Lulz4Life

NL DATACENTER range data infos

Full Zenmap Scan Data Lookup

Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-24 16:12 W. Europe Daylight Time NSE: Loaded 148 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 16:12 Completed NSE at 16:12, 0.06s elapsed Initiating NSE at 16:12 Completed NSE at 16:12, 0.00s elapsed Initiating Ping Scan at 16:12 Scanning 3840 hosts [4 ports/host] Ping Scan Timing: About 58.10% done; ETC: 16:13 (0:00:30 remaining) Completed Ping Scan at 16:14, 142.83s elapsed (3840 total hosts) Initiating Parallel DNS resolution of 3840 hosts. at 16:14 Completed Parallel DNS resolution of 3840 hosts. at 16:15, 12.10s elapsed Nmap scan report for 217.23.0.0 [host down] Nmap scan report for 217.23.0.6 [host down] Nmap scan report for 217.23.0.7 [host down] Nmap scan report for 217.23.0.9 [host down] Nmap scan report for 217.23.0.14 [host down] Nmap scan report for 217.23.0.15 [host down] Nmap scan report for 217.23.0.16 [host down] Nmap scan report for 217.23.0.17 [host down] Nmap scan report for 217.23.0.18 [host down] Nmap scan report for 217.23.0.19 [host down] Nmap scan report for 217.23.0.23 [host down] Nmap scan report for 217.23.0.24 [host down] Nmap scan report for 217.23.0.25 [host down] Nmap scan report for 217.23.0.26 [host down] Nmap scan report for 217.23.0.27 [host down] Nmap scan report for 217.23.0.28 [host down] Nmap scan report for 217.23.0.29 [host down] Nmap scan report for 217.23.0.34 [host down] Nmap scan report for 217.23.0.35 [host down] Nmap scan report for 217.23.0.36 [host down] Nmap scan report for 217.23.0.37 [host down] Nmap scan report for 217.23.0.38 [host down] Nmap scan report for 217.23.0.40 [host down] Nmap scan report for 217.23.0.41 [host down] Nmap scan report for 217.23.0.42 [host down] Nmap scan report for 217.23.0.43 [host down] Nmap scan report for 217.23.0.44 [host down] Nmap scan report for 217.23.0.45 [host down] Nmap scan report for 217.23.0.46 [host down] Nmap scan report for 217.23.0.47 [host down] Nmap scan report for 217.23.0.48 [host down] Nmap scan report for 217.23.0.49 [host down] Nmap scan report for 217.23.0.50 [host down] Nmap scan report for 217.23.0.51 [host down] Nmap scan report for 217.23.0.52 [host down] Nmap scan report for 217.23.0.53 [host down] Nmap scan report for 217.23.0.54 [host down] Nmap scan report for 217.23.0.55 [host down] Nmap scan report for 217.23.0.56 [host down] Nmap scan report for 217.23.0.57 [host down] Nmap scan report for 217.23.0.58 [host down] Nmap scan report for 217.23.0.59 [host down] Nmap scan report for 217.23.0.69 [host down] Nmap scan report for 217.23.0.70 [host down] Nmap scan report for 217.23.0.72 [host down] Nmap scan report for 217.23.0.73 [host down] Nmap scan report for 217.23.0.74 [host down] Nmap scan report for 217.23.0.75 [host down] Nmap scan report for 217.23.0.76 [host down] Nmap scan report for 217.23.0.77 [host down] Nmap scan report for 217.23.0.78 [host down] Nmap scan report for 217.23.0.79 [host down] Nmap scan report for 217.23.0.80 [host down] Nmap scan report for 217.23.0.81 [host down] Nmap scan report for 217.23.0.82 [host down] Nmap scan report for 217.23.0.83 [host down] Nmap scan report for 217.23.0.84 [host down] Nmap scan report for 217.23.0.85 [host down] Nmap scan report for 217.23.0.86 [host down] Nmap scan report for 217.23.0.87 [host down] Nmap scan report for 217.23.0.88 [host down] Nmap scan report for 217.23.0.89 [host down] Nmap scan report for 217.23.0.90 [host down] Nmap scan report for 217.23.0.91 [host down] Nmap scan report for 217.23.0.92 [host down] Nmap scan report for 217.23.0.93 [host down] Nmap scan report for 217.23.0.94 [host down] Nmap scan report for 217.23.0.95 [host down] Nmap scan report for 217.23.0.96 [host down] Nmap scan report for 217.23.0.97 [host down] Nmap scan report for 217.23.0.98 [host down] Nmap scan report for 217.23.0.99 [host down] Nmap scan report for 217.23.0.100 [host down] Nmap scan report for 217.23.0.101 [host down] Nmap scan report for 217.23.0.102 [host down] Nmap scan report for 217.23.0.103 [host down] Nmap scan report for 217.23.0.104 [host down] Nmap scan report for 217.23.0.105 [host down] Nmap scan report for 217.23.0.106 [host down] Nmap scan report for 217.23.0.107 [host down] Nmap scan report for 217.23.0.108 [host down] Nmap scan report for 217.23.0.109 [host down] Nmap scan report for 217.23.0.111 [host down] Nmap scan report for 217.23.0.112 [host down] Nmap scan report for 217.23.0.113 [host down] Nmap scan report for 217.23.0.114 [host down] Nmap scan report for 217.23.0.118 [host down] Nmap scan report for 217.23.0.119 [host down] Nmap scan report for 217.23.0.120 [host down] Nmap scan report for 217.23.0.122 [host down] Nmap scan report for 217.23.0.125 [host down] Nmap scan report for 217.23.0.127 [host down] Nmap scan report for 217.23.0.128 [host down] Nmap scan report for 217.23.0.133 [host down] Nmap scan report for 217.23.0.134 [host down] Nmap scan report for 217.23.0.135 [host down] Nmap scan report for 217.23.0.137 [host down] Nmap scan report for 217.23.0.138 [host down] Nmap scan report for 217.23.0.139 [host down] Nmap scan report for 217.23.0.140 [host down] Nmap scan report for 217.23.0.141 [host down] Nmap scan report for 217.23.0.144 [host down] Nmap scan report for 217.23.0.145 [host down] Nmap scan report for 217.23.0.146 [host down] Nmap scan report for 217.23.0.147 [host down] Nmap scan report for 217.23.0.148 [host down] Nmap scan report for 217.23.0.149 [host down] Nmap scan report for 217.23.0.150 [host down] Nmap scan report for 217.23.0.151 [host down] Nmap scan report for 217.23.0.152 [host down] Nmap scan report for 217.23.0.153 [host down] Nmap scan report for 217.23.0.154 [host down] Nmap scan report for 217.23.0.155 [host down] Nmap scan report for 217.23.0.157 [host down] Nmap scan report for 217.23.0.158 [host down] Nmap scan report for 217.23.0.159 [host down] Nmap scan report for 217.23.0.160 [host down] Nmap scan report for 217.23.0.161 [host down] Nmap scan report for 217.23.0.162 [host down] Nmap scan report for 217.23.0.163 [host down] Nmap scan report for 217.23.0.165 [host down] Nmap scan report for 217.23.0.166 [host down] Nmap scan report for 217.23.0.168 [host down] Nmap scan report for 217.23.0.169 [host down] Nmap scan report for 217.23.0.170 [host down] Nmap scan report for 217.23.0.171 [host down] Nmap scan report for 217.23.0.172 [host down] Nmap scan report for 217.23.0.173 [host down] Nmap scan report for 217.23.0.174 [host down] Nmap scan report for 217.23.0.175 [host down] Nmap scan report for 217.23.0.176 [host down] Nmap scan report for 217.23.0.177 [host down] Nmap scan report for 217.23.0.180 [host down] Nmap scan report for 217.23.0.183 [host down] Nmap scan report for 217.23.0.185 [host down] Nmap scan report for 217.23.0.186 [host down] Nmap scan report for 217.23.0.187 [host down] Nmap scan report for 217.23.0.188 [host down] Nmap scan report for 217.23.0.189 [host down] Nmap scan report for 217.23.0.190 [host down] Nmap scan report for 217.23.0.191 [host down] Nmap scan report for 217.23.0.192 [host down] Initiating SYN Stealth Scan at 16:15 Scanning 64 hosts [1000 ports/host] Discovered open port 5900/tcp on 217.23.0.20 Discovered open port 5900/tcp on 217.23.0.30 Discovered open port 443/tcp on 217.23.0.4 Discovered open port 443/tcp on 217.23.0.20 Discovered open port 443/tcp on 217.23.0.30 Discovered open port 443/tcp on 217.23.0.33 Discovered open port 22/tcp on 217.23.0.20 Discovered open port 22/tcp on 217.23.0.31 Discovered open port 22/tcp on 217.23.0.30 Discovered open port 22/tcp on 217.23.0.136 Discovered open port 22/tcp on 217.23.0.33 Discovered open port 22/tcp on 217.23.0.156 Discovered open port 443/tcp on 217.23.0.164 Discovered open port 22/tcp on 217.23.0.181 Discovered open port 443/tcp on 217.23.0.182 Discovered open port 443/tcp on 217.23.0.184 Discovered open port 22/tcp on 217.23.0.197 Discovered open port 22/tcp on 217.23.0.198 Discovered open port 22/tcp on 217.23.0.199 Discovered open port 22/tcp on 217.23.0.202 Discovered open port 22/tcp on 217.23.0.205 Discovered open port 22/tcp on 217.23.0.164 Discovered open port 22/tcp on 217.23.0.179 Discovered open port 22/tcp on 217.23.0.182 Discovered open port 22/tcp on 217.23.0.184 Discovered open port 22/tcp on 217.23.0.200 Discovered open port 22/tcp on 217.23.0.201 Discovered open port 22/tcp on 217.23.0.203 Discovered open port 22/tcp on 217.23.0.204 Discovered open port 22/tcp on 217.23.0.142 Discovered open port 22/tcp on 217.23.0.167 Discovered open port 22/tcp on 217.23.0.178 Discovered open port 22/tcp on 217.23.0.143 Discovered open port 80/tcp on 217.23.0.4 Discovered open port 80/tcp on 217.23.0.31 Discovered open port 80/tcp on 217.23.0.30 Discovered open port 80/tcp on 217.23.0.20 Discovered open port 80/tcp on 217.23.0.33 Discovered open port 80/tcp on 217.23.0.181 Discovered open port 80/tcp on 217.23.0.182 Discovered open port 80/tcp on 217.23.0.184 Discovered open port 80/tcp on 217.23.0.142 Discovered open port 80/tcp on 217.23.0.164 Discovered open port 80/tcp on 217.23.0.179 Discovered open port 80/tcp on 217.23.0.143 Discovered open port 80/tcp on 217.23.0.167 Discovered open port 8888/tcp on 217.23.0.142 Discovered open port 8080/tcp on 217.23.0.156 Discovered open port 8080/tcp on 217.23.0.181 Discovered open port 8080/tcp on 217.23.0.143 Discovered open port 3306/tcp on 217.23.0.164 Discovered open port 443/tcp on 217.23.0.13 Discovered open port 53/tcp on 217.23.0.121 Discovered open port 443/tcp on 217.23.0.1 Discovered open port 443/tcp on 217.23.0.110 Discovered open port 80/tcp on 217.23.0.1 Discovered open port 80/tcp on 217.23.0.8 Discovered open port 1723/tcp on 217.23.0.5 Discovered open port 80/tcp on 217.23.0.110 Discovered open port 8080/tcp on 217.23.0.8 Discovered open port 9080/tcp on 217.23.0.4 Discovered open port 5989/tcp on 217.23.0.4 SYN Stealth Scan Timing: About 8.19% done; ETC: 16:21 (0:05:47 remaining) Discovered open port 8000/tcp on 217.23.0.4 Increasing send delay for 217.23.0.194 from 0 to 5 due to 11 out of 20 dropped probes since last increase. Discovered open port 902/tcp on 217.23.0.4 Increasing send delay for 217.23.0.195 from 0 to 5 due to 11 out of 23 dropped probes since last increase. Increasing send delay for 217.23.0.131 from 0 to 5 due to 11 out of 20 dropped probes since last increase. Discovered open port 5060/tcp on 217.23.0.8 Discovered open port 8000/tcp on 217.23.0.143 Increasing send delay for 217.23.0.130 from 0 to 5 due to 11 out of 23 dropped probes since last increase. SYN Stealth Scan Timing: About 16.40% done; ETC: 16:21 (0:05:26 remaining) Increasing send delay for 217.23.0.194 from 5 to 10 due to 11 out of 21 dropped probes since last increase. Discovered open port 8300/tcp on 217.23.0.4 SYN Stealth Scan Timing: About 23.58% done; ETC: 16:21 (0:05:05 remaining) Increasing send delay for 217.23.0.195 from 5 to 10 due to 11 out of 23 dropped probes since last increase. Discovered open port 88/tcp on 217.23.0.184 Increasing send delay for 217.23.0.131 from 5 to 10 due to 11 out of 21 dropped probes since last increase. Increasing send delay for 217.23.0.130 from 5 to 10 due to 11 out of 23 dropped probes since last increase. Discovered open port 88/tcp on 217.23.0.167 Discovered open port 88/tcp on 217.23.0.143 SYN Stealth Scan Timing: About 30.85% done; ETC: 16:22 (0:04:45 remaining) Discovered open port 427/tcp on 217.23.0.4 SYN Stealth Scan Timing: About 38.96% done; ETC: 16:21 (0:04:06 remaining) Discovered open port 9200/tcp on 217.23.0.143 Discovered open port 8443/tcp on 217.23.0.10 Discovered open port 992/tcp on 217.23.0.5 Discovered open port 5555/tcp on 217.23.0.5 Discovered open port 8001/tcp on 217.23.0.197 SYN Stealth Scan Timing: About 45.83% done; ETC: 16:22 (0:03:45 remaining) Discovered open port 8001/tcp on 217.23.0.200 Discovered open port 8001/tcp on 217.23.0.203 Discovered open port 8001/tcp on 217.23.0.202 Discovered open port 8001/tcp on 217.23.0.205 Discovered open port 8001/tcp on 217.23.0.201 Discovered open port 8001/tcp on 217.23.0.204 Discovered open port 8001/tcp on 217.23.0.199 SYN Stealth Scan Timing: About 53.07% done; ETC: 16:22 (0:03:15 remaining) Discovered open port 9999/tcp on 217.23.0.178 Discovered open port 7999/tcp on 217.23.0.136 SYN Stealth Scan Timing: About 59.53% done; ETC: 16:22 (0:02:50 remaining) Discovered open port 8001/tcp on 217.23.0.136 SYN Stealth Scan Timing: About 66.70% done; ETC: 16:22 (0:02:20 remaining) Discovered open port 1935/tcp on 217.23.0.178 Discovered open port 1935/tcp on 217.23.0.156 SYN Stealth Scan Timing: About 75.15% done; ETC: 16:22 (0:01:43 remaining) Discovered open port 1935/tcp on 217.23.0.142 Completed SYN Stealth Scan against 217.23.0.196 in 326.25s (63 hosts left) SYN Stealth Scan Timing: About 83.83% done; ETC: 16:21 (0:01:06 remaining) Completed SYN Stealth Scan against 217.23.0.197 in 345.31s (62 hosts left) Completed SYN Stealth Scan against 217.23.0.4 in 346.08s (61 hosts left) Completed SYN Stealth Scan against 217.23.0.2 in 348.42s (60 hosts left) Completed SYN Stealth Scan against 217.23.0.1 in 351.42s (59 hosts left) Completed SYN Stealth Scan against 217.23.0.5 in 353.18s (58 hosts left) Completed SYN Stealth Scan against 217.23.0.8 in 357.77s (57 hosts left) Completed SYN Stealth Scan against 217.23.0.10 in 357.77s (56 hosts left) Completed SYN Stealth Scan against 217.23.0.3 in 358.56s (55 hosts left) Completed SYN Stealth Scan against 217.23.0.205 in 358.84s (54 hosts left) Completed SYN Stealth Scan against 217.23.0.11 in 360.09s (53 hosts left) Completed SYN Stealth Scan against 217.23.0.203 in 360.24s (52 hosts left) Completed SYN Stealth Scan against 217.23.0.200 in 360.75s (51 hosts left) Completed SYN Stealth Scan against 217.23.0.202 in 362.27s (50 hosts left) Completed SYN Stealth Scan against 217.23.0.201 in 362.93s (49 hosts left) Completed SYN Stealth Scan against 217.23.0.12 in 363.91s (48 hosts left) Completed SYN Stealth Scan against 217.23.0.204 in 367.30s (47 hosts left) Completed SYN Stealth Scan against 217.23.0.13 in 369.65s (46 hosts left) SYN Stealth Scan Timing: About 90.68% done; ETC: 16:21 (0:00:38 remaining) Completed SYN Stealth Scan against 217.23.0.20 in 370.34s (45 hosts left) Completed SYN Stealth Scan against 217.23.0.30 in 371.90s (44 hosts left) Completed SYN Stealth Scan against 217.23.0.198 in 372.10s (43 hosts left) Completed SYN Stealth Scan against 217.23.0.199 in 372.35s (42 hosts left) Completed SYN Stealth Scan against 217.23.0.33 in 373.01s (41 hosts left) Completed SYN Stealth Scan against 217.23.0.61 in 376.56s (40 hosts left) Completed SYN Stealth Scan against 217.23.0.31 in 378.02s (39 hosts left) Completed SYN Stealth Scan against 217.23.0.184 in 379.30s (38 hosts left) Completed SYN Stealth Scan against 217.23.0.39 in 380.38s (37 hosts left) Completed SYN Stealth Scan against 217.23.0.62 in 380.38s (36 hosts left) Completed SYN Stealth Scan against 217.23.0.21 in 381.01s (35 hosts left) Completed SYN Stealth Scan against 217.23.0.22 in 383.07s (34 hosts left) Completed SYN Stealth Scan against 217.23.0.60 in 387.13s (33 hosts left) Completed SYN Stealth Scan against 217.23.0.181 in 387.69s (32 hosts left) Completed SYN Stealth Scan against 217.23.0.182 in 388.75s (31 hosts left) Completed SYN Stealth Scan against 217.23.0.193 in 391.50s (30 hosts left) Completed SYN Stealth Scan against 217.23.0.32 in 392.55s (29 hosts left) Completed SYN Stealth Scan against 217.23.0.63 in 397.85s (28 hosts left) Completed SYN Stealth Scan against 217.23.0.64 in 400.12s (27 hosts left) Completed SYN Stealth Scan against 217.23.0.65 in 400.37s (26 hosts left) Completed SYN Stealth Scan against 217.23.0.179 in 402.08s (25 hosts left) Completed SYN Stealth Scan against 217.23.0.71 in 404.46s (24 hosts left) Completed SYN Stealth Scan against 217.23.0.66 in 405.16s (23 hosts left) Completed SYN Stealth Scan against 217.23.0.67 in 405.39s (22 hosts left) Completed SYN Stealth Scan against 217.23.0.68 in 405.39s (21 hosts left) Completed SYN Stealth Scan against 217.23.0.167 in 407.88s (20 hosts left) Completed SYN Stealth Scan against 217.23.0.164 in 408.81s (19 hosts left) Completed SYN Stealth Scan against 217.23.0.110 in 408.81s (18 hosts left) Completed SYN Stealth Scan against 217.23.0.178 in 409.82s (17 hosts left) Completed SYN Stealth Scan against 217.23.0.132 in 417.23s (16 hosts left) Completed SYN Stealth Scan against 217.23.0.115 in 418.63s (15 hosts left) Completed SYN Stealth Scan against 217.23.0.116 in 419.67s (14 hosts left) Completed SYN Stealth Scan against 217.23.0.136 in 419.89s (13 hosts left) Completed SYN Stealth Scan against 217.23.0.117 in 424.83s (12 hosts left) Completed SYN Stealth Scan against 217.23.0.156 in 425.16s (11 hosts left) Completed SYN Stealth Scan against 217.23.0.142 in 425.65s (10 hosts left) Completed SYN Stealth Scan against 217.23.0.123 in 426.87s (9 hosts left) Completed SYN Stealth Scan against 217.23.0.143 in 427.00s (8 hosts left) Completed SYN Stealth Scan against 217.23.0.121 in 427.00s (7 hosts left) Completed SYN Stealth Scan against 217.23.0.124 in 427.43s (6 hosts left) Completed SYN Stealth Scan against 217.23.0.126 in 429.16s (5 hosts left) Completed SYN Stealth Scan against 217.23.0.129 in 430.01s (4 hosts left) Completed SYN Stealth Scan against 217.23.0.195 in 536.11s (3 hosts left) Completed SYN Stealth Scan against 217.23.0.194 in 537.75s (2 hosts left) Completed SYN Stealth Scan against 217.23.0.130 in 571.64s (1 host left) Completed SYN Stealth Scan at 16:24, 582.51s elapsed (64000 total ports) Initiating Service scan at 16:24 Scanning 89 services on 64 hosts Completed Service scan at 16:27, 169.26s elapsed (89 services on 64 hosts) Initiating OS detection (try #1) against 64 hosts WARNING: Service 217.23.0.8:8080 had already soft-matched rtsp, but now soft-matched sip; ignoring second value Completed os scan against 217.23.0.1 in 14.379s (63 hosts left) Completed os scan against 217.23.0.5 in 14.379s (62 hosts left) Completed os scan against 217.23.0.8 in 14.379s (61 hosts left) Completed os scan against 217.23.0.10 in 14.379s (60 hosts left) Completed os scan against 217.23.0.13 in 14.379s (59 hosts left) Completed os scan against 217.23.0.20 in 14.379s (58 hosts left) Completed os scan against 217.23.0.30 in 14.379s (57 hosts left) Completed os scan against 217.23.0.33 in 14.379s (56 hosts left) Completed os scan against 217.23.0.110 in 14.379s (55 hosts left) Completed os scan against 217.23.0.121 in 14.379s (54 hosts left) Completed os scan against 217.23.0.130 in 14.379s (53 hosts left) Completed os scan against 217.23.0.142 in 14.379s (52 hosts left) Completed os scan against 217.23.0.143 in 14.379s (51 hosts left) Completed os scan against 217.23.0.156 in 14.379s (50 hosts left) Completed os scan against 217.23.0.164 in 14.379s (49 hosts left) Completed os scan against 217.23.0.167 in 14.379s (48 hosts left) Completed os scan against 217.23.0.178 in 14.379s (47 hosts left) Completed os scan against 217.23.0.179 in 14.379s (46 hosts left) Completed os scan against 217.23.0.181 in 14.379s (45 hosts left) Completed os scan against 217.23.0.182 in 14.379s (44 hosts left) Completed os scan against 217.23.0.184 in 14.379s (43 hosts left) Completed os scan against 217.23.0.194 in 14.379s (42 hosts left) Completed os scan against 217.23.0.195 in 14.379s (41 hosts left) Completed os scan against 217.23.0.198 in 14.379s (40 hosts left) Retrying OS detection (try #2) against 40 hosts Retrying OS detection (try #3) against 9 hosts Retrying OS detection (try #4) against 3 hosts Retrying OS detection (try #5) against 3 hosts Initiating Traceroute at 16:28 Completed Traceroute at 16:28, 0.45s elapsed Initiating Parallel DNS resolution of 66 hosts. at 16:28 Completed Parallel DNS resolution of 66 hosts. at 16:28, 16.91s elapsed NSE: Script scanning 64 hosts. Initiating NSE at 16:28 Completed NSE at 16:30, 95.74s elapsed Initiating NSE at 16:30 7.23.0.1) Host is up (0.013s latency). Not shown: 998 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Apache Tomcat/Coyote JSP engine 1.1 |http-favicon: Unknown favicon MD5: F46BAA8367ECF994A9C50CE7FB89F483 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |_/ |_http-server-header: Apache-Coyote/1.1 |_http-title: Site doesn't have a title (text/html;charset=UTF-8). |http-trane-info: Problem with XML parsing of /evox/about 443/tcp open ssl/http Apache Tomcat/Coyote JSP engine 1.1 |http-favicon: Unknown favicon MD5: F46BAA8367ECF994A9C50CE7FB89F483 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/ |_http-server-header: Apache-Coyote/1.1 | http-title: Server Backup Manager SE
|_Requested resource was https://backup-srv1.worldstream.nl/login.zul;jsessionid=5F87BF6FBF6D044220ACDD84C3E07DFC |_http-trane-info: Problem with XML parsing of /evox/about | ssl-cert: Subject: commonName=.worldstream.nl/organizationName=WorldStream B.V./stateOrProvinceName=Zuid-Holland/countryName=NL | Subject Alternative Name: DNS:.worldstream.nl, DNS:worldstream.nl | Issuer: commonName=COMODO RSA Organization Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-03-05T00:00:00 | Not valid after: 2020-03-04T23:59:59 | MD5: 0e72 2e6d 21dd 3c86 b8e4 9b99 93d4 c2b3 |_SHA-1: 5609 5bcc 3a1b 61f1 1a6a f767 4177 8ae4 835a b8d0 |_ssl-date: 2019-06-24T14:21:28+00:00; -8m23s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10, Linux 2.6.32 - 3.13, Linux 3.2 - 3.10, Linux 3.2 - 3.16, Linux 3.2 - 3.8 Uptime guess: 175.146 days (since Mon Dec 31 12:00:04 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -8m23s, deviation: 0s, median: -8m23s

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms backup-srv1.worldstream.nl (217.23.0.1)

Nmap scan report for 217.23.0.2 Host is up (0.036s latency). All 1000 scanned ports on 217.23.0.2 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.2

Nmap scan report for 217.23.0.3 Host is up (0.046s latency). All 1000 scanned ports on 217.23.0.3 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS 1 0.00 ms customer.worldstream.nl (217.23.15.237) 2 7.00 ms 217.23.0.3

Nmap scan report for 217.23.0.4 Host is up (0.0081s latency). Not shown: 992 closed ports PORT STATE SERVICE VERSION 80/tcp open http VMware ESXi Server httpd | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-title: Did not follow redirect to https://217.23.0.4/ 427/tcp open svrloc? 443/tcp open ssl/http VMware ESXi Web UI | http-methods: | Supported Methods: GET HEAD POST |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-05T14:12:36 | Not valid after: 2026-10-04T14:12:36 | MD5: 9c50 0bbd 9ccd 5479 de06 ee72 a00c 9483 |_SHA-1: afee acfc 37c2 6cec 4e70 f961 b480 9f3e 6f9b 2c6f |ssl-date: TLS randomness does not represent time | vmware-version: | Server version: VMware ESXi 6.5.0 | Build: 4564106 | Locale version: INTL 000 | OS type: vmnix-x86 | Product Line ID: embeddedEsx 902/tcp open ssl/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP) 5989/tcp open ssl/wbem SBLIM Small Footprint CIM Broker | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-05T14:12:36 | Not valid after: 2026-10-04T14:12:36 | MD5: 9c50 0bbd 9ccd 5479 de06 ee72 a00c 9483 |_SHA-1: afee acfc 37c2 6cec 4e70 f961 b480 9f3e 6f9b 2c6f |ssl-date: TLS randomness does not represent time 8000/tcp open http-alt? 8300/tcp open tmi? 9080/tcp open ssl/soap gSOAP 2.8 | http-methods: | Supported Methods: GET HEAD | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-05T14:12:36 | Not valid after: 2026-10-04T14:12:36 | MD5: 9c50 0bbd 9ccd 5479 de06 ee72 a00c 9483 |_SHA-1: afee acfc 37c2 6cec 4e70 f961 b480 9f3e 6f9b 2c6f |_ssl-date: TLS randomness does not represent time Aggressive OS guesses: VMware ESXi 5.0 - 5.5 (97%), VMware ESXi 6.0.0 (96%), Crestron XPanel control system (94%), VMware ESXi 4.1 (94%), FreeBSD 7.0-RELEASE-p1 - 10.0-CURRENT (94%), VMware ESXi 5.5 (94%), FreeBSD 8.0-RELEASE (92%), Epson Stylus Pro 400 printer (92%), FreeNAS 0.69.2 (FreeBSD 6.3-STABLE - 6.4-RELEASE) (92%), VMware ESXi 4.1.0 (92%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 432.293 days (since Wed Apr 18 09:28:48 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=186 (Good luck!) IP ID Sequence Generation: Incremental Service Info: Host: customer.worldstream.nl; CPE: cpe:/o:vmware:esxi, cpe:/o:vmware:ESXi:6.5.0

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 9.00 ms 217.23.0.4

Nmap scan report for 217.23.0.5 Host is up (0.0055s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 992/tcp open ssl/http SoftEther VPN httpd | http-methods: |_ Supported Methods: POST |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=vpn854965442.softether.net/organizationName=vpn854965442.softether.net/countryName=US | Issuer: commonName=vpn854965442.softether.net/organizationName=vpn854965442.softether.net/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-06T13:16:36 | Not valid after: 2036-12-31T13:16:36 | MD5: 0146 01ad ea5e 7b2d 72e7 5927 4690 f6a8 |SHA-1: ab31 4111 2033 daa3 df9e 968c 73b0 7185 621f 7907 |ssl-date: TLS randomness does not represent time | sslv2: | SSLv2 supported | ciphers: | SSL2_RC4_128_WITH_MD5 1723/tcp open pptp linux (Firmware: 1) 5555/tcp open ssl/http SoftEther VPN httpd | http-methods: | Supported Methods: GET POST |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=vpn854965442.softether.net/organizationName=vpn854965442.softether.net/countryName=US | Issuer: commonName=vpn854965442.softether.net/organizationName=vpn854965442.softether.net/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-06T13:16:36 | Not valid after: 2036-12-31T13:16:36 | MD5: 0146 01ad ea5e 7b2d 72e7 5927 4690 f6a8 |_SHA-1: ab31 4111 2033 daa3 df9e 968c 73b0 7185 621f 7907 |ssl-date: TLS randomness does not represent time | sslv2: | SSLv2 supported | ciphers: | SSL2_RC4_128_WITH_MD5 Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10, Linux 2.6.32 - 3.13, Linux 3.2 - 3.10, Linux 3.2 - 3.16, Linux 3.2 - 3.8 Uptime guess: 34.565 days (since Tue May 21 02:56:23 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: local

TRACEROUTE (using port 1723/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.5

Nmap scan report for 217.23.0.8 Host is up (0.0054s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.10 ((Debian)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-server-header: Apache/2.4.10 (Debian) |http-title: Site doesn't have a title (text/html). 5060/tcp open sip (SIP end point; Status: 404 Not Found) | fingerprint-strings: | GetRequest: | HTTP/1.0 200 OK | Date: Mon, 24 Jun 2019 13:58:12 GMT | Connection: Close | Content-Type: text/html | Content-Length: 109 | <title>OoklaServer</title>

OoklaServer

It worked!

OoklaServer

It\x20worked!<br\x20/>

SF:\n")%r(SIPOptions,51,"SIP/2.0\x20404\x20Not\x20Found\r\n SF:Date:\x20Mon,\x2024\x20Jun\x202019\x2013:58:12\x20GMT\r\nConnection:\x2 SF:0Close\r\n\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port8080-TCP:V=7.70%I=7%D=6/24%Time=5D10DD3B%P=i686-pc-windows-windows% SF:r(GetRequest,E6,"HTTP/1.0\x20200\x20OK\r\nDate:\x20Mon,\x2024\x20Jun\x SF:202019\x2013:58:12\x20GMT\r\nConnection:\x20Close\r\nContent-Type:\x20t SF:ext/html\r\nContent-Length:\x20109\r\n\r\n<title>OoklaServe SF:r</title>

OoklaServer

It\x20worked!<br\x20/>

SF:\n")%r(HTTPOptions,77,"HTTP/1.0\x20200\x20OK\r\nDate:\x2 SF:0Mon,\x2024\x20Jun\x202019\x2013:58:12\x20GMT\r\nConnection:\x20Close\r SF:\nContent-Type:\x20text/html\r\nContent-Length:\x200\r\n\r\n")%r(RTSPRe SF:quest,77,"RTSP/1.0\x20200\x20OK\r\nDate:\x20Mon,\x2024\x20Jun\x202019
SF:x2013:58:12\x20GMT\r\nConnection:\x20Close\r\nContent-Type:\x20text/htm SF:l\r\nContent-Length:\x200\r\n\r\n")%r(FourOhFourRequest,52,"HTTP/1.0\x SF:20404\x20Not\x20Found\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2013:58:12 SF:\x20GMT\r\nConnection:\x20Close\r\n\r\n")%r(GenericLines,C,"ERROR\nERRO SF:R\n")%r(SIPOptions,51,"SIP/2.0\x20404\x20Not\x20Found\r\nDate:\x20Mon, SF:\x2024\x20Jun\x202019\x2013:58:17\x20GMT\r\nConnection:\x20Close\r\n\r
SF:n"); Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.11, Linux 3.16 - 4.6, Linux 3.2 - 4.9, Linux 4.4 Uptime guess: 34.480 days (since Tue May 21 04:59:53 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.8

Nmap scan report for foreman.worldstream.nl (217.23.0.10) Host is up (0.0071s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 8443/tcp open ssl/http WEBrick httpd 1.3.1 (Ruby 2.0.0 (2014-11-13); OpenSSL 1.0.1e) |_http-server-header: WEBrick/1.3.1 (Ruby/2.0.0/2014-11-13) OpenSSL/1.0.1e |_http-title: Site doesn't have a title (text/html;charset=utf-8). | ssl-cert: Subject: commonName=foreman.worldstream.nl | Subject Alternative Name: DNS:foreman.worldstream.nl, DNS:puppet, DNS:puppet.worldstream.nl | Issuer: commonName=Puppet CA: foreman.worldstream.nl | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-10-10T13:29:05 | Not valid after: 2021-10-10T13:29:05 | MD5: 80c1 5ac1 950f 55b0 9bff 209f dcc9 d66f |_SHA-1: 3108 4c89 a189 a884 9324 d5e4 21b1 ca55 b183 2012 |_ssl-date: 2019-06-24T14:29:35+00:00; +19s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.11, Linux 3.2 - 4.9 Uptime guess: 4.833 days (since Wed Jun 19 20:30:38 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: 18s, deviation: 0s, median: 18s

TRACEROUTE (using port 8443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms foreman.worldstream.nl (217.23.0.10)

Nmap scan report for 217.23.0.11 Host is up (0.014s latency). All 1000 scanned ports on 217.23.0.11 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.11

Nmap scan report for 217.23.0.12 Host is up (0.0065s latency). All 1000 scanned ports on 217.23.0.12 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.12

Nmap scan report for support.worldstream.nl (217.23.0.13) Host is up (0.0036s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 443/tcp open ssl/http nginx 1.14.1 | http-auth: | HTTP/1.1 401 Unauthorized\x0D |_ Basic realm=Restricted support.worldstream.nl |_http-server-header: nginx/1.14.1 |_http-title: 401 Authorization Required | ssl-cert: Subject: commonName=.worldstream.nl/organizationName=WorldStream B.V./stateOrProvinceName=Zuid-Holland/countryName=NL | Subject Alternative Name: DNS:.worldstream.nl, DNS:worldstream.nl | Issuer: commonName=COMODO RSA Organization Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-03-05T00:00:00 | Not valid after: 2020-03-04T23:59:59 | MD5: 0e72 2e6d 21dd 3c86 b8e4 9b99 93d4 c2b3 |SHA-1: 5609 5bcc 3a1b 61f1 1a6a f767 4177 8ae4 835a b8d0 |ssl-date: TLS randomness does not represent time | tls-alpn: | h2 | http/1.1 | tls-nextprotoneg: | h2 | http/1.1 Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.11, Linux 3.16 - 4.6, Linux 3.2 - 4.9, Linux 4.4 Uptime guess: 39.629 days (since Thu May 16 01:25:09 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms support.worldstream.nl (217.23.0.13)

Nmap scan report for 217.23.0.20 Host is up (0.010s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.0 (protocol 2.0) | ssh-hostkey: | 2048 a2:45:f5:88:a9:36:09:2d:08:63:95:5a:fa:60:c2:25 (RSA) |_ 256 e4:d4:e0:d9:aa:b7:45:80:03:d2:27:c2:d8:74:cd:c7 (ECDSA) 80/tcp open http Dell iDRAC 8 admin httpd (time zone: CDT) | http-methods: |_ Supported Methods: GET HEAD POST |_http-title: Did not follow redirect to https://217.23.0.20/start.html 443/tcp open ssl/http Dell iDRAC 8 admin httpd (time zone: CDT) | http-title: Not Found |_Requested resource was https://217.23.0.20/start.html | ssl-cert: Subject: commonName=idrac-3LHBXJ2/organizationName=Dell Inc./stateOrProvinceName=Texas/countryName=US | Issuer: commonName=idrac-3LHBXJ2/organizationName=Dell Inc./stateOrProvinceName=Texas/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-03-23T14:37:00 | Not valid after: 2027-03-24T14:38:43 | MD5: 5491 98ff 52f5 14ee 518e 2563 c1b6 b5f3 |_SHA-1: 0bf4 654b 632b f75e 17d8 b5f1 811f d7ca 07f6 e57c |_ssl-date: TLS randomness does not represent time 5900/tcp open websocket libwebsockets Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 134.876 days (since Sat Feb 09 18:28:25 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros Service Info: CPE: cpe:/o:dell:idrac8_firmware

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS 1 0.00 ms customer.worldstream.nl (217.23.15.236) 2 3.00 ms 217.23.0.20

Nmap scan report for 217.23.0.21 Host is up (0.014s latency). All 1000 scanned ports on 217.23.0.21 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.21

Nmap scan report for 217.23.0.22 Host is up (0.010s latency). All 1000 scanned ports on 217.23.0.22 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.22

Nmap scan report for 217.23.0.30 Host is up (0.0090s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.0 (protocol 2.0) | ssh-hostkey: | 2048 ed:ba:a5:2d:d0:24:6b:4c:b6:51:1b:18:c9:53:c9:41 (RSA) |_ 256 f1:78:b1:e9:3f:16:7a:c2:3f:63:41:11:ba:3c:f4:c8 (ECDSA) 80/tcp open http Dell iDRAC 8 admin httpd (time zone: CDT) | http-methods: |_ Supported Methods: GET HEAD POST |http-title: Did not follow redirect to https://217.23.0.30/start.html 443/tcp open ssl/http Dell iDRAC 8 admin httpd (time zone: CDT) | http-methods: | Supported Methods: GET | http-title: Not Found |_Requested resource was https://217.23.0.30/start.html | ssl-cert: Subject: commonName=idrac-52BW7J2/organizationName=Dell Inc./stateOrProvinceName=Texas/countryName=US | Issuer: commonName=idrac-52BW7J2/organizationName=Dell Inc./stateOrProvinceName=Texas/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-03-07T05:35:00 | Not valid after: 2027-03-08T05:35:34 | MD5: cd93 4382 621c cff7 61c6 426a f052 3478 |_SHA-1: cb87 2005 76c7 768d abfa 9c6f 5eea 9237 a932 fd88 |_ssl-date: TLS randomness does not represent time 5900/tcp open websocket libwebsockets Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 73.900 days (since Thu Apr 11 18:53:42 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: CPE: cpe:/o:dell:idrac8_firmware

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 3.00 ms 217.23.0.30

Nmap scan report for worldshield-smeagol01.worldstream.net (217.23.0.31) Host is up (0.0059s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0) | ssh-hostkey: | 2048 cb:18:ac:0e:7f:52:23:cb:c1:af:ae:72:5a:c1:56:57 (RSA) | 256 a6:3e:64:66:94:c1:34:fb:a6:a7:f5:1b:05:3a:c9:4f (ECDSA) |_ 256 f7:7d:f9:e9:27:d2:35:97:95:9c:69:4b:a9:1e:ef:9b (ED25519) 80/tcp open http nginx 1.10.2 |_http-server-header: nginx/1.10.2 |_http-title: 403 Forbidden Aggressive OS guesses: Linux 3.13 - 3.16 (96%), Linux 3.2 - 4.9 (96%), Linux 4.4 (96%), Linux 2.6.32 - 3.10 (96%), Asus RT-N10 router or AXIS 211A Network Camera (Linux 2.6) (95%), Linux 2.6.18 (95%), AXIS 211A Network Camera (Linux 2.6.20) (95%), Linux 2.6.24 (94%), Linux 2.6.16 (94%), Linux 2.6.18 - 2.6.32 (93%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 40.087 days (since Wed May 15 14:25:13 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 3.00 ms worldshield-smeagol01.worldstream.net (217.23.0.31)

Nmap scan report for worldshield-smeagol02.worldstream.net (217.23.0.32) Host is up (0.0023s latency). All 1000 scanned ports on worldshield-smeagol02.worldstream.net (217.23.0.32) are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms worldshield-smeagol02.worldstream.net (217.23.0.32)

Nmap scan report for 217.23.0.33 Host is up (0.0087s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4p1 (protocol 2.0) | ssh-hostkey: |_ 2048 66:93:c9:b5:20:f3:79:c7:1e:9a:e0:dc:64:66:f0:c0 (RSA) 80/tcp open http iRMC S4 Webserver | fingerprint-strings: | HTTPOptions: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:25:21 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Expires: Sun, 23 Jun 2019 14:25:21 GMT | Content-Length: 0 | Content-Type: text/html | Content-Encoding: (null) | RTSPRequest: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:25:26 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Expires: Sun, 23 Jun 2019 14:25:26 GMT | Content-Length: 0 | Content-Type: text/html | Content-Encoding: (null) | SIPOptions: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:26:39 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Expires: Sun, 23 Jun 2019 14:26:39 GMT | Content-Length: 0 | Cache-Control: no-cache | Pragma: no-cache | Content-Type: text/html |_ Content-Encoding: (null) |http-favicon: Unknown favicon MD5: 0DDA934ED71C768A6DFB93AF937B8168 | http-methods: | Supported Methods: GET POST PUT PATCH DELETE OPTIONS HEAD | Potentially risky methods: PUT PATCH DELETE |_http-server-header: iRMC S4 Webserver | http-title: iRMC S4@iRMCF54CFA - ServerView® iRMC S4 Web Server (F... |Requested resource was http://217.23.0.33/login 443/tcp open ssl/https iRMC S4 Webserver | fingerprint-strings: | HTTPOptions: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:25:28 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Strict-Transport-Security: max-age=0 | Expires: Sun, 23 Jun 2019 14:25:28 GMT | Content-Length: 0 | Content-Type: text/html | Content-Encoding: (null) | RTSPRequest: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:25:44 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Strict-Transport-Security: max-age=0 | Expires: Sun, 23 Jun 2019 14:25:44 GMT | Content-Length: 0 | Content-Type: text/html | Content-Encoding: (null) | SIPOptions: | HTTP/1.1 200 OK | Allow: GET,POST,PUT,PATCH,DELETE,OPTIONS | Date: Mon, 24 Jun 2019 14:26:52 GMT | Server: iRMC S4 Webserver | X-Frame-Options: DENY | Strict-Transport-Security: max-age=0 | Expires: Sun, 23 Jun 2019 14:26:52 GMT | Content-Length: 0 | Cache-Control: no-cache | Pragma: no-cache | Content-Type: text/html | Content-Encoding: (null) |http-favicon: Unknown favicon MD5: 0DDA934ED71C768A6DFB93AF937B8168 | http-server-header: | FUJITSU ServerView iRMC S4 Webserver | iRMC S4 Webserver | ssl-cert: Subject: commonName=iRMC/organizationName=Fujitsu Technology Solutions/stateOrProvinceName=Bavaria/countryName=DE | Issuer: commonName=ServerView Root CA/organizationName=Fujitsu Technology Solutions GmbH/stateOrProvinceName=Bavaria/countryName=DE | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2013-02-20T14:02:43 | Not valid after: 2018-02-19T14:02:43 | MD5: 419f 14a5 7ee1 fa93 4c8c 12bf 9369 215b |_SHA-1: 549e c1a0 6582 c5bd 641a 91e2 7577 4272 324c f852 |_ssl-date: 2019-06-24T14:29:42+00:00; +17s from scanner time. 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10DD45%P=i686-pc-windows-windows%r( SF:HTTPOptions,102,"HTTP/1.1\x20200\x20OK\r\nAllow:\x20GET,POST,PUT,PATCH SF:,DELETE,OPTIONS\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:25:21\x20GM SF:T\r\nServer:\x20iRMC\x20S4\x20Webserver\r\nX-Frame-Options:\x20DENY\r\n SF:Expires:\x20Sun,\x2023\x20Jun\x202019\x2014:25:21\x20GMT\r\nContent-Len SF:gth:\x200\r\nContent-Type:\x20text/html\r\nContent-Encoding:\x20(null
SF:)\r\n\r\n")%r(RTSPRequest,102,"HTTP/1.1\x20200\x20OK\r\nAllow:\x20GET, SF:POST,PUT,PATCH,DELETE,OPTIONS\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x20 SF:14:25:26\x20GMT\r\nServer:\x20iRMC\x20S4\x20Webserver\r\nX-Frame-Option SF:s:\x20DENY\r\nExpires:\x20Sun,\x2023\x20Jun\x202019\x2014:25:26\x20GMT
SF:r\nContent-Length:\x200\r\nContent-Type:\x20text/html\r\nContent-Encodi SF:ng:\x20(null)\r\n\r\n")%r(SIPOptions,12D,"HTTP/1.1\x20200\x20OK\r\nA SF:llow:\x20GET,POST,PUT,PATCH,DELETE,OPTIONS\r\nDate:\x20Mon,\x2024\x20Ju SF:n\x202019\x2014:26:39\x20GMT\r\nServer:\x20iRMC\x20S4\x20Webserver\r\nX SF:-Frame-Options:\x20DENY\r\nExpires:\x20Sun,\x2023\x20Jun\x202019\x2014: SF:26:39\x20GMT\r\nContent-Length:\x200\r\nCache-Control:\x20no-cache\r\nP SF:ragma:\x20no-cache\r\nContent-Type:\x20text/html\r\nContent-Encoding:\x SF:20(null)\r\n\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.70%T=SSL%I=7%D=6/24%Time=5D10DD4B%P=i686-pc-windows-win SF:dows%r(HTTPOptions,128,"HTTP/1.1\x20200\x20OK\r\nAllow:\x20GET,POST,PU SF:T,PATCH,DELETE,OPTIONS\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:25:2 SF:8\x20GMT\r\nServer:\x20iRMC\x20S4\x20Webserver\r\nX-Frame-Options:\x20D SF:ENY\r\nStrict-Transport-Security:\x20max-age=0\r\nExpires:\x20Sun,\x202 SF:3\x20Jun\x202019\x2014:25:28\x20GMT\r\nContent-Length:\x200\r\nContent- SF:Type:\x20text/html\r\nContent-Encoding:\x20(null)\r\n\r\n")%r(RTSPReq SF:uest,128,"HTTP/1.1\x20200\x20OK\r\nAllow:\x20GET,POST,PUT,PATCH,DELETE SF:,OPTIONS\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:25:44\x20GMT\r\nSe SF:rver:\x20iRMC\x20S4\x20Webserver\r\nX-Frame-Options:\x20DENY\r\nStrict- SF:Transport-Security:\x20max-age=0\r\nExpires:\x20Sun,\x2023\x20Jun\x2020 SF:19\x2014:25:44\x20GMT\r\nContent-Length:\x200\r\nContent-Type:\x20text/ SF:html\r\nContent-Encoding:\x20(null)\r\n\r\n")%r(SIPOptions,153,"HTTP/ SF:1.1\x20200\x20OK\r\nAllow:\x20GET,POST,PUT,PATCH,DELETE,OPTIONS\r\nDat SF:e:\x20Mon,\x2024\x20Jun\x202019\x2014:26:52\x20GMT\r\nServer:\x20iRMC\x SF:20S4\x20Webserver\r\nX-Frame-Options:\x20DENY\r\nStrict-Transport-Secur SF:ity:\x20max-age=0\r\nExpires:\x20Sun,\x2023\x20Jun\x202019\x2014:26:52
SF:x20GMT\r\nContent-Length:\x200\r\nCache-Control:\x20no-cache\r\nPragma: SF:\x20no-cache\r\nContent-Type:\x20text/html\r\nContent-Encoding:\x20(nu SF:ll)\r\n\r\n"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 72.820 days (since Fri Apr 12 20:49:23 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: 16s, deviation: 0s, median: 16s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 2.00 ms 217.23.0.33

Nmap scan report for 217.23.0.39 Host is up (0.0033s latency). All 1000 scanned ports on 217.23.0.39 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms 217.23.0.39

Nmap scan report for 217.23.0.60 Host is up (0.0037s latency). All 1000 scanned ports on 217.23.0.60 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 2.00 ms 217.23.0.60

Nmap scan report for 217.23.0.61 Host is up (0.0031s latency). All 1000 scanned ports on 217.23.0.61 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.61

Nmap scan report for 217.23.0.62 Host is up (0.014s latency). All 1000 scanned ports on 217.23.0.62 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.62

Nmap scan report for 217.23.0.63 Host is up (0.013s latency). All 1000 scanned ports on 217.23.0.63 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.63

Nmap scan report for 217.23.0.64 Host is up (0.0036s latency). All 1000 scanned ports on 217.23.0.64 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.64

Nmap scan report for 217.23.0.65 Host is up (0.0044s latency). All 1000 scanned ports on 217.23.0.65 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.65

Nmap scan report for 217.23.0.66 Host is up (0.0034s latency). All 1000 scanned ports on 217.23.0.66 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.66

Nmap scan report for 217.23.0.67 Host is up (0.0023s latency). All 1000 scanned ports on 217.23.0.67 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.67

Nmap scan report for 217.23.0.68 Host is up (0.0044s latency). All 1000 scanned ports on 217.23.0.68 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms 217.23.0.68

Nmap scan report for 217.23.0.71 Host is up (0.0029s latency). All 1000 scanned ports on 217.23.0.71 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 2.00 ms 217.23.0.71

Nmap scan report for kb.worldstream.nl (217.23.0.110) Host is up (0.0052s latency). Not shown: 998 filtered ports PORT STATE SERVICE VERSION 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Did not follow redirect to https://kb.worldstream.nl/ 443/tcp open ssl/http nginx |http-generator: WordPress 5.2.2 | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: nginx |_http-title: WorldStream Knowledge Base | ssl-cert: Subject: commonName=.worldstream.nl/organizationName=WorldStream B.V./stateOrProvinceName=Zuid-Holland/countryName=NL | Subject Alternative Name: DNS:.worldstream.nl, DNS:worldstream.nl | Issuer: commonName=COMODO RSA Organization Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-03-05T00:00:00 | Not valid after: 2020-03-04T23:59:59 | MD5: 0e72 2e6d 21dd 3c86 b8e4 9b99 93d4 c2b3 |SHA-1: 5609 5bcc 3a1b 61f1 1a6a f767 4177 8ae4 835a b8d0 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | tls-nextprotoneg: | http/1.1 Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.11 - 4.1 Uptime guess: 163.228 days (since Sat Jan 12 10:02:05 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms kb.worldstream.nl (217.23.0.110)

Nmap scan report for 217.23.0.115 Host is up (0.0022s latency). All 1000 scanned ports on 217.23.0.115 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.115

Nmap scan report for 217.23.0.116 Host is up (0.018s latency). All 1000 scanned ports on 217.23.0.116 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.116

Nmap scan report for 217.23.0.117 Host is up (0.0041s latency). All 1000 scanned ports on 217.23.0.117 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.117

Nmap scan report for ns2.worldstream.nl (217.23.0.121) Host is up (0.0056s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 53/tcp open domain PowerDNS 3.3 or later | dns-nsid: | NSID: ns2 (6e7332) | id.server: ns2 |_ bind.version: Served by PowerDNS - https://www.powerdns.com/ Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.11 - 4.1 Uptime guess: 143.201 days (since Fri Feb 01 10:40:32 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 53/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms ns2.worldstream.nl (217.23.0.121)

Nmap scan report for 217.23.0.123 Host is up (0.016s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 0.00 ms 217.23.0.123

Nmap scan report for 217.23.0.124 Host is up (0.011s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.124

Nmap scan report for 217.23.0.126 Host is up (0.012s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 0.00 ms 217.23.0.126

Nmap scan report for 217.23.0.129 Host is up (0.012s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 1.00 ms 217.23.0.129

Nmap scan report for 217.23.0.130 Host is up (0.0020s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|storage-misc Running: Linux 2.6.X|3.X, Excito embedded OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/h:excito:bubba_two cpe:/o:linux:linux_kernel:3.10 OS details: Excito Bubba Two file server (Linux 2.6.32), Linux 2.6.21 - 2.6.27, Linux 2.6.24, Linux 2.6.29 - 2.6.31, Linux 2.6.30, Linux 2.6.36, Linux 3.10 Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 1.00 ms 217.23.0.130

Nmap scan report for 217.23.0.131 Host is up (0.010s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: IBM InfoPrint 1754 printer (96%), Linux 2.6.38 (93%), Aerohive HiveOS 6.1 (93%), Arris cable modem (Linux 2.6.18) (93%), Arris TG862 WAP (93%), Aruba Instant AP (ArubaOS 6.4.2.6) (93%), Asus RT-AC66U router (Linux 2.6) (93%), AVM FRITZ!Box (FritzOS 6.20) (93%), AVM FRITZ!WLAN Repeater 450E (FritzOS 6.51) (93%), Avocent MergePoint Unity MPU2016DAC KVM switch (93%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 0.00 ms 217.23.0.131

Nmap scan report for 217.23.0.132 Host is up (0.0078s latency). All 1000 scanned ports on 217.23.0.132 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 4.00 ms 217.23.0.132

Nmap scan report for 217.23.0.136 Host is up (0.029s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.6 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 9b:c8:5f:75:46:e9:bc:f4:3b:96:b8:8b:33:64:d9:e3 (DSA) | 2048 48:2d:74:89:d3:5c:84:ba:8c:9d:93:89:47:83:71:10 (RSA) | 256 3e:b1:c3:d1:d6:e1:5a:a0:ff:f9:87:ab:b0:4f:9d:c7 (ECDSA) |_ 256 21:39:27:d8:5f:3e:94:e3:9f:a1:fa:af:78:dc:10:01 (ED25519) 7999/tcp open mysql MySQL 5.5.53-0ubuntu0.14.04.1 | mysql-info: | Protocol: 10 | Version: 5.5.53-0ubuntu0.14.04.1 | Thread ID: 8060353 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: >J:"<E'0[Z44EAUi.JgK |_ Auth Plugin Name: 96 8001/tcp open vcom-tunnel? No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=7.70%E=4%D=6/24%OT=22%CT=1%CU=40298%PV=N%DS=2%DC=T%G=Y%TM=5D10DE7 OS:F%P=i686-pc-windows-windows)SEQ(SP=105%GCD=1%ISR=106%TI=Z%CI=I%TS=U)SEQ( OS:SP=FC%GCD=1%ISR=101%TI=Z%II=I%TS=U)SEQ(SP=105%GCD=1%ISR=107%TI=Z%CI=I%II OS:=I%TS=U)OPS(O1=M5B4NNSNW8%O2=M5B4NNSNW8%O3=M5B4NW8%O4=M5B4NNSNW8%O5=M5B4 OS:NNSNW8%O6=M5B4NNS)WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)EC OS:N(R=Y%DF=Y%T=40%W=7210%O=M5B4NNSNW8%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F= OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5( OS:R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z% OS:F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N OS:%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%C OS:D=S)

Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.136

Nmap scan report for 217.23.0.142 Host is up (0.011s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 75:64:27:d9:38:72:9e:d8:69:cb:73:20:ef:a9:d1:4b (DSA) | 2048 8e:e6:80:35:8b:45:d4:fe:1c:04:27:b3:58:57:81:9e (RSA) | 256 78:1a:90:f5:c0:cf:93:7e:2c:28:75:45:80:73:a1:45 (ECDSA) |_ 256 28:af:e0:1a:f2:ad:92:9c:97:28:da:65:e5:71:b7:93 (ED25519) 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST |_http-server-header: nginx |http-title: Site doesn't have a title (text/html; charset=UTF-8). 1935/tcp open rtmp? 8888/tcp open http nginx 1.9.9 | http-methods: | Supported Methods: GET HEAD |_http-server-header: nginx/1.9.9 |_http-title: Welcome to nginx! Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 60.896 days (since Wed Apr 24 19:00:43 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.142

Nmap scan report for 217.23.0.143 Host is up (0.011s latency). Not shown: 994 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 27:1d:62:b6:c7:0b:45:e0:8e:8a:2a:2b:8f:cf:83:57 (DSA) | 2048 3f:94:62:33:91:84:38:3b:be:45:2f:da:8b:7e:33:c2 (RSA) | 256 ea:6a:3e:e0:cc:10:5f:f1:16:2f:d0:82:ce:46:68:0f (ECDSA) |_ 256 b9:0f:37:98:34:83:6e:50:99:6b:61:06:0d:20:09:4a (ED25519) 80/tcp open http nginx 1.4.6 (Ubuntu) | http-ls: Volume / | maxfiles limit reached (10) | SIZE TIME FILENAME | 110 2017-09-28 16:01 getcode.php%3fmac= | 139 2017-09-28 16:01 ./getcode.php%3fmac=00:1a:79:1e:bd:09 | - 2017-06-27 14:29 html/ | - 2017-10-24 10:54 laravel/ | - 2017-10-24 11:16 laravel/la1/ | 12 2017-09-28 16:55 log.txt | 55M 2017-09-15 13:15 ministra-5.3.0.zip | - 2017-10-17 14:48 panel--/ | - 2017-10-17 19:00 panel/ | 29K 2017-10-17 18:46 phpmaker.php |_ | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-server-header: nginx/1.4.6 (Ubuntu) |http-title: Index of / 88/tcp open http Apache httpd 2.4.7 | http-ls: Volume / | maxfiles limit reached (10) | SIZE TIME FILENAME | 110 2017-09-28 16:01 getcode.php%3fmac= | 139 2017-09-28 16:01 ./getcode.php%3fmac=00:1a:79:1e:bd:09 | - 2017-06-27 14:29 html/ | - 2017-10-24 10:54 laravel/ | - 2017-10-24 11:16 laravel/la1/ | 12 2017-09-28 16:55 log.txt | 55M 2017-09-15 13:15 ministra-5.3.0.zip | - 2017-10-17 14:48 panel--/ | - 2017-10-17 19:00 panel/ | 29K 2017-10-17 18:46 phpmaker.php | | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.7 (Ubuntu) |http-title: Index of / 8000/tcp open http Icecast streaming media server | http-methods: | Supported Methods: GET HEAD POST |http-title: Icecast Streaming Media Server 8080/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works 9200/tcp open http Elasticsearch REST API 5.6.2 (name: 0A76kcf; cluster: elasticsearch; Lucene 6.6.1) |http-favicon: Unknown favicon MD5: 6177BFB75B498E0BB356223ED76FFE43 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-title: Site doesn't have a title (application/json; charset=UTF-8). Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 138.975 days (since Tue Feb 05 16:07:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=263 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: 0.0.0.3; OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.143

Nmap scan report for 217.23.0.156 Host is up (0.011s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.7p1 Ubuntu 5ubuntu1.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 5d:d9:fe:33:0f:91:19:57:3b:7b:b1:88:20:0c:c5:b8 (DSA) | 2048 bc:33:94:03:f7:95:39:b7:37:11:b3:68:e9:15:c0:d9 (RSA) | 256 49:c4:b7:ef:73:62:7a:ba:89:56:53:06:b9:e3:a4:9a (ECDSA) |_ 256 27:16:6a:e4:bf:dd:8d:51:1a:60:0a:b3:9f:0e:f1:25 (ED25519) 1935/tcp open rtmp? 8080/tcp open http nginx 1.9.9 | http-methods: |_ Supported Methods: GET HEAD |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: nginx/1.9.9 |_http-title: Welcome to nginx! Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 159.581 days (since Wed Jan 16 01:33:24 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.156

Nmap scan report for 217.23.0.164 Host is up (0.020s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 4a:9f:bf:97:44:ee:c3:27:33:d1:48:fc:10:90:5d:3f (DSA) | 2048 a5:61:4e:a8:d6:5c:fd:68:b5:07:34:a9:56:05:b6:f7 (RSA) | 256 bb:a3:07:f2:51:3c:99:f3:aa:b5:76:ad:19:4f:ba:c2 (ECDSA) |_ 256 b8:78:7b:fc:9f:b4:21:9f:8c:cc:d2:3a:ab:ab:4d:9e (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works 443/tcp open ssl/https Apache/2.4.7 (Ubuntu) |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: 403 Forbidden 3306/tcp open mysql MariaDB (unauthorized) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 159.911 days (since Tue Jan 15 17:38:47 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.164

Nmap scan report for 217.23.0.167 Host is up (0.019s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 e1:66:95:8f:c2:a1:a2:5e:f7:a5:e6:13:9e:8a:3c:cc (DSA) | 2048 15:91:28:d2:33:fa:b6:46:6f:50:a5:41:ae:80:45:51 (RSA) | 256 ab:07:96:b4:74:80:dd:7d:f2:b8:2b:ba:d4:9a:12:7b (ECDSA) |_ 256 42:d4:b6:cb:48:7f:99:36:2a:bf:21:32:43:b1:48:e4 (ED25519) 80/tcp open http nginx 1.4.6 (Ubuntu) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.4.6 (Ubuntu) |http-title: Site doesn't have a title (text/html). 88/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Site doesn't have a title (text/html). Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 47.438 days (since Wed May 08 05:59:13 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.167

Nmap scan report for 217.23.0.178 Host is up (0.019s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 6d:76:3f:29:5e:c2:ac:ff:b7:d2:72:62:50:54:14:b4 (DSA) | 2048 d7:65:3d:0d:2f:98:9c:df:6a:dd:cd:94:13:52:18:86 (RSA) | 256 f6:8d:f0:b0:92:00:eb:d2:30:2c:3c:d5:b6:27:a8:43 (ECDSA) |_ 256 1e:fc:ad:16:63:c0:3c:d4:a0:f1:33:e0:06:44:2d:a7 (ED25519) 1935/tcp open rtmp? 9999/tcp open http nginx 1.9.9 | http-methods: |_ Supported Methods: GET HEAD |_http-server-header: nginx/1.9.9 |_http-title: Welcome to nginx! Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 19.470 days (since Wed Jun 05 05:13:23 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.178

Nmap scan report for 217.23.0.179 Host is up (0.019s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 9b:9b:a3:73:f9:1d:83:69:85:6f:4a:ef:eb:da:2f:11 (DSA) | 2048 cf:b6:2b:f4:11:34:cc:51:f2:8d:ac:fe:5a:a6:25:1f (RSA) | 256 2e:8d:70:99:88:69:55:d6:cb:31:36:74:d7:14:32:d2 (ECDSA) |_ 256 be:77:df:7d:bb:9b:af:36:4f:e0:0a:26:50:f8:f5:6f (ED25519) 80/tcp open http Apache httpd 2.4.7 | http-ls: Volume / | maxfiles limit reached (10) | SIZE TIME FILENAME | - 2016-11-10 13:10 catch06/ | - 2017-02-11 20:07 html/ | - 2016-11-06 19:17 set/ | 3.9K 2017-01-16 20:41 set/getchannelcatch.php | 3.9K 2017-01-16 20:41 set/getchannelcatch07.php | 3.8K 2016-11-10 14:57 set/getchannelflashbasic.php | 3.8K 2016-11-10 14:57 set/getchannelflashprem.php | 3.8K 2016-11-10 14:57 set/getchannelformuler.php | 4.1K 2017-01-16 20:41 set/getchannels.php | 3.8K 2016-11-10 14:57 set/getchannels2.php |_ | http-methods: |_ Supported Methods: OPTIONS GET HEAD POST |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Index of / Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 19.632 days (since Wed Jun 05 01:20:51 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: 0.0.0.3; OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.179

Nmap scan report for 217.23.0.181 Host is up (0.019s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 ea:93:7b:a4:50:31:8e:7b:15:17:71:e4:bf:e9:80:94 (DSA) | 2048 45:4c:63:fe:7c:9b:ef:a4:f1:ec:76:45:cd:2a:a0:da (RSA) | 256 ca:93:8b:4b:b8:a2:62:de:ab:e5:be:be:7d:a2:83:65 (ECDSA) |_ 256 c8:d8:6e:77:87:71:7d:64:27:9e:0a:94:cc:bb:fa:ba (ED25519) 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST |_http-server-header: nginx |http-title: Site doesn't have a title (text/html; charset=UTF-8). 8080/tcp open http nginx | http-methods: | Supported Methods: GET HEAD POST |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 13.415 days (since Tue Jun 11 06:32:45 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.181

Nmap scan report for 217.23.0.182 Host is up (0.019s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 b6:f3:23:e3:de:bb:15:79:85:a6:09:c9:34:fd:19:3e (DSA) | 2048 3f:69:13:b7:60:f5:94:ff:ed:7c:42:e4:f5:a2:58:bb (RSA) | 256 09:93:17:f9:c1:c9:7d:ae:05:47:36:4b:61:6e:01:69 (ECDSA) |_ 256 f4:95:e1:84:d6:72:46:96:74:50:f4:1b:23:3a:76:e0 (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: |_ Supported Methods: OPTIONS GET HEAD POST |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Site doesn't have a title (text/html). 443/tcp open ssl/https Apache/2.4.7 (Ubuntu) |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: 403 Forbidden Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 65.792 days (since Fri Apr 19 21:29:39 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.182

Nmap scan report for 217.23.0.184 Host is up (0.019s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.7 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 e8:c6:6a:3e:77:69:28:cc:da:f5:e2:df:90:78:c3:f2 (RSA) | 256 f5:8d:a7:3a:02:69:1d:17:48:f0:dd:31:b0:5a:f5:a9 (ECDSA) |_ 256 34:09:00:37:d2:9c:60:48:3d:7c:dd:4b:73:b4:67:71 (ED25519) 80/tcp open http nginx 1.10.3 (Ubuntu) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |http-title: Site doesn't have a title (text/html). 88/tcp open http Apache httpd 2.4.18 | http-methods: | Supported Methods: POST OPTIONS GET HEAD |_http-server-header: Apache/2.4.18 (Ubuntu) |http-title: 403 Forbidden 443/tcp open ssl/http nginx 1.10.3 (Ubuntu) | http-methods: | Supported Methods: POST OPTIONS GET HEAD |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=mag.volka.tv | Subject Alternative Name: DNS:mag.volka.tv | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-06-06T19:33:05 | Not valid after: 2019-09-04T19:33:05 | MD5: e144 4bbe 276d fe12 81cf 27f2 b91f 8779 |SHA-1: d016 6652 18b0 9c16 783c 9290 05af e373 ea51 a927 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | tls-nextprotoneg: | http/1.1 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 46.546 days (since Thu May 09 03:24:31 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: mag.volka.tv; OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.184

Nmap scan report for 217.23.0.193 Host is up (0.017s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 1.00 ms 217.23.0.193

Nmap scan report for 217.23.0.194 Host is up (0.0038s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.38 OS details: Linux 2.6.38 Network Distance: 2 hops

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.194

Nmap scan report for 217.23.0.195 Host is up (0.019s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.195

Nmap scan report for 217.23.0.196 Host is up (0.019s latency). All 1000 scanned ports on 217.23.0.196 are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 4.00 ms 217.23.0.196

Nmap scan report for 217.23.0.197 Host is up (0.026s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 ee:53:6f:88:b9:7a:6a:a1:0f:5a:01:a8:d1:3c:6e:ad (DSA) | 2048 ec:cf:5a:42:d0:3d:72:26:39:99:53:ae:c7:fe:af:75 (RSA) | 256 f0:94:ad:dc:96:38:9c:0c:87:34:61:07:8b:2e:05:39 (ECDSA) |_ 256 cc:4a:86:70:ef:9f:99:29:a9:fa:dc:6f:ea:19:e9:87 (ED25519) 8001/tcp open vcom-tunnel? No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=7.70%E=4%D=6/24%OT=22%CT=1%CU=31130%PV=N%DS=2%DC=T%G=Y%TM=5D10DE7 OS:F%P=i686-pc-windows-windows)SEQ(SP=103%GCD=1%ISR=10B%TI=Z%TS=U)SEQ(SP=10 OS:4%GCD=2%ISR=108%TI=Z%II=I%TS=U)SEQ(SP=101%GCD=2%ISR=108%TI=Z%CI=I%II=I%T OS:S=U)OPS(O1=M5B4NNSNW8%O2=M5B4NNSNW8%O3=M5B4NW8%O4=M5B4NNSNW8%O5=M5B4NNSN OS:W8%O6=M5B4NNS)WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)ECN(R= OS:Y%DF=Y%T=40%W=7210%O=M5B4NNSNW8%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%R OS:D=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y% OS:DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R% OS:O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=4 OS:0%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)

Network Distance: 2 hops TCP Sequence Prediction: Difficulty=253 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.197

Nmap scan report for 217.23.0.198 Host is up (0.015s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 45:11:fb:33:06:9d:0d:24:20:47:7b:9a:d6:4d:c4:8e (DSA) | 2048 92:7b:73:0a:a8:c3:e0:7d:a7:83:41:95:e6:f3:8f:96 (RSA) | 256 74:39:18:cb:00:d3:fa:d9:cc:67:02:a4:3f:a3:3d:fd (ECDSA) |_ 256 37:17:56:e8:0f:d9:eb:06:ff:1c:f1:e6:4c:dd:2c:a2 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 19.553 days (since Wed Jun 05 03:14:06 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=253 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.198

Nmap scan report for 217.23.0.199 Host is up (0.076s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 54:bd:b1:f1:4d:f3:2f:42:d3:55:68:5e:34:a8:ca:01 (DSA) | 2048 da:fc:e4:43:ac:ce:c5:6f:0c:86:32:ea:fa:48:59:56 (RSA) | 256 20:57:ff:08:6a:2c:6c:d7:42:03:b3:86:c3:a1:88:78 (ECDSA) |_ 256 16:08:57:9e:1f:6e:04:2f:53:06:7d:f8:bc:75:c1:f8 (ED25519) 8001/tcp open vcom-tunnel? No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=7.70%E=4%D=6/24%OT=22%CT=1%CU=40755%PV=N%DS=2%DC=T%G=Y%TM=5D10DE7 OS:F%P=i686-pc-windows-windows)SEQ(SP=104%GCD=1%ISR=10B%TI=Z%CI=I%TS=U)SEQ( OS:SP=101%GCD=1%ISR=10D%TI=Z%CI=I%II=I%TS=U)SEQ(SP=108%GCD=1%ISR=10C%TI=Z%I OS:I=I%TS=U)OPS(O1=M5B4NNSNW8%O2=M5B4NNSNW8%O3=M5B4NW8%O4=M5B4NNSNW8%O5=M5B OS:4NNSNW8%O6=M5B4NNS)WIN(W1=7210%W2=7210%W3=7210%W4=7210%W5=7210%W6=7210)E OS:CN(R=Y%DF=Y%T=40%W=7210%O=M5B4NNSNW8%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F OS:=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5 OS:(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z OS:%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF= OS:N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40% OS:CD=S)

Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.199

Nmap scan report for 217.23.0.200 Host is up (0.0040s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 70:45:94:c1:f9:b7:89:e2:4b:e2:15:27:c9:2e:7c:43 (DSA) | 2048 5f:87:a6:6d:9c:54:d9:66:1c:7e:ec:a9:3a:08:a1:3d (RSA) | 256 fa:0f:a6:93:ff:7a:86:88:4d:be:0b:79:06:23:73:cd (ECDSA) |_ 256 c4:3d:e6:ad:89:40:22:dc:d0:96:54:b8:6e:a8:2f:08 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.1 (95%), Linux 3.2 (95%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (94%), Philips Hue Bridge 2.0 (Linux) (93%), Geovision EBD4700 CCTV camera (Linux 3.4) (93%), Linux 3.10 (93%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.200

Nmap scan report for 217.23.0.201 Host is up (0.014s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 a8:65:34:15:4e:0d:b6:b3:1c:3d:1f:6e:68:60:8e:b7 (DSA) | 2048 e9:92:52:5b:c1:61:a2:37:40:48:ed:ac:c6:fd:38:60 (RSA) | 256 f6:8f:75:35:29:50:8c:9e:49:cb:b6:6c:da:61:fa:02 (ECDSA) |_ 256 67:b7:0d:35:d5:05:aa:88:31:04:1b:eb:ad:b8:10:8c (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=263 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.201

Nmap scan report for 217.23.0.202 Host is up (0.063s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 71:9b:3c:31:b3:6d:dd:46:e3:47:23:a8:73:c8:4b:55 (DSA) | 2048 0f:e7:08:ed:39:8a:a4:32:ce:f9:d0:48:be:d0:2f:7f (RSA) | 256 d5:6b:f9:e5:9d:1b:4a:90:c4:65:be:3a:36:65:3a:e6 (ECDSA) |_ 256 9a:44:29:5f:1c:06:fb:5e:53:47:b9:fd:ab:1c:12:e7 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.202

Nmap scan report for 217.23.0.203 Host is up (0.026s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 61:4d:34:b6:a5:81:24:fe:ad:d4:20:c1:e6:78:bd:49 (DSA) | 2048 b0:7a:c6:30:2a:4d:43:a8:47:42:29:d0:8d:01:36:d0 (RSA) | 256 28:bf:c6:94:e4:49:cd:a6:b0:21:8c:71:1b:9d:53:31 (ECDSA) |_ 256 1f:c8:cb:bf:25:62:70:b3:e9:c0:7c:25:b3:18:65:5e (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=265 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.203

Nmap scan report for 217.23.0.204 Host is up (0.031s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 15:04:e0:a3:4b:e7:90:96:56:db:31:d6:9c:80:e5:00 (DSA) | 2048 ad:4e:57:c4:db:17:30:00:95:33:8f:40:af:d6:ac:67 (RSA) | 256 92:0e:7b:10:99:74:29:6f:b8:d0:19:22:06:64:cc:26 (ECDSA) |_ 256 a1:34:d0:94:83:fb:a8:90:22:86:cc:ad:41:98:88:9a (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.204

Nmap scan report for 217.23.0.205 Host is up (0.030s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 6a:d9:ca:0b:e1:91:14:ca:bd:58:e9:b0:b0:17:2c:64 (DSA) | 2048 2b:4f:32:c9:b9:7f:fa:5b:d8:21:77:bf:f6:41:ec:66 (RSA) | 256 27:99:6c:4a:7d:a9:ed:52:50:13:76:71:7d:e4:9d:da (ECDSA) |_ 256 aa:a3:46:48:01:28:6b:b1:f3:9c:17:7f:1d:ed:4f:0a (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.205

Nmap scan report for 217.23.0.223 [host down] Nmap scan report for 217.23.0.224 [host down] Nmap scan report for 217.23.0.226 [host down] Nmap scan report for 217.23.0.227 [host down] Nmap scan report for 217.23.0.228 [host down] Nmap scan report for 217.23.0.229 [host down] Nmap scan report for 217.23.0.231 [host down] Nmap scan report for 217.23.0.232 [host down] Nmap scan report for 217.23.0.234 [host down] Nmap scan report for 217.23.0.235 [host down] Nmap scan report for 217.23.0.236 [host down] Nmap scan report for 217.23.0.237 [host down] Nmap scan report for 217.23.0.238 [host down] Nmap scan report for 217.23.0.253 [host down] Nmap scan report for 217.23.0.255 [host down] Nmap scan report for 217.23.1.0 [host down] Nmap scan report for 217.23.1.3 [host down] Nmap scan report for 217.23.1.4 [host down] Nmap scan report for 217.23.1.5 [host down] Nmap scan report for 217.23.1.6 [host down] Nmap scan report for 217.23.1.8 [host down] Nmap scan report for 217.23.1.10 [host down] Nmap scan report for 217.23.1.11 [host down] Nmap scan report for 217.23.1.13 [host down] Nmap scan report for 217.23.1.25 [host down] Nmap scan report for 217.23.1.29 [host down] Nmap scan report for 217.23.1.30 [host down] Nmap scan report for 217.23.1.31 [host down] Nmap scan report for 217.23.1.32 [host down] Nmap scan report for 217.23.1.33 [host down] Nmap scan report for 217.23.1.35 [host down] Nmap scan report for 217.23.1.36 [host down] Nmap scan report for 217.23.1.37 [host down] Nmap scan report for 217.23.1.39 [host down] Nmap scan report for 217.23.1.42 [host down] Initiating SYN Stealth Scan at 16:30 Scanning 64 hosts [1000 ports/host] Discovered open port 139/tcp on 217.23.1.7 Discovered open port 139/tcp on 217.23.1.23 Discovered open port 139/tcp on 217.23.1.27 Discovered open port 139/tcp on 217.23.0.248 Discovered open port 139/tcp on 217.23.1.20 Discovered open port 139/tcp on 217.23.1.48 Discovered open port 25/tcp on 217.23.1.14 Discovered open port 25/tcp on 217.23.1.23 Discovered open port 25/tcp on 217.23.1.24 Discovered open port 25/tcp on 217.23.1.48 Discovered open port 25/tcp on 217.23.0.243 Discovered open port 135/tcp on 217.23.1.7 Discovered open port 25/tcp on 217.23.1.20 Discovered open port 5900/tcp on 217.23.1.27 Discovered open port 53/tcp on 217.23.1.14 Discovered open port 135/tcp on 217.23.1.27 Discovered open port 25/tcp on 217.23.1.41 Discovered open port 53/tcp on 217.23.0.248 Discovered open port 53/tcp on 217.23.0.249 Discovered open port 445/tcp on 217.23.1.7 Discovered open port 53/tcp on 217.23.1.23 Discovered open port 53/tcp on 217.23.1.24 Discovered open port 53/tcp on 217.23.1.48 Discovered open port 445/tcp on 217.23.0.248 Discovered open port 53/tcp on 217.23.1.20 Discovered open port 445/tcp on 217.23.1.23 Discovered open port 445/tcp on 217.23.1.27 Discovered open port 445/tcp on 217.23.1.48 Discovered open port 53/tcp on 217.23.0.243 Discovered open port 53/tcp on 217.23.1.41 Discovered open port 443/tcp on 217.23.1.12 Discovered open port 443/tcp on 217.23.1.14 Discovered open port 445/tcp on 217.23.1.20 Discovered open port 443/tcp on 217.23.1.15 Discovered open port 443/tcp on 217.23.1.17 Discovered open port 443/tcp on 217.23.0.233 Discovered open port 443/tcp on 217.23.0.245 Discovered open port 443/tcp on 217.23.0.241 Discovered open port 443/tcp on 217.23.0.248 Discovered open port 443/tcp on 217.23.0.251 Discovered open port 22/tcp on 217.23.1.2 Discovered open port 22/tcp on 217.23.1.14 Discovered open port 22/tcp on 217.23.1.12 Discovered open port 22/tcp on 217.23.1.19 Discovered open port 22/tcp on 217.23.1.22 Discovered open port 443/tcp on 217.23.1.40 Discovered open port 22/tcp on 217.23.0.206 Discovered open port 443/tcp on 217.23.1.48 Discovered open port 22/tcp on 217.23.0.210 Discovered open port 22/tcp on 217.23.0.211 Discovered open port 22/tcp on 217.23.0.212 Discovered open port 22/tcp on 217.23.0.216 Discovered open port 22/tcp on 217.23.0.217 Discovered open port 22/tcp on 217.23.0.218 Discovered open port 22/tcp on 217.23.0.221 Discovered open port 22/tcp on 217.23.0.222 Discovered open port 22/tcp on 217.23.0.239 Discovered open port 443/tcp on 217.23.0.242 Discovered open port 22/tcp on 217.23.0.241 Discovered open port 22/tcp on 217.23.0.245 Discovered open port 22/tcp on 217.23.0.246 Discovered open port 22/tcp on 217.23.0.248 Discovered open port 22/tcp on 217.23.0.249 Discovered open port 22/tcp on 217.23.0.251 Discovered open port 22/tcp on 217.23.0.252 Discovered open port 21/tcp on 217.23.1.12 Discovered open port 21/tcp on 217.23.1.14 Discovered open port 443/tcp on 217.23.1.23 Discovered open port 443/tcp on 217.23.1.24 Discovered open port 22/tcp on 217.23.1.26 Discovered open port 22/tcp on 217.23.1.40 Discovered open port 25/tcp on 217.23.1.43 Discovered open port 443/tcp on 217.23.1.41 Discovered open port 22/tcp on 217.23.0.209 Discovered open port 21/tcp on 217.23.0.212 Discovered open port 22/tcp on 217.23.0.219 Discovered open port 22/tcp on 217.23.0.220 Discovered open port 21/tcp on 217.23.0.239 Discovered open port 22/tcp on 217.23.0.242 Discovered open port 21/tcp on 217.23.0.245 Discovered open port 21/tcp on 217.23.0.241 Discovered open port 21/tcp on 217.23.0.249 Discovered open port 21/tcp on 217.23.0.246 Discovered open port 21/tcp on 217.23.0.251 Discovered open port 21/tcp on 217.23.0.248 Discovered open port 21/tcp on 217.23.1.48 Discovered open port 22/tcp on 217.23.0.207 Discovered open port 22/tcp on 217.23.1.41 Discovered open port 21/tcp on 217.23.0.242 Discovered open port 22/tcp on 217.23.0.243 Discovered open port 143/tcp on 217.23.1.14 Discovered open port 443/tcp on 217.23.1.20 Discovered open port 22/tcp on 217.23.1.24 Discovered open port 22/tcp on 217.23.0.208 Discovered open port 21/tcp on 217.23.0.243 Discovered open port 143/tcp on 217.23.0.248 Discovered open port 21/tcp on 217.23.1.23 Discovered open port 143/tcp on 217.23.1.48 Discovered open port 80/tcp on 217.23.1.14 Discovered open port 80/tcp on 217.23.1.12 Discovered open port 80/tcp on 217.23.1.15 Discovered open port 80/tcp on 217.23.0.241 Discovered open port 80/tcp on 217.23.0.245 Discovered open port 80/tcp on 217.23.0.246 Discovered open port 80/tcp on 217.23.0.251 Discovered open port 80/tcp on 217.23.0.248 Discovered open port 80/tcp on 217.23.0.252 Discovered open port 587/tcp on 217.23.1.14 Discovered open port 21/tcp on 217.23.1.20 Discovered open port 143/tcp on 217.23.1.23 Discovered open port 80/tcp on 217.23.1.40 Discovered open port 80/tcp on 217.23.1.48 Discovered open port 80/tcp on 217.23.0.217 Discovered open port 80/tcp on 217.23.0.216 Discovered open port 80/tcp on 217.23.0.219 Discovered open port 80/tcp on 217.23.0.233 Discovered open port 80/tcp on 217.23.0.239 Discovered open port 587/tcp on 217.23.0.248 Discovered open port 80/tcp on 217.23.0.249 Discovered open port 993/tcp on 217.23.1.14 Discovered open port 1723/tcp on 217.23.1.41 Discovered open port 443/tcp on 217.23.1.34 Discovered open port 443/tcp on 217.23.1.43 Discovered open port 80/tcp on 217.23.0.242 Discovered open port 80/tcp on 217.23.0.243 Discovered open port 993/tcp on 217.23.0.248 Discovered open port 111/tcp on 217.23.1.2 Discovered open port 443/tcp on 217.23.1.18 Discovered open port 80/tcp on 217.23.1.23 Discovered open port 443/tcp on 217.23.1.46 Discovered open port 443/tcp on 217.23.0.230 Discovered open port 443/tcp on 217.23.0.247 Discovered open port 3389/tcp on 217.23.1.7 Discovered open port 111/tcp on 217.23.1.14 Discovered open port 111/tcp on 217.23.1.48 Discovered open port 22/tcp on 217.23.0.230 Discovered open port 22/tcp on 217.23.0.247 Discovered open port 143/tcp on 217.23.1.20 Discovered open port 443/tcp on 217.23.1.44 Discovered open port 443/tcp on 217.23.1.47 Discovered open port 995/tcp on 217.23.0.248 Discovered open port 995/tcp on 217.23.1.14 Discovered open port 443/tcp on 217.23.1.21 Discovered open port 111/tcp on 217.23.1.23 Discovered open port 443/tcp on 217.23.1.45 Discovered open port 22/tcp on 217.23.0.214 Discovered open port 110/tcp on 217.23.0.248 Discovered open port 110/tcp on 217.23.1.14 Discovered open port 80/tcp on 217.23.1.20 Discovered open port 3389/tcp on 217.23.1.27 Discovered open port 110/tcp on 217.23.1.48 Discovered open port 22/tcp on 217.23.0.215 Discovered open port 80/tcp on 217.23.1.18 Discovered open port 80/tcp on 217.23.1.24 Discovered open port 80/tcp on 217.23.1.34 Discovered open port 80/tcp on 217.23.1.43 Discovered open port 80/tcp on 217.23.1.17 Discovered open port 80/tcp on 217.23.0.230 Discovered open port 8080/tcp on 217.23.0.248 Discovered open port 80/tcp on 217.23.0.244 Discovered open port 80/tcp on 217.23.0.247 Discovered open port 111/tcp on 217.23.1.20 Discovered open port 110/tcp on 217.23.1.23 Discovered open port 587/tcp on 217.23.1.24 Discovered open port 8080/tcp on 217.23.0.251 Discovered open port 80/tcp on 217.23.0.250 Discovered open port 993/tcp on 217.23.1.24 Discovered open port 8888/tcp on 217.23.1.27 Discovered open port 80/tcp on 217.23.1.44 Discovered open port 80/tcp on 217.23.1.21 Discovered open port 80/tcp on 217.23.1.45 Discovered open port 3306/tcp on 217.23.1.48 Discovered open port 3306/tcp on 217.23.0.252 Discovered open port 3306/tcp on 217.23.1.12 Discovered open port 3306/tcp on 217.23.1.14 Discovered open port 110/tcp on 217.23.1.20 Discovered open port 3389/tcp on 217.23.1.18 Discovered open port 3306/tcp on 217.23.1.27 Discovered open port 3389/tcp on 217.23.1.17 Discovered open port 3306/tcp on 217.23.1.23 Discovered open port 3389/tcp on 217.23.0.213 Discovered open port 7070/tcp on 217.23.1.27 Discovered open port 3306/tcp on 217.23.1.20 Discovered open port 2608/tcp on 217.23.1.27 Discovered open port 9593/tcp on 217.23.1.27 Discovered open port 5988/tcp on 217.23.1.27 Discovered open port 2068/tcp on 217.23.1.27 Discovered open port 6123/tcp on 217.23.1.27 Discovered open port 2323/tcp on 217.23.1.27 Discovered open port 2047/tcp on 217.23.1.27 Discovered open port 4567/tcp on 217.23.1.27 Discovered open port 2492/tcp on 217.23.1.27 Discovered open port 15000/tcp on 217.23.1.27 Discovered open port 9207/tcp on 217.23.1.27 Discovered open port 6689/tcp on 217.23.1.27 Discovered open port 11111/tcp on 217.23.1.27 Discovered open port 5850/tcp on 217.23.1.27 Discovered open port 2811/tcp on 217.23.1.27 Discovered open port 2288/tcp on 217.23.1.27 Discovered open port 2399/tcp on 217.23.1.27 Discovered open port 2399/tcp on 217.23.0.217 Discovered open port 32784/tcp on 217.23.1.27 Discovered open port 5050/tcp on 217.23.1.27 Discovered open port 3851/tcp on 217.23.1.27 Discovered open port 32773/tcp on 217.23.1.27 Discovered open port 30951/tcp on 217.23.1.27 Discovered open port 6565/tcp on 217.23.1.27 Discovered open port 5907/tcp on 217.23.1.27 Discovered open port 5903/tcp on 217.23.1.27 Discovered open port 5903/tcp on 217.23.0.252 Discovered open port 5222/tcp on 217.23.1.27 Discovered open port 5221/tcp on 217.23.1.27 Discovered open port 49175/tcp on 217.23.1.27 Discovered open port 2968/tcp on 217.23.1.27 Discovered open port 5877/tcp on 217.23.1.27 Discovered open port 30000/tcp on 217.23.1.27 Discovered open port 2170/tcp on 217.23.1.27 Discovered open port 32782/tcp on 217.23.1.27 Discovered open port 2601/tcp on 217.23.1.27 Discovered open port 22939/tcp on 217.23.1.27 Discovered open port 2401/tcp on 217.23.1.27 Discovered open port 9080/tcp on 217.23.0.248 Discovered open port 6004/tcp on 217.23.1.27 Discovered open port 9080/tcp on 217.23.0.217 Discovered open port 9080/tcp on 217.23.1.27 Discovered open port 2394/tcp on 217.23.1.27 Discovered open port 3283/tcp on 217.23.1.27 Discovered open port 2602/tcp on 217.23.1.27 Discovered open port 32779/tcp on 217.23.1.27 Discovered open port 9080/tcp on 217.23.1.21 Discovered open port 10000/tcp on 217.23.1.27 Discovered open port 60443/tcp on 217.23.1.27 Discovered open port 9502/tcp on 217.23.1.27 Discovered open port 6792/tcp on 217.23.1.27 Discovered open port 2005/tcp on 217.23.1.27 Discovered open port 3914/tcp on 217.23.1.27 Discovered open port 5989/tcp on 217.23.1.27 Discovered open port 5214/tcp on 217.23.1.27 Discovered open port 5989/tcp on 217.23.1.15 Discovered open port 2869/tcp on 217.23.1.27 Discovered open port 7911/tcp on 217.23.1.27 Discovered open port 8290/tcp on 217.23.1.27 Discovered open port 40193/tcp on 217.23.1.27 Discovered open port 5802/tcp on 217.23.1.27 Discovered open port 3998/tcp on 217.23.1.27 Discovered open port 3211/tcp on 217.23.1.27 Discovered open port 8085/tcp on 217.23.1.27 Discovered open port 9050/tcp on 217.23.1.27 Discovered open port 2035/tcp on 217.23.1.27 Discovered open port 8000/tcp on 217.23.1.15 Discovered open port 8000/tcp on 217.23.1.27 Discovered open port 57294/tcp on 217.23.1.27 Discovered open port 4279/tcp on 217.23.1.27 Discovered open port 8000/tcp on 217.23.1.21 Discovered open port 2522/tcp on 217.23.1.27 Discovered open port 3703/tcp on 217.23.1.27 Discovered open port 5822/tcp on 217.23.1.27 Discovered open port 5960/tcp on 217.23.1.27 Discovered open port 3995/tcp on 217.23.1.27 Discovered open port 3261/tcp on 217.23.1.27 Discovered open port 6389/tcp on 217.23.1.27 Discovered open port 49167/tcp on 217.23.1.27 Discovered open port 6101/tcp on 217.23.1.27 Discovered open port 2875/tcp on 217.23.1.27 Discovered open port 9998/tcp on 217.23.1.27 Discovered open port 5060/tcp on 217.23.1.27 Discovered open port 5922/tcp on 217.23.1.27 Discovered open port 5915/tcp on 217.23.1.27 Discovered open port 5510/tcp on 217.23.1.27 Discovered open port 20005/tcp on 217.23.1.27 Discovered open port 9101/tcp on 217.23.1.27 Discovered open port 27356/tcp on 217.23.1.27 Discovered open port 8042/tcp on 217.23.1.27 Discovered open port 27715/tcp on 217.23.1.27 Discovered open port 8022/tcp on 217.23.1.27 Discovered open port 902/tcp on 217.23.1.15 Discovered open port 5002/tcp on 217.23.1.27 Discovered open port 902/tcp on 217.23.1.21 Discovered open port 32776/tcp on 217.23.1.27 Discovered open port 3390/tcp on 217.23.1.27 Discovered open port 5001/tcp on 217.23.1.27 Discovered open port 2121/tcp on 217.23.1.27 Discovered open port 3546/tcp on 217.23.1.27 Discovered open port 9595/tcp on 217.23.1.27 Discovered open port 2717/tcp on 217.23.1.27 Discovered open port 3007/tcp on 217.23.1.27 Discovered open port 8008/tcp on 217.23.1.27 Discovered open port 8652/tcp on 217.23.1.27 Discovered open port 19283/tcp on 217.23.1.27 Discovered open port 8045/tcp on 217.23.1.27 Discovered open port 2013/tcp on 217.23.1.27 Discovered open port 2107/tcp on 217.23.1.27 Discovered open port 6000/tcp on 217.23.1.27 Discovered open port 9415/tcp on 217.23.1.27 Discovered open port 3000/tcp on 217.23.1.23 Discovered open port 3000/tcp on 217.23.0.248 Discovered open port 3369/tcp on 217.23.1.27 Discovered open port 3000/tcp on 217.23.1.27 Discovered open port 3000/tcp on 217.23.1.20 Discovered open port 25735/tcp on 217.23.1.27 Discovered open port 8009/tcp on 217.23.1.27 Discovered open port 8093/tcp on 217.23.1.27 Discovered open port 64623/tcp on 217.23.1.27 Discovered open port 5225/tcp on 217.23.1.27 Discovered open port 4899/tcp on 217.23.1.27 Discovered open port 5061/tcp on 217.23.1.27 Discovered open port 3000/tcp on 217.23.1.48 Discovered open port 32772/tcp on 217.23.1.27 Discovered open port 32785/tcp on 217.23.1.27 Discovered open port 16000/tcp on 217.23.1.27 Discovered open port 34571/tcp on 217.23.1.27 Discovered open port 8088/tcp on 217.23.1.27 Discovered open port 2103/tcp on 217.23.1.27 Discovered open port 6969/tcp on 217.23.1.27 Discovered open port 5998/tcp on 217.23.1.27 Discovered open port 13783/tcp on 217.23.1.27 Discovered open port 10004/tcp on 217.23.1.27 Discovered open port 3905/tcp on 217.23.1.27 Discovered open port 50003/tcp on 217.23.1.27 Discovered open port 4224/tcp on 217.23.1.27 Discovered open port 5999/tcp on 217.23.1.27 Discovered open port 4002/tcp on 217.23.1.27 Discovered open port 2607/tcp on 217.23.1.27 Discovered open port 2135/tcp on 217.23.1.27 Discovered open port 2034/tcp on 217.23.1.27 SYN Stealth Scan Timing: About 22.24% done; ETC: 16:32 (0:01:48 remaining) Discovered open port 4002/tcp on 217.23.0.254 Discovered open port 8654/tcp on 217.23.1.27 Discovered open port 3690/tcp on 217.23.1.27 Discovered open port 2920/tcp on 217.23.1.27 Discovered open port 10617/tcp on 217.23.1.27 Discovered open port 5357/tcp on 217.23.1.27 Discovered open port 2301/tcp on 217.23.1.27 Discovered open port 6543/tcp on 217.23.1.27 Discovered open port 8800/tcp on 217.23.1.27 Discovered open port 9876/tcp on 217.23.1.27 Discovered open port 5000/tcp on 217.23.1.27 Discovered open port 389/tcp on 217.23.0.230 Discovered open port 9943/tcp on 217.23.1.27 Discovered open port 13722/tcp on 217.23.1.27 Discovered open port 2190/tcp on 217.23.1.27 Discovered open port 15002/tcp on 217.23.1.27 Discovered open port 9929/tcp on 217.23.1.27 Discovered open port 5000/tcp on 217.23.0.247 Discovered open port 9898/tcp on 217.23.1.27 Discovered open port 84/tcp on 217.23.0.217 Discovered open port 5666/tcp on 217.23.1.12 Discovered open port 9000/tcp on 217.23.1.27 Discovered open port 32780/tcp on 217.23.1.27 Discovered open port 8087/tcp on 217.23.1.27 Discovered open port 5666/tcp on 217.23.0.248 Discovered open port 5666/tcp on 217.23.1.27 Discovered open port 7007/tcp on 217.23.1.27 Discovered open port 9091/tcp on 217.23.1.27 Discovered open port 10616/tcp on 217.23.1.27 Discovered open port 8087/tcp on 217.23.1.16 Discovered open port 6005/tcp on 217.23.1.27 Discovered open port 9898/tcp on 217.23.0.254 Discovered open port 2998/tcp on 217.23.1.27 Discovered open port 10621/tcp on 217.23.1.27 Discovered open port 2100/tcp on 217.23.1.27 Discovered open port 4446/tcp on 217.23.1.27 Discovered open port 9898/tcp on 217.23.0.247 Discovered open port 6007/tcp on 217.23.1.27 Discovered open port 88/tcp on 217.23.1.38 Discovered open port 9898/tcp on 217.23.0.244 Discovered open port 2710/tcp on 217.23.1.27 Discovered open port 9898/tcp on 217.23.0.250 Discovered open port 2009/tcp on 217.23.1.27 Discovered open port 5003/tcp on 217.23.1.27 Discovered open port 88/tcp on 217.23.0.217 Discovered open port 8701/tcp on 217.23.1.27 Discovered open port 8383/tcp on 217.23.1.27 Discovered open port 88/tcp on 217.23.0.230 Discovered open port 7004/tcp on 217.23.1.27 Discovered open port 10012/tcp on 217.23.1.27 Discovered open port 14000/tcp on 217.23.1.27 Discovered open port 2809/tcp on 217.23.1.27 Discovered open port 2381/tcp on 217.23.1.27 Discovered open port 8300/tcp on 217.23.1.27 Discovered open port 2557/tcp on 217.23.1.27 Discovered open port 16993/tcp on 217.23.1.27 Discovered open port 9011/tcp on 217.23.1.27 Discovered open port 873/tcp on 217.23.1.16 Discovered open port 50389/tcp on 217.23.1.27 Discovered open port 16016/tcp on 217.23.1.27 Discovered open port 8300/tcp on 217.23.1.15 Discovered open port 8300/tcp on 217.23.1.21 Discovered open port 3551/tcp on 217.23.1.27 Discovered open port 4900/tcp on 217.23.1.27 Discovered open port 2033/tcp on 217.23.1.27 Discovered open port 4445/tcp on 217.23.1.27 Discovered open port 3168/tcp on 217.23.1.27 Discovered open port 82/tcp on 217.23.0.217 Discovered open port 32770/tcp on 217.23.1.27 Discovered open port 9220/tcp on 217.23.1.27 Discovered open port 6779/tcp on 217.23.1.27 Discovered open port 6112/tcp on 217.23.1.27 Discovered open port 6566/tcp on 217.23.1.27 Discovered open port 2040/tcp on 217.23.1.27 Discovered open port 9100/tcp on 217.23.1.27 Discovered open port 5500/tcp on 217.23.1.27 Discovered open port 3869/tcp on 217.23.1.27 Discovered open port 6580/tcp on 217.23.1.27 Discovered open port 5500/tcp on 217.23.0.248 Discovered open port 2021/tcp on 217.23.1.27 Discovered open port 5961/tcp on 217.23.1.27 Discovered open port 4045/tcp on 217.23.1.27 Discovered open port 2030/tcp on 217.23.1.27 Discovered open port 5500/tcp on 217.23.0.252 Discovered open port 5405/tcp on 217.23.1.27 Discovered open port 5718/tcp on 217.23.1.27 Discovered open port 2049/tcp on 217.23.1.27 Discovered open port 3013/tcp on 217.23.1.27 Discovered open port 14441/tcp on 217.23.1.27 Discovered open port 49400/tcp on 217.23.1.27 Discovered open port 13782/tcp on 217.23.1.27 Discovered open port 9503/tcp on 217.23.1.27 Discovered open port 5120/tcp on 217.23.1.27 Discovered open port 9002/tcp on 217.23.1.27 Discovered open port 32771/tcp on 217.23.1.27 Discovered open port 6901/tcp on 217.23.1.27 Discovered open port 3017/tcp on 217.23.1.27 Discovered open port 81/tcp on 217.23.0.217 Discovered open port 10009/tcp on 217.23.1.27 Discovered open port 9200/tcp on 217.23.1.27 Discovered open port 9666/tcp on 217.23.1.27 Discovered open port 8600/tcp on 217.23.1.27 Discovered open port 7627/tcp on 217.23.1.27 Discovered open port 2003/tcp on 217.23.1.27 Discovered open port 3920/tcp on 217.23.1.27 Discovered open port 7921/tcp on 217.23.1.27 Discovered open port 3325/tcp on 217.23.1.27 Discovered open port 10002/tcp on 217.23.1.27 Discovered open port 5987/tcp on 217.23.1.27 Discovered open port 5904/tcp on 217.23.1.27 Discovered open port 79/tcp on 217.23.0.217 Discovered open port 5054/tcp on 217.23.1.27 Discovered open port 33354/tcp on 217.23.1.27 Discovered open port 8083/tcp on 217.23.1.27 Discovered open port 32774/tcp on 217.23.1.27 Discovered open port 10629/tcp on 217.23.1.27 Discovered open port 10243/tcp on 217.23.1.27 Discovered open port 2038/tcp on 217.23.1.27 Discovered open port 2222/tcp on 217.23.1.27 Discovered open port 9290/tcp on 217.23.1.27 Discovered open port 4001/tcp on 217.23.1.27 Discovered open port 8081/tcp on 217.23.1.27 Discovered open port 20221/tcp on 217.23.1.27 Discovered open port 3580/tcp on 217.23.1.27 Discovered open port 2605/tcp on 217.23.1.27 Discovered open port 2048/tcp on 217.23.1.27 Discovered open port 8193/tcp on 217.23.1.27 Discovered open port 9618/tcp on 217.23.1.27 Discovered open port 2382/tcp on 217.23.1.27 Discovered open port 4001/tcp on 217.23.0.254 Discovered open port 5815/tcp on 217.23.1.27 Discovered open port 45100/tcp on 217.23.1.27 Discovered open port 11110/tcp on 217.23.1.27 Discovered open port 427/tcp on 217.23.1.21 Discovered open port 2043/tcp on 217.23.1.27 Discovered open port 427/tcp on 217.23.1.15 Discovered open port 3077/tcp on 217.23.1.27 Discovered open port 83/tcp on 217.23.0.217 Discovered open port 5101/tcp on 217.23.1.27 Discovered open port 5631/tcp on 217.23.1.27 Discovered open port 3221/tcp on 217.23.1.27 Discovered open port 5051/tcp on 217.23.1.27 Discovered open port 7002/tcp on 217.23.1.27 Discovered open port 7435/tcp on 217.23.1.27 Discovered open port 3784/tcp on 217.23.1.27 Discovered open port 41511/tcp on 217.23.1.27 Discovered open port 8084/tcp on 217.23.1.27 Discovered open port 10025/tcp on 217.23.1.27 Discovered open port 3493/tcp on 217.23.1.27 Discovered open port 2065/tcp on 217.23.1.27 Discovered open port 6025/tcp on 217.23.1.27 Discovered open port 5800/tcp on 217.23.1.27 Discovered open port 27353/tcp on 217.23.1.27 Discovered open port 3880/tcp on 217.23.1.27 Discovered open port 3689/tcp on 217.23.1.27 Discovered open port 3971/tcp on 217.23.1.27 Discovered open port 26214/tcp on 217.23.1.27 Discovered open port 7000/tcp on 217.23.1.27 Discovered open port 7000/tcp on 217.23.1.26 Discovered open port 9594/tcp on 217.23.1.27 Discovered open port 19315/tcp on 217.23.1.27 Discovered open port 8500/tcp on 217.23.1.27 Discovered open port 5800/tcp on 217.23.1.7 Discovered open port 3476/tcp on 217.23.1.27 Discovered open port 49155/tcp on 217.23.1.27 Discovered open port 38292/tcp on 217.23.1.27 Discovered open port 2604/tcp on 217.23.1.27 Discovered open port 15003/tcp on 217.23.1.27 Discovered open port 2967/tcp on 217.23.1.27 Discovered open port 6666/tcp on 217.23.1.27 Discovered open port 16012/tcp on 217.23.1.27 Discovered open port 49155/tcp on 217.23.1.7 Discovered open port 8086/tcp on 217.23.1.27 Discovered open port 5901/tcp on 217.23.1.27 Discovered open port 44501/tcp on 217.23.1.27 Discovered open port 2718/tcp on 217.23.1.27 Discovered open port 8192/tcp on 217.23.1.27 Discovered open port 10626/tcp on 217.23.1.27 Discovered open port 5901/tcp on 217.23.0.248 Discovered open port 8443/tcp on 217.23.1.27 Discovered open port 8291/tcp on 217.23.1.27 Discovered open port 7676/tcp on 217.23.1.27 Discovered open port 15742/tcp on 217.23.1.27 Discovered open port 8443/tcp on 217.23.0.248 Discovered open port 2105/tcp on 217.23.1.27 Discovered open port 5901/tcp on 217.23.0.252 Discovered open port 5959/tcp on 217.23.1.27 Discovered open port 2046/tcp on 217.23.1.27 SYN Stealth Scan Timing: About 46.67% done; ETC: 16:32 (0:01:10 remaining) Discovered open port 5810/tcp on 217.23.1.27 Discovered open port 9102/tcp on 217.23.1.27 Discovered open port 13456/tcp on 217.23.1.27 Discovered open port 10566/tcp on 217.23.1.27 Discovered open port 27355/tcp on 217.23.1.27 Discovered open port 12000/tcp on 217.23.1.27 Discovered open port 6789/tcp on 217.23.1.27 Discovered open port 5432/tcp on 217.23.1.27 Discovered open port 35500/tcp on 217.23.1.27 Discovered open port 7103/tcp on 217.23.1.27 Discovered open port 16113/tcp on 217.23.1.27 Discovered open port 19801/tcp on 217.23.1.27 Discovered open port 2393/tcp on 217.23.1.27 Discovered open port 5959/tcp on 217.23.0.244 Discovered open port 992/tcp on 217.23.1.24 Discovered open port 5431/tcp on 217.23.1.27 Discovered open port 2525/tcp on 217.23.1.27 Discovered open port 8291/tcp on 217.23.1.41 Discovered open port 8010/tcp on 217.23.1.27 Discovered open port 2042/tcp on 217.23.1.27 Discovered open port 5555/tcp on 217.23.1.27 Discovered open port 19101/tcp on 217.23.1.27 Discovered open port 50006/tcp on 217.23.1.27 Discovered open port 10180/tcp on 217.23.1.27 Discovered open port 5555/tcp on 217.23.1.24 Discovered open port 2638/tcp on 217.23.1.27 Discovered open port 31038/tcp on 217.23.1.27 Discovered open port 8010/tcp on 217.23.1.7 Discovered open port 7999/tcp on 217.23.1.27 Discovered open port 5226/tcp on 217.23.1.27 Discovered open port 2191/tcp on 217.23.1.27 Discovered open port 5902/tcp on 217.23.1.27 Discovered open port 514/tcp on 217.23.0.230 Discovered open port 19842/tcp on 217.23.1.27 Discovered open port 30718/tcp on 217.23.1.27 Discovered open port 8180/tcp on 217.23.1.27 Discovered open port 49157/tcp on 217.23.1.27 Discovered open port 5902/tcp on 217.23.0.252 Discovered open port 33899/tcp on 217.23.1.27 Discovered open port 9418/tcp on 217.23.1.27 Discovered open port 9110/tcp on 217.23.1.27 Discovered open port 5544/tcp on 217.23.1.27 Discovered open port 3128/tcp on 217.23.1.27 Discovered open port 6510/tcp on 217.23.1.27 Discovered open port 19780/tcp on 217.23.1.27 Discovered open port 2260/tcp on 217.23.1.27 Discovered open port 49157/tcp on 217.23.1.7 Discovered open port 20828/tcp on 217.23.1.27 Discovered open port 9040/tcp on 217.23.1.27 Discovered open port 2099/tcp on 217.23.1.27 Discovered open port 8007/tcp on 217.23.1.27 Discovered open port 2099/tcp on 217.23.0.217 Discovered open port 60020/tcp on 217.23.1.27 Discovered open port 1099/tcp on 217.23.0.217 Discovered open port 7920/tcp on 217.23.1.27 Discovered open port 9999/tcp on 217.23.1.27 Discovered open port 8100/tcp on 217.23.1.27 Discovered open port 3006/tcp on 217.23.1.27 Discovered open port 7496/tcp on 217.23.1.27 Discovered open port 20031/tcp on 217.23.1.27 Discovered open port 17988/tcp on 217.23.1.27 Discovered open port 8873/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.221 Discovered open port 9968/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.222 Discovered open port 8001/tcp on 217.23.0.211 Discovered open port 6668/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.1.27 Discovered open port 636/tcp on 217.23.0.230 Discovered open port 55056/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.210 Discovered open port 8001/tcp on 217.23.0.208 Discovered open port 8001/tcp on 217.23.0.209 Discovered open port 8001/tcp on 217.23.0.212 Discovered open port 8001/tcp on 217.23.0.220 Discovered open port 7512/tcp on 217.23.1.27 Discovered open port 6667/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.219 Discovered open port 8400/tcp on 217.23.1.27 Discovered open port 3071/tcp on 217.23.1.27 Discovered open port 3404/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.207 Discovered open port 8001/tcp on 217.23.0.218 Discovered open port 5550/tcp on 217.23.1.27 Discovered open port 5004/tcp on 217.23.1.27 Discovered open port 5087/tcp on 217.23.1.27 Discovered open port 3367/tcp on 217.23.1.27 Discovered open port 8001/tcp on 217.23.0.206 Discovered open port 8651/tcp on 217.23.1.27 Discovered open port 6788/tcp on 217.23.1.27 Discovered open port 11967/tcp on 217.23.1.27 Discovered open port 5102/tcp on 217.23.1.27 Discovered open port 27352/tcp on 217.23.1.27 Discovered open port 4003/tcp on 217.23.1.27 Discovered open port 9575/tcp on 217.23.1.27 Discovered open port 18101/tcp on 217.23.1.27 Discovered open port 2383/tcp on 217.23.1.27 Discovered open port 5566/tcp on 217.23.1.27 Discovered open port 3372/tcp on 217.23.1.27 Discovered open port 3003/tcp on 217.23.1.27 Discovered open port 32778/tcp on 217.23.1.27 Discovered open port 5862/tcp on 217.23.1.27 Discovered open port 49158/tcp on 217.23.1.27 Discovered open port 5678/tcp on 217.23.1.27 Discovered open port 9900/tcp on 217.23.1.27 Discovered open port 2010/tcp on 217.23.1.27 Discovered open port 3370/tcp on 217.23.1.27 Discovered open port 55555/tcp on 217.23.1.27 Discovered open port 32769/tcp on 217.23.1.27 Discovered open port 4000/tcp on 217.23.1.27 Discovered open port 2725/tcp on 217.23.1.27 Discovered open port 10628/tcp on 217.23.1.27 Discovered open port 2001/tcp on 217.23.1.27 Discovered open port 4848/tcp on 217.23.1.27 Discovered open port 49160/tcp on 217.23.1.27 Discovered open port 16080/tcp on 217.23.1.27 Discovered open port 16992/tcp on 217.23.1.27 Discovered open port 7443/tcp on 217.23.1.27 Discovered open port 7106/tcp on 217.23.1.27 Discovered open port 49160/tcp on 217.23.1.7 Discovered open port 3871/tcp on 217.23.1.27 Discovered open port 7001/tcp on 217.23.1.27 Discovered open port 106/tcp on 217.23.0.248 Discovered open port 7019/tcp on 217.23.1.27 Discovered open port 5200/tcp on 217.23.1.27 Discovered open port 8181/tcp on 217.23.1.27 Discovered open port 2106/tcp on 217.23.1.27 Discovered open port 49161/tcp on 217.23.1.27 Discovered open port 3030/tcp on 217.23.1.27 Discovered open port 2020/tcp on 217.23.0.230 Discovered open port 2020/tcp on 217.23.1.27 Discovered open port 5963/tcp on 217.23.1.27 Discovered open port 464/tcp on 217.23.0.217 Discovered open port 9099/tcp on 217.23.1.27 Discovered open port 2045/tcp on 217.23.1.27 Discovered open port 7937/tcp on 217.23.1.27 Discovered open port 5030/tcp on 217.23.1.27 Discovered open port 2022/tcp on 217.23.1.38 Discovered open port 5280/tcp on 217.23.1.27 Discovered open port 3945/tcp on 217.23.1.27 Discovered open port 3814/tcp on 217.23.1.27 Discovered open port 7777/tcp on 217.23.1.27 Discovered open port 2022/tcp on 217.23.1.27 Discovered open port 7777/tcp on 217.23.1.16 Discovered open port 6699/tcp on 217.23.1.27 Discovered open port 5030/tcp on 217.23.0.250 Discovered open port 5811/tcp on 217.23.1.27 Discovered open port 5100/tcp on 217.23.1.27 Discovered open port 6002/tcp on 217.23.0.252 Discovered open port 6002/tcp on 217.23.1.27 Discovered open port 5030/tcp on 217.23.0.244 Discovered open port 18988/tcp on 217.23.1.27 Discovered open port 2007/tcp on 217.23.1.27 Discovered open port 4004/tcp on 217.23.1.27 Discovered open port 40911/tcp on 217.23.1.27 Discovered open port 14442/tcp on 217.23.1.27 Discovered open port 7800/tcp on 217.23.1.27 Discovered open port 3827/tcp on 217.23.1.27 Discovered open port 2251/tcp on 217.23.1.27 Discovered open port 7778/tcp on 217.23.1.27 Discovered open port 3269/tcp on 217.23.1.27 Discovered open port 49156/tcp on 217.23.1.27 Discovered open port 9944/tcp on 217.23.1.27 Discovered open port 49156/tcp on 217.23.1.7 Discovered open port 3324/tcp on 217.23.1.27 Discovered open port 3333/tcp on 217.23.1.27 Discovered open port 2179/tcp on 217.23.1.27 Discovered open port 5859/tcp on 217.23.1.27 Discovered open port 3517/tcp on 217.23.1.27 Discovered open port 6646/tcp on 217.23.1.27 SYN Stealth Scan Timing: About 68.71% done; ETC: 16:32 (0:00:41 remaining) Discovered open port 5080/tcp on 217.23.1.27 Discovered open port 9071/tcp on 217.23.1.27 Discovered open port 6129/tcp on 217.23.1.27 Discovered open port 32768/tcp on 217.23.1.27 Discovered open port 5906/tcp on 217.23.1.27 Discovered open port 10082/tcp on 217.23.1.27 Discovered open port 5911/tcp on 217.23.1.27 Discovered open port 21571/tcp on 217.23.1.27 Discovered open port 31337/tcp on 217.23.1.27 Discovered open port 32783/tcp on 217.23.1.27 Discovered open port 3766/tcp on 217.23.1.27 Discovered open port 34572/tcp on 217.23.1.27 Discovered open port 8994/tcp on 217.23.1.27 Discovered open port 12174/tcp on 217.23.1.27 Discovered open port 3005/tcp on 217.23.1.27 Discovered open port 6001/tcp on 217.23.1.27 Discovered open port 3011/tcp on 217.23.1.27 Discovered open port 4343/tcp on 217.23.1.27 Discovered open port 8200/tcp on 217.23.1.27 Discovered open port 3800/tcp on 217.23.1.27 Discovered open port 52822/tcp on 217.23.1.27 Discovered open port 5910/tcp on 217.23.1.27 Discovered open port 9878/tcp on 217.23.1.27 Discovered open port 2119/tcp on 217.23.1.27 Discovered open port 8333/tcp on 217.23.1.27 Discovered open port 2500/tcp on 217.23.1.27 Discovered open port 6059/tcp on 217.23.1.27 Discovered open port 4006/tcp on 217.23.1.27 Discovered open port 49163/tcp on 217.23.1.27 Discovered open port 3878/tcp on 217.23.1.27 Discovered open port 9917/tcp on 217.23.1.27 Discovered open port 85/tcp on 217.23.0.217 Discovered open port 52869/tcp on 217.23.1.27 Discovered open port 5560/tcp on 217.23.1.27 Discovered open port 9500/tcp on 217.23.1.27 Discovered open port 2004/tcp on 217.23.1.27 Discovered open port 17877/tcp on 217.23.1.27 Discovered open port 6547/tcp on 217.23.1.27 Discovered open port 44442/tcp on 217.23.1.27 Discovered open port 6881/tcp on 217.23.1.27 Discovered open port 444/tcp on 217.23.1.24 Discovered open port 2126/tcp on 217.23.1.27 Discovered open port 5730/tcp on 217.23.1.27 Discovered open port 16001/tcp on 217.23.1.27 Discovered open port 3986/tcp on 217.23.1.27 Discovered open port 3918/tcp on 217.23.1.27 Discovered open port 5925/tcp on 217.23.1.27 Discovered open port 49165/tcp on 217.23.1.27 Discovered open port 12345/tcp on 217.23.1.27 Discovered open port 2196/tcp on 217.23.1.27 Discovered open port 6669/tcp on 217.23.1.27 Discovered open port 5801/tcp on 217.23.1.27 Discovered open port 5298/tcp on 217.23.1.27 Discovered open port 4662/tcp on 217.23.1.27 Discovered open port 32781/tcp on 217.23.1.27 Discovered open port 34573/tcp on 217.23.1.27 Discovered open port 3052/tcp on 217.23.1.27 Discovered open port 3351/tcp on 217.23.1.27 Discovered open port 4449/tcp on 217.23.1.27 Discovered open port 10778/tcp on 217.23.1.27 Discovered open port 10024/tcp on 217.23.1.27 Discovered open port 465/tcp on 217.23.1.14 Discovered open port 9003/tcp on 217.23.1.27 Discovered open port 465/tcp on 217.23.0.248 Discovered open port 465/tcp on 217.23.0.217 Discovered open port 10010/tcp on 217.23.1.27 Discovered open port 3828/tcp on 217.23.1.27 Discovered open port 8011/tcp on 217.23.1.27 Discovered open port 8090/tcp on 217.23.1.27 Discovered open port 42510/tcp on 217.23.1.27 Discovered open port 27000/tcp on 217.23.1.27 Discovered open port 9001/tcp on 217.23.1.27 Discovered open port 4443/tcp on 217.23.1.27 Discovered open port 9111/tcp on 217.23.1.27 Discovered open port 9877/tcp on 217.23.1.27 Discovered open port 9090/tcp on 217.23.0.217 Discovered open port 9103/tcp on 217.23.1.27 Discovered open port 9090/tcp on 217.23.1.27 Discovered open port 8649/tcp on 217.23.1.27 Discovered open port 2111/tcp on 217.23.1.27 Discovered open port 6009/tcp on 217.23.1.27 Discovered open port 28201/tcp on 217.23.1.27 Discovered open port 8002/tcp on 217.23.1.27 Discovered open port 4111/tcp on 217.23.1.27 Discovered open port 49176/tcp on 217.23.1.27 Discovered open port 5952/tcp on 217.23.1.27 Discovered open port 2002/tcp on 217.23.1.27 Discovered open port 23502/tcp on 217.23.1.27 Discovered open port 5033/tcp on 217.23.1.27 Discovered open port 2144/tcp on 217.23.1.27 Discovered open port 5009/tcp on 217.23.1.27 Discovered open port 2701/tcp on 217.23.1.27 Discovered open port 5033/tcp on 217.23.0.250 Discovered open port 3301/tcp on 217.23.1.27 Discovered open port 4444/tcp on 217.23.0.240 Discovered open port 4444/tcp on 217.23.1.27 Discovered open port 49153/tcp on 217.23.1.7 Discovered open port 49153/tcp on 217.23.1.27 Discovered open port 5033/tcp on 217.23.0.244 Discovered open port 2006/tcp on 217.23.1.27 Discovered open port 7025/tcp on 217.23.1.27 Discovered open port 4321/tcp on 217.23.1.27 Discovered open port 8899/tcp on 217.23.1.27 Discovered open port 20000/tcp on 217.23.1.27 Discovered open port 6006/tcp on 217.23.1.27 Discovered open port 6502/tcp on 217.23.1.27 Discovered open port 2910/tcp on 217.23.1.27 Discovered open port 3300/tcp on 217.23.1.27 Discovered open port 6106/tcp on 217.23.1.27 Discovered open port 6156/tcp on 217.23.1.27 Discovered open port 9010/tcp on 217.23.1.27 Discovered open port 49152/tcp on 217.23.1.27 Discovered open port 8194/tcp on 217.23.1.27 Discovered open port 3737/tcp on 217.23.1.27 Discovered open port 5269/tcp on 217.23.1.27 Discovered open port 5414/tcp on 217.23.1.27 Discovered open port 49152/tcp on 217.23.1.7 Discovered open port 7200/tcp on 217.23.1.27 Discovered open port 10215/tcp on 217.23.1.27 Discovered open port 3527/tcp on 217.23.1.27 Discovered open port 1999/tcp on 217.23.0.217 Discovered open port 24800/tcp on 217.23.1.27 Discovered open port 2909/tcp on 217.23.1.27 Discovered open port 9535/tcp on 217.23.1.27 Discovered open port 26/tcp on 217.23.0.248 Discovered open port 7201/tcp on 217.23.1.27 Discovered open port 8402/tcp on 217.23.1.27 Discovered open port 4005/tcp on 217.23.1.27 Discovered open port 6100/tcp on 217.23.1.27 Discovered open port 3826/tcp on 217.23.1.27 Discovered open port 7100/tcp on 217.23.1.27 Discovered open port 2161/tcp on 217.23.1.27 Discovered open port 8222/tcp on 217.23.1.27 Discovered open port 9081/tcp on 217.23.1.27 Discovered open port 8254/tcp on 217.23.1.27 Discovered open port 5190/tcp on 217.23.1.27 Discovered open port 6692/tcp on 217.23.1.27 Discovered open port 1199/tcp on 217.23.0.217 Discovered open port 2702/tcp on 217.23.1.27 Discovered open port 16018/tcp on 217.23.1.27 Discovered open port 2366/tcp on 217.23.1.27 Discovered open port 14238/tcp on 217.23.1.27 Discovered open port 3323/tcp on 217.23.1.27 Discovered open port 4550/tcp on 217.23.1.27 Discovered open port 7625/tcp on 217.23.1.27 Discovered open port 7938/tcp on 217.23.1.27 Discovered open port 8292/tcp on 217.23.1.27 Discovered open port 8099/tcp on 217.23.1.27 Discovered open port 2041/tcp on 217.23.1.27 Discovered open port 3809/tcp on 217.23.1.27 Discovered open port 5440/tcp on 217.23.1.27 Discovered open port 8031/tcp on 217.23.1.27 Discovered open port 8082/tcp on 217.23.1.27 Discovered open port 49999/tcp on 217.23.1.27 Discovered open port 2008/tcp on 217.23.1.27 Discovered open port 32775/tcp on 217.23.1.27 Discovered open port 15004/tcp on 217.23.1.27 Discovered open port 6346/tcp on 217.23.1.27 Discovered open port 10001/tcp on 217.23.1.27 Discovered open port 9009/tcp on 217.23.1.27 Discovered open port 3889/tcp on 217.23.1.27 Discovered open port 4126/tcp on 217.23.1.27 Discovered open port 2800/tcp on 217.23.1.27 Discovered open port 10003/tcp on 217.23.1.27 Discovered open port 7402/tcp on 217.23.1.27 Discovered open port 3001/tcp on 217.23.1.27 Discovered open port 3322/tcp on 217.23.1.27 Discovered open port 8021/tcp on 217.23.1.27 Discovered open port 49154/tcp on 217.23.1.7 Discovered open port 20222/tcp on 217.23.1.27 Discovered open port 3260/tcp on 217.23.0.252 Discovered open port 44176/tcp on 217.23.1.27 Discovered open port 49154/tcp on 217.23.1.27 Discovered open port 2200/tcp on 217.23.1.27 Discovered open port 4125/tcp on 217.23.1.27 Discovered open port 25734/tcp on 217.23.1.27 Discovered open port 70/tcp on 217.23.0.217 Discovered open port 5950/tcp on 217.23.1.22 Discovered open port 19350/tcp on 217.23.1.27 Discovered open port 3260/tcp on 217.23.1.27 Discovered open port 7741/tcp on 217.23.1.27 Discovered open port 6003/tcp on 217.23.0.252 Discovered open port 5679/tcp on 217.23.1.27 Discovered open port 5825/tcp on 217.23.1.27 Discovered open port 3371/tcp on 217.23.1.27 Discovered open port 24444/tcp on 217.23.1.27 Discovered open port 4129/tcp on 217.23.1.27 Discovered open port 2160/tcp on 217.23.1.27 Discovered open port 6003/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.22 in 149.68s (63 hosts left) Completed SYN Stealth Scan against 217.23.0.221 in 150.10s (62 hosts left) Discovered open port 3801/tcp on 217.23.1.27 Discovered open port 3268/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.20 in 150.20s (61 hosts left) Completed SYN Stealth Scan against 217.23.0.239 in 150.20s (60 hosts left) Discovered open port 3659/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.0.222 in 150.29s (59 hosts left) Discovered open port 5962/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.0.233 in 150.31s (58 hosts left) Discovered open port 32777/tcp on 217.23.1.27 Discovered open port 15660/tcp on 217.23.1.27 Discovered open port 8089/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.38 in 150.87s (57 hosts left) Completed SYN Stealth Scan against 217.23.0.241 in 150.87s (56 hosts left) Discovered open port 9485/tcp on 217.23.1.27 Discovered open port 4242/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.23 in 150.90s (55 hosts left) Completed SYN Stealth Scan against 217.23.1.26 in 150.90s (54 hosts left) Completed SYN Stealth Scan against 217.23.0.220 in 150.93s (53 hosts left) Discovered open port 5950/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.0.251 in 151.01s (52 hosts left) Completed SYN Stealth Scan against 217.23.0.252 in 151.01s (51 hosts left) Discovered open port 6839/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.1 in 151.25s (50 hosts left) Completed SYN Stealth Scan against 217.23.1.21 in 151.31s (49 hosts left) Discovered open port 44443/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.0.219 in 151.54s (48 hosts left) Completed SYN Stealth Scan against 217.23.0.242 in 151.54s (47 hosts left) Completed SYN Stealth Scan against 217.23.0.254 in 151.54s (46 hosts left) Discovered open port 18040/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.2 in 151.56s (45 hosts left) Completed SYN Stealth Scan against 217.23.1.34 in 151.56s (44 hosts left) Completed SYN Stealth Scan against 217.23.1.44 in 151.56s (43 hosts left) Discovered open port 5633/tcp on 217.23.1.27 Discovered open port 3031/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.19 in 151.57s (42 hosts left) Completed SYN Stealth Scan against 217.23.0.218 in 151.57s (41 hosts left) Completed SYN Stealth Scan against 217.23.0.211 in 151.60s (40 hosts left) Completed SYN Stealth Scan against 217.23.0.248 in 151.60s (39 hosts left) Discovered open port 4998/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.12 in 151.91s (38 hosts left) Completed SYN Stealth Scan against 217.23.0.217 in 151.91s (37 hosts left) Discovered open port 6567/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.7 in 151.92s (36 hosts left) Completed SYN Stealth Scan against 217.23.1.14 in 151.92s (35 hosts left) Discovered open port 12265/tcp on 217.23.1.27 Completed SYN Stealth Scan against 217.23.1.27 in 151.93s (34 hosts left) Completed SYN Stealth Scan against 217.23.0.249 in 151.93s (33 hosts left) Completed SYN Stealth Scan against 217.23.0.212 in 151.95s (32 hosts left) Completed SYN Stealth Scan against 217.23.0.246 in 151.95s (31 hosts left) Completed SYN Stealth Scan against 217.23.1.48 in 151.96s (30 hosts left) Completed SYN Stealth Scan against 217.23.0.209 in 151.96s (29 hosts left) Completed SYN Stealth Scan against 217.23.1.40 in 151.97s (28 hosts left) Completed SYN Stealth Scan against 217.23.0.206 in 151.98s (27 hosts left) Completed SYN Stealth Scan against 217.23.0.208 in 151.98s (26 hosts left) Completed SYN Stealth Scan against 217.23.1.15 in 151.99s (25 hosts left) Completed SYN Stealth Scan against 217.23.1.43 in 151.99s (24 hosts left) Completed SYN Stealth Scan against 217.23.0.207 in 152.00s (23 hosts left) Completed SYN Stealth Scan against 217.23.0.243 in 152.00s (22 hosts left) Completed SYN Stealth Scan against 217.23.0.245 in 152.00s (21 hosts left) Completed SYN Stealth Scan against 217.23.1.24 in 152.00s (20 hosts left) Completed SYN Stealth Scan against 217.23.1.16 in 152.01s (19 hosts left) Completed SYN Stealth Scan against 217.23.0.216 in 152.01s (18 hosts left) Completed SYN Stealth Scan against 217.23.1.28 in 152.12s (17 hosts left) Completed SYN Stealth Scan against 217.23.0.210 in 152.13s (16 hosts left) Completed SYN Stealth Scan against 217.23.1.41 in 152.27s (15 hosts left) Completed SYN Stealth Scan against 217.23.1.9 in 152.28s (14 hosts left) Completed SYN Stealth Scan against 217.23.1.18 in 152.28s (13 hosts left) Completed SYN Stealth Scan against 217.23.1.45 in 152.28s (12 hosts left) Completed SYN Stealth Scan against 217.23.1.46 in 152.28s (11 hosts left) Completed SYN Stealth Scan against 217.23.1.47 in 152.28s (10 hosts left) Completed SYN Stealth Scan against 217.23.0.240 in 152.28s (9 hosts left) Completed SYN Stealth Scan against 217.23.0.244 in 152.28s (8 hosts left) Completed SYN Stealth Scan against 217.23.0.247 in 152.28s (7 hosts left) Completed SYN Stealth Scan against 217.23.0.250 in 152.28s (6 hosts left) Completed SYN Stealth Scan against 217.23.0.230 in 152.33s (5 hosts left) Completed SYN Stealth Scan against 217.23.0.213 in 152.45s (4 hosts left) Completed SYN Stealth Scan against 217.23.0.215 in 152.47s (3 hosts left) Completed SYN Stealth Scan against 217.23.0.214 in 152.50s (2 hosts left) Completed SYN Stealth Scan against 217.23.1.17 in 152.51s (1 host left) Completed SYN Stealth Scan at 16:32, 152.53s elapsed (64000 total ports) Initiating Service scan at 16:32 Scanning 888 services on 64 hosts Service scan Timing: About 2.80% done; ETC: 16:57 (0:23:42 remaining) Service scan Timing: About 12.89% done; ETC: 16:42 (0:08:00 remaining) Service scan Timing: About 17.94% done; ETC: 16:43 (0:08:46 remaining) Service scan Timing: About 20.18% done; ETC: 16:44 (0:09:34 remaining) Completed Service scan at 16:38, 324.29s elapsed (892 services on 64 hosts) Initiating OS detection (try #1) against 64 hosts Completed os scan against 217.23.0.214 in 22.948s (63 hosts left) Completed os scan against 217.23.0.217 in 22.948s (62 hosts left) Completed os scan against 217.23.0.233 in 22.948s (61 hosts left) Completed os scan against 217.23.0.239 in 22.948s (60 hosts left) Completed os scan against 217.23.0.241 in 22.948s (59 hosts left) Completed os scan against 217.23.0.242 in 22.948s (58 hosts left) Completed os scan against 217.23.0.243 in 22.948s (57 hosts left) Completed os scan against 217.23.0.245 in 22.948s (56 hosts left) Completed os scan against 217.23.0.246 in 22.948s (55 hosts left) Completed os scan against 217.23.0.248 in 22.948s (54 hosts left) Completed os scan against 217.23.0.249 in 22.948s (53 hosts left) Completed os scan against 217.23.0.251 in 22.948s (52 hosts left) Completed os scan against 217.23.0.252 in 22.948s (51 hosts left) Completed os scan against 217.23.0.254 in 22.948s (50 hosts left) Completed os scan against 217.23.1.7 in 22.948s (49 hosts left) Completed os scan against 217.23.1.12 in 22.948s (48 hosts left) Completed os scan against 217.23.1.14 in 22.948s (47 hosts left) Completed os scan against 217.23.1.16 in 22.948s (46 hosts left) Completed os scan against 217.23.1.17 in 22.948s (45 hosts left) Completed os scan against 217.23.1.18 in 22.948s (44 hosts left) Completed os scan against 217.23.1.19 in 22.948s (43 hosts left) Completed os scan against 217.23.1.20 in 22.948s (42 hosts left) Completed os scan against 217.23.1.22 in 22.948s (41 hosts left) Completed os scan against 217.23.1.23 in 22.948s (40 hosts left) Completed os scan against 217.23.1.24 in 22.948s (39 hosts left) Completed os scan against 217.23.1.26 in 22.948s (38 hosts left) Completed os scan against 217.23.1.27 in 22.948s (37 hosts left) Completed os scan against 217.23.1.34 in 22.948s (36 hosts left) Completed os scan against 217.23.1.38 in 22.948s (35 hosts left) Completed os scan against 217.23.1.40 in 22.948s (34 hosts left) Completed os scan against 217.23.1.43 in 22.948s (33 hosts left) Completed os scan against 217.23.1.44 in 22.948s (32 hosts left) Completed os scan against 217.23.1.45 in 22.948s (31 hosts left) Completed os scan against 217.23.1.46 in 22.948s (30 hosts left) Completed os scan against 217.23.1.47 in 22.948s (29 hosts left) Completed os scan against 217.23.1.48 in 22.948s (28 hosts left) Retrying OS detection (try #2) against 28 hosts Retrying OS detection (try #3) against 3 hosts Retrying OS detection (try #4) against 3 hosts Retrying OS detection (try #5) against customer.worldstream.nl (217.23.1.2) Initiating Traceroute at 16:39 Completed Traceroute at 16:39, 0.17s elapsed Initiating Parallel DNS resolution of 66 hosts. at 16:39 Completed Parallel DNS resolution of 66 hosts. at 16:39, 0.28s elapsed NSE: Script scanning 64 hosts. Initiating NSE at 16:39 NSE: [ftp-bounce] PORT response: 500 I won't open a connection to 45.33.32.156 (only to 217.23.15.11) Completed NSE at 16:52, 781.57s elapsed Initiating NSE at 16:52 Completed NSE at 16:52, 5.27s elapsed Nmap scan report for 217.23.0.206 NSOCK ERROR [2409.9410s] mksock_bind_addr(): Bind to 0.0.0.0:143 failed (IOD #7828): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2413.1500s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #7882): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) Host is up (0.019s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 16:89:1d:2d:f7:81:5e:44:7d:85:90:fb:93:0e:4d:a8 (DSA) | 2048 f6:5e:11:58:b3:d9:12:50:eb:48:b9:be:23:32:8f:e4 (RSA) | 256 f8:50:cb:a2:df:91:79:36:0f:c0:c9:ae:a2:14:b3:97 (ECDSA) |_ 256 76:c7:e4:88:01:bd:72:89:0d:84:f5:e2:fc:2d:f3:ea (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (95%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.1 (93%), Linux 3.2 (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 (92%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (92%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=243 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.206

Nmap scan report for 217.23.0.207 Host is up (0.018s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 fc:a1:9d:a9:47:93:65:4c:dd:c6:dd:d2:81:5f:29:30 (DSA) | 2048 76:9f:3b:f4:f0:34:a9:ad:7d:ce:71:d0:b8:04:f5:22 (RSA) | 256 2f:f0:84:90:5d:ce:6c:79:8f:8d:3b:a7:4f:f9:c2:f5 (ECDSA) |_ 256 9d:7f:41:82:0c:e2:0b:58:4a:b6:2a:74:d4:b1:ac:22 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (92%), Linux 2.6.32 - 3.10 (91%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=251 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.207

Nmap scan report for 217.23.0.208 Host is up (0.018s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 1f:45:ae:fe:34:14:9b:b2:fd:73:b2:cf:c4:8e:ab:b1 (DSA) | 2048 57:16:da:10:49:29:66:a2:0c:c7:e1:9d:23:a0:80:d9 (RSA) | 256 8d:8f:4b:ff:7e:cb:99:77:c6:b7:05:2f:f3:56:04:44 (ECDSA) |_ 256 ea:8e:0e:81:06:6a:24:fe:2e:03:05:0c:0e:11:7a:d9 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (92%), Kemp LoadMaster LM-2400 Firmware 7.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=253 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.208

Nmap scan report for 217.23.0.209 Host is up (0.018s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 75:43:57:21:1e:bf:4a:7b:a7:e4:02:bf:6e:5a:75:1b (DSA) | 2048 84:31:14:7f:d6:79:1b:8e:07:1f:86:b3:15:c4:79:0a (RSA) | 256 a3:bb:40:e7:ba:d8:1b:99:f1:e5:d2:47:51:22:d3:71 (ECDSA) |_ 256 d3:f0:ef:1c:20:76:8d:bd:e9:cd:ea:96:89:a8:8e:2e (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.209

Nmap scan report for 217.23.0.210 Host is up (0.019s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 b9:ef:2a:eb:ab:7f:e4:6d:ea:ee:8a:81:ea:d1:96:28 (DSA) | 2048 bd:dc:8c:64:c5:1d:3d:46:99:6e:36:01:95:f5:93:07 (RSA) | 256 b4:64:af:39:05:9f:cd:c8:0e:c3:40:e6:06:5f:69:c8 (ECDSA) |_ 256 30:7a:28:1b:c5:9a:91:a8:6d:07:3c:b9:86:73:a4:ce (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%), Linux 3.2.0 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.210

Nmap scan report for 217.23.0.211 Host is up (0.019s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 51:86:ab:64:1b:7c:a3:8c:18:8c:ec:85:b9:51:70:81 (DSA) | 2048 4c:0b:df:6f:21:14:33:f2:f6:cd:51:13:2c:09:23:23 (RSA) | 256 80:8e:b2:be:64:2d:9d:33:8f:ac:f8:d1:49:02:27:2e (ECDSA) |_ 256 e9:f2:a1:74:0f:6b:3a:ae:19:5b:f8:ed:3a:aa:c5:ae (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (94%), Philips Hue Bridge 2.0 (Linux) (93%), Linux 2.6.32 - 3.10 (93%), Dahua or Amcrest network video recorder (Linux) (93%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.211

Nmap scan report for 217.23.0.212 Host is up (0.018s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp ProFTPD 1.3.5rc3 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 0b:dc:16:72:be:7f:da:9d:20:4e:df:8d:6e:6c:5d:8c (DSA) | 2048 c3:81:23:c2:5f:30:eb:cc:7a:98:f0:91:25:7f:01:bc (RSA) | 256 77:76:61:3d:42:fe:40:e6:bc:8b:f3:9d:83:3b:0e:6f (ECDSA) |_ 256 21:fc:4f:bb:17:dd:bb:67:13:fe:95:e9:54:f7:fa:42 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=263 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.212

Nmap scan report for 217.23.0.213 Host is up (0.018s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=WORLDST-OTQI8KG | Issuer: commonName=WORLDST-OTQI8KG | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-05-07T00:57:23 | Not valid after: 2019-11-06T00:57:23 | MD5: 16b4 434d e996 0ad3 802f e59a b6f7 a428 |_SHA-1: b1d4 59b5 4705 d39f eed6 a6c2 2cb2 c1af 8b88 6063 |_ssl-date: 2019-06-24T14:41:15+00:00; +15s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING): Microsoft Windows 2012|Vista (86%) OS CPE: cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_vista::sp2 Aggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (86%), Microsoft Windows Vista SP2 (85%), Microsoft Windows Server 2012 R2 (85%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 305.706 days (since Wed Aug 22 23:56:01 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results: |_clock-skew: mean: 14s, deviation: 0s, median: 14s

TRACEROUTE (using port 3389/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.213

Nmap scan report for 217.23.0.214 Host is up (0.013s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 95:07:60:29:20:2b:0e:bf:60:3d:d4:1a:00:7a:6f:14 (DSA) | 2048 91:52:f0:fd:27:a7:3f:cb:68:93:51:75:ad:c4:e6:71 (RSA) | 256 78:78:22:f7:72:ae:41:06:ac:dc:2e:31:c6:3f:a1:5f (ECDSA) |_ 256 10:d7:60:41:cb:10:ed:dd:b1:20:48:d3:a0:a6:e8:3e (ED25519) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.11, Linux 3.16 - 4.6, Linux 3.2 - 4.9, Linux 4.4 Uptime guess: 91.285 days (since Mon Mar 25 09:02:31 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.214

Nmap scan report for 217.23.0.215 Host is up (0.027s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 0a:6d:75:ea:f8:56:38:c5:bd:76:28:ea:39:b2:e5:66 (DSA) | 2048 92:1d:7f:24:35:d0:ce:9b:ea:f3:55:4a:3d:2a:2d:fb (RSA) | 256 88:e0:fa:f4:c9:81:cf:4f:ec:57:9f:6d:a4:c2:df:9b (ECDSA) |_ 256 ee:20:00:a7:2a:46:9a:a6:11:8e:f2:70:05:a5:b9:49 (ED25519) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: Linux 3.12 - 4.10 (93%), Linux 3.16 (93%), Crestron XPanel control system (90%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (90%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (89%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (88%), OpenWrt White Russian 0.9 (Linux 2.4.30) (88%), ASUS RT-N56U WAP (Linux 3.4) (87%), Linux 3.1 (87%), Linux 3.2 (87%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.215

Nmap scan report for 217.23.0.216 Host is up (0.022s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 85:27:ff:d9:c2:23:b7:3b:8b:29:a4:43:c7:c1:d3:8e (DSA) | 2048 78:04:d4:48:89:1c:81:5a:34:5f:cb:5c:43:86:f9:c8 (RSA) | 256 31:d2:b6:c9:f8:99:90:88:4a:f4:17:85:0e:1d:f8:e1 (ECDSA) |_ 256 13:17:87:ab:00:08:6b:ec:51:4a:02:39:64:2b:e4:6f (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works 7999/tcp filtered irdmi2 Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%), Linux 3.2.0 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.216

Nmap scan report for 217.23.0.217 Host is up (0.0095s latency). Not shown: 981 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 22:28:65:bc:91:47:3a:b1:d1:38:41:8c:d1:25:58:22 (DSA) | 2048 d8:a6:bc:63:51:b5:1d:ec:59:a2:91:11:3f:9e:07:00 (RSA) | 256 73:41:6a:e4:10:ca:a7:ee:0a:ad:0b:ec:33:70:a4:85 (ECDSA) |_ 256 d9:58:df:bf:3f:46:0b:5c:e1:b2:2a:7a:6f:aa:b3:08 (ED25519) 70/tcp open gopher? | fingerprint-strings: | DNSStatusRequestTCP: | %/)k | NULL: | \xe0;8 | TerminalServer: |_ TaYr( |gopher-ls: 79/tcp open finger? |finger: j\xBF\x03t{'\x9B\x8BM\xEE\x83f\x08\xE4 | fingerprint-strings: | TerminalServer: | 1Q82< 80/tcp open http? | fingerprint-strings: | NULL: | bcp&M 81/tcp open hosts2-ns? | fingerprint-strings: | WMSRequest: |_ ype' 82/tcp open xfer? 83/tcp open mit-ml-dev? | fingerprint-strings: | WMSRequest: |_ -YP[ 84/tcp open ctf? 85/tcp open mit-ml-dev? | fingerprint-strings: | oracle-tns: |_ p8IM] 88/tcp open kerberos-sec? | fingerprint-strings: | DNSStatusRequestTCP: |_ (@%5 464/tcp open kpasswd5? | fingerprint-strings: | DNSStatusRequestTCP: | F_+{Xn | LPDString: | \xe8 | NULL: |_ NIXU 465/tcp open smtps? |smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data 1099/tcp open rmiregistry? | fingerprint-strings: | DNSStatusRequestTCP: | qH)r 1199/tcp open dmidi? | fingerprint-strings: | DNSStatusRequestTCP: |_ ;0,9 1999/tcp open tcp-id-port? | fingerprint-strings: | NULL: | ZGse | WMSRequest: |_ ]jAw 2099/tcp open h2250-annex-g? | fingerprint-strings: | DNSStatusRequestTCP: | e!J | oracle-tns: |_ /Cimn 2399/tcp open fmpro-fdal? | fingerprint-strings: | LPDString: | 2Fq> | TerminalServer: | Z(^k |_ \xf3w 9080/tcp open glrpc? | fingerprint-strings: | TerminalServer: |_ qFlk 9090/tcp open zeus-admin? | fingerprint-strings: | informix: | \x8b " | oracle-tns: |_ Ikrl 9 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port70-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\xf3\x13\\xe0;8\xe4rv\x16_\x06\x1fq")%r(DNSVersionBindReqTCP,E SF:,"+\x14\xff\xdf\xe3\xb87\xe7\x92k\xbb_\x7f\x9f")%r(DNSStatusRequestTCP SF:,E,"D\x01%/)k\xf2u\xfdl\xda=j\x17")%r(LPDString,E,"\x11\x0c5\xeddR\x16 SF:\x93\xcc\0\x90v\x99")%r(TerminalServer,E,"TaYr\(\xf8\xd4\xba\xa0A\xc3 SF:\xa2j")%r(WMSRequest,E,"\x16*H\xacy\xc6\x92\xd7\xecr\x05D*0")%r(oracl SF:e-tns,E,"-C\x92\xf1\xd6\xae\xd3\x06{\xd4\x80\x02\xa8}"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port79-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\x9aI\xae\x10\x0e\xbc\xe9\x06\x84.\xc5\x9d\xf4\x87")%r(DNSVers SF:ionBindReqTCP,E,"V\x8bF\xdc\x8e\xc5\xbd\xb9\xc3D\xf8d\x95W")%r(DNSStatu SF:sRequestTCP,E,"0\xa3\xeemf\x1a\xfb\x89\x94\xe6\xc1\xdb\x06O")%r(LPDStri SF:ng,E,"\xf9\xb5\xdb*\x82\xbb\xc0~\x1b\x04h8\xb9\x87")%r(TerminalServer, SF:E,"\xde.\xc7\xaf\xf4\t\xce1Q82<\xe5@")%r(WMSRequest,E,"\xcbU;\xf2Vv\xf SF:ak\xd3A\xe5\xee\xc0\x8a")%r(oracle-tns,E,"9\x17\x92\xae\xf5CO\x99\x93\x SF:1b\x20\xa3WS"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"bcp&M\x11\xe6\x02\xb13\xf7G\xb3\x12")%r(DNSVersionBindReqTCP,E, SF:"\xff\x1b'\xc8\xd8\xae\x1d\xf7\xd7\xb2\x15\x9fo\xa3")%r(DNSStatusReques SF:tTCP,E,"wv\xdce\xf5\xe6\xc2\x0b\x87)\xbc\xe3\xc4f")%r(LPDString,E,"Ly& SF:\x84E\xaa\xfb'\xeb\xcd\x94#I\xa5")%r(TerminalServer,E,"\x83\x8d\xacJ\xf SF:6%\x1bB/\xf4\xa5\xb7Ow")%r(WMSRequest,E,"7\xdf\x9cj',\xe0g\xff!z{\xef\x SF:dc")%r(oracle-tns,E,"\xfa\xd2\xc3\xe8\x89\x20\xb8\x05\xb6\xb4Eq\xdb\0"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port81-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\x92Z\x1a\xb4\xb6\xb20\xa7\x08nV\xbe\x1f=")%r(DNSVersionBindReq SF:TCP,E,"\xe2\x89\xf0qu\xd6\x83\xa5/$\x03\x9e\xe4\xc0")%r(DNSStatusReque SF:stTCP,E,"\x84%\x84\x05\xb1]\x94$\x9f\xe6\x7f\x92\xf1\x08")%r(LPDStrin SF:g,E,"\xc8\xeeT>\xf7\xb3\x1am\xce\xa3\xd8\xf6\xd6&")%r(TerminalServer,E, SF:"Q\x0f\xa8\x19\x9b\xf7\xbeJ\xf0\xd9,\T\xdf")%r(WMSRequest,E,"\x97\xc7
SF:x96E\x0c\xc71\xf0\xfcype'")%r(oracle-tns,E,"\x01\xe7\x98\[\x82=\xaf\xd SF:2c\xc9!\x13\xb0\xcf"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port82-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\xfd\xe3\)\x14\x19n8\xb6\xdc\xc8\x93z\xe6\"")%r(DNSVersionBindR SF:eqTCP,E,"b#\x11\x8d\x1f'\x93\x18\xfa\xf4\x1a\xfb\xe1")%r(DNSStatusRequ SF:estTCP,E,"a\xb8\xb9\xf6\x8d\x03\xd2\xe4v\xae\xd13/q")%r(LPDString,E,"\x SF:d8i\x8eP\x93-\x19\x89\xff\xfaIJT\xb9")%r(TerminalServer,E,"\xfa\x16e\0
SF:xc8Sv\xf1\x16\xfbs\xf8\xd0\xf0")%r(WMSRequest,E,"%\x9f\xe4\x84#":\x0b
SF:xc2\x95\x15\x18\xfe\xb2")%r(oracle-tns,E,"Cg\xaf\xa4/\xdf{\x12o\xc7l\xf SF:b\xed\xdd"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port83-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\xcb\xfbQ\xf3\x8c>/\xf1}q<\x06\x98l")%r(DNSVersionBindReqTCP,E, SF:"C\x8f\xde\xf5\xab\xcd#\xc7\xbc\xb9\x1d\xeb/\xe1")%r(DNSStatusRequestTC SF:P,E,"\xa1\xca\x84\x94\x01\x95\xb54XR\xa9\xf9Q)")%r(LPDString,E,"6\xb1n SF:/\x8e9]\x14N%\xaf\xbd\xc6\xd7")%r(TerminalServer,E,"<\xb44\xb1\xdb\xec SF:\xd6_\xfb3f\xa2io")%r(WMSRequest,E,"-*\YP[\x8b\xcb\x94c\xe6Uie")%r(o SF:racle-tns,E,"\xb9\xa4S\x08a\xad"*\xb2\xe2\xac\x9f\xaad"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port84-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\xc3b\x04\xda4\xf6\x0f\xfa\x8f\xcd\x20\xbcJw")%r(DNSVersionBind SF:ReqTCP,E,"\xbcs'\xdd\x13\xd9{Rp\x10\xd18\xec\x11")%r(DNSStatusRequestTC SF:P,E,"\x91\xd2\x10\xd1v\xc4E\x1d\x80\x90\xcb\x03\x88I")%r(LPDString,E,"
SF:xdf\xf7m*\x0c</(\x8f\x86\xee\xfeY\xca")%r(TerminalServer,E,"-\xaf\x92 SF:\x11\xe5r\x05\x10D^\xb4\x20\x06\xd1")%r(WMSRequest,E,"\xac\x8d\x84\x01 SF:\xab7\xa7\x0fxC\x99\x0bI")%r(oracle-tns,E,"\xf1,\x07\xd2\xdf7\x0c\x8f SF:\xbd\x98\x9fa\x82"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port85-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"c\xe2]\xb6\xb3gJH\x03\x01\xd7\x97\xfc\x87")%r(DNSVersionBindRe SF:qTCP,E,"\x85\x86"E\xa0`\xab>\xb1\x15\x04\xd3X\xb5")%r(DNSStatusRequest SF:TCP,E,"\x03%4\x1c\x000[\xaf\x91h\xb9\x01\xc1\xcf")%r(LPDString,E,"\xe0 SF:\xe2$\xe3\xf0X~\xc7\x95\x92\x81\xd5/T")%r(TerminalServer,E,""-\x8a\xe SF:b\xd4\x12\xb9\xfa\xa5\xc9\xfd\xbd\xe4d")%r(WMSRequest,E,"\xee)F\x12\xa SF:4\x84#\xf9@{7\x08g]")%r(oracle-tns,E,"R\x8e\xc5\x9e\xe5\x02\xf6\x9b\x8 SF:4p8IM]"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port88-TCP:V=7.70%I=7%D=6/24%Time=5D10DF1E%P=i686-pc-windows-windows%r( SF:NULL,E,"\xe4X}\xba\xa2\xb2B\xc0\xe8\x8f%\xf1S{")%r(DNSVersionBindReqTCP SF:,E,"2\x0b\xca\x20\xcdp\x9d\x9f\xe5\x96\xa9l]")%r(DNSStatusRequestTCP, SF:E,"\xaa\xd3xI\x07\x1a&\xc1(@%5\xde")%r(LPDString,E,"\xdd\x17o\xd6y\xe SF:ai\xf2\x94\x17\x0e\x95C\x89")%r(TerminalServer,E,"#\xff\xfeH\xecI\x08%
SF:x16\xd2\xfc|\xfc=")%r(WMSRequest,E,"\xc9U\xc9\xd7\x08\xf5!\x05m\x07a\x SF:f5R\xf1")%r(oracle-tns,E,"\xdf\x0f\x1b/7[\xd9\x8e\xbb\xbc\$&\xe8"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 112.239 days (since Mon Mar 04 10:07:43 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.217

Nmap scan report for 217.23.0.218 Host is up (0.023s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 7c:1f:ee:23:17:13:e8:a1:56:32:90:36:04:5e:1f:e3 (DSA) | 2048 db:de:db:a5:71:65:e8:c3:f9:51:e6:1b:c0:60:19:0a (RSA) | 256 fc:0f:52:0a:3b:e2:5a:20:37:47:a9:85:10:6b:64:1c (ECDSA) |_ 256 69:b2:69:40:11:a8:ad:c5:79:a7:55:25:6c:a2:94:80 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%), Linux 3.2.0 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.218

Nmap scan report for 217.23.0.219 Host is up (0.023s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 ba:ad:3c:60:5c:38:af:e4:53:69:11:73:9b:5b:33:d8 (DSA) | 2048 e9:99:33:c9:dc:d6:45:ad:71:99:05:31:db:6f:09:8b (RSA) |_ 256 ea:8b:f2:3b:53:70:8f:34:d3:2c:59:6a:0f:0d:a9:7f (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |_/ |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Did not follow redirect to https://p.bestcms.info/auth/login 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.219

Nmap scan report for 217.23.0.220 Host is up (0.023s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 d8:36:db:d2:b0:70:bc:d9:55:fc:3c:0b:77:1f:53:e9 (DSA) | 2048 d5:82:91:4f:85:a2:39:5c:1a:0c:9d:a7:04:47:38:1f (RSA) | 256 37:b6:d6:a6:f1:a4:33:38:01:c6:26:4b:2c:3e:79:b5 (ECDSA) |_ 256 7b:31:2e:f2:f8:28:aa:14:40:59:c1:fa:a0:0a:23:3b (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (95%), ASUS RT-N56U WAP (Linux 3.4) (94%), Linux 3.1 (94%), Linux 3.2 (94%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (94%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (94%), Linux 2.6.32 - 3.10 (93%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=252 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.220

Nmap scan report for 217.23.0.221 Host is up (0.023s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 e4:c5:4d:a1:7e:f9:af:d9:58:ff:25:d4:bb:e8:35:16 (DSA) | 2048 80:63:84:ab:c5:3e:17:84:cb:1f:a8:3f:de:16:75:95 (RSA) | 256 51:7c:26:ee:af:ec:32:1a:4b:95:f9:7f:19:4b:ec:ee (ECDSA) |_ 256 9b:30:f3:04:0d:2c:84:f2:e0:13:4f:dc:2d:42:cd:9e (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms 217.23.0.221

Nmap scan report for 217.23.0.222 Host is up (0.016s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 fa:f1:ee:b7:4c:0a:93:34:fe:bc:f0:18:9f:56:d2:e0 (DSA) | 2048 6d:80:f1:14:3c:52:ad:dd:36:a7:19:68:91:96:be:88 (RSA) | 256 98:40:a1:41:e9:53:89:23:03:72:b1:da:ec:9f:f0:4a (ECDSA) |_ 256 a0:7b:26:3e:36:49:bf:bd:f2:28:83:d5:47:22:62:c9 (ED25519) 8001/tcp open vcom-tunnel? Aggressive OS guesses: Linux 3.12 - 4.10 (96%), Linux 3.16 (96%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.10 (93%), Western Digital My Cloud DL4100 NAS (Linux 3.10) (93%), Linux 3.1 (93%), Linux 3.2 (93%), Rebranded surveillance DVR (Hikvision, Q-SEE, EYEsurv, A1Webcams, Foscam) (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), Linux 3.10 - 4.1 (92%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms 217.23.0.222

Nmap scan report for 217.23.0.225 Host is up (0.055s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 1.00 ms 217.23.0.225

Nmap scan report for 217.23.0.230 Host is up (0.037s latency). Not shown: 989 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.2 (protocol 2.0) | ssh-hostkey: | 1024 51:4c:64:36:37:99:2b:f9:cc:64:87:9c:5a:e9:d1:57 (DSA) | 2048 ee:d3:b2:9f:8f:c9:46:08:27:44:3b:dc:c7:10:be:61 (RSA) |_ 256 16:28:c3:dd:af:f9:99:06:5f:97:a4:c1:77:e0:35:1e (ECDSA) 80/tcp open http VMware ESXi Server httpd | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-title: Did not follow redirect to https://217.23.0.230/ 88/tcp open kerberos-sec? 389/tcp open ldap VMware vCenter or PSC LDAP PSCv 6.0.0 443/tcp open ssl/http VMware vSphere http config | http-methods: | Supported Methods: GET HEAD POST |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=vdc.find-technology.net/countryName=US | Subject Alternative Name: DNS:vdc.find-technology.net | Issuer: commonName=CA/organizationName=vdc.find-technology.net/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-08-24T13:45:24 | Not valid after: 2028-08-18T13:45:24 | MD5: c8f4 4929 66fe a150 003e fbaa 90ee 7870 |_SHA-1: 3658 0c80 e93d 7a64 9bfd cced 448b 8bc4 4a4e b885 |ssl-date: TLS randomness does not represent time | vmware-version: | Server version: VMware vCenter Server 6.0.0 | Build: 3018523 | Locale version: INTL 000 | OS type: linux-x64 | Product Line ID: vpx 514/tcp open shell? 636/tcp open ssl/ldap VMware vCenter or PSC LDAP PSCv 6.0.0 | ssl-cert: Subject: commonName=vdc.find-technology.net/countryName=US | Subject Alternative Name: DNS:vdc.find-technology.net | Issuer: commonName=CA/organizationName=vdc.find-technology.net/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-08-24T13:45:25 | Not valid after: 2028-08-18T13:45:24 | MD5: c431 ee0e 31ab 9606 5a2f 828d 207a b456 |_SHA-1: 206b 1f53 c180 86b6 6d59 4da5 581a 9c75 5e54 e8ae |_ssl-date: TLS randomness does not represent time 902/tcp closed iss-realsecure 2020/tcp open xinupageserver? 6502/tcp closed netop-rc 8010/tcp closed xmpp Device type: general purpose|firewall|router|WAP|broadband router Running (JUST GUESSING): Linux 4.X|2.6.X|3.X|2.4.X (95%), WatchGuard embedded (92%), Asus embedded (89%) OS CPE: cpe:/o:linux:linux_kernel:4.5 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/h:watchguard:xtm_525 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:asus:rt-ac66u Aggressive OS guesses: Linux 4.5 (95%), Linux 2.6.32 - 3.10 (94%), Linux 2.6.32 - 3.13 (93%), Linux 3.2 - 3.16 (92%), WatchGuard XTM 525 firewall (92%), Linux 3.10 (92%), Linux 3.0 (92%), OpenWrt Barrier Breaker (Linux 3.10) (92%), Linux 4.1 (92%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 104.370 days (since Tue Mar 12 06:59:28 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: vdc.find-technology.net, vdc; CPE: cpe:/o:vmware:esxi, cpe:/o:vmware:vCenter Server:6.0.0

TRACEROUTE (using port 902/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.230

Nmap scan report for 217.23.0.233 Host is up (0.019s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 80/tcp open http-proxy Pound http reverse proxy | http-methods: |_ Supported Methods: GET HEAD POST |http-title: Site doesn't have a title (text/html). 443/tcp open ssl/http-proxy Pound http reverse proxy | http-methods: | Supported Methods: GET HEAD POST |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=.find-technology.com | Subject Alternative Name: DNS:.find-technology.com, DNS:find-technology.com | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-02-14T00:00:00 | Not valid after: 2018-02-14T23:59:59 | MD5: 13c0 7ace cebf 0834 4850 c0ff 9c84 3335 |_SHA-1: f4f5 dd12 80cd 9f3c 0a6f 2824 a181 63f2 3da8 d3c5 |_ssl-date: TLS randomness does not represent time Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 103.517 days (since Wed Mar 13 03:28:36 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.233

Nmap scan report for 217.23.0.239 Host is up (0.0072s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a1:5d:5d:a9:ca:cd:20:73:d0:ae:cd:bd:f1:b4:95:98 (RSA) | 256 a6:8a:ed:59:2c:54:29:f2:bb:16:7b:5f:49:62:84:33 (ECDSA) |_ 256 07:7d:9d:26:3a:ec:89:26:43:f8:3d:b4:18:5a:23:38 (ED25519) 80/tcp open http nginx 1.10.3 (Ubuntu) |_http-favicon: Unknown favicon MD5: 274A769BA0599B5421883908830000BA |http-generator: Odoo | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Home | Negredo Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 159.146 days (since Wed Jan 16 12:22:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.239

Nmap scan report for 217.23.0.240 Host is up (0.019s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 4444/tcp open ssl/http lighttpd 1.4.45 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: lighttpd/1.4.45 |_http-title: Login | ssl-cert: Subject: organizationName=OPNsense/stateOrProvinceName=Zuid-Holland/countryName=NL | Issuer: organizationName=OPNsense/stateOrProvinceName=Zuid-Holland/countryName=NL | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-04-12T06:00:43 | Not valid after: 2018-04-12T06:00:43 | MD5: 3507 5172 311d 520e 4e54 caa5 b07d 6522 |_SHA-1: d19d 730e 337f aa71 daa5 e693 4aab 5bd2 cb29 4621 |_ssl-date: TLS randomness does not represent time Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port OS fingerprint not ideal because: Missing a closed TCP port so results incomplete No OS matches for host Uptime guess: 0.010 days (since Mon Jun 24 16:38:43 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=249 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 4444/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.240

Nmap scan report for 217.23.0.241 Host is up (0.0066s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a1:5d:5d:a9:ca:cd:20:73:d0:ae:cd:bd:f1:b4:95:98 (RSA) | 256 a6:8a:ed:59:2c:54:29:f2:bb:16:7b:5f:49:62:84:33 (ECDSA) |_ 256 07:7d:9d:26:3a:ec:89:26:43:f8:3d:b4:18:5a:23:38 (ED25519) 80/tcp open http nginx 1.10.3 (Ubuntu) |_http-favicon: Unknown favicon MD5: 168E8703FD43CA32015F7FC36C9BECA1 |http-generator: Odoo | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Inicio | Street Vape One 443/tcp open ssl/http nginx 1.10.3 (Ubuntu) |http-generator: Odoo | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Inicio | Street Vape One | ssl-cert: Subject: commonName=streetvapeone.com | Subject Alternative Name: DNS:streetvapeone.com | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-06-24T12:45:33 | Not valid after: 2019-09-22T12:45:33 | MD5: ae79 1554 2edd cc71 01ad 8918 8ddb a67b |SHA-1: 43bd 34a0 70f8 676d efff a852 240f 3529 e58d 7cc8 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | tls-nextprotoneg: | http/1.1 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 9.178 days (since Sat Jun 15 12:35:48 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.241

Nmap scan report for 217.23.0.242 Host is up (0.0066s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a1:5d:5d:a9:ca:cd:20:73:d0:ae:cd:bd:f1:b4:95:98 (RSA) | 256 a6:8a:ed:59:2c:54:29:f2:bb:16:7b:5f:49:62:84:33 (ECDSA) |_ 256 07:7d:9d:26:3a:ec:89:26:43:f8:3d:b4:18:5a:23:38 (ED25519) 80/tcp open http nginx 1.10.3 (Ubuntu) | http-methods: |_ Supported Methods: GET HEAD |http-server-header: nginx/1.10.3 (Ubuntu) |http-title: Welcome to nginx! 443/tcp open ssl/http nginx 1.10.3 (Ubuntu) | http-cookie-flags: | /: | session_id: | httponly flag not set | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Site doesn't have a title (text/html; charset=utf-8). | ssl-cert: Subject: commonName=mofertrans.code360.es | Subject Alternative Name: DNS:mofertrans.code360.es | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-01-16T15:24:01 | Not valid after: 2019-04-16T15:24:01 | MD5: 4ad7 d7c9 acee ead8 cd25 c097 d11e 27ad |SHA-1: 802c cc9c 02bf 97d1 dc4a b1fd cfdd 92f7 eb6a 066b |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | tls-nextprotoneg: | http/1.1 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 158.923 days (since Wed Jan 16 17:43:22 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.242

Nmap scan report for 217.23.0.243 Host is up (0.0064s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 de:0c:06:bb:4f:93:a4:df:20:64:56:e2:0a:b2:ee:eb (RSA) | 256 9a:d6:d1:c8:0a:2a:bf:09:b5:5d:41:e8:58:32:2d:26 (ECDSA) |_ 256 3d:46:d2:94:17:29:b9:97:dd:99:9d:b7:23:48:a3:fd (ED25519) 25/tcp open smtp Postfix smtpd |_smtp-commands: ITE, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | ssl-cert: Subject: commonName=ITE | Issuer: commonName=ITE | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-06-07T15:19:43 | Not valid after: 2028-06-04T15:19:43 | MD5: ba5b 9863 db01 b382 0a95 a35e aee3 664b |_SHA-1: bfe6 aa82 773c 4ac0 6096 39cf fb23 57f3 d316 5a42 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.10.3-P4 (Ubuntu Linux) | dns-nsid: | bind.version: 9.10.3-P4-Ubuntu 80/tcp open http nginx 1.10.3 (Ubuntu) |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: 502 Bad Gateway Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 28.247 days (since Mon May 27 10:56:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: ITE; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.243

Nmap scan report for findgps.net (217.23.0.244) Host is up (0.010s latency). Not shown: 995 filtered ports PORT STATE SERVICE VERSION 80/tcp open http nginx 1.10.0 (Ubuntu) |_http-cors: GET POST PUT DELETE OPTIONS PATCH |http-favicon: Unknown favicon MD5: 70F1E34697DD2BC27911FD0DD29E7A33 | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.0 (Ubuntu) | http-title: FiNDGPS |_Requested resource was /login/?next=/ 5030/tcp open tandem-print Sharp printer tandem printing 5033/tcp open tandem-print Sharp printer tandem printing 5959/tcp open unknown 9898/tcp open ssh OpenSSH 6.2 (protocol 2.0) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: ASUS RT-N56U WAP (Linux 3.4) (92%), Linux 3.1 (92%), Linux 3.16 (92%), Linux 3.2 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (92%), HP P2000 G3 NAS device (91%), Linux 2.6.32 (90%), Linux 3.18 (90%), Android 4.1.1 (90%), Sony Android TV (Android 5.0) (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 103.502 days (since Wed Mar 13 03:49:45 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; Device: printer; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms findgps.net (217.23.0.244)

Nmap scan report for 217.23.0.245 Host is up (0.0065s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 27:46:49:d6:d9:c9:c2:4e:59:2b:42:40:68:3c:40:7b (RSA) | 256 65:48:1e:09:80:76:2e:91:b8:24:87:19:a7:7a:b1:eb (ECDSA) |_ 256 e9:6c:35:d0:61:9f:eb:4a:de:d6:1c:41:c4:bf:38:ff (ED25519) 80/tcp open http nginx 1.10.3 (Ubuntu) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |http-title: Did not follow redirect to https://fuel360.codeworld.es/ 443/tcp open ssl/http nginx 1.10.3 (Ubuntu) |http-favicon: Unknown favicon MD5: DD1E24B1FB6CCA8441671B624B5785DD | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/ |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Login @ 9.0.0 |_http-trane-info: Problem with XML parsing of /evox/about | ssl-cert: Subject: commonName=fuel360.codeworld.es | Subject Alternative Name: DNS:fuel360.codeworld.es | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-06-11T21:41:43 | Not valid after: 2019-09-09T21:41:43 | MD5: 3d41 50b6 c0f3 d3ef 93a7 ef1f 53ad ba1d |_SHA-1: d31b e9e1 ec79 ac02 4dd5 5ab5 fa42 0d80 a6a4 f296 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 91.445 days (since Mon Mar 25 05:11:03 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.245

Nmap scan report for 217.23.0.246 Host is up (0.0066s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 7e:1c:68:cf:4c:b8:ab:c8:ca:c2:a7:90:c7:7e:d6:e4 (RSA) | 256 3b:6c:31:77:62:df:77:07:79:8a:bf:de:fb:cf:78:50 (ECDSA) |_ 256 72:00:38:43:e2:d6:28:6b:14:39:d0:2e:b4:70:8f:e3 (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 75.853 days (since Tue Apr 09 20:23:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.246

Nmap scan report for 217.23.0.247 Host is up (0.0086s latency). Not shown: 995 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 b9:78:2f:6c:77:3e:e8:f6:90:23:2e:fb:bb:57:65:b0 (DSA) | 2048 c6:96:a5:15:b5:d4:54:53:63:60:3c:2c:1c:70:d9:13 (RSA) | 256 45:be:f9:a1:54:37:c6:30:56:3a:33:8e:4b:88:bb:61 (ECDSA) |_ 256 75:83:45:de:aa:ec:85:8b:ee:d2:bd:c9:f9:8a:4b:e0 (ED25519) 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Did not follow redirect to https://217.23.0.247:443/ 443/tcp open ssl/http nginx |http-favicon: Unknown favicon MD5: 85C754581E1D4B628BE5B7712C042224 | http-robots.txt: 52 disallowed entries (15 shown) | / /autocomplete/users /search /api /admin /profile | /dashboard /projects/new /groups/new /groups/*/edit /users /s/ |/snippets/new /snippets//edit /snippets//raw |_http-server-header: nginx |_http-title: GitLab is not responding (502) | ssl-cert: Subject: commonName=.find-technology.com | Subject Alternative Name: DNS:.find-technology.com, DNS:find-technology.com | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-03-02T00:00:00 | Not valid after: 2019-03-02T23:59:59 | MD5: 9239 9bdd 8ea2 b2bf 427d 0489 b8f3 8aed |SHA-1: 1b54 aec3 c712 975a f82e 07db 8ec5 463a cfd6 07df |ssl-date: TLS randomness does not represent time | tls-nextprotoneg: | h2 | http/1.1 5000/tcp open ssl/http Docker Registry (API: 2.0) | http-methods: | Supported Methods: GET POST OPTIONS |_http-title: Site doesn't have a title (text/plain; charset=utf-8). | ssl-cert: Subject: commonName=.find-technology.com | Subject Alternative Name: DNS:.find-technology.com, DNS:find-technology.com | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-03-02T00:00:00 | Not valid after: 2019-03-02T23:59:59 | MD5: 9239 9bdd 8ea2 b2bf 427d 0489 b8f3 8aed |_SHA-1: 1b54 aec3 c712 975a f82e 07db 8ec5 463a cfd6 07df |ssl-date: TLS randomness does not represent time | tls-nextprotoneg: | h2 | http/1.1 9898/tcp open ssh OpenSSH 6.2 (protocol 2.0) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: Crestron XPanel control system (90%), ASUS RT-N56U WAP (Linux 3.4) (88%), Linux 3.1 (88%), Linux 3.16 (88%), Linux 3.2 (88%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%), Linux 3.18 (86%), Android 4.1.1 (86%), Android 5.0 - 6.0.1 (Linux 3.4) (86%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 102.689 days (since Wed Mar 13 23:20:07 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.247

Nmap scan report for codeplesk.com (217.23.0.248) Host is up (0.0066s latency). Not shown: 977 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp ProFTPD 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 8d:3f:91:b6:77:1d:f3:64:4b:ca:45:cc:40:07:ca:8a (RSA) | 256 32:38:4d:c7:c4:a0:57:e3:f1:fb:98:fd:4c:c8:a1:66 (ECDSA) |_ 256 9b:dd:e6:bd:f1:65:59:11:f1:8b:a3:c5:6c:07:b5:23 (ED25519) 25/tcp open smtp Postfix smtpd |_smtp-commands: Couldn't establish connection on port 25 26/tcp open smtp Postfix smtpd |smtp-commands: Couldn't establish connection on port 26 53/tcp open domain (unknown banner: none) | fingerprint-strings: | DNSVersionBindReqTCP: | version | bind | none 80/tcp open http Apache httpd (PleskLin) 106/tcp open pop3pw poppassd 110/tcp open pop3 Dovecot pop3d 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 143/tcp open imap Dovecot imapd 443/tcp open ssl/http Apache httpd (PleskLin) |_http-server-header: Apache 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 465/tcp open ssl/smtp Postfix smtpd |_smtp-commands: Couldn't establish connection on port 465 | ssl-cert: Subject: commonName=codeplesk.com | Subject Alternative Name: DNS:codeplesk.com | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-25T07:23:08 | Not valid after: 2019-08-23T07:23:08 | MD5: e7d6 e29a cc12 77d1 8cb4 26e5 91ba a56f |_SHA-1: c834 ba87 aa19 4a64 e30f f5ac 298e a06b b8f3 7d19 587/tcp open smtp Postfix smtpd |_smtp-commands: Couldn't establish connection on port 587 993/tcp open ssl/imap Dovecot imapd 995/tcp open ssl/pop3 Dovecot pop3d |_ssl-date: TLS randomness does not represent time 3000/tcp open ntop-http Ntop web interface 5.0.1 5500/tcp open hotline? 5666/tcp open tcpwrapped 5901/tcp open vnc Ultr@VNC Repeater 8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1 |_http-server-header: Apache-Coyote/1.1 |_http-title: Apache Tomcat 8443/tcp open ssl/http sw-cp-server httpd (Plesk Onyx 17.8.11) |http-title: Plesk Onyx 17.8.11 | tls-nextprotoneg: | http/1.1 9080/tcp open http Apache Tomcat/Coyote JSP engine 1.1 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-TCP:V=7.70%I=7%D=6/24%Time=5D10DF59%P=i686-pc-windows-windows%r( SF:DNSVersionBindReqTCP,3F,"\0=\0\x06\x85\0\0\x01\0\x01\0\x01\0\0\x07versi SF:on\x04bind\0\0\x10\0\x03\xc0\x0c\0\x10\0\x03\0\0\0\0\0\x05\x04none\xc0
SF:x0c\0\x02\0\x03\0\0\0\0\0\x02\xc0\x0c"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 87.570 days (since Fri Mar 29 02:11:08 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=253 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: codeplesk.com, CODEPLESK; OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms codeplesk.com (217.23.0.248)

Nmap scan report for 217.23.0.249 Host is up (0.0069s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 ab:68:ca:4a:44:9b:c5:4e:78:be:83:ee:71:3c:93:60 (RSA) | 256 9f:55:af:09:2f:fc:ea:1c:33:34:67:72:98:93:e4:9d (ECDSA) |_ 256 cd:91:4d:e1:a4:67:88:f1:42:2c:e0:98:28:a7:fc:11 (ED25519) 53/tcp open tcpwrapped 80/tcp open http nginx 1.10.3 (Ubuntu) | http-cookie-flags: | /: | session_id: |_ httponly flag not set |_http-favicon: Unknown favicon MD5: A342FE863A8E41DFF2A55410C7F118C5 |http-generator: Odoo | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Homepage | My Website Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 74.860 days (since Wed Apr 10 20:14:13 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms 217.23.0.249

Nmap scan report for 217.23.0.250 Host is up (0.0098s latency). Not shown: 996 filtered ports PORT STATE SERVICE VERSION 80/tcp open http nginx 1.10.0 (Ubuntu) |_http-cors: GET POST PUT DELETE OPTIONS PATCH |http-favicon: Unknown favicon MD5: 5771383E83AC82F9D38A1201FC58E9E8 | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: nginx/1.10.0 (Ubuntu) | http-title: Find Technology |_Requested resource was /login/?next=/ 5030/tcp open tandem-print Sharp printer tandem printing 5033/tcp open tandem-print Sharp printer tandem printing 9898/tcp open ssh OpenSSH 6.2 (protocol 2.0) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: Crestron XPanel control system (90%), ASUS RT-N56U WAP (Linux 3.4) (88%), Linux 3.1 (88%), Linux 3.16 (88%), Linux 3.2 (88%), HP P2000 G3 NAS device (87%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%), Android 4.1.1 (86%), Sony Android TV (Android 5.0) (86%), Android 5.0 - 6.0.1 (Linux 3.4) (86%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 103.087 days (since Wed Mar 13 13:47:47 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; Device: printer; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.250

Nmap scan report for 217.23.0.251 Host is up (0.0066s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 27:46:49:d6:d9:c9:c2:4e:59:2b:42:40:68:3c:40:7b (RSA) | 256 65:48:1e:09:80:76:2e:91:b8:24:87:19:a7:7a:b1:eb (ECDSA) |_ 256 e9:6c:35:d0:61:9f:eb:4a:de:d6:1c:41:c4:bf:38:ff (ED25519) 80/tcp open http nginx |http-favicon: Unknown favicon MD5: 7E7E659D4AC89B19B5920C3807EEA9DB | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 4 disallowed entries |/app/ /lib/ /var/ /errors/204.php | http-server-header: | nginx | nginx/1.10.3 (Ubuntu) |http-title: Login to your admin interface 443/tcp open ssl/http nginx 1.10.3 (Ubuntu) | http-robots.txt: 1 disallowed entry |/ |_http-server-header: nginx/1.10.3 (Ubuntu) | ssl-cert: Subject: commonName=cloud.codeworld.es | Subject Alternative Name: DNS:cloud.codeworld.es | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-17T09:16:24 | Not valid after: 2019-08-15T09:16:24 | MD5: 94f0 d08e 8f85 bc80 2079 a7f1 5891 a7af |SHA-1: 94a5 7739 57a4 3f5d 4658 5570 eafb f952 a073 1563 8080/tcp open http Apache httpd 2.4.18 ((Ubuntu)) | http-methods: | Supported Methods: POST OPTIONS GET HEAD |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Apache2 Ubuntu Default Page: It works Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 5.343 days (since Wed Jun 19 08:38:13 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.251

Nmap scan report for 217.23.0.252 Host is up (0.0069s latency). Not shown: 990 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 3e:6c:ca:53:a2:5d:d5:37:fa:97:f9:cc:c0:ad:77:7a (RSA) | 256 67:4d:73:ad:00:4d:16:5b:9b:77:07:86:0b:26:7c:92 (ECDSA) |_ 256 79:f4:f3:a4:0b:3e:84:36:32:4b:43:d0:82:f2:bd:cb (ED25519) 80/tcp open http Apache httpd 2.4.18 |http-favicon: Unknown favicon MD5: 6CF99EBBDF5EE64F7829A1D3E6E78206 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.18 (Ubuntu) | http-title: Login - OpenStack Dashboard |Requested resource was http://217.23.0.252/dashboard/auth/login/?next=/dashboard/ 3260/tcp open tcpwrapped 3306/tcp open mysql MySQL 5.7.26-0ubuntu0.16.04.1 | mysql-info: | Protocol: 10 | Version: 5.7.26-0ubuntu0.16.04.1 | Thread ID: 104949 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: \x05h9Wa7U/5VsvJ1\x1B\x13t4wh | Auth Plugin Name: 96 5500/tcp open hotline? 5901/tcp open vnc Ultr@VNC Repeater 5902/tcp open vnc VNC (protocol 3.3; Locked out) 5903/tcp open vnc VNC (protocol 3.3; Locked out) 6002/tcp open X11 (access denied) 6003/tcp open X11 (access denied) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 182.829 days (since Sun Dec 23 19:59:07 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: 127.0.0.1; OSs: Linux, Unix; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.252

Nmap scan report for 217.23.0.254 Host is up (0.016s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 4001/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 a1:35:c5:eb:ad:cd:67:3e:dc:3e:60:e2:8b:7e:81:7d (DSA) | 2048 bd:83:0e:b3:84:81:eb:60:d4:9f:b4:87:e2:4a:d8:2a (RSA) |_ 256 14:f5:78:3b:7a:27:9d:58:1e:0a:f6:25:2f:cf:c8:08 (ECDSA) 4002/tcp open ms-wbt-server Microsoft Terminal Service 9898/tcp open ssh OpenSSH 6.2 (protocol 2.0) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 105.784 days (since Sun Mar 10 21:02:59 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=266 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel, cpe:/o:microsoft:windows

TRACEROUTE (using port 4002/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.0.254

Nmap scan report for customer.worldstream.nl (217.23.1.1) Host is up (0.029s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 5900/tcp closed vnc 5901/tcp closed vnc-1 5902/tcp closed vnc-2 5903/tcp closed vnc-3 5904/tcp closed unknown 5906/tcp closed unknown 5907/tcp closed unknown 5910/tcp closed cm 50000/tcp closed ibm-db2 50001/tcp closed unknown 50002/tcp closed iiimsf 50003/tcp closed unknown 50006/tcp closed unknown Too many fingerprints match this host to give specific OS details Network Distance: 1 hop

TRACEROUTE (using port 5900/tcp) HOP RTT ADDRESS 1 1.00 ms customer.worldstream.nl (217.23.1.1)

Nmap scan report for customer.worldstream.nl (217.23.1.2) Host is up (0.042s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 1024 ac:de:21:dd:ad:c8:27:a2:28:b6:78:af:ee:75:d2:19 (DSA) | 2048 b0:0d:b8:16:99:be:ea:db:d9:ba:b2:86:a0:a1:41:dc (RSA) | 256 49:12:45:2e:ae:1f:74:58:7e:82:2b:38:cf:4e:76:65 (ECDSA) |_ 256 ec:d1:8d:8f:0c:6a:b6:a4:07:41:c0:d6:34:8e:0b:71 (ED25519) 111/tcp open rpcbind 2-4 (RPC #100000) No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=7.70%E=4%D=6/24%OT=22%CT=1%CU=37842%PV=N%DS=2%DC=T%G=Y%TM=5D10E3A OS:9%P=i686-pc-windows-windows)SEQ(SP=102%GCD=1%ISR=102%TI=I%CI=I%TS=A)SEQ( OS:SP=F9%GCD=1%ISR=102%TI=I%CI=I%II=I%SS=S%TS=A)OPS(O1=ST11M5B4NW0%O2=ST11M OS:5B4NW0%O3=NNT11M5B4NW0%O4=ST11M5B4NW0%O5=ST11M5B4NW0%O6=ST11M5B4)WIN(W1= OS:FE88%W2=FED4%W3=FCAC%W4=FBC4%W5=FBC4%W6=FC03)ECN(R=Y%DF=Y%T=40%W=8052%O= OS:M5B4NNSNW1%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N) OS:T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S OS:+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1( OS:R=Y%DF=N%T=FF%IPL=70%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=Y OS:%T=FF%CD=S)

Uptime guess: 31.185 days (since Fri May 24 12:25:18 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: Incremental

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.2)

Nmap scan report for customer.worldstream.nl (217.23.1.7) Host is up (0.013s latency). Not shown: 986 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds? 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=WORLDST-SSCM2IJ | Issuer: commonName=WORLDST-SSCM2IJ | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-06-13T14:32:24 | Not valid after: 2019-12-13T14:32:24 | MD5: 7671 609c de28 a917 0139 3cc3 53fb 8673 |SHA-1: df03 57c4 edc4 bfda 2670 b473 2bd0 191f ab94 bbb5 |ssl-date: 2019-06-24T14:41:28+00:00; +2s from scanner time. 5800/tcp open vnc-http TightVNC (user: worldst-sscm2ij; VNC TCP port: 5900) | http-methods: | Supported Methods: GET |http-title: TightVNC desktop [worldst-sscm2ij] 5900/tcp open vnc VNC (protocol 3.8) | vnc-info: | Protocol version: 3.8 | Security types: | VNC Authentication (2) | Tight (16) | Tight auth subtypes: | STDV VNCAUTH (2) 8010/tcp open xmpp? 49152/tcp open msrpc Microsoft Windows RPC 49153/tcp open msrpc Microsoft Windows RPC 49154/tcp open msrpc Microsoft Windows RPC 49155/tcp open msrpc Microsoft Windows RPC 49156/tcp open msrpc Microsoft Windows RPC 49157/tcp open msrpc Microsoft Windows RPC 49160/tcp open msrpc Microsoft Windows RPC Device type: general purpose Running: Microsoft Windows 2012|7|8.1 OS CPE: cpe:/o:microsoft:windows_server_2012:r2 cpe:/o:microsoft:windows_7:::ultimate cpe:/o:microsoft:windows_8.1 OS details: Microsoft Windows Server 2012 R2 Update 1, Microsoft Windows 7, Windows Server 2012, or Windows 8.1 Update 1 Uptime guess: 388.754 days (since Thu May 31 22:47:17 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=252 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms customer.worldstream.nl (217.23.1.7)

Nmap scan report for customer.worldstream.nl (217.23.1.9) Host is up (0.025s latency). All 1000 scanned ports on customer.worldstream.nl (217.23.1.9) are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 9.00 ms customer.worldstream.nl (217.23.1.9)

Nmap scan report for mail.filerio.in (217.23.1.12) Host is up (0.0073s latency). Not shown: 994 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ftp-anon: Anonymous FTP login allowed (FTP code 230) | drwxr-xr-x 2 0 0 4096 Mar 15 2011 . |drwxr-xr-x 2 0 0 4096 Mar 15 2011 .. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) | ssh-hostkey: | 1024 bb:c1:1c:dc:bc:c4:f5:e0:b7:69:0e:5d:30:e5:ed:97 (DSA) | 2048 ee:cd:a4:77:3a:5a:7c:6b:e5:f6:16:94:c4:bb:32:49 (RSA) 80/tcp open http Apache httpd 2.2.15 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Did not follow redirect to https://mail.filerio.in/ 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) |http-favicon: Unknown favicon MD5: BDE9999A6AF42584DB0384F6A5C265CE | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: FileRio : : Cloud File Storage - Easy way to share your files | ssl-cert: Subject: commonName=.filerio.in | Subject Alternative Name: DNS:.filerio.in, DNS:filerio.in | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-07-18T11:17:48 | Not valid after: 2019-07-19T11:17:48 | MD5: f261 f50c 9313 0a3c 8e4f 8076 1c1c 2124 |_SHA-1: 4600 a909 aa3c f9d8 2a4d 273d 83f5 2f20 1335 722c |_ssl-date: 2019-06-24T14:45:36+00:00; +18s from scanner time. 3306/tcp open mysql MySQL (unauthorized) 5666/tcp open tcpwrapped Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 3.735 days (since Thu Jun 20 23:14:03 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: filekeen.com

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms mail.filerio.in (217.23.1.12)

Nmap scan report for customer.worldstream.nl (217.23.1.14) Host is up (0.0077s latency). Not shown: 986 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:52 | Not valid after: 2020-04-30T00:03:52 | MD5: 0b34 58ad fcd1 6255 c257 f5b3 b2e6 3dcf |SHA-1: c403 4fcf 8352 75d9 8954 4256 e497 1dda 9500 a62c |ssl-date: TLS randomness does not represent time 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 1f:42:ff:5d:83:23:5e:cd:07:48:99:0d:bd:be:4e:63 (RSA) | 256 24:39:47:39:fe:e7:73:76:2c:b5:2d:b9:e0:ab:c7:31 (ECDSA) | 256 54:c6:68:b4:11:b4:38:60:84:ce:d3:b9:73:4e:dd:57 (ED25519) 25/tcp open smtp? | smtp-commands: es13.worldstream.nl Hello customer.worldstream.nl [217.23.15.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: |_ bind.version: 9.9.4-RedHat-9.9.4-74.el7_6.1 80/tcp open http Apache httpd | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: Site doesn't have a title (text/html). 110/tcp open pop3 Dovecot pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN LOGIN) | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:40 | Not valid after: 2020-04-30T00:03:40 | MD5: a7a9 8cb6 e742 3b1a 98f4 86b8 7bc8 38d0 |_SHA-1: 2a94 5e68 9d63 8b5c e1b0 5642 55a4 ea1f ba72 54b8 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: more OK STARTTLS LOGIN-REFERRALS IMAP4rev1 SASL-IR have ID listed capabilities Pre-login AUTH=LOGINA0001 IDLE LITERAL+ post-login NAMESPACE ENABLE AUTH=PLAIN | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:40 | Not valid after: 2020-04-30T00:03:40 | MD5: a7a9 8cb6 e742 3b1a 98f4 86b8 7bc8 38d0 |_SHA-1: 2a94 5e68 9d63 8b5c e1b0 5642 55a4 ea1f ba72 54b8 |_ssl-date: TLS randomness does not represent time 443/tcp open ssl/http Apache httpd (PHP 5.5.36) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |http-generator: WordPress 5.0.4 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache |_http-title: JAVlike | ssl-cert: Subject: commonName=javlike.org | Subject Alternative Name: DNS:javlike.org, DNS:cpanel.javlike.org, DNS:mail.javlike.org, DNS:webdisk.javlike.org, DNS:webmail.javlike.org, DNS:www.javlike.org | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-12-06T00:00:00 | Not valid after: 2019-03-06T23:59:59 | MD5: cc04 a9e2 6412 f4dd 5760 fb5e f973 34a3 |_SHA-1: 6784 a064 8abb 4dd0 76a0 4e74 6c08 4c62 65ce bad6 |_ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.91 |_smtp-commands: es13.worldstream.nl Hello customer.worldstream.nl [217.23.15.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP, | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:45 | Not valid after: 2020-04-30T00:03:45 | MD5: d42e e260 ee99 cc70 e604 b405 2e5b 3f63 |_SHA-1: eaef c212 8ea0 1e98 41f5 5ab5 7c0d 2aa2 d88a 82f5 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.91 | smtp-commands: es13.worldstream.nl Hello customer.worldstream.nl [217.23.15.11], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:45 | Not valid after: 2020-04-30T00:03:45 | MD5: d42e e260 ee99 cc70 e604 b405 2e5b 3f63 |_SHA-1: eaef c212 8ea0 1e98 41f5 5ab5 7c0d 2aa2 d88a 82f5 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot imapd |_imap-capabilities: more OK ENABLE LOGIN-REFERRALS IMAP4rev1 SASL-IR have ID listed capabilities Pre-login AUTH=LOGINA0001 LITERAL+ post-login NAMESPACE IDLE AUTH=PLAIN | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:40 | Not valid after: 2020-04-30T00:03:40 | MD5: a7a9 8cb6 e742 3b1a 98f4 86b8 7bc8 38d0 |_SHA-1: 2a94 5e68 9d63 8b5c e1b0 5642 55a4 ea1f ba72 54b8 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=es13.worldstream.nl | Issuer: commonName=es13.worldstream.nl | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-01T00:03:40 | Not valid after: 2020-04-30T00:03:40 | MD5: a7a9 8cb6 e742 3b1a 98f4 86b8 7bc8 38d0 |_SHA-1: 2a94 5e68 9d63 8b5c e1b0 5642 55a4 ea1f ba72 54b8 |_ssl-date: TLS randomness does not represent time 3306/tcp open mysql MySQL (unauthorized) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 10.626 days (since Fri Jun 14 01:51:31 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: es13.worldstream.nl; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms customer.worldstream.nl (217.23.1.14)

Nmap scan report for 217.23.1.15 Host is up (0.091s latency). Not shown: 993 closed ports PORT STATE SERVICE VERSION 80/tcp open http VMware ESXi Server httpd | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-title: Did not follow redirect to https://217.23.1.15/ 427/tcp open svrloc? 443/tcp open ssl/http VMware ESXi Server httpd | http-methods: | Supported Methods: GET HEAD POST |_http-title: " + ID_EESX_Welcome + " | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-07-08T10:13:53 | Not valid after: 2028-01-07T10:13:53 | MD5: 93f3 df93 a051 bba4 8203 799f e675 b044 |_SHA-1: 27dc a93c ebfe 50cc 2172 d3af c32c 66a4 3d9c 855b |ssl-date: TLS randomness does not represent time | vmware-version: | Server version: VMware ESXi 6.0.0 | Build: 3620759 | Locale version: INTL 000 | OS type: vmnix-x86 | Product Line ID: embeddedEsx 902/tcp open ssl/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP) 5989/tcp open ssl/wbem SBLIM Small Footprint CIM Broker | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-07-08T10:13:53 | Not valid after: 2028-01-07T10:13:53 | MD5: 93f3 df93 a051 bba4 8203 799f e675 b044 |_SHA-1: 27dc a93c ebfe 50cc 2172 d3af c32c 66a4 3d9c 855b |_ssl-date: TLS randomness does not represent time 8000/tcp open http-alt? 8300/tcp open tmi? Aggressive OS guesses: VMware ESXi 5.0 - 5.5 (97%), VMware ESXi 6.0.0 (96%), Crestron XPanel control system (94%), VMware ESXi 4.1 (94%), FreeBSD 7.0-RELEASE-p1 - 10.0-CURRENT (94%), VMware ESXi 5.5 (94%), FreeBSD 8.0-RELEASE (92%), Epson Stylus Pro 400 printer (92%), FreeNAS 0.69.2 (FreeBSD 6.3-STABLE - 6.4-RELEASE) (92%), VMware ESXi 4.1.0 (92%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 220.689 days (since Thu Nov 15 23:20:44 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=204 (Good luck!) IP ID Sequence Generation: Incremental Service Info: Host: customer.worldstream.nl; CPE: cpe:/o:vmware:esxi

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms 217.23.1.15

Nmap scan report for customer.worldstream.nl (217.23.1.16) Host is up (0.0071s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 873/tcp open rsync (protocol version 31) 7777/tcp open cbt? 8087/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST |_http-server-header: nginx |_http-title: 403 Forbidden Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 164.691 days (since Thu Jan 10 23:17:17 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.16)

Nmap scan report for customer.worldstream.nl (217.23.1.17) Host is up (0.044s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.23 ((Win32) OpenSSL/1.0.2h PHP/7.0.9) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/7.0.9 |_http-title: Site doesn't have a title (text/html). 443/tcp open ssl/http Apache httpd 2.4.23 ((Win32) OpenSSL/1.0.2h PHP/7.0.9) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |http-generator: WordPress 5.0.4 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/7.0.9 | ssl-cert: Subject: commonName=localhost | Issuer: commonName=localhost | Public Key type: rsa | Public Key bits: 1024 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2009-11-10T23:48:47 | Not valid after: 2019-11-08T23:48:47 | MD5: a0a4 4cc9 9e84 b26f 9e63 9f9e d229 dee0 |_SHA-1: b023 8c54 7a90 5bfa 119c 4e8b acca eacf 3649 1ff6 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=PC1 | Issuer: commonName=PC1 | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-04-05T07:52:07 | Not valid after: 2019-10-05T07:52:07 | MD5: 3ea9 2d6c 6ac1 c601 8fa6 89f3 9bf8 a692 |_SHA-1: 27ee 9ff5 5438 538d c2b7 8100 5b43 0001 2fae 7877 |_ssl-date: 2019-06-24T14:40:46+00:00; +17s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port OS details: Microsoft Windows Server 2008 or 2008 Beta 3, Microsoft Windows Server 2008 R2 or Windows 8.1, Microsoft Windows 7 Professional or Windows 8, Microsoft Windows Embedded Standard 7, Microsoft Windows 8.1 R1, Microsoft Windows Phone 7.5 or 8.0, Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7, Microsoft Windows Vista SP2, Windows 7 SP1, or Windows Server 2008 Uptime guess: 2.873 days (since Fri Jun 21 19:55:26 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: Busy server or unknown class Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results: |_clock-skew: mean: 16s, deviation: 0s, median: 16s

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms customer.worldstream.nl (217.23.1.17)

Nmap scan report for customer.worldstream.nl (217.23.1.18) Host is up (0.014s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.23 ((Win32) OpenSSL/1.0.2h PHP/7.0.9) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-server-header: Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/7.0.9 443/tcp open ssl/http Apache httpd 2.4.23 ((Win32) OpenSSL/1.0.2h PHP/7.0.9) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2.4.23 (Win32) OpenSSL/1.0.2h PHP/7.0.9 | ssl-cert: Subject: commonName=localhost | Issuer: commonName=localhost | Public Key type: rsa | Public Key bits: 1024 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2009-11-10T23:48:47 | Not valid after: 2019-11-08T23:48:47 | MD5: a0a4 4cc9 9e84 b26f 9e63 9f9e d229 dee0 |_SHA-1: b023 8c54 7a90 5bfa 119c 4e8b acca eacf 3649 1ff6 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=PC2 | Issuer: commonName=PC2 | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-04-04T04:34:43 | Not valid after: 2019-10-04T04:34:43 | MD5: c4e8 931d b26d d515 6d29 9f36 87b2 6229 |_SHA-1: ca74 d12c 724e 76f7 9ada 9962 7839 d166 80fb f394 |_ssl-date: 2019-06-24T14:40:34+00:00; +17s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|specialized|phone Running: Microsoft Windows 2008|8.1|7|Phone|Vista OS CPE: cpe:/o:microsoft:windows_server_2008::beta3 cpe:/o:microsoft:windows_server_2008 cpe:/o:microsoft:windows_8.1 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows cpe:/o:microsoft:windows_vista::- cpe:/o:microsoft:windows_vista::sp1 OS details: Microsoft Windows Server 2008 or 2008 Beta 3, Microsoft Windows Server 2008 R2 or Windows 8.1, Microsoft Windows Embedded Standard 7, Microsoft Windows Phone 7.5 or 8.0, Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7 Uptime guess: 84.933 days (since Sun Mar 31 18:29:33 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: Busy server or unknown class Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results: |_clock-skew: mean: 16s, deviation: 0s, median: 16s

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms customer.worldstream.nl (217.23.1.18)

Nmap scan report for customer.worldstream.nl (217.23.1.19) Host is up (0.0090s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 e7:20:51:cf:43:0c:c5:cf:e7:62:9e:8e:97:98:d7:8b (DSA) | 2048 e0:0e:0c:28:8d:dd:f8:98:ef:4b:b0:3a:9a:5a:ee:29 (RSA) | 256 41:da:51:87:03:77:2b:e5:bd:02:fd:2a:e1:cf:5f:30 (ECDSA) |_ 256 04:aa:a7:bd:ad:ba:4e:5f:6c:b8:b8:25:c7:54:1b:a0 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 19.045 days (since Wed Jun 05 15:48:19 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 6.00 ms customer.worldstream.nl (217.23.1.19)

Nmap scan report for customer.worldstream.nl (217.23.1.20) Host is up (0.0069s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: DD613EC73695DDB4DD4899E494C22786 |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8594 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: R06^Ur\Vz'N2Q~H,DOC> | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.886 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.20)

Nmap scan report for customer.worldstream.nl (217.23.1.21) Host is up (0.020s latency). Not shown: 990 filtered ports PORT STATE SERVICE VERSION 22/tcp closed ssh 80/tcp open http VMware ESXi Server httpd | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |http-title: Site doesn't have a title (text/html; charset=UTF-8). 427/tcp open svrloc? 443/tcp open ssl/http VMware ESXi Web UI |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-01-23T22:51:57 | Not valid after: 2029-07-24T22:51:57 | MD5: c90e 2b15 e21d 36b0 756a a52b f0c2 7861 |_SHA-1: 2803 4cf7 6b0c 7b9b e36e 2f31 1e1a 9a09 399c 732b |ssl-date: TLS randomness does not represent time | vmware-version: | Server version: VMware ESXi 6.5.0 | Build: 4564106 | Locale version: INTL 000 | OS type: vmnix-x86 | Product Line ID: embeddedEsx 902/tcp open ssl/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP) 5988/tcp closed wbem-http 5989/tcp closed wbem-https 8000/tcp open http-alt? 8300/tcp open tmi? 9080/tcp open ssl/soap gSOAP 2.8 |_http-server-header: gSOAP/2.8 |_http-title: Site doesn't have a title (text/xml). | ssl-cert: Subject: commonName=customer.worldstream.nl/organizationName=VMware, Inc/stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:customer.worldstream.nl | Issuer: organizationName=VMware Installer | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-01-23T22:51:57 | Not valid after: 2029-07-24T22:51:57 | MD5: c90e 2b15 e21d 36b0 756a a52b f0c2 7861 |_SHA-1: 2803 4cf7 6b0c 7b9b e36e 2f31 1e1a 9a09 399c 732b Aggressive OS guesses: VMware ESXi 6.0.0 (98%), VMware ESXi 5.0 - 5.5 (96%), VMware ESXi 4.1 (95%), VMware ESXi 5.5 (94%), Crestron XPanel control system (92%), FreeBSD 7.0-RELEASE-p1 - 10.0-CURRENT (91%), NAS4Free (FreeBSD 9.1) (90%), VMware ESX Server 4.0.1 (90%), FreeBSD 5.2.1-RELEASE (90%), FreeBSD 8.0-BETA2 - 10.1-RELEASE (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 208.806 days (since Tue Nov 27 20:31:35 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=183 (Good luck!) IP ID Sequence Generation: Incremental Service Info: CPE: cpe:/o:vmware:esxi, cpe:/o:vmware:ESXi:6.5.0

TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.21)

Nmap scan report for customer.worldstream.nl (217.23.1.22) Host is up (0.0067s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) | ssh-hostkey: | 1024 0a:5a:4e:ce:e1:1c:69:98:4f:7c:6b:e7:a4:74:ea:61 (DSA) |_ 2048 95:57:4f:27:da:62:ad:8d:fe:31:26:85:a9:16:3c:34 (RSA) 5950/tcp open vnc VNC (protocol 3.8) | vnc-info: | Protocol version: 3.8 | Security types: |_ VNC Authentication (2) Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 12.978 days (since Tue Jun 11 17:24:45 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.22)

Nmap scan report for customer.worldstream.nl (217.23.1.23) Host is up (0.0075s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: DD613EC73695DDB4DD4899E494C22786 |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8587 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: "5&[wh#o+#o(u:^MESPu | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.886 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.23)

Nmap scan report for eu.vavilov.org (217.23.1.24) Host is up (0.0095s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 60:d1:a4:ed:02:54:0f:98:da:85:e3:d2:06:1a:90:f1 (RSA) | 256 b9:b1:29:08:15:11:77:5e:23:82:c2:48:05:a1:a7:93 (ECDSA) |_ 256 d0:26:a0:47:87:54:49:84:5c:cf:ef:81:6b:c7:ee:2e (ED25519) 25/tcp open smtp Postfix smtpd |_smtp-commands: eu.vavilov.org, PIPELINING, SIZE 64000111, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |ssl-date: TLS randomness does not represent time 53/tcp open domain (generic dns response: NOTIMP) | fingerprint-strings: | DNSVersionBindReqTCP: | version | bind 80/tcp open http Apache httpd 2.4.6 ((CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 |http-title: Site doesn't have a title (text/html; charset=UTF-8). 443/tcp open ssl/http Apache httpd 2.4.6 ((CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 |_http-title: 400 Bad Request | ssl-cert: Subject: commonName=semantica.pro | Subject Alternative Name: DNS:eu.vavilov.org, DNS:semantica.pro, DNS:vavilov.org, DNS:www.semantica.pro, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:44 | Not valid after: 2019-08-18T01:02:44 | MD5: 1c06 f996 7da8 d2fa 5580 276b 20a0 8c40 |_SHA-1: dbc1 a40b 23e4 4454 0e6a 1b74 ec10 984d 2678 46ed |ssl-date: TLS randomness does not represent time 444/tcp open ssl/http SoftEther VPN httpd | http-methods: | Supported Methods: GET |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |_SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |_ssl-date: TLS randomness does not represent time 587/tcp open smtp Postfix smtpd |_smtp-commands: eu.vavilov.org, PIPELINING, SIZE 64000111, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |_SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |ssl-date: TLS randomness does not represent time 992/tcp open ssl/http SoftEther VPN httpd | http-methods: | Supported Methods: HEAD |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |_SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot imapd | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |_SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |ssl-date: TLS randomness does not represent time 2196/tcp closed unknown 4443/tcp closed pharos 5555/tcp open ssl/http SoftEther VPN httpd | http-methods: | Supported Methods: GET POST |_http-title: 403 Forbidden | ssl-cert: Subject: commonName=vavilov.org | Subject Alternative Name: DNS:eu.vavilov.org, DNS:vavilov.org, DNS:www.vavilov.org | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-20T01:02:53 | Not valid after: 2019-08-18T01:02:53 | MD5: 2489 ba31 335c fd09 e8aa a14d efbd 9cdb |_SHA-1: ef32 7df4 d449 7a0a 73b6 3261 ac86 1393 0856 9e5b |_ssl-date: TLS randomness does not represent time 8080/tcp closed http-proxy 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-TCP:V=7.70%I=7%D=6/24%Time=5D10DFBB%P=i686-pc-windows-windows%r( SF:DNSVersionBindReqTCP,20,"\0\x1e\0\x06\x81\x05\0\x01\0\0\0\0\0\0\x07vers SF:ion\x04bind\0\0\x10\0\x03")%r(DNSStatusRequestTCP,E,"\0\x0c\0\0\x90\x04 SF:\0\0\0\0\0\0\0\0"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 28.122 days (since Mon May 27 13:56:44 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: eu.vavilov.org

TRACEROUTE (using port 8080/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms eu.vavilov.org (217.23.1.24)

Nmap scan report for customer.worldstream.nl (217.23.1.26) Host is up (0.0082s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 05:31:8c:22:fd:b9:85:a1:f9:f7:e5:16:9a:9f:90:d6 (DSA) | 2048 84:23:98:cb:92:28:2a:20:75:5a:0b:9d:c7:fe:d2:5c (RSA) | 256 27:23:fd:95:c9:24:d9:21:c2:a8:27:7f:67:b6:cd:46 (ECDSA) |_ 256 78:9b:c9:74:f1:44:b0:68:3d:d2:89:9c:5d:22:21:35 (ED25519) 7000/tcp open afs3-fileserver? |_irc-info: Unable to open connection 7999/tcp filtered irdmi2 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 18.909 days (since Wed Jun 05 19:02:47 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=255 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 2.00 ms customer.worldstream.nl (217.23.1.26)

Nmap scan report for mainhost.mailbeleid.nl (217.23.1.27) Host is up (0.016s latency). Not shown: 383 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds? 2001/tcp open tcpwrapped 2002/tcp open tcpwrapped 2003/tcp open tcpwrapped 2004/tcp open tcpwrapped 2005/tcp open tcpwrapped 2006/tcp open tcpwrapped 2007/tcp open tcpwrapped 2008/tcp open tcpwrapped 2009/tcp open tcpwrapped 2010/tcp open tcpwrapped 2013/tcp open tcpwrapped 2020/tcp open tcpwrapped 2021/tcp open tcpwrapped 2022/tcp open tcpwrapped 2030/tcp open tcpwrapped 2033/tcp open tcpwrapped 2034/tcp open tcpwrapped 2035/tcp open tcpwrapped 2038/tcp open tcpwrapped 2040/tcp open tcpwrapped 2041/tcp open tcpwrapped 2042/tcp open tcpwrapped 2043/tcp open tcpwrapped 2045/tcp open tcpwrapped 2046/tcp open tcpwrapped 2047/tcp open tcpwrapped 2048/tcp open tcpwrapped 2049/tcp open tcpwrapped 2065/tcp open tcpwrapped 2068/tcp open tcpwrapped 2099/tcp open tcpwrapped 2100/tcp open tcpwrapped 2103/tcp open tcpwrapped 2105/tcp open tcpwrapped 2106/tcp open tcpwrapped 2107/tcp open tcpwrapped 2111/tcp open ftp Microsoft ftpd | ftp-syst: |_ SYST: Windows_NT 2119/tcp open tcpwrapped 2121/tcp open tcpwrapped 2126/tcp open tcpwrapped 2135/tcp open tcpwrapped 2144/tcp open tcpwrapped 2160/tcp open tcpwrapped 2161/tcp open tcpwrapped 2170/tcp open tcpwrapped 2179/tcp open tcpwrapped 2190/tcp open tcpwrapped 2191/tcp open tcpwrapped 2196/tcp open tcpwrapped 2200/tcp open tcpwrapped 2222/tcp open tcpwrapped 2251/tcp open tcpwrapped 2260/tcp open tcpwrapped 2288/tcp open tcpwrapped 2301/tcp open tcpwrapped 2323/tcp open tcpwrapped 2366/tcp open tcpwrapped 2381/tcp open tcpwrapped 2382/tcp open tcpwrapped 2383/tcp open tcpwrapped 2393/tcp open tcpwrapped 2394/tcp open tcpwrapped 2399/tcp open tcpwrapped 2401/tcp open tcpwrapped 2492/tcp open tcpwrapped 2500/tcp open tcpwrapped 2522/tcp open tcpwrapped 2525/tcp open tcpwrapped 2557/tcp open tcpwrapped 2601/tcp open tcpwrapped 2602/tcp open tcpwrapped 2604/tcp open tcpwrapped 2605/tcp open tcpwrapped 2607/tcp open tcpwrapped 2608/tcp open tcpwrapped 2638/tcp open tcpwrapped 2701/tcp open tcpwrapped 2702/tcp open tcpwrapped 2710/tcp open tcpwrapped 2717/tcp open tcpwrapped 2718/tcp open tcpwrapped 2725/tcp open tcpwrapped 2800/tcp open tcpwrapped 2809/tcp open tcpwrapped 2811/tcp open tcpwrapped 2869/tcp open tcpwrapped 2875/tcp open tcpwrapped 2909/tcp open tcpwrapped 2910/tcp open tcpwrapped 2920/tcp open tcpwrapped 2967/tcp open tcpwrapped 2968/tcp open tcpwrapped 2998/tcp open tcpwrapped 3000/tcp open tcpwrapped 3001/tcp open tcpwrapped 3003/tcp open tcpwrapped 3005/tcp open tcpwrapped 3006/tcp open tcpwrapped 3007/tcp open tcpwrapped 3011/tcp open tcpwrapped 3013/tcp open tcpwrapped 3017/tcp open tcpwrapped 3030/tcp open tcpwrapped 3031/tcp open tcpwrapped 3052/tcp open tcpwrapped 3071/tcp open tcpwrapped 3077/tcp open tcpwrapped 3128/tcp open tcpwrapped 3168/tcp open tcpwrapped 3211/tcp open tcpwrapped 3221/tcp open tcpwrapped 3260/tcp open tcpwrapped 3261/tcp open tcpwrapped 3268/tcp open tcpwrapped 3269/tcp open tcpwrapped 3283/tcp open tcpwrapped 3300/tcp open tcpwrapped 3301/tcp open tcpwrapped 3306/tcp open tcpwrapped |_mysql-info: ERROR: Script execution failed (use -d to debug) 3322/tcp open tcpwrapped 3323/tcp open tcpwrapped 3324/tcp open tcpwrapped 3325/tcp open tcpwrapped 3333/tcp open tcpwrapped 3351/tcp open tcpwrapped 3367/tcp open tcpwrapped 3369/tcp open tcpwrapped 3370/tcp open tcpwrapped 3371/tcp open tcpwrapped 3372/tcp open tcpwrapped 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=WORLDST-UQ544BO | Issuer: commonName=WORLDST-UQ544BO | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2019-01-26T12:00:52 | Not valid after: 2019-07-28T12:00:52 | MD5: be3d f64b e6d5 75ee 3a67 cf0c 77f3 2b4d |SHA-1: 1365 f21f 8738 ee39 6fef 00e8 fafa b1eb 89ed 8a88 |ssl-date: 2019-06-24T14:43:12+00:00; +15s from scanner time. 3390/tcp open tcpwrapped 3404/tcp open tcpwrapped 3476/tcp open tcpwrapped 3493/tcp open tcpwrapped 3517/tcp open tcpwrapped 3527/tcp open tcpwrapped 3546/tcp open tcpwrapped 3551/tcp open tcpwrapped 3580/tcp open tcpwrapped 3659/tcp open tcpwrapped 3689/tcp open tcpwrapped 3690/tcp open tcpwrapped 3703/tcp open tcpwrapped 3737/tcp open tcpwrapped 3766/tcp open tcpwrapped 3784/tcp open tcpwrapped 3800/tcp open tcpwrapped 3801/tcp open tcpwrapped 3809/tcp open tcpwrapped 3814/tcp open tcpwrapped 3826/tcp open tcpwrapped 3827/tcp open tcpwrapped 3828/tcp open tcpwrapped 3851/tcp open tcpwrapped 3869/tcp open tcpwrapped 3871/tcp open tcpwrapped 3878/tcp open tcpwrapped 3880/tcp open tcpwrapped 3889/tcp open tcpwrapped 3905/tcp open tcpwrapped 3914/tcp open tcpwrapped 3918/tcp open tcpwrapped 3920/tcp open tcpwrapped 3945/tcp open tcpwrapped 3971/tcp open tcpwrapped 3986/tcp open tcpwrapped 3995/tcp open tcpwrapped 3998/tcp open tcpwrapped 4000/tcp open tcpwrapped 4001/tcp open tcpwrapped 4002/tcp open tcpwrapped 4003/tcp open tcpwrapped 4004/tcp open tcpwrapped 4005/tcp open tcpwrapped 4006/tcp open tcpwrapped 4045/tcp open tcpwrapped 4111/tcp open tcpwrapped 4125/tcp open tcpwrapped 4126/tcp open tcpwrapped 4129/tcp open tcpwrapped 4224/tcp open tcpwrapped 4242/tcp open tcpwrapped 4279/tcp open tcpwrapped 4321/tcp open tcpwrapped 4343/tcp open tcpwrapped 4443/tcp open tcpwrapped 4444/tcp open tcpwrapped 4445/tcp open tcpwrapped 4446/tcp open tcpwrapped 4449/tcp open tcpwrapped 4550/tcp open tcpwrapped 4567/tcp open tcpwrapped 4662/tcp open tcpwrapped 4848/tcp open tcpwrapped 4899/tcp open tcpwrapped 4900/tcp open tcpwrapped 4998/tcp open tcpwrapped 5000/tcp open tcpwrapped 5001/tcp open tcpwrapped 5002/tcp open tcpwrapped 5003/tcp open tcpwrapped 5004/tcp open tcpwrapped 5009/tcp open tcpwrapped 5030/tcp open tcpwrapped 5033/tcp open tcpwrapped 5050/tcp open tcpwrapped 5051/tcp open tcpwrapped 5054/tcp open tcpwrapped 5060/tcp open tcpwrapped 5061/tcp open tcpwrapped 5080/tcp open tcpwrapped 5087/tcp open tcpwrapped 5100/tcp open tcpwrapped 5101/tcp open tcpwrapped 5102/tcp open tcpwrapped 5120/tcp open tcpwrapped 5190/tcp open tcpwrapped 5200/tcp open tcpwrapped 5214/tcp open tcpwrapped 5221/tcp open tcpwrapped 5222/tcp open tcpwrapped | xmpp-info: | STARTTLS Failed | info: | unknown: | | compression_methods: | | errors: | (timeout) | auth_mechanisms: | | features: | | xmpp: | | capabilities: 5225/tcp open tcpwrapped 5226/tcp open tcpwrapped 5269/tcp open tcpwrapped | xmpp-info: | STARTTLS Failed | info: | unknown: | | compression_methods: | | errors: | (timeout) | auth_mechanisms: | | features: | | xmpp: | | capabilities: 5280/tcp open tcpwrapped 5298/tcp open tcpwrapped 5357/tcp open tcpwrapped 5405/tcp open tcpwrapped 5414/tcp open tcpwrapped 5431/tcp open tcpwrapped 5432/tcp open tcpwrapped 5440/tcp open tcpwrapped 5500/tcp open tcpwrapped 5510/tcp open tcpwrapped 5544/tcp open tcpwrapped 5550/tcp open tcpwrapped 5555/tcp open tcpwrapped 5560/tcp open tcpwrapped 5566/tcp open tcpwrapped 5631/tcp open tcpwrapped 5633/tcp open tcpwrapped 5666/tcp open tcpwrapped 5678/tcp open tcpwrapped 5679/tcp open tcpwrapped 5718/tcp open tcpwrapped 5730/tcp open tcpwrapped 5800/tcp open tcpwrapped 5801/tcp open tcpwrapped 5802/tcp open tcpwrapped 5810/tcp open tcpwrapped 5811/tcp open tcpwrapped 5815/tcp open tcpwrapped 5822/tcp open tcpwrapped 5825/tcp open tcpwrapped 5850/tcp open tcpwrapped 5859/tcp open tcpwrapped 5862/tcp open tcpwrapped 5877/tcp open tcpwrapped 5900/tcp open tcpwrapped 5901/tcp open tcpwrapped 5902/tcp open tcpwrapped 5903/tcp open tcpwrapped 5904/tcp open tcpwrapped 5906/tcp open tcpwrapped 5907/tcp open tcpwrapped 5910/tcp open tcpwrapped 5911/tcp open tcpwrapped 5915/tcp open tcpwrapped 5922/tcp open tcpwrapped 5925/tcp open tcpwrapped 5950/tcp open tcpwrapped 5952/tcp open tcpwrapped 5959/tcp open tcpwrapped 5960/tcp open tcpwrapped 5961/tcp open tcpwrapped 5962/tcp open tcpwrapped 5963/tcp open tcpwrapped 5987/tcp open tcpwrapped 5988/tcp open tcpwrapped 5989/tcp open tcpwrapped 5998/tcp open tcpwrapped 5999/tcp open tcpwrapped 6000/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6001/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6002/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6003/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6004/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6005/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6006/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6007/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6009/tcp open tcpwrapped |_x11-access: ERROR: Script execution failed (use -d to debug) 6025/tcp open tcpwrapped 6059/tcp open tcpwrapped 6100/tcp open tcpwrapped 6101/tcp open tcpwrapped 6106/tcp open tcpwrapped 6112/tcp open tcpwrapped 6123/tcp open tcpwrapped 6129/tcp open tcpwrapped 6156/tcp open tcpwrapped 6346/tcp open tcpwrapped 6389/tcp open tcpwrapped 6502/tcp open tcpwrapped 6510/tcp open tcpwrapped 6543/tcp open tcpwrapped 6547/tcp open tcpwrapped 6565/tcp open tcpwrapped 6566/tcp open tcpwrapped 6567/tcp open tcpwrapped 6580/tcp open tcpwrapped 6646/tcp open tcpwrapped 6666/tcp open tcpwrapped |_irc-info: Unable to open connection 6667/tcp open tcpwrapped |_irc-info: Unable to open connection 6668/tcp open tcpwrapped |_irc-info: Unable to open connection 6669/tcp open tcpwrapped |_irc-info: Unable to open connection 6689/tcp open tcpwrapped 6692/tcp open tcpwrapped 6699/tcp open tcpwrapped 6779/tcp open tcpwrapped 6788/tcp open tcpwrapped 6789/tcp open tcpwrapped 6792/tcp open tcpwrapped 6839/tcp open tcpwrapped 6881/tcp open tcpwrapped 6901/tcp open tcpwrapped 6969/tcp open tcpwrapped 7000/tcp open tcpwrapped |_irc-info: Unable to open connection 7001/tcp open tcpwrapped 7002/tcp open tcpwrapped 7004/tcp open tcpwrapped 7007/tcp open tcpwrapped 7019/tcp open tcpwrapped 7025/tcp open tcpwrapped 7070/tcp open tcpwrapped 7100/tcp open tcpwrapped 7103/tcp open tcpwrapped 7106/tcp open tcpwrapped 7200/tcp open tcpwrapped 7201/tcp open tcpwrapped 7402/tcp open tcpwrapped 7435/tcp open tcpwrapped 7443/tcp open tcpwrapped 7496/tcp open tcpwrapped 7512/tcp open tcpwrapped 7625/tcp open tcpwrapped 7627/tcp open tcpwrapped 7676/tcp open tcpwrapped 7741/tcp open tcpwrapped 7777/tcp open tcpwrapped 7778/tcp open tcpwrapped 7800/tcp open tcpwrapped 7911/tcp open tcpwrapped 7920/tcp open tcpwrapped 7921/tcp open tcpwrapped 7937/tcp open tcpwrapped 7938/tcp open tcpwrapped 7999/tcp open tcpwrapped 8000/tcp open tcpwrapped 8001/tcp open tcpwrapped 8002/tcp open tcpwrapped 8007/tcp open tcpwrapped 8008/tcp open tcpwrapped 8009/tcp open tcpwrapped |_ajp-methods: Failed to get a valid response for the OPTION request 8010/tcp open tcpwrapped 8011/tcp open tcpwrapped 8021/tcp open tcpwrapped 8022/tcp open tcpwrapped 8031/tcp open tcpwrapped 8042/tcp open tcpwrapped 8045/tcp open tcpwrapped 8081/tcp open tcpwrapped 8082/tcp open tcpwrapped 8083/tcp open tcpwrapped 8084/tcp open tcpwrapped 8085/tcp open tcpwrapped 8086/tcp open tcpwrapped 8087/tcp open tcpwrapped 8088/tcp open tcpwrapped 8089/tcp open tcpwrapped 8090/tcp open tcpwrapped 8093/tcp open tcpwrapped 8099/tcp open tcpwrapped 8100/tcp open tcpwrapped 8180/tcp open tcpwrapped 8181/tcp open tcpwrapped 8192/tcp open tcpwrapped 8193/tcp open tcpwrapped 8194/tcp open tcpwrapped 8200/tcp open tcpwrapped 8222/tcp open tcpwrapped 8254/tcp open tcpwrapped 8290/tcp open tcpwrapped 8291/tcp open tcpwrapped 8292/tcp open tcpwrapped 8300/tcp open tcpwrapped 8333/tcp open tcpwrapped 8383/tcp open tcpwrapped 8400/tcp open tcpwrapped 8402/tcp open tcpwrapped 8443/tcp open tcpwrapped 8500/tcp open tcpwrapped 8600/tcp open tcpwrapped 8649/tcp open tcpwrapped 8651/tcp open tcpwrapped 8652/tcp open tcpwrapped 8654/tcp open tcpwrapped 8701/tcp open tcpwrapped 8800/tcp open tcpwrapped 8873/tcp open tcpwrapped 8888/tcp open tcpwrapped 8899/tcp open tcpwrapped 8994/tcp open tcpwrapped 9000/tcp open tcpwrapped 9001/tcp open tcpwrapped 9002/tcp open tcpwrapped 9003/tcp open tcpwrapped 9009/tcp open tcpwrapped 9010/tcp open tcpwrapped 9011/tcp open tcpwrapped 9040/tcp open tcpwrapped 9050/tcp open tcpwrapped 9071/tcp open tcpwrapped 9080/tcp open tcpwrapped 9081/tcp open tcpwrapped 9090/tcp open tcpwrapped 9091/tcp open tcpwrapped 9099/tcp open tcpwrapped 9100/tcp open jetdirect? 9101/tcp open jetdirect? 9102/tcp open jetdirect? 9103/tcp open jetdirect? 9110/tcp open tcpwrapped 9111/tcp open tcpwrapped 9200/tcp open tcpwrapped 9207/tcp open tcpwrapped 9220/tcp open tcpwrapped 9290/tcp open tcpwrapped 9415/tcp open tcpwrapped 9418/tcp open tcpwrapped 9485/tcp open tcpwrapped 9500/tcp open tcpwrapped 9502/tcp open tcpwrapped 9503/tcp open tcpwrapped 9535/tcp open tcpwrapped 9575/tcp open tcpwrapped 9593/tcp open tcpwrapped 9594/tcp open tcpwrapped 9595/tcp open tcpwrapped 9618/tcp open tcpwrapped 9666/tcp open tcpwrapped 9876/tcp open tcpwrapped 9877/tcp open tcpwrapped 9878/tcp open tcpwrapped 9898/tcp open tcpwrapped 9900/tcp open tcpwrapped 9917/tcp open tcpwrapped 9929/tcp open tcpwrapped 9943/tcp open tcpwrapped 9944/tcp open tcpwrapped 9968/tcp open tcpwrapped 9998/tcp open tcpwrapped 9999/tcp open tcpwrapped 10000/tcp open tcpwrapped 10001/tcp open tcpwrapped 10002/tcp open tcpwrapped 10003/tcp open tcpwrapped 10004/tcp open tcpwrapped 10009/tcp open tcpwrapped 10010/tcp open tcpwrapped 10012/tcp open tcpwrapped 10024/tcp open tcpwrapped 10025/tcp open tcpwrapped 10082/tcp open tcpwrapped 10180/tcp open tcpwrapped 10215/tcp open tcpwrapped 10243/tcp open tcpwrapped 10566/tcp open tcpwrapped 10616/tcp open tcpwrapped 10617/tcp open tcpwrapped 10621/tcp open tcpwrapped 10626/tcp open tcpwrapped 10628/tcp open tcpwrapped 10629/tcp open tcpwrapped 10778/tcp open tcpwrapped 11110/tcp open tcpwrapped 11111/tcp open tcpwrapped 11967/tcp open tcpwrapped 12000/tcp open tcpwrapped 12174/tcp open tcpwrapped 12265/tcp open tcpwrapped 12345/tcp open tcpwrapped 13456/tcp open tcpwrapped 13722/tcp open tcpwrapped 13782/tcp open tcpwrapped 13783/tcp open tcpwrapped 14000/tcp open tcpwrapped 14238/tcp open tcpwrapped 14441/tcp open tcpwrapped 14442/tcp open tcpwrapped 15000/tcp open tcpwrapped 15002/tcp open tcpwrapped 15003/tcp open tcpwrapped 15004/tcp open tcpwrapped 15660/tcp open tcpwrapped 15742/tcp open tcpwrapped 16000/tcp open tcpwrapped 16001/tcp open tcpwrapped 16012/tcp open tcpwrapped 16016/tcp open tcpwrapped 16018/tcp open tcpwrapped 16080/tcp open tcpwrapped 16113/tcp open tcpwrapped 16992/tcp open tcpwrapped 16993/tcp open tcpwrapped 17877/tcp open tcpwrapped 17988/tcp open tcpwrapped 18040/tcp open tcpwrapped 18101/tcp open tcpwrapped 18988/tcp open tcpwrapped 19101/tcp open tcpwrapped 19283/tcp open tcpwrapped 19315/tcp open tcpwrapped 19350/tcp open tcpwrapped 19780/tcp open tcpwrapped 19801/tcp open tcpwrapped 19842/tcp open tcpwrapped 20000/tcp open tcpwrapped 20005/tcp open tcpwrapped 20031/tcp open tcpwrapped 20221/tcp open tcpwrapped 20222/tcp open tcpwrapped 20828/tcp open tcpwrapped 21571/tcp open tcpwrapped 22939/tcp open tcpwrapped 23502/tcp open tcpwrapped 24444/tcp open tcpwrapped 24800/tcp open tcpwrapped 25734/tcp open tcpwrapped 25735/tcp open tcpwrapped 26214/tcp open tcpwrapped 27000/tcp open tcpwrapped 27352/tcp open tcpwrapped 27353/tcp open tcpwrapped 27355/tcp open tcpwrapped 27356/tcp open tcpwrapped 27715/tcp open tcpwrapped 28201/tcp open tcpwrapped 30000/tcp open tcpwrapped 30718/tcp open tcpwrapped 30951/tcp open tcpwrapped 31038/tcp open tcpwrapped 31337/tcp open tcpwrapped 32768/tcp open tcpwrapped 32769/tcp open tcpwrapped 32770/tcp open tcpwrapped 32771/tcp open tcpwrapped 32772/tcp open tcpwrapped 32773/tcp open tcpwrapped 32774/tcp open tcpwrapped 32775/tcp open tcpwrapped 32776/tcp open tcpwrapped 32777/tcp open tcpwrapped 32778/tcp open tcpwrapped 32779/tcp open tcpwrapped 32780/tcp open tcpwrapped 32781/tcp open tcpwrapped 32782/tcp open tcpwrapped 32783/tcp open tcpwrapped 32784/tcp open tcpwrapped 32785/tcp open tcpwrapped 33354/tcp open tcpwrapped 33899/tcp open tcpwrapped 34571/tcp open tcpwrapped 34572/tcp open tcpwrapped 34573/tcp open tcpwrapped 35500/tcp open tcpwrapped 38292/tcp open tcpwrapped 40193/tcp open tcpwrapped 40911/tcp open tcpwrapped 41511/tcp open tcpwrapped 42510/tcp open tcpwrapped 44176/tcp open tcpwrapped 44442/tcp open tcpwrapped 44443/tcp open tcpwrapped 44501/tcp open tcpwrapped 45100/tcp open tcpwrapped 49152/tcp open msrpc Microsoft Windows RPC 49153/tcp open msrpc Microsoft Windows RPC 49154/tcp open msrpc Microsoft Windows RPC 49155/tcp open msrpc Microsoft Windows RPC 49156/tcp open tcpwrapped 49157/tcp open msrpc Microsoft Windows RPC 49158/tcp open msrpc Microsoft Windows RPC 49160/tcp open tcpwrapped 49161/tcp open tcpwrapped 49163/tcp open tcpwrapped 49165/tcp open tcpwrapped 49167/tcp open tcpwrapped 49175/tcp open tcpwrapped 49176/tcp open tcpwrapped 49400/tcp open tcpwrapped 49999/tcp open tcpwrapped 50003/tcp open tcpwrapped 50006/tcp open tcpwrapped 50389/tcp open tcpwrapped 52822/tcp open tcpwrapped 52869/tcp open tcpwrapped 55056/tcp open tcpwrapped 55555/tcp open tcpwrapped 57294/tcp open tcpwrapped 60020/tcp open tcpwrapped 60443/tcp open tcpwrapped 64623/tcp open tcpwrapped Device type: general purpose Running: Microsoft Windows 7|2008|8.1 OS CPE: cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_server_2008:r2:sp1 cpe:/o:microsoft:windows_8.1 OS details: Microsoft Windows 7 SP1 or Windows Server 2008 R2 SP1 or Windows 8.1 Update 1 Uptime guess: 269.255 days (since Fri Sep 28 10:44:32 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: Incrementing by 2 Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 2.00 ms mainhost.mailbeleid.nl (217.23.1.27)

Nmap scan report for customer.worldstream.nl (217.23.1.28) Host is up (0.011s latency). All 1000 scanned ports on customer.worldstream.nl (217.23.1.28) are filtered Too many fingerprints match this host to give specific OS details Network Distance: 2 hops

TRACEROUTE (using proto 1/icmp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms customer.worldstream.nl (217.23.1.28)

Nmap scan report for snflap-001034.sunflowerrapp.com (217.23.1.34) Host is up (0.019s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp closed smtp 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE |_ Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Apache HTTP Server Test Page powered by CentOS 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:04:35+00:00; -39m23s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 OS details: Linux 2.6.32 Uptime guess: 34.630 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -39m23s, deviation: 0s, median: -39m23s

TRACEROUTE (using port 25/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms snflap-001034.sunflowerrapp.com (217.23.1.34)

Nmap scan report for nl.lowpinggameservers.com (217.23.1.38) Host is up (0.015s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 88/tcp open http OpenResty web app server 1.13.6.2 2022/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 b5:fe:0e:e3:3f:6f:69:7b:87:52:73:2e:42:c9:10:7c (RSA) | 256 82:e3:7b:37:3a:a6:b6:fc:38:4f:04:21:90:2c:b6:27 (ECDSA) |_ 256 35:48:99:ac:bd:09:82:20:04:2d:37:2c:eb:f8:10:7f (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 176.206 days (since Sun Dec 30 10:56:25 2018) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=248 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms nl.lowpinggameservers.com (217.23.1.38)

Nmap scan report for customer.worldstream.nl (217.23.1.40) Host is up (0.015s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u4 (protocol 2.0) | ssh-hostkey: | 2048 44:6b:a9:e4:11:36:6b:1e:f0:34:e6:56:b2:82:63:4e (RSA) | 256 47:4a:5c:5a:fb:6b:27:dd:13:cb:4b:e4:33:2f:73:38 (ECDSA) |_ 256 ac:5f:28:5a:47:47:5e:6e:b3:8b:47:9a:ef:eb:6d:f0 (ED25519) 80/tcp open http nginx 1.12.2 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.12.2 |http-title: Did not follow redirect to https://217.23.1.40/ 443/tcp open ssl/http nginx 1.12.2 | http-auth: | HTTP/1.1 401 Unauthorized\x0D | Basic realm=Association de Defense des Tigres - Zone securisee |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: nginx/1.12.2 |_http-title: 404 Not Found | ssl-cert: Subject: commonName=217.23.1.40/organizationName=addt/stateOrProvinceName=PRS/countryName=FR | Issuer: commonName=217.23.1.40/organizationName=addt/stateOrProvinceName=PRS/countryName=FR | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-07-07T17:04:15 | Not valid after: 2027-07-05T17:04:15 | MD5: 1ddc df42 11f0 508d e592 33f0 8b18 49a3 |_SHA-1: f3ec f973 66c1 b580 4668 e8e7 37d7 4aa0 afd6 5f2e Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 53.203 days (since Thu May 02 12:00:15 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=255 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.40)

Nmap scan report for mx.mskon.ru (217.23.1.41) Host is up (0.23s latency). Not shown: 993 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh MikroTik RouterOS sshd (protocol 2.0) | ssh-hostkey: | 1024 2e:b1:08:56:0e:2e:84:44:02:39:26:08:7c:16:d8:96 (DSA) |_ 2048 fa:a3:10:f4:f6:64:08:61:3c:4a:38:8c:db:09:9e:47 (RSA) 25/tcp open smtp Microsoft Exchange smtpd | smtp-commands: EXCHCAS Hello [217.23.15.11], SIZE 104857600, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, X-ANONYMOUSTLS, AUTH, X-EXPS GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, XRDST, |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT | ssl-cert: Subject: commonName=mail.mskon.ru/organizationName=IT/stateOrProvinceName=RU/countryName=RU | Subject Alternative Name: DNS:mail.mskon.ru, DNS:exchcas.prof.local, DNS:ews.mskon.ru, DNS:AutoDiscover.prof.local, DNS:AutoDiscover.mskon.ru, DNS:AutoDiscover.krson.ru, DNS:AutoDiscover.dontransagro.ru, DNS:AutoDiscover.prograin.ru, DNS:ExchCAS, DNS:prof.local, DNS:mskon.ru, DNS:krson.ru, DNS:dontransagro.ru, DNS:prograin.ru | Issuer: commonName=prof-DC2-CA | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2018-12-10T15:58:38 | Not valid after: 2019-12-10T16:08:38 | MD5: 361a 44d7 6f52 9a00 2006 3d93 0c3b af59 |_SHA-1: 1f57 8956 aab2 18f0 8386 5bae 0f12 01e0 7328 a369 |_ssl-date: 2019-06-24T14:44:18+00:00; +17s from scanner time. 53/tcp open domain (generic dns response: NOTIMP) 443/tcp open ssl/http Microsoft IIS httpd 8.0 |http-generator: Microsoft Word 15 | http-methods: | Supported Methods: OPTIONS TRACE GET HEAD POST | Potentially risky methods: TRACE |_http-server-header: Microsoft-IIS/8.0 |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=mail.mskon.ru/organizationName=IT/stateOrProvinceName=RU/countryName=RU | Subject Alternative Name: DNS:mail.mskon.ru, DNS:exchcas.prof.local, DNS:ews.mskon.ru, DNS:AutoDiscover.prof.local, DNS:AutoDiscover.mskon.ru, DNS:AutoDiscover.krson.ru, DNS:AutoDiscover.dontransagro.ru, DNS:AutoDiscover.prograin.ru, DNS:ExchCAS, DNS:prof.local, DNS:mskon.ru, DNS:krson.ru, DNS:dontransagro.ru, DNS:prograin.ru | Issuer: commonName=prof-DC2-CA | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2018-12-10T15:58:38 | Not valid after: 2019-12-10T16:08:38 | MD5: 361a 44d7 6f52 9a00 2006 3d93 0c3b af59 |_SHA-1: 1f57 8956 aab2 18f0 8386 5bae 0f12 01e0 7328 a369 |_ssl-date: 2019-06-24T14:44:16+00:00; +17s from scanner time. 1723/tcp open pptp MikroTik (Firmware: 1) 3389/tcp filtered ms-wbt-server 8291/tcp open unknown 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-TCP:V=7.70%I=7%D=6/24%Time=5D10DFC8%P=i686-pc-windows-windows%r( SF:DNSVersionBindReqTCP,E,"\0\x0c\0\x06\x81\x84\0\0\0\0\0\0\0\0")%r(DNSSta SF:tusRequestTCP,E,"\0\x0c\0\0\x90\x84\0\0\0\0\0\0\0\0"); Aggressive OS guesses: HP P2000 G3 NAS device (97%), MikroTik RouterOS 6.19 (Linux 3.3.5) (95%), Linux 2.6.32 - 3.13 (95%), MikroTik RouterOS 6.30 (94%), MikroTik RouterOS 6.33 (94%), AVM FRITZ!WLAN Repeater 450E (FritzOS 6.51) (94%), Hitron CVE-30360 router (94%), Linux 2.6.32 - 2.6.39 (94%), MikroTik RouterOS 6.32.1 (94%), MikroTik RouterOS 6.34 (94%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 409.996 days (since Thu May 10 16:58:12 2018) Network Distance: 3 hops TCP Sequence Prediction: Difficulty=250 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: EXCHCAS, ChehiaNEW; OSs: Linux, Windows; Device: router; CPE: cpe:/o:mikrotik:routeros, cpe:/o:microsoft:windows

Host script results: |_clock-skew: mean: 16s, deviation: 0s, median: 16s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hops 1-2 are the same as for 217.23.1.46 3 25.00 ms mx.mskon.ru (217.23.1.41)

Nmap scan report for gpy1-001043.goploy1.com (217.23.1.43) Host is up (0.030s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp open smtp | fingerprint-strings: | GenericLines, GetRequest, Help: | 421 maila.goploy1.com You talk too soon | Hello: | 220 maila.goploy1.com ESMTP Tmta | Error: syntax: EHLO hostname | NULL: |_ 220 maila.goploy1.com ESMTP Tmta | smtp-commands: maila.goploy1.com Nice to meet you, [217.23.15.11], PIPELINING, 8BITMIME, SMTPUTF8, |_ See https://tools.ietf.org/html/rfc5321 for details 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Did not follow redirect to http://www.goploy.com/ 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:05:06+00:00; -39m23s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port25-TCP:V=7.70%I=7%D=6/24%Time=5D10DFC9%P=i686-pc-windows-windows%r( SF:NULL,22,"220\x20maila.goploy1.com\x20ESMTP\x20Tmta\r\n")%r(Hello,44," SF:220\x20maila.goploy1.com\x20ESMTP\x20Tmta\r\n501\x20Error:\x20syntax: SF:\x20EHLO\x20hostname\r\n")%r(Help,29,"421\x20maila.goploy1.com\x20You SF:\x20talk\x20too\x20soon\r\n")%r(GenericLines,29,"421\x20maila.goploy1
SF:.com\x20You\x20talk\x20too\x20soon\r\n")%r(GetRequest,29,"421\x20maila
SF:.goploy1.com\x20You\x20talk\x20too\x20soon\r\n"); Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 OS details: Linux 2.6.32 Uptime guess: 34.630 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=263 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: goploy1.com

Host script results: |_clock-skew: mean: -39m23s, deviation: 0s, median: -39m23s

TRACEROUTE (using port 53/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms gpy1-001043.goploy1.com (217.23.1.43)

Nmap scan report for gpy1-001044.goploy1.com (217.23.1.44) Host is up (0.037s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp closed smtp 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE |_ Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Apache HTTP Server Test Page powered by CentOS 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:05:25+00:00; -39m23s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 OS details: Linux 2.6.32, Linux 2.6.32 or 3.10 Uptime guess: 34.630 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -39m23s, deviation: 0s, median: -39m23s

TRACEROUTE (using port 25/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms gpy1-001044.goploy1.com (217.23.1.44)

Nmap scan report for gpy1-001045.goploy1.com (217.23.1.45) Host is up (0.038s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp closed smtp 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 ((CentOS)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Apache HTTP Server Test Page powered by CentOS 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:04:43+00:00; -39m23s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 OS details: Linux 2.6.32 or 3.10 Uptime guess: 34.630 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -39m23s, deviation: 0s, median: -39m23s

TRACEROUTE (using port 25/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms gpy1-001045.goploy1.com (217.23.1.45)

Nmap scan report for customer.worldstream.nl (217.23.1.46) Host is up (0.033s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 443/tcp open ssl/https? |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-title: 404 Not Found |_sstp-discover: SSTP is supported. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10, Linux 2.6.32 - 3.13, Linux 3.2 - 3.16 Uptime guess: 93.678 days (since Fri Mar 22 23:35:48 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms customer.worldstream.nl (217.23.1.46)

Nmap scan report for customer.worldstream.nl (217.23.1.47) Host is up (0.0090s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 443/tcp open ssl/https? |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-title: 404 Not Found |_sstp-discover: SSTP is supported. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10, Linux 2.6.32 - 3.13, Linux 3.2 - 3.16 Uptime guess: 93.678 days (since Fri Mar 22 23:35:48 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.47)

Nmap scan report for google.com (217.23.1.48) Host is up (0.0059s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: C6ACEDAFF906029FC5455D9EC52C7F42 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: DD613EC73695DDB4DD4899E494C22786 |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8598 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: "L;!4"L9vh)/O!Sao*!f | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.886 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms google.com (217.23.1.48)

Nmap scan report for 217.23.1.49 [host down] Nmap scan report for 217.23.1.50 [host down] Nmap scan report for 217.23.1.52 [host down] Nmap scan report for 217.23.1.57 [host down] Nmap scan report for 217.23.1.60 [host down] Nmap scan report for 217.23.1.64 [host down] Nmap scan report for 217.23.1.69 [host down] Nmap scan report for 217.23.1.73 [host down] Nmap scan report for 217.23.1.75 [host down] Nmap scan report for 217.23.1.77 [host down] Nmap scan report for 217.23.1.84 [host down] Nmap scan report for 217.23.1.93 [host down] Nmap scan report for 217.23.1.98 [host down] Nmap scan report for 217.23.1.99 [host down] Nmap scan report for 217.23.1.100 [host down] Nmap scan report for 217.23.1.101 [host down] Nmap scan report for 217.23.1.102 [host down] Nmap scan report for 217.23.1.107 [host down] Nmap scan report for 217.23.1.112 [host down] Nmap scan report for 217.23.1.113 [host down] Nmap scan report for 217.23.1.120 [host down] Nmap scan report for 217.23.1.121 [host down] Nmap scan report for 217.23.1.125 [host down] Nmap scan report for 217.23.1.127 [host down] Nmap scan report for 217.23.1.128 [host down] Nmap scan report for 217.23.1.129 [host down] Nmap scan report for 217.23.1.132 [host down] Nmap scan report for 217.23.1.134 [host down] Nmap scan report for 217.23.1.135 [host down] Nmap scan report for 217.23.1.136 [host down] Nmap scan report for 217.23.1.137 [host down] Nmap scan report for 217.23.1.138 [host down] Nmap scan report for 217.23.1.139 [host down] Nmap scan report for 217.23.1.141 [host down] Nmap scan report for 217.23.1.142 [host down] Nmap scan report for 217.23.1.147 [host down] Nmap scan report for 217.23.1.148 [host down] Initiating SYN Stealth Scan at 16:52 Scanning 64 hosts [1000 ports/host] Discovered open port 139/tcp on 217.23.1.62 Discovered open port 139/tcp on 217.23.1.65 Discovered open port 139/tcp on 217.23.1.66 Discovered open port 139/tcp on 217.23.1.67 Discovered open port 139/tcp on 217.23.1.70 Discovered open port 139/tcp on 217.23.1.85 Discovered open port 139/tcp on 217.23.1.86 Discovered open port 139/tcp on 217.23.1.88 Discovered open port 139/tcp on 217.23.1.103 Discovered open port 139/tcp on 217.23.1.104 Discovered open port 139/tcp on 217.23.1.96 Discovered open port 139/tcp on 217.23.1.130 Discovered open port 139/tcp on 217.23.1.58 Discovered open port 139/tcp on 217.23.1.74 Discovered open port 25/tcp on 217.23.1.62 Discovered open port 25/tcp on 217.23.1.61 Discovered open port 25/tcp on 217.23.1.66 Discovered open port 25/tcp on 217.23.1.67 Discovered open port 25/tcp on 217.23.1.70 Discovered open port 25/tcp on 217.23.1.68 Discovered open port 25/tcp on 217.23.1.71 Discovered open port 25/tcp on 217.23.1.72 Discovered open port 25/tcp on 217.23.1.85 Discovered open port 25/tcp on 217.23.1.86 Discovered open port 25/tcp on 217.23.1.88 Discovered open port 25/tcp on 217.23.1.103 Discovered open port 25/tcp on 217.23.1.104 Discovered open port 25/tcp on 217.23.1.110 Discovered open port 25/tcp on 217.23.1.111 Discovered open port 25/tcp on 217.23.1.58 Discovered open port 25/tcp on 217.23.1.51 Discovered open port 25/tcp on 217.23.1.59 Discovered open port 25/tcp on 217.23.1.65 Discovered open port 25/tcp on 217.23.1.74 Discovered open port 25/tcp on 217.23.1.105 Discovered open port 25/tcp on 217.23.1.130 Discovered open port 25/tcp on 217.23.1.144 Discovered open port 135/tcp on 217.23.1.96 Discovered open port 53/tcp on 217.23.1.62 Discovered open port 53/tcp on 217.23.1.66 Discovered open port 53/tcp on 217.23.1.70 Discovered open port 53/tcp on 217.23.1.85 Discovered open port 53/tcp on 217.23.1.86 Discovered open port 53/tcp on 217.23.1.88 Discovered open port 53/tcp on 217.23.1.103 Discovered open port 53/tcp on 217.23.1.104 Discovered open port 53/tcp on 217.23.1.110 Discovered open port 53/tcp on 217.23.1.111 Discovered open port 53/tcp on 217.23.1.51 Discovered open port 53/tcp on 217.23.1.58 Discovered open port 53/tcp on 217.23.1.61 Discovered open port 445/tcp on 217.23.1.62 Discovered open port 53/tcp on 217.23.1.65 Discovered open port 445/tcp on 217.23.1.66 Discovered open port 53/tcp on 217.23.1.67 Discovered open port 53/tcp on 217.23.1.68 Discovered open port 445/tcp on 217.23.1.70 Discovered open port 53/tcp on 217.23.1.71 Discovered open port 53/tcp on 217.23.1.74 Discovered open port 53/tcp on 217.23.1.72 Discovered open port 445/tcp on 217.23.1.85 Discovered open port 445/tcp on 217.23.1.86 Discovered open port 445/tcp on 217.23.1.103 Discovered open port 445/tcp on 217.23.1.104 Discovered open port 53/tcp on 217.23.1.105 Discovered open port 445/tcp on 217.23.1.96 Discovered open port 53/tcp on 217.23.1.130 Discovered open port 53/tcp on 217.23.1.144 Discovered open port 445/tcp on 217.23.1.58 Discovered open port 53/tcp on 217.23.1.59 Discovered open port 445/tcp on 217.23.1.65 Discovered open port 445/tcp on 217.23.1.67 Discovered open port 445/tcp on 217.23.1.74 Discovered open port 445/tcp on 217.23.1.88 Discovered open port 445/tcp on 217.23.1.130 Discovered open port 443/tcp on 217.23.1.62 Discovered open port 443/tcp on 217.23.1.66 Discovered open port 443/tcp on 217.23.1.70 Discovered open port 443/tcp on 217.23.1.85 Discovered open port 443/tcp on 217.23.1.86 Discovered open port 443/tcp on 217.23.1.104 Discovered open port 443/tcp on 217.23.1.110 Discovered open port 443/tcp on 217.23.1.108 Discovered open port 443/tcp on 217.23.1.116 Discovered open port 443/tcp on 217.23.1.119 Discovered open port 443/tcp on 217.23.1.124 Discovered open port 443/tcp on 217.23.1.131 Discovered open port 443/tcp on 217.23.1.51 Discovered open port 443/tcp on 217.23.1.61 Discovered open port 443/tcp on 217.23.1.65 Discovered open port 443/tcp on 217.23.1.63 Discovered open port 443/tcp on 217.23.1.67 Discovered open port 443/tcp on 217.23.1.68 Discovered open port 443/tcp on 217.23.1.71 Discovered open port 443/tcp on 217.23.1.72 Discovered open port 443/tcp on 217.23.1.74 Discovered open port 443/tcp on 217.23.1.88 Discovered open port 22/tcp on 217.23.1.95 Discovered open port 443/tcp on 217.23.1.103 Discovered open port 443/tcp on 217.23.1.105 Discovered open port 22/tcp on 217.23.1.110 Discovered open port 443/tcp on 217.23.1.111 Discovered open port 22/tcp on 217.23.1.117 Discovered open port 22/tcp on 217.23.1.108 Discovered open port 443/tcp on 217.23.1.126 Discovered open port 443/tcp on 217.23.1.97 Discovered open port 443/tcp on 217.23.1.130 Discovered open port 22/tcp on 217.23.1.116 Discovered open port 22/tcp on 217.23.1.119 Discovered open port 443/tcp on 217.23.1.123 Discovered open port 22/tcp on 217.23.1.124 Discovered open port 22/tcp on 217.23.1.131 Discovered open port 443/tcp on 217.23.1.144 Discovered open port 22/tcp on 217.23.1.51 Discovered open port 22/tcp on 217.23.1.53 Discovered open port 443/tcp on 217.23.1.146 Discovered open port 443/tcp on 217.23.1.54 Discovered open port 443/tcp on 217.23.1.58 Discovered open port 443/tcp on 217.23.1.59 Discovered open port 21/tcp on 217.23.1.62 Discovered open port 22/tcp on 217.23.1.61 Discovered open port 21/tcp on 217.23.1.70 Discovered open port 22/tcp on 217.23.1.68 Discovered open port 22/tcp on 217.23.1.71 Discovered open port 22/tcp on 217.23.1.72 Discovered open port 21/tcp on 217.23.1.85 Discovered open port 21/tcp on 217.23.1.86 Discovered open port 22/tcp on 217.23.1.76 Discovered open port 22/tcp on 217.23.1.90 Discovered open port 21/tcp on 217.23.1.104 Discovered open port 22/tcp on 217.23.1.105 Discovered open port 22/tcp on 217.23.1.89 Discovered open port 21/tcp on 217.23.1.110 Discovered open port 22/tcp on 217.23.1.111 Discovered open port 22/tcp on 217.23.1.126 Discovered open port 22/tcp on 217.23.1.133 Discovered open port 22/tcp on 217.23.1.144 Discovered open port 22/tcp on 217.23.1.140 Discovered open port 22/tcp on 217.23.1.97 Discovered open port 22/tcp on 217.23.1.54 Discovered open port 21/tcp on 217.23.1.51 Discovered open port 22/tcp on 217.23.1.59 Discovered open port 22/tcp on 217.23.1.55 Discovered open port 21/tcp on 217.23.1.61 Discovered open port 22/tcp on 217.23.1.123 Discovered open port 21/tcp on 217.23.1.66 Discovered open port 22/tcp on 217.23.1.146 Discovered open port 21/tcp on 217.23.1.67 Discovered open port 21/tcp on 217.23.1.68 Discovered open port 21/tcp on 217.23.1.71 Discovered open port 21/tcp on 217.23.1.88 Discovered open port 21/tcp on 217.23.1.76 Discovered open port 21/tcp on 217.23.1.103 Discovered open port 21/tcp on 217.23.1.105 Discovered open port 21/tcp on 217.23.1.111 Discovered open port 21/tcp on 217.23.1.130 Discovered open port 21/tcp on 217.23.1.144 Discovered open port 21/tcp on 217.23.1.58 Discovered open port 21/tcp on 217.23.1.59 Discovered open port 21/tcp on 217.23.1.54 Discovered open port 143/tcp on 217.23.1.62 Discovered open port 22/tcp on 217.23.1.145 Discovered open port 21/tcp on 217.23.1.65 Discovered open port 143/tcp on 217.23.1.70 Discovered open port 21/tcp on 217.23.1.72 Discovered open port 21/tcp on 217.23.1.74 Discovered open port 143/tcp on 217.23.1.85 Discovered open port 143/tcp on 217.23.1.86 Discovered open port 143/tcp on 217.23.1.104 Discovered open port 143/tcp on 217.23.1.110 Discovered open port 143/tcp on 217.23.1.51 Discovered open port 143/tcp on 217.23.1.61 Discovered open port 143/tcp on 217.23.1.66 Discovered open port 143/tcp on 217.23.1.67 Discovered open port 143/tcp on 217.23.1.68 Discovered open port 143/tcp on 217.23.1.71 Discovered open port 143/tcp on 217.23.1.88 Discovered open port 143/tcp on 217.23.1.103 Discovered open port 143/tcp on 217.23.1.111 Discovered open port 143/tcp on 217.23.1.130 Discovered open port 143/tcp on 217.23.1.144 Discovered open port 143/tcp on 217.23.1.58 Discovered open port 80/tcp on 217.23.1.62 Discovered open port 143/tcp on 217.23.1.59 Discovered open port 143/tcp on 217.23.1.65 Discovered open port 80/tcp on 217.23.1.70 Discovered open port 143/tcp on 217.23.1.74 Discovered open port 143/tcp on 217.23.1.72 Discovered open port 80/tcp on 217.23.1.85 Discovered open port 80/tcp on 217.23.1.86 Discovered open port 143/tcp on 217.23.1.105 Discovered open port 25/tcp on 217.23.1.106 Discovered open port 80/tcp on 217.23.1.108 Discovered open port 80/tcp on 217.23.1.110 Discovered open port 80/tcp on 217.23.1.117 Discovered open port 80/tcp on 217.23.1.143 Discovered open port 80/tcp on 217.23.1.116 Discovered open port 80/tcp on 217.23.1.119 Discovered open port 80/tcp on 217.23.1.124 Discovered open port 80/tcp on 217.23.1.131 Discovered open port 80/tcp on 217.23.1.61 Discovered open port 80/tcp on 217.23.1.63 Discovered open port 80/tcp on 217.23.1.71 Discovered open port 80/tcp on 217.23.1.88 Discovered open port 1723/tcp on 217.23.1.90 Discovered open port 80/tcp on 217.23.1.103 Discovered open port 80/tcp on 217.23.1.97 Discovered open port 135/tcp on 217.23.1.109 Discovered open port 80/tcp on 217.23.1.111 Discovered open port 80/tcp on 217.23.1.126 Discovered open port 80/tcp on 217.23.1.144 Discovered open port 80/tcp on 217.23.1.123 Discovered open port 80/tcp on 217.23.1.51 Discovered open port 80/tcp on 217.23.1.146 Discovered open port 80/tcp on 217.23.1.58 Discovered open port 80/tcp on 217.23.1.59 Discovered open port 587/tcp on 217.23.1.61 Discovered open port 80/tcp on 217.23.1.65 Discovered open port 80/tcp on 217.23.1.74 Discovered open port 80/tcp on 217.23.1.68 Discovered open port 587/tcp on 217.23.1.71 Discovered open port 80/tcp on 217.23.1.72 Discovered open port 53/tcp on 217.23.1.81 Discovered open port 53/tcp on 217.23.1.82 Discovered open port 53/tcp on 217.23.1.83 Discovered open port 993/tcp on 217.23.1.110 Discovered open port 53/tcp on 217.23.1.114 Discovered open port 587/tcp on 217.23.1.144 Discovered open port 587/tcp on 217.23.1.51 Discovered open port 111/tcp on 217.23.1.62 Discovered open port 993/tcp on 217.23.1.61 Discovered open port 111/tcp on 217.23.1.70 Discovered open port 587/tcp on 217.23.1.68 Discovered open port 993/tcp on 217.23.1.71 Discovered open port 111/tcp on 217.23.1.85 Discovered open port 111/tcp on 217.23.1.86 Discovered open port 111/tcp on 217.23.1.95 Discovered open port 80/tcp on 217.23.1.105 Discovered open port 53/tcp on 217.23.1.106 Discovered open port 445/tcp on 217.23.1.109 Discovered open port 993/tcp on 217.23.1.111 Discovered open port 993/tcp on 217.23.1.144 Discovered open port 993/tcp on 217.23.1.51 Discovered open port 587/tcp on 217.23.1.59 Discovered open port 111/tcp on 217.23.1.61 Discovered open port 111/tcp on 217.23.1.71 Discovered open port 587/tcp on 217.23.1.72 Discovered open port 111/tcp on 217.23.1.103 Discovered open port 587/tcp on 217.23.1.105 Discovered open port 111/tcp on 217.23.1.130 Discovered open port 111/tcp on 217.23.1.133 Discovered open port 111/tcp on 217.23.1.51 Discovered open port 993/tcp on 217.23.1.59 Discovered open port 111/tcp on 217.23.1.66 Discovered open port 111/tcp on 217.23.1.67 Discovered open port 993/tcp on 217.23.1.68 Discovered open port 993/tcp on 217.23.1.72 Discovered open port 111/tcp on 217.23.1.88 Discovered open port 443/tcp on 217.23.1.91 Discovered open port 443/tcp on 217.23.1.94 Discovered open port 443/tcp on 217.23.1.92 Discovered open port 111/tcp on 217.23.1.104 Discovered open port 993/tcp on 217.23.1.105 Discovered open port 995/tcp on 217.23.1.110 Discovered open port 443/tcp on 217.23.1.114 Discovered open port 443/tcp on 217.23.1.118 Discovered open port 111/tcp on 217.23.1.126 Discovered open port 111/tcp on 217.23.1.58 Discovered open port 110/tcp on 217.23.1.62 Discovered open port 111/tcp on 217.23.1.59 Discovered open port 995/tcp on 217.23.1.61 Discovered open port 111/tcp on 217.23.1.65 Discovered open port 111/tcp on 217.23.1.68 Discovered open port 111/tcp on 217.23.1.74 Discovered open port 995/tcp on 217.23.1.71 Discovered open port 111/tcp on 217.23.1.72 Discovered open port 110/tcp on 217.23.1.85 Discovered open port 110/tcp on 217.23.1.86 Discovered open port 443/tcp on 217.23.1.81 Discovered open port 443/tcp on 217.23.1.82 Discovered open port 22/tcp on 217.23.1.83 Discovered open port 22/tcp on 217.23.1.92 Discovered open port 443/tcp on 217.23.1.106 Discovered open port 110/tcp on 217.23.1.110 Discovered open port 995/tcp on 217.23.1.111 Discovered open port 995/tcp on 217.23.1.144 Discovered open port 995/tcp on 217.23.1.51 Discovered open port 110/tcp on 217.23.1.61 Discovered open port 110/tcp on 217.23.1.70 Discovered open port 110/tcp on 217.23.1.71 Discovered open port 110/tcp on 217.23.1.103 Discovered open port 22/tcp on 217.23.1.106 Discovered open port 110/tcp on 217.23.1.111 Discovered open port 21/tcp on 217.23.1.114 Discovered open port 443/tcp on 217.23.1.122 Discovered open port 110/tcp on 217.23.1.130 Discovered open port 110/tcp on 217.23.1.144 Discovered open port 443/tcp on 217.23.1.149 Discovered open port 995/tcp on 217.23.1.59 Discovered open port 110/tcp on 217.23.1.104 Discovered open port 995/tcp on 217.23.1.105 Discovered open port 21/tcp on 217.23.1.109 Discovered open port 110/tcp on 217.23.1.58 Discovered open port 110/tcp on 217.23.1.51 Discovered open port 110/tcp on 217.23.1.59 Discovered open port 110/tcp on 217.23.1.66 Discovered open port 995/tcp on 217.23.1.72 Discovered open port 110/tcp on 217.23.1.88 Discovered open port 110/tcp on 217.23.1.105 Discovered open port 110/tcp on 217.23.1.65 Discovered open port 110/tcp on 217.23.1.67 Discovered open port 995/tcp on 217.23.1.68 Discovered open port 110/tcp on 217.23.1.72 Discovered open port 110/tcp on 217.23.1.68 Discovered open port 110/tcp on 217.23.1.74 Discovered open port 443/tcp on 217.23.1.79 Discovered open port 22/tcp on 217.23.1.80 Discovered open port 3306/tcp on 217.23.1.85 Discovered open port 3306/tcp on 217.23.1.86 Discovered open port 80/tcp on 217.23.1.83 Discovered open port 80/tcp on 217.23.1.91 Discovered open port 80/tcp on 217.23.1.114 Discovered open port 3306/tcp on 217.23.1.62 Discovered open port 3306/tcp on 217.23.1.61 Discovered open port 80/tcp on 217.23.1.92 Discovered open port 80/tcp on 217.23.1.94 Discovered open port 3306/tcp on 217.23.1.103 Discovered open port 3306/tcp on 217.23.1.130 Discovered open port 3306/tcp on 217.23.1.144 Discovered open port 22/tcp on 217.23.1.79 Discovered open port 80/tcp on 217.23.1.81 Discovered open port 80/tcp on 217.23.1.82 Discovered open port 3306/tcp on 217.23.1.104 Discovered open port 3306/tcp on 217.23.1.51 Discovered open port 3306/tcp on 217.23.1.58 Discovered open port 3306/tcp on 217.23.1.54 Discovered open port 3306/tcp on 217.23.1.59 Discovered open port 3306/tcp on 217.23.1.66 Discovered open port 3306/tcp on 217.23.1.70 Discovered open port 3306/tcp on 217.23.1.71 Discovered open port 3306/tcp on 217.23.1.88 Discovered open port 3306/tcp on 217.23.1.105 Discovered open port 80/tcp on 217.23.1.122 Discovered open port 80/tcp on 217.23.1.149 Discovered open port 3306/tcp on 217.23.1.65 Discovered open port 3306/tcp on 217.23.1.72 Discovered open port 3389/tcp on 217.23.1.87 Discovered open port 3306/tcp on 217.23.1.67 Discovered open port 3306/tcp on 217.23.1.74 Discovered open port 80/tcp on 217.23.1.80 Discovered open port 3306/tcp on 217.23.1.68 Discovered open port 3389/tcp on 217.23.1.109 Discovered open port 3389/tcp on 217.23.1.56 Discovered open port 80/tcp on 217.23.1.79 Discovered open port 3306/tcp on 217.23.1.114 Discovered open port 9080/tcp on 217.23.1.115 Discovered open port 10000/tcp on 217.23.1.81 Discovered open port 10000/tcp on 217.23.1.82 Discovered open port 8000/tcp on 217.23.1.115 Discovered open port 6101/tcp on 217.23.1.95 Discovered open port 222/tcp on 217.23.1.117 Discovered open port 5001/tcp on 217.23.1.95 Discovered open port 8022/tcp on 217.23.1.81 Discovered open port 8022/tcp on 217.23.1.83 Discovered open port 902/tcp on 217.23.1.115 Discovered open port 8022/tcp on 217.23.1.82 Discovered open port 3000/tcp on 217.23.1.103 Discovered open port 3000/tcp on 217.23.1.104 Discovered open port 3000/tcp on 217.23.1.62 Discovered open port 3000/tcp on 217.23.1.66 Discovered open port 3000/tcp on 217.23.1.67 Discovered open port 3000/tcp on 217.23.1.85 Discovered open port 3000/tcp on 217.23.1.58 Discovered open port 3000/tcp on 217.23.1.88 Discovered open port 3000/tcp on 217.23.1.65 Discovered open port 3000/tcp on 217.23.1.86 Discovered open port 3000/tcp on 217.23.1.130 Discovered open port 3000/tcp on 217.23.1.74 Discovered open port 3000/tcp on 217.23.1.70 SYN Stealth Scan Timing: About 23.28% done; ETC: 16:54 (0:01:42 remaining) Discovered open port 5666/tcp on 217.23.1.54 Discovered open port 8300/tcp on 217.23.1.115 Discovered open port 2222/tcp on 217.23.1.144 Discovered open port 2222/tcp on 217.23.1.61 Discovered open port 2222/tcp on 217.23.1.51 Discovered open port 8081/tcp on 217.23.1.95 Discovered open port 2222/tcp on 217.23.1.71 Discovered open port 2222/tcp on 217.23.1.105 Discovered open port 2222/tcp on 217.23.1.72 Discovered open port 2222/tcp on 217.23.1.59 Discovered open port 2222/tcp on 217.23.1.68 Discovered open port 1074/tcp on 217.23.1.95 Discovered open port 427/tcp on 217.23.1.115 Discovered open port 8443/tcp on 217.23.1.63 Discovered open port 8443/tcp on 217.23.1.110 Discovered open port 8443/tcp on 217.23.1.111 Discovered open port 8443/tcp on 217.23.1.81 Discovered open port 8443/tcp on 217.23.1.82 Discovered open port 8443/tcp on 217.23.1.83 Discovered open port 8443/tcp on 217.23.1.149 Discovered open port 8443/tcp on 217.23.1.114 Discovered open port 8443/tcp on 217.23.1.78 SYN Stealth Scan Timing: About 49.55% done; ETC: 16:54 (0:01:02 remaining) Discovered open port 17988/tcp on 217.23.1.108 Discovered open port 1080/tcp on 217.23.1.143 Discovered open port 9575/tcp on 217.23.1.95 Discovered open port 106/tcp on 217.23.1.110 Discovered open port 106/tcp on 217.23.1.111 SYN Stealth Scan Timing: About 67.31% done; ETC: 16:54 (0:00:44 remaining) Discovered open port 6669/tcp on 217.23.1.95 Discovered open port 1000/tcp on 217.23.1.83 Discovered open port 465/tcp on 217.23.1.71 Discovered open port 465/tcp on 217.23.1.144 Discovered open port 465/tcp on 217.23.1.110 Discovered open port 465/tcp on 217.23.1.111 Discovered open port 465/tcp on 217.23.1.59 Discovered open port 465/tcp on 217.23.1.105 Discovered open port 465/tcp on 217.23.1.51 Discovered open port 465/tcp on 217.23.1.72 Discovered open port 465/tcp on 217.23.1.68 Discovered open port 8090/tcp on 217.23.1.95 Discovered open port 465/tcp on 217.23.1.61 Discovered open port 27000/tcp on 217.23.1.95 Discovered open port 9103/tcp on 217.23.1.117 Increasing send delay for 217.23.1.78 from 0 to 5 due to 11 out of 26 dropped probes since last increase. Discovered open port 20000/tcp on 217.23.1.83 Discovered open port 20000/tcp on 217.23.1.81 Discovered open port 20000/tcp on 217.23.1.82 Discovered open port 10001/tcp on 217.23.1.106 Completed SYN Stealth Scan against 217.23.1.85 in 152.24s (63 hosts left) Discovered open port 49154/tcp on 217.23.1.109 Completed SYN Stealth Scan against 217.23.1.97 in 152.33s (62 hosts left) Completed SYN Stealth Scan against 217.23.1.54 in 152.79s (61 hosts left) Completed SYN Stealth Scan against 217.23.1.55 in 153.32s (60 hosts left) Completed SYN Stealth Scan against 217.23.1.86 in 153.32s (59 hosts left) Completed SYN Stealth Scan against 217.23.1.103 in 153.42s (58 hosts left) Completed SYN Stealth Scan against 217.23.1.144 in 153.46s (57 hosts left) Completed SYN Stealth Scan against 217.23.1.63 in 153.51s (56 hosts left) Completed SYN Stealth Scan against 217.23.1.92 in 154.17s (55 hosts left) Completed SYN Stealth Scan against 217.23.1.94 in 154.17s (54 hosts left) Completed SYN Stealth Scan against 217.23.1.143 in 154.70s (53 hosts left) Completed SYN Stealth Scan against 217.23.1.53 in 154.73s (52 hosts left) Completed SYN Stealth Scan against 217.23.1.62 in 154.75s (51 hosts left) Completed SYN Stealth Scan against 217.23.1.67 in 154.75s (50 hosts left) Completed SYN Stealth Scan against 217.23.1.58 in 154.78s (49 hosts left) Completed SYN Stealth Scan against 217.23.1.71 in 154.78s (48 hosts left) Completed SYN Stealth Scan against 217.23.1.110 in 158.06s (47 hosts left) Completed SYN Stealth Scan against 217.23.1.111 in 158.06s (46 hosts left) Completed SYN Stealth Scan against 217.23.1.59 in 158.07s (45 hosts left) Completed SYN Stealth Scan against 217.23.1.95 in 158.08s (44 hosts left) Completed SYN Stealth Scan against 217.23.1.96 in 158.08s (43 hosts left) Completed SYN Stealth Scan against 217.23.1.117 in 158.09s (42 hosts left) Completed SYN Stealth Scan against 217.23.1.140 in 158.13s (41 hosts left) Completed SYN Stealth Scan against 217.23.1.104 in 158.20s (40 hosts left) Completed SYN Stealth Scan against 217.23.1.90 in 158.24s (39 hosts left) Completed SYN Stealth Scan against 217.23.1.80 in 158.59s (38 hosts left) Completed SYN Stealth Scan against 217.23.1.88 in 158.64s (37 hosts left) Completed SYN Stealth Scan against 217.23.1.61 in 158.67s (36 hosts left) Completed SYN Stealth Scan against 217.23.1.145 in 158.67s (35 hosts left) Completed SYN Stealth Scan against 217.23.1.108 in 158.69s (34 hosts left) Completed SYN Stealth Scan against 217.23.1.70 in 158.70s (33 hosts left) Completed SYN Stealth Scan against 217.23.1.79 in 158.70s (32 hosts left) Completed SYN Stealth Scan against 217.23.1.91 in 158.70s (31 hosts left) Completed SYN Stealth Scan against 217.23.1.105 in 158.71s (30 hosts left) Completed SYN Stealth Scan against 217.23.1.116 in 158.71s (29 hosts left) Completed SYN Stealth Scan against 217.23.1.66 in 158.74s (28 hosts left) Completed SYN Stealth Scan against 217.23.1.72 in 158.74s (27 hosts left) Completed SYN Stealth Scan against 217.23.1.76 in 158.74s (26 hosts left) Completed SYN Stealth Scan against 217.23.1.89 in 158.76s (25 hosts left) Completed SYN Stealth Scan against 217.23.1.130 in 158.77s (24 hosts left) Completed SYN Stealth Scan against 217.23.1.68 in 158.85s (23 hosts left) Completed SYN Stealth Scan against 217.23.1.131 in 158.87s (22 hosts left) Completed SYN Stealth Scan against 217.23.1.74 in 158.88s (21 hosts left) Completed SYN Stealth Scan against 217.23.1.65 in 158.92s (20 hosts left) Completed SYN Stealth Scan against 217.23.1.83 in 159.25s (19 hosts left) Completed SYN Stealth Scan against 217.23.1.51 in 159.38s (18 hosts left) Completed SYN Stealth Scan against 217.23.1.119 in 159.38s (17 hosts left) Completed SYN Stealth Scan against 217.23.1.126 in 159.38s (16 hosts left) Completed SYN Stealth Scan against 217.23.1.124 in 159.44s (15 hosts left) Completed SYN Stealth Scan against 217.23.1.133 in 159.44s (14 hosts left) Completed SYN Stealth Scan against 217.23.1.146 in 159.44s (13 hosts left) Completed SYN Stealth Scan against 217.23.1.56 in 159.57s (12 hosts left) Completed SYN Stealth Scan against 217.23.1.81 in 159.57s (11 hosts left) Completed SYN Stealth Scan against 217.23.1.82 in 159.90s (10 hosts left) Completed SYN Stealth Scan against 217.23.1.106 in 159.94s (9 hosts left) Completed SYN Stealth Scan against 217.23.1.123 in 159.96s (8 hosts left) Completed SYN Stealth Scan against 217.23.1.87 in 160.07s (7 hosts left) Completed SYN Stealth Scan against 217.23.1.118 in 160.07s (6 hosts left) Completed SYN Stealth Scan against 217.23.1.109 in 160.35s (5 hosts left) Completed SYN Stealth Scan against 217.23.1.114 in 160.35s (4 hosts left) Completed SYN Stealth Scan against 217.23.1.115 in 160.35s (3 hosts left) Completed SYN Stealth Scan against 217.23.1.122 in 160.35s (2 hosts left) Completed SYN Stealth Scan against 217.23.1.149 in 160.53s (1 host left) Completed SYN Stealth Scan at 16:55, 190.08s elapsed (64000 total ports) Initiating Service scan at 16:55 Scanning 425 services on 64 hosts Service scan Timing: About 39.20% done; ETC: 16:56 (0:00:48 remaining) Service scan Timing: About 66.43% done; ETC: 16:57 (0:00:32 remaining) Completed Service scan at 17:00, 300.70s elapsed (426 services on 64 hosts) Initiating OS detection (try #1) against 64 hosts Completed os scan against 217.23.1.51 in 28.563s (63 hosts left) Completed os scan against 217.23.1.53 in 28.563s (62 hosts left) Completed os scan against 217.23.1.54 in 28.563s (61 hosts left) Completed os scan against 217.23.1.55 in 28.563s (60 hosts left) Completed os scan against 217.23.1.58 in 28.563s (59 hosts left) Completed os scan against 217.23.1.59 in 28.563s (58 hosts left) Completed os scan against 217.23.1.61 in 28.563s (57 hosts left) Completed os scan against 217.23.1.62 in 28.563s (56 hosts left) Completed os scan against 217.23.1.63 in 28.563s (55 hosts left) Completed os scan against 217.23.1.65 in 28.563s (54 hosts left) Completed os scan against 217.23.1.66 in 28.563s (53 hosts left) Completed os scan against 217.23.1.67 in 28.563s (52 hosts left) Completed os scan against 217.23.1.68 in 28.563s (51 hosts left) Completed os scan against 217.23.1.70 in 28.563s (50 hosts left) Completed os scan against 217.23.1.71 in 28.563s (49 hosts left) Completed os scan against 217.23.1.72 in 28.563s (48 hosts left) Completed os scan against 217.23.1.74 in 28.563s (47 hosts left) Completed os scan against 217.23.1.76 in 28.563s (46 hosts left) Completed os scan against 217.23.1.78 in 28.563s (45 hosts left) Completed os scan against 217.23.1.85 in 28.563s (44 hosts left) Completed os scan against 217.23.1.86 in 28.563s (43 hosts left) Completed os scan against 217.23.1.88 in 28.563s (42 hosts left) Completed os scan against 217.23.1.89 in 28.563s (41 hosts left) Completed os scan against 217.23.1.90 in 28.563s (40 hosts left) Completed os scan against 217.23.1.91 in 28.563s (39 hosts left) Completed os scan against 217.23.1.92 in 28.563s (38 hosts left) Completed os scan against 217.23.1.94 in 28.563s (37 hosts left) Completed os scan against 217.23.1.95 in 28.563s (36 hosts left) Completed os scan against 217.23.1.97 in 28.563s (35 hosts left) Completed os scan against 217.23.1.103 in 28.563s (34 hosts left) Completed os scan against 217.23.1.104 in 28.563s (33 hosts left) Completed os scan against 217.23.1.105 in 28.563s (32 hosts left) Completed os scan against 217.23.1.106 in 28.563s (31 hosts left) Completed os scan against 217.23.1.108 in 28.563s (30 hosts left) Completed os scan against 217.23.1.109 in 28.563s (29 hosts left) Completed os scan against 217.23.1.110 in 28.563s (28 hosts left) Completed os scan against 217.23.1.111 in 28.563s (27 hosts left) Completed os scan against 217.23.1.114 in 28.563s (26 hosts left) Completed os scan against 217.23.1.116 in 28.563s (25 hosts left) Completed os scan against 217.23.1.118 in 28.563s (24 hosts left) Completed os scan against 217.23.1.119 in 28.563s (23 hosts left) Completed os scan against 217.23.1.123 in 28.563s (22 hosts left) Completed os scan against 217.23.1.124 in 28.563s (21 hosts left) Completed os scan against 217.23.1.126 in 28.563s (20 hosts left) Completed os scan against 217.23.1.130 in 28.563s (19 hosts left) Completed os scan against 217.23.1.131 in 28.563s (18 hosts left) Completed os scan against 217.23.1.140 in 28.563s (17 hosts left) Completed os scan against 217.23.1.143 in 28.563s (16 hosts left) Completed os scan against 217.23.1.144 in 28.563s (15 hosts left) Completed os scan against 217.23.1.146 in 28.563s (14 hosts left) Completed os scan against 217.23.1.149 in 28.563s (13 hosts left) Retrying OS detection (try #2) against 13 hosts Retrying OS detection (try #3) against 3 hosts Retrying OS detection (try #4) against 3 hosts Retrying OS detection (try #5) against 3 hosts Initiating Traceroute at 17:01 Completed Traceroute at 17:01, 9.31s elapsed Initiating Parallel DNS resolution of 66 hosts. at 17:01 Completed Parallel DNS resolution of 66 hosts. at 17:01, 1.76s elapsed NSE: Script scanning 64 hosts. Initiating NSE at 17:01 NSOCK ERROR [2970.7050s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #7905): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2973.0330s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #7925): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2976.4130s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #7950): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2979.0240s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #7969): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2981.8220s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8004): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2981.9050s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8004): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2985.6620s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8059): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2986.6610s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8074): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2993.5500s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8125): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2995.6350s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8147): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [2996.3060s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8163): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3002.4520s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8258): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3003.8610s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8269): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3009.1770s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8342): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3009.9560s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8350): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3010.7560s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8365): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3011.8510s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8377): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3013.8130s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8414): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3014.5480s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8423): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3015.3970s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8440): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3016.9040s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8457): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3018.0000s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8477): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3019.9120s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8500): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3021.7620s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8534): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3021.7690s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8534): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3022.6470s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8541): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3024.7170s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8582): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3025.7000s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8605): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3025.9990s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8616): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3026.4600s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8628): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3027.0500s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8637): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3027.7420s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8652): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3028.5290s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8663): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3032.4980s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8747): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3036.1310s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8808): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3037.5490s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8825): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3038.4300s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8834): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3043.2020s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8919): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3043.6590s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #8925): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3053.8520s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9028): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3058.7580s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9047): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3068.4870s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9131): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3069.0330s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9149): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3069.9440s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9172): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3069.9560s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9172): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3070.1830s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9180): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3072.0480s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9204): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3073.1840s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9226): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3073.7500s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9238): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3074.1010s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9248): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3074.6970s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9272): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3075.1430s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9288): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3075.3940s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9304): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3075.7910s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9324): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3076.0750s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9333): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3077.2810s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9361): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3077.6600s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9370): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3078.4430s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9392): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3079.3710s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9409): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3080.1860s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9428): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3082.3580s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9445): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3083.5480s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9472): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3085.1890s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9491): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3085.7690s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9505): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3086.9330s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9531): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3087.8290s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9557): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3089.8550s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9587): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3091.3200s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9602): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3092.7700s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9630): An attempt was made to access aNSE: [ftp-bounce] PORT response: 500 I won't open a connection to 45.33.32.156 (only to 217.23.15.11) socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3095.5780s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9657): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3096.5830s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9670): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3098.0420s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #9691): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3137.4430s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10497): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3138.2690s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10508): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3139.6570s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10519): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3147.6950s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10610): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3148.9980s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10622): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3154.9250s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10689): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3155.5290s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10701): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3157.1910s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10723): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3158.2060s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10742): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3160.2280s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10770): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3161.2710s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10783): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3169.5260s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10903): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3172.4320s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10922): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3173.7700s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #10944): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3175.5240s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11001): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3176.1390s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11015): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3176.6110s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11022): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3177.1910s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11036): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3177.9010s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11042): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3179.0510s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IODCompleted NSE at 17:14, 789.17s elapsed Initiating NSE at 17:14 Completed NSE at 17:14, 2.91s elapsed Nmap scan report for customer.worldstream.nl (217.23.1.51) #11046): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3186.5280s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11087): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3186.9410s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11091): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3187.3920s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11097): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3187.7320s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11100): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3190.9140s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #11137): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3280.5140s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12088): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3286.4090s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12129): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3304.6730s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12226): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3306.1600s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12238): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3310.1800s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12264): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3318.5710s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12332): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3320.0320s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12341): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3321.2190s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12355): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3323.0290s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12377): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3324.1390s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12381): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3326.2650s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12399): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3327.4540s] mksock_bind_addr(): Bind to 0.0.0.0:445 failed (IOD #12408): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3760.8150s] mksock_bind_addr(): Bind to 0.0.0.0:110 failed (IOD #14253): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) NSOCK ERROR [3761.4480s] mksock_bind_addr(): Bind to 0.0.0.0:25 failed (IOD #14274): An attempt was made to access a socket in a way forbidden by its access permissions. (10013) Host is up (0.13s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:06:26+00:00; +18s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) | 256 8e:6b:ca:7d:c7:c2:e9:aa:d2:e0:5c:b2:25:54:b1:85 (ED25519) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open ssl/http Apache/2 | http-methods: | Supported Methods: POST OPTIONS HEAD GET |_http-server-header: Apache/2 |_http-title: Site doesn't have a title (text/html). 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/ssl Apache httpd (SSL-only mode) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: POST OPTIONS HEAD GET | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2 |_http-title: 404 Not Found | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |_SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP, | Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd |_imap-capabilities: SASL-IR ID have more listed OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS capabilities LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083 | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login |_http-trane-info: Problem with XML parsing of /evox/about 3306/tcp open mysql MariaDB (unauthorized) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 110.00 ms customer.worldstream.nl (217.23.1.51)

Nmap scan report for customer.worldstream.nl (217.23.1.53) Host is up (0.22s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.6 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a6:22:a3:33:02:c6:89:e4:d7:d8:2e:d8:35:43:b2:1e (RSA) | 256 45:d3:ff:44:09:6d:e2:1f:0d:83:b3:ca:48:c7:39:7e (ECDSA) |_ 256 34:dc:2f:8e:89:49:41:c5:bf:2c:b0:af:36:62:f0:e1 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 33.801 days (since Tue May 21 22:01:13 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 6.00 ms customer.worldstream.nl (217.23.1.53)

Nmap scan report for customer.worldstream.nl (217.23.1.54) Host is up (0.011s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ftp-anon: Anonymous FTP login allowed (FTP code 230) | drwxr-xr-x 2 0 0 4096 Mar 15 2011 . |drwxr-xr-x 2 0 0 4096 Mar 15 2011 .. 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) | ssh-hostkey: | 1024 bb:c1:1c:dc:bc:c4:f5:e0:b7:69:0e:5d:30:e5:ed:97 (DSA) | 2048 ee:cd:a4:77:3a:5a:7c:6b:e5:f6:16:94:c4:bb:32:49 (RSA) 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE | http-robots.txt: 1 disallowed entry |_/wp-admin/ |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=.filerio.in | Subject Alternative Name: DNS:.filerio.in, DNS:filerio.in | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-07-18T11:17:48 | Not valid after: 2019-07-19T11:17:48 | MD5: f261 f50c 9313 0a3c 8e4f 8076 1c1c 2124 |_SHA-1: 4600 a909 aa3c f9d8 2a4d 273d 83f5 2f20 1335 722c |_ssl-date: 2019-06-24T15:02:19+00:00; +18s from scanner time. 3306/tcp open mysql MySQL (unauthorized) 5666/tcp open tcpwrapped Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 3.751 days (since Thu Jun 20 23:14:03 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.54)

Nmap scan report for customer.worldstream.nl (217.23.1.55) Host is up (0.013s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 0e:ad:81:95:4d:48:a7:01:58:02:b8:93:7e:f2:1c:a2 (RSA) | 256 bf:82:b3:01:7f:98:fc:be:65:00:7c:3c:73:93:8b:2a (ECDSA) |_ 256 c8:19:96:88:0b:36:ce:02:7d:b4:29:0f:b2:32:80:b2 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 41.710 days (since Tue May 14 00:11:48 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.55)

Nmap scan report for customer.worldstream.nl (217.23.1.56) Host is up (0.074s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 3389/tcp open ms-wbt-server Microsoft Terminal Services | ssl-cert: Subject: commonName=NLDW2-BH14 | Issuer: commonName=NLDW2-BH14 | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-06-11T09:52:26 | Not valid after: 2019-12-11T09:52:26 | MD5: 7d9a 0e32 ffe3 72f3 dcbb 0a93 b685 f772 |_SHA-1: 4202 eaa9 8f39 0f51 8f2d dd25 aaa4 1017 42fc aa78 |_ssl-date: 2019-06-24T15:04:01+00:00; +18s from scanner time. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port OS fingerprint not ideal because: Missing a closed TCP port so results incomplete No OS matches for host Uptime guess: 12.166 days (since Wed Jun 12 13:15:09 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=251 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 3389/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 516.00 ms customer.worldstream.nl (217.23.1.56)

Nmap scan report for google.com (217.23.1.58) Host is up (0.012s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8647 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: fja+O.8k5e~hou!>Uq[P | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms google.com (217.23.1.58)

Nmap scan report for customer.worldstream.nl (217.23.1.59) Host is up (0.27s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:04:16+00:00; +18s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) | 256 8e:6b:ca:7d:c7:c2:e9:aa:d2:e0:5c:b2:25:54:b1:85 (ED25519) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open ssl/http Apache/2 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://generika24-online.com/ 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/ssl Apache httpd (SSL-only mode) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: POST OPTIONS HEAD GET | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2 |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |_SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |_ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.87 |_smtp-commands: Couldn't establish connection on port 465 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd |_imap-capabilities: SASL-IR ID have more listed OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS capabilities LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083 | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login |_http-trane-info: Problem with XML parsing of /evox/about 3306/tcp open mysql MariaDB (unauthorized) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.59)

Nmap scan report for customer.worldstream.nl (217.23.1.61) Host is up (0.024s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:04:19+00:00; +17s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) | 256 8e:6b:ca:7d:c7:c2:e9:aa:d2:e0:5c:b2:25:54:b1:85 (ED25519) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open http (PHP 5.6.30) | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 503 temporarily overloaded | Date: Mon, 24 Jun 2019 14:56:08 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Set-Cookie: PrestaShop-42d71ccdbde431a9af735bab5d1ba278=m5Fxz3VX4K2cTswPqYJJ4rZu1m7lDVJ8H%2BJp%2FtWdZGBV17ywN7F9Nx9YX%2Fr1%2FtjobHY86eX8%2FBvToKERfHe6aWFYMIxQUVcfMeDKoADZU64%3D000075; expires=Sun, 14-Jul-2019 14:56:09 GMT; Max-Age=1728000; path=/; httponly | Vary: Accept-Encoding,User-Agent | Content-Length: 2656 | Content-Type: text/html; charset=utf-8 | <title>404 error - LPN</title><style>::-moz-selection { | backgrou | GetRequest: | HTTP/1.0 301 Moved | Date: Mon, 24 Jun 2019 14:56:02 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Cache-Control: no-cache | Location: http://levitra-per-nachnahme.com/ | Vary: User-Agent | Content-Length: 0 | Content-Type: text/html; charset=utf-8 | HTTPOptions: | HTTP/1.1 503 temporarily overloaded | Date: Mon, 24 Jun 2019 14:56:03 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Set-Cookie: PrestaShop-42d71ccdbde431a9af735bab5d1ba278=m5Fxz3VX4K2cTswPqYJJ4nKpn4AKJ3p4K1J%2BwkL1U7RV17ywN7F9Nx9YX%2Fr1%2FtjobHY86eX8%2FBvToKERfHe6aSO4UAE7feMDKONvhSwAHAA%3D000075; expires=Sun, 14-Jul-2019 14:56:03 GMT; Max-Age=1728000; path=/; httponly | Vary: Accept-Encoding,User-Agent | Content-Length: 2806 | Content-Type: text/html; charset=utf-8 | <title>Levitra kaufen und per Nachnahme bezahlen ohne rezept - LPN</title><meta name="keywords" content="Levitra per Nachnahme" / | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://generika24-online.com/ 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/ssl Apache httpd (SSL-only mode) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: POST OPTIONS HEAD GET | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2 |_http-title: Secured Home of generika24-online.com | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |_SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP, | Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login |_http-trane-info: Problem with XML parsing of /evox/about 3306/tcp open mysql MariaDB (unauthorized) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10E470%P=i686-pc-windows-windows%r( SF:GetRequest,127,"HTTP/1.0\x20301\x20Moved\r\nDate:\x20Mon,\x2024\x20Jun SF:\x202019\x2014:56:02\x20GMT\r\nServer:\x20Apache/2\r\nUpgrade:\x20h2,h2 SF:c\r\nConnection:\x20Upgrade,\x20close\r\nX-Powered-By:\x20PHP/5.6.30
SF:r\nCache-Control:\x20no-cache\r\nLocation:\x20http://levitra-per-nachna SF:hme.com/\r\nVary:\x20User-Agent\r\nContent-Length:\x200\r\nContent-Typ SF:e:\x20text/html;\x20charset=utf-8\r\n\r\n")%r(HTTPOptions,CFB,"HTTP/1. SF:1\x20503\x20temporarily\x20overloaded\r\nDate:\x20Mon,\x2024\x20Jun\x20 SF:2019\x2014:56:03\x20GMT\r\nServer:\x20Apache/2\r\nUpgrade:\x20h2,h2c\r
SF:nConnection:\x20Upgrade,\x20close\r\nX-Powered-By:\x20PHP/5.6.30\r\nS SF:et-Cookie:\x20PrestaShop-42d71ccdbde431a9af735bab5d1ba278=m5Fxz3VX4K2cT SF:swPqYJJ4nKpn4AKJ3p4K1J%2BwkL1U7RV17ywN7F9Nx9YX%2Fr1%2FtjobHY86eX8%2FBvT SF:oKERfHe6aSO4UAE7feMDKONvhSwAHAA%3D000075;\x20expires=Sun,\x2014-Jul-201 SF:9\x2014:56:03\x20GMT;\x20Max-Age=1728000;\x20path=/;\x20httponly\r\nVar SF:y:\x20Accept-Encoding,User-Agent\r\nContent-Length:\x202806\r\nContent- SF:Type:\x20text/html;\x20charset=utf-8\r\n\r\n<!DOCTYPE\x20html><html\x20 SF:lang="en"><title>Levitra\x20kaufen\x20und\x20per\x20Nachnahme\x SF:20bezahlen\x20ohne\x20rezept\x20-\x20LPN</title><meta\x20http-equiv="C SF:ontent-Type"\x20content="text/html;\x20charset=utf-8"\x20/><meta\x20 SF:name="description"\x20content="Lavitra\x20Original\x20und\x20Generik SF:a\x20per\x20Nachnahme\x20kaufen,\x20Potenzmittel\x20im\x20Internet\x20s SF:icher\x20ohne\x20Kreditkarte\x20bestellen"\x20/><meta\x20name="keywor SF:ds"\x20content="Levitra\x20per\x20Nachnahme"\x20/")%r(FourOhFourRequ SF:est,C67,"HTTP/1.1\x20503\x20temporarily\x20overloaded\r\nDate:\x20Mon, SF:\x2024\x20Jun\x202019\x2014:56:08\x20GMT\r\nServer:\x20Apache/2\r\nUpgr SF:ade:\x20h2,h2c\r\nConnection:\x20Upgrade,\x20close\r\nX-Powered-By:\x20 SF:PHP/5.6.30\r\nSet-Cookie:\x20PrestaShop-42d71ccdbde431a9af735bab5d1ba SF:278=m5Fxz3VX4K2cTswPqYJJ4rZu1m7lDVJ8H%2BJp%2FtWdZGBV17ywN7F9Nx9YX%2Fr1% SF:2FtjobHY86eX8%2FBvToKERfHe6aWFYMIxQUVcfMeDKoADZU64%3D000075;\x20expires SF:=Sun,\x2014-Jul-2019\x2014:56:09\x20GMT;\x20Max-Age=1728000;\x20path=/; SF:\x20httponly\r\nVary:\x20Accept-Encoding,User-Agent\r\nContent-Length:
SF:x202656\r\nContent-Type:\x20text/html;\x20charset=utf-8\r\n\r\n<html\x20lang="en"><title>404\x20error\x20-\x20LPN</t SF:itle><meta\x20http-equiv="Content-Type"\x20content="text/html;\x20ch SF:arset=utf-8"\x20/><meta\x20name="description"\x20content="This\x20p SF:age\x20cannot\x20be\x20found"\x20/><meta\x20name="keywords"\x20conte SF:nt=""\x20/><meta\x20name="robots"\x20content="index,follow"\x20/> SF:<link\x20rel="shortcut\x20icon"\x20href="/img/favicon.ico"\x20/>::-moz-selection\x20{\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2 SF:0\x20\x20\x20\x20\x20backgrou"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=265 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 16s, deviation: 0s, median: 16s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms customer.worldstream.nl (217.23.1.61)

Nmap scan report for google.com (217.23.1.62) Host is up (0.013s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8640 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: F*=3(ov'Yl5?]78U$O | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -37m03s, deviation: 1h04m42s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:10:00+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:03:00 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms google.com (217.23.1.62)

Nmap scan report for rhonenddl.worldstream.nl (217.23.1.63) Host is up (0.013s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.29 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.29 (Ubuntu) |_http-title: Did not follow redirect to https://217.23.1.63/ 443/tcp open ssl/http Apache httpd 2.4.29 ((Ubuntu)) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: Apache/2.4.29 (Ubuntu) |_http-title: 400 Bad Request | ssl-cert: Subject: commonName=recup-lyon.tk | Issuer: commonName=recup-lyon.tk | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-03-13T23:04:15 | Not valid after: 2029-03-10T23:04:15 | MD5: 85bf cb59 878a 3f28 69dc 3817 572c 44d9 |SHA-1: 6620 ca48 22e6 41cc 4544 e977 1620 b2b3 754e a7d1 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 | http/1.1 8443/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 e1:5b:3b:52:86:d1:57:31:8b:4f:d3:f0:4b:7c:83:f6 (RSA) | 256 a6:50:1b:68:3f:9c:77:18:4b:e1:64:0d:05:43:e4:07 (ECDSA) | 256 ac:3f:2a:ce:b5:f4:96:c9:62:37:e7:9d:d8:0c:9a:e8 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 27.861 days (since Mon May 27 20:35:33 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: 217.23.1.63; OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms rhonenddl.worldstream.nl (217.23.1.63)

Nmap scan report for google.com (217.23.1.65) Host is up (0.011s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8639 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: (|^?aJ.FUZE,HeEjd9,q | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -38m38s, deviation: 1h07m28s, median: 18s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:05:17+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:03:14 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 3.00 ms google.com (217.23.1.65)

Nmap scan report for google.com (217.23.1.66) Host is up (0.013s latency). Not shown: 989 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8642 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: BJ*5h0R-)&"uL\gq"PO| | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -39m20s, deviation: 1h08m39s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:03:14+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:04:18 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 4.00 ms google.com (217.23.1.66)

Nmap scan report for google.com (217.23.1.67) Host is up (0.012s latency). Not shown: 989 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8638 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: r)ov'XfzRkESR%](N/?1 | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -37m53s, deviation: 1h06m07s, median: 16s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:07:39+02:00 | smb-security-mode: | account_used: | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:07:39 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 3.00 ms google.com (217.23.1.67)

Nmap scan report for customer.worldstream.nl (217.23.1.68) Host is up (0.0096s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:02:34+00:00; +18s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) | 256 8e:6b:ca:7d:c7:c2:e9:aa:d2:e0:5c:b2:25:54:b1:85 (ED25519) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open http (PHP 5.6.30) | fingerprint-strings: | GetRequest: | HTTP/1.1 503 temporarily overloaded | Date: Mon, 24 Jun 2019 14:56:15 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Set-Cookie: PrestaShop-42d71ccdbde431a9af735bab5d1ba278=cprOPntiV0i4qOIu%2F7qrgSYMTZoGG99iLD1bxUe3af3kQsJWnFodm1Q%2FfvYVpNP3AjpVgkakPA8IZPm7jy2whKVMC%2BYOAPKMSAgvvxgqjhI%3D000075; expires=Sun, 14-Jul-2019 14:56:15 GMT; Max-Age=1728000; path=/; httponly | Vary: Accept-Encoding,User-Agent | Content-Length: 1088 | Content-Type: text/html; charset=utf-8 | <title>Cialis per Nachnahme kaufen ohne Rezept generika - CPN</title><link rel="short | HTTPOptions: | HTTP/1.1 503 temporarily overloaded | Date: Mon, 24 Jun 2019 14:56:18 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Set-Cookie: PrestaShop-42d71ccdbde431a9af735bab5d1ba278=cprOPntiV0i4qOIu%2F7qrgffJOWmjh3QlNhyFjFrjT%2B3kQsJWnFodm1Q%2FfvYVpNP3AjpVgkakPA8IZPm7jy2whFE6uxYt1bwXxKVLNUIyCf8%3D000075; expires=Sun, 14-Jul-2019 14:56:18 GMT; Max-Age=1728000; path=/; httponly | Vary: Accept-Encoding,User-Agent | Content-Length: 1088 | Content-Type: text/html; charset=utf-8 | <title>Cialis per Nachnahme kaufen ohne Rezept generika - CPN</title><link rel="short | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://cialis-per-nachnahme.com/ 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/ssl Apache httpd (SSL-only mode) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: POST OPTIONS HEAD GET | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2 |_http-title: 404 Not Found | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a 465/tcp open ssl/smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP, | Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login |_http-trane-info: Problem with XML parsing of /evox/about 3306/tcp open mysql MariaDB (unauthorized) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10E47F%P=i686-pc-windows-windows%r( SF:GetRequest,643,"HTTP/1.1\x20503\x20temporarily\x20overloaded\r\nDate:
SF:x20Mon,\x2024\x20Jun\x202019\x2014:56:15\x20GMT\r\nServer:\x20Apache/2
SF:r\nUpgrade:\x20h2,h2c\r\nConnection:\x20Upgrade,\x20close\r\nX-Powered- SF:By:\x20PHP/5.6.30\r\nSet-Cookie:\x20PrestaShop-42d71ccdbde431a9af735b SF:ab5d1ba278=cprOPntiV0i4qOIu%2F7qrgSYMTZoGG99iLD1bxUe3af3kQsJWnFodm1Q%2F SF:fvYVpNP3AjpVgkakPA8IZPm7jy2whKVMC%2BYOAPKMSAgvvxgqjhI%3D000075;\x20expi SF:res=Sun,\x2014-Jul-2019\x2014:56:15\x20GMT;\x20Max-Age=1728000;\x20path SF:=/;\x20httponly\r\nVary:\x20Accept-Encoding,User-Agent\r\nContent-Lengt SF:h:\x201088\r\nContent-Type:\x20text/html;\x20charset=utf-8\r\n\r\n<html\x20lang="de-de"><meta\x20charset="utf-8">< SF:title>Cialis\x20per\x20Nachnahme\x20kaufen\x20ohne\x20Rezept\x20generik SF:a\x20-\x20CPN</title><meta\x20name="description"\x20content="Potenzm SF:ittel\x20bestellen\x20Cialis\x20online\x20kaufen\x20rezeptfrei\x20per\x SF:20Nachnahme"><meta\x20name="keywords"\x20content="Cialis,\x20per\x2 SF:0Nachnahme,kaufen,rezeptfrei,zollfrei,ohne\x20zoll"><meta\x20name="ro SF:bots"\x20content="index,follow"><link\x20rel="short")%r(HTTPOptions SF:,643,"HTTP/1.1\x20503\x20temporarily\x20overloaded\r\nDate:\x20Mon,\x2 SF:024\x20Jun\x202019\x2014:56:18\x20GMT\r\nServer:\x20Apache/2\r\nUpgrade SF::\x20h2,h2c\r\nConnection:\x20Upgrade,\x20close\r\nX-Powered-By:\x20PHP SF:/5.6.30\r\nSet-Cookie:\x20PrestaShop-42d71ccdbde431a9af735bab5d1ba278 SF:=cprOPntiV0i4qOIu%2F7qrgffJOWmjh3QlNhyFjFrjT%2B3kQsJWnFodm1Q%2FfvYVpNP3 SF:AjpVgkakPA8IZPm7jy2whFE6uxYt1bwXxKVLNUIyCf8%3D000075;\x20expires=Sun,\x SF:2014-Jul-2019\x2014:56:18\x20GMT;\x20Max-Age=1728000;\x20path=/;\x20htt SF:ponly\r\nVary:\x20Accept-Encoding,User-Agent\r\nContent-Length:\x201088 SF:\r\nContent-Type:\x20text/html;\x20charset=utf-8\r\n\r\n<!DOCTYPE\x20ht SF:ml><html\x20lang="de-de"><meta\x20charset="utf-8"><title>Cial SF:is\x20per\x20Nachnahme\x20kaufen\x20ohne\x20Rezept\x20generika\x20-\x20 SF:CPN</title><meta\x20name="description"\x20content="Potenzmittel\x20b SF:estellen\x20Cialis\x20online\x20kaufen\x20rezeptfrei\x20per\x20Nachnahm SF:e"><meta\x20name="keywords"\x20content="Cialis,\x20per\x20Nachnahme SF:,kaufen,rezeptfrei,zollfrei,ohne\x20zoll"><meta\x20name="robots"\x20 SF:content="index,follow"><link\x20rel="short"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 3.00 ms customer.worldstream.nl (217.23.1.68)

Nmap scan report for google.com (217.23.1.70) Host is up (0.011s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8641 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: E%)=68V(c:8KN({Trbq4 | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -37m54s, deviation: 1h06m09s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:07:52+02:00 | smb-security-mode: | account_used: | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:07:53 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms google.com (217.23.1.70)

Nmap scan report for prime.asreweb.net (217.23.1.71) Host is up (0.011s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:05:23+00:00; +18s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello prime.asreweb.net [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open http (PHP 5.6.30) | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 404 Not Found | Date: Mon, 24 Jun 2019 14:56:29 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade | X-Powered-By: PHP/5.6.30 | P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" | Powered-By: PrestaShop | Status: 404 Not Found | Set-Cookie: PHPSESSID=ft72q91ljh585ehkj4mt2t0sg6; path=/ | Expires: Thu, 19 Nov 1981 08:52:00 GMT | Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 | Pragma: no-cache | Vary: Accept-Encoding,User-Agent | Transfer-Encoding: chunked | Content-Type: text/html; charset=utf-8 | 58f4 | <!doctype html> | | | | | <title>Fehler 404</title> | | | <meta name="viewport" content="width=device-width, ini | GetRequest: | HTTP/1.0 301 Moved | Date: Mon, 24 Jun 2019 14:56:22 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | Cache-Control: no-cache | Location: http://viagrando.com/ | Vary: User-Agent | Content-Length: 0 | Content-Type: text/html; charset=utf-8 | HTTPOptions: | HTTP/1.1 200 OK | Date: Mon, 24 Jun 2019 14:56:22 GMT | Server: Apache/2 | Upgrade: h2,h2c | Connection: Upgrade, close | X-Powered-By: PHP/5.6.30 | P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" | Powered-By: PrestaShop | Set-Cookie: PHPSESSID=bpvtbvl1qri0f6683l26c4bea1; path=/ | Expires: Thu, 19 Nov 1981 08:52:00 GMT | Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 | Pragma: no-cache | Set-Cookie: PrestaShop-85e16e6377ec6df2ef41b2d5c2d31d36=def502008aeb3104242531e6743d3917095de5ae24e30eeaa80c32553172cc4732890d3ee20103168787648179c0d4565b6b2b0895e57eebedd1e15a97a1c4895bbbe655bedd7ecd05c38940f39788c40afdf7c7f80fa84f42d2a2b4946d8c7fba85c16229e6bb7becf9005902af504e89ed922c8ad3a678b30843b3d31c82677aef93b4c96f8a51ce61839ee212746cc604b130938a51f1b7d505c28e7024; expires=Sun, 14-Jul-2019 14:56:22 GMT; Max-Age=1728000; path=/; httponly |_ Set-Cookie: PrestaShop-85e16e63 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 78 disallowed entries (15 shown) | /?orderby= /?orderway= /?tag= /?id_currency= | /?search_query= /?back= /?n= /&orderby= /&orderway= /&tag= | /&id_currency= /&search_query= /&back= /&n= |_/*controller=addresses |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://viagrando.com/ 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/ssl Apache httpd (SSL-only mode) | http-methods: | Supported Methods: POST OPTIONS HEAD GET |_http-server-header: Apache/2 |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |_SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello prime.asreweb.net [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP, | Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello prime.asreweb.net [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd |_imap-capabilities: SASL-IR ID have more listed OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS capabilities LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083 | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login 3306/tcp open mysql MariaDB (unauthorized) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10E484%P=i686-pc-windows-windows%r( SF:GetRequest,11B,"HTTP/1.0\x20301\x20Moved\r\nDate:\x20Mon,\x2024\x20Jun SF:\x202019\x2014:56:22\x20GMT\r\nServer:\x20Apache/2\r\nUpgrade:\x20h2,h2 SF:c\r\nConnection:\x20Upgrade,\x20close\r\nX-Powered-By:\x20PHP/5.6.30
SF:r\nCache-Control:\x20no-cache\r\nLocation:\x20http://viagrando\.com/\r\ SF:nVary:\x20User-Agent\r\nContent-Length:\x200\r\nContent-Type:\x20text/h SF:tml;\x20charset=utf-8\r\n\r\n")%r(HTTPOptions,A33C,"HTTP/1.1\x20200\x2 SF:0OK\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:56:22\x20GMT\r\nServer: SF:\x20Apache/2\r\nUpgrade:\x20h2,h2c\r\nConnection:\x20Upgrade,\x20close
SF:r\nX-Powered-By:\x20PHP/5.6.30\r\nP3P:\x20CP="IDC\x20DSP\x20COR\x20C SF:URa\x20ADMa\x20OUR\x20IND\x20PHY\x20ONL\x20COM\x20STA"\r\nPowered-By:
SF:x20PrestaShop\r\nSet-Cookie:\x20PHPSESSID=bpvtbvl1qri0f6683l26c4bea1;\x SF:20path=/\r\nExpires:\x20Thu,\x2019\x20Nov\x201981\x2008:52:00\x20GMT\r
SF:nCache-Control:\x20no-store,\x20no-cache,\x20must-revalidate,\x20post-c SF:heck=0,\x20pre-check=0\r\nPragma:\x20no-cache\r\nSet-Cookie:\x20PrestaS SF:hop-85e16e6377ec6df2ef41b2d5c2d31d36=def502008aeb3104242531e6743d391709 SF:5de5ae24e30eeaa80c32553172cc4732890d3ee20103168787648179c0d4565b6b2b089 SF:5e57eebedd1e15a97a1c4895bbbe655bedd7ecd05c38940f39788c40afdf7c7f80fa84f SF:42d2a2b4946d8c7fba85c16229e6bb7becf9005902af504e89ed922c8ad3a678b30843b SF:3d31c82677aef93b4c96f8a51ce61839ee212746cc604b130938a51f1b7d505c28e7024 SF:;\x20expires=Sun,\x2014-Jul-2019\x2014:56:22\x20GMT;\x20Max-Age=1728000 SF:;\x20path=/;\x20httponly\r\nSet-Cookie:\x20PrestaShop-85e16e63")%r(Four SF:OhFourRequest,5B23,"HTTP/1.1\x20404\x20Not\x20Found\r\nDate:\x20Mon,\x SF:2024\x20Jun\x202019\x2014:56:29\x20GMT\r\nServer:\x20Apache/2\r\nUpgrad SF:e:\x20h2,h2c\r\nConnection:\x20Upgrade\r\nX-Powered-By:\x20PHP/5.6.30 SF:\r\nP3P:\x20CP="IDC\x20DSP\x20COR\x20CURa\x20ADMa\x20OUR\x20IND\x20PHY SF:\x20ONL\x20COM\x20STA"\r\nPowered-By:\x20PrestaShop\r\nStatus:\x20404
SF:x20Not\x20Found\r\nSet-Cookie:\x20PHPSESSID=ft72q91ljh585ehkj4mt2t0sg6; SF:\x20path=/\r\nExpires:\x20Thu,\x2019\x20Nov\x201981\x2008:52:00\x20GMT
SF:r\nCache-Control:\x20no-store,\x20no-cache,\x20must-revalidate,\x20post SF:-check=0,\x20pre-check=0\r\nPragma:\x20no-cache\r\nVary:\x20Accept-Enco SF:ding,User-Agent\r\nTransfer-Encoding:\x20chunked\r\nContent-Type:\x20te SF:xt/html;\x20charset=utf-8\r\n\r\n58f4\r\n<!doctype\x20html>\n<html\x20l SF:ang="de">\n\n\x20\x20\n\x20\x20\x20\x20\n\x20\x20\x20\x20\x20\x SF:20<meta\x20charset="utf-8">\n<meta\x20http-equiv="x-ua-compatible"
SF:x20content="ie=edge">\n\n\n\x20\x20<title>Fehler\x20404</title>\n\x20 SF:\x20<meta\x20name="description"\x20content="Seite\x20wurde\x20nicht
SF:x20gefunden">\n\x20\x20<meta\x20name="keywords"\x20content="Fehler
SF:x20404,\x20nicht\x20gefunden">\n\x20\x20\x20\x20\n\n<meta\x20name="vi SF:ewport"\x20content="width=device-width,\x20ini"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 2.00 ms prime.asreweb.net (217.23.1.71)

Nmap scan report for customer.worldstream.nl (217.23.1.72) Host is up (0.012s latency). Not shown: 985 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp Pure-FTPd | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |ssl-date: 2019-06-24T15:04:12+00:00; +18s from scanner time. 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 9b:cc:93:c2:88:fc:42:8e:8a:46:71:55:de:7d:50:d4 (RSA) | 256 31:60:a1:80:08:41:89:56:cb:03:a6:5e:9d:90:af:30 (ECDSA) | 256 8e:6b:ca:7d:c7:c2:e9:aa:d2:e0:5c:b2:25:54:b1:85 (ED25519) 25/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-73.el7_6 80/tcp open http Apache/2 | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:32 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/nice%20ports,/Trinity.txt.bak | Content-Length: 271 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| | GetRequest, HTTPOptions: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:25 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/ | Content-Length: 242 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| | RTSPRequest: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:26 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/400.shtml | Content-Length: 251 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://www.potenz-ohne-stress.com/ 110/tcp open pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP UIDL STLS AUTH-RESP-CODE CAPA RESP-CODES USER PIPELINING SASL(PLAIN) | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAINA0001 ENABLE LOGIN-REFERRALS STARTTLS LITERAL+ post-login Pre-login IDLE IMAP4rev1 | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 443/tcp open ssl/https Apache/2 | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:33 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/nice%20ports,/Trinity.txt.bak | Content-Length: 271 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| | GetRequest, HTTPOptions: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:32 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/ | Content-Length: 242 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| | RTSPRequest: | HTTP/1.1 301 Moved Permanently | Date: Mon, 24 Jun 2019 14:56:43 GMT | Server: Apache/2 | Location: http://www.potenz-ohne-stress.com/400.shtml | Content-Length: 251 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | | | <title>301 Moved Permanently</title> | |
Moved Permanently
|
The document has moved here.
| |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/wp-admin/ |_http-server-header: Apache/2 |_http-title: Did not follow redirect to http://www.potenz-ohne-stress.com/ | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2017-05-05T10:10:59 | Not valid after: 2044-09-19T10:10:59 | MD5: 35a6 0708 6df4 9282 0cab 6783 bf68 53ea |_SHA-1: c715 32cd 484c 586d c6b4 74fe 4ec5 343c f56d d53a |_ssl-date: TLS randomness does not represent time 465/tcp open ssl/smtp Exim smtpd 4.87 |_smtp-commands: SMTP EHLO customer.worldstream.nl: failed to receive data: failed to receive data | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |ssl-date: TLS randomness does not represent time 587/tcp open smtp Exim smtpd 4.87 | smtp-commands: customer.worldstream Hello customer.worldstream.nl [217.23.15.11], SIZE 20971520, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP, | Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 993/tcp open ssl/imap Dovecot DirectAdmin imapd |_imap-capabilities: CAPABILITY | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 995/tcp open ssl/pop3 Dovecot DirectAdmin pop3d |_pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN) AUTH-RESP-CODE USER CAPA RESP-CODES | ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2016-05-13T00:13:50 | Not valid after: 2043-09-28T00:13:50 | MD5: 90b8 d95c 4714 d2ac 2daf f7f5 cf81 4dcd |_SHA-1: 7a7e 8e6a b2c5 cd60 a8d0 fc5b e5b8 171f 4d18 ff73 |_ssl-date: TLS randomness does not represent time 2222/tcp open http DirectAdmin httpd 1.57.1 (Registered to WorldStream) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: DirectAdmin Daemon v1.57.1 Registered to WorldStream |_http-title: DirectAdmin Login |_http-trane-info: Problem with XML parsing of /evox/about 3306/tcp open mysql MariaDB (unauthorized) 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=7.70%I=7%D=6/24%Time=5D10E487%P=i686-pc-windows-windows%r( SF:GetRequest,1CE,"HTTP/1.1\x20301\x20Moved\x20Permanently\r\nDate:\x20Mo SF:n,\x2024\x20Jun\x202019\x2014:56:25\x20GMT\r\nServer:\x20Apache/2\r\nLo SF:cation:\x20http://www\.potenz-ohne-stress\.com/\r\nContent-Length:\x202 SF:42\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=is SF:o-8859-1\r\n\r\n<!DOCTYPE\x20HTML\x20PUBLIC\x20"-//IETF//DTD\x20HTML\x SF:202.0//EN">\n\n<title>301\x20Moved\x20Permanently</title> SF:\n\n
Moved\x20Permanently
\n
The\x20document\x20h SF:as\x20moved\x20<a\x20href="http://www\.potenz-ohne-stress\.com/\">here SF:.
\n\n")%r(HTTPOptions,1CE,"HTTP/1.1\x20301\x20M SF:oved\x20Permanently\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:56:25\x SF:20GMT\r\nServer:\x20Apache/2\r\nLocation:\x20http://www\.potenz-ohne-st SF:ress.com/\r\nContent-Length:\x20242\r\nConnection:\x20close\r\nContent SF:-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\n<!DOCTYPE\x20HTML\x20 SF:PUBLIC\x20"-//IETF//DTD\x20HTML\x202.0//EN">\n\n<title>3 SF:01\x20Moved\x20Permanently</title>\n\n
Moved\x20Permane SF:ntly
\n
The\x20document\x20has\x20moved\x20<a\x20href="http://ww SF:w.potenz-ohne-stress.com/">here.
\n\n")%r(RTSP SF:Request,1E0,"HTTP/1.1\x20301\x20Moved\x20Permanently\r\nDate:\x20Mon,
SF:x2024\x20Jun\x202019\x2014:56:26\x20GMT\r\nServer:\x20Apache/2\r\nLocat SF:ion:\x20http://www\.potenz-ohne-stress\.com/400\.shtml\r\nContent-Lengt SF:h:\x20251\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20cha SF:rset=iso-8859-1\r\n\r\n<!DOCTYPE\x20HTML\x20PUBLIC\x20"-//IETF//DTD\x2 SF:0HTML\x202.0//EN">\n\n<title>301\x20Moved\x20Permanently< SF:/title>\n\n
Moved\x20Permanently
\n
The\x20docume SF:nt\x20has\x20moved\x20<a\x20href="http://www\.potenz-ohne-stress\.com/ SF:400.shtml">here.
\n\n")%r(FourOhFourRequest,208 SF:,"HTTP/1.1\x20301\x20Moved\x20Permanently\r\nDate:\x20Mon,\x2024\x20Ju SF:n\x202019\x2014:56:32\x20GMT\r\nServer:\x20Apache/2\r\nLocation:\x20htt SF:p://www.potenz-ohne-stress.com/nice%20ports,/Trinity.txt.bak\r\nCon SF:tent-Length:\x20271\r\nConnection:\x20close\r\nContent-Type:\x20text/ht SF:ml;\x20charset=iso-8859-1\r\n\r\n<!DOCTYPE\x20HTML\x20PUBLIC\x20"-//IE SF:TF//DTD\x20HTML\x202.0//EN">\n\n<title>301\x20Moved\x20Pe SF:rmanently</title>\n\n
Moved\x20Permanently
\n
The SF:\x20document\x20has\x20moved\x20<a\x20href="http://www\.potenz-ohne-st SF:ress.com/nice%20ports,/Trinity.txt.bak">here.
\n</ht SF:ml>\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.70%T=SSL%I=7%D=6/24%Time=5D10E48E%P=i686-pc-windows-win SF:dows%r(GetRequest,1CE,"HTTP/1.1\x20301\x20Moved\x20Permanently\r\nDate SF::\x20Mon,\x2024\x20Jun\x202019\x2014:56:32\x20GMT\r\nServer:\x20Apache/ SF:2\r\nLocation:\x20http://www\.potenz-ohne-stress\.com/\r\nContent-Lengt SF:h:\x20242\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20cha SF:rset=iso-8859-1\r\n\r\n<!DOCTYPE\x20HTML\x20PUBLIC\x20"-//IETF//DTD\x2 SF:0HTML\x202.0//EN">\n\n<title>301\x20Moved\x20Permanently< SF:/title>\n\n
Moved\x20Permanently
\n
The\x20docume SF:nt\x20has\x20moved\x20<a\x20href="http://www\.potenz-ohne-stress\.com/ SF:">here.
\n\n")%r(HTTPOptions,1CE,"HTTP/1.1\x203 SF:01\x20Moved\x20Permanently\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014: SF:56:32\x20GMT\r\nServer:\x20Apache/2\r\nLocation:\x20http://www\.potenz- SF:ohne-stress.com/\r\nContent-Length:\x20242\r\nConnection:\x20close\r\n SF:Content-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\n<!DOCTYPE\x20H SF:TML\x20PUBLIC\x20"-//IETF//DTD\x20HTML\x202.0//EN">\n\n< SF:title>301\x20Moved\x20Permanently</title>\n\n
Moved\x20 SF:Permanently
\n
The\x20document\x20has\x20moved\x20<a\x20href="ht SF:tp://www.potenz-ohne-stress.com/">here.
\n\n") SF:%r(FourOhFourRequest,208,"HTTP/1.1\x20301\x20Moved\x20Permanently\r\nD SF:ate:\x20Mon,\x2024\x20Jun\x202019\x2014:56:33\x20GMT\r\nServer:\x20Apac SF:he/2\r\nLocation:\x20http://www\.potenz-ohne-stress\.com/nice%20ports,/ SF:Trinity.txt.bak\r\nContent-Length:\x20271\r\nConnection:\x20close\r\n SF:Content-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\n<!DOCTYPE\x20H SF:TML\x20PUBLIC\x20"-//IETF//DTD\x20HTML\x202.0//EN">\n\n< SF:title>301\x20Moved\x20Permanently</title>\n\n
Moved\x20 SF:Permanently
\n
The\x20document\x20has\x20moved\x20<a\x20href="ht SF:tp://www.potenz-ohne-stress.com/nice%20ports,/Trinity.txt.bak">her SF:e.
\n\n")%r(RTSPRequest,1E0,"HTTP/1.1\x20301\x20 SF:Moved\x20Permanently\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2014:56:43
SF:x20GMT\r\nServer:\x20Apache/2\r\nLocation:\x20http://www\.potenz-ohne-s SF:tress.com/400.shtml\r\nContent-Length:\x20251\r\nConnection:\x20close SF:\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\n<!DOCTYPE
SF:x20HTML\x20PUBLIC\x20"-//IETF//DTD\x20HTML\x202.0//EN">\n\n<title>301\x20Moved\x20Permanently</title>\n\n
Moved SF:\x20Permanently
\n
The\x20document\x20has\x20moved\x20<a\x20href= SF:"http://www\.potenz-ohne-stress\.com/400\.shtml\">here.
\n</bo SF:dy>\n"); Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 16.993 days (since Fri Jun 07 17:25:02 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: customer.worldstream; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1.00 ms customer.worldstream.nl (217.23.1.72)

Nmap scan report for google.com (217.23.1.74) Host is up (0.0079s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8646 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: Mv+pu|-jN(zQe*?<Q`o/ | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -38m04s, deviation: 1h06m27s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:07:55+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:08:35 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms google.com (217.23.1.74)

Nmap scan report for hi.com (217.23.1.76) Host is up (0.011s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u6 (protocol 2.0) | ssh-hostkey: | 2048 90:ff:fd:b4:f6:aa:3e:96:49:53:fd:ad:6c:1e:83:08 (RSA) | 256 6e:41:55:a8:64:79:31:39:67:cf:26:fe:de:58:a7:4c (ECDSA) |_ 256 ad:36:3c:2b:c9:d7:9d:e1:ba:ba:b5:55:e2:01:fe:d1 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 134.925 days (since Sat Feb 09 18:03:10 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=257 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms hi.com (217.23.1.76)

Nmap scan report for DB12.worldstream.nl (217.23.1.78) Host is up (0.011s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 8443/tcp open tcpwrapped Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.10 - 4.11, Linux 3.2 - 4.9 Uptime guess: 2.843 days (since Fri Jun 21 21:01:35 2019) Network Distance: 5 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 8443/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 ... 4 5 1.00 ms DB12.worldstream.nl (217.23.1.78)

Nmap scan report for clients.streamwood.ru (217.23.1.79) Host is up (0.038s latency). Not shown: 993 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u3 (protocol 2.0) | ssh-hostkey: | 1024 a1:2c:8d:13:81:10:62:12:b8:48:ad:61:a7:ae:2d:84 (DSA) |_ 2048 2f:4f:49:cd:03:dd:9f:73:8f:f9:09:76:ea:5a:8f:77 (RSA) 80/tcp open http nginx |http-favicon: Unknown favicon MD5: C0FEFD664F24F59BAEE3ED33B02C33E3 | http-methods: | Supported Methods: GET HEAD POST | http-title: \xD0\x92\xD1\x85\xD0\xBE\xD0\xB4 \xD0\xBD\xD0\xB0 \xD1\x81\xD0\xB0\xD0\xB9\xD1\x82 :: StreamWood |_Requested resource was /signin/ 113/tcp closed ident 443/tcp open ssl/http nginx |http-favicon: Unknown favicon MD5: C0FEFD664F24F59BAEE3ED33B02C33E3 | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: nginx | http-title: \xD0\x92\xD1\x85\xD0\xBE\xD0\xB4 \xD0\xBD\xD0\xB0 \xD1\x81\xD0\xB0\xD0\xB9\xD1\x82 :: StreamWood |_Requested resource was /signin/ | ssl-cert: Subject: commonName=clients.streamwood.ru | Subject Alternative Name: DNS:api.streamwood.ru, DNS:clients.streamwood.ru, DNS:crm.streamwood.ru, DNS:crm2company.streamwood.ru, DNS:files.streamwood.ru, DNS:img.streamwood.ru, DNS:test.streamwood.ru | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-21T08:59:56 | Not valid after: 2019-08-19T08:59:56 | MD5: ab62 0da5 2325 c4e2 9429 5097 793c e796 |_SHA-1: fc44 203d 48b2 4fbe 5d51 f574 dfd7 8345 8149 9b0b |ssl-date: TLS randomness does not represent time | tls-nextprotoneg: | h2 | http/1.1 5222/tcp closed xmpp-client 5269/tcp closed xmpp-server 5280/tcp closed xmpp-bosh Device type: general purpose|storage-misc|broadband router|router|media device|WAP Running (JUST GUESSING): Linux 2.6.X|3.X (93%), HP embedded (90%), MikroTik RouterOS 6.X (89%), Infomir embedded (89%), Ubiquiti embedded (89%), Ubiquiti AirOS 5.X (89%) OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:mikrotik:routeros:6.32.1 cpe:/o:linux:linux_kernel:2.6 cpe:/h:infomir:mag-250 cpe:/h:ubnt:airmax_nanostation cpe:/o:ubnt:airos:5.5.9 Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 - 3.13 (93%), Linux 2.6.32 - 3.1 (92%), Linux 2.6.32 - 2.6.39 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.2 (91%), HP P2000 G3 NAS device (90%), Linux 3.5 (90%), Linux 3.8 (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 3.148 days (since Fri Jun 21 13:41:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1.00 ms clients.streamwood.ru (217.23.1.79)

Nmap scan report for clients.streamwood.ru (217.23.1.80) Host is up (0.068s latency). Not shown: 993 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u3 (protocol 2.0) | ssh-hostkey: | 1024 a1:2c:8d:13:81:10:62:12:b8:48:ad:61:a7:ae:2d:84 (DSA) |_ 2048 2f:4f:49:cd:03:dd:9f:73:8f:f9:09:76:ea:5a:8f:77 (RSA) 80/tcp open http nginx |_http-favicon: Unknown favicon MD5: C0FEFD664F24F59BAEE3ED33B02C33E3 | http-title: \xD0\x92\xD1\x85\xD0\xBE\xD0\xB4 \xD0\xBD\xD0\xB0 \xD1\x81\xD0\xB0\xD0\xB9\xD1\x82 :: StreamWood |_Requested resource was /signin/ 113/tcp closed ident 443/tcp closed https 5222/tcp closed xmpp-client 5269/tcp closed xmpp-server 5280/tcp closed xmpp-bosh Device type: general purpose|storage-misc|broadband router|router|media device|WAP Running (JUST GUESSING): Linux 2.6.X|3.X (93%), HP embedded (90%), MikroTik RouterOS 6.X (89%), Infomir embedded (89%), Ubiquiti embedded (89%), Ubiquiti AirOS 5.X (89%) OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:mikrotik:routeros:6.32.1 cpe:/o:linux:linux_kernel:2.6 cpe:/h:infomir:mag-250 cpe:/h:ubnt:airmax_nanostation cpe:/o:ubnt:airos:5.5.9 Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 - 3.13 (93%), Linux 2.6.32 - 3.1 (92%), Linux 2.6.32 - 2.6.39 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.2 (91%), HP P2000 G3 NAS device (90%), Linux 3.5 (90%), Linux 3.8 (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 3.148 days (since Fri Jun 21 13:41:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 0.00 ms clients.streamwood.ru (217.23.1.80)

Nmap scan report for onlinebees.ru (217.23.1.81) Host is up (0.011s latency). Not shown: 992 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 53/tcp open domain ISC BIND 9.8.4-rpz2+rl005.12-P1 | dns-nsid: |_ bind.version: 9.8.4-rpz2+rl005.12-P1 80/tcp open http Apache httpd 2.2.22 (PHP/5.6.40-1dotdeb+7.1) | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.22 |_http-title: Did not follow redirect to http://onlinets.pro/ 443/tcp open ssl/http Apache httpd 2.2.22 (PHP/5.6.40-1dotdeb+7.1) | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.22 |_http-title: Did not follow redirect to http://onlinets.pro/ |_http-trane-info: Problem with XML parsing of /evox/about | ssl-cert: Subject: commonName=.onlinets.ru/organizationName=onlinets.ru | Subject Alternative Name: DNS:onlinets.ru | Issuer: commonName=.onlinets.ru/organizationName=onlinets.ru | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-01-09T19:25:31 | Not valid after: 2024-01-08T19:25:31 | MD5: e832 1254 e26f 6ebd 5854 f20f b351 874e |SHA-1: b6af 4d4e 1a6a a47e 2ecd ff01 2bb0 207b 365e 146a |ssl-date: TLS randomness does not represent time 8022/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u7 (protocol 2.0) | ssh-hostkey: | 1024 db:c2:72:39:fc:c8:41:b4:2f:bb:35:a3:5b:6c:07:94 (DSA) | 2048 57:d8:86:a7:d3:d6:ae:8a:64:e2:d7:34:3c:bd:98:6a (RSA) | 256 5c:80:d8:b0:80:72:73:6f:07:3a:16:1b:f9:e3:c9:11 (ECDSA) 8443/tcp open ssl/http MiniServ 1.900 (Webmin httpd) |http-favicon: Unknown favicon MD5: 9A2006C267DE04E262669D821B57EAD1 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/ |_http-title: Login to Webmin | ssl-cert: Subject: commonName=onlinebees.ru | Subject Alternative Name: DNS:onlinebees.ru | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-11-29T17:10:41 | Not valid after: 2019-02-27T17:10:41 | MD5: 9cbd 081c 4e07 ec5a 0843 c34d c84c d1b3 |_SHA-1: f74b 9a76 ec7b a46c c9c0 29a4 6b2b e1bd bf75 c25f |_ssl-date: TLS randomness does not represent time 10000/tcp open http MiniServ 1.900 (Webmin httpd) |http-favicon: Unknown favicon MD5: B57BE7FE104066AB45CBCA94115244CA | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: MiniServ/1.900 |_http-title: Site doesn't have a title (text/html; Charset=iso-8859-1). 20000/tcp open http MiniServ 1.751 (Webmin httpd) |http-favicon: Unknown favicon MD5: 97E2EAB30A575BF2EFD1BA401C292DC1 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: MiniServ/1.751 |_http-title: Site doesn't have a title (text/html; Charset=iso-8859-1). Device type: general purpose|storage-misc|broadband router|router|media device|WAP Running (JUST GUESSING): Linux 2.6.X|3.X (93%), HP embedded (90%), MikroTik RouterOS 6.X (89%), Infomir embedded (89%), Ubiquiti embedded (89%), Ubiquiti AirOS 5.X (89%) OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:mikrotik:routeros:6.32.1 cpe:/o:linux:linux_kernel:2.6 cpe:/h:infomir:mag-250 cpe:/h:ubnt:airmax_nanostation cpe:/o:ubnt:airos:5.5.9 Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 - 3.13 (93%), Linux 2.6.32 - 3.1 (92%), Linux 2.6.32 - 2.6.39 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.2 (91%), HP P2000 G3 NAS device (90%), Linux 3.5 (90%), Linux 3.8 (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 3.148 days (since Fri Jun 21 13:41:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 0.00 ms onlinebees.ru (217.23.1.81)

Nmap scan report for onlinebees.ru (217.23.1.82) Host is up (0.049s latency). Not shown: 992 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 53/tcp open domain ISC BIND 9.8.4-rpz2+rl005.12-P1 | dns-nsid: |_ bind.version: 9.8.4-rpz2+rl005.12-P1 80/tcp open http Apache httpd 2.2.22 | http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.22 |_http-title: Did not follow redirect to https://onlinebees.ru/ 443/tcp open ssl/http Apache httpd 2.2.22 (PHP/5.6.40-1~dotdeb+7.1) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD OPTIONS |_http-server-header: Apache/2.2.22 |_http-title: \xD0\xA1\xD0\xBE\xD0\xB7\xD0\xB4\xD0\xB0\xD0\xBD\xD0\xB8\xD0\xB5 \xD0\xB8 \xD1\x80\xD0\xB0\xD0\xB7\xD1\x80\xD0\xB0\xD0\xB1\xD0\xBE\xD1\x82\xD0\xBA\xD0\xB0 \xD1\x81\xD0\xB0\xD0\xB9\xD1\x82\xD0\xBE\xD0\xB2 \xD0\xB2 \xD0\x9F\xD0\xB5\xD0... |_http-trane-info: Problem with XML parsing of /evox/about | ssl-cert: Subject: commonName=onlinebees.ru | Subject Alternative Name: DNS:onlinebees.ru, DNS:www.onlinebees.ru | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-04-10T10:11:20 | Not valid after: 2019-07-09T10:11:20 | MD5: 6706 4411 f04f f381 5551 7094 4316 0b40 |SHA-1: 7596 8ade 78f5 4dcc 6eed 81ae e097 0241 f6c6 aaa7 |ssl-date: TLS randomness does not represent time 8022/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u7 (protocol 2.0) | ssh-hostkey: | 1024 db:c2:72:39:fc:c8:41:b4:2f:bb:35:a3:5b:6c:07:94 (DSA) | 2048 57:d8:86:a7:d3:d6:ae:8a:64:e2:d7:34:3c:bd:98:6a (RSA) | 256 5c:80:d8:b0:80:72:73:6f:07:3a:16:1b:f9:e3:c9:11 (ECDSA) 8443/tcp open ssl/http MiniServ 1.900 (Webmin httpd) |http-favicon: Unknown favicon MD5: 9A2006C267DE04E262669D821B57EAD1 | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/ |_http-server-header: MiniServ/1.900 |_http-title: Login to Webmin | ssl-cert: Subject: commonName=onlinebees.ru | Subject Alternative Name: DNS:onlinebees.ru | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 4096 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2018-11-29T17:10:41 | Not valid after: 2019-02-27T17:10:41 | MD5: 9cbd 081c 4e07 ec5a 0843 c34d c84c d1b3 |_SHA-1: f74b 9a76 ec7b a46c c9c0 29a4 6b2b e1bd bf75 c25f |_ssl-date: TLS randomness does not represent time 10000/tcp open http MiniServ 1.900 (Webmin httpd) |http-favicon: Unknown favicon MD5: B57BE7FE104066AB45CBCA94115244CA | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: MiniServ/1.900 |_http-title: Site doesn't have a title (text/html; Charset=iso-8859-1). 20000/tcp open http MiniServ 1.751 (Webmin httpd) |http-favicon: Unknown favicon MD5: 97E2EAB30A575BF2EFD1BA401C292DC1 | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: MiniServ/1.751 |_http-title: Site doesn't have a title (text/html; Charset=iso-8859-1). Device type: general purpose|storage-misc|broadband router|router|media device|WAP Running (JUST GUESSING): Linux 2.6.X|3.X (93%), HP embedded (90%), MikroTik RouterOS 6.X (89%), Infomir embedded (89%), Ubiquiti embedded (89%), Ubiquiti AirOS 5.X (89%) OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3 cpe:/o:mikrotik:routeros:6.30 cpe:/o:linux:linux_kernel:2.6 cpe:/h:infomir:mag-250 cpe:/h:ubnt:airmax_nanostation cpe:/o:ubnt:airos:5.5.9 Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 - 3.1 (93%), Linux 2.6.32 - 3.13 (93%), Linux 2.6.32 - 2.6.39 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.2 (91%), HP P2000 G3 NAS device (90%), Linux 3.5 (90%), Linux 3.8 (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 3.148 days (since Fri Jun 21 13:41:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 299.00 ms onlinebees.ru (217.23.1.82)

Nmap scan report for ns1.sharing.lv (217.23.1.83) Host is up (0.098s latency). Not shown: 992 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0) | ssh-hostkey: | 1024 d5:cc:25:d6:87:87:58:a3:dc:a9:ee:00:38:00:08:cc (DSA) | 2048 5e:cb:49:e3:60:98:46:d8:d2:1d:cd:d2:22:ee:6f:e9 (RSA) |_ 256 c9:d5:82:98:ce:df:ca:9f:16:2d:d5:8a:0f:e9:55:3b (ECDSA) 53/tcp open domain ISC BIND 9.7.3 | dns-nsid: |_ bind.version: 9.7.3 80/tcp open http Apache httpd 2.2.16 ((Debian)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.16 (Debian) |http-title: Site doesn't have a title (text/html). 113/tcp closed ident 1000/tcp open ssl/cadlock? | fingerprint-strings: | GetRequest: | HTTP/1.0 200 OK | Cache-Control: max-age=0 | Connection: close | Date: Mon, 24 Jun 2019 14:56:49 GMT | Pragma: no-cache | Server: pve-api-daemon/3.0 | Content-Length: 1194 | Content-Type: text/html; charset=utf-8 | Expires: Mon, 24 Jun 2019 14:56:49 GMT | | | | | <title>Proxmox Virtual Environment</title> | | | <script type="text/javascript">function gettext(buf) { return buf; }</script> <script type="text/javascript" src="/pve2/ext4/ext-all-debug.js"></script> | <script type="text/javascript" src="/pve2/ext4/pvemanagerlib.js"></script> | <script type="text/javascript" src="/pve2/ext4/local | HTTPOptions: | HTTP/1.0 501 method 'OPTIONS' not available | Cache-Control: max-age=0 | Connection: close | Date: Mon, 24 Jun 2019 14:56:49 GMT | Pragma: no-cache | Server: pve-api-daemon/3.0 | Expires: Mon, 24 Jun 2019 14:56:49 GMT | Help: | HTTP/1.0 400 bad request | Cache-Control: max-age=0 | Connection: close | Date: Mon, 24 Jun 2019 14:57:05 GMT | Pragma: no-cache | Server: pve-api-daemon/3.0 | Expires: Mon, 24 Jun 2019 14:57:05 GMT | RTSPRequest: | HTTP/1.0 400 bad request | Cache-Control: max-age=0 | Connection: close | Date: Mon, 24 Jun 2019 14:56:50 GMT | Pragma: no-cache | Server: pve-api-daemon/3.0 | Expires: Mon, 24 Jun 2019 14:56:50 GMT | ssl-cert: Subject: commonName=xeon-32gb/organizationName=Proxmox Virtual Environment | Subject Alternative Name: IP Address:127.0.0.1, DNS:localhost, IP Address:217.23.7.8, DNS:xeon-32gb | Issuer: commonName=Proxmox Virtual Environment/organizationName=PVE Cluster Manager CA | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2013-09-27T15:07:19 | Not valid after: 2023-09-25T15:07:19 | MD5: 2709 7def f7d3 71f9 6235 774f 1cb4 c1dc |SHA-1: 2601 0f7a 2661 365a 5e7f 030a d8f2 16ec 3f39 9014 |ssl-date: 2019-06-24T15:10:03+00:00; +18s from scanner time. 8022/tcp open ssh OpenSSH 5.5p1 Debian 6+squeeze5 (protocol 2.0) | ssh-hostkey: | 1024 56:a5:f5:df:f8:02:f2:b7:d9:36:31:1c:cb:5a:49:50 (DSA) | 2048 25:13:1a:a1:85:ad:92:ba:7e:e6:aa:66:5b:59:b7:fc (RSA) 8443/tcp open ssl/http MiniServ 1.740 (Webmin httpd) |http-favicon: Unknown favicon MD5: 4227E5D927DA75B717DE6053C4100D2D | http-methods: | Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |/ |_http-server-header: MiniServ/1.740 |_http-title: Login to Webmin | ssl-cert: Subject: commonName=admin.sharing.lv/organizationName=Webmin Webserver on sharing.lv/countryName=LV | Issuer: commonName=admin.sharing.lv/organizationName=Webmin Webserver on sharing.lv/countryName=LV | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha1WithRSAEncryption | Not valid before: 2013-01-03T15:25:25 | Not valid after: 2018-01-02T15:25:25 | MD5: 3f2d 9814 3649 e645 8f41 3400 cd77 e61e |_SHA-1: d361 8063 0aad bf20 bd9a 1e48 e87d 1807 5723 a606 |ssl-date: 2019-06-24T15:04:01+00:00; +18s from scanner time. | sslv2: | SSLv2 supported | ciphers: | SSL2_DES_64_CBC_WITH_MD5 | SSL2_RC4_128_EXPORT40_WITH_MD5 | SSL2_RC4_128_WITH_MD5 | SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 | SSL2_DES_192_EDE3_CBC_WITH_MD5 | SSL2_RC2_128_CBC_WITH_MD5 20000/tcp open http MiniServ 1.650 (Webmin httpd) |http-favicon: Unknown favicon MD5: 879C1D11D5A53758907579C4E790800F | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: MiniServ/1.650 |_http-title: Site doesn't have a title (text/html; Charset=iso-8859-1). 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port1000-TCP:V=7.70%T=SSL%I=7%D=6/24%Time=5D10E49E%P=i686-pc-windows-wi SF:ndows%r(GetRequest,5A3,"HTTP/1.0\x20200\x20OK\r\nCache-Control:\x20max SF:-age=0\r\nConnection:\x20close\r\nDate:\x20Mon,\x2024\x20Jun\x202019\x2 SF:014:56:49\x20GMT\r\nPragma:\x20no-cache\r\nServer:\x20pve-api-daemon/3
SF:.0\r\nContent-Length:\x201194\r\nContent-Type:\x20text/html;\x20charset SF:=utf-8\r\nExpires:\x20Mon,\x2024\x20Jun\x202019\x2014:56:49\x20GMT\r\n
SF:r\n\n\x20\x20\n\x20\x20\x20\x20<meta\x20http-equiv="Conten SF:t-Type"\x20content="text/html;\x20charset=utf-8"\x20/>\n\x20\x20\x20 SF:\x20<meta\x20http-equiv="X-UA-Compatible"\x20content="IE=10">\n\x20 SF:\x20\x20\x20<title>Proxmox\x20Virtual\x20Environment</title>\n\x20\n\x2 SF:0\x20\x20\x20<link\x20rel="stylesheet"\x20type="text/css"\x20href=
SF:"/pve2/ext4/resources/css/ext-all.css"\x20/>\n\x20\x20\x20\x20<link\x SF:20rel="stylesheet"\x20type="text/css"\x20href="/pve2/css/ext-pve. SF:css"\x20/>\n<script\x20type="text/javascript">function\x20gettext(b SF:uf)\x20{\x20return\x20buf;\x20}</script>\x20\x20\x20\x20<script\x20typ SF:e="text/javascript"\x20src="/pve2/ext4/ext-all-debug.js"></script> SF:\n\x20\x20\x20\x20<script\x20type="text/javascript"\x20src="/pve2/ex SF:t4/pvemanagerlib.js"></script>\n\x20\x20\x20\x20<script\x20type="tex SF:t/javascript"\x20src="/pve2/ext4/local")%r(HTTPOptions,D7,"HTTP/1.0
SF:x20501\x20method\x20'OPTIONS'\x20not\x20available\r\nCache-Control:\x20 SF:max-age=0\r\nConnection:\x20close\r\nDate:\x20Mon,\x2024\x20Jun\x202019 SF:\x2014:56:49\x20GMT\r\nPragma:\x20no-cache\r\nServer:\x20pve-api-daemon SF:/3.0\r\nExpires:\x20Mon,\x2024\x20Jun\x202019\x2014:56:49\x20GMT\r\n\r SF:\n")%r(RTSPRequest,C4,"HTTP/1.0\x20400\x20bad\x20request\r\nCache-Cont SF:rol:\x20max-age=0\r\nConnection:\x20close\r\nDate:\x20Mon,\x2024\x20Jun SF:\x202019\x2014:56:50\x20GMT\r\nPragma:\x20no-cache\r\nServer:\x20pve-ap SF:i-daemon/3.0\r\nExpires:\x20Mon,\x2024\x20Jun\x202019\x2014:56:50\x20G SF:MT\r\n\r\n")%r(Help,C4,"HTTP/1.0\x20400\x20bad\x20request\r\nCache-Con SF:trol:\x20max-age=0\r\nConnection:\x20close\r\nDate:\x20Mon,\x2024\x20Ju SF:n\x202019\x2014:57:05\x20GMT\r\nPragma:\x20no-cache\r\nServer:\x20pve-a SF:pi-daemon/3.0\r\nExpires:\x20Mon,\x2024\x20Jun\x202019\x2014:57:05\x20 SF:GMT\r\n\r\n"); Aggressive OS guesses: Linux 3.11 (95%), Linux 3.5 (94%), Linux 2.6.32 - 3.10 (93%), Linux 2.6.32 - 3.9 (93%), Linux 3.8 (93%), Linux 3.2 (93%), Linux 2.6.32 (92%), Linux 3.1 (92%), Synology DiskStation Manager 5.2-5644 (92%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (91%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 3.148 days (since Fri Jun 21 13:41:27 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Host script results: |_clock-skew: mean: 17s, deviation: 0s, median: 17s

TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 297.00 ms ns1.sharing.lv (217.23.1.83)

Nmap scan report for google.com (217.23.1.85) Host is up (0.043s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: 404 Not Found 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8664 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: &2w"?Vui/KkZTbr9_T | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: 17s, deviation: 0s, median: 16s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:08:01 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 297.00 ms google.com (217.23.1.85)

Nmap scan report for google.com (217.23.1.86) Host is up (0.043s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: 404 Not Found 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8660 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: 'N3S)ov%O@2w%N<}&@N | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -37m43s, deviation: 1h05m50s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:10:10+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:08:03 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 296.00 ms google.com (217.23.1.86)

Nmap scan report for customer.worldstream.nl (217.23.1.87) Host is up (0.047s latency). Not shown: 999 filtered ports PORT STATE SERVICE VERSION 3389/tcp open ms-wbt-server Microsoft Terminal Service | ssl-cert: Subject: commonName=WORLDST-EMV31P1 | Issuer: commonName=WORLDST-EMV31P1 | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-02-05T13:37:10 | Not valid after: 2019-08-07T13:37:10 | MD5: 81ed e039 1dba 3a7b 57a4 adf2 5568 5d0d |_SHA-1: 75ea e2ed eacd fea0 ef48 09a7 2b62 7fca 5466 c6a5 Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING): Microsoft Windows Vista|2012 (85%) OS CPE: cpe:/o:microsoft:windows_vista::sp2 cpe:/o:microsoft:windows_server_2012:r2 Aggressive OS guesses: Microsoft Windows Vista SP2 (85%), Microsoft Windows Server 2012 or Windows Server 2012 R2 (85%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 14.894 days (since Sun Jun 09 19:47:31 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=252 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

TRACEROUTE (using port 3389/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 296.00 ms customer.worldstream.nl (217.23.1.87)

Nmap scan report for google.com (217.23.1.88) Host is up (0.048s latency). Not shown: 988 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.2 25/tcp open smtp Postfix smtpd |smtp-commands: wmail.click, PIPELINING, SIZE 10485760, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, 53/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7) | dns-nsid: | bind.version: 9.9.4-RedHat-9.9.4-51.el7 80/tcp open http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx |_http-title: Site doesn't have a title (text/html; charset=UTF-8). 110/tcp open pop3 Dovecot pop3d |pop3-capabilities: TOP PIPELINING UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE USER CAPA RESP-CODES 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: MYGROUP) 143/tcp open imap Dovecot imapd |_imap-capabilities: listed SASL-IR have ID more capabilities OK AUTH=PLAIN ENABLE LOGIN-REFERRALS AUTH=LOGINA0001 LITERAL+ post-login Pre-login IDLE IMAP4rev1 443/tcp open ssl/http Apache httpd (PHP 5.6.32) |http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache |_http-title: 404 Not Found | ssl-cert: Subject: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=DS4/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-09-22T14:34:56 | Not valid after: 2018-09-22T14:34:56 | MD5: 09e0 7208 d4f0 84a7 b57b adf5 0b22 ca15 |_SHA-1: c0c3 7e60 8da7 e7d5 c1dd c568 9a07 f569 fa83 a8a5 |_ssl-date: TLS randomness does not represent time 445/tcp open netbios-ssn Samba smbd 4.6.2 (workgroup: MYGROUP) 3000/tcp open http Mojolicious httpd |_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E |_http-server-header: Mojolicious (Perl) |http-title: Site doesn't have a title (text/html;charset=UTF-8). 3306/tcp open mysql MySQL 5.5.56-MariaDB | mysql-info: | Protocol: 10 | Version: 5.5.56-MariaDB | Thread ID: 8658 | Capabilities flags: 63487 | Some Capabilities: Support41Auth, InteractiveClient, SupportsTransactions, IgnoreSigpipes, Speaks41ProtocolOld, Speaks41ProtocolNew, IgnoreSpaceBeforeParenthesis, LongColumnFlag, DontAllowDatabaseTableColumn, FoundRows, LongPassword, SupportsLoadDataLocal, ODBCClient, ConnectWithDatabase, SupportsCompression, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments | Status: Autocommit | Salt: ~rD;<Y,l]m.<"3w%L.CG | Auth Plugin Name: 87 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 23.902 days (since Fri May 31 19:35:55 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Hosts: wmail.click, DS4; OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7

Host script results: |clock-skew: mean: -38m27s, deviation: 1h07m08s, median: 17s | nbstat: NetBIOS name: DS4, NetBIOS user: , NetBIOS MAC: (unknown) | Names: | DS4<00> Flags: | DS4<03> Flags: | DS4<20> Flags: | \x01\x02__MSBROWSE_\x02<01> Flags: | MYGROUP<00> Flags: | MYGROUP<1d> Flags: |_ MYGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.6.2) | Computer name: ds4 | NetBIOS computer name: DS4\x00 | Domain name: \x00 | FQDN: ds4 |_ System time: 2019-06-24T17:08:05+02:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) | smb2-security-mode: | 2.02: |_ Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:08:09 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 296.00 ms google.com (217.23.1.88)

Nmap scan report for api.ci (217.23.1.89) Host is up (0.011s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 50:69:ed:f4:1e:c2:52:89:29:48:db:59:ca:b5:17:20 (DSA) | 2048 a3:40:62:fd:a5:f3:f3:80:3f:43:93:25:90:ec:91:2e (RSA) | 256 66:6f:a7:0a:0c:ec:5a:ff:0d:a8:75:64:1d:72:ac:70 (ECDSA) |_ 256 6a:3a:b2:7f:81:4d:92:c4:e5:bd:8a:ff:9f:01:e5:f3 (ED25519) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 113.936 days (since Sat Mar 02 17:47:01 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=254 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 34.00 ms api.ci (217.23.1.89)

Nmap scan report for customer.worldstream.nl (217.23.1.90) Host is up (0.0094s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) | ssh-hostkey: | 1024 f7:90:34:50:81:67:9d:90:59:0c:e2:9c:c9:97:8e:9d (DSA) |_ 2048 83:c1:39:bc:8f:ae:b2:42:3c:6d:12:b3:bb:f5:20:68 (RSA) 1723/tcp open pptp linux (Firmware: 1) Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 OS details: Linux 2.6.32 - 3.10 Uptime guess: 20.496 days (since Tue Jun 04 05:21:11 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=260 (Good luck!) IP ID Sequence Generation: All zeros Service Info: Host: local

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 12.00 ms customer.worldstream.nl (217.23.1.90)

Nmap scan report for gpy1-001091.goploy1.com (217.23.1.91) Host is up (0.010s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp closed smtp 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE |_ Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Apache HTTP Server Test Page powered by CentOS 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:24:49+00:00; -39m24s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 OS details: Linux 2.6.32 Uptime guess: 34.646 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=264 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -39m24s, deviation: 0s, median: -39m24s

TRACEROUTE (using port 25/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 18.00 ms gpy1-001091.goploy1.com (217.23.1.91)

Nmap scan report for 0wn.cc (217.23.1.92) Host is up (0.16s latency). Not shown: 996 filtered ports PORT STATE SERVICE VERSION 21/tcp closed ftp 22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u6 (protocol 2.0) | ssh-hostkey: | 2048 1a:28:42:68:fe:e8:54:b1:55:79:7b:5d:1c:92:d7:d8 (RSA) | 256 44:4a:30:58:29:6b:c8:4f:8b:ac:07:8a:5a:00:8c:38 (ECDSA) |_ 256 98:7d:af:3f:dd:fb:41:fc:7c:44:d2:f0:fc:8b:0d:5f (ED25519) 80/tcp open http nginx 1.10.3 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.10.3 |_http-title: Did not follow redirect to https://0wn.cc/ 443/tcp open ssl/http nginx 1.10.3 |http-favicon: Unknown favicon MD5: 6570812243C99CAB25E8499DD3F80DCD | http-methods: | Supported Methods: GET HEAD POST |_http-server-header: nginx/1.10.3 |_http-title: Site doesn't have a title (text/html; charset=UTF-8). | ssl-cert: Subject: commonName=0wn.cc | Subject Alternative Name: DNS:0wn.cc, DNS:devapi.0wn.cc, DNS:elastic.0wn.cc, DNS:grafana.0wn.cc, DNS:kibana.0wn.cc, DNS:nessus.0wn.cc, DNS:www.0wn.cc | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2019-05-30T16:07:18 | Not valid after: 2019-08-28T16:07:18 | MD5: 323f 0620 545c 25aa f7e9 2a2a 14d0 4fc8 |SHA-1: e604 e477 bd67 d4e1 253e 06a1 c103 51cf 6725 7e61 |ssl-date: TLS randomness does not represent time | tls-alpn: | http/1.1 | tls-nextprotoneg: | http/1.1 Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.16 - 4.6 Uptime guess: 17.129 days (since Fri Jun 07 14:09:45 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 21/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 1207.00 ms 0wn.cc (217.23.1.92)

Nmap scan report for gpy1-00194.goploy1.com (217.23.1.94) Host is up (0.16s latency). Not shown: 987 filtered ports PORT STATE SERVICE VERSION 20/tcp closed ftp-data 21/tcp closed ftp 22/tcp closed ssh 25/tcp closed smtp 53/tcp closed domain 80/tcp open http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE |_ Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |http-title: Apache HTTP Server Test Page powered by CentOS 110/tcp closed pop3 143/tcp closed imap 443/tcp open ssl/http Apache httpd 2.2.15 ((CentOS)) | http-methods: | Supported Methods: GET HEAD POST OPTIONS TRACE | Potentially risky methods: TRACE |_http-server-header: Apache/2.2.15 (CentOS) |_http-title: Apache HTTP Server Test Page powered by CentOS | ssl-cert: Subject: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Issuer: commonName=217-23-1-34.sunflowerrapp.com/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=-- | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2015-04-11T01:42:23 | Not valid after: 2016-04-10T01:42:23 | MD5: ee7b 61aa 310c 952e 8303 bb31 205a 8855 |_SHA-1: 23f7 8866 b932 4a7c 0e73 a2f8 0399 f1c6 9f30 bc20 |_ssl-date: 2019-06-24T14:29:39+00:00; -39m24s from scanner time. 465/tcp closed smtps 587/tcp closed submission 993/tcp closed imaps 995/tcp closed pop3s Device type: general purpose Running: Linux 2.6.X|3.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 OS details: Linux 2.6.32, Linux 2.6.32 or 3.10 Uptime guess: 34.646 days (since Tue May 21 01:44:41 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: All zeros

Host script results: |_clock-skew: mean: -39m24s, deviation: 0s, median: -39m24s

TRACEROUTE (using port 25/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 1207.00 ms gpy1-00194.goploy1.com (217.23.1.94)

Nmap scan report for nat.adviserclassroom.com (217.23.1.95) Host is up (0.088s latency). Not shown: 990 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 71:fc:d7:06:96:20:6c:be:96:db:20:f3:1d:4f:f2:7f (RSA) | 256 c2:13:59:74:71:64:cc:24:70:8d:e1:2c:15:4f:0b:34 (ECDSA) |_ 256 ec:b6:1b:b0:1e:62:d2:04:ef:50:55:b8:72:62:2b:5e (ED25519) 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind |_ 100000 2,3,4 111/udp rpcbind 1074/tcp open warmspotMgmt? 5001/tcp open commplex-link? 6101/tcp open backupexec? 6669/tcp open irc? |_irc-info: Unable to open connection 8081/tcp open blackice-icecap? 8090/tcp open opsmessaging? 9575/tcp open unknown 27000/tcp open flexlm0? Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Uptime guess: 46.450 days (since Thu May 09 06:26:31 2019) Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: All zeros

TRACEROUTE (using port 139/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.3 2 7.00 ms nat.adviserclassroom.com (217.23.1.95)

Nmap scan report for manage.adviserclassroom.com (217.23.1.96) Host is up (0.11s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds? Aggressive OS guesses: Microsoft Windows 10 1703 (93%), Microsoft Windows Server 2008 R2 (93%), Microsoft Windows Longhorn (93%), Microsoft Windows 10 (91%), Microsoft Windows 7 SP1 or Windows Server 2008 R2 SP1 or Windows 8.1 Update 1 (91%), Microsoft Windows 10 1511 (90%), Microsoft Windows Server 2008 SP2 (90%), Microsoft Windows 7 SP1 (90%), Microsoft Windows 8.1 Update 1 (90%), Microsoft Windows 8 (90%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops TCP Sequence Prediction: Difficulty=261 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results: |clock-skew: mean: 15s, deviation: 0s, median: 15s | smb2-security-mode: | 2.02: | Message signing enabled but not required | smb2-time: | date: 2019-06-24 17:08:10 |_ start_date: N/A

TRACEROUTE (using port 1720/tcp) HOP RTT ADDRESS

Hop 1 is the same as for 217.23.0.20 2 5.00 ms manage.adviserclassroom.com (217.23.1.96)

Nmap scan report for customer.worldstream.nl (217.23.1.97) Host is up (0.0073s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4p1 (protocol 2.0) | ssh-hostkey: |_ 2048 41:af:02:ca:0e:58:06:f2:b6:fe:b8:74:c6:6

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Repository files navigation

Lulz4Life

Full Zenmap Scan Data Lookup

OoklaServer

OoklaServer

OoklaServer

OoklaServer

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved\x20Permanently

Moved\x20Permane SF:ntly

Moved\x20Permanently

Moved\x20Permanently

Moved\x20Permanently

Moved\x20 SF:Permanently

Moved\x20 SF:Permanently

Moved SF:\x20Permanently

About

Releases

Packages

LulzSecToolkit/Lulz4Life

Folders and files

Latest commit

History

README.md

README.md

Repository files navigation

Lulz4Life

Full Zenmap Scan Data Lookup

OoklaServer

OoklaServer

OoklaServer

OoklaServer

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved Permanently

Moved\x20Permanently

Moved\x20Permane SF:ntly

Moved\x20Permanently

Moved\x20Permanently

Moved\x20Permanently

Moved\x20 SF:Permanently

Moved\x20 SF:Permanently

Moved SF:\x20Permanently

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages