GeneralInformation

Country	Netherlands
City	Lelystad
Organization	Ekabi LLC
ISP	EKABI
ASN	AS401115
Operating System	Ubuntu

Vulnerabilities

OpenPorts

22 445 1911 3389 5985

-1834286521 | 2025-01-10T00:50:17.340235

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDGP2FTt7etyfQSXdS85odcqGrd0JibTe2/MsQrRFBgMzCe
qM/u8+d6Nj3LYQUPPOGl0kdswumTpVxTkJFIDS9E71m+jX4jniI+/JXoWTLHW6YDDnmMXI/o0xmP
PjfUMlmn6vkqsghSjjj/woOpXIMYrW+6FbgvrtPf0k+ADKe8c7DQKpH3/cMSkFM0eZE5c7DjnFV2
mXSqt4Wz0HRdnYeAun77ylM5HoYSZJAmqC+zCJH8N4yKsL3NwIDC73J86aDAMc4vc5l6kimWVlt5
L5mzh9i6qIEazpHNJaLVM/qAp5/EbWmQrjU0sUQdm3OePrhATW/Cgx0jv8huM3Fv8ex9114vXRg2
FUVsglNcck0XLGybsd0uQOscJb45SKwlzVDXmKgeqRFNIh34P1yXMqDDFq5FSMp+9vETVObxYCzn
06UcSBOffpgahlIPklgHLhFd1Wc6V1Zf+Nhch40BOQ78CoT7//60N6jNb1wR5IlyhyDGC2esg4MB
lcSsXSo7cAM=
Fingerprint: 01:f0:3e:fe:9d:c0:77:69:48:17:97:93:ed:29:37:6d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1166656618 | 2024-12-19T23:09:34.383672

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

CVE-2020-0796

1827161833 | 2024-12-22T02:27:59.199830

1911 / tcp

HTTP/1.1 400 Bad Request\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Sun, 22 Dec 2024 02:27:59 GMT\r\nConnection: close\r\nContent-Length: 311\r\n\r\n<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>\r\n<BODY><h2>Bad Request</h2>\r\n<hr><p>HTTP Error 400. The request is badly formed.</p>\r\n</BODY></HTML>\r\n

-886954992 | 2024-12-21T21:42:10.709201

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-4NHED479K4N
  NetBIOS Domain Name: WIN-4NHED479K4N
  NetBIOS Computer Name: WIN-4NHED479K4N
  DNS Domain Name: WIN-4NHED479K4N
  FQDN: WIN-4NHED479K4N

-Administrator
Administrator
DefaultAccount

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e4:a8:59:9a:1d:23:85:46:88:c5:8f:ab:a2:3e:c4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-4NHED479K4N
        Validity
            Not Before: Nov 25 19:04:43 2024 GMT
            Not After : May 27 19:04:43 2025 GMT
        Subject: CN=WIN-4NHED479K4N
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ba:8e:d1:24:0b:63:dd:47:0b:83:d9:80:fb:4c:
                    b8:7e:e4:12:e5:4e:96:a7:01:2d:b1:fa:f5:2e:f6:
                    bd:30:be:5e:dd:7f:92:f4:0a:99:9e:da:b7:f9:99:
                    ce:bf:07:81:13:9f:c1:ef:de:f3:e4:45:4d:9c:93:
                    3d:66:7b:65:5b:0c:58:95:1d:2e:c0:27:90:7e:d2:
                    0f:66:01:a2:f9:0e:f0:75:d9:fa:92:f0:56:4e:6b:
                    fc:28:e1:0b:26:09:9e:a0:48:86:9d:69:34:7f:16:
                    c9:2f:ad:24:00:f8:0a:96:66:47:50:e3:0b:2a:ad:
                    17:34:ca:b1:4c:50:64:da:6b:ef:67:de:50:7d:af:
                    7d:d3:02:d8:ed:50:f8:a2:c6:be:59:54:ba:6e:ce:
                    4d:21:e1:a6:07:81:0c:a7:47:c1:a6:57:38:a8:70:
                    9c:ef:6e:28:42:bd:ee:eb:fc:8f:b9:ca:a6:5b:8c:
                    88:50:4f:36:80:ff:a3:e5:31:dc:b1:84:a1:af:9a:
                    f4:ae:9a:06:fd:51:cb:53:c2:74:d8:d0:24:dd:ef:
                    18:7e:0d:89:1b:d7:35:49:2a:fb:8a:1e:c3:d4:ae:
                    6b:6e:25:31:1b:5b:67:3a:e2:9e:4f:78:92:20:5a:
                    65:73:d6:c6:19:92:08:3a:f3:70:7c:31:04:dc:32:
                    7a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7d:08:5b:a1:f5:b8:ba:b9:6a:c4:9c:5f:5e:cb:68:4b:01:1b:
        1b:c6:47:e1:a0:d2:51:fc:ed:8c:be:bc:27:c2:39:e0:ab:bf:
        b0:66:18:e4:85:b2:ec:3c:84:f8:f3:41:bd:d2:30:d0:a0:7d:
        a8:33:dd:1a:d1:5d:a8:66:65:0c:99:a1:cc:3a:7d:bf:89:13:
        eb:d8:d0:fa:d4:3c:3d:d9:ea:39:d0:ea:a6:b4:68:43:2c:71:
        c9:24:cb:ee:b0:d8:d4:0a:84:ce:88:eb:d4:a5:bc:39:e0:e8:
        23:33:58:92:74:be:b9:9d:a8:89:50:d9:e6:db:5b:9d:eb:88:
        a0:fc:ae:69:0e:b9:de:2e:a1:4c:a0:3f:a0:90:06:c5:3a:9a:
        e3:2b:df:3a:f9:d1:14:70:ae:fd:5b:07:e1:f6:03:07:85:78:
        14:c7:b4:f1:12:6e:cb:83:c4:4e:21:4f:ca:13:61:c6:72:a8:
        9d:68:c5:30:3d:82:b4:83:05:55:1b:9a:58:5d:96:9d:d2:1e:
        70:c7:3a:fe:b5:e9:fc:b3:3b:5a:bf:2c:f5:3d:94:2a:9e:6c:
        5c:45:81:68:d4:ce:62:e6:35:8a:d7:50:5b:85:e5:a9:0a:fa:
        88:b3:88:a3:8b:10:86:2e:fd:4b:84:a9:5e:87:c0:55:ea:aa:
        22:92:4e:bf

1489525118 | 2024-12-22T11:57:14.087471

5985 / tcp

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 22 Dec 2024 11:57:13 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-4NHED479K4N
  NetBIOS Domain Name: WIN-4NHED479K4N
  NetBIOS Computer Name: WIN-4NHED479K4N
  DNS Domain Name: WIN-4NHED479K4N
  FQDN: WIN-4NHED479K4N

87.120.113.179

Last Seen: 2025-01-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1834286521 | 2025-01-10T00:50:17.340235
22 / tcp

OpenSSH7.6p1 Ubuntu 4

-1166656618 | 2024-12-19T23:09:34.383672
445 / tcp

1827161833 | 2024-12-22T02:27:59.199830
1911 / tcp

-886954992 | 2024-12-21T21:42:10.709201
3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-12-22T11:57:14.087471
5985 / tcp

WinRM

Products

Pricing

Contact Us

87.120.113.179

Last Seen: 2025-01-10

Tags:

GeneralInformation

Vulnerabilities All ports Port 445 Latest CVSS

OpenPorts

-1834286521 | 2025-01-10T00:50:17.340235 22 / tcp

OpenSSH7.6p1 Ubuntu 4

-1166656618 | 2024-12-19T23:09:34.383672 445 / tcp

1827161833 | 2024-12-22T02:27:59.199830 1911 / tcp

-886954992 | 2024-12-21T21:42:10.709201 3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-12-22T11:57:14.087471 5985 / tcp

WinRM

Products

Pricing

Contact Us

Vulnerabilities

-1834286521 | 2025-01-10T00:50:17.340235
22 / tcp

-1166656618 | 2024-12-19T23:09:34.383672
445 / tcp

1827161833 | 2024-12-22T02:27:59.199830
1911 / tcp

-886954992 | 2024-12-21T21:42:10.709201
3389 / tcp

1489525118 | 2024-12-22T11:57:14.087471
5985 / tcp