GeneralInformation

Country	Peru
City	Lima
Organization	INTERNEXA PERU S.A
ISP	INTERNEXA PERU S.A
ASN	AS28032
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 22 80 135 137 445 3389 5985

-370734890 | 2024-04-16T17:54:59.614086

21 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

-487289259 | 2024-04-16T14:15:13.326334

22 / tcp

SSH-2.0-OpenSSH_for_Windows_9.2
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBgj71WZAgVMzw2uyUbR72rb
N4c6uhCjwdoWTc4Pz6WxXVrtw/R5xKJ/RvtXvyxEXkZ4FmHWUX5Aw93i2Vk3lHg=
Fingerprint: 05:1a:9e:0b:2d:0f:ae:62:2b:8e:9b:9b:13:96:fe:46

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1138219898 | 2024-04-16T07:40:22.712111

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 05 Nov 2020 01:55:36 GMT
Accept-Ranges: bytes
ETag: "a2f51dc116b3d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 16 Apr 2024 07:40:07 GMT
Content-Length: 701

1209309895 | 2024-04-16T14:27:59.537447

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 192.168.1.253:1025
  ncalrpc: WindowsShutdown
  ncacn_np: \\WEB-APP\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05B900

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\WEB-APP\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05B900
  ncalrpc: WMsgKRpc05C1B1
  ncalrpc: WMsgKRpc08CCB95D2

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-f9cd612bd94a4587aa
  ncacn_np: \\WEB-APP\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-2be1fffc6ec99fd43e
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-f9cd612bd94a4587aa
  ncacn_np: \\WEB-APP\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-2be1fffc6ec99fd43e
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-2be1fffc6ec99fd43e
  ncalrpc: actkernel
  ncalrpc: umpo
  ncacn_np: \\WEB-APP\PIPE\srvsvc
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-bf10fae6674df80893
  ncacn_ip_tcp: 192.168.1.253:1026
  ncacn_np: \\WEB-APP\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-bf10fae6674df80893
  ncacn_ip_tcp: 192.168.1.253:1026
  ncacn_np: \\WEB-APP\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-bf10fae6674df80893
  ncacn_ip_tcp: 192.168.1.253:1026
  ncacn_np: \\WEB-APP\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-bf10fae6674df80893
  ncacn_ip_tcp: 192.168.1.253:1026
  ncacn_np: \\WEB-APP\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 192.168.1.253:1026
  ncacn_np: \\WEB-APP\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-e3d4a031d9ce4c7d5e
  ncacn_np: \\WEB-APP\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WEB-APP\PIPE\srvsvc
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 192.168.1.253:1028
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WEB-APP\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE0748F276BE123F679F131BF07C6D
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-2186d422a2d8ae4565

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\WEB-APP\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-56a4a716fc3d5134fa
  ncalrpc: OLEFB180D4AC7B44E302BDFE362D22B

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-56a4a716fc3d5134fa
  ncalrpc: OLEFB180D4AC7B44E302BDFE362D22B

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-6c10442794eb7b1b73

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 192.168.1.253:1027
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WEB-APP\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 192.168.1.253:1027
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WEB-APP\pipe\lsass

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-7d3631a70c3c5d9776
  ncalrpc: LRPC-fa6f79dbad5ad7e329

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-7d3631a70c3c5d9776
  ncalrpc: LRPC-fa6f79dbad5ad7e329

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-7d3631a70c3c5d9776
  ncalrpc: LRPC-fa6f79dbad5ad7e329

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-fa6f79dbad5ad7e329

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\WEB-APP\PIPE\wkssvc
  ncalrpc: LRPC-05fc8e0a8ceec330e4
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-05fc8e0a8ceec330e4
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-05fc8e0a8ceec330e4
  ncalrpc: DNSResolver

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.253:1029
  ncalrpc: LRPC-48106baf55e1256add

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.253:1029
  ncalrpc: LRPC-48106baf55e1256add

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.253:1029
  ncalrpc: LRPC-48106baf55e1256add

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.253:1029
  ncalrpc: LRPC-48106baf55e1256add

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.253:1029
  ncalrpc: LRPC-48106baf55e1256add

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 192.168.1.253:1032

f763c91c-2ab1-47fa-868f-7de7efd42194
  version: v1.0
  annotation: VM Allow-List Provider RPC
  ncalrpc: RdvVmAllowListRpc
  ncalrpc: OLE15ED0F18595B5C3A92154B8704F5

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-09758d4d229fb8b848
  ncalrpc: LRPC-09758d4d229fb8b848
  ncalrpc: LRPC-09758d4d229fb8b848

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc08CCB95D2

114970008 | 2024-04-16T17:05:09.911248

137 / udp

NetBIOS Response:
  Server Name: WEB-APP
  MAC Address: 00:15:5D:01:C9:00
  Names:
    WORKGROUP <0x0>
    WEB-APP <0x0>
    WEB-APP <0x20>
  Additional Interfaces:
    26.205.123.225
    192.168.1.253

MAC Addresses

00:15:5D:01:C9:00
    OUI: 00:15:5D
    Organization: Microsoft Corporation
    Assignment: MA-L
    Registration Date: 2005-08-04

1688663994 | 2024-04-16T10:58:23.714121

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Standard 9600
  Software: Windows Server 2012 R2 Standard 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

1584304247 | 2024-04-16T13:35:26.190089

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WEB-APP
  NetBIOS Domain Name: WEB-APP
  NetBIOS Computer Name: WEB-APP
  DNS Domain Name: web-app
  FQDN: web-app

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:71:be:1c:c2:63:57:83:4d:15:0a:07:be:a1:ba:9a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=web-app
        Validity
            Not Before: Feb 27 07:10:54 2024 GMT
            Not After : Aug 28 07:10:54 2024 GMT
        Subject: CN=web-app
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b6:e9:07:42:80:f9:27:7a:44:2c:f0:58:3b:dc:
                    ea:cb:86:75:90:1b:31:25:da:b4:d1:3c:78:9b:ea:
                    f1:c8:cd:f0:43:32:98:33:4d:16:1e:6e:d1:c5:37:
                    a3:64:46:9f:18:88:c3:57:70:9e:07:7a:7d:35:da:
                    25:66:e7:32:90:7d:ce:e0:2a:8f:ea:13:76:fd:c1:
                    0e:28:2d:d2:0f:04:70:73:dd:9c:62:f0:5b:94:2f:
                    fe:76:d2:af:74:8c:26:7f:c5:94:e7:33:2a:76:04:
                    ad:3d:4f:c5:44:30:a0:5d:55:97:90:86:b5:5e:ca:
                    50:a1:b3:20:71:e3:e1:ad:0f:cd:a6:71:17:d3:8e:
                    2b:31:a0:fb:83:0a:21:9e:3a:c4:ac:d7:6d:67:1c:
                    5d:10:8e:aa:05:5a:0f:c8:86:1b:a1:6e:74:14:5d:
                    0f:8e:48:95:ae:aa:a7:c4:ae:a9:ef:80:4f:ae:0f:
                    a7:de:f6:d6:54:76:cb:4d:da:c1:d2:08:64:28:0a:
                    8a:18:a9:92:28:9b:51:5c:53:e2:e7:68:92:a2:62:
                    35:03:19:bd:a2:d0:55:3f:20:1a:0d:dc:57:af:c0:
                    48:22:af:0d:6c:80:26:ce:3e:d0:7e:23:46:05:c4:
                    5f:1f:81:30:a9:76:44:37:28:e6:f8:34:7b:7d:2d:
                    67:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9f:19:ee:d7:98:26:2d:0f:d4:e8:0f:4d:27:6a:3d:3c:13:31:
        3c:73:d7:52:6e:39:36:77:ee:aa:31:ff:dc:5d:d3:92:15:85:
        7f:5b:8a:07:a8:36:92:ce:2c:46:dc:18:ff:fb:44:04:b6:03:
        f6:ad:9c:07:a1:9b:3d:c0:3f:e2:96:df:e5:73:e1:1f:24:a0:
        12:da:7e:c2:2c:d6:89:66:1b:d1:49:88:ac:b1:8b:1a:47:0e:
        63:f6:ce:36:db:78:e0:fc:b6:b6:8b:5a:18:4c:e6:1b:cf:a8:
        8b:00:be:5a:a9:fb:15:3b:f0:bb:93:b1:80:15:da:20:94:18:
        66:27:24:0c:00:b7:0f:2d:58:55:63:7f:b6:91:9e:f9:a9:66:
        17:2d:bc:4a:36:2c:d4:da:c6:7a:8d:e6:07:53:24:a1:1e:3d:
        80:c3:5e:43:2d:da:58:11:9a:9d:42:80:04:d2:1b:32:0d:84:
        91:d8:18:70:17:29:26:c6:8f:ab:1f:d3:e2:37:c0:b8:10:9b:
        db:fa:bf:34:6c:bf:55:e0:37:7c:eb:87:10:0c:23:69:ac:97:
        12:17:9a:73:67:a0:a9:22:0e:6c:9c:9d:6f:68:41:dd:64:09:
        56:fa:d3:31:80:68:db:2f:ed:66:ee:f7:19:2c:c8:61:45:54:
        1f:9a:d5:40

1489525118 | 2024-04-16T10:33:49.526850

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 16 Apr 2024 10:33:34 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WEB-APP
  NetBIOS Domain Name: WEB-APP
  NetBIOS Computer Name: WEB-APP
  DNS Domain Name: web-app
  FQDN: web-app

190.108.89.92

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-370734890 | 2024-04-16T17:54:59.614086
21 / tcp

Microsoft ftpd

-487289259 | 2024-04-16T14:15:13.326334
22 / tcp

OpenSSHfor_Windows_9.2

1138219898 | 2024-04-16T07:40:22.712111
80 / tcp

Microsoft IIS httpd8.5

1209309895 | 2024-04-16T14:27:59.537447
135 / tcp

Microsoft RPC Endpoint Mapper

114970008 | 2024-04-16T17:05:09.911248
137 / udp

1688663994 | 2024-04-16T10:58:23.714121
445 / tcp

1584304247 | 2024-04-16T13:35:26.190089
3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-04-16T10:33:49.526850
5985 / tcp

WinRM

Products

Pricing

Contact Us

190.108.89.92

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-370734890 | 2024-04-16T17:54:59.614086 21 / tcp

Microsoft ftpd

-487289259 | 2024-04-16T14:15:13.326334 22 / tcp

OpenSSHfor_Windows_9.2

1138219898 | 2024-04-16T07:40:22.712111 80 / tcp

Microsoft IIS httpd8.5

1209309895 | 2024-04-16T14:27:59.537447 135 / tcp

Microsoft RPC Endpoint Mapper

114970008 | 2024-04-16T17:05:09.911248 137 / udp

1688663994 | 2024-04-16T10:58:23.714121 445 / tcp

1584304247 | 2024-04-16T13:35:26.190089 3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-04-16T10:33:49.526850 5985 / tcp

WinRM

Products

Pricing

Contact Us

-370734890 | 2024-04-16T17:54:59.614086
21 / tcp

-487289259 | 2024-04-16T14:15:13.326334
22 / tcp

1138219898 | 2024-04-16T07:40:22.712111
80 / tcp

1209309895 | 2024-04-16T14:27:59.537447
135 / tcp

114970008 | 2024-04-16T17:05:09.911248
137 / udp

1688663994 | 2024-04-16T10:58:23.714121
445 / tcp

1584304247 | 2024-04-16T13:35:26.190089
3389 / tcp

1489525118 | 2024-04-16T10:33:49.526850
5985 / tcp