Nmap scan report for mxb-001ec801.gslb.pphosted.com (148.163.140.146)
Host is up (0.048s latency).
rDNS record for 148.163.140.146: mx0b-001ec801.pphosted.com
Not shown: 997 closed tcp ports (reset)
PORT      STATE SERVICE               VERSION
25/tcp    open  smtp
| fingerprint-strings: 
|   GenericLines: 
|     220 mx0b-001ec801.pphosted.com ESMTP mfa-m0163890
|     5.5.1 Command unrecognized: ""
|     5.5.1 Command unrecognized: ""
|   GetRequest: 
|     220 mx0b-001ec801.pphosted.com ESMTP mfa-m0163891
|     4.7.0 Open proxy prohibited
|   Hello: 
|     220 mx0b-001ec801.pphosted.com ESMTP mfa-m0163889
|     5.5.4 Domain name required
|   Help: 
|     220 mx0b-001ec801.pphosted.com ESMTP mfa-m0163888
|     5.5.1 Command unrecognized: "HELP"
|   NULL: 
|_    220 mx0b-001ec801.pphosted.com ESMTP mfa-m0163889
|_smtp-commands: mx0b-001ec801.pphosted.com Hello 208.76.253.234.rdns.ColocationAmerica.com [208.76.253.234] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE 157286400, STARTTLS
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
10000/tcp open  ssl/snet-sensor-mgmt?
| fingerprint-strings: 
|   GetRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:06 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   HTTPOptions, RTSPRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:07 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   Help: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:22 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   SSLSessionReq, TLSSessionReq, TerminalServerCookie: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:23 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|_    Request.
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
10001/tcp open  ssl/scp-config?
| fingerprint-strings: 
|   GetRequest, HTTPOptions, RTSPRequest: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:07 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|     Request.
|   Help, SSLSessionReq, TLSSessionReq, TerminalServerCookie: 
|     HTTP/1.1 400 Bad Request
|     Date: Thu, 11 Sep 2025 03:53:23 GMT
|     Server: 
|     Strict-Transport-Security: max-age=31536000; includeSubDomains
|     Content-Length: 12
|     Connection: close
|     Content-Type: text/html; charset=iso-8859-1
|_    Request.
| ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com
| Not valid before: 2025-02-04T00:00:00
|_Not valid after:  2026-02-04T23:59:59
3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port25-TCP:V=7.92%I=7%D=9/10%Time=68C24791%P=x86_64-redhat-linux-gnu%r(
SF:NULL,33,"220\x20mx0b-001ec801\.pphosted\.com\x20ESMTP\x20mfa-m0163889\r
SF:\n")%r(Hello,53,"220\x20mx0b-001ec801\.pphosted\.com\x20ESMTP\x20mfa-m0
SF:163889\r\n501\x205\.5\.4\x20Domain\x20name\x20required\r\n")%r(Help,5B,
SF:"220\x20mx0b-001ec801\.pphosted\.com\x20ESMTP\x20mfa-m0163888\r\n500\x2
SF:05\.5\.1\x20Command\x20unrecognized:\x20\"HELP\"\r\n")%r(GenericLines,7
SF:B,"220\x20mx0b-001ec801\.pphosted\.com\x20ESMTP\x20mfa-m0163890\r\n500\
SF:x205\.5\.1\x20Command\x20unrecognized:\x20\"\"\r\n500\x205\.5\.1\x20Com
SF:mand\x20unrecognized:\x20\"\"\r\n")%r(GetRequest,54,"220\x20mx0b-001ec8
SF:01\.pphosted\.com\x20ESMTP\x20mfa-m0163891\r\n421\x204\.7\.0\x20Open\x2
SF:0proxy\x20prohibited\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port10000-TCP:V=7.92%T=SSL%I=7%D=9/10%Time=68C247A2%P=x86_64-redhat-lin
SF:ux-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20
SF:Thu,\x2011\x20Sep\x202025\x2003:53:06\x20GMT\r\nServer:\x20\x20\r\nStri
SF:ct-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nCon
SF:tent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/htm
SF:l;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HT
SF:TP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\
SF:x2003:53:07\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20
SF:max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConn
SF:ection:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r
SF:\n\r\nBad\x20Request\.")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20R
SF:equest\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:07\x20GMT\r\nServ
SF:er:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20inclu
SF:deSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nConten
SF:t-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r
SF:(Help,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20
SF:Sep\x202025\x2003:53:22\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-S
SF:ecurity:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x
SF:2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=
SF:iso-8859-1\r\n\r\nBad\x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x204
SF:00\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:23\
SF:x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=3153
SF:6000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20c
SF:lose\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x2
SF:0Request\.")%r(TerminalServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Requ
SF:est\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:23\x20GMT\r\nServer:
SF:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeS
SF:ubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-T
SF:ype:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(TL
SF:SSessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x20
SF:11\x20Sep\x202025\x2003:53:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Trans
SF:port-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Len
SF:gth:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20ch
SF:arset=iso-8859-1\r\n\r\nBad\x20Request\.");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port10001-TCP:V=7.92%T=SSL%I=7%D=9/10%Time=68C247A3%P=x86_64-redhat-lin
SF:ux-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20
SF:Thu,\x2011\x20Sep\x202025\x2003:53:07\x20GMT\r\nServer:\x20\x20\r\nStri
SF:ct-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nCon
SF:tent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/htm
SF:l;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HT
SF:TP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\
SF:x2003:53:07\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20
SF:max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConn
SF:ection:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r
SF:\n\r\nBad\x20Request\.")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20R
SF:equest\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:07\x20GMT\r\nServ
SF:er:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20inclu
SF:deSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nConten
SF:t-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r
SF:(Help,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20
SF:Sep\x202025\x2003:53:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-S
SF:ecurity:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x
SF:2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=
SF:iso-8859-1\r\n\r\nBad\x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x204
SF:00\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:23\
SF:x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=3153
SF:6000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20c
SF:lose\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x2
SF:0Request\.")%r(TerminalServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Requ
SF:est\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:53:23\x20GMT\r\nServer:
SF:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeS
SF:ubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-T
SF:ype:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(TL
SF:SSessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x20
SF:11\x20Sep\x202025\x2003:53:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Trans
SF:port-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Len
SF:gth:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20ch
SF:arset=iso-8859-1\r\n\r\nBad\x20Request\.");
Device type: general purpose
Running (JUST GUESSING): FreeBSD 7.X (87%), OpenBSD 4.X|6.X|5.X (86%)
OS CPE: cpe:/o:freebsd:freebsd:7.0 cpe:/o:openbsd:openbsd:4.4 cpe:/o:openbsd:openbsd:6 cpe:/o:openbsd:openbsd:5
Aggressive OS guesses: FreeBSD 7.0-RELEASE (87%), OpenBSD 4.4 - 4.5 (86%), OpenBSD 6.0 - 6.4 (86%), OpenBSD 5.0 - 5.8 (85%), OpenBSD 5.0 (85%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 12 hops

TRACEROUTE (using port 21/tcp)
HOP RTT      ADDRESS
1   0.23 ms  208.76.251.177.rdns.ColocationAmerica.com (208.76.251.177)
2   1.04 ms  gw.mcom-colocationamerica.com (208.64.231.81)
3   0.74 ms  r1b4.n1p1400.lax.multacom.net (64.69.46.9)
4   ...
5   10.90 ms be2931.ccr31.phx01.atlas.cogentco.com (154.54.44.85)
6   19.91 ms be5471.ccr21.elp02.atlas.cogentco.com (154.54.166.57)
7   30.94 ms be3821.ccr31.dfw01.atlas.cogentco.com (154.54.165.25)
8   37.80 ms port-channel8121.ccr91.jan02.atlas.cogentco.com (154.54.40.250)
9   45.81 ms be3009.ccr41.atl01.atlas.cogentco.com (154.54.29.133)
10  45.74 ms be4189.rcr51.b006503-1.atl01.atlas.cogentco.com (154.54.30.242)
11  ...
12  47.85 ms mx0b-001ec801.pphosted.com (148.163.140.146)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 148.50 seconds