Scan Time: Tue Dec 30 19:40:02 2025
Target: 91.231.89.235
----------------------------------------
Starting Nmap 7.95 ( https://nmap.org ) at 2025-12-30 19:37 UTC
Nmap scan report for ronan.probe.onyphe.net (91.231.89.235)
Host is up (0.015s latency).
Not shown: 996 closed tcp ports (reset)
PORT STATE SERVICE VERSION
25/tcp filtered smtp
80/tcp open http hidden
|_http-server-header: hidden
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.0 301 Moved Permanently
| Location: https:///nice%20ports%2C/Trinity.txt.bak
| Content-Length: 0
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:19 GMT
| Server: hidden
| GenericLines:
| HTTP/1.0 400 Bad Request
| Content-Type: text/html
| Content-Length: 345
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:19 GMT
| Server: hidden
|
|
|
|
| 400 Bad Request
|
|
| 400 Bad Request
|
|
| GetRequest, HTTPOptions:
| HTTP/1.0 301 Moved Permanently
| Location: https:///
| Content-Length: 0
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:14 GMT
| Server: hidden
| RTSPRequest:
| HTTP/1.0 400 Bad Request
| Content-Type: text/html
| Content-Length: 345
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:14 GMT
| Server: hidden
|
|
|
|
| 400 Bad Request
|
|
| 400 Bad Request
|
|_
|_http-title: Did not follow redirect to https://ronan.probe.onyphe.net/
443/tcp open ssl/https hidden
|_http-server-header: hidden
| ssl-cert: Subject: commonName=*.probe.onyphe.net
| Subject Alternative Name: DNS:*.probe.onyphe.net, DNS:probe.onyphe.net
| Not valid before: 2025-11-15T00:00:00
|_Not valid after: 2026-12-16T23:59:59
| tls-alpn:
| http/1.0
| http/1.1
|_ h2
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.0 404 Not Found
| Content-Type: text/html
| Content-Length: 341
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:24 GMT
| Server: hidden
|
|
|
|
| 404 Not Found
|
|
| 404 Not Found
|
|
| GetRequest:
| HTTP/1.0 200 OK
| Content-Type: text/html
| ETag: "831437091"
| Last-Modified: Mon, 29 Dec 2025 16:53:30 GMT
| Content-Length: 15115
| Connection: close
| Date: Tue, 30 Dec 2025 19:37:19 GMT
| Server: hidden
|
|
|
|
|
|
| Big Data for Cyber Defense | ONYPHE
| \n\n\n\x20\n\x20\x20400\x20Bad\x20Request\n\x20\n\x20\n\x20\x20400\x20Bad\x20Request
\n\x20\n\n")%r(F
SF:ourOhFourRequest,B1,"HTTP/1\.0\x20301\x20Moved\x20Permanently\r\nLocati
SF:on:\x20https:///nice%20ports%2C/Trinity\.txt\.bak\r\nContent-Length:\x2
SF:00\r\nConnection:\x20close\r\nDate:\x20Tue,\x2030\x20Dec\x202025\x2019:
SF:37:19\x20GMT\r\nServer:\x20hidden\r\n\r\n")%r(GenericLines,1EB,"HTTP/1\
SF:.0\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/html\r\nContent-Le
SF:ngth:\x20345\r\nConnection:\x20close\r\nDate:\x20Tue,\x2030\x20Dec\x202
SF:025\x2019:37:19\x20GMT\r\nServer:\x20hidden\r\n\r\n<\?xml\x20version=\"
SF:1\.0\"\x20encoding=\"iso-8859-1\"\?>\n\n\n\x20\n\x20\x20400\x20Bad\x20Requ
SF:est\n\x20\n\x20\n\x20\x20400\x20Bad\x20Request
SF:
\n\x20\n\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port443-TCP:V=7.95%T=SSL%I=7%D=12/30%Time=695429F0%P=x86_64-pc-linux-gn
SF:u%r(GetRequest,3BD7,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/ht
SF:ml\r\nETag:\x20\"831437091\"\r\nLast-Modified:\x20Mon,\x2029\x20Dec\x20
SF:2025\x2016:53:30\x20GMT\r\nContent-Length:\x2015115\r\nConnection:\x20c
SF:lose\r\nDate:\x20Tue,\x2030\x20Dec\x202025\x2019:37:19\x20GMT\r\nServer
SF::\x20hidden\r\n\r\n\n\n\n\
SF:n\x20\x20\x20\x20\n\x20\x20\x20\x20\n\x20\
SF:x20\x20\x20\n\x20\x20\x20\x20Big\x20Data\x20fo
SF:r\x20Cyber\x20Defense\x20\|\x20ONYPHE\n\x20\x20\x20\x20\n\n\n\x20\n\x20\x20404\x20Not\x20Found\n\x2
SF:0\n\x20\n\x20\x20404\x20Not\x20Found
\n\x20
SF:\n\n");
Device type: general purpose|router
Running: Linux 5.X, MikroTik RouterOS 7.X
OS CPE: cpe:/o:linux:linux_kernel:5 cpe:/o:mikrotik:routeros:7 cpe:/o:linux:linux_kernel:5.6.3
OS details: Linux 5.0 - 5.14, MikroTik RouterOS 7.2 - 7.5 (Linux 5.6.3)
Network Distance: 19 hops
TRACEROUTE (using port 554/tcp)
HOP RTT ADDRESS
1 0.12 ms 172.18.0.1
2 2.97 ms 172.31.1.1
3 1.13 ms 26472.your-cloud.host (162.55.119.126)
4 ... 5
6 0.97 ms core-spine-rdev2.cloud2.fsn1.hetzner.com (213.239.239.81)
7 1.63 ms core21.fsn1.hetzner.com (213.239.227.194)
8 5.95 ms core1.fra.hetzner.com (213.239.224.14)
9 5.89 ms fra-fra15-pb2-ptx.de.eu (57.128.121.216)
10 ... 13
14 16.69 ms be105.lil2-gra1-sbb2-nc5.fr.eu (91.121.131.18)
15 18.15 ms 37.59.16.38
16 ... 18
19 14.90 ms ronan.probe.onyphe.net (91.231.89.235)
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 176.00 seconds