Technical Report

api.acmecorp.com (52.45.123.100)

The origin server at 52.45.123.100 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

api-internal.acmecorp.com (203.0.113.10)

The origin server at 203.0.113.10 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

staging.acmecorp.com (203.0.113.11)

The origin server at 203.0.113.11 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

dev.acmecorp.com (203.0.113.12)

The origin server at 203.0.113.12 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

legacy.acmecorp.com (203.0.113.15)

The origin server at 203.0.113.15 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

dashboard.acmecorp.com (52.45.123.101)

The origin server at 52.45.123.101 is directly accessible from the internet, bypassing all CDN/WAF protections.

Complete service outage possible with relatively small attack volume. CDN investment provides no protection.

Configure origin firewall to only accept traffic from CDN IP ranges. Consider origin IP rotation.

api.acmecorp.com (52.45.123.100)

API endpoints found: /api/v1/users, /api/v1/products, /api/v1/orders, /api/v2/auth, /api/v2/webhooks. Rate limiting status unknown.

Application-layer DDoS attacks can exhaust backend resources. API abuse possible.

Implement rate limiting at CDN/WAF level. Add authentication rate limits for sensitive endpoints.

api-internal.acmecorp.com (203.0.113.10)

API endpoints found: /internal/api/v1/admin, /internal/api/v1/config. Rate limiting status unknown.

Application-layer DDoS attacks can exhaust backend resources. API abuse possible.

Implement rate limiting at CDN/WAF level. Add authentication rate limits for sensitive endpoints.

app.acmecorp.com (104.16.125.45)

API endpoints found: /app/api/login, /app/api/dashboard. Rate limiting status unknown.

Application-layer DDoS attacks can exhaust backend resources. API abuse possible.

Implement rate limiting at CDN/WAF level. Add authentication rate limits for sensitive endpoints.

store.acmecorp.com (104.16.126.45)

API endpoints found: /checkout/api, /cart/api. Rate limiting status unknown.

Application-layer DDoS attacks can exhaust backend resources. API abuse possible.

Implement rate limiting at CDN/WAF level. Add authentication rate limits for sensitive endpoints.

dashboard.acmecorp.com (52.45.123.101)

API endpoints found: /api/v1/metrics, /api/v1/alerts. Rate limiting status unknown.

Application-layer DDoS attacks can exhaust backend resources. API abuse possible.

Implement rate limiting at CDN/WAF level. Add authentication rate limits for sensitive endpoints.

api.acmecorp.com (52.45.123.100)

No Web Application Firewall detected in HTTP responses.

Application-layer attacks may not be filtered. Vulnerable to HTTP floods.

Deploy WAF (Cloudflare, AWS WAF, etc.) to filter malicious requests.

api-internal.acmecorp.com (203.0.113.10)

Non-HTTP protocols found: SSH, MySQL.

Additional attack surface for protocol-specific attacks.

Review necessity of exposed protocols. Apply rate limiting and access controls.

api-internal.acmecorp.com (203.0.113.10)

No Web Application Firewall detected in HTTP responses.

Application-layer attacks may not be filtered. Vulnerable to HTTP floods.

Deploy WAF (Cloudflare, AWS WAF, etc.) to filter malicious requests.

staging.acmecorp.com (203.0.113.11)

No Web Application Firewall detected in HTTP responses.

Application-layer attacks may not be filtered. Vulnerable to HTTP floods.

Deploy WAF (Cloudflare, AWS WAF, etc.) to filter malicious requests.

dev.acmecorp.com (203.0.113.12)

Non-HTTP protocols found: SSH.

Additional attack surface for protocol-specific attacks.

Review necessity of exposed protocols. Apply rate limiting and access controls.

dev.acmecorp.com (203.0.113.12)

No Web Application Firewall detected in HTTP responses.

Application-layer attacks may not be filtered. Vulnerable to HTTP floods.

Deploy WAF (Cloudflare, AWS WAF, etc.) to filter malicious requests.

legacy.acmecorp.com (203.0.113.15)

Non-HTTP protocols found: FTP.

Additional attack surface for protocol-specific attacks.

Review necessity of exposed protocols. Apply rate limiting and access controls.

legacy.acmecorp.com (203.0.113.15)

No Web Application Firewall detected in HTTP responses.

Application-layer attacks may not be filtered. Vulnerable to HTTP floods.

Deploy WAF (Cloudflare, AWS WAF, etc.) to filter malicious requests.

mail.acmecorp.com (203.0.113.20)

Non-HTTP protocols found: SMTP, SMTP_TLS, SMTP_STARTTLS.

Additional attack surface for protocol-specific attacks.

Review necessity of exposed protocols. Apply rate limiting and access controls.