GeneralInformation

Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

CVE-2019-0708

10.0A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

OpenPorts

21 80 137 3306 3389

1429503136 | 2024-05-30T06:27:55.543094

21 / tcp

220 Microsoft FTP Service
530 User anonymous cannot log in.
214-The following  commands are recognized(* ==>'s unimplemented).
   ABOR 
   ACCT 
   ALLO 
   APPE 
   CDUP 
   CWD  
   DELE 
   FEAT 
   HELP 
   LIST 
   MDTM 
   MKD  
   MODE 
   NLST 
   NOOP 
   OPTS 
   PASS 
   PASV 
   PORT 
   PWD  
   QUIT 
   REIN 
   REST 
   RETR 
   RMD  
   RNFR 
   RNTO 
   SITE 
   SIZE 
   SMNT 
   STAT 
   STOR 
   STOU 
   STRU 
   SYST 
   TYPE 
   USER 
   XCUP 
   XCWD 
   XMKD 
   XPWD 
   XRMD 
214  HELP command successful.
530 Please login with USER and PASS.

360478453 | 2024-05-31T23:29:49.452067

80 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Fri, 31 May 2024 23:29:48 GMT
Connection: close
Content-Length: 39

1425884679 | 2024-05-26T16:55:06.078030

137 / udp

NetBIOS Response:
  Server Name: WYHA000147
  MAC Address: 00:16:3E:00:2F:7D
  Names:
    WYHA000147 <0x0>
    HICHINA <0x0>
    WYHA000147 <0x20>
  Additional Interfaces:
    169.254.25.129
    172.16.22.237

MAC Addresses

00:16:3E:00:2F:7D
    OUI: 00:16:3E
    Organization: Xensource, Inc.
    Assignment: MA-L
    Registration Date: 2005-10-29

427073754 | 2024-05-29T00:01:38.739685

3306 / tcp

>\x00\x00\x00\n5.1.58-community\x00\x0eV\x00\x00YSsj;\'QA\x00\xff\xf7\x08\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x003x(Zn<~*O4Q{\x00

-1307034093 | 2024-05-28T22:00:46.234268

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x03\x00\x08\x00\x02\x00\x00\x00

ETH 0) XK

121.41.226.161

Last Seen: 2024-05-31

GeneralInformation

Vulnerabilities

OpenPorts

1429503136 | 2024-05-30T06:27:55.543094
21 / tcp

Microsoft ftpd

360478453 | 2024-05-31T23:29:49.452067
80 / tcp

1425884679 | 2024-05-26T16:55:06.078030
137 / udp

427073754 | 2024-05-29T00:01:38.739685
3306 / tcp

MySQL5.1.58-community

-1307034093 | 2024-05-28T22:00:46.234268
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

121.41.226.161

Last Seen: 2024-05-31

GeneralInformation

Vulnerabilities

OpenPorts

1429503136 | 2024-05-30T06:27:55.543094 21 / tcp

Microsoft ftpd

360478453 | 2024-05-31T23:29:49.452067 80 / tcp

1425884679 | 2024-05-26T16:55:06.078030 137 / udp

427073754 | 2024-05-29T00:01:38.739685 3306 / tcp

MySQL5.1.58-community

-1307034093 | 2024-05-28T22:00:46.234268 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

1429503136 | 2024-05-30T06:27:55.543094
21 / tcp

360478453 | 2024-05-31T23:29:49.452067
80 / tcp

1425884679 | 2024-05-26T16:55:06.078030
137 / udp

427073754 | 2024-05-29T00:01:38.739685
3306 / tcp

-1307034093 | 2024-05-28T22:00:46.234268
3389 / tcp