GeneralInformation

Hostnames	sv.cncsofts.com peapros.com www.peapros.com
Domains	cncsofts.com peapros.com
Country	Viet Nam
City	Hanoi
Organization	Vietnam Posts and Telecommunications Group
ISP	VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
ASN	AS135905
Operating System	Windows

WebTechnologies

CDN

JavaScript libraries

Miscellaneous

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	6.1Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2010-3972	Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-1899	Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

80 443

1489525118 | 2024-04-18T01:46:12.731910

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 18 Apr 2024 01:46:13 GMT
Connection: close
Content-Length: 315

-461754288 | 2024-04-17T12:36:25.074271

443 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 12:36:24 GMT
Content-Length: 54784

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:bd:70:05:f5:f1:cb:da:a6:1f:de:a4:94:f1:d1:c2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Nov 22 00:00:00 2023 GMT
            Not After : Nov 21 23:59:59 2024 GMT
        Subject: CN=www.peapros.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c2:e5:6f:98:97:1f:0c:b0:66:3d:ba:61:a2:24:
                    2b:e9:d0:10:25:d7:d6:e8:99:b3:e0:40:28:d7:bc:
                    3c:84:e6:ab:47:bd:01:70:d7:54:83:98:ac:b8:a5:
                    1a:f7:99:d9:09:2a:d6:1c:66:1e:aa:ed:ba:f4:e3:
                    3d:c7:8c:3d:4d:7d:ef:ce:9c:98:f7:f6:77:c4:47:
                    4c:28:77:e2:bc:f8:5a:6a:70:69:cf:db:c2:70:18:
                    b7:3a:d8:12:97:db:2d:9b:54:3d:c1:8f:7b:3b:7f:
                    f6:d3:b6:4a:af:2d:3a:30:44:18:4b:8e:5e:92:68:
                    65:4d:8d:6a:96:cc:1e:bc:17:60:99:5b:91:06:12:
                    c4:7d:00:5b:93:e7:8d:cf:76:81:59:43:24:6a:91:
                    61:c4:cd:44:01:af:20:4a:d8:01:89:fd:9d:91:a6:
                    47:83:5f:2a:40:34:95:0d:07:84:6d:e2:74:12:bc:
                    11:bb:5d:60:b1:0b:a8:d2:de:f5:88:1a:5c:fa:98:
                    85:99:22:c4:ed:16:9f:37:52:24:86:df:d3:68:2d:
                    75:90:38:3e:71:e0:95:5e:76:ae:80:99:19:f4:2b:
                    9e:d5:00:74:68:f1:d5:bc:fe:ec:8f:3c:32:9b:b8:
                    4e:71:45:69:0b:d0:86:fa:e6:df:49:b1:63:4a:bd:
                    28:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                31:E5:BE:8E:0D:A6:F8:64:91:06:38:48:7B:70:67:A4:94:82:AB:62
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:www.peapros.com, DNS:peapros.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Nov 22 08:06:29.877 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6C:43:5E:87:77:D0:91:FF:0B:E5:F6:4A:
                                1B:CC:4E:B0:B0:BC:98:B7:35:52:0C:D3:5E:D9:40:81:
                                D4:09:42:8E:02:20:6F:72:7C:17:B4:0E:EE:6F:F9:BE:
                                FF:DD:C8:A2:57:1C:12:E3:30:11:66:0E:B6:96:0D:7B:
                                E4:5D:1B:53:04:54
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Nov 22 08:06:30.094 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B5:B2:91:31:E3:10:2A:16:3A:EF:D6:
                                B9:9D:00:66:60:1C:52:02:7B:C4:26:11:E7:E4:74:9C:
                                BC:AA:DC:0E:26:02:20:5D:D3:C4:E2:4A:93:F8:4D:AD:
                                FF:4B:2D:BE:73:EC:44:F7:64:CA:02:88:62:A5:81:5C:
                                FF:C0:55:45:6A:0F:E5
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 22 08:06:29.925 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:02:1F:D9:71:BE:D7:34:08:08:B5:71:5B:
                                14:FA:6A:5B:59:42:90:9B:53:4F:58:07:67:40:55:DB:
                                6F:24:AD:EE:02:21:00:B8:E8:6D:F7:D0:AE:54:00:B2:
                                5C:65:79:26:C8:68:23:5F:20:F7:1C:91:5D:80:3C:15:
                                B8:DD:54:5E:E0:7D:F4
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8e:44:28:35:7d:96:85:45:23:a2:05:f7:ca:cb:56:5f:2b:3a:
        f4:92:00:85:96:46:ab:2d:87:a4:ed:3b:ba:48:15:a5:d4:a2:
        69:96:6c:88:49:42:7c:da:30:4e:64:80:02:89:e8:26:df:e1:
        34:16:ab:c7:b0:55:e5:ff:dd:c3:1b:e7:7c:44:9c:2d:95:9a:
        a1:6c:15:e7:80:fb:f2:36:02:86:60:67:f3:f4:aa:a3:d2:f0:
        2f:96:c8:42:b6:4d:7c:90:e3:12:3c:db:2c:04:1e:f6:11:92:
        9a:a8:48:29:e8:6a:33:07:62:2b:b2:5e:1a:32:af:20:fe:e3:
        75:e9:aa:6d:e5:16:69:ba:cb:8a:8b:95:51:b6:04:91:78:cc:
        15:a1:76:54:3c:e1:7c:f9:33:b0:b4:fc:d0:92:d4:c8:50:1f:
        56:73:bb:1e:3c:1a:f6:23:97:f2:bc:5c:25:47:e6:0d:e7:ce:
        50:2d:9d:47:b5:80:59:2a:c0:66:d9:81:7b:72:7b:06:74:56:
        e8:77:0e:c4:39:88:6d:28:ea:d2:b7:cb:92:35:c3:c9:31:31:
        3a:8e:4b:f3:a2:ca:29:56:95:50:6b:10:04:6a:77:3d:0b:6e:
        ee:9a:e3:8b:ef:f5:95:5e:71:31:cd:7c:69:b1:07:d3:c1:9a:
        13:73:46:20

123.31.31.16

Last Seen: 2024-04-18

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1489525118 | 2024-04-18T01:46:12.731910
80 / tcp

Microsoft HTTPAPI httpd2.0

-461754288 | 2024-04-17T12:36:25.074271
443 / tcp

Microsoft IIS httpd7.5

Products

Pricing

Contact Us

123.31.31.16

Last Seen: 2024-04-18

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1489525118 | 2024-04-18T01:46:12.731910 80 / tcp

Microsoft HTTPAPI httpd2.0

-461754288 | 2024-04-17T12:36:25.074271 443 / tcp

Microsoft IIS httpd7.5

Products

Pricing

Contact Us

1489525118 | 2024-04-18T01:46:12.731910
80 / tcp

-461754288 | 2024-04-17T12:36:25.074271
443 / tcp