GeneralInformation

Country	China
City	Chengdu
Organization	Chengdu west dimension digital technology Co., LTD
ISP	CHINANET SiChuan Telecom Internet Data Center
ASN	AS38283
Operating System	Windows Server 2012 (build 6.2.9200)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 80 82 83 1433 4369 5985 8080

1090329081 | 2024-03-22T23:11:47.283891

21 / tcp

220-FileZilla Server 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   PASS   PASV   PBSZ   PORT   PROT   PWD    QUIT
   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE   STOR
   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD   XPWD
   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

-1668308504 | 2024-04-12T14:55:01.521600

80 / tcp

HTTP/1.1 302 Object moved
Server: infosec/1.0.0
Location: http://stopinfo.vhostgo.com/info5.html?data=211.149.182.192
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0

1369076377 | 2024-04-04T01:12:59.369801

82 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
Set-Cookie: ASP.NET_SessionId=bi3tdqqqn4z33nrmbu0b1xi5; path=/; HttpOnly
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 04 Apr 2024 01:12:59 GMT
Content-Length: 8

1369076377 | 2024-04-12T23:42:39.241659

83 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
Set-Cookie: ASP.NET_SessionId=qfw0snss311piazkredprbkz; path=/; HttpOnly
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 12 Apr 2024 23:42:39 GMT
Content-Length: 8

860516076 | 2024-04-04T13:53:08.924217

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows 8/Windows Server 2012
  OS Build: 6.2.9200
  Target Name: EBS-57320
  NetBIOS Domain Name: EBS-57320
  NetBIOS Computer Name: EBS-57320
  DNS Domain Name: ebs-57320
  FQDN: ebs-57320

1913291440 | 2024-04-09T00:40:01.623411

4369 / tcp

Erlang Port Mapper Daemon:
  nodes: <empty>

1489525118 | 2024-04-17T10:27:40.292415

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 17 Apr 2024 10:27:39 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012
  OS Build: 6.2.9200
  Target Name: EBS-57320
  NetBIOS Domain Name: EBS-57320
  NetBIOS Computer Name: EBS-57320
  DNS Domain Name: ebs-57320
  FQDN: ebs-57320

-1058427659 | 2024-04-17T10:06:00.431621

8080 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 17 Apr 2024 10:06:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.350335f9=node01n6kfr1kifamnnfg5uk903ell51894.node0;Path=/;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.164.3
X-Jenkins-Session: 00c86e99
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 799
Server: Jetty(9.4.z-SNAPSHOT)

211.149.182.192

Last Seen: 2024-04-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-03-22T23:11:47.283891
21 / tcp

-1668308504 | 2024-04-12T14:55:01.521600
80 / tcp

Information Security1.0.0

1369076377 | 2024-04-04T01:12:59.369801
82 / tcp

Microsoft IIS httpd8.0

1369076377 | 2024-04-12T23:42:39.241659
83 / tcp

Microsoft IIS httpd8.0

860516076 | 2024-04-04T13:53:08.924217
1433 / tcp

MS-SQL Server 2012 RTM11.0.2218.0

1913291440 | 2024-04-09T00:40:01.623411
4369 / tcp

Erlang Port Mapper Daemon

1489525118 | 2024-04-17T10:27:40.292415
5985 / tcp

WinRM

-1058427659 | 2024-04-17T10:06:00.431621
8080 / tcp

Jenkins

Products

Pricing

Contact Us

211.149.182.192

Last Seen: 2024-04-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1090329081 | 2024-03-22T23:11:47.283891 21 / tcp

-1668308504 | 2024-04-12T14:55:01.521600 80 / tcp

Information Security1.0.0

1369076377 | 2024-04-04T01:12:59.369801 82 / tcp

Microsoft IIS httpd8.0

1369076377 | 2024-04-12T23:42:39.241659 83 / tcp

Microsoft IIS httpd8.0

860516076 | 2024-04-04T13:53:08.924217 1433 / tcp

MS-SQL Server 2012 RTM11.0.2218.0

1913291440 | 2024-04-09T00:40:01.623411 4369 / tcp

Erlang Port Mapper Daemon

1489525118 | 2024-04-17T10:27:40.292415 5985 / tcp

WinRM

-1058427659 | 2024-04-17T10:06:00.431621 8080 / tcp

Jenkins

Products

Pricing

Contact Us

1090329081 | 2024-03-22T23:11:47.283891
21 / tcp

-1668308504 | 2024-04-12T14:55:01.521600
80 / tcp

1369076377 | 2024-04-04T01:12:59.369801
82 / tcp

1369076377 | 2024-04-12T23:42:39.241659
83 / tcp

860516076 | 2024-04-04T13:53:08.924217
1433 / tcp

1913291440 | 2024-04-09T00:40:01.623411
4369 / tcp

1489525118 | 2024-04-17T10:27:40.292415
5985 / tcp

-1058427659 | 2024-04-17T10:06:00.431621
8080 / tcp