GeneralInformation

Country	Turkey
City	Denizli
Organization	Netinternet Bilisim Teknolojileri AS
ISP	Netinternet Bilisim Teknolojileri AS
ASN	AS51559
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2014(1)

CVE-2014-4078

5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 25 53 80 110 135 143 445 587 1434 3306 5985 8880 47001 50075

25 / tcp

1896013994 | 2025-03-06T12:03:52.273282

220 WIN-EHSLNMGEUND.home ESMTP MailEnable Service, Version: 10.12-- ready at 03/06/25 15:03:43
250-home [224.159.170.65], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 40960000
250-HELP
250 AUTH=LOGIN

80 / tcp

0 | 2025-03-13T15:34:25.805600

Hashes

hash

-1673212791

http.dom_hash

http.favicon.hash

-134375033

http.html_hash

http.robots_hash

-1943943278

http.server_hash

-945770239

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDQABBTQDD=IMGFAEHBBBEAJOEGPNGNHAEF; path=/
X-Powered-By: ASP.NET
Date: Thu, 13 Mar 2025 15:34:18 GMT

Vulnerabilities

110 / tcp

-471102630 | 2025-02-26T03:55:25.387461

+OK Welcome to MailEnable POP3 Server
+OK Capability list follows
TOP
USER
UIDL
.

135 / tcp

1071567545 | 2025-02-21T07:29:53.591204

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 95.173.180.131:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0B1860

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0B1860
  ncalrpc: WMsgKRpc0BB911
  ncalrpc: WMsgKRpc05D9392

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-a26ba469e7361672e5
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-c37863cc742ab6d249
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-a26ba469e7361672e5
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-c37863cc742ab6d249
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-c37863cc742ab6d249
  ncalrpc: actkernel
  ncalrpc: umpo
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-b44382c2469b1640c1
  ncacn_ip_tcp: 95.173.180.131:49153
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-b44382c2469b1640c1
  ncacn_ip_tcp: 95.173.180.131:49153
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-b44382c2469b1640c1
  ncacn_ip_tcp: 95.173.180.131:49153
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-b44382c2469b1640c1
  ncacn_ip_tcp: 95.173.180.131:49153
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 95.173.180.131:49153
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\eventlog
  ncalrpc: eventlog

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: DeviceSetupManager
  ncalrpc: LRPC-0374516a4c2c4ede11
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: DeviceSetupManager
  ncalrpc: LRPC-0374516a4c2c4ede11
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: DeviceSetupManager
  ncalrpc: LRPC-0374516a4c2c4ede11
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: DeviceSetupManager
  ncalrpc: LRPC-0374516a4c2c4ede11
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-0374516a4c2c4ede11
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 95.173.180.131:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLEFBD62EE636C1906BAA4E445476CA
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-8ecc10db91fe9f8f69

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: LRPC-0a63128086c2350878
  ncalrpc: OLEF650BFCA36B603EE94BA33D4BC3C

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-0a63128086c2350878
  ncalrpc: OLEF650BFCA36B603EE94BA33D4BC3C

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-fff6c09c494b7a701f

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-ad01e25ffa2a03c9ee
  ncalrpc: LRPC-11029858d8c53834db

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-ad01e25ffa2a03c9ee
  ncalrpc: LRPC-11029858d8c53834db

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-ad01e25ffa2a03c9ee
  ncalrpc: LRPC-11029858d8c53834db

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-11029858d8c53834db

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\WIN-EHSLNMGEUND\PIPE\wkssvc
  ncalrpc: LRPC-c8bd0c379284dbcdbd
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-c8bd0c379284dbcdbd
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-c8bd0c379284dbcdbd
  ncalrpc: DNSResolver

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.173.180.131:49155
  ncalrpc: LRPC-55e3777cdd0f977160

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.173.180.131:49155
  ncalrpc: LRPC-55e3777cdd0f977160

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.173.180.131:49155
  ncalrpc: LRPC-55e3777cdd0f977160

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.173.180.131:49155
  ncalrpc: LRPC-55e3777cdd0f977160

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.173.180.131:49155
  ncalrpc: LRPC-55e3777cdd0f977160

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 95.173.180.131:49157
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 95.173.180.131:49157
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\lsass

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 95.173.180.131:49163

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 95.173.180.131:49164

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-bd221f87551a537552
  ncalrpc: LRPC-bd221f87551a537552
  ncalrpc: LRPC-bd221f87551a537552

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc05D9392

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-0bce2084f7b3734df0

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  annotation: Network Connection Broker server endpoint
  ncalrpc: OLE968E2210219676296DCC2BE27DAA
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\trkwks

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: OLE968E2210219676296DCC2BE27DAA
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\trkwks

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  annotation: Network Connection Broker server endpoint for NCB Reset module
  ncalrpc: OLE968E2210219676296DCC2BE27DAA
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: trkwks
  ncacn_np: \\WIN-EHSLNMGEUND\pipe\trkwks

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 95.173.180.131:49342

143 / tcp

1896172771 | 2025-03-11T02:42:32.434874

* OK IMAP4rev1 server ready at 03/11/25 05:42:29
* CAPABILITY IMAP4rev1 IMAP4 AUTH=LOGIN AUTH=CRAM-MD5 IDLE CHILDREN UIDPLUS
A001 OK CAPABILITY completed
A002 BAD UNKNOWN Command
A003 BAD UNKNOWN Command
* BYE IMAP4rev1 server terminating connection
A004 OK LOGOUT Initiated

445 / tcp

1688663994 | 2025-02-28T05:30:03.283902

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Standard 9600
  Software: Windows Server 2012 R2 Standard 6.3
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

587 / tcp

60952544 | 2025-03-15T15:59:14.492044

220 WIN-EHSLNMGEUND.home ESMTP MailEnable Service, Version: 10.12-- ready at 03/15/25 18:59:01
250-home [224.229.166.73], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 40960000
250-HELP
250 AUTH=LOGIN

1434 / udp

1909021401 | 2025-03-11T16:27:19.170639

SQL Server Browser Service:
  Instance #1:
    Server Name: WIN-EHSLNMGEUND
    Instance Name: MSSQLSERVER2012
    Is Clustered: False
    Version: 11.0.6020.0
    TCP Port: 50075
    Named Pipe: \\WIN-EHSLNMGEUND\pipe\MSSQL$MSSQLSERVER2012\sql\query
    Version Name: MS-SQL Server 2012 SP3RTW/PCU3

3306 / tcp

-1969743411 | 2025-03-14T03:50:16.379020

MySQL:
  Error Message: Host '224.116.91.98' is not allowed to connect to this MySQL server
  Error Code: 1130

5985 / tcp

1489525118 | 2025-03-12T19:34:57.398181

Hashes

hash

675252911

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 12 Mar 2025 19:34:51 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-EHSLNMGEUND
  NetBIOS Domain Name: WIN-EHSLNMGEUND
  NetBIOS Computer Name: WIN-EHSLNMGEUND
  DNS Domain Name: WIN-EHSLNMGEUND
  FQDN: WIN-EHSLNMGEUND

8880 / tcp

473724320 | 2025-03-16T08:57:13.577242

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sun, 16 Mar 2025 08:57:12 GMT
Server: Microsoft-IIS/8.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Sun, 16 Mar 2025 08:57:12 GMT

5a8

        <html><head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
        <meta name="plesk-build" content="20190409.21">
        <title>Plesk Onyx 17.8.11</title>
        <script language="javascript" type="text/javascript" src="/javascript/common.js?1554871212"/></script>
        <script language="javascript" type="text/javascript" src="/javascript/externals/prototype.js?1554871212"/></script>
        
        </head><body onLoad=";top.location='/login.php?success_redirect_url=http%3A%2F%2F95.173.180.131%2F';"></body><noscript>You will be redirected to the new address in 15 seconds... If you are not automatically taken to the new location, please enable javascript or click the hyperlink <a href="/login.php?success_redirect_url=http%3A%2F%2F95.173.180.131%2F" target="top">/login.php?success_redirect_url=http%3A%2F%2F95.173.180.131%2F</a>.</noscript></html><!--______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________IE error page size limitation______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________-->
0

Vulnerabilities

47001 / tcp

1489525118 | 2025-03-06T11:44:52.839617

Hashes

hash

34299805

http.dom_hash

1386055181

http.html_hash

1489525118

http.server_hash

-761617706

http.title_hash

1009235027

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 06 Mar 2025 11:44:45 GMT
Connection: close
Content-Length: 315

50075 / tcp

1237496874 | 2025-03-11T16:27:21.218645

MS-SQL NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: WIN-EHSLNMGEUND
  NetBIOS Domain Name: WIN-EHSLNMGEUND
  NetBIOS Computer Name: WIN-EHSLNMGEUND
  DNS Domain Name: WIN-EHSLNMGEUND
  FQDN: WIN-EHSLNMGEUND

95.173.180.131

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

25 / tcp

1896013994 | 2025-03-06T12:03:52.273282

MailEnable smptd10.12--

80 / tcp

0 | 2025-03-13T15:34:25.805600

Hashes

Microsoft IIS httpd8.5

110 / tcp

-471102630 | 2025-02-26T03:55:25.387461

MailEnable POP3 Server

135 / tcp

1071567545 | 2025-02-21T07:29:53.591204

Microsoft RPC Endpoint Mapper

143 / tcp

1896172771 | 2025-03-11T02:42:32.434874

445 / tcp

1688663994 | 2025-02-28T05:30:03.283902

587 / tcp

60952544 | 2025-03-15T15:59:14.492044

MailEnable smptd10.12--

1434 / udp

1909021401 | 2025-03-11T16:27:19.170639

SQL Server Browser Service

3306 / tcp

-1969743411 | 2025-03-14T03:50:16.379020

MySQL

5985 / tcp

1489525118 | 2025-03-12T19:34:57.398181

Hashes

WinRM

8880 / tcp

473724320 | 2025-03-16T08:57:13.577242

Microsoft IIS httpd8.5

47001 / tcp

1489525118 | 2025-03-06T11:44:52.839617

Hashes

50075 / tcp

1237496874 | 2025-03-11T16:27:21.218645

MS-SQL Server 2012 SP3RTW/PCU311.0.6020.0

Products

Pricing

Contact Us

95.173.180.131

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 8880 Latest CVSS

OpenPorts

25 / tcp 1896013994 | 2025-03-06T12:03:52.273282

80 / tcp 0 | 2025-03-13T15:34:25.805600

Hashes

110 / tcp -471102630 | 2025-02-26T03:55:25.387461

135 / tcp 1071567545 | 2025-02-21T07:29:53.591204

143 / tcp 1896172771 | 2025-03-11T02:42:32.434874

445 / tcp 1688663994 | 2025-02-28T05:30:03.283902

587 / tcp 60952544 | 2025-03-15T15:59:14.492044

1434 / udp 1909021401 | 2025-03-11T16:27:19.170639

3306 / tcp -1969743411 | 2025-03-14T03:50:16.379020

5985 / tcp 1489525118 | 2025-03-12T19:34:57.398181

Hashes

8880 / tcp 473724320 | 2025-03-16T08:57:13.577242

47001 / tcp 1489525118 | 2025-03-06T11:44:52.839617

Hashes

50075 / tcp 1237496874 | 2025-03-11T16:27:21.218645

Products

Pricing

Contact Us

Vulnerabilities

25 / tcp

1896013994 | 2025-03-06T12:03:52.273282

80 / tcp

0 | 2025-03-13T15:34:25.805600

110 / tcp

-471102630 | 2025-02-26T03:55:25.387461

135 / tcp

1071567545 | 2025-02-21T07:29:53.591204

143 / tcp

1896172771 | 2025-03-11T02:42:32.434874

445 / tcp

1688663994 | 2025-02-28T05:30:03.283902

587 / tcp

60952544 | 2025-03-15T15:59:14.492044

1434 / udp

1909021401 | 2025-03-11T16:27:19.170639

3306 / tcp

-1969743411 | 2025-03-14T03:50:16.379020

5985 / tcp

1489525118 | 2025-03-12T19:34:57.398181

8880 / tcp

473724320 | 2025-03-16T08:57:13.577242

47001 / tcp

1489525118 | 2025-03-06T11:44:52.839617

50075 / tcp

1237496874 | 2025-03-11T16:27:21.218645