GeneralInformation

Hostnames	u20665467.onlinehome-server.com
Domains	onlinehome-server.com
Country	United States
City	Kansas City
Organization	IONOS Inc.
ISP	IONOS SE
ASN	AS8560

WebTechnologies

JavaScript frameworks

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2014-4078	The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 25 80 110 135 137 143 445 1515 1801 2020 2121 3333 3389 8880 8888 9000 9091 9595

-370734890 | 2024-04-16T04:27:01.105898

21 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 317078 (0x4d696)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CH, L=Schaffhausen, O=Plesk, CN=Plesk/emailAddress=info@plesk.com
        Validity
            Not Before: Nov 21 05:49:50 2017 GMT
            Not After : Nov 21 05:49:50 2018 GMT
        Subject: C=CH, L=Schaffhausen, O=Plesk, CN=Plesk/emailAddress=info@plesk.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ea:e3:64:6a:70:d2:54:20:9b:33:b2:3d:87:a1:
                    bd:4a:c8:1e:84:07:83:13:ae:e2:20:40:bc:da:f5:
                    ce:b6:3e:3d:83:c9:8c:29:15:81:d3:ad:2e:ac:54:
                    2d:67:b9:d8:39:9c:26:45:fb:0b:f3:d4:d5:cf:2e:
                    b1:c2:ea:9d:41:79:98:ac:35:0e:cc:74:9c:a9:1a:
                    dd:3f:95:1f:d1:5b:66:5c:04:be:92:31:65:75:12:
                    1f:6e:45:ff:2b:73:29:3e:f7:47:9d:3f:ea:ff:8a:
                    c5:3c:4b:42:9a:d0:21:1f:07:bb:85:f0:1c:6e:03:
                    f5:65:fb:f6:1c:e9:cb:82:59:d6:cb:5d:70:17:68:
                    e8:b3:78:b1:28:12:f0:1c:98:ea:3f:53:f3:70:e1:
                    59:d5:92:ea:f7:60:99:f2:ec:d6:2c:02:17:7c:4c:
                    0e:1f:5e:f6:45:b5:52:e6:c7:b6:a7:1a:f2:aa:43:
                    ba:64:0c:49:d9:ef:f9:53:00:fb:28:02:32:39:00:
                    60:55:21:90:e9:a1:88:5b:c8:c4:45:99:50:53:ec:
                    f6:19:d4:57:90:90:58:0a:61:52:ce:6c:67:15:fa:
                    2c:c0:11:c3:8f:e3:26:6e:64:16:81:2f:0d:b1:c7:
                    c8:97:84:7c:02:aa:64:48:8f:f8:50:53:6f:88:62:
                    ea:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Subject Key Identifier: 
                80:64:EA:14:CE:44:4B:A5:0E:FC:4B:D3:9B:FA:14:D6:FA:58:DB:23
            X509v3 Authority Key Identifier: 
                keyid:80:64:EA:14:CE:44:4B:A5:0E:FC:4B:D3:9B:FA:14:D6:FA:58:DB:23
                DirName:/C=CH/L=Schaffhausen/O=Plesk/CN=Plesk/emailAddress=info@plesk.com
                serial:04:D6:96
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        66:ee:85:eb:74:a8:48:6c:6c:0a:e5:52:2e:22:2f:cb:9b:3a:
        0d:a9:82:3b:57:bc:8e:81:95:c3:2c:18:e8:f4:19:a2:de:49:
        7d:1b:bf:36:b6:06:8d:d9:97:bb:31:5c:12:50:b8:90:e3:d5:
        c7:e6:32:42:76:cd:b5:c1:c8:33:6c:ca:87:c6:2a:ab:d3:93:
        aa:f1:99:b7:11:ef:cc:d6:d5:6d:05:1f:38:0d:4b:53:46:b4:
        72:ca:aa:8b:df:25:1a:2b:33:e6:03:e1:c9:5a:a6:db:76:cd:
        78:8a:4e:b1:c9:db:7d:46:94:32:19:2b:5a:cc:a6:0d:01:8f:
        5c:0a:ab:54:9c:39:fc:be:ad:a3:c8:30:2d:0e:5f:f0:ab:ac:
        5b:ab:b2:f9:a4:23:79:81:da:9f:65:a5:47:a1:bb:70:6e:07:
        8c:ba:0f:fb:f8:a6:f4:be:44:89:bf:c8:b3:e0:cd:a6:cf:d5:
        d4:ae:10:41:2f:59:e2:1b:24:08:34:46:61:b4:26:99:60:a6:
        e0:54:0c:63:00:a4:df:ce:0e:0f:bc:94:50:46:92:1c:b4:ec:
        97:64:d8:48:a1:1f:83:16:da:1e:36:99:7d:b3:bf:5e:5d:cd:
        75:df:6a:de:7f:36:6b:fc:c7:62:37:66:81:aa:a4:3b:b7:e0:
        a5:e3:79:8d

228762908 | 2024-04-10T11:50:13.027391

25 / tcp

220 U20665467.home ESMTP MailEnable Service, Version: 10.27-- ready at 04/10/24 17:20:10
250-home [224.81.251.89], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 40960000
250-HELP
250 AUTH=LOGIN

-631767606 | 2024-04-15T05:39:20.220307

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 21 Jul 2021 19:46:02 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 15 Apr 2024 05:39:20 GMT
Content-Length: 3894

-471102630 | 2024-04-13T23:52:20.232974

110 / tcp

+OK Welcome to MailEnable POP3 Server
+OK Capability list follows
TOP
USER
UIDL
.

1962969907 | 2024-03-26T17:31:48.054755

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 74.208.146.221:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\U20665467\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0ED7A0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\U20665467\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0ED7A0
  ncalrpc: WMsgKRpc0EE841
  ncalrpc: WMsgKRpc05641F2

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: LRPC-9b127d5bf2fb48e977
  ncacn_np: \\U20665467\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-d8f7d671306f2222e4
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-9b127d5bf2fb48e977
  ncacn_np: \\U20665467\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-d8f7d671306f2222e4
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-d8f7d671306f2222e4
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\U20665467\PIPE\srvsvc
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc
  ncalrpc: LRPC-6ad6178d1b245553ea
  ncacn_ip_tcp: 74.208.146.221:49153
  ncacn_np: \\U20665467\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: LRPC-6ad6178d1b245553ea
  ncacn_ip_tcp: 74.208.146.221:49153
  ncacn_np: \\U20665467\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-6ad6178d1b245553ea
  ncacn_ip_tcp: 74.208.146.221:49153
  ncacn_np: \\U20665467\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-6ad6178d1b245553ea
  ncacn_ip_tcp: 74.208.146.221:49153
  ncacn_np: \\U20665467\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 74.208.146.221:49153
  ncacn_np: \\U20665467\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-808353c24728d51868
  ncacn_np: \\U20665467\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: DeviceSetupManager
  ncacn_np: \\U20665467\PIPE\srvsvc
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 74.208.146.221:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\U20665467\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE19416429407DEECBF06B039826A0
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-3f3a48da63611aaf2f

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: LRPC-366ad8e401034cb33f
  ncalrpc: OLE34ACC56561F1E93317361CDFE9A8

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-366ad8e401034cb33f
  ncalrpc: OLE34ACC56561F1E93317361CDFE9A8

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-0c6b6cbb46b946f886

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-28f44aa32719cb5800
  ncalrpc: LRPC-76b8aa028e052c95ce

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-28f44aa32719cb5800
  ncalrpc: LRPC-76b8aa028e052c95ce

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-28f44aa32719cb5800
  ncalrpc: LRPC-76b8aa028e052c95ce

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-76b8aa028e052c95ce

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\U20665467\PIPE\wkssvc
  ncalrpc: LRPC-e35c2a20e1788d22e4
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-e35c2a20e1788d22e4
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-e35c2a20e1788d22e4
  ncalrpc: DNSResolver

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 74.208.146.221:49155
  ncalrpc: LRPC-22299b182b4533bb5a

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 74.208.146.221:49155
  ncalrpc: LRPC-22299b182b4533bb5a

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 74.208.146.221:49155
  ncalrpc: LRPC-22299b182b4533bb5a

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 74.208.146.221:49155
  ncalrpc: LRPC-22299b182b4533bb5a

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 74.208.146.221:49155
  ncalrpc: LRPC-22299b182b4533bb5a

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 74.208.146.221:49162
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\U20665467\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\U20665467\pipe\lsass

1a9134dd-7b39-45ba-ad88-44d01ca47f28
  version: v1.0
  annotation: Message Queuing - RemoteRead V1
  protocol: [MS-MQRR]: Message Queuing (MSMQ):
  provider: mqqm.dll
  ncacn_ip_tcp: 74.208.146.221:2105
  ncacn_ip_tcp: 74.208.146.221:2103
  ncacn_ip_tcp: 74.208.146.221:2107
  ncacn_ip_tcp: 74.208.146.221:49156
  ncalrpc: QMMgmtFacility$u20665467
  ncalrpc: QMsvc$u20665467

1088a980-eae5-11d0-8d9b-00a02453c337
  version: v1.0
  annotation: Message Queuing - QM2QM V1
  protocol: [MS-MQQP]: Message Queuing (MSMQ):
  provider: mqqm.dll
  ncacn_ip_tcp: 74.208.146.221:2105
  ncacn_ip_tcp: 74.208.146.221:2103
  ncacn_ip_tcp: 74.208.146.221:2107
  ncacn_ip_tcp: 74.208.146.221:49156
  ncalrpc: QMMgmtFacility$u20665467
  ncalrpc: QMsvc$u20665467

76d12b80-3467-11d3-91ff-0090272f9ea3
  version: v1.0
  annotation: Message Queuing - QMRT V2
  protocol: [MS-MQMP]: Message Queuing (MSMQ):
  provider: mqqm.dll
  ncacn_ip_tcp: 74.208.146.221:2105
  ncacn_ip_tcp: 74.208.146.221:2103
  ncacn_ip_tcp: 74.208.146.221:2107
  ncacn_ip_tcp: 74.208.146.221:49156
  ncalrpc: QMMgmtFacility$u20665467
  ncalrpc: QMsvc$u20665467

fdb3a030-065f-11d1-bb9b-00a024ea5525
  version: v1.0
  annotation: Message Queuing - QMRT V1
  protocol: [MS-MQMP]: Message Queuing (MSMQ):
  provider: mqqm.dll
  ncacn_ip_tcp: 74.208.146.221:2105
  ncacn_ip_tcp: 74.208.146.221:2103
  ncacn_ip_tcp: 74.208.146.221:2107
  ncacn_ip_tcp: 74.208.146.221:49156
  ncalrpc: QMMgmtFacility$u20665467
  ncalrpc: QMsvc$u20665467

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 74.208.146.221:49222

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc05641F2

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-b47431ec73b6980187
  ncalrpc: LRPC-b47431ec73b6980187
  ncalrpc: LRPC-b47431ec73b6980187
  ncalrpc: LRPC-146b7a4bc8b09939f1
  ncalrpc: OLE75F6816D734480BCC81DD89112F3

217083131 | 2024-04-13T17:31:33.280591

137 / udp

NetBIOS Response:
  Server Name: U20665467
  MAC Address: 50:9A:4C:6B:7A:FB
  Names:
    U20665467 <0x0>
    WORKGROUP <0x0>
    U20665467 <0x20>

MAC Addresses

50:9A:4C:6B:7A:FB
    OUI: 50:9A:4C
    Organization: Dell Inc.
    Assignment: MA-L
    Registration Date: 2017-01-26

-156484464 | 2024-04-16T08:59:44.081199

143 / tcp

* OK IMAP4rev1 server ready at 04/16/24 14:29:43
* CAPABILITY IMAP4rev1 IMAP4 AUTH=LOGIN AUTH=CRAM-MD5 IDLE CHILDREN UIDPLUS
A001 OK CAPABILITY completed
A002 BAD UNKNOWN Command
A003 BAD UNKNOWN Command
* BYE IMAP4rev1 server terminating connection
A004 OK LOGOUT Initiated

1688663994 | 2024-03-29T05:24:03.558617

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Standard 9600
  Software: Windows Server 2012 R2 Standard 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

-2070329383 | 2024-04-15T07:04:54.710118

1515 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 15 Apr 2024 07:04:54 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

-1659821242 | 2024-04-11T04:31:34.012662

1801 / tcp

\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa\x94\x1b\x92(F\x1eXA\xacl\xa6\x04\xd1\xb7\x91 \x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-1554465028 | 2024-03-21T16:03:37.519730

2020 / tcp

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 21 Mar 2024 16:03:36 GMT
Content-Length: 3420

-370734890 | 2024-04-02T14:51:05.371092

2121 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

-69902757 | 2024-04-11T22:43:26.755143

3333 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 11 Apr 2024 22:43:20 GMT
Content-Length: 93113

183731473 | 2024-04-15T20:29:07.006913

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: U20665467
  NetBIOS Domain Name: U20665467
  NetBIOS Computer Name: U20665467
  DNS Domain Name: u20665467
  FQDN: u20665467

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:f6:0e:e4:b1:63:04:87:4f:96:5d:98:5f:5b:84:46
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=u20665467
        Validity
            Not Before: Feb  4 18:30:14 2024 GMT
            Not After : Aug  5 18:30:14 2024 GMT
        Subject: CN=u20665467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ac:97:d6:7f:e2:f1:67:77:c0:9c:79:99:60:a4:
                    51:8d:39:7e:df:ab:c4:26:98:69:18:ec:06:e5:79:
                    1d:04:3a:11:6f:e3:a2:97:77:64:49:65:82:5f:9e:
                    60:7a:e2:8a:33:fb:b3:67:57:24:54:ac:1b:8a:ab:
                    c6:34:f1:3f:f2:28:df:6c:ca:ac:0d:e3:a3:3a:8a:
                    03:29:9d:30:ff:4f:dc:e7:89:cd:03:71:92:f5:4e:
                    ac:b0:62:07:88:d8:8d:30:d4:09:b5:9a:d9:ee:87:
                    0b:01:0e:f0:cc:1d:e2:3a:25:23:9a:ca:83:06:0e:
                    9c:7c:6f:9b:21:62:36:6d:47:50:f6:3a:ee:14:a7:
                    31:da:b0:bc:28:ee:74:2c:f2:1d:75:3d:2f:50:f7:
                    2f:d4:5e:ea:6b:24:a6:53:d1:d0:e8:82:b0:ad:76:
                    8e:ed:ea:84:2e:34:63:12:13:41:6e:76:51:b8:56:
                    ee:f0:58:c8:9f:ac:a9:68:00:b4:1a:9f:b8:a0:18:
                    ee:7e:db:78:34:c4:9f:64:98:f6:fd:66:25:6b:34:
                    cf:ad:45:59:43:79:b8:bc:e5:01:4a:51:d9:25:9b:
                    82:ba:bd:bf:b1:5e:57:3e:27:58:8d:3d:fb:14:b8:
                    74:45:e1:a0:15:22:b1:17:0b:ad:35:da:c7:57:a3:
                    df:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2c:c2:c6:e8:c8:e5:c9:b2:ad:08:95:59:5e:aa:b2:67:90:fd:
        92:6b:08:89:e4:84:bc:ee:5b:06:f6:bf:ab:aa:e8:7f:cf:b4:
        a7:b6:82:dc:ce:6b:44:a3:33:39:84:92:f8:5a:e5:99:cd:c0:
        2a:38:61:dc:f2:07:c0:14:75:59:3d:62:00:9f:fa:59:bc:b2:
        12:61:d1:6a:96:1c:9d:bc:97:a2:35:c5:87:1e:f5:09:e1:63:
        32:72:c9:5e:a0:60:d8:07:92:0b:42:d9:a8:cf:1b:70:6a:ab:
        34:15:d5:0a:fc:a1:4f:00:1d:3a:30:a3:74:77:a5:23:cd:a9:
        cb:db:44:9e:d3:76:ad:e8:82:86:8e:11:2b:ae:73:37:96:24:
        b1:b3:c7:f1:00:a0:39:b1:ac:62:a1:01:4e:a1:fe:d1:ce:d2:
        ae:c6:ec:dc:ea:a4:7c:10:5a:24:9f:57:e2:cc:3a:c3:c2:fe:
        b7:c1:09:14:c7:fc:9d:b8:92:c3:c7:22:20:e8:53:67:84:cc:
        2d:85:12:e7:f7:46:3a:38:df:f3:d4:47:f3:6e:b6:9a:4c:17:
        4f:3a:6f:ad:82:17:4a:9d:9f:01:a5:5b:59:12:8f:c5:c4:d2:
        48:f7:c3:62:89:07:a6:16:02:81:cf:68:31:9d:a0:76:0d:04:
        5f:71:61:5a

1309724226 | 2024-04-14T20:31:30.763172

8880 / tcp

HTTP/1.1 500 Server Error
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sun, 14 Apr 2024 20:31:30 GMT
Location: http://74.208.146.221/login.php?success_redirect_url=%2F
Server: Microsoft-IIS/8.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
Date: Sun, 14 Apr 2024 20:31:30 GMT
Content-Length: 953

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <title>500 Internal Server Error</title>
    <link rel="shortcut icon" href="/favicon.ico">
    <link rel="stylesheet" href="/ui-library/plesk-ui-library.css?3.8.1">
    <script type="text/javascript" src="/ui-library/plesk-ui-library.min.js?3.8.1"></script>
    <script type="text/javascript" src="/cp/javascript/vendors.js"></script>
    <script type="text/javascript" src="/cp/javascript/main.js"></script>
    <script type="text/javascript" src="/error_docs/uat.js?v1"></script>
<link href="/error_docs/app.css" rel="stylesheet"></head>
<body>
<div id="app"></div>
<script>window.__INITIAL_DATA__ = {"code":"500","message":"Internal Server Error"}</script>
<script type="text/javascript" src="/error_docs/app.js?3c85833bf631e8fb12ee"></script></body>
</html>

1427157949 | 2024-04-14T01:05:48.084556

8888 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.1
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 14 Apr 2024 01:05:47 GMT
Content-Length: 3497

1483465987 | 2024-04-09T04:39:28.370098

9000 / tcp

HTTP/1.1 500 Server Error
Cache-Control: private
Content-Type: text/html
Location: /ErrorPages/Oops.aspx?aspxerrorpath=/Default.aspx
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 09 Apr 2024 04:39:28 GMT
Content-Length: 1208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>500 - Internal server error.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>500 - Internal server error.</h2>
  <h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
 </fieldset></div>
</div>
</body>
</html>

919129962 | 2024-04-11T01:40:33.694529

9091 / tcp

HTTP/1.1 500 Server Error
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 11 Apr 2024 01:40:33 GMT
Content-Length: 1208

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>500 - Internal server error.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>500 - Internal server error.</h2>
  <h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
 </fieldset></div>
</div>
</body>
</html>

-348035486 | 2024-04-13T18:32:47.036048

9595 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=pcuve3m5euk5yt2ycy4puzm0; path=/; HttpOnly
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sat, 13 Apr 2024 18:32:46 GMT
Content-Length: 82975

74.208.146.221

Last Seen: 2024-04-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-370734890 | 2024-04-16T04:27:01.105898 21 / tcp

228762908 | 2024-04-10T11:50:13.027391 25 / tcp

-631767606 | 2024-04-15T05:39:20.220307 80 / tcp

-471102630 | 2024-04-13T23:52:20.232974 110 / tcp

1962969907 | 2024-03-26T17:31:48.054755 135 / tcp

217083131 | 2024-04-13T17:31:33.280591 137 / udp

-156484464 | 2024-04-16T08:59:44.081199 143 / tcp

1688663994 | 2024-03-29T05:24:03.558617 445 / tcp

-2070329383 | 2024-04-15T07:04:54.710118 1515 / tcp

-1659821242 | 2024-04-11T04:31:34.012662 1801 / tcp

-1554465028 | 2024-03-21T16:03:37.519730 2020 / tcp

-370734890 | 2024-04-02T14:51:05.371092 2121 / tcp

-69902757 | 2024-04-11T22:43:26.755143 3333 / tcp

183731473 | 2024-04-15T20:29:07.006913 3389 / tcp

1309724226 | 2024-04-14T20:31:30.763172 8880 / tcp

1427157949 | 2024-04-14T01:05:48.084556 8888 / tcp

1483465987 | 2024-04-09T04:39:28.370098 9000 / tcp

919129962 | 2024-04-11T01:40:33.694529 9091 / tcp

-348035486 | 2024-04-13T18:32:47.036048 9595 / tcp

Products

Pricing

Contact Us

-370734890 | 2024-04-16T04:27:01.105898
21 / tcp

228762908 | 2024-04-10T11:50:13.027391
25 / tcp

-631767606 | 2024-04-15T05:39:20.220307
80 / tcp

-471102630 | 2024-04-13T23:52:20.232974
110 / tcp

1962969907 | 2024-03-26T17:31:48.054755
135 / tcp

217083131 | 2024-04-13T17:31:33.280591
137 / udp

-156484464 | 2024-04-16T08:59:44.081199
143 / tcp

1688663994 | 2024-03-29T05:24:03.558617
445 / tcp

-2070329383 | 2024-04-15T07:04:54.710118
1515 / tcp

-1659821242 | 2024-04-11T04:31:34.012662
1801 / tcp

-1554465028 | 2024-03-21T16:03:37.519730
2020 / tcp

-370734890 | 2024-04-02T14:51:05.371092
2121 / tcp

-69902757 | 2024-04-11T22:43:26.755143
3333 / tcp

183731473 | 2024-04-15T20:29:07.006913
3389 / tcp

1309724226 | 2024-04-14T20:31:30.763172
8880 / tcp

1427157949 | 2024-04-14T01:05:48.084556
8888 / tcp

1483465987 | 2024-04-09T04:39:28.370098
9000 / tcp

919129962 | 2024-04-11T01:40:33.694529
9091 / tcp

-348035486 | 2024-04-13T18:32:47.036048
9595 / tcp