GeneralInformation

Country	United States
City	San Jose
Organization	PEG TECH INC
ISP	PEG TECH INC
ASN	AS54600
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

MS15-034	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2015-1635	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

80 1801 3389

1138219898 | 2024-04-18T23:40:24.597235

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 14 Jan 2024 10:29:35 GMT
Accept-Ranges: bytes
ETag: "37899791d446da1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 23:40:23 GMT
Content-Length: 701

133586110 | 2024-04-04T20:39:57.370228

1801 / tcp

\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa\x80{\xae<#\x98\xd9I\xaa.-*gC\xed\xf5\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-155982500 | 2024-04-12T19:18:41.814060

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: S202401145689
  NetBIOS Domain Name: S202401145689
  NetBIOS Computer Name: S202401145689
  DNS Domain Name: S202401145689
  FQDN: S202401145689

Administrator
am Windows Server 2012R2

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:9a:71:08:37:7f:f3:a9:4c:5d:8c:e4:f8:49:46:b2
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=S202401145689
        Validity
            Not Before: Jan 12 22:09:10 2024 GMT
            Not After : Jul 13 22:09:10 2024 GMT
        Subject: CN=S202401145689
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:e3:d7:c8:c1:44:27:12:35:bd:35:f7:93:9f:
                    42:32:3f:36:e2:53:cd:27:f3:4f:83:c8:c5:3a:83:
                    09:99:fd:2a:58:41:1d:9a:b1:1b:21:86:e2:22:11:
                    68:aa:9a:d3:52:20:b6:ef:63:f5:ed:80:76:9a:2d:
                    99:bd:25:6f:e7:6b:47:ac:02:e2:07:c6:43:92:cd:
                    86:b6:9f:d8:ed:5c:a4:76:4a:fa:3e:8d:97:bc:04:
                    c7:47:62:0e:24:c0:59:cf:9a:6c:96:3c:48:a5:1c:
                    18:de:82:6e:92:6f:bc:ec:67:0d:5c:9b:f4:0e:52:
                    9b:b6:c9:d9:8c:d0:1d:44:d0:ad:84:e7:bc:e9:1f:
                    86:31:11:b2:18:11:69:af:1c:8f:5f:d0:f2:0b:95:
                    20:84:42:40:5e:47:da:19:93:37:09:c4:84:72:ca:
                    f2:df:06:c1:42:73:79:99:60:1a:11:e4:91:29:0f:
                    dd:c5:da:d6:52:51:8d:01:ef:34:38:5e:b7:37:82:
                    51:1e:d5:d8:9b:75:46:0a:6a:e1:ce:5f:6e:3d:af:
                    06:da:f5:36:46:dc:74:23:59:f6:01:41:ba:71:09:
                    07:d8:b0:ce:92:5d:86:7d:51:56:f0:54:cf:40:4a:
                    87:4b:29:ee:3d:55:3e:84:66:fb:43:28:67:b1:f8:
                    1f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        47:8c:ce:4d:5b:45:38:fe:3d:14:a2:db:d9:59:20:b1:99:b8:
        9d:bc:78:6c:cc:fc:ed:93:c4:69:33:a6:76:cc:32:34:40:f8:
        c6:3c:80:2e:0b:7d:cd:09:d7:9f:69:4d:9f:5b:39:0d:3a:51:
        21:6f:d0:1a:93:2b:65:80:e9:ce:0a:e5:1c:8e:c9:27:f4:a8:
        3f:d1:a5:dd:77:81:df:0e:c4:00:34:81:b7:74:6e:e9:e0:51:
        cb:4a:92:00:31:57:59:eb:13:93:ec:eb:45:a5:80:8d:4c:6a:
        d7:96:11:09:0f:50:40:7a:87:f7:07:5e:29:51:b2:ce:e1:92:
        d6:79:c2:7a:b5:3c:cd:4d:57:42:af:e3:c2:06:b7:1d:f5:9b:
        2a:4d:88:6d:a7:ae:eb:59:2e:25:6c:ae:6b:13:45:03:e2:22:
        b0:95:e8:ed:46:8a:d2:77:6c:ba:67:90:54:6d:75:cc:a6:83:
        03:a3:94:8d:fb:6e:98:0f:66:de:48:96:9b:9a:a5:a4:21:44:
        c9:1a:77:c2:7e:f8:07:48:49:f2:e5:2f:c3:31:4a:af:28:16:
        ed:4e:64:bd:4b:c9:72:2f:a7:21:86:c3:5b:4d:48:75:ed:1e:
        68:31:4b:64:04:75:32:4d:8e:9f:85:63:96:36:9a:cd:f1:33:
        1f:d9:a0:16

MAC Addresses

20:24:01:14:56:89
    Unknown

104.233.216.114

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-18T23:40:24.597235
80 / tcp

Microsoft IIS httpd8.5

133586110 | 2024-04-04T20:39:57.370228
1801 / tcp

Microsoft Message Queuing

-155982500 | 2024-04-12T19:18:41.814060
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

104.233.216.114

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-18T23:40:24.597235 80 / tcp

Microsoft IIS httpd8.5

133586110 | 2024-04-04T20:39:57.370228 1801 / tcp

Microsoft Message Queuing

-155982500 | 2024-04-12T19:18:41.814060 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

1138219898 | 2024-04-18T23:40:24.597235
80 / tcp

133586110 | 2024-04-04T20:39:57.370228
1801 / tcp

-155982500 | 2024-04-12T19:18:41.814060
3389 / tcp