Nmap scan report for mxa-001d3a01.gslb.pphosted.com (148.163.148.242) Host is up (0.012s latency). rDNS record for 148.163.148.242: mx0a-001d3a01.pphosted.com Not shown: 996 closed tcp ports (reset) PORT STATE SERVICE VERSION 25/tcp open smtp | fingerprint-strings: | GenericLines: | 220 mx0a-001d3a01.pphosted.com ESMTP mfa-m0096891 | 5.5.1 Command unrecognized: "" | 5.5.1 Command unrecognized: "" | GetRequest: | 220 mx0a-001d3a01.pphosted.com ESMTP mfa-m0096891 | 4.7.0 Open proxy prohibited | Hello: | 220 mx0a-001d3a01.pphosted.com ESMTP mfa-m0096889 | 5.5.4 Domain name required | Help: | 220 mx0a-001d3a01.pphosted.com ESMTP mfa-m0096891 | 5.5.1 Command unrecognized: "HELP" | NULL: |_ 220 mx0a-001d3a01.pphosted.com ESMTP mfa-m0096889 |_smtp-commands: mx0a-001d3a01.pphosted.com Hello 208.76.253.234.rdns.ColocationAmerica.com [208.76.253.234] (may be forged), pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE 157286400, STARTTLS | ssl-cert: Subject: commonName=*.gslb.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.gslb.pphosted.com, DNS:*.pphosted.com, DNS:pphosted.com | Not valid before: 2025-02-04T00:00:00 |_Not valid after: 2026-02-04T23:59:59 |_ssl-date: TLS randomness does not represent time 443/tcp open ssl/https |_http-title: Forbidden | fingerprint-strings: | FourOhFourRequest, GetRequest, HTTPOptions: | HTTP/1.1 400 Bad Request | Date: Thu, 11 Sep 2025 03:48:57 GMT | Server: | Strict-Transport-Security: max-age=31536000; includeSubDomains | Content-Length: 12 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | Request. | Help, SSLSessionReq, TerminalServerCookie: | HTTP/1.1 400 Bad Request | Date: Thu, 11 Sep 2025 03:49:23 GMT | Server: | Strict-Transport-Security: max-age=31536000; includeSubDomains | Content-Length: 12 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | Request. | RTSPRequest: | HTTP/1.1 400 Bad Request | Date: Thu, 11 Sep 2025 03:49:08 GMT | Server: | Strict-Transport-Security: max-age=31536000; includeSubDomains | Content-Length: 12 | Connection: close | Content-Type: text/html; charset=iso-8859-1 |_ Request. | ssl-cert: Subject: commonName=securemail.henryschein.com/organizationName=Henry Schein, Inc./stateOrProvinceName=New York/countryName=US | Subject Alternative Name: DNS:securemail.henryschein.com | Not valid before: 2024-11-27T00:00:00 |_Not valid after: 2025-11-27T23:59:59 |_http-server-header: 10000/tcp open ssl/snet-sensor-mgmt? | fingerprint-strings: | GetRequest, HTTPOptions, RTSPRequest: | HTTP/1.1 400 Bad Request | Date: Thu, 11 Sep 2025 03:49:08 GMT | Server: | Strict-Transport-Security: max-age=31536000; includeSubDomains | Content-Length: 12 | Connection: close | Content-Type: text/html; charset=iso-8859-1 | Request. | Help, SSLSessionReq, TLSSessionReq, TerminalServerCookie: | HTTP/1.1 400 Bad Request | Date: Thu, 11 Sep 2025 03:49:23 GMT | Server: | Strict-Transport-Security: max-age=31536000; includeSubDomains | Content-Length: 12 | Connection: close | Content-Type: text/html; charset=iso-8859-1 |_ Request. | ssl-cert: Subject: commonName=*.pphosted.com/organizationName=Proofpoint, Inc./stateOrProvinceName=California/countryName=US | Subject Alternative Name: DNS:*.pphosted.com, DNS:*.gslb.pphosted.com, DNS:pphosted.com | Not valid before: 2025-02-04T00:00:00 |_Not valid after: 2026-02-04T23:59:59 10001/tcp filtered scp-config 3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port25-TCP:V=7.92%I=7%D=9/10%Time=68C246A3%P=x86_64-redhat-linux-gnu%r( SF:NULL,33,"220\x20mx0a-001d3a01\.pphosted\.com\x20ESMTP\x20mfa-m0096889\r SF:\n")%r(Hello,53,"220\x20mx0a-001d3a01\.pphosted\.com\x20ESMTP\x20mfa-m0 SF:096889\r\n501\x205\.5\.4\x20Domain\x20name\x20required\r\n")%r(Help,5B, SF:"220\x20mx0a-001d3a01\.pphosted\.com\x20ESMTP\x20mfa-m0096891\r\n500\x2 SF:05\.5\.1\x20Command\x20unrecognized:\x20\"HELP\"\r\n")%r(GenericLines,7 SF:B,"220\x20mx0a-001d3a01\.pphosted\.com\x20ESMTP\x20mfa-m0096891\r\n500\ SF:x205\.5\.1\x20Command\x20unrecognized:\x20\"\"\r\n500\x205\.5\.1\x20Com SF:mand\x20unrecognized:\x20\"\"\r\n")%r(GetRequest,54,"220\x20mx0a-001d3a SF:01\.pphosted\.com\x20ESMTP\x20mfa-m0096891\r\n421\x204\.7\.0\x20Open\x2 SF:0proxy\x20prohibited\r\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port443-TCP:V=7.92%T=SSL%I=7%D=9/10%Time=68C246A9%P=x86_64-redhat-linux SF:-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Th SF:u,\x2011\x20Sep\x202025\x2003:48:57\x20GMT\r\nServer:\x20\x20\r\nStrict SF:-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nConte SF:nt-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html; SF:\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HTTP SF:/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2 SF:003:48:57\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20ma SF:x-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnec SF:tion:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n SF:\r\nBad\x20Request\.")%r(FourOhFourRequest,EC,"HTTP/1\.1\x20400\x20Bad\ SF:x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:48:57\x20GMT\r\n SF:Server:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20i SF:ncludeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nCo SF:ntent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\. SF:")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu SF:,\x2011\x20Sep\x202025\x2003:49:08\x20GMT\r\nServer:\x20\x20\r\nStrict- SF:Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nConten SF:t-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\ SF:x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(Help,EC,"HTTP/1\.1\x2 SF:0400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:49:2 SF:3\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31 SF:536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x2 SF:0close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\ SF:x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r SF:\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:49:23\x20GMT\r\nServer:\x20\ SF:x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeSubDom SF:ains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\ SF:x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(Termina SF:lServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x SF:2011\x20Sep\x202025\x2003:49:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Tra SF:nsport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-L SF:ength:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20 SF:charset=iso-8859-1\r\n\r\nBad\x20Request\."); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port10000-TCP:V=7.92%T=SSL%I=7%D=9/10%Time=68C246B4%P=x86_64-redhat-lin SF:ux-gnu%r(GetRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20 SF:Thu,\x2011\x20Sep\x202025\x2003:49:08\x20GMT\r\nServer:\x20\x20\r\nStri SF:ct-Transport-Security:\x20max-age=31536000;\x20includeSubDomains\r\nCon SF:tent-Length:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/htm SF:l;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(HTTPOptions,EC,"HT SF:TP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\ SF:x2003:49:08\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20 SF:max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConn SF:ection:\x20close\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r SF:\n\r\nBad\x20Request\.")%r(RTSPRequest,EC,"HTTP/1\.1\x20400\x20Bad\x20R SF:equest\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:49:08\x20GMT\r\nServ SF:er:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20inclu SF:deSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nConten SF:t-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r SF:(Help,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20 SF:Sep\x202025\x2003:49:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-S SF:ecurity:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Length:\x SF:2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset= SF:iso-8859-1\r\n\r\nBad\x20Request\.")%r(SSLSessionReq,EC,"HTTP/1\.1\x204 SF:00\x20Bad\x20Request\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:49:23\ SF:x20GMT\r\nServer:\x20\x20\r\nStrict-Transport-Security:\x20max-age=3153 SF:6000;\x20includeSubDomains\r\nContent-Length:\x2012\r\nConnection:\x20c SF:lose\r\nContent-Type:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x2 SF:0Request\.")%r(TerminalServerCookie,EC,"HTTP/1\.1\x20400\x20Bad\x20Requ SF:est\r\nDate:\x20Thu,\x2011\x20Sep\x202025\x2003:49:23\x20GMT\r\nServer: SF:\x20\x20\r\nStrict-Transport-Security:\x20max-age=31536000;\x20includeS SF:ubDomains\r\nContent-Length:\x2012\r\nConnection:\x20close\r\nContent-T SF:ype:\x20text/html;\x20charset=iso-8859-1\r\n\r\nBad\x20Request\.")%r(TL SF:SSessionReq,EC,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nDate:\x20Thu,\x20 SF:11\x20Sep\x202025\x2003:49:23\x20GMT\r\nServer:\x20\x20\r\nStrict-Trans SF:port-Security:\x20max-age=31536000;\x20includeSubDomains\r\nContent-Len SF:gth:\x2012\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20ch SF:arset=iso-8859-1\r\n\r\nBad\x20Request\."); OS fingerprint not ideal because: Host distance (8 network hops) is greater than five No OS matches for host Network Distance: 8 hops TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS 1 0.20 ms 208.76.251.177.rdns.ColocationAmerica.com (208.76.251.177) 2 0.70 ms gw.mcom-colocationamerica.com (208.64.231.81) 3 0.68 ms r1b4.n1p1400.lax.multacom.net (64.69.46.9) 4 ... 5 12.45 ms be3097.ccr81.sjc13.atlas.cogentco.com (154.54.40.157) 6 12.12 ms be6009.ccr41.sjc03.atlas.cogentco.com (154.54.169.38) 7 ... 8 12.02 ms mx0a-001d3a01.pphosted.com (148.163.148.242) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 145.07 seconds