Documente Academic
Documente Profesional
Documente Cultură
analizar lo siguientes:
1. Puertos abiertos
2. Vulnerabilidades de los puertos abiertos
3. ¿Qué recomendaciones pode dar para proteger a estas instituciones
Recomendaciones: Al parecer poseen varios sitios http alojados en este servidor (Lo
podemos notar ya que hay varios puertos aparte del 80 y el 443 con servicio nginx que es
un servidor web) y por esto varios puertos asignados a los mismos. El site con http aun
es existente lo que está mal, al acceder este sitio en el puerto 80 debería redirigir al
puerto 443. Aparte de esto dicho site está bien asegurado ya que no posee muchos puertos
vulnerables abiertos.
Los puertos 2082, 2095 y 2052 corresponden a servicios de cpanel, mi recomendación seria
bloquearlos mediante algún firewall que no permita acceso libre a los mismos.
El puerto 8880 puede ser utilizado para streaming de audio o como un punto de acceso
SOAP para el servidor de aplicaciones IBM WebSphere. Se debe evaluar si es necesario
mantenerlo abierto, de lo contrario cerrarlo.
Recomendaciones: Aquí vemos un sitio web bastante vulnerable, llego a esta conclusión ya que no solo
tienen muchos puertos abiertos, sino que a través de NMAP podemos identificar que aplicaciones funcionan
en esos puertos y hasta las versiones de algunas, lo que pudiera ser información valiosa para
facilitarles el trabajo a los atacantes.
El puerto FTP #21 y el ssh #22 son puertos muy vulnerables y exploiteables, ejemplo por el 21 pueden
obtener archivos confidenciales de la institución y a través del 22 también que es usado para conectarse
remotamente al servidor, Open SSH 5.3 ya está desactualizado (la versión actual es la 8.2) por lo que es
mucho más peligroso aun, ya que existen muchas vulnerabilidades conocidas
Existen muchos puertos relacionados al correo electrónico, entre ellos el 143 y el 110, estos puertos
permiten conexiones no encriptadas es decir en texto plano, por lo que no sería recomendable tener
habilitados estos puertos y mucho menos utilizarlos.
Los puertos 465 y 587 utilizan un servidor de correos llamado Exim, la versión 4.92 pude encontrar que
tiene una vulnerabilidad fuerte donde un atacante puede escalar privilegios y ganar acceso dentro del
sistema.
Los puertos 993 y 995 también son utilizados para correos, pero ya mediante conexiones SSL/TLS es decir,
ya encriptadas y no en texto plano.
El puerto 3306 dice que corresponde a MySQL, este puerto abierto es muy vulnerable ya que es usado para
acceso remoto a la base de datos del servidor y también porque no está actualizado a la versión 5.7 que
es la última, en internet pude encontrar varias vulnerabilidades para dicha versión.
Están utilizando un solo servidor para correos, base de datos, web, y todo lo demás, lo que expone este
servidor demasiado por la cantidad de puertos abiertos que posee.
El puerto 2077 es utilizado para una aplicación llamada Tivoli Storage Manager de IBM, que es
un software centralizado para la administración de almacenamiento, copias de seguridad, etc.
Según mi búsqueda es una aplicación vulnerable y que maneja data muy sensible de la empresa y
que no puede perderse, por lo que recomiendo cerrarlo.
www.alpadia.com – Alpadia Language Schools
Recomendaciones: Aquí vemos un ejemplo de una página muy segura, ya que a pesar de
tener muchos puertos abiertos, solamente son identificables los servicios http y el
https, luego vemos TCPWRAPPED lo que significa que estos servicios están usando
aplicaciones con puertos exclusivos y están protegidos por un firewall desarrollado
para servidores UNIX.
ADJUNTOS XMLS completos de los escaneos
www.euruni.edu – EU Business School
SYN Stealth Scan Timing: About 17.24% done; ETC: 15:39 (0:02:29 remaining)
SYN Stealth Scan Timing: About 36.46% done; ETC: 15:38 (0:01:46 remaining)
SYN Stealth Scan Timing: About 60.77% done; ETC: 15:38 (0:00:59 remaining)
SYN Stealth Scan Timing: About 75.60% done; ETC: 15:38 (0:00:42 remaining)
Completed SYN Stealth Scan at 15:39, 177.09s elapsed (65535 total ports)
| fingerprint-strings:
| FourOhFourRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 5759261a9feb2ec7-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926178f48ef0a-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| HTTP/1.1 400 Bad Request
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926185b3d52a0-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RPCCheck:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <head><title>400 Bad Request</title></head>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| X11Probe:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <head><title>400 Bad Request</title></head>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
| http-methods:
|_http-server-header: cloudflare
| fingerprint-strings:
| FourOhFourRequest:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 151
| Connection: close
| CF-RAY: 575926409e9d5342-MIA
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 151
| Connection: close
| CF-RAY: 5759263ddbc4f351-ATL
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Server: cloudflare
| Content-Length: 151
| Connection: close
| CF-RAY: 5759263efa7fba28-ATL
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RPCCheck:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| tor-versions:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
|_ </html>
| http-methods:
|_http-server-header: cloudflare
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
| fingerprint-strings:
| Server: cloudflare
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 5759263728e6b971-MIA
| <html>
| <body>
| <center><h1>400 Bad Request</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592637cebd8289-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <center><h1>400 Bad Request</h1></center>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
|_http-title: 400 The plain HTTP request was sent to HTTPS port
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
| fingerprint-strings:
| DNSStatusRequestTCP, DNSVersionBindReqTCP:
| Server: cloudflare
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592636ea05ef26-MIA
| <html>
| <body>
| <center><h1>400 Bad Request</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926376d0e8325-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RPCCheck:
| Server: cloudflare
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
|_http-title: 400 The plain HTTP request was sent to HTTPS port
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
| fingerprint-strings:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926372dbdc883-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592637ed842e85-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
|_http-title: 400 The plain HTTP request was sent to HTTPS port
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
| fingerprint-strings:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592636fa8df309-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592637cce9ef26-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
|_http-title: 400 The plain HTTP request was sent to HTTPS port
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
| fingerprint-strings:
| FourOhFourRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 57592619aa50f1ca-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926178c48d4e0-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926185a3ae960-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| Socks4, Socks5:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
| fingerprint-strings:
| DNSVersionBindReqTCP, RPCCheck:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <center><h1>400 Bad Request</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| FourOhFourRequest:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 151
| Connection: close
| CF-RAY: 57592640cc592ec1-MIA
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Server: cloudflare
| Content-Length: 151
| Connection: close
| CF-RAY: 5759263ddfdaf1b2-ATL
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 151
| Connection: close
| CF-RAY: 5759263efb52b9b6-ATL
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
|_http-server-header: cloudflare
|_http-title: 400 The plain HTTP request was sent to HTTPS port
| fingerprint-strings:
| DNSVersionBindReqTCP, RPCCheck:
| Server: cloudflare
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| CF-RAY: -
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| FourOhFourRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 5759261838aaf1aa-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926178e8ab983-MIA
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| HTTPOptions:
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 575926389874e3be-ATL
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| <hr><center>cloudflare</center>
| </body>
|_ </html>
9 services unrecognized despite returning data. If you know the service/version, please submit the following
fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port80-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%r(
SF:GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x20
SF:17\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x20text/html\r\nC
SF:ontent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflare\
SF:r\nCF-RAY:\x20575926178f48ef0a-MIA\r\n\r\n<html>\r\n<head><title>400\x2
SF:0Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20R
SF:equest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n<
SF:/html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x
SF:20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServer
SF::\x20cloudflare\r\nCF-RAY:\x20575926185b3d52a0-MIA\r\n\r\n<html>\r\n<he
SF:ad><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1
SF:>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>
SF:\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>4
SF:00\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad
SF:\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>
SF:\r\n</html>\r\n")%r(X11Probe,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:5
SF:9\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nCon
SF:nection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20
SF:Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Re
SF:quest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</
SF:html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request
SF:\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:00\x20GMT\r\nContent-Ty
SF:pe:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nS
SF:erver:\x20cloudflare\r\nCF-RAY:\x205759261a9feb2ec7-MIA\r\n\r\n<html>\r
SF:\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cente
SF:r><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</ce
SF:nter>\r\n</body>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20B
SF:ad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2
SF:02020\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Lengt
SF:h:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<hea
SF:d><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>
SF:400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\
SF:r\n</body>\r\n</html>\r\n");
SF-Port443-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E712761%P=i686-pc-windows-win
SF:dows%r(GetRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clou
SF:dflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCont
SF:ent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20clos
SF:e\r\nCF-RAY:\x205759263ddbc4f351-ATL\r\n\r\n<html>\r\n<head><title>403\
SF:x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden</
SF:h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r
SF:\n")%r(HTTPOptions,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clo
SF:udflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCon
SF:tent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20clo
SF:se\r\nCF-RAY:\x205759263efa7fba28-ATL\r\n\r\n<html>\r\n<head><title>403
SF:\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden<
SF:/h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\
SF:r\n")%r(FourOhFourRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:
SF:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06\x20GMT
SF:\r\nContent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:
SF:\x20close\r\nCF-RAY:\x20575926409e9d5342-MIA\r\n\r\n<html>\r\n<head><ti
SF:tle>403\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20For
SF:bidden</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n<
SF:/html>\r\n")%r(tor-versions,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\n
SF:Server:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06
SF:\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConn
SF:ection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20B
SF:ad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Req
SF:uest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</h
SF:tml>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>400\x20Bad\x20Reque
SF:st</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></
SF:center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n")%
SF:r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20cloudf
SF:lare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:11\x20GMT\r\nConten
SF:t-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\
SF:r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</ti
SF:tle></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center
SF:>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n");
SF-Port2052-TCP:V=7.80%I=7%D=3/17%Time=5E712760%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x205759263728e6b971-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637cebd8289-ATL\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34
SF::05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nC
SF:onnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x
SF:20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20
SF:Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2
SF:019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2015
SF:5\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(DNSStatusRequestTCP,13C,"HTTP/1\.1\x20400\x20Bad\
SF:x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2020
SF:20\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\
SF:x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><
SF:title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400
SF:\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n
SF:</body>\r\n</html>\r\n");
SF-Port2082-TCP:V=7.80%I=7%D=3/17%Time=5E712760%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x2057592636ea05ef26-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x20575926376d0e8325-ATL\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34
SF::04\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nC
SF:onnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x
SF:20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20
SF:Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2
SF:019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2015
SF:5\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(DNSStatusRequestTCP,13C,"HTTP/1\.1\x20400\x20Bad\
SF:x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2020
SF:20\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\
SF:x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><
SF:title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400
SF:\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n
SF:</body>\r\n</html>\r\n");
SF-Port2086-TCP:V=7.80%I=7%D=3/17%Time=5E712760%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x20575926372dbdc883-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637ed842e85-MIA\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34
SF::05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nC
SF:onnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x
SF:20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20
SF:Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2
SF:019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2015
SF:5\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(DNSStatusRequestTCP,13C,"HTTP/1\.1\x20400\x20Bad\
SF:x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2020
SF:20\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\
SF:x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><
SF:title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400
SF:\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n
SF:</body>\r\n</html>\r\n");
SF-Port2095-TCP:V=7.80%I=7%D=3/17%Time=5E712760%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x2057592636fa8df309-ATL\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637cce9ef26-MIA\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34
SF::05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nC
SF:onnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x
SF:20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20
SF:Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2
SF:019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2015
SF:5\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(DNSStatusRequestTCP,13C,"HTTP/1\.1\x20400\x20Bad\
SF:x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2020
SF:20\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\
SF:x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><
SF:title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400
SF:\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n
SF:</body>\r\n</html>\r\n");
SF-Port8080-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x20575926178c48d4e0-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x20575926185a3ae960-MIA\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x2
SF:0Request\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nCo
SF:ntent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20cl
SF:ose\r\nServer:\x20cloudflare\r\nCF-RAY:\x2057592619aa50f1ca-ATL\r\n\r\n
SF:<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r
SF:\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudf
SF:lare</center>\r\n</body>\r\n</html>\r\n")%r(Socks5,13C,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20
SF:Mar\x202020\x2019:34:00\x20GMT\r\nContent-Type:\x20text/html\r\nContent
SF:-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r
SF:\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cente
SF:r><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</ce
SF:nter>\r\n</body>\r\n</html>\r\n")%r(Socks4,13C,"HTTP/1\.1\x20400\x20Bad
SF:\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202
SF:020\x2019:34:00\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:
SF:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head>
SF:<title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>40
SF:0\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\
SF:n</body>\r\n</html>\r\n");
SF-Port8443-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E712761%P=i686-pc-windows-wi
SF:ndows%r(GetRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clo
SF:udflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCon
SF:tent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20clo
SF:se\r\nCF-RAY:\x205759263ddfdaf1b2-ATL\r\n\r\n<html>\r\n<head><title>403
SF:\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden<
SF:/h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\
SF:r\n")%r(HTTPOptions,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20cl
SF:oudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCo
SF:ntent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20cl
SF:ose\r\nCF-RAY:\x205759263efb52b9b6-ATL\r\n\r\n<html>\r\n<head><title>40
SF:3\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden
SF:</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>
SF:\r\n")%r(FourOhFourRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer
SF::\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06\x20GM
SF:T\r\nContent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection
SF::\x20close\r\nCF-RAY:\x2057592640cc592ec1-MIA\r\n\r\n<html>\r\n<head><t
SF:itle>403\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Fo
SF:rbidden</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1
SF:></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n
SF:")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20clo
SF:udflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:11\x20GMT\r\nCon
SF:tent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20clo
SF:se\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request<
SF:/title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></cen
SF:ter>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n")%r(D
SF:NSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\
SF:x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:11\x20GMT\
SF:r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\
SF:x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1
SF:></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n
SF:");
SF-Port8880-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x20575926178e8ab983-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Requ
SF:est\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent
SF:-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r
SF:\nServer:\x20cloudflare\r\nCF-RAY:\x205759261838aaf1aa-ATL\r\n\r\n<html
SF:>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<ce
SF:nter><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare<
SF:/center>\r\n</body>\r\n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x
SF:20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnec
SF:tion:\x20close\r\nServer:\x20cloudflare\r\nCF-RAY:\x20575926389874e3be-
SF:ATL\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\
SF:r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><ce
SF:nter>cloudflare</center>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"
SF:<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r
SF:\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudf
SF:lare</center>\r\n</body>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20
SF:400\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x
SF:20Mar\x202020\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nConte
SF:nt-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>
SF:\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cen
SF:ter><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</
SF:center>\r\n</body>\r\n</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\
SF:.1\x20400\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n
SF:<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r
SF:\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudf
SF:lare</center>\r\n</body>\r\n</html>\r\n");
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Running (JUST GUESSING): Google Android 6.X|7.X (85%), Linux 3.X|4.X|2.6.X (85%), Hikvision embedded (85%)
Aggressive OS guesses: Android 6.0 - 7.1.2 (Linux 3.18 - 4.4.1) (85%), Android 7.0 (Linux 3.18) (85%), Android 7.1.2
(Linux 3.4) (85%), HIKVISION DS-7600 Linux Embedded NVR (Linux 2.6.10) (85%), Linux 3.0 (85%)
1 2.00 ms 10.0.0.1
6 51.00 ms 104.26.5.183
NSE: Script Post-scanning.
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
SYN Stealth Scan Timing: About 10.73% done; ETC: 15:19 (0:04:18 remaining)
SYN Stealth Scan Timing: About 26.36% done; ETC: 15:18 (0:02:50 remaining)
SYN Stealth Scan Timing: About 38.80% done; ETC: 15:18 (0:02:24 remaining)
SYN Stealth Scan Timing: About 50.67% done; ETC: 15:18 (0:01:58 remaining)
SYN Stealth Scan Timing: About 43.90% done; ETC: 15:20 (0:03:13 remaining)
SYN Stealth Scan Timing: About 51.97% done; ETC: 15:20 (0:02:47 remaining)
SYN Stealth Scan Timing: About 62.63% done; ETC: 15:20 (0:02:06 remaining)
SYN Stealth Scan Timing: About 76.05% done; ETC: 15:19 (0:01:16 remaining)
Discovered open port 2077/tcp on 107.180.51.242
SYN Stealth Scan Timing: About 86.29% done; ETC: 15:19 (0:00:43 remaining)
Completed SYN Stealth Scan at 15:19, 302.52s elapsed (65535 total ports)
Service scan Timing: About 72.73% done; ETC: 15:23 (0:00:56 remaining)
|_SHA-1: b028 a254 f0ce feaf 1d20 007e 67d5 ccbc b58c 84c6
| ssh-hostkey:
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_/wp-admin/
|_http-server-header: Apache
|_pop3-capabilities: SASL(PLAIN LOGIN) PIPELINING AUTH-RESP-CODE STLS RESP-CODES TOP CAPA USER
UIDL
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| http-methods:
|_/wp-admin/
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| tls-alpn:
|_ h2
|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
|_SHA-1: b028 a254 f0ce feaf 1d20 007e 67d5 ccbc b58c 84c6
|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
| ssl-cert: Subject: commonName=*.prod.iad2.secureserver.net
|_SHA-1: b028 a254 f0ce feaf 1d20 007e 67d5 ccbc b58c 84c6
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
|_ssl-date: 2020-03-17T19:18:17+00:00; -5m08s from scanner time.
|_pop3-capabilities: SASL(PLAIN LOGIN) TOP RESP-CODES AUTH-RESP-CODE CAPA PIPELINING USER UIDL
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| fingerprint-strings:
| SIPOptions:
| Server: cPanel
| Persistent-Auth: false
| Host: a2plcpnl0506.prod.iad2.secureserver.net:2077
| Connection: close
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2078sip:nm
| Vary: Accept-Encoding
|_ X-Redirect-Reason: requiressl
| http-auth:
| http-methods:
| Supported Methods: PUT UNLOCK HEAD POST PROPPATCH DELETE MOVE GET COPY MKCOL LOCK
OPTIONS PROPFIND
|_ Potentially risky methods: PUT UNLOCK PROPPATCH DELETE MOVE COPY MKCOL LOCK PROPFIND
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
|_ssl-date: 2020-03-17T19:18:18+00:00; -5m08s from scanner time.
| http-auth:
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| fingerprint-strings:
| SIPOptions:
| Content-length: 145
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2083/sip%3anm
| Content-type: text/html; charset="utf-8"
|_ <html><head><META HTTP-EQUIV="refresh"
CONTENT="2;URL=https://a2plcpnl0506.prod.iad2.secureserver.net:2083/sip%3anm"></head><body><
;/body></html>
| fingerprint-strings:
| GetRequest:
| Connection: close
| Pragma: no-cache
| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
| Set-Cook
| HTTPOptions:
| Pragma: no-cache
| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
|_ Set-Cook
| fingerprint-strings:
| SIPOptions:
| Content-length: 145
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2087/sip%3anm
|_ <html><head><META HTTP-EQUIV="refresh"
CONTENT="2;URL=https://a2plcpnl0506.prod.iad2.secureserver.net:2087/sip%3anm"></head><body><
;/body></html>
| fingerprint-strings:
| GetRequest:
| Connection: close
| Pragma: no-cache
| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
| Set-Cookie: whostmgrsession=%3akmJ7Pz0rdrDzTfaZ%2c4800378b9eb12a2eba107decd59ae478; HttpOnly;
path=/; port=2087; secure
| HTTPOptions:
| Connection: close
| Pragma: no-cache
| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| fingerprint-strings:
| SIPOptions:
| Content-length: 145
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2096/sip%3anm
|_ <html><head><META HTTP-EQUIV="refresh"
CONTENT="2;URL=https://a2plcpnl0506.prod.iad2.secureserver.net:2096/sip%3anm"></head><body><
;/body></html>
| fingerprint-strings:
| GetRequest:
| Connection: close
| Content-Type: text/html; charset="utf-8"
| Pragma: no-cache
| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
| HTTPOptions:
| Connection: close
| Pragma: no-cache
| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
| mysql-info:
| Protocol: 10
| Version: 5.6.46-cll-lve
| Status: Autocommit
| Salt: 2Ld4re$~rA/d-P,)*6pR
7 services unrecognized despite returning data. If you know the service/version, please submit the following
fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port2077-TCP:V=7.80%I=7%D=3/17%Time=5E712332%P=i686-pc-windows-windows%
SF:r(SIPOptions,18B,"HTTP/1\.1\x20302\x20Moved\r\nDate:\x20Tue,\x2017\x20M
SF:ar\x202020\x2019:16:14\x20GMT\r\nServer:\x20cPanel\r\nPersistent-Auth:\
SF:x20false\r\nHost:\x20a2plcpnl0506\.prod\.iad2\.secureserver\.net:2077\r
SF:\nCache-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20priva
SF:te\r\nConnection:\x20close\r\nLocation:\x20https://a2plcpnl0506\.prod\.
SF:iad2\.secureserver\.net:2078sip:nm\r\nVary:\x20Accept-Encoding\r\nExpir
SF:es:\x20Fri,\x2001\x20Jan\x201990\x2000:00:00\x20GMT\r\nX-Redirect-Reaso
SF:n:\x20requiressl\r\n\r\n");
SF-Port2082-TCP:V=7.80%I=7%D=3/17%Time=5E712332%P=i686-pc-windows-windows%
SF:r(SIPOptions,16C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20145\r
SF:\nLocation:\x20https://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2083
SF:/sip%3anm\r\nContent-type:\x20text/html;\x20charset=\"utf-8\"\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n\r
SF:\n<html><head><META\x20HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https:
SF://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2083/sip%3anm\"></head><b
SF:ody></body></html>\n");
SF-Port2083-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E7122E8%P=i686-pc-windows-wi
SF:ndows%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnec
SF:tion:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:00\x20GMT\r\nCache-Control:\
SF:x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20
SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r\nSet-Cooki
SF:e:\x20cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:0
SF:0:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20cpses
SF:sion=%3aQqrH8V8do1QLnPso%2cc757443159f3776b4e98552537c87293;\x20HttpOnl
SF:y;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sessi
SF:d=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20G
SF:MT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sess
SF:auth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad2\.securese
SF:rver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/
SF:;\x20port=2083;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;
SF:\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x20expires=Th
SF:u,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secur
SF:e\r\nSet-Cook")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Denie
SF:d\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"u
SF:tf-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCach
SF:e-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n
SF:Pragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r
SF:\nSet-Cookie:\x20cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1
SF:970\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cooki
SF:e:\x20cpsession=%3aBym9ItnZZDvroTis%2c0d26ee005fb1cf3c1336fc6699c34663;
SF:\x20HttpOnly;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roun
SF:dcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000
SF::00:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20rou
SF:ndcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad
SF:2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT
SF:;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x
SF:20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x2
SF:0expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=208
SF:3;\x20secure\r\nSet-Cook");
SF-Port2086-TCP:V=7.80%I=7%D=3/17%Time=5E712332%P=i686-pc-windows-windows%
SF:r(SIPOptions,16C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20145\r
SF:\nLocation:\x20https://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2087
SF:/sip%3anm\r\nContent-type:\x20text/html;\x20charset=\"utf-8\"\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n\r
SF:\n<html><head><META\x20HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https:
SF://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2087/sip%3anm\"></head><b
SF:ody></body></html>\n");
SF:ndows%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnec
SF:tion:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:00\x20GMT\r\nCache-Control:\
SF:x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20
SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Host\x20Manage
SF:r\"\r\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20expires=Thu,\
SF:x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r
SF:\nSet-Cookie:\x20whostmgrsession=%3akmJ7Pz0rdrDzTfaZ%2c4800378b9eb12a2e
SF:ba107decd59ae478;\x20HttpOnly;\x20path=/;\x20port=2087;\x20secure\r\nSe
SF:t-Cookie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x20
SF:01-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nS
SF:et-Cookie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcp
SF:nl0506\.prod\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x
SF:2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x2
SF:0Horde=expired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secu
SF:reserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20pa
SF:th=/;\x20port=")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Deni
SF:ed\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"
SF:utf-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCac
SF:he-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\
SF:nPragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Ho
SF:st\x20Manager\"\r\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20e
SF:xpires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;
SF:\x20secure\r\nSet-Cookie:\x20whostmgrsession=%3aRfsEPN136r8E12k7%2c6d3a
SF:9b5c1c72419445434683fc2822ca;\x20HttpOnly;\x20path=/;\x20port=2087;\x20
SF:secure\r\nSet-Cookie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expi
SF:res=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x2
SF:0secure\r\nSet-Cookie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20d
SF:omain=a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x20expires=Thu,\x200
SF:1-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSe
SF:t-Cookie:\x20Horde=expired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod
SF:\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x
SF:20GMT;\x20path=/;\x20port=");
SF-Port2095-TCP:V=7.80%I=7%D=3/17%Time=5E712332%P=i686-pc-windows-windows%
SF:r(SIPOptions,16C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20145\r
SF:\nLocation:\x20https://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2096
SF:/sip%3anm\r\nContent-type:\x20text/html;\x20charset=\"utf-8\"\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n\r
SF:\n<html><head><META\x20HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https:
SF://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2096/sip%3anm\"></head><b
SF:ody></body></html>\n");
SF-Port2096-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E7122E8%P=i686-pc-windows-wi
SF:ndows%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnec
SF:tion:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:00\x20GMT\r\nCache-Control:\
SF:x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20
SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\nSet-Cook
SF:ie:\x20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x
SF:2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x2
SF:0webmailsession=%3aQjITMN4uCAeLGyF6%2c01c587ffb83503346efcc1c16590b9be;
SF:\x20HttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20roun
SF:dcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000
SF::00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20rou
SF:ndcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad
SF:2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT
SF:;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x
SF:20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x2
SF:0expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=209
SF:6;\x20secur")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\
SF:r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf
SF:-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPr
SF:agma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\
SF:nSet-Cookie:\x20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-J
SF:an-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-C
SF:ookie:\x20webmailsession=%3axsPkIEzxC3cPe7zw%2c0641c2fa796c828c6b38332b
SF:7338f003;\x20HttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie
SF::\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1
SF:970\x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cooki
SF:e:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.
SF:prod\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:
SF:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20Horde=e
SF:xpired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver
SF:\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x2
SF:0port=2096;\x20secur");
Running (JUST GUESSING): Linux 2.6.X|3.X (94%), HP embedded (91%), MikroTik RouterOS 6.X (90%), Infomir
embedded (90%), Ubiquiti embedded (90%), Ubiquiti AirOS 5.X (90%)
Aggressive OS guesses: Linux 2.6.32 (94%), Linux 2.6.32 - 3.1 (94%), Linux 2.6.32 - 3.13 (94%), Linux 2.6.32 - 2.6.39
(92%), Linux 2.6.39 (92%), Linux 3.10 (92%), Linux 3.2 (92%), HP P2000 G3 NAS device (91%), Linux 3.8 (91%),
Linux 2.6.32 - 3.10 (90%)
1 12.00 ms 10.0.0.1
9 ... 13
Increasing send delay for 185.122.239.83 from 0 to 5 due to 11 out of 15 dropped probes since last increase.
SYN Stealth Scan Timing: About 2.08% done; ETC: 16:49 (0:24:20 remaining)
SYN Stealth Scan Timing: About 3.03% done; ETC: 16:58 (0:32:32 remaining)
SYN Stealth Scan Timing: About 4.11% done; ETC: 17:01 (0:35:23 remaining)
SYN Stealth Scan Timing: About 6.31% done; ETC: 16:56 (0:29:55 remaining)
SYN Stealth Scan Timing: About 8.42% done; ETC: 16:54 (0:27:21 remaining)
SYN Stealth Scan Timing: About 10.81% done; ETC: 16:53 (0:25:44 remaining)
SYN Stealth Scan Timing: About 12.97% done; ETC: 16:52 (0:24:16 remaining)
SYN Stealth Scan Timing: About 26.48% done; ETC: 16:55 (0:22:49 remaining)
SYN Stealth Scan Timing: About 29.55% done; ETC: 16:54 (0:21:16 remaining)
SYN Stealth Scan Timing: About 33.96% done; ETC: 16:54 (0:19:40 remaining)
SYN Stealth Scan Timing: About 37.64% done; ETC: 16:53 (0:18:10 remaining)
SYN Stealth Scan Timing: About 43.73% done; ETC: 16:54 (0:16:41 remaining)
SYN Stealth Scan Timing: About 49.36% done; ETC: 16:54 (0:15:12 remaining)
SYN Stealth Scan Timing: About 54.55% done; ETC: 16:54 (0:13:41 remaining)
SYN Stealth Scan Timing: About 60.36% done; ETC: 16:55 (0:12:10 remaining)
SYN Stealth Scan Timing: About 65.98% done; ETC: 16:55 (0:10:35 remaining)
SYN Stealth Scan Timing: About 71.06% done; ETC: 16:55 (0:09:02 remaining)
SYN Stealth Scan Timing: About 76.30% done; ETC: 16:55 (0:07:25 remaining)
SYN Stealth Scan Timing: About 81.43% done; ETC: 16:55 (0:05:48 remaining)
SYN Stealth Scan Timing: About 86.48% done; ETC: 16:55 (0:04:11 remaining)
SYN Stealth Scan Timing: About 91.60% done; ETC: 16:55 (0:02:36 remaining)
SYN Stealth Scan Timing: About 96.66% done; ETC: 16:55 (0:01:02 remaining)
Completed SYN Stealth Scan at 16:55, 1861.95s elapsed (65535 total ports)
| http-methods:
|_http-server-header: Apache
| http-methods:
|_http-server-header: Apache
| tls-alpn:
|_ http/1.1
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
OS CPE: cpe:/o:linux:linux_kernel:4.4
1 2.00 ms 10.0.0.1
6 ...
14 170.00 ms 185.122.239.83
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .