GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui PROVINCE NETWORK
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

1723 3306 7777 8089 8500 9000

267296285 | 2024-05-31T23:36:27.393999

1723 / tcp

PPTP:
  Firmware: 1
  Hostname: yyyahczdx
  Vendor: MikroTik

1253771759 | 2024-05-14T19:24:23.632714

3306 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

please add white ip 224.85.178.246

2022533378 | 2024-05-13T23:34:56.657551

7777 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.12
Mime-Version: 1.0
Date: Mon, 13 May 2024 23:34:56 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3533
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from IPRENT.CN
X-Cache-Lookup: NONE from IPRENT.CN:6666
Via: 1.1 IPRENT.CN (squid/3.5.12)
Connection: close

-1102197224 | 2024-05-06T18:52:36.728965

8089 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.20
Mime-Version: 1.0
Date: Mon, 06 May 2024 18:51:56 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3525
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from elements.org.cn
X-Cache-Lookup: NONE from elements.org.cn:8089
Via: 1.1 elements.org.cn (squid/3.5.20)
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url('/squid-internal-static/icons/SN.png') no-repeat left;
}

/* initial title */
#titles h1 {
	color: #000000;
}
#titles h2 {
	color: #000000;
}

/* special event: FTP success page titles */
#titles ftpsuccess {
	background-color:#00ff00;
	width:100%;
}

/* Page displayed body content area */
#content {
	padding: 10px;
	background: #ffffff;
}

/* General text */
p {
}

/* error brief description */
#error p {
}

/* some data which may have caused the problem */
#data {
}

/* the error message received from the system or other software */
#sysmsg {
}

pre {
    font-family:sans-serif;
}

/* special event: FTP / Gopher directory listing */
#dirmsg {
    font-family: courier;
    color: black;
    font-size: 10pt;
}
#dirlisting {
    margin-left: 2%;
    margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
    border-bottom: groove;
}
#dirlisting td.size {
    width: 50px;
    text-align: right;
    padding-right: 5px;
}

/* horizontal lines */
hr {
	margin: 0;
}

/* page displayed footer area */
#footer {
	font-size: 9px;
	padding-left: 10px;
}


body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
 --></style>
</head><body id=ERR_INVALID_URL>
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>

<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>

<blockquote id="error">
<p><b>Invalid URL</b></p>
</blockquote>

<p>Some aspect of the requested URL is incorrect.</p>

<p>Some possible problems are:</p>
<ul>
<li><p>Missing or incorrect access protocol (should be <q>http://</q> or similar)</p></li>
<li><p>Missing hostname</p></li>
<li><p>Illegal double-escape in the URL-Path</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
</ul>

<p>Your cache administrator is <a href="mailto:root?subject=CacheErrorInfo%20-%20ERR_INVALID_URL&amp;body=CacheHost%3A%20elements.org.cn%0D%0AErrPage%3A%20ERR_INVALID_URL%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Mon,%2006%20May%202024%2018%3A51%3A56%20GMT%0D%0A%0D%0AClientIP%3A%20224.70.103.2%0D%0A%0D%0AHTTP%20Request%3A%0D%0A%0D%0A%0D%0A">root</a>.</p>
<br>
</div>

<hr>
<div id="footer">
<p>Generated Mon, 06 May 2024 18:51:56 GMT by elements.org.cn (squid/3.5.20)</p>
<!-- ERR_INVALID_URL -->
</div>
</body></html>

-382979370 | 2024-05-18T21:20:37.243415

8500 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 34
Connection: keep-alive

please add white ip 224.63.228.126

-1738445489 | 2024-05-25T18:16:53.932093

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 25 May 2024 18:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

0

114.106.135.77

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

267296285 | 2024-05-31T23:36:27.393999
1723 / tcp

PPTP

1253771759 | 2024-05-14T19:24:23.632714
3306 / tcp

2022533378 | 2024-05-13T23:34:56.657551
7777 / tcp

-1102197224 | 2024-05-06T18:52:36.728965
8089 / tcp

-382979370 | 2024-05-18T21:20:37.243415
8500 / tcp

-1738445489 | 2024-05-25T18:16:53.932093
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

114.106.135.77

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

267296285 | 2024-05-31T23:36:27.393999 1723 / tcp

PPTP

1253771759 | 2024-05-14T19:24:23.632714 3306 / tcp

2022533378 | 2024-05-13T23:34:56.657551 7777 / tcp

-1102197224 | 2024-05-06T18:52:36.728965 8089 / tcp

-382979370 | 2024-05-18T21:20:37.243415 8500 / tcp

-1738445489 | 2024-05-25T18:16:53.932093 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

267296285 | 2024-05-31T23:36:27.393999
1723 / tcp

1253771759 | 2024-05-14T19:24:23.632714
3306 / tcp

2022533378 | 2024-05-13T23:34:56.657551
7777 / tcp

-1102197224 | 2024-05-06T18:52:36.728965
8089 / tcp

-382979370 | 2024-05-18T21:20:37.243415
8500 / tcp

-1738445489 | 2024-05-25T18:16:53.932093
9000 / tcp