GeneralInformation

Hostnames	95.173.180.187.datatr.com.tr
Domains	datatr.com.tr
Country	Turkey
City	Denizli
Organization	Netinternet Bilisim Teknolojileri AS
ISP	Netinternet Bilisim Teknolojileri AS
ASN	AS51559
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

21 53 80 135 445 3389 8001 9001

21 / tcp

377997775 | 2025-03-15T20:17:34.507802

220 FileZilla Server 0.9.53 beta written by Tim Kosse (tim.kosse@filezilla-project.org) Please visit http
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

80 / tcp

-119375469 | 2025-03-14T08:18:51.212250

Hashes

hash

1648902966

http.dom_hash

-1389411298

http.html_hash

-119375469

http.server_hash

-1390970405

http.title_hash

-444403470

IIS7

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 30 Sep 2015 21:47:06 GMT
Accept-Ranges: bytes
ETag: "3378da8cc9fbd01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 14 Mar 2025 08:18:59 GMT
Content-Length: 689

Vulnerabilities

135 / tcp

1356332421 | 2025-03-11T08:33:17.989871

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 95.173.180.187:1025
  ncalrpc: WindowsShutdown
  ncacn_np: \\SRV-WEB-01\PIPE\InitShutdown
  ncalrpc: WMsgKRpc099B90

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\SRV-WEB-01\PIPE\InitShutdown
  ncalrpc: WMsgKRpc099B90
  ncalrpc: WMsgKRpc099D21
  ncalrpc: WMsgKRpc05EDBC2

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-5ec083983f351cc116
  ncacn_np: \\SRV-WEB-01\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 95.173.180.187:1026
  ncacn_np: \\SRV-WEB-01\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 95.173.180.187:1026
  ncacn_np: \\SRV-WEB-01\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncacn_ip_tcp: 95.173.180.187:1026
  ncacn_np: \\SRV-WEB-01\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 95.173.180.187:1026
  ncacn_np: \\SRV-WEB-01\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncacn_np: \\SRV-WEB-01\PIPE\srvsvc
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 95.173.180.187:1027
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SRV-WEB-01\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  provider: gpsvc.dll
  ncalrpc: OLE4785A9E1BFA642D5BFD6E31B2CD3
  ncalrpc: IUserProfile2

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\SRV-WEB-01\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-f44a65ae15488ce18e
  ncalrpc: OLEC5EFCD57EB85457DBDBB8B3C309D

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-f44a65ae15488ce18e
  ncalrpc: OLEC5EFCD57EB85457DBDBB8B3C309D

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-55169154ac7326d630

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-55169154ac7326d630

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-55169154ac7326d630

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 95.173.180.187:1028
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\SRV-WEB-01\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-b8ada1a9bbfb6fde84
  ncacn_np: \\SRV-WEB-01\pipe\lsass

24019106-a203-4642-b88d-82dae9158929
  version: v1.0
  provider: authui.dll
  ncalrpc: LRPC-cc1308b72f6e95ae44

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\SRV-WEB-01\PIPE\wkssvc
  ncalrpc: DNSResolver

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  annotation: Spooler function endpoint
  provider: spoolsv.exe
  ncalrpc: spoolss

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  annotation: Spooler base remote object endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  annotation: Spooler function endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 95.173.180.187:1029

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 95.173.180.187:1033

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-4b904c8b35ab5021eb
  ncalrpc: OLE40B4FE8936634A3E9C46D9075622
  ncalrpc: LRPC-b80036c3b9a7e04cd5
  ncalrpc: LRPC-b80036c3b9a7e04cd5
  ncalrpc: LRPC-b80036c3b9a7e04cd5
  ncalrpc: LRPC-b80036c3b9a7e04cd5

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-ab9287a76434b074a1

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc05EDBC2

445 / tcp

1641389631 | 2025-03-14T15:18:11.511770

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2008 R2 Standard 7601 Service Pack 1
  Software: Windows Server 2008 R2 Standard 6.1
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

3389 / tcp

873013633 | 2025-02-28T09:29:07.657684

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: SRV-WEB-01
  NetBIOS Domain Name: SRV-WEB-01
  NetBIOS Computer Name: SRV-WEB-01
  DNS Domain Name: srv-web-01.flexiwa.net
  FQDN: srv-web-01.flexiwa.net

TE WDeployAdmin MEAT a
Logged on
(A
4 Windows Server-2008rz
Standard

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:08:7f:82:dc:98:84:92:46:6b:e5:1a:64:fc:df:d0
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=srv-web-01.flexiwa.net
        Validity
            Not Before: Nov  7 05:06:52 2024 GMT
            Not After : May  9 05:06:52 2025 GMT
        Subject: CN=srv-web-01.flexiwa.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:0a:3c:69:7e:fb:ce:59:cb:72:fb:c6:89:
                    07:4b:33:0e:9e:a3:2d:49:d1:cc:cf:28:b7:fa:04:
                    c5:f9:6f:87:c3:b8:68:08:47:2a:d9:a7:bb:6c:78:
                    9e:3d:41:e7:eb:75:b0:27:cc:12:1a:d5:0f:3d:33:
                    a0:91:99:d8:df:e3:68:05:9a:96:16:97:16:0d:e7:
                    71:85:74:0b:02:bd:bc:8d:00:19:06:ed:12:28:da:
                    53:66:64:97:ab:ad:f8:95:ae:3e:ff:fc:b9:99:3c:
                    e1:81:ee:2c:f0:69:e8:35:dc:9c:e3:0f:13:8a:4c:
                    61:2b:5c:2f:bd:e6:50:dd:e1:62:35:2e:01:d5:0d:
                    7b:a8:0f:bb:95:76:8f:c4:30:af:88:5a:aa:67:3b:
                    1b:91:d9:7f:ff:77:e4:85:58:54:1d:34:fa:d2:ec:
                    49:af:c0:b6:73:e9:56:c1:bb:d8:43:ea:a0:42:c4:
                    37:1a:96:8d:f9:71:f6:57:29:1a:c5:93:59:f5:5d:
                    9a:8e:06:c3:d3:4d:f4:be:79:3d:75:50:2f:ca:99:
                    fc:2a:77:d1:08:88:a0:6b:ae:cd:28:6a:cd:a7:94:
                    a2:a0:e2:de:eb:ba:4a:23:19:2a:fb:0c:54:5a:de:
                    f4:35:b4:c5:c0:20:ac:14:2b:a6:d4:4b:09:56:69:
                    35:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        82:8d:73:08:55:f9:79:1c:67:f2:4c:32:32:73:b4:8c:5a:3f:
        0a:ec:dc:79:ff:17:26:bb:ec:41:cc:9d:8f:74:ab:bf:1d:30:
        4d:2e:a8:f6:7a:65:6a:80:6f:d5:21:55:f6:d9:9b:da:3f:81:
        e2:f9:92:33:1a:af:4f:7f:1f:19:8c:17:bb:ec:d1:01:a4:2f:
        4d:47:62:3d:fe:02:d1:f5:8b:52:41:ce:b8:fd:f3:49:d4:70:
        03:0c:04:7d:59:7a:0d:4a:1b:e0:2b:28:6c:ec:9a:1a:af:ec:
        7f:c1:db:7d:aa:9b:a6:67:cf:31:d1:20:ce:fc:d1:e5:61:61:
        b1:d0:56:77:6a:38:bf:1d:52:ab:ec:b5:c9:1b:9b:ec:af:ab:
        10:ff:ec:56:4f:4c:3c:cf:22:dd:4c:31:c9:09:85:40:ec:19:
        b8:ba:e5:b4:ae:d7:5b:db:1f:49:37:2b:5b:b5:ed:4a:f4:6d:
        4d:57:41:37:59:3c:af:e8:19:98:b4:6a:f2:cc:43:96:4a:10:
        52:1b:b0:f3:e3:bb:65:73:93:5b:ae:b2:17:9e:e5:c0:24:69:
        9d:de:22:90:94:eb:f4:e2:f2:3f:49:05:4c:b1:24:93:7a:58:
        3f:21:11:63:86:4d:20:87:5f:78:82:55:46:08:4d:10:aa:8c:
        ed:90:ae:2b

8001 / tcp

-829856075 | 2025-03-16T16:10:31.523694

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 16 Mar 2025 16:10:43 GMT
Content-Length: 1233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

Vulnerabilities

9001 / tcp

-961452844 | 2025-03-16T08:10:36.107527

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Default.aspx?pid=Login&ReturnUrl=%2f
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 16 Mar 2025 08:10:47 GMT
Content-Length: 158

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Default.aspx?pid=Login&amp;ReturnUrl=%2f">here</a>.</h2>
</body></html>

Vulnerabilities

95.173.180.187

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

377997775 | 2025-03-15T20:17:34.507802

80 / tcp

-119375469 | 2025-03-14T08:18:51.212250

Hashes

Microsoft IIS httpd7.5

135 / tcp

1356332421 | 2025-03-11T08:33:17.989871

Microsoft RPC Endpoint Mapper

445 / tcp

1641389631 | 2025-03-14T15:18:11.511770

3389 / tcp

873013633 | 2025-02-28T09:29:07.657684

Remote Desktop Protocol

8001 / tcp

-829856075 | 2025-03-16T16:10:31.523694

Microsoft IIS httpd7.5

9001 / tcp

-961452844 | 2025-03-16T08:10:36.107527

Microsoft IIS httpd7.5

Products

Pricing

Contact Us

95.173.180.187

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 8001 Port 9001 Latest CVSS

OpenPorts

21 / tcp 377997775 | 2025-03-15T20:17:34.507802

80 / tcp -119375469 | 2025-03-14T08:18:51.212250

Hashes

Microsoft IIS httpd7.5

135 / tcp 1356332421 | 2025-03-11T08:33:17.989871

Microsoft RPC Endpoint Mapper

445 / tcp 1641389631 | 2025-03-14T15:18:11.511770

3389 / tcp 873013633 | 2025-02-28T09:29:07.657684

Remote Desktop Protocol

8001 / tcp -829856075 | 2025-03-16T16:10:31.523694

Microsoft IIS httpd7.5

9001 / tcp -961452844 | 2025-03-16T08:10:36.107527

Microsoft IIS httpd7.5

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

377997775 | 2025-03-15T20:17:34.507802

80 / tcp

-119375469 | 2025-03-14T08:18:51.212250

135 / tcp

1356332421 | 2025-03-11T08:33:17.989871

445 / tcp

1641389631 | 2025-03-14T15:18:11.511770

3389 / tcp

873013633 | 2025-02-28T09:29:07.657684

8001 / tcp

-829856075 | 2025-03-16T16:10:31.523694

9001 / tcp

-961452844 | 2025-03-16T08:10:36.107527