GeneralInformation

Hostnames	182-161-122-servers.makeshop.co.kr
Domains	makeshop.co.kr
Country	Korea, Republic of
City	Seoul
Organization	KINX
ISP	CONNECTWAVE
ASN	AS46003

WebTechnologies

Programming languages

Python

Web frameworks

Django

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

3000 8000 9000

1159650554 | 2024-04-14T13:00:10.482376

3000 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
Date: Sun, 14 Apr 2024 13:00:10 GMT
Transfer-Encoding: chunked

-2035287118 | 2024-05-01T19:11:50.444222

8000 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 19:11:50 GMT
Content-Type: text/html
Content-Length: 13931
Connection: keep-alive
Expires: Wed, 01 May 2024 19:11:50 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
Vary: Accept-Language, Cookie
Content-Language: en
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: default-src 'none'; font-src 'self' data:; connect-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'nonce-CCu1UpcjIXWAT0w5rlzkXw=='; base-uri 'none'; img-src 'self' blob: data: https://secure.gravatar.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; object-src 'none'
Set-Cookie: sc=OCtdw1UE1svGdaHXLyXl3lw3IUizOu3m7ThY2sXJfZ6rn5YBXtCfHbyjhIJr9BQ0; expires=Wed, 30 Apr 2025 19:11:50 GMT; Max-Age=31449600; Path=/; SameSite=Lax
Set-Cookie: sentrysid=eyJ0ZXN0Y29va2llIjoid29ya2VkIn0:1s2FMs:xAVB7za1eSoG5tlVjMIUol96q2ZRzBjNwnsYhYMdFMQ; expires=Wed, 15 May 2024 19:11:50 GMT; HttpOnly; Max-Age=1209600; Path=/

1030390055 | 2024-05-03T08:16:52.925620

9000 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 03 May 2024 08:16:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 963
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Allow-Credentials: true

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<!-- Copyright 2008 Orbitz WorldWide

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License. -->

<html>
  <head>
    <title>Graphite Browser</title>
  </head>


<frameset rows="80,*" frameborder="1" border="1">
  <frame src="/browser/header" name="Header" id='header' scrolling="no" noresize="true" />
  
    <frame src="/composer?" name="content" id="composerFrame"/>
  
</frameset>
</html>

182.161.122.92

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1159650554 | 2024-04-14T13:00:10.482376
3000 / tcp

Grafana (Open Source)10.2.2

-2035287118 | 2024-05-01T19:11:50.444222
8000 / tcp

nginx

1030390055 | 2024-05-03T08:16:52.925620
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

182.161.122.92

Last Seen: 2024-05-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1159650554 | 2024-04-14T13:00:10.482376 3000 / tcp

Grafana (Open Source)10.2.2

-2035287118 | 2024-05-01T19:11:50.444222 8000 / tcp

nginx

1030390055 | 2024-05-03T08:16:52.925620 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1159650554 | 2024-04-14T13:00:10.482376
3000 / tcp

-2035287118 | 2024-05-01T19:11:50.444222
8000 / tcp

1030390055 | 2024-05-03T08:16:52.925620
9000 / tcp