GeneralInformation

Country	China
City	Shenzhen
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2019-0708	10.0A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVE-2010-3972	10.0Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-1899	4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

21 80 3389 8001 11211

977812442 | 2024-05-28T04:41:16.945599

21 / tcp

220-FileZilla Server version 0.9.46 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit http://sourceforge.net/projects/filezilla/
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
211 End

176270573 | 2024-05-31T17:15:07.881414

80 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 31 May 2024 17:15:07 GMT
Content-Length: 36

-99469354 | 2024-05-08T20:30:11.333437

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x01\x08\x00\x02\x00\x00\x00

I
Administrator tiantong
Lar
Enterprise

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:22:9d:0c:e1:10:18:95:43:ce:03:7b:cb:5c:6d:c7
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=iZ94975m36qZ
        Validity
            Not Before: Apr 21 23:38:59 2024 GMT
            Not After : Oct 21 23:38:59 2024 GMT
        Subject: CN=iZ94975m36qZ
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:aa:58:ec:4a:77:78:3f:31:d4:13:ef:a8:4d:
                    f7:88:57:06:a8:a5:a3:bd:56:03:34:37:79:c8:3d:
                    69:7f:ec:5d:65:63:37:f8:ea:91:82:67:ea:dd:5d:
                    da:55:88:22:21:ed:03:a5:c2:65:b0:61:9f:f6:e6:
                    e8:fa:6e:a0:07:db:cc:2d:3e:d5:d8:2d:3c:51:66:
                    a3:7c:40:73:90:50:8d:b2:d1:c5:31:17:c4:88:6e:
                    60:6f:d3:f9:68:a5:bf:aa:fc:ac:11:14:73:8f:23:
                    da:35:3b:db:4e:7a:82:98:d6:9f:c4:d7:01:8f:d4:
                    11:3a:31:80:a6:f9:7d:48:77:1c:25:2e:f8:21:f3:
                    f9:4c:ae:b4:28:ae:97:78:ff:f5:34:06:6e:bd:ed:
                    76:32:99:e1:97:3a:be:1b:85:9c:61:48:c2:1c:86:
                    37:02:17:0c:40:f2:bd:c5:40:90:d5:50:97:d9:79:
                    4a:d2:a6:35:9e:9a:37:61:86:ed:c5:8f:f3:96:be:
                    bb:00:30:56:dd:62:14:4f:d2:85:53:c2:8a:af:2e:
                    7f:ad:e3:72:e9:12:87:56:a7:79:c4:73:4b:14:a4:
                    c2:a3:76:16:de:ad:c6:90:da:19:51:07:7a:d6:fb:
                    e8:d5:76:0e:56:df:ba:14:44:35:39:a6:65:05:1d:
                    c6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        2a:61:e1:db:a6:b8:6e:b1:13:ed:15:39:84:09:fd:0a:6a:ae:
        2e:5b:1a:c9:80:27:95:2e:9b:af:a9:c6:75:fb:19:6e:ee:89:
        0c:df:23:a2:ae:70:86:2b:74:4d:c2:d1:0b:cf:7a:0a:18:cb:
        d9:45:ec:2a:30:54:ed:37:b7:b7:b8:ca:22:57:96:e9:20:09:
        6a:48:40:0b:7b:63:f6:34:ef:56:02:af:25:45:c2:89:97:4a:
        dc:28:46:ce:b8:86:9a:75:02:7c:7f:20:56:f7:9d:40:83:7d:
        dd:94:14:32:14:4e:84:59:dd:c8:53:cf:7a:01:6f:33:8f:d4:
        a8:39:8c:f5:42:c8:84:9f:ab:19:0a:68:17:b8:28:83:11:c2:
        fb:38:c8:86:61:c1:88:a7:f9:fa:d6:45:c5:a1:54:10:39:7e:
        f4:e2:35:b3:2b:a8:ad:09:4f:c3:c5:47:a7:af:a6:47:f4:d2:
        5f:75:f6:f0:5c:17:d5:a3:c6:5f:0f:3d:bf:06:5c:16:c2:3b:
        9b:5f:70:3a:fe:56:0b:8e:42:04:59:1c:6a:be:91:5b:70:7c:
        c6:e0:d7:ed:db:8a:bd:65:3c:c9:5f:38:e1:2e:21:2c:90:33:
        e6:7a:09:6b:97:ce:44:9c:dd:91:09:30:39:a5:38:02:bb:a5:
        41:9f:70:48

176270573 | 2024-05-22T10:17:46.815816

8001 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Wed, 22 May 2024 10:17:46 GMT
Content-Length: 36

1429722493 | 2024-05-28T14:39:53.007273

11211 / tcp

stats
STAT pid 1892
STAT uptime 142032
STAT time 1716907191
STAT version 1.2.6
STAT pointer_size 32
STAT curr_items 0
STAT total_items 0
STAT bytes 0
STAT curr_connections 3
STAT total_connections 38
STAT connection_structures 6
STAT cmd_get 32888100
STAT cmd_set 0
STAT get_hits 0
STAT get_misses 32888100
STAT evictions 0
STAT bytes_read 235700535
STAT bytes_written 71280193
STAT limit_maxbytes 3165650944
STAT threads 1
END
stats settings
ERROR

-593371370 | 2024-05-10T06:30:01.807950

11211 / udp

STAT pid 1892
STAT uptime 1103525
STAT time 1715322601
STAT version 1.2.6
STAT pointer_size 32
STAT curr_items 6
STAT total_items 83880
STAT bytes 6291353
STAT curr_connections 2
STAT total_connections 515
STAT connection_structures 6
STAT cmd_get 16018861
STAT cmd_set 967246
STAT get_hits 11492247
STAT get_misses 4526614
STAT evictions 0
STAT bytes_read 296556564
STAT bytes_written 830930402
STAT limit_maxbytes 3165650944
STAT threads 1
END

120.25.192.219

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

977812442 | 2024-05-28T04:41:16.945599
21 / tcp

176270573 | 2024-05-31T17:15:07.881414
80 / tcp

Microsoft IIS httpd7.5

-99469354 | 2024-05-08T20:30:11.333437
3389 / tcp

Remote Desktop Protocol

176270573 | 2024-05-22T10:17:46.815816
8001 / tcp

Microsoft IIS httpd7.5

1429722493 | 2024-05-28T14:39:53.007273
11211 / tcp

Memcached1.2.6

-593371370 | 2024-05-10T06:30:01.807950
11211 / udp

Products

Pricing

Contact Us

120.25.192.219

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

977812442 | 2024-05-28T04:41:16.945599 21 / tcp

176270573 | 2024-05-31T17:15:07.881414 80 / tcp

Microsoft IIS httpd7.5

-99469354 | 2024-05-08T20:30:11.333437 3389 / tcp

Remote Desktop Protocol

176270573 | 2024-05-22T10:17:46.815816 8001 / tcp

Microsoft IIS httpd7.5

1429722493 | 2024-05-28T14:39:53.007273 11211 / tcp

Memcached1.2.6

-593371370 | 2024-05-10T06:30:01.807950 11211 / udp

Products

Pricing

Contact Us

977812442 | 2024-05-28T04:41:16.945599
21 / tcp

176270573 | 2024-05-31T17:15:07.881414
80 / tcp

-99469354 | 2024-05-08T20:30:11.333437
3389 / tcp

176270573 | 2024-05-22T10:17:46.815816
8001 / tcp

1429722493 | 2024-05-28T14:39:53.007273
11211 / tcp

-593371370 | 2024-05-10T06:30:01.807950
11211 / udp