I apologize, considering I had been able to do things like system updates, DNS queries, pings, etc from the system, my first thought was to check if things could properly come back IN. It was a bit of a misunderstanding.
Here are the results of trace route, ping, and nmap from the affected device, to univention.com
# traceroute 78.47.5.12
traceroute to 78.47.5.12 (78.47.5.12), 30 hops max, 60 byte packets
1 150.156.193.1 (150.156.193.1) 0.255 ms 0.174 ms 0.126 ms
2 192.52.220.193 (192.52.220.193) 0.490 ms 0.428 ms 0.488 ms
3 192.52.220.2 (192.52.220.2) 0.714 ms 0.667 ms 0.618 ms
4 h113.76.131.40.static.ip.windstream.net (40.131.76.113) 6.869 ms 6.837 ms 6.792 ms
5 xe1-1-1-0.agr03.roch01-ny.us.windstream.net (169.130.167.186) 6.847 ms 6.808 ms 6.768 ms
6 h4.248.128.40.static.ip.windstream.net (40.128.248.4) 14.085 ms 14.158 ms 14.081 ms
7 xe-0-0-11-3.a00.nycmny13.us.bb.gin.ntt.net (129.250.193.157) 14.891 ms 14.855 ms 14.815 ms
8 ae-4.r07.nycmny01.us.bb.gin.ntt.net (129.250.6.66) 14.779 ms 14.462 ms 14.409 ms
9 ae-2.r25.nycmny01.us.bb.gin.ntt.net (129.250.3.97) 15.579 ms 15.536 ms ae-3.r25.nycmny01.us.bb.gin.ntt.net (129.250.6.208) 15.489 ms
10 ae-9.r24.frnkge08.de.bb.gin.ntt.net (129.250.2.5) 97.605 ms 99.880 ms 97.591 ms
11 ae-13.r03.frnkge03.de.bb.gin.ntt.net (129.250.6.207) 104.843 ms 98.843 ms 104.754 ms
12 213.198.82.130 (213.198.82.130) 98.595 ms 98.562 ms 98.518 ms
13 core11.nbg1.hetzner.com (213.239.252.22) 102.073 ms 102.020 ms core12.nbg1.hetzner.com (213.239.252.26) 102.037 ms
14 ex9k2.dc1.nbg1.hetzner.com (213.239.203.214) 101.973 ms ex9k2.dc1.nbg1.hetzner.com (213.239.203.218) 102.892 ms ex9k2.dc1.nbg1.hetzner.com (213.239.203.214) 101.959 ms
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
# ping univention.com
PING univention.com (78.47.5.12) 56(84) bytes of data.
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=1 ttl=52 time=95.7 ms
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=2 ttl=52 time=95.7 ms
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=3 ttl=52 time=95.7 ms
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=4 ttl=52 time=95.6 ms
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=5 ttl=52 time=95.7 ms
64 bytes from dedi2924.your-server.de (78.47.5.12): icmp_seq=6 ttl=52 time=95.7 ms
^C
--- univention.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5007ms
rtt min/avg/max/mdev = 95.697/95.767/95.798/0.401 ms
# nmap -sV -vv --version-trace univention.com
Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-04 14:33 EST
PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)
--------------- Timing report ---------------
hostgroups: min 1, max 100000
rtt-timeouts: init 1000, min 100, max 10000
max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
parallelism: min 0, max 0
max-retries: 10, host-timeout: 0
min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI:
NSE: Loaded 40 scripts for scanning.
Initiating Ping Scan at 14:33
Scanning univention.com (78.47.5.12) [4 ports]
Packet capture filter (device ens18): dst host 150.156.193.2 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 78.47.5.12)))
We got a ping packet back from 78.47.5.12: id = 38222 seq = 0 checksum = 27313
Completed Ping Scan at 14:33, 0.22s elapsed (1 total hosts)
Overall sending rates: 17.85 packets / s, 678.32 bytes / s.
mass_rdns: Using DNS server 150.156.193.2
Initiating Parallel DNS resolution of 1 host. at 14:33
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 14:33, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 14:33
Scanning univention.com (78.47.5.12) [1000 ports]
Packet capture filter (device ens18): dst host 150.156.193.2 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 78.47.5.12)))
Discovered open port 443/tcp on 78.47.5.12
Discovered open port 21/tcp on 78.47.5.12
Discovered open port 110/tcp on 78.47.5.12
Discovered open port 143/tcp on 78.47.5.12
Discovered open port 995/tcp on 78.47.5.12
Discovered open port 22/tcp on 78.47.5.12
Discovered open port 25/tcp on 78.47.5.12
Discovered open port 80/tcp on 78.47.5.12
Discovered open port 587/tcp on 78.47.5.12
Discovered open port 993/tcp on 78.47.5.12
Discovered open port 3306/tcp on 78.47.5.12
Increased max_successful_tryno for 78.47.5.12 to 1 (packet drop)
Increasing send delay for 78.47.5.12 from 0 to 5 due to 11 out of 30 dropped probes since last increase.
Increased max_successful_tryno for 78.47.5.12 to 2 (packet drop)
Increased max_successful_tryno for 78.47.5.12 to 3 (packet drop)
Increasing send delay for 78.47.5.12 from 5 to 10 due to 11 out of 22 dropped probes since last increase.
Increasing send delay for 78.47.5.12 from 10 to 20 due to 11 out of 19 dropped probes since last increase.
SYN Stealth Scan Timing: About 23.64% done; ETC: 14:35 (0:01:40 remaining)
Discovered open port 465/tcp on 78.47.5.12
Increased max_successful_tryno for 78.47.5.12 to 4 (packet drop)
Increasing send delay for 78.47.5.12 from 20 to 40 due to max_successful_tryno increase to 4
I cancelled the nmap after a few moments once I confirmed that, indeed, I could see ports 80, 443, and other relevant ports.