GeneralInformation

Country	United States
City	San Jose
Organization	PEG TECH INC
ISP	PEG TECH INC
ASN	AS54600
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

034(1)

MS15-034

10HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."

2015(1)

CVE-2015-1635

2014(1)

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 80 3306 5985

21 / tcp

-1521289231 | 2025-03-19T16:49:17.750833

220 FileZilla Server version 0.9.46 beta written by Tim Kosse (Tim.Kosse@gmx.de) Please visit http://sourceforge.
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
211 End

80 / tcp

1138219898 | 2025-03-24T03:06:29.719847

Hashes

hash

-1268183705

http.dom_hash

-1389411298

http.html_hash

1138219898

http.server_hash

-945770239

http.title_hash

-1871926727

IIS Windows Server

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 27 Feb 2025 05:04:11 GMT
Accept-Ranges: bytes
ETag: "55fff49d588db1:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 24 Mar 2025 03:06:29 GMT
Content-Length: 701

Vulnerabilities

3306 / tcp

923442282 | 2025-03-12T22:35:42.782777

MySQL:
  Error Message: Host '224.169.13.38' is not allowed to connect to this MySQL server
  Error Code: 1130

5985 / tcp

1489525118 | 2025-03-14T11:45:50.988104

Hashes

hash

206701438

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 14 Mar 2025 11:45:50 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: S202501161517
  NetBIOS Domain Name: S202501161517
  NetBIOS Computer Name: S202501161517
  DNS Domain Name: S202501161517
  FQDN: S202501161517

107.149.52.103

Last Seen: 2025-03-24

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

-1521289231 | 2025-03-19T16:49:17.750833

80 / tcp

1138219898 | 2025-03-24T03:06:29.719847

Hashes

Microsoft IIS httpd8.5

3306 / tcp

923442282 | 2025-03-12T22:35:42.782777

MySQL

5985 / tcp

1489525118 | 2025-03-14T11:45:50.988104

Hashes

WinRM

Products

Pricing

Contact Us

107.149.52.103

Last Seen: 2025-03-24

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

21 / tcp -1521289231 | 2025-03-19T16:49:17.750833

80 / tcp 1138219898 | 2025-03-24T03:06:29.719847

Hashes

Microsoft IIS httpd8.5

3306 / tcp 923442282 | 2025-03-12T22:35:42.782777

MySQL

5985 / tcp 1489525118 | 2025-03-14T11:45:50.988104

Hashes

WinRM

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-1521289231 | 2025-03-19T16:49:17.750833

80 / tcp

1138219898 | 2025-03-24T03:06:29.719847

3306 / tcp

923442282 | 2025-03-12T22:35:42.782777

5985 / tcp

1489525118 | 2025-03-14T11:45:50.988104