GeneralInformation

Hostnames	125-227-102-217.hinet-ip.hinet.net www.justcan.com.tw
Domains	hinet.net justcan.com.tw
Country	Taiwan
City	Tainan
Organization	Data Communication Business Group,
ISP	Data Communication Business Group
ASN	AS3462
Operating System	Windows

WebTechnologies

Analytics

JavaScript libraries

Tag managers

UI frameworks

Video players

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 80 443 2000 8291

1166457582 | 2024-05-07T08:10:22.937031

21 / tcp

220 Gene6 FTP Server v3.10.0 (Build 2) ready...
530 Login or Password incorrect.
214-Supported Commands : (* unimplemented)
 ABOR  DELE  MKD   PWD   SIZE  USER
 ACCT* EPRT  MODE  QUIT  SMNT* XMD5
 ALLO  EPSV  NLST  REIN  SSCN  XMKD
 APPE  FEAT  NOOP  REST  STAT  XPWD
 CCC   HELP  PASS  RETR  STOR  XRMD
 CDUP  LIST  PASV  RMD   STOU  XSHA1
 CLNT  MDTM  PBSZ  RNFR  STRU  XCRC
 CPSV  MFCT  PORT  RNTO  SYST  XCUP
 CWD   MFMT  PROT  SITE  TYPE  XDEL
 
 SITE HELP
 SITE PSWD
 SITE ZONE
214 End.
211-Extensions supported:
 AUTH TLS
 CCC
 CLNT
 CPSV
 EPRT
 EPSV
 MDTM
 MFCT
 MFMT
 MLST type*;size*;create;modify*;
 MODE Z
 PASV
 PBSZ
 PROT
 REST STREAM
 SIZE
 SSCN
 TVFS
 UTF8
 XCRC "filename" SP EP
 XMD5 "filename" SP EP
 XSHA1 "filename" SP EP
211 End.

1489525118 | 2024-05-12T21:06:12.407871

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 12 May 2024 21:06:14 GMT
Connection: close
Content-Length: 315

1881008627 | 2024-05-13T14:33:44.284886

443 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: PHPSESSID=kqp7d4s32c2lif1ktne9atgm64; path=/
X-UA-Compatible: IE=edge,chrome=1
Set-Cookie: GRS[visit_times]=1; expires=Tue, 13-May-2025 14:29:04 GMT; Max-Age=31535999
Date: Mon, 13 May 2024 14:29:04 GMT
Content-Length: 44460

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:02:15:cd:64:80:5b:bf:ce:d3:6a:51:ee:f1:8e:11:2c:bb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 30 00:48:24 2024 GMT
            Not After : Jul 29 00:48:23 2024 GMT
        Subject: CN=www.justcan.com.tw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:c5:7c:f3:dd:f4:6a:7c:ac:de:ea:85:27:3d:d8:
                    5f:89:32:d1:ac:f1:c6:c7:ce:7f:dd:dd:2a:40:a3:
                    84:18:9e:b0:2c:ee:34:c5:72:e9:48:b5:70:18:33:
                    61:83:45:52:fb:cd:52:a6:d8:8c:c8:71:0e:e4:82:
                    0c:22:51:ce:7c:75:e7:b2:8e:89:35:f0:1b:b3:c5:
                    2d:8e:49:c6:ce:fd:e3:37:f5:80:4d:7f:da:3f:73:
                    fd:bc:1c:b0:d1:9a:bf:12:8a:3e:e0:a5:54:92:81:
                    b7:5e:d6:e3:30:68:95:88:6e:34:25:cd:c1:93:07:
                    14:b2:7d:22:53:46:5f:5c:ba:35:f2:10:74:52:b9:
                    6a:b8:88:93:a8:06:72:f4:1b:a3:df:59:56:7e:b6:
                    66:a6:03:99:3a:c8:f2:df:5d:89:a7:40:9b:fa:b2:
                    fe:14:f5:01:40:b7:d5:81:05:a8:ca:d5:2d:45:aa:
                    e5:80:bc:fc:20:53:7d:53:b2:d5:4f:2b:8d:65:f0:
                    cb:00:51:ef:9e:49:af:29:4f:8c:c3:50:a3:03:3e:
                    99:67:9e:85:ca:f3:47:c2:c5:af:e0:5d:cb:75:24:
                    79:4d:8b:f6:d8:93:98:0e:42:a5:bb:87:45:ce:2c:
                    4f:4d:2e:28:42:e0:c8:c6:d9:d2:07:58:68:62:2a:
                    cb:f1:74:ad:1c:4a:2c:77:f3:63:fc:d5:de:9b:a5:
                    9a:36:f4:7f:4b:ee:12:78:af:f8:0d:09:0a:4f:35:
                    cb:63:d1:33:9c:93:1e:15:6f:eb:5c:40:e3:3c:cc:
                    18:2e:65:17:cf:21:15:c2:02:4b:2b:14:24:e8:84:
                    00:f7:da:38:80:6b:62:d5:48:d1:0a:8c:85:cf:cc:
                    96:02:36:89:ca:d6:d9:c0:1a:66:9f:e1:94:a1:8c:
                    44:83:d1:88:3b:60:80:82:51:ef:36:52:85:7c:7a:
                    de:17:0e:8a:8c:38:84:97:81:da:bf:fb:fb:fa:63:
                    ae:34:15:c1:13:a7:56:fe:82:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                3E:DD:10:6E:07:F0:01:54:1A:B2:3D:19:E7:AC:4B:7C:A2:AD:56:88
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:www.justcan.com.tw
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 30 01:48:24.072 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BE:77:69:5E:29:30:01:7A:95:B0:7F:
                                D0:C6:00:46:1D:32:D1:AE:F2:9E:36:D3:03:0E:30:E9:
                                C2:C8:C1:30:9A:02:21:00:BE:44:6C:63:92:72:5A:CE:
                                03:EE:0C:34:06:AE:51:D6:5B:91:75:E7:8F:E6:1C:22:
                                9B:99:47:83:68:BD:DA:6F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 30 01:48:24.077 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B3:E0:C5:2C:9C:8D:3E:6F:70:01:C2:
                                DC:20:03:10:8B:A1:91:C5:85:43:59:F8:A1:4E:07:00:
                                6B:31:3C:FC:69:02:21:00:B6:A4:DE:45:19:8C:0A:17:
                                76:11:CA:F2:D7:DF:00:82:34:67:10:9C:59:E9:92:A3:
                                6A:43:24:9E:B3:A8:A2:EC
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1d:98:c9:f1:74:23:96:12:71:55:f8:62:0a:ac:9f:59:21:be:
        15:ea:e4:82:ca:88:b3:91:a8:94:e5:76:17:33:7c:3f:88:9a:
        85:fb:a0:89:87:fc:93:a4:99:81:d3:fb:e6:51:b8:77:0b:9b:
        1f:6d:63:16:61:af:19:43:6d:0b:2e:80:c4:46:f3:2f:da:8b:
        94:6e:89:da:2f:d5:fe:d1:d3:e0:2f:88:7a:e3:db:b6:9b:fa:
        6d:cb:95:60:cb:a1:0e:03:9f:b6:97:8e:d2:52:c3:f8:99:ff:
        2d:e5:4b:1e:a4:27:6d:0e:de:07:d6:bc:6a:eb:32:38:e9:ac:
        91:a5:76:32:ee:cb:97:0e:df:3a:60:70:3c:90:0d:ae:48:4d:
        0a:20:07:81:dd:8f:ac:d5:74:51:3b:24:61:3b:2b:0c:38:5c:
        68:66:ae:7a:ae:c8:b4:94:72:35:a8:2c:c1:a6:1d:13:de:1c:
        21:37:69:5a:ad:7c:e6:2e:da:dd:e8:92:66:91:50:8b:a5:ef:
        b9:f3:49:8f:75:7e:fc:bb:49:7d:5f:bc:fe:5b:8d:3a:f6:d0:
        a3:99:ad:4d:0b:32:f3:b5:f8:8f:90:71:75:99:b0:86:e8:64:
        a7:de:59:a3:29:ad:3f:f7:a8:29:ce:9a:d5:5f:90:68:c6:f9:
        dc:33:c1:5f

-1538260461 | 2024-04-26T07:53:33.505926

2000 / tcp

\x01\x00\x00\x00

-108628527 | 2024-05-07T07:03:19.838504

8291 / tcp

MikroTik Winbox:
  list:
    advtool.jg: 7.0.5
    dhcp.jg: 7.0.5
    hotspot.jg: 7.0.5
    icons.png: 7.0.5
    icons24.png: 
    icons32.png: 
    ipv6.jg: 7.0.5
    ppp.jg: 7.0.5
    roteros.jg: 7.0.5
    secure.jg: 7.0.5
    wlan6.jg: 7.0.5

125.227.102.217

Last Seen: 2024-05-13

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1166457582 | 2024-05-07T08:10:22.937031
21 / tcp

Gene6 ftpd3.10.0 build 2

1489525118 | 2024-05-12T21:06:12.407871
80 / tcp

Microsoft HTTPAPI httpd2.0

1881008627 | 2024-05-13T14:33:44.284886
443 / tcp

Microsoft IIS httpd8.5

-1538260461 | 2024-04-26T07:53:33.505926
2000 / tcp

MikroTik bandwidth-test server

-108628527 | 2024-05-07T07:03:19.838504
8291 / tcp

MikroTik Winbox

Products

Pricing

Contact Us

125.227.102.217

Last Seen: 2024-05-13

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1166457582 | 2024-05-07T08:10:22.937031 21 / tcp

Gene6 ftpd3.10.0 build 2

1489525118 | 2024-05-12T21:06:12.407871 80 / tcp

Microsoft HTTPAPI httpd2.0

1881008627 | 2024-05-13T14:33:44.284886 443 / tcp

Microsoft IIS httpd8.5

-1538260461 | 2024-04-26T07:53:33.505926 2000 / tcp

MikroTik bandwidth-test server

-108628527 | 2024-05-07T07:03:19.838504 8291 / tcp

MikroTik Winbox

Products

Pricing

Contact Us

1166457582 | 2024-05-07T08:10:22.937031
21 / tcp

1489525118 | 2024-05-12T21:06:12.407871
80 / tcp

1881008627 | 2024-05-13T14:33:44.284886
443 / tcp

-1538260461 | 2024-04-26T07:53:33.505926
2000 / tcp

-108628527 | 2024-05-07T07:03:19.838504
8291 / tcp