[SCAM] BTCHYIP com portscan


SUBMITTED BY: Guest

DATE: Jan. 28, 2013, 3:24 p.m.

FORMAT: Text only

SIZE: 5.2 kB

HITS: 1197

  1. Starting Nmap 5.00 ( http://nmap.org ) at 2013-01-28 16:15 CET
  2. NSE: Loaded 30 scripts for scanning.
  3. Initiating Parallel DNS resolution of 1 host. at 16:15
  4. Completed Parallel DNS resolution of 1 host. at 16:16, 6.82s elapsed
  5. DNS resolution of 1 IPs took 6.82s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 3, CN: 0]
  6. Initiating Connect Scan at 16:16
  7. Scanning lb1.btchyip.com (178.32.177.19) [1000 ports]
  8. Discovered open port 3306/tcp on 178.32.177.19
  9. Discovered open port 80/tcp on 178.32.177.19
  10. Discovered open port 995/tcp on 178.32.177.19
  11. Discovered open port 110/tcp on 178.32.177.19
  12. Discovered open port 111/tcp on 178.32.177.19
  13. Discovered open port 993/tcp on 178.32.177.19
  14. Discovered open port 22/tcp on 178.32.177.19
  15. Discovered open port 143/tcp on 178.32.177.19
  16. Discovered open port 53/tcp on 178.32.177.19
  17. Discovered open port 81/tcp on 178.32.177.19
  18. Increasing send delay for 178.32.177.19 from 0 to 5 due to 36 out of 119 dropped probes since last increase.
  19. Discovered open port 8333/tcp on 178.32.177.19
  20. Discovered open port 82/tcp on 178.32.177.19
  21. Completed Connect Scan at 16:16, 8.50s elapsed (1000 total ports)
  22. Initiating Service scan at 16:16
  23. Scanning 12 services on lb1.btchyip.com (178.32.177.19)
  24. Completed Service scan at 16:18, 116.55s elapsed (12 services on 1 host)
  25. NSE: Script scanning 178.32.177.19.
  26. NSE: Starting runlevel 1 scan
  27. Initiating NSE at 16:18
  28. Completed NSE at 16:18, 30.12s elapsed
  29. NSE: Script Scanning completed.
  30. Host lb1.btchyip.com (178.32.177.19) is up (0.020s latency).
  31. Scanned at 2013-01-28 16:16:05 CET for 156s
  32. Interesting ports on lb1.btchyip.com (178.32.177.19):
  33. Not shown: 983 closed ports
  34. PORT STATE SERVICE VERSION
  35. 22/tcp open ssh OpenSSH 4.3 (protocol 2.0)
  36. | ssh-hostkey: 1024 ba:9d:77:9b:39:2f:c5:8f:ac:83:54:50:47:d2:c9:be (DSA)
  37. | ssh-dss AAAAB3NzaC1kc3MAAACBAMlXeL+sAU/dlQBsA/izsuSEQidkcXl5iqqNbHDYOSZg3njGl6Pr9cwPxLbWChZDvCq92hrB5iFKvoU13fnvNFZYcGfHirPMzg5ULlXejt01Wfa9T0Gg6P33mFkrFk/4ZYL9Uh8Me5Dnx3QcAlMThgTU4S60M+3pb+WJSWEV2pwLAAAAFQC5fsmDlSIdO1h57qd7kHTsx1vXEwAAAIAqYmXWAtjLNaQS/ViDSFKxe1JnRcgUSeqkxGbxlD+KMwmUaIwYnSw6yREFfRvs2IHrvSXBDulQF8BFiT1Rsf0df+rFltYftKLD2e8cql7ye+5KgVY/pG1YJ3ZtZLxLa2GxH3v3V2lY2wDnieb36CY9XJjdfuRlAU99Rk4ExtpokAAAAIBfQRuM27Zp5lKvjN2Of/4UCA9VLoWR1KCTAyLzpdmnZLt5czLOk7S0mpQ1wyQwmukO3tad819OlqkZQU+sjup9O9ES6c2lK1gBUFyKTFARHTpp3a9NDiisj/ttqG/oXlFTUutJlw8Xvo2aib3TzVXUoL/kxCcnjxrXsI82sLWSYA==
  38. | 2048 30:17:3a:2e:1b:30:b5:db:5e:46:5e:a3:41:35:e9:da (RSA)
  39. |_ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvacMfPHGfGpOxO57sk7JdhibcwfMNPNjeeMf4WQOUQ0f3rgbR3T6wdJfrEI2qGt5ATf1CQTXSyE+62G8uahTaoSQY34bHFnv5zNbRPkZoa/QHKccSY+pmleLQOxeo8ezrMQ2yMXVX41cJKf1mWUclldRsksphoAlwKFdat7zNJtYcUywNk59FMpBLi4j49KQjlCNcG58ryUSpIy8EPKlAHheiEF0CAEDTLnbcKfN9ka5Wu2lbH95BBm2vqPtNvwT8W37zZebtFOycTcURiTDZ6AxSfpJ2b8SXnp7ON8l6ZVqsakcfOdGJPAxaSvb7apZea0NWroMD7wmEQ2KSN+yfw==
  40. 25/tcp filtered smtp
  41. 53/tcp open domain
  42. 80/tcp open http nginx web server 0.8.55
  43. |_ html-title: BTCHyip - Grow your bitcoin
  44. 81/tcp open http nginx web server 0.8.55
  45. |_ html-title: Test Page for the Nginx HTTP Server on EPEL
  46. 82/tcp open http nginx web server 0.8.55
  47. | html-title: Redirect
  48. |_ Did not follow redirect to calender.com:82/login.php?
  49. 110/tcp open pop3 Dovecot pop3d
  50. |_ pop3-capabilities: USER CAPA RESP-CODES UIDL PIPELINING STLS TOP SASL(PLAIN)
  51. 111/tcp open rpcbind
  52. | rpcinfo:
  53. | 100000 2 111/udp rpcbind
  54. | 100024 1 743/udp status
  55. | 100000 2 111/tcp rpcbind
  56. |_ 100024 1 746/tcp status
  57. 143/tcp open imap Dovecot imapd
  58. |_ imap-capabilities: LOGIN-REFERRALS AUTH=PLAIN UNSELECT THREAD=REFERENCES STARTTLS IMAP4rev1 NAMESPACE SORT CHILDREN LITERAL+ IDLE SASL-IR MULTIAPPEND
  59. 445/tcp filtered microsoft-ds
  60. 993/tcp open ssl/imap Dovecot imapd
  61. | sslv2: server still supports SSLv2
  62. | SSL2_DES_192_EDE3_CBC_WITH_MD5
  63. | SSL2_RC2_CBC_128_CBC_WITH_MD5
  64. | SSL2_RC4_128_WITH_MD5
  65. |_ SSL2_RC4_128_EXPORT40_WITH_MD5
  66. |_ imap-capabilities: LOGIN-REFERRALS UNSELECT THREAD=REFERENCES AUTH=PLAIN IMAP4rev1 NAMESPACE SORT CHILDREN LITERAL+ IDLE SASL-IR MULTIAPPEND
  67. 995/tcp open ssl/pop3 Dovecot pop3d
  68. | sslv2: server still supports SSLv2
  69. | SSL2_DES_192_EDE3_CBC_WITH_MD5
  70. | SSL2_RC2_CBC_128_CBC_WITH_MD5
  71. | SSL2_RC4_128_WITH_MD5
  72. |_ SSL2_RC4_128_EXPORT40_WITH_MD5
  73. |_ pop3-capabilities: USER CAPA UIDL PIPELINING RESP-CODES TOP SASL(PLAIN)
  74. 3306/tcp open mysql MySQL 5.0.95
  75. | mysql-info: Protocol: 10
  76. | Version: 5.0.95
  77. | Thread ID: 60258
  78. | Some Capabilities: Connect with DB, Compress, Transactions, Secure Connection
  79. | Status: Autocommit
  80. |_ Salt: 1YOavQpar>ygzO\_H)6p
  81. 6667/tcp filtered irc
  82. 6668/tcp filtered irc
  83. 6669/tcp filtered irc
  84. 8333/tcp open unknown
  85. Read data files from: /usr/share/nmap
  86. Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
  87. Nmap done: 1 IP address (1 host up) scanned in 162.23 seconds

comments powered by Disqus