· 6 years ago · Nov 30, 2019, 03:24 PM
1IP:177.220.243.170
2Is down: https://imgur.com/a/wBM28Mn
3
4Pre-scan script results:
5| broadcast-listener:
6| ether
7| ARP Request
8| sender ip sender mac target ip
9| 177.182.149.78 84:a4:23:99:ee:06 192.168.0.9
10| EIGRP Hello
11|
12| udp
13| SSDP
14| ip uri
15|_ 192.168.0.7 urn:dial-multiscreen-org:service:dial:1
16| broadcast-wsdd-discover:
17| Devices
18| 239.255.255.250
19| Message id: 7bc482b0-1826-4ac9-b5bd-a973b2c4ff54
20| Address: http://127.0.0.1:5357/0a112fba-f78d-4a2a-adf0-a8b285eb1067/
21|_ Type: Device pub:Computer
22|_eap-info: please specify an interface with -e
23| knx-gateway-discover:
24|_ ERROR: Couldn't get interface for 224.0.23.12
25| targets-asn:
26|_ targets-asn.asn is a mandatory parameter
27Initiating Parallel DNS resolution of 2 hosts. at 21:01
28Completed Parallel DNS resolution of 2 hosts. at 21:01, 2.08s elapsed
29Initiating SYN Stealth Scan at 21:01
30Scanning 2 hosts [1000 ports/host]
31Discovered open port 80/tcp on 177.220.243.170
32Discovered open port 21/tcp on 177.220.243.170
33Discovered open port 22/tcp on 45.33.32.156
34Discovered open port 80/tcp on 45.33.32.156
35Discovered open port 8000/tcp on 177.220.243.170
36Discovered open port 2222/tcp on 177.220.243.170
37Discovered open port 81/tcp on 177.220.243.170
38Completed SYN Stealth Scan against 177.220.243.170 in 9.04s (1 host left)
39Discovered open port 31337/tcp on 45.33.32.156
40Discovered open port 9929/tcp on 45.33.32.156
41Completed SYN Stealth Scan at 21:01, 11.85s elapsed (2000 total ports)
42NSE: Script scanning 2 hosts.
43Initiating NSE at 21:01
44NSE: [ip-geolocation-maxmind] You must specify a Maxmind database file with the maxmind_db argument.
45NSE: [ip-geolocation-maxmind] Download the database from http://dev.maxmind.com/geoip/legacy/geolite/
46NSE: [ip-geolocation-maxmind] You must specify a Maxmind database file with the maxmind_db argument.
47NSE: [ip-geolocation-maxmind] Download the database from http://dev.maxmind.com/geoip/legacy/geolite/
48Completed NSE at 21:10, 516.16s elapsed
49Initiating NSE at 21:10
50Completed NSE at 21:10, 0.26s elapsed
51Nmap scan report for scanme.nmap.com (45.33.32.156)
52Host is up (0.23s latency).
53Other addresses for scanme.nmap.com (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f
54rDNS record for 45.33.32.156: scanme.nmap.org
55Not shown: 991 closed ports
56PORT STATE SERVICE
5722/tcp open ssh
58|_banner: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13
59| ssh-hostkey:
60| 1024 ac:00:a0:1a:82:ff:cc:55:99:dc:67:2b:34:97:6b:75 (DSA)
61| 2048 20:3d:2d:44:62:2a:b0:5a:9d:b5:b3:05:14:c2:a6:b2 (RSA)
62| 256 96:02:bb:5e:57:54:1c:4e:45:2f:56:4c:4a:24:b2:57 (ECDSA)
63|_ 256 33:fa:91:0f:e0:e1:7b:1f:6d:05:a2:b0:f1:54:41:56 (ED25519)
64| ssh2-enum-algos:
65| kex_algorithms: (8)
66| curve25519-sha256@libssh.org
67| ecdh-sha2-nistp256
68| ecdh-sha2-nistp384
69| ecdh-sha2-nistp521
70| diffie-hellman-group-exchange-sha256
71| diffie-hellman-group-exchange-sha1
72| diffie-hellman-group14-sha1
73| diffie-hellman-group1-sha1
74| server_host_key_algorithms: (4)
75| ssh-rsa
76| ssh-dss
77| ecdsa-sha2-nistp256
78| ssh-ed25519
79| encryption_algorithms: (16)
80| aes128-ctr
81| aes192-ctr
82| aes256-ctr
83| arcfour256
84| arcfour128
85| aes128-gcm@openssh.com
86| aes256-gcm@openssh.com
87| chacha20-poly1305@openssh.com
88| aes128-cbc
89| 3des-cbc
90| blowfish-cbc
91| cast128-cbc
92| aes192-cbc
93| aes256-cbc
94| arcfour
95| rijndael-cbc@lysator.liu.se
96| mac_algorithms: (19)
97| hmac-md5-etm@openssh.com
98| hmac-sha1-etm@openssh.com
99| umac-64-etm@openssh.com
100| umac-128-etm@openssh.com
101| hmac-sha2-256-etm@openssh.com
102| hmac-sha2-512-etm@openssh.com
103| hmac-ripemd160-etm@openssh.com
104| hmac-sha1-96-etm@openssh.com
105| hmac-md5-96-etm@openssh.com
106| hmac-md5
107| hmac-sha1
108| umac-64@openssh.com
109| umac-128@openssh.com
110| hmac-sha2-256
111| hmac-sha2-512
112| hmac-ripemd160
113| hmac-ripemd160@openssh.com
114| hmac-sha1-96
115| hmac-md5-96
116| compression_algorithms: (2)
117| none
118|_ zlib@openssh.com
11925/tcp filtered smtp
12080/tcp open http
121| http-affiliate-id:
122| Google Adsense ID: pub-0078565546631069
123|_ Google Analytics ID: UA-11009417-1
124|_http-apache-negotiation: mod_negotiation enabled.
125| http-comments-displayer:
126| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=scanme.nmap.com
127|
128| Path: http://scanme.nmap.com:80/
129| Line number: 111
130| Comment:
131| <!-- End Sidebar Banner Code -->
132|
133| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
134| Line number: 66
135| Comment:
136| /* SecLists style */
137|
138| Path: http://scanme.nmap.com:80/
139| Line number: 99
140| Comment:
141| <!-- End SiteSearch Google -->
142|
143| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
144| Line number: 394
145| Comment:
146| /* For comment forms. */
147|
148| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
149| Line number: 48
150| Comment:
151| /* background-color: #FFFFFF; */
152|
153| Path: http://scanme.nmap.com:80/
154| Line number: 89
155| Comment:
156| <!-- SiteSearch Google -->
157|
158| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
159| Line number: 214
160| Comment:
161| /* SecTools style */
162|
163| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
164| Line number: 172
165| Comment:
166| /* Style for the left navigation sidebar. */
167|
168| Path: http://scanme.nmap.com:80/
169| Line number: 32
170| Comment:
171| <!--End Google Custom Site Search boilerplate Javascript-->
172|
173| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
174| Line number: 165
175| Comment:
176| /* Makes a purple box with big bold text */
177|
178| Path: http://scanme.nmap.com:80/
179| Line number: 51
180| Comment:
181| <!-- SECWIKI PORTAL INSERT -->
182|
183| Path: http://scanme.nmap.com:80/
184| Line number: 22
185| Comment:
186| <!--Google Custom Site Search boilerplate Javascript-->
187|
188| Path: http://scanme.nmap.com:80/
189| Line number: 20
190| Comment:
191| <!--END Google Analytics Code-->
192|
193| Path: http://scanme.nmap.com:80/
194| Line number: 42
195| Comment:
196| <!-- AdSpeed.com Serving Code 7.9.6 for [Zone] TopBanner [Any Dimension] -->
197|
198| Path: http://scanme.nmap.com:80/
199| Line number: 115
200| Comment:
201| <!-- Begin Bottom (Google) Sidebar Banner Code -->
202|
203| Path: http://scanme.nmap.com:80/
204| Line number: 101
205| Comment:
206| <!-- These can come back if I ever update them ...
207| <li><a href="http://insecure.org/links.html">Exceptional Links</a></li>
208| <li><a href="http://insecure.org/reading.html">Good Reading</a></li>
209| <li><a href="http://insecure.org/sploits.html">Exploit World</a></li>
210| -->
211|
212| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
213| Line number: 11
214| Comment:
215| /* Wikipedai uses 5a3696 for visited links, which is similar to the default. Since my
216| visited links are not underlined, I think I'll make them brighter to stand out more from
217| the text */
218|
219| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
220| Line number: 88
221| Comment:
222| /* Make the whole table call clickable. */
223|
224| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
225| Line number: 7
226| Comment:
227| /* A stylesheet for Insecure.Org pages generated by XSL translation of
228| DocBook XML to HTML */
229|
230| Path: http://scanme.nmap.com:80/
231| Line number: 109
232| Comment:
233| <!-- Begin Sidebar Banner Code -->
234|
235| Path: http://scanme.nmap.com:80/shared/css/insecdb.css
236| Line number: 1
237| Comment:
238| /*
239| "Insecure purple" colors
240| dark: #2a0d45;
241| pale: #f5f1f9;
242| */
243|
244| Path: http://scanme.nmap.com:80/
245| Line number: 41
246| Comment:
247| <!-- Begin TopBanner Code -->
248|
249| Path: http://scanme.nmap.com:80/
250| Line number: 44
251| Comment:
252| <!-- AdSpeed.com End -->
253|
254| Path: http://scanme.nmap.com:80/
255| Line number: 162
256| Comment:
257| <!-- PageBottom728x90 -->
258|
259| Path: http://scanme.nmap.com:80/
260| Line number: 170
261| Comment:
262| <!-- End Bottom Banner -->
263|
264| Path: http://scanme.nmap.com:80/
265| Line number: 159
266| Comment:
267| <!-- Bottom Banner -->
268|
269| Path: http://scanme.nmap.com:80/
270| Line number: 125
271| Comment:
272| <!-- End Bottom (Google) Sidebar Banner Code -->
273|
274| Path: http://scanme.nmap.com:80/
275| Line number: 117
276| Comment:
277| <!-- SidebarSkyScraper -->
278|
279| Path: http://scanme.nmap.com:80/
280| Line number: 160
281| Comment:
282| <!-- Adsense -->
283|
284| Path: http://scanme.nmap.com:80/
285| Line number: 45
286| Comment:
287| <!-- End Banner Code -->
288|
289| Path: http://scanme.nmap.com:80/
290| Line number: 9
291| Comment:
292|_ <!--Google Analytics Code-->
293|_http-date: Mon, 18 Nov 2019 00:01:44 GMT; -1s from local time.
294|_http-favicon: Unknown favicon MD5: 156515DA3C0F7DC6B2493BD5CE43F795
295|_http-fetch: Please enter the complete path of the directory to save data in.
296| http-headers:
297| Date: Mon, 18 Nov 2019 00:01:44 GMT
298| Server: Apache/2.4.7 (Ubuntu)
299| Accept-Ranges: bytes
300| Vary: Accept-Encoding
301| Connection: close
302| Content-Type: text/html
303|
304|_ (Request type: HEAD)
305|_http-malware-host: Host appears to be clean
306| http-methods:
307|_ Supported Methods: GET HEAD POST OPTIONS
308|_http-mobileversion-checker: No mobile version detected.
309| http-referer-checker:
310| Spidering limited to: maxpagecount=30
311|_ http://pagead2.googlesyndication.com:80/pagead/js/adsbygoogle.js
312|_http-security-headers:
313|_http-server-header: Apache/2.4.7 (Ubuntu)
314| http-slowloris-check:
315| VULNERABLE:
316| Slowloris DOS attack
317| State: LIKELY VULNERABLE
318| IDs: CVE:CVE-2007-6750
319| Slowloris tries to keep many connections to the target web server open and hold
320| them open as long as possible. It accomplishes this by opening connections to
321| the target web server and sending a partial request. By doing so, it starves
322| the http server's resources causing Denial Of Service.
323|
324| Disclosure date: 2009-09-17
325| References:
326| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
327|_ http://ha.ckers.org/slowloris/
328|_http-title: Go ahead and ScanMe!
329| http-traceroute:
330|_ Possible reverse proxy detected.
331| http-useragent-tester:
332| Status for browser useragent: 200
333| Allowed User Agents:
334| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
335| libwww
336| lwp-trivial
337| libcurl-agent/1.0
338| PHP/
339| Python-urllib/2.5
340| GT::WWW
341| Snoopy
342| MFC_Tear_Sample
343| HTTP::Lite
344| PHPCrawl
345| URI::Fetch
346| Zend_Http_Client
347| http client
348| PECL::HTTP
349| Wget/1.13.4 (linux-gnu)
350|_ WWW-Mechanize/1.34
351|_http-xssed: No previously reported XSS vuln.
352135/tcp filtered msrpc
353139/tcp filtered netbios-ssn
354445/tcp filtered microsoft-ds
3551434/tcp filtered ms-sql-m
3569929/tcp open nping-echo
357| banner: \x01\x01\x00\x18f5G\x9C]\xD1\xDF]\x00\x00\x00\x00\xA1\x83M}\xFE
358|_\xC5\x83}\x7F\xAD\xB4\x8Bn6,$j\xE2\xB5\xEF\xC1i\x1A\xE9\x86\x91\xB1....
35931337/tcp open Elite
360
361Host script results:
362|_asn-query: No Answers
363|_clock-skew: -1s
364| fcrdns:
365| scanme.nmap.org:
366| status: pass
367| addresses:
368|_ 45.33.32.156
369|_hostmap-robtex: ERROR: Script execution failed (use -d to debug)
370| ip-geolocation-geoplugin:
371|_45.33.32.156 (scanme.nmap.com)
372|_ipidseq: ERROR: Script execution failed (use -d to debug)
373|_path-mtu: ERROR: Script execution failed (use -d to debug)
374|_qscan: ERROR: Script execution failed (use -d to debug)
375| resolveall:
376| Host 'scanme.nmap.com' also resolves to:
377| Use the 'newtargets' script-arg to add the results as targets
378|_ Use the --resolve-all option to scan all resolved addresses without using this script.
379|_tor-consensus-checker: ERROR: Script execution failed (use -d to debug)
380| unusual-port:
381|_ WARNING: this script depends on Nmap's service/version detection (-sV)
382| whois-domain:
383|
384| Domain name record found at whois.verisign-grs.com
385| No match for "SCANME.NMAP.COM".\x0D
386| >>> Last update of whois database: 2019-11-18T00:01:15Z <<<\x0D
387| \x0D
388| NOTICE: The expiration date displayed in this record is the date the\x0D
389| registrar's sponsorship of the domain name registration in the registry is\x0D
390| currently set to expire. This date does not necessarily reflect the expiration\x0D
391| date of the domain name registrant's agreement with the sponsoring\x0D
392| registrar. Users may consult the sponsoring registrar's Whois database to\x0D
393| view the registrar's reported date of expiration for this registration.\x0D
394| \x0D
395| TERMS OF USE: You are not authorized to access or query our Whois\x0D
396| database through the use of electronic processes that are high-volume and\x0D
397| automated except as reasonably necessary to register domain names or\x0D
398| modify existing registrations; the Data in VeriSign Global Registry\x0D
399| Services' ("VeriSign") Whois database is provided by VeriSign for\x0D
400| information purposes only, and to assist persons in obtaining information\x0D
401| about or related to a domain name registration record. VeriSign does not\x0D
402| guarantee its accuracy. By submitting a Whois query, you agree to abide\x0D
403| by the following terms of use: You agree that you may use this Data only\x0D
404| for lawful purposes and that under no circumstances will you use this Data\x0D
405| to: (1) allow, enable, or otherwise support the transmission of mass\x0D
406| unsolicited, commercial advertising or solicitations via e-mail, telephone,\x0D
407| or facsimile; or (2) enable high volume, automated, electronic processes\x0D
408| that apply to VeriSign (or its computer systems). The compilation,\x0D
409| repackaging, dissemination or other use of this Data is expressly\x0D
410| prohibited without the prior written consent of VeriSign. You agree not to\x0D
411| use electronic processes that are automated and high-volume to access or\x0D
412| query the Whois database except as reasonably necessary to register\x0D
413| domain names or modify existing registrations. VeriSign reserves the right\x0D
414| to restrict your access to the Whois database in its sole discretion to ensure\x0D
415| operational stability. VeriSign may restrict or terminate your access to the\x0D
416| Whois database for failure to abide by these terms of use. VeriSign\x0D
417| reserves the right to modify these terms at any time.\x0D
418| \x0D
419| The Registry database contains ONLY .COM, .NET, .EDU domains and\x0D
420|_Registrars.\x0D
421| whois-ip: Record found at whois.arin.net
422| netrange: 45.33.0.0 - 45.33.127.255
423| netname: LINODE-US
424| orgname: Linode
425| orgid: LINOD
426| country: US stateprov: PA
427| orgtechname: Linode Network Operations
428|_orgtechemail: support@linode.com
429
430Nmap scan report for wianettelecom.com.br (177.220.243.170)
431Host is up (0.057s latency).
432Not shown: 988 closed ports
433PORT STATE SERVICE
43421/tcp open ftp
435|_banner: 220 WIANET FTP server (MikroTik 6.44.3) ready
436| ftp-syst:
437|_ SYST: UNIX MikroTik 6.44.3
43825/tcp filtered smtp
43980/tcp open http
440| http-auth-finder:
441| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=wianettelecom.com.br
442| url method
443| http://wianettelecom.com.br:80/ FORM
444| http://wianettelecom.com.br:80/index.php FORM
445| http://wianettelecom.com.br:80/planos.php FORM
446| http://wianettelecom.com.br:80/cobertura.php FORM
447| http://wianettelecom.com.br:80/tecnologia.php FORM
448| http://wianettelecom.com.br:80/noticia.php?id=2 FORM
449| http://wianettelecom.com.br:80/noticia.php?id=4 FORM
450| http://wianettelecom.com.br:80/faq.php FORM
451|_ http://wianettelecom.com.br:80/noticia.php?id=1 FORM
452| http-comments-displayer:
453| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=wianettelecom.com.br
454|
455| Path: http://wianettelecom.com.br:80/scripts/jquery.js
456| Line number: 8350
457| Comment:
458|
459| // Default jsonp settings
460|
461| Path: http://wianettelecom.com.br:80/scripts/jquery.js
462| Line number: 578
463| Comment:
464| // IE
465|
466| Path: http://wianettelecom.com.br:80/scripts/jquery.js
467| Line number: 5787
468| Comment:
469|
470| // Implement the identical functionality for filter and not
471|
472| Path: http://wianettelecom.com.br:80/scripts/jquery.js
473| Line number: 2537
474| Comment:
475|
476| // fix oldIE value attroperty
477|
478| Path: http://wianettelecom.com.br:80/estilos/estilo.css
479| Line number: 225
480| Comment:
481| /* ======== LINKS ========= */
482|
483| Path: http://wianettelecom.com.br:80/scripts/jquery.js
484| Line number: 3865
485| Comment:
486| /**
487| * Mark a function for special use by Sizzle
488| * @param {Function} fn The function to mark
489| */
490|
491| Path: http://wianettelecom.com.br:80/scripts/jquery.js
492| Line number: 9577
493| Comment:
494|
495| // })();
496|
497| Path: http://wianettelecom.com.br:80/scripts/jquery.js
498| Line number: 9354
499| Comment:
500|
501| // Back Compat <1.8 extension point
502|
503| Path: http://wianettelecom.com.br:80/scripts/jquery.js
504| Line number: 9250
505| Comment:
506|
507| // Generate shortcuts for custom animations
508|
509| Path: http://wianettelecom.com.br:80/estilos/jgrowl.css
510| Line number: 114
511| Comment:
512| /** Hide jGrowl when printing **/
513|
514| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
515| Line number: 1
516| Comment:
517|
518|
519| */
520|
521| Path: http://wianettelecom.com.br:80/scripts/jquery.js
522| Line number: 8177
523| Comment:
524|
525| // Chain conversions given the request and the original response
526|
527| Path: http://wianettelecom.com.br:80/scripts/jquery.js
528| Line number: 7138
529| Comment:
530|
531| // Called ONLY from within css_defaultDisplay
532|
533| Path: http://wianettelecom.com.br:80/scripts/jquery.js
534| Line number: 7522
535| Comment:
536|
537| // A special extend for ajax options
538|
539| Path: http://wianettelecom.com.br:80/speedtest/
540| Line number: 86
541| Comment:
542|
543|
544| Path: http://wianettelecom.com.br:80/scripts/jquery.js
545| Line number: 7641
546| Comment:
547| /*
548| timeout: 0,
549| data: null,
550| dataType: null,
551| username: null,
552| password: null,
553| cache: null,
554| throws: false,
555| traditional: false,
556| headers: {},
557| */
558|
559| Path: http://wianettelecom.com.br:80/scripts/jquery.js
560| Line number: 4478
561| Comment:
562|
563| // Returns a function to use in pseudos for buttons
564|
565| Path: http://wianettelecom.com.br:80/scripts/jquery.js
566| Line number: 4012
567| Comment:
568| /**
569| * Sets document-related variables once based on the current document
570| * @param {Element|Object} [doc] An element or document object to use to set the document
571| * @returns {Object} Returns the current document
572| */
573|
574| Path: http://wianettelecom.com.br:80/scripts/jquery.js
575| Line number: 3545
576| Comment:
577|
578| // Create "bubbling" focus and blur events
579|
580| Path: http://wianettelecom.com.br:80/scripts/jquery.js
581| Line number: 3365
582| Comment:
583|
584| // jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding
585|
586| Path: http://wianettelecom.com.br:80/scripts/jquery.js
587| Line number: 7106
588| Comment:
589|
590| // Try to determine the default display value of an element
591|
592| Path: http://wianettelecom.com.br:80/scripts/jquery.js
593| Line number: 968
594| Comment:
595|
596| // All jQuery objects should point back to these
597|
598| Path: http://wianettelecom.com.br:80/scripts/jquery.js
599| Line number: 3845
600| Comment:
601| /**
602| * Create key-value caches of limited size
603| * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
604| * property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
605| * deleting the oldest entry
606| */
607|
608| Path: http://wianettelecom.com.br:80/scripts/jquery.js
609| Line number: 4486
610| Comment:
611|
612| // Returns a function to use in pseudos for positionals
613|
614| Path: http://wianettelecom.com.br:80/scripts/jquery.js
615| Line number: 9499
616| Comment:
617|
618| // Create scrollLeft and scrollTop methods
619|
620| Path: http://wianettelecom.com.br:80/scripts/jquery.js
621| Line number: 5531
622| Comment:
623|
624| // Initialize with the default document
625|
626| Path: http://wianettelecom.com.br:80/scripts/jquery.js
627| Line number: 4470
628| Comment:
629|
630| // Returns a function to use in pseudos for input types
631|
632| Path: http://wianettelecom.com.br:80/scripts/jquery.js
633| Line number: 575
634| Comment:
635| // Standard
636|
637| Path: http://wianettelecom.com.br:80/scripts/jquery.js
638| Line number: 2494
639| Comment:
640|
641| // Hook for boolean attributes
642|
643| Path: http://wianettelecom.com.br:80/scripts/jquery.js
644| Line number: 9533
645| Comment:
646|
647| // Create innerHeight, innerWidth, height, width, outerHeight and outerWidth methods
648|
649| Path: http://wianettelecom.com.br:80/scripts/jquery.js
650| Line number: 9588
651| Comment:
652|
653| // compatibilidade com versoes anteriores
654|
655| Path: http://wianettelecom.com.br:80/scripts/jquery.js
656| Line number: 7497
657| Comment:
658|
659| // Base inspection function for prefilters and transports
660|
661| Path: http://wianettelecom.com.br:80/scripts/jquery.js
662| Line number: 9229
663| Comment:
664|
665| // Generate parameters to create a standard animation
666|
667| Path: http://wianettelecom.com.br:80/scripts/jquery.js
668| Line number: 2710
669| Comment:
670| /*
671| * Helper functions for managing events -- not part of the public interface.
672| * Props to Dean Edwards' addEvent library for many of the ideas.
673| */
674|
675| Path: http://wianettelecom.com.br:80/scripts/jquery.js
676| Line number: 2561
677| Comment:
678|
679| // IE6/7 do not support getting/setting some attributes with get/setAttribute
680|
681| Path: http://wianettelecom.com.br:80/scripts/jquery.js
682| Line number: 8683
683| Comment:
684|
685| // Animations created synchronously will run synchronously
686|
687| Path: http://wianettelecom.com.br:80/scripts/jquery.js
688| Line number: 3439
689| Comment:
690|
691| // IE submit delegation
692|
693| Path: http://wianettelecom.com.br:80/scripts/jquery.js
694| Line number: 8471
695| Comment:
696|
697| // Create transport if the browser can provide an xhr
698|
699| Path: http://wianettelecom.com.br:80/scripts/jquery.js
700| Line number: 3486
701| Comment:
702|
703| // IE change delegation and checkbox/radio fix
704|
705| Path: http://wianettelecom.com.br:80/scripts/jquery.js
706| Line number: 2615
707| Comment:
708|
709| // Some attributes require a special call on IE
710|
711| Path: http://wianettelecom.com.br:80/scripts/jquery.js
712| Line number: 7465
713| Comment:
714|
715| // Base "constructor" for jQuery.ajaxPrefilter and jQuery.ajaxTransport
716|
717| Path: http://wianettelecom.com.br:80/scripts/jquery.js
718| Line number: 4573
719| Comment:
720| /* matches from matchExpr["CHILD"]
721| 1 type (only|nth|...)
722| 2 what (child|of-type)
723| 3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
724| 4 xn-component of xn+y argument ([+-]?\d*n|)
725| 5 sign of xn-component
726| 6 x of xn-component
727| 7 sign of y-component
728| 8 y of y-component
729| */
730|
731| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
732| Line number: 125
733| Comment:
734|
735|
736|
737| Path: http://wianettelecom.com.br:80/scripts/jquery.js
738| Line number: 1184
739| Comment:
740| /* fnDone, fnFail, fnProgress */
741|
742| Path: http://wianettelecom.com.br:80/scripts/jquery.js
743| Line number: 8360
744| Comment:
745|
746| // Detect, normalize options and install callbacks for jsonp requests
747|
748| Path: http://wianettelecom.com.br:80/scripts/jquery.js
749| Line number: 8288
750| Comment:
751|
752| // Bind script tag hack transport
753|
754| Path: http://wianettelecom.com.br:80/scripts/jquery.js
755| Line number: 8277
756| Comment:
757|
758| // Handle cache's special case and global
759|
760| Path: http://wianettelecom.com.br:80/scripts/jquery.js
761| Line number: 3837
762| Comment:
763| /**
764| * For feature detection
765| * @param {Function} fn The function to test for native support
766| */
767|
768| Path: http://wianettelecom.com.br:80/scripts/jquery.js
769| Line number: 8261
770| Comment:
771|
772| // Install script dataType
773|
774| Path: http://wianettelecom.com.br:80/scripts/jquery.js
775| Line number: 3687
776| Comment:
777| /*!
778| * Sizzle CSS Selector Engine
779| * Copyright 2012 jQuery Foundation and other contributors
780| * Released under the MIT license
781| * http://sizzlejs.com/
782| */
783|
784| Path: http://wianettelecom.com.br:80/scripts/jquery.js
785| Line number: 973
786| Comment:
787|
788| // Convert String-formatted options into Object-formatted ones and store in cache
789|
790| Path: http://wianettelecom.com.br:80/scripts/jquery.js
791| Line number: 7727
792| Comment:
793| // Cross-domain detection vars
794|
795| Path: http://wianettelecom.com.br:80/scripts/jquery.js
796| Line number: 7598
797| Comment:
798|
799| // Attach a bunch of functions for handling common AJAX events
800|
801| Path: http://wianettelecom.com.br:80/scripts/jquery.js
802| Line number: 7524
803| Comment:
804|
805| // Fixes #9887
806|
807| Path: http://wianettelecom.com.br:80/scripts/jquery.js
808| Line number: 9087
809| Comment:
810|
811| // Remove in 2.0 - this supports IE8's panic based approach
812|
813| Path: http://wianettelecom.com.br:80/scripts/jquery.js
814| Line number: 3874
815| Comment:
816| /**
817| * Support testing using an element
818| * @param {Function} fn Passed the created div and expects a boolean result
819| */
820|
821| Path: http://wianettelecom.com.br:80/scripts/jquery.js
822| Line number: 8451
823| Comment:
824|
825| // Create the request object
826|
827| Path: http://wianettelecom.com.br:80/scripts/jquery.js
828| Line number: 7462
829| Comment:
830|
831| // Segment location into parts
832|
833| Path: http://wianettelecom.com.br:80/scripts/jquery.js
834| Line number: 1551
835| Comment:
836| /* Internal Use Only */
837|
838| Path: http://wianettelecom.com.br:80/scripts/jquery.js
839| Line number: 8454
840| Comment:
841| /* Microsoft failed to properly
842| * implement the XMLHttpRequest in IE7 (can't request local files),
843| * so we use the ActiveXObject when it is available
844| * Additionally XMLHttpRequest can be disabled in IE7/IE8 so
845| * we need a fallback.
846| */
847|
848| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
849| Line number: 6
850| Comment:
851|
852|
853|
854| Path: http://wianettelecom.com.br:80/scripts/jquery.js
855| Line number: 982
856| Comment:
857| /*
858| * Create a callback list using the following parameters:
859| *
860| * options: an optional list of space-separated options that will change how
861| * the callback list behaves or a more traditional option object
862| *
863| * By default a callback list will act like an event callback list and can be
864| * "fired" multiple times.
865| *
866| * Possible options:
867| *
868| * once: will ensure the callback list can only be fired once (like a Deferred)
869| *
870| * memory: will keep track of previous values and will call any callback added
871| * after the list has been fired right away with the latest "memorized"
872| * values (like a Deferred)
873| *
874| * unique: will ensure a callback can only be added once (no duplicate in the list)
875| *
876| * stopOnFalse: interrupt callings when a callback returns false
877| *
878| */
879|
880| Path: http://wianettelecom.com.br:80/estilos/estilo.css
881| Line number: 283
882| Comment:
883| /*==========LINKS NOT\xCDCIAS ==========*/
884|
885| Path: http://wianettelecom.com.br:80/scripts/jquery.js
886| Line number: 16
887| Comment:
888|
889| // Can't do this because several apps including ASP.NET trace
890|
891| Path: http://wianettelecom.com.br:80/scripts/jquery.js
892| Line number: 7419
893| Comment:
894| // IE leaves an \r character at EOL
895|
896| Path: http://wianettelecom.com.br:80/scripts/jquery.js
897| Line number: 6564
898| Comment:
899| /* internal */
900|
901| Path: http://wianettelecom.com.br:80/scripts/jquery.js
902| Line number: 7333
903| Comment:
904|
905| //Serialize an array of form elements or a set of
906|
907| Path: http://wianettelecom.com.br:80/scripts/jquery.js
908| Line number: 7269
909| Comment:
910|
911| // These hooks are used by animate to expand properties
912|
913| Path: http://wianettelecom.com.br:80/scripts/jquery.js
914| Line number: 946
915| Comment:
916|
917| // Populate the class2type map
918|
919| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
920| Line number: 173
921| Comment:
922|
923|
924|
925| Path: http://wianettelecom.com.br:80/scripts/jquery.js
926| Line number: 7219
927| Comment:
928|
929| // These hooks cannot be added until DOM ready because the support test
930|
931| Path: http://wianettelecom.com.br:80/scripts/jquery.js
932| Line number: 4505
933| Comment:
934| /**
935| * Utility function for retrieving the text value of an array of DOM nodes
936| * @param {Array|Element} elem
937| */
938|
939| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
940| Line number: 157
941| Comment:
942|
943|
944|
945| Path: http://wianettelecom.com.br:80/estilos/estilo.css
946| Line number: 92
947| Comment:
948| /* menu principal */
949|
950| Path: http://wianettelecom.com.br:80/scripts/jquery.js
951| Line number: 6922
952| Comment:
953|
954| // NOTE: we've included the "window" in window.getComputedStyle
955|
956| Path: http://wianettelecom.com.br:80/scripts/jquery.js
957| Line number: 7429
958| Comment:
959| /* Prefilters
960| * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example)
961| * 2) These are called:
962| * - BEFORE asking for a transport
963| * - AFTER param serialization (s.data is a string if s.processData is true)
964| * 3) key is the dataType
965| * 4) the catchall symbol "*" can be used
966| * 5) execution will start with transport dataType and THEN continue down to "*" if needed
967| */
968|
969| Path: http://wianettelecom.com.br:80/scripts/jquery.js
970| Line number: 6206
971| Comment:
972|
973| // Replace/restore the type attribute of script elements for safe DOM manipulation
974|
975| Path: http://wianettelecom.com.br:80/scripts/jquery.js
976| Line number: 6374
977| Comment:
978|
979| // Used in buildFragment, fixes the defaultChecked property
980|
981| Path: http://wianettelecom.com.br:80/scripts/jquery.js
982| Line number: 5523
983| Comment:
984|
985| // Deprecated
986|
987| Path: http://wianettelecom.com.br:80/scripts/jquery.js
988| Line number: 6222
989| Comment:
990|
991| // Mark scripts as having already been evaluated
992|
993| Path: http://wianettelecom.com.br:80/scripts/jquery.js
994| Line number: 4001
995| Comment:
996| /**
997| * Detect xml
998| * @param {Element|Object} elem An element or a document
999| */
1000|
1001| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1002| Line number: 7440
1003| Comment:
1004| /* Transports bindings
1005| * 1) key is the dataType
1006| * 2) the catchall symbol "*" can be used
1007| * 3) selection will start with transport dataType and THEN go to "*" if needed
1008| */
1009|
1010| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1011| Line number: 5526
1012| Comment:
1013|
1014| // Easy API for creating new setFilters
1015|
1016| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1017| Line number: 6639
1018| Comment:
1019|
1020| // return a css property mapped to a potentially vendor prefixed property
1021|
1022| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1023| Line number: 60
1024| Comment:
1025|
1026|
1027|
1028| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1029| Line number: 2671
1030| Comment:
1031|
1032| // IE6/7 call enctype encoding
1033|
1034| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1035| Line number: 5006
1036| Comment:
1037|
1038| // Add button/input type pseudos
1039|
1040| Path: http://wianettelecom.com.br:80/central/login.php?acao=senha
1041| Line number: 70
1042| Comment:
1043|
1044|
1045|
1046| Path: http://wianettelecom.com.br:80/central/login.php?acao=senha
1047| Line number: 75
1048| Comment:
1049|
1050|
1051|
1052| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1053| Line number: 315
1054| Comment:
1055|
1056| // Give the init function the jQuery prototype for later instantiation
1057|
1058| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1059| Line number: 9574
1060| Comment:
1061|
1062| // Limit scope pollution from any deprecated API
1063|
1064| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1065| Line number: 4424
1066| Comment:
1067|
1068| // Document sorting and removing duplicates
1069|
1070| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1071| Line number: 89
1072| Comment:
1073|
1074|
1075|
1076| Path: http://wianettelecom.com.br:80/index.php
1077| Line number: 247
1078| Comment:
1079|
1080|
1081| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1082| Line number: 1038
1083| Comment:
1084| // To prevent further calls using add
1085|
1086| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1087| Line number: 8112
1088| Comment:
1089| /* Handles responses to an ajax request:
1090| * - sets all responseXXX fields accordingly
1091| * - finds the right dataType (mediates between content-type and expected dataType)
1092| * - returns the corresponding response
1093| */
1094|
1095| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1096| Line number: 18
1097| Comment:
1098|
1099| // you try to trace through "use strict" call chains. (#13335)
1100|
1101| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1102| Line number: 151
1103| Comment:
1104|
1105|
1106|
1107| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1108| Line number: 8466
1109| Comment:
1110|
1111| // Determine support properties
1112|
1113| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1114| Line number: 3412
1115| Comment:
1116|
1117| // Create mouseenter/leave events using mouseover/out and event-time checks
1118|
1119| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1120| Line number: 2676
1121| Comment:
1122|
1123| // Radios and checkboxes getter/setter
1124|
1125| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1126| Line number: 1872
1127| Comment:
1128|
1129| // checks a cache object for emptiness
1130|
1131| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1132| Line number: 3823
1133| Comment:
1134|
1135| // Use a stripped-down slice if we can't use a native one
1136|
1137| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1138| Line number: 970
1139| Comment:
1140|
1141| // String to Object options format cache
1142|
1143| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1144| Line number: 5534
1145| Comment:
1146|
1147| // Override sizzle attribute retrieval
1148|
1149| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1150| Line number: 69
1151| Comment:
1152|
1153|
1154|
1155| Path: http://wianettelecom.com.br:80/scripts/AC_RunActiveContent.js
1156| Line number: 2
1157| Comment:
1158|
1159|
1160|
1161| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1162| Line number: 80
1163| Comment:
1164|
1165|
1166|
1167| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1168| Line number: 7450
1169| Comment:
1170|
1171| // #8138, IE may throw an exception when accessing
1172|
1173| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1174| Line number: 104
1175| Comment:
1176|
1177|
1178|
1179| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1180| Line number: 2651
1181| Comment:
1182|
1183| // Safari mis-reports the default selected property of an option
1184|
1185| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1186| Line number: 3572
1187| Comment:
1188| /*INTERNAL*/
1189|
1190| Path: http://wianettelecom.com.br:80/scripts/hotsite.js
1191| Line number: 18
1192| Comment:
1193|
1194|
1195|
1196| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1197| Line number: 1
1198| Comment:
1199| /*!
1200| * jQuery JavaScript Library v1.9.1
1201| * http://jquery.com/
1202| *
1203| * Includes Sizzle.js
1204| * http://sizzlejs.com/
1205| *
1206| * Copyright 2005, 2012 jQuery Foundation, Inc. and other contributors
1207| * Released under the MIT license
1208| * http://jquery.org/license
1209| *
1210| * Date: 2013-2-4
1211| */
1212|
1213| Path: http://wianettelecom.com.br:80/estilos/estilo.css
1214| Line number: 245
1215| Comment:
1216| /*==========LINKS 2 ==========*/
1217|
1218| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1219| Line number: 1012
1220| Comment:
1221| // Flag to know if list is currently firing
1222|
1223| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1224| Line number: 1256
1225| Comment:
1226| /* , ..., subordinateN */
1227|
1228| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1229| Line number: 20
1230| Comment:
1231|
1232| //"use strict";
1233|
1234| Path: http://wianettelecom.com.br:80/estilos/estilo.css
1235| Line number: 264
1236| Comment:
1237| /*==========LINKS 3 ==========*/
1238|
1239| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1240| Line number: 8438
1241| Comment:
1242|
1243| // Functions to create xhrs
1244|
1245| Path: http://wianettelecom.com.br:80/scripts/jquery.js
1246| Line number: 8878
1247| Comment:
1248|_ /*jshint validthis:true */
1249|_http-date: Sun, 17 Nov 2019 23:49:17 GMT; -12m43s from local time.
1250|_http-favicon: Unknown favicon MD5: 94FD5BF7610329EE439D4A416050B1CC
1251|_http-fetch: Please enter the complete path of the directory to save data in.
1252| http-grep:
1253| (1) http://wianettelecom.com.br:80/:
1254| (1) email:
1255| + admin@wiatelecom.com.br
1256| (1) http://wianettelecom.com.br:80/secure.php:
1257| (1) ip:
1258| + 177.182.149.78
1259| (1) http://wianettelecom.com.br:80/noticia.php?id=1:
1260| (1) email:
1261|_ + angela@academica.jor.br
1262| http-headers:
1263| Date: Sun, 17 Nov 2019 23:49:16 GMT
1264| Server: Apache/2.4.10 (Debian)
1265| X-Powered-By: PHP/5.3.16
1266| MKAUTH: FILES
1267| Connection: close
1268| Content-Type: text/html
1269|
1270|_ (Request type: HEAD)
1271|_http-malware-host: Host appears to be clean
1272| http-methods:
1273|_ Supported Methods: GET HEAD POST OPTIONS
1274|_http-mobileversion-checker: No mobile version detected.
1275| http-php-version: Versions from logo query (less accurate): 5.3.0 - 5.3.29, 5.4.0 - 5.4.45
1276| Versions from credits query (more accurate): 5.3.9 - 5.3.29
1277|_Version from header x-powered-by: PHP/5.3.16
1278|_http-referer-checker: Couldn't find any cross-domain scripts.
1279|_http-security-headers:
1280| http-slowloris-check:
1281| VULNERABLE:
1282| Slowloris DOS attack
1283| State: LIKELY VULNERABLE
1284| IDs: CVE:CVE-2007-6750
1285| Slowloris tries to keep many connections to the target web server open and hold
1286| them open as long as possible. It accomplishes this by opening connections to
1287| the target web server and sending a partial request. By doing so, it starves
1288| the http server's resources causing Denial Of Service.
1289|
1290| Disclosure date: 2009-09-17
1291| References:
1292| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
1293|_ http://ha.ckers.org/slowloris/
1294|_http-title: Wianet Telecom
1295|_http-traceroute: ERROR: Script execution failed (use -d to debug)
1296| http-useragent-tester:
1297| Status for browser useragent: 200
1298| Allowed User Agents:
1299| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
1300| libwww
1301| lwp-trivial
1302| libcurl-agent/1.0
1303| PHP/
1304| Python-urllib/2.5
1305| GT::WWW
1306| Snoopy
1307| MFC_Tear_Sample
1308| HTTP::Lite
1309| PHPCrawl
1310| URI::Fetch
1311| Zend_Http_Client
1312| http client
1313| PECL::HTTP
1314| Wget/1.13.4 (linux-gnu)
1315|_ WWW-Mechanize/1.34
1316|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
1317|_http-xssed: No previously reported XSS vuln.
131881/tcp open hosts2-ns
1319135/tcp filtered msrpc
1320139/tcp filtered netbios-ssn
1321445/tcp filtered microsoft-ds
13221434/tcp filtered ms-sql-m
13232222/tcp open EtherNetIP-1
1324|_banner: SSH-2.0-OpenSSH_6.7p1 Debian-5
13255678/tcp filtered rrac
13268000/tcp open http-alt
1327|_http-date: Mon, 18 Nov 2019 00:01:33 GMT; 0s from local time.
1328|_http-favicon: Unknown favicon MD5: 9156327F1C6E88899F368121DDD549A4
1329|_http-fetch: Please enter the complete path of the directory to save data in.
1330| http-headers:
1331| Content-type: text/html; charset=UTF-8
1332| Connection: close
1333| Date: Mon, 18 Nov 2019 00:01:35 GMT
1334| Server: lighttpd/1.4.45
1335|
1336|_ (Request type: HEAD)
1337|_http-malware-host: false
1338| http-methods:
1339|_ Supported Methods: OPTIONS GET HEAD POST
1340|_http-open-proxy: Proxy might be redirecting requests
1341| http-slowloris-check:
1342| VULNERABLE:
1343| Slowloris DOS attack
1344| State: LIKELY VULNERABLE
1345| IDs: CVE:CVE-2007-6750
1346| Slowloris tries to keep many connections to the target web server open and hold
1347| them open as long as possible. It accomplishes this by opening connections to
1348| the target web server and sending a partial request. By doing so, it starves
1349| the http server's resources causing Denial Of Service.
1350|
1351| Disclosure date: 2009-09-17
1352| References:
1353| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
1354|_ http://ha.ckers.org/slowloris/
1355|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
1356|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
13578292/tcp filtered blp3
1358
1359Host script results:
1360|_asn-query: No Answers
1361|_clock-skew: mean: -6m21s, deviation: 8m59s, median: -12m43s
1362| fcrdns:
1363| wianettelecom.com.br:
1364| status: pass
1365| addresses:
1366|_ 177.220.243.170
1367|_hostmap-robtex: ERROR: Script execution failed (use -d to debug)
1368| ip-geolocation-geoplugin:
1369|_177.220.243.170
1370|_ipidseq: ERROR: Script execution failed (use -d to debug)
1371|_path-mtu: ERROR: Script execution failed (use -d to debug)
1372|_qscan: ERROR: Script execution failed (use -d to debug)
1373| unusual-port:
1374|_ WARNING: this script depends on Nmap's service/version detection (-sV)
1375|_whois-domain: You should provide a domain name.
1376| whois-ip: Record found at whois.lacnic.net
1377| inetnum: 177.220.224.0/19
1378| owner: Vogel Solu\xE7\xF5es em Telecom e Inform\xE1tica S/A
1379| ownerid: 02.639.055/0001-71
1380| responsible: Diretoria de Engenharia e Planejamento
1381| country: BR
1382| person: Engenharia Vogel Telecom
1383|_email: douglas.adolpho@vogeltelecom.com
1384
1385NSE: Script Post-scanning.
1386Initiating NSE at 21:10
1387Completed NSE at 21:10, 0.00s elapsed
1388Initiating NSE at 21:10
1389Completed NSE at 21:10, 0.00s elapsed
1390Post-scan script results:
1391|_ip-geolocation-map-bing: Need to specify an API key, get one at https://www.bingmapsportal.com/.
1392|_ip-geolocation-map-google: Need to specify an API key, get one at https://developers.google.com/maps/documentation/static-maps/.
1393|_ip-geolocation-map-kml: Need to specify a path for the map.
1394| reverse-index:
1395| 21/tcp: 177.220.243.170
1396| 22/tcp: 45.33.32.156
1397| 80/tcp: 45.33.32.156, 177.220.243.170
1398| 81/tcp: 177.220.243.170
1399| 2222/tcp: 177.220.243.170
1400| 8000/tcp: 177.220.243.170
1401| 9929/tcp: 45.33.32.156
1402|_ 31337/tcp: 45.33.32.156
1403
1404
1405PORT STATE SERVICE VERSION
140621/tcp open ftp MikroTik router ftpd 6.44.3
1407| ftp-syst:
1408|_ SYST: UNIX MikroTik 6.44.3
140925/tcp filtered smtp
141080/tcp open http Apache httpd 2.4.10 ((Debian))
1411|_http-favicon: Unknown favicon MD5: 94FD5BF7610329EE439D4A416050B1CC
1412| http-methods:
1413|_ Supported Methods: GET HEAD POST OPTIONS
1414|_http-server-header: Apache/2.4.10 (Debian)
1415|_http-title: Wianet Telecom
141681/tcp open http Apache httpd 2.4.25 ((Debian))
1417| http-methods:
1418|_ Supported Methods: POST OPTIONS HEAD GET
1419|_http-server-header: Apache/2.4.25 (Debian)
1420|_http-title: Apache2 Debian Default Page: It works
1421135/tcp filtered msrpc
1422139/tcp filtered netbios-ssn
1423445/tcp filtered microsoft-ds
14241434/tcp filtered ms-sql-m
14252222/tcp open ssh OpenSSH 6.7p1 Debian 5 (protocol 2.0)
1426| ssh-hostkey:
1427| 1024 50:97:d4:94:4c:e1:3a:4c:b2:ce:10:f3:9f:0a:b6:58 (DSA)
1428| 2048 36:fd:e4:ff:42:b1:a7:a5:92:15:71:88:8d:6f:22:4f (RSA)
1429| 256 a8:12:2c:b5:ce:96:45:e8:c2:b4:91:d9:e9:f4:f1:37 (ECDSA)
1430|_ 256 57:00:31:28:69:cf:62:8e:84:ff:d4:c5:ad:ef:e3:a3 (ED25519)
14315678/tcp filtered rrac
14328000/tcp open http lighttpd 1.4.45
1433|_http-favicon: Unknown favicon MD5: 9156327F1C6E88899F368121DDD549A4
1434| http-methods:
1435|_ Supported Methods: OPTIONS GET HEAD POST
1436|_http-open-proxy: Proxy might be redirecting requests
1437|_http-server-header: lighttpd/1.4.45
1438|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
14398292/tcp filtered blp3
1440
1441
1442Post-scan script results:
1443|_ip-geolocation-map-bing: Need to specify an API key, get one at https://www.bingmapsportal.com/.
1444|_ip-geolocation-map-google: Need to specify an API key, get one at https://developers.google.com/maps/documentation/static-maps/.
1445|_ip-geolocation-map-kml: Need to specify a path for the map.
1446| reverse-index:
1447| 21/tcp: 177.220.243.170
1448| 22/tcp: 45.33.32.156
1449| 80/tcp: 45.33.32.156, 177.220.243.170
1450| 81/tcp: 177.220.243.170
1451| 2222/tcp: 177.220.243.170
1452| 8000/tcp: 177.220.243.170
1453| 9929/tcp: 45.33.32.156
1454|_ 31337/tcp: 45.33.32.156
1455
1456Host script results:
1457|_asn-query: No Answers
1458|_clock-skew: mean: -6m21s, deviation: 8m59s, median: -12m43s
1459| fcrdns:
1460| wianettelecom.com.br:
1461| status: pass
1462| addresses:
1463|_ 177.220.243.170
1464|_hostmap-robtex: ERROR: Script execution failed (use -d to debug)
1465| ip-geolocation-geoplugin:
1466|_177.220.243.170
1467|_ipidseq: ERROR: Script execution failed (use -d to debug)
1468|_path-mtu: ERROR: Script execution failed (use -d to debug)
1469|_qscan: ERROR: Script execution failed (use -d to debug)
1470| unusual-port:
1471|_ WARNING: this script depends on Nmap's service/version detection (-sV)
1472|_whois-domain: You should provide a domain name.
1473| whois-ip: Record found at whois.lacnic.net
1474| inetnum: 177.220.224.0/19
1475| owner: Vogel Solu\xE7\xF5es em Telecom e Inform\xE1tica S/A
1476| ownerid: 02.639.055/0001-71
1477| responsible: Diretoria de Engenharia e Planejamento
1478| country: BR
1479| person: Engenharia Vogel Telecom
1480|_email: douglas.adolpho@vogeltelecom.com
1481
1482
1483TRACEROUTE (using port 443/tcp)
1484HOP RTT ADDRESS
14851 4.00 ms 192.168.0.1
14862 18.00 ms 10.48.128.1
14873 ...
14884 ...
14895 38.00 ms ebt-H1-2-0-2-tcore01.rjo.embratel.net.br (200.244.24.15)
14906 38.00 ms ebt-B1311-tcore01.rjo.embratel.net.br (200.244.212.130)
14917 38.00 ms ebt-B2102-tcore01.spomb.embratel.net.br (200.230.243.44)
14928 ...
14939 28.00 ms ebt-H0-6-0-0-agg01.spomb.embratel.net.br (200.230.243.38)
149410 44.00 ms 200-152-248.57.static.stech.net.br (200.152.248.57)
149511 50.00 ms 200-152-254.254.static.stech.net.br (200.152.254.254)
149612 44.00 ms 200-152-248.57.static.stech.net.br (200.152.248.57)
149713 52.00 ms wianettelecom.com.br (177.220.243.170)