GeneralInformation

Hostnames	dzlair.com www.dzlair.com connect.rcp.net
Domains	dzlair.com rcp.net
Country	United States
City	Los Angeles
Organization	Root Networks, LLC
ISP	LoadEdge Limited
ASN	AS32708
Operating System	Windows Server 2012 R2 (build 6.3.9600)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443 445 3306 5985

1639783815 | 2025-01-06T22:07:22.113772

80 / tcp

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Jan 2025 22:07:16 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Location: https://38.21.17.47/
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

CVE-2024-38476 CVE-2024-38474 CVE-2023-25690 CVE-2022-36760 CVE-2022-31813 CVE-2022-28615 CVE-2022-23943 CVE-2022-22721 CVE-2022-22720 CVE-2022-2068 CVE-2022-1292 CVE-2021-44790 CVE-2021-40438 CVE-2021-39275 CVE-2021-26691 CVE-2021-3711 CVE-2020-11984 CVE-2019-10082 78 moreCVE-2024-40898 CVE-2024-38477 CVE-2024-27316 CVE-2023-31122 CVE-2023-27522 CVE-2023-4807 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-30556 CVE-2022-29404 CVE-2022-26377 CVE-2022-22719 CVE-2022-4450 CVE-2022-0778 CVE-2021-44224 CVE-2021-36160 CVE-2021-34798 CVE-2021-33193 CVE-2021-26690 CVE-2021-23840 CVE-2021-3712 CVE-2020-35452 CVE-2020-11993 CVE-2020-9490 CVE-2019-10081 CVE-2019-9517 CVE-2019-1543 CVE-2019-0190 CVE-2013-4365 CVE-2011-2688 CVE-2007-4723 CVE-2006-20001 CVE-2024-0727 CVE-2023-45802 CVE-2023-5678 CVE-2023-3817 CVE-2023-2650 CVE-2023-0466 CVE-2023-0465 CVE-2022-37436 CVE-2022-28614 CVE-2022-28330 CVE-2022-4304 CVE-2022-2097 CVE-2021-32791 CVE-2021-32786 CVE-2021-32785 CVE-2021-30641 CVE-2021-23841 CVE-2021-4160 CVE-2021-3449 CVE-2020-13938 CVE-2020-1971 CVE-2020-1934 CVE-2020-1927 CVE-2019-17567 CVE-2019-10098 CVE-2019-10092 CVE-2019-1551 CVE-2019-1549 CVE-2019-1547 CVE-2013-2765 CVE-2013-0942 CVE-2012-4360 CVE-2012-4001 CVE-2012-3526 CVE-2011-1176 CVE-2009-3767 CVE-2009-3766 CVE-2009-3765 CVE-2009-2299 CVE-2009-1390 CVE-2021-32792 CVE-2019-1563 CVE-2019-1552 CVE-2013-0941 CVE-2009-0796

-2018326129 | 2025-01-09T05:49:59.364521

443 / tcp

bet365365��

HTTP/1.1 200 OK
Date: Thu, 09 Jan 2025 05:49:49 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Last-Modified: Sat, 27 Jul 2019 09:34:30 GMT
ETag: "f457-58ea65d9f7580"
Accept-Ranges: bytes
Content-Length: 62551
Vary: Accept-Encoding
Content-Type: text/html

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:dc:2b:80:d1:df:71:28:cb:ba:98:71:8b:98:fe:38:b4:70
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Dec 22 21:00:38 2024 GMT
            Not After : Mar 22 21:00:37 2025 GMT
        Subject: CN=dzlair.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:a0:a0:cd:96:1f:57:f5:92:89:b1:88:56:ef:
                    bb:8b:28:28:65:2c:e7:22:4f:74:31:87:23:b6:d2:
                    f0:87:65:61:b6:46:b9:2b:46:06:75:41:62:0c:0d:
                    07:32:5b:e4:da:c2:e5:28:e9:ba:38:d9:85:46:86:
                    a7:54:7c:3b:81:69:86:95:81:33:6a:ba:6b:0a:03:
                    39:4c:b2:bc:46:e7:fc:4d:7e:73:5a:ef:54:1b:e7:
                    c0:14:92:5d:ee:fd:62:a6:65:9c:d9:a1:38:88:55:
                    08:67:38:9e:66:45:77:a8:92:b7:44:ce:86:c9:b8:
                    9e:99:9c:e9:e2:f4:15:09:ab:23:ca:cd:da:f9:81:
                    5c:dc:5a:3a:5b:6c:53:4a:d1:08:d5:bf:a9:96:d6:
                    6f:15:5d:0a:c8:d0:8a:ef:26:ca:37:71:52:b0:ad:
                    a7:37:5e:2a:9f:e2:86:0f:1f:19:d9:9a:38:7c:c6:
                    31:c8:13:69:b0:14:99:25:38:50:a9:38:aa:c1:2a:
                    d6:87:0b:7e:41:e3:d2:b4:dc:e3:40:22:53:04:59:
                    d0:e4:44:fc:a1:c9:e8:99:fc:04:a1:2c:98:8b:8e:
                    80:86:17:e2:80:f6:a7:19:27:0f:8c:8a:2a:e9:50:
                    0d:51:be:2c:8e:c2:86:d3:d1:94:3e:50:0e:86:67:
                    67:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:5F:2D:13:17:DF:B0:DF:EF:F8:84:98:85:E9:28:B0:BF:8A:56:48
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:dzlair.com, DNS:www.dzlair.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Dec 22 21:59:09.273 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:49:5B:93:80:28:BB:40:76:DF:4F:F6:00:
                                BB:3C:EC:2F:EF:7B:22:15:B8:02:90:20:CC:F1:BF:E4:
                                B2:33:C8:CB:02:20:57:DF:27:6C:03:F3:EF:6A:B1:99:
                                A0:6B:A8:66:32:4F:5B:AB:59:53:63:92:8B:AE:20:D3:
                                64:44:34:9D:38:6A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Dec 22 21:59:09.280 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0B:FC:93:84:B0:3C:8C:B5:78:FE:37:6B:
                                35:86:80:81:9F:49:A6:07:0A:5C:7E:B4:EE:9C:20:60:
                                E0:14:2E:F5:02:20:6E:22:A5:27:62:64:32:C0:BA:4D:
                                21:8D:32:E6:FC:A4:A6:BA:FF:F1:7F:1A:40:2A:83:6C:
                                99:4A:AB:21:8F:52
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b5:ab:68:73:3c:28:90:a9:6d:c8:50:19:33:e0:f5:ac:4d:cf:
        12:07:fe:20:97:29:5c:24:db:dd:20:97:c8:bc:ab:37:5c:35:
        cf:e6:06:53:e8:55:4a:b7:76:f6:1a:a3:f1:34:b7:f9:0f:72:
        c7:34:77:a9:6c:7a:b8:d3:bc:be:95:47:e6:49:8a:a5:0a:54:
        b6:17:21:b9:09:dd:6d:17:ae:dd:d2:b7:51:03:67:4b:3d:fb:
        8f:e0:de:26:e0:1d:3c:f5:6b:2e:e8:f9:13:b8:cc:7c:34:e4:
        d1:0e:b6:0e:82:f9:35:7d:69:73:98:57:f2:d7:14:15:91:af:
        4a:89:72:94:dc:ed:2e:40:fd:0e:29:f7:45:b8:ac:f6:c4:0a:
        31:24:a4:81:6f:1f:a8:ff:a3:0f:60:1c:64:dd:76:72:70:61:
        34:73:eb:83:a6:2a:2a:c4:d7:da:54:0c:29:34:f5:80:37:3e:
        6f:9c:a7:16:60:bf:6d:eb:b0:f8:2e:10:a4:f3:7f:32:26:1a:
        77:f8:e9:18:5d:c4:1b:47:0a:80:29:e0:ae:cd:dc:64:82:e7:
        c4:c3:10:79:a5:f2:8a:e9:81:e6:1f:bf:c6:aa:76:36:ba:0d:
        61:d8:2b:2b:d4:c0:6d:f7:f3:5f:6a:34:3f:9e:72:55:1a:c6:
        81:aa:14:ab

-1242801143 | 2025-01-19T01:09:44.574704

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Datacenter 9600
  Software: Windows Server 2012 R2 Datacenter 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

-881101236 | 2025-01-21T04:31:01.466369

3306 / tcp

MySQL:
  Error Message: Host '224.208.157.5' is not allowed to connect to this MySQL server
  Error Code: 1130

1489525118 | 2025-01-21T10:51:50.071267

5985 / tcp

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 21 Jan 2025 10:51:44 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: S-KATIPOX
  NetBIOS Domain Name: S-KATIPOX
  NetBIOS Computer Name: S-KATIPOX
  DNS Domain Name: s-KatipoX
  FQDN: s-KatipoX

38.21.17.47

Last Seen: 2025-01-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1639783815 | 2025-01-06T22:07:22.113772
80 / tcp

Apache httpd2.4.39

-2018326129 | 2025-01-09T05:49:59.364521
443 / tcp

Apache httpd2.4.39

-1242801143 | 2025-01-19T01:09:44.574704
445 / tcp

-881101236 | 2025-01-21T04:31:01.466369
3306 / tcp

MySQL

1489525118 | 2025-01-21T10:51:50.071267
5985 / tcp

WinRM

Products

Pricing

Contact Us

38.21.17.47

Last Seen: 2025-01-21

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

1639783815 | 2025-01-06T22:07:22.113772 80 / tcp

Apache httpd2.4.39

-2018326129 | 2025-01-09T05:49:59.364521 443 / tcp

Apache httpd2.4.39

-1242801143 | 2025-01-19T01:09:44.574704 445 / tcp

-881101236 | 2025-01-21T04:31:01.466369 3306 / tcp

MySQL

1489525118 | 2025-01-21T10:51:50.071267 5985 / tcp

WinRM

Products

Pricing

Contact Us

Vulnerabilities

1639783815 | 2025-01-06T22:07:22.113772
80 / tcp

-2018326129 | 2025-01-09T05:49:59.364521
443 / tcp

-1242801143 | 2025-01-19T01:09:44.574704
445 / tcp

-881101236 | 2025-01-21T04:31:01.466369
3306 / tcp

1489525118 | 2025-01-21T10:51:50.071267
5985 / tcp