GeneralInformation

Country	United States
City	San Jose
Organization	PEG TECH INC
ISP	PEG TECH INC
ASN	AS54600

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

MS15-034	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2015-1635	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 80 3306 8888

-1521289231 | 2024-05-11T13:52:44.725171

21 / tcp

220 FileZilla Server version 0.9.46 beta written by Tim Kosse (Tim.Kosse@gmx.de) Please visit http://sourceforge.
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
211 End

1138219898 | 2024-05-11T09:22:54.524090

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 30 Dec 2023 08:24:37 GMT
Accept-Ranges: bytes
ETag: "57b64a0f93ada1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 11 May 2024 09:22:51 GMT
Content-Length: 701

2516931 | 2024-05-15T19:44:02.049592

3306 / tcp

MySQL:
  Error Message: Host '224.183.213.161' is not allowed to connect to this MySQL server
  Error Code: 1130

-85749389 | 2024-05-10T05:36:59.328248

8888 / tcp

HTTP/1.1 404 NOT FOUND
Content-Type: text/html
Content-Length: 138
Server: nginx
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: fe6533418ac1991f62890d330a742199=fce95e09-ff2a-446d-8580-6272622e310b.NbDmrGdNsZCp-6rhg7-YItfTKTo; Expires=Sat, 11-May-2024 05:36:57 GMT; HttpOnly; Path=/
Date: Fri, 10 May 2024 05:36:57 GMT

38.174.179.1

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-05-11T13:52:44.725171
21 / tcp

1138219898 | 2024-05-11T09:22:54.524090
80 / tcp

Microsoft IIS httpd8.5

2516931 | 2024-05-15T19:44:02.049592
3306 / tcp

MySQL

-85749389 | 2024-05-10T05:36:59.328248
8888 / tcp

nginx

Products

Pricing

Contact Us

38.174.179.1

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-05-11T13:52:44.725171 21 / tcp

1138219898 | 2024-05-11T09:22:54.524090 80 / tcp

Microsoft IIS httpd8.5

2516931 | 2024-05-15T19:44:02.049592 3306 / tcp

MySQL

-85749389 | 2024-05-10T05:36:59.328248 8888 / tcp

nginx

Products

Pricing

Contact Us

-1521289231 | 2024-05-11T13:52:44.725171
21 / tcp

1138219898 | 2024-05-11T09:22:54.524090
80 / tcp

2516931 | 2024-05-15T19:44:02.049592
3306 / tcp

-85749389 | 2024-05-10T05:36:59.328248
8888 / tcp