GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui province network
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 444 1337 1701 3503 9000

1738840878 | 2024-05-19T08:31:06.715133

22 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDrletoS7D/wQIsOFN82KOn56HwxjdQugOzbncBQH7zirdr
EZhrPyvIS84PM9Mf3OChrrvpMRwyBu4omXLhUyE7LsVwbauQtNyLqs5bM+6B51Q6mGLPe3Gk+7ou
jfZl4d+GdffZXjuW/yjS6sOse03P/uYsH9OQQCHFmBlsqXEiF/6hZXYxE49AjRrXObGO5YsrRVlf
vcuzUtRYHMYQhhl+X14ovm9ulGhga03REtwcd8JdRxt84wYGPDxS8EO0GQ7bCDDZWmLfFzuLDsPt
BeQeA5089i2GblLhSgVyWD3vArNGR1Z3ktLFSPfYxcPfAiJaSAcrwaplCHSzKqmxJ8Cz
Fingerprint: 29:ac:dd:53:69:29:52:f0:c9:76:88:8a:0f:e8:57:d8

Kex Algorithms:
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-255135948 | 2024-05-11T18:05:55.689938

444 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 33
Connection: keep-alive

please add white ip 224.49.163.71

1387312863 | 2024-05-21T01:56:54.798007

1337 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

please add white ip 224.96.57.21

2134692982 | 2024-05-13T15:38:14.977991

1701 / udp

\xc8\x02\x00^\x00\x00\x00\x00\x00\x00\x00\x01\x80\x08\x00\x00\x00\x00\x00\x02\x80\x08\x00\x00\x00\x02\x01\x00\x80\n\x00\x00\x00\x03\x00\x00\x00\x01\x80\n\x00\x00\x00\x04\x00\x00\x00\x00\x00\x08\x00\x00\x00\x06\x00\x01\x80\x08\x00\x00\x00\x0737\x00\x0e\x00\x00\x00\x08MikroTik\x80\x08\x00\x00\x00\t4\xfb\x80\x08\x00\x00\x00\n\x00\x04

-194084543 | 2024-05-17T20:26:30.812365

3503 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 34
Connection: keep-alive

please add white ip 224.49.237.210

-2094153445 | 2024-05-12T05:02:05.356603

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 12 May 2024 05:02:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

0

183.166.1.5

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1738840878 | 2024-05-19T08:31:06.715133
22 / tcp

OpenSSH7.2p2 Ubuntu-4ubuntu2.8

-255135948 | 2024-05-11T18:05:55.689938
444 / tcp

1387312863 | 2024-05-21T01:56:54.798007
1337 / tcp

2134692982 | 2024-05-13T15:38:14.977991
1701 / udp

-194084543 | 2024-05-17T20:26:30.812365
3503 / tcp

-2094153445 | 2024-05-12T05:02:05.356603
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

183.166.1.5

Last Seen: 2024-05-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1738840878 | 2024-05-19T08:31:06.715133 22 / tcp

OpenSSH7.2p2 Ubuntu-4ubuntu2.8

-255135948 | 2024-05-11T18:05:55.689938 444 / tcp

1387312863 | 2024-05-21T01:56:54.798007 1337 / tcp

2134692982 | 2024-05-13T15:38:14.977991 1701 / udp

-194084543 | 2024-05-17T20:26:30.812365 3503 / tcp

-2094153445 | 2024-05-12T05:02:05.356603 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1738840878 | 2024-05-19T08:31:06.715133
22 / tcp

-255135948 | 2024-05-11T18:05:55.689938
444 / tcp

1387312863 | 2024-05-21T01:56:54.798007
1337 / tcp

2134692982 | 2024-05-13T15:38:14.977991
1701 / udp

-194084543 | 2024-05-17T20:26:30.812365
3503 / tcp

-2094153445 | 2024-05-12T05:02:05.356603
9000 / tcp