Scan report for "safehaven.adm.cloud.com"

Nmap scan report for safehaven.adm.cloud.com (18.234.20.141)
Host is up (0.068s latency).
Other addresses for safehaven.adm.cloud.com (not scanned): 67.202.55.230 3.234.71.124
rDNS record for 18.234.20.141: ec2-18-234-20-141.compute-1.amazonaws.com
Not shown: 998 filtered ports
PORT    STATE SERVICE   VERSION
80/tcp  open  http      awselb/2.0
| fingerprint-strings: 
|   DNSVersionBindReqTCP, RPCCheck: 
|     HTTP/1.1 400 Bad Request
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:24 GMT
|     Content-Type: text/html
|     Content-Length: 122
|     Connection: close
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|     </html>
|   FourOhFourRequest: 
|     HTTP/1.1 403 Forbidden
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:19 GMT
|     Content-Type: text/html
|     Content-Length: 118
|     Connection: close
|     <html>
|     <head><title>403 Forbidden</title></head>
|     <body>
|     <center><h1>403 Forbidden</h1></center>
|     </body>
|     </html>
|   GetRequest, HTTPOptions: 
|     HTTP/1.1 403 Forbidden
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:18 GMT
|     Content-Type: text/html
|     Content-Length: 118
|     Connection: close
|     <html>
|     <head><title>403 Forbidden</title></head>
|     <body>
|     <center><h1>403 Forbidden</h1></center>
|     </body>
|     </html>
|   RTSPRequest: 
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|     </html>
|   X11Probe: 
|     HTTP/1.1 400 Bad Request
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:19 GMT
|     Content-Type: text/html
|     Content-Length: 122
|     Connection: close
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|_    </html>
|_http-server-header: awselb/2.0
|_http-title: Did not follow redirect to https://safehaven.adm.cloud.com:443/
443/tcp open  ssl/https awselb/2.0
| fingerprint-strings: 
|   DNSVersionBindReqTCP, RPCCheck: 
|     HTTP/1.1 400 Bad Request
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:31 GMT
|     Content-Type: text/html
|     Content-Length: 122
|     Connection: close
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|     </html>
|   FourOhFourRequest, HTTPOptions: 
|     HTTP/1.1 403 Forbidden
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:25 GMT
|     Content-Type: text/html
|     Content-Length: 118
|     Connection: close
|     <html>
|     <head><title>403 Forbidden</title></head>
|     <body>
|     <center><h1>403 Forbidden</h1></center>
|     </body>
|     </html>
|   GetRequest: 
|     HTTP/1.1 403 Forbidden
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:24 GMT
|     Content-Type: text/html
|     Content-Length: 118
|     Connection: close
|     <html>
|     <head><title>403 Forbidden</title></head>
|     <body>
|     <center><h1>403 Forbidden</h1></center>
|     </body>
|     </html>
|   RTSPRequest: 
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|     </html>
|   tor-versions: 
|     HTTP/1.1 400 Bad Request
|     Server: awselb/2.0
|     Date: Tue, 21 Nov 2023 23:13:25 GMT
|     Content-Type: text/html
|     Content-Length: 122
|     Connection: close
|     <html>
|     <head><title>400 Bad Request</title></head>
|     <body>
|     <center><h1>400 Bad Request</h1></center>
|     </body>
|_    </html>
| http-server-header: 
|   NetScaler ADM
|_  awselb/2.0
|_http-title: Did not follow redirect to https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUzTURBMk1EZzBNems3WWpjNE1XSTFPVFUyWldReVl6a3lZakptTkRObFlUUmxNV1V3TnpreFpUZzdTUzl2V25jMVlrMVhUbFJxVVUxNVRreExjMWxEYW1KUUsxVnJUR3g2Wkc0dmNqbDRXVFpEYnpoQmFFVmtVRWQwY0dnMFNETmxSR3RrWmpCb09XczBhRGhYVHpaMFdVMVljalo1VTJKaloyaHlhek5LWTJGNU1HdFFNVFVyYTB4aU1IVnlhWEF4ZEdGc1NtTlJibFJwY1V3MmNuWlFOVVJHU0hWTk4yTkZlRTVNV1VkWU9VZGpaalpFUlhaUVZIbENjMU5MUldKUFRuZG9hR3RzYlVoemMyaHZNVVZxU1hWaFFUUm9PVkphVlRCTFl6SkVVVEpTVjBaemRISXJVbUZxYkdORlJGcFlja2cxZWxWd01IZG5jV2xUYTBwUGJ6ZFBkREpWUkZOV2FrSlhOVWxsUTFCUFoxY3JUbEZNV0dGdVdubFBZM3BGY1dSc09EZEZjVzlMTmxsT2QxcGlWMlYzTjNNclVFVkxkSGhOSzFndmExaFJla0pQUkZGVU4yTXZSVEF4WjNwbE5qazBVVE5qZDNSR1lXWTNZVkYwUlVwUFNUQktSSHBFVTFVck1tSnlaMll3UjBWVlFrdHBaMDFrWjIxbE1qaDNQVDA3VFVGVA==
| ssl-cert: Subject: commonName=*.adm.cloud.com/organizationName=Citrix Systems, Inc./stateOrProvinceName=Florida/countryName=US
| Subject Alternative Name: DNS:*.adm.cloud.com, DNS:adm.cloud.com
| Not valid before: 2023-03-17T00:00:00
|_Not valid after:  2024-03-19T23:59:59
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port80-TCP:V=7.70%I=7%D=11/21%Time=655D398E%P=x86_64-redhat-linux-gnu%r
SF:(GetRequest,10A,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20awselb/2\.
SF:0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:18\x20GMT\r\nContent-T
SF:ype:\x20text/html\r\nContent-Length:\x20118\r\nConnection:\x20close\r\n
SF:\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\n<body>\r\
SF:n<center><h1>403\x20Forbidden</h1></center>\r\n</body>\r\n</html>\r\n")
SF:%r(HTTPOptions,10A,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20awselb/
SF:2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:18\x20GMT\r\nConten
SF:t-Type:\x20text/html\r\nContent-Length:\x20118\r\nConnection:\x20close\
SF:r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\n<body>
SF:\r\n<center><h1>403\x20Forbidden</h1></center>\r\n</body>\r\n</html>\r\
SF:n")%r(RTSPRequest,7A,"<html>\r\n<head><title>400\x20Bad\x20Request</tit
SF:le></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center>
SF:\r\n</body>\r\n</html>\r\n")%r(X11Probe,110,"HTTP/1\.1\x20400\x20Bad\x2
SF:0Request\r\nServer:\x20awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x20202
SF:3\x2023:13:19\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x
SF:20122\r\nConnection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\
SF:x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Reques
SF:t</h1></center>\r\n</body>\r\n</html>\r\n")%r(FourOhFourRequest,10A,"HT
SF:TP/1\.1\x20403\x20Forbidden\r\nServer:\x20awselb/2\.0\r\nDate:\x20Tue,\
SF:x2021\x20Nov\x202023\x2023:13:19\x20GMT\r\nContent-Type:\x20text/html\r
SF:\nContent-Length:\x20118\r\nConnection:\x20close\r\n\r\n<html>\r\n<head
SF:><title>403\x20Forbidden</title></head>\r\n<body>\r\n<center><h1>403\x2
SF:0Forbidden</h1></center>\r\n</body>\r\n</html>\r\n")%r(RPCCheck,110,"HT
SF:TP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20awselb/2\.0\r\nDate:\x20
SF:Tue,\x2021\x20Nov\x202023\x2023:13:24\x20GMT\r\nContent-Type:\x20text/h
SF:tml\r\nContent-Length:\x20122\r\nConnection:\x20close\r\n\r\n<html>\r\n
SF:<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center>
SF:<h1>400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</html>\r\n")%r(D
SF:NSVersionBindReqTCP,110,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\
SF:x20awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:24\x20GMT
SF:\r\nContent-Type:\x20text/html\r\nContent-Length:\x20122\r\nConnection:
SF:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></
SF:head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n<
SF:/body>\r\n</html>\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port443-TCP:V=7.70%T=SSL%I=7%D=11/21%Time=655D3994%P=x86_64-redhat-linu
SF:x-gnu%r(GetRequest,10A,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20aws
SF:elb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:24\x20GMT\r\nCo
SF:ntent-Type:\x20text/html\r\nContent-Length:\x20118\r\nConnection:\x20cl
SF:ose\r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\n<b
SF:ody>\r\n<center><h1>403\x20Forbidden</h1></center>\r\n</body>\r\n</html
SF:>\r\n")%r(HTTPOptions,10A,"HTTP/1\.1\x20403\x20Forbidden\r\nServer:\x20
SF:awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:25\x20GMT\r\
SF:nContent-Type:\x20text/html\r\nContent-Length:\x20118\r\nConnection:\x2
SF:0close\r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title></head>\r\
SF:n<body>\r\n<center><h1>403\x20Forbidden</h1></center>\r\n</body>\r\n</h
SF:tml>\r\n")%r(FourOhFourRequest,10A,"HTTP/1\.1\x20403\x20Forbidden\r\nSe
SF:rver:\x20awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:25\
SF:x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20118\r\nConne
SF:ction:\x20close\r\n\r\n<html>\r\n<head><title>403\x20Forbidden</title><
SF:/head>\r\n<body>\r\n<center><h1>403\x20Forbidden</h1></center>\r\n</bod
SF:y>\r\n</html>\r\n")%r(tor-versions,110,"HTTP/1\.1\x20400\x20Bad\x20Requ
SF:est\r\nServer:\x20awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x20
SF:23:13:25\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20122
SF:\r\nConnection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1
SF:></center>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,7A,"<html>\r\n<hea
SF:d><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1>
SF:400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</html>\r\n")%r(RPCCh
SF:eck,110,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20awselb/2\.0\r
SF:\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:13:31\x20GMT\r\nContent-Type
SF::\x20text/html\r\nContent-Length:\x20122\r\nConnection:\x20close\r\n\r\
SF:n<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body>\
SF:r\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</html
SF:>\r\n")%r(DNSVersionBindReqTCP,110,"HTTP/1\.1\x20400\x20Bad\x20Request\
SF:r\nServer:\x20awselb/2\.0\r\nDate:\x20Tue,\x2021\x20Nov\x202023\x2023:1
SF:3:31\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x20122\r\n
SF:Connection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\x20Reques
SF:t</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></c
SF:enter>\r\n</body>\r\n</html>\r\n");
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Linux 4.X (85%)
OS CPE: cpe:/o:linux:linux_kernel:4.2
Aggressive OS guesses: Linux 4.2 (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 20 hops

TRACEROUTE (using port 443/tcp)
HOP RTT      ADDRESS
1   0.21 ms  208.76.251.177
2   0.59 ms  gw.mcom-colocationamerica.com (208.64.231.81)
3   0.72 ms  1.162.45.96-dedicated.multacom.com (96.45.162.1)
4   1.13 ms  be5361.ccr42.lax01.atlas.cogentco.com (38.99.219.57)
5   12.41 ms be2932.ccr32.phx01.atlas.cogentco.com (154.54.45.161)
6   21.00 ms be3872.ccr22.elp02.atlas.cogentco.com (154.54.26.54)
7   36.93 ms be3851.ccr42.iah01.atlas.cogentco.com (154.54.2.5)
8   38.23 ms be2418.rcr51.b023723-0.iah01.atlas.cogentco.com (154.54.6.78)
9   37.82 ms 38.104.61.42
10  38.80 ms 52.93.254.209
11  38.27 ms 52.93.64.145
12  ... 19
20  68.11 ms ec2-18-234-20-141.compute-1.amazonaws.com (18.234.20.141)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 58.09 seconds

Target

safehaven.adm.cloud.com

Target IP

18.234.20.141

Target Country

Scan method

Scan OS information and Traceroute

Run command

nmap -A safehaven.adm.cloud.com

Scan date

21 Nov 2023 18:14

Copy scan report

Download report

Remove scan result

$