GeneralInformation

Hostnames	api.szk.bjcipt.com
Domains	bjcipt.com
Country	China
City	Beijing
Organization	Beijing Bitone United Networks Technology Service Co.,Ltd.
ISP	China Unicom Beijing Province Network
ASN	AS4808

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

834175644 | 2024-05-09T02:13:22.309667

80 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.2
Date: Thu, 09 May 2024 02:13:21 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://www.bjcipt.com

-2024578652 | 2024-05-15T03:17:16.333960

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 15 May 2024 03:17:16 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 45
Connection: keep-alive
Set-Cookie: JSESSIONID=6D408D4E0E145D6496F68C35586D1386; Path=/; HttpOnly

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:71:91:2b:b1:9b:a0:b4:d0:76:65:86:80:dd:d9:0c
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia RSA DV TLS CA G2
        Validity
            Not Before: Feb 22 00:00:00 2024 GMT
            Not After : Feb 21 23:59:59 2025 GMT
        Subject: CN=api.szk.bjcipt.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9f:da:4f:01:96:ac:81:83:4b:fd:2d:b0:de:09:
                    90:55:31:a2:ed:ba:3d:7a:da:11:d5:21:45:85:17:
                    92:49:1e:d1:f9:a6:ed:2d:39:47:2b:52:4d:95:46:
                    d4:00:7a:60:03:75:bf:40:a7:78:e9:07:d7:4c:15:
                    e8:64:14:8e:4c:7a:5f:cf:27:c1:a7:ff:60:6e:f1:
                    fb:cb:03:43:ed:3e:c6:3c:9e:d1:db:50:b1:55:fe:
                    df:06:d7:60:e6:74:41:05:c3:07:b5:3c:a3:3d:ba:
                    39:71:cb:18:0f:a2:ea:37:4f:c5:a1:40:48:be:b1:
                    f3:2c:cc:eb:54:c5:7c:62:03:f2:62:0c:72:5a:fd:
                    48:c0:29:f9:0f:24:07:a3:ef:4c:0e:e4:c9:ca:c5:
                    31:49:05:33:e5:5e:f9:1d:d5:7b:cd:30:7b:e2:98:
                    d5:7a:62:38:2b:7a:cb:e8:c4:35:56:18:3d:e6:9d:
                    8c:5f:74:77:6a:24:84:da:26:63:b4:b8:78:2f:5f:
                    5e:73:df:d6:0c:86:11:01:98:01:1e:2a:2f:bb:47:
                    e8:9f:e8:d2:38:fe:93:c8:ad:32:d7:8d:38:0f:c4:
                    b4:2c:88:f3:ec:aa:ee:ca:d9:02:04:fc:3a:ce:8b:
                    ab:6c:6e:a1:ef:71:fc:ec:75:2e:9c:ba:87:bb:f2:
                    65:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                5F:3A:7C:11:10:7E:0C:67:71:61:DC:8B:A3:B5:00:03:67:F5:57:1C
            X509v3 Subject Key Identifier: 
                8C:A4:58:5E:43:C6:4E:43:25:29:E7:A0:8E:C1:C2:D7:A3:A3:F9:B7
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.49
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.trust-provider.cn/TrustAsiaRSADVTLSCAG2.crt
                OCSP - URI:http://ocsp.trust-provider.cn
            X509v3 Subject Alternative Name: 
                DNS:api.szk.bjcipt.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Feb 22 05:51:46.810 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EB:B3:86:1E:C0:06:DD:7B:6F:52:BE:
                                38:06:91:6A:72:04:F6:81:69:86:F8:95:99:47:01:31:
                                76:71:32:D4:5D:02:21:00:9C:85:AD:7B:08:01:9D:70:
                                66:00:AA:05:D6:C7:AB:34:CC:03:E5:CC:86:A8:28:1B:
                                52:E7:47:1D:FC:CB:AA:85
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 22 05:51:46.984 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:79:8D:2E:35:B0:D7:E6:48:DC:2C:5B:42:
                                9B:7C:50:97:81:0E:29:C2:E9:BC:50:1B:55:C4:04:20:
                                B8:C4:CF:9D:02:21:00:93:00:83:75:BF:66:02:A6:D9:
                                7D:CD:4D:85:8F:30:E9:AA:FC:E5:69:37:95:E6:26:A7:
                                34:27:38:77:61:85:4E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 22 05:51:46.916 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A9:BB:62:D8:3D:6B:F5:73:60:93:2D:
                                57:AF:66:41:D7:02:55:DD:DE:46:C3:E1:D4:30:56:8E:
                                EE:3A:23:62:BF:02:20:6B:BC:71:B1:CC:F3:20:AC:19:
                                11:82:CF:5B:ED:8A:43:9B:A0:2F:9B:6D:96:0B:35:F7:
                                90:0A:23:01:52:9C:09
    Signature Algorithm: sha384WithRSAEncryption
    Signature Value:
        93:7a:c4:ee:f3:e6:14:47:36:db:e7:0f:7b:11:37:83:0a:bc:
        bd:f0:e4:a7:fb:80:29:3c:6b:4a:f8:48:d8:a7:c3:7c:16:3d:
        25:a8:45:c2:72:e9:f6:25:e2:7d:59:54:67:c0:e4:77:0c:07:
        e7:bc:f8:8e:03:f5:26:13:a9:11:8b:92:e8:61:f7:bb:4b:07:
        96:d7:09:cb:b3:01:cf:ac:c2:07:05:22:a2:4d:4c:00:26:48:
        5d:58:9e:ed:4c:77:f2:0c:0c:d9:c6:31:be:41:13:62:e9:d4:
        a4:37:41:8b:5f:94:a4:42:44:5f:3a:cb:0f:a8:d0:ff:7e:41:
        cd:db:4f:6e:22:aa:97:78:b1:33:ae:2d:29:33:42:df:52:b1:
        e3:30:23:e8:86:a2:58:84:93:a0:77:65:2c:93:d5:c7:5d:fa:
        1e:57:74:7c:8b:6c:a7:8e:1d:82:62:3c:f1:cd:3f:86:f3:ca:
        39:18:1e:b2:3f:0e:53:4c:f9:01:f7:cb:85:98:c4:ef:4f:3e:
        e1:20:88:ec:84:01:24:52:a6:af:34:ed:5a:3b:fa:30:2a:92:
        a3:cb:83:e4:e3:3f:b6:10:95:39:95:04:8b:2b:b0:50:45:7f:
        04:d6:38:79:18:f1:7d:d2:1b:63:90:f8:81:b7:39:91:d9:e4:
        80:7f:ac:a7:7d:47:f2:25:83:c1:44:52:13:f9:12:01:2b:43:
        01:0e:60:7d:c7:bf:ba:a8:69:26:62:88:c7:00:06:bc:4a:f7:
        b8:1a:ba:97:e7:19:ec:7a:78:3f:ee:83:0a:1a:68:ee:b7:ed:
        01:80:bf:b7:0c:b1:4c:66:6d:63:df:af:95:f0:4e:f8:a2:cd:
        d2:4f:b3:52:08:3c:b4:0b:9b:e5:ce:de:f4:16:89:ac:4f:04:
        19:e0:de:98:1c:a7:06:b3:e5:a4:03:5c:30:f8:6c:e6:e7:ac:
        76:6d:bd:62:a1:9b:9e:2a:54:2d:b4:50:2c:01:fb:ee:b7:08:
        22:e1:16:58:24:07

218.241.235.146

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

834175644 | 2024-05-09T02:13:22.309667
80 / tcp

nginx1.20.2

-2024578652 | 2024-05-15T03:17:16.333960
443 / tcp

nginx1.20.2

Products

Pricing

Contact Us

218.241.235.146

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

834175644 | 2024-05-09T02:13:22.309667 80 / tcp

nginx1.20.2

-2024578652 | 2024-05-15T03:17:16.333960 443 / tcp

nginx1.20.2

Products

Pricing

Contact Us

834175644 | 2024-05-09T02:13:22.309667
80 / tcp

-2024578652 | 2024-05-15T03:17:16.333960
443 / tcp