GeneralInformation

Hostnames	1-zali.com www.1-zali.com connect.rcp.net
Domains	1-zali.com rcp.net
Country	United States
City	Los Angeles
Organization	Root Networks, LLC
ISP	LoadEdge Limited
ASN	AS32708
Operating System	Windows Server 2012 R2 (build 6.3.9600)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443 445 3306 5985

682852189 | 2025-01-08T14:57:24.065412

80 / tcp

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Jan 2025 14:57:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Location: https://38.35.93.56/
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

CVE-2024-38476 CVE-2024-38474 CVE-2023-25690 CVE-2022-36760 CVE-2022-31813 CVE-2022-28615 CVE-2022-23943 CVE-2022-22721 CVE-2022-22720 CVE-2022-2068 CVE-2022-1292 CVE-2021-44790 CVE-2021-40438 CVE-2021-39275 CVE-2021-26691 CVE-2021-3711 CVE-2020-11984 CVE-2019-10082 78 moreCVE-2024-40898 CVE-2024-38477 CVE-2024-27316 CVE-2023-31122 CVE-2023-27522 CVE-2023-4807 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-30556 CVE-2022-29404 CVE-2022-26377 CVE-2022-22719 CVE-2022-4450 CVE-2022-0778 CVE-2021-44224 CVE-2021-36160 CVE-2021-34798 CVE-2021-33193 CVE-2021-26690 CVE-2021-23840 CVE-2021-3712 CVE-2020-35452 CVE-2020-11993 CVE-2020-9490 CVE-2019-10081 CVE-2019-9517 CVE-2019-1543 CVE-2019-0190 CVE-2013-4365 CVE-2011-2688 CVE-2007-4723 CVE-2006-20001 CVE-2024-0727 CVE-2023-45802 CVE-2023-5678 CVE-2023-3817 CVE-2023-2650 CVE-2023-0466 CVE-2023-0465 CVE-2022-37436 CVE-2022-28614 CVE-2022-28330 CVE-2022-4304 CVE-2022-2097 CVE-2021-32791 CVE-2021-32786 CVE-2021-32785 CVE-2021-30641 CVE-2021-23841 CVE-2021-4160 CVE-2021-3449 CVE-2020-13938 CVE-2020-1971 CVE-2020-1934 CVE-2020-1927 CVE-2019-17567 CVE-2019-10098 CVE-2019-10092 CVE-2019-1551 CVE-2019-1549 CVE-2019-1547 CVE-2013-2765 CVE-2013-0942 CVE-2012-4360 CVE-2012-4001 CVE-2012-3526 CVE-2011-1176 CVE-2009-3767 CVE-2009-3766 CVE-2009-3765 CVE-2009-2299 CVE-2009-1390 CVE-2021-32792 CVE-2019-1563 CVE-2019-1552 CVE-2013-0941 CVE-2009-0796

-414729143 | 2025-01-08T14:57:26.738735

443 / tcp

bet36锟劫凤拷锟斤拷站

HTTP/1.1 200 OK
Date: Wed, 08 Jan 2025 14:57:25 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Last-Modified: Sun, 28 Jul 2019 02:31:02 GMT
ETag: "716c-58eb491078580"
Accept-Ranges: bytes
Content-Length: 29036
Vary: Accept-Encoding
Content-Type: text/html

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:07:e7:da:96:ef:4d:9e:0b:55:86:31:b3:4a:1e:0f:25:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Dec 12 13:24:34 2024 GMT
            Not After : Mar 12 13:24:33 2025 GMT
        Subject: CN=1-zali.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b4:65:05:a2:6b:4e:4d:0c:18:45:97:74:01:0b:
                    17:2a:94:6b:ad:a3:8f:38:4a:f5:7a:bc:58:d1:6e:
                    08:d8:ba:c8:40:ea:a5:03:ce:80:49:86:b5:4f:ee:
                    da:f0:07:4f:2c:cf:9d:40:b1:0c:1e:53:d1:d3:0a:
                    0f:0d:2e:c9:9e:b8:28:63:c2:2e:f5:da:fe:1d:79:
                    55:75:9b:3e:57:5b:2a:7b:91:5f:bb:06:6e:b2:07:
                    24:da:16:7d:9e:3d:5d:b4:33:d1:de:ca:6a:8f:9c:
                    c5:31:47:98:73:a3:e1:d9:1c:53:50:ec:3f:4a:6e:
                    6b:2e:a3:89:ac:46:d1:40:9a:88:17:3d:68:fd:e6:
                    c5:1a:6a:7c:d2:5a:b3:3d:b4:cc:ae:ac:ab:71:51:
                    07:5e:8e:17:7c:56:c1:56:e1:93:ce:7e:ff:c3:ba:
                    5f:01:50:23:15:21:b8:4a:6f:da:21:19:a9:8c:fe:
                    4f:0f:f9:d4:a4:61:92:ee:de:ff:84:9f:e6:1d:22:
                    41:2f:9a:33:3d:22:62:7f:e3:60:2d:f2:72:3e:1c:
                    20:81:53:12:f4:b6:db:40:d0:91:72:ce:6f:59:89:
                    e9:2b:f7:43:cd:57:ba:d4:da:88:5d:55:8c:5c:16:
                    3e:09:44:af:82:63:2a:e3:db:6a:e8:7e:c4:26:f5:
                    41:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                2C:2E:49:7A:1B:7C:18:18:45:66:F9:C4:01:5C:53:3C:DE:86:93:71
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:1-zali.com, DNS:www.1-zali.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Dec 12 14:23:04.681 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2B:8D:D7:7A:A1:1D:DE:BA:A3:C3:FB:12:
                                2D:DE:03:8A:E6:BF:C2:AB:5F:2A:90:F8:8C:00:06:A2:
                                FA:C7:89:C7:02:20:4F:B2:DD:CF:D8:44:16:A2:54:F8:
                                3E:EB:73:FB:9D:35:E5:40:99:A0:76:35:C8:88:DE:13:
                                80:45:FC:5C:5E:3E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Dec 12 14:23:04.713 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:46:B5:EE:A7:4F:7B:7D:34:DE:E1:81:E4:
                                7F:B3:CC:20:0B:24:3A:12:D6:FB:13:4C:85:CD:16:36:
                                1D:09:35:E9:02:21:00:A8:72:4C:0E:51:9B:B3:72:72:
                                75:A4:22:78:F6:97:6E:D8:30:C6:65:34:97:F3:24:09:
                                FA:ED:60:9A:5D:17:1E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        24:47:e8:bd:cd:60:4f:0c:b3:df:b3:02:2f:fc:04:a1:03:01:
        97:6e:cc:d8:b3:7c:13:5a:85:c3:34:ef:d7:35:1d:4d:e4:f2:
        ed:bd:09:d5:0d:e8:95:ac:4c:8d:cb:67:08:97:64:68:4f:d4:
        c6:0e:48:40:81:e6:a8:9a:9d:0e:1e:f5:f8:29:b9:08:14:82:
        85:1c:31:ac:d4:61:1c:1a:8f:3a:f2:a3:73:03:0b:d1:ba:68:
        a2:52:64:d1:db:0a:cb:40:0d:fd:3b:7b:58:d5:e5:13:b7:ac:
        af:e9:45:c1:36:1e:fb:11:01:50:49:d6:02:a6:0e:7e:e2:77:
        48:63:96:c4:7d:7f:8f:08:a7:06:b6:24:45:07:c6:ab:4f:d1:
        8b:7b:01:a9:06:54:c1:2b:d7:e3:e9:1c:eb:29:a1:92:bd:83:
        ff:35:1c:8c:97:76:43:f2:7f:2e:bf:98:de:ff:fc:01:62:f8:
        12:01:e2:f0:69:82:eb:f1:ef:77:06:e0:ca:81:7f:3d:08:fe:
        aa:ec:86:d2:67:74:ff:8a:29:5e:22:6d:e2:a5:ea:91:34:5a:
        02:17:fd:de:b6:75:8e:f4:a7:6d:a7:0f:e6:40:c9:f6:7b:0f:
        8c:43:fe:f4:87:e5:e5:9b:57:95:f3:70:78:1b:04:5f:4a:de:
        cc:02:30:14

-1242801143 | 2025-01-06T12:51:13.607266

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Datacenter 9600
  Software: Windows Server 2012 R2 Datacenter 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

-1744147543 | 2025-01-07T06:36:22.815721

3306 / tcp

MySQL:
  Error Message: Host '224.239.148.52' is not allowed to connect to this MySQL server
  Error Code: 1130

1489525118 | 2025-01-09T11:17:54.924226

5985 / tcp

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 09 Jan 2025 11:17:44 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: DCLAX1A3MCC28
  NetBIOS Domain Name: DCLAX1A3MCC28
  NetBIOS Computer Name: DCLAX1A3MCC28
  DNS Domain Name: dclax1a3mcc28
  FQDN: dclax1a3mcc28

38.35.93.56

Last Seen: 2025-01-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

682852189 | 2025-01-08T14:57:24.065412
80 / tcp

Apache httpd2.4.39

-414729143 | 2025-01-08T14:57:26.738735
443 / tcp

Apache httpd2.4.39

-1242801143 | 2025-01-06T12:51:13.607266
445 / tcp

-1744147543 | 2025-01-07T06:36:22.815721
3306 / tcp

MySQL

1489525118 | 2025-01-09T11:17:54.924226
5985 / tcp

WinRM

Products

Pricing

Contact Us

38.35.93.56

Last Seen: 2025-01-09

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

682852189 | 2025-01-08T14:57:24.065412 80 / tcp

Apache httpd2.4.39

-414729143 | 2025-01-08T14:57:26.738735 443 / tcp

Apache httpd2.4.39

-1242801143 | 2025-01-06T12:51:13.607266 445 / tcp

-1744147543 | 2025-01-07T06:36:22.815721 3306 / tcp

MySQL

1489525118 | 2025-01-09T11:17:54.924226 5985 / tcp

WinRM

Products

Pricing

Contact Us

Vulnerabilities

682852189 | 2025-01-08T14:57:24.065412
80 / tcp

-414729143 | 2025-01-08T14:57:26.738735
443 / tcp

-1242801143 | 2025-01-06T12:51:13.607266
445 / tcp

-1744147543 | 2025-01-07T06:36:22.815721
3306 / tcp

1489525118 | 2025-01-09T11:17:54.924226
5985 / tcp