Created
October 15, 2014 15:56
-
-
Save BrunIF/2ab9ac37e6d04403c226 to your computer and use it in GitHub Desktop.
Thief IP Address
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| brun@HP-ProBook-4530s:~ > sudo nmap -v -A nung.edu.ua | |
| Starting Nmap 6.00 ( http://nmap.org ) at 2014-10-15 18:49 EEST | |
| NSE: Loaded 93 scripts for scanning. | |
| NSE: Script Pre-scanning. | |
| Initiating Ping Scan at 18:49 | |
| Scanning nung.edu.ua (194.44.112.88) [4 ports] | |
| Completed Ping Scan at 18:49, 1.02s elapsed (1 total hosts) | |
| Initiating SYN Stealth Scan at 18:49 | |
| Scanning nung.edu.ua (194.44.112.88) [1000 ports] | |
| Discovered open port 443/tcp on 194.44.112.88 | |
| Discovered open port 80/tcp on 194.44.112.88 | |
| Discovered open port 1947/tcp on 194.44.112.88 | |
| Completed SYN Stealth Scan at 18:49, 20.65s elapsed (1000 total ports) | |
| Initiating Service scan at 18:49 | |
| Scanning 3 services on nung.edu.ua (194.44.112.88) | |
| Service scan Timing: About 33.33% done; ETC: 18:54 (0:03:08 remaining) | |
| Completed Service scan at 18:51, 98.72s elapsed (3 services on 1 host) | |
| Initiating OS detection (try #1) against nung.edu.ua (194.44.112.88) | |
| Retrying OS detection (try #2) against nung.edu.ua (194.44.112.88) | |
| Initiating Traceroute at 18:51 | |
| Completed Traceroute at 18:51, 0.02s elapsed | |
| Initiating Parallel DNS resolution of 3 hosts. at 18:51 | |
| Completed Parallel DNS resolution of 3 hosts. at 18:51, 11.01s elapsed | |
| NSE: Script scanning 194.44.112.88. | |
| Initiating NSE at 18:51 | |
| Completed NSE at 18:52, 64.68s elapsed | |
| Nmap scan report for nung.edu.ua (194.44.112.88) | |
| Host is up (0.0037s latency). | |
| rDNS record for 194.44.112.88: it6.local | |
| Not shown: 997 filtered ports | |
| PORT STATE SERVICE VERSION | |
| 80/tcp open http? | |
| 443/tcp open skype2 Skype | |
| 1947/tcp open sentinelsrm? | |
| 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port80-TCP:V=6.00%I=7%D=10/15%Time=543E97A8%P=x86_64-unknown-linux-gnu% | |
| SF:r(GetRequest,1A,"HTTP/1\.0\x20404\x20Not\x20Found\r\n\r\n")%r(HTTPOptio | |
| SF:ns,5F,"\xeeO\xf5w\xd4\x9aC\xa0\xce\x98\xce\xe0ay\xb4lM\xe1ef\xb6\x083\x | |
| SF:d2K\x94e\x8dIo\xa5\0\xac\xd9\xf3\xde\x98\x89\xbb\xfbl_T\xd8\x90\xd6\x96 | |
| SF:\xea\xc3\x98\)F\x7f\$E\xb2\xfbp!\xde7\|\xbd\xca3H\x19v\xef\xd45\xe2k\x2 | |
| SF:0\x11\x0e\xa7,\xad\xfa\xa3\xf8\t\xa6_\x84%\x12\xdb\xd0\x01>\x17\xdc\x9d | |
| SF:")%r(RTSPRequest,53,"\xed\?~\^\xe0\xb6;\xfc\x1b\xb3i\xd76\xff}m>6w\xea\ | |
| SF:xbc\x10\x90\xe3\x1c\xd1q\xce\x20\x8f>\xb1\xe8\x89\]4\x81\xb9\xc1\x9d,\x | |
| SF:c1>\x86\x87\xb8-9Z\x83X\xe9\x06\?\xe4\x05r\xbb0\xe1\x9e\xf7<}\x8a\xf3\x | |
| SF:08\xd96\xaf\x94\xf5\xa2\+\xe0\xd1\xceg\xecm\xbac\xb8")%r(FourOhFourRequ | |
| SF:est,1A,"HTTP/1\.0\x20404\x20Not\x20Found\r\n\r\n")%r(RPCCheck,64,"x\xf7 | |
| SF:\x10h\x84`hT6#\xb3\]\xaa\x89\xa4w\x86\xea\xcf\xd3p\xc7\xfe\x12\xb3\|b/= | |
| SF:\r\xbd\x7f\xb0\x17\x91\\\xf7\xc7T\xdd\x90/X}@\x9cu\xcd\x93\(yVO\xb4\x95 | |
| SF:\xc2\xcb\0q\xee\x07\x0c\r\xda\x03\xd8i\x86\xbfd\x85\xf2;\xb0a\x1ew\xbc\ | |
| SF:xfd\ns\x88Y\xb6/\x14u\"\xab`QN\xe7l\xed:\xe38I\xe6")%r(DNSVersionBindRe | |
| SF:q,6E,"\x10\xeco\x1fN\?;\[\xa3\xc8\x06\xf8\xef\xde\xc5\x9f\xb7\xa8\xd6Ay | |
| SF:WD1m\xb2\x8a\xc5o\xdf\xe1\xea\xad\|\x05\xf2\xd0f\xa2\xc0\xd1Z\xc7I\xb9\ | |
| SF:xf6\\\x03\xd2\x9b\x90\xc1\xfe\xd7\x9c\]\xea\xd3h\xb9\x96\x8f\xf4\xd5\x0 | |
| SF:2\x0b@\xb1\.GLM\x1aC\x18\xa9\xc6\xff\xa4\xc52{\xf0\xa1\^\xb7\xfc=J\xb3\ | |
| SF:xc8\x99\xf6oT\xb5b\xeb\xa0\x91\x8e'\xac-z#x\x89&\xdf")%r(DNSStatusReque | |
| SF:st,33,"\x03\x94a\x20\xf2\xb4\x96<\xfbK\x9c\.6\xd0\x06d\xf8\xcbL\x92CP\x | |
| SF:e0\xfd\xfb\x94z\x87al/\]\xb8W\xea\xddM\xb7\x95\x03\xc83\xdb\xb5\xb1\x96 | |
| SF:\xef\xd7\x1fD\xe5")%r(SSLSessionReq,41,"\x15\.\xfe\x8d\x95\xecC\xc3\xfb | |
| SF:y\x02=i\+Yo\xae0\xec\xaa\x83K%\xa6\xdf\xd3\x0e\x88\x93\xe1\x0cc\xf3%f\x | |
| SF:fd\xa3b\x9a\x031v\\\xe6\ry\xf7\x9cw\xbc\xfd\ns\x88Y\xb6/A\xc0\xf0v\xb2\ | |
| SF:x1e\xd0\xe1")%r(Kerberos,4C,">\xafde\x86\"\xec\xe4A\x88\xfcG\xb3S\xdc<\ | |
| SF:$\xcf;\xe9o\xff\xa8\x0b\xea\xb1\xb3\)\x17HW\xfc4\xac\x1ay\xa8Y\xc7DD\xe | |
| SF:c;\xa5pOH6Z\x83X\xe9\x06\?\xe4\x05r\xbb0\xe1\x9e\xf7<}\x8a\xf3\x08\xd9W | |
| SF:\x81\xc4y#\x98\x0cp")%r(LDAPBindReq,68,"E\x91\xfe\xc0\xfbp\xcd\xc5\x85\ | |
| SF:xca\x20\x18\x0b\x20\x12\x89\x87\xb1\xc0%;\[X\"\xe0\xe5a>\x07\x1c\x02J1% | |
| SF:\xfe\x0b\xae\xce\xfb\xd6\$p\xcd\xc8\xb6\\O\*M\x1aC\x18\xa9\xc6\xff\xa4\ | |
| SF:xc52{\xf0\xa1\^\xb7\xfc=J\xb3\xc8\x99\xf6oT\xb5b\xeb\xa0\x91\x8e'\xac-z | |
| SF:#x\x89&\xdf\x04\xa5\x92\[P\x81\xbe\x97\\\x1d\xaa\x93\(yVO\xb4"); | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port1947-TCP:V=6.00%I=7%D=10/15%Time=543E97A8%P=x86_64-unknown-linux-gn | |
| SF:u%r(GetRequest,10D,"HTTP/1\.0\x20403\x20Forbidden\r\nServer:\x20HASP\x2 | |
| SF:0LM/14\.00\r\nDate:\x20Wed,\x2015\x20Oct\x202014\x2015:50:17\x20GMT\r\n | |
| SF:Content-Type:\x20text/html\r\nContent-Length:\x20137\r\n\r\n<title>403\ | |
| SF:x20Forbidden</title>\n<h1>403\x20Forbidden</h1>\nAccess\x20to\x20this\x | |
| SF:20resource\x20has\x20been\x20denied\x20to\x20you\.\n<p>Please\x20contac | |
| SF:t\x20the\x20administrator\.\n")%r(HTTPOptions,12E,"HTTP/0\.0\x20501\x20 | |
| SF:Not\x20Implemented\r\nServer:\x20HASP\x20LM/14\.00\r\nDate:\x20Wed,\x20 | |
| SF:15\x20Oct\x202014\x2015:50:17\x20GMT\r\nContent-Type:\x20text/html\r\nC | |
| SF:ontent-Length:\x20164\r\n\r\n<title>501\x20Not\x20Implemented</title>\n | |
| SF:<h1>501\x20Not\x20Implemented</h1>\nYour\x20request\x20was\x20not\x20un | |
| SF:derstood\x20or\x20not\x20allowed\x20by\x20this\x20server\.\n<p>Please\x | |
| SF:20contact\x20the\x20administrator\.\n")%r(RTSPRequest,12E,"HTTP/0\.0\x2 | |
| SF:0501\x20Not\x20Implemented\r\nServer:\x20HASP\x20LM/14\.00\r\nDate:\x20 | |
| SF:Wed,\x2015\x20Oct\x202014\x2015:50:17\x20GMT\r\nContent-Type:\x20text/h | |
| SF:tml\r\nContent-Length:\x20164\r\n\r\n<title>501\x20Not\x20Implemented</ | |
| SF:title>\n<h1>501\x20Not\x20Implemented</h1>\nYour\x20request\x20was\x20n | |
| SF:ot\x20understood\x20or\x20not\x20allowed\x20by\x20this\x20server\.\n<p> | |
| SF:Please\x20contact\x20the\x20administrator\.\n")%r(FourOhFourRequest,10D | |
| SF:,"HTTP/1\.0\x20403\x20Forbidden\r\nServer:\x20HASP\x20LM/14\.00\r\nDate | |
| SF::\x20Wed,\x2015\x20Oct\x202014\x2015:51:00\x20GMT\r\nContent-Type:\x20t | |
| SF:ext/html\r\nContent-Length:\x20137\r\n\r\n<title>403\x20Forbidden</titl | |
| SF:e>\n<h1>403\x20Forbidden</h1>\nAccess\x20to\x20this\x20resource\x20has\ | |
| SF:x20been\x20denied\x20to\x20you\.\n<p>Please\x20contact\x20the\x20admini | |
| SF:strator\.\n")%r(SIPOptions,12E,"HTTP/0\.0\x20501\x20Not\x20Implemented\ | |
| SF:r\nServer:\x20HASP\x20LM/14\.00\r\nDate:\x20Wed,\x2015\x20Oct\x202014\x | |
| SF:2015:51:10\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x201 | |
| SF:64\r\n\r\n<title>501\x20Not\x20Implemented</title>\n<h1>501\x20Not\x20I | |
| SF:mplemented</h1>\nYour\x20request\x20was\x20not\x20understood\x20or\x20n | |
| SF:ot\x20allowed\x20by\x20this\x20server\.\n<p>Please\x20contact\x20the\x2 | |
| SF:0administrator\.\n"); | |
| Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port | |
| Device type: general purpose | |
| Running (JUST GUESSING): Microsoft Windows 2008|Vista|7 (97%), FreeBSD 6.X (88%) | |
| OS CPE: cpe:/o:microsoft:windows_server_2008::beta3 cpe:/o:microsoft:windows_vista::- cpe:/o:microsoft:windows_vista::sp1 cpe:/o:microsoft:windows_7 cpe:/o:freebsd:freebsd:6.2 | |
| Aggressive OS guesses: Microsoft Windows Server 2008 Beta 3 (97%), Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7 (97%), Microsoft Windows Vista SP2 or Windows Server 2008 (97%), Microsoft Windows 7 Professional (95%), Microsoft Windows Server 2008 SP1 (94%), Microsoft Windows Vista SP0 - SP1 (91%), Microsoft Windows Vista Home Premium SP1 (89%), Microsoft Windows Server 2008 SP2 (89%), FreeBSD 6.2-RELEASE (88%), Microsoft Windows Vista Home Premium SP1, Windows 7, or Windows Server 2008 (88%) | |
| No exact OS matches for host (test conditions non-ideal). | |
| Uptime guess: 0.179 days (since Wed Oct 15 14:34:25 2014) | |
| Network Distance: 3 hops | |
| TCP Sequence Prediction: Difficulty=265 (Good luck!) | |
| IP ID Sequence Generation: Incremental | |
| TRACEROUTE (using port 443/tcp) | |
| HOP RTT ADDRESS | |
| 1 3.01 ms 10.20.0.1 | |
| 2 4.15 ms 192.168.0.1 | |
| 3 8.24 ms it6.local (194.44.112.88) | |
| NSE: Script Post-scanning. | |
| Read data files from: /usr/bin/../share/nmap | |
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . | |
| Nmap done: 1 IP address (1 host up) scanned in 201.80 seconds | |
| Raw packets sent: 3125 (142.756KB) | Rcvd: 55 (2.820KB) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I found similar results for an ip behind the same NAT as me, whats it mean?