GeneralInformation

Hostnames	mail.maxfon.it www.mail.maxfon.it mail.voip-maxfon.it
Domains	maxfon.it voip-maxfon.it
Country	Italy
City	Turin
Organization	P.A. A.B.S. SRL - Partners Associates Advanced Business Solution
ISP	Retelit Digital Services S.p.A.
ASN	AS28716
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2009(1)

CVE-2009-2521

5.0Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that references a subdirectory, followed by a .. (dot dot), aka "IIS FTP Service DoS Vulnerability."

2008(1)

CVE-2008-1446

9.0Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."

OpenPorts

25 80 110 123 443 1723 2000

25 / tcp

1352982850 | 2025-03-14T07:40:13.836101

220 WIN-NR7RAJ7IF0R.domain.locale Microsoft ESMTP MAIL Service ready at Fri, 14 Mar 2025 08:38:32 +0100
250-WIN-NR7RAJ7IF0R.domain.locale Hello [224.199.65.215]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-X-ANONYMOUSTLS
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST

SMTP NTLM Info:
  OS: Windows Vista/Windows Server 2008
  OS Build: 6.0.6002
  Target Name: DOMAIN
  NetBIOS Domain Name: DOMAIN
  NetBIOS Computer Name: WIN-NR7RAJ7IF0R
  DNS Domain Name: domain.locale
  DNS Tree Name: domain.locale
  FQDN: WIN-NR7RAJ7IF0R.domain.locale

80 / tcp

-1267680054 | 2025-03-16T02:25:23.781443

Hashes

hash

554701018

http.dom_hash

-547917072

http.html_hash

-1267680054

http.server_hash

734174927

Il documento Ã¨ stato spostato

HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://mail.voip-maxfon.it/owa
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 16 Mar 2025 02:23:50 GMT
Content-Length: 185

Vulnerabilities

110 / tcp

-1300951327 | 2025-03-15T11:59:57.607109

+OK The Microsoft Exchange POP3 service is ready.
+OK
TOP
UIDL
SASL NTLM GSSAPI PLAIN
USER
.

123 / udp

-1457457700 | 2025-02-21T21:35:46.104530

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -20
rootdelay: 0.0271911621094
rootdisp: 0.0247802734375
refid: 3251401449
reftime: 3949162245.8
poll: 3

443 / tcp

-652435675 | 2025-03-18T01:43:23.191593

Hashes

hash

1050548547

http.dom_hash

-790508443

http.html_hash

-652435675

http.server_hash

734174927

http.title_hash

740275679

Microsoft Exchange - Outlook Web Access

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 8354
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-OWA-Version: 8.2.301.0
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Tue, 18 Mar 2025 01:41:48 GMT


Microsoft Exchange:
  Build Number: 8.2.301.0

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            a7:ce:1e:81:92:ed:36:d6:70:3f:c0:51:2c:be:c5:66
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Sep  9 00:00:00 2024 GMT
            Not After : Sep 14 23:59:59 2025 GMT
        Subject: CN=mail.maxfon.it
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b9:56:6d:67:fd:92:3b:0b:a3:af:6a:53:9a:1d:
                    0c:31:fd:0a:3c:83:fd:97:7c:03:7e:07:64:04:70:
                    5b:ac:d3:da:47:de:98:a7:de:11:9a:8d:cc:e1:fa:
                    32:39:bd:35:1e:c2:72:49:98:64:b5:9a:7a:c6:cd:
                    0e:56:94:7e:39:d3:b8:18:6b:02:56:4d:e7:e2:1d:
                    f3:5c:19:2b:7d:03:62:0b:f8:2c:17:da:89:4c:e2:
                    aa:db:d1:db:15:bf:ed:ce:76:a1:e6:ff:7e:c8:bd:
                    56:08:da:19:e1:c0:31:b2:48:5a:8a:e7:cc:ac:b2:
                    af:db:2d:14:10:10:23:02:aa:58:26:48:14:c3:c5:
                    58:b9:3d:5e:5f:2c:3b:be:73:ed:f0:86:50:11:6e:
                    8f:96:71:3f:8b:d8:47:ab:d6:82:0c:ce:af:4a:ff:
                    36:86:d0:f1:47:56:60:1e:0f:80:89:23:ac:cc:7c:
                    ec:63:2b:c2:25:03:ce:35:c2:2c:e5:c5:88:45:d9:
                    9f:05:c2:da:7c:ec:49:9c:16:ea:4a:cb:20:a0:28:
                    24:f5:54:d8:33:2f:97:9d:4e:c6:d4:a6:7d:4e:d5:
                    ad:5e:3e:d1:a4:f0:88:86:27:d4:12:9d:0c:59:d2:
                    43:21:e2:f5:15:fb:ae:7b:c9:f4:17:f8:2f:7b:45:
                    10:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                D3:B1:6F:A8:62:C7:D8:26:4A:5C:B6:AD:49:27:9F:52:55:11:19:B1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:mail.maxfon.it, DNS:www.mail.maxfon.it
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
                                3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
                    Timestamp : Sep  9 13:48:27.204 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2C:D2:3B:2C:FE:37:52:25:EB:B9:C0:AD:
                                AD:A2:0C:90:1A:CD:E9:57:40:18:15:9A:AA:75:24:9A:
                                54:BF:D7:8B:02:21:00:D4:B0:42:81:7F:92:43:76:70:
                                4E:71:8E:0E:06:FC:A6:06:76:4D:F0:19:D4:2B:9D:0F:
                                01:B8:13:FA:52:7A:AE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Sep  9 13:48:27.170 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:34:9F:DF:EC:30:11:4B:C8:94:B5:F1:65:
                                BC:9D:46:23:A1:42:76:DE:2F:50:B8:90:96:8C:26:44:
                                FA:8F:67:A4:02:21:00:A7:75:50:51:30:15:19:54:2B:
                                B9:81:C1:3D:21:F0:D3:68:C9:5C:2F:9A:1D:1D:88:11:
                                18:9E:E8:8B:40:DF:BB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Sep  9 13:48:27.170 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:62:4D:EA:55:39:0E:A5:7B:5D:03:8F:C5:
                                72:40:D8:8A:FA:65:9C:37:CE:FF:85:EE:E2:FE:79:2B:
                                39:9D:14:76:02:20:3F:59:FB:E6:C7:FE:41:81:BC:59:
                                50:EB:EB:C0:22:AF:B5:93:72:9A:FE:FB:A1:ED:AD:CC:
                                81:01:DA:58:36:4F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7c:8f:41:16:89:59:6c:64:b9:c1:e2:44:0b:f0:73:52:e8:32:
        09:21:b7:70:7d:b1:1d:52:4f:a5:ca:f8:e8:88:9c:3e:c4:33:
        e1:db:92:24:be:7a:f8:f0:fb:12:74:7b:fa:04:3b:ad:6b:04:
        95:cf:1b:33:c6:ac:51:30:1f:e6:d2:16:22:6e:5f:0c:e5:f3:
        ee:4e:3c:e4:d3:41:c4:4b:46:db:5c:3d:ed:7b:22:20:25:26:
        a2:75:79:a9:f2:78:8c:f8:3a:f3:40:a6:77:71:7f:29:91:4c:
        41:ba:38:be:6f:91:ec:03:0b:b8:5c:04:85:3c:60:7c:26:7d:
        c2:0e:96:02:b7:cc:81:eb:0c:cc:e6:17:bd:67:d7:cc:b0:48:
        e6:fb:b2:9b:a3:4f:58:f5:d6:4b:c9:87:00:03:93:b0:2b:eb:
        40:b3:66:cc:94:d2:c7:0b:63:b0:c6:74:30:0a:dd:58:ac:0f:
        21:06:1f:73:f9:bb:2f:3d:81:b4:53:fe:c6:a4:60:48:45:df:
        71:c4:da:ae:b3:04:1b:91:eb:b2:ac:5f:45:40:1d:0f:0e:82:
        ce:65:10:0f:7b:1f:0f:cc:4a:07:18:95:ee:15:57:8c:e2:73:
        2d:f8:96:58:4e:50:26:fc:b2:f9:2b:f2:32:9e:ac:3e:be:49:
        a5:d5:f2:28

Vulnerabilities

1723 / tcp

-639773658 | 2025-03-12T16:07:33.189538

PPTP:
  Firmware: 1
  Hostname: Router DataCenter Napoli
  Vendor: MikroTik

2000 / tcp

-1538260461 | 2025-03-16T09:26:10.216648

\x01\x00\x00\x00

212.104.5.82

Last Seen: 2025-03-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

25 / tcp

1352982850 | 2025-03-14T07:40:13.836101

Microsoft Exchange smtpd

80 / tcp

-1267680054 | 2025-03-16T02:25:23.781443

Hashes

Microsoft IIS httpd7.0

110 / tcp

-1300951327 | 2025-03-15T11:59:57.607109

123 / udp

-1457457700 | 2025-02-21T21:35:46.104530

443 / tcp

-652435675 | 2025-03-18T01:43:23.191593

Hashes

Microsoft IIS httpd7.0

1723 / tcp

-639773658 | 2025-03-12T16:07:33.189538

PPTP

2000 / tcp

-1538260461 | 2025-03-16T09:26:10.216648

MikroTik bandwidth-test server

Products

Pricing

Contact Us

212.104.5.82

Last Seen: 2025-03-18

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

25 / tcp 1352982850 | 2025-03-14T07:40:13.836101

Microsoft Exchange smtpd

80 / tcp -1267680054 | 2025-03-16T02:25:23.781443

Hashes

Microsoft IIS httpd7.0

110 / tcp -1300951327 | 2025-03-15T11:59:57.607109

123 / udp -1457457700 | 2025-02-21T21:35:46.104530

443 / tcp -652435675 | 2025-03-18T01:43:23.191593

Hashes

Microsoft IIS httpd7.0

1723 / tcp -639773658 | 2025-03-12T16:07:33.189538

PPTP

2000 / tcp -1538260461 | 2025-03-16T09:26:10.216648

MikroTik bandwidth-test server

Products

Pricing

Contact Us

Vulnerabilities

25 / tcp

1352982850 | 2025-03-14T07:40:13.836101

80 / tcp

-1267680054 | 2025-03-16T02:25:23.781443

110 / tcp

-1300951327 | 2025-03-15T11:59:57.607109

123 / udp

-1457457700 | 2025-02-21T21:35:46.104530

443 / tcp

-652435675 | 2025-03-18T01:43:23.191593

1723 / tcp

-639773658 | 2025-03-12T16:07:33.189538

2000 / tcp

-1538260461 | 2025-03-16T09:26:10.216648