175.124.227.205
{
"scan_id": 1765408089,
"ip": "175.124.227.205",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "175.124.224.0/22",
"postal_code": "315",
"coordinates": {
"latitude": "36.7836",
"longitude": "127.0042"
},
"geo_point": "36.7836, 127.0042",
"locale_code": "en",
"continent": "Asia",
"country_code": "KR",
"country_name": "South Korea",
"city": "Asan"
},
"location_updated_at": "2025-12-10T16:43:32Z",
"asn": {
"number": "AS9318",
"organization": "SK Broadband Co Ltd",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "175.112.0.0/12",
"organization": "SK Broadband Co Ltd",
"descr": "SK Broadband Co Ltd",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T19:03:46Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-12-10T16:43:32Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-12-10T21:54:46Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-12-10T16:43:32Z"
}
],
"hostnames": [
{
"name": "mail.ukdoi.com",
"last_updated_at": "2025-12-10T21:54:46Z"
}
],
"services": [
{
"port": 25,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"smtp": {
"banner": "220 ESMTP AntiSpam Service Enterprise Edition\r\n"
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "61d33d306a2d901607947fb82d66a34ab34a8481",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "61d33d306a2d901607947fb82d66a34ab34a8481"
},
"fingerprint_md5": "D17D72542E43642A5790183EFA41E022",
"fingerprint_sha1": "DAB60333A7A2735FD28AA166B8381D5D8BB74A2E",
"fingerprint_sha256": "F452001BE4C13C0025328A18E9057B33BAFF69944EBBED43F2E7910E868C8867",
"issuer": {
"common_name": [
"Unknown"
],
"country": [
"KR"
],
"locality": [
"Seoul"
],
"organizational_unit": [
"AntiSpam Lab"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "335308523624563223498041536809369926066379929730",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true
},
"subject": {
"common_name": [
"Unknown"
],
"country": [
"KR"
],
"locality": [
"Seoul"
],
"organizational_unit": [
"AntiSpam Lab"
]
},
"subject_alt_name": {
"dns_names": [
"Unknown"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "f3162d988ee5dac702809565beeea409fa091fb79c8063148777bfd22ead951a",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "b20681c0b2868195d15aceca66d62380ed17bf7743ecd854d54539ea6b83461a",
"validation_level": "OV",
"validity": {
"length_seconds": 315360000,
"not_after": "2030-09-08T03:05:49",
"not_before": "2020-09-10T03:05:49"
},
"version": 2
},
"fingerprint_sha256": "F452001BE4C13C0025328A18E9057B33BAFF69944EBBED43F2E7910E868C8867",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-13T10:51:46.76Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "8.5",
"product": "Microsoft IIS httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:8.5",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "8\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1138219898,
"body_sha256": "2c3adc6b6fb69d3a4e7b75b64e913dc96d21dbaf436bf69e773589b6a6952c47",
"component": [
"IIS:8.5",
"Windows Server"
],
"content_length": -1,
"headers": {
"accept_ranges": [
"bytes"
],
"content_type": [
"text/html"
],
"date": [
"Sat, 06 Dec 2025 21:34:05 GMT"
],
"etag": [
"\"1d2d3938e73bd21:0\""
],
"last_modified": [
"Fri, 11 Nov 2016 06:45:41 GMT"
],
"server": [
"Microsoft-IIS/8.5"
],
"vary": [
"Accept-Encoding"
],
"x_powered_by": [
"ASP.NET"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "IIS Windows Server"
}
},
"cve": [
{
"id": "CVE-2014-4078",
"severity": "medium"
}
],
"url": "http://175.124.227.205/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-06T21:35:47.712Z"
},
{
"port": 110,
"protocol": "tcp",
"name": "pop3",
"version": "",
"product": "MailEnable POP3 Server",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mailenable:mailenable",
"part": "a",
"vendor": "mailenable",
"product": "mailenable",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"pop3": {
"banner": "+OK Welcome to MailEnable POP3 Server\r\n"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-14T04:00:35.709Z"
},
{
"port": 143,
"protocol": "tcp",
"name": "imap",
"version": "",
"product": "MailEnable imapd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mailenable:mailenable",
"part": "a",
"vendor": "mailenable",
"product": "mailenable",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"imap": {
"banner": "* OK IMAP4rev1 server ready at 12/12/25 19:02:02\r\n"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-12T10:03:50.394Z"
},
{
"port": 587,
"protocol": "tcp",
"name": "smtp",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"smtp": {
"banner": "220 ESMTP AntiSpam Service Enterprise Edition\r\n"
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "61d33d306a2d901607947fb82d66a34ab34a8481",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "61d33d306a2d901607947fb82d66a34ab34a8481"
},
"fingerprint_md5": "D17D72542E43642A5790183EFA41E022",
"fingerprint_sha1": "DAB60333A7A2735FD28AA166B8381D5D8BB74A2E",
"fingerprint_sha256": "F452001BE4C13C0025328A18E9057B33BAFF69944EBBED43F2E7910E868C8867",
"issuer": {
"common_name": [
"Unknown"
],
"country": [
"KR"
],
"locality": [
"Seoul"
],
"organizational_unit": [
"AntiSpam Lab"
]
},
"jarm": "00000000000000000000000000000000000000000000000000000000000000",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "335308523624563223498041536809369926066379929730",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true
},
"subject": {
"common_name": [
"Unknown"
],
"country": [
"KR"
],
"locality": [
"Seoul"
],
"organizational_unit": [
"AntiSpam Lab"
]
},
"subject_alt_name": {
"dns_names": [
"Unknown"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "f3162d988ee5dac702809565beeea409fa091fb79c8063148777bfd22ead951a",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "b20681c0b2868195d15aceca66d62380ed17bf7743ecd854d54539ea6b83461a",
"validation_level": "OV",
"validity": {
"length_seconds": 315360000,
"not_after": "2030-09-08T03:05:49",
"not_before": "2020-09-10T03:05:49"
},
"version": 2
},
"fingerprint_sha256": "F452001BE4C13C0025328A18E9057B33BAFF69944EBBED43F2E7910E868C8867",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-09T17:03:47.67Z"
},
{
"port": 8080,
"protocol": "tcp",
"name": "http",
"version": "5.0",
"product": "MailEnable httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mailenable:mailenable:5.0",
"part": "a",
"vendor": "mailenable",
"product": "mailenable",
"version": "5\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 629226539,
"body_sha256": "80a7ce6a931ee152516c7d265829477ab0d25bda39eb11c2273e1ed4d9e39344",
"content_length": 3952,
"headers": {
"cache_control": [
"no-cache"
],
"content_encoding": [
"identity"
],
"content_length": [
"3952"
],
"date": [
"Wed, 26 Nov 2025 21:26:44 GMT"
],
"pragma": [
"no-cache"
],
"server": [
"MailEnable-HTTP/5.0"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "MailEnable Mail Services"
}
},
"cve": [
{
"id": "CVE-2015-9277",
"severity": "critical"
},
{
"id": "CVE-2015-9278",
"severity": "critical"
},
{
"id": "CVE-2015-9279",
"severity": "medium"
}
],
"url": "http://175.124.227.205:8080/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-11-26T21:29:16.42Z"
}
],
"services_hash": "44a0ade7236eacba2bbd714d7672928d2517ac2c485027b8cdc6fc3c042a6581",
"last_updated_at": "2025-12-14T04:00:35.709Z",
"banner": [
"smtp",
"tls",
"pop3",
"imap",
"http"
],
"is_vuln": true,
"cveDetails": {
"CVE-2014-4078": {
"id": "CVE-2014-4078",
"references": [
"http://www.securityfocus.com/bid/70937",
"http://www.securitytracker.com/id/1031194",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-076"
],
"score": 5.1,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the \"IP Address and Domain Restrictions\" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka \"IIS Security Feature Bypass Vulnerability.\"",
"vector_string": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"weakness": "CWE-264"
},
"CVE-2015-9277": {
"id": "CVE-2015-9277",
"references": [
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
],
"score": 9.1,
"services": [
"8080/http"
],
"severity": "critical",
"summary": "MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting files because \"/../\" and \"/.. /\" are mishandled.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"weakness": "CWE-22"
},
"CVE-2015-9278": {
"id": "CVE-2015-9278",
"references": [
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
],
"score": 9.8,
"services": [
"8080/http"
],
"severity": "critical",
"summary": "MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-255"
},
"CVE-2015-9279": {
"id": "CVE-2015-9279",
"references": [
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
"https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
"https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
"https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
],
"score": 6.1,
"services": [
"8080/http"
],
"severity": "medium",
"summary": "MailEnable before 8.60 allows Stored XSS via malformed use of \"<img/src\" with no \">\" character in the body of an e-mail message.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
}
}
}