Nmap scan report for mx0b-001b4103.pphosted.com (148.163.137.70)
Host is up (0.048s latency).
Not shown: 996 closed tcp ports (reset)
PORT      STATE SERVICE               VERSION
25/tcp    open  smtp
|_ssl-date: TLS randomness does not represent time
| fingerprint-strings: 
|   GenericLines: 
|     220 mx0b-001b4103.pphosted.com ESMTP mfa-m0264578
|     5.5.1 Command unrecognized: ""
|     5.5.1 Command unrecognized: ""
|   GetRequest: 
|     220 mx0b-001b4103.pphosted.com ESMTP mfa-m0264578
|     4.7.0 Open proxy prohibited
|   Hello: 
|     220 mx0b-001b4103.pphosted.com ESMTP mfa-m0264580
|     5.5.4 Domain name required
|   Help: 
|     220 mx0b-001b4103.pphosted.com ESMTP mfa-m0264579
|     5.5.1 Command unrecognized: "HELP"
|   NULL: 
|_    220 mx0b-001b4103.pphosted.com ESMTP mfa-m0264580
|_smtp-commands: mx0b-001b4103.pphosted.com Hello 208.76.253.234.rdns.ColocationAmerica.com [208.76.253.234] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE 157286400, STARTTLS
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
443/tcp   open  ssl/https
| fingerprint-strings: 
|   FourOhFourRequest, GetRequest, HTTPOptions: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:48:57 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   Help: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:23 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   RTSPRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:08 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   SSLSessionReq, TerminalServerCookie: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:24 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|_    Request.
|_http-title: Forbidden
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
|_http-server-header: <empty>
10000/tcp open  ssl/snet-sensor-mgmt?
| fingerprint-strings: 
|   GetRequest, HTTPOptions, RTSPRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:08 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   Help, SSLSessionReq, TerminalServerCookie: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:24 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   TLSSessionReq: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:25 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|_    Request.
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
10001/tcp open  ssl/scp-config?
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
| fingerprint-strings: 
|   GetRequest, HTTPOptions, RTSPRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:08 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   Help, SSLSessionReq, TerminalServerCookie: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:24 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   TLSSessionReq: 
|     HTTP/1.1 400 Bad Request
|     Date: Sun, 06 Jul 2025 20:49:25 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|_    Request.
4 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port25-TCP:V=7.92%I=7%D=7/6%Time=686AE133%P=x86_64-redhat-linux-gnu%r(N
SF:ULL,33,"220\x20mx0b-001b4103\.pphosted\.com\x20ESMTP\x20mfa-m0264580\r\
SF:n")%r(Hello,53,"220\x20mx0b-001b4103\.pphosted\.com\x20ESMTP\x20mfa-m02
SF:64580\r\n501\x205\.5\.4\x20Domain\x20name\x20required\r\n")%r(Help,5B,"
SF:220\x20mx0b-001b4103\.pphosted\.com\x20ESMTP\x20mfa-m0264579\r\n500\x20
SF:5\.5\.1\x20Command\x20unrecognized:\x20\"HELP\"\r\n")%r(GenericLines,7B
SF:,"220\x20mx0b-001b4103\.pphosted\.com\x20ESMTP\x20mfa-m0264578\r\n500\x
SF:205\.5\.1\x20Command\x20unrecognized:\x20\"\"\r\n500\x205\.5\.1\x20Comm
SF:and\x20unrecognized:\x20\"\"\r\n")%r(GetRequest,54,"220\x20mx0b-001b410
SF:3\.pphosted\.com\x20ESMTP\x20mfa-m0264578\r\n421\x204\.7\.0\x20Open\x20
SF:proxy\x20prohibited\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port443-TCP:V=7.92%T=SSL%I=7%D=7/6%Time=686AE139%P=x86_64-redhat-linux-
SF:gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun
SF:,\x2006\x20Jul\x202025\x2020:48:57\x20GMT\r\nServer:\x20\x20\r\nStrict-
SF:Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nConten
SF:t-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\
SF:x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HTTP/
SF:1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x20
SF:20:48:57\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max
SF:-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnect
SF:ion:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\
SF:r\nBad\x20Request\.")%r(FourOhFourRequest,EC,"HTTP/1\.1\x20400\x20Bad\x
SF:20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:48:57\x20GMT\r\nS
SF:erver:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20in
SF:cludeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nCon
SF:tent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\."
SF:)%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,
SF:\x2006\x20Jul\x202025\x2020:49:08\x20GMT\r\nServer:\x20\x20\r\nStrict-T
SF:ransport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent
SF:-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x
SF:20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(Help,EC,"HTTP/1\.1\x20
SF:400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:23
SF:\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=315
SF:36000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20
SF:close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x
SF:20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\
SF:nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:24\x20GMT\r\nServer:\x20\x
SF:20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeSubDoma
SF:ins\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x
SF:20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(Terminal
SF:ServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2
SF:006\x20Jul\x202025\x2020:49:24\x20GMT\r\nServer:\x20\x20\r\nStrict-Tran
SF:sport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Le
SF:ngth:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20c
SF:harset=iso-8859-1\r\n\r\nBad\x20Request\.");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port10000-TCP:V=7.92%T=SSL%I=7%D=7/6%Time=686AE144%P=x86_64-redhat-linu
SF:x-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20S
SF:un,\x2006\x20Jul\x202025\x2020:49:08\x20GMT\r\nServer:\x20\x20\r\nStric
SF:t-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nCont
SF:ent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html
SF:;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HTT
SF:P/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x
SF:2020:49:08\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20m
SF:ax-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConne
SF:ction:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\
SF:n\r\nBad\x20Request\.")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:08\x20GMT\r\nServe
SF:r:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includ
SF:eSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent
SF:-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(
SF:Help,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20J
SF:ul\x202025\x2020:49:24\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Se
SF:curity:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2
SF:012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=i
SF:so-8859-1\r\n\r\nBad\x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:24\x
SF:20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536
SF:000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20cl
SF:ose\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20
SF:Request\.")%r(TerminalServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Reque
SF:st\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:24\x20GMT\r\nServer:\
SF:x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeSu
SF:bDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-Ty
SF:pe:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(TLS
SF:SessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x200
SF:6\x20Jul\x202025\x2020:49:25\x20GMT\r\nServer:\x20\x20\r\nStrict-Transp
SF:ort-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Leng
SF:th:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20cha
SF:rset=iso-8859-1\r\n\r\nBad\x20Request\.");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port10001-TCP:V=7.92%T=SSL%I=7%D=7/6%Time=686AE144%P=x86_64-redhat-linu
SF:x-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20S
SF:un,\x2006\x20Jul\x202025\x2020:49:08\x20GMT\r\nServer:\x20\x20\r\nStric
SF:t-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nCont
SF:ent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html
SF:;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HTT
SF:P/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x
SF:2020:49:08\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20m
SF:ax-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConne
SF:ction:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\
SF:n\r\nBad\x20Request\.")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Re
SF:quest\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:08\x20GMT\r\nServe
SF:r:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includ
SF:eSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent
SF:-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(
SF:Help,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20J
SF:ul\x202025\x2020:49:24\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Se
SF:curity:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2
SF:012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=i
SF:so-8859-1\r\n\r\nBad\x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x2040
SF:0\x20Bad\x20Request\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:24\x
SF:20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536
SF:000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20cl
SF:ose\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20
SF:Request\.")%r(TerminalServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Reque
SF:st\r\nDate:\x20Sun,\x2006\x20Jul\x202025\x2020:49:24\x20GMT\r\nServer:\
SF:x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeSu
SF:bDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-Ty
SF:pe:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(TLS
SF:SessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Sun,\x200
SF:6\x20Jul\x202025\x2020:49:25\x20GMT\r\nServer:\x20\x20\r\nStrict-Transp
SF:ort-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Leng
SF:th:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20cha
SF:rset=iso-8859-1\r\n\r\nBad\x20Request\.");
OS fingerprint not ideal because: Host distance (12 network hops) is greater than five
No OS matches for host
Network Distance: 12 hops

TRACEROUTE (using port 111/tcp)
HOP RTT      ADDRESS
1   0.27 ms  208.76.251.177.rdns.ColocationAmerica.com (208.76.251.177)
2   0.79 ms  gw.mcom-colocationamerica.com (208.64.231.81)
3   0.67 ms  r1b4.n1p1400.lax.multacom.net (64.69.46.9)
4   ...
5   10.94 ms be2931.ccr31.phx01.atlas.cogentco.com (154.54.44.85)
6   21.05 ms be5471.ccr21.elp02.atlas.cogentco.com (154.54.166.57)
7   30.86 ms be3821.ccr31.dfw01.atlas.cogentco.com (154.54.165.25)
8   37.82 ms port-channel8121.ccr91.jan02.atlas.cogentco.com (154.54.40.250)
9   45.56 ms be3009.ccr41.atl01.atlas.cogentco.com (154.54.29.133)
10  45.96 ms be4189.rcr51.b006503-1.atl01.atlas.cogentco.com (154.54.30.242)
11  ...
12  47.63 ms mx0b-001b4103.pphosted.com (148.163.137.70)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 149.66 seconds