GeneralInformation

Country	China
City	Qingdao
Organization	Shandong eshinton Network Technology Co., Ltd.
ISP	Shandong eshinton Network Technology Co., Ltd.
ASN	AS139180
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

80 137 1801 3306 5985

1138219898 | 2024-04-18T13:31:01.458004

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 21 Jun 2019 02:53:49 GMT
Accept-Ranges: bytes
ETag: "b6e708ddc27d51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 13:31:01 GMT
Content-Length: 701

1549004344 | 2024-04-18T12:38:49.118460

137 / udp

NetBIOS Response:
  Server Name: WIN-9IH5GQF72VS
  MAC Address: 0C:C4:7A:75:18:2C
  Names:
    WIN-9IH5GQF72VS <0x20>
    WIN-9IH5GQF72VS <0x0>
    WORKGROUP <0x0>

MAC Addresses

0C:C4:7A:75:18:2C
    OUI: 0C:C4:7A
    Organization: Super Micro Computer, Inc.
    Assignment: MA-L
    Registration Date: 2013-10-24

637516576 | 2024-04-16T22:07:33.025963

1801 / tcp

\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa\xb3\xe7\\\x04\xaa7-N\xa5q\xfaK\x8e\xe0\xccc\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-1446393918 | 2024-04-12T09:18:39.582766

3306 / tcp

MariaDB:
  Protocol Version: 10
  Version: 10.5.18-MariaDB
  Capabilities: 63486
  Server Language: 33
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

1489525118 | 2024-03-26T22:13:54.407855

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 26 Mar 2024 22:13:54 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-9IH5GQF72VS
  NetBIOS Domain Name: WIN-9IH5GQF72VS
  NetBIOS Computer Name: WIN-9IH5GQF72VS
  DNS Domain Name: WIN-9IH5GQF72VS
  FQDN: WIN-9IH5GQF72VS

103.91.211.66

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-18T13:31:01.458004
80 / tcp

Microsoft IIS httpd8.5

1549004344 | 2024-04-18T12:38:49.118460
137 / udp

637516576 | 2024-04-16T22:07:33.025963
1801 / tcp

Microsoft Message Queuing

-1446393918 | 2024-04-12T09:18:39.582766
3306 / tcp

MariaDB10.5.18-MariaDB

1489525118 | 2024-03-26T22:13:54.407855
5985 / tcp

WinRM

Products

Pricing

Contact Us

103.91.211.66

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-18T13:31:01.458004 80 / tcp

Microsoft IIS httpd8.5

1549004344 | 2024-04-18T12:38:49.118460 137 / udp

637516576 | 2024-04-16T22:07:33.025963 1801 / tcp

Microsoft Message Queuing

-1446393918 | 2024-04-12T09:18:39.582766 3306 / tcp

MariaDB10.5.18-MariaDB

1489525118 | 2024-03-26T22:13:54.407855 5985 / tcp

WinRM

Products

Pricing

Contact Us

1138219898 | 2024-04-18T13:31:01.458004
80 / tcp

1549004344 | 2024-04-18T12:38:49.118460
137 / udp

637516576 | 2024-04-16T22:07:33.025963
1801 / tcp

-1446393918 | 2024-04-12T09:18:39.582766
3306 / tcp

1489525118 | 2024-03-26T22:13:54.407855
5985 / tcp