175.143.49.85
{
"scan_id": 1766788453,
"ip": "175.143.49.85",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "175.143.49.0/24",
"postal_code": "40400",
"coordinates": {
"latitude": "3.0497",
"longitude": "101.56"
},
"geo_point": "3.0497, 101.56",
"locale_code": "en",
"continent": "Asia",
"country_code": "MY",
"country_name": "Malaysia",
"city": "Shah Alam"
},
"location_updated_at": "2025-12-26T16:42:00Z",
"asn": {
"number": "AS4788",
"organization": "TM TECHNOLOGY SERVICES SDN. BHD.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "175.142.0.0/15",
"organization": "TM TECHNOLOGY SERVICES SDN BHD",
"descr": "TM TECHNOLOGY SERVICES SDN BHD,\nLevel 49 South Wing, Menara TM,\nJalan Pantai Baharu",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:27:56Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-12-26T16:42:00Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-12-26T17:04:58Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-12-26T16:42:00Z"
}
],
"services": [
{
"port": 21,
"protocol": "tcp",
"name": "ftp",
"version": "",
"product": "Microsoft ftpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:ftp_service",
"part": "a",
"vendor": "microsoft",
"product": "ftp_service",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ftp": {
"banner": "220 Microsoft FTP Service\r\n"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-25T00:39:21.496Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"http": {
"body_murmur": 728202092,
"body_sha256": "7b57c0326c9b3b6cc6808d5e5a658afa81455bf6e89ed9a922cc685db3571e4a",
"content_length": -1,
"favicon": {
"md5_hash": "2c5169a038c1e0ffc9ee9dc1da26a48e",
"murmur_hash": -404383634,
"path": "http://175.143.49.85:80/favicon/apple-touch-icon.png",
"size": 745
},
"headers": {
"connection": [
"keep-alive"
],
"content_security_policy": [
"frame-ancestors 'self'"
],
"content_type": [
"text/html"
],
"date": [
"Fri, 26 Dec 2025 23:47:05 GMT"
],
"etag": [
"w687dQytQnfft8cmj05kNp0G8zNH4bk0"
],
"strict_transport_security": [
"max-age=63072000"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"content_length": -1,
"location": "https://175.143.49.85:4343/",
"status_code": 301,
"status_line": "301 Moved Permanently"
}
],
"status_code": 200,
"title": "FortiGate",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://175.143.49.85/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-26T23:47:06.369Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "10.0",
"product": "Microsoft IIS httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:10.0",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "10\\.0",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 703707298,
"body_sha256": "557b5e9015b4963a130c7039e077b3ec0306d401b6ee13d631721d5d969d2917",
"component": [
"IIS:10.0",
"Windows Server"
],
"content_length": 703,
"headers": {
"accept_ranges": [
"bytes"
],
"content_length": [
"703"
],
"content_type": [
"text/html"
],
"date": [
"Fri, 26 Dec 2025 19:50:31 GMT"
],
"etag": [
"\"1142661f380da1:0\""
],
"last_modified": [
"Thu, 28 Mar 2024 09:36:15 GMT"
],
"server": [
"Microsoft-IIS/10.0"
],
"x_powered_by": [
"ASP.NET"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "IIS Windows Server"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://certificates.godaddy.com/repository/gdig2.crt"
],
"ocsp_urls": [
"http://ocsp.godaddy.com/"
]
},
"authority_key_id": "40c2bd278ecc348330a233d7fb6cb3f0b42c80ce",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"http://certificates.godaddy.com/repository/"
],
"id": "2.16.840.1.114413.1.7.23.1"
},
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://crl.godaddy.com/gdig2s1-35851.crl"
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"*.wwtradz.com",
"wwtradz.com"
]
},
"subject_key_id": "0e935c872223bd71378f88e698d23b4ee699df51"
},
"fingerprint_md5": "F3BF7B2837979EECA2CF1B981F0326DD",
"fingerprint_sha1": "6C4E94BBE283F82CE281AD0ECE73E1BFE1261FAD",
"fingerprint_sha256": "5AA74E13A97524CC7B0B1B22895707B8E1CFF01EA485AF32BDACBF35E811F527",
"issuer": {
"common_name": [
"Go Daddy Secure Certificate Authority - G2"
],
"country": [
"US"
],
"locality": [
"Scottsdale"
],
"organization": [
"GoDaddy.com, Inc."
],
"organizational_unit": [
"http://certs.godaddy.com/repository/"
],
"province": [
"Arizona"
]
},
"jarm": "2ad2ad16d00000022c00000000042de165b5cbbfb8c1f0c4e1552cac4aa4a9",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2026-01-02T08:34:30",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"next_update": "2025-12-30T13:33:18",
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "9180919957578991949",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "0e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e21",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100f46f418d538f194bb7dcd43d1238f40f139f111b393480cb73979bedeb2c31330221009dbb85890cfb32b9441ffa9168d36d3456bf9c21989486945c50a2ea87806725"
},
"timestamp": "2024-12-25T09:52:27.623000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "6411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf0",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "30450220479c7572849cb4acaf326de0db89ded3ce8fb45da3db3223916e2dc8e42f0650022100bc9dc642958dc0a4a753fd72eefdab49644045a9ce06097b5da214163ca59d2b"
},
"timestamp": "2024-12-25T09:52:27.832000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e7",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3046022100b4a9c31f9694473cdfa3bfe6ef2fb9075ecac328e436136eb6155faea0d3bab4022100e082459c662a5076fae7cfd85e8cee2e79b56a0f49a872b0db07b5c32fd02d7b"
},
"timestamp": "2024-12-25T09:52:27.966000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"*.wwtradz.com"
]
},
"subject_alt_name": {
"dns_names": [
"*.wwtradz.com",
"wwtradz.com"
],
"extended_dns_names": [
{
"domain": "wwtradz",
"fld": "wwtradz.com",
"subdomain": "*",
"tld": "com"
},
{
"domain": "wwtradz",
"fld": "wwtradz.com",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "6d4f6ad704887f2b5f11384e0b3f8a8ed1d8ae7304b1d729afaadec084827697",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "ec81ec3dc51e79a68664752d3b32c6ab36ae4a0d49b354b5bfffc0eb2b3112a7",
"tbs_noct_fingerprint": "301f7ad044160edbbdb0f32768ea69c95fa8288e01d54cbdc5e85329a0d2917c",
"validation_level": "DV",
"validity": {
"length_seconds": 32650186,
"not_after": "2026-01-07T07:22:00",
"not_before": "2024-12-25T09:52:14"
},
"version": 2
},
"fingerprint_sha256": "5AA74E13A97524CC7B0B1B22895707B8E1CFF01EA485AF32BDACBF35E811F527",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://175.143.49.85/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-27T00:27:17.805Z"
},
{
"port": 5000,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 715787118,
"body_sha256": "ce4d044b799fbe955a2a3e57ff88b95be0787a88905f8ed55e318b9a78d23387",
"component": [
"Nginx",
"Synology DiskStation"
],
"content_length": -1,
"favicon": {
"md5_hash": "23efb8115e3a0900b2bfe5251f32b747",
"murmur_hash": -1077960599,
"path": "http://175.143.49.85:5000/webman/resources/images/icon_dsm_96.png?v=4398",
"size": 2123
},
"headers": {
"cache_control": [
"no-store"
],
"connection": [
"keep-alive"
],
"content_security_policy": [
"base-uri 'self'; connect-src ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about:; report-uri webman/csp_report.cgi; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com;"
],
"content_type": [
"text/html; charset=\"UTF-8\""
],
"date": [
"Thu, 25 Dec 2025 05:15:25 GMT"
],
"p3p": [
"CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
],
"server": [
"nginx"
],
"unknown": [
{
"key": "keep_alive",
"value": [
"timeout=20"
]
}
],
"vary": [
"Accept-Encoding"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Ashita-nas - Synology DiskStation",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://175.143.49.85:5000/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-25T05:15:26.308Z"
},
{
"port": 5432,
"protocol": "tcp",
"name": "postgresql",
"version": "10.2 - 10.7",
"product": "PostgreSQL DB",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:postgresql:postgresql:10",
"part": "a",
"vendor": "postgresql",
"product": "postgresql",
"version": "10",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"postgres": {
"errors": [
{
"code": "0A000",
"file": "postmaster.c",
"line": "2064",
"message": "unsupported frontend protocol 255.255: server supports 2.0 to 3.0",
"routine": "ProcessStartupPacket",
"severity": "FATAL"
},
{
"code": "",
"file": "ATAL: unsupported frontend protocol 0.0: server supports 2.0 to 3.0\n",
"line": "",
"message": "",
"routine": "",
"severity": ""
},
{
"code": "",
"file": "ATAL: unsupported frontend protocol 0.0: server supports 2.0 to 3.0\n",
"line": "",
"message": "",
"routine": "",
"severity": ""
}
],
"is_ssl": false,
"supported_versions": "FATAL: unsupported frontend protocol 0.0: server supports 2.0 to 3.0"
}
},
"cve": [
{
"id": "CVE-2017-12172",
"severity": "medium"
},
{
"id": "CVE-2017-15098",
"severity": "high"
},
{
"id": "CVE-2019-9193",
"severity": "high"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-12-27T12:54:50.145Z"
}
],
"services_hash": "f4940c4b3878eda81ed791276866b670487658833de29736a48f21327ca1df3e",
"last_updated_at": "2025-12-27T12:54:50.145Z",
"banner": [
"postgres",
"ftp",
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-2017-12172": {
"id": "CVE-2017-12172",
"references": [
"http://www.securityfocus.com/bid/101949",
"http://www.securitytracker.com/id/1039752",
"https://access.redhat.com/errata/RHSA-2017:3402",
"https://access.redhat.com/errata/RHSA-2017:3403",
"https://access.redhat.com/errata/RHSA-2017:3404",
"https://access.redhat.com/errata/RHSA-2017:3405",
"https://www.postgresql.org/about/news/1801/",
"https://www.postgresql.org/support/security/"
],
"score": 6.7,
"services": [
"5432/postgresql"
],
"severity": "medium",
"summary": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-59"
},
"CVE-2017-15098": {
"id": "CVE-2017-15098",
"references": [
"http://www.securityfocus.com/bid/101781",
"http://www.securitytracker.com/id/1039752",
"https://access.redhat.com/errata/RHSA-2018:2511",
"https://access.redhat.com/errata/RHSA-2018:2566",
"https://www.debian.org/security/2017/dsa-4027",
"https://www.debian.org/security/2017/dsa-4028",
"https://www.postgresql.org/about/news/1801/",
"https://www.postgresql.org/support/security/"
],
"score": 8.1,
"services": [
"5432/postgresql"
],
"severity": "high",
"summary": "Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-200"
},
"CVE-2019-9193": {
"id": "CVE-2019-9193",
"references": [
"http://packetstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.html",
"http://packetstormsecurity.com/files/166540/PostgreSQL-11.7-Remote-Code-Execution.html",
"http://packetstormsecurity.com/files/171722/PostgreSQL-9.6.1-Remote-Code-Execution.html",
"https://blog.hagander.net/when-a-vulnerability-is-not-a-vulnerability-244/",
"https://medium.com/greenwolf-security/authenticated-arbitrary-command-execution-on-postgresql-9-3-latest-cd18945914d5",
"https://paquier.xyz/postgresql-2/postgres-9-3-feature-highlight-copy-tofrom-program/",
"https://security.netapp.com/advisory/ntap-20190502-0003/",
"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/authenticated-arbitrary-command-execution-on-postgresql-9-3/"
],
"score": 7.2,
"services": [
"5432/postgresql"
],
"severity": "high",
"summary": "In PostgreSQL 9.3 through 11.2, the \"COPY TO/FROM PROGRAM\" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-78"
},
"CVE-2021-3393": {
"id": "CVE-2021-3393",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=1924005",
"https://security.gentoo.org/glsa/202105-32",
"https://security.netapp.com/advisory/ntap-20210507-0006/"
],
"score": 4.3,
"services": [
"5432/postgresql"
],
"severity": "medium",
"summary": "An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-209"
}
}
}