Practica NMAP Steven Madaschi PDF

Realizar un escaneo de todos los puertos de tres páginas educativa internacionales y
analizar lo siguientes:
1. Puertos abiertos
2. Vulnerabilidades de los puertos abiertos
3. ¿Qué recomendaciones pode dar para proteger a estas instituciones
www.euruni.edu – EU Business School
Recomendaciones: Al parecer poseen varios sitios http alojados en este servidor (Lo
podemos notar ya que hay varios puertos aparte del 80 y el 443 con servicio nginx que es
un servidor web) y por esto varios puertos asignados a los mismos. El site con http aun
es existente lo que está mal, al acceder este sitio en el puerto 80 debería redirigir al
puerto 443. Aparte de esto dicho site está bien asegurado ya que no posee muchos puertos
vulnerables abiertos.
Los puertos 2082, 2095 y 2052 corresponden a servicios de cpanel, mi recomendación seria
bloquearlos mediante algún firewall que no permita acceso libre a los mismos.
El puerto 8880 puede ser utilizado para streaming de audio o como un punto de acceso
SOAP para el servidor de aplicaciones IBM WebSphere. Se debe evaluar si es necesario
mantenerlo abierto, de lo contrario cerrarlo.
www.unad.edu.do – Universidad Adventista Dominicana
Recomendaciones: Aquí vemos un sitio web bastante vulnerable, llego a esta conclusión ya que no solo
tienen muchos puertos abiertos, sino que a través de NMAP podemos identificar que aplicaciones funcionan
en esos puertos y hasta las versiones de algunas, lo que pudiera ser información valiosa para
facilitarles el trabajo a los atacantes.
El puerto FTP #21 y el ssh #22 son puertos muy vulnerables y exploiteables, ejemplo por el 21 pueden
obtener archivos confidenciales de la institución y a través del 22 también que es usado para conectarse
remotamente al servidor, Open SSH 5.3 ya está desactualizado (la versión actual es la 8.2) por lo que es
mucho más peligroso aun, ya que existen muchas vulnerabilidades conocidas
Existen muchos puertos relacionados al correo electrónico, entre ellos el 143 y el 110, estos puertos
permiten conexiones no encriptadas es decir en texto plano, por lo que no sería recomendable tener
habilitados estos puertos y mucho menos utilizarlos.
Los puertos 465 y 587 utilizan un servidor de correos llamado Exim, la versión 4.92 pude encontrar que
tiene una vulnerabilidad fuerte donde un atacante puede escalar privilegios y ganar acceso dentro del
sistema.
Los puertos 993 y 995 también son utilizados para correos, pero ya mediante conexiones SSL/TLS es decir,
ya encriptadas y no en texto plano.
El puerto 3306 dice que corresponde a MySQL, este puerto abierto es muy vulnerable ya que es usado para
acceso remoto a la base de datos del servidor y también porque no está actualizado a la versión 5.7 que
es la última, en internet pude encontrar varias vulnerabilidades para dicha versión.
Están utilizando un solo servidor para correos, base de datos, web, y todo lo demás, lo que expone este
servidor demasiado por la cantidad de puertos abiertos que posee.
El puerto 2077 es utilizado para una aplicación llamada Tivoli Storage Manager de IBM, que es
un software centralizado para la administración de almacenamiento, copias de seguridad, etc.
Según mi búsqueda es una aplicación vulnerable y que maneja data muy sensible de la empresa y
que no puede perderse, por lo que recomiendo cerrarlo.
www.alpadia.com – Alpadia Language Schools
Recomendaciones: Aquí vemos un ejemplo de una página muy segura, ya que a pesar de
tener muchos puertos abiertos, solamente son identificables los servicios http y el
https, luego vemos TCPWRAPPED lo que significa que estos servicios están usando
aplicaciones con puertos exclusivos y están protegidos por un firewall desarrollado
para servidores UNIX.
ADJUNTOS XMLS completos de los escaneos
www.euruni.edu – EU Business School
<?xml version="1.0" encoding="iso-8859-1"?>
<?xml-stylesheet href="file:///C:/Program Files (x86)/Nmap/nmap.xsl" type="text/xsl"?><nmaprun start="1584473762"

profile_name="Intense scan, all TCP ports" xmloutputversion="1.04" scanner="nmap" version="7.80" startstr="Tue
Mar 17 15:36:02 2020" args="nmap -p 1-65535 -T4 -A -v euruni.edu"><scaninfo services="1-65535" protocol="tcp"
numservices="65535" type="syn"></scaninfo><verbose level="1"></verbose><debugging
level="0"></debugging><output type="interactive">Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-17 15:36 Hora
estÃ¡ndar oeste, SudamÃ©rica
NSE: Loaded 151 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:36
Completed NSE at 15:36, 0.00s elapsed
Initiating Ping Scan at 15:36
Scanning euruni.edu (104.26.5.183) [4 ports]
Completed Ping Scan at 15:36, 0.39s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:36
Completed Parallel DNS resolution of 1 host. at 15:36, 0.05s elapsed
Initiating SYN Stealth Scan at 15:36
Scanning euruni.edu (104.26.5.183) [65535 ports]
Discovered open port 8080/tcp on 104.26.5.183

SYN Stealth Scan Timing: About 17.24% done; ETC: 15:39 (0:02:29 remaining)
Completed SYN Stealth Scan at 15:39, 177.09s elapsed (65535 total ports)
Initiating Service scan at 15:39
Scanning 13 services on euruni.edu (104.26.5.183)
Completed Service scan at 15:39, 23.90s elapsed (13 services on 1 host)
Initiating OS detection (try #1) against euruni.edu (104.26.5.183)
Retrying OS detection (try #2) against euruni.edu (104.26.5.183)
Initiating Traceroute at 15:39
Completed Traceroute at 15:39, 0.08s elapsed
Initiating Parallel DNS resolution of 6 hosts. at 15:39

Completed Parallel DNS resolution of 6 hosts. at 15:39, 0.07s elapsed
NSE: Script scanning 104.26.5.183.
Nmap scan report for euruni.edu (104.26.5.183)
Host is up (0.054s latency).
Other addresses for euruni.edu (not scanned): 104.26.4.183
Not shown: 65522 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http cloudflare
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.1 400 Bad Request
| Date: Tue, 17 Mar 2020 19:34:00 GMT
| Content-Type: text/html
| Content-Length: 155
| Connection: close
| Server: cloudflare
| CF-RAY: 5759261a9feb2ec7-MIA
| <html>
| <head><title>400 Bad Request</title></head>
| <body>
| <center><h1>400 Bad Request</h1></center>
| <hr><center>cloudflare</center>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 575926178f48ef0a-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 575926185b3d52a0-MIA
| <html>
| <body>
| </body>
| </html>
| RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
| </html>
| X11Probe:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
|_ </html>
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: cloudflare
|_http-title: Did not follow redirect to https://www.euruni.edu/
443/tcp open ssl/https cloudflare
| HTTP/1.1 403 Forbidden
| Date: Tue, 17 Mar 2020 19:34:06 GMT
| Connection: close
| CF-RAY: 575926409e9d5342-MIA
| <html>
| <head><title>403 Forbidden</title></head>
| <body>
| <center><h1>403 Forbidden</h1></center>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: 5759263ddbc4f351-ATL
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:05 GMT

| Connection: close
| CF-RAY: 5759263efa7fba28-ATL
| <html>
| <body>
| </body>
| </html>
| RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:11 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>

| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
| </html>
| tor-versions:
| Date: Tue, 17 Mar 2020 19:34:06 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>

| </body>
|_ </html>
| http-methods:
|_http-title: Did not follow redirect to https://www.euruni.edu/
| ssl-cert: Subject: commonName=sni.cloudflaressl.com/organizationName=Cloudflare,

Inc./stateOrProvinceName=CA/countryName=US
| Subject Alternative Name: DNS:*.euruni.edu, DNS:sni.cloudflaressl.com, DNS:euruni.edu
| Issuer: commonName=CloudFlare Inc ECC CA-2/organizationName=CloudFlare,

| Public Key type: unknown
| Public Key bits: 256
| Signature Algorithm: ecdsa-with-SHA256
| Not valid before: 2019-11-21T00:00:00
| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58
|_SHA-1: d73f 1f7a d6ef af6e 3476 d4a8 7b08 1731 1669 9ac9
2052/tcp open clearvisn?
| DNSStatusRequestTCP, DNSVersionBindReqTCP, RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 5759263728e6b971-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 57592637cebd8289-ATL
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>
2053/tcp open ssl/http nginx
|_http-title: 400 The plain HTTP request was sent to HTTPS port


| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58
2082/tcp open infowave?
| DNSStatusRequestTCP, DNSVersionBindReqTCP:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 57592636ea05ef26-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 575926376d0e8325-ATL
| <html>
| <body>
| </body>
| </html>
| RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:04 GMT

| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>


| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58
2086/tcp open gnunet?
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>

| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 575926372dbdc883-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 57592637ed842e85-MIA
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>


| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58
2095/tcp open nbx-ser?
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 57592636fa8df309-ATL
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 57592637cce9ef26-MIA
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>


| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58
8080/tcp open http-proxy cloudflare
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 57592619aa50f1ca-ATL
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 575926178c48d4e0-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 575926185a3ae960-MIA
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
| </html>
| Socks4, Socks5:
| Date: Tue, 17 Mar 2020 19:34:00 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
|_ </html>
8443/tcp open ssl/https-alt cloudflare
| DNSVersionBindReqTCP, RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:11 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| Date: Tue, 17 Mar 2020 19:34:06 GMT
| Connection: close
| CF-RAY: 57592640cc592ec1-MIA
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:34:05 GMT

| Connection: close
| CF-RAY: 5759263ddfdaf1b2-ATL
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: 5759263efb52b9b6-ATL
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>


| Not valid after: 2020-10-09T12:00:00
| MD5: 47a7 fa05 02fb 525e f431 3994 dd0a 8f58

8880/tcp open cddbp-alt?
| DNSVersionBindReqTCP, RPCCheck:
| Date: Tue, 17 Mar 2020 19:34:05 GMT
| Connection: close
| CF-RAY: -
| <html>
| <body>
| </body>
| </html>
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 5759261838aaf1aa-ATL
| <html>
| <body>
| </body>
| </html>
| GetRequest:
| Date: Tue, 17 Mar 2020 19:33:59 GMT
| Connection: close
| CF-RAY: 575926178e8ab983-MIA
| <html>
| <body>
| </body>
| </html>
| HTTPOptions:
| Date: Tue, 17 Mar 2020 19:34:04 GMT
| Connection: close
| CF-RAY: 575926389874e3be-ATL
| <html>
| <body>
| </body>
| </html>
| RTSPRequest:
| <html>
| <body>
| </body>
|_ </html>
9 services unrecognized despite returning data. If you know the service/version, please submit the following
fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port80-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%r(
SF:GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x20
SF:17\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x20text/html\r\nC
SF:ontent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflare\
SF:r\nCF-RAY:\x20575926178f48ef0a-MIA\r\n\r\n<html>\r\n<head><title>400\x2
SF:0Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20R
SF:equest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n<
SF:/html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent-Type:\x
SF:20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServer
SF::\x20cloudflare\r\nCF-RAY:\x20575926185b3d52a0-MIA\r\n\r\n<html>\r\n<he
SF:ad><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1
SF:>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>
SF:\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>4
SF:00\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad
SF:\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>
SF:\r\n</html>\r\n")%r(X11Probe,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:5
SF:9\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nCon
SF:nection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20
SF:Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Re
SF:quest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</
SF:html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request
SF:\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:00\x20GMT\r\nContent-Ty
SF:pe:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nS
SF:erver:\x20cloudflare\r\nCF-RAY:\x205759261a9feb2ec7-MIA\r\n\r\n<html>\r
SF:\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cente
SF:r><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</ce
SF:nter>\r\n</body>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20B
SF:ad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2
SF:02020\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Lengt
SF:h:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<hea
SF:d><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>
SF:400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\
SF:r\n</body>\r\n</html>\r\n");
SF-Port443-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E712761%P=i686-pc-windows-win
SF:dows%r(GetRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clou
SF:dflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCont
SF:ent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20clos
SF:e\r\nCF-RAY:\x205759263ddbc4f351-ATL\r\n\r\n<html>\r\n<head><title>403\
SF:x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden</
SF:h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r
SF:\n")%r(HTTPOptions,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clo
SF:udflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCon
SF:tent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20clo
SF:se\r\nCF-RAY:\x205759263efa7fba28-ATL\r\n\r\n<html>\r\n<head><title>403
SF:\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden<
SF:/h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\
SF:r\n")%r(FourOhFourRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:
SF:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06\x20GMT
SF:\r\nContent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:
SF:\x20close\r\nCF-RAY:\x20575926409e9d5342-MIA\r\n\r\n<html>\r\n<head><ti
SF:tle>403\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20For
SF:bidden</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n<
SF:/html>\r\n")%r(tor-versions,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\n
SF:Server:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06
SF:\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConn
SF:ection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20B
SF:ad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Req
SF:uest</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</h
SF:tml>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>400\x20Bad\x20Reque
SF:st</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></
SF:center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n")%
SF:r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20cloudf
SF:lare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:11\x20GMT\r\nConten
SF:t-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\
SF:r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</ti
SF:tle></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center
SF:>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n");
SF-Port2052-TCP:V=7.80%I=7%D=3/17%Time=5E712760%P=i686-pc-windows-windows%
SF:r(GetRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Tue,\x
SF:2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:\x20text/html\r\
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nServer:\x20cloudflar
SF:e\r\nCF-RAY:\x205759263728e6b971-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x2
SF:0Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\
SF:n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x20GMT\r\nContent-Type:
SF:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r\nServ
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637cebd8289-ATL\r\n\r\n<html>\r\n<
SF:head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><
SF:h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</cente
SF:r>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title
SF:>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20B
SF:ad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34
SF::05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nC
SF:onnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x
SF:20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20
SF:Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2
SF:019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2015
SF:5\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title
SF:y>\r\n</html>\r\n")%r(DNSStatusRequestTCP,13C,"HTTP/1\.1\x20400\x20Bad\
SF:x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x2020
SF:20\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\
SF:x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><
SF:title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>400
SF:\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\n
SF:</body>\r\n</html>\r\n");
SF:e\r\nCF-RAY:\x2057592636ea05ef26-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:er:\x20cloudflare\r\nCF-RAY:\x20575926376d0e8325-ATL\r\n\r\n<html>\r\n<
SF:e\r\nCF-RAY:\x20575926372dbdc883-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637ed842e85-MIA\r\n\r\n<html>\r\n<
SF:e\r\nCF-RAY:\x2057592636fa8df309-ATL\r\n\r\n<html>\r\n<head><title>400\
SF:er:\x20cloudflare\r\nCF-RAY:\x2057592637cce9ef26-MIA\r\n\r\n<html>\r\n<
SF-Port8080-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%
SF:e\r\nCF-RAY:\x20575926178c48d4e0-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:er:\x20cloudflare\r\nCF-RAY:\x20575926185a3ae960-MIA\r\n\r\n<html>\r\n<
SF:y>\r\n</html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x2
SF:0Request\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nCo
SF:ntent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20cl
SF:ose\r\nServer:\x20cloudflare\r\nCF-RAY:\x2057592619aa50f1ca-ATL\r\n\r\n
SF:<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r
SF:\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudf
SF:lare</center>\r\n</body>\r\n</html>\r\n")%r(Socks5,13C,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20
SF:Mar\x202020\x2019:34:00\x20GMT\r\nContent-Type:\x20text/html\r\nContent
SF:-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r
SF:\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cente
SF:r><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</ce
SF:nter>\r\n</body>\r\n</html>\r\n")%r(Socks4,13C,"HTTP/1\.1\x20400\x20Bad
SF:\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202
SF:020\x2019:34:00\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:
SF:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head>
SF:<title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>40
SF:0\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</center>\r\
SF:n</body>\r\n</html>\r\n");
SF-Port8443-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E712761%P=i686-pc-windows-wi
SF:ndows%r(GetRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20clo
SF:se\r\nCF-RAY:\x205759263ddfdaf1b2-ATL\r\n\r\n<html>\r\n<head><title>403
SF:\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden<
SF:/h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\
SF:r\n")%r(HTTPOptions,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20cl
SF:oudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:05\x20GMT\r\nCo
SF:ntent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection:\x20cl
SF:ose\r\nCF-RAY:\x205759263efb52b9b6-ATL\r\n\r\n<html>\r\n<head><title>40
SF:3\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Forbidden
SF:</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>
SF:\r\n")%r(FourOhFourRequest,149,"HTTP/1\.1\x20403\x20Forbidden\r\nServer
SF::\x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:06\x20GM
SF:T\r\nContent-Type:\x20text/html\r\nContent-Length:\x20151\r\nConnection
SF::\x20close\r\nCF-RAY:\x2057592640cc592ec1-MIA\r\n\r\n<html>\r\n<head><t
SF:itle>403\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x20Fo
SF:rbidden</h1></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n
SF:</html>\r\n")%r(RTSPRequest,9B,"<html>\r\n<head><title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1
SF:></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n
SF:")%r(RPCCheck,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20clo
SF:se\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request<
SF:/title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></cen
SF:ter>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n")%r(D
SF:NSVersionBindReqTCP,13C,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\
SF:x20cloudflare\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:11\x20GMT\
SF:r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\
SF:x20close\r\nCF-RAY:\x20-\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1
SF:></center>\r\n<hr><center>cloudflare</center>\r\n</body>\r\n</html>\r\n
SF:");
SF-Port8880-TCP:V=7.80%I=7%D=3/17%Time=5E71275B%P=i686-pc-windows-windows%
SF:e\r\nCF-RAY:\x20575926178e8ab983-MIA\r\n\r\n<html>\r\n<head><title>400\
SF:n</html>\r\n")%r(FourOhFourRequest,14F,"HTTP/1\.1\x20400\x20Bad\x20Requ
SF:est\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:33:59\x20GMT\r\nContent
SF:-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnection:\x20close\r
SF:\nServer:\x20cloudflare\r\nCF-RAY:\x205759261838aaf1aa-ATL\r\n\r\n<html
SF:>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<ce
SF:nter><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare<
SF:/center>\r\n</body>\r\n</html>\r\n")%r(HTTPOptions,14F,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:34:04\x
SF:20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20155\r\nConnec
SF:tion:\x20close\r\nServer:\x20cloudflare\r\nCF-RAY:\x20575926389874e3be-
SF:ATL\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\
SF:r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><ce
SF:nter>cloudflare</center>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,9B,"
SF:lare</center>\r\n</body>\r\n</html>\r\n")%r(RPCCheck,13C,"HTTP/1\.1\x20
SF:400\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x2017\x
SF:20Mar\x202020\x2019:34:05\x20GMT\r\nContent-Type:\x20text/html\r\nConte
SF:nt-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n<html>
SF:\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<cen
SF:ter><h1>400\x20Bad\x20Request</h1></center>\r\n<hr><center>cloudflare</
SF:center>\r\n</body>\r\n</html>\r\n")%r(DNSVersionBindReqTCP,13C,"HTTP/1\
SF:.1\x20400\x20Bad\x20Request\r\nServer:\x20cloudflare\r\nDate:\x20Tue,\x
SF:nContent-Length:\x20155\r\nConnection:\x20close\r\nCF-RAY:\x20-\r\n\r\n
SF:lare</center>\r\n</body>\r\n</html>\r\n");
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: phone|specialized|media device
Running (JUST GUESSING): Google Android 6.X|7.X (85%), Linux 3.X|4.X|2.6.X (85%), Hikvision embedded (85%)
OS CPE: cpe:/o:google:android:6 cpe:/o:google:android:7 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4

cpe:/o:linux:linux_kernel:2.6.10 cpe:/h:hikvision:ds-7600 cpe:/o:linux:linux_kernel:3.0
Aggressive OS guesses: Android 6.0 - 7.1.2 (Linux 3.18 - 4.4.1) (85%), Android 7.0 (Linux 3.18) (85%), Android 7.1.2
(Linux 3.4) (85%), HIKVISION DS-7600 Linux Embedded NVR (Linux 2.6.10) (85%), Linux 3.0 (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 6 hops
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 443/tcp)
HOP RTT ADDRESS
1 2.00 ms 10.0.0.1
2 9.00 ms pri-040-b3.codetel.net.do (196.3.74.40)
4 51.00 ms atl-b24-link.telia.net (62.115.183.242)
5 65.00 ms cloudflare-ic-339582-mai-b3.c.telia.net (62.115.167.113)
6 51.00 ms 104.26.5.183
NSE: Script Post-scanning.
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 323.08 seconds
Raw packets sent: 131267 (5.779MB) | Rcvd: 333 (16.390KB)
</output><host comment=""><status state="up"></status><address addrtype="ipv4" vendor=""

addr="104.26.5.183"></address><hostnames><hostname type="user"
name="euruni.edu"></hostname></hostnames><ports><extraports count="65522" state="filtered"></extraports><port
protocol="tcp" portid="80"><state reason="syn-ack" state="open" reason_ttl="56"></state><service
product="cloudflare" method="probed" conf="10" name="http"></service></port><port protocol="tcp"
portid="443"><state reason="syn-ack" state="open" reason_ttl="58"></state><service product="cloudflare"
method="probed" conf="10" name="https"></service></port><port protocol="tcp" portid="2052"><state reason="syn-
ack" state="open" reason_ttl="56"></state><service method="table" conf="3"
name="clearvisn"></service></port><port protocol="tcp" portid="2053"><state reason="syn-ack" state="open"
reason_ttl="56"></state><service product="nginx" method="probed" conf="10" name="http"></service></port><port
protocol="tcp" portid="2082"><state reason="syn-ack" state="open" reason_ttl="56"></state><service method="table"
conf="3" name="infowave"></service></port><port protocol="tcp" portid="2083"><state reason="syn-ack"
state="open" reason_ttl="56"></state><service product="nginx" method="probed" conf="10"
name="http"></service></port><port protocol="tcp" portid="2086"><state reason="syn-ack" state="open"
reason_ttl="58"></state><service method="table" conf="3" name="gnunet"></service></port><port protocol="tcp"
portid="2087"><state reason="syn-ack" state="open" reason_ttl="58"></state><service product="nginx"
method="probed" conf="10" name="http"></service></port><port protocol="tcp" portid="2095"><state reason="syn-
ack" state="open" reason_ttl="56"></state><service method="table" conf="3" name="nbx-ser"></service></port><port
protocol="tcp" portid="2096"><state reason="syn-ack" state="open" reason_ttl="58"></state><service product="nginx"
method="probed" conf="10" name="http"></service></port><port protocol="tcp" portid="8080"><state reason="syn-
ack" state="open" reason_ttl="58"></state><service product="cloudflare" method="probed" conf="10" name="http-
proxy"></service></port><port protocol="tcp" portid="8443"><state reason="syn-ack" state="open"
reason_ttl="56"></state><service product="cloudflare" method="probed" conf="10" name="https-
alt"></service></port><port protocol="tcp" portid="8880"><state reason="syn-ack" state="open"
reason_ttl="58"></state><service method="table" conf="3" name="cddbp-
alt"></service></port></ports><os><portused state="open" portid="80" proto="tcp"></portused><osmatch
line="31302" name="Android 6.0 - 7.1.2 (Linux 3.18 - 4.4.1)" accuracy="85"><osclass type="phone" osfamily="Linux"
vendor="Linux" osgen="4.X" accuracy="85"></osclass></osmatch><osmatch line="31384" name="Android 7.0 (Linux
3.18)" accuracy="85"><osclass type="phone" osfamily="Linux" vendor="Linux" osgen="3.X"
accuracy="85"></osclass></osmatch><osmatch line="31443" name="Android 7.1.2 (Linux 3.4)"
accuracy="85"><osclass type="phone" osfamily="Linux" vendor="Linux" osgen="3.X"
accuracy="85"></osclass></osmatch><osmatch line="60007" name="HIKVISION DS-7600 Linux Embedded NVR
(Linux 2.6.10)" accuracy="85"><osclass type="specialized" osfamily="embedded" vendor="Hikvision" osgen=""
accuracy="85"></osclass></osmatch><osmatch line="66322" name="Linux 3.0" accuracy="85"><osclass
type="media device" osfamily="Linux" vendor="Linux" osgen="3.X"
accuracy="85"></osclass></osmatch></os><uptime lastboot="" seconds=""></uptime><tcpsequence index=""
values="" difficulty=""></tcpsequence><ipidsequence values="0,0,0" class="All
zeros"></ipidsequence><tcptssequence values="" class="none returned (unsupported)"></tcptssequence><trace
port="443" proto="tcp"><hop rtt="2.00" host="" ipaddr="10.0.0.1" ttl="1"></hop><hop rtt="9.00" host="pri-040-
b3.codetel.net.do" ipaddr="196.3.74.40" ttl="2"></hop><hop rtt="10.00" host="pri-213-b3.codetel.net.do"
ipaddr="196.3.74.213" ttl="3"></hop><hop rtt="51.00" host="atl-b24-link.telia.net" ipaddr="62.115.183.242"
ttl="4"></hop><hop rtt="65.00" host="cloudflare-ic-339582-mai-b3.c.telia.net" ipaddr="62.115.167.113"
ttl="5"></hop><hop rtt="51.00" host="" ipaddr="104.26.5.183" ttl="6"></hop></trace></host><runstats><finished
timestr="Tue Mar 17 15:41:24 2020" time="1584474084"></finished><hosts down="0" total="1"
up="1"></hosts></runstats></nmaprun>
www.unad.edu.do – Universidad Adventista Dominicana

Mar 17 15:14:36 2020" args="nmap -p 1-65535 -T4 -A -v unad.edu.do"><scaninfo services="1-65535" protocol="tcp"
Scanning unad.edu.do (107.180.51.242) [4 ports]
Scanning unad.edu.do (107.180.51.242) [65535 ports]

Scanning 22 services on unad.edu.do (107.180.51.242)
Service scan Timing: About 72.73% done; ETC: 15:23 (0:00:56 remaining)
Initiating OS detection (try #1) against unad.edu.do (107.180.51.242)
Retrying OS detection (try #2) against unad.edu.do (107.180.51.242)

Nmap scan report for unad.edu.do (107.180.51.242)
rDNS record for 107.180.51.242: ip-107-180-51-242.ip.secureserver.net
Not shown: 64510 filtered ports, 1003 closed ports
21/tcp open ftp Pure-FTPd
| ssl-cert: Subject: commonName=*.prod.iad2.secureserver.net
| Subject Alternative Name: DNS:*.prod.iad2.secureserver.net, DNS:prod.iad2.secureserver.net
| Issuer: commonName=Starfield Secure Certificate Authority - G2/organizationName=Starfield Technologies,

Inc./stateOrProvinceName=Arizona/countryName=US
| Public Key type: rsa
| Signature Algorithm: sha256WithRSAEncryption
| Not valid after: 2022-01-14T17:52:33
| MD5: 446a 62ba 5eef d247 5ad0 4abd 4ba0 822a
|_SHA-1: b028 a254 f0ce feaf 1d20 007e 67d5 ccbc b58c 84c6
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
| ssh-hostkey:
| 1024 d0:d0:f0:93:9b:42:89:20:5b:e3:88:7b:85:70:c3:56 (DSA)
|_ 2048 26:27:b6:db:fc:79:3c:ba:87:2f:19:c8:63:91:8f:85 (RSA)
80/tcp open http Apache httpd
|_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
| http-methods:
| http-robots.txt: 1 disallowed entry
|_/wp-admin/
|_http-server-header: Apache
|_http-title: Did not follow redirect to https://www.unad.edu.do/
110/tcp open pop3 Dovecot pop3d
|_pop3-capabilities: SASL(PLAIN LOGIN) PIPELINING AUTH-RESP-CODE STLS RESP-CODES TOP CAPA USER
UIDL
| ssl-cert: Subject: commonName=*.unad.edu.do
| Subject Alternative Name: DNS:*.unad.edu.do, DNS:unad.edu.do

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
|_SHA-1: fbc9 e8c5 203f 8095 95ed 3eaa 49d0 4896 e2ed 5d61
143/tcp open imap Dovecot imapd
|_imap-capabilities: IMAP4rev1 ID NAMESPACE Pre-login SASL-IR OK capabilities ENABLE STARTTLS LOGIN-

REFERRALS more AUTH=LOGINA0001 have LITERAL+ post-login listed AUTH=PLAIN IDLE

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
|_ssl-date: 2020-03-17T19:18:15+00:00; -5m08s from scanner time.
443/tcp open ssl/http Apache httpd
|_http-favicon: Unknown favicon MD5: D41D8CD98F00B204E9800998ECF8427E
| http-methods:
| http-robots.txt: 1 disallowed entry
|_/wp-admin/
|_http-title: Did not follow redirect to https://www.unad.edu.do/

| Not valid after: 2020-10-25T14:56:37

| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|_ h2
465/tcp open ssl/smtp Exim smtpd 4.92
| smtp-commands: a2plcpnl0506.prod.iad2.secureserver.net Hello unad.edu.do [179.52.63.37], SIZE 52428800,

8BITMIME, PIPELINING, AUTH PLAIN LOGIN, CHUNKING, SMTPUTF8, HELP,
|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP

| Not valid after: 2022-01-14T17:52:33
587/tcp open smtp Exim smtpd 4.92
| smtp-commands: a2plcpnl0506.prod.iad2.secureserver.net Hello unad.edu.do [179.52.63.37], SIZE 52428800,

8BITMIME, PIPELINING, AUTH PLAIN LOGIN, CHUNKING, STARTTLS, SMTPUTF8, HELP,
|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP

| Not valid after: 2022-01-14T17:52:33
993/tcp open ssl/imap Dovecot imapd
|_imap-capabilities: IMAP4rev1 ID NAMESPACE Pre-login SASL-IR OK capabilities ENABLE LOGIN-REFERRALS

more AUTH=LOGINA0001 have LITERAL+ post-login listed AUTH=PLAIN IDLE

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
995/tcp open ssl/pop3 Dovecot pop3d
|_pop3-capabilities: SASL(PLAIN LOGIN) TOP RESP-CODES AUTH-RESP-CODE CAPA PIPELINING USER UIDL

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
2077/tcp open tsrmagt?
| SIPOptions:
| HTTP/1.1 302 Moved
| Date: Tue, 17 Mar 2020 19:16:14 GMT
| Server: cPanel
| Persistent-Auth: false
| Host: a2plcpnl0506.prod.iad2.secureserver.net:2077
| Cache-Control: no-cache, no-store, must-revalidate, private
| Connection: close
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2078sip:nm
| Vary: Accept-Encoding
| Expires: Fri, 01 Jan 1990 00:00:00 GMT
|_ X-Redirect-Reason: requiressl
2078/tcp open ssl/http cPanel httpd (unauthorized)
| http-auth:
| HTTP/1.1 401 Unauthorized\x0D
|_ Basic realm=Restricted Area
| http-methods:
| Supported Methods: PUT UNLOCK HEAD POST PROPPATCH DELETE MOVE GET COPY MKCOL LOCK
OPTIONS PROPFIND
|_ Potentially risky methods: PUT UNLOCK PROPPATCH DELETE MOVE COPY MKCOL LOCK PROPFIND
|_http-title: Site doesn't have a title (text/html; charset="utf-8").

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
2080/tcp open ssl/http cPanel httpd (unauthorized)
| http-auth:
| HTTP/1.1 401 Unauthorized\x0D
|_ Basic realm=Restricted Area
|_http-title: Site doesn't have a title (text/html; charset="utf-8").

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
2082/tcp open infowave?
| SIPOptions:
| Content-length: 145
| Location: https://a2plcpnl0506.prod.iad2.secureserver.net:2083/sip%3anm
| Content-type: text/html; charset="utf-8"
|_ <html><head><META HTTP-EQUIV="refresh"
CONTENT="2;URL=https://a2plcpnl0506.prod.iad2.secureserver.net:2083/sip%3anm"></head><body>&lt
;/body></html>
2083/tcp open ssl/radsec?
| GetRequest:
| HTTP/1.0 401 Access Denied
| Connection: close
| Content-Type: text/html; charset="utf-8"
| Date: Tue, 17 Mar 2020 19:15:00 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="cPanel"
| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
| Set-Cookie: cpsession=%3aQqrH8V8do1QLnPso%2cc757443159f3776b4e98552537c87293; HttpOnly; path=/;

port=2083; secure
| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083;

secure
| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=a2plcpnl0506.prod.iad2.secureserver.net;

expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
| Set-Cookie: Horde=expired; HttpOnly; domain=.a2plcpnl0506.prod.iad2.secureserver.net; expires=Thu, 01-Jan-

1970 00:00:01 GMT; path=/; port=2083; secure
| Set-Cook
| HTTPOptions:

| Connection: close
| Date: Tue, 17 Mar 2020 19:15:01 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="cPanel"
| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
| Set-Cookie: cpsession=%3aBym9ItnZZDvroTis%2c0d26ee005fb1cf3c1336fc6699c34663; HttpOnly; path=/;

port=2083; secure

secure


1970 00:00:01 GMT; path=/; port=2083; secure
|_ Set-Cook

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e

2086/tcp open gnunet?
| SIPOptions:
;/body></html>
2087/tcp open ssl/eli?
| GetRequest:
| Connection: close
| Date: Tue, 17 Mar 2020 19:15:00 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="Web Host Manager"
| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
| Set-Cookie: whostmgrsession=%3akmJ7Pz0rdrDzTfaZ%2c4800378b9eb12a2eba107decd59ae478; HttpOnly;
path=/; port=2087; secure

secure


1970 00:00:01 GMT; path=/; port=
| HTTPOptions:
| Connection: close
| Date: Tue, 17 Mar 2020 19:15:01 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="Web Host Manager"
| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
| Set-Cookie: whostmgrsession=%3aRfsEPN136r8E12k7%2c6d3a9b5c1c72419445434683fc2822ca; HttpOnly;


secure

|_ Set-Cookie: Horde=expired; HttpOnly; domain=.a2plcpnl0506.prod.iad2.secureserver.net; expires=Thu, 01-Jan-

1970 00:00:01 GMT; path=/; port=

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
2095/tcp open nbx-ser?
| SIPOptions:
;/body></html>
2096/tcp open ssl/nbx-dir?
| GetRequest:
| Connection: close
| Date: Tue, 17 Mar 2020 19:15:00 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="WebMail"
| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
| Set-Cookie: webmailsession=%3aQjITMN4uCAeLGyF6%2c01c587ffb83503346efcc1c16590b9be; HttpOnly;


secure


1970 00:00:01 GMT; path=/; port=2096; secur
| HTTPOptions:
| Connection: close
| Date: Tue, 17 Mar 2020 19:15:01 GMT
| Pragma: no-cache
| WWW-Authenticate: Basic realm="WebMail"
| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
| Set-Cookie: webmailsession=%3axsPkIEzxC3cPe7zw%2c0641c2fa796c828c6b38332b7338f003; HttpOnly;


secure
|_ Set-Cookie: Horde=expired; HttpOnly; domain=.a2plcpnl0506.prod.iad2.secureserver.net; expires=Thu, 01-Jan-

1970 00:00:01 GMT; path=/; port=2096; secur

| Not valid after: 2020-10-25T14:56:37
| MD5: 04b2 52ba b12c b8e4 2c46 5388 927c c59e
3306/tcp open mysql MySQL 5.6.46-cll-lve
| mysql-info:
| Protocol: 10
| Version: 5.6.46-cll-lve
| Thread ID: 1061594
| Capabilities flags: 63487
| Some Capabilities: LongPassword, Support41Auth, ConnectWithDatabase, SupportsTransactions, ODBCClient,

Speaks41ProtocolOld, SupportsLoadDataLocal, Speaks41ProtocolNew, SupportsCompression, FoundRows,
LongColumnFlag, InteractiveClient, IgnoreSigpipes, IgnoreSpaceBeforeParenthesis,
DontAllowDatabaseTableColumn, SupportsMultipleResults, SupportsAuthPlugins, SupportsMultipleStatments
| Status: Autocommit
| Salt: 2Ld4re$~rA/d-P,)*6pR
|_ Auth Plugin Name: mysql_native_password
50086/tcp open tcpwrapped
50765/tcp open unknown
7 services unrecognized despite returning data. If you know the service/version, please submit the following
fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF:r(SIPOptions,18B,"HTTP/1\.1\x20302\x20Moved\r\nDate:\x20Tue,\x2017\x20M
SF:ar\x202020\x2019:16:14\x20GMT\r\nServer:\x20cPanel\r\nPersistent-Auth:\
SF:x20false\r\nHost:\x20a2plcpnl0506\.prod\.iad2\.secureserver\.net:2077\r
SF:\nCache-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20priva
SF:te\r\nConnection:\x20close\r\nLocation:\x20https://a2plcpnl0506\.prod\.
SF:iad2\.secureserver\.net:2078sip:nm\r\nVary:\x20Accept-Encoding\r\nExpir
SF:es:\x20Fri,\x2001\x20Jan\x201990\x2000:00:00\x20GMT\r\nX-Redirect-Reaso
SF:n:\x20requiressl\r\n\r\n");
SF:r(SIPOptions,16C,"HTTP/1\.1\x20301\x20Moved\r\nContent-length:\x20145\r
SF:\nLocation:\x20https://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2083
SF:/sip%3anm\r\nContent-type:\x20text/html;\x20charset=\"utf-8\"\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n\r
SF:\n<html><head><META\x20HTTP-EQUIV=\"refresh\"\x20CONTENT=\"2;URL=https:
SF://a2plcpnl0506\.prod\.iad2\.secureserver\.net:2083/sip%3anm\"></head><b
SF:ody></body></html>\n");
SF-Port2083-TCP:V=7.80%T=SSL%I=7%D=3/17%Time=5E7122E8%P=i686-pc-windows-wi
SF:ndows%r(GetRequest,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\r\nConnec
SF:tion:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf-8\"\r\nD
SF:ate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:00\x20GMT\r\nCache-Control:\
SF:x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPragma:\x20
SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r\nSet-Cooki
SF:e:\x20cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:0
SF:0:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20cpses
SF:sion=%3aQqrH8V8do1QLnPso%2cc757443159f3776b4e98552537c87293;\x20HttpOnl
SF:y;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sessi
SF:d=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20G
SF:MT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roundcube_sess
SF:auth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad2\.securese
SF:rver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/
SF:;\x20port=2083;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x20HttpOnly;
SF:\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x20expires=Th
SF:u,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secur
SF:e\r\nSet-Cook")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Denie
SF:d\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"u
SF:tf-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCach
SF:e-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\n
SF:Pragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"cPanel\"\r
SF:\nSet-Cookie:\x20cprelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1
SF:970\x2000:00:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cooki
SF:e:\x20cpsession=%3aBym9ItnZZDvroTis%2c0d26ee005fb1cf3c1336fc6699c34663;
SF:\x20HttpOnly;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20roun
SF:dcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000
SF::00:01\x20GMT;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20rou
SF:ndcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad
SF:2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT
SF:;\x20path=/;\x20port=2083;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x
SF:20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x2
SF:0expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=208
SF:3;\x20secure\r\nSet-Cook");

SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Host\x20Manage
SF:r\"\r\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20expires=Thu,\
SF:x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r
SF:\nSet-Cookie:\x20whostmgrsession=%3akmJ7Pz0rdrDzTfaZ%2c4800378b9eb12a2e
SF:ba107decd59ae478;\x20HttpOnly;\x20path=/;\x20port=2087;\x20secure\r\nSe
SF:t-Cookie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x20
SF:01-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nS
SF:et-Cookie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcp
SF:nl0506\.prod\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x
SF:2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSet-Cookie:\x2
SF:0Horde=expired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secu
SF:reserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20pa
SF:th=/;\x20port=")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Deni
SF:ed\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"
SF:utf-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCac
SF:he-Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\
SF:nPragma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"Web\x20Ho
SF:st\x20Manager\"\r\nSet-Cookie:\x20whostmgrrelogin=no;\x20HttpOnly;\x20e
SF:xpires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;
SF:\x20secure\r\nSet-Cookie:\x20whostmgrsession=%3aRfsEPN136r8E12k7%2c6d3a
SF:9b5c1c72419445434683fc2822ca;\x20HttpOnly;\x20path=/;\x20port=2087;\x20
SF:secure\r\nSet-Cookie:\x20roundcube_sessid=expired;\x20HttpOnly;\x20expi
SF:res=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x2
SF:0secure\r\nSet-Cookie:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20d
SF:omain=a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x20expires=Thu,\x200
SF:1-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2087;\x20secure\r\nSe
SF:t-Cookie:\x20Horde=expired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod
SF:\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x
SF:20GMT;\x20path=/;\x20port=");
SF:no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\nSet-Cook
SF:ie:\x20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x
SF:2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x2
SF:0webmailsession=%3aQjITMN4uCAeLGyF6%2c01c587ffb83503346efcc1c16590b9be;
SF:\x20HttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20roun
SF:dcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1970\x2000
SF::00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20rou
SF:ndcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.prod\.iad
SF:2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT
SF:;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20Horde=expired;\x
SF:20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver\.net;\x2
SF:0expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=209
SF:6;\x20secur")%r(HTTPOptions,4000,"HTTP/1\.0\x20401\x20Access\x20Denied\
SF:r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=\"utf
SF:-8\"\r\nDate:\x20Tue,\x2017\x20Mar\x202020\x2019:15:01\x20GMT\r\nCache-
SF:Control:\x20no-cache,\x20no-store,\x20must-revalidate,\x20private\r\nPr
SF:agma:\x20no-cache\r\nWWW-Authenticate:\x20Basic\x20realm=\"WebMail\"\r\
SF:nSet-Cookie:\x20webmailrelogin=no;\x20HttpOnly;\x20expires=Thu,\x2001-J
SF:an-1970\x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-C
SF:ookie:\x20webmailsession=%3axsPkIEzxC3cPe7zw%2c0641c2fa796c828c6b38332b
SF:7338f003;\x20HttpOnly;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie
SF::\x20roundcube_sessid=expired;\x20HttpOnly;\x20expires=Thu,\x2001-Jan-1
SF:970\x2000:00:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cooki
SF:e:\x20roundcube_sessauth=expired;\x20HttpOnly;\x20domain=a2plcpnl0506\.
SF:prod\.iad2\.secureserver\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:
SF:01\x20GMT;\x20path=/;\x20port=2096;\x20secure\r\nSet-Cookie:\x20Horde=e
SF:xpired;\x20HttpOnly;\x20domain=\.a2plcpnl0506\.prod\.iad2\.secureserver
SF:\.net;\x20expires=Thu,\x2001-Jan-1970\x2000:00:01\x20GMT;\x20path=/;\x2
SF:0port=2096;\x20secur");
Device type: general purpose|storage-misc|broadband router|router|media device|WAP
Running (JUST GUESSING): Linux 2.6.X|3.X (94%), HP embedded (91%), MikroTik RouterOS 6.X (90%), Infomir
embedded (90%), Ubiquiti embedded (90%), Ubiquiti AirOS 5.X (90%)
OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/h:hp:p2000_g3

cpe:/o:mikrotik:routeros:6.32.1 cpe:/o:linux:linux_kernel:2.6 cpe:/h:infomir:mag-250 cpe:/h:ubnt:airmax_nanostation
cpe:/o:ubnt:airos:5.5.9
Aggressive OS guesses: Linux 2.6.32 (94%), Linux 2.6.32 - 3.1 (94%), Linux 2.6.32 - 3.13 (94%), Linux 2.6.32 - 2.6.39
(92%), Linux 2.6.39 (92%), Linux 3.10 (92%), Linux 3.2 (92%), HP P2000 G3 NAS device (91%), Linux 3.8 (91%),
Linux 2.6.32 - 3.10 (90%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 2.759 days (since Sat Mar 14 21:10:18 2020)
TCP Sequence Prediction: Difficulty=261 (Good luck!)
Service Info: Host: a2plcpnl0506.prod.iad2.secureserver.net
Host script results:

|_clock-skew: mean: -5m08s, deviation: 0s, median: -5m08s
HOP RTT ADDRESS
1 12.00 ms 10.0.0.1
4 54.00 ms mai-b1-link.telia.net (62.115.151.142)
5 52.00 ms ash-bb2-link.telia.net (62.115.125.129)
6 66.00 ms rest-b1-link.telia.net (62.115.117.116)
7 73.00 ms ae5.ibrsb0105-01.iad1.bb.godaddy.com (62.115.162.111)
8 79.00 ms ip-184-168-6-83.ip.secureserver.net (184.168.6.83)
9 ... 13
14 70.00 ms ip-107-180-51-242.ip.secureserver.net (107.180.51.242)


name="unad.edu.do"></hostname><hostname type="PTR" name="ip-107-180-51-
242.ip.secureserver.net"></hostname></hostnames><ports><extraports count="64510"
state="filtered"></extraports><extraports count="1003" state="closed"></extraports><port protocol="tcp"
portid="21"><state reason="syn-ack" state="open" reason_ttl="49"></state><service product="Pure-FTPd"
method="probed" conf="10" name="ftp"></service></port><port protocol="tcp" portid="22"><state reason="syn-ack"
state="open" reason_ttl="49"></state><service product="OpenSSH" name="ssh" extrainfo="protocol 2.0"
version="5.3" conf="10" method="probed"></service></port><port protocol="tcp" portid="80"><state reason="syn-ack"
state="open" reason_ttl="49"></state><service product="Apache httpd" method="probed" conf="10"
reason_ttl="49"></state><service product="Dovecot pop3d" method="probed" conf="10"
name="pop3"></service></port><port protocol="tcp" portid="143"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service product="Dovecot imapd" method="probed" conf="10"
name="imap"></service></port><port protocol="tcp" portid="443"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service product="Apache httpd" method="probed" conf="10"
reason_ttl="49"></state><service product="Exim smtpd" version="4.92" method="probed" conf="10"
name="smtp"></service></port><port protocol="tcp" portid="587"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service product="Exim smtpd" version="4.92" method="probed" conf="10"
name="smtp"></service></port><port protocol="tcp" portid="993"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service product="Dovecot imapd" method="probed" conf="10"
name="imap"></service></port><port protocol="tcp" portid="995"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service product="Dovecot pop3d" method="probed" conf="10"
name="pop3"></service></port><port protocol="tcp" portid="2077"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service method="table" conf="3" name="tsrmagt"></service></port><port protocol="tcp"
portid="2078"><state reason="syn-ack" state="open" reason_ttl="49"></state><service product="cPanel httpd"
extrainfo="unauthorized" method="probed" conf="10" name="http"></service></port><port protocol="tcp"
portid="2080"><state reason="syn-ack" state="open" reason_ttl="49"></state><service product="cPanel httpd"
extrainfo="unauthorized" method="probed" conf="10" name="http"></service></port><port protocol="tcp"
portid="2082"><state reason="syn-ack" state="open" reason_ttl="49"></state><service method="table" conf="3"
name="infowave"></service></port><port protocol="tcp" portid="2083"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service method="table" conf="3" name="radsec"></service></port><port protocol="tcp"
name="gnunet"></service></port><port protocol="tcp" portid="2087"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service method="table" conf="3" name="eli"></service></port><port protocol="tcp"
name="nbx-ser"></service></port><port protocol="tcp" portid="2096"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service method="table" conf="3" name="nbx-dir"></service></port><port protocol="tcp"
portid="3306"><state reason="syn-ack" state="open" reason_ttl="49"></state><service product="MySQL"
version="5.6.46-cll-lve" method="probed" conf="10" name="mysql"></service></port><port protocol="tcp"
portid="50086"><state reason="syn-ack" state="open" reason_ttl="49"></state><service method="probed" conf="8"
name="tcpwrapped"></service></port><port protocol="tcp" portid="50765"><state reason="syn-ack" state="open"
reason_ttl="49"></state><service></service></port></ports><os><portused state="open" portid="21"
proto="tcp"></portused><portused state="closed" portid="20" proto="tcp"></portused><osmatch line="55579"
name="Linux 2.6.32" accuracy="94"><osclass type="general purpose" osfamily="Linux" vendor="Linux"
osgen="2.6.X" accuracy="94"></osclass></osmatch><osmatch line="56315" name="Linux 2.6.32 - 3.1"
accuracy="94"><osclass type="general purpose" osfamily="Linux" vendor="Linux" osgen="3.X"
accuracy="94"></osclass></osmatch><osmatch line="56411" name="Linux 2.6.32 - 3.13" accuracy="94"><osclass
type="general purpose" osfamily="Linux" vendor="Linux" osgen="3.X"
accuracy="94"></osclass></osmatch><osmatch line="56273" name="Linux 2.6.32 - 2.6.39" accuracy="92"><osclass
type="general purpose" osfamily="Linux" vendor="Linux" osgen="2.6.X"
accuracy="92"></osclass></osmatch><osmatch line="57964" name="Linux 2.6.39" accuracy="92"><osclass
type="general purpose" osfamily="Linux" vendor="Linux" osgen="2.6.X"
accuracy="92"></osclass></osmatch><osmatch line="34647" name="HP P2000 G3 NAS device"
accuracy="91"><osclass type="storage-misc" osfamily="embedded" vendor="HP" osgen=""
accuracy="91"></osclass></osmatch><osmatch line="56381" name="Linux 2.6.32 - 3.10" accuracy="90"><osclass
accuracy="90"></osclass></osmatch></os><uptime lastboot="Sat Mar 14 21:10:18 2020"
seconds="238416"></uptime><tcpsequence index="261"
values="EA9D0A39,38507757,BBCE06CB,ABDC40A0,E14E0AE5,19ABA247" difficulty="Good
luck!"></tcpsequence><ipidsequence values="0,0,0,0,0,0" class="All zeros"></ipidsequence><tcptssequence
values="168EA975,168EAA3D,168EA975,168EA975,168EAB05,168EAB05" class="other"></tcptssequence><trace
port="50805" proto="tcp"><hop rtt="12.00" host="" ipaddr="10.0.0.1" ttl="1"></hop><hop rtt="15.00" host="pri-040-
b3.codetel.net.do" ipaddr="196.3.74.40" ttl="2"></hop><hop rtt="15.00" host="pri-213-b3.codetel.net.do"
ipaddr="196.3.74.213" ttl="3"></hop><hop rtt="54.00" host="mai-b1-link.telia.net" ipaddr="62.115.151.142"
ttl="4"></hop><hop rtt="52.00" host="ash-bb2-link.telia.net" ipaddr="62.115.125.129" ttl="5"></hop><hop rtt="66.00"
host="rest-b1-link.telia.net" ipaddr="62.115.117.116" ttl="6"></hop><hop rtt="73.00" host="ae5.ibrsb0105-
01.iad1.bb.godaddy.com" ipaddr="62.115.162.111" ttl="7"></hop><hop rtt="79.00" host="ip-184-168-6-
83.ip.secureserver.net" ipaddr="184.168.6.83" ttl="8"></hop><hop rtt="70.00" host="ip-107-180-51-
242.ip.secureserver.net" ipaddr="107.180.51.242" ttl="14"></hop></trace></host><runstats><finished timestr="Tue
Mar 17 15:23:54 2020" time="1584473034"></finished><hosts down="0" total="1"
up="1"></hosts></runstats></nmaprun>
www.alpadia.com – Alpadia Language Schools

Mar 17 16:24:33 2020" args="nmap -p 1-65535 -T4 -A -v alpadia.com"><scaninfo services="1-65535" protocol="tcp"
Scanning alpadia.com (185.122.239.83) [4 ports]
Scanning alpadia.com (185.122.239.83) [65535 ports]

Increasing send delay for 185.122.239.83 from 0 to 5 due to 11 out of 15 dropped probes since last increase.

Scanning 33 services on alpadia.com (185.122.239.83)
Initiating OS detection (try #1) against alpadia.com (185.122.239.83)
Nmap scan report for alpadia.com (185.122.239.83)

Not shown: 65502 filtered ports
80/tcp open http Apache httpd
| http-methods:
|_http-title: Did not follow redirect to https://www.alpadia.com/
443/tcp open ssl/ssl Apache httpd (SSL-only mode)
| http-methods:
|_http-title: Did not follow redirect to https://www.alpadia.com/
| ssl-cert: Subject: commonName=alpadia.com/organizationName=ALPADIA SA/countryName=CH
| Subject Alternative Name: DNS:alpadia.com, DNS:www.alpadia.com, DNS:webmail.alpadia.com,

DNS:core.alpadia.com, DNS:mail.alpadia.com
| Issuer: commonName=DigiCert SHA2 Extended Validation Server CA/organizationName=DigiCert

Inc/countryName=US
| Not valid after: 2020-10-07T00:00:00
| MD5: c99b debd d449 1860 0492 dffc 621c a0bd

|_SHA-1: a4d7 bcd8 0fa9 5e2a 1362 f8dd 4a15 6c45 b6d9 f500
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|_ http/1.1

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 4.X
OS CPE: cpe:/o:linux:linux_kernel:4.4
OS details: Linux 4.4
Uptime guess: 155.017 days (since Mon Oct 14 16:31:44 2019)
TCP Sequence Prediction: Difficulty=261 (Good luck!)

HOP RTT ADDRESS
1 2.00 ms 10.0.0.1
4 40.00 ms atl-b24-link.telia.net (62.115.183.242)
5 46.00 ms be2848.ccr42.atl01.atlas.cogentco.com (154.54.6.117)
6 ...
7 147.00 ms zch-b2-link.telia.net (62.115.135.129)
8 154.00 ms ipmax-ic-340750-zch-b2.c.telia.net (62.115.168.201)
9 148.00 ms be2471.rcr21.lys01.atlas.cogentco.com (130.117.49.38)
10 152.00 ms r1.saitis.net (46.20.248.218)
11 160.00 ms AS203882.romandix.ch (185.1.93.5)
12 151.00 ms ls1-r01.evok.ch (185.122.238.145)
13 158.00 ms ge-0-0-3-0.ls1-fw01.evok.ch (185.122.238.230)
14 170.00 ms 185.122.239.83


name="alpadia.com"></hostname></hostnames><ports><extraports count="65502"
state="filtered"></extraports><port protocol="tcp" portid="80"><state reason="syn-ack" state="open"
reason_ttl="48"></state><service product="Apache httpd" method="probed" conf="10"
reason_ttl="48"></state><service product="Apache httpd" extrainfo="SSL-only mode" method="probed" conf="10"
name="ssl"></service></port><port protocol="tcp" portid="1310"><state reason="syn-ack" state="open"
reason_ttl="48"></state><service method="probed" conf="8" name="tcpwrapped"></service></port><port
method="probed" conf="8" name="tcpwrapped"></service></port><port protocol="tcp" portid="2352"><state
reason="syn-ack" state="open" reason_ttl="48"></state><service method="probed" conf="8"
reason_ttl="48"></state><service method="probed" conf="8"
name="tcpwrapped"></service></port></ports><os><portused state="open" portid="80"
proto="tcp"></portused><osmatch line="67546" name="Linux 4.4" accuracy="100"><osclass type="general purpose"
osfamily="Linux" vendor="Linux" osgen="4.X" accuracy="100"></osclass></osmatch></os><uptime lastboot="Mon
Oct 14 16:31:44 2019" seconds="13393483"></uptime><tcpsequence index="261"
values="A40B1443,CCAA9D7C,E2AA5B5C,D17F000E,5F5ADA62,16381D23" difficulty="Good
luck!"></tcpsequence><ipidsequence values="0,0,0,0,0,0" class="All zeros"></ipidsequence><tcptssequence
values="C2C9C0CD,C2C9C0E7,C2C9C0FD,C2C9C113,C2C9C12C,C2C9C148"
class="other"></tcptssequence><trace port="443" proto="tcp"><hop rtt="2.00" host="" ipaddr="10.0.0.1"
ttl="1"></hop><hop rtt="5.00" host="pri-040-b3.codetel.net.do" ipaddr="196.3.74.40" ttl="2"></hop><hop rtt="8.00"
host="pri-213-b3.codetel.net.do" ipaddr="196.3.74.213" ttl="3"></hop><hop rtt="40.00" host="atl-b24-link.telia.net"
ipaddr="62.115.183.242" ttl="4"></hop><hop rtt="46.00" host="be2848.ccr42.atl01.atlas.cogentco.com"
ipaddr="154.54.6.117" ttl="5"></hop><hop rtt="147.00" host="zch-b2-link.telia.net" ipaddr="62.115.135.129"
ttl="7"></hop><hop rtt="154.00" host="ipmax-ic-340750-zch-b2.c.telia.net" ipaddr="62.115.168.201"
ttl="8"></hop><hop rtt="148.00" host="be2471.rcr21.lys01.atlas.cogentco.com" ipaddr="130.117.49.38"
ttl="9"></hop><hop rtt="152.00" host="r1.saitis.net" ipaddr="46.20.248.218" ttl="10"></hop><hop rtt="160.00"
host="AS203882.romandix.ch" ipaddr="185.1.93.5" ttl="11"></hop><hop rtt="151.00" host="ls1-r01.evok.ch"
ipaddr="185.122.238.145" ttl="12"></hop><hop rtt="158.00" host="ge-0-0-3-0.ls1-fw01.evok.ch"
ipaddr="185.122.238.230" ttl="13"></hop><hop rtt="170.00" host="" ipaddr="185.122.239.83"
ttl="14"></hop></trace></host><runstats><finished timestr="Tue Mar 17 16:56:27 2020"
time="1584478587"></finished><hosts down="0" total="1" up="1"></hosts></runstats></nmaprun>

Practica NMAP Steven Madaschi PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Practica NMAP Steven Madaschi PDF

Încărcat de

Drepturi de autor:

Formate disponibile

Realizar un escaneo de todos los puertos de tres páginas educativa internacionales y

www.euruni.edu – EU Business School

www.unad.edu.do – Universidad Adventista Dominicana

<?xml version="1.0" encoding="iso-8859-1"?>

<?xml-stylesheet href="file:///C:/Program Files (x86)/Nmap/nmap.xsl" type="text/xsl"?><nmaprun start="1584473762"

NSE: Loaded 151 scripts for scanning.

NSE: Script Pre-scanning.

Initiating NSE at 15:36

Completed NSE at 15:36, 0.00s elapsed

Initiating NSE at 15:36

Completed NSE at 15:36, 0.00s elapsed

Initiating NSE at 15:36

Completed NSE at 15:36, 0.00s elapsed

Initiating Ping Scan at 15:36

Scanning euruni.edu (104.26.5.183) [4 ports]

Completed Ping Scan at 15:36, 0.39s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 15:36

Completed Parallel DNS resolution of 1 host. at 15:36, 0.05s elapsed

Initiating SYN Stealth Scan at 15:36

Scanning euruni.edu (104.26.5.183) [65535 ports]

Discovered open port 8080/tcp on 104.26.5.183

Discovered open port 80/tcp on 104.26.5.183

Discovered open port 443/tcp on 104.26.5.183

Discovered open port 2083/tcp on 104.26.5.183

Discovered open port 2082/tcp on 104.26.5.183

Discovered open port 2087/tcp on 104.26.5.183

Discovered open port 2052/tcp on 104.26.5.183

Discovered open port 2086/tcp on 104.26.5.183

Discovered open port 2053/tcp on 104.26.5.183

Discovered open port 2095/tcp on 104.26.5.183

Discovered open port 8443/tcp on 104.26.5.183

Discovered open port 2096/tcp on 104.26.5.183

Initiating Service scan at 15:39

Scanning 13 services on euruni.edu (104.26.5.183)

Completed Service scan at 15:39, 23.90s elapsed (13 services on 1 host)

Initiating OS detection (try #1) against euruni.edu (104.26.5.183)

Retrying OS detection (try #2) against euruni.edu (104.26.5.183)

Initiating Traceroute at 15:39

Completed Traceroute at 15:39, 0.08s elapsed

Initiating Parallel DNS resolution of 6 hosts. at 15:39

NSE: Script scanning 104.26.5.183.

Initiating NSE at 15:39

Completed NSE at 15:41, 107.27s elapsed

Initiating NSE at 15:41

Completed NSE at 15:41, 7.95s elapsed

Initiating NSE at 15:41

Completed NSE at 15:41, 0.00s elapsed

Nmap scan report for euruni.edu (104.26.5.183)

Host is up (0.054s latency).

Other addresses for euruni.edu (not scanned): 104.26.4.183

Not shown: 65522 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http cloudflare

| HTTP/1.1 400 Bad Request

| Date: Tue, 17 Mar 2020 19:34:00 GMT

| &lt;head&gt;&lt;title&gt;400 Bad Request&lt;/title&gt;&lt;/head&gt;

| &lt;center&gt;&lt;h1&gt;400 Bad Request&lt;/h1&gt;&lt;/center&gt;

| HTTP/1.1 400 Bad Request

| Date: Tue, 17 Mar 2020 19:33:59 GMT

| &lt;head&gt;&lt;title&gt;400 Bad Request&lt;/title&gt;&lt;/head&gt;

| &lt;center&gt;&lt;h1&gt;400 Bad Request&lt;/h1&gt;&lt;/center&gt;

| Date: Tue, 17 Mar 2020 19:33:59 GMT

| &lt;head&gt;&lt;title&gt;400 Bad Request&lt;/title&gt;&lt;/head&gt;

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>

| <head><title>400 Bad Request</title></head>

| <center><h1>400 Bad Request</h1></center>

| <head><title>400 Bad Request</title></head>