GeneralInformation

Country	Hong Kong
City	Hong Kong
Organization	Advance Network Security Limited
ISP	Dimension Network & Communication Limited
ASN	AS59371
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 80 3306 5985 8888

-1521289231 | 2024-04-27T18:54:44.334458

21 / tcp

220 FileZilla Server version 0.9.46 beta written by Tim Kosse (Tim.Kosse@gmx.de) Please visit http://sourceforge.
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
211 End

1138219898 | 2024-05-09T05:18:48.609125

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 19 Aug 2023 11:31:42 GMT
Accept-Ranges: bytes
ETag: "ea18f6b990d2d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 09 May 2024 05:18:49 GMT
Content-Length: 701

-1969743411 | 2024-05-07T12:23:05.654041

3306 / tcp

MySQL:
  Error Message: Host '224.127.186.73' is not allowed to connect to this MySQL server
  Error Code: 1130

1489525118 | 2024-04-28T21:32:32.363908

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 28 Apr 2024 21:32:32 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-55GHTPHS31R
  NetBIOS Domain Name: WIN-55GHTPHS31R
  NetBIOS Computer Name: WIN-55GHTPHS31R
  DNS Domain Name: WIN-55GHTPHS31R
  FQDN: WIN-55GHTPHS31R

-85749389 | 2024-04-29T15:42:26.367513

8888 / tcp

HTTP/1.1 404 NOT FOUND
Content-Type: text/html
Content-Length: 138
Server: nginx
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: 98bfa1511b6a985a3842ae1c9ccfffe3=65691a5c-dfb0-474c-a562-40947572c1ff.9lSyfAATsHz7DmIShQnNiqiTtq0; Expires=Tue, 30-Apr-2024 15:42:26 GMT; HttpOnly; Path=/
Date: Mon, 29 Apr 2024 15:42:26 GMT

116.204.158.241

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-04-27T18:54:44.334458
21 / tcp

1138219898 | 2024-05-09T05:18:48.609125
80 / tcp

Microsoft IIS httpd8.5

-1969743411 | 2024-05-07T12:23:05.654041
3306 / tcp

MySQL

1489525118 | 2024-04-28T21:32:32.363908
5985 / tcp

WinRM

-85749389 | 2024-04-29T15:42:26.367513
8888 / tcp

nginx

Products

Pricing

Contact Us

116.204.158.241

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-04-27T18:54:44.334458 21 / tcp

1138219898 | 2024-05-09T05:18:48.609125 80 / tcp

Microsoft IIS httpd8.5

-1969743411 | 2024-05-07T12:23:05.654041 3306 / tcp

MySQL

1489525118 | 2024-04-28T21:32:32.363908 5985 / tcp

WinRM

-85749389 | 2024-04-29T15:42:26.367513 8888 / tcp

nginx

Products

Pricing

Contact Us

-1521289231 | 2024-04-27T18:54:44.334458
21 / tcp

1138219898 | 2024-05-09T05:18:48.609125
80 / tcp

-1969743411 | 2024-05-07T12:23:05.654041
3306 / tcp

1489525118 | 2024-04-28T21:32:32.363908
5985 / tcp

-85749389 | 2024-04-29T15:42:26.367513
8888 / tcp