GeneralInformation

Hostnames	45.131.41.120.broad.xm.fj.dynamic.163data.com.cn
Domains	163data.com.cn
Country	China
City	Xiamen
Organization	CHINANET FUJIAN PROVINCE NETWORK
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 4433 9000

-1516543528 | 2024-05-14T23:35:15.547776

22 / tcp

SSH-2.0-NyL_y
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDSg2nMB4NCb9kwHZav5ywFqzhKGOdpRvs3UylMaTVxTrW7
z3qA56/XBaCbIw59PLaeHQFY9XcaPjVmhoRijcwjtSeJzwPOJ5e++RvPjkBd+5jy+dQRtOxzmi/m
+4vw8APYsRZpIHn6b8I3n74y6Ld15YGrsSXTglLFPwutcOYx0Qq6deftGxVdJrjE1xqSfuyrkGyh
NB8mvVzJKeCk67guU12kd48fTJv2DxcFhVqejwCN5BahDPERGvBjFCvU0XeuNrZ8qGlFPDq+L5o/
tjKsx+vXqnQ2Wn2U/kAbG34Xs41UFNLF9yhPQuRaABXnQo3mWJDUr5XJNDxnmr6x6h65
Fingerprint: fe:b7:fc:f7:0d:4e:20:1d:63:1b:7c:64:3e:66:81:74

Kex Algorithms:
	curve25519-sha256@libssh.org
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1
	hmac-ripemd160-etm@openssh.com
	hmac-ripemd160
	hmac-ripemd160@openssh.com

Compression Algorithms:
	none
	zlib@openssh.com

1512856075 | 2024-05-11T01:53:44.943227

4433 / tcp

HTTP/1.1 404 Not Found
Date: Sat, 11 May 2024 01:53:44 GMT
Server: Apache
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 302564068 (0x1208c2e4)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=Fortinet Ltd., CN=FortiGate
        Validity
            Not Before: Sep  1 04:01:55 2023 GMT
            Not After : Dec  4 04:01:55 2025 GMT
        Subject: O=Fortinet Ltd., CN=FortiGate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d2:83:69:cc:07:83:42:6f:d9:30:1d:96:af:e7:
                    2c:05:ab:38:4a:18:e7:69:46:fb:37:53:29:4c:69:
                    35:71:4e:b5:bb:cf:7a:80:e7:af:d7:05:a0:9b:23:
                    0e:7d:3c:b6:9e:1d:01:58:f5:77:1a:3e:35:66:86:
                    84:62:8d:cc:23:b5:27:89:cf:03:ce:27:97:be:f9:
                    1b:cf:8e:40:5d:fb:98:f2:f9:d4:11:b4:ec:73:9a:
                    2f:e6:fb:8b:f0:f0:03:d8:b1:16:69:20:79:fa:6f:
                    c2:37:9f:be:32:e8:b7:75:e5:81:ab:b1:25:d3:82:
                    52:c5:3f:0b:ad:70:e6:31:d1:0a:ba:75:e7:ed:1b:
                    15:5d:26:b8:c4:d7:1a:92:7e:ec:ab:90:6c:a1:34:
                    1f:26:bd:5c:c9:29:e0:a4:eb:b8:2e:53:5d:a4:77:
                    8f:1f:4c:9b:f6:0f:17:05:85:5a:9e:8f:00:8d:e4:
                    16:a1:0c:f1:11:1a:f0:63:14:2b:d4:d1:77:ae:36:
                    b6:7c:a8:69:45:3c:3a:be:2f:9a:3f:b6:32:ac:c7:
                    eb:d7:aa:74:36:5a:7d:94:fe:40:1b:1b:7e:17:b3:
                    8d:54:14:d2:c5:f7:28:4f:42:e4:5a:00:15:e7:42:
                    8d:e6:58:90:d4:af:95:c9:34:3c:67:9a:be:b1:ea:
                    1e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        af:4a:a1:85:e8:df:a2:7f:7e:ef:3f:74:08:a3:2d:6f:5d:fe:
        08:da:a9:da:a9:4f:6d:18:ff:01:2d:4c:8d:57:d4:14:22:02:
        48:9a:5c:09:8a:ea:13:5a:20:b5:b8:0c:f2:2d:c3:f0:f8:ee:
        f3:db:f6:2a:b8:fe:9e:b7:e7:78:9e:dd:2b:09:04:bc:2b:9b:
        f0:6c:de:c1:8d:50:1d:c0:b2:a0:1f:62:3f:c6:c7:5a:3d:51:
        c2:ce:99:53:03:f0:ce:18:bd:77:2f:22:7e:34:32:e2:57:ab:
        25:24:55:34:95:f1:bf:f1:cf:3b:49:7d:f0:33:43:f6:08:1c:
        09:95:e2:16:a2:bd:4e:b4:30:0c:09:32:37:70:2b:6c:85:aa:
        fe:c0:cc:b4:39:19:4d:e4:dc:38:3a:fd:7b:a3:02:9e:96:e5:
        74:70:81:7a:72:fc:b9:00:86:a3:af:87:81:cc:fb:14:16:5e:
        4e:4b:cd:dd:e4:a7:8c:51:31:a5:83:db:ef:12:52:0c:0f:f9:
        fd:68:14:2e:c2:46:b4:04:9a:87:02:f5:8d:5a:33:a0:50:df:
        8b:be:c8:1a:41:8a:85:10:2c:78:e4:33:75:e1:ba:3a:2d:74:
        92:e0:93:6e:d2:a9:b1:b3:e6:d9:02:b2:b4:c2:28:03:90:5c:
        be:b9:9f:a5

395977253 | 2024-05-06T00:07:39.089072

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 May 2024 00:07:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

120.41.131.45

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1516543528 | 2024-05-14T23:35:15.547776
22 / tcp

1512856075 | 2024-05-11T01:53:44.943227
4433 / tcp

395977253 | 2024-05-06T00:07:39.089072
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

120.41.131.45

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1516543528 | 2024-05-14T23:35:15.547776 22 / tcp

1512856075 | 2024-05-11T01:53:44.943227 4433 / tcp

395977253 | 2024-05-06T00:07:39.089072 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-1516543528 | 2024-05-14T23:35:15.547776
22 / tcp

1512856075 | 2024-05-11T01:53:44.943227
4433 / tcp

395977253 | 2024-05-06T00:07:39.089072
9000 / tcp