{"ip": "67.195.61.156", "scan_reason": "auto", "tags": ["Oath Holdings Inc", "as36647"], "scan_id": "sfwrxqvprzndov7c", "agent_version": "0.6.7", "agent": "12dd66183e49a100", "scan_start": "2019-11-08T20:30:18.342535+00:00", "nmap_data": "# Nmap 7.60 scan initiated Fri Nov 8 20:30:19 2019 as: nmap --privileged -oA data/natlas.sfwrxqvprzndov7c/nmap.sfwrxqvprzndov7c --servicedb ./natlas-services -sV -O --script=default,ssh-auth-methods,ssl-enum-ciphers --open --script-timeout=60 --host-timeout=600 --osscan-limit 67.195.61.156\nNmap scan report for vdoads-flky.adx.gq1.yahoo.com (67.195.61.156)\nHost is up (0.074s latency).\nNot shown: 1837 filtered ports\nSome closed ports may be reported as filtered due to --defeat-rst-ratelimit\nPORT STATE SERVICE VERSION\n443/tcp open ssl/https\n| fingerprint-strings: \n| FourOhFourRequest: \n| HTTP/1.1 404 Not Found\n| Content-Security-Policy: default-src 'self'\n| X-Content-Type-Options: nosniff\n| Content-Type: text/html; charset=utf-8\n| Content-Length: 174\n| Date: Fri, 08 Nov 2019 20:31:33 GMT\n| Connection: close\n| \n| \n| \n| \n| Error\n| \n| \n|
Cannot GET /nice%20ports%2C/Tri%6Eity.txt%2ebak
\n| \n| \n| GetRequest: \n| HTTP/1.1 200 OK\n| Accept-Ranges: bytes\n| Cache-Control: public, max-age=0\n| Last-Modified: Sat, 20 Apr 2019 04:28:47 GMT\n| ETag: W/\"239-16a3900fc33\"\n| Content-Type: text/html; charset=UTF-8\n| Content-Length: 569\n| Date: Fri, 08 Nov 2019 20:31:32 GMT\n| Connection: close\n| Video Test Page
\n| HTTPOptions: \n| HTTP/1.1 404 Not Found\n| Content-Security-Policy: default-src 'self'\n| X-Content-Type-Options: nosniff\n| Content-Type: text/html; charset=utf-8\n| Content-Length: 143\n| Date: Fri, 08 Nov 2019 20:31:33 GMT\n| Connection: close\n| \n| \n| \n| \n| Error\n| \n| \n|
Cannot OPTIONS /
\n| \n|_ \n|_http-title: Video Test Page\n| ssl-cert: Subject: commonName=testvideo.advertising.yahoo.com/organizationName=Oath Inc/stateOrProvinceName=California/countryName=US\n| Subject Alternative Name: DNS:testvideo.advertising.yahoo.com\n| Not valid before: 2019-06-19T00:00:00\n|_Not valid after: 2019-12-16T12:00:00\n|_ssl-date: TLS randomness does not represent time\n| ssl-enum-ciphers: \n| TLSv1.0: \n| ciphers: \n| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n| compressors: \n| NULL\n| cipher preference: server\n| TLSv1.1: \n| ciphers: \n| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n| compressors: \n| NULL\n| cipher preference: server\n| TLSv1.2: \n| ciphers: \n| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A\n| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A\n| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A\n| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A\n| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n| compressors: \n| NULL\n| cipher preference: server\n|_ least strength: A\n| tls-nextprotoneg: \n| http/1.1\n|_ http/1.0\n1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :\nSF-Port443-TCP:V=7.60%T=SSL%I=7%D=11/8%Time=5DC5D0A4%P=x86_64-pc-linux-gnu\nSF:%r(GetRequest,342,\"HTTP/1\\.1\\x20200\\x20OK\\r\\nAccept-Ranges:\\x20bytes\\r\\\nSF:nCache-Control:\\x20public,\\x20max-age=0\\r\\nLast-Modified:\\x20Sat,\\x2020\nSF:\\x20Apr\\x202019\\x2004:28:47\\x20GMT\\r\\nETag:\\x20W/\\\"239-16a3900fc33\\\"\\r\\\nSF:nContent-Type:\\x20text/html;\\x20charset=UTF-8\\r\\nContent-Length:\\x20569\nSF:\\r\\nDate:\\x20Fri,\\x2008\\x20Nov\\x202019\\x2020:31:32\\x20GMT\\r\\nConnection\nSF::\\x20close\\r\\n\\r\\nVideo\\x20Test\\x20Page\")%r(HTTPOptions,16C,\"HT\nSF:TP/1\\.1\\x20404\\x20Not\\x20Found\\r\\nContent-Security-Policy:\\x20default-s\nSF:rc\\x20'self'\\r\\nX-Content-Type-Options:\\x20nosniff\\r\\nContent-Type:\\x20\nSF:text/html;\\x20charset=utf-8\\r\\nContent-Length:\\x20143\\r\\nDate:\\x20Fri,\\\nSF:x2008\\x20Nov\\x202019\\x2020:31:33\\x20GMT\\r\\nConnection:\\x20close\\r\\n\\r\\n\nSF:\\n\\n\\n\\nError\\n\\n\\n
Cannot\\x20OPTIONS\\\nSF:x20/
\\n\\n\\n\")%r(FourOhFourRequest,18B,\"HTTP/1\\.1\\x20\nSF:404\\x20Not\\x20Found\\r\\nContent-Security-Policy:\\x20default-src\\x20'self\nSF:'\\r\\nX-Content-Type-Options:\\x20nosniff\\r\\nContent-Type:\\x20text/html;\\\nSF:x20charset=utf-8\\r\\nContent-Length:\\x20174\\r\\nDate:\\x20Fri,\\x2008\\x20No\nSF:v\\x202019\\x2020:31:33\\x20GMT\\r\\nConnection:\\x20close\\r\\n\\r\\n\\n\\n\\n\\nError\\n\\n\\n
Cannot\\x20GET\\x20/nice%20port\nSF:s%2C/Tri%6Eity\\.txt%2ebak
\\n\\n\\n\");\n\nRead from .: natlas-services.\nRead from /usr/bin/../share/nmap: nmap-os-db nmap-payloads nmap-service-probes.\nOS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .\n# Nmap done at Fri Nov 8 20:31:55 2019 -- 1 IP address (1 host up) scanned in 97.22 seconds\n", "gnmap_data": "# Nmap 7.60 scan initiated Fri Nov 8 20:30:19 2019 as: nmap --privileged -oA data/natlas.sfwrxqvprzndov7c/nmap.sfwrxqvprzndov7c --servicedb ./natlas-services -sV -O --script=default,ssh-auth-methods,ssl-enum-ciphers --open --script-timeout=60 --host-timeout=600 --osscan-limit 67.195.61.156\nHost: 67.195.61.156 (vdoads-flky.adx.gq1.yahoo.com)\tStatus: Up\nHost: 67.195.61.156 (vdoads-flky.adx.gq1.yahoo.com)\tPorts: 443/open/tcp//ssl|https///\tIgnored State: filtered (1837)\n# Nmap done at Fri Nov 8 20:31:55 2019 -- 1 IP address (1 host up) scanned in 97.22 seconds\n", "xml_data": "\n\n\n\n\n\n\n\n\n
\n\n\n\n\n\n\n\n\n\n\n\n\n\n", "is_up": true, "port_count": 1, "screenshots": [{"host": "67.195.61.156", "port": 443, "service": "HTTPS", "hash": "2a0d0c9b34ab637c87b355d29cb091aec3d36cd7e47d042fbd146edcc567349b", "thumb_hash": "f0294ea4eff59f578a103d7934dc96d5cdb66e493c61322d6583446d2c7a3d1e"}], "scan_stop": "2019-11-08T20:31:58.555851+00:00", "elapsed": 100, "hostname": "vdoads-flky.adx.gq1.yahoo.com", "ctime": "2019-11-08T20:31:59.048004+00:00", "ports": [{"id": "tcp.443", "port": "443", "protocol": "tcp", "banner": "", "service": {"name": "https", "servicefp": "SF-Port443-TCP:V=7.60%T=SSL%I=7%D=11/8%Time=5DC5D0A4%P=x86_64-pc-linux-gnu%r(GetRequest,342,\"HTTP/1\\.1\\x20200\\x20OK\\r\\nAccept-Ranges:\\x20bytes\\r\\nCache-Control:\\x20public,\\x20max-age=0\\r\\nLast-Modified:\\x20Sat,\\x2020\\x20Apr\\x202019\\x2004:28:47\\x20GMT\\r\\nETag:\\x20W/\\\"239-16a3900fc33\\\"\\r\\nContent-Type:\\x20text/html;\\x20charset=UTF-8\\r\\nContent-Length:\\x20569\\r\\nDate:\\x20Fri,\\x2008\\x20Nov\\x202019\\x2020:31:32\\x20GMT\\r\\nConnection:\\x20close\\r\\n\\r\\nVideo\\x20Test\\x20Page\")%r(HTTPOptions,16C,\"HTTP/1\\.1\\x20404\\x20Not\\x20Found\\r\\nContent-Security-Policy:\\x20default-src\\x20'self'\\r\\nX-Content-Type-Options:\\x20nosniff\\r\\nContent-Type:\\x20text/html;\\x20charset=utf-8\\r\\nContent-Length:\\x20143\\r\\nDate:\\x20Fri,\\x2008\\x20Nov\\x202019\\x2020:31:33\\x20GMT\\r\\nConnection:\\x20close\\r\\n\\r\\n\\n\\n\\n\\nError\\n\\n\\n
Cannot\\x20OPTIONS\\x20/
\\n\\n\\n\")%r(FourOhFourRequest,18B,\"HTTP/1\\.1\\x20404\\x20Not\\x20Found\\r\\nContent-Security-Policy:\\x20default-src\\x20'self'\\r\\nX-Content-Type-Options:\\x20nosniff\\r\\nContent-Type:\\x20text/html;\\x20charset=utf-8\\r\\nContent-Length:\\x20174\\r\\nDate:\\x20Fri,\\x2008\\x20Nov\\x202019\\x2020:31:33\\x20GMT\\r\\nConnection:\\x20close\\r\\n\\r\\n\\n\\n\\n\\nError\\n\\n\\n
Cannot\\x20GET\\x20/nice%20ports%2C/Tri%6Eity\\.txt%2ebak
\\n\\n\\n\");", "tunnel": "ssl", "method": "probed", "conf": "10", "cpelist": []}, "state": "open", "reason": "syn-ack", "scripts": [{"id": "fingerprint-strings", "output": "\n FourOhFourRequest: \n HTTP/1.1 404 Not Found\n Content-Security-Policy: default-src 'self'\n X-Content-Type-Options: nosniff\n Content-Type: text/html; charset=utf-8\n Content-Length: 174\n Date: Fri, 08 Nov 2019 20:31:33 GMT\n Connection: close\n \n \n \n \n Error\n \n \n
Cannot GET /nice%20ports%2C/Tri%6Eity.txt%2ebak
\n \n \n GetRequest: \n HTTP/1.1 200 OK\n Accept-Ranges: bytes\n Cache-Control: public, max-age=0\n Last-Modified: Sat, 20 Apr 2019 04:28:47 GMT\n ETag: W/\"239-16a3900fc33\"\n Content-Type: text/html; charset=UTF-8\n Content-Length: 569\n Date: Fri, 08 Nov 2019 20:31:32 GMT\n Connection: close\n Video Test Page
\n HTTPOptions: \n HTTP/1.1 404 Not Found\n Content-Security-Policy: default-src 'self'\n X-Content-Type-Options: nosniff\n Content-Type: text/html; charset=utf-8\n Content-Length: 143\n Date: Fri, 08 Nov 2019 20:31:33 GMT\n Connection: close\n \n \n \n \n Error\n \n \n
Cannot OPTIONS /
\n \n "}, {"id": "http-title", "output": "Video Test Page"}, {"id": "ssl-cert", "output": "Subject: commonName=testvideo.advertising.yahoo.com/organizationName=Oath Inc/stateOrProvinceName=California/countryName=US\nSubject Alternative Name: DNS:testvideo.advertising.yahoo.com\nNot valid before: 2019-06-19T00:00:00\nNot valid after: 2019-12-16T12:00:00"}, {"id": "ssl-date", "output": "TLS randomness does not represent time"}, {"id": "ssl-enum-ciphers", "output": "\n TLSv1.0: \n ciphers: \n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n compressors: \n NULL\n cipher preference: server\n TLSv1.1: \n ciphers: \n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n compressors: \n NULL\n cipher preference: server\n TLSv1.2: \n ciphers: \n TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A\n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A\n TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A\n TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A\n TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A\n TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A\n TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n compressors: \n NULL\n cipher preference: server\n least strength: A"}, {"id": "tls-nextprotoneg", "output": "\n http/1.1\n http/1.0"}], "ssl": {"subject": {"commonName": "testvideo.advertising.yahoo.com", "altNames": ["testvideo.advertising.yahoo.com"]}, "issuer": {"countryName": "US", "organizationName": "DigiCert Inc", "organizationalUnitName": "www.digicert.com", "commonName": "DigiCert SHA2 High Assurance Server CA"}, "pubkey": {"type": "rsa", "bits": 2048}, "sig_alg": "sha256WithRSAEncryption", "notAfter": "2019-12-16T12:00:00", "notBefore": "2019-06-19T00:00:00", "md5": "ce208722d4ffba17dd82b9ef9d11334d", "sha1": "c5c1553426db04c5fae212909707cd1246ed6f4d", "pem": "-----BEGIN CERTIFICATE-----\nMIIGbzCCBVegAwIBAgIQAQ+jNJFhgzKsnaw80oC3LDANBgkqhkiG9w0BAQsFADBw\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz\ndXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MTkwMDAwMDBaFw0xOTEyMTYxMjAwMDBa\nMHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlT\ndW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMSgwJgYDVQQDEx90ZXN0dmlkZW8u\nYWR2ZXJ0aXNpbmcueWFob28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAwRaf1Wpp2nC+S7EJVjNIXnagsWcszfioDjp1R1Cl4NOWg1VV1GBRgGWf\nzAp25myO94JWd1hFhfCgbgdol4wZUvztuSOw6oghQd/sa1I2qUSsIt8deQVKTr9D\nODEDpy2tqqKVSAICL4YVEw01HSgG/II/UI+GcUmMeYye9ouJqg4t1zP5XuA39bN8\nEHV/T3bHccw96VliX8waJACpkfBKorPDGga8legF8JI+bjBt9Pat9EWxKGZF0tMn\nITgCkGQuBnaInHv9q8f6CbTbHj3PmQzRsPLcO1eZhGQOb+iBo3lmeWKHv9l1sUSL\neNj9pmubAd0yY57T0lbOW2zXbaighwIDAQABo4IDADCCAvwwHwYDVR0jBBgwFoAU\nUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFM9qF2yrPrN7SZRvXP+/IkN+\nBQr8MCoGA1UdEQQjMCGCH3Rlc3R2aWRlby5hZHZlcnRpc2luZy55YWhvby5jb20w\nDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1\nBgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1o\nYS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20v\nc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCow\nKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM\nAQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp\nZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQu\nY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0T\nAQH/BAIwADCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AKS5CZC0GFgUh7sTosxn\ncAo8NZgE+RvfuON3zQ7IDdwQAAABa3ElGH0AAAQDAEcwRQIhAOHQzoeAVdHHZEB/\n6o6CYjrklOhHwRpqL2r9APKqQ0IkAiAeRRz+ygrF7/RoJ4JEKzMOl1xxRjZxD8ID\nRo94HcE7dQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABa3El\nGNYAAAQDAEcwRQIhALYHLmAMPYLjw0P/kE6XChV/0KQJvpbRG/BgpK8hoLeCAiBK\na5ujG+Hcndww6NDtbIJzohCmpvb5lRTExKq//cQwFTANBgkqhkiG9w0BAQsFAAOC\nAQEAjZcgNgRsigk5oiVA7WCGMwNTLgM6bNnU8gIUbkR0jXVpF1T8ZYKtCTRQmHG0\nmWCHlJQMYMO7r8atvOnF1O6hECTDwz/zPcSFayEfyT5zZ0lJ2rFkG6vTgRTcpUZh\nVTfQ3ddbYp1Pg2P+dlDX3k+P9znNixpc9RqOxDNQDd7CrW+/HBrUge0+nyfRkbfP\n3crcjMfO9Q9jE6a+zbrFnD7PcvnYAIB/Qt/8P76uqtZGvTDE0pcF8KAeUzDZVzd5\nsS53LLh0i0NXes44XuvLMSzWh03gwtDEpc/GIPGZUOPmVGdcy4fxMLhFl8SFjl8z\nlrO3JS4JWESV0s4DmqApkX9vNg==\n-----END CERTIFICATE-----\n"}}], "port_str": "443", "num_screenshots": 1}