Ports
Duration
Date
IP
Nmap scan report for identity-us-east-2.prd.api.a.intuit.com (3.21.147.227) Host is up (0.059s latency). Other addresses for identity-us-east-2.prd.api.a.intuit.com (not scanned): 18.189.116.153 3.143.94.221 rDNS record for 3.21.147.227: ec2-3-21-147-227.us-east-2.compute.amazonaws.com Not shown: 998 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 80/tcp open http awselb/2.0 | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 301 Moved Permanently | Server: awselb/2.0 | Date: Sat, 26 Oct 2024 15:32:56 GMT | Content-Type: text/html | Content-Length: 134 | Connection: close | Location: https://apigw-use2-prd-id33-1303071720.us-east-2.elb.amazonaws.com:443/nice%20ports%2C/Tri%6Eity.txt%2ebak | <html> | <head><title>301 Moved Permanently</title></head> | <body> | <center><h1>301 Moved Permanently</h1></center> | </body> | </html> | GetRequest, HTTPOptions: | HTTP/1.1 301 Moved Permanently | Server: awselb/2.0 | Date: Sat, 26 Oct 2024 15:32:55 GMT | Content-Type: text/html | Content-Length: 134 | Connection: close | Location: https://apigw-use2-prd-id33-1303071720.us-east-2.elb.amazonaws.com:443/ | <html> | <head><title>301 Moved Permanently</title></head> | <body> | <center><h1>301 Moved Permanently</h1></center> | </body> | </html> | RTSPRequest: | <html> | <head><title>400 Bad Request</title></head> | <body> | <center><h1>400 Bad Request</h1></center> | </body> | </html> | X11Probe: | HTTP/1.1 400 Bad Request | Server: awselb/2.0 | Date: Sat, 26 Oct 2024 15:32:56 GMT | Content-Type: text/html | Content-Length: 122 | Connection: close | <html> | <head><title>400 Bad Request</title></head> | <body> | <center><h1>400 Bad Request</h1></center> | </body> |_ </html> |_http-title: Did not follow redirect to https://identity-us-east-2.prd.api.a.intuit.com:443/ |_http-server-header: awselb/2.0 443/tcp open ssl/http-proxy (bad gateway) | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 502 Bad Gateway | Date: Sat, 26 Oct 2024 15:33:02 GMT | Content-Type: text/plain | Content-Length: 0 | Connection: close | x-envoy-upstream-service-time: 0 | strict-transport-security: max-age=31536000 | intuit_tid: 1-671d0bae-52ac75fb6d153483712eae6d | x-request-id: 1-671d0bae-52ac75fb6d153483712eae6d | server: istio-envoy | GetRequest: | HTTP/1.1 502 Bad Gateway | Date: Sat, 26 Oct 2024 15:33:02 GMT | Content-Type: text/plain | Content-Length: 0 | Connection: close | x-envoy-upstream-service-time: 0 | strict-transport-security: max-age=31536000 | intuit_tid: 1-671d0bae-147d77dc20802d416714feb2 | x-request-id: 1-671d0bae-147d77dc20802d416714feb2 | server: istio-envoy | HTTPOptions: | HTTP/1.1 502 Bad Gateway | Date: Sat, 26 Oct 2024 15:33:02 GMT | Content-Type: text/plain | Content-Length: 0 | Connection: close | x-envoy-upstream-service-time: 0 | strict-transport-security: max-age=31536000 | intuit_tid: 1-671d0bae-173c0a2443c3d6394c7bad13 | x-request-id: 1-671d0bae-173c0a2443c3d6394c7bad13 | server: istio-envoy | Help, SSLSessionReq: | HTTP/1.1 400 Bad Request | Server: awselb/2.0 | Date: Sat, 26 Oct 2024 15:33:08 GMT | Content-Type: text/html | Content-Length: 122 | Connection: close | <html> | <head><title>400 Bad Request</title></head> | <body> | <center><h1>400 Bad Request</h1></center> | </body> | </html> | RTSPRequest: | <html> | <head><title>400 Bad Request</title></head> | <body> | <center><h1>400 Bad Request</h1></center> | </body> |_ </html> |_http-title: Site doesn't have a title (text/plain). | tls-alpn: | h2 |_ http/1.1 | http-server-header: | awselb/2.0 |_ istio-envoy |_ssl-date: TLS randomness does not represent time | ssl-cert: Subject: commonName=*.intuit.com/organizationName=INTUIT INC./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.intuit.com, DNS:*.sbfinance.intuit.com, DNS:*.iep.intuit.com, DNS:*.prd.platform.intuit.com, DNS:*.api.intuit.ae, DNS:*.api.intuit.com.au, DNS:*.prd.api.a.intuit.com, DNS:*.api.intuit.mx, DNS:*.sbfinance.stage.intuit.com, DNS:*.intuit.ca, DNS:*.workforce.intuit.com, DNS:*.appfabric.intuit.com, DNS:*.platform.intuit.ca, DNS:*.experimentation.intuit.com, DNS:*.stgl.intuit.com, DNS:*.finance.intuit.com, DNS:*.app.intuit.com, DNS:*.mint.intuit.com, DNS:*.api.intuit.com, DNS:*.contributedreports.intuit.com, DNS:*.qbo.intuit.com, DNS:*.prf.api.a.intuit.com, DNS:*.api.intuit.fr, DNS:*.payments.intuit.com, DNS:*.qa.api.a.intuit.com, DNS:help.mint.com, DNS:*.turbotaxonline.intuit.com, DNS:*.banking.intuit.com, DNS:*.api.intuit.sg, DNS:*.turbotax.intuit.com, DNS:*.quickbooks.intuit.com, DNS:*.e2e.api.a.intuit.com, DNS:*.api.intuit.net, DNS:*.api.intuit.ca, DNS:*.accountant.intuit.com, DNS:*.tax.intuit.com, DNS:*.hosting.intuit.com, DNS:*.a.intuit.com, DNS:*.camps.intuit.com, DNS:*.msg.intuit.com, DNS:*.prod.location.a.intuit.com, DNS:*.aws.api.intuit.com, DNS:*.api.intuit.co.za, DNS:*.ffffprdstg.intuit.com, DNS:*.api.intuit.ph, DNS:*.statefillableforms.com, DNS:*.api.quickbooks.com.br, DNS:*.business.intuit.com, DNS:*.ffffprd.intuit.com, DNS:*.api.intuit.hk, DNS:*.platform.intuit.com, DNS:*.qb.intuit.com, DNS:*.mint.com, DNS:*.api.quickbooks.co.uk, DNS:*.location.intuit.com, DNS:*.quickbooks.com | Not valid before: 2024-07-30T00:00:00 |_Not valid after: 2025-07-29T23:59:59 | tls-nextprotoneg: | h2 |_ http/1.1 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=7.92%I=7%D=10/26%Time=671D0BA7%P=x86_64-redhat-linux-gnu%r SF:(GetRequest,175,"HTTP/1\.1\x20301\x20Moved\x20Permanently\r\nServer:\x2 SF:0awselb/2\.0\r\nDate:\x20Sat,\x2026\x20Oct\x202024\x2015:32:55\x20GMT\r SF:\nContent-Type:\x20text/html\r\nContent-Length:\x20134\r\nConnection:\x SF:20close\r\nLocation:\x20https://apigw-use2-prd-id33-1303071720\.us-east SF:-2\.elb\.amazonaws\.com:443/\r\n\r\n<html>\r\n<head><title>301\x20Moved SF:\x20Permanently</title></head>\r\n<body>\r\n<center><h1>301\x20Moved\x2 SF:0Permanently</h1></center>\r\n</body>\r\n</html>\r\n")%r(HTTPOptions,17 SF:5,"HTTP/1\.1\x20301\x20Moved\x20Permanently\r\nServer:\x20awselb/2\.0\r SF:\nDate:\x20Sat,\x2026\x20Oct\x202024\x2015:32:55\x20GMT\r\nContent-Type SF::\x20text/html\r\nContent-Length:\x20134\r\nConnection:\x20close\r\nLoc SF:ation:\x20https://apigw-use2-prd-id33-1303071720\.us-east-2\.elb\.amazo SF:naws\.com:443/\r\n\r\n<html>\r\n<head><title>301\x20Moved\x20Permanentl SF:y</title></head>\r\n<body>\r\n<center><h1>301\x20Moved\x20Permanently</ SF:h1></center>\r\n</body>\r\n</html>\r\n")%r(RTSPRequest,7A,"<html>\r\n<h SF:ead><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h SF:1>400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</html>\r\n")%r(X11 SF:Probe,110,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nServer:\x20awselb/2\.0 SF:\r\nDate:\x20Sat,\x2026\x20Oct\x202024\x2015:32:56\x20GMT\r\nContent-Ty SF:pe:\x20text/html\r\nContent-Length:\x20122\r\nConnection:\x20close\r\n\ SF:r\n<html>\r\n<head><title>400\x20Bad\x20Request</title></head>\r\n<body SF:>\r\n<center><h1>400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</ht SF:ml>\r\n")%r(FourOhFourRequest,198,"HTTP/1\.1\x20301\x20Moved\x20Permane SF:ntly\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat,\x2026\x20Oct\x202024\x2 SF:015:32:56\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x2013 SF:4\r\nConnection:\x20close\r\nLocation:\x20https://apigw-use2-prd-id33-1 SF:303071720\.us-east-2\.elb\.amazonaws\.com:443/nice%20ports%2C/Tri%6Eity SF:\.txt%2ebak\r\n\r\n<html>\r\n<head><title>301\x20Moved\x20Permanently</ SF:title></head>\r\n<body>\r\n<center><h1>301\x20Moved\x20Permanently</h1> SF:</center>\r\n</body>\r\n</html>\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.92%T=SSL%I=7%D=10/26%Time=671D0BAD%P=x86_64-redhat-linu SF:x-gnu%r(GetRequest,149,"HTTP/1\.1\x20502\x20Bad\x20Gateway\r\nDate:\x20 SF:Sat,\x2026\x20Oct\x202024\x2015:33:02\x20GMT\r\nContent-Type:\x20text/p SF:lain\r\nContent-Length:\x200\r\nConnection:\x20close\r\nx-envoy-upstrea SF:m-service-time:\x200\r\nstrict-transport-security:\x20max-age=31536000\ SF:r\nintuit_tid:\x201-671d0bae-147d77dc20802d416714feb2\r\nx-request-id:\ SF:x201-671d0bae-147d77dc20802d416714feb2\r\nserver:\x20istio-envoy\r\n\r\ SF:n")%r(HTTPOptions,149,"HTTP/1\.1\x20502\x20Bad\x20Gateway\r\nDate:\x20S SF:at,\x2026\x20Oct\x202024\x2015:33:02\x20GMT\r\nContent-Type:\x20text/pl SF:ain\r\nContent-Length:\x200\r\nConnection:\x20close\r\nx-envoy-upstream SF:-service-time:\x200\r\nstrict-transport-security:\x20max-age=31536000\r SF:\nintuit_tid:\x201-671d0bae-173c0a2443c3d6394c7bad13\r\nx-request-id:\x SF:201-671d0bae-173c0a2443c3d6394c7bad13\r\nserver:\x20istio-envoy\r\n\r\n SF:")%r(FourOhFourRequest,149,"HTTP/1\.1\x20502\x20Bad\x20Gateway\r\nDate: SF:\x20Sat,\x2026\x20Oct\x202024\x2015:33:02\x20GMT\r\nContent-Type:\x20te SF:xt/plain\r\nContent-Length:\x200\r\nConnection:\x20close\r\nx-envoy-ups SF:tream-service-time:\x200\r\nstrict-transport-security:\x20max-age=31536 SF:000\r\nintuit_tid:\x201-671d0bae-52ac75fb6d153483712eae6d\r\nx-request- SF:id:\x201-671d0bae-52ac75fb6d153483712eae6d\r\nserver:\x20istio-envoy\r\ SF:n\r\n")%r(RTSPRequest,7A,"<html>\r\n<head><title>400\x20Bad\x20Request< SF:/title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Request</h1></cen SF:ter>\r\n</body>\r\n</html>\r\n")%r(Help,110,"HTTP/1\.1\x20400\x20Bad\x2 SF:0Request\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat,\x2026\x20Oct\x20202 SF:4\x2015:33:08\x20GMT\r\nContent-Type:\x20text/html\r\nContent-Length:\x SF:20122\r\nConnection:\x20close\r\n\r\n<html>\r\n<head><title>400\x20Bad\ SF:x20Request</title></head>\r\n<body>\r\n<center><h1>400\x20Bad\x20Reques SF:t</h1></center>\r\n</body>\r\n</html>\r\n")%r(SSLSessionReq,110,"HTTP/1 SF:\.1\x20400\x20Bad\x20Request\r\nServer:\x20awselb/2\.0\r\nDate:\x20Sat, SF:\x2026\x20Oct\x202024\x2015:33:08\x20GMT\r\nContent-Type:\x20text/html\ SF:r\nContent-Length:\x20122\r\nConnection:\x20close\r\n\r\n<html>\r\n<hea SF:d><title>400\x20Bad\x20Request</title></head>\r\n<body>\r\n<center><h1> SF:400\x20Bad\x20Request</h1></center>\r\n</body>\r\n</html>\r\n"); Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (90%) OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 Aggressive OS guesses: Linux 2.6.32 (90%), Linux 3.2 - 4.9 (90%), Linux 2.6.32 - 3.10 (89%), Linux 2.6.32 - 3.13 (89%), Linux 3.10 - 3.13 (88%) No exact OS matches for host (test conditions non-ideal). Network Distance: 17 hops TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS 1 0.25 ms 208.76.251.177.rdns.ColocationAmerica.com (208.76.251.177) 2 0.68 ms gw.mcom-colocationamerica.com (208.64.231.81) 3 0.65 ms r1b4.n1p1400.lax.multacom.net (64.69.46.9) 4 ... 5 12.22 ms be2931.ccr31.phx01.atlas.cogentco.com (154.54.44.85) 6 21.35 ms be5471.ccr21.elp02.atlas.cogentco.com (154.54.166.57) 7 32.37 ms be3821.ccr31.dfw01.atlas.cogentco.com (154.54.165.25) 8 32.54 ms be2763.ccr41.dfw03.atlas.cogentco.com (154.54.28.74) 9 ... 11 12 58.87 ms 108.166.244.0 13 ... 16 17 58.75 ms ec2-3-21-147-227.us-east-2.compute.amazonaws.com (3.21.147.227) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 38.76 seconds