GeneralInformation

Hostnames	dup-201-111-115-56.prod-dial.com.mx
Domains	prod-dial.com.mx
Country	Mexico
City	Veracruz
ISP	UNINET
ASN	AS8151
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 53 80 81 88 389 3050 3306 3389 5985 8060

705380116 | 2024-04-01T17:47:52.310366

21 / tcp

220 Microsoft FTP Service
530 User cannot log in, home directory inaccessible.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

-553166942 | 2024-04-09T07:14:23.634993

53 / udp

Recursion: enabled

1138219898 | 2024-04-09T04:01:40.705135

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 26 Oct 2015 02:07:07 GMT
Accept-Ranges: bytes
ETag: "5d6f69493fd11:0"
Server: Microsoft-IIS/8.5
Date: Tue, 09 Apr 2024 03:36:00 GMT
Content-Length: 701

1055806297 | 2024-03-20T17:59:11.757218

81 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=iso-8859-1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=Edge
Date: Wed, 20 Mar 2024 17:59:10 GMT
Content-Length: 11203

2092830813 | 2024-04-10T11:15:22.153484

88 / udp

Microsoft Windows Kerberos
Server Time: 2024-04-10 10:49:40Z

1515745675 | 2024-04-09T10:06:46.100834

389 / tcp

LDAP:
  CurrentTime: 20240409094105.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL
  DsServiceName: CN=NTDS Settings,CN=SERVERNP30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=FOLIO30,DC=LOCAL
  NamingContexts:
    CN=Configuration,DC=FOLIO30,DC=LOCAL
    CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL
    DC=DomainDnsZones,DC=FOLIO30,DC=LOCAL
    DC=FOLIO30,DC=LOCAL
    DC=ForestDnsZones,DC=FOLIO30,DC=LOCAL
  DefaultNamingContext: DC=FOLIO30,DC=LOCAL
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL
  ConfigurationNamingContext: CN=Configuration,DC=FOLIO30,DC=LOCAL
  RootDomainNamingContext: DC=FOLIO30,DC=LOCAL
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 26794937
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: SERVERNP30.FOLIO30.LOCAL
  LdapServiceName: FOLIO30.LOCAL:servernp30$@FOLIO30.LOCAL
  ServerName: CN=SERVERNP30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=FOLIO30,DC=LOCAL
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

-1873288591 | 2024-03-21T05:13:09.273919

389 / udp

0\x84\x00\x00\x0bV\x02\x01\x07d\x84\x00\x00\x0bM\x04\x000\x84\x00\x00\x0bE0\x84\x00\x00\x00&\x04\x0bcurrentTime1\x84\x00\x00\x00\x13\x04\x1120240321044735.0Z0\x84\x00\x00\x00V\x04\x11subschemaSubentry1\x84\x00\x00\x00=\x04;CN=Aggregate,CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x00\x89\x04\rdsServiceName1\x84\x00\x00\x00t\x04rCN=NTDS Settings,CN=SERVERNP30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x00\xcf\x04\x0enamingContexts1\x84\x00\x00\x00\xb9\x04\x13DC=FOLIO30,DC=LOCAL\x04$CN=Configuration,DC=FOLIO30,DC=LOCAL\x04.CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL\x04%DC=DomainDnsZones,DC=FOLIO30,DC=LOCAL\x04%DC=ForestDnsZones,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x001\x04\x14defaultNamingContext1\x84\x00\x00\x00\x15\x04\x13DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x00K\x04\x13schemaNamingContext1\x84\x00\x00\x000\x04.CN=Schema,CN=Configuration,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x00H\x04\x1aconfigurationNamingContext1\x84\x00\x00\x00&\x04$CN=Configuration,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x004\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x15\x04\x13DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x03\xa9\x04\x10supportedControl1\x84\x00\x00\x03\x91\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.8408\x06\x00\x00\xe3\xc1\xfbe\xe7\x0c\x99\x1b\xdc\x05\x00\x00\xdc\x05\x00\x00\x01\x00\x00 V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x04\x00\x00\x00\x01\x00\x00\x06\xa06\x9f\xdeq&\x8ei\xcfZ\xf4\x0e\t\x1c\x95\xb0 ,\xc5\xb4/\xb4A\xeb`\x12\xec\xf4\xbb\xe6\x9d\x10\xa06\x9f\xdeq&\x08\x00EH\x05\xceN\xea\x00\xb8v\x11\xef#\xc9os8\xcfZ\xf4\x0e.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.2.840.113556.1.4.2066\x04\x171.2.840.113556.1.4.2090\x04\x171.2.840.113556.1.4.2205\x04\x171.2.840.113556.1.4.2204\x04\x171.2.840.113556.1.4.2206\x04\x171.2.840.113556.1.4.2211\x04\x171.2.840.113556.1.4.2239\x04\x171.2.840.113556.1.4.2255\x04\x171.2.840.113556.1.4.22560\x84\x00\x00\x00"\x04\x14supportedLDAPVersion1\x84\x00\x00\x00\x06\x04\x013\x04\x0120\x84\x00\x00\x01\x86\x04\x15supportedLDAPPolicies1\x84\x00\x00\x01i\x04\x0eMaxPoolThreads\x04\x19MaxPercentDirSyncRequests\x04\x0fMaxDatagramRecv\x04\x10MaxReceiveBuffer\x04\x0fInitRecvTimeout\x04\x0eMaxConnections\x04\x0fMaxConnIdleTime\x04\x0bMaxPageSize\x04\x16MaxBatchReturnMessages\x04\x10MaxQueryDuration\x04\x10MaxTempTableSize\x04\x10MaxResultSetSize\x04\rMinResultSets\x04\x14MaxResultSetsPerConn\x04\x16MaxNotificationPerConn\x04\x0bMaxValRange\x04\x15MaxValRangeTransitive\x04\x11ThreadMemoryLimit\x04\x18SystemMemoryLimitPercent0\x84\x00\x00\x00%\x04\x13highestCommittedUSN1\x84\x00\x00\x00\n\x04\x08254557460\x84\x00\x00\x00I\x04\x17supportedSASLMechanisms1\x84\x00\x00\x00*\x04\x06GSSAPI\x04\nGSS-SPNEGO\x04\x08EXTERNAL\x04\nDIGEST-MD50\x84\x00\x00\x00-\x04\x0bdnsHostName1\x84\x00\x00\x00\x1a\x04\x18SERVERNP30.FOLIO30.LOCAL0\x84\x00\x00\x00@\x04\x0fldapServiceName1\x84\x00\x00\x00)\x04\'FOLIO30.LOCAL:servernp30$@FOLIO30.LOCAL0\x84\x00\x00\x00u\x04\nserverName1\x84\x00\x00\x00c\x04aCN=SERVERNP30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=FOLIO30,DC=LOCAL0\x84\x00\x00\x00\xb2\x04\x15supportedCapabilities1\x84\x00\x00\x00\x95\x04\x161.2.840.113556.1.4.800\x04\x171.2.840.113556.1.4.1670\x04\x171.2.840.113556.1.4.1791\x04\x171.2.840.113556.1.4.1935\x04\x171.2.840.113556.1.4.2080\x04\x171.2.840.113556.1.4.22370\x84\x00\x00\x00\x1c\x04\x0eisSynchronized1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00"\x04\x14isGlobalCatalogReady1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00\x1e\x04\x13domainFuncti

1730208901 | 2024-04-09T15:35:11.699248

3050 / tcp

\x00\x00\x00\x03\x00\x00\x00\n\x00\x00\x00\x01\x00\x00\x00\x03

2131906928 | 2024-03-21T18:03:22.534302

3306 / tcp

MySQL:
  Error Message: Host '224.88.78.13' is not allowed to connect to this MySQL server
  Error Code: 1130

-338823274 | 2024-03-19T18:45:25.139212

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: FOLIO30
  NetBIOS Domain Name: FOLIO30
  NetBIOS Computer Name: SERVERNP30
  DNS Domain Name: FOLIO30.LOCAL
  DNS Tree Name: FOLIO30.LOCAL
  FQDN: SERVERNP30.FOLIO30.LOCAL

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:17:27:f3:d4:65:24:ba:40:39:bc:20:9e:11:24:77
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=SERVERNP30.FOLIO30.LOCAL
        Validity
            Not Before: Nov 27 14:03:58 2023 GMT
            Not After : May 28 14:03:58 2024 GMT
        Subject: CN=SERVERNP30.FOLIO30.LOCAL
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ba:52:75:22:c6:5a:fd:85:3e:db:bf:9d:a9:96:
                    00:d0:6b:a5:a5:40:5c:20:5a:bd:e9:70:33:05:69:
                    ac:92:56:d0:26:53:83:89:b6:d4:ed:b2:9c:d5:fd:
                    fa:50:a0:db:ef:23:9c:d8:a6:89:52:1e:5c:53:96:
                    9f:a8:a3:0f:82:f9:2b:a2:4e:7b:f7:43:3c:f3:c3:
                    b6:52:a6:5e:c2:2d:36:31:f2:42:7e:68:24:80:c8:
                    dd:18:ca:35:12:4a:0d:c7:5e:3b:20:94:4c:b7:59:
                    4d:88:31:99:aa:3d:f9:79:69:78:54:b8:4f:df:d7:
                    07:14:48:fa:4d:e9:f0:d8:f6:67:2d:33:c5:02:d0:
                    4e:f3:a8:3f:83:5d:61:5a:11:f1:ce:2b:05:50:55:
                    52:df:9e:a3:fa:38:b9:7b:2e:61:7b:24:be:8c:95:
                    e6:01:08:83:5c:42:5c:0f:f7:a9:bb:43:8b:5c:36:
                    d1:56:1b:ff:f6:62:ca:7a:10:fa:86:1a:3b:f2:7e:
                    bf:fe:7d:72:d7:01:9f:3b:7b:f8:66:8d:f3:da:7a:
                    1f:6b:95:a0:ac:70:19:99:dc:a6:69:b6:8e:be:07:
                    dd:ae:c4:69:ba:6f:d0:8c:9f:10:21:86:3f:a8:3f:
                    0a:c6:7b:21:aa:63:c1:94:b4:3e:a8:fb:4b:27:ea:
                    01:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        58:4d:de:b5:c8:4a:3a:0c:81:19:a7:8e:1d:a8:74:fc:86:c4:
        d4:19:d3:42:38:ce:c0:01:f8:7b:84:d7:c7:50:fc:6b:ca:19:
        a0:84:69:7d:3c:4a:75:bb:3e:d2:f1:5d:85:2e:e9:b3:3e:85:
        06:81:ab:20:56:23:f1:09:9e:63:52:31:99:a2:db:c6:1e:a2:
        ce:58:8f:1b:06:08:ca:d1:7e:f1:d8:4c:f5:8c:69:5d:3c:95:
        1f:5e:25:29:e3:6a:4f:ee:1d:5f:4d:ed:f6:d6:57:3e:ff:50:
        3a:71:30:5f:61:ed:43:1e:76:43:e1:c9:d3:c3:08:cf:91:21:
        e4:84:30:cf:2a:7b:62:3a:9d:0d:9c:7f:14:84:4c:b4:04:5d:
        29:c0:0e:0d:f7:64:32:31:50:3f:90:c2:1a:f5:0e:59:16:83:
        39:48:0f:96:c6:e1:a1:49:c8:69:0a:d5:09:c1:74:77:8e:ca:
        ca:23:49:2b:57:54:38:ec:2b:b1:7f:8c:8e:e5:2d:49:15:24:
        d5:89:6e:74:a1:c0:27:44:6f:2b:18:eb:ae:3c:de:84:5f:98:
        dc:a9:09:aa:cf:27:a2:5d:24:10:0d:1f:04:d6:99:ae:40:3c:
        f3:93:78:1c:34:21:04:dc:a4:d3:c0:16:a3:fe:f8:a5:8e:08:
        82:2b:e0:27

1489525118 | 2024-03-24T02:32:02.507044

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 24 Mar 2024 02:06:27 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: FOLIO30
  NetBIOS Domain Name: FOLIO30
  NetBIOS Computer Name: SERVERNP30
  DNS Domain Name: FOLIO30.LOCAL
  DNS Tree Name: FOLIO30.LOCAL
  FQDN: SERVERNP30.FOLIO30.LOCAL

-1539650452 | 2024-04-02T10:31:39.773786

8060 / tcp

HTTP/1.1 407 Proxy Authentication Required
Content-Length: 29
Content-Type: text/plain

201.111.115.56

Last Seen: 2024-04-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

705380116 | 2024-04-01T17:47:52.310366
21 / tcp

Microsoft ftpd

-553166942 | 2024-04-09T07:14:23.634993
53 / udp

1138219898 | 2024-04-09T04:01:40.705135
80 / tcp

Microsoft IIS httpd8.5

1055806297 | 2024-03-20T17:59:11.757218
81 / tcp

Microsoft IIS httpd10.0

2092830813 | 2024-04-10T11:15:22.153484
88 / udp

Windows 2003 Kerberos

1515745675 | 2024-04-09T10:06:46.100834
389 / tcp

-1873288591 | 2024-03-21T05:13:09.273919
389 / udp

1730208901 | 2024-04-09T15:35:11.699248
3050 / tcp

Firebird RDBMSProtocol version 10

2131906928 | 2024-03-21T18:03:22.534302
3306 / tcp

MySQL

-338823274 | 2024-03-19T18:45:25.139212
3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-03-24T02:32:02.507044
5985 / tcp

WinRM

-1539650452 | 2024-04-02T10:31:39.773786
8060 / tcp

Products

Pricing

Contact Us

201.111.115.56

Last Seen: 2024-04-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

705380116 | 2024-04-01T17:47:52.310366 21 / tcp

-553166942 | 2024-04-09T07:14:23.634993 53 / udp

1138219898 | 2024-04-09T04:01:40.705135 80 / tcp

1055806297 | 2024-03-20T17:59:11.757218 81 / tcp

2092830813 | 2024-04-10T11:15:22.153484 88 / udp

1515745675 | 2024-04-09T10:06:46.100834 389 / tcp

-1873288591 | 2024-03-21T05:13:09.273919 389 / udp

1730208901 | 2024-04-09T15:35:11.699248 3050 / tcp

2131906928 | 2024-03-21T18:03:22.534302 3306 / tcp

-338823274 | 2024-03-19T18:45:25.139212 3389 / tcp

1489525118 | 2024-03-24T02:32:02.507044 5985 / tcp

-1539650452 | 2024-04-02T10:31:39.773786 8060 / tcp

Products

Pricing

Contact Us

705380116 | 2024-04-01T17:47:52.310366
21 / tcp

-553166942 | 2024-04-09T07:14:23.634993
53 / udp

1138219898 | 2024-04-09T04:01:40.705135
80 / tcp

1055806297 | 2024-03-20T17:59:11.757218
81 / tcp

2092830813 | 2024-04-10T11:15:22.153484
88 / udp

1515745675 | 2024-04-09T10:06:46.100834
389 / tcp

-1873288591 | 2024-03-21T05:13:09.273919
389 / udp

1730208901 | 2024-04-09T15:35:11.699248
3050 / tcp

2131906928 | 2024-03-21T18:03:22.534302
3306 / tcp

-338823274 | 2024-03-19T18:45:25.139212
3389 / tcp

1489525118 | 2024-03-24T02:32:02.507044
5985 / tcp

-1539650452 | 2024-04-02T10:31:39.773786
8060 / tcp