GeneralInformation

Country	China
City	Chengdu
Organization	CHINANET Sichuan province network
ISP	CHINANET SiChuan Telecom Internet Data Center
ASN	AS38283
Operating System	Windows Server 2012 R2 (build 6.3.9600)

WebTechnologies

JavaScript frameworks

RequireJS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

83 1433 1521 3389 5985 5986 9080

1355394294 | 2024-05-19T17:25:25.168748

83 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 19 May 2024 17:22:16 GMT
Content-Length: 1157

-940369128 | 2024-05-17T05:49:20.138225

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: ECS-BBF4
  NetBIOS Domain Name: ECS-BBF4
  NetBIOS Computer Name: ECS-BBF4
  DNS Domain Name: ecs-bbf4
  FQDN: ecs-bbf4

-85182216 | 2024-05-27T20:46:23.785599

1521 / tcp

Oracle TNS Listener:
  VSNNUM: 186646784
  Error Code: 1189

202489790 | 2024-05-30T22:48:17.447290

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: ECS-BBF4
  NetBIOS Domain Name: ECS-BBF4
  NetBIOS Computer Name: ECS-BBF4
  DNS Domain Name: ecs-bbf4
  FQDN: ecs-bbf4

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:7b:ae:6c:23:4e:37:94:4d:3b:e4:26:b7:db:4b:5c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecs-bbf4
        Validity
            Not Before: Mar  8 10:51:10 2024 GMT
            Not After : Sep  7 10:51:10 2024 GMT
        Subject: CN=ecs-bbf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c0:48:e0:10:0c:27:fd:7f:3d:ac:96:e4:33:63:
                    ce:43:6c:cb:88:df:c4:9a:ba:12:9c:04:a4:53:44:
                    08:d0:c2:86:63:42:db:b8:f1:fe:42:d3:6c:7d:63:
                    ff:20:9e:10:2a:53:6b:c5:74:a1:5a:38:b3:ed:54:
                    ba:dc:0d:61:2e:a9:f7:14:d8:94:d7:c7:56:58:83:
                    b4:ac:8b:75:89:8e:98:bf:0e:ee:21:da:83:ba:4a:
                    71:4b:f7:d0:1d:ca:75:5a:9e:21:87:a9:7b:78:54:
                    bc:15:a6:1c:43:18:ff:54:33:48:2d:7d:78:45:5a:
                    a4:14:46:a6:16:f8:6d:92:1f:35:17:3a:b4:3d:6a:
                    52:3a:bf:67:33:8f:84:09:d8:29:7c:8a:08:96:c4:
                    1e:c6:71:f9:e3:74:2e:dd:6b:68:63:3c:ea:75:ca:
                    f1:60:d6:95:7c:2b:cb:12:f9:57:69:96:a7:d5:18:
                    71:85:ef:09:05:53:4a:62:28:19:d1:38:8b:ee:45:
                    eb:6f:45:41:b0:b2:1c:1b:e1:3f:8e:11:3b:1d:ba:
                    ef:96:e2:e4:93:7e:51:04:44:a7:72:b9:0c:4f:fa:
                    55:97:13:97:15:f3:3b:2d:e5:60:15:51:16:1b:3e:
                    c6:1a:06:0c:24:a4:e3:98:77:00:60:84:d0:c3:64:
                    16:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1a:e4:1e:b9:09:a5:ed:6a:07:21:85:92:c7:7f:6f:22:b2:19:
        2d:9f:2e:ed:da:4b:eb:4f:fa:ad:ca:01:f7:5a:28:9b:96:90:
        1f:5d:db:65:4d:ff:75:ef:29:94:51:2a:ae:58:d8:de:11:00:
        cb:71:4c:e6:63:49:ca:55:f7:b8:51:d8:66:4e:57:81:05:2d:
        aa:d8:8a:0b:15:c6:cf:8a:06:ff:04:dc:c9:71:b6:f8:80:57:
        a3:86:c9:eb:c9:df:f6:a9:e4:2f:78:bd:d9:39:db:4c:e9:41:
        4c:cd:92:10:18:51:91:30:6d:d9:5b:e6:88:29:ed:84:41:32:
        02:46:b7:5f:d6:05:65:16:99:43:78:54:f0:a5:98:f7:d9:aa:
        79:99:75:fa:07:16:d2:e3:d0:bb:ae:5a:c0:c7:db:c6:34:f3:
        ee:b9:ca:2a:21:57:87:a1:40:08:fd:67:c1:f0:f2:2d:ee:d3:
        6c:e3:35:61:7c:22:d5:4a:45:13:06:31:cd:4b:dc:49:48:8e:
        21:bb:df:7a:d1:9f:01:02:23:7c:64:60:5a:e4:66:c3:a3:1d:
        45:25:1c:d6:2c:e1:08:4d:58:8f:49:93:5a:67:00:5d:76:0e:
        c5:e5:85:41:26:c8:5f:60:55:74:c5:dc:c8:83:36:15:87:7f:
        6d:02:f7:96

1489525118 | 2024-06-01T03:36:32.615227

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 01 Jun 2024 03:33:09 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: ECS-BBF4
  NetBIOS Domain Name: ECS-BBF4
  NetBIOS Computer Name: ECS-BBF4
  DNS Domain Name: ecs-bbf4
  FQDN: ecs-bbf4

1489525118 | 2024-05-29T21:00:31.748564

5986 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 29 May 2024 20:57:11 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: ECS-BBF4
  NetBIOS Domain Name: ECS-BBF4
  NetBIOS Computer Name: ECS-BBF4
  DNS Domain Name: ecs-bbf4
  FQDN: ecs-bbf4

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:46:2f:cd:77:71:47:a5:4a:e6:bd:4a:4f:8d:c4:7d
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Cloudbase-Init WinRM
        Validity
            Not Before: Nov 29 02:10:19 2020 GMT
            Not After : Nov 28 02:10:19 2030 GMT
        Subject: CN=Cloudbase-Init WinRM
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c8:01:8d:fe:83:2e:71:2d:01:e7:33:fc:73:a8:
                    68:0f:e1:0c:f8:f8:f4:3d:6d:96:d1:08:27:8b:de:
                    93:98:b5:56:c4:54:88:dc:77:df:18:1e:56:55:83:
                    2a:fa:e7:88:f2:0b:95:0a:fc:8b:47:88:b5:93:5f:
                    25:78:62:ae:2b:f9:b0:e8:1f:de:0a:24:a2:de:b4:
                    ba:d0:da:ae:7c:c8:e1:52:01:e9:71:25:45:2a:c8:
                    4c:1f:fd:f5:ef:be:0d:0d:d2:ff:ab:87:6b:ec:15:
                    03:90:62:95:4f:86:7d:14:08:c3:02:dc:b3:25:2a:
                    50:0c:5b:9a:dd:5d:e6:63:7a:a1:3c:8d:96:aa:5c:
                    23:35:db:fd:cf:42:80:52:7b:62:08:60:20:25:91:
                    27:ee:97:8e:0f:a4:6e:0b:4a:5f:0e:02:6a:13:fe:
                    40:1d:ba:b7:f5:2f:f5:18:62:b8:37:a8:ef:ea:42:
                    52:ad:65:96:ab:be:8c:76:51:91:85:f5:bd:5d:81:
                    7d:6a:a1:63:ba:c2:66:a9:fe:af:1f:9c:13:a7:7a:
                    28:6d:08:64:fa:cf:27:f3:af:fe:db:f9:ba:d6:dd:
                    0e:75:13:41:64:f9:c5:36:bf:fb:5e:9b:d6:02:41:
                    ce:f3:a7:a3:0c:ed:63:8c:fe:3c:bc:bc:04:4c:8a:
                    be:49
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        2a:af:11:d5:1a:62:c2:72:4c:70:b2:3b:13:b3:b0:27:92:0d:
        78:de:57:d3:77:1d:6c:80:cd:7c:95:99:13:4a:f0:fa:30:7c:
        98:45:0d:35:bf:6d:c1:d7:e8:25:67:85:94:d5:e4:1a:06:db:
        b4:c3:81:af:92:1d:54:69:e1:b0:f7:e0:00:66:00:89:19:78:
        da:fd:39:71:aa:dd:bc:10:d6:5a:bb:1b:93:a2:9b:db:e0:b3:
        28:25:9f:c9:59:31:dd:77:6a:1c:91:c1:f0:42:ff:53:1f:0b:
        c5:b9:70:b9:56:0a:f2:e1:9a:38:c3:af:6d:7c:a6:d7:30:c6:
        f8:ed:2c:8f:58:58:38:2c:94:bb:e2:2e:c0:15:8d:0e:09:5c:
        37:37:42:3e:1d:1e:13:d4:14:00:29:c3:0a:09:51:cc:f8:86:
        ac:6d:32:80:ab:44:5e:dc:bb:cb:20:88:1a:fb:eb:dc:fd:93:
        8f:41:47:e1:d7:b0:2d:04:db:9d:8a:eb:ac:43:93:27:ef:d4:
        1e:b1:a4:e6:fd:7f:76:0b:68:cb:51:85:aa:53:ce:83:77:f5:
        f2:fa:42:79:45:54:40:87:49:6c:ef:84:41:93:12:3c:11:b0:
        4e:8c:1b:46:67:78:d8:4d:01:50:70:65:07:f2:aa:af:76:84:
        69:86:a9:f3

-75858063 | 2024-05-22T15:49:39.388234

9080 / tcp

HTTP/1.1 200 
Set-Cookie: jiagong=5336D7CA215F3EB052709508B702ED8A; Path=/; HttpOnly
Content-Type: text/html;charset=UTF-8
Content-Language: zh-CN
Transfer-Encoding: chunked
Date: Wed, 22 May 2024 15:46:26 GMT

182.151.52.134

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1355394294 | 2024-05-19T17:25:25.168748
83 / tcp

Microsoft IIS httpd8.5

-940369128 | 2024-05-17T05:49:20.138225
1433 / tcp

MS-SQL Server 2008 RTM10.0.1600.0

-85182216 | 2024-05-27T20:46:23.785599
1521 / tcp

Oracle TNS Listener11.2.0.1.0

202489790 | 2024-05-30T22:48:17.447290
3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-06-01T03:36:32.615227
5985 / tcp

WinRM

1489525118 | 2024-05-29T21:00:31.748564
5986 / tcp

WinRM

-75858063 | 2024-05-22T15:49:39.388234
9080 / tcp

Products

Pricing

Contact Us

182.151.52.134

Last Seen: 2024-06-01

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1355394294 | 2024-05-19T17:25:25.168748 83 / tcp

Microsoft IIS httpd8.5

-940369128 | 2024-05-17T05:49:20.138225 1433 / tcp

MS-SQL Server 2008 RTM10.0.1600.0

-85182216 | 2024-05-27T20:46:23.785599 1521 / tcp

Oracle TNS Listener11.2.0.1.0

202489790 | 2024-05-30T22:48:17.447290 3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-06-01T03:36:32.615227 5985 / tcp

WinRM

1489525118 | 2024-05-29T21:00:31.748564 5986 / tcp

WinRM

-75858063 | 2024-05-22T15:49:39.388234 9080 / tcp

Products

Pricing

Contact Us

1355394294 | 2024-05-19T17:25:25.168748
83 / tcp

-940369128 | 2024-05-17T05:49:20.138225
1433 / tcp

-85182216 | 2024-05-27T20:46:23.785599
1521 / tcp

202489790 | 2024-05-30T22:48:17.447290
3389 / tcp

1489525118 | 2024-06-01T03:36:32.615227
5985 / tcp

1489525118 | 2024-05-29T21:00:31.748564
5986 / tcp

-75858063 | 2024-05-22T15:49:39.388234
9080 / tcp