# Nmap 7.60 scan initiated Thu Jan 14 16:54:13 2021 as: nmap --privileged -oA /data/scans/natlas.602a58dabed22dd35caa27f249d6d26b/nmap.602a58dabed22dd35caa27f249d6d26b --servicedb /data/conf/natlas-services -sV -O --script=default,ssl-enum-ciphers,ssh-auth-methods --open --script-timeout=60 --host-timeout=600 --osscan-limit -Pn 209.97.128.194
Nmap scan report for 209.97.128.194
Host is up (0.090s latency).
Not shown: 1005 filtered ports, 1 closed port
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT     STATE SERVICE  VERSION
443/tcp  open  ssl/http nginx
| http-robots.txt: 1 disallowed entry 
|_/
|_http-server-header: nginx
|_http-title: 3CX Phone System Management Console
| ssl-cert: Subject: commonName=ccpara.3cx.co.uk
| Subject Alternative Name: DNS:ccpara.3cx.co.uk
| Not valid before: 2020-12-14T20:47:25
|_Not valid after:  2021-03-14T20:47:25
|_ssl-date: TLS randomness does not represent time
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CCM_8 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CCM (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CCM_8 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CCM (dh 2048) - A
|       TLS_RSA_WITH_AES_256_CCM_8 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CCM (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CCM_8 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CCM (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (rsa 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (rsa 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|_  least strength: A
| tls-nextprotoneg: 
|   h2
|_  http/1.1
5060/tcp open  sip      (SIP end point; Status: 200 OK)
| fingerprint-strings: 
|   SIPOptions: 
|     SIP/2.0 200 OK
|     Via: SIP/2.0/TCP nm;branch=foo;received=51.81.64.17
|     Contact: <sip:209.97.128.194:5060;transport=tcp>
|     <sip:nm2@nm2>;tag=aa61f37f
|     From: <sip:nm@nm>;tag=root
|     Call-ID: 50000
|     CSeq: 42 OPTIONS
|     Accept: application/sdp
|     Accept-Language: en
|     Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE, UPDATE
|     Supported: replaces, timer
|     Allow-Events: presence, message-summary, dialog, call-info, line-seize
|_    Content-Length: 0
5061/tcp open  ssl/sip  (SIP end point; Status: 482 Merged Request)
| fingerprint-strings: 
|   SIPOptions: 
|     SIP/2.0 482 Merged Request
|     Via: SIP/2.0/TCP nm;branch=foo;received=51.81.64.17
|     <sip:nm2@nm2>;tag=e67c4673
|     From: <sip:nm@nm>;tag=root
|     Call-ID: 50000
|     CSeq: 42 OPTIONS
|     Accept-Language: en
|_    Content-Length: 0
| ssl-cert: Subject: commonName=ccpara.3cx.co.uk
| Subject Alternative Name: DNS:ccpara.3cx.co.uk
| Not valid before: 2020-12-14T20:47:25
|_Not valid after:  2021-03-14T20:47:25
|_ssl-date: TLS randomness does not represent time
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: client
|_  least strength: A
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port5060-TCP:V=7.60%I=7%D=1/14%Time=60007750%P=x86_64-pc-linux-gnu%r(SI
SF:POptions,1E1,"SIP/2\.0\x20200\x20OK\r\nVia:\x20SIP/2\.0/TCP\x20nm;branc
SF:h=foo;received=51\.81\.64\.17\r\nContact:\x20<sip:209\.97\.128\.194:506
SF:0;transport=tcp>\r\nTo:\x20<sip:nm2@nm2>;tag=aa61f37f\r\nFrom:\x20<sip:
SF:nm@nm>;tag=root\r\nCall-ID:\x2050000\r\nCSeq:\x2042\x20OPTIONS\r\nAccep
SF:t:\x20application/sdp\r\nAccept-Language:\x20en\r\nAllow:\x20INVITE,\x2
SF:0ACK,\x20CANCEL,\x20OPTIONS,\x20BYE,\x20REGISTER,\x20SUBSCRIBE,\x20NOTI
SF:FY,\x20REFER,\x20INFO,\x20MESSAGE,\x20UPDATE\r\nSupported:\x20replaces,
SF:\x20timer\r\nAllow-Events:\x20presence,\x20message-summary,\x20dialog,\
SF:x20call-info,\x20line-seize\r\nContent-Length:\x200\r\n\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port5061-TCP:V=7.60%T=SSL%I=7%D=1/14%Time=60007756%P=x86_64-pc-linux-gn
SF:u%r(SIPOptions,D9,"SIP/2\.0\x20482\x20Merged\x20Request\r\nVia:\x20SIP/
SF:2\.0/TCP\x20nm;branch=foo;received=51\.81\.64\.17\r\nTo:\x20<sip:nm2@nm
SF:2>;tag=e67c4673\r\nFrom:\x20<sip:nm@nm>;tag=root\r\nCall-ID:\x2050000\r
SF:\nCSeq:\x2042\x20OPTIONS\r\nAccept-Language:\x20en\r\nContent-Length:\x
SF:200\r\n\r\n");
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.16 - 4.6

Read from /data/conf: natlas-services.
Read from /usr/bin/../share/nmap: nmap-os-db nmap-payloads nmap-service-probes.
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Thu Jan 14 16:55:21 2021 -- 1 IP address (1 host up) scanned in 68.48 seconds