp ssl/http open Incapsula CDN httpd
296445.60.80.235 998 tcp ssl/http open Incapsula CDN httpd
296545.60.80.235 999 tcp http open Incapsula CDN httpd
296645.60.80.235 1000 tcp http open Incapsula CDN httpd
296745.60.80.235 1024 tcp http open Incapsula CDN httpd
296845.60.80.235 1103 tcp http open Incapsula CDN httpd
296945.60.80.235 1234 tcp http open Incapsula CDN httpd
297045.60.80.235 1433 tcp http open Incapsula CDN httpd
297145.60.80.235 1494 tcp http open Incapsula CDN httpd
297245.60.80.235 2000 tcp ssl/http open Incapsula CDN httpd
297345.60.80.235 2001 tcp http open Incapsula CDN httpd
297445.60.80.235 2049 tcp http open Incapsula CDN httpd
297545.60.80.235 2049 udp nfs unknown
297645.60.80.235 2067 tcp http open Incapsula CDN httpd
297745.60.80.235 2100 tcp ssl/http open Incapsula CDN httpd
297845.60.80.235 2222 tcp http open Incapsula CDN httpd
297945.60.80.235 2598 tcp http open Incapsula CDN httpd
298045.60.80.235 3000 tcp http open Incapsula CDN httpd
298145.60.80.235 3050 tcp http open Incapsula CDN httpd
298245.60.80.235 3057 tcp http open Incapsula CDN httpd
298345.60.80.235 3299 tcp http open Incapsula CDN httpd
298445.60.80.235 3306 tcp ssl/http open Incapsula CDN httpd
298545.60.80.235 3333 tcp http open Incapsula CDN httpd
298645.60.80.235 3389 tcp ssl/http open Incapsula CDN httpd
298745.60.80.235 3500 tcp http open Incapsula CDN httpd
298845.60.80.235 3790 tcp http open Incapsula CDN httpd
298945.60.80.235 4000 tcp http open Incapsula CDN httpd
299045.60.80.235 4444 tcp ssl/http open Incapsula CDN httpd
299145.60.80.235 4445 tcp ssl/http open Incapsula CDN httpd
299245.60.80.235 5000 tcp http open Incapsula CDN httpd
299345.60.80.235 5009 tcp http open Incapsula CDN httpd
299445.60.80.235 5060 tcp ssl/http open Incapsula CDN httpd
299545.60.80.235 5061 tcp ssl/http open Incapsula CDN httpd
299645.60.80.235 5227 tcp ssl/http open Incapsula CDN httpd
299745.60.80.235 5247 tcp ssl/http open Incapsula CDN httpd
299845.60.80.235 5250 tcp ssl/http open Incapsula CDN httpd
299945.60.80.235 5555 tcp http open Incapsula CDN httpd
300045.60.80.235 5900 tcp http open Incapsula CDN httpd
300145.60.80.235 5901 tcp ssl/http open Incapsula CDN httpd
300245.60.80.235 5902 tcp ssl/http open Incapsula CDN httpd
300345.60.80.235 5903 tcp ssl/http open Incapsula CDN httpd
300445.60.80.235 5904 tcp ssl/http open Incapsula CDN httpd
300545.60.80.235 5905 tcp ssl/http open Incapsula CDN httpd
300645.60.80.235 5906 tcp ssl/http open Incapsula CDN httpd
300745.60.80.235 5907 tcp ssl/http open Incapsula CDN httpd
300845.60.80.235 5908 tcp ssl/http open Incapsula CDN httpd
300945.60.80.235 5909 tcp ssl/http open Incapsula CDN httpd
301045.60.80.235 5910 tcp ssl/http open Incapsula CDN httpd
301145.60.80.235 5920 tcp ssl/http open Incapsula CDN httpd
301245.60.80.235 5984 tcp ssl/http open Incapsula CDN httpd
301345.60.80.235 5985 tcp http open Incapsula CDN httpd
301445.60.80.235 5986 tcp ssl/http open Incapsula CDN httpd
301545.60.80.235 5999 tcp ssl/http open Incapsula CDN httpd
301645.60.80.235 6000 tcp http open Incapsula CDN httpd
301745.60.80.235 6060 tcp http open Incapsula CDN httpd
301845.60.80.235 6161 tcp http open Incapsula CDN httpd
301945.60.80.235 6379 tcp http open Incapsula CDN httpd
302045.60.80.235 6661 tcp ssl/http open Incapsula CDN httpd
302145.60.80.235 6789 tcp http open Incapsula CDN httpd
302245.60.80.235 7001 tcp http open Incapsula CDN httpd
302345.60.80.235 7021 tcp http open Incapsula CDN httpd
302445.60.80.235 7071 tcp ssl/http open Incapsula CDN httpd
302545.60.80.235 7080 tcp http open Incapsula CDN httpd
302645.60.80.235 7272 tcp ssl/http open Incapsula CDN httpd
302745.60.80.235 7443 tcp ssl/http open Incapsula CDN httpd
302845.60.80.235 7700 tcp http open Incapsula CDN httpd
302945.60.80.235 7777 tcp http open Incapsula CDN httpd
303045.60.80.235 7778 tcp http open Incapsula CDN httpd
303145.60.80.235 8000 tcp http open Incapsula CDN httpd
303245.60.80.235 8001 tcp http open Incapsula CDN httpd
303345.60.80.235 8008 tcp http open Incapsula CDN httpd
303445.60.80.235 8014 tcp http open Incapsula CDN httpd
303545.60.80.235 8020 tcp http open Incapsula CDN httpd
303645.60.80.235 8023 tcp http open Incapsula CDN httpd
303745.60.80.235 8028 tcp http open Incapsula CDN httpd
303845.60.80.235 8030 tcp http open Incapsula CDN httpd
303945.60.80.235 8050 tcp http open Incapsula CDN httpd
304045.60.80.235 8051 tcp http open Incapsula CDN httpd
304145.60.80.235 8080 tcp http open Incapsula CDN httpd
304245.60.80.235 8081 tcp http open Incapsula CDN httpd
304345.60.80.235 8082 tcp http open Incapsula CDN httpd
304445.60.80.235 8085 tcp http open Incapsula CDN httpd
304545.60.80.235 8086 tcp http open Incapsula CDN httpd
304645.60.80.235 8087 tcp http open Incapsula CDN httpd
304745.60.80.235 8088 tcp http open Incapsula CDN httpd
304845.60.80.235 8090 tcp http open Incapsula CDN httpd
304945.60.80.235 8091 tcp http open Incapsula CDN httpd
305045.60.80.235 8095 tcp http open Incapsula CDN httpd
305145.60.80.235 8101 tcp http open Incapsula CDN httpd
305245.60.80.235 8161 tcp http open Incapsula CDN httpd
305345.60.80.235 8180 tcp http open Incapsula CDN httpd
305445.60.80.235 8222 tcp http open Incapsula CDN httpd
305545.60.80.235 8333 tcp http open Incapsula CDN httpd
305645.60.80.235 8443 tcp ssl/http open Incapsula CDN httpd
305745.60.80.235 8444 tcp http open Incapsula CDN httpd
305845.60.80.235 8445 tcp http open Incapsula CDN httpd
305945.60.80.235 8503 tcp ssl/http open Incapsula CDN httpd
306045.60.80.235 8686 tcp http open Incapsula CDN httpd
306145.60.80.235 8787 tcp http open Incapsula CDN httpd
306245.60.80.235 8800 tcp http open Incapsula CDN httpd
306345.60.80.235 8812 tcp http open Incapsula CDN httpd
306445.60.80.235 8834 tcp http open Incapsula CDN httpd
306545.60.80.235 8880 tcp http open Incapsula CDN httpd
306645.60.80.235 8888 tcp http open Incapsula CDN httpd
306745.60.80.235 8890 tcp http open Incapsula CDN httpd
306845.60.80.235 8899 tcp http open Incapsula CDN httpd
306945.60.80.235 8901 tcp http open Incapsula CDN httpd
307045.60.80.235 8902 tcp http open Incapsula CDN httpd
307145.60.80.235 8999 tcp http open Incapsula CDN httpd
307245.60.80.235 9000 tcp http open Incapsula CDN httpd
307345.60.80.235 9001 tcp http open Incapsula CDN httpd
307445.60.80.235 9002 tcp http open Incapsula CDN httpd
307545.60.80.235 9003 tcp http open Incapsula CDN httpd
307645.60.80.235 9004 tcp http open Incapsula CDN httpd
307745.60.80.235 9005 tcp http open Incapsula CDN httpd
307845.60.80.235 9010 tcp http open Incapsula CDN httpd
307945.60.80.235 9050 tcp http open Incapsula CDN httpd
308045.60.80.235 9080 tcp http open Incapsula CDN httpd
308145.60.80.235 9081 tcp ssl/http open Incapsula CDN httpd
308245.60.80.235 9084 tcp http open Incapsula CDN httpd
308345.60.80.235 9090 tcp http open Incapsula CDN httpd
308445.60.80.235 9099 tcp http open Incapsula CDN httpd
308545.60.80.235 9100 tcp jetdirect open
308645.60.80.235 9111 tcp http open Incapsula CDN httpd
308745.60.80.235 9200 tcp http open Incapsula CDN httpd
308845.60.80.235 9300 tcp http open Incapsula CDN httpd
308945.60.80.235 9500 tcp http open Incapsula CDN httpd
309045.60.80.235 9711 tcp ssl/http open Incapsula CDN httpd
309145.60.80.235 9991 tcp http open Incapsula CDN httpd
309245.60.80.235 9999 tcp http open Incapsula CDN httpd
309345.60.80.235 10000 tcp http open Incapsula CDN httpd
309452.11.234.150 25 tcp smtp closed
309552.11.234.150 53 tcp domain filtered
309652.11.234.150 53 udp domain unknown
309752.11.234.150 67 tcp dhcps filtered
309852.11.234.150 67 udp dhcps unknown
309952.11.234.150 68 tcp dhcpc filtered
310052.11.234.150 68 udp dhcpc unknown
310152.11.234.150 69 tcp tftp filtered
310252.11.234.150 69 udp tftp unknown
310352.11.234.150 80 tcp http open awselb/2.0
310452.11.234.150 88 tcp kerberos-sec filtered
310552.11.234.150 88 udp kerberos-sec unknown
310652.11.234.150 123 tcp ntp filtered
310752.11.234.150 123 udp ntp unknown
310852.11.234.150 137 tcp netbios-ns filtered
310952.11.234.150 137 udp netbios-ns filtered
311052.11.234.150 138 tcp netbios-dgm filtered
311152.11.234.150 138 udp netbios-dgm filtered
311252.11.234.150 139 tcp netbios-ssn closed
311352.11.234.150 139 udp netbios-ssn unknown
311452.11.234.150 161 tcp snmp filtered
311552.11.234.150 161 udp snmp unknown
311652.11.234.150 162 tcp snmptrap filtered
311752.11.234.150 162 udp snmptrap unknown
311852.11.234.150 389 tcp ldap filtered
311952.11.234.150 389 udp ldap unknown
312052.11.234.150 443 tcp ssl/http open nginx 1.10.3
312152.11.234.150 445 tcp microsoft-ds closed
312252.11.234.150 520 tcp efs filtered
312352.11.234.150 520 udp route unknown
312452.11.234.150 2049 tcp nfs filtered
312552.11.234.150 2049 udp nfs unknown
312652.35.54.14 53 tcp domain filtered
312752.35.54.14 53 udp domain unknown
312852.35.54.14 67 tcp dhcps filtered
312952.35.54.14 67 udp dhcps unknown
313052.35.54.14 68 tcp dhcpc filtered
313152.35.54.14 68 udp dhcpc unknown
313252.35.54.14 69 tcp tftp filtered
313352.35.54.14 69 udp tftp unknown
313452.35.54.14 88 tcp kerberos-sec filtered
313552.35.54.14 88 udp kerberos-sec unknown
313652.35.54.14 123 tcp ntp filtered
313752.35.54.14 123 udp ntp unknown
313852.35.54.14 137 tcp netbios-ns filtered
313952.35.54.14 137 udp netbios-ns filtered
314052.35.54.14 138 tcp netbios-dgm filtered
314152.35.54.14 138 udp netbios-dgm filtered
314252.35.54.14 139 tcp netbios-ssn closed
314352.35.54.14 139 udp netbios-ssn unknown
314452.35.54.14 161 tcp snmp filtered
314552.35.54.14 161 udp snmp unknown
314652.35.54.14 162 tcp snmptrap filtered
314752.35.54.14 162 udp snmptrap unknown
314852.35.54.14 389 tcp ldap filtered
314952.35.54.14 389 udp ldap unknown
315052.35.54.14 520 tcp efs filtered
315152.35.54.14 520 udp route unknown
315252.35.54.14 2049 tcp nfs filtered
315352.35.54.14 2049 udp nfs unknown
315452.198.183.13 25 tcp smtp closed
315552.198.183.13 53 tcp domain filtered
315652.198.183.13 53 udp domain unknown
315752.198.183.13 67 tcp dhcps filtered
315852.198.183.13 67 udp dhcps unknown
315952.198.183.13 68 tcp dhcpc filtered
316052.198.183.13 68 udp dhcpc unknown
316152.198.183.13 69 tcp tftp filtered
316252.198.183.13 69 udp tftp unknown
316352.198.183.13 80 tcp http open nginx
316452.198.183.13 88 tcp kerberos-sec filtered
316552.198.183.13 88 udp kerberos-sec unknown
316652.198.183.13 123 tcp ntp filtered
316752.198.183.13 123 udp ntp unknown
316852.198.183.13 137 tcp netbios-ns filtered
316952.198.183.13 137 udp netbios-ns filtered
317052.198.183.13 138 tcp netbios-dgm filtered
317152.198.183.13 138 udp netbios-dgm filtered
317252.198.183.13 139 tcp netbios-ssn closed
317352.198.183.13 139 udp netbios-ssn unknown
317452.198.183.13 161 tcp snmp filtered
317552.198.183.13 161 udp snmp unknown
317652.198.183.13 162 tcp snmptrap filtered
317752.198.183.13 162 udp snmptrap unknown
317852.198.183.13 389 tcp ldap filtered
317952.198.183.13 389 udp ldap unknown
318052.198.183.13 443 tcp ssl/http open nginx
318152.198.183.13 445 tcp microsoft-ds closed
318252.198.183.13 520 tcp efs filtered
318352.198.183.13 520 udp route unknown
318452.198.183.13 2049 tcp nfs filtered
318552.198.183.13 2049 udp nfs unknown
318654.73.84.17 25 tcp smtp closed
318754.73.84.17 53 tcp domain filtered
318854.73.84.17 53 udp domain unknown
318954.73.84.17 67 tcp dhcps filtered
319054.73.84.17 67 udp dhcps unknown
319154.73.84.17 68 tcp dhcpc filtered
319254.73.84.17 68 udp dhcpc unknown
319354.73.84.17 69 tcp tftp filtered
319454.73.84.17 69 udp tftp unknown
319554.73.84.17 88 tcp kerberos-sec filtered
319654.73.84.17 88 udp kerberos-sec unknown
319754.73.84.17 123 tcp ntp filtered
319854.73.84.17 123 udp ntp unknown
319954.73.84.17 137 tcp netbios-ns filtered
320054.73.84.17 137 udp netbios-ns filtered
320154.73.84.17 138 tcp netbios-dgm filtered
320254.73.84.17 138 udp netbios-dgm filtered
320354.73.84.17 139 tcp netbios-ssn closed
320454.73.84.17 139 udp netbios-ssn unknown
320554.73.84.17 161 tcp snmp filtered
320654.73.84.17 161 udp snmp unknown
320754.73.84.17 162 tcp snmptrap filtered
320854.73.84.17 162 udp snmptrap unknown
320954.73.84.17 389 tcp ldap filtered
321054.73.84.17 389 udp ldap unknown
321154.73.84.17 445 tcp microsoft-ds closed
321254.73.84.17 520 tcp efs filtered
321354.73.84.17 520 udp route unknown
321454.73.84.17 2049 tcp nfs filtered
321554.73.84.17 2049 udp nfs unknown
321672.47.224.85 25 tcp smtp closed
321772.47.224.85 53 tcp domain filtered
321872.47.224.85 53 udp domain unknown
321972.47.224.85 67 tcp dhcps filtered
322072.47.224.85 67 udp dhcps unknown
322172.47.224.85 68 tcp dhcpc filtered
322272.47.224.85 68 udp dhcpc unknown
322372.47.224.85 69 tcp tftp filtered
322472.47.224.85 69 udp tftp unknown
322572.47.224.85 80 tcp http open Apache httpd 2.4.39
322672.47.224.85 88 tcp kerberos-sec filtered
322772.47.224.85 88 udp kerberos-sec unknown
322872.47.224.85 110 tcp pop3 open Dovecot pop3d
322972.47.224.85 123 tcp ntp filtered
323072.47.224.85 123 udp ntp unknown
323172.47.224.85 137 tcp netbios-ns filtered
323272.47.224.85 137 udp netbios-ns filtered
323372.47.224.85 138 tcp netbios-dgm filtered
323472.47.224.85 138 udp netbios-dgm filtered
323572.47.224.85 139 tcp netbios-ssn closed
323672.47.224.85 139 udp netbios-ssn unknown
323772.47.224.85 143 tcp imap open Dovecot imapd
323872.47.224.85 161 tcp snmp filtered
323972.47.224.85 161 udp snmp unknown
324072.47.224.85 162 tcp snmptrap filtered
324172.47.224.85 162 udp snmptrap unknown
324272.47.224.85 389 tcp ldap filtered
324372.47.224.85 389 udp ldap unknown
324472.47.224.85 443 tcp ssl/http open nginx 1.16.1
324572.47.224.85 445 tcp microsoft-ds closed
324672.47.224.85 465 tcp ssl/smtp open Exim smtpd 4.84_2
324772.47.224.85 520 tcp efs filtered
324872.47.224.85 520 udp route unknown
324972.47.224.85 587 tcp smtp open Exim smtpd 4.84_2
325072.47.224.85 993 tcp ssl/imaps open
325172.47.224.85 995 tcp ssl/pop3s open
325272.47.224.85 2049 tcp nfs filtered
325372.47.224.85 2049 udp nfs unknown
325480.82.79.116 21 tcp ftp open 220 (vsFTPd 3.0.2)\x0d\x0a
325580.82.79.116 22 tcp ssh open SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
325680.82.79.116 53 tcp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
325780.82.79.116 53 udp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
325880.82.79.116 67 tcp dhcps closed
325980.82.79.116 67 udp dhcps closed
326080.82.79.116 68 tcp dhcpc closed
326180.82.79.116 68 udp dhcpc closed
326280.82.79.116 69 tcp tftp closed
326380.82.79.116 69 udp tftp unknown
326480.82.79.116 88 tcp kerberos-sec closed
326580.82.79.116 88 udp kerberos-sec unknown
326680.82.79.116 123 tcp ntp closed
326780.82.79.116 123 udp ntp unknown
326880.82.79.116 137 tcp netbios-ns closed
326980.82.79.116 137 udp netbios-ns filtered
327080.82.79.116 138 tcp netbios-dgm closed
327180.82.79.116 138 udp netbios-dgm filtered
327280.82.79.116 139 tcp netbios-ssn closed
327380.82.79.116 139 udp netbios-ssn unknown
327480.82.79.116 161 tcp snmp closed
327580.82.79.116 161 udp snmp closed
327680.82.79.116 162 tcp snmptrap closed
327780.82.79.116 162 udp snmptrap closed
327880.82.79.116 389 tcp ldap closed
327980.82.79.116 389 udp ldap closed
328080.82.79.116 520 tcp efs closed
328180.82.79.116 520 udp route closed
328280.82.79.116 2049 tcp nfs closed
328380.82.79.116 2049 udp nfs unknown
328480.209.242.81 21 tcp ftp open 220 FTP Server ready.\x0d\x0a
328580.209.242.81 22 tcp ssh open SSH-2.0-OpenSSH_7.4
328680.209.242.81 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
328780.209.242.81 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
328880.209.242.81 67 tcp dhcps filtered
328980.209.242.81 67 udp dhcps unknown
329080.209.242.81 68 tcp dhcpc filtered
329180.209.242.81 68 udp dhcpc unknown
329280.209.242.81 69 tcp tftp filtered
329380.209.242.81 69 udp tftp unknown
329480.209.242.81 88 tcp kerberos-sec filtered
329580.209.242.81 88 udp kerberos-sec unknown
329680.209.242.81 123 tcp ntp filtered
329780.209.242.81 123 udp ntp unknown
329880.209.242.81 137 tcp netbios-ns filtered
329980.209.242.81 137 udp netbios-ns filtered
330080.209.242.81 138 tcp netbios-dgm filtered
330180.209.242.81 138 udp netbios-dgm filtered
330280.209.242.81 139 tcp netbios-ssn closed
330380.209.242.81 139 udp netbios-ssn unknown
330480.209.242.81 161 tcp snmp filtered
330580.209.242.81 161 udp snmp unknown
330680.209.242.81 162 tcp snmptrap filtered
330780.209.242.81 162 udp snmptrap unknown
330880.209.242.81 389 tcp ldap filtered
330980.209.242.81 389 udp ldap filtered
331080.209.242.81 520 tcp efs filtered
331180.209.242.81 520 udp route unknown
331280.209.242.81 2049 tcp nfs filtered
331380.209.242.81 2049 udp nfs unknown
331482.221.136.4 21 tcp ftp open Your connection to this server has been blocked in this server's firewall.\x0d\x0aYou need to contact the server owner for further information.\x0d\x0a
331582.221.136.4 53 tcp domain filtered
331682.221.136.4 53 udp domain unknown
331782.221.136.4 67 tcp dhcps filtered
331882.221.136.4 67 udp dhcps unknown
331982.221.136.4 68 tcp dhcpc filtered
332082.221.136.4 68 udp dhcpc unknown
332182.221.136.4 69 tcp tftp filtered
332282.221.136.4 69 udp tftp unknown
332382.221.136.4 88 tcp kerberos-sec filtered
332482.221.136.4 88 udp kerberos-sec unknown
332582.221.136.4 123 tcp ntp filtered
332682.221.136.4 123 udp ntp unknown
332782.221.136.4 137 tcp netbios-ns filtered
332882.221.136.4 137 udp netbios-ns filtered
332982.221.136.4 138 tcp netbios-dgm filtered
333082.221.136.4 138 udp netbios-dgm filtered
333182.221.136.4 139 tcp netbios-ssn closed
333282.221.136.4 139 udp netbios-ssn unknown
333382.221.136.4 161 tcp snmp filtered
333482.221.136.4 161 udp snmp unknown
333582.221.136.4 162 tcp snmptrap filtered
333682.221.136.4 162 udp snmptrap unknown
333782.221.136.4 389 tcp ldap filtered
333882.221.136.4 389 udp ldap unknown
333982.221.136.4 520 tcp efs filtered
334082.221.136.4 520 udp route unknown
334182.221.136.4 2049 tcp nfs filtered
334282.221.136.4 2049 udp nfs unknown
334382.221.139.217 22 tcp ssh open SSH-2.0-OpenSSH_5.3
334484.235.91.252 25 tcp smtp closed
334584.235.91.252 53 tcp domain filtered
334684.235.91.252 53 udp domain unknown
334784.235.91.252 67 tcp dhcps filtered
334884.235.91.252 67 udp dhcps unknown
334984.235.91.252 68 tcp dhcpc filtered
335084.235.91.252 68 udp dhcpc unknown
335184.235.91.252 69 tcp tftp filtered
335284.235.91.252 69 udp tftp unknown
335384.235.91.252 88 tcp kerberos-sec filtered
335484.235.91.252 88 udp kerberos-sec unknown
335584.235.91.252 123 tcp ntp filtered
335684.235.91.252 123 udp ntp unknown
335784.235.91.252 137 tcp netbios-ns filtered
335884.235.91.252 137 udp netbios-ns filtered
335984.235.91.252 138 tcp netbios-dgm filtered
336084.235.91.252 138 udp netbios-dgm filtered
336184.235.91.252 139 tcp netbios-ssn closed
336284.235.91.252 139 udp netbios-ssn unknown
336384.235.91.252 161 tcp snmp filtered
336484.235.91.252 161 udp snmp unknown
336584.235.91.252 162 tcp snmptrap filtered
336684.235.91.252 162 udp snmptrap unknown
336784.235.91.252 389 tcp ldap filtered
336884.235.91.252 389 udp ldap unknown
336984.235.91.252 445 tcp microsoft-ds closed
337084.235.91.252 520 tcp efs filtered
337184.235.91.252 520 udp route unknown
337284.235.91.252 2049 tcp nfs filtered
337384.235.91.252 2049 udp nfs unknown
337485.25.208.92 22 tcp ssh open SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
337585.25.208.92 53 tcp domain closed
337685.25.208.92 53 udp domain closed
337785.25.208.92 67 tcp dhcps closed
337885.25.208.92 67 udp dhcps closed
337985.25.208.92 68 tcp dhcpc closed
338085.25.208.92 68 udp dhcpc closed
338185.25.208.92 69 tcp tftp closed
338285.25.208.92 69 udp tftp unknown
338385.25.208.92 88 tcp kerberos-sec closed
338485.25.208.92 88 udp kerberos-sec unknown
338585.25.208.92 123 tcp ntp closed
338685.25.208.92 123 udp ntp open
338785.25.208.92 137 tcp netbios-ns closed
338885.25.208.92 137 udp netbios-ns filtered
338985.25.208.92 138 tcp netbios-dgm closed
339085.25.208.92 138 udp netbios-dgm filtered
339185.25.208.92 139 tcp netbios-ssn closed
339285.25.208.92 139 udp netbios-ssn closed
339385.25.208.92 161 tcp snmp closed
339485.25.208.92 161 udp snmp closed
339585.25.208.92 162 tcp snmptrap closed
339685.25.208.92 162 udp snmptrap closed
339785.25.208.92 389 tcp ldap closed
339885.25.208.92 389 udp ldap unknown
339985.25.208.92 520 tcp efs closed
340085.25.208.92 520 udp route closed
340185.25.208.92 2049 tcp nfs closed
340285.25.208.92 2049 udp nfs closed
340387.247.240.207 21 tcp ftp open ProFTPD
340487.247.240.207 22 tcp ssh open OpenSSH 7.4 protocol 2.0
340587.247.240.207 67 udp dhcps unknown
340687.247.240.207 68 udp dhcpc unknown
340787.247.240.207 69 udp tftp unknown
340887.247.240.207 80 tcp http open Apache httpd
340987.247.240.207 88 udp kerberos-sec unknown
341087.247.240.207 110 tcp pop3 open Dovecot pop3d
341187.247.240.207 123 udp ntp unknown
341287.247.240.207 139 udp netbios-ssn unknown
341387.247.240.207 143 tcp imap open Dovecot imapd
341487.247.240.207 161 udp snmp unknown
341587.247.240.207 162 udp snmptrap unknown
341687.247.240.207 389 udp ldap unknown
341787.247.240.207 443 tcp ssl/http open Apache httpd
341887.247.240.207 465 tcp ssl/smtp open Exim smtpd 4.92
341987.247.240.207 520 udp route unknown
342087.247.240.207 587 tcp smtp open Exim smtpd 4.92
342187.247.240.207 993 tcp ssl/imaps open
342287.247.240.207 995 tcp ssl/pop3s open
342387.247.240.207 2049 udp nfs unknown
342489.221.213.22 21 tcp ftp open vsftpd 3.0.2
342589.221.213.22 53 tcp domain filtered
342689.221.213.22 53 udp domain unknown
342789.221.213.22 67 tcp dhcps filtered
342889.221.213.22 67 udp dhcps unknown
342989.221.213.22 68 tcp dhcpc filtered
343089.221.213.22 68 udp dhcpc unknown
343189.221.213.22 69 tcp tftp filtered
343289.221.213.22 69 udp tftp unknown
343389.221.213.22 88 tcp kerberos-sec filtered
343489.221.213.22 88 udp kerberos-sec unknown
343589.221.213.22 123 tcp ntp filtered
343689.221.213.22 123 udp ntp unknown
343789.221.213.22 137 tcp netbios-ns filtered
343889.221.213.22 137 udp netbios-ns filtered
343989.221.213.22 138 tcp netbios-dgm filtered
344089.221.213.22 138 udp netbios-dgm filtered
344189.221.213.22 139 tcp netbios-ssn closed
344289.221.213.22 139 udp netbios-ssn unknown
344389.221.213.22 161 tcp snmp filtered
344489.221.213.22 161 udp snmp unknown
344589.221.213.22 162 tcp snmptrap filtered
344689.221.213.22 162 udp snmptrap unknown
344789.221.213.22 389 tcp ldap filtered
344889.221.213.22 389 udp ldap unknown
344989.221.213.22 520 tcp efs filtered
345089.221.213.22 520 udp route unknown
345189.221.213.22 2049 tcp nfs filtered
345289.221.213.22 2049 udp nfs unknown
345389.248.172.200 22 tcp ssh open SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
345489.248.172.200 53 tcp domain closed
345589.248.172.200 53 udp domain closed
345689.248.172.200 67 tcp dhcps closed
345789.248.172.200 67 udp dhcps closed
345889.248.172.200 68 tcp dhcpc closed
345989.248.172.200 68 udp dhcpc closed
346089.248.172.200 69 tcp tftp closed
346189.248.172.200 69 udp tftp closed
346289.248.172.200 88 tcp kerberos-sec closed
346389.248.172.200 88 udp kerberos-sec unknown
346489.248.172.200 123 tcp ntp closed
346589.248.172.200 123 udp ntp unknown
346689.248.172.200 137 tcp netbios-ns closed
346789.248.172.200 137 udp netbios-ns filtered
346889.248.172.200 138 tcp netbios-dgm closed
346989.248.172.200 138 udp netbios-dgm filtered
347089.248.172.200 139 tcp netbios-ssn closed
347189.248.172.200 139 udp netbios-ssn closed
347289.248.172.200 161 tcp snmp closed
347389.248.172.200 161 udp snmp closed
347489.248.172.200 162 tcp snmptrap closed
347589.248.172.200 162 udp snmptrap unknown
347689.248.172.200 389 tcp ldap closed
347789.248.172.200 389 udp ldap closed
347889.248.172.200 520 tcp efs closed
347989.248.172.200 520 udp route closed
348089.248.172.200 2049 tcp nfs closed
348189.248.172.200 2049 udp nfs unknown
348293.89.20.20 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 21:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
348393.95.228.158 22 tcp ssh open SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
348493.95.228.158 53 tcp domain closed
348593.95.228.158 53 udp domain closed
348693.95.228.158 67 tcp dhcps closed
348793.95.228.158 67 udp dhcps closed
348893.95.228.158 68 tcp dhcpc closed
348993.95.228.158 68 udp dhcpc unknown
349093.95.228.158 69 tcp tftp closed
349193.95.228.158 69 udp tftp unknown
349293.95.228.158 88 tcp kerberos-sec closed
349393.95.228.158 88 udp kerberos-sec unknown
349493.95.228.158 123 tcp ntp closed
349593.95.228.158 123 udp ntp unknown
349693.95.228.158 137 tcp netbios-ns closed
349793.95.228.158 137 udp netbios-ns filtered
349893.95.228.158 138 tcp netbios-dgm closed
349993.95.228.158 138 udp netbios-dgm filtered
350093.95.228.158 139 tcp netbios-ssn closed
350193.95.228.158 139 udp netbios-ssn closed
350293.95.228.158 161 tcp snmp closed
350393.95.228.158 161 udp snmp unknown
350493.95.228.158 162 tcp snmptrap closed
350593.95.228.158 162 udp snmptrap unknown
350693.95.228.158 389 tcp ldap closed
350793.95.228.158 389 udp ldap closed
350893.95.228.158 520 tcp efs closed
350993.95.228.158 520 udp route unknown
351093.95.228.158 2049 tcp nfs closed
351193.95.228.158 2049 udp nfs unknown
351293.113.37.250 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
351393.113.37.250 53 tcp domain open PowerDNS Authoritative Server 4.1.10
351493.113.37.250 53 udp domain open PowerDNS Authoritative Server 4.1.10
351593.113.37.250 389 udp ldap unknown
351693.113.37.250 520 udp route unknown
351793.113.37.250 2049 udp nfs unknown
351893.174.93.84 21 tcp ftp open vsftpd 3.0.2
351993.174.93.84 25 tcp smtp closed
352093.174.93.84 53 tcp domain filtered
352193.174.93.84 53 udp domain filtered
352293.174.93.84 67 tcp dhcps filtered
352393.174.93.84 67 udp dhcps filtered
352493.174.93.84 68 tcp dhcpc filtered
352593.174.93.84 68 udp dhcpc unknown
352693.174.93.84 69 tcp tftp filtered
352793.174.93.84 69 udp tftp unknown
352893.174.93.84 80 tcp http open Apache httpd 2.4.6 (CentOS) PHP/5.4.16
352993.174.93.84 88 tcp kerberos-sec filtered
353093.174.93.84 88 udp kerberos-sec unknown
353193.174.93.84 123 tcp ntp filtered
353293.174.93.84 123 udp ntp filtered
353393.174.93.84 137 tcp netbios-ns filtered
353493.174.93.84 137 udp netbios-ns filtered
353593.174.93.84 138 tcp netbios-dgm filtered
353693.174.93.84 138 udp netbios-dgm filtered
353793.174.93.84 139 tcp netbios-ssn closed
353893.174.93.84 139 udp netbios-ssn unknown
353993.174.93.84 161 tcp snmp filtered
354093.174.93.84 161 udp snmp unknown
354193.174.93.84 162 tcp snmptrap filtered
354293.174.93.84 162 udp snmptrap unknown
354393.174.93.84 389 tcp ldap filtered
354493.174.93.84 389 udp ldap filtered
354593.174.93.84 445 tcp microsoft-ds closed
354693.174.93.84 520 tcp efs filtered
354793.174.93.84 520 udp route unknown
354893.174.93.84 2049 tcp nfs filtered
354993.174.93.84 2049 udp nfs unknown
355093.191.156.197 22 tcp ssh open SSH-2.0-OpenSSH_5.3
355194.102.51.33 22 tcp ssh open
355294.102.51.33 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
355394.102.51.33 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
355494.102.51.33 67 tcp dhcps filtered
355594.102.51.33 67 udp dhcps unknown
355694.102.51.33 68 tcp dhcpc filtered
355794.102.51.33 68 udp dhcpc unknown
355894.102.51.33 69 tcp tftp filtered
355994.102.51.33 69 udp tftp unknown
356094.102.51.33 80 tcp http open nginx
356194.102.51.33 88 tcp kerberos-sec filtered
356294.102.51.33 88 udp kerberos-sec unknown
356394.102.51.33 110 tcp pop3 open Dovecot pop3d
356494.102.51.33 123 tcp ntp filtered
356594.102.51.33 123 udp ntp unknown
356694.102.51.33 137 tcp netbios-ns filtered
356794.102.51.33 137 udp netbios-ns filtered
356894.102.51.33 138 tcp netbios-dgm filtered
356994.102.51.33 138 udp netbios-dgm filtered
357094.102.51.33 139 tcp netbios-ssn closed
357194.102.51.33 139 udp netbios-ssn unknown
357294.102.51.33 143 tcp imap open Dovecot imapd
357394.102.51.33 161 tcp snmp filtered
357494.102.51.33 161 udp snmp unknown
357594.102.51.33 162 tcp snmptrap filtered
357694.102.51.33 162 udp snmptrap unknown
357794.102.51.33 389 tcp ldap filtered
357894.102.51.33 389 udp ldap unknown
357994.102.51.33 465 tcp ssl/smtp open Exim smtpd 4.89
358094.102.51.33 520 tcp efs filtered
358194.102.51.33 520 udp route unknown
358294.102.51.33 993 tcp ssl/imaps open
358394.102.51.33 995 tcp ssl/pop3s open
358494.102.51.33 2049 tcp nfs filtered
358594.102.51.33 2049 udp nfs unknown
3586104.154.60.12 25 tcp smtp closed
3587104.154.60.12 53 tcp domain filtered
3588104.154.60.12 53 udp domain unknown
3589104.154.60.12 67 tcp dhcps filtered
3590104.154.60.12 67 udp dhcps unknown
3591104.154.60.12 68 tcp dhcpc filtered
3592104.154.60.12 68 udp dhcpc unknown
3593104.154.60.12 69 tcp tftp filtered
3594104.154.60.12 69 udp tftp unknown
3595104.154.60.12 80 tcp http open nginx
3596104.154.60.12 88 tcp kerberos-sec filtered
3597104.154.60.12 88 udp kerberos-sec unknown
3598104.154.60.12 123 tcp ntp filtered
3599104.154.60.12 123 udp ntp unknown
3600104.154.60.12 137 tcp netbios-ns filtered
3601104.154.60.12 137 udp netbios-ns filtered
3602104.154.60.12 138 tcp netbios-dgm filtered
3603104.154.60.12 138 udp netbios-dgm filtered
3604104.154.60.12 139 tcp netbios-ssn closed
3605104.154.60.12 139 udp netbios-ssn unknown
3606104.154.60.12 161 tcp snmp filtered
3607104.154.60.12 161 udp snmp unknown
3608104.154.60.12 162 tcp snmptrap filtered
3609104.154.60.12 162 udp snmptrap unknown
3610104.154.60.12 389 tcp ldap filtered
3611104.154.60.12 389 udp ldap unknown
3612104.154.60.12 443 tcp ssl/http open nginx
3613104.154.60.12 445 tcp microsoft-ds closed
3614104.154.60.12 520 tcp efs filtered
3615104.154.60.12 520 udp route unknown
3616104.154.60.12 2049 tcp nfs filtered
3617104.154.60.12 2049 udp nfs unknown
3618104.154.60.12 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
3619104.218.232.66 22 tcp ssh open OpenSSH 7.4p1 Debian 10+deb9u3 protocol 2.0
3620104.218.232.66 53 tcp domain closed
3621104.218.232.66 53 udp domain unknown
3622104.218.232.66 67 tcp dhcps closed
3623104.218.232.66 67 udp dhcps unknown
3624104.218.232.66 68 tcp dhcpc closed
3625104.218.232.66 68 udp dhcpc closed
3626104.218.232.66 69 tcp tftp closed
3627104.218.232.66 69 udp tftp closed
3628104.218.232.66 80 tcp http open ngjit
3629104.218.232.66 88 tcp kerberos-sec closed
3630104.218.232.66 88 udp kerberos-sec closed
3631104.218.232.66 123 tcp ntp closed
3632104.218.232.66 123 udp ntp closed
3633104.218.232.66 137 tcp netbios-ns closed
3634104.218.232.66 137 udp netbios-ns filtered
3635104.218.232.66 138 tcp netbios-dgm closed
3636104.218.232.66 138 udp netbios-dgm filtered
3637104.218.232.66 139 tcp netbios-ssn closed
3638104.218.232.66 139 udp netbios-ssn closed
3639104.218.232.66 161 tcp snmp closed
3640104.218.232.66 161 udp snmp unknown
3641104.218.232.66 162 tcp snmptrap closed
3642104.218.232.66 162 udp snmptrap closed
3643104.218.232.66 389 tcp ldap closed
3644104.218.232.66 389 udp ldap closed
3645104.218.232.66 443 tcp ssl/https open ngjit
3646104.218.232.66 520 tcp efs closed
3647104.218.232.66 520 udp route unknown
3648104.218.232.66 2049 tcp nfs closed
3649104.218.232.66 2049 udp nfs closed
3650104.244.74.54 25 tcp smtp closed
3651104.244.74.54 53 tcp domain filtered
3652104.244.74.54 53 udp domain unknown
3653104.244.74.54 67 tcp dhcps filtered
3654104.244.74.54 67 udp dhcps unknown
3655104.244.74.54 68 tcp dhcpc filtered
3656104.244.74.54 68 udp dhcpc unknown
3657104.244.74.54 69 tcp tftp filtered
3658104.244.74.54 69 udp tftp unknown
3659104.244.74.54 80 tcp http open nginx
3660104.244.74.54 88 tcp kerberos-sec filtered
3661104.244.74.54 88 udp kerberos-sec unknown
3662104.244.74.54 123 tcp ntp filtered
3663104.244.74.54 123 udp ntp unknown
3664104.244.74.54 137 tcp netbios-ns filtered
3665104.244.74.54 137 udp netbios-ns filtered
3666104.244.74.54 138 tcp netbios-dgm filtered
3667104.244.74.54 138 udp netbios-dgm filtered
3668104.244.74.54 139 tcp netbios-ssn closed
3669104.244.74.54 139 udp netbios-ssn unknown
3670104.244.74.54 161 tcp snmp filtered
3671104.244.74.54 161 udp snmp unknown
3672104.244.74.54 162 tcp snmptrap filtered
3673104.244.74.54 162 udp snmptrap unknown
3674104.244.74.54 389 tcp ldap filtered
3675104.244.74.54 389 udp ldap unknown
3676104.244.74.54 443 tcp ssl/http open nginx
3677104.244.74.54 445 tcp microsoft-ds closed
3678104.244.74.54 520 tcp efs filtered
3679104.244.74.54 520 udp route unknown
3680104.244.74.54 2049 tcp nfs filtered
3681104.244.74.54 2049 udp nfs unknown
3682104.244.74.54 5040 tcp unknown closed
3683104.244.74.54 16001 tcp ssl/http open MiniServ 1.910 Webmin httpd
3684104.244.74.54 16221 tcp closed
3685104.244.74.54 23022 tcp closed
3686104.244.74.54 32022 tcp ssh open OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 Ubuntu Linux; protocol 2.0
3687107.154.130.27 53 tcp domain open
3688107.154.130.27 53 udp domain open
3689107.154.130.27 67 tcp dhcps filtered
3690107.154.130.27 67 udp dhcps unknown
3691107.154.130.27 68 tcp dhcpc filtered
3692107.154.130.27 68 udp dhcpc unknown
3693107.154.130.27 69 tcp tftp filtered
3694107.154.130.27 69 udp tftp unknown
3695107.154.130.27 88 tcp http open Incapsula CDN httpd
3696107.154.130.27 88 udp kerberos-sec unknown
3697107.154.130.27 123 tcp ntp filtered
3698107.154.130.27 123 udp ntp unknown
3699107.154.130.27 137 tcp netbios-ns filtered
3700107.154.130.27 137 udp netbios-ns filtered
3701107.154.130.27 138 tcp netbios-dgm filtered
3702107.154.130.27 138 udp netbios-dgm filtered
3703107.154.130.27 139 tcp netbios-ssn closed
3704107.154.130.27 139 udp netbios-ssn unknown
3705107.154.130.27 161 tcp snmp filtered
3706107.154.130.27 161 udp snmp unknown
3707107.154.130.27 162 tcp snmptrap filtered
3708107.154.130.27 162 udp snmptrap unknown
3709107.154.130.27 389 tcp ssl/http open Incapsula CDN httpd
3710107.154.130.27 389 udp ldap unknown
3711107.154.130.27 520 tcp efs filtered
3712107.154.130.27 520 udp route unknown
3713107.154.130.27 2049 tcp http open Incapsula CDN httpd
3714107.154.130.27 2049 udp nfs unknown
3715107.154.248.27 53 tcp domain open
3716107.154.248.27 80 tcp http open Incapsula CDN httpd
3717107.154.248.27 81 tcp http open Incapsula CDN httpd
3718107.154.248.27 85 tcp http open Incapsula CDN httpd
3719107.154.248.27 88 tcp http open Incapsula CDN httpd
3720107.154.248.27 389 tcp ssl/http open Incapsula CDN httpd
3721107.154.248.27 443 tcp ssl/http open Incapsula CDN httpd
3722107.154.248.27 444 tcp ssl/http open Incapsula CDN httpd
3723107.154.248.27 446 tcp http open Incapsula CDN httpd
3724107.154.248.27 587 tcp http open Incapsula CDN httpd
3725107.154.248.27 631 tcp http open Incapsula CDN httpd
3726107.154.248.27 888 tcp http open Incapsula CDN httpd
3727107.154.248.27 995 tcp ssl/http open Incapsula CDN httpd
3728107.154.248.27 998 tcp ssl/http open Incapsula CDN httpd
3729107.154.248.27 999 tcp http open Incapsula CDN httpd
3730107.154.248.27 1000 tcp http open Incapsula CDN httpd
3731107.154.248.27 1024 tcp http open Incapsula CDN httpd
3732107.154.248.27 1103 tcp http open Incapsula CDN httpd
3733107.154.248.27 1234 tcp http open Incapsula CDN httpd
3734107.154.248.27 1433 tcp http open Incapsula CDN httpd
3735107.154.248.27 1494 tcp http open Incapsula CDN httpd
3736107.154.248.27 2000 tcp ssl/http open Incapsula CDN httpd
3737107.154.248.27 2001 tcp http open Incapsula CDN httpd
3738107.154.248.27 2049 tcp http open Incapsula CDN httpd
3739107.154.248.27 2067 tcp http open Incapsula CDN httpd
3740107.154.248.27 2100 tcp ssl/http open Incapsula CDN httpd
3741107.154.248.27 2222 tcp http open Incapsula CDN httpd
3742107.154.248.27 2598 tcp http open Incapsula CDN httpd
3743107.154.248.27 3000 tcp http open Incapsula CDN httpd
3744107.154.248.27 3050 tcp http open Incapsula CDN httpd
3745107.154.248.27 3057 tcp http open Incapsula CDN httpd
3746107.154.248.27 3299 tcp http open Incapsula CDN httpd
3747107.154.248.27 3306 tcp ssl/http open Incapsula CDN httpd
3748107.154.248.27 3333 tcp http open Incapsula CDN httpd
3749107.154.248.27 3389 tcp ssl/http open Incapsula CDN httpd
3750107.154.248.27 3500 tcp http open Incapsula CDN httpd
3751107.154.248.27 3790 tcp http open Incapsula CDN httpd
3752107.154.248.27 4000 tcp http open Incapsula CDN httpd
3753107.154.248.27 4444 tcp ssl/http open Incapsula CDN httpd
3754107.154.248.27 4445 tcp ssl/http open Incapsula CDN httpd
3755107.154.248.27 5000 tcp http open Incapsula CDN httpd
3756107.154.248.27 5009 tcp http open Incapsula CDN httpd
3757107.154.248.27 5060 tcp ssl/http open Incapsula CDN httpd
3758107.154.248.27 5061 tcp ssl/http open Incapsula CDN httpd
3759107.154.248.27 5227 tcp ssl/http open Incapsula CDN httpd
3760107.154.248.27 5247 tcp ssl/http open Incapsula CDN httpd
3761107.154.248.27 5250 tcp ssl/http open Incapsula CDN httpd
3762107.154.248.27 5555 tcp http open Incapsula CDN httpd
3763107.154.248.27 5900 tcp http open Incapsula CDN httpd
3764107.154.248.27 5901 tcp ssl/http open Incapsula CDN httpd
3765107.154.248.27 5902 tcp ssl/http open Incapsula CDN httpd
3766107.154.248.27 5903 tcp ssl/http open Incapsula CDN httpd
3767107.154.248.27 5904 tcp ssl/http open Incapsula CDN httpd
3768107.154.248.27 5905 tcp ssl/http open Incapsula CDN httpd
3769107.154.248.27 5906 tcp ssl/http open Incapsula CDN httpd
3770107.154.248.27 5907 tcp ssl/http open Incapsula CDN httpd
3771107.154.248.27 5908 tcp ssl/http open Incapsula CDN httpd
3772107.154.248.27 5909 tcp ssl/http open Incapsula CDN httpd
3773107.154.248.27 5910 tcp ssl/http open Incapsula CDN httpd
3774107.154.248.27 5920 tcp ssl/http open Incapsula CDN httpd
3775107.154.248.27 5984 tcp ssl/http open Incapsula CDN httpd
3776107.154.248.27 5985 tcp http open Incapsula CDN httpd
3777107.154.248.27 5986 tcp ssl/http open Incapsula CDN httpd
3778107.154.248.27 5999 tcp ssl/http open Incapsula CDN httpd
3779107.154.248.27 6000 tcp http open Incapsula CDN httpd
3780107.154.248.27 6060 tcp http open Incapsula CDN httpd
3781107.154.248.27 6161 tcp http open Incapsula CDN httpd
3782107.154.248.27 6379 tcp http open Incapsula CDN httpd
3783107.154.248.27 6661 tcp ssl/http open Incapsula CDN httpd
3784107.154.248.27 6789 tcp http open Incapsula CDN httpd
3785107.154.248.27 7000 tcp ssl/http open Incapsula CDN httpd
3786107.154.248.27 7001 tcp http open Incapsula CDN httpd
3787107.154.248.27 7021 tcp http open Incapsula CDN httpd
3788107.154.248.27 7071 tcp ssl/http open Incapsula CDN httpd
3789107.154.248.27 7080 tcp http open Incapsula CDN httpd
3790107.154.248.27 7272 tcp ssl/http open Incapsula CDN httpd
3791107.154.248.27 7443 tcp ssl/http open Incapsula CDN httpd
3792107.154.248.27 7700 tcp http open Incapsula CDN httpd
3793107.154.248.27 7777 tcp http open Incapsula CDN httpd
3794107.154.248.27 7778 tcp http open Incapsula CDN httpd
3795107.154.248.27 8000 tcp http open Incapsula CDN httpd
3796107.154.248.27 8001 tcp http open Incapsula CDN httpd
3797107.154.248.27 8008 tcp http open Incapsula CDN httpd
3798107.154.248.27 8014 tcp http open Incapsula CDN httpd
3799107.154.248.27 8020 tcp http open Incapsula CDN httpd
3800107.154.248.27 8023 tcp http open Incapsula CDN httpd
3801107.154.248.27 8028 tcp http open Incapsula CDN httpd
3802107.154.248.27 8030 tcp http open Incapsula CDN httpd
3803107.154.248.27 8050 tcp http open Incapsula CDN httpd
3804107.154.248.27 8051 tcp http open Incapsula CDN httpd
3805107.154.248.27 8080 tcp http open Incapsula CDN httpd
3806107.154.248.27 8081 tcp http open Incapsula CDN httpd
3807107.154.248.27 8082 tcp http open Incapsula CDN httpd
3808107.154.248.27 8085 tcp http open Incapsula CDN httpd
3809107.154.248.27 8086 tcp http open Incapsula CDN httpd
3810107.154.248.27 8087 tcp http open Incapsula CDN httpd
3811107.154.248.27 8088 tcp http open Incapsula CDN httpd
3812107.154.248.27 8090 tcp http open Incapsula CDN httpd
3813107.154.248.27 8091 tcp http open Incapsula CDN httpd
3814107.154.248.27 8095 tcp http open Incapsula CDN httpd
3815107.154.248.27 8101 tcp http open Incapsula CDN httpd
3816107.154.248.27 8161 tcp http open Incapsula CDN httpd
3817107.154.248.27 8180 tcp http open Incapsula CDN httpd
3818107.154.248.27 8222 tcp http open Incapsula CDN httpd
3819107.154.248.27 8333 tcp http open Incapsula CDN httpd
3820107.154.248.27 8443 tcp ssl/http open Incapsula CDN httpd
3821107.154.248.27 8444 tcp http open Incapsula CDN httpd
3822107.154.248.27 8445 tcp http open Incapsula CDN httpd
3823107.154.248.27 8503 tcp ssl/http open Incapsula CDN httpd
3824107.154.248.27 8686 tcp http open Incapsula CDN httpd
3825107.154.248.27 8787 tcp http open Incapsula CDN httpd
3826107.154.248.27 8800 tcp http open Incapsula CDN httpd
3827107.154.248.27 8812 tcp http open Incapsula CDN httpd
3828107.154.248.27 8834 tcp http open Incapsula CDN httpd
3829107.154.248.27 8880 tcp http open Incapsula CDN httpd
3830107.154.248.27 8888 tcp http open Incapsula CDN httpd
3831107.154.248.27 8889 tcp http open Incapsula CDN httpd
3832107.154.248.27 8890 tcp http open Incapsula CDN httpd
3833107.154.248.27 8899 tcp http open Incapsula CDN httpd
3834107.154.248.27 9000 tcp http open Incapsula CDN httpd
3835107.154.248.27 9001 tcp http open Incapsula CDN httpd
3836107.154.248.27 9002 tcp http open Incapsula CDN httpd
3837107.154.248.27 9003 tcp http open Incapsula CDN httpd
3838107.154.248.27 9004 tcp http open Incapsula CDN httpd
3839107.154.248.27 9005 tcp http open Incapsula CDN httpd
3840107.154.248.27 9010 tcp http open Incapsula CDN httpd
3841107.154.248.27 9050 tcp http open Incapsula CDN httpd
3842107.154.248.27 9080 tcp http open Incapsula CDN httpd
3843107.154.248.27 9081 tcp ssl/http open Incapsula CDN httpd
3844107.154.248.27 9084 tcp http open Incapsula CDN httpd
3845107.154.248.27 9090 tcp http open Incapsula CDN httpd
3846107.154.248.27 9099 tcp http open Incapsula CDN httpd
3847107.154.248.27 9100 tcp jetdirect open
3848107.154.248.27 9111 tcp http open Incapsula CDN httpd
3849107.154.248.27 9200 tcp http open Incapsula CDN httpd
3850107.154.248.27 9300 tcp http open Incapsula CDN httpd
3851107.154.248.27 9500 tcp http open Incapsula CDN httpd
3852107.154.248.27 9711 tcp ssl/http open Incapsula CDN httpd
3853107.154.248.27 9991 tcp http open Incapsula CDN httpd
3854107.154.248.27 9999 tcp http open Incapsula CDN httpd
3855107.154.248.27 10000 tcp http open Incapsula CDN httpd
3856107.154.248.27 10001 tcp http open Incapsula CDN httpd
3857107.154.248.27 10008 tcp http open Incapsula CDN httpd
3858107.154.248.27 10443 tcp ssl/http open Incapsula CDN httpd
3859107.154.248.27 11001 tcp ssl/http open Incapsula CDN httpd
3860107.154.248.27 12174 tcp http open Incapsula CDN httpd
3861107.154.248.27 12203 tcp http open Incapsula CDN httpd
3862107.154.248.27 12221 tcp http open Incapsula CDN httpd
3863107.154.248.27 12345 tcp http open Incapsula CDN httpd
3864107.154.248.27 12397 tcp http open Incapsula CDN httpd
3865107.154.248.27 12401 tcp http open Incapsula CDN httpd
3866107.154.248.27 14330 tcp http open Incapsula CDN httpd
3867107.154.248.27 16000 tcp http open Incapsula CDN httpd
3868107.154.248.27 20000 tcp http open Incapsula CDN httpd
3869107.154.248.27 20010 tcp ssl/http open Incapsula CDN httpd
3870107.154.248.27 25000 tcp ssl/http open Incapsula CDN httpd
3871107.154.248.27 30000 tcp http open Incapsula CDN httpd
3872107.154.248.27 44334 tcp ssl/http open Incapsula CDN httpd
3873107.154.248.27 50000 tcp http open Incapsula CDN httpd
3874107.154.248.27 50001 tcp ssl/http open Incapsula CDN httpd
3875107.154.248.27 50050 tcp ssl/http open Incapsula CDN httpd
3876141.105.65.111 25 tcp smtp closed
3877141.105.65.111 53 tcp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3878141.105.65.111 53 udp domain open ISC BIND 9.8.2rc1 RedHat Enterprise Linux 6
3879141.105.65.111 67 tcp dhcps filtered
3880141.105.65.111 67 udp dhcps unknown
3881141.105.65.111 68 tcp dhcpc filtered
3882141.105.65.111 68 udp dhcpc unknown
3883141.105.65.111 69 tcp tftp filtered
3884141.105.65.111 69 udp tftp unknown
3885141.105.65.111 88 tcp kerberos-sec filtered
3886141.105.65.111 88 udp kerberos-sec unknown
3887141.105.65.111 123 tcp ntp filtered
3888141.105.65.111 123 udp ntp unknown
3889141.105.65.111 137 tcp netbios-ns filtered
3890141.105.65.111 137 udp netbios-ns filtered
3891141.105.65.111 138 tcp netbios-dgm filtered
3892141.105.65.111 138 udp netbios-dgm filtered
3893141.105.65.111 139 tcp netbios-ssn closed
3894141.105.65.111 139 udp netbios-ssn unknown
3895141.105.65.111 161 tcp snmp filtered
3896141.105.65.111 161 udp snmp unknown
3897141.105.65.111 162 tcp snmptrap filtered
3898141.105.65.111 162 udp snmptrap unknown
3899141.105.65.111 389 tcp ldap filtered
3900141.105.65.111 389 udp ldap unknown
3901141.105.65.111 445 tcp microsoft-ds closed
3902141.105.65.111 520 tcp efs filtered
3903141.105.65.111 520 udp route unknown
3904141.105.65.111 2049 tcp nfs filtered
3905141.105.65.111 2049 udp nfs unknown
3906147.237.0.206 53 udp domain unknown
3907147.237.0.206 67 udp dhcps unknown
3908147.237.0.206 68 udp dhcpc unknown
3909147.237.0.206 69 udp tftp unknown
3910147.237.0.206 80 tcp http open
3911147.237.0.206 88 udp kerberos-sec unknown
3912147.237.0.206 123 udp ntp unknown
3913147.237.0.206 139 udp netbios-ssn unknown
3914147.237.0.206 161 udp snmp unknown
3915147.237.0.206 162 udp snmptrap unknown
3916147.237.0.206 389 udp ldap unknown
3917147.237.0.206 443 tcp ssl/https open
3918147.237.0.206 520 udp route unknown
3919147.237.0.206 2049 udp nfs unknown
3920150.95.250.133 25 tcp smtp closed
3921150.95.250.133 53 tcp domain filtered
3922150.95.250.133 53 udp domain unknown
3923150.95.250.133 67 tcp dhcps filtered
3924150.95.250.133 67 udp dhcps unknown
3925150.95.250.133 68 tcp dhcpc filtered
3926150.95.250.133 68 udp dhcpc unknown
3927150.95.250.133 69 tcp tftp filtered
3928150.95.250.133 69 udp tftp unknown
3929150.95.250.133 80 tcp http open nginx
3930150.95.250.133 88 tcp kerberos-sec filtered
3931150.95.250.133 88 udp kerberos-sec unknown
3932150.95.250.133 123 tcp ntp filtered
3933150.95.250.133 123 udp ntp unknown
3934150.95.250.133 137 tcp netbios-ns filtered
3935150.95.250.133 137 udp netbios-ns filtered
3936150.95.250.133 138 tcp netbios-dgm filtered
3937150.95.250.133 138 udp netbios-dgm filtered
3938150.95.250.133 139 tcp netbios-ssn closed
3939150.95.250.133 139 udp netbios-ssn unknown
3940150.95.250.133 161 tcp snmp filtered
3941150.95.250.133 161 udp snmp unknown
3942150.95.250.133 162 tcp snmptrap filtered
3943150.95.250.133 162 udp snmptrap unknown
3944150.95.250.133 389 tcp ldap filtered
3945150.95.250.133 389 udp ldap unknown
3946150.95.250.133 443 tcp ssl/http open nginx
3947150.95.250.133 445 tcp microsoft-ds closed
3948150.95.250.133 520 tcp efs filtered
3949150.95.250.133 520 udp route unknown
3950150.95.250.133 2049 tcp nfs filtered
3951150.95.250.133 2049 udp nfs unknown
3952151.139.243.11 25 tcp smtp closed
3953151.139.243.11 53 tcp domain filtered
3954151.139.243.11 53 udp domain unknown
3955151.139.243.11 67 tcp dhcps filtered
3956151.139.243.11 67 udp dhcps unknown
3957151.139.243.11 68 tcp dhcpc filtered
3958151.139.243.11 68 udp dhcpc unknown
3959151.139.243.11 69 tcp tftp filtered
3960151.139.243.11 69 udp tftp unknown
3961151.139.243.11 80 tcp http open Varnish
3962151.139.243.11 88 tcp kerberos-sec filtered
3963151.139.243.11 88 udp kerberos-sec unknown
3964151.139.243.11 123 tcp ntp filtered
3965151.139.243.11 123 udp ntp unknown
3966151.139.243.11 137 tcp netbios-ns filtered
3967151.139.243.11 137 udp netbios-ns filtered
3968151.139.243.11 138 tcp netbios-dgm filtered
3969151.139.243.11 138 udp netbios-dgm filtered
3970151.139.243.11 139 tcp netbios-ssn closed
3971151.139.243.11 139 udp netbios-ssn unknown
3972151.139.243.11 161 tcp snmp filtered
3973151.139.243.11 161 udp snmp unknown
3974151.139.243.11 162 tcp snmptrap filtered
3975151.139.243.11 162 udp snmptrap unknown
3976151.139.243.11 389 tcp ldap filtered
3977151.139.243.11 389 udp ldap unknown
3978151.139.243.11 443 tcp ssl/http open nginx
3979151.139.243.11 445 tcp microsoft-ds closed
3980151.139.243.11 520 tcp efs filtered
3981151.139.243.11 520 udp route unknown
3982151.139.243.11 2049 tcp nfs filtered
3983151.139.243.11 2049 udp nfs unknown
3984154.73.84.17 21 tcp ftp open 220 (vsFTPd 3.0.3)\x0d\x0a
3985157.7.107.254 25 tcp smtp closed
3986157.7.107.254 53 tcp domain filtered
3987157.7.107.254 53 udp domain unknown
3988157.7.107.254 67 tcp dhcps filtered
3989157.7.107.254 67 udp dhcps unknown
3990157.7.107.254 68 tcp dhcpc filtered
3991157.7.107.254 68 udp dhcpc filtered
3992157.7.107.254 69 tcp tftp filtered
3993157.7.107.254 69 udp tftp unknown
3994157.7.107.254 80 tcp http open Apache httpd
3995157.7.107.254 88 tcp kerberos-sec filtered
3996157.7.107.254 88 udp kerberos-sec unknown
3997157.7.107.254 123 tcp ntp filtered
3998157.7.107.254 123 udp ntp unknown
3999157.7.107.254 137 tcp netbios-ns filtered
4000157.7.107.254 137 udp netbios-ns filtered
4001157.7.107.254 138 tcp netbios-dgm filtered
4002157.7.107.254 138 udp netbios-dgm filtered
4003157.7.107.254 139 tcp netbios-ssn closed
4004157.7.107.254 139 udp netbios-ssn unknown
4005157.7.107.254 161 tcp snmp filtered
4006157.7.107.254 161 udp snmp unknown
4007157.7.107.254 162 tcp snmptrap filtered
4008157.7.107.254 162 udp snmptrap unknown
4009157.7.107.254 389 tcp ldap filtered
4010157.7.107.254 389 udp ldap filtered
4011157.7.107.254 443 tcp ssl/https open Apache
4012157.7.107.254 445 tcp microsoft-ds closed
4013157.7.107.254 520 tcp efs filtered
4014157.7.107.254 520 udp route unknown
4015157.7.107.254 2049 tcp nfs filtered
4016157.7.107.254 2049 udp nfs unknown
4017159.89.0.72 22 tcp ssh open SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
4018160.153.72.166 21 tcp ftp open Pure-FTPd
4019160.153.72.166 22 tcp ssh open OpenSSH 5.3 protocol 2.0
4020160.153.72.166 53 udp domain unknown
4021160.153.72.166 67 udp dhcps unknown
4022160.153.72.166 68 udp dhcpc unknown
4023160.153.72.166 69 udp tftp unknown
4024160.153.72.166 80 tcp http open Apache httpd
4025160.153.72.166 88 udp kerberos-sec unknown
4026160.153.72.166 110 tcp pop3 open Dovecot pop3d
4027160.153.72.166 123 udp ntp unknown
4028160.153.72.166 139 udp netbios-ssn unknown
4029160.153.72.166 143 tcp imap open Dovecot imapd
4030160.153.72.166 161 udp snmp unknown
4031160.153.72.166 162 udp snmptrap unknown
4032160.153.72.166 389 udp ldap unknown
4033160.153.72.166 443 tcp ssl/http open Apache httpd
4034160.153.72.166 465 tcp ssl/smtp open Exim smtpd 4.92
4035160.153.72.166 520 udp route unknown
4036160.153.72.166 587 tcp smtp open Exim smtpd 4.92
4037160.153.72.166 993 tcp ssl/imaps open
4038160.153.72.166 995 tcp ssl/pop3s open
4039160.153.72.166 2049 udp nfs unknown
4040160.153.72.166 3306 tcp mysql open MySQL 5.6.44-cll-lve
4041163.247.52.17 25 tcp smtp closed
4042163.247.52.17 53 tcp domain filtered
4043163.247.52.17 53 udp domain unknown
4044163.247.52.17 67 tcp dhcps filtered
4045163.247.52.17 67 udp dhcps unknown
4046163.247.52.17 68 tcp dhcpc filtered
4047163.247.52.17 68 udp dhcpc unknown
4048163.247.52.17 69 tcp tftp filtered
4049163.247.52.17 69 udp tftp unknown
4050163.247.52.17 80 tcp http open Apache httpd
4051163.247.52.17 88 tcp kerberos-sec filtered
4052163.247.52.17 88 udp kerberos-sec unknown
4053163.247.52.17 113 tcp ident closed
4054163.247.52.17 123 tcp ntp filtered
4055163.247.52.17 123 udp ntp unknown
4056163.247.52.17 137 tcp netbios-ns filtered
4057163.247.52.17 137 udp netbios-ns filtered
4058163.247.52.17 138 tcp netbios-dgm filtered
4059163.247.52.17 138 udp netbios-dgm filtered
4060163.247.52.17 139 tcp netbios-ssn closed
4061163.247.52.17 139 udp netbios-ssn unknown
4062163.247.52.17 161 tcp snmp filtered
4063163.247.52.17 161 udp snmp unknown
4064163.247.52.17 162 tcp snmptrap filtered
4065163.247.52.17 162 udp snmptrap unknown
4066163.247.52.17 389 tcp ldap filtered
4067163.247.52.17 389 udp ldap unknown
4068163.247.52.17 443 tcp ssl/https open
4069163.247.52.17 445 tcp microsoft-ds closed
4070163.247.52.17 520 tcp efs filtered
4071163.247.52.17 520 udp route unknown
4072163.247.52.17 2049 tcp nfs filtered
4073163.247.52.17 2049 udp nfs unknown
4074163.247.96.10 25 tcp smtp closed
4075163.247.96.10 53 tcp domain filtered
4076163.247.96.10 53 udp domain unknown
4077163.247.96.10 67 tcp dhcps filtered
4078163.247.96.10 67 udp dhcps unknown
4079163.247.96.10 68 tcp dhcpc filtered
4080163.247.96.10 68 udp dhcpc unknown
4081163.247.96.10 69 tcp tftp filtered
4082163.247.96.10 69 udp tftp unknown
4083163.247.96.10 80 tcp http open Apache httpd 2.2.22
4084163.247.96.10 88 tcp kerberos-sec filtered
4085163.247.96.10 88 udp kerberos-sec unknown
4086163.247.96.10 113 tcp ident closed
4087163.247.96.10 123 tcp ntp filtered
4088163.247.96.10 123 udp ntp unknown
4089163.247.96.10 137 tcp netbios-ns filtered
4090163.247.96.10 137 udp netbios-ns filtered
4091163.247.96.10 138 tcp netbios-dgm filtered
4092163.247.96.10 138 udp netbios-dgm filtered
4093163.247.96.10 139 tcp netbios-ssn closed
4094163.247.96.10 139 udp netbios-ssn unknown
4095163.247.96.10 161 tcp snmp filtered
4096163.247.96.10 161 udp snmp unknown
4097163.247.96.10 162 tcp snmptrap filtered
4098163.247.96.10 162 udp snmptrap unknown
4099163.247.96.10 389 tcp ldap filtered
4100163.247.96.10 389 udp ldap unknown
4101163.247.96.10 445 tcp microsoft-ds closed
4102163.247.96.10 465 tcp ssl/smtp open Exim smtpd 4.X
4103163.247.96.10 520 tcp efs filtered
4104163.247.96.10 520 udp route unknown
4105163.247.96.10 587 tcp smtp open Exim smtpd
4106163.247.96.10 2000 tcp cisco-sccp open
4107163.247.96.10 2049 tcp nfs filtered
4108163.247.96.10 2049 udp nfs unknown
4109163.247.96.10 4443 tcp http open Apache httpd
4110163.247.96.10 5060 tcp sip open
4111170.246.172.178 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:38. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
4112170.246.172.178 25 tcp smtp closed
4113170.246.172.178 53 tcp domain open PowerDNS Authoritative Server 4.1.10
4114170.246.172.178 53 udp domain open PowerDNS Authoritative Server 4.1.10
4115170.246.172.178 67 tcp dhcps filtered
4116170.246.172.178 67 udp dhcps unknown
4117170.246.172.178 68 tcp dhcpc filtered
4118170.246.172.178 68 udp dhcpc unknown
4119170.246.172.178 69 tcp tftp filtered
4120170.246.172.178 69 udp tftp unknown
4121170.246.172.178 88 tcp kerberos-sec filtered
4122170.246.172.178 88 udp kerberos-sec unknown
4123170.246.172.178 123 tcp ntp filtered
4124170.246.172.178 123 udp ntp unknown
4125170.246.172.178 137 tcp netbios-ns filtered
4126170.246.172.178 137 udp netbios-ns filtered
4127170.246.172.178 138 tcp netbios-dgm filtered
4128170.246.172.178 138 udp netbios-dgm filtered
4129170.246.172.178 139 tcp netbios-ssn closed
4130170.246.172.178 139 udp netbios-ssn unknown
4131170.246.172.178 161 tcp snmp filtered
4132170.246.172.178 161 udp snmp unknown
4133170.246.172.178 162 tcp snmptrap filtered
4134170.246.172.178 162 udp snmptrap unknown
4135170.246.172.178 389 tcp ldap filtered
4136170.246.172.178 389 udp ldap unknown
4137170.246.172.178 445 tcp microsoft-ds closed
4138170.246.172.178 520 tcp efs filtered
4139170.246.172.178 520 udp route unknown
4140170.246.172.178 2049 tcp nfs filtered
4141170.246.172.178 2049 udp nfs unknown
4142180.222.81.193 21 tcp ftp open ProFTPD or KnFTPD
4143180.222.81.193 25 tcp smtp closed
4144180.222.81.193 53 tcp domain filtered
4145180.222.81.193 53 udp domain unknown
4146180.222.81.193 67 tcp dhcps filtered
4147180.222.81.193 67 udp dhcps unknown
4148180.222.81.193 68 tcp dhcpc filtered
4149180.222.81.193 68 udp dhcpc unknown
4150180.222.81.193 69 tcp tftp filtered
4151180.222.81.193 69 udp tftp unknown
4152180.222.81.193 80 tcp http open Apache httpd PHP 5.2.8
4153180.222.81.193 88 tcp kerberos-sec filtered
4154180.222.81.193 88 udp kerberos-sec unknown
4155180.222.81.193 110 tcp pop3 open qmail pop3d
4156180.222.81.193 113 tcp ident closed
4157180.222.81.193 123 tcp ntp filtered
4158180.222.81.193 123 udp ntp unknown
4159180.222.81.193 137 tcp netbios-ns filtered
4160180.222.81.193 137 udp netbios-ns filtered
4161180.222.81.193 138 tcp netbios-dgm filtered
4162180.222.81.193 138 udp netbios-dgm filtered
4163180.222.81.193 139 tcp netbios-ssn closed
4164180.222.81.193 139 udp netbios-ssn unknown
4165180.222.81.193 143 tcp imap open Courier Imapd released 2005
4166180.222.81.193 161 tcp snmp filtered
4167180.222.81.193 161 udp snmp unknown
4168180.222.81.193 162 tcp snmptrap filtered
4169180.222.81.193 162 udp snmptrap unknown
4170180.222.81.193 389 tcp ldap filtered
4171180.222.81.193 389 udp ldap unknown
4172180.222.81.193 443 tcp ssl/http open Apache httpd PHP 5.2.8
4173180.222.81.193 445 tcp microsoft-ds closed
4174180.222.81.193 465 tcp ssl/smtps open
4175180.222.81.193 520 tcp efs filtered
4176180.222.81.193 520 udp route unknown
4177180.222.81.193 587 tcp smtp open Access Remote PC smtpd
4178180.222.81.193 993 tcp ssl/imaps open
4179180.222.81.193 995 tcp ssl/pop3s open
4180180.222.81.193 2049 tcp nfs filtered
4181180.222.81.193 2049 udp nfs unknown
4182180.222.81.193 8080 tcp ssl/http open Apache httpd
4183184.72.111.210 25 tcp smtp closed
4184184.72.111.210 53 tcp domain filtered
4185184.72.111.210 53 udp domain unknown
4186184.72.111.210 67 tcp dhcps filtered
4187184.72.111.210 67 udp dhcps unknown
4188184.72.111.210 68 tcp dhcpc filtered
4189184.72.111.210 68 udp dhcpc unknown
4190184.72.111.210 69 tcp tftp filtered
4191184.72.111.210 69 udp tftp unknown
4192184.72.111.210 80 tcp http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
4193184.72.111.210 88 tcp kerberos-sec filtered
4194184.72.111.210 88 udp kerberos-sec unknown
4195184.72.111.210 123 tcp ntp filtered
4196184.72.111.210 123 udp ntp unknown
4197184.72.111.210 137 tcp netbios-ns filtered
4198184.72.111.210 137 udp netbios-ns filtered
4199184.72.111.210 138 tcp netbios-dgm filtered
4200184.72.111.210 138 udp netbios-dgm filtered
4201184.72.111.210 139 tcp netbios-ssn closed
4202184.72.111.210 139 udp netbios-ssn unknown
4203184.72.111.210 161 tcp snmp filtered
4204184.72.111.210 161 udp snmp unknown
4205184.72.111.210 162 tcp snmptrap filtered
4206184.72.111.210 162 udp snmptrap unknown
4207184.72.111.210 389 tcp ldap filtered
4208184.72.111.210 389 udp ldap unknown
4209184.72.111.210 443 tcp ssl/http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
4210184.72.111.210 445 tcp microsoft-ds closed
4211184.72.111.210 520 tcp efs filtered
4212184.72.111.210 520 udp route unknown
4213184.72.111.210 2049 tcp nfs filtered
4214184.72.111.210 2049 udp nfs unknown
4215185.2.4.98 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 300 allowed.\x0d\x0a220-Local time is now 17:27. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 60 seconds of inactivity.\x0d\x0a
4216185.2.4.98 25 tcp smtp closed
4217185.2.4.98 53 tcp domain filtered
4218185.2.4.98 53 udp domain unknown
4219185.2.4.98 67 tcp dhcps filtered
4220185.2.4.98 67 udp dhcps unknown
4221185.2.4.98 68 tcp dhcpc filtered
4222185.2.4.98 68 udp dhcpc unknown
4223185.2.4.98 69 tcp tftp filtered
4224185.2.4.98 69 udp tftp unknown
4225185.2.4.98 88 tcp kerberos-sec filtered
4226185.2.4.98 88 udp kerberos-sec unknown
4227185.2.4.98 123 tcp ntp filtered
4228185.2.4.98 123 udp ntp unknown
4229185.2.4.98 137 tcp netbios-ns filtered
4230185.2.4.98 137 udp netbios-ns filtered
4231185.2.4.98 138 tcp netbios-dgm filtered
4232185.2.4.98 138 udp netbios-dgm filtered
4233185.2.4.98 139 tcp netbios-ssn closed
4234185.2.4.98 139 udp netbios-ssn unknown
4235185.2.4.98 161 tcp snmp filtered
4236185.2.4.98 161 udp snmp unknown
4237185.2.4.98 162 tcp snmptrap filtered
4238185.2.4.98 162 udp snmptrap unknown
4239185.2.4.98 389 tcp ldap filtered
4240185.2.4.98 389 udp ldap unknown
4241185.2.4.98 445 tcp microsoft-ds closed
4242185.2.4.98 520 tcp efs filtered
4243185.2.4.98 520 udp route unknown
4244185.2.4.98 2049 tcp nfs filtered
4245185.2.4.98 2049 udp nfs unknown
4246185.68.93.22 22 tcp ssh open SSH-2.0-OpenSSH_5.3
4247185.68.93.22 53 tcp domain closed
4248185.68.93.22 53 udp domain unknown
4249185.68.93.22 67 tcp dhcps closed
4250185.68.93.22 67 udp dhcps closed
4251185.68.93.22 68 tcp dhcpc closed
4252185.68.93.22 68 udp dhcpc closed
4253185.68.93.22 69 tcp tftp closed
4254185.68.93.22 69 udp tftp unknown
4255185.68.93.22 88 tcp kerberos-sec closed
4256185.68.93.22 88 udp kerberos-sec unknown
4257185.68.93.22 123 tcp ntp closed
4258185.68.93.22 123 udp ntp closed
4259185.68.93.22 137 tcp netbios-ns closed
4260185.68.93.22 137 udp netbios-ns filtered
4261185.68.93.22 138 tcp netbios-dgm closed
4262185.68.93.22 138 udp netbios-dgm filtered
4263185.68.93.22 139 tcp netbios-ssn closed
4264185.68.93.22 139 udp netbios-ssn closed
4265185.68.93.22 161 tcp snmp closed
4266185.68.93.22 161 udp snmp unknown
4267185.68.93.22 162 tcp snmptrap closed
4268185.68.93.22 162 udp snmptrap closed
4269185.68.93.22 389 tcp ldap closed
4270185.68.93.22 389 udp ldap unknown
4271185.68.93.22 520 tcp efs closed
4272185.68.93.22 520 udp route unknown
4273185.68.93.22 2049 tcp nfs closed
4274185.68.93.22 2049 udp nfs closed
4275185.119.173.237 25 tcp smtp closed
4276185.119.173.237 53 tcp domain filtered
4277185.119.173.237 53 udp domain unknown
4278185.119.173.237 67 tcp dhcps filtered
4279185.119.173.237 67 udp dhcps unknown
4280185.119.173.237 68 tcp dhcpc filtered
4281185.119.173.237 68 udp dhcpc unknown
4282185.119.173.237 69 tcp tftp filtered
4283185.119.173.237 69 udp tftp unknown
4284185.119.173.237 80 tcp http open Apache httpd
4285185.119.173.237 88 tcp kerberos-sec filtered
4286185.119.173.237 88 udp kerberos-sec unknown
4287185.119.173.237 123 tcp ntp filtered
4288185.119.173.237 123 udp ntp unknown
4289185.119.173.237 137 tcp netbios-ns filtered
4290185.119.173.237 137 udp netbios-ns filtered
4291185.119.173.237 138 tcp netbios-dgm filtered
4292185.119.173.237 138 udp netbios-dgm filtered
4293185.119.173.237 139 tcp netbios-ssn closed
4294185.119.173.237 139 udp netbios-ssn unknown
4295185.119.173.237 161 tcp snmp filtered
4296185.119.173.237 161 udp snmp unknown
4297185.119.173.237 162 tcp snmptrap filtered
4298185.119.173.237 162 udp snmptrap unknown
4299185.119.173.237 389 tcp ldap filtered
4300185.119.173.237 389 udp ldap unknown
4301185.119.173.237 443 tcp ssl/http open Apache httpd
4302185.119.173.237 445 tcp microsoft-ds closed
4303185.119.173.237 520 tcp efs filtered
4304185.119.173.237 520 udp route unknown
4305185.119.173.237 2049 tcp nfs filtered
4306185.119.173.237 2049 udp nfs unknown
4307186.67.91.110 25 tcp smtp closed
4308186.67.91.110 53 tcp domain filtered
4309186.67.91.110 53 udp domain unknown
4310186.67.91.110 67 tcp dhcps filtered
4311186.67.91.110 67 udp dhcps unknown
4312186.67.91.110 68 tcp dhcpc filtered
4313186.67.91.110 68 udp dhcpc unknown
4314186.67.91.110 69 tcp tftp filtered
4315186.67.91.110 69 udp tftp unknown
4316186.67.91.110 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
4317186.67.91.110 88 tcp kerberos-sec filtered
4318186.67.91.110 88 udp kerberos-sec unknown
4319186.67.91.110 123 tcp ntp filtered
4320186.67.91.110 123 udp ntp unknown
4321186.67.91.110 137 tcp netbios-ns filtered
4322186.67.91.110 137 udp netbios-ns filtered
4323186.67.91.110 138 tcp netbios-dgm filtered
4324186.67.91.110 138 udp netbios-dgm filtered
4325186.67.91.110 139 tcp netbios-ssn closed
4326186.67.91.110 139 udp netbios-ssn unknown
4327186.67.91.110 161 tcp snmp filtered
4328186.67.91.110 161 udp snmp unknown
4329186.67.91.110 162 tcp snmptrap filtered
4330186.67.91.110 162 udp snmptrap unknown
4331186.67.91.110 389 tcp ldap filtered
4332186.67.91.110 389 udp ldap unknown
4333186.67.91.110 443 tcp ssl/https open
4334186.67.91.110 445 tcp microsoft-ds closed
4335186.67.91.110 520 tcp efs filtered
4336186.67.91.110 520 udp route unknown
4337186.67.91.110 2049 tcp nfs filtered
4338186.67.91.110 2049 udp nfs unknown
4339192.0.78.12 25 tcp smtp closed
4340192.0.78.12 53 tcp domain filtered
4341192.0.78.12 53 udp domain unknown
4342192.0.78.12 67 tcp dhcps filtered
4343192.0.78.12 67 udp dhcps unknown
4344192.0.78.12 68 tcp dhcpc filtered
4345192.0.78.12 68 udp dhcpc unknown
4346192.0.78.12 69 tcp tftp filtered
4347192.0.78.12 69 udp tftp unknown
4348192.0.78.12 80 tcp http open nginx
4349192.0.78.12 88 tcp kerberos-sec filtered
4350192.0.78.12 88 udp kerberos-sec unknown
4351192.0.78.12 123 tcp ntp filtered
4352192.0.78.12 123 udp ntp unknown
4353192.0.78.12 137 tcp netbios-ns filtered
4354192.0.78.12 137 udp netbios-ns filtered
4355192.0.78.12 138 tcp netbios-dgm filtered
4356192.0.78.12 138 udp netbios-dgm filtered
4357192.0.78.12 139 tcp netbios-ssn closed
4358192.0.78.12 139 udp netbios-ssn unknown
4359192.0.78.12 161 tcp snmp filtered
4360192.0.78.12 161 udp snmp unknown
4361192.0.78.12 162 tcp snmptrap filtered
4362192.0.78.12 162 udp snmptrap unknown
4363192.0.78.12 389 tcp ldap filtered
4364192.0.78.12 389 udp ldap unknown
4365192.0.78.12 443 tcp ssl/http open nginx
4366192.0.78.12 445 tcp microsoft-ds closed
4367192.0.78.12 520 tcp efs filtered
4368192.0.78.12 520 udp route unknown
4369192.0.78.12 2049 tcp nfs filtered
4370192.0.78.12 2049 udp nfs unknown
4371192.0.78.13 25 tcp smtp closed
4372192.0.78.13 53 tcp domain filtered
4373192.0.78.13 53 udp domain unknown
4374192.0.78.13 67 tcp dhcps filtered
4375192.0.78.13 67 udp dhcps unknown
4376192.0.78.13 68 tcp dhcpc filtered
4377192.0.78.13 68 udp dhcpc unknown
4378192.0.78.13 69 tcp tftp filtered
4379192.0.78.13 69 udp tftp unknown
4380192.0.78.13 80 tcp http open nginx
4381192.0.78.13 88 tcp kerberos-sec filtered
4382192.0.78.13 88 udp kerberos-sec unknown
4383192.0.78.13 123 tcp ntp filtered
4384192.0.78.13 123 udp ntp unknown
4385192.0.78.13 137 tcp netbios-ns filtered
4386192.0.78.13 137 udp netbios-ns filtered
4387192.0.78.13 138 tcp netbios-dgm filtered
4388192.0.78.13 138 udp netbios-dgm filtered
4389192.0.78.13 139 tcp netbios-ssn closed
4390192.0.78.13 139 udp netbios-ssn unknown
4391192.0.78.13 161 tcp snmp filtered
4392192.0.78.13 161 udp snmp unknown
4393192.0.78.13 162 tcp snmptrap filtered
4394192.0.78.13 162 udp snmptrap unknown
4395192.0.78.13 389 tcp ldap filtered
4396192.0.78.13 389 udp ldap unknown
4397192.0.78.13 443 tcp ssl/http open nginx
4398192.0.78.13 445 tcp microsoft-ds closed
4399192.0.78.13 520 tcp efs filtered
4400192.0.78.13 520 udp route unknown
4401192.0.78.13 2049 tcp nfs filtered
4402192.0.78.13 2049 udp nfs unknown
4403194.18.73.2 25 tcp smtp closed
4404194.18.73.2 53 tcp domain filtered
4405194.18.73.2 53 udp domain unknown
4406194.18.73.2 67 tcp dhcps filtered
4407194.18.73.2 67 udp dhcps unknown
4408194.18.73.2 68 tcp dhcpc filtered
4409194.18.73.2 68 udp dhcpc unknown
4410194.18.73.2 69 tcp tftp filtered
4411194.18.73.2 69 udp tftp unknown
4412194.18.73.2 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
4413194.18.73.2 88 tcp kerberos-sec filtered
4414194.18.73.2 88 udp kerberos-sec unknown
4415194.18.73.2 113 tcp ident closed
4416194.18.73.2 123 tcp ntp filtered
4417194.18.73.2 123 udp ntp unknown
4418194.18.73.2 137 tcp netbios-ns filtered
4419194.18.73.2 137 udp netbios-ns filtered
4420194.18.73.2 138 tcp netbios-dgm filtered
4421194.18.73.2 138 udp netbios-dgm filtered
4422194.18.73.2 139 tcp netbios-ssn closed
4423194.18.73.2 139 udp netbios-ssn unknown
4424194.18.73.2 161 tcp snmp filtered
4425194.18.73.2 161 udp snmp unknown
4426194.18.73.2 162 tcp snmptrap filtered
4427194.18.73.2 162 udp snmptrap unknown
4428194.18.73.2 389 tcp ldap filtered
4429194.18.73.2 389 udp ldap unknown
4430194.18.73.2 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
4431194.18.73.2 445 tcp microsoft-ds closed
4432194.18.73.2 520 tcp efs filtered
4433194.18.73.2 520 udp route closed
4434194.18.73.2 2049 tcp nfs filtered
4435194.18.73.2 2049 udp nfs unknown
4436194.39.164.140 21 tcp ftp open ProFTPD
4437194.39.164.140 53 tcp domain filtered
4438194.39.164.140 53 udp domain unknown
4439194.39.164.140 67 tcp dhcps filtered
4440194.39.164.140 67 udp dhcps unknown
4441194.39.164.140 68 tcp dhcpc filtered
4442194.39.164.140 68 udp dhcpc unknown
4443194.39.164.140 69 tcp tftp filtered
4444194.39.164.140 69 udp tftp unknown
4445194.39.164.140 80 tcp http open nginx
4446194.39.164.140 88 tcp kerberos-sec filtered
4447194.39.164.140 88 udp kerberos-sec unknown
4448194.39.164.140 110 tcp pop3 open Courier pop3d
4449194.39.164.140 123 tcp ntp filtered
4450194.39.164.140 123 udp ntp unknown
4451194.39.164.140 137 tcp netbios-ns filtered
4452194.39.164.140 137 udp netbios-ns filtered
4453194.39.164.140 138 tcp netbios-dgm filtered
4454194.39.164.140 138 udp netbios-dgm filtered
4455194.39.164.140 139 tcp netbios-ssn closed
4456194.39.164.140 139 udp netbios-ssn unknown
4457194.39.164.140 161 tcp snmp filtered
4458194.39.164.140 161 udp snmp unknown
4459194.39.164.140 162 tcp snmptrap filtered
4460194.39.164.140 162 udp snmptrap unknown
4461194.39.164.140 389 tcp ldap filtered
4462194.39.164.140 389 udp ldap unknown
4463194.39.164.140 443 tcp ssl/http open nginx
4464194.39.164.140 465 tcp ssl/smtps open
4465194.39.164.140 520 tcp efs filtered
4466194.39.164.140 520 udp route unknown
4467194.39.164.140 587 tcp smtp open Postfix smtpd
4468194.39.164.140 993 tcp ssl/imaps open
4469194.39.164.140 2020 tcp ssh open OpenSSH 7.4 protocol 2.0
4470194.39.164.140 2049 tcp nfs filtered
4471194.39.164.140 2049 udp nfs unknown
4472194.39.164.140 8443 tcp ssl/https-alt open sw-cp-server
4473194.39.164.140 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
4474200.14.67.43 25 tcp smtp closed
4475200.14.67.43 53 tcp domain filtered
4476200.14.67.43 53 udp domain unknown
4477200.14.67.43 67 tcp dhcps filtered
4478200.14.67.43 67 udp dhcps unknown
4479200.14.67.43 68 tcp dhcpc filtered
4480200.14.67.43 68 udp dhcpc unknown
4481200.14.67.43 69 tcp tftp filtered
4482200.14.67.43 69 udp tftp unknown
4483200.14.67.43 80 tcp http open nginx 1.16.1 Ubuntu
4484200.14.67.43 88 tcp kerberos-sec filtered
4485200.14.67.43 88 udp kerberos-sec unknown
4486200.14.67.43 123 tcp ntp filtered
4487200.14.67.43 123 udp ntp unknown
4488200.14.67.43 137 tcp netbios-ns filtered
4489200.14.67.43 137 udp netbios-ns filtered
4490200.14.67.43 138 tcp netbios-dgm filtered
4491200.14.67.43 138 udp netbios-dgm filtered
4492200.14.67.43 139 tcp netbios-ssn closed
4493200.14.67.43 139 udp netbios-ssn unknown
4494200.14.67.43 161 tcp snmp filtered
4495200.14.67.43 161 udp snmp unknown
4496200.14.67.43 162 tcp snmptrap filtered
4497200.14.67.43 162 udp snmptrap unknown
4498200.14.67.43 389 tcp ldap filtered
4499200.14.67.43 389 udp ldap unknown
4500200.14.67.43 443 tcp ssl/http open nginx 1.16.1 Ubuntu
4501200.14.67.43 445 tcp microsoft-ds closed
4502200.14.67.43 520 tcp efs filtered
4503200.14.67.43 520 udp route unknown
4504200.14.67.43 2049 tcp nfs filtered
4505200.14.67.43 2049 udp nfs unknown
4506200.14.67.65 25 tcp smtp closed
4507200.14.67.65 53 tcp domain filtered
4508200.14.67.65 53 udp domain unknown
4509200.14.67.65 67 tcp dhcps filtered
4510200.14.67.65 67 udp dhcps unknown
4511200.14.67.65 68 tcp dhcpc filtered
4512200.14.67.65 68 udp dhcpc unknown
4513200.14.67.65 69 tcp tftp filtered
4514200.14.67.65 69 udp tftp unknown
4515200.14.67.65 80 tcp http open nginx 1.16.1 Ubuntu
4516200.14.67.65 88 tcp kerberos-sec filtered
4517200.14.67.65 88 udp kerberos-sec unknown
4518200.14.67.65 123 tcp ntp filtered
4519200.14.67.65 123 udp ntp unknown
4520200.14.67.65 137 tcp netbios-ns filtered
4521200.14.67.65 137 udp netbios-ns filtered
4522200.14.67.65 138 tcp netbios-dgm filtered
4523200.14.67.65 138 udp netbios-dgm filtered
4524200.14.67.65 139 tcp netbios-ssn closed
4525200.14.67.65 139 udp netbios-ssn unknown
4526200.14.67.65 161 tcp snmp filtered
4527200.14.67.65 161 udp snmp unknown
4528200.14.67.65 162 tcp snmptrap filtered
4529200.14.67.65 162 udp snmptrap unknown
4530200.14.67.65 389 tcp ldap filtered
4531200.14.67.65 389 udp ldap unknown
4532200.14.67.65 443 tcp ssl/http open nginx 1.16.1 Ubuntu
4533200.14.67.65 445 tcp microsoft-ds closed
4534200.14.67.65 520 tcp efs filtered
4535200.14.67.65 520 udp route unknown
4536200.14.67.65 2049 tcp nfs filtered
4537200.14.67.65 2049 udp nfs unknown
4538200.35.157.77 53 tcp domain filtered
4539200.35.157.77 53 udp domain unknown
4540200.35.157.77 67 tcp dhcps filtered
4541200.35.157.77 67 udp dhcps unknown
4542200.35.157.77 68 tcp dhcpc filtered
4543200.35.157.77 68 udp dhcpc unknown
4544200.35.157.77 69 tcp tftp filtered
4545200.35.157.77 69 udp tftp unknown
4546200.35.157.77 88 tcp kerberos-sec filtered
4547200.35.157.77 88 udp kerberos-sec unknown
4548200.35.157.77 123 tcp ntp filtered
4549200.35.157.77 123 udp ntp unknown
4550200.35.157.77 137 tcp netbios-ns filtered
4551200.35.157.77 137 udp netbios-ns filtered
4552200.35.157.77 138 tcp netbios-dgm filtered
4553200.35.157.77 138 udp netbios-dgm filtered
4554200.35.157.77 139 tcp netbios-ssn closed
4555200.35.157.77 139 udp netbios-ssn unknown
4556200.35.157.77 161 tcp snmp filtered
4557200.35.157.77 161 udp snmp unknown
4558200.35.157.77 162 tcp snmptrap filtered
4559200.35.157.77 162 udp snmptrap unknown
4560200.35.157.77 389 tcp ldap filtered
4561200.35.157.77 389 udp ldap unknown
4562200.35.157.77 520 tcp efs filtered
4563200.35.157.77 520 udp route unknown
4564200.35.157.77 2049 tcp nfs filtered
4565200.35.157.77 2049 udp nfs unknown
4566201.131.38.40 25 tcp smtp closed
4567201.131.38.40 53 tcp domain filtered
4568201.131.38.40 53 udp domain unknown
4569201.131.38.40 67 tcp dhcps filtered
4570201.131.38.40 67 udp dhcps unknown
4571201.131.38.40 68 tcp dhcpc filtered
4572201.131.38.40 68 udp dhcpc unknown
4573201.131.38.40 69 tcp tftp filtered
4574201.131.38.40 69 udp tftp unknown
4575201.131.38.40 80 tcp http open Apache httpd
4576201.131.38.40 88 tcp kerberos-sec filtered
4577201.131.38.40 88 udp kerberos-sec unknown
4578201.131.38.40 123 tcp ntp filtered
4579201.131.38.40 123 udp ntp unknown
4580201.131.38.40 137 tcp netbios-ns filtered
4581201.131.38.40 137 udp netbios-ns filtered
4582201.131.38.40 138 tcp netbios-dgm filtered
4583201.131.38.40 138 udp netbios-dgm filtered
4584201.131.38.40 139 tcp netbios-ssn closed
4585201.131.38.40 139 udp netbios-ssn unknown
4586201.131.38.40 161 tcp snmp filtered
4587201.131.38.40 161 udp snmp unknown
4588201.131.38.40 162 tcp snmptrap filtered
4589201.131.38.40 162 udp snmptrap unknown
4590201.131.38.40 389 tcp ldap filtered
4591201.131.38.40 389 udp ldap unknown
4592201.131.38.40 443 tcp ssl/http open Apache httpd
4593201.131.38.40 445 tcp microsoft-ds closed
4594201.131.38.40 520 tcp efs filtered
4595201.131.38.40 520 udp route unknown
4596201.131.38.40 2049 tcp nfs filtered
4597201.131.38.40 2049 udp nfs unknown
4598201.238.246.43 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 05:39. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
4599201.238.246.43 25 tcp smtp closed
4600201.238.246.43 53 tcp domain filtered
4601201.238.246.43 53 udp domain unknown
4602201.238.246.43 67 tcp dhcps filtered
4603201.238.246.43 67 udp dhcps unknown
4604201.238.246.43 68 tcp dhcpc filtered
4605201.238.246.43 68 udp dhcpc unknown
4606201.238.246.43 69 tcp tftp filtered
4607201.238.246.43 69 udp tftp unknown
4608201.238.246.43 88 tcp kerberos-sec filtered
4609201.238.246.43 88 udp kerberos-sec unknown
4610201.238.246.43 113 tcp ident closed
4611201.238.246.43 123 tcp ntp filtered
4612201.238.246.43 123 udp ntp unknown
4613201.238.246.43 137 tcp netbios-ns filtered
4614201.238.246.43 137 udp netbios-ns filtered
4615201.238.246.43 138 tcp netbios-dgm filtered
4616201.238.246.43 138 udp netbios-dgm filtered
4617201.238.246.43 139 tcp netbios-ssn closed
4618201.238.246.43 139 udp netbios-ssn unknown
4619201.238.246.43 161 tcp snmp filtered
4620201.238.246.43 161 udp snmp unknown
4621201.238.246.43 162 tcp snmptrap filtered
4622201.238.246.43 162 udp snmptrap unknown
4623201.238.246.43 389 tcp ldap filtered
4624201.238.246.43 389 udp ldap unknown
4625201.238.246.43 445 tcp microsoft-ds closed
4626201.238.246.43 520 tcp efs filtered
4627201.238.246.43 520 udp route unknown
4628201.238.246.43 2049 tcp nfs filtered
4629201.238.246.43 2049 udp nfs unknown
4630202.214.194.138 25 tcp smtp closed
4631202.214.194.138 53 tcp domain filtered
4632202.214.194.138 53 udp domain unknown
4633202.214.194.138 67 tcp dhcps filtered
4634202.214.194.138 67 udp dhcps unknown
4635202.214.194.138 68 tcp dhcpc filtered
4636202.214.194.138 68 udp dhcpc unknown
4637202.214.194.138 69 tcp tftp filtered
4638202.214.194.138 69 udp tftp unknown
4639202.214.194.138 80 tcp http open
4640202.214.194.138 88 tcp kerberos-sec filtered
4641202.214.194.138 88 udp kerberos-sec unknown
4642202.214.194.138 123 tcp ntp filtered
4643202.214.194.138 123 udp ntp unknown
4644202.214.194.138 137 tcp netbios-ns filtered
4645202.214.194.138 137 udp netbios-ns filtered
4646202.214.194.138 138 tcp netbios-dgm filtered
4647202.214.194.138 138 udp netbios-dgm filtered
4648202.214.194.138 139 tcp netbios-ssn closed
4649202.214.194.138 139 udp netbios-ssn unknown
4650202.214.194.138 161 tcp snmp filtered
4651202.214.194.138 161 udp snmp unknown
4652202.214.194.138 162 tcp snmptrap filtered
4653202.214.194.138 162 udp snmptrap unknown
4654202.214.194.138 389 tcp ldap filtered
4655202.214.194.138 389 udp ldap unknown
4656202.214.194.138 443 tcp ssl/https open
4657202.214.194.138 445 tcp microsoft-ds closed
4658202.214.194.138 520 tcp efs filtered
4659202.214.194.138 520 udp route unknown
4660202.214.194.138 2049 tcp nfs filtered
4661202.214.194.138 2049 udp nfs unknown
4662202.238.130.103 25 tcp smtp closed
4663202.238.130.103 53 tcp domain filtered
4664202.238.130.103 53 udp domain unknown
4665202.238.130.103 67 tcp dhcps filtered
4666202.238.130.103 67 udp dhcps unknown
4667202.238.130.103 68 tcp dhcpc filtered
4668202.238.130.103 68 udp dhcpc unknown
4669202.238.130.103 69 tcp tftp filtered
4670202.238.130.103 69 udp tftp unknown
4671202.238.130.103 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
4672202.238.130.103 88 tcp kerberos-sec filtered
4673202.238.130.103 88 udp kerberos-sec unknown
4674202.238.130.103 113 tcp ident closed
4675202.238.130.103 123 tcp ntp filtered
4676202.238.130.103 123 udp ntp unknown
4677202.238.130.103 137 tcp netbios-ns filtered
4678202.238.130.103 137 udp netbios-ns filtered
4679202.238.130.103 138 tcp netbios-dgm filtered
4680202.238.130.103 138 udp netbios-dgm filtered
4681202.238.130.103 139 tcp netbios-ssn closed
4682202.238.130.103 139 udp netbios-ssn unknown
4683202.238.130.103 161 tcp snmp filtered
4684202.238.130.103 161 udp snmp unknown
4685202.238.130.103 162 tcp snmptrap filtered
4686202.238.130.103 162 udp snmptrap unknown
4687202.238.130.103 389 tcp ldap filtered
4688202.238.130.103 389 udp ldap unknown
4689202.238.130.103 443 tcp ssl/http open Apache httpd
4690202.238.130.103 445 tcp microsoft-ds closed
4691202.238.130.103 520 tcp efs filtered
4692202.238.130.103 520 udp route unknown
4693202.238.130.103 2049 tcp nfs filtered
4694202.238.130.103 2049 udp nfs unknown
4695202.238.130.103 8008 tcp http open
4696203.137.110.66 21 tcp ftp open 220 203.137.110.66 FTP server ready\x0d\x0a
4697203.180.216.224 25 tcp smtp closed
4698203.180.216.224 53 tcp domain filtered
4699203.180.216.224 53 udp domain unknown
4700203.180.216.224 67 tcp dhcps filtered
4701203.180.216.224 67 udp dhcps unknown
4702203.180.216.224 68 tcp dhcpc filtered
4703203.180.216.224 68 udp dhcpc unknown
4704203.180.216.224 69 tcp tftp filtered
4705203.180.216.224 69 udp tftp unknown
4706203.180.216.224 80 tcp http open nginx
4707203.180.216.224 88 tcp kerberos-sec filtered
4708203.180.216.224 88 udp kerberos-sec unknown
4709203.180.216.224 123 tcp ntp filtered
4710203.180.216.224 123 udp ntp unknown
4711203.180.216.224 137 tcp netbios-ns filtered
4712203.180.216.224 137 udp netbios-ns filtered
4713203.180.216.224 138 tcp netbios-dgm filtered
4714203.180.216.224 138 udp netbios-dgm filtered
4715203.180.216.224 139 tcp netbios-ssn closed
4716203.180.216.224 139 udp netbios-ssn unknown
4717203.180.216.224 161 tcp snmp filtered
4718203.180.216.224 161 udp snmp unknown
4719203.180.216.224 162 tcp snmptrap filtered
4720203.180.216.224 162 udp snmptrap unknown
4721203.180.216.224 389 tcp ldap filtered
4722203.180.216.224 389 udp ldap unknown
4723203.180.216.224 443 tcp ssl/http open nginx
4724203.180.216.224 445 tcp microsoft-ds closed
4725203.180.216.224 520 tcp efs filtered
4726203.180.216.224 520 udp route unknown
4727203.180.216.224 2049 tcp nfs filtered
4728203.180.216.224 2049 udp nfs unknown
4729203.183.218.244 21 tcp ftp open 220 203.183.218.130 FTP server ready\x0d\x0a
4730208.113.216.185 25 tcp smtp closed
4731208.113.216.185 53 tcp domain filtered
4732208.113.216.185 53 udp domain unknown
4733208.113.216.185 67 tcp dhcps filtered
4734208.113.216.185 67 udp dhcps unknown
4735208.113.216.185 68 tcp dhcpc filtered
4736208.113.216.185 68 udp dhcpc unknown
4737208.113.216.185 69 tcp tftp filtered
4738208.113.216.185 69 udp tftp unknown
4739208.113.216.185 88 tcp kerberos-sec filtered
4740208.113.216.185 88 udp kerberos-sec unknown
4741208.113.216.185 123 tcp ntp filtered
4742208.113.216.185 123 udp ntp unknown
4743208.113.216.185 137 tcp netbios-ns filtered
4744208.113.216.185 137 udp netbios-ns filtered
4745208.113.216.185 138 tcp netbios-dgm filtered
4746208.113.216.185 138 udp netbios-dgm filtered
4747208.113.216.185 139 tcp netbios-ssn closed
4748208.113.216.185 139 udp netbios-ssn unknown
4749208.113.216.185 161 tcp snmp filtered
4750208.113.216.185 161 udp snmp unknown
4751208.113.216.185 162 tcp snmptrap filtered
4752208.113.216.185 162 udp snmptrap unknown
4753208.113.216.185 389 tcp ldap filtered
4754208.113.216.185 389 udp ldap unknown
4755208.113.216.185 445 tcp microsoft-ds closed
4756208.113.216.185 520 tcp efs filtered
4757208.113.216.185 520 udp route unknown
4758208.113.216.185 2049 tcp nfs filtered
4759208.113.216.185 2049 udp nfs unknown
4760208.113.220.218 25 tcp smtp closed
4761208.113.220.218 53 tcp domain filtered
4762208.113.220.218 53 udp domain unknown
4763208.113.220.218 67 tcp dhcps filtered
4764208.113.220.218 67 udp dhcps unknown
4765208.113.220.218 68 tcp dhcpc filtered
4766208.113.220.218 68 udp dhcpc unknown
4767208.113.220.218 69 tcp tftp filtered
4768208.113.220.218 69 udp tftp unknown
4769208.113.220.218 88 tcp kerberos-sec filtered
4770208.113.220.218 88 udp kerberos-sec unknown
4771208.113.220.218 123 tcp ntp filtered
4772208.113.220.218 123 udp ntp unknown
4773208.113.220.218 137 tcp netbios-ns filtered
4774208.113.220.218 137 udp netbios-ns filtered
4775208.113.220.218 138 tcp netbios-dgm filtered
4776208.113.220.218 138 udp netbios-dgm filtered
4777208.113.220.218 139 tcp netbios-ssn closed
4778208.113.220.218 139 udp netbios-ssn unknown
4779208.113.220.218 161 tcp snmp filtered
4780208.113.220.218 161 udp snmp unknown
4781208.113.220.218 162 tcp snmptrap filtered
4782208.113.220.218 162 udp snmptrap unknown
4783208.113.220.218 389 tcp ldap filtered
4784208.113.220.218 389 udp ldap unknown
4785208.113.220.218 445 tcp microsoft-ds closed
4786208.113.220.218 520 tcp efs filtered
4787208.113.220.218 520 udp route unknown
4788208.113.220.218 2049 tcp nfs filtered
4789208.113.220.218 2049 udp nfs unknown
4790209.59.165.178 25 tcp smtp closed
4791209.59.165.178 53 tcp domain filtered PowerDNS Authoritative Server 4.1.10
4792209.59.165.178 53 udp domain unknown PowerDNS Authoritative Server 4.1.10
4793209.59.165.178 67 tcp dhcps filtered
4794209.59.165.178 67 udp dhcps unknown
4795209.59.165.178 68 tcp dhcpc filtered
4796209.59.165.178 68 udp dhcpc unknown
4797209.59.165.178 69 tcp tftp filtered
4798209.59.165.178 69 udp tftp unknown
4799209.59.165.178 88 tcp kerberos-sec filtered
4800209.59.165.178 88 udp kerberos-sec unknown
4801209.59.165.178 123 tcp ntp filtered
4802209.59.165.178 123 udp ntp unknown
4803209.59.165.178 137 tcp netbios-ns filtered
4804209.59.165.178 137 udp netbios-ns filtered
4805209.59.165.178 138 tcp netbios-dgm filtered
4806209.59.165.178 138 udp netbios-dgm filtered
4807209.59.165.178 139 tcp netbios-ssn closed
4808209.59.165.178 139 udp netbios-ssn unknown
4809209.59.165.178 161 tcp snmp filtered
4810209.59.165.178 161 udp snmp unknown
4811209.59.165.178 162 tcp snmptrap filtered
4812209.59.165.178 162 udp snmptrap unknown
4813209.59.165.178 389 tcp ldap filtered
4814209.59.165.178 389 udp ldap unknown
4815209.59.165.178 445 tcp microsoft-ds closed
4816209.59.165.178 520 tcp efs filtered
4817209.59.165.178 520 udp route unknown
4818209.59.165.178 2049 tcp nfs filtered
4819209.59.165.178 2049 udp nfs unknown
4820210.149.141.34 53 tcp domain filtered
4821210.149.141.34 53 udp domain unknown
4822210.149.141.34 67 tcp dhcps filtered
4823210.149.141.34 67 udp dhcps unknown
4824210.149.141.34 68 tcp dhcpc filtered
4825210.149.141.34 68 udp dhcpc unknown
4826210.149.141.34 69 tcp tftp filtered
4827210.149.141.34 69 udp tftp unknown
4828210.149.141.34 88 tcp kerberos-sec filtered
4829210.149.141.34 88 udp kerberos-sec unknown
4830210.149.141.34 123 tcp ntp filtered
4831210.149.141.34 123 udp ntp unknown
4832210.149.141.34 137 tcp netbios-ns filtered
4833210.149.141.34 137 udp netbios-ns filtered
4834210.149.141.34 138 tcp netbios-dgm filtered
4835210.149.141.34 138 udp netbios-dgm filtered
4836210.149.141.34 139 tcp netbios-ssn closed
4837210.149.141.34 139 udp netbios-ssn unknown
4838210.149.141.34 161 tcp snmp filtered
4839210.149.141.34 161 udp snmp unknown
4840210.149.141.34 162 tcp snmptrap filtered
4841210.149.141.34 162 udp snmptrap unknown
4842210.149.141.34 389 tcp ldap filtered
4843210.149.141.34 389 udp ldap unknown
4844210.149.141.34 520 tcp efs filtered
4845210.149.141.34 520 udp route unknown
4846210.149.141.34 2049 tcp nfs filtered
4847210.149.141.34 2049 udp nfs unknown
4848210.152.243.182 21 tcp ftp open 220 (vsFTPd 2.2.2)\x0d\x0a
4849210.160.220.105 53 tcp domain closed
4850210.160.220.105 53 udp domain unknown
4851210.160.220.105 67 tcp dhcps closed
4852210.160.220.105 67 udp dhcps unknown
4853210.160.220.105 68 tcp dhcpc closed
4854210.160.220.105 68 udp dhcpc unknown
4855210.160.220.105 69 tcp tftp filtered
4856210.160.220.105 69 udp tftp unknown
4857210.160.220.105 88 tcp kerberos-sec closed
4858210.160.220.105 88 udp kerberos-sec unknown
4859210.160.220.105 123 tcp ntp filtered
4860210.160.220.105 123 udp ntp unknown
4861210.160.220.105 137 tcp netbios-ns closed
4862210.160.220.105 137 udp netbios-ns filtered
4863210.160.220.105 138 tcp netbios-dgm closed
4864210.160.220.105 138 udp netbios-dgm filtered
4865210.160.220.105 139 tcp netbios-ssn closed
4866210.160.220.105 139 udp netbios-ssn unknown
4867210.160.220.105 161 tcp snmp closed
4868210.160.220.105 161 udp snmp unknown
4869210.160.220.105 162 tcp snmptrap filtered
4870210.160.220.105 162 udp snmptrap unknown
4871210.160.220.105 389 tcp ldap closed
4872210.160.220.105 389 udp ldap unknown
4873210.160.220.105 520 tcp efs closed
4874210.160.220.105 520 udp route unknown
4875210.160.220.105 2049 tcp nfs closed
4876210.160.220.105 2049 udp nfs unknown
4877210.160.220.113 53 tcp domain closed
4878210.160.220.113 53 udp domain unknown
4879210.160.220.113 67 tcp dhcps closed
4880210.160.220.113 67 udp dhcps unknown
4881210.160.220.113 68 tcp dhcpc closed
4882210.160.220.113 68 udp dhcpc unknown
4883210.160.220.113 69 tcp tftp closed
4884210.160.220.113 69 udp tftp unknown
4885210.160.220.113 88 tcp kerberos-sec filtered
4886210.160.220.113 88 udp kerberos-sec unknown
4887210.160.220.113 123 tcp ntp filtered
4888210.160.220.113 123 udp ntp unknown
4889210.160.220.113 137 tcp netbios-ns closed
4890210.160.220.113 137 udp netbios-ns filtered
4891210.160.220.113 138 tcp netbios-dgm closed
4892210.160.220.113 138 udp netbios-dgm filtered
4893210.160.220.113 139 tcp netbios-ssn closed
4894210.160.220.113 139 udp netbios-ssn unknown
4895210.160.220.113 161 tcp snmp closed
4896210.160.220.113 161 udp snmp unknown
4897210.160.220.113 162 tcp snmptrap closed
4898210.160.220.113 162 udp snmptrap unknown
4899210.160.220.113 389 tcp ldap filtered
4900210.160.220.113 389 udp ldap unknown
4901210.160.220.113 520 tcp efs closed
4902210.160.220.113 520 udp route unknown
4903210.160.220.113 2049 tcp nfs closed
4904210.160.220.113 2049 udp nfs unknown
4905210.226.36.2 25 tcp smtp closed
4906210.226.36.2 53 tcp domain filtered
4907210.226.36.2 53 udp domain unknown
4908210.226.36.2 67 tcp dhcps filtered
4909210.226.36.2 67 udp dhcps unknown
4910210.226.36.2 68 tcp dhcpc filtered
4911210.226.36.2 68 udp dhcpc unknown
4912210.226.36.2 69 tcp tftp filtered
4913210.226.36.2 69 udp tftp unknown
4914210.226.36.2 80 tcp http open Apache httpd 1.3.41 (Unix) PHP/3.0.18-i18n-ja-3
4915210.226.36.2 88 tcp kerberos-sec filtered
4916210.226.36.2 88 udp kerberos-sec unknown
4917210.226.36.2 123 tcp ntp filtered
4918210.226.36.2 123 udp ntp unknown
4919210.226.36.2 137 tcp netbios-ns filtered
4920210.226.36.2 137 udp netbios-ns filtered
4921210.226.36.2 138 tcp netbios-dgm filtered
4922210.226.36.2 138 udp netbios-dgm filtered
4923210.226.36.2 139 tcp netbios-ssn closed
4924210.226.36.2 139 udp netbios-ssn unknown
4925210.226.36.2 161 tcp snmp filtered
4926210.226.36.2 161 udp snmp unknown
4927210.226.36.2 162 tcp snmptrap filtered
4928210.226.36.2 162 udp snmptrap unknown
4929210.226.36.2 389 tcp ldap filtered
4930210.226.36.2 389 udp ldap unknown
4931210.226.36.2 445 tcp microsoft-ds closed
4932210.226.36.2 520 tcp efs filtered
4933210.226.36.2 520 udp route unknown
4934210.226.36.2 2049 tcp nfs filtered
4935210.226.36.2 2049 udp nfs unknown
4936217.160.131.142 21 tcp ftp open ProFTPD
4937217.160.131.142 22 tcp ssh open OpenSSH 5.3 protocol 2.0
4938217.160.131.142 53 tcp domain closed
4939217.160.131.142 53 udp domain unknown
4940217.160.131.142 67 tcp dhcps closed
4941217.160.131.142 67 udp dhcps unknown
4942217.160.131.142 68 tcp dhcpc closed
4943217.160.131.142 68 udp dhcpc closed
4944217.160.131.142 69 tcp tftp closed
4945217.160.131.142 69 udp tftp unknown
4946217.160.131.142 80 tcp http open Apache httpd PleskLin
4947217.160.131.142 88 tcp kerberos-sec closed
4948217.160.131.142 88 udp kerberos-sec unknown
4949217.160.131.142 123 tcp ntp closed
4950217.160.131.142 123 udp ntp unknown
4951217.160.131.142 137 tcp netbios-ns closed
4952217.160.131.142 137 udp netbios-ns filtered
4953217.160.131.142 138 tcp netbios-dgm closed
4954217.160.131.142 138 udp netbios-dgm filtered
4955217.160.131.142 139 tcp netbios-ssn closed
4956217.160.131.142 139 udp netbios-ssn closed
4957217.160.131.142 161 tcp snmp closed
4958217.160.131.142 161 udp snmp unknown
4959217.160.131.142 162 tcp snmptrap closed
4960217.160.131.142 162 udp snmptrap closed
4961217.160.131.142 389 tcp ldap closed
4962217.160.131.142 389 udp ldap closed
4963217.160.131.142 443 tcp ssl/http open Apache httpd PleskLin
4964217.160.131.142 520 tcp efs closed
4965217.160.131.142 520 udp route unknown
4966217.160.131.142 2049 tcp nfs closed
4967217.160.131.142 2049 udp nfs closed
4968217.160.131.142 3306 tcp mysql open MySQL 5.1.73
4969217.160.131.142 4643 tcp ssl/http open Apache httpd
4970217.160.131.142 8443 tcp ssl/http open sw-cp-server httpd Plesk Onyx 17.8.11
4971217.160.131.142 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
4972######################################################################################################################################
4973 Anonymous JTSEC #OpDeathEathers Full Recon #7