GeneralInformation

Country	China
City	Beijing
Organization	Beijng EastNet Technology Co.,Ltd
ISP	China Unicom Beijing Province Network
ASN	AS4808

Vulnerabilities

CVE-2019-0708

10.0A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

OpenPorts

80 3389 5357 5985 8800 8888 8899

1201836791 | 2024-05-08T06:44:18.802519

80 / tcp

HTTP/1.1 404 NOTOK
Date: Sat, 31 Dec 2005 23:59:59 GMT
Content-Type: text/html;charset=GB2312
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

-305579706 | 2024-04-16T14:43:52.928710

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
  OS Build: 10.0.17763
  Target Name: WIN-4G58OAF2GDC
  NetBIOS Domain Name: WIN-4G58OAF2GDC
  NetBIOS Computer Name: WIN-4G58OAF2GDC
  DNS Domain Name: WIN-4G58OAF2GDC
  FQDN: WIN-4G58OAF2GDC

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:fd:d4:b8:ed:2b:c4:92:45:f4:c5:05:e7:2d:18:36
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-4G58OAF2GDC
        Validity
            Not Before: Apr  4 16:13:59 2024 GMT
            Not After : Oct  4 16:13:59 2024 GMT
        Subject: CN=WIN-4G58OAF2GDC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9a:39:9a:db:0c:9e:46:4a:bc:d8:81:0a:cc:24:
                    93:d8:94:84:6f:68:78:9a:8d:a7:33:34:2d:63:b6:
                    8e:b4:69:f3:e4:16:41:8a:53:64:4d:5c:fe:fe:55:
                    be:9f:7e:22:29:6d:a7:1b:22:78:86:c6:c6:22:19:
                    0f:e1:3e:a9:6b:08:70:9e:04:c0:11:c0:95:08:09:
                    03:82:28:5a:43:3d:bf:d8:e9:38:14:6d:f1:b8:8d:
                    a5:e8:6c:3b:97:33:a9:5a:89:b8:f7:f7:ac:4a:8c:
                    51:68:6e:ec:69:5b:85:88:b0:e8:06:9a:89:ca:56:
                    8a:66:f0:a2:f6:d5:3b:da:24:3f:b9:c5:81:44:f6:
                    39:ef:be:dd:01:33:99:0d:40:6e:c1:bf:52:71:7a:
                    cb:4d:00:a4:0e:2b:e7:a8:db:89:68:6e:2b:f9:31:
                    a5:f6:88:a1:f0:ff:16:57:57:a0:10:10:a3:db:20:
                    e4:07:ef:c0:04:05:6e:93:28:01:f3:53:3f:85:a2:
                    6d:9f:91:b4:0c:60:7b:8b:78:80:6c:2e:16:1c:b1:
                    bd:a0:77:ba:88:76:34:3f:2a:5a:ac:7a:78:8a:1d:
                    82:31:ac:b6:4c:eb:b6:1c:6a:96:89:ab:64:b9:ca:
                    54:4a:7a:f9:e4:00:21:64:d4:a3:c2:2f:51:8f:60:
                    78:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        61:2b:46:76:5c:d4:b7:db:9a:37:44:df:d4:f8:c4:bf:ad:26:
        dc:ca:7a:5d:4c:a9:2b:58:c8:84:22:6d:1b:0d:35:1b:a3:3e:
        12:82:1f:f6:34:ff:1f:52:6f:cf:f4:41:ab:b5:b1:3b:75:91:
        02:d4:93:5e:a2:25:54:bb:29:57:36:60:84:8c:b7:af:e2:4a:
        cc:31:ee:09:25:90:03:79:0b:41:3d:dd:33:e6:54:89:51:31:
        e1:56:e5:41:1d:67:ca:20:8b:47:3c:33:50:16:b7:9f:cb:5c:
        2a:24:d1:de:1e:d1:6c:17:85:4a:da:e8:3e:7b:a3:ba:93:eb:
        88:71:41:a4:48:78:4f:fe:d4:24:80:56:68:bc:f3:f4:c3:0e:
        88:9d:ca:05:8c:d0:71:41:d5:0d:05:32:e1:24:c6:fd:0c:b1:
        e0:fa:e1:77:ef:ae:c1:0d:6a:29:50:56:b1:d2:0c:1f:f6:27:
        8b:da:60:68:91:89:49:b3:7c:49:33:a9:a5:93:41:20:a3:01:
        dc:77:72:3f:b6:27:c3:a5:a3:7e:a1:c5:d5:f0:44:66:9b:d1:
        31:84:09:e3:d5:0a:6b:a2:33:3b:a6:12:f1:59:29:43:6a:ba:
        b9:ac:fc:c5:23:2d:33:66:29:f3:82:25:6c:d7:17:d9:ad:0f:
        d8:84:7f:65

-1684583448 | 2024-05-11T02:55:46.515221

5357 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 11 May 2024 02:55:43 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-05-04T05:33:13.109724

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 04 May 2024 05:33:12 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2019 (version 1809)
  OS Build: 10.0.17763
  Target Name: WIN-4G58OAF2GDC
  NetBIOS Domain Name: WIN-4G58OAF2GDC
  NetBIOS Computer Name: WIN-4G58OAF2GDC
  DNS Domain Name: WIN-4G58OAF2GDC
  FQDN: WIN-4G58OAF2GDC

1355394294 | 2024-05-05T13:03:53.403639

8800 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 05 May 2024 13:03:48 GMT
Content-Length: 1157

-861178173 | 2024-05-09T01:04:39.784548

8888 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 09 May 2024 01:04:38 GMT
Content-Length: 61772

-1108241009 | 2024-05-07T20:29:43.165292

8899 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 08 Dec 2023 03:18:36 GMT
Accept-Ranges: bytes
ETag: "1ce3aa3b8529da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 20:29:41 GMT
Content-Length: 155721

103.53.211.7

Last Seen: 2024-05-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1201836791 | 2024-05-08T06:44:18.802519
80 / tcp

-305579706 | 2024-04-16T14:43:52.928710
3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-05-11T02:55:46.515221
5357 / tcp

1489525118 | 2024-05-04T05:33:13.109724
5985 / tcp

WinRM

1355394294 | 2024-05-05T13:03:53.403639
8800 / tcp

Microsoft IIS httpd10.0

-861178173 | 2024-05-09T01:04:39.784548
8888 / tcp

Microsoft IIS httpd10.0

-1108241009 | 2024-05-07T20:29:43.165292
8899 / tcp

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

103.53.211.7

Last Seen: 2024-05-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1201836791 | 2024-05-08T06:44:18.802519 80 / tcp

-305579706 | 2024-04-16T14:43:52.928710 3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-05-11T02:55:46.515221 5357 / tcp

1489525118 | 2024-05-04T05:33:13.109724 5985 / tcp

WinRM

1355394294 | 2024-05-05T13:03:53.403639 8800 / tcp

Microsoft IIS httpd10.0

-861178173 | 2024-05-09T01:04:39.784548 8888 / tcp

Microsoft IIS httpd10.0

-1108241009 | 2024-05-07T20:29:43.165292 8899 / tcp

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

1201836791 | 2024-05-08T06:44:18.802519
80 / tcp

-305579706 | 2024-04-16T14:43:52.928710
3389 / tcp

-1684583448 | 2024-05-11T02:55:46.515221
5357 / tcp

1489525118 | 2024-05-04T05:33:13.109724
5985 / tcp

1355394294 | 2024-05-05T13:03:53.403639
8800 / tcp

-861178173 | 2024-05-09T01:04:39.784548
8888 / tcp

-1108241009 | 2024-05-07T20:29:43.165292
8899 / tcp