GeneralInformation

Country	Mexico
City	Tuxtla
Organization	IPXO LIMITED
ISP	Cogent Communications
ASN	AS174

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

MS15-034	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2015-1635	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 22 80 135 137 445 3389 5432 5985 8443

1090329081 | 2024-06-02T10:29:10.054171

21 / tcp

220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   PASS   PASV   PBSZ   PORT   PROT   PWD    QUIT
   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE   STOR
   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD   XPWD
   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

-635470905 | 2024-06-02T17:47:16.117664

22 / tcp

SSH-2.0-OpenSSH_for_Windows_8.1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDI4IYEbmfq+N0KPjJEHU+8cr058KVD/FIsPluC/0OGW88U
dIE9bRIc9LG9BrBhQ6x/rtZALoC6amLqBWKK+CWWCijRmTVI8AL7xJITcCexpiTW59Kkmd6anZ+c
OmLYXS+dRFys766cDc3Q8jptCUtQxjKLY7ZKj8misp/0Goc2NHl8tdNl4lzUaJTXtQB9T4x5SLDA
1CPaD62kjEXTHMJ0smXxSuXMvkWL4NT4fsyPkvdJgZuWS4ya2VLbxxbtoHq2WQKVAHYYVdGkAdv1
CbqjcRblcR25/CBjqo/jLcy1NYgNO/gSiZVJOoULxU5c3AlO5Veg/xL8g7bt5pEaCY5aSFtAJYG8
XsTQfx8xfAuwhJY8bw99gfAZW/zSpuhtvvrU0Zblqp34nyJpYINHmSaGquPze4U68zR8gvc0pluE
sH171hU0RJkQQ+yj7lKmGvYQGozrdwCyXSjrQJdhagpX+A3cZnvcsMgBfRFvv2gxjrS7ex4vyLtX
IEaorCSkIFs=
Fingerprint: 3d:a9:19:5f:1d:34:74:77:67:b6:bc:d3:37:1a:43:1c

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

918251753 | 2024-05-25T23:07:10.334801

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 14 Mar 2023 23:29:39 GMT
Accept-Ranges: bytes
ETag: "ba4ce4d8cc56d91:0"
Server: Microsoft-IIS/8.0
Date: Sat, 25 May 2024 23:07:03 GMT
Content-Length: 1398

1836796521 | 2024-06-02T04:24:34.830968

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 191.96.145.85:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\InitShutdown
  ncalrpc: WMsgKRpc068090

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\InitShutdown
  ncalrpc: WMsgKRpc068090
  ncalrpc: WMsgKRpc06D711
  ncalrpc: WMsgKRpc0685FD3D2

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-898735d89a8b110e1c
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-898735d89a8b110e1c
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-898735d89a8b110e1c
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-898735d89a8b110e1c
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-898735d89a8b110e1c
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-67798cd956c4ef7acf
  ncacn_ip_tcp: 191.96.145.85:49153
  ncacn_np: \\WIN-5DCAPOPHGD0\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-67798cd956c4ef7acf
  ncacn_ip_tcp: 191.96.145.85:49153
  ncacn_np: \\WIN-5DCAPOPHGD0\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-67798cd956c4ef7acf
  ncacn_ip_tcp: 191.96.145.85:49153
  ncacn_np: \\WIN-5DCAPOPHGD0\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 191.96.145.85:49153
  ncacn_np: \\WIN-5DCAPOPHGD0\pipe\eventlog
  ncalrpc: eventlog

8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: appmgmts.dll
  ncalrpc: LRPC-693a9f2c2e4daf57ed

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-6ad80a15f7c6908fc6
  ncalrpc: DeviceSetupManager
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\srvsvc
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 191.96.145.85:49154
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE1971B5B815FBA4614AAC6543272E
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-d26b49691f90501ce6

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-360223419cdd204590
  ncalrpc: OLE0648BF7314246B2EC3FA863E4794

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-360223419cdd204590
  ncalrpc: OLE0648BF7314246B2EC3FA863E4794

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-81703aa38f8a1bc86b
  ncalrpc: OLEA23F28D2D5E42CECB3E77DD32126

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-79a9d8708150e45493
  ncalrpc: LRPC-bd13eecc97d4168c1e

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-79a9d8708150e45493
  ncalrpc: LRPC-bd13eecc97d4168c1e

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-79a9d8708150e45493
  ncalrpc: LRPC-bd13eecc97d4168c1e

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-bd13eecc97d4168c1e

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\WIN-5DCAPOPHGD0\PIPE\wkssvc
  ncalrpc: LRPC-e19551241abe3b0d88
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-e19551241abe3b0d88
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-e19551241abe3b0d88
  ncalrpc: DNSResolver

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  annotation: Spooler function endpoint
  provider: spoolsv.exe
  ncalrpc: spoolss

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  annotation: Spooler base remote object endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  annotation: Spooler function endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 191.96.145.85:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-5DCAPOPHGD0\pipe\lsass

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 191.96.145.85:49156

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-00a172ac8e58bc7cad
  ncacn_ip_tcp: 191.96.145.85:49157

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 191.96.145.85:49157

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-3bcc9236ac7e30c41b
  ncalrpc: LRPC-3bcc9236ac7e30c41b
  ncalrpc: LRPC-3bcc9236ac7e30c41b

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc0685FD3D2

354789847 | 2024-05-31T07:02:05.880065

137 / udp

NetBIOS Response:
  Server Name: WIN-5DCAPOPHGD0
  MAC Address: 00:30:48:C6:13:8E
  Names:
    WIN-5DCAPOPHGD0 <0x0>
    WORKGROUP <0x0>
    WIN-5DCAPOPHGD0 <0x20>

MAC Addresses

00:30:48:C6:13:8E
    OUI: 00:30:48
    Organization: Super Micro Computer, Inc.
    Assignment: MA-L
    Registration Date: 2000-09-08

973987490 | 2024-06-01T10:31:57.636222

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 Standard 9200
  Software: Windows Server 2012 Standard 6.2
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

-441419023 | 2024-05-20T04:11:53.683871

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x07\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8/Windows Server 2012
  OS Build: 6.2.9200
  Target Name: WIN-5DCAPOPHGD0
  NetBIOS Domain Name: WIN-5DCAPOPHGD0
  NetBIOS Computer Name: WIN-5DCAPOPHGD0
  DNS Domain Name: WIN-5DCAPOPHGD0
  FQDN: WIN-5DCAPOPHGD0

Otro usuario
Contrasesa
gt Windows Server 2012

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:3c:2d:54:97:a0:55:87:49:54:e8:a8:d9:6b:01:4b
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=WIN-5DCAPOPHGD0
        Validity
            Not Before: Mar  9 09:00:17 2024 GMT
            Not After : Sep  8 09:00:17 2024 GMT
        Subject: CN=WIN-5DCAPOPHGD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c9:e9:77:66:fb:3d:30:94:68:2b:60:a2:77:69:
                    58:f6:76:b3:19:9f:42:fc:f9:84:a5:9a:34:f7:66:
                    f1:f4:be:eb:5d:2f:6a:33:be:c5:1b:8e:48:6f:02:
                    91:1f:b7:9f:c4:78:e6:59:14:06:10:4f:20:0d:2b:
                    b1:1f:38:0d:82:0b:98:3e:7f:d2:9a:7a:de:52:ef:
                    89:42:42:d7:8b:ae:71:a8:4f:d8:13:da:47:5a:e1:
                    71:f2:a2:9f:21:bb:71:3f:83:4b:2e:61:aa:55:23:
                    22:09:46:8f:4c:f8:10:7b:3a:e7:a1:fd:de:dc:2e:
                    96:19:a1:3a:77:c2:5e:00:0b:bb:dc:4c:bf:2d:a1:
                    11:61:30:14:5b:3a:e7:1d:be:00:8e:53:e3:b2:dd:
                    16:e2:76:dd:6e:2b:ac:a3:63:ca:1e:29:81:ba:40:
                    1a:a0:d4:58:f8:1d:13:f0:07:11:99:c1:17:9c:3b:
                    99:2e:10:fe:5c:06:6e:9a:e9:aa:83:aa:23:1c:d0:
                    6e:f4:ec:36:cf:8e:f4:00:ba:75:c8:51:41:f2:45:
                    10:30:b3:58:fa:aa:09:6a:79:93:58:05:78:f0:1f:
                    d7:45:80:e2:a2:6f:fe:45:ba:15:27:dd:ec:77:b9:
                    67:49:2b:b5:df:54:d2:a1:3d:e0:8e:0e:6f:5f:2d:
                    c2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        0e:60:12:84:07:3d:20:dc:81:98:ac:00:b2:3a:fd:c6:90:ae:
        97:6b:ca:f8:fd:07:22:75:f0:f7:58:06:e5:ea:9d:a1:f5:c6:
        57:16:7a:c3:ee:65:63:8e:29:2a:50:d5:d5:3d:73:58:05:22:
        a5:29:29:39:62:eb:ee:be:97:11:f2:66:74:85:c8:33:b2:4d:
        88:dd:79:24:d0:a6:a6:2a:e3:0f:57:8f:ed:35:c0:2a:1f:82:
        d1:77:b7:79:0b:46:e4:70:b2:06:3c:4f:e3:95:f3:da:da:84:
        1f:c1:81:3b:62:39:d8:c9:67:c4:9e:1f:ec:6f:ac:f3:7a:63:
        c4:1b:c0:ae:38:ba:57:d6:4b:ca:f9:55:a2:e6:35:e2:c5:74:
        6b:bb:65:c9:63:7b:34:88:f0:92:b7:76:52:52:bb:54:17:f9:
        c4:fa:45:f5:7f:42:a1:be:fe:98:da:3f:a7:19:be:90:ac:3d:
        1a:11:d3:59:2d:9b:a4:26:cf:76:a2:ba:9f:3b:33:b1:68:8c:
        32:5d:2c:d2:69:f3:b6:cb:be:b8:03:7d:71:e0:d3:1c:5f:02:
        51:be:fb:d5:dd:58:12:27:8f:82:d2:7a:90:f1:4d:6b:86:7e:
        68:b0:8f:c8:d1:09:bd:04:9e:d6:7a:17:23:a8:9f:dd:c8:e4:
        f5:9d:06:14

-726790289 | 2024-06-02T22:30:18.020793

5432 / tcp

PostgreSQL
fe_sendauth: no password supplied

1489525118 | 2024-05-11T07:29:24.929798

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 11 May 2024 07:29:20 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012
  OS Build: 6.2.9200
  Target Name: WIN-5DCAPOPHGD0
  NetBIOS Domain Name: WIN-5DCAPOPHGD0
  NetBIOS Computer Name: WIN-5DCAPOPHGD0
  DNS Domain Name: WIN-5DCAPOPHGD0
  FQDN: WIN-5DCAPOPHGD0

864306896 | 2024-06-02T16:05:28.917280

8443 / tcp

HTTP/1.1 401 Unauthorized
Date: Sun, 02 Jun 2024 16:05:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
WWW-Authenticate: Basic realm="VisualSVN Server"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:e6:e3:68:f3:be:72:b2:45:46:be:c0:9c:9c:d8:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-5DCAPOPHGD0
        Validity
            Not Before: Aug 27 17:50:37 2021 GMT
            Not After : Aug 25 17:50:37 2031 GMT
        Subject: CN=WIN-5DCAPOPHGD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ed:cf:52:6e:92:19:9f:da:2d:51:fc:bc:17:19:
                    f4:7c:84:40:4d:72:12:3c:7a:a3:7d:d8:3c:1d:fc:
                    8f:00:73:a0:a1:b7:90:2d:4c:c6:c5:05:a9:17:f3:
                    e4:6c:a7:e9:5e:ba:bf:83:62:b0:7a:6d:f4:d6:68:
                    60:f1:95:6b:e6:17:ba:ee:28:9a:82:91:51:de:58:
                    da:a5:11:d2:c8:3c:73:8f:64:33:5c:0a:2d:65:f3:
                    39:15:1f:4e:a4:a6:71:44:32:1a:a5:f1:88:60:21:
                    a9:5f:bc:41:a1:e6:6f:05:04:33:c9:26:54:4d:77:
                    8c:e3:a8:b8:bf:f9:9d:c7:96:b1:05:2e:70:72:3a:
                    44:a8:6d:62:e2:76:a0:b9:f4:a4:39:ee:6b:09:d3:
                    8a:34:04:94:1b:af:3e:93:4d:0e:b2:5e:08:34:8f:
                    0f:46:e5:92:dc:5f:11:a1:39:c1:c5:fb:2b:3d:de:
                    57:99:c4:46:89:ab:e8:ab:0d:33:a7:c2:15:91:5e:
                    c3:4a:74:f1:11:fb:83:63:6e:b3:3f:6f:b8:86:0e:
                    78:57:19:f7:71:ea:19:5c:24:31:37:a5:95:9f:34:
                    60:3b:7c:e7:a4:7f:b6:cc:b7:e0:01:38:ff:60:dd:
                    b2:b2:df:97:df:bd:c1:f4:0b:3f:0d:ea:17:d7:82:
                    94:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment, Data Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Subject Alternative Name: 
                DNS:WIN-5DCAPOPHGD0
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c5:65:4c:95:ba:cc:3f:fb:c7:6f:3e:00:e2:b6:95:d0:1f:66:
        15:9a:cf:b6:5f:fc:e5:d3:01:83:d8:e8:c1:8c:61:b1:20:60:
        a0:ce:e4:d4:0d:9f:87:79:00:a5:89:6a:59:51:8f:29:0f:ba:
        17:a3:f1:c3:fc:7e:ad:a5:15:5d:6e:02:3d:ba:d4:4b:56:7e:
        e3:f9:dc:c9:6d:4a:62:d1:17:23:a8:a8:e3:47:26:41:28:7d:
        88:88:42:9b:9f:8f:42:64:67:fa:d4:db:31:44:2f:31:4d:bf:
        6a:9c:ed:67:1d:00:44:c2:42:99:a8:ee:33:4b:77:01:86:56:
        25:91:61:6b:bd:5a:16:fc:61:83:0b:14:dc:f3:6b:64:45:5f:
        1f:b0:66:46:76:cc:09:cf:a1:a1:ee:b6:40:4d:2e:6b:80:c0:
        d3:da:d7:3f:ba:e8:b0:23:f7:73:86:b1:39:82:f0:dc:10:62:
        43:1e:c3:5d:40:8f:3e:c5:bf:2d:37:cd:71:c6:96:a1:40:e8:
        8d:f9:4e:f8:bf:29:84:e2:c6:f5:60:81:e3:b4:e2:b3:1e:a8:
        bb:7f:07:1d:7d:0b:8f:2a:a8:3c:e5:02:6d:20:65:81:76:1a:
        0e:7c:57:0b:73:f4:bf:ae:87:59:be:d6:83:13:7f:cb:5d:34:
        86:40:14:4b

191.96.145.85

Last Seen: 2024-06-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-06-02T10:29:10.054171
21 / tcp

-635470905 | 2024-06-02T17:47:16.117664
22 / tcp

OpenSSHfor_Windows_8.1

918251753 | 2024-05-25T23:07:10.334801
80 / tcp

Microsoft IIS httpd8.0

1836796521 | 2024-06-02T04:24:34.830968
135 / tcp

Microsoft RPC Endpoint Mapper

354789847 | 2024-05-31T07:02:05.880065
137 / udp

973987490 | 2024-06-01T10:31:57.636222
445 / tcp

-441419023 | 2024-05-20T04:11:53.683871
3389 / tcp

Remote Desktop Protocol

-726790289 | 2024-06-02T22:30:18.020793
5432 / tcp

PostgreSQL

1489525118 | 2024-05-11T07:29:24.929798
5985 / tcp

WinRM

864306896 | 2024-06-02T16:05:28.917280
8443 / tcp

Apache httpd

Products

Pricing

Contact Us

191.96.145.85

Last Seen: 2024-06-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-06-02T10:29:10.054171 21 / tcp

-635470905 | 2024-06-02T17:47:16.117664 22 / tcp

OpenSSHfor_Windows_8.1

918251753 | 2024-05-25T23:07:10.334801 80 / tcp

Microsoft IIS httpd8.0

1836796521 | 2024-06-02T04:24:34.830968 135 / tcp

Microsoft RPC Endpoint Mapper

354789847 | 2024-05-31T07:02:05.880065 137 / udp

973987490 | 2024-06-01T10:31:57.636222 445 / tcp

-441419023 | 2024-05-20T04:11:53.683871 3389 / tcp

Remote Desktop Protocol

-726790289 | 2024-06-02T22:30:18.020793 5432 / tcp

PostgreSQL

1489525118 | 2024-05-11T07:29:24.929798 5985 / tcp

WinRM

864306896 | 2024-06-02T16:05:28.917280 8443 / tcp

Apache httpd

Products

Pricing

Contact Us

1090329081 | 2024-06-02T10:29:10.054171
21 / tcp

-635470905 | 2024-06-02T17:47:16.117664
22 / tcp

918251753 | 2024-05-25T23:07:10.334801
80 / tcp

1836796521 | 2024-06-02T04:24:34.830968
135 / tcp

354789847 | 2024-05-31T07:02:05.880065
137 / udp

973987490 | 2024-06-01T10:31:57.636222
445 / tcp

-441419023 | 2024-05-20T04:11:53.683871
3389 / tcp

-726790289 | 2024-06-02T22:30:18.020793
5432 / tcp

1489525118 | 2024-05-11T07:29:24.929798
5985 / tcp

864306896 | 2024-06-02T16:05:28.917280
8443 / tcp