GeneralInformation

Hostnames	888.xheaven.net
Domains	xheaven.net
Country	Taiwan
City	Taipei
Organization	Chunghwa Telecom Co.,Ltd.
ISP	Data Communication Business Group
ASN	AS3462

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

21 25 80 110 137 143 443 445 465 587 993 995 1801 1883 5357 5985 8080

21 / tcp

470986363 | 2025-03-24T00:14:28.351928

220-FileZilla Server 1.5.1
220-Please visit https://filezilla-project.org/
220 Hello my friends
530 Login incorrect.
214-The following commands are recognized.
 NOP  USER TYPE SYST SIZE RNTO RNFR RMD  REST QUIT
 HELP XMKD MLST MKD  EPSV XCWD NOOP AUTH OPTS DELE
 CWD  CDUP APPE STOR ALLO RETR PWD  FEAT CLNT MFMT
 MODE XRMD PROT ADAT ABOR XPWD MDTM LIST MLSD PBSZ
 NLST EPRT PASS STRU PASV STAT PORT
214 Help ok.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;perm*;
 MLSD
 AUTH SSL
 AUTH TLS
 PROT
 PBSZ
 UTF8
 TVFS
 EPSV
 EPRT
 MFMT
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:c5:bd:a4:2a:0f:8a:48:d9:e7:f0:cb:db:94:54:d7:4d:61:85:5c
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN=filezilla-server self signed certificate
        Validity
            Not Before: May 10 07:29:33 2024 GMT
            Not After : May 11 07:34:33 2025 GMT
        Subject: CN=filezilla-server self signed certificate
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:03:f1:66:33:23:a0:de:e4:13:0d:c8:b8:3c:6c:
                    26:b0:d9:cc:43:94:12:d1:b8:c2:a7:9c:b6:fa:f2:
                    27:b3:f2:1f:5f:be:5c:5e:ca:af:6d:ef:ca:3c:9e:
                    d0:9f:ae:5e:55:52:04:98:f6:1b:a3:f9:59:97:cb:
                    4e:76:bf:17:76
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:46:02:21:00:e5:ed:d1:01:ea:57:22:ef:52:3f:e0:11:88:
        29:ca:b6:87:a4:4d:88:25:f8:c4:41:1e:4d:9c:36:89:a2:0f:
        36:02:21:00:b5:ee:9d:25:a4:c3:0d:88:14:02:dc:ba:b0:7d:
        cb:3e:c5:c2:dc:fa:e7:3e:64:56:23:23:80:3f:8f:43:50:d2

25 / tcp

916883756 | 2025-03-15T15:05:15.010491

220 Welcome my smtp friends...
250-888.xheaven.net
250-SIZE 504800000
250-AUTH LOGIN
250 HELP

80 / tcp

-751013341 | 2025-03-26T01:14:23.355014

Hashes

hash

1760911730

http.dom_hash

2045110577

http.html_hash

-751013341

http.server_hash

608434861

網頁施工中

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 19 Aug 2024 08:15:47 GMT
Accept-Ranges: bytes
ETag: "537f0feff2da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 26 Mar 2025 01:14:23 GMT
Content-Length: 444

110 / tcp

-661730614 | 2025-03-20T15:08:12.298549

+OK Welcome my pop3 friends...
+OK CAPA list follows
USER
UIDL
TOP
.

137 / udp

-1374081483 | 2025-03-17T21:20:16.165080

NetBIOS Response:
  Server Name: WIN-77BACK4Q5GJ
  MAC Address: 00:1A:64:E5:23:54
  Names:
    WIN-77BACK4Q5GJ <0x0>
    WORKGROUP <0x0>
    WIN-77BACK4Q5GJ <0x20>
  Additional Interfaces:
    32.32.32.32
    169.254.44.187
    192.168.137.1
    169.254.251.183

MAC Addresses

00:1A:64:E5:23:54
    OUI: 00:1A:64
    Organization: IBM Corp
    Assignment: MA-L
    Registration Date: 2006-11-29

143 / tcp

66793425 | 2025-03-23T14:56:25.332754

* OK Welcome my imap friends...
* CAPABILITY IMAP4 IMAP4rev1 CHILDREN IDLE QUOTA SORT ACL NAMESPACE RIGHTS=texk
A001 OK CAPABILITY completed
A002 BAD Unknown or NULL command
A003 BAD Unknown or NULL command
* BYE Have a nice day
A004 OK Logout completed

443 / tcp

-751013341 | 2025-03-21T07:28:25.042715

Hashes

hash

-1211712373

http.dom_hash

2045110577

http.html_hash

-751013341

http.server_hash

608434861

網頁施工中

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 19 Aug 2024 08:15:47 GMT
Accept-Ranges: bytes
ETag: "537f0feff2da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 21 Mar 2025 07:28:25 GMT
Content-Length: 444

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:7a:08:38:4d:6b:34:a5:4c:dc:6f:39:37:05:e7:8f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WMSvc-SHA2-WIN-77BACK4Q5GJ
        Validity
            Not Before: Sep  5 00:35:21 2022 GMT
            Not After : Sep  2 00:35:21 2032 GMT
        Subject: CN=WMSvc-SHA2-WIN-77BACK4Q5GJ
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c4:57:a2:7e:aa:cc:b4:37:56:e4:af:e7:4d:6b:
                    92:16:d0:99:1a:49:77:14:32:c0:97:36:d1:5e:70:
                    98:34:c8:e8:3b:43:85:e3:b3:28:c4:f5:33:ca:c9:
                    de:85:84:e9:24:8b:51:f5:77:6a:b6:af:12:e2:c7:
                    e5:fb:38:5f:96:c4:c2:7b:23:85:e6:76:c4:ac:cf:
                    2a:2a:0a:2e:1b:5e:44:86:28:02:58:0a:73:59:f5:
                    09:d4:f0:20:ea:d1:0c:b1:a9:d0:79:22:dd:13:bf:
                    31:c9:61:48:c8:51:af:90:30:16:34:70:e7:6a:20:
                    b2:f9:59:17:35:41:fd:9e:26:b9:0f:12:5d:d5:02:
                    c3:1b:b7:17:4b:e2:8a:8d:cb:4a:65:88:ad:8d:43:
                    39:5a:7e:39:7f:48:04:0f:a6:93:37:e5:36:95:95:
                    98:a0:c9:b9:15:51:9a:96:c8:cf:9e:0e:28:f5:3f:
                    d5:48:a8:aa:4d:2c:ad:1c:eb:59:e7:98:2e:87:05:
                    d8:0d:e0:f0:91:eb:a8:12:8b:c1:0a:40:31:00:fd:
                    f4:19:8a:2e:0c:a7:85:73:34:88:1f:97:06:58:85:
                    37:a6:ab:52:00:08:ec:77:87:89:95:22:b7:0a:cf:
                    72:44:34:c2:81:bd:44:a0:1c:33:89:6a:7f:55:d1:
                    1b:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5d:de:26:5f:25:ef:da:08:29:d7:cf:2b:9f:fc:a6:01:3b:26:
        07:71:d4:21:55:bb:f7:b2:8e:6d:77:b0:8c:29:5c:0f:a9:15:
        a2:fb:2e:f9:56:d6:4a:e7:59:0c:03:2b:f5:35:1a:d0:71:c6:
        af:ac:f5:f8:7a:f8:3c:57:e2:7a:34:89:a3:dd:76:5f:3f:da:
        28:1a:a9:8e:96:99:09:c6:2e:f2:a2:b4:89:21:d6:a8:6a:33:
        ec:51:7d:e7:82:5e:91:e3:b5:bf:7a:6d:77:4c:3b:82:19:f7:
        c0:33:4e:2f:c7:4a:be:2e:87:c6:6d:65:b9:0d:e4:6f:31:bb:
        60:69:c2:16:cb:6a:68:0d:e1:44:c9:8f:47:bf:8e:8b:9e:21:
        54:b5:0c:c0:86:e0:6c:97:22:2d:c3:1a:58:94:ca:44:51:db:
        0f:c9:f2:9d:16:29:d3:4a:c7:13:25:73:6b:d2:d0:89:87:a0:
        4a:fa:4c:07:bd:13:1f:a8:6c:0a:b7:dd:c6:0e:2a:d3:ee:80:
        93:4f:cd:79:60:d6:5b:a4:5c:23:87:86:e5:8c:cb:27:fd:11:
        b1:c1:66:b3:e3:d8:ed:db:c0:37:08:70:d6:89:a1:0a:f8:d0:
        a1:d8:04:df:5c:b7:8e:c9:dc:73:d5:5f:10:fd:6b:a9:d7:37:
        32:b5:1c:15

445 / tcp

-1166656618 | 2025-03-26T02:46:26.718740

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

465 / tcp

1820580278 | 2025-03-07T07:06:10.141712

220 Welcome my smtp friends...\r\n

587 / tcp

916883756 | 2025-03-23T09:44:10.330731

220 Welcome my smtp friends...
250-888.xheaven.net
250-SIZE 504800000
250-AUTH LOGIN
250 HELP

993 / tcp

1530444452 | 2025-03-25T23:22:25.740069

* OK Welcome my imap friends...\r\n

995 / tcp

317439638 | 2025-03-25T13:47:54.990895

+OK Welcome my pop3 friends...\r\n

1801 / tcp

450450692 | 2025-03-05T16:02:22.499875

\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaaZ\x01\x01\xf2\x84\xfdgC\x9e\xf3\xb9\x87C\x0f\xa4k\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

-787534971 | 2025-03-13T12:06:32.376029

MQTT Connection Code: 0

Topics:
$SYS/broker/version
$SYS/broker/uptime
$SYS/broker/load/messages/received/1min
$SYS/broker/load/messages/received/5min
$SYS/broker/load/messages/received/15min
$SYS/broker/load/messages/sent/1min
$SYS/broker/load/messages/sent/5min
$SYS/broker/load/messages/sent/15min
$SYS/broker/load/bytes/received/1min
$SYS/broker/load/bytes/received/5min
$SYS/broker/load/bytes/received/15min
$SYS/broker/load/bytes/sent/1min
$SYS/broker/load/bytes/sent/5min
$SYS/broker/load/bytes/sent/15min
$SYS/broker/load/sockets/1min
$SYS/broker/load/sockets/5min
$SYS/broker/load/sockets/15min
$SYS/broker/load/connections/1min
$SYS/broker/load/connections/5min
$SYS/broker/load/connections/15min
$SYS/broker/messages/received
$SYS/broker/messages/sent
$SYS/broker/bytes/received
$SYS/broker/bytes/sent

Vulnerabilities

1 2 3

5357 / tcp

-1684583448 | 2025-03-18T14:32:39.329939

Hashes

hash

-1737991951

http.dom_hash

1386055181

http.html_hash

-1684583448

http.server_hash

-761617706

http.title_hash

-1682908569

Service Unavailable

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 18 Mar 2025 14:32:39 GMT
Connection: close
Content-Length: 326

5985 / tcp

1489525118 | 2025-03-18T13:55:29.576591

Hashes

hash

1841103662

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 18 Mar 2025 13:55:29 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2019 (version 1809)
  OS Build: 10.0.17763
  Target Name: WIN-77BACK4Q5GJ
  NetBIOS Domain Name: WIN-77BACK4Q5GJ
  NetBIOS Computer Name: WIN-77BACK4Q5GJ
  DNS Domain Name: WIN-77BACK4Q5GJ
  FQDN: WIN-77BACK4Q5GJ

8080 / tcp

-1426173602 | 2025-03-25T20:21:35.726189

Hashes

hash

-247115939

http.dom_hash

-1830446565

http.html_hash

-1426173602

http.server_hash

608434861

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=aizhnoc3hahzafqzbw3sp34i; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 25 Mar 2025 20:21:35 GMT
Content-Length: 97

210.242.163.110

Last Seen: 2025-03-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

470986363 | 2025-03-24T00:14:28.351928

25 / tcp

916883756 | 2025-03-15T15:05:15.010491

80 / tcp

-751013341 | 2025-03-26T01:14:23.355014

Hashes

Microsoft IIS httpd10.0

110 / tcp

-661730614 | 2025-03-20T15:08:12.298549

137 / udp

-1374081483 | 2025-03-17T21:20:16.165080

143 / tcp

66793425 | 2025-03-23T14:56:25.332754

443 / tcp

-751013341 | 2025-03-21T07:28:25.042715

Hashes

Microsoft IIS httpd10.0

445 / tcp

-1166656618 | 2025-03-26T02:46:26.718740

465 / tcp

1820580278 | 2025-03-07T07:06:10.141712

587 / tcp

916883756 | 2025-03-23T09:44:10.330731

993 / tcp

1530444452 | 2025-03-25T23:22:25.740069

995 / tcp

317439638 | 2025-03-25T13:47:54.990895

1801 / tcp

450450692 | 2025-03-05T16:02:22.499875

Microsoft Message Queuing

1883 / tcp

-787534971 | 2025-03-13T12:06:32.376029

Mosquitto2.0.15

5357 / tcp

-1684583448 | 2025-03-18T14:32:39.329939

Hashes

5985 / tcp

1489525118 | 2025-03-18T13:55:29.576591

Hashes

WinRM

8080 / tcp

-1426173602 | 2025-03-25T20:21:35.726189

Hashes

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

210.242.163.110

Last Seen: 2025-03-26

Tags:

GeneralInformation

Vulnerabilities All ports Port 1883 Latest CVSS

OpenPorts

21 / tcp 470986363 | 2025-03-24T00:14:28.351928

25 / tcp 916883756 | 2025-03-15T15:05:15.010491

80 / tcp -751013341 | 2025-03-26T01:14:23.355014

Hashes

Microsoft IIS httpd10.0

110 / tcp -661730614 | 2025-03-20T15:08:12.298549

137 / udp -1374081483 | 2025-03-17T21:20:16.165080

143 / tcp 66793425 | 2025-03-23T14:56:25.332754

443 / tcp -751013341 | 2025-03-21T07:28:25.042715

Hashes

Microsoft IIS httpd10.0

445 / tcp -1166656618 | 2025-03-26T02:46:26.718740

465 / tcp 1820580278 | 2025-03-07T07:06:10.141712

587 / tcp 916883756 | 2025-03-23T09:44:10.330731

993 / tcp 1530444452 | 2025-03-25T23:22:25.740069

995 / tcp 317439638 | 2025-03-25T13:47:54.990895

1801 / tcp 450450692 | 2025-03-05T16:02:22.499875

Microsoft Message Queuing

1883 / tcp -787534971 | 2025-03-13T12:06:32.376029

Mosquitto2.0.15

5357 / tcp -1684583448 | 2025-03-18T14:32:39.329939

Hashes

5985 / tcp 1489525118 | 2025-03-18T13:55:29.576591

Hashes

WinRM

8080 / tcp -1426173602 | 2025-03-25T20:21:35.726189

Hashes

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

470986363 | 2025-03-24T00:14:28.351928

25 / tcp

916883756 | 2025-03-15T15:05:15.010491

80 / tcp

-751013341 | 2025-03-26T01:14:23.355014

110 / tcp

-661730614 | 2025-03-20T15:08:12.298549

137 / udp

-1374081483 | 2025-03-17T21:20:16.165080

143 / tcp

66793425 | 2025-03-23T14:56:25.332754

443 / tcp

-751013341 | 2025-03-21T07:28:25.042715

445 / tcp

-1166656618 | 2025-03-26T02:46:26.718740

465 / tcp

1820580278 | 2025-03-07T07:06:10.141712

587 / tcp

916883756 | 2025-03-23T09:44:10.330731

993 / tcp

1530444452 | 2025-03-25T23:22:25.740069

995 / tcp

317439638 | 2025-03-25T13:47:54.990895

1801 / tcp

450450692 | 2025-03-05T16:02:22.499875

1883 / tcp

-787534971 | 2025-03-13T12:06:32.376029

5357 / tcp

-1684583448 | 2025-03-18T14:32:39.329939

5985 / tcp

1489525118 | 2025-03-18T13:55:29.576591

8080 / tcp

-1426173602 | 2025-03-25T20:21:35.726189