GeneralInformation

Hostnames	mail.yxsya.com
Domains	yxsya.com
Country	Hong Kong
City	Hong Kong
Organization	Yisu Cloud Ltd
ISP	YISU CLOUD LTD
ASN	AS142403

WebTechnologies

JavaScript libraries

jQuery

jQuery UI

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

25 80 110 135 137 143 443 445 465 587 995 3306 3389 5800 5900 5985

25 / tcp

-715565069 | 2025-01-04T16:11:45.402979

220 YISU-65FFD7CADF ESMTP
250-YISU-65FFD7CADF
250-SIZE 20480000
250-AUTH LOGIN
250 HELP

80 / tcp

1258736820 | 2025-01-05T17:05:16.614439

Hashes

hash

-1501340308

http.dom_hash

-1293328692

http.favicon.hash

1991799795

http.html_hash

1258736820

http.server_hash

-967460255

mail :: 欢迎使用 mail

HTTP/1.1 200 OK
Server: nginx/1.15.11
Date: Sun, 05 Jan 2025 17:05:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.3
Set-Cookie: roundcube_sessid=8abermpke4n2f66qddj3a2bv3e; path=/; HttpOnly
Expires: Sun, 05 Jan 2025 17:05:14 GMT
Last-Modified: Sun, 05 Jan 2025 17:05:14 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: sameorigin
Content-Language: zh

110 / tcp

-1283034168 | 2025-01-17T10:50:45.443796

+OK POP3
+OK CAPA list follows
USER
UIDL
TOP
.

135 / tcp

314303148 | 2025-01-17T08:33:56.750135

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 156.236.70.180:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\YISU-65FFD7CADF\PIPE\InitShutdown
  ncalrpc: WMsgKRpc048CD0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\YISU-65FFD7CADF\PIPE\InitShutdown
  ncalrpc: WMsgKRpc048CD0
  ncalrpc: WMsgKRpc04A4A1
  ncalrpc: WMsgKRpc04EE0E2

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: LRPC-eec147808d9e934273
  ncacn_np: \\YISU-65FFD7CADF\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-eec147808d9e934273
  ncacn_np: \\YISU-65FFD7CADF\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncacn_np: \\YISU-65FFD7CADF\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LSMApi
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-1d30541b8b97845d0f
  ncalrpc: actkernel
  ncalrpc: umpo
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-b705cb047ad8c9d32d
  ncacn_ip_tcp: 156.236.70.180:49153
  ncacn_np: \\YISU-65FFD7CADF\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-b705cb047ad8c9d32d
  ncacn_ip_tcp: 156.236.70.180:49153
  ncacn_np: \\YISU-65FFD7CADF\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-b705cb047ad8c9d32d
  ncacn_ip_tcp: 156.236.70.180:49153
  ncacn_np: \\YISU-65FFD7CADF\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 156.236.70.180:49153
  ncacn_np: \\YISU-65FFD7CADF\pipe\eventlog
  ncalrpc: eventlog

8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: appmgmts.dll
  ncalrpc: LRPC-14b4f0349698fc077c

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\YISU-65FFD7CADF\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-3e4716d523234bb4f9
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\YISU-65FFD7CADF\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-3e4716d523234bb4f9
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\YISU-65FFD7CADF\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-3e4716d523234bb4f9
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\YISU-65FFD7CADF\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-3e4716d523234bb4f9
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-3e4716d523234bb4f9
  ncacn_np: \\YISU-65FFD7CADF\PIPE\srvsvc
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 156.236.70.180:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\YISU-65FFD7CADF\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLEF269314F1EF3D0C0B135CE37C92E
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-a78ef4f31221c2c060

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\YISU-65FFD7CADF\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-62861ef06cfa012d7a
  ncalrpc: OLE3446AAA46A5C820F21410ECF6F36

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-62861ef06cfa012d7a
  ncalrpc: OLE3446AAA46A5C820F21410ECF6F36

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-ced551db6a745b363b

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-7484ac74044ed66567
  ncalrpc: LRPC-69d928c7cbd2ed0838

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-7484ac74044ed66567
  ncalrpc: LRPC-69d928c7cbd2ed0838

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-7484ac74044ed66567
  ncalrpc: LRPC-69d928c7cbd2ed0838

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-69d928c7cbd2ed0838

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\YISU-65FFD7CADF\PIPE\wkssvc
  ncalrpc: LRPC-8fe08dc66189f09924
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-8fe08dc66189f09924
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-8fe08dc66189f09924
  ncalrpc: DNSResolver

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-b465c678f30b633297
  ncalrpc: LRPC-b465c678f30b633297
  ncalrpc: LRPC-b465c678f30b633297

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 156.236.70.180:49156

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 156.236.70.180:49157

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 156.236.70.180:49164
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\YISU-65FFD7CADF\pipe\lsass

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc04EE0E2

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-7d5e6b8f676bf0ba90

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  annotation: Network Connection Broker server endpoint
  ncalrpc: LRPC-70b074b3afd8dbdcc6
  ncalrpc: OLE17B44C1935C24CF87BD7D25CAD14
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-70b074b3afd8dbdcc6
  ncalrpc: OLE17B44C1935C24CF87BD7D25CAD14
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  annotation: Network Connection Broker server endpoint for NCB Reset module
  ncalrpc: OLE17B44C1935C24CF87BD7D25CAD14
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API

137 / udp

-1323298354 | 2025-01-10T20:16:02.940195

NetBIOS Response:
  Server Name: YISU-65FFD7CADF
  MAC Address: 52:54:00:22:65:54
  Names:
    YISU-65FFD7CADF <0x0>
    YISU8565FFD7 <0x0>
    YISU-65FFD7CADF <0x20>

MAC Addresses

52:54:00:22:65:54
    Unknown

143 / tcp

27672397 | 2025-01-19T07:43:30.162313

* OK IMAPrev1
* CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk
A001 OK CAPABILITY completed
A002 BAD Unknown or NULL command
A003 BAD Unknown or NULL command
* BYE Have a nice day
A004 OK Logout completed

443 / tcp

-451778385 | 2025-01-20T07:24:05.827271

Hashes

hash

117991882

http.dom_hash

-1293328692

http.favicon.hash

1991799795

http.html_hash

-451778385

http.server_hash

-967460255

mail :: 欢迎使用 mail

HTTP/1.1 200 OK
Server: nginx/1.15.11
Date: Mon, 20 Jan 2025 07:24:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.3
Set-Cookie: roundcube_sessid=mobo6lj4vahde0itg3q9q0drh3; path=/; secure; HttpOnly
Expires: Mon, 20 Jan 2025 07:24:04 GMT
Last-Modified: Mon, 20 Jan 2025 07:24:04 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: sameorigin
Content-Language: zh

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:66:db:ca:2f:64:36:03:c5:1a:1b:d7:51:4c:94:38:f4:58
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Jan  6 15:36:29 2025 GMT
            Not After : Apr  6 15:36:28 2025 GMT
        Subject: CN=mail.yxsya.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:0f:d9:da:85:1a:af:35:13:c6:2c:df:97:bd:
                    63:c3:86:74:d3:cc:d1:a5:0d:7b:4b:35:17:62:32:
                    ce:08:fe:46:a1:02:c5:e5:f6:20:dd:56:6f:5d:a8:
                    9f:e8:f6:fb:c5:17:47:0a:98:51:b7:3f:90:36:44:
                    97:49:77:f4:f7:84:4f:2a:c8:1d:09:15:5c:a1:22:
                    c5:e7:c1:54:b6:67:48:80:ad:35:4a:23:0a:0b:87:
                    39:7a:4b:29:47:5e:c6:54:2f:9c:84:ff:96:2e:4c:
                    e4:a1:12:09:e1:90:8a:6f:6c:ea:97:ee:8d:7b:9d:
                    b8:16:50:48:96:00:a1:13:49:e4:74:96:98:af:7e:
                    cb:95:e0:80:3b:a3:5e:87:6b:e5:30:4d:f3:87:15:
                    b0:ca:d9:8e:38:ca:eb:c6:df:1d:b3:b1:79:7e:64:
                    66:64:2e:4a:a5:69:00:fe:d9:d7:90:1d:8f:8a:df:
                    ed:3e:19:93:7a:e6:cf:bd:b6:40:2f:66:55:4e:32:
                    bf:87:8a:d8:1c:dd:45:ca:e7:ab:bd:8d:e1:fb:2c:
                    aa:4e:6e:29:dc:2d:9d:d6:71:65:09:cf:27:bd:4b:
                    f6:57:72:af:77:5a:d2:63:12:84:e8:6a:17:87:c3:
                    2d:7e:5a:62:36:19:4e:89:60:bd:c8:44:df:11:0e:
                    a9:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                4F:01:82:32:C6:12:9D:AE:CF:85:8E:CE:3E:6D:4F:87:11:90:18:C2
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:mail.yxsya.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan  6 16:34:59.323 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:20:68:CC:51:6F:68:4B:32:90:BF:F1:1E:
                                17:01:C1:67:1F:12:07:19:A7:02:3F:6C:95:69:FD:C5:
                                F3:EE:0E:91:02:20:61:87:8E:27:1E:E1:44:E4:6E:A1:
                                85:66:96:A6:35:AD:1E:7B:DB:FB:60:76:9C:DC:A8:F8:
                                9D:5D:9B:DF:69:A1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Jan  6 16:34:59.341 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1B:86:44:95:33:06:A4:74:95:7A:BB:C2:
                                EE:50:0D:61:BB:D3:91:C8:0C:41:33:5B:A6:01:1B:FB:
                                67:AA:9E:2F:02:21:00:C7:6C:F5:19:82:BD:17:1D:E1:
                                87:C4:86:C7:CD:9B:1A:17:AA:8C:A6:BD:81:E1:96:3F:
                                E8:22:74:13:FA:0A:AD
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        55:bb:ef:65:e0:04:09:e2:45:9f:6d:96:11:ee:a6:88:52:ee:
        03:7d:b9:1e:4c:e0:51:80:7e:2e:1c:d8:ee:6a:10:c6:f0:84:
        1a:a4:ab:7b:d4:6d:52:10:ac:a0:33:f8:06:47:72:e2:5d:23:
        0f:1e:ad:1e:e6:07:7f:d3:5b:a9:b2:d3:b6:8b:69:16:c5:74:
        58:01:83:a3:3e:69:20:7d:b7:32:ac:e7:d3:29:a0:33:fc:39:
        4a:bf:14:0a:06:39:79:01:d9:f3:75:08:85:e4:69:0b:46:89:
        af:7e:6b:04:dd:36:00:bc:fd:51:51:c3:8d:ee:66:2d:51:dd:
        0b:2a:1d:76:12:8c:49:e9:3a:e2:ce:93:97:c4:bc:91:e6:76:
        c1:f4:5d:ed:f7:2a:fc:0b:75:98:43:b7:2c:54:2b:68:91:18:
        3c:ed:74:95:e2:ed:8f:26:7d:ac:91:93:bd:d5:e4:f5:9f:d6:
        bf:49:39:8d:cb:d9:10:fd:dd:a0:c9:6a:0b:1d:f1:ee:2a:22:
        ba:8e:72:44:35:23:5a:85:07:74:80:3b:e4:a4:e5:fe:78:92:
        2e:f7:df:de:92:20:62:c4:9e:28:eb:99:01:88:be:39:63:a1:
        e3:ff:ae:05:0b:56:c9:3c:eb:d6:58:4e:83:3d:4f:e8:b0:69:
        c2:46:9f:5a

445 / tcp

-1242801143 | 2025-01-17T13:41:30.682708

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Datacenter 9600
  Software: Windows Server 2012 R2 Datacenter 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

465 / tcp

-715565069 | 2025-01-20T01:01:23.970126

220 YISU-65FFD7CADF ESMTP
250-YISU-65FFD7CADF
250-SIZE 20480000
250-AUTH LOGIN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            f8:e1:f4:bf:f3:34:14:1f
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=cn, ST=sh, L=sh, O=sh.sh, OU=hwsjx.com, CN=sh/emailAddress=aaa@qq.com
        Validity
            Not Before: Mar 14 08:00:26 2022 GMT
            Not After : Mar 11 08:00:26 2032 GMT
        Subject: C=cn, ST=sh, L=sh, O=sh.sh, OU=hwsjx.com, CN=sh/emailAddress=aaa@qq.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:dc:db:b8:f2:f2:db:f5:f2:d3:9e:a7:b5:55:
                    9c:9a:d1:9d:5b:61:ac:b6:f9:e4:9e:1f:0c:a1:1b:
                    f6:ac:28:47:e0:28:42:ba:dd:11:ed:35:c8:61:4e:
                    45:94:f9:21:d1:cb:20:a4:54:46:69:7e:43:16:c8:
                    58:92:4f:26:99:0c:db:fa:8e:32:8c:48:96:4d:e3:
                    47:7f:f7:3b:7e:8e:28:75:47:64:fa:d7:07:b5:c1:
                    72:8e:5d:b1:c8:a6:f2:ed:40:5d:ab:c5:a2:e2:f8:
                    ab:3d:2e:ce:2a:de:9f:27:b8:2e:27:90:85:87:b3:
                    0f:ae:6a:8a:9b:f5:27:8f:1d:35:76:f1:e2:6c:41:
                    b9:37:e8:21:78:2c:2e:23:49:7b:f6:40:7d:e8:44:
                    22:cb:d9:cd:ee:fd:56:51:0e:6b:ef:ed:8a:14:be:
                    0e:9e:ff:91:8e:2e:61:ac:96:4b:00:a5:b7:13:0d:
                    6c:6e:5f:d9:56:ef:4c:fc:f0:6c:fb:1d:7a:23:7a:
                    74:a3:81:60:ad:60:ae:2f:26:3f:51:22:84:c7:b5:
                    7e:a5:59:ab:33:9d:96:dd:87:70:a1:07:dd:4e:7c:
                    08:8d:c6:cc:45:5b:03:01:6c:5f:b8:c5:1c:bd:9b:
                    23:61:8b:84:60:f0:bf:2c:d5:0a:21:2b:6e:b0:2b:
                    40:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                11:18:E7:A6:D5:CE:DF:90:4F:CD:2E:CC:91:A2:79:21:EA:C3:B5:76
            X509v3 Authority Key Identifier: 
                keyid:11:18:E7:A6:D5:CE:DF:90:4F:CD:2E:CC:91:A2:79:21:EA:C3:B5:76
                DirName:/C=cn/ST=sh/L=sh/O=sh.sh/OU=hwsjx.com/CN=sh/emailAddress=aaa@qq.com
                serial:F8:E1:F4:BF:F3:34:14:1F
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        1b:30:1b:90:74:27:8f:26:2e:a9:32:f7:bf:92:e0:0a:2d:f7:
        b1:43:51:0d:ba:e1:7c:59:71:9b:07:f9:d6:d8:7d:3b:65:6c:
        55:24:54:9b:48:9d:b5:da:6b:e9:22:db:a5:cb:a6:6c:19:d6:
        78:30:2c:6c:96:6e:6f:b4:a4:38:8c:98:d0:5c:34:33:17:25:
        78:73:0b:3d:b6:f0:c0:38:86:41:fe:2d:10:fe:76:c1:6a:c7:
        fe:69:e0:7c:73:21:f4:c7:61:5a:96:d8:8b:1d:5d:cf:3a:3c:
        3d:61:24:b9:7f:99:88:35:a6:53:9a:d5:e2:8f:cf:1b:b8:6f:
        c6:b8:2b:04:91:6b:50:c6:7e:4d:53:3d:5d:a5:62:7e:7b:26:
        dd:ae:ad:35:98:eb:0e:88:d5:3f:7e:21:81:62:79:63:32:41:
        9e:05:b9:4e:0e:e6:ce:ec:35:c5:08:13:e4:d3:1c:84:ac:db:
        69:3e:23:ac:07:80:93:04:94:fc:ee:e5:89:cf:87:56:cd:96:
        b6:5a:1b:5b:5d:78:f4:51:c6:ea:fe:1b:ac:cc:50:5d:b9:7d:
        f4:ee:b4:8b:86:24:5b:ae:28:9a:9c:69:1f:9b:69:c8:6c:c5:
        43:64:47:5a:b8:60:6f:a0:79:6e:9d:9a:53:e9:e0:4c:75:49:
        dd:58:9c:7a

587 / tcp

-715565069 | 2025-01-22T02:53:48.506135

220 YISU-65FFD7CADF ESMTP
250-YISU-65FFD7CADF
250-SIZE 20480000
250-AUTH LOGIN
250 HELP

995 / tcp

-1283034168 | 2024-12-31T04:20:45.030148

+OK POP3
+OK CAPA list follows
USER
UIDL
TOP
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            f8:e1:f4:bf:f3:34:14:1f
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=cn, ST=sh, L=sh, O=sh.sh, OU=hwsjx.com, CN=sh/emailAddress=aaa@qq.com
        Validity
            Not Before: Mar 14 08:00:26 2022 GMT
            Not After : Mar 11 08:00:26 2032 GMT
        Subject: C=cn, ST=sh, L=sh, O=sh.sh, OU=hwsjx.com, CN=sh/emailAddress=aaa@qq.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:dc:db:b8:f2:f2:db:f5:f2:d3:9e:a7:b5:55:
                    9c:9a:d1:9d:5b:61:ac:b6:f9:e4:9e:1f:0c:a1:1b:
                    f6:ac:28:47:e0:28:42:ba:dd:11:ed:35:c8:61:4e:
                    45:94:f9:21:d1:cb:20:a4:54:46:69:7e:43:16:c8:
                    58:92:4f:26:99:0c:db:fa:8e:32:8c:48:96:4d:e3:
                    47:7f:f7:3b:7e:8e:28:75:47:64:fa:d7:07:b5:c1:
                    72:8e:5d:b1:c8:a6:f2:ed:40:5d:ab:c5:a2:e2:f8:
                    ab:3d:2e:ce:2a:de:9f:27:b8:2e:27:90:85:87:b3:
                    0f:ae:6a:8a:9b:f5:27:8f:1d:35:76:f1:e2:6c:41:
                    b9:37:e8:21:78:2c:2e:23:49:7b:f6:40:7d:e8:44:
                    22:cb:d9:cd:ee:fd:56:51:0e:6b:ef:ed:8a:14:be:
                    0e:9e:ff:91:8e:2e:61:ac:96:4b:00:a5:b7:13:0d:
                    6c:6e:5f:d9:56:ef:4c:fc:f0:6c:fb:1d:7a:23:7a:
                    74:a3:81:60:ad:60:ae:2f:26:3f:51:22:84:c7:b5:
                    7e:a5:59:ab:33:9d:96:dd:87:70:a1:07:dd:4e:7c:
                    08:8d:c6:cc:45:5b:03:01:6c:5f:b8:c5:1c:bd:9b:
                    23:61:8b:84:60:f0:bf:2c:d5:0a:21:2b:6e:b0:2b:
                    40:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                11:18:E7:A6:D5:CE:DF:90:4F:CD:2E:CC:91:A2:79:21:EA:C3:B5:76
            X509v3 Authority Key Identifier: 
                keyid:11:18:E7:A6:D5:CE:DF:90:4F:CD:2E:CC:91:A2:79:21:EA:C3:B5:76
                DirName:/C=cn/ST=sh/L=sh/O=sh.sh/OU=hwsjx.com/CN=sh/emailAddress=aaa@qq.com
                serial:F8:E1:F4:BF:F3:34:14:1F
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        1b:30:1b:90:74:27:8f:26:2e:a9:32:f7:bf:92:e0:0a:2d:f7:
        b1:43:51:0d:ba:e1:7c:59:71:9b:07:f9:d6:d8:7d:3b:65:6c:
        55:24:54:9b:48:9d:b5:da:6b:e9:22:db:a5:cb:a6:6c:19:d6:
        78:30:2c:6c:96:6e:6f:b4:a4:38:8c:98:d0:5c:34:33:17:25:
        78:73:0b:3d:b6:f0:c0:38:86:41:fe:2d:10:fe:76:c1:6a:c7:
        fe:69:e0:7c:73:21:f4:c7:61:5a:96:d8:8b:1d:5d:cf:3a:3c:
        3d:61:24:b9:7f:99:88:35:a6:53:9a:d5:e2:8f:cf:1b:b8:6f:
        c6:b8:2b:04:91:6b:50:c6:7e:4d:53:3d:5d:a5:62:7e:7b:26:
        dd:ae:ad:35:98:eb:0e:88:d5:3f:7e:21:81:62:79:63:32:41:
        9e:05:b9:4e:0e:e6:ce:ec:35:c5:08:13:e4:d3:1c:84:ac:db:
        69:3e:23:ac:07:80:93:04:94:fc:ee:e5:89:cf:87:56:cd:96:
        b6:5a:1b:5b:5d:78:f4:51:c6:ea:fe:1b:ac:cc:50:5d:b9:7d:
        f4:ee:b4:8b:86:24:5b:ae:28:9a:9c:69:1f:9b:69:c8:6c:c5:
        43:64:47:5a:b8:60:6f:a0:79:6e:9d:9a:53:e9:e0:4c:75:49:
        dd:58:9c:7a

3306 / tcp

-2091545775 | 2025-01-18T17:45:32.887866

MySQL:
  Error Message: Host '224.154.132.130' is not allowed to connect to this MySQL server
  Error Code: 1130

3389 / tcp

-1434758269 | 2025-01-17T19:18:55.486778

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: YISU-65FFD7CADF
  NetBIOS Domain Name: YISU-65FFD7CADF
  NetBIOS Computer Name: YISU-65FFD7CADF
  DNS Domain Name: yisu-65ffd7cadf007
  FQDN: yisu-65ffd7cadf007

Administrator
am Windows Server 2012R2

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:cc:74:74:7e:82:6a:92:49:f2:5b:5f:42:21:55:d9
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=yisu-65ffd7cadf007
        Validity
            Not Before: Sep 26 20:48:14 2024 GMT
            Not After : Mar 28 20:48:14 2025 GMT
        Subject: CN=yisu-65ffd7cadf007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ab:80:39:91:5d:fb:9a:8b:0e:61:ec:36:3a:d0:
                    01:8a:2e:5a:dc:a9:c9:0a:33:48:7c:e3:52:cc:cc:
                    68:71:cb:aa:a1:ad:07:14:0a:c5:28:80:77:94:48:
                    16:c7:32:f0:2f:2b:30:02:2b:1c:d5:fb:33:d5:3a:
                    22:b4:03:a1:a7:b1:4d:50:80:e5:77:4a:76:bc:db:
                    a1:fb:0e:a2:1a:31:8b:16:4e:9a:c2:1b:96:94:f5:
                    ab:d6:99:81:e9:87:a5:e6:d1:04:f4:03:91:17:62:
                    a1:6e:5e:99:49:67:f1:32:f0:c9:01:f0:48:8e:be:
                    8e:9c:79:33:70:70:fc:92:8c:6c:8a:57:1b:0e:63:
                    b1:43:5f:b1:52:2b:53:62:0e:27:0c:3c:b6:ef:c2:
                    cd:59:cd:95:1b:15:38:c7:53:bd:55:59:f9:a4:c4:
                    a3:82:26:74:96:0e:e3:32:11:5c:97:95:5d:81:3a:
                    37:2f:90:ef:51:bd:c5:95:3b:26:0f:b3:46:f2:52:
                    bd:06:80:75:2d:4e:1a:5e:8b:de:16:22:ae:53:cb:
                    46:09:6a:c5:9a:9c:0e:37:6b:b3:8d:f2:71:3c:61:
                    03:0a:00:5f:14:cd:10:ff:7e:f7:9d:35:ff:3c:b5:
                    c5:cd:ef:b7:5e:be:d2:08:4e:54:83:29:7a:b8:7e:
                    33:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        69:55:d4:7d:76:10:89:15:3c:83:20:0f:f1:b6:10:32:35:8c:
        d8:21:8c:c1:e9:ab:7b:21:e7:79:30:79:91:1f:ed:73:de:5f:
        69:84:6b:ba:04:0c:19:f0:14:58:35:83:d3:46:0d:48:bf:99:
        c7:0f:dd:6b:99:1d:76:42:9f:de:c7:5e:39:b3:2f:91:ae:5d:
        89:6c:f4:41:08:dc:8e:db:d2:64:02:64:d9:6c:37:7f:3a:fd:
        e3:64:05:84:a8:48:90:d2:3e:45:4c:24:ab:c2:b6:38:de:f4:
        f0:83:6b:1b:91:07:0e:52:c1:52:6c:05:80:1f:ac:c7:52:24:
        b1:9c:56:0c:96:05:2b:eb:e9:64:f5:86:17:49:4e:96:ab:0a:
        30:15:8c:e7:b4:ff:07:11:51:66:fb:9f:42:96:9b:ad:60:70:
        26:95:9c:df:42:cd:cf:1d:de:50:c9:8d:4c:5b:d1:1c:db:8d:
        a6:25:ee:03:8d:8b:34:c0:5d:7f:66:e7:ec:16:be:fa:9d:39:
        2d:e6:d8:61:d1:d8:2a:e3:af:2b:d2:6b:1c:c9:7a:ae:51:45:
        85:dc:fa:06:60:de:86:7a:7f:08:a8:a9:55:cc:10:3e:16:35:
        9c:9b:ba:0c:1d:2b:fa:a6:a4:e8:9f:3b:4d:97:67:f5:01:82:
        9a:e5:22:bd

MAC Addresses

65:FF:D7:CA:DF:00
    Unknown

5800 / tcp

-771822497 | 2025-01-14T15:19:30.175762

Hashes

hash

-1212692304

http.dom_hash

-989836677

http.html_hash

-771822497

http.title_hash

1189338601

TightVNC desktop [yisu-65ffd7cadf]

HTTP/1.0 200 OK

5900 / tcp

1420214384 | 2025-01-14T15:19:33.394716

RFB 003.008

VNC:
  Protocol Version: 3.8
  Security Types:
    2: VNC Authentication
    16: Tight

5985 / tcp

1489525118 | 2025-01-18T19:07:50.440081

Hashes

hash

1658086125

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 18 Jan 2025 19:07:48 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: YISU-65FFD7CADF
  NetBIOS Domain Name: YISU-65FFD7CADF
  NetBIOS Computer Name: YISU-65FFD7CADF
  DNS Domain Name: yisu-65ffd7cadf007
  FQDN: yisu-65ffd7cadf007

156.236.70.180

Last Seen: 2025-01-22

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

25 / tcp

-715565069 | 2025-01-04T16:11:45.402979

80 / tcp

1258736820 | 2025-01-05T17:05:16.614439

Hashes

nginx1.15.11

110 / tcp

-1283034168 | 2025-01-17T10:50:45.443796

135 / tcp

314303148 | 2025-01-17T08:33:56.750135

Microsoft RPC Endpoint Mapper

137 / udp

-1323298354 | 2025-01-10T20:16:02.940195

143 / tcp

27672397 | 2025-01-19T07:43:30.162313

443 / tcp

-451778385 | 2025-01-20T07:24:05.827271

Hashes

nginx1.15.11

445 / tcp

-1242801143 | 2025-01-17T13:41:30.682708

465 / tcp

-715565069 | 2025-01-20T01:01:23.970126

587 / tcp

-715565069 | 2025-01-22T02:53:48.506135

995 / tcp

-1283034168 | 2024-12-31T04:20:45.030148

3306 / tcp

-2091545775 | 2025-01-18T17:45:32.887866

MySQL

3389 / tcp

-1434758269 | 2025-01-17T19:18:55.486778

Remote Desktop Protocol

5800 / tcp

-771822497 | 2025-01-14T15:19:30.175762

Hashes

TightVNC Java Viewer

5900 / tcp

1420214384 | 2025-01-14T15:19:33.394716

VNC

5985 / tcp

1489525118 | 2025-01-18T19:07:50.440081

Hashes

WinRM

Products

Pricing

Contact Us

156.236.70.180

Last Seen: 2025-01-22

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

25 / tcp -715565069 | 2025-01-04T16:11:45.402979

80 / tcp 1258736820 | 2025-01-05T17:05:16.614439

Hashes

110 / tcp -1283034168 | 2025-01-17T10:50:45.443796

135 / tcp 314303148 | 2025-01-17T08:33:56.750135

137 / udp -1323298354 | 2025-01-10T20:16:02.940195

143 / tcp 27672397 | 2025-01-19T07:43:30.162313

443 / tcp -451778385 | 2025-01-20T07:24:05.827271

Hashes

445 / tcp -1242801143 | 2025-01-17T13:41:30.682708

465 / tcp -715565069 | 2025-01-20T01:01:23.970126

587 / tcp -715565069 | 2025-01-22T02:53:48.506135

995 / tcp -1283034168 | 2024-12-31T04:20:45.030148

3306 / tcp -2091545775 | 2025-01-18T17:45:32.887866

3389 / tcp -1434758269 | 2025-01-17T19:18:55.486778

5800 / tcp -771822497 | 2025-01-14T15:19:30.175762

Hashes

5900 / tcp 1420214384 | 2025-01-14T15:19:33.394716

5985 / tcp 1489525118 | 2025-01-18T19:07:50.440081

Hashes

Products

Pricing

Contact Us

Vulnerabilities

25 / tcp

-715565069 | 2025-01-04T16:11:45.402979

80 / tcp

1258736820 | 2025-01-05T17:05:16.614439

110 / tcp

-1283034168 | 2025-01-17T10:50:45.443796

135 / tcp

314303148 | 2025-01-17T08:33:56.750135

137 / udp

-1323298354 | 2025-01-10T20:16:02.940195

143 / tcp

27672397 | 2025-01-19T07:43:30.162313

443 / tcp

-451778385 | 2025-01-20T07:24:05.827271

445 / tcp

-1242801143 | 2025-01-17T13:41:30.682708

465 / tcp

-715565069 | 2025-01-20T01:01:23.970126

587 / tcp

-715565069 | 2025-01-22T02:53:48.506135

995 / tcp

-1283034168 | 2024-12-31T04:20:45.030148

3306 / tcp

-2091545775 | 2025-01-18T17:45:32.887866

3389 / tcp

-1434758269 | 2025-01-17T19:18:55.486778

5800 / tcp

-771822497 | 2025-01-14T15:19:30.175762

5900 / tcp

1420214384 | 2025-01-14T15:19:33.394716

5985 / tcp

1489525118 | 2025-01-18T19:07:50.440081