GeneralInformation

Country	China
City	Ningbo
Organization	CHINANET-ZJ Ningbo node network
ISP	CHINANET-BACKBONE
ASN	AS4134
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

81 6001 9998 9999

1025108384 | 2024-04-09T13:47:10.411330

81 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Date: Tue, 09 Apr 2024 13:47:11 GMT
Content-Type: text/html
Content-Length: 3566
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "6539e2d8-dee"

-1806707974 | 2024-04-28T18:57:44.426440

6001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 18:57:44 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

856818639 | 2024-04-29T21:30:12.722152

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 29 Apr 2024 21:30:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 166
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

-2104588023 | 2024-04-28T10:06:03.267182

9999 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 10:06:03 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

183.132.20.150

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1025108384 | 2024-04-09T13:47:10.411330
81 / tcp

nginx

-1806707974 | 2024-04-28T18:57:44.426440
6001 / tcp

nginx1.18.0

856818639 | 2024-04-29T21:30:12.722152
9998 / tcp

nginx1.18.0

-2104588023 | 2024-04-28T10:06:03.267182
9999 / tcp

nginx1.18.0

Products

Pricing

Contact Us

183.132.20.150

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1025108384 | 2024-04-09T13:47:10.411330 81 / tcp

nginx

-1806707974 | 2024-04-28T18:57:44.426440 6001 / tcp

nginx1.18.0

856818639 | 2024-04-29T21:30:12.722152 9998 / tcp

nginx1.18.0

-2104588023 | 2024-04-28T10:06:03.267182 9999 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1025108384 | 2024-04-09T13:47:10.411330
81 / tcp

-1806707974 | 2024-04-28T18:57:44.426440
6001 / tcp

856818639 | 2024-04-29T21:30:12.722152
9998 / tcp

-2104588023 | 2024-04-28T10:06:03.267182
9999 / tcp