GeneralInformation

Cloud Provider	Alibaba Cloud
Country	Hong Kong
City	Hong Kong
Organization	Alibaba Cloud LLC
ISP	Alibaba (US) Technology Co., Ltd.
ASN	AS45102
Operating System	Windows (build 6.1.7601)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 135 139 1433 3389

-119375469 | 2024-10-26T22:09:16.453102

80 / tcp

IIS7

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 13 Nov 2021 09:53:34 GMT
Accept-Ranges: bytes
ETag: "c2b1d75274d8d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 26 Oct 2024 22:09:16 GMT
Content-Length: 689

CVE-2010-3972 CVE-2010-2730 CVE-2010-1899

-773646130 | 2024-10-22T23:23:21.791731

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 172.19.84.197:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0426E0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0426E0
  ncalrpc: WMsgKRpc0429F1

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-dee75264b13072cdab
  ncacn_ip_tcp: 172.19.84.197:49154
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 172.19.84.197:49153
  ncacn_np: \\iZbxk6k2qvghemZ\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 172.19.84.197:49153
  ncacn_np: \\iZbxk6k2qvghemZ\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncacn_ip_tcp: 172.19.84.197:49153
  ncacn_np: \\iZbxk6k2qvghemZ\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 172.19.84.197:49153
  ncacn_np: \\iZbxk6k2qvghemZ\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncacn_ip_tcp: 172.19.84.197:49154
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 172.19.84.197:49154
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 172.19.84.197:49154
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 172.19.84.197:49154
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  provider: gpsvc.dll
  ncalrpc: OLE7DDA1589094942CAB493381C08B3
  ncalrpc: IUserProfile2

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-70a6c3733bf1a93db1
  ncalrpc: OLE9621B9C3B9A5468C99B8A23FC879

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-70a6c3733bf1a93db1
  ncalrpc: OLE9621B9C3B9A5468C99B8A23FC879

24019106-a203-4642-b88d-82dae9158929
  version: v1.0
  provider: authui.dll
  ncalrpc: LRPC-a149a07d0fd14436ef

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-d5a1fcc857d532fa34

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-d5a1fcc857d532fa34

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-d5a1fcc857d532fa34

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\wkssvc
  ncalrpc: DNSResolver

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 172.19.84.197:49174
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\iZbxk6k2qvghemZ\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-5f3522ae220ffb12bf
  ncacn_np: \\iZbxk6k2qvghemZ\pipe\lsass

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-c28a4b2bbb215ff3c8
  ncalrpc: LRPC-81ee4722a84759320c
  ncalrpc: LRPC-81ee4722a84759320c
  ncalrpc: LRPC-81ee4722a84759320c
  ncalrpc: LRPC-81ee4722a84759320c

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 172.19.84.197:49181

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-56b5c574c9f6f48778
  ncacn_ip_tcp: 172.19.84.197:49189

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 172.19.84.197:49189

-757264002 | 2024-10-24T23:38:14.962993

139 / tcp

\x83\x00\x00\x01\x8f

632952719 | 2024-11-02T07:20:52.502130

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: iZbxk6k2qvghemZ
  NetBIOS Domain Name: iZbxk6k2qvghemZ
  NetBIOS Computer Name: iZbxk6k2qvghemZ
  DNS Domain Name: iZbxk6k2qvghemZ
  FQDN: iZbxk6k2qvghemZ

-414487898 | 2024-11-02T08:19:34.512305

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: iZbxk6k2qvghemZ
  NetBIOS Domain Name: iZbxk6k2qvghemZ
  NetBIOS Computer Name: iZbxk6k2qvghemZ
  DNS Domain Name: iZbxk6k2qvghemZ
  FQDN: iZbxk6k2qvghemZ

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:69:30:87:0d:f8:ec:b4:41:74:87:54:65:60:02:29
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=iZbxk6k2qvghemZ
        Validity
            Not Before: Oct  5 16:20:58 2024 GMT
            Not After : Apr  6 16:20:58 2025 GMT
        Subject: CN=iZbxk6k2qvghemZ
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:98:31:f9:5e:df:d1:f5:19:88:15:9d:a9:63:9e:
                    ee:96:93:04:49:83:8f:94:bb:11:2d:d5:a2:f6:e5:
                    27:79:93:4a:1d:59:74:0a:15:9c:9a:a3:dd:47:fe:
                    12:b8:73:3a:81:6a:ce:62:b9:e8:ff:41:b0:39:df:
                    8b:a2:3e:d4:f3:f7:65:60:98:15:e7:ea:3f:df:2b:
                    c2:a5:78:4d:c3:18:88:27:4a:48:8f:24:4c:ba:e4:
                    42:14:cd:c7:cc:80:30:94:03:de:08:d4:95:8a:14:
                    75:90:41:32:06:b2:51:25:2f:b6:51:76:5c:c3:a3:
                    17:b6:78:89:61:aa:ec:a1:e9:aa:d6:07:47:fd:66:
                    fe:33:1f:d0:6a:e6:18:0f:1d:bf:ee:85:75:ee:41:
                    1f:1d:a9:c3:76:4f:36:76:83:5c:12:fa:da:d4:52:
                    73:7e:db:80:a1:a6:e4:2c:11:38:15:6d:2f:f2:36:
                    0b:a0:fe:8d:cb:a4:f3:d3:5b:27:4b:89:7a:8c:e2:
                    54:cc:f2:49:0a:42:79:50:5c:c7:1e:59:75:39:c8:
                    4f:57:ab:26:d8:fc:f8:c2:51:ba:0a:84:19:11:14:
                    e1:46:2e:e5:be:f8:b8:ca:f9:4d:3b:f5:3c:de:61:
                    77:6f:f4:8f:95:dc:6a:04:12:8c:18:4f:37:18:84:
                    bc:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        74:a5:75:28:21:97:b9:51:e5:84:81:d2:51:46:85:dd:13:af:
        8c:80:0b:a8:74:81:aa:ab:65:ec:3f:33:95:3a:b3:44:18:43:
        d1:03:61:64:a3:9a:81:e1:d6:ec:c7:cc:f6:53:2d:5d:22:02:
        b0:44:a1:1c:74:48:20:ee:10:6f:c2:eb:6a:97:fd:19:0b:6d:
        c2:44:c9:87:b5:0e:37:ad:b3:31:25:1a:85:57:2d:1e:c7:af:
        fd:9b:15:1d:83:c6:06:69:11:60:f9:bb:81:64:2b:e0:3a:cd:
        8f:74:31:44:45:a7:c3:a1:20:4e:d0:4f:15:39:29:3c:ce:62:
        eb:68:19:27:e0:89:17:f9:ae:8b:09:bb:db:08:9a:6d:ce:ab:
        7f:0c:86:89:0a:d5:f7:7e:b1:ab:c5:ce:5a:5d:11:31:a2:86:
        25:47:4d:2c:f4:9c:db:6d:47:8b:8c:af:a9:25:e0:3e:59:0a:
        39:2c:7c:d3:7b:ce:76:ee:1e:d5:50:c2:2a:c4:71:b8:99:5f:
        de:d1:2c:83:30:92:f1:13:57:97:da:68:cd:2c:97:e1:d9:66:
        20:52:7f:95:4e:e1:d2:e9:21:94:70:d4:10:5b:5f:f9:85:b6:
        4a:ff:f1:03:b5:1a:a9:6d:f0:6f:48:43:68:69:aa:ed:8f:35:
        64:ea:2f:73

47.243.177.196

Last Seen: 2024-11-02

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-119375469 | 2024-10-26T22:09:16.453102
80 / tcp

Microsoft IIS httpd7.5

-773646130 | 2024-10-22T23:23:21.791731
135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-10-24T23:38:14.962993
139 / tcp

632952719 | 2024-11-02T07:20:52.502130
1433 / tcp

MS-SQL Server 2005 RTM9.0.1399.0

-414487898 | 2024-11-02T08:19:34.512305
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

47.243.177.196

Last Seen: 2024-11-02

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

-119375469 | 2024-10-26T22:09:16.453102 80 / tcp

Microsoft IIS httpd7.5

-773646130 | 2024-10-22T23:23:21.791731 135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-10-24T23:38:14.962993 139 / tcp

632952719 | 2024-11-02T07:20:52.502130 1433 / tcp

MS-SQL Server 2005 RTM9.0.1399.0

-414487898 | 2024-11-02T08:19:34.512305 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

Vulnerabilities

-119375469 | 2024-10-26T22:09:16.453102
80 / tcp

-773646130 | 2024-10-22T23:23:21.791731
135 / tcp

-757264002 | 2024-10-24T23:38:14.962993
139 / tcp

632952719 | 2024-11-02T07:20:52.502130
1433 / tcp

-414487898 | 2024-11-02T08:19:34.512305
3389 / tcp