GeneralInformation

Country	Iran, Islamic Republic of
City	Shiraz
Organization	Qazvin Telecomonicatin co.
ISP	Iran Telecommunication Company PJS
ASN	AS58224
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

MS15-034	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2015-1635	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

80 137 593 1434 3388 5985 49330

1138219898 | 2024-04-27T01:08:31.972782

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 24 Mar 2024 16:39:43 GMT
Accept-Ranges: bytes
ETag: "b17593df97eda1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 27 Apr 2024 00:08:56 GMT
Content-Length: 701

-1632400560 | 2024-04-09T04:12:23.831818

137 / udp

NetBIOS Response:
  Server Name: WIN-J2Q69SE19GH
  MAC Address: 60:A4:B7:BB:60:7D
  Names:
    WIN-J2Q69SE19GH <0x0>
    WIN-J2Q69SE19GH <0x20>
    WORKGROUP <0x0>
  Additional Interfaces:
    192.168.1.100

MAC Addresses

60:A4:B7:BB:60:7D
    OUI: 60:A4:B7
    Organization: TP-Link Corporation Limited
    Assignment: MA-L
    Registration Date: 2021-02-03

-1424286643 | 2024-04-25T23:52:49.719373

593 / tcp

ncacn_http/1.0

Microsoft RPC Endpoint Mapper over HTTP

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 192.168.1.100:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\InitShutdown
  ncalrpc: WMsgKRpc09B2C0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\InitShutdown
  ncalrpc: WMsgKRpc09B2C0
  ncalrpc: WMsgKRpc09BEF1
  ncalrpc: WMsgKRpc06407CB3
  ncalrpc: WMsgKRpc017C1C6664
  ncalrpc: WMsgKRpc017C397A26
  ncalrpc: WMsgKRpc017D0A00B7
  ncalrpc: WMsgKRpc017E5648D8
  ncalrpc: WMsgKRpc0185B56642
  ncalrpc: WMsgKRpc018ED34795

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-64e5435bef75dc19c3
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-78df7ae1c665f4dea2
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-64e5435bef75dc19c3
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-78df7ae1c665f4dea2
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-78df7ae1c665f4dea2
  ncalrpc: actkernel
  ncalrpc: umpo
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\srvsvc
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc
  ncalrpc: LRPC-b0f75f7d601b893bfd
  ncacn_ip_tcp: 192.168.1.100:49153
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: LRPC-b0f75f7d601b893bfd
  ncacn_ip_tcp: 192.168.1.100:49153
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-b0f75f7d601b893bfd
  ncacn_ip_tcp: 192.168.1.100:49153
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-b0f75f7d601b893bfd
  ncacn_ip_tcp: 192.168.1.100:49153
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 192.168.1.100:49153
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\eventlog
  ncalrpc: eventlog

7d814569-35b3-4850-bb32-83035fcebf6e
  version: v1.0
  annotation: IAS RPC server
  provider: ias.dll
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-3aa15508d7534ac431
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\srvsvc
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-3aa15508d7534ac431
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\srvsvc
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 192.168.1.100:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE55D7C20ABB2F9F81FC3436CC59D8
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-4e192efc8f91122bb1

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: LRPC-4793a52d5f0749be9d
  ncalrpc: OLE07FE56EC2C438DDF20DB3BBEC05C

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-4793a52d5f0749be9d
  ncalrpc: OLE07FE56EC2C438DDF20DB3BBEC05C

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-0f054621eb193303a2
  ncalrpc: OLE397AE8FE576F5DF06222BBECC837

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c90c8e075ccd4f73b7
  ncalrpc: LRPC-ad255ccbe154c890d5

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-c90c8e075ccd4f73b7
  ncalrpc: LRPC-ad255ccbe154c890d5

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c90c8e075ccd4f73b7
  ncalrpc: LRPC-ad255ccbe154c890d5

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-ad255ccbe154c890d5

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\WIN-J2Q69SE19GH\PIPE\wkssvc
  ncalrpc: LRPC-e6c0384b08b39c00fe
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-e6c0384b08b39c00fe
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-e6c0384b08b39c00fe
  ncalrpc: DNSResolver

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.100:49155
  ncalrpc: LRPC-b728da2f8b8511a1c8

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.100:49155
  ncalrpc: LRPC-b728da2f8b8511a1c8

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.100:49155
  ncalrpc: LRPC-b728da2f8b8511a1c8

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.100:49155
  ncalrpc: LRPC-b728da2f8b8511a1c8

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 192.168.1.100:49155
  ncalrpc: LRPC-b728da2f8b8511a1c8

12d4b7c8-77d5-11d1-8c24-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 192.168.1.100:49156
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\HydraLsPipe
  ncalrpc: LRPC-7fc3e08fb7890b8559

3d267954-eeb7-11d1-b94e-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 192.168.1.100:49156
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\HydraLsPipe
  ncalrpc: LRPC-7fc3e08fb7890b8559

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 192.168.1.100:49157

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 192.168.1.100:49159
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 192.168.1.100:49159
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\lsass

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  annotation: Network Connection Broker server endpoint
  ncalrpc: OLE2B5D66F372226249D58BF78E38C9
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\trkwks

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: OLE2B5D66F372226249D58BF78E38C9
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\trkwks

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  annotation: Network Connection Broker server endpoint for NCB Reset module
  ncalrpc: OLE2B5D66F372226249D58BF78E38C9
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\trkwks

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-J2Q69SE19GH\pipe\trkwks

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-66f78ae46951375521
  ncalrpc: LRPC-66f78ae46951375521
  ncalrpc: LRPC-66f78ae46951375521

3357951c-a1d1-47db-a278-ab945d063d03
  version: v1.0
  provider: LBService.dll
  ncacn_ip_tcp: 192.168.1.100:50492

958f92d8-da20-467a-bbe3-65e7e9b4edcf
  version: v1.0
  annotation: TsProxyMgmt
  protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface
  ncalrpc: AAGMgmt
  ncacn_ip_http: 192.168.1.100:3388

44e265dd-7daf-42cd-8560-3cdb6e7a2729
  version: v1.768
  annotation: TsProxy
  protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol
  ncalrpc: AAGMgmt
  ncacn_ip_http: 192.168.1.100:3388

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc06407CB3
  ncalrpc: WMsgKRpc017C1C6664
  ncalrpc: WMsgKRpc017C397A26
  ncalrpc: WMsgKRpc017D0A00B7
  ncalrpc: WMsgKRpc017E5648D8
  ncalrpc: WMsgKRpc0185B56642
  ncalrpc: WMsgKRpc018ED34795

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-2f25ebad35fd95040b

1799568939 | 2024-04-25T23:29:12.126972

1434 / udp

SQL Server Browser Service:
  Instance #1:
    Server Name: WIN-J2Q69SE19GH
    Instance Name: SEPIDAR
    Is Clustered: False
    Version: 10.50.2500.0
    TCP Port: 49330
    Named Pipe: \\WIN-J2Q69SE19GH\pipe\MSSQL$SEPIDAR\sql\query
    Version Name: MS-SQL Server 2008 R2 SP1RTW/PCU1

1308377066 | 2024-04-21T01:21:40.875356

3388 / tcp

ncacn_http/1.0

1489525118 | 2024-04-21T00:52:00.770050

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 20 Apr 2024 23:52:17 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-J2Q69SE19GH
  NetBIOS Domain Name: WIN-J2Q69SE19GH
  NetBIOS Computer Name: WIN-J2Q69SE19GH
  DNS Domain Name: WIN-J2Q69SE19GH
  FQDN: WIN-J2Q69SE19GH

-479259923 | 2024-04-25T23:29:15.767545

49330 / tcp

MS-SQL NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-J2Q69SE19GH
  NetBIOS Domain Name: WIN-J2Q69SE19GH
  NetBIOS Computer Name: WIN-J2Q69SE19GH
  DNS Domain Name: WIN-J2Q69SE19GH
  FQDN: WIN-J2Q69SE19GH

2.187.96.221

Last Seen: 2024-04-27

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-27T01:08:31.972782
80 / tcp

Microsoft IIS httpd8.5

-1632400560 | 2024-04-09T04:12:23.831818
137 / udp

-1424286643 | 2024-04-25T23:52:49.719373
593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

1799568939 | 2024-04-25T23:29:12.126972
1434 / udp

SQL Server Browser Service

1308377066 | 2024-04-21T01:21:40.875356
3388 / tcp

Microsoft Windows RPC over HTTP1.0

1489525118 | 2024-04-21T00:52:00.770050
5985 / tcp

WinRM

-479259923 | 2024-04-25T23:29:15.767545
49330 / tcp

MS-SQL Server 2008 R2 SP1RTW/PCU110.50.2500.0

Products

Pricing

Contact Us

2.187.96.221

Last Seen: 2024-04-27

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1138219898 | 2024-04-27T01:08:31.972782 80 / tcp

Microsoft IIS httpd8.5

-1632400560 | 2024-04-09T04:12:23.831818 137 / udp

-1424286643 | 2024-04-25T23:52:49.719373 593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

1799568939 | 2024-04-25T23:29:12.126972 1434 / udp

SQL Server Browser Service

1308377066 | 2024-04-21T01:21:40.875356 3388 / tcp

Microsoft Windows RPC over HTTP1.0

1489525118 | 2024-04-21T00:52:00.770050 5985 / tcp

WinRM

-479259923 | 2024-04-25T23:29:15.767545 49330 / tcp

MS-SQL Server 2008 R2 SP1RTW/PCU110.50.2500.0

Products

Pricing

Contact Us

1138219898 | 2024-04-27T01:08:31.972782
80 / tcp

-1632400560 | 2024-04-09T04:12:23.831818
137 / udp

-1424286643 | 2024-04-25T23:52:49.719373
593 / tcp

1799568939 | 2024-04-25T23:29:12.126972
1434 / udp

1308377066 | 2024-04-21T01:21:40.875356
3388 / tcp

1489525118 | 2024-04-21T00:52:00.770050
5985 / tcp

-479259923 | 2024-04-25T23:29:15.767545
49330 / tcp