GeneralInformation

Country	China
City	Beijing
Organization	21ViaNet(China),Inc.
ISP	Abitcool(China) Inc.
ASN	AS9308

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

-652665405 | 2024-04-28T16:04:01.372469

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.19.1
Date: Sun, 28 Apr 2024 16:04:01 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

-652665405 | 2024-04-27T15:24:54.977050

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.19.1
Date: Sat, 27 Apr 2024 15:24:54 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:33:a5:bc:a2:33:50:5d:fa:7d:3d:73:3e:06:c8:f7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=Acme Co, CN=Kubernetes Ingress Controller Fake Certificate
        Validity
            Not Before: Feb 28 19:17:41 2024 GMT
            Not After : Feb 27 19:17:41 2025 GMT
        Subject: O=Acme Co, CN=Kubernetes Ingress Controller Fake Certificate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:11:cd:7f:e4:51:68:67:cb:0a:7c:0b:df:d6:
                    f6:d6:d8:93:6f:d5:74:db:a1:f2:65:25:ad:b5:61:
                    e3:ff:22:b7:05:15:4a:07:f1:45:7d:65:22:07:52:
                    f0:81:c1:39:fd:fa:95:1d:28:3d:2f:14:b1:db:cd:
                    0f:3f:26:1c:16:fc:cb:64:25:d4:5b:48:d3:60:ec:
                    11:2f:b9:29:07:66:f9:59:fa:b3:d0:e0:7c:5f:6f:
                    b5:63:d8:aa:36:d5:bb:7a:70:fa:cd:e1:d1:2c:c8:
                    36:12:d1:43:7c:6a:4a:18:0c:52:81:48:5b:3c:1d:
                    50:1e:66:f0:23:d7:95:b1:a6:25:8e:6f:0e:e5:4c:
                    8b:08:ae:f1:0c:82:81:e5:c8:2d:6b:b8:02:66:cf:
                    35:b7:0d:f6:4c:16:27:31:0e:9b:36:47:c9:d1:fc:
                    45:c0:11:80:69:7e:c1:5f:9b:14:46:ca:a3:eb:ce:
                    61:9d:d1:27:1b:63:8a:51:a3:c8:fb:10:2b:6c:94:
                    cd:0e:e2:17:0d:1b:98:de:58:12:c3:bf:9b:97:51:
                    f0:8a:3c:bf:02:c2:6c:51:b1:23:af:2f:98:51:d4:
                    3a:5a:c7:2b:f2:ce:a3:54:e9:41:47:63:08:cd:97:
                    69:69:b4:2d:70:7f:7d:c7:e0:4f:6d:e7:0a:a9:24:
                    a7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ingress.local
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        cf:a0:b9:94:55:33:55:85:1f:ba:cc:50:39:38:e1:96:c4:16:
        35:9e:0c:c9:ec:f0:2c:01:41:51:f6:21:33:81:56:5f:16:6a:
        58:79:78:21:6c:30:08:ed:56:f7:6d:b0:ac:02:3c:e3:84:fe:
        dd:c2:bc:1c:43:1c:40:21:14:53:55:f8:c1:48:aa:af:62:17:
        c6:dd:fb:21:ce:72:71:86:fd:47:07:dd:04:dd:10:11:82:ce:
        68:c1:8f:ae:9b:be:72:eb:bb:34:b8:02:c7:d7:8e:de:2d:3d:
        95:13:94:dc:fa:80:6c:85:d3:8c:c5:e8:2a:51:2b:0e:29:44:
        7a:0e:f4:7a:09:7d:6b:b2:2c:69:d2:3a:84:8d:6d:73:ac:7e:
        e8:79:80:de:57:2b:04:6a:64:58:bc:3e:5a:48:08:e6:88:24:
        a0:1e:a7:18:d1:94:04:86:9a:38:7d:91:59:d2:60:00:87:46:
        ff:7c:cd:79:a7:24:17:56:9a:00:e3:96:aa:44:85:63:07:62:
        0a:2d:a9:e1:c1:2d:84:59:6a:42:9e:53:41:22:45:05:62:fa:
        25:b5:24:b9:06:9e:37:aa:bd:af:44:9a:1c:81:f8:cf:3f:45:
        ce:cd:5b:c5:f7:44:e5:0c:87:30:96:c0:13:a1:95:0f:ab:3e:
        8f:8c:d9:d4

120.133.22.157

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-652665405 | 2024-04-28T16:04:01.372469
80 / tcp

nginx1.19.1

-652665405 | 2024-04-27T15:24:54.977050
443 / tcp

nginx1.19.1

Products

Pricing

Contact Us

120.133.22.157

Last Seen: 2024-04-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-652665405 | 2024-04-28T16:04:01.372469 80 / tcp

nginx1.19.1

-652665405 | 2024-04-27T15:24:54.977050 443 / tcp

nginx1.19.1

Products

Pricing

Contact Us

-652665405 | 2024-04-28T16:04:01.372469
80 / tcp

-652665405 | 2024-04-27T15:24:54.977050
443 / tcp